pax_global_header00006660000000000000000000000064141771616540014526gustar00rootroot0000000000000052 comment=bba4160f6fc0a492ff1d84e4144ab7e3cabfc9c9 libica-4.0.1/000077500000000000000000000000001417716165400127535ustar00rootroot00000000000000libica-4.0.1/.gitignore000066400000000000000000000006561417716165400147520ustar00rootroot00000000000000aclocal.m4 ar-lib autom4te.cache/ compile config.guess config.log config.status config.sub configure depcomp install-sh libtool ltmain.sh missing test-driver Makefile.in doc/Makefile.in src/Makefile.in test/Makefile.in m4/libtool.m4 m4/ltoptions.m4 m4/ltsugar.m4 m4/ltversion.m4 m4/lt~obsolete.m4 src/*.gcda src/*.gcno src/*.gcov src/.libs/*.gcda src/.libs/*.gcno src/.libs/*.gcov test/*.gcda test/*.gcno test/*.gcov src/mp.S libica-4.0.1/.travis.yml000066400000000000000000000004621417716165400150660ustar00rootroot00000000000000dist: bionic language: c matrix: include: - name: "linux-s390x-gcc" os: linux arch: s390x compiler: gcc env: CONFIG_OPTS="--enable-fips --enable-internal-tests" before_script: - ./bootstrap.sh script: - ./configure $CONFIG_OPTS && make check libica-4.0.1/AUTHORS000066400000000000000000000003421417716165400140220ustar00rootroot00000000000000Holger Dengler Rainer Wolafka Ruben Straus Felix Beck Christian Maaser Patrick Steuer libica-4.0.1/ChangeLog000066400000000000000000000123151417716165400145270ustar00rootroot00000000000000v4.0.1 - [PATCH] Various bug fixes - [PATCH] Compute HMAC from installed library v4.0.0 - [UPDATE] NO_SW_FALLBACKS is now the default for libica.so [UPDATE] Removed deprecated API functions including tests [UPDATE] Introduced 'const' for some API function parameters [FEATURE] icastats: new parm -k to display detailed counters v3.9.0 - [FEATURE] Add support for OpenSSL 3.0 [FEATURE] icainfo: new parm -c to display available EC curves v3.8.0 - [FEATURE] provide libica-cex module to satisfy special security requirements [FEATURE] FIPS: enforce the HMAC check - [UPDATE] exploit autoselect domain support for ECC - [UPDATE] FIPS: Add SHA3 kats to fips powerup tests v3.7.0 - [FEATURE] FIPS: Add HMAC based library integrity check - [PATCH] icainfo: bugfix for RSA and EC related info for software column. - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests - [PATCH] FIPS: Fix DES and TDES key length - [PATCH] icastats: Fix stats counter format v3.6.1 - [PATCH] Fix x25519 and x448 handling of non-canonical values v3.6.0 - [FEATURE] Add MSA9 CPACF support for Ed25519, Ed448, X25519 and X448 v3.5.0 - [FEATURE] Add MSA9 CPACF support for ECDSA sign/verify v3.4.0 - [FEATURE] Add SHA-512/224 and SHA-512/256 support v3.3.3 - [PATCH] Various bug fixes v3.3.2 - [PATCH] Skip ECC tests if required HW is not available - [PATCH] Update spec file v3.3.1 - [PATCH] Fix configure.ac to honour CFLAGS v3.3.0 - [FEATURE] Add CEX supported elliptic-curve crypto interfaces - [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces - [FEATURE] Add interface to enable/disable SW fallbacks - [FEATURE] Add 'make check' target, test-suite rework v3.2.1 - [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG. - [PATCH] Various bug fixes. v3.2.0 - [FEATURE] New AES-GCM interface. - [UPDATE] Add symbol versioning. v3.1.1 - [PATCH] Various bug fixes related to old and new AES-GCM implementations. - [UPDATE] Add SHA3 test cases. Improved and extended test suite. v3.1.0 - [FEATURE] Add KMA support for AES-GCM. - [FEATURE] Add SHA-3 support. - [PATCH] Reject RSA keys with invalid key-length. - [PATCH] Allow zero output length for ica_random_number_generate. - [PATCH] icastats: Correct owner of shared segment when root creates it. v3.0.2 - [PATCH] Fix locking callbacks for openSSL APIs. v3.0.1 - [PATCH] Fixed msa level detection on zEC/BC12 GA1 and predecessors. v3.0.0 - [FEATURE] Added FIPS mode. - [PATCH] Sanitized exported symbols. - [PATCH] Removed deprecated APIs. Marked some APIs as deprecated. - [PATCH] Adapted to OpenSSL v1.1.0. - [PATCH] RSA key generation is thread-save now. v2.6.2 - [PATCH] Performance improvements for des-ctr, 3des-ctr and aes-ctr v2.6.1 - [Patch] Fixed buffer overflow on random generation - [Patch] Fixed DRBG entropy input - [Patch] Fixed icastats test case v2.6.0 - [FEATURE] Added NIST compliant deterministic random bit generator (DRBG) v2.5.0 - [FEATURE] Added streaming support for Galois Counter Mode (AES-GCM) - [FEATURE] Allow RSA Key generation for any granularity (57..4096 bits) - [FEATURE] New RSA CRT Key check API (Convertion of non-compliant keys) - [PATCH] Replaced deprecated RSA_key_generate function - [PATCH] Fixed accounting for GCM, CCM and CMAC. Added accounting for GHASH - [PATCH] Improved configure script to automatically build test cases - [UPDATE] Added SHA test cases. Improved and extended test suite v2.4.0 Reworked the statistic measurement facility (icastats) - Statistics are now collected independent from the process context - Statistic data gathered per user - User based statistic management (reset/delete/summerize) v2.3.0 Changes since Version 2.2.0: - Introduced new API to recieve list of supported algorithms v2.2.0 Introduce support for more MSA4 extensions. New symetric encryption modes: - CBC-CS (DES, TDES, AES-[128|192|256]) - CMAC (DES, TDES, AES-[128|192|256]) - CCM (AES-[128|192|256]) - GCM (AES-[128|256]) v2.1.1 Changes since Version 2.1.0: - [PATCH] synchronize shared memory ref counting - [PATCH] Fix result/error handling in testcase for ica_get_version() - [PATCH] Fix temporary buffer allocation in ica_get_version() - [UPDATE] Interface (API) description - [PATCH] Fix commandline argument checking in RSA testcase - [PATCH] Remove duplicate entry from target list v2.1.0 - Introduce support for MSA4 extensions. New symmetric encryption modes: CFB, CTR, OFB, XTS, CMAC - New API calls: - ica_get_version(...) v2.0.6 Fix for tracker item 3202845. Improve online help for icastats. v2.0.5 Fix for performance improvement Remove signal handler wrapping of crypto instructions. v2.0.4 Fix for STCK buffer length Correctly adjust the STCK buffer length in the PRNG based on whether we are running in 31 or 64 bit. v2.0.3 minor wording fix in icastats tool: changed output wording from SHAxxx to SHA-xxx Bugfix for: libica abends with illegal instuction when CPACF is disabled. v2.0.2 Bug fixes in asm, stcke for 31 bit, and fixes in programming samples v2.0.1 Add locking for shared memory segment, which is needed when icastats is linked dynamically against libica. v2.0 Substitute software fallbacks with lowlevel OpenSSL function calls. Rewrite most of libica. Only Linux on System z code. libica-4.0.1/INSTALL000066400000000000000000000366141417716165400140160ustar00rootroot00000000000000Installation Instructions ************************* Copyright (C) 1994-1996, 1999-2002, 2004-2016 Free Software Foundation, Inc. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without warranty of any kind. Basic Installation ================== Briefly, the shell command './configure && make && make install' should configure, build, and install this package. The following more-detailed instructions are generic; see the 'README' file for instructions specific to this package. Some packages provide this 'INSTALL' file but do not implement all of the features documented below. The lack of an optional feature in a given package is not necessarily a bug. More recommendations for GNU packages can be found in *note Makefile Conventions: (standards)Makefile Conventions. The 'configure' shell script attempts to guess correct values for various system-dependent variables used during compilation. It uses those values to create a 'Makefile' in each directory of the package. It may also create one or more '.h' files containing system-dependent definitions. Finally, it creates a shell script 'config.status' that you can run in the future to recreate the current configuration, and a file 'config.log' containing compiler output (useful mainly for debugging 'configure'). It can also use an optional file (typically called 'config.cache' and enabled with '--cache-file=config.cache' or simply '-C') that saves the results of its tests to speed up reconfiguring. Caching is disabled by default to prevent problems with accidental use of stale cache files. If you need to do unusual things to compile the package, please try to figure out how 'configure' could check whether to do them, and mail diffs or instructions to the address given in the 'README' so they can be considered for the next release. If you are using the cache, and at some point 'config.cache' contains results you don't want to keep, you may remove or edit it. The file 'configure.ac' (or 'configure.in') is used to create 'configure' by a program called 'autoconf'. You need 'configure.ac' if you want to change it or regenerate 'configure' using a newer version of 'autoconf'. The simplest way to compile this package is: 1. 'cd' to the directory containing the package's source code and type './configure' to configure the package for your system. Running 'configure' might take a while. While running, it prints some messages telling which features it is checking for. 2. Type 'make' to compile the package. 3. Optionally, type 'make check' to run any self-tests that come with the package, generally using the just-built uninstalled binaries. 4. Type 'make install' to install the programs and any data files and documentation. When installing into a prefix owned by root, it is recommended that the package be configured and built as a regular user, and only the 'make install' phase executed with root privileges. 5. Optionally, type 'make installcheck' to repeat any self-tests, but this time using the binaries in their final installed location. This target does not install anything. Running this target as a regular user, particularly if the prior 'make install' required root privileges, verifies that the installation completed correctly. 6. You can remove the program binaries and object files from the source code directory by typing 'make clean'. To also remove the files that 'configure' created (so you can compile the package for a different kind of computer), type 'make distclean'. There is also a 'make maintainer-clean' target, but that is intended mainly for the package's developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution. 7. Often, you can also type 'make uninstall' to remove the installed files again. In practice, not all packages have tested that uninstallation works correctly, even though it is required by the GNU Coding Standards. 8. Some packages, particularly those that use Automake, provide 'make distcheck', which can by used by developers to test that all other targets like 'make install' and 'make uninstall' work correctly. This target is generally not run by end users. Compilers and Options ===================== Some systems require unusual options for compilation or linking that the 'configure' script does not know about. Run './configure --help' for details on some of the pertinent environment variables. You can give 'configure' initial values for configuration parameters by setting variables in the command line or in the environment. Here is an example: ./configure CC=c99 CFLAGS=-g LIBS=-lposix *Note Defining Variables::, for more details. Compiling For Multiple Architectures ==================================== You can compile the package for more than one kind of computer at the same time, by placing the object files for each architecture in their own directory. To do this, you can use GNU 'make'. 'cd' to the directory where you want the object files and executables to go and run the 'configure' script. 'configure' automatically checks for the source code in the directory that 'configure' is in and in '..'. This is known as a "VPATH" build. With a non-GNU 'make', it is safer to compile the package for one architecture at a time in the source code directory. After you have installed the package for one architecture, use 'make distclean' before reconfiguring for another architecture. On MacOS X 10.5 and later systems, you can create libraries and executables that work on multiple system types--known as "fat" or "universal" binaries--by specifying multiple '-arch' options to the compiler but only a single '-arch' option to the preprocessor. Like this: ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ CPP="gcc -E" CXXCPP="g++ -E" This is not guaranteed to produce working output in all cases, you may have to build one architecture at a time and combine the results using the 'lipo' tool if you have problems. Installation Names ================== By default, 'make install' installs the package's commands under '/usr/local/bin', include files under '/usr/local/include', etc. You can specify an installation prefix other than '/usr/local' by giving 'configure' the option '--prefix=PREFIX', where PREFIX must be an absolute file name. You can specify separate installation prefixes for architecture-specific files and architecture-independent files. If you pass the option '--exec-prefix=PREFIX' to 'configure', the package uses PREFIX as the prefix for installing programs and libraries. Documentation and other data files still use the regular prefix. In addition, if you use an unusual directory layout you can give options like '--bindir=DIR' to specify different values for particular kinds of files. Run 'configure --help' for a list of the directories you can set and what kinds of files go in them. In general, the default for these options is expressed in terms of '${prefix}', so that specifying just '--prefix' will affect all of the other directory specifications that were not explicitly provided. The most portable way to affect installation locations is to pass the correct locations to 'configure'; however, many packages provide one or both of the following shortcuts of passing variable assignments to the 'make install' command line to change installation locations without having to reconfigure or recompile. The first method involves providing an override variable for each affected directory. For example, 'make install prefix=/alternate/directory' will choose an alternate location for all directory configuration variables that were expressed in terms of '${prefix}'. Any directories that were specified during 'configure', but not in terms of '${prefix}', must each be overridden at install time for the entire installation to be relocated. The approach of makefile variable overrides for each directory variable is required by the GNU Coding Standards, and ideally causes no recompilation. However, some platforms have known limitations with the semantics of shared libraries that end up requiring recompilation when using this method, particularly noticeable in packages that use GNU Libtool. The second method involves providing the 'DESTDIR' variable. For example, 'make install DESTDIR=/alternate/directory' will prepend '/alternate/directory' before all installation names. The approach of 'DESTDIR' overrides is not required by the GNU Coding Standards, and does not work on platforms that have drive letters. On the other hand, it does better at avoiding recompilation issues, and works well even when some directory options were not specified in terms of '${prefix}' at 'configure' time. Optional Features ================= If the package supports it, you can cause programs to be installed with an extra prefix or suffix on their names by giving 'configure' the option '--program-prefix=PREFIX' or '--program-suffix=SUFFIX'. Some packages pay attention to '--enable-FEATURE' options to 'configure', where FEATURE indicates an optional part of the package. They may also pay attention to '--with-PACKAGE' options, where PACKAGE is something like 'gnu-as' or 'x' (for the X Window System). The 'README' should mention any '--enable-' and '--with-' options that the package recognizes. For packages that use the X Window System, 'configure' can usually find the X include and library files automatically, but if it doesn't, you can use the 'configure' options '--x-includes=DIR' and '--x-libraries=DIR' to specify their locations. Some packages offer the ability to configure how verbose the execution of 'make' will be. For these packages, running './configure --enable-silent-rules' sets the default to minimal output, which can be overridden with 'make V=1'; while running './configure --disable-silent-rules' sets the default to verbose, which can be overridden with 'make V=0'. Particular systems ================== On HP-UX, the default C compiler is not ANSI C compatible. If GNU CC is not installed, it is recommended to use the following options in order to use an ANSI C compiler: ./configure CC="cc -Ae -D_XOPEN_SOURCE=500" and if that doesn't work, install pre-built binaries of GCC for HP-UX. HP-UX 'make' updates targets which have the same time stamps as their prerequisites, which makes it generally unusable when shipped generated files such as 'configure' are involved. Use GNU 'make' instead. On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot parse its '' header file. The option '-nodtk' can be used as a workaround. If GNU CC is not installed, it is therefore recommended to try ./configure CC="cc" and if that doesn't work, try ./configure CC="cc -nodtk" On Solaris, don't put '/usr/ucb' early in your 'PATH'. This directory contains several dysfunctional programs; working variants of these programs are available in '/usr/bin'. So, if you need '/usr/ucb' in your 'PATH', put it _after_ '/usr/bin'. On Haiku, software installed for all users goes in '/boot/common', not '/usr/local'. It is recommended to use the following options: ./configure --prefix=/boot/common Specifying the System Type ========================== There may be some features 'configure' cannot figure out automatically, but needs to determine by the type of machine the package will run on. Usually, assuming the package is built to be run on the _same_ architectures, 'configure' can figure that out, but if it prints a message saying it cannot guess the machine type, give it the '--build=TYPE' option. TYPE can either be a short name for the system type, such as 'sun4', or a canonical name which has the form: CPU-COMPANY-SYSTEM where SYSTEM can have one of these forms: OS KERNEL-OS See the file 'config.sub' for the possible values of each field. If 'config.sub' isn't included in this package, then this package doesn't need to know the machine type. If you are _building_ compiler tools for cross-compiling, you should use the option '--target=TYPE' to select the type of system they will produce code for. If you want to _use_ a cross compiler, that generates code for a platform different from the build platform, you should specify the "host" platform (i.e., that on which the generated programs will eventually be run) with '--host=TYPE'. Sharing Defaults ================ If you want to set default values for 'configure' scripts to share, you can create a site shell script called 'config.site' that gives default values for variables like 'CC', 'cache_file', and 'prefix'. 'configure' looks for 'PREFIX/share/config.site' if it exists, then 'PREFIX/etc/config.site' if it exists. Or, you can set the 'CONFIG_SITE' environment variable to the location of the site script. A warning: not all 'configure' scripts look for a site script. Defining Variables ================== Variables not defined in a site shell script can be set in the environment passed to 'configure'. However, some packages may run configure again during the build, and the customized values of these variables may be lost. In order to avoid this problem, you should set them in the 'configure' command line, using 'VAR=value'. For example: ./configure CC=/usr/local2/bin/gcc causes the specified 'gcc' to be used as the C compiler (unless it is overridden in the site shell script). Unfortunately, this technique does not work for 'CONFIG_SHELL' due to an Autoconf limitation. Until the limitation is lifted, you can use this workaround: CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash 'configure' Invocation ====================== 'configure' recognizes the following options to control how it operates. '--help' '-h' Print a summary of all of the options to 'configure', and exit. '--help=short' '--help=recursive' Print a summary of the options unique to this package's 'configure', and exit. The 'short' variant lists options used only in the top level, while the 'recursive' variant lists options also present in any nested packages. '--version' '-V' Print the version of Autoconf used to generate the 'configure' script, and exit. '--cache-file=FILE' Enable the cache: use and save the results of the tests in FILE, traditionally 'config.cache'. FILE defaults to '/dev/null' to disable caching. '--config-cache' '-C' Alias for '--cache-file=config.cache'. '--quiet' '--silent' '-q' Do not print messages saying which checks are being made. To suppress all normal output, redirect it to '/dev/null' (any error messages will still be shown). '--srcdir=DIR' Look for the package's source code in directory DIR. Usually 'configure' can determine that directory automatically. '--prefix=DIR' Use DIR as the installation prefix. *note Installation Names:: for more details, including other options available for fine-tuning the installation locations. '--no-create' '-n' Run the configure checks, but stop before creating any output files. 'configure' also accepts some other, not widely useful, options. Run 'configure --help' for more details. libica-4.0.1/LICENSE000066400000000000000000000271131417716165400137640ustar00rootroot00000000000000 Common Public License - V1.0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 1. DEFINITIONS "Contribution" means: 1. in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and 2. in the case of each subsequent Contributor: 1. changes to the Program, and 2. additions to the Program; where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program. "Contributor" means any person or entity that distributes the Program. "Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program. "Program" means the Contributions distributed in accordance with this Agreement. "Recipient" means anyone who receives the Program under this Agreement, including all Contributors. 2. GRANT OF RIGHTS 1. Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form. 2. Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder. 3. Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program. 4. Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement. 3. REQUIREMENTS A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that: 1. it complies with the terms and conditions of this Agreement; and 2. its license agreement: 1. effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose; 2. effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits; 3. states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and 4. states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange. When the Program is made available in source code form: 1. it must be made available under this Agreement; and 2. a copy of this Agreement must be included with each copy of the Program. Contributors may not remove or alter any copyright notices contained within the Program. Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution. 4. COMMERCIAL DISTRIBUTION Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense. For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages. 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations. 6. DISCLAIMER OF LIABILITY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 7. GENERAL If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed. All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive. Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved. This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation. libica-4.0.1/Makefile.am000066400000000000000000000023211417716165400150050ustar00rootroot00000000000000ACLOCAL_AMFLAGS = -I m4 SUBDIRS = doc include src test dist_doc_DATA = AUTHORS ChangeLog INSTALL LICENSE README.md EXTRA_DIST = libica.map libica.spec MAJOR := `echo $(VERSION) | cut -d. -f1` coverage: check @echo -e "\n-----------------"; @echo -e "icastats coverage"; @echo -e "-----------------\n"; cd ${top_builddir}/src && gcov *.gcda @echo -e "\n---------------"; @echo -e "libica coverage"; @echo -e "---------------\n"; cd ${top_builddir}/src && gcov .libs/*.gcda if ICA_FIPS fipsinstall: $(AM_V_GEN)$(MAKE) -C src fipsinstall if ICA_OPENSSL3 test -f $(DESTDIR)$(sysconfdir)/libica || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/libica test -f $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || $(INSTALL) -m 644 ${top_builddir}/src/openssl3-fips.cnf $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || true endif uninstall-hook: rm -f $(DESTDIR)$(libdir)/.libica.so.$(MAJOR).hmac rm -f $(DESTDIR)$(libdir)/.libica.so.$(VERSION).hmac rm -f $(DESTDIR)$(libdir)/.libica-cex.so.$(MAJOR).hmac rm -f $(DESTDIR)$(libdir)/.libica-cex.so.$(VERSION).hmac if ICA_OPENSSL3 rm -f $(sysconfdir)/libica/openssl3-fips.cnf if [ -d $(sysconfdir)/libica ]; then rm -rf $(sysconfdir)/libica; fi endif endif .PHONY: fipsinstall libica-4.0.1/README.md000066400000000000000000000015701417716165400142350ustar00rootroot00000000000000# libica Linux on z Systems crypto library ## configure options `--enable-fips` : enable FIPS build `--enable-debug` : enable debug build `--enable-sanitizer` : enable sanitizer build (libasan and libubsan required) `--enable-coverage` : enable coverage testing build (gcov required) `--enable-internal-tests` : build internal tests See `configure -help`. ## make targets `make` : build the library and the tools `make check` : build and run the test-suite `make (un)install` : (un)install the library and the tools `make coverage` : build and run the test-suite plus coverage tests (`--enable-coverage` required) See the INSTALL file. ## requirements ECC via shared CEX4C adapter under z/VM 6.4 requires APAR VM65942 ## documentation [libica Programmer's Reference](https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.lxci/lxci_linuxonz.html) libica-4.0.1/bootstrap.sh000077500000000000000000000001101417716165400153170ustar00rootroot00000000000000#!/bin/sh set -x autoreconf --force --install --verbose --warnings=all libica-4.0.1/cleanup.sh000077500000000000000000000000531417716165400147370ustar00rootroot00000000000000#!/bin/sh set -x rm -rf `cat .gitignore`; libica-4.0.1/configure.ac000066400000000000000000000102431417716165400152410ustar00rootroot00000000000000AC_INIT([libica], [4.0.1], [https://github.com/opencryptoki/libica/issues],, [https://github.com/opencryptoki/libica]) # save cmdline flags cmdline_CFLAGS="$CFLAGS" AC_USE_SYSTEM_EXTENSIONS AC_CONFIG_SRCDIR([src/ica_api.c]) AC_CONFIG_MACRO_DIRS([m4]) AC_PROG_CC AC_PROG_CXX AC_PROG_INSTALL AC_CHECK_HEADERS([fcntl.h memory.h stddef.h stdint.h stdlib.h string.h strings.h sys/file.h sys/ioctl.h sys/time.h syslog.h unistd.h]) AC_CHECK_HEADER([openssl/evp.h], [], [ AC_MSG_ERROR([OpenSSL 1.1.1 or later is required but OpenSSL headers couldn't be found]) ]) AC_C_INLINE AC_TYPE_SIZE_T AC_TYPE_UID_T AC_TYPE_UINT16_T AC_TYPE_UINT32_T AC_TYPE_UINT64_T AC_TYPE_UINT8_T AC_FUNC_MALLOC AC_FUNC_MMAP AC_FUNC_STRNLEN AC_CHECK_FUNCS([bzero ftruncate gettimeofday memchr memset munmap strcasecmp strerror strstr strtol setenv strtoull]) AC_CHECK_LIB([crypto], [EVP_sha3_256], [], [ AC_MSG_ERROR([OpenSSL 1.1.1 or later is required but OpenSSL libraries version 1.1.1 or later couldn't be found]) ]) AM_PROG_AS LT_INIT AM_INIT_AUTOMAKE([-Wall -Wno-portability foreign]) FLAGS="-Wall -Wextra -mzarch" dnl --- enable_debug AC_ARG_ENABLE(debug, [ --enable-debug turn on debugging flags], [],[enable_debug="no"]) AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes) if test "x$enable_debug" = xyes; then FLAGS="$FLAGS -g -O0" AC_MSG_RESULT([*** Enabling debugging at user request ***]) fi dnl --- enable_coverage AC_ARG_ENABLE(coverage, [ --enable-coverage turn on coverage testing], [],[enable_coverage="no"]) AM_CONDITIONAL(COVERAGE, test x$enable_coverage = xyes) if test "x$enable_coverage" = xyes; then FLAGS="$FLAGS -g -O0 -fprofile-arcs -ftest-coverage" AC_MSG_RESULT([*** Enabling coverage testing at user request ***]) fi dnl --- enable_fips AC_ARG_ENABLE(fips, [ --enable-fips built with FIPS mode support], [],[enable_fips="no"]) AM_CONDITIONAL(ICA_FIPS, test x$enable_fips = xyes) AC_CHECK_LIB([crypto], [OSSL_PROVIDER_load], [openssl3=yes], []) AM_CONDITIONAL(ICA_OPENSSL3, test x$openssl3 = xyes) if test "x$enable_fips" = xyes; then FLAGS="$FLAGS -DICA_FIPS" AC_MSG_RESULT([*** Building libica-fips at user request ***]) AC_CHECK_PROG([openssl_var],[openssl],[yes],[no]) if test "x$openssl_var" != xyes; then AC_MSG_ERROR([Missing openssl binary application required for FIPS build]) fi if test "x$openssl3" = "xyes"; then FIPSDIR=`openssl version -d | cut -f 2- -d ' ' | tr -d \"` AC_SUBST(FIPSDIR) AC_CONFIG_FILES([src/openssl3-fips.cnf]) fi fi dnl --- enable_sanitizer AC_ARG_ENABLE(sanitizer, [ --enable-sanitizer turn on sanitizer (may not work on all systems)], [],[enable_sanitizer="no"]) AM_CONDITIONAL(SANITIZER, test x$enable_sanitizer = xyes) if test "x$enable_sanitizer" = xyes; then FLAGS="$FLAGS -O3 -g -fstack-protector-all -fsanitize=address,signed-integer-overflow,undefined -Wformat-security -Werror=format-security -Warray-bounds -Werror=array-bounds -D_FORTIFY_SOURCE=2" LIBS="-lubsan -lasan" AC_MSG_RESULT([*** Enabling sanitizer at user request ***]) fi dnl --- enable_internal tests AC_ARG_ENABLE(internal_tests, [ --enable-internal-tests built internal tests], [],[enable_internal_tests="no"]) AM_CONDITIONAL(ICA_INTERNAL_TESTS, test x$enable_internal_tests = xyes) if test "x$enable_internal_tests" = xyes; then AC_MSG_RESULT([*** Building internal tests at user request ***]) fi if test "x$enable_coverage" = xno && test "x$enable_debug" = xno && test "x$enable_sanitizer" = xno; then FLAGS="$FLAGS -O3 -D_FORTIFY_SOURCE=2" fi # restore cmdline flags (ignore PROG_AS/PROG_CC defaults) CFLAGS="$cmdline_CFLAGS" CCASFLAGS="$cmdline_CFLAGS" AC_SUBST([FLAGS], $FLAGS) AC_SUBST([LIBS], $LIBS) AC_CONFIG_FILES([Makefile doc/Makefile include/Makefile src/Makefile test/Makefile]) AC_OUTPUT echo "FLAGS=$FLAGS $CFLAGS" echo "LIBS=$LIBS" echo "Enabled features:" echo " FIPS build: $enable_fips" echo " Debug build: $enable_debug" echo " Sanitizer build: $enable_sanitizer" echo " Coverage build: $enable_coverage" echo " Internal tests: $enable_internal_tests" libica-4.0.1/doc/000077500000000000000000000000001417716165400135205ustar00rootroot00000000000000libica-4.0.1/doc/Makefile.am000066400000000000000000000000641417716165400155540ustar00rootroot00000000000000dist_man1_MANS = icastats.1 icainfo.1 icainfo-cex.1 libica-4.0.1/doc/icainfo-cex.1000066400000000000000000000045261417716165400157760ustar00rootroot00000000000000.\" icainfo-cex man page source .\" .\" use .\" groff -man -Tutf8 icainfo-cex.1 .\" or .\" nroff -man icainfo-cex.1 .\" to process this source .\" .TH ICAINFO-CEX 1 2021-06-25 IBM "icainfo-cex user manual" .SH NAME icainfo-cex \- print information about cryptographic functions supported by libica-cex .SH SYNOPSIS .B icainfo-cex [-v | --version] [-h | --help] [-c | --list-curves] .SH DESCRIPTION .B icainfo-cex prints a table that shows libica-cex's support for various cryptographic algorithms and information about FIPS support. The icainfo-cex output also indicates, whether it is in an error state. Algorithms that are not FIPS approved are marked as blocked in both table columns when running in FIPS mode. All algorithms are marked as blocked when libica is in an error state. Available hardware support is divided into two columns: dynamic hardware means crypto cards, static hardware support means CPACF. Software support is provided via openssl. If a function is disabled via build option, this is indicated by a dash '-' in the related column. A shortened sample output is given below: .P .nf Cryptographic algorithm support ------------------------------------------------------ | hardware | function | dynamic | static | software ---------------+------------+------------+------------ SHA-1 | no | - | - SHA-224 | no | - | - SHA-256 | no | - | - SHA-384 | no | - | - SHA-512 | no | - | - GHASH | no | - | - P_RNG | blocked | - | - DRBG-SHA-512 | no | - | - RSA ME | yes | - | - RSA CRT | yes | - | - ... ------------------------------------------------------ Built-in FIPS support: FIPS mode active. Software fallbacks are disabled in libica-cex. CPACF support (including fallbacks) is disabled in libica-cex. .fi .SH OPTIONS .IP "-v or --version" show libica-cex version and copyright .IP "-h or --help" display this help and exit .IP "-c or --list-curves" show supported elliptic curves .SH RETURN VALUE .IP 1 unknown or invalid argument on invocation .IP 0 successful program execution .SH "SEE ALSO" .BR icastats (1) libica-4.0.1/doc/icainfo.1000066400000000000000000000041261417716165400152150ustar00rootroot00000000000000.\" icainfo man page source .\" .\" use .\" groff -man -Tutf8 icainfo.1 .\" or .\" nroff -man icainfo.1 .\" to process this source .\" .TH ICAINFO 1 2021-06-21 IBM "icainfo user manual" .SH NAME icainfo \- print information about cryptographic functions supported by libica .SH SYNOPSIS .B icainfo [-v | --version] [-h | --help] [-c | --list-curves] .SH DESCRIPTION .B icainfo prints a table that shows libica's support for various cryptographic algorithms and information about FIPS support. The icainfo output also indicates, whether it is in an error state. Algorithms that are not FIPS approved are marked as blocked in both table columns when running in FIPS mode. All algorithms are marked as blocked when libica is in an error state. Available hardware support is divided into two columns: dynamic hardware means crypto cards, static hardware support means CPACF. Software support is provided via openssl. A shortened sample output is given below: .P .nf Cryptographic algorithm support ------------------------------------------------------ | hardware | function | dynamic | static | software ---------------+------------+------------+------------ SHA-1 | no | yes | yes SHA-224 | no | yes | yes SHA-256 | no | yes | yes SHA-384 | no | yes | yes SHA-512 | no | yes | yes GHASH | no | yes | no P_RNG | blocked | blocked | blocked DRBG-SHA-512 | no | yes | yes RSA ME | yes | no | yes RSA CRT | yes | no | yes ... ------------------------------------------------------ Built-in FIPS support: FIPS mode active. .fi .SH OPTIONS .IP "-v or --version" show libica version and copyright .IP "-h or --help" display this help and exit .IP "-c or --list-curves" show supported elliptic curves .SH RETURN VALUE .IP 1 unknown or invalid argument on invocation .IP 0 successful program execution .SH "SEE ALSO" .BR icastats (1) libica-4.0.1/doc/icastats.1000066400000000000000000000125571417716165400154270ustar00rootroot00000000000000.\" icastats man page source .\" .\" use .\" groff -man -Tutf8 icastats.1 .\" or .\" nroff -man icastats.1 .\" to process this source .\" .TH ICASTATS 1 2013-12-06 IBM "icaststats user manual" .SH NAME icastats \- display statistic data for the libica cryptographic functions .SH SYNOPSIS .B icastats [-v | --version] [-h | --help] [--reset-all | -R] [--reset | -r] [--delete-all |-D] [--delete | -d] [--all | -A] [--summary | -S] [-U | --user ] [--key-sizes | -k] [--json | -j] .SH DESCRIPTION .B icastats displays statistic data about the usage of cryptographic functions provided by libica. .br Libica is a cryptographic library supporting SHA, RSA, ECC, DES and AES in different modes of operations. The invocation of each call to all the cryptographic functions is tracked with individual counters which can be displayed and maintained with icastats. .br Here is a shortened sample output: .P .nf function | # hardware | # software --------------+-----------------------+------------------------- | ENC CRYPT DEC | ENC CRYPT DEC --------------|-----------------------|------------------------- SHA-1 | 0 | 0 SHA-224 | 0 | 0 SHA-256 | 0 | 0 ... ECDSA Sign | 0 | 0 ECDSA Verify | 0 | 0 EC Keygen | 0 | 0 RSA-ME | 0 | 0 ... RSA-ME | 0 | 0 RSA-CRT | 0 | 0 ... AES CFB | 0 0 | 0 0 AES CTR | 0 0 | 0 0 AES CMAC | 0 0 | 0 0 AES XTS | 0 0 | 0 0 AES GCM | 0 0 | 0 0 .fi .P In addition to the default output format, a machine readable JSON output format can be selected using the --json | -j option. .P For each cryptographic function the table shows the number of invocations where hardware support was involved or the libica fall back implementation in software was used. For the ciphering methods the invocation counter is further divided into encrypt and decrypt operation counter values. For some cryptographic functions (AES, RSA, ECC) counters exist per key size. Use the --key-sizes | -k option to display those counters as well. For the JSON output format, only the per key size counters are reported. .P All the counter values are stored and maintained in one shared memory page for each user. This memory area is created automatically with the first run of icastats and persists until it is explicitly removed (see the -d option) or system shut down. This also means that the statistical data shown with icastats is on a per user base and only the root user is able to see and maintain the collection of statistic data from libica at system scope. .P Newer operating systems might remove these shared memory segments after the user has logged out from the system (systemd cleanup action). In this case all collected statistic data are gone. To prevent the statistic data from being removed you can configure the systemd to keep all shared memory segments after session exit by enabling the "RemoveIPC=no" paramater in "/etc/systemd/logind.conf". Alternatively you can setup the systemd user manager to enable user lingering by typing "loginctl enable-linger ". Note that one single libica function may increase several different counters when internally using different hardware functions. For example, performing AES GCM on a z13 involves using the AES ECB, AES CTR and GHASH hardware functions. On a z14, the AES GCM counter increases to indicate the use of the KMA instruction. Depending on the input data, other counters may also increase. Therefore, by looking at the hardware counters, it is not possible to see how often a particular API function was called. .SH OPTIONS .IP "-v or --version" show libica version and copyright .IP "-h or --help" display this help and exit .IP "-R or --reset-all" reset the statistic data for each user that has a shared memory segment to zero (only root user) .IP "-r or --reset" reset the statistic data for the current user to zero .IP "-D or --delete-all" delete all shared memory segments from all users who have an icastats shared memory segment (only root user) .IP "-d or --delete" delete the libica shared memory area for the current user .IP "-A or --all" show libica statistic data for each user in the system where a shared memory area exists in multiple tables (only root user) .IP "-S or --summary" show libica statistic data for each user in the system where a shared memory area exists in one table accumulating all the per user counter values (only root user) .IP "-U or --user " show statistic values from the given user (only root user) .IP "-k or --key-sizes" show libica statistic data per key size .IP "-j or --json" output the statistics in JSON format .SH FILES .nf /shm/dev/icastats_ .fi .SH RETURN VALUE .IP 1 unsupported or unknown argument, argument which requires root privileges given but not root user, failures at creating or attaching to the shared memory area ... .IP 0 normal and sucessful program execution .SH SEE ALSO icainfo (1) libica-4.0.1/include/000077500000000000000000000000001417716165400143765ustar00rootroot00000000000000libica-4.0.1/include/Makefile.am000066400000000000000000000000341417716165400164270ustar00rootroot00000000000000include_HEADERS = ica_api.h libica-4.0.1/include/ica_api.h000066400000000000000000004217711417716165400161500ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* * Authors(s): Ralph Wuerthner * Holger Dengler * Ingo Tuchscherer * * Copyright IBM Corp. 2001, 2005, 2009, 2010, 2011, 2013 */ #ifndef __ICA_API_H__ #define __ICA_API_H__ /*************************************************************************** *** *** *** LICENSED MATERIALS - PROPERTY OF IBM *** *** *** *** All Rights Reserved *** *** *** *** U.S. Government Users Restricted Rights - Use, *** *** duplication or disclosure restricted by GSA ADP *** *** Schedule Contract with IBM Corp. *** *** *** *** *** *** ORIGINS: IBM Charlotte, Department VM9A *** *** *** ***************************************************************************/ #include #include #include #define ICA_EXPORT __attribute__((__visibility__("default"))) #define ICA_DEPRECATED __attribute__((deprecated)) #define ica_adapter_handle_t int typedef ica_adapter_handle_t ICA_ADAPTER_HANDLE; #define DRIVER_NOT_LOADED (-1) /** * Definitions to determine the direction of the symmetric * encryption/decryption functions. */ #define ICA_ENCRYPT 1 #define ICA_DECRYPT 0 /** * Symetric encryption/decryption modes */ #define MODE_ECB 1 #define MODE_CBC 2 #define MODE_CFB 3 #define MODE_OFB 4 #define MODE_CTR 5 #define MODE_XTS 6 #define MODE_GCM 7 #define MODE_CBCCS 8 #define MODE_CCM 9 /** * CBC Ciphertext Stealing variants */ #define ICA_CBCCS_VARIANT1 1 #define ICA_CBCCS_VARIANT2 2 #define ICA_CBCCS_VARIANT3 3 /** * ICA flags */ #define ICA_FLAG_SHW 4 /* static hardware support (symmetric ops - CPACF) */ #define ICA_FLAG_DHW 2 /* dynamic hardware support (asymmetric ops - CEX) */ #define ICA_FLAG_SW 1 /* software implementation (fallback / backup) */ /** * ICA properties: key lengths */ #define ICA_PROPERTY_AES_128 0x00000001 #define ICA_PROPERTY_AES_192 0x00000002 #define ICA_PROPERTY_AES_256 0x00000004 #define ICA_PROPERTY_RSA_ALL 0x0000000F /* All RSA key lengths */ #define ICA_PROPERTY_RSA_FIPS 0x0000000C /* RSA 2k and higher */ #define ICA_PROPERTY_EC_BP 0x00000001 /* Brainpool curves */ #define ICA_PROPERTY_EC_NIST 0x00000002 /* NIST curves */ #define ICA_PROPERTY_EC_ED 0x00000004 /* Edwards curves */ /** * Algorithms */ #define SHA1 1 #define SHA224 2 #define SHA256 3 #define SHA384 4 #define SHA512 5 #define SHA3_224 6 #define SHA3_256 7 #define SHA3_384 8 #define SHA3_512 9 #define SHAKE128 11 #define SHAKE256 12 #define G_HASH 10 #define DES_ECB 20 #define DES_CBC 21 #define DES_CBC_CS 22 #define DES_OFB 23 #define DES_CFB 24 #define DES_CTR 25 #define DES_CTRLST 26 #define DES_CBC_MAC 27 #define DES_CMAC 28 #define DES3_ECB 41 #define DES3_CBC 42 #define DES3_CBC_CS 43 #define DES3_OFB 44 #define DES3_CFB 45 #define DES3_CTR 46 #define DES3_CTRLST 47 #define DES3_CBC_MAC 48 #define DES3_CMAC 49 #define AES_ECB 60 #define AES_CBC 61 #define AES_CBC_CS 62 #define AES_OFB 63 #define AES_CFB 64 #define AES_CTR 65 #define AES_CTRLST 66 #define AES_CBC_MAC 67 #define AES_CMAC 68 #define AES_CCM 69 #define AES_GCM 70 #define AES_XTS 71 #define AES_GCM_KMA 72 #define P_RNG 80 #define EC_DH 85 #define EC_DSA_SIGN 86 #define EC_DSA_VERIFY 87 #define EC_KGEN 88 #define RSA_ME 90 #define RSA_CRT 91 #define RSA_KEY_GEN_ME 92 #define RSA_KEY_GEN_CRT 93 #define SHA512_DRNG 94 #define SHA512_224 95 #define SHA512_256 96 #define ED25519_KEYGEN 100 #define ED25519_SIGN 101 #define ED25519_VERIFY 102 #define ED448_KEYGEN 103 #define ED448_SIGN 104 #define ED448_VERIFY 105 #define X25519_KEYGEN 106 #define X25519_DERIVE 107 #define X448_KEYGEN 108 #define X448_DERIVE 109 /* * Key length for DES/3DES encryption/decryption */ #define DES_KEY_LENGTH (56/8) #define DES3_KEY_LENGTH (168/8) /** * Key length for AES encryption/decryption */ #define AES_KEY_LEN128 (128/8) #define AES_KEY_LEN192 (192/8) #define AES_KEY_LEN256 (256/8) /** * SHA Message parts */ #define SHA_MSG_PART_ONLY 0 #define SHA_MSG_PART_FIRST 1 #define SHA_MSG_PART_MIDDLE 2 #define SHA_MSG_PART_FINAL 3 /** * SHA hash lengths */ #define SHA_HASH_LENGTH 20 #define SHA1_HASH_LENGTH SHA_HASH_LENGTH #define SHA224_HASH_LENGTH 28 #define SHA256_HASH_LENGTH 32 #define SHA384_HASH_LENGTH 48 #define SHA512_HASH_LENGTH 64 #define SHA512_224_HASH_LENGTH SHA224_HASH_LENGTH #define SHA512_256_HASH_LENGTH SHA256_HASH_LENGTH #define SHA3_224_HASH_LENGTH SHA224_HASH_LENGTH #define SHA3_256_HASH_LENGTH SHA256_HASH_LENGTH #define SHA3_384_HASH_LENGTH SHA384_HASH_LENGTH #define SHA3_512_HASH_LENGTH SHA512_HASH_LENGTH #define SHA3_PARMBLOCK_LENGTH 200 /* * ica_drbg */ #define ICA_DRBG_NEW_STATE_HANDLE NULL #define ICA_DRBG_HEALTH_TEST_FAIL (-1) #define ICA_DRBG_ENTROPY_SOURCE_FAIL (-2) /* * The following status flags are used to examine the return value of the * status output interface ica_fips_status(). */ /* * 'FIPS mode active'-flag */ #define ICA_FIPS_MODE 1 /* * 'Powerup test failed'-flags */ /* Cryptographic algorithm test (KAT or pair-wise consistency test) */ #define ICA_FIPS_CRYPTOALG 2 /* Software/Firmware integrity test */ #define ICA_FIPS_INTEGRITY 4 /* Critical functions test (N/A) */ #define ICA_FIPS_CRITICALFUNC 8 /* * 'Conditional test failed'-flags */ /* Pair-wise consistency test for public & private keys (N/A) */ #define ICA_FIPS_CONSISTENCY 16 /* Software/Firmware load test (N/A) */ #define ICA_FIPS_LOAD 32 /* Manual key entry test (N/A) */ #define ICA_FIPS_KEYENTRY 64 /* Continuous random number generator test */ #define ICA_FIPS_RNG 128 /* Bypass test (N/A) */ #define ICA_FIPS_BYPASS 256 /** * Context for SHA1 operations */ typedef struct { uint64_t runningLength; unsigned char shaHash[SHA_HASH_LENGTH]; } sha_context_t; /** * Context for SHA256 and SHA224 operations */ typedef struct { uint64_t runningLength; unsigned char sha256Hash[SHA256_HASH_LENGTH]; } sha256_context_t; /** * Context for SHA512 and SHA384 operations */ typedef struct { uint64_t runningLengthHigh; uint64_t runningLengthLow; unsigned char sha512Hash[SHA512_HASH_LENGTH]; } sha512_context_t; /** * Context for SHA3_224 operations */ typedef struct { uint64_t runningLength; unsigned char sha3_224Hash[SHA3_PARMBLOCK_LENGTH]; } sha3_224_context_t; /** * Context for SHA3_256 operations */ typedef struct { uint64_t runningLength; unsigned char sha3_256Hash[SHA3_PARMBLOCK_LENGTH]; } sha3_256_context_t; /** * Context for SHA3_384 operations */ typedef struct { uint64_t runningLengthHigh; uint64_t runningLengthLow; unsigned char sha3_384Hash[SHA3_PARMBLOCK_LENGTH]; } sha3_384_context_t; /** * Context for SHA3_512 operations */ typedef struct { uint64_t runningLengthHigh; uint64_t runningLengthLow; unsigned char sha3_512Hash[SHA3_PARMBLOCK_LENGTH]; } sha3_512_context_t; /** * Context for SHAKE_128 operations with variable output length */ typedef struct { uint64_t runningLengthHigh; uint64_t runningLengthLow; unsigned int output_length; unsigned char shake_128Hash[SHA3_PARMBLOCK_LENGTH]; } shake_128_context_t; /** * Context for SHAKE_256 operations with variable output length */ typedef struct { uint64_t runningLengthHigh; uint64_t runningLengthLow; unsigned int output_length; unsigned char shake_256Hash[SHA3_PARMBLOCK_LENGTH]; } shake_256_context_t; /* * Assumption: *_ENCRYPT members of the kmc_funktion_t and kma_function_t * enums are even, while *_DECRYPT members are odd. */ typedef enum { DEA_ENCRYPT, DEA_DECRYPT, TDEA_192_ENCRYPT, TDEA_192_DECRYPT, AES_128_ENCRYPT, AES_128_DECRYPT, AES_192_ENCRYPT, AES_192_DECRYPT, AES_256_ENCRYPT, AES_256_DECRYPT, /* XTS belongs to the KM family */ AES_128_XTS_ENCRYPT, AES_128_XTS_DECRYPT, AES_256_XTS_ENCRYPT, AES_256_XTS_DECRYPT, /* PRNG only for KMC */ PRNG, } kmc_functions_t; typedef enum { AES_128_GCM_ENCRYPT, AES_128_GCM_DECRYPT, AES_192_GCM_ENCRYPT, AES_192_GCM_DECRYPT, AES_256_GCM_ENCRYPT, AES_256_GCM_DECRYPT, } kma_functions_t; typedef enum { ECDSA_VERIFY_P256, ECDSA_VERIFY_P384, ECDSA_VERIFY_P521, ECDSA_SIGN_P256, ECDSA_SIGN_P384, ECDSA_SIGN_P521, EDDSA_VERIFY_ED25519, EDDSA_VERIFY_ED448, EDDSA_SIGN_ED25519, EDDSA_SIGN_ED448, } kdsa_functions_t; typedef struct { unsigned int key_length; unsigned char* modulus; unsigned char* exponent; } ica_rsa_key_mod_expo_t; typedef struct { unsigned int key_length; unsigned char* p; unsigned char* q; unsigned char* dp; unsigned char* dq; unsigned char* qInverse; } ica_rsa_key_crt_t; /** * DES and AES defines and typedefs */ typedef unsigned char ica_des_vector_t[8]; typedef unsigned char ica_des_key_single_t[8]; typedef struct { ica_des_key_single_t key1; ica_des_key_single_t key2; ica_des_key_single_t key3; } ica_des_key_triple_t; typedef unsigned char ica_key_t[8]; /** * AES defines and typedefs */ typedef unsigned char ica_aes_vector_t[16]; typedef unsigned char ica_aes_key_single_t[8]; typedef unsigned char ica_aes_key_len_128_t[16]; typedef unsigned char ica_aes_key_len_192_t[24]; typedef unsigned char ica_aes_key_len_256_t[32]; /** * Libica version information */ typedef struct { unsigned int major_version; unsigned int minor_version; unsigned int fixpack_version; } libica_version_info; /** * Definition of a mechanism type **/ typedef unsigned int libica_mechanism_type; /** * Information for a particular crypto mechanism supported by libica. * Key sizes are specified in bytes and do not apply to all supported * mechanisms. **/ typedef struct { unsigned int min_key_size; unsigned int max_key_size; unsigned int flags; } libica_mechanism_info; /** * Definition for a particular crypto mechanism supported by libica. **/ typedef struct { libica_mechanism_type mech_type; libica_mechanism_info mech_info; } libica_mechanism_list_element; /* * internal specification for a specific crypto mechanism supported by libica **/ typedef struct { unsigned int mech_mode_id; unsigned int type; unsigned int id; unsigned int flags; unsigned int property; } libica_func_list_element_int; /* * external specification for a specific crypto mechanism supported by libica **/ typedef struct { unsigned int mech_mode_id; unsigned int flags; unsigned int property; } libica_func_list_element; typedef struct ica_drbg_mech ica_drbg_mech_t; typedef struct ica_drbg ica_drbg_t; /** * Definitions for the ica_set_fallback_mode function. */ #define ICA_FALLBACKS_ENABLED 1 #define ICA_FALLBACKS_DISABLED 0 /** * Environment variable for defining the default Libica fallback mode. * By default Libica starts with fallbacks enabled. When this environment * variable exists and has a numeric value, the fallback mode is set * via ica_set_fallback_mode(). */ #define ICA_FALLBACK_ENV "LIBICA_FALLBACK_MODE" /** * Set Libica fallback mode. * With fallbacks enabled (that's the default), when there is no hardware * support available (for example when the crypto cards are offline) Libica * attempts to cover the request by calling Openssl functions as fallback. * With fallback disabled, no attempts will be made to fulfill the request * if there is no hardware support or hardware invocation fails. Instead * the function will return with ENODEV. */ ICA_EXPORT void ica_set_fallback_mode(int fallback_mode); /** * Environment variable for setting libica offload mode. * By default libica may prefer to do crypto in cpacf instead of adapters. * If this environment variable is defined to be an integer not equal to zero, * adapters will always be preferred. */ #define ICA_OFFLOAD_ENV "LIBICA_OFFLOAD_MODE" /** * Set libica offload mode. * By default libica may prefer to do crypto in cpacf instead of adapters. * If this function is called with offload_mode != 0, adapters will always * be preferred. */ ICA_EXPORT void ica_set_offload_mode(int offload_mode); /** * Environment variable for setting libica stats mode. * By default libica counts its crypto operations in shared memory. * If this environment variable is defined to be zero, libica will not * count crypto operations. */ #define ICA_STATS_ENV "LIBICA_STATS_MODE" /** * Set libica stats mode. * By default libica counts its crypto operations in shared memory. * If this function is called with stats_mode = 0, libica will not * count crypto operations. */ ICA_EXPORT void ica_set_stats_mode(int stats_mode); /** * Opens the specified adapter * @param adapter_handle Pointer to the file descriptor for the adapter or * to DRIVER_NOT_LOADED if opening the crypto adapter failed. * * @return 0 as long as a valid parameter is given. * EINVAL for invalid parameter. */ ICA_EXPORT unsigned int ica_open_adapter(ica_adapter_handle_t *adapter_handle); /** * Closes a device handle. * @param adapter_handle Pointer to a previously opened device handle. * * @return 0 if successful. * errno of close() if unsuccessful */ ICA_EXPORT unsigned int ica_close_adapter(ica_adapter_handle_t adapter_handle); /** * Generate a random number. * * Required HW Support * KMC-PRNG * * @param output_length * Specifies the byte length of the output_data buffer and the desired length * of the random number. * @param output_data * Pointer to the buffer to contain the resulting random number. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * ENODEV if neither /dev/hwrng nor /dev/urandom are available. * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_random_number_generate(unsigned int output_length, unsigned char *output_data); /** * Perform secure hash on input data using the SHA-1 algorithm. * * Required HW Support * KIMD-SHA-1, or KLMD-SHA-1 * * @param message_part * The message chaining state. Must be one of the following: * SHA_MSG_PART_ONLY - A single hash operation * SHA_MSG_PART_FIRST - The first part * SHA_MSG_PART_MIDDLE - The middle part * SHA_MSG_PART_FINAL - The last part * @param input_length * The byte length of the input data to be SHA-1 hashed and must be greater * than zero. * Note: For SHA_MSG_PART_FIRST and SHA_MSG_PART_MIDDLE calls, the byte length * must be a multiple of 64 i.e., SHA-1 block size. * @param input_data * Pointer to the input data data. * @param sha_context * Pointer to the SHA-1 context structure used to store intermediate values * needed when chaining is used. The contents are ignored for message part * SHA_MSG_PART_ONLY and SHA_MSG_PART_FIRST. This structure must * contain the returned value of the preceding call to ica_sha1 for message * part SHA_MSG_PART_MIDDLE and SHA_MSG_PART_FINAL. For message part * SHA_MSG_PART_FIRST and SHA_MSG_PART_FINAL, the returned value can * be used for a chained call of ica_sha1. Therefore, the application must * not modify the contents of this structure in between chained calls. * @param output_data * Pointer to the buffer to contain the resulting hash data. The resulting * output data will have a length of SHA_HASH_LENGTH. Make sure buffer has * at least this size. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_sha1(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha_context_t *sha_context, unsigned char *output_data); /** * Perform secure hash on input data using the SHA-224 algorithm. * * Required HW Support * KIMD-SHA-256, or KLMD-SHA-256 * * @param message_part * The message chaining state. Must be one of the following: * SHA_MSG_PART_ONLY - A single hash operation * SHA_MSG_PART_FIRST - The first part * SHA_MSG_PART_MIDDLE - The middle part * SHA_MSG_PART_FINAL - The last part * @param input_length * The byte length of the input data to be SHA-224 hashed and must be greater * than zero. * Note: For SHA_MSG_PART_FIRST and SHA_MSG_PART_MIDDLE calls, the byte length * must be a multiple of 64 i.e., SHA-224 block size. * @param input_data * Pointer to the input data. * @param sha256_context * Pointer to the SHA-256 context structure used to store intermediate values * needed when chaining is used. The contents are ignored for message part * SHA_MSG_PART_ONLY and SHA_MSG_PART_FIRST. This structure must * contain the returned value of the preceding call to ica_sha224 for message * part SHA_MSG_PART_MIDDLE and SHA_MSG_PART_FINAL. For message part * SHA_MSG_PART_FIRST and SHA_MSG_PART_FINAL, the returned value can * be used for a chained call of ica_sha224. Therefore, the application must * not modify the contents of this structure in between chained calls. * Note: Due to the algorithm used by SHA-224, a SHA-256 context must be * used. * @param output_data * Pointer to the buffer to contain the resulting hash data. The resulting * output data will have a length of SHA224_HASH_LENGTH. Make sure buffer has * at least this size. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_sha224(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha256_context_t *sha256_context, unsigned char *output_data); /** * Perform secure hash on input data using the SHA-256 algorithm. * * Required HW Support * KIMD-SHA-256, or KLMD-SHA-256 * * @param message_part * The message chaining state. Must be one of the following: * SHA_MSG_PART_ONLY - A single hash operation * SHA_MSG_PART_FIRST - The first part * SHA_MSG_PART_MIDDLE - The middle part * SHA_MSG_PART_FINAL - The last part * @param input_length * The byte length of the input data to be SHA-256 hashed and must be greater * than zero. * Note: For SHA_MSG_PART_FIRST and SHA_MSG_PART_MIDDLE calls, the byte length * must be a multiple of 64 i.e., SHA-256 block size. * @param input_data * Pointer to the input data. * @param sha256_context * Pointer to the SHA-256 context structure used to store intermediate values * needed when chaining is used. The contents are ignored for message part * SHA_MSG_PART_ONLY and SHA_MSG_PART_FIRST. This structure must * contain the returned value of the preceding call to ica_sha256 for message part * SHA_MSG_PART_MIDDLE and SHA_MSG_PART_FINAL. For message part * SHA_MSG_PART_FIRST and SHA_MSG_PART_FINAL, the returned value can * be used for a chained call of ica_sha256. Therefore, the application must not * modify the contents of this structure in between chained calls. * @param output_data * Pointer to the buffer to contain the resulting hash data. The resulting output * data will have a length of SHA256_HASH_LENGTH. Make sure that the buffer * has is at least this size. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_sha256(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha256_context_t *sha256_context, unsigned char *output_data); /** * Perform secure hash on input data using the SHA-384 algorithm. * * Required HW Support * KIMD-SHA-512, or KLMD-SHA-512 * * @param message_part * The message chaining state. Must be one of the following: * SHA_MSG_PART_ONLY - A single hash operation * SHA_MSG_PART_FIRST - The first part * SHA_MSG_PART_MIDDLE - The middle part * SHA_MSG_PART_FINAL - The last part * @param input_length * The byte length of the input data to be SHA-384 hashed and must be greater * than zero. * Note: For SHA_MSG_PART_FIRST and SHA_MSG_PART_MIDDLE calls, the byte length * must be a multiple of 128 i.e., SHA-384 block size. * @param input_data * Pointer to the input data. * @param sha512_context * Pointer to the SHA-512 context structure used to store intermediate values * needed when chaining is used. The contents are ignored for message part * SHA_MSG_PART_ONLY and SHA_MSG_PART_FIRST. This structure must * contain the returned value of the preceding call to ica_sha384 for message * part SHA_MSG_PART_MIDDLE and SHA_MSG_PART_FINAL. For message part * SHA_MSG_PART_FIRST and SHA_MSG_PART_FINAL, the returned value can * be used for a chained call of ica_sha384. Therefore, the application must * not modify the contents of this structure in between chained calls. * Note: Due to the algorithm used by SHA-384, a SHA-512 context must be * used. * @param output_data * Pointer to the buffer to contain the resulting hash data. The resulting * output data will have a length of SHA384_HASH_LENGTH. Make sure buffer has * at least this size. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_sha384(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data); /** * Perform secure hash on input data using the SHA-512 algorithm. * * Required HW Support * KIMD-SHA-512, or KLMD-SHA-512 * * @param message_part * The message chaining state. Must be one of the following: * SHA_MSG_PART_ONLY - A single hash operation * SHA_MSG_PART_FIRST - The first part * SHA_MSG_PART_MIDDLE - The middle part * SHA_MSG_PART_FINAL - The last part * @param input_length * The byte length of the input data to be SHA-512 hashed and must be greater * than zero. * Note: For SHA_MSG_PART_FIRST and SHA_MSG_PART_MIDDLE calls, the byte length * must be a multiple of 128 i.e., SHA-512 block size. * @param input_data * Pointer to the input data. * @param sha512_context * Pointer to the SHA-512 context structure used to store intermediate values * needed when chaining is used. The contents are ignored for message part * SHA_MSG_PART_ONLY and SHA_MSG_PART_FIRST. This structure must * contain the returned value of the preceding call to ica_sha512 for message * part SHA_MSG_PART_MIDDLE and SHA_MSG_PART_FINAL. For message part * SHA_MSG_PART_FIRST and SHA_MSG_PART_FINAL, the returned value can * be used for a chained call of ica_sha512. Therefore, the application must * not modify the contents of this structure in between chained calls. * @param output_data * Pointer to the buffer to contain the resulting hash data. The resulting * output data will have a length of SHA512_HASH_LENGTH. Make sure buffer has * at least this size. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_sha512(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data); /** * Perform secure hash on input data using the SHA-512/224 algorithm. * * Required HW Support * KIMD-SHA-512, or KLMD-SHA-512 * * @param message_part * The message chaining state. Must be one of the following: * SHA_MSG_PART_ONLY - A single hash operation * SHA_MSG_PART_FIRST - The first part * SHA_MSG_PART_MIDDLE - The middle part * SHA_MSG_PART_FINAL - The last part * @param input_length * The byte length of the input data to be SHA-512/224 hashed and must be greater * than zero. * Note: For SHA_MSG_PART_FIRST and SHA_MSG_PART_MIDDLE calls, the byte length * must be a multiple of 128 i.e., SHA-512 block size. * @param input_data * Pointer to the input data. * @param sha512_context * Pointer to the SHA-512 context structure used to store intermediate values * needed when chaining is used. The contents are ignored for message part * SHA_MSG_PART_ONLY and SHA_MSG_PART_FIRST. This structure must * contain the returned value of the preceding call to ica_sha512_224 for message * part SHA_MSG_PART_MIDDLE and SHA_MSG_PART_FINAL. For message part * SHA_MSG_PART_FIRST and SHA_MSG_PART_FINAL, the returned value can * be used for a chained call of ica_sha512_224. Therefore, the application must * not modify the contents of this structure in between chained calls. * @param output_data * Pointer to the buffer to contain the resulting hash data. The resulting * output data will have a length of SHA512_224_HASH_LENGTH. Make sure buffer has * at least this size. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_sha512_224(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data); /** * Perform secure hash on input data using the SHA-512/256 algorithm. * * Required HW Support * KIMD-SHA-512, or KLMD-SHA-512 * * @param message_part * The message chaining state. Must be one of the following: * SHA_MSG_PART_ONLY - A single hash operation * SHA_MSG_PART_FIRST - The first part * SHA_MSG_PART_MIDDLE - The middle part * SHA_MSG_PART_FINAL - The last part * @param input_length * The byte length of the input data to be SHA-512/256 hashed and must be greater * than zero. * Note: For SHA_MSG_PART_FIRST and SHA_MSG_PART_MIDDLE calls, the byte length * must be a multiple of 128 i.e., SHA-512 block size. * @param input_data * Pointer to the input data. * @param sha512_context * Pointer to the SHA-512 context structure used to store intermediate values * needed when chaining is used. The contents are ignored for message part * SHA_MSG_PART_ONLY and SHA_MSG_PART_FIRST. This structure must * contain the returned value of the preceding call to ica_sha512_256 for message * part SHA_MSG_PART_MIDDLE and SHA_MSG_PART_FINAL. For message part * SHA_MSG_PART_FIRST and SHA_MSG_PART_FINAL, the returned value can * be used for a chained call of ica_sha512_256. Therefore, the application must * not modify the contents of this structure in between chained calls. * @param output_data * Pointer to the buffer to contain the resulting hash data. The resulting * output data will have a length of SHA512_256_HASH_LENGTH. Make sure buffer has * at least this size. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given * EIO if the operation fails. This should never happen. */ICA_EXPORT unsigned int ica_sha512_256(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data); ICA_EXPORT unsigned int ica_sha3_224(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha3_224_context_t *sha3_224_context, unsigned char *output_data); ICA_EXPORT unsigned int ica_sha3_256(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha3_256_context_t *sha3_256_context, unsigned char *output_data); ICA_EXPORT unsigned int ica_sha3_384(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha3_384_context_t *sha3_384_context, unsigned char *output_data); ICA_EXPORT unsigned int ica_sha3_512(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha3_512_context_t *sha3_512_context, unsigned char *output_data); ICA_EXPORT unsigned int ica_shake_128(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, shake_128_context_t *shake_128_context, unsigned char *output_data, unsigned int output_length); ICA_EXPORT unsigned int ica_shake_256(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, shake_256_context_t *shake_256_context, unsigned char *output_data, unsigned int output_length); /******************************************************************************* * * Begin of ECC API */ #ifndef NID_X25519 # define NID_X25519 1034 #endif #ifndef NID_X448 # define NID_X448 1035 #endif #ifndef NID_ED25519 # define NID_ED25519 1087 #endif #ifndef NID_ED448 # define NID_ED448 1088 #endif typedef struct ec_key_t ICA_EC_KEY; /** * Allocate and return a new ICA_EC_KEY structure. * * @param nid * The identifier of the elliptic curve, on which the new ICA_EC_KEY * shall be based. * * NID Value NID Name (OpenSSL) Elliptic Curve D Length (bytes) * --------- ---------------------- ---------------- ---------------- * 409 NID_X9_62_prime192v secp192r1 24 * 713 NID_secp224r1 secp224r1 28 * 415 NID_X9_62_prime256v1 secp256r1 32 * 715 NID_secp384r1 secp384r1 48 * 716 NID_secp521r1 secp521r1 66 * 921 NID_brainpoolP160r1 brainpoolP160r1 20 * 923 NID_brainpoolP192r1 brainpoolP192r1 24 * 925 NID_brainpoolP224r1 brainpoolP224r1 28 * 927 NID_brainpoolP256r1 brainpoolP256r1 32 * 929 NID_brainpoolP320r1 brainpoolP320r1 40 * 931 NID_brainpoolP384r1 brainpoolP384r1 48 * 933 NID_brainpoolP512r1 brainpoolP512r1 64 * 1034 NID_X25519 X25519 * 1035 NID_X448 X448 * 1087 NID_ED25519 Ed25519 32 * 1088 NID_ED448 Ed448 57 * * @param privlen * A pointer to an unsigned integer buffer where the length of the * private D-value of the ICA_EC_KEY is returned. * * Note: The lengths of X and Y are the same as the length of D. * Therefore, the public key (X,Y) has twice the length of D. * Also an ECDSA signature has twice the length of D. * * @return Pointer to opaque ICA_EC_KEY structure if success. * NULL if no memory could be allocated. */ ICA_EXPORT ICA_EC_KEY* ica_ec_key_new(unsigned int nid, unsigned int *privlen); /** * Initialize an ICA_EC_KEY with given private (D) and/or public key * values (X,Y). D may be NULL, if no private key value shall be * specified. X and Y may both be NULL, if no public key shall be * specified. If X is specified, also Y must be specified, and vice * versa. * * @param X * Pointer to the public X-value that shall be assigned to the * ICA_EC_KEY object. * * @param Y * Pointer to the public Y-value that shall be assigned to the * ICA_EC_KEY object. * * @param D * Pointer to the private D-value that shall be assigned to the * ICA_EC_KEY object. * * @return 0 if success * EPERM if the EC curve is not supported in this environment * EINVAL if at least one invalid parameter is given. */ ICA_EXPORT int ica_ec_key_init(const unsigned char *X, const unsigned char *Y, const unsigned char *D, ICA_EC_KEY *key); /** * Generate private and public values for a given ICA_EC_KEY. * * @param adapter_handle * Pointer to a previously opened device handle. * * @param key * Pointer to a previously allocated ICA_EC_KEY object. * * @return 0 if success * EPERM if the EC curve is not supported in this environment * EINVAL if at least one invalid parameter is given. * ENOMEM if memory could not be allocated. * EIO if an internal processing error occurred. */ ICA_EXPORT int ica_ec_key_generate(ica_adapter_handle_t adapter_handle, ICA_EC_KEY *key); /** * Calculate the Diffie-Hellman shared secret (z-value) of a given * private ICA_EC_KEY A (with given D-value) and a given public * ICA_EC_KEY B (with given X and Y values). * * @param privkey_A * A pointer to a private ICA_EC_KEY object. * * @param pubkey_B * A pointer to a public ICA_EC_KEY object. * * @param z * Pointer to a writable buffer where the shared secret (z) is returned. * * @param z_length * The length in bytes of the z buffer. This length must be greater or * equal to privlen, as returned when creating the ICA_EC_KEY objects. * Both keys are supposed to be based on the same elliptic curve, so * both keys have the same lengths of D, and (X,Y). * * @return 0 if success * EPERM if the EC curve is not supported in this environment * EINVAL if at least one invalid parameter is given. * EIO if an internal processing error occurred. */ ICA_EXPORT int ica_ecdh_derive_secret(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, unsigned char *z, unsigned int z_length); /** * Create an ECDSA signature for the given hash data using the given * private ICA_EC_KEY. * * @param privkey * Pointer to a readable private ICA_EC_KEY object. * * @param hash * Pointer to a readable buffer containing hashed data. * * @param * The length of the hashed data. Supported lengths are * 20, 28, 32, 48, and 64 bytes. * * @param signature * Pointer to a writable buffer where the ECDSA signature is returned. * * @param signature_length * The length of the buffer. It must be greater or equal to 2*privlen * as returned when creating the ICA_EC_KEY object. * * @return 0 if success * EINVAL if at least one invalid parameter is given. * EIO if an internal processing error occurred. */ ICA_EXPORT int ica_ecdsa_sign(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey, const unsigned char *hash, unsigned int hash_length, unsigned char *signature, unsigned int signature_length); /** * Verify a given ECDSA signature with given hash data and public ICA_EC_KEY. * * @param pubkey * Pointer to a readable public ICA_EC_KEY object. * * @param hash * Pointer to a readable buffer containing hashed data. * * @param * The length of the hashed data. Supported lengths are * 20, 28, 32, 48, and 64 bytes. * * @param signature * Pointer to a writable buffer where the ECDSA signature is returned. * * @param signature_length * The length of the buffer. It must be greater or equal to 2*privlen * as returned when creating the ICA_EC_KEY object. * * @return 0 if success * EINVAL if at least one invalid parameter is given. * EIO if an internal processing error occurred. * EFAULT if signature invalid */ ICA_EXPORT int ica_ecdsa_verify(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *pubkey, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature, unsigned int signature_length); /** * provide the public key (X,Y) of the given ICA_EC_KEY. * * @param key * Pointer to a readable ICA_EC_KEY object. * * @param q * Pointer to a writable buffer where (X,Y) is returned. * * @param q_len * Pointer to a unsigned int where the byte length of (X,Y) is returned. * * @return 0 if success * EINVAL if at least one invalid parameter is given. */ ICA_EXPORT int ica_ec_key_get_public_key(const ICA_EC_KEY *key, unsigned char *q, unsigned int *q_len); /** * provide the private key (D) of the given ICA_EC_KEY. * * @param key * Pointer to a readable ICA_EC_KEY object. * * @param q * Pointer to a writable buffer where (D) is returned. * * @param q_len * Pointer to a unsigned int where the byte length of (D) is returned. * * @return 0 if success * EINVAL if at least one invalid parameter is given. */ ICA_EXPORT int ica_ec_key_get_private_key(const ICA_EC_KEY *key, unsigned char *d, unsigned int *d_len); /** * Free an ICA_EC_KEY. * * @param key * Pointer to ICA_EC_KEY. */ ICA_EXPORT void ica_ec_key_free(ICA_EC_KEY *key); typedef struct ica_x25519_ctx ICA_X25519_CTX; typedef struct ica_x448_ctx ICA_X448_CTX; typedef struct ica_ed25519_ctx ICA_ED25519_CTX; typedef struct ica_ed448_ctx ICA_ED448_CTX; /* * Allocate a new context. MSA9 required. * Returns 0 if successful. Otherwise, -1 is returned. */ ICA_EXPORT int ica_x25519_ctx_new(ICA_X25519_CTX **ctx); ICA_EXPORT int ica_x448_ctx_new(ICA_X448_CTX **ctx); ICA_EXPORT int ica_ed25519_ctx_new(ICA_ED25519_CTX **ctx); ICA_EXPORT int ica_ed448_ctx_new(ICA_ED448_CTX **ctx); /* * Copy the private and public key to the context. MSA9 required. * Returns 0 if successful. Otherwise, -1 is returned. */ ICA_EXPORT int ica_x25519_key_set(ICA_X25519_CTX *ctx, const unsigned char priv[32], const unsigned char pub[32]); ICA_EXPORT int ica_x448_key_set(ICA_X448_CTX *ctx, const unsigned char priv[56], const unsigned char pub[56]); ICA_EXPORT int ica_ed25519_key_set(ICA_ED25519_CTX *ctx, const unsigned char priv[32], const unsigned char pub[32]); ICA_EXPORT int ica_ed448_key_set(ICA_ED448_CTX *ctx, const unsigned char priv[57], const unsigned char pub[57]); /* * Copy the private and public key from the context. MSA9 required. * Returns 0 if successful. Otherwise, -1 is returned. */ ICA_EXPORT int ica_x25519_key_get(ICA_X25519_CTX *ctx, unsigned char priv[32], unsigned char pub[32]); ICA_EXPORT int ica_x448_key_get(ICA_X448_CTX *ctx, unsigned char priv[56], unsigned char pub[56]); ICA_EXPORT int ica_ed25519_key_get(ICA_ED25519_CTX *ctx, unsigned char priv[32], unsigned char pub[32]); ICA_EXPORT int ica_ed448_key_get(ICA_ED448_CTX *ctx, unsigned char priv[57], unsigned char pub[57]); /* * Generate a key. MSA9 required. * Returns 0 if successful. Otherwise, -1 is returned. */ ICA_EXPORT int ica_x25519_key_gen(ICA_X25519_CTX *ctx); ICA_EXPORT int ica_x448_key_gen(ICA_X448_CTX *ctx); ICA_EXPORT int ica_ed25519_key_gen(ICA_ED25519_CTX *ctx); ICA_EXPORT int ica_ed448_key_gen(ICA_ED448_CTX *ctx); /* * Derive a shared secret. Requires the context to hold the private key. * MSA9 required. Returns 0 if successful. Otherwise, -1 is returned. */ ICA_EXPORT int ica_x25519_derive(ICA_X25519_CTX *ctx, unsigned char shared_secret[32], const unsigned char peer_pub[32]); ICA_EXPORT int ica_x448_derive(ICA_X448_CTX *ctx, unsigned char shared_secret[56], const unsigned char peer_pub[56]); /* * Sign. Requires the context to hold the private key. MSA9 required. * Returns 0 if successful. Otherwise, -1 is returned. */ ICA_EXPORT int ica_ed25519_sign(ICA_ED25519_CTX *ctx, unsigned char sig[64], const unsigned char *msg, size_t msglen); ICA_EXPORT int ica_ed448_sign(ICA_ED448_CTX *ctx, unsigned char sig[114], const unsigned char *msg, size_t msglen); /* * Verify. Requires the public key. If the context only holds the private key, * the public key is derived. MSA9 required. * Returns 0 if signature is valid. Otherwise, -1 is returned. */ ICA_EXPORT int ica_ed25519_verify(ICA_ED25519_CTX *ctx, const unsigned char sig[64], const unsigned char *msg, size_t msglen); ICA_EXPORT int ica_ed448_verify(ICA_ED448_CTX *ctx, const unsigned char sig[114], const unsigned char *msg, size_t msglen); /* * Delete a context. Its sensitive data is erased. MSA9 required. * Returns 0 if successful. Otherwise, -1 is returned. */ ICA_EXPORT int ica_x25519_ctx_del(ICA_X25519_CTX **ctx); ICA_EXPORT int ica_x448_ctx_del(ICA_X448_CTX **ctx); ICA_EXPORT int ica_ed25519_ctx_del(ICA_ED25519_CTX **ctx); ICA_EXPORT int ica_ed448_ctx_del(ICA_ED448_CTX **ctx); /* * End of ECC API * ******************************************************************************/ /** * Generate RSA keys in modulus/exponent format. * @param adapter_handle * Pointer to a previously opened device handle. * @param modulus_bit_length * Specifies the bit length of the modulus. This value should comply with * length of the keys. * @param public_key * Pointer to where the generated public key is to be placed. If the exponent * element in the public key is not set, it will be randomly generated. A not * well chosen exponent may result in the program looping endlessly. Common * public exponents are 3 and 65537. * @param private_key * Pointer to where the generated private key in modulus/exponent format is to * be placed. Length of both private and public key should be set in bytes. * This value should comply with modulus bit length. Make sure that buffers in * the keys fit to this length. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given. * EPERM if modulus bit length is greater than 4096 (CEX adapter restriction). * EFAULT if OpenSSL key generation should fail. */ ICA_EXPORT unsigned int ica_rsa_key_generate_mod_expo(ica_adapter_handle_t adapter_handle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_mod_expo_t *private_key); /** * Generate RSA keys in CRT format. * @param adapter_handle * Pointer to a previously opened device handle. * @param modulus_bit_length * Specifies the bit length of the modulus. This value should comply with * length of the keys. * @param public_key * Pointer to where the generated public key is to be placed. If the exponent * element in the public key is not set, it will be randomly generated. A not * well chosen exponent may result in the program looping endlessly. Common * public exponents are 3 and 65537. * @param private_key * Pointer to where the generated private key in CRT format is to be placed. * Length of both private and public key should be set in bytes. This value * should comply with modulus bit length. Make sure that buffers in the keys * fit to this length. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given. * EPERM if modulus bit length is greater than 4096 (CEX adapter restriction). * EFAULT if OpenSSL key generation should fail. */ ICA_EXPORT unsigned int ica_rsa_key_generate_crt(ica_adapter_handle_t adapter_handle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_crt_t *private_key); /** * @brief Perform a RSA encryption/decryption operation using a key in * modulus/exponent form. * * Make sure your message is padded before using this function. Otherwise you * will risk security! * @param adapter_handle * Pointer to a previously opened device handle. * @param input_data * Pointer to input data to be encrypted/decrypted and is in big endian format. * Make sure input data is not longer than bit length of the key! Byte length * has to be the same. Thus right justify input data inside the data block. * @param rsa_key * Pointer to the key to be used, in modulus/exponent format. * @param output_data * Pointer to where the output results are to be placed. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given. * EPERM if key bit length is greater than 4096 (CEX adapter restriction). * ENOMEM if memory allocation fails. * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_rsa_mod_expo(ica_adapter_handle_t adapter_handle, const unsigned char *input_data, ica_rsa_key_mod_expo_t *rsa_key, unsigned char *output_data); /** * @brief Perform a RSA encryption/decryption operation using a key in CRT * form. * * Make sure your message is padded before using this function. Otherwise you * will risk security! * @param adapter_handle * Pointer to a previously opened device handle. * @param input_data * Pointer to input data to be encrypted/decrypted and is in big endian format. * Make sure input data is not longer than bit length of the key! Byte length * has to be the same. Thus right justify input data inside the data block. * @param rsa_key * Pointer to the key to be used, in CRT format. * @param output_data * Pointer to where the output results are to be placed. Buffer has to be as * large as the input_data and length of the modulus specified in rsa_key. * * @return 0 if successful. * EINVAL if at least one invalid parameter is given. * EPERM if key bit length is greater than 4096 (CEX adapter restriction). * ENOMEM if memory allocation fails. * EIO if the operation fails. This should never happen. */ ICA_EXPORT unsigned int ica_rsa_crt(ica_adapter_handle_t adapter_handle, const unsigned char *input_data, ica_rsa_key_crt_t *rsa_key, unsigned char *output_data); /* * Check if RSA key credentials in CRT format are presented in * privileged form, respectively prime 'p' > prime 'q'. * * In case of 'p' < 'q', key credentials 'p' and 'q' as well as 'dp' * and 'dq' will be swapped and qInverse will be recalculated. * * @return * 0 if all key credentials are in the correct format. * 1 if the key credentials were re-calculated. * ENOMEM if memory allocation fails. */ ICA_EXPORT unsigned int ica_rsa_crt_key_check(ica_rsa_key_crt_t *rsa_key); /** * Encrypt or decrypt data with an DES key using Electronic Cook Book (ECB) * mode as described in NIST Special Publication 800-38A Chapter 6.1. * * Required HW Support * KM-DEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writeable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be a multiple of the cipher block * size (i.e. a multiple of 8 for DES). * @param key * Pointer to a valid DES key of 8 bytes length. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_ecb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int direction); /** * Encrypt or decrypt data with an DES key using Cipher Block Chaining (CBC) * mode as described in NIST Special Publication 800-38A Chapter 6.2. * * Required HW Support * KMC-DEA * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be a multiple of the cipher block * size (i.e. a multiple of 8 for DES). * @param key * Pointer to a valid DES key of 8 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes. This * vector will be overwritten during the function. The result value in iv may * be used as initialization vector for a chained ica_des_cbc call with the * same key. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_cbc(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction); /** * Encrypt or decrypt data with an DES key using Cipher Block Chaining with * Ciphertext Stealing (CBC-CS) mode as described in NIST Special Publication * 800-38A Chapter 6.2 and the Addendum to NIST Special Publication 800-38A on * Recommendation for Block Cipher Modes of Operation: Three Variants of * Ciphertext Stealing for CBC Moder: * ica_des_cbc_cs may be used to encrypt or decrypt the last chunk of a * message consisting of multiple chunks where all but the last chunk are * encrypted or decrypted by chained calls to ica_des_cbc and the resulting * iv of the last call to ica_des_cbc is fed into the iv of the ica_des_cbc_cs * call provided the chunk is greater than cipher block size (greater than * 8 bytes for DES). * * Required HW Support * KMC-DEA * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer * in bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be greater than or equal to the * cipher block size (i.e. a multiple of 8 bytes for DES). * @param key * Pointer to a valid DES key of 8 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes. * This vector will be overwritten during the function. For variant equals 1 * or variant equals 2 the result value in iv may be used as initialization * vector for a chained ica_des_cbc call with the same key if data_length is * a multiple of the cipher block size. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * @param variant * 1 Use variant CBC-CS1 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: keep last two blocks in order. * 2 Use variant CBC-CS2 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: switch order of the last two blocks * if data_length is not a multiple of the cipher block size (i.e. a * multiple of 8 for DES). * 3 Use variant CBC-CS3 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: always switch order of the last two * blocks. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_cbc_cs(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction, unsigned int variant); /** * Encrypt or decrypt data with an DES key using Cipher Feedback (CFB) mode as * described in NIST Special Publication 800-38A Chapter 6.3. * * Required HW Support * KMF-DEA * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid DES key of 8 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes (8 bytes * for DES). This vector will be overwritten during the function. The result * value in iv may be used as initialization vector for a chained ica_des_cfb * call with the same key if data_length in the preceding call is a multiple of * lcfb. * @param lcfb * Length in bytes of the cipher feedback which is a value greater than or * equal to 1 and less than or equal to the cipher block size (i.e. 8 for DES). * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_cfb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int lcfb, unsigned int direction); /** * Encrypt or decrypt data with an DES key using Counter (CTR) mode as * described in NIST Special Publication 800-38A Chapter 6.5. With the counter * mode each message block of size cipher block size (i.e. 8 bytes for DES) is * combined with a counter value of the same size during encryption and * decryption. Starting with an initial counter value to be combined with the * first message block subsequent counter values to be combined with subsequent * message blocks will be derived from preceding counter values by an increment * function. The increment function used in ica_des_ctr is s an arithmetic * increment without carry on the U least significant bits in the counter * where M is a parameter to ica_des_ctr. * * Required HW Support * KMCTR-DEA * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid DES key of 8 bytes length. * @param ctr * Pointer to a readable and writable buffer of size cipher block size bytes. * ctr contains an initialization value for a counter function and it will be * replaced by a new value. That new value can be used as an initialization * value for a counter function in a chained ica_des_ctr call with the same key * if data_length used in the preceding call is a multiple of the cipher block * size. * @param ctr_width * A number U between 8 and cipher block size in bits. The value is used by the * counter increment function which increments a counter value by incrementing * without carry the least significant U bits of the counter value. The value * must be a multiple of 8. When in FIPS mode, an additional counter overflow * check is performed, so that the given data length, divided by the cipher * block size, is not greater than 2 to the power of U. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_ctr(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *ctr, unsigned int ctr_width, unsigned int direction); /** * Encrypt or decrypt data with an DES key using Counter (CTR) mode as * described in NIST Special Publication 800-38A, Chapter 6.5. With the counter * mode each message block of size cipher block size is combined with a counter * value of the same size during encryption and decryption. The ica_des_ctrlist * function assumes that a list n of precomputed counter values is provided * where n is the smallest integer that is less or equal to the message size * divided by the cipher block size. This function allows to optimally exploit * System z HW support for non-standard counter functions. * * Required HW Support * KMCTR-DEA * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. If data_length is a multiple of the cipher block size * then calls of ica_des_ctrlist with the same key can be chained if ctrlist * argument of the chained call contains a list of counters that follows the * counters used in the first call and data_length used in the preceding call * is a multiple of the cipher block size. * @param key * Pointer to a valid DES key of 8 bytes length. * @param ctrlist * Pointer to a readable buffer of that is both of size greater than or equal * to data_length and a multiple of the cipher block size (i.e. 8 bytes for * DES). ctrlist should contain a list of precomputed counter values of size * cipher block size each. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_ctrlist(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, const unsigned char *ctrlist, unsigned int direction); /** * Encrypt or decrypt data with an DES key using Output Feedback (OFB) mode as * described in NIST Special Publication 800-38A Chapter 6.4. * * Required HW Support * KMO-DEA * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that contains the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid DES key of 8 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes (8 bytes * for DES). This vector will be overwritten during the function. If * data_length is a multiple of the cipher block size (i.e. a multiple of 8 for * DES) the result value in iv may be used as initialization vector for a * chained ica_des_ofb call with the same key. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_ofb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction); /** * Authenticate data or verify the authenticity of data with an DES key using * the Block Cipher Based Message Authetication Code (CMAC) mode as described * in NIST Special Publication 800-38B. ica_des_cmac can be used to * authenticate or verify the authenticity of a complete message. * * Required HW Support * KMAC-DEA * PCC-Compute-Last_block-CMAC-Using-DEA * * @param message * Pointer to a readable buffer of size greater than or equal to message_length * bytes. It contains a message to be authenticated or of which the * authenticity shall be verified. * @param message_length * Length in bytes of the message to be authenticated or verified. * @param mac * Pointer to a buffer of size greater than or equal to mac_length bytes. If * direction is 1 the buffer must be writable and a message authentication code * for the message in message of size mac_length bytes will be written to the * buffer. If direction is 0 the buffer must be readable and contain a message * authentication code that will be verified against the message in message. * @param mac_length * Length in bytes of the message authentication code mac in bytes that is less * than or equal to the cipher block size (i.e. 8 bytes for DES). It is * recommended to use values greater than or equal to 8. * @param key * Pointer to a valid DES key of 8 bytes length. * @param direction * 0 or 1: * 0 Verify message authentication code * 1 Compute message authentication code for the message * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication * code fails. */ ICA_EXPORT unsigned int ica_des_cmac(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int direction); /** * Authenticate data or verify the authenticity of data with an DES key using * the Block Cipher Based Message Authentication Code (CMAC) mode as described * in NIST Special Publication 800-38B. * ica_des_cmc_intermediate and ica_des_cmac_last can be used when the message * to be authenticated or to be verified using CMAC is supplied in multiple * chunks. ica_des_cmac_intermediate is used to process all but the last * chunk. All message chunks to preprocessed by ica_des_cmac_intermediate * must have a size that is a multiple of the cipher block size (i.e a * multiple of 8 bytes for DES). * Note: ica_des_cmac_intermediate has no direction argument it can be used * during an authentication and during authenticity verification. * * Required HW Support * KMAC-DEA * * @param message * Pointer to a readable buffer of size greater than or equal to * message_length bytes. It contains a non final part of a message which * shall be authenticated or of which the authenticity shall be verified. * @param message_length * Length in bytes of the message part in message. It must be a multiple * of the cipher block size. * @param key * Pointer to a valid DES key of 8 bytes length. * @param iv * Pointer to a valid initialization vector of size cipher block size (i.e. * 8 bytes for DES). For the first message part it must be set to a string * of zeros. For processing the n-th message part it must be the resulting iv * value of the ica_des_cmac_intermediate applied to the (n-1)-th message * part. This vector will be overwritten during the function. The result value * in iv may be used as initialization vector for a chained call to * ica_des_cmac_initermediate or to ica_des_cmac_last with the same key. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_des_cmac_intermediate(const unsigned char *message, unsigned long message_length, unsigned char *key, unsigned char *iv); /** * Authenticate data or verify the authenticity of data with an DES key using * the Block Cipher Based Message Authentication Code (CMAC) mode as described * in NIST Special Publication 800-38B. * ica_des_cmac_last can be used to authenticate or verify the authenticity of * a complete message or of the final part of a message for which all * preceding parts were preprocessed with ica_des_cmac_intermediate. * * Required HW Support * KMAC-DEA, * PCC-Compute-Last_block-CMAC-Using-DEA * * @param message * Pointer to a readable buffer of size greater than or equal to message_length * bytes. It contains a message or the final part of a message to be * authenticated or of which the authenticity shall be verified. * @param message_length * Length in bytes of the message to be authenticated or verified. * @param mac * Pointer to a buffer of size greater than or equal to mac_length bytes. * If direction is 1 the buffer must be writable and a message authentication * code for the message in message of size mac_length bytes will be written to * the buffer. * If direction is 0 the buffer must be readable and contain a message * authentication code that will be verified against the message in message. * @param mac_length * Length in bytes of the message authentication code mac in bytes that is less * than or equal to the cipher block size (i.e. 8 bytes for DES). It is * recommended to use values greater than or equal to 8. * @param key * Pointer to a valid DES key of 8 bytes length. * @param iv * Pointer to a valid initialization vector of size cipher block size. If iv is * NULL message is assumed to be the complete message to be processed. * Otherwise message is the final part of a composite message to be processed * and iv contains the output vector resulting from processing all previous * parts with chained calls to ica_aes_cmac_intermediate, i.e. the value * returned in iv of the ica_des_cmac_intermediate call applied to the * penultimate message part. * @param direction * 0 or 1: * 0 Verify message authentication code * 1 Compute message authentication code for the message * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication * code fails. */ ICA_EXPORT unsigned int ica_des_cmac_last(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned char *iv, unsigned int direction); /** * Encrypt or decrypt data with an 3DES key using Electronic Cook Book (ECB) * mode as described in NIST Special Publication 800-38A Chapter 6.1. * * Required HW Support * KM-DEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writeable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be a multiple of the cipher block * size (i.e. a multiple of 8 for 3DES). * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_ecb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int direction); /** * Encrypt or decrypt data with an 3DES key using Cipher Block Chaining (CBC) * mode as described in NIST Special Publication 800-38A Chapter 6.2. * * Required HW Support * KMC-TDEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be a multiple of the cipher block * size (i.e. a multiple of 8 for 3DES). * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes. This * vector will be overwritten during the function. The result value in iv may * be used as initialization vector for a chained ica_3des_cbc call with the * same key. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_cbc(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction); /** * Encrypt or decrypt data with an 3DES key using Cipher Block Chaining with * Ciphertext Stealing (CBC-CS) mode as described in NIST Special Publication * 800-38A Chapter 6.2 and the Addendum to NIST Special Publication 800-38A on * "Recommendation for Block Cipher Modes of Operation: Three Variants of * Ciphertext Stealing for CBC Mode": * ica_3des_cbc_cs may be used to encrypt o decrypt the last chunk of a * message consisting of multiple chunks where all but the last chunk are * encrypted or decrypted by chained calls to ica_3des_cbc and the resulting * iv of the last call to ica_3des_cbc is fed into the iv of the * ica_3des_cbc_cs call provided the chunk is greater than cipher block size * (greater than 8 bytes for 3DES). * * Required HW Support * KMC-TDEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer * in bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be greater than or equal to the * cipher block size (i.e. a multiple of 8 bytes for 3DES). * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes. This * vector will be overwritten during the function. For variant equals 1 or * variant equals 2 the result value in iv may be used as initialization vector * for a chained ica_3des_cbc call with the same key if data_length is a * multiple of the cipher block size. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * @param variant * 1 Use variant CBC-CS1 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: keep last two blocks in order. * 2 Use variant CBC-CS2 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: switch order of the last two blocks * if data_length is not a multiple of the cipher block size (i.e. a * multiple of 8 for DES). * 3 Use variant CBC-CS3 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: always switch order of the last two * blocks. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_cbc_cs(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction, unsigned int variant); /** * Encrypt or decrypt data with an 3DES key using Cipher Feedback (CFB) mode as * described in NIST Special Publication 800-38A Chapter 6.3. * * Required HW Support * KMF-TDEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes (8 bytes * for 3DES). This vector will be overwritten during the function. The result * value in iv may be used as initialization vector for a chained ica_3des_cfb * call with the same key if data_length in the preceding call is a multiple of * lcfb. * @param lcfb * Length in bytes of the cipher feedback which is a value greater than or * equal to 1 and less than or equal to the cipher block size (i.e. 8 for * 3DES). * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_cfb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int lcfb, unsigned int direction); /** * Encrypt or decrypt data with an 3DES key using Counter (CTR) mode as * described in NIST Special Publication 800-38A Chapter 6.5. With the counter * mode each message block of size cipher block size (i.e. 8 bytes for 3DES) is * combined with a counter value of the same size during encryption and * decryption. Starting with an initial counter value to be combined with the * first message block subsequent counter values to be combined with subsequent * message blocks will be derived from preceding counter values by an increment * function. The increment function used in ica_3des_ctr is s an arithmetic * increment without carry on the U least significant bits in the counter * where M is a parameter to ica_3des_ctr. * * Required HW Support * KMCTR-TDEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param ctr * Pointer to a readable and writable buffer of size cipher block size bytes. * ctr contains an initialization value for a counter function and it will be * replaced by a new value. That new value can be used as an initialization * value for a counter function in a chained ica_3des_ctr call with the same * key if data_length used in the preceding call is a multiple of the cipher * block size. * @param ctr_width * A number U between 8 and cipher block size in bits. The value is used by the * counter increment function which increments a counter value by incrementing * without carry the least significant U bits of the counter value. The value * must be a multiple of 8. When in FIPS mode, an additional counter overflow * check is performed, so that the given data length, divided by the cipher * block size, is not greater than 2 to the power of U. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_ctr(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *ctr, unsigned int ctr_width, unsigned int direction); /** * Encrypt or decrypt data with an 3DES key using Counter (CTR) mode as * described in NIST Special Publication 800-38A ,Chapter 6.5. With the counter * mode each message block of size cipher block size is combined with a counter * value of the same size during encryption and decryption. The * ica_3des_ctrlist function assumes that a list n of precomputed counter * values is provided where n is the smallest integer that is less or equal to * the message size divided by the cipher block size. This function allows to * optimally exploit System z HW support for non-standard counter functions. * * Required HW Support * KMCTR-TDEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. If data_length is a multiple of the cipher block size * then calls of ica_3des_ctrlist with the same key can be chained if ctrlist * argument of the chained call contains a list of counters that follows the * counters used in the first call and data_length used in the preceding call * is a multiple of the cipher block size. * @param key * Pointer to an 3DES key of 24 bytes length. * @param ctrlist * Pointer to a readable buffer of that is both of size greater than or equal * to data_length and a multiple of the cipher block size (i.e. 8 bytes for * 3DES). ctrlist should contain a list of precomputed counter values of size * cipher block size each. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_ctrlist(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, const unsigned char *ctrlist, unsigned int direction); /** * Encrypt or decrypt data with an 3DES key using Output Feedback (OFB) mode as * described in NIST Special Publication 800-38A Chapter 6.4. * * Required HW Support * KMO-TDEA-192 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that contains the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param iv * Pointer to a valid initialization vector of cipher block size bytes (8 bytes * for DES). This vector will be overwritten during the function. If * data_length is a multiple of the cipher block size (i.e. a multiple of 8 for * 3DES) the result value in iv may be used as initialization vector for a * chained ica_3DES_ofb call with the same key. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_ofb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction); /** * Authenticate data or verify the authenticity of data with an 3DES key * using the Block Cipher Based Message Authentication Code (CMAC) mode as * described in NIST Special Publication 800-38B. * ica_3des_cmac can be used to authenticate or verify the authenticity of a * complete message. * * Required HW Support * KMAC-TDEA-192 * PCC-Compute-Last_block-CMAC-Using-TDEA-192 * * @param message * Pointer to a readable buffer of size greater than or equal to * message_length bytes. It contains a message to be authenticated or of * which the authenticity shall be verified. * @param message_length * Length in bytes of the message to be authenticated or verified. * @param mac * Pointer to a buffer of size greater than or equal to mac_length bytes. * If direction is 1 the buffer must be writable and a message authentication * code for the message in message of size mac_length bytes will be written to * the buffer. * If direction is 0 the buffer must be readable and contain a message * authentication code that will be verified against the message in message. * @param mac_length * Length in bytes of the message authentication code mac in bytes that is less * than or equal to the cipher block size (i.e. 8 bytes for TDES). It is * recommended to use values greater than or equal to 8. * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param direction * 0 or 1: * 0 Verify message authentication code * 1 Compute message authentication code for the message * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication * code fails. */ ICA_EXPORT unsigned int ica_3des_cmac(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int direction); /** * Authenticate data or verify the authenticity of data with an 3DES key using * the Block Cipher Based Message Authentication Code (CMAC) mode as described * in NIST Special Publication 800-38B. * ica_3des_cmc_intermediate and ica_3des_cmac_last can be used when the * message to be authenticated or to be verified using CMAC is supplied in * multiple chunks. ica_3des_cmac_intermediate is used to process all but the * last chunk. All message chunks to preprocessed by * ica_3des_cmac_intermediate must have a size that is a multiple of the * cipher block size (i.e a multiple of 8 bytes for 3DES). * Note: ica_3des_cmac_intermediate has no direction argument it can be used * during an authentication and during authenticity verification. * * Required HW Support * KMAC-TDEA-192, * * @param message * Pointer to a readable buffer of size greater than or equal to message_length * bytes. It contains a non final part of a message which shall be * authenticated or of which the authenticity shall be verified. * @param message_length * Length in bytes of the message part in message. It must be a multiple of the * cipher block size. * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param iv * Pointer to a valid initialization vector of size cipher block size * (i.e. 8 bytes for 3DES). For the first message part it must be set to a * string of zeros. For processing the n-th message part it must be the * resulting iv value of the ica_3des_cmac_intermediate applied to the * (n-1)-th message part. This vector will be overwritten during the function. * The result value in iv may be used as initialization vector for a chained * call to ica_3des_cmac_initermediate or to ica_3des_cmac_last with the same key. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_3des_cmac_intermediate(const unsigned char *message, unsigned long message_length, unsigned char *key, unsigned char *iv); /** * Authenticate data or verify the authenticity of data with an 3DES key using * the Block Cipher Based Message Authentication Code (CMAC) mode as described * in NIST Special Publication 800-38B. * ica_3des_cmac_last can be used to authenticate or verify the authenticity * of a complete message or of the final part of a message for which all * preceding parts were preprocessed with ica_3des_cmac_intermediate. * * Required HW Support * KMAC-TDEA-192, * PCC-Compute-Last_block-CMAC-Using-TDEA-192 * * @param message * Pointer to a readable buffer of size greater than or equal to message_length * bytes. It contains a message or the final part of a message to be * authenticated or of which the authenticity shall be verified. * @param message_length * Length in bytes of the message to be authenticated or verified. * @param mac * Pointer to a buffer of size greater than or equal to mac_length bytes. * If direction is 1 the buffer must be writable and a message authentication * code for the message in message of size mac_length bytes will be written to * the buffer. * If direction is 0 the buffer must be readable and contain a message * authentication code that will be verified against the message in message. * @param mac_length * Length in bytes of the message authentication code mac in bytes that is * less than or equal to the cipher block size (I.e. 8 bytes for DES). It is * recommended to use values greater than or equal to 8. * @param key * Pointer to a valid 3DES key of 24 bytes length. * @param iv * Pointer to a valid initialization vector of size cipher block size. If iv * is NULL message is assumed to be the complete message to be processed. * Otherwise message is the final part of a composite message to be processed * and iv contains the output vector resulting from processing all previous * parts with chained calls to ica_3des_cmac_intermediate, i.e. the value * returned in iv of the ica_3des_cmac_intermediate call applied to the * penultimate message part. * @param direction * 0 or 1: * 0 Verify message authentication code * 1 Compute message authentication code for the message * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication * code fails. */ ICA_EXPORT unsigned int ica_3des_cmac_last(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned char *iv, unsigned int direction); /** * Encrypt or decrypt data with an AES key using Electronic Cook Book (ECB) * mode as described in NIST Special Publication 800-38A Chapter 6.1. * * Required HW Support * KM-AES-128, KM-AES-192 or KM-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be a multiple of the cipher block * size (i.e. a multiple of 16 for AES). * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_ecb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned int direction); /** * Encrypt or decrypt data with an AES key using Cipher Block Chaining (CBC) * mode as described in NIST Special Publication 800-38A Chapter 6.2. * * Required HW Support * KMC-AES-128, KMC-AES-192 or KMC-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be a multiple of the cipher block * size (i.e. a multiple of 16 for AES). * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param iv * Pointer to a valid initialization vector of size cipher block size. This * vector will be overwritten during the function. The result value in iv may * be used as initialization vector for a chained ica_aes_cbc call with the * same key. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_cbc(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction); /** * Encrypt or decrypt data with an AES key using Cipher Block Chaining with * Ciphertext Stealing (CBC-CS) mode as described in NIST Special Publication * 800-38A Chapter 6.2 and the Addendum to NIST Special Publication 800-38A on * "Recommendation for Block Cipher Modes of Operation: Three Variants of * Ciphertext Stealing for CBC Mode": * ica_aes_cbc_cs may be used to encrypt or decrypt the last chunk of a * message consisting of multiple chunks where all but the last chunk are * encrypted or decrypted by chained calls to ica_aes_cbc and the resulting * iv of the last call to ica_aes_cbc is fed into the iv of the * ica_aes_cbc_cs call provided the chunk is greater than cipher block size * (greater than 16 bytes for AES). * * Required HW Support * KMC-AES-128, KMC-AES-192 or KMC-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer * in bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. data_length must be greater than or equal to the * cipher block size (i.e. a multiple of 16 bytes for AES). * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: * AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param iv * Pointer to a valid initialization vector of cipher block size bytes. This * vector will be overwritten during the function. For variant equals 1 or * variant equals 2 the result value in iv may be used as initialization vector * for a chained ica_aes_cbc call with the same key if data_length is a * multiple of the cipher block size. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * @param variant * 1 Use variant CBC-CS1 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: keep last two blocks in order. * 2 Use variant CBC-CS2 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: switch order of the last two blocks * if data_length is not a multiple of the cipher block size (i.e. a * multiple of 8 for DES). * 3 Use variant CBC-CS3 of the Addendum to NIST Special Publication 800-38A * to encrypt or decrypt the message: always switch order of the last two * blocks. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_cbc_cs(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction, unsigned int variant); /** * Encrypt or decrypt data with an AES key using Cipher Feedback (CFB) mode as * described in NIST Special Publication 800-38A Chapter 6.3. * * Required HW Support * KMF-AES-128, KMF-AES-192 or KMF-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param iv * Pointer to a valid initialization vector of cipher block size bytes (16 * bytes for AES). This vector will be overwritten during the function. The * result value in iv may be used as initialization vector for a chained * ica_aes_cfb call with the same key if data_length in the preceding call is a * multiple of lcfb. * @param lcfb * Length in bytes of the cipher feedback which is a value greater than or * equal to 1 and less than or equal to the cipher block size (i.e. 16 for * AES). * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_cfb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int lcfb, unsigned int direction); /** * Encrypt or decrypt data with an AES key using Counter (CTR) mode as * described in NIST Special Publication 800-38A Chapter 6.5. With the counter * mode each message block of size cipher block size (i.e. 16 bytes for AES) is * combined with a counter value of the same size during encryption and * decryption. Starting with an initial counter value to be combined with the * first message block subsequent counter values to be combined with subsequent * message blocks will be derived from preceding counter values by an increment * function. The increment function used in ica_aes_ctr is s an arithmetic * increment without carry on the U least significant bits in the counter * where M is a parameter to ica_aes_ctr. * * Required HW Support * KMCTR-AES-128, KMCTR-AES-192 or KMCTR-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param ctr * Pointer to a readable and writable buffer of size cipher block size bytes. * ctr contains an initialization value for a counter function and it will be * replaced by a new value. That new value can be used as an initialization * value for a counter function in a chained ica_aes_ctr call with the same key * if data_length used in the preceding call is a multiple of the cipher block * size. * @param ctr_width * A number U between 8 and cipher block size in bits. The value is used by the * counter increment function which increments a counter value by incrementing * without carry the least significant U bits of the counter value. The value * must be a multiple of 8. When in FIPS mode, an additional counter overflow * check is performed, so that the given data length, divided by the cipher * block size, is not greater than 2 to the power of U. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_ctr(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *ctr, unsigned int ctr_width, unsigned int direction); /** * Encrypt or decrypt data with an AES key using Counter (CTR) mode as * described in NIST Special Publication 800-38A ,Chapter 6.5. With the counter * mode each message block of size cipher block size is combined with a counter * value of the same size during encryption and decryption. The ica_aes_ctrlist * function assumes that a list n of precomputed counter values is provided * where n is the smallest integer that is less or equal to the message size * divided by the cipher block size. This function allows to optimally exploit * System z HW support for non-standard counter functions. * * Required HW Support * KMCTR-AES-128, KMCTR-AES-192 or KMCTR-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. If data_length is a multiple of the cipher block size * then calls of ica_aes_ctrlist with the same key can be chained if ctrlist * argument of the chained call contains a list of counters that follows the * counters used in the first call and data_length used in the preceding call * is a multiple of the cipher block size. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param ctrlist * Pointer to a readable buffer of that is both of size greater than or equal * to data_length and a multiple of the cipher block size (i.e. 16 bytes for * AES). ctrlist should contain a list of precomputed counter values of size * cipher block size each. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_ctrlist(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, const unsigned char *ctrlist, unsigned int direction); /** * Encrypt or decrypt data with an AES key using Output Feedback (OFB) mode as * described in NIST Special Publication 800-38A Chapter 6.4. * * Required HW Support * KMO-AES-128, KMO-AES-192 or KMO-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that contains the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param iv * Pointer to a valid 16 byte initialization vector. This vector will be * overwritten during the function. If data_length is a multiple of the cipher * block size (i.e. a multiple of 16 for AES) the result value in iv may be * used as initialization vector for a chained ica_aes_ofb call with the same * key. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_ofb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction); /** * Authenticate data or verify the authenticity of data with an AES key using * the Block Cipher Based Message Authentication Code (CMAC) mode as described * in NIST Special Publication 800-38B. ica_aes_cmac can be used to * authenticate or verify the authenticity of a complete message. * * Required HW Support * KMAC-AES-128, KMAC-AES-192 or KMAC-AES-256 * PCC-Compute-Last_block-CMAC-Using-AES-128, * PCC-Compute-Last_block-CMAC-Using-AES-192 or * PCC-Compute-Last_block-CMAC-Using-AES-256 * * @param message * Pointer to a readable buffer of size greater than or equal to message_length * bytes. It contains a message to be authenticated or of which the * authenticity shall be verified. * @param message_length * Length in bytes of the message to be authenticated or verified. * @param mac * Pointer to a buffer of size greater than or equal to mac_length bytes. If * direction is 1 the buffer must be writable and a message authentication code * for the message in message of size mac_length bytes will be written to the * buffer. If direction is 0 the buffer must be readable and contain a message * authentication code that will be verified against the message in message * @param mac_length * Length in bytes of the message authentication code mac in bytes that is less * than or equal to the cipher block size (I.e. 16 bytes for AES). It is * recommended to use values greater than or equal to 8. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param direction * 0 or 1: * 0 Verify message authentication code * 1 Compute message authentication code for the message * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication code fails. */ ICA_EXPORT unsigned int ica_aes_cmac(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int key_length, unsigned int direction); /** * Authenticate data or verify the authenticity of data with an AES key using * the Block Cipher Based Message Authentication Code (CMAC) mode as described * in NIST Special Publication 800-38B. * ica_aes_cmc_intermediate and ica_aes_cmac_last can be used when the message * to be authenticated or to be verified using CMAC is supplied in multiple * chunks. ica_aes_cmac_intermediate is used to process all but the last * chunk. All message chunks to preprocessed by ica_aes_cmac_intermediate * must have a size that is a multiple of the cipher block size (i.e. a * multiple of 16 bytes for AES). * Note: ica_aes_cmac_intermediate has no direction argument it can be used * during an authentication and during authenticity verification. * * Required HW Support * KMAC-AES-128, KMAC-AES-192 or KMAC-AES-256 * * @param message * Pointer to a readable buffer of size greater than or equal to message_length * bytes. It contains a non final part of a message which shall be * authenticated or of which the authenticity shall be verified. * @param message_length * Length in bytes of the message part in message. It must be a multiple of * the cipher block size. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param iv * Pointer to a valid initialization vector of size cipher block size (i.e. * 16 bytes for AES). For the first message part it must be set to a string * of zeros. For processing the n-th message part it must be the resulting iv * value of the ica_aes_cmac_intermediate applied to the (n-1)-th message * part. This vector will be overwritten during the function. * The result value in iv may be used as initialization vector for a chained * call to ica_aes_cmac_initermediate or to ica_aes_cmac_last with the * same key. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_cmac_intermediate(const unsigned char *message, unsigned long message_length, unsigned char *key, unsigned int key_length, unsigned char *iv); /** * Authenticate data or verify the authenticity of data with an AES key using * the Block Cipher Based Message Authentication Code (CMAC) mode as * described in NIST Special Publication 800-38B. * ica_aes_cmac_last can be used to authenticate or verify the authenticity of * a complete message or of the final part of a message for which all * preceding parts were preprocessed with ica_aes_cmac_intermediate. * * Required HW Support * KMAC-AES-128, KMAC-AES-192 or KMAC-AES-256 * PCC-Compute-Last_block-CMAC-Using-AES-128, * PCC-Compute-Last_block-CMAC-Using-AES-192 or * PCC-Compute-Last_block-CMAC-Using-AES-256. * * @param message * Pointer to a readable buffer of size greater than or equal to message_length * bytes. It contains a message or the final part of a message to be * authenticated or of which the authenticity shall be verified. * @param message_length * Length in bytes of the message to be authenticated or verified. * @param mac * Pointer to a buffer of size greater than or equal to mac_length bytes. * If direction is 1 the buffer must be writable and a message authentication * code for the message in message of size mac_length bytes will be written to * the buffer. * If direction is 0 the buffer must be readable and contain a message * authentication code that will be verified against the message in message. * @param mac_length * Length in bytes of the message authentication code mac in bytes that is less * than or equal to the cipher block size (I.e. 16 bytes for AES). It is * recommended to use values greater than or equal to 8. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param iv * Pointer to a valid initialization vector of size cipher block size. If iv * is NULL message is assumed to be the complete message to be processed. * Otherwise message is the final part of a composite message to be processed * and iv contains the output vector resulting from processing all previous * parts with chained calls to ica_aes_cmac_intermediate, i.e. the value * returned in iv of the ica_aes_cmac_intermediate call applied to the * penultimate message part. * @param direction * 0 or 1: * 0 Verify message authentication code * 1 Compute message authentication code for the message * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication * code fails. */ ICA_EXPORT unsigned int ica_aes_cmac_last(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction); /** * Encrypt or decrypt data with an AES key using the XEX Tweakable Bloc Cipher * with Ciphertext Stealing (XTS) mode as described in NIST Special Publication * 800-38E and IEEE standard 1619-2007. * * Required HW Support * KM-XTS-AES-128 or KM-XTS-AES-256 * PCC-Compute-XTS-Parameter-Using-AES-128 or * PCC-Compute-XTS-Parameter-Using-AES-256 * * @param in_data * Pointer to a readable buffer, that contains the message to be en/decrypted. * The size of the message in bytes is data_length. The size of this buffer in * bytes must be at least as big as data_length. * @param out_data * Pointer to a writable buffer, that will contain the resulting en/decrypted * message. The size of this buffer in bytes must be at least as big as * data_length. * @param data_length * Length in bytes of the message to be en/decrypted, which resides at the * beginning of in_data. The minimal value of data_length is cipher block size * (i.e. a multiple of 16 for AES). * @param key1 * Pointer to a buffer containing a valid AES key. key1 is used for the actual * encryption of the message buffer combined some vector computed from the * tweek value (Key1 in IEEE Std 1619-2007). * @param key2 * Pointer to a buffer containing a valid AES key key2 is used to encrypt the * tweak (Key2 in IEEE Std 1619-2007). * @param key_length * The length in bytes of the AES key. For XTS supported AES key sizes are 16 * and 32 for AES-128 and AES-256 respectively. * @param tweak * Pointer to a valid 16 byte tweak value (as in IEEE Std 1619-2007). This * tweak will be overwritten during the function. If data_length is a multiple * of the cipher block size the result value in tweak may be used as tweak * value for a chained ica_aes_xts call with the same key pair. * @param direction * 0 or 1: * 0 Use the decrypt function. * 1 Use the encrypt function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT unsigned int ica_aes_xts(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key1, unsigned char *key2, unsigned int key_length, unsigned char *tweak, unsigned int direction); /** * Encrypt and authenticate or decrypt data and check authenticity of data with * an AES key using Counter with Cipher Block Chaining Message Authentication * Code (CCM) mode as described in NIST Special Publication 800-38C. * Formatting and counter functions are implemented according to * NIST 800-38C Appendix A. * * Required HW Support * KMCTR-AES-128, KMCTR-AES-192 or KMCTR-AES-256 * KMAC-AES-128, KMAC-AES-192 or KMAC-AES-256 * * @param payload * Pointer to a buffer of size greater than or equal to payload_length bytes. * If direction equals 1 the payload buffer must be readable and contain a * payload message of size payload_length that will be encrypted. * If direction equals 0 the payload buffer must be writable. If the * authentication verification succeeds the decrypted message in the most * significant payload_length bytes of ciphertext_n_mac will be written to * the buffer otherwise the contents of the buffer will be undefined. * @param payload_length * Length in bytes of the message to be en/decrypted, it may be 0 unless * assoc_data_length is 0. * @param ciphertext_n_mac * Pointer to a buffer of size greater than or equal to payload_length plus * mac_length bytes. * If direction equals 1 then the buffer must be writable and the encrypted * message from payload followed by the message authentication code for the * nonce, the payload and associated data will be written to that buffer. * If direction equals 0 then the buffer is readable and contains an encrypted * message of length payload_length followed by a message authentication code * of length mac_length. * @param mac_length * Length in bytes of the message authentication code in bytes. * Valid values are 4, 6, 8, 10, 12, 16. * @param assoc_data * Pointer to a readable buffer of size greater than or equal to * assoc_data_length bytes. The associated data in the most significant * assoc_data_lenght bytes is subject to the authentication code computation * but will not be encrypted. * @param assoc_data_length * Length of the associated data in assoc_data. It may be 0 unless * payload_length is 0. * @param nonce * Pointer to readable buffer of size greater than or equal to nonce_length * bytes that contains a nonce of size nonce_length bytes. * @param nonce_length * Length of the nonce in nonce in bytes. Valid values a greater than 6 and * less than 14. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param direction * 0 or 1: * 0 Verify message authentication code and decrypt encrypted payload. * 1 Encrypt payload and compute message authentication code for the nonce, * the associated data and the payload. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication * code fails. */ ICA_EXPORT unsigned int ica_aes_ccm(unsigned char *payload, unsigned long payload_length, unsigned char *ciphertext_n_mac, unsigned int mac_length, const unsigned char *assoc_data, unsigned long assoc_data_length, const unsigned char *nonce, unsigned int nonce_length, unsigned char *key, unsigned int key_length, unsigned int direction); /** * This parameter description applies to: * ica_aes_gcm(), ica_aes_gcm_initialize(), * ica_aes_gcm_intermediate() and ica_aes_gcm_last() * * Encrypt and authenticate or decrypt data and check authenticity data with * an AES key using the Galois/Counter (GCM) mode as described in NIST Special * Publication 800-38D. * If no message needs to be encrypted or decrypted and only authentication or * authentication checks are requested then this method implements the GMAC * mode. * * Required HW Support * KM-AES-128, KM-AES-192 or KM-AES-256 * KIMD-GHASH * KMCTR-AES-128, KMCTR_AES-192 or KMCTR-AES-256 * * @param plaintext * Pointer to a buffer of size greater than or equal to plaintext_length bytes. * If direction equals 1 the plaintext buffer must be readable and contain a * payload message of size plaintext_length that will be encrypted. * If direction equals 0 the plaintext buffer must be writable. If the * authentication verification succeeds the decrypted message in the most * significant plaintext_length bytes of ciphertext will be written to the * buffer otherwise the contents of the buffer will be undefined. * @param plaintext_length * Length in bytes of the message to be en/decrypted. It must be equal or * greater than 0 and less than (2^36)-32. * In case of intermediate operations the length must not be multiple of * blocksize. Padding will be done automatically. Be aware that this is only * useful when this is the last block. * @param ciphertext * Pointer to a buffer of size greater than or equal to plaintext_length * bytes. * If direction equals 1 then the buffer must be writable and the encrypted * message from plaintext will be written to that buffer. * If direction equals 0 then the buffer is readable and contains an encrypted * message of length plaintext_length. * @param iv * Pointer to a readable buffer of size greater than or equal to iv_length * bytes, that contains an initialization vector of size iv_length. * @param iv_length * Length in bytes of the initialization vector in iv. It must be greater * than 0 and less than 2^61. A length of 12 is recommended. * @param aad * Pointer to a readable buffer of size greater than or equal to aad_length * bytes. The additional authenticated data in the most significant aad_length * bytes is subject to the authentication code computation but will not be * encrypted. * @param aad_length * Length in bytes of the additional authenticated data in aad. It must be * equal or greater than 0 and less than 2^61. * In case of ica_aes_gcm_last(), 'aad_length' contains the overall * length of authentication data, cumulated over all intermediate operations. * @param tag * Pointer to a buffer of size greater than or equal to tag_length bytes. * If direction is 1 the buffer must be writable and a message authentication * code for the additional authenticated data in aad and the plain text in * plaintext of size tag_length bytes will be written to the buffer. * If direction is 0 the buffer must be readable and contain a message * authentication code that will be verified against the additional * authenticated data in aad and decrypted cipher text from ciphertext. * In case of intermediate operations, ica_aes_gcm_intermediate() or * ica_aes_gcm_last(), 'tag' contains the temporary hash/tag value. * @param tag_length * Length in bytes of the message authentication code tag in bytes. * Valid values are 4, 8, 12, 13, 14, 15, 16. * @param key * Pointer to a valid AES key. * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * @param icb * initial counter block - Pointer to a writable buffer that will be created * during ica_aes_gcm_initialize() and will be used in ica_aes_gcm_last() for * the final tag computation. * The length of this counter block is AES_BLOCK_SIZE (16 bytes). * @param ucb * usage counter block - Pointer to a writable buffer that will be created * during ica_aes_gcm_initialize() and will be updated (increased) during the * intermediate update operations. * The length of this counter block is AES_BLOCK_SIZE (16 bytes). * @param subkey * Pointer to a writable buffer, generated in ica_aes_gcm_initialize() and used in * ica_aes_gcm_intermediate() and ica_aes_gcm_last(). * The length of this buffer is AES_BLOCK_SIZE (16 bytes). * @param ciph_length * Length in bytes of the overall ciphertext, cumulated over all intermediate * operations. * @param final_tag * Pointer to a readable buffer of size greater than or equal to * final_tag_length bytes. If direction is 1 the buffer is not used. * If direction is 0 this message authentication code (tag) will be verified * with the computed message authentication code computed over the intermediate * update operations. * @param final_tag_length * Length in bytes of the final message authentication code (tag). * @param direction * 0 or 1: * 0 Verify message authentication code and decrypt encrypted payload. * 1 Encrypt payload and compute message authentication code for the additional * authenticated data and the payload. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. * EFAULT if direction is 0 and the verification of the message authentication * code fails. */ ICA_EXPORT unsigned int ica_aes_gcm(unsigned char *plaintext, unsigned long plaintext_length, unsigned char *ciphertext, const unsigned char *iv, unsigned int iv_length, const unsigned char *aad, unsigned long aad_length, unsigned char *tag, unsigned int tag_length, unsigned char *key, unsigned int key_length, unsigned int direction); ICA_EXPORT unsigned int ica_aes_gcm_initialize(const unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *icb, unsigned char *ucb, unsigned char *subkey, unsigned int direction); ICA_EXPORT unsigned int ica_aes_gcm_intermediate(unsigned char *plaintext, unsigned long plaintext_length, unsigned char *ciphertext, unsigned char *ucb, unsigned char *aad, unsigned long aad_length, unsigned char *tag, unsigned int tag_length, unsigned char *key, unsigned int key_length, unsigned char *subkey, unsigned int direction); ICA_EXPORT unsigned int ica_aes_gcm_last(unsigned char *icb, unsigned long aad_length, unsigned long ciph_length, unsigned char *tag, unsigned char *final_tag, unsigned int final_tag_length, unsigned char *key, unsigned int key_length, unsigned char *subkey, unsigned int direction); /******************************************************************************* * * New gcm API based on KMA. */ typedef struct kma_ctx_t kma_ctx; /** * Allocate a gcm context. This context is used by ica_aes_gcm_kma_init(), * ica_aes_gcm_kma_update(), ica_aes_gcm_kma_get_tag(), and * ica_aes_gcm_kma_verify_tag(). It must be freed by * ica_aes_gcm_kma_ctx_free() when no longer needed. * * @return Pointer to opaque kma_ctx structure if success. * NULL if no memory could be allocated. */ ICA_EXPORT kma_ctx* ica_aes_gcm_kma_ctx_new(); /** * Initialize the GCM context. * * @param direction * 0 or 1: * 0 when initialized for decryption. * 1 when initialized for encryption. * * @param iv * Pointer to a readable buffer of size greater than or equal to iv_length * bytes, that contains an initialization vector of size iv_length. * * @param iv_length * Length in bytes of the initialization vector in iv. It must be greater * than 0 and less than 2^61. A length of 12 is recommended. * * @param key * Pointer to a valid AES key. * * @param key_length * Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for * AES-128, AES-192 and AES-256 respectively. Therefore, you can use the * macros: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256. * * @param ctx * Pointer to a previously allocated gcm context. This buffer is internally used * as a working area by all other ica_aes_gcm_kma API functions and must not be * changed by the application. The ctx must be established by calling ica_aes_gcm_ctx_new() * before any call to any other ica_aes_gcm_kma function, and must be freed by calling * ica_aes_gcm_ctx_free() after the last call to any ica_aes_gcm_kma function. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT int ica_aes_gcm_kma_init(unsigned int direction, const unsigned char *iv, unsigned int iv_length, const unsigned char *key, unsigned int key_length, kma_ctx* ctx); /** * Perform encryption or decryption with authentication, depending on the * direction specified in ica_aes_gcm_kma_init(). * * @param in_data * Pointer to a readable buffer of size greater than or equal to data_length bytes. * If direction equals 1 the in_data must contain a payload message of size * data_length that will be encrypted and authenticated. * If direction equals 0 the in_data buffer must contain an encrypted message * that will be decrypted and verified. * * @param out_data * Pointer to a writable buffer of size greater than or equal to data_length bytes. * If direction equals 1 then the encrypted message from in_data will be written to * that buffer. * If direction equals 0 then the decrypted message from in_data will be written to * that buffer. * * @param data_length * Length in bytes of the message to be en/decrypted. It must be equal or * greater than 0 and less than (2^36)-32. * * @param aad * Pointer to a readable buffer of size greater than or equal to aad_length * bytes. The additional authenticated data in the most significant aad_length * bytes is subject to the authentication code computation but will not be * encrypted. * * @param aad_length * Length in bytes of the additional authenticated data in aad. It must be * equal or greater than 0 and less than 2^61. * In case of ica_aes_gcm_last(), 'aad_length' contains the overall * length of authentication data, cumulated over all intermediate operations. * * @param end_of_aad * 0 or 1: * 0 The application indicates that the current aad is not the last aad chunk. In * this case, the aad_length must be a multiple of the AES block size (16 bytes). * 1 The application indicates that the current aad is a single or last aad chunk, * or the last aad chunk has been provided in an earlier call to ica_aes_gcm_kma. * In this case, aad_length can have any non-negative value. * When both, end_of_aad and end_of_data are specified, the process ends. * * @param end_of_data * 0 or 1: * 0 The application indicates that the current in_data is not the last in_data chunk. * In this case, the data_length must be a multiple of the AES block size (16 bytes). * 1 The application indicates that the current in_data is a single or last in_data * chunk. In this case, aad_length can have any non-negative value. When both, end_of_aad * and end_of_data are specified, the process ends. * * @param ctx * Pointer to gcm context. * * @return 0 on success * EINVAL if at least one invalid parameter is given. * EPERM if required hardware support is not available. * EIO if the operation fails. */ ICA_EXPORT int ica_aes_gcm_kma_update(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *aad, unsigned long aad_length, unsigned int end_of_aad, unsigned int end_of_data, kma_ctx* ctx); /** * Obtain the calculated authentication tag after an encryption process. * * @param tag * Pointer to a writable buffer to return the calculated authentication tag. * * @param tag_length * Length in bytes of the message authentication code tag. Valid tag lengths * are 4, 8, 12, 13, 14, 15, and 16. * * @param ctx * Pointer to gcm context. * * @return 0 on success * EINVAL if at least one invalid parameter is given * EFAULT if direction is 0. */ ICA_EXPORT int ica_aes_gcm_kma_get_tag(unsigned char *tag, unsigned int tag_length, const kma_ctx* ctx); /** * Verify if the specified known authentication tag is identical to the * calculated tag after a decryption process. * * @param known_tag * Pointer to a readable buffer containing a known authentication tag. * * @param tag_length * Length in bytes of the message authentication code tag. Valid tag lengths * are 4, 8, 12, 13, 14, 15, and 16. * * @param ctx * Pointer to gcm context. * * @return 0 on success * EINVAL if at least one invalid parameter is given or direction is 1. * EFAULT if the verification of the message authentication code fails. */ ICA_EXPORT int ica_aes_gcm_kma_verify_tag(const unsigned char* known_tag, unsigned int tag_length, const kma_ctx* ctx); /** * Free gcm context. * * @param ctx * Pointer to gcm context. */ ICA_EXPORT void ica_aes_gcm_kma_ctx_free(kma_ctx* ctx); /** * * End of new gcm API based on KMA. * ******************************************************************************/ /** * Return libica version information. * @param version_info * Pointer to a libica_version_info structure. The structure will be * filled with the current libica version information. * * @return 0 if version could be determined successfully * EIO if version could not be determined * EINVAL if parameter version_info is NULL */ ICA_EXPORT unsigned int ica_get_version(libica_version_info *version_info); /** * Function that returns a list of crypto mechanisms supported by libica. * @param pmech_list * Pointer to an array of libica_func_list_element * If NULL, the API will return the number of elements to allocate * in the @mech_list_len parameter. * If not NULL, libica will assume @mech_list is an array that has * @num elements. * On success, @mech_list will be filled out with the supported libica * crypto mechanisms. * @param pmech_list_len * number of list entries * On input, pointer to the number of elements allocated in the * @mech_list array. * On output, @mech_list_len will contain the number of items copied to * the @mech_list array, or the number of items libica would have returned * in case the @mech_list parameter is set to NULL. * @return * 0 on success * EINVAL if at least one invalid parameter is given * * A typical usage scenario would be that an exploiter makes a first call to * ica_get_functionlist() with @mech_list set to NULL in order to determine * the number of elements to allocate. This is followed by a second call to * ica_get_functionlist() with a valid pointer @list to an array of * libica_func_list_element structures with @mech_list_len elements. */ ICA_EXPORT unsigned int ica_get_functionlist(libica_func_list_element *pmech_list, unsigned int *pmech_list_len); static inline unsigned int des_directed_fc(int direction) { if (direction) return DEA_ENCRYPT; return DEA_DECRYPT; } static inline unsigned int tdes_directed_fc(int direction) { if (direction) return TDEA_192_ENCRYPT; return TDEA_192_DECRYPT; } static inline unsigned int aes_directed_fc(unsigned int key_length, int direction) { switch (key_length) { case AES_KEY_LEN128: return (direction == ICA_DECRYPT) ? AES_128_DECRYPT : AES_128_ENCRYPT; case AES_KEY_LEN192: return (direction == ICA_DECRYPT) ? AES_192_DECRYPT : AES_192_ENCRYPT; case AES_KEY_LEN256: return (direction == ICA_DECRYPT) ? AES_256_DECRYPT : AES_256_ENCRYPT; } return 0; } /* * ica_drbg: libica's Deterministic Random Bit Generator * (conforming to NIST SP 800-90A) * * Table of currently supported DRBG mechanisms: * * DRBG mechanism supported security max. byte length * strengths (bits) of pers / add * ------------------------------------------------------------- * DRBG_SHA512 112, 128, 196, 256 256 / 256 * * An ica_drbg_t object holds the internal state of a DRBG instantiation. A * DRBG instantiation is identified by an associated ica_drbg_t * pointer * (state handle). * State handles that do not identify any DRBG instantiation SHALL be NULL * (invalid). Therefore a new state handle SHALL be initialized to NULL. * * If a catastrophic error (<0) is detected, all existing DRBG instantiations * of the corresponding mechanism are in error state making uninstantiation * their only permitted operation. Creation of new DRBG instantiations of * this mechanism are not permitted. */ ICA_EXPORT extern ica_drbg_mech_t *const ICA_DRBG_SHA512; /* * Instantiate function * (create a new DRBG instantiation) * * @sh: State Handle pointer. The (invalid) state handle is set to identify the * new DRBG instantiation and thus becomes valid. * @sec: requested instantiation SECurity strength (bits). The new DRBG * instantiation's security strength is set to the lowest security strength * supported by it's DRBG mechanism (see table) that is greater than or equal * to @sec. * @pr: Prediction Resistance flag. Indicates whether or not prediction * resistance may be required by the consuming application during one or more * requests for pseudorandom bytes. * @mech: MECHanism. The new DRBG instantiation is of this mechanism type. * @pers: PERSonalization string. An optional input that provides * personalization information. The personalisation string SHALL be unique for * all instantiations of the same mechanism type. NULL indicates that no * personalization string is used (not recommended). * @pers_len: Byte length of @pers. * * @return: * 0 Success. * ENOMEM Out of memory. * EINVAL At least one argument is invalid. * ENOTSUP Prediction resistance or the requested security * strength is not supported. * EPERM Failed to obtain a valid timestamp from clock. * ICA_DRBG_HEALTH_TEST_FAIL Health test failed. * ICA_DRBG_ENTROPY_SOURCE_FAIL Entropy source failed. */ ICA_EXPORT int ica_drbg_instantiate(ica_drbg_t **sh, int sec, bool pr, ica_drbg_mech_t *mech, const unsigned char *pers, size_t pers_len); /* * Reseed function * (reseed a DRBG instantiation) * * @sh: State Handle. Identifies the DRBG instantiation to be reseeded. * @pr: Prediction Resistance request. Indicates whether or not prediction * resistance is required. * @add: ADDitional input: An optional input. NULL indicates that no additional * input is used. * @add_len: Byte length of @add. * * @return: * 0 Success. * ENOMEM Out of memory. * EINVAL At least one argument is invalid. * ENOTSUP Prediction resistance is not supported. * ICA_DRBG_HEALTH_TEST_FAIL Health test failed. * ICA_DRBG_ENTROPY_SOURCE_FAIL Entropy source failed. */ ICA_EXPORT int ica_drbg_reseed(ica_drbg_t *sh, bool pr, const unsigned char *add, size_t add_len); /* * Generate function * (request pseudorandom bytes from a DRBG instantiation) * * @sh: State Handle. Identifies the DRBG instantiation from which pseudorandom * bytes are requested. * @sec: requested SECurity strength: Minimum bits of security that the * generated pseudorandom bytes SHALL offer. * @pr: Prediction Resistance request. Indicates whether or not prediction * resistance is required. * @add: ADDitional input. An optional input. NULL indicates that no additional input * is used. * @add_len: Byte length of @add. * @prnd: PseudoRaNDom bytes. * @prnd_len: Byte length of @prnd. Requested number of pseudorandom bytes. * * @return: * 0 Success. * ENOMEM Out of memory. * EINVAL At least one argument is invalid. * ENOTSUP Prediction resistance or the requested security * strength is not supported. * EPERM Reseed required. * ICA_DRBG_HEALTH_TEST_FAIL Health test failed. * ICA_DRBG_ENTROPY_SOURCE_FAIL Entropy source failed. */ ICA_EXPORT int ica_drbg_generate(ica_drbg_t *sh, int sec, bool pr, const unsigned char *add, size_t add_len, unsigned char *prnd, size_t prnd_len); /* * Uninstantiate function * (destroy an existing DRBG instantiation) * * @sh: State Handle pointer. The corresponding DRBG instantiation is destroyed * and the state handle is set to NULL (invalid). * * @return: * 0 Success. * EINVAL At least one argument is invalid. */ ICA_EXPORT int ica_drbg_uninstantiate(ica_drbg_t **sh); /* * Health test function * (run health test for a DRBG mechanism function) * * @func: FUNCtion. Pointer indicating which function should be tested. Options * are "ica_drbg_instantiate", "ica_drbg_reseed" and "ica_drbg_generate". The * uninstantiate function is tested whenever other functions are tested. * @sec: SECurity strength. Argument for the call to @func. * @pr: PRediction resistance. Argument for the call to @func. * @mech: MECHanism. The mechanism to be tested. * * @return: * 0 Success. * EINVAL At least one argument is invalid. * ENOTSUP Prediction resistance or security strength is * not supported (when testing instantiate). * ICA_DRBG_HEALTH_TEST_FAIL Health test failed. * ICA_DRBG_ENTROPY_SOURCE_FAIL Entropy source failed. */ ICA_EXPORT int ica_drbg_health_test(void *func, int sec, bool pr, ica_drbg_mech_t *mech); /* * ica_mp: libica's multiple-precision arithmetic interface * * Numbers are represented in radix 2^64. The least-significant digit is stored * at array element zero. * * Example: * * uint64_t a[] = {3, 4, 5}; // a = 5*(2^64)^2 + 4*(2^64) + 3 */ /* * Multiply the zero-padded 512-bit numbers @a and @b. The zero-padded 1024-bit * result is stored at @r. * * @r: 1024-bit produkt (@r = @a * @b) * @a: 512-bit factor 1 * @b: 512-bit factor 2 * * @return: * 0 Success. * != 0 Vector facilities are not enabled. */ ICA_EXPORT int ica_mp_mul512(uint64_t r[16], const uint64_t a[8], const uint64_t b[8]); /* * Square the zero-padded 512-bit number @a. The zero-padded 1024-bit result is * stored at @r. * * @r: 1024-bit square (@r = @a ^ 2) * @a: 512-bit base * * @return: * 0 Success. * != 0 Vector facilities are not enabled. */ ICA_EXPORT int ica_mp_sqr512(uint64_t r[16], const uint64_t a[8]); /* * FIPS status output interface. * * @return: * Returns flags indicating the module status. See the ICA_FIPS_* flags. */ ICA_EXPORT int ica_fips_status(void); #ifdef ICA_FIPS /* * Additional FIPS interfaces are available for built-in FIPS mode. */ /* * FIPS powerups tests. * * The test results can be viewed via the ica_fips_status function. */ ICA_EXPORT void ica_fips_powerup_tests(void); #endif /* ICA_FIPS */ #endif /* __ICA_API_H__ */ libica-4.0.1/libica.map000066400000000000000000000051401417716165400146750ustar00rootroot00000000000000LIBICA_3.0.0 { global: _fini; _init; ica_get_functionlist; ica_get_version; ica_random_number_generate; ica_des_ecb; ica_des_cbc; ica_des_cbc_cs; ica_des_ctr; ica_des_ctrlist; ica_des_cfb; ica_des_ofb; ica_des_cmac; ica_des_cmac_intermediate; ica_des_cmac_last; ica_3des_ecb; ica_3des_cbc; ica_3des_cbc_cs; ica_3des_ctr; ica_3des_ctrlist; ica_3des_cfb; ica_3des_ofb; ica_3des_cmac; ica_3des_cmac_intermediate; ica_3des_cmac_last; ica_aes_ecb; ica_aes_cbc; ica_aes_cbc_cs; ica_aes_ctr; ica_aes_ctrlist; ica_aes_cfb; ica_aes_ofb; ica_aes_xts; ica_aes_ccm; ica_aes_gcm; ica_aes_gcm_initialize; ica_aes_gcm_intermediate; ica_aes_gcm_last; ica_aes_cmac; ica_aes_cmac_intermediate; ica_aes_cmac_last; ica_sha1; ica_sha224; ica_sha256; ica_sha384; ica_sha512; ica_open_adapter; ica_close_adapter; ica_rsa_key_generate_mod_expo; ica_rsa_key_generate_crt; ica_rsa_mod_expo; ica_rsa_crt; ica_rsa_crt_key_check; ICA_DRBG_SHA512; ica_drbg_instantiate; ica_drbg_generate; ica_drbg_reseed; ica_drbg_uninstantiate; ica_drbg_health_test; local: *; }; LIBICA_3.0.0_FIPS { global: ica_fips_powerup_tests; ica_fips_status; } LIBICA_3.0.0; LIBICA_3.1.0 { global: ica_sha3_224; ica_sha3_256; ica_sha3_384; ica_sha3_512; ica_shake_128; ica_shake_256; local: *; } LIBICA_3.0.0; LIBICA_3.2.0 { global: ica_aes_gcm_kma_ctx_new; ica_aes_gcm_kma_init; ica_aes_gcm_kma_update; ica_aes_gcm_kma_get_tag; ica_aes_gcm_kma_verify_tag; ica_aes_gcm_kma_ctx_free; local: *; } LIBICA_3.1.0; LIBICA_3.3.0 { global: ica_set_fallback_mode; ica_ec_key_new; ica_ec_key_init; ica_ec_key_generate; ica_ec_key_get_public_key; ica_ec_key_get_private_key; ica_ec_key_free; ica_ecdh_derive_secret; ica_ecdsa_sign; ica_ecdsa_verify; ica_mp_mul512; ica_mp_sqr512; local: *; } LIBICA_3.2.0; LIBICA_3.4.0 { global: ica_sha512_224; ica_sha512_256; local: *; } LIBICA_3.3.0; LIBICA_3.5.0 { global: ica_set_offload_mode; ica_set_stats_mode; local: *; } LIBICA_3.4.0; LIBICA_3.6.0 { global: ica_x25519_ctx_new; ica_x25519_key_set; ica_x25519_key_get; ica_x25519_key_gen; ica_x25519_derive; ica_x25519_ctx_del; ica_x448_ctx_new; ica_x448_key_set; ica_x448_key_get; ica_x448_key_gen; ica_x448_derive; ica_x448_ctx_del; ica_ed25519_ctx_new; ica_ed25519_key_set; ica_ed25519_key_get; ica_ed25519_key_gen; ica_ed25519_sign; ica_ed25519_verify; ica_ed25519_ctx_del; ica_ed448_ctx_new; ica_ed448_key_set; ica_ed448_key_get; ica_ed448_key_gen; ica_ed448_sign; ica_ed448_verify; ica_ed448_ctx_del; local: *; } LIBICA_3.5.0; libica-4.0.1/libica.spec000066400000000000000000000101111417716165400150440ustar00rootroot00000000000000Name: libica Version: 4.0.1 Release: 1%{?dist} Summary: Interface library to the ICA device driver Group: Libraries/Crypto License: CPL URL: https://github.com/opencryptoki/libica Source0: %{name}-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf automake libtool openssl-devel %description Interface library on Linux for IBM System z to utilize CPACF functions and cryptographic processors. %package devel Summary: Interface library to the ICA device driver Group: Libraries/Crypto Requires: libica = %{version}-%{release}, glibc-devel %description devel Interface library on Linux for IBM System z to utilize CPACF functions and cryptographic processors. %prep %setup -q -n %{name}-%{version} %build autoreconf --force --install %configure --disable-static make %{?_smp_mflags} %install rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la %clean rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files %defattr(-,root,root,-) %doc LICENSE INSTALL AUTHORS README.md ChangeLog %{_mandir}/man*/* %{_bindir}/* %attr(755,root,root) %{_libdir}/* %files devel %doc LICENSE %defattr(-,root,root,-) %{_includedir}/ica_api.h %changelog * Thu Feb 03 2022 Joerg Schmidbauer - Version v4.0.1 * Tue Oct 12 2021 Joerg Schmidbauer - Version v3.9.0 * Thu May 06 2021 Joerg Schmidbauer - Version v3.8.0 * Tue May 06 2020 Joerg Schmidbauer - Version v3.7.0 * Wed Nov 13 2019 Patrick Steuer - Version v3.6.1 * Wed Aug 28 2019 Patrick Steuer - Version v3.6.0 * Tue Apr 23 2019 Patrick Steuer - Version v3.5.0 * Fri Nov 08 2018 Patrick Steuer - Version v3.4.0 * Fri Jun 08 2018 Patrick Steuer - Version v3.3.3 * Tue Apr 17 2018 Patrick Steuer - Version v3.3.2 * Mon Apr 16 2018 Patrick Steuer - Version v3.3.1 * Fri Apr 13 2018 Patrick Steuer - Version v3.3.0 * Wed Feb 28 2018 Patrick Steuer - Version v3.2.1 * Tue Sep 19 2017 Patrick Steuer - Version v3.2.0 * Fri Sep 08 2017 Patrick Steuer - Version v3.1.1 * Wed Jun 28 2017 Patrick Steuer - Version v3.1.0 * Tue Jan 17 2017 Patrick Steuer - Version v3.0.2 * Wed Nov 23 2016 Patrick Steuer - Version v3.0.1 * Tue Oct 25 2016 Patrick Steuer - Version v3.0.0 * Tue Mar 22 2016 Ingo Tuchscherer - Version v2.6.2 * Fri Feb 26 2016 Ingo Tuchscherer - Version v2.6.1 * Thu Feb 18 2016 Ingo Tuchscherer - Version v2.6.0 * Wed Nov 11 2015 Ingo Tuchscherer - Version v2.5.0 * Tue Jun 17 2014 Ingo Tuchscherer - Version v2.4.0 * Wed Mar 20 2013 Ingo Tuchscherer - Version v2.3.0 * Mon Feb 13 2012 Holger Dengler - Version v2.2.0 * Mon Sep 12 2011 Holger Dengler - Bugfix version v2.1.1 * Mon May 09 2011 Holger Dengler - Version v2.1.0 * Sat Mar 05 2011 Holger Dengler - Bugfix version 2.0.6 * Sat Mar 05 2011 Holger Dengler - Bugfix version 2.0.5 * Thu Sep 30 2010 Rainer Wolafka - Bugfix version 2.0.4 * Thu Apr 15 2010 Ruben Straus - Bugfixes version 2.0.3 * Wed Aug 12 2009 Felix Beck - Bugfixes version 2.0.2 * Wed Feb 4 2009 Felix Beck - initial file created libica-4.0.1/m4/000077500000000000000000000000001417716165400132735ustar00rootroot00000000000000libica-4.0.1/m4/.dont_remove000066400000000000000000000000001417716165400156030ustar00rootroot00000000000000libica-4.0.1/src/000077500000000000000000000000001417716165400135425ustar00rootroot00000000000000libica-4.0.1/src/Makefile.am000066400000000000000000000116441417716165400156040ustar00rootroot00000000000000VERSION = 4:0:1 AM_CFLAGS = @FLAGS@ MAJOR := `echo $(VERSION) | cut -d: -f1` MINOR := `echo $(VERSION) | cut -d: -f2` PATCH := `echo $(VERSION) | cut -d: -f3` VERSION1 := $(MAJOR).$(MINOR).$(PATCH) # lib lib_LTLIBRARIES = libica.la libica-cex.la CFLAGS_common = ${AM_CFLAGS} -DNO_SW_FALLBACKS -I${srcdir}/include -I${srcdir}/../include \ -DLIBICA_CONFDIR=\"${sysconfdir}\" \ -fvisibility=hidden -pthread LIBS_common = @LIBS@ -lrt -lcrypto -ldl LDFLAGS_common = -Wl,--version-script=${srcdir}/../libica.map \ -version-number ${VERSION} SOURCES_common = ica_api.c init.c icastats_shared.c s390_rsa.c \ s390_crypto.c s390_ecc.c s390_prng.c s390_sha.c \ s390_drbg.c s390_drbg_sha512.c test_vec.c fips.c \ mp.S rng.c \ include/fips.h include/icastats.h include/init.h \ include/s390_aes.h include/s390_cbccs.h \ include/s390_ccm.h include/s390_cmac.h \ include/s390_common.h include/s390_crypto.h \ include/s390_ctr.h include/s390_des.h \ include/s390_drbg.h include/s390_drbg_sha512.h \ include/s390_ecc.h include/s390_gcm.h include/s390_prng.h \ include/s390_rsa.h include/s390_sha.h include/test_vec.h \ include/rng.h libica_la_CFLAGS = ${CFLAGS_common} -DLIBNAME=\"libica\" libica_la_CCASFLAGS = ${AM_CFLAGS} libica_la_LIBADD = ${LIBS_common} libica_la_LDFLAGS = ${LDFLAGS_common} libica_la_SOURCES = ${SOURCES_common} libica_cex_la_CFLAGS = ${CFLAGS_common} -DNO_CPACF -DLIBNAME=\"libica-cex\" libica_cex_la_CCASFLAGS = ${AM_CFLAGS} libica_cex_la_LIBADD = ${LIBS_common} libica_cex_la_LDFLAGS = ${LDFLAGS_common} libica_cex_la_SOURCES = ${SOURCES_common} EXTRA_DIST = mp.pl mp.S : mp.pl ./mp.pl mp.S if ICA_FIPS fipsinstall: $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica.so.$(VERSION1).hmac $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica-cex.so.$(VERSION1).hmac $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac hmac-file-lnk: hmac-file $(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac $(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac hmac-file: libica.la libica-cex.la $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 ${top_builddir}/src/.libs/libica.so.$(VERSION1) | sed -e 's/^.* //' > ${top_builddir}/src/.libs/.libica.so.$(VERSION1).hmac $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 ${top_builddir}/src/.libs/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > ${top_builddir}/src/.libs/.libica-cex.so.$(VERSION1).hmac hmac_files = hmac-file hmac-file-lnk all-local: $(hmac_files) endif # bin bin_PROGRAMS = icainfo icastats icainfo-cex icainfo_CFLAGS_COMMON = ${AM_CFLAGS} -DNO_SW_FALLBACKS -I${srcdir}/include -I${srcdir}/../include icainfo_LDADD_COMMON = @LIBS@ -lcrypto icainfo_SOURCES_COMMON = icainfo.c include/fips.h include/s390_crypto.h \ ../include/ica_api.h icainfo_CFLAGS = ${icainfo_CFLAGS_COMMON} icainfo_LDADD = ${icainfo_LDADD_COMMON} libica.la icainfo_SOURCES = ${icainfo_SOURCES_COMMON} icainfo_cex_CFLAGS = ${icainfo_CFLAGS_COMMON} -DNO_CPACF icainfo_cex_LDADD = ${icainfo_LDADD_COMMON} libica-cex.la icainfo_cex_SOURCES = ${icainfo_SOURCES_COMMON} icastats_CFLAGS = ${AM_CFLAGS} -I${srcdir}/include -I${srcdir}/../include -DICASTATS icastats_LDADD = @LIBS@ -lrt icastats_SOURCES = icastats.c icastats_shared.c include/icastats.h # internal tests if ICA_INTERNAL_TESTS noinst_PROGRAMS = internal_tests/ec_internal_test internal_tests_ec_internal_test_CFLAGS = ${AM_CFLAGS} -I${srcdir}/include \ -I${srcdir}/../include \ -DICA_INTERNAL_TEST \ -DICA_INTERNAL_TEST_EC \ -DLIBNAME=\"libica\" \ -DLIBICA_CONFDIR=\"${sysconfdir}\" internal_tests_ec_internal_test_CCASFLAGS = ${AM_CFLAGS} internal_tests_ec_internal_test_LDADD = @LIBS@ -lrt -lcrypto -lpthread -ldl internal_tests_ec_internal_test_SOURCES = \ ica_api.c init.c icastats_shared.c s390_rsa.c \ s390_crypto.c s390_ecc.c s390_prng.c s390_sha.c \ s390_drbg.c s390_drbg_sha512.c test_vec.c fips.c \ mp.S rng.c \ include/fips.h include/icastats.h include/init.h \ include/s390_aes.h include/s390_cbccs.h \ include/s390_ccm.h include/s390_cmac.h \ include/s390_common.h include/s390_crypto.h \ include/s390_ctr.h include/s390_des.h \ include/s390_drbg.h include/s390_drbg_sha512.h \ include/s390_ecc.h include/s390_gcm.h include/s390_prng.h \ include/s390_rsa.h include/s390_sha.h include/test_vec.h \ include/rng.h ../test/testcase.h endif .PHONY: hmac-file hmac-file-lnk fipsinstall libica-4.0.1/src/fips.c000066400000000000000000000777031417716165400146650ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2015 */ #ifdef ICA_FIPS #include #include #include #include #include #include #include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "fips.h" #include "ica_api.h" #include "test_vec.h" #include "s390_crypto.h" #if OPENSSL_VERSION_PREREQ(3, 0) #include #include extern OSSL_LIB_CTX *openssl_libctx; extern OSSL_PROVIDER *openssl_provider; #endif int openssl_in_fips_mode(void) { #if !OPENSSL_VERSION_PREREQ(3, 0) return FIPS_mode(); #else if (fips & ICA_FIPS_INTEGRITY) return 0; else return 1; #endif } #ifndef PATH_MAX #define PATH_MAX 4096 #endif #define HMAC_PREFIX "." #define HMAC_SUFFIX ".hmac" #define READ_BUFFER_LENGTH 16384 #ifndef ICA_INTERNAL_TEST /* * The hard-coded HMAC key to be optionally provided for the library * integrity test. The recommended key size for HMAC-SHA256 is 64 bytes. * The known HMAC is supposed to be provided as hex string in a file * .libica.so.VERSION.hmac in the same directory as the .so module. */ static const char hmackey[] = "0000000000000000000000000000000000000000000000000000000000000000" "0000000000000000000000000000000000000000000000000000000000000000"; #endif /* ICA_INTERNAL_TEST */ int fips; #define LIBICA_FIPS_CONFIG LIBICA_CONFDIR "/libica/openssl3-fips.cnf" static int aes_ecb_kat(void); static int aes_cbc_kat(void); static int aes_cbc_cs_kat(void); static int aes_cfb_kat(void); static int aes_ofb_kat(void); static int aes_ctr_kat(void); static int aes_ccm_kat(void); static int aes_gcm_kat(void); static int aes_xts_kat(void); static int aes_cmac_kat(void); static int des3_ecb_kat(void); static int des3_cbc_kat(void); static int des3_cbc_cs_kat(void); static int des3_cfb_kat(void); static int des3_ofb_kat(void); static int des3_ctr_kat(void); static int des3_cmac_kat(void); static int rsa_kat(void); #ifndef NO_CPACF #define SHA_KAT(_sha_, _ctx_) \ static int sha##_sha_##_kat(void) { \ sha##_ctx_##_context_t ctx; \ size_t i; \ unsigned char out[SHA##_sha_##_HASH_LENGTH]; \ for (i = 0; i < SHA##_sha_##_TV_LEN; i++) { \ if (ica_sha##_sha_(SHA_MSG_PART_ONLY, \ SHA##_sha_##_TV[i].msg_len, SHA##_sha_##_TV[i].msg, \ &ctx, out) || memcmp(SHA##_sha_##_TV[i].md, out, \ SHA##_sha_##_HASH_LENGTH)) { \ syslog(LOG_ERR, "Libica SHA-%d test failed.", \ _sha_); \ return 1; \ } \ } \ return 0; \ } SHA_KAT(1, ); SHA_KAT(224, 256); SHA_KAT(256, 256); SHA_KAT(384, 512); SHA_KAT(512, 512); #undef SHA_KAT #else /* Don't write any error msg to syslog when CPACF is not avail */ #define SHA_KAT(_sha_, _ctx_) \ static int sha##_sha_##_kat(void) { \ sha##_ctx_##_context_t ctx; \ size_t i; \ unsigned char out[SHA##_sha_##_HASH_LENGTH]; \ for (i = 0; i < SHA##_sha_##_TV_LEN; i++) { \ if (ica_sha##_sha_(SHA_MSG_PART_ONLY, \ SHA##_sha_##_TV[i].msg_len, SHA##_sha_##_TV[i].msg, \ &ctx, out) || memcmp(SHA##_sha_##_TV[i].md, out, \ SHA##_sha_##_HASH_LENGTH)) { \ return 1; \ } \ } \ return 0; \ } SHA_KAT(1, ); SHA_KAT(224, 256); SHA_KAT(256, 256); SHA_KAT(384, 512); SHA_KAT(512, 512); #undef SHA_KAT #endif static inline int sha3_available(void) { sha3_224_context_t sha3_224_context; unsigned char output_hash[SHA3_224_HASH_LENGTH]; unsigned char test_data[] = { 0x61,0x62,0x63 }; int rc = 0; rc = ica_sha3_224(SHA_MSG_PART_ONLY, sizeof(test_data), test_data, &sha3_224_context, output_hash); return (rc == ENODEV ? 0 : 1); } #ifndef NO_CPACF #define SHA3_KAT(_sha_, _ctx_) \ static int sha3_##_sha_##_kat(void) { \ sha3_##_ctx_##_context_t ctx; \ size_t i; \ unsigned char out[SHA3_##_sha_##_HASH_LENGTH]; \ if (!sha3_available()) \ return 0; \ for (i = 0; i < SHA3_##_sha_##_TV_LEN; i++) { \ if (ica_sha3_##_sha_(SHA_MSG_PART_ONLY, \ SHA3_##_sha_##_TV[i].msg_len, SHA3_##_sha_##_TV[i].msg, \ &ctx, out) || memcmp(SHA3_##_sha_##_TV[i].md, out, \ SHA3_##_sha_##_HASH_LENGTH)) { \ syslog(LOG_ERR, "Libica SHA-3 %d test failed.", \ _sha_); \ return 1; \ } \ } \ return 0; \ } SHA3_KAT(224, 224); SHA3_KAT(256, 256); SHA3_KAT(384, 384); SHA3_KAT(512, 512); #undef SHA3_KAT #else /* Don't write any error msg to syslog when CPACF is not avail */ #define SHA3_KAT(_sha_, _ctx_) \ static int sha3_##_sha_##_kat(void) { \ sha3_##_ctx_##_context_t ctx; \ size_t i; \ unsigned char out[SHA3_##_sha_##_HASH_LENGTH]; \ if (!sha3_available()) \ return 0; \ for (i = 0; i < SHA3_##_sha_##_TV_LEN; i++) { \ if (ica_sha3_##_sha_(SHA_MSG_PART_ONLY, \ SHA3_##_sha_##_TV[i].msg_len, SHA3_##_sha_##_TV[i].msg, \ &ctx, out) || memcmp(SHA3_##_sha_##_TV[i].md, out, \ SHA3_##_sha_##_HASH_LENGTH)) { \ return 1; \ } \ } \ return 0; \ } SHA3_KAT(224, 224); SHA3_KAT(256, 256); SHA3_KAT(384, 384); SHA3_KAT(512, 512); #undef SHA3_KAT #endif void fips_init(void) { FILE *fd; char fips_flag; if ((fd = fopen(FIPS_FLAG, "r")) == NULL) return; if (fread(&fips_flag, sizeof(fips_flag), 1, fd) != 1) { fclose(fd); return; } fclose(fd); if (fips_flag - '0') { #if !OPENSSL_VERSION_PREREQ(3, 0) /* Set libica into FIPS mode. */ fips |= ICA_FIPS_MODE; /* Try to set OpenSSL into FIPS mode. If this is not possible, * all software fallbacks (including RSA key generation) will * be disabled. OpenSSL FIPS mode can be queried using the * FIPS_mode() function. */ FIPS_mode_set(1); #else fips = 0; if (!OSSL_LIB_CTX_load_config(openssl_libctx, LIBICA_FIPS_CONFIG)) { syslog(LOG_ERR, "Libica failed to load openssl fips config %s\n", LIBICA_FIPS_CONFIG); fips |= ICA_FIPS_INTEGRITY; return; } openssl_provider = OSSL_PROVIDER_load(openssl_libctx, "fips"); if (openssl_provider == NULL) { syslog(LOG_ERR, "Libica failed to load fips provider.\n"); fips |= ICA_FIPS_INTEGRITY; return; } if (!EVP_set_default_properties(openssl_libctx, "fips=yes")) { syslog(LOG_ERR, "Libica failed to set default properties 'fips=yes'\n"); fips |= ICA_FIPS_INTEGRITY; return; } fips |= ICA_FIPS_MODE; #endif } else { /* kernel fips flag == 0, load default provider in case we are * running with openssl 3.0 */ #if OPENSSL_VERSION_PREREQ(3, 0) openssl_provider = OSSL_PROVIDER_load(openssl_libctx, "default"); if (openssl_provider == NULL) { syslog(LOG_ERR, "Libica: failed to load default provider\n"); fips |= ICA_FIPS_INTEGRITY; return; } #endif } } #ifndef ICA_INTERNAL_TEST static char *make_hmac_path(const char *origpath) { char *path; const char *fn; path = calloc(1, sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath) + 1); if (path == NULL) return NULL; fn = strrchr(origpath, '/'); if (fn == NULL) { fn = origpath; } else { ++fn; } strncpy(path, origpath, fn - origpath); strcat(path, HMAC_PREFIX); strcat(path, fn); strcat(path, HMAC_SUFFIX); return path; } static int compute_file_hmac(const char *path, void **buf, size_t *hmaclen) { FILE *fp = NULL; int rc = -1; unsigned char rbuf[READ_BUFFER_LENGTH]; unsigned char *keybuf; EVP_MD_CTX *mdctx = NULL; EVP_PKEY *pkey = NULL; size_t hlen, len; long keylen; *buf = NULL; *hmaclen = 0; keybuf = OPENSSL_hexstr2buf(hmackey, &keylen); pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, keybuf, (int)keylen); if (!pkey) goto end; mdctx = EVP_MD_CTX_create(); if (!mdctx) goto end; fp = fopen(path, "r"); if (fp == NULL) goto end; if (EVP_DigestSignInit(mdctx, NULL, EVP_sha256(), NULL, pkey) <= 0) goto end; while ((len = fread(rbuf, 1, sizeof(rbuf), fp)) != 0) { if (EVP_DigestSignUpdate(mdctx, rbuf, len) <= 0) { goto end; } } hlen = sizeof(rbuf); if (EVP_DigestSignFinal(mdctx, rbuf, &hlen) <= 0) goto end; *buf = malloc(hlen); if (*buf == NULL) goto end; *hmaclen = hlen; memcpy(*buf, rbuf, hlen); rc = 0; end: if (pkey != NULL) EVP_PKEY_free(pkey); OPENSSL_free(keybuf); EVP_MD_CTX_destroy(mdctx); if (fp) fclose(fp); return rc; } /** * Performs the FIPS check. * * @return 1 if check succeeded * 0 otherwise */ static int FIPSCHECK_verify(const char *path) { int rc = 0; FILE *fp; unsigned char *known_hmac = NULL; long hmaclen; char *hmacpath, *p; char *known_hmac_str = NULL; size_t n, computed_hmac_len; void *computed_hmac = NULL; hmacpath = make_hmac_path(path); if (hmacpath == NULL) return 0; fp = fopen(hmacpath, "r"); if (fp == NULL) { goto end; } if (getline(&known_hmac_str, &n, fp) <= 0) goto end; if ((p = strchr(known_hmac_str, '\n')) != NULL) *p = '\0'; known_hmac = OPENSSL_hexstr2buf(known_hmac_str, &hmaclen); if (compute_file_hmac(path, &computed_hmac, &computed_hmac_len) != 0) goto end; if (memcmp(computed_hmac, known_hmac, computed_hmac_len) != 0) goto end; rc = 1; end: free(computed_hmac); free(known_hmac_str); free(hmacpath); OPENSSL_free(known_hmac); if (fp) fclose(fp); return rc; } static const char msg1[] = "Libica FIPS library integrity check failed. Cannot determine library path.\n"; static const char msg2[] = "Libica FIPS library integrity check failed. Module %s probably corrupted.\n"; static const char msg3[] = "Libica FIPS library integrity check passed.\n"; struct phdr_cb_data { /* User-provided storage for library path. */ char *librarypath; /* Length of storage provided by user. */ size_t length; /* How many times did we find a proper library. This is used * as a sanity check. */ int count; }; static int phdr_callback(struct dl_phdr_info *info, size_t size, void *data) { int j; unsigned long start, end; struct phdr_cb_data *d = data; unsigned long myaddr = (unsigned long)&phdr_callback; (void)size; for (j = 0; j < info->dlpi_phnum; j++) { // Only consider loadable program segments if (info->dlpi_phdr[j].p_type == PT_LOAD) { start = info->dlpi_addr + info->dlpi_phdr[j].p_vaddr; end = start + info->dlpi_phdr[j].p_memsz; if (start <= myaddr && myaddr < end) { if (d->librarypath[0] == 0 && strlen(info->dlpi_name) < d->length) { strcpy(d->librarypath, info->dlpi_name); } d->count++; } } } return 0; } /* * Perform an integrity check on libica.so by calculating an HMAC from * the file contents using a static HMAC key, and comparing it to a * pre-calculated HMAC in a separate file. The HMAC key and HMAC file * may be provided by a Distributor when building the packet. */ static void fips_lib_integrity_check(void) { char path[PATH_MAX]; struct phdr_cb_data data = { .librarypath = (char *)path, .length = sizeof(path), .count = 0 }; path[0] = 0; dl_iterate_phdr(phdr_callback, &data); if (data.count != 1) { syslog(LOG_ERR, msg1); fips |= ICA_FIPS_INTEGRITY; return; } if (!FIPSCHECK_verify(path)) { syslog(LOG_ERR, msg2, path); fips |= ICA_FIPS_INTEGRITY; return; } syslog(LOG_INFO, msg3); } #endif /* ICA_INTERNAL_TEST */ void fips_powerup_tests(void) { #ifdef NO_CPACF /* 27 out of the 28 tests return EPERM if CPACF is disabled via config. * The rsa_kat() is not affected. */ int num_cpacf_tests = 27; #endif int rc; /* Cryptographic algorithm test. */ rc = ica_drbg_health_test(ica_drbg_generate, 256, true, ICA_DRBG_SHA512) + sha1_kat() + sha224_kat() + sha256_kat() + sha384_kat() + sha512_kat() + sha3_224_kat() + sha3_256_kat() + sha3_384_kat() + sha3_512_kat() + des3_ecb_kat() + des3_cbc_kat() + des3_cbc_cs_kat() + des3_cfb_kat() + des3_ofb_kat() + des3_ctr_kat() + des3_cmac_kat() + aes_ecb_kat() + aes_cbc_kat() + aes_cbc_cs_kat() + aes_cfb_kat() + aes_ctr_kat() + aes_ofb_kat() + aes_ccm_kat() + aes_gcm_kat() + aes_xts_kat() + aes_cmac_kat() + rsa_kat(); #ifndef NO_CPACF if (rc != 0) { #else if (rc != 0 && rc != num_cpacf_tests * EPERM) { #endif fips |= ICA_FIPS_CRYPTOALG; return; } /* ICA internal test does not link against the library. So we should * skip the library integrity check in that case. */ #ifndef ICA_INTERNAL_TEST /* Library integrity test */ fips_lib_integrity_check(); #endif } static int aes_ecb_kat(void) { const struct aes_ecb_tv *tv; size_t i; unsigned char *out; for (i = 0; i < AES_ECB_TV_LEN; i++) { tv = &AES_ECB_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; if (ica_aes_ecb(tv->plaintext, out, tv->len, tv->key, tv->keylen, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len) || ica_aes_ecb(tv->ciphertext, out, tv->len, tv->key, tv->keylen, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-ECB test failed."); #endif return 1; } static int aes_cbc_kat(void) { const struct aes_cbc_tv *tv; size_t i; unsigned char iv[AES_BLKSIZE], *out; for (i = 0; i < AES_CBC_TV_LEN; i++) { tv = &AES_CBC_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, AES_BLKSIZE); if (ica_aes_cbc(tv->plaintext, out, tv->len, tv->key, tv->keylen, iv, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(iv, AES_CBC_TV[i].iv, AES_BLKSIZE); if (ica_aes_cbc(tv->ciphertext, out, tv->len, tv->key, tv->keylen, iv, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-CBC test failed."); #endif return 1; } static int aes_cbc_cs_kat(void) { const struct aes_cbc_cs_tv *tv; size_t i; unsigned char iv[AES_BLKSIZE], *out; for (i = 0; i < AES_CBC_CS_TV_LEN; i++) { tv = &AES_CBC_CS_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, AES_BLKSIZE); if (ica_aes_cbc_cs(tv->plaintext, out, tv->len, tv->key, tv->keylen, iv, ICA_ENCRYPT, tv->variant) || memcmp(tv->ciphertext, out, tv->len) || memcmp(tv->iv_out, iv, AES_BLKSIZE)) goto _err_; memcpy(iv, AES_CBC_CS_TV[i].iv, AES_BLKSIZE); if (ica_aes_cbc_cs(tv->ciphertext, out, tv->len, tv->key, tv->keylen, iv, ICA_DECRYPT, tv->variant) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-CBC-CS test failed."); #endif return 1; } static int aes_cfb_kat(void) { const struct aes_cfb_tv *tv; size_t i; unsigned char iv[AES_BLKSIZE], *out; for (i = 0; i < AES_CFB_TV_LEN; i++) { tv = &AES_CFB_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, AES_BLKSIZE); if (ica_aes_cfb(tv->plaintext, out, tv->len, tv->key, tv->keylen, iv, tv->lcfb, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(iv, tv->iv, AES_BLKSIZE); if (ica_aes_cfb(tv->ciphertext, out, tv->len, tv->key, tv->keylen, iv, tv->lcfb, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-CFB test failed."); #endif return 1; } static int aes_ofb_kat(void) { const struct aes_ofb_tv *tv; size_t i; unsigned char iv[AES_BLKSIZE], *out; for (i = 0; i < AES_OFB_TV_LEN; i++) { tv = &AES_OFB_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, AES_BLKSIZE); if (ica_aes_ofb(tv->plaintext, out, tv->len, tv->key, tv->keylen, iv, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(iv, tv->iv, AES_BLKSIZE); if (ica_aes_ofb(tv->ciphertext, out, tv->len, tv->key, tv->keylen, iv, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-OFB test failed."); #endif return 1; } static int aes_ctr_kat(void) { const struct aes_ctr_tv *tv; size_t i; unsigned char *out, ctr[AES_BLKSIZE]; for (i = 0; i < AES_CTR_TV_LEN; i++) { tv = &AES_CTR_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(ctr, tv->ctr, AES_BLKSIZE); if (ica_aes_ctr(tv->plaintext, out, tv->len, tv->key, tv->keylen, ctr, 32, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(ctr, tv->ctr, AES_BLKSIZE); if (ica_aes_ctr(tv->ciphertext, out, tv->len, tv->key, tv->keylen, ctr, 32, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-CTR test failed."); #endif return 1; } static int aes_ccm_kat(void) { const struct aes_ccm_tv *tv; size_t i; unsigned char *ciphertext, *payload; for (i = 0; i < AES_CCM_TV_LEN; i++) { tv = &AES_CCM_TV[i]; ciphertext = malloc(tv->payloadlen + tv->taglen); payload = malloc(tv->payloadlen); if (payload == NULL || ciphertext == NULL) goto _err_; if (ica_aes_ccm(payload, tv->payloadlen, tv->ciphertext, tv->taglen, tv->adata, tv->adatalen, tv->nonce, tv->noncelen, tv->key, tv->keylen, ICA_DECRYPT) != tv->rv) goto _err_; if ((tv->rv == 0) && (memcmp(tv->payload, payload, tv->payloadlen) || ica_aes_ccm(tv->payload, tv->payloadlen, ciphertext, tv->taglen, tv->adata, tv->adatalen, tv->nonce, tv->noncelen, tv->key, tv->keylen, ICA_ENCRYPT) || memcmp(tv->ciphertext, ciphertext, tv->payloadlen + tv->taglen))) goto _err_; free(payload); free(ciphertext); } return 0; _err_: free(ciphertext); free(payload); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-CCM test failed."); #endif return 1; } static int aes_gcm_kat(void) { const struct aes_gcm_tv *tv; size_t i, lastlen; unsigned char *out, *tag, icb[AES_BLKSIZE], ucb[AES_BLKSIZE], subkey[AES_BLKSIZE]; for (i = 0; i < AES_GCM_TV_LEN; i++) { tv = &AES_GCM_TV[i]; out = malloc(tv->len); tag = malloc(tv->taglen); if (tag == NULL || out == NULL) goto _err_; if ((ica_aes_gcm(out, tv->len, tv->ciphertext, tv->iv, tv->ivlen, tv->aad, tv->aadlen, tv->tag, tv->taglen, tv->key, tv->keylen, ICA_DECRYPT) != tv->rv) || ((tv->rv == 0) && memcmp(tv->plaintext, out, tv->len))) goto _err_; if ((tv->rv == 0) && (ica_aes_gcm(tv->plaintext, tv->len, out, tv->iv, tv->ivlen, tv->aad, tv->aadlen, tag, tv->taglen, tv->key, tv->keylen, ICA_ENCRYPT) || memcmp(tv->tag, tag, tv->taglen) || memcmp(tv->ciphertext, out, tv->len))) goto _err_; free(tag); free(out); } for (i = 0; i < AES_GCM_TV_LEN; i++) { tv = &AES_GCM_TV[i]; /* Divide the test vector into two chunks. */ if (tv->len <= AES_BLKSIZE) lastlen = 0; else { lastlen = tv->len % AES_BLKSIZE; /* Last chunk can only be 16 bytes long, if test * vector is at least 32 bytes long. */ if (lastlen == 0 && tv->len >= 2 * AES_BLKSIZE) lastlen = AES_BLKSIZE; } out = malloc(tv->len); tag = malloc(AES_BLKSIZE); if (tag == NULL || out == NULL) goto _err_; memset(tag, 0, AES_BLKSIZE); if (ica_aes_gcm_initialize(tv->iv, tv->ivlen, tv->key, tv->keylen, icb, ucb, subkey, ICA_DECRYPT) || ica_aes_gcm_intermediate(out, tv->len - lastlen, tv->ciphertext, ucb, tv->aad, tv->aadlen, tag, tv->taglen, tv->key, tv->keylen, subkey, ICA_DECRYPT) || ica_aes_gcm_intermediate(out + (tv->len - lastlen), lastlen, tv->ciphertext + (tv->len - lastlen), ucb, NULL, 0, tag, tv->taglen, tv->key, tv->keylen, subkey, ICA_DECRYPT) || (ica_aes_gcm_last(icb, tv->aadlen, tv->len, tag, tv->tag, tv->taglen, tv->key, tv->keylen, subkey, ICA_DECRYPT) != tv->rv) || ((tv->rv == 0) && memcmp(tv->plaintext, out, tv->len))) goto _err_; memset(tag, 0, AES_BLKSIZE); memset(out, 0, tv->len); memset(icb, 0, sizeof(icb)); memset(icb, 0, sizeof(ucb)); memset(subkey, 0, sizeof(subkey)); if ((tv->rv == 0) && (ica_aes_gcm_initialize(tv->iv, tv->ivlen, tv->key, tv->keylen, icb, ucb, subkey, ICA_ENCRYPT) || ica_aes_gcm_intermediate(tv->plaintext, tv->len - lastlen, out, ucb, tv->aad, tv->aadlen, tag, tv->taglen, tv->key, tv->keylen, subkey, ICA_ENCRYPT) || ica_aes_gcm_intermediate(tv->plaintext + (tv->len - lastlen), lastlen, out + (tv->len - lastlen), ucb, NULL, 0, tag, tv->taglen, tv->key, tv->keylen, subkey, ICA_ENCRYPT) || ica_aes_gcm_last(icb, tv->aadlen, tv->len, tag, NULL, tv->taglen, tv->key, tv->keylen, subkey, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len) || memcmp(tv->tag, tag, tv->taglen))) goto _err_; free(tag); free(out); } return 0; _err_: free(tag); free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-GCM test failed."); #endif return 1; } static int aes_xts_kat(void) { const struct aes_xts_tv *tv; size_t i; unsigned char *out, tweak[16]; for (i = 0; i < AES_XTS_TV_LEN; i++) { tv = &AES_XTS_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(tweak, tv->tweak, sizeof(tweak)); if (ica_aes_xts(tv->plaintext, out, tv->len, tv->key1, tv->key2, tv->keylen, tweak, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(tweak, tv->tweak, sizeof(tweak)); if (ica_aes_xts(tv->ciphertext, out, tv->len, tv->key1, tv->key2, tv->keylen, tweak, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-XTS test failed."); #endif return 1; } static int aes_cmac_kat(void) { const struct aes_cmac_tv *tv; size_t i, lastlen; unsigned char *mac, iv[AES_BLKSIZE]; for (i = 0; i < AES_CMAC_TV_LEN; i++) { tv = &AES_CMAC_TV[i]; mac = malloc(tv->maclen); if (mac == NULL) goto _err_; if ((ica_aes_cmac(tv->msg, tv->msglen, tv->mac, tv->maclen, tv->key, tv->keylen, ICA_DECRYPT) != tv->rv) || ((tv->rv == 0) && (ica_aes_cmac(tv->msg, tv->msglen, mac, tv->maclen, tv->key, tv->keylen, ICA_ENCRYPT) || memcmp(tv->mac, mac, tv->maclen)))) goto _err_; free(mac); } for (i = 0; i < AES_CMAC_TV_LEN; i++) { tv = &AES_CMAC_TV[i]; if (tv->msglen <= AES_BLKSIZE) continue; lastlen = tv->msglen % AES_BLKSIZE ? tv->msglen % AES_BLKSIZE : AES_BLKSIZE; memset(iv, 0, AES_BLKSIZE); if (ica_aes_cmac_intermediate(tv->msg, tv->msglen - lastlen, tv->key, tv->keylen, iv) || (ica_aes_cmac_last(tv->msg + (tv->msglen - lastlen), lastlen, tv->mac, tv->maclen, tv->key, tv->keylen, iv, ICA_DECRYPT) != tv->rv)) return 1; if (tv->rv != 0) continue; mac = malloc(tv->maclen); if (mac == NULL) goto _err_; memset(iv, 0, AES_BLKSIZE); if (ica_aes_cmac_intermediate(tv->msg, tv->msglen - lastlen, tv->key, tv->keylen, iv) || ica_aes_cmac_last(tv->msg + (tv->msglen - lastlen), lastlen, mac, tv->maclen, tv->key, tv->keylen, iv, ICA_ENCRYPT) || memcmp(tv->mac, mac, tv->maclen)) goto _err_; free(mac); } return 0; _err_: free(mac); #ifndef NO_CPACF syslog(LOG_ERR, "Libica AES-CMAC test failed."); #endif return 1; } static int des3_ecb_kat(void) { const struct des3_ecb_tv *tv; size_t i; unsigned char *out; for (i = 0; i < DES3_ECB_TV_LEN; i++) { tv = &DES3_ECB_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; if (ica_3des_ecb(tv->plaintext, out, tv->len, (unsigned char *)tv->key, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len) || ica_3des_ecb(tv->ciphertext, out, tv->len, (unsigned char *)tv->key, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica 3DES-ECB test failed."); #endif return 1; } static int des3_cbc_kat(void) { const struct des3_cbc_tv *tv; size_t i; unsigned char iv[DES3_BLKSIZE], *out; for (i = 0; i < DES3_CBC_TV_LEN; i++) { tv = &DES3_CBC_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_cbc(tv->plaintext, out, tv->len, (unsigned char *)tv->key, iv, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_cbc(tv->ciphertext, out, tv->len, (unsigned char *)tv->key, iv, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica 3DES-CBC test failed."); #endif return 1; } static int des3_cbc_cs_kat(void){ const struct des3_cbc_cs_tv *tv; size_t i; unsigned char iv[DES3_BLKSIZE], *out; for (i = 0; i < DES3_CBC_CS_TV_LEN; i++) { tv = &DES3_CBC_CS_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_cbc_cs(tv->plaintext, out, tv->len, (unsigned char *)tv->key, iv, ICA_ENCRYPT, tv->variant) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_cbc_cs(tv->ciphertext, out, tv->len, (unsigned char *)tv->key, iv, ICA_DECRYPT, tv->variant) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica 3DES-CBC-CS test failed."); #endif return 1; } static int des3_cfb_kat(void) { const struct des3_cfb_tv *tv; size_t i; unsigned char iv[DES3_BLKSIZE], *out; for (i = 0; i < DES3_CFB_TV_LEN; i++) { tv = &DES3_CFB_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_cfb(tv->plaintext, out, tv->len, (unsigned char *)tv->key, iv, tv->lcfb, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_cfb(tv->ciphertext, out, tv->len, (unsigned char *)tv->key, iv, tv->lcfb, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica 3DES-CFB test failed."); #endif return 1; } static int des3_ofb_kat(void) { const struct des3_ofb_tv *tv; size_t i; unsigned char iv[DES3_BLKSIZE], *out; for (i = 0; i < DES3_OFB_TV_LEN; i++) { tv = &DES3_OFB_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_ofb(tv->plaintext, out, tv->len, (unsigned char *)tv->key, iv, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(iv, tv->iv, DES3_BLKSIZE); if (ica_3des_ofb(tv->ciphertext, out, tv->len, (unsigned char *)tv->key, iv, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica 3DES-OFB test failed."); #endif return 1; } static int des3_ctr_kat(void) { const struct des3_ctr_tv *tv; size_t i; unsigned char *out, ctr[DES3_BLKSIZE]; for (i = 0; i < DES3_CTR_TV_LEN; i++) { tv = &DES3_CTR_TV[i]; out = malloc(tv->len); if (out == NULL) goto _err_; memcpy(ctr, tv->ctr, DES3_BLKSIZE); if (ica_3des_ctr(tv->plaintext, out, tv->len, (unsigned char *)tv->key, ctr, 32, ICA_ENCRYPT) || memcmp(tv->ciphertext, out, tv->len)) goto _err_; memcpy(ctr, tv->ctr, DES3_BLKSIZE); if (ica_3des_ctr(tv->ciphertext, out, tv->len, (unsigned char *)tv->key, ctr, 32, ICA_DECRYPT) || memcmp(tv->plaintext, out, tv->len)) goto _err_; free(out); } return 0; _err_: free(out); #ifndef NO_CPACF syslog(LOG_ERR, "Libica 3DES-CTR test failed."); #endif return 1; } static int des3_cmac_kat(void) { const struct des3_cmac_tv *tv; size_t i, lastlen; unsigned char *mac, iv[DES3_BLKSIZE]; for (i = 0; i < DES3_CMAC_TV_LEN; i++) { tv = &DES3_CMAC_TV[i]; mac = malloc(tv->maclen); if (mac == NULL) goto _err_; if ((ica_3des_cmac(tv->msg, tv->msglen, tv->mac, tv->maclen, (unsigned char *)tv->key, ICA_DECRYPT) != tv->rv) || ((tv->rv == 0) && (ica_3des_cmac(tv->msg, tv->msglen, mac, tv->maclen, (unsigned char *)tv->key, ICA_ENCRYPT) || memcmp(tv->mac, mac, tv->maclen)))) goto _err_; free(mac); } for (i = 0; i < DES3_CMAC_TV_LEN; i++) { tv = &DES3_CMAC_TV[i]; if (tv->msglen <= DES3_BLKSIZE) continue; lastlen = tv->msglen % DES3_BLKSIZE ? tv->msglen % DES3_BLKSIZE : DES3_BLKSIZE; memset(iv, 0, DES3_BLKSIZE); if (ica_3des_cmac_intermediate(tv->msg, tv->msglen - lastlen, (unsigned char *)tv->key, iv) || (ica_3des_cmac_last(tv->msg + (tv->msglen - lastlen), lastlen, tv->mac, tv->maclen, (unsigned char *)tv->key, iv, ICA_DECRYPT) != tv->rv)) return 1; if (tv->rv != 0) continue; mac = malloc(tv->maclen); if (mac == NULL) goto _err_; memset(iv, 0, DES3_BLKSIZE); if (ica_3des_cmac_intermediate(tv->msg, tv->msglen - lastlen, (unsigned char *)tv->key, iv) || ica_3des_cmac_last(tv->msg + (tv->msglen - lastlen), lastlen, mac, tv->maclen, (unsigned char *)tv->key, iv, ICA_ENCRYPT) || memcmp(tv->mac, mac, tv->maclen)) goto _err_; free(mac); } return 0; _err_: free(mac); #ifndef NO_CPACF syslog(LOG_ERR, "Libica 3DES-CMAC test failed."); #endif return 1; } static int rsa_kat(void) { ica_rsa_key_mod_expo_t pubkey; ica_rsa_key_crt_t privkey; ica_adapter_handle_t ah; const struct rsa_tv *tv; size_t i, keylen, crtparamlen; unsigned char *out = NULL; libica_func_list_element* libica_func_list = NULL; unsigned int count; if (ica_open_adapter(&ah)) return 1; if (ica_get_functionlist(NULL, &count) != 0) goto _err_; libica_func_list = malloc(sizeof(libica_func_list_element) * count); if (!libica_func_list) goto _err_; if (ica_get_functionlist(libica_func_list, &count) != 0) goto _err_; for (i = 0; i < count; i++) { if (libica_func_list[i].mech_mode_id == RSA_CRT && libica_func_list[i].flags == 0) { /* RSA_CRT, and probably also RSA_ME, not available, skip test. * Looks like we don't have cards nor sw fallbacks. */ free(libica_func_list); ica_close_adapter(ah); return 0; } } for (i = 0; i < RSA_TV_LEN; i++) { tv = &RSA_TV[i]; keylen = (tv->mod + 7) / 8; crtparamlen = (keylen + 1) / 2; pubkey.key_length = keylen; privkey.key_length = keylen; out = malloc(keylen); pubkey.exponent = malloc(keylen); pubkey.modulus = malloc(keylen); privkey.q = malloc(crtparamlen); privkey.dq = malloc(crtparamlen); /* Some values have 8 bytes of zero padding. */ privkey.p = malloc(crtparamlen + 8); privkey.dp = malloc(crtparamlen + 8); privkey.qInverse = malloc(crtparamlen + 8); if (privkey.qInverse == NULL || privkey.dq == NULL || privkey.dp == NULL || privkey.q == NULL || privkey.p == NULL || pubkey.modulus == NULL || pubkey.exponent == NULL || out == NULL) goto _err_; memcpy(pubkey.exponent, tv->e, keylen); memcpy(pubkey.modulus, tv->n, keylen); memcpy(privkey.q, tv->q, crtparamlen); memcpy(privkey.dq, tv->dq, crtparamlen); memcpy(privkey.p, tv->p, crtparamlen + 8); memcpy(privkey.dp, tv->dp, crtparamlen + 8); memcpy(privkey.qInverse, tv->qinv, crtparamlen + 8); if (ica_rsa_mod_expo(ah, tv->plaintext, &pubkey, out) || memcmp(tv->ciphertext, out, keylen) || ica_rsa_crt(ah, tv->ciphertext, &privkey, out) || memcmp(tv->plaintext, out, keylen)) goto _err_; free(out); free(pubkey.exponent); free(pubkey.modulus); free(privkey.p); free(privkey.q); free(privkey.dp); free(privkey.dq); free(privkey.qInverse); } free(libica_func_list); ica_close_adapter(ah); return 0; _err_: free(libica_func_list); ica_close_adapter(ah); free(out); free(pubkey.exponent); free(pubkey.modulus); free(privkey.p); free(privkey.q); free(privkey.dp); free(privkey.dq); free(privkey.qInverse); syslog(LOG_ERR, "Libica RSA test failed."); return 1; } #endif /* FIPS_H */ libica-4.0.1/src/ica_api.c000066400000000000000000003004431417716165400152770ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * Rainer Wolafka * Holger Dengler * Ingo Tuchscherer * * Copyright IBM Corp. 2009, 2010, 2011, 2013 */ #define __USE_GNU #include #include #include #include #include #include #include #include #include #include #include "init.h" #include "ica_api.h" #include "icastats.h" #include "fips.h" #include "rng.h" #include "s390_rsa.h" #include "s390_ecc.h" #include "s390_crypto.h" #include "s390_sha.h" #include "s390_prng.h" #include "s390_des.h" #include "s390_aes.h" #include "s390_cmac.h" #include "s390_cbccs.h" #include "s390_ccm.h" #include "s390_gcm.h" #include "s390_drbg.h" #define DEFAULT_CRYPT_DEVICE "/udev/z90crypt" #define DEFAULT2_CRYPT_DEVICE "/dev/z90crypt" #define DEFAULT3_CRYPT_DEVICE "/dev/zcrypt" #define DES_KEY_LEN64 (64/8) #define MAX_VERSION_LENGTH 16 #define MAX_RSA_KEY_BITS 4096 #ifndef NO_SW_FALLBACKS int ica_fallbacks_enabled = 1; #else int ica_fallbacks_enabled = 0; #endif #if defined(NO_SW_FALLBACKS) || defined(NO_CPACF) #define UNUSED(var) ((void)(var)) #endif void ica_set_fallback_mode(int fallback_mode) { #ifdef NO_SW_FALLBACKS UNUSED(fallback_mode); #else if (fallback_mode) ica_fallbacks_enabled = 1; else ica_fallbacks_enabled = 0; #endif } int ica_offload_enabled = 0; void ica_set_offload_mode(int offload_mode) { ica_offload_enabled = offload_mode ? 1 : 0; } int ica_stats_enabled = 1; void ica_set_stats_mode(int stats_mode) { ica_stats_enabled = stats_mode ? 1 : 0; } #ifndef NO_CPACF #ifdef ICA_FIPS static unsigned int fips_check_3des_key(const ica_des_key_triple_t *key) { if (!CRYPTO_memcmp(key->key1, key->key2, DES_KEY_LEN64) | !CRYPTO_memcmp(key->key1, key->key3, DES_KEY_LEN64) | !CRYPTO_memcmp(key->key2, key->key3, DES_KEY_LEN64)) return EINVAL; return 0; } #endif static unsigned int check_des_parms(unsigned int mode, unsigned long data_length, const unsigned char *in_data, const unsigned char *iv, const unsigned char *des_key, const unsigned char *out_data) { if ((in_data == NULL) || (out_data == NULL) || (des_key == NULL)) return EINVAL; switch (mode) { case MODE_ECB: if (data_length & 0x07) return EINVAL; break; case MODE_CBC: if (iv == NULL) return EINVAL; if (data_length & 0x07) return EINVAL; break; case MODE_CBCCS: if (iv == NULL) return EINVAL; if (data_length <= DES_BLOCK_SIZE) return EINVAL; break; case MODE_CFB: if (iv == NULL) return EINVAL; break; case MODE_CTR: if (iv == NULL) return EINVAL; break; case MODE_OFB: if (iv == NULL) return EINVAL; break; default: /* unsupported mode */ return EINVAL; } return 0; } static unsigned int check_aes_parms(unsigned int mode, unsigned int data_length, const unsigned char *in_data, const unsigned char *iv, unsigned int key_length, const unsigned char *aes_key, const unsigned char *out_data) { if ((in_data == NULL) || (out_data == NULL) || (aes_key == NULL)) return EINVAL; if ((key_length != AES_KEY_LEN128) && (key_length != AES_KEY_LEN192) && (key_length != AES_KEY_LEN256)) return EINVAL; switch (mode) { case MODE_ECB: if (data_length & 0x0F) return EINVAL; break; case MODE_CBC: if (iv == NULL) return EINVAL; if (data_length & 0x0F) return EINVAL; break; case MODE_CBCCS: if (iv == NULL) return EINVAL; if (data_length <= AES_BLOCK_SIZE) return EINVAL; break; case MODE_CFB: if (iv == NULL) return EINVAL; break; case MODE_CTR: if (iv == NULL) return EINVAL; break; case MODE_OFB: if (iv == NULL) return EINVAL; break; case MODE_XTS: if (iv == NULL) return EINVAL; if (key_length == AES_KEY_LEN192) return EINVAL; if (data_length < AES_BLOCK_SIZE) return EINVAL; break; case MODE_CCM: case MODE_GCM: if (iv == NULL) return EINVAL; break; default: /* unsupported mode */ return EINVAL; } return 0; } static unsigned int check_cmac_parms(unsigned int block_size, const unsigned char *message, unsigned int message_length, unsigned char *mac, unsigned int mac_length, unsigned char *keys, unsigned int key_length, unsigned char *iv) { if (keys == NULL) return EINVAL; if (mac == NULL) { /* intermediate */ if (iv == NULL) return EINVAL; if (message_length % block_size) return EINVAL; } if ((mac_length == 0) || (mac_length > block_size)) return EINVAL; if ((message_length != 0) && (message == NULL)) return EINVAL; switch (block_size) { case DES_BLOCK_SIZE: break; case AES_BLOCK_SIZE: if ((key_length != AES_KEY_LEN128) && (key_length != AES_KEY_LEN192) && (key_length != AES_KEY_LEN256)) return EINVAL; break; default: return EINVAL; } return 0; } static unsigned int check_gcm_parms(unsigned long text_length, unsigned long aad_length, const unsigned char *tag, unsigned int tag_length, unsigned int iv_length) { #ifdef __s390x__ /* * The following comparisions are alaways false on s390 targets * due to limited range of data type. */ if ((text_length > S390_GCM_MAX_TEXT_LENGTH) || (aad_length > S390_GCM_MAX_AAD_LENGTH)) return EINVAL; #else (void)text_length; /* supporess unused param warning */ (void)aad_length; #endif /* * The following check must be done but is commented out because * comparison is always false due to limited range of data type. * * if (iv_length > S390_GCM_MAX_IV_LENGTH) * return EINVAL; */ if (iv_length == 0) return EINVAL; if (tag == NULL) return EINVAL; switch (tag_length) { case 4: case 8: case 12: case 13: case 14: case 15: case 16: break; default: return EINVAL; } return 0; } static unsigned int check_ccm_parms(unsigned long payload_length, unsigned long assoc_data_length, const unsigned char *mac, unsigned int mac_length, unsigned int nonce_length) { if ((payload_length == 0) && (assoc_data_length == 0)) return EINVAL; if ((nonce_length > S390_CCM_MAX_NONCE_LENGTH) || (nonce_length < S390_CCM_MIN_NONCE_LENGTH)) return EINVAL; /* if nonce_length is equal S390_CCM_MIN_NONCE_LENGTH, payload_length * is only limited by the value range of its data type unsigned long * and need no further checking */ if ((nonce_length > S390_CCM_MIN_NONCE_LENGTH) && (payload_length > ((1ull << (8*(15-nonce_length)))))) return EINVAL; if (mac == NULL) return EINVAL; if ((mac_length > S390_CCM_MAX_MAC_LENGTH) || (mac_length < S390_CCM_MIN_MAC_LENGTH) || (mac_length % 2)) return EINVAL; return 0; } static unsigned int check_message_part(unsigned int message_part) { if (message_part != SHA_MSG_PART_ONLY && message_part != SHA_MSG_PART_FIRST && message_part != SHA_MSG_PART_MIDDLE && message_part != SHA_MSG_PART_FINAL) return EINVAL; else return 0; } #endif /* NO_CPACF */ unsigned int ica_open_adapter(ica_adapter_handle_t *adapter_handle) { char *name, status_mask[64]; if (!adapter_handle) return EINVAL; *adapter_handle = DRIVER_NOT_LOADED; name = getenv("LIBICA_CRYPT_DEVICE"); if (name) *adapter_handle = open(name, O_RDWR); else { *adapter_handle = open(DEFAULT_CRYPT_DEVICE, O_RDWR); if (*adapter_handle == -1) *adapter_handle = open(DEFAULT2_CRYPT_DEVICE, O_RDWR); if (*adapter_handle == -1) *adapter_handle = open(DEFAULT3_CRYPT_DEVICE, O_RDWR); } if (*adapter_handle != -1) { /* Test if character device is accessible. */ if (!ioctl(*adapter_handle, Z90STAT_STATUS_MASK, &status_mask)) { return 0; } } /* * Do not fail if crypto device driver is not loaded and CPACF is not * available as the software fallback will still work without an adapter * handle. */ return 0; } unsigned int ica_close_adapter(ica_adapter_handle_t adapter_handle) { if (adapter_handle == DRIVER_NOT_LOADED) return 0; if (close(adapter_handle)) return errno; return 0; } unsigned int ica_sha1(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha_context_t *sha_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha_context); UNUSED(output_data); return EPERM; #else int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* check for maximum and minimum input data length */ /* if this is the first or middle part, the input */ /* data length must be a multiple of 64 bytes */ if ((input_length & 0x3f) && ((message_part == SHA_MSG_PART_FIRST) || (message_part == SHA_MSG_PART_MIDDLE))) return EINVAL; /* * If this is the middle or final part, the running * length should not be zero */ rc = s390_sha1((unsigned char *) &sha_context->shaHash, input_data, input_length, output_data, message_part, (uint64_t *) &sha_context->runningLength); if (!rc) memcpy(&sha_context->shaHash, output_data, SHA_HASH_LENGTH); return rc; #endif /* NO_CPACF */ } unsigned int ica_sha224(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha256_context_t *sha256_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha256_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha256_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 64 bytes. */ if (input_length & 0x3f && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha224((unsigned char *) &sha256_context->sha256Hash, input_data, input_length, output_data, message_part, (uint64_t *)&sha256_context->runningLength); #endif /* NO_CPACF */ } unsigned int ica_sha256(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha256_context_t *sha256_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha256_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha256_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 64 bytes. */ if (input_length & 0x3f && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha256((unsigned char *) &sha256_context->sha256Hash, input_data, input_length, output_data, message_part, (uint64_t *) &sha256_context->runningLength); #endif /* NO_CPACF */ } unsigned int ica_sha384(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha512_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha512_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 128 bytes. */ if (input_length & 0x7f && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha384((unsigned char *) &sha512_context->sha512Hash, input_data, input_length, output_data, message_part, (uint64_t *) &(sha512_context->runningLengthLow), (uint64_t *) &(sha512_context->runningLengthHigh)); #endif /* NO_CPACF */ } unsigned int ica_sha512(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha512_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha512_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 128 bytes. */ if (input_length & 0x7f && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha512((unsigned char *)&sha512_context->sha512Hash, input_data, input_length, output_data, message_part, (uint64_t *) &sha512_context->runningLengthLow, (uint64_t *) &sha512_context->runningLengthHigh); #endif /* NO_CPACF */ } unsigned int ica_sha512_224(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha512_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha512_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 128 bytes. */ if (input_length & 0x7f && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha512_224((unsigned char *)&sha512_context->sha512Hash, input_data, input_length, output_data, message_part, (uint64_t *) &sha512_context->runningLengthLow, (uint64_t *) &sha512_context->runningLengthHigh); #endif /* NO_CPACF */ } unsigned int ica_sha512_256(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha512_context_t *sha512_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha512_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha512_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 128 bytes. */ if (input_length & 0x7f && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha512_256((unsigned char *)&sha512_context->sha512Hash, input_data, input_length, output_data, message_part, (uint64_t *) &sha512_context->runningLengthLow, (uint64_t *) &sha512_context->runningLengthHigh); #endif /* NO_CPACF */ } unsigned int ica_sha3_224(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha3_224_context_t *sha3_224_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha3_224_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha3_224_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 144 bytes. */ if ((input_length % 144 != 0) && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha3_224((unsigned char *) &sha3_224_context->sha3_224Hash, input_data, input_length, output_data, message_part, (uint64_t *)&sha3_224_context->runningLength); #endif /* NO_CPACF */ } unsigned int ica_sha3_256(unsigned int message_part, unsigned int input_length, const unsigned char *input_data, sha3_256_context_t *sha3_256_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha3_256_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha3_256_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 136 bytes. */ if ((input_length % 136 != 0) && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha3_256((unsigned char *) &sha3_256_context->sha3_256Hash, input_data, input_length, output_data, message_part, (uint64_t *) &sha3_256_context->runningLength); #endif /* NO_CPACF */ } unsigned int ica_sha3_384(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha3_384_context_t *sha3_384_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha3_384_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha3_384_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 104 bytes. */ if ((input_length % 104 != 0) && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha3_384((unsigned char *) &sha3_384_context->sha3_384Hash, input_data, input_length, output_data, message_part, (uint64_t *) &(sha3_384_context->runningLengthLow), (uint64_t *) &(sha3_384_context->runningLengthHigh)); #endif /* NO_CPACF */ } unsigned int ica_sha3_512(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, sha3_512_context_t *sha3_512_context, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(sha3_512_context); UNUSED(output_data); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (sha3_512_context == NULL) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 72 bytes. */ if ((input_length % 72 != 0) && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; return s390_sha3_512((unsigned char *)&sha3_512_context->sha3_512Hash, input_data, input_length, output_data, message_part, (uint64_t *) &sha3_512_context->runningLengthLow, (uint64_t *) &sha3_512_context->runningLengthHigh); #endif /* NO_CPACF */ } unsigned int ica_shake_128(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, shake_128_context_t *shake_128_context, unsigned char *output_data, unsigned int output_length) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(shake_128_context); UNUSED(output_data); UNUSED(output_length); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (shake_128_context == NULL) || (output_length == 0) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 168 bytes. */ if ((input_length % 168 != 0) && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) { return EINVAL; } /* set output_length in context for first call and only call */ if ((message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_ONLY)) shake_128_context->output_length = output_length; return s390_shake_128((unsigned char *)&shake_128_context->shake_128Hash, input_data, input_length, output_data, shake_128_context->output_length, message_part, (uint64_t *) &shake_128_context->runningLengthLow, (uint64_t *) &shake_128_context->runningLengthHigh); #endif /* NO_CPACF */ } unsigned int ica_shake_256(unsigned int message_part, uint64_t input_length, const unsigned char *input_data, shake_256_context_t *shake_256_context, unsigned char *output_data, unsigned int output_length) { #ifdef NO_CPACF UNUSED(message_part); UNUSED(input_length); UNUSED(input_data); UNUSED(shake_256_context); UNUSED(output_data); UNUSED(output_length); return EPERM; #else unsigned int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if ((input_data == NULL) || (shake_256_context == NULL) || (output_length == 0) || (output_data == NULL)) return EINVAL; /* make sure some message part is specified */ rc = check_message_part(message_part); if (rc) return rc; /* * for FIRST or MIDDLE calls the input * data length must be a multiple of 136 bytes. */ if ((input_length % 136 != 0) && (message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE)) return EINVAL; /* set output_length in context for first call and only call */ if ((message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_ONLY)) shake_256_context->output_length = output_length; return s390_shake_256((unsigned char *)&shake_256_context->shake_256Hash, input_data, input_length, output_data, shake_256_context->output_length, message_part, (uint64_t *) &shake_256_context->runningLengthLow, (uint64_t *) &shake_256_context->runningLengthHigh); #endif /* NO_CPACF */ } unsigned int ica_random_number_generate(unsigned int output_length, unsigned char *output_data) { #ifdef NO_CPACF UNUSED(output_length); UNUSED(output_data); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (output_data == NULL) return EINVAL; return s390_prng(output_data, output_length); #endif /* NO_CPACF */ } unsigned int ica_rsa_key_generate_mod_expo(ica_adapter_handle_t adapter_handle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_mod_expo_t *private_key) { unsigned int num_ignored_bytes; unsigned char *public_exponent; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (public_key->key_length != private_key->key_length) return EINVAL; /* Keys should comply with modulus_bit_length */ if ((modulus_bit_length + 7) / 8 != public_key->key_length) return EINVAL; /* Minimum key length is sizeof(unsigned long) */ if (public_key->key_length < sizeof(unsigned long)) return EINVAL; /* Max key bit length is 4096 because of CEX adapter restriction */ if (modulus_bit_length > MAX_RSA_KEY_BITS) return EPERM; /* OpenSSL takes only exponents of type unsigned long, so we have to * be sure that we give a value of the right size to OpenSSL. */ num_ignored_bytes = public_key->key_length - sizeof(unsigned long); public_exponent = public_key->exponent; for (; num_ignored_bytes; --num_ignored_bytes, ++public_exponent) if (*public_exponent != 0) return EINVAL; /* There is no need to zeroize any buffers here. This will be done in * the lower routines. */ return rsa_key_generate_mod_expo(adapter_handle, modulus_bit_length, public_key, private_key); } unsigned int ica_rsa_key_generate_crt(ica_adapter_handle_t adapter_handle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_crt_t *private_key) { unsigned int num_ignored_bytes; unsigned char *public_exponent; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (public_key->key_length != private_key->key_length) return EINVAL; if ((modulus_bit_length + 7) / 8 != public_key->key_length) return EINVAL; if (public_key->key_length < sizeof(unsigned long)) return EINVAL; if (modulus_bit_length > MAX_RSA_KEY_BITS) return EPERM; num_ignored_bytes = public_key->key_length - sizeof(unsigned long); public_exponent = public_key->exponent; for (; num_ignored_bytes; --num_ignored_bytes, ++public_exponent) if (*public_exponent != 0) return EINVAL; /* There is no need to zeroize any buffers here. This will be done in * the lower routines. */ return rsa_key_generate_crt(adapter_handle, modulus_bit_length, public_key, private_key); } unsigned int ica_rsa_mod_expo(ica_adapter_handle_t adapter_handle, const unsigned char *input_data, ica_rsa_key_mod_expo_t *rsa_key, unsigned char *output_data) { ica_rsa_modexpo_t rb; int hardware, rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (input_data == NULL || rsa_key == NULL || output_data == NULL) return EINVAL; if (rsa_key->key_length < sizeof(unsigned long)) return EINVAL; if (rsa_key->key_length * 8 > MAX_RSA_KEY_BITS) return EPERM; /* fill driver structure */ rb.inputdata = (unsigned char *)input_data; rb.inputdatalength = rsa_key->key_length; rb.outputdata = output_data; rb.outputdatalength = rsa_key->key_length; rb.b_key = rsa_key->exponent; rb.n_modulus = rsa_key->modulus; hardware = ALGO_SW; if (adapter_handle == DRIVER_NOT_LOADED) rc = ica_fallbacks_enabled ? rsa_mod_expo_sw(&rb) : ENODEV; else { if (any_card_online) rc = ioctl(adapter_handle, ICARSAMODEXPO, &rb); else rc = ENODEV; if (!rc) hardware = ALGO_HW; else rc = ica_fallbacks_enabled ? rsa_mod_expo_sw(&rb) : ENODEV; } if (rc == 0) stats_increment(ICA_STATS_RSA_ME_512 + rsa_keysize_stats_ofs(rsa_key->key_length), hardware, ENCRYPT); OPENSSL_cleanse(&rb, sizeof(rb)); return rc; } unsigned int ica_rsa_crt_key_check(ica_rsa_key_crt_t *rsa_key) { int pq_comp; int keyfmt = 1; BIGNUM *bn_p; BIGNUM *bn_q; BIGNUM *bn_invq; BN_CTX *ctx; unsigned char *tmp_buf = NULL; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check if p > q */ pq_comp = memcmp( (rsa_key->p + 8), (rsa_key->q), rsa_key->key_length/2); if (pq_comp < 0) /* unprivileged key format */ keyfmt = 0; if (!keyfmt) { /* swap p and q */ tmp_buf = calloc(1, rsa_key->key_length/2); if (!tmp_buf) return ENOMEM; memcpy(tmp_buf, rsa_key->p + 8, rsa_key->key_length/2); memcpy(rsa_key->p + 8, rsa_key->q, rsa_key->key_length/2); memcpy(rsa_key->q, tmp_buf, rsa_key->key_length/2); /* swap dp and dq */ memcpy(tmp_buf, rsa_key->dp + 8, rsa_key->key_length/2); memcpy(rsa_key->dp + 8, rsa_key->dq, rsa_key->key_length/2); memcpy(rsa_key->dq, tmp_buf, rsa_key->key_length/2); /* calculate new qInv */ bn_p = BN_new(); bn_q = BN_new(); bn_invq = BN_new(); ctx = BN_CTX_new(); BN_bin2bn(rsa_key->p, rsa_key->key_length/2+8, bn_p); BN_bin2bn(rsa_key->q, rsa_key->key_length/2, bn_q); /* qInv = (1/q) mod p */ BN_mod_inverse(bn_invq, bn_q, bn_p, ctx); memset(tmp_buf, 0, rsa_key->key_length/2); #if OPENSSL_VERSION_NUMBER < 0x10100000L BN_bn2bin(bn_invq, tmp_buf + rsa_key->key_length/2 - BN_num_bytes(bn_invq)); #else BN_bn2binpad(bn_invq, tmp_buf, rsa_key->key_length/2); #endif memcpy(rsa_key->qInverse + 8, tmp_buf, rsa_key->key_length/2); free(tmp_buf); BN_CTX_free(ctx); BN_clear_free(bn_p); BN_clear_free(bn_q); BN_clear_free(bn_invq); return 1; } return 0; } unsigned int ica_rsa_crt(ica_adapter_handle_t adapter_handle, const unsigned char *input_data, ica_rsa_key_crt_t *rsa_key, unsigned char *output_data) { ica_rsa_modexpo_crt_t rb; int hardware, rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (input_data == NULL || rsa_key == NULL || output_data == NULL) return EINVAL; if (rsa_key->key_length < sizeof(unsigned long)) return EINVAL; if (rsa_key->key_length * 8 > MAX_RSA_KEY_BITS) return EPERM; /* fill driver structure */ rb.inputdata = (unsigned char *)input_data; rb.inputdatalength = rsa_key->key_length; rb.outputdata = output_data; rb.outputdatalength = rsa_key->key_length; ica_rsa_crt_key_check(rsa_key); rb.np_prime = rsa_key->p; rb.nq_prime = rsa_key->q; rb.bp_key = rsa_key->dp; rb.bq_key = rsa_key->dq; rb.u_mult_inv = rsa_key->qInverse; hardware = ALGO_SW; if (adapter_handle == DRIVER_NOT_LOADED) rc = ica_fallbacks_enabled ? rsa_crt_sw(&rb) : ENODEV; else { if (any_card_online) rc = ioctl(adapter_handle, ICARSACRT, &rb); else rc = ENODEV; if(!rc) hardware = ALGO_HW; else rc = ica_fallbacks_enabled ? rsa_crt_sw(&rb) : ENODEV; } if (rc == 0) stats_increment(ICA_STATS_RSA_CRT_512 + rsa_keysize_stats_ofs(rsa_key->key_length), hardware, ENCRYPT); OPENSSL_cleanse(&rb, sizeof(rb)); return rc; } /******************************************************************************* * * Begin of ECC API */ ICA_EC_KEY* ica_ec_key_new(unsigned int nid, unsigned int *privlen) { ICA_EC_KEY *key; int len; #ifdef ICA_FIPS if (fips >> 1) return NULL; #endif /* ICA_FIPS */ if ((key = malloc(sizeof(ICA_EC_KEY))) == NULL) return NULL; /* allocate clear memory for the 3 key parts */ len = privlen_from_nid(nid); if (len <= 0) { free(key); return NULL; } key->X = calloc(1, 3*len); if (!key->X) { free(key); return NULL; } key->nid = nid; key->Y = key->X + len; key->D = key->Y + len; *privlen = len; return key; } int ica_ec_key_init(const unsigned char *X, const unsigned char *Y, const unsigned char *D, ICA_EC_KEY *key) { unsigned int privlen; #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (!curve_supported_via_openssl(key->nid)) return EPERM; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (key == NULL) return EINVAL; /* check if curve is supported by hw */ if (!(curve_supported_via_online_card(key->nid) || curve_supported_via_cpacf(key->nid))) return EPERM; if ((X == NULL && Y != NULL) || (X != NULL && Y == NULL)) return EINVAL; privlen = privlen_from_nid(key->nid); if (X != NULL && Y != NULL) { memcpy(key->X, X, privlen); memcpy(key->Y, Y, privlen); } if (D != NULL) memcpy(key->D, D, privlen); /* try to check key via openssl. This may not be possible if curve is * supported via card or CPACF, but openssl is in fips mode. */ if (curve_supported_via_openssl(key->nid) && ec_key_check(key) != 0) return EINVAL; return 0; } int ica_ec_key_generate(ica_adapter_handle_t adapter_handle, ICA_EC_KEY *key) { int hardware, rc; unsigned int icapath = 0; #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (!curve_supported_via_openssl(key->nid)) return EPERM; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (key == NULL) return EINVAL; /* check if curve is supported by hw */ if (!(curve_supported_via_online_card(key->nid) || curve_supported_via_cpacf(key->nid))) return EPERM; #ifndef NO_SW_FALLBACKS icapath = getenv_icapath(); #else icapath = 1; #endif switch (icapath) { case 1: /* hw only */ hardware = ALGO_HW; if (ecc_via_online_card || msa9_switch) rc = eckeygen_hw(adapter_handle, key); else rc = ENODEV; break; case 2: /* sw only */ hardware = ALGO_SW; rc = eckeygen_sw(key); break; default: /* hw with sw fallback (default) */ hardware = ALGO_SW; rc = eckeygen_hw(adapter_handle, key); if (rc == 0) hardware = ALGO_HW; else rc = ica_fallbacks_enabled ? eckeygen_sw(key) : ENODEV; } if (rc == 0) stats_increment(ICA_STATS_ECKGEN_160 + ecc_keysize_stats_ofs(key->nid), hardware, ENCRYPT); return rc; } int ica_ecdh_derive_secret(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, unsigned char *z, unsigned int z_length) { int hardware, rc; unsigned int privlen; unsigned int icapath = 0; #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (privkey_A != NULL && !curve_supported_via_openssl(privkey_A->nid)) return EPERM; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (privkey_A == NULL || pubkey_B == NULL) return EINVAL; privlen = privlen_from_nid(privkey_A->nid); if (z == NULL || z_length < privlen || privkey_A->nid != pubkey_B->nid) return EINVAL; /* check if curve is supported by hw */ if (!(curve_supported_via_online_card(privkey_A->nid) || curve_supported_via_cpacf(privkey_A->nid))) return EPERM; #ifndef NO_SW_FALLBACKS icapath = getenv_icapath(); #else icapath = 1; #endif switch (icapath) { case 1: /* hw only */ hardware = ALGO_HW; if (ecc_via_online_card || msa9_switch) rc = ecdh_hw(adapter_handle, privkey_A, pubkey_B, z); else rc = ENODEV; break; case 2: /* sw only */ hardware = ALGO_SW; rc = ecdh_sw(privkey_A, pubkey_B, z); break; default: /* hw with sw fallback (default) */ hardware = ALGO_SW; rc = ecdh_hw(adapter_handle, privkey_A, pubkey_B, z); if (rc == 0) hardware = ALGO_HW; else rc = ica_fallbacks_enabled ? ecdh_sw(privkey_A, pubkey_B, z) : ENODEV; } if (rc == 0) stats_increment(ICA_STATS_ECDH_160 + ecc_keysize_stats_ofs(privkey_A->nid), hardware, ENCRYPT); return rc; } int ica_ecdsa_sign(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey, const unsigned char *hash, unsigned int hash_length, unsigned char *signature, unsigned int signature_length) { int hardware, rc; unsigned int privlen; unsigned int icapath = 0; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (privkey == NULL) return EINVAL; privlen = privlen_from_nid(privkey->nid); if (hash == NULL || !hash_length_valid(hash_length) || signature == NULL || signature_length < 2*privlen) return EINVAL; #ifndef NO_SW_FALLBACKS icapath = getenv_icapath(); #else icapath = 1; #endif switch (icapath) { case 1: /* hw only */ hardware = ALGO_HW; if (ecc_via_online_card || msa9_switch) rc = ecdsa_sign_hw(adapter_handle, privkey, hash, hash_length, signature); else rc = ENODEV; break; case 2: /* sw only */ hardware = ALGO_SW; rc = ecdsa_sign_sw(privkey, hash, hash_length, signature); break; default: /* hw with sw fallback (default) */ hardware = ALGO_SW; rc = ecdsa_sign_hw(adapter_handle, privkey, hash, hash_length, signature); if (rc == 0) hardware = ALGO_HW; else rc = ica_fallbacks_enabled ? ecdsa_sign_sw(privkey, hash, hash_length, signature) : ENODEV; } if (rc == 0) stats_increment(ICA_STATS_ECDSA_SIGN_160 + ecc_keysize_stats_ofs(privkey->nid), hardware, ENCRYPT); return rc; } int ica_ecdsa_verify(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *pubkey, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature, unsigned int signature_length) { int hardware, rc; unsigned int privlen; unsigned int icapath = 0; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ /* check for obvious errors in parms */ if (pubkey == NULL) return EINVAL; privlen = privlen_from_nid(pubkey->nid); if (hash == NULL || !hash_length_valid(hash_length) || signature == NULL || signature_length < 2*privlen) return EINVAL; #ifndef NO_SW_FALLBACKS icapath = getenv_icapath(); #else icapath = 1; #endif switch (icapath) { case 1: /* hw only */ hardware = ALGO_HW; if (ecc_via_online_card || msa9_switch) rc = ecdsa_verify_hw(adapter_handle, pubkey, hash, hash_length, signature); else rc = ENODEV; break; case 2: /* sw only */ hardware = ALGO_SW; rc = ecdsa_verify_sw(pubkey, hash, hash_length, signature); break; default: /* hw with sw fallback (default) */ hardware = ALGO_SW; rc = ecdsa_verify_hw(adapter_handle, pubkey, hash, hash_length, signature); if (rc == 0) { hardware = ALGO_HW; } else if (rc != EFAULT) { rc = ica_fallbacks_enabled ? ecdsa_verify_sw(pubkey, hash, hash_length, signature) : ENODEV; } } if (rc == 0) stats_increment(ICA_STATS_ECDSA_VERIFY_160 + ecc_keysize_stats_ofs(pubkey->nid), hardware, ENCRYPT); return rc; } int ica_ec_key_get_public_key(const ICA_EC_KEY *key, unsigned char *q, unsigned int *q_len) { if (!key || !(key->X) || privlen_from_nid(key->nid) < 0) return EINVAL; memcpy(q, key->X, 2*privlen_from_nid(key->nid)); *q_len = 2*privlen_from_nid(key->nid); return 0; } int ica_ec_key_get_private_key(const ICA_EC_KEY *key, unsigned char *d, unsigned int *d_len) { if (!key || !(key->D) || privlen_from_nid(key->nid) < 0) return EINVAL; memcpy(d, key->D, privlen_from_nid(key->nid)); *d_len = privlen_from_nid(key->nid); return 0; } void ica_ec_key_free(ICA_EC_KEY *key) { if (!key) return; if (key->X) { /* free 1 block of memory for X, Y, and D */ OPENSSL_cleanse((void *)key->X, 3*privlen_from_nid(key->nid)); free(key->X); } OPENSSL_cleanse((void *)key, sizeof(ICA_EC_KEY)); free(key); } static inline int check_fips(void) { #ifdef ICA_FIPS return fips >> 1; #else return 0; #endif } int ica_x25519_ctx_new(ICA_X25519_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL) return -1; *ctx = calloc(1, sizeof(**ctx)); return 0; #endif /* NO_CPACF */ } int ica_x448_ctx_new(ICA_X448_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL) return -1; *ctx = calloc(1, sizeof(**ctx)); return 0; #endif /* NO_CPACF */ } int ica_ed25519_ctx_new(ICA_ED25519_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL) return -1; *ctx = calloc(1, sizeof(**ctx)); return 0; #endif /* NO_CPACF */ } int ica_ed448_ctx_new(ICA_ED448_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL) return -1; *ctx = calloc(1, sizeof(**ctx)); return 0; #endif /* NO_CPACF */ } int ica_x25519_key_set(ICA_X25519_CTX *ctx, const unsigned char priv[32], const unsigned char pub[32]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { memcpy(ctx->priv, priv, 32); ctx->priv_init = 1; memset(ctx->pub, 0, 32); ctx->pub_init = 0; } if (pub != NULL) { memcpy(ctx->pub, pub, 32); ctx->pub_init = 1; } return 0; #endif /* NO_CPACF */ } int ica_x448_key_set(ICA_X448_CTX *ctx, const unsigned char priv[56], const unsigned char pub[56]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { memcpy(ctx->priv, priv, 56); ctx->priv_init = 1; memset(ctx->pub, 0, 56); ctx->pub_init = 0; } if (pub != NULL) { memcpy(ctx->pub, pub, 56); ctx->pub_init = 1; } return 0; #endif /* NO_CPACF */ } int ica_ed25519_key_set(ICA_ED25519_CTX *ctx, const unsigned char priv[32], const unsigned char pub[32]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { memcpy(ctx->sign_param.priv, priv, 32); ctx->priv_init = 1; memset(ctx->verify_param.pub, 0, 32); ctx->pub_init = 0; } if (pub != NULL) { s390_flip_endian_32(ctx->verify_param.pub, pub); ctx->pub_init = 1; } return 0; #endif /* NO_CPACF */ } int ica_ed448_key_set(ICA_ED448_CTX *ctx, const unsigned char priv[57], const unsigned char pub[57]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { memset(ctx->sign_param.priv, 0, sizeof(ctx->sign_param.priv)); memcpy(ctx->sign_param.priv + 64 - 57, priv, 57); ctx->priv_init = 1; memset(ctx->verify_param.pub, 0, 57); ctx->pub_init = 0; } if (pub != NULL) { memset(ctx->verify_param.pub, 0, sizeof(ctx->verify_param.pub)); memcpy(ctx->verify_param.pub, pub, 57); s390_flip_endian_64(ctx->verify_param.pub, ctx->verify_param.pub); ctx->pub_init = 1; } return 0; #endif /* NO_CPACF */ } int ica_x25519_key_get(ICA_X25519_CTX *ctx, unsigned char priv[32], unsigned char pub[32]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { if (!ctx->priv_init) return -1; memcpy(priv, ctx->priv, 32); } if (pub != NULL) { if (!ctx->pub_init) { if (!ctx->priv_init) return -1; rc = x25519_derive_pub(ctx->pub, ctx->priv); if (rc) { memset(ctx->pub, 0, 32); return -1; } ctx->pub_init = 1; } memcpy(pub, ctx->pub, 32); } return 0; #endif /* NO_CPACF */ } int ica_x448_key_get(ICA_X448_CTX *ctx, unsigned char priv[56], unsigned char pub[56]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { if (!ctx->priv_init) return -1; memcpy(priv, ctx->priv, 56); } if (pub != NULL) { if (!ctx->pub_init) { if (!ctx->priv_init) return -1; rc = x448_derive_pub(ctx->pub, ctx->priv); if (rc) { memset(ctx->pub, 0, 56); return -1; } ctx->pub_init = 1; } memcpy(pub, ctx->pub, 56); } return 0; #endif /* NO_CPACF */ } int ica_ed25519_key_get(ICA_ED25519_CTX *ctx, unsigned char priv[32], unsigned char pub[32]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { if (!ctx->priv_init) return -1; memcpy(priv, ctx->sign_param.priv, sizeof(ctx->sign_param.priv)); } if (pub != NULL) { if (!ctx->pub_init) { if (!ctx->priv_init) return -1; rc = ed25519_derive_pub(ctx->verify_param.pub, ctx->sign_param.priv); if (rc) { memset(ctx->verify_param.pub, 0, 32); return -1; } ctx->pub_init = 1; } s390_flip_endian_32(pub, ctx->verify_param.pub); } return 0; #endif /* NO_CPACF */ } int ica_ed448_key_get(ICA_ED448_CTX *ctx, unsigned char priv[57], unsigned char pub[57]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(priv); UNUSED(pub); return EPERM; #else unsigned char pub64[64]; int rc; if (check_fips() || !msa9_switch || ctx == NULL) return -1; if (priv != NULL) { if (!ctx->priv_init) return -1; memcpy(priv, ctx->sign_param.priv + 64 - 57, sizeof(ctx->sign_param.priv) - (64 - 57)); } if (pub != NULL) { if (!ctx->pub_init) { if (!ctx->priv_init) return -1; rc = ed448_derive_pub(ctx->verify_param.pub + 64 - 57, ctx->sign_param.priv + 64 - 57); if (rc) { memset(ctx->verify_param.pub, 0, 57); return -1; } ctx->pub_init = 1; } s390_flip_endian_64(pub64, ctx->verify_param.pub); memcpy(pub, pub64, 57); } return 0; #endif /* NO_CPACF */ } int ica_x25519_derive(ICA_X25519_CTX *ctx, unsigned char shared_secret[32], const unsigned char peer_pub[32]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(shared_secret); UNUSED(peer_pub); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL || !ctx->priv_init || shared_secret == NULL || peer_pub == NULL) return -1; rc = scalar_mulx_cpacf(shared_secret, ctx->priv, peer_pub, NID_X25519); stats_increment(ICA_STATS_X25519_DERIVE, ALGO_HW, ENCRYPT); return rc; #endif /* NO_CPACF */ } int ica_x448_derive(ICA_X448_CTX *ctx, unsigned char shared_secret[56], const unsigned char peer_pub[56]) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(shared_secret); UNUSED(peer_pub); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL || !ctx->priv_init || shared_secret == NULL || peer_pub == NULL) return -1; rc = scalar_mulx_cpacf(shared_secret, ctx->priv, peer_pub, NID_X448); stats_increment(ICA_STATS_X448_DERIVE, ALGO_HW, ENCRYPT); return rc; #endif /* NO_CPACF */ } int ica_ed25519_sign(ICA_ED25519_CTX *ctx, unsigned char sig[64], const unsigned char *msg, size_t msglen) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(sig); UNUSED(msg); UNUSED(msglen); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL || !ctx->priv_init || sig == NULL || (msg == NULL && msglen != 0)) return -1; rc = s390_kdsa(S390_CRYPTO_EDDSA_SIGN_ED25519, &ctx->sign_param, msg, msglen); if (rc) { memset(ctx->sign_param.sig, 0, sizeof(ctx->sign_param.sig)); return -1; } s390_flip_endian_32(sig, ctx->sign_param.sig); s390_flip_endian_32(sig + 32, ctx->sign_param.sig + 32); memset(ctx->sign_param.sig, 0, sizeof(ctx->sign_param.sig)); stats_increment(ICA_STATS_ED25519_SIGN, ALGO_HW, ENCRYPT); return 0; #endif /* NO_CPACF */ } int ica_ed448_sign(ICA_ED448_CTX *ctx, unsigned char sig[114], const unsigned char *msg, size_t msglen) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(sig); UNUSED(msg); UNUSED(msglen); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL || !ctx->priv_init || sig == NULL || (msg == NULL && msglen != 0)) return -1; rc = s390_kdsa(S390_CRYPTO_EDDSA_SIGN_ED448, &ctx->sign_param, msg, msglen); if (rc) { memset(ctx->sign_param.sig, 0, sizeof(ctx->sign_param.sig)); return -1; } s390_flip_endian_64(ctx->sign_param.sig, ctx->sign_param.sig); s390_flip_endian_64(ctx->sign_param.sig + 64, ctx->sign_param.sig + 64); memcpy(sig, ctx->sign_param.sig, 57); memcpy(sig + 57, ctx->sign_param.sig + 64, 57); memset(ctx->sign_param.sig, 0, sizeof(ctx->sign_param.sig)); stats_increment(ICA_STATS_ED448_SIGN, ALGO_HW, ENCRYPT); return 0; #endif /* NO_CPACF */ } int ica_ed25519_verify(ICA_ED25519_CTX *ctx, const unsigned char sig[64], const unsigned char *msg, size_t msglen) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(sig); UNUSED(msg); UNUSED(msglen); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL || sig == NULL || (msg == NULL && msglen != 0)) return -1; if (!ctx->pub_init) { if (!ctx->priv_init) return -1; rc = ed25519_derive_pub(ctx->verify_param.pub, ctx->sign_param.priv); if (rc) { memset(ctx->verify_param.pub, 0, 32); return -1; } ctx->pub_init = 1; } s390_flip_endian_32(ctx->verify_param.sig, sig); s390_flip_endian_32(ctx->verify_param.sig + 32, sig + 32); rc = s390_kdsa(S390_CRYPTO_EDDSA_VERIFY_ED25519, &ctx->verify_param, msg, msglen); memset(ctx->verify_param.sig, 0, sizeof(ctx->verify_param.sig)); stats_increment(ICA_STATS_ED25519_VERIFY, ALGO_HW, ENCRYPT); return rc == 0 ? 0 : -1; #endif /* NO_CPACF */ } int ica_ed448_verify(ICA_ED448_CTX *ctx, const unsigned char sig[114], const unsigned char *msg, size_t msglen) { #ifdef NO_CPACF UNUSED(ctx); UNUSED(sig); UNUSED(msg); UNUSED(msglen); return EPERM; #else int rc; if (check_fips() || !msa9_switch || ctx == NULL || sig == NULL || (msg == NULL && msglen != 0)) return -1; if (!ctx->pub_init) { if (!ctx->priv_init) return -1; rc = ed448_derive_pub(ctx->verify_param.pub + 64 - 57, ctx->sign_param.priv + 64 - 57); if (rc) { memset(ctx->verify_param.pub, 0, 57); return -1; } ctx->pub_init = 1; } memcpy(ctx->verify_param.sig, sig, 57); memcpy(ctx->verify_param.sig + 64, sig + 57, 57); s390_flip_endian_64(ctx->verify_param.sig, ctx->verify_param.sig); s390_flip_endian_64(ctx->verify_param.sig + 64, ctx->verify_param.sig + 64); rc = s390_kdsa(S390_CRYPTO_EDDSA_VERIFY_ED448, &ctx->verify_param, msg, msglen); if (rc || sig[113] != 0) /* XXX kdsa doesnt check last byte */ rc = -1; memset(ctx->verify_param.sig, 0, sizeof(ctx->verify_param.sig)); stats_increment(ICA_STATS_ED448_VERIFY, ALGO_HW, ENCRYPT); return rc == 0 ? 0 : -1; #endif /* NO_CPACF */ } int ica_x25519_ctx_del(ICA_X25519_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL || *ctx == NULL) return -1; OPENSSL_cleanse(*ctx, sizeof(**ctx)); free(*ctx); *ctx = NULL; return 0; #endif /* NO_CPACF */ } int ica_x448_ctx_del(ICA_X448_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL || *ctx == NULL) return -1; OPENSSL_cleanse(*ctx, sizeof(**ctx)); free(*ctx); *ctx = NULL; return 0; #endif /* NO_CPACF */ } int ica_ed25519_ctx_del(ICA_ED25519_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL || *ctx == NULL) return -1; OPENSSL_cleanse(*ctx, sizeof(**ctx)); free(*ctx); *ctx = NULL; return 0; #endif /* NO_CPACF */ } int ica_ed448_ctx_del(ICA_ED448_CTX **ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (!msa9_switch || ctx == NULL || *ctx == NULL) return -1; OPENSSL_cleanse(*ctx, sizeof(**ctx)); free(*ctx); *ctx = NULL; return 0; #endif /* NO_CPACF */ } int ica_x25519_key_gen(ICA_X25519_CTX *ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; memset(ctx, 0, sizeof(*ctx)); ctx->pub_init = 0; rng_gen(ctx->priv, 32); ctx->priv_init = 1; return 0; #endif /* NO_CPACF */ } int ica_x448_key_gen(ICA_X448_CTX *ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; memset(ctx, 0, sizeof(*ctx)); ctx->pub_init = 0; rng_gen(ctx->priv, 56); ctx->priv_init = 1; return 0; #endif /* NO_CPACF */ } int ica_ed25519_key_gen(ICA_ED25519_CTX *ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; memset(ctx, 0, sizeof(*ctx)); ctx->pub_init = 0; rng_gen(ctx->sign_param.priv, sizeof(ctx->sign_param.priv)); ctx->priv_init = 1; return 0; #endif /* NO_CPACF */ } int ica_ed448_key_gen(ICA_ED448_CTX *ctx) { #ifdef NO_CPACF UNUSED(ctx); return EPERM; #else if (check_fips() || !msa9_switch || ctx == NULL) return -1; memset(ctx, 0, sizeof(*ctx)); ctx->pub_init = 0; rng_gen(ctx->sign_param.priv + 64 - 57, sizeof(ctx->sign_param.priv) - (64 - 57)); ctx->priv_init = 1; return 0; #endif /* NO_CPACF */ } /* * End of ECC API * ******************************************************************************/ unsigned int ica_des_ecb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_des_parms(MODE_ECB, data_length, in_data, NULL, key, out_data)) return EINVAL; return s390_des_ecb(des_directed_fc(direction), data_length, in_data, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_des_cbc(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CBC, data_length, in_data, iv, key, out_data)) return EINVAL; return s390_des_cbc(des_directed_fc(direction), data_length, in_data, iv, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_des_cbc_cs(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction, unsigned int variant) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(direction); UNUSED(variant); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CBCCS, data_length, in_data, iv, key, out_data)) return EINVAL; return s390_des_cbccs(des_directed_fc(direction), in_data, out_data, data_length, key, iv, variant); #endif /* NO_CPACF */ } unsigned int ica_des_cfb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int lcfb, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(lcfb); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CFB, data_length, in_data, iv, key, out_data)) return EINVAL; /* The cipher feedback has to be between 1 and cipher block size. */ if ((lcfb == 0) || (lcfb > DES_BLOCK_SIZE)) return EINVAL; return s390_des_cfb(des_directed_fc(direction), data_length, in_data, iv, key, out_data, lcfb); #endif /* NO_CPACF */ } unsigned int ica_des_ofb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_des_parms(MODE_OFB, data_length, in_data, iv, key, out_data)) return EINVAL; return s390_des_ofb(des_directed_fc(direction), data_length, in_data, iv, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_des_ctr(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *ctr, unsigned int ctr_width, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(ctr); UNUSED(ctr_width); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CTR, data_length, in_data, ctr, key, out_data)) return EINVAL; if ((ctr_width & (8 - 1)) || (ctr_width < 8) || (ctr_width > (DES_BLOCK_SIZE*8))) return EINVAL; return s390_des_ctr(des_directed_fc(direction), in_data, out_data, data_length, key, ctr, ctr_width); #endif /* NO_CPACF */ } unsigned int ica_des_ctrlist(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, const unsigned char *ctrlist, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(ctrlist); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CTR, data_length, in_data, ctrlist, key, out_data)) return EINVAL; return s390_des_ctrlist(des_directed_fc(direction), data_length, in_data, ctrlist, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_des_cmac(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int direction) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(mac); UNUSED(mac_length); UNUSED(key); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ return ica_des_cmac_last(message, message_length, mac, mac_length, key, NULL, direction); #endif /* NO_CPACF */ } unsigned int ica_des_cmac_intermediate(const unsigned char *message, unsigned long message_length, unsigned char *key, unsigned char *iv) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(key); UNUSED(iv); return EPERM; #else unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_cmac_parms(DES_BLOCK_SIZE, message, message_length, NULL, DES_BLOCK_SIZE, /* no mac available (intermediate) */ key, DES_BLOCK_SIZE, iv)) return EINVAL; function_code = des_directed_fc(ICA_DECRYPT); rc = s390_cmac(function_code, message, message_length, DES_BLOCK_SIZE, key, DES_BLOCK_SIZE, NULL, /* no mac available (intermediate) */ iv); if(!rc) stats_increment(ICA_STATS_DES_CMAC, ALGO_HW, ICA_DECRYPT); return rc; #endif /* NO_CPACF */ } unsigned int ica_des_cmac_last(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(mac); UNUSED(mac_length); UNUSED(key); UNUSED(iv); UNUSED(direction); return EPERM; #else unsigned char tmp_mac[DES_BLOCK_SIZE]; unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips) return EACCES; #endif /* ICA_FIPS */ if (check_cmac_parms(DES_BLOCK_SIZE, message, message_length, mac, mac_length, key, DES_BLOCK_SIZE, iv)) return EINVAL; function_code = des_directed_fc(direction); if (direction) { /* generate */ rc = s390_cmac(function_code, message, message_length, DES_BLOCK_SIZE, key, mac_length, mac, iv); if (rc) return rc; else stats_increment(ICA_STATS_DES_CMAC, ALGO_HW, direction); } else { /* verify */ rc = s390_cmac(function_code, message, message_length, DES_BLOCK_SIZE, key, mac_length, tmp_mac, iv); if (rc) return rc; if (CRYPTO_memcmp(tmp_mac, mac, mac_length)) return EFAULT; else stats_increment(ICA_STATS_DES_CMAC, ALGO_HW, direction); } return 0; #endif /* NO_CPACF */ } unsigned int ica_3des_ecb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_des_parms(MODE_ECB, data_length, in_data, NULL, key, out_data)) return EINVAL; return s390_des_ecb(tdes_directed_fc(direction), data_length, in_data, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_3des_cbc(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CBC, data_length, in_data, iv, key, out_data)) return EINVAL; return s390_des_cbc(tdes_directed_fc(direction), data_length, in_data, iv, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_3des_cbc_cs(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction, unsigned int variant) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(direction); UNUSED(variant); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CBCCS, data_length, in_data, iv, key, out_data)) return EINVAL; return s390_des_cbccs(tdes_directed_fc(direction), in_data, out_data, data_length, key, iv, variant); #endif /* NO_CPACF */ } unsigned int ica_3des_cfb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int lcfb, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(lcfb); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CFB, data_length, in_data, iv, key, out_data)) return EINVAL; /* The cipher feedback has to be between 1 and cipher block size. */ if ((lcfb == 0) || (lcfb > DES_BLOCK_SIZE)) return EINVAL; return s390_des_cfb(tdes_directed_fc(direction), data_length, in_data, iv, key, out_data, lcfb); #endif /* NO_CPACF */ } unsigned int ica_3des_ofb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(iv); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_des_parms(MODE_OFB, data_length, in_data, iv, key, out_data)) return EINVAL; return s390_des_ofb(tdes_directed_fc(direction), data_length, in_data, iv, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_3des_ctr(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *ctr, unsigned int ctr_width, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(ctr); UNUSED(ctr_width); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS /* Note that the FIPS ctr check cannot detect ctr wraps * over chained calls to this function. */ unsigned long num_blocks = data_length / DES_BLOCK_SIZE; unsigned int num_additional_bytes = data_length % DES_BLOCK_SIZE; if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; if (num_additional_bytes > 0) num_blocks++; if (ctr_width < 64U && num_blocks > (1ULL << ctr_width)) return EINVAL; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CTR, data_length, in_data, ctr, key, out_data)) return EINVAL; if ((ctr_width & (8 - 1)) || (ctr_width < 8) || (ctr_width > (DES_BLOCK_SIZE*8))) return EINVAL; return s390_des_ctr(tdes_directed_fc(direction), in_data, out_data, data_length, key, ctr, ctr_width); #endif /* NO_CPACF */ } unsigned int ica_3des_ctrlist(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, const unsigned char *ctrlist, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(ctrlist); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_des_parms(MODE_CTR, data_length, in_data, ctrlist, key, out_data)) return EINVAL; return s390_des_ctrlist(tdes_directed_fc(direction), data_length, in_data, ctrlist, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_3des_cmac(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int direction) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(mac); UNUSED(mac_length); UNUSED(key); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ return ica_3des_cmac_last(message, message_length, mac, mac_length, key, NULL, direction); #endif /* NO_CPACF */ } unsigned int ica_3des_cmac_intermediate(const unsigned char *message, unsigned long message_length, unsigned char *key, unsigned char *iv) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(key); UNUSED(iv); return EPERM; #else unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_cmac_parms(DES_BLOCK_SIZE, message, message_length, NULL, DES_BLOCK_SIZE, /* no mac available (intermediate) */ key, 3*DES_BLOCK_SIZE, iv)) return EINVAL; function_code = tdes_directed_fc(ICA_DECRYPT); rc = s390_cmac(function_code, message, message_length, 3*DES_BLOCK_SIZE, key, DES_BLOCK_SIZE, NULL, /* no mac available (intermediate) */ iv); if (!rc) stats_increment(ICA_STATS_3DES_CMAC, ALGO_HW, DECRYPT); return rc; #endif /* NO_CPACF */ } unsigned int ica_3des_cmac_last(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(mac); UNUSED(mac_length); UNUSED(key); UNUSED(iv); UNUSED(direction); return EPERM; #else unsigned char tmp_mac[DES_BLOCK_SIZE]; unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (fips_check_3des_key((ica_des_key_triple_t *)key)) return EINVAL; #endif /* ICA_FIPS */ if (check_cmac_parms(DES_BLOCK_SIZE, message, message_length, mac, mac_length, key, 3*DES_BLOCK_SIZE, iv)) return EINVAL; function_code = tdes_directed_fc(direction); if (direction) { /* generate */ rc = s390_cmac(function_code, message, message_length, 3*DES_BLOCK_SIZE, key, mac_length, mac, iv); if (rc) return rc; else stats_increment(ICA_STATS_3DES_CMAC, ALGO_HW, direction); } else { /* verify */ rc = s390_cmac(function_code, message, message_length, 3*DES_BLOCK_SIZE, key, mac_length, tmp_mac, iv); if (rc) return rc; if (CRYPTO_memcmp(tmp_mac, mac, mac_length)) return EFAULT; else stats_increment(ICA_STATS_3DES_CMAC, ALGO_HW, direction); } return 0; #endif /* NO_CPACF */ } unsigned int ica_aes_ecb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(key_length); UNUSED(direction); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_ECB, data_length, in_data, NULL, key_length, key, out_data)) return EINVAL; function_code = aes_directed_fc(key_length, direction); return s390_aes_ecb(function_code, data_length, in_data, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_aes_cbc(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(key_length); UNUSED(iv); UNUSED(direction); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_CBC, data_length, in_data, iv, key_length, key, out_data)) return EINVAL; function_code = aes_directed_fc(key_length, direction); return s390_aes_cbc(function_code, data_length, in_data, iv, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_aes_cbc_cs(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction, unsigned int variant) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(key_length); UNUSED(iv); UNUSED(direction); UNUSED(variant); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_CBCCS, data_length, in_data, iv, key_length, key, out_data)) return EINVAL; function_code = aes_directed_fc(key_length, direction); return s390_aes_cbccs(function_code, in_data, out_data, data_length, key, iv, variant); #endif /* NO_CPACF */ } unsigned int ica_aes_cfb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int lcfb, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(key_length); UNUSED(iv); UNUSED(lcfb); UNUSED(direction); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_CFB, data_length, in_data, iv, key_length, key, out_data)) return EINVAL; /* The cipher feedback has to be between 1 and cipher block size. */ if ((lcfb == 0) || (lcfb > AES_BLOCK_SIZE)) return EINVAL; function_code = aes_directed_fc(key_length, direction); return s390_aes_cfb(function_code, data_length, in_data, iv, key, out_data, lcfb); #endif /* NO_CPACF */ } unsigned int ica_aes_ofb(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(key_length); UNUSED(iv); UNUSED(direction); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_OFB, data_length, in_data, iv, key_length, key, out_data)) return EINVAL; function_code = aes_directed_fc(key_length, direction); return s390_aes_ofb(function_code, data_length, in_data, iv, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_aes_ctr(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, unsigned char *ctr, unsigned int ctr_width, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(key_length); UNUSED(ctr); UNUSED(ctr_width); UNUSED(direction); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS /* Note that the FIPS ctr check cannot detect ctr wraps * over chained calls to this function. */ unsigned long num_blocks = data_length / AES_BLOCK_SIZE; unsigned int num_additional_bytes = data_length % AES_BLOCK_SIZE; if (fips >> 1) return EACCES; if (num_additional_bytes > 0) num_blocks++; if (ctr_width < 64U && num_blocks > (1ULL << ctr_width)) return EINVAL; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_CTR, data_length, in_data, ctr, key_length, key, out_data)) return EINVAL; if ((ctr_width & (8 - 1)) || (ctr_width < 8) || (ctr_width > (AES_BLOCK_SIZE*8))) return EINVAL; function_code = aes_directed_fc(key_length, direction); return s390_aes_ctr(function_code, in_data, out_data, data_length, key, ctr, ctr_width); #endif /* NO_CPACF */ } unsigned int ica_aes_ctrlist(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned int key_length, const unsigned char *ctrlist, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key); UNUSED(key_length); UNUSED(ctrlist); UNUSED(direction); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_CTR, data_length, in_data, ctrlist, key_length, key, out_data)) return EINVAL; function_code = aes_directed_fc(key_length, direction); return s390_aes_ctrlist(function_code, data_length, in_data, ctrlist, key, out_data); #endif /* NO_CPACF */ } unsigned int ica_aes_xts(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key1, unsigned char *key2, unsigned int key_length, unsigned char *tweak, unsigned int direction) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(key1); UNUSED(key2); UNUSED(key_length); UNUSED(tweak); UNUSED(direction); return EPERM; #else unsigned int function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; if (!CRYPTO_memcmp(key1, key2, key_length)) return EINVAL; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_XTS, data_length, in_data, tweak, key_length, key1, out_data)) return EINVAL; if (key2 == NULL) return EINVAL; switch (key_length) { case AES_KEY_LEN128: function_code = (direction == ICA_DECRYPT) ? AES_128_XTS_DECRYPT : AES_128_XTS_ENCRYPT; break; case AES_KEY_LEN256: function_code = (direction == ICA_DECRYPT) ? AES_256_XTS_DECRYPT : AES_256_XTS_ENCRYPT; break; default: return EINVAL; } return s390_aes_xts(function_code, data_length, in_data, tweak, key1, key2, key_length, out_data); #endif /* NO_CPACF */ } unsigned int ica_aes_cmac(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int key_length, unsigned int direction) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(mac); UNUSED(mac_length); UNUSED(key); UNUSED(key_length); UNUSED(direction); return EPERM; #else #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ return ica_aes_cmac_last(message, message_length, mac, mac_length, key, key_length, NULL, direction); #endif /* NO_CPACF */ } unsigned int ica_aes_cmac_intermediate(const unsigned char *message, unsigned long message_length, unsigned char *key, unsigned int key_length, unsigned char *iv) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(key); UNUSED(key_length); UNUSED(iv); return EPERM; #else unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_cmac_parms(AES_BLOCK_SIZE, message, message_length, NULL, AES_BLOCK_SIZE, /* no mac available (intermediate) */ key, key_length, iv)) return EINVAL; function_code = aes_directed_fc(key_length, ICA_DECRYPT); rc = s390_cmac(function_code, message, message_length, key_length, key, AES_BLOCK_SIZE, NULL, /* no mac available (intermediate) */ iv); if (!rc) stats_increment(ICA_STATS_AES_CMAC_128 + aes_directed_fc_stats_ofs(function_code), ALGO_HW, ICA_DECRYPT); return rc; #endif /* NO_CPACF */ } unsigned int ica_aes_cmac_last(const unsigned char *message, unsigned long message_length, unsigned char *mac, unsigned int mac_length, unsigned char *key, unsigned int key_length, unsigned char *iv, unsigned int direction) { #ifdef NO_CPACF UNUSED(message); UNUSED(message_length); UNUSED(mac); UNUSED(mac_length); UNUSED(key); UNUSED(key_length); UNUSED(iv); UNUSED(direction); return EPERM; #else unsigned char tmp_mac[AES_BLOCK_SIZE]; unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_cmac_parms(AES_BLOCK_SIZE, message, message_length, mac, mac_length, key, key_length, iv)) return EINVAL; function_code = aes_directed_fc(key_length, direction); if (direction) { /* generate */ rc = s390_cmac(function_code, message, message_length, key_length, key, mac_length, mac, iv); if (rc) return rc; stats_increment(ICA_STATS_AES_CMAC_128 + aes_directed_fc_stats_ofs(function_code), ALGO_HW, direction); } else { /* verify */ rc = s390_cmac(function_code, message, message_length, key_length, key, mac_length, tmp_mac, iv); if (rc) return rc; if (CRYPTO_memcmp(tmp_mac, mac, mac_length)) return EFAULT; stats_increment(ICA_STATS_AES_CMAC_128 + aes_directed_fc_stats_ofs(function_code), ALGO_HW, direction); } return 0; #endif /* NO_CPACF */ } unsigned int ica_aes_ccm(unsigned char *payload, unsigned long payload_length, unsigned char *ciphertext_n_mac, unsigned int mac_length, const unsigned char *assoc_data, unsigned long assoc_data_length, const unsigned char *nonce, unsigned int nonce_length, unsigned char *key, unsigned int key_length, unsigned int direction) { #ifdef NO_CPACF UNUSED(payload); UNUSED(payload_length); UNUSED(ciphertext_n_mac); UNUSED(mac_length); UNUSED(assoc_data); UNUSED(assoc_data_length); UNUSED(nonce); UNUSED(nonce_length); UNUSED(key); UNUSED(key_length); UNUSED(direction); return EPERM; #else unsigned char tmp_mac[AES_BLOCK_SIZE]; unsigned char *mac; unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (check_aes_parms(MODE_CCM, payload_length, payload, nonce, key_length, key, ciphertext_n_mac)) return EINVAL; if (check_ccm_parms(payload_length, assoc_data_length, ciphertext_n_mac + payload_length, mac_length, nonce_length)) return EINVAL; function_code = aes_directed_fc(key_length, direction); mac = (direction == ICA_ENCRYPT) ? (unsigned char *)(ciphertext_n_mac + payload_length) : tmp_mac; rc = s390_ccm(function_code, payload, payload_length, ciphertext_n_mac, assoc_data, assoc_data_length, nonce, nonce_length, mac, mac_length, key); if (rc) return rc; if (direction == ICA_DECRYPT) { /* verify */ if (CRYPTO_memcmp((unsigned char *)(ciphertext_n_mac + payload_length), tmp_mac, mac_length)) return EFAULT; } return 0; #endif /* NO_CPACF */ } unsigned int ica_aes_gcm(unsigned char *plaintext, unsigned long plaintext_length, unsigned char *ciphertext, const unsigned char *iv, unsigned int iv_length, const unsigned char *aad, unsigned long aad_length, unsigned char *tag, unsigned int tag_length, unsigned char *key, unsigned int key_length, unsigned int direction) { #ifdef NO_CPACF UNUSED(plaintext); UNUSED(plaintext_length); UNUSED(ciphertext); UNUSED(iv); UNUSED(iv_length); UNUSED(aad); UNUSED(aad_length); UNUSED(tag); UNUSED(tag_length); UNUSED(key); UNUSED(key_length); UNUSED(direction); return EPERM; #else unsigned char tmp_tag[AES_BLOCK_SIZE]; unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (plaintext_length != 0) { if (check_aes_parms(MODE_GCM, plaintext_length, plaintext, iv, key_length, key, ciphertext)) return EINVAL; } else { /* If only aad is processed (ghash), pt/ct may be NULL. */ if (check_aes_parms(MODE_GCM, plaintext_length, (unsigned char *)1, iv, key_length, key, (unsigned char *)1)) return EINVAL; } if (check_gcm_parms(plaintext_length, aad_length, tag, tag_length, iv_length)) return EINVAL; memset(tmp_tag, 0, sizeof(tmp_tag)); function_code = aes_directed_fc(key_length, direction); if (direction) { /* encrypt & generate */ rc = s390_gcm(function_code, plaintext, plaintext_length, ciphertext, iv, iv_length, aad, aad_length, tag, tag_length, key); if (rc) return rc; } else { /* decrypt & verify */ rc = s390_gcm(function_code, plaintext, plaintext_length, ciphertext, iv, iv_length, aad, aad_length, tmp_tag, AES_BLOCK_SIZE, key); if (rc) return rc; if (CRYPTO_memcmp(tmp_tag, tag, tag_length)) return EFAULT; } return 0; #endif /* NO_CPACF */ } unsigned int ica_aes_gcm_initialize(const unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *icb, unsigned char *ucb, unsigned char *subkey, unsigned int direction) { #ifdef NO_CPACF UNUSED(iv); UNUSED(iv_length); UNUSED(key); UNUSED(key_length); UNUSED(icb); UNUSED(ucb); UNUSED(subkey); UNUSED(direction); return EPERM; #else unsigned long function_code; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ function_code = aes_directed_fc(key_length, direction); return s390_gcm_initialize(function_code, iv, iv_length, key, icb, ucb, subkey); #endif /* NO_CPACF */ } unsigned int ica_aes_gcm_intermediate(unsigned char *plaintext, unsigned long plaintext_length, unsigned char *ciphertext, unsigned char *cb, unsigned char *aad, unsigned long aad_length, unsigned char *tag, unsigned int tag_length, unsigned char *key, unsigned int key_length, unsigned char *subkey, unsigned int direction) { #ifdef NO_CPACF UNUSED(plaintext); UNUSED(plaintext_length); UNUSED(ciphertext); UNUSED(cb); UNUSED(aad); UNUSED(aad_length); UNUSED(tag); UNUSED(tag_length); UNUSED(key); UNUSED(key_length); UNUSED(subkey); UNUSED(direction); return EPERM; #else unsigned long function_code; int rc, iv_length_dummy = 12; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (plaintext_length != 0) { if (check_aes_parms(MODE_GCM, plaintext_length, plaintext, cb, key_length, key, ciphertext)) return EINVAL; } else { /* If only aad is processed (ghash), pt/ct may be NULL. */ if (check_aes_parms(MODE_GCM, plaintext_length, (unsigned char *)1, cb, key_length, key, (unsigned char *)1)) return EINVAL; } if (check_gcm_parms(plaintext_length, aad_length, tag, tag_length, iv_length_dummy)) return EINVAL; function_code = aes_directed_fc(key_length, direction); if (direction) { /* encrypt & generate */ rc = s390_gcm_intermediate(function_code, plaintext, plaintext_length, ciphertext, cb, aad, aad_length, tag, key, subkey); if (rc) return rc; } else { /* decrypt & verify */ rc = s390_gcm_intermediate(function_code, plaintext, plaintext_length, ciphertext, cb, aad, aad_length, tag, key, subkey); if (rc) return rc; } return 0; #endif /* NO_CPACF */ } unsigned int ica_aes_gcm_last( unsigned char *icb, unsigned long aad_length, unsigned long ciph_length, unsigned char *tag, unsigned char *final_tag, unsigned int final_tag_length, unsigned char *key, unsigned int key_length, unsigned char *subkey, unsigned int direction) { #ifdef NO_CPACF UNUSED(icb); UNUSED(aad_length); UNUSED(ciph_length); UNUSED(tag); UNUSED(final_tag); UNUSED(final_tag_length); UNUSED(key); UNUSED(key_length); UNUSED(subkey); UNUSED(direction); return EPERM; #else unsigned long function_code; int rc; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ function_code = aes_directed_fc(key_length, direction); if (direction) { /* encrypt & generate */ rc = s390_gcm_last(function_code, icb, aad_length, ciph_length, tag, AES_BLOCK_SIZE, key, subkey); if (rc) return rc; } else { /* decrypt & verify */ rc = s390_gcm_last(function_code, icb, aad_length, ciph_length, tag, AES_BLOCK_SIZE, key, subkey); if (rc) return rc; if (CRYPTO_memcmp(tag, final_tag, final_tag_length)) return EFAULT; } return 0; #endif /* NO_CPACF */ } /************************************************************************************* * * GCM(2) API */ kma_ctx* ica_aes_gcm_kma_ctx_new(void) { #ifdef NO_CPACF return NULL; #else kma_ctx* ctx = malloc(sizeof(kma_ctx)); if (!ctx) return NULL; memset(ctx, 0, sizeof(kma_ctx)); return ctx; #endif /* NO_CPACF */ } int ica_aes_gcm_kma_init(unsigned int direction, const unsigned char *iv, unsigned int iv_length, const unsigned char *key, unsigned int key_length, kma_ctx* ctx) { #ifdef NO_CPACF UNUSED(direction); UNUSED(iv); UNUSED(iv_length); UNUSED(key); UNUSED(key_length); UNUSED(ctx); return EPERM; #else int rc = 0; unsigned long function_code = aes_directed_fc(key_length, direction); /* Check for obvious errors */ if (!ctx || !key || iv_length == 0 || !is_valid_aes_key_length(key_length) || !is_valid_direction(direction)) { return EINVAL; } memset(ctx, 0, sizeof(kma_ctx)); ctx->version = 0x00; ctx->direction = direction; ctx->key_length = key_length; ctx->iv = (unsigned char*)iv; ctx->iv_length = iv_length; memcpy(&(ctx->key), key, key_length); /* Calculate subkey_h and j0 depending on iv_length */ if (*s390_kma_functions[function_code].enabled && iv_length == GCM_RECOMMENDED_IV_LENGTH) { /* let KMA provide the subkey_h, j0 = iv || 00000001 */ memcpy(&(ctx->j0), iv, iv_length); ctx->cv = 1; unsigned int* cv = (unsigned int*)&(ctx->j0[GCM_RECOMMENDED_IV_LENGTH]); *cv = 1; } else { /* Calculate subkey H and initial counter, based on iv */ rc = s390_aes_ecb(UNDIRECTED_FC(function_code), AES_BLOCK_SIZE, zero_block, (unsigned char*)key, (unsigned char*)&(ctx->subkey_h)); if (rc) return rc; __compute_j0(iv, iv_length, (const unsigned char*)&(ctx->subkey_h), (unsigned char*)&(ctx->j0)); unsigned int *cv = (unsigned int*)&(ctx->j0[GCM_RECOMMENDED_IV_LENGTH]); ctx->cv = *cv; ctx->subkey_provided = 1; } return rc; #endif /* NO_CPACF */ } int ica_aes_gcm_kma_update(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *aad, unsigned long aad_length, unsigned int end_of_aad, unsigned int end_of_data, kma_ctx* ctx) { #ifdef NO_CPACF UNUSED(in_data); UNUSED(out_data); UNUSED(data_length); UNUSED(aad); UNUSED(aad_length); UNUSED(end_of_aad); UNUSED(end_of_data); UNUSED(ctx); return EPERM; #else unsigned int function_code = aes_directed_fc(ctx->key_length, ctx->direction); #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if (data_length > 0 && (!in_data || !out_data)) return EFAULT; if (!(*s390_kma_functions[function_code].enabled)) { if (end_of_aad && end_of_data && !ctx->intermediate) { ctx->done = 1; return s390_aes_gcm_simulate_kma_full(in_data, out_data, data_length, aad, aad_length, ctx); } else { ctx->intermediate = 1; return s390_aes_gcm_simulate_kma_intermediate(in_data, out_data, data_length, aad, aad_length, ctx); } } else { return s390_aes_gcm_kma(in_data, out_data, data_length, aad, aad_length, end_of_aad, end_of_data, ctx); } #endif /* NO_CPACF */ } int ica_aes_gcm_kma_get_tag(unsigned char *tag, unsigned int tag_length, const kma_ctx* ctx) { #ifdef NO_CPACF UNUSED(tag); UNUSED(tag_length); UNUSED(ctx); return EPERM; #else int rc=0; unsigned int function_code = aes_directed_fc(ctx->key_length, ctx->direction); if (!ctx || !tag || !is_valid_tag_length(tag_length)) return EINVAL; if (ctx->direction == ICA_DECRYPT) return EFAULT; if (!(*s390_kma_functions[function_code].enabled) && !ctx->done) { rc = s390_gcm_last(function_code, (unsigned char*)ctx->j0, ctx->total_aad_length, ctx->total_input_length, (unsigned char*)ctx->tag, AES_BLOCK_SIZE, (unsigned char*)ctx->key, (unsigned char*)ctx->subkey_h); if (rc) return rc; } memcpy(tag, ctx->tag, tag_length); return 0; #endif /* NO_CPACF */ } int ica_aes_gcm_kma_verify_tag(const unsigned char* known_tag, unsigned int tag_length, const kma_ctx* ctx) { #ifdef NO_CPACF UNUSED(known_tag); UNUSED(tag_length); UNUSED(ctx); return EPERM; #else int rc; unsigned int function_code = aes_directed_fc(ctx->key_length, ctx->direction); if (!ctx || !known_tag || !is_valid_tag_length(tag_length)) return EINVAL; if (ctx->direction == ICA_ENCRYPT) return EFAULT; if (!(*s390_kma_functions[function_code].enabled) && !ctx->done) { rc = s390_gcm_last(function_code, (unsigned char*)ctx->j0, ctx->total_aad_length, ctx->total_input_length, (unsigned char*)ctx->tag, AES_BLOCK_SIZE, (unsigned char*)ctx->key, (unsigned char*)ctx->subkey_h); if (rc) return rc; } if (CRYPTO_memcmp(ctx->tag, known_tag, tag_length) != 0) return EFAULT; return 0; #endif /* NO_CPACF */ } void ica_aes_gcm_kma_ctx_free(kma_ctx* ctx) { if (!ctx) return; OPENSSL_cleanse((void *)ctx, sizeof(kma_ctx)); free(ctx); } /** * End of GCM(2) API * ***************************************************************************************/ unsigned int ica_get_version(libica_version_info *version_info) { #ifdef VERSION int rc; int i; char *pch; char *saveptr; int length = strnlen(VERSION, MAX_VERSION_LENGTH); char buffer[length+1]; if (version_info == NULL) { return EINVAL; } rc = snprintf(buffer, (length+1), "%s", VERSION); if (rc <= 0) { return EIO; } for (pch = strtok_r(buffer, ".", &saveptr), i = 1; pch != NULL; pch = strtok_r(NULL, ".", &saveptr), i++) { switch(i) { case 1: version_info->major_version = atoi(pch); break; case 2: version_info->minor_version = atoi(pch); break; case 3: version_info->fixpack_version = atoi(pch); break; default: return EIO; } } if (i < 3) return EIO; return 0; #else /* We expect the libica version information in the format x.y.z * defined in the macro VERSION as part of the build process. */ return EIO; #endif } unsigned int ica_get_functionlist(libica_func_list_element *pmech_list, unsigned int *pmech_list_len) { return s390_get_functionlist(pmech_list, pmech_list_len); } /* * ica_drbg: libica's Deterministic Random Bit Generator * (conforming to NIST SP 800-90A) */ ica_drbg_mech_t *const ICA_DRBG_SHA512 = &DRBG_SHA512; static inline int ica_drbg_error(int status) { switch(status){ case 0: return 0; case DRBG_RESEED_REQUIRED: case DRBG_NONCE_INV: return EPERM; case DRBG_NOMEM: return ENOMEM; case DRBG_SH_INV: case DRBG_MECH_INV: case DRBG_PERS_INV: case DRBG_ADD_INV: case DRBG_REQUEST_INV: return EINVAL; case DRBG_SEC_NOTSUPP: case DRBG_PR_NOTSUPP: return ENOTSUP; case DRBG_HEALTH_TEST_FAIL: return ICA_DRBG_HEALTH_TEST_FAIL; case DRBG_ENTROPY_SOURCE_FAIL: return ICA_DRBG_ENTROPY_SOURCE_FAIL; default: return -1; /* unreachable */ } } int ica_drbg_instantiate(ica_drbg_t **sh, int sec, bool pr, ica_drbg_mech_t *mech, const unsigned char *pers, size_t pers_len) { #ifdef NO_CPACF UNUSED(sh); UNUSED(sec); UNUSED(pr); UNUSED(mech); UNUSED(pers); UNUSED(pers_len); return EPERM; #else int status; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ status = drbg_mech_valid(mech); if(status) return ica_drbg_error(status); /* Run instantiate health test (11.3.2). */ pthread_rwlock_wrlock(&mech->lock); status = drbg_health_test(drbg_instantiate, sec, pr, mech); pthread_rwlock_unlock(&mech->lock); if(status) return ica_drbg_error(status); /* Instantiate. */ status = drbg_instantiate(sh, sec, pr, mech, pers, pers_len, false, NULL, 0, NULL, 0); if(0 > status) mech->error_state = status; return ica_drbg_error(status); #endif /* NO_CPACF */ } int ica_drbg_reseed(ica_drbg_t *sh, bool pr, const unsigned char *add, size_t add_len) { #ifdef NO_CPACF UNUSED(sh); UNUSED(pr); UNUSED(add); UNUSED(add_len); return EPERM; #else int status; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if(!sh) return ica_drbg_error(DRBG_SH_INV); status = drbg_mech_valid(sh->mech); if(status) return ica_drbg_error(status); /* Reseed health test runs whenever generate is tested (11.3.4). */ /* Reseed. */ status = drbg_reseed(sh, pr, add, add_len, false, NULL, 0); if(0 > status) sh->mech->error_state = status; return ica_drbg_error(status); #endif /* NO_CPACF */ } int ica_drbg_generate(ica_drbg_t *sh, int sec, bool pr, const unsigned char *add, size_t add_len, unsigned char *prnd, size_t prnd_len) { #ifdef NO_CPACF UNUSED(sh); UNUSED(sec); UNUSED(pr); UNUSED(add); UNUSED(add_len); UNUSED(prnd); UNUSED(prnd_len); return EPERM; #else int status; #ifdef ICA_FIPS if (fips >> 1) return EACCES; #endif /* ICA_FIPS */ if(!sh) return ica_drbg_error(DRBG_SH_INV); status = drbg_mech_valid(sh->mech); if(status) return ica_drbg_error(status); /* Run generate and reseed health tests before first use of these * functions and when indicated by the test counter (11.3.3). */ pthread_rwlock_wrlock(&sh->mech->lock); if(!(sh->mech->test_ctr %= sh->mech->test_intervall)){ status = drbg_health_test(drbg_reseed, sec, pr, sh->mech); if(!status) status = drbg_health_test(drbg_generate, sec, pr, sh->mech); if(status){ pthread_rwlock_unlock(&sh->mech->lock); return ica_drbg_error(status); } } sh->mech->test_ctr++; pthread_rwlock_unlock(&sh->mech->lock); /* Generate. */ status = pthread_rwlock_rdlock(&sh->mech->lock); if(EAGAIN == status) return ica_drbg_error(DRBG_REQUEST_INV); status = drbg_generate(sh, sec, pr, add, add_len, false, NULL, 0, prnd, prnd_len); pthread_rwlock_unlock(&sh->mech->lock); if(0 > status) sh->mech->error_state = status; /* Inhibit output if mechanism is in error state (11.3.6). */ if(sh->mech->error_state) drbg_zmem(prnd, prnd_len); return ica_drbg_error(status); #endif /* NO_CPACF */ } int ica_drbg_uninstantiate(ica_drbg_t **sh) { #ifdef NO_CPACF UNUSED(sh); return EPERM; #else /* Uninstantiate health test runs whenever other functions are * tested (11.3.5). */ /* Uninstantiate. */ return ica_drbg_error(drbg_uninstantiate(sh, false)); #endif /* NO_CPACF */ } int ica_drbg_health_test(void *func, int sec, bool pr, ica_drbg_mech_t *mech) { #ifdef NO_CPACF UNUSED(func); UNUSED(sec); UNUSED(pr); UNUSED(mech); return EPERM; #else int status; status = drbg_mech_valid(mech); if(status) return ica_drbg_error(status); /* Health test. */ pthread_rwlock_wrlock(&mech->lock); if(ica_drbg_instantiate == func) status = drbg_health_test(drbg_instantiate, sec, pr, mech); else if(ica_drbg_reseed == func) status = drbg_health_test(drbg_reseed, sec, pr, mech); else if(ica_drbg_generate == func){ status = drbg_health_test(drbg_reseed, sec, pr, mech); if(!status) status = drbg_health_test(drbg_generate, sec, pr, mech); mech->test_ctr = 1; /* reset test counter */ } else status = DRBG_REQUEST_INV; pthread_rwlock_unlock(&mech->lock); return ica_drbg_error(status); #endif /* NO_CPACF */ } int ica_fips_status(void) { #ifdef ICA_FIPS return fips; #else return 0; #endif } #ifdef ICA_FIPS void ica_fips_powerup_tests(void) { fips_powerup_tests(); } #endif /* ICA_FIPS */ libica-4.0.1/src/icainfo.c000066400000000000000000000300331417716165400153150ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* * Display a list of all CP Assist for Cryptographic Function (CPACF) * operations supported by libica on a system. * * Author(s): Ralph Wuerthner * Holger Dengler * Benedikt Klotz * Ingo Tuchscherer * * Copyright IBM Corp. 2007, 2011, 2014 */ #include #include #include #include #include #include #include #include #include #include #include #include "fips.h" #include "ica_api.h" #include "s390_crypto.h" #include "s390_ecc.h" #if defined(NO_SW_FALLBACKS) && defined(NO_CPACF) #define CMD_NAME "icainfo-cex" #else #define CMD_NAME "icainfo" #endif #define COPYRIGHT "Copyright IBM Corp. 2007, 2021." #define CELL_SIZE 3 typedef struct { unsigned int nid; unsigned char *sname; unsigned int flags; } s390_supported_curves_t; static const unsigned int cca_nids[] = { NID_X9_62_prime192v1, NID_secp224r1, NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1, NID_brainpoolP160r1, NID_brainpoolP192r1, NID_brainpoolP224r1, NID_brainpoolP256r1, NID_brainpoolP320r1, NID_brainpoolP384r1, NID_brainpoolP512r1 }; static const unsigned int cca_nids_len = sizeof(cca_nids) / sizeof(unsigned int); static const unsigned int cpacf_nids[] = { NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1, NID_ED25519, NID_ED448, NID_X25519, NID_X448 }; static const unsigned int cpacf_nids_len = sizeof(cpacf_nids) / sizeof(unsigned int); static int is_msa9(void) { unsigned int mech_len, j; libica_func_list_element *pmech_list = NULL; if (ica_get_functionlist(NULL, &mech_len) != 0) { perror("get_functionlist: "); return 0; } pmech_list = malloc(sizeof(libica_func_list_element)*mech_len); if (ica_get_functionlist(pmech_list, &mech_len) != 0) { perror("get_functionlist: "); free(pmech_list); return 0; } for (j = 0; j < mech_len; j++) { if (pmech_list[j].mech_mode_id == EC_DSA_SIGN) { if (pmech_list[j].flags & ICA_FLAG_SHW) { free(pmech_list); return 1; } } } free(pmech_list); return 0; } static int online_cca_card(void) { unsigned int mech_len, j; libica_func_list_element *pmech_list = NULL; if (ica_get_functionlist(NULL, &mech_len) != 0) { perror("get_functionlist: "); return 0; } pmech_list = malloc(sizeof(libica_func_list_element)*mech_len); if (ica_get_functionlist(pmech_list, &mech_len) != 0) { perror("get_functionlist: "); free(pmech_list); return 0; } for (j = 0; j < mech_len; j++) { if (pmech_list[j].mech_mode_id == EC_DSA_SIGN) { if (pmech_list[j].flags & ICA_FLAG_DHW) { free(pmech_list); return 1; } } } free(pmech_list); return 0; } static int num_cpacf_curves(void) { if (!is_msa9()) return 0; return sizeof(cpacf_nids) / sizeof(unsigned int); } static int num_cca_curves(void) { if (!online_cca_card()) return 0; return sizeof(cca_nids) / sizeof(unsigned int); } void append_nid(unsigned int nid, unsigned int flag, s390_supported_curves_t *curve_array, size_t array_len) { const char* sname; unsigned int i; for (i = 0; i < array_len; i++) { if (curve_array[i].nid == 0) { curve_array[i].nid = nid; sname = OBJ_nid2sn(nid); if (sname == NULL) sname = ""; curve_array[i].sname = (unsigned char *)sname; curve_array[i].flags |= flag; if (curve_supported_via_openssl(nid) && sw_fallbacks_implemented(nid)) curve_array[i].flags |= ICA_FLAG_SW; break; } } } void add_hw_curves(s390_supported_curves_t *curve_array, size_t array_len, const unsigned int nids[], unsigned int nids_len, unsigned int flag) { unsigned int i, j, merged; for (i = 0; i < nids_len; i++) { merged = 0; for (j = 0; j < array_len; j++) { if (curve_array[j].nid == nids[i]) { curve_array[j].flags |= flag; if (curve_supported_via_openssl(nids[i]) && sw_fallbacks_implemented(nids[i])) curve_array[j].flags |= ICA_FLAG_SW; merged = 1; break; } } if (!merged) append_nid(nids[i], flag, curve_array, array_len); } } void add_curves(s390_supported_curves_t *curve_array, size_t array_len) { if (online_cca_card()) add_hw_curves(curve_array, array_len, cca_nids, cca_nids_len, ICA_FLAG_DHW); if (is_msa9()) add_hw_curves(curve_array, array_len, cpacf_nids, cpacf_nids_len, ICA_FLAG_SHW); } /** * These are nids that are fips approved, but libica has no sw fallbacks * implemented for them. If they are supported via hw, we want them in the * icainfo output. */ unsigned int fips_override(unsigned int nid) { switch (nid) { case NID_ED25519: case NID_ED448: case NID_X25519: case NID_X448: return 1; default: return 0; } } void print_ec_curves(void) { s390_supported_curves_t *curve_array; unsigned int array_len, array_size, n; array_len = num_cca_curves() + num_cpacf_curves(); array_size = array_len * sizeof(s390_supported_curves_t); curve_array = calloc(1, array_size); if (!curve_array) { fprintf(stderr, "Error: cannot allocate %d bytes for array of curves.\n", array_size); return; } add_curves(curve_array, array_len); printf("-------------------------------------------------------\n"); printf(" | hardware | \n"); printf(" EC curve | dynamic | static | software \n"); printf("-----------------+------------+------------+-----------\n"); for (n = 0; n < array_len; n++) { #ifdef ICA_FIPS /* In fips mode, only allow openssl-fips supported curves, and curves * that are fips approved, but have no sw fallback implemented.*/ if (curve_array[n].nid != 0 && ((curve_array[n].flags & ICA_FLAG_SW) || (fips_override(curve_array[n].nid)))) { #else if (curve_array[n].nid != 0) { #endif printf("%16s | %*s | %*s | %*s\n", curve_array[n].sname, CELL_SIZE, curve_array[n].flags & ICA_FLAG_DHW ? "yes" : "no", CELL_SIZE, #ifdef NO_CPACF "-", #else curve_array[n].flags & ICA_FLAG_SHW ? "yes" : "no", #endif CELL_SIZE, #if defined(NO_SW_FALLBACKS) || defined(NO_CPACF) "-"); #else curve_array[n].flags & ICA_FLAG_SW ? "yes" : "no"); #endif } } printf("-------------------------------------------------------\n"); #ifdef ICA_FIPS printf("Built-in FIPS support: FIPS mode %s.\n", ica_fips_status() & ICA_FIPS_MODE ? "active" : "inactive"); if (ica_fips_status() >> 1) printf("FIPS SELF-TEST FAILURE. CHECK THE SYSLOG.\n"); #else printf("No built-in FIPS support.\n"); #endif /* ICA_FIPS */ free(curve_array); } void print_version(void) { #if defined(NO_SW_FALLBACKS) && defined(NO_CPACF) printf(CMD_NAME ": libica-cex version " VERSION "\n" COPYRIGHT "\n"); #else printf(CMD_NAME ": libica version " VERSION "\n" COPYRIGHT "\n"); #endif } void print_help(char *cmd) { printf("Usage: %s [OPTION]\n", cmd); printf ("Display a list of all CP Assist for Cryptographic Function " "(CPACF)\noperations supported by libica on this system.\n" "\n" "Options:\n" " -v, --version show version information\n" " -c, --list-curves list supported EC curves\n" " -h, --help display this help text\n"); } #define getopt_string "qcvh" static struct option getopt_long_options[] = { {"list-curves", 0, 0, 'c'}, {"version", 0, 0, 'v'}, {"help", 0, 0, 'h'}, {0, 0, 0, 0} }; struct crypt_pair { char *name; unsigned int algo_id; }; static struct crypt_pair crypt_map[] = { {"SHA-1", SHA1}, {"SHA-224", SHA224}, {"SHA-256", SHA256}, {"SHA-384", SHA384}, {"SHA-512", SHA512}, {"SHA-512/224", SHA512_224}, {"SHA-512/256", SHA512_256}, {"SHA3-224", SHA3_224}, {"SHA3-256", SHA3_256}, {"SHA3-384", SHA3_384}, {"SHA3-512", SHA3_512}, {"SHAKE-128", SHAKE128}, {"SHAKE-256", SHAKE128}, {"GHASH", G_HASH}, {"P_RNG", P_RNG}, {"DRBG-SHA-512", SHA512_DRNG}, {"ECDH", EC_DH}, {"ECDSA Sign", EC_DSA_SIGN}, {"ECDSA Verify", EC_DSA_VERIFY}, {"EC Keygen", EC_KGEN}, {"Ed25519 Keygen", ED25519_KEYGEN}, {"Ed25519 Sign", ED25519_SIGN}, {"Ed25519 Verify", ED25519_VERIFY}, {"Ed448 Keygen", ED448_KEYGEN}, {"Ed448 Sign", ED448_SIGN}, {"Ed448 Verify", ED448_VERIFY}, {"X25519 Keygen", X25519_KEYGEN}, {"X25519 Derive", X25519_DERIVE}, {"X448 Keygen", X448_KEYGEN}, {"X448 Derive", X448_DERIVE}, {"RSA Keygen ME", RSA_KEY_GEN_ME}, {"RSA Keygen CRT", RSA_KEY_GEN_CRT}, {"RSA ME", RSA_ME}, {"RSA CRT", RSA_CRT}, {"DES ECB", DES_ECB}, {"DES CBC", DES_CBC}, {"DES OFB", DES_OFB}, {"DES CFB", DES_CFB}, {"DES CTR", DES_CTR}, {"DES CMAC", DES_CMAC}, {"3DES ECB", DES3_ECB}, {"3DES CBC", DES3_CBC}, {"3DES OFB", DES3_OFB}, {"3DES CFB", DES3_OFB}, {"3DES CTR", DES3_CTR}, {"3DES CMAC", DES3_CMAC}, {"AES ECB", AES_ECB}, {"AES CBC", AES_CBC}, {"AES OFB", AES_OFB}, {"AES CFB", AES_CFB}, {"AES CTR", AES_CTR}, {"AES CMAC", AES_CMAC}, {"AES XTS", AES_XTS}, {"AES GCM", AES_GCM_KMA}, {NULL,0} }; int main(int argc, char **argv) { int rc; int index = 0; unsigned int mech_len, j; libica_func_list_element *pmech_list = NULL; unsigned int i; while ((rc = getopt_long(argc, argv, getopt_string, getopt_long_options, &index)) != -1) { switch (rc) { case 'c': print_ec_curves(); exit(0); case 'v': print_version(); exit(0); break; case 'h': print_help(basename(argv[0])); exit(0); default: fprintf(stderr, "Try '%s --help' for more" " information.\n", basename(argv[0])); exit(1); } } if (optind < argc) { fprintf(stderr, "%s: invalid option.\n" "Try '%s --help' for more information.\n", argv[0], basename(argv[0])); exit(1); } printf(" Cryptographic algorithm support \n"); printf("------------------------------------------------------\n"); if (ica_get_functionlist(NULL, &mech_len) != 0){ perror("get_functionlist: "); return EXIT_FAILURE; } pmech_list = malloc(sizeof(libica_func_list_element)*mech_len); if (ica_get_functionlist(pmech_list, &mech_len) != 0){ perror("get_functionlist: "); free(pmech_list); return EXIT_FAILURE; } printf(" | hardware | \n"); printf(" function | dynamic | static | software \n"); printf("---------------+------------+------------+------------\n"); for(i = 0; crypt_map[i].algo_id; i++){ for(j = 0; j < mech_len; j++){ if(crypt_map[i].algo_id == pmech_list[j].mech_mode_id){ #ifdef ICA_FIPS if (((ica_fips_status() & ICA_FIPS_MODE) && !fips_approved(pmech_list[j].mech_mode_id)) || ica_fips_status() >> 1) { #if defined(NO_SW_FALLBACKS) && defined(NO_CPACF) printf("%14s | blocked | - | - \n", #elif defined (NO_CPACF) printf("%14s | blocked | - | - \n", #elif defined (NO_SW_FALLBACKS) printf("%14s | blocked | blocked | - \n", #else printf("%14s | blocked | blocked | blocked\n", #endif crypt_map[i].name); break; } #endif /* ICA_FIPS */ printf("%14s | %*s | %*s | %*s\n", crypt_map[i].name, CELL_SIZE, pmech_list[j].flags & ICA_FLAG_DHW ? "yes" : "no", CELL_SIZE, #ifdef NO_CPACF pmech_list[j].flags & ICA_FLAG_SHW ? "yes" : "-", #else pmech_list[j].flags & ICA_FLAG_SHW ? "yes" : "no", #endif CELL_SIZE, #if defined(NO_SW_FALLBACKS) || defined(NO_CPACF) pmech_list[j].flags & ICA_FLAG_SW ? "yes" : "-"); #else pmech_list[j].flags & ICA_FLAG_SW ? "yes" : "no"); #endif } } } free(pmech_list); printf("------------------------------------------------------\n"); #ifdef ICA_FIPS printf("Built-in FIPS support: FIPS mode %s.\n", ica_fips_status() & ICA_FIPS_MODE ? "active" : "inactive"); if (ica_fips_status() >> 1) printf("FIPS SELF-TEST FAILURE. CHECK THE SYSLOG.\n"); #else printf("No built-in FIPS support.\n"); #endif /* ICA_FIPS */ #ifdef NO_SW_FALLBACKS printf("Software fallbacks are disabled.\n"); #endif #ifdef NO_CPACF printf("CPACF support (including fallbacks) is disabled in libica-cex.\n"); #endif return EXIT_SUCCESS; } libica-4.0.1/src/icastats.c000066400000000000000000000216371417716165400155320ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* * Authors(s): Christian Maaser * Holger Dengler * Benedikt Klotz * Ingo Tuchscherer * * Copyright IBM Corp. 2009-2019 */ #include #include #include #include #include #include #include #include #include #include #include #include "icastats.h" #define CMD_NAME "icastats" #define COPYRIGHT "Copyright IBM Corp. 2009-2021" void print_version(void) { printf(CMD_NAME ": libica version " VERSION "\n" COPYRIGHT "\n"); } void print_help(char *cmd) { printf("Usage: %s [OPTION]\n\n", cmd); printf("This command is used to indicate whether libica uses hardware crypto functions or\n" "software fallbacks. It provides an overview of the algorithms with modes of operation.\n" "\n" "Options:\n" " -r, --reset set the own function counters to zero.\n" " -R, --reset-all reset the statistsics from all users. (root user only)\n" " -d, --delete delete your own statistics.\n" " -D, --delete-all delete the statistics from all users. (root user only)\n" " -U, --user show the statistics from one user. (root user only)\n" " -S, --summary show the accumulated statistics from all users. (root user only)\n" " -A, --all show the statistic tables from all users. (root user only)\n" " -k, --key-sizes show statistics per key size.\n" " -j, --json output the statistics in JSON format.\n" " -v, --version output version information\n" " -h, --help display help information\n"); } #define getopt_string "rRdDU:SAkjvh" static struct option getopt_long_options[] = { {"reset", 0, 0, 'r'}, {"reset-all", 0, 0, 'R'}, {"delete", 0, 0, 'd'}, {"delete-all", 0, 0, 'D'}, {"user", required_argument, 0, 'U'}, {"summary", 0, 0, 'S'}, {"all", 0, 0, 'A'}, {"key-sizes", 0, 0, 'k'}, {"json", 0, 0, 'j'}, {"version", 0, 0, 'v'}, {"help", 0, 0, 'h'}, {0, 0, 0, 0} }; const char *const STATS_DESC[ICA_NUM_STATS] = { STAT_STRINGS }; #define CELL_SIZE 12 void print_stats(stats_entry_t *stats, int key_sizes) { printf(" function | hardware | software\n"); printf("----------------+------------------------------+-----------------------------\n"); printf(" | ENC CRYPT DEC | ENC CRYPT DEC \n"); printf("----------------+------------------------------+-----------------------------\n"); unsigned int i; for (i = 0; i < ICA_NUM_STATS; ++i) { if (!key_sizes && strncmp(STATS_DESC[i], "- ", 2) == 0) continue; if(i <= ICA_STATS_RSA_CRT_4096) { printf(" %14s | %*lu | %*lu\n", STATS_DESC[i], CELL_SIZE, stats[i].enc.hw, CELL_SIZE, stats[i].enc.sw); } else { printf(" %14s |%*lu %*lu |%*lu %*lu\n", STATS_DESC[i], CELL_SIZE, stats[i].enc.hw, CELL_SIZE, stats[i].dec.hw, CELL_SIZE, stats[i].enc.sw, CELL_SIZE, stats[i].dec.sw); } } } static int first_usr; void print_json_header() { char timestamp[200]; struct utsname un; struct tm *tm; time_t t; time(&t); tm = gmtime(&t); /* ISO 8601 format: e.g. 2021-11-17T08:01:23Z (always UTC) */ strftime(timestamp, sizeof(timestamp), "%FT%TZ", tm); if (uname(&un) != 0) { fprintf(stderr, "Failed to obtain system information, uname: %s", strerror(errno)); return; } printf("{\n\t\"host\": {\n"); printf("\t\t\"nodename\": \"%s\",\n", un.nodename); printf("\t\t\"sysname\": \"%s\",\n", un.sysname); printf("\t\t\"release\": \"%s\",\n", un.release); printf("\t\t\"machine\": \"%s\",\n", un.machine); printf("\t\t\"date\": \"%s\"\n", timestamp); printf("\t},\n\t\"users\": ["); first_usr = 1; } void print_stats_json(stats_entry_t *stats, const char *usr) { unsigned int i; const char *last_func = NULL; if (!first_usr) printf(","); printf("\n\t\t{\n\t\t\t\"user\": \"%s\",\n", usr); printf("\t\t\t\"functions\": ["); for (i = 0; i < ICA_NUM_STATS; ++i) { if (i < ICA_NUM_STATS - 1 && strncmp(STATS_DESC[i + 1], "- ", 2) == 0 && strncmp(STATS_DESC[i], "- ", 2) != 0) { last_func = STATS_DESC[i]; continue; } if (i != 0) printf(","); printf("\n\t\t\t\t{\n"); if (strncmp(STATS_DESC[i], "- ", 2) == 0 && last_func != NULL) { printf("\t\t\t\t\t\"function\": \"%s %s\",\n", last_func, STATS_DESC[i]); } else { printf("\t\t\t\t\t\"function\": \"%s\",\n", STATS_DESC[i]); last_func = NULL; } if (i <= ICA_STATS_RSA_CRT_4096) { printf("\t\t\t\t\t\"hw-crypt\": %lu,\n", stats[i].enc.hw); printf("\t\t\t\t\t\"sw-crypt\": %lu\n", stats[i].enc.sw); } else { printf("\t\t\t\t\t\"hw-enc\": %lu,\n", stats[i].enc.hw); printf("\t\t\t\t\t\"sw-enc\": %lu,\n", stats[i].enc.sw); printf("\t\t\t\t\t\"hw-dec\": %lu,\n", stats[i].dec.hw); printf("\t\t\t\t\t\"sw-dec\": %lu\n", stats[i].dec.sw); } printf("\t\t\t\t}"); } printf("\n\t\t\t]\n\t\t}"); first_usr = 0; } void print_json_footer() { printf("\n\t]\n}\n"); } int main(int argc, char *argv[]) { int rc = 0; int index = 0; int reset = 0; int delete = 0; int sum = 0; int user = -1; int all = 0; int key_sizes = 0; int json = 0; struct passwd *pswd; while ((rc = getopt_long(argc, argv, getopt_string, getopt_long_options, &index)) != -1) { switch (rc) { case 'r': reset = 1; break; case 'R': if(geteuid() != 0){ fprintf(stderr,"You have no rights to reset all shared memory" " segments!\n"); return EXIT_FAILURE; } reset = 2; break; case 'd': delete = 1; break; case 'D': if(geteuid() != 0){ fprintf(stderr,"You have no rights to delete all shared memory" " segments!\n"); return EXIT_FAILURE; } delete = 2; break; case 'U': if((pswd = getpwnam(optarg)) == NULL){ fprintf(stderr, "The username %s is not known" " on this system.\n", optarg ); return EXIT_FAILURE; } user = pswd->pw_uid; break; case 'S': sum = 1; break; case 'A': all = 1; break; case 'k': key_sizes = 1; break; case 'j': json = 1; break; case 'v': print_version(); exit(0); break; case 'h': print_help(basename(argv[0])); exit(0); default: fprintf(stderr, "Try '%s --help' for more information.\n", basename(argv[0])); return EXIT_FAILURE; } } if (optind < argc) { fprintf(stderr, "%s: invalid option.\n\ Try '%s --help' for more information.\n", argv[0], basename(argv[0])); return EXIT_FAILURE; } if(delete == 2){ if(delete_all() == -1){ perror("deleteall: "); return EXIT_FAILURE; } return EXIT_SUCCESS; } else if(delete){ stats_mmap(user); stats_munmap(SHM_DESTROY); return EXIT_SUCCESS; } if(all){ char *usr; stats_entry_t *entries; if (json) print_json_header(); while((usr = get_next_usr()) != NULL){ if((entries = malloc(sizeof(stats_entry_t)*ICA_NUM_STATS)) == NULL){ perror("malloc: "); return EXIT_FAILURE; } get_stats_data(entries); if (json) { print_stats_json(entries, usr); } else { printf("user: %s\n", usr); print_stats(entries, key_sizes); } free(entries); } if (json) print_json_footer(); return EXIT_SUCCESS; } if (sum){ stats_entry_t *entries; if((entries = malloc(sizeof(stats_entry_t)*ICA_NUM_STATS)) == NULL){ perror("malloc: "); return EXIT_FAILURE; } if(!get_stats_sum(entries)){ perror("get_stats_sum: "); return EXIT_FAILURE; } if (json) { print_json_header(); print_stats_json(entries, "all users"); print_json_footer(); } else { print_stats(entries, key_sizes); } return EXIT_SUCCESS; } if(reset == 2){ while(get_next_usr() != NULL) stats_reset(); return EXIT_SUCCESS; } /* Need to open shm before it can be reseted */ if (stats_mmap(user)) { fprintf(stderr, "Could not map shared memory region to local " "address space.\n"); return EXIT_FAILURE; } if (reset) { stats_reset(); } else{ stats_entry_t *stats; if((stats = malloc(sizeof(stats_entry_t)*ICA_NUM_STATS)) == NULL){ perror("malloc: "); return EXIT_FAILURE; } get_stats_data(stats); if (json) { pswd = getpwuid(user == -1 ? geteuid() : (uid_t)user); if (pswd == NULL) { fprintf(stderr, "Failed to get user name"); return EXIT_FAILURE; } print_json_header(); print_stats_json(stats, pswd->pw_name); print_json_footer(); } else { print_stats(stats, key_sizes); } } return EXIT_SUCCESS; } libica-4.0.1/src/icastats_shared.c000066400000000000000000000225571417716165400170620ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Christian Maaser * Holger Dengler * Benedikt Klotz * * Copyright IBM Corp. 2009, 2011, 2013 */ #include #include #include #include #include #include #include #include #include #include #include #include #include "icastats.h" #include "init.h" #define NOT_INITIALIZED (-1) #define NAME_LENGHT 20 static stats_entry_t *stats = NULL; volatile int stats_shm_handle = NOT_INITIALIZED; /* open shared memory segment * Arguments: * @user: if user is -1 stats_mmap will open the shared memory segent of the same * user. * If it is not -1, stats_mmap will treat it as uid and will open the shared memory * segment of this userid * return value: * 0 - Success * -1 - Error: See errno for errorcode */ int stats_mmap(int user) { char shm_id[NAME_LENGHT]; struct stat stat_buf; if (stats == NULL) { sprintf(shm_id, "icastats_%d", user == -1 ? geteuid() : (uid_t)user); stats_shm_handle = shm_open(shm_id, O_RDWR, S_IRUSR | S_IWUSR); if (stats_shm_handle == NOT_INITIALIZED) stats_shm_handle = shm_open(shm_id, O_CREAT | O_RDWR, S_IRUSR | S_IWUSR); if (stats_shm_handle == NOT_INITIALIZED) return -1; if (user > 0 && geteuid() == 0) { if (fchown(stats_shm_handle, user, user) == -1) { close(stats_shm_handle); return -1; } } if (fstat(stats_shm_handle, &stat_buf)) { close(stats_shm_handle); return -1; } if (ftruncate(stats_shm_handle, STATS_SHM_SIZE) == -1) { close(stats_shm_handle); return -1; } stats = (stats_entry_t *) mmap(NULL, STATS_SHM_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED, stats_shm_handle, 0); if (stats == MAP_FAILED){ close(stats_shm_handle); stats = NULL; return -1; } if (stat_buf.st_size != STATS_SHM_SIZE) memset(stats, 0, STATS_SHM_SIZE); } return 0; } /* Close and/or delete the shared memory segment * Argument: * @unlink - if unlink is true the shared memory segment will be * deleted. If it is false it will only be closed. */ void stats_munmap(int unlink) { char shm_id[NAME_LENGHT]; sprintf(shm_id, "icastats_%d", geteuid()); if (stats == NULL) return; munmap(stats, STATS_SHM_SIZE); close(stats_shm_handle); stats_shm_handle = NOT_INITIALIZED; if(unlink == SHM_DESTROY) shm_unlink(shm_id); stats = NULL; } /* query the shared memory segment for a specific field * arguments: * @field - the enum of the field see icastats.h * @hardware - valid values are ALGO_SW for software statistics * and ALGO_HW for hardware statistics * @direction - valid values are ENCRYPT and DECRYPT */ uint64_t stats_query(stats_fields_t field, int hardware, int direction) { if (stats == NULL) return 0; if (direction == ENCRYPT) if (hardware == ALGO_HW) return stats[field].enc.hw; else return stats[field].enc.sw; else if (hardware == ALGO_HW) return stats[field].dec.hw; else return stats[field].dec.sw; } static uint64_t calc_summary(stats_fields_t start, unsigned int num, int hardware, int direction) { unsigned int i; uint64_t sum = 0; for (i = 0; i < num; i++) sum += stats_query(start + i, hardware, direction); return sum; } /* Returns the statistic data in a stats_entry_t array * @entries - Needs to be a array of size ICA_NUM_STATS. */ void get_stats_data(stats_entry_t *entries) { unsigned int i; for(i = 0; i < ICA_NUM_STATS; i++) { switch (i) { case ICA_STATS_AES_ECB: case ICA_STATS_AES_CBC: case ICA_STATS_AES_OFB: case ICA_STATS_AES_CFB: case ICA_STATS_AES_CTR: case ICA_STATS_AES_CMAC: case ICA_STATS_AES_GCM: entries[i].enc.hw = calc_summary(i + 1, 3, ALGO_HW, ENCRYPT); entries[i].enc.sw = calc_summary(i + 1, 3, ALGO_SW, ENCRYPT); entries[i].dec.hw = calc_summary(i + 1, 3, ALGO_HW, DECRYPT); entries[i].dec.sw = calc_summary(i + 1, 3, ALGO_SW, DECRYPT); break; case ICA_STATS_AES_XTS: entries[i].enc.hw = calc_summary(i + 1, 2, ALGO_HW, ENCRYPT); entries[i].enc.sw = calc_summary(i + 1, 2, ALGO_SW, ENCRYPT); entries[i].dec.hw = calc_summary(i + 1, 2, ALGO_HW, DECRYPT); entries[i].dec.sw = calc_summary(i + 1, 2, ALGO_SW, DECRYPT); break; case ICA_STATS_RSA_ME: case ICA_STATS_RSA_CRT: entries[i].enc.hw = calc_summary(i + 1, 4, ALGO_HW, ENCRYPT); entries[i].enc.sw = calc_summary(i + 1, 4, ALGO_SW, ENCRYPT); entries[i].dec.hw = calc_summary(i + 1, 4, ALGO_HW, DECRYPT); entries[i].dec.sw = calc_summary(i + 1, 4, ALGO_SW, DECRYPT); break; case ICA_STATS_ECDH: case ICA_STATS_ECDSA_SIGN: case ICA_STATS_ECDSA_VERIFY: case ICA_STATS_ECKGEN: entries[i].enc.hw = calc_summary(i + 1, 8, ALGO_HW, ENCRYPT); entries[i].enc.sw = calc_summary(i + 1, 8, ALGO_SW, ENCRYPT); entries[i].dec.hw = calc_summary(i + 1, 8, ALGO_HW, DECRYPT); entries[i].dec.sw = calc_summary(i + 1, 8, ALGO_SW, DECRYPT); break; default: entries[i].enc.hw = stats_query(i, ALGO_HW, ENCRYPT); entries[i].enc.sw = stats_query(i, ALGO_SW, ENCRYPT); entries[i].dec.hw = stats_query(i, ALGO_HW, DECRYPT); entries[i].dec.sw = stats_query(i, ALGO_SW, DECRYPT); break; } } } /* get the statistic data from all shared memory segments * accumulated in one variable * @sum: sum must be array of the size of ICA_NUM_STATS * After a call to this function sum contains the accumulated * data of all shared memory segments. * Return value: * 1 - Success * 0 - Error, check errno! */ int get_stats_sum(stats_entry_t *sum) { unsigned int i; struct dirent *direntp; DIR *shmDir; memset(sum, 0, sizeof(stats_entry_t)*ICA_NUM_STATS); if((shmDir = opendir("/dev/shm")) == NULL) return 0; while((direntp = readdir(shmDir)) != NULL){ if(strstr(direntp->d_name, "icastats_") != NULL){ int fd; stats_entry_t *tmp; if((getpwuid(atoi(&direntp->d_name[9]))) == NULL){ closedir(shmDir); return 0; } if ((fd = shm_open(direntp->d_name, O_RDONLY, 0)) == -1){ closedir(shmDir); return 0; } if ((tmp = (stats_entry_t *)mmap(NULL, STATS_SHM_SIZE, PROT_READ, MAP_SHARED, fd, 0)) == MAP_FAILED){ closedir(shmDir); close(fd); return 0; } for(i = 0; id_name, "icastats_") != NULL){ int uid = atoi(&direntp->d_name[9]); struct passwd *pwd; if((pwd = getpwuid(uid)) == NULL) return NULL; if(stats_mmap(uid) == -1) return NULL; return pwd->pw_name; } else{ continue; } } closedir(shmDir); shmDir = NULL; return NULL; } #ifndef ICASTATS /* increments a field of the shared memory segment * arguments: * @field - the enum of the field see icastats.h * @hardware - valid values are ALGO_SW for software statistics * and ALGO_HW for hardware statistics * @direction - valid values are ENCRYPT and DECRYPT */ void stats_increment(stats_fields_t field, int hardware, int direction) { if (!ica_stats_enabled) return; if (stats == NULL) return; if(direction == ENCRYPT) if (hardware == ALGO_HW) __sync_add_and_fetch(&stats[field].enc.hw, 1); else __sync_add_and_fetch(&stats[field].enc.sw, 1); else if (hardware == ALGO_HW) __sync_add_and_fetch(&stats[field].dec.hw, 1); else __sync_add_and_fetch(&stats[field].dec.sw, 1); } #endif /* Reset the shared memory segment to zero */ void stats_reset() { if (stats == NULL) return; memset(stats, 0, sizeof(stats_entry_t)*ICA_NUM_STATS); } /* Delete all shared memory segments * Return values: * 1 - Success * 0 - Error, check errno! */ int delete_all() { stats_munmap(SHM_DESTROY); struct dirent *direntp; DIR *shmDir; if((shmDir = opendir("/dev/shm")) == NULL) return 0; while((direntp = readdir(shmDir)) != NULL){ if(strstr(direntp->d_name, "icastats_") != NULL){ if(shm_unlink(direntp->d_name) == -1) return 0; } } closedir(shmDir); return 1; } libica-4.0.1/src/include/000077500000000000000000000000001417716165400151655ustar00rootroot00000000000000libica-4.0.1/src/include/fips.h000066400000000000000000000026261417716165400163050ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2015 */ #ifdef ICA_FIPS #ifndef FIPS_H #define FIPS_H #include "ica_api.h" #define FIPS_FLAG "/proc/sys/crypto/fips_enabled" extern int fips; /* module status */ int openssl_in_fips_mode(void); /* * Initialize global fips var to 1 resp. 0 when FIPS_FLAG is 1 resp. 0 (or not * present). */ void fips_init(void); /* * Powerup tests: crypto algorithm test, SW/FW integrity test, critical * function test (no critical functions). The tests set the * corresponding status flags. */ void fips_powerup_tests(void); /* * List of non-fips-approved algorithms */ static const int FIPS_BLACKLIST[] = {DES_ECB, DES_CBC, DES_CBC_CS, DES_OFB, DES_CFB, DES_CTR, DES_CTRLST, DES_CBC_MAC, DES_CMAC, P_RNG}; static const size_t FIPS_BLACKLIST_LEN = sizeof(FIPS_BLACKLIST) / sizeof(FIPS_BLACKLIST[0]); /* * Returns 1 if the algorithm identified by @id is FIPS approved. * Returns 0 otherwise. */ static inline int fips_approved(int id) { size_t i; for (i = 0; i < FIPS_BLACKLIST_LEN; i++) { if (id == FIPS_BLACKLIST[i]) return 0; } return 1; } #endif /* FIPS_H */ #endif /* ICA_FIPS */ libica-4.0.1/src/include/icastats.h000066400000000000000000000152211417716165400171520ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Christian Maaser * Benedikt Klotz * * Copyright IBM Corp. 2009, 2013 */ #ifndef __ICA_STATS_H__ #define __ICA_STATS_H__ #include #include #include "ica_api.h" typedef struct crypt_opts{ uint64_t hw; uint64_t sw; } crypt_opts_t; typedef struct statis_entry { crypt_opts_t enc; crypt_opts_t dec; } stats_entry_t; typedef enum stats_fields { /* crypt counter */ ICA_STATS_SHA1 = 0, ICA_STATS_SHA224, ICA_STATS_SHA256, ICA_STATS_SHA384, ICA_STATS_SHA512, ICA_STATS_SHA512_224, ICA_STATS_SHA512_256, ICA_STATS_SHA3_224, ICA_STATS_SHA3_256, ICA_STATS_SHA3_384, ICA_STATS_SHA3_512, ICA_STATS_SHAKE_128, ICA_STATS_SHAKE_256, ICA_STATS_GHASH, ICA_STATS_PRNG, ICA_STATS_DRBGSHA512, ICA_STATS_ECDH, ICA_STATS_ECDH_160, ICA_STATS_ECDH_192, ICA_STATS_ECDH_224, ICA_STATS_ECDH_256, ICA_STATS_ECDH_320, ICA_STATS_ECDH_384, ICA_STATS_ECDH_512, ICA_STATS_ECDH_521, ICA_STATS_ECDSA_SIGN, ICA_STATS_ECDSA_SIGN_160, ICA_STATS_ECDSA_SIGN_192, ICA_STATS_ECDSA_SIGN_224, ICA_STATS_ECDSA_SIGN_256, ICA_STATS_ECDSA_SIGN_320, ICA_STATS_ECDSA_SIGN_384, ICA_STATS_ECDSA_SIGN_512, ICA_STATS_ECDSA_SIGN_521, ICA_STATS_ECDSA_VERIFY, ICA_STATS_ECDSA_VERIFY_160, ICA_STATS_ECDSA_VERIFY_192, ICA_STATS_ECDSA_VERIFY_224, ICA_STATS_ECDSA_VERIFY_256, ICA_STATS_ECDSA_VERIFY_320, ICA_STATS_ECDSA_VERIFY_384, ICA_STATS_ECDSA_VERIFY_512, ICA_STATS_ECDSA_VERIFY_521, ICA_STATS_ECKGEN, ICA_STATS_ECKGEN_160, ICA_STATS_ECKGEN_192, ICA_STATS_ECKGEN_224, ICA_STATS_ECKGEN_256, ICA_STATS_ECKGEN_320, ICA_STATS_ECKGEN_384, ICA_STATS_ECKGEN_512, ICA_STATS_ECKGEN_521, ICA_STATS_ED25519_KEYGEN, ICA_STATS_ED25519_SIGN, ICA_STATS_ED25519_VERIFY, ICA_STATS_ED448_KEYGEN, ICA_STATS_ED448_SIGN, ICA_STATS_ED448_VERIFY, ICA_STATS_X25519_KEYGEN, ICA_STATS_X25519_DERIVE, ICA_STATS_X448_KEYGEN, ICA_STATS_X448_DERIVE, ICA_STATS_RSA_ME, ICA_STATS_RSA_ME_512, ICA_STATS_RSA_ME_1024, ICA_STATS_RSA_ME_2048, ICA_STATS_RSA_ME_4096, ICA_STATS_RSA_CRT, ICA_STATS_RSA_CRT_512, ICA_STATS_RSA_CRT_1024, ICA_STATS_RSA_CRT_2048, ICA_STATS_RSA_CRT_4096, /* add new crypt counters above RSA_CRT_4096 (see print_stats function) */ /* enc and dec counter */ ICA_STATS_DES_ECB, ICA_STATS_DES_CBC, ICA_STATS_DES_OFB, ICA_STATS_DES_CFB, ICA_STATS_DES_CTR, ICA_STATS_DES_CMAC, ICA_STATS_3DES_ECB, ICA_STATS_3DES_CBC, ICA_STATS_3DES_OFB, ICA_STATS_3DES_CFB, ICA_STATS_3DES_CTR, ICA_STATS_3DES_CMAC, ICA_STATS_AES_ECB, ICA_STATS_AES_ECB_128, ICA_STATS_AES_ECB_192, ICA_STATS_AES_ECB_256, ICA_STATS_AES_CBC, ICA_STATS_AES_CBC_128, ICA_STATS_AES_CBC_192, ICA_STATS_AES_CBC_256, ICA_STATS_AES_OFB, ICA_STATS_AES_OFB_128, ICA_STATS_AES_OFB_192, ICA_STATS_AES_OFB_256, ICA_STATS_AES_CFB, ICA_STATS_AES_CFB_128, ICA_STATS_AES_CFB_192, ICA_STATS_AES_CFB_256, ICA_STATS_AES_CTR, ICA_STATS_AES_CTR_128, ICA_STATS_AES_CTR_192, ICA_STATS_AES_CTR_256, ICA_STATS_AES_CMAC, ICA_STATS_AES_CMAC_128, ICA_STATS_AES_CMAC_192, ICA_STATS_AES_CMAC_256, ICA_STATS_AES_XTS, ICA_STATS_AES_XTS_128, ICA_STATS_AES_XTS_256, ICA_STATS_AES_GCM, ICA_STATS_AES_GCM_128, ICA_STATS_AES_GCM_192, ICA_STATS_AES_GCM_256, /* number of counters */ ICA_NUM_STATS } stats_fields_t; #define STAT_STRINGS \ "SHA-1", \ "SHA-224", \ "SHA-256", \ "SHA-384", \ "SHA-512", \ "SHA-512/224", \ "SHA-512/256", \ "SHA3-224", \ "SHA3-256", \ "SHA3-384", \ "SHA3-512", \ "SHAKE-128", \ "SHAKE-256", \ "GHASH", \ "P_RNG", \ "DRBG-SHA-512", \ "ECDH", \ "- 160", \ "- 192", \ "- 224", \ "- 256", \ "- 320", \ "- 384", \ "- 512", \ "- 521", \ "ECDSA Sign", \ "- 160", \ "- 192", \ "- 224", \ "- 256", \ "- 320", \ "- 384", \ "- 512", \ "- 521", \ "ECDSA Verify", \ "- 160", \ "- 192", \ "- 224", \ "- 256", \ "- 320", \ "- 384", \ "- 512", \ "- 521", \ "EC Keygen", \ "- 160", \ "- 192", \ "- 224", \ "- 256", \ "- 320", \ "- 384", \ "- 512", \ "- 521", \ "Ed25519 Keygen",\ "Ed25519 Sign", \ "Ed25519 Verify",\ "Ed448 Keygen",\ "Ed448 Sign", \ "Ed448 Verify",\ "X25519 Keygen",\ "X25519 Derive",\ "X448 Keygen", \ "X448 Derive", \ "RSA-ME", \ "- 512", \ "- 1024", \ "- 2048", \ "- 4096", \ "RSA-CRT", \ "- 512", \ "- 1024", \ "- 2048", \ "- 4096", \ "DES ECB", \ "DES CBC", \ "DES OFB", \ "DES CFB", \ "DES CTR", \ "DES CMAC", \ "3DES ECB", \ "3DES CBC", \ "3DES OFB", \ "3DES CFB", \ "3DES CTR", \ "3DES CMAC", \ "AES ECB", \ "- 128", \ "- 192", \ "- 256", \ "AES CBC", \ "- 128", \ "- 192", \ "- 256", \ "AES OFB", \ "- 128", \ "- 192", \ "- 256", \ "AES CFB", \ "- 128", \ "- 192", \ "- 256", \ "AES CTR", \ "- 128", \ "- 192", \ "- 256", \ "AES CMAC", \ "- 128", \ "- 192", \ "- 256", \ "AES XTS", \ "- 128", \ "- 256", \ "AES GCM", \ "- 128", \ "- 192", \ "- 256" #define STATS_SHM_SIZE (sizeof(stats_entry_t) * ICA_NUM_STATS) #define ENCRYPT 1 #define DECRYPT 0 #define ALGO_SW 0 #define ALGO_HW 1 #define SHM_CLOSE 0 #define SHM_DESTROY 1 int stats_mmap(int user); void stats_munmap(int unlink); uint64_t stats_query(stats_fields_t field, int hardware, int direction); void get_stats_data(stats_entry_t *entries); void stats_increment(stats_fields_t field, int hardware, int direction); int get_stats_sum(stats_entry_t *sum); char *get_next_usr(); void stats_reset(); int delete_all(); static inline int aes_directed_fc_stats_ofs(unsigned int fc) { switch (fc) { case AES_128_DECRYPT: case AES_128_ENCRYPT: return 0; case AES_192_DECRYPT: case AES_192_ENCRYPT: return 1; case AES_256_DECRYPT: case AES_256_ENCRYPT: return 2; case AES_128_XTS_ENCRYPT: case AES_128_XTS_DECRYPT: return 0; case AES_256_XTS_ENCRYPT: case AES_256_XTS_DECRYPT: return 1; } return 0; } static inline int rsa_keysize_stats_ofs(unsigned int key_length) { if (key_length >= 4096 / 8) return 3; if (key_length >= 2048 / 8) return 2; if (key_length >= 1024 / 8) return 1; return 0; } static inline int ecc_keysize_stats_ofs(int nid) { switch (nid) { case NID_brainpoolP160r1: return 0; case NID_X9_62_prime192v1: case NID_brainpoolP192r1: return 1; case NID_secp224r1: case NID_brainpoolP224r1: return 2; case NID_X9_62_prime256v1: case NID_brainpoolP256r1: return 3; case NID_brainpoolP320r1: return 4; case NID_secp384r1: case NID_brainpoolP384r1: return 5; case NID_brainpoolP512r1: return 6; case NID_secp521r1: return 7; } return 0; } #endif libica-4.0.1/src/include/init.h000066400000000000000000000012121417716165400162750ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * * Copyright IBM Corp. 2009 */ #ifndef INIT_H #define INIT_H #include #include #define EXCEPTION_RV 20 int begin_sigill_section(struct sigaction *oldact, sigset_t * oldset); void end_sigill_section(struct sigaction *oldact, sigset_t * oldset); extern int ica_fallbacks_enabled; extern int ica_offload_enabled; extern int ica_stats_enabled; #endif libica-4.0.1/src/include/rng.h000066400000000000000000000006711417716165400161300ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Copyright IBM Corp. 2018 */ #ifndef RNG_H # define RNG_H /* * libica's rng for library-internal stuff. Cannot be queried by applications * directly via the api. */ void rng_init(void); void rng_gen(unsigned char *buf, size_t buflen); void rng_fini(void); #endif libica-4.0.1/src/include/s390_aes.h000066400000000000000000000533101417716165400166660ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * Holger Dengler * * Copyright IBM Corp. 2009, 2010, 2011 */ #ifndef S390_AES_H #define S390_AES_H #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "fips.h" #include "ica_api.h" #include "icastats.h" #include "init.h" #include "s390_crypto.h" #include "s390_ctr.h" #if OPENSSL_VERSION_PREREQ(3, 0) extern OSSL_LIB_CTX *openssl_libctx; #endif #define AES_BLOCK_SIZE 16 #define GCM_RECOMMENDED_IV_LENGTH 12 #define HS_FLAG 0x400; #define LAAD_FLAG 0x200; #define LPC_FLAG 0x100; static inline int s390_aes_gcm_hw(unsigned int function_code, const unsigned char *input_data, unsigned char *output_data, unsigned long input_length, unsigned char *key, unsigned char *j0, unsigned char *ctr, const unsigned char *aad, unsigned long aad_length, const unsigned char *subkey_h, unsigned char *tag, unsigned int laad, unsigned int lpc) { struct { char reserved[12]; unsigned int cv; ica_aes_vector_t tag; ica_aes_vector_t subkey_h; unsigned long long total_aad_length; unsigned long long total_input_length; ica_aes_vector_t j0; ica_aes_key_len_256_t key; } parm_block; int rc; unsigned int key_size = (function_code & 0x0f) * sizeof(ica_aes_key_single_t); memset(&parm_block, 0, sizeof(parm_block)); memcpy(&parm_block.tag, tag, AES_BLOCK_SIZE); memcpy(&parm_block.subkey_h, subkey_h, AES_BLOCK_SIZE); memcpy(&parm_block.key, key, key_size); if (laad && lpc) { // total length in bits parm_block.total_aad_length = aad_length * 8; // total length in bits parm_block.total_input_length = input_length * 8; parm_block.cv = input_length / AES_BLOCK_SIZE + 1; } if (ctr) { memcpy(&parm_block.cv, &ctr[GCM_RECOMMENDED_IV_LENGTH], sizeof(parm_block.cv)); memcpy(&parm_block.j0, ctr, AES_BLOCK_SIZE); } if (j0) memcpy(&parm_block.j0, j0, AES_BLOCK_SIZE); // Set flags ... function_code = function_code | HS_FLAG; // subkey flag is always = 1 if (laad) function_code = function_code | LAAD_FLAG; if (lpc) function_code = function_code | LPC_FLAG; if (input_data == NULL) input_length = 0; if (aad == NULL) aad_length = 0; if (input_length == 0 && aad_length == 0) parm_block.cv++; rc = s390_kma(function_code, &parm_block, output_data, input_data, input_length, aad, aad_length); if (rc >= 0) { memcpy(tag, &parm_block.tag, AES_BLOCK_SIZE); if (ctr) { // not in last call memcpy(&ctr[GCM_RECOMMENDED_IV_LENGTH], &parm_block.cv, sizeof(parm_block.cv)); } return 0; } else { return EIO; } } static inline int s390_aes_gcm(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *j0, unsigned char *ctr, const unsigned char *aad, unsigned long aad_length, unsigned char *subkey_h, unsigned char *tag, unsigned int laad, unsigned int lpc) { int rc = ENODEV; if (*s390_kma_functions[fc].enabled) { rc = s390_aes_gcm_hw(s390_kma_functions[fc].hw_fc, in_data, out_data, data_length, key, j0, ctr, aad, aad_length, subkey_h, tag, laad, lpc); } if (rc) return rc; stats_increment(ICA_STATS_AES_GCM_128 + aes_directed_fc_stats_ofs(fc), ALGO_HW, (s390_kma_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT:DECRYPT); return 0; } static inline int __s390_aes_ctrlist(unsigned int fc, unsigned long data_length, const unsigned char *in_data, const unsigned char *ctrlist, unsigned char *key, unsigned char *out_data) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_ctr_hw(s390_msa4_functions[fc].hw_fc, data_length, in_data, key, out_data, ctrlist); if (rc) return rc; stats_increment(ICA_STATS_AES_CTR_128 + aes_directed_fc_stats_ofs(fc), ALGO_HW, (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ?ENCRYPT:DECRYPT); return 0; } static inline int s390_aes_ctrlist(unsigned int fc, unsigned long data_length, const unsigned char *in_data, const unsigned char *ctrlist, unsigned char *key, unsigned char *out_data) { int rc = 0; unsigned char rest_in_data[AES_BLOCK_SIZE]; unsigned char rest_out_data[AES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % AES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length; if (tmp_data_length) { rc = __s390_aes_ctrlist(fc, tmp_data_length, in_data, ctrlist, key, out_data); if (rc) return rc; } if (rest_data_length) { memcpy(rest_in_data, in_data + tmp_data_length, rest_data_length); rc = __s390_aes_ctrlist(fc, AES_BLOCK_SIZE, rest_in_data, ctrlist + tmp_data_length, key, rest_out_data); if (rc) return rc; memcpy(out_data + tmp_data_length, rest_out_data, rest_data_length); } return rc; } static inline int s390_aes_ctr(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *ctr, unsigned int ctr_width) { const unsigned char *src; unsigned char *tmp_ctrlist = NULL; unsigned long chunk_length; unsigned long rest_length; unsigned long tmp_length; int rc = 0; if (data_length == 0) return 0; if (data_length <= AES_BLOCK_SIZE) { /* short message handling */ rc = s390_aes_ctrlist(fc, data_length, in_data, ctr, key, out_data); if (rc) goto free_out; __inc_aes_ctr((struct uint128 *)ctr, ctr_width); return rc; } /* find largest possible message chunk */ chunk_length = NEXT_BS(data_length, AES_BLOCK_SIZE); tmp_ctrlist = malloc(chunk_length); /* page size chunk fall back */ if ((!tmp_ctrlist) && (data_length > LARGE_MSG_CHUNK)) { chunk_length = LARGE_MSG_CHUNK; tmp_ctrlist = malloc(chunk_length); } /* single block chunk fall back */ if (!tmp_ctrlist) chunk_length = AES_BLOCK_SIZE; for (src = in_data, rest_length = data_length; src < (in_data + data_length); src += chunk_length, out_data += chunk_length, rest_length -= chunk_length) { tmp_length = (rest_length < chunk_length) ? rest_length : chunk_length; if (tmp_ctrlist) { __fill_aes_ctrlist(tmp_ctrlist, NEXT_BS(tmp_length, AES_BLOCK_SIZE), (struct uint128 *)ctr, ctr_width); rc = s390_aes_ctrlist(fc, tmp_length, src, tmp_ctrlist, key, out_data); if (rc) goto free_out; } else { /* single block fall back */ rc = s390_aes_ctrlist(fc, tmp_length, src, ctr, key, out_data); if (rc) goto free_out; __inc_aes_ctr((struct uint128 *)ctr, ctr_width); } } free_out: if (tmp_ctrlist) free(tmp_ctrlist); return rc; } static inline int s390_aes_ecb_hw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *keys, unsigned char *output_data) { int rc = 0; rc = s390_km(function_code, keys, output_data, input_data, input_length); if (rc >= 0) return 0; else return EIO; } static inline int s390_aes_ecb_sw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *keys, unsigned char *output_data) { AES_KEY aes_key; unsigned long i; unsigned int direction; unsigned int key_size = (function_code & 0x0f) * sizeof(ica_aes_key_single_t); int rc = 0; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); if (function_code & S390_CRYPTO_DIRECTION_MASK) { AES_set_decrypt_key(keys, key_size * 8, &aes_key); direction = AES_DECRYPT; } else { AES_set_encrypt_key(keys, key_size * 8, &aes_key); direction = AES_ENCRYPT; } for (i = 0; i < input_length; i += AES_BLOCK_SIZE) { AES_ecb_encrypt(input_data + i, output_data + i, &aes_key, direction); } OPENSSL_cleanse(&aes_key, sizeof(aes_key)); END_OPENSSL_LIBCTX(rc); return rc; } static inline int s390_aes_cbc_hw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *iv, unsigned char *keys, unsigned char *output_data) { struct { ica_aes_vector_t iv; ica_aes_key_len_256_t keys; } key_buffer; unsigned int key_size = (function_code & 0x0f) * sizeof(ica_aes_key_single_t); memcpy(&key_buffer.iv, iv, sizeof(ica_aes_vector_t)); memcpy(&key_buffer.keys, keys, key_size); int rc = 0; rc = s390_kmc(function_code, &key_buffer, output_data, input_data, input_length); memset(&key_buffer.keys, 0, key_size); if (rc >= 0) { memcpy(iv, &key_buffer.iv, sizeof(ica_aes_vector_t)); return 0; } else { return EIO; } } static inline int s390_aes_cbc_sw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *iv, unsigned char *keys, unsigned char *output_data) { AES_KEY aes_key; unsigned int direction; unsigned int key_size = (function_code & 0x0f) * sizeof(ica_aes_key_single_t); int rc = 0; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); if (function_code & S390_CRYPTO_DIRECTION_MASK) { AES_set_decrypt_key(keys, key_size * 8, &aes_key); direction = AES_DECRYPT; } else { AES_set_encrypt_key(keys, key_size * 8, &aes_key); direction = AES_ENCRYPT; } AES_cbc_encrypt(input_data, output_data, input_length, &aes_key, (unsigned char *) iv, direction); OPENSSL_cleanse(&aes_key, sizeof(aes_key)); END_OPENSSL_LIBCTX(rc); return rc; } static inline int s390_aes_ecb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *key, unsigned char *out_data) { int rc = ENODEV; int hardware = ALGO_HW; if (*s390_kmc_functions[fc].enabled) rc = s390_aes_ecb_hw(s390_kmc_functions[fc].hw_fc, data_length, in_data, key, out_data); if (rc) { if (!ica_fallbacks_enabled) return rc; rc = s390_aes_ecb_sw(s390_kmc_functions[fc].hw_fc, data_length, in_data, key, out_data); hardware = ALGO_SW; } stats_increment(ICA_STATS_AES_ECB_128 + aes_directed_fc_stats_ofs(fc), hardware, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT:DECRYPT); return rc; } static inline int s390_aes_cbc(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, unsigned char *key, unsigned char *out_data) { int rc = ENODEV; int hardware = ALGO_HW; if (*s390_kmc_functions[fc].enabled) rc = s390_aes_cbc_hw(s390_kmc_functions[fc].hw_fc, data_length, in_data, iv, key, out_data); if (rc) { if (!ica_fallbacks_enabled) return rc; rc = s390_aes_cbc_sw(s390_kmc_functions[fc].hw_fc, data_length, in_data, iv, key, out_data); hardware = ALGO_SW; } stats_increment(ICA_STATS_AES_CBC_128 + aes_directed_fc_stats_ofs(fc), hardware, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT:DECRYPT); return rc; } static inline int s390_aes_cfb_hw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *iv, const unsigned char *keys, unsigned char *output_data, unsigned int lcfb) { struct { ica_aes_vector_t iv; ica_aes_key_len_256_t keys; } key_buffer; unsigned int key_size = (function_code & 0x0f) * sizeof(ica_aes_key_single_t); memcpy(&key_buffer.iv, iv, sizeof(ica_aes_vector_t)); memcpy(&key_buffer.keys, keys, key_size); int rc = -1; rc = s390_kmf(function_code, &key_buffer, output_data, input_data, input_length, &lcfb); memset(&key_buffer.keys, 0, key_size); if (rc >= 0) { memcpy(iv, &key_buffer.iv, sizeof(ica_aes_vector_t)); return 0; } else return EIO; } static inline int __s390_aes_cfb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data, unsigned int lcfb) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_aes_cfb_hw(s390_msa4_functions[fc].hw_fc, data_length, in_data, iv, key, out_data, lcfb); if (rc) return rc; stats_increment(ICA_STATS_AES_CFB_128 + aes_directed_fc_stats_ofs(fc), ALGO_HW, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT:DECRYPT); return 0; } static inline int s390_aes_cfb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data, unsigned int lcfb) { int rc = 0; /* Temporary buffers with size of lcfb should be * sufficiant, using static maximum lcfb instead. */ unsigned char rest_in_data[AES_BLOCK_SIZE]; unsigned char rest_out_data[AES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % lcfb; tmp_data_length = data_length - rest_data_length; if (tmp_data_length) { rc = __s390_aes_cfb(fc, tmp_data_length, in_data, iv, key, out_data, lcfb); if (rc) return rc; } if (rest_data_length) { memcpy(rest_in_data, in_data + tmp_data_length, rest_data_length); rc = __s390_aes_cfb(fc, lcfb, rest_in_data, iv, key, rest_out_data, lcfb); if (rc) return rc; memcpy(out_data + tmp_data_length, rest_out_data, rest_data_length); } return rc; } static inline int s390_aes_ofb_hw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *iv, const unsigned char *keys, unsigned char *output_data) { struct { ica_aes_vector_t iv; ica_aes_key_len_256_t keys; } key_buffer; unsigned int key_size = (function_code & 0x0f) * sizeof(ica_aes_key_single_t); memcpy(&key_buffer.iv, iv, sizeof(ica_aes_vector_t)); memcpy(&key_buffer.keys, keys, key_size); int rc = -1; rc = s390_kmo(function_code, &key_buffer, output_data, input_data, input_length); memset(&key_buffer.keys, 0, key_size); if (rc >= 0) { memcpy(iv, &key_buffer.iv, sizeof(ica_aes_vector_t)); return 0; } else return EIO; } static inline int __s390_aes_ofb(unsigned int fc, unsigned long input_length, const unsigned char *input_data, unsigned char *iv, const unsigned char *keys, unsigned char *output_data) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_aes_ofb_hw(s390_msa4_functions[fc].hw_fc, input_length, input_data, iv, keys, output_data); if (rc) return rc; stats_increment(ICA_STATS_AES_OFB_128 + aes_directed_fc_stats_ofs(fc), ALGO_HW, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT:DECRYPT); return 0; } static inline int s390_aes_ofb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data) { int rc = 0; unsigned char rest_in_data[AES_BLOCK_SIZE]; unsigned char rest_out_data[AES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % AES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length; if (tmp_data_length) { rc = __s390_aes_ofb(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; } if (rest_data_length) { memcpy(rest_in_data, in_data + tmp_data_length, rest_data_length); rc = __s390_aes_ofb(fc, AES_BLOCK_SIZE, rest_in_data, iv, key, rest_out_data); if (rc) return rc; memcpy(out_data + tmp_data_length, rest_out_data, rest_data_length); } return rc; } static inline int s390_aes_xts_parm(unsigned long function_code, unsigned int key_size, unsigned char *key, unsigned char *xts_parm) { int rc = 0; struct { unsigned char keys[key_size]; ica_aes_vector_t tweak; unsigned char block_seq[sizeof(ica_aes_vector_t)]; unsigned char intermediate_bit_idx[sizeof(ica_aes_vector_t)]; unsigned char xts_parameter[sizeof(ica_aes_vector_t)]; } parm_block; memset(parm_block.block_seq, 0x00, sizeof(parm_block.block_seq)); memcpy(&parm_block.tweak, xts_parm, sizeof(parm_block.tweak)); memcpy(&parm_block.keys, key, key_size); memset(parm_block.intermediate_bit_idx, 0x00, sizeof(parm_block.intermediate_bit_idx)); /* In PCC we do not differentiate between encryption and decryption */ rc = s390_pcc(function_code & 0x7f, &parm_block); memset(&parm_block.keys, 0, key_size); if (rc >= 0) { memcpy(xts_parm, parm_block.xts_parameter, sizeof(ica_aes_vector_t)); return 0; } else return EIO; } static inline int s390_aes_xts_msg_dec(unsigned long function_code, unsigned long data_length, const unsigned char *in_data, unsigned char *out_data, void *param, unsigned int key_size) { int rc; unsigned char tmp_in_data[AES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; struct { unsigned char keys[key_size]; ica_aes_vector_t iv; } tmp_param; rest_data_length = data_length % AES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length - AES_BLOCK_SIZE; if (rest_data_length == 0) { /* complete msg handling */ rc = s390_km(function_code, param, out_data, in_data, data_length); if (rc < 0) return EIO; return rc; } if (tmp_data_length) { rc = s390_km(function_code, param, out_data, in_data, tmp_data_length); if (rc < 0) return EIO; } /* backup iv n-1 */ memcpy(&tmp_param, param, sizeof(tmp_param)); /* dummy step to calculate iv n */ rc = s390_km(function_code, param, out_data + tmp_data_length, in_data + tmp_data_length, AES_BLOCK_SIZE); if (rc < 0) return EIO; /* block n-1 (with iv n) */ rc = s390_km(function_code, param, out_data + tmp_data_length, in_data + tmp_data_length, AES_BLOCK_SIZE); if (rc < 0) return EIO; memcpy(tmp_in_data, in_data + tmp_data_length + AES_BLOCK_SIZE, rest_data_length); memcpy_r_allign(tmp_in_data, AES_BLOCK_SIZE, out_data + tmp_data_length, AES_BLOCK_SIZE, AES_BLOCK_SIZE - rest_data_length); memcpy(out_data + tmp_data_length + AES_BLOCK_SIZE, out_data + tmp_data_length, rest_data_length); /* block n (with iv n-1) */ rc = s390_km(function_code, &tmp_param, out_data + tmp_data_length, tmp_in_data, AES_BLOCK_SIZE); if (rc < 0) return EIO; return rc; } static inline int s390_aes_xts_msg_enc(unsigned long function_code, unsigned long data_length, const unsigned char *in_data, unsigned char *out_data, void *param) { int rc; unsigned char tmp_in_data[AES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % AES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length; /* tmp_data_length is at least AES_BLOCK_SIZE */ rc = s390_km(function_code, param, out_data, in_data, tmp_data_length); if (rc < 0) return EIO; if (rest_data_length) { /* XTS cipher text stealing for uncomplete blocks */ memcpy(tmp_in_data, in_data + tmp_data_length, rest_data_length); memcpy_r_allign(tmp_in_data, AES_BLOCK_SIZE, out_data + (tmp_data_length - AES_BLOCK_SIZE), AES_BLOCK_SIZE, AES_BLOCK_SIZE - rest_data_length); memcpy(out_data + tmp_data_length, out_data + (tmp_data_length - AES_BLOCK_SIZE), rest_data_length); rc = s390_km(function_code, param, out_data + (tmp_data_length - AES_BLOCK_SIZE), tmp_in_data, AES_BLOCK_SIZE); if (rc < 0) return EIO; } return rc; } static inline int s390_aes_xts_hw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *tweak, unsigned char *key1, unsigned char *key2, unsigned int key_size, unsigned char *output_data) { int rc = -1; /* This works similar as AES CBC, but uses km instead of kmc. Also we * need to specify the parameter block in order with key first and * XTS parameter behind. */ struct { unsigned char keys[key_size]; ica_aes_vector_t iv; } key_buffer; memcpy(key_buffer.keys, key1, key_size); memcpy(&key_buffer.iv, tweak, sizeof(ica_aes_vector_t)); /* Get XTS parameter through PCC first. */ rc = s390_aes_xts_parm(function_code, key_size, key2, (unsigned char *) &key_buffer.iv); if (rc) return EIO; if (function_code & S390_CRYPTO_DIRECTION_MASK) rc = s390_aes_xts_msg_dec(function_code, input_length, input_data, output_data, &key_buffer, key_size); else rc = s390_aes_xts_msg_enc(function_code, input_length, input_data, output_data, &key_buffer); memset(key_buffer.keys, 0, key_size); /* The iv/tweak is not updated for XTS mode. */ if (rc < 0) return EIO; return 0; } static inline int s390_aes_xts(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *tweak, unsigned char *key1, unsigned char *key2, unsigned int key_length, unsigned char *out_data) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_aes_xts_hw(s390_msa4_functions[fc].hw_fc, data_length, in_data, tweak, key1, key2, key_length, out_data); if (rc) return rc; stats_increment(ICA_STATS_AES_XTS_128 + aes_directed_fc_stats_ofs(fc), ALGO_HW, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT:DECRYPT); return 0; } #endif libica-4.0.1/src/include/s390_cbccs.h000066400000000000000000000222001417716165400171650ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Holger Dengler * * Copyright IBM Corp. 2011 */ #include "s390_common.h" #ifndef S390_CBCCS_H #define S390_CBCCS_H static inline unsigned int cbccs_last_block_swap(unsigned char *base, unsigned long length, unsigned int block_size, unsigned int direction, unsigned int variant) { unsigned char tmp[block_size]; unsigned long rest_length; unsigned long head_length; rest_length = length % block_size; switch (variant) { case 1: /* keep last two blocks in order */ break; case 2: /* switch order of the last two blocks if length is not * a multiple of the cipher block size, otherwise keep last * two blocks in order */ if (rest_length == 0) break; /* fall-through */ case 3: /* always switch order of the last two blocks */ if (rest_length == 0) rest_length = block_size; head_length = length - rest_length; if (direction) { /* encrypt */ memcpy(tmp, base + (head_length - block_size) + rest_length, block_size); memcpy(base + head_length, base + (head_length - block_size), rest_length); memcpy(base + (head_length - block_size), tmp, block_size); } else { /*decrypt */ memcpy(tmp, base + (head_length - block_size), block_size); memcpy(base + (head_length - block_size), base + head_length, rest_length); memcpy(base + (head_length - block_size) + rest_length, tmp, block_size); } break; default: /* unsupported variant */ return EINVAL; } return 0; } static inline unsigned int s390_des_cbccs_enc(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *key, unsigned char *iv, unsigned int variant) { unsigned int rc; unsigned char tmp_in_data[DES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % DES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length; /* tmp_data_length is at least DES_BLOCK_SIZE */ rc = s390_des_cbc(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; if (rest_data_length) { /* zero padding for uncomplete last block */ memset(tmp_in_data, 0, DES_BLOCK_SIZE); memcpy(tmp_in_data, in_data + tmp_data_length, rest_data_length); rc = s390_des_cbc(fc, DES_BLOCK_SIZE, tmp_in_data, iv, key, out_data + (tmp_data_length - DES_BLOCK_SIZE) + rest_data_length); if (rc) return rc; } return cbccs_last_block_swap(out_data, data_length, DES_BLOCK_SIZE, ICA_ENCRYPT, variant); } static inline unsigned int s390_des_cbccs_dec(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *key, unsigned char *iv, unsigned int variant) { unsigned int rc; unsigned char tmp_in_data[2* DES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long swap_length; unsigned long tmp_data_length; unsigned char tmp_iv[DES_BLOCK_SIZE]; unsigned char tmp_out_data[DES_BLOCK_SIZE]; rest_data_length = data_length % DES_BLOCK_SIZE; swap_length = (rest_data_length) ? DES_BLOCK_SIZE + rest_data_length : 2* DES_BLOCK_SIZE; tmp_data_length = data_length - swap_length; /* copy last 2 blocks to temporary buffer, because blocks can not * be re-ordered in in_data (const) */ memset(tmp_in_data, 0, 2*DES_BLOCK_SIZE); memcpy(tmp_in_data, in_data + tmp_data_length, swap_length); rc = cbccs_last_block_swap(tmp_in_data, swap_length, DES_BLOCK_SIZE, ICA_DECRYPT, variant); if (rc) return rc; if (rest_data_length == 0) { /* complete message handling */ if (tmp_data_length) { rc = s390_des_cbc(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; } return s390_des_cbc(fc, swap_length, tmp_in_data, iv, key, out_data + tmp_data_length); } if (tmp_data_length) { rc = s390_des_cbc(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; } /* decrypt block C(n) with zero iv */ memset(tmp_iv, 0, DES_BLOCK_SIZE); rc = s390_des_cbc(fc, DES_BLOCK_SIZE, tmp_in_data + rest_data_length, tmp_iv, key, tmp_out_data); if(rc) return rc; /* complete block C*(n-1) to C(n-1) and decrypt it */ memcpy_r_allign(tmp_in_data, DES_BLOCK_SIZE, tmp_out_data, DES_BLOCK_SIZE, DES_BLOCK_SIZE - rest_data_length); rc = s390_des_cbc(fc, DES_BLOCK_SIZE, tmp_in_data, iv, key, out_data + tmp_data_length); if(rc) return rc; /* XOR tmp_out_data with C*(n-1) */ block_xor(out_data + tmp_data_length + DES_BLOCK_SIZE, tmp_in_data, tmp_out_data, rest_data_length); return 0; } static inline unsigned int s390_aes_cbccs_enc(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int variant) { unsigned int rc; unsigned char tmp_in_data[AES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % AES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length; /* tmp_data_length is at least AES_BLOCK_SIZE */ rc = s390_aes_cbc(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; if (rest_data_length) { memset(tmp_in_data, 0, AES_BLOCK_SIZE); memcpy(tmp_in_data, in_data + tmp_data_length, rest_data_length); rc = s390_aes_cbc(fc, AES_BLOCK_SIZE, tmp_in_data, iv, key, out_data + (tmp_data_length - AES_BLOCK_SIZE) + rest_data_length); if (rc) return rc; } return cbccs_last_block_swap(out_data, data_length, AES_BLOCK_SIZE, ICA_ENCRYPT, variant); } static inline unsigned int s390_aes_cbccs_dec(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int variant) { unsigned int rc; unsigned char tmp_in_data[2* AES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long swap_length; unsigned long tmp_data_length; unsigned char tmp_iv[AES_BLOCK_SIZE]; unsigned char tmp_out_data[AES_BLOCK_SIZE]; rest_data_length = data_length % AES_BLOCK_SIZE; swap_length = (rest_data_length) ? (AES_BLOCK_SIZE + rest_data_length) : (2* AES_BLOCK_SIZE); tmp_data_length = data_length - swap_length; /* copy last 2 blocks to temporary buffer, because blocks can not * be re-ordered in in_data (const) */ memset(tmp_in_data, 0, 2* AES_BLOCK_SIZE); memcpy(tmp_in_data, in_data + tmp_data_length, swap_length); rc = cbccs_last_block_swap(tmp_in_data, swap_length, AES_BLOCK_SIZE, ICA_DECRYPT, variant); if (rc) return rc; if (rest_data_length == 0) { /* complete message handling */ if (tmp_data_length) { rc = s390_aes_cbc(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; } return s390_aes_cbc(fc, swap_length, tmp_in_data, iv, key, out_data + tmp_data_length); } if (tmp_data_length) { rc = s390_aes_cbc(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; } /* decrypt block C(n) with zero iv */ memset(tmp_iv, 0, AES_BLOCK_SIZE); rc = s390_aes_cbc(fc, AES_BLOCK_SIZE, tmp_in_data + rest_data_length, tmp_iv, key, tmp_out_data); if(rc) return rc; /* complete block C*(n-1) to C(n-1) and decrypt it */ memcpy_r_allign(tmp_in_data, AES_BLOCK_SIZE, tmp_out_data, AES_BLOCK_SIZE, AES_BLOCK_SIZE - rest_data_length); rc = s390_aes_cbc(fc, AES_BLOCK_SIZE, tmp_in_data, iv, key, out_data + tmp_data_length); if(rc) return rc; /* XOR tmp_out_data with C*(n-1) */ block_xor(out_data + tmp_data_length + AES_BLOCK_SIZE, tmp_in_data, tmp_out_data, rest_data_length); /* * This fix was introduced to satisfy FIPS tests. They require the * output iv to be the iv resulting from decrypting the last block * with a zero iv as input, which is tmp_iv here. But note that this * is not described in the NIST standard for CBC-CS. According to the * standard, the output iv is simply undefined. */ #ifdef ICA_FIPS memcpy(iv, tmp_iv, AES_BLOCK_SIZE); #endif /* ICA_FIPS */ return 0; } static inline int s390_des_cbccs(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int variant) { if (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) return s390_des_cbccs_dec(fc, in_data, out_data, data_length, key, iv, variant); else return s390_des_cbccs_enc(fc, in_data, out_data, data_length, key, iv, variant); } static inline int s390_aes_cbccs(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *iv, unsigned int variant) { if (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) return s390_aes_cbccs_dec(fc, in_data, out_data, data_length, key, iv, variant); else return s390_aes_cbccs_enc(fc, in_data, out_data, data_length, key, iv, variant); } #endif libica-4.0.1/src/include/s390_ccm.h000066400000000000000000000221211417716165400166540ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Ruben Straus * Holger Dengler * * Copyright IBM Corp. 2010 */ #ifndef S390_CCM_H #define S390_CCM_H #include "s390_ctr.h" #define S390_CCM_MAX_NONCE_LENGTH 13 #define S390_CCM_MIN_NONCE_LENGTH 7 #define S390_CCM_MAX_MAC_LENGTH 16 #define S390_CCM_MIN_MAC_LENGTH 4 /* assoc_data first meta block with data * for small assoc_data_length */ struct meta_ad_small { uint16_t length; unsigned char data[14]; } __attribute__((packed)); /* assoc_data first meta block with prefix and data * for medium assoc_data_length */ struct meta_ad_medium { unsigned char prefix[2]; uint32_t length; unsigned char data[10]; } __attribute__((packed)); /* assoc_data first meta block with prefix and data * for large assoc_data_length */ struct meta_ad_large { unsigned char prefix[2]; uint64_t length; unsigned char data[6]; } __attribute__((packed)); /* assoc_data meta block union with size cipher block size */ typedef union { struct meta_ad_small small; struct meta_ad_medium medium; struct meta_ad_large large; } __attribute__((packed)) ad_meta_t; static inline unsigned int fc_to_key_length(unsigned int fc) { switch(UNDIRECTED_FC(fc)) { case AES_128_ENCRYPT: return 128/8; case AES_192_ENCRYPT: return 192/8; case AES_256_ENCRYPT: default: return 256/8; } } static inline void __compute_meta_b0(const unsigned char *nonce, unsigned long nonce_length, unsigned long assoc_data_length, uint64_t payload_length, unsigned long mac_length, unsigned char *meta_b0) { struct { uint8_t reserved :1; uint8_t adata :1; uint8_t t_enc :3; uint8_t q_enc :3; } __attribute__((packed)) meta_flags; memset(meta_b0, 0x00, AES_BLOCK_SIZE); /* meta flags */ memset(&meta_flags, 0x00, sizeof(meta_flags)); if (assoc_data_length) meta_flags.adata = 1; meta_flags.t_enc = (mac_length-2) / 2; meta_flags.q_enc = (15 - nonce_length) - 1; memcpy(meta_b0, &meta_flags, sizeof(meta_flags)); /* encoding N */ memcpy(meta_b0 + sizeof(meta_flags), nonce, nonce_length); /* encoding Q */ memcpy_r_allign(meta_b0, AES_BLOCK_SIZE, &payload_length, sizeof(payload_length), AES_BLOCK_SIZE - (sizeof(meta_flags) + nonce_length)); } static inline void __compute_initial_ctr(const unsigned char *nonce, unsigned long nonce_length, unsigned char *ctr) { struct { uint8_t reserved :2; uint8_t zero :3; uint8_t q_enc :3; } __attribute__((packed)) ctr_flags; memset(ctr, 0x00, AES_BLOCK_SIZE); memset(&ctr_flags, 0x00, sizeof(ctr_flags)); ctr_flags.q_enc = (15 - nonce_length) - 1; memcpy(ctr, &ctr_flags, sizeof(ctr_flags)); memcpy(ctr + sizeof(ctr_flags), nonce, nonce_length); } static inline unsigned int __auth_assoc_data(unsigned int function_code, const unsigned char *assoc_data, uint64_t assoc_data_length, const unsigned char *key, unsigned int key_length, unsigned char *iv) { unsigned int rc; ad_meta_t meta; unsigned char *meta_data; unsigned long meta_data_length; unsigned char tmp_block[AES_BLOCK_SIZE]; const unsigned char *rest; unsigned long rest_length; unsigned long head_length; unsigned long tail_length; /* preparing first block of assoc_data */ if (assoc_data_length < ((1ull << 16)-(1ull << 8))) { meta.small.length = assoc_data_length; meta_data = meta.small.data; meta_data_length = sizeof(meta.small.data); } else if (assoc_data_length < (1ull << 32)) { meta.medium.prefix[0] = 0xff; meta.medium.prefix[1] = 0xfe; meta.medium.length = assoc_data_length; meta_data = meta.medium.data; meta_data_length = sizeof(meta.medium.data); } else { meta.large.prefix[0] = 0xff; meta.large.prefix[1] = 0xff; meta.large.length = assoc_data_length; meta_data = meta.large.data; meta_data_length = sizeof(meta.large.data); } if (assoc_data_length < meta_data_length) { memset(meta_data, 0x00, meta_data_length); memcpy(meta_data, assoc_data, assoc_data_length); rest_length = 0; rest = NULL; } else { memcpy(meta_data, assoc_data, meta_data_length); rest_length = assoc_data_length - meta_data_length; rest = assoc_data + meta_data_length; } /* processing first block of assoc_data */ rc = s390_cmac(function_code, (unsigned char *)&meta, AES_BLOCK_SIZE, key_length, key, AES_BLOCK_SIZE, NULL, /* cmac_intermediate */ iv); if (rc) return rc; /* processing remaining assoc_data */ if (rest_length) { tail_length = rest_length % AES_BLOCK_SIZE; head_length = rest_length - tail_length; if (head_length) { rc = s390_cmac(function_code, rest, head_length, key_length, key, AES_BLOCK_SIZE, NULL, /* cmac_intermediate */ iv); if (rc) return rc; rest += head_length; } /* assoc_data padding */ if (tail_length) { memset(tmp_block, 0x00, AES_BLOCK_SIZE); memcpy(tmp_block, rest, tail_length); rc = s390_cmac(function_code, tmp_block, AES_BLOCK_SIZE, key_length, key, AES_BLOCK_SIZE, NULL, /* cmac_intermediate */ iv); if (rc) return rc; } } return 0; } static inline unsigned int s390_ccm_authenticate(unsigned int function_code, const unsigned char *payload, uint64_t payload_length, const unsigned char *assoc_data, unsigned long assoc_data_length, const unsigned char *nonce, unsigned int nonce_length, unsigned char *tag, unsigned int tag_length, const unsigned char *key, unsigned int key_length) { unsigned int rc; unsigned char meta_b0[AES_BLOCK_SIZE]; unsigned char tmp_block[AES_BLOCK_SIZE]; unsigned long head_length; unsigned long tail_length; /* compute meta information block B0 */ __compute_meta_b0(nonce, nonce_length, assoc_data_length, payload_length, tag_length, meta_b0); /* kmac of first block (intermediate) */ memset(tag, 0x00, AES_BLOCK_SIZE); rc = s390_cmac(function_code, meta_b0, AES_BLOCK_SIZE, key_length, key, AES_BLOCK_SIZE, NULL, /* cmac_intermediate */ tag); if (rc) return rc; /* kmac of assoc_data blocks (intermediate) */ if (assoc_data_length) { rc = __auth_assoc_data(function_code, assoc_data, assoc_data_length, key, key_length, tag); if (rc) return rc; } /* kmac of payload (intermediate) */ tail_length = payload_length % AES_BLOCK_SIZE; head_length = payload_length - tail_length; if (head_length) { rc = s390_cmac(function_code, payload, head_length, key_length, key, AES_BLOCK_SIZE, NULL, /* cmac_intermediate */ tag); if (rc) return rc; } if (tail_length) { memset(tmp_block, 0x00, AES_BLOCK_SIZE); memcpy(tmp_block, payload + head_length, tail_length); rc = s390_cmac(function_code, tmp_block, AES_BLOCK_SIZE, key_length, key, AES_BLOCK_SIZE, NULL, /* cmac_intermediate */ tag); if (rc) return rc; } return 0; } static inline unsigned int s390_ccm(unsigned int function_code, unsigned char *payload, unsigned long payload_length, unsigned char *ciphertext, const unsigned char *assoc_data, unsigned long assoc_data_length, const unsigned char *nonce, unsigned long nonce_length, unsigned char *mac, unsigned long mac_length, unsigned char *key) { unsigned char initial_ctr[AES_BLOCK_SIZE]; unsigned char cipher_ctr[AES_BLOCK_SIZE]; unsigned char tag[AES_BLOCK_SIZE]; unsigned int ccm_ctr_width; unsigned int rc; /* compute initial counter */ __compute_initial_ctr(nonce, nonce_length, initial_ctr); ccm_ctr_width = (15 - nonce_length) * 8; if (payload_length) { /* compute counter for en-/decryption */ memcpy(cipher_ctr, initial_ctr, AES_BLOCK_SIZE); __inc_aes_ctr((struct uint128 *)cipher_ctr, ccm_ctr_width); /* en-/decrypt */ if (function_code % 2) { /* decrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), ciphertext, payload, payload_length, key, cipher_ctr, ccm_ctr_width); if (rc) return rc; /* mac */ rc = s390_ccm_authenticate(UNDIRECTED_FC(function_code), payload, payload_length, assoc_data, assoc_data_length, nonce, nonce_length, tag, mac_length, key, fc_to_key_length(function_code)); if (rc) return rc; } else { /* mac */ rc = s390_ccm_authenticate(UNDIRECTED_FC(function_code), payload, payload_length, assoc_data, assoc_data_length, nonce, nonce_length, tag, mac_length, key, fc_to_key_length(function_code)); if (rc) return rc; /*encrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), payload, ciphertext, payload_length, key, cipher_ctr, ccm_ctr_width); if (rc) return rc; } } /* encrypt tag into mac */ return s390_aes_ctr(UNDIRECTED_FC(function_code), tag, mac, mac_length, key, initial_ctr, ccm_ctr_width); } #endif libica-4.0.1/src/include/s390_cmac.h000066400000000000000000000106651417716165400170270ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Ruben Straus * Holger Dengler * * Copyright IBM Corp. 2010, 2011 */ #include #include #include #include "ica_api.h" #include "icastats.h" #include "init.h" #include "s390_crypto.h" #include "s390_aes.h" #include "s390_des.h" #ifndef S390_CMAC #define S390_CMAC_H #define PARM_BLOCK_SIZE 72 typedef unsigned char parm_block_t[PARM_BLOCK_SIZE]; struct parm_block_lookup { unsigned int block_size; unsigned char *base; uint8_t *ml; unsigned char *message; unsigned char *iv; unsigned char *keys; }; static inline void parm_block_lookup_init(struct parm_block_lookup *lookup, parm_block_t base, unsigned int block_size) { lookup->block_size = block_size; lookup->base = base; lookup->ml = (uint8_t *)base; lookup->message = (unsigned char *)(base + 8); lookup->iv = (unsigned char *)(lookup->message + block_size); lookup->keys = (unsigned char *)(lookup->iv + block_size); } static inline unsigned int fc_block_size(unsigned int fc) { unsigned int rc; switch(fc) { case S390_CRYPTO_DEA_ENCRYPT: case S390_CRYPTO_TDEA_128_ENCRYPT: case S390_CRYPTO_TDEA_192_ENCRYPT: rc = DES_BLOCK_SIZE; break; case S390_CRYPTO_AES_128_ENCRYPT: case S390_CRYPTO_AES_192_ENCRYPT: case S390_CRYPTO_AES_256_ENCRYPT: default: rc = AES_BLOCK_SIZE; break; } return rc; } static inline void _stats_increment(unsigned int fc, int hw, int direction) { switch(fc) { case 1: case 9: stats_increment(ICA_STATS_DES_CMAC, hw, direction); break; case 2: case 3: case 10: case 11: stats_increment(ICA_STATS_3DES_CMAC, hw, direction); break; case 18: case 19: case 20: case 26: case 27: case 28: stats_increment(ICA_STATS_AES_CMAC_128 + aes_directed_fc_stats_ofs(fc), hw, direction); break; default: break; } } static inline int s390_cmac_hw(unsigned long fc, const unsigned char *message, unsigned long message_length, unsigned int key_size, const unsigned char *key, unsigned int cmac_length, unsigned char *cmac, unsigned char *iv) { parm_block_t parm_block; struct parm_block_lookup pb_lookup; unsigned int length_tail; unsigned long length_head; int rc; /* CMAC uses encrypt function code for generate and verify. */ fc &= S390_CRYPTO_FUNCTION_MASK; memset(parm_block, 0, sizeof(parm_block)); parm_block_lookup_init(&pb_lookup, parm_block, fc_block_size(fc)); memcpy(pb_lookup.keys, key, key_size); /* copy iv into param block, if available (intermediate) */ if (iv != NULL) memcpy(pb_lookup.iv, iv, pb_lookup.block_size); if (cmac == NULL) { /* intermediate */ rc = s390_kmac(fc, pb_lookup.iv, message, message_length); memset(pb_lookup.keys, 0, key_size); if (rc < 0) return rc; _stats_increment(fc, ALGO_HW, ENCRYPT); /* rescue iv for chained calls (intermediate) */ memcpy(iv, pb_lookup.iv, pb_lookup.block_size); } else { if (message_length) { length_tail = message_length % pb_lookup.block_size; if (length_tail) length_head = message_length - length_tail; else { length_head = message_length - pb_lookup.block_size; length_tail = pb_lookup.block_size; } if (length_head) { rc = s390_kmac(fc, pb_lookup.iv, message, length_head); if (rc < 0) { memset(pb_lookup.keys, 0, key_size); return EIO; } _stats_increment(fc, ALGO_HW, ENCRYPT); } *pb_lookup.ml = length_tail * 8; /* message length in bits */ memcpy(pb_lookup.message, message + length_head, length_tail); } /* calculate final block (last/full) */ rc = s390_pcc(fc, pb_lookup.base); memset(pb_lookup.keys, 0, key_size); if (rc < 0) return EIO; _stats_increment(fc, ALGO_HW, ENCRYPT); memcpy(cmac, pb_lookup.iv, cmac_length); } return 0; } static inline int s390_cmac(unsigned long fc, const unsigned char *message, unsigned long message_length, unsigned int key_length, const unsigned char *key, unsigned int mac_length, unsigned char *mac, unsigned char *iv) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_cmac_hw(s390_msa4_functions[fc].hw_fc, message, message_length, key_length, key, mac_length, mac, iv); return rc; } #endif libica-4.0.1/src/include/s390_common.h000066400000000000000000000017061417716165400174100ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Holger Dengler * * Copyright IBM Corp. 2011 */ #include #ifndef S390_COMMON_H #define S390_COMMON_H /* * Assumption: *_ENCRYPT members of the kmc_funktion_t and kma_function_t * enums are even, while *_DECRYPT members are odd. */ #define UNDIRECTED_FC(x) (((x)/2)*2) struct uint128 { uint64_t g[2]; }; static inline void block_xor(unsigned char dest[], unsigned char a[], unsigned char b[], unsigned int length) { unsigned int i; for (i = 0; i < length; i++) { dest[i] = a[i] ^ b[i]; } } static inline void memcpy_r_allign(void *dest, int dest_bs, void *src, int src_bs, int size) { memcpy((unsigned char *)dest + (dest_bs - size), (unsigned char *)src + (src_bs - size), size); } #endif /* S390_COMMON_H */ libica-4.0.1/src/include/s390_crypto.h000066400000000000000000000611471417716165400174450ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* * Support for s390 cryptographic instructions. * * Author(s): Thomas Spatzier * Jan Glauber * Ralph Wuerthner * Felix Beck * Christian Maaser * Holger Dengler * Ingo Tuchscherer * * Copyright IBM Corp. 2007, 2009, 2011, 2013 */ #include #ifndef S390_CRYPTO_H #define S390_CRYPTO_H #include /* major 4.0: no more exported, now internal */ int s390_initialize_functionlist(void); int s390_get_functionlist(libica_func_list_element *pmech_list, unsigned int *pmech_list_len); #ifndef OPENSSL_VERSION_PREREQ #if defined(OPENSSL_VERSION_MAJOR) && defined(OPENSSL_VERSION_MINOR) #define OPENSSL_VERSION_PREREQ(maj, min) \ ((OPENSSL_VERSION_MAJOR << 16) + \ OPENSSL_VERSION_MINOR >= ((maj) << 16) + (min)) #else #define OPENSSL_VERSION_PREREQ(maj, min) \ (OPENSSL_VERSION_NUMBER >= (((maj) << 28) | \ ((min) << 20))) #endif #endif #if OPENSSL_VERSION_PREREQ(3, 0) extern int openssl3_initialized; #define BEGIN_OPENSSL_LIBCTX(ossl_ctx, rc) \ do { \ if (ossl_ctx == NULL || openssl3_initialized == 0) { \ printf("lib ctx null or openssl 3 not initialized\n"); \ (rc) = EFAULT; \ break; \ } \ OSSL_LIB_CTX *prev_ctx = OSSL_LIB_CTX_set0_default((ossl_ctx)); \ if (prev_ctx == NULL) { \ (rc) = EFAULT; \ printf("OSSL_LIB_CTX_set0_default failed\n"); \ break; \ } #define END_OPENSSL_LIBCTX(rc) \ if (OSSL_LIB_CTX_set0_default(prev_ctx) == NULL) { \ if ((rc) == 0) \ (rc) = EFAULT; \ printf("OSSL_LIB_CTX_set0_default failed\n"); \ } \ } while (0); #else #define BEGIN_OPENSSL_LIBCTX(ossl_ctx, rc) do { #define END_OPENSSL_LIBCTX(rc) } while (0); #endif #define S390_CRYPTO_TEST_MASK(mask, function) \ (((unsigned char *)(mask))[((function) & 0x7F) >> 3] & \ (0x80 >> ((function) & 0x07))) #define KM 1 #define KMC 2 #define KIMD 3 #define MSA4 4 #define ADAPTER 5 #define PPNO 6 #define MSA8 7 #define MSA9 8 enum s390_crypto_instruction { S390_CRYPTO_DIRECTION_MASK = 0x80, S390_CRYPTO_FUNCTION_MASK = 0x7f }; enum s390_crypto_function { /* * The S390_QUERY function is always available for all 4 KM, KMC, KIMD and * KLMD instructions and the PPNO instructions to query the available functions. */ S390_CRYPTO_QUERY = 0x00, /* * The S390_SHA_* functions are available for KIMD and KLMD instructions. */ S390_CRYPTO_SHA_1 = 0x01, S390_CRYPTO_SHA_256 = 0x02, S390_CRYPTO_SHA_512 = 0x03, S390_CRYPTO_SHA_3_224 = 0x20, S390_CRYPTO_SHA_3_256 = 0x21, S390_CRYPTO_SHA_3_384 = 0x22, S390_CRYPTO_SHA_3_512 = 0x23, S390_CRYPTO_SHAKE_128 = 0x24, S390_CRYPTO_SHAKE_256 = 0x25, S390_CRYPTO_GHASH = 0x41, /* * The following functions are available for KM,KMC,KMF,KMO, * and KMCTR instructions. */ S390_CRYPTO_DEA_ENCRYPT = 0x01, S390_CRYPTO_DEA_DECRYPT = 0x01 | 0x80, S390_CRYPTO_TDEA_128_ENCRYPT = 0x02, S390_CRYPTO_TDEA_128_DECRYPT = 0x02 | 0x80, S390_CRYPTO_TDEA_192_ENCRYPT = 0x03, S390_CRYPTO_TDEA_192_DECRYPT = 0x03 | 0x80, S390_CRYPTO_AES_128_ENCRYPT = 0x12, S390_CRYPTO_AES_128_DECRYPT = 0x12 | 0x80, S390_CRYPTO_AES_192_ENCRYPT = 0x13, S390_CRYPTO_AES_192_DECRYPT = 0x13 | 0x80, S390_CRYPTO_AES_256_ENCRYPT = 0x14, S390_CRYPTO_AES_256_DECRYPT = 0x14 | 0x80, /* XTS is only available for the KM instruction */ S390_CRYPTO_AES_128_XTS_ENCRYPT = 0x32, S390_CRYPTO_AES_128_XTS_DECRYPT = 0x32 | 0x80, S390_CRYPTO_AES_256_XTS_ENCRYPT = 0x34, S390_CRYPTO_AES_256_XTS_DECRYPT = 0x34 | 0x80, /* GCM */ S390_CRYPTO_AES_128_GCM_ENCRYPT = 0x12, S390_CRYPTO_AES_128_GCM_DECRYPT = 0x12 | 0x80, S390_CRYPTO_AES_192_GCM_ENCRYPT = 0x13, S390_CRYPTO_AES_192_GCM_DECRYPT = 0x13 | 0x80, S390_CRYPTO_AES_256_GCM_ENCRYPT = 0x14, S390_CRYPTO_AES_256_GCM_DECRYPT = 0x14 | 0x80, /* * The S390_PRNG is only available for the KMC instruction. */ S390_CRYPTO_PRNG = 0x43, /* * The following functions are available for the PPNO/PRNO instruction. */ S390_CRYPTO_SHA512_DRNG_GEN = 0x03, S390_CRYPTO_SHA512_DRNG_SEED = 0x03 | 0x80, S390_CRYPTO_TRNG = 0x72, /* * The following functions are available for the KDSA instruction. */ S390_CRYPTO_ECDSA_VERIFY_P256 = 0x01, S390_CRYPTO_ECDSA_VERIFY_P384 = 0x02, S390_CRYPTO_ECDSA_VERIFY_P521 = 0x03, S390_CRYPTO_ECDSA_SIGN_P256 = 0x09, S390_CRYPTO_ECDSA_SIGN_P384 = 0x0a, S390_CRYPTO_ECDSA_SIGN_P521 = 0x0b, S390_CRYPTO_EDDSA_VERIFY_ED25519 = 0x20, S390_CRYPTO_EDDSA_VERIFY_ED448 = 0x24, S390_CRYPTO_EDDSA_SIGN_ED25519 = 0x28, S390_CRYPTO_EDDSA_SIGN_ED448 = 0x2c, /* * The following functions are available for the PCC instruction. */ S390_CRYPTO_SCALAR_MULTIPLY_P256 = 0x40, S390_CRYPTO_SCALAR_MULTIPLY_P384 = 0x41, S390_CRYPTO_SCALAR_MULTIPLY_P521 = 0x42, S390_CRYPTO_SCALAR_MULTIPLY_ED25519 = 0x48, S390_CRYPTO_SCALAR_MULTIPLY_ED448 = 0x49, S390_CRYPTO_SCALAR_MULTIPLY_X25519 = 0x50, S390_CRYPTO_SCALAR_MULTIPLY_X448 = 0x51 }; extern unsigned long long facility_bits[3]; extern unsigned int sha1_switch, sha256_switch, sha512_switch, sha3_switch, des_switch, tdes_switch, aes128_switch, aes192_switch, aes256_switch, prng_switch, tdea128_switch, tdea192_switch, sha512_drng_switch, msa4_switch, msa5_switch, msa8_switch, trng_switch, msa9_switch, ecc_via_online_card, any_card_online; typedef struct { unsigned int dummy_fc; unsigned int hw_fc; unsigned int *enabled; } s390_supported_function_t; /* Append new dummy fc codes to the end of enumeration. They are used as index * to get the right fc code for the hardware. */ typedef enum { SHA_1, SHA_224, SHA_256, SHA_384, SHA_512, SHA_3_224, SHA_3_256, SHA_3_384, SHA_3_512, SHAKE_128, SHAKE_256, GHASH, SHA_512_224, SHA_512_256 } kimd_functions_t; typedef enum { CMAC_AES_128_GENERATE, CMAC_AES_128_VERIFY, CMAC_AES_192_GENERATE, CMAC_AES_192_VERIFY, CMAC_AES_256_GENERATE, CMAC_AES_256_VERIFY, SCALAR_MULTIPLY_P256, SCALAR_MULTIPLY_P384, SCALAR_MULTIPLY_P521, SCALAR_MULTIPLY_ED25519, SCALAR_MULTIPLY_ED448, SCALAR_MULTIPLY_X25519, SCALAR_MULTIPLY_X448 } pcc_functions_t; typedef enum { SHA512_DRNG_GEN, SHA512_DRNG_SEED, TRNG } ppno_functions_t; extern s390_supported_function_t s390_kmc_functions[]; extern s390_supported_function_t s390_msa4_functions[]; extern s390_supported_function_t s390_pcc_functions[]; extern s390_supported_function_t s390_kma_functions[]; extern s390_supported_function_t s390_kimd_functions[]; extern s390_supported_function_t s390_ppno_functions[]; extern s390_supported_function_t s390_kdsa_functions[]; void s390_crypto_switches_init(void); /** * s390_pcc: * @func: the function code passed to KM; see s390_pcc_functions * @param: address of parameter block; see POP for details on each func * * Executes the PCC operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_pcc(unsigned long func, void *param) { register unsigned long r0 asm("0") = (unsigned long)func; register unsigned long r1 asm("1") = (unsigned long)param; asm volatile ( "0: .long %[opc] << 16\n" " brc 1,0b\n" : : [fc] "d" (r0), [param] "a" (r1), [opc] "i" (0xb92c) : "cc", "memory"); return 0; } /** * s390_kmac: * @func: the function code passed to KMAC; see s390_kmac_func * @param: address of parameter block; see POP for details on each func * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_kmac(unsigned long func, void *param, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; asm volatile ( "0: .insn rre, 0xb91e0000,%0,%0 \n" " brc 1, 0b \n" : "+a"(__src), "+d"(__src_len) : "d"(__func), "a"(__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_kma: * @func: the function code passed to KMA; see s390_kma_functions * @param: address of parameter block; see POP for details on each func * @dest: address of destination memory area * @src: address of source memory area * @src_len: length of src operand in bytes * @aad: address of optional additional authenticated data * @aad_len: length of aad operand in bytes * * Executes the KMA (CIPHER MESSAGE WITH AUTHENTICATION) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_kma(unsigned long func, void *param, unsigned char *dest, const unsigned char *src, long src_len, const unsigned char *aad, long aad_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; register unsigned char *__dest asm("4") = dest; register const unsigned char *__aad asm("6") = aad; register long __aad_len asm("7") = aad_len; asm volatile( "0: .insn rrf,0xb9290000,%2,%0,%3,0 \n" "1: brc 1,0b \n" /* handle partial completion */ : "+a" (__src), "+d" (__src_len), "+a" (__dest), "+a" (__aad), "+d" (__aad_len) : "d" (__func), "a" (__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_kmctr: * @func: the function code passed to KMCTR; see s390_km_func * @param: address of parameter block; see POP for details on each func * @dest: address of destination memory area * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KMCTR (CIPHER MESSAGE WITH COUNTER) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_kmctr(unsigned long func, void *param, unsigned char *dest, const unsigned char *src, long src_len, unsigned char *counter) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; register unsigned char *__dest asm("4") = dest; register unsigned char *__ctr asm("6") = counter; asm volatile( "0: .insn rrf,0xb92d0000,%2,%0,%3,0 \n" "1: brc 1,0b \n" : "+a" (__src), "+d" (__src_len), "+a" (__dest), "+a" (__ctr) : "d" (__func), "a" (__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_kmf: * @func: the function code passed to KMF; see s390_kmf_func * @param: address of parameter block; see POP for details on each func * @dest: address of destination memory area * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KMF (CIPHER MESSAGE) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_kmf(unsigned long func, void *param, unsigned char *dest, const unsigned char *src, long src_len, unsigned int *lcfb) { register long __func asm("0") = ((*lcfb & 0x000000ff) << 24) | func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; register unsigned char *__dest asm("4") = dest; asm volatile ( "0: .insn rre,0xb92a0000,%2,%0 \n" " brc 1,0b \n" : "+a"(__src), "+d"(__src_len), "+a"(__dest) : "d"(__func), "a"(__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_kmo: * @func: the function code passed to KMO; see s390_kmc_func * @param: address of parameter block; see POP for details on each func * @dest: address of destination memory area * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KMO (CIPHER MESSAGE WITH CHAINING) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_kmo(unsigned long func, void *param, unsigned char *dest, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; register unsigned char *__dest asm("4") = dest; asm volatile ( "0: .insn rre, 0xb92b0000,%2,%0 \n" " brc 1, 0b \n" : "+a"(__src), "+d"(__src_len), "+a"(__dest) : "d"(__func), "a"(__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_km: * @func: the function code passed to KM; see s390_km_func * @param: address of parameter block; see POP for details on each func * @dest: address of destination memory area * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KM (CIPHER MESSAGE) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_km(unsigned long func, void *param, unsigned char *dest, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; register unsigned char *__dest asm("4") = dest; asm volatile ( "0: .insn rre,0xb92e0000,%2,%0 \n" /* KM opcode */ " brc 1,0b \n" /* handle partial completion */ : "+a"(__src), "+d"(__src_len), "+a"(__dest) : "d"(__func), "a"(__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_kmc: * @func: the function code passed to KM; see s390_kmc_func * @param: address of parameter block; see POP for details on each func * @dest: address of destination memory area * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KMC (CIPHER MESSAGE WITH CHAINING) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for encryption/decryption funcs */ static inline int s390_kmc(unsigned long func, void *param, unsigned char *dest, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; register unsigned char *__dest asm("4") = dest; asm volatile ( "0: .insn rre, 0xb92f0000,%2,%0 \n" /* KMC opcode */ " brc 1, 0b \n" /* handle partial completion */ : "+a"(__src), "+d"(__src_len), "+a"(__dest) : "d"(__func), "a"(__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_kimd: * @func: the function code passed to KM; see s390_kimd_func * @param: address of parameter block; see POP for details on each func * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) operation * of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for digest funcs */ static inline int s390_kimd_shake(unsigned long func, void *param, unsigned char *dest, long dest_len, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register unsigned char *__dest asm("2") = dest; register long __dest_len asm("3") = dest_len; register const unsigned char *__src asm("4") = src; register long __src_len asm("5") = src_len; int ret = -1; asm volatile( "0: .insn rre,0xb93e0000,%1,%5\n\t" /* KIMD opcode */ " brc 1,0b\n\t" /* handle partial completion */ " la %0,0\n\t" : "+d" (ret), "+a"(__dest), "+d"(__dest_len) : "d"(__func), "a"(__param), "a"(__src), "d"(__src_len) : "cc", "memory" ); return func ? src_len - __src_len : __src_len; } static inline int s390_kimd(unsigned long func, void *param, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; asm volatile ( "0: .insn rre,0xb93e0000,%0,%0 \n" /* KIMD opcode */ " brc 1,0b \n" /* handle partial completion */ : "+a"(__src), "+d"(__src_len) : "d"(__func), "a"(__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_klmd: * @func: the function code passed to KM; see s390_klmd_func * @param: address of parameter block; see POP for details on each func * @src: address of source memory area * @src_len: length of src operand in bytes * * Executes the KLMD (COMPUTE LAST MESSAGE DIGEST) operation of the CPU. * * Returns -1 for failure, 0 for the query func, number of processed * bytes for digest funcs */ static inline int s390_klmd_shake(unsigned long func, void *param, unsigned char *dest, long dest_len, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register unsigned char *__dest asm("2") = dest; register long __dest_len asm("3") = dest_len; register const unsigned char *__src asm("4") = src; register long __src_len asm("5") = src_len; int ret = -1; asm volatile( "0: .insn rre,0xb93f0000,%1,%5\n\t" /* KLMD opcode */ " brc 1,0b\n\t" /* handle partial completion */ " la %0,0\n\t" : "+d" (ret), "+a"(__dest), "+d"(__dest_len) : "d"(__func), "a"(__param), "a"(__src), "d"(__src_len) : "cc", "memory" ); return func ? src_len - __src_len : __src_len; } static inline int s390_klmd(unsigned long func, void *param, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register const unsigned char *__src asm("2") = src; register long __src_len asm("3") = src_len; asm volatile ( "0: .insn rre,0xb93f0000,%0,%0 \n" /* KLMD opcode */ " brc 1,0b \n" /* handle partial completion */ : "+a"(__src), "+d"(__src_len) : "d"(__func), "a"(__param) : "cc", "memory"); return func ? src_len - __src_len : __src_len; } /** * s390_kdsa: * @func: the function code passed to KDSA; see s390_kdsa_functions * @param: address of parameter block; see POP for details on each func * @src: address of source memory area * @srclen: length of src operand in bytes * * Executes the KDSA (COMPUTE DIGITAL SIGNATURE AUTHENTICATION) operation of * the CPU. * * Returns 0 on success. Fails in case of sign if the random number was not * invertible. Fails in case of verify if the signature is invalid or the * public key is not on the curve. */ static inline int s390_kdsa(unsigned long func, void *param, const unsigned char *src, unsigned long srclen) { register unsigned long r0 asm("0") = (unsigned long)func; register unsigned long r1 asm("1") = (unsigned long)param; register unsigned long r2 asm("2") = (unsigned long)src; register unsigned long r3 asm("3") = (unsigned long)srclen; unsigned long rc = 1; asm volatile( "0: .insn rre,%[__opc] << 16,0,%[__src]\n" " brc 1,0b\n" /* handle partial completion */ " brc 7,1f\n" " lghi %[__rc],0\n" "1:\n" : [__src] "+a" (r2), [__srclen] "+d" (r3), [__rc] "+d" (rc) : [__fc] "d" (r0), [__param] "a" (r1), [__opc] "i" (0xb93a) : "cc", "memory"); return (int)rc; } /* * s390_ppno: * * @func: FUNction code. See s390_ppno_func. * @param: PARAMeter block. * @dest: DESTination. Address of destination memory area. * @dest_len: Byte length of @dest * @src: SouRCe. Address of source memory area. * @src_len: Byte length of @src * * Executes the PPNO (Perform Pseudorandom Number Operation) operation of the * CPU. See POP for details. * * @return: * -1 Failure. * 0 Success. * no. of processed bytes */ static inline int s390_ppno(long func, void *param, unsigned char *dest, long dest_len, const unsigned char *src, long src_len) { register long __func asm("0") = func; register void *__param asm("1") = param; register unsigned char *__dest asm("2") = dest; register long __dest_len asm("3") = dest_len; register const unsigned char *__src asm("4") = src; register long __src_len asm("5") = src_len; int ret = -1; asm volatile( "0: .insn rre,0xb93c0000,%1,%5\n\t" /* PPNO opcode */ " brc 1,0b\n\t" /* handle partial completion */ " la %0,0\n\t" : "+d" (ret), "+a"(__dest), "+d"(__dest_len) : "d"(__func), "a"(__param), "a"(__src), "d"(__src_len) : "cc", "memory" ); if(ret < 0) return ret; return func ? dest_len - __dest_len : 0; } /** * cpacf_trng() - executes the TRNG subfunction of the PRNO instruction * @ucbuf: buffer for unconditioned data * @ucbuf_len: amount of unconditioned data to fetch in bytes * @cbuf: buffer for conditioned data * @cbuf_len: amount of conditioned data to fetch in bytes */ static inline void cpacf_trng(unsigned char *ucbuf, unsigned long ucbuf_len, unsigned char *cbuf, unsigned long cbuf_len) { register unsigned long r0 asm("0") = (unsigned long) S390_CRYPTO_TRNG; register unsigned long r2 asm("2") = (unsigned long) ucbuf; register unsigned long r3 asm("3") = (unsigned long) ucbuf_len; register unsigned long r4 asm("4") = (unsigned long) cbuf; register unsigned long r5 asm("5") = (unsigned long) cbuf_len; asm volatile ( "0: .insn rre,0xb93c0000,%[ucbuf],%[cbuf]\n" " brc 1,0b\n" /* handle partial completion */ : [ucbuf] "+a" (r2), [ucbuflen] "+d" (r3), [cbuf] "+a" (r4), [cbuflen] "+d" (r5) : [fc] "d" (r0) : "cc", "memory"); } static inline void s390_stckf_hw(void *buf) { asm volatile(".insn s,0xb27c0000,%0" : "=Q" (*((unsigned long long *)buf)) : : "cc"); } static inline void s390_stcke_hw(void *buf) { asm volatile(".insn s,0xb2780000,%0" : "=Q" (*((unsigned long long *)buf)) : : "cc"); } static inline int __stfle(unsigned long long *list, int doublewords) { register unsigned long __nr asm("0") = doublewords - 1; asm volatile(".insn s,0xb2b00000,0(%1)" /* stfle */ : "+d" (__nr) : "a" (list) : "memory", "cc"); return __nr + 1; } static inline void s390_flip_endian_32(void *dest, const void *src) { asm volatile( " lrvg %%r0,0(0,%[__src])\n" " lrvg %%r1,8(0,%[__src])\n" " lrvg %%r4,16(0,%[__src])\n" " lrvg %%r5,24(0,%[__src])\n" " stg %%r0,24(0,%[__dest])\n" " stg %%r1,16(0,%[__dest])\n" " stg %%r4,8(0,%[__dest])\n" " stg %%r5,0(0,%[__dest])\n" : : [__dest] "a" (dest), [__src] "a" (src) : "memory", "%r0", "%r1", "%r4", "%r5"); } static inline void s390_flip_endian_64(void *dest, const void *src) { asm volatile( " lrvg %%r0,0(0,%[__src])\n" " lrvg %%r1,8(0,%[__src])\n" " lrvg %%r4,16(0,%[__src])\n" " lrvg %%r5,24(0,%[__src])\n" " lrvg %%r6,32(0,%[__src])\n" " lrvg %%r7,40(0,%[__src])\n" " lrvg %%r8,48(0,%[__src])\n" " lrvg %%r9,56(0,%[__src])\n" " stg %%r0,56(0,%[__dest])\n" " stg %%r1,48(0,%[__dest])\n" " stg %%r4,40(0,%[__dest])\n" " stg %%r5,32(0,%[__dest])\n" " stg %%r6,24(0,%[__dest])\n" " stg %%r7,16(0,%[__dest])\n" " stg %%r8,8(0,%[__dest])\n" " stg %%r9,0(0,%[__dest])\n" : : [__dest] "a" (dest), [__src] "a" (src) : "memory", "%r0", "%r1", "%r4", "%r5", "%r6", "%r7", "%r8", "%r9"); } #endif libica-4.0.1/src/include/s390_ctr.h000066400000000000000000000057161417716165400167150ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Holger Dengler * Patrick Steuer * * Copyright IBM Corp. 2010, 2011 */ #ifndef S390_CTR_H #define S390_CTR_H #include "s390_common.h" /* * Get least multiple of @bs that is greater or equal than @n. */ #define NEXT_BS(n, bs) ((n + (bs - 1)) & (~(bs - 1))) #define LARGE_MSG_CHUNK 4096 /* page size */ static inline void __inc_des_ctr(uint64_t *iv, int ctr_bits) { uint64_t ctr, mask; ctr = *iv; if (ctr_bits >= 64) mask = 0ULL; else mask = ~0ULL << ctr_bits; *iv &= mask; ++ctr; *iv |= ctr & ~mask; } static inline void __inc_aes_ctr(struct uint128 *iv, int ctr_bits) { struct uint128 ctr, mask; ctr.g[1] = iv->g[1]; ctr.g[0] = iv->g[0]; if (ctr_bits >= 64) { mask.g[1] = 0ULL; mask.g[0] = ~0ULL << (ctr_bits - 64); } else { mask.g[1] = ~0ULL << ctr_bits; mask.g[0] = ~0ULL; } iv->g[1] &= mask.g[1]; iv->g[0] &= mask.g[0]; if(++(ctr.g[1])) ++(ctr.g[0]); iv->g[1] |= ctr.g[1] & ~mask.g[1]; iv->g[0] |= ctr.g[0] & ~mask.g[0]; } /* * Fill @ctrlist with 8 byte counter blocks. @ctrlistlen must be a multiple of * 8 (DES_BLOCK_SIZE). */ static inline void __fill_des_ctrlist(uint8_t *ctrlist, size_t ctrlistlen, uint64_t *iv, int ctr_bits) { uint64_t ctr, mask, *block; ctr = *iv; if (ctr_bits >= 64) mask = 0ULL; else mask = ~0ULL << ctr_bits; *iv &= mask; for (block = (uint64_t *)ctrlist; block < (uint64_t *)ctrlist + ctrlistlen / sizeof(uint64_t); block++) { *block = (ctr & ~mask) | *iv; ++ctr; } *iv |= ctr & ~mask; } /* * Fill @ctrlist with 16 byte counter blocks. @ctrlistlen must be a multiple of * 16 (AES_BLOCK_SIZE). */ static inline void __fill_aes_ctrlist(uint8_t *ctrlist, size_t ctrlistlen, struct uint128 *iv, int ctr_bits) { struct uint128 ctr, mask, *block; ctr.g[1] = iv->g[1]; ctr.g[0] = iv->g[0]; if (ctr_bits >= 64) { mask.g[1] = 0ULL; mask.g[0] = ~0ULL << (ctr_bits - 64); } else { mask.g[1] = ~0ULL << ctr_bits; mask.g[0] = ~0ULL; } iv->g[1] &= mask.g[1]; iv->g[0] &= mask.g[0]; for (block = (struct uint128 *)ctrlist; block < (struct uint128 *)ctrlist + ctrlistlen / sizeof(struct uint128); block++) { block->g[1] = (ctr.g[1] & ~mask.g[1]) | iv->g[1]; block->g[0] = (ctr.g[0] & ~mask.g[0]) | iv->g[0]; if(++(ctr.g[1])) ++(ctr.g[0]); } iv->g[1] |= ctr.g[1] & ~mask.g[1]; iv->g[0] |= ctr.g[0] & ~mask.g[0]; } static inline int s390_ctr_hw(unsigned int function_code, unsigned long data_length, const unsigned char *in_data, unsigned char *key, unsigned char *out_data, const unsigned char *ctrlist) { int rc = -1; rc = s390_kmctr(function_code, key, out_data, in_data, data_length, (unsigned char *)ctrlist); if (rc >= 0) return 0; else return EIO; } #endif libica-4.0.1/src/include/s390_des.h000066400000000000000000000416161417716165400166770ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * Holger Dengler * * Copyright IBM Corp. 2009, 2010, 2011 */ #ifndef S390_DES_H #define S390_DES_H #include #include #include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "icastats.h" #include "s390_crypto.h" #include "s390_ctr.h" #if OPENSSL_VERSION_PREREQ(3, 0) extern OSSL_LIB_CTX *openssl_libctx; #endif #define DES_BLOCK_SIZE 8 static inline int s390_des_ecb_hw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *keys, unsigned char *output_data) { int rc = -1; rc = s390_km(function_code, keys, output_data, input_data, input_length); if (rc >= 0) return 0; else return EIO; } static inline int s390_des_ecb_sw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, const unsigned char *keys, unsigned char *output_data) { int rc = 0; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); DES_key_schedule key_schedule1; DES_key_schedule key_schedule2; DES_key_schedule key_schedule3; switch (function_code & S390_CRYPTO_FUNCTION_MASK) { case S390_CRYPTO_DEA_ENCRYPT: DES_set_key_unchecked((const_DES_cblock *) keys, &key_schedule1); for (; input_length; input_length -= sizeof(DES_cblock)) { DES_ecb_encrypt((const_DES_cblock *) input_data, (DES_cblock *) output_data, &key_schedule1, (function_code & S390_CRYPTO_DIRECTION_MASK) ? 0 : 1); input_data += sizeof(DES_cblock); output_data += sizeof(DES_cblock); } break; case S390_CRYPTO_TDEA_128_ENCRYPT: DES_set_key_unchecked((const_DES_cblock *) keys, &key_schedule1); DES_set_key_unchecked((const_DES_cblock *) keys + 1, &key_schedule2); for (; input_length; input_length -= sizeof(DES_cblock)) { DES_ecb2_encrypt((const_DES_cblock *) input_data, (DES_cblock *) output_data, &key_schedule1, &key_schedule2, (function_code & S390_CRYPTO_DIRECTION_MASK) ? 0 : 1); input_data += sizeof(DES_cblock); output_data += sizeof(DES_cblock); } break; case S390_CRYPTO_TDEA_192_ENCRYPT: DES_set_key_unchecked((const_DES_cblock *) keys, &key_schedule1); DES_set_key_unchecked((const_DES_cblock *) keys + 1, &key_schedule2); DES_set_key_unchecked((const_DES_cblock *) keys + 2, &key_schedule3); for (; input_length; input_length -= sizeof(DES_cblock)) { DES_ecb3_encrypt((const_DES_cblock *) input_data, (DES_cblock *) output_data, &key_schedule1, &key_schedule2, &key_schedule3, (function_code & S390_CRYPTO_DIRECTION_MASK) ? 0 : 1); input_data += sizeof(DES_cblock); output_data += sizeof(DES_cblock); } break; } OPENSSL_cleanse(&key_schedule1, sizeof(key_schedule1)); OPENSSL_cleanse(&key_schedule2, sizeof(key_schedule2)); OPENSSL_cleanse(&key_schedule2, sizeof(key_schedule3)); END_OPENSSL_LIBCTX(rc); return rc; } static inline int s390_des_cbc_hw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *iv, const unsigned char *keys, unsigned char *output_data) { struct { ica_des_vector_t iv; ica_des_key_triple_t keys; } key_buffer; int rc = -1; unsigned int key_size = (function_code & S390_CRYPTO_FUNCTION_MASK) * sizeof(ica_des_key_single_t); memcpy(&key_buffer.iv, iv, sizeof(ica_des_vector_t)); memcpy(&key_buffer.keys, keys, key_size); rc = s390_kmc(function_code, &key_buffer, output_data, input_data, input_length); memset(&key_buffer.keys, 0, key_size); if (rc >= 0) { memcpy(iv, &key_buffer.iv, sizeof(ica_des_vector_t)); return 0; } else return EIO; } static inline int s390_des_cbc_sw(unsigned int function_code, unsigned long input_length, const unsigned char *input_data, unsigned char *iv, const unsigned char *keys, unsigned char *output_data) { int rc = 0; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ DES_key_schedule key_schedule1; DES_key_schedule key_schedule2; DES_key_schedule key_schedule3; BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); switch (function_code & S390_CRYPTO_FUNCTION_MASK) { case S390_CRYPTO_DEA_ENCRYPT: DES_set_key_unchecked((const_DES_cblock *) keys, &key_schedule1); DES_ncbc_encrypt(input_data, output_data, input_length, &key_schedule1, (DES_cblock *) iv, (function_code & S390_CRYPTO_DIRECTION_MASK) ? 0 : 1); break; case S390_CRYPTO_TDEA_128_ENCRYPT: DES_set_key_unchecked((const_DES_cblock *) keys, &key_schedule1); DES_set_key_unchecked((const_DES_cblock *) keys + 1, &key_schedule2); DES_ede2_cbc_encrypt(input_data, output_data, input_length, &key_schedule1, &key_schedule2, (DES_cblock *) iv, (function_code & S390_CRYPTO_DIRECTION_MASK) ? 0 : 1); break; case S390_CRYPTO_TDEA_192_ENCRYPT: DES_set_key_unchecked((const_DES_cblock *) keys, &key_schedule1); DES_set_key_unchecked((const_DES_cblock *) keys + 1, &key_schedule2); DES_set_key_unchecked((const_DES_cblock *) keys + 2, &key_schedule3); DES_ede3_cbc_encrypt(input_data, output_data, input_length, &key_schedule1, &key_schedule2, &key_schedule3, (DES_cblock *) iv, (function_code & S390_CRYPTO_DIRECTION_MASK) ? 0 : 1); break; }; OPENSSL_cleanse(&key_schedule1, sizeof(key_schedule1)); OPENSSL_cleanse(&key_schedule2, sizeof(key_schedule2)); OPENSSL_cleanse(&key_schedule2, sizeof(key_schedule3)); END_OPENSSL_LIBCTX(rc); return rc; } static inline int s390_des_ecb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *key, unsigned char *out_data) { int rc = ENODEV; int hardware = ALGO_HW; if (*s390_kmc_functions[fc].enabled) rc = s390_des_ecb_hw(s390_kmc_functions[fc].hw_fc, data_length, in_data, key, out_data); if (rc) { if (!ica_fallbacks_enabled) return rc; rc = s390_des_ecb_sw(s390_kmc_functions[fc].hw_fc, data_length, in_data, key, out_data); hardware = ALGO_SW; } switch (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_FUNCTION_MASK) { case S390_CRYPTO_DEA_ENCRYPT: stats_increment(ICA_STATS_DES_ECB, hardware, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; case S390_CRYPTO_TDEA_128_ENCRYPT: case S390_CRYPTO_TDEA_192_ENCRYPT: stats_increment(ICA_STATS_3DES_ECB, hardware, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; } return rc; } static inline int s390_des_cbc(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data) { int rc = ENODEV; int hardware = ALGO_HW; if (*s390_kmc_functions[fc].enabled) rc = s390_des_cbc_hw(s390_kmc_functions[fc].hw_fc, data_length, in_data, iv, key, out_data); if (rc) { if (!ica_fallbacks_enabled) return rc; rc = s390_des_cbc_sw(s390_kmc_functions[fc].hw_fc, data_length, in_data, iv, key, out_data); hardware = ALGO_SW; } switch (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_FUNCTION_MASK) { case S390_CRYPTO_DEA_ENCRYPT: stats_increment(ICA_STATS_DES_CBC, hardware, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; case S390_CRYPTO_TDEA_128_ENCRYPT: case S390_CRYPTO_TDEA_192_ENCRYPT: stats_increment(ICA_STATS_3DES_CBC, hardware, (s390_kmc_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; } return rc; } static inline int s390_des_cfb_hw(unsigned int function_code, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data, unsigned int lcfb) { struct { ica_des_vector_t iv; ica_des_key_triple_t keys; } key_buffer; int rc = -1; unsigned int key_size = (function_code & S390_CRYPTO_FUNCTION_MASK) * sizeof(ica_des_key_single_t); memcpy(&key_buffer.iv, iv, sizeof(ica_des_vector_t)); memcpy(&key_buffer.keys, key, key_size); rc = s390_kmf(function_code, &key_buffer, out_data, in_data, data_length, &lcfb); memset(&key_buffer.keys, 0, key_size); if (rc >= 0) { memcpy(iv, &key_buffer.iv, sizeof(ica_des_vector_t)); return 0; } else return EIO; } static inline int __s390_des_cfb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data, unsigned int lcfb) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_des_cfb_hw(s390_msa4_functions[fc].hw_fc, data_length, in_data, iv, key, out_data, lcfb); if (rc) return rc; switch (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_FUNCTION_MASK) { case S390_CRYPTO_DEA_ENCRYPT: stats_increment(ICA_STATS_DES_CFB, ALGO_HW, (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; case S390_CRYPTO_TDEA_128_ENCRYPT: case S390_CRYPTO_TDEA_192_ENCRYPT: stats_increment(ICA_STATS_3DES_CFB, ALGO_HW, (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; } return 0; } static inline int s390_des_ofb_hw(unsigned int function_code, unsigned int input_length, const unsigned char *input_data, unsigned char *iv, const unsigned char *keys, unsigned char *output_data) { struct { ica_des_vector_t iv; ica_des_key_triple_t keys; } key_buffer; int rc = -1; unsigned int key_size = (function_code & S390_CRYPTO_FUNCTION_MASK) * sizeof(ica_des_key_single_t); memcpy(&key_buffer.iv, iv, sizeof(ica_des_vector_t)); memcpy(&key_buffer.keys, keys, key_size); rc = s390_kmo(function_code, &key_buffer, output_data, input_data, input_length); memset(&key_buffer.keys, 0, key_size); if (rc >= 0) { memcpy(iv, &key_buffer.iv, sizeof(ica_des_vector_t)); return 0; } else return EIO; } static inline int __s390_des_ofb(unsigned int fc, unsigned int input_length, const unsigned char *input_data, unsigned char *iv, const unsigned char *keys, unsigned char *output_data) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_des_ofb_hw(s390_msa4_functions[fc].hw_fc, input_length, input_data, iv, keys, output_data); if (rc) return rc; switch (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_FUNCTION_MASK) { case S390_CRYPTO_DEA_ENCRYPT: stats_increment(ICA_STATS_DES_OFB, ALGO_HW, (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; case S390_CRYPTO_TDEA_128_ENCRYPT: case S390_CRYPTO_TDEA_192_ENCRYPT: stats_increment(ICA_STATS_3DES_OFB, ALGO_HW, (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ? ENCRYPT : DECRYPT); break; } return 0; } static inline int s390_des_cfb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data, unsigned int lcfb) { int rc = 0; /* Temporary buffers with size of lcfb should be * sufficiant, using static maximun lcfb instead. */ unsigned char rest_in_data[DES_BLOCK_SIZE]; unsigned char rest_out_data[DES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % lcfb; tmp_data_length = data_length - rest_data_length; if (tmp_data_length) { rc = __s390_des_cfb(fc, tmp_data_length, in_data, iv, key, out_data, lcfb); if (rc) return rc; } if (rest_data_length) { memcpy(rest_in_data, in_data + tmp_data_length, rest_data_length); rc = __s390_des_cfb(fc, lcfb, rest_in_data, iv, key, rest_out_data, lcfb); if (rc) return rc; memcpy(out_data + tmp_data_length, rest_out_data, rest_data_length); } return rc; } static inline int s390_des_ofb(unsigned int fc, unsigned long data_length, const unsigned char *in_data, unsigned char *iv, const unsigned char *key, unsigned char *out_data) { int rc = 0; unsigned char rest_in_data[DES_BLOCK_SIZE]; unsigned char rest_out_data[DES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % DES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length; if (tmp_data_length) { rc = __s390_des_ofb(fc, tmp_data_length, in_data, iv, key, out_data); if (rc) return rc; } if (rest_data_length) { memcpy(rest_in_data, in_data + tmp_data_length, rest_data_length); rc = __s390_des_ofb(fc, DES_BLOCK_SIZE, rest_in_data, iv, key, rest_out_data); if (rc) return rc; memcpy(out_data + tmp_data_length, rest_out_data, rest_data_length); } return rc; } static inline int __s390_des_ctrlist(unsigned int fc, unsigned long data_length, const unsigned char *in_data, const unsigned char *ctrlist, unsigned char *key, unsigned char *out_data) { int rc = ENODEV; if (*s390_msa4_functions[fc].enabled) rc = s390_ctr_hw(s390_msa4_functions[fc].hw_fc, data_length, in_data, key, out_data, ctrlist); if (rc) return rc; switch (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_FUNCTION_MASK) { case S390_CRYPTO_DEA_ENCRYPT: stats_increment(ICA_STATS_DES_CTR, ALGO_HW, (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ?ENCRYPT: DECRYPT); break; case S390_CRYPTO_TDEA_128_ENCRYPT: case S390_CRYPTO_TDEA_192_ENCRYPT: stats_increment(ICA_STATS_3DES_CTR, ALGO_HW, (s390_msa4_functions[fc].hw_fc & S390_CRYPTO_DIRECTION_MASK) == 0 ?ENCRYPT: DECRYPT); break; } return 0; } static inline int s390_des_ctrlist(unsigned int fc, unsigned long data_length, const unsigned char *in_data, const unsigned char *ctrlist, unsigned char *key, unsigned char *out_data) { int rc = 0; unsigned char rest_in_data[DES_BLOCK_SIZE]; unsigned char rest_out_data[DES_BLOCK_SIZE]; unsigned long rest_data_length; unsigned long tmp_data_length; rest_data_length = data_length % DES_BLOCK_SIZE; tmp_data_length = data_length - rest_data_length; if (tmp_data_length) { rc = __s390_des_ctrlist(fc, tmp_data_length, in_data, ctrlist, key, out_data); if (rc) return rc; } if (rest_data_length) { memcpy(rest_in_data, in_data + tmp_data_length, rest_data_length); rc = __s390_des_ctrlist(fc, DES_BLOCK_SIZE, rest_in_data, ctrlist + tmp_data_length, key, rest_out_data); if (rc) return rc; memcpy(out_data + tmp_data_length, rest_out_data, rest_data_length); } return rc; } static inline int s390_des_ctr(unsigned int fc, const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, unsigned char *key, unsigned char *ctr, unsigned int ctr_width) { const unsigned char *src; unsigned char *tmp_ctrlist = NULL; unsigned long chunk_length; unsigned long rest_length; unsigned long tmp_length; int rc = 0; if (data_length <= DES_BLOCK_SIZE) { /* short message handling */ rc = s390_des_ctrlist(fc, data_length, in_data, ctr, key, out_data); if (rc) goto free_out; __inc_des_ctr((uint64_t *)ctr, ctr_width); return rc; } /* find largest possible message chunk */ /* get next multiple of blocksize of data_length */ chunk_length = NEXT_BS(data_length, DES_BLOCK_SIZE); tmp_ctrlist = malloc(chunk_length); /* page size chunk fall back */ if ((!tmp_ctrlist) && (data_length > LARGE_MSG_CHUNK)) { chunk_length = LARGE_MSG_CHUNK; tmp_ctrlist = malloc(chunk_length); } /* single block chunk fall back */ if (!tmp_ctrlist) chunk_length = DES_BLOCK_SIZE; for (src = in_data, rest_length = data_length; src < (in_data + data_length); src += chunk_length, out_data += chunk_length, rest_length -= chunk_length) { tmp_length = (rest_length < chunk_length) ? rest_length : chunk_length; if (tmp_ctrlist) { __fill_des_ctrlist(tmp_ctrlist, NEXT_BS(tmp_length, DES_BLOCK_SIZE), (uint64_t *)ctr, ctr_width); rc = s390_des_ctrlist(fc, tmp_length, src, tmp_ctrlist, key, out_data); if (rc) goto free_out; } else { rc = s390_des_ctrlist(fc, tmp_length, src, ctr, key, out_data); if (rc) goto free_out; __inc_des_ctr((uint64_t *)ctr, ctr_width); } } free_out: if (tmp_ctrlist) free(tmp_ctrlist); return rc; } #endif libica-4.0.1/src/include/s390_drbg.h000066400000000000000000000144521417716165400170400ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * DRBG conforming to NIST SP800-90A * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2015 * * This file contains infrastructure that should be used when implementing more * DRBG mechanisms. Don't forget to add the new DRBG mechanism to the DRBG * mechanism list. */ #ifndef S390_DRBG_H #define S390_DRBG_H #include #define DRBG_ADD_ENTROPY_LEN 18 /* bytes of entropy input used in addition to the required minimum */ #define DRBG_NONCE_LEN 16 /* byte length of nonce */ #define DRBG_OUT_LEN (512 / 8) /* byte length of SHA-512 output */ /* * DRBG security strengths (bits) */ #define DRBG_SEC_112 112 #define DRBG_SEC_128 128 #define DRBG_SEC_192 192 #define DRBG_SEC_256 256 /* * DRBG mechanism function return codes */ /* error flags (> 0): */ #define DRBG_RESEED_REQUIRED 1 #define DRBG_NOMEM 2 #define DRBG_SH_INV 3 #define DRBG_MECH_INV 4 #define DRBG_PERS_INV 5 #define DRBG_ADD_INV 6 #define DRBG_REQUEST_INV 7 #define DRBG_NONCE_INV 8 #define DRBG_SEC_NOTSUPP 9 #define DRBG_PR_NOTSUPP 10 /* catastrophic error flags (< 0): */ #define DRBG_HEALTH_TEST_FAIL (-1) #define DRBG_ENTROPY_SOURCE_FAIL (-2) /* * DRBG mechanism type */ struct ica_drbg_mech{ const char *id; /* Mechanism constants */ const int highest_supp_sec; const size_t seed_len; const size_t max_pers_len; const size_t max_add_len; const size_t max_len; const size_t max_no_of_bytes_per_req; const uint64_t reseed_intervall; /* Pointers to mechanism functions */ int (*instantiate)(void **ws, int sec, const unsigned char *pers, size_t pers_len, const unsigned char *entropy, size_t entropy_len, const unsigned char *nonce, size_t nonce_len); int (*reseed)(void *ws, const unsigned char *add, size_t add_len, const unsigned char *entropy, size_t entropy_len); int (*generate)(void *ws, const unsigned char *add, size_t add_len, unsigned char *prnd_bytes, size_t prnd_bytes_len); int (*uninstantiate)(void **ws, bool test_mode); int (*health_test)(void *func, int sec, bool pr); /* Health testing: A thread holds this wrlock while performing * self-tests such that no other thread can do a generate operation in * this time: generate requires this rdlock (11.3). */ pthread_rwlock_t lock; const uint64_t test_intervall; uint64_t test_ctr; int error_state; }; /* * DRBG type */ struct ica_drbg{ pthread_mutex_t lock; /* serialize operations on working state */ ica_drbg_mech_t *mech; /* DRBG mechanism */ /* * Internal state */ void *ws; /* working state */ /* administrative information: */ int sec; /* security strength */ bool pr; /* prediction resistance flag */ }; /* * DRBG mechanism list. Add new DRBG mechanism here: */ extern ica_drbg_mech_t DRBG_SHA512; extern ica_drbg_mech_t *const DRBG_MECH_LIST[]; extern const size_t DRBG_MECH_LIST_LEN; /* * DRBG SEI (source of entropy input) list. Add devices/change priorities here: */ extern const char *const DRBG_SEI_LIST[]; extern const size_t DRBG_SEI_LIST_LEN; /* * DRBG mechanism functions * * @test_mode = true enables testing interface (see 11.2). */ int drbg_instantiate(ica_drbg_t **sh, int sec, bool pr, ica_drbg_mech_t *mech, const unsigned char *pers, size_t pers_len, bool test_mode, const unsigned char *test_nonce, size_t test_nonce_len, const unsigned char *test_entropy, size_t test_entropy_len); int drbg_reseed(ica_drbg_t *sh, bool pr, const unsigned char *add, size_t add_len, bool test_mode, const unsigned char *entropy, size_t entropy_len); int drbg_generate(ica_drbg_t *sh, int sec, bool pr, const unsigned char *add, size_t add_len, bool test_mode, const unsigned char *test_entropy, size_t test_entropy_len, unsigned char *prnd, size_t prnd_len); int drbg_uninstantiate(ica_drbg_t **sh, bool test_mode); int drbg_health_test(const void *func, int sec, bool pr, ica_drbg_mech_t *mech); /* * Auxiliary functions */ /* Hash derivation function based on SHA-512. Used by DRBG_SHA512 and * DRBG_DUAL_EC mechanism. */ int drbg_hash_df(const unsigned char *input_string, size_t input_string_len, unsigned char *req_bytes, size_t req_bytes_len); /* Obtain entropy input from an entropy source, a NRBG or another DRBG. * The request for prediciton resistence (@pr) rules out the use of a DRBG that * does not have access to either an entropy source or NRBG (see 9.). */ int drbg_get_entropy_input(bool pr, int min_entropy, size_t max_len, unsigned char *entropy, size_t entropy_len); /* Obtain a nonce. The nonce is made of a timestamp, the thread id and a * counter */ int drbg_get_nonce(unsigned char *nonce, size_t nonce_len); /* Zeroise memory to erase sensitive data. */ static inline void drbg_zmem(void *ptr, size_t len) { if(ptr) memset(ptr, 0, len); /* protect this code from unwanted compiler optimization */ __asm__ __volatile__ ("": :"r"(ptr) :"memory"); } /* Check if memory area was zeroised. */ static inline int drbg_check_zmem(void *ptr, size_t len) { size_t i; if(!ptr) return DRBG_HEALTH_TEST_FAIL; for(i = 0; i < len; i++){ if(((unsigned char *)ptr)[i]) return DRBG_HEALTH_TEST_FAIL; } return 0; } /* Test whether a mechanism is valid. Returns EINVAL for unsupported * mechanisms, the error state (<0) for mechanisms in error state or 0 on * success. */ static inline int drbg_mech_valid(const ica_drbg_mech_t *mech) { int i; if(!mech) return DRBG_MECH_INV; /* Check if @mech is supported. */ for(i = DRBG_MECH_LIST_LEN - 1; i >= 0; i--){ if(DRBG_MECH_LIST[i] == mech) break; } if(i < 0) return DRBG_MECH_INV; /* Check if @mech is in error state. */ if(mech->error_state) return mech->error_state; return 0; } /* Initilize a recursive mutex. */ static inline void drbg_recursive_mutex_init(pthread_mutex_t *lock) { pthread_mutexattr_t attr; pthread_mutexattr_init(&attr); pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE); pthread_mutex_init(lock, &attr); } #endif libica-4.0.1/src/include/s390_drbg_sha512.h000066400000000000000000000041231417716165400201150ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * DRBG conforming to NIST SP800-90A * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2015 */ #ifndef S390_DRBG_SHA512_H #define S390_DRBG_SHA512_H #include #include "ica_api.h" #define DRBG_SHA512_SEED_LEN (888 / 8) /* * SHA-512 DRBG mechanism working state type (see POP) */ struct drbg_sha512_ws{ uint32_t rsvd0; /* padding */ uint32_t reseed_ctr; /* reseed counter */ uint64_t stream_bytes; /* no. of generated bytes */ unsigned char rsvd1; /* padding */ unsigned char v[DRBG_SHA512_SEED_LEN]; /* V */ unsigned char rsvd2; /* padding */ unsigned char c[DRBG_SHA512_SEED_LEN]; /* C */ }; /* * SHA-512 DRBG mechanism functions */ int drbg_sha512_instantiate(void **ws, int sec_strength, const unsigned char *pers, size_t pers_len, const unsigned char *entropy, size_t entropy_len, const unsigned char *nonce, size_t nonce_len); int drbg_sha512_instantiate_ppno(void **ws, int sec_strength, const unsigned char *pers, size_t pers_len, const unsigned char *entropy, size_t entropy_len, const unsigned char *nonce, size_t nonce_len); int drbg_sha512_reseed(void *ws, const unsigned char *add, size_t add_len, const unsigned char *entropy, size_t entropy_len); int drbg_sha512_reseed_ppno(void *ws, const unsigned char *add, size_t add_len, const unsigned char *entropy, size_t entropy_len); int drbg_sha512_generate(void *ws, const unsigned char *add, size_t add_len, unsigned char *prnd, size_t prnd_len); int drbg_sha512_generate_ppno(void *ws, const unsigned char *add, size_t add_len, unsigned char *prnd, size_t prnd_len); int drbg_sha512_uninstantiate(void **ws, bool test_mode); int drbg_sha512_health_test(void *func, int sec, bool pr); #endif libica-4.0.1/src/include/s390_ecc.h000066400000000000000000000301231417716165400166450ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Joerg Schmidbauer * * Copyright IBM Corp. 2017 */ #ifndef S390_ECDH_H #define S390_ECDH_H #include #include #include #include #include "ica_api.h" #define MAX_ECC_PRIV_SIZE 66 /* 521 bits */ #define MAX_ECDSA_SIG_SIZE 132 struct ec_key_t { uint32_t nid; unsigned char* X; unsigned char* Y; unsigned char* D; }; /* ICA_EC_KEY */ /* ICA_X25519_CTX */ struct ica_x25519_ctx { unsigned char priv[32]; unsigned char pub[32]; int priv_init; int pub_init; }; /* ICA_X448_CTX */ struct ica_x448_ctx { unsigned char priv[56]; unsigned char pub[56]; int priv_init; int pub_init; }; /* ICA_ED25519_CTX */ struct ica_ed25519_ctx { struct { unsigned char sig[64]; unsigned char priv[32]; unsigned char buf[4096 - 64 - 32]; } sign_param; struct { unsigned char sig[64]; unsigned char pub[32]; unsigned char buf[4096 - 64 - 32]; } verify_param; int priv_init; int pub_init; }; /* ICA_ED448_CTX */ struct ica_ed448_ctx { struct { unsigned char sig[128]; unsigned char priv[64]; unsigned char buf[4096 - 128 - 64]; } sign_param; struct { unsigned char sig[128]; unsigned char pub[64]; unsigned char buf[4096 - 128 - 64]; } verify_param; int priv_init; int pub_init; }; int x25519_derive_pub(unsigned char pub[32], const unsigned char priv[32]); int x448_derive_pub(unsigned char pub[56], const unsigned char priv[56]); int ed25519_derive_pub(unsigned char pub[32], const unsigned char sha512_priv[32]); int ed448_derive_pub(unsigned char pub[57], const unsigned char buf[57]); int scalar_mulx_cpacf(unsigned char *res_u, const unsigned char *scalar, const unsigned char *u, int curve_nid); /** * Refer to z/OS ICSF Application Programmer's Guide, * Appendix A. ICSF and cryptographic coprocessor return and reason codes */ #define RS_SIGNATURE_INVALID 429 /** * Refer to z/OS ICSF Application Programmer's Guide, * Appendix B. Key Token Formats */ #define CURVE_TYPE_PRIME 0x00 #define CURVE_TYPE_BRAINPOOL 0x01 /** * CCA token header. */ typedef struct { uint8_t tkn_hdr_id; uint8_t tkn_hdr_version; uint16_t tkn_length; uint8_t reserved[4]; } __attribute__((packed)) CCA_TOKEN_HDR; /** * ECC private key section */ typedef struct { uint8_t section_id; /* 0x20 = ecc private key */ uint8_t version; uint16_t section_len; uint8_t wrapping_method; uint8_t hash_used_for_wrapping; uint8_t reserved1[2]; uint8_t key_usage; uint8_t curve_type; /* 0x00 = prime, 0x01 = brainpool */ uint8_t key_format; uint8_t reserved2; uint16_t priv_p_bitlen; /* length of prime p in bits */ uint16_t ibm_associated_data_len; uint8_t kvp[8]; uint8_t obj_protection_key[48]; uint16_t associated_data_len; uint16_t formatted_data_len; } __attribute__((packed)) ECC_PRIVATE_KEY_SECTION; /** * ECC associated data. */ typedef struct { uint8_t version; uint8_t key_label; uint16_t ibm_data_len; uint16_t ibm_ext_ad_len; uint8_t user_def_ad_len; uint8_t curve_type; uint16_t p_bitlen; uint8_t usage_flag; uint8_t format_and_sec_flag; uint8_t reserved[4]; } __attribute__((packed)) ECC_ASSOCIATED_DATA; /** * ECC public key section. */ typedef struct { uint8_t section_id; /* 0x21 = ecc public key */ uint8_t version; uint16_t section_len; uint8_t reserved1[4]; uint8_t curve_type; uint8_t reserved2; uint16_t pub_p_bitlen; uint16_t pub_q_bytelen; } __attribute__((packed)) ECC_PUBLIC_KEY_SECTION; /** * ECC private key token */ typedef struct { uint16_t key_len; uint16_t reserved; CCA_TOKEN_HDR tknhdr; ECC_PRIVATE_KEY_SECTION privsec; ECC_ASSOCIATED_DATA adata; unsigned char privkey[0]; /* here comes the variable length private key (D) */ } __attribute__((packed)) ECC_PRIVATE_KEY_TOKEN; /** * ECC public key token */ typedef struct { ECC_PUBLIC_KEY_SECTION pubsec; uint8_t compress_flag; unsigned char pubkey[0]; /* here comes the variable length public key (X,Y) */ } __attribute__((packed)) ECC_PUBLIC_KEY_TOKEN; /** * ECC keyblock, just the length field. */ typedef struct { uint16_t keyblock_len; } __attribute__((packed)) ECC_KEYBLOCK_LENGTH; /** * A null key token. */ typedef struct { uint8_t nullkey_len[2]; uint8_t nkey[66]; } ECDH_NULLKEY; /** * An ecc nullkey block. */ typedef struct { uint16_t len; uint16_t flags; uint8_t nulltoken; } __attribute__((packed)) ECC_NULL_TOKEN; /** * ECDH parmblock. */ typedef struct { uint16_t subfunc_code; struct { uint16_t rule_array_len; uint8_t rule_array_cmd[8]; } rule_array; struct { uint16_t vud_len; uint8_t vud1[4]; uint8_t vud2[6]; uint8_t vud3[4]; uint8_t vud4[4]; } vud_data; } __attribute__((packed)) ECDH_PARMBLOCK; /** * ECDH reply */ typedef struct { uint8_t reply_cprbx[sizeof(struct CPRBX)]; uint8_t subfunc_code[2]; uint16_t rule_len; uint8_t vud[14]; uint16_t key_block_len; uint16_t key_len; /* keylen-4 is the z-value length */ uint16_t key_tag; uint8_t raw_z_value[MAX_ECC_PRIV_SIZE]; } __attribute__((packed)) ECDH_REPLY; unsigned int ecdh_hw(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, unsigned char *z); unsigned int ecdh_sw(const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, unsigned char *z); /** * ECDSA parmblock. */ typedef struct { uint16_t subfunc_code; struct { uint16_t rule_array_len; uint8_t rule_array_cmd[8]; } rule_array; struct { uint16_t vud_len; uint16_t vud1_len; uint8_t vud1[0]; /* Here comes the variable length data to sign/verify */ } vud_data; } __attribute__((packed)) ECDSA_PARMBLOCK_PART1; typedef struct { struct { uint16_t vud2_len; uint16_t vud2_data[0]; /* Here comes the variable length signature to verify */ } vud_data; } __attribute__((packed)) ECDSA_PARMBLOCK_PART2; /** * ECDSA verify public key block */ typedef struct { uint16_t key_len; uint8_t reserved[2]; CCA_TOKEN_HDR tknhdr; ECC_PUBLIC_KEY_SECTION pubsec; uint8_t compress_flag; unsigned char pubkey[0]; /* here comes the variable length public key (X,Y) */ } __attribute__((packed)) ECDSA_PUBLIC_KEY_BLOCK; /** * ECDSA sign reply */ typedef struct { uint8_t reply_cprbx[sizeof(struct CPRBX)]; uint8_t subfunc_code[2]; uint16_t rule_len; uint16_t vud_len; uint8_t vud1[6]; uint8_t signature[MAX_ECDSA_SIG_SIZE]; /* siglen = vud_len - 6 - 2 */ } __attribute__((packed)) ECDSA_SIGN_REPLY; /** * ECDSA verify reply */ typedef struct { uint8_t reply_cprbx[sizeof(struct CPRBX)]; uint8_t subfunc_code[2]; uint16_t rule_len; uint16_t vud_len; uint16_t keylen; } __attribute__((packed)) ECDSA_VERIFY_REPLY; unsigned int ecdsa_sign_hw(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey, const unsigned char *hash, unsigned int hash_length, unsigned char *signature); unsigned int ecdsa_sign_sw(const ICA_EC_KEY *privkey, const unsigned char *hash, unsigned int hash_length, unsigned char *signature); unsigned int ecdsa_verify_hw(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *pubkey, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature); unsigned int ecdsa_verify_sw(const ICA_EC_KEY *pubkey, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature); /** * ECKeyGen parmblock. */ typedef struct { uint16_t subfunc_code; struct { uint16_t rule_array_len; uint8_t rule_array_cmd[8]; } rule_array; uint16_t vud_len; /* no data, only len field */ } __attribute__((packed)) ECKEYGEN_PARMBLOCK; /** * ECKeyGen private key struct */ typedef struct { uint16_t key_len; uint16_t reserved1; CCA_TOKEN_HDR tknhdr; ECC_PRIVATE_KEY_SECTION privsec; ECC_ASSOCIATED_DATA adata; ECC_PUBLIC_KEY_SECTION pubsec; } __attribute__((packed)) ECKEYGEN_KEY_TOKEN; /** * ECKeyGen reply */ typedef struct { uint8_t reply_cprbx[sizeof(struct CPRBX)]; uint8_t subfunc_code[2]; uint16_t rule_len; uint16_t vud_len; uint16_t keyblock_len; ECC_PRIVATE_KEY_TOKEN eckey; } __attribute__((packed)) ECKEYGEN_REPLY; unsigned int eckeygen_hw(ica_adapter_handle_t adapter_handle, ICA_EC_KEY *key); unsigned int eckeygen_sw(ICA_EC_KEY *key); int ec_key_check(ICA_EC_KEY *ica_key); /** * returns 1 if the given data length is valid for Crypto Express, 0 otherwise. */ static inline int hash_length_valid(unsigned int length) { switch (length) { case 20: case 28: case 32: case 48: case 64: return 1; default: return 0; } } extern unsigned int msa9_switch, ecc_via_online_card; /** * returns 1 if the curve specified by nid is supported by CCA cards, * and there is a CCA card online, 0 otherwise. */ static inline int curve_supported_via_online_card(unsigned int nid) { if (!ecc_via_online_card) return 0; switch (nid) { case NID_X9_62_prime192v1: case NID_secp224r1: case NID_X9_62_prime256v1: case NID_secp384r1: case NID_secp521r1: case NID_brainpoolP160r1: case NID_brainpoolP192r1: case NID_brainpoolP224r1: case NID_brainpoolP256r1: case NID_brainpoolP320r1: case NID_brainpoolP384r1: case NID_brainpoolP512r1: return 1; default: return 0; } } /** * returns 1 if the curve specified by nid is supported by CPACF within the * EC API, 0 otherwise. * * Note: ED25519, ED448, X25519, and X448 must be used via the related ica_ed * and ica_x API functions. CPACF support within the ica_ec API is just a * performance improvement over CCA cards, but does not support curves * that are not supported via CCA cards. */ static inline int curve_supported_via_cpacf(unsigned int nid) { #ifdef NO_CPACF (void)(nid); return 0; #else if (!msa9_switch) return 0; switch (nid) { case NID_X9_62_prime256v1: case NID_secp384r1: case NID_secp521r1: return 1; default: return 0; } #endif } /** * returns 1 if the curve specified by nid is supported by openssl, 0 otherwise. */ static inline int curve_supported_via_openssl(unsigned int nid) { EC_GROUP *ptr = EC_GROUP_new_by_curve_name(nid); if (ptr) EC_GROUP_free(ptr); return ptr ? 1 : 0; } static inline int sw_fallbacks_implemented(int nid) { switch (nid) { case NID_X9_62_prime192v1: case NID_secp224r1: case NID_X9_62_prime256v1: case NID_secp384r1: case NID_secp521r1: case NID_brainpoolP160r1: case NID_brainpoolP192r1: case NID_brainpoolP224r1: case NID_brainpoolP256r1: case NID_brainpoolP320r1: case NID_brainpoolP384r1: case NID_brainpoolP512r1: return 1; default: return 0; } } /** * returns the curve type (prime or brainpool) for the given nid. * returns -1 for any unknown nid. */ static inline short curve_type_from_nid(unsigned int nid) { switch (nid) { case NID_X9_62_prime192v1: case NID_secp224r1: case NID_X9_62_prime256v1: case NID_secp384r1: case NID_secp521r1: return CURVE_TYPE_PRIME; case NID_brainpoolP160r1: case NID_brainpoolP192r1: case NID_brainpoolP224r1: case NID_brainpoolP256r1: case NID_brainpoolP320r1: case NID_brainpoolP384r1: case NID_brainpoolP512r1: return CURVE_TYPE_BRAINPOOL; default: return -1; } } /** * returns the length in bytes of the EC private key D-value * for the given nid. * returns -1 for any unknown nid. */ static inline int privlen_from_nid(unsigned int nid) { switch (nid) { case NID_brainpoolP160r1: return 20; case NID_X9_62_prime192v1: case NID_brainpoolP192r1: return 24; case NID_secp224r1: case NID_brainpoolP224r1: return 28; case NID_ED25519: case NID_X25519: case NID_X9_62_prime256v1: case NID_brainpoolP256r1: return 32; case NID_brainpoolP320r1: return 40; case NID_secp384r1: case NID_brainpoolP384r1: return 48; case NID_X448: return 56; case NID_ED448: return 57; case NID_brainpoolP512r1: return 64; case NID_secp521r1: return 66; default: return -1; } } static inline unsigned int getenv_icapath() { char* s = getenv("ICAPATH"); int icapath=0; /* hw with sw fallback (default) */ int env_icapath; if (s) { if (sscanf(s, "%d", &env_icapath) == 1) { switch (env_icapath) { case 1: return 1; /* sw only */ case 2: return 2; /* hw only */ default: break; /* default */ } } } return icapath; } #endif libica-4.0.1/src/include/s390_gcm.h000066400000000000000000000447471417716165400167020ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Holger Dengler * * Copyright IBM Corp. 2010, 2011 */ #ifndef S390_GCM_H #define S390_GCM_H #include "s390_ctr.h" #define S390_GCM_MAX_TEXT_LENGTH (0x0000000fffffffe0ul) /* (2^31)-32 */ #define S390_GCM_MAX_AAD_LENGTH (0x2000000000000000ul) /* (2^61) */ #define S390_GCM_MAX_IV_LENGTH (0x2000000000000000ul) /* (2^61) */ /* the recommended iv length for GCM is 96 bit or 12 byte */ #define GCM_RECOMMENDED_IV_LENGTH 12 /* ctr with for GCM is specified with 32 bit */ #define GCM_CTR_WIDTH 32 /* Helper struct containing last uncomplete ciphertext block * with padding, aad_length and ciphertext_length. */ unsigned char zero_block[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; static unsigned char partial_j[] = { 0x00, 0x00, 0x00, 0x01, }; struct pad_meta { unsigned char pad[AES_BLOCK_SIZE]; uint64_t length_a; uint64_t length_b; } __attribute__((packed)); /** * GCM context struct */ struct kma_ctx_t { unsigned char reserved[12]; uint32_t cv; ica_aes_vector_t tag; ica_aes_vector_t subkey_h; uint64_t total_aad_length; uint64_t total_input_length; ica_aes_vector_t j0; ica_aes_key_len_256_t key; // Above this line: KMA parmblock, never change! uint32_t version; /* 0x00 */ uint32_t direction; uint32_t key_length; uint32_t subkey_provided; // Below this line: KMA simulation via MSA 4 unsigned char* iv; uint32_t iv_length; ica_aes_vector_t ucb; uint32_t done; uint32_t intermediate; uint32_t first_time; } __attribute__((packed)); static inline int s390_ghash_hw(unsigned int fc, const unsigned char *in_data, unsigned long data_length, unsigned char *iv, const unsigned char *subkey) { struct { unsigned char iv[AES_BLOCK_SIZE]; unsigned char hash_subkey[AES_BLOCK_SIZE]; } __attribute__((packed)) parmblock; int rc = 0; int hardware = ALGO_HW; memcpy(parmblock.iv, iv, AES_BLOCK_SIZE); memcpy(parmblock.hash_subkey, subkey, AES_BLOCK_SIZE); rc = s390_kimd(fc, &parmblock, in_data, data_length); if((unsigned long)rc == data_length) { /* All data has been processed */ memcpy(iv, parmblock.iv, AES_BLOCK_SIZE); stats_increment(ICA_STATS_GHASH, hardware, ENCRYPT); return 0; } return EIO; } static inline int s390_ghash(const unsigned char *in_data, unsigned long data_length, const unsigned char *key, unsigned char *iv) { if (!s390_kimd_functions[GHASH].enabled) return ENODEV; return s390_ghash_hw(s390_kimd_functions[GHASH].hw_fc, in_data, data_length, iv, key); } static inline unsigned int __compute_j0(const unsigned char *iv, unsigned int iv_length, const unsigned char *subkey_h, unsigned char *j0) { int rc; struct pad_meta iv_pad_meta; unsigned long head_length; unsigned long tail_length; /* iv_length of 12 bytes is recommended */ if (iv_length == GCM_RECOMMENDED_IV_LENGTH) { memcpy(j0, iv, iv_length); memcpy(j0 + iv_length, partial_j, sizeof(partial_j)); return 0; } memset(j0, 0x00, AES_BLOCK_SIZE); memset(iv_pad_meta.pad, 0x00, sizeof(iv_pad_meta.pad)); iv_pad_meta.length_a = (uint64_t)0ul; /* unused for j0 */ iv_pad_meta.length_b = (uint64_t)(iv_length * 8ul); tail_length = iv_length % AES_BLOCK_SIZE; head_length = iv_length - tail_length; if (head_length) { rc = s390_ghash(iv, head_length, subkey_h, j0); if (rc) return rc; } if (tail_length) { memcpy(iv_pad_meta.pad, iv + head_length, tail_length); rc = s390_ghash((unsigned char *)&iv_pad_meta, sizeof(iv_pad_meta), subkey_h, j0); if (rc) return rc; } else { /* no padding necessary, only ghash meta information */ rc = s390_ghash((unsigned char *)&iv_pad_meta.length_a, AES_BLOCK_SIZE, subkey_h, j0); if (rc) return rc; } return 0; } static inline unsigned int s390_gcm_authenticate(const unsigned char *ciphertext, unsigned long text_length, const unsigned char *aad, unsigned long aad_length, const unsigned char *subkey_h, unsigned char *iv) { unsigned int rc; unsigned char aad_pad[AES_BLOCK_SIZE]; unsigned long head_length; unsigned long tail_length; struct pad_meta c_pad_meta; memset(iv, 0x00, AES_BLOCK_SIZE); memset(c_pad_meta.pad, 0x00, sizeof(c_pad_meta.pad)); c_pad_meta.length_a = (uint64_t)(aad_length * 8ul); c_pad_meta.length_b = (uint64_t)(text_length * 8ul); if (aad_length) { tail_length = aad_length % AES_BLOCK_SIZE; head_length = aad_length - tail_length; /* ghash aad head */ if (head_length) { rc = s390_ghash(aad, head_length, subkey_h, iv); if (rc) return rc; } /* ghash aad tail */ if (tail_length) { memset(aad_pad, 0x00, AES_BLOCK_SIZE); memcpy(aad_pad, aad + head_length, tail_length); rc = s390_ghash(aad_pad, AES_BLOCK_SIZE, subkey_h, iv); if (rc) return rc; } } if (text_length) { tail_length = text_length % AES_BLOCK_SIZE; head_length = text_length - tail_length; /* ghash ciphertext head */ if (head_length) { rc = s390_ghash(ciphertext, head_length, subkey_h, iv); if (rc) return rc; } /* ghash ciphertext tail and meta data */ if (tail_length) { memcpy(c_pad_meta.pad, ciphertext + head_length, tail_length); rc = s390_ghash((unsigned char *)&c_pad_meta, sizeof(c_pad_meta), subkey_h, iv); if (rc) return rc; } else { rc = s390_ghash((unsigned char *)&c_pad_meta.length_a, AES_BLOCK_SIZE, subkey_h, iv); if (rc) return rc; } } else { /* ghash meta data only */ rc = s390_ghash((unsigned char *)&c_pad_meta.length_a, AES_BLOCK_SIZE, subkey_h, iv); if (rc) return rc; } return 0; } static inline unsigned int s390_gcm_authenticate_intermediate( const unsigned char *ciphertext, unsigned long text_length, unsigned char *aad, unsigned long aad_length, const unsigned char *subkey_h, unsigned char *iv) { unsigned int rc; unsigned char aad_pad[AES_BLOCK_SIZE]; unsigned long head_length; unsigned long tail_length; struct pad_meta c_pad_meta; memset(c_pad_meta.pad, 0x00, sizeof(c_pad_meta.pad)); if (aad_length) { tail_length = aad_length % AES_BLOCK_SIZE; head_length = aad_length - tail_length; /* ghash aad head */ if (head_length) { rc = s390_ghash(aad, head_length, subkey_h, iv); if (rc) return rc; } /* ghash aad tail */ if (tail_length) { memset(aad_pad, 0x00, AES_BLOCK_SIZE); memcpy(aad_pad, aad + head_length, tail_length); rc = s390_ghash(aad_pad, AES_BLOCK_SIZE, subkey_h, iv); if (rc) return rc; } } if (text_length) { tail_length = text_length % AES_BLOCK_SIZE; head_length = text_length - tail_length; /* ghash ciphertext head */ if (head_length) { rc = s390_ghash(ciphertext, head_length, subkey_h, iv); if (rc) return rc; } /* ghash ciphertext tail and meta data */ if (tail_length) { memcpy(c_pad_meta.pad, ciphertext + head_length, tail_length); rc = s390_ghash((unsigned char *)&c_pad_meta, AES_BLOCK_SIZE, subkey_h, iv); if (rc) return rc; } } return 0; } static inline unsigned int s390_gcm_authenticate_last( unsigned long aad_length, unsigned long ciph_length, const unsigned char *subkey_h, unsigned char *iv) { unsigned int rc; struct pad_meta c_pad_meta; memset(c_pad_meta.pad, 0x00, sizeof(c_pad_meta.pad)); c_pad_meta.length_a = (uint64_t)(aad_length * 8ul); c_pad_meta.length_b = (uint64_t)(ciph_length * 8ul); /* ghash meta data only */ rc = s390_ghash((unsigned char *)&c_pad_meta.length_a, AES_BLOCK_SIZE, subkey_h, iv); if (rc) return rc; return 0; } static inline int s390_gcm(unsigned int function_code, unsigned char *plaintext, unsigned long text_length, unsigned char *ciphertext, const unsigned char *iv, unsigned long iv_length, const unsigned char *aad, unsigned long aad_length, unsigned char *tag, unsigned long tag_length, unsigned char *key) { unsigned char subkey_h[AES_BLOCK_SIZE]; unsigned char j0[AES_BLOCK_SIZE]; unsigned char tmp_ctr[AES_BLOCK_SIZE]; /* temporary tag must be of size cipher block size */ unsigned char tmp_tag[AES_BLOCK_SIZE]; unsigned int rc; if (!msa4_switch) return ENODEV; /* calculate subkey H */ rc = s390_aes_ecb(UNDIRECTED_FC(function_code), AES_BLOCK_SIZE, zero_block, key, subkey_h); if (rc) return rc; /* calculate initial counter, based on iv */ __compute_j0(iv, iv_length, subkey_h, j0); /* prepate initial counter for cipher */ memcpy(tmp_ctr, j0, AES_BLOCK_SIZE); if (!msa8_switch) { /** * simulate aes-gcm with aes-ctr and ghash. */ __inc_aes_ctr((struct uint128 *)tmp_ctr, GCM_CTR_WIDTH); if (function_code % 2) { /* mac */ rc = s390_gcm_authenticate(ciphertext, text_length, aad, aad_length, subkey_h, tmp_tag); if (rc) return rc; /* decrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), ciphertext, plaintext, text_length, key, tmp_ctr, GCM_CTR_WIDTH); if (rc) return rc; } else { /* encrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), plaintext, ciphertext, text_length, key, tmp_ctr, GCM_CTR_WIDTH); if (rc) return rc; /* mac */ rc = s390_gcm_authenticate(ciphertext, text_length, aad, aad_length, subkey_h, tmp_tag); if (rc) return rc; } /* encrypt tag */ return s390_aes_ctr(UNDIRECTED_FC(function_code), tmp_tag, tag, tag_length, key, j0, GCM_CTR_WIDTH); } else { /** * use the aes-gcm support via CPACF. */ if (function_code % 2) { /* decrypt */ rc = s390_aes_gcm(function_code, ciphertext, plaintext, text_length, key, j0, tmp_ctr, aad, aad_length, subkey_h, tag, 1, 1); } else { /* encrypt */ memset(tmp_tag, 0, AES_BLOCK_SIZE); rc = s390_aes_gcm(function_code, plaintext, ciphertext, text_length, key, j0, tmp_ctr, aad, aad_length, subkey_h, tmp_tag, 1, 1); memcpy(tag, tmp_tag, tag_length); } return rc; } } static inline int s390_gcm_initialize(unsigned int function_code, const unsigned char *iv, unsigned long iv_length, unsigned char *key, unsigned char *icb, unsigned char *ucb, unsigned char *subkey) { int rc; if (!icb || !ucb) return -EINVAL; /* calculate subkey H */ rc = s390_aes_ecb(UNDIRECTED_FC(function_code), AES_BLOCK_SIZE, zero_block, key, subkey); if (rc) return rc; /* calculate initial counter, based on iv */ __compute_j0(iv, iv_length, subkey, icb); /* prepare usage counter for cipher */ memcpy(ucb, icb, AES_BLOCK_SIZE); if (!msa8_switch) // KMA increases the ctr internally __inc_aes_ctr((struct uint128 *)ucb, GCM_CTR_WIDTH); return 0; } static inline void inc_ctr(unsigned char* ctr) { unsigned int* cv; cv = (unsigned int*)&ctr[12]; *cv = *cv + 1; } /** * processes the last partial plaintext/ciphertext (< 16 bytes) and calculates * the last intermediate tag using the old code path. This is not possible with * KMA, because KMA cannot process partial blocks before s390_gcm_last. */ static inline int s390_gcm_last_intermediate(unsigned int function_code, unsigned char *plaintext, unsigned long text_length, unsigned char *ciphertext, unsigned char *ctr, unsigned char *aad, unsigned long aad_length, unsigned char *tag, unsigned char *key, unsigned char *subkey) { unsigned int rc; unsigned char tmp_ctr[16]; /* * The old code needs ctr +1. * We copy ctr, to not destroy the original ctr. */ memcpy(tmp_ctr, ctr, sizeof(tmp_ctr)); inc_ctr(tmp_ctr); if (function_code % 2) { /* mac */ rc = s390_gcm_authenticate_intermediate(ciphertext, text_length, aad, aad_length, subkey, tag); if (rc) return rc; /* decrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), ciphertext, plaintext, text_length, key, tmp_ctr, GCM_CTR_WIDTH); if (rc) return rc; } else { /* encrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), plaintext, ciphertext, text_length, key, tmp_ctr, GCM_CTR_WIDTH); if (rc) return rc; /* mac */ rc = s390_gcm_authenticate_intermediate(ciphertext, text_length, aad, aad_length, subkey, tag); if (rc) return rc; } return 0; } static inline int s390_gcm_intermediate(unsigned int function_code, unsigned char *plaintext, unsigned long text_length, unsigned char *ciphertext, unsigned char *ctr, unsigned char *aad, unsigned long aad_length, unsigned char *tag, unsigned char *key, unsigned char *subkey) { unsigned long bulk; unsigned int rc, laad; unsigned char *in, *out; if (!msa4_switch) return ENODEV; if (!msa8_switch) { if (function_code % 2) { /* mac */ rc = s390_gcm_authenticate_intermediate(ciphertext, text_length, aad, aad_length, subkey, tag); if (rc) return rc; /* decrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), ciphertext, plaintext, text_length, key, ctr, GCM_CTR_WIDTH); if (rc) return rc; } else { /* encrypt */ rc = s390_aes_ctr(UNDIRECTED_FC(function_code), plaintext, ciphertext, text_length, key, ctr, GCM_CTR_WIDTH); if (rc) return rc; /* mac */ rc = s390_gcm_authenticate_intermediate(ciphertext, text_length, aad, aad_length, subkey, tag); if (rc) return rc; } } else { if ((text_length > 0) || (aad_length % AES_BLOCK_SIZE)) laad = 1; else laad = 0; bulk = (text_length / AES_BLOCK_SIZE) * AES_BLOCK_SIZE; text_length %= AES_BLOCK_SIZE; if (bulk || aad_length) { in = (function_code % 2) ? ciphertext : plaintext; out = (function_code % 2) ? plaintext : ciphertext; rc = s390_aes_gcm(function_code, in, out, bulk, key, NULL, ctr, aad, aad_length, subkey, tag, laad, 0); if (rc) return rc; } if (text_length) { rc = s390_gcm_last_intermediate(function_code, plaintext + bulk, text_length, ciphertext + bulk, ctr, NULL, 0, tag, key, subkey); if (rc) return rc; } } return 0; } static inline int s390_gcm_last(unsigned int function_code, unsigned char *icb, unsigned long aad_length, unsigned long ciph_length, unsigned char *tag, unsigned long tag_length, unsigned char *key, unsigned char *subkey) { unsigned char tmp_tag[AES_BLOCK_SIZE]; unsigned char tmp_icb[AES_BLOCK_SIZE]; int rc; /* dont modify icb buffer */ memcpy(tmp_icb, icb, sizeof(tmp_icb)); if (!msa8_switch) { /* generate authentication tag */ memcpy(tmp_tag, tag, tag_length); rc = s390_gcm_authenticate_last(aad_length, ciph_length, subkey, tmp_tag); if (rc) return rc; /* encrypt tag */ return s390_aes_ctr(UNDIRECTED_FC(function_code), tmp_tag, tag, tag_length, key, tmp_icb, GCM_CTR_WIDTH); } else { return s390_aes_gcm(function_code, NULL, NULL, ciph_length, key, tmp_icb, NULL, NULL, aad_length, subkey, tag, 1, 1); } } static inline int is_valid_aes_key_length(unsigned int key_length) { switch (key_length) { case 16: case 24: case 32: return 1; default: return 0; } } static inline int is_valid_direction(unsigned int direction) { switch (direction) { case ICA_ENCRYPT: case ICA_DECRYPT: return 1; default: return 0; } } static inline int is_valid_tag_length(unsigned int tag_length) { switch (tag_length) { case 4: case 8: case 12: case 13: case 14: case 15: case 16: return 1; default: return 0; } } static inline int s390_aes_gcm_simulate_kma_intermediate(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *aad, unsigned long aad_length, kma_ctx* ctx) { int rc; unsigned int function_code = aes_directed_fc(ctx->key_length, ctx->direction); /* Add one to first counter value for MSA 4 code path. */ if (!ctx->first_time) { memcpy(&(ctx->ucb), ctx->j0, AES_BLOCK_SIZE); inc_ctr(ctx->ucb); ctx->first_time = 1; } if (ctx->direction == ICA_ENCRYPT) { rc = s390_gcm_intermediate(function_code, (unsigned char*)in_data, data_length, out_data, (unsigned char*)&(ctx->ucb), (unsigned char*)aad, aad_length, ctx->tag, (unsigned char*)ctx->key, (unsigned char*)ctx->subkey_h); } else { rc = s390_gcm_intermediate(function_code, out_data, data_length, (unsigned char*)in_data, (unsigned char*)&(ctx->ucb), (unsigned char*)aad, aad_length, ctx->tag, (unsigned char*)ctx->key, (unsigned char*)ctx->subkey_h); } if (rc) return rc; ctx->total_aad_length += aad_length; ctx->total_input_length += data_length; return 0; } static inline int s390_aes_gcm_simulate_kma_full(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *aad, unsigned long aad_length, kma_ctx* ctx) { unsigned int function_code = aes_directed_fc(ctx->key_length, ctx->direction); if (ctx->direction == ICA_ENCRYPT) { return s390_gcm(function_code, (unsigned char*)in_data, data_length, out_data, ctx->iv, ctx->iv_length, aad, aad_length, ctx->tag, AES_BLOCK_SIZE, ctx->key); } else { return s390_gcm(function_code, out_data, data_length, (unsigned char*)in_data, ctx->iv, ctx->iv_length, aad, aad_length, ctx->tag, AES_BLOCK_SIZE, ctx->key); } } static inline int s390_aes_gcm_kma(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *aad, unsigned long aad_length, unsigned int end_of_aad, unsigned int end_of_data, kma_ctx* ctx) { unsigned int function_code = aes_directed_fc(ctx->key_length, ctx->direction); unsigned int hw_fc = 0; int rc; /* Set hardware function code */ if (*s390_kma_functions[function_code].enabled) { hw_fc = s390_kma_functions[function_code].hw_fc; if (ctx->subkey_provided) hw_fc = hw_fc | HS_FLAG; if (end_of_aad) hw_fc = hw_fc | LAAD_FLAG; if (end_of_data) hw_fc = hw_fc | LPC_FLAG; } else { return ENODEV; } if (!aad) aad_length = 0; if (!in_data || !out_data) data_length = 0; /* Actual lengths needed by KMA */ ctx->total_aad_length += aad_length*8; ctx->total_input_length += data_length*8; /* Call KMA */ rc = s390_kma(hw_fc, ctx, out_data, in_data, data_length, aad, aad_length); if (rc >= 0) { ctx->subkey_provided = 1; if (ctx->direction) stats_increment(ICA_STATS_AES_GCM_128 + aes_directed_fc_stats_ofs(function_code), ALGO_HW, ENCRYPT); else stats_increment(ICA_STATS_AES_GCM_128 + aes_directed_fc_stats_ofs(function_code), ALGO_HW, DECRYPT); return 0; } else return EIO; } #endif libica-4.0.1/src/include/s390_prng.h000066400000000000000000000007011417716165400170600ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * * Copyright IBM Corp. 2009 */ #ifndef S390_PRNG_H #define S390_PRNG_H int s390_prng_init(void); int s390_prng(unsigned char *output_data, unsigned int output_length); #endif libica-4.0.1/src/include/s390_rsa.h000066400000000000000000000030451417716165400167030ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * * Copyright IBM Corp. 2009, 2011 */ #ifndef S390_RSA_H #define S390_RSA_H #include #include #include "ica_api.h" typedef struct ica_rsa_modexpo ica_rsa_modexpo_t; typedef struct ica_rsa_modexpo_crt ica_rsa_modexpo_crt_t; typedef struct ica_rsa_modexpo ica_rsa_modmult_t; unsigned int rsa_key_generate_mod_expo(ica_adapter_handle_t deviceHandle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_mod_expo_t *private_key); unsigned int ica_rsa_key_generate_crt(ica_adapter_handle_t device_handle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_crt_t *private_key); unsigned int rsa_key_generate_mod_expo(ica_adapter_handle_t deviceHandle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_mod_expo_t *private_key); unsigned int rsa_key_generate_crt(ica_adapter_handle_t deviceHandle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_crt_t *private_key); unsigned int rsa_crt_sw(ica_rsa_modexpo_crt_t * pCrt); unsigned int rsa_mod_mult_sw(ica_rsa_modmult_t * pMul); unsigned int rsa_mod_expo_sw(ica_rsa_modexpo_t *pMex); #endif libica-4.0.1/src/include/s390_sha.h000066400000000000000000000267241417716165400167020ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * * Copyright IBM Corp. 2009 */ #ifndef S390_SHA_H #define S390_SHA_H static unsigned char SHA_1_DEFAULT_IV[] = { 0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89, 0x98, 0xba, 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76, 0xc3, 0xd2, 0xe1, 0xf0 }; static unsigned char SHA_224_DEFAULT_IV[] = { 0xc1, 0x05, 0x9e, 0xd8, 0x36, 0x7c, 0xd5, 0x07, 0x30, 0x70, 0xdd, 0x17, 0xf7, 0x0e, 0x59, 0x39, 0xff, 0xc0, 0x0b, 0x31, 0x68, 0x58, 0x15, 0x11, 0x64, 0xf9, 0x8f, 0xa7, 0xbe, 0xfa, 0x4f, 0xa4 }; static unsigned char SHA_256_DEFAULT_IV[] = { 0x6a, 0x09, 0xe6, 0x67, 0xbb, 0x67, 0xae, 0x85, 0x3c, 0x6e, 0xf3, 0x72, 0xa5, 0x4f, 0xf5, 0x3a, 0x51, 0x0e, 0x52, 0x7f, 0x9b, 0x05, 0x68, 0x8c, 0x1f, 0x83, 0xd9, 0xab, 0x5b, 0xe0, 0xcd, 0x19 }; static unsigned char SHA_384_DEFAULT_IV[] = { 0xcb, 0xbb, 0x9d, 0x5d, 0xc1, 0x05, 0x9e, 0xd8, 0x62, 0x9a, 0x29, 0x2a, 0x36, 0x7c, 0xd5, 0x07, 0x91, 0x59, 0x01, 0x5a, 0x30, 0x70, 0xdd, 0x17, 0x15, 0x2f, 0xec, 0xd8, 0xf7, 0x0e, 0x59, 0x39, 0x67, 0x33, 0x26, 0x67, 0xff, 0xc0, 0x0b, 0x31, 0x8e, 0xb4, 0x4a, 0x87, 0x68, 0x58, 0x15, 0x11, 0xdb, 0x0c, 0x2e, 0x0d, 0x64, 0xf9, 0x8f, 0xa7, 0x47, 0xb5, 0x48, 0x1d, 0xbe, 0xfa, 0x4f, 0xa4 }; static unsigned char SHA_512_DEFAULT_IV[] = { 0x6a, 0x09, 0xe6, 0x67, 0xf3, 0xbc, 0xc9, 0x08, 0xbb, 0x67, 0xae, 0x85, 0x84, 0xca, 0xa7, 0x3b, 0x3c, 0x6e, 0xf3, 0x72, 0xfe, 0x94, 0xf8, 0x2b, 0xa5, 0x4f, 0xf5, 0x3a, 0x5f, 0x1d, 0x36, 0xf1, 0x51, 0x0e, 0x52, 0x7f, 0xad, 0xe6, 0x82, 0xd1, 0x9b, 0x05, 0x68, 0x8c, 0x2b, 0x3e, 0x6c, 0x1f, 0x1f, 0x83, 0xd9, 0xab, 0xfb, 0x41, 0xbd, 0x6b, 0x5b, 0xe0, 0xcd, 0x19, 0x13, 0x7e, 0x21, 0x79 }; static unsigned char SHA_512_224_DEFAULT_IV[] = { 0x8C, 0x3D, 0x37, 0xC8, 0x19, 0x54, 0x4D, 0xA2, 0x73, 0xE1, 0x99, 0x66, 0x89, 0xDC, 0xD4, 0xD6, 0x1D, 0xFA, 0xB7, 0xAE, 0x32, 0xFF, 0x9C, 0x82, 0x67, 0x9D, 0xD5, 0x14, 0x58, 0x2F, 0x9F, 0xCF, 0x0F, 0x6D, 0x2B, 0x69, 0x7B, 0xD4, 0x4D, 0xA8, 0x77, 0xE3, 0x6F, 0x73, 0x04, 0xC4, 0x89, 0x42, 0x3F, 0x9D, 0x85, 0xA8, 0x6A, 0x1D, 0x36, 0xC8, 0x11, 0x12, 0xE6, 0xAD, 0x91, 0xD6, 0x92, 0xA1 }; static unsigned char SHA_512_256_DEFAULT_IV[] = { 0x22, 0x31, 0x21, 0x94, 0xFC, 0x2B, 0xF7, 0x2C, 0x9F, 0x55, 0x5F, 0xA3, 0xC8, 0x4C, 0x64, 0xC2, 0x23, 0x93, 0xB8, 0x6B, 0x6F, 0x53, 0xB1, 0x51, 0x96, 0x38, 0x77, 0x19, 0x59, 0x40, 0xEA, 0xBD, 0x96, 0x28, 0x3E, 0xE2, 0xA8, 0x8E, 0xFF, 0xE3, 0xBE, 0x5E, 0x1E, 0x25, 0x53, 0x86, 0x39, 0x92, 0x2B, 0x01, 0x99, 0xFC, 0x2C, 0x85, 0xB8, 0xAA, 0x0E, 0xB7, 0x2D, 0xDC, 0x81, 0xC5, 0x2C, 0xA2 }; static unsigned char SHA_3_DEFAULT_IV[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; typedef struct { unsigned int hw_function_code; unsigned int hash_length; unsigned int vector_length; unsigned int block_length; unsigned char *default_iv; } SHA_CONSTANTS; static const SHA_CONSTANTS sha_constants[] = { {S390_CRYPTO_SHA_1, 20, 20, 64, SHA_1_DEFAULT_IV}, {S390_CRYPTO_SHA_256, 28, 32, 64, SHA_224_DEFAULT_IV}, {S390_CRYPTO_SHA_256, 32, 32, 64, SHA_256_DEFAULT_IV}, {S390_CRYPTO_SHA_512, 48, 64, 128, SHA_384_DEFAULT_IV}, {S390_CRYPTO_SHA_512, 64, 64, 128, SHA_512_DEFAULT_IV}, {S390_CRYPTO_SHA_3_224, 28, 200, 144, SHA_3_DEFAULT_IV}, {S390_CRYPTO_SHA_3_256, 32, 200, 136, SHA_3_DEFAULT_IV}, {S390_CRYPTO_SHA_3_384, 48, 200, 104, SHA_3_DEFAULT_IV}, {S390_CRYPTO_SHA_3_512, 64, 200, 72, SHA_3_DEFAULT_IV}, {S390_CRYPTO_SHAKE_128, 0, 200, 168, SHA_3_DEFAULT_IV}, {S390_CRYPTO_SHAKE_256, 0, 200, 136, SHA_3_DEFAULT_IV}, { 0, 0, 0, 0, NULL }, /* Dummy line for GHASH */ {S390_CRYPTO_SHA_512, 28, 64, 128, SHA_512_224_DEFAULT_IV}, {S390_CRYPTO_SHA_512, 32, 64, 128, SHA_512_256_DEFAULT_IV}, }; int s390_sha1(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length); int s390_sha224(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length); int s390_sha256(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length); int s390_sha384(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_sha512(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_sha512_224(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_sha512_256(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_sha3_224(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length); int s390_sha3_256(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length); int s390_sha3_384(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_sha3_512(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_shake_128(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int output_length, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_shake_256(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int output_length, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi); int s390_shake_hw(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int output_length, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi, kimd_functions_t sha_function); static inline int is_shake(unsigned int n) { return (n >= SHAKE_128 && n <= SHAKE_256 ? 1 : 0); } static inline int is_sha3(unsigned int n) { return (n >= SHA_3_224 && n <= SHA_3_512 ? 1 : 0); } static inline int s390_sha_hw(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int output_length, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi, kimd_functions_t sha_function) { int rc = 0; uint64_t sum_lo = 0, sum_hi = 0; unsigned long remnant = 0; int complete_blocks_length = 0; unsigned char *default_iv = sha_constants[sha_function].default_iv; unsigned int hash_length = output_length; unsigned int vector_length = sha_constants[sha_function].vector_length; unsigned int hw_function_code = sha_constants[sha_function].hw_function_code; /* A internal buffer for the SHA hash and stream bit length. For SHA3/SHAKE * this can be at most 200 bytes for the parmblock plus 16 bytes for the * stream length. */ unsigned char shabuff[200+16]; if (input_length) { remnant = input_length % sha_constants[sha_function].block_length; complete_blocks_length = input_length - remnant; } if (message_part == SHA_MSG_PART_ONLY || message_part == SHA_MSG_PART_FIRST) { memcpy(shabuff, default_iv, vector_length); *running_length_lo = 0; if (running_length_hi) *running_length_hi = 0; } else memcpy(shabuff, (void *)iv, vector_length); sum_lo = *running_length_lo; if(running_length_hi) sum_hi = *running_length_hi; if ((message_part == SHA_MSG_PART_FIRST || message_part == SHA_MSG_PART_MIDDLE) && (remnant != 0)) return EINVAL; if (complete_blocks_length) { if (is_shake(sha_function)) rc = s390_kimd_shake(hw_function_code, shabuff, output_data, output_length, input_data, complete_blocks_length); else rc = s390_kimd(hw_function_code, shabuff, input_data, complete_blocks_length); if (rc > 0) { /* Check for overflow in sum_lo */ sum_lo += rc; if (sum_lo < *running_length_lo || sum_lo < (uint64_t)rc) sum_hi += 1; rc = 0; } } if (rc == 0 && (message_part == SHA_MSG_PART_ONLY || message_part == SHA_MSG_PART_FINAL)) { sum_lo += (uint64_t)remnant; if(sum_lo < remnant) sum_hi += 1; if(running_length_hi){ sum_hi = (sum_hi << 3) + (sum_lo >> (64 - 3)); sum_lo = sum_lo << 3; memcpy(shabuff + vector_length, (unsigned char *)&sum_hi, sizeof(sum_hi)); memcpy(shabuff + vector_length + sizeof(sum_hi), (unsigned char *)&sum_lo, sizeof(sum_lo)); } else { sum_lo = sum_lo << 3; memcpy(shabuff + vector_length, (unsigned char *)&sum_lo, sizeof(sum_lo)); } if (is_shake(sha_function)) rc = s390_klmd_shake(hw_function_code, shabuff, output_data, output_length, input_data + complete_blocks_length, remnant); else rc = s390_klmd(hw_function_code, shabuff, input_data + complete_blocks_length, remnant); if (rc > 0) rc = 0; } if (rc == 0) { /** * Here we copy the correct final hash to the caller provided buffer. * But not for SHAKE. In this case s390_klmd_shake already copied the output * (that may be longer than shabuff!) directly to output_data. */ if (!is_shake(sha_function)) memcpy((void *)output_data, shabuff, hash_length); if (message_part != SHA_MSG_PART_FINAL && message_part != SHA_MSG_PART_ONLY) { memcpy((void *)iv, shabuff, vector_length); *running_length_lo = sum_lo; if(running_length_hi) *running_length_hi = sum_hi; } } if (rc < 0) return EIO; return rc; } #endif libica-4.0.1/src/include/test_vec.h000066400000000000000000000203771417716165400171630ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Copyright IBM Corp. 2015 */ #ifndef TEST_VEC_H #define TEST_VEC_H #include #include #include "s390_ecc.h" #define AES128_KEYLEN (128 / 8) #define AES192_KEYLEN (192 / 8) #define AES256_KEYLEN (256 / 8) #define DES3_KEYLEN (192 / 8) #define AES_BLKSIZE (128 / 8) #define DES3_BLKSIZE ( 64 / 8) struct aes_ecb_tv { size_t keylen; size_t len; unsigned char *key; unsigned char *plaintext; unsigned char *ciphertext; }; struct aes_cbc_tv { size_t keylen; size_t len; unsigned char *key; unsigned char iv[AES_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct aes_cbc_cs_tv { size_t keylen; size_t len; unsigned char *key; unsigned char iv[AES_BLKSIZE]; unsigned char iv_out[AES_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; int variant; }; struct aes_cfb_tv { size_t keylen; size_t len; int lcfb; unsigned char *key; unsigned char iv[AES_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct aes_ofb_tv { size_t keylen; size_t len; unsigned char *key; unsigned char iv[AES_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct aes_ctr_tv { size_t keylen; size_t len; unsigned char *key; unsigned char ctr[AES_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct aes_ccm_tv { size_t keylen; size_t noncelen; size_t adatalen; size_t payloadlen; size_t taglen; unsigned char *key; unsigned char *nonce; unsigned char *adata; unsigned char *payload; unsigned char *ciphertext; unsigned int rv; }; struct aes_gcm_tv { size_t keylen; size_t ivlen; size_t len; size_t aadlen; size_t taglen; unsigned char *key; unsigned char *iv; unsigned char *plaintext; unsigned char *aad; unsigned char *tag; unsigned char *ciphertext; unsigned int rv; }; struct aes_xts_tv { size_t len; size_t keylen; unsigned char *key1; unsigned char *key2; unsigned char tweak[16]; unsigned char *plaintext; unsigned char *ciphertext; }; struct aes_cmac_tv { size_t keylen; size_t msglen; size_t maclen; unsigned char *key; unsigned char *msg; unsigned char *mac; unsigned int rv; }; struct des3_ecb_tv { size_t len; unsigned char key[DES3_KEYLEN]; unsigned char *plaintext; unsigned char *ciphertext; }; struct des3_cbc_tv { size_t len; unsigned char key[DES3_KEYLEN]; unsigned char iv[DES3_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct des3_cbc_cs_tv { size_t len; unsigned char key[DES3_KEYLEN]; unsigned char iv[DES3_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; int variant; }; struct des3_cfb_tv { size_t len; int lcfb; unsigned char key[DES3_KEYLEN]; unsigned char iv[DES3_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct des3_ofb_tv { size_t len; unsigned char key[DES3_KEYLEN]; unsigned char iv[DES3_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct des3_ctr_tv { size_t len; unsigned char key[DES3_KEYLEN]; unsigned char ctr[DES3_BLKSIZE]; unsigned char *plaintext; unsigned char *ciphertext; }; struct des3_cmac_tv { size_t msglen; size_t maclen; unsigned char key[DES3_KEYLEN]; unsigned char *msg; unsigned char *mac; unsigned int rv; }; struct rsa_tv { unsigned char *n; unsigned char *p; unsigned char *dp; unsigned char *q; unsigned char *dq; unsigned char *qinv; unsigned char *e; unsigned char *d; unsigned char *plaintext; unsigned char *ciphertext; int mod; }; struct sha_tv { size_t msg_len; unsigned char *msg; unsigned char *md; }; struct drbg_sha512_tv { bool no_reseed; bool pr; size_t entropy_len; size_t nonce_len; size_t pers_len; size_t add_len; size_t prnd_len; struct{ unsigned char *entropy; unsigned char *nonce; unsigned char *pers; unsigned char *v; unsigned char *c; unsigned int reseed_ctr; } inst; struct { unsigned char *entropy; unsigned char *add; unsigned char *v; unsigned char *c; unsigned int reseed_ctr; } res, gen1, gen2; unsigned char *prnd; }; struct ecdsa_tv { /* sign inputs */ const ICA_EC_KEY *key; int hash; unsigned char *msg; /* should be qualified const, but sha api lacks const ... */ size_t msglen; const unsigned char *k; /* sign expected outputs */ const unsigned char *r; const unsigned char *s; size_t siglen; }; struct scalar_mul_tv { /* scalar mul inputs */ int curve_nid; size_t len; const unsigned char *scalar; /* scalar mul outputs */ const unsigned char *x; const unsigned char *y; }; struct scalar_mulx_tv { /* scalar mul inputs */ int curve_nid; size_t len; const unsigned char *scalar; const unsigned char *u; /* scalar mul outputs */ const unsigned char *res_u; }; struct scalar_mulx_it_tv { /* scalar mul inputs */ int curve_nid; size_t len; const unsigned char *scalar_u; /* scalar mul outputs */ const unsigned char *res_u_it1; const unsigned char *res_u_it1000; const unsigned char *res_u_it1000000; }; struct scalar_mulx_kex_tv { /* scalar mul inputs */ int curve_nid; size_t len; const unsigned char *a_priv; const unsigned char *b_priv; /* scalar mul outputs */ const unsigned char *a_pub; const unsigned char *b_pub; const unsigned char *shared_secret; }; #ifdef ICA_FIPS extern const struct aes_ecb_tv AES_ECB_TV[]; extern const size_t AES_ECB_TV_LEN; extern const struct aes_cbc_tv AES_CBC_TV[]; extern const size_t AES_CBC_TV_LEN; extern const struct aes_cbc_cs_tv AES_CBC_CS_TV[]; extern const size_t AES_CBC_CS_TV_LEN; extern const struct aes_cfb_tv AES_CFB_TV[]; extern const size_t AES_CFB_TV_LEN; extern const struct aes_ofb_tv AES_OFB_TV[]; extern const size_t AES_OFB_TV_LEN; extern const struct aes_ctr_tv AES_CTR_TV[]; extern const size_t AES_CTR_TV_LEN; extern const struct aes_ccm_tv AES_CCM_TV[]; extern const size_t AES_CCM_TV_LEN; extern const struct aes_gcm_tv AES_GCM_TV[]; extern const size_t AES_GCM_TV_LEN; extern const struct aes_xts_tv AES_XTS_TV[]; extern const size_t AES_XTS_TV_LEN; extern const struct aes_cmac_tv AES_CMAC_TV[]; extern const size_t AES_CMAC_TV_LEN; extern const struct des3_ecb_tv DES3_ECB_TV[]; extern const size_t DES3_ECB_TV_LEN; extern const struct des3_cbc_tv DES3_CBC_TV[]; extern const size_t DES3_CBC_TV_LEN; extern const struct des3_cbc_cs_tv DES3_CBC_CS_TV[]; extern const size_t DES3_CBC_CS_TV_LEN; extern const struct des3_cfb_tv DES3_CFB_TV[]; extern const size_t DES3_CFB_TV_LEN; extern const struct des3_ofb_tv DES3_OFB_TV[]; extern const size_t DES3_OFB_TV_LEN; extern const struct des3_ctr_tv DES3_CTR_TV[]; extern const size_t DES3_CTR_TV_LEN; extern const struct des3_cmac_tv DES3_CMAC_TV[]; extern const size_t DES3_CMAC_TV_LEN; extern const struct rsa_tv RSA_TV[]; extern const size_t RSA_TV_LEN; extern const struct sha_tv SHA1_TV[]; extern const size_t SHA1_TV_LEN; extern const struct sha_tv SHA224_TV[]; extern const size_t SHA224_TV_LEN; extern const struct sha_tv SHA256_TV[]; extern const size_t SHA256_TV_LEN; extern const struct sha_tv SHA384_TV[]; extern const size_t SHA384_TV_LEN; extern const struct sha_tv SHA512_TV[]; extern const size_t SHA512_TV_LEN; extern const struct sha_tv SHA3_224_TV[]; extern const size_t SHA3_224_TV_LEN; extern const struct sha_tv SHA3_256_TV[]; extern const size_t SHA3_256_TV_LEN; extern const struct sha_tv SHA3_384_TV[]; extern const size_t SHA3_384_TV_LEN; extern const struct sha_tv SHA3_512_TV[]; extern const size_t SHA3_512_TV_LEN; #endif /* ICA_FIPS */ #ifdef ICA_INTERNAL_TEST_EC extern const struct ecdsa_tv ECDSA_TV[]; extern const size_t ECDSA_TV_LEN; extern const struct scalar_mul_tv SCALAR_MUL_TV[]; extern const size_t SCALAR_MUL_TV_LEN; extern const struct scalar_mulx_tv SCALAR_MULX_TV[]; extern const size_t SCALAR_MULX_TV_LEN; extern const struct scalar_mulx_it_tv SCALAR_MULX_IT_TV[]; extern const size_t SCALAR_MULX_IT_TV_LEN; extern const struct scalar_mulx_kex_tv SCALAR_MULX_KEX_TV[]; extern const size_t SCALAR_MULX_KEX_TV_LEN; extern const unsigned char *deterministic_rng_output; void deterministic_rng(unsigned char *buf, size_t buflen); #endif /* ICA_INTERNAL_TEST_EC */ extern const struct drbg_sha512_tv DRBG_SHA512_TV[]; extern const size_t DRBG_SHA512_TV_LEN; #endif /* TEST_VEC_H */ libica-4.0.1/src/init.c000066400000000000000000000071711417716165400146570ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * Ingo Tuchscherer * * Copyright IBM Corp. 2001, 2009, 2011 */ #include #include #include #include #include #include #include #include #include "init.h" #include "fips.h" #include "icastats.h" #include "s390_prng.h" #include "s390_crypto.h" #include "ica_api.h" #include "rng.h" #if OPENSSL_VERSION_PREREQ(3, 0) #include #include OSSL_LIB_CTX *openssl_libctx; OSSL_PROVIDER *openssl_provider; int openssl3_initialized = 0; #endif static sigjmp_buf sigill_jmp; static void sigill_handler(int sig) { siglongjmp(sigill_jmp, sig); } int begin_sigill_section(struct sigaction *oldact, sigset_t *oldset) { struct sigaction newact; memset(&newact, 0, sizeof(newact)); newact.sa_handler = sigill_handler; sigfillset(&newact.sa_mask); sigdelset(&newact.sa_mask, SIGILL); sigdelset(&newact.sa_mask, SIGTRAP); sigprocmask(SIG_SETMASK, &newact.sa_mask, oldset); sigaction(SIGILL, &newact, oldact); return sigsetjmp(sigill_jmp, 1); } void end_sigill_section(struct sigaction *oldact, sigset_t *oldset) { sigaction(SIGILL, oldact, NULL); sigprocmask(SIG_SETMASK, oldset, NULL); } void __attribute__ ((constructor)) icainit(void) { int value; const char *ptr; /* some init stuff but only when application is NOT icastats */ if (!strcmp(program_invocation_name, "icastats")) return; if(stats_mmap(-1) == -1){ syslog(LOG_INFO, "Failed to access shared memory segment for libica statistics."); } /* * Switches have to be done first. Otherwise we will not have * hw support in initialization. */ s390_crypto_switches_init(); /* check for fallback mode environment variable */ ptr = getenv(ICA_FALLBACK_ENV); if (ptr && sscanf(ptr, "%i", &value) == 1) ica_set_fallback_mode(value); /* check for offload mode environment variable */ ptr = getenv(ICA_OFFLOAD_ENV); if (ptr && sscanf(ptr, "%i", &value) == 1) ica_set_offload_mode(value); /* check for stats mode environment variable */ ptr = getenv(ICA_STATS_ENV); if (ptr && sscanf(ptr, "%i", &value) == 1) ica_set_stats_mode(value); #if OPENSSL_VERSION_PREREQ(3, 0) /* * OpenSSL >= 3.0: * Create a separate library context for libica's use of OpenSSL services * and explicitly load the 'default' or 'fips' provider for this context. */ openssl_libctx = OSSL_LIB_CTX_new(); if (openssl_libctx == NULL) { syslog(LOG_ERR, "Libica: failed to create openssl lib context\n"); return; } #endif #ifdef ICA_FIPS fips_init(); fips_powerup_tests(); #else #if OPENSSL_VERSION_PREREQ(3, 0) openssl_provider = OSSL_PROVIDER_load(openssl_libctx, "default"); if (openssl_provider == NULL) { syslog(LOG_ERR, "Libica: failed to load default provider\n"); return; } #endif /* The fips_powerup_tests() include the ica_drbg_health_test(). */ ica_drbg_health_test(ica_drbg_generate, 256, true, ICA_DRBG_SHA512); #endif /* ICA_FIPS */ rng_init(); s390_prng_init(); s390_initialize_functionlist(); #if OPENSSL_VERSION_PREREQ(3, 0) openssl3_initialized = 1; #endif } void __attribute__ ((destructor)) icaexit(void) { rng_fini(); stats_munmap(SHM_CLOSE); #if OPENSSL_VERSION_PREREQ(3, 0) if (openssl_provider != NULL) OSSL_PROVIDER_unload(openssl_provider); if (openssl_libctx != NULL) OSSL_LIB_CTX_free(openssl_libctx); #endif } libica-4.0.1/src/mp.pl000077500000000000000000000362331417716165400145250ustar00rootroot00000000000000#! /usr/bin/env perl # This program is released under the Common Public License V1.0 # # You should have received a copy of Common Public License V1.0 along with # with this program. # # Author(s): Patrick Steuer # # Copyright IBM Corp. 2018 use strict; use FindBin qw($Bin); use lib "$Bin"; use perlasm::s390x qw(:DEFAULT :VX :VXE :VXD AUTOLOAD LABEL VERBATIM); my $zero="%r0"; my $sp="%r15"; PERLASM_BEGIN($ARGV[0]); TEXT (); # int ica_mp_mul512(uint64_t *r, const uint64_t *a, const uint64_t *b); { my @A=map("%v$_",(0..4)); my @B=map("%v$_",(5..7,16,17)); my @t=map("%v$_",(18..30)); my $vzero="%v31"; my ($r,$a,$b)=map("%r$_",(2..4)); GLOBL ("ica_mp_mul512"); TYPE ("ica_mp_mul512","\@function"); ALIGN (16); LABEL ("ica_mp_mul512"); larl ("%r1","facility_bits"); lg ("%r0","16(%r1)"); tmhh ("%r0",0x300); # check for vector enhancement jz (".Lmul512_novx"); # and packed decimal facilities VERBATIM("#if !defined(__s390x__) && !defined(__s390x)\n"); std ("%f4","16*4+2*8($sp)"); std ("%f6","16*4+3*8($sp)"); VERBATIM("#endif\n"); larl ("%r1",".Lconst"); vzero ($vzero); vlm (@t[0],@t[3],"0($b)"); vlm (@t[4],@t[8],"0(%r1)"); vgbm (@t[9],0x7f7f); # load b (base 2^64 -> base 2^56) vperm (@B[0],@t[0],$vzero,@t[4]); # B1B0 vperm (@B[1],@t[1],@t[0],@t[5]); # B3B2 vperm (@B[2],@t[2],@t[1],@t[6]); # B5B4 vperm (@B[3],@t[3],@t[2],@t[7]); # B7B6 vperm (@B[4],$vzero,@t[3],@t[8]); # B9B8 vn (@B[1],@B[1],@t[9]); vn (@B[2],@B[2],@t[9]); vn (@B[3],@B[3],@t[9]); vlm (@t[0],@t[3],"0($a)"); vpdi (@t[4],@t[4],@t[4],4); vpdi (@t[5],@t[5],@t[5],4); vpdi (@t[6],@t[6],@t[6],4); vpdi (@t[7],@t[7],@t[7],4); vpdi (@t[8],@t[8],@t[8],4); # load a (base 2^64 -> base 2^56) vperm (@A[0],@t[0],$vzero,@t[4]); # A0A1 vperm (@A[1],@t[1],@t[0],@t[5]); # A2A3 vperm (@A[2],@t[2],@t[1],@t[6]); # A4A5 vperm (@A[3],@t[3],@t[2],@t[7]); # A6A7 vperm (@A[4],$vzero,@t[3],@t[8]); # A8A9 vmrhg (@t[0],$vzero,@A[0]); # 00A0 vn (@A[1],@A[1],@t[9]); vn (@A[2],@A[2],@t[9]); vn (@A[3],@A[3],@t[9]); # r = a * b (base 2^56) vmslg (@t[1],@B[0],@t[0],$vzero,0); # B100+B0A0 vmslg (@t[2],@B[0],@A[0],$vzero,0); # B1A0+B0A1 vmslg (@t[3],@B[1],@t[0],$vzero,0); # B300+B2A0 vmslg (@t[4],@B[0],@A[1],$vzero,0); # B1A2+B0A3 vmslg (@t[5],@B[2],@t[0],$vzero,0); # B500+B4A0 vmslg (@t[6],@B[0],@A[2],$vzero,0); # B1A4+B0A5 vmslg (@t[7],@B[3],@t[0],$vzero,0); # B700+B6A0 vmslg (@t[8],@B[0],@A[3],$vzero,0); # B1A6+B0A7 vmslg (@t[9],@B[4],@t[0],$vzero,0); # B900+B8A0, free t[0] vsldb (@t[0],@A[0],@A[1],8); # A1A2 vmslg (@t[10],@B[0],@A[4],$vzero,0); # B1A8+B0A9 vstrl (@t[1],"1($r)",6); vsldb (@t[1],$vzero,@t[1],9); vmslg (@t[3],@B[0],@t[0],@t[3],0); # B1A1+B0A2 vmslg (@t[4],@B[1],@A[0],@t[4],0); # B3A0+B2A1 vmslg (@t[5],@B[1],@t[0],@t[5],0); # B3A1+B2A2 vaq (@t[2],@t[2],@t[1]); # free t[1] vmslg (@t[6],@B[1],@A[1],@t[6],0); # B3A2+B2A3 vmslg (@t[7],@B[2],@t[0],@t[7],0); # B5A1+B4A2 vmslg (@t[8],@B[1],@A[2],@t[8],0); # B3A4+B2A5 vsteb (@t[2],"0($r)",15); vsteb (@t[2],"8+7($r)",14); vsteh (@t[2],"8+5($r)",6); vsteh (@t[2],"8+3($r)",5); vsteb (@t[2],"8+2($r)",9); vsldb (@t[2],$vzero,@t[2],9); vmslg (@t[9],@B[3],@t[0],@t[9],0); # B7A1+B6A2 vmslg (@t[10],@B[1],@A[3],@t[10],0); # B3A6+B2A7 vmslg (@t[1],@B[4],@t[0],$vzero,0); # B9A1+B8A2, free t[0] vaq (@t[3],@t[3],@t[2]); # free t[2] vsldb (@t[0],@A[1],@A[2],8); # A3A4 vmslg (@t[2],@B[1],@A[4],$vzero,0); # B3A8+B2A9 vmslg (@t[5],@B[0],@t[0],@t[5],0); # B1A3+B0A4 vsteh (@t[3],"8($r)",7); vsteh (@t[3],"16+6($r)",6); vsteh (@t[3],"16+4($r)",5); vsteb (@t[3],"16+3($r)",9); vsldb (@t[3],$vzero,@t[3],9); vmslg (@t[6],@B[2],@A[0],@t[6],0); # B5A0+B4A1 vmslg (@t[7],@B[1],@t[0],@t[7],0); # B3A3+B2A4 vmslg (@t[8],@B[2],@A[1],@t[8],0); # B5A2+B4A3 vaq (@t[4],@t[4],@t[3]); # free t[3] vmslg (@t[9],@B[2],@t[0],@t[9],0); # B5A3+B4A4 vmslg (@t[10],@B[2],@A[2],@t[10],0); # B5A4+B4A5 vmslg (@t[1],@B[3],@t[0],@t[1],0); # B7A3+B6A4 vsteh (@t[4],"16+1($r)",7); vsteb (@t[4],"16($r)",13); vsteb (@t[4],"24+7($r)",12); vsteh (@t[4],"24+5($r)",5); vsteb (@t[4],"24+4($r)",9); vsldb (@t[4],$vzero,@t[4],9); vmslg (@t[2],@B[2],@A[3],@t[2],0); # B5A6+B4A7 vmslg (@t[3],@B[4],@t[0],$vzero,0); # B9A3+B8A4, free t[0] vsldb (@t[0],@A[2],@A[3],8); # A5A6 vaq (@t[5],@t[5],@t[4]); # fee t[4] vmslg (@t[4],@B[2],@A[4],$vzero,0); # B5A8+B4A9 vmslg (@t[7],@B[0],@t[0],@t[7],0); # B1A5+B0A6 vmslg (@t[8],@B[3],@A[0],@t[8],0); # B7A0+B6A1 vstef (@t[5],"24($r)",3); vsteh (@t[5],"32+6($r)",5); vsteb (@t[5],"32+5($r)",9); vsldb (@t[5],$vzero,@t[5],9); vmslg (@t[9],@B[1],@t[0],@t[9],0); # B3A5+B2A6 vmslg (@t[10],@B[3],@A[1],@t[10],0); # B7A2+B6A3 vmslg (@t[1],@B[2],@t[0],@t[1],0); # B5A5+B4A6 vaq (@t[6],@t[6],@t[5]); # free t[5] vmslg (@t[2],@B[3],@A[2],@t[2],0); # B7A4+B6A5 vmslg (@t[3],@B[3],@t[0],@t[3],0); # B7A5+B6A6 vmslg (@t[4],@B[3],@A[3],@t[4],0); # B7A6+B6A7 vstef (@t[6],"32+1($r)",3); vsteb (@t[6],"32($r)",11); vsteb (@t[6],"40+7($r)",10); vsteb (@t[6],"40+6($r)",9); vsldb (@t[6],$vzero,@t[6],9); vmslg (@t[5],@B[4],@t[0],$vzero,0); # B9A5+B8A6, free t[0] vsldb (@t[0],@A[3],@A[4],8); # A7A8 vmslg (@t[11],@B[3],@A[4],$vzero,0); # B7A8+B6A9 vaq (@t[7],@t[7],@t[6]); # free t[6] vmslg (@t[9],@B[0],@t[0],@t[9],0); # B1A7+B0A8 vmslg (@t[10],@B[4],@A[0],@t[10],0); # B9A0+B8A1 vmslg (@t[1],@B[1],@t[0],@t[1],0); # B3A7+B2A8 vstef (@t[7],"40+2($r)",3); vsteh (@t[7],"40($r)",5); vsteb (@t[7],"48+7($r)",9); vsldb (@t[7],$vzero,@t[7],9); vmslg (@t[2],@B[4],@A[1],@t[2],0); # B9A2+B8A3 vmslg (@t[3],@B[2],@t[0],@t[3],0); # B5A7+B4A8 vmslg (@t[4],@B[4],@A[2],@t[4],0); # B9A4+B8A5 vaq (@t[8],@t[8],@t[7]); # free t[7] vmslg (@t[5],@B[3],@t[0],@t[5],0); # B7A7+B6A8 vmslg (@t[11],@B[4],@A[3],@t[11],0); # B9A6+B8A7 vmslg (@t[6],@B[4],@t[0],$vzero,0); # B9A7+B8A8, free t[0] vmrlg (@t[0],@A[4],$vzero); # A900 vstef (@t[8],"48+3($r)",3); vsteh (@t[8],"48+1($r)",5); vsteb (@t[8],"48($r)",9); vsldb (@t[8],$vzero,@t[8],9); vmslg (@t[7],@B[4],@A[4],$vzero,0); # B9A8+B8A9 vmslg (@t[1],@B[0],@t[0],@t[1],0); # B1A9+B000 vmslg (@t[3],@B[1],@t[0],@t[3],0); # B3A9+B200 vaq (@t[9],@t[9],@t[8]); # free t[8] vmslg (@t[5],@B[2],@t[0],@t[5],0); # B5A9+B400 vmslg (@t[6],@B[3],@t[0],@t[6],0); # B7A9+B600 vmslg (@t[8],@B[4],@t[0],$vzero,0); # B9A9+B800 vstef (@t[9],"56+4($r)",3); vsteh (@t[9],"56+2($r)",5); vsteb (@t[9],"56+1($r)",9); vsldb (@t[9],$vzero,@t[9],9); vaq (@t[10],@t[10],@t[9]); vsteb (@t[10],"56($r)",15); vsteb (@t[10],"64+7($r)",14); vsteh (@t[10],"64+5($r)",6); vsteh (@t[10],"64+3($r)",5); vsteb (@t[10],"64+2($r)",9); vsldb (@t[10],$vzero,@t[10],9); vaq (@t[1],@t[1],@t[10]); vsteh (@t[1],"64($r)",7); vsteh (@t[1],"72+6($r)",6); vsteh (@t[1],"72+4($r)",5); vsteb (@t[1],"72+3($r)",9); vsldb (@t[1],$vzero,@t[1],9); vaq (@t[2],@t[2],@t[1]); vsteh (@t[2],"72+1($r)",7); vsteb (@t[2],"72($r)",13); vsteb (@t[2],"80+7($r)",12); vsteh (@t[2],"80+5($r)",5); vsteb (@t[2],"80+4($r)",9); vsldb (@t[2],$vzero,@t[2],9); vaq (@t[3],@t[3],@t[2]); vstef (@t[3],"80($r)",3); vsteh (@t[3],"88+6($r)",5); vsteb (@t[3],"88+5($r)",9); vsldb (@t[3],$vzero,@t[3],9); vaq (@t[4],@t[4],@t[3]); vstef (@t[4],"88+1($r)",3); vsteb (@t[4],"88($r)",11); vsteb (@t[4],"96+7($r)",10); vsteb (@t[4],"96+6($r)",9); vsldb (@t[4],$vzero,@t[4],9); vaq (@t[5],@t[5],@t[4]); vstef (@t[5],"96+2($r)",3); vsteh (@t[5],"96($r)",5); vsteb (@t[5],"104+7($r)",9); vsldb (@t[5],$vzero,@t[5],9); vaq (@t[11],@t[11],@t[5]); vstef (@t[11],"104+3($r)",3); vsteh (@t[11],"104+1($r)",5); vsteb (@t[11],"104($r)",9); vsldb (@t[11],$vzero,@t[11],9); vaq (@t[6],@t[6],@t[11]); vstef (@t[6],"112+4($r)",3); vsteh (@t[6],"112+2($r)",5); vsteb (@t[6],"112+1($r)",9); vsldb (@t[6],$vzero,@t[6],9); vaq (@t[7],@t[7],@t[6]); vsteb (@t[7],"112($r)",15); vsteb (@t[7],"120+7($r)",14); vsteh (@t[7],"120+5($r)",6); vsteh (@t[7],"120+3($r)",5); vsteb (@t[7],"120+2($r)",9); vsldb (@t[7],$vzero,@t[7],9); vaq (@t[8],@t[8],@t[7]); vsteh (@t[8],"120($r)",7); VERBATIM("#if !defined(__s390x__) && !defined(__s390x)\n"); ld ("%f4","16*4+2*8($sp)"); ld ("%f6","16*4+3*8($sp)"); VERBATIM("#endif\n"); lghi ("%r2",0); br ("%r14"); ALIGN (8); LABEL (".Lmul512_novx"); lghi ("%r2",1); br ("%r14"); SIZE ("ica_mp_mul512",".-ica_mp_mul512"); } # int ica_mp_sqr512(uint64_t *r, const uint64_t *a); { my @Ar=map("%v$_",(0..8)); my @Al=map("%v$_",(9..10)); my @t=map("%v$_",(11..30)); my $vzero="%v31"; my ($r,$a)=map("%r$_",(2..3)); GLOBL ("ica_mp_sqr512"); TYPE ("ica_mp_sqr512","\@function"); ALIGN (16); LABEL ("ica_mp_sqr512"); larl ("%r1","facility_bits"); lg ("%r0","16(%r1)"); tmhh ("%r0",0x300); # check for vector enhancement jz (".Lsqr512_novx"); # and packed decimal facilities VERBATIM("#if !defined(__s390x__) && !defined(__s390x)\n"); std ("%f4","16*4+2*8($sp)"); std ("%f6","16*4+3*8($sp)"); VERBATIM("#else\n"); std ("%f$_",($_-6)."*8($sp)") for (8..15); VERBATIM("#endif\n"); larl ("%r1",".Lconst"); vzero ($vzero); vlm (@t[0],@t[3],"0($a)"); vlm (@t[4],@t[8],"0(%r1)"); vgbm (@t[9],0x7f7f); # load b (base 2^64 -> base 2^56) vperm (@Ar[0],@t[0],$vzero,@t[4]); # A1A0 vperm (@Ar[2],@t[1],@t[0],@t[5]); # A3A2 vperm (@Ar[4],@t[2],@t[1],@t[6]); # A5A4 vperm (@Ar[6],@t[3],@t[2],@t[7]); # A7A6 vperm (@Ar[8],$vzero,@t[3],@t[8]); # A9A8 vn (@Ar[2],@Ar[2],@t[9]); vn (@Ar[4],@Ar[4],@t[9]); vn (@Ar[6],@Ar[6],@t[9]); vpdi (@Al[0],@Ar[0],@Ar[0],4); # A0A1 vsldb (@t[10],@Ar[0],$vzero,8); # A000 vpdi (@Al[1],@Ar[2],@Ar[2],4); # A2A3 vsldb (@t[11],@Ar[2],$vzero,8); # A200 vsldb (@Ar[1],@Ar[2],@Ar[0],8); # A2A1 vsldb (@Ar[3],@Ar[4],@Ar[2],8); # A4A3 vsldb (@Ar[5],@Ar[6],@Ar[4],8); # A6A5 vsldb (@Ar[7],@Ar[8],@Ar[6],8); # A8A7 # r = a ^ 2 (base 2^56) vmslg (@t[0],@Al[0],@t[10],$vzero,0); # A0A0*1+A100*1 = A0A0*1, free t[10] vmslg (@t[1],@Al[0],@Ar[0],$vzero,0); # A0A1*1+A1A0*1 = A0A1*2 vmslg (@t[2],@Al[0],@Ar[1],$vzero,8); # A0A2*2+A1A1*1 vmslg (@t[3],@Al[0],@Ar[2],$vzero,12);# A0A3*2+A1A2*2 vmslg (@t[4],@Al[0],@Ar[3],$vzero,12);# A0A4*2+A1A3*2 vmslg (@t[5],@Al[0],@Ar[4],$vzero,12);# A0A5*2+A1A4*2 vmslg (@t[6],@Al[0],@Ar[5],$vzero,12);# A0A6*2+A1A5*2 vmslg (@t[7],@Al[0],@Ar[6],$vzero,12);# A0A7*2+A1A6*2 vmslg (@t[8],@Al[0],@Ar[7],$vzero,12);# A0A8*2+A1A7*2 vmslg (@t[9],@Al[0],@Ar[8],$vzero,12);# A0A9*2+A1A8*2 vmslg (@t[19],@Al[1],@t[11],$vzero,0);# 4: A2A2*2+A300*2 = A2A2*1, free t[11] vmslg (@t[18],@Al[1],@Ar[2],$vzero,0);# 5: A2A3*1+A3A2*1 = A2A3*2 vmslg (@t[17],@Al[1],@Ar[3],$vzero,8);# 6: A2A4*2+A3A3*1 vmslg (@t[16],@Al[1],@Ar[4],$vzero,12);# 7: A2A5*2+A3A4*2 vmslg (@t[15],@Al[1],@Ar[5],$vzero,12);# 8: A2A6*2+A3A5*2 vmslg (@t[14],@Al[1],@Ar[6],$vzero,12);# 9: A2A7*2+A3A6*2 vstrl (@t[0],"121($r)",6); vsldb (@t[0],$vzero,@t[0],9); vaq (@t[1],@t[1],@t[0]); # free t[0] vstrl (@t[1],"114($r)",6); vsldb (@t[1],$vzero,@t[1],9); vaq (@t[2],@t[2],@t[1]); # free t[1] vpdi (@Al[0],@Ar[4],@Ar[4],4); # A4A5 vsldb (@t[0],@Ar[4],$vzero,8); # A400 vsldb (@t[1],$vzero,@Ar[4],8); # 00A5 vaq (@t[4],@t[4],@t[19]); # free t[19] vaq (@t[5],@t[5],@t[18]); # free t[18] vaq (@t[6],@t[6],@t[17]); # free t[17] vaq (@t[7],@t[7],@t[16]); # free t[16] vaq (@t[8],@t[8],@t[15]); # free t[15] vaq (@t[9],@t[9],@t[14]); # free t[14] vmslg (@t[19],@Al[0],@t[0],$vzero,0); # 8: A4A4*1+A500*1 = A4A4*1, free t[0] vmslg (@t[18],@Al[0],@Ar[4],$vzero,0);# 9: A4A5*1+A5A4*1 = A4A5*2 vmslg (@t[10],@Al[0],@t[1],$vzero,0);# A400*1+A5A5*1 = A5A5*1, free t[1] vpdi (@Al[0],@Ar[6],@Ar[6],4); # A6A7 vsldb (@t[0],$vzero,@Ar[6],8); # 00A7 vpdi (@Al[1],@Ar[8],@Ar[8],4); # A8A9 vsldb (@t[1],$vzero,@Ar[8],8); # 00A9 vstrl (@t[2],"107($r)",6); vsldb (@t[2],$vzero,@t[2],9); vaq (@t[3],@t[3],@t[2]); # free t[2] vmslg (@t[2],@Al[0],@Ar[3],$vzero,12);# 10: A6A4*2+A7A3*2 vmslg (@t[11],@Al[0],@Ar[4],$vzero,12);# A6A5*2+A7A4*2 vmslg (@t[12],@Al[0],@Ar[5],$vzero,4);# A6A6*1+A7A5*2 vmslg (@t[13],@Al[0],@Ar[6],$vzero,0);# A6A7*1+A7A6*1 = A7A6*2 vmslg (@t[14],@Al[0],@t[0],$vzero,0); # A600*1+A7A7*1 = A7A7*1 vaq (@t[8],@t[8],@t[19]); # free t[19] vaq (@t[9],@t[9],@t[18]); # free t[18] vstrl (@t[3],"100($r)",6); vsldb (@t[3],$vzero,@t[3],9); vaq (@t[4],@t[4],@t[3]); # free t[3] vaq (@t[10],@t[10],@t[2]); # free t[2] vmslg (@t[2],@Al[1],@Ar[1],$vzero,12);# 10: A8A2*2+A9A1*2 vmslg (@t[3],@Al[1],@Ar[2],$vzero,12);# 11: A8A3*2+A9A2*2 vmslg (@Ar[1],@Al[1],@Ar[3],$vzero,12);# 12: A8A4*2+A9A3*2 vmslg (@Ar[2],@Al[1],@Ar[4],$vzero,12);# 13: A8A5*2+A9A4*2 vmslg (@Ar[3],@Al[1],@Ar[5],$vzero,12);# 14: A8A6*2+A9A5*2 vmslg (@t[15],@Al[1],@Ar[6],$vzero,12);# A8A7*2+A9A6*2 vmslg (@t[16],@Al[1],@Ar[7],$vzero,4);# A8A8*1+A9A7*2 vmslg (@t[17],@Al[1],@Ar[8],$vzero,0);# A8A9*1+A9A8*1 = A9A8*2 vmslg (@t[18],@Al[1],@t[1],$vzero,0); # A800*1+A9A9*1 = A9A9*1 vstrl (@t[4],"93($r)",6); vsldb (@t[4],$vzero,@t[4],9); vaq (@t[5],@t[5],@t[4]); # free t[4] vstrl (@t[5],"86($r)",6); vsldb (@t[5],$vzero,@t[5],9); vaq (@t[6],@t[6],@t[5]); # free t[5] vaq (@t[10],@t[10],@t[2]); vaq (@t[11],@t[11],@t[3]); vaq (@t[12],@t[12],@Ar[1]); vaq (@t[13],@t[13],@Ar[2]); vaq (@t[14],@t[14],@Ar[3]); vstrl (@t[6],"79($r)",6); vsldb (@t[6],$vzero,@t[6],9); vaq (@t[7],@t[7],@t[6]); # free t[6] vstrl (@t[7],"72($r)",6); vsldb (@t[7],$vzero,@t[7],9); vaq (@t[8],@t[8],@t[7]); # free t[7] vstrl (@t[8],"65($r)",6); vsldb (@t[8],$vzero,@t[8],9); vaq (@t[9],@t[9],@t[8]); # free t[8] vstrl (@t[9],"58($r)",6); vsldb (@t[9],$vzero,@t[9],9); vaq (@t[10],@t[10],@t[9]); # free[9] vstrl (@t[10],"51($r)",6); vsldb (@t[10],$vzero,@t[10],9); vaq (@t[11],@t[11],@t[10]); # free t[10] vstrl (@t[11],"44($r)",6); vsldb (@t[11],$vzero,@t[11],9); vaq (@t[12],@t[12],@t[11]); # free t[11] vstrl (@t[12],"37($r)",6); vsldb (@t[12],$vzero,@t[12],9); vaq (@t[13],@t[13],@t[12]); # free t[12] vstrl (@t[13],"30($r)",6); vsldb (@t[13],$vzero,@t[13],9); vaq (@t[14],@t[14],@t[13]); # free t[13] vstrl (@t[14],"23($r)",6); vsldb (@t[14],$vzero,@t[14],9); vaq (@t[15],@t[15],@t[14]); # free t[14] vstrl (@t[15],"16($r)",6); vsldb (@t[15],$vzero,@t[15],9); vaq (@t[16],@t[16],@t[15]); # free t[15] vstrl (@t[16],"9($r)",6); vsldb (@t[16],$vzero,@t[16],9); vaq (@t[17],@t[17],@t[16]); # free t[16] vstrl (@t[17],"2($r)",6); vsldb (@t[17],$vzero,@t[17],9); vaq (@t[18],@t[18],@t[17]); # free t[17] vstrl (@t[18],"0($r)",1); # free t[18] vl (@t[$_],"112-16*$_($r)") for (0..7); vpdi (@t[$_],@t[$_],@t[$_],4) for (0..7); vst (@t[$_],"0+16*$_($r)") for (0..7); VERBATIM("#if !defined(__s390x__) && !defined(__s390x)\n"); ld ("%f4","16*4+2*8($sp)"); ld ("%f6","16*4+3*8($sp)"); VERBATIM("#else\n"); ld ("%f$_",($_-6)."*8($sp)") for (8..15); VERBATIM("#endif\n"); lghi ("%r2",0); br ("%r14"); ALIGN (8); LABEL (".Lsqr512_novx"); lghi ("%r2",1); br ("%r14"); SIZE ("ica_mp_sqr512",".-ica_mp_sqr512"); } ALIGN (128); LABEL (".Lconst"); LONG (0x100a0b0c,0x0d0e0f00,0x10010203,0x04050607); LONG (0x100c0d0e,0x0f000102,0x10030405,0x06071819); LONG (0x100e0f00,0x01020304,0x10050607,0x18191a1b); LONG (0x10000102,0x03040506,0x10071819,0x1a1b1c1d); LONG (0x00000000,0x00000018,0x00191a1b,0x1c1d1e1f); VERBATIM("#if defined(__linux__) && defined(__ELF__)\n"); SECTION (".note.GNU-stack,\"\",%progbits"); VERBATIM("#endif\n"); PERLASM_END(); libica-4.0.1/src/openssl3-fips.cnf.in000066400000000000000000000002641417716165400173460ustar00rootroot00000000000000openssl_conf = openssl_init .include @FIPSDIR@/fipsmodule.cnf [openssl_init] providers = provider_sect [provider_sect] fips = fips_sect base = base_sect [base_sect] activate=1 libica-4.0.1/src/perlasm/000077500000000000000000000000001417716165400152055ustar00rootroot00000000000000libica-4.0.1/src/perlasm/s390x.pm000066400000000000000000001334061417716165400164400ustar00rootroot00000000000000#!/usr/bin/env perl # This program is released under the Common Public License V1.0 # # You should have received a copy of Common Public License V1.0 along with # with this program. # # Author(s): Patrick Steuer # # Copyright IBM Corp. 2016 package perlasm::s390x; use strict; use warnings; use Carp qw(confess); use Exporter qw(import); our @EXPORT=qw(PERLASM_BEGIN PERLASM_END); our @EXPORT_OK=qw(AUTOLOAD LABEL VERBATIM stfle); our %EXPORT_TAGS=( MSA => [qw(kmac km kmc kimd klmd)], MSA4 => [qw(kmf kmo pcc kmctr)], MSA5 => [qw(ppno prno)], MSA8 => [qw(kma)], VX => [qw(vgef vgeg vgbm vzero vone vgm vgmb vgmh vgmf vgmg vl vlr vlrep vlrepb vlreph vlrepf vlrepg vleb vleh vlef vleg vleib vleih vleif vleig vlgv vlgvb vlgvh vlgvf vlgvg vllez vllezb vllezh vllezf vllezg vlm vlbb vlvg vlvgb vlvgh vlvgf vlvgg vlvgp vll vmrh vmrhb vmrhh vmrhf vmrhg vmrl vmrlb vmrlh vmrlf vmrlg vpk vpkh vpkf vpkg vpks vpksh vpksf vpksg vpkshs vpksfs vpksgs vpkls vpklsh vpklsf vpklsg vpklshs vpklsfs vpklsgs vperm vpdi vrep vrepb vreph vrepf vrepg vrepi vrepib vrepih vrepif vrepig vscef vsceg vsel vseg vsegb vsegh vsegf vst vsteb vsteh vstef vsteg vstm vstl vuph vuphb vuphh vuphf vuplh vuplhb vuplhh vuplhf vupl vuplb vuplhw vuplf vupll vupllb vupllh vupllf va vab vah vaf vag vaq vacc vaccb vacch vaccf vaccg vaccq vac vacq vaccc vacccq vn vnc vavg vavgb vavgh vavgf vavgg vavgl vavglb vavglh vavglf vavglg vcksm vec_ vecb vech vecf vecg vecl veclb veclh veclf veclg vceq vceqb vceqh vceqf vceqg vceqbs vceqhs vceqfs vceqgs vch vchb vchh vchf vchg vchbs vchhs vchfs vchgs vchl vchlb vchlh vchlf vchlg vchlbs vchlhs vchlfs vchlgs vclz vclzb vclzh vclzf vclzg vctz vctzb vctzh vctzf vctzg vx vgfm vgfmb vgfmh vgfmf vgfmg vgfma vgfmab vgfmah vgfmaf vgfmag vlc vlcb vlch vlcf vlcg vlp vlpb vlph vlpf vlpg vmx vmxb vmxh vmxf vmxg vmxl vmxlb vmxlh vmxlf vmxlg vmn vmnb vmnh vmnf vmng vmnl vmnlb vmnlh vmnlf vmnlg vmal vmalb vmalhw vmalf vmah vmahb vmahh vmahf vmalh vmalhb vmalhh vmalhf vmae vmaeb vmaeh vmaef vmale vmaleb vmaleh vmalef vmao vmaob vmaoh vmaof vmalo vmalob vmaloh vmalof vmh vmhb vmhh vmhf vmlh vmlhb vmlhh vmlhf vml vmlb vmlhw vmlf vme vmeb vmeh vmef vmle vmleb vmleh vmlef vmo vmob vmoh vmof vmlo vmlob vmloh vmlof vno vnot vo vpopct verllv verllvb verllvh verllvf verllvg verll verllb verllh verllf verllg verim verimb verimh verimf verimg veslv veslvb veslvh veslvf veslvg vesl veslb veslh veslf veslg vesrav vesravb vesravh vesravf vesravg vesra vesrab vesrah vesraf vesrag vesrlv vesrlvb vesrlvh vesrlvf vesrlvg vesrl vesrlb vesrlh vesrlf vesrlg vsl vslb vsldb vsra vsrab vsrl vsrlb vs vsb vsh vsf vsg vsq vscbi vscbib vscbih vscbif vscbig vscbiq vsbi vsbiq vsbcbi vsbcbiq vsumg vsumgh vsumgf vsumq vsumqf vsumqg vsum vsumb vsumh vtm vfae vfaeb vfaeh vfaef vfaebs vfaehs vfaefs vfaezb vfaezh vfaezf vfaezbs vfaezhs vfaezfs vfee vfeeb vfeeh vfeef vfeebs vfeehs vfeefs vfeezb vfeezh vfeezf vfeezbs vfeezhs vfeezfs vfene vfeneb vfeneh vfenef vfenebs vfenehs vfenefs vfenezb vfenezh vfenezf vfenezbs vfenezhs vfenezfs vistr vistrb vistrh vistrf vistrbs vistrhs vistrfs vstrc vstrcb vstrch vstrcf vstrcbs vstrchs vstrcfs vstrczb vstrczh vstrczf vstrczbs vstrczhs vstrczfs vfa vfadb wfadb wfc wfcdb wfk wfkdb vfce vfcedb wfcedb vfcedbs wfcedbs vfch vfchdb wfchdb vfchdbs wfchdbs vfche vfchedb wfchedb vfchedbs wfchedbs vcdg vcdgb wcdgb vcdlg vcdlgb wcdlgb vcgd vcgdb wcgdb vclgd vclgdb wclgdb vfd vfddb wfddb vfi vfidb wfidb vlde vldeb wldeb vled vledb wledb vfm vfmdb wfmdb vfma vfmadb wfmadb vfms vfmsdb wfmsdb vfpso vfpsodb wfpsodb vflcdb wflcdb vflndb wflndb vflpdb wflpdb vfsq vfsqdb wfsqdb vfs vfsdb wfsdb vftci vftcidb wftcidb)], VXE => [qw(vbperm vllezlf vmsl vmslg vnx vnn voc vpopctb vpopcth vpopctf vpopctg vfasb wfasb wfaxb wfcsb wfcxb wfksb wfkxb vfcesb vfcesbs wfcesb wfcesbs wfcexb wfcexbs vfchsb vfchsbs wfchsb wfchsbs wfchxb wfchxbs vfchesb vfchesbs wfchesb wfchesbs wfchexb wfchexbs vfdsb wfdsb wfdxb vfisb wfisb wfixb vfll vflls wflls wflld vflr vflrd wflrd wflrx vfmax vfmaxsb vfmaxdb wfmaxsb wfmaxdb wfmaxxb vfmin vfminsb vfmindb wfminsb wfmindb wfminxb vfmsb wfmsb wfmxb vfnma vfnms vfmasb wfmasb wfmaxb vfmssb wfmssb wfmsxb vfnmasb vfnmadb wfnmasb wfnmadb wfnmaxb vfnmssb vfnmsdb wfnmssb wfnmsdb wfnmsxb vfpsosb wfpsosb vflcsb wflcsb vflnsb wflnsb vflpsb wflpsb vfpsoxb wfpsoxb vflcxb wflcxb vflnxb wflnxb vflpxb wflpxb vfsqsb wfsqsb wfsqxb vfssb wfssb wfsxb vftcisb wftcisb wftcixb)], VXD => [qw(vlrlr vlrl vstrlr vstrl vap vcp vcvb vcvbg vcvd vcvdg vdp vlip vmp vmsp vpkz vpsop vrp vsdp vsrp vsp vtp vupkz)], ); Exporter::export_ok_tags(qw(MSA MSA4 MSA5 MSA8 VX VXE VXD)); our $AUTOLOAD; my $GR='(?:%r)?([0-9]|1[0-5])'; my $VR='(?:%v)?([0-9]|1[0-9]|2[0-9]|3[0-1])'; my ($file,$out); sub PERLASM_BEGIN { ($file,$out)=(shift,""); } sub PERLASM_END { if (defined($file)) { open(my $fd,'>',$file)||die("can't open $file: $!"); print({$fd}$out); close($fd); } else { print($out); } } sub AUTOLOAD { confess(err("PARSE")) if (grep(!defined($_),@_)); my $token; for ($AUTOLOAD) { $token=".$1" if (/^.*::([A-Z]+)_?$/); # uppercase: directive $token="\t$1" if (/^.*::([a-z]+)_?$/); # lowercase: mnemonic confess(err("PARSE")) if (!defined($token)); } $token.="\t" if ($#_>=0); $out.=$token.join(',',@_)."\n"; } sub LABEL { # label directive confess(err("ARGNUM")) if ($#_!=0); my ($label)=@_; $out.="$label:\n"; } sub VERBATIM { confess(err("ARGNUM")) if ($#_!=0); my ($verbatim)=@_; $out.="$verbatim"; } # # Mnemonics # sub stfle { confess(err("ARGNUM")) if ($#_!=0); S(0xb2b0,@_); } # MSA sub kmac { confess(err("ARGNUM")) if ($#_!=1); RRE(0xb91e,@_); } sub km { confess(err("ARGNUM")) if ($#_!=1); RRE(0xb92e,@_); } sub kmc { confess(err("ARGNUM")) if ($#_!=1); RRE(0xb92f,@_); } sub kimd { confess(err("ARGNUM")) if ($#_!=1); RRE(0xb93e,@_); } sub klmd { confess(err("ARGNUM")) if ($#_!=1); RRE(0xb93f,@_); } # MSA4 sub kmf { confess(err("ARGNUM")) if ($#_!=1); RRE(0xb92a,@_); } sub kmo { confess(err("ARGNUM")) if ($#_!=1); RRE(0xb92b,@_); } sub pcc { confess(err("ARGNUM")) if ($#_!=-1); RRE(0xb92c,@_); } sub kmctr { confess(err("ARGNUM")) if ($#_!=2); RRFb(0xb92d,@_); } # MSA5 sub prno { ppno(@_); } sub ppno { # deprecated, use prno confess(err("ARGNUM")) if ($#_!=1); RRE(0xb93c,@_); } # MSA8 sub kma { confess(err("ARGNUM")) if ($#_!=2); RRFb(0xb929,@_); } # VX - Support Instructions sub vgef { confess(err("ARGNUM")) if ($#_!=2); VRV(0xe713,@_); } sub vgeg { confess(err("ARGNUM")) if ($#_!=2); VRV(0xe712,@_); } sub vgbm { confess(err("ARGNUM")) if ($#_!=1); VRIa(0xe744,@_); } sub vzero { vgbm(@_,0); } sub vone { vgbm(@_,0xffff); } sub vgm { confess(err("ARGNUM")) if ($#_!=3); VRIb(0xe746,@_); } sub vgmb { vgm(@_,0); } sub vgmh { vgm(@_,1); } sub vgmf { vgm(@_,2); } sub vgmg { vgm(@_,3); } sub vl { confess(err("ARGNUM")) if ($#_!=1); VRX(0xe706,@_); } sub vlr { confess(err("ARGNUM")) if ($#_!=1); VRRa(0xe756,@_); } sub vlrep { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe705,@_); } sub vlrepb { vlrep(@_,0); } sub vlreph { vlrep(@_,1); } sub vlrepf { vlrep(@_,2); } sub vlrepg { vlrep(@_,3); } sub vleb { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe700,@_); } sub vleh { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe701,@_); } sub vlef { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe703,@_); } sub vleg { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe702,@_); } sub vleib { confess(err("ARGNUM")) if ($#_!=2); VRIa(0xe740,@_); } sub vleih { confess(err("ARGNUM")) if ($#_!=2); VRIa(0xe741,@_); } sub vleif { confess(err("ARGNUM")) if ($#_!=2); VRIa(0xe743,@_); } sub vleig { confess(err("ARGNUM")) if ($#_!=2); VRIa(0xe742,@_); } sub vlgv { confess(err("ARGNUM")) if ($#_!=3); VRSc(0xe721,@_); } sub vlgvb { vlgv(@_,0); } sub vlgvh { vlgv(@_,1); } sub vlgvf { vlgv(@_,2); } sub vlgvg { vlgv(@_,3); } sub vllez { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe704,@_); } sub vllezb { vllez(@_,0); } sub vllezh { vllez(@_,1); } sub vllezf { vllez(@_,2); } sub vllezg { vllez(@_,3); } sub vlm { confess(err("ARGNUM")) if ($#_!=2); VRSa(0xe736,@_); } sub vlbb { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe707,@_); } sub vlvg { confess(err("ARGNUM")) if ($#_!=3); VRSb(0xe722,@_); } sub vlvgb { vlvg(@_,0); } sub vlvgh { vlvg(@_,1); } sub vlvgf { vlvg(@_,2); } sub vlvgg { vlvg(@_,3); } sub vlvgp { confess(err("ARGNUM")) if ($#_!=2); VRRf(0xe762,@_); } sub vll { confess(err("ARGNUM")) if ($#_!=2); VRSb(0xe737,@_); } sub vmrh { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe761,@_); } sub vmrhb { vmrh(@_,0); } sub vmrhh { vmrh(@_,1); } sub vmrhf { vmrh(@_,2); } sub vmrhg { vmrh(@_,3); } sub vmrl { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe760,@_); } sub vmrlb { vmrl(@_,0); } sub vmrlh { vmrl(@_,1); } sub vmrlf { vmrl(@_,2); } sub vmrlg { vmrl(@_,3); } sub vpk { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe794,@_); } sub vpkh { vpk(@_,1); } sub vpkf { vpk(@_,2); } sub vpkg { vpk(@_,3); } sub vpks { confess(err("ARGNUM")) if ($#_!=4); VRRb(0xe797,@_); } sub vpksh { vpks(@_,1,0); } sub vpksf { vpks(@_,2,0); } sub vpksg { vpks(@_,3,0); } sub vpkshs { vpks(@_,1,1); } sub vpksfs { vpks(@_,2,1); } sub vpksgs { vpks(@_,3,1); } sub vpkls { confess(err("ARGNUM")) if ($#_!=4); VRRb(0xe795,@_); } sub vpklsh { vpkls(@_,1,0); } sub vpklsf { vpkls(@_,2,0); } sub vpklsg { vpkls(@_,3,0); } sub vpklshs { vpkls(@_,1,1); } sub vpklsfs { vpkls(@_,2,1); } sub vpklsgs { vpkls(@_,3,1); } sub vperm { confess(err("ARGNUM")) if ($#_!=3); VRRe(0xe78c,@_); } sub vpdi { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe784,@_); } sub vrep { confess(err("ARGNUM")) if ($#_!=3); VRIc(0xe74d,@_); } sub vrepb { vrep(@_,0); } sub vreph { vrep(@_,1); } sub vrepf { vrep(@_,2); } sub vrepg { vrep(@_,3); } sub vrepi { confess(err("ARGNUM")) if ($#_!=2); VRIa(0xe745,@_); } sub vrepib { vrepi(@_,0); } sub vrepih { vrepi(@_,1); } sub vrepif { vrepi(@_,2); } sub vrepig { vrepi(@_,3); } sub vscef { confess(err("ARGNUM")) if ($#_!=2); VRV(0xe71b,@_); } sub vsceg { confess(err("ARGNUM")) if ($#_!=2); VRV(0xe71a,@_); } sub vsel { confess(err("ARGNUM")) if ($#_!=3); VRRe(0xe78d,@_); } sub vseg { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe75f,@_); } sub vsegb { vseg(@_,0); } sub vsegh { vseg(@_,1); } sub vsegf { vseg(@_,2); } sub vst { confess(err("ARGNUM")) if ($#_!=1); VRX(0xe70e,@_); } sub vsteb { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe708,@_); } sub vsteh { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe709,@_); } sub vstef { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe70b,@_); } sub vsteg { confess(err("ARGNUM")) if ($#_!=2); VRX(0xe70a,@_); } sub vstm { confess(err("ARGNUM")) if ($#_!=2); VRSa(0xe73e,@_); } sub vstl { confess(err("ARGNUM")) if ($#_!=2); VRSb(0xe73f,@_); } sub vuph { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7d7,@_); } sub vuphb { vuph(@_,0); } sub vuphh { vuph(@_,1); } sub vuphf { vuph(@_,2); } sub vuplh { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7d5,@_); } sub vuplhb { vuplh(@_,0); } sub vuplhh { vuplh(@_,1); } sub vuplhf { vuplh(@_,2); } sub vupl { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7d6,@_); } sub vuplb { vupl(@_,0); } sub vuplhw { vupl(@_,1); } sub vuplf { vupl(@_,2); } sub vupll { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7d4,@_); } sub vupllb { vupll(@_,0); } sub vupllh { vupll(@_,1); } sub vupllf { vupll(@_,2); } # VX - Integer Instructions sub va { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7f3,@_); } sub vab { va(@_,0); } sub vah { va(@_,1); } sub vaf { va(@_,2); } sub vag { va(@_,3); } sub vaq { va(@_,4); } sub vacc { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7f1,@_); } sub vaccb { vacc(@_,0); } sub vacch { vacc(@_,1); } sub vaccf { vacc(@_,2); } sub vaccg { vacc(@_,3); } sub vaccq { vacc(@_,4); } sub vac { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7bb,@_); } sub vacq { vac(@_,4); } sub vaccc { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7b9,@_); } sub vacccq { vaccc(@_,4); } sub vn { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe768,@_); } sub vnc { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe769,@_); } sub vavg { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7f2,@_); } sub vavgb { vavg(@_,0); } sub vavgh { vavg(@_,1); } sub vavgf { vavg(@_,2); } sub vavgg { vavg(@_,3); } sub vavgl { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7f0,@_); } sub vavglb { vavgl(@_,0); } sub vavglh { vavgl(@_,1); } sub vavglf { vavgl(@_,2); } sub vavglg { vavgl(@_,3); } sub vcksm { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe766,@_); } sub vec_ { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7db,@_); } sub vecb { vec_(@_,0); } sub vech { vec_(@_,1); } sub vecf { vec_(@_,2); } sub vecg { vec_(@_,3); } sub vecl { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7d9,@_); } sub veclb { vecl(@_,0); } sub veclh { vecl(@_,1); } sub veclf { vecl(@_,2); } sub veclg { vecl(@_,3); } sub vceq { confess(err("ARGNUM")) if ($#_!=4); VRRb(0xe7f8,@_); } sub vceqb { vceq(@_,0,0); } sub vceqh { vceq(@_,1,0); } sub vceqf { vceq(@_,2,0); } sub vceqg { vceq(@_,3,0); } sub vceqbs { vceq(@_,0,1); } sub vceqhs { vceq(@_,1,1); } sub vceqfs { vceq(@_,2,1); } sub vceqgs { vceq(@_,3,1); } sub vch { confess(err("ARGNUM")) if ($#_!=4); VRRb(0xe7fb,@_); } sub vchb { vch(@_,0,0); } sub vchh { vch(@_,1,0); } sub vchf { vch(@_,2,0); } sub vchg { vch(@_,3,0); } sub vchbs { vch(@_,0,1); } sub vchhs { vch(@_,1,1); } sub vchfs { vch(@_,2,1); } sub vchgs { vch(@_,3,1); } sub vchl { confess(err("ARGNUM")) if ($#_!=4); VRRb(0xe7f9,@_); } sub vchlb { vchl(@_,0,0); } sub vchlh { vchl(@_,1,0); } sub vchlf { vchl(@_,2,0); } sub vchlg { vchl(@_,3,0); } sub vchlbs { vchl(@_,0,1); } sub vchlhs { vchl(@_,1,1); } sub vchlfs { vchl(@_,2,1); } sub vchlgs { vchl(@_,3,1); } sub vclz { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe753,@_); } sub vclzb { vclz(@_,0); } sub vclzh { vclz(@_,1); } sub vclzf { vclz(@_,2); } sub vclzg { vclz(@_,3); } sub vctz { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe752,@_); } sub vctzb { vctz(@_,0); } sub vctzh { vctz(@_,1); } sub vctzf { vctz(@_,2); } sub vctzg { vctz(@_,3); } sub vx { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe76d,@_); } sub vgfm { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7b4,@_); } sub vgfmb { vgfm(@_,0); } sub vgfmh { vgfm(@_,1); } sub vgfmf { vgfm(@_,2); } sub vgfmg { vgfm(@_,3); } sub vgfma { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7bc,@_); } sub vgfmab { vgfma(@_,0); } sub vgfmah { vgfma(@_,1); } sub vgfmaf { vgfma(@_,2); } sub vgfmag { vgfma(@_,3); } sub vlc { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7de,@_); } sub vlcb { vlc(@_,0); } sub vlch { vlc(@_,1); } sub vlcf { vlc(@_,2); } sub vlcg { vlc(@_,3); } sub vlp { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe7df,@_); } sub vlpb { vlp(@_,0); } sub vlph { vlp(@_,1); } sub vlpf { vlp(@_,2); } sub vlpg { vlp(@_,3); } sub vmx { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7ff,@_); } sub vmxb { vmx(@_,0); } sub vmxh { vmx(@_,1); } sub vmxf { vmx(@_,2); } sub vmxg { vmx(@_,3); } sub vmxl { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7fd,@_); } sub vmxlb { vmxl(@_,0); } sub vmxlh { vmxl(@_,1); } sub vmxlf { vmxl(@_,2); } sub vmxlg { vmxl(@_,3); } sub vmn { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7fe,@_); } sub vmnb { vmn(@_,0); } sub vmnh { vmn(@_,1); } sub vmnf { vmn(@_,2); } sub vmng { vmn(@_,3); } sub vmnl { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7fc,@_); } sub vmnlb { vmnl(@_,0); } sub vmnlh { vmnl(@_,1); } sub vmnlf { vmnl(@_,2); } sub vmnlg { vmnl(@_,3); } sub vmal { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7aa,@_); } sub vmalb { vmal(@_,0); } sub vmalhw { vmal(@_,1); } sub vmalf { vmal(@_,2); } sub vmah { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7ab,@_); } sub vmahb { vmah(@_,0); } sub vmahh { vmah(@_,1); } sub vmahf { vmah(@_,2); } sub vmalh { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7a9,@_); } sub vmalhb { vmalh(@_,0); } sub vmalhh { vmalh(@_,1); } sub vmalhf { vmalh(@_,2); } sub vmae { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7ae,@_); } sub vmaeb { vmae(@_,0); } sub vmaeh { vmae(@_,1); } sub vmaef { vmae(@_,2); } sub vmale { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7ac,@_); } sub vmaleb { vmale(@_,0); } sub vmaleh { vmale(@_,1); } sub vmalef { vmale(@_,2); } sub vmao { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7af,@_); } sub vmaob { vmao(@_,0); } sub vmaoh { vmao(@_,1); } sub vmaof { vmao(@_,2); } sub vmalo { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7ad,@_); } sub vmalob { vmalo(@_,0); } sub vmaloh { vmalo(@_,1); } sub vmalof { vmalo(@_,2); } sub vmh { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7a3,@_); } sub vmhb { vmh(@_,0); } sub vmhh { vmh(@_,1); } sub vmhf { vmh(@_,2); } sub vmlh { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7a1,@_); } sub vmlhb { vmlh(@_,0); } sub vmlhh { vmlh(@_,1); } sub vmlhf { vmlh(@_,2); } sub vml { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7a2,@_); } sub vmlb { vml(@_,0); } sub vmlhw { vml(@_,1); } sub vmlf { vml(@_,2); } sub vme { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7a6,@_); } sub vmeb { vme(@_,0); } sub vmeh { vme(@_,1); } sub vmef { vme(@_,2); } sub vmle { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7a4,@_); } sub vmleb { vmle(@_,0); } sub vmleh { vmle(@_,1); } sub vmlef { vmle(@_,2); } sub vmo { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7a7,@_); } sub vmob { vmo(@_,0); } sub vmoh { vmo(@_,1); } sub vmof { vmo(@_,2); } sub vmlo { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7a5,@_); } sub vmlob { vmlo(@_,0); } sub vmloh { vmlo(@_,1); } sub vmlof { vmlo(@_,2); } sub vno { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe76b,@_); } sub vnot { vno(@_,$_[1]); } sub vo { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe76a,@_); } sub vpopct { confess(err("ARGNUM")) if ($#_!=2); VRRa(0xe750,@_); } sub verllv { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe773,@_); } sub verllvb { verllv(@_,0); } sub verllvh { verllv(@_,1); } sub verllvf { verllv(@_,2); } sub verllvg { verllv(@_,3); } sub verll { confess(err("ARGNUM")) if ($#_!=3); VRSa(0xe733,@_); } sub verllb { verll(@_,0); } sub verllh { verll(@_,1); } sub verllf { verll(@_,2); } sub verllg { verll(@_,3); } sub verim { confess(err("ARGNUM")) if ($#_!=4); VRId(0xe772,@_); } sub verimb { verim(@_,0); } sub verimh { verim(@_,1); } sub verimf { verim(@_,2); } sub verimg { verim(@_,3); } sub veslv { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe770,@_); } sub veslvb { veslv(@_,0); } sub veslvh { veslv(@_,1); } sub veslvf { veslv(@_,2); } sub veslvg { veslv(@_,3); } sub vesl { confess(err("ARGNUM")) if ($#_!=3); VRSa(0xe730,@_); } sub veslb { vesl(@_,0); } sub veslh { vesl(@_,1); } sub veslf { vesl(@_,2); } sub veslg { vesl(@_,3); } sub vesrav { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe77a,@_); } sub vesravb { vesrav(@_,0); } sub vesravh { vesrav(@_,1); } sub vesravf { vesrav(@_,2); } sub vesravg { vesrav(@_,3); } sub vesra { confess(err("ARGNUM")) if ($#_!=3); VRSa(0xe73a,@_); } sub vesrab { vesra(@_,0); } sub vesrah { vesra(@_,1); } sub vesraf { vesra(@_,2); } sub vesrag { vesra(@_,3); } sub vesrlv { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe778,@_); } sub vesrlvb { vesrlv(@_,0); } sub vesrlvh { vesrlv(@_,1); } sub vesrlvf { vesrlv(@_,2); } sub vesrlvg { vesrlv(@_,3); } sub vesrl { confess(err("ARGNUM")) if ($#_!=3); VRSa(0xe738,@_); } sub vesrlb { vesrl(@_,0); } sub vesrlh { vesrl(@_,1); } sub vesrlf { vesrl(@_,2); } sub vesrlg { vesrl(@_,3); } sub vsl { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe774,@_); } sub vslb { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe775,@_); } sub vsldb { confess(err("ARGNUM")) if ($#_!=3); VRId(0xe777,@_); } sub vsra { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe77e,@_); } sub vsrab { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe77f,@_); } sub vsrl { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe77c,@_); } sub vsrlb { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe77d,@_); } sub vs { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7f7,@_); } sub vsb { vs(@_,0); } sub vsh { vs(@_,1); } sub vsf { vs(@_,2); } sub vsg { vs(@_,3); } sub vsq { vs(@_,4); } sub vscbi { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe7f5,@_); } sub vscbib { vscbi(@_,0); } sub vscbih { vscbi(@_,1); } sub vscbif { vscbi(@_,2); } sub vscbig { vscbi(@_,3); } sub vscbiq { vscbi(@_,4); } sub vsbi { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7bf,@_); } sub vsbiq { vsbi(@_,4); } sub vsbcbi { confess(err("ARGNUM")) if ($#_!=4); VRRd(0xe7bd,@_); } sub vsbcbiq { vsbcbi(@_,4); } sub vsumg { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe765,@_); } sub vsumgh { vsumg(@_,1); } sub vsumgf { vsumg(@_,2); } sub vsumq { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe767,@_); } sub vsumqf { vsumq(@_,2); } sub vsumqg { vsumq(@_,3); } sub vsum { confess(err("ARGNUM")) if ($#_!=3); VRRc(0xe764,@_); } sub vsumb { vsum(@_,0); } sub vsumh { vsum(@_,1); } sub vtm { confess(err("ARGNUM")) if ($#_!=1); VRRa(0xe7d8,@_); } # VX - String Instructions sub vfae { confess(err("ARGNUM")) if ($#_<3||$#_>4); VRRb(0xe782,@_); } sub vfaeb { vfae(@_[0..2],0,$_[3]); } sub vfaeh { vfae(@_[0..2],1,$_[3]); } sub vfaef { vfae(@_[0..2],2,$_[3]); } sub vfaebs { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],0,0x1|$_[3]); } sub vfaehs { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],1,0x1|$_[3]); } sub vfaefs { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],2,0x1|$_[3]); } sub vfaezb { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],0,0x2|$_[3]); } sub vfaezh { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],1,0x2|$_[3]); } sub vfaezf { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],2,0x2|$_[3]); } sub vfaezbs { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],0,0x3|$_[3]); } sub vfaezhs { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],1,0x3|$_[3]); } sub vfaezfs { $_[3]=0 if (!defined($_[3])); vfae(@_[0..2],2,0x3|$_[3]); } sub vfee { confess(err("ARGNUM")) if ($#_<3||$#_>4); VRRb(0xe780,@_); } sub vfeeb { vfee(@_[0..2],0,$_[3]); } sub vfeeh { vfee(@_[0..2],1,$_[3]); } sub vfeef { vfee(@_[0..2],2,$_[3]); } sub vfeebs { vfee(@_,0,1); } sub vfeehs { vfee(@_,1,1); } sub vfeefs { vfee(@_,2,1); } sub vfeezb { vfee(@_,0,2); } sub vfeezh { vfee(@_,1,2); } sub vfeezf { vfee(@_,2,2); } sub vfeezbs { vfee(@_,0,3); } sub vfeezhs { vfee(@_,1,3); } sub vfeezfs { vfee(@_,2,3); } sub vfene { confess(err("ARGNUM")) if ($#_<3||$#_>4); VRRb(0xe781,@_); } sub vfeneb { vfene(@_[0..2],0,$_[3]); } sub vfeneh { vfene(@_[0..2],1,$_[3]); } sub vfenef { vfene(@_[0..2],2,$_[3]); } sub vfenebs { vfene(@_,0,1); } sub vfenehs { vfene(@_,1,1); } sub vfenefs { vfene(@_,2,1); } sub vfenezb { vfene(@_,0,2); } sub vfenezh { vfene(@_,1,2); } sub vfenezf { vfene(@_,2,2); } sub vfenezbs { vfene(@_,0,3); } sub vfenezhs { vfene(@_,1,3); } sub vfenezfs { vfene(@_,2,3); } sub vistr { confess(err("ARGNUM")) if ($#_<2||$#_>3); VRRa(0xe75c,@_[0..2],0,$_[3]); } sub vistrb { vistr(@_[0..1],0,$_[2]); } sub vistrh { vistr(@_[0..1],1,$_[2]); } sub vistrf { vistr(@_[0..1],2,$_[2]); } sub vistrbs { vistr(@_,0,1); } sub vistrhs { vistr(@_,1,1); } sub vistrfs { vistr(@_,2,1); } sub vstrc { confess(err("ARGNUM")) if ($#_<4||$#_>5); VRRd(0xe78a,@_); } sub vstrcb { vstrc(@_[0..3],0,$_[4]); } sub vstrch { vstrc(@_[0..3],1,$_[4]); } sub vstrcf { vstrc(@_[0..3],2,$_[4]); } sub vstrcbs { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],0,0x1|$_[4]); } sub vstrchs { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],1,0x1|$_[4]); } sub vstrcfs { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],2,0x1|$_[4]); } sub vstrczb { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],0,0x2|$_[4]); } sub vstrczh { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],1,0x2|$_[4]); } sub vstrczf { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],2,0x2|$_[4]); } sub vstrczbs { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],0,0x3|$_[4]); } sub vstrczhs { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],1,0x3|$_[4]); } sub vstrczfs { $_[4]=0 if (!defined($_[4])); vstrc(@_[0..3],2,0x3|$_[4]); } # VX - Floating-point Instructions sub vfa { confess(err("ARGNUM")) if ($#_!=4); VRRc(0xe7e3,@_); } sub vfadb { vfa(@_,3,0); } sub wfadb { vfa(@_,3,8); } sub wfc { confess(err("ARGNUM")) if ($#_!=3); VRRa(0xe7cb,@_); } sub wfcdb { wfc(@_,3,0); } sub wfk { confess(err("ARGNUM")) if ($#_!=3); VRRa(0xe7ca,@_); } sub wfksb { wfk(@_,2,0); } sub wfkdb { wfk(@_,3,0); } sub wfkxb { wfk(@_,4,0); } sub vfce { confess(err("ARGNUM")) if ($#_!=5); VRRc(0xe7e8,@_); } sub vfcedb { vfce(@_,3,0,0); } sub vfcedbs { vfce(@_,3,0,1); } sub wfcedb { vfce(@_,3,8,0); } sub wfcedbs { vfce(@_,3,8,1); } sub vfch { confess(err("ARGNUM")) if ($#_!=5); VRRc(0xe7eb,@_); } sub vfchdb { vfch(@_,3,0,0); } sub vfchdbs { vfch(@_,3,0,1); } sub wfchdb { vfch(@_,3,8,0); } sub wfchdbs { vfch(@_,3,8,1); } sub vfche { confess(err("ARGNUM")) if ($#_!=5); VRRc(0xe7ea,@_); } sub vfchedb { vfche(@_,3,0,0); } sub vfchedbs { vfche(@_,3,0,1); } sub wfchedb { vfche(@_,3,8,0); } sub wfchedbs { vfche(@_,3,8,1); } sub vcdg { confess(err("ARGNUM")) if ($#_!=4); VRRa(0xe7c3,@_); } sub vcdgb { vcdg(@_[0..1],3,@_[2..3]); } sub wcdgb { vcdg(@_[0..1],3,0x8|$_[2],$_[3]); } sub vcdlg { confess(err("ARGNUM")) if ($#_!=4); VRRa(0xe7c1,@_); } sub vcdlgb { vcdlg(@_[0..1],3,@_[2..3]); } sub wcdlgb { vcdlg(@_[0..1],3,0x8|$_[2],$_[3]); } sub vcgd { confess(err("ARGNUM")) if ($#_!=4); VRRa(0xe7c2,@_); } sub vcgdb { vcgd(@_[0..1],3,@_[2..3]); } sub wcgdb { vcgd(@_[0..1],3,0x8|$_[2],$_[3]); } sub vclgd { confess(err("ARGNUM")) if ($#_!=4); VRRa(0xe7c0,@_); } sub vclgdb { vclgd(@_[0..1],3,@_[2..3]); } sub wclgdb { vclgd(@_[0..1],3,0x8|$_[2],$_[3]); } sub vfd { confess(err("ARGNUM")) if ($#_!=4); VRRc(0xe7e5,@_); } sub vfddb { vfd(@_,3,0); } sub wfddb { vfd(@_,3,8); } sub vfi { confess(err("ARGNUM")) if ($#_!=4); VRRa(0xe7c7,@_); } sub vfidb { vfi(@_[0..1],3,@_[2..3]); } sub wfidb { vfi(@_[0..1],3,0x8|$_[2],$_[3]); } sub vlde { # deprecated, use vfll confess(err("ARGNUM")) if ($#_!=3); VRRa(0xe7c4,@_); } sub vldeb { # deprecated, use vflls vlde(@_,2,0); } sub wldeb { # deprecated, use wflls vlde(@_,2,8); } sub vled { # deprecated, use vflr confess(err("ARGNUM")) if ($#_!=4); VRRa(0xe7c5,@_); } sub vledb { # deprecated, use vflrd vled(@_[0..1],3,@_[2..3]); } sub wledb { # deprecated, use wflrd vled(@_[0..1],3,0x8|$_[2],$_[3]); } sub vfm { confess(err("ARGNUM")) if ($#_!=4); VRRc(0xe7e7,@_); } sub vfmdb { vfm(@_,3,0); } sub wfmdb { vfm(@_,3,8); } sub vfma { confess(err("ARGNUM")) if ($#_!=5); VRRe(0xe78f,@_); } sub vfmadb { vfma(@_,0,3); } sub wfmadb { vfma(@_,8,3); } sub vfms { confess(err("ARGNUM")) if ($#_!=5); VRRe(0xe78e,@_); } sub vfmsdb { vfms(@_,0,3); } sub wfmsdb { vfms(@_,8,3); } sub vfpso { confess(err("ARGNUM")) if ($#_!=4); VRRa(0xe7cc,@_); } sub vfpsodb { vfpso(@_[0..1],3,0,$_[2]); } sub wfpsodb { vfpso(@_[0..1],3,8,$_[2]); } sub vflcdb { vfpso(@_,3,0,0); } sub wflcdb { vfpso(@_,3,8,0); } sub vflndb { vfpso(@_,3,0,1); } sub wflndb { vfpso(@_,3,8,1); } sub vflpdb { vfpso(@_,3,0,2); } sub wflpdb { vfpso(@_,3,8,2); } sub vfsq { confess(err("ARGNUM")) if ($#_!=3); VRRa(0xe7ce,@_); } sub vfsqdb { vfsq(@_,3,0); } sub wfsqdb { vfsq(@_,3,8); } sub vfs { confess(err("ARGNUM")) if ($#_!=4); VRRc(0xe7e2,@_); } sub vfsdb { vfs(@_,3,0); } sub wfsdb { vfs(@_,3,8); } sub vftci { confess(err("ARGNUM")) if ($#_!=4); VRIe(0xe74a,@_); } sub vftcidb { vftci(@_,3,0); } sub wftcidb { vftci(@_,3,8); } # VXE - Support Instructions sub vbperm { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe785,@_); } sub vllezlf { vllez(@_,6); } # VXE - Integer Instructions sub vmsl { confess(err("ARGNUM")) if ($#_!=5); VRRd(0xe7b8,@_); } sub vmslg { vmsl(@_[0..3],3,$_[4]); } sub vnx { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe76c,@_); } sub vnn { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe76e,@_); } sub voc { confess(err("ARGNUM")) if ($#_!=2); VRRc(0xe76f,@_); } sub vpopctb { vpopct(@_,0); } sub vpopcth { vpopct(@_,1); } sub vpopctf { vpopct(@_,2); } sub vpopctg { vpopct(@_,3); } # VXE - Floating-Point Instructions sub vfasb { vfa(@_,2,0); } sub wfasb { vfa(@_,2,8); } sub wfaxb { vfa(@_,4,8); } sub wfcsb { wfc(@_,2,0); } sub wfcxb { wfc(@_,4,0); } sub vfcesb { vfce(@_,2,0,0); } sub vfcesbs { vfce(@_,2,0,1); } sub wfcesb { vfce(@_,2,8,0); } sub wfcesbs { vfce(@_,2,8,1); } sub wfcexb { vfce(@_,4,8,0); } sub wfcexbs { vfce(@_,4,8,1); } sub vfchsb { vfch(@_,2,0,0); } sub vfchsbs { vfch(@_,2,0,1); } sub wfchsb { vfch(@_,2,8,0); } sub wfchsbs { vfch(@_,2,8,1); } sub wfchxb { vfch(@_,4,8,0); } sub wfchxbs { vfch(@_,4,8,1); } sub vfchesb { vfche(@_,2,0,0); } sub vfchesbs { vfche(@_,2,0,1); } sub wfchesb { vfche(@_,2,8,0); } sub wfchesbs { vfche(@_,2,8,1); } sub wfchexb { vfche(@_,4,8,0); } sub wfchexbs { vfche(@_,4,8,1); } sub vfdsb { vfd(@_,2,0); } sub wfdsb { vfd(@_,2,8); } sub wfdxb { vfd(@_,4,8); } sub vfisb { vfi(@_[0..1],2,@_[2..3]); } sub wfisb { vfi(@_[0..1],2,0x8|$_[2],$_[3]); } sub wfixb { vfi(@_[0..1],4,0x8|$_[2],$_[3]); } sub vfll { vlde(@_); } sub vflls { vfll(@_,2,0); } sub wflls { vfll(@_,2,8); } sub wflld { vfll(@_,3,8); } sub vflr { vled(@_); } sub vflrd { vflr(@_[0..1],3,@_[2..3]); } sub wflrd { vflr(@_[0..1],3,0x8|$_[2],$_[3]); } sub wflrx { vflr(@_[0..1],4,0x8|$_[2],$_[3]); } sub vfmax { confess(err("ARGNUM")) if ($#_!=5); VRRc(0xe7ef,@_); } sub vfmaxsb { vfmax(@_[0..2],2,0,$_[3]); } sub vfmaxdb { vfmax(@_[0..2],3,0,$_[3]); } sub wfmaxsb { vfmax(@_[0..2],2,8,$_[3]); } sub wfmaxdb { vfmax(@_[0..2],3,8,$_[3]); } sub wfmaxxb { vfmax(@_[0..2],4,8,$_[3]); } sub vfmin { confess(err("ARGNUM")) if ($#_!=5); VRRc(0xe7ee,@_); } sub vfminsb { vfmin(@_[0..2],2,0,$_[5]); } sub vfmindb { vfmin(@_[0..2],3,0,$_[5]); } sub wfminsb { vfmin(@_[0..2],2,8,$_[5]); } sub wfmindb { vfmin(@_[0..2],3,8,$_[5]); } sub wfminxb { vfmin(@_[0..2],4,8,$_[5]); } sub vfmsb { vfm(@_,2,0); } sub wfmsb { vfm(@_,2,8); } sub wfmxb { vfm(@_,4,8); } sub vfmasb { vfma(@_,0,2); } sub wfmasb { vfma(@_,8,2); } sub wfmaxb { vfma(@_,8,4); } sub vfmssb { vfms(@_,0,2); } sub wfmssb { vfms(@_,8,2); } sub wfmsxb { vfms(@_,8,4); } sub vfnma { confess(err("ARGNUM")) if ($#_!=5); VRRe(0xe79f,@_); } sub vfnmasb { vfnma(@_,0,2); } sub vfnmadb { vfnma(@_,0,3); } sub wfnmasb { vfnma(@_,8,2); } sub wfnmadb { vfnma(@_,8,3); } sub wfnmaxb { vfnma(@_,8,4); } sub vfnms { confess(err("ARGNUM")) if ($#_!=5); VRRe(0xe79e,@_); } sub vfnmssb { vfnms(@_,0,2); } sub vfnmsdb { vfnms(@_,0,3); } sub wfnmssb { vfnms(@_,8,2); } sub wfnmsdb { vfnms(@_,8,3); } sub wfnmsxb { vfnms(@_,8,4); } sub vfpsosb { vfpso(@_[0..1],2,0,$_[2]); } sub wfpsosb { vfpso(@_[0..1],2,8,$_[2]); } sub vflcsb { vfpso(@_,2,0,0); } sub wflcsb { vfpso(@_,2,8,0); } sub vflnsb { vfpso(@_,2,0,1); } sub wflnsb { vfpso(@_,2,8,1); } sub vflpsb { vfpso(@_,2,0,2); } sub wflpsb { vfpso(@_,2,8,2); } sub vfpsoxb { vfpso(@_[0..1],4,0,$_[2]); } sub wfpsoxb { vfpso(@_[0..1],4,8,$_[2]); } sub vflcxb { vfpso(@_,4,0,0); } sub wflcxb { vfpso(@_,4,8,0); } sub vflnxb { vfpso(@_,4,0,1); } sub wflnxb { vfpso(@_,4,8,1); } sub vflpxb { vfpso(@_,4,0,2); } sub wflpxb { vfpso(@_,4,8,2); } sub vfsqsb { vfsq(@_,2,0); } sub wfsqsb { vfsq(@_,2,8); } sub wfsqxb { vfsq(@_,4,8); } sub vfssb { vfs(@_,2,0); } sub wfssb { vfs(@_,2,8); } sub wfsxb { vfs(@_,4,8); } sub vftcisb { vftci(@_,2,0); } sub wftcisb { vftci(@_,2,8); } sub wftcixb { vftci(@_,4,8); } # VXD - Support Instructions sub vlrlr { confess(err("ARGNUM")) if ($#_!=2); VRSd(0xe637,@_); } sub vlrl { confess(err("ARGNUM")) if ($#_!=2); VSI(0xe635,@_); } sub vstrlr { confess(err("ARGNUM")) if ($#_!=2); VRSd(0xe63f,@_); } sub vstrl { confess(err("ARGNUM")) if ($#_!=2); VSI(0xe63d,@_); } sub vap { confess(err("ARGNUM")) if ($#_!=4); VRIf(0xe671,@_); } sub vcp { confess(err("ARGNUM")) if ($#_!=2); VRRh(0xe677,@_); } sub vcvb { confess(err("ARGNUM")) if ($#_!=2); VRRi(0xe650,@_); } sub vcvbg { confess(err("ARGNUM")) if ($#_!=2); VRRi(0xe652,@_); } sub vcvd { confess(err("ARGNUM")) if ($#_!=3); VRIi(0xe658,@_); } sub vcvdg { confess(err("ARGNUM")) if ($#_!=3); VRIi(0xe65a,@_); } sub vdp { confess(err("ARGNUM")) if ($#_!=4); VRIf(0xe67a,@_); } sub vlip { confess(err("ARGNUM")) if ($#_!=2); VRIh(0xe649,@_); } sub vmp { confess(err("ARGNUM")) if ($#_!=4); VRIf(0xe678,@_); } sub vmsp { confess(err("ARGNUM")) if ($#_!=4); VRIf(0xe679,@_); } sub vpkz { confess(err("ARGNUM")) if ($#_!=2); VSI(0xe634,@_); } sub vpsop { confess(err("ARGNUM")) if ($#_!=4); VRIg(0xe65b,@_); } sub vrp { confess(err("ARGNUM")) if ($#_!=4); VRIf(0xe67b,@_); } sub vsdp { confess(err("ARGNUM")) if ($#_!=4); VRIf(0xe67e,@_); } sub vsrp { confess(err("ARGNUM")) if ($#_!=4); VRIg(0xe659,@_); } sub vsp { confess(err("ARGNUM")) if ($#_!=4); VRIf(0xe673,@_); } sub vtp { confess(err("ARGNUM")) if ($#_!=0); VRRg(0xe65f,@_); } sub vupkz { confess(err("ARGNUM")) if ($#_!=2); VSI(0xe63c,@_); } # # Instruction Formats # sub RRE { confess(err("ARGNUM")) if ($#_<0||2<$#_); my ($opcode,$r1,$r2)=(shift,get_R(shift),get_R(shift)); $out.="\t.long\t".sprintf("%#010x",($opcode<<16|$r1<<4|$r2))."\n"; } sub RRFb { confess(err("ARGNUM")) if ($#_<3||4<$#_); my ($opcode,$r1,$r3,$r2,$m4)=(shift,get_R(shift),get_R(shift) ,get_R(shift),get_M(shift)); $out.="\t.long\t" .sprintf("%#010x",($opcode<<16|$r3<<12|$m4<<8|$r1<<4|$r2))."\n"; } sub S { confess(err("ARGNUM")) if ($#_<0||1<$#_); my ($opcode,$d2,$b2)=(shift,get_DB(shift)); $out.="\t.long\t".sprintf("%#010x",($opcode<<16|$b2<<12|$d2))."\n"; } sub VRIa { confess(err("ARGNUM")) if ($#_<2||3<$#_); my ($opcode,$v1,$i2,$m3)=(shift,get_V(shift),get_I(shift,16), get_M(shift)); $out.="\t.word\t".sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4))."\n"; $out.="\t.word\t".sprintf("%#06x",$i2)."\n"; $out.="\t.word\t" .sprintf("%#06x",($m3<<12|RXB($v1)<<8|$opcode&0xff))."\n"; } sub VRIb { confess(err("ARGNUM")) if ($#_!=4); my ($opcode,$v1,$i2,$i3,$m4)=(shift,get_V(shift),get_I(shift,8), ,get_I(shift,8),get_M(shift)); $out.="\t.word\t".sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4))."\n"; $out.="\t.word\t".sprintf("%#06x",($i2<<8|$i3))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB($v1)<<8|$opcode&0xff))."\n"; } sub VRIc { confess(err("ARGNUM")) if ($#_!=4); my ($opcode,$v1,$v3,$i2,$m4)=(shift,get_V(shift),get_V(shift), ,get_I(shift,16),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v3&0xf))."\n"; $out.="\t.word\t".sprintf("%#06x",$i2)."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB($v1,$v3)<<8|$opcode&0xff))."\n"; } sub VRId { confess(err("ARGNUM")) if ($#_<4||$#_>5); my ($opcode,$v1,$v2,$v3,$i4,$m5)=(shift,get_V(shift),get_V(shift), ,get_V(shift),get_I(shift,8),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf))."\n"; $out.="\t.word\t".sprintf("%#06x",(($v3&0xf)<<12|$i4))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m5<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff))."\n"; } sub VRIe { confess(err("ARGNUM")) if ($#_!=5); my ($opcode,$v1,$v2,$i3,$m4,$m5)=(shift,get_V(shift),get_V(shift), ,get_I(shift,12),get_M(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf))."\n"; $out.="\t.word\t".sprintf("%#06x",($i3<<4|$m5))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB($v1,$v2)<<8|$opcode&0xff))."\n"; } sub VRIf { confess(err("ARGNUM")) if ($#_!=5); my ($opcode,$v1,$v2,$v3,$i4,$m5)=(shift,get_V(shift),get_V(shift), ,get_V(shift),get_I(shift,8),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf))."\n"; $out.="\t.word\t".sprintf("%#06x",(($v3&0xf)<<12|$m5<<4)|$i4>>4)."\n"; $out.="\t.word\t" .sprintf("%#06x",(($i4&0xf)<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)) ."\n"; } sub VRIg { confess(err("ARGNUM")) if ($#_!=5); my ($opcode,$v1,$v2,$i3,$i4,$m5)=(shift,get_V(shift),get_V(shift), ,get_I(shift,8),get_I(shift,8),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf))."\n"; $out.="\t.word\t".sprintf("%#06x",($i4<<8|$m5<<4|$i3>>4))."\n"; $out.="\t.word\t" .sprintf("%#06x",(($i3&0xf)<<12|RXB($v1,$v2)<<8|$opcode&0xff)) ."\n"; } sub VRIh { confess(err("ARGNUM")) if ($#_!=3); my ($opcode,$v1,$i2,$i3)=(shift,get_V(shift),get_I(shift,16), get_I(shift,4)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4))."\n"; $out.="\t.word\t".sprintf("%#06x",$i2)."\n"; $out.="\t.word\t" .sprintf("%#06x",($i3<<12|RXB($v1)<<8|$opcode&0xff))."\n"; } sub VRIi { confess(err("ARGNUM")) if ($#_!=4); my ($opcode,$v1,$r2,$i3,$m4)=(shift,get_V(shift),get_R(shift), ,get_I(shift,8),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|$r2)."\n"; $out.="\t.word\t".sprintf("%#06x",($m4<<4|$i3>>4))."\n"; $out.="\t.word\t" .sprintf("%#06x",(($i3&0xf)<<12|RXB($v1)<<8|$opcode&0xff)) ."\n"; } sub VRRa { confess(err("ARGNUM")) if ($#_<2||5<$#_); my ($opcode,$v1,$v2,$m3,$m4,$m5)=(shift,get_V(shift),get_V(shift), get_M(shift),get_M(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",($m5<<4|$m4))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m3<<12|RXB($v1,$v2)<<8|$opcode&0xff))."\n"; } sub VRRb { confess(err("ARGNUM")) if ($#_<3||5<$#_); my ($opcode,$v1,$v2,$v3,$m4,$m5)=(shift,get_V(shift),get_V(shift), get_V(shift),get_M(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",(($v3&0xf)<<12|$m5<<4))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff))."\n"; } sub VRRc { confess(err("ARGNUM")) if ($#_<3||6<$#_); my ($opcode,$v1,$v2,$v3,$m4,$m5,$m6)=(shift,get_V(shift),get_V(shift), get_V(shift),get_M(shift),get_M(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",(($v3&0xf)<<12|$m6<<4|$m5))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff))."\n"; } sub VRRd { confess(err("ARGNUM")) if ($#_<4||6<$#_); my ($opcode,$v1,$v2,$v3,$v4,$m5,$m6)=(shift,get_V(shift),get_V(shift), get_V(shift),get_V(shift),get_M(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",(($v3&0xf)<<12|$m5<<8|$m6<<4))."\n"; $out.="\t.word\t" .sprintf("%#06x", (($v4&0xf)<<12|RXB($v1,$v2,$v3,$v4)<<8|$opcode&0xff))."\n"; } sub VRRe { confess(err("ARGNUM")) if ($#_<4||6<$#_); my ($opcode,$v1,$v2,$v3,$v4,$m5,$m6)=(shift,get_V(shift),get_V(shift), get_V(shift),get_V(shift),get_M(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",(($v3&0xf)<<12|$m6<<8|$m5))."\n"; $out.="\t.word\t" .sprintf("%#06x", (($v4&0xf)<<12|RXB($v1,$v2,$v3,$v4)<<8|$opcode&0xff))."\n"; } sub VRRf { confess(err("ARGNUM")) if ($#_!=3); my ($opcode,$v1,$r2,$r3)=(shift,get_V(shift),get_R(shift), get_R(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|$r2))."\n"; $out.="\t.word\t".sprintf("%#06x",($r3<<12))."\n"; $out.="\t.word\t".sprintf("%#06x",(RXB($v1)<<8|$opcode&0xff))."\n"; } sub VRRg { confess(err("ARGNUM")) if ($#_!=1); my ($opcode,$v1)=(shift,get_V(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",0x0000)."\n"; $out.="\t.word\t".sprintf("%#06x",(RXB(0,$v1)<<8|$opcode&0xff))."\n"; } sub VRRh { confess(err("ARGNUM")) if ($#_<2||$#_>3); my ($opcode,$v1,$v2,$m3)=(shift,get_V(shift),get_V(shift), get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",(($v2&0xf)<<12|$m3<<4))."\n"; $out.="\t.word\t".sprintf("%#06x",(RXB(0,$v1,$v2)<<8|$opcode&0xff)) ."\n"; } sub VRRi { confess(err("ARGNUM")) if ($#_!=3); my ($opcode,$r1,$v2,$m3)=(shift,get_R(shift),get_V(shift), get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|$r1<<4|($v2&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",($m3<<4))."\n"; $out.="\t.word\t".sprintf("%#06x",(RXB(0,$v2)<<8|$opcode&0xff))."\n"; } sub VRSa { confess(err("ARGNUM")) if ($#_<3||$#_>4); my ($opcode,$v1,$v3,$d2,$b2,$m4)=(shift,get_V(shift),get_V(shift), get_DB(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v3&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",($b2<<12|$d2))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB($v1,$v3)<<8|$opcode&0xff))."\n"; } sub VRSb { confess(err("ARGNUM")) if ($#_<3||$#_>4); my ($opcode,$v1,$r3,$d2,$b2,$m4)=(shift,get_V(shift),get_R(shift), get_DB(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|$r3))."\n"; $out.="\t.word\t".sprintf("%#06x",($b2<<12|$d2))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB($v1)<<8|$opcode&0xff))."\n"; } sub VRSc { confess(err("ARGNUM")) if ($#_!=4); my ($opcode,$r1,$v3,$d2,$b2,$m4)=(shift,get_R(shift),get_V(shift), get_DB(shift),get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|$r1<<4|($v3&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",($b2<<12|$d2))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m4<<12|RXB(0,$v3)<<8|$opcode&0xff))."\n"; } sub VRSd { confess(err("ARGNUM")) if ($#_!=3); my ($opcode,$v1,$r3,$d2,$b2)=(shift,get_V(shift),get_R(shift), get_DB(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|$r3))."\n"; $out.="\t.word\t".sprintf("%#06x",($b2<<12|$d2))."\n"; $out.="\t.word\t" .sprintf("%#06x",(($v1&0xf)<<12|RXB(0,0,0,$v1)<<8|$opcode&0xff)) ."\n"; } sub VRV { confess(err("ARGNUM")) if ($#_<2||$#_>3); my ($opcode,$v1,$d2,$v2,$b2,$m3)=(shift,get_V(shift),get_DVB(shift), get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf)))."\n"; $out.="\t.word\t".sprintf("%#06x",($b2<<12|$d2))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m3<<12|RXB($v1,$v2)<<8|$opcode&0xff))."\n"; } sub VRX { confess(err("ARGNUM")) if ($#_<2||$#_>3); my ($opcode,$v1,$d2,$x2,$b2,$m3)=(shift,get_V(shift),get_DXB(shift), get_M(shift)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($x2)))."\n"; $out.="\t.word\t".sprintf("%#06x",($b2<<12|$d2))."\n"; $out.="\t.word\t" .sprintf("%#06x",($m3<<12|RXB($v1)<<8|$opcode&0xff))."\n"; } sub VSI { confess(err("ARGNUM")) if ($#_!=3); my ($opcode,$v1,$d2,$b2,$i3)=(shift,get_V(shift),get_DB(shift), get_I(shift,8)); $out.="\t.word\t" .sprintf("%#06x",($opcode&0xff00|$i3))."\n"; $out.="\t.word\t".sprintf("%#06x",($b2<<12|$d2))."\n"; $out.="\t.word\t" .sprintf("%#06x",(($v1&0xf)<<12|RXB(0,0,0,$v1)<<8|$opcode&0xff)) ."\n"; } # # Internal # sub get_R { confess(err("ARGNUM")) if ($#_!=0); my $r; for (shift) { if (!defined) { $r=0; } elsif (/^$GR$/) { $r=$1; } else { confess(err("PARSE")); } } confess(err("ARGRANGE")) if ($r&~0xf); return $r; } sub get_V { confess(err("ARGNUM")) if ($#_!=0); my $v; for (shift) { if (!defined) { $v=0; } elsif (/^$VR$/) { $v=$1; } else { confess(err("PARSE")); } } confess(err("ARGRANGE")) if ($v&~0x1f); return $v; } sub get_I { confess(err("ARGNUM")) if ($#_!=1); my ($i,$bits)=(shift,shift); $i=defined($i)?(eval($i)):(0); confess(err("PARSE")) if (!defined($i)); confess(err("ARGRANGE")) if (abs($i)&~(2**$bits-1)); return $i&(2**$bits-1); } sub get_M { confess(err("ARGNUM")) if ($#_!=0); my $m=shift; $m=defined($m)?(eval($m)):(0); confess(err("PARSE")) if (!defined($m)); confess(err("ARGRANGE")) if ($m&~0xf); return $m; } sub get_DB { confess(err("ARGNUM")) if ($#_!=0); my ($d,$b); for (shift) { if (!defined) { ($d,$b)=(0,0); } elsif (/^(.+)\($GR\)$/) { ($d,$b)=(eval($1),$2); confess(err("PARSE")) if (!defined($d)); } elsif (/^(.+)$/) { ($d,$b)=(eval($1),0); confess(err("PARSE")) if (!defined($d)); } else { confess(err("PARSE")); } } confess(err("ARGRANGE")) if ($d&~0xfff||$b&~0xf); return ($d,$b); } sub get_DVB { confess(err("ARGNUM")) if ($#_!=0); my ($d,$v,$b); for (shift) { if (!defined) { ($d,$v,$b)=(0,0,0); } elsif (/^(.+)\($VR,$GR\)$/) { ($d,$v,$b)=(eval($1),$2,$3); confess(err("PARSE")) if (!defined($d)); } elsif (/^(.+)\($GR\)$/) { ($d,$v,$b)=(eval($1),0,$2); confess(err("PARSE")) if (!defined($d)); } elsif (/^(.+)$/) { ($d,$v,$b)=(eval($1),0,0); confess(err("PARSE")) if (!defined($d)); } else { confess(err("PARSE")); } } confess(err("ARGRANGE")) if ($d&~0xfff||$v&~0x1f||$b&~0xf); return ($d,$v,$b); } sub get_DXB { confess(err("ARGNUM")) if ($#_!=0); my ($d,$x,$b); for (shift) { if (!defined) { ($d,$x,$b)=(0,0,0); } elsif (/^(.+)\($GR,$GR\)$/) { ($d,$x,$b)=(eval($1),$2,$3); confess(err("PARSE")) if (!defined($d)); } elsif (/^(.+)\($GR\)$/) { ($d,$x,$b)=(eval($1),0,$2); confess(err("PARSE")) if (!defined($d)); } elsif (/^(.+)$/) { ($d,$x,$b)=(eval($1),0,0); confess(err("PARSE")) if (!defined($d)); } else { confess(err("PARSE")); } } confess(err("ARGRANGE")) if ($d&~0xfff||$x&~0xf||$b&~0xf); return ($d,$x,$b); } sub RXB { confess(err("ARGNUM")) if ($#_<0||3<$#_); my $rxb=0; $rxb|=0x08 if (defined($_[0])&&($_[0]&0x10)); $rxb|=0x04 if (defined($_[1])&&($_[1]&0x10)); $rxb|=0x02 if (defined($_[2])&&($_[2]&0x10)); $rxb|=0x01 if (defined($_[3])&&($_[3]&0x10)); return $rxb; } sub err { my %ERR = ( ARGNUM => 'Wrong number of arguments', ARGRANGE=> 'Argument out of range', PARSE => 'Parse error', ); confess($ERR{ARGNUM}) if ($#_!=0); return $ERR{$_[0]}; } 1; libica-4.0.1/src/rng.c000066400000000000000000000027271417716165400145040ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Copyright IBM Corp. 2018 */ #include #include #include #include "ica_api.h" #include "rng.h" #include "s390_crypto.h" static ica_drbg_t *rng_sh = ICA_DRBG_NEW_STATE_HANDLE; /* * rng dev list. The first string (element 0) has the highest priority. */ static const char *const RNGDEV[] = {"/dev/prandom", "/dev/hwrng", "/dev/urandom", NULL}; void rng_init(void) { if (!sha512_switch && !sha512_drng_switch) return; /* * Dont need to check return code here: rng_sh is NULL in * case of failure. */ ica_drbg_instantiate(&rng_sh, 256, false, ICA_DRBG_SHA512, (unsigned char *)"INTERNAL INSTANCE", sizeof("INTERNAL INSTANCE")); } void rng_gen(unsigned char *buf, size_t buflen) { const char *rngdev; FILE *rng_fh; int rc; if (rng_sh != NULL) { rc = ica_drbg_generate(rng_sh, 256, false, NULL, 0, buf, buflen); if (!rc) return; } for (rngdev = RNGDEV[0]; rngdev != NULL; rngdev++) { rng_fh = fopen(rngdev, "r"); if (rng_fh) { rc = fread(buf, buflen, 1, rng_fh); fclose(rng_fh); if (rc == 1) return; } } syslog(LOG_ERR, "Libica internal RNG error.."); fprintf(stderr, "Libica internal RNG error."); exit(1); } void rng_fini(void) { if (rng_sh != NULL) ica_drbg_uninstantiate(&rng_sh); } libica-4.0.1/src/s390_crypto.c000066400000000000000000000547361417716165400160230ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* * Entry point for crypto graphic instructions on s390. If an instruction * is not available, the related function is simulated in software. * * Authors(s): Ralph Wuerthner * Jan Glauber * Felix Beck * Christian Maaser * Holger Dengler * Ingo Tuchscherer * * Copyright IBM Copr. 2007, 2009, 2011, 2013, 2016 */ #include #include #include #include #include #include #include #include "fips.h" #include "init.h" #include "s390_crypto.h" unsigned long long facility_bits[3]; unsigned int sha1_switch, sha256_switch, sha512_switch, sha3_switch, des_switch, tdes_switch, aes128_switch, aes192_switch, aes256_switch, prng_switch, tdea128_switch, tdea192_switch, sha512_drng_switch, msa4_switch, msa5_switch, msa8_switch, trng_switch, msa9_switch, ecc_via_online_card, any_card_online; #define CARD_AVAILABLE 0x01 #define CEXnA_AVAILABLE 0x02 #define CEXnC_AVAILABLE 0x04 #define CEX4C_AVAILABLE 0x08 s390_supported_function_t s390_kimd_functions[] = { {SHA_1, S390_CRYPTO_SHA_1, &sha1_switch}, {SHA_224, S390_CRYPTO_SHA_256, &sha256_switch}, {SHA_256, S390_CRYPTO_SHA_256, &sha256_switch}, {SHA_384, S390_CRYPTO_SHA_512, &sha512_switch}, {SHA_512, S390_CRYPTO_SHA_512, &sha512_switch}, {SHA_3_224, S390_CRYPTO_SHA_3_224, &sha3_switch}, {SHA_3_256, S390_CRYPTO_SHA_3_256, &sha3_switch}, {SHA_3_384, S390_CRYPTO_SHA_3_384, &sha3_switch}, {SHA_3_512, S390_CRYPTO_SHA_3_512, &sha3_switch}, {SHAKE_128, S390_CRYPTO_SHAKE_128, &sha3_switch}, {SHAKE_256, S390_CRYPTO_SHAKE_256, &sha3_switch}, {GHASH, S390_CRYPTO_GHASH, &msa4_switch}, {SHA_512_224, S390_CRYPTO_SHA_512, &sha512_switch}, {SHA_512_256, S390_CRYPTO_SHA_512, &sha512_switch} }; s390_supported_function_t s390_kmc_functions[] = { {DEA_ENCRYPT, S390_CRYPTO_DEA_ENCRYPT, &des_switch}, {DEA_DECRYPT, S390_CRYPTO_DEA_DECRYPT, &des_switch}, {TDEA_192_ENCRYPT, S390_CRYPTO_TDEA_192_ENCRYPT, &tdes_switch}, {TDEA_192_DECRYPT, S390_CRYPTO_TDEA_192_DECRYPT, &tdes_switch}, {AES_128_ENCRYPT, S390_CRYPTO_AES_128_ENCRYPT, &aes128_switch}, {AES_128_DECRYPT, S390_CRYPTO_AES_128_DECRYPT, &aes128_switch}, {AES_192_ENCRYPT, S390_CRYPTO_AES_192_ENCRYPT, &aes192_switch}, {AES_192_DECRYPT, S390_CRYPTO_AES_192_DECRYPT, &aes192_switch}, {AES_256_ENCRYPT, S390_CRYPTO_AES_256_ENCRYPT, &aes256_switch}, {AES_256_DECRYPT, S390_CRYPTO_AES_256_DECRYPT, &aes256_switch}, {AES_128_XTS_ENCRYPT, S390_CRYPTO_AES_128_XTS_ENCRYPT, &msa4_switch}, {AES_128_XTS_DECRYPT, S390_CRYPTO_AES_128_XTS_DECRYPT, &msa4_switch}, {AES_256_XTS_ENCRYPT, S390_CRYPTO_AES_256_XTS_ENCRYPT, &msa4_switch}, {AES_256_XTS_DECRYPT, S390_CRYPTO_AES_256_XTS_DECRYPT, &msa4_switch}, {PRNG, S390_CRYPTO_PRNG, &prng_switch} }; s390_supported_function_t s390_msa4_functions[] = { {DEA_ENCRYPT, S390_CRYPTO_DEA_ENCRYPT, &msa4_switch}, {DEA_DECRYPT, S390_CRYPTO_DEA_DECRYPT, &msa4_switch}, {TDEA_192_ENCRYPT, S390_CRYPTO_TDEA_192_ENCRYPT, &msa4_switch}, {TDEA_192_DECRYPT, S390_CRYPTO_TDEA_192_DECRYPT, &msa4_switch}, {AES_128_ENCRYPT, S390_CRYPTO_AES_128_ENCRYPT, &msa4_switch}, {AES_128_DECRYPT, S390_CRYPTO_AES_128_DECRYPT, &msa4_switch}, {AES_192_ENCRYPT, S390_CRYPTO_AES_192_ENCRYPT, &msa4_switch}, {AES_192_DECRYPT, S390_CRYPTO_AES_192_DECRYPT, &msa4_switch}, {AES_256_ENCRYPT, S390_CRYPTO_AES_256_ENCRYPT, &msa4_switch}, {AES_256_DECRYPT, S390_CRYPTO_AES_256_DECRYPT, &msa4_switch}, {AES_128_XTS_ENCRYPT, S390_CRYPTO_AES_128_XTS_ENCRYPT, &msa4_switch}, {AES_128_XTS_DECRYPT, S390_CRYPTO_AES_128_XTS_DECRYPT, &msa4_switch}, {AES_256_XTS_ENCRYPT, S390_CRYPTO_AES_256_XTS_ENCRYPT, &msa4_switch}, {AES_256_XTS_DECRYPT, S390_CRYPTO_AES_256_XTS_DECRYPT, &msa4_switch} }; s390_supported_function_t s390_pcc_functions[] = { {0, 0, &msa4_switch}, /* CMAC_AES not supported */ {0, 0, &msa4_switch}, {0, 0, &msa4_switch}, {0, 0, &msa4_switch}, {0, 0, &msa4_switch}, {0, 0, &msa4_switch}, {SCALAR_MULTIPLY_P256, S390_CRYPTO_SCALAR_MULTIPLY_P256, &msa9_switch}, {SCALAR_MULTIPLY_P384, S390_CRYPTO_SCALAR_MULTIPLY_P384, &msa9_switch}, {SCALAR_MULTIPLY_P521, S390_CRYPTO_SCALAR_MULTIPLY_P521, &msa9_switch}, {SCALAR_MULTIPLY_ED25519, S390_CRYPTO_SCALAR_MULTIPLY_ED25519, &msa9_switch}, {SCALAR_MULTIPLY_ED448, S390_CRYPTO_SCALAR_MULTIPLY_ED448, &msa9_switch}, {SCALAR_MULTIPLY_X25519, S390_CRYPTO_SCALAR_MULTIPLY_X25519, &msa9_switch}, {SCALAR_MULTIPLY_X448, S390_CRYPTO_SCALAR_MULTIPLY_X448, &msa9_switch}, }; s390_supported_function_t s390_ppno_functions[] = { {SHA512_DRNG_GEN, S390_CRYPTO_SHA512_DRNG_GEN, &sha512_drng_switch}, {SHA512_DRNG_SEED, S390_CRYPTO_SHA512_DRNG_SEED, &sha512_drng_switch}, {TRNG, S390_CRYPTO_TRNG, &trng_switch}, }; s390_supported_function_t s390_kma_functions[] = { {0, 0, &msa8_switch}, /* DEA not supported */ {0, 0, &msa8_switch}, {0, 0, &msa8_switch}, /* TDEA not supported */ {0, 0, &msa8_switch}, {AES_128_GCM_ENCRYPT, S390_CRYPTO_AES_128_GCM_ENCRYPT, &msa8_switch}, {AES_128_GCM_DECRYPT, S390_CRYPTO_AES_128_GCM_DECRYPT, &msa8_switch}, {AES_192_GCM_ENCRYPT, S390_CRYPTO_AES_192_GCM_ENCRYPT, &msa8_switch}, {AES_192_GCM_DECRYPT, S390_CRYPTO_AES_192_GCM_DECRYPT, &msa8_switch}, {AES_256_GCM_ENCRYPT, S390_CRYPTO_AES_256_GCM_ENCRYPT, &msa8_switch}, {AES_256_GCM_DECRYPT, S390_CRYPTO_AES_256_GCM_DECRYPT, &msa8_switch} }; s390_supported_function_t s390_kdsa_functions[] = { {ECDSA_VERIFY_P256, S390_CRYPTO_ECDSA_VERIFY_P256, &msa9_switch}, {ECDSA_VERIFY_P384, S390_CRYPTO_ECDSA_VERIFY_P384, &msa9_switch}, {ECDSA_VERIFY_P521, S390_CRYPTO_ECDSA_VERIFY_P521, &msa9_switch}, {ECDSA_SIGN_P256, S390_CRYPTO_ECDSA_SIGN_P256, &msa9_switch}, {ECDSA_SIGN_P384, S390_CRYPTO_ECDSA_SIGN_P384, &msa9_switch}, {ECDSA_SIGN_P521, S390_CRYPTO_ECDSA_SIGN_P521, &msa9_switch}, {EDDSA_VERIFY_ED25519, S390_CRYPTO_EDDSA_VERIFY_ED25519, &msa9_switch}, {EDDSA_VERIFY_ED448, S390_CRYPTO_EDDSA_VERIFY_ED448, &msa9_switch}, {EDDSA_SIGN_ED25519, S390_CRYPTO_EDDSA_SIGN_ED25519, &msa9_switch}, {EDDSA_SIGN_ED448, S390_CRYPTO_EDDSA_SIGN_ED448, &msa9_switch}, }; static int read_cpuinfo(void) { int msa = 0; FILE *handle = fopen("/proc/cpuinfo", "r"); if (handle) { char buffer[80]; int i = 0; while(fgets(buffer, sizeof(buffer), handle)) { i++; if(strstr(buffer,"features") && strstr(buffer,"msa")) { msa = 1; break; } } fclose(handle); } return msa; } /* * Check if "vector enablement control"-bit and * "AFP register control"-bit in control register 0 are set. */ static int vx_enabled(void) { FILE *fd; char buf[4096]; if ((fd = fopen("/proc/cpuinfo", "r")) == NULL) return 0; buf[0] = '\0'; while ((fgets(buf, sizeof(buf), fd) != NULL) && (strstr(buf, "features") != buf)); fclose(fd); return (strstr(buf, " vx ") != NULL) ? 1 : 0; } static int read_facility_bits(void) { char *s; int env_msa; int msa = 0; struct sigaction oldact; sigset_t oldset; int rc = -1; memset(&oldact, 0, sizeof(oldact)); memset(&oldset, 0, sizeof(oldset)); memset(facility_bits, 0, sizeof(facility_bits)); rc = begin_sigill_section(&oldact, &oldset); if (!rc) rc = __stfle(facility_bits, 3); end_sigill_section(&oldact, &oldset); /* __stfle always returns the no. of double words needed to store the * facility bits. This quantity is machine dependent. With MSA8, we * need the first three double words. */ if(rc >= 2){ if(facility_bits[0] & (1ULL << (63 - 17))) msa = 1; if(facility_bits[1] & (1ULL << (127 - 76))) msa = 3; if(facility_bits[1] & (1ULL << (127 - 77))) msa = 4; if(facility_bits[0] & (1ULL << (63 - 57))) msa = 5; if (facility_bits[2] & (1ULL << (191 - 146))) msa = 8; if (facility_bits[2] & (1ULL << (191 - 155))) msa = 9; } /** * allow specifying the MSA level via environment variable * to simulate older hardware. */ s = getenv("MSA"); if (s) { if (sscanf(s, "%d", &env_msa) == 1) msa = env_msa > msa ? msa : env_msa; } /* protect against disabled vector facility */ if (!vx_enabled()) { facility_bits[2] &= ~(1ULL << 56 | 1ULL << 57 | 1ULL << 62); } return msa; } static void set_switches(int msa) { unsigned char mask[16]; unsigned int n; struct sigaction oldact; sigset_t oldset; memset(&oldact, 0, sizeof(oldact)); memset(&oldset, 0, sizeof(oldset)); /* kmc query */ memset(mask, 0, sizeof(mask)); if (msa) { if (begin_sigill_section(&oldact, &oldset) == 0) s390_kmc(S390_CRYPTO_QUERY, mask, (void *) 0, (void *) 0, 0); end_sigill_section(&oldact, &oldset); } for (n = 0; n < (sizeof(s390_kmc_functions) / sizeof(s390_supported_function_t)); n++) if (S390_CRYPTO_TEST_MASK(mask, s390_kmc_functions[n].hw_fc)) *s390_kmc_functions[n].enabled = 1; /* kimd query */ memset(mask, 0, sizeof(mask)); if (msa) { if (begin_sigill_section(&oldact, &oldset) == 0) s390_kimd(S390_CRYPTO_QUERY, mask, (void *) 0, 0); end_sigill_section(&oldact, &oldset); } for (n = 0; n < (sizeof(s390_kimd_functions) / sizeof(s390_supported_function_t)); n++) if (S390_CRYPTO_TEST_MASK(mask, s390_kimd_functions[n].hw_fc)) *s390_kimd_functions[n].enabled = 1; /* pcc query */ memset(mask, 0, sizeof(mask)); if (4 <= msa) { msa4_switch = 1; if (begin_sigill_section(&oldact, &oldset) == 0) s390_pcc(S390_CRYPTO_QUERY, mask); end_sigill_section(&oldact, &oldset); } for (n = 0; n < (sizeof(s390_pcc_functions) / sizeof(s390_supported_function_t)); n++) if (S390_CRYPTO_TEST_MASK(mask, s390_pcc_functions[n].hw_fc)) *s390_pcc_functions[n].enabled = 1; /* ppno query */ memset(mask, 0, sizeof(mask)); if (5 <= msa) { msa5_switch = 1; if (begin_sigill_section(&oldact, &oldset) == 0) s390_ppno(S390_CRYPTO_QUERY, mask, NULL, 0, NULL, 0); end_sigill_section(&oldact, &oldset); } for (n = 0; n < (sizeof(s390_ppno_functions) / sizeof(s390_supported_function_t)); n++) if (S390_CRYPTO_TEST_MASK(mask, s390_ppno_functions[n].hw_fc)) *s390_ppno_functions[n].enabled = 1; /* kma query */ memset(mask, 0, sizeof(mask)); if (8 <= msa) { msa8_switch = 1; if (begin_sigill_section(&oldact, &oldset) == 0) s390_kma(S390_CRYPTO_QUERY, mask, NULL, NULL, 0, NULL, 0); end_sigill_section(&oldact, &oldset); } for (n = 0; n < (sizeof(s390_kma_functions) / sizeof(s390_supported_function_t)); n++) if (S390_CRYPTO_TEST_MASK(mask, s390_kma_functions[n].hw_fc)) *s390_kma_functions[n].enabled = 1; /* kdsa query */ memset(mask, 0, sizeof(mask)); if (9 <= msa) { msa9_switch = 1; if (begin_sigill_section(&oldact, &oldset) == 0) s390_kdsa(S390_CRYPTO_QUERY, mask, NULL, 0); end_sigill_section(&oldact, &oldset); } for (n = 0; n < (sizeof(s390_kdsa_functions) / sizeof(s390_supported_function_t)); n++) if (S390_CRYPTO_TEST_MASK(mask, s390_kdsa_functions[n].hw_fc)) *s390_kdsa_functions[n].enabled = 1; } unsigned int is_device_online(const char *dev) { unsigned int ret = 0; FILE *file; char c; if ((file = fopen(dev, "r")) == NULL) return 0; /* Check if device online: 0 = offline, 1 = online */ if ((c = fgetc(file)) == '1') ret = 1; fclose(file); return ret; } unsigned int get_device_type(const char *dev, char *devtype) { unsigned int ret = 0; char *type = NULL; size_t size = 0; FILE *file; file = fopen(dev, "r"); if (file == NULL) return 0; /* Read device type: e.g. 'CEX5C' */ if (getline(&type, &size, file) == -1) goto end; /* Did we get something like 'CEX5C\n'? */ if (strlen(type) != 6 || strncmp(type, "CEX", 3) != 0) goto end; memcpy(devtype, type, 5); ret = 1; end: free(type); fclose(file); return ret; } #define AP_PATH "/sys/devices/ap" #define MAX_DEV_LEN 280 unsigned int search_for_cards() { DIR *sysDir; unsigned int ret = 0; char dev[MAX_DEV_LEN] = AP_PATH; struct dirent *direntp; char type[6]; if ((sysDir = opendir(dev)) == NULL) return 0; while ((direntp = readdir(sysDir)) != NULL) { /* Skip entries that are not like "card01", "card02", etc. */ if (strncmp(direntp->d_name, "card", 4) != 0) continue; /* Check if device online */ snprintf(dev, MAX_DEV_LEN, "%s/%s/online", AP_PATH, direntp->d_name); if (!is_device_online(dev)) continue; /* Get device type (string like "CEXnT") */ snprintf(dev, MAX_DEV_LEN, "%s/%s/type", AP_PATH, direntp->d_name); memset(type, 0, sizeof(type)); if (!get_device_type(dev, type)) continue; /* Now setup return value according to found card */ if (type[4] == 'A') ret |= CARD_AVAILABLE | CEXnA_AVAILABLE; if (type[4] == 'C') ret |= CARD_AVAILABLE | CEXnC_AVAILABLE; if (type[3] >= '4' && type[4] == 'C') ret |= CARD_AVAILABLE | CEX4C_AVAILABLE; } closedir(sysDir); return ret; } void s390_crypto_switches_init(void) { int msa, flags; msa = read_facility_bits(); if (!msa) msa = read_cpuinfo(); flags = search_for_cards(); if (flags & CARD_AVAILABLE) any_card_online = 1; if (flags & CEX4C_AVAILABLE) ecc_via_online_card = 1; set_switches(msa); } /* * The first field represents the mechanism ID. * The second field represents the function family type (category), * The third field represents the function code. * This function code will be used later to check if HW support * is available and modifies the SW/HW-support-flag. * SHW - static hardware support (CPACF) * DHW - dynamic hardware support (crypto adapter) * SW - software support * Bit field flags: [0|0|0|0|0|SHW|DHW|SW] * The last field represents the property flags indicating key lengths */ libica_func_list_element_int icaList[] = { {SHA1, KIMD, SHA_1 , 0, 0}, {SHA224, KIMD, SHA_256, 0, 0}, {SHA256, KIMD, SHA_256, 0, 0}, {SHA384, KIMD, SHA_512, 0, 0}, {SHA512, KIMD, SHA_512, 0, 0}, {SHA512_224, KIMD, SHA_512_224, 0, 0}, {SHA512_256, KIMD, SHA_512_256, 0, 0}, {SHA3_224, KIMD, SHA_3_224, 0, 0}, {SHA3_256, KIMD, SHA_3_256, 0, 0}, {SHA3_384, KIMD, SHA_3_384, 0, 0}, {SHA3_512, KIMD, SHA_3_512, 0, 0}, {SHAKE128, KIMD, SHAKE_128, 0, 0}, {SHAKE256, KIMD, SHAKE_256, 0, 0}, {G_HASH, KIMD, GHASH, 0, 0}, {DES_ECB, KMC, DEA_ENCRYPT, ICA_FLAG_SW, 0}, {DES_CBC, KMC, DEA_ENCRYPT, ICA_FLAG_SW, 0}, {DES_OFB, MSA4, DEA_ENCRYPT, 0, 0}, {DES_CFB, MSA4, DEA_ENCRYPT, 0, 0}, {DES_CTR, MSA4, DEA_ENCRYPT, 0, 0}, {DES_CMAC, MSA4, DEA_ENCRYPT, 0, 0}, // CPACF only (MSA4) {DES3_ECB, KMC, TDEA_192_ENCRYPT, ICA_FLAG_SW, 0}, {DES3_CBC, KMC, TDEA_192_ENCRYPT, ICA_FLAG_SW, 0}, {DES3_OFB, MSA4, TDEA_192_ENCRYPT, 0, 0}, {DES3_CFB, MSA4, TDEA_192_ENCRYPT, 0, 0}, {DES3_CTR, MSA4, TDEA_192_ENCRYPT, 0, 0}, {DES3_CMAC, MSA4, TDEA_192_ENCRYPT, 0, 0}, {AES_ECB, KMC, AES_128_ENCRYPT, ICA_FLAG_SW, 0}, {AES_CBC, KMC, AES_128_ENCRYPT, ICA_FLAG_SW, 0}, {AES_OFB, MSA4, AES_128_ENCRYPT, 0, 0}, {AES_CFB, MSA4, AES_128_ENCRYPT, 0, 0}, {AES_CTR, MSA4, AES_128_ENCRYPT, 0, 0}, {AES_CMAC, MSA4, AES_128_ENCRYPT, 0, 0}, {AES_CCM, MSA4, AES_128_ENCRYPT, 0, 0}, {AES_GCM, MSA4, AES_128_ENCRYPT, 0, 0}, {AES_GCM_KMA, MSA8, AES_128_GCM_ENCRYPT, 0, 0}, {AES_XTS, MSA4, AES_128_XTS_ENCRYPT, 0, 0}, {P_RNG, ADAPTER, 0, ICA_FLAG_SHW | ICA_FLAG_SW, 0}, // SHW (CPACF) + SW {EC_DH, ADAPTER, 0, ICA_FLAG_SW, 0}, {EC_DSA_SIGN, ADAPTER, 0, ICA_FLAG_SW, 0}, {EC_DSA_VERIFY, ADAPTER, 0, ICA_FLAG_SW, 0}, {EC_KGEN, ADAPTER, 0, ICA_FLAG_SW, 0}, {ED25519_KEYGEN, MSA9, SCALAR_MULTIPLY_ED25519, 0, 0}, {ED25519_SIGN, MSA9, EDDSA_SIGN_ED25519, 0, 0}, {ED25519_VERIFY, MSA9, EDDSA_VERIFY_ED25519, 0, 0}, {ED448_KEYGEN, MSA9, SCALAR_MULTIPLY_ED448, 0, 0}, {ED448_SIGN, MSA9, EDDSA_SIGN_ED448, 0, 0}, {ED448_VERIFY, MSA9, EDDSA_VERIFY_ED448, 0, 0}, {X25519_KEYGEN, MSA9, SCALAR_MULTIPLY_X25519, 0, 0}, {X25519_DERIVE, MSA9, SCALAR_MULTIPLY_X25519, 0, 0}, {X448_KEYGEN, MSA9, SCALAR_MULTIPLY_X448, 0, 0}, {X448_DERIVE, MSA9, SCALAR_MULTIPLY_X448, 0, 0}, {RSA_ME, ADAPTER, 0, ICA_FLAG_SW, 0}, {RSA_CRT, ADAPTER, 0, ICA_FLAG_SW, 0}, {RSA_KEY_GEN_ME, ADAPTER, 0, ICA_FLAG_SW, 0}, // SW (openssl) {RSA_KEY_GEN_CRT, ADAPTER, 0, ICA_FLAG_SW, 0}, // SW (openssl) {SHA512_DRNG, PPNO, SHA512_DRNG_GEN, ICA_FLAG_SW, 0}, }; /* * initializes the libica function list * Query s390_xxx_functions for each algorithm to check * CPACF support and update the corresponding SHW-flags. */ int s390_initialize_functionlist() { unsigned int list_len = sizeof(icaList)/sizeof(libica_func_list_element_int); unsigned int x; for (x = 0; x < list_len; x++) { libica_func_list_element_int *e = &icaList[x]; switch ((int) e->type) { case KIMD: e->flags |= *s390_kimd_functions[e->id].enabled ? ICA_FLAG_SHW : 0; break; case KMC: e->flags |= *s390_kmc_functions[e->id].enabled ? ICA_FLAG_SHW : 0; if (e->id == AES_128_ENCRYPT) { // check for the maximum size if (*s390_kmc_functions[icaList[AES_256_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_256; if (*s390_kmc_functions[icaList[AES_192_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_192; if (*s390_kmc_functions[icaList[AES_128_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_128; } break; case MSA4: e->flags |= *s390_msa4_functions[e->id].enabled ? ICA_FLAG_SHW : 0; if (e->id == AES_128_ENCRYPT) { // check for the maximum size if (*s390_msa4_functions[icaList[AES_256_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_256; if (*s390_msa4_functions[icaList[AES_192_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_192; if (*s390_msa4_functions[icaList[AES_128_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_128; } else if (e->id == AES_128_XTS_ENCRYPT) { // check for the maximum size if (*s390_msa4_functions[icaList[AES_256_XTS_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_256; if (*s390_msa4_functions[icaList[AES_128_XTS_ENCRYPT].id].enabled) e->property |= ICA_PROPERTY_AES_128; } break; case PPNO: e->flags |= *s390_ppno_functions[e->id].enabled ? ICA_FLAG_SHW : 0; break; case MSA8: e->flags |= *s390_kma_functions[e->id].enabled ? ICA_FLAG_SHW : 0; break; case MSA9: if (e->mech_mode_id == ED25519_KEYGEN || e->mech_mode_id == ED448_KEYGEN || e->mech_mode_id == X25519_KEYGEN || e->mech_mode_id == X25519_DERIVE || e->mech_mode_id == X448_KEYGEN || e->mech_mode_id == X448_DERIVE) e->flags |= *s390_pcc_functions[e->id].enabled ? ICA_FLAG_SHW : 0; else e->flags |= *s390_kdsa_functions[e->id].enabled ? ICA_FLAG_SHW : 0; e->property |= ICA_PROPERTY_EC_ED; break; default: /* Do nothing. */ break; } switch ((int) e->mech_mode_id) { case EC_DH: /* fall-through */ case EC_DSA_SIGN: /* fall-through */ case EC_DSA_VERIFY: /* fall-through */ case EC_KGEN: if (ecc_via_online_card) { e->flags |= ICA_FLAG_DHW; e->property |= ICA_PROPERTY_EC_BP | ICA_PROPERTY_EC_NIST; } e->flags |= *s390_kdsa_functions[e->id].enabled ? ICA_FLAG_SHW : 0; break; case RSA_ME: /* fall-through */ case RSA_CRT: if (any_card_online) { e->flags |= ICA_FLAG_DHW; e->property |= ICA_PROPERTY_RSA_ALL; } break; case RSA_KEY_GEN_ME: /* fall-through */ case RSA_KEY_GEN_CRT: #if defined(ICA_FIPS) && OPENSSL_VERSION_PREREQ(3, 0) if (fips & ICA_FIPS_MODE) e->property |= ICA_PROPERTY_RSA_FIPS; else e->property |= ICA_PROPERTY_RSA_ALL; #endif break; default: /* Do nothing. */ break; } } return 0; } /** * Function that returns a list of crypto mechanisms supported by libica. * @param pmech_list * Pointer to an array of libica_func_list_element * If NULL, the API will return the number of elements to allocate * in the @pmech_list_len parameter. * If not NULL, libica will assume @pmech_list is an array that has * @pmech_list_len elements. * On success, @pmech_list will be filled out with the supported libica * crypto mechanisms. * @param pmech_list_len * number of list entries * On input, pointer to the number of elements allocated in the * @pmech_list array. * On output, @pmech_list_len will contain the number of items copied to * the @pmech_list array, or the number of items libica would have returned * in case the @pmech_list parameter is set to NULL. * * @return * 0 on success * EINVAL if at least one invalid parameter is given * * A typical usage scenario would be that an exploiter makes a first call to * ica_get_functionlist() with @pmech_list set to NULL in order to determine * the number of elements to allocate. This is followed by a second call to * ica_get_functionlist() with a valid pointer @pmech_list to an array of * libica_func_list_element structures with @pmech_list_len elements. */ int s390_get_functionlist(libica_func_list_element *pmech_list, unsigned int *pmech_list_len) { unsigned int x; if (!pmech_list_len) { return EINVAL; } if (!pmech_list) { *pmech_list_len = sizeof(icaList)/sizeof(libica_func_list_element_int); return 0; } else if (*pmech_list_len < (sizeof(icaList)/sizeof(libica_func_list_element_int)) ) { return EINVAL; } for (x = 0; x < *pmech_list_len; x++) { pmech_list[x].mech_mode_id = icaList[x].mech_mode_id; pmech_list[x].flags = icaList[x].flags; pmech_list[x].property = icaList[x].property; #ifdef ICA_FIPS /* Disable the algorithm in the following cases: * - We are running in FIPS mode and the algorithm is not FIPS * approved. * - We are in an error state. * */ if (((fips & ICA_FIPS_MODE) && !fips_approved(icaList[x].mech_mode_id)) || fips >> 1) { pmech_list[x].flags = 0; pmech_list[x].property = 0; } #endif /* ICA_FIPS */ #ifdef NO_CPACF pmech_list[x].flags &= ~ICA_FLAG_SHW; /* NO_CPACF also removes sw fallbacks for CPACF based functions, but not * for card-based functions and RSA keygen, which is only available in sw. */ if (pmech_list[x].flags & ICA_FLAG_SW && !(pmech_list[x].flags & ICA_FLAG_DHW) && pmech_list[x].mech_mode_id != RSA_KEY_GEN_ME && pmech_list[x].mech_mode_id != RSA_KEY_GEN_CRT) { pmech_list[x].flags &= ~ICA_FLAG_SW; } #endif /* NO_CPACF */ #ifdef NO_SW_FALLBACKS /* Set SW flag to 0 if we don't have sw fallbacks, except for RSA keygen, * because there is no hw path for RSA keygen. */ if (pmech_list[x].mech_mode_id != RSA_KEY_GEN_ME && pmech_list[x].mech_mode_id != RSA_KEY_GEN_CRT) pmech_list[x].flags &= ~ICA_FLAG_SW; #endif } return 0; } libica-4.0.1/src/s390_drbg.c000066400000000000000000000515051417716165400154100ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * DRBG conforming to NIST SP800-90A * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2015 */ #include #include #include #include #include #include #include #include "fips.h" #include "s390_crypto.h" #include "s390_drbg.h" #include "s390_sha.h" #define MAX_NO_OF_BYTES (255 * DRBG_OUT_LEN) /* limit for hash_df */ /* * Test DRBG mechanisms */ static ica_drbg_mech_t DRBG_TESTMECH1 = {.error_state = DRBG_HEALTH_TEST_FAIL}; static ica_drbg_mech_t DRBG_TESTMECH2 = {.error_state = 0}; /* * Auxiliary functions */ static int test_uninstantiate(ica_drbg_mech_t *mech); static int test_instantiate_error_handling(ica_drbg_mech_t *mech); static int test_reseed_error_handling(ica_drbg_mech_t *mech); static int test_generate_error_handling(ica_drbg_mech_t *mech); static int set_error_state(ica_drbg_mech_t *mech, int error); /* * DRBG mechanism list. Add new DRBG mechanism here: */ ica_drbg_mech_t *const DRBG_MECH_LIST[] = {&DRBG_SHA512, &DRBG_TESTMECH1, &DRBG_TESTMECH2}; const size_t DRBG_MECH_LIST_LEN = sizeof(DRBG_MECH_LIST) / sizeof(DRBG_MECH_LIST[0]); /* * DRBG SEI list. The first string (element 0) has the highest priority. */ const char *const DRBG_SEI_LIST[] = {"/dev/prandom", "/dev/hwrng", "/dev/urandom"}; const size_t DRBG_SEI_LIST_LEN = sizeof(DRBG_SEI_LIST) / sizeof(DRBG_SEI_LIST[0]); /* * DRBG mechanism functions */ int drbg_instantiate(ica_drbg_t **sh, int sec, bool pr, ica_drbg_mech_t *mech, const unsigned char *pers, size_t pers_len, bool test_mode, const unsigned char *test_nonce, size_t test_nonce_len, const unsigned char *test_entropy, size_t test_entropy_len) { void *init_ws; int status; /* 9.1 Instantiate Process */ if(!sh || *sh) return DRBG_SH_INV; status = drbg_mech_valid(mech); if(status) return status; /* step 1 */ if(sec > mech->highest_supp_sec) return DRBG_SEC_NOTSUPP; /* step 2: pr is supported. */ /* step 3 */ if(!pers) pers_len = 0; else if(pers_len <= 0) pers = NULL; if(pers_len > mech->max_pers_len) return DRBG_PERS_INV; /* step 4 */ if(sec <= DRBG_SEC_112) sec = DRBG_SEC_112; else if(sec <= DRBG_SEC_128) sec = DRBG_SEC_128; else if(sec <= DRBG_SEC_192) sec = DRBG_SEC_192; else sec = DRBG_SEC_256; /* step 5: Null step. */ const size_t entropy_len = !test_mode ? (size_t) ((sec + 7) / 8 + DRBG_ADD_ENTROPY_LEN) : test_entropy_len; const size_t nonce_len = !test_mode ? DRBG_NONCE_LEN : test_nonce_len; unsigned char entropy[entropy_len + 1]; /* +1 avoids 0-length VLA */ unsigned char nonce[nonce_len + 1]; /* step 6 */ if(!test_mode) /* use entropy from SEI */ status = drbg_get_entropy_input(pr, sec, mech->max_len, entropy, entropy_len); else{ if(test_entropy){ /* use test entropy */ memcpy(entropy, test_entropy, entropy_len); status = 0; } else{ /* test for entropy source failure */ status = drbg_get_entropy_input(pr, sec, mech->max_len, entropy, entropy_len); } } /* step 7 */ if(status){ status = DRBG_ENTROPY_SOURCE_FAIL; goto _exit_; } /* step 8 */ if(!test_mode){ /* use thread id + timestamp + counter */ status = drbg_get_nonce(nonce, nonce_len); } else{ /* use test nonce */ memcpy(nonce, test_nonce, nonce_len); } if(status){ status = DRBG_NONCE_INV; goto _exit_; } /* step 9 */ status = mech->instantiate(&init_ws, sec, pers, pers_len, entropy, entropy_len, nonce, nonce_len); if(status){ if(0 > status) set_error_state(mech, status); goto _exit_; } /* step 10 */ *sh = malloc(sizeof(ica_drbg_t)); if(!*sh){ status = DRBG_NOMEM; goto _exit_; } /* step 11 */ drbg_recursive_mutex_init(&(*sh)->lock); (*sh)->mech = mech; (*sh)->ws = init_ws; (*sh)->sec = sec; (*sh)->pr = pr; /* step 12 */ _exit_: drbg_zmem(entropy, entropy_len); drbg_zmem(nonce, nonce_len); return status; } int drbg_reseed(ica_drbg_t *sh, bool pr, const unsigned char *add, size_t add_len, bool test_mode, const unsigned char *test_entropy, size_t test_entropy_len) { int status; /* 9.2 Reseed Process */ /* step 1 */ if(!sh || !sh->ws) return DRBG_SH_INV; status = drbg_mech_valid(sh->mech); if(status) return status; /* step 2 */ if(pr && !sh->pr) return DRBG_PR_NOTSUPP; /* step 3 */ if(!add) add_len = 0; else if(add_len <= 0) add = NULL; if(add_len > sh->mech->max_add_len) return DRBG_ADD_INV; const size_t entropy_len = !test_mode ? (size_t) ((sh->sec + 7) / 8 + DRBG_ADD_ENTROPY_LEN) : test_entropy_len; unsigned char entropy[entropy_len + 1]; /* +1 avoids 0-length VLA */ /* step 4 */ if(!test_mode) /* use entropy from SEI */ status = drbg_get_entropy_input(pr, sh->sec, sh->mech->max_len, entropy, entropy_len); else{ if(test_entropy){ /* use test entropy */ memcpy(entropy, test_entropy, entropy_len); status = 0; } else{ /* test for entropy source failure */ status = drbg_get_entropy_input(pr, sh->sec, sh->mech->max_len, entropy, entropy_len); } } /* step 5 */ if(status){ status = DRBG_ENTROPY_SOURCE_FAIL; goto _exit_; } /* steps 6 and 7 */ pthread_mutex_lock(&sh->lock); status = sh->mech->reseed(sh->ws, add, add_len, entropy, entropy_len); pthread_mutex_unlock(&sh->lock); if(0 > status) set_error_state(sh->mech, status); /* step 8 */ _exit_: drbg_zmem(entropy, entropy_len); return status; /* return reseed status */ } int drbg_generate(ica_drbg_t *sh, int sec, bool pr, const unsigned char *add, size_t add_len, bool test_mode, const unsigned char *test_entropy, size_t test_entropy_len, unsigned char *prnd, size_t prnd_len) { int status; bool reseed_required; /* 9.3 Generate Process */ /* step 1 */ if(!sh || !sh->ws) return DRBG_SH_INV; status = drbg_mech_valid(sh->mech); if(status) return status; /* step 2 */ if(prnd_len > sh->mech->max_no_of_bytes_per_req) return DRBG_REQUEST_INV; /* step 3 */ if(sec > sh->sec) return DRBG_SEC_NOTSUPP; /* step 4 */ if(!add) add_len = 0; else if(add_len <= 0) add = NULL; if(add_len > sh->mech->max_add_len) return DRBG_ADD_INV; /* step 5 */ if(pr && !sh->pr) return DRBG_PR_NOTSUPP; /* step 6 */ reseed_required = false; /* step 7 */ _reseed_req_: pthread_mutex_lock(&sh->lock); if(pr || reseed_required){ /* steps 7.1 and 7.3 */ status = drbg_reseed(sh, pr, add, add_len, test_mode, test_entropy, test_entropy_len); /* step 7.2 */ if(status){ pthread_mutex_unlock(&sh->lock); return status; /* return reseed status */ } /* step 7.4 */ add = NULL; add_len = 0; /* step 7.5 */ reseed_required = false; } /* steps 8 and 10 */ status = sh->mech->generate(sh->ws, add, add_len, prnd, prnd_len); pthread_mutex_unlock(&sh->lock); /* step 9 */ if(DRBG_RESEED_REQUIRED == status){ /* step 9.1 */ reseed_required = true; /* step 9.2 */ if(sh->pr) pr = true; /* step 9.3 */ goto _reseed_req_; } else if(0 > status) set_error_state(sh->mech, status); /* step 11 */ return status; } int drbg_uninstantiate(ica_drbg_t **sh, bool test_mode) { int status; /* 9.4 Uninstantiate Process */ /* step 1 */ if(!sh || !(*sh) || !(*sh)->ws) return DRBG_SH_INV; status = drbg_mech_valid((*sh)->mech); if(status > 0) /* uninst. is possible in error state (< 0) */ return status; /* step 2 */ pthread_mutex_lock(&(*sh)->lock); status = (*sh)->mech->uninstantiate(&(*sh)->ws, test_mode); if(status){ if(0 > status) set_error_state((*sh)->mech, status); return status; /* return uninstantiate status */ } pthread_mutex_unlock(&(*sh)->lock); pthread_mutex_destroy(&(*sh)->lock); drbg_zmem(*sh, sizeof(ica_drbg_t)); if(test_mode) status = drbg_check_zmem(*sh, sizeof(ica_drbg_t)); free(*sh); *sh = NULL; /* step 3 */ return status; } int drbg_health_test(const void *func, int sec, bool pr, ica_drbg_mech_t *mech) { size_t i; int status; const int SEC[] = {DRBG_SEC_112, DRBG_SEC_128, DRBG_SEC_192, DRBG_SEC_256}; status = drbg_mech_valid(mech); if(status) return status; if(drbg_instantiate == func){ /* Test vectors. */ status = mech->health_test(drbg_instantiate, sec, pr); if(status){ if(0 > status) set_error_state(mech, status); return status; } /* Error handling test. */ status = test_instantiate_error_handling(mech); if(status) return set_error_state(mech, DRBG_HEALTH_TEST_FAIL); /* Uninstantiate test. */ status = test_uninstantiate(mech); if(status) return set_error_state(mech, DRBG_HEALTH_TEST_FAIL); return 0; } else if(drbg_reseed == func){ /* Test vectors. */ status = mech->health_test(drbg_reseed, sec, pr); if(status){ if(0 > status) return set_error_state(mech, status); return status; } /* Error handling test. */ status = test_reseed_error_handling(mech); if(status) return set_error_state(mech, status); /* Uninstantiate test. */ status = test_uninstantiate(mech); if(status) return set_error_state(mech, status); return 0; } else if(drbg_generate == func){ /* Test vectors: test all combinations sec, pr supp, pr req */ for(i = 0; i < sizeof(SEC) / sizeof(SEC[0]); i++){ if(SEC[i] > mech->highest_supp_sec) break; status = mech->health_test(drbg_generate, SEC[i], false); if(status){ if(0 > status) set_error_state(mech, status); return status; } status = mech->health_test(drbg_generate, SEC[i], true); if(status){ if(0 > status) set_error_state(mech, status); return status; } } /* Error handling test. */ status = test_generate_error_handling(mech); if(status) return set_error_state(mech, status); /* Uninstantiate test.*/ status = test_uninstantiate(mech); if(status) return set_error_state(mech, status); return 0; } else return DRBG_REQUEST_INV; } /* * Auxiliary functions */ int drbg_get_entropy_input(bool pr, int min_entropy, size_t max_len, unsigned char *entropy, size_t entropy_len) { size_t min_len; size_t priority; size_t i; FILE *fd; int status; (void)pr; /* suppress unused param warning */ /* NIST SP800-90C Get_entropy_input */ if(!entropy) return DRBG_REQUEST_INV; if(0 > min_entropy) min_entropy = 0; min_len = ((min_entropy + 7) / 8); if(min_len > max_len) return DRBG_REQUEST_INV; if(entropy_len < min_len || entropy_len > max_len) return DRBG_REQUEST_INV; if (!entropy_len) { /* simulate entropy source failure for self-test */ return DRBG_ENTROPY_SOURCE_FAIL; } memset(entropy, 0, entropy_len); for(priority = 0; priority < DRBG_SEI_LIST_LEN; priority++){ fd = fopen(DRBG_SEI_LIST[priority], "r"); if(fd){ status = fread(entropy, entropy_len, 1, fd); fclose(fd); if(status == 1) break; } } if (trng_switch) { unsigned char min[min_len]; cpacf_trng(NULL, 0, min, min_len); for (i = 0; i < min_len; i++) entropy[i] ^= min[i]; drbg_zmem(min, min_len); } else if (priority == DRBG_SEI_LIST_LEN) { /* no entropy source available */ return DRBG_ENTROPY_SOURCE_FAIL; } return 0; } int drbg_get_nonce(unsigned char *nonce, size_t nonce_len) { size_t i; static uint16_t ctr; /* The buffer for nonce must hold a 16 byte timestamp. */ if(DRBG_NONCE_LEN != nonce_len) return DRBG_NONCE_INV; /* Get timestamp from TOD clock. */ s390_stcke_hw(nonce); /* The value in the bits 72 - 111 is non-zero when the clock is * running. */ const unsigned char zero_buff[(111 - 72 + 1) / 8] = {0}; int status = !memcmp(nonce + (72 / 8), &zero_buff, (111 - 72 + 1) / 8); if(status) return DRBG_NONCE_INV; /* Get thread id. */ pthread_t thread_id = pthread_self(); /* Store bytewise XOR of the thread id in first byte. */ for(i = 0; i < sizeof(thread_id); i++) *nonce ^= *((unsigned char *)&thread_id + i); /* Store counter in the last two bytes. Since TOD clock is thread-save, * this counter is chosen not to be thread-safe. */ *((uint16_t *)(nonce + DRBG_NONCE_LEN - 2)) = ctr; ctr++; return 0; } int drbg_hash_df(const unsigned char *input, size_t input_len, unsigned char *req_bytes, size_t req_bytes_len) { uint64_t shabuff[2]; size_t i; int status; unsigned char counter; /* 10.4.1 Hash_df Process */ if(!req_bytes_len) return 0; /* no bytes requested: do nothing */ if(!req_bytes || !input) return DRBG_REQUEST_INV; if (MAX_NO_OF_BYTES < req_bytes_len) return DRBG_REQUEST_INV; const uint32_t no_of_bits_to_return = req_bytes_len * 8; /* steps 1 and 2 */ const size_t len = (req_bytes_len + DRBG_OUT_LEN - 1) / DRBG_OUT_LEN; unsigned char temp[len * DRBG_OUT_LEN]; /* step 3 */ counter = 0x01; /* step 4 */ const size_t _tmp_len = 1 + sizeof(no_of_bits_to_return) + input_len; unsigned char _tmp[_tmp_len]; memcpy(_tmp + 1, &no_of_bits_to_return, sizeof(no_of_bits_to_return)); memcpy(_tmp + 1 + sizeof(no_of_bits_to_return), input, input_len); for(i = 1; i <= len; i++){ /* step 4.1 */ _tmp[0] = counter; status = s390_sha_hw(SHA_512_DEFAULT_IV, _tmp, _tmp_len, temp + (i - 1) * DRBG_OUT_LEN, sha_constants[SHA_512].hash_length, SHA_MSG_PART_ONLY, &shabuff[0], &shabuff[1], SHA_512); if(status){ status = DRBG_HEALTH_TEST_FAIL; goto _exit_; } /* step 4.2 */ counter++; } /* step 5 */ memcpy(req_bytes, temp, req_bytes_len); /* step 6 */ _exit_: drbg_zmem(_tmp, _tmp_len); drbg_zmem(temp, len * DRBG_OUT_LEN); return status; } static int test_uninstantiate(ica_drbg_mech_t *mech) { /* Error handling test. */ int status; status = drbg_uninstantiate(NULL, false); if(DRBG_SH_INV != status) return DRBG_HEALTH_TEST_FAIL; /* Test if internal state is zeroised. */ ica_drbg_t *sh = NULL; status = drbg_instantiate(&sh, mech->highest_supp_sec, true, mech, NULL, 0, false, NULL, 0, NULL, 0); if(status) return status; status = drbg_uninstantiate(&sh, true); if(status) return status; return 0; } static int test_instantiate_error_handling(ica_drbg_mech_t *mech) { int test_no = 0, status; /* Pointer to state handle is NULL. */ test_no++; status = drbg_instantiate(NULL, 0, true, mech, NULL, 0, false, NULL, 0, NULL, 0); if(DRBG_SH_INV != status) return test_no; /* State handle is already in use. */ test_no++; ica_drbg_t *sh = NULL; ica_drbg_t test_sh = {.lock = PTHREAD_MUTEX_INITIALIZER}; drbg_recursive_mutex_init(&test_sh.lock); sh = &test_sh; test_sh.mech = mech; test_sh.ws = (void *)"ws"; status = drbg_instantiate(&sh, 0, true, mech, NULL, 0, false, NULL, 0, NULL, 0); if(DRBG_SH_INV != status) return test_no; test_sh.mech = NULL; sh = NULL; /* Mechanism is not supported. */ test_no++; ica_drbg_mech_t test_mech = {.lock = PTHREAD_RWLOCK_INITIALIZER}; status = drbg_instantiate(&sh, 0, true, &test_mech, NULL, 0, false, NULL, 0, NULL, 0); if(DRBG_MECH_INV != status) return test_no; /* Mechanism in error state. */ test_no++; status = drbg_instantiate(&sh, 0, true, &DRBG_TESTMECH1, NULL, 0, false, NULL, 0, NULL, 0); if(0 <= status) return test_no; /* Security strength is not supported. */ test_no++; status = drbg_instantiate(&sh, mech->highest_supp_sec + 1, true, mech, NULL, 0, true, NULL, 0, NULL, 0); if(DRBG_SEC_NOTSUPP != status) return test_no; /* Personalization string is too long. */ test_no++; status = drbg_instantiate(&sh, 0, true, mech, (unsigned char *)"pers", mech->max_pers_len + 1, false, NULL, 0, NULL, 0); if(DRBG_PERS_INV != status) return test_no; /* Entropy source failed. */ test_no++; status = drbg_instantiate(&sh, 0, true, mech, NULL, 0, true, NULL, 0, NULL, 0); if(DRBG_ENTROPY_SOURCE_FAIL != status) return test_no; return 0; } static int test_reseed_error_handling(ica_drbg_mech_t *mech) { int test_no = 0, status; /* Invalid state handle. */ status = drbg_reseed(NULL, true, NULL, 0, false, NULL, 0); if(DRBG_SH_INV != status) return test_no; /* Mechanism is not supported. */ test_no++; ica_drbg_mech_t test_mech = {.lock = PTHREAD_RWLOCK_INITIALIZER}; ica_drbg_t test_sh = {.lock = PTHREAD_MUTEX_INITIALIZER}; drbg_recursive_mutex_init(&test_sh.lock); test_sh.mech = &test_mech; test_sh.ws = (void *)"ws"; status = drbg_reseed(&test_sh, true, NULL, 0, false, NULL, 0); if(DRBG_MECH_INV != status) return test_no; test_sh.mech = NULL; /* Mechanism is in error state */ test_no++; test_sh.mech = &DRBG_TESTMECH1; status = drbg_reseed(&test_sh, true, NULL, 0, false, NULL, 0); if(0 <= status) return test_no; test_sh.mech = NULL; /* Prediction resistance is requested but not supported. */ test_no++; test_sh.mech = &DRBG_TESTMECH2; status = drbg_reseed(&test_sh, true, NULL, 0, false, NULL, 0); if(DRBG_PR_NOTSUPP != status) return test_no; test_sh.mech = NULL; /* Additional input is too long. */ test_no++; test_sh.mech = mech; status = drbg_reseed(&test_sh, false, (unsigned char *)"add", mech->max_add_len + 1, false, NULL, 0); if(DRBG_ADD_INV != status) return test_no; test_sh.mech = NULL; /* Entropy source failed. */ test_no++; test_sh.mech = mech; status = drbg_reseed(&test_sh, false, NULL, 0, true, NULL, 0); if(DRBG_ENTROPY_SOURCE_FAIL != status) return test_no; test_sh.mech = NULL; return 0; } static int test_generate_error_handling(ica_drbg_mech_t *mech) { const int SEC[] = {DRBG_SEC_112, DRBG_SEC_128, DRBG_SEC_192, DRBG_SEC_256}; size_t i; int test_no = 0, status; unsigned char prnd; /* Invalid state handle. */ test_no++; status = drbg_generate(NULL, mech->highest_supp_sec, false, NULL, 0, false, NULL, 0, &prnd, sizeof(prnd)); if(DRBG_SH_INV != status) return test_no; /* Mechanism is not supported. */ test_no++; ica_drbg_mech_t test_mech = {.lock = PTHREAD_RWLOCK_INITIALIZER}; ica_drbg_t test_sh = {.lock = PTHREAD_MUTEX_INITIALIZER}; drbg_recursive_mutex_init(&test_sh.lock); test_sh.mech = &test_mech; test_sh.ws = (void *)"ws"; status = drbg_generate(&test_sh, mech->highest_supp_sec, false, NULL, 0, false, NULL, 0, &prnd, sizeof(prnd)); if(DRBG_MECH_INV != status) return test_no; test_sh.mech = NULL; /* Mechanism is in error state. */ test_no++; test_sh.mech = &DRBG_TESTMECH1; status = drbg_generate(&test_sh, mech->highest_supp_sec, false, NULL, 0, false, NULL, 0, &prnd, sizeof(prnd)); if(0 <= status) return test_no; test_sh.mech = NULL; /* Too many pseudorandom bytes requested. */ test_no++; test_sh.mech = mech; status = drbg_generate(&test_sh, mech->highest_supp_sec, false, NULL, 0, false, NULL, 0, &prnd, mech->max_no_of_bytes_per_req + 1); if(DRBG_REQUEST_INV != status) return test_no; test_sh.mech = NULL; /* Requested security strength is too high. */ test_no++; test_sh.mech = mech; test_sh.sec = DRBG_SEC_112; status = drbg_generate(&test_sh, DRBG_SEC_112 + 1, false, NULL, 0, true, NULL, 0, &prnd, sizeof(prnd)); if(DRBG_SEC_NOTSUPP != status) return test_no; test_sh.mech = NULL; test_sh.sec = 0; /* Additional input is too long. */ test_no++; test_sh.mech = mech; test_sh.sec = mech->highest_supp_sec; status = drbg_generate(&test_sh, mech->highest_supp_sec, false, (unsigned char *)"add", mech->max_add_len + 1, false, NULL, 0, &prnd, sizeof(prnd)); if(DRBG_ADD_INV != status) return test_no; test_sh.mech = NULL; test_sh.sec = 0; /* Prediction resistance is requested but not supported. */ test_no++; test_sh.mech = mech; test_sh.sec = mech->highest_supp_sec; for(i = 0; i < sizeof(SEC) / sizeof(SEC[0]); i++){ if(SEC[i] > mech->highest_supp_sec) break; status = drbg_generate(&test_sh, SEC[i], true, NULL, 0, true, NULL, 0, &prnd, sizeof(prnd)); if(DRBG_PR_NOTSUPP != status) return test_no; } test_sh.mech = NULL; test_sh.sec = 0; /* Entropy source failed. */ test_no++; test_sh.mech = mech; test_sh.sec = mech->highest_supp_sec; test_sh.pr = true; status = drbg_generate(&test_sh, mech->highest_supp_sec, true, NULL, 0, true, NULL, 0, &prnd, sizeof(prnd)); if(DRBG_ENTROPY_SOURCE_FAIL != status) return test_no; test_sh.mech = NULL; test_sh.sec = 0; test_sh.pr = false; return 0; } static int set_error_state(ica_drbg_mech_t *mech, int error) { #ifdef ICA_FIPS fips |= ICA_FIPS_RNG; /* Write to syslog in FIPS-enabled built. The DRBG failure is critical * here since the old PRNG code is diasbled at compile time. */ switch (error) { case DRBG_HEALTH_TEST_FAIL: syslog(LOG_ERR, "Libica DRBG-%s test failed.", mech->id); break; case DRBG_ENTROPY_SOURCE_FAIL: syslog(LOG_ERR, "Libica DRBG-%s entropy source failed.", mech->id); break; default: break; /* unreachable */ } #endif /* ICA_FIPS */ return mech->error_state = error; } libica-4.0.1/src/s390_drbg_sha512.c000066400000000000000000000376161417716165400165020ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * DRBG conforming to NIST SP800-90A * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2015 */ #include #include #include #include #include "s390_crypto.h" #include "s390_drbg.h" #include "s390_drbg_sha512.h" #include "icastats.h" #include "s390_sha.h" #include "test_vec.h" typedef struct drbg_sha512_ws ws_t; /* typedef for readability only */ /* * Auxiliary functions */ static int generate_add(ws_t *ws, const unsigned char *add, size_t add_len); static int hashgen(const unsigned char *v, unsigned char *prnd, size_t prnd_len); static int test_instantiate(int sec, bool pr); static int test_reseed(int sec, bool pr); static int test_generate(int sec, bool pr); /* Calculate @v = (@v + @s) mod 2 ^ (8 * DRBG_SHA512_SEED_LEN). * Make sure that @s_len <= v_len = DRBG_SHA512_SEED_LEN. */ static inline void mod_add(unsigned char *v, const unsigned char *s, size_t s_len) { size_t i; uint16_t c = 0; v = v + DRBG_SHA512_SEED_LEN - 1; s = s + s_len - 1; for(i = 1; i <= s_len; i++, v--, s--) *v = (c = *v + *s + (uint8_t)(c >> 8)); for(; i <= DRBG_SHA512_SEED_LEN; i++, v--) *v = (c = *v + (uint8_t)(c >> 8)); } /* * SHA-512 DRBG mechanism */ ica_drbg_mech_t DRBG_SHA512 = { .id = "SHA-512", /* 10.1 Mechanisms Based on Hash Functions */ .highest_supp_sec = DRBG_SEC_256, /* = 256 bits */ .seed_len = DRBG_SHA512_SEED_LEN, /* = 888 bits */ .max_pers_len = 256, /* < 2^35 bits */ .max_add_len = 256, /* < 2^35 bits */ .max_len = 256 - DRBG_NONCE_LEN, /* < 2^35 bits */ .max_no_of_bytes_per_req = 524288L / 8, /* < 2^19 bits */ .reseed_intervall = UINT32_MAX - 1, /* < 2^48 */ .instantiate = drbg_sha512_instantiate, .reseed = drbg_sha512_reseed, .generate = drbg_sha512_generate, .uninstantiate = drbg_sha512_uninstantiate, .health_test = drbg_sha512_health_test, /* Health test */ .lock = PTHREAD_RWLOCK_INITIALIZER, .test_intervall = UINT64_MAX, .test_ctr = 0, .error_state = 0, }; /* * SHA-512 DRBG mechanism functions * * No checks for invalid arguments are done here. The corresponding drbg_* - * functions are responsible for this. */ int drbg_sha512_instantiate_ppno(void **ws, int sec, const unsigned char *pers, size_t pers_len, const unsigned char *entropy, size_t entropy_len, const unsigned char *nonce, size_t nonce_len) { int status; (void)sec; /* suppress unused param warning */ /* 10.1.1.2 Hash_DRBG Instantiate Process */ *ws = calloc(1, sizeof(ws_t)); /* buffer must be zero! (see POP) */ if(!*ws) return DRBG_NOMEM; const size_t seed_material_len = entropy_len + nonce_len + pers_len; unsigned char seed_material[seed_material_len]; /* step 1 */ memcpy(seed_material, entropy, entropy_len); memcpy(seed_material + entropy_len, nonce, nonce_len); if(pers != NULL){ memcpy(seed_material + entropy_len + nonce_len, pers, pers_len); } /* steps 2 - 5 */ status = s390_ppno(S390_CRYPTO_SHA512_DRNG_SEED, *ws, NULL, 0, seed_material, seed_material_len); if(status) status = DRBG_HEALTH_TEST_FAIL; /* step 6 */ drbg_zmem(seed_material, seed_material_len); return status; } int drbg_sha512_instantiate(void **ws, int sec, const unsigned char *pers, size_t pers_len, const unsigned char *entropy, size_t entropy_len, const unsigned char *nonce, size_t nonce_len) { const size_t seed_material_len = entropy_len + nonce_len + pers_len; unsigned char seed_material[seed_material_len]; int status; (void)sec; /* suppress unused param warning */ /* 10.1.1.2 Hash_DRBG Instantiate Process */ *ws = malloc(sizeof(ws_t)); if(!*ws) return DRBG_NOMEM; unsigned char _0x00v[1 + sizeof(((ws_t *)*ws)->v)]; /* step 1 */ memcpy(seed_material, entropy, entropy_len); memcpy(seed_material + entropy_len, nonce, nonce_len); memcpy(seed_material + entropy_len + nonce_len, pers, pers_len); /* steps 2 and 3 */ status = drbg_hash_df(seed_material, seed_material_len, ((ws_t *)*ws)->v, sizeof(((ws_t *)*ws)->v)); if(status){ drbg_zmem(*ws, sizeof(ws_t)); free(*ws); *ws = NULL; goto _exit_; } /* step 4 */ _0x00v[0] = 0x00; memcpy(_0x00v + 1, ((ws_t *)*ws)->v, sizeof(((ws_t *)*ws)->v)); status = drbg_hash_df(_0x00v, sizeof(_0x00v), ((ws_t *)*ws)->c, sizeof(((ws_t *)*ws)->c)); if(status){ drbg_zmem(*ws, sizeof(ws_t)); free(*ws); *ws = NULL; goto _exit_; } /* step 5 */ ((ws_t *)*ws)->reseed_ctr = 1; /* step 6 */ _exit_: drbg_zmem(_0x00v, sizeof(_0x00v)); drbg_zmem(seed_material, seed_material_len); return status; } int drbg_sha512_reseed_ppno(void *ws, const unsigned char *add, size_t add_len, const unsigned char *entropy, size_t entropy_len) { const size_t seed_material_len = entropy_len + add_len; unsigned char seed_material[seed_material_len]; int status; /* 10.1.1.3 Hash_DRBG Reseed Process */ /* step 1 (0x01||V is prepended by ppno, see POP)*/ memcpy(seed_material, entropy, entropy_len); if(add != NULL){ memcpy(seed_material + entropy_len, add, add_len); } /* steps 2 - 5 */ status = s390_ppno(S390_CRYPTO_SHA512_DRNG_SEED, ws, NULL, 0, seed_material, seed_material_len); if(status) status = DRBG_HEALTH_TEST_FAIL; /* step 6 */ drbg_zmem(seed_material, seed_material_len); return status; } int drbg_sha512_reseed(void *ws, const unsigned char *add, size_t add_len, const unsigned char *entropy, size_t entropy_len) { int status; unsigned char *seed_material; unsigned char _0x00v[1 + sizeof(((ws_t *)ws)->v)]; const size_t seed_material_len = 1 + sizeof(((ws_t *)ws)->v) + entropy_len + add_len; /* 10.1.1.3 Hash_DRBG Reseed Process */ seed_material = malloc(seed_material_len); if(!seed_material) return DRBG_NOMEM; /* step 1 */ seed_material[0] = 0x01; memcpy(seed_material + 1, ((ws_t *)ws)->v, sizeof(((ws_t *)ws)->v)); memcpy(seed_material + 1 + sizeof(((ws_t *)ws)->v), entropy, entropy_len); memcpy(seed_material + 1 + sizeof(((ws_t *)ws)->v) + entropy_len, add, add_len); /* steps 2 and 3 */ status = drbg_hash_df(seed_material, seed_material_len, ((ws_t *)ws)->v, sizeof(((ws_t *)ws)->v)); if(status) goto _exit_; /* step 4 */ _0x00v[0] = 0x00; memcpy(_0x00v + 1, ((ws_t *)ws)->v, sizeof(((ws_t *)ws)->v)); status = drbg_hash_df(_0x00v, sizeof(_0x00v), ((ws_t *)ws)->c, sizeof(((ws_t *)ws)->c)); if(status) goto _exit_; /* step 5 */ ((ws_t *)ws)->reseed_ctr = 1; /* step 6 */ _exit_: drbg_zmem(_0x00v, sizeof(_0x00v)); drbg_zmem(seed_material, seed_material_len); free(seed_material); return status; } int drbg_sha512_generate_ppno(void *ws, const unsigned char *add, size_t add_len, unsigned char *prnd, size_t prnd_len) { int status; /* increase corresponding icastats counter */ stats_increment(ICA_STATS_DRBGSHA512, ALGO_HW, ENCRYPT); /* 10.1.1.4 Hash_DRBG Generate Process */ /* step 1 */ if(DRBG_SHA512.reseed_intervall < ((ws_t *)ws)->reseed_ctr) return DRBG_RESEED_REQUIRED; /* step 2 */ if(add){ status = generate_add(ws, add, add_len); if(status) return status; } /* steps 3 - 6 */ status = s390_ppno(S390_CRYPTO_SHA512_DRNG_GEN, ws, prnd, prnd_len, NULL, 0); if(status < 0 || (size_t)status != prnd_len) return DRBG_HEALTH_TEST_FAIL; /* step 7 */ return 0; } int drbg_sha512_generate(void *ws, const unsigned char *add, size_t add_len, unsigned char *prnd, size_t prnd_len) { unsigned char _0x03v[1 + sizeof(((ws_t *)ws)->v)] = {0}; unsigned char h[DRBG_OUT_LEN]; uint64_t shabuff[2]; int status; /* increase corresponding icastats counter */ stats_increment(ICA_STATS_DRBGSHA512, ALGO_SW, ENCRYPT); /* 10.1.1.4 Hash_DRBG Generate Process */ /* step 1 */ if(DRBG_SHA512.reseed_intervall < ((ws_t *)ws)->reseed_ctr) return DRBG_RESEED_REQUIRED; /* step 2 */ if(add){ status = generate_add(ws, add, add_len); if(status) return status; } /* step 3 */ status = hashgen(((ws_t *)ws)->v, prnd, prnd_len); if(status) return status; /* step 4 */ _0x03v[0] = 0x03; memcpy(_0x03v + 1, ((ws_t *)ws)->v, sizeof(((ws_t *)ws)->v)); status = s390_sha_hw(SHA_512_DEFAULT_IV, _0x03v, sizeof(_0x03v), h, sha_constants[SHA_512].hash_length, SHA_MSG_PART_ONLY, &shabuff[0], &shabuff[1], SHA_512); if(status){ status = DRBG_HEALTH_TEST_FAIL; goto _exit_; } /* step 5 */ mod_add(((ws_t *)ws)->v, h, sizeof(h)); mod_add(((ws_t *)ws)->v, ((ws_t *)ws)->c, sizeof(((ws_t *)ws)->c)); mod_add(((ws_t *)ws)->v, (unsigned char *)&((ws_t *)ws)->reseed_ctr, sizeof(((ws_t *)ws)->reseed_ctr)); /* step 6 */ ((ws_t *)ws)->reseed_ctr++; ((ws_t *)ws)->stream_bytes += prnd_len; /* stay analogous to ppno */ /* step 7 */ _exit_: drbg_zmem(_0x03v, sizeof(_0x03v)); drbg_zmem(h, sizeof(h)); return status; } int drbg_sha512_uninstantiate(void **ws, bool test_mode) { drbg_zmem((*ws), sizeof(ws_t)); if(test_mode){ int status = drbg_check_zmem(*ws, sizeof(ws_t)); if(status) return status; } free(*ws); *ws = NULL; return 0; } int drbg_sha512_health_test(void *func, int sec, bool pr) { static bool hw_check; /* Use ppno if available. */ if(!hw_check){ if(sha512_drng_switch){ DRBG_SHA512.instantiate = drbg_sha512_instantiate_ppno; DRBG_SHA512.reseed = drbg_sha512_reseed_ppno; DRBG_SHA512.generate = drbg_sha512_generate_ppno; } else if(sha512_switch){ DRBG_SHA512.instantiate = drbg_sha512_instantiate; DRBG_SHA512.reseed = drbg_sha512_reseed; DRBG_SHA512.generate = drbg_sha512_generate; } else return DRBG_HEALTH_TEST_FAIL; hw_check = true; } /* Health test. */ if(drbg_instantiate == func) return test_instantiate(sec, pr); else if(drbg_reseed == func) return test_reseed(sec, pr); else if(drbg_generate == func) return test_generate(sec, pr); else return DRBG_REQUEST_INV; } /* * Auxiliary functions */ static int test_instantiate(int sec, bool pr) { ica_drbg_t *sh = NULL; const struct drbg_sha512_tv *tv; size_t i; int status; for(i = 0; i < DRBG_SHA512_TV_LEN; i++){ tv = &DRBG_SHA512_TV[i]; if(tv->pr != pr) continue; status = drbg_instantiate(&sh, sec, pr, &DRBG_SHA512, tv->inst.pers, tv->pers_len, true, tv->inst.nonce, tv->nonce_len, tv->inst.entropy, tv->entropy_len); if(status) return status; if(memcmp(tv->inst.v, ((ws_t *)(sh->ws))->v, DRBG_SHA512.seed_len) || memcmp(tv->inst.c, ((ws_t *)(sh->ws))->c, DRBG_SHA512.seed_len) || tv->inst.reseed_ctr != ((ws_t *)(sh->ws))->reseed_ctr){ drbg_uninstantiate(&sh, false); return DRBG_HEALTH_TEST_FAIL; } status = drbg_uninstantiate(&sh, false); if(status) return DRBG_HEALTH_TEST_FAIL; } return 0; } static int test_reseed(int sec, bool pr) { ws_t ws; ica_drbg_t sh = {.mech = &DRBG_SHA512, .ws = &ws, .sec = sec, .pr = pr}; const struct drbg_sha512_tv *tv; size_t i; int status; drbg_recursive_mutex_init(&sh.lock); for(i = 0; i < DRBG_SHA512_TV_LEN; i++){ tv = &DRBG_SHA512_TV[i]; if(tv->pr || tv->no_reseed) continue; memcpy(ws.v, tv->inst.v, DRBG_SHA512.seed_len); memcpy(ws.c, tv->inst.c, DRBG_SHA512.seed_len); ws.reseed_ctr = tv->inst.reseed_ctr; status = drbg_reseed(&sh, pr, tv->res.add, tv->add_len, true, tv->res.entropy, tv->entropy_len); if(status) return status; if(memcmp(tv->res.v, ((ws_t *)sh.ws)->v, DRBG_SHA512.seed_len) || memcmp(tv->res.c, ((ws_t *)sh.ws)->c, DRBG_SHA512.seed_len) || tv->res.reseed_ctr != ((ws_t *)sh.ws)->reseed_ctr) return DRBG_HEALTH_TEST_FAIL; } return 0; } static int test_generate(int sec, bool pr) { ws_t ws; ica_drbg_t sh = {.mech = &DRBG_SHA512, .ws = &ws, .sec = sec, .pr = true}; size_t i; int status; const struct drbg_sha512_tv *tv; unsigned char prnd; drbg_recursive_mutex_init(&sh.lock); /* Use appropriate test vectors for self-test */ do{ for(i = 0; i < DRBG_SHA512_TV_LEN; i++){ tv = &DRBG_SHA512_TV[i]; if(tv->pr != pr) continue; if(!tv->no_reseed && !tv->pr){ memcpy(ws.v, tv->res.v, DRBG_SHA512.seed_len); memcpy(ws.c, tv->res.c, DRBG_SHA512.seed_len); ws.reseed_ctr = tv->res.reseed_ctr; } else{ memcpy(ws.v, tv->inst.v, DRBG_SHA512.seed_len); memcpy(ws.c, tv->inst.c, DRBG_SHA512.seed_len); ws.reseed_ctr = tv->inst.reseed_ctr; } unsigned char prnd[tv->prnd_len]; status = drbg_generate(&sh, sec, pr, tv->gen1.add, tv->add_len, true, tv->gen1.entropy, tv->entropy_len, prnd, tv->prnd_len); if(status) return status; if(memcmp(tv->gen1.v, ((ws_t *)sh.ws)->v, DRBG_SHA512.seed_len) || memcmp(tv->gen1.c, ((ws_t *)sh.ws)->c, DRBG_SHA512.seed_len) || tv->gen1.reseed_ctr != ((ws_t *)sh.ws)->reseed_ctr) return DRBG_HEALTH_TEST_FAIL; status = drbg_generate(&sh, sec, pr, tv->gen2.add, tv->add_len, true, tv->gen2.entropy, tv->entropy_len, prnd, tv->prnd_len); if(status) return status; if(memcmp(tv->gen2.v, ((ws_t *)sh.ws)->v, DRBG_SHA512.seed_len) || memcmp(tv->gen2.c, ((ws_t *)sh.ws)->c, DRBG_SHA512.seed_len) || tv->gen2.reseed_ctr != ((ws_t *)sh.ws)->reseed_ctr) return DRBG_HEALTH_TEST_FAIL; if(memcmp(tv->prnd, prnd, tv->prnd_len)) return DRBG_HEALTH_TEST_FAIL; } /* If pr = false, also run self-test with sh.pr = false. */ if(pr || !sh.pr) break; else sh.pr = false; }while(true); /* Set reseed counter to meet the reseed intervall. */ if(!pr){ ws.reseed_ctr = DRBG_SHA512.reseed_intervall + 1; status = drbg_generate(&sh, sec, pr, NULL, 0, false, NULL, 0, &prnd, sizeof(prnd)); if(2 != ws.reseed_ctr) return DRBG_HEALTH_TEST_FAIL; } return 0; } static int generate_add(ws_t *ws, const unsigned char *add, size_t add_len) { unsigned char *_0x02v; const size_t _0x02v_len = 1 + sizeof(ws->v) + add_len; unsigned char w[DRBG_OUT_LEN]; uint64_t shabuff[2]; int status; /* 10.1.1.4 Hash_DRBG Generate Process, step 2.x */ /* step 2.1 */ _0x02v = malloc(_0x02v_len); if(!_0x02v) return DRBG_NOMEM; _0x02v[0] = 0x02; memcpy(_0x02v + 1, ws->v, sizeof(ws->v)); memcpy(_0x02v + 1 + sizeof(ws->v), add, add_len); status = s390_sha_hw(SHA_512_DEFAULT_IV, _0x02v, _0x02v_len, w, sha_constants[SHA_512].hash_length, SHA_MSG_PART_ONLY, &shabuff[0], &shabuff[1], SHA_512); if(status){ status = DRBG_HEALTH_TEST_FAIL; goto _exit_; } /* step 2.2 */ mod_add(ws->v, w, sizeof(w)); _exit_: drbg_zmem(w, DRBG_OUT_LEN); drbg_zmem(_0x02v, _0x02v_len); free(_0x02v); return status; } static int hashgen(const unsigned char *v, unsigned char *prnd, size_t prnd_len) { unsigned char data[DRBG_SHA512_SEED_LEN]; unsigned char w_i[DRBG_OUT_LEN]; unsigned char *w; size_t m, i; uint64_t shabuff[2]; int status; const unsigned char _0x01 = 0x01; /* 10.1.1.4 Hashgen Process */ if(0 >= prnd_len) return 0; /* no pseudorandom bytes requested */ /* step 1 */ m = (prnd_len + DRBG_OUT_LEN - 1) / DRBG_OUT_LEN; /* step 2 */ memcpy(data, v, sizeof(data)); /* step 3 */ w = malloc(m * DRBG_OUT_LEN); if(!w) return DRBG_NOMEM; /* step 4 */ for(i = 1; i <= m; i++){ status = s390_sha_hw(SHA_512_DEFAULT_IV, data, sizeof(data), w_i, sha_constants[SHA_512].hash_length, SHA_MSG_PART_ONLY, &shabuff[0], &shabuff[1], SHA_512); if(status){ status = DRBG_HEALTH_TEST_FAIL; goto _exit_; } memcpy(w + (i - 1) * DRBG_OUT_LEN, w_i, DRBG_OUT_LEN); mod_add(data, &_0x01, sizeof(_0x01)); } /* step 5 */ memcpy(prnd, w, prnd_len); /* step 6 */ _exit_: drbg_zmem(data, sizeof(data)); drbg_zmem(w_i, DRBG_OUT_LEN); drbg_zmem(w, m * DRBG_OUT_LEN); free(w); return status; } libica-4.0.1/src/s390_ecc.c000066400000000000000000002322601417716165400152230ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Joerg Schmidbauer * * Copyright IBM Corp. 2017 */ #include #include #include #include #include #include #include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "fips.h" #include "s390_ecc.h" #include "s390_crypto.h" #include "rng.h" #include "init.h" #include "icastats.h" #include "s390_sha.h" #if OPENSSL_VERSION_PREREQ(3, 0) #include #include extern OSSL_LIB_CTX *openssl_libctx; #endif #define CPRBXSIZE (sizeof(struct CPRBX)) #define PARMBSIZE (2048) static int eckeygen_cpacf(ICA_EC_KEY *key); static int ecdsa_sign_cpacf(const ICA_EC_KEY *priv, const unsigned char *hash, size_t hashlen, unsigned char *sig, void (*rng_cb)(unsigned char *, size_t)); static int ecdsa_verify_cpacf(const ICA_EC_KEY *pub, const unsigned char *hash, size_t hashlen, const unsigned char *sig); static int scalar_mul_cpacf(unsigned char *res_x, unsigned char *res_y, const unsigned char *scalar, const unsigned char *x, const unsigned char *y, int curve_nid); int scalar_mulx_cpacf(unsigned char *res_u, const unsigned char *scalar, const unsigned char *u, int curve_nid); /** * Since kernel 4.10 the zcrypt device driver has multi domain support and * accepts CPRBs via the ioctl ZSECSENDCPRB with domain addressing 0xFFFF * (AUTOSELECT_DOM in zcrypyt.h). This allows for load balancing between * multiple available crypto cards. */ typedef enum { dom_addressing_autoselect = 0, dom_addressing_default_domain, } dom_addressing_t; int dom_addressing = dom_addressing_autoselect; /** * Check if openssl does support this ec curve */ static int is_supported_openssl_curve(int nid) { EC_GROUP *ptr = EC_GROUP_new_by_curve_name(nid); if (ptr) EC_GROUP_free(ptr); return ptr ? 1 : 0; } #if OPENSSL_VERSION_PREREQ(3, 0) static int build_pkey_from_params(OSSL_PARAM_BLD *tmpl, int selection, EVP_PKEY **pkey) { OSSL_PARAM *params = NULL; EVP_PKEY_CTX *pctx = NULL; int rc = EINVAL; params = OSSL_PARAM_BLD_to_param(tmpl); if (params == NULL) { goto out; } pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); if (pctx == NULL) { goto out; } if (!EVP_PKEY_fromdata_init(pctx) || !EVP_PKEY_fromdata(pctx, pkey, selection, params)) { goto out; } EVP_PKEY_CTX_free(pctx); pctx = EVP_PKEY_CTX_new(*pkey, NULL); if (pctx == NULL) { goto out; } if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) { if (EVP_PKEY_check(pctx) != 1) { goto out; } } else { if (EVP_PKEY_public_check(pctx) != 1) { goto out; } } rc = 0; out: if (pctx != NULL) EVP_PKEY_CTX_free(pctx); if (params != NULL) OSSL_PARAM_free(params); if (rc != 0 && *pkey != NULL) { EVP_PKEY_free(*pkey); *pkey = NULL; } return rc; } #endif /** * makes a private EC key from given private value using openssl 3.0. */ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen) { int ok = 0; EVP_PKEY *ec_pkey = NULL; EC_GROUP *group = NULL; EC_POINT *point = NULL; BIGNUM *bn_priv = NULL; #if !OPENSSL_VERSION_PREREQ(3, 0) EC_KEY *ec_key = NULL; #else unsigned char *pub_key = NULL; unsigned int pub_key_len; point_conversion_form_t form; OSSL_PARAM_BLD *tmpl = NULL; int rc; #endif group = EC_GROUP_new_by_curve_name(nid); if (group == NULL) { goto err; } point = EC_POINT_new(group); if (point == NULL) { goto err; } bn_priv = BN_bin2bn(p, plen, NULL); if (bn_priv == NULL) { goto err; } if (!EC_POINT_mul(group, point, bn_priv, NULL, NULL, NULL)) { goto err; } #if !OPENSSL_VERSION_PREREQ(3, 0) ec_key = EC_KEY_new_by_curve_name(nid); if (ec_key == NULL) { goto err; } EC_POINT_free(point); point = EC_POINT_new(EC_KEY_get0_group(ec_key)); if (point == NULL) { goto err; } if (!EC_KEY_oct2priv(ec_key, p, plen) || !EC_POINT_mul(EC_KEY_get0_group(ec_key), point, EC_KEY_get0_private_key(ec_key), NULL, NULL, NULL) || !EC_KEY_set_public_key(ec_key, point) || !EC_KEY_check_key(ec_key)) { goto err; } ec_pkey = EVP_PKEY_new(); if (ec_pkey == NULL) { goto err; } if (!EVP_PKEY_set1_EC_KEY(ec_pkey, ec_key)) { goto err; } #else form = EC_GROUP_get_point_conversion_form(group); pub_key_len = EC_POINT_point2buf(group, point, form, &pub_key, NULL); if (pub_key_len == 0) { goto err; } tmpl = OSSL_PARAM_BLD_new(); if (tmpl == NULL) { goto err; } if (!OSSL_PARAM_BLD_push_utf8_string(tmpl, OSSL_PKEY_PARAM_GROUP_NAME, OBJ_nid2sn(nid), 0) || !OSSL_PARAM_BLD_push_octet_string(tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key, pub_key_len) || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY, bn_priv)) { goto err; } rc = build_pkey_from_params(tmpl, EVP_PKEY_KEYPAIR, &ec_pkey); if (rc != 0) { goto err; } #endif ok = 1; err: EC_POINT_free(point); EC_GROUP_free(group); BN_free(bn_priv); #if !OPENSSL_VERSION_PREREQ(3, 0) // because we use EVP_PKEY_set1_EC_KEY above, free the ec_key here. // If we would use EVP_PKEY_assign_EC_KEY, we would just set it to NULL, // but not free it (reference count). if (ec_key != NULL) EC_KEY_free(ec_key); #else if (tmpl) OSSL_PARAM_BLD_free(tmpl); if (pub_key) OPENSSL_free(pub_key); #endif if (ok) return ec_pkey; else if (ec_pkey) EVP_PKEY_free(ec_pkey); return NULL; } /** * makes a public EC key using openssl 3.0. */ static EVP_PKEY *make_public_eckey(int nid, unsigned char *pubkey, size_t publen) { int ok = 0; #if !OPENSSL_VERSION_PREREQ(3, 0) EC_KEY *ec_key = NULL; #else OSSL_PARAM_BLD *tmpl = NULL; int rc; #endif EVP_PKEY *ec_pkey = NULL; unsigned char *encoded_pubkey; unsigned int encoded_len = publen + 1; encoded_pubkey = OPENSSL_zalloc(encoded_len); if (encoded_pubkey == NULL) { goto err; } encoded_pubkey[0] = 0x04; memcpy(encoded_pubkey + 1, pubkey, publen); #if !OPENSSL_VERSION_PREREQ(3, 0) ec_key = EC_KEY_new_by_curve_name(nid); if (ec_key == NULL) { goto err; } if (!EC_KEY_oct2key(ec_key, encoded_pubkey, encoded_len, NULL) || !EC_KEY_check_key(ec_key)) { goto err; } ec_pkey = EVP_PKEY_new(); if (ec_pkey == NULL) { goto err; } if (!EVP_PKEY_set1_EC_KEY(ec_pkey, ec_key)) { goto err; } #else tmpl = OSSL_PARAM_BLD_new(); if (tmpl == NULL) { goto err; } if (!OSSL_PARAM_BLD_push_utf8_string(tmpl, OSSL_PKEY_PARAM_GROUP_NAME, OBJ_nid2sn(nid), 0) || !OSSL_PARAM_BLD_push_octet_string(tmpl, OSSL_PKEY_PARAM_PUB_KEY, encoded_pubkey, encoded_len)) { goto err; } rc = build_pkey_from_params(tmpl, EVP_PKEY_PUBLIC_KEY, &ec_pkey); if (rc != 0) { goto err; } #endif ok = 1; err: if (encoded_pubkey != NULL) OPENSSL_free(encoded_pubkey); #if !OPENSSL_VERSION_PREREQ(3, 0) if (ec_key) EC_KEY_free(ec_key); #else if (tmpl) OSSL_PARAM_BLD_free(tmpl); #endif if (ok) return ec_pkey; else if (ec_pkey) EVP_PKEY_free(ec_pkey); return NULL; } /** * makes a keyblock length field at given struct and returns its length. */ static unsigned int make_keyblock_length(ECC_KEYBLOCK_LENGTH *kb, unsigned int len) { kb->keyblock_len = len; return sizeof(ECC_KEYBLOCK_LENGTH); } /** * makes a nullkey token at given struct and returns its length. */ static unsigned int make_nullkey(ECDH_NULLKEY* nkey) { nkey->nullkey_len[0] = 0x00; nkey->nullkey_len[1] = 0x44; return sizeof(ECDH_NULLKEY); } /** * makes an ecc null token at given struct. */ static unsigned int make_ecc_null_token(ECC_NULL_TOKEN *kb) { kb->len = 0x0005; kb->flags = 0x0010; kb->nulltoken = 0x00; return sizeof(ECC_NULL_TOKEN); } /** * determines and returns the default domain. With older zcrypt drivers * it's not possible to specify 0xffff to indicate 'any domain' in a * request CPRB. * * @return domain number (0 ... n, machine dependent) if success * -1 if error or driver not loaded */ static short get_default_domain(void) { const char *domainfile = "/sys/bus/ap/ap_domain"; static short domain = -1; int temp; FILE *f = NULL; if (domain >= 0) return domain; f = fopen(domainfile, "r"); if (!f) return domain; if (fscanf(f, "%d", &temp) != 1) return domain; domain = (short)temp; if (f) fclose(f); return domain; } /** * makes a T2 CPRBX at given struct and returns its length. */ static unsigned int make_cprbx(struct CPRBX* cprbx, unsigned int parmlen, struct CPRBX *preqcblk, struct CPRBX *prepcblk) { cprbx->cprb_len = CPRBXSIZE; cprbx->cprb_ver_id = 0x02; memcpy(&(cprbx->func_id), "T2", 2); cprbx->req_parml = parmlen; if (dom_addressing == dom_addressing_autoselect) cprbx->domain = 0xFFFF; else cprbx->domain = get_default_domain(); cprbx->rpl_msgbl = CPRBXSIZE + PARMBSIZE; cprbx->req_parmb = ((uint8_t *) preqcblk) + CPRBXSIZE; cprbx->rpl_parmb = ((uint8_t *) prepcblk) + CPRBXSIZE; return CPRBXSIZE; } /** * makes an ECDH parmblock at given struct and returns its length. */ static unsigned int make_ecdh_parmblock(ECDH_PARMBLOCK *pb) { typedef struct { uint16_t vud_len; uint8_t vud1[4]; uint8_t vud2[6]; uint8_t vud3[4]; uint8_t vud4[4]; } vud_data; vud_data static_vud = { 0x0014, {0x00,0x04,0x00,0x91}, {0x00,0x06,0x00,0x93,0x00,0x00}, {0x00,0x04,0x00,0x90}, {0x00,0x04,0x00,0x92} }; pb->subfunc_code = 0x4448; /* 'DH' in ASCII */ pb->rule_array.rule_array_len = 0x000A; memcpy(&(pb->rule_array.rule_array_cmd), "PASSTHRU", 8); memcpy(&(pb->vud_data), (char*)&static_vud, sizeof(vud_data)); return sizeof(ECDH_PARMBLOCK); } /** * makes an ECDH key structure at given struct and returns its length. */ static unsigned int make_ecdh_key_token(unsigned char *kb, unsigned int keyblock_length, const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, uint8_t curve_type) { ECC_PRIVATE_KEY_TOKEN* kp1; ECC_PUBLIC_KEY_TOKEN* kp2; unsigned int privlen = privlen_from_nid(privkey_A->nid); unsigned int this_length = sizeof(ECC_PRIVATE_KEY_TOKEN) + privlen + sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; unsigned int ecdhkey_length = 2 + 2 + sizeof(CCA_TOKEN_HDR) + sizeof(ECC_PRIVATE_KEY_SECTION) + sizeof(ECC_ASSOCIATED_DATA) + privlen + sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; unsigned int priv_bitlen = privlen*8; (void)keyblock_length; /* suppress unused param warning. XXX remove param? */ if (privkey_A->nid == NID_secp521r1) { priv_bitlen = 521; } kp1 = (ECC_PRIVATE_KEY_TOKEN*)kb; kp2 = (ECC_PUBLIC_KEY_TOKEN*)(kb + sizeof(ECC_PRIVATE_KEY_TOKEN) + privlen); kp1->key_len = ecdhkey_length; kp1->tknhdr.tkn_hdr_id = 0x1E; kp1->tknhdr.tkn_length = ecdhkey_length - 2 - 2; /* 2x len field */ kp1->privsec.section_id = 0x20; kp1->privsec.version = 0x00; kp1->privsec.section_len = sizeof(ECC_PRIVATE_KEY_SECTION) + sizeof(ECC_ASSOCIATED_DATA) + privlen; kp1->privsec.key_usage = 0xC0; kp1->privsec.curve_type = curve_type; kp1->privsec.key_format = 0x40; /* unencrypted key */ kp1->privsec.priv_p_bitlen = priv_bitlen; kp1->privsec.associated_data_len = sizeof(ECC_ASSOCIATED_DATA); kp1->privsec.ibm_associated_data_len = sizeof(ECC_ASSOCIATED_DATA); kp1->privsec.formatted_data_len = privlen; kp1->adata.ibm_data_len = sizeof(ECC_ASSOCIATED_DATA); kp1->adata.curve_type = curve_type; kp1->adata.p_bitlen = priv_bitlen; kp1->adata.usage_flag = 0xC0; kp1->adata.format_and_sec_flag = 0x40; memcpy(&kp1->privkey[0], privkey_A->D, privlen); kp2->pubsec.section_id = 0x21; kp2->pubsec.section_len = sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; kp2->pubsec.curve_type = curve_type; kp2->pubsec.pub_p_bitlen = priv_bitlen; kp2->pubsec.pub_q_bytelen = 2*privlen + 1; /* pub bytelen + compress flag */ kp2->compress_flag = 0x04; /* uncompressed key */ memcpy(&kp2->pubkey[0], pubkey_B->X, privlen); memcpy(&kp2->pubkey[privlen+0], pubkey_B->Y, privlen); return this_length; } /** * finalizes an ica_xcRB struct that is sent to the card. */ static void finalize_xcrb(struct ica_xcRB* xcrb, struct CPRBX *preqcblk, struct CPRBX *prepcblk) { memset(xcrb, 0, sizeof(struct ica_xcRB)); xcrb->agent_ID = 0x4341; xcrb->user_defined = AUTOSELECT; /* use any card number */ xcrb->request_control_blk_length = preqcblk->cprb_len + preqcblk->req_parml; xcrb->request_control_blk_addr = (void *) preqcblk; xcrb->reply_control_blk_length = preqcblk->rpl_msgbl; xcrb->reply_control_blk_addr = (void *) prepcblk; } /** * creates an ECDH xcrb request message for zcrypt. * * returns a pointer to the control block where the card * provides its reply. * * The function allocates len bytes at cbcbmem. The caller * is responsible to erase sensible data and free the * memory. */ static ECDH_REPLY* make_ecdh_request(const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, struct ica_xcRB* xcrb, uint8_t **cbrbmem, size_t *len) { struct CPRBX *preqcblk, *prepcblk; unsigned int privlen = privlen_from_nid(privkey_A->nid); unsigned int ecdh_key_token_len = 2 + 2 + sizeof(CCA_TOKEN_HDR) + sizeof(ECC_PRIVATE_KEY_SECTION) + sizeof(ECC_ASSOCIATED_DATA) + privlen + sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; unsigned int keyblock_len = 2 + 2*ecdh_key_token_len + 4*sizeof(ECDH_NULLKEY); unsigned int parmblock_len = sizeof(ECDH_PARMBLOCK) + keyblock_len; int curve_type = curve_type_from_nid(privkey_A->nid); if (curve_type < 0) return NULL; /* allocate buffer space for req cprb, req parm, rep cprb, rep parm */ *len = 2 * (CPRBXSIZE + PARMBSIZE); *cbrbmem = malloc(*len); if (!*cbrbmem) return NULL; memset(*cbrbmem, 0, *len); preqcblk = (struct CPRBX *) *cbrbmem; prepcblk = (struct CPRBX *) (*cbrbmem + CPRBXSIZE + PARMBSIZE); /* make ECDH request */ unsigned int offset = 0; offset = make_cprbx((struct CPRBX *)*cbrbmem, parmblock_len, preqcblk, prepcblk); offset += make_ecdh_parmblock((ECDH_PARMBLOCK*)(*cbrbmem+offset)); offset += make_keyblock_length((ECC_KEYBLOCK_LENGTH*)(*cbrbmem+offset), keyblock_len); offset += make_ecdh_key_token(*cbrbmem+offset, ecdh_key_token_len, privkey_A, pubkey_B, curve_type); offset += make_nullkey((ECDH_NULLKEY*)(*cbrbmem+offset)); offset += make_ecdh_key_token(*cbrbmem+offset, ecdh_key_token_len, privkey_A, pubkey_B, curve_type); offset += make_nullkey((ECDH_NULLKEY*)(*cbrbmem+offset)); offset += make_nullkey((ECDH_NULLKEY*)(*cbrbmem+offset)); offset += make_nullkey((ECDH_NULLKEY*)(*cbrbmem+offset)); finalize_xcrb(xcrb, preqcblk, prepcblk); return (ECDH_REPLY*)prepcblk; } static int scalar_mul_cpacf(unsigned char *res_x, unsigned char *res_y, const unsigned char *scalar, const unsigned char *x, const unsigned char *y, int curve_nid) { #define DEF_PARAM(curve, size) \ struct { \ unsigned char res_x[size]; \ unsigned char res_y[size]; \ unsigned char x[size]; \ unsigned char y[size]; \ unsigned char scalar[size]; \ } curve union { long long buff[512]; /* 4k buffer: params + reserved area */ DEF_PARAM(P256, 32); DEF_PARAM(P384, 48); DEF_PARAM(P521, 80); DEF_PARAM(ED25519, 32); DEF_PARAM(ED448, 64); } param; #undef DEF_PARAM unsigned long fc; size_t off; int rc; const size_t len = privlen_from_nid(curve_nid); memset(¶m, 0, sizeof(param)); switch (curve_nid) { case NID_X9_62_prime256v1: off = sizeof(param.P256.scalar) - len; memcpy(param.P256.x + off, x, sizeof(param.P256.x) - off); memcpy(param.P256.y + off, y, sizeof(param.P256.y) - off); memcpy(param.P256.scalar + off, scalar, sizeof(param.P256.scalar) - off); fc = s390_pcc_functions[SCALAR_MULTIPLY_P256].hw_fc; rc = s390_pcc(fc, ¶m) ? EIO : 0; if (res_x != NULL) memcpy(res_x, param.P256.res_x + off, len); if (res_y != NULL) memcpy(res_y, param.P256.res_y + off, len); break; case NID_secp384r1: off = sizeof(param.P384.scalar) - len; memcpy(param.P384.x + off, x, sizeof(param.P384.x) - off); memcpy(param.P384.y + off, y, sizeof(param.P384.y) - off); memcpy(param.P384.scalar + off, scalar, sizeof(param.P384.scalar) - off); fc = s390_pcc_functions[SCALAR_MULTIPLY_P384].hw_fc; rc = s390_pcc(fc, ¶m) ? EIO : 0; if (res_x != NULL) memcpy(res_x, param.P384.res_x + off, len); if (res_y != NULL) memcpy(res_y, param.P384.res_y + off, len); break; case NID_secp521r1: off = sizeof(param.P521.scalar) - len; memcpy(param.P521.x + off, x, sizeof(param.P521.x) - off); memcpy(param.P521.y + off, y, sizeof(param.P521.y) - off); memcpy(param.P521.scalar + off, scalar, sizeof(param.P521.scalar) - off); fc = s390_pcc_functions[SCALAR_MULTIPLY_P521].hw_fc; rc = s390_pcc(fc, ¶m) ? EIO : 0; if (res_x != NULL) memcpy(res_x, param.P521.res_x + off, len); if (res_y != NULL) memcpy(res_y, param.P521.res_y + off, len); break; case NID_ED25519: off = sizeof(param.ED25519.scalar) - len; memcpy(param.ED25519.x + off, x, sizeof(param.ED25519.x) - off); memcpy(param.ED25519.y + off, y, sizeof(param.ED25519.y) - off); memcpy(param.ED25519.scalar + off, scalar, sizeof(param.ED25519.scalar) - off); fc = s390_pcc_functions[SCALAR_MULTIPLY_ED25519].hw_fc; rc = s390_pcc(fc, ¶m) ? EIO : 0; if (res_x != NULL) memcpy(res_x, param.ED25519.res_x + off, len); if (res_y != NULL) memcpy(res_y, param.ED25519.res_y + off, len); break; case NID_ED448: off = sizeof(param.ED448.scalar) - len; memcpy(param.ED448.x + off, x, sizeof(param.ED448.x) - off); memcpy(param.ED448.y + off, y, sizeof(param.ED448.y) - off); memcpy(param.ED448.scalar + off, scalar, sizeof(param.ED448.scalar) - off); fc = s390_pcc_functions[SCALAR_MULTIPLY_ED448].hw_fc; rc = s390_pcc(fc, ¶m) ? EIO : 0; if (res_x != NULL) memcpy(res_x, param.ED448.res_x + off, len); if (res_y != NULL) memcpy(res_y, param.ED448.res_y + off, len); break; default: rc = EINVAL; } OPENSSL_cleanse(param.buff, sizeof(param.buff)); return rc; } /* * mask must be 0xFF or 0x00. * "constant time" is per len. * * if (mask) { * unsigned char tmp[len]; * * memcpy(tmp, a, len); * memcpy(a, b); * memcpy(b, tmp); * } */ static inline void constant_time_cond_swap_buff(unsigned char mask, unsigned char *a, unsigned char *b, size_t len) { size_t i; unsigned char tmp; for (i = 0; i < len; i++) { tmp = a[i] ^ b[i]; tmp &= mask; a[i] ^= tmp; b[i] ^= tmp; } } static void s390_x25519_mod_p(unsigned char u[32]) { unsigned char u_red[32]; unsigned int c = 0; int i; memcpy(u_red, u, sizeof(u_red)); c += (unsigned int)u_red[31] + 19; u_red[31] = (unsigned char)c; c >>= 8; for (i = 30; i >= 0; i--) { c += (unsigned int)u_red[i]; u_red[i] = (unsigned char)c; c >>= 8; } c = (u_red[0] & 0x80) >> 7; u_red[0] &= 0x7f; constant_time_cond_swap_buff(0 - (unsigned char)c, u, u_red, sizeof(u_red)); } static void s390_x448_mod_p(unsigned char u[56]) { unsigned char u_red[56]; unsigned int c = 0; int i; memcpy(u_red, u, sizeof(u_red)); c += (unsigned int)u_red[55] + 1; u_red[55] = (unsigned char)c; c >>= 8; for (i = 54; i >= 28; i--) { c += (unsigned int)u_red[i]; u_red[i] = (unsigned char)c; c >>= 8; } c += (unsigned int)u_red[27] + 1; u_red[27] = (unsigned char)c; c >>= 8; for (i = 26; i >= 0; i--) { c += (unsigned int)u_red[i]; u_red[i] = (unsigned char)c; c >>= 8; } constant_time_cond_swap_buff(0 - (unsigned char)c, u, u_red, sizeof(u_red)); } int scalar_mulx_cpacf(unsigned char *res_u, const unsigned char *scalar, const unsigned char *u, int curve_nid) { #define DEF_PARAM(curve, size) \ struct { \ unsigned char res_u[size]; \ unsigned char u[size]; \ unsigned char scalar[size]; \ } curve union { long long buff[512]; /* 4k buffer: params + reserved area */ DEF_PARAM(X25519, 32); DEF_PARAM(X448, 64); } param; #undef DEF_PARAM unsigned long fc; int rc; const size_t len = privlen_from_nid(curve_nid); memset(¶m, 0, sizeof(param)); switch (curve_nid) { case NID_X25519: memcpy(param.X25519.u, u, len); memcpy(param.X25519.scalar, scalar, len); param.X25519.u[31] &= 0x7f; param.X25519.scalar[0] &= 248; param.X25519.scalar[31] &= 127; param.X25519.scalar[31] |= 64; /* to big-endian */ s390_flip_endian_32(param.X25519.u, param.X25519.u); s390_flip_endian_32(param.X25519.scalar, param.X25519.scalar); /* reduce non-canonical values */ s390_x25519_mod_p(param.X25519.u); fc = s390_pcc_functions[SCALAR_MULTIPLY_X25519].hw_fc; rc = s390_pcc(fc, ¶m) ? EIO : 0; /* to little-endian */ s390_flip_endian_32(param.X25519.res_u, param.X25519.res_u); if (res_u != NULL) memcpy(res_u, param.X25519.res_u, len); break; case NID_X448: memcpy(param.X448.u, u, len); memcpy(param.X448.scalar, scalar, len); param.X448.scalar[0] &= 252; param.X448.scalar[55] |= 128; /* to big-endian */ s390_flip_endian_64(param.X448.u, param.X448.u); s390_flip_endian_64(param.X448.scalar, param.X448.scalar); /* reduce non-canonical values */ s390_x448_mod_p(param.X448.u + 8); fc = s390_pcc_functions[SCALAR_MULTIPLY_X448].hw_fc; rc = s390_pcc(fc, ¶m) ? EIO : 0; /* to little-endian */ s390_flip_endian_64(param.X448.res_u, param.X448.res_u); if (res_u != NULL) memcpy(res_u, param.X448.res_u, len); break; default: rc = EINVAL; } OPENSSL_cleanse(param.buff, sizeof(param.buff)); return rc; } /** * Perform an ECDH shared secret calculation with given EC private key A (D) * and EC public key B (X,Y) via CPACF Crypto Express CCA coprocessor. * * Returns 0 if successful * EIO if an internal error occurred */ unsigned int ecdh_hw(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, unsigned char *z) { uint8_t *buf = NULL; size_t len; int rc; struct ica_xcRB xcrb; ECDH_REPLY* reply_p; int privlen = privlen_from_nid(privkey_A->nid); if (msa9_switch && !ica_offload_enabled) { rc = scalar_mul_cpacf(z, NULL, privkey_A->D, pubkey_B->X, pubkey_B->Y, privkey_A->nid); if (rc != EINVAL) /* EINVAL: curve not supported by cpacf */ return rc; } if (privkey_A->nid != pubkey_B->nid || !curve_supported_via_online_card(privkey_A->nid)) return ENODEV; if (adapter_handle == DRIVER_NOT_LOADED) return EIO; reply_p = make_ecdh_request(privkey_A, pubkey_B, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { dom_addressing = dom_addressing_default_domain; reply_p = make_ecdh_request(privkey_A, pubkey_B, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { rc = EIO; goto ret; } } if (reply_p->key_len - 4 != privlen) { rc = EIO; goto ret; } memcpy(z, reply_p->raw_z_value, privlen); rc = 0; ret: if (buf) { OPENSSL_cleanse(buf, len); free(buf); } return rc; } /** * Perform an ECDH shared secret calculation with given EC private key A (D) * and EC public key B (X,Y) in software. * * Returns 0 if successful * EIO if an internal error occurred */ unsigned int ecdh_sw(const ICA_EC_KEY *privkey_A, const ICA_EC_KEY *pubkey_B, unsigned char *z) { int ret = 0; EVP_PKEY *a = NULL, *b = NULL; EVP_PKEY_CTX *ctx = NULL; size_t privlen = privlen_from_nid(privkey_A->nid); #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, ret); if (!is_supported_openssl_curve(privkey_A->nid)) { ret = EPERM; goto err; } a = make_eckey(privkey_A->nid, privkey_A->D, privlen); b = make_public_eckey(pubkey_B->nid, pubkey_B->X, 2 * privlen); if (!a || !b) { ret = EIO; goto err; } ctx = EVP_PKEY_CTX_new(a, NULL); if (ctx == NULL) { ret = EIO; goto err; } if (EVP_PKEY_derive_init(ctx) <= 0 || EVP_PKEY_derive_set_peer(ctx, b) <= 0) { ret = EIO; goto err; } if (EVP_PKEY_derive(ctx, z, &privlen) <= 0) { ret = EIO; goto err; } ret = 0; err: if (a != NULL) EVP_PKEY_free(a); if (b != NULL) EVP_PKEY_free(b); if (ctx != NULL) EVP_PKEY_CTX_free(ctx); END_OPENSSL_LIBCTX(ret); return ret; } /** * makes an ECDSA sign parmblock at given struct and returns its length. */ static unsigned int make_ecdsa_sign_parmblock(ECDSA_PARMBLOCK_PART1 *pb, const unsigned char *hash, unsigned int hash_length) { pb->subfunc_code = 0x5347; /* 'SG' */ pb->rule_array.rule_array_len = 0x000A; memcpy(&(pb->rule_array.rule_array_cmd), "ECDSA ", 8); pb->vud_data.vud_len = hash_length+4; pb->vud_data.vud1_len = hash_length+2; memcpy(&(pb->vud_data.vud1), hash, hash_length); return sizeof(ECDSA_PARMBLOCK_PART1) + hash_length; } /** * makes an ECDSA verify parmblock at given struct and returns its length. */ static unsigned int make_ecdsa_verify_parmblock(char *pb, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature, unsigned int signature_len) { ECDSA_PARMBLOCK_PART1* pb1; ECDSA_PARMBLOCK_PART2* pb2; pb1 = (ECDSA_PARMBLOCK_PART1*)pb; pb2 = (ECDSA_PARMBLOCK_PART2*)(pb + sizeof(ECDSA_PARMBLOCK_PART1) + hash_length); pb1->subfunc_code = 0x5356; /* 'SV' */ pb1->rule_array.rule_array_len = 0x000A; memcpy(&(pb1->rule_array.rule_array_cmd), "ECDSA ", 8); pb1->vud_data.vud_len = 2 + (2+hash_length) + (2+signature_len); pb1->vud_data.vud1_len = 2+hash_length; memcpy(&(pb1->vud_data.vud1), hash, hash_length); pb2->vud_data.vud2_len = 2+signature_len; memcpy(&(pb2->vud_data.vud2_data), signature, signature_len); return sizeof(ECDSA_PARMBLOCK_PART1) + hash_length + sizeof(ECDSA_PARMBLOCK_PART2) + signature_len; } /** * makes an ECDSA key structure at given struct and returns its length. */ static unsigned int make_ecdsa_private_key_token(unsigned char *kb, const ICA_EC_KEY *privkey, const unsigned char *X, const unsigned char *Y, uint8_t curve_type) { ECC_PRIVATE_KEY_TOKEN* kp1; ECC_PUBLIC_KEY_TOKEN* kp2; int privlen = privlen_from_nid(privkey->nid); unsigned int ecdsakey_length = 2 + 2 + sizeof(CCA_TOKEN_HDR) + sizeof(ECC_PRIVATE_KEY_SECTION) + sizeof(ECC_ASSOCIATED_DATA) + privlen + sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; unsigned int priv_bitlen = privlen*8; if (privkey->nid == NID_secp521r1) { priv_bitlen = 521; } kp1 = (ECC_PRIVATE_KEY_TOKEN*)kb; kp2 = (ECC_PUBLIC_KEY_TOKEN*)(kb + sizeof(ECC_PRIVATE_KEY_TOKEN) + privlen); kp1->key_len = ecdsakey_length; kp1->reserved = 0x0020; kp1->tknhdr.tkn_hdr_id = 0x1E; kp1->tknhdr.tkn_length = ecdsakey_length - 2 - 2; /* 2x len field */ kp1->privsec.section_id = 0x20; kp1->privsec.version = 0x00; kp1->privsec.section_len = sizeof(ECC_PRIVATE_KEY_SECTION) + sizeof(ECC_ASSOCIATED_DATA) + privlen; kp1->privsec.key_usage = 0x80; kp1->privsec.curve_type = curve_type; kp1->privsec.key_format = 0x40; /* unencrypted key */ kp1->privsec.priv_p_bitlen = priv_bitlen; kp1->privsec.associated_data_len = sizeof(ECC_ASSOCIATED_DATA); kp1->privsec.ibm_associated_data_len = sizeof(ECC_ASSOCIATED_DATA); kp1->privsec.formatted_data_len = privlen; kp1->adata.ibm_data_len = sizeof(ECC_ASSOCIATED_DATA); kp1->adata.curve_type = curve_type; kp1->adata.p_bitlen = priv_bitlen; kp1->adata.usage_flag = 0x80; kp1->adata.format_and_sec_flag = 0x40; memcpy(&kp1->privkey[0], privkey->D, privlen); kp2->pubsec.section_id = 0x21; kp2->pubsec.section_len = sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; kp2->pubsec.curve_type = curve_type; kp2->pubsec.pub_p_bitlen = priv_bitlen; kp2->pubsec.pub_q_bytelen = 2*privlen + 1; /* bytelen + compress flag */ kp2->compress_flag = 0x04; /* uncompressed key */ memcpy(&kp2->pubkey[0], X, privlen); memcpy(&kp2->pubkey[privlen+0], Y, privlen); return sizeof(ECC_PRIVATE_KEY_TOKEN) + privlen + sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; } /** * makes an ECDSA verify key structure at given struct and returns its length. */ static unsigned int make_ecdsa_public_key_token(ECDSA_PUBLIC_KEY_BLOCK *kb, const ICA_EC_KEY *pubkey, uint8_t curve_type) { int privlen = privlen_from_nid(pubkey->nid); unsigned int this_length = sizeof(ECDSA_PUBLIC_KEY_BLOCK) + 2*privlen; unsigned int priv_bitlen = privlen*8; if (pubkey->nid == NID_secp521r1) { priv_bitlen = 521; } kb->key_len = this_length; kb->tknhdr.tkn_hdr_id = 0x1E; kb->tknhdr.tkn_length = this_length - 2 - 2; /* 2x len field */ kb->pubsec.section_id = 0x21; kb->pubsec.section_len = sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; kb->pubsec.curve_type = curve_type; kb->pubsec.pub_p_bitlen = priv_bitlen; kb->pubsec.pub_q_bytelen = 2*privlen + 1; /* bytelen + compress flag */ kb->compress_flag = 0x04; /* uncompressed key */ memcpy(&kb->pubkey[0], pubkey->X, privlen); memcpy(&kb->pubkey[privlen+0], pubkey->Y, privlen); return this_length; } /** * creates an ECDSA sign request message for zcrypt. The given private key does usually * not contain a public key (X,Y), but the card requires (X,Y) to be present. The * calling function makes sure that (X,Y) are correctly set. * * returns a pointer to the control block where the card * provides its reply. * * The function allocates len bytes at cbrbmem. The caller * is responsible to erase sensible data and free the * memory. */ static ECDSA_SIGN_REPLY* make_ecdsa_sign_request(const ICA_EC_KEY *privkey, const unsigned char *X, const unsigned char *Y, const unsigned char *hash, unsigned int hash_length, struct ica_xcRB* xcrb, uint8_t **cbrbmem, size_t *len) { struct CPRBX *preqcblk, *prepcblk; int privlen = privlen_from_nid(privkey->nid); unsigned int ecdsa_key_token_len = 2 + 2 + sizeof(CCA_TOKEN_HDR) + sizeof(ECC_PRIVATE_KEY_SECTION) + sizeof(ECC_ASSOCIATED_DATA) + privlen + sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; unsigned int keyblock_len = 2 + ecdsa_key_token_len; unsigned int parmblock_len = sizeof(ECDSA_PARMBLOCK_PART1) + hash_length + keyblock_len; int curve_type = curve_type_from_nid(privkey->nid); if (curve_type < 0) return NULL; /* allocate buffer space for req cprb, req parm, rep cprb, rep parm */ *len = 2 * (CPRBXSIZE + PARMBSIZE); *cbrbmem = malloc(*len); if (!*cbrbmem) return NULL; memset(*cbrbmem, 0, *len); preqcblk = (struct CPRBX *) *cbrbmem; prepcblk = (struct CPRBX *) (*cbrbmem + CPRBXSIZE + PARMBSIZE); /* make ECDSA sign request */ unsigned int offset = 0; offset = make_cprbx((struct CPRBX *)*cbrbmem, parmblock_len, preqcblk, prepcblk); offset += make_ecdsa_sign_parmblock((ECDSA_PARMBLOCK_PART1*) (*cbrbmem+offset), hash, hash_length); offset += make_keyblock_length((ECC_KEYBLOCK_LENGTH*)(*cbrbmem+offset), keyblock_len); offset += make_ecdsa_private_key_token(*cbrbmem+offset, privkey, X, Y, curve_type); finalize_xcrb(xcrb, preqcblk, prepcblk); return (ECDSA_SIGN_REPLY*)prepcblk; } /** * calculate the public (X,Y) values for the given private key, if necessary. */ static unsigned int provide_pubkey(const ICA_EC_KEY *privkey, unsigned char *X, unsigned char *Y) { #if !OPENSSL_VERSION_PREREQ(3, 0) const EC_GROUP *group = NULL; EC_KEY *eckey = NULL; #else EVP_PKEY *eckey = NULL; unsigned char *ecpoint = NULL; size_t ecpoint_len; #endif EC_POINT *pub_key = NULL; BIGNUM *bn_d = NULL, *bn_x = NULL, *bn_y = NULL; int privlen = -1; unsigned int rc; if (privkey == NULL || X == NULL || Y == NULL) { return EFAULT; } privlen = privlen_from_nid(privkey->nid); if (privlen < 0) { return EFAULT; } /* Check if (X,Y) already available */ if (privkey->X != NULL && privkey->Y != NULL) { memcpy(X, privkey->X, privlen); memcpy(Y, privkey->Y, privlen); return 0; } /* Get (D) as BIGNUM */ if ((bn_d = BN_bin2bn(privkey->D, privlen, NULL)) == NULL) { return EFAULT; } /* Calculate public (X,Y) values */ #if !OPENSSL_VERSION_PREREQ(3, 0) eckey = EC_KEY_new_by_curve_name(privkey->nid); EC_KEY_set_private_key(eckey, bn_d); group = EC_KEY_get0_group(eckey); pub_key = EC_POINT_new(group); if (!EC_POINT_mul(group, pub_key, bn_d, NULL, NULL, NULL)) { rc = EFAULT; goto end; } /* Get (X,Y) as BIGNUMs */ bn_x = BN_new(); bn_y = BN_new(); if (!EC_POINT_get_affine_coordinates_GFp(group, pub_key, bn_x, bn_y, NULL)) { rc = EFAULT; goto end; } /* Format (X,Y) as char array, with leading zeros if necessary */ BN_bn2binpad(bn_x, X, privlen); BN_bn2binpad(bn_y, Y, privlen); #else eckey = make_eckey(privkey->nid, privkey->D, privlen); if (eckey == NULL) { goto end; } if (!EVP_PKEY_get_octet_string_param(eckey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0, &ecpoint_len)) { goto end; } ecpoint = OPENSSL_zalloc(ecpoint_len); if (ecpoint == NULL) { goto end; } if (!EVP_PKEY_get_octet_string_param(eckey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, ecpoint, ecpoint_len, &ecpoint_len)) { goto end; } memcpy(X, ecpoint + 1, privlen); // skip leading 0x04 memcpy(Y, ecpoint + 1 + privlen, privlen); #endif rc = 0; end: if (pub_key) EC_POINT_free(pub_key); #if !OPENSSL_VERSION_PREREQ(3, 0) if (eckey) EC_KEY_free(eckey); #else if (eckey) EVP_PKEY_free(eckey); if (ecpoint) OPENSSL_free(ecpoint); #endif BN_clear_free(bn_x); BN_clear_free(bn_y); BN_clear_free(bn_d); return rc; } /** * creates an ECDSA signature via CPACF or Crypto Express CCA coprocessor. * * Returns 0 if successful * EIO if an internal error occurred */ unsigned int ecdsa_sign_hw(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *privkey, const unsigned char *hash, unsigned int hash_length, unsigned char *signature) { uint8_t *buf = NULL; size_t len; int rc; struct ica_xcRB xcrb; ECDSA_SIGN_REPLY* reply_p; int privlen = privlen_from_nid(privkey->nid); unsigned char X[MAX_ECC_PRIV_SIZE]; unsigned char Y[MAX_ECC_PRIV_SIZE]; if (msa9_switch && !ica_offload_enabled) { rc = ecdsa_sign_cpacf(privkey, hash, hash_length, signature, NULL); if (rc != EINVAL) /* EINVAL: curve not supported by cpacf */ return rc; } if (!curve_supported_via_online_card(privkey->nid)) return ENODEV; if (adapter_handle == DRIVER_NOT_LOADED) return EIO; rc = provide_pubkey(privkey, X, Y); if (rc != 0) return EIO; reply_p = make_ecdsa_sign_request((const ICA_EC_KEY*)privkey, X, Y, hash, hash_length, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { dom_addressing = dom_addressing_default_domain; reply_p = make_ecdsa_sign_request((const ICA_EC_KEY*)privkey, X, Y, hash, hash_length, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { rc = EIO; goto ret; } } if (reply_p->vud_len - 8 != 2 * privlen) { rc = EIO; goto ret; } memcpy(signature, reply_p->signature, reply_p->vud_len-8); rc = 0; ret: if (buf) { OPENSSL_cleanse(buf, len); free(buf); } return rc; } /** * creates an ECDSA signature in software using OpenSSL. * Returns 0 if successful * EIO if an internal error occurred. */ unsigned int ecdsa_sign_sw(const ICA_EC_KEY *privkey, const unsigned char *hash, unsigned int hash_length, unsigned char *signature) { int rc = 0; EVP_PKEY *ec_pkey = NULL; ECDSA_SIG *sig = NULL; const BIGNUM *r, *s; EVP_PKEY_CTX *ctx = NULL; size_t siglen; unsigned char *sigbuf = NULL; const unsigned char *p; unsigned int privlen = privlen_from_nid(privkey->nid); #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); if (!is_supported_openssl_curve(privkey->nid)) { rc = EPERM; goto err; } ec_pkey = make_eckey(privkey->nid, privkey->D, privlen); if (ec_pkey == NULL) { rc = EIO; goto err; } ctx = EVP_PKEY_CTX_new(ec_pkey, NULL); if (ctx == NULL) { rc = EIO; goto err; } if (EVP_PKEY_sign_init(ctx) <= 0) { rc = EIO; goto err; } if (EVP_PKEY_sign(ctx, NULL, &siglen, hash, (size_t)hash_length) <= 0) { rc = EIO; goto err; } sigbuf = malloc(siglen); if (sigbuf == NULL) { rc = EIO; goto err; } if (EVP_PKEY_sign(ctx, sigbuf, &siglen, hash, (size_t)hash_length) <= 0) { rc = EIO; goto err; } p = sigbuf; sig = d2i_ECDSA_SIG(NULL, &p, siglen); if (sig == NULL) { rc = EIO; goto err; } ECDSA_SIG_get0(sig, &r, &s); /* Insert leading 0x00's if r or s shorter than privlen */ BN_bn2binpad(r, signature, privlen); BN_bn2binpad(s, signature + privlen, privlen); rc = 0; err: if (sig != NULL) ECDSA_SIG_free(sig); if (ec_pkey != NULL) EVP_PKEY_free(ec_pkey); if (sigbuf != NULL) free(sigbuf); if (ctx != NULL) EVP_PKEY_CTX_free(ctx); END_OPENSSL_LIBCTX(rc); return rc; } /** * creates an ECDSA xcrb request message for zcrypt. * * returns a pointer to the control block where the card * provides its reply. * * The function allocates len bytes at cbrbmem. The caller * is responsible to erase sensible data and free the * memory. */ static ECDSA_VERIFY_REPLY* make_ecdsa_verify_request(const ICA_EC_KEY *pubkey, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature, struct ica_xcRB* xcrb, uint8_t **cbrbmem, size_t *len) { struct CPRBX *preqcblk, *prepcblk; unsigned int privlen = privlen_from_nid(pubkey->nid); unsigned int ecdsa_key_token_len = 2 + 2 + sizeof(CCA_TOKEN_HDR) + sizeof(ECC_PUBLIC_KEY_TOKEN) + 2*privlen; unsigned int keyblock_len = 2 + ecdsa_key_token_len; unsigned int parmblock_len = sizeof(ECDSA_PARMBLOCK_PART1) + hash_length + sizeof(ECDSA_PARMBLOCK_PART2) + 2*privlen + keyblock_len; /* allocate buffer space for req cprb, req parm, rep cprb, rep parm */ *len = 2 * (CPRBXSIZE + PARMBSIZE); *cbrbmem = malloc(*len); if (!*cbrbmem) return NULL; int curve_type = curve_type_from_nid(pubkey->nid); if (curve_type < 0) return NULL; memset(*cbrbmem, 0, *len); preqcblk = (struct CPRBX *) *cbrbmem; prepcblk = (struct CPRBX *) (*cbrbmem + CPRBXSIZE + PARMBSIZE); /* make ECDSA verify request */ unsigned int offset = 0; offset = make_cprbx((struct CPRBX *)*cbrbmem, parmblock_len, preqcblk, prepcblk); offset += make_ecdsa_verify_parmblock((char*)(*cbrbmem+offset), hash, hash_length, signature, 2*privlen); offset += make_keyblock_length((ECC_KEYBLOCK_LENGTH*)(*cbrbmem+offset), keyblock_len); offset += make_ecdsa_public_key_token((ECDSA_PUBLIC_KEY_BLOCK*) (*cbrbmem+offset), pubkey, curve_type); finalize_xcrb(xcrb, preqcblk, prepcblk); return (ECDSA_VERIFY_REPLY*)prepcblk; } /* * Verify an ecdsa signature of a hashed message under a public key. * Returns 0 if successful. If cpacf doesnt support the curve, * EINVAL is returned. */ static int ecdsa_verify_cpacf(const ICA_EC_KEY *pub, const unsigned char *hash, size_t hashlen, const unsigned char *sig) { #define DEF_PARAM(curve, size) \ struct { \ unsigned char sig_r[size]; \ unsigned char sig_s[size]; \ unsigned char hash[size]; \ unsigned char pub_x[size]; \ unsigned char pub_y[size]; \ } curve union { long long buff[512]; /* 4k buffer: params + reserved area */ DEF_PARAM(P256, 32); DEF_PARAM(P384, 48); DEF_PARAM(P521, 80); } param; #undef DEF_PARAM unsigned long fc; size_t off; int rc; memset(¶m, 0, sizeof(param)); rc = 0; switch (pub->nid) { case NID_X9_62_prime256v1: off = sizeof(param.P256.hash) - (hashlen > sizeof(param.P256.hash) ? sizeof(param.P256.hash) : hashlen); memcpy(param.P256.hash + off, hash, sizeof(param.P256.hash) - off); off = sizeof(param.P256.pub_x) - privlen_from_nid(pub->nid); memcpy(param.P256.sig_r + off, sig, sizeof(param.P256.sig_r) - off); memcpy(param.P256.sig_s + off, sig + sizeof(param.P256.sig_r) - off, sizeof(param.P256.sig_s) - off); memcpy(param.P256.pub_x + off, pub->X, sizeof(param.P256.pub_x) - off); memcpy(param.P256.pub_y + off, pub->Y, sizeof(param.P256.pub_y) - off); fc = s390_kdsa_functions[ECDSA_VERIFY_P256].hw_fc; break; case NID_secp384r1: off = sizeof(param.P384.hash) - (hashlen > sizeof(param.P384.hash) ? sizeof(param.P384.hash) : hashlen); memcpy(param.P384.hash + off, hash, sizeof(param.P384.hash) - off); off = sizeof(param.P384.pub_x) - privlen_from_nid(pub->nid); memcpy(param.P384.sig_r + off, sig, sizeof(param.P384.sig_r) - off); memcpy(param.P384.sig_s + off, sig + sizeof(param.P384.sig_r) - off, sizeof(param.P384.sig_s) - off); memcpy(param.P384.pub_x + off, pub->X, sizeof(param.P384.pub_x) - off); memcpy(param.P384.pub_y + off, pub->Y, sizeof(param.P384.pub_y) - off); fc = s390_kdsa_functions[ECDSA_VERIFY_P384].hw_fc; break; case NID_secp521r1: off = sizeof(param.P521.hash) - (hashlen > sizeof(param.P521.hash) ? sizeof(param.P521.hash) : hashlen); memcpy(param.P521.hash + off, hash, sizeof(param.P521.hash) - off); off = sizeof(param.P521.pub_x) - privlen_from_nid(pub->nid); memcpy(param.P521.sig_r + off, sig, sizeof(param.P521.sig_r) - off); memcpy(param.P521.sig_s + off, sig + sizeof(param.P521.sig_r) - off, sizeof(param.P521.sig_s) - off); memcpy(param.P521.pub_x + off, pub->X, sizeof(param.P521.pub_x) - off); memcpy(param.P521.pub_y + off, pub->Y, sizeof(param.P521.pub_y) - off); fc = s390_kdsa_functions[ECDSA_VERIFY_P521].hw_fc; break; default: rc = EINVAL; break; } if (!rc) rc = s390_kdsa(fc, param.buff, NULL, 0) ? EFAULT : 0; return rc; } /* * Sign a hashed message using under a private key. * Returns 0 if successful. If cpacf doesnt support the curve, * EINVAL is returned. */ static int ecdsa_sign_cpacf(const ICA_EC_KEY *priv, const unsigned char *hash, size_t hashlen, unsigned char *sig, void (*rng_cb)(unsigned char *, size_t)) { #define DEF_PARAM(curve, size) \ struct { \ unsigned char sig_r[size]; \ unsigned char sig_s[size]; \ unsigned char hash[size]; \ unsigned char priv[size]; \ unsigned char rand[size]; \ } curve union { long long buff[512]; /* 4k buffer: params + reserved area */ DEF_PARAM(P256, 32); DEF_PARAM(P384, 48); DEF_PARAM(P521, 80); } param; #undef DEF_PARAM unsigned long fc; size_t off; int rc; memset(¶m, 0, sizeof(param)); rc = 0; switch (priv->nid) { case NID_X9_62_prime256v1: off = sizeof(param.P256.hash) - (hashlen > sizeof(param.P256.hash) ? sizeof(param.P256.hash) : hashlen); memcpy(param.P256.hash + off, hash, sizeof(param.P256.hash) - off); off = sizeof(param.P256.priv) - privlen_from_nid(priv->nid); memcpy(param.P256.priv + off, priv->D, sizeof(param.P256.priv) - off); fc = s390_kdsa_functions[ECDSA_SIGN_P256].hw_fc; if (rng_cb == NULL) { rc = s390_kdsa(fc, param.buff, NULL, 0); } else { fc |= 0x80; /* deterministic signature */ do { rng_cb(param.P256.rand + off, sizeof(param.P256.rand) - off); rc = s390_kdsa(fc, param.buff, NULL, 0); } while (rc); } memcpy(sig, param.P256.sig_r + off, sizeof(param.P256.sig_r) - off); memcpy(sig + sizeof(param.P256.sig_r) - off, param.P256.sig_s + off, sizeof(param.P256.sig_s) - off); OPENSSL_cleanse(param.P256.priv, sizeof(param.P256.priv)); OPENSSL_cleanse(param.P256.rand, sizeof(param.P256.rand)); break; case NID_secp384r1: off = sizeof(param.P384.hash) - (hashlen > sizeof(param.P384.hash) ? sizeof(param.P384.hash) : hashlen); memcpy(param.P384.hash + off, hash, sizeof(param.P384.hash) - off); off = sizeof(param.P384.priv) - privlen_from_nid(priv->nid); memcpy(param.P384.priv + off, priv->D, sizeof(param.P384.priv) - off); fc = s390_kdsa_functions[ECDSA_SIGN_P384].hw_fc; if (rng_cb == NULL) { rc = s390_kdsa(fc, param.buff, NULL, 0); } else { fc |= 0x80; /* deterministic signature */ do { rng_cb(param.P384.rand + off, sizeof(param.P384.rand) - off); rc = s390_kdsa(fc, param.buff, NULL, 0); } while (rc); } memcpy(sig, param.P384.sig_r + off, sizeof(param.P384.sig_r) - off); memcpy(sig + sizeof(param.P384.sig_r) - off, param.P384.sig_s + off, sizeof(param.P384.sig_s) - off); OPENSSL_cleanse(param.P384.priv, sizeof(param.P384.priv)); OPENSSL_cleanse(param.P384.rand, sizeof(param.P384.rand)); break; case NID_secp521r1: off = sizeof(param.P521.hash) - (hashlen > sizeof(param.P521.hash) ? sizeof(param.P521.hash) : hashlen); memcpy(param.P521.hash + off, hash, sizeof(param.P521.hash) - off); off = sizeof(param.P521.priv) - privlen_from_nid(priv->nid); memcpy(param.P521.priv + off, priv->D, sizeof(param.P521.priv) - off); fc = s390_kdsa_functions[ECDSA_SIGN_P521].hw_fc; if (rng_cb == NULL) { rc = s390_kdsa(fc, param.buff, NULL, 0); } else { fc |= 0x80; /* deterministic signature */ do { rng_cb(param.P521.rand + off, sizeof(param.P521.rand) - off); rc = s390_kdsa(fc, param.buff, NULL, 0); } while (rc); } memcpy(sig, param.P521.sig_r + off, sizeof(param.P521.sig_r) - off); memcpy(sig + sizeof(param.P521.sig_r) - off, param.P521.sig_s + off, sizeof(param.P521.sig_s) - off); OPENSSL_cleanse(param.P521.priv, sizeof(param.P521.priv)); OPENSSL_cleanse(param.P521.rand, sizeof(param.P521.rand)); break; default: rc = EINVAL; break; } return rc; } /** * verifies an ECDSA signature via CPACF or Crypto Express CCA coprocessor. * * Returns 0 if successful * EIO if an internal error occurred * EFAULT if signature invalid */ unsigned int ecdsa_verify_hw(ica_adapter_handle_t adapter_handle, const ICA_EC_KEY *pubkey, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature) { uint8_t *buf = NULL; size_t len; int rc; struct ica_xcRB xcrb; ECDSA_VERIFY_REPLY* reply_p; if (msa9_switch && !ica_offload_enabled) { rc = ecdsa_verify_cpacf(pubkey, hash, hash_length, signature); if (rc != EINVAL) /* EINVAL: curve not supported by cpacf */ return rc; } if (!curve_supported_via_online_card(pubkey->nid)) return ENODEV; if (adapter_handle == DRIVER_NOT_LOADED) return EIO; reply_p = make_ecdsa_verify_request(pubkey, hash, hash_length, signature, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { dom_addressing = dom_addressing_default_domain; reply_p = make_ecdsa_verify_request(pubkey, hash, hash_length, signature, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { rc = EIO; goto ret; } } if (((struct CPRBX*)reply_p)->ccp_rtcode == 4 && ((struct CPRBX*)reply_p)->ccp_rscode == RS_SIGNATURE_INVALID) { rc = EFAULT; goto ret; } if (((struct CPRBX*)reply_p)->ccp_rtcode != 0 || ((struct CPRBX*)reply_p)->ccp_rscode != 0) { rc = EIO; goto ret; } rc = 0; ret: if (buf) { OPENSSL_cleanse(buf, len); free(buf); } return rc; } /** * verifies an ECDSA signature in software using OpenSSL. * * Returns 0 if successful * EIO if an internal error occurred * EFAULT if signature invalid. */ unsigned int ecdsa_verify_sw(const ICA_EC_KEY *pubkey, const unsigned char *hash, unsigned int hash_length, const unsigned char *signature) { int rc = 0; BIGNUM *r = NULL, *s = NULL; ECDSA_SIG *sig = NULL; unsigned char *sigbuf = NULL; EVP_PKEY_CTX *ctx = NULL; size_t siglen; EVP_PKEY *ec_pkey = NULL; unsigned int privlen = privlen_from_nid(pubkey->nid); #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); if (!is_supported_openssl_curve(pubkey->nid)) { rc = EINVAL; goto err; } sig = ECDSA_SIG_new(); if (sig == NULL) { rc = EIO; goto err; } r = BN_bin2bn(signature, privlen, NULL); s = BN_bin2bn(signature + privlen, privlen, NULL); if (r == NULL || s == NULL) { rc = EIO; goto err; } if (!ECDSA_SIG_set0(sig, r, s)) { rc = EIO; goto err; } siglen = i2d_ECDSA_SIG(sig, &sigbuf); if (siglen <= 0) { rc = EIO; goto err; } ec_pkey = make_public_eckey(pubkey->nid, pubkey->X, 2 * privlen); if (ec_pkey == NULL) { rc = EIO; goto err; } ctx = EVP_PKEY_CTX_new(ec_pkey, NULL); if (ctx == NULL) { rc = EIO; goto err; } if (EVP_PKEY_verify_init(ctx) <= 0) { rc = EIO; goto err; } rc = EVP_PKEY_verify(ctx, sigbuf, siglen, hash, hash_length); switch (rc) { case 0: /* signature invalid */ rc = EFAULT; break; case 1: /* signature valid */ rc = 0; break; default: /* internal error */ rc = EIO; break; } err: if (sig != NULL) ECDSA_SIG_free(sig); if (ec_pkey != NULL) EVP_PKEY_free(ec_pkey); if (sigbuf != NULL) OPENSSL_free(sigbuf); if (ctx != NULL) EVP_PKEY_CTX_free(ctx); END_OPENSSL_LIBCTX(rc); return rc; } /** * makes an ECKeyGen parmblock at given struct and returns its length. */ static unsigned int make_eckeygen_parmblock(ECKEYGEN_PARMBLOCK *pb) { pb->subfunc_code = 0x5047; /* 'PG' */ pb->rule_array.rule_array_len = 0x000A; memcpy(&(pb->rule_array.rule_array_cmd), "CLEAR ", 8); pb->vud_len = 0x0002; return sizeof(ECKEYGEN_PARMBLOCK); } /** * makes an ECKeyGen private key structure at given struct and returns its length. */ static unsigned int make_eckeygen_private_key_token(ECKEYGEN_KEY_TOKEN* kb, unsigned int nid, uint8_t curve_type) { unsigned int privlen = privlen_from_nid(nid); unsigned int priv_bitlen = privlen*8; if (nid == NID_secp521r1) { priv_bitlen = 521; } kb->key_len = sizeof(ECKEYGEN_KEY_TOKEN); kb->reserved1 = 0x0020; kb->tknhdr.tkn_hdr_id = 0x1E; kb->tknhdr.tkn_length = sizeof(ECKEYGEN_KEY_TOKEN) - 2 - 2; /* 2x len field */ kb->privsec.section_id = 0x20; kb->privsec.version = 0x00; kb->privsec.section_len = sizeof(ECC_PRIVATE_KEY_SECTION) + sizeof(ECC_ASSOCIATED_DATA); kb->privsec.key_usage = 0x80; kb->privsec.curve_type = curve_type; kb->privsec.key_format = 0x40; /* unencrypted key */ kb->privsec.priv_p_bitlen = priv_bitlen; kb->privsec.associated_data_len = sizeof(ECC_ASSOCIATED_DATA); kb->privsec.ibm_associated_data_len = sizeof(ECC_ASSOCIATED_DATA); kb->privsec.formatted_data_len = 0; /* no key */ kb->adata.ibm_data_len = sizeof(ECC_ASSOCIATED_DATA); kb->adata.curve_type = curve_type; kb->adata.p_bitlen = priv_bitlen; kb->adata.usage_flag = 0x80; kb->adata.format_and_sec_flag = 0x40; kb->pubsec.section_id = 0x21; kb->pubsec.section_len = sizeof(ECC_PUBLIC_KEY_SECTION); kb->pubsec.curve_type = curve_type; kb->pubsec.pub_p_bitlen = priv_bitlen; kb->pubsec.pub_q_bytelen = 0; /* no keys */ return sizeof(ECKEYGEN_KEY_TOKEN); } /** * creates an ECKeyGen xcrb request message for zcrypt. * * returns a pointer to the control block where the card * provides its reply. * * The function allocates len bytes at cbrbmem. The caller * is responsible to erase sensible data and free the * memory. */ static ECKEYGEN_REPLY* make_eckeygen_request(ICA_EC_KEY *key, struct ica_xcRB* xcrb, uint8_t **cbrbmem, size_t *len) { struct CPRBX *preqcblk, *prepcblk; unsigned int keyblock_len = 2 + sizeof(ECKEYGEN_KEY_TOKEN) + sizeof(ECC_NULL_TOKEN); unsigned int parmblock_len = sizeof(ECKEYGEN_PARMBLOCK) + keyblock_len; int curve_type = curve_type_from_nid(key->nid); if (curve_type < 0) return NULL; /* allocate buffer space for req cprb, req parm, rep cprb, rep parm */ *len = 2 * (CPRBXSIZE + PARMBSIZE); *cbrbmem = malloc(*len); if (!*cbrbmem) return NULL; memset(*cbrbmem, 0, *len); preqcblk = (struct CPRBX *) *cbrbmem; prepcblk = (struct CPRBX *) (*cbrbmem + CPRBXSIZE + PARMBSIZE); /* make ECKeyGen request */ unsigned int offset = 0; offset = make_cprbx((struct CPRBX *)*cbrbmem, parmblock_len, preqcblk, prepcblk); offset += make_eckeygen_parmblock((ECKEYGEN_PARMBLOCK*)(*cbrbmem+offset)); offset += make_keyblock_length((ECC_KEYBLOCK_LENGTH*)(*cbrbmem+offset), keyblock_len); offset += make_eckeygen_private_key_token((ECKEYGEN_KEY_TOKEN*)(*cbrbmem+offset), key->nid, curve_type); offset += make_ecc_null_token((ECC_NULL_TOKEN*)(*cbrbmem+offset)); finalize_xcrb(xcrb, preqcblk, prepcblk); return (ECKEYGEN_REPLY*)prepcblk; } static int eckeygen_cpacf(ICA_EC_KEY *key) { static const unsigned char p256_base_x[] = { 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96 }; static const unsigned char p256_base_y[] = { 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16, 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5 }; static const unsigned char p256_ord[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 }; static const unsigned char p384_base_x[] = { 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7 }; static const unsigned char p384_base_y[] = { 0x36, 0x17, 0xDE, 0x4A, 0x96, 0x26, 0x2C, 0x6F, 0x5D, 0x9E, 0x98, 0xBF, 0x92, 0x92, 0xDC, 0x29, 0xF8, 0xF4, 0x1D, 0xBD, 0x28, 0x9A, 0x14, 0x7C, 0xE9, 0xDA, 0x31, 0x13, 0xB5, 0xF0, 0xB8, 0xC0, 0x0A, 0x60, 0xB1, 0xCE, 0x1D, 0x7E, 0x81, 0x9D, 0x7A, 0x43, 0x1D, 0x7C, 0x90, 0xEA, 0x0E, 0x5F }; static const unsigned char p384_ord[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2, 0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73 }; static const unsigned char p521_base_x[] = { 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E, 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66 }; static const unsigned char p521_base_y[] = { 0x01, 0x18, 0x39, 0x29, 0x6A, 0x78, 0x9A, 0x3B, 0xC0, 0x04, 0x5C, 0x8A, 0x5F, 0xB4, 0x2C, 0x7D, 0x1B, 0xD9, 0x98, 0xF5, 0x44, 0x49, 0x57, 0x9B, 0x44, 0x68, 0x17, 0xAF, 0xBD, 0x17, 0x27, 0x3E, 0x66, 0x2C, 0x97, 0xEE, 0x72, 0x99, 0x5E, 0xF4, 0x26, 0x40, 0xC5, 0x50, 0xB9, 0x01, 0x3F, 0xAD, 0x07, 0x61, 0x35, 0x3C, 0x70, 0x86, 0xA2, 0x72, 0xC2, 0x40, 0x88, 0xBE, 0x94, 0x76, 0x9F, 0xD1, 0x66, 0x50 }; static const unsigned char p521_ord[] = { 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86, 0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09, 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F, 0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09 }; const unsigned int privlen = privlen_from_nid(key->nid); const unsigned char *base_x, *base_y; BIGNUM *priv, *ord; BN_CTX *ctx; int rv, numbytes; ctx = BN_CTX_new(); priv = BN_new(); ord = BN_new(); if (ctx == NULL || priv == NULL || ord == NULL) { rv = ENOMEM; goto out; } switch (key->nid) { case NID_X9_62_prime256v1: base_x = p256_base_x; base_y = p256_base_y; BN_bin2bn(p256_ord, sizeof(p256_ord), ord); break; case NID_secp384r1: base_x = p384_base_x; base_y = p384_base_y; BN_bin2bn(p384_ord, sizeof(p384_ord), ord); break; case NID_secp521r1: base_x = p521_base_x; base_y = p521_base_y; BN_bin2bn(p521_ord, sizeof(p521_ord), ord); break; default: rv = EINVAL; goto out; } do { if (!BN_rand_range(priv, ord)) { rv = EIO; goto out; } } while (BN_is_zero(priv)); memset(key->D, 0, privlen); numbytes = BN_num_bytes(priv); rv = BN_bn2bin(priv, key->D + privlen - numbytes); BN_clear(priv); if (rv != numbytes) { rv = EIO; goto out; } rv = scalar_mul_cpacf(key->X, key->Y, key->D, base_x, base_y, key->nid); out: if (ctx != NULL) BN_CTX_free(ctx); if (priv != NULL) BN_free(priv); if (ord != NULL) BN_free(ord); return rv; } /** * generates an EC key via Crypto Express CCA coprocessor. * * Returns 0 if successful * EIO if an internal error occurred. */ unsigned int eckeygen_hw(ica_adapter_handle_t adapter_handle, ICA_EC_KEY *key) { uint8_t *buf = NULL; size_t len; int rc; struct ica_xcRB xcrb; ECKEYGEN_REPLY *reply_p; unsigned int privlen = privlen_from_nid(key->nid); ECC_PUBLIC_KEY_TOKEN* pub_p; unsigned char* p; if (msa9_switch) { rc = eckeygen_cpacf(key); if (rc != EINVAL) /* curve not supported by cpacf */ return rc; } if (!curve_supported_via_online_card(key->nid)) return ENODEV; reply_p = make_eckeygen_request(key, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { dom_addressing = dom_addressing_default_domain; reply_p = make_eckeygen_request(key, &xcrb, &buf, &len); if (!reply_p) { rc = EIO; goto ret; } rc = ioctl(adapter_handle, ZSECSENDCPRB, xcrb); if (rc != 0) { rc = EIO; goto ret; } } if (reply_p->eckey.privsec.formatted_data_len != privlen) { rc = EIO; goto ret; } memcpy(key->D, reply_p->eckey.privkey, privlen); p = (unsigned char*)&(reply_p->eckey.privsec) + reply_p->eckey.privsec.section_len; pub_p = (ECC_PUBLIC_KEY_TOKEN*)p; if (pub_p->compress_flag != 0x04) { rc = EIO; goto ret; } memcpy(key->X, (char*)pub_p->pubkey, 2*privlen); rc = 0; ret: if (buf) { OPENSSL_cleanse(buf, len); free(buf); } return rc; } /** * generates an EC key in software using OpenSSL. * * Returns 0 if successful * EIO if an internal error occurred. */ unsigned int eckeygen_sw(ICA_EC_KEY *key) { #if !OPENSSL_VERSION_PREREQ(3, 0) const EC_KEY *ec_key = NULL; BN_CTX *bnctx = NULL; size_t d_len; #else BIGNUM *bn_d = NULL; #endif int rc = 0; EVP_PKEY_CTX *ctx = NULL; EVP_PKEY *ec_pkey = NULL; unsigned char *ecpoint = NULL, *d = NULL; size_t ecpoint_len; unsigned int privlen = privlen_from_nid(key->nid); #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); if (!is_supported_openssl_curve(key->nid)) { rc = EPERM; goto err; } ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); if (ctx == NULL) { rc = EIO; goto err; } if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, key->nid) <= 0 || EVP_PKEY_keygen(ctx, &ec_pkey) <= 0) { rc = EIO; goto err; } #if !OPENSSL_VERSION_PREREQ(3, 0) ec_key = EVP_PKEY_get0_EC_KEY(ec_pkey); if (ec_key == NULL) { rc = EIO; goto err; } bnctx = BN_CTX_new(); if (bnctx == NULL) { rc = ENOMEM; goto err; } ecpoint_len = EC_KEY_key2buf(ec_key, POINT_CONVERSION_UNCOMPRESSED, &ecpoint, bnctx); if (ecpoint_len == 0) { rc = EIO; goto err; } memcpy(key->X, ecpoint + 1, privlen); // skip leading 0x04 memcpy(key->Y, ecpoint + 1 + privlen, privlen); d_len = EC_KEY_priv2buf(ec_key, &d); if (d_len != privlen) { rc = EIO; goto err; } memcpy(key->D, d, d_len); #else /* Provide public key (X,Y) */ if (!EVP_PKEY_get_octet_string_param(ec_pkey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0, &ecpoint_len)) { rc = EIO; goto err; } ecpoint = OPENSSL_zalloc(ecpoint_len); if (ecpoint == NULL) { rc = EIO; goto err; } if (!EVP_PKEY_get_octet_string_param(ec_pkey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, ecpoint, ecpoint_len, &ecpoint_len)) { rc = EIO; goto err; } memcpy(key->X, ecpoint + 1, privlen); // skip leading 0x04 memcpy(key->Y, ecpoint + 1 + privlen, privlen); /* Provide private key (D) */ if (!EVP_PKEY_get_bn_param(ec_pkey, OSSL_PKEY_PARAM_PRIV_KEY, &bn_d)) { rc = EIO; goto err; } BN_bn2binpad(bn_d, key->D, privlen); #endif rc = 0; err: if (ctx != NULL) EVP_PKEY_CTX_free(ctx); #if !OPENSSL_VERSION_PREREQ(3, 0) if (bnctx != NULL) BN_CTX_free(bnctx); #else if (bn_d != NULL) BN_free(bn_d); #endif if (ec_pkey != NULL) EVP_PKEY_free(ec_pkey); if (ecpoint != NULL) OPENSSL_free(ecpoint); if (d != NULL) OPENSSL_free(d); END_OPENSSL_LIBCTX(rc); return rc; } /** * Check if the given ICA_EC_KEY is valid. This check is performed via openssl, * so we can only check keys that are supported by openssl. If e.g. openssl * is in fips mode, very few curves are supported. * * @return: * 0 success * EINVAL key check failed */ int ec_key_check(ICA_EC_KEY *ica_key) { EVP_PKEY *privkey = NULL, *pubkey = NULL; BIGNUM *d = NULL, *x = NULL, *y = NULL; int privlen, rc = EINVAL; BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); if (!ica_key) goto done; privlen = privlen_from_nid(ica_key->nid); d = BN_bin2bn(ica_key->D, privlen, NULL); if (!BN_is_zero(d)) { privkey = make_eckey(ica_key->nid, ica_key->D, privlen); if (!privkey) goto done; } x = BN_bin2bn(ica_key->X, privlen, NULL); y = BN_bin2bn(ica_key->Y, privlen, NULL); if (!BN_is_zero(x) && !BN_is_zero(y)) { pubkey = make_public_eckey(ica_key->nid, ica_key->X, 2 * privlen); if (!pubkey) goto done; } rc = 0; done: BN_clear_free(d); BN_clear_free(x); BN_clear_free(y); if (pubkey) EVP_PKEY_free(pubkey); if (privkey) EVP_PKEY_free(privkey); END_OPENSSL_LIBCTX(rc); return rc; } /* * Derive public key. * Returns 0 if successful. Caller has to check for MSA 9. */ int x25519_derive_pub(unsigned char pub[32], const unsigned char priv[32]) { static const unsigned char x25519_base_u[] = { 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; int rc; rc = scalar_mulx_cpacf(pub, priv, x25519_base_u, NID_X25519); stats_increment(ICA_STATS_X25519_KEYGEN, ALGO_HW, ENCRYPT); return rc; } int x448_derive_pub(unsigned char pub[56], const unsigned char priv[56]) { static const unsigned char x448_base_u[] = { 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; int rc; rc = scalar_mulx_cpacf(pub, priv, x448_base_u, NID_X448); stats_increment(ICA_STATS_X448_KEYGEN, ALGO_HW, ENCRYPT); return rc; } int ed25519_derive_pub(unsigned char pub[32], const unsigned char priv[32]) { /* base point coordinates (big-endian) */ static const unsigned char base_x[] = { 0x21, 0x69, 0x36, 0xd3, 0xcd, 0x6e, 0x53, 0xfe, 0xc0, 0xa4, 0xe2, 0x31, 0xfd, 0xd6, 0xdc, 0x5c, 0x69, 0x2c, 0xc7, 0x60, 0x95, 0x25, 0xa7, 0xb2, 0xc9, 0x56, 0x2d, 0x60, 0x8f, 0x25, 0xd5, 0x1a, }; static const unsigned char base_y[] = { 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x58, }; uint64_t lo, hi; unsigned char buf[64]; unsigned char res_x[32]; int rc; lo = 0; hi = 0; rc = s390_sha512(NULL, (unsigned char *)priv, 32, buf, SHA_MSG_PART_ONLY, &lo, &hi); if (rc) goto out; buf[0] &= -8; /* ensure multiple of cofactor */ buf[31] &= 0x3f; buf[31] |= 0x40; /* to big endian */ s390_flip_endian_32(buf, buf); rc = scalar_mul_cpacf(res_x, pub, buf, base_x, base_y, NID_ED25519); if (rc) goto out; /* to little endian */ s390_flip_endian_32(res_x, res_x); s390_flip_endian_32(pub, pub); pub[31] |= ((res_x[0] & 0x01) << 7); /* to big endian */ s390_flip_endian_32(pub, pub); stats_increment(ICA_STATS_ED25519_KEYGEN, ALGO_HW, ENCRYPT); rc = 0; out: return rc; } /* * Derive public key. * Returns 0 if successful. Caller has to check for MSA 9. */ int ed448_derive_pub(unsigned char pub[57], const unsigned char priv[57]) { /* base point coordinates (big-endian) */ static const unsigned char base_x[] = { 0x00, 0x4f, 0x19, 0x70, 0xc6, 0x6b, 0xed, 0x0d, 0xed, 0x22, 0x1d, 0x15, 0xa6, 0x22, 0xbf, 0x36, 0xda, 0x9e, 0x14, 0x65, 0x70, 0x47, 0x0f, 0x17, 0x67, 0xea, 0x6d, 0xe3, 0x24, 0xa3, 0xd3, 0xa4, 0x64, 0x12, 0xae, 0x1a, 0xf7, 0x2a, 0xb6, 0x65, 0x11, 0x43, 0x3b, 0x80, 0xe1, 0x8b, 0x00, 0x93, 0x8e, 0x26, 0x26, 0xa8, 0x2b, 0xc7, 0x0c, 0xc0, 0x5e, }; static const unsigned char base_y[] = { 0x00, 0x69, 0x3f, 0x46, 0x71, 0x6e, 0xb6, 0xbc, 0x24, 0x88, 0x76, 0x20, 0x37, 0x56, 0xc9, 0xc7, 0x62, 0x4b, 0xea, 0x73, 0x73, 0x6c, 0xa3, 0x98, 0x40, 0x87, 0x78, 0x9c, 0x1e, 0x05, 0xa0, 0xc2, 0xd7, 0x3a, 0xd3, 0xff, 0x1c, 0xe6, 0x7c, 0x39, 0xc4, 0xfd, 0xbd, 0x13, 0x2c, 0x4e, 0xd7, 0xc8, 0xad, 0x98, 0x08, 0x79, 0x5b, 0xf2, 0x30, 0xfa, 0x14, }; uint64_t lo, hi; unsigned char buf[114], pub64[64]; unsigned char res_x[64]; int rc; memset(res_x, 0, sizeof(res_x)); memset(pub64, 0, sizeof(pub64)); lo = 0; hi = 0; rc = s390_shake_256(NULL, (unsigned char *)priv, 57, buf, sizeof(buf), SHA_MSG_PART_ONLY, &lo, &hi); if (rc) goto out; memset(buf + 57, 0, 57); buf[0] &= -4; /* ensure multiple of cofactor */ buf[55] |= 0x80; buf[56] = 0; /* to big endian */ s390_flip_endian_64(buf, buf); rc = scalar_mul_cpacf(res_x + 64 - 57, pub64 + 64 - 57, buf + 64 - 57, base_x, base_y, NID_ED448); if (rc) goto out; /* to little endian */ s390_flip_endian_64(res_x, res_x); s390_flip_endian_64(pub64, pub64); pub64[56] |= ((res_x[0] & 0x01) << 7); /* to big endian */ s390_flip_endian_64(pub64, pub64); memcpy(pub, pub64 + 64 - 57, 57); stats_increment(ICA_STATS_ED448_KEYGEN, ALGO_HW, ENCRYPT); rc = 0; out: return rc; } #ifdef ICA_INTERNAL_TEST_EC #include "../test/testcase.h" #include "test_vec.h" #define TEST_ERROR(msg, alg, tv) \ do { \ fprintf(stderr, "ERROR: %s. (%s test vector %lu)\n", msg, alg, tv); \ exit(TEST_FAIL); \ } while(0) #ifndef NO_CPACF static void ecdsa_test(void) { unsigned long long rnd[2]; sha_context_t sha_ctx; sha256_context_t sha256_ctx; sha512_context_t sha512_ctx; unsigned char hash[1024]; unsigned char sig[4096]; size_t hashlen; const struct ecdsa_tv *t; size_t i; int rc; verbosity_ = 2; t = &ECDSA_TV[0]; for (i = 0; i < ECDSA_TV_LEN; i++) { switch (t->hash) { case SHA1: rc = ica_sha1(SHA_MSG_PART_ONLY, t->msglen, t->msg, &sha_ctx, hash); hashlen = SHA1_HASH_LENGTH; break; case SHA224: rc = ica_sha224(SHA_MSG_PART_ONLY, t->msglen, t->msg, &sha256_ctx, hash); hashlen = SHA224_HASH_LENGTH; break; case SHA256: rc = ica_sha256(SHA_MSG_PART_ONLY, t->msglen, t->msg, &sha256_ctx, hash); hashlen = SHA256_HASH_LENGTH; break; case SHA384: rc = ica_sha384(SHA_MSG_PART_ONLY, t->msglen, t->msg, &sha512_ctx, hash); hashlen = SHA384_HASH_LENGTH; break; case SHA512: rc = ica_sha512(SHA_MSG_PART_ONLY, t->msglen, t->msg, &sha512_ctx, hash); hashlen = SHA512_HASH_LENGTH; break; default: TEST_ERROR("Unknown hash", "ECDSA", i); } if (rc) TEST_ERROR("Hashing failed", "ECDSA", i); deterministic_rng_output = t->k; /* Sign hashed message */ rc = ecdsa_sign_cpacf(t->key, hash, hashlen, sig, deterministic_rng); if (rc) TEST_ERROR("Signing failed", "ECDSA", i); /* Compare signature to expected result */ if (memcmp(sig, t->r, t->siglen) || memcmp(sig + t->siglen, t->s, t->siglen)) { printf("Result R:\n"); dump_array(sig, t->siglen); printf("Correct R:\n"); dump_array((unsigned char *)t->r, t->siglen); printf("Result S:\n"); dump_array(sig + t->siglen, t->siglen); printf("Correct S:\n"); dump_array((unsigned char *)t->s, t->siglen); TEST_ERROR("Wrong signature", "ECDSA", i); } /* Verify signature */ rc = ecdsa_verify_cpacf(t->key, hash, hashlen, sig); if (rc) TEST_ERROR("Verification failed", "ECDSA", i); /* * Try to verify forged signature * (flip random bit in signature) */ rng_gen((unsigned char *)rnd, sizeof(rnd)); sig[rnd[0] % (t->siglen * 2)] ^= (1 << (rnd[1] % 8)); rc = ecdsa_verify_cpacf(t->key, hash, hashlen, sig); if (!rc) TEST_ERROR("Verification expected to fail but" " succeeded", "ECDSA", i); t++; } } static void scalar_mul_test(void) { const unsigned char *base_x, *base_y, *base_u; unsigned char res_x[4096], res_y[4096], res_u[4096], res_u2[4096], res_u3[4096]; const struct scalar_mul_tv *t; const struct scalar_mulx_tv *t2; const struct scalar_mulx_it_tv *t3; const struct scalar_mulx_kex_tv *t4; size_t i, j; int rc; static const unsigned char p256_base_x[] = { 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96 }; static const unsigned char p256_base_y[] = { 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16, 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5 }; static const unsigned char p384_base_x[] = { 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7 }; static const unsigned char p384_base_y[] = { 0x36, 0x17, 0xDE, 0x4A, 0x96, 0x26, 0x2C, 0x6F, 0x5D, 0x9E, 0x98, 0xBF, 0x92, 0x92, 0xDC, 0x29, 0xF8, 0xF4, 0x1D, 0xBD, 0x28, 0x9A, 0x14, 0x7C, 0xE9, 0xDA, 0x31, 0x13, 0xB5, 0xF0, 0xB8, 0xC0, 0x0A, 0x60, 0xB1, 0xCE, 0x1D, 0x7E, 0x81, 0x9D, 0x7A, 0x43, 0x1D, 0x7C, 0x90, 0xEA, 0x0E, 0x5F }; static const unsigned char p521_base_x[] = { 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E, 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66 }; static const unsigned char p521_base_y[] = { 0x01, 0x18, 0x39, 0x29, 0x6A, 0x78, 0x9A, 0x3B, 0xC0, 0x04, 0x5C, 0x8A, 0x5F, 0xB4, 0x2C, 0x7D, 0x1B, 0xD9, 0x98, 0xF5, 0x44, 0x49, 0x57, 0x9B, 0x44, 0x68, 0x17, 0xAF, 0xBD, 0x17, 0x27, 0x3E, 0x66, 0x2C, 0x97, 0xEE, 0x72, 0x99, 0x5E, 0xF4, 0x26, 0x40, 0xC5, 0x50, 0xB9, 0x01, 0x3F, 0xAD, 0x07, 0x61, 0x35, 0x3C, 0x70, 0x86, 0xA2, 0x72, 0xC2, 0x40, 0x88, 0xBE, 0x94, 0x76, 0x9F, 0xD1, 0x66, 0x50 }; static const unsigned char x25519_base_u[] = { 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; static const unsigned char x448_base_u[] = { 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; verbosity_ = 2; t = &SCALAR_MUL_TV[0]; for (i = 0; i < SCALAR_MUL_TV_LEN; i++) { memset(res_x, 0, sizeof(res_x)); memset(res_y, 0, sizeof(res_y)); switch (t->curve_nid) { case NID_X9_62_prime256v1: base_x = p256_base_x; base_y = p256_base_y; break; case NID_secp384r1: base_x = p384_base_x; base_y = p384_base_y; break; case NID_secp521r1: base_x = p521_base_x; base_y = p521_base_y; break; default: TEST_ERROR("Unknown curve", "SCALAR-MUL", i); } rc = scalar_mul_cpacf(res_x, res_y, t->scalar, base_x, base_y, t->curve_nid); if (rc) { TEST_ERROR("Scalar multipication failed", "SCALAR-MUL", i); } if (memcmp(res_x, t->x, t->len)) { printf("Result X:\n"); dump_array(res_x, t->len); printf("Correct X:\n"); dump_array((unsigned char *)t->x, t->len); TEST_ERROR("Scalar multipication calculated wrong X", "SCALAR-MUL", i); } if (memcmp(res_y, t->y, t->len)) { printf("Result Y:\n"); dump_array(res_y, t->len); printf("Correct Y:\n"); dump_array((unsigned char *)t->y, t->len); TEST_ERROR("Scalar multipication calculated wrong X", "SCALAR-MUL", i); } t++; } t2 = &SCALAR_MULX_TV[0]; for (i = 0; i < SCALAR_MULX_TV_LEN; i++) { memset(res_u, 0, sizeof(res_u)); rc = scalar_mulx_cpacf(res_u, t2->scalar, t2->u, t2->curve_nid); if (rc) { TEST_ERROR("Scalar multipication failed", "SCALAR-MULX", i); } if (memcmp(res_u, t2->res_u, t2->len)) { printf("Result U:\n"); dump_array(res_u, t2->len); printf("Correct U:\n"); dump_array((unsigned char *)t2->res_u, t2->len); TEST_ERROR("Scalar multipication calculated wrong U", "SCALAR-MULX", i); } t2++; } t3 = &SCALAR_MULX_IT_TV[0]; for (i = 0; i < SCALAR_MULX_IT_TV_LEN; i++) { memset(res_u, 0, sizeof(res_u)); memset(res_u2, 0, sizeof(res_u2)); memset(res_u3, 0, sizeof(res_u3)); memcpy(res_u, t3->scalar_u, t3->len); memcpy(res_u2, t3->scalar_u, t3->len); for (j = 1; j <= 1000000; j++) { rc = scalar_mulx_cpacf(res_u3, res_u2, res_u, t3->curve_nid); if (rc) { TEST_ERROR("Scalar multipication failed", "SCALAR-MULX-IT-MUL", i); } if (j == 1 && memcmp(res_u3, t3->res_u_it1, t3->len)) { printf("Result U:\n"); dump_array(res_u3, t3->len); printf("Correct U:\n"); dump_array((unsigned char *)t3->res_u_it1, t3->len); TEST_ERROR("Scalar multipication calculated" " wrong U", "SCALAR-MULX-IT-MUL", i); } if (j == 1000 && memcmp(res_u3, t3->res_u_it1000, t3->len)) { printf("Result U:\n"); dump_array(res_u3, t3->len); printf("Correct U:\n"); dump_array((unsigned char *)t3->res_u_it1000, t3->len); TEST_ERROR("Scalar multipication calculated" " wrong U", "SCALAR-MULX-IT-MUL", i); } if (j == 1000000 && memcmp(res_u3, t3->res_u_it1000000, t3->len)) { printf("Result U:\n"); dump_array(res_u3, t3->len); printf("Correct U:\n"); dump_array((unsigned char *) t3->res_u_it1000000, t3->len); TEST_ERROR("Scalar multipication calculated" " wrong U", "SCALAR-MULX-IT-MUL", i); } memcpy(res_u, res_u2, sizeof(res_u)); memcpy(res_u2, res_u3, sizeof(res_u2)); memset(res_u3, 0, sizeof(res_u3)); } t3++; } t4 = &SCALAR_MULX_KEX_TV[0]; for (i = 0; i < SCALAR_MULX_KEX_TV_LEN; i++) { switch (t4->curve_nid) { case NID_X25519: base_u = x25519_base_u; break; case NID_X448: base_u = x448_base_u; break; default: TEST_ERROR("Unknown curve", "SCALAR-MULX-KEX", i); } memset(res_u, 0, sizeof(res_u)); rc = scalar_mulx_cpacf(res_u, t4->a_priv, base_u, t4->curve_nid); if (rc) { TEST_ERROR("Scalar multipication failed", "SCALAR-MULX-KEX", i); } if (memcmp(res_u, t4->a_pub, t4->len)) { printf("Result A's pub:\n"); dump_array(res_u, t4->len); printf("Correct A's pub:\n"); dump_array((unsigned char *)t4->a_pub, t4->len); TEST_ERROR("Wrong public key (A)", "SCALAR-MULX-KEX", i); } memset(res_u, 0, sizeof(res_u)); rc = scalar_mulx_cpacf(res_u, t4->b_priv, base_u, t4->curve_nid); if (rc) { TEST_ERROR("Scalar multipication failed", "SCALARX-KEX", i); } if (memcmp(res_u, t4->b_pub, t4->len)) { printf("Result B's pub:\n"); dump_array(res_u, t4->len); printf("Correct B's pub:\n"); dump_array((unsigned char *)t4->b_pub, t4->len); TEST_ERROR("Wrong public key (B)", "SCALAR-MULX-KEX", i); } memset(res_u, 0, sizeof(res_u)); rc = scalar_mulx_cpacf(res_u, t4->b_priv, t4->a_pub, t4->curve_nid); if (rc) { TEST_ERROR("Scalar multipication failed", "SCALARX-KEX", i); } if (memcmp(res_u, t4->shared_secret, t4->len)) { printf("Result shared secret:\n"); dump_array(res_u, t4->len); printf("Correct shared secret:\n"); dump_array((unsigned char *)t4->shared_secret, t4->len); TEST_ERROR("Wrong shared secret (B's priv * A's pub)", "SCALAR-MULX-KEX", i); } memset(res_u, 0, sizeof(res_u)); rc = scalar_mulx_cpacf(res_u, t4->a_priv, t4->b_pub, t4->curve_nid); if (rc) { TEST_ERROR("Scalar multipication failed", "SCALARX-KEX", i); } if (memcmp(res_u, t4->shared_secret, t4->len)) { printf("Result shared secret:\n"); dump_array(res_u, t4->len); printf("Correct shared secret:\n"); dump_array((unsigned char *)t4->shared_secret, t4->len); TEST_ERROR("Wrong shared secret (A's priv * B's pub)", "SCALAR-MULX-KEX", i); } t4++; } } #endif /* NO_CPACF */ int main(void) { #ifdef NO_CPACF printf("Skipping EC internal test, because CPACF support disabled via config option.\n"); exit(TEST_SKIP); #else if (!msa9_switch) exit(TEST_SKIP); /* test exit on first failure */ scalar_mul_test(); ecdsa_test(); return TEST_SUCC; #endif } #endif libica-4.0.1/src/s390_prng.c000066400000000000000000000204571417716165400154420ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Some parts of this file have been moved from former icalinux.c to this file. * * Authors: Felix Beck * Christian Maaser * * Copyright IBM Corp. 2009, 2011 */ #include #include #include #include #include #include #include #include "ica_api.h" #include "init.h" #include "s390_prng.h" #include "s390_crypto.h" #include "icastats.h" #include "s390_drbg.h" #define STCK_BUFFER 8 /* * State handle for the global ica_drbg instantiation that replaces * the old prng implementation (if available) which feeds * the ica_random_number_generate api, */ ica_drbg_t *ica_drbg_global = ICA_DRBG_NEW_STATE_HANDLE; sem_t semaphore; union zprng_pb_t { unsigned char ch[32]; uint64_t uint; }; /* * Parameter block for the KMC(PRNG) instruction. */ union zprng_pb_t zPRNG_PB = {{0x0F, 0x2B, 0x8E, 0x63, 0x8C, 0x8E, 0xD2, 0x52, 0x64, 0xB7, 0xA0, 0x7B, 0x75, 0x28, 0xB8, 0xF4, 0x75, 0x5F, 0xD2, 0xA6, 0x8D, 0x97, 0x11, 0xFF, 0x49, 0xD8, 0x23, 0xF3, 0x7E, 0x21, 0xEC, 0xA0}}; unsigned int s390_prng_limit = 4096; unsigned long s390_byte_count; #ifndef ICA_FIPS static const char *const PRNG_SEI_LIST[] = {"/dev/hwrng", "/dev/prandom", "/dev/urandom", NULL /* last list element */}; /* Static functions */ static int s390_add_entropy(void); static int s390_prng_sw(unsigned char *output_data, unsigned int output_length); static int s390_prng_hw(unsigned char *random_bytes, unsigned int num_bytes); static int s390_prng_seed(void *srv, unsigned int count); #endif /* ICA_FIPS */ /* Constant */ #define PRNG_BLK_SZ 8 #if defined(NO_CPACF) && defined(ICA_FIPS) /** * Generate random numbers using fips-approved random sources. * /dev/random can be used in fips mode, but not /dev/urandom. */ static int s390_prng_fips(unsigned char *output_data, unsigned int output_length) { const char *const rng_list[] = { "/dev/prandom", "/dev/hwrng", "/dev/random" }; const size_t rng_list_len = sizeof(rng_list) / sizeof(rng_list[0]); size_t priority, status; FILE *fd; for (priority = 0; priority < rng_list_len; priority++) { fd = fopen(rng_list[priority], "r"); if (fd) { status = fread(output_data, output_length, 1, fd); fclose(fd); if (status == 1) return 0; } } return EIO; } #endif int s390_prng_init(void) { int rc = -1; #ifndef ICA_FIPS FILE *handle; int i; unsigned char seed[16]; #endif /* ICA_FIPS */ /* * Create a global ica_drbg instance if sha512 or sha512 drng is * available. However, the old prng is still initialized but * only used as a fallback. */ if (sha512_switch || sha512_drng_switch) { rc = ica_drbg_instantiate(&ica_drbg_global, 256, true, ICA_DRBG_SHA512, (unsigned char *)"GLOBAL INSTANCE", 15); } #ifndef ICA_FIPS /* Old prng code disabled with FIPS built. */ sem_init(&semaphore, 0, 1); rc = ENODEV; for(i = 0; PRNG_SEI_LIST[i] != NULL; i++){ handle = fopen(PRNG_SEI_LIST[i], "r"); if(handle){ rc = fread(seed, sizeof(seed), 1, handle); fclose(handle); if(rc == 1) { rc = s390_prng_seed(seed, sizeof(seed) / sizeof(long long)); break; } else { rc = EIO; } } } /* * If the original seeding failed, we should try to stir in some * entropy anyway (since we already put out a message). */ s390_byte_count = 0; #endif /* ICA_FIPS */ return rc; } #ifndef ICA_FIPS /* * Adds some entropy to the system. * * This is called at the first request for random and again if more than ten * seconds have passed since the last request for random bytes. */ static int s390_add_entropy(void) { FILE *handle; unsigned char entropy[4 * STCK_BUFFER]; unsigned int K; unsigned char seed[32]; int rc; if (!prng_switch) return ENOTSUP; for (K = 0; K < 16; K++) { s390_stckf_hw(entropy + 0 * STCK_BUFFER); s390_stckf_hw(entropy + 1 * STCK_BUFFER); s390_stckf_hw(entropy + 2 * STCK_BUFFER); s390_stckf_hw(entropy + 3 * STCK_BUFFER); if(s390_kmc(0x43, zPRNG_PB.ch, entropy, entropy, sizeof(entropy)) < 0) { return EIO; } memcpy(zPRNG_PB.ch, entropy, sizeof(zPRNG_PB.ch)); } /* Add some additional entropy. */ rc = ENODEV; for(K = 0; PRNG_SEI_LIST[K] != NULL; K++){ handle = fopen(PRNG_SEI_LIST[K], "r"); if(handle){ rc = fread(seed, sizeof(seed), 1, handle); fclose(handle); if(rc == 1) { rc = s390_kmc(0x43, zPRNG_PB.ch, seed, seed, sizeof(seed)); if (rc >= 0) { memcpy(zPRNG_PB.ch, seed, sizeof(seed)); rc = 0; } else { rc = EIO; } break; } else { rc = EIO; } } } return rc; } #endif /* ICA_FIPS */ /* * This is the function that does the heavy lifting. * * It is here that the PRNG is actually done. */ int s390_prng(unsigned char *output_data, unsigned int output_length) { size_t i; int rc = -1; unsigned char *ptr = output_data; if (output_length == 0) return 0; const size_t q = output_length / ICA_DRBG_SHA512->max_no_of_bytes_per_req; const size_t r = output_length % ICA_DRBG_SHA512->max_no_of_bytes_per_req; /* * Try to use the global ica_drbg instantiation. If it does not exist * or it does not work, the old prng code is used. */ if (ica_drbg_global) { for (i = 0; i < q; i++) { rc = ica_drbg_generate(ica_drbg_global, 256, false, NULL, 0, ptr, ICA_DRBG_SHA512->max_no_of_bytes_per_req); if (rc) break; ptr += ICA_DRBG_SHA512->max_no_of_bytes_per_req; } if (r > 0) { rc = ica_drbg_generate(ica_drbg_global, 256, false, NULL, 0, ptr, r); } if (rc == 0) return 0; } #if defined(NO_CPACF) && defined(ICA_FIPS) rc = s390_prng_fips(output_data, output_length); if (rc == 0) stats_increment(ICA_STATS_PRNG, ALGO_SW, ENCRYPT); return rc; #endif #ifndef ICA_FIPS /* Old prng code disabled with FIPS built. */ if (prng_switch) rc = s390_prng_hw(output_data, output_length); if (rc == 0) stats_increment(ICA_STATS_PRNG, ALGO_HW, ENCRYPT); else { rc = s390_prng_sw(output_data, output_length); stats_increment(ICA_STATS_PRNG, ALGO_SW, ENCRYPT); } #endif /* ICA_FIPS */ return rc; } #ifndef ICA_FIPS static int s390_prng_sw(unsigned char *output_data, unsigned int output_length) { FILE *handle = fopen("/dev/urandom", "r"); if (!handle) return ENODEV; if (1 != fread(output_data, output_length, 1, handle)) { fclose(handle); return EIO; } fclose(handle); return 0; } static int s390_prng_hw(unsigned char *random_bytes, unsigned int num_bytes) { unsigned int i, remainder; unsigned char last_dw[STCK_BUFFER]; int rc = -1; rc = 0; sem_wait(&semaphore); /* Add some additional entropy when the byte count is reached.*/ if (s390_byte_count > s390_prng_limit) rc = s390_add_entropy(); if (!rc) { /* The kmc(PRNG) instruction requires a multiple of PRNG_BLK_SZ, so we * will save the remainder and then do a final chunk if we have * non-zero remainder. */ remainder = num_bytes % PRNG_BLK_SZ; num_bytes -= remainder; for (i = 0; i < (num_bytes / STCK_BUFFER); i++) s390_stckf_hw(random_bytes + i * STCK_BUFFER); rc = s390_kmc(S390_CRYPTO_PRNG, zPRNG_PB.ch, random_bytes, random_bytes, num_bytes); if (rc > 0) { s390_byte_count += rc; rc = 0; } // If there was a remainder, we'll use an internal buffer to handle it. if (!rc && remainder) { s390_stckf_hw(last_dw); rc = s390_kmc(S390_CRYPTO_PRNG, zPRNG_PB.ch, last_dw, last_dw, STCK_BUFFER); if (rc > 0) { s390_byte_count += rc; rc = 0; } memcpy(random_bytes + num_bytes, last_dw, remainder); } if (rc < 0) return EIO; else rc = 0; } sem_post(&semaphore); return rc; } /* * This is the function that seeds the random number generator. * SRV is the source randomization value. * count is the number of doublewords (8 bytes) in the SRV.. */ static int s390_prng_seed(void *srv, unsigned int count) { int rc = -1; unsigned int i; if (!prng_switch) return ENOTSUP; // Add entropy using the source randomization value. for (i = 0; i < count; i++) { zPRNG_PB.uint ^= ((uint64_t *)srv)[i]; if ((rc = s390_add_entropy())) break; } // Stir one last time. rc = s390_add_entropy(); return rc; } #endif /* ICA_FIPS */ libica-4.0.1/src/s390_rsa.c000066400000000000000000000701041417716165400152530ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Christian Maaser * * Some parts of the content of this file have been moved from former * icalinux.c to this file. * * Copyright IBM Corp. 2009, 2011 */ #include #include #include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "fips.h" #include "s390_rsa.h" #include "s390_prng.h" #include "s390_crypto.h" #if OPENSSL_VERSION_PREREQ(3, 0) #include #include extern OSSL_LIB_CTX *openssl_libctx; #endif #if defined(NO_SW_FALLBACKS) #define UNUSED(var) ((void)(var)) #endif #ifndef NO_SW_FALLBACKS static unsigned int mod_expo_sw(int arg_length, unsigned char *arg, int exp_length, unsigned char *exp, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX *ctx); static unsigned int mod_mul_sw(int fc_1_length, unsigned char *fc1, int fc_2_length, unsigned char *fc2, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX *ctx); static unsigned int mod_sw(int arg_length, unsigned char *arg, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX *ctx); static unsigned int add_sw(int aug_length, unsigned char *aug, int add_length, unsigned char *add, int *res_length, unsigned char *res, BN_CTX *ctx); static unsigned int mod_sub_sw(int min_length, unsigned char *minu, int sub_length, unsigned char *sub, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX * ctx); static unsigned int mul_sw(int fc_1_length, unsigned char *fc1, int fc_2_length, unsigned char *fc2, int *res_length, unsigned char *res, BN_CTX *ctx); static unsigned int mod_expo_sw(int arg_length, unsigned char *arg, int exp_length, unsigned char *exp, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX *ctx); #endif /* NO_SW_FALLBACKS */ #if !OPENSSL_VERSION_PREREQ(3, 0) RSA* rsa_key_generate(unsigned int modulus_bit_length, unsigned long *public_exponent) { #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return NULL; #endif /* ICA_FIPS */ if (*public_exponent == 0) { do { if (s390_prng((unsigned char*)public_exponent, sizeof(unsigned long)) != 0) return NULL; } while (*public_exponent <= 2 || !(*public_exponent % 2)); } RSA *rsa = RSA_new(); BIGNUM *exp = BN_new(); if (!exp || !rsa) { RSA_free(rsa); BN_free(exp); return NULL; } BN_GENCB *cb = BN_GENCB_new(); if(!cb) { RSA_free(rsa); BN_free(exp); return NULL; } BN_set_word(exp, *public_exponent); BN_GENCB_set_old(cb, NULL, NULL); if (RSA_generate_key_ex(rsa, modulus_bit_length, exp, cb) == 0) { RSA_free(rsa); rsa = NULL; } BN_free(exp); BN_GENCB_free(cb); return rsa; } #else /* openssl 3.0 */ EVP_PKEY* rsa_key_generate(unsigned int modulus_bit_length, unsigned long *public_exponent) { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pctx = NULL; BIGNUM *e = NULL; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return NULL; #endif /* ICA_FIPS */ if (*public_exponent == 0) { do { if (s390_prng((unsigned char*)public_exponent, sizeof(unsigned long)) != 0) return NULL; } while (*public_exponent <= 2 || !(*public_exponent % 2)); } e = BN_bin2bn((const unsigned char *)public_exponent, sizeof(unsigned long), NULL); if (e == NULL) { goto done; } pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); if (pctx == NULL) { goto done; } if (EVP_PKEY_keygen_init(pctx) != 1 || EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, modulus_bit_length) != 1 || EVP_PKEY_CTX_set1_rsa_keygen_pubexp(pctx, e) != 1) { goto done; } if (EVP_PKEY_keygen(pctx, &pkey) != 1) { if (pkey) EVP_PKEY_free(pkey); pkey = NULL; } done: if (pctx != NULL) EVP_PKEY_CTX_free(pctx); if (e != NULL) BN_free(e); return pkey; } #endif /** * @brief Create a RSA modulus/expo key pair * * This function generates and returns a public/private key pair in * modulus/exponent format. A completion code is returned to indicate * success/failure. * @param device_handle * Previously opened device handle. * @param modulus_bit_length * Bit length of modulus to be generated. * @param public_key * Buffer for the public key. On output contains the public key. * @param private_key * Buffer of the private key. On output contains the private key. * * Returns 0 if successful. */ unsigned int rsa_key_generate_mod_expo(ica_adapter_handle_t deviceHandle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_mod_expo_t *private_key) { (void)deviceHandle; /* suppress unused param warning */ int rc = 0; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #if OPENSSL_VERSION_PREREQ(3, 0) if ((fips & ICA_FIPS_MODE) && (modulus_bit_length <= 1024)) return EPERM; #endif #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); #if !OPENSSL_VERSION_PREREQ(3, 0) const BIGNUM *n, *d; RSA *rsa = rsa_key_generate(modulus_bit_length, (unsigned long*)(public_key->exponent + public_key->key_length - sizeof(unsigned long))); if (!rsa) { rc = EFAULT; goto err; } RSA_get0_key(rsa, &n, NULL, &d); #else BIGNUM *n = NULL, *d = NULL; EVP_PKEY *pkey = rsa_key_generate(modulus_bit_length, (unsigned long*)(public_key->exponent + public_key->key_length - sizeof(unsigned long))); if (!pkey) { rc = EFAULT; goto err; } if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &n) || !EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &d)) { rc = EFAULT; goto err; } #endif /* Set key buffers zero to make sure there is no * unneeded junk in between. */ memset(public_key->modulus, 0, public_key->key_length); memset(private_key->modulus, 0, private_key->key_length); memset(private_key->exponent, 0, private_key->key_length); unsigned int bn_length = BN_num_bytes(n); unsigned int offset = 0; if (bn_length < public_key->key_length) offset = public_key->key_length - bn_length; else offset = 0; BN_bn2bin(n, public_key->modulus + offset); memcpy(private_key->modulus, public_key->modulus, public_key->key_length); bn_length = BN_num_bytes(d); if (bn_length < private_key->key_length) offset = private_key->key_length - bn_length; else offset = 0; BN_bn2bin(d, private_key->exponent + offset); err: #if !OPENSSL_VERSION_PREREQ(3, 0) RSA_free(rsa); #else BN_free(n); BN_free(d); EVP_PKEY_free(pkey); #endif END_OPENSSL_LIBCTX(rc); return rc; } /** * This function generates and returns a public/private key pair in CRT format. * * @param device_handle * Previously opened device handle. * @param modulus_bit_length * Bit length of modulus to be generated. * @param public_key * Buffer for the public key. On output contains the public key. * @param private_key * Buffer of the private key. On output contains the private key. * * Returns 0 if successful. */ unsigned int rsa_key_generate_crt(ica_adapter_handle_t deviceHandle, unsigned int modulus_bit_length, ica_rsa_key_mod_expo_t *public_key, ica_rsa_key_crt_t *private_key) { (void)deviceHandle; /* suppress unused param warning */ int rc = 0; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #if OPENSSL_VERSION_PREREQ(3, 0) if ((fips & ICA_FIPS_MODE) && (modulus_bit_length <= 1024)) return EPERM; #endif #endif /* ICA_FIPS */ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc); #if !OPENSSL_VERSION_PREREQ(3, 0) const BIGNUM *n, *p, *q, *dmp1, *dmq1, *iqmp; RSA *rsa = rsa_key_generate(modulus_bit_length, (unsigned long*)(public_key->exponent + public_key->key_length - sizeof(unsigned long))); if (!rsa) { rc = EFAULT; goto err; } RSA_get0_key(rsa, &n, NULL, NULL); RSA_get0_factors(rsa, &p, &q); RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); #else BIGNUM *n = NULL, *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; EVP_PKEY *pkey = rsa_key_generate(modulus_bit_length, (unsigned long*)(public_key->exponent + public_key->key_length - sizeof(unsigned long))); if (!pkey) { rc = EFAULT; goto err; } if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &n) || !EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &p) || !EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &q) || !EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &dmp1) || !EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &dmq1) || !EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &iqmp)) { rc = EFAULT; goto err; } #endif /* Public exponent has already been set, no need to do this here. * For public key, only modulus needs to be set. */ memset(public_key->modulus, 0, public_key->key_length); /* Make sure that key parts are copied to the end of the buffer */ unsigned int offset = 0; unsigned int bn_length = BN_num_bytes(n); if (bn_length < public_key->key_length) offset = public_key->key_length - bn_length; else offset = 0; BN_bn2bin(n, public_key->modulus + offset); memset(private_key->p, 0, (private_key->key_length+1) / 2 + 8); memset(private_key->q, 0, (private_key->key_length+1) / 2); memset(private_key->dp, 0, (private_key->key_length+1) / 2 + 8); memset(private_key->dq, 0, (private_key->key_length+1) / 2); memset(private_key->qInverse, 0, (private_key->key_length+1) / 2 + 8); unsigned int key_part_length = (private_key->key_length+1) / 2; /* We add the "+8" because it is a requirement by the crypto adapters * to have an 8 byte zero pad in the beginning of the fields for: * p, dp, and qInverse. */ /* Copy p into buffer */ bn_length = BN_num_bytes(p); if(bn_length < key_part_length) offset = key_part_length - bn_length; else offset = 0; BN_bn2bin(p, private_key->p + 8 + offset); /* Copy q into buffer */ bn_length = BN_num_bytes(q); if(bn_length < key_part_length) offset = key_part_length - bn_length; else offset = 0; BN_bn2bin(q, private_key->q + offset); /* Copy dp into buffer */ bn_length = BN_num_bytes(dmp1); if(bn_length < key_part_length) offset = key_part_length - bn_length; else offset = 0; BN_bn2bin(dmp1, private_key->dp + 8 + offset); /* Copy dq into buffer */ bn_length = BN_num_bytes(dmq1); if(bn_length < key_part_length) offset = key_part_length - bn_length; else offset = 0; BN_bn2bin(dmq1, private_key->dq + offset); /* Copy qInverse into buffer */ bn_length = BN_num_bytes(iqmp); if(bn_length < key_part_length) offset = key_part_length - bn_length; else offset = 0; BN_bn2bin(iqmp, private_key->qInverse + 8 + offset); err: #if !OPENSSL_VERSION_PREREQ(3, 0) RSA_free(rsa); #else BN_free(n); BN_free(p); BN_free(q); BN_free(dmp1); BN_free(dmq1); BN_free(iqmp); EVP_PKEY_free(pkey); #endif END_OPENSSL_LIBCTX(rc); return rc; } #ifndef NO_SW_FALLBACKS /** * @deprecated Perform a modular muliplication operation in software. */ unsigned int rsa_mod_mult_sw(ica_rsa_modmult_t *pMul) { int rc = 0; BN_CTX *ctx = NULL; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ if ((ctx = BN_CTX_new()) == NULL) { return EFAULT; } rc = mod_mul_sw(pMul->inputdatalength, pMul->inputdata, pMul->inputdatalength, pMul->b_key, pMul->inputdatalength, pMul->n_modulus, (int *)&(pMul->outputdatalength), pMul->outputdata, ctx); BN_CTX_free(ctx); if (rc) rc = EIO; return rc; } /** * Perform a multiprecision modular multiplication using a multiplicand, * multiplier and modulus. */ static unsigned int mod_mul_sw(int fc_1_length, unsigned char *fc1, int fc_2_length, unsigned char *fc2, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX *ctx) { int rc = 0; int ln = 0; int pad = 0; BIGNUM *b_fc1 = NULL; BIGNUM *b_fc2 = NULL; BIGNUM *b_mod = NULL; BIGNUM *b_res = NULL; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BN_CTX_start(ctx); b_fc1 = BN_CTX_get(ctx); b_fc2 = BN_CTX_get(ctx); b_mod = BN_CTX_get(ctx); if ((b_res = BN_CTX_get(ctx)) == NULL) { rc = ENOMEM; goto cleanup; } b_fc1 = BN_bin2bn((const unsigned char *)fc1, fc_1_length, b_fc1); b_fc2 = BN_bin2bn((const unsigned char *)fc2, fc_2_length, b_fc2); b_mod = BN_bin2bn((const unsigned char *)mod, mod_length, b_mod); if (!(BN_mod_mul(b_res, b_fc1, b_fc2, b_mod, ctx))) { goto err; } if ((ln = BN_num_bytes(b_res)) > *res_length) { rc = EIO; goto cleanup; } if (ln) pad = *res_length - ln; ln = BN_bn2bin(b_res,(unsigned char *)(res + pad)); if (pad) memset(res, 0, pad); goto cleanup; err: rc = EIO; cleanup: BN_CTX_end(ctx); return rc; } #endif /* NO_SW_FALLBACKS */ /** * Perform a mod expo operation using a key in modulus/exponent form, in * software. * @param pMex * Address of an ica_rsa_modexpo_t, containing: * input_length - The byte length of the input data * input_data - Pointer to input data * b_key - Pointer to the exponent * n_modulus - Pointer to the modulus * output_length - On input it contains the byte length of the output * buffer. On output it contains the actual byte * length of the output_data * output_data - Pointer to the output buffer * * Returns 0 if successful. */ unsigned int rsa_mod_expo_sw(ica_rsa_modexpo_t *pMex) { #ifdef NO_SW_FALLBACKS UNUSED(pMex); return EPERM; #else int rc = 0; BN_CTX *ctx = NULL; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ if ((ctx = BN_CTX_new()) == NULL) { return EFAULT; } /* check if modulus value > data value */ if ((memcmp(pMex->n_modulus, pMex->inputdata, pMex->inputdatalength)) <= 0) return EINVAL; rc = mod_expo_sw(pMex->inputdatalength, pMex->inputdata, pMex->inputdatalength, pMex->b_key, pMex->inputdatalength, pMex->n_modulus, (int *)&(pMex->outputdatalength), pMex->outputdata, ctx); BN_CTX_free(ctx); if (rc == 1) rc = EIO; return rc; #endif /* NO_SW_FALLBACKS */ } #ifndef NO_SW_FALLBACKS /** * Perform a mod expo operation using a key in modulus/exponent form, in * software. * @param arg_length * The byte length of the input data * @param arg * Pointer to input data * @param exp_length * The byte length of the exponent * @param exp * Pointer to the exponent * @param mod_length * The byte length of the modulus * @param mod * Pointer to the modulus * @param res_length * On input it points to the byte length of the output buffer. On output it * points to the actual byte length of the output_data * @param res * Pointer to the output buffer * @param ctx * Pointer to a BN_CTX * * Returns 0 if successful BN error code if unsuccessful. */ static unsigned int mod_expo_sw(int arg_length, unsigned char *arg, int exp_length, unsigned char *exp, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX *ctx) { int rc = 0; int ln = 0; int pad = 0; BIGNUM *b_arg = NULL; BIGNUM *b_exp = NULL; BIGNUM *b_mod = NULL; BIGNUM *b_res = NULL; BN_CTX *mod_expo_ctx = NULL; int mod_expo_rc = 1; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BN_CTX_start(ctx); b_arg = BN_CTX_get(ctx); b_exp = BN_CTX_get(ctx); b_mod = BN_CTX_get(ctx); if ((b_res = BN_CTX_get(ctx)) == NULL) { rc = ENOMEM; goto cleanup; } b_arg = BN_bin2bn((const unsigned char *)arg, arg_length, b_arg); b_exp = BN_bin2bn((const unsigned char *)exp, exp_length, b_exp); b_mod = BN_bin2bn((const unsigned char *)mod, mod_length, b_mod); // Evidently BN_mod_exp gets a *lot* of temp BN's, so it // needs a context all its own. if ((mod_expo_ctx = BN_CTX_new()) == NULL) { goto err; } mod_expo_rc = BN_mod_exp(b_res, b_arg, b_exp, b_mod, mod_expo_ctx); BN_CTX_free(mod_expo_ctx); if (!(mod_expo_rc)) { goto err; } if ((ln = BN_num_bytes(b_res)) > *res_length) { rc = 1; goto cleanup; } if (ln) pad = *res_length - ln; ln = BN_bn2bin(b_res, (unsigned char *)(res + pad)); if (pad) memset(res, 0, pad); goto cleanup; err: rc = EIO; cleanup: BN_CTX_end(ctx); return rc; } #endif /* NO_SW_FALLBACKS */ /** * Perform a RSA mod expo on input data using a key in CRT format, in software. * * @param pCrt * Address of an ica_rsa_modexpo_crt_t, containing: * input_length: The byte length of the input data. * input_data: Pointer to input data b * output_length: On input it contains the byte length of the output * buffer. On output it contains the actual byte length * of the output_data * output_data: Pointer to the output buffer * bp_key: Pointer to dp * bq_key: Pointer to dq * np_prime: Pointer to p * nq_prime: Pointer to q * u_mult_inv: Pointer to u * * Returns 0 if successful */ unsigned int rsa_crt_sw(ica_rsa_modexpo_crt_t * pCrt) { #ifdef NO_SW_FALLBACKS UNUSED(pCrt); return EPERM; #else int rc = 0; unsigned int long_length = 0; unsigned int short_length = 0; BN_CTX *ctx = NULL; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ short_length = (pCrt->inputdatalength+1) / 2; long_length = short_length + 8; /* Use variable buffer length. Earlier version contained fixed 136byte size for ir buffers. Thus the software fallback should be able to handle keys of bigger size, too. */ unsigned char ir1[long_length]; int ir_1_length = sizeof(ir1); unsigned char ir2[long_length]; int ir_2_length = sizeof(ir2); unsigned char temp[long_length]; int temp_length = sizeof(temp); if ((ctx = BN_CTX_new()) == NULL) { return EFAULT; } memset(ir1, 0, sizeof(ir1)); if ((rc = mod_sw(pCrt->inputdatalength, pCrt->inputdata, long_length, pCrt->np_prime, &ir_1_length, ir1, ctx)) != 0) goto err; memset(temp, 0, sizeof(temp)); if ((rc = mod_expo_sw(ir_1_length, ir1, long_length, pCrt->bp_key, long_length, pCrt->np_prime, &temp_length, temp, ctx)) != 0) goto err; memset(ir1, 0, sizeof(ir1)); memcpy(ir1, temp, temp_length); ir_1_length = temp_length; memset(ir2, 0, sizeof(ir2)); if ((rc = mod_sw(pCrt->inputdatalength, pCrt->inputdata, short_length, pCrt->nq_prime, &ir_2_length, ir2, ctx)) != 0) goto err; temp_length = sizeof(temp); memset(temp, 0, sizeof(temp)); if ((rc = mod_expo_sw(ir_2_length, ir2, short_length, pCrt->bq_key, short_length, pCrt->nq_prime, &temp_length, temp, ctx)) != 0) goto err; memset(ir2, 0, sizeof(ir2)); memcpy(ir2, temp, temp_length); ir_2_length = temp_length; temp_length = sizeof(ir1); if ((rc = mod_sub_sw(ir_1_length, ir1, ir_2_length, ir2, long_length, pCrt->np_prime, &temp_length, ir1, ctx)) != 0) { if (rc != -1) { goto err; } else { if ((unsigned int)ir_2_length > pCrt->outputdatalength) { memcpy(pCrt->outputdata, ir2 + (ir_2_length - pCrt->outputdatalength), pCrt->outputdatalength); } else { if ((unsigned int)ir_2_length < pCrt->outputdatalength) { memset(pCrt->outputdata, 0, (pCrt->outputdatalength - ir_2_length)); memcpy(pCrt->outputdata + (pCrt->outputdatalength - ir_2_length), ir2, ir_2_length); } else { memcpy(pCrt->outputdata, ir2, ir_2_length); } } rc = 0; goto cleanup; } } ir_1_length = temp_length; temp_length = sizeof(temp); memset(temp, 0, sizeof(temp)); if ((rc = mod_mul_sw(ir_1_length, ir1, long_length, pCrt->u_mult_inv, long_length, pCrt->np_prime, &temp_length, temp, ctx)) != 0) goto err; if ((rc = mul_sw(temp_length, temp, short_length, pCrt->nq_prime, (int *)&(pCrt->outputdatalength), pCrt->outputdata, ctx)) != 0) goto err; if ((rc = add_sw(pCrt->outputdatalength, pCrt->outputdata, ir_2_length, ir2, (int *)&(pCrt->outputdatalength), pCrt->outputdata, ctx)) != 0) goto err; goto cleanup; err: rc = EIO; cleanup: BN_CTX_free(ctx); return rc; #endif /* NO_SW_FALLBACKS */ } #ifndef NO_SW_FALLBACKS /** * Perform a 'residue modulo' operation using an argument and a modulus. * @param arg_length The byte length of the input data * @param arg Pointer to input data * @param mod_length The byte length of the modulus * @param mod Pointer to the modulus * @param res_length * On input it points to the byte length of the output buffer. On output it * points to the actual byte length of the output_data. * @param res Pointer to the output buffer * @param ctx Pointer to a BN_CTX * * Returns 0 if successful, BN error code if unsuccessful */ static unsigned int mod_sw(int arg_length, unsigned char *arg, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX *ctx) { int rc = 0; int ln = 0; int pad = 0; BIGNUM *b_arg = NULL; BIGNUM *b_mod = NULL; BIGNUM *b_res = NULL; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BN_CTX_start(ctx); b_arg = BN_CTX_get(ctx); b_mod = BN_CTX_get(ctx); if ((b_res = BN_CTX_get(ctx)) == NULL) { rc = -ENOMEM; goto cleanup; } b_arg = BN_bin2bn((const unsigned char *)arg, arg_length, b_arg); b_mod = BN_bin2bn((const unsigned char *)mod, mod_length, b_mod); if (!(BN_mod(b_res, b_arg, b_mod, ctx))) { goto err; } if ((ln = BN_num_bytes(b_res)) > *res_length) { rc = 1; goto cleanup; } if (ln) pad = *res_length - ln; ln = BN_bn2bin(b_res, (unsigned char *)(res + pad)); if (pad) memset(res, 0, pad); goto cleanup; err: rc = EIO; cleanup: BN_CTX_end(ctx); return rc; } /** * Perform a multiprecision subtraction modulo a modulus using a minuend, * subtrahend and modulus * * @param min_length The byte length of the minuend * @param min Pointer to minuend * @param sub_length The byte length of the subtrahend * @param sub Pointer to the subtrahend * @param mod_length The byte length of the modulus * @param mod The modulus * @param res_length * On input it points to the byte length of the output buffer. On output it * points to the actual byte length of the output_data * @param res Pointer to the output buffer * @param ctx Pointer to a BN_CTX * * Returns 0 if successful, BN error code if unsuccessful * Process: * 1) If the subtrahend exceeds the minuend, use add_sw to * add the modulus to the minuend * 2) Call BN_CTX_get for the minuend, subtrahend & result BN's * 3) Convert the minuend and subtrahend BN's using BN_bin2bn * 4) Call BN_sub * 5) Convert the result from a BN to a string using BN_bn2bin * 6) Call BN_free for the minuend, subtrahend and result BN's */ static unsigned int mod_sub_sw(int min_length, unsigned char *minu, int sub_length, unsigned char *sub, int mod_length, unsigned char *mod, int *res_length, unsigned char *res, BN_CTX * ctx) { int rc = 0; int ln = 0; int pad = 0; int min_size, sub_size, dif_size; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ BIGNUM *b_min = NULL; BIGNUM *b_sub = NULL; BIGNUM *b_mod = NULL; BIGNUM *b_res = NULL; BN_CTX_start(ctx); b_min = BN_CTX_get(ctx); b_sub = BN_CTX_get(ctx); b_mod = BN_CTX_get(ctx); if ((b_res = BN_CTX_get(ctx)) == NULL) { rc = -ENOMEM; goto cleanup; } b_min = BN_bin2bn((const unsigned char *)minu, min_length, b_min); b_sub = BN_bin2bn((const unsigned char *)sub, sub_length, b_sub); b_mod = BN_bin2bn((const unsigned char *)mod, mod_length, b_mod); min_size = BN_num_bytes(b_min); sub_size = BN_num_bytes(b_sub); /* if sub == min, the result is zero, but it's an error */ if (sub_size == min_size) { dif_size = memcmp(sub, minu, sub_length); if (dif_size == 0) { memset(res, 0, *res_length); rc = -1; goto cleanup; } } /* if sub < min, the result is just min - sub */ if ((sub_size < min_size) || ((sub_size == min_size) && (dif_size < 0))) { if (!(BN_sub(b_res, b_min, b_sub))) { goto err; } } else { /* sub > min, so the result is (min + mod) - sub */ if (!(BN_add(b_res, b_min, b_mod))) { goto err; } if (!(BN_sub(b_res, b_res, b_sub))) { goto err; } } if ((ln = BN_num_bytes(b_res)) > *res_length) { rc = 1; goto cleanup; } if (ln) pad = *res_length - ln; ln = BN_bn2bin(b_res, (unsigned char *)(res + pad)); if (pad) memset(res, 0, pad); goto cleanup; err: rc = EIO; cleanup: BN_CTX_end(ctx); return rc; } /** * Perform a multiprecision addition using an augend and addend * @param aug_length The byte length of the augend * @param aug Pointer to augend * @param add_length The byte length of the addend * @param add Pointer to the addend * @param res_length On input it points to the byte length of the output buffer. * On output it points to the actual byte length of the * output_data * @param res Pointer to the output buffer * @param ctx Pointer to a BN_CTX * * Returns 0 if successful, BN error code if unsuccessful * Process: * 1) Call BN_CTX_get for the augend, addend and result BN's * 2) Convert the augend and addend BN's using BN_bin2bn * 3) Call BN_add * 4) Convert the result from a BN to a string using BN_bn2bin * 5) Call BN_free for the augend, addend and result BN's */ static unsigned int add_sw(int aug_length, unsigned char *aug, int add_length, unsigned char *add, int *res_length, unsigned char *res, BN_CTX *ctx) { int rc = 0; int ln = 0; int pad = 0; BIGNUM *b_aug = NULL; BIGNUM *b_add = NULL; BIGNUM *b_res = NULL; BN_CTX_start(ctx); #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ b_aug = BN_CTX_get(ctx); b_add = BN_CTX_get(ctx); if ((b_res = BN_CTX_get(ctx)) == NULL) { rc = -ENOMEM; goto cleanup; } b_aug = BN_bin2bn((const unsigned char *)aug, aug_length, b_aug); b_add = BN_bin2bn((const unsigned char *)add, add_length, b_add); if (!(BN_add(b_res, b_aug, b_add))) { goto err; } if ((ln = BN_num_bytes(b_res)) > *res_length) { rc = 1; goto cleanup; } if (ln) pad = *res_length - ln; ln = BN_bn2bin(b_res, (unsigned char *)(res + pad)); if (pad) memset(res, 0, pad); goto cleanup; err: rc = EIO; cleanup: BN_CTX_end(ctx); return rc; } /** * Perform a multiprecision multiply using a multiplicand and multiplier. * @param fc_1_length The byte length of the multiplicand * @param fc1 Pointer to multiplicand * @param fc_2_length The byte length of the multiplier * @param fc2 Pointer to the multiplier * @param res_length * On input it points to the byte length of the output buffer. On output it * points to the actual byte length of the output_data. * @param res Pointer to the output buffer * @param ctx Pointer to a BN_CTX * * Returns 0 if successful, BN error code if unsuccessful */ static unsigned int mul_sw(int fc_1_length, unsigned char *fc1, int fc_2_length, unsigned char *fc2, int *res_length, unsigned char *res, BN_CTX *ctx) { int rc = 0; int ln = 0; int pad = 0; BIGNUM *b_fc1 = NULL; BIGNUM *b_fc2 = NULL; BIGNUM *b_res = NULL; BN_CTX_start(ctx); #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode())) return EACCES; #endif /* ICA_FIPS */ b_fc1 = BN_CTX_get(ctx); b_fc2 = BN_CTX_get(ctx); if ((b_res = BN_CTX_get(ctx)) == NULL) { rc = -ENOMEM; goto cleanup; } b_fc1 = BN_bin2bn((const unsigned char *)fc1, fc_1_length, b_fc1); b_fc2 = BN_bin2bn((const unsigned char *)fc2, fc_2_length, b_fc2); if (!(BN_mul(b_res, b_fc1, b_fc2, ctx))) { goto err; } if ((ln = BN_num_bytes(b_res)) > *res_length) { rc = 1; goto cleanup; } if (ln) pad = *res_length - ln; ln = BN_bn2bin(b_res, (unsigned char *)(res + pad)); if (pad) memset(res, 0, pad); goto cleanup; err: rc = EIO; cleanup: BN_CTX_end(ctx); return rc; } #endif /* NO_SW_FALLBACKS */ libica-4.0.1/src/s390_sha.c000066400000000000000000000157351417716165400152520ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /** * Authors: Felix Beck * Holger Dengler * Christian Maaser * * Copyright IBM Corp. 2009, 2021 */ #include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "fips.h" #include "s390_crypto.h" #include "s390_sha.h" #include "init.h" #include "icastats.h" int s390_sha1(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length) { int rc = ENODEV; if (sha1_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_1].hash_length, message_part, running_length, NULL, SHA_1); if (rc == 0) stats_increment(ICA_STATS_SHA1, ALGO_HW, ENCRYPT); return rc; } int s390_sha224(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length) { int rc = ENODEV; if (sha256_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_224].hash_length, message_part, running_length, NULL, SHA_224); if (rc == 0) stats_increment(ICA_STATS_SHA224, ALGO_HW, ENCRYPT); return rc; } int s390_sha256(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length) { int rc = ENODEV; if (sha256_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_256].hash_length, message_part, running_length, NULL, SHA_256); if (rc == 0) stats_increment(ICA_STATS_SHA256, ALGO_HW, ENCRYPT); return rc; } int s390_sha384(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha512_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_384].hash_length, message_part, running_length_lo, running_length_hi, SHA_384); if (rc == 0) stats_increment(ICA_STATS_SHA384, ALGO_HW, ENCRYPT); return rc; } int s390_sha512(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha512_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_512].hash_length, message_part, running_length_lo, running_length_hi, SHA_512); if (rc == 0) stats_increment(ICA_STATS_SHA512, ALGO_HW, ENCRYPT); return rc; } int s390_sha512_224(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha512_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_512_224].hash_length, message_part, running_length_lo, running_length_hi, SHA_512_224); if (rc == 0) stats_increment(ICA_STATS_SHA512_224, ALGO_HW, ENCRYPT); return rc; } int s390_sha512_256(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha512_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_512_256].hash_length, message_part, running_length_lo, running_length_hi, SHA_512_256); if (rc == 0) stats_increment(ICA_STATS_SHA512_256, ALGO_HW, ENCRYPT); return rc; } int s390_sha3_224(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length) { int rc = ENODEV; if (sha3_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_3_224].hash_length, message_part, running_length, NULL, SHA_3_224); if (rc == 0) stats_increment(ICA_STATS_SHA3_224, ALGO_HW, ENCRYPT); return rc; } int s390_sha3_256(unsigned char *iv, const unsigned char *input_data, unsigned int input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length) { int rc = ENODEV; if (sha3_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_3_256].hash_length, message_part, running_length, NULL, SHA_3_256); if (rc == 0) stats_increment(ICA_STATS_SHA3_256, ALGO_HW, ENCRYPT); return rc; } int s390_sha3_384(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha3_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_3_384].hash_length, message_part, running_length_lo, running_length_hi, SHA_3_384); if (rc == 0) stats_increment(ICA_STATS_SHA3_384, ALGO_HW, ENCRYPT); return rc; } int s390_sha3_512(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha3_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, sha_constants[SHA_3_512].hash_length, message_part, running_length_lo, running_length_hi, SHA_3_512); if (rc == 0) stats_increment(ICA_STATS_SHA3_512, ALGO_HW, ENCRYPT); return rc; } int s390_shake_128(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int output_length, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha3_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, output_length, message_part, running_length_lo, running_length_hi, SHAKE_128); if (rc == 0) stats_increment(ICA_STATS_SHAKE_128, ALGO_HW, ENCRYPT); return rc; } int s390_shake_256(unsigned char *iv, const unsigned char *input_data, uint64_t input_length, unsigned char *output_data, unsigned int output_length, unsigned int message_part, uint64_t *running_length_lo, uint64_t *running_length_hi) { int rc = ENODEV; if (sha3_switch) rc = s390_sha_hw(iv, input_data, input_length, output_data, output_length, message_part, running_length_lo, running_length_hi, SHAKE_256); if (rc == 0) stats_increment(ICA_STATS_SHAKE_256, ALGO_HW, ENCRYPT); return rc; } libica-4.0.1/src/test_vec.c000066400000000000000000010221771417716165400155340ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Copyright IBM Corp. 2015 */ #include #include #include "ica_api.h" #include "test_vec.h" #ifdef ICA_FIPS const struct rsa_tv RSA_TV[] = { { .n = (unsigned char []){ 0xba, 0xd4, 0x7a, 0x84, 0xc1, 0x78, 0x2e, 0x4d, 0xbd, 0xd9, 0x13, 0xf2, 0xa2, 0x61, 0xfc, 0x8b, 0x65, 0x83, 0x84, 0x12, 0xc6, 0xe4, 0x5a, 0x20, 0x68, 0xed, 0x6d, 0x7f, 0x16, 0xe9, 0xcd, 0xf4, 0x46, 0x2b, 0x39, 0x11, 0x95, 0x63, 0xca, 0xfb, 0x74, 0xb9, 0xcb, 0xf2, 0x5c, 0xfd, 0x54, 0x4b, 0xda, 0xe2, 0x3b, 0xff, 0x0e, 0xbe, 0x7f, 0x64, 0x41, 0x04, 0x2b, 0x7e, 0x10, 0x9b, 0x9a, 0x8a, 0xfa, 0xa0, 0x56, 0x82, 0x1e, 0xf8, 0xef, 0xaa, 0xb2, 0x19, 0xd2, 0x1d, 0x67, 0x63, 0x48, 0x47, 0x85, 0x62, 0x2d, 0x91, 0x8d, 0x39, 0x5a, 0x2a, 0x31, 0xf2, 0xec, 0xe8, 0x38, 0x5a, 0x81, 0x31, 0xe5, 0xff, 0x14, 0x33, 0x14, 0xa8, 0x2e, 0x21, 0xaf, 0xd7, 0x13, 0xba, 0xe8, 0x17, 0xcc, 0x0e, 0xe3, 0x51, 0x4d, 0x48, 0x39, 0x00, 0x7c, 0xcb, 0x55, 0xd6, 0x84, 0x09, 0xc9, 0x7a, 0x18, 0xab, 0x62, 0xfa, 0x6f, 0x9f, 0x89, 0xb3, 0xf9, 0x4a, 0x27, 0x77, 0xc4, 0x7d, 0x61, 0x36, 0x77, 0x5a, 0x56, 0xa9, 0xa0, 0x12, 0x7f, 0x68, 0x24, 0x70, 0xbe, 0xf8, 0x31, 0xfb, 0xec, 0x4b, 0xcd, 0x7b, 0x50, 0x95, 0xa7, 0x82, 0x3f, 0xd7, 0x07, 0x45, 0xd3, 0x7d, 0x1b, 0xf7, 0x2b, 0x63, 0xc4, 0xb1, 0xb4, 0xa3, 0xd0, 0x58, 0x1e, 0x74, 0xbf, 0x9a, 0xde, 0x93, 0xcc, 0x46, 0x14, 0x86, 0x17, 0x55, 0x39, 0x31, 0xa7, 0x9d, 0x92, 0xe9, 0xe4, 0x88, 0xef, 0x47, 0x22, 0x3e, 0xe6, 0xf6, 0xc0, 0x61, 0x88, 0x4b, 0x13, 0xc9, 0x06, 0x5b, 0x59, 0x11, 0x39, 0xde, 0x13, 0xc1, 0xea, 0x29, 0x27, 0x49, 0x1e, 0xd0, 0x0f, 0xb7, 0x93, 0xcd, 0x68, 0xf4, 0x63, 0xf5, 0xf6, 0x4b, 0xaa, 0x53, 0x91, 0x6b, 0x46, 0xc8, 0x18, 0xab, 0x99, 0x70, 0x65, 0x57, 0xa1, 0xc2, 0xd5, 0x0d, 0x23, 0x25, 0x77, 0xd1 }, .p = (unsigned char []){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 8 bytes zero padding */ 0xe7, 0xc9, 0xe4, 0xb3, 0xe5, 0xd7, 0xac, 0x9e, 0x83, 0xbe, 0x08, 0x32, 0x81, 0x05, 0x35, 0x6d, 0xfe, 0xef, 0xe2, 0x22, 0xf2, 0x6c, 0x95, 0x37, 0x8e, 0xff, 0xd2, 0x15, 0x0f, 0xad, 0xf7, 0xba, 0x23, 0xf5, 0xb4, 0x70, 0x5d, 0x82, 0xe4, 0xf1, 0xbc, 0x45, 0x05, 0x70, 0x67, 0xc7, 0xde, 0xf7, 0x3e, 0x21, 0x00, 0xf7, 0x56, 0xee, 0x6d, 0x54, 0x79, 0x65, 0xfa, 0x4f, 0x24, 0xb8, 0x5d, 0x68, 0x86, 0x7f, 0x03, 0xd7, 0xc8, 0x86, 0xd1, 0xdb, 0xcc, 0xa4, 0xc5, 0x89, 0x74, 0x57, 0x01, 0xb3, 0x62, 0xa1, 0xf1, 0x41, 0x7f, 0x47, 0x1d, 0x84, 0x75, 0xb6, 0xb7, 0xa1, 0x6a, 0x4c, 0x48, 0xef, 0x1f, 0x55, 0x6e, 0xdc, 0x3f, 0x0f, 0xf6, 0xba, 0x13, 0xd3, 0x65, 0xd6, 0xe8, 0x27, 0x51, 0xf2, 0x07, 0xd9, 0x11, 0x01, 0xc8, 0xee, 0xa1, 0x01, 0x3c, 0xcd, 0xd9, 0xe1, 0xde, 0x4c, 0x38, 0x7f }, .q = (unsigned char []){ 0xce, 0x58, 0x60, 0x2e, 0x05, 0x1f, 0x0f, 0x46, 0x47, 0xc4, 0xec, 0x57, 0xf6, 0x82, 0xe5, 0x73, 0x7f, 0xc4, 0x82, 0xa8, 0xa1, 0xff, 0xac, 0x90, 0x43, 0xbb, 0xa4, 0xfb, 0xa3, 0x38, 0x7d, 0x7d, 0xd2, 0x15, 0x45, 0x07, 0xaf, 0x1e, 0x28, 0xbd, 0x81, 0xb6, 0x1f, 0xcd, 0xfe, 0x35, 0xf9, 0x73, 0x4e, 0x0d, 0x9b, 0x53, 0x68, 0x2e, 0xc7, 0x85, 0xf1, 0xf6, 0xe6, 0x22, 0x4f, 0x63, 0xd1, 0x0b, 0xf7, 0x84, 0x84, 0xb8, 0x3a, 0x42, 0x54, 0xf3, 0x33, 0xd0, 0xfb, 0x3f, 0x3e, 0x9e, 0x18, 0x34, 0xbe, 0xde, 0x52, 0xe3, 0x07, 0x8a, 0xc2, 0x79, 0xa8, 0x62, 0xfb, 0x90, 0xaf, 0x26, 0x6d, 0x75, 0x91, 0xc8, 0x1f, 0x20, 0xb7, 0x18, 0xd0, 0x7d, 0x51, 0xbf, 0xc2, 0x21, 0xb6, 0x6a, 0x25, 0x40, 0x3b, 0x4a, 0xc1, 0xa6, 0x8d, 0x67, 0x3f, 0xdd, 0x95, 0x9b, 0x01, 0xec, 0xf3, 0xd0, 0xa7, 0xaf }, .e = (unsigned char []){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01 }, .d = (unsigned char []){ 0x40, 0xd6, 0x0f, 0x24, 0xb6, 0x1d, 0x76, 0x78, 0x3d, 0x3b, 0xb1, 0xdc, 0x00, 0xb5, 0x5f, 0x96, 0xa2, 0xa6, 0x86, 0xf5, 0x9b, 0x37, 0x50, 0xfd, 0xb1, 0x5c, 0x40, 0x25, 0x1c, 0x37, 0x0c, 0x65, 0xca, 0xda, 0x22, 0x26, 0x73, 0x81, 0x1b, 0xc6, 0xb3, 0x05, 0xed, 0x7c, 0x90, 0xff, 0xcb, 0x3a, 0xbd, 0xdd, 0xc8, 0x33, 0x66, 0x12, 0xff, 0x13, 0xb4, 0x2a, 0x75, 0xcb, 0x7c, 0x88, 0xfb, 0x93, 0x62, 0x91, 0xb5, 0x23, 0xd8, 0x0a, 0xcc, 0xe5, 0xa0, 0x84, 0x2c, 0x72, 0x4e, 0xd8, 0x5a, 0x13, 0x93, 0xfa, 0xf3, 0xd4, 0x70, 0xbd, 0xa8, 0x08, 0x3f, 0xa8, 0x4d, 0xc5, 0xf3, 0x14, 0x99, 0x84, 0x4f, 0x0c, 0x7c, 0x1e, 0x93, 0xfb, 0x1f, 0x73, 0x4a, 0x5a, 0x29, 0xfb, 0x31, 0xa3, 0x5c, 0x8a, 0x08, 0x22, 0x45, 0x5f, 0x1c, 0x85, 0x0a, 0x49, 0xe8, 0x62, 0x97, 0x14, 0xec, 0x6a, 0x26, 0x57, 0xef, 0xe7, 0x5e, 0xc1, 0xca, 0x6e, 0x62, 0xf9, 0xa3, 0x75, 0x6c, 0x9b, 0x20, 0xb4, 0x85, 0x5b, 0xdc, 0x9a, 0x3a, 0xb5, 0x8c, 0x43, 0xd8, 0xaf, 0x85, 0xb8, 0x37, 0xa7, 0xfd, 0x15, 0xaa, 0x11, 0x49, 0xc1, 0x19, 0xcf, 0xe9, 0x60, 0xc0, 0x5a, 0x9d, 0x4c, 0xea, 0x69, 0xc9, 0xfb, 0x6a, 0x89, 0x71, 0x45, 0x67, 0x48, 0x82, 0xbf, 0x57, 0x24, 0x1d, 0x77, 0xc0, 0x54, 0xdc, 0x4c, 0x94, 0xe8, 0x34, 0x9d, 0x37, 0x62, 0x96, 0x13, 0x7e, 0xb4, 0x21, 0x68, 0x61, 0x59, 0xcb, 0x87, 0x8d, 0x15, 0xd1, 0x71, 0xed, 0xa8, 0x69, 0x28, 0x34, 0xaf, 0xc8, 0x71, 0x98, 0x8f, 0x20, 0x3f, 0xc8, 0x22, 0xc5, 0xdc, 0xee, 0x7f, 0x6c, 0x48, 0xdf, 0x66, 0x3e, 0xa3, 0xdc, 0x75, 0x5e, 0x7d, 0xc0, 0x6a, 0xeb, 0xd4, 0x1d, 0x05, 0xf1, 0xca, 0x28, 0x91, 0xe2, 0x67, 0x97, 0x83, 0x24, 0x4d, 0x06, 0x8f }, .ciphertext = (unsigned char []){ 0x70, 0x99, 0x2c, 0x9d, 0x95, 0xa4, 0x90, 0x8d, 0x2a, 0x94, 0xb3, 0xab, 0x9f, 0xa1, 0xcd, 0x64, 0x3f, 0x12, 0x0e, 0x32, 0x6f, 0x9d, 0x78, 0x08, 0xaf, 0x50, 0xca, 0xc4, 0x2c, 0x4b, 0x0b, 0x4e, 0xeb, 0x7f, 0x0d, 0x4d, 0xf3, 0x03, 0xa5, 0x68, 0xfb, 0xfb, 0x82, 0xb0, 0xf5, 0x83, 0x00, 0xd2, 0x53, 0x57, 0x64, 0x57, 0x21, 0xbb, 0x71, 0x86, 0x1c, 0xaf, 0x81, 0xb2, 0x7a, 0x56, 0x08, 0x2c, 0x80, 0xa1, 0x46, 0x49, 0x9f, 0xb4, 0xea, 0xb5, 0xbd, 0xe4, 0x49, 0x3f, 0x5d, 0x00, 0xf1, 0xa4, 0x37, 0xbb, 0xc3, 0x60, 0xdf, 0xcd, 0x80, 0x56, 0xfe, 0x6b, 0xe1, 0x0e, 0x60, 0x8a, 0xdb, 0x30, 0xb6, 0xc2, 0xf7, 0x65, 0x24, 0x28, 0xb8, 0xd3, 0x2d, 0x36, 0x29, 0x45, 0x98, 0x2a, 0x46, 0x58, 0x5d, 0x21, 0x02, 0xef, 0x79, 0x95, 0xa8, 0xba, 0x6e, 0x8a, 0xd8, 0xfd, 0x16, 0xbd, 0x7a, 0xe8, 0xf5, 0x3c, 0x3d, 0x7f, 0xcf, 0xba, 0x29, 0x0b, 0x57, 0xce, 0x7f, 0x8f, 0x09, 0xc8, 0x28, 0xd6, 0xf2, 0xd3, 0xce, 0x56, 0xf1, 0x31, 0xbd, 0x94, 0x61, 0xe5, 0x66, 0x7e, 0x5b, 0x73, 0xed, 0xac, 0x77, 0xf5, 0x04, 0xda, 0xc4, 0xf2, 0x02, 0xa9, 0x57, 0x0e, 0xb4, 0x51, 0x5b, 0x2b, 0xf5, 0x16, 0x40, 0x7d, 0xb8, 0x31, 0x51, 0x8d, 0xb8, 0xa2, 0x08, 0x3e, 0xc7, 0x01, 0xe8, 0xfd, 0x38, 0x7c, 0x43, 0x0b, 0xb1, 0xa7, 0x2d, 0xec, 0xa5, 0xb4, 0x9d, 0x42, 0x9c, 0xf9, 0xde, 0xb0, 0x9c, 0xc4, 0x51, 0x8d, 0xc5, 0xf5, 0x7c, 0x08, 0x9a, 0xa2, 0xd3, 0x42, 0x0e, 0x56, 0x7e, 0x73, 0x21, 0x02, 0xc2, 0xc9, 0x2b, 0x88, 0xa0, 0x7c, 0x69, 0xd7, 0x09, 0x17, 0x14, 0x0a, 0xb3, 0x82, 0x3c, 0x63, 0xf3, 0x12, 0xd3, 0xf1, 0x1f, 0xa8, 0x7b, 0xa2, 0x9d, 0xa3, 0xc7, 0x22, 0x4b, 0x4f, 0xb4, 0xbc }, .plaintext = (unsigned char []){ 0x7e, 0x65, 0xb9, 0x98, 0xa0, 0x5f, 0x62, 0x6b, 0x02, 0x8c, 0x75, 0xdc, 0x3f, 0xbf, 0x98, 0x96, 0x3d, 0xce, 0x66, 0xd0, 0xf4, 0xc3, 0xae, 0x42, 0x37, 0xcf, 0xf3, 0x04, 0xd8, 0x4d, 0x88, 0x36, 0xcb, 0x6b, 0xad, 0x9a, 0xc8, 0x6f, 0x9d, 0x1b, 0x8a, 0x28, 0xdd, 0x70, 0x40, 0x47, 0x88, 0xb8, 0x69, 0xd2, 0x42, 0x9f, 0x1e, 0xc0, 0x66, 0x3e, 0x51, 0xb7, 0x53, 0xf7, 0x45, 0x1c, 0x6b, 0x46, 0x45, 0xd9, 0x91, 0x26, 0xe4, 0x57, 0xc1, 0xda, 0xc4, 0x95, 0x51, 0xd8, 0x6a, 0x8a, 0x97, 0x4a, 0x31, 0x31, 0xe9, 0xb3, 0x71, 0xd5, 0xc2, 0x14, 0xcc, 0x9f, 0xf2, 0x40, 0xc2, 0x99, 0xbd, 0x0e, 0x62, 0xdb, 0xc7, 0xa9, 0xa2, 0xda, 0xd9, 0xfa, 0x54, 0x04, 0xad, 0xb0, 0x06, 0x32, 0xd3, 0x63, 0x32, 0xd5, 0xbe, 0x61, 0x06, 0xe9, 0xe6, 0xec, 0x81, 0xca, 0xc4, 0x5c, 0xd3, 0x39, 0xcc, 0x87, 0xab, 0xbe, 0x7f, 0x89, 0x43, 0x08, 0x00, 0xe1, 0x6e, 0x03, 0x2a, 0x66, 0x21, 0x0b, 0x25, 0xe9, 0x26, 0xed, 0xa2, 0x43, 0xd9, 0xf0, 0x99, 0x55, 0x49, 0x6d, 0xdb, 0xc7, 0x7e, 0xf7, 0x4f, 0x17, 0xfe, 0xe4, 0x1c, 0x44, 0x35, 0xe7, 0x8b, 0x46, 0x96, 0x5b, 0x71, 0x3d, 0x72, 0xce, 0x8a, 0x31, 0xaf, 0x64, 0x15, 0x38, 0xad, 0xd3, 0x87, 0xfe, 0xdf, 0xd8, 0x8b, 0xb2, 0x2a, 0x42, 0xeb, 0x3b, 0xda, 0x40, 0xf7, 0x2e, 0xca, 0xd9, 0x41, 0xdb, 0xff, 0xdd, 0x47, 0xb3, 0xe7, 0x77, 0x37, 0xda, 0x74, 0x15, 0x53, 0xa4, 0x5b, 0x63, 0x0d, 0x07, 0x0b, 0xcc, 0x52, 0x05, 0x80, 0x4b, 0xf8, 0x0e, 0xe2, 0xd5, 0x16, 0x12, 0x87, 0x5d, 0xbc, 0x47, 0x96, 0x96, 0x00, 0x52, 0xf1, 0x68, 0x7e, 0x00, 0x74, 0x00, 0x7e, 0x6a, 0x33, 0xab, 0x8b, 0x20, 0x85, 0xc0, 0x33, 0xf9, 0x89, 0x2b, 0x6f, 0x74 }, .mod = 2048, .dq = (unsigned char []){ 0xCB, 0x5B, 0x75, 0x8E, 0x65, 0x25, 0xB3, 0x1C, 0x04, 0x67, 0x22, 0xB5, 0x9E, 0x10, 0x6A, 0xA9, 0x65, 0x65, 0xF9, 0x8E, 0xCF, 0xF8, 0xF5, 0xCC, 0x47, 0xB4, 0x8A, 0x68, 0x24, 0xF7, 0xEB, 0x55, 0x30, 0xD2, 0x1D, 0x71, 0xF1, 0x37, 0xBB, 0xD6, 0xE8, 0x1A, 0xE1, 0x45, 0x56, 0x1F, 0x43, 0x74, 0x4B, 0x9C, 0x45, 0x53, 0xF1, 0xFD, 0x08, 0x4E, 0x0D, 0xA4, 0xD2, 0x31, 0x46, 0x24, 0x8D, 0x45, 0x49, 0xEE, 0xA4, 0x0E, 0x1B, 0xFC, 0x7B, 0x54, 0x23, 0xE0, 0xF5, 0x7B, 0xE2, 0xEE, 0x53, 0xD4, 0xC7, 0xB6, 0xBB, 0xE1, 0x5A, 0xF1, 0x79, 0xB0, 0x04, 0x2F, 0x68, 0xD5, 0xB2, 0x88, 0x20, 0xA0, 0x19, 0xC8, 0x2C, 0x45, 0x45, 0xAD, 0x82, 0xEB, 0xBE, 0xC1, 0x49, 0x45, 0x88, 0x4D, 0x1B, 0xE1, 0x2D, 0x8E, 0x03, 0x43, 0x6D, 0x60, 0x30, 0x24, 0xE4, 0xE8, 0x1B, 0x01, 0xB7, 0x58, 0x0F, 0xA9 }, .dp = (unsigned char []){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 8 bytes zero padding */ 0x7A, 0x54, 0x57, 0x5B, 0x8A, 0x86, 0x55, 0x18, 0x23, 0xB7, 0x7B, 0x64, 0x0C, 0x2B, 0xCF, 0x93, 0x09, 0xE5, 0x58, 0x97, 0xD1, 0x11, 0xF5, 0x7E, 0xA8, 0xFD, 0xE2, 0xC6, 0x32, 0xCC, 0x41, 0xDD, 0xFF, 0x74, 0x81, 0x92, 0x7C, 0x07, 0xC5, 0x04, 0xBF, 0xB4, 0x3D, 0xB6, 0xA1, 0x4F, 0x1F, 0x21, 0xA5, 0xAC, 0x8D, 0x71, 0xFC, 0x73, 0x41, 0x48, 0x3F, 0xF9, 0xCE, 0x2D, 0x4E, 0xD7, 0xEE, 0x94, 0x67, 0xC7, 0x49, 0x23, 0xED, 0x35, 0x1A, 0x34, 0xC2, 0xC0, 0x83, 0x70, 0x93, 0xF2, 0x07, 0x77, 0xC1, 0x2A, 0x6E, 0xC5, 0x7E, 0x82, 0xED, 0xD5, 0x26, 0xBB, 0x14, 0x17, 0x20, 0x9E, 0xBA, 0x2F, 0x59, 0x7E, 0x21, 0x50, 0x24, 0x08, 0x2C, 0xD2, 0xEF, 0xFB, 0xB5, 0xD7, 0xC2, 0x16, 0x5E, 0x6D, 0x3A, 0x2F, 0x19, 0x86, 0xB3, 0xA1, 0x1D, 0x60, 0x25, 0xD3, 0x0E, 0x96, 0xE2, 0x57, 0x9F, 0xC9 }, .qinv = (unsigned char []){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 8 bytes zero padding */ 0x17, 0x2B, 0xDA, 0x79, 0xDE, 0x9F, 0xEE, 0x37, 0x61, 0xA3, 0x49, 0xC9, 0x4D, 0x28, 0xA0, 0x24, 0x03, 0xB6, 0x0A, 0xDE, 0x88, 0xC9, 0x26, 0xEB, 0xC6, 0xAF, 0x46, 0x49, 0xBE, 0x73, 0x33, 0x30, 0x72, 0xAB, 0xFE, 0x7B, 0x3E, 0xE4, 0x4C, 0xAF, 0xA9, 0x0C, 0xD0, 0xF7, 0x61, 0xFC, 0xCE, 0x20, 0x35, 0xE5, 0x2E, 0x53, 0x9B, 0x05, 0x29, 0x3C, 0xAC, 0x05, 0x63, 0xED, 0x32, 0x93, 0xB3, 0x9D, 0xB8, 0x9D, 0x53, 0x5E, 0xB8, 0xC5, 0xDE, 0xC9, 0xEF, 0x6B, 0x2F, 0x1D, 0x94, 0x1B, 0x2F, 0xE9, 0xB4, 0x8A, 0xE6, 0xCA, 0x15, 0xCA, 0xC7, 0x08, 0xDA, 0x35, 0xD2, 0xBA, 0x6F, 0x33, 0x31, 0x18, 0x1C, 0xE8, 0x46, 0xED, 0x6D, 0xFA, 0xEF, 0xE5, 0x57, 0x6A, 0x65, 0x01, 0x9C, 0xD7, 0xF7, 0x04, 0xB3, 0xFF, 0xA5, 0x94, 0xCF, 0x41, 0x8B, 0x14, 0xCA, 0x62, 0x02, 0xD0, 0x9E, 0x22, 0x60, 0xE4 }, }, }; const struct des3_ctr_tv DES3_CTR_TV[] = { { .len = 64, .key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, .ctr = { 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff }, .plaintext = (unsigned char []){ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, .ciphertext = (unsigned char []){ 0x17, 0x4d, 0xdf, 0xde, 0x7b, 0xe0, 0x2f, 0xb7, 0x58, 0x49, 0x76, 0xe5, 0x80, 0xbd, 0x49, 0x45, 0x64, 0x3a, 0xe4, 0x42, 0xfe, 0x4c, 0x25, 0xd4, 0x79, 0x74, 0xf0, 0xe6, 0x0b, 0x3d, 0x20, 0xac, 0x04, 0x42, 0xe1, 0x00, 0xe8, 0xd0, 0x35, 0x18, 0xad, 0xf6, 0x44, 0x23, 0x4b, 0xb7, 0x05, 0xf7, 0xf8, 0x3a, 0xf7, 0x9a, 0x8b, 0x62, 0x46, 0x3c, 0x2c, 0xaa, 0x45, 0x77, 0xbe, 0xab, 0x94, 0x80 }, }, }; const struct aes_ctr_tv AES_CTR_TV[] = { { .keylen = AES128_KEYLEN, .len = 64, .key = (unsigned char []){ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, .ctr = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff }, .plaintext = (unsigned char []){ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, .ciphertext = (unsigned char []){ 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26, 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce, 0x98, 0x06, 0xf6, 0x6b, 0x79, 0x70, 0xfd, 0xff, 0x86, 0x17, 0x18, 0x7b, 0xb9, 0xff, 0xfd, 0xff, 0x5a, 0xe4, 0xdf, 0x3e, 0xdb, 0xd5, 0xd3, 0x5e, 0x5b, 0x4f, 0x09, 0x02, 0x0d, 0xb0, 0x3e, 0xab, 0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1, 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee }, }, { .keylen = AES192_KEYLEN, .len = 64, .key = (unsigned char []){ 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, .ctr = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff }, .plaintext = (unsigned char []){ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, .ciphertext = (unsigned char []){ 0x1a, 0xbc, 0x93, 0x24, 0x17, 0x52, 0x1c, 0xa2, 0x4f, 0x2b, 0x04, 0x59, 0xfe, 0x7e, 0x6e, 0x0b, 0x09, 0x03, 0x39, 0xec, 0x0a, 0xa6, 0xfa, 0xef, 0xd5, 0xcc, 0xc2, 0xc6, 0xf4, 0xce, 0x8e, 0x94, 0x1e, 0x36, 0xb2, 0x6b, 0xd1, 0xeb, 0xc6, 0x70, 0xd1, 0xbd, 0x1d, 0x66, 0x56, 0x20, 0xab, 0xf7, 0x4f, 0x78, 0xa7, 0xf6, 0xd2, 0x98, 0x09, 0x58, 0x5a, 0x97, 0xda, 0xec, 0x58, 0xc6, 0xb0, 0x50 }, }, { .keylen = AES256_KEYLEN, .len = 64, .key = (unsigned char []){ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }, .ctr = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff }, .plaintext = (unsigned char []){ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, .ciphertext = (unsigned char []){ 0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5, 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28, 0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a, 0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5, 0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c, 0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d, 0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6, 0x13, 0xc2, 0xdd, 0x08, 0x45, 0x79, 0x41, 0xa6 }, }, }; const struct des3_cmac_tv DES3_CMAC_TV[] = { { .msglen = 32, .maclen = 8, .key = { 0x37, 0xea, 0xe9, 0x8f, 0xf4, 0x2a, 0xfb, 0x25, 0xf2, 0x23, 0x1c, 0x02, 0x8c, 0x29, 0xda, 0x9d, 0xef, 0x3d, 0xa8, 0xd0, 0xc7, 0x7f, 0xbf, 0x45 }, .msg = (unsigned char []){ 0xf2, 0x66, 0xce, 0xc0, 0x1c, 0x5f, 0xc0, 0x8c, 0x0b, 0xda, 0xbc, 0x95, 0x37, 0xbd, 0x1a, 0xa2, 0xdf, 0x9f, 0x2b, 0x8f, 0xfb, 0xe5, 0xcc, 0x94, 0x72, 0x2a, 0x3b, 0xca, 0x8d, 0xe5, 0x29, 0xea }, .mac = (unsigned char []){ 0xb3, 0x80, 0x9c, 0x8b, 0x0e, 0xb9, 0xdd, 0x8d }, .rv = 0, }, { .msglen = 32, .maclen = 8, .key = { 0x13, 0x58, 0xfb, 0x67, 0x15, 0x5e, 0x01, 0x45, 0xd0, 0x2c, 0x54, 0xa1, 0x20, 0x6b, 0x5d, 0x7f, 0x1c, 0x04, 0xba, 0x46, 0xc7, 0x4a, 0x5d, 0x49 }, .msg = (unsigned char []){ 0xe3, 0x8b, 0x4c, 0x3e, 0x7a, 0x82, 0x64, 0x3b, 0xeb, 0x31, 0x92, 0x42, 0x65, 0x55, 0xad, 0x9c, 0x9b, 0x26, 0x20, 0xd6, 0x77, 0x37, 0x3f, 0xc4, 0x0c, 0x9d, 0xdb, 0xc4, 0xcd, 0x53, 0x13, 0x47 }, .mac = (unsigned char []){ 0xb0, 0x00, 0xe2, 0xea, 0x1e, 0xf4, 0x8a, 0x8f }, .rv = EFAULT, }, }; const struct aes_cmac_tv AES_CMAC_TV[] = { { .keylen = AES128_KEYLEN, .msglen = 65, .maclen = 16, .key = (unsigned char []){ 0xd1, 0x49, 0x44, 0x1e, 0x66, 0x7b, 0x24, 0x5d, 0x46, 0x40, 0xe0, 0x4c, 0x53, 0xca, 0x6f, 0x51 }, .msg = (unsigned char []){ 0xcb, 0xb3, 0x47, 0x94, 0xbc, 0x8b, 0xfd, 0xf9, 0x3d, 0x3c, 0x8d, 0x9f, 0x87, 0xec, 0x14, 0x82, 0xb5, 0x16, 0xb4, 0x8b, 0x1e, 0x8a, 0x89, 0xb5, 0xe3, 0xb5, 0xdf, 0x70, 0xc4, 0x23, 0xa2, 0x43, 0x38, 0x42, 0x15, 0xb4, 0xbc, 0x69, 0xc7, 0x6c, 0x6b, 0x18, 0xc4, 0x97, 0xcf, 0x82, 0x08, 0x8a, 0xf7, 0x48, 0x39, 0xa8, 0xc9, 0x88, 0x95, 0x86, 0x9a, 0x16, 0x29, 0x4d, 0xfc, 0x09, 0x43, 0x60, 0xd7 }, .mac = (unsigned char []){ 0x64, 0xf5, 0xe8, 0xdc, 0xe5, 0xc3, 0xe0, 0xf9, 0xcc, 0x22, 0x4e, 0x30, 0x6d, 0xe7, 0x0b, 0x87 }, .rv = 0, }, { .keylen = AES128_KEYLEN, .msglen = 65, .maclen = 16, .key = (unsigned char []){ 0xc2, 0xf5, 0xd4, 0x83, 0x7f, 0x9f, 0x75, 0xfb, 0x44, 0x0c, 0x3b, 0xcc, 0xad, 0x7c, 0x2e, 0x69 }, .msg = (unsigned char []){ 0x6a, 0x84, 0x59, 0x4c, 0x4b, 0x38, 0x65, 0xf0, 0x47, 0xc9, 0x60, 0x38, 0x06, 0x0b, 0x5b, 0x41, 0x3d, 0xb0, 0xd4, 0xe0, 0x81, 0xc6, 0x2e, 0x40, 0x5b, 0x81, 0x5e, 0xcd, 0x9e, 0x3b, 0xe6, 0x51, 0xf8, 0xb9, 0x07, 0x5d, 0xc8, 0xb0, 0x32, 0xeb, 0x2f, 0x87, 0xc1, 0x41, 0x6a, 0x5f, 0xe4, 0x19, 0x5f, 0x51, 0xde, 0xfe, 0x75, 0xf6, 0x71, 0xf9, 0xa9, 0x2d, 0x96, 0x6d, 0xdf, 0x18, 0x72, 0x40, 0x75 }, .mac = (unsigned char []){ 0xdf, 0x8c, 0x8c, 0x61, 0xe8, 0xd6, 0x04, 0xe2, 0x4c, 0x7e, 0x3d, 0x01, 0x15, 0xdb, 0xe8, 0x98 }, .rv = EFAULT, }, { .keylen = AES192_KEYLEN, .msglen = 64, .maclen = 8, .key = (unsigned char []){ 0x20, 0xd2, 0x2c, 0x3b, 0x6a, 0xb3, 0x8c, 0x59, 0x95, 0xe2, 0x2b, 0x34, 0x1f, 0x35, 0x9b, 0xe2, 0x56, 0x16, 0xb2, 0xb8, 0xc7, 0x26, 0x95, 0x10 }, .msg = (unsigned char []){ 0xa1, 0xc0, 0x41, 0xd1, 0xd4, 0xe7, 0xcd, 0x6a, 0x95, 0x3f, 0x2e, 0x48, 0x37, 0xe3, 0xe6, 0x76, 0xed, 0x48, 0x63, 0x3a, 0x2f, 0x15, 0x82, 0x8f, 0x5f, 0x35, 0x51, 0xd5, 0xad, 0x2a, 0x19, 0xc8, 0x38, 0xa4, 0x9c, 0xaf, 0x75, 0x52, 0x9b, 0xd5, 0xd5, 0xf8, 0x9b, 0x3d, 0xa2, 0xc2, 0xe9, 0x92, 0x2a, 0xd8, 0xdc, 0x5d, 0x20, 0x32, 0x5a, 0x7b, 0x3f, 0xae, 0x9d, 0xcd, 0x30, 0x5f, 0x37, 0x31 }, .mac = (unsigned char []){ 0xaa, 0xc4, 0xd4, 0xf4, 0x17, 0x2e, 0x1f, 0x05 }, .rv = 0, }, { .keylen = AES192_KEYLEN, .msglen = 64, .maclen = 8, .key = (unsigned char []){ 0x22, 0xe2, 0x9a, 0xa7, 0x54, 0x7e, 0x5e, 0xd3, 0xa6, 0x46, 0x11, 0xe0, 0x4f, 0x1d, 0x55, 0xf7, 0xa3, 0x97, 0xc1, 0x61, 0x96, 0x69, 0x87, 0x9c }, .msg = (unsigned char []){ 0x77, 0x3b, 0x57, 0x7b, 0x95, 0xe2, 0x9d, 0x36, 0xfb, 0x30, 0x77, 0x9d, 0x2e, 0xa2, 0x3e, 0x2f, 0xfe, 0xd9, 0xe1, 0xb4, 0x6a, 0xed, 0xe4, 0x2b, 0xbe, 0x03, 0xa9, 0x04, 0xfe, 0x22, 0xef, 0x8f, 0x87, 0x42, 0x98, 0xb5, 0xf4, 0xa6, 0xaf, 0xe6, 0x3f, 0x6c, 0xa9, 0x52, 0x28, 0x63, 0xeb, 0x5c, 0xdb, 0x1c, 0x8d, 0x4b, 0xcd, 0x44, 0x5e, 0x43, 0xe7, 0x30, 0x28, 0x75, 0xe6, 0xba, 0x35, 0x92 }, .mac = (unsigned char []){ 0x16, 0xbf, 0x98, 0xc7, 0xa5, 0xde, 0xff, 0x18 }, .rv = EFAULT, }, { .keylen = AES256_KEYLEN, .msglen = 64, .maclen = 8, .key = (unsigned char []){ 0xf7, 0x0b, 0x8a, 0x4e, 0xee, 0x35, 0x18, 0xbb, 0xa0, 0x71, 0xaf, 0x55, 0xf2, 0x5f, 0x7b, 0x69, 0x8a, 0x5b, 0x7d, 0xc8, 0x86, 0x5c, 0xda, 0xca, 0x6d, 0x1c, 0x79, 0x93, 0x65, 0x7a, 0xcc, 0x95 }, .msg = (unsigned char []){ 0x79, 0x5e, 0xe1, 0xaf, 0x75, 0x04, 0x62, 0x1a, 0xac, 0x32, 0x9f, 0x50, 0x81, 0x91, 0x2d, 0xe5, 0x45, 0xfa, 0x11, 0x17, 0x4f, 0x39, 0x79, 0xb1, 0x4f, 0x11, 0xaa, 0x30, 0xdf, 0x81, 0x3a, 0x23, 0x5b, 0x46, 0x7f, 0xd8, 0xf3, 0xa1, 0x47, 0x34, 0xfe, 0x5a, 0xc9, 0xe3, 0x91, 0x05, 0xdc, 0xb2, 0x51, 0x84, 0x67, 0x38, 0x85, 0xcd, 0x19, 0xbc, 0x70, 0xee, 0x5a, 0x53, 0xdd, 0x4e, 0x81, 0x49 }, .mac = (unsigned char []){ 0x93, 0x54, 0x27, 0x34, 0xd6, 0xcd, 0x43, 0xde }, .rv = 0, }, { .keylen = AES256_KEYLEN, .msglen = 64, .maclen = 8, .key = (unsigned char []){ 0x0c, 0x45, 0x6d, 0x19, 0x9a, 0xba, 0xe4, 0x75, 0x87, 0x34, 0xf5, 0x06, 0xc4, 0xe9, 0xcc, 0xdb, 0x76, 0x7e, 0x4f, 0xd1, 0x56, 0xd5, 0xa4, 0x08, 0x57, 0x26, 0xf3, 0x93, 0x8a, 0x51, 0x6d, 0x74 }, .msg = (unsigned char []){ 0x78, 0xf3, 0xbf, 0x56, 0x8f, 0x1c, 0x3f, 0x28, 0x66, 0xef, 0xf8, 0xa2, 0x46, 0xa7, 0x0c, 0xf0, 0xfa, 0xee, 0x4c, 0x30, 0x78, 0xf3, 0xfb, 0x27, 0xc4, 0xbd, 0xd5, 0x33, 0x12, 0xbf, 0x50, 0x81, 0x2b, 0xac, 0x22, 0x80, 0x11, 0x8c, 0x03, 0x96, 0xe6, 0x10, 0xb4, 0x11, 0x0a, 0x22, 0x40, 0x60, 0x84, 0xc1, 0x82, 0x83, 0xa3, 0x0c, 0xe7, 0xc0, 0xe4, 0x9c, 0x76, 0x98, 0x17, 0x17, 0x0d, 0xf9 }, .mac = (unsigned char []){ 0xc4, 0xc5, 0xbe, 0x3c, 0x94, 0xfb, 0x7b, 0x9c }, .rv = EFAULT, }, }; const struct aes_xts_tv AES_XTS_TV[] = { { .len = 256 / 8, .keylen = AES128_KEYLEN, .key1 = (unsigned char []){ 0x78, 0x3a, 0x83, 0xec, 0x52, 0xa2, 0x74, 0x05, 0xdf, 0xf9, 0xde, 0x4c, 0x57, 0xf9, 0xc9, 0x79 }, .key2 = (unsigned char []){ 0xb3, 0x60, 0xb6, 0xa5, 0xdf, 0x88, 0xd6, 0x7e, 0xc1, 0xa0, 0x52, 0xe6, 0xf5, 0x82, 0xa7, 0x17 }, .tweak = { 0x88, 0x6e, 0x97, 0x5b, 0x29, 0xbd, 0xf6, 0xf0, 0xc0, 0x1b, 0xb4, 0x7f, 0x61, 0xf6, 0xf0, 0xf5 }, .plaintext = (unsigned char []){ 0xb0, 0x4d, 0x84, 0xda, 0x85, 0x6b, 0x9a, 0x59, 0xce, 0x2d, 0x62, 0x67, 0x46, 0xf6, 0x89, 0xa8, 0x05, 0x1d, 0xac, 0xd6, 0xbc, 0xe3, 0xb9, 0x90, 0xaa, 0x90, 0x1e, 0x40, 0x30, 0x64, 0x88, 0x79 }, .ciphertext = (unsigned char []){ 0xf9, 0x41, 0x03, 0x9e, 0xba, 0xb8, 0xca, 0xc3, 0x9d, 0x59, 0x24, 0x7c, 0xbb, 0xcb, 0x4d, 0x81, 0x6c, 0x72, 0x6d, 0xae, 0xd1, 0x15, 0x77, 0x69, 0x2c, 0x55, 0xe4, 0xac, 0x6d, 0x3e, 0x68, 0x20 }, }, { .len = 384 / 8, .keylen = AES256_KEYLEN, .key1 = (unsigned char []){ 0x7f, 0xb0, 0x92, 0x2f, 0xce, 0x09, 0xed, 0xdd, 0x36, 0x65, 0xa1, 0x1f, 0x52, 0x35, 0xd5, 0x1e, 0xf7, 0x72, 0x06, 0xa7, 0xde, 0x45, 0x47, 0x75, 0xb6, 0x9d, 0xcc, 0x54, 0x59, 0xac, 0xdb, 0x24 }, .key2 = (unsigned char []){ 0xcc, 0xf0, 0x5c, 0x41, 0x5a, 0xf5, 0xab, 0x8a, 0x06, 0x62, 0x3d, 0x19, 0x8d, 0x5b, 0x91, 0x85, 0x95, 0xa9, 0xdc, 0xaa, 0xf5, 0x39, 0x2e, 0xe7, 0x17, 0xc1, 0x04, 0x7f, 0x2f, 0x08, 0xf6, 0x2b }, .tweak = { 0x8e, 0xa3, 0x63, 0x8b, 0x9d, 0x40, 0x62, 0xf1, 0x69, 0x19, 0x6f, 0xf4, 0x55, 0x5a, 0xd0, 0xaf }, .plaintext = (unsigned char []){ 0xbb, 0xb2, 0x34, 0xdb, 0x01, 0xbe, 0x79, 0xd3, 0xdc, 0x7d, 0xcf, 0x49, 0xbc, 0x53, 0xb8, 0xef, 0xc6, 0x2f, 0xe7, 0x17, 0x94, 0x39, 0x06, 0x1d, 0x73, 0xa6, 0xb2, 0x0e, 0xdb, 0x9b, 0x7d, 0xa0, 0x45, 0x0b, 0x19, 0xf0, 0x20, 0x82, 0x02, 0x09, 0xaf, 0xe0, 0x81, 0x12, 0xae, 0x4a, 0xfd, 0xd3 }, .ciphertext = (unsigned char []){ 0xcb, 0xf6, 0x88, 0x48, 0xc4, 0x20, 0x49, 0xef, 0xb1, 0x46, 0xe2, 0xd1, 0xe4, 0x11, 0x5f, 0x62, 0xe4, 0xfa, 0xa4, 0xef, 0xff, 0x19, 0x8f, 0x1a, 0x0a, 0xa0, 0xc9, 0x8b, 0xa0, 0x2c, 0xc4, 0x4d, 0xa3, 0x76, 0xd7, 0x62, 0xd6, 0x15, 0x1f, 0x23, 0x45, 0x87, 0xbf, 0x12, 0x8b, 0x6a, 0x7f, 0xfa }, }, }; const struct aes_gcm_tv AES_GCM_TV[] = { { .keylen = AES128_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 32 / 8, .key = (unsigned char []){ 0x73, 0xa0, 0xf9, 0xc5, 0xd2, 0x70, 0xf6, 0xcf, 0x41, 0xae, 0x23, 0x1c, 0x4f, 0x5a, 0x8c, 0x66 }, .iv = (unsigned char []){ 0xf7, 0x32, 0xde, 0x5e, 0xcb, 0x76, 0x90, 0xd7, 0x25, 0xad, 0x2a, 0xdd, 0x4c, 0x6d, 0x22, 0xc6, 0x79, 0x74, 0xfd, 0x3b, 0x73, 0x5a, 0x58, 0xf8, 0x5c, 0x2a, 0x4e, 0x03, 0x10, 0x6d, 0xf2, 0x4e, 0x80, 0xaa, 0x85, 0x3f, 0x7c, 0x12, 0xbd, 0xaa, 0xe2, 0x73, 0x80, 0xb3, 0x44, 0x55, 0xb0, 0xfd, 0x14, 0x98, 0x63, 0xb6, 0xb0, 0x62, 0xcc, 0xe5, 0x7b, 0x9b, 0xaf, 0x74, 0x95, 0x1a, 0x10, 0xa3, 0x5a, 0xec, 0x7e, 0x00, 0xf5, 0xc3, 0x81, 0xfe, 0x18, 0x73, 0xdf, 0x48, 0xe6, 0x72, 0x6e, 0x11, 0x85, 0xe3, 0xc9, 0x06, 0xb5, 0x42, 0xf1, 0x3d, 0x60, 0x9d, 0xab, 0x9c, 0xc4, 0xfc, 0xf9, 0xfc, 0xfb, 0xb0, 0x73, 0x11, 0x3d, 0xcd, 0xa0, 0x37, 0x5d, 0xc5, 0x9b, 0x2c, 0x92, 0x88, 0x8c, 0x80, 0x1a, 0x34, 0x8a, 0x79, 0x72, 0x87, 0xca, 0x13, 0xca, 0x73, 0xfc, 0x88, 0x27, 0xda, 0x0e, 0x39 }, .plaintext = NULL, .aad = (unsigned char []){ 0x28, 0x7a, 0x84, 0xad, 0xae, 0x06, 0x17, 0xde, 0x9d, 0xf7, 0x55, 0x2f, 0xd1, 0x18, 0xde, 0x05, 0x6b, 0x17, 0xf5, 0xe5, 0x75, 0x20, 0x39, 0x48, 0xf8, 0xae, 0x11, 0x0e, 0xce, 0x97, 0xb2, 0x1b, 0x09, 0xfd, 0xf0, 0x82, 0xba, 0x30, 0x23, 0x63, 0x7e, 0x29, 0x97, 0x30, 0x29, 0x08, 0xd8, 0x83, 0x0a, 0xf5, 0x8c, 0x4d, 0xd0, 0x9d, 0xc0, 0x76, 0x78, 0xc1, 0xc0, 0xde, 0x31, 0x16, 0x73, 0x8c, 0x20, 0x86, 0x4f, 0xb2, 0x0c, 0xb3, 0xae, 0xe1, 0xfc, 0x65, 0x7d, 0x94, 0xfc, 0xda, 0x10, 0xa2, 0x47, 0xe8, 0x9f, 0x98, 0x99, 0x26, 0x57, 0xb6, 0xee, 0xdf }, .tag = (unsigned char []){ 0x73, 0x9f, 0xf5, 0x69 }, .ciphertext = (unsigned char []){ 0xdb, 0x7c, 0x4e, 0x60, 0x6d, 0xb6, 0xe3, 0xbc, 0x14, 0x7a, 0x9e, 0xec, 0xfc, 0x76, 0x18, 0x2e, 0x66, 0xdd, 0xaa, 0x8e, 0xdb, 0x21, 0x5a, 0x97, 0x9d, 0x58, 0x2c, 0xfc, 0xc8, 0xb0, 0x28, 0x6b, 0x73, 0xdb, 0x6c, 0xbb, 0x18, 0x28, 0x1c, 0xb4, 0xa7, 0x62, 0xd0, 0x32, 0xad, 0x1c, 0x80, 0x16, 0xce, 0xa9, 0x2a }, .rv = EFAULT, }, { .keylen = AES128_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 32 / 8, .key = (unsigned char []){ 0x39, 0xe0, 0xf6, 0xf4, 0x21, 0x8c, 0x54, 0x81, 0x71, 0xfa, 0xb2, 0x72, 0xdf, 0xe0, 0x65, 0x03 }, .iv = (unsigned char []){ 0xe3, 0x90, 0x6e, 0x24, 0x83, 0x91, 0x1f, 0xc3, 0x4d, 0xf8, 0x59, 0xed, 0x45, 0x70, 0xe6, 0x7c, 0x2b, 0xf6, 0x15, 0x83, 0xa9, 0xd3, 0xbe, 0xb7, 0x57, 0x1d, 0xaa, 0x78, 0xd2, 0x5f, 0x26, 0xd1, 0xda, 0xe0, 0xad, 0xfe, 0x47, 0xb4, 0xad, 0x15, 0x6b, 0x73, 0x29, 0x2c, 0xe9, 0x04, 0xc5, 0xab, 0xa4, 0x22, 0x31, 0xec, 0x6b, 0xad, 0x86, 0x4a, 0x51, 0x32, 0x86, 0xac, 0xcd, 0xac, 0x7a, 0xaa, 0xea, 0x2c, 0xc5, 0x6b, 0x8f, 0x35, 0xd7, 0x91, 0x0c, 0x5c, 0xa8, 0x0e, 0x0d, 0xb9, 0xd5, 0xca, 0x57, 0x88, 0x78, 0x20, 0x88, 0x65, 0x28, 0x7f, 0x7b, 0x60, 0x61, 0xc1, 0x1d, 0x14, 0x6d, 0x95, 0x23, 0x28, 0x04, 0xca, 0x35, 0xd5, 0x6e, 0xad, 0x4d, 0xa5, 0xdd, 0x95, 0x0a, 0x16, 0xda, 0xf4, 0xcc, 0x22, 0x13, 0xe2, 0x5f, 0xe0, 0x14, 0x4a, 0x2a, 0xa9, 0x35, 0x73, 0xce, 0x22, 0xe1, 0x6b }, .plaintext = (unsigned char []) { 0x4d, 0x81, 0x76, 0x44, 0x79, 0x42, 0x4b, 0xb7, 0xff, 0x0b, 0x36, 0x1f, 0x2f, 0xef, 0x8d, 0x0e, 0xcc, 0x47, 0xe7, 0xed, 0xdc, 0x4b, 0x98, 0xe7, 0xb3, 0xb6, 0x58, 0x19, 0x26, 0x93, 0x9c, 0x5c, 0xea, 0x8f, 0x58, 0xa6, 0x17, 0x57, 0x74, 0xd4, 0x7e, 0xdf, 0xe4, 0xb8, 0xf3, 0xa6, 0xc0, 0xb9, 0x3b, 0x56, 0x53 }, .aad = (unsigned char []){ 0xbf, 0xb9, 0x37, 0x07, 0x39, 0xdc, 0x3d, 0x0c, 0x5c, 0xc1, 0x68, 0x25, 0xa8, 0xd9, 0x9d, 0x03, 0x69, 0xc3, 0x4c, 0x4b, 0xf0, 0x46, 0x18, 0x33, 0xe3, 0x4d, 0xf8, 0x1a, 0xb3, 0xff, 0xa0, 0xbf, 0x3f, 0x8f, 0xf8, 0xb5, 0xbc, 0xd3, 0x4c, 0x3a, 0xc8, 0xb6, 0xf1, 0xff, 0x35, 0x44, 0x28, 0x24, 0x1a, 0xd7, 0x03, 0x25, 0x34, 0xa3, 0x76, 0x1e, 0x05, 0xae, 0xb6, 0x8c, 0x2b, 0xa0, 0x0f, 0xf6, 0x3f, 0x27, 0xe6, 0x40, 0xf0, 0x01, 0xb6, 0xe7, 0x4e, 0xc9, 0x46, 0xc5, 0x60, 0xf2, 0xcb, 0x17, 0x14, 0xbb, 0x3a, 0xc9, 0x8b, 0xff, 0xc9, 0x92, 0xd6, 0xa2 }, .tag = (unsigned char []){ 0x36, 0x2e, 0x23, 0x7d }, .ciphertext = (unsigned char []){ 0x3c, 0xaf, 0x65, 0xe4, 0xb9, 0x77, 0x3c, 0xee, 0x60, 0xbb, 0x85, 0xf6, 0xc5, 0xa4, 0x4b, 0xeb, 0x7d, 0xd3, 0xdc, 0xb3, 0x35, 0x12, 0xd5, 0x52, 0x48, 0x18, 0x4d, 0x6b, 0x72, 0xc9, 0x80, 0x38, 0xb3, 0xbc, 0xae, 0x17, 0xbe, 0x58, 0xd1, 0x49, 0x28, 0xe6, 0xbb, 0xa9, 0xbf, 0x92, 0x9d, 0x34, 0xf1, 0x0f, 0xfe }, .rv = 0, }, { .keylen = AES192_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 32 / 8, .key = (unsigned char []){ 0xd0, 0x98, 0xb5, 0x67, 0xfa, 0x48, 0x22, 0x5c, 0xbe, 0x27, 0xdb, 0x9f, 0x89, 0xb4, 0xc0, 0x66, 0x57, 0xad, 0xf9, 0x77, 0x3a, 0x3e, 0xa9, 0x60 }, .iv = (unsigned char []){ 0xaf, 0xd3, 0xda, 0x93, 0x10, 0x20, 0x56, 0xe7, 0x6b, 0x72, 0x82, 0x68, 0x51, 0x95, 0x9c, 0x06, 0xb5, 0x8a, 0x74, 0x33, 0x5f, 0x0a, 0x26, 0x4a, 0x7b, 0x24, 0xc7, 0x3f, 0x25, 0x5d, 0xb8, 0x73, 0x8b, 0xc6, 0xbd, 0x00, 0x42, 0xaf, 0x16, 0xe6, 0x1e, 0xbb, 0x64, 0x18, 0x6a, 0x88, 0xf5, 0xdc, 0xb7, 0x40, 0xfb, 0xe5, 0xeb, 0x4c, 0xb9, 0x13, 0xc4, 0xf2, 0xb9, 0x8b, 0x47, 0x24, 0x0c, 0x04, 0xde, 0x7c, 0x8c, 0x3c, 0x41, 0xca, 0x67, 0x93, 0x06, 0xb6, 0xa8, 0x3f, 0x6f, 0xad, 0x7e, 0x33, 0xa6, 0x2f, 0x30, 0x81, 0x6b, 0x6f, 0x1b, 0xde, 0x10, 0x6b, 0x1a, 0x4c, 0xa5, 0x81, 0xef, 0x36, 0x49, 0x04, 0x32, 0xfd, 0x4c, 0x83, 0x61, 0x33, 0x12, 0xdb, 0xd5, 0xd4, 0xc0, 0x3e, 0xf8, 0x83, 0x47, 0x6d, 0x97, 0x65, 0xae, 0xd3, 0xd4, 0x2a, 0xa7, 0x71, 0x67, 0xb7, 0xae, 0xeb, 0xcf, 0x88 }, .plaintext = NULL, .aad = (unsigned char []){ 0x8f, 0xcf, 0xfa, 0x39, 0x5f, 0xc0, 0x11, 0x81, 0xc0, 0xe0, 0xc0, 0x96, 0xa9, 0x8d, 0x40, 0x53, 0x57, 0x08, 0xa3, 0xf7, 0x1c, 0xe4, 0x4d, 0x8b, 0xba, 0xcd, 0xf7, 0xa7, 0xdd, 0x11, 0x9a, 0x50, 0x3a, 0xe5, 0x4b, 0x91, 0xbe, 0x91, 0x7c, 0xd0, 0x31, 0xb3, 0x53, 0x64, 0x31, 0x49, 0x4e, 0xc2, 0x5a, 0x6e, 0x1c, 0x26, 0x5c, 0x79, 0xa2, 0xe8, 0x47, 0x98, 0xe0, 0xca, 0xf1, 0x64, 0xd3, 0x16, 0x33, 0x2c, 0x9a, 0xf2, 0x67, 0x29, 0x3e, 0x1c, 0x06, 0x06, 0xe0, 0xa6, 0x46, 0x1a, 0x59, 0xb4, 0x81, 0xe0, 0x6a, 0x69, 0x79, 0x43, 0x11, 0x76, 0xfe, 0x74 }, .tag = (unsigned char []){ 0x49, 0x5c, 0x55, 0x5d }, .ciphertext = (unsigned char []){ 0x2c, 0x81, 0x49, 0x87, 0xdc, 0x8f, 0xe0, 0x45, 0x6f, 0x17, 0xb3, 0x29, 0x21, 0x1c, 0x29, 0xc2, 0xe5, 0xa3, 0xb5, 0x60, 0x02, 0x80, 0xd4, 0x13, 0x6f, 0x09, 0xa2, 0x88, 0x2a, 0xa1, 0x06, 0x74, 0x2c, 0x55, 0x99, 0xb2, 0xe4, 0xd9, 0x3d, 0xf8, 0x87, 0x71, 0x73, 0x1f, 0x30, 0xfd, 0xbe, 0xf0, 0x7b, 0x46, 0x48 }, .rv = EFAULT, }, { .keylen = AES192_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 32 / 8, .key = (unsigned char []){ 0x89, 0xd9, 0x4a, 0x67, 0x35, 0x35, 0x90, 0x0d, 0x5e, 0xbc, 0x1f, 0x60, 0x1c, 0x03, 0xff, 0xfd, 0xaf, 0xb6, 0x7e, 0xfe, 0xb7, 0xda, 0x1c, 0x0b }, .iv = (unsigned char []){ 0x71, 0x5e, 0xb8, 0x27, 0x88, 0xa7, 0x76, 0x57, 0x52, 0x30, 0x34, 0x6c, 0x7d, 0x7c, 0xbc, 0x20, 0x1f, 0xd7, 0x42, 0xd2, 0x78, 0x16, 0x6b, 0x2d, 0x9f, 0x77, 0xb4, 0x78, 0x64, 0xf6, 0xb9, 0x8e, 0x1e, 0xd1, 0x90, 0x48, 0x0b, 0x4e, 0x4a, 0x79, 0xdc, 0xa0, 0xd9, 0xef, 0xd9, 0xd2, 0x6b, 0x90, 0x10, 0x54, 0x9d, 0x7c, 0x3d, 0x8c, 0x2e, 0xbd, 0x01, 0xf5, 0x59, 0xef, 0xd6, 0xf5, 0x36, 0x1a, 0xb2, 0xfd, 0xab, 0x1f, 0x0c, 0xc7, 0xd0, 0x36, 0x52, 0x8c, 0xcc, 0x80, 0x7e, 0xb4, 0x02, 0xd2, 0x1b, 0x66, 0xa5, 0x2a, 0x8f, 0xf4, 0xaa, 0xb0, 0xd3, 0x37, 0x7a, 0x6b, 0xca, 0x45, 0xcc, 0x9a, 0x58, 0x47, 0x9a, 0x93, 0x98, 0x16, 0xb5, 0x1c, 0x86, 0xc4, 0x45, 0xdc, 0x51, 0xeb, 0xf3, 0x6d, 0x6d, 0x72, 0xdb, 0x7f, 0xe5, 0xf7, 0xf9, 0x0c, 0x13, 0x14, 0x06, 0x4b, 0xc2, 0x29, 0xb6, 0xca }, .plaintext = (unsigned char []) { 0x8f, 0x8b, 0x42, 0xb5, 0x2c, 0xc9, 0xa0, 0x80, 0xe8, 0x4b, 0x48, 0x0e, 0xca, 0x78, 0xd1, 0xb6, 0x74, 0x5c, 0x63, 0x69, 0x4a, 0x70, 0xa3, 0xb4, 0xc1, 0xd4, 0x57, 0xfe, 0xa9, 0x82, 0x1b, 0x63, 0x34, 0x38, 0xa5, 0x11, 0x19, 0xd4, 0x2b, 0xc7, 0x01, 0xa0, 0x5a, 0xb7, 0x55, 0x3f, 0xd4, 0xe6, 0x17, 0x13, 0x64 }, .aad = (unsigned char []){ 0x40, 0x66, 0x52, 0xd7, 0x9e, 0x0f, 0xef, 0x78, 0x1e, 0x5d, 0x74, 0xe9, 0x01, 0x73, 0x60, 0x42, 0x3f, 0x31, 0x8c, 0x95, 0x41, 0x8b, 0xaa, 0x49, 0x8e, 0xe0, 0xc5, 0x0d, 0xad, 0x71, 0xc4, 0xed, 0xaa, 0xe9, 0xbd, 0x6f, 0x57, 0x57, 0x32, 0xb7, 0x36, 0xf2, 0x8d, 0xf1, 0x5e, 0x92, 0x1f, 0x15, 0x0c, 0xab, 0x05, 0x87, 0x25, 0xab, 0xda, 0xa4, 0x23, 0x12, 0x7e, 0x47, 0x12, 0x26, 0xff, 0x0c, 0x53, 0x8c, 0xcd, 0x8e, 0x36, 0x3b, 0x21, 0x58, 0xc0, 0x70, 0x55, 0xc2, 0xaa, 0x97, 0x57, 0x7d, 0xd1, 0xec, 0x19, 0x58, 0x43, 0x49, 0x48, 0xb0, 0x95, 0x0e }, .tag = (unsigned char []){ 0x64, 0x35, 0xff, 0xde }, .ciphertext = (unsigned char []){ 0x12, 0x92, 0xe7, 0xac, 0xb4, 0x8a, 0xb1, 0xda, 0xd5, 0x0f, 0x28, 0x1c, 0x6e, 0xc3, 0x5c, 0x98, 0x00, 0x1d, 0x3d, 0xbf, 0x98, 0x34, 0x28, 0x23, 0x88, 0xaa, 0x43, 0xcd, 0x17, 0x51, 0x1b, 0x65, 0x6e, 0xa7, 0x95, 0x5b, 0x57, 0x61, 0xe4, 0x2f, 0x7a, 0xa6, 0xcb, 0x58, 0xc9, 0xb0, 0x0f, 0xc2, 0x7b, 0x22, 0x4d }, .rv = 0, }, { .keylen = AES256_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 32 / 8, .key = (unsigned char []){ 0xc8, 0x18, 0xc1, 0xa7, 0x53, 0xe7, 0x84, 0x1f, 0x58, 0x43, 0x87, 0xeb, 0x7a, 0x38, 0x1f, 0x99, 0xaf, 0xee, 0x72, 0xf4, 0x63, 0x4b, 0x6d, 0x46, 0xe4, 0xce, 0xad, 0x3d, 0xf2, 0x0b, 0x3b, 0x5a }, .iv = (unsigned char []){ 0xc3, 0x76, 0x0e, 0x41, 0x3d, 0x6c, 0x98, 0x62, 0x81, 0xc2, 0x09, 0xb4, 0xaf, 0xdc, 0x67, 0x4a, 0xea, 0x43, 0xc7, 0xfe, 0xe6, 0x86, 0x3f, 0x80, 0xfe, 0x15, 0x16, 0xcd, 0xb2, 0x1e, 0xe5, 0x6d, 0xb7, 0x73, 0x5b, 0x98, 0xba, 0xe8, 0x14, 0xb6, 0xe1, 0x49, 0x4b, 0x57, 0xda, 0xdd, 0xb4, 0x92, 0xef, 0x08, 0xcf, 0xff, 0x73, 0xcf, 0x58, 0x9f, 0x1d, 0xa9, 0x44, 0xa4, 0x21, 0xe2, 0x49, 0xdd, 0x02, 0xec, 0xc5, 0x91, 0x1a, 0x9a, 0xed, 0x11, 0xd7, 0x87, 0x17, 0xb4, 0xe6, 0xcb, 0x56, 0xbf, 0x77, 0x7f, 0x94, 0x3f, 0xd0, 0xc4, 0x8f, 0x4a, 0xa8, 0xff, 0xdf, 0x5a, 0x12, 0x9e, 0x71, 0x6d, 0xbe, 0xa7, 0x14, 0x39, 0xd0, 0x77, 0xfb, 0x69, 0x3d, 0x0e, 0x29, 0x3a, 0xb2, 0xe1, 0xd5, 0xb9, 0x26, 0xa0, 0x1c, 0xef, 0xe3, 0xe6, 0x88, 0x12, 0xc2, 0x80, 0xd5, 0x65, 0xa5, 0xc5, 0x71, 0x02 }, .plaintext = NULL, .aad = (unsigned char []){ 0x16, 0xbc, 0xa6, 0xec, 0xc8, 0x7f, 0x32, 0xb7, 0x78, 0xed, 0xc9, 0x06, 0xab, 0x86, 0x23, 0xef, 0x37, 0xee, 0x16, 0x70, 0x67, 0x26, 0xa9, 0x8a, 0x23, 0x5a, 0xe5, 0x89, 0xd5, 0x1a, 0x1f, 0x56, 0x1d, 0xc6, 0xfd, 0x30, 0x24, 0x48, 0xf7, 0x08, 0x25, 0x6f, 0xcc, 0x62, 0xec, 0xd4, 0x1b, 0xaa, 0x9e, 0xe3, 0x23, 0x56, 0x42, 0xb0, 0xff, 0x12, 0x47, 0x03, 0xd1, 0x8f, 0xb7, 0x48, 0x63, 0xe7, 0x5a, 0x80, 0x55, 0xc2, 0xc9, 0x7b, 0x49, 0xc6, 0xdc, 0xb0, 0xaa, 0xeb, 0xb6, 0x24, 0x00, 0x32, 0x84, 0x2f, 0xf5, 0xd1, 0xb4, 0x29, 0xa0, 0xa5, 0x1d, 0xd7 }, .tag = (unsigned char []){ 0xfb, 0xaf, 0xce, 0xd4 }, .ciphertext = (unsigned char []){ 0xaa, 0x58, 0x42, 0x8e, 0x79, 0xa7, 0x4a, 0x14, 0x35, 0x9b, 0x89, 0xea, 0x78, 0x62, 0xfe, 0xb1, 0xb7, 0xb7, 0x65, 0x72, 0xe9, 0x57, 0x35, 0x9c, 0x9a, 0x62, 0x85, 0xe2, 0x9a, 0x0f, 0xb4, 0x7a, 0x90, 0xca, 0x7e, 0xe7, 0x1d, 0x41, 0x36, 0x50, 0x23, 0x21, 0xb3, 0x78, 0xe5, 0xa0, 0x4b, 0xb0, 0xc9, 0xeb, 0x5c }, .rv = EFAULT, }, { .keylen = AES256_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 32 / 8, .key = (unsigned char []){ 0xe1, 0x7c, 0x5c, 0xa6, 0x66, 0x29, 0xba, 0xd6, 0x86, 0xd9, 0x83, 0x51, 0x03, 0xf8, 0xcb, 0x28, 0x43, 0xc0, 0x98, 0x0b, 0xc6, 0xef, 0x29, 0x47, 0xea, 0x5c, 0xce, 0xc3, 0x84, 0xa2, 0x55, 0x99 }, .iv = (unsigned char []){ 0x4b, 0x3e, 0xe3, 0x05, 0x78, 0xad, 0x93, 0x88, 0x40, 0x44, 0xdc, 0xff, 0xdf, 0x28, 0x6a, 0x1a, 0xf8, 0xa9, 0xae, 0x27, 0x39, 0xac, 0x13, 0x89, 0x18, 0x89, 0xb0, 0xf9, 0x8a, 0x60, 0xde, 0x71, 0x02, 0xf5, 0x8a, 0xaf, 0xf0, 0xc4, 0x3d, 0x85, 0x0f, 0xf9, 0x79, 0x86, 0x5d, 0xb6, 0xea, 0xb2, 0xd1, 0x7d, 0xb4, 0x1a, 0x12, 0x0e, 0xe5, 0x09, 0xf9, 0xbf, 0x44, 0x66, 0x10, 0xa9, 0x86, 0x35, 0x81, 0xd6, 0xa5, 0x65, 0x83, 0x52, 0x42, 0xf1, 0x11, 0xbe, 0x68, 0x60, 0x33, 0xa7, 0xbb, 0xec, 0x53, 0x28, 0xa8, 0xe3, 0x6b, 0x02, 0xa9, 0x5e, 0xef, 0xf6, 0x18, 0xdc, 0xb2, 0x03, 0x31, 0x9b, 0xc4, 0x61, 0x47, 0xf2, 0x87, 0x03, 0x8b, 0xa3, 0x37, 0x3c, 0xfb, 0xbe, 0xcd, 0x20, 0xbb, 0xaa, 0xc2, 0xdb, 0xf0, 0x0c, 0x1b, 0x26, 0xb6, 0x44, 0x9f, 0xa1, 0xd0, 0x22, 0x1d, 0x5b, 0x35, 0xe6 }, .plaintext = (unsigned char []) { 0x50, 0x46, 0xc7, 0xfe, 0x0d, 0x32, 0x90, 0x52, 0x5b, 0x78, 0x92, 0xbf, 0x19, 0xd6, 0x4c, 0x5d, 0x99, 0x88, 0x1a, 0x3b, 0xfb, 0xb2, 0x1f, 0x00, 0x07, 0xe6, 0x0c, 0xea, 0x99, 0x2d, 0x22, 0x54, 0x9e, 0xce, 0x21, 0x91, 0x21, 0x6b, 0x6c, 0x68, 0x20, 0x28, 0x64, 0x49, 0x2f, 0x1f, 0xd1, 0x5b, 0x89, 0x16, 0xd3 }, .aad = (unsigned char []){ 0x51, 0xc8, 0xaa, 0x89, 0x03, 0x3a, 0x74, 0x8f, 0x0a, 0x63, 0xec, 0x08, 0x95, 0xd5, 0xbf, 0x9d, 0x5f, 0xe2, 0x76, 0x69, 0x9f, 0x2a, 0x04, 0xfc, 0xf5, 0x84, 0xbf, 0x1d, 0xfe, 0x0a, 0x26, 0x7b, 0x81, 0x28, 0xff, 0x38, 0x87, 0x3e, 0x45, 0xf4, 0xf8, 0x53, 0x84, 0x7e, 0x45, 0xa9, 0x95, 0x60, 0x18, 0x6e, 0x08, 0x81, 0xf8, 0xe9, 0xd3, 0xce, 0xcb, 0x93, 0xdb, 0x4a, 0x8c, 0xc8, 0x6c, 0x05, 0xff, 0x44, 0x92, 0x41, 0xf1, 0xe5, 0x65, 0xbe, 0x9a, 0x68, 0xb6, 0x18, 0xa7, 0x01, 0x61, 0x46, 0xdb, 0x62, 0x57, 0x7d, 0xe7, 0xd0, 0x5c, 0x29, 0x5b, 0x7b }, .tag = (unsigned char []){ 0xf9, 0x05, 0xb7, 0xf7 }, .ciphertext = (unsigned char []){ 0xc4, 0xbc, 0x2e, 0x5d, 0xc4, 0xec, 0x97, 0x66, 0x5d, 0x0c, 0xc5, 0x59, 0x7e, 0x4b, 0x18, 0x8e, 0xff, 0x9d, 0x54, 0x79, 0x87, 0x24, 0xfe, 0xf2, 0x8e, 0x93, 0x8b, 0x61, 0x1c, 0x3e, 0x15, 0xfb, 0x32, 0x23, 0xdd, 0x87, 0x91, 0x34, 0x62, 0x4f, 0x2d, 0x07, 0x1e, 0x31, 0xa8, 0xbd, 0x79, 0x8e, 0x94, 0x9d, 0xb5 }, .rv = 0, }, { .keylen = AES256_KEYLEN, .ivlen = 96 / 8, .len = 128 / 8, .aadlen = 128 / 8, .taglen = 104 / 8, .key = (unsigned char []){ 0x57, 0xc2, 0xf2, 0x48, 0x59, 0x89, 0x2c, 0xfd, 0x8c, 0x80, 0xa9, 0xb9, 0xdb, 0xab, 0x4f, 0x78, 0xb2, 0x2b, 0xdd, 0xed, 0xec, 0x57, 0xe0, 0xbd, 0x30, 0xb8, 0xd9, 0x3d, 0xf4, 0xeb, 0x16, 0x74 }, .iv = (unsigned char []){ 0x85, 0x5b, 0x19, 0x8c, 0xc1, 0xd8, 0x57, 0x77, 0x0d, 0xc9, 0xee, 0x93 }, .plaintext = (unsigned char []) { 0xf9, 0x7f, 0x43, 0x2d, 0xb7, 0x61, 0xec, 0xe8, 0xdc, 0x1e, 0x7b, 0xdd, 0x47, 0x6d, 0xc2, 0xef }, .aad = (unsigned char []){ 0xcd, 0x32, 0xfd, 0xa7, 0x6b, 0x12, 0x2c, 0x60, 0x9d, 0x0a, 0xf6, 0x0f, 0x2c, 0x39, 0x2b, 0x8b }, .tag = (unsigned char []){ 0x2b, 0xd9, 0x69, 0xae, 0x43, 0xa2, 0xdb, 0x5b, 0xaf, 0xd7, 0x9e, 0x17, 0x51 }, .ciphertext = (unsigned char []){ 0xe0, 0x7b, 0xa0, 0x42, 0x16, 0xd5, 0x00, 0x99, 0x9a, 0x25, 0xad, 0xd7, 0x10, 0x2c, 0x70, 0x36 }, .rv = 0, }, { .keylen = AES256_KEYLEN, .ivlen = 96 / 8, .len = 128 / 8, .aadlen = 128 / 8, .taglen = 104 / 8, .key = (unsigned char []){ 0xe3, 0xc0, 0x0c, 0xe8, 0x1f, 0xfb, 0xca, 0xcc, 0x56, 0x7a, 0x06, 0x34, 0x28, 0x49, 0x53, 0x86, 0xad, 0x51, 0xae, 0x83, 0x13, 0x22, 0x3a, 0xba, 0xbb, 0x2c, 0x59, 0xa2, 0x2d, 0x35, 0x34, 0x28 }, .iv = (unsigned char []){ 0x91, 0x96, 0xfe, 0x6f, 0x8d, 0x34, 0x1f, 0x69, 0xf8, 0x86, 0x32, 0xff }, .plaintext = (unsigned char []) { 0x54, 0x0c, 0x5d, 0x33, 0xd9, 0x43, 0x96, 0xea, 0xd0, 0x9b, 0x84, 0x56, 0xff, 0x12, 0x73, 0x50 }, .aad = (unsigned char []){ 0x88, 0x0f, 0x98, 0xc2, 0xa0, 0xfb, 0xed, 0x6b, 0xf3, 0xbf, 0xf7, 0x1d, 0xea, 0x42, 0x7f, 0x5f }, .tag = (unsigned char []){ 0x08, 0xfe, 0xad, 0xdb, 0x09, 0x05, 0x9a, 0xce, 0xa8, 0x67, 0xa8, 0xcd, 0xe2 }, .ciphertext = (unsigned char []){ 0xc2, 0x26, 0x0f, 0xc8, 0x37, 0x9d, 0x0f, 0x11, 0xbd, 0x06, 0xe5, 0xd7, 0x44, 0x77, 0xd3, 0xe7 }, .rv = 0, }, { .keylen = AES192_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 128 / 8, .taglen = 96 / 8, .key = (unsigned char []){ 0x37, 0xb3, 0x56, 0x2a, 0x59, 0x12, 0xcc, 0xf6, 0xcb, 0xcc, 0xdd, 0x3f, 0xcf, 0x9d, 0x76, 0x95, 0xfb, 0x8a, 0xf1, 0x08, 0x52, 0xb2, 0x1f, 0x1d }, .iv = (unsigned char []){ 0x2f, 0x59, 0x77, 0xf7, 0x42, 0x65, 0xa0, 0x7e, 0xd8, 0x47, 0xad, 0x27, 0xb5, 0xcb, 0x85, 0xba, 0x25, 0x66, 0xe4, 0x63, 0xb9, 0xc6, 0x15, 0xf8, 0xd5, 0xb1, 0x83, 0xd7, 0xb5, 0x39, 0x35, 0xe2, 0xb5, 0x7f, 0xc7, 0x5e, 0x36, 0x88, 0x10, 0x2d, 0xa0, 0x46, 0x44, 0x29, 0x3c, 0x6c, 0x86, 0xb6, 0xc2, 0x42, 0xc6, 0xcd, 0xaf, 0xb2, 0x91, 0x99, 0xb8, 0x0c, 0x4f, 0x46, 0x53, 0xa1, 0x1b, 0xbb, 0x0a, 0xc3, 0x1e, 0xc1, 0x63, 0x0e, 0x03, 0x2d, 0x39, 0xec, 0x02, 0x83, 0xce, 0x6e, 0xc0, 0x99, 0xb3, 0x32, 0xae, 0x4e, 0x0a, 0xc1, 0x97, 0x67, 0xa1, 0x05, 0x0c, 0x48, 0xef, 0xab, 0xa1, 0xc1, 0xb2, 0xaa, 0xcb, 0xa9, 0x57, 0x0e, 0xcf, 0xbb, 0xed, 0xe4, 0xd2, 0x32, 0x73, 0xd3, 0xd5, 0x18, 0xef, 0x68, 0x59, 0x26, 0xc1, 0x70, 0xe1, 0xed, 0xf0, 0x46, 0x74, 0xc6, 0x22, 0xfe, 0x98, 0x4d }, .plaintext = (unsigned char []) { 0xd0, 0xd8, 0x95, 0xb6, 0xb8, 0x0f, 0x97, 0xe4, 0xa6, 0x09, 0x55, 0x60, 0x94, 0x2d, 0xdb, 0xa4, 0xd7, 0x3c, 0xda, 0xf0, 0x9f, 0xf6, 0xa4, 0x38, 0x1b, 0x5b, 0x03, 0xf4, 0xbd, 0x75, 0x16, 0x49, 0x42, 0x68, 0x66, 0x89, 0xf3, 0xac, 0xc6, 0x2b, 0x02, 0x43, 0x1a, 0x9a, 0xd4, 0x03, 0x5e, 0x3f, 0x8e, 0x20, 0xc6 }, .aad = (unsigned char []){ 0xd0, 0xed, 0xbf, 0x82, 0x83, 0x2c, 0x6f, 0x35, 0x8d, 0xd5, 0x00, 0xb9, 0x79, 0xc1, 0x5f, 0x47 }, .tag = (unsigned char []){ 0xa0, 0xea, 0x4b, 0xbd, 0xc4, 0x9a, 0x10, 0x29, 0x8c, 0x9a, 0x97, 0x3d }, .ciphertext = (unsigned char []){ 0xd3, 0x29, 0xc6, 0x6a, 0x4f, 0x46, 0x0a, 0xe6, 0xf0, 0x5b, 0x0d, 0xfd, 0x2e, 0xb4, 0x47, 0x6c, 0x0f, 0x29, 0x3c, 0x08, 0xce, 0xc5, 0x7e, 0x6d, 0x6a, 0xda, 0xe9, 0x61, 0x14, 0x45, 0xb8, 0x9f, 0x32, 0xb2, 0x3f, 0xdc, 0x5c, 0x1d, 0xd3, 0x3f, 0xa6, 0x2d, 0x19, 0x0f, 0x4b, 0x5b, 0xd8, 0x1f, 0x0e, 0x97, 0xa8 }, .rv = 0, }, { .keylen = AES128_KEYLEN, .ivlen = 96 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 120 / 8, .key = (unsigned char []){ 0x32, 0x66, 0x43, 0x0c, 0x1c, 0xad, 0x19, 0x32, 0x10, 0x13, 0xce, 0xec, 0x77, 0xdc, 0x54, 0x09 }, .iv = (unsigned char []){ 0x44, 0xe3, 0xc6, 0xf6, 0x19, 0xa3, 0x73, 0xc7, 0x97, 0xda, 0x3e, 0x62 }, .plaintext = (unsigned char []) { 0xe7, 0x3c, 0x85, 0x98, 0x26, 0x8b, 0x79, 0xf4, 0x0a, 0x34, 0x14, 0x75, 0xf0, 0x3f, 0xe8, 0x08, 0x56, 0xa6, 0xd9, 0x36, 0xf7, 0xa0, 0x57, 0xa9, 0xec, 0x5b, 0xeb, 0x41, 0x85, 0x34, 0x01, 0x35, 0x83, 0xf3, 0xd9, 0x08, 0x23, 0x59, 0xec, 0xb4, 0x0e, 0x95, 0x76, 0xec, 0x58, 0xcb, 0x5b, 0xfe, 0x28, 0x63, 0xb5 }, .aad = (unsigned char []){ 0x45, 0xee, 0x7d, 0x52, 0xf7, 0xd8, 0x0a, 0x6c, 0x6b, 0x5f, 0xb0, 0xf2, 0x67, 0xd3, 0x06, 0x79, 0xc6, 0xa4, 0xbe, 0x41, 0xe4, 0xc7, 0xd2, 0xcd, 0x43, 0x1c, 0x8d, 0xe7, 0x57, 0x70, 0x10, 0x91, 0xa3, 0x77, 0x6e, 0x40, 0xd5, 0xc9, 0xec, 0xd7, 0xc5, 0x0c, 0xc8, 0x50, 0xef, 0x3a, 0x3f, 0xeb, 0xe4, 0x30, 0xaf, 0x0c, 0xb2, 0xdd, 0xc5, 0x03, 0x3f, 0x5d, 0x68, 0x72, 0x8f, 0xf4, 0xe3, 0x61, 0x37, 0x4c, 0x88, 0xdc, 0x7f, 0x33, 0x38, 0x60, 0x4a, 0xc3, 0x62, 0x8a, 0xe1, 0x2a, 0x13, 0x2b, 0x5f, 0x42, 0x13, 0x13, 0x5c, 0x81, 0x14, 0x0e, 0xc5, 0xbe }, .tag = (unsigned char []){ 0x85, 0x43, 0xd4, 0xe7, 0x20, 0x50, 0xdc, 0x37, 0xc5, 0x85, 0xef, 0xbd, 0xa5, 0xdf, 0x95 }, .ciphertext = (unsigned char []){ 0x6d, 0x1f, 0x6b, 0xc3, 0xd7, 0xba, 0x16, 0xef, 0x28, 0x98, 0x91, 0xee, 0x89, 0x12, 0xae, 0x54, 0xdb, 0xf2, 0xd2, 0xcd, 0x84, 0xff, 0xb8, 0x1b, 0xe5, 0xb9, 0x9c, 0x5a, 0x06, 0x9b, 0xfa, 0xf4, 0xea, 0x50, 0xb3, 0x54, 0xdf, 0x24, 0x35, 0x65, 0x46, 0x2a, 0xba, 0x25, 0xe5, 0x20, 0xa4, 0xdc, 0x71, 0x1b, 0xdb }, .rv = 0, }, { .keylen = AES192_KEYLEN, .ivlen = 8 / 8, .len = 104 / 8, .aadlen = 160 / 8, .taglen = 64 / 8, .key = (unsigned char []){ 0x27, 0xd2, 0x0c, 0x93, 0xe1, 0x2c, 0xa2, 0x1a, 0x59, 0x09, 0x54, 0x25, 0xfc, 0xe8, 0x46, 0xad, 0x45, 0x71, 0x62, 0x8e, 0xce, 0x9f, 0x6b, 0x91 }, .iv = (unsigned char []){ 0x43 }, .plaintext = (unsigned char []) { 0xbb, 0x0f, 0x56, 0x3e, 0x30, 0x33, 0x7f, 0x0c, 0x38, 0x47, 0xdc, 0xe3, 0xd2 }, .aad = (unsigned char []){ 0xcc, 0xca, 0xe3, 0xab, 0x11, 0x6b, 0x5a, 0x3d, 0xfd, 0x8c, 0x8b, 0xf7, 0xd5, 0xe7, 0xb6, 0xa0, 0xa4, 0xcd, 0xb4, 0x0a }, .tag = (unsigned char []){ 0x1a, 0xa6, 0xb6, 0x6a, 0x18, 0xd5, 0x98, 0xe6 }, .ciphertext = (unsigned char []){ 0x2f, 0x83, 0xe6, 0xaa, 0xf6, 0xfb, 0xcd, 0x07, 0x28, 0xcb, 0x99, 0x2a, 0x0d }, .rv = 0, }, { .keylen = AES128_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 128 / 8, .taglen = 112 / 8, .key = (unsigned char []){ 0x49, 0xa4, 0xf6, 0x0c, 0xb3, 0xf4, 0x3f, 0xf3, 0x77, 0xc3, 0x43, 0x64, 0x24, 0x79, 0xd6, 0x4b }, .iv = (unsigned char []){ 0xcb, 0x38, 0x64, 0xdf, 0x26, 0xb1, 0x66, 0xda, 0x4d, 0x1a, 0x32, 0x5d, 0x91, 0xb1, 0xc8, 0x34, 0xf7, 0xe7, 0x8f, 0xf5, 0x44, 0x85, 0x68, 0xdf, 0xdc, 0x96, 0x6d, 0xab, 0x49, 0xe9, 0xf7, 0x73, 0x97, 0xbf, 0xb4, 0xc8, 0x3c, 0xef, 0xaa, 0x9c, 0xaa, 0x64, 0xbe, 0x4d, 0xce, 0x61, 0x0b, 0x26, 0xca, 0xe6, 0xe0, 0x3d, 0x6c, 0xdc, 0xe0, 0x34, 0x5b, 0x6b, 0xd4, 0xcc, 0xa2, 0x27, 0x93, 0xb4, 0x89, 0x4b, 0xe9, 0x50, 0x02, 0x4a, 0xf4, 0x22, 0xa4, 0x85, 0xdb, 0xb0, 0x99, 0xe5, 0xbb, 0x3f, 0x79, 0x2d, 0x8a, 0xed, 0x9c, 0x87, 0xba, 0x9f, 0x0e, 0xa3, 0x75, 0x00, 0x62, 0xcf, 0x9a, 0x8d, 0x7b, 0x88, 0x4e, 0x1f, 0x8e, 0x88, 0x09, 0x74, 0x34, 0x3d, 0x7f, 0x7d, 0x03, 0x26, 0x74, 0x84, 0x86, 0x15, 0x72, 0x59, 0x0b, 0x2f, 0x96, 0x90, 0x6f, 0x0e, 0x76, 0x34, 0xa6, 0x47, 0xcb, 0x79 }, .plaintext = (unsigned char []) { 0xee, 0xda, 0x6c, 0x7c, 0x50, 0x05, 0x61, 0xe6, 0xad, 0xcf, 0x94, 0xb8, 0x45, 0x51, 0xd9, 0xbb, 0xca, 0x36, 0xd7, 0x0a, 0x54, 0x94, 0x9f, 0x3f, 0x96, 0xc9, 0xb3, 0x93, 0x1d, 0xe6, 0x04, 0x07, 0x13, 0x0d, 0xfa, 0xb1, 0x02, 0xcc, 0x26, 0x11, 0x7e, 0x9e, 0xad, 0x80, 0x0c, 0x55, 0x09, 0x18, 0x4f, 0xc9, 0xcf }, .aad = (unsigned char []){ 0xb7, 0x47, 0x07, 0x07, 0xbd, 0x7a, 0xe9, 0xdc, 0x18, 0x1b, 0xb9, 0xd8, 0xaf, 0xb9, 0x59, 0x60 }, .tag = (unsigned char []){ 0x4d, 0xbe, 0x3c, 0xb5, 0x45, 0x58, 0x31, 0x45, 0xe0, 0x89, 0x66, 0xe9, 0x10, 0x90 }, .ciphertext = (unsigned char []){ 0x08, 0xc1, 0xe9, 0x19, 0x6a, 0x22, 0xed, 0x47, 0x90, 0xa6, 0x59, 0x5c, 0x3f, 0xeb, 0x95, 0xe7, 0xd4, 0x8c, 0xb3, 0x5c, 0x0c, 0x1e, 0x57, 0x95, 0x14, 0x83, 0x7b, 0xec, 0xca, 0xaf, 0xf5, 0x52, 0x9d, 0x9f, 0x80, 0x5f, 0xe5, 0x72, 0x25, 0xf9, 0x81, 0x88, 0x90, 0xd9, 0xfb, 0xc9, 0x82, 0xf9, 0x4d, 0x26, 0x48 }, .rv = 0, }, { .keylen = AES256_KEYLEN, .ivlen = 1024 / 8, .len = 408 / 8, .aadlen = 720 / 8, .taglen = 128 / 8, .key = (unsigned char []){ 0x87, 0x1a, 0xd3, 0x7e, 0xeb, 0xc6, 0x84, 0x79, 0x44, 0xf7, 0xe4, 0x2f, 0xff, 0x5a, 0x65, 0xae, 0x62, 0xc5, 0x08, 0x54, 0x48, 0x6f, 0x63, 0xc0, 0x8f, 0x60, 0x80, 0xf8, 0x3c, 0x08, 0xd6, 0x6a }, .iv = (unsigned char []){ 0xf9, 0x1b, 0x2d, 0x31, 0x61, 0x7e, 0x9a, 0x52, 0x04, 0x20, 0x44, 0xf5, 0x70, 0x37, 0xb0, 0x96, 0x47, 0x7d, 0x90, 0xe6, 0xe9, 0xd6, 0xf4, 0x0f, 0x67, 0x62, 0xea, 0x48, 0xfa, 0xc5, 0xa1, 0x82, 0x50, 0x2e, 0xf9, 0x40, 0xd3, 0xd4, 0xc8, 0x6a, 0x48, 0xf7, 0xe7, 0xc2, 0xc8, 0xd6, 0xba, 0x55, 0xdd, 0xb3, 0x27, 0x69, 0xdc, 0xc3, 0x10, 0x10, 0xc0, 0x44, 0xa8, 0x0f, 0xa4, 0x4f, 0x20, 0x1c, 0xd8, 0x72, 0x62, 0x70, 0xd6, 0xf7, 0x0e, 0xd0, 0x13, 0x78, 0xab, 0xe1, 0xd9, 0x34, 0xd4, 0x83, 0x53, 0x6b, 0xa6, 0x08, 0xe7, 0x23, 0x81, 0xfd, 0x15, 0x23, 0x4a, 0xd1, 0x4c, 0x5c, 0x2c, 0xf0, 0x83, 0xc0, 0xd0, 0x70, 0x22, 0x83, 0x42, 0x96, 0x8f, 0xf5, 0xf6, 0x6d, 0x6f, 0x23, 0x95, 0x1c, 0x54, 0xc7, 0xf7, 0x9c, 0x82, 0xe2, 0x36, 0xe5, 0x51, 0x7f, 0x26, 0x4e, 0xaa, 0xc0, 0x93, 0xc5 }, .plaintext = (unsigned char []) { 0x90, 0x89, 0x42, 0x5f, 0x0d, 0x9d, 0x17, 0x51, 0x64, 0x65, 0x99, 0x00, 0x49, 0xf0, 0x1a, 0x2e, 0x8e, 0x5f, 0x91, 0xc2, 0xfa, 0xea, 0x84, 0x68, 0x97, 0x36, 0x06, 0xc1, 0x2b, 0x50, 0x7c, 0xa0, 0x72, 0x81, 0x8b, 0x4f, 0xe2, 0xd6, 0x11, 0x70, 0x96, 0x38, 0xd2, 0x1e, 0x03, 0x4d, 0xbc, 0xdf, 0x47, 0xcf, 0x59 }, .aad = (unsigned char []){ 0xd5, 0xf7, 0xc1, 0xf6, 0x89, 0x65, 0xd9, 0x13, 0xab, 0xc6, 0xbb, 0x01, 0xb3, 0x3d, 0x35, 0xa3, 0x17, 0xa7, 0xfb, 0xe7, 0xba, 0x2e, 0x53, 0xc7, 0x3d, 0x6c, 0x44, 0xab, 0xe1, 0xc2, 0x16, 0x0d, 0x54, 0x5d, 0x26, 0x24, 0xf2, 0x54, 0x50, 0xad, 0x75, 0x13, 0xb2, 0xd3, 0x2f, 0xfa, 0x85, 0x78, 0xc3, 0x0e, 0x96, 0xd7, 0xba, 0x49, 0xb3, 0x63, 0x4d, 0x99, 0xa1, 0x5e, 0xbf, 0xb3, 0x7d, 0xec, 0xd0, 0xf8, 0xef, 0xc3, 0x2a, 0xab, 0x40, 0xa0, 0x59, 0x4b, 0xeb, 0xa0, 0xda, 0xc6, 0xf8, 0xda, 0xa3, 0xac, 0xe9, 0x1b, 0xd0, 0x95, 0x49, 0xa1, 0xf5, 0xe1 }, .tag = (unsigned char []){ 0xcc, 0x4d, 0x95, 0x0b, 0x8c, 0x33, 0x30, 0xf0, 0x48, 0xe3, 0xaa, 0x3e, 0x3c, 0xfb, 0xce, 0x21 }, .ciphertext = (unsigned char []){ 0x02, 0x10, 0x1f, 0x84, 0x82, 0x05, 0x2c, 0xb7, 0x70, 0x68, 0x00, 0xe8, 0x31, 0x0f, 0x5d, 0x44, 0x4d, 0x67, 0x2b, 0x65, 0x59, 0xde, 0x0b, 0x87, 0x92, 0xd7, 0xc6, 0x4c, 0xb1, 0xbc, 0x58, 0x7d, 0xed, 0xd6, 0x31, 0x59, 0x2f, 0xf6, 0xe9, 0xc8, 0xfa, 0x28, 0x89, 0x5d, 0x36, 0x85, 0x9b, 0x97, 0x3a, 0x72, 0x24 }, .rv = 0, }, }; const struct aes_ccm_tv AES_CCM_TV[] = { { .keylen = AES128_KEYLEN, .noncelen = 13, .adatalen = 32, .payloadlen = 24, .taglen = 16, .key = (unsigned char []){ 0x26, 0x51, 0x1f, 0xb5, 0x1f, 0xcf, 0xa7, 0x5c, 0xb4, 0xb4, 0x4d, 0xa7, 0x5a, 0x6e, 0x5a, 0x0e }, .nonce = (unsigned char []){ 0xea, 0x98, 0xec, 0x44, 0xf5, 0xa8, 0x67, 0x15, 0x01, 0x47, 0x83, 0x17, 0x2e }, .adata = (unsigned char []){ 0xe4, 0x69, 0x2b, 0x9f, 0x06, 0xb6, 0x66, 0xc7, 0x45, 0x1b, 0x14, 0x6c, 0x8a, 0xeb, 0x07, 0xa6, 0xe3, 0x0c, 0x62, 0x9d, 0x28, 0x06, 0x5c, 0x3d, 0xde, 0x59, 0x40, 0x32, 0x5b, 0x14, 0xb8, 0x10 }, .payload = (unsigned char []){ 0x4d, 0xa4, 0x0b, 0x80, 0x57, 0x9c, 0x1d, 0x9a, 0x53, 0x09, 0xf7, 0xef, 0xec, 0xb7, 0xc0, 0x59, 0xa2, 0xf9, 0x14, 0x51, 0x1c, 0xa5, 0xfc, 0x10 }, .ciphertext = (unsigned char []){ 0x1b, 0xf0, 0xba, 0x0e, 0xbb, 0x20, 0xd8, 0xed, 0xba, 0x59, 0xf2, 0x9a, 0x93, 0x71, 0x75, 0x0c, 0x9c, 0x71, 0x40, 0x78, 0xf7, 0x3c, 0x33, 0x5d, 0x2f, 0x13, 0x22, 0xac, 0x69, 0xb8, 0x48, 0xb0, 0x01, 0x47, 0x63, 0x23, 0xae, 0xd8, 0x4c, 0x47 }, .rv = 0, }, { .keylen = AES128_KEYLEN, .noncelen = 13, .adatalen = 32, .payloadlen = 24, .taglen = 16, .key = (unsigned char []){ 0x26, 0x51, 0x1f, 0xb5, 0x1f, 0xcf, 0xa7, 0x5c, 0xb4, 0xb4, 0x4d, 0xa7, 0x5a, 0x6e, 0x5a, 0x0e }, .nonce = (unsigned char []){ 0x5a, 0x16, 0xa8, 0x90, 0x2b, 0xd7, 0x0f, 0xa0, 0x6c, 0xfe, 0x18, 0x4c, 0x57 }, .adata = (unsigned char []){ 0x39, 0x9d, 0x6b, 0x06, 0x52, 0x83, 0x64, 0x57, 0xec, 0x4f, 0x70, 0x1f, 0x0d, 0xc0, 0xe5, 0xae, 0xd7, 0x3d, 0x16, 0x58, 0x5d, 0x61, 0xcb, 0x1b, 0xb5, 0xb7, 0xee, 0x82, 0x4f, 0xc2, 0x87, 0xc8 }, .payload = NULL, .ciphertext = (unsigned char []){ 0x9d, 0x99, 0x3b, 0x94, 0x54, 0x76, 0xac, 0xe0, 0xb9, 0xca, 0x93, 0x29, 0x63, 0xac, 0x88, 0x35, 0xe1, 0xbd, 0x02, 0xe8, 0x06, 0x5d, 0xa2, 0xd8, 0x16, 0x78, 0x6c, 0x4d, 0x8c, 0xf1, 0x4c, 0x03, 0xb0, 0x31, 0xff, 0x72, 0x33, 0x11, 0xb3, 0xc4 }, .rv = EFAULT, }, { .keylen = AES192_KEYLEN, .noncelen = 13, .adatalen = 32, .payloadlen = 24, .taglen = 16, .key = (unsigned char []){ 0x26, 0x51, 0x1f, 0xb5, 0x1f, 0xcf, 0xa7, 0x5c, 0xb4, 0xb4, 0x4d, 0xa7, 0x5a, 0x6e, 0x5a, 0x0e, 0xb8, 0xd9, 0xc8, 0xf3, 0xb9, 0x06, 0xf8, 0x86 }, .nonce = (unsigned char []){ 0xea, 0x98, 0xec, 0x44, 0xf5, 0xa8, 0x67, 0x15, 0x01, 0x47, 0x83, 0x17, 0x2e }, .adata = (unsigned char []){ 0xe4, 0x69, 0x2b, 0x9f, 0x06, 0xb6, 0x66, 0xc7, 0x45, 0x1b, 0x14, 0x6c, 0x8a, 0xeb, 0x07, 0xa6, 0xe3, 0x0c, 0x62, 0x9d, 0x28, 0x06, 0x5c, 0x3d, 0xde, 0x59, 0x40, 0x32, 0x5b, 0x14, 0xb8, 0x10 }, .payload = (unsigned char []){ 0x4d, 0xa4, 0x0b, 0x80, 0x57, 0x9c, 0x1d, 0x9a, 0x53, 0x09, 0xf7, 0xef, 0xec, 0xb7, 0xc0, 0x59, 0xa2, 0xf9, 0x14, 0x51, 0x1c, 0xa5, 0xfc, 0x10 }, .ciphertext = (unsigned char []){ 0x30, 0xc1, 0x54, 0xc6, 0x16, 0x94, 0x6e, 0xcc, 0xc2, 0xe2, 0x41, 0xd3, 0x36, 0xad, 0x33, 0x72, 0x09, 0x53, 0xe4, 0x49, 0xa0, 0xe6, 0xb0, 0xf0, 0xdb, 0xf8, 0xe9, 0x46, 0x49, 0x09, 0xbd, 0xf3, 0x37, 0xe4, 0x80, 0x93, 0xc0, 0x82, 0xa1, 0x0b }, .rv = 0, }, { .keylen = AES192_KEYLEN, .noncelen = 13, .adatalen = 32, .payloadlen = 24, .taglen = 16, .key = (unsigned char []){ 0x26, 0x51, 0x1f, 0xb5, 0x1f, 0xcf, 0xa7, 0x5c, 0xb4, 0xb4, 0x4d, 0xa7, 0x5a, 0x6e, 0x5a, 0x0e, 0xb8, 0xd9, 0xc8, 0xf3, 0xb9, 0x06, 0xf8, 0x86 }, .nonce = (unsigned char []){ 0x5a, 0x16, 0xa8, 0x90, 0x2b, 0xd7, 0x0f, 0xa0, 0x6c, 0xfe, 0x18, 0x4c, 0x57 }, .adata = (unsigned char []){ 0x39, 0x9d, 0x6b, 0x06, 0x52, 0x83, 0x64, 0x57, 0xec, 0x4f, 0x70, 0x1f, 0x0d, 0xc0, 0xe5, 0xae, 0xd7, 0x3d, 0x16, 0x58, 0x5d, 0x61, 0xcb, 0x1b, 0xb5, 0xb7, 0xee, 0x82, 0x4f, 0xc2, 0x87, 0xc8 }, .payload = NULL, .ciphertext = (unsigned char []){ 0x0c, 0x95, 0xb6, 0x92, 0xb0, 0x7b, 0x39, 0x03, 0x9b, 0x40, 0xc8, 0x0c, 0xf5, 0x2f, 0xf7, 0x16, 0x08, 0xae, 0x87, 0xc9, 0x73, 0xac, 0x9c, 0xcb, 0x88, 0xbb, 0xa8, 0xf2, 0x04, 0xbb, 0x98, 0xb1, 0x7c, 0xb3, 0xc8, 0x64, 0x4e, 0x47, 0x2b, 0x1e }, .rv = EFAULT, }, { .keylen = AES256_KEYLEN, .noncelen = 13, .adatalen = 32, .payloadlen = 24, .taglen = 16, .key = (unsigned char []){ 0x31, 0x4a, 0x20, 0x2f, 0x83, 0x6f, 0x9f, 0x25, 0x7e, 0x22, 0xd8, 0xc1, 0x17, 0x57, 0x83, 0x2a, 0xe5, 0x13, 0x1d, 0x35, 0x7a, 0x72, 0xdf, 0x88, 0xf3, 0xef, 0xf0, 0xff, 0xce, 0xe0, 0xda, 0x4e }, .nonce = (unsigned char []){ 0x35, 0x42, 0xfb, 0xe0, 0xf5, 0x9a, 0x6d, 0x5f, 0x3a, 0xbf, 0x61, 0x9b, 0x7d }, .adata = (unsigned char []){ 0xdd, 0x45, 0x31, 0xf1, 0x58, 0xa2, 0xfa, 0x3b, 0xc8, 0xa3, 0x39, 0xf7, 0x70, 0x59, 0x50, 0x48, 0xf4, 0xa4, 0x2b, 0xc1, 0xb0, 0x3f, 0x2e, 0x82, 0x4e, 0xfc, 0x6b, 0xa4, 0x98, 0x51, 0x19, 0xd8 }, .payload = (unsigned char []){ 0xc5, 0xb3, 0xd7, 0x13, 0x12, 0xea, 0x14, 0xf2, 0xf8, 0xfa, 0xe5, 0xbd, 0x1a, 0x45, 0x31, 0x92, 0xb6, 0x60, 0x4a, 0x45, 0xdb, 0x75, 0xc5, 0xed }, .ciphertext = (unsigned char []){ 0x39, 0xc2, 0xe8, 0xf6, 0xed, 0xfe, 0x66, 0x3b, 0x90, 0x96, 0x3b, 0x98, 0xeb, 0x79, 0xe2, 0xd4, 0xf7, 0xf2, 0x8a, 0x50, 0x53, 0xae, 0x88, 0x81, 0x56, 0x7a, 0x6b, 0x44, 0x26, 0xf1, 0x66, 0x71, 0x36, 0xbe, 0xd4, 0xa5, 0xe3, 0x2a, 0x2b, 0xc1 }, .rv = 0, }, { .keylen = AES256_KEYLEN, .noncelen = 13, .adatalen = 32, .payloadlen = 24, .taglen = 16, .key = (unsigned char []){ 0x31, 0x4a, 0x20, 0x2f, 0x83, 0x6f, 0x9f, 0x25, 0x7e, 0x22, 0xd8, 0xc1, 0x17, 0x57, 0x83, 0x2a, 0xe5, 0x13, 0x1d, 0x35, 0x7a, 0x72, 0xdf, 0x88, 0xf3, 0xef, 0xf0, 0xff, 0xce, 0xe0, 0xda, 0x4e }, .nonce = (unsigned char []){ 0x48, 0xf2, 0xd4, 0xc0, 0xb1, 0x70, 0x72, 0xe0, 0xa9, 0xc3, 0x00, 0xd9, 0x0b }, .adata = (unsigned char []){ 0xc5, 0x61, 0x75, 0xe2, 0xcf, 0xe0, 0xd3, 0x74, 0x54, 0xd9, 0x89, 0xaf, 0xcc, 0x36, 0x68, 0x6f, 0xb3, 0x4c, 0x01, 0x54, 0x39, 0x60, 0x15, 0x67, 0x50, 0x6a, 0x4d, 0x00, 0x03, 0x18, 0x2b, 0xe7 }, .payload = NULL, .ciphertext = (unsigned char []){ 0x27, 0xc5, 0x75, 0xbe, 0x0b, 0x99, 0xaf, 0x9b, 0x10, 0x6f, 0x53, 0xf4, 0x71, 0xc3, 0x1c, 0xac, 0x4d, 0x54, 0xea, 0x0b, 0xcb, 0x60, 0x2a, 0x33, 0xfb, 0x67, 0xbb, 0x60, 0x92, 0xcd, 0x57, 0x9f, 0x72, 0x2a, 0xe9, 0xb6, 0x80, 0xda, 0x08, 0x3d }, .rv = EFAULT, }, }; const struct aes_ecb_tv AES_ECB_TV[] = { { .keylen = AES128_KEYLEN, .len = 160, .key = (unsigned char []){ 0x44, 0xf0, 0xee, 0x62, 0x6d, 0x04, 0x46, 0xe0, 0xa3, 0x92, 0x4c, 0xfb, 0x07, 0x89, 0x44, 0xbb }, .plaintext = (unsigned char []){ 0x9c, 0x29, 0xee, 0xcb, 0x2d, 0xe0, 0x42, 0x54, 0xfa, 0xfb, 0x89, 0x6a, 0x99, 0x41, 0x02, 0xd1, 0xda, 0x30, 0xdd, 0xb4, 0x9d, 0x82, 0x72, 0x8e, 0xb2, 0x3d, 0xbd, 0x02, 0x99, 0x01, 0xe9, 0xb7, 0x5b, 0x3d, 0x0a, 0xee, 0x03, 0xf7, 0xa0, 0x5f, 0x6c, 0x85, 0x2d, 0x8f, 0xad, 0xa0, 0xb5, 0xc2, 0x8e, 0x8c, 0x9a, 0xed, 0x33, 0x4f, 0xad, 0x11, 0x82, 0x9d, 0xf3, 0xdf, 0xad, 0xc5, 0xc2, 0xe4, 0x71, 0xeb, 0x41, 0xaf, 0x9e, 0x48, 0xa8, 0xa4, 0x65, 0xe0, 0x3d, 0x5e, 0xbd, 0xb0, 0x21, 0x69, 0x15, 0x08, 0x1f, 0x3b, 0x5a, 0x0e, 0xbb, 0x23, 0x08, 0xdf, 0xc2, 0xd2, 0x8e, 0x5a, 0x8b, 0xa3, 0xf3, 0x2a, 0xda, 0xe4, 0xc3, 0x57, 0x59, 0x21, 0xbc, 0x65, 0x7b, 0x63, 0xd4, 0x6b, 0xa5, 0xa6, 0x18, 0x88, 0x0e, 0xe9, 0xad, 0x8a, 0xf3, 0xfb, 0xa5, 0x64, 0x3a, 0x50, 0x26, 0xfa, 0xcd, 0x7d, 0x66, 0x7c, 0xe5, 0x99, 0x32, 0x7f, 0x93, 0x6c, 0xdd, 0xa7, 0xe1, 0xbb, 0x74, 0x2a, 0x33, 0xa0, 0x19, 0x99, 0x0b, 0x76, 0xbe, 0x64, 0x8a, 0x6e, 0xc7, 0x25, 0xda, 0xed, 0x54, 0x0e, 0xd9, 0xe7 }, .ciphertext = (unsigned char []){ 0x93, 0x1b, 0x2f, 0x5f, 0x3a, 0x58, 0x20, 0xd5, 0x3a, 0x6b, 0xea, 0xaa, 0x64, 0x31, 0x08, 0x3a, 0x34, 0x88, 0xf4, 0xeb, 0x03, 0xb0, 0xf5, 0xb5, 0x7e, 0xf8, 0x38, 0xe1, 0x57, 0x96, 0x23, 0x10, 0x3b, 0xd6, 0xe6, 0x80, 0x03, 0x77, 0x53, 0x8b, 0x2e, 0x51, 0xef, 0x70, 0x8f, 0x3c, 0x49, 0x56, 0x43, 0x2e, 0x8a, 0x8e, 0xe6, 0xa3, 0x4e, 0x19, 0x06, 0x42, 0xb2, 0x6a, 0xd8, 0xbd, 0xae, 0x6c, 0x2a, 0xf9, 0xa6, 0xc7, 0x99, 0x6f, 0x3b, 0x60, 0x04, 0xd2, 0x67, 0x1e, 0x41, 0xf1, 0xc9, 0xf4, 0x0e, 0xe0, 0x3d, 0x1c, 0x4a, 0x52, 0xb0, 0xa0, 0x65, 0x4a, 0x33, 0x1f, 0x15, 0xf3, 0x4d, 0xce, 0x4a, 0xcb, 0x96, 0xbd, 0x65, 0x07, 0x81, 0x5c, 0xa4, 0x34, 0x7a, 0x3d, 0xe1, 0x1a, 0x31, 0x1b, 0x7d, 0xe5, 0x35, 0x1c, 0x97, 0x87, 0xc4, 0x53, 0x81, 0x58, 0xe2, 0x89, 0x74, 0xff, 0xa8, 0x3d, 0x82, 0x96, 0xdf, 0xe9, 0xcd, 0x09, 0xcd, 0x87, 0xf7, 0xbf, 0x4f, 0x54, 0xd9, 0x7d, 0x28, 0xd4, 0x78, 0x87, 0x99, 0x16, 0x34, 0x08, 0x32, 0x39, 0x43, 0xb3, 0xe7, 0x2f, 0x5e, 0xab, 0x66, 0xc1 }, }, { .keylen = AES192_KEYLEN, .len = 160, .key = (unsigned char []){ 0x9c, 0xc2, 0x4e, 0xa1, 0xf1, 0x95, 0x9d, 0x9a, 0x97, 0x2e, 0x71, 0x82, 0xef, 0x3b, 0x4e, 0x22, 0xa9, 0x7a, 0x87, 0xd0, 0xda, 0x7f, 0xf6, 0x4b }, .plaintext = (unsigned char []){ 0xb8, 0xbb, 0x5c, 0xe5, 0x3a, 0x15, 0xaa, 0x6d, 0xfd, 0xf2, 0xcb, 0x61, 0xbc, 0x8e, 0x36, 0x17, 0xd1, 0xd0, 0xfe, 0xfe, 0x9b, 0xa5, 0xd1, 0x75, 0x55, 0x04, 0x70, 0xe3, 0x23, 0x97, 0xf6, 0xf3, 0xb3, 0xe6, 0x5b, 0x43, 0xbd, 0xed, 0x2b, 0x21, 0xe5, 0xc1, 0x81, 0xd3, 0xc4, 0xc4, 0xc5, 0x26, 0xc4, 0x1c, 0xea, 0xb0, 0x44, 0x28, 0x95, 0x08, 0x45, 0x80, 0x48, 0xb6, 0x33, 0x52, 0xdf, 0xc3, 0x79, 0xde, 0x37, 0x3f, 0xd1, 0x9a, 0x2c, 0x90, 0x0c, 0x43, 0x52, 0x4b, 0x75, 0x94, 0x9e, 0x67, 0x7c, 0xce, 0xda, 0x86, 0x6f, 0x7f, 0x2b, 0xcc, 0x48, 0x44, 0xef, 0x2e, 0x5d, 0xac, 0x5b, 0x80, 0x4b, 0x40, 0x45, 0xe6, 0x57, 0xc8, 0x15, 0x6d, 0x1d, 0xcd, 0xb4, 0x3c, 0xbf, 0x2f, 0x5e, 0x00, 0xa4, 0xf9, 0x25, 0x5e, 0x3b, 0xe2, 0x43, 0x94, 0x36, 0xc4, 0xd0, 0x44, 0x9a, 0x8d, 0x2c, 0x4c, 0x1a, 0x56, 0xbe, 0xce, 0x98, 0xea, 0x0f, 0xd6, 0x8a, 0xba, 0xf1, 0x23, 0x98, 0x03, 0x99, 0x94, 0xae, 0xbf, 0xfc, 0x69, 0x2b, 0x90, 0x00, 0xe5, 0x80, 0x47, 0x9b, 0x4f, 0x4b, 0x28, 0xb5, 0xfe }, .ciphertext = (unsigned char []){ 0x95, 0x2f, 0x45, 0x46, 0xa8, 0xbf, 0x71, 0x66, 0x96, 0x49, 0x17, 0xec, 0xe0, 0x1b, 0xda, 0x3c, 0x68, 0x57, 0xe4, 0x27, 0xce, 0xf5, 0xda, 0x0f, 0xf9, 0x0b, 0x0e, 0x4b, 0xf4, 0x4c, 0xf7, 0xcc, 0xfc, 0xcf, 0xdf, 0x01, 0xd7, 0x13, 0xdc, 0xf9, 0x67, 0x3f, 0x01, 0xc8, 0x7e, 0xae, 0xd5, 0x2b, 0xf4, 0xaa, 0x04, 0x6f, 0xf7, 0x78, 0x55, 0x8e, 0xa3, 0x96, 0xdc, 0x9c, 0xd2, 0x40, 0x71, 0x61, 0x36, 0x38, 0x61, 0x48, 0xa5, 0xc7, 0x63, 0x78, 0xb3, 0xff, 0xcd, 0x40, 0x86, 0x44, 0x07, 0xb8, 0xe6, 0x0b, 0x40, 0xa5, 0x94, 0xe0, 0x61, 0x9e, 0xdd, 0xae, 0x3f, 0x6d, 0x6e, 0x3b, 0x15, 0xb8, 0x6a, 0xf2, 0x31, 0xe1, 0xba, 0xe5, 0xed, 0x2a, 0xa5, 0x12, 0xe1, 0x1d, 0xa0, 0xe5, 0x57, 0x2b, 0x67, 0xff, 0xff, 0x93, 0x4c, 0x36, 0xe5, 0x85, 0xcf, 0xdd, 0x9f, 0x87, 0x70, 0x45, 0xcb, 0x19, 0xc1, 0x83, 0xb9, 0x94, 0xbf, 0x74, 0x64, 0x58, 0x62, 0xff, 0xa7, 0x26, 0x73, 0x9a, 0xad, 0xcb, 0x9e, 0x10, 0xaa, 0xff, 0xc8, 0x81, 0xc8, 0x8c, 0xa3, 0xaa, 0x65, 0xb3, 0x7f, 0x66, 0x7b, 0xcb }, }, { .keylen = AES256_KEYLEN, .len = 160, .key = (unsigned char []){ 0xc4, 0xa7, 0x1e, 0x05, 0x5a, 0x72, 0x54, 0xdd, 0xa3, 0x60, 0x69, 0x3f, 0xe1, 0xbe, 0x49, 0xf1, 0x0f, 0xaa, 0x67, 0x31, 0xc3, 0x6d, 0xba, 0xa6, 0x59, 0x0b, 0x05, 0x97, 0x4e, 0x18, 0x5c, 0x5b }, .plaintext = (unsigned char []){ 0x31, 0xfd, 0x5a, 0x30, 0x7e, 0x27, 0x9b, 0x2f, 0x34, 0x58, 0x1e, 0x2c, 0x43, 0x23, 0x79, 0xdf, 0x8e, 0xcc, 0xba, 0xf7, 0x95, 0x32, 0x93, 0x89, 0x16, 0x71, 0x1c, 0xd3, 0x77, 0x54, 0x0b, 0x90, 0x45, 0x37, 0x3e, 0x47, 0xf2, 0x21, 0x4b, 0x8f, 0x87, 0x60, 0x40, 0xaf, 0x73, 0x3f, 0x6c, 0x9d, 0x8f, 0x03, 0xa7, 0xc5, 0x8f, 0x87, 0x14, 0xd2, 0xfb, 0xb4, 0xc1, 0x4a, 0xf5, 0x9c, 0x75, 0xb4, 0x83, 0xad, 0xc7, 0x18, 0x94, 0x6e, 0xe9, 0x07, 0xa1, 0x82, 0x86, 0xcc, 0x4e, 0xfd, 0x20, 0x67, 0x89, 0x06, 0x4b, 0x6f, 0x1b, 0x19, 0x5f, 0x0d, 0x0d, 0x23, 0x44, 0x68, 0xe4, 0xf0, 0x0e, 0x6f, 0x1c, 0xad, 0x5c, 0xd3, 0xb9, 0xc0, 0xa6, 0x43, 0xb3, 0xc0, 0xdd, 0x09, 0x28, 0x0f, 0xf2, 0xe2, 0xa5, 0x92, 0x91, 0x83, 0x40, 0x93, 0x84, 0xdd, 0x72, 0xdc, 0x94, 0xe3, 0x96, 0x87, 0xea, 0x2b, 0x62, 0x3d, 0x5d, 0x77, 0x67, 0x00, 0xbd, 0x8b, 0x36, 0xe6, 0x13, 0x0f, 0xfd, 0xe9, 0x66, 0xf1, 0x34, 0xc4, 0xb1, 0xf3, 0x5f, 0x29, 0xc5, 0xcc, 0x4a, 0x03, 0x29, 0x7e, 0x1c, 0xcc, 0x95, 0x39 }, .ciphertext = (unsigned char []){ 0x2c, 0x48, 0x7f, 0xa9, 0x6f, 0x40, 0x90, 0xc5, 0x6a, 0xa1, 0xb5, 0xbe, 0x81, 0x91, 0x8a, 0x93, 0x4c, 0x94, 0x92, 0x87, 0x8f, 0xb0, 0xcd, 0x68, 0x6d, 0xcf, 0x8d, 0x17, 0xd8, 0x64, 0x85, 0x45, 0x4c, 0x51, 0x23, 0x7b, 0xbd, 0x09, 0x20, 0x5d, 0xce, 0xf1, 0x55, 0x2f, 0x43, 0x0d, 0xd0, 0x98, 0xb9, 0xd8, 0x27, 0xa6, 0x94, 0x73, 0x0c, 0x13, 0x3a, 0x02, 0x22, 0xc7, 0x7f, 0x54, 0x0f, 0x9d, 0x5f, 0xc2, 0xd3, 0x6a, 0xf3, 0x59, 0x58, 0x3c, 0x9e, 0x3b, 0x49, 0xdf, 0x88, 0x42, 0x28, 0xa6, 0x4d, 0xe7, 0x9b, 0x67, 0xf6, 0x62, 0x07, 0xc8, 0x28, 0x13, 0x60, 0xb9, 0x9b, 0x21, 0x40, 0x42, 0xce, 0x61, 0x36, 0x7f, 0xf9, 0x79, 0x60, 0xe9, 0x44, 0x45, 0x3c, 0xd6, 0x36, 0x79, 0xbb, 0x44, 0x70, 0x88, 0x97, 0xd2, 0x9b, 0xc5, 0xe7, 0x0f, 0x9f, 0xc8, 0xf1, 0xf7, 0x15, 0x14, 0x3f, 0xbb, 0x00, 0xf7, 0xf5, 0xc1, 0xb7, 0xb1, 0x61, 0xec, 0x26, 0xd8, 0xd4, 0x1d, 0x36, 0xfa, 0xb0, 0xfa, 0x8a, 0x85, 0xc3, 0xee, 0x6c, 0xe4, 0xd3, 0x70, 0x07, 0xeb, 0x7a, 0x89, 0xd6, 0x75, 0x35, 0x90 }, }, }; const struct aes_cbc_tv AES_CBC_TV[] = { { .keylen = AES128_KEYLEN, .len = 160, .key = (unsigned char []){ 0x97, 0xa1, 0x02, 0x55, 0x29, 0xb9, 0x92, 0x5e, 0x25, 0xbb, 0xe7, 0x87, 0x70, 0xca, 0x2f, 0x99 }, .iv = { 0xd4, 0xb4, 0xea, 0xb9, 0x2a, 0xa9, 0x63, 0x7e, 0x87, 0xd3, 0x66, 0x38, 0x4e, 0xd6, 0x91, 0x5c }, .plaintext = (unsigned char []){ 0xe8, 0xb8, 0x91, 0x50, 0xd8, 0x43, 0x8b, 0xf5, 0xb1, 0x74, 0x49, 0xd6, 0xed, 0x26, 0xbd, 0x72, 0x12, 0x7e, 0x10, 0xe4, 0xaa, 0x57, 0xca, 0xd8, 0x52, 0x83, 0xe8, 0x35, 0x9e, 0x08, 0x92, 0x08, 0xe8, 0x49, 0x21, 0x64, 0x9f, 0x5b, 0x60, 0xea, 0x21, 0xf7, 0x86, 0x7c, 0xbc, 0x96, 0x20, 0x56, 0x0c, 0x4c, 0x62, 0x38, 0xdb, 0x02, 0x12, 0x16, 0xdb, 0x45, 0x3c, 0x99, 0x43, 0xf1, 0xf1, 0xa6, 0x05, 0x46, 0x17, 0x3d, 0xae, 0xf2, 0x55, 0x7c, 0x3c, 0xdd, 0x85, 0x50, 0x31, 0xb3, 0x53, 0xd4, 0xbf, 0x17, 0x6f, 0x28, 0x43, 0x9e, 0x48, 0x78, 0x5c, 0x37, 0xd3, 0x8f, 0x27, 0x0a, 0xa4, 0xa6, 0xfa, 0xad, 0x2b, 0xaa, 0xbc, 0xb0, 0xc0, 0xb2, 0xd1, 0xdd, 0x53, 0x22, 0x93, 0x74, 0x98, 0xce, 0x80, 0x3b, 0xa1, 0x14, 0x84, 0x40, 0xa5, 0x2e, 0x22, 0x7d, 0xdb, 0xa4, 0x87, 0x2f, 0xe4, 0xd8, 0x1d, 0x2d, 0x76, 0xa9, 0x39, 0xd2, 0x47, 0x55, 0xad, 0xb8, 0xa7, 0xb8, 0x45, 0x2c, 0xee, 0xd2, 0xd1, 0x79, 0xe1, 0xa5, 0x84, 0x8f, 0x31, 0x6f, 0x5c, 0x01, 0x63, 0x00, 0xa3, 0x90, 0xbf, 0xa7 }, .ciphertext = (unsigned char []){ 0x22, 0xcd, 0xc3, 0x30, 0x6f, 0xcd, 0x4d, 0x31, 0xcc, 0xd3, 0x27, 0x20, 0xcb, 0xb6, 0x1b, 0xad, 0x28, 0xd8, 0x55, 0x67, 0x06, 0x57, 0xc4, 0x8c, 0x7b, 0x88, 0xc3, 0x1f, 0x4f, 0xa1, 0xf9, 0x3c, 0x01, 0xb5, 0x7d, 0xa9, 0x0b, 0xe6, 0x3e, 0xad, 0x67, 0xd6, 0xa3, 0x25, 0x52, 0x5e, 0x6e, 0xd4, 0x50, 0x83, 0xe6, 0xfb, 0x70, 0xa5, 0x35, 0x29, 0xd1, 0xfa, 0x0f, 0x55, 0x65, 0x3b, 0x94, 0x2a, 0xf5, 0x9d, 0x78, 0xa2, 0x66, 0x03, 0x61, 0xd6, 0x3a, 0x72, 0x90, 0x15, 0x5a, 0xc5, 0xc4, 0x33, 0x12, 0xa2, 0x5b, 0x23, 0x5d, 0xac, 0xbb, 0xc8, 0x63, 0xfa, 0xf0, 0x09, 0x40, 0xc9, 0x96, 0x24, 0x07, 0x6d, 0xfa, 0x44, 0x06, 0x8e, 0x7c, 0x55, 0x4c, 0x90, 0x38, 0x17, 0x69, 0x53, 0xe5, 0x71, 0x75, 0x1d, 0xfc, 0x09, 0x54, 0xd4, 0x1d, 0x11, 0x37, 0x71, 0xb0, 0x64, 0x66, 0xb1, 0xc8, 0xd1, 0x3e, 0x0d, 0x4c, 0xb6, 0x75, 0xed, 0x58, 0xd1, 0xa6, 0x19, 0xe1, 0x54, 0x09, 0x70, 0x98, 0x37, 0x81, 0xdc, 0x11, 0xd2, 0xdd, 0x85, 0x25, 0xab, 0x57, 0x45, 0x95, 0x8d, 0x61, 0x5d, 0xef, 0xda }, }, { .keylen = AES192_KEYLEN, .len = 160, .key = (unsigned char []){ 0x50, 0x9b, 0xaf, 0x46, 0xfb, 0x9d, 0xe3, 0x42, 0x81, 0xda, 0xfc, 0xc3, 0xdb, 0x79, 0x59, 0x3b, 0xff, 0xa8, 0x42, 0x69, 0x04, 0x30, 0x26, 0x88 }, .iv = { 0xd6, 0xd8, 0x6e, 0x0c, 0x82, 0xdd, 0x87, 0x88, 0xf4, 0x14, 0x7a, 0x26, 0xf9, 0xa7, 0x1c, 0x74 }, .plaintext = (unsigned char []){ 0x67, 0xd2, 0xdd, 0xa6, 0xda, 0x26, 0xe2, 0x13, 0x07, 0x97, 0x34, 0x00, 0x60, 0x07, 0x25, 0x72, 0x7a, 0xe8, 0x14, 0x15, 0x51, 0x17, 0x72, 0xf4, 0xa0, 0x9a, 0xd9, 0x90, 0x3b, 0xcf, 0x90, 0xcc, 0x2c, 0x0d, 0xac, 0x58, 0xba, 0x55, 0x9a, 0x01, 0x09, 0xc5, 0x4a, 0x9d, 0x61, 0x17, 0xb1, 0x5b, 0xb5, 0x74, 0xca, 0x47, 0x3e, 0x84, 0x80, 0x47, 0xe9, 0xa5, 0x4e, 0xe4, 0xab, 0xde, 0x76, 0xaf, 0xf9, 0x84, 0x9c, 0x44, 0x10, 0x9d, 0x16, 0x1f, 0x46, 0x44, 0x2e, 0x16, 0x10, 0xd8, 0xb0, 0x15, 0xcf, 0x36, 0xa0, 0x10, 0xed, 0x8e, 0xfa, 0x32, 0x07, 0xfd, 0xfc, 0x8f, 0xcc, 0x54, 0x8f, 0x14, 0x5c, 0x02, 0x7e, 0x44, 0xc5, 0xb0, 0xec, 0x35, 0xc9, 0x88, 0x6f, 0x4b, 0x9d, 0x65, 0x13, 0xa5, 0xbc, 0x10, 0xd0, 0xea, 0x6b, 0xbb, 0xc2, 0x6f, 0x54, 0xb1, 0x83, 0xbc, 0xae, 0x27, 0xfb, 0x79, 0x9d, 0x88, 0x72, 0xff, 0x74, 0x8f, 0xc4, 0x59, 0xd5, 0x5c, 0xfa, 0x25, 0x5a, 0xae, 0x29, 0xd7, 0x1b, 0x07, 0x6d, 0x9b, 0x44, 0xc1, 0x4d, 0x5c, 0xeb, 0xa9, 0x33, 0x2a, 0x76, 0x3d, 0x9c, 0x94 }, .ciphertext = (unsigned char []){ 0x69, 0x28, 0x29, 0x9c, 0x52, 0xb4, 0xf0, 0x47, 0x92, 0x6f, 0x8a, 0x54, 0x15, 0x29, 0xda, 0x2d, 0x6b, 0xba, 0xa3, 0x99, 0x14, 0x3c, 0xed, 0x8e, 0xfb, 0x77, 0xab, 0x47, 0x40, 0x9d, 0x9a, 0x95, 0x3a, 0x38, 0x6c, 0x7a, 0xbd, 0x60, 0x26, 0xf4, 0x98, 0x31, 0xc7, 0x17, 0x62, 0x7c, 0x2a, 0x5e, 0x77, 0xbd, 0x2d, 0x43, 0x3d, 0x4d, 0x13, 0x0d, 0xac, 0xd9, 0x27, 0xea, 0x0d, 0x13, 0xa2, 0x3d, 0x01, 0xa7, 0xcf, 0x39, 0xc6, 0x71, 0x6d, 0xaf, 0xb6, 0xed, 0x55, 0x24, 0x10, 0xef, 0x5d, 0x27, 0xfb, 0x94, 0x7b, 0xe2, 0xc8, 0x78, 0x2e, 0xee, 0x78, 0x29, 0x19, 0x6c, 0x7e, 0xdc, 0xf1, 0x51, 0xc6, 0x5f, 0x9a, 0x01, 0xf5, 0x4f, 0x8d, 0x20, 0xf3, 0x8b, 0x7d, 0xa4, 0xa7, 0xe8, 0x3a, 0x2f, 0x01, 0x27, 0xd5, 0x9d, 0x3e, 0x24, 0x05, 0xd8, 0x67, 0x4f, 0xc9, 0xf4, 0x1b, 0x60, 0x4f, 0x78, 0x8f, 0x47, 0x15, 0xf9, 0xd3, 0x62, 0x4e, 0xee, 0x57, 0xf3, 0x87, 0xbf, 0xad, 0xd1, 0x8a, 0x1f, 0x90, 0x5e, 0x83, 0x9c, 0x26, 0xb8, 0x61, 0x74, 0x82, 0x34, 0x7f, 0xab, 0x6d, 0x08, 0x84, 0x5a }, }, { .keylen = AES256_KEYLEN, .len = 160, .key = (unsigned char []){ 0x87, 0x72, 0x5b, 0xd4, 0x3a, 0x45, 0x60, 0x88, 0x14, 0x18, 0x07, 0x73, 0xf0, 0xe7, 0xab, 0x95, 0xa3, 0xc8, 0x59, 0xd8, 0x3a, 0x21, 0x30, 0xe8, 0x84, 0x19, 0x0e, 0x44, 0xd1, 0x4c, 0x69, 0x96 }, .iv = { 0xe4, 0x96, 0x51, 0x98, 0x8e, 0xbb, 0xb7, 0x2e, 0xb8, 0xbb, 0x80, 0xbb, 0x9a, 0xbb, 0xca, 0x34 }, .plaintext = (unsigned char []){ 0xbf, 0xe5, 0xc6, 0x35, 0x4b, 0x7a, 0x3f, 0xf3, 0xe1, 0x92, 0xe0, 0x57, 0x75, 0xb9, 0xb7, 0x58, 0x07, 0xde, 0x12, 0xe3, 0x8a, 0x62, 0x6b, 0x8b, 0xf0, 0xe1, 0x2d, 0x5f, 0xff, 0x78, 0xe4, 0xf1, 0x77, 0x5a, 0xa7, 0xd7, 0x92, 0xd8, 0x85, 0x16, 0x2e, 0x66, 0xd8, 0x89, 0x30, 0xf9, 0xc3, 0xb2, 0xcd, 0xf8, 0x65, 0x4f, 0x56, 0x97, 0x25, 0x04, 0x80, 0x31, 0x90, 0x38, 0x62, 0x70, 0xf0, 0xaa, 0x43, 0x64, 0x5d, 0xb1, 0x87, 0xaf, 0x41, 0xfc, 0xea, 0x63, 0x9b, 0x1f, 0x80, 0x26, 0xcc, 0xdd, 0x0c, 0x23, 0xe0, 0xde, 0x37, 0x09, 0x4a, 0x8b, 0x94, 0x1e, 0xcb, 0x76, 0x02, 0x99, 0x8a, 0x4b, 0x26, 0x04, 0xe6, 0x9f, 0xc0, 0x42, 0x19, 0x58, 0x5d, 0x85, 0x46, 0x00, 0xe0, 0xad, 0x6f, 0x99, 0xa5, 0x3b, 0x25, 0x04, 0x04, 0x3c, 0x08, 0xb1, 0xc3, 0xe2, 0x14, 0xd1, 0x7c, 0xde, 0x05, 0x3c, 0xbd, 0xf9, 0x1d, 0xaa, 0x99, 0x9e, 0xd5, 0xb4, 0x7c, 0x37, 0x98, 0x3b, 0xa3, 0xee, 0x25, 0x4b, 0xc5, 0xc7, 0x93, 0x83, 0x7d, 0xaa, 0xa8, 0xc8, 0x5c, 0xfc, 0x12, 0xf7, 0xf5, 0x4f, 0x69, 0x9f }, .ciphertext = (unsigned char []){ 0x5b, 0x97, 0xa9, 0xd4, 0x23, 0xf4, 0xb9, 0x74, 0x13, 0xf3, 0x88, 0xd9, 0xa3, 0x41, 0xe7, 0x27, 0xbb, 0x33, 0x9f, 0x8e, 0x18, 0xa3, 0xfa, 0xc2, 0xf2, 0xfb, 0x85, 0xab, 0xdc, 0x8f, 0x13, 0x5d, 0xeb, 0x30, 0x05, 0x4a, 0x1a, 0xfd, 0xc9, 0xb6, 0xed, 0x7d, 0xa1, 0x6c, 0x55, 0xeb, 0xa6, 0xb0, 0xd4, 0xd1, 0x0c, 0x74, 0xe1, 0xd9, 0xa7, 0xcf, 0x8e, 0xdf, 0xae, 0xaa, 0x68, 0x4a, 0xc0, 0xbd, 0x9f, 0x9d, 0x24, 0xba, 0x67, 0x49, 0x55, 0xc7, 0x9d, 0xc6, 0xbe, 0x32, 0xae, 0xe1, 0xc2, 0x60, 0xb5, 0x58, 0xff, 0x07, 0xe3, 0xa4, 0xd4, 0x9d, 0x24, 0x16, 0x20, 0x11, 0xff, 0x25, 0x4d, 0xb8, 0xbe, 0x07, 0x8e, 0x8a, 0xd0, 0x7e, 0x64, 0x8e, 0x6b, 0xf5, 0x67, 0x93, 0x76, 0xcb, 0x43, 0x21, 0xa5, 0xef, 0x01, 0xaf, 0xe6, 0xad, 0x88, 0x16, 0xfc, 0xc7, 0x63, 0x46, 0x69, 0xc8, 0xc4, 0x38, 0x92, 0x95, 0xc9, 0x24, 0x1e, 0x45, 0xff, 0xf3, 0x9f, 0x32, 0x25, 0xf7, 0x74, 0x50, 0x32, 0xda, 0xee, 0xbe, 0x99, 0xd4, 0xb1, 0x9b, 0xcb, 0x21, 0x5d, 0x1b, 0xfd, 0xb3, 0x6e, 0xda, 0x2c, 0x24 }, }, }; const struct aes_cbc_cs_tv AES_CBC_CS_TV[] = { { .keylen = AES128_KEYLEN, .len = 47, .key = (unsigned char []){ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }, .iv = {0}, .iv_out = { 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e }, .plaintext = (unsigned char []){ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c }, .ciphertext = (unsigned char []){ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e }, .variant = 1, }, { .keylen = AES128_KEYLEN, .len = 47, .key = (unsigned char []){ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }, .iv = {0}, .iv_out = { 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e }, .plaintext = (unsigned char []){ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c }, .ciphertext = (unsigned char []){ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5 }, .variant = 2, }, { .keylen = AES128_KEYLEN, .len = 47, .key = (unsigned char []){ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }, .iv = {0}, .iv_out = { 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e }, .plaintext = (unsigned char []){ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c }, .ciphertext = (unsigned char []){ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5 }, .variant = 3, }, { .keylen = AES128_KEYLEN, .len = 64, .key = (unsigned char []){ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }, .iv = {0}, .iv_out = { 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40 }, .plaintext = (unsigned char []){ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74, 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e }, .ciphertext = (unsigned char []){ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8, 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8, 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40 }, .variant = 1, }, { .keylen = AES128_KEYLEN, .len = 64, .key = (unsigned char []){ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }, .iv = {0}, .iv_out = { 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40 }, .plaintext = (unsigned char []){ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74, 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e }, .ciphertext = (unsigned char []){ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8, 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8, 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40 }, .variant = 2, }, { .keylen = AES128_KEYLEN, .len = 64, .key = (unsigned char []){ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }, .iv = {0}, .iv_out = { 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40 }, .plaintext = (unsigned char []){ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74, 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e }, .ciphertext = (unsigned char []){ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8, 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40, 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8 }, .variant = 3, }, }; const struct des3_cbc_cs_tv DES3_CBC_CS_TV[] = { { .len = 71, .key = { 0x2a, 0xe6, 0xae, 0x5d, 0x75, 0x34, 0x8f, 0x9d, 0x34, 0xc4, 0xfd, 0x45, 0x85, 0xb6, 0xba, 0x8c, 0x9d, 0xef, 0x6e, 0xbf, 0xc7, 0x7f, 0xe0, 0x46 }, .iv = { 0xa5, 0x2b, 0x66, 0xc3, 0x34, 0x38, 0x59, 0xe0 }, .plaintext = (unsigned char []){ 0x24, 0x19, 0x26, 0x42, 0xf7, 0xc7, 0x0e, 0x7d, 0x75, 0x69, 0xde, 0x8b, 0x86, 0x20, 0x4a, 0x10, 0xa0, 0x76, 0xe3, 0xf3, 0x79, 0xbc, 0x7f, 0x8a, 0x52, 0x25, 0xec, 0x4d, 0x76, 0xc0, 0x8a, 0xca, 0x40, 0xcd, 0xe8, 0x86, 0xf5, 0xd9, 0x9b, 0xc0, 0xb6, 0x65, 0xa1, 0x79, 0x56, 0x37, 0x22, 0x19, 0xcd, 0x52, 0xcb, 0x73, 0xec, 0x48, 0x62, 0xdf, 0x24, 0x2f, 0xb7, 0x65, 0xb1, 0x85, 0x3b, 0xc6, 0x25, 0x82, 0x41, 0xe4, 0x1a, 0x1a, 0xd7 }, .ciphertext = (unsigned char []){ 0x95, 0x0e, 0x26, 0xc3, 0xf2, 0x46, 0xd7, 0xed, 0xff, 0xbd, 0xd3, 0x0e, 0x9a, 0x2c, 0x08, 0x2b, 0x48, 0x53, 0x3f, 0xbf, 0x26, 0x29, 0xa9, 0x00, 0x23, 0x35, 0xbb, 0x63, 0x6d, 0x3c, 0x3c, 0x62, 0x29, 0x1c, 0x9d, 0x7d, 0x67, 0xf8, 0x88, 0x7f, 0x55, 0x95, 0xbb, 0x02, 0xb2, 0x04, 0x17, 0x35, 0x86, 0x82, 0xf4, 0xdd, 0x11, 0x9c, 0xb8, 0x9a, 0x01, 0x97, 0xa8, 0x6c, 0xe8, 0x0e, 0xfe, 0xe7, 0x96, 0x5f, 0x36, 0xfc, 0xc3, 0xd9, 0xa5 }, .variant = 1, }, { .len = 71, .key = { 0x2a, 0xe6, 0xae, 0x5d, 0x75, 0x34, 0x8f, 0x9d, 0x34, 0xc4, 0xfd, 0x45, 0x85, 0xb6, 0xba, 0x8c, 0x9d, 0xef, 0x6e, 0xbf, 0xc7, 0x7f, 0xe0, 0x46 }, .iv = { 0xa5, 0x2b, 0x66, 0xc3, 0x34, 0x38, 0x59, 0xe0 }, .plaintext = (unsigned char []){ 0x24, 0x19, 0x26, 0x42, 0xf7, 0xc7, 0x0e, 0x7d, 0x75, 0x69, 0xde, 0x8b, 0x86, 0x20, 0x4a, 0x10, 0xa0, 0x76, 0xe3, 0xf3, 0x79, 0xbc, 0x7f, 0x8a, 0x52, 0x25, 0xec, 0x4d, 0x76, 0xc0, 0x8a, 0xca, 0x40, 0xcd, 0xe8, 0x86, 0xf5, 0xd9, 0x9b, 0xc0, 0xb6, 0x65, 0xa1, 0x79, 0x56, 0x37, 0x22, 0x19, 0xcd, 0x52, 0xcb, 0x73, 0xec, 0x48, 0x62, 0xdf, 0x24, 0x2f, 0xb7, 0x65, 0xb1, 0x85, 0x3b, 0xc6, 0x25, 0x82, 0x41, 0xe4, 0x1a, 0x1a, 0xd7 }, .ciphertext = (unsigned char []){ 0x95, 0x0e, 0x26, 0xc3, 0xf2, 0x46, 0xd7, 0xed, 0xff, 0xbd, 0xd3, 0x0e, 0x9a, 0x2c, 0x08, 0x2b, 0x48, 0x53, 0x3f, 0xbf, 0x26, 0x29, 0xa9, 0x00, 0x23, 0x35, 0xbb, 0x63, 0x6d, 0x3c, 0x3c, 0x62, 0x29, 0x1c, 0x9d, 0x7d, 0x67, 0xf8, 0x88, 0x7f, 0x55, 0x95, 0xbb, 0x02, 0xb2, 0x04, 0x17, 0x35, 0x86, 0x82, 0xf4, 0xdd, 0x11, 0x9c, 0xb8, 0x9a, 0xe7, 0x96, 0x5f, 0x36, 0xfc, 0xc3, 0xd9, 0xa5, 0x01, 0x97, 0xa8, 0x6c, 0xe8, 0x0e, 0xfe }, .variant = 2, }, { .len = 71, .key = { 0x2a, 0xe6, 0xae, 0x5d, 0x75, 0x34, 0x8f, 0x9d, 0x34, 0xc4, 0xfd, 0x45, 0x85, 0xb6, 0xba, 0x8c, 0x9d, 0xef, 0x6e, 0xbf, 0xc7, 0x7f, 0xe0, 0x46 }, .iv = { 0xa5, 0x2b, 0x66, 0xc3, 0x34, 0x38, 0x59, 0xe0 }, .plaintext = (unsigned char []){ 0x24, 0x19, 0x26, 0x42, 0xf7, 0xc7, 0x0e, 0x7d, 0x75, 0x69, 0xde, 0x8b, 0x86, 0x20, 0x4a, 0x10, 0xa0, 0x76, 0xe3, 0xf3, 0x79, 0xbc, 0x7f, 0x8a, 0x52, 0x25, 0xec, 0x4d, 0x76, 0xc0, 0x8a, 0xca, 0x40, 0xcd, 0xe8, 0x86, 0xf5, 0xd9, 0x9b, 0xc0, 0xb6, 0x65, 0xa1, 0x79, 0x56, 0x37, 0x22, 0x19, 0xcd, 0x52, 0xcb, 0x73, 0xec, 0x48, 0x62, 0xdf, 0x24, 0x2f, 0xb7, 0x65, 0xb1, 0x85, 0x3b, 0xc6, 0x25, 0x82, 0x41, 0xe4, 0x1a, 0x1a, 0xd7 }, .ciphertext = (unsigned char []){ 0x95, 0x0e, 0x26, 0xc3, 0xf2, 0x46, 0xd7, 0xed, 0xff, 0xbd, 0xd3, 0x0e, 0x9a, 0x2c, 0x08, 0x2b, 0x48, 0x53, 0x3f, 0xbf, 0x26, 0x29, 0xa9, 0x00, 0x23, 0x35, 0xbb, 0x63, 0x6d, 0x3c, 0x3c, 0x62, 0x29, 0x1c, 0x9d, 0x7d, 0x67, 0xf8, 0x88, 0x7f, 0x55, 0x95, 0xbb, 0x02, 0xb2, 0x04, 0x17, 0x35, 0x86, 0x82, 0xf4, 0xdd, 0x11, 0x9c, 0xb8, 0x9a, 0xe7, 0x96, 0x5f, 0x36, 0xfc, 0xc3, 0xd9, 0xa5, 0x01, 0x97, 0xa8, 0x6c, 0xe8, 0x0e, 0xfe }, .variant = 3, }, { .len = 72, .key = { 0x2a, 0xe6, 0xae, 0x5d, 0x75, 0x34, 0x8f, 0x9d, 0x34, 0xc4, 0xfd, 0x45, 0x85, 0xb6, 0xba, 0x8c, 0x9d, 0xef, 0x6e, 0xbf, 0xc7, 0x7f, 0xe0, 0x46 }, .iv = { 0xa5, 0x2b, 0x66, 0xc3, 0x34, 0x38, 0x59, 0xe0 }, .plaintext = (unsigned char []){ 0x24, 0x19, 0x26, 0x42, 0xf7, 0xc7, 0x0e, 0x7d, 0x75, 0x69, 0xde, 0x8b, 0x86, 0x20, 0x4a, 0x10, 0xa0, 0x76, 0xe3, 0xf3, 0x79, 0xbc, 0x7f, 0x8a, 0x52, 0x25, 0xec, 0x4d, 0x76, 0xc0, 0x8a, 0xca, 0x40, 0xcd, 0xe8, 0x86, 0xf5, 0xd9, 0x9b, 0xc0, 0xb6, 0x65, 0xa1, 0x79, 0x56, 0x37, 0x22, 0x19, 0xcd, 0x52, 0xcb, 0x73, 0xec, 0x48, 0x62, 0xdf, 0x24, 0x2f, 0xb7, 0x65, 0xb1, 0x85, 0x3b, 0xc6, 0x25, 0x82, 0x41, 0xe4, 0x1a, 0x1a, 0xd7, 0x15 }, .ciphertext = (unsigned char []){ 0x95, 0x0e, 0x26, 0xc3, 0xf2, 0x46, 0xd7, 0xed, 0xff, 0xbd, 0xd3, 0x0e, 0x9a, 0x2c, 0x08, 0x2b, 0x48, 0x53, 0x3f, 0xbf, 0x26, 0x29, 0xa9, 0x00, 0x23, 0x35, 0xbb, 0x63, 0x6d, 0x3c, 0x3c, 0x62, 0x29, 0x1c, 0x9d, 0x7d, 0x67, 0xf8, 0x88, 0x7f, 0x55, 0x95, 0xbb, 0x02, 0xb2, 0x04, 0x17, 0x35, 0x86, 0x82, 0xf4, 0xdd, 0x11, 0x9c, 0xb8, 0x9a, 0x01, 0x97, 0xa8, 0x6c, 0xe8, 0x0e, 0xfe, 0x75, 0xec, 0xdd, 0x3b, 0x01, 0xc1, 0x3e, 0xbe, 0xc3 }, .variant = 1, }, { .len = 72, .key = { 0x2a, 0xe6, 0xae, 0x5d, 0x75, 0x34, 0x8f, 0x9d, 0x34, 0xc4, 0xfd, 0x45, 0x85, 0xb6, 0xba, 0x8c, 0x9d, 0xef, 0x6e, 0xbf, 0xc7, 0x7f, 0xe0, 0x46 }, .iv = { 0xa5, 0x2b, 0x66, 0xc3, 0x34, 0x38, 0x59, 0xe0 }, .plaintext = (unsigned char []){ 0x24, 0x19, 0x26, 0x42, 0xf7, 0xc7, 0x0e, 0x7d, 0x75, 0x69, 0xde, 0x8b, 0x86, 0x20, 0x4a, 0x10, 0xa0, 0x76, 0xe3, 0xf3, 0x79, 0xbc, 0x7f, 0x8a, 0x52, 0x25, 0xec, 0x4d, 0x76, 0xc0, 0x8a, 0xca, 0x40, 0xcd, 0xe8, 0x86, 0xf5, 0xd9, 0x9b, 0xc0, 0xb6, 0x65, 0xa1, 0x79, 0x56, 0x37, 0x22, 0x19, 0xcd, 0x52, 0xcb, 0x73, 0xec, 0x48, 0x62, 0xdf, 0x24, 0x2f, 0xb7, 0x65, 0xb1, 0x85, 0x3b, 0xc6, 0x25, 0x82, 0x41, 0xe4, 0x1a, 0x1a, 0xd7, 0x15 }, .ciphertext = (unsigned char []){ 0x95, 0x0e, 0x26, 0xc3, 0xf2, 0x46, 0xd7, 0xed, 0xff, 0xbd, 0xd3, 0x0e, 0x9a, 0x2c, 0x08, 0x2b, 0x48, 0x53, 0x3f, 0xbf, 0x26, 0x29, 0xa9, 0x00, 0x23, 0x35, 0xbb, 0x63, 0x6d, 0x3c, 0x3c, 0x62, 0x29, 0x1c, 0x9d, 0x7d, 0x67, 0xf8, 0x88, 0x7f, 0x55, 0x95, 0xbb, 0x02, 0xb2, 0x04, 0x17, 0x35, 0x86, 0x82, 0xf4, 0xdd, 0x11, 0x9c, 0xb8, 0x9a, 0x01, 0x97, 0xa8, 0x6c, 0xe8, 0x0e, 0xfe, 0x75, 0xec, 0xdd, 0x3b, 0x01, 0xc1, 0x3e, 0xbe, 0xc3 }, .variant = 2, }, { .len = 72, .key = { 0x2a, 0xe6, 0xae, 0x5d, 0x75, 0x34, 0x8f, 0x9d, 0x34, 0xc4, 0xfd, 0x45, 0x85, 0xb6, 0xba, 0x8c, 0x9d, 0xef, 0x6e, 0xbf, 0xc7, 0x7f, 0xe0, 0x46 }, .iv = { 0xa5, 0x2b, 0x66, 0xc3, 0x34, 0x38, 0x59, 0xe0 }, .plaintext = (unsigned char []){ 0x24, 0x19, 0x26, 0x42, 0xf7, 0xc7, 0x0e, 0x7d, 0x75, 0x69, 0xde, 0x8b, 0x86, 0x20, 0x4a, 0x10, 0xa0, 0x76, 0xe3, 0xf3, 0x79, 0xbc, 0x7f, 0x8a, 0x52, 0x25, 0xec, 0x4d, 0x76, 0xc0, 0x8a, 0xca, 0x40, 0xcd, 0xe8, 0x86, 0xf5, 0xd9, 0x9b, 0xc0, 0xb6, 0x65, 0xa1, 0x79, 0x56, 0x37, 0x22, 0x19, 0xcd, 0x52, 0xcb, 0x73, 0xec, 0x48, 0x62, 0xdf, 0x24, 0x2f, 0xb7, 0x65, 0xb1, 0x85, 0x3b, 0xc6, 0x25, 0x82, 0x41, 0xe4, 0x1a, 0x1a, 0xd7, 0x15 }, .ciphertext = (unsigned char []){ 0x95, 0x0e, 0x26, 0xc3, 0xf2, 0x46, 0xd7, 0xed, 0xff, 0xbd, 0xd3, 0x0e, 0x9a, 0x2c, 0x08, 0x2b, 0x48, 0x53, 0x3f, 0xbf, 0x26, 0x29, 0xa9, 0x00, 0x23, 0x35, 0xbb, 0x63, 0x6d, 0x3c, 0x3c, 0x62, 0x29, 0x1c, 0x9d, 0x7d, 0x67, 0xf8, 0x88, 0x7f, 0x55, 0x95, 0xbb, 0x02, 0xb2, 0x04, 0x17, 0x35, 0x86, 0x82, 0xf4, 0xdd, 0x11, 0x9c, 0xb8, 0x9a, 0xec, 0xdd, 0x3b, 0x01, 0xc1, 0x3e, 0xbe, 0xc3, 0x01, 0x97, 0xa8, 0x6c, 0xe8, 0x0e, 0xfe, 0x75, }, .variant = 3, }, }; const struct aes_cfb_tv AES_CFB_TV[] = { { .keylen = AES128_KEYLEN, .len = 10, .lcfb = 1, .key = (unsigned char []){ 0x63, 0x99, 0xc1, 0xdc, 0x06, 0x8b, 0xa3, 0x50, 0x98, 0x45, 0x62, 0x8f, 0xa9, 0xed, 0x1a, 0x96 }, .iv = { 0x11, 0x57, 0xc2, 0x76, 0x6c, 0x86, 0xb7, 0x54, 0xdf, 0x48, 0x5b, 0xe9, 0xdd, 0x58, 0x51, 0xdf }, .plaintext = (unsigned char []){ 0xfe, 0xff, 0x4e, 0x2e, 0x24, 0x58, 0xad, 0xdf, 0x2a, 0x54 }, .ciphertext = (unsigned char []){ 0xc9, 0xc2, 0x84, 0xe9, 0xab, 0xbf, 0xe6, 0xfb, 0x11, 0xfe }, }, { .keylen = AES192_KEYLEN, .len = 10, .lcfb = 1, .key = (unsigned char []){ 0xba, 0xf0, 0x8b, 0x76, 0x31, 0x7a, 0x65, 0xc5, 0xf0, 0x7a, 0xe6, 0xf5, 0x7e, 0xb0, 0xe6, 0x54, 0x88, 0x65, 0x93, 0x24, 0xd2, 0x97, 0x09, 0xe3 }, .iv = { 0x0a, 0x02, 0x84, 0x6b, 0x62, 0xab, 0xb6, 0x93, 0xef, 0x31, 0xd7, 0x54, 0x84, 0x2e, 0xed, 0x29 }, .plaintext = (unsigned char []){ 0x98, 0x95, 0x93, 0x24, 0x02, 0x39, 0x3d, 0xc3, 0x3a, 0x60 }, .ciphertext = (unsigned char []){ 0x72, 0x9c, 0x0b, 0x6d, 0xeb, 0x75, 0xfa, 0x6e, 0xb5, 0xe8 }, }, { .keylen = AES256_KEYLEN, .len = 10, .lcfb = 1, .key = (unsigned char []){ 0xec, 0x13, 0x06, 0x25, 0x51, 0xe4, 0xd7, 0x29, 0x1e, 0x32, 0x0f, 0x56, 0x5b, 0x74, 0x9e, 0xea, 0x18, 0x09, 0xb6, 0x63, 0xb2, 0x6f, 0x2c, 0x4d, 0x53, 0xb5, 0x20, 0x58, 0xb8, 0x33, 0xe0, 0xad }, .iv = { 0xfb, 0xfa, 0x5a, 0x52, 0x8e, 0x20, 0x86, 0x30, 0x12, 0x79, 0x0c, 0x2a, 0xba, 0xfb, 0x5a, 0x0c }, .plaintext = (unsigned char []){ 0x54, 0x7b, 0xfd, 0x64, 0x2c, 0xf6, 0xe1, 0x2e, 0xd9, 0x42 }, .ciphertext = (unsigned char []){ 0x2b, 0xfc, 0x3f, 0x02, 0x09, 0x30, 0x71, 0x40, 0x10, 0x1a }, }, { .keylen = AES128_KEYLEN, .len = 160, .lcfb = 16, .key = (unsigned char []){ 0xae, 0xf4, 0x9d, 0xa3, 0x3f, 0x53, 0x8e, 0xe6, 0x6e, 0x17, 0x8d, 0x4b, 0x61, 0x21, 0x05, 0x5d }, .iv = { 0x84, 0x25, 0x66, 0xe6, 0x8b, 0x61, 0xff, 0x7b, 0xf0, 0x01, 0xf2, 0x64, 0x2d, 0xa6, 0x2f, 0x64 }, .plaintext = (unsigned char []){ 0x41, 0x59, 0x91, 0xf6, 0x5e, 0x1a, 0x95, 0x04, 0x0c, 0xef, 0x99, 0x60, 0x55, 0x6f, 0x61, 0xe6, 0x17, 0x82, 0x7c, 0x30, 0xc7, 0x4b, 0xf3, 0x53, 0xcd, 0xd8, 0x61, 0x73, 0xdb, 0xe4, 0xcc, 0x98, 0x3a, 0x2e, 0xe6, 0xbc, 0x8c, 0xa6, 0xcf, 0xb7, 0x11, 0x21, 0xe7, 0xb0, 0xd0, 0x17, 0x8f, 0x2e, 0x13, 0x44, 0x5c, 0x71, 0x0d, 0xcc, 0x17, 0x6b, 0x78, 0x12, 0x01, 0x97, 0x11, 0x71, 0xf7, 0x48, 0x9f, 0x18, 0xfa, 0xf1, 0x10, 0xf3, 0x9a, 0xcc, 0xd1, 0xcf, 0x08, 0xc8, 0x5a, 0x95, 0x8d, 0x76, 0x98, 0xb1, 0x16, 0xf1, 0xc0, 0xd7, 0x58, 0x12, 0xac, 0x9b, 0x0b, 0x39, 0xae, 0xe7, 0xf7, 0x15, 0x9c, 0xca, 0xd8, 0xfd, 0xae, 0x9b, 0x99, 0xf2, 0xd6, 0x95, 0xea, 0xcf, 0x12, 0xc6, 0x46, 0x9d, 0x5b, 0x51, 0xa3, 0x4d, 0xe2, 0x6e, 0xac, 0x73, 0x61, 0x3d, 0xcb, 0x2f, 0x77, 0x12, 0x2c, 0xb1, 0xf8, 0xdd, 0x51, 0x62, 0x78, 0x6a, 0x12, 0x05, 0x2d, 0xc7, 0xb6, 0xde, 0xa6, 0xac, 0xc4, 0x98, 0x9d, 0xcc, 0x7e, 0xaf, 0xd9, 0x37, 0x4f, 0x6c, 0x29, 0x69, 0x7c, 0x74, 0x74, 0x9e, 0xf1, 0x6d }, .ciphertext = (unsigned char []){ 0x66, 0x25, 0x81, 0x14, 0x19, 0xbd, 0xee, 0x71, 0x53, 0x5f, 0x59, 0x7f, 0x7c, 0x22, 0x8b, 0xaf, 0xd8, 0x90, 0xfd, 0x69, 0xb8, 0x05, 0xa6, 0x99, 0xed, 0x58, 0x11, 0x6a, 0x82, 0xbd, 0xb2, 0x51, 0xab, 0xea, 0x7a, 0x4e, 0xf8, 0x79, 0xa9, 0x6f, 0xce, 0x8e, 0xe4, 0x95, 0x18, 0xb9, 0x87, 0x7a, 0x3a, 0x1e, 0x3c, 0xf3, 0x46, 0xd3, 0xcd, 0x73, 0x73, 0x89, 0x36, 0xd1, 0xcb, 0x6f, 0xff, 0x4b, 0x23, 0x53, 0xc8, 0xca, 0x50, 0x0a, 0x26, 0x68, 0x98, 0x13, 0xad, 0x2f, 0x67, 0x77, 0x4e, 0x23, 0x43, 0xf3, 0xe4, 0x83, 0x02, 0x59, 0x09, 0x4d, 0x3b, 0x34, 0x2e, 0x00, 0xfa, 0xab, 0xeb, 0xa5, 0xb8, 0xa8, 0x93, 0x10, 0x8a, 0x39, 0x0c, 0x64, 0x98, 0x36, 0xdd, 0xd5, 0xd1, 0x24, 0x89, 0xb2, 0xdd, 0x59, 0x1c, 0xa2, 0x53, 0x61, 0x03, 0x2e, 0x2d, 0xa1, 0x20, 0x7f, 0x79, 0x3a, 0x1e, 0x69, 0x51, 0x30, 0x02, 0xa9, 0x0c, 0xcc, 0x03, 0x6b, 0xb6, 0x3e, 0x9c, 0x10, 0xbe, 0x87, 0xdf, 0x2d, 0xef, 0x96, 0x0c, 0xd7, 0xa1, 0xb1, 0x62, 0x1e, 0x31, 0x17, 0x35, 0xd7, 0xae, 0xe4, 0x41, 0x9f }, }, { .keylen = AES192_KEYLEN, .len = 160, .lcfb = 16, .key = (unsigned char []){ 0xdc, 0xc8, 0x70, 0x21, 0x42, 0xb2, 0x9e, 0x15, 0x29, 0xf2, 0x3c, 0x5c, 0x37, 0x66, 0x46, 0x4f, 0x6b, 0xe0, 0xd2, 0xfb, 0xb1, 0x6e, 0x46, 0x82 }, .iv = { 0xe0, 0x81, 0x87, 0x69, 0xd7, 0x7f, 0x23, 0x15, 0x92, 0x4c, 0xf8, 0x1a, 0x36, 0x91, 0xe2, 0x75 }, .plaintext = (unsigned char []){ 0xcb, 0x55, 0x01, 0x11, 0xbf, 0x0a, 0x03, 0xea, 0xf4, 0xf4, 0x9a, 0xf2, 0x14, 0xfc, 0xc0, 0x5a, 0x32, 0x97, 0x2d, 0x7b, 0x4d, 0xed, 0xe3, 0xe9, 0x81, 0x2a, 0x27, 0xef, 0x80, 0xd6, 0x80, 0x18, 0x81, 0x19, 0xea, 0xd5, 0x62, 0x31, 0x3e, 0x40, 0x0f, 0xe0, 0xa0, 0xff, 0xfb, 0xb8, 0x8c, 0x55, 0xa4, 0x2b, 0xd6, 0x81, 0xd5, 0xc9, 0x3a, 0x8a, 0x61, 0xba, 0x90, 0x90, 0x58, 0xe6, 0x2d, 0x99, 0xfa, 0x10, 0x9c, 0xfd, 0x49, 0x93, 0x5b, 0x15, 0x08, 0x62, 0xa8, 0xaa, 0xb2, 0xc3, 0x01, 0xb9, 0xb0, 0xa9, 0x15, 0x7c, 0x83, 0x84, 0x91, 0xcd, 0x73, 0x7a, 0xf4, 0x38, 0xcb, 0x66, 0xb1, 0xf2, 0x04, 0x20, 0x20, 0x0d, 0xbc, 0x56, 0xaa, 0x66, 0x55, 0x2c, 0xe4, 0xbe, 0x04, 0xca, 0xce, 0x4a, 0xce, 0x5b, 0xfb, 0xc6, 0x17, 0xe3, 0xb2, 0x7f, 0x40, 0xec, 0x6d, 0xbc, 0x85, 0xa4, 0x2b, 0x41, 0x0d, 0xcb, 0x7e, 0xa0, 0xb7, 0x8d, 0x47, 0x22, 0x97, 0xd9, 0xb9, 0x88, 0x75, 0xd6, 0x36, 0xb8, 0xef, 0x08, 0xc2, 0x54, 0xec, 0x9b, 0xd0, 0x5b, 0xfd, 0xa0, 0x1b, 0xb3, 0x8e, 0x8b, 0xeb, 0x6a }, .ciphertext = (unsigned char []){ 0x1a, 0x22, 0xb1, 0xbf, 0x57, 0x75, 0xd4, 0x3c, 0x66, 0xf1, 0xa7, 0x30, 0x84, 0xee, 0xef, 0xdb, 0x3e, 0xd2, 0x4c, 0xeb, 0xd9, 0xe2, 0xbe, 0xf2, 0xf0, 0x58, 0x67, 0x16, 0x5f, 0xb5, 0x93, 0x0b, 0x60, 0x58, 0xf5, 0x3e, 0xf4, 0x50, 0x33, 0x53, 0x85, 0x6f, 0xa6, 0xd2, 0xc9, 0x9f, 0x5b, 0x1d, 0xe9, 0x79, 0x5d, 0xa6, 0xe3, 0x14, 0x36, 0x5e, 0x2d, 0x1b, 0xb3, 0x71, 0x9b, 0x23, 0xe8, 0x30, 0x82, 0x3b, 0x74, 0x4e, 0x1e, 0xc4, 0x06, 0x50, 0x31, 0x83, 0x20, 0x3f, 0xed, 0xf4, 0x1b, 0xa0, 0x14, 0xe1, 0x6c, 0xa6, 0x5e, 0x34, 0x25, 0xa5, 0x1b, 0x0a, 0xbf, 0xca, 0x19, 0x08, 0x16, 0x0a, 0xc8, 0xf2, 0xb5, 0x58, 0x9c, 0x79, 0x54, 0x1b, 0xb3, 0x55, 0x9f, 0xdf, 0xb8, 0x94, 0x39, 0x4a, 0x07, 0x32, 0x01, 0x52, 0x11, 0xe9, 0x94, 0xae, 0x02, 0x4a, 0x13, 0x8a, 0xa2, 0x0d, 0x26, 0x7f, 0x79, 0xa6, 0x40, 0xc2, 0x37, 0x19, 0x25, 0x9c, 0x53, 0x0e, 0xaa, 0x1a, 0xf1, 0x28, 0xbc, 0x05, 0x09, 0x93, 0xa4, 0x14, 0xc6, 0xdc, 0x89, 0x61, 0x2c, 0x06, 0x37, 0x1a, 0xfe, 0xda, 0x1f, 0x79 }, }, { .keylen = AES256_KEYLEN, .len = 160, .lcfb = 16, .key = (unsigned char []){ 0x4d, 0x3e, 0x4c, 0xec, 0x63, 0xed, 0xaf, 0xbb, 0x4d, 0x60, 0x00, 0x07, 0xe9, 0x51, 0x24, 0xf5, 0x54, 0xb3, 0x52, 0xad, 0xa4, 0x96, 0x6a, 0x60, 0xda, 0x4c, 0x89, 0x89, 0x12, 0xca, 0xda, 0x73 }, .iv = { 0x05, 0xae, 0xf5, 0xcc, 0xf4, 0x62, 0x98, 0xe0, 0xfe, 0xb5, 0x8d, 0x77, 0x12, 0x2b, 0x58, 0xd9 }, .plaintext = (unsigned char []){ 0x95, 0xd6, 0xb8, 0x3e, 0x1c, 0x10, 0xc7, 0x21, 0xe0, 0xf0, 0xc3, 0x59, 0x07, 0xb3, 0xa4, 0xe3, 0x5c, 0x27, 0x94, 0xa6, 0xa8, 0x23, 0x48, 0x74, 0x44, 0x0b, 0xe7, 0xa7, 0x95, 0xdc, 0x8e, 0x2f, 0x7e, 0xc5, 0xcf, 0x73, 0x9d, 0x0b, 0xb1, 0x3b, 0x1f, 0xc5, 0x1c, 0xf5, 0xd4, 0xd2, 0x7d, 0x2e, 0xd4, 0xb9, 0x3c, 0x11, 0x89, 0x3c, 0x7b, 0x9a, 0x64, 0x9b, 0x22, 0xcb, 0xbc, 0x96, 0xa8, 0xcd, 0x58, 0x47, 0xd1, 0x35, 0xc4, 0x3d, 0x1a, 0x11, 0x85, 0x58, 0x11, 0xb8, 0x2c, 0xff, 0xbd, 0x22, 0x87, 0xe6, 0xc5, 0x5f, 0x45, 0xd1, 0x24, 0xd4, 0x7d, 0x54, 0x92, 0x18, 0xc1, 0xea, 0x00, 0x49, 0x28, 0x1d, 0xd5, 0x39, 0xa6, 0x0c, 0xdb, 0xb8, 0x05, 0x49, 0xdb, 0x3a, 0xf3, 0xb9, 0xf8, 0xd4, 0xca, 0x12, 0x7e, 0xfc, 0xb5, 0xcd, 0xe7, 0xec, 0xc9, 0x8e, 0x00, 0x8f, 0x1e, 0xde, 0xff, 0x69, 0x80, 0xf1, 0x72, 0x65, 0x28, 0x06, 0xff, 0x93, 0x95, 0xaf, 0x7a, 0x62, 0xf8, 0x8a, 0xba, 0xaf, 0x89, 0x74, 0xeb, 0xef, 0x1a, 0x02, 0xd7, 0x8e, 0x4b, 0xd5, 0x21, 0x49, 0xfa, 0x1e, 0xe1, 0x83 }, .ciphertext = (unsigned char []){ 0xfe, 0xdc, 0x27, 0x08, 0xce, 0x2e, 0x24, 0x71, 0xab, 0x8e, 0x66, 0xc6, 0x9a, 0x34, 0x51, 0xa9, 0x43, 0x80, 0xda, 0x0e, 0x5e, 0x99, 0x98, 0xfa, 0x68, 0x54, 0x1d, 0x89, 0x9a, 0x57, 0x86, 0x36, 0x1b, 0x7e, 0x51, 0x57, 0x75, 0x7d, 0x6f, 0xe7, 0x46, 0xc7, 0x9a, 0x88, 0x38, 0xaf, 0xe9, 0xc8, 0x32, 0xcd, 0xa2, 0xa4, 0xd0, 0xa4, 0x4f, 0x4b, 0x11, 0x81, 0x14, 0x24, 0x50, 0xa6, 0x3f, 0x11, 0x76, 0xa8, 0x21, 0xf6, 0x6d, 0x16, 0x1d, 0x75, 0xd8, 0x5b, 0xfe, 0xfc, 0x01, 0xe6, 0x8d, 0x02, 0x12, 0x88, 0x64, 0x8d, 0x89, 0x1d, 0xfd, 0xf8, 0xe6, 0x6e, 0x0e, 0xf3, 0xa6, 0x56, 0x19, 0xcb, 0x75, 0x24, 0x3e, 0xec, 0xa0, 0x41, 0x55, 0xa4, 0xc9, 0x13, 0x39, 0x29, 0xde, 0x20, 0x66, 0xde, 0x4c, 0x77, 0xc7, 0xd2, 0x6f, 0x4c, 0xc9, 0x89, 0x4d, 0xe2, 0xb4, 0x00, 0x85, 0xae, 0x3b, 0xeb, 0x82, 0xb9, 0x52, 0x41, 0xf4, 0x46, 0x3f, 0xfa, 0x81, 0xb5, 0xf4, 0x18, 0xb7, 0xa7, 0x9c, 0xe4, 0x46, 0x63, 0x74, 0x7a, 0x6c, 0x78, 0xdc, 0x87, 0xb0, 0xa4, 0xae, 0x52, 0xd3, 0xf5, 0xce, 0xf9 }, }, }; const struct aes_ofb_tv AES_OFB_TV[] = { { .keylen = AES128_KEYLEN, .len = 160, .key = (unsigned char []){ 0xe3, 0x0b, 0x4c, 0x87, 0x4c, 0x4c, 0x4f, 0x6e, 0x0c, 0xf1, 0xf8, 0xef, 0x58, 0xe5, 0xd3, 0x75 }, .iv = { 0x7e, 0x26, 0xf0, 0x7f, 0x80, 0x24, 0x34, 0x3c, 0xec, 0x35, 0x40, 0x9e, 0x71, 0xe0, 0xcd, 0x8c }, .plaintext = (unsigned char []){ 0x8c, 0xec, 0xa4, 0xdc, 0x34, 0x6c, 0xfd, 0x6b, 0x15, 0x77, 0x4e, 0x08, 0x2d, 0xb1, 0xa8, 0x94, 0x97, 0xb7, 0xd8, 0x5d, 0x6b, 0x5b, 0x71, 0x02, 0xe7, 0x74, 0x17, 0xf7, 0xa2, 0x43, 0xfa, 0xfe, 0x17, 0x11, 0x8b, 0x7a, 0x3b, 0xb4, 0x9d, 0x16, 0x57, 0xcf, 0x61, 0xb8, 0x66, 0xda, 0x39, 0x5a, 0x5b, 0x3f, 0x34, 0x91, 0x83, 0xa5, 0x3d, 0xfa, 0x11, 0xfc, 0x0a, 0xc0, 0x53, 0xbd, 0xdf, 0xf4, 0x9d, 0xd4, 0x72, 0xee, 0x55, 0xf5, 0xe4, 0x3a, 0x2f, 0x8b, 0xc7, 0x85, 0xe2, 0xbc, 0x42, 0x03, 0x00, 0x69, 0x49, 0x19, 0xff, 0x7b, 0xb4, 0x3f, 0xeb, 0x75, 0xa9, 0xca, 0xc4, 0x4e, 0xce, 0x96, 0xf6, 0x79, 0xe6, 0x18, 0xdb, 0x5d, 0x74, 0x33, 0xaf, 0x12, 0xdc, 0xc7, 0xe0, 0x96, 0x3f, 0xf1, 0x0b, 0x45, 0xd8, 0x35, 0xf9, 0xa8, 0xf4, 0x26, 0x27, 0xe7, 0xf3, 0xfd, 0x50, 0x38, 0x93, 0x26, 0x85, 0x96, 0x5a, 0xd0, 0xe1, 0x83, 0xf5, 0x95, 0x5e, 0x67, 0x1f, 0xc2, 0xb8, 0x78, 0xdd, 0x51, 0x05, 0x1e, 0xed, 0xaf, 0x85, 0x31, 0x0d, 0x1e, 0x4e, 0x8f, 0x75, 0xf2, 0xde, 0xcf, 0x36, 0xc7 }, .ciphertext = (unsigned char []){ 0x5d, 0xca, 0xa1, 0x73, 0xed, 0xe1, 0x4f, 0xd2, 0xd6, 0x58, 0x97, 0x39, 0x26, 0x16, 0x8f, 0xf3, 0x4f, 0xd6, 0xdf, 0x9b, 0xce, 0x32, 0x80, 0xd4, 0x0b, 0x00, 0xc4, 0x3b, 0x80, 0xe2, 0x97, 0x9a, 0x1e, 0x19, 0x04, 0x5f, 0xec, 0x9a, 0xfb, 0x4c, 0xf2, 0x64, 0x51, 0x6f, 0x55, 0x10, 0x08, 0x55, 0xc3, 0xaa, 0xd1, 0x7b, 0x11, 0xbf, 0xcf, 0x05, 0x23, 0xb7, 0x9e, 0xb2, 0x0d, 0x65, 0x94, 0x10, 0x77, 0xdd, 0x46, 0xec, 0x46, 0x86, 0x4e, 0x0d, 0x79, 0x70, 0x4c, 0x22, 0x50, 0xe7, 0x2b, 0xf8, 0xb4, 0x48, 0xa6, 0xf0, 0xd3, 0x13, 0x0a, 0xb1, 0x0b, 0x42, 0x3d, 0x1a, 0x09, 0xd9, 0xff, 0x7a, 0x32, 0xbf, 0x70, 0x04, 0x41, 0xcc, 0xd2, 0x7d, 0x32, 0x23, 0x91, 0x38, 0x60, 0xc2, 0x80, 0x44, 0xea, 0x57, 0x66, 0xe4, 0x5a, 0x55, 0xb9, 0x3f, 0x89, 0x48, 0xa9, 0x59, 0xbd, 0x66, 0x61, 0x42, 0x15, 0x66, 0x89, 0x8e, 0x27, 0x95, 0x0f, 0x04, 0xe7, 0x26, 0x27, 0x9b, 0xcb, 0xc9, 0x90, 0xa2, 0x2c, 0x80, 0x19, 0x3e, 0xf0, 0xae, 0x65, 0x19, 0x66, 0x71, 0xeb, 0x59, 0x71, 0x32, 0x40, 0xcf }, }, { .keylen = AES192_KEYLEN, .len = 160, .key = (unsigned char []){ 0x75, 0x3c, 0x1f, 0x7f, 0x39, 0xaf, 0xd2, 0x86, 0xff, 0x05, 0x13, 0x39, 0xc4, 0x5d, 0x57, 0xc8, 0x48, 0x85, 0x03, 0x93, 0xb4, 0x11, 0x2f, 0xe5 }, .iv = { 0xd3, 0xee, 0x0d, 0x8d, 0xe5, 0x08, 0x0e, 0xda, 0x4c, 0x26, 0xf5, 0xa3, 0xb9, 0xca, 0x8a, 0x9f }, .plaintext = (unsigned char []){ 0xad, 0x3c, 0xcd, 0xa2, 0x64, 0x34, 0x31, 0x30, 0xbf, 0x1d, 0xb3, 0x70, 0x3e, 0x27, 0x12, 0x71, 0x76, 0xfb, 0xaa, 0x7b, 0x6a, 0x5d, 0xa2, 0x71, 0x87, 0x83, 0xba, 0xf9, 0xf2, 0x8f, 0xcd, 0xd3, 0xed, 0x9c, 0xd3, 0x1a, 0xdc, 0xc7, 0x94, 0x27, 0xfe, 0x4d, 0xf0, 0x3f, 0x16, 0x72, 0xa5, 0xe5, 0x5c, 0xab, 0x0d, 0xb0, 0xf4, 0xd4, 0x34, 0xd8, 0x60, 0x34, 0x0d, 0x2f, 0xa0, 0x5b, 0xfe, 0xb0, 0x7e, 0x92, 0x41, 0x57, 0x06, 0x4a, 0x24, 0xd0, 0xf1, 0x0e, 0x32, 0x93, 0xf7, 0x8a, 0x26, 0x76, 0xe3, 0xc5, 0x37, 0x34, 0xf2, 0x2d, 0x4e, 0xa3, 0x3e, 0x89, 0x38, 0x4b, 0xd1, 0x7f, 0x4a, 0x0f, 0x59, 0x35, 0x41, 0x79, 0xce, 0x48, 0xa7, 0xd1, 0xc1, 0xba, 0x35, 0xe7, 0xf7, 0x77, 0x35, 0xf5, 0x86, 0x80, 0xf0, 0xe8, 0x9b, 0xf9, 0x24, 0x2a, 0x4f, 0x08, 0x73, 0x22, 0xd9, 0x9e, 0x50, 0x73, 0x36, 0xa8, 0xe9, 0x03, 0x7b, 0x6f, 0x1b, 0xfb, 0xe4, 0x56, 0x14, 0xab, 0xeb, 0x2f, 0x71, 0x51, 0x6b, 0x94, 0xca, 0xf6, 0x18, 0x85, 0x1d, 0xdc, 0xfa, 0xc7, 0x42, 0x9a, 0x21, 0x77, 0xbe, 0x40 }, .ciphertext = (unsigned char []){ 0xa9, 0x14, 0x09, 0xfa, 0x69, 0x4a, 0x4a, 0xd3, 0x4a, 0x9c, 0xb1, 0xc1, 0x53, 0x4a, 0x94, 0x97, 0x9a, 0x5b, 0xeb, 0x39, 0x00, 0x83, 0xa6, 0xa6, 0x1b, 0x4a, 0x44, 0x36, 0x74, 0x6b, 0xa1, 0x20, 0xf3, 0x7a, 0x0f, 0x3e, 0x97, 0xca, 0xa9, 0x15, 0x6a, 0x8e, 0xe4, 0x10, 0xb5, 0x3e, 0x67, 0x0c, 0x70, 0x3d, 0x1d, 0x19, 0xfc, 0xb8, 0x88, 0x7f, 0x15, 0xd1, 0x58, 0x00, 0x02, 0xfd, 0x3c, 0x5d, 0x0e, 0xaa, 0xf8, 0x1c, 0x3c, 0x26, 0xb8, 0x87, 0x37, 0xbc, 0xa3, 0xf8, 0x88, 0x20, 0xb4, 0x54, 0x0b, 0x0d, 0xc5, 0xd6, 0xa4, 0x2c, 0xed, 0x0e, 0x2e, 0x38, 0x0c, 0x29, 0xb4, 0x60, 0xa4, 0x72, 0xe4, 0xec, 0xeb, 0x19, 0xc0, 0x24, 0x1e, 0x33, 0x97, 0x6d, 0x17, 0x03, 0x34, 0xb6, 0x22, 0x78, 0x55, 0x12, 0x0d, 0xf6, 0x5f, 0xa6, 0x7e, 0x5a, 0x4f, 0xc6, 0x89, 0x38, 0xf4, 0x5b, 0x82, 0x66, 0x5c, 0x88, 0x10, 0xbf, 0x8c, 0x8d, 0x83, 0x21, 0x73, 0xeb, 0x68, 0xb8, 0x21, 0xc9, 0x5a, 0x7f, 0x35, 0x96, 0x1b, 0x03, 0x94, 0xf0, 0xe3, 0x6b, 0x61, 0xc4, 0xf7, 0xb5, 0x29, 0xb7, 0x7e, 0x42 }, }, { .keylen = AES256_KEYLEN, .len = 160, .key = (unsigned char []){ 0x98, 0xa9, 0x97, 0x1e, 0x86, 0x80, 0x6c, 0xcc, 0x34, 0x95, 0x11, 0x6f, 0xd0, 0x6d, 0xc9, 0xd1, 0x52, 0x2f, 0xe8, 0x80, 0x60, 0xfd, 0xdd, 0xc3, 0x6e, 0x84, 0x6f, 0xd3, 0x29, 0xd2, 0x47, 0x48 }, .iv = { 0x99, 0x83, 0xce, 0x04, 0x8f, 0x19, 0xef, 0x40, 0x43, 0x05, 0x4c, 0x03, 0xaa, 0x01, 0x0b, 0xee }, .plaintext = (unsigned char []){ 0x00, 0xca, 0xa2, 0x33, 0x19, 0x8f, 0x51, 0xbb, 0xf5, 0x93, 0x40, 0x4f, 0x59, 0x82, 0x69, 0x97, 0xb4, 0xea, 0x38, 0x73, 0x85, 0xcf, 0x74, 0x4c, 0x93, 0xcf, 0xa0, 0x0e, 0x70, 0x2e, 0x8f, 0x16, 0xff, 0x5a, 0xa7, 0xe1, 0x7a, 0x9a, 0x60, 0x20, 0xdf, 0x0f, 0x0d, 0xe4, 0xea, 0x6a, 0xbb, 0x38, 0xbc, 0xf1, 0xd7, 0x77, 0x81, 0x0a, 0x83, 0x18, 0xf6, 0x9b, 0x5e, 0x83, 0x05, 0xf6, 0xd7, 0x27, 0xf0, 0x6f, 0x00, 0x8b, 0x4b, 0xec, 0x2d, 0x65, 0xcd, 0x4c, 0x51, 0x6c, 0xa4, 0x9f, 0x62, 0xfb, 0x2f, 0x91, 0x6f, 0x27, 0x3c, 0x45, 0xbb, 0x72, 0x2b, 0xec, 0x78, 0xc3, 0x16, 0xf9, 0x0b, 0x5e, 0xd5, 0xde, 0x6e, 0xf1, 0xd3, 0x66, 0x60, 0x3c, 0xed, 0x30, 0x3c, 0x10, 0xe3, 0x3d, 0xd5, 0xc9, 0x9e, 0xb0, 0xf9, 0x94, 0xdb, 0x5a, 0x78, 0x67, 0xda, 0x9b, 0x53, 0x0f, 0xc4, 0xd0, 0xb9, 0xce, 0x22, 0x4c, 0x6e, 0xab, 0x78, 0x10, 0x35, 0x9c, 0x97, 0x33, 0xcf, 0x93, 0x3c, 0x57, 0x36, 0x11, 0xd3, 0x1f, 0xcd, 0xf3, 0xf1, 0xdb, 0x87, 0xcf, 0xd1, 0x7b, 0xe7, 0xf4, 0xa4, 0x70, 0xa0, 0xb4 }, .ciphertext = (unsigned char []){ 0x4b, 0x07, 0x67, 0xfe, 0xc0, 0xd4, 0xbd, 0x07, 0xc7, 0x9c, 0x0f, 0x56, 0x52, 0xda, 0xfa, 0xdf, 0x10, 0xcf, 0xce, 0x89, 0xe3, 0x25, 0x9d, 0xea, 0x94, 0xd3, 0x92, 0x52, 0xc6, 0x40, 0x84, 0x0c, 0x28, 0xab, 0xcb, 0xe0, 0xef, 0xca, 0x53, 0xdc, 0x84, 0xb1, 0xef, 0x55, 0x79, 0xf6, 0xef, 0x28, 0xc2, 0x13, 0xf4, 0x45, 0x22, 0x0b, 0x03, 0x6f, 0xe3, 0x51, 0xd9, 0x3d, 0xca, 0xe5, 0x7e, 0x65, 0x4a, 0xc0, 0x1d, 0x39, 0xf8, 0x72, 0x13, 0x72, 0x3f, 0x0a, 0x46, 0x2d, 0x55, 0x36, 0xb8, 0x33, 0x6d, 0xab, 0x5c, 0x7d, 0x2f, 0xc7, 0x28, 0xf8, 0x65, 0x75, 0x6b, 0x85, 0xf7, 0x52, 0x61, 0x44, 0x19, 0x0e, 0x04, 0x12, 0xc3, 0x14, 0x26, 0x50, 0x61, 0x6d, 0xbd, 0xe7, 0xcd, 0xe1, 0x7e, 0x88, 0x7a, 0x60, 0xad, 0x39, 0xf2, 0xa1, 0x33, 0x0d, 0x82, 0x09, 0xf1, 0x32, 0x33, 0xce, 0x54, 0x31, 0xfd, 0x5c, 0x29, 0x72, 0x38, 0xf8, 0xb3, 0xff, 0x53, 0xa3, 0xfb, 0x89, 0xc8, 0x41, 0x68, 0xb0, 0x4f, 0xfa, 0x8f, 0x7f, 0x53, 0xe1, 0x4c, 0x36, 0xa2, 0xd3, 0x12, 0x4d, 0x68, 0xa2, 0x7f, 0xb5 }, }, }; const struct des3_ecb_tv DES3_ECB_TV[] = { { .len = 72, .key = { 0xbc, 0x51, 0xa2, 0x29, 0x1a, 0xf4, 0xbc, 0x10, 0x31, 0x57, 0x26, 0x9e, 0x7a, 0x4c, 0x15, 0xb5, 0xa1, 0x31, 0x97, 0xd9, 0xad, 0x97, 0x0d, 0xb9 }, .plaintext = (unsigned char []){ 0x2e, 0xdd, 0x7f, 0x0f, 0xf0, 0x86, 0xab, 0xd0, 0xa1, 0xb1, 0x21, 0xd0, 0x53, 0xf7, 0xfb, 0x09, 0x59, 0xba, 0x89, 0xfd, 0xcf, 0xb9, 0x7e, 0xb4, 0x22, 0x81, 0xfd, 0x18, 0x85, 0xa9, 0x5c, 0xf3, 0xd8, 0x4e, 0xc0, 0xb0, 0xfe, 0x2e, 0xbe, 0x55, 0x50, 0xad, 0xa9, 0x49, 0xa1, 0x52, 0x47, 0x66, 0x03, 0xdf, 0x9b, 0xd0, 0x9a, 0x48, 0xd0, 0x01, 0xc9, 0xb9, 0xdc, 0x20, 0xd0, 0x82, 0xd1, 0xe7, 0xc2, 0x73, 0x85, 0xf0, 0xcc, 0xcf, 0xfe, 0xc1 }, .ciphertext = (unsigned char []){ 0x54, 0x15, 0xca, 0x2d, 0x2c, 0xab, 0xe7, 0x75, 0xb8, 0x17, 0xb2, 0x2b, 0x8f, 0xe4, 0x97, 0xde, 0x96, 0xb3, 0xc0, 0xdb, 0x73, 0xe0, 0x2e, 0xf3, 0x44, 0x62, 0x09, 0x7f, 0x90, 0xf3, 0x34, 0xa1, 0x7d, 0x72, 0x25, 0xcc, 0x44, 0x85, 0xf4, 0x86, 0xe3, 0x82, 0xb1, 0x6c, 0x12, 0x90, 0xfb, 0x77, 0x77, 0x09, 0xce, 0x7f, 0x1d, 0x23, 0x9d, 0xfd, 0x23, 0xd0, 0xa1, 0x15, 0xb1, 0xe2, 0x70, 0xd4, 0x30, 0x73, 0xd1, 0xb6, 0xbb, 0x84, 0xcf, 0x6b }, }, { .len = 80, .key = { 0xb5, 0xcd, 0x0e, 0x1f, 0x1f, 0x86, 0x45, 0x8f, 0x34, 0x2f, 0x26, 0x83, 0xcd, 0x3b, 0xbf, 0xb9, 0x10, 0x85, 0xe3, 0x8f, 0x67, 0xc2, 0xb9, 0xa1 }, .plaintext = (unsigned char []){ 0x94, 0x4c, 0xb9, 0x7a, 0x22, 0x68, 0x39, 0x36, 0x6d, 0xfe, 0xaf, 0x46, 0x80, 0xb4, 0xad, 0xad, 0x05, 0x37, 0x2c, 0x6f, 0x9c, 0xa4, 0x60, 0xf6, 0x87, 0xa9, 0x4c, 0xf2, 0x86, 0x48, 0x32, 0xff, 0x5d, 0x57, 0x2e, 0xf1, 0xcf, 0x16, 0x41, 0xa7, 0xe0, 0x08, 0x2d, 0x6f, 0x48, 0x28, 0x5a, 0xf7, 0xe4, 0x1f, 0x1c, 0x6b, 0x10, 0x0e, 0x67, 0xe1, 0x37, 0x93, 0x66, 0x0c, 0x34, 0x38, 0x8f, 0xbe, 0xf0, 0x43, 0xf0, 0xbb, 0x87, 0xd7, 0xaa, 0x8a, 0xb2, 0xcc, 0x98, 0x77, 0x90, 0xc1, 0x51, 0xcb }, .ciphertext = (unsigned char []){ 0xbd, 0x79, 0x1a, 0xa9, 0xd3, 0x42, 0xdc, 0x4b, 0x7d, 0xda, 0x97, 0xcf, 0x0a, 0x1f, 0x41, 0xab, 0x30, 0xc3, 0x52, 0xbe, 0x5c, 0x4f, 0xc1, 0x7b, 0x47, 0x67, 0x30, 0x4a, 0xca, 0x4f, 0x64, 0x2b, 0xf3, 0xae, 0xf7, 0x9d, 0x58, 0x92, 0x51, 0xbe, 0xab, 0xb5, 0xd4, 0xb3, 0x8f, 0xff, 0x57, 0x4a, 0xaa, 0x4b, 0xd6, 0xde, 0xfc, 0x6e, 0x67, 0x7c, 0x6f, 0x75, 0x70, 0x43, 0xaf, 0x2f, 0x18, 0x11, 0x3b, 0xec, 0xfb, 0x5c, 0xbd, 0x83, 0x22, 0x5d, 0x97, 0x9a, 0x32, 0x74, 0xbe, 0x21, 0xe3, 0xc8 }, }, }; const struct des3_cbc_tv DES3_CBC_TV[] = { { .len = 72, .key = { 0x2a, 0xe6, 0xae, 0x5d, 0x75, 0x34, 0x8f, 0x9d, 0x34, 0xc4, 0xfd, 0x45, 0x85, 0xb6, 0xba, 0x8c, 0x9d, 0xef, 0x6e, 0xbf, 0xc7, 0x7f, 0xe0, 0x46 }, .iv = { 0xa5, 0x2b, 0x66, 0xc3, 0x34, 0x38, 0x59, 0xe0 }, .plaintext = (unsigned char []){ 0x24, 0x19, 0x26, 0x42, 0xf7, 0xc7, 0x0e, 0x7d, 0x75, 0x69, 0xde, 0x8b, 0x86, 0x20, 0x4a, 0x10, 0xa0, 0x76, 0xe3, 0xf3, 0x79, 0xbc, 0x7f, 0x8a, 0x52, 0x25, 0xec, 0x4d, 0x76, 0xc0, 0x8a, 0xca, 0x40, 0xcd, 0xe8, 0x86, 0xf5, 0xd9, 0x9b, 0xc0, 0xb6, 0x65, 0xa1, 0x79, 0x56, 0x37, 0x22, 0x19, 0xcd, 0x52, 0xcb, 0x73, 0xec, 0x48, 0x62, 0xdf, 0x24, 0x2f, 0xb7, 0x65, 0xb1, 0x85, 0x3b, 0xc6, 0x25, 0x82, 0x41, 0xe4, 0x1a, 0x1a, 0xd7, 0x15 }, .ciphertext = (unsigned char []){ 0x95, 0x0e, 0x26, 0xc3, 0xf2, 0x46, 0xd7, 0xed, 0xff, 0xbd, 0xd3, 0x0e, 0x9a, 0x2c, 0x08, 0x2b, 0x48, 0x53, 0x3f, 0xbf, 0x26, 0x29, 0xa9, 0x00, 0x23, 0x35, 0xbb, 0x63, 0x6d, 0x3c, 0x3c, 0x62, 0x29, 0x1c, 0x9d, 0x7d, 0x67, 0xf8, 0x88, 0x7f, 0x55, 0x95, 0xbb, 0x02, 0xb2, 0x04, 0x17, 0x35, 0x86, 0x82, 0xf4, 0xdd, 0x11, 0x9c, 0xb8, 0x9a, 0x01, 0x97, 0xa8, 0x6c, 0xe8, 0x0e, 0xfe, 0x75, 0xec, 0xdd, 0x3b, 0x01, 0xc1, 0x3e, 0xbe, 0xc3 }, }, { .len = 80, .key = { 0xb6, 0x04, 0xec, 0x25, 0x5e, 0x04, 0x54, 0x0b, 0x23, 0x0b, 0x4a, 0xce, 0xf1, 0x38, 0x40, 0xc1, 0xe9, 0x58, 0xb9, 0xf2, 0xe9, 0x13, 0x9d, 0x57 }, .iv = { 0x58, 0x6c, 0x47, 0x1f, 0x4e, 0xcd, 0xa1, 0xde }, .plaintext = (unsigned char []){ 0x90, 0x0c, 0x63, 0xa0, 0x8f, 0xd1, 0x42, 0xa9, 0xc1, 0x62, 0x63, 0x93, 0x91, 0xe0, 0xe2, 0xb6, 0x46, 0x97, 0xb7, 0xa5, 0x16, 0xd6, 0x9c, 0xd7, 0x77, 0x96, 0xd4, 0x90, 0x14, 0x87, 0x73, 0xfc, 0x98, 0x4f, 0x21, 0xa0, 0xc2, 0x86, 0xd7, 0x3d, 0x86, 0xd8, 0xfd, 0x80, 0x11, 0xaf, 0x8f, 0x81, 0x74, 0xe0, 0x3e, 0xad, 0x4c, 0xaf, 0xb9, 0x64, 0x12, 0x46, 0x61, 0x5a, 0xad, 0x9b, 0xa8, 0xb0, 0x2f, 0xde, 0x3e, 0xdf, 0xf3, 0x55, 0x26, 0xd3, 0xba, 0x21, 0x46, 0x5d, 0x2c, 0x99, 0xf8, 0x7c }, .ciphertext = (unsigned char []){ 0xf7, 0xc0, 0x8a, 0x2c, 0xf5, 0x80, 0x5b, 0xc1, 0x5c, 0x15, 0x7c, 0xff, 0xfe, 0x5b, 0x67, 0x49, 0x42, 0x6c, 0xde, 0x28, 0x19, 0xc3, 0x7e, 0x93, 0x34, 0xa2, 0x97, 0x6e, 0x75, 0xb0, 0x3b, 0x50, 0xa3, 0xe7, 0x95, 0x89, 0x61, 0xad, 0x7c, 0x64, 0x61, 0x41, 0x48, 0xa9, 0xd5, 0x59, 0xe5, 0x66, 0x26, 0x0a, 0x26, 0xef, 0xe9, 0xe7, 0x5b, 0x24, 0x0f, 0x6d, 0x25, 0xf2, 0x5b, 0x9f, 0x89, 0x1d, 0x1a, 0xed, 0x44, 0x3c, 0x0e, 0x5a, 0x5e, 0x05, 0xab, 0xde, 0x02, 0xca, 0x86, 0x09, 0x8d, 0x44 }, }, }; const struct des3_cfb_tv DES3_CFB_TV[] = { { .len = 10, .lcfb = 1, .key = { 0x29, 0x0d, 0xba, 0x49, 0xc1, 0x2a, 0xe9, 0x67, 0x6e, 0xf7, 0x19, 0xef, 0x6b, 0xec, 0xad, 0x0d, 0x04, 0x79, 0x80, 0x6e, 0x02, 0xe0, 0x70, 0x6e }, .iv = { 0x2d, 0x5f, 0x4b, 0xed, 0x09, 0x21, 0x47, 0x79 }, .plaintext = (unsigned char []){ 0xe8, 0xcb, 0xdd, 0x0d, 0x7e, 0x8a, 0xc9, 0x64, 0xae, 0x2d }, .ciphertext = (unsigned char []){ 0xec, 0xb1, 0x2f, 0xfe, 0xa8, 0x97, 0x76, 0x87, 0x37, 0xaf }, }, { .len = 80, .lcfb = 8, .key = { 0x26, 0xfe, 0x46, 0xf7, 0x75, 0xc2, 0x34, 0xb5, 0x29, 0x9e, 0xa1, 0xda, 0x16, 0x8c, 0xe6, 0x0d, 0xa1, 0xe5, 0x51, 0x57, 0x98, 0x46, 0x8f, 0xb9 }, .iv = { 0x62, 0x6c, 0x2d, 0xfb, 0x4e, 0x4e, 0xd3, 0x66 }, .plaintext = (unsigned char []){ 0x0d, 0xc2, 0xc7, 0x5e, 0x4d, 0xdf, 0x8b, 0xbc, 0x36, 0x13, 0xfa, 0x64, 0x42, 0xd3, 0x9c, 0x2f, 0xa0, 0x31, 0x56, 0x1a, 0x5e, 0x98, 0xec, 0xbf, 0x36, 0x33, 0xc4, 0xa9, 0x4e, 0x96, 0xb9, 0x6e, 0x84, 0xfd, 0x42, 0x07, 0xe3, 0x84, 0x79, 0x8b, 0x1f, 0x95, 0x3d, 0xc2, 0x63, 0xc5, 0x1f, 0x86, 0xe6, 0x61, 0x96, 0xd5, 0x81, 0x7c, 0x3f, 0x04, 0xb8, 0x31, 0x92, 0xe2, 0x62, 0xe1, 0x6e, 0x5b, 0xe9, 0x14, 0x3b, 0x81, 0x87, 0x5b, 0x9d, 0x37, 0xcc, 0xe9, 0xbf, 0xb0, 0xee, 0xe0, 0x26, 0xfc }, .ciphertext = (unsigned char []){ 0x04, 0xbf, 0x26, 0x5b, 0xf3, 0x32, 0x51, 0x90, 0x6f, 0xb3, 0x31, 0x05, 0x10, 0x09, 0xc4, 0xcc, 0x76, 0xe3, 0x4d, 0x30, 0x8e, 0x0e, 0xb2, 0x8e, 0x12, 0xeb, 0x22, 0x67, 0x4f, 0x21, 0xfa, 0xb2, 0x2b, 0x8f, 0xea, 0x77, 0x66, 0x85, 0x54, 0x99, 0x20, 0x33, 0xf4, 0xf4, 0x9c, 0x61, 0xc6, 0xa7, 0x43, 0x61, 0x24, 0xb3, 0xec, 0x42, 0x2f, 0xc6, 0x5a, 0x47, 0x71, 0x51, 0x06, 0x97, 0xc1, 0xe0, 0x1f, 0x36, 0x66, 0xab, 0xd0, 0x34, 0x7f, 0x68, 0xc1, 0x25, 0xa2, 0x64, 0xe0, 0xd1, 0xc3, 0xd2 }, }, }; const struct des3_ofb_tv DES3_OFB_TV[] = { { .len = 72, .key = { 0xfe, 0x80, 0xea, 0x91, 0xe5, 0x45, 0x7f, 0x75, 0x7f, 0x34, 0x2f, 0xdf, 0x1f, 0xd9, 0xf1, 0xbc, 0x32, 0x29, 0x8a, 0xc8, 0x58, 0x7c, 0x80, 0x54 }, .iv = { 0x07, 0xa1, 0xf8, 0xf1, 0xbb, 0x2e, 0x90, 0xaa }, .plaintext = (unsigned char []){ 0x83, 0x14, 0x3e, 0x9e, 0xc9, 0x91, 0x34, 0xc8, 0x5f, 0xae, 0x01, 0x3b, 0x69, 0x51, 0x47, 0x0c, 0xae, 0x79, 0xad, 0x7c, 0x8b, 0xbd, 0xef, 0xad, 0xc8, 0x18, 0x47, 0x77, 0x57, 0xab, 0xc6, 0x3a, 0x0d, 0x14, 0x1e, 0x64, 0x0b, 0x1f, 0x9d, 0xd4, 0xb0, 0x42, 0x90, 0x4e, 0xbc, 0x7a, 0x30, 0xb7, 0xde, 0x55, 0xca, 0x08, 0x51, 0x20, 0x26, 0xb5, 0x03, 0xfb, 0x29, 0xa9, 0x64, 0xc1, 0xbf, 0x68, 0xef, 0xfd, 0x2b, 0x96, 0x98, 0x1f, 0x40, 0x83 }, .ciphertext = (unsigned char []){ 0xe5, 0x69, 0x72, 0x0a, 0xd5, 0xae, 0xab, 0x8a, 0x1a, 0xd1, 0xa6, 0xab, 0xbf, 0x06, 0xd7, 0xe2, 0xf8, 0x03, 0x2f, 0x2f, 0x55, 0x62, 0xee, 0xa0, 0x3b, 0x47, 0xb9, 0x16, 0x95, 0x42, 0xec, 0x4b, 0xc7, 0x77, 0x31, 0x14, 0xe3, 0xfc, 0x52, 0xe4, 0x20, 0x82, 0x4b, 0x92, 0x88, 0x38, 0xa4, 0x5c, 0xf0, 0xec, 0xfd, 0x2b, 0x2d, 0x73, 0xeb, 0x19, 0x85, 0x4c, 0x02, 0x30, 0x64, 0x80, 0x33, 0x74, 0x50, 0xcc, 0x59, 0x24, 0x1f, 0x02, 0x0e, 0x3e }, }, { .len = 80, .key = { 0x75, 0xcd, 0xd3, 0x07, 0x45, 0xfb, 0xbc, 0x31, 0x04, 0x83, 0x54, 0x26, 0x52, 0x9b, 0x45, 0xe5, 0xfd, 0x10, 0x2c, 0x7c, 0x8a, 0x9d, 0x1f, 0x1c }, .iv = { 0x09, 0x77, 0x3d, 0xa8, 0x62, 0xac, 0x17, 0xee }, .plaintext = (unsigned char []){ 0x57, 0xdd, 0xb8, 0x43, 0xff, 0x45, 0x18, 0x60, 0xef, 0x4a, 0xfc, 0x3e, 0x0e, 0x89, 0x97, 0x89, 0xb3, 0x7d, 0xeb, 0xc9, 0xf9, 0x53, 0x41, 0x5f, 0xb9, 0x68, 0x67, 0x6f, 0xfc, 0x52, 0x8f, 0x8c, 0x8e, 0x25, 0xba, 0x1c, 0xac, 0x21, 0x4d, 0xf4, 0xfd, 0x0c, 0xec, 0xfb, 0x19, 0x89, 0xe5, 0x99, 0x30, 0x92, 0x2f, 0xb6, 0xd0, 0xb7, 0x58, 0x83, 0xa5, 0x23, 0x46, 0x28, 0x47, 0x18, 0xf0, 0x7e, 0x71, 0x21, 0x10, 0x97, 0x74, 0xfe, 0x4e, 0x14, 0x0b, 0x19, 0x83, 0xc0, 0x36, 0xc9, 0xf3, 0x0c }, .ciphertext = (unsigned char []){ 0x59, 0x14, 0x41, 0x8e, 0x5d, 0x3b, 0x71, 0x55, 0x42, 0x18, 0x6f, 0xd2, 0xa5, 0xa8, 0xde, 0x6d, 0x59, 0x39, 0x5b, 0xa1, 0x01, 0xba, 0xb0, 0x5c, 0xde, 0x35, 0x4a, 0xa9, 0xe5, 0x9a, 0xee, 0x8c, 0x15, 0xbe, 0xa7, 0x2d, 0x07, 0xa3, 0x03, 0x39, 0xc7, 0xfa, 0x7e, 0x86, 0xe2, 0xe6, 0x3f, 0xf6, 0xc0, 0x03, 0x02, 0x9d, 0x34, 0xa7, 0x56, 0x26, 0x52, 0x68, 0x08, 0x72, 0x81, 0xde, 0xdf, 0x83, 0xd1, 0xaa, 0x89, 0x99, 0x8e, 0xb6, 0xd6, 0x9a, 0x15, 0xbf, 0x24, 0xb7, 0xe6, 0x11, 0x1b, 0x4d }, }, }; const struct sha_tv SHA1_TV[] = { { .msg_len = 512 / 8, .msg = (unsigned char []){ 0x45, 0x92, 0x7e, 0x32, 0xdd, 0xf8, 0x01, 0xca, 0xf3, 0x5e, 0x18, 0xe7, 0xb5, 0x07, 0x8b, 0x7f, 0x54, 0x35, 0x27, 0x82, 0x12, 0xec, 0x6b, 0xb9, 0x9d, 0xf8, 0x84, 0xf4, 0x9b, 0x32, 0x7c, 0x64, 0x86, 0xfe, 0xae, 0x46, 0xba, 0x18, 0x7d, 0xc1, 0xcc, 0x91, 0x45, 0x12, 0x1e, 0x14, 0x92, 0xe6, 0xb0, 0x6e, 0x90, 0x07, 0x39, 0x4d, 0xc3, 0x3b, 0x77, 0x48, 0xf8, 0x6a, 0xc3, 0x20, 0x7c, 0xfe }, .md = (unsigned char []){ 0xa7, 0x0c, 0xfb, 0xfe, 0x75, 0x63, 0xdd, 0x0e, 0x66, 0x5c, 0x7c, 0x67, 0x15, 0xa9, 0x6a, 0x8d, 0x75, 0x69, 0x50, 0xc0 } }, }; const struct sha_tv SHA224_TV[] = { { .msg_len = 512 / 8, .msg = (unsigned char []){ 0xa3, 0x31, 0x0b, 0xa0, 0x64, 0xbe, 0x2e, 0x14, 0xad, 0x32, 0x27, 0x6e, 0x18, 0xcd, 0x03, 0x10, 0xc9, 0x33, 0xa6, 0xe6, 0x50, 0xc3, 0xc7, 0x54, 0xd0, 0x24, 0x3c, 0x6c, 0x61, 0x20, 0x78, 0x65, 0xb4, 0xb6, 0x52, 0x48, 0xf6, 0x6a, 0x08, 0xed, 0xf6, 0xe0, 0x83, 0x26, 0x89, 0xa9, 0xdc, 0x3a, 0x2e, 0x5d, 0x20, 0x95, 0xee, 0xea, 0x50, 0xbd, 0x86, 0x2b, 0xac, 0x88, 0xc8, 0xbd, 0x31, 0x8d }, .md = (unsigned char []){ 0xb2, 0xa5, 0x58, 0x6d, 0x9c, 0xbf, 0x0b, 0xaa, 0x99, 0x91, 0x57, 0xb4, 0xaf, 0x06, 0xd8, 0x8a, 0xe0, 0x8d, 0x7c, 0x9f, 0xaa, 0xb4, 0xbc, 0x1a, 0x96, 0x82, 0x9d, 0x65 } }, }; const struct sha_tv SHA256_TV[] = { { .msg_len = 512 / 8, .msg = (unsigned char []){ 0x5a, 0x86, 0xb7, 0x37, 0xea, 0xea, 0x8e, 0xe9, 0x76, 0xa0, 0xa2, 0x4d, 0xa6, 0x3e, 0x7e, 0xd7, 0xee, 0xfa, 0xd1, 0x8a, 0x10, 0x1c, 0x12, 0x11, 0xe2, 0xb3, 0x65, 0x0c, 0x51, 0x87, 0xc2, 0xa8, 0xa6, 0x50, 0x54, 0x72, 0x08, 0x25, 0x1f, 0x6d, 0x42, 0x37, 0xe6, 0x61, 0xc7, 0xbf, 0x4c, 0x77, 0xf3, 0x35, 0x39, 0x03, 0x94, 0xc3, 0x7f, 0xa1, 0xa9, 0xf9, 0xbe, 0x83, 0x6a, 0xc2, 0x85, 0x09 }, .md = (unsigned char []){ 0x42, 0xe6, 0x1e, 0x17, 0x4f, 0xbb, 0x38, 0x97, 0xd6, 0xdd, 0x6c, 0xef, 0x3d, 0xd2, 0x80, 0x2f, 0xe6, 0x7b, 0x33, 0x19, 0x53, 0xb0, 0x61, 0x14, 0xa6, 0x5c, 0x77, 0x28, 0x59, 0xdf, 0xc1, 0xaa } }, }; const struct sha_tv SHA384_TV[] = { { .msg_len = 512 / 8, .msg = (unsigned char []){ 0x93, 0x03, 0x5d, 0x3a, 0x13, 0xae, 0x1b, 0x06, 0xdd, 0x03, 0x3e, 0x76, 0x4a, 0xca, 0x01, 0x24, 0x96, 0x1d, 0xa7, 0x9c, 0x36, 0x6c, 0x6c, 0x75, 0x6b, 0xc4, 0xbc, 0xc1, 0x18, 0x50, 0xa3, 0xa8, 0xd1, 0x20, 0x85, 0x4f, 0x34, 0x29, 0x0f, 0xff, 0x7c, 0x8d, 0x6d, 0x83, 0x53, 0x1d, 0xbd, 0xd1, 0xe8, 0x1c, 0xc4, 0xed, 0x42, 0x46, 0xe0, 0x0b, 0xd4, 0x11, 0x3e, 0xf4, 0x51, 0x33, 0x4d, 0xaa }, .md = (unsigned char []){ 0x8d, 0x46, 0xcc, 0x84, 0xb6, 0xc2, 0xde, 0xb2, 0x06, 0xaa, 0x5c, 0x86, 0x17, 0x98, 0x79, 0x87, 0x51, 0xa2, 0x6e, 0xe7, 0x4b, 0x1d, 0xaf, 0x3a, 0x55, 0x7c, 0x41, 0xae, 0xbd, 0x65, 0xad, 0xc0, 0x27, 0x55, 0x9f, 0x7c, 0xd9, 0x2b, 0x25, 0x5b, 0x37, 0x4c, 0x83, 0xbd, 0x55, 0x56, 0x8b, 0x45 } }, }; const struct sha_tv SHA512_TV[] = { { .msg_len = 512 / 8, .msg = (unsigned char []){ 0xc1, 0xca, 0x70, 0xae, 0x12, 0x79, 0xba, 0x0b, 0x91, 0x81, 0x57, 0x55, 0x8b, 0x49, 0x20, 0xd6, 0xb7, 0xfb, 0xa8, 0xa0, 0x6b, 0xe5, 0x15, 0x17, 0x0f, 0x20, 0x2f, 0xaf, 0xd3, 0x6f, 0xb7, 0xf7, 0x9d, 0x69, 0xfa, 0xd7, 0x45, 0xdb, 0xa6, 0x15, 0x05, 0x68, 0xdb, 0x1e, 0x2b, 0x72, 0x85, 0x04, 0x11, 0x3e, 0xea, 0xc3, 0x4f, 0x52, 0x7f, 0xc8, 0x2f, 0x22, 0x00, 0xb4, 0x62, 0xec, 0xbf, 0x5d }, .md = (unsigned char []){ 0x04, 0x6e, 0x46, 0x62, 0x39, 0x12, 0xb3, 0x93, 0x2b, 0x8d, 0x66, 0x2a, 0xb4, 0x25, 0x83, 0x42, 0x38, 0x43, 0x20, 0x63, 0x01, 0xb5, 0x8b, 0xf2, 0x0a, 0xb6, 0xd7, 0x6f, 0xd4, 0x7f, 0x1c, 0xbb, 0xcf, 0x42, 0x1d, 0xf5, 0x36, 0xec, 0xd7, 0xe5, 0x6d, 0xb5, 0x35, 0x4e, 0x7e, 0x0f, 0x98, 0x82, 0x2d, 0x21, 0x29, 0xc1, 0x97, 0xf6, 0xf0, 0xf2, 0x22, 0xb8, 0xec, 0x52, 0x31, 0xf3, 0x96, 0x7d } }, }; const struct sha_tv SHA3_224_TV[] = { { .msg_len = 3, .msg = (unsigned char []){ 0x61, 0x62, 0x63, }, .md = (unsigned char []){ 0xe6,0x42,0x82,0x4c,0x3f,0x8c,0xf2,0x4a,0xd0,0x92,0x34,0xee,0x7d,0x3c,0x76,0x6f, 0xc9,0xa3,0xa5,0x16,0x8d,0x0c,0x94,0xad,0x73,0xb4,0x6f,0xdf, } }, }; const struct sha_tv SHA3_256_TV[] = { { .msg_len = 3, .msg = (unsigned char []){ 0x61, 0x62, 0x63, }, .md = (unsigned char []){ 0x3A,0x98,0x5D,0xA7,0x4F,0xE2,0x25,0xB2,0x04,0x5C,0x17,0x2D,0x6B,0xD3,0x90,0xBD, 0x85,0x5F,0x08,0x6E,0x3E,0x9D,0x52,0x5B,0x46,0xBF,0xE2,0x45,0x11,0x43,0x15,0x32, } }, }; const struct sha_tv SHA3_384_TV[] = { { .msg_len = 3, .msg = (unsigned char []){ 0x61, 0x62, 0x63, }, .md = (unsigned char []){ 0xEC,0x01,0x49,0x82,0x88,0x51,0x6F,0xC9,0x26,0x45,0x9F,0x58,0xE2,0xC6,0xAD,0x8D, 0xF9,0xB4,0x73,0xCB,0x0F,0xC0,0x8C,0x25,0x96,0xDA,0x7C,0xF0,0xE4,0x9B,0xE4,0xB2, 0x98,0xD8,0x8C,0xEA,0x92,0x7A,0xC7,0xF5,0x39,0xF1,0xED,0xF2,0x28,0x37,0x6D,0x25, } }, }; const struct sha_tv SHA3_512_TV[] = { { .msg_len = 3, .msg = (unsigned char []){ 0x61, 0x62, 0x63, }, .md = (unsigned char []){ 0xB7,0x51,0x85,0x0B,0x1A,0x57,0x16,0x8A,0x56,0x93,0xCD,0x92,0x4B,0x6B,0x09,0x6E, 0x08,0xF6,0x21,0x82,0x74,0x44,0xF7,0x0D,0x88,0x4F,0x5D,0x02,0x40,0xD2,0x71,0x2E, 0x10,0xE1,0x16,0xE9,0x19,0x2A,0xF3,0xC9,0x1A,0x7E,0xC5,0x76,0x47,0xE3,0x93,0x40, 0x57,0x34,0x0B,0x4C,0xF4,0x08,0xD5,0xA5,0x65,0x92,0xF8,0x27,0x4E,0xEC,0x53,0xF0, } }, }; #endif /* ICA_FIPS */ #ifdef ICA_INTERNAL_TEST_EC const struct ecdsa_tv ECDSA_TV[] = { /* RFC 6979 */ { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA1, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x88, 0x29, 0x05, 0xF1, 0x22, 0x7F, 0xD6, 0x20, 0xFB, 0xF2, 0xAB, 0xF2, 0x12, 0x44, 0xF0, 0xBA, 0x83, 0xD0, 0xDC, 0x3A, 0x91, 0x03, 0xDB, 0xBE, 0xE4, 0x3A, 0x1F, 0xB8, 0x58, 0x10, 0x9D, 0xB4 }, .r = (const unsigned char []){ 0x61, 0x34, 0x0C, 0x88, 0xC3, 0xAA, 0xEB, 0xEB, 0x4F, 0x6D, 0x66, 0x7F, 0x67, 0x2C, 0xA9, 0x75, 0x9A, 0x6C, 0xCA, 0xA9, 0xFA, 0x88, 0x11, 0x31, 0x30, 0x39, 0xEE, 0x4A, 0x35, 0x47, 0x1D, 0x32 }, .s = (const unsigned char []){ 0x6D, 0x7F, 0x14, 0x7D, 0xAC, 0x08, 0x94, 0x41, 0xBB, 0x2E, 0x2F, 0xE8, 0xF7, 0xA3, 0xFA, 0x26, 0x4B, 0x9C, 0x47, 0x50, 0x98, 0xFD, 0xCF, 0x6E, 0x00, 0xD7, 0xC9, 0x96, 0xE1, 0xB8, 0xB7, 0xEB }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA224, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x10, 0x3F, 0x90, 0xEE, 0x9D, 0xC5, 0x2E, 0x5E, 0x7F, 0xB5, 0x13, 0x2B, 0x70, 0x33, 0xC6, 0x30, 0x66, 0xD1, 0x94, 0x32, 0x14, 0x91, 0x86, 0x20, 0x59, 0x96, 0x7C, 0x71, 0x59, 0x85, 0xD4, 0x73 }, .r = (const unsigned char []){ 0x53, 0xB2, 0xFF, 0xF5, 0xD1, 0x75, 0x2B, 0x2C, 0x68, 0x9D, 0xF2, 0x57, 0xC0, 0x4C, 0x40, 0xA5, 0x87, 0xFA, 0xBA, 0xBB, 0x3F, 0x6F, 0xC2, 0x70, 0x2F, 0x13, 0x43, 0xAF, 0x7C, 0xA9, 0xAA, 0x3F }, .s = (const unsigned char []){ 0xB9, 0xAF, 0xB6, 0x4F, 0xDC, 0x03, 0xDC, 0x1A, 0x13, 0x1C, 0x7D, 0x23, 0x86, 0xD1, 0x1E, 0x34, 0x9F, 0x07, 0x0A, 0xA4, 0x32, 0xA4, 0xAC, 0xC9, 0x18, 0xBE, 0xA9, 0x88, 0xBF, 0x75, 0xC7, 0x4C }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA256, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0xA6, 0xE3, 0xC5, 0x7D, 0xD0, 0x1A, 0xBE, 0x90, 0x08, 0x65, 0x38, 0x39, 0x83, 0x55, 0xDD, 0x4C, 0x3B, 0x17, 0xAA, 0x87, 0x33, 0x82, 0xB0, 0xF2, 0x4D, 0x61, 0x29, 0x49, 0x3D, 0x8A, 0xAD, 0x60 }, .r = (const unsigned char []){ 0xEF, 0xD4, 0x8B, 0x2A, 0xAC, 0xB6, 0xA8, 0xFD, 0x11, 0x40, 0xDD, 0x9C, 0xD4, 0x5E, 0x81, 0xD6, 0x9D, 0x2C, 0x87, 0x7B, 0x56, 0xAA, 0xF9, 0x91, 0xC3, 0x4D, 0x0E, 0xA8, 0x4E, 0xAF, 0x37, 0x16 }, .s = (const unsigned char []){ 0xF7, 0xCB, 0x1C, 0x94, 0x2D, 0x65, 0x7C, 0x41, 0xD4, 0x36, 0xC7, 0xA1, 0xB6, 0xE2, 0x9F, 0x65, 0xF3, 0xE9, 0x00, 0xDB, 0xB9, 0xAF, 0xF4, 0x06, 0x4D, 0xC4, 0xAB, 0x2F, 0x84, 0x3A, 0xCD, 0xA8 }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA384, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x09, 0xF6, 0x34, 0xB1, 0x88, 0xCE, 0xFD, 0x98, 0xE7, 0xEC, 0x88, 0xB1, 0xAA, 0x98, 0x52, 0xD7, 0x34, 0xD0, 0xBC, 0x27, 0x2F, 0x7D, 0x2A, 0x47, 0xDE, 0xCC, 0x6E, 0xBE, 0xB3, 0x75, 0xAA, 0xD4 }, .r = (const unsigned char []){ 0x0E, 0xAF, 0xEA, 0x03, 0x9B, 0x20, 0xE9, 0xB4, 0x23, 0x09, 0xFB, 0x1D, 0x89, 0xE2, 0x13, 0x05, 0x7C, 0xBF, 0x97, 0x3D, 0xC0, 0xCF, 0xC8, 0xF1, 0x29, 0xED, 0xDD, 0xC8, 0x00, 0xEF, 0x77, 0x19 }, .s = (const unsigned char []){ 0x48, 0x61, 0xF0, 0x49, 0x1E, 0x69, 0x98, 0xB9, 0x45, 0x51, 0x93, 0xE3, 0x4E, 0x7B, 0x0D, 0x28, 0x4D, 0xDD, 0x71, 0x49, 0xA7, 0x4B, 0x95, 0xB9, 0x26, 0x1F, 0x13, 0xAB, 0xDE, 0x94, 0x09, 0x54 }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA512, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x5F, 0xA8, 0x1C, 0x63, 0x10, 0x9B, 0xAD, 0xB8, 0x8C, 0x1F, 0x36, 0x7B, 0x47, 0xDA, 0x60, 0x6D, 0xA2, 0x8C, 0xAD, 0x69, 0xAA, 0x22, 0xC4, 0xFE, 0x6A, 0xD7, 0xDF, 0x73, 0xA7, 0x17, 0x3A, 0xA5 }, .r = (const unsigned char []){ 0x84, 0x96, 0xA6, 0x0B, 0x5E, 0x9B, 0x47, 0xC8, 0x25, 0x48, 0x88, 0x27, 0xE0, 0x49, 0x5B, 0x0E, 0x3F, 0xA1, 0x09, 0xEC, 0x45, 0x68, 0xFD, 0x3F, 0x8D, 0x10, 0x97, 0x67, 0x8E, 0xB9, 0x7F, 0x00 }, .s = (const unsigned char []){ 0x23, 0x62, 0xAB, 0x1A, 0xDB, 0xE2, 0xB8, 0xAD, 0xF9, 0xCB, 0x9E, 0xDA, 0xB7, 0x40, 0xEA, 0x60, 0x49, 0xC0, 0x28, 0x11, 0x4F, 0x24, 0x60, 0xF9, 0x65, 0x54, 0xF6, 0x1F, 0xAE, 0x33, 0x02, 0xFE }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA1, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x8C, 0x95, 0x20, 0x26, 0x7C, 0x55, 0xD6, 0xB9, 0x80, 0xDF, 0x74, 0x1E, 0x56, 0xB4, 0xAD, 0xEE, 0x11, 0x4D, 0x84, 0xFB, 0xFA, 0x2E, 0x62, 0x13, 0x79, 0x54, 0x16, 0x40, 0x28, 0x63, 0x2A, 0x2E }, .r = (const unsigned char []){ 0x0C, 0xBC, 0xC8, 0x6F, 0xD6, 0xAB, 0xD1, 0xD9, 0x9E, 0x70, 0x3E, 0x1E, 0xC5, 0x00, 0x69, 0xEE, 0x5C, 0x0B, 0x4B, 0xA4, 0xB9, 0xAC, 0x60, 0xE4, 0x09, 0xE8, 0xEC, 0x59, 0x10, 0xD8, 0x1A, 0x89 }, .s = (const unsigned char []){ 0x01, 0xB9, 0xD7, 0xB7, 0x3D, 0xFA, 0xA6, 0x0D, 0x56, 0x51, 0xEC, 0x45, 0x91, 0xA0, 0x13, 0x6F, 0x87, 0x65, 0x3E, 0x0F, 0xD7, 0x80, 0xC3, 0xB1, 0xBC, 0x87, 0x2F, 0xFD, 0xEA, 0xE4, 0x79, 0xB1 }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA224, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x66, 0x9F, 0x44, 0x26, 0xF2, 0x68, 0x8B, 0x8B, 0xE0, 0xDB, 0x3A, 0x6B, 0xD1, 0x98, 0x9B, 0xDA, 0xEF, 0xFF, 0x84, 0xB6, 0x49, 0xEE, 0xB8, 0x4F, 0x3D, 0xD2, 0x60, 0x80, 0xF6, 0x67, 0xFA, 0xA7 }, .r = (const unsigned char []){ 0xC3, 0x7E, 0xDB, 0x6F, 0x0A, 0xE7, 0x9D, 0x47, 0xC3, 0xC2, 0x7E, 0x96, 0x2F, 0xA2, 0x69, 0xBB, 0x4F, 0x44, 0x17, 0x70, 0x35, 0x7E, 0x11, 0x4E, 0xE5, 0x11, 0xF6, 0x62, 0xEC, 0x34, 0xA6, 0x92 }, .s = (const unsigned char []){ 0xC8, 0x20, 0x05, 0x3A, 0x05, 0x79, 0x1E, 0x52, 0x1F, 0xCA, 0xAD, 0x60, 0x42, 0xD4, 0x0A, 0xEA, 0x1D, 0x6B, 0x1A, 0x54, 0x01, 0x38, 0x55, 0x8F, 0x47, 0xD0, 0x71, 0x98, 0x00, 0xE1, 0x8F, 0x2D }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA256, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0xD1, 0x6B, 0x6A, 0xE8, 0x27, 0xF1, 0x71, 0x75, 0xE0, 0x40, 0x87, 0x1A, 0x1C, 0x7E, 0xC3, 0x50, 0x01, 0x92, 0xC4, 0xC9, 0x26, 0x77, 0x33, 0x6E, 0xC2, 0x53, 0x7A, 0xCA, 0xEE, 0x00, 0x08, 0xE0 }, .r = (const unsigned char []){ 0xF1, 0xAB, 0xB0, 0x23, 0x51, 0x83, 0x51, 0xCD, 0x71, 0xD8, 0x81, 0x56, 0x7B, 0x1E, 0xA6, 0x63, 0xED, 0x3E, 0xFC, 0xF6, 0xC5, 0x13, 0x2B, 0x35, 0x4F, 0x28, 0xD3, 0xB0, 0xB7, 0xD3, 0x83, 0x67 }, .s = (const unsigned char []){ 0x01, 0x9F, 0x41, 0x13, 0x74, 0x2A, 0x2B, 0x14, 0xBD, 0x25, 0x92, 0x6B, 0x49, 0xC6, 0x49, 0x15, 0x5F, 0x26, 0x7E, 0x60, 0xD3, 0x81, 0x4B, 0x4C, 0x0C, 0xC8, 0x42, 0x50, 0xE4, 0x6F, 0x00, 0x83 }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA384, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x16, 0xAE, 0xFF, 0xA3, 0x57, 0x26, 0x0B, 0x04, 0xB1, 0xDD, 0x19, 0x96, 0x93, 0x96, 0x07, 0x40, 0x06, 0x6C, 0x1A, 0x8F, 0x3E, 0x8E, 0xDD, 0x79, 0x07, 0x0A, 0xA9, 0x14, 0xD3, 0x61, 0xB3, 0xB8 }, .r = (const unsigned char []){ 0x83, 0x91, 0x0E, 0x8B, 0x48, 0xBB, 0x0C, 0x74, 0x24, 0x4E, 0xBD, 0xF7, 0xF0, 0x7A, 0x1C, 0x54, 0x13, 0xD6, 0x14, 0x72, 0xBD, 0x94, 0x1E, 0xF3, 0x92, 0x0E, 0x62, 0x3F, 0xBC, 0xCE, 0xBE, 0xB6 }, .s = (const unsigned char []){ 0x8D, 0xDB, 0xEC, 0x54, 0xCF, 0x8C, 0xD5, 0x87, 0x48, 0x83, 0x84, 0x1D, 0x71, 0x21, 0x42, 0xA5, 0x6A, 0x8D, 0x0F, 0x21, 0x8F, 0x50, 0x03, 0xCB, 0x02, 0x96, 0xB6, 0xB5, 0x09, 0x61, 0x9F, 0x2C }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_X9_62_prime256v1, .D = (unsigned char []){ 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16, 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93, 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12, 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21 }, .X = (unsigned char []){ 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6 }, .Y = (unsigned char []){ 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99 }, }, .hash = SHA512, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x69, 0x15, 0xD1, 0x16, 0x32, 0xAC, 0xA3, 0xC4, 0x0D, 0x5D, 0x51, 0xC0, 0x8D, 0xAF, 0x9C, 0x55, 0x59, 0x33, 0x81, 0x95, 0x48, 0x78, 0x44, 0x80, 0xE9, 0x34, 0x99, 0x00, 0x0D, 0x9F, 0x0B, 0x7F }, .r = (const unsigned char []){ 0x46, 0x1D, 0x93, 0xF3, 0x1B, 0x65, 0x40, 0x89, 0x47, 0x88, 0xFD, 0x20, 0x6C, 0x07, 0xCF, 0xA0, 0xCC, 0x35, 0xF4, 0x6F, 0xA3, 0xC9, 0x18, 0x16, 0xFF, 0xF1, 0x04, 0x0A, 0xD1, 0x58, 0x1A, 0x04 }, .s = (const unsigned char []){ 0x39, 0xAF, 0x9F, 0x15, 0xDE, 0x0D, 0xB8, 0xD9, 0x7E, 0x72, 0x71, 0x9C, 0x74, 0x82, 0x0D, 0x30, 0x4C, 0xE5, 0x22, 0x6E, 0x32, 0xDE, 0xDA, 0xE6, 0x75, 0x19, 0xE8, 0x40, 0xD1, 0x19, 0x4E, 0x55 }, .siglen = 32, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA1, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x44, 0x71, 0xEF, 0x75, 0x18, 0xBB, 0x2C, 0x7C, 0x20, 0xF6, 0x2E, 0xAE, 0x1C, 0x38, 0x7A, 0xD0, 0xC5, 0xE8, 0xE4, 0x70, 0x99, 0x5D, 0xB4, 0xAC, 0xF6, 0x94, 0x46, 0x6E, 0x6A, 0xB0, 0x96, 0x63, 0x0F, 0x29, 0xE5, 0x93, 0x8D, 0x25, 0x10, 0x6C, 0x3C, 0x34, 0x00, 0x45, 0xA2, 0xDB, 0x01, 0xA7 }, .r = (const unsigned char []){ 0xEC, 0x74, 0x8D, 0x83, 0x92, 0x43, 0xD6, 0xFB, 0xEF, 0x4F, 0xC5, 0xC4, 0x85, 0x9A, 0x7D, 0xFF, 0xD7, 0xF3, 0xAB, 0xDD, 0xF7, 0x20, 0x14, 0x54, 0x0C, 0x16, 0xD7, 0x33, 0x09, 0x83, 0x4F, 0xA3, 0x7B, 0x9B, 0xA0, 0x02, 0x89, 0x9F, 0x6F, 0xDA, 0x3A, 0x4A, 0x93, 0x86, 0x79, 0x0D, 0x4E, 0xB2 }, .s = (const unsigned char []){ 0xA3, 0xBC, 0xFA, 0x94, 0x7B, 0xEE, 0xF4, 0x73, 0x2B, 0xF2, 0x47, 0xAC, 0x17, 0xF7, 0x16, 0x76, 0xCB, 0x31, 0xA8, 0x47, 0xB9, 0xFF, 0x0C, 0xBC, 0x9C, 0x9E, 0xD4, 0xC1, 0xA5, 0xB3, 0xFA, 0xCF, 0x26, 0xF4, 0x9C, 0xA0, 0x31, 0xD4, 0x85, 0x75, 0x70, 0xCC, 0xB5, 0xCA, 0x44, 0x24, 0xA4, 0x43 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA224, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0xA4, 0xE4, 0xD2, 0xF0, 0xE7, 0x29, 0xEB, 0x78, 0x6B, 0x31, 0xFC, 0x20, 0xAD, 0x5D, 0x84, 0x9E, 0x30, 0x44, 0x50, 0xE0, 0xAE, 0x8E, 0x3E, 0x34, 0x11, 0x34, 0xA5, 0xC1, 0xAF, 0xA0, 0x3C, 0xAB, 0x80, 0x83, 0xEE, 0x4E, 0x3C, 0x45, 0xB0, 0x6A, 0x58, 0x99, 0xEA, 0x56, 0xC5, 0x1B, 0x58, 0x79 }, .r = (const unsigned char []){ 0x42, 0x35, 0x6E, 0x76, 0xB5, 0x5A, 0x6D, 0x9B, 0x46, 0x31, 0xC8, 0x65, 0x44, 0x5D, 0xBE, 0x54, 0xE0, 0x56, 0xD3, 0xB3, 0x43, 0x17, 0x66, 0xD0, 0x50, 0x92, 0x44, 0x79, 0x3C, 0x3F, 0x93, 0x66, 0x45, 0x0F, 0x76, 0xEE, 0x3D, 0xE4, 0x3F, 0x5A, 0x12, 0x53, 0x33, 0xA6, 0xBE, 0x06, 0x01, 0x22 }, .s = (const unsigned char []){ 0x9D, 0xA0, 0xC8, 0x17, 0x87, 0x06, 0x40, 0x21, 0xE7, 0x8D, 0xF6, 0x58, 0xF2, 0xFB, 0xB0, 0xB0, 0x42, 0xBF, 0x30, 0x46, 0x65, 0xDB, 0x72, 0x1F, 0x07, 0x7A, 0x42, 0x98, 0xB0, 0x95, 0xE4, 0x83, 0x4C, 0x08, 0x2C, 0x03, 0xD8, 0x30, 0x28, 0xEF, 0xBF, 0x93, 0xA3, 0xC2, 0x39, 0x40, 0xCA, 0x8D }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA256, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x18, 0x0A, 0xE9, 0xF9, 0xAE, 0xC5, 0x43, 0x8A, 0x44, 0xBC, 0x15, 0x9A, 0x1F, 0xCB, 0x27, 0x7C, 0x7B, 0xE5, 0x4F, 0xA2, 0x0E, 0x7C, 0xF4, 0x04, 0xB4, 0x90, 0x65, 0x0A, 0x8A, 0xCC, 0x41, 0x4E, 0x37, 0x55, 0x72, 0x34, 0x28, 0x63, 0xC8, 0x99, 0xF9, 0xF2, 0xED, 0xF9, 0x74, 0x7A, 0x9B, 0x60 }, .r = (const unsigned char []){ 0x21, 0xB1, 0x3D, 0x1E, 0x01, 0x3C, 0x7F, 0xA1, 0x39, 0x2D, 0x03, 0xC5, 0xF9, 0x9A, 0xF8, 0xB3, 0x0C, 0x57, 0x0C, 0x6F, 0x98, 0xD4, 0xEA, 0x8E, 0x35, 0x4B, 0x63, 0xA2, 0x1D, 0x3D, 0xAA, 0x33, 0xBD, 0xE1, 0xE8, 0x88, 0xE6, 0x33, 0x55, 0xD9, 0x2F, 0xA2, 0xB3, 0xC3, 0x6D, 0x8F, 0xB2, 0xCD }, .s = (const unsigned char []){ 0xF3, 0xAA, 0x44, 0x3F, 0xB1, 0x07, 0x74, 0x5B, 0xF4, 0xBD, 0x77, 0xCB, 0x38, 0x91, 0x67, 0x46, 0x32, 0x06, 0x8A, 0x10, 0xCA, 0x67, 0xE3, 0xD4, 0x5D, 0xB2, 0x26, 0x6F, 0xA7, 0xD1, 0xFE, 0xEB, 0xEF, 0xDC, 0x63, 0xEC, 0xCD, 0x1A, 0xC4, 0x2E, 0xC0, 0xCB, 0x86, 0x68, 0xA4, 0xFA, 0x0A, 0xB0 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA384, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x94, 0xED, 0x91, 0x0D, 0x1A, 0x09, 0x9D, 0xAD, 0x32, 0x54, 0xE9, 0x24, 0x2A, 0xE8, 0x5A, 0xBD, 0xE4, 0xBA, 0x15, 0x16, 0x8E, 0xAF, 0x0C, 0xA8, 0x7A, 0x55, 0x5F, 0xD5, 0x6D, 0x10, 0xFB, 0xCA, 0x29, 0x07, 0xE3, 0xE8, 0x3B, 0xA9, 0x53, 0x68, 0x62, 0x3B, 0x8C, 0x46, 0x86, 0x91, 0x5C, 0xF9 }, .r = (const unsigned char []){ 0x94, 0xED, 0xBB, 0x92, 0xA5, 0xEC, 0xB8, 0xAA, 0xD4, 0x73, 0x6E, 0x56, 0xC6, 0x91, 0x91, 0x6B, 0x3F, 0x88, 0x14, 0x06, 0x66, 0xCE, 0x9F, 0xA7, 0x3D, 0x64, 0xC4, 0xEA, 0x95, 0xAD, 0x13, 0x3C, 0x81, 0xA6, 0x48, 0x15, 0x2E, 0x44, 0xAC, 0xF9, 0x6E, 0x36, 0xDD, 0x1E, 0x80, 0xFA, 0xBE, 0x46 }, .s = (const unsigned char []){ 0x99, 0xEF, 0x4A, 0xEB, 0x15, 0xF1, 0x78, 0xCE, 0xA1, 0xFE, 0x40, 0xDB, 0x26, 0x03, 0x13, 0x8F, 0x13, 0x0E, 0x74, 0x0A, 0x19, 0x62, 0x45, 0x26, 0x20, 0x3B, 0x63, 0x51, 0xD0, 0xA3, 0xA9, 0x4F, 0xA3, 0x29, 0xC1, 0x45, 0x78, 0x6E, 0x67, 0x9E, 0x7B, 0x82, 0xC7, 0x1A, 0x38, 0x62, 0x8A, 0xC8 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA512, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x92, 0xFC, 0x3C, 0x71, 0x83, 0xA8, 0x83, 0xE2, 0x42, 0x16, 0xD1, 0x14, 0x1F, 0x1A, 0x89, 0x76, 0xC5, 0xB0, 0xDD, 0x79, 0x7D, 0xFA, 0x59, 0x7E, 0x3D, 0x7B, 0x32, 0x19, 0x8B, 0xD3, 0x53, 0x31, 0xA4, 0xE9, 0x66, 0x53, 0x25, 0x93, 0xA5, 0x29, 0x80, 0xD0, 0xE3, 0xAA, 0xA5, 0xE1, 0x0E, 0xC3 }, .r = (const unsigned char []){ 0xED, 0x09, 0x59, 0xD5, 0x88, 0x0A, 0xB2, 0xD8, 0x69, 0xAE, 0x7F, 0x6C, 0x29, 0x15, 0xC6, 0xD6, 0x0F, 0x96, 0x50, 0x7F, 0x9C, 0xB3, 0xE0, 0x47, 0xC0, 0x04, 0x68, 0x61, 0xDA, 0x4A, 0x79, 0x9C, 0xFE, 0x30, 0xF3, 0x5C, 0xC9, 0x00, 0x05, 0x6D, 0x7C, 0x99, 0xCD, 0x78, 0x82, 0x43, 0x37, 0x09 }, .s = (const unsigned char []){ 0x51, 0x2C, 0x8C, 0xCE, 0xEE, 0x38, 0x90, 0xA8, 0x40, 0x58, 0xCE, 0x1E, 0x22, 0xDB, 0xC2, 0x19, 0x8F, 0x42, 0x32, 0x3C, 0xE8, 0xAC, 0xA9, 0x13, 0x53, 0x29, 0xF0, 0x3C, 0x06, 0x8E, 0x51, 0x12, 0xDC, 0x7C, 0xC3, 0xEF, 0x34, 0x46, 0xDE, 0xFC, 0xEB, 0x01, 0xA4, 0x5C, 0x26, 0x67, 0xFD, 0xD5 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA1, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x66, 0xCC, 0x2C, 0x8F, 0x4D, 0x30, 0x3F, 0xC9, 0x62, 0xE5, 0xFF, 0x6A, 0x27, 0xBD, 0x79, 0xF8, 0x4E, 0xC8, 0x12, 0xDD, 0xAE, 0x58, 0xCF, 0x52, 0x43, 0xB6, 0x4A, 0x4A, 0xD8, 0x09, 0x4D, 0x47, 0xEC, 0x37, 0x27, 0xF3, 0xA3, 0xC1, 0x86, 0xC1, 0x50, 0x54, 0x49, 0x2E, 0x30, 0x69, 0x84, 0x97 }, .r = (const unsigned char []){ 0x4B, 0xC3, 0x5D, 0x3A, 0x50, 0xEF, 0x4E, 0x30, 0x57, 0x6F, 0x58, 0xCD, 0x96, 0xCE, 0x6B, 0xF6, 0x38, 0x02, 0x5E, 0xE6, 0x24, 0x00, 0x4A, 0x1F, 0x77, 0x89, 0xA8, 0xB8, 0xE4, 0x3D, 0x06, 0x78, 0xAC, 0xD9, 0xD2, 0x98, 0x76, 0xDA, 0xF4, 0x66, 0x38, 0x64, 0x5F, 0x7F, 0x40, 0x4B, 0x11, 0xC7 }, .s = (const unsigned char []){ 0xD5, 0xA6, 0x32, 0x6C, 0x49, 0x4E, 0xD3, 0xFF, 0x61, 0x47, 0x03, 0x87, 0x89, 0x61, 0xC0, 0xFD, 0xE7, 0xB2, 0xC2, 0x78, 0xF9, 0xA6, 0x5F, 0xD8, 0xC4, 0xB7, 0x18, 0x62, 0x01, 0xA2, 0x99, 0x16, 0x95, 0xBA, 0x1C, 0x84, 0x54, 0x13, 0x27, 0xE9, 0x66, 0xFA, 0x7B, 0x50, 0xF7, 0x38, 0x22, 0x82 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA224, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x18, 0xFA, 0x39, 0xDB, 0x95, 0xAA, 0x5F, 0x56, 0x1F, 0x30, 0xFA, 0x35, 0x91, 0xDC, 0x59, 0xC0, 0xFA, 0x36, 0x53, 0xA8, 0x0D, 0xAF, 0xFA, 0x0B, 0x48, 0xD1, 0xA4, 0xC6, 0xDF, 0xCB, 0xFF, 0x6E, 0x3D, 0x33, 0xBE, 0x4D, 0xC5, 0xEB, 0x88, 0x86, 0xA8, 0xEC, 0xD0, 0x93, 0xF2, 0x93, 0x57, 0x26 }, .r = (const unsigned char []){ 0xE8, 0xC9, 0xD0, 0xB6, 0xEA, 0x72, 0xA0, 0xE7, 0x83, 0x7F, 0xEA, 0x1D, 0x14, 0xA1, 0xA9, 0x55, 0x7F, 0x29, 0xFA, 0xA4, 0x5D, 0x3E, 0x7E, 0xE8, 0x88, 0xFC, 0x5B, 0xF9, 0x54, 0xB5, 0xE6, 0x24, 0x64, 0xA9, 0xA8, 0x17, 0xC4, 0x7F, 0xF7, 0x8B, 0x8C, 0x11, 0x06, 0x6B, 0x24, 0x08, 0x0E, 0x72 }, .s = (const unsigned char []){ 0x07, 0x04, 0x1D, 0x4A, 0x7A, 0x03, 0x79, 0xAC, 0x72, 0x32, 0xFF, 0x72, 0xE6, 0xF7, 0x7B, 0x6D, 0xDB, 0x8F, 0x09, 0xB1, 0x6C, 0xCE, 0x0E, 0xC3, 0x28, 0x6B, 0x2B, 0xD4, 0x3F, 0xA8, 0xC6, 0x14, 0x1C, 0x53, 0xEA, 0x5A, 0xBE, 0xF0, 0xD8, 0x23, 0x10, 0x77, 0xA0, 0x45, 0x40, 0xA9, 0x6B, 0x66 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA256, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x0C, 0xFA, 0xC3, 0x75, 0x87, 0x53, 0x23, 0x47, 0xDC, 0x33, 0x89, 0xFD, 0xC9, 0x82, 0x86, 0xBB, 0xA8, 0xC7, 0x38, 0x07, 0x28, 0x5B, 0x18, 0x4C, 0x83, 0xE6, 0x2E, 0x26, 0xC4, 0x01, 0xC0, 0xFA, 0xA4, 0x8D, 0xD0, 0x70, 0xBA, 0x79, 0x92, 0x1A, 0x34, 0x57, 0xAB, 0xFF, 0x2D, 0x63, 0x0A, 0xD7 }, .r = (const unsigned char []){ 0x6D, 0x6D, 0xEF, 0xAC, 0x9A, 0xB6, 0x4D, 0xAB, 0xAF, 0xE3, 0x6C, 0x6B, 0xF5, 0x10, 0x35, 0x2A, 0x4C, 0xC2, 0x70, 0x01, 0x26, 0x36, 0x38, 0xE5, 0xB1, 0x6D, 0x9B, 0xB5, 0x1D, 0x45, 0x15, 0x59, 0xF9, 0x18, 0xEE, 0xDA, 0xF2, 0x29, 0x3B, 0xE5, 0xB4, 0x75, 0xCC, 0x8F, 0x01, 0x88, 0x63, 0x6B }, .s = (const unsigned char []){ 0x2D, 0x46, 0xF3, 0xBE, 0xCB, 0xCC, 0x52, 0x3D, 0x5F, 0x1A, 0x12, 0x56, 0xBF, 0x0C, 0x9B, 0x02, 0x4D, 0x87, 0x9B, 0xA9, 0xE8, 0x38, 0x14, 0x4C, 0x8B, 0xA6, 0xBA, 0xEB, 0x4B, 0x53, 0xB4, 0x7D, 0x51, 0xAB, 0x37, 0x3F, 0x98, 0x45, 0xC0, 0x51, 0x4E, 0xEF, 0xB1, 0x40, 0x24, 0x78, 0x72, 0x65 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA384, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x01, 0x5E, 0xE4, 0x6A, 0x5B, 0xF8, 0x87, 0x73, 0xED, 0x91, 0x23, 0xA5, 0xAB, 0x08, 0x07, 0x96, 0x2D, 0x19, 0x37, 0x19, 0x50, 0x3C, 0x52, 0x7B, 0x03, 0x1B, 0x4C, 0x2D, 0x22, 0x50, 0x92, 0xAD, 0xA7, 0x1F, 0x4A, 0x45, 0x9B, 0xC0, 0xDA, 0x98, 0xAD, 0xB9, 0x58, 0x37, 0xDB, 0x83, 0x12, 0xEA }, .r = (const unsigned char []){ 0x82, 0x03, 0xB6, 0x3D, 0x3C, 0x85, 0x3E, 0x8D, 0x77, 0x22, 0x7F, 0xB3, 0x77, 0xBC, 0xF7, 0xB7, 0xB7, 0x72, 0xE9, 0x78, 0x92, 0xA8, 0x0F, 0x36, 0xAB, 0x77, 0x5D, 0x50, 0x9D, 0x7A, 0x5F, 0xEB, 0x05, 0x42, 0xA7, 0xF0, 0x81, 0x29, 0x98, 0xDA, 0x8F, 0x1D, 0xD3, 0xCA, 0x3C, 0xF0, 0x23, 0xDB }, .s = (const unsigned char []){ 0xDD, 0xD0, 0x76, 0x04, 0x48, 0xD4, 0x2D, 0x8A, 0x43, 0xAF, 0x45, 0xAF, 0x83, 0x6F, 0xCE, 0x4D, 0xE8, 0xBE, 0x06, 0xB4, 0x85, 0xE9, 0xB6, 0x1B, 0x82, 0x7C, 0x2F, 0x13, 0x17, 0x39, 0x23, 0xE0, 0x6A, 0x73, 0x9F, 0x04, 0x06, 0x49, 0xA6, 0x67, 0xBF, 0x3B, 0x82, 0x82, 0x46, 0xBA, 0xA5, 0xA5 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp384r1, .D = (unsigned char []){ 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C, 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D, 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA, 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8, 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25, 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5 }, .X = (unsigned char []){ 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19, 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F, 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0, 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C, 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86, 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC, 0x13 }, .Y = (unsigned char []){ 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57, 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21, 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF, 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D, 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4, 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47, 0x20 }, }, .hash = SHA512, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x37, 0x80, 0xC4, 0xF6, 0x7C, 0xB1, 0x55, 0x18, 0xB6, 0xAC, 0xAE, 0x34, 0xC9, 0xF8, 0x35, 0x68, 0xD2, 0xE1, 0x2E, 0x47, 0xDE, 0xAB, 0x6C, 0x50, 0xA4, 0xE4, 0xEE, 0x53, 0x19, 0xD1, 0xE8, 0xCE, 0x0E, 0x2C, 0xC8, 0xA1, 0x36, 0x03, 0x6D, 0xC4, 0xB9, 0xC0, 0x0E, 0x68, 0x88, 0xF6, 0x6B, 0x6C }, .r = (const unsigned char []){ 0xA0, 0xD5, 0xD0, 0x90, 0xC9, 0x98, 0x0F, 0xAF, 0x3C, 0x2C, 0xE5, 0x7B, 0x7A, 0xE9, 0x51, 0xD3, 0x19, 0x77, 0xDD, 0x11, 0xC7, 0x75, 0xD3, 0x14, 0xAF, 0x55, 0xF7, 0x6C, 0x67, 0x64, 0x47, 0xD0, 0x6F, 0xB6, 0x49, 0x5C, 0xD2, 0x1B, 0x4B, 0x6E, 0x34, 0x0F, 0xC2, 0x36, 0x58, 0x4F, 0xB2, 0x77 }, .s = (const unsigned char []){ 0x97, 0x69, 0x84, 0xE5, 0x9B, 0x4C, 0x77, 0xB0, 0xE8, 0xE4, 0x46, 0x0D, 0xCA, 0x3D, 0x9F, 0x20, 0xE0, 0x7B, 0x9B, 0xB1, 0xF6, 0x3B, 0xEE, 0xFA, 0xF5, 0x76, 0xF6, 0xB2, 0xE8, 0xB2, 0x24, 0x63, 0x4A, 0x20, 0x92, 0xCD, 0x37, 0x92, 0xE0, 0x15, 0x9A, 0xD9, 0xCE, 0xE3, 0x76, 0x59, 0xC7, 0x36 }, .siglen = 48, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA1, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x00, 0x89, 0xC0, 0x71, 0xB4, 0x19, 0xE1, 0xC2, 0x82, 0x09, 0x62, 0x32, 0x17, 0x87, 0x25, 0x84, 0x69, 0x51, 0x19, 0x58, 0xE8, 0x05, 0x82, 0xE9, 0x5D, 0x83, 0x78, 0xE0, 0xC2, 0xCC, 0xDB, 0x3C, 0xB4, 0x2B, 0xED, 0xE4, 0x2F, 0x50, 0xE3, 0xFA, 0x3C, 0x71, 0xF5, 0xA7, 0x67, 0x24, 0x28, 0x1D, 0x31, 0xD9, 0xC8, 0x9F, 0x0F, 0x91, 0xFC, 0x1B, 0xE4, 0x91, 0x8D, 0xB1, 0xC0, 0x3A, 0x58, 0x38, 0xD0, 0xF9 }, .r = (const unsigned char []){ 0x00, 0x34, 0x3B, 0x6E, 0xC4, 0x57, 0x28, 0x97, 0x5E, 0xA5, 0xCB, 0xA6, 0x65, 0x9B, 0xBB, 0x60, 0x62, 0xA5, 0xFF, 0x89, 0xEE, 0xA5, 0x8B, 0xE3, 0xC8, 0x0B, 0x61, 0x9F, 0x32, 0x2C, 0x87, 0x91, 0x0F, 0xE0, 0x92, 0xF7, 0xD4, 0x5B, 0xB0, 0xF8, 0xEE, 0xE0, 0x1E, 0xD3, 0xF2, 0x0B, 0xAB, 0xEC, 0x07, 0x9D, 0x20, 0x2A, 0xE6, 0x77, 0xB2, 0x43, 0xAB, 0x40, 0xB5, 0x43, 0x1D, 0x49, 0x7C, 0x55, 0xD7, 0x5D }, .s = (const unsigned char []){ 0x00, 0xE7, 0xB0, 0xE6, 0x75, 0xA9, 0xB2, 0x44, 0x13, 0xD4, 0x48, 0xB8, 0xCC, 0x11, 0x9D, 0x2B, 0xF7, 0xB2, 0xD2, 0xDF, 0x03, 0x27, 0x41, 0xC0, 0x96, 0x63, 0x4D, 0x6D, 0x65, 0xD0, 0xDB, 0xE3, 0xD5, 0x69, 0x46, 0x25, 0xFB, 0x9E, 0x81, 0x04, 0xD3, 0xB8, 0x42, 0xC1, 0xB0, 0xE2, 0xD0, 0xB9, 0x8B, 0xEA, 0x19, 0x34, 0x1E, 0x86, 0x76, 0xAE, 0xF6, 0x6A, 0xE4, 0xEB, 0xA3, 0xD5, 0x47, 0x5D, 0x5D, 0x16 }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA224, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x01, 0x21, 0x41, 0x5E, 0xC2, 0xCD, 0x77, 0x26, 0x33, 0x0A, 0x61, 0xF7, 0xF3, 0xFA, 0x5D, 0xE1, 0x4B, 0xE9, 0x43, 0x60, 0x19, 0xC4, 0xDB, 0x8C, 0xB4, 0x04, 0x1F, 0x3B, 0x54, 0xCF, 0x31, 0xBE, 0x04, 0x93, 0xEE, 0x3F, 0x42, 0x7F, 0xB9, 0x06, 0x39, 0x3D, 0x89, 0x5A, 0x19, 0xC9, 0x52, 0x3F, 0x3A, 0x1D, 0x54, 0xBB, 0x87, 0x02, 0xBD, 0x4A, 0xA9, 0xC9, 0x9D, 0xAB, 0x25, 0x97, 0xB9, 0x21, 0x13, 0xF3 }, .r = (const unsigned char []){ 0x01, 0x77, 0x63, 0x31, 0xCF, 0xCD, 0xF9, 0x27, 0xD6, 0x66, 0xE0, 0x32, 0xE0, 0x0C, 0xF7, 0x76, 0x18, 0x7B, 0xC9, 0xFD, 0xD8, 0xE6, 0x9D, 0x0D, 0xAB, 0xB4, 0x10, 0x9F, 0xFE, 0x1B, 0x5E, 0x2A, 0x30, 0x71, 0x5F, 0x4C, 0xC9, 0x23, 0xA4, 0xA5, 0xE9, 0x4D, 0x25, 0x03, 0xE9, 0xAC, 0xFE, 0xD9, 0x28, 0x57, 0xB7, 0xF3, 0x1D, 0x71, 0x52, 0xE0, 0xF8, 0xC0, 0x0C, 0x15, 0xFF, 0x3D, 0x87, 0xE2, 0xED, 0x2E }, .s = (const unsigned char []){ 0x00, 0x50, 0xCB, 0x52, 0x65, 0x41, 0x7F, 0xE2, 0x32, 0x0B, 0xBB, 0x5A, 0x12, 0x2B, 0x8E, 0x1A, 0x32, 0xBD, 0x69, 0x90, 0x89, 0x85, 0x11, 0x28, 0xE3, 0x60, 0xE6, 0x20, 0xA3, 0x0C, 0x7E, 0x17, 0xBA, 0x41, 0xA6, 0x66, 0xAF, 0x12, 0x6C, 0xE1, 0x00, 0xE5, 0x79, 0x9B, 0x15, 0x3B, 0x60, 0x52, 0x8D, 0x53, 0x00, 0xD0, 0x84, 0x89, 0xCA, 0x91, 0x78, 0xFB, 0x61, 0x0A, 0x20, 0x06, 0xC2, 0x54, 0xB4, 0x1F }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA256, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x00, 0xED, 0xF3, 0x8A, 0xFC, 0xAA, 0xEC, 0xAB, 0x43, 0x83, 0x35, 0x8B, 0x34, 0xD6, 0x7C, 0x9F, 0x22, 0x16, 0xC8, 0x38, 0x2A, 0xAE, 0xA4, 0x4A, 0x3D, 0xAD, 0x5F, 0xDC, 0x9C, 0x32, 0x57, 0x57, 0x61, 0x79, 0x3F, 0xEF, 0x24, 0xEB, 0x0F, 0xC2, 0x76, 0xDF, 0xC4, 0xF6, 0xE3, 0xEC, 0x47, 0x67, 0x52, 0xF0, 0x43, 0xCF, 0x01, 0x41, 0x53, 0x87, 0x47, 0x0B, 0xCB, 0xD8, 0x67, 0x8E, 0xD2, 0xC7, 0xE1, 0xA0 }, .r = (const unsigned char []){ 0x01, 0x51, 0x1B, 0xB4, 0xD6, 0x75, 0x11, 0x4F, 0xE2, 0x66, 0xFC, 0x43, 0x72, 0xB8, 0x76, 0x82, 0xBA, 0xEC, 0xC0, 0x1D, 0x3C, 0xC6, 0x2C, 0xF2, 0x30, 0x3C, 0x92, 0xB3, 0x52, 0x60, 0x12, 0x65, 0x9D, 0x16, 0x87, 0x6E, 0x25, 0xC7, 0xC1, 0xE5, 0x76, 0x48, 0xF2, 0x3B, 0x73, 0x56, 0x4D, 0x67, 0xF6, 0x1C, 0x6F, 0x14, 0xD5, 0x27, 0xD5, 0x49, 0x72, 0x81, 0x04, 0x21, 0xE7, 0xD8, 0x75, 0x89, 0xE1, 0xA7 }, .s = (const unsigned char []){ 0x00, 0x4A, 0x17, 0x11, 0x43, 0xA8, 0x31, 0x63, 0xD6, 0xDF, 0x46, 0x0A, 0xAF, 0x61, 0x52, 0x26, 0x95, 0xF2, 0x07, 0xA5, 0x8B, 0x95, 0xC0, 0x64, 0x4D, 0x87, 0xE5, 0x2A, 0xA1, 0xA3, 0x47, 0x91, 0x6E, 0x4F, 0x7A, 0x72, 0x93, 0x0B, 0x1B, 0xC0, 0x6D, 0xBE, 0x22, 0xCE, 0x3F, 0x58, 0x26, 0x4A, 0xFD, 0x23, 0x70, 0x4C, 0xBB, 0x63, 0xB2, 0x9B, 0x93, 0x1F, 0x7D, 0xE6, 0xC9, 0xD9, 0x49, 0xA7, 0xEC, 0xFC }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA384, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x01, 0x54, 0x6A, 0x10, 0x8B, 0xC2, 0x3A, 0x15, 0xD6, 0xF2, 0x18, 0x72, 0xF7, 0xDE, 0xD6, 0x61, 0xFA, 0x84, 0x31, 0xDD, 0xBD, 0x92, 0x2D, 0x0D, 0xCD, 0xB7, 0x7C, 0xC8, 0x78, 0xC8, 0x55, 0x3F, 0xFA, 0xD0, 0x64, 0xC9, 0x5A, 0x92, 0x0A, 0x75, 0x0A, 0xC9, 0x13, 0x7E, 0x52, 0x73, 0x90, 0xD2, 0xD9, 0x2F, 0x15, 0x3E, 0x66, 0x19, 0x69, 0x66, 0xEA, 0x55, 0x4D, 0x9A, 0xDF, 0xCB, 0x10, 0x9C, 0x42, 0x11 }, .r = (const unsigned char []){ 0x01, 0xEA, 0x84, 0x2A, 0x0E, 0x17, 0xD2, 0xDE, 0x4F, 0x92, 0xC1, 0x53, 0x15, 0xC6, 0x3D, 0xDF, 0x72, 0x68, 0x5C, 0x18, 0x19, 0x5C, 0x2B, 0xB9, 0x5E, 0x57, 0x2B, 0x9C, 0x51, 0x36, 0xCA, 0x4B, 0x4B, 0x57, 0x6A, 0xD7, 0x12, 0xA5, 0x2B, 0xE9, 0x73, 0x06, 0x27, 0xD1, 0x60, 0x54, 0xBA, 0x40, 0xCC, 0x0B, 0x8D, 0x3F, 0xF0, 0x35, 0xB1, 0x2A, 0xE7, 0x51, 0x68, 0x39, 0x7F, 0x5D, 0x50, 0xC6, 0x74, 0x51 }, .s = (const unsigned char []){ 0x01, 0xF2, 0x1A, 0x3C, 0xEE, 0x06, 0x6E, 0x19, 0x61, 0x02, 0x5F, 0xB0, 0x48, 0xBD, 0x5F, 0xE2, 0xB7, 0x92, 0x4D, 0x0C, 0xD7, 0x97, 0xBA, 0xBE, 0x0A, 0x83, 0xB6, 0x6F, 0x1E, 0x35, 0xEE, 0xAF, 0x5F, 0xDE, 0x14, 0x3F, 0xA8, 0x5D, 0xC3, 0x94, 0xA7, 0xDE, 0xE7, 0x66, 0x52, 0x33, 0x93, 0x78, 0x44, 0x84, 0xBD, 0xF3, 0xE0, 0x01, 0x14, 0xA1, 0xC8, 0x57, 0xCD, 0xE1, 0xAA, 0x20, 0x3D, 0xB6, 0x5D, 0x61 }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA512, .msg = (unsigned char *)"sample", .msglen = sizeof("sample") - 1, .k = (const unsigned char []){ 0x01, 0xDA, 0xE2, 0xEA, 0x07, 0x1F, 0x81, 0x10, 0xDC, 0x26, 0x88, 0x2D, 0x4D, 0x5E, 0xAE, 0x06, 0x21, 0xA3, 0x25, 0x6F, 0xC8, 0x84, 0x7F, 0xB9, 0x02, 0x2E, 0x2B, 0x7D, 0x28, 0xE6, 0xF1, 0x01, 0x98, 0xB1, 0x57, 0x4F, 0xDD, 0x03, 0xA9, 0x05, 0x3C, 0x08, 0xA1, 0x85, 0x4A, 0x16, 0x8A, 0xA5, 0xA5, 0x74, 0x70, 0xEC, 0x97, 0xDD, 0x5C, 0xE0, 0x90, 0x12, 0x4E, 0xF5, 0x2A, 0x2F, 0x7E, 0xCB, 0xFF, 0xD3 }, .r = (const unsigned char []){ 0x00, 0xC3, 0x28, 0xFA, 0xFC, 0xBD, 0x79, 0xDD, 0x77, 0x85, 0x03, 0x70, 0xC4, 0x63, 0x25, 0xD9, 0x87, 0xCB, 0x52, 0x55, 0x69, 0xFB, 0x63, 0xC5, 0xD3, 0xBC, 0x53, 0x95, 0x0E, 0x6D, 0x4C, 0x5F, 0x17, 0x4E, 0x25, 0xA1, 0xEE, 0x90, 0x17, 0xB5, 0xD4, 0x50, 0x60, 0x6A, 0xDD, 0x15, 0x2B, 0x53, 0x49, 0x31, 0xD7, 0xD4, 0xE8, 0x45, 0x5C, 0xC9, 0x1F, 0x9B, 0x15, 0xBF, 0x05, 0xEC, 0x36, 0xE3, 0x77, 0xFA }, .s = (const unsigned char []){ 0x00, 0x61, 0x7C, 0xCE, 0x7C, 0xF5, 0x06, 0x48, 0x06, 0xC4, 0x67, 0xF6, 0x78, 0xD3, 0xB4, 0x08, 0x0D, 0x6F, 0x1C, 0xC5, 0x0A, 0xF2, 0x6C, 0xA2, 0x09, 0x41, 0x73, 0x08, 0x28, 0x1B, 0x68, 0xAF, 0x28, 0x26, 0x23, 0xEA, 0xA6, 0x3E, 0x5B, 0x5C, 0x07, 0x23, 0xD8, 0xB8, 0xC3, 0x7F, 0xF0, 0x77, 0x7B, 0x1A, 0x20, 0xF8, 0xCC, 0xB1, 0xDC, 0xCC, 0x43, 0x99, 0x7F, 0x1E, 0xE0, 0xE4, 0x4D, 0xA4, 0xA6, 0x7A }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA1, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x00, 0xBB, 0x9F, 0x2B, 0xF4, 0xFE, 0x10, 0x38, 0xCC, 0xF4, 0xDA, 0xBD, 0x71, 0x39, 0xA5, 0x6F, 0x6F, 0xD8, 0xBB, 0x13, 0x86, 0x56, 0x1B, 0xD3, 0xC6, 0xA4, 0xFC, 0x81, 0x8B, 0x20, 0xDF, 0x5D, 0xDB, 0xA8, 0x07, 0x95, 0xA9, 0x47, 0x10, 0x7A, 0x1A, 0xB9, 0xD1, 0x2D, 0xAA, 0x61, 0x5B, 0x1A, 0xDE, 0x4F, 0x7A, 0x9D, 0xC0, 0x5E, 0x8E, 0x63, 0x11, 0x15, 0x0F, 0x47, 0xF5, 0xC5, 0x7C, 0xE8, 0xB2, 0x22 }, .r = (const unsigned char []){ 0x01, 0x3B, 0xAD, 0x9F, 0x29, 0xAB, 0xE2, 0x0D, 0xE3, 0x7E, 0xBE, 0xB8, 0x23, 0xC2, 0x52, 0xCA, 0x0F, 0x63, 0x36, 0x12, 0x84, 0x01, 0x5A, 0x3B, 0xF4, 0x30, 0xA4, 0x6A, 0xAA, 0x80, 0xB8, 0x7B, 0x06, 0x93, 0xF0, 0x69, 0x4B, 0xD8, 0x8A, 0xFE, 0x4E, 0x66, 0x1F, 0xC3, 0x3B, 0x09, 0x4C, 0xD3, 0xB7, 0x96, 0x3B, 0xED, 0x5A, 0x72, 0x7E, 0xD8, 0xBD, 0x6A, 0x3A, 0x20, 0x2A, 0xBE, 0x00, 0x9D, 0x03, 0x67 }, .s = (const unsigned char []){ 0x01, 0xE9, 0xBB, 0x81, 0xFF, 0x79, 0x44, 0xCA, 0x40, 0x9A, 0xD1, 0x38, 0xDB, 0xBE, 0xE2, 0x28, 0xE1, 0xAF, 0xCC, 0x0C, 0x89, 0x0F, 0xC7, 0x8E, 0xC8, 0x60, 0x46, 0x39, 0xCB, 0x0D, 0xBD, 0xC9, 0x0F, 0x71, 0x7A, 0x99, 0xEA, 0xD9, 0xD2, 0x72, 0x85, 0x5D, 0x00, 0x16, 0x2E, 0xE9, 0x52, 0x75, 0x67, 0xDD, 0x6A, 0x92, 0xCB, 0xD6, 0x29, 0x80, 0x5C, 0x04, 0x45, 0x28, 0x2B, 0xBC, 0x91, 0x67, 0x97, 0xFF }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA224, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x00, 0x40, 0xD0, 0x9F, 0xCF, 0x3C, 0x8A, 0x5F, 0x62, 0xCF, 0x4F, 0xB2, 0x23, 0xCB, 0xBB, 0x2B, 0x99, 0x37, 0xF6, 0xB0, 0x57, 0x7C, 0x27, 0x02, 0x0A, 0x99, 0x60, 0x2C, 0x25, 0xA0, 0x11, 0x36, 0x98, 0x7E, 0x45, 0x29, 0x88, 0x78, 0x14, 0x84, 0xED, 0xBB, 0xCF, 0x1C, 0x47, 0xE5, 0x54, 0xE7, 0xFC, 0x90, 0x1B, 0xC3, 0x08, 0x5E, 0x52, 0x06, 0xD9, 0xF6, 0x19, 0xCF, 0xF0, 0x7E, 0x73, 0xD6, 0xF7, 0x06 }, .r = (const unsigned char []){ 0x01, 0xC7, 0xED, 0x90, 0x2E, 0x12, 0x3E, 0x68, 0x15, 0x54, 0x60, 0x65, 0xA2, 0xC4, 0xAF, 0x97, 0x7B, 0x22, 0xAA, 0x8E, 0xAD, 0xDB, 0x68, 0xB2, 0xC1, 0x11, 0x0E, 0x7E, 0xA4, 0x4D, 0x42, 0x08, 0x6B, 0xFE, 0x4A, 0x34, 0xB6, 0x7D, 0xDC, 0x0E, 0x17, 0xE9, 0x65, 0x36, 0xE3, 0x58, 0x21, 0x9B, 0x23, 0xA7, 0x06, 0xC6, 0xA6, 0xE1, 0x6B, 0xA7, 0x7B, 0x65, 0xE1, 0xC5, 0x95, 0xD4, 0x3C, 0xAE, 0x17, 0xFB }, .s = (const unsigned char []){ 0x01, 0x77, 0x33, 0x66, 0x76, 0x30, 0x4F, 0xCB, 0x34, 0x3C, 0xE0, 0x28, 0xB3, 0x8E, 0x7B, 0x4F, 0xBA, 0x76, 0xC1, 0xC1, 0xB2, 0x77, 0xDA, 0x18, 0xCA, 0xD2, 0xA8, 0x47, 0x8B, 0x2A, 0x9A, 0x9F, 0x5B, 0xEC, 0x0F, 0x3B, 0xA0, 0x4F, 0x35, 0xDB, 0x3E, 0x42, 0x63, 0x56, 0x9E, 0xC6, 0xAA, 0xDE, 0x8C, 0x92, 0x74, 0x6E, 0x4C, 0x82, 0xF8, 0x29, 0x9A, 0xE1, 0xB8, 0xF1, 0x73, 0x9F, 0x8F, 0xD5, 0x19, 0xA4 }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA256, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x00, 0x1D, 0xE7, 0x49, 0x55, 0xEF, 0xAA, 0xBC, 0x4C, 0x4F, 0x17, 0xF8, 0xE8, 0x4D, 0x88, 0x1D, 0x13, 0x10, 0xB5, 0x39, 0x2D, 0x77, 0x00, 0x27, 0x5F, 0x82, 0xF1, 0x45, 0xC6, 0x1E, 0x84, 0x38, 0x41, 0xAF, 0x09, 0x03, 0x5B, 0xF7, 0xA6, 0x21, 0x0F, 0x5A, 0x43, 0x1A, 0x6A, 0x9E, 0x81, 0xC9, 0x32, 0x33, 0x54, 0xA9, 0xE6, 0x91, 0x35, 0xD4, 0x4E, 0xBD, 0x2F, 0xCA, 0xA7, 0x73, 0x1B, 0x90, 0x92, 0x58 }, .r = (const unsigned char []){ 0x00, 0x0E, 0x87, 0x1C, 0x4A, 0x14, 0xF9, 0x93, 0xC6, 0xC7, 0x36, 0x95, 0x01, 0x90, 0x0C, 0x4B, 0xC1, 0xE9, 0xC7, 0xB0, 0xB4, 0xBA, 0x44, 0xE0, 0x48, 0x68, 0xB3, 0x0B, 0x41, 0xD8, 0x07, 0x10, 0x42, 0xEB, 0x28, 0xC4, 0xC2, 0x50, 0x41, 0x1D, 0x0C, 0xE0, 0x8C, 0xD1, 0x97, 0xE4, 0x18, 0x8E, 0xA4, 0x87, 0x6F, 0x27, 0x9F, 0x90, 0xB3, 0xD8, 0xD7, 0x4A, 0x3C, 0x76, 0xE6, 0xF1, 0xE4, 0x65, 0x6A, 0xA8 }, .s = (const unsigned char []){ 0x00, 0xCD, 0x52, 0xDB, 0xAA, 0x33, 0xB0, 0x63, 0xC3, 0xA6, 0xCD, 0x80, 0x58, 0xA1, 0xFB, 0x0A, 0x46, 0xA4, 0x75, 0x4B, 0x03, 0x4F, 0xCC, 0x64, 0x47, 0x66, 0xCA, 0x14, 0xDA, 0x8C, 0xA5, 0xCA, 0x9F, 0xDE, 0x00, 0xE8, 0x8C, 0x1A, 0xD6, 0x0C, 0xCB, 0xA7, 0x59, 0x02, 0x52, 0x99, 0x07, 0x9D, 0x7A, 0x42, 0x7E, 0xC3, 0xCC, 0x5B, 0x61, 0x9B, 0xFB, 0xC8, 0x28, 0xE7, 0x76, 0x9B, 0xCD, 0x69, 0x4E, 0x86 }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA384, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x01, 0xF1, 0xFC, 0x4A, 0x34, 0x9A, 0x7D, 0xA9, 0xA9, 0xE1, 0x16, 0xBF, 0xDD, 0x05, 0x5D, 0xC0, 0x8E, 0x78, 0x25, 0x2F, 0xF8, 0xE2, 0x3A, 0xC2, 0x76, 0xAC, 0x88, 0xB1, 0x77, 0x0A, 0xE0, 0xB5, 0xDC, 0xEB, 0x1E, 0xD1, 0x4A, 0x49, 0x16, 0xB7, 0x69, 0xA5, 0x23, 0xCE, 0x1E, 0x90, 0xBA, 0x22, 0x84, 0x6A, 0xF1, 0x1D, 0xF8, 0xB3, 0x00, 0xC3, 0x88, 0x18, 0xF7, 0x13, 0xDA, 0xDD, 0x85, 0xDE, 0x0C, 0x88 }, .r = (const unsigned char []){ 0x01, 0x4B, 0xEE, 0x21, 0xA1, 0x8B, 0x6D, 0x8B, 0x3C, 0x93, 0xFA, 0xB0, 0x8D, 0x43, 0xE7, 0x39, 0x70, 0x79, 0x53, 0x24, 0x4F, 0xDB, 0xE9, 0x24, 0xFA, 0x92, 0x6D, 0x76, 0x66, 0x9E, 0x7A, 0xC8, 0xC8, 0x9D, 0xF6, 0x2E, 0xD8, 0x97, 0x5C, 0x2D, 0x83, 0x97, 0xA6, 0x5A, 0x49, 0xDC, 0xC0, 0x9F, 0x6B, 0x0A, 0xC6, 0x22, 0x72, 0x74, 0x19, 0x24, 0xD4, 0x79, 0x35, 0x4D, 0x74, 0xFF, 0x60, 0x75, 0x57, 0x8C }, .s = (const unsigned char []){ 0x01, 0x33, 0x33, 0x08, 0x65, 0xC0, 0x67, 0xA0, 0xEA, 0xF7, 0x23, 0x62, 0xA6, 0x5E, 0x2D, 0x7B, 0xC4, 0xE4, 0x61, 0xE8, 0xC8, 0x99, 0x5C, 0x3B, 0x62, 0x26, 0xA2, 0x1B, 0xD1, 0xAA, 0x78, 0xF0, 0xED, 0x94, 0xFE, 0x53, 0x6A, 0x0D, 0xCA, 0x35, 0x53, 0x4F, 0x0C, 0xD1, 0x51, 0x0C, 0x41, 0x52, 0x5D, 0x16, 0x3F, 0xE9, 0xD7, 0x4D, 0x13, 0x48, 0x81, 0xE3, 0x51, 0x41, 0xED, 0x5E, 0x8E, 0x95, 0xB9, 0x79 }, .siglen = 66, }, { .key = &(ICA_EC_KEY){ .nid = NID_secp521r1, .D = (unsigned char []){ 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B, 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57, 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F, 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75, 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C, 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC, 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB, 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8, 0x35, 0x38 }, .X = (unsigned char []){ 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59, 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2, 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97, 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B, 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB, 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6, 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B, 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F, 0x50, 0x23, 0xA4 }, .Y = (unsigned char []){ 0x00, 0x49, 0x31, 0x01, 0xC9, 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28, 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B, 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63, 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74, 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22, 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4, 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE, 0xAA, 0x2B, 0xFD, 0xFC, 0xF5 }, }, .hash = SHA512, .msg = (unsigned char *)"test", .msglen = sizeof("test") - 1, .k = (const unsigned char []){ 0x01, 0x62, 0x00, 0x81, 0x30, 0x20, 0xEC, 0x98, 0x68, 0x63, 0xBE, 0xDF, 0xC1, 0xB1, 0x21, 0xF6, 0x05, 0xC1, 0x21, 0x56, 0x45, 0x01, 0x8A, 0xEA, 0x1A, 0x7B, 0x21, 0x5A, 0x56, 0x4D, 0xE9, 0xEB, 0x1B, 0x38, 0xA6, 0x7A, 0xA1, 0x12, 0x8B, 0x80, 0xCE, 0x39, 0x1C, 0x4F, 0xB7, 0x11, 0x87, 0x65, 0x4A, 0xAA, 0x34, 0x31, 0x02, 0x7B, 0xFC, 0x7F, 0x39, 0x57, 0x66, 0xCA, 0x98, 0x8C, 0x96, 0x4D, 0xC5, 0x6D }, .r = (const unsigned char []){ 0x01, 0x3E, 0x99, 0x02, 0x0A, 0xBF, 0x5C, 0xEE, 0x75, 0x25, 0xD1, 0x6B, 0x69, 0xB2, 0x29, 0x65, 0x2A, 0xB6, 0xBD, 0xF2, 0xAF, 0xFC, 0xAE, 0xF3, 0x87, 0x73, 0xB4, 0xB7, 0xD0, 0x87, 0x25, 0xF1, 0x0C, 0xDB, 0x93, 0x48, 0x2F, 0xDC, 0xC5, 0x4E, 0xDC, 0xEE, 0x91, 0xEC, 0xA4, 0x16, 0x6B, 0x2A, 0x7C, 0x62, 0x65, 0xEF, 0x0C, 0xE2, 0xBD, 0x70, 0x51, 0xB7, 0xCE, 0xF9, 0x45, 0xBA, 0xBD, 0x47, 0xEE, 0x6D }, .s = (const unsigned char []){ 0x01, 0xFB, 0xD0, 0x01, 0x3C, 0x67, 0x4A, 0xA7, 0x9C, 0xB3, 0x98, 0x49, 0x52, 0x79, 0x16, 0xCE, 0x30, 0x1C, 0x66, 0xEA, 0x7C, 0xE8, 0xB8, 0x06, 0x82, 0x78, 0x6A, 0xD6, 0x0F, 0x98, 0xF7, 0xE7, 0x8A, 0x19, 0xCA, 0x69, 0xEF, 0xF5, 0xC5, 0x74, 0x00, 0xE3, 0xB3, 0xA0, 0xAD, 0x66, 0xCE, 0x09, 0x78, 0x21, 0x4D, 0x13, 0xBA, 0xF4, 0xE9, 0xAC, 0x60, 0x75, 0x2F, 0x7B, 0x15, 0x5E, 0x2D, 0xE4, 0xDC, 0xE3 }, .siglen = 66, }, }; const struct scalar_mul_tv SCALAR_MUL_TV[] = { { .curve_nid = NID_X9_62_prime256v1, .len = 32, .scalar = (unsigned char[]){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, .x = (unsigned char[]){ 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96 }, .y = (unsigned char[]){ 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16, 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5 }, }, { .curve_nid = NID_X9_62_prime256v1, .len = 32, .scalar = (unsigned char[]){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09 }, .x = (unsigned char[]){ 0xEA, 0x68, 0xD7, 0xB6, 0xFE, 0xDF, 0x0B, 0x71, 0x87, 0x89, 0x38, 0xD5, 0x1D, 0x71, 0xF8, 0x72, 0x9E, 0x0A, 0xCB, 0x8C, 0x2C, 0x6D, 0xF8, 0xB3, 0xD7, 0x9E, 0x8A, 0x4B, 0x90, 0x94, 0x9E, 0xE0 }, .y = (unsigned char[]){ 0x2A, 0x27, 0x44, 0xC9, 0x72, 0xC9, 0xFC, 0xE7, 0x87, 0x01, 0x4A, 0x96, 0x4A, 0x8E, 0xA0, 0xC8, 0x4D, 0x71, 0x4F, 0xEA, 0xA4, 0xDE, 0x82, 0x3F, 0xE8, 0x5A, 0x22, 0x4A, 0x4D, 0xD0, 0x48, 0xFA }, }, { .curve_nid = NID_X9_62_prime256v1, .len = 32, .scalar = (unsigned char[]){ 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x50 }, .x = (unsigned char[]){ 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96 }, .y = (unsigned char[]){ 0xB0, 0x1C, 0xBD, 0x1C, 0x01, 0xE5, 0x80, 0x65, 0x71, 0x18, 0x14, 0xB5, 0x83, 0xF0, 0x61, 0xE9, 0xD4, 0x31, 0xCC, 0xA9, 0x94, 0xCE, 0xA1, 0x31, 0x34, 0x49, 0xBF, 0x97, 0xC8, 0x40, 0xAE, 0x0A }, }, { .curve_nid = NID_secp384r1, .len = 48, .scalar = (unsigned char[]){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, .x = (unsigned char[]){ 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7 }, .y = (unsigned char[]){ 0x36, 0x17, 0xDE, 0x4A, 0x96, 0x26, 0x2C, 0x6F, 0x5D, 0x9E, 0x98, 0xBF, 0x92, 0x92, 0xDC, 0x29, 0xF8, 0xF4, 0x1D, 0xBD, 0x28, 0x9A, 0x14, 0x7C, 0xE9, 0xDA, 0x31, 0x13, 0xB5, 0xF0, 0xB8, 0xC0, 0x0A, 0x60, 0xB1, 0xCE, 0x1D, 0x7E, 0x81, 0x9D, 0x7A, 0x43, 0x1D, 0x7C, 0x90, 0xEA, 0x0E, 0x5F }, }, { .curve_nid = NID_secp384r1, .len = 48, .scalar = (unsigned char[]){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09 }, .x = (unsigned char[]){ 0x8F, 0x0A, 0x39, 0xA4, 0x04, 0x9B, 0xCB, 0x3E, 0xF1, 0xBF, 0x29, 0xB8, 0xB0, 0x25, 0xB7, 0x8F, 0x22, 0x16, 0xF7, 0x29, 0x1E, 0x6F, 0xD3, 0xBA, 0xC6, 0xCB, 0x1E, 0xE2, 0x85, 0xFB, 0x6E, 0x21, 0xC3, 0x88, 0x52, 0x8B, 0xFE, 0xE2, 0xB9, 0x53, 0x5C, 0x55, 0xE4, 0x46, 0x10, 0x79, 0x11, 0x8B }, .y = (unsigned char[]){ 0x62, 0xC7, 0x7E, 0x14, 0x38, 0xB6, 0x01, 0xD6, 0x45, 0x2C, 0x4A, 0x53, 0x22, 0xC3, 0xA9, 0x79, 0x9A, 0x9B, 0x3D, 0x7C, 0xA3, 0xC4, 0x00, 0xC6, 0xB7, 0x67, 0x88, 0x54, 0xAE, 0xD9, 0xB3, 0x02, 0x9E, 0x74, 0x3E, 0xFE, 0xDF, 0xD5, 0x1B, 0x68, 0x26, 0x2D, 0xA4, 0xF9, 0xAC, 0x66, 0x4A, 0xF8 }, }, { .curve_nid = NID_secp384r1, .len = 48, .scalar = (unsigned char[]){ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0x63, 0x4d, 0x81, 0xf4, 0x37, 0x2d, 0xdf, 0x58, 0x1a, 0x0d, 0xb2, 0x48, 0xb0, 0xa7, 0x7a, 0xec, 0xec, 0x19, 0x6a, 0xcc, 0xc5, 0x29, 0x72 }, .x = (unsigned char[]){ 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7 }, .y = (unsigned char[]){ 0xC9, 0xE8, 0x21, 0xB5, 0x69, 0xD9, 0xD3, 0x90, 0xA2, 0x61, 0x67, 0x40, 0x6D, 0x6D, 0x23, 0xD6, 0x07, 0x0B, 0xE2, 0x42, 0xD7, 0x65, 0xEB, 0x83, 0x16, 0x25, 0xCE, 0xEC, 0x4A, 0x0F, 0x47, 0x3E, 0xF5, 0x9F, 0x4E, 0x30, 0xE2, 0x81, 0x7E, 0x62, 0x85, 0xBC, 0xE2, 0x84, 0x6F, 0x15, 0xF1, 0xA0 }, }, { .curve_nid = NID_secp521r1, .len = 66, .scalar = (unsigned char[]){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, .x = (unsigned char[]){ 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E, 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66 }, .y = (unsigned char[]){ 0x01, 0x18, 0x39, 0x29, 0x6A, 0x78, 0x9A, 0x3B, 0xC0, 0x04, 0x5C, 0x8A, 0x5F, 0xB4, 0x2C, 0x7D, 0x1B, 0xD9, 0x98, 0xF5, 0x44, 0x49, 0x57, 0x9B, 0x44, 0x68, 0x17, 0xAF, 0xBD, 0x17, 0x27, 0x3E, 0x66, 0x2C, 0x97, 0xEE, 0x72, 0x99, 0x5E, 0xF4, 0x26, 0x40, 0xC5, 0x50, 0xB9, 0x01, 0x3F, 0xAD, 0x07, 0x61, 0x35, 0x3C, 0x70, 0x86, 0xA2, 0x72, 0xC2, 0x40, 0x88, 0xBE, 0x94, 0x76, 0x9F, 0xD1, 0x66, 0x50 }, }, { .curve_nid = NID_secp521r1, .len = 66, .scalar = (unsigned char[]){ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09 }, .x = (unsigned char[]){ 0x01, 0x58, 0x53, 0x89, 0xE3, 0x59, 0xE1, 0xE2, 0x18, 0x26, 0xA2, 0xF5, 0xBF, 0x15, 0x71, 0x56, 0xD4, 0x88, 0xED, 0x34, 0x54, 0x1B, 0x98, 0x87, 0x46, 0x99, 0x2C, 0x4A, 0xB1, 0x45, 0xB8, 0xC6, 0xB6, 0x65, 0x74, 0x29, 0xE1, 0x39, 0x61, 0x34, 0xDA, 0x35, 0xF3, 0xC5, 0x56, 0xDF, 0x72, 0x5A, 0x31, 0x8F, 0x4F, 0x50, 0xBA, 0xBD, 0x85, 0xCD, 0x28, 0x66, 0x1F, 0x45, 0x62, 0x79, 0x67, 0xCB, 0xE2, 0x07 }, .y = (unsigned char[]){ 0x00, 0x2A, 0x2E, 0x61, 0x8C, 0x9A, 0x8A, 0xED, 0xF3, 0x9F, 0x0B, 0x55, 0x55, 0x7A, 0x27, 0xAE, 0x93, 0x8E, 0x30, 0x88, 0xA6, 0x54, 0xEE, 0x1C, 0xEB, 0xB6, 0xC8, 0x25, 0xBA, 0x26, 0x3D, 0xDB, 0x44, 0x6E, 0x0D, 0x69, 0xE5, 0x75, 0x60, 0x57, 0xAC, 0x84, 0x0F, 0xF5, 0x6E, 0xCF, 0x4A, 0xBF, 0xD8, 0x7D, 0x73, 0x6C, 0x2A, 0xE9, 0x28, 0x88, 0x0F, 0x34, 0x3A, 0xA0, 0xEA, 0x86, 0xB9, 0xAD, 0x2A, 0x4E }, }, { .curve_nid = NID_secp521r1, .len = 66, .scalar = (unsigned char[]){ 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfa, 0x51, 0x86, 0x87, 0x83, 0xbf, 0x2f, 0x96, 0x6b, 0x7f, 0xcc, 0x01, 0x48, 0xf7, 0x09, 0xa5, 0xd0, 0x3b, 0xb5, 0xc9, 0xb8, 0x89, 0x9c, 0x47, 0xae, 0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x08 }, .x = (unsigned char[]){ 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E, 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66 }, .y = (unsigned char[]){ 0x00, 0xE7, 0xC6, 0xD6, 0x95, 0x87, 0x65, 0xC4, 0x3F, 0xFB, 0xA3, 0x75, 0xA0, 0x4B, 0xD3, 0x82, 0xE4, 0x26, 0x67, 0x0A, 0xBB, 0xB6, 0xA8, 0x64, 0xBB, 0x97, 0xE8, 0x50, 0x42, 0xE8, 0xD8, 0xC1, 0x99, 0xD3, 0x68, 0x11, 0x8D, 0x66, 0xA1, 0x0B, 0xD9, 0xBF, 0x3A, 0xAF, 0x46, 0xFE, 0xC0, 0x52, 0xF8, 0x9E, 0xCA, 0xC3, 0x8F, 0x79, 0x5D, 0x8D, 0x3D, 0xBF, 0x77, 0x41, 0x6B, 0x89, 0x60, 0x2E, 0x99, 0xAF }, }, }; const struct scalar_mulx_tv SCALAR_MULX_TV[] = { /* RFC 7748 */ { .curve_nid = NID_X25519, .len = 32, .scalar = (unsigned char[]){ 0xa5, 0x46, 0xe3, 0x6b, 0xf0, 0x52, 0x7c, 0x9d, 0x3b, 0x16, 0x15, 0x4b, 0x82, 0x46, 0x5e, 0xdd, 0x62, 0x14, 0x4c, 0x0a, 0xc1, 0xfc, 0x5a, 0x18, 0x50, 0x6a, 0x22, 0x44, 0xba, 0x44, 0x9a, 0xc4 }, .u = (unsigned char[]){ 0xe6, 0xdb, 0x68, 0x67, 0x58, 0x30, 0x30, 0xdb, 0x35, 0x94, 0xc1, 0xa4, 0x24, 0xb1, 0x5f, 0x7c, 0x72, 0x66, 0x24, 0xec, 0x26, 0xb3, 0x35, 0x3b, 0x10, 0xa9, 0x03, 0xa6, 0xd0, 0xab, 0x1c, 0x4c }, .res_u = (unsigned char[]){ 0xc3, 0xda, 0x55, 0x37, 0x9d, 0xe9, 0xc6, 0x90, 0x8e, 0x94, 0xea, 0x4d, 0xf2, 0x8d, 0x08, 0x4f, 0x32, 0xec, 0xcf, 0x03, 0x49, 0x1c, 0x71, 0xf7, 0x54, 0xb4, 0x07, 0x55, 0x77, 0xa2, 0x85, 0x52 }, }, { .curve_nid = NID_X25519, .len = 32, .scalar = (unsigned char[]){ 0x4b, 0x66, 0xe9, 0xd4, 0xd1, 0xb4, 0x67, 0x3c, 0x5a, 0xd2, 0x26, 0x91, 0x95, 0x7d, 0x6a, 0xf5, 0xc1, 0x1b, 0x64, 0x21, 0xe0, 0xea, 0x01, 0xd4, 0x2c, 0xa4, 0x16, 0x9e, 0x79, 0x18, 0xba, 0x0d }, .u = (unsigned char[]){ 0xe5, 0x21, 0x0f, 0x12, 0x78, 0x68, 0x11, 0xd3, 0xf4, 0xb7, 0x95, 0x9d, 0x05, 0x38, 0xae, 0x2c, 0x31, 0xdb, 0xe7, 0x10, 0x6f, 0xc0, 0x3c, 0x3e, 0xfc, 0x4c, 0xd5, 0x49, 0xc7, 0x15, 0xa4, 0x93 }, .res_u = (unsigned char[]){ 0x95, 0xcb, 0xde, 0x94, 0x76, 0xe8, 0x90, 0x7d, 0x7a, 0xad, 0xe4, 0x5c, 0xb4, 0xb8, 0x73, 0xf8, 0x8b, 0x59, 0x5a, 0x68, 0x79, 0x9f, 0xa1, 0x52, 0xe6, 0xf8, 0xf7, 0x64, 0x7a, 0xac, 0x79, 0x57 }, }, { .curve_nid = NID_X448, .len = 56, .scalar = (unsigned char[]){ 0x3d, 0x26, 0x2f, 0xdd, 0xf9, 0xec, 0x8e, 0x88, 0x49, 0x52, 0x66, 0xfe, 0xa1, 0x9a, 0x34, 0xd2, 0x88, 0x82, 0xac, 0xef, 0x04, 0x51, 0x04, 0xd0, 0xd1, 0xaa, 0xe1, 0x21, 0x70, 0x0a, 0x77, 0x9c, 0x98, 0x4c, 0x24, 0xf8, 0xcd, 0xd7, 0x8f, 0xbf, 0xf4, 0x49, 0x43, 0xeb, 0xa3, 0x68, 0xf5, 0x4b, 0x29, 0x25, 0x9a, 0x4f, 0x1c, 0x60, 0x0a, 0xd3 }, .u = (unsigned char[]){ 0x06, 0xfc, 0xe6, 0x40, 0xfa, 0x34, 0x87, 0xbf, 0xda, 0x5f, 0x6c, 0xf2, 0xd5, 0x26, 0x3f, 0x8a, 0xad, 0x88, 0x33, 0x4c, 0xbd, 0x07, 0x43, 0x7f, 0x02, 0x0f, 0x08, 0xf9, 0x81, 0x4d, 0xc0, 0x31, 0xdd, 0xbd, 0xc3, 0x8c, 0x19, 0xc6, 0xda, 0x25, 0x83, 0xfa, 0x54, 0x29, 0xdb, 0x94, 0xad, 0xa1, 0x8a, 0xa7, 0xa7, 0xfb, 0x4e, 0xf8, 0xa0, 0x86 }, .res_u = (unsigned char[]){ 0xce, 0x3e, 0x4f, 0xf9, 0x5a, 0x60, 0xdc, 0x66, 0x97, 0xda, 0x1d, 0xb1, 0xd8, 0x5e, 0x6a, 0xfb, 0xdf, 0x79, 0xb5, 0x0a, 0x24, 0x12, 0xd7, 0x54, 0x6d, 0x5f, 0x23, 0x9f, 0xe1, 0x4f, 0xba, 0xad, 0xeb, 0x44, 0x5f, 0xc6, 0x6a, 0x01, 0xb0, 0x77, 0x9d, 0x98, 0x22, 0x39, 0x61, 0x11, 0x1e, 0x21, 0x76, 0x62, 0x82, 0xf7, 0x3d, 0xd9, 0x6b, 0x6f }, }, { .curve_nid = NID_X448, .len = 56, .scalar = (unsigned char[]){ 0x20, 0x3d, 0x49, 0x44, 0x28, 0xb8, 0x39, 0x93, 0x52, 0x66, 0x5d, 0xdc, 0xa4, 0x2f, 0x9d, 0xe8, 0xfe, 0xf6, 0x00, 0x90, 0x8e, 0x0d, 0x46, 0x1c, 0xb0, 0x21, 0xf8, 0xc5, 0x38, 0x34, 0x5d, 0xd7, 0x7c, 0x3e, 0x48, 0x06, 0xe2, 0x5f, 0x46, 0xd3, 0x31, 0x5c, 0x44, 0xe0, 0xa5, 0xb4, 0x37, 0x12, 0x82, 0xdd, 0x2c, 0x8d, 0x5b, 0xe3, 0x09, 0x5f }, .u = (unsigned char[]){ 0x0f, 0xbc, 0xc2, 0xf9, 0x93, 0xcd, 0x56, 0xd3, 0x30, 0x5b, 0x0b, 0x7d, 0x9e, 0x55, 0xd4, 0xc1, 0xa8, 0xfb, 0x5d, 0xbb, 0x52, 0xf8, 0xe9, 0xa1, 0xe9, 0xb6, 0x20, 0x1b, 0x16, 0x5d, 0x01, 0x58, 0x94, 0xe5, 0x6c, 0x4d, 0x35, 0x70, 0xbe, 0xe5, 0x2f, 0xe2, 0x05, 0xe2, 0x8a, 0x78, 0xb9, 0x1c, 0xdf, 0xbd, 0xe7, 0x1c, 0xe8, 0xd1, 0x57, 0xdb }, .res_u = (unsigned char[]){ 0x88, 0x4a, 0x02, 0x57, 0x62, 0x39, 0xff, 0x7a, 0x2f, 0x2f, 0x63, 0xb2, 0xdb, 0x6a, 0x9f, 0xf3, 0x70, 0x47, 0xac, 0x13, 0x56, 0x8e, 0x1e, 0x30, 0xfe, 0x63, 0xc4, 0xa7, 0xad, 0x1b, 0x3e, 0xe3, 0xa5, 0x70, 0x0d, 0xf3, 0x43, 0x21, 0xd6, 0x20, 0x77, 0xe6, 0x36, 0x33, 0xc5, 0x75, 0xc1, 0xc9, 0x54, 0x51, 0x4e, 0x99, 0xda, 0x7c, 0x17, 0x9d }, }, }; const struct scalar_mulx_it_tv SCALAR_MULX_IT_TV[] = { /* RFC 7748 */ { .curve_nid = NID_X25519, .len = 32, .scalar_u = (unsigned char[]){ 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, .res_u_it1 = (unsigned char[]){ 0x42, 0x2c, 0x8e, 0x7a, 0x62, 0x27, 0xd7, 0xbc, 0xa1, 0x35, 0x0b, 0x3e, 0x2b, 0xb7, 0x27, 0x9f, 0x78, 0x97, 0xb8, 0x7b, 0xb6, 0x85, 0x4b, 0x78, 0x3c, 0x60, 0xe8, 0x03, 0x11, 0xae, 0x30, 0x79 }, .res_u_it1000 = (unsigned char[]){ 0x68, 0x4c, 0xf5, 0x9b, 0xa8, 0x33, 0x09, 0x55, 0x28, 0x00, 0xef, 0x56, 0x6f, 0x2f, 0x4d, 0x3c, 0x1c, 0x38, 0x87, 0xc4, 0x93, 0x60, 0xe3, 0x87, 0x5f, 0x2e, 0xb9, 0x4d, 0x99, 0x53, 0x2c, 0x51 }, .res_u_it1000000 = (unsigned char[]){ 0x7c, 0x39, 0x11, 0xe0, 0xab, 0x25, 0x86, 0xfd, 0x86, 0x44, 0x97, 0x29, 0x7e, 0x57, 0x5e, 0x6f, 0x3b, 0xc6, 0x01, 0xc0, 0x88, 0x3c, 0x30, 0xdf, 0x5f, 0x4d, 0xd2, 0xd2, 0x4f, 0x66, 0x54, 0x24 }, }, { .curve_nid = NID_X448, .len = 56, .scalar_u = (unsigned char[]){ 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, .res_u_it1 = (unsigned char[]){ 0x3f, 0x48, 0x2c, 0x8a, 0x9f, 0x19, 0xb0, 0x1e, 0x6c, 0x46, 0xee, 0x97, 0x11, 0xd9, 0xdc, 0x14, 0xfd, 0x4b, 0xf6, 0x7a, 0xf3, 0x07, 0x65, 0xc2, 0xae, 0x2b, 0x84, 0x6a, 0x4d, 0x23, 0xa8, 0xcd, 0x0d, 0xb8, 0x97, 0x08, 0x62, 0x39, 0x49, 0x2c, 0xaf, 0x35, 0x0b, 0x51, 0xf8, 0x33, 0x86, 0x8b, 0x9b, 0xc2, 0xb3, 0xbc, 0xa9, 0xcf, 0x41, 0x13 }, .res_u_it1000 = (unsigned char[]){ 0xaa, 0x3b, 0x47, 0x49, 0xd5, 0x5b, 0x9d, 0xaf, 0x1e, 0x5b, 0x00, 0x28, 0x88, 0x26, 0xc4, 0x67, 0x27, 0x4c, 0xe3, 0xeb, 0xbd, 0xd5, 0xc1, 0x7b, 0x97, 0x5e, 0x09, 0xd4, 0xaf, 0x6c, 0x67, 0xcf, 0x10, 0xd0, 0x87, 0x20, 0x2d, 0xb8, 0x82, 0x86, 0xe2, 0xb7, 0x9f, 0xce, 0xea, 0x3e, 0xc3, 0x53, 0xef, 0x54, 0xfa, 0xa2, 0x6e, 0x21, 0x9f, 0x38 }, .res_u_it1000000 = (unsigned char[]){ 0x07, 0x7f, 0x45, 0x36, 0x81, 0xca, 0xca, 0x36, 0x93, 0x19, 0x84, 0x20, 0xbb, 0xe5, 0x15, 0xca, 0xe0, 0x00, 0x24, 0x72, 0x51, 0x9b, 0x3e, 0x67, 0x66, 0x1a, 0x7e, 0x89, 0xca, 0xb9, 0x46, 0x95, 0xc8, 0xf4, 0xbc, 0xd6, 0x6e, 0x61, 0xb9, 0xb9, 0xc9, 0x46, 0xda, 0x8d, 0x52, 0x4d, 0xe3, 0xd6, 0x9b, 0xd9, 0xd9, 0xd6, 0x6b, 0x99, 0x7e, 0x37 }, }, }; const struct scalar_mulx_kex_tv SCALAR_MULX_KEX_TV[] = { /* RFC 7748 */ { .curve_nid = NID_X25519, .len = 32, .a_priv = (unsigned char[]){ 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a }, .b_priv = (unsigned char[]){ 0x5d, 0xab, 0x08, 0x7e, 0x62, 0x4a, 0x8a, 0x4b, 0x79, 0xe1, 0x7f, 0x8b, 0x83, 0x80, 0x0e, 0xe6, 0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18, 0xb6, 0xfd, 0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88, 0xe0, 0xeb }, .a_pub = (unsigned char[]){ 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b, 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0x6a }, .b_pub = (unsigned char[]){ 0xde, 0x9e, 0xdb, 0x7d, 0x7b, 0x7d, 0xc1, 0xb4, 0xd3, 0x5b, 0x61, 0xc2, 0xec, 0xe4, 0x35, 0x37, 0x3f, 0x83, 0x43, 0xc8, 0x5b, 0x78, 0x67, 0x4d, 0xad, 0xfc, 0x7e, 0x14, 0x6f, 0x88, 0x2b, 0x4f }, .shared_secret = (unsigned char[]){ 0x4a, 0x5d, 0x9d, 0x5b, 0xa4, 0xce, 0x2d, 0xe1, 0x72, 0x8e, 0x3b, 0xf4, 0x80, 0x35, 0x0f, 0x25, 0xe0, 0x7e, 0x21, 0xc9, 0x47, 0xd1, 0x9e, 0x33, 0x76, 0xf0, 0x9b, 0x3c, 0x1e, 0x16, 0x17, 0x42 }, }, { .curve_nid = NID_X448, .len = 56, .a_priv = (unsigned char[]){ 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf, 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba, 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9, 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91, 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2, 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b }, .b_priv = (unsigned char[]){ 0x1c, 0x30, 0x6a, 0x7a, 0xc2, 0xa0, 0xe2, 0xe0, 0x99, 0x0b, 0x29, 0x44, 0x70, 0xcb, 0xa3, 0x39, 0xe6, 0x45, 0x37, 0x72, 0xb0, 0x75, 0x81, 0x1d, 0x8f, 0xad, 0x0d, 0x1d, 0x69, 0x27, 0xc1, 0x20, 0xbb, 0x5e, 0xe8, 0x97, 0x2b, 0x0d, 0x3e, 0x21, 0x37, 0x4c, 0x9c, 0x92, 0x1b, 0x09, 0xd1, 0xb0, 0x36, 0x6f, 0x10, 0xb6, 0x51, 0x73, 0x99, 0x2d }, .a_pub = (unsigned char[]){ 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22, 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8, 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5, 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4, 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f, 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0 }, .b_pub = (unsigned char[]){ 0x3e, 0xb7, 0xa8, 0x29, 0xb0, 0xcd, 0x20, 0xf5, 0xbc, 0xfc, 0x0b, 0x59, 0x9b, 0x6f, 0xec, 0xcf, 0x6d, 0xa4, 0x62, 0x71, 0x07, 0xbd, 0xb0, 0xd4, 0xf3, 0x45, 0xb4, 0x30, 0x27, 0xd8, 0xb9, 0x72, 0xfc, 0x3e, 0x34, 0xfb, 0x42, 0x32, 0xa1, 0x3c, 0xa7, 0x06, 0xdc, 0xb5, 0x7a, 0xec, 0x3d, 0xae, 0x07, 0xbd, 0xc1, 0xc6, 0x7b, 0xf3, 0x36, 0x09 }, .shared_secret = (unsigned char[]){ 0x07, 0xff, 0xf4, 0x18, 0x1a, 0xc6, 0xcc, 0x95, 0xec, 0x1c, 0x16, 0xa9, 0x4a, 0x0f, 0x74, 0xd1, 0x2d, 0xa2, 0x32, 0xce, 0x40, 0xa7, 0x75, 0x52, 0x28, 0x1d, 0x28, 0x2b, 0xb6, 0x0c, 0x0b, 0x56, 0xfd, 0x24, 0x64, 0xc3, 0x35, 0x54, 0x39, 0x36, 0x52, 0x1c, 0x24, 0x40, 0x30, 0x85, 0xd5, 0x9a, 0x44, 0x9a, 0x50, 0x37, 0x51, 0x4a, 0x87, 0x9d }, }, }; #endif /* ICA_INTERNAL_TEST_EC */ const struct drbg_sha512_tv DRBG_SHA512_TV[] = { { .no_reseed = true, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 0, .add_len = 0, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char[]){ 0x6b,0x50,0xa7,0xd8,0xf8,0xa5,0x5d,0x7a,0x3d,0xf8,0xbb,0x40,0xbc,0xc3,0xb7,0x22, 0xd8,0x70,0x8d,0xe6,0x7f,0xda,0x01,0x0b,0x03,0xc4,0xc8,0x4d,0x72,0x09,0x6f,0x8c, }, .nonce = (unsigned char[]){ 0x3e,0xc6,0x49,0xcc,0x62,0x56,0xd9,0xfa,0x31,0xdb,0x7a,0x29,0x04,0xaa,0xf0,0x25, }, .v = (unsigned char[]){ 0xad,0xe3,0x6f,0x9a,0x01,0xc7,0x76,0x61,0x34,0x35,0xf5,0x4e,0x24,0x74,0x22,0x21, 0x9a,0x29,0x89,0xc7,0x93,0x2e,0x60,0x1e,0xe8,0x14,0x24,0x8d,0xd5,0x03,0xf1,0x65, 0x5d,0x08,0x22,0x72,0xd5,0xad,0x95,0xe1,0x23,0x1e,0x8a,0xa7,0x13,0xd9,0x2b,0x5e, 0xbc,0xbb,0x80,0xab,0x8d,0xe5,0x79,0xab,0x5b,0x47,0x4e,0xdd,0xee,0x6b,0x03,0x8f, 0x0f,0x5c,0x5e,0xa9,0x1a,0x83,0xdd,0xd3,0x88,0xb2,0x75,0x4b,0xce,0x83,0x36,0x57, 0x4b,0xf1,0x5c,0xca,0x7e,0x09,0xc0,0xd3,0x89,0xc6,0xe0,0xda,0xc4,0x81,0x7e,0x5b, 0xf9,0xe1,0x01,0xc1,0x92,0x05,0xea,0xf5,0x2f,0xc6,0xc6,0xc7,0x8f,0xbc,0xf4, }, .c = (unsigned char[]){ 0xf4,0xa3,0xe5,0xa0,0x72,0x63,0x95,0xc6,0x4f,0x48,0xd0,0x8b,0x5b,0x5f,0x8e,0x6b, 0x96,0x1f,0x16,0xed,0xbc,0x66,0x94,0x45,0x31,0xd7,0x47,0x73,0x22,0xa5,0x86,0xce, 0xc0,0x4c,0xac,0x63,0xb8,0x39,0x50,0xbf,0xe6,0x59,0x6c,0x38,0x58,0x99,0x1f,0x27, 0xa7,0x9d,0x71,0x2a,0xb3,0x7b,0xf9,0xfb,0x17,0x86,0xaa,0x99,0x81,0xaa,0x43,0xe4, 0x37,0xd3,0x1e,0x6e,0xe5,0xe6,0xee,0xc2,0xed,0x95,0x4f,0x53,0x0e,0x46,0x8a,0xcc, 0x45,0xa5,0xdb,0x69,0x0d,0x81,0xc9,0x32,0x92,0xbc,0x8f,0x33,0xe6,0xf6,0x09,0x7c, 0x8e,0x05,0x19,0x0d,0xf1,0xb6,0xcc,0xf3,0x02,0x21,0x90,0x25,0xec,0xed,0x0e, }, .reseed_ctr = 1, }, .gen1 = { .v =(unsigned char[]){ 0xa2,0x87,0x55,0x3a,0x74,0x2b,0x0c,0x27,0x83,0x7e,0xc5,0xd9,0x7f,0xd3,0xb0,0x8d, 0x30,0x48,0xa0,0xb5,0x4f,0x94,0xf4,0x64,0x19,0xeb,0x6c,0x00,0xf7,0xa9,0x78,0x34, 0x1d,0x54,0xce,0xd6,0x8d,0xe6,0xe6,0xa1,0x09,0x77,0xf6,0xdf,0x6c,0x72,0x4b,0x26, 0x78,0x01,0xa8,0x2e,0x3a,0x96,0x7a,0x5f,0xb0,0x63,0x6e,0xdf,0xc9,0x16,0xc0,0x93, 0x52,0x6f,0x16,0x68,0xea,0x76,0x95,0x50,0x56,0xc9,0x54,0x09,0x44,0xce,0x67,0x73, 0xd6,0x55,0x30,0xce,0xae,0xa7,0xcf,0xf2,0x70,0xb3,0x57,0x27,0x86,0xe9,0x60,0x09, 0x73,0x23,0x2e,0xa5,0xdc,0xd3,0x75,0x77,0xc0,0xd9,0x84,0x37,0x19,0x9c,0x69, } , .c = (unsigned char[]){ 0xf4,0xa3,0xe5,0xa0,0x72,0x63,0x95,0xc6,0x4f,0x48,0xd0,0x8b,0x5b,0x5f,0x8e,0x6b, 0x96,0x1f,0x16,0xed,0xbc,0x66,0x94,0x45,0x31,0xd7,0x47,0x73,0x22,0xa5,0x86,0xce, 0xc0,0x4c,0xac,0x63,0xb8,0x39,0x50,0xbf,0xe6,0x59,0x6c,0x38,0x58,0x99,0x1f,0x27, 0xa7,0x9d,0x71,0x2a,0xb3,0x7b,0xf9,0xfb,0x17,0x86,0xaa,0x99,0x81,0xaa,0x43,0xe4, 0x37,0xd3,0x1e,0x6e,0xe5,0xe6,0xee,0xc2,0xed,0x95,0x4f,0x53,0x0e,0x46,0x8a,0xcc, 0x45,0xa5,0xdb,0x69,0x0d,0x81,0xc9,0x32,0x92,0xbc,0x8f,0x33,0xe6,0xf6,0x09,0x7c, 0x8e,0x05,0x19,0x0d,0xf1,0xb6,0xcc,0xf3,0x02,0x21,0x90,0x25,0xec,0xed,0x0e, }, .reseed_ctr = 2, }, .gen2 = { .v = (unsigned char[]){ 0x97,0x2b,0x3a,0xda,0xe6,0x8e,0xa1,0xed,0xd2,0xc7,0x96,0x64,0xdb,0x33,0x3e,0xf8, 0xc6,0x67,0xb7,0xa3,0x0b,0xfb,0x88,0xa9,0x4b,0xc2,0xb3,0x74,0x1a,0x4e,0xff,0x02, 0xdd,0xa1,0x7b,0x3a,0x46,0x20,0x37,0x60,0xef,0xd1,0x63,0x17,0xc5,0x0b,0x6a,0xb8, 0xbc,0x68,0x49,0x73,0xb3,0xa3,0x83,0x57,0x0e,0x00,0x53,0x78,0xdd,0x89,0xf1,0xf9, 0xa6,0xdc,0xcb,0x83,0xb6,0xe2,0x28,0x21,0x94,0x41,0x33,0x56,0xa7,0x9c,0x52,0x3d, 0x5e,0x38,0x1f,0x78,0xe1,0x22,0xa9,0xa2,0xd2,0xe6,0x00,0xdb,0xc1,0x61,0x85,0xf5, 0x1c,0xca,0x1c,0x70,0xf5,0x5d,0x27,0x6a,0x76,0x63,0x1b,0xac,0x4e,0xee,0x7a, }, .c = (unsigned char[]){ 0xf4,0xa3,0xe5,0xa0,0x72,0x63,0x95,0xc6,0x4f,0x48,0xd0,0x8b,0x5b,0x5f,0x8e,0x6b, 0x96,0x1f,0x16,0xed,0xbc,0x66,0x94,0x45,0x31,0xd7,0x47,0x73,0x22,0xa5,0x86,0xce, 0xc0,0x4c,0xac,0x63,0xb8,0x39,0x50,0xbf,0xe6,0x59,0x6c,0x38,0x58,0x99,0x1f,0x27, 0xa7,0x9d,0x71,0x2a,0xb3,0x7b,0xf9,0xfb,0x17,0x86,0xaa,0x99,0x81,0xaa,0x43,0xe4, 0x37,0xd3,0x1e,0x6e,0xe5,0xe6,0xee,0xc2,0xed,0x95,0x4f,0x53,0x0e,0x46,0x8a,0xcc, 0x45,0xa5,0xdb,0x69,0x0d,0x81,0xc9,0x32,0x92,0xbc,0x8f,0x33,0xe6,0xf6,0x09,0x7c, 0x8e,0x05,0x19,0x0d,0xf1,0xb6,0xcc,0xf3,0x02,0x21,0x90,0x25,0xec,0xed,0x0e, }, .reseed_ctr = 3, }, .prnd = (unsigned char[]){ 0x95,0xb7,0xf1,0x7e,0x98,0x02,0xd3,0x57,0x73,0x92,0xc6,0xa9,0xc0,0x80,0x83,0xb6, 0x7d,0xd1,0x29,0x22,0x65,0xb5,0xf4,0x2d,0x23,0x7f,0x1c,0x55,0xbb,0x9b,0x10,0xbf, 0xcf,0xd8,0x2c,0x77,0xa3,0x78,0xb8,0x26,0x6a,0x00,0x99,0x14,0x3b,0x3c,0x2d,0x64, 0x61,0x1e,0xee,0xb6,0x9a,0xcd,0xc0,0x55,0x95,0x7c,0x13,0x9e,0x8b,0x19,0x0c,0x7a, 0x06,0x95,0x5f,0x2c,0x79,0x7c,0x27,0x78,0xde,0x94,0x03,0x96,0xa5,0x01,0xf4,0x0e, 0x91,0x39,0x6a,0xcf,0x8d,0x7e,0x45,0xeb,0xdb,0xb5,0x3b,0xbf,0x8c,0x97,0x52,0x30, 0xd2,0xf0,0xff,0x91,0x06,0xc7,0x61,0x19,0xae,0x49,0x8e,0x7f,0xbc,0x03,0xd9,0x0f, 0x8e,0x4c,0x51,0x62,0x7a,0xed,0x5c,0x8d,0x42,0x63,0xd5,0xd2,0xb9,0x78,0x87,0x3a, 0x0d,0xe5,0x96,0xee,0x6d,0xc7,0xf7,0xc2,0x9e,0x37,0xee,0xe8,0xb3,0x4c,0x90,0xdd, 0x1c,0xf6,0xa9,0xdd,0xb2,0x2b,0x4c,0xbd,0x08,0x6b,0x14,0xb3,0x5d,0xe9,0x3d,0xa2, 0xd5,0xcb,0x18,0x06,0x69,0x8c,0xbd,0x7b,0xbb,0x67,0xbf,0xe3,0xd3,0x1f,0xd2,0xd1, 0xdb,0xd2,0xa1,0xe0,0x58,0xa3,0xeb,0x99,0xd7,0xe5,0x1f,0x1a,0x93,0x8e,0xed,0x5e, 0x1c,0x1d,0xe2,0x3a,0x6b,0x43,0x45,0xd3,0x19,0x14,0x09,0xf9,0x2f,0x39,0xb3,0x67, 0x0d,0x8d,0xbf,0xb6,0x35,0xd8,0xe6,0xa3,0x69,0x32,0xd8,0x10,0x33,0xd1,0x44,0x8d, 0x63,0xb4,0x03,0xdd,0xf8,0x8e,0x12,0x1b,0x6e,0x81,0x9a,0xc3,0x81,0x22,0x6c,0x13, 0x21,0xe4,0xb0,0x86,0x44,0xf6,0x72,0x7c,0x36,0x8c,0x5a,0x9f,0x7a,0x4b,0x3e,0xe2, }, }, { .no_reseed = true, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 0, .add_len = 256 / 8, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char[]){ 0x9c,0x96,0xa3,0x4f,0x68,0x68,0x9b,0x8a,0xa8,0xd9,0xc1,0xf6,0xcd,0x0f,0xa7,0xc6, 0xf9,0x60,0x71,0xca,0xf1,0xbf,0x55,0x56,0xf4,0x5b,0xdb,0xf4,0x8c,0x6c,0xf0,0xc6, }, .nonce = (unsigned char[]){ 0x88,0x5c,0x25,0x39,0x04,0x6a,0xfb,0x14,0x01,0xeb,0x7a,0x5c,0x84,0xdb,0xd9,0xc2, }, .v = (unsigned char[]){ 0x11,0xb6,0xf9,0xc7,0x4e,0x77,0x32,0xa3,0x93,0xe6,0xd3,0x4f,0x4d,0x8d,0x5b,0xb9, 0x3d,0xf8,0xd0,0x7a,0x52,0xfe,0xb5,0x30,0xe0,0x9e,0x44,0xaa,0xdc,0x90,0x19,0x16, 0x5e,0x9c,0xf9,0x03,0x87,0xf8,0x0f,0x1a,0x41,0x62,0x16,0x90,0xff,0x29,0x08,0xb7, 0x28,0x21,0x37,0x09,0x27,0xcb,0xc1,0xd3,0xd6,0x6d,0x47,0xa9,0xc0,0x4c,0x8e,0xd8, 0x49,0x26,0x39,0xe3,0x8b,0xe7,0x6d,0x30,0x05,0xc1,0xc4,0xa8,0x83,0x73,0x0b,0x55, 0xa4,0x91,0x4a,0x87,0xc9,0x73,0x31,0xbd,0x06,0xba,0xf0,0x79,0x40,0x95,0x7f,0x62, 0x82,0xe3,0xcd,0x28,0xa3,0x7d,0xa7,0x55,0xde,0x25,0x0f,0xf1,0x08,0x38,0x85,}, .c = (unsigned char[]){ 0xb6,0xba,0xbd,0x1c,0xa5,0x4b,0x3c,0x3c,0x7c,0x5b,0xec,0xf6,0xc1,0xa0,0x52,0xa5, 0x37,0x6e,0x2a,0x63,0x7a,0xe9,0x25,0x1a,0x8a,0xee,0x90,0xa4,0x6e,0x9b,0x0a,0xbf, 0xe9,0xe1,0xda,0x50,0xd6,0x97,0x17,0x10,0x04,0x3a,0x3f,0xff,0x16,0xef,0x17,0x05, 0xe4,0x98,0x27,0xd7,0xe9,0x5c,0x4e,0xed,0x90,0x9e,0x34,0xee,0x00,0x39,0x9a,0x96, 0x22,0x10,0xcb,0x36,0x91,0x33,0xed,0x04,0xcf,0x50,0x33,0xc2,0xa8,0xda,0x69,0x2d, 0x41,0x8c,0x70,0xec,0x14,0x10,0x62,0x37,0x9c,0xd0,0x84,0x6f,0x1a,0x32,0x72,0x5e, 0x46,0x4d,0x7b,0x39,0xa1,0x69,0x9e,0x49,0xdc,0xc4,0x02,0x6a,0xe2,0xd8,0x7e, }, .reseed_ctr = 1, }, .gen1 = { .add = (unsigned char[]){ 0xcb,0x61,0xc4,0xf7,0x5c,0x01,0xb5,0x78,0xaa,0x23,0x3a,0x0b,0xae,0x48,0x81,0xc0, 0xa1,0x15,0x27,0xc2,0x2f,0xe7,0xb3,0x4f,0xb6,0xae,0x62,0xee,0xbc,0xfe,0x60,0x85, }, .v = (unsigned char[]){ 0xc8,0x71,0xb6,0xe3,0xf3,0xc2,0x6e,0xe0,0x10,0x42,0xc0,0x46,0x0f,0x2d,0xae,0x5e, 0x75,0x66,0xfa,0xdd,0xcd,0xe7,0xda,0x4b,0x6b,0x8c,0xd5,0x4f,0x4b,0x2b,0x23,0xd6, 0x48,0x7e,0xd3,0x54,0x5e,0x8f,0x26,0x2a,0x45,0x9c,0x56,0x90,0x16,0x18,0x20,0xc4, 0xd7,0x95,0xe0,0xb1,0xd2,0xc5,0x25,0x5c,0x61,0xe5,0xa0,0x1b,0xa2,0xee,0x46,0x8e, 0xfe,0x9e,0xdf,0x2a,0x9d,0x68,0x0f,0x37,0x5d,0x37,0xd7,0x2f,0x43,0xf2,0x08,0x3e, 0x92,0x6d,0x6d,0x78,0xb2,0x21,0x95,0xdd,0xb6,0x4f,0x40,0xbc,0x0c,0x56,0xc4,0x5a, 0x0d,0x48,0x14,0x19,0xbf,0x2e,0x29,0xca,0xec,0xfc,0xbd,0xca,0x32,0xbc,0x2e, }, .c = (unsigned char[]){ 0xb6,0xba,0xbd,0x1c,0xa5,0x4b,0x3c,0x3c,0x7c,0x5b,0xec,0xf6,0xc1,0xa0,0x52,0xa5, 0x37,0x6e,0x2a,0x63,0x7a,0xe9,0x25,0x1a,0x8a,0xee,0x90,0xa4,0x6e,0x9b,0x0a,0xbf, 0xe9,0xe1,0xda,0x50,0xd6,0x97,0x17,0x10,0x04,0x3a,0x3f,0xff,0x16,0xef,0x17,0x05, 0xe4,0x98,0x27,0xd7,0xe9,0x5c,0x4e,0xed,0x90,0x9e,0x34,0xee,0x00,0x39,0x9a,0x96, 0x22,0x10,0xcb,0x36,0x91,0x33,0xed,0x04,0xcf,0x50,0x33,0xc2,0xa8,0xda,0x69,0x2d, 0x41,0x8c,0x70,0xec,0x14,0x10,0x62,0x37,0x9c,0xd0,0x84,0x6f,0x1a,0x32,0x72,0x5e, 0x46,0x4d,0x7b,0x39,0xa1,0x69,0x9e,0x49,0xdc,0xc4,0x02,0x6a,0xe2,0xd8,0x7e, }, .reseed_ctr = 2, }, .gen2 = { .add = (unsigned char[]){ 0xc0,0x66,0xfd,0x2e,0xb8,0xe4,0xae,0xa2,0xe7,0x14,0x5e,0xda,0x0c,0xfc,0x8b,0xef, 0x5e,0xed,0xcc,0x36,0x7b,0x1c,0xb4,0xde,0x7e,0xb2,0xc2,0x75,0x9f,0xa7,0x5b,0xf7, }, .v = (unsigned char[]){ 0x7f,0x2c,0x74,0x00,0x99,0x0d,0xab,0x1c,0x8c,0x9e,0xad,0x3c,0xd0,0xce,0x01,0x03, 0xac,0xd5,0x25,0x41,0x48,0xd0,0xff,0x65,0xf6,0x7b,0x65,0xf3,0xb9,0xc6,0x2e,0x96, 0x32,0x60,0xad,0xa5,0x35,0x26,0x3d,0x3a,0x49,0xd6,0x96,0x8f,0x2d,0x07,0x38,0xf1, 0xff,0x65,0xdf,0x49,0x81,0xe3,0xf6,0x71,0x0c,0x7e,0x69,0xec,0xc0,0x61,0x16,0xa8, 0x27,0xa5,0x38,0x37,0x38,0x52,0x56,0xb8,0x2b,0x25,0x7b,0x70,0x33,0x15,0x79,0xb2, 0x2a,0xbd,0x05,0x55,0x3e,0x2d,0x36,0x14,0x66,0xe4,0x83,0x97,0x2a,0xbe,0x31,0x10, 0xcd,0x4d,0x09,0x35,0x99,0x9a,0x21,0xd1,0xce,0x3d,0x98,0x0d,0x4a,0x31,0xec, }, .c = (unsigned char[]){ 0xb6,0xba,0xbd,0x1c,0xa5,0x4b,0x3c,0x3c,0x7c,0x5b,0xec,0xf6,0xc1,0xa0,0x52,0xa5, 0x37,0x6e,0x2a,0x63,0x7a,0xe9,0x25,0x1a,0x8a,0xee,0x90,0xa4,0x6e,0x9b,0x0a,0xbf, 0xe9,0xe1,0xda,0x50,0xd6,0x97,0x17,0x10,0x04,0x3a,0x3f,0xff,0x16,0xef,0x17,0x05, 0xe4,0x98,0x27,0xd7,0xe9,0x5c,0x4e,0xed,0x90,0x9e,0x34,0xee,0x00,0x39,0x9a,0x96, 0x22,0x10,0xcb,0x36,0x91,0x33,0xed,0x04,0xcf,0x50,0x33,0xc2,0xa8,0xda,0x69,0x2d, 0x41,0x8c,0x70,0xec,0x14,0x10,0x62,0x37,0x9c,0xd0,0x84,0x6f,0x1a,0x32,0x72,0x5e, 0x46,0x4d,0x7b,0x39,0xa1,0x69,0x9e,0x49,0xdc,0xc4,0x02,0x6a,0xe2,0xd8,0x7e, }, .reseed_ctr = 3, }, .prnd = (unsigned char[]){ 0x78,0x2c,0x20,0x8e,0xd5,0x80,0x44,0xe7,0x8b,0x5b,0xbb,0xd8,0x77,0x2a,0x3c,0xaf, 0x25,0xb4,0x7d,0x36,0xaf,0xeb,0x0d,0x34,0x93,0xc4,0x3e,0x01,0xcc,0x66,0xa0,0xca, 0x2f,0xac,0xed,0x2a,0xb1,0x86,0xbc,0x46,0x82,0x5d,0x98,0x9c,0xf8,0xee,0x7c,0x95, 0xf8,0xc0,0xb0,0xd2,0xb7,0x6e,0x6c,0x85,0x90,0xe7,0x28,0x34,0xd4,0xc5,0x24,0x45, 0xae,0xce,0xeb,0x7b,0xf5,0xf5,0xd9,0xac,0x44,0xa1,0x2c,0xbd,0x3f,0xa7,0xf4,0x46, 0x2f,0x85,0x64,0x52,0xdc,0x4a,0x92,0x91,0x82,0xd2,0x38,0x8a,0xa7,0x63,0x5b,0x96, 0x98,0xa9,0x12,0x58,0x5d,0xf7,0xf5,0x60,0xad,0xc5,0x08,0x0d,0x53,0xb8,0x2b,0xbd, 0x7e,0x9e,0x48,0x0b,0x00,0xd1,0xda,0x5b,0xb2,0xd4,0x80,0xca,0xe2,0xba,0x8c,0x67, 0xd4,0xbf,0x3b,0xfd,0x14,0x6a,0x91,0xd6,0xaa,0xb3,0x9f,0xaa,0xe1,0x60,0x0a,0xf2, 0xce,0x32,0x04,0xca,0xbf,0x4c,0x1c,0xae,0xe4,0xcf,0xd5,0xe6,0xf8,0xdb,0x19,0x02, 0x03,0x3f,0x7f,0x8d,0x33,0xbc,0x6e,0x0e,0x5d,0x32,0xa3,0x20,0xba,0x73,0x5d,0x09, 0x1f,0x30,0x86,0x7b,0x7c,0xb7,0x88,0x0c,0x2e,0x3c,0xe6,0xaa,0xda,0x79,0x66,0x41, 0x91,0xdf,0x36,0x0d,0x35,0xfe,0x9a,0xe7,0xba,0xbc,0xa4,0x14,0x85,0xb0,0x6a,0xb4, 0x9d,0xff,0x52,0x87,0x82,0xfb,0xe6,0xf2,0xb0,0xe7,0x49,0x96,0xe9,0xce,0x92,0x72, 0xd1,0xef,0x39,0x2b,0xe5,0xc1,0x7c,0xc6,0x2c,0x74,0xbe,0x50,0x4e,0x6a,0x87,0x31, 0xdd,0x95,0x48,0xb0,0xdb,0x27,0xe0,0xb7,0xdb,0x48,0x86,0xf5,0x37,0x88,0x36,0x23, }, }, { .no_reseed = true, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 256 / 8, .add_len = 0, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char[]){ 0xb5,0x10,0xa6,0x0a,0x5a,0x19,0x00,0x7b,0xa8,0x08,0xe6,0x0b,0x16,0x28,0xed,0x99, 0x07,0xd1,0xbe,0xf9,0x92,0xd4,0xfc,0x0a,0xbe,0x51,0x50,0x01,0x31,0xcb,0x4c,0xf8, }, .nonce = (unsigned char[]){ 0xeb,0x1b,0xd7,0x83,0xac,0xcc,0x85,0x5e,0xb3,0x20,0xcd,0xe1,0x0b,0x1b,0xe6,0xd0, }, .pers = (unsigned char[]){ 0x7e,0xa1,0x0e,0x96,0xaf,0x90,0x0c,0x25,0xd3,0xbe,0x3b,0x50,0xa0,0xcc,0x71,0xa7, 0x9f,0xe4,0x14,0xbd,0x4c,0x37,0x39,0x80,0x3f,0x02,0xff,0xe5,0xb2,0x60,0xbf,0xbb, }, .v = (unsigned char[]){ 0x6e,0x10,0x09,0xeb,0x74,0x25,0x4e,0x17,0xbc,0xa3,0x2a,0xb7,0xbc,0x01,0x91,0xba, 0x70,0x89,0xb7,0x8c,0x4b,0xa4,0xbb,0xab,0xab,0x03,0xfc,0x6c,0x1e,0xa5,0xb7,0xdb, 0xef,0x37,0xec,0xcd,0x5f,0x70,0x7f,0x99,0x11,0xab,0x57,0xe4,0xd1,0x8d,0x34,0x84, 0x53,0x42,0x42,0x90,0x07,0x33,0x61,0x5d,0x66,0xf2,0x2b,0x76,0x90,0x1e,0x08,0xcc, 0x0d,0x86,0xa3,0x89,0xc8,0x6f,0x27,0x12,0xab,0x34,0x05,0x23,0x66,0x36,0x14,0x1d, 0xdd,0xc8,0xae,0x83,0xaa,0x33,0x77,0x21,0xf5,0x7e,0x23,0x08,0xf8,0x15,0x0a,0x35, 0x0f,0x07,0xef,0x94,0x68,0x26,0xef,0x80,0xba,0x20,0xfe,0x20,0x23,0xe4,0x39, }, .c = (unsigned char[]){ 0x61,0x67,0x19,0xd5,0xd6,0xa4,0xdf,0xd8,0x39,0x9e,0x41,0xf3,0x67,0x7e,0x12,0xcc, 0xbd,0x2e,0x3d,0x1e,0x1d,0xc5,0x7b,0xa0,0xb7,0x1d,0x1c,0x61,0x5a,0x50,0x14,0xd7, 0x33,0x63,0x7f,0x2c,0x6f,0x0a,0x5e,0x97,0xe7,0x78,0x31,0x59,0xbe,0x99,0xf7,0x47, 0x7a,0x31,0x7a,0x5c,0x72,0x56,0x52,0xcc,0xd6,0x31,0x95,0xd9,0x73,0x6d,0xf9,0xa9, 0x7e,0x6f,0x59,0x4e,0x57,0x0b,0xad,0x9f,0x99,0x7a,0xa3,0x8b,0xdf,0x51,0x44,0xda, 0x63,0x61,0xfe,0x9b,0xe2,0x82,0x88,0x20,0x5a,0xbc,0x9d,0x8b,0x41,0x1f,0x5f,0x38, 0x0a,0x56,0x15,0xce,0xfe,0x6d,0x3e,0x82,0x88,0xda,0x5f,0x43,0x01,0xfb,0x08, }, .reseed_ctr = 1, }, .gen1 = { .v = (unsigned char[]){ 0xcf,0x77,0x23,0xc1,0x4a,0xca,0x2d,0xef,0xf6,0x41,0x6c,0xab,0x23,0x7f,0xa4,0x87, 0x2d,0xb7,0xf4,0xaa,0x69,0x6a,0x37,0x4c,0x62,0x21,0x18,0xcd,0x78,0xf5,0xcc,0xb3, 0x22,0x9b,0x6b,0xf9,0xce,0x7a,0xde,0x30,0xf9,0x23,0x89,0x3e,0x90,0x27,0x2c,0xa2, 0x36,0x72,0xbc,0x98,0xda,0xea,0x39,0xca,0x18,0x52,0x1a,0xcc,0xc2,0x56,0x41,0xff, 0x36,0x00,0xf4,0x40,0x89,0x45,0x24,0x63,0x29,0x31,0x87,0xf2,0x41,0x98,0xca,0x38, 0x45,0x39,0xdd,0xaa,0xbb,0x5c,0x4b,0x72,0xb5,0x33,0xf1,0x51,0xec,0xcf,0x82,0x53, 0x6d,0xf2,0xcf,0x82,0x9a,0x69,0x41,0xf7,0x0b,0x95,0x49,0xe4,0xc2,0xd9,0x6e, }, .c = (unsigned char[]){ 0x61,0x67,0x19,0xd5,0xd6,0xa4,0xdf,0xd8,0x39,0x9e,0x41,0xf3,0x67,0x7e,0x12,0xcc, 0xbd,0x2e,0x3d,0x1e,0x1d,0xc5,0x7b,0xa0,0xb7,0x1d,0x1c,0x61,0x5a,0x50,0x14,0xd7, 0x33,0x63,0x7f,0x2c,0x6f,0x0a,0x5e,0x97,0xe7,0x78,0x31,0x59,0xbe,0x99,0xf7,0x47, 0x7a,0x31,0x7a,0x5c,0x72,0x56,0x52,0xcc,0xd6,0x31,0x95,0xd9,0x73,0x6d,0xf9,0xa9, 0x7e,0x6f,0x59,0x4e,0x57,0x0b,0xad,0x9f,0x99,0x7a,0xa3,0x8b,0xdf,0x51,0x44,0xda, 0x63,0x61,0xfe,0x9b,0xe2,0x82,0x88,0x20,0x5a,0xbc,0x9d,0x8b,0x41,0x1f,0x5f,0x38, 0x0a,0x56,0x15,0xce,0xfe,0x6d,0x3e,0x82,0x88,0xda,0x5f,0x43,0x01,0xfb,0x08, }, .reseed_ctr = 2, }, .gen2 = { .v = (unsigned char[]){ 0x30,0xde,0x3d,0x97,0x21,0x6f,0x0d,0xc8,0x2f,0xdf,0xae,0x9e,0x8a,0xfd,0xb7,0x53, 0xea,0xe6,0x31,0xc8,0x87,0x2f,0xb2,0xed,0x19,0x3e,0x35,0x2e,0xd3,0x45,0xe1,0x8a, 0x55,0xfe,0xeb,0x26,0x3d,0x85,0x3c,0xc8,0xe0,0x9b,0xba,0x98,0x4e,0xc1,0x24,0x3f, 0x77,0x1a,0x2c,0x1a,0x65,0x07,0x99,0x3f,0x08,0xe9,0x48,0x16,0x77,0x03,0x0d,0xa7, 0x8b,0xc5,0x13,0xcf,0x4d,0xf3,0x3e,0xf5,0xe1,0x61,0x09,0x2e,0xee,0x86,0xfb,0x21, 0x40,0x70,0x1b,0x20,0xdf,0x82,0xde,0x4c,0x3b,0xf0,0xe7,0x67,0x36,0xf6,0x24,0x82, 0xc7,0x94,0xff,0xd2,0x99,0x73,0x5f,0x49,0x13,0x23,0x77,0x8e,0xa4,0x72,0x8f, }, .c = (unsigned char[]){ 0x61,0x67,0x19,0xd5,0xd6,0xa4,0xdf,0xd8,0x39,0x9e,0x41,0xf3,0x67,0x7e,0x12,0xcc, 0xbd,0x2e,0x3d,0x1e,0x1d,0xc5,0x7b,0xa0,0xb7,0x1d,0x1c,0x61,0x5a,0x50,0x14,0xd7, 0x33,0x63,0x7f,0x2c,0x6f,0x0a,0x5e,0x97,0xe7,0x78,0x31,0x59,0xbe,0x99,0xf7,0x47, 0x7a,0x31,0x7a,0x5c,0x72,0x56,0x52,0xcc,0xd6,0x31,0x95,0xd9,0x73,0x6d,0xf9,0xa9, 0x7e,0x6f,0x59,0x4e,0x57,0x0b,0xad,0x9f,0x99,0x7a,0xa3,0x8b,0xdf,0x51,0x44,0xda, 0x63,0x61,0xfe,0x9b,0xe2,0x82,0x88,0x20,0x5a,0xbc,0x9d,0x8b,0x41,0x1f,0x5f,0x38, 0x0a,0x56,0x15,0xce,0xfe,0x6d,0x3e,0x82,0x88,0xda,0x5f,0x43,0x01,0xfb,0x08, }, .reseed_ctr = 3, }, .prnd = (unsigned char[]){ 0x5f,0x03,0xab,0x52,0x9b,0x9e,0xda,0xb5,0x5e,0x75,0xe4,0x89,0xbc,0xeb,0x0a,0xb6, 0xcb,0x9e,0xc6,0x25,0x5c,0x61,0x96,0xcd,0x07,0x53,0x97,0xb0,0x91,0xc3,0xeb,0x59, 0x8e,0x31,0x62,0x32,0x0c,0x71,0xe3,0x89,0xe1,0xd9,0xd6,0x2a,0x2d,0xe5,0x99,0x0c, 0x20,0x97,0x56,0x10,0x84,0xe1,0x3a,0xb4,0xb2,0x97,0x7f,0x99,0xc2,0x3d,0xaf,0x21, 0x4b,0xbf,0xeb,0x16,0x21,0x67,0xc9,0x33,0x86,0x0f,0xb2,0xcc,0x9f,0x80,0x07,0x9e, 0x17,0x89,0x39,0x62,0xff,0x03,0xa2,0x6b,0x2b,0x4b,0x83,0x8e,0x6d,0xe9,0xff,0x5e, 0x9d,0xcf,0xba,0x73,0xac,0xc6,0xee,0x76,0xc4,0x77,0xd1,0xf7,0x00,0x22,0x65,0xe6, 0x93,0x85,0x0a,0x26,0x0e,0x68,0x61,0x7f,0x13,0xb2,0x47,0x16,0xd8,0xdb,0x42,0xc9, 0xa8,0xf2,0xe0,0xbd,0x50,0x02,0x28,0x9a,0x86,0xb0,0x2a,0x84,0x5d,0x98,0x86,0xd3, 0xfd,0x05,0xd8,0xd8,0x5a,0xc7,0x7e,0xa6,0x01,0x92,0xa2,0x90,0x47,0x30,0x3a,0x03, 0xb5,0x1e,0x0e,0x70,0x8f,0xa0,0x02,0x05,0xb5,0xc0,0x3b,0x67,0xb7,0x78,0x74,0x05, 0x2c,0xe5,0x6d,0x5c,0xf3,0x8e,0x72,0x6d,0x60,0x8b,0xc0,0xef,0x8f,0xc2,0xa7,0xd2, 0x77,0x78,0xf4,0x7c,0x68,0x91,0x63,0x7b,0x63,0x1c,0xcc,0x6e,0x36,0xeb,0x89,0x3f, 0xe0,0x8a,0x5b,0x9f,0x55,0x71,0xbd,0x43,0x2c,0x82,0x6d,0x99,0x69,0x8f,0xd4,0x17, 0x9b,0xc5,0xcf,0xb0,0xd8,0xea,0x2d,0x55,0x5c,0x36,0xb7,0x05,0x68,0xc2,0x20,0x6b, 0x18,0xf3,0xbe,0xa1,0x4b,0x39,0x8d,0x2b,0x6a,0x00,0x12,0x2d,0x7a,0x44,0x7e,0xa3, }, }, { .no_reseed = true, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 256 / 8, .add_len = 256 / 8, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char[]){ 0xb1,0x48,0xb3,0x17,0xa2,0x68,0x62,0x8f,0x04,0xc9,0xa8,0x7a,0x0a,0xc5,0xf9,0x14, 0x98,0xb8,0x02,0x0f,0x4e,0x48,0x35,0x72,0x0c,0x1a,0x3c,0xc0,0x7b,0x05,0x0f,0xa2, }, .nonce = (unsigned char[]){ 0x2f,0x35,0xe5,0xb6,0x22,0xae,0xef,0xe7,0x56,0x05,0xc2,0x27,0x4e,0xc8,0xc6,0x96, }, .pers = (unsigned char[]){ 0xfc,0x52,0x7a,0x2f,0x16,0xb5,0x3c,0x51,0x3f,0x94,0x85,0x5b,0x35,0xce,0xa6,0x09, 0x0c,0x30,0x3d,0xcc,0x64,0x2e,0x98,0xed,0x5f,0x32,0x3a,0xba,0x0f,0x35,0xfa,0x27, }, .v = (unsigned char[]){ 0xc0,0xcb,0x7d,0x99,0x92,0xeb,0x7d,0x59,0x7e,0xbe,0x77,0x6d,0x6a,0x88,0x68,0x81, 0xc1,0x79,0x15,0xeb,0x90,0xb7,0x67,0x2d,0xee,0x5c,0x18,0xcb,0x10,0xd4,0xb9,0xfb, 0x7b,0x66,0x1d,0x0b,0xa6,0x8f,0x1b,0xef,0x72,0xbe,0xeb,0xc0,0x40,0x98,0x2c,0xe7, 0xcb,0xb2,0xd0,0xb9,0x0b,0xfd,0x3a,0xce,0x08,0xea,0x37,0xa3,0x3e,0x71,0x41,0x27, 0x18,0xb1,0xc0,0xe6,0x85,0x63,0xad,0x5b,0x35,0x3a,0x20,0xa5,0x84,0xad,0xf0,0x4c, 0xfa,0x4a,0x19,0x91,0x7c,0xf3,0x42,0xa1,0x3f,0x9f,0x51,0xbb,0x12,0xf3,0xe2,0x4b, 0x3b,0x1d,0xf0,0xf7,0x03,0xcb,0xa2,0x09,0x9f,0x63,0x2c,0x63,0x99,0xe7,0x4c, }, .c = (unsigned char[]){ 0x02,0xd6,0x77,0x70,0xe8,0x13,0x7f,0x9b,0x39,0x96,0x09,0x63,0xae,0xa6,0x82,0x73, 0xe2,0x6c,0x75,0x94,0x5b,0xe1,0x13,0x6a,0xc1,0x4a,0xdd,0xdc,0xa6,0x33,0x90,0x43, 0xdc,0xab,0x44,0xe7,0xd1,0x2b,0xf1,0x1d,0xc4,0x30,0xa9,0x67,0x26,0xa7,0xa0,0x29, 0xeb,0x0e,0xc0,0x39,0xe0,0x37,0x6a,0x12,0x45,0x48,0x1a,0xeb,0x7e,0x06,0x8a,0x12, 0xb7,0x5f,0x55,0xd5,0xad,0x5f,0xe6,0xe5,0xb2,0x37,0xad,0x50,0xbc,0x9e,0x2d,0x91, 0xb7,0xce,0xaa,0x3a,0x23,0xfb,0xbb,0x04,0x49,0xe1,0x6f,0xdb,0xab,0x57,0xde,0x0a, 0xef,0xd8,0xd1,0x7f,0x36,0x28,0x1c,0x74,0x25,0x90,0xda,0xf8,0x3c,0x14,0x3d, }, .reseed_ctr = 1, }, .gen1 = { .add = (unsigned char[]){ 0x2c,0xc9,0xf1,0x37,0xfc,0xd8,0xc2,0xd5,0x26,0xd7,0x00,0x93,0xfe,0x11,0xf9,0x0a, 0x0a,0x36,0xbc,0x97,0x64,0xa4,0xc5,0x60,0x90,0x72,0xe1,0x81,0xa2,0x49,0x45,0x16, }, .v =(unsigned char[]){ 0xc3,0xa1,0xf5,0x0a,0x7a,0xfe,0xfc,0xf4,0xb8,0x54,0x80,0xd1,0x19,0x2e,0xea,0xf5, 0xa3,0xe5,0x8b,0x7f,0xec,0x98,0x7a,0x98,0xaf,0xa6,0xf6,0xa7,0xb7,0x08,0x4a,0x3f, 0x58,0x11,0x61,0xf3,0x77,0xbb,0x0d,0x0d,0x36,0xef,0x95,0x27,0x67,0x3f,0xcd,0xf7, 0xc0,0xa6,0x8e,0x23,0x93,0x29,0x5e,0xdc,0x31,0x2d,0x32,0xc1,0x89,0xf7,0x7c,0xbb, 0x60,0xbe,0xdc,0x1e,0x7c,0x7a,0x16,0x77,0x81,0x5f,0x06,0x6f,0x70,0x37,0x43,0xfb, 0xcc,0xbe,0x3b,0x59,0x24,0x35,0x4e,0x7a,0xd0,0x88,0xd1,0xde,0xd4,0x1a,0x70,0x39, 0xbb,0x52,0x6a,0x91,0xef,0x70,0xe1,0xb1,0xdf,0xc9,0x39,0xc3,0xcc,0x04,0x58, } , .c = (unsigned char[]){ 0x02,0xd6,0x77,0x70,0xe8,0x13,0x7f,0x9b,0x39,0x96,0x09,0x63,0xae,0xa6,0x82,0x73, 0xe2,0x6c,0x75,0x94,0x5b,0xe1,0x13,0x6a,0xc1,0x4a,0xdd,0xdc,0xa6,0x33,0x90,0x43, 0xdc,0xab,0x44,0xe7,0xd1,0x2b,0xf1,0x1d,0xc4,0x30,0xa9,0x67,0x26,0xa7,0xa0,0x29, 0xeb,0x0e,0xc0,0x39,0xe0,0x37,0x6a,0x12,0x45,0x48,0x1a,0xeb,0x7e,0x06,0x8a,0x12, 0xb7,0x5f,0x55,0xd5,0xad,0x5f,0xe6,0xe5,0xb2,0x37,0xad,0x50,0xbc,0x9e,0x2d,0x91, 0xb7,0xce,0xaa,0x3a,0x23,0xfb,0xbb,0x04,0x49,0xe1,0x6f,0xdb,0xab,0x57,0xde,0x0a, 0xef,0xd8,0xd1,0x7f,0x36,0x28,0x1c,0x74,0x25,0x90,0xda,0xf8,0x3c,0x14,0x3d, }, .reseed_ctr = 2, }, .gen2 = { .add = (unsigned char[]){ 0xe4,0x03,0x61,0x24,0x5b,0x91,0x88,0x0e,0x30,0x8f,0xb7,0x77,0xc2,0x8b,0xbf,0xae, 0xa5,0x98,0x2e,0x45,0xfe,0xcb,0x77,0x57,0xbb,0x1c,0x9d,0xe2,0xdf,0x9d,0xc6,0x12, }, .v = (unsigned char[]){ 0xc6,0x78,0x6c,0x7b,0x63,0x12,0x7c,0x8f,0xf1,0xea,0x8a,0x34,0xc7,0xd5,0x6d,0x69, 0x86,0x52,0x01,0x14,0x48,0x79,0x8e,0x03,0x70,0xf1,0xd4,0x84,0x5d,0x3b,0xda,0x83, 0x34,0xbc,0xa6,0xdb,0x48,0xe6,0xfe,0x2a,0xfb,0x20,0x3e,0x8e,0x8d,0xe7,0x6e,0xe5, 0x30,0x94,0x36,0x9e,0x68,0xb3,0x2d,0xb7,0xe1,0xf7,0x18,0x53,0xc1,0xa3,0x0b,0x9c, 0xb5,0x5b,0x06,0x7b,0x9a,0x19,0x87,0xe9,0x18,0x80,0xf2,0xc8,0xdc,0x5d,0x77,0xec, 0x26,0x7c,0x12,0xcb,0x99,0xeb,0xf4,0xc3,0xf0,0xe1,0x3d,0xa4,0x74,0x45,0xe0,0xec, 0x23,0x49,0xa7,0x1d,0x34,0x16,0x8e,0x33,0xfe,0xbb,0x65,0x7f,0x8d,0x12,0xc7, }, .c = (unsigned char[]){ 0x02,0xd6,0x77,0x70,0xe8,0x13,0x7f,0x9b,0x39,0x96,0x09,0x63,0xae,0xa6,0x82,0x73, 0xe2,0x6c,0x75,0x94,0x5b,0xe1,0x13,0x6a,0xc1,0x4a,0xdd,0xdc,0xa6,0x33,0x90,0x43, 0xdc,0xab,0x44,0xe7,0xd1,0x2b,0xf1,0x1d,0xc4,0x30,0xa9,0x67,0x26,0xa7,0xa0,0x29, 0xeb,0x0e,0xc0,0x39,0xe0,0x37,0x6a,0x12,0x45,0x48,0x1a,0xeb,0x7e,0x06,0x8a,0x12, 0xb7,0x5f,0x55,0xd5,0xad,0x5f,0xe6,0xe5,0xb2,0x37,0xad,0x50,0xbc,0x9e,0x2d,0x91, 0xb7,0xce,0xaa,0x3a,0x23,0xfb,0xbb,0x04,0x49,0xe1,0x6f,0xdb,0xab,0x57,0xde,0x0a, 0xef,0xd8,0xd1,0x7f,0x36,0x28,0x1c,0x74,0x25,0x90,0xda,0xf8,0x3c,0x14,0x3d, }, .reseed_ctr = 3, }, .prnd = (unsigned char[]){ 0x66,0xad,0x04,0x8b,0x4d,0x2d,0x00,0x32,0x23,0xc6,0x4d,0xd9,0x82,0x7c,0xc2,0x2e, 0xd3,0xec,0x8f,0xcb,0x61,0x20,0x9d,0x19,0x96,0x19,0x17,0x75,0x92,0xe9,0xb8,0x92, 0x26,0xbe,0x30,0xb1,0x93,0x0b,0xdd,0x74,0x9f,0x30,0xed,0x09,0xda,0x52,0xab,0xaa, 0x2e,0x59,0x9a,0xfa,0xf9,0x19,0x03,0xe7,0xa2,0xb5,0x9f,0xfb,0x8f,0xd4,0x70,0xe6, 0x60,0x44,0x85,0xa2,0x7c,0x20,0x0d,0x37,0x5f,0xef,0xf6,0x21,0x11,0x85,0x95,0xa7, 0xa3,0x05,0x7b,0x7e,0x31,0xea,0xdc,0x06,0x87,0xb1,0x00,0x8c,0x3c,0xb2,0xc7,0x43, 0x5a,0x57,0x04,0xb1,0xa1,0xa6,0xa3,0x48,0x7d,0x60,0xfd,0x14,0x79,0x3c,0x31,0x48, 0x6a,0xf7,0x65,0xce,0x2c,0xe1,0x82,0xde,0x88,0x11,0x24,0x45,0xdd,0x5f,0xf1,0x1b, 0x25,0x6c,0xfd,0xa0,0x70,0x18,0xb9,0x5f,0x97,0xed,0xba,0xb4,0xe4,0xc3,0x9c,0xa0, 0x97,0xc4,0x2f,0x9d,0xce,0x80,0xcd,0x3f,0x32,0x67,0x7f,0x3c,0x22,0x4a,0x86,0xb3, 0x15,0xd0,0x2e,0x37,0x7d,0xca,0x8f,0x37,0x85,0xe9,0x74,0x8f,0xfd,0xbe,0x3f,0xca, 0xa3,0xb0,0xc6,0xbf,0x00,0x1b,0x63,0xb5,0x74,0x26,0x83,0x63,0x58,0xe9,0xb3,0x15, 0xc6,0x71,0x8e,0x0b,0x74,0xfb,0x82,0xb9,0xbf,0x3d,0xf7,0x00,0xa6,0x41,0xab,0x94, 0x11,0xd1,0xb9,0xfb,0xa4,0x23,0x09,0xa8,0x4b,0xef,0x67,0xa1,0x42,0x04,0xf3,0x16, 0x0e,0xd1,0x6a,0x54,0x97,0xfe,0x21,0x1a,0xa1,0xf5,0xd3,0xae,0x4b,0x85,0x8b,0x6d, 0x44,0x5f,0x1d,0x09,0x45,0x43,0xd0,0x10,0x7c,0xe0,0x4e,0xf1,0xd1,0xba,0x33,0xab, }, }, { .no_reseed = false, .pr = true, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 0, .add_len = 0, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char[]){ 0x73,0xc9,0xb1,0x15,0xb7,0xef,0xb0,0xa6,0x32,0x44,0xd7,0x49,0x3a,0xe5,0x82,0x05, 0x99,0xd7,0xce,0xe5,0xca,0x05,0x4d,0xb2,0xf7,0x26,0x9b,0xa7,0xf6,0x21,0xbd,0xca, }, .nonce = (unsigned char[]){ 0xc2,0x04,0xe6,0xde,0x78,0x9b,0x03,0x94,0xfb,0xbe,0x66,0x63,0x46,0x6e,0xfc,0xea, }, .v = (unsigned char[]){ 0xf7,0xba,0x3c,0xf1,0x65,0xbe,0x38,0x8f,0x1e,0x05,0x02,0xac,0x63,0x92,0x02,0x21, 0xd2,0x7c,0x05,0x1e,0x44,0x7e,0xc3,0xd3,0x08,0x91,0x4d,0xa7,0xfe,0x17,0x6c,0xc7, 0xfb,0x91,0x46,0xdc,0x86,0x0e,0x5a,0x5a,0xda,0x53,0xda,0x7d,0x8b,0xb8,0xf6,0x7a, 0xc8,0xe2,0x5f,0xe9,0x44,0xd4,0x53,0xf0,0x99,0x75,0x6b,0xc5,0xae,0x58,0xef,0xbf, 0x80,0x2d,0x07,0x83,0x01,0xf8,0xdf,0xad,0x9c,0x9e,0xd4,0xb3,0x3c,0x56,0x0f,0x43, 0xe4,0x9b,0xf4,0xfb,0xd3,0x53,0x48,0x00,0xac,0xeb,0xd1,0xf2,0xc3,0x81,0x77,0x2b, 0x21,0x33,0xe4,0xff,0x46,0x9e,0xa4,0x99,0x65,0xd9,0xc2,0x57,0x58,0xf2,0xab, }, .c = (unsigned char[]){ 0x20,0xc0,0xbc,0xf1,0x5a,0x1e,0xd3,0xb5,0x89,0x0f,0xb3,0xc7,0xc7,0x55,0xfe,0x2f, 0x57,0x45,0x93,0x0d,0xa0,0xf6,0x53,0x03,0x04,0xe3,0xed,0xfa,0xec,0x45,0x69,0xc8, 0x79,0x60,0x64,0x7f,0xa1,0xda,0xc7,0x1c,0x31,0x61,0xe4,0xaf,0xde,0x6b,0x87,0xd4, 0x1f,0x1b,0x1b,0x9a,0xbf,0x7f,0x5b,0x5f,0x63,0xa6,0x7c,0xd6,0xa6,0x05,0xaf,0xf2, 0x31,0x1d,0x7b,0x46,0xea,0xdd,0xf9,0x75,0x29,0x9a,0x13,0x2c,0xc3,0xc2,0x72,0xcc, 0x4e,0x6f,0x48,0xe2,0x31,0xcf,0x1c,0x75,0x07,0xbf,0xaf,0x32,0x86,0xcd,0xc9,0x2a, 0xe9,0x67,0xe4,0x31,0xc5,0xef,0x70,0xb1,0x9e,0x06,0x6b,0x51,0x9f,0xbc,0x3a, }, .reseed_ctr = 1, }, .gen1 = { .entropy = (unsigned char[]){ 0xcf,0xce,0xf3,0x77,0x6b,0x37,0x64,0x9a,0x7f,0x6d,0x2b,0x48,0xf4,0x43,0xda,0x79, 0xa2,0xf2,0xf8,0x1d,0x04,0xf3,0xaf,0x98,0x53,0xa9,0xe6,0x96,0xc4,0x48,0x74,0x40, }, .v = (unsigned char[]){ 0xda,0xd2,0x1f,0x2d,0x3f,0xda,0x88,0x4e,0x22,0xda,0x80,0x0f,0xaa,0xee,0x0e,0x2e, 0xb5,0xb0,0x21,0x2f,0x4a,0x37,0x4d,0x7c,0x6f,0x94,0x6e,0x4f,0x7f,0xad,0x8a,0x71, 0xe9,0x3e,0xb0,0xb8,0xd7,0xea,0xeb,0x55,0x44,0x7c,0x51,0x0c,0xe4,0x41,0xa9,0x9c, 0x8b,0xf8,0x2b,0xe1,0xa7,0x70,0x8b,0x43,0x43,0xaf,0x52,0xc3,0xad,0x8f,0xbc,0x2f, 0x29,0x6b,0x29,0xac,0x89,0xeb,0x46,0x9c,0x71,0xa4,0x1f,0x80,0x02,0xdb,0xe4,0x9f, 0xf2,0xac,0x70,0x93,0xb0,0x61,0xb7,0xf7,0x62,0xa3,0x3b,0xf8,0x4c,0xe7,0x19,0x02, 0x40,0xe8,0xa3,0xfd,0x9c,0x02,0x66,0x3b,0xcb,0x80,0xdd,0xac,0x63,0xac,0x98, }, .c = (unsigned char[]){ 0x5d,0x6d,0x9b,0xb3,0x5c,0xf2,0x29,0x19,0xda,0xc5,0x05,0x76,0x96,0x64,0x23,0xbf, 0xb4,0x62,0x32,0x3d,0x1a,0x04,0x3c,0x00,0xa8,0x56,0x50,0x63,0xfc,0x8a,0x8e,0x2d, 0x75,0x99,0x26,0xf7,0xb4,0xda,0x65,0x33,0xe0,0x9b,0xe2,0xbe,0xd5,0x33,0x51,0xe4, 0x68,0xec,0x32,0x50,0x63,0x0f,0x4d,0xd9,0x4e,0xc8,0xa6,0xbb,0x20,0xa2,0x74,0x9b, 0x18,0x32,0xfc,0x5e,0xa5,0x4f,0xa5,0xed,0xe8,0x70,0x31,0xa6,0xbe,0x21,0xfe,0xa5, 0x65,0x73,0x7f,0xb7,0xf5,0x07,0xac,0x22,0xbd,0xe3,0x83,0xad,0x69,0xcc,0xe9,0x59, 0xbd,0xf8,0xea,0xef,0x21,0xf3,0x9e,0xff,0xa5,0x25,0x59,0x6b,0x89,0xf1,0xda, }, .reseed_ctr = 2, }, .gen2 = { .entropy = (unsigned char[]){ 0xd0,0x63,0x8e,0x28,0xca,0xe8,0xd1,0xc0,0xf5,0x72,0x09,0xd6,0x77,0xd8,0x89,0xd1, 0x95,0xa6,0x72,0x02,0x3c,0xb8,0xad,0xe3,0x9f,0x79,0x49,0x89,0xe1,0xda,0xee,0x34, }, .v = (unsigned char[]){ 0xb3,0xc0,0x3b,0x5a,0x64,0x2f,0xc9,0x4f,0xb6,0x63,0xc4,0x7c,0xc7,0xbc,0xcf,0x61, 0x81,0x5d,0x8e,0x94,0xf8,0x2a,0x3b,0x59,0x03,0x17,0xed,0x7e,0xa6,0x02,0xb4,0xde, 0x8c,0x27,0xdc,0x9e,0x42,0x66,0xa7,0x98,0x57,0xc8,0xbd,0xb9,0x8c,0x84,0x9e,0xd0, 0x88,0x17,0x86,0x13,0xc4,0xda,0x20,0x99,0x93,0x20,0x42,0x33,0xbb,0xa7,0xc1,0xe8, 0x0a,0xe5,0xcb,0x6a,0xf9,0x0d,0x6b,0x7f,0x09,0x17,0xf8,0x0b,0x5b,0x0c,0xc8,0x54, 0x90,0xe3,0xa1,0xce,0x0e,0xe1,0x0f,0xb9,0x53,0x96,0x2a,0xd6,0x40,0x0f,0xf1,0x54, 0x28,0x6d,0xdf,0x29,0xd9,0xc0,0xa0,0x04,0x7b,0xf0,0x60,0x95,0xc8,0xa1,0x27, }, .c = (unsigned char[]){ 0x1f,0xff,0x76,0x2e,0x53,0x76,0x82,0x21,0xd1,0xc8,0x64,0xa1,0x8e,0xb4,0x84,0xd4, 0x69,0x30,0x50,0x11,0xf8,0x9d,0x1a,0x6c,0xca,0x4a,0x21,0x6f,0x64,0x01,0x03,0xe2, 0x19,0x65,0xbc,0xb2,0x5f,0xed,0x86,0xd4,0x0d,0xdb,0x2f,0xa9,0xbb,0xee,0x7f,0x81, 0x43,0x1c,0xe4,0xc9,0x98,0x53,0x09,0xd8,0x2a,0xc2,0xf1,0x33,0xa9,0x31,0x6f,0xd3, 0x42,0xb2,0x64,0x96,0xcb,0xe0,0x89,0x3f,0x53,0x6c,0xbc,0x52,0x8a,0x02,0x11,0x6e, 0xf7,0xf4,0x47,0x90,0x29,0x0a,0x4a,0x57,0x41,0x7e,0xfb,0xc5,0xd2,0xc7,0xb7,0x48, 0xad,0x1a,0x4e,0x6e,0x13,0xff,0x32,0xfb,0x83,0x12,0x5b,0x9c,0x0f,0xd6,0x47, }, .reseed_ctr = 2, }, .prnd = (unsigned char []){ 0x04,0x74,0x4d,0x1d,0x42,0x60,0x19,0x95,0xfa,0x3b,0x10,0x1d,0xed,0x3d,0x25,0x31, 0xcb,0xf4,0x5a,0xfd,0x83,0x12,0x0d,0x58,0xeb,0x26,0x59,0x4a,0x86,0x3b,0xd8,0x31, 0x83,0x11,0xb0,0x8d,0x3d,0xf4,0xc5,0x71,0xa9,0xc2,0x6d,0xff,0x63,0xa3,0xe9,0x91, 0x3a,0x9a,0x17,0xa7,0xc4,0x55,0x18,0x6f,0xdf,0xdd,0x90,0xc6,0x64,0xa8,0x4b,0x73, 0xa1,0x10,0x6a,0x5a,0x82,0xf7,0x41,0xbd,0x4c,0x7a,0x48,0xbd,0x04,0x6c,0x26,0x8d, 0x89,0x19,0xef,0xc9,0x41,0xf8,0xb4,0x5a,0x3c,0x3d,0x89,0xcf,0x37,0x14,0x1b,0x5c, 0x41,0xb1,0x0f,0xf5,0x43,0xa6,0x92,0x62,0x72,0xd6,0x23,0xad,0x8e,0xcc,0xd0,0x26, 0x55,0x20,0x90,0xad,0xcf,0xac,0xb1,0x24,0xf4,0x7c,0x4a,0xd6,0x2b,0xe9,0x0e,0xa5, 0xa0,0xa7,0x08,0x7d,0x81,0x45,0x84,0x45,0x81,0x3a,0xf8,0x8f,0xfb,0x5a,0x8c,0x35, 0x19,0xf9,0x77,0x13,0x1c,0xc8,0x51,0xcb,0x44,0x54,0xb0,0xa7,0x56,0xc8,0x37,0x3f, 0x05,0x23,0x82,0x43,0x5a,0xb9,0x34,0x71,0x8c,0x95,0x51,0x77,0x36,0x33,0x89,0xc0, 0x6b,0x0b,0x50,0x73,0x47,0x8e,0x84,0xd2,0x53,0xff,0x02,0xa3,0xf1,0xbe,0xf1,0xbb, 0xf1,0x33,0x8f,0x77,0xf9,0x2f,0x02,0x9f,0x63,0x8a,0x46,0x91,0xc4,0x8c,0x47,0x0d, 0x30,0xd2,0x30,0xf0,0x07,0xf5,0x45,0xe0,0x22,0xf6,0x6c,0x78,0xa1,0x30,0x69,0x78, 0x14,0xaa,0x55,0xd2,0x00,0x0a,0x49,0x55,0x3b,0xef,0x35,0xfa,0xb5,0x80,0x8e,0x2f, 0x3c,0xbb,0x38,0xc4,0x05,0x61,0x1f,0xa8,0x14,0x44,0x12,0x4e,0x3f,0x89,0xe1,0xe8, }, }, { .no_reseed = false, .pr = true, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 0, .add_len = 256 / 8, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char[]){ 0x7b,0xa8,0x43,0x1c,0x16,0xfb,0x16,0xd1,0x12,0x15,0x09,0xf2,0x25,0xab,0xd5,0xb3, 0x7a,0x25,0xb0,0xc5,0xc0,0x69,0xb7,0x45,0x4c,0x22,0x66,0x26,0x9c,0xf2,0x6e,0x1b, }, .nonce = (unsigned char[]){ 0x7f,0x04,0x48,0x2b,0x3a,0x14,0xd8,0xfc,0x7a,0x29,0x81,0x6a,0x27,0xca,0x66,0xa2, }, .v = (unsigned char[]){ 0xa3,0x30,0x40,0xd0,0x3d,0x1a,0x6b,0x5e,0xd9,0x31,0x9a,0x37,0xa0,0xac,0x8b,0x63, 0x91,0x0c,0x2b,0xb0,0x27,0x79,0x5f,0xd7,0x81,0xfb,0x9b,0xbf,0x8a,0xa9,0xdc,0xac, 0x73,0xb3,0x27,0x6c,0xdf,0x04,0x8d,0x05,0xd7,0x33,0x2c,0x65,0xd0,0x63,0xaf,0xac, 0x34,0x55,0x88,0x1e,0xf7,0x78,0xfc,0xc5,0xcf,0x12,0xf2,0x5f,0xcf,0x5f,0xe6,0xb3, 0xd4,0x1c,0xc3,0xf3,0xfb,0x0d,0x9f,0xd9,0x56,0x7d,0xa8,0x10,0x87,0x51,0xe5,0xef, 0x5b,0x54,0xb9,0xae,0x1e,0x2f,0xb3,0x00,0x58,0x6b,0x9f,0xce,0x2c,0x00,0xaf,0xb0, 0xf5,0xb1,0x97,0xd0,0x8d,0x16,0x17,0xf5,0x49,0x6b,0x7a,0xdb,0x2c,0x9f,0x2c, }, .c = (unsigned char[]){ 0x8d,0x06,0xa0,0x3f,0x5d,0x2f,0x9a,0x9c,0x40,0xd1,0x6b,0x34,0xa5,0xd3,0x4e,0xa8, 0xcd,0x00,0x1b,0x79,0x77,0xfc,0xcd,0x67,0x2d,0xde,0x8b,0xff,0xe4,0x87,0xf6,0x3f, 0x60,0x89,0x9a,0xbf,0x3e,0x57,0xc4,0x2d,0x57,0xba,0x3f,0x00,0xdb,0x41,0x1e,0x57, 0x13,0x7f,0x14,0x12,0xf9,0x47,0xf3,0xc3,0xb0,0x31,0x56,0x99,0x27,0x1c,0xbf,0xc3, 0xa8,0xa1,0xf3,0x03,0x26,0x21,0xa0,0xa7,0xdf,0xc4,0x82,0xa9,0xc3,0x6a,0x8c,0x6a, 0x5a,0x15,0xb0,0x89,0xca,0x69,0xea,0x8d,0xe9,0xa9,0xcb,0x86,0x44,0x79,0x72,0x52, 0x19,0x32,0xc0,0xe1,0x47,0x45,0x5f,0xf3,0xcc,0x07,0x06,0x05,0x81,0xa7,0xb2, }, .reseed_ctr = 1, }, .gen1 = { .add = (unsigned char[]){ 0x64,0x65,0x3b,0x87,0x53,0x59,0xf3,0xab,0x5d,0x96,0xaa,0x49,0x4d,0x44,0x66,0x90, 0x22,0xb4,0x8c,0xa5,0xc1,0xc1,0xf7,0x6a,0x18,0x14,0xb7,0x65,0x51,0x99,0xdb,0xf3, }, .entropy = (unsigned char[]){ 0xd0,0x52,0x01,0x36,0x5d,0x2b,0xcc,0xf9,0xa6,0x58,0x04,0xb2,0x3b,0xba,0x82,0xbf, 0xb6,0x55,0x96,0xd4,0x2f,0xc5,0x1c,0xc5,0x29,0x22,0x08,0x1d,0x6e,0x50,0x74,0xa2, }, .v = (unsigned char[]){ 0x05,0x3b,0x46,0xee,0x13,0x54,0x25,0xf9,0x99,0x32,0xb0,0x06,0x57,0x22,0x11,0xf3, 0xb5,0xa1,0x68,0x11,0x11,0x12,0x76,0x99,0xb9,0x26,0x6e,0xc3,0x73,0xed,0xf7,0x83, 0x60,0xfa,0x5f,0x7e,0xbf,0x3d,0x8b,0x22,0xc3,0xfe,0x78,0x51,0x48,0x83,0x25,0x37, 0xe7,0x33,0x5f,0x02,0x0b,0x59,0x5a,0x97,0x35,0xeb,0xc5,0xb7,0x26,0x66,0xf6,0xbf, 0x2b,0x50,0xa2,0x0a,0xe1,0xc0,0x5a,0x68,0xb7,0xfa,0xd6,0x0f,0x36,0x52,0x1c,0x46, 0x27,0x2b,0xff,0x70,0x7f,0x66,0xbb,0xfa,0x2a,0xb4,0x66,0x6f,0xfc,0x2a,0x56,0x9d, 0x8e,0xfc,0x30,0x27,0xfb,0x3b,0x48,0x83,0x04,0xfb,0x38,0xfb,0xd6,0x2e,0x16, }, .c = (unsigned char[]){ 0x60,0xdc,0x33,0x8e,0x05,0x60,0xbe,0x50,0x39,0x6b,0x94,0x57,0xd4,0x55,0x83,0xb3, 0x03,0x7e,0x2f,0xd0,0x91,0xd4,0xb2,0x1d,0x25,0xbb,0x2d,0xb4,0xde,0x15,0xc5,0xdf, 0x11,0xe9,0x00,0x84,0x4c,0xca,0x4c,0xe5,0x3f,0x38,0x8e,0x4d,0x9d,0xcb,0xa4,0x3e, 0x91,0xa8,0xc1,0x15,0xdc,0x0f,0x89,0x9a,0xfc,0x15,0xa6,0xa9,0xda,0x9b,0x73,0x4c, 0x52,0x18,0x7c,0xf2,0x6a,0xe9,0xc7,0x60,0x93,0xce,0x1e,0x91,0x27,0xf7,0xb8,0x2a, 0x16,0x42,0x9b,0x4f,0x05,0xde,0xdb,0x89,0x4f,0x1e,0x3f,0x93,0x79,0x52,0x3a,0x6c, 0x0b,0x06,0xd5,0x4d,0xda,0x25,0x65,0x8e,0xe8,0x49,0x5a,0x0e,0x0a,0x9f,0x91, }, .reseed_ctr = 2, }, .gen2 = { .add = (unsigned char[]){ 0x1e,0x50,0x04,0xc4,0xc2,0xf8,0x50,0xfa,0x6b,0xe2,0xe0,0x17,0x10,0xa4,0xdf,0x0e, 0x57,0x63,0x00,0xff,0x4f,0xc4,0xde,0x40,0xe9,0xc9,0x13,0x58,0xf2,0x6f,0xd4,0x08, }, .entropy = (unsigned char[]){ 0x59,0x18,0x5a,0x07,0xb2,0x0d,0xec,0x58,0x57,0xb7,0x9d,0xda,0xb2,0x8d,0x46,0xa5, 0x2e,0x4b,0x0a,0xad,0x9d,0xf9,0xcd,0xb7,0x76,0x13,0x38,0x54,0xaa,0xc0,0xdb,0x3e, }, .v = (unsigned char[]){ 0x2e,0x54,0xe1,0x54,0x44,0xb8,0x43,0x9e,0x2e,0x06,0x6c,0xf2,0x3d,0x94,0x88,0x0b, 0x72,0xe6,0xfd,0x3e,0xb4,0x3c,0xfd,0xa7,0xd8,0x91,0x0a,0xcb,0x89,0xc0,0xbd,0x76, 0x31,0x21,0x52,0xe6,0x91,0x18,0x9d,0x44,0x75,0x78,0xc2,0x7c,0x7b,0xdf,0xb0,0x7c, 0x2c,0x4a,0x0e,0x49,0x87,0xe3,0xf7,0x96,0xcd,0xa9,0xa0,0x0f,0x99,0xb9,0x5e,0x3d, 0xb9,0xa1,0x9a,0xf2,0xdc,0x24,0x1b,0x71,0x4d,0xba,0x0a,0x86,0x14,0xa4,0xa7,0x28, 0xe5,0xbc,0xb9,0x92,0xf8,0x1e,0x49,0x6c,0xa4,0x68,0x8a,0xdd,0x84,0x37,0x58,0x89, 0x52,0xbf,0x8b,0x16,0x7c,0xc6,0xdb,0x30,0x81,0x00,0xd8,0xf6,0xa3,0x1c,0x77, }, .c = (unsigned char[]){ 0x06,0x3f,0x41,0xe9,0x7b,0xe2,0x0f,0xcf,0x7f,0x74,0xa3,0xad,0x28,0x3c,0x6c,0x4e, 0x77,0xe3,0x43,0x1f,0x4d,0x36,0x09,0x10,0x54,0xa7,0xd3,0xf6,0x4d,0x45,0x07,0xc5, 0x25,0x66,0x4e,0x2b,0xd4,0x45,0xe2,0xb8,0x2c,0x6a,0xf4,0x37,0xf7,0x4f,0xe8,0x02, 0x91,0x9c,0x4a,0x09,0x30,0xe8,0x65,0x5e,0xe2,0x0d,0x9c,0x6c,0x7d,0x9c,0x7c,0x2f, 0xb1,0xab,0xdc,0xa2,0x58,0xb7,0x5d,0x22,0x3e,0xb0,0xfd,0xbc,0xea,0x7e,0x68,0xb8, 0xa8,0xe6,0x21,0x5f,0xea,0xee,0x03,0xcf,0x1f,0xed,0x7e,0x7c,0x6b,0x2a,0x4f,0xb9, 0x3e,0x1b,0xdb,0x43,0x97,0x0d,0x6c,0xa2,0xfd,0x97,0x03,0x65,0x05,0x51,0x76, }, .reseed_ctr = 2, }, .prnd = (unsigned char[]){ 0x16,0x23,0x2b,0x52,0x84,0xea,0x1a,0x8a,0xad,0xca,0x65,0x67,0x79,0x08,0xba,0x74, 0xc9,0x70,0xab,0x6c,0x34,0x6b,0xe4,0xe6,0x78,0x96,0x25,0xc5,0xdc,0x10,0xe5,0xac, 0xa1,0xe6,0xb8,0x53,0xfe,0x17,0x4b,0xc1,0x16,0xa0,0x58,0x2b,0xa7,0xe0,0x7b,0x20, 0xf6,0x98,0xea,0xbf,0xb9,0x1c,0x89,0xce,0x5b,0x87,0x23,0x26,0x36,0xbe,0xf1,0x6e, 0x5a,0x96,0x6d,0x00,0x73,0xd4,0xe9,0x2a,0x89,0x73,0x5c,0x39,0x7d,0xbb,0xdf,0x80, 0xbc,0xf9,0xc3,0x10,0xa5,0xae,0xc9,0x8a,0xd0,0x77,0x64,0x3a,0xde,0x1d,0x87,0x37, 0xd4,0x08,0xb7,0x88,0xd9,0x0c,0x6b,0x53,0x8d,0x10,0xda,0x03,0x91,0xd9,0xea,0x87, 0xe7,0x4a,0x7f,0x8d,0x05,0x27,0xb1,0xd0,0xed,0xf7,0x60,0xc6,0x9a,0xcf,0xac,0xca, 0xdd,0x29,0xbc,0x69,0xb2,0x74,0xcf,0x08,0xfd,0x2a,0x50,0x6d,0x8d,0x58,0x8b,0x4d, 0xee,0xfc,0x67,0xa3,0x1a,0xeb,0x43,0x83,0x1c,0x09,0x6e,0x3c,0xa7,0x06,0x6b,0x43, 0x45,0xb2,0x69,0x16,0xd3,0xc5,0xf8,0x31,0x82,0x40,0x6b,0x44,0x8c,0xea,0x0f,0xb0, 0xd1,0xc6,0x20,0xd8,0x75,0xa1,0x07,0xa6,0xd8,0xd0,0xd3,0xb1,0x2e,0xab,0xb4,0x04, 0xe8,0x0c,0x86,0x08,0xe7,0x14,0xac,0x43,0xd6,0xe9,0x62,0xc9,0x7e,0xf2,0x2e,0x88, 0xc9,0xac,0x66,0x2d,0x48,0x4d,0x24,0xe2,0xa8,0xcf,0x03,0x98,0xe0,0x91,0x85,0xe3, 0x36,0x80,0xb1,0x25,0x95,0xe9,0x77,0x62,0x37,0x14,0xb3,0xf7,0x09,0xb6,0xfd,0xdc, 0x18,0x61,0xc5,0x3c,0x4a,0xfd,0xb3,0xfd,0xed,0xf7,0xdc,0x4d,0xcf,0x5b,0xb0,0xe2, }, }, { .no_reseed = false, .pr = true, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 256 / 8, .add_len = 0, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char []){ 0x62,0xba,0x7f,0x80,0xb7,0x78,0xdf,0x98,0x6a,0x17,0x68,0x7f,0xc2,0xd2,0x41,0xc1, 0x7d,0x8a,0xe0,0x9d,0x26,0xef,0x1a,0xfe,0x06,0x95,0x7b,0xfc,0x1e,0x94,0x14,0xcd, }, .nonce = (unsigned char []){ 0x1a,0xcd,0x0e,0xd5,0xaa,0xa6,0xb9,0x6a,0xb1,0x7e,0x23,0x20,0x87,0xb7,0x1d,0xe6, }, .pers = (unsigned char []){ 0x5e,0x44,0x97,0x60,0x37,0xe2,0x92,0x13,0x53,0x14,0x1e,0x0e,0xcf,0x0c,0x56,0x20, 0x6b,0xd8,0x5c,0x05,0x19,0x43,0xe7,0xb8,0x10,0xbd,0x0e,0xf8,0xe5,0xd3,0xa0,0x2a, }, .v = (unsigned char []){ 0x93,0x2b,0xba,0x3b,0x03,0xb0,0x11,0xad,0xef,0x52,0x87,0xc1,0x49,0xc5,0x42,0x57, 0x03,0x15,0x9f,0x64,0x1a,0xad,0x52,0xf9,0xd9,0x44,0xf4,0x25,0xf5,0x4c,0x49,0x72, 0xd8,0x7e,0x01,0xe8,0xf2,0x66,0xcc,0x61,0xdc,0xaa,0x0d,0x9d,0x4e,0xc9,0xc6,0xb9, 0x2b,0x7e,0x6a,0x29,0x63,0xf4,0x53,0x78,0xbf,0x63,0x19,0x27,0x63,0xca,0xcf,0x58, 0x01,0xc3,0x7d,0x47,0x6e,0xf3,0x9a,0x4b,0x7a,0x2f,0x44,0x13,0x44,0xbe,0x96,0xeb, 0x72,0x04,0xb3,0xd7,0xd4,0x20,0x2f,0xbf,0x67,0xae,0x8a,0x57,0x1a,0x66,0x61,0xe2, 0x86,0x34,0x8c,0xaa,0xc9,0x13,0x8b,0x89,0x68,0x7d,0x9f,0x8e,0x94,0x02,0xb6, }, .c = (unsigned char []){ 0x43,0x45,0xf7,0x0e,0x8e,0x44,0x16,0xf0,0x92,0xdd,0xe1,0x9b,0x10,0x74,0x12,0x33, 0xec,0x6b,0xe1,0x57,0x54,0x47,0xb9,0xb6,0xff,0x3e,0x06,0xc9,0x4c,0x61,0x0d,0xfc, 0xf7,0xd8,0xc3,0xc8,0x25,0x23,0x38,0x89,0x0f,0x5d,0xf7,0x05,0x4d,0x2e,0x3e,0xc2, 0xa2,0xf0,0x7f,0x6a,0x01,0x30,0x20,0x6b,0x8b,0x87,0x51,0x7e,0x8f,0x0b,0xec,0xe7, 0x5c,0x31,0x34,0x78,0x9f,0xea,0x34,0x88,0x04,0xa7,0x27,0x27,0xe9,0xe4,0xe1,0x13, 0x9e,0xe5,0xf6,0x0e,0x90,0x3c,0x15,0xbc,0x0f,0xed,0xf9,0x09,0xb3,0x0e,0x08,0x8d, 0xeb,0xa7,0x2f,0x77,0x57,0x21,0xa8,0x15,0x1c,0x30,0x1f,0xda,0xd7,0x01,0x71, }, .reseed_ctr = 1, }, .gen1 = { .entropy = (unsigned char []){ 0x7b,0xd0,0xf0,0x37,0x1b,0x81,0x79,0xbc,0x40,0x48,0x10,0xdc,0xcf,0xa9,0xc5,0x53, 0x2f,0xa7,0xae,0xca,0x7b,0x41,0x5d,0xb7,0xee,0x31,0x7d,0x5a,0x0c,0xf6,0x3c,0xb9, }, .v = (unsigned char []){ 0x95,0x17,0xc5,0xa2,0x6a,0x1d,0x73,0xf3,0x37,0xbe,0x44,0xc7,0x65,0x63,0x49,0x6f, 0x9a,0xf2,0xb6,0x75,0x46,0xf4,0x83,0xb1,0x77,0x67,0x99,0xe4,0xc0,0x08,0xe2,0xcf, 0xfd,0xef,0x37,0x59,0xa8,0x08,0x69,0x76,0xce,0x78,0x13,0x15,0x3c,0x37,0xd3,0x21, 0x8b,0x4c,0xba,0xe2,0xb6,0x90,0x19,0xc9,0x93,0xa7,0x5d,0x52,0x6e,0xff,0xe0,0x5e, 0x0c,0x0d,0x65,0x19,0xea,0x42,0x60,0x48,0xbb,0x39,0x79,0x44,0x64,0x59,0x69,0x5c, 0x53,0x11,0x6b,0x42,0x84,0xa6,0xab,0x41,0xff,0xea,0x18,0xe9,0x7d,0x0d,0xe8,0x7a, 0xee,0xf1,0x08,0xa0,0xe9,0xd8,0x48,0x93,0x85,0x02,0x98,0xd0,0xa8,0xad,0x6b, }, .c = (unsigned char []){ 0x76,0x3d,0x01,0xa4,0xef,0xc5,0x04,0xf8,0x40,0x8d,0xc6,0x12,0xbc,0x33,0xc2,0x61, 0x40,0x24,0x79,0x6e,0x2e,0x56,0x26,0x11,0x3b,0xae,0x91,0xb2,0xc3,0x76,0x6e,0x64, 0x8a,0x6a,0xac,0x83,0x98,0x89,0xc4,0x8a,0x0c,0xa5,0x1d,0xa8,0xec,0xa3,0x39,0xbb, 0xee,0x80,0xd0,0xc1,0x62,0x78,0xbd,0x85,0x88,0x10,0x74,0x7b,0x3b,0x9d,0xdb,0x2b, 0xe0,0x7a,0x5d,0x1e,0xbe,0xb1,0xf4,0x35,0x20,0x45,0x3b,0xb4,0x00,0x87,0x29,0xf1, 0x69,0x33,0x46,0xd4,0x27,0x27,0x0c,0x37,0x7e,0x09,0x0a,0xb2,0x3f,0x12,0x0a,0xf6, 0x66,0x50,0x65,0x79,0xa8,0x5b,0x6c,0xd1,0x75,0xea,0x7a,0xfa,0x6e,0x1d,0x74, }, .reseed_ctr = 2, }, .gen2 = { .entropy = (unsigned char []){ 0xe1,0x0b,0xed,0x57,0x82,0xd4,0xe9,0xd1,0x51,0x86,0x67,0x14,0xde,0xe9,0x97,0x97, 0xb6,0x40,0x9f,0xec,0x81,0xf3,0x14,0xfa,0x22,0xbb,0xe6,0x46,0xcd,0xb9,0x25,0xa9, }, .v = (unsigned char []){ 0xdc,0x49,0x58,0x39,0x3b,0x4b,0x3e,0xb0,0xc2,0xdc,0x24,0x87,0x55,0xf0,0x20,0xa0, 0xd7,0xa8,0x9f,0x44,0xd9,0x4e,0xc5,0x3a,0x89,0x1b,0xd4,0x0f,0x2c,0x23,0x22,0xc2, 0xc1,0x7f,0x5c,0x9b,0x34,0x5d,0xd0,0x27,0x21,0xf7,0xe5,0x06,0x09,0xd7,0x27,0x58, 0x8a,0x6b,0x4a,0x0b,0x6b,0x98,0xe5,0x87,0xd6,0x96,0x7c,0xa7,0x5b,0xc3,0x84,0x9a, 0x6b,0xc6,0x3d,0x75,0xe6,0xb5,0x38,0x6c,0x86,0x57,0xf4,0x12,0xc4,0xd1,0x4b,0x9f, 0x00,0x95,0xa6,0x03,0x86,0x89,0x27,0xa0,0xd2,0x07,0x79,0xdb,0xa9,0x1c,0x20,0xf0, 0xb7,0xdb,0xc1,0x11,0x6e,0x5a,0x73,0x03,0x3c,0xae,0xbf,0x6c,0xfd,0xae,0xb8, }, .c = (unsigned char []){ 0xef,0x08,0x9b,0x11,0xdb,0x37,0xf5,0xa7,0xb9,0x6b,0xb4,0x9f,0x7a,0xff,0x41,0x56, 0x41,0x93,0x33,0x36,0xa9,0x85,0xd4,0x7c,0x3e,0xe6,0x06,0x02,0xbd,0x9f,0xa7,0x0d, 0x6a,0x46,0x05,0x55,0x05,0xcc,0x31,0x6f,0x0f,0x88,0x59,0x12,0x7c,0x81,0x6c,0x77, 0x47,0x23,0x16,0x58,0x5d,0x14,0x5d,0xf3,0xc4,0x6f,0xa8,0x14,0x96,0x56,0x06,0x16, 0x62,0x93,0xd0,0x7f,0x2d,0x1f,0x90,0x63,0x6f,0x68,0xd3,0xe7,0xaa,0x41,0x04,0x7b, 0x61,0x01,0x28,0x74,0x70,0xce,0x14,0xbc,0x15,0xb7,0x22,0xe4,0xcd,0xd0,0xf5,0x37, 0xf0,0x76,0xfd,0x02,0x47,0x6d,0x7e,0x9c,0x70,0x4b,0xf1,0xb7,0x31,0xdc,0xb0, }, .reseed_ctr = 2, }, .prnd = (unsigned char []){ 0xde,0x3d,0xdd,0xcb,0xfc,0x99,0xc2,0x25,0x8a,0x98,0xbd,0x04,0x2e,0x57,0x15,0x99, 0xa3,0x11,0xd8,0x6b,0x5f,0x23,0xfe,0x50,0xe8,0x9a,0x42,0x58,0x8d,0x51,0x60,0x6f, 0x51,0xb3,0x5e,0xc7,0xd4,0xe7,0x5a,0x49,0x26,0x16,0x35,0x6a,0x63,0x5e,0x7b,0x2d, 0x3f,0x1e,0xea,0xa5,0xdb,0x19,0xb8,0xfc,0xb7,0xa9,0x4e,0x27,0x4f,0x36,0x9e,0x73, 0xa6,0x7b,0xc2,0x8a,0x8b,0xf5,0xd4,0x95,0x59,0xfa,0xdc,0xda,0xfd,0x1f,0xaf,0x30, 0xca,0x52,0x41,0x10,0x12,0xa5,0xe3,0xff,0xb6,0x68,0x65,0xf4,0x1c,0x0c,0x98,0x80, 0x50,0x61,0x44,0x6e,0x62,0xfe,0x69,0x79,0xbc,0x5d,0x09,0x5f,0x1d,0x87,0x2b,0x96, 0x37,0x5e,0x33,0x5c,0xde,0x53,0x80,0x31,0x98,0x8f,0xc4,0xec,0x32,0xab,0xe4,0xda, 0xb5,0xff,0x18,0xf4,0x5f,0xb5,0x12,0x7a,0x14,0x07,0x9f,0x0f,0x0a,0x82,0x51,0x93, 0x20,0x65,0xb1,0x6a,0xf2,0x8d,0xd4,0xb0,0x62,0x07,0x3d,0xcb,0x0b,0xa1,0xb2,0x04, 0x95,0x97,0xdf,0x45,0xc1,0x7c,0x0b,0xc0,0x6a,0x23,0xd2,0x4b,0x8f,0xdd,0x66,0x97, 0x8a,0x24,0x39,0x8b,0x5d,0x42,0x63,0x7c,0xbb,0x53,0xd1,0x98,0xa5,0x6b,0x61,0x93, 0xb3,0x57,0x52,0x1d,0xb7,0x11,0x7b,0x7b,0x44,0x2e,0x75,0xbf,0x16,0x9e,0x42,0xbb, 0x07,0x98,0xfa,0x59,0xfa,0xdc,0x19,0xf5,0xd9,0xe1,0x05,0x0a,0x43,0x45,0x35,0x8b, 0xd7,0xe4,0x0f,0x90,0x96,0x45,0xd8,0x05,0x20,0xa0,0x93,0xb2,0x78,0x90,0xa3,0xd1, 0x6e,0xd2,0x27,0x79,0x90,0xc3,0xa4,0xb3,0x6a,0x3a,0x0c,0x5f,0x37,0x45,0xec,0x59, }, }, { .no_reseed = false, .pr = true, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 256 / 8, .add_len = 256 / 8, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char []){ 0x19,0xff,0x49,0x7e,0x90,0x6d,0x08,0x11,0xa0,0xb7,0xf7,0x75,0x86,0x18,0xaf,0xab, 0x44,0xfc,0xe8,0xed,0x35,0x38,0xab,0xfd,0x10,0x1c,0x58,0x6a,0x9c,0xea,0xf6,0x2d, }, .nonce = (unsigned char []){ 0x49,0x80,0xcb,0x99,0x83,0x87,0x0a,0x35,0xd8,0x00,0xff,0xf9,0x32,0x78,0x40,0xc5, }, .pers = (unsigned char []){ 0x2e,0x34,0xbe,0xa4,0xc1,0x28,0x43,0x4a,0xa2,0x85,0x9c,0xc3,0x39,0x13,0x71,0x6b, 0xc8,0x05,0xa1,0x83,0xbb,0x17,0x62,0xfc,0x3a,0xb5,0x44,0x89,0xd9,0xbd,0x1c,0x56, }, .v = (unsigned char []){ 0x6c,0xf5,0x7e,0xdf,0x5f,0xec,0x61,0x34,0x5e,0xf8,0xcc,0x5e,0x39,0x1d,0xcc,0x3f, 0x88,0x0a,0xd5,0x51,0xaa,0xfb,0x16,0x37,0x57,0x4e,0x92,0xc1,0xfa,0x8f,0x3e,0xd8, 0x15,0x19,0xa0,0xf1,0xe9,0x32,0xa1,0xf8,0xb2,0xa5,0x53,0xb0,0xfa,0xb9,0xf9,0x9e, 0x99,0x51,0xee,0x49,0x9c,0x59,0xfd,0x23,0xf3,0x1a,0x1b,0x73,0x8f,0x3a,0x54,0x7d, 0xca,0xb6,0x36,0x8e,0x80,0x2c,0x57,0x89,0x6a,0x4f,0xcf,0xeb,0x3e,0xd0,0xe6,0x26, 0x02,0x97,0xd6,0x16,0x5f,0xb2,0xe4,0x10,0x88,0x6f,0xe2,0xaf,0x76,0xe5,0x0e,0x20, 0x23,0xc2,0xf2,0xcd,0xb3,0xf7,0xa8,0x1f,0x48,0x9a,0x76,0xfd,0x46,0x57,0x0e, }, .c = (unsigned char []){ 0x70,0xc9,0xfc,0xe3,0xd5,0x7e,0x39,0x4b,0x6a,0xc5,0xc0,0x04,0x8b,0xfd,0xae,0x4e, 0xb5,0xa3,0xed,0x6a,0xa2,0xb2,0xfa,0xf5,0xe6,0xc5,0xb7,0xc2,0x9e,0xc6,0x54,0x3c, 0x47,0xf5,0x0e,0x7b,0xe8,0x49,0x66,0xb5,0xa6,0x73,0x9a,0xa3,0x19,0x1c,0xa3,0xb2, 0x1b,0xee,0xb4,0x16,0xaa,0x8f,0x7a,0x10,0xd0,0xee,0x15,0x46,0xf5,0x51,0x20,0x3d, 0xd3,0xca,0xce,0x74,0xb6,0xaf,0x8d,0xce,0xb4,0x82,0xe7,0x53,0x50,0x0f,0xf4,0x17, 0x65,0xdd,0xde,0xee,0x3a,0x72,0x5d,0x83,0xbf,0x5b,0xc0,0xda,0xff,0x35,0x86,0xc3, 0xf5,0x75,0x0f,0x76,0xde,0x15,0x3c,0x24,0xda,0x52,0xfe,0xfe,0x50,0xb4,0x24, }, .reseed_ctr = 1, }, .gen1 = { .add = (unsigned char []){ 0x47,0xdd,0x5c,0x72,0xea,0x44,0xdb,0xf1,0xd2,0x35,0x04,0x0b,0x18,0xa8,0x21,0xc2, 0x0f,0xb4,0x0b,0x88,0xc0,0x39,0x1a,0x5c,0x16,0x3f,0x9c,0x90,0x2f,0x6c,0x6e,0xb7, }, .entropy = (unsigned char []){ 0xbe,0x45,0xca,0x98,0x78,0x24,0x7b,0x00,0x8e,0x5d,0xe8,0xc5,0x88,0xb6,0xcb,0x84, 0x04,0x8c,0x0d,0x90,0x35,0x7d,0xbd,0xfc,0x98,0xe9,0xe2,0x87,0x91,0x2f,0xdb,0x33, }, .v = (unsigned char []){ 0x2b,0xec,0x9f,0xc2,0x78,0x1d,0xb4,0xcb,0xfa,0x98,0x50,0x18,0x15,0x5b,0xdf,0x51, 0x02,0xe3,0x1b,0x0f,0x34,0x0c,0x32,0x9a,0xa0,0xa5,0xca,0x1a,0x70,0xb6,0xc3,0x90, 0x6a,0x6a,0x8e,0x03,0xba,0x62,0xfd,0x2f,0xd8,0x1d,0xc9,0xc2,0xc0,0xdc,0x86,0xea, 0x8f,0x8d,0xea,0x1f,0xb5,0x38,0xa0,0xdb,0xf5,0x69,0x8e,0x27,0xcc,0x2d,0x83,0xf8, 0x0a,0xfb,0x4a,0xfe,0xfc,0x46,0x8c,0xda,0xf6,0xeb,0xce,0x06,0xee,0x35,0xcd,0xd0, 0x59,0x77,0xb2,0x32,0x53,0x40,0xd1,0x91,0xff,0x03,0xb2,0xc4,0x33,0x90,0x8c,0x31, 0xf2,0xbc,0x28,0xd6,0x23,0x72,0xaa,0xd9,0x67,0x1d,0xe0,0x59,0x8a,0x35,0x09, }, .c = (unsigned char []){ 0xcf,0xf7,0xfc,0x70,0x9b,0x81,0x74,0x33,0x71,0x24,0x54,0xd6,0xbc,0xd5,0x74,0xde, 0xae,0x3f,0x2b,0xc2,0xc2,0x00,0xf0,0x88,0x38,0x8b,0x07,0x37,0xfa,0x0d,0xfd,0x8f, 0x7c,0x31,0x1b,0x8b,0x67,0xd3,0x7e,0x0a,0x7f,0x2a,0x55,0x1c,0x69,0x86,0x33,0xcd, 0x4e,0x01,0x56,0x4d,0x36,0x72,0xae,0x9c,0x01,0xdb,0x90,0x6d,0xff,0xc2,0xa4,0xc3, 0xf0,0x45,0x56,0x38,0xda,0x06,0x60,0x51,0x80,0x00,0x4b,0xb7,0xae,0x1d,0x01,0x86, 0x19,0xda,0x3d,0xdf,0xab,0xef,0xf7,0x37,0x11,0xe2,0x5c,0xff,0xf0,0x65,0x77,0x2a, 0xcf,0xa0,0xd6,0x79,0x54,0xbe,0xe4,0x02,0xc0,0x41,0xf6,0xc7,0x82,0x60,0xf3, }, .reseed_ctr = 2, }, .gen2 = { .add = (unsigned char []){ 0xcf,0x20,0x40,0xe9,0x04,0x6a,0x69,0xdd,0x96,0x38,0xde,0x94,0x1f,0x00,0x90,0xb7, 0x53,0x5c,0x51,0xcf,0xa9,0xf1,0xc7,0xbb,0x2a,0x56,0xa3,0x32,0x32,0x69,0x43,0xd3, }, .entropy = (unsigned char []){ 0xb8,0x71,0x61,0x1f,0x8f,0xcb,0x8c,0x86,0x0a,0x72,0xc4,0xfd,0x40,0x6d,0x49,0x39, 0x33,0x5a,0x03,0x1e,0x0d,0xe9,0xf2,0xd4,0x36,0xd4,0x73,0x6b,0x6b,0x06,0x0c,0x2d, }, .v = (unsigned char []){ 0x59,0x44,0xf8,0xec,0xc9,0xa4,0x4c,0x0f,0x05,0x3f,0xfe,0x7e,0xa3,0x64,0x27,0xfc, 0xa5,0x6f,0x26,0xa3,0xd0,0x96,0x68,0xff,0x08,0x52,0xde,0x82,0x2c,0xa1,0x1a,0x88, 0x74,0x68,0xd6,0x36,0x25,0xf1,0xe8,0x6f,0xa8,0xaa,0x2a,0x12,0xc9,0x45,0x59,0xc5, 0xa4,0x01,0xe1,0x9f,0x8c,0xd5,0x8a,0xd9,0x53,0x60,0x12,0x8b,0x85,0x2f,0xef,0xbe, 0xbe,0x6f,0x8b,0x9e,0x96,0x7f,0x80,0xd1,0x84,0x9d,0x8b,0xb7,0x9c,0x0e,0x34,0x9b, 0x74,0x27,0xdf,0x85,0xa5,0x52,0xd5,0x48,0x7f,0xeb,0xd5,0x72,0xc1,0x17,0x8e,0x23, 0x2b,0x2c,0xd6,0x1b,0x2b,0xf9,0x67,0x45,0xba,0xe5,0xd4,0x60,0x64,0x0b,0x56, }, .c = (unsigned char []){ 0x34,0x0e,0xb7,0x02,0xa2,0x0b,0x75,0xed,0x0a,0x68,0x57,0x39,0x4d,0xcb,0x10,0xfc, 0xc2,0xad,0xd4,0xfa,0xf4,0x98,0x94,0xbe,0x67,0xd6,0xf2,0x03,0xf7,0x7b,0x71,0xd0, 0x35,0xe7,0xa7,0x37,0xee,0x24,0xdc,0x3b,0x6e,0x22,0xb5,0x95,0xf4,0xc0,0x86,0xb9, 0x2d,0x57,0xab,0x21,0x18,0xb9,0xa5,0x0d,0xad,0x6d,0x1f,0xf4,0xb4,0xfd,0x7b,0x3b, 0x51,0x09,0x88,0xed,0x49,0x93,0x9e,0xec,0x82,0x2b,0xf9,0x14,0x93,0x61,0x2b,0xe6, 0x54,0x66,0x5b,0x27,0x8e,0xab,0x9e,0x6d,0x8b,0xeb,0x25,0xf3,0xe2,0x08,0xd8,0xc3, 0x68,0x60,0x5a,0x39,0x9a,0x94,0x7e,0x13,0xa0,0x02,0xe3,0x67,0xed,0x50,0x3c, }, .reseed_ctr = 2, }, .prnd = (unsigned char []){ 0x2d,0x99,0x0f,0x0d,0xe4,0x3d,0x3a,0x4b,0x29,0x30,0x54,0x2c,0x27,0xad,0x27,0x45, 0x8e,0x88,0x65,0xca,0x6b,0x8f,0x27,0xfd,0x7a,0x96,0x9c,0xf4,0xe2,0xa0,0x32,0x3e, 0x38,0xfe,0x6f,0x50,0x5a,0x2d,0xba,0x48,0x8e,0xa6,0xb0,0x43,0x65,0x20,0x9c,0x6d, 0xb7,0x86,0xcb,0xbf,0x0a,0x7c,0x73,0xb4,0xfd,0x56,0xd2,0x49,0x87,0x71,0x9d,0xb0, 0xfd,0xba,0x1a,0x3f,0x07,0x14,0x95,0x21,0xdc,0xf5,0xb7,0x75,0x9c,0x61,0x0d,0xa2, 0x2d,0x15,0x10,0x57,0xac,0xef,0xe7,0x0d,0xf1,0xcc,0xae,0xb6,0x7a,0x97,0x51,0x59, 0xb8,0x99,0x6a,0xca,0x93,0xd7,0xa4,0x80,0x96,0x92,0x6d,0xb4,0x38,0x1b,0xbc,0xe4, 0x81,0x27,0x7d,0x7a,0xb2,0x7c,0xbc,0x03,0x88,0xf0,0xb7,0xce,0xdb,0xbf,0xb8,0x42, 0x1c,0xb1,0xdc,0x5f,0x2a,0x9c,0x67,0x7f,0x62,0xac,0xf9,0x6a,0xb2,0x5e,0x7e,0x40, 0x6c,0xe8,0x2f,0x5b,0x96,0xbc,0xb4,0x71,0xaf,0xbd,0xf4,0xb3,0xf5,0xa6,0xfb,0xcb, 0x8d,0xa4,0x5d,0x22,0x58,0xe3,0x50,0xe7,0x7d,0x46,0x33,0xb0,0xc1,0xda,0x69,0x16, 0x62,0xdd,0x86,0x99,0x09,0xdc,0xfd,0x7c,0x8e,0xd0,0xf5,0x4b,0xa7,0xaf,0x0f,0x9c, 0x03,0x8e,0xb3,0x2d,0x32,0xb7,0x05,0xe5,0x1b,0x35,0xbb,0x3c,0x2e,0xef,0xf0,0x10, 0xbb,0x47,0xee,0x32,0x6c,0x23,0x18,0xb5,0xbc,0xda,0x96,0x3c,0x2d,0xad,0x41,0x9c, 0x59,0x23,0xe3,0x68,0xd9,0xb2,0x8f,0x25,0xb0,0x48,0xa8,0x7b,0xdb,0xa0,0xa9,0x0d, 0x98,0xc2,0x4c,0x81,0xb6,0xdb,0xde,0x0f,0x58,0x05,0x4a,0x41,0xa8,0x29,0x3a,0x65, }, }, { .no_reseed = false, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 0, .add_len = 0, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char []){ 0x31,0x44,0xe1,0x7a,0x10,0xc8,0x56,0x12,0x97,0x64,0xf5,0x8f,0xd8,0xe4,0x23,0x10, 0x20,0x54,0x69,0x96,0xc0,0xbf,0x6c,0xff,0x8e,0x91,0xc2,0x4e,0xe0,0x9b,0xe3,0x33, }, .nonce = (unsigned char []){ 0xb1,0x6f,0xcb,0x1c,0xf0,0xc0,0x10,0xf3,0x1f,0xea,0xb7,0x33,0x58,0x8b,0x8e,0x04, }, .v = (unsigned char []){ 0x3a,0x85,0xca,0x10,0xea,0xc6,0x83,0xd6,0xa9,0x27,0x05,0x94,0xd1,0x7f,0x33,0xa2, 0x1d,0xad,0x7b,0x9b,0x25,0x9c,0x2a,0x17,0x44,0x62,0xa5,0xe0,0xc9,0x09,0xa1,0x33, 0xdb,0x84,0xb4,0xee,0x2b,0xdb,0x0f,0x72,0xcd,0xce,0xf7,0xd6,0x28,0x54,0xe5,0x35, 0x46,0x84,0x52,0x28,0x5d,0xbe,0x8e,0x46,0xbe,0xd3,0x96,0x5d,0xc9,0xc6,0x69,0x52, 0xde,0xfa,0x48,0x87,0x94,0x93,0xed,0xc0,0x1b,0xc0,0x7e,0xd4,0x97,0x3c,0x11,0x5c, 0xfd,0xd9,0x94,0x7a,0x70,0x84,0x65,0x35,0x1b,0x78,0xb8,0x04,0x65,0x2e,0xc7,0xcb, 0xe7,0xf6,0xe2,0xa0,0x91,0x93,0xfa,0x35,0x2f,0xf9,0x91,0xd3,0x8c,0x94,0xac, }, .c = (unsigned char []){ 0x74,0xea,0x43,0x7c,0x49,0x12,0x6f,0xf3,0x61,0xfe,0xab,0x56,0x39,0xa8,0xad,0x31, 0x8d,0x45,0x5c,0x94,0xb3,0xf9,0x99,0xff,0x16,0x06,0xf5,0x92,0xc2,0x7f,0x8b,0xf0, 0xbe,0x56,0x2c,0x7b,0xff,0xa2,0x97,0xde,0x85,0x12,0xef,0x44,0xb0,0xdf,0xc8,0xdb, 0x5c,0xb1,0x7c,0x96,0x92,0xac,0x0d,0x80,0xf0,0x66,0x96,0x1e,0x64,0x26,0x08,0x41, 0x08,0x08,0x9e,0xee,0x4a,0x75,0x9d,0x53,0x09,0xec,0x86,0x16,0x68,0xdd,0xeb,0x1c, 0x31,0xce,0xef,0x26,0xed,0xad,0x67,0x8b,0x6f,0x36,0xc3,0xeb,0xcb,0x9c,0x93,0x6c, 0xaf,0xce,0xe3,0xd9,0xa9,0x6a,0xe6,0x55,0x4e,0x22,0xd4,0x28,0x88,0xab,0x07, }, .reseed_ctr = 1, }, .res = { .entropy = (unsigned char []){ 0xa0,0xb3,0x58,0x4c,0x2c,0x84,0x12,0xf6,0x18,0x40,0x68,0x34,0x40,0x4d,0x1e,0xb0, 0xce,0x99,0x9b,0xa2,0x89,0x66,0x05,0x4d,0x7e,0x49,0x7e,0x0d,0xb6,0x08,0xb9,0x67, }, .v = (unsigned char []){ 0xb3,0x7f,0x9a,0xa3,0x9c,0x5a,0x80,0xdf,0x56,0xc0,0x40,0x40,0x24,0x07,0x96,0x0e, 0xf6,0xf8,0x89,0x2d,0x1a,0x68,0x8f,0xfc,0x93,0xba,0xd6,0xeb,0xe6,0xaf,0x44,0xd5, 0x5c,0xcd,0x66,0xc1,0xf4,0x4e,0xb5,0x31,0xe9,0xda,0xc1,0xc9,0x44,0x76,0x81,0xd7, 0xb2,0x7b,0x2b,0x70,0x3b,0x49,0x00,0x32,0x69,0x6b,0x32,0x33,0x0b,0x5e,0xdd,0x12, 0x3e,0x5e,0xce,0x7c,0x40,0xef,0xe7,0x0a,0x29,0x82,0x2e,0xa8,0xe4,0xe4,0x54,0xbb, 0x72,0x08,0x5c,0x6b,0x03,0x7a,0x86,0x52,0xec,0x22,0x7f,0x89,0x9d,0xd0,0x14,0x55, 0xdb,0x8e,0xe7,0xb6,0xb2,0xe9,0x21,0x14,0xf6,0xf9,0xfb,0x67,0x8e,0x63,0x32, }, .c = (unsigned char []){ 0x90,0x8a,0xd8,0x58,0xdb,0x2c,0x5d,0x21,0xfa,0x1c,0xd8,0x60,0x21,0x7b,0xd7,0x5a, 0xd0,0xba,0x1d,0xf2,0xfd,0x24,0xe3,0x03,0x96,0x4c,0x01,0x11,0x3a,0x0b,0x02,0x4a, 0x1e,0x53,0x64,0x0d,0x5a,0xe3,0x39,0x04,0x0b,0x43,0x57,0xc1,0xf3,0xc0,0xbe,0x2f, 0x14,0x60,0x7b,0x13,0x85,0xe9,0x68,0x18,0x3c,0x53,0xec,0xd9,0xa3,0x3d,0xdb,0x04, 0xb3,0xac,0x36,0xdf,0xc1,0x35,0x3d,0x85,0x71,0x15,0x9a,0x0b,0x31,0xb8,0x1b,0x5d, 0x3d,0xe2,0x4b,0x8a,0xe6,0x53,0x0c,0x83,0x8f,0xa8,0x71,0x2e,0xa5,0xd4,0xd5,0x87, 0x63,0xf2,0xbe,0x0a,0xb1,0x98,0x99,0x87,0xc5,0x6b,0xfd,0x31,0x5d,0xf5,0x21, }, .reseed_ctr = 1, }, .gen1 = { .v = (unsigned char []){ 0x44,0x0a,0x72,0xfc,0x77,0x86,0xde,0x01,0x50,0xdd,0x18,0xa0,0x45,0x83,0x6d,0x69, 0xc7,0xb2,0xa7,0x20,0x17,0x8d,0x73,0x00,0x2a,0x06,0xd7,0xfd,0x20,0xba,0x47,0x1f, 0x7b,0x20,0xca,0xcf,0x4f,0x31,0xee,0x35,0xf5,0x1e,0x19,0x8b,0x38,0x37,0x40,0xfb, 0x34,0x72,0x4a,0x07,0x47,0xe2,0x61,0xc8,0x00,0xfa,0x0f,0x74,0x4b,0xdc,0x84,0x2d, 0x37,0x19,0x9f,0x6a,0xcf,0x5f,0x4a,0xf0,0x41,0xa6,0x60,0x08,0x78,0xcf,0x72,0xa7, 0xce,0xaa,0x75,0x0f,0xa1,0xc2,0x35,0x46,0xf9,0x62,0xaf,0xe9,0x7c,0x05,0x56,0x83, 0xea,0xf5,0x13,0x1d,0x9f,0x9c,0x88,0x2e,0xdb,0x93,0xc5,0x0a,0xdb,0xa9,0x63, }, .c = (unsigned char []){ 0x90,0x8a,0xd8,0x58,0xdb,0x2c,0x5d,0x21,0xfa,0x1c,0xd8,0x60,0x21,0x7b,0xd7,0x5a, 0xd0,0xba,0x1d,0xf2,0xfd,0x24,0xe3,0x03,0x96,0x4c,0x01,0x11,0x3a,0x0b,0x02,0x4a, 0x1e,0x53,0x64,0x0d,0x5a,0xe3,0x39,0x04,0x0b,0x43,0x57,0xc1,0xf3,0xc0,0xbe,0x2f, 0x14,0x60,0x7b,0x13,0x85,0xe9,0x68,0x18,0x3c,0x53,0xec,0xd9,0xa3,0x3d,0xdb,0x04, 0xb3,0xac,0x36,0xdf,0xc1,0x35,0x3d,0x85,0x71,0x15,0x9a,0x0b,0x31,0xb8,0x1b,0x5d, 0x3d,0xe2,0x4b,0x8a,0xe6,0x53,0x0c,0x83,0x8f,0xa8,0x71,0x2e,0xa5,0xd4,0xd5,0x87, 0x63,0xf2,0xbe,0x0a,0xb1,0x98,0x99,0x87,0xc5,0x6b,0xfd,0x31,0x5d,0xf5,0x21, }, .reseed_ctr = 2, }, .gen2 = { .v = (unsigned char []){ 0xd4,0x95,0x4b,0x55,0x52,0xb3,0x3b,0x23,0x4a,0xf9,0xf1,0x00,0x66,0xff,0x44,0xc4, 0x98,0x6c,0xc5,0x13,0x14,0xb2,0x56,0x03,0xc0,0x52,0xd9,0x0e,0x5a,0xc5,0x49,0x69, 0x99,0x74,0x2e,0xdc,0xaa,0x15,0x27,0x3a,0x00,0x61,0x71,0x4d,0x2b,0xf7,0xff,0xb3, 0x2b,0x70,0x00,0xbf,0xde,0xb1,0x06,0x05,0xf3,0x61,0x74,0xeb,0x33,0xa4,0x8a,0x4c, 0xc0,0x07,0xc2,0x3b,0xb0,0x35,0x97,0xb4,0xd8,0xa6,0x37,0x3c,0xa7,0x03,0x7e,0x8a, 0x8f,0xf0,0x8f,0x63,0x77,0x9d,0xa9,0xe6,0x18,0x78,0xb1,0x88,0x6c,0xb0,0x84,0xba, 0x68,0xce,0xef,0x8a,0xd4,0xe5,0xba,0x77,0x20,0xac,0xbd,0x3b,0x26,0x28,0x22, }, .c = (unsigned char []){ 0x90,0x8a,0xd8,0x58,0xdb,0x2c,0x5d,0x21,0xfa,0x1c,0xd8,0x60,0x21,0x7b,0xd7,0x5a, 0xd0,0xba,0x1d,0xf2,0xfd,0x24,0xe3,0x03,0x96,0x4c,0x01,0x11,0x3a,0x0b,0x02,0x4a, 0x1e,0x53,0x64,0x0d,0x5a,0xe3,0x39,0x04,0x0b,0x43,0x57,0xc1,0xf3,0xc0,0xbe,0x2f, 0x14,0x60,0x7b,0x13,0x85,0xe9,0x68,0x18,0x3c,0x53,0xec,0xd9,0xa3,0x3d,0xdb,0x04, 0xb3,0xac,0x36,0xdf,0xc1,0x35,0x3d,0x85,0x71,0x15,0x9a,0x0b,0x31,0xb8,0x1b,0x5d, 0x3d,0xe2,0x4b,0x8a,0xe6,0x53,0x0c,0x83,0x8f,0xa8,0x71,0x2e,0xa5,0xd4,0xd5,0x87, 0x63,0xf2,0xbe,0x0a,0xb1,0x98,0x99,0x87,0xc5,0x6b,0xfd,0x31,0x5d,0xf5,0x21, }, .reseed_ctr = 3, }, .prnd = (unsigned char []){ 0xef,0xa3,0x5d,0xd0,0x36,0x2a,0xdb,0x76,0x26,0x45,0x6b,0x36,0xfa,0xc7,0x4d,0x3c, 0x28,0xd0,0x1d,0x92,0x64,0x20,0x27,0x5a,0x28,0xbe,0xa9,0xc9,0xdd,0x75,0x47,0xc1, 0x5e,0x79,0x31,0x85,0x2a,0xc1,0x27,0x70,0x76,0x56,0x75,0x35,0x23,0x9c,0x1f,0x42, 0x9c,0x7f,0x75,0xcf,0x74,0xc2,0x26,0x7d,0xeb,0x6a,0x3e,0x59,0x6c,0xf3,0x26,0x15, 0x6c,0x79,0x69,0x41,0x28,0x3b,0x8d,0x58,0x3f,0x17,0x1c,0x2f,0x6e,0x33,0x23,0xf7, 0x55,0x5e,0x1b,0x18,0x1f,0xfd,0xa3,0x05,0x07,0x21,0x0c,0xb1,0xf5,0x89,0xb2,0x3c, 0xd7,0x18,0x80,0xfd,0x44,0x37,0x0c,0xac,0xf4,0x33,0x75,0xb0,0xdb,0x7e,0x33,0x6f, 0x12,0xb3,0x09,0xbf,0xd4,0xf6,0x10,0xbb,0x8f,0x20,0xe1,0xa1,0x5e,0x25,0x3a,0x4f, 0xe5,0x11,0xa0,0x27,0x96,0x8d,0xf0,0xb1,0x05,0xa1,0xd7,0x3a,0xff,0x7c,0x7a,0x82, 0x6d,0x39,0xf6,0x40,0xdf,0xb8,0xf5,0x22,0x25,0x9e,0xd4,0x02,0x28,0x2e,0x2c,0x2e, 0x9d,0x3a,0x49,0x8f,0x51,0x72,0x5f,0xe4,0x14,0x1b,0x06,0xda,0x55,0x98,0xa4,0x2a, 0xc1,0xe0,0x49,0x4e,0x99,0x7d,0x56,0x6a,0x1a,0x39,0xb6,0x76,0xb9,0x6a,0x60,0x03, 0xa4,0xc5,0xdb,0x84,0xf2,0x46,0x58,0x4e,0xe6,0x5a,0xf7,0x0f,0xf2,0x16,0x02,0x78, 0x16,0x6d,0xa1,0x6d,0x91,0xc9,0xb8,0xf2,0xde,0xb0,0x27,0x51,0xa1,0x08,0x8a,0xd6, 0xbe,0x4e,0x80,0xef,0x96,0x6e,0xb7,0x3e,0x66,0xbc,0x87,0xca,0xd8,0x7c,0x77,0xc0, 0xb3,0x4a,0x21,0xba,0x1d,0xa0,0xba,0x6d,0x16,0xca,0x50,0x46,0xdc,0x4a,0xbd,0xa0, }, }, { .no_reseed = false, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 0, .add_len = 256 / 8, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char []){ 0xc7,0x3a,0x78,0x20,0xf0,0xf5,0x3e,0x8b,0xbf,0xc3,0xb7,0xb7,0x1d,0x99,0x41,0x43, 0xcf,0x6e,0x98,0x64,0x2e,0x9e,0xa6,0xd8,0xdf,0x5d,0xcc,0xbc,0x43,0xdb,0x87,0x20, }, .nonce = (unsigned char []){ 0x20,0xcc,0x98,0x34,0xb5,0x88,0xad,0xcb,0x1b,0xbd,0xe6,0x4f,0x0d,0x2a,0x34,0xcb, }, .v =(unsigned char []){ 0x85,0x2d,0x1b,0x4f,0xdd,0x41,0xcd,0x7e,0x0f,0x59,0x7c,0x45,0xc8,0xe4,0xb4,0x01, 0xa5,0xfe,0xcf,0x92,0x29,0xb6,0x07,0x24,0x51,0xca,0x65,0xb5,0x28,0x98,0x82,0xc6, 0x86,0xe7,0x91,0x99,0x22,0xce,0x82,0xde,0x2f,0xaa,0xc8,0x3c,0xd4,0xc4,0xed,0xdf, 0xa2,0xcd,0xcf,0x62,0x44,0xa4,0xd2,0xac,0xdd,0x34,0xc0,0x23,0x21,0x36,0x40,0x9b, 0xb5,0x0e,0xa2,0x4d,0x0c,0x33,0xfc,0xfd,0x1a,0xaf,0x1c,0xc1,0x10,0xb5,0x35,0x3d, 0x32,0xe4,0xe6,0xdf,0x59,0xae,0x25,0xec,0x12,0x40,0x00,0xde,0x62,0xfc,0xfa,0x8b, 0xb4,0xcb,0x3f,0x3b,0x72,0xe2,0xda,0x20,0x66,0xef,0x00,0xcd,0x66,0xd9,0xe9, }, .c = (unsigned char []){ 0xf7,0xb0,0xc9,0xcf,0x2c,0xcf,0x58,0xfd,0x8c,0x8b,0x69,0xda,0xa4,0xcf,0x24,0xa8, 0x74,0xc9,0x5b,0x57,0xa9,0xf5,0xbe,0x16,0xaa,0xa7,0x1e,0xc3,0x00,0x70,0xac,0x8f, 0x22,0x2f,0xe2,0x17,0x88,0xfe,0xc1,0x4b,0x8a,0x9a,0xd7,0xad,0x20,0x91,0x2c,0x05, 0xa6,0xf9,0x45,0x48,0x64,0x67,0x79,0xa1,0x6c,0x78,0x7b,0x13,0x5c,0xe8,0xd0,0x8c, 0x49,0xf7,0xe2,0x34,0xcb,0xd2,0xc7,0x73,0x35,0x71,0xf5,0xad,0x64,0x79,0xb5,0xfc, 0x50,0x40,0x34,0x96,0x58,0x1b,0x48,0x61,0xef,0x8e,0xc8,0x48,0xaf,0xfb,0xd2,0x07, 0x7a,0xb1,0x64,0xfc,0x6b,0xb2,0xdd,0x7b,0x00,0x8a,0x65,0x05,0x04,0xbf,0xd8, }, .reseed_ctr = 1, }, .res = { .entropy = (unsigned char []){ 0x12,0xdd,0x2a,0xca,0x88,0x79,0x04,0x6d,0x23,0x16,0x5c,0x60,0xf8,0xae,0xdc,0x20, 0x41,0x57,0x83,0xe1,0x56,0xd4,0x2a,0x94,0x34,0x68,0x26,0xaa,0xeb,0x02,0xea,0xcf, }, .add = (unsigned char []){ 0x9b,0x59,0xff,0x78,0xa3,0x4e,0xab,0xe0,0x06,0x0c,0x27,0x92,0xca,0x9b,0x49,0xe9, 0x78,0x1e,0x6b,0x80,0x2b,0xad,0xf7,0xdb,0xde,0x27,0xca,0xae,0xd3,0x34,0x37,0x06, }, .v = (unsigned char []){ 0x18,0x1a,0x30,0x23,0x52,0xd9,0xeb,0xf0,0xb6,0x69,0x73,0x0b,0x24,0x41,0xa9,0xf4, 0xc1,0x6a,0x4b,0x9d,0x25,0xeb,0xc8,0x4e,0xd0,0x1c,0x46,0x0d,0x29,0x3c,0xd3,0xe8, 0xb7,0xbf,0xf1,0xac,0xa3,0x2b,0x0e,0xa8,0xd2,0x81,0xdf,0x0e,0xf8,0xd1,0xae,0x09, 0xd4,0xcf,0x97,0x69,0x0c,0x94,0x4f,0x47,0x13,0xad,0xb9,0xed,0xe9,0x07,0x63,0xf3, 0xed,0x77,0x08,0x1c,0x37,0xc0,0xfc,0x60,0xf8,0xb6,0x0b,0x51,0x08,0xcf,0x62,0x76, 0xc8,0x0d,0xb1,0x4a,0x82,0xaa,0xef,0x1b,0xf8,0xda,0x03,0x78,0x14,0x45,0xcf,0xcc, 0x7c,0xdc,0x02,0xb1,0xc7,0xa2,0x74,0x08,0x74,0xdd,0x94,0x81,0x18,0xf7,0xef, }, .c = (unsigned char []){ 0x28,0xb6,0x38,0xd6,0x31,0xf0,0x54,0xeb,0xa5,0x62,0x32,0x0e,0x9d,0x15,0x1f,0x90, 0x58,0x63,0xdd,0x6c,0x04,0xd8,0xba,0x41,0x16,0x7b,0xcf,0x3b,0x02,0x36,0xd4,0xe5, 0xdd,0xe1,0xdc,0x7b,0xf6,0x90,0xe6,0x1b,0x4a,0x65,0x99,0x7b,0xd9,0xc6,0x7f,0xf9, 0x08,0xfe,0x7e,0x24,0x43,0xd0,0x1c,0x8e,0xac,0x15,0xb2,0xea,0x5c,0x80,0xba,0x89, 0xf0,0x9a,0xa9,0xb8,0xa8,0x1d,0x56,0x12,0x4b,0xb7,0x15,0x86,0x81,0x28,0x27,0xf4, 0x63,0xde,0x90,0x31,0x87,0x27,0x10,0x2d,0xbd,0x5e,0x59,0xca,0x5f,0x1a,0xf7,0x8a, 0xb7,0x38,0x44,0x69,0x5e,0xee,0x09,0x77,0xb7,0x54,0x85,0x4e,0x52,0x50,0x97, }, .reseed_ctr = 1, }, .gen1 = { .add = (unsigned char []){ 0xdc,0x74,0xa9,0xe4,0x80,0xa6,0xff,0x6f,0x6b,0xce,0x53,0xab,0x9c,0x7b,0xdd,0xe4, 0xb1,0x3d,0x70,0xfb,0x51,0x96,0xcd,0xd5,0xe3,0xa0,0x55,0x5c,0xcf,0x06,0xfe,0x91, }, .v = (unsigned char []){ 0x40,0xd0,0x68,0xf9,0x84,0xca,0x40,0xdc,0x5b,0xcb,0xa5,0x19,0xc1,0x56,0xc9,0x85, 0x19,0xce,0x29,0x09,0x2a,0xc4,0x82,0x8f,0xe6,0x98,0x15,0x48,0x2b,0x73,0xa8,0xce, 0x95,0xa1,0xce,0x28,0x99,0xbb,0xf4,0xc4,0x1c,0xe7,0x78,0x8a,0xd2,0x98,0x2e,0x3c, 0xea,0x32,0x66,0xf4,0xca,0xdc,0x50,0xae,0x52,0x8d,0xc6,0x1a,0xa7,0xc5,0x21,0x48, 0x98,0x69,0xe3,0xef,0xc6,0xc8,0x2c,0xce,0xfb,0xba,0xb4,0x56,0x73,0xe0,0xf5,0x9d, 0x56,0x54,0xcf,0x91,0x0f,0xa1,0x46,0xd9,0x84,0xa4,0x2c,0x5f,0x17,0xfb,0x60,0x34, 0x0c,0x86,0xd0,0xd0,0x7c,0x7e,0x2f,0x2e,0x6d,0xf3,0xcf,0xfd,0x72,0x2a,0x0e, }, .c = (unsigned char []){ 0x28,0xb6,0x38,0xd6,0x31,0xf0,0x54,0xeb,0xa5,0x62,0x32,0x0e,0x9d,0x15,0x1f,0x90, 0x58,0x63,0xdd,0x6c,0x04,0xd8,0xba,0x41,0x16,0x7b,0xcf,0x3b,0x02,0x36,0xd4,0xe5, 0xdd,0xe1,0xdc,0x7b,0xf6,0x90,0xe6,0x1b,0x4a,0x65,0x99,0x7b,0xd9,0xc6,0x7f,0xf9, 0x08,0xfe,0x7e,0x24,0x43,0xd0,0x1c,0x8e,0xac,0x15,0xb2,0xea,0x5c,0x80,0xba,0x89, 0xf0,0x9a,0xa9,0xb8,0xa8,0x1d,0x56,0x12,0x4b,0xb7,0x15,0x86,0x81,0x28,0x27,0xf4, 0x63,0xde,0x90,0x31,0x87,0x27,0x10,0x2d,0xbd,0x5e,0x59,0xca,0x5f,0x1a,0xf7,0x8a, 0xb7,0x38,0x44,0x69,0x5e,0xee,0x09,0x77,0xb7,0x54,0x85,0x4e,0x52,0x50,0x97, }, .reseed_ctr = 2, }, .gen2 = { .add = (unsigned char []){ 0x8f,0x3f,0x22,0x90,0x11,0x20,0x9b,0x2f,0x39,0x90,0x96,0xaf,0xb0,0x54,0xbc,0xcc, 0xa6,0xbc,0x46,0xaa,0xee,0x98,0x84,0x58,0x38,0xfb,0x1f,0xb7,0x8b,0x66,0xf3,0xbd, }, .v = (unsigned char []){ 0x69,0x86,0xa1,0xcf,0xb6,0xba,0x95,0xc8,0x01,0x2d,0xd7,0x28,0x5e,0x6b,0xe9,0x15, 0x72,0x32,0x06,0x75,0x2f,0x9d,0x3c,0xd0,0xfd,0x13,0xe4,0x83,0x2d,0xaa,0x7d,0xb4, 0x73,0x83,0xaa,0xa4,0x90,0x4c,0xda,0xdf,0x67,0x4d,0x12,0x06,0xac,0x5e,0xaf,0xa9, 0x9d,0xe1,0x30,0x4f,0xc0,0xb6,0xa1,0xb5,0xe3,0x2e,0x34,0xa7,0xf4,0x14,0x1e,0x89, 0x35,0x38,0x78,0xc0,0xd3,0xf6,0xa0,0xba,0x5b,0x9e,0xd4,0x52,0xd6,0x12,0x60,0xde, 0x9e,0x5a,0xcb,0xf8,0x13,0x44,0x85,0xb3,0xb9,0xe9,0x90,0xf5,0x9f,0x34,0xd4,0xd4, 0x33,0x07,0xe4,0x0a,0xd0,0xd0,0xa5,0x05,0xef,0xdb,0x24,0xb7,0x2f,0x80,0x7b, }, .c = (unsigned char []){ 0x28,0xb6,0x38,0xd6,0x31,0xf0,0x54,0xeb,0xa5,0x62,0x32,0x0e,0x9d,0x15,0x1f,0x90, 0x58,0x63,0xdd,0x6c,0x04,0xd8,0xba,0x41,0x16,0x7b,0xcf,0x3b,0x02,0x36,0xd4,0xe5, 0xdd,0xe1,0xdc,0x7b,0xf6,0x90,0xe6,0x1b,0x4a,0x65,0x99,0x7b,0xd9,0xc6,0x7f,0xf9, 0x08,0xfe,0x7e,0x24,0x43,0xd0,0x1c,0x8e,0xac,0x15,0xb2,0xea,0x5c,0x80,0xba,0x89, 0xf0,0x9a,0xa9,0xb8,0xa8,0x1d,0x56,0x12,0x4b,0xb7,0x15,0x86,0x81,0x28,0x27,0xf4, 0x63,0xde,0x90,0x31,0x87,0x27,0x10,0x2d,0xbd,0x5e,0x59,0xca,0x5f,0x1a,0xf7,0x8a, 0xb7,0x38,0x44,0x69,0x5e,0xee,0x09,0x77,0xb7,0x54,0x85,0x4e,0x52,0x50,0x97, }, .reseed_ctr = 3, }, .prnd = (unsigned char []){ 0xe6,0xc9,0x64,0x42,0x58,0x28,0x11,0xec,0x90,0xe5,0x87,0x52,0x5f,0x36,0xc5,0x55, 0xe2,0xfd,0x63,0x61,0xa0,0xc5,0xb0,0x28,0x49,0x17,0xa4,0xfa,0x6f,0x6e,0x8a,0xce, 0x83,0xf1,0x1a,0x1f,0xb2,0x6c,0xea,0x66,0x92,0xb2,0x25,0xae,0x7c,0x5b,0xe2,0x86, 0xdd,0x27,0x47,0x1f,0x32,0x3d,0x7a,0x2e,0x44,0x31,0x72,0x2b,0xb3,0x37,0xb1,0xba, 0x0e,0x64,0x8e,0xa2,0xe9,0xf0,0x91,0x8b,0x50,0xe9,0x11,0x1f,0x23,0x77,0x63,0x6b, 0xa6,0x9b,0x0e,0x1c,0xb5,0x29,0x50,0x78,0xd7,0x6c,0x54,0x9c,0x86,0x56,0x94,0x0e, 0xb1,0x5c,0xa5,0xad,0xed,0x7a,0xdc,0x46,0xe6,0xfa,0x4b,0x86,0x94,0x8f,0x21,0x2f, 0xea,0x3f,0x3b,0xef,0xde,0xec,0xe8,0xb2,0x0e,0x42,0x0c,0xa8,0x4c,0x76,0x01,0x96, 0xdd,0xf0,0xb0,0x74,0xdf,0x0a,0x9f,0x09,0x7a,0x5d,0xb8,0xf6,0x12,0x58,0x00,0xf5, 0xfe,0x74,0x6a,0x62,0xdf,0x12,0x08,0x04,0x2f,0x12,0x55,0xb5,0x24,0x46,0x5a,0x17, 0xef,0xcf,0x6a,0x53,0x76,0x12,0x96,0x84,0x30,0xe2,0xad,0xcf,0xf3,0x0f,0x74,0x07, 0xa5,0x1e,0xd7,0x30,0x53,0x34,0x38,0x4e,0x51,0x2e,0x00,0x36,0x42,0xcc,0xa1,0x75, 0x63,0x68,0x19,0xf0,0x21,0xc7,0x6a,0x2f,0x44,0xe8,0x9e,0x6f,0xe3,0x9c,0xf1,0x64, 0x47,0x79,0x10,0x37,0x9c,0xd3,0x14,0xf7,0x35,0xc3,0x57,0xf9,0x37,0x9d,0xe2,0x24, 0x95,0x27,0x6b,0x40,0x1c,0x98,0xff,0xb0,0x9a,0x6d,0xc0,0x3e,0x48,0x4b,0x35,0x5a, 0x94,0x64,0x51,0x14,0x01,0xee,0xaa,0x05,0xb4,0x55,0x6e,0x73,0xb5,0x52,0x27,0xf8, }, }, { .no_reseed = false, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 256 / 8, .add_len = 0, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char []){ 0x12,0xc2,0x20,0x31,0xd0,0x3a,0x85,0x0f,0x76,0x96,0xc9,0x27,0xd4,0xdc,0x8d,0xad, 0x4c,0x3d,0xd7,0x17,0xe6,0x0e,0xe5,0x68,0x1b,0x05,0xdb,0x64,0x26,0xa0,0xe1,0x67, }, .nonce = (unsigned char []){ 0xcd,0x32,0xe3,0xeb,0x3f,0x83,0x34,0xd9,0x69,0x8d,0xec,0x62,0x7b,0x2e,0xaa,0xbe, }, .pers = (unsigned char []){ 0x75,0x63,0x63,0xf6,0x81,0x78,0xda,0xc0,0x9a,0x5c,0x8d,0x64,0xef,0xfb,0xab,0x23, 0x87,0x3a,0x3b,0xc2,0xdf,0xba,0xc3,0x9b,0x6d,0x47,0xeb,0xf9,0x29,0xad,0x98,0x54, }, .v =(unsigned char []){ 0x29,0x5e,0x0b,0x18,0x92,0x1d,0x33,0xaa,0x64,0xe3,0xde,0xec,0x80,0x04,0x4b,0x41, 0xac,0x4e,0x49,0x90,0x04,0xc7,0x7b,0x7d,0x1a,0xc0,0x21,0xdd,0x1c,0x4e,0x2e,0x6a, 0x85,0x2d,0x6a,0xd6,0x27,0x6c,0xe2,0xa9,0x01,0x5f,0xa3,0x1e,0x22,0x34,0x96,0x76, 0x14,0x3d,0xa2,0x02,0xb7,0x7c,0xc0,0x08,0x26,0xea,0x17,0xec,0x67,0xc0,0xdb,0x12, 0x75,0xa2,0xd0,0x7c,0x0e,0xae,0x8a,0x87,0xdf,0xbe,0x0f,0xd5,0x34,0x7a,0x2b,0x38, 0x36,0x40,0x29,0xf4,0x38,0x8e,0x6e,0x32,0xe8,0x53,0xad,0xec,0x3a,0xe4,0x79,0xc4, 0x07,0x75,0xf7,0xab,0x17,0x08,0x09,0x90,0x57,0x2b,0xac,0x29,0x47,0x7a,0x31, }, .c = (unsigned char []){ 0x24,0x70,0x96,0x11,0x1b,0xa9,0x0f,0x4f,0x56,0x11,0xe2,0x65,0x84,0xa9,0xf1,0x83, 0xc9,0x60,0xda,0xe8,0x5c,0x57,0x1a,0xa5,0xae,0xfc,0x13,0xe3,0xdd,0x04,0x96,0x8c, 0x53,0xa3,0xd0,0xb9,0xdd,0x69,0x9a,0xa6,0xf8,0x33,0x0c,0x5d,0xa4,0x44,0x7e,0x30, 0x5f,0xf8,0xa3,0xdc,0x21,0xbe,0xf0,0x27,0x07,0xc0,0x64,0xa8,0xeb,0xf4,0xa7,0x34, 0x0c,0xab,0x11,0x33,0x35,0x58,0x97,0xd1,0xea,0xc2,0x0f,0xf7,0xb8,0x10,0x7f,0xce, 0x28,0xf8,0xef,0x64,0xbf,0x6b,0x39,0x0d,0x58,0x9d,0xec,0x19,0xe7,0x47,0x65,0x03, 0x73,0x44,0x88,0x72,0x39,0xf3,0x0f,0x4b,0x2b,0x04,0xc8,0x11,0xe6,0x00,0x69, }, .reseed_ctr = 1, }, .res = { .entropy = (unsigned char []){ 0x17,0xed,0x31,0xbd,0xa6,0x4b,0x08,0xec,0xe5,0x0e,0xdf,0x5b,0x91,0xf6,0xa0,0x86, 0x2e,0x56,0x90,0x18,0x17,0x34,0xa0,0x13,0x4e,0x05,0xe3,0x66,0x64,0x0b,0x7e,0x85, }, .v = (unsigned char []){ 0xba,0xa7,0xae,0xbc,0x24,0x31,0x32,0x82,0x49,0x0e,0x40,0xd8,0x90,0x3d,0x2b,0x4c, 0x23,0xf3,0x0a,0xfc,0x59,0x8d,0x36,0x7f,0xa8,0xb5,0x70,0xc3,0xf9,0xa7,0x92,0x39, 0x9c,0xeb,0xff,0x96,0xb3,0xf4,0x58,0xd3,0xa8,0xd2,0xd8,0xb9,0xb1,0x40,0xdb,0x40, 0xd9,0x8d,0xcf,0x5a,0x44,0x8e,0xce,0xb7,0x6d,0x25,0x19,0xd2,0xbf,0xd5,0xef,0x0d, 0x1c,0x80,0x5f,0x50,0xbc,0xde,0xdb,0x38,0x24,0x8d,0x2e,0xd7,0xcd,0x66,0xab,0x07, 0xf9,0x7e,0x13,0xd1,0xd2,0x69,0x10,0xb8,0x5f,0x7e,0xec,0x8f,0x1b,0x26,0xdc,0x1f, 0x3a,0x23,0x02,0x91,0xa7,0x32,0x25,0xe3,0xf2,0xcf,0xb7,0xf4,0xde,0x76,0x24, }, .c = (unsigned char []){ 0xd2,0x96,0xd0,0x95,0x7e,0x86,0x06,0xb5,0xe2,0x7b,0x74,0xac,0x72,0x98,0x08,0x60, 0x4c,0x48,0x35,0x03,0x52,0x53,0x4c,0x3d,0x8b,0x1a,0xc0,0x55,0x1c,0x9e,0xfc,0x80, 0x8b,0x55,0x7d,0x8f,0x5c,0x7a,0x1b,0x62,0x7b,0x86,0x85,0xb5,0x87,0xa5,0x12,0x1e, 0x73,0xd5,0xbe,0x13,0x78,0xe8,0xea,0x03,0x5f,0xab,0x8a,0xab,0x96,0x2a,0xf8,0x6d, 0xc4,0x1f,0xda,0x58,0x8d,0xcc,0xde,0xfc,0xfa,0xaa,0x78,0xde,0x18,0xfc,0x7a,0x50, 0x63,0xaf,0x35,0xfd,0xb2,0x4e,0xf6,0x04,0xda,0x15,0x3e,0x64,0x87,0x8a,0xaa,0xf6, 0x37,0x9a,0x95,0xe7,0x63,0x57,0xe6,0xd5,0xfd,0xd4,0x7e,0x07,0x3a,0x0f,0xfe, }, .reseed_ctr = 1, }, .gen1 = { .v = (unsigned char []){ 0x8d,0x3e,0x7f,0x51,0xa2,0xb7,0x39,0x38,0x2b,0x89,0xb5,0x85,0x02,0xd5,0x33,0xac, 0x70,0x3b,0x3f,0xff,0xab,0xe0,0x82,0xbd,0x33,0xd0,0x31,0x19,0x16,0x46,0x8e,0xba, 0x28,0x41,0x7d,0x26,0x10,0x6e,0x74,0x36,0x24,0x59,0x5e,0x6f,0x38,0xe5,0xed,0x9a, 0xac,0x0e,0x71,0xaa,0xb9,0x38,0xce,0xf1,0x40,0x29,0x43,0xa4,0x47,0x38,0xdd,0xf5, 0x7b,0x90,0x74,0x21,0x41,0xda,0x08,0x8a,0x32,0x22,0x5c,0x24,0x96,0x82,0x4f,0x7b, 0xca,0x1d,0xf8,0x3b,0xaa,0x8d,0x04,0xfc,0x7e,0xa7,0x63,0x55,0x22,0x27,0xed,0xec, 0xd9,0x4c,0x71,0x3d,0x64,0x92,0x6b,0x13,0x7b,0x1c,0xa2,0x01,0x21,0x2f,0x2b, }, .c = (unsigned char []){ 0xd2,0x96,0xd0,0x95,0x7e,0x86,0x06,0xb5,0xe2,0x7b,0x74,0xac,0x72,0x98,0x08,0x60, 0x4c,0x48,0x35,0x03,0x52,0x53,0x4c,0x3d,0x8b,0x1a,0xc0,0x55,0x1c,0x9e,0xfc,0x80, 0x8b,0x55,0x7d,0x8f,0x5c,0x7a,0x1b,0x62,0x7b,0x86,0x85,0xb5,0x87,0xa5,0x12,0x1e, 0x73,0xd5,0xbe,0x13,0x78,0xe8,0xea,0x03,0x5f,0xab,0x8a,0xab,0x96,0x2a,0xf8,0x6d, 0xc4,0x1f,0xda,0x58,0x8d,0xcc,0xde,0xfc,0xfa,0xaa,0x78,0xde,0x18,0xfc,0x7a,0x50, 0x63,0xaf,0x35,0xfd,0xb2,0x4e,0xf6,0x04,0xda,0x15,0x3e,0x64,0x87,0x8a,0xaa,0xf6, 0x37,0x9a,0x95,0xe7,0x63,0x57,0xe6,0xd5,0xfd,0xd4,0x7e,0x07,0x3a,0x0f,0xfe, }, .reseed_ctr = 2, }, .gen2 = { .v = (unsigned char []){ 0x5f,0xd5,0x4f,0xe7,0x21,0x3d,0x3f,0xee,0x0e,0x05,0x2a,0x31,0x75,0x6d,0x3c,0x0c, 0xbc,0x83,0x75,0x02,0xfe,0x33,0xce,0xfa,0xbe,0xea,0xf1,0x6e,0x32,0xe5,0x8b,0x3a, 0xb3,0x96,0xfa,0xb5,0x6c,0xe8,0x8f,0x98,0x9f,0xdf,0xe4,0x24,0xc0,0x8b,0x00,0xb6, 0x46,0x6e,0x50,0xc6,0x6f,0x3f,0xa1,0x36,0x6f,0x7e,0xa2,0x0d,0x6d,0x4b,0xec,0xf1, 0x67,0x77,0xff,0x54,0xd6,0xea,0xc0,0xcb,0x8b,0x86,0xb0,0x2f,0x2b,0x88,0x5c,0xc7, 0x80,0x75,0x0a,0x8c,0xef,0x52,0x5f,0x0f,0xe1,0x25,0x8d,0xf1,0xb4,0xc2,0x53,0x45, 0x29,0xe6,0x8b,0xe9,0x3e,0xbb,0x30,0xb1,0x61,0x4d,0xb7,0x97,0x80,0xd9,0x9e, }, .c = (unsigned char []){ 0xd2,0x96,0xd0,0x95,0x7e,0x86,0x06,0xb5,0xe2,0x7b,0x74,0xac,0x72,0x98,0x08,0x60, 0x4c,0x48,0x35,0x03,0x52,0x53,0x4c,0x3d,0x8b,0x1a,0xc0,0x55,0x1c,0x9e,0xfc,0x80, 0x8b,0x55,0x7d,0x8f,0x5c,0x7a,0x1b,0x62,0x7b,0x86,0x85,0xb5,0x87,0xa5,0x12,0x1e, 0x73,0xd5,0xbe,0x13,0x78,0xe8,0xea,0x03,0x5f,0xab,0x8a,0xab,0x96,0x2a,0xf8,0x6d, 0xc4,0x1f,0xda,0x58,0x8d,0xcc,0xde,0xfc,0xfa,0xaa,0x78,0xde,0x18,0xfc,0x7a,0x50, 0x63,0xaf,0x35,0xfd,0xb2,0x4e,0xf6,0x04,0xda,0x15,0x3e,0x64,0x87,0x8a,0xaa,0xf6, 0x37,0x9a,0x95,0xe7,0x63,0x57,0xe6,0xd5,0xfd,0xd4,0x7e,0x07,0x3a,0x0f,0xfe, }, .reseed_ctr = 3, }, .prnd = (unsigned char []){ 0xbc,0x5d,0x8d,0x11,0xbe,0x22,0x67,0x9e,0x33,0xf4,0x03,0x74,0x17,0x57,0x16,0xe6, 0x7c,0x8b,0x5f,0xe6,0x81,0x9a,0xc5,0x3a,0x9b,0x20,0x8d,0xc0,0x58,0x17,0x04,0x31, 0xff,0xc2,0x9e,0xbd,0x1a,0x81,0x51,0xca,0xa3,0xe9,0x15,0x6d,0x4c,0x7e,0x89,0xe3, 0x9c,0x12,0x4f,0x71,0x94,0x09,0x51,0x02,0xe8,0x69,0x31,0x06,0x74,0x47,0x1a,0x7f, 0x1d,0xad,0x4e,0x58,0xf4,0x78,0x6e,0x96,0xb7,0xaa,0x1a,0xd7,0xa5,0x11,0x59,0x23, 0xba,0x01,0xd4,0xe7,0xa6,0x0a,0x8f,0x11,0xee,0x9c,0x47,0x26,0x6c,0x0f,0x1a,0xe4, 0x34,0x16,0x8b,0x7b,0x1f,0xb6,0x1e,0xc0,0xfc,0x29,0x2c,0x6c,0x2d,0x3a,0x87,0x78, 0xdc,0x7b,0x88,0x16,0x42,0xfb,0x8a,0x3e,0x9f,0xa5,0xff,0x37,0x20,0xf7,0x00,0xff, 0x89,0x00,0x1d,0x21,0xe9,0x7c,0x61,0xc2,0x46,0xdd,0x4f,0x87,0xbd,0x8a,0x64,0xfb, 0xcb,0x92,0x01,0x4d,0x52,0xf6,0xe6,0x41,0x83,0xbd,0xca,0x84,0xec,0x25,0xed,0x35, 0x24,0xb9,0xab,0xc8,0x6d,0xf2,0xbc,0x4d,0xff,0x2b,0x76,0x29,0x98,0x55,0xde,0x61, 0xb7,0xda,0x7e,0xde,0xc0,0x27,0x89,0x3a,0xb4,0xed,0xd0,0xd6,0xea,0x63,0x48,0xe7, 0x61,0x0e,0x6d,0x94,0x0a,0xf4,0x22,0x54,0x63,0x88,0x68,0x59,0xea,0x4f,0x5c,0x53, 0xfe,0xa2,0xc3,0x98,0xac,0x2f,0xe7,0x4a,0x9b,0x31,0x8b,0x11,0x5d,0xd4,0x6b,0xbe, 0xc6,0x88,0x4f,0x07,0x78,0x35,0xaa,0x95,0x15,0x0e,0xf0,0xb3,0xed,0x34,0xd6,0xd5, 0xb1,0x44,0xff,0x1c,0x1e,0x23,0x88,0x48,0x3d,0x9b,0x5f,0xca,0x8a,0x2c,0x5b,0xf3, }, }, { .no_reseed = false, .pr = false, .entropy_len = 256 / 8, .nonce_len = 128 / 8, .pers_len = 256 / 8, .add_len = 256 / 8, .prnd_len = 2048 / 8, .inst = { .entropy = (unsigned char []){ 0x2c,0x48,0x2c,0xd3,0x92,0xd9,0xb8,0x67,0x7f,0xf3,0x19,0xa7,0xad,0x53,0x9c,0xbd, 0x8a,0x24,0xeb,0xdc,0x2b,0x8d,0xbc,0xeb,0xbc,0x1d,0x1d,0x0d,0x0b,0xcb,0x69,0x8a, }, .nonce = (unsigned char []){ 0x27,0xcb,0x9f,0xff,0xcc,0xdd,0x7a,0x3b,0x28,0x56,0xfe,0xdd,0x68,0x17,0xf1,0xaa, }, .pers = (unsigned char []){ 0xbe,0x95,0x71,0x17,0x54,0xbe,0xb1,0xb2,0x5a,0x46,0xd5,0x04,0xd1,0x9b,0xbf,0x44, 0x23,0x2c,0x39,0x53,0x32,0x33,0xf6,0xea,0x84,0x14,0x0c,0xa1,0xd4,0x70,0xfb,0x10, }, .v = (unsigned char []){ 0x36,0xf3,0xe7,0x49,0x11,0x77,0xc5,0xb9,0x1e,0xf4,0xbd,0x81,0x38,0x1b,0xec,0xc9, 0xfe,0x82,0x64,0x72,0x17,0x75,0x3b,0xf1,0xdf,0xc5,0x2d,0x3d,0x8c,0x56,0x38,0x30, 0xf3,0xa5,0x98,0xd7,0xe3,0x0d,0x6d,0xd8,0xf6,0x3e,0x37,0x07,0xb2,0x59,0xa9,0x8d, 0xb5,0x87,0x76,0x79,0x4d,0x32,0xaf,0x6a,0x55,0x5b,0x57,0x72,0x11,0x4d,0xa6,0x22, 0xf3,0xd2,0xa1,0x9d,0xf2,0x49,0xfc,0x88,0xbf,0x8f,0xaf,0x67,0x95,0xed,0x72,0xc5, 0x20,0x26,0xfe,0x22,0x84,0xd6,0x0d,0x91,0x69,0x43,0x12,0xd9,0x89,0xf3,0x16,0xd9, 0xc6,0xe8,0x1b,0xf1,0x91,0x6a,0x00,0x8d,0xcf,0x5f,0x6b,0xe4,0x9b,0x87,0xe3, }, .c = (unsigned char []){ 0xb4,0x92,0x33,0x33,0x00,0x5a,0xb7,0x14,0x0e,0xc1,0x08,0xc1,0x20,0xa9,0x77,0x17, 0x47,0x23,0x57,0xc2,0x56,0x08,0x85,0x33,0xae,0xed,0x55,0x84,0x41,0x17,0xda,0x6c, 0x28,0xd1,0x11,0xd7,0x05,0x1c,0x5f,0x6b,0xda,0xee,0xe0,0x73,0x10,0x15,0x10,0xdb, 0x95,0x14,0xbb,0xb8,0xb0,0xb4,0x36,0x23,0xc2,0xb3,0x7f,0x2f,0x1d,0x3f,0x20,0xa9, 0xc9,0x2e,0xdb,0x2e,0x7b,0xc1,0x86,0x9e,0x43,0xc9,0x14,0xc1,0x0c,0x32,0xc1,0xbf, 0x81,0xbd,0xff,0x58,0x4c,0x9b,0x5c,0x47,0x80,0xfb,0xba,0xfa,0xa0,0xca,0x01,0x0a, 0xfb,0x7e,0x8b,0x05,0x2b,0xe8,0x38,0xf5,0x8c,0x04,0x3e,0x0c,0x2b,0x6a,0xd2, }, .reseed_ctr = 1, }, .res = { .entropy = (unsigned char []){ 0x4f,0x39,0xa2,0xb6,0x30,0x9a,0xf3,0x2a,0x1c,0x72,0x1b,0xd2,0xa3,0x1a,0x97,0x81, 0x48,0x07,0x64,0x43,0x03,0xb1,0xd1,0x32,0x23,0x93,0x64,0xa3,0x6d,0x26,0x6f,0x10, }, .add = (unsigned char []){ 0x94,0x7d,0x7b,0x37,0x2c,0x90,0x9e,0xae,0x57,0xba,0xe6,0x4d,0x7a,0x9b,0xbf,0x75, 0x23,0x4f,0x5c,0xb0,0x5c,0x09,0x39,0x27,0x03,0x7f,0x63,0x2d,0xd8,0x56,0x76,0x93, }, .v = (unsigned char []){ 0xe8,0x80,0xaa,0xd5,0x78,0x88,0xbc,0x81,0xbe,0xb6,0xe1,0x6b,0xdc,0xe7,0x5f,0x6d, 0xbd,0xd0,0xad,0xab,0x7e,0xb0,0x4a,0xeb,0x62,0xc4,0xd6,0xa4,0x27,0x4c,0x8e,0xaa, 0xcb,0x9c,0x3a,0x84,0x22,0xa4,0xdf,0x14,0xe6,0x57,0x0a,0x42,0x7b,0x01,0x35,0x61, 0xfd,0xd6,0x04,0x60,0x29,0x84,0xef,0xa4,0xe3,0xc0,0x17,0xb7,0xa5,0x6e,0x13,0x31, 0xe8,0xca,0xe2,0x54,0xe4,0x69,0xd2,0x54,0x38,0x70,0x99,0x94,0xbb,0x8b,0x37,0x07, 0xa5,0x2f,0xed,0xa8,0x6f,0x1b,0x0c,0xbf,0x3b,0x3c,0xa3,0x4a,0x97,0x35,0x7c,0x10, 0x98,0x6d,0x96,0x71,0x4d,0x2e,0xa2,0x66,0x0b,0xc6,0x71,0x30,0xeb,0xf8,0xe6, }, .c = (unsigned char []){ 0xec,0xed,0x12,0x31,0x3f,0x5f,0x03,0xdd,0xd2,0xdc,0x63,0xf0,0x99,0x8e,0xf7,0x23, 0x28,0x39,0xfe,0xd2,0xdd,0x04,0xd4,0x0f,0x43,0xf5,0x1c,0xb1,0x89,0xc5,0x4a,0xa4, 0xa0,0x15,0x24,0x62,0xbb,0x45,0x5e,0x89,0x7f,0xe8,0x15,0x0f,0x32,0x31,0x7d,0x6e, 0xba,0x74,0x84,0xd3,0xb2,0x07,0x89,0xf5,0xd7,0xa7,0x70,0x96,0x80,0xa6,0x90,0xa4, 0x31,0xdf,0x7d,0xe9,0x18,0xc0,0xa5,0x0e,0x8f,0x3f,0x3f,0x1a,0x4c,0xe0,0xdf,0xfa, 0x1e,0x74,0xba,0x70,0x85,0x69,0xde,0x35,0xa0,0xcd,0x52,0xed,0x31,0xd2,0x94,0x29, 0x87,0xd8,0xef,0x52,0xce,0x26,0xa8,0xb2,0x9c,0x0b,0x94,0xa6,0x5a,0xb0,0x65, }, .reseed_ctr = 1, }, .gen1 = { .add = (unsigned char []){ 0x65,0x1f,0x03,0xa8,0x02,0x34,0x34,0xb2,0xaf,0x28,0xa1,0xfa,0xd9,0x4b,0x31,0x91, 0x01,0x52,0xd4,0x9a,0x1b,0xbc,0xea,0xe3,0x2b,0xcc,0xd7,0x4d,0xde,0x60,0xd9,0x2f, }, .v = (unsigned char []){ 0xd5,0x6d,0xbd,0x06,0xb7,0xe7,0xc0,0x5f,0x91,0x93,0x45,0x5c,0x76,0x76,0x56,0x90, 0xe6,0x0a,0xac,0x7e,0x5b,0xb5,0x1e,0xfa,0xa6,0xb9,0xf3,0x55,0xb1,0x11,0xd9,0x4f, 0x6b,0xb1,0x5e,0xe6,0xdd,0xea,0x3d,0x9e,0x66,0x3f,0x1f,0x51,0xad,0x32,0xb3,0xb1, 0x2f,0x75,0xf5,0x94,0xe1,0x94,0xa0,0xeb,0xb8,0xc6,0xbd,0xb9,0x9a,0x42,0x88,0x31, 0x91,0x95,0xdb,0x4c,0xa3,0xe7,0x50,0x5f,0xa3,0x3a,0xb4,0x5f,0xa1,0x17,0x8f,0x51, 0xb9,0x66,0x84,0x0b,0x40,0x4e,0xfe,0x35,0xe0,0xbb,0xb3,0x87,0xe4,0x00,0xe8,0xd7, 0x5b,0x43,0x09,0xef,0x6c,0x3d,0xe2,0x8f,0x80,0x48,0x1e,0x10,0x1c,0xbf,0x3f, }, .c = (unsigned char []){ 0xec,0xed,0x12,0x31,0x3f,0x5f,0x03,0xdd,0xd2,0xdc,0x63,0xf0,0x99,0x8e,0xf7,0x23, 0x28,0x39,0xfe,0xd2,0xdd,0x04,0xd4,0x0f,0x43,0xf5,0x1c,0xb1,0x89,0xc5,0x4a,0xa4, 0xa0,0x15,0x24,0x62,0xbb,0x45,0x5e,0x89,0x7f,0xe8,0x15,0x0f,0x32,0x31,0x7d,0x6e, 0xba,0x74,0x84,0xd3,0xb2,0x07,0x89,0xf5,0xd7,0xa7,0x70,0x96,0x80,0xa6,0x90,0xa4, 0x31,0xdf,0x7d,0xe9,0x18,0xc0,0xa5,0x0e,0x8f,0x3f,0x3f,0x1a,0x4c,0xe0,0xdf,0xfa, 0x1e,0x74,0xba,0x70,0x85,0x69,0xde,0x35,0xa0,0xcd,0x52,0xed,0x31,0xd2,0x94,0x29, 0x87,0xd8,0xef,0x52,0xce,0x26,0xa8,0xb2,0x9c,0x0b,0x94,0xa6,0x5a,0xb0,0x65, }, .reseed_ctr = 2, }, .gen2 = { .add = (unsigned char []){ 0x93,0x4a,0x97,0xd6,0xee,0x46,0x85,0x25,0x0a,0xc5,0xe5,0x11,0x59,0xe5,0xbc,0xbc, 0x48,0xa6,0xf9,0x2c,0x7c,0xe7,0xbf,0xd1,0xc6,0x1d,0x0e,0x7b,0x0a,0x0e,0x7f,0x61, }, .v = (unsigned char []){ 0xc2,0x5a,0xcf,0x37,0xf7,0x46,0xc4,0x3d,0x64,0x6f,0xa9,0x4d,0x10,0x05,0x4d,0xb4, 0x0e,0x44,0xab,0x51,0x38,0xb9,0xf3,0x09,0xea,0xaf,0x10,0x07,0x3a,0xd7,0x23,0xf4, 0x0b,0xc6,0x83,0x49,0x99,0x2f,0x9c,0x27,0xe6,0x27,0x34,0x60,0xdf,0x64,0x31,0xa9, 0xff,0xd8,0x0c,0x15,0xed,0x67,0x40,0xd8,0x72,0xc4,0x64,0x68,0x24,0xee,0x9e,0x36, 0x2d,0x7a,0xce,0x7c,0xf6,0x5d,0x37,0x31,0x8c,0x2d,0x48,0x30,0x19,0x62,0x78,0x04, 0x4a,0xd9,0x8b,0x6e,0x0d,0x87,0x99,0xa0,0x55,0x37,0x4d,0x71,0x19,0x34,0xe5,0xbd, 0xa4,0x51,0xc0,0x82,0x4d,0x51,0xf3,0x83,0x8f,0xf1,0xf7,0x99,0x0e,0xef,0x1a, }, .c = (unsigned char []){ 0xec,0xed,0x12,0x31,0x3f,0x5f,0x03,0xdd,0xd2,0xdc,0x63,0xf0,0x99,0x8e,0xf7,0x23, 0x28,0x39,0xfe,0xd2,0xdd,0x04,0xd4,0x0f,0x43,0xf5,0x1c,0xb1,0x89,0xc5,0x4a,0xa4, 0xa0,0x15,0x24,0x62,0xbb,0x45,0x5e,0x89,0x7f,0xe8,0x15,0x0f,0x32,0x31,0x7d,0x6e, 0xba,0x74,0x84,0xd3,0xb2,0x07,0x89,0xf5,0xd7,0xa7,0x70,0x96,0x80,0xa6,0x90,0xa4, 0x31,0xdf,0x7d,0xe9,0x18,0xc0,0xa5,0x0e,0x8f,0x3f,0x3f,0x1a,0x4c,0xe0,0xdf,0xfa, 0x1e,0x74,0xba,0x70,0x85,0x69,0xde,0x35,0xa0,0xcd,0x52,0xed,0x31,0xd2,0x94,0x29, 0x87,0xd8,0xef,0x52,0xce,0x26,0xa8,0xb2,0x9c,0x0b,0x94,0xa6,0x5a,0xb0,0x65, }, .reseed_ctr = 3, }, .prnd = (unsigned char []){ 0x77,0xce,0x58,0xaf,0x82,0x2a,0x11,0xf1,0xd6,0xdf,0xb2,0xbe,0x24,0x6a,0xa6,0x54, 0x9e,0x4c,0x08,0x9e,0x15,0x32,0xae,0xba,0x3e,0x6f,0x13,0xd1,0x96,0x35,0x93,0x0f, 0x70,0x24,0xf9,0x43,0x99,0xba,0x6c,0x84,0xdf,0xa3,0xcd,0x9c,0x78,0x06,0xd7,0xb7, 0x69,0xc0,0x96,0xd3,0x34,0x15,0xa5,0x6b,0xe1,0x09,0x66,0x18,0xd5,0xbd,0x80,0xd7, 0xd6,0x49,0x95,0x0e,0xbc,0xfe,0x74,0x18,0xe9,0xf2,0x33,0xac,0xdb,0xb7,0xc2,0xed, 0x36,0x81,0xf5,0xdc,0xd0,0x7e,0x74,0x1e,0xec,0xd2,0xa4,0x67,0x5a,0xc8,0xdb,0x7b, 0xec,0xd2,0xeb,0x77,0xf1,0x64,0xcf,0x5c,0x76,0x72,0xa6,0xe9,0xe6,0x19,0x25,0x4c, 0x5f,0x23,0x1c,0x85,0x34,0x4c,0x34,0x61,0xfa,0xdb,0x5f,0x19,0x17,0x06,0xda,0xe9, 0xfc,0x2c,0xb5,0xd6,0x1c,0x8b,0x36,0xb3,0xe1,0xaf,0x3e,0x82,0xce,0xf8,0xe2,0xa9, 0xca,0x76,0xfa,0xfb,0xaf,0x4d,0x4b,0xf9,0xe0,0xf9,0xb0,0xcd,0x59,0x07,0xd4,0x06, 0x9e,0x0e,0xf4,0xe1,0xf1,0x1a,0x25,0x99,0x63,0xc9,0xd8,0x28,0x2f,0x36,0xb2,0x7b, 0x75,0x68,0x39,0x58,0xa1,0x65,0x07,0x3e,0x69,0x2d,0xd9,0x82,0x08,0xd6,0xdc,0x17, 0xa7,0x91,0xfd,0x9c,0x3d,0xd5,0x45,0x54,0xca,0x6b,0x65,0x67,0x50,0xb7,0x7b,0x19, 0x61,0xc9,0x17,0xf4,0x86,0xba,0x3d,0xcf,0xfe,0x78,0xde,0x2b,0x34,0x6c,0xd3,0x8b, 0x4d,0xe2,0x34,0xaf,0x1a,0x35,0x66,0xcc,0xb8,0x6b,0x76,0x14,0xe9,0x9d,0x96,0x62, 0x4a,0xb3,0x91,0x95,0x23,0xdf,0xe9,0x38,0x1d,0xd5,0x7d,0x4d,0x00,0xf0,0x0b,0x6d, }, }, }; #ifdef ICA_FIPS const size_t AES_ECB_TV_LEN = sizeof(AES_ECB_TV) / sizeof(AES_ECB_TV[0]); const size_t AES_CBC_TV_LEN = sizeof(AES_CBC_TV) / sizeof(AES_CBC_TV[0]); const size_t AES_CBC_CS_TV_LEN = sizeof(AES_CBC_CS_TV) / sizeof(AES_CBC_CS_TV[0]); const size_t AES_CFB_TV_LEN = sizeof(AES_CFB_TV) / sizeof(AES_CFB_TV[0]); const size_t AES_OFB_TV_LEN = sizeof(AES_OFB_TV) / sizeof(AES_OFB_TV[0]); const size_t AES_CTR_TV_LEN = sizeof(AES_CTR_TV) / sizeof(AES_CTR_TV[0]); const size_t AES_CCM_TV_LEN = sizeof(AES_CCM_TV) / sizeof(AES_CCM_TV[0]); const size_t AES_GCM_TV_LEN = sizeof(AES_GCM_TV) / sizeof(AES_GCM_TV[0]); const size_t AES_XTS_TV_LEN = sizeof(AES_XTS_TV) / sizeof(AES_XTS_TV[0]); const size_t AES_CMAC_TV_LEN = sizeof(AES_CMAC_TV) / sizeof(AES_CMAC_TV[0]); const size_t DES3_ECB_TV_LEN = sizeof(DES3_ECB_TV) / sizeof(DES3_ECB_TV[0]); const size_t DES3_CBC_TV_LEN = sizeof(DES3_CBC_TV) / sizeof(DES3_CBC_TV[0]); const size_t DES3_CBC_CS_TV_LEN = sizeof(DES3_CBC_CS_TV) / sizeof(DES3_CBC_CS_TV[0]); const size_t DES3_CFB_TV_LEN = sizeof(DES3_CFB_TV) / sizeof(DES3_CFB_TV[0]); const size_t DES3_OFB_TV_LEN = sizeof(DES3_OFB_TV) / sizeof(DES3_OFB_TV[0]); const size_t DES3_CTR_TV_LEN = sizeof(DES3_CTR_TV) / sizeof(DES3_CTR_TV[0]); const size_t DES3_CMAC_TV_LEN = sizeof(DES3_CMAC_TV) / sizeof(DES3_CMAC_TV[0]); const size_t RSA_TV_LEN = sizeof(RSA_TV) / sizeof(RSA_TV[0]); const size_t SHA1_TV_LEN = sizeof(SHA1_TV) / sizeof(SHA1_TV[0]); const size_t SHA224_TV_LEN = sizeof(SHA224_TV) / sizeof(SHA224_TV[0]); const size_t SHA256_TV_LEN = sizeof(SHA256_TV) / sizeof(SHA256_TV[0]); const size_t SHA384_TV_LEN = sizeof(SHA384_TV) / sizeof(SHA384_TV[0]); const size_t SHA512_TV_LEN = sizeof(SHA512_TV) / sizeof(SHA512_TV[0]); const size_t SHA3_224_TV_LEN = sizeof(SHA3_224_TV) / sizeof(SHA3_224_TV[0]); const size_t SHA3_256_TV_LEN = sizeof(SHA3_256_TV) / sizeof(SHA3_256_TV[0]); const size_t SHA3_384_TV_LEN = sizeof(SHA3_384_TV) / sizeof(SHA3_384_TV[0]); const size_t SHA3_512_TV_LEN = sizeof(SHA3_512_TV) / sizeof(SHA3_512_TV[0]); #endif /* ICA_FIPS */ #ifdef ICA_INTERNAL_TEST_EC const size_t ECDSA_TV_LEN = sizeof(ECDSA_TV) / sizeof(ECDSA_TV[0]); const size_t SCALAR_MUL_TV_LEN = sizeof(SCALAR_MUL_TV) / sizeof(SCALAR_MUL_TV[0]); const size_t SCALAR_MULX_TV_LEN = sizeof(SCALAR_MULX_TV) / sizeof(SCALAR_MULX_TV[0]); const size_t SCALAR_MULX_IT_TV_LEN = sizeof(SCALAR_MULX_IT_TV) / sizeof(SCALAR_MULX_IT_TV[0]); const size_t SCALAR_MULX_KEX_TV_LEN = sizeof(SCALAR_MULX_KEX_TV) / sizeof(SCALAR_MULX_KEX_TV[0]); #endif /* ICA_INTERNAL_TEST_EC */ const size_t DRBG_SHA512_TV_LEN = sizeof(DRBG_SHA512_TV) / sizeof(DRBG_SHA512_TV[0]); #ifdef ICA_INTERNAL_TEST_EC const unsigned char *deterministic_rng_output; void deterministic_rng(unsigned char *buf, size_t buflen) { memcpy(buf, deterministic_rng_output, buflen); } #endif libica-4.0.1/test/000077500000000000000000000000001417716165400137325ustar00rootroot00000000000000libica-4.0.1/test/Makefile.am000066400000000000000000000050501417716165400157660ustar00rootroot00000000000000TESTS = \ fips_test \ icastats_test.sh \ get_functionlist_test \ get_functionlist_cex_test \ get_version_test \ rng_test \ drbg_test \ drbg_birthdays_test.pl \ des_ecb_test \ des_cbc_test \ des_ctr_test \ des_cfb_test \ des_ofb_test \ tdes_ecb_test \ tdes_cbc_test \ tdes_ctr_test \ tdes_cfb_test \ tdes_ofb_test \ aes_ecb_test \ aes_cbc_test \ aes_ctr_test \ aes_cfb_test \ aes_ofb_test \ aes_xts_test \ aes_gcm_test \ aes_gcm_kma_test \ cbccs_test \ ccm_test \ cmac_test \ sha2_test.sh \ sha3_test.sh \ sha1_test \ sha256_test \ sha3_224_test \ sha3_256_test \ sha3_384_test \ sha3_512_test \ shake_128_test \ shake_256_test \ rsa_keygen1024_test.sh \ rsa_keygen2048_test.sh \ rsa_keygen3072_test.sh \ rsa_keygen4096_test.sh \ rsa_key_check_test \ rsa_test \ ec_keygen1_test.sh \ ecdh1_test.sh \ ecdsa1_test.sh \ ec_keygen2_test.sh \ ecdh2_test.sh \ ecdsa2_test.sh \ eddsa_test \ x_test \ mp_test if ICA_INTERNAL_TESTS TESTS += \ ${top_builddir}/src/internal_tests/ec_internal_test endif TEST_EXTENSIONS = .sh .pl TESTS_ENVIRONMENT = export LD_LIBRARY_PATH=${builddir}/../src/.libs/ \ PATH=${builddir}/../src/:$$PATH \ LIBICA_TESTDATA=${srcdir}/testdata/; AM_CFLAGS = @FLAGS@ -DNO_SW_FALLBACKS -I${srcdir}/../include/ -I${srcdir}/../src/include/ LDADD = @LIBS@ ${top_builddir}/src/.libs/libica.so -lcrypto -lpthread get_functionlist_cex_test_SOURCES = get_functionlist_cex_test.c get_functionlist_cex_test_LDADD = @LIBS@ ${top_builddir}/src/.libs/libica-cex.so -lcrypto -lpthread check_PROGRAMS = fips_test icastats_test get_functionlist_test \ get_version_test rng_test drbg_test drbg_birthdays_test \ des_ecb_test des_cbc_test des_ctr_test des_cfb_test des_ofb_test \ tdes_ecb_test tdes_cbc_test tdes_ctr_test tdes_cfb_test \ tdes_ofb_test aes_ecb_test \ aes_cbc_test aes_ctr_test aes_cfb_test aes_ofb_test aes_xts_test \ aes_gcm_test aes_gcm_kma_test cbccs_test ccm_test cmac_test sha_test \ sha1_test sha256_test sha3_224_test sha3_256_test sha3_384_test \ sha3_512_test shake_128_test shake_256_test rsa_keygen_test \ rsa_key_check_test rsa_test ec_keygen_test ecdh_test ecdsa_test mp_test \ eddsa_test x_test get_functionlist_cex_test EXTRA_DIST = testdata testcase.h rsa_test.h aes_gcm_test.h ecdsa1_test.sh \ sha2_test.sh ecdh1_test.sh ecdsa2_test.sh ecdh2_test.sh \ drbg_birthdays_test.pl sha3_test.sh ec_keygen1_test.sh ec_keygen2_test.sh \ rsa_keygen2048_test.sh rsa_keygen1024_test.sh rsa_keygen4096_test.sh \ rsa_keygen3072_test.sh rsa_keygen_test.sh icastats_test.c: icastats_test.c.in @SED@ -e s!\@builddir\@!"@abs_top_builddir@/src/"!g < $< > $@-t mv $@-t $@ libica-4.0.1/test/aes_cbc_test.c000066400000000000000000000434371417716165400165270ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 7 #define NR_RANDOM_TESTS 10000 /* CBC data - 1 for AES128 */ unsigned char NIST_KEY_CBC_E1[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CBC_E1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CBC_E1[] = { 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d, }; unsigned char NIST_TEST_DATA_CBC_E1[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CBC_E1[] = { 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d, }; /* CBC data - 2 for AES128 */ unsigned char NIST_KEY_CBC_E2[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CBC_E2[] = { 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d, }; unsigned char NIST_EXPECTED_IV_CBC_E2[] = { 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2, }; unsigned char NIST_TEST_DATA_CBC_E2[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_CBC_E2[] = { 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2, }; /* CBC data - 3 - for AES128 */ unsigned char NIST_KEY_CBC_E3[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CBC_E3[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CBC_E3[] = { 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09, 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7, }; unsigned char NIST_TEST_DATA_CBC_E3[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_CBC_E3[] = { 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d, 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2, 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b, 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16, 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09, 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7, }; /* CBC data - 4 - for AES192 */ unsigned char NIST_KEY_CBC_E4[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_CBC_E4[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CBC_E4[] = { 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d, 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8, }; unsigned char NIST_TEST_DATA_CBC_E4[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CBC_E4[] = { 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d, 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8, }; /* CBC data 5 - for AES 192 */ unsigned char NIST_KEY_CBC_E5[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_CBC_E5[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CBC_E5[] = { 0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81, 0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd, }; unsigned char NIST_TEST_DATA_CBC_E5[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_CBC_E5[] = { 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d, 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8, 0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4, 0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a, 0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0, 0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0, 0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81, 0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd, }; /* CBC data 6 - for AES 256 */ unsigned char NIST_KEY_CBC_E6[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CBC_E6[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CBC_E6[] = { 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6, }; unsigned char NIST_TEST_DATA_CBC_E6[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CBC_E6[] = { 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6, }; /* CBC data 7 - for AES 256 */ unsigned char NIST_KEY_CBC_E7[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CBC_E7[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CBC_E7[] = { 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc, 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b, }; unsigned char NIST_TEST_DATA_CBC_E7[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_CBC_E7[] = { 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6, 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d, 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d, 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf, 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61, 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc, 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b, }; void dump_cbc_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *iv_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_CBC_E1); *iv_length = sizeof(NIST_IV_CBC_E1); *key_length = sizeof(NIST_KEY_CBC_E1); break; case 2: *data_length = sizeof(NIST_TEST_DATA_CBC_E2); *iv_length = sizeof(NIST_IV_CBC_E2); *key_length = sizeof(NIST_KEY_CBC_E2); break; case 3: *data_length = sizeof(NIST_TEST_DATA_CBC_E3); *iv_length = sizeof(NIST_IV_CBC_E3); *key_length = sizeof(NIST_KEY_CBC_E3); break; case 4: *data_length = sizeof(NIST_TEST_DATA_CBC_E4); *iv_length = sizeof(NIST_IV_CBC_E4); *key_length = sizeof(NIST_KEY_CBC_E4); break; case 5: *data_length = sizeof(NIST_TEST_DATA_CBC_E5); *iv_length = sizeof(NIST_IV_CBC_E5); *key_length = sizeof(NIST_KEY_CBC_E5); break; case 6: *data_length = sizeof(NIST_TEST_DATA_CBC_E6); *iv_length = sizeof(NIST_IV_CBC_E6); *key_length = sizeof(NIST_KEY_CBC_E6); break; case 7: *data_length = sizeof(NIST_TEST_DATA_CBC_E7); *iv_length = sizeof(NIST_IV_CBC_E7); *key_length = sizeof(NIST_KEY_CBC_E7); break; default: *data_length = 0; *iv_length = 0; *key_length = 0; break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *iv, unsigned char *expected_iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_CBC_E1, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E1, data_length); memcpy(iv, NIST_IV_CBC_E1, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E1, iv_length); memcpy(key, NIST_KEY_CBC_E1, key_length); break; case 2: memcpy(data, NIST_TEST_DATA_CBC_E2, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E2, data_length); memcpy(iv, NIST_IV_CBC_E2, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E2, iv_length); memcpy(key, NIST_KEY_CBC_E2, key_length); break; case 3: memcpy(data, NIST_TEST_DATA_CBC_E3, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E3, data_length); memcpy(iv, NIST_IV_CBC_E3, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E3, iv_length); memcpy(key, NIST_KEY_CBC_E3, key_length); break; case 4: memcpy(data, NIST_TEST_DATA_CBC_E4, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E4, data_length); memcpy(iv, NIST_IV_CBC_E4, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E4, iv_length); memcpy(key, NIST_KEY_CBC_E4, key_length); break; case 5: memcpy(data, NIST_TEST_DATA_CBC_E5, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E5, data_length); memcpy(iv, NIST_IV_CBC_E5, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E5, iv_length); memcpy(key, NIST_KEY_CBC_E5, key_length); break; case 6: memcpy(data, NIST_TEST_DATA_CBC_E6, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E6, data_length); memcpy(iv, NIST_IV_CBC_E6, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E6, iv_length); memcpy(key, NIST_KEY_CBC_E6, key_length); break; case 7: memcpy(data, NIST_TEST_DATA_CBC_E7, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E7, data_length); memcpy(iv, NIST_IV_CBC_E7, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E7, iv_length); memcpy(key, NIST_KEY_CBC_E7, key_length); break; } } int kat_aes_cbc(int iteration) { unsigned int data_length; unsigned int iv_length; unsigned int key_length; get_sizes(&data_length, &iv_length, &key_length, iteration); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char expected_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); load_test_data(input_data, data_length, result, iv, expected_iv, iv_length, key, key_length, iteration); memcpy(tmp_iv, iv, iv_length); rc = ica_aes_cbc(input_data, encrypt, data_length, key, key_length, tmp_iv, 1); if (rc) { VV_(printf("ica_aes_cbc encrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(expected_iv, tmp_iv, iv_length)) { VV_(printf("Update of IV does not match the expected IV!\n")); VV_(printf("Expected IV:\n")); dump_array(expected_iv, iv_length); VV_(printf("Updated IV:\n")); dump_array(tmp_iv, iv_length); VV_(printf("Original IV:\n")); dump_array(iv, iv_length); rc++; } if (rc) { VV_(printf("AES CBC test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_cbc(encrypt, decrypt, data_length, key, key_length, tmp_iv, 0); if (rc) { VV_(printf("ica_aes_cbc decrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_aes_cbc(int iteration, unsigned int data_length) { int i; int rc = 0; unsigned int iv_length = sizeof(ica_aes_vector_t); unsigned int key_length = AES_KEY_LEN128; unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; for (i = 1; i <= 2; i++) { unsigned char key[key_length]; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_aes_cbc(input_data, encrypt, data_length, key, key_length, tmp_iv, 1); if (rc) { VV_(printf("ica_aes_cbc encrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); VV_(printf("Encrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); VV_(printf("AES CBC test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_cbc(encrypt, decrypt, data_length, key, key_length, tmp_iv, 0); if (rc) { VV_(printf("ica_aes_cbc decrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; return TEST_FAIL; } key_length += 8; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-CBC test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int data_length = sizeof(ica_aes_vector_t); set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_aes_cbc(iteration); if (rc) { V_(printf("kat_aes_cbc failed with rc = %i\n", rc)); error_count++; } else { V_(printf("kat_aes_cbc finished.n")); } } for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_aes_cbc(iteration, data_length); if (rc) { V_(printf("random_aes_cbc failed with rc = %i\n", rc)); error_count++; goto out; } else { V_(printf("random_aes_cbc finished.n")); } data_length += sizeof(ica_aes_vector_t); } out: if (error_count) { printf("%i AES-CBC tests failed.\n", error_count); return TEST_FAIL; } printf("All AES-CBC tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/aes_cfb_test.c000066400000000000000000000551211417716165400165230ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 12 #define NR_RANDOM_TESTS 1000 /* CFB128 data -1- AES128 */ unsigned char NIST_KEY_CFB_E1[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CFB_E1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CFB_E1[] = { 0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20, 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a, }; unsigned char NIST_TEST_DATA_CFB_E1[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CFB_E1[] = { 0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20, 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a, }; unsigned int NIST_LCFB_E1 = 128 / 8; /* CFB128 data -2- AES128 */ unsigned char NIST_KEY_CFB_E2[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CFB_E2[] = { 0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20, 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a, }; unsigned char NIST_EXPECTED_IV_CFB_E2[] = { 0xc8, 0xa6, 0x45, 0x37, 0xa0, 0xb3, 0xa9, 0x3f, 0xcd, 0xe3, 0xcd, 0xad, 0x9f, 0x1c, 0xe5, 0x8b, }; unsigned char NIST_TEST_DATA_CFB_E2[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_CFB_E2[] = { 0xc8, 0xa6, 0x45, 0x37, 0xa0, 0xb3, 0xa9, 0x3f, 0xcd, 0xe3, 0xcd, 0xad, 0x9f, 0x1c, 0xe5, 0x8b, }; unsigned int NIST_LCFB_E2 = 128 / 8; /* CFB8 data -3- AES128 */ unsigned char NIST_KEY_CFB_E3[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CFB_E3[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CFB_E3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x3b, }; unsigned char NIST_TEST_DATA_CFB_E3[] = { 0x6b, }; unsigned char NIST_TEST_RESULT_CFB_E3[] = { 0x3b, }; unsigned int NIST_LCFB_E3 = 8 / 8; /* CFB8 data -4- AES128 */ unsigned char NIST_KEY_CFB_E4[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CFB_E4[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x3b, }; unsigned char NIST_EXPECTED_IV_CFB_E4[] = { 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x3b, 0x79, }; unsigned char NIST_TEST_DATA_CFB_E4[] = { 0xc1, }; unsigned char NIST_TEST_RESULT_CFB_E4[] = { 0x79, }; unsigned int NIST_LCFB_E4 = 8 / 8; /* CFB 128 data -5- for AES192 */ unsigned char NIST_KEY_CFB_E5[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_CFB_E5[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CFB_E5[] = { 0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74, }; unsigned char NIST_TEST_DATA_CFB_E5[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CFB_E5[] = { 0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74, }; unsigned int NIST_LCFB_E5 = 128 / 8; /* CFB 128 data -6- for AES192 */ unsigned char NIST_KEY_CFB_E6[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_CFB_E6[] = { 0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74, }; unsigned char NIST_EXPECTED_IV_CFB_E6[] = { 0x67, 0xce, 0x7f, 0x7f, 0x81, 0x17, 0x36, 0x21, 0x96, 0x1a, 0x2b, 0x70, 0x17, 0x1d, 0x3d, 0x7a, }; unsigned char NIST_TEST_DATA_CFB_E6[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_CFB_E6[] = { 0x67, 0xce, 0x7f, 0x7f, 0x81, 0x17, 0x36, 0x21, 0x96, 0x1a, 0x2b, 0x70, 0x17, 0x1d, 0x3d, 0x7a, }; unsigned int NIST_LCFB_E6 = 128 / 8; /* CFB 128 data -7- for AES192 */ unsigned char NIST_KEY_CFB_E7[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_CFB_E7[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CFB_E7[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xcd, }; unsigned char NIST_TEST_DATA_CFB_E7[] = { 0x6b, }; unsigned char NIST_TEST_RESULT_CFB_E7[] = { 0xcd, }; unsigned int NIST_LCFB_E7 = 8 / 8; /* CFB 128 data -8- for AES192 */ unsigned char NIST_KEY_CFB_E8[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_CFB_E8[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xcd, }; unsigned char NIST_EXPECTED_IV_CFB_E8[] = { 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xcd, 0xa2, }; unsigned char NIST_TEST_DATA_CFB_E8[] = { 0xc1, }; unsigned char NIST_TEST_RESULT_CFB_E8[] = { 0xa2, }; unsigned int NIST_LCFB_E8 = 8 / 8; /* CFB128 data -9- for AES256 */ unsigned char NIST_KEY_CFB_E9[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CFB_E9[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CFB_E9[] = { 0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60, }; unsigned char NIST_TEST_DATA_CFB_E9[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CFB_E9[] = { 0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60, }; unsigned int NIST_LCFB_E9 = 128 / 8; /* CFB128 data -10- for AES256 */ unsigned char NIST_KEY_CFB_E10[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CFB_E10[] = { 0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60, }; unsigned char NIST_EXPECTED_IV_CFB_E10[] = { 0x39, 0xff, 0xed, 0x14, 0x3b, 0x28, 0xb1, 0xc8, 0x32, 0x11, 0x3c, 0x63, 0x31, 0xe5, 0x40, 0x7b, }; unsigned char NIST_TEST_DATA_CFB_E10[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_CFB_E10[] = { 0x39, 0xff, 0xed, 0x14, 0x3b, 0x28, 0xb1, 0xc8, 0x32, 0x11, 0x3c, 0x63, 0x31, 0xe5, 0x40, 0x7b, }; unsigned int NIST_LCFB_E10 = 128 / 8; /* CFB8 data -11- for AES256 */ unsigned char NIST_KEY_CFB_E11[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CFB_E11[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_CFB_E11[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xdc, }; unsigned char NIST_TEST_DATA_CFB_E11[] = { 0x6b, }; unsigned char NIST_TEST_RESULT_CFB_E11[] = { 0xdc, }; unsigned int NIST_LCFB_E11 = 8 / 8; /* CFB8 data -12- for AES256 */ unsigned char NIST_KEY_CFB_E12[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CFB_E12[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xdc, }; unsigned char NIST_EXPECTED_IV_CFB_E12[] = { 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xdc, 0x1f, }; unsigned char NIST_TEST_DATA_CFB_E12[] = { 0xc1, }; unsigned char NIST_TEST_RESULT_CFB_E12[] = { 0x1f, }; unsigned int NIST_LCFB_E12 = 8 / 8; void dump_cfb_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *iv_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_CFB_E1); *iv_length = sizeof(NIST_IV_CFB_E1); *key_length = sizeof(NIST_KEY_CFB_E1); break; case 2: *data_length = sizeof(NIST_TEST_DATA_CFB_E2); *iv_length = sizeof(NIST_IV_CFB_E2); *key_length = sizeof(NIST_KEY_CFB_E2); break; case 3: *data_length = sizeof(NIST_TEST_DATA_CFB_E3); *iv_length = sizeof(NIST_IV_CFB_E3); *key_length = sizeof(NIST_KEY_CFB_E3); break; case 4: *data_length = sizeof(NIST_TEST_DATA_CFB_E4); *iv_length = sizeof(NIST_IV_CFB_E4); *key_length = sizeof(NIST_KEY_CFB_E4); break; case 5: *data_length = sizeof(NIST_TEST_DATA_CFB_E5); *iv_length = sizeof(NIST_IV_CFB_E5); *key_length = sizeof(NIST_KEY_CFB_E5); break; case 6: *data_length = sizeof(NIST_TEST_DATA_CFB_E6); *iv_length = sizeof(NIST_IV_CFB_E6); *key_length = sizeof(NIST_KEY_CFB_E6); break; case 7: *data_length = sizeof(NIST_TEST_DATA_CFB_E7); *iv_length = sizeof(NIST_IV_CFB_E7); *key_length = sizeof(NIST_KEY_CFB_E7); break; case 8: *data_length = sizeof(NIST_TEST_DATA_CFB_E8); *iv_length = sizeof(NIST_IV_CFB_E8); *key_length = sizeof(NIST_KEY_CFB_E8); break; case 9: *data_length = sizeof(NIST_TEST_DATA_CFB_E9); *iv_length = sizeof(NIST_IV_CFB_E9); *key_length = sizeof(NIST_KEY_CFB_E9); break; case 10: *data_length = sizeof(NIST_TEST_DATA_CFB_E10); *iv_length = sizeof(NIST_IV_CFB_E10); *key_length = sizeof(NIST_KEY_CFB_E10); break; case 11: *data_length = sizeof(NIST_TEST_DATA_CFB_E11); *iv_length = sizeof(NIST_IV_CFB_E11); *key_length = sizeof(NIST_KEY_CFB_E11); break; case 12: *data_length = sizeof(NIST_TEST_DATA_CFB_E12); *iv_length = sizeof(NIST_IV_CFB_E12); *key_length = sizeof(NIST_KEY_CFB_E12); break; default: *data_length = 0; *iv_length = 0; *key_length = 0; break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *iv, unsigned char *expected_iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned int *lcfb, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_CFB_E1, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E1, data_length); memcpy(iv, NIST_IV_CFB_E1, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E1, iv_length); memcpy(key, NIST_KEY_CFB_E1, key_length); *lcfb = NIST_LCFB_E1; break; case 2: memcpy(data, NIST_TEST_DATA_CFB_E2, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E2, data_length); memcpy(iv, NIST_IV_CFB_E2, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E2, iv_length); memcpy(key, NIST_KEY_CFB_E2, key_length); *lcfb = NIST_LCFB_E2; break; case 3: memcpy(data, NIST_TEST_DATA_CFB_E3, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E3, data_length); memcpy(iv, NIST_IV_CFB_E3, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E3, iv_length); memcpy(key, NIST_KEY_CFB_E3, key_length); *lcfb = NIST_LCFB_E3; break; case 4: memcpy(data, NIST_TEST_DATA_CFB_E4, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E4, data_length); memcpy(iv, NIST_IV_CFB_E4, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E4, iv_length); memcpy(key, NIST_KEY_CFB_E4, key_length); *lcfb = NIST_LCFB_E4; break; case 5: memcpy(data, NIST_TEST_DATA_CFB_E5, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E5, data_length); memcpy(iv, NIST_IV_CFB_E5, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E5, iv_length); memcpy(key, NIST_KEY_CFB_E5, key_length); *lcfb = NIST_LCFB_E5; break; case 6: memcpy(data, NIST_TEST_DATA_CFB_E6, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E6, data_length); memcpy(iv, NIST_IV_CFB_E6, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E6, iv_length); memcpy(key, NIST_KEY_CFB_E6, key_length); *lcfb = NIST_LCFB_E6; break; case 7: memcpy(data, NIST_TEST_DATA_CFB_E7, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E7, data_length); memcpy(iv, NIST_IV_CFB_E7, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E7, iv_length); memcpy(key, NIST_KEY_CFB_E7, key_length); *lcfb = NIST_LCFB_E7; break; case 8: memcpy(data, NIST_TEST_DATA_CFB_E8, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E8, data_length); memcpy(iv, NIST_IV_CFB_E8, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E8, iv_length); memcpy(key, NIST_KEY_CFB_E8, key_length); *lcfb = NIST_LCFB_E8; break; case 9: memcpy(data, NIST_TEST_DATA_CFB_E9, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E9, data_length); memcpy(iv, NIST_IV_CFB_E9, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E9, iv_length); memcpy(key, NIST_KEY_CFB_E9, key_length); *lcfb = NIST_LCFB_E9; break; case 10: memcpy(data, NIST_TEST_DATA_CFB_E10, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E10, data_length); memcpy(iv, NIST_IV_CFB_E10, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E10, iv_length); memcpy(key, NIST_KEY_CFB_E10, key_length); *lcfb = NIST_LCFB_E10; break; case 11: memcpy(data, NIST_TEST_DATA_CFB_E11, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E11, data_length); memcpy(iv, NIST_IV_CFB_E11, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E11, iv_length); memcpy(key, NIST_KEY_CFB_E11, key_length); *lcfb = NIST_LCFB_E11; break; case 12: memcpy(data, NIST_TEST_DATA_CFB_E12, data_length); memcpy(result, NIST_TEST_RESULT_CFB_E12, data_length); memcpy(iv, NIST_IV_CFB_E12, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CFB_E12, iv_length); memcpy(key, NIST_KEY_CFB_E12, key_length); *lcfb = NIST_LCFB_E12; break; } } int kat_aes_cfb(int iteration) { unsigned int data_length; unsigned int iv_length; unsigned int key_length; get_sizes(&data_length, &iv_length, &key_length, iteration); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char expected_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; unsigned int lcfb; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_test_data(input_data, data_length, result, iv, expected_iv, iv_length, key, key_length, &lcfb, iteration); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i," " lcfb = %i\n", key_length, data_length, iv_length, lcfb)); if (iteration == 3) rc = ica_aes_cfb(input_data, encrypt, lcfb, key, key_length, tmp_iv, lcfb, 1); else rc = ica_aes_cfb(input_data, encrypt, data_length, key, key_length, tmp_iv, lcfb, 1); if (rc) { VV_(printf("ica_aes_cfb encrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(expected_iv, tmp_iv, iv_length)) { VV_(printf("Update of IV does not match the expected IV!\n")); VV_(printf("Expected IV:\n")); dump_array(expected_iv, iv_length); VV_(printf("Updated IV:\n")); dump_array(tmp_iv, iv_length); VV_(printf("Original IV:\n")); dump_array(iv, iv_length); rc++; } if (rc) { VV_(printf("AES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); if (iteration == 3) rc = ica_aes_cfb(encrypt, decrypt, lcfb, key, key_length, tmp_iv, lcfb, 0); else rc = ica_aes_cfb(encrypt, decrypt, data_length, key, key_length, tmp_iv, lcfb, 0); if (rc) { VV_(printf("ica_aes_cfb decrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_aes_cfb(int iteration, unsigned int data_length, unsigned int lcfb) { unsigned int iv_length = sizeof(ica_aes_vector_t); unsigned int key_length = AES_KEY_LEN128; unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[AES_KEY_LEN256]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; for (key_length = AES_KEY_LEN128; key_length <= AES_KEY_LEN256; key_length += 8) { memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i," " lcfb = %i\n", key_length, data_length, iv_length, lcfb)); rc = ica_aes_cfb(input_data, encrypt, data_length, key, key_length, tmp_iv, lcfb, 1); if (rc) { VV_(printf("ica_aes_cfb encrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("AES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_cfb(encrypt, decrypt, data_length, key, key_length, tmp_iv, lcfb, 0); if (rc) { VV_(printf("ica_aes_cfb decrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-CFB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else unsigned int data_length = 1; unsigned int lcfb = 1; unsigned int j; unsigned int rdata; int rc = 0; int error_count = 0; int iteration; set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_aes_cfb(iteration); if (rc) { V_(printf("kat_aes_cfb failed with rc = %i\n", rc)); error_count++; } } for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { for (j = 1; j <= 3; j++) { if (!(data_length % lcfb)) { rc = random_aes_cfb(iteration, data_length, lcfb); if (rc) { V_(printf("random_aes_cfb failed with rc = %i\n", rc)); error_count++; } } switch (j) { case 1: lcfb = 1; break; case 2: lcfb = 8; break; case 3: lcfb = 16; break; } } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); return TEST_FAIL; } data_length += (rdata % 8) + 1; } if (error_count) { printf("%i AES-CFB tests failed.\n", error_count); return TEST_FAIL; } printf("All AES-CFB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/aes_ctr_test.c000066400000000000000000000467261417716165400165740ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 7 #define NR_RANDOM_TESTS 1000 /* CTR data - 1 for AES128 */ unsigned char NIST_KEY_CTR_E1[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CTR_E1[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, }; unsigned char NIST_EXPECTED_IV_CTR_E1[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x00, }; unsigned char NIST_TEST_DATA_CTR_E1[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CTR_E1[] = { 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26, 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce, }; /* CTR data - 2 for AES128 */ unsigned char NIST_KEY_CTR_E2[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_CTR_E2[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, }; unsigned char NIST_EXPECTED_IV_CTR_E2[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x03, }; unsigned char NIST_TEST_DATA_CTR_E2[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_CTR_E2[] = { 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26, 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce, 0x98, 0x06, 0xf6, 0x6b, 0x79, 0x70, 0xfd, 0xff, 0x86, 0x17, 0x18, 0x7b, 0xb9, 0xff, 0xfd, 0xff, 0x5a, 0xe4, 0xdf, 0x3e, 0xdb, 0xd5, 0xd3, 0x5e, 0x5b, 0x4f, 0x09, 0x02, 0x0d, 0xb0, 0x3e, 0xab, 0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1, 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee, }; /* CTR data - 3 - for AES192 */ unsigned char NIST_KEY_CTR_E3[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CTR_E3[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, }; unsigned char NIST_EXPECTED_IV_CTR_E3[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x00, }; unsigned char NIST_TEST_DATA_CTR_E3[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_CTR_E3[] = { 0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5, 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28, }; /* CTR data - 4 - for AES192 */ unsigned char NIST_KEY_CTR_E4[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CTR_E4[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x00, }; unsigned char NIST_EXPECTED_IV_CTR_E4[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x01, }; unsigned char NIST_TEST_DATA_CTR_E4[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_CTR_E4[] = { 0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a, 0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5, }; /* CTR data 5 - for AES 256 */ unsigned char NIST_KEY_CTR_E5[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CTR_E5[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, }; unsigned char NIST_EXPECTED_IV_CTR_E5[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x03, }; unsigned char NIST_TEST_DATA_CTR_E5[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_CTR_E5[] = { 0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5, 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28, 0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a, 0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5, 0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c, 0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d, 0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6, 0x13, 0xc2, 0xdd, 0x08, 0x45, 0x79, 0x41, 0xa6, }; /* CTR data 6 - for AES 256. * Data is != BLOCK_SIZE */ unsigned char NIST_KEY_CTR_E6[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CTR_E6[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, }; unsigned char NIST_EXPECTED_IV_CTR_E6[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x03, }; unsigned char NIST_TEST_DATA_CTR_E6[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, }; unsigned char NIST_TEST_RESULT_CTR_E6[] = { 0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5, 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28, 0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a, 0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5, 0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c, 0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d, 0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6, }; /* CTR data 7 - for AES 256 * Counter as big as the data. Therefore the counter * should not be updated. Because it is already pre * computed. */ unsigned char NIST_KEY_CTR_E7[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_CTR_E7[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x00, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x01, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x02, }; unsigned char NIST_EXPECTED_IV_CTR_E7[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x00, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x01, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xff, 0x02, }; unsigned char NIST_TEST_DATA_CTR_E7[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_CTR_E7[] = { 0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5, 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28, 0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a, 0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5, 0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c, 0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d, 0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6, 0x13, 0xc2, 0xdd, 0x08, 0x45, 0x79, 0x41, 0xa6, }; void dump_ctr_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *iv_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_CTR_E1); *iv_length = sizeof(NIST_IV_CTR_E1); *key_length = sizeof(NIST_KEY_CTR_E1); break; case 2: *data_length = sizeof(NIST_TEST_DATA_CTR_E2); *iv_length = sizeof(NIST_IV_CTR_E2); *key_length = sizeof(NIST_KEY_CTR_E2); break; case 3: *data_length = sizeof(NIST_TEST_DATA_CTR_E3); *iv_length = sizeof(NIST_IV_CTR_E3); *key_length = sizeof(NIST_KEY_CTR_E3); break; case 4: *data_length = sizeof(NIST_TEST_DATA_CTR_E4); *iv_length = sizeof(NIST_IV_CTR_E4); *key_length = sizeof(NIST_KEY_CTR_E4); break; case 5: *data_length = sizeof(NIST_TEST_DATA_CTR_E5); *iv_length = sizeof(NIST_IV_CTR_E5); *key_length = sizeof(NIST_KEY_CTR_E5); break; case 6: *data_length = sizeof(NIST_TEST_DATA_CTR_E6); *iv_length = sizeof(NIST_IV_CTR_E6); *key_length = sizeof(NIST_KEY_CTR_E6); break; case 7: *data_length = sizeof(NIST_TEST_DATA_CTR_E7); *iv_length = sizeof(NIST_IV_CTR_E7); *key_length = sizeof(NIST_KEY_CTR_E7); break; default: *data_length = 0; *iv_length = 0; *key_length = 0; break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *iv, unsigned char *expected_iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_CTR_E1, data_length); memcpy(result, NIST_TEST_RESULT_CTR_E1, data_length); memcpy(iv, NIST_IV_CTR_E1, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CTR_E1, iv_length); memcpy(key, NIST_KEY_CTR_E1, key_length); break; case 2: memcpy(data, NIST_TEST_DATA_CTR_E2, data_length); memcpy(result, NIST_TEST_RESULT_CTR_E2, data_length); memcpy(iv, NIST_IV_CTR_E2, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CTR_E2, iv_length); memcpy(key, NIST_KEY_CTR_E2, key_length); break; case 3: memcpy(data, NIST_TEST_DATA_CTR_E3, data_length); memcpy(result, NIST_TEST_RESULT_CTR_E3, data_length); memcpy(iv, NIST_IV_CTR_E3, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CTR_E3, iv_length); memcpy(key, NIST_KEY_CTR_E3, key_length); break; case 4: memcpy(data, NIST_TEST_DATA_CTR_E4, data_length); memcpy(result, NIST_TEST_RESULT_CTR_E4, data_length); memcpy(iv, NIST_IV_CTR_E4, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CTR_E4, iv_length); memcpy(key, NIST_KEY_CTR_E4, key_length); break; case 5: memcpy(data, NIST_TEST_DATA_CTR_E5, data_length); memcpy(result, NIST_TEST_RESULT_CTR_E5, data_length); memcpy(iv, NIST_IV_CTR_E5, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CTR_E5, iv_length); memcpy(key, NIST_KEY_CTR_E5, key_length); break; case 6: memcpy(data, NIST_TEST_DATA_CTR_E6, data_length); memcpy(result, NIST_TEST_RESULT_CTR_E6, data_length); memcpy(iv, NIST_IV_CTR_E6, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CTR_E6, iv_length); memcpy(key, NIST_KEY_CTR_E6, key_length); break; case 7: memcpy(data, NIST_TEST_DATA_CTR_E7, data_length); memcpy(result, NIST_TEST_RESULT_CTR_E7, data_length); memcpy(iv, NIST_IV_CTR_E7, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CTR_E7, iv_length); memcpy(key, NIST_KEY_CTR_E7, key_length); break; } } int random_aes_ctr(int iteration, unsigned int data_length, unsigned int iv_length) { unsigned int key_length = AES_KEY_LEN256; if (data_length % sizeof(ica_aes_vector_t)) iv_length = sizeof(ica_aes_vector_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_random_number_generate(data_length, input_data); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_ctr(input_data, encrypt, data_length, key, key_length, tmp_iv, 32, 1); if (rc) { VV_(printf("ica_aes_ctr encrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Encrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_ctr(encrypt, decrypt, data_length, key, key_length, tmp_iv, 32, 0); if (rc) { VV_(printf("ica_aes_ctr decrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int kat_aes_ctr(int iteration) { unsigned int data_length; unsigned int iv_length; unsigned int key_length; get_sizes(&data_length, &iv_length, &key_length, iteration); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char expected_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); load_test_data(input_data, data_length, result, iv, expected_iv, iv_length, key, key_length, iteration); memcpy(tmp_iv, iv, iv_length); if (iv_length == 16) rc = ica_aes_ctr(input_data, encrypt, data_length, key, key_length, tmp_iv, 32, 1); else rc = ica_aes_ctrlist(input_data, encrypt, data_length, key, key_length, tmp_iv, 1); if (rc) { VV_(printf("ica_aes_ctr encrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(expected_iv, tmp_iv, iv_length)) { VV_(printf("Update of IV does not match the expected IV!\n")); VV_(printf("Expected IV:\n")); dump_array(expected_iv, iv_length); VV_(printf("Updated IV:\n")); dump_array(tmp_iv, iv_length); VV_(printf("Original IV:\n")); dump_array(iv, iv_length); rc++; } if (rc) { VV_(printf("AES CTR test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_ctr(encrypt, decrypt, data_length, key, key_length, tmp_iv, 32,0); if (rc) { VV_(printf("ica_aes_ctr decrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Perform CTR tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-CTR test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else unsigned int endless = 0; int i = 0; int rc = 0; int error_count = 0; int iteration; unsigned int data_length = 1; unsigned int iv_length = sizeof(ica_aes_vector_t); unsigned int rdata; if (argc > 1) { if (strstr(argv[1], "endless")) endless = 1; } set_verbosity(argc, argv); if (!endless) { // not endless mode // run the verification tests with known test vectors for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_aes_ctr(iteration); if (rc) { V_(printf("kat_aes_ctr failed with rc = %i\n", rc)); error_count++; } } // run random tests for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_aes_ctr(iteration, data_length, iv_length); if (rc) { V_(printf("random_aes_ctr failed with rc = %i\n", rc)); error_count++; } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); return TEST_FAIL; } data_length += (rdata % 8) + 1; } } else { // endless mode while (1) { V_(printf("i = %i\n",i)); rc = random_aes_ctr(i, 320, 320); if (rc) { V_(printf("random_aes_ctr failed with rc = %i\n", rc)); return TEST_FAIL; } i++; } } if (error_count) { printf("%i AES-CTR tests failed\n", error_count); return TEST_FAIL; } printf("All AES-CTR tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/aes_ecb_test.c000066400000000000000000000326771417716165400165350ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 7 #define NR_RANDOM_TESTS 10000 /* ECB data - 1 for AES128 */ unsigned char NIST_KEY_ECB_E1[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_TEST_DATA_ECB_E1[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_ECB_E1[] = { 0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60, 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97, }; /* ECB data - 2 for AES128 */ unsigned char NIST_KEY_ECB_E2[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_TEST_DATA_ECB_E2[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_ECB_E2[] = { 0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d, 0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf, }; /* ECB data - 3 - for AES128 */ unsigned char NIST_KEY_ECB_E3[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_TEST_DATA_ECB_E3[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_ECB_E3[] = { 0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60, 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97, 0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d, 0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf, 0x43, 0xb1, 0xcd, 0x7f, 0x59, 0x8e, 0xce, 0x23, 0x88, 0x1b, 0x00, 0xe3, 0xed, 0x03, 0x06, 0x88, 0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f, 0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4, }; /* ECB data - 4 - for AES192 */ unsigned char NIST_KEY_ECB_E4[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_TEST_DATA_ECB_E4[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_ECB_E4[] = { 0xbd, 0x33, 0x4f, 0x1d, 0x6e, 0x45, 0xf2, 0x5f, 0xf7, 0x12, 0xa2, 0x14, 0x57, 0x1f, 0xa5, 0xcc, }; /* ECB data 5 - for AES 192 */ unsigned char NIST_KEY_ECB_E5[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_TEST_DATA_ECB_E5[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_ECB_E5[] = { 0xbd, 0x33, 0x4f, 0x1d, 0x6e, 0x45, 0xf2, 0x5f, 0xf7, 0x12, 0xa2, 0x14, 0x57, 0x1f, 0xa5, 0xcc, 0x97, 0x41, 0x04, 0x84, 0x6d, 0x0a, 0xd3, 0xad, 0x77, 0x34, 0xec, 0xb3, 0xec, 0xee, 0x4e, 0xef, 0xef, 0x7a, 0xfd, 0x22, 0x70, 0xe2, 0xe6, 0x0a, 0xdc, 0xe0, 0xba, 0x2f, 0xac, 0xe6, 0x44, 0x4e, 0x9a, 0x4b, 0x41, 0xba, 0x73, 0x8d, 0x6c, 0x72, 0xfb, 0x16, 0x69, 0x16, 0x03, 0xc1, 0x8e, 0x0e, }; /* ECB data 6 - for AES 256 */ unsigned char NIST_KEY_ECB_E6[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_TEST_DATA_ECB_E6[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_ECB_E6[] = { 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c, 0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8, }; /* ECB data 7 - for AES 256 */ unsigned char NIST_KEY_ECB_E7[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_TEST_DATA_ECB_E7[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10, }; unsigned char NIST_TEST_RESULT_ECB_E7[] = { 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c, 0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8, 0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26, 0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70, 0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9, 0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d, 0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff, 0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7, }; void dump_ecb_data(unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("Key\n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_ECB_E1); *key_length = sizeof(NIST_KEY_ECB_E1); break; case 2: *data_length = sizeof(NIST_TEST_DATA_ECB_E2); *key_length = sizeof(NIST_KEY_ECB_E2); break; case 3: *data_length = sizeof(NIST_TEST_DATA_ECB_E3); *key_length = sizeof(NIST_KEY_ECB_E3); break; case 4: *data_length = sizeof(NIST_TEST_DATA_ECB_E4); *key_length = sizeof(NIST_KEY_ECB_E4); break; case 5: *data_length = sizeof(NIST_TEST_DATA_ECB_E5); *key_length = sizeof(NIST_KEY_ECB_E5); break; case 6: *data_length = sizeof(NIST_TEST_DATA_ECB_E6); *key_length = sizeof(NIST_KEY_ECB_E6); break; case 7: *data_length = sizeof(NIST_TEST_DATA_ECB_E7); *key_length = sizeof(NIST_KEY_ECB_E7); break; default: *data_length = 0; *key_length = 0; break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *key, unsigned int key_length, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_ECB_E1, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E1, data_length); memcpy(key, NIST_KEY_ECB_E1, key_length); break; case 2: memcpy(data, NIST_TEST_DATA_ECB_E2, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E2, data_length); memcpy(key, NIST_KEY_ECB_E2, key_length); break; case 3: memcpy(data, NIST_TEST_DATA_ECB_E3, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E3, data_length); memcpy(key, NIST_KEY_ECB_E3, key_length); break; case 4: memcpy(data, NIST_TEST_DATA_ECB_E4, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E4, data_length); memcpy(key, NIST_KEY_ECB_E4, key_length); break; case 5: memcpy(data, NIST_TEST_DATA_ECB_E5, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E5, data_length); memcpy(key, NIST_KEY_ECB_E5, key_length); break; case 6: memcpy(data, NIST_TEST_DATA_ECB_E6, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E6, data_length); memcpy(key, NIST_KEY_ECB_E6, key_length); break; case 7: memcpy(data, NIST_TEST_DATA_ECB_E7, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E7, data_length); memcpy(key, NIST_KEY_ECB_E7, key_length); break; } } int kat_aes_ecb(int iteration) { unsigned int data_length; unsigned int key_length; get_sizes(&data_length, &key_length, iteration); unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i", key_length, data_length)); load_test_data(input_data, data_length, result, key, key_length, iteration); rc = ica_aes_ecb(input_data, encrypt, data_length, key, key_length, 1); if (rc) { VV_(printf("ica_aes_ecb encrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (rc) { VV_(printf("AES ECB test exited after encryption\n")); return TEST_FAIL; } rc = ica_aes_ecb(encrypt, decrypt, data_length, key, key_length, 0); if (rc) { VV_(printf("ica_aes_ecb decrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_aes_ecb(int iteration, unsigned int data_length) { int i; int rc = 0; unsigned int key_length = AES_KEY_LEN128; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; for (i = 1; i <= 2; i++) { unsigned char key[key_length]; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, key, key_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i\n", key_length, data_length)); rc = ica_aes_ecb(input_data, encrypt, data_length, key, key_length, 1); if (rc) { VV_(printf("ica_aes_ecb encrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("AES ECB test exited after encryption\n")); return TEST_FAIL; } rc = ica_aes_ecb(encrypt, decrypt, data_length, key, key_length, 0); if (rc) { VV_(printf("ica_aes_ecb decrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; return TEST_FAIL; } key_length += 8; } if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Perform CTR tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-ECB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int data_length = sizeof(ica_aes_vector_t); set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_aes_ecb(iteration); if (rc) { V_(printf("kat_aes_ecb failed with rc = %i\n", rc)); error_count++; } } for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_aes_ecb(iteration, data_length); if (rc) { V_(printf("random_aes_ecb failed with rc = %i, %i\n", rc, iteration)); error_count++; goto out; } data_length += sizeof(ica_aes_vector_t); } out: if (error_count) { printf("%i AES-ECB tests failed.\n", error_count); return TEST_FAIL; } printf("All AES-ECB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/aes_gcm_kma_test.c000066400000000000000000000500211417716165400173610ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* (C) COPYRIGHT International Business Machines Corp. 2017 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #include "aes_gcm_test.h" int test_gcm_kat(int iteration) { unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); unsigned char t[t_length]; int rc = 0; unsigned int vla_length = data_length ? data_length : 1; unsigned char encrypt[vla_length]; unsigned char decrypt[vla_length]; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); /* Allocate context */ kma_ctx* ctx = ica_aes_gcm_kma_ctx_new(); if (!ctx) { V_(printf("Error: Cannot create gcm context.\n")); return TEST_FAIL; } /* Initialize context for encrypt */ rc = ica_aes_gcm_kma_init(ICA_ENCRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context.\n")); return TEST_FAIL; } /* Update for encrypt */ rc = ica_aes_gcm_kma_update(input_data, encrypt, data_length, aad, aad_length, 1, 1, ctx); if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { V_(printf("ica_aes_gcm_kma encrypt failed with rc = %i\n", rc)); } if (memcmp(result, encrypt, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } rc = ica_aes_gcm_kma_get_tag(t, t_length, ctx); if (memcmp(t, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } /* Initialize context for decrypt */ rc = ica_aes_gcm_kma_init(ICA_DECRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context for decrypt. \n")); return TEST_FAIL; } /* Update for decrypt */ rc = ica_aes_gcm_kma_update(encrypt, decrypt, data_length, aad, aad_length, 1, 1, ctx); if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm_kma decrypt failed with rc = %i\n", rc)); } if (memcmp(decrypt, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } rc = ica_aes_gcm_kma_verify_tag(t_result, t_length, ctx); if (rc == EFAULT) { V_(printf("Tag result does not match the expected tag!\n")); rc++; } ica_aes_gcm_kma_ctx_free(ctx); if (rc) return TEST_FAIL; return TEST_SUCC; } int test_gcm_kat_update(int iteration) { unsigned int aad_length_tmp; unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned int num_chunks = gcm_kats[iteration].num_chunks; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); unsigned int chunk_len; unsigned int offset; unsigned char *chunk_data; unsigned char t[t_length]; int rc = 0; unsigned int i; unsigned int vla_length = data_length ? data_length : 1; unsigned char encrypt[vla_length]; unsigned char decrypt[vla_length]; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); aad_length_tmp = aad_length; /* Allocate context */ kma_ctx* ctx = ica_aes_gcm_kma_ctx_new(); if (!ctx) { V_(printf("Error: Cannot create gcm context. \n")); return TEST_FAIL; } /* Initialize context for encrypt */ rc = ica_aes_gcm_kma_init(ICA_ENCRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context. \n")); return TEST_FAIL; } /* Encrypt */ offset = 0; if (num_chunks > 0) { for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + offset; /* Encrypt */ rc = ica_aes_gcm_kma_update(chunk_data, encrypt + offset, chunk_len, aad, aad_length, 1, /* end_of_aad */ i == num_chunks - 1 ? 1 : 0, ctx); if (rc) break; /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } } else { rc = ica_aes_gcm_kma_update(input_data, encrypt, 0, aad, aad_length, 1, /* end_of_aad */ 1, /* end_of_data */ ctx); } if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { V_(printf("ica_aes_gcm_kma encrypt failed with rc = %i\n", rc)); } if (memcmp(result, encrypt, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } rc = ica_aes_gcm_kma_get_tag(t, t_length, ctx); if (memcmp(t, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } /* Decrypt */ aad_length = aad_length_tmp; offset = 0; /* Initialize context for decrypt */ rc = ica_aes_gcm_kma_init(ICA_DECRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context for decrypt. \n")); return TEST_FAIL; } if (num_chunks > 0) { for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = encrypt + offset; rc = ica_aes_gcm_kma_update(chunk_data, decrypt+offset, chunk_len, aad, aad_length, 1, /* end_of_aad */ i == num_chunks-1 ? 1 : 0, ctx); if (rc) break; /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } } else { rc = ica_aes_gcm_kma_update(input_data, decrypt, 0, aad, aad_length, 1, /* end_of_aad */ 1, /* end_of_data */ ctx); } if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm decrypt failed with rc = %i\n", rc)); } if (memcmp(decrypt, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } rc = ica_aes_gcm_kma_verify_tag(t_result, t_length, ctx); if (rc == EFAULT) { V_(printf("Tag result does not match the expected tag!\n")); rc++; } ica_aes_gcm_kma_ctx_free(ctx); if (rc) return TEST_FAIL; return TEST_SUCC; } int test_gcm_kat_update_aad(int iteration) { unsigned int aad_length_tmp; unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned int num_chunks = gcm_kats[iteration].num_chunks; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char t[t_length]; unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); unsigned int chunk_len; unsigned int data_offset; unsigned int aad_offset; unsigned char *chunk_data; int rc = 0; unsigned int i; unsigned int vla_length = data_length ? data_length : 1; unsigned char encrypt[vla_length]; unsigned char decrypt[vla_length]; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); aad_length_tmp = aad_length; /* Allocate context */ kma_ctx* ctx = ica_aes_gcm_kma_ctx_new(); if (!ctx) { V_(printf("Error: Cannot create gcm context. \n")); return TEST_FAIL; } /* Initialize context for encrypt */ rc = ica_aes_gcm_kma_init(ICA_ENCRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context. \n")); return TEST_FAIL; } /* Process 16-byte aad chunks in advance */ unsigned int aad_chunklen = 0; unsigned int aad_restlen = 0; aad_offset = 0; while (aad_length >= 16) { aad_chunklen = aad_length > 16 ? 16 : aad_length; aad_restlen = aad_length > 16 ? aad_length - 16 : 0; rc = ica_aes_gcm_kma_update(input_data, encrypt, 0, aad+aad_offset, aad_chunklen, 0, /* end_of_aad */ 0, /* end_of_data */ ctx); aad_length = aad_restlen; aad_offset += aad_chunklen; } /* Encrypt data if any, and process last aad if any */ data_offset = 0; if (num_chunks > 0) { for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + data_offset; rc = ica_aes_gcm_kma_update(chunk_data, encrypt+data_offset, chunk_len, aad+aad_offset, aad_length, 1, /* end_of_aad */ i == num_chunks-1 ? 1 : 0, ctx); /* clear aad_length after first run*/ aad_length = 0; data_offset += chunk_len; } } else { rc = ica_aes_gcm_kma_update(input_data, encrypt, 0, aad+aad_offset, aad_length, 1, /* end_of_aad */ 1, /* end_of_data */ ctx); } if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { V_(printf("ica_aes_gcm_kma encrypt failed with rc = %i\n", rc)); } if (memcmp(result, encrypt, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } rc = ica_aes_gcm_kma_get_tag(t, t_length, ctx); if (memcmp(t, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } /* Decryption */ aad_length = aad_length_tmp; data_offset = 0; /* 5. Initialize context for decrypt */ rc = ica_aes_gcm_kma_init(ICA_DECRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context for decrypt. \n")); return TEST_FAIL; } if (num_chunks > 0) { for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = encrypt + data_offset; rc = ica_aes_gcm_kma_update(chunk_data, decrypt+data_offset, chunk_len, aad, aad_length, 1, /* end_of_aad */ i == num_chunks-1 ? 1 : 0, ctx); /* clear aad_length after first run*/ aad_length = 0; data_offset += chunk_len; } } else { rc = ica_aes_gcm_kma_update(input_data, decrypt, 0, aad, aad_length, 1, /* end_of_aad */ 1, /* end_of_data */ ctx); } if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm decrypt failed with rc = %i\n", rc)); } if (memcmp(decrypt, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } rc = ica_aes_gcm_kma_verify_tag(t_result, t_length, ctx); if (rc == EFAULT) { V_(printf("Tag result does not match the expected tag!\n")); rc++; } ica_aes_gcm_kma_ctx_free(ctx); if (rc) return TEST_FAIL; return TEST_SUCC; } int test_gcm_kat_update_in_place(int iteration) { unsigned int aad_length_tmp; unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned int num_chunks = gcm_kats[iteration].num_chunks; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); unsigned int chunk_len; unsigned int offset; unsigned char *chunk_data; unsigned char save_input[MAX_ARRAY_SIZE]; unsigned char t[t_length]; int rc = 0; unsigned int i; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); aad_length_tmp = aad_length; /* Allocate context */ kma_ctx* ctx = ica_aes_gcm_kma_ctx_new(); if (!ctx) { V_(printf("Error: Cannot create gcm context. \n")); return TEST_FAIL; } /* Initialize context for encrypt */ rc = ica_aes_gcm_kma_init(ICA_ENCRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context. \n")); return TEST_FAIL; } /* Encrypt */ memcpy(save_input, input_data, data_length); offset = 0; if (num_chunks > 0) { for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + offset; /* Encrypt */ rc = ica_aes_gcm_kma_update(chunk_data, chunk_data, chunk_len, aad, aad_length, 1, /* end_of_aad */ i == num_chunks-1 ? 1 : 0, ctx); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } } else { rc = ica_aes_gcm_kma_update(input_data, input_data, 0, aad, aad_length, 1, /* end_of_aad */ 1, /* end_of_data */ ctx); } if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { V_(printf("ica_aes_gcm_kma encrypt failed with rc = %i\n", rc)); } if (memcmp(result, input_data, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(input_data, data_length); rc++; } rc = ica_aes_gcm_kma_get_tag(t, t_length, ctx); if (memcmp(t, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } /* Decryption */ aad_length = aad_length_tmp; offset = 0; /* 4. Initialize context for decrypt */ rc = ica_aes_gcm_kma_init(ICA_DECRYPT, iv, iv_length, key, key_length, ctx); if (rc) { V_(printf("Error: Cannot initialize gcm context for decrypt. \n")); return TEST_FAIL; } if (num_chunks > 0) { for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + offset; rc = ica_aes_gcm_kma_update(chunk_data, chunk_data , chunk_len, aad, aad_length, 1, /* end_of_aad */ i == num_chunks-1 ? 1 : 0, ctx); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } } else { rc = ica_aes_gcm_kma_update(input_data, input_data, 0, aad, aad_length, 1, /* end_of_aad */ 1, /* end_of_data */ ctx); } if (rc == ENODEV) { VV_(printf("ica_aes_gcm returns with ENODEV (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm decrypt failed with rc = %i\n", rc)); } if (memcmp(save_input, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(save_input, data_length); VV_(printf("Decryption Result:\n")); dump_array(input_data, data_length); rc++; } rc = ica_aes_gcm_kma_verify_tag(t_result, t_length, ctx); if (rc == EFAULT) { V_(printf("Tag result does not match the expected tag!\n")); rc++; } ica_aes_gcm_kma_ctx_free(ctx); if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Performs GCM tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-GCM-KMA test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; unsigned int iteration; set_verbosity(argc, argv); for(iteration = 0; iteration < NUM_GCM_TESTS; iteration++) { rc = test_gcm_kat(iteration); if (rc) { V_(printf("test_gcm_kat %i failed with rc = %i\n", iteration, rc)); error_count++; } rc = test_gcm_kat_update(iteration); if (rc) { V_(printf("test_gcm_kat_update %i failed with rc = %i\n", iteration, rc)); error_count++; } rc = test_gcm_kat_update_aad(iteration); if (rc) { V_(printf("test_gcm_kat_update_aad %i failed with rc = %i\n", iteration, rc)); error_count++; } rc = test_gcm_kat_update_in_place(iteration); if (rc) { V_(printf("test_gcm_kat_update_in_place %i failed with rc = %i\n", iteration, rc)); error_count++; } } if (error_count) { printf("%i of %li AES-GCM-KMA tests failed.\n", error_count, NUM_GCM_TESTS*4); return TEST_FAIL; } printf("All AES-GCM-KMA tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/aes_gcm_test.c000066400000000000000000000560161417716165400165430ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* (C) COPYRIGHT International Business Machines Corp. 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #include "aes_gcm_test.h" int test_gcm_kat(int iteration) { unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char t[t_length]; unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); int rc = 0; unsigned int vla_length = data_length ? data_length : 1; unsigned char encrypt[vla_length]; unsigned char decrypt[vla_length]; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); rc = ica_aes_gcm(input_data, data_length, encrypt, iv, iv_length, aad, aad_length, t, t_length, key, key_length, ICA_ENCRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { V_(printf("ica_aes_gcm encrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, encrypt, t, t_length); } if (!rc) { VV_(printf("Encrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, encrypt, t, t_length); } if (memcmp(result, encrypt, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(t, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } rc = ica_aes_gcm(decrypt, data_length, encrypt, iv, iv_length, aad, aad_length, t, t_length, key, key_length, ICA_DECRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm decrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, encrypt, data_length, decrypt, t, t_length); } if (!rc) { VV_(printf("Decrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, encrypt, data_length, decrypt, t, t_length); } if (memcmp(decrypt, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (memcmp(t, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int test_gcm_kat_update(int iteration) { unsigned int aad_length_tmp; unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned int num_chunks = gcm_kats[iteration].num_chunks; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char t[t_length]; unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); unsigned int chunk_len; unsigned int offset; unsigned char *chunk_data; unsigned char icb[AES_BLOCK_SIZE]; unsigned char ucb[AES_BLOCK_SIZE]; unsigned char subkey[AES_BLOCK_SIZE]; unsigned char running_tag[AES_BLOCK_SIZE]; unsigned int sum_A_len; unsigned int sum_C_len; int rc = 0; unsigned int i; unsigned int vla_length = data_length ? data_length : 1; unsigned char encrypt[vla_length]; unsigned char decrypt[vla_length]; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); aad_length_tmp = aad_length; memset(running_tag, 0, AES_BLOCK_SIZE); rc = ica_aes_gcm_initialize(iv, iv_length, key, key_length, icb, ucb, subkey, ICA_ENCRYPT); if (num_chunks == 0 && aad_length > 0) { rc = ica_aes_gcm_intermediate(input_data, 0, encrypt, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_ENCRYPT); } offset = 0; for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + offset; rc = ica_aes_gcm_intermediate(chunk_data, chunk_len, encrypt + offset, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_ENCRYPT); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } sum_A_len = aad_length_tmp; sum_C_len = offset; rc = ica_aes_gcm_last(icb, sum_A_len, sum_C_len, running_tag, t, t_length, key, key_length, subkey, ICA_ENCRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm encrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, encrypt, t, t_length); } if (!rc) { VV_(printf("Encrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, encrypt, running_tag, t_length); } if (memcmp(result, encrypt, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(running_tag, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } aad_length = aad_length_tmp; memset(running_tag, 0, AES_BLOCK_SIZE); rc = ica_aes_gcm_initialize(iv, iv_length, key, key_length, icb, ucb, subkey, ICA_DECRYPT); if (num_chunks == 0 && aad_length > 0) { rc = ica_aes_gcm_intermediate(input_data, 0, encrypt, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_DECRYPT); } offset = 0; for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = encrypt + offset; rc = ica_aes_gcm_intermediate(decrypt + offset, chunk_len, chunk_data, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_DECRYPT); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } sum_A_len = aad_length_tmp; sum_C_len = offset; rc = ica_aes_gcm_last(icb, sum_A_len, sum_C_len, running_tag, t_result, t_length, key, key_length, subkey, ICA_DECRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm decrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, encrypt, data_length, decrypt, running_tag, t_length); } if (!rc) { VV_(printf("Decrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, encrypt, data_length, decrypt, running_tag, t_length); } if (memcmp(decrypt, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (memcmp(running_tag, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(running_tag, t_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int test_gcm_kat_update_aad(int iteration) { unsigned int aad_length_tmp; unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned int num_chunks = gcm_kats[iteration].num_chunks; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char t[t_length]; unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); unsigned int chunk_len; unsigned int offset; unsigned char *chunk_data; unsigned char icb[AES_BLOCK_SIZE]; unsigned char ucb[AES_BLOCK_SIZE]; unsigned char subkey[AES_BLOCK_SIZE]; unsigned char running_tag[AES_BLOCK_SIZE]; unsigned int sum_A_len; unsigned int sum_C_len; unsigned int aad_offset; int rc = 0; unsigned int i; unsigned int vla_length = data_length ? data_length : 1; unsigned char encrypt[vla_length]; unsigned char decrypt[vla_length]; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); aad_length_tmp = aad_length; memset(running_tag, 0, AES_BLOCK_SIZE); rc = ica_aes_gcm_initialize(iv, iv_length, key, key_length, icb, ucb, subkey, ICA_ENCRYPT); /* 1. Process 16-byte aad chunks in advance */ unsigned int aad_chunklen = 0; unsigned int aad_restlen = 0; aad_offset = 0; while (aad_length >= 16) { aad_chunklen = aad_length > 16 ? 16 : aad_length; aad_restlen = aad_length > 16 ? aad_length - 16 : 0; rc = ica_aes_gcm_intermediate(input_data, 0, encrypt, ucb, aad+aad_offset, aad_chunklen, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_ENCRYPT); aad_length = aad_restlen; aad_offset += aad_chunklen; } /* 2. Process rest of aad if no data available */ if (num_chunks == 0 && aad_length > 0) { rc = ica_aes_gcm_intermediate(input_data, 0, encrypt, ucb, aad+aad_offset, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_ENCRYPT); } /* 3. Process rest of aad and data */ offset = 0; for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + offset; rc = ica_aes_gcm_intermediate(chunk_data, chunk_len, encrypt + offset, ucb, aad+aad_offset, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_ENCRYPT); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } sum_A_len = aad_length_tmp; sum_C_len = offset; rc = ica_aes_gcm_last(icb, sum_A_len, sum_C_len, running_tag, t, t_length, key, key_length, subkey, ICA_ENCRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm encrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, encrypt, t, t_length); } if (!rc) { VV_(printf("Encrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, encrypt, running_tag, t_length); } if (memcmp(result, encrypt, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(running_tag, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } /* Decrypt */ aad_length = aad_length_tmp; memset(running_tag, 0, AES_BLOCK_SIZE); rc = ica_aes_gcm_initialize(iv, iv_length, key, key_length, icb, ucb, subkey, ICA_DECRYPT); if (num_chunks == 0 && aad_length > 0) { rc = ica_aes_gcm_intermediate(input_data, 0, encrypt, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_DECRYPT); } offset = 0; for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = encrypt + offset; rc = ica_aes_gcm_intermediate(decrypt + offset, chunk_len, chunk_data, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_DECRYPT); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } sum_A_len = aad_length_tmp; sum_C_len = offset; rc = ica_aes_gcm_last(icb, sum_A_len, sum_C_len, running_tag, t_result, t_length, key, key_length, subkey, ICA_DECRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm decrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, encrypt, data_length, decrypt, running_tag, t_length); } if (!rc) { VV_(printf("Decrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, encrypt, data_length, decrypt, running_tag, t_length); } if (memcmp(decrypt, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (memcmp(running_tag, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(running_tag, t_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int test_gcm_kat_update_in_place(int iteration) { unsigned int aad_length_tmp; unsigned int aad_length = gcm_kats[iteration].aadlen; unsigned int data_length = gcm_kats[iteration].datalen; unsigned int t_length = gcm_kats[iteration].taglen; unsigned int iv_length = gcm_kats[iteration].ivlen; unsigned int key_length = gcm_kats[iteration].keylen; unsigned int num_chunks = gcm_kats[iteration].num_chunks; unsigned char* iv = (unsigned char*)&(gcm_kats[iteration].iv); unsigned char* input_data = (unsigned char*)&(gcm_kats[iteration].data); unsigned char* result = (unsigned char*)&(gcm_kats[iteration].result); unsigned char* aad = (unsigned char*)&(gcm_kats[iteration].aad); unsigned char* key = (unsigned char*)&(gcm_kats[iteration].key); unsigned char t[t_length]; unsigned char* t_result = (unsigned char*)&(gcm_kats[iteration].tag); unsigned int chunk_len; unsigned int offset; unsigned char *chunk_data; unsigned char icb[AES_BLOCK_SIZE]; unsigned char ucb[AES_BLOCK_SIZE]; unsigned char subkey[AES_BLOCK_SIZE]; unsigned char running_tag[AES_BLOCK_SIZE]; unsigned int sum_A_len; unsigned int sum_C_len; unsigned char save_input[MAX_ARRAY_SIZE]; int rc = 0; unsigned int i; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tag length = %i," "iv length = %i aad_length = %i\n", key_length, data_length, t_length, iv_length, aad_length)); aad_length_tmp = aad_length; memset(running_tag, 0, AES_BLOCK_SIZE); rc = ica_aes_gcm_initialize(iv, iv_length, key, key_length, icb, ucb, subkey, ICA_ENCRYPT); memcpy(save_input, input_data, data_length); if (num_chunks == 0 && aad_length > 0) { rc = ica_aes_gcm_intermediate(input_data, 0, input_data, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_ENCRYPT); } offset = 0; for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + offset; rc = ica_aes_gcm_intermediate(chunk_data, chunk_len, chunk_data, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_ENCRYPT); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } sum_A_len = aad_length_tmp; sum_C_len = offset; rc = ica_aes_gcm_last(icb, sum_A_len, sum_C_len, running_tag, t, t_length, key, key_length, subkey, ICA_ENCRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm encrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, input_data, t, t_length); } if (!rc) { VV_(printf("Encrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, save_input, data_length, input_data, running_tag, t_length); } if (memcmp(result, input_data, data_length)) { V_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(input_data, data_length); rc++; } if (memcmp(running_tag, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(t, t_length); rc++; } if (rc) { VV_(printf("GCM test exited after encryption\n")); return TEST_FAIL; } aad_length = aad_length_tmp; memset(running_tag, 0, AES_BLOCK_SIZE); rc = ica_aes_gcm_initialize(iv, iv_length, key, key_length, icb, ucb, subkey, ICA_DECRYPT); if (num_chunks == 0 && aad_length > 0) { rc = ica_aes_gcm_intermediate(input_data, 0, input_data, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_DECRYPT); } offset = 0; for (i = 0; i < num_chunks; i++) { chunk_len = gcm_kats[iteration].chunks[i]; chunk_data = input_data + offset; rc = ica_aes_gcm_intermediate(chunk_data, chunk_len, chunk_data, ucb, aad, aad_length, running_tag, AES_BLOCK_SIZE, key, key_length, subkey, ICA_DECRYPT); /* clear aad_length after first run*/ aad_length = 0; offset += chunk_len; } sum_A_len = aad_length_tmp; sum_C_len = offset; rc = ica_aes_gcm_last(icb, sum_A_len, sum_C_len, running_tag, t_result, t_length, key, key_length, subkey, ICA_DECRYPT); if (rc == EPERM) { VV_(printf("ica_aes_gcm returns with EPERM (%d).\n", rc)); VV_(printf("Operation is not permitted on this machine. Test skipped!\n")); return TEST_SKIP; } if (rc) { VV_(printf("ica_aes_gcm decrypt failed with rc = %i\n", rc)); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, input_data, running_tag, t_length); } if (!rc) { VV_(printf("Decrypt:\n")); dump_gcm_data(iv, iv_length, aad, aad_length, key, key_length, input_data, data_length, save_input, running_tag, t_length); } if (memcmp(save_input, input_data, data_length)) { V_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(save_input, data_length); VV_(printf("Decryption Result:\n")); dump_array(input_data, data_length); rc++; } if (memcmp(running_tag, t_result, t_length)) { V_(printf("Tag result does not match the expected tag!\n")); VV_(printf("Expected tag:\n")); dump_array(t_result, t_length); VV_(printf("Tag Result:\n")); dump_array(running_tag, t_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Performs GCM tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-GCM test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; unsigned int iteration; set_verbosity(argc, argv); for(iteration = 0; iteration < NUM_GCM_TESTS; iteration++) { rc = test_gcm_kat(iteration); if (rc) { V_(printf("test_gcm_kat %i failed with rc = %i\n", iteration, rc)); error_count++; } rc = test_gcm_kat_update(iteration); if (rc) { V_(printf("test_gcm_kat_update %i failed with rc = %i\n", iteration, rc)); error_count++; } rc = test_gcm_kat_update_aad(iteration); if (rc) { V_(printf("test_gcm_kat_update_aad %i failed with rc = %i\n", iteration, rc)); error_count++; } rc = test_gcm_kat_update_in_place(iteration); if (rc) { V_(printf("test_gcm_kat_update_in_place %i failed with rc = %i\n", iteration, rc)); error_count++; } } if (error_count) { printf("%i of %li AES-GCM tests failed.\n", error_count, NUM_GCM_TESTS*4); return TEST_FAIL; } printf("All AES-GCM tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/aes_gcm_test.h000066400000000000000000000507171417716165400165520ustar00rootroot00000000000000/* * GCM test vectors. */ #ifndef GCM_KATS_H #define GCM_KATS_H #include #include #define AES_BLOCK_SIZE 16 #define MAX_ARRAY_SIZE 128 #define NUM_GCM_TESTS (sizeof(gcm_kats)/sizeof(gcm_kat_t)) typedef struct { unsigned char key[MAX_ARRAY_SIZE]; unsigned int keylen; unsigned char data[MAX_ARRAY_SIZE]; unsigned int datalen; unsigned char aad[MAX_ARRAY_SIZE]; unsigned int aadlen; unsigned char iv[MAX_ARRAY_SIZE]; unsigned int ivlen; unsigned char tag[MAX_ARRAY_SIZE]; unsigned int taglen; unsigned char result[MAX_ARRAY_SIZE]; unsigned int chunks[MAX_ARRAY_SIZE]; unsigned int num_chunks; } gcm_kat_t; static gcm_kat_t gcm_kats[] = { /* GCM data - 0 */ {{0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08,}, .keylen = 16, {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,0x1a,0xaf,0xd2,0x55,}, .datalen = 64, {}, .aadlen = 0, {0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88,}, .ivlen = 12, {0x4d,0x5c,0x2a,0xf3,0x27,0xcd,0x64,0xa6,0x2c,0xf3,0x5a,0xbd,0x2b,0xa6,0xfa,0xb4,}, .taglen = 16, {0x42,0x83,0x1e,0xc2,0x21,0x77,0x74,0x24,0x4b,0x72,0x21,0xb7,0x84,0xd0,0xd4,0x9c, 0xe3,0xaa,0x21,0x2f,0x2c,0x02,0xa4,0xe0,0x35,0xc1,0x7e,0x23,0x29,0xac,0xa1,0x2e, 0x21,0xd5,0x14,0xb2,0x54,0x66,0x93,0x1c,0x7d,0x8f,0x6a,0x5a,0xac,0x84,0xaa,0x05, 0x1b,0xa3,0x0b,0x39,0x6a,0x0a,0xac,0x97,0x3d,0x58,0xe0,0x91,0x47,0x3f,0x59,0x85,}, {16,16,16,16}, 4, }, /* GCM data - 1 */ {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .keylen = 16, {}, .datalen = 0, {}, .aadlen = 0, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .ivlen = 12, {0x58,0xe2,0xfc,0xce,0xfa,0x7e,0x30,0x61,0x36,0x7f,0x1d,0x57,0xa4,0xe7,0x45,0x5a}, .taglen = 16, {}, {}, .num_chunks = 0, }, /* GCM data - 2 */ {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .keylen = 16, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .datalen = 16, {}, .aadlen = 0, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .ivlen = 12, {0xab,0x6e,0x47,0xd4,0x2c,0xec,0x13,0xbd,0xf5,0x3a,0x67,0xb2,0x12,0x57,0xbd,0xdf,}, .taglen = 16, {0x03,0x88,0xda,0xce,0x60,0xb6,0xa3,0x92,0xf3,0x28,0xc2,0xb9,0x71,0xb2,0xfe,0x78,}, {16}, .num_chunks = 1, }, /* GCM data - 3 */ {{0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08,}, .keylen = 16, {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,}, .datalen = 60, {0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef,0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef, 0xab,0xad,0xda,0xd2,}, .aadlen = 20, {0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88,}, .ivlen = 12, {0x5b,0xc9,0x4f,0xbc,0x32,0x21,0xa5,0xdb,0x94,0xfa,0xe9,0x5a,0xe7,0x12,0x1a,0x47,}, .taglen = 16, {0x42,0x83,0x1e,0xc2,0x21,0x77,0x74,0x24,0x4b,0x72,0x21,0xb7,0x84,0xd0,0xd4,0x9c, 0xe3,0xaa,0x21,0x2f,0x2c,0x02,0xa4,0xe0,0x35,0xc1,0x7e,0x23,0x29,0xac,0xa1,0x2e, 0x21,0xd5,0x14,0xb2,0x54,0x66,0x93,0x1c,0x7d,0x8f,0x6a,0x5a,0xac,0x84,0xaa,0x05, 0x1b,0xa3,0x0b,0x39,0x6a,0x0a,0xac,0x97,0x3d,0x58,0xe0,0x91,}, {16,16,16,12}, .num_chunks = 4, }, /* GCM data - 4 - AES 192 - Test Case 7 */ {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .keylen = 24, {}, .datalen = 0, {}, .aadlen = 0, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .ivlen = 12, {0xcd,0x33,0xb2,0x8a,0xc7,0x73,0xf7,0x4b,0xa0,0x0e,0xd1,0xf3,0x12,0x57,0x24,0x35,}, .taglen = 16, {}, {}, .num_chunks = 0, }, /* GCM data - 5 - AES 192 - Test Case 8 */ {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .keylen = 24, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .datalen = 16, {}, .aadlen = 0, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .ivlen = 12, {0x2f,0xf5,0x8d,0x80,0x03,0x39,0x27,0xab,0x8e,0xf4,0xd4,0x58,0x75,0x14,0xf0,0xfb,}, .taglen = 16, {0x98,0xe7,0x24,0x7c,0x07,0xf0,0xfe,0x41,0x1c,0x26,0x7e,0x43,0x84,0xb0,0xf6,0x00,}, {16}, .num_chunks = 1, }, /* GCM data - 6 - AES 192 - Test Case 9 */ {{0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08, 0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,}, .keylen = 24, {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,0x1a,0xaf,0xd2,0x55,}, .datalen = 64, {}, .aadlen = 0, {0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88,}, .ivlen = 12, {0x99,0x24,0xa7,0xc8,0x58,0x73,0x36,0xbf,0xb1,0x18,0x02,0x4d,0xb8,0x67,0x4a,0x14,}, .taglen = 16, {0x39,0x80,0xca,0x0b,0x3c,0x00,0xe8,0x41,0xeb,0x06,0xfa,0xc4,0x87,0x2a,0x27,0x57, 0x85,0x9e,0x1c,0xea,0xa6,0xef,0xd9,0x84,0x62,0x85,0x93,0xb4,0x0c,0xa1,0xe1,0x9c, 0x7d,0x77,0x3d,0x00,0xc1,0x44,0xc5,0x25,0xac,0x61,0x9d,0x18,0xc8,0x4a,0x3f,0x47, 0x18,0xe2,0x44,0x8b,0x2f,0xe3,0x24,0xd9,0xcc,0xda,0x27,0x10,0xac,0xad,0xe2,0x56,}, {16,16,16,16}, .num_chunks = 4, }, /* GCM data - 7 - AES 192 - Test Case 10 */ {{0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08, 0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,}, .keylen = 24, {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,}, .datalen = 60, {0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef,0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef, 0xab,0xad,0xda,0xd2,}, .aadlen = 20, {0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88,}, .ivlen = 12, {0x25,0x19,0x49,0x8e,0x80,0xf1,0x47,0x8f,0x37,0xba,0x55,0xbd,0x6d,0x27,0x61,0x8c,}, .taglen = 16, {0x39,0x80,0xca,0x0b,0x3c,0x00,0xe8,0x41,0xeb,0x06,0xfa,0xc4,0x87,0x2a,0x27,0x57, 0x85,0x9e,0x1c,0xea,0xa6,0xef,0xd9,0x84,0x62,0x85,0x93,0xb4,0x0c,0xa1,0xe1,0x9c, 0x7d,0x77,0x3d,0x00,0xc1,0x44,0xc5,0x25,0xac,0x61,0x9d,0x18,0xc8,0x4a,0x3f,0x47, 0x18,0xe2,0x44,0x8b,0x2f,0xe3,0x24,0xd9,0xcc,0xda,0x27,0x10,}, {16,16,16,12}, .num_chunks = 4, }, /* GCM data - 8 - AES 256 - Test Case 13 */ {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .keylen = 32, {}, .datalen = 0, {}, .aadlen = 0, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .ivlen = 12, {0x53,0x0f,0x8a,0xfb,0xc7,0x45,0x36,0xb9,0xa9,0x63,0xb4,0xf1,0xc4,0xcb,0x73,0x8b,}, .taglen = 16, {}, {}, .num_chunks = 0, }, /* GCM data - 9 - AES 256 - Test Case 14 */ {{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .keylen = 32, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .datalen = 16, {}, .aadlen = 0, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,}, .ivlen = 12, {0xd0,0xd1,0xc8,0xa7,0x99,0x99,0x6b,0xf0,0x26,0x5b,0x98,0xb5,0xd4,0x8a,0xb9,0x19,}, .taglen = 16, {0xce,0xa7,0x40,0x3d,0x4d,0x60,0x6b,0x6e,0x07,0x4e,0xc5,0xd3,0xba,0xf3,0x9d,0x18,}, {16}, .num_chunks = 1, }, /* GCM data - 10 - AES 256 - Test Case 15 */ {{0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08, 0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08,}, .keylen = 32, {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,0x1a,0xaf,0xd2,0x55,}, .datalen = 64, {}, .aadlen = 0, {0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88,}, .ivlen = 12, {0xb0,0x94,0xda,0xc5,0xd9,0x34,0x71,0xbd,0xec,0x1a,0x50,0x22,0x70,0xe3,0xcc,0x6c,}, .taglen = 16, {0x52,0x2d,0xc1,0xf0,0x99,0x56,0x7d,0x07,0xf4,0x7f,0x37,0xa3,0x2a,0x84,0x42,0x7d, 0x64,0x3a,0x8c,0xdc,0xbf,0xe5,0xc0,0xc9,0x75,0x98,0xa2,0xbd,0x25,0x55,0xd1,0xaa, 0x8c,0xb0,0x8e,0x48,0x59,0x0d,0xbb,0x3d,0xa7,0xb0,0x8b,0x10,0x56,0x82,0x88,0x38, 0xc5,0xf6,0x1e,0x63,0x93,0xba,0x7a,0x0a,0xbc,0xc9,0xf6,0x62,0x89,0x80,0x15,0xad,}, {16,16,16,16}, .num_chunks = 4, }, /* GCM data - 11 */ {{0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08, 0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08,}, .keylen = 32, {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,}, .datalen = 60, {0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef,0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef, 0xab,0xad,0xda,0xd2,}, .aadlen = 20, {0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88,}, .ivlen = 12, {0x76,0xfc,0x6e,0xce,0x0f,0x4e,0x17,0x68,0xcd,0xdf,0x88,0x53,0xbb,0x2d,0x55,0x1b,}, .taglen = 16, {0x52,0x2d,0xc1,0xf0,0x99,0x56,0x7d,0x07,0xf4,0x7f,0x37,0xa3,0x2a,0x84,0x42,0x7d, 0x64,0x3a,0x8c,0xdc,0xbf,0xe5,0xc0,0xc9,0x75,0x98,0xa2,0xbd,0x25,0x55,0xd1,0xaa, 0x8c,0xb0,0x8e,0x48,0x59,0x0d,0xbb,0x3d,0xa7,0xb0,0x8b,0x10,0x56,0x82,0x88,0x38, 0xc5,0xf6,0x1e,0x63,0x93,0xba,0x7a,0x0a,0xbc,0xc9,0xf6,0x62,}, {16,16,16,12}, .num_chunks = 4, }, /** * GCM data - 12 * * [Keylen = 128] * [IVlen = 96] * [PTlen = 0] * [AADlen = 0] * [Taglen = 128] */ {{0x11,0x75,0x4c,0xd7,0x2a,0xec,0x30,0x9b,0xf5,0x2f,0x76,0x87,0x21,0x2e,0x89,0x57,}, .keylen = 16, {}, .datalen = 0, {}, .aadlen = 0, {0x3c,0x81,0x9d,0x9a,0x9b,0xed,0x08,0x76,0x15,0x03,0x0b,0x65,}, .ivlen = 12, {0x25,0x03,0x27,0xc6,0x74,0xaa,0xf4,0x77,0xae,0xf2,0x67,0x57,0x48,0xcf,0x69,0x71}, .taglen = 16, {}, {}, .num_chunks = 0, }, /** * GCM data - 13 * * [Keylen = 128] * [IVlen = 96] * [PTlen = 0] * [AADlen = 0] * [Taglen = 120] */ {{0x27,0x2f,0x16,0xed,0xb8,0x1a,0x7a,0xbb,0xea,0x88,0x73,0x57,0xa5,0x8c,0x19,0x17,}, .keylen = 16, {}, .datalen = 0, {}, .aadlen = 0, {0x79,0x4e,0xc5,0x88,0x17,0x6c,0x70,0x3d,0x3d,0x2a,0x7a,0x07,}, .ivlen = 12, {0xb6,0xe6,0xf1,0x97,0x16,0x8f,0x50,0x49,0xae,0xda,0x32,0xda,0xfb,0xda,0xeb,}, .taglen = 15, {}, {}, .num_chunks = 0, }, /** * GCM data - 14 * * [Keylen = 128] * [IVlen = 96] * [PTlen = 0] * [AADlen = 0] * [Taglen = 32] */ {{0x88,0x4e,0xb6,0x36,0xa2,0x77,0xec,0xc4,0xc3,0x4a,0x43,0xcc,0x59,0x07,0x5c,0xa9,}, .keylen = 16, {}, .datalen = 0, {}, .aadlen = 0, {0x44,0xe8,0x01,0x9f,0x40,0x26,0xff,0x0c,0x1f,0x8b,0x3e,0x2f,}, .ivlen = 12, {0x05,0x4d,0x06,0x3f,}, .taglen = 4, {}, {}, .num_chunks = 0, }, /** * GCM data - 15 * * [Keylen = 128] * [IVlen = 1024] * [PTlen = 104] * [AADlen = 128] * [Taglen = 64] */ {{0x7e,0x95,0x06,0x6b,0x60,0x09,0x3f,0x66,0x17,0x54,0x93,0xd1,0x41,0x35,0x9d,0xbd,}, .keylen = 16, {0x5e,0xa1,0x31,0x2e,0x26,0xc9,0x5b,0xcf,0x00,0x5b,0x61,0x74,0x23,}, .datalen = 13, {0x66,0x0c,0x28,0xa4,0x60,0xfa,0x93,0xe1,0x12,0xaa,0xc6,0xce,0xb5,0x4a,0x80,0xa2,}, .aadlen = 16, {0x40,0x57,0xda,0x04,0xc7,0x73,0x36,0x1c,0x33,0xbe,0x7f,0x10,0xd7,0xba,0x70,0x8b, 0x22,0x78,0x50,0x3f,0xd7,0xb0,0xa6,0xdd,0x13,0x0a,0x96,0x29,0x52,0xb8,0x88,0x7d, 0x6a,0x41,0x20,0x74,0xc1,0x57,0x2e,0xb0,0xc5,0x3e,0xdf,0x81,0xee,0x70,0x1c,0xab, 0xc6,0x05,0x52,0xac,0xeb,0x0f,0x66,0x26,0x97,0xd3,0xb2,0xac,0xc0,0x37,0xea,0xb9, 0x44,0x52,0x42,0xbf,0xf4,0x49,0x66,0x06,0xb8,0xcf,0xbf,0x2d,0x3c,0x72,0x87,0x4b, 0x76,0x9b,0x9b,0x63,0x23,0x4b,0x64,0xd4,0x29,0x82,0x9f,0x46,0x73,0x05,0xac,0xab, 0x4a,0xe8,0xd4,0x5c,0x8f,0x7c,0x4f,0x5b,0x57,0x71,0xcb,0x7c,0xbd,0xcc,0xc8,0xc7, 0x27,0x3a,0x4a,0x20,0x38,0x46,0x4f,0xad,0xfd,0xf7,0x33,0xb6,0x31,0x17,0x90,0x17,}, .ivlen = 128, {0x4f,0xd9,0x46,0x71,0xab,0xde,0x61,0x6e,}, .taglen = 8, {0x55,0x17,0xfb,0xa3,0x76,0xab,0x16,0xc7,0xe2,0xad,0x16,0xc1,0xe2,}, {13}, .num_chunks = 1, }, /** * GCM data - 16 * * [Keylen = 128] * [IVlen = 8] * [PTlen = 0] * [AADlen = 160] * [Taglen = 104] */ {{0xf8,0x41,0x3d,0x62,0x4e,0x64,0xc2,0x08,0x1b,0xc7,0xc2,0x42,0x37,0xed,0x8a,0x8d,}, .keylen = 16, {}, .datalen = 0, {0x9a,0x24,0xf2,0xb8,0xed,0xe8,0x25,0xe7,0xd3,0x13,0xd3,0x92,0x3d,0x21,0x71,0x34, 0xe2,0x04,0x64,0x8e,}, .aadlen = 20, {0x53,}, .ivlen = 1, {0xbf,0x0d,0x41,0x82,0xf1,0x2e,0x33,0x99,0x9e,0x8f,0x0e,0xf4,0xd4,}, .taglen = 13, {}, {}, .num_chunks = 0, }, /** * GCM data - 17 * * [Keylen = 128] * [IVlen = 8] * [PTlen = 104] * [AADlen = 0] * [Taglen = 64] */ {{0xc8,0xed,0x6f,0x0c,0x45,0xa9,0xcb,0xff,0x8d,0x44,0x76,0x02,0xa0,0x7c,0x53,0xcb,}, .keylen = 16, {0xc0,0xaf,0xd5,0xca,0xe5,0x5d,0xf1,0xd3,0x4c,0x5f,0xcc,0xb2,0xa4,}, .datalen = 13, {}, .aadlen = 0, {0xb5,}, .ivlen = 1, {0x9b,0xc7,0x8d,0x50,0x93,0x7a,0x38,0x57,}, .taglen = 8, {0xf2,0x2c,0x87,0x72,0xaf,0x42,0x17,0x9e,0xc1,0xb3,0xfe,0x08,0x69,}, {13}, .num_chunks = 1, }, /** * GCM data - 18 * * [Keylen = 128] * [IVlen = 1024] * [PTlen = 128] * [AADlen = 720] * [Taglen = 104] */ {{0x67,0x8d,0xb3,0xb4,0x19,0xa5,0xfd,0xb0,0x9d,0x24,0x2d,0x10,0x6c,0xdb,0xfd,0xd8,}, .keylen = 16, {0x94,0xca,0xf0,0x0f,0xa4,0xcd,0xba,0x64,0xc0,0x3f,0x15,0x8f,0xa2,0x5a,0x64,0xc7,}, .datalen = 16, {0x62,0xfa,0x1b,0xe1,0x03,0x69,0xe1,0x96,0xe4,0x09,0xd0,0x79,0xce,0x92,0xd0,0x21, 0x46,0x76,0xaf,0x43,0x43,0x08,0xce,0x73,0x1c,0x98,0xcc,0xaa,0x08,0x1d,0x4d,0x46, 0x0a,0x78,0x5c,0xcb,0xed,0xfa,0x5e,0x90,0x48,0x21,0x4f,0x2a,0x49,0x0d,0x5d,0x62, 0x49,0x50,0xc2,0xf8,0x76,0x85,0x8d,0xe3,0x44,0xbe,0xce,0x62,0x91,0x18,0x48,0x25, 0x04,0x02,0xa5,0xf8,0x54,0xfc,0xe8,0x9c,0x47,0x39,0x79,0x39,0xc3,0xac,0x82,0xe3, 0x5b,0xd7,0x20,0xc6,0x7a,0xa8,0x65,0x9f,0x54,0x63,}, .aadlen = 90, {0x8b,0x75,0xc4,0x66,0x77,0x1b,0x86,0xde,0xa8,0xa0,0x23,0x4b,0x59,0xc3,0xf9,0xd3, 0x76,0xe7,0x86,0x21,0x0e,0x94,0x5c,0x75,0x1b,0x9f,0x7a,0xc9,0x35,0x4d,0x4b,0x69, 0xf4,0xa2,0x88,0x86,0xd9,0x0a,0xb2,0xa0,0x77,0xf5,0x86,0x02,0x0f,0x8c,0x27,0x7d, 0x1b,0x6d,0x52,0x56,0xc9,0x8b,0x17,0xf8,0x4c,0x55,0x38,0x62,0x07,0xb6,0x9d,0x4c, 0xd3,0xd1,0x4e,0x83,0xbc,0x22,0xd7,0x4a,0xfb,0xfc,0xca,0x47,0x08,0x74,0xeb,0x42, 0xb9,0xf1,0xc6,0xa7,0xf8,0xaa,0x1c,0x36,0x30,0x33,0x95,0x04,0x97,0x71,0x5a,0xb6, 0x93,0xb1,0xdb,0xca,0xf7,0x7f,0x00,0xad,0x45,0x80,0x2c,0x27,0x03,0x74,0x1c,0x2d, 0x9e,0x6e,0x18,0x69,0x1b,0xf9,0x2d,0x28,0x46,0xbd,0xa1,0xc4,0xd5,0x7a,0x31,0xf0,}, .ivlen = 128, {0xc4,0x80,0x65,0x98,0x81,0x7e,0x31,0xa0,0xe3,0x3a,0x96,0x79,0x66,}, .taglen = 13, {0xb0,0xf8,0x1c,0xbc,0xc7,0x55,0x46,0xc6,0xcf,0xc3,0x3a,0x28,0x86,0x7b,0x26,0x57,}, {16}, .num_chunks = 1, }, /** * GCM data - 19 * * [Keylen = 128] * [IVlen = 8] * [PTlen = 408] * [AADlen = 720] * [Taglen = 104] */ {{0xc1,0xff,0x59,0x80,0x55,0xf8,0xb3,0xb8,0x3f,0xdf,0xd7,0xba,0xe5,0x7e,0x10,0x18,}, .keylen = 16, {0x97,0xc4,0x68,0xcf,0x16,0xfe,0x00,0x9a,0xb8,0x1c,0x32,0xfc,0x91,0x1a,0xd9,0xda, 0xe9,0x68,0xf5,0x9e,0x2f,0x77,0x34,0xbb,0xbc,0x8e,0x63,0xf4,0xb1,0x8a,0x5c,0x61, 0x36,0x7d,0x30,0x0e,0xd2,0x45,0xfc,0x45,0xfe,0x08,0x6d,0x6b,0xe5,0x6b,0x35,0xf6, 0x9d,0xe4,0x89,}, .datalen = 51, {0xd9,0x94,0x86,0xf5,0xc7,0xf2,0xc5,0x34,0x11,0x82,0x7b,0xa3,0xb5,0x14,0x55,0x66, 0x17,0xf7,0x9b,0x16,0x73,0x6f,0x93,0x70,0x7f,0xdb,0x16,0xa2,0x36,0xd4,0x1e,0x84, 0xf6,0x8d,0x55,0x5d,0x11,0x6b,0x25,0x42,0xbc,0xf0,0x27,0xa0,0x4c,0x70,0x00,0xbc, 0x7e,0xd5,0xb1,0xf2,0x83,0x92,0x2d,0x0c,0x1f,0x5d,0xbf,0x2b,0x72,0xf4,0x58,0x2f, 0xac,0x0e,0x3f,0x20,0x1d,0x2d,0x08,0x0f,0x27,0xfa,0xcb,0x06,0xc5,0x6b,0x9c,0x93, 0x84,0x96,0x13,0x1c,0x3f,0xb6,0x49,0xf5,0xf4,0x64,}, .aadlen = 90, {0x0a,}, .ivlen = 1, {0xc2,0x9d,0xdd,0xc9,0x48,0x00,0xfb,0xf7,0xae,0x43,0x0d,0x59,0x01,}, .taglen = 13, {0x4e,0x0e,0x6a,0x45,0x39,0xf9,0x4d,0xc1,0x9c,0xaa,0x15,0xd1,0x4f,0x8f,0xb7,0x2f, 0x0b,0xc8,0xa4,0xd5,0xea,0xf0,0xe1,0x73,0xfa,0x04,0x0d,0xe7,0x8c,0x06,0x39,0x2c, 0xb4,0x51,0x70,0xde,0xef,0xd3,0x8e,0x02,0x53,0xdd,0xb7,0xda,0xc9,0x3b,0xc4,0x9e, 0xd4,0x19,0x04,}, {16,32,3}, .num_chunks = 3, }, /** * GCM data - 20 : same as 19, but different chunks * * [Keylen = 128] * [IVlen = 8] * [PTlen = 408] * [AADlen = 720] * [Taglen = 104] */ {{0xc1,0xff,0x59,0x80,0x55,0xf8,0xb3,0xb8,0x3f,0xdf,0xd7,0xba,0xe5,0x7e,0x10,0x18,}, .keylen = 16, {0x97,0xc4,0x68,0xcf,0x16,0xfe,0x00,0x9a,0xb8,0x1c,0x32,0xfc,0x91,0x1a,0xd9,0xda, 0xe9,0x68,0xf5,0x9e,0x2f,0x77,0x34,0xbb,0xbc,0x8e,0x63,0xf4,0xb1,0x8a,0x5c,0x61, 0x36,0x7d,0x30,0x0e,0xd2,0x45,0xfc,0x45,0xfe,0x08,0x6d,0x6b,0xe5,0x6b,0x35,0xf6, 0x9d,0xe4,0x89,}, .datalen = 51, {0xd9,0x94,0x86,0xf5,0xc7,0xf2,0xc5,0x34,0x11,0x82,0x7b,0xa3,0xb5,0x14,0x55,0x66, 0x17,0xf7,0x9b,0x16,0x73,0x6f,0x93,0x70,0x7f,0xdb,0x16,0xa2,0x36,0xd4,0x1e,0x84, 0xf6,0x8d,0x55,0x5d,0x11,0x6b,0x25,0x42,0xbc,0xf0,0x27,0xa0,0x4c,0x70,0x00,0xbc, 0x7e,0xd5,0xb1,0xf2,0x83,0x92,0x2d,0x0c,0x1f,0x5d,0xbf,0x2b,0x72,0xf4,0x58,0x2f, 0xac,0x0e,0x3f,0x20,0x1d,0x2d,0x08,0x0f,0x27,0xfa,0xcb,0x06,0xc5,0x6b,0x9c,0x93, 0x84,0x96,0x13,0x1c,0x3f,0xb6,0x49,0xf5,0xf4,0x64,}, .aadlen = 90, {0x0a,}, .ivlen = 1, {0xc2,0x9d,0xdd,0xc9,0x48,0x00,0xfb,0xf7,0xae,0x43,0x0d,0x59,0x01,}, .taglen = 13, {0x4e,0x0e,0x6a,0x45,0x39,0xf9,0x4d,0xc1,0x9c,0xaa,0x15,0xd1,0x4f,0x8f,0xb7,0x2f, 0x0b,0xc8,0xa4,0xd5,0xea,0xf0,0xe1,0x73,0xfa,0x04,0x0d,0xe7,0x8c,0x06,0x39,0x2c, 0xb4,0x51,0x70,0xde,0xef,0xd3,0x8e,0x02,0x53,0xdd,0xb7,0xda,0xc9,0x3b,0xc4,0x9e, 0xd4,0x19,0x04,}, {16,35}, .num_chunks = 2, }, /* GCM data - 21 : same as 11, but different chunks */ {{0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08, 0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c,0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08,}, .keylen = 32, {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,}, .datalen = 60, {0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef,0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef, 0xab,0xad,0xda,0xd2,}, .aadlen = 20, {0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88,}, .ivlen = 12, {0x76,0xfc,0x6e,0xce,0x0f,0x4e,0x17,0x68,0xcd,0xdf,0x88,0x53,0xbb,0x2d,0x55,0x1b,}, .taglen = 16, {0x52,0x2d,0xc1,0xf0,0x99,0x56,0x7d,0x07,0xf4,0x7f,0x37,0xa3,0x2a,0x84,0x42,0x7d, 0x64,0x3a,0x8c,0xdc,0xbf,0xe5,0xc0,0xc9,0x75,0x98,0xa2,0xbd,0x25,0x55,0xd1,0xaa, 0x8c,0xb0,0x8e,0x48,0x59,0x0d,0xbb,0x3d,0xa7,0xb0,0x8b,0x10,0x56,0x82,0x88,0x38, 0xc5,0xf6,0x1e,0x63,0x93,0xba,0x7a,0x0a,0xbc,0xc9,0xf6,0x62,}, {32,28}, .num_chunks = 2, }, }; static inline void dump_gcm_data(unsigned char *iv, unsigned int iv_length, unsigned char *aad, unsigned int aad_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data, unsigned char *t, unsigned int t_size) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("AAD \n")); dump_array(aad, aad_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); VV_(printf("T\n")); dump_array(t, t_size); } #endif /* GCM_KATS_H */ libica-4.0.1/test/aes_ofb_test.c000066400000000000000000000360631417716165400165430ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 6 #define NR_RANDOM_TESTS 10000 /* OFB data - 1 for AES128 */ unsigned char NIST_KEY_OFB_E1[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_OFB_E1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_OFB_E1[] = { 0x50, 0xfe, 0x67, 0xcc, 0x99, 0x6d, 0x32, 0xb6, 0xda, 0x09, 0x37, 0xe9, 0x9b, 0xaf, 0xec, 0x60, }; unsigned char NIST_TEST_DATA_OFB_E1[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_OFB_E1[] = { 0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20, 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a, }; /* OFB data - 2 for AES128 */ unsigned char NIST_KEY_OFB_E2[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char NIST_IV_OFB_E2[] = { 0x50, 0xfe, 0x67, 0xcc, 0x99, 0x6d, 0x32, 0xb6, 0xda, 0x09, 0x37, 0xe9, 0x9b, 0xaf, 0xec, 0x60, }; unsigned char NIST_EXPECTED_IV_OFB_E2[] = { 0xd9, 0xa4, 0xda, 0xda, 0x08, 0x92, 0x23, 0x9f, 0x6b, 0x8b, 0x3d, 0x76, 0x80, 0xe1, 0x56, 0x74, }; unsigned char NIST_TEST_DATA_OFB_E2[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_OFB_E2[] = { 0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03, 0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25, }; /* OFB data - 3 - for AES192 */ unsigned char NIST_KEY_OFB_E3[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_OFB_E3[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_OFB_E3[] = { 0xa6, 0x09, 0xb3, 0x8d, 0xf3, 0xb1, 0x13, 0x3d, 0xdd, 0xff, 0x27, 0x18, 0xba, 0x09, 0x56, 0x5e, }; unsigned char NIST_TEST_DATA_OFB_E3[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_OFB_E3[] = { 0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74, }; /* OFB data - 4 - for AES192 */ unsigned char NIST_KEY_OFB_E4[] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b, }; unsigned char NIST_IV_OFB_E4[] = { 0xa6, 0x09, 0xb3, 0x8d, 0xf3, 0xb1, 0x13, 0x3d, 0xdd, 0xff, 0x27, 0x18, 0xba, 0x09, 0x56, 0x5e, }; unsigned char NIST_EXPECTED_IV_OFB_E4[] = { 0x52, 0xef, 0x01, 0xda, 0x52, 0x60, 0x2f, 0xe0, 0x97, 0x5f, 0x78, 0xac, 0x84, 0xbf, 0x8a, 0x50, }; unsigned char NIST_TEST_DATA_OFB_E4[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_OFB_E4[] = { 0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c, 0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01, }; /* OFB data 5 - for AES 256 */ unsigned char NIST_KEY_OFB_E5[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_OFB_E5[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, }; unsigned char NIST_EXPECTED_IV_OFB_E5[] = { 0xb7, 0xbf, 0x3a, 0x5d, 0xf4, 0x39, 0x89, 0xdd, 0x97, 0xf0, 0xfa, 0x97, 0xeb, 0xce, 0x2f, 0x4a, }; unsigned char NIST_TEST_DATA_OFB_E5[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, }; unsigned char NIST_TEST_RESULT_OFB_E5[] = { 0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60, }; /* OFB data 6 - for AES 256 */ unsigned char NIST_KEY_OFB_E6[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4, }; unsigned char NIST_IV_OFB_E6[] = { 0xb7, 0xbf, 0x3a, 0x5d, 0xf4, 0x39, 0x89, 0xdd, 0x97, 0xf0, 0xfa, 0x97, 0xeb, 0xce, 0x2f, 0x4a, }; unsigned char NIST_EXPECTED_IV_OFB_E6[] = { 0xe1, 0xc6, 0x56, 0x30, 0x5e, 0xd1, 0xa7, 0xa6, 0x56, 0x38, 0x05, 0x74, 0x6f, 0xe0, 0x3e, 0xdc, }; unsigned char NIST_TEST_DATA_OFB_E6[] = { 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, }; unsigned char NIST_TEST_RESULT_OFB_E6[] = { 0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a, 0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d, }; void dump_ofb_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *iv_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_OFB_E1); *iv_length = sizeof(NIST_IV_OFB_E1); *key_length = sizeof(NIST_KEY_OFB_E1); break; case 2: *data_length = sizeof(NIST_TEST_DATA_OFB_E2); *iv_length = sizeof(NIST_IV_OFB_E2); *key_length = sizeof(NIST_KEY_OFB_E2); break; case 3: *data_length = sizeof(NIST_TEST_DATA_OFB_E3); *iv_length = sizeof(NIST_IV_OFB_E3); *key_length = sizeof(NIST_KEY_OFB_E3); break; case 4: *data_length = sizeof(NIST_TEST_DATA_OFB_E4); *iv_length = sizeof(NIST_IV_OFB_E4); *key_length = sizeof(NIST_KEY_OFB_E4); break; case 5: *data_length = sizeof(NIST_TEST_DATA_OFB_E5); *iv_length = sizeof(NIST_IV_OFB_E5); *key_length = sizeof(NIST_KEY_OFB_E5); break; case 6: *data_length = sizeof(NIST_TEST_DATA_OFB_E6); *iv_length = sizeof(NIST_IV_OFB_E6); *key_length = sizeof(NIST_KEY_OFB_E6); break; default: *data_length = 0; *iv_length = 0; *key_length = 0; break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *iv, unsigned char *expected_iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_OFB_E1, data_length); memcpy(result, NIST_TEST_RESULT_OFB_E1, data_length); memcpy(iv, NIST_IV_OFB_E1, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_OFB_E1, iv_length); memcpy(key, NIST_KEY_OFB_E1, key_length); break; case 2: memcpy(data, NIST_TEST_DATA_OFB_E2, data_length); memcpy(result, NIST_TEST_RESULT_OFB_E2, data_length); memcpy(iv, NIST_IV_OFB_E2, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_OFB_E2, iv_length); memcpy(key, NIST_KEY_OFB_E2, key_length); break; case 3: memcpy(data, NIST_TEST_DATA_OFB_E3, data_length); memcpy(result, NIST_TEST_RESULT_OFB_E3, data_length); memcpy(iv, NIST_IV_OFB_E3, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_OFB_E3, iv_length); memcpy(key, NIST_KEY_OFB_E3, key_length); break; case 4: memcpy(data, NIST_TEST_DATA_OFB_E4, data_length); memcpy(result, NIST_TEST_RESULT_OFB_E4, data_length); memcpy(iv, NIST_IV_OFB_E4, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_OFB_E4, iv_length); memcpy(key, NIST_KEY_OFB_E4, key_length); break; case 5: memcpy(data, NIST_TEST_DATA_OFB_E5, data_length); memcpy(result, NIST_TEST_RESULT_OFB_E5, data_length); memcpy(iv, NIST_IV_OFB_E5, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_OFB_E5, iv_length); memcpy(key, NIST_KEY_OFB_E5, key_length); break; case 6: memcpy(data, NIST_TEST_DATA_OFB_E6, data_length); memcpy(result, NIST_TEST_RESULT_OFB_E6, data_length); memcpy(iv, NIST_IV_OFB_E6, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_OFB_E6, iv_length); memcpy(key, NIST_KEY_OFB_E6, key_length); break; } } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_aes_ofb(int iteration, unsigned int data_length) { int i; int rc = 0; unsigned int iv_length = sizeof(ica_aes_vector_t); unsigned int key_length = AES_KEY_LEN128; unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; for (i = 0; i <= 2; i++) { unsigned char key[key_length]; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_aes_ofb(input_data, encrypt, data_length, key, key_length, tmp_iv, 1); if (rc) { VV_(printf("ica_aes_ofb encrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("AES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_ofb(encrypt, decrypt, data_length, key, key_length, tmp_iv, 0); if (rc) { VV_(printf("ica_aes_ofb decrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; return TEST_FAIL; } key_length += 8; } if (rc) return TEST_FAIL; return TEST_SUCC; } int kat_aes_ofb(int iteration) { unsigned int data_length; unsigned int iv_length; unsigned int key_length; get_sizes(&data_length, &iv_length, &key_length, iteration); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char expected_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); load_test_data(input_data, data_length, result, iv, expected_iv, iv_length, key, key_length, iteration); memcpy(tmp_iv, iv, iv_length); rc = ica_aes_ofb(input_data, encrypt, data_length, key, key_length, tmp_iv, 1); if (rc) { VV_(printf("ica_aes_ofb encrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(expected_iv, tmp_iv, iv_length)) { VV_(printf("Update of IV does not match the expected IV!\n")); VV_(printf("Expected IV:\n")); dump_array(expected_iv, iv_length); VV_(printf("Updated IV:\n")); dump_array(tmp_iv, iv_length); VV_(printf("Original IV:\n")); dump_array(iv, iv_length); rc++; } if (rc) { VV_(printf("AES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_ofb(encrypt, decrypt, data_length, key, key_length, tmp_iv, 0); if (rc) { VV_(printf("ica_aes_ofb decrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-OFB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int rdata; unsigned int data_length = 1; set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_aes_ofb(iteration); if (rc) { V_(printf("kat_aes_ofb failed with rc = %i\n", rc)); error_count++; } } for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_aes_ofb(iteration, data_length); if (rc) { V_(printf("random_aes_ofb failed with rc = %i\n", rc)); error_count++; goto out; } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); goto out; } data_length += (rdata % 8) + 1; } out: if (error_count) { printf("%i AES-OFB tests failed.\n", error_count); return TEST_FAIL; } printf("All AES-OFB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/aes_xts_test.c000066400000000000000000000526441417716165400166160ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 5 #define NR_RANDOM_TESTS 20000 /* XTS data -1- AES128 */ unsigned char NIST_KEY_XTS_E1[] = { 0x46, 0xe6, 0xed, 0x9e, 0xf4, 0x2d, 0xcd, 0xb3, 0xc8, 0x93, 0x09, 0x3c, 0x28, 0xe1, 0xfc, 0x0f, 0x91, 0xf5, 0xca, 0xa3, 0xb6, 0xe0, 0xbc, 0x5a, 0x14, 0xe7, 0x83, 0x21, 0x5c, 0x1d, 0x5b, 0x61, }; unsigned char NIST_TWEAK_XTS_E1[] = { 0x72, 0xf3, 0xb0, 0x54, 0xcb, 0xdc, 0x2f, 0x9e, 0x3c, 0x5b, 0xc5, 0x51, 0xd4, 0x4d, 0xdb, 0xa0, }; /* TWEAK should not be updated, so the exptected tweak is the same as the * original TWEAK. */ unsigned char NIST_EXPECTED_TWEAK_XTS_E1[] = { 0x72, 0xf3, 0xb0, 0x54, 0xcb, 0xdc, 0x2f, 0x9e, 0x3c, 0x5b, 0xc5, 0x51, 0xd4, 0x4d, 0xdb, 0xa0, }; unsigned char NIST_TEST_DATA_XTS_E1[] = { 0xe3, 0x77, 0x8d, 0x68, 0xe7, 0x30, 0xef, 0x94, 0x5b, 0x4a, 0xe3, 0xbc, 0x5b, 0x93, 0x6b, 0xdd, }; unsigned char NIST_TEST_RESULT_XTS_E1[] = { 0x97, 0x40, 0x9f, 0x1f, 0x71, 0xae, 0x45, 0x21, 0xcb, 0x49, 0xa3, 0x29, 0x73, 0xde, 0x4d, 0x05, }; /* XTS data -2- AES128 */ unsigned char NIST_KEY_XTS_E2[] = { 0x93, 0x56, 0xcd, 0xad, 0x25, 0x1a, 0xb6, 0x11, 0x14, 0xce, 0xc2, 0xc4, 0x4a, 0x60, 0x92, 0xdd, 0xe9, 0xf7, 0x46, 0xcc, 0x65, 0xae, 0x3b, 0xd4, 0x96, 0x68, 0x64, 0xaa, 0x36, 0x26, 0xd1, 0x88, }; unsigned char NIST_TWEAK_XTS_E2[] = { 0x68, 0x88, 0x27, 0x83, 0x65, 0x24, 0x36, 0xc4, 0x85, 0x7a, 0x88, 0xc0, 0xc3, 0x73, 0x41, 0x7e, }; unsigned char NIST_EXPECTED_TWEAK_XTS_E2[] = { 0x68, 0x88, 0x27, 0x83, 0x65, 0x24, 0x36, 0xc4, 0x85, 0x7a, 0x88, 0xc0, 0xc3, 0x73, 0x41, 0x7e, }; unsigned char NIST_TEST_DATA_XTS_E2[] = { 0xce, 0x17, 0x6b, 0xdd, 0xe3, 0x39, 0x50, 0x5b, 0xa1, 0x5d, 0xea, 0x36, 0xd2, 0x8c, 0xe8, 0x7d, }; unsigned char NIST_TEST_RESULT_XTS_E2[] = { 0x22, 0xf5, 0xf9, 0x37, 0xdf, 0xb3, 0x9e, 0x5b, 0x74, 0x25, 0xed, 0x86, 0x3d, 0x31, 0x0b, 0xe1, }; /* XTS data -3- AES128 */ unsigned char NIST_KEY_XTS_E3[] = { 0x63, 0xf3, 0x6e, 0x9c, 0x39, 0x7c, 0x65, 0x23, 0xc9, 0x9f, 0x16, 0x44, 0xec, 0xb1, 0xa5, 0xd9, 0xbc, 0x0f, 0x2f, 0x55, 0xfb, 0xe3, 0x24, 0x44, 0x4c, 0x39, 0x0f, 0xae, 0x75, 0x2a, 0xd4, 0xd7, }; unsigned char NIST_TWEAK_XTS_E3[] = { 0xcd, 0xb1, 0xbd, 0x34, 0x86, 0xf3, 0x53, 0xcc, 0x16, 0x0a, 0x84, 0x0b, 0xea, 0xdf, 0x03, 0x29, }; unsigned char NIST_EXPECTED_TWEAK_XTS_E3[] = { 0xcd, 0xb1, 0xbd, 0x34, 0x86, 0xf3, 0x53, 0xcc, 0x16, 0x0a, 0x84, 0x0b, 0xea, 0xdf, 0x03, 0x29, }; unsigned char NIST_TEST_DATA_XTS_E3[] = { 0x9a, 0x01, 0x49, 0x88, 0x8b, 0xf7, 0x61, 0x60, 0xa8, 0x14, 0x28, 0xbc, 0x91, 0x40, 0xec, 0xcd, 0x26, 0xed, 0x18, 0x36, 0x8e, 0x24, 0xd4, 0x9b, 0x9c, 0xc5, 0x12, 0x92, 0x9a, 0x88, 0xad, 0x1e, 0x66, 0xc7, 0x63, 0xf4, 0xf5, 0x6b, 0x63, 0xbb, 0x9d, 0xd9, 0x50, 0x8c, 0x5d, 0x4d, 0xf4, 0x65, 0xad, 0x98, 0x82, 0x14, 0x82, 0xfc, 0x71, 0x94, 0xee, 0x23, 0x54, 0xa3, 0xfa, 0xdc, 0xe9, 0x23, 0x18, 0x54, 0x8e, 0x8c, 0xe9, 0x45, 0x20, 0x81, 0x60, 0x49, 0x7b, 0x93, 0x05, 0xd9, 0xab, 0x10, 0x91, 0xab, 0x41, 0xd1, 0xf0, 0x9a, 0x0c, 0x7b, 0xfa, 0xf9, 0xf9, 0x4f, 0xe7, 0xc8, 0xf1, 0xea, 0x96, 0x8f, 0x8f, 0x9a, 0x71, 0x3a, 0xca, 0xde, 0x18, 0xb6, 0x82, 0x32, 0x10, 0x6f, 0xfd, 0x6d, 0x42, 0x81, 0xe9, 0x9e, 0x11, 0xd6, 0xa4, 0x28, 0xb5, 0x16, 0x53, 0xc0, 0xc7, 0xdd, 0xe5, 0xa0, 0xf2, 0x73, 0xe7, 0x4f, 0xf0, 0x15, 0xce, 0x80, 0x27, 0x7d, 0x74, 0x30, 0xf5, 0xda, 0xea, 0x8f, 0x73, 0x40, 0x64, 0x5e, 0x0b, 0xec, 0x25, 0xf4, 0x04, 0x0f, 0xa1, 0x3c, 0x0b, 0x33, 0x06, 0x93, 0xb1, 0x00, 0x83, 0xa8, 0xb9, 0xbc, 0x10, 0x8f, 0xe6, 0x4f, 0x3a, 0x5b, 0x61, 0x3c, 0xbb, 0x56, 0x5a, 0xee, 0x2f, 0x09, 0xf5, 0xb2, 0x04, 0xae, 0xe1, 0x72, 0x28, 0xfe, 0x65, 0x31, 0xc7, 0x0c, 0x0e, 0xc9, 0x47, 0xd2, 0xa5, 0x14, 0x7b, 0x45, 0xc5, 0x1a, 0xc7, 0xdc, 0x8e, 0x85, 0x87, 0x03, 0x87, 0xeb, 0x8d, 0xb6, 0x25, 0x13, 0x68, 0x36, 0x8b, 0xf5, 0xf2, 0x46, 0xb2, 0x95, 0x7d, 0xaf, 0xf7, 0x02, 0xe3, 0x79, 0x02, 0x2e, 0x99, 0x16, 0x17, 0x49, 0xe6, 0xbe, 0x8e, 0xb7, 0x9d, 0x51, 0x97, 0x99, 0xaa, 0xe0, 0x7c, 0x18, 0x31, 0xbd, 0x0e, 0xe7, 0x25, 0x50, 0xb8, 0x53, 0x33, 0xab, 0x9e, 0x96, 0xa5, 0x33, 0xe2, 0x97, 0x25, 0xd7, 0x02, 0x3d, 0x82, 0x1a, 0xbe, 0x1c, 0xe3, 0xa7, 0x44, 0xbe, 0x02, 0xe0, 0x52, 0x56, 0x8f, 0x84, 0xe6, 0xe3, 0xf7, 0x44, 0x42, 0xbb, 0xa5, 0x0d, 0x02, 0xad, 0x2d, 0x6c, 0xa5, 0x8a, 0x69, 0x1f, 0xd2, 0x43, 0x9a, 0xa3, 0xaf, 0x0c, 0x03, 0x3a, 0x68, 0xc4, 0x38, 0xb2, 0xd9, 0xa0, 0xa0, 0x1d, 0x78, 0xc4, 0xf8, 0x7c, 0x50, 0x9f, 0xea, 0x0a, 0x43, 0x5b, 0xe7, 0x1b, 0xa2, 0x37, 0x06, 0xd6, 0x08, 0x2d, 0xcb, 0xa6, 0x26, 0x25, 0x99, 0x9e, 0xce, 0x09, 0xdf, 0xb3, 0xfc, 0xbe, 0x08, 0xeb, 0xb6, 0xf2, 0x15, 0x1e, 0x2f, 0x12, 0xeb, 0xe8, 0xa5, 0xbf, 0x11, 0x62, 0xc2, 0x59, 0xf2, 0x02, 0xc1, 0xba, 0x47, 0x8b, 0x5f, 0x46, 0x8a, 0x28, 0x69, 0xf1, 0xe7, 0x6c, 0xf5, 0xed, 0x38, 0xde, 0x53, 0x86, 0x9a, 0xdc, 0x83, 0x70, 0x9e, 0x21, 0xb3, 0xf8, 0xdc, 0x13, 0xba, 0x3d, 0x6a, 0xa7, 0xf6, 0xb0, 0xcf, 0xb3, 0xe5, 0xa4, 0x3c, 0x23, 0x72, 0xe0, 0xee, 0x60, 0x99, 0x1c, 0xe1, 0xca, 0xd1, 0x22, 0xa3, 0x1d, 0x93, 0x97, 0xe3, 0x0b, 0x92, 0x1f, 0xd2, 0xf6, 0xee, 0x69, 0x6e, 0x68, 0x49, 0xae, 0xee, 0x29, 0xe2, 0xb4, 0x45, 0xc0, 0xfd, 0x9a, 0xde, 0x65, 0x56, 0xc3, 0xc0, 0x69, 0xc5, 0xd6, 0x05, 0x95, 0xab, 0xbd, 0xf5, 0xba, 0xe2, 0xcc, 0xc7, 0x9a, 0x49, 0x6e, 0x83, 0xcc, 0xab, 0x95, 0x74, 0x0e, 0xb8, 0xe4, 0xf2, 0x92, 0x5d, 0xbf, 0x72, 0x97, 0xa8, 0xc9, 0x92, 0x75, 0x6e, 0x62, 0x87, 0x0e, 0xdc, 0xe9, 0x8f, 0x6c, 0xba, 0x1a, 0xa0, 0xd5, 0xb8, 0x6f, 0x09, 0x21, 0x43, 0xb1, 0x6d, 0xa1, 0x44, 0x15, 0x47, 0xd1, 0xd4, 0x2b, 0x80, 0x06, 0xfa, 0xce, 0x69, 0x5b, 0x03, 0xfd, 0xfa, 0xe6, 0x45, 0xf9, 0x5b, 0xd6, }; unsigned char NIST_TEST_RESULT_XTS_E3[] = { 0x0e, 0xee, 0xf2, 0x8c, 0xa1, 0x59, 0xb8, 0x05, 0xf5, 0xc2, 0x15, 0x61, 0x05, 0x51, 0x67, 0x8a, 0xb7, 0x72, 0xf2, 0x79, 0x37, 0x4f, 0xb1, 0x40, 0xab, 0x55, 0x07, 0x68, 0xdb, 0x42, 0xcf, 0x6c, 0xb7, 0x36, 0x37, 0x64, 0x19, 0x34, 0x19, 0x5f, 0xfc, 0x08, 0xcf, 0x5a, 0x91, 0x88, 0xb8, 0x2b, 0x84, 0x0a, 0x00, 0x7d, 0x52, 0x72, 0x39, 0xea, 0x3f, 0x0d, 0x7d, 0xd1, 0xf2, 0x51, 0x86, 0xec, 0xae, 0x30, 0x87, 0x7d, 0xad, 0xa7, 0x7f, 0x24, 0x3c, 0xdd, 0xb2, 0xc8, 0x8e, 0x99, 0x04, 0x82, 0x7d, 0x3e, 0x09, 0x82, 0xda, 0x0d, 0x13, 0x91, 0x1d, 0x0e, 0x2d, 0xbb, 0xbb, 0x2d, 0x01, 0x6c, 0xbe, 0x4d, 0x06, 0x76, 0xb1, 0x45, 0x9d, 0xa8, 0xc5, 0x3a, 0x91, 0x45, 0xe8, 0x3c, 0xf4, 0x2f, 0x30, 0x11, 0x2c, 0xa6, 0x5d, 0x77, 0xc8, 0x93, 0x4a, 0x26, 0xee, 0x00, 0x1f, 0x39, 0x0f, 0xfc, 0xc1, 0x87, 0x03, 0x66, 0x2a, 0x8f, 0x71, 0xf9, 0xda, 0x0e, 0x7b, 0x68, 0xb1, 0x04, 0x3c, 0x1c, 0xb5, 0x26, 0x08, 0xcf, 0x0e, 0x69, 0x51, 0x0d, 0x38, 0xc8, 0x0f, 0xa0, 0x0d, 0xe4, 0x3d, 0xef, 0x98, 0x4d, 0xff, 0x2f, 0x32, 0x4e, 0xcf, 0x39, 0x89, 0x44, 0x53, 0xd3, 0xe0, 0x1b, 0x3d, 0x7b, 0x3b, 0xc0, 0x57, 0x04, 0x9d, 0x19, 0x5c, 0x8e, 0xb9, 0x3f, 0xe4, 0xd9, 0x5a, 0x83, 0x00, 0xa5, 0xe6, 0x0a, 0x7c, 0x89, 0xe4, 0x0c, 0x69, 0x16, 0x79, 0xfb, 0xca, 0xfa, 0xd8, 0xeb, 0x41, 0x8f, 0x8d, 0x1f, 0xf7, 0xb9, 0x11, 0x75, 0xf8, 0xeb, 0x3c, 0x6f, 0xf2, 0x87, 0x2d, 0x32, 0xee, 0x4c, 0x57, 0x36, 0x9e, 0x61, 0xb6, 0x6d, 0x16, 0x6f, 0xd0, 0xa4, 0x34, 0x57, 0x47, 0x82, 0x75, 0xfe, 0x14, 0xbf, 0x34, 0x63, 0x8a, 0x9e, 0x4e, 0x1d, 0x25, 0xcc, 0x5a, 0x5f, 0x9e, 0x25, 0x7e, 0x61, 0x7a, 0xdc, 0xdd, 0xe6, 0x5e, 0x25, 0x57, 0x40, 0x53, 0x62, 0xc8, 0x91, 0xe6, 0x54, 0x6a, 0x6d, 0xee, 0xaa, 0x8f, 0xc0, 0x3b, 0x12, 0x2a, 0x55, 0x87, 0x4d, 0x33, 0xe0, 0xa7, 0x73, 0x52, 0x34, 0x68, 0x32, 0x5e, 0xc2, 0x4d, 0x4f, 0xaf, 0xfb, 0x63, 0xc0, 0x52, 0xc8, 0x11, 0xa1, 0xc0, 0x22, 0xba, 0xfc, 0xcb, 0x97, 0x98, 0x8b, 0x7e, 0x45, 0x67, 0xb2, 0x47, 0xd4, 0x04, 0x4b, 0x05, 0x2f, 0xf7, 0x3f, 0x4c, 0x67, 0x1d, 0x27, 0xe0, 0x52, 0xe2, 0xeb, 0xc7, 0x2d, 0x00, 0x57, 0xcb, 0x21, 0x7c, 0x52, 0x59, 0xb6, 0x09, 0x50, 0xe3, 0xc8, 0xb3, 0xd9, 0xe3, 0xe7, 0x63, 0x0f, 0x9e, 0xcb, 0xe5, 0x48, 0xb9, 0xe3, 0x62, 0x20, 0xf3, 0x3c, 0x2b, 0x45, 0x68, 0x30, 0x7c, 0xd0, 0x37, 0x5b, 0xba, 0x13, 0x35, 0xe5, 0x8b, 0xfb, 0xcd, 0xe8, 0x5c, 0xc8, 0x4c, 0x9c, 0x9c, 0x1c, 0xe7, 0x4f, 0x44, 0xb2, 0x8e, 0xa1, 0xb6, 0x97, 0x30, 0x5b, 0xb6, 0xba, 0x3b, 0x46, 0x4e, 0x5a, 0xb7, 0x45, 0x01, 0x29, 0x3e, 0xf9, 0x15, 0x2c, 0x0f, 0x5d, 0x33, 0x07, 0xd2, 0x6a, 0x1f, 0x07, 0x41, 0xc5, 0xe5, 0x72, 0x1a, 0x71, 0x3d, 0x1b, 0x86, 0xc1, 0x80, 0x82, 0x11, 0xf5, 0x7a, 0xad, 0x09, 0xa9, 0x50, 0xb6, 0x86, 0x30, 0xaf, 0xce, 0x4f, 0x0a, 0xd9, 0xf3, 0x2e, 0x67, 0x69, 0xb5, 0xfe, 0x31, 0x92, 0x9c, 0x44, 0x6f, 0x7a, 0x33, 0x55, 0xf4, 0x58, 0x84, 0xc7, 0x48, 0xc9, 0x05, 0x54, 0x15, 0xe6, 0x37, 0xd9, 0xad, 0x87, 0xd9, 0x4c, 0x46, 0x57, 0xb1, 0xad, 0x03, 0x4c, 0xb1, 0x4d, 0x9a, 0x72, 0xea, 0x74, 0x5f, 0xe5, 0x2d, 0x7a, 0x71, 0x1b, 0xa4, 0x1c, 0xa0, 0x35, 0x85, 0x6a, 0x5a, 0x44, 0x89, 0xa4, 0x27, 0x0b, 0xb3, 0x0d, 0x5b, 0x63, 0xf4, 0x9c, 0x05, 0x12, 0xfe, 0xd4, 0xb4 }; /* XTS data -4- AES256 */ unsigned char NIST_KEY_XTS_E4[] = { 0x97, 0x09, 0x8b, 0x46, 0x5a, 0x44, 0xca, 0x75, 0xe7, 0xa1, 0xc2, 0xdb, 0xfc, 0x40, 0xb7, 0xa6, 0x1a, 0x20, 0xe3, 0x2c, 0x6d, 0x9d, 0xbf, 0xda, 0x80, 0x72, 0x6f, 0xee, 0x10, 0x54, 0x1b, 0xab, 0x47, 0x54, 0x63, 0xca, 0x07, 0xc1, 0xc1, 0xe4, 0x49, 0x61, 0x73, 0x32, 0x14, 0x68, 0xd1, 0xab, 0x3f, 0xad, 0x8a, 0xd9, 0x1f, 0xcd, 0xc6, 0x2a, 0xbe, 0x07, 0xbf, 0xf8, 0xef, 0x96, 0x1b, 0x6b, }; unsigned char NIST_TWEAK_XTS_E4[] = { 0x15, 0x60, 0x1e, 0x2e, 0x35, 0x85, 0x10, 0xa0, 0x9d, 0xdc, 0xa4, 0xea, 0x17, 0x51, 0xf4, 0x3c, }; unsigned char NIST_EXPECTED_TWEAK_XTS_E4[] = { 0x15, 0x60, 0x1e, 0x2e, 0x35, 0x85, 0x10, 0xa0, 0x9d, 0xdc, 0xa4, 0xea, 0x17, 0x51, 0xf4, 0x3c, }; unsigned char NIST_TEST_DATA_XTS_E4[] = { 0xd1, 0x9c, 0xfb, 0x38, 0x3b, 0xaf, 0x87, 0x2e, 0x6f, 0x12, 0x16, 0x87, 0x45, 0x1d, 0xe1, 0x5c, }; unsigned char NIST_TEST_RESULT_XTS_E4[] = { 0xeb, 0x22, 0x26, 0x9b, 0x14, 0x90, 0x50, 0x27, 0xdc, 0x73, 0xc4, 0xa4, 0x0f, 0x93, 0x80, 0x69, }; /* XTS data -5- AES256 */ unsigned char NIST_KEY_XTS_E5[] = { 0xfb, 0xf0, 0x77, 0x6e, 0x7d, 0xbe, 0x49, 0x10, 0xfb, 0x0c, 0x12, 0x0f, 0x41, 0x85, 0x71, 0x21, 0x92, 0x6c, 0x05, 0x2f, 0xd6, 0x5a, 0x27, 0x8c, 0xd2, 0xf0, 0xd9, 0x8d, 0xa5, 0x4e, 0xdf, 0xd5, 0x08, 0x03, 0xa4, 0x2f, 0xbe, 0x6f, 0xd1, 0x33, 0x58, 0x49, 0x00, 0xe8, 0xdc, 0x7a, 0x11, 0x52, 0x39, 0x1f, 0x82, 0x2d, 0x76, 0xa7, 0x56, 0x68, 0xcf, 0xce, 0x7f, 0x8d, 0xde, 0x20, 0x3e, 0xc8, }; unsigned char NIST_TWEAK_XTS_E5[] = { 0x39, 0x5b, 0x6a, 0xcf, 0x9a, 0xdc, 0xd2, 0x91, 0xc2, 0xc9, 0x48, 0x86, 0x36, 0x33, 0xaf, 0xf8, }; unsigned char NIST_EXPECTED_TWEAK_XTS_E5[] = { 0x39, 0x5b, 0x6a, 0xcf, 0x9a, 0xdc, 0xd2, 0x91, 0xc2, 0xc9, 0x48, 0x86, 0x36, 0x33, 0xaf, 0xf8, }; unsigned char NIST_TEST_DATA_XTS_E5[] = { 0x3e, 0x2e, 0x26, 0x9d, 0x78, 0x3a, 0x2b, 0x29, 0xe8, 0x73, 0xd6, 0x73, 0x47, 0x9f, 0x51, 0x16, 0x73, 0x4f, 0xe0, 0x3e, 0xe3, 0x29, 0x65, 0xed, 0xc4, 0x79, 0x35, 0xc0, 0xea, 0x99, 0xa0, 0x64, 0xbd, 0x44, 0x4b, 0xec, 0x12, 0x5b, 0x2c, 0x78, 0x9d, 0xb9, 0xde, 0x6d, 0x18, 0x35, 0x92, 0x05, 0x3b, 0x48, 0xa8, 0x77, 0xa9, 0x5a, 0xc2, 0x55, 0x9c, 0x3d, 0xdf, 0xc7, 0xb4, 0xdb, 0x99, 0x07, }; unsigned char NIST_TEST_RESULT_XTS_E5[] = { 0x4c, 0x70, 0xbd, 0xbb, 0x77, 0x30, 0x2b, 0x7f, 0x1f, 0xdd, 0xca, 0x50, 0xdc, 0x70, 0x73, 0x1e, 0x00, 0x8a, 0x26, 0x55, 0xd2, 0x2a, 0xd0, 0x20, 0x0c, 0x11, 0x1f, 0xd3, 0x2a, 0x67, 0x5a, 0x7e, 0x09, 0x97, 0x11, 0x43, 0x6f, 0x98, 0xd2, 0x1c, 0x72, 0x77, 0x2e, 0x0d, 0xd7, 0x67, 0x2f, 0xf5, 0xfd, 0x00, 0xdd, 0xcb, 0xe1, 0x1e, 0xb9, 0x7e, 0x69, 0x87, 0x83, 0xbf, 0xa4, 0x05, 0x46, 0xe3, }; void dump_xts_data(unsigned char *tweak, unsigned int tweak_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("TWEAK \n")); dump_array(tweak, tweak_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *tweak_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_XTS_E1); *tweak_length = sizeof(NIST_TWEAK_XTS_E1); *key_length = sizeof(NIST_KEY_XTS_E1); break; case 2: *data_length = sizeof(NIST_TEST_DATA_XTS_E2); *tweak_length = sizeof(NIST_TWEAK_XTS_E2); *key_length = sizeof(NIST_KEY_XTS_E2); break; case 3: *data_length = sizeof(NIST_TEST_DATA_XTS_E3); *tweak_length = sizeof(NIST_TWEAK_XTS_E3); *key_length = sizeof(NIST_KEY_XTS_E3); break; case 4: *data_length = sizeof(NIST_TEST_DATA_XTS_E4); *tweak_length = sizeof(NIST_TWEAK_XTS_E4); *key_length = sizeof(NIST_KEY_XTS_E4); break; case 5: *data_length = sizeof(NIST_TEST_DATA_XTS_E5); *tweak_length = sizeof(NIST_TWEAK_XTS_E5); *key_length = sizeof(NIST_KEY_XTS_E5); break; default: *data_length = 0; *tweak_length = 0; *key_length = 0; break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *tweak, unsigned char *expected_tweak, unsigned int tweak_length, unsigned char *key, unsigned int key_length, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_XTS_E1, data_length); memcpy(result, NIST_TEST_RESULT_XTS_E1, data_length); memcpy(tweak, NIST_TWEAK_XTS_E1, tweak_length); memcpy(expected_tweak, NIST_EXPECTED_TWEAK_XTS_E1, tweak_length); memcpy(key, NIST_KEY_XTS_E1, key_length); break; case 2: memcpy(data, NIST_TEST_DATA_XTS_E2, data_length); memcpy(result, NIST_TEST_RESULT_XTS_E2, data_length); memcpy(tweak, NIST_TWEAK_XTS_E2, tweak_length); memcpy(expected_tweak, NIST_EXPECTED_TWEAK_XTS_E2, tweak_length); memcpy(key, NIST_KEY_XTS_E2, key_length); break; case 3: memcpy(data, NIST_TEST_DATA_XTS_E3, data_length); memcpy(result, NIST_TEST_RESULT_XTS_E3, data_length); memcpy(tweak, NIST_TWEAK_XTS_E3, tweak_length); memcpy(expected_tweak, NIST_EXPECTED_TWEAK_XTS_E3, tweak_length); memcpy(key, NIST_KEY_XTS_E3, key_length); break; case 4: memcpy(data, NIST_TEST_DATA_XTS_E4, data_length); memcpy(result, NIST_TEST_RESULT_XTS_E4, data_length); memcpy(tweak, NIST_TWEAK_XTS_E4, tweak_length); memcpy(expected_tweak, NIST_EXPECTED_TWEAK_XTS_E4, tweak_length); memcpy(key, NIST_KEY_XTS_E4, key_length); break; case 5: memcpy(data, NIST_TEST_DATA_XTS_E5, data_length); memcpy(result, NIST_TEST_RESULT_XTS_E5, data_length); memcpy(tweak, NIST_TWEAK_XTS_E5, tweak_length); memcpy(expected_tweak, NIST_EXPECTED_TWEAK_XTS_E5, tweak_length); memcpy(key, NIST_KEY_XTS_E5, key_length); break; } } int kat_aes_xts(int iteration) { unsigned int data_length; unsigned int tweak_length; unsigned int key_length; get_sizes(&data_length, &tweak_length, &key_length, iteration); unsigned char tweak[tweak_length]; unsigned char tmp_tweak[tweak_length]; unsigned char expected_tweak[tweak_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_test_data(input_data, data_length, result, tweak, expected_tweak, tweak_length, key, key_length, iteration); memcpy(tmp_tweak, tweak, tweak_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, tweak length = %i,", key_length, data_length, tweak_length)); rc = ica_aes_xts(input_data, encrypt, data_length, key, key+(key_length/2), (key_length/2), tmp_tweak, 1); if (rc) { VV_(printf("ica_aes_xts encrypt failed with rc = %i\n", rc)); dump_xts_data(tweak, tweak_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_xts_data(tweak, tweak_length, key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(expected_tweak, tmp_tweak, tweak_length)) { VV_(printf("Update of TWEAK does not match the expected TWEAK!\n")); VV_(printf("Expected TWEAK:\n")); dump_array(expected_tweak, tweak_length); VV_(printf("Updated TWEAK:\n")); dump_array(tmp_tweak, tweak_length); VV_(printf("Original TWEAK:\n")); dump_array(tweak, tweak_length); rc++; } if (rc) { VV_(printf("AES XTS test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_tweak, tweak, tweak_length); rc = ica_aes_xts(encrypt, decrypt, data_length, key, key+(key_length/2), (key_length/2), tmp_tweak, 0); if (rc) { VV_(printf("ica_aes_xts decrypt failed with rc = %i\n", rc)); dump_xts_data(tweak, tweak_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_xts_data(tweak, tweak_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_aes_xts(int iteration, unsigned int data_length) { int i; int rc = 0; unsigned int iv_length = sizeof(ica_aes_vector_t); unsigned int key_length = AES_KEY_LEN128 * 2; unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; for (i = 1; i <= 2; i++) { unsigned char key[key_length]; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_aes_xts(input_data, encrypt, data_length, key, key+(key_length/2), (key_length/2), tmp_iv, 1); if (rc) { VV_(printf("ica_aes_xts encrypt failed with rc = %i\n", rc)); dump_xts_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_xts_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("AES XTS test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_aes_xts(encrypt, decrypt, data_length, key, key+(key_length/2), (key_length/2), tmp_iv, 0); if (rc) { VV_(printf("ica_aes_xts decrypt failed with rc = %i\n", rc)); dump_xts_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_xts_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; return TEST_FAIL; } key_length = AES_KEY_LEN256 * 2; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-XTS test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int data_length = sizeof(ica_aes_vector_t); set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_aes_xts(iteration); if (rc) { V_(printf("kat_aes_xts failed with rc = %i\n", rc)); error_count++; } } for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_aes_xts(iteration, data_length); if (rc) { V_(printf("random_aes_xts failed with rc = %i\n", rc)); error_count++; goto out; } data_length += sizeof(ica_aes_vector_t) / 2; } out: if (error_count) { printf("%i AES-XTS tests failed.\n", error_count); return TEST_FAIL; } printf("All AES-XTS tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/cbccs_test.c000066400000000000000000000406521417716165400162210ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* (C) COPYRIGHT International Business Machines Corp. 2010 */ #include #include #include #include #include #include #include "ica_api.h" #include #include #include "testcase.h" /* CBC_CS data */ unsigned char NIST_KEY[] = { 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }; unsigned int key_size[6] = { 24, 24, 24, 32, 32, 32 }; unsigned char key[6][256] = { { 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69, 0x64, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20 },{ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69, 0x64, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20 },{ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69, 0x64, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20 },{ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69, 0x64, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 },{ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69, 0x64, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 },{ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69, 0x64, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 } }; unsigned char NIST_IV[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; unsigned int NIST_TEST_DATA_LENGTH[6] = { 17, 31, 32, 47, 48, 64 }; unsigned char NIST_TEST_DATA[6][100] = { { 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20 },{ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20 },{ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43 },{ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c },{ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20 },{ 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20, 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74, 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e } }; unsigned char NIST_TEST_RESULT[6][100] = { { 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4, 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f, 0x97 },{ 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1, 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22, 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5 },{ 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8, 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84 },{ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5 },{ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8 },{ 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8, 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40, 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8 } }; unsigned char NIST_NEXT_IV[6][16] = { { 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4, 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f },{ 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1, 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22 },{ 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8 },{ 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e },{ 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8 },{ 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40 } }; int compare_decrypt_result_with_expected_result( unsigned char *, unsigned char *, unsigned int, unsigned char *, unsigned int, unsigned char *, unsigned int, char *, unsigned int); inline int compare_decrypt_result_with_expected_result( unsigned char * decrypt_out, unsigned char * expected_result, unsigned int compare_length, unsigned char * key, unsigned int key_length, unsigned char * iv, unsigned int iv_size, char * out_text, unsigned int test_case_number) { if (memcmp(decrypt_out, expected_result, compare_length) != 0) { VV_(printf("This does NOT match the original data.\n")); VV_(printf("Test case number %i for %s with CBC_CS mode failed\n", test_case_number, out_text)); VV_(printf("\nkey \n")); dump_array(key, key_length); VV_(printf("\nOriginal data:\n")); dump_array(expected_result, compare_length); VV_(printf("\ntmp iv\n")); dump_array(iv, iv_size); VV_(printf("\nExpected Result:\n")); dump_array(expected_result, compare_length); VV_(printf("\nDecrypted data:\n")); dump_array(decrypt_out, compare_length); return TEST_FAIL; } return TEST_SUCC; } int test_3des_new_api(unsigned int variant) { /* Test 3des */ unsigned int iv_size = sizeof(ica_des_vector_t); unsigned char tmp_iv[iv_size]; unsigned char enc_text[100] ,dec_text[100] ; unsigned int number_of_testcases = 6; int rc = 0; unsigned int i = 0; for (i = 0; i < number_of_testcases ; i++) { memcpy(tmp_iv, NIST_IV, iv_size); rc = ica_3des_cbc_cs(NIST_TEST_DATA[i], enc_text, NIST_TEST_DATA_LENGTH[i], key[i], tmp_iv, 1, variant); if (rc) { VV_(printf("key \n")); dump_array(key[i], 8); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntest iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nica_3des_cbc_cs encrypt test %i failed with " "errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } memcpy(tmp_iv, NIST_IV, iv_size); memset(dec_text,0,NIST_TEST_DATA_LENGTH[i]); rc = ica_3des_cbc_cs(enc_text, dec_text, NIST_TEST_DATA_LENGTH[i], key[i], tmp_iv, 0, variant); if (rc) { VV_(printf("key \n")); dump_array(key[i], 8); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntmp iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nEncrypted data:\n")); dump_array(enc_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nDecrypted data:\n")); dump_array(dec_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nica_3des_cbc_cs decrypt test %i failed with " "errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } if (compare_decrypt_result_with_expected_result(dec_text, NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i], key[i], 24, tmp_iv, iv_size, (char *) "3DES", i)) return TEST_FAIL; else { VV_(printf("Test case number %i for 3DES with CBC_CS mode was " "successful!\n", i)); } } if (rc) return TEST_FAIL; return TEST_SUCC; } int test_des_new_api(unsigned int variant) { /* Test des */ unsigned int iv_size = sizeof(ica_des_vector_t); unsigned char tmp_iv[iv_size]; unsigned char enc_text[100] ,dec_text[100] ; unsigned int number_of_testcases = 6; int rc = 0; unsigned int i = 0; #ifdef ICA_FIPS if (ica_fips_status() & ICA_FIPS_MODE) { printf("All DES-CBC-CS tests skipped." " (DES not FIPS approved)\n"); return TEST_SKIP; } #endif /* ICA_FIPS */ for (i = 0; i < number_of_testcases ; i++) { memcpy(tmp_iv, NIST_IV, iv_size); rc = ica_des_cbc_cs(NIST_TEST_DATA[i], enc_text, NIST_TEST_DATA_LENGTH[i], key[i], tmp_iv, 1, variant); if (rc) { VV_(printf("key \n")); dump_array(key[i], 8); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntest iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nica_des_cbc_cs encrypt test %i failed with " "errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } memcpy(tmp_iv, NIST_IV, iv_size); memset(dec_text,0,NIST_TEST_DATA_LENGTH[i]); rc = ica_des_cbc_cs(enc_text, dec_text, NIST_TEST_DATA_LENGTH[i], key[i], tmp_iv, 0, variant); if (rc) { VV_(printf("key \n")); dump_array(key[i], 8); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntmp iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nEncrypted data:\n")); dump_array(enc_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nDecrypted data:\n")); dump_array(dec_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nica_des_cbc_cs decrypt test %i failed with " "errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } if (compare_decrypt_result_with_expected_result( dec_text, NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i], key[i], (sizeof(key[i]) / 8), tmp_iv, iv_size, (char *) "DES", i)) return TEST_FAIL; else { VV_(printf("Test case number %i for DES with CBC_CS mode was " "successful!\n", i)); } } if (rc) return TEST_FAIL; return TEST_SUCC; } int test_aes_new_api(unsigned int variant) { /* Test with 192 & 256 byte keys */ unsigned int iv_size = sizeof(ica_aes_vector_t); unsigned char tmp_iv[iv_size]; char text[2][8] = { { 0x41, 0x45, 0x53, 0x2d, 0x31, 0x39, 0x32, 0x00 }, { 0x41, 0x45, 0x53, 0x2d, 0x32, 0x35, 0x36, 0x00 }}; unsigned char enc_text[100] ,dec_text[100] ; unsigned int number_of_testcases = 6; int rc = 0; unsigned int i = 0; for (i = 0; i < number_of_testcases ; i++) { memcpy(tmp_iv, NIST_IV, iv_size); rc = ica_aes_cbc_cs(NIST_TEST_DATA[i], enc_text, NIST_TEST_DATA_LENGTH[i], key[i], key_size[i], tmp_iv, 1, variant); if (rc) { VV_(printf("key \n")); dump_array(key[i], key_size[i]); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntest iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nica_aes_cbc_cs encrypt test %i failed with " " errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } memcpy(tmp_iv, NIST_IV, iv_size); memset(dec_text,0,NIST_TEST_DATA_LENGTH[i]); rc = ica_aes_cbc_cs(enc_text, dec_text, NIST_TEST_DATA_LENGTH[i], key[i], key_size[i], tmp_iv, 0, variant); if (rc) { VV_(printf("key \n")); dump_array(key[i], key_size[i]); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntmp iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nEncrypted data:\n")); dump_array(enc_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nDecrypted data:\n")); dump_array(dec_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nica_aes_cbc_cs decrypt test %i failed with " "errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } if (compare_decrypt_result_with_expected_result(dec_text, NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i], key[i], key_size[i], tmp_iv, iv_size, (i < 3) ? text[0] : text[1], i)) return TEST_FAIL; else { VV_(printf("Test case number %i for %s with CBC_CS mode was " "successful!\n", i, (i < 3) ? text[0] : text[1])); } } if (rc) return TEST_FAIL; return TEST_SUCC; } int test_aes128_new_api(void) { /* AES128 Known Answer Tests*/ unsigned int iv_size = sizeof(ica_aes_vector_t); unsigned int key_size = AES_KEY_LEN128; unsigned char tmp_iv[iv_size]; unsigned char key[key_size]; unsigned char enc_text[100] ,dec_text[100] ; unsigned int number_of_testcases = 6; int rc = 0; unsigned int i = 0; memcpy(key, NIST_KEY, sizeof(key)); for (i = 0; i < number_of_testcases ; i++) { memcpy(tmp_iv, NIST_IV, iv_size); rc = ica_aes_cbc_cs(NIST_TEST_DATA[i], enc_text, NIST_TEST_DATA_LENGTH[i], key, sizeof(key), tmp_iv, 1, ICA_CBCCS_VARIANT3); if (rc) { VV_(printf("key \n")); dump_array(key, sizeof(key)); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntest iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nica_aes_cbc_cs encrypt test %i failed with " "errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } if (compare_decrypt_result_with_expected_result(enc_text, NIST_TEST_RESULT[i], NIST_TEST_DATA_LENGTH[i], key, sizeof(key), tmp_iv, iv_size, (char *) "AES-128", i)) return TEST_FAIL; if (compare_decrypt_result_with_expected_result(tmp_iv, NIST_NEXT_IV[i], iv_size, key, sizeof(key), tmp_iv, iv_size, (char *) "AES-128", i)) return TEST_FAIL; memcpy(tmp_iv, NIST_IV, iv_size); memset(dec_text,0,NIST_TEST_DATA_LENGTH[i]); rc = ica_aes_cbc_cs(enc_text, dec_text, NIST_TEST_DATA_LENGTH[i], key, sizeof(key), tmp_iv, 0, ICA_CBCCS_VARIANT3); if (rc) { VV_(printf("key \n")); dump_array(key, sizeof(key)); VV_(printf("\nOriginal data:\n")); dump_array(NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i]); VV_(printf("\ntmp iv\n")); dump_array(tmp_iv, iv_size); VV_(printf("\nkey\n")); dump_array(key, sizeof(key)); VV_(printf("\nEncrypted data:\n")); dump_array(enc_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nDecrypted data:\n")); dump_array(dec_text, NIST_TEST_DATA_LENGTH[i]); VV_(printf("\nica_aes_cbc_cs decrypt test %i failed" "with errno %d (0x%x).\n", i, rc, rc)); return TEST_FAIL; } if (compare_decrypt_result_with_expected_result(dec_text, NIST_TEST_DATA[i], NIST_TEST_DATA_LENGTH[i], key, sizeof(key), tmp_iv, iv_size, (char *) "AES-128", i)) return TEST_FAIL; else { VV_(printf("Test case number %i for AES-128 with CBC_CS " "mode was successful!\n", i)); } } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping CBC-CS test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else unsigned int variant; int rc, error_count; set_verbosity(argc, argv); rc = 0; error_count = 0; /* known answer tests for AES128 */ rc = test_aes128_new_api(); if (rc) { error_count++; printf("test_aes128_new_api for CBC_CS mode with AES-128 " "failed.\n"); return TEST_FAIL; } for (variant = ICA_CBCCS_VARIANT1; variant <= ICA_CBCCS_VARIANT3; variant++) { VV_(printf("\n--- Test cycle with CBCCS variant %d ---\n", variant)); /* AES 192 & 256 test */ rc = test_aes_new_api(variant); if (rc) { error_count++; printf("test_aes_new_api for CBC_CS mode with AES (192|256) " "failed.\n"); return TEST_FAIL; } /* DES tests */ rc = test_des_new_api(variant); if (rc && rc != TEST_SKIP) { error_count++; printf("test_des_new_api for CBC_CS mode with DES " "failed.\n"); return TEST_FAIL; } /* 3DES tests */ rc = test_3des_new_api(variant); if (rc) { error_count++; printf("test_des_new_api for CBC_CS mode with 3DES " "failed.\n"); return TEST_FAIL; } } printf("All CBC-CS tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/ccm_test.c000066400000000000000000000157601417716165400157100ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* (C) COPYRIGHT International Business Machines Corp. 2011 */ #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define BYTE 8 #define NUM_CCM_TESTS 4 unsigned char input_data[1000000]; unsigned char parameter_block[32]; unsigned char *to = parameter_block; unsigned int key_length[4] = {16, 16, 16, 16}; unsigned char key[4][16] = { {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f }, {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f }, {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f }, {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f }}; #define CASE3_ASSOC_LEN 256 /* Number of bytes in string for case 3 */ unsigned int assoc_data_length[4] = {8, 16, 20, 65536}; unsigned char assoc_data[4][65536] = { { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 }, { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f }, { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, 0x10,0x11,0x12,0x13 }}; unsigned int i = 0; unsigned char repeated_string[256] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f, 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f, 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f, 0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f, 0x50,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x58,0x59,0x5a,0x5b,0x5c,0x5d,0x5e,0x5f, 0x60,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,0x6e,0x6f, 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, 0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf, 0xb0,0xb1,0xb2,0xb3,0xb4,0xb5,0xb6,0xb7,0xb8,0xb9,0xba,0xbb,0xbc,0xbd,0xbe,0xbf, 0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,0xc6,0xc7,0xc8,0xc9,0xca,0xcb,0xcc,0xcd,0xce,0xcf, 0xd0,0xd1,0xd2,0xd3,0xd4,0xd5,0xd6,0xd7,0xd8,0xd9,0xda,0xdb,0xdc,0xdd,0xde,0xdf, 0xe0,0xe1,0xe2,0xe3,0xe4,0xe5,0xe6,0xe7,0xe8,0xe9,0xea,0xeb,0xec,0xed,0xee,0xef, 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff}; unsigned int payload_length[4] = {4, 16, 24, 32}; unsigned char payload[4][32] = { { 0x20,0x21,0x22,0x23 }, { 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f}, { 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f, 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37 }, { 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f , 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f }}; unsigned char payload_after_decrypt[4][32] = { { 0x20,0x21,0x22,0x23 }, { 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f}, { 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f, 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37 }, { 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f , 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f }}; unsigned int nonce_length[4] = {7,8,12,13}; unsigned char nonce[4][13] = { { 0x10,0x11,0x12,0x13,0x14,0x15,0x16}, { 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17}, { 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b}, { 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c}}; unsigned int cbc_mac_length[4] = {4, 6, 8, 14}; unsigned int cipher_text_length[4] = {8, 22, 32, 46}; unsigned char cipher_text[4][46] = { { 0x71,0x62,0x01,0x5b,0x4d,0xac,0x25,0x5d }, { 0xd2,0xa1,0xf0,0xe0,0x51,0xea,0x5f,0x62,0x08,0x1a,0x77,0x92,0x07,0x3d,0x59,0x3d, 0x1f,0xc6,0x4f,0xbf,0xac,0xcd }, { 0xe3,0xb2,0x01,0xa9,0xf5,0xb7,0x1a,0x7a,0x9b,0x1c,0xea,0xec,0xcd,0x97,0xe7,0x0b, 0x61,0x76,0xaa,0xd9,0xa4,0x42,0x8a,0xa5,0x48,0x43,0x92,0xfb,0xc1,0xb0,0x99,0x51}, {0x69,0x91,0x5d,0xad,0x1e,0x84,0xc6,0x37,0x6a,0x68,0xc2,0x96,0x7e,0x4d,0xab,0x61, 0x5a,0xe0,0xfd,0x1f,0xae,0xc4,0x4c,0xc4,0x84,0x82,0x85,0x29,0x46,0x3c,0xcf,0x72, 0xb4,0xac,0x6b,0xec,0x93,0xe8,0x59,0x8e,0x7f,0x0d,0xad,0xbc,0xea,0x5b} }; int api_ccm_test(void) { unsigned char *out_data; int rc = 0; VV_(printf("Test of CCM api\n")); while ( i < 65536 ) { // init big assoc_data memcpy(assoc_data[3] + i, repeated_string, 256); i= i + 256; } for (i = 0; i < NUM_CCM_TESTS; i++) { VV_(printf("\nOriginal data for test %d:\n", i)); if (!(out_data = malloc(cipher_text_length[i]))) return TEST_ERR; memset(out_data, 0, cipher_text_length[i]); rc = (ica_aes_ccm(payload[i], payload_length[i], out_data, cbc_mac_length[i], assoc_data[i], assoc_data_length[i], nonce[i], nonce_length[i], key[i], key_length[i], ICA_ENCRYPT)); if (rc) { VV_(printf("icaccm encrypt failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput Cipher text for test %d:\n", i)); dump_array(out_data, cipher_text_length[i]); VV_(printf("\nExpected Cipher Text for test %d:\n", i)); dump_array(cipher_text[i], cipher_text_length[i]); if (memcmp(cipher_text[i], out_data, cipher_text_length[i]) != 0) { printf("This does NOT match the known result.\n"); return TEST_FAIL; } VV_(printf("Yep, that's how it should be encrypted.\n")); // start decrypt / verify memset(payload[i], 0, payload_length[i]); rc = (ica_aes_ccm(out_data, payload_length[i], cipher_text[i], cbc_mac_length[i], assoc_data[i], assoc_data_length[i], nonce[i], nonce_length[i], key[i], key_length[i], ICA_DECRYPT)); if (rc) { VV_(printf("icaccm decrypt failed with errno %d (0x%x).\n", rc,rc)); return TEST_FAIL; } VV_(printf("\nOutput payload for test %d:\n", i)); dump_array(out_data, payload_length[i]); VV_(printf("\nExpected payload for test %d:\n", i)); dump_array(payload_after_decrypt[i], payload_length[i]); if (memcmp(out_data, payload_after_decrypt[i], payload_length[i]) == 0 ) { VV_(printf("Yep, payload matches to original.\n")); } else { VV_(printf("This does NOT match the known result.\n")); return TEST_FAIL; } free(out_data); } return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-CCM test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); rc = api_ccm_test(); if (rc) { printf("api_ccm_test failed with rc = %i.\n", rc); return TEST_FAIL; } printf("All AES-CCM tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/cmac_test.c000066400000000000000000000247771417716165400160610ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define BYTE 8 #define NUM_TESTS 12 #define AES_BLOCK_SIZE 16 unsigned int key_length[12] = {16, 16, 16, 16, 24, 24, 24, 24, 32, 32, 32, 32}; unsigned char key[12][32] = {{ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c},{ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c},{ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c},{ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c},{ 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10 ,0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b},{ 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10 ,0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b},{ 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10 ,0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b},{ 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10 ,0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b},{ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4},{ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4},{ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4},{ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4} }; unsigned char last_block[3][16] = {{ 0x7d, 0xf7, 0x6b, 0x0c, 0x1a, 0xb8, 0x99, 0xb3, 0x3e, 0x42, 0xf0, 0x47, 0xb9, 0x1b, 0x54, 0x6f},{ 0x22, 0x45, 0x2d, 0x8e, 0x49, 0xa8, 0xa5, 0x93, 0x9f, 0x73, 0x21, 0xce, 0xea, 0x6d, 0x51, 0x4b},{ 0xe5, 0x68, 0xf6, 0x81, 0x94, 0xcf, 0x76, 0xd6, 0x17, 0x4d, 0x4c, 0xc0, 0x43, 0x10, 0xa8, 0x54} }; unsigned long mlen[12] = { 0, 16, 40, 64, 0,16, 40, 64, 0, 16, 40, 64}; unsigned char message[12][512] = {{ 0x00},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf ,0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10},{ 0x00},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf ,0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10},{ 0x00},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf ,0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11},{ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10} }; unsigned char expected_cmac[12][16] = {{ 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46},{ 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c},{ 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30, 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27},{ 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92, 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe},{ 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5, 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67},{ 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90, 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84},{ 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad, 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e},{ 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79, 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11},{ 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e, 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83},{ 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82, 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c},{ 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2, 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6},{ 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5, 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10} }; unsigned int ica_aes_cmac_chaining(unsigned char *, unsigned long, unsigned char *, unsigned int, unsigned char *, unsigned int, unsigned int); unsigned int i = 0; unsigned char *cmac; unsigned int cmac_length = 16; int api_cmac_test(void) { int rc = 0; VV_(printf("Test of CMAC api\n")); for (i = 0 ; i < NUM_TESTS; i++) { if (!(cmac = malloc(cmac_length))) return TEST_ERR; memset(cmac, 0, cmac_length); rc = (ica_aes_cmac(message[i], mlen[i], cmac, cmac_length, key[i], key_length[i], ICA_ENCRYPT)); if (rc) { VV_(printf("ica_aes_cmac generate failed with errno %d (0x%x)." "\n",rc,rc)); return TEST_FAIL; } if (memcmp(cmac, expected_cmac[i], cmac_length) != 0) { VV_(printf("This does NOT match the known result. " "Testcase %i failed\n",i)); VV_(printf("\nOutput MAC for test %d:\n", i)); dump_array((unsigned char *)cmac, cmac_length); VV_(printf("\nExpected MAC for test %d:\n", i)); dump_array((unsigned char *)expected_cmac[i], 16); free(cmac); return TEST_FAIL; } VV_(printf("Expected MAC has been generated.\n")); rc = (ica_aes_cmac(message[i], mlen[i], cmac, cmac_length, key[i], key_length[i], ICA_DECRYPT)); if (rc) { VV_(printf("ica_aes_cmac verify failed with errno %d (0x%x).\n", rc, rc)); free(cmac); return TEST_FAIL; } free(cmac); if (!rc) { VV_(printf("MAC was successful verified. Test %i " "succeeded\n",i)); } else { printf("MAC verification failed for test %i " "with RC=%i\n",i,rc); return TEST_FAIL; } } return TEST_SUCC; } inline unsigned int ica_aes_cmac_chaining(unsigned char *in, unsigned long in_length, unsigned char *cmac, unsigned int cmac_length, unsigned char *key, unsigned int key_length, unsigned int direction) { unsigned char *last_block = NULL; unsigned long tmp_length; unsigned char tmp_iv[AES_BLOCK_SIZE]; unsigned int rc; memset(tmp_iv, 0x00, AES_BLOCK_SIZE); for (last_block = in, tmp_length = in_length; tmp_length > (AES_BLOCK_SIZE); last_block += AES_BLOCK_SIZE, tmp_length -= AES_BLOCK_SIZE) { rc = ica_aes_cmac_intermediate(last_block, AES_BLOCK_SIZE, key, key_length, tmp_iv); if (rc) return TEST_FAIL; } rc = ica_aes_cmac_last(last_block, tmp_length, cmac, cmac_length, key, key_length, tmp_iv, direction); if (rc) return TEST_FAIL; return TEST_SUCC; } int api_cmac_chaining_test(void) { int rc = 0; VV_(printf("Test of CMAC chaining api\n")); for (i = 0 ; i < NUM_TESTS; i++) { if (!(cmac = malloc(cmac_length))) return TEST_ERR; memset(cmac, 0, cmac_length); rc = ica_aes_cmac_chaining(message[i], mlen[i], cmac, cmac_length, key[i], key_length[i], ICA_ENCRYPT); if (rc) { VV_(printf("ica_aes_cmac chaining generate failed with errno %d (0x%x)." "\n",rc,rc)); return TEST_FAIL; } if (memcmp(cmac, expected_cmac[i], cmac_length) != 0) { VV_(printf("This does NOT match the known result. " "Testcase %i failed\n",i)); VV_(printf("\nOutput MAC for test %d:\n", i)); dump_array((unsigned char *)cmac, cmac_length); VV_(printf("\nExpected MAC for test %d:\n", i)); dump_array((unsigned char *)expected_cmac[i], 16); free(cmac); return TEST_FAIL; } VV_(printf("Expected MAC has been generated.\n")); rc = ica_aes_cmac_chaining(message[i], mlen[i], cmac, cmac_length, key[i], key_length[i], ICA_DECRYPT); if (rc) { VV_(printf("ica_aes_cmac verify failed with errno %d (0x%x).\n", rc, rc)); free(cmac); return TEST_FAIL; } free(cmac); if (!rc) { VV_(printf("MAC was successful verified. Test %i " "succeeded\n",i)); } else { VV_(printf("MAC verification failed for test %i " "with RC=%i\n",i,rc)); return TEST_FAIL; } } return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping AES-CMAC test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); rc = api_cmac_test(); if (rc) { printf("api_cmac_test failed with rc = %i\n", rc); return TEST_FAIL; } rc = api_cmac_chaining_test(); if (rc) { printf("api_cmac_test failed with rc = %i\n", rc); return TEST_FAIL; } printf("All CMAC tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/des_cbc_test.c000066400000000000000000000210731417716165400165220ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 1 #define NR_RANDOM_TESTS 10000 /* CBC data - 1 for DES128 */ unsigned char NIST_KEY_CBC_E1[] = { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, }; unsigned char NIST_IV_CBC_E1[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; unsigned char NIST_EXPECTED_IV_CBC_E1[] = { 0x95, 0xf8, 0xa5, 0xe5, 0xdd, 0x31, 0xd9, 0x00, }; unsigned char NIST_TEST_DATA_CBC_E1[] = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; unsigned char NIST_TEST_RESULT_CBC_E1[] = { 0x95, 0xf8, 0xa5, 0xe5, 0xdd, 0x31, 0xd9, 0x00, }; void dump_cbc_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *iv_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_CBC_E1); *iv_length = sizeof(NIST_IV_CBC_E1); *key_length = sizeof(NIST_KEY_CBC_E1); break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *iv, unsigned char *expected_iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_CBC_E1, data_length); memcpy(result, NIST_TEST_RESULT_CBC_E1, data_length); memcpy(iv, NIST_IV_CBC_E1, iv_length); memcpy(expected_iv, NIST_EXPECTED_IV_CBC_E1, iv_length); memcpy(key, NIST_KEY_CBC_E1, key_length); break; } } int kat_des_cbc(int iteration) { unsigned int data_length; unsigned int iv_length; unsigned int key_length; get_sizes(&data_length, &iv_length, &key_length, iteration); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char expected_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); load_test_data(input_data, data_length, result, iv, expected_iv, iv_length, key, key_length, iteration); memcpy(tmp_iv, iv, iv_length); rc = ica_des_cbc(input_data, encrypt, data_length, key, tmp_iv, 1); if (rc) { VV_(printf("ica_des_cbc encrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (memcmp(expected_iv, tmp_iv, iv_length)) { VV_(printf("Update of IV does not match the expected IV!\n")); VV_(printf("Expected IV:\n")); dump_array(expected_iv, iv_length); VV_(printf("Updated IV:\n")); dump_array(tmp_iv, iv_length); VV_(printf("Original IV:\n")); dump_array(iv, iv_length); rc++; } if (rc) { VV_(printf("DES CBC test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_des_cbc(encrypt, decrypt, data_length, key, tmp_iv, 0); if (rc) { VV_(printf("ica_des_cbc decrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_des_cbc(int iteration, unsigned int data_length) { unsigned int iv_length = sizeof(ica_des_vector_t); unsigned int key_length = sizeof(ica_des_key_single_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_des_cbc(input_data, encrypt, data_length, key, tmp_iv, 1); if (rc) { VV_(printf("ica_des_cbc encrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("DES CBC test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_des_cbc(encrypt, decrypt, data_length, key, tmp_iv, 0); if (rc) { VV_(printf("ica_des_cbc decrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Performs CBC tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping DES-CBC test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int data_length = sizeof(ica_des_vector_t); set_verbosity(argc, argv); #ifdef ICA_FIPS if (ica_fips_status() & ICA_FIPS_MODE) { printf("All DES-CBC tests skipped." " (DES not FIPS approved)\n"); return TEST_SKIP; } #endif /* ICA_FIPS */ for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_des_cbc(iteration); if (rc) { V_(printf("kat_des_cbc failed with rc = %i\n", rc)); error_count++; } } for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_des_cbc(iteration, data_length); if (rc) { V_(printf("random_des_cbc failed with rc = %i\n", rc)); error_count++; goto out; } data_length += sizeof(ica_des_vector_t); } out: if (error_count) { printf("%i DES-CBC tests failed.\n", error_count); return TEST_FAIL; } printf("All DES-CBC tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/des_cfb_test.c000066400000000000000000000116711417716165400165300ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 12 #define NR_RANDOM_TESTS 1000 void dump_cfb_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_des_cfb(int iteration, unsigned int data_length, unsigned int lcfb) { unsigned int iv_length = sizeof(ica_des_vector_t); unsigned int key_length = sizeof(ica_des_key_single_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i," " lcfb = %i\n", key_length, data_length, iv_length, lcfb)); rc = ica_des_cfb(input_data, encrypt, data_length, key, tmp_iv, lcfb, 1); if (rc) { VV_(printf("ica_des_cfb encrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("DES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_des_cfb(encrypt, decrypt, data_length, key, tmp_iv, lcfb, 0); if (rc) { VV_(printf("ica_des_cfb decrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping DES-CFB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int rdata; unsigned int data_length = 1; unsigned int lcfb = 1; unsigned int j; set_verbosity(argc, argv); #ifdef ICA_FIPS if (ica_fips_status() & ICA_FIPS_MODE) { printf("All DES-CFB tests skipped." " (DES not FIPS approved)\n"); return TEST_SKIP; } #endif /* ICA_FIPS */ for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { for (j = 1; j <= 2; j++) { if (!(data_length % lcfb)) { rc = random_des_cfb(iteration, data_length, lcfb); if (rc) { V_(printf("random_des_cfb failed with rc = %i\n", rc)); error_count++; } } switch (j) { case 1: lcfb = 1; break; case 2: lcfb = 8; break; } } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); return TEST_FAIL; } data_length += (rdata % 8) + 1; } if (error_count) { printf("%i DES-CFB tests failed.\n", error_count); return TEST_FAIL; } printf("All DES-CFB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/des_ctr_test.c000066400000000000000000000116551417716165400165700ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_RANDOM_TESTS 1000 void dump_ctr_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int random_des_ctr(int iteration, unsigned int data_length, unsigned int iv_length) { unsigned int key_length = sizeof(ica_des_key_single_t); if (data_length % sizeof(ica_des_vector_t)) iv_length = sizeof(ica_des_vector_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_random_number_generate(data_length, input_data); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_des_ctr(input_data, encrypt, data_length, key, tmp_iv, 32,1); if (rc) { VV_(printf("ica_des_ctr encrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Encrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } memcpy(tmp_iv, iv, iv_length); rc = ica_des_ctr(encrypt, decrypt, data_length, key, tmp_iv, 32, 0); if (rc) { VV_(printf("ica_des_ctr decrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping DES-CTR test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int i = 0; unsigned int endless = 0; unsigned int rdata; unsigned int data_length = 1; unsigned int iv_length = sizeof(ica_des_key_single_t); #ifdef ICA_FIPS if (ica_fips_status() & ICA_FIPS_MODE) { printf("All DES-CTR tests skipped." " (DES not FIPS approved)\n"); return TEST_SKIP; } #endif /* ICA_FIPS */ if (argc > 1) { if (strstr(argv[1], "endless")) endless = 1; } set_verbosity(argc, argv); if (endless) { while (1) { VV_(printf("i = %i\n", i)); rc = random_des_ctr(i, 320, 320); if (rc) { V_(printf("kat_des_ctr failed with rc = %i\n", rc)); return TEST_FAIL; } i++; } } else { for (i = 1; i < NR_RANDOM_TESTS; i++) { rc = random_des_ctr(i, data_length, iv_length); if (rc) { V_(printf("random_des_ctr failed with rc = %i\n", rc)); error_count++; } if (!(data_length % sizeof(ica_des_key_single_t))) { /* Always when the full block size is reached use a * counter with the same size as the data */ rc = random_des_ctr(i, data_length, data_length); if (rc) { V_(printf("random_des_ctr failed with rc = %i\n", rc)); error_count++; } } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); return TEST_FAIL; } data_length += (rdata % 8) + 1; } } if (error_count) { printf("%i DES-CTR tests failed.\n", error_count); return TEST_FAIL; } printf("All DES-CTR tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/des_ecb_test.c000066400000000000000000000075701417716165400165320ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_RANDOM_TESTS 10000 void dump_ecb_data(unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_des_ecb(int iteration, unsigned int data_length) { int rc = 0; unsigned int key_length = sizeof(ica_des_key_triple_t); unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char key[key_length]; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, key, key_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i\n", key_length, data_length)); rc = ica_des_ecb(input_data, encrypt, data_length, key, 1); if (rc) { VV_(printf("ica_des_ecb encrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("3DES ECB test exited after encryption\n")); return TEST_FAIL; } rc = ica_des_ecb(encrypt, decrypt, data_length, key, 0); if (rc) { VV_(printf("ica_des_ecb decrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; return TEST_FAIL; } if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Performs ECB tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping DES-ECB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int data_length = sizeof(ica_des_vector_t); set_verbosity(argc, argv); #ifdef ICA_FIPS if (ica_fips_status() & ICA_FIPS_MODE) { printf("All DES-ECB tests skipped." " (DES not FIPS approved)\n"); return TEST_SKIP; } #endif /* ICA_FIPS */ for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_des_ecb(iteration, data_length); if (rc) { V_(printf("random_des_ecb failed with rc = %i\n", rc)); error_count++; goto out; } data_length += sizeof(ica_des_vector_t); } out: if (error_count) { printf("%i DES-ECB tests failed.\n", error_count); return TEST_FAIL; } printf("All DES-ECB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/des_ofb_test.c000066400000000000000000000112241417716165400165360ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_RANDOM_TESTS 10000 void dump_ofb_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_des_ofb(int iteration, unsigned int data_length) { unsigned int iv_length = sizeof(ica_des_vector_t); unsigned int key_length = sizeof(ica_des_key_single_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_des_ofb(input_data, encrypt, data_length, key, tmp_iv, 1); if (rc) { VV_(printf("ica_des_ofb encrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("DES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_des_ofb(encrypt, decrypt, data_length, key, tmp_iv, 0); if (rc) { VV_(printf("ica_des_ofb decrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping DES-OFB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int rdata; unsigned int data_length = 1; set_verbosity(argc, argv); #ifdef ICA_FIPS if (ica_fips_status() & ICA_FIPS_MODE) { printf("All DES-OFB tests skipped." " (DES not FIPS approved)\n"); return TEST_SKIP; } #endif /* ICA_FIPS */ for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_des_ofb(iteration, data_length); if (rc) { V_(printf("random_des_ofb failed with rc = %i\n", rc)); error_count++; goto out; } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); goto out; } data_length += (rdata % 8) + 1; } out: if (error_count) { printf("%i DES-OFB tests failed.\n", error_count); return TEST_FAIL; } printf("All DES-OFB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/drbg_birthdays_test.c000066400000000000000000000071711417716165400201320ustar00rootroot00000000000000/* * Multithreaded birthday paradox test for a sha512 instantiation of ica_drbg * * usage: ica_drbg_birthdays * * rnd_ex# is the no. of random experiments to be done for test no.# */ #include #include #include #include #include #include "ica_api.h" #include "testcase.h" /* * no. of people no. of possible birthdays probability of a pair * = THREADS = 2 ^ ( 8 * GEN_BYTES) * -------------------------------------------------------------------------- * 19 256 = 2 ^ (8 * 1) 0.5 * 301 65536 = 2 ^ (8 * 2) 0.5 * 4823 16777216 = 2 ^ (8 * 3) 0.5 */ #ifndef NO_CPACF static const int THREADS[] = {19, 301, 4823}; static const int GEN_BYTES[] = { 1, 2, 3}; static int test = 0; static ica_drbg_t *sh = NULL; void *thread(void *buffer) { int rc; rc = ica_drbg_generate(sh, 0, false, NULL, 0, buffer, GEN_BYTES[test]); if(rc){ fprintf(stderr, "error: ica_drbg_generate: %s (%d)\n", strerror(rc), rc); exit(1); } return NULL; } #endif /* NO_CPACF */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping DRBG-Birthday test, because CPACF support disabled via config option.\n"); printf("Satisfy perl script: (p = 0.50).\n"); return TEST_SKIP; #else long rnd_ex[3] = {0}, ex, pair_found; int i, j, rc; bool toggle; if(2 > argc || 4 < argc){ fprintf(stderr, "usage: ica_drbg_birthdays " " \n"); return TEST_ERR; } for(i = 1; i < argc; i++) rnd_ex[i - 1] = strtol(argv[i], NULL, 10); /* create instantiation */ rc = ica_drbg_instantiate(&sh, 0, false, ICA_DRBG_SHA512, NULL, 0); if(rc){ fprintf(stderr, "error: ica_drbg_instantiate: %s (%d)\n", strerror(rc), rc); return TEST_FAIL; } printf("Multithreaded birthday paradox test for a sha512 " "instantiation of ica_drbg\n" "(the test result is good, if p is close to 0.5 for a large" " number of random experiments)\n"); /* perform each of the 3 tests rnd_ex[test] times */ for(test = 0; test < 3; test++){ if(!rnd_ex[test]) continue; int status[THREADS[test]]; unsigned char buffer[THREADS[test]][GEN_BYTES[test]]; pair_found = 0; printf("%ld random Experiment(s): %d threads, " "%1d bytes/thread generated...\n", rnd_ex[test], THREADS[test], GEN_BYTES[test]); pthread_t threads[THREADS[test]]; for(ex = 0; ex < rnd_ex[test]; ex++){ /* start threads */ for(i = 0; i < THREADS[test]; i++){ while((rc = pthread_create(&threads[i], NULL, thread, buffer[i])) == EAGAIN) ; if(rc){ fprintf(stderr, "error: pthread_create: " "%s (%d)\n", strerror(rc), rc); return TEST_FAIL; } } /* wait for threads */ for(i = 0; i < THREADS[test]; i++){ if((rc = pthread_join(threads[i], (void**)&status[i]))){ fprintf(stderr, "error: pthread_join " "%s (%d)\n", strerror(rc), rc); return TEST_FAIL; } } /* search pairs */ toggle = false; for(i = 0; i < THREADS[test]; i++){ for(j = 0; j < THREADS[test]; j++){ if(i != j && !memcmp(buffer[i], buffer[j], GEN_BYTES[test])){ pair_found++; toggle = true; break; } } if(toggle) break; } } printf("... %ld times a pair was found (p = %1.2f).\n", pair_found, (float)pair_found/ex); } /* destroy instantiation */ rc = ica_drbg_uninstantiate(&sh); if(rc){ fprintf(stderr, "error: ica_drbg_uninstantiate: %s (%d)\n", strerror(rc), rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/drbg_birthdays_test.pl000077500000000000000000000003501417716165400203160ustar00rootroot00000000000000#!/usr/bin/env perl use strict; use warnings; my $random_experiments = 1000; my $out = `./drbg_birthdays_test $random_experiments 0 0`; print("$out"); $out =~ /p = ([0-1][.][0-9][0-9])/; exit(1) if (($1 <= 0.4) || (0.6 <= $1)); libica-4.0.1/test/drbg_test.c000066400000000000000000000266151417716165400160650ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * DRBG conforming to NIST SP800-90A * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2015 */ #include #include #include #include #include "ica_api.h" #include "s390_drbg.h" #include "testcase.h" /* * Known answer test types */ typedef struct{ /* Inputs */ ica_drbg_t **sh; int sec; bool pr; ica_drbg_mech_t *const mech; const unsigned char *pers; size_t pers_len; /* Expected return code */ int rc; }instantiate_test_t; typedef struct{ /* Inputs */ ica_drbg_t *sh; bool pr; const unsigned char *add; size_t add_len; /* Expected return code */ int rc; }reseed_test_t; typedef struct{ /* Inputs */ ica_drbg_t *sh; int sec; bool pr; const unsigned char *add; size_t add_len; size_t prnd_len; /* Expected return code */ int rc; }generate_test_t; typedef struct{ /* Inputs */ ica_drbg_t **sh; /* Expected return code */ int rc; }uninstantiate_test_t; typedef struct{ /* Inputs */ void *func; int sec; bool pr; ica_drbg_mech_t *mech; /* Expected return code */ int rc; }health_test_test_t; /* * Testcase */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping DRBG test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else unsigned int i = 0; int failed = 0; int passed = 0; int status = -1; const unsigned char pers[] = {0x7e,0xa1,0x0e,0x96,0xaf,0x90,0x0c,0x25, 0xd3,0xbe,0x3b,0x50,0xa0,0xcc,0x71,0xa7, 0x9f,0xe4,0x14,0xbd,0x4c,0x37,0x39,0x80, 0x3f,0x02,0xff,0xe5,0xb2,0x60,0xbf,0xbb,}; const unsigned char add[] = {0xc0,0x66,0xfd,0x2e,0xb8,0xe4,0xae,0xa2, 0xe7,0x14,0x5e,0xda,0x0c,0xfc,0x8b,0xef, 0x5e,0xed,0xcc,0x36,0x7b,0x1c,0xb4,0xde, 0x7e,0xb2,0xc2,0x75,0x9f,0xa7,0x5b,0xf7,}; size_t pers_len = sizeof(pers) / sizeof(pers[0]); size_t add_len = sizeof(add) / sizeof(add[0]); set_verbosity(argc, argv); /* * drbg_sha512 tests */ /* Instantiate */ ica_drbg_t *sh = NULL; ica_drbg_t *sh2 = &(ica_drbg_t){.lock = PTHREAD_MUTEX_INITIALIZER}; drbg_recursive_mutex_init(&sh2->lock); const instantiate_test_t inst_test[] = { { .mech = ICA_DRBG_SHA512, .sh = &sh, .sec = DRBG_SEC_112, .pr = true, .pers = NULL, .pers_len = 0, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .sh = &sh, .sec = DRBG_SEC_192, .pr = true, .pers = pers, .pers_len = pers_len, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .sh = &sh, .sec = DRBG_SEC_256, .pr = false, .pers = pers, .pers_len = pers_len, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .sh = &sh, .sec = DRBG_SEC_128, .pr = false, .pers = NULL, .pers_len = 0, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .sh = &sh, .sec = DRBG_SEC_256 + 1, .pr = true, .pers = NULL, .pers_len = 0, .rc = ENOTSUP, }, { .mech = ICA_DRBG_SHA512, .sh = &sh, .sec = DRBG_SEC_112, .pr = false, .pers = pers, .pers_len = ICA_DRBG_SHA512->max_pers_len + 1, .rc = EINVAL, }, { .mech = NULL, .sh = &sh, .sec = DRBG_SEC_128, .pr = true, .pers = NULL, .pers_len = 0, .rc = EINVAL, }, { .mech = NULL, .sh = NULL, .sec = DRBG_SEC_192, .pr = false, .pers = NULL, .pers_len = 0, .rc = EINVAL, }, { .mech = NULL, .sh = &sh2, .sec = DRBG_SEC_256, .pr = true, .pers = pers, .pers_len = pers_len, .rc = EINVAL, }, }; for(i = 0; i < sizeof(inst_test) / sizeof(inst_test[0]); i++){ V_(printf("instantiate function: test no. %u", i)); status = ica_drbg_instantiate(inst_test[i].sh, inst_test[i].sec, inst_test[i].pr, inst_test[i].mech, inst_test[i].pers, inst_test[i].pers_len); if(inst_test[i].rc == status){ V_(printf(" passed\n")); passed++; } else{ V_(printf(" failed\n")); failed++; } ica_drbg_uninstantiate(inst_test[i].sh); } /* Reseed */ ica_drbg_t *sh_pr_false = NULL; ica_drbg_t *sh_pr_true = NULL; ica_drbg_instantiate(&sh_pr_true, DRBG_SEC_112, true, ICA_DRBG_SHA512, pers, pers_len); ica_drbg_instantiate(&sh_pr_false, DRBG_SEC_112, false, ICA_DRBG_SHA512, pers, pers_len); const reseed_test_t res_test[] = { { .sh = sh_pr_true, .pr = true, .add = NULL, .add_len = 0, .rc = 0, }, { .sh = sh_pr_false, .pr = false, .add = add, .add_len = add_len, .rc = 0, }, { .sh = sh_pr_true, .pr = true, .add = add, .add_len = ICA_DRBG_SHA512->max_add_len + 1, .rc = EINVAL, }, { .sh = NULL, .pr = true, .add = NULL, .add_len = 0, .rc = EINVAL, }, { .sh = sh_pr_false, .pr = true, .add = add, .add_len = add_len, .rc = ENOTSUP, }, }; for(i = 0; i < sizeof(res_test) / sizeof(res_test[0]); i++){ V_(printf("reseed function: test no. %u", i)); status = ica_drbg_reseed(res_test[i].sh, res_test[i].pr, res_test[i].add, res_test[i].add_len); if(res_test[i].rc == status){ V_(printf(" passed\n")); passed++; } else{ V_(printf(" failed\n")); failed++; } } ica_drbg_uninstantiate(&sh_pr_true); ica_drbg_uninstantiate(&sh_pr_false); /* Generate */ sh_pr_false = NULL; sh_pr_true = NULL; ica_drbg_instantiate(&sh_pr_true, DRBG_SEC_192, true, ICA_DRBG_SHA512, pers, pers_len); ica_drbg_instantiate(&sh_pr_false, DRBG_SEC_192, false, ICA_DRBG_SHA512, pers, pers_len); const generate_test_t gen_test[] = { { .sh = sh_pr_true, .sec = DRBG_SEC_112, .pr = true, .add = add, .add_len = add_len, .prnd_len = 0, .rc = 0, }, { .sh = sh_pr_true, .sec = DRBG_SEC_112, .pr = true, .add = NULL, .add_len = 0, .prnd_len = 256, .rc = 0, }, { .sh = sh_pr_false, .sec = DRBG_SEC_192, .pr = false, .add = NULL, .add_len = 0, .prnd_len = ICA_DRBG_SHA512->max_no_of_bytes_per_req, .rc = 0, }, { .sh = sh_pr_false, .sec = DRBG_SEC_192, .pr = false, .add = add, .add_len = add_len, .prnd_len = 512, .rc = 0, }, { .sh = sh_pr_true, .sec = DRBG_SEC_128, .pr = true, .add = add, .add_len = add_len, .prnd_len = 1024, .rc = 0, }, { .sh = sh_pr_false, .sec = DRBG_SEC_256, .pr = false, .add = NULL, .add_len = 0, .prnd_len = 2048, .rc = ENOTSUP, }, { .sh = sh_pr_false, .sec = DRBG_SEC_112, .pr = true, .add = add, .add_len = add_len, .prnd_len = 3072, .rc = ENOTSUP, }, { .sh = NULL, .sec = DRBG_SEC_112, .pr = true, .add = add, .add_len = add_len, .prnd_len = 128, .rc = EINVAL, }, { .sh = sh_pr_true, .sec = DRBG_SEC_128, .pr = false, .add = add, .add_len = ICA_DRBG_SHA512->max_add_len + 1, .prnd_len = 64, .rc = EINVAL, }, }; for(i = 0; i < sizeof(gen_test) / sizeof(gen_test[0]); i++){ V_(printf("generate function: test no. %u", i)); size_t prnd_len = gen_test[i].prnd_len; unsigned char prnd[prnd_len + 1]; /* +1 avoids 0-length VLA */ status = ica_drbg_generate(gen_test[i].sh, gen_test[i].sec, gen_test[i].pr, gen_test[i].add, gen_test[i].add_len, prnd, prnd_len); if(gen_test[i].rc == status){ V_(printf(" passed\n")); passed++; } else{ V_(printf(" failed\n")); failed++; } } ica_drbg_uninstantiate(&sh_pr_true); ica_drbg_uninstantiate(&sh_pr_false); /* Uninstantiate */ sh = NULL; ica_drbg_instantiate(&sh, DRBG_SEC_256, true, ICA_DRBG_SHA512, pers, pers_len); const uninstantiate_test_t uninst_test[] = { { .sh = &sh, .rc = 0, }, { .sh = NULL, .rc = EINVAL, }, }; for(i = 0; i < sizeof(uninst_test) / sizeof(uninst_test[0]); i++){ V_(printf("uninstantiate function: test no. %u", i)); status = ica_drbg_uninstantiate(uninst_test[i].sh); if(uninst_test[i].rc == status){ V_(printf(" passed\n")); passed++; } else{ V_(printf(" failed\n")); failed++; } } ica_drbg_uninstantiate(&sh); /* Health test */ const health_test_test_t ht_test[] = { { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_112, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_128, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_192, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_256, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_112, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_128, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_192, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_256, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_112, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_128, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_192, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_256, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_112, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_128, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_192, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_reseed, .sec = DRBG_SEC_256, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_112, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_128, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_192, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_256, .pr = true, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_112, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_128, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_192, .pr = false, .rc = 0, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_generate, .sec = DRBG_SEC_256, .pr = false, .rc = 0, }, { .mech = NULL, .func = ica_drbg_generate, .sec = DRBG_SEC_256, .pr = false, .rc = EINVAL, }, { .mech = ICA_DRBG_SHA512, .func = NULL, .sec = DRBG_SEC_256, .pr = true, .rc = EINVAL, }, { .mech = ICA_DRBG_SHA512, .func = ica_drbg_instantiate, .sec = DRBG_SEC_256 + 1, .pr = false, .rc = ENOTSUP, }, }; for(i = 0; i < sizeof(ht_test) / sizeof(ht_test[0]); i++){ V_(printf("health test function: test no. %u", i)); status = ica_drbg_health_test(ht_test[i].func, ht_test[i].sec, ht_test[i].pr, ht_test[i].mech); if(ht_test[i].rc == status){ V_(printf(" passed\n")); passed++; } else{ V_(printf(" failed\n")); failed++; } } if(failed) { printf("DRBG tests: %d passed, %d failed, %d total\n", passed, failed, passed + failed); return TEST_FAIL; } printf("All DRBG tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/ec_keygen1_test.sh000077500000000000000000000002341417716165400173410ustar00rootroot00000000000000#!/bin/bash if lszcrypt | grep -q -e "CEX.C.*online"; then ICAPATH=1 ./ec_keygen_test else # Show output in log file for debugging lszcrypt exit 77 fi libica-4.0.1/test/ec_keygen2_test.sh000077500000000000000000000002341417716165400173420ustar00rootroot00000000000000#!/bin/bash if lszcrypt | grep -q -e "CEX.C.*online"; then ICAPATH=2 ./ec_keygen_test else # Show output in log file for debugging lszcrypt exit 77 fi libica-4.0.1/test/ec_keygen_test.c000066400000000000000000000114701417716165400170710ustar00rootroot00000000000000#include #include #include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "ica_api.h" #include "testcase.h" #include #define MAX_ECC_PRIV_SIZE 66 /* 521 bits */ #define MAX_ECDSA_SIG_SIZE 2*MAX_ECC_PRIV_SIZE #define NUM_ECKEYGEN_TESTS (sizeof(eckeygen_tests)/sizeof(eckeygen_test_t)) #define NUM_HW_SW_TESTS 2 #define NUM_HASH_LENGTHS (sizeof(hash_length)/sizeof(int)) typedef struct { unsigned int nid; char nid_str[32]; } eckeygen_test_t; static eckeygen_test_t eckeygen_tests[] = { {NID_X9_62_prime192v1, "NID_X9_62_prime192v1"}, {NID_secp224r1, "NID_secp224r1"}, {NID_X9_62_prime256v1, "NID_X9_62_prime256v1"}, {NID_secp384r1, "NID_secp384r1"}, {NID_secp521r1, "NID_secp521r1"}, {NID_brainpoolP160r1, "NID_brainpoolP160r1"}, {NID_brainpoolP192r1, "NID_brainpoolP192r1"}, {NID_brainpoolP224r1, "NID_brainpoolP224r1"}, {NID_brainpoolP256r1, "NID_brainpoolP256r1"}, {NID_brainpoolP320r1, "NID_brainpoolP320r1"}, {NID_brainpoolP384r1, "NID_brainpoolP384r1"}, {NID_brainpoolP512r1, "NID_brainpoolP512r1"}, }; static unsigned char hash[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, }; static unsigned int hash_length[] = { 20, 28, 32, 48, 64, }; int main(int argc, char **argv) { ica_adapter_handle_t adapter_handle; unsigned int i, j, k, rc; unsigned int errors=0, test_failed=0; unsigned char signature[MAX_ECDSA_SIG_SIZE]; unsigned char pub_X[MAX_ECC_PRIV_SIZE]; unsigned char pub_Y[MAX_ECC_PRIV_SIZE]; unsigned char priv_D[MAX_ECC_PRIV_SIZE]; unsigned int privlen = 0; ICA_EC_KEY *eckey; char *icapath; set_verbosity(argc, argv); if (!ecc_available()) { printf("Skipping EC keygen test, because the required HW" " is not available on this machine.\n"); return TEST_SKIP; } rc = ica_open_adapter(&adapter_handle); if (rc != 0) { V_(printf("ica_open_adapter failed and returned %d (0x%x).\n", rc, rc)); } /* set ICAPATH default value */ icapath = getenv("ICAPATH"); if ((icapath == NULL) || (atoi(icapath) == 0)) { icapath = "1"; setenv("ICAPATH", icapath, 1); } /* Iterate over curves */ for (i = 0; i < NUM_ECKEYGEN_TESTS; i++) { setenv("ICAPATH", icapath, 1); test_failed = 0; memset(pub_X, 0, sizeof(pub_X)); memset(pub_Y, 0, sizeof(pub_Y)); memset(priv_D, 0, sizeof(priv_D)); V_(printf("Generating EC key for curve %d (%s) \n", eckeygen_tests[i].nid, eckeygen_tests[i].nid_str)); for (k = 0; k < NUM_HW_SW_TESTS; k++) { if (can_toggle(eckeygen_tests[i].nid)) toggle_env_icapath(); /* generate EC key with given curve */ VV_(printf(" performing keygen with ICAPATH=%d \n", getenv_icapath())); eckey = ica_ec_key_new(eckeygen_tests[i].nid, &privlen); if (!eckey) continue; rc = ica_ec_key_generate(adapter_handle, eckey); if (rc) { ica_ec_key_free(eckey); eckey = NULL; if (rc == EPERM) { V_(printf("Curve %d not supported on this system, skipping ...\n", eckeygen_tests[i].nid)); continue; } else { V_(printf("EC key for curve %i could not be generated, rc=%i.\n", eckeygen_tests[i].nid, rc)); errors++; continue; } } for (j = 0; j #include #include #include #include #include #include "ica_api.h" #include #include "testcase.h" #include #define NUM_ECDH_TESTS (sizeof(ecdh_kats)/sizeof(ecdh_kat_t)) #define NUM_HW_SW_TESTS 2 #define MAX_ECC_KEY_SIZE 66 /* 521 bits */ typedef struct { unsigned int nid; unsigned int privlen; unsigned char da[MAX_ECC_KEY_SIZE]; unsigned char xa[MAX_ECC_KEY_SIZE]; unsigned char ya[MAX_ECC_KEY_SIZE]; unsigned char db[MAX_ECC_KEY_SIZE]; unsigned char xb[MAX_ECC_KEY_SIZE]; unsigned char yb[MAX_ECC_KEY_SIZE]; unsigned char z[MAX_ECC_KEY_SIZE]; } ecdh_kat_t; static ecdh_kat_t ecdh_kats[] = { /* Keys and shared secrets from RFC 5114 */ {NID_X9_62_prime192v1, 24, {0x32,0x3F,0xA3,0x16,0x9D,0x8E,0x9C,0x65,0x93,0xF5,0x94,0x76,0xBC,0x14,0x20,0x00, 0xAB,0x5B,0xE0,0xE2,0x49,0xC4,0x34,0x26,}, {0xCD,0x46,0x48,0x9E,0xCF,0xD6,0xC1,0x05,0xE7,0xB3,0xD3,0x25,0x66,0xE2,0xB1,0x22, 0xE2,0x49,0xAB,0xAA,0xDD,0x87,0x06,0x12,}, {0x68,0x88,0x7B,0x48,0x77,0xDF,0x51,0xDD,0x4D,0xC3,0xD6,0xFD,0x11,0xF0,0xA2,0x6F, 0x8F,0xD3,0x84,0x43,0x17,0x91,0x6E,0x9A,}, {0x63,0x1F,0x95,0xBB,0x4A,0x67,0x63,0x2C,0x9C,0x47,0x6E,0xEE,0x9A,0xB6,0x95,0xAB, 0x24,0x0A,0x04,0x99,0x30,0x7F,0xCF,0x62,}, {0x51,0x9A,0x12,0x16,0x80,0xE0,0x04,0x54,0x66,0xBA,0x21,0xDF,0x2E,0xEE,0x47,0xF5, 0x97,0x3B,0x50,0x05,0x77,0xEF,0x13,0xD5,}, {0xFF,0x61,0x3A,0xB4,0xD6,0x4C,0xEE,0x3A,0x20,0x87,0x5B,0xDB,0x10,0xF9,0x53,0xF6, 0xB3,0x0C,0xA0,0x72,0xC6,0x0A,0xA5,0x7F,}, {0xAD,0x42,0x01,0x82,0x63,0x3F,0x85,0x26,0xBF,0xE9,0x54,0xAC,0xDA,0x37,0x6F,0x05, 0xE5,0xFF,0x4F,0x83,0x7F,0x54,0xFE,0xBE,} }, {NID_secp224r1, 28, {0xB5,0x58,0xEB,0x6C,0x28,0x8D,0xA7,0x07,0xBB,0xB4,0xF8,0xFB,0xAE,0x2A,0xB9,0xE9, 0xCB,0x62,0xE3,0xBC,0x5C,0x75,0x73,0xE2,0x2E,0x26,0xD3,0x7F,}, {0x49,0xDF,0xEF,0x30,0x9F,0x81,0x48,0x8C,0x30,0x4C,0xFF,0x5A,0xB3,0xEE,0x5A,0x21, 0x54,0x36,0x7D,0xC7,0x83,0x31,0x50,0xE0,0xA5,0x1F,0x3E,0xEB,}, {0x4F,0x2B,0x5E,0xE4,0x57,0x62,0xC4,0xF6,0x54,0xC1,0xA0,0xC6,0x7F,0x54,0xCF,0x88, 0xB0,0x16,0xB5,0x1B,0xCE,0x3D,0x7C,0x22,0x8D,0x57,0xAD,0xB4,}, {0xAC,0x3B,0x1A,0xDD,0x3D,0x97,0x70,0xE6,0xF6,0xA7,0x08,0xEE,0x9F,0x3B,0x8E,0x0A, 0xB3,0xB4,0x80,0xE9,0xF2,0x7F,0x85,0xC8,0x8B,0x5E,0x6D,0x18,}, {0x6B,0x3A,0xC9,0x6A,0x8D,0x0C,0xDE,0x6A,0x55,0x99,0xBE,0x80,0x32,0xED,0xF1,0x0C, 0x16,0x2D,0x0A,0x8A,0xD2,0x19,0x50,0x6D,0xCD,0x42,0xA2,0x07,}, {0xD4,0x91,0xBE,0x99,0xC2,0x13,0xA7,0xD1,0xCA,0x37,0x06,0xDE,0xBF,0xE3,0x05,0xF3, 0x61,0xAF,0xCB,0xB3,0x3E,0x26,0x09,0xC8,0xB1,0x61,0x8A,0xD5,}, {0x52,0x27,0x2F,0x50,0xF4,0x6F,0x4E,0xDC,0x91,0x51,0x56,0x90,0x92,0xF4,0x6D,0xF2, 0xD9,0x6E,0xCC,0x3B,0x6D,0xC1,0x71,0x4A,0x4E,0xA9,0x49,0xFA,} }, {NID_X9_62_prime256v1, 32, {0x81,0x42,0x64,0x14,0x5F,0x2F,0x56,0xF2,0xE9,0x6A,0x8E,0x33,0x7A,0x12,0x84,0x99, 0x3F,0xAF,0x43,0x2A,0x5A,0xBC,0xE5,0x9E,0x86,0x7B,0x72,0x91,0xD5,0x07,0xA3,0xAF,}, {0x2A,0xF5,0x02,0xF3,0xBE,0x89,0x52,0xF2,0xC9,0xB5,0xA8,0xD4,0x16,0x0D,0x09,0xE9, 0x71,0x65,0xBE,0x50,0xBC,0x42,0xAE,0x4A,0x5E,0x8D,0x3B,0x4B,0xA8,0x3A,0xEB,0x15,}, {0xEB,0x0F,0xAF,0x4C,0xA9,0x86,0xC4,0xD3,0x86,0x81,0xA0,0xF9,0x87,0x2D,0x79,0xD5, 0x67,0x95,0xBD,0x4B,0xFF,0x6E,0x6D,0xE3,0xC0,0xF5,0x01,0x5E,0xCE,0x5E,0xFD,0x85,}, {0x2C,0xE1,0x78,0x8E,0xC1,0x97,0xE0,0x96,0xDB,0x95,0xA2,0x00,0xCC,0x0A,0xB2,0x6A, 0x19,0xCE,0x6B,0xCC,0xAD,0x56,0x2B,0x8E,0xEE,0x1B,0x59,0x37,0x61,0xCF,0x7F,0x41,}, {0xB1,0x20,0xDE,0x4A,0xA3,0x64,0x92,0x79,0x53,0x46,0xE8,0xDE,0x6C,0x2C,0x86,0x46, 0xAE,0x06,0xAA,0xEA,0x27,0x9F,0xA7,0x75,0xB3,0xAB,0x07,0x15,0xF6,0xCE,0x51,0xB0,}, {0x9F,0x1B,0x7E,0xEC,0xE2,0x0D,0x7B,0x5E,0xD8,0xEC,0x68,0x5F,0xA3,0xF0,0x71,0xD8, 0x37,0x27,0x02,0x70,0x92,0xA8,0x41,0x13,0x85,0xC3,0x4D,0xDE,0x57,0x08,0xB2,0xB6,}, {0xDD,0x0F,0x53,0x96,0x21,0x9D,0x1E,0xA3,0x93,0x31,0x04,0x12,0xD1,0x9A,0x08,0xF1, 0xF5,0x81,0x1E,0x9D,0xC8,0xEC,0x8E,0xEA,0x7F,0x80,0xD2,0x1C,0x82,0x0C,0x27,0x88,}, }, {NID_secp384r1, 48, {0xD2,0x73,0x35,0xEA,0x71,0x66,0x4A,0xF2,0x44,0xDD,0x14,0xE9,0xFD,0x12,0x60,0x71, 0x5D,0xFD,0x8A,0x79,0x65,0x57,0x1C,0x48,0xD7,0x09,0xEE,0x7A,0x79,0x62,0xA1,0x56, 0xD7,0x06,0xA9,0x0C,0xBC,0xB5,0xDF,0x29,0x86,0xF0,0x5F,0xEA,0xDB,0x93,0x76,0xF1,}, {0x79,0x31,0x48,0xF1,0x78,0x76,0x34,0xD5,0xDA,0x4C,0x6D,0x90,0x74,0x41,0x7D,0x05, 0xE0,0x57,0xAB,0x62,0xF8,0x20,0x54,0xD1,0x0E,0xE6,0xB0,0x40,0x3D,0x62,0x79,0x54, 0x7E,0x6A,0x8E,0xA9,0xD1,0xFD,0x77,0x42,0x7D,0x01,0x6F,0xE2,0x7A,0x8B,0x8C,0x66,}, {0xC6,0xC4,0x12,0x94,0x33,0x1D,0x23,0xE6,0xF4,0x80,0xF4,0xFB,0x4C,0xD4,0x05,0x04, 0xC9,0x47,0x39,0x2E,0x94,0xF4,0xC3,0xF0,0x6B,0x8F,0x39,0x8B,0xB2,0x9E,0x42,0x36, 0x8F,0x7A,0x68,0x59,0x23,0xDE,0x3B,0x67,0xBA,0xCE,0xD2,0x14,0xA1,0xA1,0xD1,0x28,}, {0x52,0xD1,0x79,0x1F,0xDB,0x4B,0x70,0xF8,0x9C,0x0F,0x00,0xD4,0x56,0xC2,0xF7,0x02, 0x3B,0x61,0x25,0x26,0x2C,0x36,0xA7,0xDF,0x1F,0x80,0x23,0x11,0x21,0xCC,0xE3,0xD3, 0x9B,0xE5,0x2E,0x00,0xC1,0x94,0xA4,0x13,0x2C,0x4A,0x6C,0x76,0x8B,0xCD,0x94,0xD2,}, {0x5C,0xD4,0x2A,0xB9,0xC4,0x1B,0x53,0x47,0xF7,0x4B,0x8D,0x4E,0xFB,0x70,0x8B,0x3D, 0x5B,0x36,0xDB,0x65,0x91,0x53,0x59,0xB4,0x4A,0xBC,0x17,0x64,0x7B,0x6B,0x99,0x99, 0x78,0x9D,0x72,0xA8,0x48,0x65,0xAE,0x2F,0x22,0x3F,0x12,0xB5,0xA1,0xAB,0xC1,0x20,}, {0xE1,0x71,0x45,0x8F,0xEA,0xA9,0x39,0xAA,0xA3,0xA8,0xBF,0xAC,0x46,0xB4,0x04,0xBD, 0x8F,0x6D,0x5B,0x34,0x8C,0x0F,0xA4,0xD8,0x0C,0xEC,0xA1,0x63,0x56,0xCA,0x93,0x32, 0x40,0xBD,0xE8,0x72,0x34,0x15,0xA8,0xEC,0xE0,0x35,0xB0,0xED,0xF3,0x67,0x55,0xDE,}, {0x5E,0xA1,0xFC,0x4A,0xF7,0x25,0x6D,0x20,0x55,0x98,0x1B,0x11,0x05,0x75,0xE0,0xA8, 0xCA,0xE5,0x31,0x60,0x13,0x7D,0x90,0x4C,0x59,0xD9,0x26,0xEB,0x1B,0x84,0x56,0xE4, 0x27,0xAA,0x8A,0x45,0x40,0x88,0x4C,0x37,0xDE,0x15,0x9A,0x58,0x02,0x8A,0xBC,0x0E,}, }, {NID_secp521r1, 66, {0x01,0x13,0xF8,0x2D,0xA8,0x25,0x73,0x5E,0x3D,0x97,0x27,0x66,0x83,0xB2,0xB7,0x42, 0x77,0xBA,0xD2,0x73,0x35,0xEA,0x71,0x66,0x4A,0xF2,0x43,0x0C,0xC4,0xF3,0x34,0x59, 0xB9,0x66,0x9E,0xE7,0x8B,0x3F,0xFB,0x9B,0x86,0x83,0x01,0x5D,0x34,0x4D,0xCB,0xFE, 0xF6,0xFB,0x9A,0xF4,0xC6,0xC4,0x70,0xBE,0x25,0x45,0x16,0xCD,0x3C,0x1A,0x1F,0xB4, 0x73,0x62,}, {0x01,0xEB,0xB3,0x4D,0xD7,0x57,0x21,0xAB,0xF8,0xAD,0xC9,0xDB,0xED,0x17,0x88,0x9C, 0xBB,0x97,0x65,0xD9,0x0A,0x7C,0x60,0xF2,0xCE,0xF0,0x07,0xBB,0x0F,0x2B,0x26,0xE1, 0x48,0x81,0xFD,0x44,0x42,0xE6,0x89,0xD6,0x1C,0xB2,0xDD,0x04,0x6E,0xE3,0x0E,0x3F, 0xFD,0x20,0xF9,0xA4,0x5B,0xBD,0xF6,0x41,0x3D,0x58,0x3A,0x2D,0xBF,0x59,0x92,0x4F, 0xD3,0x5C,}, {0x00,0xF6,0xB6,0x32,0xD1,0x94,0xC0,0x38,0x8E,0x22,0xD8,0x43,0x7E,0x55,0x8C,0x55, 0x2A,0xE1,0x95,0xAD,0xFD,0x15,0x3F,0x92,0xD7,0x49,0x08,0x35,0x1B,0x2F,0x8C,0x4E, 0xDA,0x94,0xED,0xB0,0x91,0x6D,0x1B,0x53,0xC0,0x20,0xB5,0xEE,0xCA,0xED,0x1A,0x5F, 0xC3,0x8A,0x23,0x3E,0x48,0x30,0x58,0x7B,0xB2,0xEE,0x34,0x89,0xB3,0xB4,0x2A,0x5A, 0x86,0xA4,}, {0x00,0xCE,0xE3,0x48,0x0D,0x86,0x45,0xA1,0x7D,0x24,0x9F,0x27,0x76,0xD2,0x8B,0xAE, 0x61,0x69,0x52,0xD1,0x79,0x1F,0xDB,0x4B,0x70,0xF7,0xC3,0x37,0x87,0x32,0xAA,0x1B, 0x22,0x92,0x84,0x48,0xBC,0xD1,0xDC,0x24,0x96,0xD4,0x35,0xB0,0x10,0x48,0x06,0x6E, 0xBE,0x4F,0x72,0x90,0x3C,0x36,0x1B,0x1A,0x9D,0xC1,0x19,0x3D,0xC2,0xC9,0xD0,0x89, 0x1B,0x96,}, {0x01,0x0E,0xBF,0xAF,0xC6,0xE8,0x5E,0x08,0xD2,0x4B,0xFF,0xFC,0xC1,0xA4,0x51,0x1D, 0xB0,0xE6,0x34,0xBE,0xEB,0x1B,0x6D,0xEC,0x8C,0x59,0x39,0xAE,0x44,0x76,0x62,0x01, 0xAF,0x62,0x00,0x43,0x0B,0xA9,0x7C,0x8A,0xC6,0xA0,0xE9,0xF0,0x8B,0x33,0xCE,0x7E, 0x9F,0xEE,0xB5,0xBA,0x4E,0xE5,0xE0,0xD8,0x15,0x10,0xC2,0x42,0x95,0xB8,0xA0,0x8D, 0x02,0x35,}, {0x00,0xA4,0xA6,0xEC,0x30,0x0D,0xF9,0xE2,0x57,0xB0,0x37,0x2B,0x5E,0x7A,0xBF,0xEF, 0x09,0x34,0x36,0x71,0x9A,0x77,0x88,0x7E,0xBB,0x0B,0x18,0xCF,0x80,0x99,0xB9,0xF4, 0x21,0x2B,0x6E,0x30,0xA1,0x41,0x9C,0x18,0xE0,0x29,0xD3,0x68,0x63,0xCC,0x9D,0x44, 0x8F,0x4D,0xBA,0x4D,0x2A,0x0E,0x60,0x71,0x1B,0xE5,0x72,0x91,0x5F,0xBD,0x4F,0xEF, 0x26,0x95,}, {0x00,0xCD,0xEA,0x89,0x62,0x1C,0xFA,0x46,0xB1,0x32,0xF9,0xE4,0xCF,0xE2,0x26,0x1C, 0xDE,0x2D,0x43,0x68,0xEB,0x56,0x56,0x63,0x4C,0x7C,0xC9,0x8C,0x7A,0x00,0xCD,0xE5, 0x4E,0xD1,0x86,0x6A,0x0D,0xD3,0xE6,0x12,0x6C,0x9D,0x2F,0x84,0x5D,0xAF,0xF8,0x2C, 0xEB,0x1D,0xA0,0x8F,0x5D,0x87,0x52,0x1B,0xB0,0xEB,0xEC,0xA7,0x79,0x11,0x16,0x9C, 0x20,0xCC,}, }, /* Keys and shared secrets from RFC 5903 */ {NID_X9_62_prime256v1, 32, {0xC8,0x8F,0x01,0xF5,0x10,0xD9,0xAC,0x3F,0x70,0xA2,0x92,0xDA,0xA2,0x31,0x6D,0xE5, 0x44,0xE9,0xAA,0xB8,0xAF,0xE8,0x40,0x49,0xC6,0x2A,0x9C,0x57,0x86,0x2D,0x14,0x33,}, {0xDA,0xD0,0xB6,0x53,0x94,0x22,0x1C,0xF9,0xB0,0x51,0xE1,0xFE,0xCA,0x57,0x87,0xD0, 0x98,0xDF,0xE6,0x37,0xFC,0x90,0xB9,0xEF,0x94,0x5D,0x0C,0x37,0x72,0x58,0x11,0x80,}, {0x52,0x71,0xA0,0x46,0x1C,0xDB,0x82,0x52,0xD6,0x1F,0x1C,0x45,0x6F,0xA3,0xE5,0x9A, 0xB1,0xF4,0x5B,0x33,0xAC,0xCF,0x5F,0x58,0x38,0x9E,0x05,0x77,0xB8,0x99,0x0B,0xB3,}, {0xC6,0xEF,0x9C,0x5D,0x78,0xAE,0x01,0x2A,0x01,0x11,0x64,0xAC,0xB3,0x97,0xCE,0x20, 0x88,0x68,0x5D,0x8F,0x06,0xBF,0x9B,0xE0,0xB2,0x83,0xAB,0x46,0x47,0x6B,0xEE,0x53,}, {0xD1,0x2D,0xFB,0x52,0x89,0xC8,0xD4,0xF8,0x12,0x08,0xB7,0x02,0x70,0x39,0x8C,0x34, 0x22,0x96,0x97,0x0A,0x0B,0xCC,0xB7,0x4C,0x73,0x6F,0xC7,0x55,0x44,0x94,0xBF,0x63,}, {0x56,0xFB,0xF3,0xCA,0x36,0x6C,0xC2,0x3E,0x81,0x57,0x85,0x4C,0x13,0xC5,0x8D,0x6A, 0xAC,0x23,0xF0,0x46,0xAD,0xA3,0x0F,0x83,0x53,0xE7,0x4F,0x33,0x03,0x98,0x72,0xAB,}, {0xD6,0x84,0x0F,0x6B,0x42,0xF6,0xED,0xAF,0xD1,0x31,0x16,0xE0,0xE1,0x25,0x65,0x20, 0x2F,0xEF,0x8E,0x9E,0xCE,0x7D,0xCE,0x03,0x81,0x24,0x64,0xD0,0x4B,0x94,0x42,0xDE,} }, {NID_secp384r1, 48, {0x09,0x9F,0x3C,0x70,0x34,0xD4,0xA2,0xC6,0x99,0x88,0x4D,0x73,0xA3,0x75,0xA6,0x7F, 0x76,0x24,0xEF,0x7C,0x6B,0x3C,0x0F,0x16,0x06,0x47,0xB6,0x74,0x14,0xDC,0xE6,0x55, 0xE3,0x5B,0x53,0x80,0x41,0xE6,0x49,0xEE,0x3F,0xAE,0xF8,0x96,0x78,0x3A,0xB1,0x94,}, {0x66,0x78,0x42,0xD7,0xD1,0x80,0xAC,0x2C,0xDE,0x6F,0x74,0xF3,0x75,0x51,0xF5,0x57, 0x55,0xC7,0x64,0x5C,0x20,0xEF,0x73,0xE3,0x16,0x34,0xFE,0x72,0xB4,0xC5,0x5E,0xE6, 0xDE,0x3A,0xC8,0x08,0xAC,0xB4,0xBD,0xB4,0xC8,0x87,0x32,0xAE,0xE9,0x5F,0x41,0xAA,}, {0x94,0x82,0xED,0x1F,0xC0,0xEE,0xB9,0xCA,0xFC,0x49,0x84,0x62,0x5C,0xCF,0xC2,0x3F, 0x65,0x03,0x21,0x49,0xE0,0xE1,0x44,0xAD,0xA0,0x24,0x18,0x15,0x35,0xA0,0xF3,0x8E, 0xEB,0x9F,0xCF,0xF3,0xC2,0xC9,0x47,0xDA,0xE6,0x9B,0x4C,0x63,0x45,0x73,0xA8,0x1C,}, {0x41,0xCB,0x07,0x79,0xB4,0xBD,0xB8,0x5D,0x47,0x84,0x67,0x25,0xFB,0xEC,0x3C,0x94, 0x30,0xFA,0xB4,0x6C,0xC8,0xDC,0x50,0x60,0x85,0x5C,0xC9,0xBD,0xA0,0xAA,0x29,0x42, 0xE0,0x30,0x83,0x12,0x91,0x6B,0x8E,0xD2,0x96,0x0E,0x4B,0xD5,0x5A,0x74,0x48,0xFC,}, {0xE5,0x58,0xDB,0xEF,0x53,0xEE,0xCD,0xE3,0xD3,0xFC,0xCF,0xC1,0xAE,0xA0,0x8A,0x89, 0xA9,0x87,0x47,0x5D,0x12,0xFD,0x95,0x0D,0x83,0xCF,0xA4,0x17,0x32,0xBC,0x50,0x9D, 0x0D,0x1A,0xC4,0x3A,0x03,0x36,0xDE,0xF9,0x6F,0xDA,0x41,0xD0,0x77,0x4A,0x35,0x71,}, {0xDC,0xFB,0xEC,0x7A,0xAC,0xF3,0x19,0x64,0x72,0x16,0x9E,0x83,0x84,0x30,0x36,0x7F, 0x66,0xEE,0xBE,0x3C,0x6E,0x70,0xC4,0x16,0xDD,0x5F,0x0C,0x68,0x75,0x9D,0xD1,0xFF, 0xF8,0x3F,0xA4,0x01,0x42,0x20,0x9D,0xFF,0x5E,0xAA,0xD9,0x6D,0xB9,0xE6,0x38,0x6C,}, {0x11,0x18,0x73,0x31,0xC2,0x79,0x96,0x2D,0x93,0xD6,0x04,0x24,0x3F,0xD5,0x92,0xCB, 0x9D,0x0A,0x92,0x6F,0x42,0x2E,0x47,0x18,0x75,0x21,0x28,0x7E,0x71,0x56,0xC5,0xC4, 0xD6,0x03,0x13,0x55,0x69,0xB9,0xE9,0xD0,0x9C,0xF5,0xD4,0xA2,0x70,0xF5,0x97,0x46,} }, {NID_secp521r1, 66, {0x00,0x37,0xAD,0xE9,0x31,0x9A,0x89,0xF4,0xDA,0xBD,0xB3,0xEF,0x41,0x1A,0xAC,0xCC, 0xA5,0x12,0x3C,0x61,0xAC,0xAB,0x57,0xB5,0x39,0x3D,0xCE,0x47,0x60,0x81,0x72,0xA0, 0x95,0xAA,0x85,0xA3,0x0F,0xE1,0xC2,0x95,0x2C,0x67,0x71,0xD9,0x37,0xBA,0x97,0x77, 0xF5,0x95,0x7B,0x26,0x39,0xBA,0xB0,0x72,0x46,0x2F,0x68,0xC2,0x7A,0x57,0x38,0x2D, 0x4A,0x52,}, {0x00,0x15,0x41,0x7E,0x84,0xDB,0xF2,0x8C,0x0A,0xD3,0xC2,0x78,0x71,0x33,0x49,0xDC, 0x7D,0xF1,0x53,0xC8,0x97,0xA1,0x89,0x1B,0xD9,0x8B,0xAB,0x43,0x57,0xC9,0xEC,0xBE, 0xE1,0xE3,0xBF,0x42,0xE0,0x0B,0x8E,0x38,0x0A,0xEA,0xE5,0x7C,0x2D,0x10,0x75,0x64, 0x94,0x18,0x85,0x94,0x2A,0xF5,0xA7,0xF4,0x60,0x17,0x23,0xC4,0x19,0x5D,0x17,0x6C, 0xED,0x3E,}, {0x01,0x7C,0xAE,0x20,0xB6,0x64,0x1D,0x2E,0xEB,0x69,0x57,0x86,0xD8,0xC9,0x46,0x14, 0x62,0x39,0xD0,0x99,0xE1,0x8E,0x1D,0x5A,0x51,0x4C,0x73,0x9D,0x7C,0xB4,0xA1,0x0A, 0xD8,0xA7,0x88,0x01,0x5A,0xC4,0x05,0xD7,0x79,0x9D,0xC7,0x5E,0x7B,0x7D,0x5B,0x6C, 0xF2,0x26,0x1A,0x6A,0x7F,0x15,0x07,0x43,0x8B,0xF0,0x1B,0xEB,0x6C,0xA3,0x92,0x6F, 0x95,0x82,}, {0x01,0x45,0xBA,0x99,0xA8,0x47,0xAF,0x43,0x79,0x3F,0xDD,0x0E,0x87,0x2E,0x7C,0xDF, 0xA1,0x6B,0xE3,0x0F,0xDC,0x78,0x0F,0x97,0xBC,0xCC,0x3F,0x07,0x83,0x80,0x20,0x1E, 0x9C,0x67,0x7D,0x60,0x0B,0x34,0x37,0x57,0xA3,0xBD,0xBF,0x2A,0x31,0x63,0xE4,0xC2, 0xF8,0x69,0xCC,0xA7,0x45,0x8A,0xA4,0xA4,0xEF,0xFC,0x31,0x1F,0x5C,0xB1,0x51,0x68, 0x5E,0xB9,}, {0x00,0xD0,0xB3,0x97,0x5A,0xC4,0xB7,0x99,0xF5,0xBE,0xA1,0x6D,0x5E,0x13,0xE9,0xAF, 0x97,0x1D,0x5E,0x9B,0x98,0x4C,0x9F,0x39,0x72,0x8B,0x5E,0x57,0x39,0x73,0x5A,0x21, 0x9B,0x97,0xC3,0x56,0x43,0x6A,0xDC,0x6E,0x95,0xBB,0x03,0x52,0xF6,0xBE,0x64,0xA6, 0xC2,0x91,0x2D,0x4E,0xF2,0xD0,0x43,0x3C,0xED,0x2B,0x61,0x71,0x64,0x00,0x12,0xD9, 0x46,0x0F,}, {0x01,0x5C,0x68,0x22,0x63,0x83,0x95,0x6E,0x3B,0xD0,0x66,0xE7,0x97,0xB6,0x23,0xC2, 0x7C,0xE0,0xEA,0xC2,0xF5,0x51,0xA1,0x0C,0x2C,0x72,0x4D,0x98,0x52,0x07,0x7B,0x87, 0x22,0x0B,0x65,0x36,0xC5,0xC4,0x08,0xA1,0xD2,0xAE,0xBB,0x8E,0x86,0xD6,0x78,0xAE, 0x49,0xCB,0x57,0x09,0x1F,0x47,0x32,0x29,0x65,0x79,0xAB,0x44,0xFC,0xD1,0x7F,0x0F, 0xC5,0x6A,}, {0x01,0x14,0x4C,0x7D,0x79,0xAE,0x69,0x56,0xBC,0x8E,0xDB,0x8E,0x7C,0x78,0x7C,0x45, 0x21,0xCB,0x08,0x6F,0xA6,0x44,0x07,0xF9,0x78,0x94,0xE5,0xE6,0xB2,0xD7,0x9B,0x04, 0xD1,0x42,0x7E,0x73,0xCA,0x4B,0xAA,0x24,0x0A,0x34,0x78,0x68,0x59,0x81,0x0C,0x06, 0xB3,0xC7,0x15,0xA3,0xA8,0xCC,0x31,0x51,0xF2,0xBE,0xE4,0x17,0x99,0x6D,0x19,0xF3, 0xDD,0xEA,} }, /* Keys and shared secrets from RFC 7027 */ {NID_brainpoolP256r1, 32, {0x81,0xDB,0x1E,0xE1,0x00,0x15,0x0F,0xF2,0xEA,0x33,0x8D,0x70,0x82,0x71,0xBE,0x38, 0x30,0x0C,0xB5,0x42,0x41,0xD7,0x99,0x50,0xF7,0x7B,0x06,0x30,0x39,0x80,0x4F,0x1D,}, {0x44,0x10,0x6E,0x91,0x3F,0x92,0xBC,0x02,0xA1,0x70,0x5D,0x99,0x53,0xA8,0x41,0x4D, 0xB9,0x5E,0x1A,0xAA,0x49,0xE8,0x1D,0x9E,0x85,0xF9,0x29,0xA8,0xE3,0x10,0x0B,0xE5,}, {0x8A,0xB4,0x84,0x6F,0x11,0xCA,0xCC,0xB7,0x3C,0xE4,0x9C,0xBD,0xD1,0x20,0xF5,0xA9, 0x00,0xA6,0x9F,0xD3,0x2C,0x27,0x22,0x23,0xF7,0x89,0xEF,0x10,0xEB,0x08,0x9B,0xDC,}, {0x55,0xE4,0x0B,0xC4,0x1E,0x37,0xE3,0xE2,0xAD,0x25,0xC3,0xC6,0x65,0x45,0x11,0xFF, 0xA8,0x47,0x4A,0x91,0xA0,0x03,0x20,0x87,0x59,0x38,0x52,0xD3,0xE7,0xD7,0x6B,0xD3,}, {0x8D,0x2D,0x68,0x8C,0x6C,0xF9,0x3E,0x11,0x60,0xAD,0x04,0xCC,0x44,0x29,0x11,0x7D, 0xC2,0xC4,0x18,0x25,0xE1,0xE9,0xFC,0xA0,0xAD,0xDD,0x34,0xE6,0xF1,0xB3,0x9F,0x7B,}, {0x99,0x0C,0x57,0x52,0x08,0x12,0xBE,0x51,0x26,0x41,0xE4,0x70,0x34,0x83,0x21,0x06, 0xBC,0x7D,0x3E,0x8D,0xD0,0xE4,0xC7,0xF1,0x13,0x6D,0x70,0x06,0x54,0x7C,0xEC,0x6A,}, {0x89,0xAF,0xC3,0x9D,0x41,0xD3,0xB3,0x27,0x81,0x4B,0x80,0x94,0x0B,0x04,0x25,0x90, 0xF9,0x65,0x56,0xEC,0x91,0xE6,0xAE,0x79,0x39,0xBC,0xE3,0x1F,0x3A,0x18,0xBF,0x2B,}, }, {NID_brainpoolP384r1, 48, {0x1E,0x20,0xF5,0xE0,0x48,0xA5,0x88,0x6F,0x1F,0x15,0x7C,0x74,0xE9,0x1B,0xDE,0x2B, 0x98,0xC8,0xB5,0x2D,0x58,0xE5,0x00,0x3D,0x57,0x05,0x3F,0xC4,0xB0,0xBD,0x65,0xD6, 0xF1,0x5E,0xB5,0xD1,0xEE,0x16,0x10,0xDF,0x87,0x07,0x95,0x14,0x36,0x27,0xD0,0x42,}, {0x68,0xB6,0x65,0xDD,0x91,0xC1,0x95,0x80,0x06,0x50,0xCD,0xD3,0x63,0xC6,0x25,0xF4, 0xE7,0x42,0xE8,0x13,0x46,0x67,0xB7,0x67,0xB1,0xB4,0x76,0x79,0x35,0x88,0xF8,0x85, 0xAB,0x69,0x8C,0x85,0x2D,0x4A,0x6E,0x77,0xA2,0x52,0xD6,0x38,0x0F,0xCA,0xF0,0x68,}, {0x55,0xBC,0x91,0xA3,0x9C,0x9E,0xC0,0x1D,0xEE,0x36,0x01,0x7B,0x7D,0x67,0x3A,0x93, 0x12,0x36,0xD2,0xF1,0xF5,0xC8,0x39,0x42,0xD0,0x49,0xE3,0xFA,0x20,0x60,0x74,0x93, 0xE0,0xD0,0x38,0xFF,0x2F,0xD3,0x0C,0x2A,0xB6,0x7D,0x15,0xC8,0x5F,0x7F,0xAA,0x59,}, {0x03,0x26,0x40,0xBC,0x60,0x03,0xC5,0x92,0x60,0xF7,0x25,0x0C,0x3D,0xB5,0x8C,0xE6, 0x47,0xF9,0x8E,0x12,0x60,0xAC,0xCE,0x4A,0xCD,0xA3,0xDD,0x86,0x9F,0x74,0xE0,0x1F, 0x8B,0xA5,0xE0,0x32,0x43,0x09,0xDB,0x6A,0x98,0x31,0x49,0x7A,0xBA,0xC9,0x66,0x70,}, {0x4D,0x44,0x32,0x6F,0x26,0x9A,0x59,0x7A,0x5B,0x58,0xBB,0xA5,0x65,0xDA,0x55,0x56, 0xED,0x7F,0xD9,0xA8,0xA9,0xEB,0x76,0xC2,0x5F,0x46,0xDB,0x69,0xD1,0x9D,0xC8,0xCE, 0x6A,0xD1,0x8E,0x40,0x4B,0x15,0x73,0x8B,0x20,0x86,0xDF,0x37,0xE7,0x1D,0x1E,0xB4,}, {0x62,0xD6,0x92,0x13,0x6D,0xE5,0x6C,0xBE,0x93,0xBF,0x5F,0xA3,0x18,0x8E,0xF5,0x8B, 0xC8,0xA3,0xA0,0xEC,0x6C,0x1E,0x15,0x1A,0x21,0x03,0x8A,0x42,0xE9,0x18,0x53,0x29, 0xB5,0xB2,0x75,0x90,0x3D,0x19,0x2F,0x8D,0x4E,0x1F,0x32,0xFE,0x9C,0xC7,0x8C,0x48,}, {0x0B,0xD9,0xD3,0xA7,0xEA,0x0B,0x3D,0x51,0x9D,0x09,0xD8,0xE4,0x8D,0x07,0x85,0xFB, 0x74,0x4A,0x6B,0x35,0x5E,0x63,0x04,0xBC,0x51,0xC2,0x29,0xFB,0xBC,0xE2,0x39,0xBB, 0xAD,0xF6,0x40,0x37,0x15,0xC3,0x5D,0x4F,0xB2,0xA5,0x44,0x4F,0x57,0x5D,0x4F,0x42,}, }, {NID_brainpoolP512r1, 64, {0x16,0x30,0x2F,0xF0,0xDB,0xBB,0x5A,0x8D,0x73,0x3D,0xAB,0x71,0x41,0xC1,0xB4,0x5A, 0xCB,0xC8,0x71,0x59,0x39,0x67,0x7F,0x6A,0x56,0x85,0x0A,0x38,0xBD,0x87,0xBD,0x59, 0xB0,0x9E,0x80,0x27,0x96,0x09,0xFF,0x33,0x3E,0xB9,0xD4,0xC0,0x61,0x23,0x1F,0xB2, 0x6F,0x92,0xEE,0xB0,0x49,0x82,0xA5,0xF1,0xD1,0x76,0x4C,0xAD,0x57,0x66,0x54,0x22,}, {0x0A,0x42,0x05,0x17,0xE4,0x06,0xAA,0xC0,0xAC,0xDC,0xE9,0x0F,0xCD,0x71,0x48,0x77, 0x18,0xD3,0xB9,0x53,0xEF,0xD7,0xFB,0xEC,0x5F,0x7F,0x27,0xE2,0x8C,0x61,0x49,0x99, 0x93,0x97,0xE9,0x1E,0x02,0x9E,0x06,0x45,0x7D,0xB2,0xD3,0xE6,0x40,0x66,0x8B,0x39, 0x2C,0x2A,0x7E,0x73,0x7A,0x7F,0x0B,0xF0,0x44,0x36,0xD1,0x16,0x40,0xFD,0x09,0xFD,}, {0x72,0xE6,0x88,0x2E,0x8D,0xB2,0x8A,0xAD,0x36,0x23,0x7C,0xD2,0x5D,0x58,0x0D,0xB2, 0x37,0x83,0x96,0x1C,0x8D,0xC5,0x2D,0xFA,0x2E,0xC1,0x38,0xAD,0x47,0x2A,0x0F,0xCE, 0xF3,0x88,0x7C,0xF6,0x2B,0x62,0x3B,0x2A,0x87,0xDE,0x5C,0x58,0x83,0x01,0xEA,0x3E, 0x5F,0xC2,0x69,0xB3,0x73,0xB6,0x07,0x24,0xF5,0xE8,0x2A,0x6A,0xD1,0x47,0xFD,0xE7,}, {0x23,0x0E,0x18,0xE1,0xBC,0xC8,0x8A,0x36,0x2F,0xA5,0x4E,0x4E,0xA3,0x90,0x20,0x09, 0x29,0x2F,0x7F,0x80,0x33,0x62,0x4F,0xD4,0x71,0xB5,0xD8,0xAC,0xE4,0x9D,0x12,0xCF, 0xAB,0xBC,0x19,0x96,0x3D,0xAB,0x8E,0x2F,0x1E,0xBA,0x00,0xBF,0xFB,0x29,0xE4,0xD7, 0x2D,0x13,0xF2,0x22,0x45,0x62,0xF4,0x05,0xCB,0x80,0x50,0x36,0x66,0xB2,0x54,0x29,}, {0x9D,0x45,0xF6,0x6D,0xE5,0xD6,0x7E,0x2E,0x6D,0xB6,0xE9,0x3A,0x59,0xCE,0x0B,0xB4, 0x81,0x06,0x09,0x7F,0xF7,0x8A,0x08,0x1D,0xE7,0x81,0xCD,0xB3,0x1F,0xCE,0x8C,0xCB, 0xAA,0xEA,0x8D,0xD4,0x32,0x0C,0x41,0x19,0xF1,0xE9,0xCD,0x43,0x7A,0x2E,0xAB,0x37, 0x31,0xFA,0x96,0x68,0xAB,0x26,0x8D,0x87,0x1D,0xED,0xA5,0x5A,0x54,0x73,0x19,0x9F,}, {0x2F,0xDC,0x31,0x30,0x95,0xBC,0xDD,0x5F,0xB3,0xA9,0x16,0x36,0xF0,0x7A,0x95,0x9C, 0x8E,0x86,0xB5,0x63,0x6A,0x1E,0x93,0x0E,0x83,0x96,0x04,0x9C,0xB4,0x81,0x96,0x1D, 0x36,0x5C,0xC1,0x14,0x53,0xA0,0x6C,0x71,0x98,0x35,0x47,0x5B,0x12,0xCB,0x52,0xFC, 0x3C,0x38,0x3B,0xCE,0x35,0xE2,0x7E,0xF1,0x94,0x51,0x2B,0x71,0x87,0x62,0x85,0xFA,}, {0xA7,0x92,0x70,0x98,0x65,0x5F,0x1F,0x99,0x76,0xFA,0x50,0xA9,0xD5,0x66,0x86,0x5D, 0xC5,0x30,0x33,0x18,0x46,0x38,0x1C,0x87,0x25,0x6B,0xAF,0x32,0x26,0x24,0x4B,0x76, 0xD3,0x64,0x03,0xC0,0x24,0xD7,0xBB,0xF0,0xAA,0x08,0x03,0xEA,0xFF,0x40,0x5D,0x3D, 0x24,0xF1,0x1A,0x9B,0x5C,0x0B,0xEF,0x67,0x9F,0xE1,0x45,0x4B,0x21,0xC4,0xCD,0x1F,}, }, }; int main(int argc, char **argv) { ica_adapter_handle_t adapter_handle; unsigned int i, j, rc; unsigned int errors=0, test_failed=0; unsigned char shared_secret[MAX_ECC_KEY_SIZE]; unsigned int privlen = 0; ICA_EC_KEY *eckey_A, *eckey_B; char *icapath; set_verbosity(argc, argv); if (!ecc_available()) { printf("Skipping ECDH test, because the required HW" " is not available on this machine.\n"); return TEST_SKIP; } rc = ica_open_adapter(&adapter_handle); if (rc != 0) { V_(printf("ica_open_adapter failed and returned %d (0x%x).\n", rc, rc)); } /* set ICAPATH default value */ icapath = getenv("ICAPATH"); if ((icapath == NULL) || (atoi(icapath) == 0)) { icapath = "1"; setenv("ICAPATH", icapath, 1); } /* Iterate over curves */ for (i = 0; i < NUM_ECDH_TESTS; i++) { setenv("ICAPATH", icapath, 1); V_(printf("Testing curve %d \n", ecdh_kats[i].nid)); test_failed = 0; memset(shared_secret, 0, sizeof(shared_secret)); eckey_A = ica_ec_key_new(ecdh_kats[i].nid, &privlen); if (!eckey_A) continue; rc = ica_ec_key_init(ecdh_kats[i].xa, ecdh_kats[i].ya, ecdh_kats[i].da, eckey_A); if (rc != 0) { ica_ec_key_free(eckey_A); eckey_A = NULL; if (rc == EPERM) { V_(printf("Curve %d not supported on this system, skipping ...\n", ecdh_kats[i].nid)); continue; } else { V_(printf("Failed to initialize key for nid %d, rc=%i.\n", ecdh_kats[i].nid, rc)); errors++; continue; } } eckey_B = ica_ec_key_new(ecdh_kats[i].nid, &privlen); if (!eckey_B) { ica_ec_key_free(eckey_A); eckey_A = NULL; continue; } rc = ica_ec_key_init(ecdh_kats[i].xb, ecdh_kats[i].yb, ecdh_kats[i].db, eckey_B); if (rc != 0) { ica_ec_key_free(eckey_B); eckey_B = NULL; ica_ec_key_free(eckey_A); eckey_A = NULL; if (rc == EPERM) { V_(printf("Curve %d not supported on this system, skipping ...\n", ecdh_kats[i].nid)); continue; } else { V_(printf("Failed to initialize key for nid %d, rc=%i.\n", ecdh_kats[i].nid, rc)); errors++; continue; } } for (j = 0; j < NUM_HW_SW_TESTS; j++) { if (can_toggle(ecdh_kats[i].nid)) toggle_env_icapath(); VV_(printf(" performing test with ICAPATH=%d \n", getenv_icapath())); /* calculate shared secret with priv_A, pub_B */ rc = ica_ecdh_derive_secret(adapter_handle, eckey_A, eckey_B, shared_secret, privlen); if (rc) { V_(printf("Shared secret could not be derived, rc=%i.\n",rc)); test_failed = 1; } else { /* compare result with known result */ if (memcmp(shared_secret, ecdh_kats[i].z, ecdh_kats[i].privlen) != 0) { V_(printf("Check 1: priv_A, pub_B: Results do not match.\n")); VV_(printf("Expected result:\n")); dump_array(ecdh_kats[i].z, privlen); VV_(printf("Calculated result:\n")); dump_array(shared_secret, privlen); test_failed = 1; } /* calculate shared secret with priv_B, pub_A */ rc = ica_ecdh_derive_secret(adapter_handle, eckey_B, eckey_A, shared_secret, privlen); if (rc) { V_(printf("Shared secret could not be derived, rc=%i.\n",rc)); test_failed = 1; } else { /* compare result with known result */ if (memcmp(shared_secret, ecdh_kats[i].z, ecdh_kats[i].privlen) != 0) { V_(printf("Check 2: pub(B), priv(A): Results do not match.\n")); VV_(printf("Expected result:\n")); dump_array(ecdh_kats[i].z, privlen); VV_(printf("Calculated result:\n")); dump_array(shared_secret, privlen); test_failed = 1; } } } } if (test_failed) errors++; ica_ec_key_free(eckey_A); eckey_A = NULL; ica_ec_key_free(eckey_B); eckey_B = NULL; unset_env_icapath(); } ica_close_adapter(adapter_handle); if (errors) { printf("%i of %li ECDH tests failed.\n", errors, NUM_ECDH_TESTS); return TEST_FAIL; } printf("All ECDH tests passed.\n"); return TEST_SUCC; } libica-4.0.1/test/ecdsa1_test.sh000077500000000000000000000002301417716165400164630ustar00rootroot00000000000000#!/bin/bash if lszcrypt | grep -q -e "CEX.C.*online"; then ICAPATH=1 ./ecdsa_test else # Show output in log file for debugging lszcrypt exit 77 fi libica-4.0.1/test/ecdsa2_test.sh000077500000000000000000000002301417716165400164640ustar00rootroot00000000000000#!/bin/bash if lszcrypt | grep -q -e "CEX.C.*online"; then ICAPATH=2 ./ecdsa_test else # Show output in log file for debugging lszcrypt exit 77 fi libica-4.0.1/test/ecdsa_test.c000066400000000000000000000300401417716165400162110ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2017 */ #include #include #include #include #include #include #include "ica_api.h" #include #include "testcase.h" #include #include #define NUM_HW_SW_TESTS 2 #define NUM_ECDSA_TESTS (sizeof(ecdsa_kats)/sizeof(ecdsa_kat_t)) #define NUM_HASH_LENGTHS (sizeof(hash_length)/sizeof(int)) #define MAX_ECC_PRIV_SIZE 66 /* 521 bits */ #define MAX_ECDSA_SIG_SIZE 132 #define MAX_HASH_LENGTH 64 typedef struct { unsigned int nid; unsigned char d[MAX_ECC_PRIV_SIZE]; unsigned char x[MAX_ECC_PRIV_SIZE]; unsigned char y[MAX_ECC_PRIV_SIZE]; } ecdsa_kat_t; static unsigned char hash[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, }; static unsigned int hash_length[] = { 20, 28, 32, 48, 64, }; /** * From: http://csrc.nist.gov/groups/STM/cavp/digital-signatures.html#test-vectors */ static ecdsa_kat_t ecdsa_kats[] = { /* Keys from RFC 5114 */ {NID_X9_62_prime192v1, {0x32,0x3F,0xA3,0x16,0x9D,0x8E,0x9C,0x65,0x93,0xF5,0x94,0x76,0xBC,0x14,0x20,0x00, 0xAB,0x5B,0xE0,0xE2,0x49,0xC4,0x34,0x26,}, {0xCD,0x46,0x48,0x9E,0xCF,0xD6,0xC1,0x05,0xE7,0xB3,0xD3,0x25,0x66,0xE2,0xB1,0x22, 0xE2,0x49,0xAB,0xAA,0xDD,0x87,0x06,0x12,}, {0x68,0x88,0x7B,0x48,0x77,0xDF,0x51,0xDD,0x4D,0xC3,0xD6,0xFD,0x11,0xF0,0xA2,0x6F, 0x8F,0xD3,0x84,0x43,0x17,0x91,0x6E,0x9A,}, }, {NID_secp224r1, {0xB5,0x58,0xEB,0x6C,0x28,0x8D,0xA7,0x07,0xBB,0xB4,0xF8,0xFB,0xAE,0x2A,0xB9,0xE9, 0xCB,0x62,0xE3,0xBC,0x5C,0x75,0x73,0xE2,0x2E,0x26,0xD3,0x7F,}, {0x49,0xDF,0xEF,0x30,0x9F,0x81,0x48,0x8C,0x30,0x4C,0xFF,0x5A,0xB3,0xEE,0x5A,0x21, 0x54,0x36,0x7D,0xC7,0x83,0x31,0x50,0xE0,0xA5,0x1F,0x3E,0xEB,}, {0x4F,0x2B,0x5E,0xE4,0x57,0x62,0xC4,0xF6,0x54,0xC1,0xA0,0xC6,0x7F,0x54,0xCF,0x88, 0xB0,0x16,0xB5,0x1B,0xCE,0x3D,0x7C,0x22,0x8D,0x57,0xAD,0xB4,}, }, {NID_X9_62_prime256v1, {0x81,0x42,0x64,0x14,0x5F,0x2F,0x56,0xF2,0xE9,0x6A,0x8E,0x33,0x7A,0x12,0x84,0x99, 0x3F,0xAF,0x43,0x2A,0x5A,0xBC,0xE5,0x9E,0x86,0x7B,0x72,0x91,0xD5,0x07,0xA3,0xAF,}, {0x2A,0xF5,0x02,0xF3,0xBE,0x89,0x52,0xF2,0xC9,0xB5,0xA8,0xD4,0x16,0x0D,0x09,0xE9, 0x71,0x65,0xBE,0x50,0xBC,0x42,0xAE,0x4A,0x5E,0x8D,0x3B,0x4B,0xA8,0x3A,0xEB,0x15,}, {0xEB,0x0F,0xAF,0x4C,0xA9,0x86,0xC4,0xD3,0x86,0x81,0xA0,0xF9,0x87,0x2D,0x79,0xD5, 0x67,0x95,0xBD,0x4B,0xFF,0x6E,0x6D,0xE3,0xC0,0xF5,0x01,0x5E,0xCE,0x5E,0xFD,0x85,}, }, {NID_secp384r1, {0xD2,0x73,0x35,0xEA,0x71,0x66,0x4A,0xF2,0x44,0xDD,0x14,0xE9,0xFD,0x12,0x60,0x71, 0x5D,0xFD,0x8A,0x79,0x65,0x57,0x1C,0x48,0xD7,0x09,0xEE,0x7A,0x79,0x62,0xA1,0x56, 0xD7,0x06,0xA9,0x0C,0xBC,0xB5,0xDF,0x29,0x86,0xF0,0x5F,0xEA,0xDB,0x93,0x76,0xF1,}, {0x79,0x31,0x48,0xF1,0x78,0x76,0x34,0xD5,0xDA,0x4C,0x6D,0x90,0x74,0x41,0x7D,0x05, 0xE0,0x57,0xAB,0x62,0xF8,0x20,0x54,0xD1,0x0E,0xE6,0xB0,0x40,0x3D,0x62,0x79,0x54, 0x7E,0x6A,0x8E,0xA9,0xD1,0xFD,0x77,0x42,0x7D,0x01,0x6F,0xE2,0x7A,0x8B,0x8C,0x66,}, {0xC6,0xC4,0x12,0x94,0x33,0x1D,0x23,0xE6,0xF4,0x80,0xF4,0xFB,0x4C,0xD4,0x05,0x04, 0xC9,0x47,0x39,0x2E,0x94,0xF4,0xC3,0xF0,0x6B,0x8F,0x39,0x8B,0xB2,0x9E,0x42,0x36, 0x8F,0x7A,0x68,0x59,0x23,0xDE,0x3B,0x67,0xBA,0xCE,0xD2,0x14,0xA1,0xA1,0xD1,0x28,}, }, {NID_secp521r1, {0x01,0x13,0xF8,0x2D,0xA8,0x25,0x73,0x5E,0x3D,0x97,0x27,0x66,0x83,0xB2,0xB7,0x42, 0x77,0xBA,0xD2,0x73,0x35,0xEA,0x71,0x66,0x4A,0xF2,0x43,0x0C,0xC4,0xF3,0x34,0x59, 0xB9,0x66,0x9E,0xE7,0x8B,0x3F,0xFB,0x9B,0x86,0x83,0x01,0x5D,0x34,0x4D,0xCB,0xFE, 0xF6,0xFB,0x9A,0xF4,0xC6,0xC4,0x70,0xBE,0x25,0x45,0x16,0xCD,0x3C,0x1A,0x1F,0xB4, 0x73,0x62,}, {0x01,0xEB,0xB3,0x4D,0xD7,0x57,0x21,0xAB,0xF8,0xAD,0xC9,0xDB,0xED,0x17,0x88,0x9C, 0xBB,0x97,0x65,0xD9,0x0A,0x7C,0x60,0xF2,0xCE,0xF0,0x07,0xBB,0x0F,0x2B,0x26,0xE1, 0x48,0x81,0xFD,0x44,0x42,0xE6,0x89,0xD6,0x1C,0xB2,0xDD,0x04,0x6E,0xE3,0x0E,0x3F, 0xFD,0x20,0xF9,0xA4,0x5B,0xBD,0xF6,0x41,0x3D,0x58,0x3A,0x2D,0xBF,0x59,0x92,0x4F, 0xD3,0x5C,}, {0x00,0xF6,0xB6,0x32,0xD1,0x94,0xC0,0x38,0x8E,0x22,0xD8,0x43,0x7E,0x55,0x8C,0x55, 0x2A,0xE1,0x95,0xAD,0xFD,0x15,0x3F,0x92,0xD7,0x49,0x08,0x35,0x1B,0x2F,0x8C,0x4E, 0xDA,0x94,0xED,0xB0,0x91,0x6D,0x1B,0x53,0xC0,0x20,0xB5,0xEE,0xCA,0xED,0x1A,0x5F, 0xC3,0x8A,0x23,0x3E,0x48,0x30,0x58,0x7B,0xB2,0xEE,0x34,0x89,0xB3,0xB4,0x2A,0x5A, 0x86,0xA4,}, }, /* Keys from RFC 5903 */ {NID_X9_62_prime256v1, {0xC8,0x8F,0x01,0xF5,0x10,0xD9,0xAC,0x3F,0x70,0xA2,0x92,0xDA,0xA2,0x31,0x6D,0xE5, 0x44,0xE9,0xAA,0xB8,0xAF,0xE8,0x40,0x49,0xC6,0x2A,0x9C,0x57,0x86,0x2D,0x14,0x33,}, {0xDA,0xD0,0xB6,0x53,0x94,0x22,0x1C,0xF9,0xB0,0x51,0xE1,0xFE,0xCA,0x57,0x87,0xD0, 0x98,0xDF,0xE6,0x37,0xFC,0x90,0xB9,0xEF,0x94,0x5D,0x0C,0x37,0x72,0x58,0x11,0x80,}, {0x52,0x71,0xA0,0x46,0x1C,0xDB,0x82,0x52,0xD6,0x1F,0x1C,0x45,0x6F,0xA3,0xE5,0x9A, 0xB1,0xF4,0x5B,0x33,0xAC,0xCF,0x5F,0x58,0x38,0x9E,0x05,0x77,0xB8,0x99,0x0B,0xB3,}, }, {NID_secp384r1, {0x09,0x9F,0x3C,0x70,0x34,0xD4,0xA2,0xC6,0x99,0x88,0x4D,0x73,0xA3,0x75,0xA6,0x7F, 0x76,0x24,0xEF,0x7C,0x6B,0x3C,0x0F,0x16,0x06,0x47,0xB6,0x74,0x14,0xDC,0xE6,0x55, 0xE3,0x5B,0x53,0x80,0x41,0xE6,0x49,0xEE,0x3F,0xAE,0xF8,0x96,0x78,0x3A,0xB1,0x94,}, {0x66,0x78,0x42,0xD7,0xD1,0x80,0xAC,0x2C,0xDE,0x6F,0x74,0xF3,0x75,0x51,0xF5,0x57, 0x55,0xC7,0x64,0x5C,0x20,0xEF,0x73,0xE3,0x16,0x34,0xFE,0x72,0xB4,0xC5,0x5E,0xE6, 0xDE,0x3A,0xC8,0x08,0xAC,0xB4,0xBD,0xB4,0xC8,0x87,0x32,0xAE,0xE9,0x5F,0x41,0xAA,}, {0x94,0x82,0xED,0x1F,0xC0,0xEE,0xB9,0xCA,0xFC,0x49,0x84,0x62,0x5C,0xCF,0xC2,0x3F, 0x65,0x03,0x21,0x49,0xE0,0xE1,0x44,0xAD,0xA0,0x24,0x18,0x15,0x35,0xA0,0xF3,0x8E, 0xEB,0x9F,0xCF,0xF3,0xC2,0xC9,0x47,0xDA,0xE6,0x9B,0x4C,0x63,0x45,0x73,0xA8,0x1C,}, }, {NID_secp521r1, {0x00,0x37,0xAD,0xE9,0x31,0x9A,0x89,0xF4,0xDA,0xBD,0xB3,0xEF,0x41,0x1A,0xAC,0xCC, 0xA5,0x12,0x3C,0x61,0xAC,0xAB,0x57,0xB5,0x39,0x3D,0xCE,0x47,0x60,0x81,0x72,0xA0, 0x95,0xAA,0x85,0xA3,0x0F,0xE1,0xC2,0x95,0x2C,0x67,0x71,0xD9,0x37,0xBA,0x97,0x77, 0xF5,0x95,0x7B,0x26,0x39,0xBA,0xB0,0x72,0x46,0x2F,0x68,0xC2,0x7A,0x57,0x38,0x2D, 0x4A,0x52,}, {0x00,0x15,0x41,0x7E,0x84,0xDB,0xF2,0x8C,0x0A,0xD3,0xC2,0x78,0x71,0x33,0x49,0xDC, 0x7D,0xF1,0x53,0xC8,0x97,0xA1,0x89,0x1B,0xD9,0x8B,0xAB,0x43,0x57,0xC9,0xEC,0xBE, 0xE1,0xE3,0xBF,0x42,0xE0,0x0B,0x8E,0x38,0x0A,0xEA,0xE5,0x7C,0x2D,0x10,0x75,0x64, 0x94,0x18,0x85,0x94,0x2A,0xF5,0xA7,0xF4,0x60,0x17,0x23,0xC4,0x19,0x5D,0x17,0x6C, 0xED,0x3E,}, {0x01,0x7C,0xAE,0x20,0xB6,0x64,0x1D,0x2E,0xEB,0x69,0x57,0x86,0xD8,0xC9,0x46,0x14, 0x62,0x39,0xD0,0x99,0xE1,0x8E,0x1D,0x5A,0x51,0x4C,0x73,0x9D,0x7C,0xB4,0xA1,0x0A, 0xD8,0xA7,0x88,0x01,0x5A,0xC4,0x05,0xD7,0x79,0x9D,0xC7,0x5E,0x7B,0x7D,0x5B,0x6C, 0xF2,0x26,0x1A,0x6A,0x7F,0x15,0x07,0x43,0x8B,0xF0,0x1B,0xEB,0x6C,0xA3,0x92,0x6F, 0x95,0x82,}, }, /* Keys from RFC 7027 */ {NID_brainpoolP256r1, {0x81,0xDB,0x1E,0xE1,0x00,0x15,0x0F,0xF2,0xEA,0x33,0x8D,0x70,0x82,0x71,0xBE,0x38, 0x30,0x0C,0xB5,0x42,0x41,0xD7,0x99,0x50,0xF7,0x7B,0x06,0x30,0x39,0x80,0x4F,0x1D,}, {0x44,0x10,0x6E,0x91,0x3F,0x92,0xBC,0x02,0xA1,0x70,0x5D,0x99,0x53,0xA8,0x41,0x4D, 0xB9,0x5E,0x1A,0xAA,0x49,0xE8,0x1D,0x9E,0x85,0xF9,0x29,0xA8,0xE3,0x10,0x0B,0xE5,}, {0x8A,0xB4,0x84,0x6F,0x11,0xCA,0xCC,0xB7,0x3C,0xE4,0x9C,0xBD,0xD1,0x20,0xF5,0xA9, 0x00,0xA6,0x9F,0xD3,0x2C,0x27,0x22,0x23,0xF7,0x89,0xEF,0x10,0xEB,0x08,0x9B,0xDC,}, }, {NID_brainpoolP384r1, {0x1E,0x20,0xF5,0xE0,0x48,0xA5,0x88,0x6F,0x1F,0x15,0x7C,0x74,0xE9,0x1B,0xDE,0x2B, 0x98,0xC8,0xB5,0x2D,0x58,0xE5,0x00,0x3D,0x57,0x05,0x3F,0xC4,0xB0,0xBD,0x65,0xD6, 0xF1,0x5E,0xB5,0xD1,0xEE,0x16,0x10,0xDF,0x87,0x07,0x95,0x14,0x36,0x27,0xD0,0x42,}, {0x68,0xB6,0x65,0xDD,0x91,0xC1,0x95,0x80,0x06,0x50,0xCD,0xD3,0x63,0xC6,0x25,0xF4, 0xE7,0x42,0xE8,0x13,0x46,0x67,0xB7,0x67,0xB1,0xB4,0x76,0x79,0x35,0x88,0xF8,0x85, 0xAB,0x69,0x8C,0x85,0x2D,0x4A,0x6E,0x77,0xA2,0x52,0xD6,0x38,0x0F,0xCA,0xF0,0x68,}, {0x55,0xBC,0x91,0xA3,0x9C,0x9E,0xC0,0x1D,0xEE,0x36,0x01,0x7B,0x7D,0x67,0x3A,0x93, 0x12,0x36,0xD2,0xF1,0xF5,0xC8,0x39,0x42,0xD0,0x49,0xE3,0xFA,0x20,0x60,0x74,0x93, 0xE0,0xD0,0x38,0xFF,0x2F,0xD3,0x0C,0x2A,0xB6,0x7D,0x15,0xC8,0x5F,0x7F,0xAA,0x59,}, }, {NID_brainpoolP512r1, {0x16,0x30,0x2F,0xF0,0xDB,0xBB,0x5A,0x8D,0x73,0x3D,0xAB,0x71,0x41,0xC1,0xB4,0x5A, 0xCB,0xC8,0x71,0x59,0x39,0x67,0x7F,0x6A,0x56,0x85,0x0A,0x38,0xBD,0x87,0xBD,0x59, 0xB0,0x9E,0x80,0x27,0x96,0x09,0xFF,0x33,0x3E,0xB9,0xD4,0xC0,0x61,0x23,0x1F,0xB2, 0x6F,0x92,0xEE,0xB0,0x49,0x82,0xA5,0xF1,0xD1,0x76,0x4C,0xAD,0x57,0x66,0x54,0x22,}, {0x0A,0x42,0x05,0x17,0xE4,0x06,0xAA,0xC0,0xAC,0xDC,0xE9,0x0F,0xCD,0x71,0x48,0x77, 0x18,0xD3,0xB9,0x53,0xEF,0xD7,0xFB,0xEC,0x5F,0x7F,0x27,0xE2,0x8C,0x61,0x49,0x99, 0x93,0x97,0xE9,0x1E,0x02,0x9E,0x06,0x45,0x7D,0xB2,0xD3,0xE6,0x40,0x66,0x8B,0x39, 0x2C,0x2A,0x7E,0x73,0x7A,0x7F,0x0B,0xF0,0x44,0x36,0xD1,0x16,0x40,0xFD,0x09,0xFD,}, {0x72,0xE6,0x88,0x2E,0x8D,0xB2,0x8A,0xAD,0x36,0x23,0x7C,0xD2,0x5D,0x58,0x0D,0xB2, 0x37,0x83,0x96,0x1C,0x8D,0xC5,0x2D,0xFA,0x2E,0xC1,0x38,0xAD,0x47,0x2A,0x0F,0xCE, 0xF3,0x88,0x7C,0xF6,0x2B,0x62,0x3B,0x2A,0x87,0xDE,0x5C,0x58,0x83,0x01,0xEA,0x3E, 0x5F,0xC2,0x69,0xB3,0x73,0xB6,0x07,0x24,0xF5,0xE8,0x2A,0x6A,0xD1,0x47,0xFD,0xE7,}, }, }; int main(int argc, char **argv) { ica_adapter_handle_t adapter_handle; unsigned int i, j, k, rc; unsigned int errors=0, test_failed=0; unsigned char signature[MAX_ECDSA_SIG_SIZE]; unsigned int privlen = 0; ICA_EC_KEY *eckey; char *icapath; set_verbosity(argc, argv); if (!ecc_available()) { printf("Skipping ECDSA test, because the required HW" " is not available on this machine.\n"); return TEST_SKIP; } rc = ica_open_adapter(&adapter_handle); if (rc != 0) { V_(printf("ica_open_adapter failed and returned %d (0x%x).\n", rc, rc)); } /* set ICAPATH default value */ icapath = getenv("ICAPATH"); if ((icapath == NULL) || (atoi(icapath) == 0)) { icapath = "1"; setenv("ICAPATH", icapath, 1); } /* Iterate over curves */ for (i = 0; i < NUM_ECDSA_TESTS; i++) { setenv("ICAPATH", icapath, 1); V_(printf("Testing curve %d \n", ecdsa_kats[i].nid)); test_failed = 0; memset(signature, 0, MAX_ECDSA_SIG_SIZE); eckey = ica_ec_key_new(ecdsa_kats[i].nid, &privlen); if (!eckey) continue; rc = ica_ec_key_init(ecdsa_kats[i].x, ecdsa_kats[i].y, ecdsa_kats[i].d, eckey); if (rc != 0) { ica_ec_key_free(eckey); eckey = NULL; if (rc == EPERM) { V_(printf("Curve %d not supported on this system, skipping ...\n", ecdsa_kats[i].nid)); continue; } else { V_(printf("Failed to initialize key for nid %d, rc=%i.\n", ecdsa_kats[i].nid, rc)); errors++; continue; } } for (j = 0; j #include #include "ica_api.h" #include "testcase.h" #include "eddsa_test.h" #define THREADS 256 #define ITERATIONS 1000 #define MSGLEN (16384 * 2ULL) #ifndef NO_CPACF static void check_functionlist(void); static void ed25519_kat(void); static void ed448_kat(void); static void ed25519_pc(void); static void ed448_pc(void); static void ed25519_stress(void); static void ed448_stress(void); static void ed25519_speed(void); static void ed448_speed(void); static void *thread_ed25519(void *arg); static void *thread_ed448(void *arg); time_t seed; pthread_t threads[THREADS]; #endif /* NO_CPACF */ int main(int argc, char *argv[]) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping ED-DSA test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int i; set_verbosity(argc, argv); check_functionlist(); srand(time(&seed)); VV_(printf("\n=== ED25519 KAT ===\n")); ed25519_kat(); VV_(printf("\n=== ED448 KAT ===\n")); ed448_kat(); VV_(printf("\n=== ED25519 PC ===\n")); for (i = 0; i < ITERATIONS; i++) ed25519_pc(); VV_(printf("\n=== ED448 PC ===\n")); for (i = 0; i < ITERATIONS; i++) ed448_pc(); VV_(printf("\n=== ED25519 STRESS ===\n")); ed25519_stress(); VV_(printf("\n=== ED448 STRESS ===\n")); ed448_stress(); VV_(printf("\n=== ED25519 SPEED ===\n")); ed25519_speed(); VV_(printf("\n=== ED448 SPEED ===\n")); ed448_speed(); return TEST_SUCC; #endif /* NO_CPACF */ } #ifndef NO_CPACF static void check_functionlist(void) { unsigned int i, listlen, func; libica_func_list_element *list; if (ica_get_functionlist(NULL, &listlen)) EXIT_ERR("ica_get_functionlist failed."); func = 0; list = calloc(1, sizeof(*list) * listlen); if (list == NULL) EXIT_ERR("calloc failed."); if (ica_get_functionlist(list, &listlen)) EXIT_ERR("ica_get_functionlist failed."); for (i = 0; i < listlen; i++) { if (list[i].mech_mode_id == ED25519_KEYGEN && (list[i].flags & 4)) func |= 0x01; if (list[i].mech_mode_id == ED25519_SIGN && (list[i].flags & 4)) func |= 0x02; if (list[i].mech_mode_id == ED25519_VERIFY && (list[i].flags & 4)) func |= 0x04; if (list[i].mech_mode_id == ED448_KEYGEN && (list[i].flags & 4)) func |= 0x08; if (list[i].mech_mode_id == ED448_SIGN && (list[i].flags & 4)) func |= 0x10; if (list[i].mech_mode_id == ED448_VERIFY && (list[i].flags & 4)) func |= 0x20; } free(list); if (func != (0x01 | 0x02 | 0x04 | 0x08 | 0x10 | 0x20)) exit(TEST_SKIP); } static void ed25519_kat(void) { unsigned char pub[32], sig[64]; ICA_ED25519_CTX *ctx; const struct eddsa_tv *tv; size_t i; if (ica_ed25519_ctx_new(&ctx)) EXIT_ERR("ica_ed25519_ctx_new failed."); tv = &EDDSA_TV[0]; for (i = 0; i < EDDSA_TV_LEN; i++, tv++) { if (tv->nid != NID_ED25519) continue; VV_(printf("--- Test vector %lu ---\n", (i + 1))); if (ica_ed25519_key_set(ctx, tv->priv, NULL)) EXIT_ERR("ica_ed25519_key_set failed."); if (ica_ed25519_key_get(ctx, NULL, pub)) EXIT_ERR("ica_ed25519_key_get failed."); if (memcmp(pub, tv->pub, sizeof(pub))) { VV_(printf("Derived pub:\n")); dump_array(pub, sizeof(pub)); VV_(printf("Correct pub:\n")); dump_array((unsigned char*)tv->pub, sizeof(pub)); EXIT_ERR("Public key derivation failed."); } if (ica_ed25519_sign(ctx, sig, tv->msg, tv->msglen)) EXIT_ERR("ica_ed25519_sign failed."); if (memcmp(sig, tv->sig, sizeof(sig))) { VV_(printf("Computed sig:\n")); dump_array(sig, sizeof(sig)); VV_(printf("Correct sig:\n")); dump_array((unsigned char *)tv->sig, sizeof(sig)); EXIT_ERR("Invalid signature."); } if (ica_ed25519_verify(ctx, sig, tv->msg, tv->msglen)) EXIT_ERR("ica_ed25519_verify failed."); /* flip a random bit */ sig[rand() % sizeof(sig)] ^= (1 << (rand() % 8)); if (!ica_ed25519_verify(ctx, sig, tv->msg, tv->msglen)) { VV_(printf("Verified invalid signature:\n")); dump_array(sig, sizeof(sig)); EXIT_ERR("ica_ed25519_verify succeeded" " with invalid signature."); } VV_(printf("--- Passed. ---\n")); } if (ica_ed25519_ctx_del(&ctx)) EXIT_ERR("ica_ed25519_ctx_del failed."); } static void ed448_kat(void) { unsigned char pub[57], sig[114]; ICA_ED448_CTX *ctx; const struct eddsa_tv *tv; size_t i; if (ica_ed448_ctx_new(&ctx)) EXIT_ERR("ica_ed448_ctx_new failed."); tv = &EDDSA_TV[0]; for (i = 0; i < EDDSA_TV_LEN; i++, tv++) { if (tv->nid != NID_ED448) continue; VV_(printf("--- Test vector %lu ---\n", (i + 1))); if (ica_ed448_key_set(ctx, tv->priv, NULL)) EXIT_ERR("ica_ed448_key_set failed."); if (ica_ed448_key_get(ctx, NULL, pub)) EXIT_ERR("ica_ed448_key_get failed."); if (memcmp(pub, tv->pub, sizeof(pub))) { VV_(printf("Derived pub:\n")); dump_array(pub, sizeof(pub)); VV_(printf("Correct pub:\n")); dump_array((unsigned char *)tv->pub, sizeof(pub)); EXIT_ERR("Public key derivation failed."); } if (ica_ed448_sign(ctx, sig, tv->msg, tv->msglen)) EXIT_ERR("ica_ed448_sign failed."); if (memcmp(sig, tv->sig, sizeof(sig))) { VV_(printf("Computed sig:\n")); dump_array(sig, sizeof(sig)); VV_(printf("Correct sig:\n")); dump_array((unsigned char *)tv->sig, sizeof(sig)); EXIT_ERR("Invalid signature."); } if (ica_ed448_verify(ctx, sig, tv->msg, tv->msglen)) EXIT_ERR("ica_ed448_verify failed."); /* flip a random bit */ sig[rand() % sizeof(sig)] ^= (1 << (rand() % 8)); if (!ica_ed448_verify(ctx, sig, tv->msg, tv->msglen)) { VV_(printf("Verified invalid signature:\n")); dump_array(sig, sizeof(sig)); EXIT_ERR("ica_ed448_verify succeded" " with invalid signature."); } VV_(printf("--- Passed. ---\n")); } if (ica_ed448_ctx_del(&ctx)) EXIT_ERR("ica_ed448_ctx_del failed."); } static void ed25519_pc(void) { ICA_ED25519_CTX *ctx; EVP_PKEY_CTX *pctx = NULL; EVP_MD_CTX *ctx2; EVP_PKEY *pkey; unsigned char priv[32], ossl_sig[64], ica_sig[64]; unsigned char *msg; size_t msglen, out = 64; FILE *fd; msglen = rand() % MSGLEN; msg = malloc(msglen); if (msg == NULL) EXIT_ERR("malloc failed."); if (msglen > 0) { fd = fopen("/dev/urandom", "r"); if (fd == NULL) EXIT_ERR("fopen failed."); if (fread(msg, msglen, 1, fd) != 1) EXIT_ERR("fread failed."); fclose(fd); } if (ica_ed25519_ctx_new(&ctx)) EXIT_ERR("ica_ed448_ctx_new failed."); if (ica_ed25519_key_gen(ctx)) EXIT_ERR("ica_ed25519_key_gen failed."); if (ica_ed25519_key_get(ctx, priv, NULL)) EXIT_ERR("ica_ed25519_key_get failed."); ctx2 = EVP_MD_CTX_new(); if (ctx2 == NULL) EXIT_ERR("EVP_MD_CTX_new failed."); pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, NULL, priv, sizeof(priv)); if (pkey == NULL) EXIT_ERR("EVP_PKEY_new_raw_private_key failed."); if (EVP_DigestSignInit(ctx2, &pctx, NULL, NULL, pkey) != 1) EXIT_ERR("EVP_DigestSignInit failed."); if (EVP_DigestSign(ctx2, ossl_sig, &out, msg, msglen) != 1) EXIT_ERR("EVP_DigestSign failed."); if (ica_ed25519_sign(ctx, ica_sig, msg, msglen)) EXIT_ERR("ica_ed25519_sign failed."); if (memcmp(ica_sig, ossl_sig, sizeof(ica_sig))) { VV_(printf("Private key:\n")); dump_array(priv, sizeof(priv)); VV_(printf("Message:\n")); dump_array(msg, msglen); VV_(printf("Signature (libica):\n")); dump_array(ica_sig, sizeof(ica_sig)); VV_(printf("Signature (libcrypto):\n")); dump_array(ossl_sig, sizeof(ossl_sig)); EXIT_ERR("libcrypto Ed25519 signature differs."); } if (EVP_DigestVerifyInit(ctx2, &pctx, NULL, NULL, pkey) != 1) EXIT_ERR("EVP_DigestVerifyInit failed."); if (EVP_DigestVerify(ctx2, ica_sig, sizeof(ica_sig), msg, msglen) != 1) EXIT_ERR("EVP_DigestVerify failed."); if (ica_ed25519_verify(ctx, ossl_sig, msg, msglen)) EXIT_ERR("ica_ed25519_verify failed."); EVP_MD_CTX_free(ctx2); EVP_PKEY_free(pkey); if (ica_ed25519_ctx_del(&ctx)) EXIT_ERR("ica_ed25519_ctx_del failed."); free(msg); } static void ed448_pc(void) { ICA_ED448_CTX *ctx; EVP_PKEY_CTX *pctx = NULL; EVP_MD_CTX *ctx2; EVP_PKEY *pkey; unsigned char priv[57], ossl_sig[114], ica_sig[114]; unsigned char *msg; size_t msglen, out = 114; FILE *fd; msglen = rand() % MSGLEN; msg = malloc(msglen); if (msg == NULL) EXIT_ERR("malloc failed."); if (msglen > 0) { fd = fopen("/dev/urandom", "r"); if (fd == NULL) EXIT_ERR("fopen failed."); if (fread(msg, msglen, 1, fd) != 1) EXIT_ERR("fread failed."); fclose(fd); } if (ica_ed448_ctx_new(&ctx)) EXIT_ERR("ica_ed448_ctx_new failed."); if (ica_ed448_key_gen(ctx)) EXIT_ERR("ica_ed448_key_gen failed."); if (ica_ed448_key_get(ctx, priv, NULL)) EXIT_ERR("ica_ed448_key_get failed."); ctx2 = EVP_MD_CTX_new(); if (ctx2 == NULL) EXIT_ERR("EVP_MD_CTX_new failed."); pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED448, NULL, priv, sizeof(priv)); if (pkey == NULL) EXIT_ERR("EVP_PKEY_new_raw_private_key failed."); if (EVP_DigestSignInit(ctx2, &pctx, NULL, NULL, pkey) != 1) EXIT_ERR("EVP_DigestSignInit failed."); if (EVP_DigestSign(ctx2, ossl_sig, &out, msg, msglen) != 1) EXIT_ERR("EVP_DigestSign failed."); if (ica_ed448_sign(ctx, ica_sig, msg, msglen)) EXIT_ERR("ica_ed448_sign failed."); if (memcmp(ica_sig, ossl_sig, sizeof(ica_sig))) { VV_(printf("Private key:\n")); dump_array(priv, sizeof(priv)); VV_(printf("Message:\n")); dump_array(msg, msglen); VV_(printf("Signature (libica):\n")); dump_array(ica_sig, sizeof(ica_sig)); VV_(printf("Signature (libcrypto):\n")); dump_array(ossl_sig, sizeof(ossl_sig)); EXIT_ERR("libcrypto Ed448 signature differs."); } if (EVP_DigestVerifyInit(ctx2, &pctx, NULL, NULL, pkey) != 1) EXIT_ERR("EVP_DigestVerifyInit failed."); if (EVP_DigestVerify(ctx2, ica_sig, sizeof(ica_sig), msg, msglen) != 1) EXIT_ERR("EVP_DigestVerify failed."); if (ica_ed448_verify(ctx, ossl_sig, msg, msglen)) EXIT_ERR("ica_ed448_verify failed."); EVP_MD_CTX_free(ctx2); EVP_PKEY_free(pkey); if (ica_ed448_ctx_del(&ctx)) EXIT_ERR("ica_ed448_ctx_del failed."); free(msg); } static void ed25519_stress(void) { int rc, i; ICA_ED25519_CTX *ctx[THREADS]; for (i = 0; i < THREADS; i++) { if (ica_ed25519_ctx_new(&ctx[i])) EXIT_ERR("ica_ed25519_ctx_new failed."); } for (i = 0; i < THREADS; i++) { while((rc = pthread_create(&threads[i], NULL, thread_ed25519, ctx[i])) == EAGAIN) if (rc) EXIT_ERR("pthread_create failed."); } for (i = 0; i < THREADS; i++) { rc = pthread_join(threads[i], NULL); if (rc) EXIT_ERR("pthread_join failed."); } for (i = 0; i < THREADS; i++) { if (ica_ed25519_ctx_del(&ctx[i])) EXIT_ERR("ica_ed25519_ctx_del failed."); } } static void *thread_ed25519(void *arg) { ICA_ED25519_CTX *ctx = (ICA_ED25519_CTX *)arg; unsigned char sig[64], msg[MSGLEN]; int i; for (i = 0; i < ITERATIONS; i++) { if (ica_ed25519_key_gen(ctx)) EXIT_ERR("ica_ed25519_key_gen failed."); if (ica_ed25519_sign(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed25519_sign failed."); if (ica_ed25519_verify(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed25519_verify failed."); } return NULL; } static void ed448_stress(void) { int rc, i; ICA_ED448_CTX *ctx[THREADS]; for (i = 0; i < THREADS; i++) { if (ica_ed448_ctx_new(&ctx[i])) EXIT_ERR("ica_ed448_ctx_new failed."); } for (i = 0; i < THREADS; i++) { while((rc = pthread_create(&threads[i], NULL, thread_ed448, ctx[i])) == EAGAIN) if (rc) EXIT_ERR("pthread_create failed."); } for (i = 0; i < THREADS; i++) { rc = pthread_join(threads[i], NULL); if (rc) EXIT_ERR("pthread_join failed."); } for (i = 0; i < THREADS; i++) { if (ica_ed448_ctx_del(&ctx[i])) EXIT_ERR("ica_ed448_ctx_del failed."); } } static void *thread_ed448(void *arg) { ICA_ED448_CTX *ctx = (ICA_ED448_CTX *)arg; unsigned char sig[114], msg[MSGLEN]; int i; for (i = 0; i < ITERATIONS; i++) { if (ica_ed448_key_gen(ctx)) EXIT_ERR("ica_ed448_key_gen failed."); if (ica_ed448_sign(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed448_sign failed."); if (ica_ed448_verify(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed448_verify failed."); } return NULL; } static void ed25519_speed(void) { struct timeval start, stop; unsigned long long delta; unsigned char sig[64], msg[MSGLEN]; long double ops; ICA_ED25519_CTX *ctx; int i; if (ica_ed25519_ctx_new(&ctx)) EXIT_ERR("ica_ed25519_ctx_new failed."); gettimeofday(&start, NULL); for (i = 0; i < ITERATIONS; i++) { if (ica_ed25519_key_gen(ctx)) EXIT_ERR("ica_ed25519_key_gen failed."); } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); ops = ops_per_sec(ITERATIONS, delta); printf("ica_ed25519_key_gen\t%.2Lf ops/sec\n", ops); gettimeofday(&start, NULL); for (i = 0; i < ITERATIONS; i++) { if (ica_ed25519_sign(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed25519_sign failed."); } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); ops = ops_per_sec(ITERATIONS, delta); printf("ica_ed25519_sign(%llu bytes)\t%.2Lf ops/sec\n", MSGLEN, ops); gettimeofday(&start, NULL); for (i = 0; i < ITERATIONS; i++) { if (ica_ed25519_verify(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed25519_verify failed."); } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); ops = ops_per_sec(ITERATIONS, delta); printf("ica_ed25519_verify(%llu bytes)\t%.2Lf ops/sec\n", MSGLEN, ops); if (ica_ed25519_ctx_del(&ctx)) EXIT_ERR("ica_ed25519_ctx_del failed."); } static void ed448_speed(void) { struct timeval start, stop; unsigned long long delta; unsigned char sig[114], msg[MSGLEN]; long double ops; ICA_ED448_CTX *ctx; int i; if (ica_ed448_ctx_new(&ctx)) EXIT_ERR("ica_ed448_ctx_new failed."); gettimeofday(&start, NULL); for (i = 0; i < ITERATIONS; i++) { if (ica_ed448_key_gen(ctx)) EXIT_ERR("ica_ed448_key_gen failed."); } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); ops = ops_per_sec(ITERATIONS, delta); printf("ica_ed448_key_gen\t%.2Lf ops/sec\n", ops); gettimeofday(&start, NULL); for (i = 0; i < ITERATIONS; i++) { if (ica_ed448_sign(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed448_sign failed."); } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); ops = ops_per_sec(ITERATIONS, delta); printf("ica_ed448_sign(%llu bytes)\t%.2Lf ops/sec\n", MSGLEN, ops); gettimeofday(&start, NULL); for (i = 0; i < ITERATIONS; i++) { if (ica_ed448_verify(ctx, sig, msg, sizeof(msg))) EXIT_ERR("ica_ed448_verify failed."); } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); ops = ops_per_sec(ITERATIONS, delta); printf("ica_ed448_verify(%llu bytes)\t%.2Lf ops/sec\n", MSGLEN, ops); if (ica_ed448_ctx_del(&ctx)) EXIT_ERR("ica_ed448_ctx_del failed."); } #endif /* NO_CPACF */ libica-4.0.1/test/eddsa_test.h000066400000000000000000000772461417716165400162420ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Copyright IBM Corp. 2018 */ #ifndef EDDSA_TEST_H # define EDDSA_TEST_H struct eddsa_tv { int nid; const unsigned char *priv; const unsigned char *pub; const unsigned char *msg; size_t msglen; const unsigned char *sig; }; const struct eddsa_tv EDDSA_TV[] = { /* RFC 8032 */ { .nid = NID_ED25519, .priv = (const unsigned char []){ 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84, 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69, 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae, 0x7f, 0x60 }, .pub = (const unsigned char []){ 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b, 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3, 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07, 0x51, 0x1a }, .msg = NULL, .msglen = 0, .sig = (const unsigned char []){ 0xe5, 0x56, 0x43, 0x00, 0xc3, 0x60, 0xac, 0x72, 0x90, 0x86, 0xe2, 0xcc, 0x80, 0x6e, 0x82, 0x8a, 0x84, 0x87, 0x7f, 0x1e, 0xb8, 0xe5, 0xd9, 0x74, 0xd8, 0x73, 0xe0, 0x65, 0x22, 0x49, 0x01, 0x55, 0x5f, 0xb8, 0x82, 0x15, 0x90, 0xa3, 0x3b, 0xac, 0xc6, 0x1e, 0x39, 0x70, 0x1c, 0xf9, 0xb4, 0x6b, 0xd2, 0x5b, 0xf5, 0xf0, 0x59, 0x5b, 0xbe, 0x24, 0x65, 0x51, 0x41, 0x43, 0x8e, 0x7a, 0x10, 0x0b }, }, { .nid = NID_ED25519, .priv = (const unsigned char []){ 0x4c, 0xcd, 0x08, 0x9b, 0x28, 0xff, 0x96, 0xda, 0x9d, 0xb6, 0xc3, 0x46, 0xec, 0x11, 0x4e, 0x0f, 0x5b, 0x8a, 0x31, 0x9f, 0x35, 0xab, 0xa6, 0x24, 0xda, 0x8c, 0xf6, 0xed, 0x4f, 0xb8, 0xa6, 0xfb }, .pub = (const unsigned char []){ 0x3d, 0x40, 0x17, 0xc3, 0xe8, 0x43, 0x89, 0x5a, 0x92, 0xb7, 0x0a, 0xa7, 0x4d, 0x1b, 0x7e, 0xbc, 0x9c, 0x98, 0x2c, 0xcf, 0x2e, 0xc4, 0x96, 0x8c, 0xc0, 0xcd, 0x55, 0xf1, 0x2a, 0xf4, 0x66, 0x0c }, .msg = (const unsigned char []){ 0x72 }, .msglen = 1, .sig = (const unsigned char []){ 0x92, 0xa0, 0x09, 0xa9, 0xf0, 0xd4, 0xca, 0xb8, 0x72, 0x0e, 0x82, 0x0b, 0x5f, 0x64, 0x25, 0x40, 0xa2, 0xb2, 0x7b, 0x54, 0x16, 0x50, 0x3f, 0x8f, 0xb3, 0x76, 0x22, 0x23, 0xeb, 0xdb, 0x69, 0xda, 0x08, 0x5a, 0xc1, 0xe4, 0x3e, 0x15, 0x99, 0x6e, 0x45, 0x8f, 0x36, 0x13, 0xd0, 0xf1, 0x1d, 0x8c, 0x38, 0x7b, 0x2e, 0xae, 0xb4, 0x30, 0x2a, 0xee, 0xb0, 0x0d, 0x29, 0x16, 0x12, 0xbb, 0x0c, 0x00 }, }, { .nid = NID_ED25519, .priv = (const unsigned char []){ 0xc5, 0xaa, 0x8d, 0xf4, 0x3f, 0x9f, 0x83, 0x7b, 0xed, 0xb7, 0x44, 0x2f, 0x31, 0xdc, 0xb7, 0xb1, 0x66, 0xd3, 0x85, 0x35, 0x07, 0x6f, 0x09, 0x4b, 0x85, 0xce, 0x3a, 0x2e, 0x0b, 0x44, 0x58, 0xf7 }, .pub = (const unsigned char []){ 0xfc, 0x51, 0xcd, 0x8e, 0x62, 0x18, 0xa1, 0xa3, 0x8d, 0xa4, 0x7e, 0xd0, 0x02, 0x30, 0xf0, 0x58, 0x08, 0x16, 0xed, 0x13, 0xba, 0x33, 0x03, 0xac, 0x5d, 0xeb, 0x91, 0x15, 0x48, 0x90, 0x80, 0x25 }, .msg = (const unsigned char []){ 0xaf, 0x82 }, .msglen = 2, .sig = (const unsigned char []){ 0x62, 0x91, 0xd6, 0x57, 0xde, 0xec, 0x24, 0x02, 0x48, 0x27, 0xe6, 0x9c, 0x3a, 0xbe, 0x01, 0xa3, 0x0c, 0xe5, 0x48, 0xa2, 0x84, 0x74, 0x3a, 0x44, 0x5e, 0x36, 0x80, 0xd7, 0xdb, 0x5a, 0xc3, 0xac, 0x18, 0xff, 0x9b, 0x53, 0x8d, 0x16, 0xf2, 0x90, 0xae, 0x67, 0xf7, 0x60, 0x98, 0x4d, 0xc6, 0x59, 0x4a, 0x7c, 0x15, 0xe9, 0x71, 0x6e, 0xd2, 0x8d, 0xc0, 0x27, 0xbe, 0xce, 0xea, 0x1e, 0xc4, 0x0a }, }, { .nid = NID_ED25519, .priv = (const unsigned char []){ 0xf5, 0xe5, 0x76, 0x7c, 0xf1, 0x53, 0x31, 0x95, 0x17, 0x63, 0x0f, 0x22, 0x68, 0x76, 0xb8, 0x6c, 0x81, 0x60, 0xcc, 0x58, 0x3b, 0xc0, 0x13, 0x74, 0x4c, 0x6b, 0xf2, 0x55, 0xf5, 0xcc, 0x0e, 0xe5 }, .pub = (const unsigned char []){ 0x27, 0x81, 0x17, 0xfc, 0x14, 0x4c, 0x72, 0x34, 0x0f, 0x67, 0xd0, 0xf2, 0x31, 0x6e, 0x83, 0x86, 0xce, 0xff, 0xbf, 0x2b, 0x24, 0x28, 0xc9, 0xc5, 0x1f, 0xef, 0x7c, 0x59, 0x7f, 0x1d, 0x42, 0x6e }, .msg = (const unsigned char []){ 0x08, 0xb8, 0xb2, 0xb7, 0x33, 0x42, 0x42, 0x43, 0x76, 0x0f, 0xe4, 0x26, 0xa4, 0xb5, 0x49, 0x08, 0x63, 0x21, 0x10, 0xa6, 0x6c, 0x2f, 0x65, 0x91, 0xea, 0xbd, 0x33, 0x45, 0xe3, 0xe4, 0xeb, 0x98, 0xfa, 0x6e, 0x26, 0x4b, 0xf0, 0x9e, 0xfe, 0x12, 0xee, 0x50, 0xf8, 0xf5, 0x4e, 0x9f, 0x77, 0xb1, 0xe3, 0x55, 0xf6, 0xc5, 0x05, 0x44, 0xe2, 0x3f, 0xb1, 0x43, 0x3d, 0xdf, 0x73, 0xbe, 0x84, 0xd8, 0x79, 0xde, 0x7c, 0x00, 0x46, 0xdc, 0x49, 0x96, 0xd9, 0xe7, 0x73, 0xf4, 0xbc, 0x9e, 0xfe, 0x57, 0x38, 0x82, 0x9a, 0xdb, 0x26, 0xc8, 0x1b, 0x37, 0xc9, 0x3a, 0x1b, 0x27, 0x0b, 0x20, 0x32, 0x9d, 0x65, 0x86, 0x75, 0xfc, 0x6e, 0xa5, 0x34, 0xe0, 0x81, 0x0a, 0x44, 0x32, 0x82, 0x6b, 0xf5, 0x8c, 0x94, 0x1e, 0xfb, 0x65, 0xd5, 0x7a, 0x33, 0x8b, 0xbd, 0x2e, 0x26, 0x64, 0x0f, 0x89, 0xff, 0xbc, 0x1a, 0x85, 0x8e, 0xfc, 0xb8, 0x55, 0x0e, 0xe3, 0xa5, 0xe1, 0x99, 0x8b, 0xd1, 0x77, 0xe9, 0x3a, 0x73, 0x63, 0xc3, 0x44, 0xfe, 0x6b, 0x19, 0x9e, 0xe5, 0xd0, 0x2e, 0x82, 0xd5, 0x22, 0xc4, 0xfe, 0xba, 0x15, 0x45, 0x2f, 0x80, 0x28, 0x8a, 0x82, 0x1a, 0x57, 0x91, 0x16, 0xec, 0x6d, 0xad, 0x2b, 0x3b, 0x31, 0x0d, 0xa9, 0x03, 0x40, 0x1a, 0xa6, 0x21, 0x00, 0xab, 0x5d, 0x1a, 0x36, 0x55, 0x3e, 0x06, 0x20, 0x3b, 0x33, 0x89, 0x0c, 0xc9, 0xb8, 0x32, 0xf7, 0x9e, 0xf8, 0x05, 0x60, 0xcc, 0xb9, 0xa3, 0x9c, 0xe7, 0x67, 0x96, 0x7e, 0xd6, 0x28, 0xc6, 0xad, 0x57, 0x3c, 0xb1, 0x16, 0xdb, 0xef, 0xef, 0xd7, 0x54, 0x99, 0xda, 0x96, 0xbd, 0x68, 0xa8, 0xa9, 0x7b, 0x92, 0x8a, 0x8b, 0xbc, 0x10, 0x3b, 0x66, 0x21, 0xfc, 0xde, 0x2b, 0xec, 0xa1, 0x23, 0x1d, 0x20, 0x6b, 0xe6, 0xcd, 0x9e, 0xc7, 0xaf, 0xf6, 0xf6, 0xc9, 0x4f, 0xcd, 0x72, 0x04, 0xed, 0x34, 0x55, 0xc6, 0x8c, 0x83, 0xf4, 0xa4, 0x1d, 0xa4, 0xaf, 0x2b, 0x74, 0xef, 0x5c, 0x53, 0xf1, 0xd8, 0xac, 0x70, 0xbd, 0xcb, 0x7e, 0xd1, 0x85, 0xce, 0x81, 0xbd, 0x84, 0x35, 0x9d, 0x44, 0x25, 0x4d, 0x95, 0x62, 0x9e, 0x98, 0x55, 0xa9, 0x4a, 0x7c, 0x19, 0x58, 0xd1, 0xf8, 0xad, 0xa5, 0xd0, 0x53, 0x2e, 0xd8, 0xa5, 0xaa, 0x3f, 0xb2, 0xd1, 0x7b, 0xa7, 0x0e, 0xb6, 0x24, 0x8e, 0x59, 0x4e, 0x1a, 0x22, 0x97, 0xac, 0xbb, 0xb3, 0x9d, 0x50, 0x2f, 0x1a, 0x8c, 0x6e, 0xb6, 0xf1, 0xce, 0x22, 0xb3, 0xde, 0x1a, 0x1f, 0x40, 0xcc, 0x24, 0x55, 0x41, 0x19, 0xa8, 0x31, 0xa9, 0xaa, 0xd6, 0x07, 0x9c, 0xad, 0x88, 0x42, 0x5d, 0xe6, 0xbd, 0xe1, 0xa9, 0x18, 0x7e, 0xbb, 0x60, 0x92, 0xcf, 0x67, 0xbf, 0x2b, 0x13, 0xfd, 0x65, 0xf2, 0x70, 0x88, 0xd7, 0x8b, 0x7e, 0x88, 0x3c, 0x87, 0x59, 0xd2, 0xc4, 0xf5, 0xc6, 0x5a, 0xdb, 0x75, 0x53, 0x87, 0x8a, 0xd5, 0x75, 0xf9, 0xfa, 0xd8, 0x78, 0xe8, 0x0a, 0x0c, 0x9b, 0xa6, 0x3b, 0xcb, 0xcc, 0x27, 0x32, 0xe6, 0x94, 0x85, 0xbb, 0xc9, 0xc9, 0x0b, 0xfb, 0xd6, 0x24, 0x81, 0xd9, 0x08, 0x9b, 0xec, 0xcf, 0x80, 0xcf, 0xe2, 0xdf, 0x16, 0xa2, 0xcf, 0x65, 0xbd, 0x92, 0xdd, 0x59, 0x7b, 0x07, 0x07, 0xe0, 0x91, 0x7a, 0xf4, 0x8b, 0xbb, 0x75, 0xfe, 0xd4, 0x13, 0xd2, 0x38, 0xf5, 0x55, 0x5a, 0x7a, 0x56, 0x9d, 0x80, 0xc3, 0x41, 0x4a, 0x8d, 0x08, 0x59, 0xdc, 0x65, 0xa4, 0x61, 0x28, 0xba, 0xb2, 0x7a, 0xf8, 0x7a, 0x71, 0x31, 0x4f, 0x31, 0x8c, 0x78, 0x2b, 0x23, 0xeb, 0xfe, 0x80, 0x8b, 0x82, 0xb0, 0xce, 0x26, 0x40, 0x1d, 0x2e, 0x22, 0xf0, 0x4d, 0x83, 0xd1, 0x25, 0x5d, 0xc5, 0x1a, 0xdd, 0xd3, 0xb7, 0x5a, 0x2b, 0x1a, 0xe0, 0x78, 0x45, 0x04, 0xdf, 0x54, 0x3a, 0xf8, 0x96, 0x9b, 0xe3, 0xea, 0x70, 0x82, 0xff, 0x7f, 0xc9, 0x88, 0x8c, 0x14, 0x4d, 0xa2, 0xaf, 0x58, 0x42, 0x9e, 0xc9, 0x60, 0x31, 0xdb, 0xca, 0xd3, 0xda, 0xd9, 0xaf, 0x0d, 0xcb, 0xaa, 0xaf, 0x26, 0x8c, 0xb8, 0xfc, 0xff, 0xea, 0xd9, 0x4f, 0x3c, 0x7c, 0xa4, 0x95, 0xe0, 0x56, 0xa9, 0xb4, 0x7a, 0xcd, 0xb7, 0x51, 0xfb, 0x73, 0xe6, 0x66, 0xc6, 0xc6, 0x55, 0xad, 0xe8, 0x29, 0x72, 0x97, 0xd0, 0x7a, 0xd1, 0xba, 0x5e, 0x43, 0xf1, 0xbc, 0xa3, 0x23, 0x01, 0x65, 0x13, 0x39, 0xe2, 0x29, 0x04, 0xcc, 0x8c, 0x42, 0xf5, 0x8c, 0x30, 0xc0, 0x4a, 0xaf, 0xdb, 0x03, 0x8d, 0xda, 0x08, 0x47, 0xdd, 0x98, 0x8d, 0xcd, 0xa6, 0xf3, 0xbf, 0xd1, 0x5c, 0x4b, 0x4c, 0x45, 0x25, 0x00, 0x4a, 0xa0, 0x6e, 0xef, 0xf8, 0xca, 0x61, 0x78, 0x3a, 0xac, 0xec, 0x57, 0xfb, 0x3d, 0x1f, 0x92, 0xb0, 0xfe, 0x2f, 0xd1, 0xa8, 0x5f, 0x67, 0x24, 0x51, 0x7b, 0x65, 0xe6, 0x14, 0xad, 0x68, 0x08, 0xd6, 0xf6, 0xee, 0x34, 0xdf, 0xf7, 0x31, 0x0f, 0xdc, 0x82, 0xae, 0xbf, 0xd9, 0x04, 0xb0, 0x1e, 0x1d, 0xc5, 0x4b, 0x29, 0x27, 0x09, 0x4b, 0x2d, 0xb6, 0x8d, 0x6f, 0x90, 0x3b, 0x68, 0x40, 0x1a, 0xde, 0xbf, 0x5a, 0x7e, 0x08, 0xd7, 0x8f, 0xf4, 0xef, 0x5d, 0x63, 0x65, 0x3a, 0x65, 0x04, 0x0c, 0xf9, 0xbf, 0xd4, 0xac, 0xa7, 0x98, 0x4a, 0x74, 0xd3, 0x71, 0x45, 0x98, 0x67, 0x80, 0xfc, 0x0b, 0x16, 0xac, 0x45, 0x16, 0x49, 0xde, 0x61, 0x88, 0xa7, 0xdb, 0xdf, 0x19, 0x1f, 0x64, 0xb5, 0xfc, 0x5e, 0x2a, 0xb4, 0x7b, 0x57, 0xf7, 0xf7, 0x27, 0x6c, 0xd4, 0x19, 0xc1, 0x7a, 0x3c, 0xa8, 0xe1, 0xb9, 0x39, 0xae, 0x49, 0xe4, 0x88, 0xac, 0xba, 0x6b, 0x96, 0x56, 0x10, 0xb5, 0x48, 0x01, 0x09, 0xc8, 0xb1, 0x7b, 0x80, 0xe1, 0xb7, 0xb7, 0x50, 0xdf, 0xc7, 0x59, 0x8d, 0x5d, 0x50, 0x11, 0xfd, 0x2d, 0xcc, 0x56, 0x00, 0xa3, 0x2e, 0xf5, 0xb5, 0x2a, 0x1e, 0xcc, 0x82, 0x0e, 0x30, 0x8a, 0xa3, 0x42, 0x72, 0x1a, 0xac, 0x09, 0x43, 0xbf, 0x66, 0x86, 0xb6, 0x4b, 0x25, 0x79, 0x37, 0x65, 0x04, 0xcc, 0xc4, 0x93, 0xd9, 0x7e, 0x6a, 0xed, 0x3f, 0xb0, 0xf9, 0xcd, 0x71, 0xa4, 0x3d, 0xd4, 0x97, 0xf0, 0x1f, 0x17, 0xc0, 0xe2, 0xcb, 0x37, 0x97, 0xaa, 0x2a, 0x2f, 0x25, 0x66, 0x56, 0x16, 0x8e, 0x6c, 0x49, 0x6a, 0xfc, 0x5f, 0xb9, 0x32, 0x46, 0xf6, 0xb1, 0x11, 0x63, 0x98, 0xa3, 0x46, 0xf1, 0xa6, 0x41, 0xf3, 0xb0, 0x41, 0xe9, 0x89, 0xf7, 0x91, 0x4f, 0x90, 0xcc, 0x2c, 0x7f, 0xff, 0x35, 0x78, 0x76, 0xe5, 0x06, 0xb5, 0x0d, 0x33, 0x4b, 0xa7, 0x7c, 0x22, 0x5b, 0xc3, 0x07, 0xba, 0x53, 0x71, 0x52, 0xf3, 0xf1, 0x61, 0x0e, 0x4e, 0xaf, 0xe5, 0x95, 0xf6, 0xd9, 0xd9, 0x0d, 0x11, 0xfa, 0xa9, 0x33, 0xa1, 0x5e, 0xf1, 0x36, 0x95, 0x46, 0x86, 0x8a, 0x7f, 0x3a, 0x45, 0xa9, 0x67, 0x68, 0xd4, 0x0f, 0xd9, 0xd0, 0x34, 0x12, 0xc0, 0x91, 0xc6, 0x31, 0x5c, 0xf4, 0xfd, 0xe7, 0xcb, 0x68, 0x60, 0x69, 0x37, 0x38, 0x0d, 0xb2, 0xea, 0xaa, 0x70, 0x7b, 0x4c, 0x41, 0x85, 0xc3, 0x2e, 0xdd, 0xcd, 0xd3, 0x06, 0x70, 0x5e, 0x4d, 0xc1, 0xff, 0xc8, 0x72, 0xee, 0xee, 0x47, 0x5a, 0x64, 0xdf, 0xac, 0x86, 0xab, 0xa4, 0x1c, 0x06, 0x18, 0x98, 0x3f, 0x87, 0x41, 0xc5, 0xef, 0x68, 0xd3, 0xa1, 0x01, 0xe8, 0xa3, 0xb8, 0xca, 0xc6, 0x0c, 0x90, 0x5c, 0x15, 0xfc, 0x91, 0x08, 0x40, 0xb9, 0x4c, 0x00, 0xa0, 0xb9, 0xd0 }, .msglen = 1023, .sig = (const unsigned char []){ 0x0a, 0xab, 0x4c, 0x90, 0x05, 0x01, 0xb3, 0xe2, 0x4d, 0x7c, 0xdf, 0x46, 0x63, 0x32, 0x6a, 0x3a, 0x87, 0xdf, 0x5e, 0x48, 0x43, 0xb2, 0xcb, 0xdb, 0x67, 0xcb, 0xf6, 0xe4, 0x60, 0xfe, 0xc3, 0x50, 0xaa, 0x53, 0x71, 0xb1, 0x50, 0x8f, 0x9f, 0x45, 0x28, 0xec, 0xea, 0x23, 0xc4, 0x36, 0xd9, 0x4b, 0x5e, 0x8f, 0xcd, 0x4f, 0x68, 0x1e, 0x30, 0xa6, 0xac, 0x00, 0xa9, 0x70, 0x4a, 0x18, 0x8a, 0x03 }, }, { .nid = NID_ED25519, .priv = (const unsigned char []){ 0x83, 0x3f, 0xe6, 0x24, 0x09, 0x23, 0x7b, 0x9d, 0x62, 0xec, 0x77, 0x58, 0x75, 0x20, 0x91, 0x1e, 0x9a, 0x75, 0x9c, 0xec, 0x1d, 0x19, 0x75, 0x5b, 0x7d, 0xa9, 0x01, 0xb9, 0x6d, 0xca, 0x3d, 0x42 }, .pub = (const unsigned char []){ 0xec, 0x17, 0x2b, 0x93, 0xad, 0x5e, 0x56, 0x3b, 0xf4, 0x93, 0x2c, 0x70, 0xe1, 0x24, 0x50, 0x34, 0xc3, 0x54, 0x67, 0xef, 0x2e, 0xfd, 0x4d, 0x64, 0xeb, 0xf8, 0x19, 0x68, 0x34, 0x67, 0xe2, 0xbf }, .msg = (const unsigned char []){ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f }, .msglen = 64, .sig = (const unsigned char []){ 0xdc, 0x2a, 0x44, 0x59, 0xe7, 0x36, 0x96, 0x33, 0xa5, 0x2b, 0x1b, 0xf2, 0x77, 0x83, 0x9a, 0x00, 0x20, 0x10, 0x09, 0xa3, 0xef, 0xbf, 0x3e, 0xcb, 0x69, 0xbe, 0xa2, 0x18, 0x6c, 0x26, 0xb5, 0x89, 0x09, 0x35, 0x1f, 0xc9, 0xac, 0x90, 0xb3, 0xec, 0xfd, 0xfb, 0xc7, 0xc6, 0x64, 0x31, 0xe0, 0x30, 0x3d, 0xca, 0x17, 0x9c, 0x13, 0x8a, 0xc1, 0x7a, 0xd9, 0xbe, 0xf1, 0x17, 0x73, 0x31, 0xa7, 0x04 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32, 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34, 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3, 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e, 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e, 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b }, .pub = (const unsigned char []){ 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7, 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24, 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9, 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06, 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa, 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80 }, .msg = NULL, .msglen = 0, .sig = (const unsigned char []){ 0x53, 0x3a, 0x37, 0xf6, 0xbb, 0xe4, 0x57, 0x25, 0x1f, 0x02, 0x3c, 0x0d, 0x88, 0xf9, 0x76, 0xae, 0x2d, 0xfb, 0x50, 0x4a, 0x84, 0x3e, 0x34, 0xd2, 0x07, 0x4f, 0xd8, 0x23, 0xd4, 0x1a, 0x59, 0x1f, 0x2b, 0x23, 0x3f, 0x03, 0x4f, 0x62, 0x82, 0x81, 0xf2, 0xfd, 0x7a, 0x22, 0xdd, 0xd4, 0x7d, 0x78, 0x28, 0xc5, 0x9b, 0xd0, 0xa2, 0x1b, 0xfd, 0x39, 0x80, 0xff, 0x0d, 0x20, 0x28, 0xd4, 0xb1, 0x8a, 0x9d, 0xf6, 0x3e, 0x00, 0x6c, 0x5d, 0x1c, 0x2d, 0x34, 0x5b, 0x92, 0x5d, 0x8d, 0xc0, 0x0b, 0x41, 0x04, 0x85, 0x2d, 0xb9, 0x9a, 0xc5, 0xc7, 0xcd, 0xda, 0x85, 0x30, 0xa1, 0x13, 0xa0, 0xf4, 0xdb, 0xb6, 0x11, 0x49, 0xf0, 0x5a, 0x73, 0x63, 0x26, 0x8c, 0x71, 0xd9, 0x58, 0x08, 0xff, 0x2e, 0x65, 0x26, 0x00 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0xc4, 0xea, 0xb0, 0x5d, 0x35, 0x70, 0x07, 0xc6, 0x32, 0xf3, 0xdb, 0xb4, 0x84, 0x89, 0x92, 0x4d, 0x55, 0x2b, 0x08, 0xfe, 0x0c, 0x35, 0x3a, 0x0d, 0x4a, 0x1f, 0x00, 0xac, 0xda, 0x2c, 0x46, 0x3a, 0xfb, 0xea, 0x67, 0xc5, 0xe8, 0xd2, 0x87, 0x7c, 0x5e, 0x3b, 0xc3, 0x97, 0xa6, 0x59, 0x94, 0x9e, 0xf8, 0x02, 0x1e, 0x95, 0x4e, 0x0a, 0x12, 0x27, 0x4e }, .pub = (const unsigned char []){ 0x43, 0xba, 0x28, 0xf4, 0x30, 0xcd, 0xff, 0x45, 0x6a, 0xe5, 0x31, 0x54, 0x5f, 0x7e, 0xcd, 0x0a, 0xc8, 0x34, 0xa5, 0x5d, 0x93, 0x58, 0xc0, 0x37, 0x2b, 0xfa, 0x0c, 0x6c, 0x67, 0x98, 0xc0, 0x86, 0x6a, 0xea, 0x01, 0xeb, 0x00, 0x74, 0x28, 0x02, 0xb8, 0x43, 0x8e, 0xa4, 0xcb, 0x82, 0x16, 0x9c, 0x23, 0x51, 0x60, 0x62, 0x7b, 0x4c, 0x3a, 0x94, 0x80 }, .msg = (const unsigned char []){ 0x03 }, .msglen = 1, .sig = (const unsigned char []){ 0x26, 0xb8, 0xf9, 0x17, 0x27, 0xbd, 0x62, 0x89, 0x7a, 0xf1, 0x5e, 0x41, 0xeb, 0x43, 0xc3, 0x77, 0xef, 0xb9, 0xc6, 0x10, 0xd4, 0x8f, 0x23, 0x35, 0xcb, 0x0b, 0xd0, 0x08, 0x78, 0x10, 0xf4, 0x35, 0x25, 0x41, 0xb1, 0x43, 0xc4, 0xb9, 0x81, 0xb7, 0xe1, 0x8f, 0x62, 0xde, 0x8c, 0xcd, 0xf6, 0x33, 0xfc, 0x1b, 0xf0, 0x37, 0xab, 0x7c, 0xd7, 0x79, 0x80, 0x5e, 0x0d, 0xbc, 0xc0, 0xaa, 0xe1, 0xcb, 0xce, 0xe1, 0xaf, 0xb2, 0xe0, 0x27, 0xdf, 0x36, 0xbc, 0x04, 0xdc, 0xec, 0xbf, 0x15, 0x43, 0x36, 0xc1, 0x9f, 0x0a, 0xf7, 0xe0, 0xa6, 0x47, 0x29, 0x05, 0xe7, 0x99, 0xf1, 0x95, 0x3d, 0x2a, 0x0f, 0xf3, 0x34, 0x8a, 0xb2, 0x1a, 0xa4, 0xad, 0xaf, 0xd1, 0xd2, 0x34, 0x44, 0x1c, 0xf8, 0x07, 0xc0, 0x3a, 0x00 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0xcd, 0x23, 0xd2, 0x4f, 0x71, 0x42, 0x74, 0xe7, 0x44, 0x34, 0x32, 0x37, 0xb9, 0x32, 0x90, 0xf5, 0x11, 0xf6, 0x42, 0x5f, 0x98, 0xe6, 0x44, 0x59, 0xff, 0x20, 0x3e, 0x89, 0x85, 0x08, 0x3f, 0xfd, 0xf6, 0x05, 0x00, 0x55, 0x3a, 0xbc, 0x0e, 0x05, 0xcd, 0x02, 0x18, 0x4b, 0xdb, 0x89, 0xc4, 0xcc, 0xd6, 0x7e, 0x18, 0x79, 0x51, 0x26, 0x7e, 0xb3, 0x28 }, .pub = (const unsigned char []){ 0xdc, 0xea, 0x9e, 0x78, 0xf3, 0x5a, 0x1b, 0xf3, 0x49, 0x9a, 0x83, 0x1b, 0x10, 0xb8, 0x6c, 0x90, 0xaa, 0xc0, 0x1c, 0xd8, 0x4b, 0x67, 0xa0, 0x10, 0x9b, 0x55, 0xa3, 0x6e, 0x93, 0x28, 0xb1, 0xe3, 0x65, 0xfc, 0xe1, 0x61, 0xd7, 0x1c, 0xe7, 0x13, 0x1a, 0x54, 0x3e, 0xa4, 0xcb, 0x5f, 0x7e, 0x9f, 0x1d, 0x8b, 0x00, 0x69, 0x64, 0x47, 0x00, 0x14, 0x00 }, .msg = (const unsigned char []){ 0x0c, 0x3e, 0x54, 0x40, 0x74, 0xec, 0x63, 0xb0, 0x26, 0x5e, 0x0c }, .msglen = 11, .sig = (const unsigned char []){ 0x1f, 0x0a, 0x88, 0x88, 0xce, 0x25, 0xe8, 0xd4, 0x58, 0xa2, 0x11, 0x30, 0x87, 0x9b, 0x84, 0x0a, 0x90, 0x89, 0xd9, 0x99, 0xaa, 0xba, 0x03, 0x9e, 0xaf, 0x3e, 0x3a, 0xfa, 0x09, 0x0a, 0x09, 0xd3, 0x89, 0xdb, 0xa8, 0x2c, 0x4f, 0xf2, 0xae, 0x8a, 0xc5, 0xcd, 0xfb, 0x7c, 0x55, 0xe9, 0x4d, 0x5d, 0x96, 0x1a, 0x29, 0xfe, 0x01, 0x09, 0x94, 0x1e, 0x00, 0xb8, 0xdb, 0xde, 0xea, 0x6d, 0x3b, 0x05, 0x10, 0x68, 0xdf, 0x72, 0x54, 0xc0, 0xcd, 0xc1, 0x29, 0xcb, 0xe6, 0x2d, 0xb2, 0xdc, 0x95, 0x7d, 0xbb, 0x47, 0xb5, 0x1f, 0xd3, 0xf2, 0x13, 0xfb, 0x86, 0x98, 0xf0, 0x64, 0x77, 0x42, 0x50, 0xa5, 0x02, 0x89, 0x61, 0xc9, 0xbf, 0x8f, 0xfd, 0x97, 0x3f, 0xe5, 0xd5, 0xc2, 0x06, 0x49, 0x2b, 0x14, 0x0e, 0x00 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0x25, 0x8c, 0xdd, 0x4a, 0xda, 0x32, 0xed, 0x9c, 0x9f, 0xf5, 0x4e, 0x63, 0x75, 0x6a, 0xe5, 0x82, 0xfb, 0x8f, 0xab, 0x2a, 0xc7, 0x21, 0xf2, 0xc8, 0xe6, 0x76, 0xa7, 0x27, 0x68, 0x51, 0x3d, 0x93, 0x9f, 0x63, 0xdd, 0xdb, 0x55, 0x60, 0x91, 0x33, 0xf2, 0x9a, 0xdf, 0x86, 0xec, 0x99, 0x29, 0xdc, 0xcb, 0x52, 0xc1, 0xc5, 0xfd, 0x2f, 0xf7, 0xe2, 0x1b }, .pub = (const unsigned char []){ 0x3b, 0xa1, 0x6d, 0xa0, 0xc6, 0xf2, 0xcc, 0x1f, 0x30, 0x18, 0x77, 0x40, 0x75, 0x6f, 0x5e, 0x79, 0x8d, 0x6b, 0xc5, 0xfc, 0x01, 0x5d, 0x7c, 0x63, 0xcc, 0x95, 0x10, 0xee, 0x3f, 0xd4, 0x4a, 0xdc, 0x24, 0xd8, 0xe9, 0x68, 0xb6, 0xe4, 0x6e, 0x6f, 0x94, 0xd1, 0x9b, 0x94, 0x53, 0x61, 0x72, 0x6b, 0xd7, 0x5e, 0x14, 0x9e, 0xf0, 0x98, 0x17, 0xf5, 0x80 }, .msg = (const unsigned char []){ 0x64, 0xa6, 0x5f, 0x3c, 0xde, 0xdc, 0xdd, 0x66, 0x81, 0x1e, 0x29, 0x15 }, .msglen = 12, .sig = (const unsigned char []){ 0x7e, 0xee, 0xab, 0x7c, 0x4e, 0x50, 0xfb, 0x79, 0x9b, 0x41, 0x8e, 0xe5, 0xe3, 0x19, 0x7f, 0xf6, 0xbf, 0x15, 0xd4, 0x3a, 0x14, 0xc3, 0x43, 0x89, 0xb5, 0x9d, 0xd1, 0xa7, 0xb1, 0xb8, 0x5b, 0x4a, 0xe9, 0x04, 0x38, 0xac, 0xa6, 0x34, 0xbe, 0xa4, 0x5e, 0x3a, 0x26, 0x95, 0xf1, 0x27, 0x0f, 0x07, 0xfd, 0xcd, 0xf7, 0xc6, 0x2b, 0x8e, 0xfe, 0xaf, 0x00, 0xb4, 0x5c, 0x2c, 0x96, 0xba, 0x45, 0x7e, 0xb1, 0xa8, 0xbf, 0x07, 0x5a, 0x3d, 0xb2, 0x8e, 0x5c, 0x24, 0xf6, 0xb9, 0x23, 0xed, 0x4a, 0xd7, 0x47, 0xc3, 0xc9, 0xe0, 0x3c, 0x70, 0x79, 0xef, 0xb8, 0x7c, 0xb1, 0x10, 0xd3, 0xa9, 0x98, 0x61, 0xe7, 0x20, 0x03, 0xcb, 0xae, 0x6d, 0x6b, 0x8b, 0x82, 0x7e, 0x4e, 0x6c, 0x14, 0x30, 0x64, 0xff, 0x3c, 0x00 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0x7e, 0xf4, 0xe8, 0x45, 0x44, 0x23, 0x67, 0x52, 0xfb, 0xb5, 0x6b, 0x8f, 0x31, 0xa2, 0x3a, 0x10, 0xe4, 0x28, 0x14, 0xf5, 0xf5, 0x5c, 0xa0, 0x37, 0xcd, 0xcc, 0x11, 0xc6, 0x4c, 0x9a, 0x3b, 0x29, 0x49, 0xc1, 0xbb, 0x60, 0x70, 0x03, 0x14, 0x61, 0x17, 0x32, 0xa6, 0xc2, 0xfe, 0xa9, 0x8e, 0xeb, 0xc0, 0x26, 0x6a, 0x11, 0xa9, 0x39, 0x70, 0x10, 0x0e }, .pub = (const unsigned char []){ 0xb3, 0xda, 0x07, 0x9b, 0x0a, 0xa4, 0x93, 0xa5, 0x77, 0x20, 0x29, 0xf0, 0x46, 0x7b, 0xae, 0xbe, 0xe5, 0xa8, 0x11, 0x2d, 0x9d, 0x3a, 0x22, 0x53, 0x23, 0x61, 0xda, 0x29, 0x4f, 0x7b, 0xb3, 0x81, 0x5c, 0x5d, 0xc5, 0x9e, 0x17, 0x6b, 0x4d, 0x9f, 0x38, 0x1c, 0xa0, 0x93, 0x8e, 0x13, 0xc6, 0xc0, 0x7b, 0x17, 0x4b, 0xe6, 0x5d, 0xfa, 0x57, 0x8e, 0x80 }, .msg = (const unsigned char []){ 0x64, 0xa6, 0x5f, 0x3c, 0xde, 0xdc, 0xdd, 0x66, 0x81, 0x1e, 0x29, 0x15, 0xe7 }, .msglen = 13, .sig = (const unsigned char []){ 0x6a, 0x12, 0x06, 0x6f, 0x55, 0x33, 0x1b, 0x6c, 0x22, 0xac, 0xd5, 0xd5, 0xbf, 0xc5, 0xd7, 0x12, 0x28, 0xfb, 0xda, 0x80, 0xae, 0x8d, 0xec, 0x26, 0xbd, 0xd3, 0x06, 0x74, 0x3c, 0x50, 0x27, 0xcb, 0x48, 0x90, 0x81, 0x0c, 0x16, 0x2c, 0x02, 0x74, 0x68, 0x67, 0x5e, 0xcf, 0x64, 0x5a, 0x83, 0x17, 0x6c, 0x0d, 0x73, 0x23, 0xa2, 0xcc, 0xde, 0x2d, 0x80, 0xef, 0xe5, 0xa1, 0x26, 0x8e, 0x8a, 0xca, 0x1d, 0x6f, 0xbc, 0x19, 0x4d, 0x3f, 0x77, 0xc4, 0x49, 0x86, 0xeb, 0x4a, 0xb4, 0x17, 0x79, 0x19, 0xad, 0x8b, 0xec, 0x33, 0xeb, 0x47, 0xbb, 0xb5, 0xfc, 0x6e, 0x28, 0x19, 0x6f, 0xd1, 0xca, 0xf5, 0x6b, 0x4e, 0x7e, 0x0b, 0xa5, 0x51, 0x92, 0x34, 0xd0, 0x47, 0x15, 0x5a, 0xc7, 0x27, 0xa1, 0x05, 0x31, 0x00 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0xd6, 0x5d, 0xf3, 0x41, 0xad, 0x13, 0xe0, 0x08, 0x56, 0x76, 0x88, 0xba, 0xed, 0xda, 0x8e, 0x9d, 0xcd, 0xc1, 0x7d, 0xc0, 0x24, 0x97, 0x4e, 0xa5, 0xb4, 0x22, 0x7b, 0x65, 0x30, 0xe3, 0x39, 0xbf, 0xf2, 0x1f, 0x99, 0xe6, 0x8c, 0xa6, 0x96, 0x8f, 0x3c, 0xca, 0x6d, 0xfe, 0x0f, 0xb9, 0xf4, 0xfa, 0xb4, 0xfa, 0x13, 0x5d, 0x55, 0x42, 0xea, 0x3f, 0x01 }, .pub = (const unsigned char []){ 0xdf, 0x97, 0x05, 0xf5, 0x8e, 0xdb, 0xab, 0x80, 0x2c, 0x7f, 0x83, 0x63, 0xcf, 0xe5, 0x56, 0x0a, 0xb1, 0xc6, 0x13, 0x2c, 0x20, 0xa9, 0xf1, 0xdd, 0x16, 0x34, 0x83, 0xa2, 0x6f, 0x8a, 0xc5, 0x3a, 0x39, 0xd6, 0x80, 0x8b, 0xf4, 0xa1, 0xdf, 0xbd, 0x26, 0x1b, 0x09, 0x9b, 0xb0, 0x3b, 0x3f, 0xb5, 0x09, 0x06, 0xcb, 0x28, 0xbd, 0x8a, 0x08, 0x1f, 0x00 }, .msg = (const unsigned char []){ 0xbd, 0x0f, 0x6a, 0x37, 0x47, 0xcd, 0x56, 0x1b, 0xdd, 0xdf, 0x46, 0x40, 0xa3, 0x32, 0x46, 0x1a, 0x4a, 0x30, 0xa1, 0x2a, 0x43, 0x4c, 0xd0, 0xbf, 0x40, 0xd7, 0x66, 0xd9, 0xc6, 0xd4, 0x58, 0xe5, 0x51, 0x22, 0x04, 0xa3, 0x0c, 0x17, 0xd1, 0xf5, 0x0b, 0x50, 0x79, 0x63, 0x1f, 0x64, 0xeb, 0x31, 0x12, 0x18, 0x2d, 0xa3, 0x00, 0x58, 0x35, 0x46, 0x11, 0x13, 0x71, 0x8d, 0x1a, 0x5e, 0xf9, 0x44 }, .msglen = 64, .sig = (const unsigned char []){ 0x55, 0x4b, 0xc2, 0x48, 0x08, 0x60, 0xb4, 0x9e, 0xab, 0x85, 0x32, 0xd2, 0xa5, 0x33, 0xb7, 0xd5, 0x78, 0xef, 0x47, 0x3e, 0xeb, 0x58, 0xc9, 0x8b, 0xb2, 0xd0, 0xe1, 0xce, 0x48, 0x8a, 0x98, 0xb1, 0x8d, 0xfd, 0xe9, 0xb9, 0xb9, 0x07, 0x75, 0xe6, 0x7f, 0x47, 0xd4, 0xa1, 0xc3, 0x48, 0x20, 0x58, 0xef, 0xc9, 0xf4, 0x0d, 0x2c, 0xa0, 0x33, 0xa0, 0x80, 0x1b, 0x63, 0xd4, 0x5b, 0x3b, 0x72, 0x2e, 0xf5, 0x52, 0xba, 0xd3, 0xb4, 0xcc, 0xb6, 0x67, 0xda, 0x35, 0x01, 0x92, 0xb6, 0x1c, 0x50, 0x8c, 0xf7, 0xb6, 0xb5, 0xad, 0xad, 0xc2, 0xc8, 0xd9, 0xa4, 0x46, 0xef, 0x00, 0x3f, 0xb0, 0x5c, 0xba, 0x5f, 0x30, 0xe8, 0x8e, 0x36, 0xec, 0x27, 0x03, 0xb3, 0x49, 0xca, 0x22, 0x9c, 0x26, 0x70, 0x83, 0x39, 0x00 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0x2e, 0xc5, 0xfe, 0x3c, 0x17, 0x04, 0x5a, 0xbd, 0xb1, 0x36, 0xa5, 0xe6, 0xa9, 0x13, 0xe3, 0x2a, 0xb7, 0x5a, 0xe6, 0x8b, 0x53, 0xd2, 0xfc, 0x14, 0x9b, 0x77, 0xe5, 0x04, 0x13, 0x2d, 0x37, 0x56, 0x9b, 0x7e, 0x76, 0x6b, 0xa7, 0x4a, 0x19, 0xbd, 0x61, 0x62, 0x34, 0x3a, 0x21, 0xc8, 0x59, 0x0a, 0xa9, 0xce, 0xbc, 0xa9, 0x01, 0x4c, 0x63, 0x6d, 0xf5 }, .pub = (const unsigned char []){ 0x79, 0x75, 0x6f, 0x01, 0x4d, 0xcf, 0xe2, 0x07, 0x9f, 0x5d, 0xd9, 0xe7, 0x18, 0xbe, 0x41, 0x71, 0xe2, 0xef, 0x24, 0x86, 0xa0, 0x8f, 0x25, 0x18, 0x6f, 0x6b, 0xff, 0x43, 0xa9, 0x93, 0x6b, 0x9b, 0xfe, 0x12, 0x40, 0x2b, 0x08, 0xae, 0x65, 0x79, 0x8a, 0x3d, 0x81, 0xe2, 0x2e, 0x9e, 0xc8, 0x0e, 0x76, 0x90, 0x86, 0x2e, 0xf3, 0xd4, 0xed, 0x3a, 0x00 }, .msg = (const unsigned char []){ 0x15, 0x77, 0x75, 0x32, 0xb0, 0xbd, 0xd0, 0xd1, 0x38, 0x9f, 0x63, 0x6c, 0x5f, 0x6b, 0x9b, 0xa7, 0x34, 0xc9, 0x0a, 0xf5, 0x72, 0x87, 0x7e, 0x2d, 0x27, 0x2d, 0xd0, 0x78, 0xaa, 0x1e, 0x56, 0x7c, 0xfa, 0x80, 0xe1, 0x29, 0x28, 0xbb, 0x54, 0x23, 0x30, 0xe8, 0x40, 0x9f, 0x31, 0x74, 0x50, 0x41, 0x07, 0xec, 0xd5, 0xef, 0xac, 0x61, 0xae, 0x75, 0x04, 0xda, 0xbe, 0x2a, 0x60, 0x2e, 0xde, 0x89, 0xe5, 0xcc, 0xa6, 0x25, 0x7a, 0x7c, 0x77, 0xe2, 0x7a, 0x70, 0x2b, 0x3a, 0xe3, 0x9f, 0xc7, 0x69, 0xfc, 0x54, 0xf2, 0x39, 0x5a, 0xe6, 0xa1, 0x17, 0x8c, 0xab, 0x47, 0x38, 0xe5, 0x43, 0x07, 0x2f, 0xc1, 0xc1, 0x77, 0xfe, 0x71, 0xe9, 0x2e, 0x25, 0xbf, 0x03, 0xe4, 0xec, 0xb7, 0x2f, 0x47, 0xb6, 0x4d, 0x04, 0x65, 0xaa, 0xea, 0x4c, 0x7f, 0xad, 0x37, 0x25, 0x36, 0xc8, 0xba, 0x51, 0x6a, 0x60, 0x39, 0xc3, 0xc2, 0xa3, 0x9f, 0x0e, 0x4d, 0x83, 0x2b, 0xe4, 0x32, 0xdf, 0xa9, 0xa7, 0x06, 0xa6, 0xe5, 0xc7, 0xe1, 0x9f, 0x39, 0x79, 0x64, 0xca, 0x42, 0x58, 0x00, 0x2f, 0x7c, 0x05, 0x41, 0xb5, 0x90, 0x31, 0x6d, 0xbc, 0x56, 0x22, 0xb6, 0xb2, 0xa6, 0xfe, 0x7a, 0x4a, 0xbf, 0xfd, 0x96, 0x10, 0x5e, 0xca, 0x76, 0xea, 0x7b, 0x98, 0x81, 0x6a, 0xf0, 0x74, 0x8c, 0x10, 0xdf, 0x04, 0x8c, 0xe0, 0x12, 0xd9, 0x01, 0x01, 0x5a, 0x51, 0xf1, 0x89, 0xf3, 0x88, 0x81, 0x45, 0xc0, 0x36, 0x50, 0xaa, 0x23, 0xce, 0x89, 0x4c, 0x3b, 0xd8, 0x89, 0xe0, 0x30, 0xd5, 0x65, 0x07, 0x1c, 0x59, 0xf4, 0x09, 0xa9, 0x98, 0x1b, 0x51, 0x87, 0x8f, 0xd6, 0xfc, 0x11, 0x06, 0x24, 0xdc, 0xbc, 0xde, 0x0b, 0xf7, 0xa6, 0x9c, 0xcc, 0xe3, 0x8f, 0xab, 0xdf, 0x86, 0xf3, 0xbe, 0xf6, 0x04, 0x48, 0x19, 0xde, 0x11 }, .msglen = 256, .sig = (const unsigned char []){ 0xc6, 0x50, 0xdd, 0xbb, 0x06, 0x01, 0xc1, 0x9c, 0xa1, 0x14, 0x39, 0xe1, 0x64, 0x0d, 0xd9, 0x31, 0xf4, 0x3c, 0x51, 0x8e, 0xa5, 0xbe, 0xa7, 0x0d, 0x3d, 0xcd, 0xe5, 0xf4, 0x19, 0x1f, 0xe5, 0x3f, 0x00, 0xcf, 0x96, 0x65, 0x46, 0xb7, 0x2b, 0xcc, 0x7d, 0x58, 0xbe, 0x2b, 0x9b, 0xad, 0xef, 0x28, 0x74, 0x39, 0x54, 0xe3, 0xa4, 0x4a, 0x23, 0xf8, 0x80, 0xe8, 0xd4, 0xf1, 0xcf, 0xce, 0x2d, 0x7a, 0x61, 0x45, 0x2d, 0x26, 0xda, 0x05, 0x89, 0x6f, 0x0a, 0x50, 0xda, 0x66, 0xa2, 0x39, 0xa8, 0xa1, 0x88, 0xb6, 0xd8, 0x25, 0xb3, 0x30, 0x5a, 0xd7, 0x7b, 0x73, 0xfb, 0xac, 0x08, 0x36, 0xec, 0xc6, 0x09, 0x87, 0xfd, 0x08, 0x52, 0x7c, 0x1a, 0x8e, 0x80, 0xd5, 0x82, 0x3e, 0x65, 0xca, 0xfe, 0x2a, 0x3d, 0x00 }, }, { .nid = NID_ED448, .priv = (const unsigned char []){ 0x87, 0x2d, 0x09, 0x37, 0x80, 0xf5, 0xd3, 0x73, 0x0d, 0xf7, 0xc2, 0x12, 0x66, 0x4b, 0x37, 0xb8, 0xa0, 0xf2, 0x4f, 0x56, 0x81, 0x0d, 0xaa, 0x83, 0x82, 0xcd, 0x4f, 0xa3, 0xf7, 0x76, 0x34, 0xec, 0x44, 0xdc, 0x54, 0xf1, 0xc2, 0xed, 0x9b, 0xea, 0x86, 0xfa, 0xfb, 0x76, 0x32, 0xd8, 0xbe, 0x19, 0x9e, 0xa1, 0x65, 0xf5, 0xad, 0x55, 0xdd, 0x9c, 0xe8 }, .pub = (const unsigned char []){ 0xa8, 0x1b, 0x2e, 0x8a, 0x70, 0xa5, 0xac, 0x94, 0xff, 0xdb, 0xcc, 0x9b, 0xad, 0xfc, 0x3f, 0xeb, 0x08, 0x01, 0xf2, 0x58, 0x57, 0x8b, 0xb1, 0x14, 0xad, 0x44, 0xec, 0xe1, 0xec, 0x0e, 0x79, 0x9d, 0xa0, 0x8e, 0xff, 0xb8, 0x1c, 0x5d, 0x68, 0x5c, 0x0c, 0x56, 0xf6, 0x4e, 0xec, 0xae, 0xf8, 0xcd, 0xf1, 0x1c, 0xc3, 0x87, 0x37, 0x83, 0x8c, 0xf4, 0x00 }, .msg = (const unsigned char []){ 0x6d, 0xdf, 0x80, 0x2e, 0x1a, 0xae, 0x49, 0x86, 0x93, 0x5f, 0x7f, 0x98, 0x1b, 0xa3, 0xf0, 0x35, 0x1d, 0x62, 0x73, 0xc0, 0xa0, 0xc2, 0x2c, 0x9c, 0x0e, 0x83, 0x39, 0x16, 0x8e, 0x67, 0x54, 0x12, 0xa3, 0xde, 0xbf, 0xaf, 0x43, 0x5e, 0xd6, 0x51, 0x55, 0x80, 0x07, 0xdb, 0x43, 0x84, 0xb6, 0x50, 0xfc, 0xc0, 0x7e, 0x3b, 0x58, 0x6a, 0x27, 0xa4, 0xf7, 0xa0, 0x0a, 0xc8, 0xa6, 0xfe, 0xc2, 0xcd, 0x86, 0xae, 0x4b, 0xf1, 0x57, 0x0c, 0x41, 0xe6, 0xa4, 0x0c, 0x93, 0x1d, 0xb2, 0x7b, 0x2f, 0xaa, 0x15, 0xa8, 0xce, 0xdd, 0x52, 0xcf, 0xf7, 0x36, 0x2c, 0x4e, 0x6e, 0x23, 0xda, 0xec, 0x0f, 0xbc, 0x3a, 0x79, 0xb6, 0x80, 0x6e, 0x31, 0x6e, 0xfc, 0xc7, 0xb6, 0x81, 0x19, 0xbf, 0x46, 0xbc, 0x76, 0xa2, 0x60, 0x67, 0xa5, 0x3f, 0x29, 0x6d, 0xaf, 0xdb, 0xdc, 0x11, 0xc7, 0x7f, 0x77, 0x77, 0xe9, 0x72, 0x66, 0x0c, 0xf4, 0xb6, 0xa9, 0xb3, 0x69, 0xa6, 0x66, 0x5f, 0x02, 0xe0, 0xcc, 0x9b, 0x6e, 0xdf, 0xad, 0x13, 0x6b, 0x4f, 0xab, 0xe7, 0x23, 0xd2, 0x81, 0x3d, 0xb3, 0x13, 0x6c, 0xfd, 0xe9, 0xb6, 0xd0, 0x44, 0x32, 0x2f, 0xee, 0x29, 0x47, 0x95, 0x2e, 0x03, 0x1b, 0x73, 0xab, 0x5c, 0x60, 0x33, 0x49, 0xb3, 0x07, 0xbd, 0xc2, 0x7b, 0xc6, 0xcb, 0x8b, 0x8b, 0xbd, 0x7b, 0xd3, 0x23, 0x21, 0x9b, 0x80, 0x33, 0xa5, 0x81, 0xb5, 0x9e, 0xad, 0xeb, 0xb0, 0x9b, 0x3c, 0x4f, 0x3d, 0x22, 0x77, 0xd4, 0xf0, 0x34, 0x36, 0x24, 0xac, 0xc8, 0x17, 0x80, 0x47, 0x28, 0xb2, 0x5a, 0xb7, 0x97, 0x17, 0x2b, 0x4c, 0x5c, 0x21, 0xa2, 0x2f, 0x9c, 0x78, 0x39, 0xd6, 0x43, 0x00, 0x23, 0x2e, 0xb6, 0x6e, 0x53, 0xf3, 0x1c, 0x72, 0x3f, 0xa3, 0x7f, 0xe3, 0x87, 0xc7, 0xd3, 0xe5, 0x0b, 0xdf, 0x98, 0x13, 0xa3, 0x0e, 0x5b, 0xb1, 0x2c, 0xf4, 0xcd, 0x93, 0x0c, 0x40, 0xcf, 0xb4, 0xe1, 0xfc, 0x62, 0x25, 0x92, 0xa4, 0x95, 0x88, 0x79, 0x44, 0x94, 0xd5, 0x6d, 0x24, 0xea, 0x4b, 0x40, 0xc8, 0x9f, 0xc0, 0x59, 0x6c, 0xc9, 0xeb, 0xb9, 0x61, 0xc8, 0xcb, 0x10, 0xad, 0xde, 0x97, 0x6a, 0x5d, 0x60, 0x2b, 0x1c, 0x3f, 0x85, 0xb9, 0xb9, 0xa0, 0x01, 0xed, 0x3c, 0x6a, 0x4d, 0x3b, 0x14, 0x37, 0xf5, 0x20, 0x96, 0xcd, 0x19, 0x56, 0xd0, 0x42, 0xa5, 0x97, 0xd5, 0x61, 0xa5, 0x96, 0xec, 0xd3, 0xd1, 0x73, 0x5a, 0x8d, 0x57, 0x0e, 0xa0, 0xec, 0x27, 0x22, 0x5a, 0x2c, 0x4a, 0xaf, 0xf2, 0x63, 0x06, 0xd1, 0x52, 0x6c, 0x1a, 0xf3, 0xca, 0x6d, 0x9c, 0xf5, 0xa2, 0xc9, 0x8f, 0x47, 0xe1, 0xc4, 0x6d, 0xb9, 0xa3, 0x32, 0x34, 0xcf, 0xd4, 0xd8, 0x1f, 0x2c, 0x98, 0x53, 0x8a, 0x09, 0xeb, 0xe7, 0x69, 0x98, 0xd0, 0xd8, 0xfd, 0x25, 0x99, 0x7c, 0x7d, 0x25, 0x5c, 0x6d, 0x66, 0xec, 0xe6, 0xfa, 0x56, 0xf1, 0x11, 0x44, 0x95, 0x0f, 0x02, 0x77, 0x95, 0xe6, 0x53, 0x00, 0x8f, 0x4b, 0xd7, 0xca, 0x2d, 0xee, 0x85, 0xd8, 0xe9, 0x0f, 0x3d, 0xc3, 0x15, 0x13, 0x0c, 0xe2, 0xa0, 0x03, 0x75, 0xa3, 0x18, 0xc7, 0xc3, 0xd9, 0x7b, 0xe2, 0xc8, 0xce, 0x5b, 0x6d, 0xb4, 0x1a, 0x62, 0x54, 0xff, 0x26, 0x4f, 0xa6, 0x15, 0x5b, 0xae, 0xe3, 0xb0, 0x77, 0x3c, 0x0f, 0x49, 0x7c, 0x57, 0x3f, 0x19, 0xbb, 0x4f, 0x42, 0x40, 0x28, 0x1f, 0x0b, 0x1f, 0x4f, 0x7b, 0xe8, 0x57, 0xa4, 0xe5, 0x9d, 0x41, 0x6c, 0x06, 0xb4, 0xc5, 0x0f, 0xa0, 0x9e, 0x18, 0x10, 0xdd, 0xc6, 0xb1, 0x46, 0x7b, 0xae, 0xac, 0x5a, 0x36, 0x68, 0xd1, 0x1b, 0x6e, 0xca, 0xa9, 0x01, 0x44, 0x00, 0x16, 0xf3, 0x89, 0xf8, 0x0a, 0xcc, 0x4d, 0xb9, 0x77, 0x02, 0x5e, 0x7f, 0x59, 0x24, 0x38, 0x8c, 0x7e, 0x34, 0x0a, 0x73, 0x2e, 0x55, 0x44, 0x40, 0xe7, 0x65, 0x70, 0xf8, 0xdd, 0x71, 0xb7, 0xd6, 0x40, 0xb3, 0x45, 0x0d, 0x1f, 0xd5, 0xf0, 0x41, 0x0a, 0x18, 0xf9, 0xa3, 0x49, 0x4f, 0x70, 0x7c, 0x71, 0x7b, 0x79, 0xb4, 0xbf, 0x75, 0xc9, 0x84, 0x00, 0xb0, 0x96, 0xb2, 0x16, 0x53, 0xb5, 0xd2, 0x17, 0xcf, 0x35, 0x65, 0xc9, 0x59, 0x74, 0x56, 0xf7, 0x07, 0x03, 0x49, 0x7a, 0x07, 0x87, 0x63, 0x82, 0x9b, 0xc0, 0x1b, 0xb1, 0xcb, 0xc8, 0xfa, 0x04, 0xea, 0xdc, 0x9a, 0x6e, 0x3f, 0x66, 0x99, 0x58, 0x7a, 0x9e, 0x75, 0xc9, 0x4e, 0x5b, 0xab, 0x00, 0x36, 0xe0, 0xb2, 0xe7, 0x11, 0x39, 0x2c, 0xff, 0x00, 0x47, 0xd0, 0xd6, 0xb0, 0x5b, 0xd2, 0xa5, 0x88, 0xbc, 0x10, 0x97, 0x18, 0x95, 0x42, 0x59, 0xf1, 0xd8, 0x66, 0x78, 0xa5, 0x79, 0xa3, 0x12, 0x0f, 0x19, 0xcf, 0xb2, 0x96, 0x3f, 0x17, 0x7a, 0xeb, 0x70, 0xf2, 0xd4, 0x84, 0x48, 0x26, 0x26, 0x2e, 0x51, 0xb8, 0x02, 0x71, 0x27, 0x20, 0x68, 0xef, 0x5b, 0x38, 0x56, 0xfa, 0x85, 0x35, 0xaa, 0x2a, 0x88, 0xb2, 0xd4, 0x1f, 0x2a, 0x0e, 0x2f, 0xda, 0x76, 0x24, 0xc2, 0x85, 0x02, 0x72, 0xac, 0x4a, 0x2f, 0x56, 0x1f, 0x8f, 0x2f, 0x7a, 0x31, 0x8b, 0xfd, 0x5c, 0xaf, 0x96, 0x96, 0x14, 0x9e, 0x4a, 0xc8, 0x24, 0xad, 0x34, 0x60, 0x53, 0x8f, 0xdc, 0x25, 0x42, 0x1b, 0xee, 0xc2, 0xcc, 0x68, 0x18, 0x16, 0x2d, 0x06, 0xbb, 0xed, 0x0c, 0x40, 0xa3, 0x87, 0x19, 0x23, 0x49, 0xdb, 0x67, 0xa1, 0x18, 0xba, 0xda, 0x6c, 0xd5, 0xab, 0x01, 0x40, 0xee, 0x27, 0x32, 0x04, 0xf6, 0x28, 0xaa, 0xd1, 0xc1, 0x35, 0xf7, 0x70, 0x27, 0x9a, 0x65, 0x1e, 0x24, 0xd8, 0xc1, 0x4d, 0x75, 0xa6, 0x05, 0x9d, 0x76, 0xb9, 0x6a, 0x6f, 0xd8, 0x57, 0xde, 0xf5, 0xe0, 0xb3, 0x54, 0xb2, 0x7a, 0xb9, 0x37, 0xa5, 0x81, 0x5d, 0x16, 0xb5, 0xfa, 0xe4, 0x07, 0xff, 0x18, 0x22, 0x2c, 0x6d, 0x1e, 0xd2, 0x63, 0xbe, 0x68, 0xc9, 0x5f, 0x32, 0xd9, 0x08, 0xbd, 0x89, 0x5c, 0xd7, 0x62, 0x07, 0xae, 0x72, 0x64, 0x87, 0x56, 0x7f, 0x9a, 0x67, 0xda, 0xd7, 0x9a, 0xbe, 0xc3, 0x16, 0xf6, 0x83, 0xb1, 0x7f, 0x2d, 0x02, 0xbf, 0x07, 0xe0, 0xac, 0x8b, 0x5b, 0xc6, 0x16, 0x2c, 0xf9, 0x46, 0x97, 0xb3, 0xc2, 0x7c, 0xd1, 0xfe, 0xa4, 0x9b, 0x27, 0xf2, 0x3b, 0xa2, 0x90, 0x18, 0x71, 0x96, 0x25, 0x06, 0x52, 0x0c, 0x39, 0x2d, 0xa8, 0xb6, 0xad, 0x0d, 0x99, 0xf7, 0x01, 0x3f, 0xbc, 0x06, 0xc2, 0xc1, 0x7a, 0x56, 0x95, 0x00, 0xc8, 0xa7, 0x69, 0x64, 0x81, 0xc1, 0xcd, 0x33, 0xe9, 0xb1, 0x4e, 0x40, 0xb8, 0x2e, 0x79, 0xa5, 0xf5, 0xdb, 0x82, 0x57, 0x1b, 0xa9, 0x7b, 0xae, 0x3a, 0xd3, 0xe0, 0x47, 0x95, 0x15, 0xbb, 0x0e, 0x2b, 0x0f, 0x3b, 0xfc, 0xd1, 0xfd, 0x33, 0x03, 0x4e, 0xfc, 0x62, 0x45, 0xed, 0xdd, 0x7e, 0xe2, 0x08, 0x6d, 0xda, 0xe2, 0x60, 0x0d, 0x8c, 0xa7, 0x3e, 0x21, 0x4e, 0x8c, 0x2b, 0x0b, 0xdb, 0x2b, 0x04, 0x7c, 0x6a, 0x46, 0x4a, 0x56, 0x2e, 0xd7, 0x7b, 0x73, 0xd2, 0xd8, 0x41, 0xc4, 0xb3, 0x49, 0x73, 0x55, 0x12, 0x57, 0x71, 0x3b, 0x75, 0x36, 0x32, 0xef, 0xba, 0x34, 0x81, 0x69, 0xab, 0xc9, 0x0a, 0x68, 0xf4, 0x26, 0x11, 0xa4, 0x01, 0x26, 0xd7, 0xcb, 0x21, 0xb5, 0x86, 0x95, 0x56, 0x81, 0x86, 0xf7, 0xe5, 0x69, 0xd2, 0xff, 0x0f, 0x9e, 0x74, 0x5d, 0x04, 0x87, 0xdd, 0x2e, 0xb9, 0x97, 0xca, 0xfc, 0x5a, 0xbf, 0x9d, 0xd1, 0x02, 0xe6, 0x2f, 0xf6, 0x6c, 0xba, 0x87 }, .msglen = 1023, .sig = (const unsigned char []){ 0xe3, 0x01, 0x34, 0x5a, 0x41, 0xa3, 0x9a, 0x4d, 0x72, 0xff, 0xf8, 0xdf, 0x69, 0xc9, 0x80, 0x75, 0xa0, 0xcc, 0x08, 0x2b, 0x80, 0x2f, 0xc9, 0xb2, 0xb6, 0xbc, 0x50, 0x3f, 0x92, 0x6b, 0x65, 0xbd, 0xdf, 0x7f, 0x4c, 0x8f, 0x1c, 0xb4, 0x9f, 0x63, 0x96, 0xaf, 0xc8, 0xa7, 0x0a, 0xbe, 0x6d, 0x8a, 0xef, 0x0d, 0xb4, 0x78, 0xd4, 0xc6, 0xb2, 0x97, 0x00, 0x76, 0xc6, 0xa0, 0x48, 0x4f, 0xe7, 0x6d, 0x76, 0xb3, 0xa9, 0x76, 0x25, 0xd7, 0x9f, 0x1c, 0xe2, 0x40, 0xe7, 0xc5, 0x76, 0x75, 0x0d, 0x29, 0x55, 0x28, 0x28, 0x6f, 0x71, 0x9b, 0x41, 0x3d, 0xe9, 0xad, 0xa3, 0xe8, 0xeb, 0x78, 0xed, 0x57, 0x36, 0x03, 0xce, 0x30, 0xd8, 0xbb, 0x76, 0x17, 0x85, 0xdc, 0x30, 0xdb, 0xc3, 0x20, 0x86, 0x9e, 0x1a, 0x00 }, }, }; const size_t EDDSA_TV_LEN = sizeof(EDDSA_TV) / sizeof(EDDSA_TV[0]); #endif libica-4.0.1/test/fips_test.c000066400000000000000000000030351417716165400160770ustar00rootroot00000000000000#include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "ica_api.h" #include "testcase.h" #define FIPS_FLAG "/proc/sys/crypto/fips_enabled" int main(void) { FILE *fd; int fips, rv; char fips_flag; printf("Kernel FIPS flag (%s) is ", FIPS_FLAG); if ((fd = fopen(FIPS_FLAG, "r")) != NULL) { if (fread(&fips_flag, sizeof(fips_flag), 1, fd) == 1) { fips_flag -= '0'; printf("%d.", fips_flag); } else { printf("not readable."); } fclose(fd); } else { fips_flag = 0; printf("not present."); } printf("\nKernel %s in FIPS mode.\n", fips_flag ? "runs" : "doesn't run"); printf("Libica has "); #ifdef ICA_FIPS fips = ica_fips_status(); #else fips = 0; printf("no "); #endif /* ICA_FIPS */ printf("built-in FIPS support.\nLibica %s in FIPS mode.\n", fips & ICA_FIPS_MODE ? "runs" : "doesn't run"); rv = EXIT_SUCCESS; #ifdef ICA_FIPS if ((fips & ICA_FIPS_MODE) != fips_flag) { printf("This shouldn't happen.\n"); rv = EXIT_FAILURE; } if (fips & ICA_FIPS_CRYPTOALG) { printf("Libica FIPS powerup test failed.\n"); rv = EXIT_FAILURE; } if (fips & ICA_FIPS_INTEGRITY) { printf("Libica FIPS integrity check failed.\n"); rv = EXIT_FAILURE; } #endif /* ICA_FIPS */ printf("OpenSSL version is '%s'.\n", OPENSSL_VERSION_TEXT); printf("OpenSSL %s in FIPS mode.\n\n", fips ? "runs" : "doesn't run"); if (rv) return TEST_FAIL; return TEST_SUCC; } libica-4.0.1/test/get_functionlist_cex_test.c000066400000000000000000000052131417716165400213550ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2021 */ /* * Test program for libica-cex API call ica_get_functionlist(). * * Test 1: invalid input. * Test 2: Valid input. */ #include #include #include #include "ica_api.h" #include #include "testcase.h" /** * For libica-cex, all CPACF-related functions and software fallbacks are * unavailable. Only RSA-ME, RSA-CRT, ECDH, ECDSA, and EC keygen may be * available via a CCA card. As we don't check for a CCA card here, just * skip these. Also RSA keygen is an exception: it's no sw fallback, but * a sw implementation. */ int cex_check_ok(libica_func_list_element func) { switch (func.mech_mode_id) { case RSA_KEY_GEN_ME: case RSA_KEY_GEN_CRT: case RSA_ME: case RSA_CRT: case EC_DH: case EC_DSA_SIGN: case EC_DSA_VERIFY: case EC_KGEN: return 1; break; default: if (func.flags != 0) return 0; break; } return 1; } int main(int argc, char **argv) { libica_func_list_element* libica_func_list; int rc; int failed = 0; unsigned int count, x; set_verbosity(argc, argv); //========== Test#1 good case ============ V_(printf("Testing libica-cex API ica_get_functionlist().\n")); rc = ica_get_functionlist(NULL, &count); if (rc) { V_(printf("ica_get_functionlist for libica-cex failed with rc=%02x\n", rc)); return TEST_FAIL; } V_(printf("Retrieved number of elements: %d\n", count)); libica_func_list = malloc(sizeof(libica_func_list_element) * count); if (!libica_func_list) { V_(printf("Cannot malloc libica_func_list\n")); failed++; goto done; } rc = ica_get_functionlist(libica_func_list, &count); if (rc) { V_(printf("Retrieving function list for libica-cex failed with rc=%02x\n", rc)); failed++; } else { for (x = 0; x < count; x++) { V_(printf("ID: %d Flags: %d Property: %d\n", libica_func_list[x].mech_mode_id, libica_func_list[x].flags, libica_func_list[x].property)); if (!cex_check_ok(libica_func_list[x])) { V_(printf("Error: mech mode %d has flags unequal to zero!\n", libica_func_list[x].mech_mode_id)); failed++; } } } //========== Test#2 bad parameter ============ rc = ica_get_functionlist(NULL, NULL); if (rc != EINVAL) { V_(printf("Operation failed: Expected: %d Actual: %d\n", EINVAL, rc)); failed++; } done: free(libica_func_list); if (failed) { printf("ica_get_functionlist tests for libica-cex failed.\n"); return TEST_FAIL; } printf("All ica_get_functionlist tests for libica-cex passed.\n"); return TEST_SUCC; } libica-4.0.1/test/get_functionlist_test.c000066400000000000000000000034361417716165400205230ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2013 */ /* * Test program for libica API call ica_get_version(). * * Test 1: invalid input. * Test 2: Valid input. */ #include #include #include #include "ica_api.h" #include #include "testcase.h" int main(int argc, char **argv) { libica_func_list_element* libica_func_list; int rc; int failed = 0; unsigned int count, x; set_verbosity(argc, argv); //========== Test#1 good case ============ V_(printf("Testing libica API ica_get_functionlist().\n")); rc = ica_get_functionlist(NULL, &count); if (rc) { V_(printf("ica_get_functionlist failed with rc=%02x\n", rc)); return TEST_FAIL; } V_(printf("Retrieved number of elements: %d\n", count)); libica_func_list = malloc(sizeof(libica_func_list_element) * count); if (!libica_func_list) { V_(printf("Cannot malloc libica_func_list\n")); failed++; goto done; } rc = ica_get_functionlist(libica_func_list, &count); if (rc) { V_(printf("Retrieving function list failed with rc=%02x\n", rc)); failed++; } else { for (x = 0; x < count; x++) { V_(printf("ID: %d Flags: %d Property: %d\n", libica_func_list[x].mech_mode_id, libica_func_list[x].flags, libica_func_list[x].property)); } } //========== Test#2 bad parameter ============ rc = ica_get_functionlist(NULL, NULL); if (rc != EINVAL) { V_(printf("Operation failed: Expected: %d Actual: %d\n", EINVAL, rc)); failed++; } done: free(libica_func_list); if (failed) { printf("ica_get_functionlist tests failed.\n"); return TEST_FAIL; } printf("All ica_get_functionlist tests passed.\n"); return TEST_SUCC; } libica-4.0.1/test/get_version_test.c000066400000000000000000000025711417716165400174660ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ /* * Test program for libica API call ica_get_version(). * * Test 1: invalid input. * Test 2: Valid input. */ #include #include #include #include "ica_api.h" #include #include "testcase.h" int main(int argc, char **argv) { libica_version_info version_info; int rc; int failed = 0; set_verbosity(argc, argv); V_(printf("Testing libica API ica_get_version() w/ invalid input (NULL).\n")); rc = ica_get_version(NULL); if (rc == EINVAL) { V_(printf("Test successful\n")); } else { printf("Test failed: rc=%x, expected: %x \n", rc, EINVAL); failed++; } V_(printf("Testing libica API ica_get_version_() w/ valid input.\n")); rc = ica_get_version(&version_info); if (rc == 0) { V_(printf("Test successful\n")); V_(printf("Major_version:%d, minor_version %d, fixpack_version %d\n", version_info.major_version, version_info.minor_version, version_info.fixpack_version)); } else { V_(printf("Test failed rc=%d, expected: %d \n", rc, 0)); failed++; } if (failed) { printf("Failed ica_get_version tests: %d\n", failed); return TEST_FAIL; } printf("All ica_get_version tests passed.\n"); return TEST_SUCC; } libica-4.0.1/test/icastats_test.c.in000066400000000000000000000674631417716165400173750ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. **/ /* Copyright IBM Corp. 2014 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define DATA_LENGHT 32 #define DES_CIPHER_BLOCK 8 #define AES_CIPHER_BLOCK 16 #define RSA_BYTE_LENGHT 128 unsigned char plain_data[] = { 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x6c, 0x69, 0x62, 0x69, 0x63, 0x61, 0x20, 0x69, 0x73, 0x20, 0x73, 0x6d, 0x61, 0x72, 0x74, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x65, 0x61, 0x73, 0x79, 0x21, 0x00, }; int hw_flag; unsigned int mech_len; libica_func_list_element *pmech_list = NULL; static int handle_ica_error(int rc, char *message); static int is_crypto_card_loaded(); void create_hw_info(); int check_hw(unsigned int algo_id); void check_icastats(int algo_id, char *stat); void des_tests(unsigned char *iv, unsigned char *cmac, unsigned char *ctr); void tdes_tests(unsigned char *iv, unsigned char *cmac, unsigned char *ctr); void sha_tests(); void rsa_tests(ica_adapter_handle_t handle); void aes_tests(unsigned char *iv, unsigned char *cmac, unsigned char *ctr); int main (int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping ICA-stats test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int value; const char *ptr; ica_adapter_handle_t adapter_handle; unsigned char *cmac; unsigned char *ctr; unsigned char *iv; set_verbosity(argc, argv); /* Skip test if stats are not counted. */ ptr = getenv(ICA_STATS_ENV); if (ptr && sscanf(ptr, "%i", &value) == 1 && !value) exit(TEST_SKIP); if((cmac = malloc(AES_CIPHER_BLOCK*sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } if((ctr = malloc(AES_CIPHER_BLOCK*sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } if((iv = malloc(AES_CIPHER_BLOCK*sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } /* * Open crypto adapter **/ rc = ica_open_adapter(&adapter_handle); if (rc != 0) { V_(printf("ica_open_adapter failed and returned %d (0x%x).\n", rc, rc)); } create_hw_info(); /* * Reset Counters **/ rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_random_number_generate(AES_CIPHER_BLOCK, ctr); if (rc) exit(handle_ica_error(rc, "ica_random_number_generate")); /* * Check if counter for Random operations has incremneted **/ /* ica_random_number_generate uses ica_drbg if available. Otherwise the * old prng code is used. */ if (check_hw(SHA512_DRNG) == 1 || check_hw(SHA512) == 1) check_icastats(SHA512_DRNG, "DRBG-SHA-512"); else check_icastats(P_RNG, "P_RNG"); rc = ica_random_number_generate(AES_CIPHER_BLOCK, iv); if (rc) exit(handle_ica_error(rc, "ica_random_number_generate")); /* * Check counters for all crypto operations **/ des_tests(iv, cmac, ctr); tdes_tests(iv, cmac, ctr); sha_tests(); rsa_tests(adapter_handle); aes_tests(iv, cmac, ctr); free(cmac); free(ctr); free(iv); printf("All icastats tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } int is_crypto_card_loaded() { DIR* sysDir; FILE *file; char dev[PATH_MAX] = "/sys/devices/ap/"; struct dirent *direntp; char *type = NULL; size_t size; char c; if ((sysDir = opendir(dev)) == NULL ) return 0; while((direntp = readdir(sysDir)) != NULL){ if(strstr(direntp->d_name, "card") != 0){ snprintf(dev, PATH_MAX, "/sys/devices/ap/%s/type", direntp->d_name); if ((file = fopen(dev, "r")) == NULL){ closedir(sysDir); return 0; } if (getline(&type, &size, file) == -1){ fclose(file); closedir(sysDir); return 0; } /* ignore \n * looking for CEX??A and CEX??C * Skip type CEX??P cards **/ if (type[strlen(type)-2] == 'P'){ free(type); type = NULL; fclose(file); continue; } free(type); type = NULL; fclose(file); snprintf(dev, PATH_MAX, "/sys/devices/ap/%s/online", direntp->d_name); if ((file = fopen(dev, "r")) == NULL){ closedir(sysDir); return 0; } if((c = fgetc(file)) == '1'){ fclose(file); closedir(sysDir); return 1; } fclose(file); } } closedir(sysDir); return 0; } /* * Create Hardware Info database **/ void create_hw_info() { if (ica_get_functionlist(NULL, &mech_len) != 0){ perror("get_functionlist: "); exit(TEST_FAIL); } pmech_list = malloc(sizeof(libica_func_list_element)*mech_len); if (ica_get_functionlist(pmech_list, &mech_len) != 0){ perror("get_functionlist: "); free(pmech_list); exit(TEST_FAIL); } hw_flag = is_crypto_card_loaded(); } /* * check if a cryptp operation is supported in hardware **/ int check_hw(unsigned int algo_id) { int i; for (i = mech_len - 1; i >= 0; i--) if (pmech_list[i].mech_mode_id == algo_id) break; if (i < 0) return -1; if (hw_flag) { if(pmech_list[i].flags & (ICA_FLAG_SHW | ICA_FLAG_DHW)) return 1; else return 0; } else { if(pmech_list[i].flags & ICA_FLAG_SHW) return 1; else return 0; } } /* * Check if icastats has counted correctly **/ void check_icastats(int algo_id, char *stat) { char cmd[256], line[256], *p; FILE *f; int i, hw, rc=-1, counters=0; uint64_t hwcounter1=0, hwcounter2=0, swcounter1=0, swcounter2=0; hw = check_hw(algo_id); if (hw < 0) return; /* unknown algo_id */ sprintf(cmd, "@builddir@icastats | grep '%s'", stat); f = popen(cmd, "r"); if (!f) { perror("error in peopen"); exit(TEST_FAIL); } if (fgets(line, sizeof(line), f) == NULL) { perror("error in fgets"); exit(TEST_FAIL); } pclose(f); /* remove trailing whitespace from the line */ i = strlen(line); while (i > 0 && isspace(line[i-1])) { line[i-1] = 0; i--; } p = strstr(line, "|"); if (!p) goto out; /* no | in the output. Wrong algo string ? */ p++; while (isspace(*p)) p++; hwcounter1 = atol(p); /* parse 1st hw counter value */ counters++; while (*p && !isspace(*p)) p++; /* parse over counter value */ while (isspace(*p)) p++; /* now either a | or another counter value follows */ if (isdigit(*p)) { hwcounter2 = atol(p); /* parse 2nd hw counter value */ counters++; while (*p && !isspace(*p)) p++; /* parse over counter value */ while (isspace(*p)) p++; } /* now there should be a | */ if (*p != '|') { V_(fprintf(stderr, "parse error, missing '|' in line '%s'\n", line)); goto out; } p++; while (isspace(*p)) p++; swcounter1 = atol(p); /* parse 1st sw counter value */ counters++; while (*p && !isspace(*p)) p++; /* parse over counter value */ while (isspace(*p)) p++; /* maybe another counter value follows */ if (isdigit(*p)) { swcounter2 = atol(p); /* parse 2nd sw counter value */ counters++; } /* counters should be 2 or 4 now */ if (counters == 2) { if (hw) { /* hwcounter1 should be > 0 */ if (hwcounter1 > 0) rc = 0; else goto out; } else { /* swcounter1 should be > 0 */ if (swcounter1 > 0) rc = 0; else goto out; } } else if (counters == 4) { if (hw) { /* hwcounter1 or hwcounter2 should be > 0 */ if (hwcounter1 > 0 || hwcounter2 > 0) rc = 0; else goto out; } else { /* swcounter1 or swcounter2 should be > 0 */ if (swcounter1 > 0 || swcounter2 > 0) rc = 0; else goto out; } } else { V_(printf("parse error, could not parse 2 or 4 counter values\n")); goto out; } out: if (rc == 0) { V_(printf("Test %s SUCCESS.\n", stat)); } else { printf("icastats %s test FAILED!\n", stat); V_(printf("icastats line for %s was '%s'\n", stat, line)); exit(TEST_FAIL); } } static int handle_ica_error(int rc, char *message) { printf("Error in %s: ", message); switch (rc) { case 0: V_(printf("OK\n")); break; case EINVAL: V_(printf("Incorrect parameter.\n")); break; case ENODEV: V_(printf("No hardware device available.\n")); break; case EPERM: V_(printf("Operation not permitted by Hardware.\n")); break; case EIO: V_(printf("I/O error.\n")); break; default: V_(perror("")); } return TEST_FAIL; } void des_tests(unsigned char *iv, unsigned char *cmac, unsigned char *ctr) { int rc = 0; int mode; unsigned char *out_buffer; unsigned char *inp_buffer = plain_data; unsigned char des_key[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, }; #ifdef ICA_FIPS if (ica_fips_status() & ICA_FIPS_MODE) { V_(printf("All icastats DES tests skipped." " (DES not FIPS approved)\n")); return; } #endif /* ICA_FIPS */ if((out_buffer = malloc(DATA_LENGHT*sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_des_ecb(inp_buffer, out_buffer, DATA_LENGHT, des_key, mode); if (rc) exit(handle_ica_error(rc, "ica_des_ecb")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES_ECB, "DES ECB"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_des_cbc(inp_buffer, out_buffer, DATA_LENGHT, des_key, iv, mode); if(rc) exit(handle_ica_error(rc, "ica_des_ecb")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES_CBC, "DES CBC"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_des_cfb(inp_buffer, out_buffer, DATA_LENGHT, des_key, iv, DES_CIPHER_BLOCK, mode); if(rc) exit(handle_ica_error(rc, "ica_des_cfb")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES_CFB, "DES CFB"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_des_cmac(inp_buffer, DATA_LENGHT, cmac, DES_CIPHER_BLOCK, des_key, mode); if(rc) exit(handle_ica_error(rc, "ica_des_cmac")); } check_icastats(DES_CMAC, "DES CMAC"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_des_ctr(inp_buffer, out_buffer, DATA_LENGHT, des_key, ctr, DES_CIPHER_BLOCK, mode); if(rc) exit(handle_ica_error(rc, "ica_des_ctr")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES_CTR, "DES CTR"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_des_ofb(inp_buffer, out_buffer, DATA_LENGHT, des_key, iv, mode); if(rc) exit(handle_ica_error(rc, "ica_des_ofb")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES_OFB, "DES OFB"); free(out_buffer); } void tdes_tests(unsigned char *iv, unsigned char *cmac, unsigned char *ctr) { int rc = 0; int mode; unsigned char *out_buffer; unsigned char *inp_buffer = plain_data; unsigned char des_key[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x01, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x02, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, }; if((out_buffer = malloc(DATA_LENGHT*sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_3des_ecb(inp_buffer, out_buffer, DATA_LENGHT, des_key, mode); if (rc) exit(handle_ica_error(rc, "ica_3des_ecb")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES3_ECB, "3DES ECB"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_3des_cbc(inp_buffer, out_buffer, DATA_LENGHT, des_key, iv, mode); if(rc) exit(handle_ica_error(rc, "ica_3des_cbc")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES3_CBC, "3DES CBC"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_3des_cfb(inp_buffer, out_buffer, DATA_LENGHT, des_key, iv, DES_CIPHER_BLOCK, mode); if(rc) exit(handle_ica_error(rc, "ica_3des_cfb")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES3_CFB, "3DES CFB"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_3des_cmac(inp_buffer, DATA_LENGHT, cmac, DES_CIPHER_BLOCK, des_key, mode); if(rc) exit(handle_ica_error(rc, "ica_3des_cmac")); } check_icastats(DES3_CMAC, "3DES CMAC"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_3des_ctr(inp_buffer, out_buffer, DATA_LENGHT, des_key, ctr, DES_CIPHER_BLOCK, mode); if(rc) exit(handle_ica_error(rc, "ica_3des_ctr")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES3_CTR, "3DES CTR"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1; mode >= 0; mode--){ rc = ica_3des_ofb(inp_buffer, out_buffer, DATA_LENGHT, des_key, iv, mode); if(rc) exit(handle_ica_error(rc, "ica_3des_ofb")); if(mode == ICA_ENCRYPT) inp_buffer = out_buffer; else if(mode == ICA_DECRYPT) inp_buffer = plain_data; } check_icastats(DES3_OFB, "3DES OFB"); free(out_buffer); } #define SHA3_PARMBLOCK_LENGTH 200 #define SHAKE128_64_HASH_LENGTH 64 #define SHAKE256_256_HASH_LENGTH 256 void sha_tests() { int rc = 0; unsigned char hash[SHA512_HASH_LENGTH]; unsigned char shake[SHAKE256_256_HASH_LENGTH]; sha_context_t sha_context0; sha256_context_t sha_context1; sha512_context_t sha_context2; sha3_224_context_t sha3_224_context; sha3_256_context_t sha3_256_context; sha3_384_context_t sha3_384_context; sha3_512_context_t sha3_512_context; shake_128_context_t shake_128_context; shake_256_context_t shake_256_context; rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha1(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha_context0, hash); if(rc) exit(handle_ica_error(rc, "ica_sha1")); check_icastats(SHA1, "SHA-1"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha224(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha_context1, hash); if(rc) exit(handle_ica_error(rc, "ica_sha224")); check_icastats(SHA224, "SHA-224"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha256(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha_context1, hash); if(rc) exit(handle_ica_error(rc, "ica_sha256")); check_icastats(SHA256, "SHA-256"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha384(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha_context2, hash); if(rc) exit(handle_ica_error(rc, "ica_sha384")); check_icastats(SHA384, "SHA-384"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha512(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha_context2, hash); if(rc) exit(handle_ica_error(rc, "ica_sha512")); check_icastats(SHA512, "SHA-512"); if (check_hw(SHA3_224)) { rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha3_224(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha3_224_context, hash); if(rc) exit(handle_ica_error(rc, "ica_sha3_224")); check_icastats(SHA3_224, "SHA3-224"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha3_256(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha3_256_context, hash); if(rc) exit(handle_ica_error(rc, "ica_sha3_256")); check_icastats(SHA3_256, "SHA3-256"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha3_384(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha3_384_context, hash); if(rc) exit(handle_ica_error(rc, "ica_sha3_384")); check_icastats(SHA3_384, "SHA3-384"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_sha3_512(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &sha3_512_context, hash); if(rc) exit(handle_ica_error(rc, "ica_sha3_512")); check_icastats(SHA3_512, "SHA3-512"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_shake_128(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &shake_128_context, shake, SHAKE128_64_HASH_LENGTH); if(rc) exit(handle_ica_error(rc, "ica_shake_128")); check_icastats(SHAKE128, "SHAKE-128"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_shake_256(SHA_MSG_PART_ONLY, DATA_LENGHT, plain_data, &shake_256_context, shake, SHAKE256_256_HASH_LENGTH); if(rc) exit(handle_ica_error(rc, "ica_shake_256")); check_icastats(SHAKE256, "SHAKE-256"); } } void rsa_tests(ica_adapter_handle_t handle) { unsigned char e[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03 }; unsigned char n[] = { 0xec, 0x51, 0xab, 0xa1, 0xf8, 0x40, 0x2c, 0x08, 0x2e, 0x24, 0x52, 0x2e, 0x3c, 0x51, 0x6d, 0x98, 0xad, 0xee, 0xc7, 0x7d, 0x00, 0xaf, 0xe1, 0xa8, 0x61, 0xda, 0x32, 0x97, 0xb4, 0x32, 0x97, 0xe3, 0x52, 0xda, 0x28, 0x45, 0x55, 0xc6, 0xb2, 0x46, 0x65, 0x1b, 0x02, 0xcb, 0xbe, 0xf4, 0x2c, 0x6b, 0x2a, 0x5f, 0xe1, 0xdf, 0xe9, 0xe3, 0xbc, 0x47, 0xb7, 0x38, 0xb5, 0xa2, 0x78, 0x9d, 0x15, 0xe2, 0x59, 0x81, 0x77, 0x6b, 0x6b, 0x2e, 0xa9, 0xdb, 0x13, 0x26, 0x9c, 0xca, 0x5e, 0x0a, 0x1f, 0x3c, 0x50, 0x9d, 0xd6, 0x79, 0x59, 0x99, 0x50, 0xe5, 0x68, 0x1a, 0x98, 0xca, 0x11, 0xce, 0x37, 0x63, 0x58, 0x22, 0x40, 0x19, 0x29, 0x72, 0x4c, 0x41, 0x89, 0x0b, 0x56, 0x9e, 0x3e, 0xd5, 0x6d, 0x75, 0x9e, 0x3f, 0x8a, 0x50, 0xf1, 0x0a, 0x59, 0x4a, 0xc3, 0x59, 0x4b, 0xf6, 0xbb, 0xc9, 0xa5, 0x93 }; unsigned char input_data[] = { 0x00, 0x02, 0x08, 0x68, 0x30, 0x9a, 0x32, 0x08, 0x57, 0xb0, 0x28, 0xaa, 0x76, 0x30, 0x3d, 0x84, 0x5f, 0x92, 0x0d, 0x8e, 0x34, 0xe0, 0xd5, 0xcc, 0x36, 0x97, 0xed, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 0x60, 0x61, 0x62, 0x63 }; unsigned char p[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfb, 0xb7, 0x73, 0x24, 0x42, 0xfe, 0x8f, 0x16, 0xf0, 0x6e, 0x2d, 0x86, 0x22, 0x46, 0x79, 0xd1, 0x58, 0x6f, 0x26, 0x24, 0x17, 0x12, 0xa3, 0x1a, 0xfd, 0xf7, 0x75, 0xd4, 0xcd, 0xf9, 0xde, 0x4b, 0x8c, 0xb7, 0x04, 0x5d, 0xd9, 0x18, 0xc8, 0x26, 0x61, 0x54, 0xe0, 0x92, 0x2f, 0x47, 0xf7, 0x33, 0xc2, 0x17, 0xd8, 0xda, 0xe0, 0x6d, 0xb6, 0x30, 0xd6, 0xdc, 0xf9, 0x6a, 0x4c, 0xa1, 0xa2, 0x4b }; unsigned char q[] = { 0xf0, 0x57, 0x24, 0xf6, 0x2a, 0x5a, 0x6d, 0x8e, 0xb8, 0xc6, 0x6f, 0xd2, 0xbb, 0x36, 0x4f, 0x6d, 0xd8, 0xbc, 0xa7, 0x2f, 0xbd, 0x43, 0xdc, 0x9a, 0x0e, 0x2a, 0x36, 0xb9, 0x21, 0x05, 0xfa, 0x22, 0x6c, 0xe8, 0x22, 0x68, 0x2f, 0x1c, 0xe8, 0x27, 0xc1, 0xed, 0x08, 0x7a, 0x43, 0x70, 0x7b, 0xe3, 0x46, 0x74, 0x02, 0x6e, 0xb2, 0xb1, 0xeb, 0x44, 0x72, 0x86, 0x0d, 0x55, 0x3b, 0xc8, 0xbc, 0xd9 }; unsigned char dp[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa7, 0xcf, 0xa2, 0x18, 0x2c, 0xa9, 0xb4, 0xb9, 0xf5, 0x9e, 0xc9, 0x04, 0x16, 0xd9, 0xa6, 0x8b, 0x90, 0x4a, 0x19, 0x6d, 0x64, 0xb7, 0x17, 0x67, 0x53, 0xfa, 0x4e, 0x8d, 0xde, 0xa6, 0x94, 0x32, 0x5d, 0xcf, 0x58, 0x3e, 0x90, 0xbb, 0x30, 0x19, 0x96, 0x38, 0x95, 0xb6, 0xca, 0x2f, 0xfa, 0x22, 0x81, 0x65, 0x3b, 0x3c, 0x95, 0x9e, 0x79, 0x75, 0xe4, 0x93, 0x50, 0xf1, 0x88, 0x6b, 0xc1, 0x87 }; unsigned char dq[] = { 0xa0, 0x3a, 0x18, 0xa4, 0x1c, 0x3c, 0x49, 0x09, 0xd0, 0x84, 0x4a, 0x8c, 0x7c, 0xce, 0xdf, 0x9e, 0x90, 0x7d, 0xc4, 0xca, 0x7e, 0x2d, 0x3d, 0xbc, 0x09, 0x71, 0x79, 0xd0, 0xc0, 0xae, 0xa6, 0xc1, 0x9d, 0xf0, 0x16, 0xf0, 0x1f, 0x68, 0x9a, 0xc5, 0x2b, 0xf3, 0x5a, 0xfc, 0x2c, 0xf5, 0xa7, 0xec, 0xd9, 0xa2, 0xac, 0x49, 0xcc, 0x76, 0x9c, 0xd8, 0x4c, 0x59, 0x5e, 0x38, 0xd2, 0x85, 0xd3, 0x3b }; unsigned char qinv[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x83, 0xf1, 0xca, 0x06, 0x58, 0x4a, 0x04, 0x5e, 0x96, 0xb5, 0x30, 0x32, 0x40, 0x36, 0x48, 0xb9, 0x02, 0x0c, 0xe3, 0x37, 0xb7, 0x51, 0xbc, 0x22, 0x26, 0x5d, 0x74, 0x03, 0x47, 0xd3, 0x33, 0x20, 0x8e, 0x75, 0x62, 0xf2, 0x9d, 0x4e, 0xc8, 0x7d, 0x5d, 0x8e, 0xb6, 0xd9, 0x69, 0x4a, 0x9a, 0xe1, 0x36, 0x6e, 0x1c, 0xbe, 0x8a, 0x14, 0xb1, 0x85, 0x39, 0x74, 0x7c, 0x25, 0xd8, 0xa4, 0x4f, 0xde }; unsigned char *output_data; unsigned char *data = input_data; int rc = 0; if((output_data = malloc(RSA_BYTE_LENGHT*sizeof(char))) == NULL){ perror("error in malloc: "); exit(TEST_FAIL); } ica_rsa_key_mod_expo_t mod_expo_key= {RSA_BYTE_LENGHT, n, e}; ica_rsa_key_crt_t crt_key = {RSA_BYTE_LENGHT, p, q, dp, dq, qinv}; rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_rsa_mod_expo(handle, data, &mod_expo_key, output_data); if(rc) #ifndef NO_SW_FALLBACKS exit(handle_ica_error(rc, "ica_rsa_key_mod_expo")); #else rc == ENODEV ? exit(TEST_SKIP) : exit(handle_ica_error(rc, "ica_rsa_key_mod_expo")); #endif check_icastats(RSA_ME, "RSA-ME"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); rc = ica_rsa_crt(handle, data, &crt_key, output_data); if(rc) #ifndef NO_SW_FALLBACKS exit(handle_ica_error(rc, "ica_rsa_crt")); #else rc == ENODEV ? exit(TEST_SKIP) : exit(handle_ica_error(rc, "ica_rsa_crt")); #endif check_icastats(RSA_CRT, "RSA-CRT"); free(output_data); } void aes_tests(unsigned char *iv, unsigned char *cmac, unsigned char *ctr) { int rc = 0; int mode; unsigned char *output_buffer, *tag, *nonce; unsigned char *input_buffer = plain_data; unsigned char aes_key[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char aes_key2[] = { 0x2c, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, }; unsigned char tweak[] = { 0x72, 0xf3, 0xb0, 0x54, 0xcb, 0xdc, 0x2f, 0x9e, 0x3c, 0x5b, 0xc5, 0x51, 0xd4, 0x4d, 0xdb, 0xa0, }; #define NONCE_LENGHT 10 if((nonce = malloc(NONCE_LENGHT*sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } if((tag = malloc(AES_CIPHER_BLOCK*sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } if((output_buffer = malloc((DATA_LENGHT+AES_CIPHER_BLOCK) *sizeof(char))) == NULL){ perror("Error in malloc: "); exit(TEST_FAIL); } rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1;mode >= 0;mode--){ rc = ica_aes_cbc(input_buffer, output_buffer, DATA_LENGHT, aes_key, AES_KEY_LEN128, iv, mode); if(rc) exit(handle_ica_error(rc, "ica_aes_cbc")); if(mode == ICA_ENCRYPT) input_buffer = output_buffer; else if(mode == ICA_DECRYPT) input_buffer = plain_data; } check_icastats(AES_CBC, "AES CBC"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1;mode >= 0;mode--){ rc = ica_aes_cfb(input_buffer, output_buffer, DATA_LENGHT, aes_key, AES_KEY_LEN128, iv, AES_CIPHER_BLOCK, mode); if(rc) exit(handle_ica_error(rc, "ica_aes_cfb")); if(mode == ICA_ENCRYPT) input_buffer = output_buffer; else if(mode == ICA_DECRYPT) input_buffer = plain_data; } check_icastats(AES_CFB, "AES CFB"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1;mode >= 0;mode--){ rc = ica_aes_cmac(input_buffer, DATA_LENGHT, cmac, AES_CIPHER_BLOCK, aes_key, AES_KEY_LEN128, mode); if(rc) exit(handle_ica_error(rc, "ica_aes_cmac")); } check_icastats(AES_CMAC, "AES CMAC"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1;mode >= 0;mode--){ rc = ica_aes_ctr(input_buffer, output_buffer, DATA_LENGHT, aes_key, AES_KEY_LEN128, ctr, AES_CIPHER_BLOCK, mode); if(rc) exit(handle_ica_error(rc, "ica_aes_ctr")); if(mode == ICA_ENCRYPT) input_buffer = output_buffer; else if(mode == ICA_DECRYPT) input_buffer = plain_data; } check_icastats(AES_CTR, "AES CTR"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1;mode >= 0;mode--){ rc = ica_aes_ecb(input_buffer, output_buffer, DATA_LENGHT, aes_key, AES_KEY_LEN128, mode); if (rc) exit(handle_ica_error(rc, "ica_aes_ecb")); if(mode == ICA_ENCRYPT) input_buffer = output_buffer; else if(mode == ICA_DECRYPT) input_buffer = plain_data; } check_icastats(AES_ECB, "AES ECB"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1;mode >= 0;mode--){ rc = ica_aes_ofb(input_buffer, output_buffer, DATA_LENGHT, aes_key, AES_KEY_LEN128, iv, mode); if(rc) exit(handle_ica_error(rc, "ica_aes_ofb")); if(mode == ICA_ENCRYPT) input_buffer = output_buffer; else if(mode == ICA_DECRYPT) input_buffer = plain_data; } check_icastats(AES_OFB, "AES OFB"); rc = system("@builddir@icastats -r"); if (rc == -1) exit(handle_ica_error(rc, "system")); for(mode = 1;mode >= 0;mode--){ rc = ica_aes_xts(input_buffer, output_buffer, DATA_LENGHT, aes_key, aes_key2, AES_KEY_LEN128, tweak, mode); if(rc) exit(handle_ica_error(rc, "ica_aes_xts")); if(mode == ICA_ENCRYPT) input_buffer = output_buffer; else if(mode == ICA_DECRYPT) input_buffer = plain_data; } check_icastats(AES_XTS, "AES XTS"); free(tag); free(output_buffer); free(nonce); } libica-4.0.1/test/icastats_test.sh000077500000000000000000000000421417716165400171370ustar00rootroot00000000000000#!/bin/bash ./icastats_test -vv libica-4.0.1/test/mp_test.c000066400000000000000000000307261417716165400155610ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Author(s): Patrick Steuer * * Copyright IBM Corp. 2018 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" /* * known-answer tests */ static void mul_kat(void); static void sqr_kat(void); /* * pairwise-consintency tests * libica multiple-precision vs openssl bignum */ unsigned long long OPS_PC = 10000ULL; static void mul_pc(void); static void sqr_pc(void); /* * performance benchmarking tests * libica multiple-precision vs openssl bignum */ unsigned long long OPS_BENCH = 100000000ULL; static void mul_bench(void); static void sqr_bench(void); enum { EMPTY, OSSL_MUL, OSSL_SQR, ICA_MUL, ICA_SQR } perf_opt; uint64_t ica_num[512 / 64], ica_num2[512 / 64], ica_res[1024 / 64], ossl_res2[1024 / 64]; struct timeval start, stop; BIGNUM *ossl_num, *ossl_num2, *ossl_res; BN_CTX *ossl_ctx; unsigned long long i, delta; struct { uint64_t a[512 / 64]; uint64_t b[512 / 64]; uint64_t res[1024 / 64]; } mul_kat_vec[] = { { {0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL}, {0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL}, {0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL} }, { {~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL}, {~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL}, {1ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0xfffffffffffffffe, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL} } }; const unsigned long long MUL_KATS = sizeof(mul_kat_vec) / sizeof(mul_kat_vec[0]); struct { uint64_t a[512 / 64]; uint64_t res[1024 / 64]; } sqr_kat_vec[] = { { {0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL}, {0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL} }, { {~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL}, {1ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0xfffffffffffffffe, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL, ~0ULL} } }; const unsigned long long SQR_KATS = sizeof(sqr_kat_vec) / sizeof(sqr_kat_vec[0]); static inline void swap_u64(uint64_t *a, uint64_t *b) { *a ^= *b; *b ^= *a; *a ^= *b; } int main(int argc, char *argv[]) { uint64_t num[1024 / 64]; set_verbosity(argc, argv); if (argc > 2) { if (strcasestr(argv[1], "-ossl_mul")) { perf_opt = OSSL_MUL; OPS_BENCH = strtoull(argv[2], NULL, 0); } else if (strcasestr(argv[1], "-ossl_sqr")) { perf_opt = OSSL_SQR; OPS_BENCH = strtoull(argv[2], NULL, 0); } else if (strcasestr(argv[1], "-ica_mul")) { perf_opt = ICA_MUL; OPS_BENCH = strtoull(argv[2], NULL, 0); } else if (strcasestr(argv[1], "-ica_sqr")) { perf_opt = ICA_SQR; OPS_BENCH = strtoull(argv[2], NULL, 0); } else { perf_opt = EMPTY; } } if (ica_mp_mul512(num, num, num) != 0) { printf("Vector facilities not enabled.\n"); return TEST_SKIP; } ossl_ctx = BN_CTX_new(); if (ossl_ctx == NULL) { printf("ERROR: BN_CTX_new\n"); exit(TEST_FAIL); } ossl_res = BN_new(); if (ossl_res == NULL) { printf("ERROR: BN_CTX_new\n"); exit(TEST_FAIL); } ossl_num = BN_new(); if (ossl_num == NULL) { printf("ERROR: BN_new\n"); exit(TEST_FAIL); } ossl_num2 = BN_new(); if (ossl_num2 == NULL) { printf("ERROR: BN_new\n"); exit(TEST_FAIL); } if (perf_opt == EMPTY) { printf("Known-answer MUL (%llu tests):\n", MUL_KATS); mul_kat(); printf("OK.\n\n"); printf("Known-answer SQR (%llu tests):\n", SQR_KATS); sqr_kat(); printf("OK.\n\n"); printf("Pairwise-consistency MUL (%llu tests):\n", OPS_PC); for (i = 0; i < OPS_PC; i++) mul_pc(); printf("OK.\n\n"); printf("Pairwise-consistency SQR (%llu tests):\n", OPS_PC); for (i = 0; i < OPS_PC; i++) sqr_pc(); printf("OK.\n\n"); } if (perf_opt != ICA_SQR && perf_opt != OSSL_SQR) { printf("Performance benchmark MUL (%llu ops):\n", OPS_BENCH); mul_bench(); printf("\n"); } if (perf_opt != ICA_MUL && perf_opt != OSSL_MUL) { printf("Performance benchmark SQR (%llu ops):\n", OPS_BENCH); sqr_bench(); printf("\n"); } BN_free(ossl_num); BN_free(ossl_num2); BN_free(ossl_res); BN_CTX_free(ossl_ctx); printf("All ica_mp tests passed.\n"); return TEST_SUCC; } static void mul_kat(void) { for (i = 0; i < MUL_KATS; i++) { if (ica_mp_mul512(ica_res, mul_kat_vec[i].a, mul_kat_vec[i].b)) { printf("ERROR: ica_mp_mul512\n"); exit(TEST_FAIL); } if (memcmp(mul_kat_vec[i].res, ica_res, 1024 / 8)) { printf("ERROR: ica_mp_mul512 result doesnt match\n"); VV_(printf("a:\n")); VV_(dump_array_u64(mul_kat_vec[i].a, 512 / 64)); VV_(printf("b:\n")); VV_(dump_array_u64(mul_kat_vec[i].b, 512 / 64)); VV_(printf("known answer (a*b):\n")); VV_(dump_array_u64(mul_kat_vec[i].res, 1024 / 64)); VV_(printf("ica_mp_mul512 (a*b):\n")); VV_(dump_array_u64(ica_res, 1024 / 64)); VV_(printf("(little-endian digits)\n")); exit(TEST_FAIL); } } } static void sqr_kat(void) { for (i = 0; i < SQR_KATS; i++) { if (ica_mp_sqr512(ica_res, sqr_kat_vec[i].a)) { printf("ERROR: ica_mp_mul512\n"); exit(TEST_FAIL); } if (memcmp(sqr_kat_vec[i].res, ica_res, 1024 / 8)) { printf("ERROR: ica_mp_sqr512 result doesnt match\n"); VV_(printf("a:\n")); VV_(dump_array_u64(sqr_kat_vec[i].a, 512 / 64)); VV_(printf("known answer (a^2):\n")); VV_(dump_array_u64(sqr_kat_vec[i].res, 1024 / 64)); VV_(printf("ica_mp_sqr512 (a^2):\n")); VV_(dump_array_u64(ica_res, 1024 / 64)); VV_(printf("(little-endian digits)\n")); exit(TEST_FAIL); } } } static void mul_pc(void) { if (!BN_pseudo_rand(ossl_num, 512, 0, 0)) { printf("ERROR: BN_pseudo_rand\n"); exit(TEST_FAIL); } if (!BN_pseudo_rand(ossl_num2, 512, 0, 0)) { printf("ERROR: BN_pseudo_rand\n"); exit(TEST_FAIL); } memset(ica_num, 0, sizeof(ica_num)); if (BN_bn2bin(ossl_num, (unsigned char *)ica_num) != 512 / 8) { printf("ERROR: BN_bn2bin\n"); exit(TEST_FAIL); } memset(ica_num2, 0, sizeof(ica_num2)); if (BN_bn2bin(ossl_num2, (unsigned char *)ica_num2) != 512 / 8) { printf("ERROR: BN_bn2bin\n"); exit(TEST_FAIL); } /* swap to little-endian digits */ swap_u64(&ica_num[7], &ica_num[0]); swap_u64(&ica_num[6], &ica_num[1]); swap_u64(&ica_num[5], &ica_num[2]); swap_u64(&ica_num[4], &ica_num[3]); swap_u64(&ica_num2[7], &ica_num2[0]); swap_u64(&ica_num2[6], &ica_num2[1]); swap_u64(&ica_num2[5], &ica_num2[2]); swap_u64(&ica_num2[4], &ica_num2[3]); if (!BN_mul(ossl_res, ossl_num, ossl_num2, ossl_ctx)) { printf("ERROR: BN_mul\n"); exit(TEST_FAIL); } if (ica_mp_mul512(ica_res, ica_num, ica_num2)) { printf("ERROR: ica_mp_mul512\n"); exit(TEST_FAIL); } BN_bn2bin(ossl_res, (unsigned char *)ossl_res2); /* swap to big-endian digits */ swap_u64(&ica_res[15], &ica_res[0]); swap_u64(&ica_res[14], &ica_res[1]); swap_u64(&ica_res[13], &ica_res[2]); swap_u64(&ica_res[12], &ica_res[3]); swap_u64(&ica_res[11], &ica_res[4]); swap_u64(&ica_res[10], &ica_res[5]); swap_u64(&ica_res[9], &ica_res[6]); swap_u64(&ica_res[8], &ica_res[7]); if (memcmp(ossl_res2, ica_res, 1024 / 8)) { printf("ERROR: BN_mul/ica_mp_mul512 results dont match\n"); /* swap to big-endian digits */ swap_u64(&ica_num[7], &ica_num[0]); swap_u64(&ica_num[6], &ica_num[1]); swap_u64(&ica_num[5], &ica_num[2]); swap_u64(&ica_num[4], &ica_num[3]); swap_u64(&ica_num2[7], &ica_num2[0]); swap_u64(&ica_num2[6], &ica_num2[1]); swap_u64(&ica_num2[5], &ica_num2[2]); swap_u64(&ica_num2[4], &ica_num2[3]); VV_(printf("a:\n")); VV_(dump_array_u64(ica_num, 512 / 64)); VV_(printf("b:\n")); VV_(dump_array_u64(ica_num2, 512 / 64)); VV_(printf("BN_mul (a*b):\n")); VV_(dump_array_u64(ossl_res2, 1024 / 64)); VV_(printf("ica_mp_mul512 (a*b):\n")); VV_(dump_array_u64(ica_res, 1024 / 64)); VV_(printf("(big-endian digits)\n")); exit(TEST_FAIL); } } static void sqr_pc(void) { if (!BN_pseudo_rand(ossl_num, 512, 0, 0)) { printf("ERROR: BN_pseudo_rand\n"); exit(TEST_FAIL); } memset(ica_num, 0, sizeof(ica_num)); if (BN_bn2bin(ossl_num, (unsigned char *)ica_num) != 512 / 8) { printf("ERROR: BN_bn2bin\n"); exit(TEST_FAIL); } /* swap to little-endian digits */ swap_u64(&ica_num[7], &ica_num[0]); swap_u64(&ica_num[6], &ica_num[1]); swap_u64(&ica_num[5], &ica_num[2]); swap_u64(&ica_num[4], &ica_num[3]); if (!BN_sqr(ossl_res, ossl_num, ossl_ctx)) { printf("ERROR: BN_sqr\n"); exit(TEST_FAIL); } if (ica_mp_sqr512(ica_res, ica_num)) { printf("ERROR: ica_mp_sqr512\n"); exit(TEST_FAIL); } BN_bn2bin(ossl_res, (unsigned char *)ossl_res2); /* swap to big-endian digits */ swap_u64(&ica_res[15], &ica_res[0]); swap_u64(&ica_res[14], &ica_res[1]); swap_u64(&ica_res[13], &ica_res[2]); swap_u64(&ica_res[12], &ica_res[3]); swap_u64(&ica_res[11], &ica_res[4]); swap_u64(&ica_res[10], &ica_res[5]); swap_u64(&ica_res[9], &ica_res[6]); swap_u64(&ica_res[8], &ica_res[7]); if (memcmp(ossl_res2, ica_res, 1024 / 8)) { printf("ERROR: BN_sqr/ica_mp_sqr512 results dont match\n"); /* swap to big-endian digits */ swap_u64(&ica_num[7], &ica_num[0]); swap_u64(&ica_num[6], &ica_num[1]); swap_u64(&ica_num[5], &ica_num[2]); swap_u64(&ica_num[4], &ica_num[3]); VV_(printf("a:\n")); VV_(dump_array_u64(ica_num, 512 / 64)); VV_(printf("BN_sqr (a^2):\n")); VV_(dump_array_u64(ossl_res2, 1024 / 64));; VV_(printf("ica_mp_sqr512 (a^2):\n")); VV_(dump_array_u64(ica_res, 1024 / 64)); VV_(printf("(big-endian digits)\n")); exit(TEST_FAIL); } } static void mul_bench(void) { if (!BN_pseudo_rand(ossl_num, 512, 0, 0)) { printf("ERROR: BN_pseudo_rand\n"); exit(TEST_FAIL); } if (!BN_pseudo_rand(ossl_num2, 512, 0, 0)) { printf("ERROR: BN_pseudo_rand\n"); exit(TEST_FAIL); } memset(ica_num, 0, sizeof(ica_num)); if (BN_bn2bin(ossl_num, (unsigned char *)ica_num) != 512 / 8) { printf("ERROR: BN_bn2bin\n"); exit(TEST_FAIL); } memset(ica_num2, 0, sizeof(ica_num2)); if (BN_bn2bin(ossl_num2, (unsigned char *)ica_num2) != 512 / 8) { printf("ERROR: BN_bn2bin\n"); exit(TEST_FAIL); } /* swap to little-endian digits */ swap_u64(&ica_num[7], &ica_num[0]); swap_u64(&ica_num[6], &ica_num[1]); swap_u64(&ica_num[5], &ica_num[2]); swap_u64(&ica_num[4], &ica_num[3]); swap_u64(&ica_num2[7], &ica_num2[0]); swap_u64(&ica_num2[6], &ica_num2[1]); swap_u64(&ica_num2[5], &ica_num2[2]); swap_u64(&ica_num2[4], &ica_num2[3]); if (perf_opt == EMPTY || perf_opt == OSSL_MUL) { gettimeofday(&start, NULL); for (i = 0; i < OPS_BENCH; i++) { if (!BN_mul(ossl_res, ossl_num, ossl_num, ossl_ctx)) { printf("ERROR: BN_mul\n"); exit(TEST_FAIL); } } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); printf("BN_mul: %llu usec [%.2Lf ops/sec].\n", delta, ops_per_sec(OPS_BENCH, delta)); } if (perf_opt == EMPTY || perf_opt == ICA_MUL) { gettimeofday(&start, NULL); for (i = 0; i < OPS_BENCH; i++) { if (ica_mp_mul512(ica_res, ica_num, ica_num)) { printf("ERROR: ica_mp_mul512\n"); exit(TEST_FAIL); } } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); printf("ica_mp_mul512: %llu usec [%.2Lf ops/sec].\n", delta, ops_per_sec(OPS_BENCH, delta)); } } static void sqr_bench(void) { if (!BN_pseudo_rand(ossl_num, 512, 0, 0)) { printf("ERROR: BN_pseudo_rand\n"); exit(TEST_FAIL); } memset(ica_num, 0, sizeof(ica_num)); if (BN_bn2bin(ossl_num, (unsigned char *)ica_num) != 512 / 8) { printf("ERROR: BN_bn2bin\n"); exit(TEST_FAIL); } /* swap to little-endian digits */ swap_u64(&ica_num[7], &ica_num[0]); swap_u64(&ica_num[6], &ica_num[1]); swap_u64(&ica_num[5], &ica_num[2]); swap_u64(&ica_num[4], &ica_num[3]); if (perf_opt == EMPTY || perf_opt == OSSL_SQR) { gettimeofday(&start, NULL); for (i = 0; i < OPS_BENCH; i++) { if (!BN_sqr(ossl_res, ossl_num, ossl_ctx)) { printf("ERROR: BN_sqr\n"); exit(TEST_FAIL); } } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); printf("BN_sqr: %llu usec [%.2Lf ops/sec].\n", delta, ops_per_sec(OPS_BENCH, delta)); } if (perf_opt == EMPTY || perf_opt == ICA_SQR) { gettimeofday(&start, NULL); for (i = 0; i < OPS_BENCH; i++) { if (ica_mp_sqr512(ica_res, ica_num)) { printf("ERROR: ica_mp_sqr512\n"); exit(TEST_FAIL); } } gettimeofday(&stop, NULL); delta = delta_usec(&start, &stop); printf("ica_mp_sqr512: %llu usec [%.2Lf ops/sec].\n", delta, ops_per_sec(OPS_BENCH, delta)); } } libica-4.0.1/test/rng_test.c000066400000000000000000000023501417716165400157230ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include "ica_api.h" #include #include "testcase.h" unsigned char R[512]; extern int errno; int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping RNG test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc; ica_adapter_handle_t adapter_handle; set_verbosity(argc, argv); rc = ica_open_adapter(&adapter_handle); if (rc != 0) { V_(printf("ica_open_adapter failed and returned %d (0x%x).\n", rc, rc)); } rc = ica_random_number_generate(sizeof R, R); if (rc != 0) { V_(printf("ica_random_number_generate failed and returned %d (0x%x).\n", rc, rc)); #ifdef __s390__ if (rc == ENODEV) { V_(printf("The usual cause of this on zSeries is that the CPACF instruction is not available.\n")); } #endif return TEST_FAIL; } dump_array(R, sizeof R); VV_(printf("\nWell, does it look random?\n\n")); ica_close_adapter(adapter_handle); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/rsa_key_check_test.c000066400000000000000000000054771417716165400177440ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2001, 2015 */ #include #include #include #include #include #include #include "ica_api.h" #include #include "rsa_test.h" #include "testcase.h" extern int errno; int main(int argc, char **argv) { int i, rc; struct timeval start,end; (void)e; /* suppress unused var warning */ (void)n; (void)input_data; (void)ciphertext; set_verbosity(argc, argv); /* Iterate over keys (1024, 2048 and 4096 bit length */ /* privileged keys */ for (i = 0; i < 3; i++) { V_(printf("modulus size = %d\n", RSA_BYTE_LENGHT[i])); ica_rsa_key_crt_t crt_key = {RSA_BYTE_LENGHT[i], p[i], q[i], dp[i], dq[i], qinv[i]}; gettimeofday(&start, NULL); rc = ica_rsa_crt_key_check(&crt_key); if(rc){ V_(printf("ica_rsa_crt_key_check failed!\n")); } gettimeofday(&end, NULL); V_(printf("RSA CRT Key check: key[%d], l=%d (keyset I): %06lu µs.\n", i, RSA_BYTE_LENGHT[i], (end.tv_sec * 1000000 + end.tv_usec) - (start.tv_sec * 1000000 + start.tv_usec))); } /* unprivileged keys */ for (i = 3; i < 6; i++) { V_(printf("modulus size = %d\n", RSA_BYTE_LENGHT[i])); ica_rsa_key_crt_t crt_key = {RSA_BYTE_LENGHT[i], p[i], q[i], dp[i], dq[i], qinv[i]}; gettimeofday(&start, NULL); rc = ica_rsa_crt_key_check(&crt_key); if(!rc){ V_(printf("ica_rsa_crt_key_check failed!\n")); } gettimeofday(&end, NULL); V_(printf("RSA CRT key check: key[%d], l=%d (keyset II): %06lu µs.\n", i, RSA_BYTE_LENGHT[i], (end.tv_sec * 1000000 + end.tv_usec) - (start.tv_sec * 1000000 + start.tv_usec))); V_(printf("Result of recalculated key part (qInv)\n")); dump_array((unsigned char *)crt_key.qInverse, RSA_BYTE_LENGHT[i]/2); V_(printf("Result of expected key part (qInv)\n")); dump_array((unsigned char *)qinv[i-3], RSA_BYTE_LENGHT[i]/2); if( memcmp(crt_key.qInverse, qinv[i-3], RSA_BYTE_LENGHT[i]/2) != 0) { V_(printf("Calculated 'qInv' do not match. Failure!\n")); return TEST_FAIL; } if( memcmp(crt_key.p, p[i-3], RSA_BYTE_LENGHT[i]/2 + 8) != 0) { V_(printf("Prime 'p' do not match. Failure!\n")); return TEST_FAIL; } if( memcmp(crt_key.q, q[i-3], RSA_BYTE_LENGHT[i]/2) != 0) { V_(printf("Prime 'q' do not match. Failure!\n")); return TEST_FAIL; } if( memcmp(crt_key.dp, dp[i-3], RSA_BYTE_LENGHT[i]/2 + 8) != 0) { V_(printf("Parameter 'dp' do not match. Failure!\n")); return TEST_FAIL; } if( memcmp(crt_key.dq, dq[i-3], RSA_BYTE_LENGHT[i]/2) != 0) { V_(printf("Parameter 'dq' do not match. Failure!\n")); return TEST_FAIL; } } printf("All RSA key check tests passed.\n"); return TEST_SUCC; } libica-4.0.1/test/rsa_keygen1024_test.sh000077500000000000000000000000431417716165400177630ustar00rootroot00000000000000#!/bin/sh ./rsa_keygen_test 1024 r libica-4.0.1/test/rsa_keygen2048_test.sh000077500000000000000000000000431417716165400177720ustar00rootroot00000000000000#!/bin/sh ./rsa_keygen_test 2048 r libica-4.0.1/test/rsa_keygen3072_test.sh000077500000000000000000000000431417716165400177700ustar00rootroot00000000000000#!/bin/sh ./rsa_keygen_test 3072 r libica-4.0.1/test/rsa_keygen4096_test.sh000077500000000000000000000000431417716165400177770ustar00rootroot00000000000000#!/bin/sh ./rsa_keygen_test 4096 r libica-4.0.1/test/rsa_keygen_test.c000066400000000000000000000216371417716165400172750ustar00rootroot00000000000000#include #include #include #include #include #include #include #ifdef OPENSSL_FIPS #include #endif /* OPENSSL_FIPS */ #include "ica_api.h" #include "testcase.h" #define ZERO_PADDING 8 #define BITSTOBYTES(bits) (((bits)+7)/8) #define EXPO_TYPE_3 3 #define EXPO_TYPE_65537 65537 #define EXPO_TYPE_R 1 /* print error report after function return */ static void print_error_report(unsigned int rc_sv, int errno_sv, const char *func_name); extern int errno; int main(int argc, char **argv) { struct timeval start, end; unsigned int rc = 0, rc_test = 0, expo_type = 0, key_bit_length = 0; int argno_expo = 2, argno_key = 1; set_verbosity(argc, argv); /* first cmd line arg may be verbosity */ if (verbosity_ != 0) { argc--; argno_expo++; argno_key++; } if(argc < 3){ printf( "usage: %s [ (-v or -vv)] " " (57..4096) (3, 65537 or r [random])\n", argv[0]); return TEST_ERR; } if((0 == (key_bit_length=strtol(argv[argno_key], &argv[argno_key], 10))) || ('\0' != *argv[argno_key]) ){ printf( "error - possible values for" " are integers" " greater than 0.\n"); return TEST_ERR; } if(BITSTOBYTES(key_bit_length) < 8){ printf("error - must be at least 57.\n"); return TEST_ERR; } if(0 == (strcmp(argv[argno_expo], "3"))) expo_type = EXPO_TYPE_3; else if(0 == (strcmp(argv[argno_expo], "65537"))) expo_type = EXPO_TYPE_65537; else if(0 == (strcmp(argv[argno_expo], "r"))) expo_type = EXPO_TYPE_R; else { printf( "error - possible values for " " are 3, 65537 or r (random)\n"); return TEST_ERR; } unsigned char ciphertext[BITSTOBYTES(key_bit_length)], decrypted[BITSTOBYTES(key_bit_length)], plaintext[BITSTOBYTES(key_bit_length)]; memset(ciphertext, 0, (size_t) BITSTOBYTES(key_bit_length)); memset(decrypted, 0, (size_t) BITSTOBYTES(key_bit_length)); memset(plaintext, 0, (size_t) BITSTOBYTES(key_bit_length)); unsigned char modexpo_public_e[BITSTOBYTES(key_bit_length)]; memset(modexpo_public_e, 0, (size_t) BITSTOBYTES(key_bit_length)); unsigned char modexpo_public_n[BITSTOBYTES(key_bit_length)]; memset(modexpo_public_n, 0, (size_t) BITSTOBYTES(key_bit_length)); unsigned char crt_private_p[BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING]; memset(crt_private_p, 0, (size_t) (BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING)); unsigned char crt_private_q[BITSTOBYTES(key_bit_length) / 2 + 1]; memset(crt_private_q, 0, (size_t) (BITSTOBYTES(key_bit_length) / 2 + 1)); unsigned char crt_private_dp[BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING]; memset(crt_private_dp, 0, (size_t) (BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING)); unsigned char crt_private_dq[BITSTOBYTES(key_bit_length) / 2 + 1]; memset(crt_private_dq, 0, (size_t) (BITSTOBYTES(key_bit_length) / 2 + 1)); unsigned char crt_private_inv_q[BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING]; memset(crt_private_inv_q, 0, (size_t) (BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING)); ica_rsa_key_mod_expo_t modexpo_public_key = { .modulus = modexpo_public_n, .exponent = modexpo_public_e, .key_length = BITSTOBYTES(key_bit_length)}; ica_rsa_key_crt_t crt_private_key = { .p = crt_private_p, .q = crt_private_q, .dp = crt_private_dp, .dq = crt_private_dq, .qInverse = crt_private_inv_q, .key_length = BITSTOBYTES(key_bit_length)}; ica_adapter_handle_t adapter_handle = 0; V_(printf("[TEST RSA CRT]\n")); #ifdef NO_CPACF V_(printf("CPACF disabled, cannot create random plaintext, use static plaintext instead...\n")); memset(plaintext, 0x12, BITSTOBYTES(key_bit_length)); #else V_(printf("generate random plaintext...\n")); if((rc = ica_random_number_generate(BITSTOBYTES(key_bit_length) ,plaintext)) != 0){ ++rc_test; print_error_report(rc, errno, "ica_random_number_generate"); } #endif /* make sure that plaintext < modulus */ plaintext[0] = 0; VV_(printf("plaintext:\n")); dump_array(plaintext, BITSTOBYTES(key_bit_length)); if((rc = ica_open_adapter(&adapter_handle)) != 0){ ++rc_test; print_error_report(rc, errno, "ica_open_adapter"); } if(adapter_handle == DRIVER_NOT_LOADED) { V_(printf("adapter handle is %d\n", adapter_handle)); } switch(expo_type){ case EXPO_TYPE_3: *(unsigned long*)((unsigned char *)modexpo_public_key.exponent + modexpo_public_key.key_length - sizeof(unsigned long)) = (unsigned long) EXPO_TYPE_3; break; case EXPO_TYPE_65537: *(unsigned long*)((unsigned char *)modexpo_public_key.exponent + modexpo_public_key.key_length - sizeof(unsigned long)) = (unsigned long) EXPO_TYPE_65537; break; case EXPO_TYPE_R: /* .exponent element is not set here. * if .exponent element is not set, ica_rsa_generate_mod_expo * will randomly generate it */ break; default: printf( "error - unknown \n"); return TEST_ERR; } V_(printf("generate keys...\n")); gettimeofday(&start, NULL); if((rc = ica_rsa_key_generate_crt(adapter_handle, key_bit_length, &modexpo_public_key, &crt_private_key)) != 0){ ++rc_test; print_error_report(rc, errno, "ica_rsa_key_generate_crt"); } gettimeofday(&end, NULL); V_(printf("RSA CRT Key_gen with key length %d took: %06lu µs.\n", key_bit_length, (end.tv_sec * 1000000 + end.tv_usec) - (start.tv_sec * 1000000 + start.tv_usec))); VV_(printf("public key (e,n):\ne =\n")); dump_array(modexpo_public_key.exponent, BITSTOBYTES(key_bit_length)); VV_(printf("n =\n")); dump_array(modexpo_public_key.modulus, BITSTOBYTES(key_bit_length)); VV_(printf("private key (p,q,dp,dq,q^-1):\np =\n")); dump_array(crt_private_key.p, BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING); VV_(printf("q =\n")); dump_array(crt_private_key.q, BITSTOBYTES(key_bit_length) / 2 + 1); VV_(printf("dp =\n")); dump_array(crt_private_key.dp, BITSTOBYTES(key_bit_length) / 2 + 1 +ZERO_PADDING); VV_(printf("dq =\n")); dump_array(crt_private_key.dq, BITSTOBYTES(key_bit_length) / 2 + 1); VV_(printf("q^-1 =\n")); dump_array(crt_private_key.qInverse, BITSTOBYTES(key_bit_length) / 2 + 1 + ZERO_PADDING); V_(printf("encrypt...\n")); if((rc = ica_rsa_mod_expo(adapter_handle, plaintext, &modexpo_public_key, ciphertext)) != 0){ #ifndef NO_SW_FALLBACKS ++rc_test; print_error_report(rc, errno, "ica_rsa_mod_expo"); #else if (rc == ENODEV) { return TEST_SKIP; } else { ++rc_test; print_error_report(rc, errno, "ica_rsa_mod_expo"); } #endif } VV_(printf("ciphertext:\n")); dump_array(ciphertext, BITSTOBYTES(key_bit_length)); V_(printf("decrypt...\n")); if((rc = ica_rsa_crt(adapter_handle, ciphertext, &crt_private_key, decrypted)) != 0){ #ifndef NO_SW_FALLBACKS ++rc_test; print_error_report(rc, errno, "ica_rsa_crt"); #else if (rc == ENODEV) { return TEST_SKIP; } else { ++rc_test; print_error_report(rc, errno, "ica_rsa_crt"); } #endif } VV_(printf("result:\n")); dump_array(decrypted, BITSTOBYTES(key_bit_length)); if((rc = ica_close_adapter(adapter_handle)) != 0){ ++rc_test; print_error_report(rc, errno, "ica_close_adapter"); } V_(printf("compare ciphertext to plaintext...\n")); if(memcmp(plaintext,ciphertext,BITSTOBYTES(key_bit_length)) == 0) { V_(printf("FAILED\nerror - ciphertext equals plaintext.\n")); ++rc_test; } V_(printf("compare result to plaintext...\n")); if(memcmp(plaintext,decrypted,BITSTOBYTES(key_bit_length)) != 0) { V_(printf("FAILED\nerror - decryption result doesn't match plaintext.\n")); ++rc_test; } if(0 == rc_test) { printf("All RSA keygen (%u bit) tests passed.\n", key_bit_length); return TEST_SUCC; } else { printf("RSA keygen (%u) tests failed: %u errors.", key_bit_length, rc_test); #ifdef ICA_FIPS if (ica_fips_status()) { printf(" (Parameters might be non FIPS conformant.)"); #if OPENSSL_VERSION_NUMBER >= 0x30000000L if (rc_test != 0 && BITSTOBYTES(key_bit_length) <= 1024) { printf("\nOpenSSL 3.0 does not allow RSA <= 1024 in FIPS mode.\n"); return TEST_SKIP; } #endif } printf("\n"); #endif return TEST_FAIL; } } static void print_error_report(unsigned int rc_sv, int errno_sv, const char *func_name) { V_(printf("FAILED\nerror - %s returned %u: ", func_name, rc_sv)); switch (rc_sv) { case EFAULT: V_(printf("the message authentication failed.\n")); break; case EINVAL: V_(printf("incorrect parameter.\n")); break; case EIO: V_(printf("I/O error.\n")); break; case EPERM: V_(printf("operation not permitted by hardware (CPACF).\n")); break; case ENODEV: V_(printf("no such device.\n")); break; case ENOMEM: V_(printf("not enough memory.\n")); break; default: V_(printf("unknown return code. this shouldn't happen.\n")); } V_(printf("errno ")); if (0 == errno_sv){ V_(printf("not set.\n")); } else{ V_(printf("set to %d: %s.\n", errno_sv, strerror(errno_sv))); } } libica-4.0.1/test/rsa_keygen_test.sh000077500000000000000000000001561417716165400174610ustar00rootroot00000000000000#!/bin/sh ./rsa_keygen_test 1024 r ./rsa_keygen_test 2048 r ./rsa_keygen_test 3072 r ./rsa_keygen_test 4096 r libica-4.0.1/test/rsa_test.c000066400000000000000000000063431417716165400157300ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2001, 2015 */ #include #include #include #include #include #include #include "ica_api.h" #include #include "rsa_test.h" #include "testcase.h" extern int errno; static int handle_ica_error(int rc, char *message) { V_(printf("Error in %s: ", message)); switch (rc) { case 0: V_(printf("OK\n")); break; case EINVAL: V_(printf("Incorrect parameter.\n")); break; case EPERM: V_(printf("Operation not permitted by Hardware.\n")); break; case EIO: V_(printf("I/O error.\n")); break; default: V_(perror("")); } return TEST_FAIL; } int main(int argc, char **argv) { ica_adapter_handle_t adapter_handle; unsigned char my_result[RESULT_LENGTH]; unsigned char my_result2[RESULT_LENGTH]; int i, rc; struct timeval start,end; set_verbosity(argc, argv); rc = ica_open_adapter(&adapter_handle); if (rc != 0) { V_(printf("ica_open_adapter failed and returned %d (0x%x).\n", rc, rc)); } /* Iterate over key sizes (1024, 2048 and 4096) */ for (i = 0; i < 6; i++) { /* encrypt with public key (ME) */ V_(printf("\nmodulus size = %d\n", RSA_BYTE_LENGHT[i])); memset(my_result, 0, sizeof(my_result)); memset(my_result2, 0, sizeof(my_result2)); ica_rsa_key_mod_expo_t mod_expo_key = {RSA_BYTE_LENGHT[i], n[i], e[i]}; rc = ica_rsa_mod_expo(adapter_handle, input_data, &mod_expo_key, my_result); if (rc) #ifndef NO_SW_FALLBACKS exit(handle_ica_error(rc, "ica_rsa_key_mod_expo")); #else rc == ENODEV ? exit(TEST_SKIP) : exit(handle_ica_error(rc, "ica_rsa_key_mod_expo")); #endif VV_(printf("result of encrypt with public key\n")); dump_array(my_result, RSA_BYTE_LENGHT[i]); VV_(printf("Ciphertext \n")); dump_array(ciphertext[i], RSA_BYTE_LENGHT[i]); if (memcmp(my_result, ciphertext[i], RSA_BYTE_LENGHT[i])){ printf("Ciphertext mismatch\n"); return TEST_FAIL; } /* decrypt with private key (CRT) */ ica_rsa_key_crt_t crt_key = {RSA_BYTE_LENGHT[i], p[i], q[i], dp[i], dq[i], qinv[i]}; gettimeofday(&start, NULL); rc = ica_rsa_crt(adapter_handle, ciphertext[i], &crt_key, my_result2); if(rc) #ifndef NO_SW_FALLBACKS exit(handle_ica_error(rc, "ica_rsa_crt")); #else rc == ENODEV ? exit(TEST_SKIP) : exit(handle_ica_error(rc, "ica_rsa_crt")); #endif gettimeofday(&end, NULL); V_(printf("RSA decrypt with key[%d] (l=%d) took %06lu µs.\n", i, RSA_BYTE_LENGHT[i], (end.tv_sec * 1000000 + end.tv_usec) - (start.tv_sec*1000000+start.tv_usec))); VV_(printf("Result of decrypt\n")); dump_array((unsigned char *)my_result2, RSA_BYTE_LENGHT[i]); VV_(printf("original data\n")); dump_array(input_data, RSA_BYTE_LENGHT[i]); if (memcmp(input_data, my_result2, RSA_BYTE_LENGHT[i]) != 0) { printf("Results do not match. Failure!\n"); return TEST_FAIL; } } rc = ica_close_adapter(adapter_handle); if (rc != 0) { printf("ica_close_adapter failed and returned %d (0x%x).\n", rc, rc); return TEST_FAIL; } printf("All RSA tests passed.\n"); return TEST_SUCC; } libica-4.0.1/test/rsa_test.h000066400000000000000000004446071417716165400157460ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2001, 2015 */ #define RESULT_LENGTH 4096 static const int RSA_BYTE_LENGHT[] = {128, 256, 512, 128, 256, 512}; static unsigned char e[6][512] = /* 1024,[p>q] */{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03}, /* 1024,[pq] */{{0xec, 0x51, 0xab, 0xa1, 0xf8, 0x40, 0x2c, 0x08, 0x2e, 0x24, 0x52, 0x2e, 0x3c, 0x51, 0x6d, 0x98, 0xad, 0xee, 0xc7, 0x7d, 0x00, 0xaf, 0xe1, 0xa8, 0x61, 0xda, 0x32, 0x97, 0xb4, 0x32, 0x97, 0xe3, 0x52, 0xda, 0x28, 0x45, 0x55, 0xc6, 0xb2, 0x46, 0x65, 0x1b, 0x02, 0xcb, 0xbe, 0xf4, 0x2c, 0x6b, 0x2a, 0x5f, 0xe1, 0xdf, 0xe9, 0xe3, 0xbc, 0x47, 0xb7, 0x38, 0xb5, 0xa2, 0x78, 0x9d, 0x15, 0xe2, 0x59, 0x81, 0x77, 0x6b, 0x6b, 0x2e, 0xa9, 0xdb, 0x13, 0x26, 0x9c, 0xca, 0x5e, 0x0a, 0x1f, 0x3c, 0x50, 0x9d, 0xd6, 0x79, 0x59, 0x99, 0x50, 0xe5, 0x68, 0x1a, 0x98, 0xca, 0x11, 0xce, 0x37, 0x63, 0x58, 0x22, 0x40, 0x19, 0x29, 0x72, 0x4c, 0x41, 0x89, 0x0b, 0x56, 0x9e, 0x3e, 0xd5, 0x6d, 0x75, 0x9e, 0x3f, 0x8a, 0x50, 0xf1, 0x0a, 0x59, 0x4a, 0xc3, 0x59, 0x4b, 0xf6, 0xbb, 0xc9, 0xa5, 0x93, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0xdf, 0x27, 0x1f, 0xd2, 0x5f, 0x86, 0x44, 0x49, 0x6b, 0x0c, 0x81, 0xbe, 0x4b, 0xd5, 0x02, 0x97, 0xef, 0x09, 0x9b, 0x00, 0x2a, 0x6f, 0xd6, 0x77, 0x27, 0xeb, 0x44, 0x9c, 0xea, 0x56, 0x6e, 0xd6, 0xa3, 0x98, 0x1a, 0x71, 0x31, 0x2a, 0x14, 0x1c, 0xab, 0xc9, 0x81, 0x5c, 0x12, 0x09, 0xe3, 0x20, 0xa2, 0x5b, 0x32, 0x46, 0x4e, 0x99, 0x99, 0xf1, 0x8c, 0xa1, 0x3a, 0x9f, 0xd3, 0x89, 0x25, 0x58, 0xf9, 0xe0, 0xad, 0xef, 0xdd, 0x36, 0x50, 0xdd, 0x23, 0xa3, 0xf0, 0x36, 0xd6, 0x0f, 0xe3, 0x98, 0x84, 0x37, 0x06, 0xa4, 0x0b, 0x0b, 0x84, 0x62, 0xc8, 0xbe, 0xe3, 0xbc, 0xe1, 0x2f, 0x1f, 0x28, 0x60, 0xc2, 0x44, 0x4c, 0xdc, 0x6a, 0x44, 0x47, 0x6a, 0x75, 0xff, 0x4a, 0xa2, 0x42, 0x73, 0xcc, 0xbe, 0x3b, 0xf8, 0x02, 0x48, 0x46, 0x5f, 0x8f, 0xf8, 0xc3, 0xa7, 0xf3, 0x36, 0x7d, 0xfc, 0x0d, 0xf5, 0xb6, 0x50, 0x9a, 0x4f, 0x82, 0x81, 0x1c, 0xed, 0xd8, 0x1c, 0xda, 0xaa, 0x73, 0xc4, 0x91, 0xda, 0x41, 0x21, 0x70, 0xd5, 0x44, 0xd4, 0xba, 0x96, 0xb9, 0x7f, 0x0a, 0xfc, 0x80, 0x65, 0x49, 0x8d, 0x3a, 0x49, 0xfd, 0x91, 0x09, 0x92, 0xa1, 0xf0, 0x72, 0x5b, 0xe2, 0x4f, 0x46, 0x5c, 0xfe, 0x7e, 0x0e, 0xab, 0xf6, 0x78, 0x99, 0x6c, 0x50, 0xbc, 0x5e, 0x75, 0x24, 0xab, 0xf7, 0x3f, 0x15, 0xe5, 0xbe, 0xf7, 0xd5, 0x18, 0x39, 0x4e, 0x31, 0x38, 0xce, 0x49, 0x44, 0x50, 0x6a, 0xaa, 0xaf, 0x3f, 0x9b, 0x23, 0x6d, 0xca, 0xb8, 0xfc, 0x00, 0xf8, 0x7a, 0xf5, 0x96, 0xfd, 0xc3, 0xd9, 0xd6, 0xc7, 0x5c, 0xd5, 0x08, 0x36, 0x2f, 0xae, 0x2c, 0xbe, 0xdd, 0xcc, 0x4c, 0x74, 0x50, 0xb1, 0x7b, 0x77, 0x6c, 0x07, 0x9e, 0xcc, 0xa1, 0xf2, 0x56, 0x35, 0x1a, 0x43, 0xb9, 0x7d, 0xbe, 0x21, 0x53, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0xce, 0xb2, 0x27, 0xcb, 0xd8, 0x0c, 0xc7, 0xfc, 0x52, 0xf5, 0xec, 0xfd, 0xcb, 0x87, 0xa8, 0xaa, 0xba, 0xf3, 0x3b, 0xfd, 0xc1, 0x9a, 0x76, 0x20, 0x8f, 0xeb, 0x22, 0xd7, 0x0c, 0x6e, 0x37, 0x6c, 0xec, 0xa2, 0x98, 0xa1, 0xc0, 0xa6, 0xe6, 0xb1, 0xf7, 0xdc, 0x54, 0x7b, 0x91, 0xf0, 0x9f, 0x39, 0xbc, 0x01, 0xc0, 0x25, 0x7a, 0xcf, 0x61, 0x13, 0xa7, 0xb8, 0x12, 0xf8, 0x4a, 0x7a, 0x7e, 0xb8, 0x3f, 0x2a, 0x40, 0xb5, 0x2a, 0x5b, 0x94, 0xfd, 0x34, 0x19, 0x91, 0xe6, 0x5f, 0x23, 0xb4, 0x07, 0x99, 0x79, 0xd0, 0xf6, 0x22, 0xc7, 0x90, 0x88, 0xfd, 0xef, 0xdb, 0x4f, 0x8a, 0x00, 0xb5, 0x7d, 0xba, 0xc9, 0x14, 0x06, 0xb8, 0xa8, 0x18, 0x8f, 0x52, 0xa3, 0x89, 0x9e, 0xaf, 0xe5, 0x9f, 0x38, 0xac, 0x21, 0x03, 0x0c, 0xa3, 0x76, 0xfb, 0xd3, 0x09, 0x75, 0xc6, 0x36, 0x1d, 0x86, 0x1d, 0x18, 0xbf, 0x5c, 0xe9, 0xdd, 0x21, 0x80, 0x6d, 0xa6, 0xca, 0xf8, 0x7b, 0x91, 0xa0, 0xa8, 0x42, 0x42, 0x0c, 0x91, 0x25, 0xf0, 0xed, 0x46, 0x08, 0xf0, 0xa0, 0x2f, 0xf2, 0x8d, 0x73, 0x53, 0x27, 0x63, 0xca, 0x83, 0xe3, 0x80, 0xc0, 0xf0, 0x8f, 0x9d, 0x8e, 0x45, 0x82, 0xc5, 0xe9, 0x9f, 0x48, 0xf9, 0xec, 0x61, 0xe9, 0x7b, 0x47, 0xfd, 0xeb, 0xe5, 0x01, 0x1b, 0xc5, 0x89, 0xf1, 0xbc, 0x3a, 0xc4, 0x29, 0xc8, 0x2d, 0xb1, 0x85, 0x9b, 0x92, 0x4a, 0x5a, 0xcb, 0x85, 0xe2, 0x7b, 0x15, 0x6f, 0xc2, 0x62, 0xb9, 0x8c, 0x52, 0xa4, 0x13, 0x75, 0x47, 0xfd, 0x6b, 0x0f, 0x59, 0xff, 0x7c, 0xdc, 0xda, 0x09, 0xb8, 0x55, 0x2d, 0x63, 0x52, 0x6e, 0xff, 0xaf, 0x8d, 0xb7, 0x6b, 0x80, 0x6f, 0x04, 0xe4, 0x78, 0x73, 0x93, 0x87, 0x5d, 0xda, 0xd2, 0xc9, 0xe5, 0x6f, 0x0b, 0xee, 0x4e, 0x86, 0x4f, 0xf4, 0xd2, 0x3c, 0xf5, 0x21, 0x84, 0x7c, 0x7d, 0xb0, 0x10, 0xee, 0x98, 0x7d, 0x66, 0x32, 0x19, 0xdc, 0xd7, 0xf0, 0x61, 0x1c, 0xfa, 0x31, 0x14, 0x3f, 0x17, 0xe8, 0xe0, 0xa5, 0xae, 0xb0, 0x8e, 0xcb, 0xa6, 0x73, 0xfa, 0x32, 0xa6, 0xd5, 0x33, 0x22, 0xc0, 0x3e, 0x4e, 0xc6, 0x5e, 0x9f, 0x7f, 0xcf, 0xa8, 0x0d, 0x26, 0xd7, 0xee, 0xfc, 0x97, 0xbb, 0xe2, 0x9a, 0xe2, 0x94, 0x82, 0xc9, 0x89, 0xcf, 0xb8, 0x5d, 0x60, 0x93, 0x10, 0xa1, 0x51, 0x43, 0x89, 0xba, 0x76, 0x84, 0x72, 0x2d, 0x91, 0x49, 0xac, 0xd8, 0xeb, 0xa8, 0xa0, 0x0b, 0xed, 0xef, 0x04, 0x7e, 0x8e, 0x85, 0x88, 0xc3, 0x53, 0x84, 0x2e, 0xea, 0x85, 0xd3, 0x8b, 0x5c, 0xe5, 0xba, 0xab, 0x04, 0xe8, 0xbd, 0xf1, 0x6e, 0x77, 0xbf, 0x40, 0xe8, 0x9c, 0x70, 0xc0, 0xe0, 0x0b, 0x95, 0x0f, 0x40, 0xfb, 0xd8, 0x37, 0x44, 0xf7, 0xfe, 0x38, 0x51, 0x9c, 0x92, 0xfb, 0xc4, 0x65, 0xb5, 0xda, 0xd7, 0xc7, 0x1c, 0xad, 0xb2, 0xe2, 0x5f, 0x22, 0x3e, 0xae, 0x74, 0xd6, 0x77, 0x32, 0xbe, 0x77, 0x42, 0x3d, 0x85, 0x71, 0x3a, 0xa0, 0xfd, 0x31, 0x6f, 0x4e, 0x0b, 0xd5, 0x04, 0x57, 0xb0, 0xb2, 0x2a, 0x54, 0xfa, 0x8e, 0x29, 0x23, 0x8a, 0x66, 0x59, 0x25, 0x1f, 0x0c, 0x68, 0x01, 0x0a, 0x6e, 0xaf, 0x8e, 0xb8, 0xd3, 0xcd, 0x79, 0x9f, 0xb6, 0x58, 0x16, 0x0b, 0x0a, 0x48, 0x16, 0xf1, 0x1c, 0x09, 0x80, 0x38, 0xcb, 0xe9, 0x8e, 0xf3, 0xb6, 0x5b, 0x4c, 0x56, 0x2d, 0x91, 0x52, 0x50, 0x1f, 0xfb, 0x41, 0xd5, 0xb3, 0x6e, 0x94, 0x27, 0x48, 0xd4, 0xfa, 0xaa, 0xac, 0x01, 0x27, 0x34, 0x02, 0x5c, 0xfc, 0xa0, 0xa9, 0x78, 0xeb, 0x5c, 0x09, 0xeb, 0x24, 0x9e, 0x38, 0x69, 0xea, 0xfd, 0x3b, 0x56, 0xa8, 0x73, 0x1d, 0x5b, 0x59, 0x07}, /* 1024,[pq] */{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa7, 0xcf, 0xa2, 0x18, 0x2c, 0xa9, 0xb4, 0xb9, 0xf5, 0x9e, 0xc9, 0x04, 0x16, 0xd9, 0xa6, 0x8b, 0x90, 0x4a, 0x19, 0x6d, 0x64, 0xb7, 0x17, 0x67, 0x53, 0xfa, 0x4e, 0x8d, 0xde, 0xa6, 0x94, 0x32, 0x5d, 0xcf, 0x58, 0x3e, 0x90, 0xbb, 0x30, 0x19, 0x96, 0x38, 0x95, 0xb6, 0xca, 0x2f, 0xfa, 0x22, 0x81, 0x65, 0x3b, 0x3c, 0x95, 0x9e, 0x79, 0x75, 0xe4, 0x93, 0x50, 0xf1, 0x88, 0x6b, 0xc1, 0x87, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xed, 0x10, 0x2a, 0xcd, 0xb2, 0x68, 0x71, 0x53, 0x4d, 0x1c, 0x41, 0x4e, 0xca, 0xd9, 0xa4, 0xd7, 0x32, 0xfe, 0x95, 0xb1, 0x0e, 0xea, 0x37, 0x0d, 0xa6, 0x2f, 0x05, 0xde, 0x2c, 0x39, 0x3b, 0x1a, 0x63, 0x33, 0x03, 0xea, 0x74, 0x1b, 0x6b, 0x32, 0x69, 0xc9, 0x7f, 0x70, 0x4b, 0x35, 0x27, 0x02, 0xc9, 0xae, 0x79, 0x92, 0x2f, 0x7b, 0xe8, 0xd1, 0x0d, 0xb6, 0x7f, 0x02, 0x6a, 0x81, 0x45, 0xde, 0x41, 0xb3, 0x0c, 0x0a, 0x42, 0xbf, 0x92, 0x3b, 0xac, 0x5f, 0x75, 0x04, 0xc2, 0x48, 0x60, 0x4b, 0x9f, 0xaa, 0x57, 0xed, 0x6b, 0x32, 0x46, 0xc6, 0xba, 0x15, 0x8e, 0x36, 0xc6, 0x44, 0xf8, 0xb9, 0x54, 0x8f, 0xcf, 0x4f, 0x07, 0xe0, 0x54, 0xa5, 0x6f, 0x76, 0x86, 0x74, 0x05, 0x44, 0x40, 0xbc, 0x0d, 0xcb, 0xbc, 0x9b, 0x52, 0x8f, 0x64, 0xa0, 0x17, 0x06, 0xe0, 0x5b, 0x0b, 0x91, 0x10, 0x6f, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x9c, 0x30, 0x60, 0xcf, 0xaa, 0xed, 0x64, 0xa0, 0xe2, 0xa4, 0x24, 0x0d, 0x59, 0x5f, 0x1b, 0xda, 0x92, 0x6e, 0xc1, 0xb6, 0x77, 0x25, 0x26, 0x93, 0xbc, 0x00, 0xba, 0xc9, 0x1c, 0x22, 0xb4, 0x91, 0x31, 0x92, 0xa9, 0x97, 0xf2, 0xac, 0x68, 0x92, 0x60, 0xca, 0x56, 0xc4, 0xb7, 0xc2, 0x97, 0x7b, 0x5a, 0x2c, 0x99, 0x73, 0xf1, 0x20, 0x7a, 0xe4, 0xa3, 0xe5, 0x9a, 0x45, 0x5f, 0xd7, 0x65, 0x62, 0xbf, 0x85, 0xa1, 0x48, 0xbb, 0x6a, 0xfd, 0xd8, 0x7a, 0xa5, 0x5f, 0x7b, 0xcf, 0xf7, 0x30, 0x2e, 0x52, 0x61, 0x13, 0x81, 0x63, 0x73, 0x85, 0xcb, 0x60, 0xdb, 0x57, 0xb2, 0xfc, 0x55, 0x6a, 0xee, 0x97, 0xf4, 0x0c, 0x76, 0xd7, 0x57, 0xe1, 0x95, 0xd4, 0x02, 0xc7, 0x3f, 0x8c, 0x5f, 0xe3, 0x83, 0x78, 0x58, 0x5e, 0x34, 0x59, 0xfa, 0x64, 0xc8, 0x26, 0x3e, 0xf3, 0x5e, 0x06, 0x96, 0xd0, 0x63, 0xaa, 0x6b, 0xf0, 0x3f, 0x3c, 0x7b, 0xd9, 0x98, 0x0c, 0x97, 0x49, 0xe4, 0x10, 0x5a, 0x6d, 0x57, 0x46, 0x61, 0xd1, 0x78, 0x35, 0x06, 0xf0, 0x5a, 0x68, 0xe1, 0xdd, 0xac, 0x3a, 0x95, 0xfb, 0x4f, 0xd9, 0x46, 0x6b, 0x98, 0x55, 0x6e, 0x4b, 0x39, 0x9f, 0xbb, 0x05, 0x49, 0xbf, 0x53, 0x93, 0xd4, 0x39, 0xcd, 0xed, 0xa2, 0xe9, 0x02, 0x81, 0xd3, 0x69, 0x08, 0x02, 0x7c, 0xa8, 0xc1, 0xd5, 0xa1, 0x58, 0xe3, 0x81, 0xea, 0x8b, 0xd2, 0x23, 0x4c, 0x1c, 0x99, 0x4d, 0x81, 0x8d, 0x82, 0x1e, 0x85, 0xf7, 0xa9, 0xf8, 0xe6, 0x53, 0x8e, 0x85, 0xcb, 0x79, 0xbb, 0x89, 0x49, 0xce, 0x3c, 0x18, 0x5d, 0xa4, 0x3c, 0x8c, 0x13, 0x7c, 0xe2, 0xc6, 0x97, 0xf0, 0xbe, 0xfa, 0xb6, 0x87, 0xbe, 0xc0, 0xed, 0x70, 0x39, 0x8e, 0x0b, 0x23, 0xb9, 0x51, 0x83, 0x38, 0xc8, 0x37, 0x3e, 0x38, 0x7a, 0x82, 0xfb}, /* 1024,[pq] */{{0xa0, 0x3a, 0x18, 0xa4, 0x1c, 0x3c, 0x49, 0x09, 0xd0, 0x84, 0x4a, 0x8c, 0x7c, 0xce, 0xdf, 0x9e, 0x90, 0x7d, 0xc4, 0xca, 0x7e, 0x2d, 0x3d, 0xbc, 0x09, 0x71, 0x79, 0xd0, 0xc0, 0xae, 0xa6, 0xc1, 0x9d, 0xf0, 0x16, 0xf0, 0x1f, 0x68, 0x9a, 0xc5, 0x2b, 0xf3, 0x5a, 0xfc, 0x2c, 0xf5, 0xa7, 0xec, 0xd9, 0xa2, 0xac, 0x49, 0xcc, 0x76, 0x9c, 0xd8, 0x4c, 0x59, 0x5e, 0x38, 0xd2, 0x85, 0xd3, 0x3b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0x68, 0x27, 0x92, 0x4a, 0x85, 0xe8, 0x8b, 0x55, 0xba, 0x00, 0xf8, 0x21, 0x91, 0x28, 0xbd, 0x37, 0x24, 0xc6, 0xb7, 0xd1, 0xdf, 0xe5, 0x62, 0x9e, 0xf1, 0x97, 0x92, 0x5f, 0xec, 0xaf, 0xf5, 0xed, 0xb9, 0xcd, 0xf3, 0xa7, 0xbe, 0xfd, 0x8e, 0xa2, 0xe8, 0xdd, 0x37, 0x07, 0x13, 0x8b, 0x3f, 0xf8, 0x7c, 0x3c, 0x39, 0xc5, 0x7f, 0x43, 0x9e, 0x56, 0x2e, 0x2a, 0xa8, 0x05, 0xa3, 0x9d, 0x7c, 0xd7, 0x99, 0x66, 0xd2, 0xec, 0xe7, 0x84, 0x5f, 0x1d, 0xbc, 0x16, 0xbe, 0xe9, 0x99, 0x99, 0xe4, 0xd0, 0xbf, 0x9e, 0xec, 0xa4, 0x5f, 0xcd, 0xa8, 0xa8, 0x50, 0x00, 0x35, 0xfe, 0x6b, 0x5f, 0x03, 0xbc, 0x2f, 0x6d, 0x1b, 0xfc, 0x4d, 0x4d, 0x0a, 0x37, 0x23, 0x96, 0x1a, 0xf0, 0xcd, 0xce, 0x4a, 0x01, 0xee, 0xc8, 0x2d, 0x7f, 0x54, 0x58, 0xec, 0x19, 0xe7, 0x1b, 0x90, 0xee, 0xef, 0x7d, 0xff, 0x61, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0x96, 0x91, 0xf7, 0x52, 0x11, 0xdc, 0x4a, 0x26, 0xf8, 0x51, 0xa6, 0x1a, 0x75, 0xd1, 0xbe, 0x32, 0xe9, 0x34, 0x39, 0x1f, 0xb3, 0x05, 0x58, 0x35, 0xaa, 0x51, 0xf6, 0x53, 0x1e, 0xa5, 0x5f, 0x38, 0x02, 0xa8, 0xdb, 0xa5, 0x58, 0xfc, 0x95, 0x21, 0xa3, 0x6a, 0x1c, 0x4e, 0xd5, 0x64, 0x1a, 0x94, 0xeb, 0xfb, 0xca, 0x56, 0x6e, 0xfc, 0xd7, 0xb1, 0x82, 0x95, 0x8a, 0x8c, 0x17, 0xbd, 0x24, 0xd9, 0xfd, 0xc9, 0x22, 0x3d, 0x52, 0x90, 0x44, 0xf6, 0xfc, 0xb5, 0x63, 0xca, 0xc9, 0x6f, 0x9b, 0xbd, 0x1d, 0x98, 0xe7, 0xe2, 0x5c, 0x5c, 0x89, 0x2f, 0xdd, 0x54, 0x18, 0x78, 0xdb, 0x12, 0xf5, 0xef, 0xfe, 0x4e, 0x1b, 0x9e, 0xaa, 0x3e, 0x77, 0x36, 0x8e, 0xa9, 0x46, 0xb3, 0xa2, 0x45, 0x3c, 0xa4, 0xb3, 0xc4, 0xf1, 0x82, 0xcc, 0x49, 0x6b, 0xaa, 0xf6, 0x41, 0x1d, 0xa0, 0x12, 0x29, 0xfc, 0xcc, 0xbf, 0xf4, 0xd3, 0x90, 0xe5, 0x3e, 0x77, 0x86, 0x35, 0xe6, 0x76, 0xcd, 0x0c, 0xaa, 0x8c, 0xae, 0xe1, 0x07, 0x7a, 0xd3, 0xd4, 0x5c, 0xa4, 0x46, 0xa0, 0x46, 0xb9, 0x04, 0x08, 0x5d, 0xce, 0xc7, 0x78, 0x04, 0x48, 0xde, 0x46, 0xfc, 0x6f, 0xa0, 0xcf, 0x2c, 0x91, 0x87, 0xed, 0xb8, 0x51, 0xd7, 0xb8, 0x0d, 0x88, 0xa3, 0xf2, 0x92, 0xdf, 0x6c, 0x0e, 0x54, 0x84, 0xc0, 0x39, 0xf4, 0xf0, 0xa3, 0x94, 0x42, 0xdd, 0xcb, 0x4d, 0xef, 0x74, 0x37, 0x33, 0xc8, 0x96, 0x01, 0xa3, 0xda, 0x12, 0xdf, 0x33, 0xf5, 0x58, 0x80, 0xc2, 0xdc, 0x8b, 0xcb, 0x40, 0x7d, 0x78, 0xbb, 0x3e, 0x40, 0xa3, 0xbe, 0xd2, 0x94, 0x34, 0xa0, 0x47, 0xd3, 0x3c, 0x62, 0x65, 0x92, 0x5c, 0xdd, 0x3c, 0xa8, 0x4f, 0xc6, 0x05, 0xa7, 0x26, 0x91, 0xd6, 0xf7, 0x8b, 0x41, 0xf3, 0x52, 0x08, 0x3d, 0x95, 0x6e, 0x70, 0xff}, /* 1024,[pq] */{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfb, 0xb7, 0x73, 0x24, 0x42, 0xfe, 0x8f, 0x16, 0xf0, 0x6e, 0x2d, 0x86, 0x22, 0x46, 0x79, 0xd1, 0x58, 0x6f, 0x26, 0x24, 0x17, 0x12, 0xa3, 0x1a, 0xfd, 0xf7, 0x75, 0xd4, 0xcd, 0xf9, 0xde, 0x4b, 0x8c, 0xb7, 0x04, 0x5d, 0xd9, 0x18, 0xc8, 0x26, 0x61, 0x54, 0xe0, 0x92, 0x2f, 0x47, 0xf7, 0x33, 0xc2, 0x17, 0xd8, 0xda, 0xe0, 0x6d, 0xb6, 0x30, 0xd6, 0xdc, 0xf9, 0x6a, 0x4c, 0xa1, 0xa2, 0x4b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf4, 0x4f, 0x5e, 0x42, 0x46, 0x39, 0x1f, 0x48, 0x2b, 0x2f, 0x52, 0x96, 0xe3, 0x60, 0x2e, 0xb3, 0x4a, 0xa1, 0x36, 0x42, 0x77, 0x10, 0xf7, 0xc0, 0x41, 0x6d, 0x40, 0x3f, 0xd6, 0x9d, 0x4b, 0x29, 0x13, 0x0c, 0xfe, 0xbe, 0xf3, 0x4e, 0x88, 0x5a, 0xbd, 0xb1, 0xa8, 0xa0, 0xa5, 0xf0, 0xe9, 0xb5, 0xc3, 0x3e, 0x1f, 0xc3, 0xbf, 0xc2, 0x85, 0xb1, 0xae, 0x17, 0xe4, 0x0c, 0xc6, 0x7a, 0x19, 0x13, 0xdd, 0x56, 0x37, 0x19, 0x81, 0x5e, 0xba, 0xf8, 0x51, 0x4c, 0x2a, 0x7a, 0xa0, 0x01, 0x8e, 0x63, 0xb6, 0xc6, 0x31, 0xdc, 0x31, 0x5a, 0x46, 0x23, 0x57, 0x16, 0x42, 0x3d, 0x11, 0xff, 0x58, 0x03, 0x4e, 0x61, 0x06, 0x45, 0x70, 0x36, 0x06, 0x91, 0x9f, 0x5c, 0x7c, 0xe2, 0x66, 0x0c, 0xd1, 0x48, 0xbd, 0x9e, 0xfc, 0x12, 0x3d, 0x9c, 0x54, 0xb6, 0x70, 0x55, 0x90, 0xd0, 0x06, 0xcf, 0xcf, 0x3f, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xea, 0x48, 0x91, 0x37, 0x80, 0x64, 0x16, 0xf1, 0x53, 0xf6, 0x36, 0x14, 0x06, 0x0e, 0xa9, 0xc7, 0xdb, 0xa6, 0x22, 0x91, 0xb2, 0xb7, 0xb9, 0xdd, 0x9a, 0x01, 0x18, 0x2d, 0xaa, 0x34, 0x0e, 0xd9, 0xca, 0x5b, 0xfe, 0x63, 0xec, 0x02, 0x9c, 0xdb, 0x91, 0x2f, 0x82, 0x27, 0x13, 0xa3, 0xe3, 0x39, 0x07, 0x42, 0xe6, 0x2d, 0xe9, 0xb0, 0xb8, 0x56, 0xf5, 0xd8, 0x67, 0x68, 0x0f, 0xc3, 0x18, 0x14, 0x1f, 0x48, 0x71, 0xed, 0x19, 0x20, 0x7c, 0xc4, 0xb7, 0xf8, 0x0f, 0x39, 0xb7, 0xf2, 0xc8, 0x45, 0x7b, 0x91, 0x9d, 0x42, 0x15, 0x2d, 0x48, 0xb1, 0x11, 0x49, 0x03, 0x8c, 0x7a, 0x80, 0x20, 0x65, 0xe3, 0xee, 0x12, 0xb2, 0x43, 0x03, 0xd2, 0x60, 0xbe, 0x04, 0x2a, 0xdf, 0x52, 0x8f, 0xd5, 0x45, 0x34, 0x84, 0x8d, 0x4e, 0x86, 0xf7, 0x97, 0x2c, 0x39, 0x5e, 0x6d, 0x0d, 0x09, 0xe2, 0x38, 0x95, 0x7f, 0xa1, 0xe8, 0x5e, 0xda, 0xb9, 0xc6, 0x64, 0x12, 0xe2, 0xee, 0xd6, 0x18, 0x87, 0xa4, 0x02, 0xe9, 0x92, 0xba, 0x34, 0x4f, 0x8a, 0x68, 0x87, 0x9d, 0x52, 0xcc, 0x82, 0x57, 0xe0, 0xf8, 0xf7, 0xc5, 0xe9, 0xa1, 0x64, 0x80, 0x25, 0x70, 0xd6, 0x6f, 0x98, 0x87, 0xee, 0x9e, 0xfd, 0x5d, 0xbe, 0x56, 0xb4, 0xe4, 0x74, 0x5d, 0x83, 0xc2, 0xbd, 0x1d, 0x8c, 0x03, 0xba, 0xfd, 0x22, 0xc0, 0x72, 0x05, 0x55, 0x42, 0xdf, 0xd1, 0xbb, 0x34, 0xf2, 0x2a, 0xe5, 0xf4, 0x42, 0x54, 0x43, 0x2d, 0xc8, 0xf3, 0x7e, 0xf5, 0x59, 0x7d, 0x55, 0xc8, 0xb1, 0x36, 0x99, 0x4d, 0xee, 0xb5, 0x5a, 0x24, 0x8c, 0x76, 0x5a, 0xd2, 0x1d, 0x3b, 0x54, 0x29, 0xe3, 0xe9, 0x1e, 0x78, 0x11, 0xcb, 0x9e, 0x21, 0x64, 0x28, 0x56, 0x55, 0x10, 0xb5, 0x95, 0xfa, 0x44, 0xd5, 0x2c, 0x52, 0xdd, 0x54, 0xb7, 0xc4, 0x79}, /* 1024,[pq] */{{0xf0, 0x57, 0x24, 0xf6, 0x2a, 0x5a, 0x6d, 0x8e, 0xb8, 0xc6, 0x6f, 0xd2, 0xbb, 0x36, 0x4f, 0x6d, 0xd8, 0xbc, 0xa7, 0x2f, 0xbd, 0x43, 0xdc, 0x9a, 0x0e, 0x2a, 0x36, 0xb9, 0x21, 0x05, 0xfa, 0x22, 0x6c, 0xe8, 0x22, 0x68, 0x2f, 0x1c, 0xe8, 0x27, 0xc1, 0xed, 0x08, 0x7a, 0x43, 0x70, 0x7b, 0xe3, 0x46, 0x74, 0x02, 0x6e, 0xb2, 0xb1, 0xeb, 0x44, 0x72, 0x86, 0x0d, 0x55, 0x3b, 0xc8, 0xbc, 0xd9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0xe9, 0xd4, 0x98, 0x41, 0xe0, 0xe0, 0xa6, 0xad, 0x0d, 0x51, 0x78, 0x57, 0x13, 0x3e, 0x36, 0xdc, 0x72, 0xc1, 0xbd, 0xd9, 0x0f, 0x91, 0x74, 0xb5, 0x2e, 0x26, 0x57, 0x0f, 0x37, 0x36, 0x40, 0xf1, 0xc1, 0x85, 0xe7, 0xea, 0x8e, 0x2e, 0xd7, 0xf1, 0xe4, 0xeb, 0xb9, 0x51, 0xf7, 0x0a, 0x58, 0x02, 0x36, 0x33, 0xb0, 0x09, 0x7a, 0xec, 0x67, 0xc6, 0xdc, 0xb8, 0x00, 0xfc, 0x1a, 0x67, 0xf9, 0xbb, 0x05, 0x63, 0x61, 0x0f, 0x08, 0xeb, 0xc8, 0x74, 0x6a, 0xd1, 0x29, 0x77, 0x21, 0x36, 0xeb, 0x1d, 0xda, 0xf4, 0x64, 0x36, 0x45, 0x0d, 0x31, 0x83, 0x32, 0xa8, 0x49, 0x82, 0xfe, 0x5d, 0x28, 0xdb, 0xe5, 0xb3, 0xe9, 0x12, 0x40, 0x7c, 0x3e, 0x0e, 0x03, 0x10, 0x0d, 0x87, 0xd4, 0x36, 0xee, 0x40, 0x9e, 0xec, 0x1c, 0xf8, 0x5e, 0x80, 0xab, 0xa0, 0x79, 0xb2, 0xe6, 0x10, 0x6b, 0x97, 0xbc, 0xed, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0xe1, 0xda, 0xf2, 0xfb, 0x1a, 0xca, 0x6f, 0x3a, 0x74, 0x7a, 0x79, 0x27, 0xb0, 0xba, 0x9d, 0x4c, 0x5d, 0xce, 0x55, 0xaf, 0x8c, 0x88, 0x04, 0x50, 0x7f, 0x7a, 0xf1, 0x7c, 0xad, 0xf8, 0x0e, 0xd4, 0x03, 0xfd, 0x49, 0x78, 0x05, 0x7a, 0xdf, 0xb2, 0x75, 0x1f, 0x2a, 0x76, 0x40, 0x16, 0x27, 0xdf, 0x61, 0xf9, 0xaf, 0x81, 0xa6, 0x7b, 0x43, 0x8a, 0x43, 0xe0, 0x4f, 0xd2, 0x23, 0x9b, 0xb7, 0x46, 0xfc, 0xad, 0xb3, 0x5b, 0xfb, 0xd8, 0x67, 0x72, 0x7b, 0x10, 0x15, 0xb0, 0x2e, 0x27, 0x69, 0x9b, 0xac, 0x65, 0x5b, 0xd3, 0x8a, 0x8a, 0xcd, 0xc7, 0xcb, 0xfe, 0x24, 0xb5, 0x48, 0x9c, 0x70, 0xe7, 0xfd, 0x75, 0x29, 0x6d, 0xff, 0x5d, 0xb2, 0xd1, 0xd5, 0xfd, 0xea, 0x0d, 0x73, 0x67, 0xda, 0xf7, 0x0d, 0xa7, 0x6a, 0x44, 0x32, 0x6e, 0x21, 0x80, 0x71, 0x61, 0xac, 0x70, 0x1b, 0x3e, 0xfb, 0x33, 0x1f, 0xef, 0x3d, 0x59, 0x57, 0xdd, 0xb3, 0x49, 0x50, 0xd9, 0xb2, 0x33, 0x92, 0xff, 0xd3, 0x06, 0x51, 0x8b, 0x38, 0x3d, 0xbe, 0x8a, 0xf6, 0x69, 0xf0, 0x6a, 0x15, 0x86, 0x0c, 0x8c, 0xb6, 0x2b, 0x34, 0x06, 0x6d, 0x4d, 0x6a, 0x7a, 0xa7, 0x71, 0x36, 0xc2, 0xda, 0x4b, 0xe4, 0x94, 0x7a, 0xc3, 0x94, 0x14, 0x4c, 0xf5, 0xeb, 0xdc, 0x4f, 0x22, 0x15, 0x7e, 0xc7, 0x20, 0x56, 0xef, 0x68, 0xf5, 0x5e, 0x64, 0x4c, 0xb0, 0xf4, 0xe7, 0x2e, 0x52, 0xcd, 0xac, 0xe1, 0x02, 0x75, 0xc7, 0x1c, 0x4e, 0xcd, 0xf0, 0x04, 0xc1, 0x24, 0x4a, 0xd1, 0xb0, 0xe0, 0xbc, 0x35, 0x18, 0xdd, 0x60, 0xf5, 0x9e, 0x3b, 0xde, 0x4e, 0xf0, 0x6b, 0xbc, 0xda, 0x93, 0x98, 0x5b, 0x8b, 0x4b, 0xda, 0xfc, 0x77, 0xa9, 0x08, 0x7a, 0xb9, 0xda, 0xc2, 0x73, 0x50, 0xe2, 0xec, 0xfb, 0x0c, 0x5c, 0x60, 0x25, 0xa9, 0x7f}, /* 1024,[pq] */{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x83, 0xf1, 0xca, 0x06, 0x58, 0x4a, 0x04, 0x5e, 0x96, 0xb5, 0x30, 0x32, 0x40, 0x36, 0x48, 0xb9, 0x02, 0x0c, 0xe3, 0x37, 0xb7, 0x51, 0xbc, 0x22, 0x26, 0x5d, 0x74, 0x03, 0x47, 0xd3, 0x33, 0x20, 0x8e, 0x75, 0x62, 0xf2, 0x9d, 0x4e, 0xc8, 0x7d, 0x5d, 0x8e, 0xb6, 0xd9, 0x69, 0x4a, 0x9a, 0xe1, 0x36, 0x6e, 0x1c, 0xbe, 0x8a, 0x14, 0xb1, 0x85, 0x39, 0x74, 0x7c, 0x25, 0xd8, 0xa4, 0x4f, 0xde, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x57, 0xb7, 0x38, 0x88, 0xd1, 0x83, 0xa9, 0x9a, 0x63, 0x07, 0x42, 0x22, 0x77, 0x55, 0x1a, 0x3d, 0x9e, 0x18, 0xad, 0xf0, 0x6a, 0x91, 0xe8, 0xb5, 0x5c, 0xef, 0xfe, 0xf9, 0x07, 0x7c, 0x84, 0x96, 0x94, 0x8e, 0xcb, 0x3b, 0x16, 0xb7, 0x81, 0x55, 0xcb, 0x2a, 0x3a, 0x57, 0xc1, 0x19, 0xd3, 0x79, 0x95, 0x1c, 0x01, 0x0a, 0xa6, 0x35, 0xed, 0xcf, 0x62, 0xd8, 0x4c, 0x5a, 0x12, 0x2a, 0x8d, 0x67, 0xab, 0x5f, 0xa9, 0xe5, 0xa4, 0xa8, 0x77, 0x2a, 0x1e, 0x94, 0x3b, 0xaf, 0xc7, 0x0a, 0xe3, 0xa4, 0xc1, 0xf0, 0xf3, 0xa4, 0xdd, 0xff, 0xae, 0xfd, 0x18, 0x92, 0xc8, 0xcb, 0x33, 0xbb, 0x0d, 0x0b, 0x95, 0x90, 0xe9, 0x63, 0xa6, 0x91, 0x10, 0xfb, 0x34, 0xdb, 0x7b, 0x90, 0x6f, 0xc4, 0xba, 0x28, 0x36, 0x99, 0x5a, 0xac, 0x7e, 0x52, 0x74, 0x90, 0xac, 0x95, 0x2a, 0x02, 0x26, 0x8a, 0x4f, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x27, 0x0f, 0x83, 0x44, 0x1b, 0x11, 0xce, 0x9f, 0xe6, 0xdf, 0xd5, 0x1b, 0xed, 0x73, 0xea, 0x09, 0x54, 0xcb, 0x47, 0xca, 0x58, 0xfa, 0x04, 0xc7, 0x25, 0x68, 0xf0, 0x25, 0xfd, 0xf1, 0x30, 0x53, 0x03, 0x56, 0xd9, 0x65, 0x65, 0xd4, 0x60, 0xc1, 0x12, 0x90, 0x91, 0xf6, 0x3d, 0xda, 0x97, 0x6b, 0xe8, 0x1b, 0x96, 0x33, 0xfb, 0x94, 0x0a, 0x8f, 0x55, 0xc3, 0xbd, 0x33, 0x7b, 0x5c, 0x6b, 0x00, 0x1a, 0x79, 0x2f, 0xaf, 0x13, 0x82, 0xcd, 0x5f, 0xc7, 0x2a, 0x25, 0xe6, 0x93, 0xb4, 0x13, 0xa5, 0x89, 0x68, 0x42, 0xce, 0xc2, 0xb0, 0xe8, 0xc4, 0x94, 0x65, 0xa4, 0x04, 0x37, 0x5d, 0x49, 0xcf, 0x6d, 0xeb, 0x3b, 0x89, 0x34, 0xbf, 0x78, 0x2e, 0x8a, 0x34, 0x53, 0x21, 0x56, 0x97, 0xfb, 0xda, 0x6b, 0x95, 0x48, 0xa0, 0x4f, 0x55, 0xa4, 0xab, 0xbd, 0x14, 0xc6, 0x7b, 0xb8, 0xca, 0x1b, 0x73, 0xaa, 0x5f, 0x98, 0x90, 0xe5, 0xdd, 0xb3, 0x30, 0xf5, 0x9b, 0xa0, 0xe6, 0x83, 0x0b, 0xc8, 0x6f, 0x70, 0x41, 0x3e, 0x18, 0xd2, 0xea, 0x57, 0xea, 0xc6, 0x76, 0xaa, 0x48, 0x19, 0x1d, 0x3f, 0xff, 0xa4, 0x5f, 0x01, 0x4f, 0x4b, 0x21, 0x14, 0xcf, 0x83, 0x5f, 0xc1, 0xcf, 0xaf, 0x04, 0xe8, 0x8a, 0xab, 0xa2, 0x53, 0xaa, 0x9e, 0x1b, 0x6d, 0x42, 0xa8, 0x2b, 0x51, 0xd9, 0x28, 0x9b, 0xf7, 0xda, 0xf3, 0xd7, 0x6c, 0x71, 0xbd, 0xc2, 0x27, 0x17, 0x8b, 0x04, 0x46, 0xdc, 0xae, 0x79, 0x70, 0x1b, 0xf0, 0x45, 0x93, 0x26, 0x60, 0x24, 0x9a, 0xc7, 0xf2, 0xab, 0x9c, 0xad, 0xf6, 0xaa, 0xab, 0xfa, 0xb2, 0x70, 0xec, 0x34, 0x7f, 0x75, 0x3a, 0x4c, 0x3c, 0x0c, 0xe2, 0xe7, 0xad, 0x43, 0xb2, 0x66, 0xe3, 0x5c, 0x23, 0x0c, 0x48, 0x4a, 0x91, 0x7c, 0xb3, 0x77, 0x5c, 0x57, 0x7d, 0xbc, 0xa8, 0x2d}, /* 1024,[pq] */{{0xb2, 0xb2, 0x82, 0xd7, 0x2c, 0x6f, 0x53, 0x29, 0xee, 0x4c, 0xd1, 0x77, 0xb7, 0x13, 0xf3, 0x1c, 0x51, 0x60, 0xd8, 0xa9, 0x4e, 0x52, 0x72, 0x43, 0x29, 0xfa, 0x51, 0xaa, 0xd8, 0xbc, 0x31, 0x21, 0xe0, 0xac, 0x9b, 0x4e, 0x00, 0x94, 0xac, 0x91, 0x7f, 0x1e, 0xfd, 0xfb, 0x1c, 0xfa, 0xa8, 0xe8, 0x56, 0x5a, 0x01, 0x17, 0xf1, 0x5f, 0x01, 0xba, 0xcd, 0x77, 0xa1, 0x8c, 0x74, 0x8a, 0xef, 0xfa, 0x64, 0x58, 0x79, 0x13, 0xaa, 0x54, 0x13, 0x2b, 0xaa, 0xe7, 0xc3, 0x50, 0x3b, 0x69, 0x3b, 0x0b, 0x9a, 0xa9, 0x9d, 0x15, 0x8a, 0x06, 0x45, 0x71, 0x40, 0x7a, 0x80, 0x85, 0x4a, 0xbe, 0x68, 0x48, 0x6c, 0xe6, 0xdd, 0x96, 0xb0, 0xdc, 0xf4, 0x23, 0xa8, 0xea, 0x21, 0x9f, 0xbc, 0x6b, 0x15, 0xa4, 0x87, 0x6e, 0x93, 0x56, 0xae, 0xa7, 0x17, 0x4e, 0xd7, 0x14, 0xe4, 0x69, 0x04, 0xd5, 0x2e, 0x62, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 2048,[p>q] */ {0x6d, 0xdc, 0x9c, 0xba, 0xd4, 0xfa, 0xfe, 0xd0, 0x85, 0xd7, 0x0a, 0xc4, 0x11, 0x02, 0x07, 0x9f, 0x28, 0xd2, 0x1b, 0x1f, 0xcc, 0xbb, 0x6f, 0x66, 0x3a, 0xbe, 0xcb, 0xe6, 0x20, 0xee, 0x90, 0x97, 0x04, 0x2c, 0xfc, 0xb9, 0x5a, 0xd3, 0x66, 0x6a, 0x73, 0x6a, 0x67, 0x27, 0xee, 0x9f, 0x90, 0xcd, 0x5f, 0xce, 0xcf, 0x12, 0x4e, 0x10, 0xf2, 0x2a, 0x23, 0xd1, 0x5e, 0xd4, 0xad, 0xb5, 0xc5, 0x26, 0xd2, 0x2f, 0x04, 0x18, 0xb5, 0xc1, 0x52, 0xeb, 0x7c, 0xd4, 0x5b, 0xe8, 0x21, 0x0a, 0x53, 0x7d, 0xfe, 0x64, 0x02, 0xf1, 0xb4, 0x48, 0xf2, 0x39, 0x17, 0xb7, 0x60, 0x0f, 0x22, 0x7f, 0x04, 0x78, 0xf1, 0x84, 0x51, 0x47, 0xec, 0xff, 0x81, 0x27, 0x47, 0x88, 0x58, 0xfa, 0x26, 0xe7, 0xc3, 0x0e, 0x77, 0x81, 0xa9, 0x06, 0x8d, 0x24, 0x36, 0x58, 0x61, 0xe2, 0x78, 0x37, 0xe8, 0x7c, 0x6d, 0x5b, 0x77, 0xeb, 0x0a, 0x56, 0xe7, 0x25, 0x9f, 0xe8, 0xc0, 0x82, 0xc3, 0xf8, 0xb8, 0x1a, 0xe3, 0x60, 0x65, 0x24, 0x2e, 0x0c, 0xc2, 0x74, 0xcd, 0x2a, 0x03, 0xd1, 0x66, 0x7a, 0x1c, 0xe2, 0x3d, 0xc5, 0xa9, 0x78, 0x5f, 0x32, 0x96, 0x8a, 0xe4, 0x11, 0x97, 0x82, 0xb9, 0x11, 0x48, 0xd5, 0x3f, 0x1b, 0x4d, 0xc5, 0xf7, 0x4e, 0xe7, 0x7d, 0x5a, 0xf3, 0x42, 0xff, 0xf8, 0xf6, 0x8d, 0xd2, 0x22, 0x95, 0xdf, 0xf2, 0x7e, 0xfc, 0x34, 0xf4, 0x6d, 0x8e, 0x37, 0x02, 0x34, 0x30, 0xf8, 0x31, 0xfb, 0xa8, 0x97, 0x74, 0xac, 0xf3, 0x4a, 0x67, 0x4a, 0xee, 0x12, 0xed, 0x9d, 0x19, 0xcd, 0x4a, 0xe2, 0x13, 0x43, 0x25, 0xf7, 0x00, 0xd8, 0xbd, 0x91, 0xc2, 0x38, 0xc4, 0x68, 0xeb, 0xb1, 0x74, 0xd0, 0x8c, 0xdb, 0x76, 0x79, 0xe2, 0xd0, 0x85, 0x0d, 0x03, 0xdc, 0xdc, 0x8e, 0x79, 0x7f, 0xdb, 0xea, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* 4096,[p>q] */ {0xac, 0x34, 0x9f, 0xe1, 0x4d, 0x4a, 0xf8, 0x8f, 0x3a, 0xa0, 0xf5, 0x78, 0xe3, 0x30, 0x7e, 0x80, 0x55, 0x7a, 0x93, 0x96, 0x47, 0xb8, 0x28, 0xc7, 0x34, 0x33, 0xcf, 0x97, 0x90, 0x71, 0xbc, 0xc6, 0x37, 0x13, 0x8b, 0x53, 0x41, 0x51, 0x9a, 0x2e, 0x4a, 0xa0, 0x6b, 0xfc, 0xc6, 0x73, 0x0a, 0x6f, 0x5c, 0x09, 0xee, 0x35, 0x9d, 0xee, 0x2a, 0xbe, 0x88, 0x8a, 0xbf, 0xa0, 0x60, 0xb3, 0x4b, 0x93, 0x37, 0xb7, 0xb9, 0x52, 0xd5, 0x9d, 0x2b, 0xd8, 0x39, 0xfe, 0x04, 0x4a, 0x97, 0x3f, 0x4a, 0xd9, 0x8b, 0x27, 0x71, 0xb3, 0xbe, 0x25, 0x43, 0xd6, 0xba, 0x06, 0x6c, 0x93, 0x09, 0x27, 0xf8, 0x4f, 0x9a, 0x6f, 0x97, 0x23, 0x22, 0x9e, 0x51, 0x53, 0x9a, 0x4c, 0x08, 0x3a, 0x78, 0x22, 0xd5, 0x7f, 0xe9, 0xb1, 0x78, 0xef, 0xdc, 0x7e, 0x0c, 0x67, 0x54, 0x14, 0xdd, 0x15, 0xf5, 0xc5, 0xc6, 0x4c, 0x64, 0xa4, 0x70, 0x97, 0xd5, 0xfd, 0xc6, 0x8a, 0x21, 0x86, 0x70, 0x93, 0xa5, 0xaa, 0x04, 0xa4, 0xa6, 0xfc, 0x8b, 0x51, 0xe8, 0x64, 0x30, 0x9d, 0x5c, 0x44, 0x8d, 0xab, 0xf3, 0x1a, 0x19, 0x56, 0xa7, 0x87, 0xce, 0x0b, 0xb8, 0xd1, 0x84, 0xb1, 0x69, 0x39, 0x34, 0x2d, 0xeb, 0x62, 0xda, 0x46, 0xc8, 0xc0, 0x98, 0x0a, 0x95, 0x43, 0xc8, 0x80, 0xe3, 0x45, 0x89, 0x1e, 0x27, 0x2f, 0x8e, 0x85, 0x9b, 0xf8, 0xc8, 0x76, 0x1e, 0xfa, 0x67, 0x51, 0xcf, 0x4f, 0x8d, 0x07, 0xb9, 0xd6, 0x93, 0xc6, 0xc3, 0xd1, 0xa6, 0x8e, 0x17, 0x94, 0x88, 0x4c, 0x74, 0x48, 0x97, 0x50, 0xd0, 0x1f, 0xb0, 0x6d, 0xf7, 0x2c, 0xc2, 0x01, 0x0e, 0x22, 0xa1, 0xc4, 0x20, 0xfd, 0xb3, 0xde, 0x0d, 0x95, 0x0c, 0xeb, 0xc2, 0x63, 0x37, 0x24, 0xb7, 0xb1, 0x90, 0x6d, 0xb7, 0xda, 0x19, 0x33, 0x59, 0xd7, 0x34, 0x8d, 0x72, 0xd2, 0x13, 0x4d, 0xec, 0xa8, 0xf7, 0xf3, 0x62, 0x6a, 0x8a, 0x37, 0x61, 0x04, 0x57, 0x82, 0x83, 0xa2, 0x5c, 0xc6, 0xd4, 0x9c, 0x29, 0x92, 0xa7, 0xbe, 0xf7, 0xbb, 0x98, 0x23, 0xf8, 0xc4, 0x23, 0xac, 0xbd, 0xa1, 0x6e, 0xfa, 0x45, 0xfd, 0x58, 0xcc, 0x67, 0xba, 0xe3, 0xd5, 0x86, 0x35, 0x75, 0x58, 0x07, 0xe9, 0x42, 0x6b, 0x2f, 0x17, 0xc1, 0x64, 0x10, 0xba, 0x52, 0x37, 0xaf, 0xe0, 0x36, 0x9a, 0x41, 0x06, 0xa1, 0x70, 0x12, 0x27, 0xf7, 0xaa, 0xee, 0x9f, 0x9c, 0x16, 0x5d, 0x30, 0xb0, 0xdd, 0x9c, 0x56, 0x8b, 0x0e, 0xbb, 0xd2, 0xed, 0x36, 0xa7, 0x71, 0x77, 0xb8, 0xd4, 0xcd, 0xb0, 0x38, 0x26, 0x4c, 0x10, 0x5d, 0x14, 0x5b, 0x18, 0xde, 0xec, 0xda, 0x3d, 0xfe, 0x18, 0x02, 0x34, 0x13, 0xdb, 0x1f, 0x74, 0xc4, 0xdd, 0xbc, 0xd2, 0x1a, 0x68, 0xcf, 0x96, 0x9b, 0x4e, 0xaa, 0xdd, 0x47, 0x24, 0xa4, 0x1a, 0x1d, 0x5b, 0xa1, 0x8e, 0xcf, 0x4a, 0x51, 0x0a, 0x7b, 0x24, 0xfc, 0x54, 0x20, 0x31, 0x5a, 0x97, 0x42, 0x9d, 0x36, 0x84, 0x07, 0x89, 0x3e, 0x39, 0x34, 0x5e, 0x40, 0xae, 0xe7, 0xf8, 0x82, 0xd7, 0xb3, 0xa9, 0x25, 0xfe, 0xc5, 0x45, 0xd5, 0xde, 0x6f, 0x02, 0x61, 0x25, 0x12, 0x90, 0xfe, 0xe7, 0x10, 0x1d, 0x60, 0x55, 0xf8, 0xd2, 0xff, 0x26, 0xb3, 0xbb, 0xea, 0xb7, 0x6d, 0x14, 0xd9, 0x54, 0xef, 0xc3, 0x5f, 0x73, 0x46, 0xdc, 0xd1, 0xfa, 0xd8, 0x31, 0xc6, 0xff, 0xd8, 0xc7, 0xf7, 0x84, 0xc0, 0x87, 0x70, 0x97, 0xab, 0xdf, 0xa7, 0x8c, 0x0b, 0xf1, 0xcf, 0x81, 0x2a, 0xce, 0xf2, 0x02, 0xfd, 0x41, 0xb2, 0x54, 0x9f, 0x49, 0x17, 0xe7, 0xbb, 0xa5, 0x37, 0x6e, 0x4d, 0xeb, 0x2b, 0x62, 0x1c, 0x36, 0xb3, 0x01, 0x86, 0x45, 0x82, 0xc1, 0x4f, 0x60, 0x77}, /* 1024,[p #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 4 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: NULL { 0x00 }, // Test 1: "abc" { 0x61,0x62,0x63 }, // Test 2: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 3: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: NULL 0, // Test 1: "abc" 3, // Test 2: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 3: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHA_HASH_LENGTH] = { // Hash for test 0: NULL { 0xda,0x39,0xa3,0xee,0x5e,0x6b,0x4b,0x0d,0x32,0x55,0xbf,0xef,0x95,0x60,0x18,0x90, 0xaf,0xd8,0x07,0x09, }, // Hash for test 1: "abc" { 0xA9,0x99,0x3E,0x36,0x47,0x06,0x81,0x6A,0xBA,0x3E,0x25,0x71,0x78,0x50,0xC2,0x6C, 0x9C,0xD0,0xD8,0x9D, }, // Hash for test 2: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x84,0x98,0x3E,0x44,0x1C,0x3B,0xD2,0x6E,0xBA,0xAE,0x4A,0xA1,0xF9,0x51,0x29,0xE5, 0xE5,0x46,0x70,0xF1, }, // Hash for test 3: 1,000,000 'a' { 0x34,0xAA,0x97,0x3C,0xD4,0xC4,0xDA,0xA4,0xF6,0x1E,0xEB,0x2B,0xDB,0xAD,0x27,0x31, 0x65,0x34,0x01,0x6F, }, }; int new_api_sha_test(void) { V_(printf("Test of new sha api\n")); sha_context_t sha_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHA_HASH_LENGTH; unsigned char output_hash[SHA_HASH_LENGTH]; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 3 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 3) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); rc = ica_sha1(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &sha_context, output_hash); if (rc != 0) { V_(printf("icaSha1 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHA_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); } else VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 3, except that we use the SHA_CONTEXT // and break it into calls of 1024 bytes each. V_(printf("\nOriginal data for test 3(chunks = 1024) is calls of 1024" "'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[3]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1024); if (i == (int)FIPS_TEST_DATA_SIZE[3]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1024) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha1(sha_message_part, (i < 1024) ? i : 1024, input_data, &sha_context, output_hash); if (rc != 0) { V_(printf("ica_sha1 failed with errno %d (0x%x) on" " iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 1024; } VV_(printf("\nOutput hash for test 3(chunks = 1024):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[3], SHA_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 3, except that we use the SHA_CONTEXT // and break it into calls of 64 bytes each. V_(printf("\nOriginal data for test 3(chunks = 64) is calls of 64 'a's at" "a time\n")); i = FIPS_TEST_DATA_SIZE[3]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 64); if (i == (int)FIPS_TEST_DATA_SIZE[3]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 64) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha1(sha_message_part, (i < 64) ? i : 64, input_data, &sha_context, output_hash); if (rc != 0) { V_(printf("ica_sha1 failed with errno %d (0x%x) on" " iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 64; } VV_(printf("\nOutput hash for test 3(chunks = 64):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[3], SHA_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); } else { VV_(printf("Yep, it's what it should be.\n")); } printf("All SHA1 tests passed.\n"); return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHA-1 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); rc = new_api_sha_test(); if (rc) { printf("new_api_sha_test failed with rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/sha256_test.c000066400000000000000000000132251417716165400161500ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2005, 2009, 2011 */ /* (C) COPYRIGHT International Business Machines Corp. 2005, 2009 */ #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 3 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: "abc" { 0x61,0x62,0x63 }, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 2: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: "abc" 3, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 2: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHA256_HASH_LENGTH] = { // Hash for test 0: "abc" { 0xBA,0x78,0x16,0xBF,0x8F,0x01,0xCF,0xEA,0x41,0x41,0x40,0xDE,0x5D,0xAE,0x22,0x23, 0xB0,0x03,0x61,0xA3,0x96,0x17,0x7A,0x9C,0xB4,0x10,0xFF,0x61,0xF2,0x00,0x15,0xAD, }, // Hash for test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x24,0x8D,0x6A,0x61,0xD2,0x06,0x38,0xB8,0xE5,0xC0,0x26,0x93,0x0C,0x3E,0x60,0x39, 0xA3,0x3C,0xE4,0x59,0x64,0xFF,0x21,0x67,0xF6,0xEC,0xED,0xD4,0x19,0xDB,0x06,0xC1, }, // Hash for test 2: 1,000,000 'a' { 0xCD,0xC7,0x6E,0x5C,0x99,0x14,0xFB,0x92,0x81,0xA1,0xC7,0xE2,0x84,0xD7,0x3E,0x67, 0xF1,0x80,0x9A,0x48,0xA4,0x97,0x20,0x0E,0x04,0x6D,0x39,0xCC,0xC7,0x11,0x2C,0xD0, }, }; int new_api_sha256_test(void) { sha256_context_t sha256_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHA256_HASH_LENGTH; unsigned char output_hash[SHA256_HASH_LENGTH]; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 2 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 2) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); rc = ica_sha256(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &sha256_context, output_hash); if (rc != 0) { V_(printf("icaSha256 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHA256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); } else { VV_(printf("Yep, it's what it should be.\n")); } } // This test is the same as test 2, except that we use the SHA256_CONTEXT and // break it into calls of 1024 bytes each. V_(printf("\nOriginal data for test 2(chunks = 1024) is calls of 1024" " 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1024); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1024) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha256(sha_message_part, (i < 1024) ? i : 1024, input_data, &sha256_context, output_hash); if (rc != 0) { V_(printf("ica_sha256 failed with errno %d (0x%x) on" " iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 1024; } VV_(printf("\nOutput hash for test 2(chunks = 1024):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 2, except that we use the // SHA256_CONTEXT and break it into calls of 64 bytes each. V_(printf("\nOriginal data for test 2(chunks = 64) is calls of 64 'a's at" " a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 64); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 64) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha256(sha_message_part, (i < 64) ? i : 64, input_data, &sha256_context, output_hash); if (rc != 0) { V_(printf("ica_sha256 failed with errno %d (0x%x) on iteration" " %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 64; } VV_(printf("\nOutput hash for test 2(chunks = 64):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); } else { VV_(printf("Yep, it's what it should be.\n")); } printf("All SHA256 tests passed.\n"); return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHA-256 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); rc = new_api_sha256_test(); if (rc) { printf("new_api_sha256_test: returned rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/sha2_test.sh000077500000000000000000000000551417716165400161650ustar00rootroot00000000000000#!/bin/sh ./sha_test $LIBICA_TESTDATA/sha2/* libica-4.0.1/test/sha3_224_test.c000066400000000000000000000141601417716165400163640ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2016 */ /* (C) COPYRIGHT International Business Machines Corp. 2016 */ #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 3 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: "abc" { 0x61,0x62,0x63 }, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 2: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: "abc" 3, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 2: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHA3_224_HASH_LENGTH] = { // SHA3_224 Hash for test 0: "abc" { 0xe6,0x42,0x82,0x4c,0x3f,0x8c,0xf2,0x4a,0xd0,0x92,0x34,0xee,0x7d,0x3c,0x76,0x6f, 0xc9,0xa3,0xa5,0x16,0x8d,0x0c,0x94,0xad,0x73,0xb4,0x6f,0xdf, }, // SHA3_224 Hash for test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x8a,0x24,0x10,0x8b,0x15,0x4a,0xda,0x21,0xc9,0xfd,0x55,0x74,0x49,0x44,0x79,0xba, 0x5c,0x7e,0x7a,0xb7,0x6e,0xf2,0x64,0xea,0xd0,0xfc,0xce,0x33, }, // SHA3_224 Hash for test 2: 1,000,000 'a' { 0xd6,0x93,0x35,0xb9,0x33,0x25,0x19,0x2e,0x51,0x6a,0x91,0x2e,0x6d,0x19,0xa1,0x5c, 0xb5,0x1c,0x6e,0xd5,0xc1,0x52,0x43,0xe7,0xa7,0xfd,0x65,0x3c }, }; int new_api_sha3_224_test(void) { sha3_224_context_t sha3_224_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHA3_224_HASH_LENGTH; unsigned char output_hash[SHA3_224_HASH_LENGTH]; unsigned int errors = 0; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 2 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 2) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); if (i != 2) dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); else VV_(printf("Data suppressed (1.000.000 'a'), too much output.\n")); rc = ica_sha3_224(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &sha3_224_context, output_hash); if (rc != 0) { V_(printf("icaSha3_224 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHA3_224_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } } // This test is the same as test 2, except that we use the SHA3_224_CONTEXT and // break it into calls of 1152 bytes each (which is 8 * 144, where 144 is the // SHA3_224 input block size). V_(printf("\nOriginal data for test 2 (chunks = 1152) is calls of 1152 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1152); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1152) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha3_224(sha_message_part, (i < 1152) ? i : 1152, input_data, &sha3_224_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_224 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 1152; } VV_(printf("\nOutput hash for test 2 (chunks = 1152):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_224_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 2, except that we use the // SHA3_224_CONTEXT and break it into calls of 144 bytes each. V_(printf("\nOriginal data for test 2 (chunks = 144) is calls of 144 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 144); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 144) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha3_224(sha_message_part, (i < 144) ? i : 144, input_data, &sha3_224_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_224 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 144; } VV_(printf("\nOutput hash for test 2 (chunks = 144):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_224_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } if (errors) { printf("%d out of %d SHA3_224 tests did not return the expected result.\n", errors, (NUM_FIPS_TESTS+2)); return TEST_FAIL; } printf("All SHA3_224 tests passed.\n"); return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHA3-224 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); if (!sha3_available()) { printf("Skipping SHA3-224 test, because SHA3 not available on this machine.\n"); return TEST_SKIP; } rc = new_api_sha3_224_test(); if (rc) { printf("new_api_sha3_224_test: returned rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/sha3_256_test.c000066400000000000000000000143441417716165400163750ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2016 */ /* (C) COPYRIGHT International Business Machines Corp. 2016 */ #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 3 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: "abc" { 0x61,0x62,0x63 }, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 2: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: "abc" 3, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 2: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHA3_256_HASH_LENGTH] = { // SHA3_256 Hash for test 0: "abc" { 0x3A,0x98,0x5D,0xA7,0x4F,0xE2,0x25,0xB2,0x04,0x5C,0x17,0x2D,0x6B,0xD3,0x90,0xBD, 0x85,0x5F,0x08,0x6E,0x3E,0x9D,0x52,0x5B,0x46,0xBF,0xE2,0x45,0x11,0x43,0x15,0x32, }, // SHA3_256 Hash for test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x41,0xC0,0xDB,0xA2,0xA9,0xD6,0x24,0x08,0x49,0x10,0x03,0x76,0xA8,0x23,0x5E,0x2C, 0x82,0xE1,0xB9,0x99,0x8A,0x99,0x9E,0x21,0xDB,0x32,0xDD,0x97,0x49,0x6D,0x33,0x76, }, // SHA3_256 Hash for test 2: 1,000,000 'a' { 0x5C,0x88,0x75,0xAE,0x47,0x4A,0x36,0x34,0xBA,0x4F,0xD5,0x5E,0xC8,0x5B,0xFF,0xD6, 0x61,0xF3,0x2A,0xCA,0x75,0xC6,0xD6,0x99,0xD0,0xCD,0xCB,0x6C,0x11,0x58,0x91,0xC1, }, }; int new_api_sha3_256_test(void) { sha3_256_context_t sha3_256_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHA3_256_HASH_LENGTH; unsigned char output_hash[SHA3_256_HASH_LENGTH]; unsigned int errors = 0; int input_length = 0; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 2 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 2) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); if (i != 2) dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); else VV_(printf("Data suppressed (1.000.000 'a'), too much output.\n")); rc = ica_sha3_256(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &sha3_256_context, output_hash); if (rc != 0) { V_(printf("icaSha3_256 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHA3_256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } } // This test is the same as test 2, except that we use the SHA3_256_CONTEXT and // break it into calls of 1088 bytes each (which is 8 * 136, where 136 is the // SHA3_256 block length). V_(printf("\nOriginal data for test 2 (chunks = 1088) is calls of 1088 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1088); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1088) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; input_length = (i < 1088) ? i : 1088; rc = ica_sha3_256(sha_message_part, input_length, input_data, &sha3_256_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_256 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i-= 1088; } VV_(printf("\nOutput hash for test 2 (chunks = 1088):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 2, except that we use the // SHA3_256_CONTEXT and break it into calls of 136 bytes each. V_(printf("\nOriginal data for test 2 (chunks = 136) is calls of 136 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 136); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 136) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha3_256(sha_message_part, (i < 136) ? i : 136, input_data, &sha3_256_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_256 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 136; } VV_(printf("\nOutput hash for test 2 (chunks = 136):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } if (errors) { printf("%d out of %d SHA3_256 tests did not return the expected result.\n", errors, (NUM_FIPS_TESTS+2)); return TEST_FAIL; } printf("All SHA3_256 tests passed.\n"); return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHA3-256 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); if (!sha3_available()) { printf("Skipping SHA3-256 test, because SHA3 not available on this machine.\n"); return TEST_SKIP; } rc = new_api_sha3_256_test(); if (rc) { printf("new_api_sha3_256_test: returned rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/sha3_384_test.c000066400000000000000000000146411417716165400163770ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2016 */ /* (C) COPYRIGHT International Business Machines Corp. 2016 */ #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 3 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: "abc" { 0x61,0x62,0x63 }, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 2: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: "abc" 3, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 2: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHA3_384_HASH_LENGTH] = { // SHA3_384 Hash for test 0: "abc" { 0xEC,0x01,0x49,0x82,0x88,0x51,0x6F,0xC9,0x26,0x45,0x9F,0x58,0xE2,0xC6,0xAD,0x8D, 0xF9,0xB4,0x73,0xCB,0x0F,0xC0,0x8C,0x25,0x96,0xDA,0x7C,0xF0,0xE4,0x9B,0xE4,0xB2, 0x98,0xD8,0x8C,0xEA,0x92,0x7A,0xC7,0xF5,0x39,0xF1,0xED,0xF2,0x28,0x37,0x6D,0x25, }, // SHA3_384 Hash for test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x99,0x1C,0x66,0x57,0x55,0xEB,0x3A,0x4B,0x6B,0xBD,0xFB,0x75,0xC7,0x8A,0x49,0x2E, 0x8C,0x56,0xA2,0x2C,0x5C,0x4D,0x7E,0x42,0x9B,0xFD,0xBC,0x32,0xB9,0xD4,0xAD,0x5A, 0xA0,0x4A,0x1F,0x07,0x6E,0x62,0xFE,0xA1,0x9E,0xEF,0x51,0xAC,0xD0,0x65,0x7C,0x22, }, // SHA3_384 Hash for test 2: 1,000,000 'a' { 0xEE,0xE9,0xE2,0x4D,0x78,0xC1,0x85,0x53,0x37,0x98,0x34,0x51,0xDF,0x97,0xC8,0xAD, 0x9E,0xED,0xF2,0x56,0xC6,0x33,0x4F,0x8E,0x94,0x8D,0x25,0x2D,0x5E,0x0E,0x76,0x84, 0x7A,0xA0,0x77,0x4D,0xDB,0x90,0xA8,0x42,0x19,0x0D,0x2C,0x55,0x8B,0x4B,0x83,0x40, }, }; int new_api_sha3_384_test(void) { sha3_384_context_t sha3_384_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHA3_384_HASH_LENGTH; unsigned char output_hash[SHA3_384_HASH_LENGTH]; unsigned int errors = 0; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 2 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 2) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); if (i != 2) dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); else VV_(printf("Data suppressed (1.000.000 'a'), too much output.\n")); rc = ica_sha3_384(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &sha3_384_context, output_hash); if (rc != 0) { V_(printf("icaSha3_384 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHA3_384_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } } // This test is the same as test 2, except that we use the SHA3_384_CONTEXT and // break it into calls of 1040 bytes each (which is 10 * 104, where 104 is the // SHA3_384 input block size). V_(printf("\nOriginal data for test 2 (chunks = 1040) is calls of 1040 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1040); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1040) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha3_384(sha_message_part, (i < 1040) ? i : 1040, input_data, &sha3_384_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_384 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 1040; } VV_(printf("\nOutput hash for test 2 (chunks = 1040):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_384_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 2, except that we use the // SHA3_512_CONTEXT and break it into calls of 104 bytes each. V_(printf("\nOriginal data for test 2 (chunks = 104) is calls of 104 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 104); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 104) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha3_384(sha_message_part, (i < 104) ? i : 104, input_data, &sha3_384_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_384 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 104; } VV_(printf("\nOutput hash for test 2 (chunks = 104):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_384_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } if (errors) { printf("%d out of %d SHA3_384 tests did not return the expected result.\n", errors, (NUM_FIPS_TESTS+2)); return TEST_FAIL; } printf("All SHA3_384 tests passed.\n"); return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHA3-384 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); if (!sha3_available()) { printf("Skipping SHA3-384 test, because SHA3 not available on this machine.\n"); return TEST_SKIP; } rc = new_api_sha3_384_test(); if (rc) { printf("new_api_sha3_384_test: returned rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/sha3_512_test.c000066400000000000000000000152071417716165400163670ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2016 */ /* (C) COPYRIGHT International Business Machines Corp. 2016 */ #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 3 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: "abc" { 0x61,0x62,0x63 }, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 2: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: "abc" 3, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 2: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHA3_512_HASH_LENGTH] = { // SHA3_512 Hash for test 0: "abc" { 0xB7,0x51,0x85,0x0B,0x1A,0x57,0x16,0x8A,0x56,0x93,0xCD,0x92,0x4B,0x6B,0x09,0x6E, 0x08,0xF6,0x21,0x82,0x74,0x44,0xF7,0x0D,0x88,0x4F,0x5D,0x02,0x40,0xD2,0x71,0x2E, 0x10,0xE1,0x16,0xE9,0x19,0x2A,0xF3,0xC9,0x1A,0x7E,0xC5,0x76,0x47,0xE3,0x93,0x40, 0x57,0x34,0x0B,0x4C,0xF4,0x08,0xD5,0xA5,0x65,0x92,0xF8,0x27,0x4E,0xEC,0x53,0xF0, }, // SHA3_512 Hash for test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x04,0xA3,0x71,0xE8,0x4E,0xCF,0xB5,0xB8,0xB7,0x7C,0xB4,0x86,0x10,0xFC,0xA8,0x18, 0x2D,0xD4,0x57,0xCE,0x6F,0x32,0x6A,0x0F,0xD3,0xD7,0xEC,0x2F,0x1E,0x91,0x63,0x6D, 0xEE,0x69,0x1F,0xBE,0x0C,0x98,0x53,0x02,0xBA,0x1B,0x0D,0x8D,0xC7,0x8C,0x08,0x63, 0x46,0xB5,0x33,0xB4,0x9C,0x03,0x0D,0x99,0xA2,0x7D,0xAF,0x11,0x39,0xD6,0xE7,0x5E, }, // SHA3_512 Hash for test 2: 1,000,000 'a' { 0x3C,0x3A,0x87,0x6D,0xA1,0x40,0x34,0xAB,0x60,0x62,0x7C,0x07,0x7B,0xB9,0x8F,0x7E, 0x12,0x0A,0x2A,0x53,0x70,0x21,0x2D,0xFF,0xB3,0x38,0x5A,0x18,0xD4,0xF3,0x88,0x59, 0xED,0x31,0x1D,0x0A,0x9D,0x51,0x41,0xCE,0x9C,0xC5,0xC6,0x6E,0xE6,0x89,0xB2,0x66, 0xA8,0xAA,0x18,0xAC,0xE8,0x28,0x2A,0x0E,0x0D,0xB5,0x96,0xC9,0x0B,0x0A,0x7B,0x87, }, }; int new_api_sha3_512_test(void) { sha3_512_context_t sha3_512_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHA3_512_HASH_LENGTH; unsigned char output_hash[SHA3_512_HASH_LENGTH]; unsigned int errors = 0; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 2 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 2) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); if (i != 2) dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); else VV_(printf("Data suppressed (1.000.000 'a'), too much output.\n")); rc = ica_sha3_512(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &sha3_512_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_512 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHA3_512_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } } // This test is the same as test 2, except that we use the SHA512_CONTEXT and // break it into calls of 1152 bytes each (which is 16 * 72, where 72 is the // SHA3-512 input block size). V_(printf("\nOriginal data for test 2 (chunks = 1152) is calls of 1152 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1152); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1152) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha3_512(sha_message_part, (i < 1152) ? i : 1152, input_data, &sha3_512_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_512 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 1152; } VV_(printf("\nOutput hash for test 2 (chunks = 1152):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_512_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 2, except that we use the // SHA3_512_CONTEXT and break it into calls of 72 bytes each. V_(printf("\nOriginal data for test 2 (chunks = 72) is calls of 72 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 72); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 72) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_sha3_512(sha_message_part, (i < 72) ? i : 72, input_data, &sha3_512_context, output_hash); if (rc != 0) { V_(printf("ica_sha3_512 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 72; } VV_(printf("\nOutput hash for test 2 (chunks = 72):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHA3_512_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } if (errors) { printf("%d out of %d SHA3_512 tests did not return the expected result.\n", errors, (NUM_FIPS_TESTS+2)); return TEST_FAIL; } printf("All SHA3_512 tests passed.\n"); return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHA3-512 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); if (!sha3_available()) { printf("Skipping SHA3-512 test, because SHA3 not available on this machine.\n"); return TEST_SKIP; } rc = new_api_sha3_512_test(); if (rc) { printf("new_api_sha3_512_test: returned rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/sha3_test.sh000077500000000000000000000000631417716165400161650ustar00rootroot00000000000000#!/bin/sh ./sha_test -sha3 $LIBICA_TESTDATA/sha3/* libica-4.0.1/test/sha_test.c000066400000000000000000001061001417716165400157060ustar00rootroot00000000000000/* * usage: sha_test [-sha3] * test for sha2 and sha3 * test vectors are read from .rsp files and put in the queue * the included .rsp files are obtained from nist: * http://csrc.nist.gov/groups/STM/cavp/index.html#03 */ #include #include #include #include #include "ica_api.h" #include "testcase.h" /* terminate on critical error */ #define CRITICAL_ERROR(msg) \ do { \ fprintf(stderr, "critical error in %s: " msg "\n",__func__); \ exit(TEST_ERR); \ } while(0) #define BUFFER_SIZE 32768 #define SHA1_BLOCK_SIZE (512 / 8) #define SHA224_BLOCK_SIZE (512 / 8) #define SHA256_BLOCK_SIZE (512 / 8) #define SHA384_BLOCK_SIZE (1024 / 8) #define SHA512_BLOCK_SIZE (1024 / 8) #define SHA3_224_BLOCK_SIZE (1152 / 8) #define SHA3_256_BLOCK_SIZE (1088 / 8) #define SHA3_384_BLOCK_SIZE (832 / 8) #define SHA3_512_BLOCK_SIZE (576 / 8) #define NO_TYPE_SET 0 #define NO_LENGTH_SET 0 /* * type: NO_TYPE_SET, SHA1, SHA224, SHA256, SHA384, SHA512 * msg_digest_length: SHA1_HASH_LENGTH, SHA224_HASH_LENGHT, SHA256_HASH_LENGTH, * SHA384_HASH_LENGTH, SHA512_HASH_LENGTH */ typedef struct test_t { unsigned int type; unsigned char *msg; unsigned int msg_length; unsigned char *msg_digest; unsigned int msg_digest_length; struct test_t *next; } test_t; typedef struct queue_t { unsigned int size; unsigned int passed; unsigned int failed; test_t *head; test_t *tail; } queue_t; #ifndef NO_CPACF static test_t new_test_t(void); static queue_t new_queue_t(void); static void push(queue_t * queue, test_t test); static int read_test_data(FILE * test_data, int sha3_flag); static int line_to_bytes(char *line, int length); static int sha1_new_api_test(test_t * test); static int sha224_new_api_test(test_t * test); static int sha256_new_api_test(test_t * test); static int sha384_new_api_test(test_t * test); static int sha512_new_api_test(test_t * test); static int sha512_224_new_api_test(test_t * test); static int sha512_256_new_api_test(test_t * test); static int sha3_224_api_test(test_t * test); static int sha3_256_api_test(test_t * test); static int sha3_384_api_test(test_t * test); static int sha3_512_api_test(test_t * test); static queue_t queue; #endif /* NO_CPACF */ int main(int argc, char *argv[]) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHA-1 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else test_t *curr_test; FILE *test_data; int i, j, rc, sha3_flag, sha3; sha3 = sha3_available(); sha3_flag = 0; j = 1; for (i = 1; i < argc; i++) { if (argv[i][0] == '-') { if ((argv[i][1] == 'v') || (argv[i][1] == 'V')) set_verbosity(2, argv); if (!strcasecmp(argv[i],"-sha3")) sha3_flag = 1; j++; } } if (!sha3 && sha3_flag) { printf("Skipping SHA3: not available...\n"); return TEST_SKIP; } if (argc - j == 0) { printf("error: no input files.\n"); return TEST_SKIP; } queue = new_queue_t(); /* read test vectors from .rsp file(s) and put on queue */ for (i = j; i < argc; i++) { if ((test_data = fopen(argv[i], "r")) != NULL) { VV_(printf("reading test data from %s ... ", argv[i])); if (read_test_data(test_data, sha3_flag) == TEST_SUCC) { VV_(printf("done.\n")); } if ((fclose(test_data)) == EOF) { V_(printf("error: couldn't close file %s.\n", argv[i])); } } else { V_(printf("error: couldn't open file %s.\n", argv[i])); } } VV_(printf("%u test vectors found.\n", queue.size)); if (queue.size > 0) { V_(printf("starting tests ...\n\n")); } else { printf("error: no SHA test vectors found.\n"); return TEST_SKIP; } for (curr_test = queue.head, i = 1; curr_test != NULL; curr_test = curr_test->next, i++) { V_(printf("test #%d : %u byte input message, ", i, curr_test->msg_length)); switch (curr_test->type) { case SHA1: V_(printf("SHA1 ...\n")); rc = sha1_new_api_test(curr_test); break; case SHA224: V_(printf("SHA224 ...\n")); rc = sha224_new_api_test(curr_test); break; case SHA256: V_(printf("SHA256 ...\n")); rc = sha256_new_api_test(curr_test); break; case SHA384: V_(printf("SHA384 ...\n")); rc = sha384_new_api_test(curr_test); break; case SHA512: V_(printf("SHA512 ...\n")); rc = sha512_new_api_test(curr_test); break; case SHA512_224: V_(printf("SHA512/224 ...\n")); rc = sha512_224_new_api_test(curr_test); break; case SHA512_256: V_(printf("SHA512/256 ...\n")); rc = sha512_256_new_api_test(curr_test); break; case SHA3_224: V_(printf("SHA3-224 ...\n")); rc = sha3_224_api_test(curr_test); break; case SHA3_256: V_(printf("SHA3-256 ...\n")); rc = sha3_256_api_test(curr_test); break; case SHA3_384: V_(printf("SHA3-384 ...\n")); rc = sha3_384_api_test(curr_test); break; case SHA3_512: V_(printf("SHA3-512 ...\n")); rc = sha3_512_api_test(curr_test); break; default: CRITICAL_ERROR("Unknown algorithm.\n"); rc = -1; break; } if (!rc) { V_(printf("... Passed.\n")); queue.passed++; } else { V_(printf("error: (%x).\n", rc)); queue.failed++; } } V_(printf("[SHA test case results: tests: %u, passed: %u, failed: %u]\n", queue.passed + queue.failed, queue.passed, queue.failed)); if (queue.failed != 0) { printf("SHA%s tests failed.\n", sha3_flag ? "3" : ""); return TEST_FAIL; } printf("All SHA%s tests passed.\n", sha3_flag ? "3" : ""); return TEST_SUCC; #endif /* NO_CPACF */ } #ifndef NO_CPACF static test_t new_test_t(void) { test_t test; test.type = NO_TYPE_SET; test.msg = NULL; test.msg_length = 0; test.msg_digest = NULL; test.msg_digest_length = 0; test.next = NULL; return test; } static queue_t new_queue_t(void) { queue_t queue; queue.size = 0; queue.passed = 0; queue.failed = 0; queue.head = NULL; queue.tail = NULL; return queue; } static void push(queue_t * queue, test_t test) { test_t *new_test; if ((new_test = (test_t *) malloc(sizeof(test_t))) == NULL) CRITICAL_ERROR("out of memory."); new_test->type = test.type; new_test->msg_length = test.msg_length; new_test->msg_digest_length = test.msg_digest_length; new_test->msg = (unsigned char *)malloc((size_t) test.msg_length); memcpy(new_test->msg, test.msg, (size_t) test.msg_length); new_test->msg_digest = (unsigned char *)malloc((size_t) test.msg_digest_length); memcpy(new_test->msg_digest, test.msg_digest, (size_t) test.msg_digest_length); new_test->next = NULL; if (queue->head == NULL) queue->head = new_test; else queue->tail->next = new_test; queue->tail = new_test; queue->size++; } static int read_test_data(FILE * test_data, int sha3_flag) { char buffer[BUFFER_SIZE]; enum { MSG_LENGTH, MSG, MSG_DIGEST } search_term; test_t tmp_test = new_test_t(); unsigned int current_type = NO_TYPE_SET; unsigned int current_msg_digest_length = NO_LENGTH_SET; char parsed_type[20]; unsigned int line_number = 0; char *tmp = NULL; char *tmp2 = NULL; search_term = MSG_LENGTH; memset(parsed_type, 0, sizeof(parsed_type)); while (fgets(buffer, (int)sizeof buffer, test_data) != NULL) { line_number++; /* remove comments */ if ((tmp = memchr(buffer, (int)'#', strlen(buffer))) != NULL) { if ((tmp2 = strstr(buffer, "SHA-512/")) != NULL) strncpy(parsed_type, tmp2, strlen("SHA-512/XXX")); memset(tmp, 0, strlen(tmp)); } /* scan for: type/msg_digest_length */ if (((sscanf(buffer, "[L = %u]", ¤t_msg_digest_length)) == 1) || (current_type == NO_TYPE_SET)) { if (tmp_test.type != NO_TYPE_SET) { printf ("error:\nincorrect file format [line %u]: test type mustn't change during test definition. closing file.\n", line_number); return TEST_FAIL; } /* SHA3 test vector's length is specified in bits. */ if (sha3_flag) current_msg_digest_length /= 8; switch (current_msg_digest_length) { case NO_LENGTH_SET: continue; case SHA1_HASH_LENGTH: current_type = SHA1; break; case SHA224_HASH_LENGTH: current_type = sha3_flag ? SHA3_224 : strcmp(parsed_type, "SHA-512/224") == 0 ? SHA512_224 : SHA224; break; case SHA256_HASH_LENGTH: current_type = sha3_flag ? SHA3_256 : strcmp(parsed_type, "SHA-512/256") == 0 ? SHA512_256 : SHA256; break; case SHA384_HASH_LENGTH: current_type = sha3_flag ? SHA3_384 : SHA384; break; case SHA512_HASH_LENGTH: current_type = sha3_flag ? SHA3_512 : SHA512; break; default: CRITICAL_ERROR("this shouldn't happen."); break; } } /* scan for: 1st msg_length, 2nd msg, 3rd msg_digest. repeat */ switch (search_term) { case MSG_LENGTH: if (sscanf(buffer, "Len = %u", &tmp_test.msg_length) == 1) { if ((tmp_test.msg_length % 8) != 0) { printf ("error:\nincorrect file format [line %u]: message bit-length must be a multiple of 8. closing file.", line_number); return TEST_FAIL; } tmp_test.msg_length /= 8; search_term = MSG; } break; case MSG: if (sscanf(buffer, "Msg = %s", buffer) == 1) { if ((int)strlen(buffer) % 2 != 0) { printf ("error:\nincorrect file format [line %u]: message should be bytes. closing file.\n", line_number); return TEST_FAIL; } if (line_to_bytes (buffer, (int)strlen(buffer)) == TEST_FAIL) { printf ("error:\nincorrect file format [line %u]: message contains characters different from hex values. closing file.\n", line_number); return TEST_FAIL; } if ((tmp_test.msg = (unsigned char *) malloc((size_t) tmp_test.msg_length)) == NULL) CRITICAL_ERROR("out of memory."); memcpy(tmp_test.msg, buffer, (size_t) tmp_test.msg_length); search_term = MSG_DIGEST; } break; case MSG_DIGEST: if (sscanf(buffer, "MD = %s", buffer) == 1) { if (((int)strlen(buffer) % 2 != 0) || (((unsigned int)strlen(buffer) / 2) != current_msg_digest_length)) { printf ("error:\nincorrect file format [line %u]: message digest length doesn't match test type. closing file.\n", line_number); free(tmp_test.msg); return TEST_FAIL; } if (line_to_bytes (buffer, (int)strlen(buffer)) == TEST_FAIL) { printf ("error:\nincorrect file format [line %u]: message digest contains characters different from hex values. closing file.\n", line_number); free(tmp_test.msg); return TEST_FAIL; } if ((tmp_test.msg_digest = (unsigned char *) malloc((size_t) current_msg_digest_length)) == NULL) CRITICAL_ERROR("out of memory."); memcpy(tmp_test.msg_digest, buffer, (size_t) current_msg_digest_length); tmp_test.type = current_type; tmp_test.msg_digest_length = current_msg_digest_length; push(&queue, tmp_test); free(tmp_test.msg); free(tmp_test.msg_digest); tmp_test = new_test_t(); search_term = MSG_LENGTH; } break; default: CRITICAL_ERROR("this shouldn't happen."); break; } if (feof(test_data) != 0) { CRITICAL_ERROR("read error."); } } free(tmp_test.msg); free(tmp_test.msg_digest); if (feof(test_data) == 0) { printf("error:\ndidn't reach end of file. closing file.\n"); return TEST_FAIL; } return TEST_SUCC; } static int line_to_bytes(char *line, int length) { int i; unsigned char *bytes; if ((bytes = (unsigned char *) malloc((size_t) (length / 2))) == NULL) CRITICAL_ERROR("out of memory."); for (i = 0; i <= ((length / 2) - 1); i++) { if (line[2 * i] >= 'a' && line[2 * i] <= 'f') line[2 * i] = line[2 * i] - 'a' + (char)10; else if (line[2 * i] >= '0' && line[2 * i] <= '9') line[2 * i] = line[2 * i] - '0'; else if (line[2 * i] >= 'A' && line[2 * i] <= 'F') line[2 * i] = line[2 * i] - 'A' + (char)10; else { free(bytes); return TEST_FAIL; } bytes[i] = (unsigned char)(line[2 * i] * (char)16); if (line[2 * i + 1] >= 'a' && line[2 * i + 1] <= 'f') line[2 * i + 1] = line[2 * i + 1] - (char)87; else if (line[2 * i + 1] >= '0' && line[2 * i + 1] <= '9') line[2 * i + 1] = line[2 * i + 1] - (char)48; else if (line[2 * i + 1] >= 'A' && line[2 * i + 1] <= 'F') line[2 * i + 1] = line[2 * i + 1] - 'A' + (char)10; else { free(bytes); return TEST_FAIL; } bytes[i] += (unsigned char)line[2 * i + 1]; } memcpy(line, bytes, (size_t) (length / 2)); memset(line + length / 2, 0, (size_t) (length / 2 + 1)); free(bytes); return TEST_SUCC; } static int sha1_new_api_test(test_t * test) { sha_context_t sha_context; int rc = 0; size_t off; unsigned char output[SHA_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha1(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha_context, output); if (rc != 0) { V_(printf("ica_sha1 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest (new api)\n")); dump_array(output, SHA_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA1_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha1(SHA_MSG_PART_FIRST, SHA1_BLOCK_SIZE, test->msg, &sha_context, output); if (rc != 0) { V_(printf("ica_sha1 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA1_BLOCK_SIZE; off < test->msg_length - SHA1_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA1_BLOCK_SIZE + 1); rc = (int)ica_sha1(SHA_MSG_PART_MIDDLE, i * SHA1_BLOCK_SIZE, test->msg + off, &sha_context, output); if (rc != 0) { V_(printf("ica_sha1 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA1_BLOCK_SIZE; } rc = (int)ica_sha1(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha_context, output); if (rc != 0) { V_(printf("ica_sha1 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA1_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA1_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha224_new_api_test(test_t * test) { sha256_context_t sha256_context; int rc = 0; size_t off; unsigned char output[SHA224_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA224_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha224(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha224 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest (new api)\n")); dump_array(output, SHA224_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA224_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA224_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha224(SHA_MSG_PART_FIRST, SHA224_BLOCK_SIZE, test->msg, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha224 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA224_BLOCK_SIZE; off < test->msg_length - SHA224_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA224_BLOCK_SIZE + 1); rc = (int)ica_sha224(SHA_MSG_PART_MIDDLE, i * SHA224_BLOCK_SIZE, test->msg + off, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha224 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA224_BLOCK_SIZE; } rc = (int)ica_sha224(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha224 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA224_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA224_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha256_new_api_test(test_t * test) { sha256_context_t sha256_context; int rc = 0; size_t off; unsigned char output[SHA256_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA256_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha256(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha256 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest (new api)\n")); dump_array(output, SHA256_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA256_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA256_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha256(SHA_MSG_PART_FIRST, SHA256_BLOCK_SIZE, test->msg, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha256 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA256_BLOCK_SIZE; off < test->msg_length - SHA256_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA256_BLOCK_SIZE + 1); rc = (int)ica_sha256(SHA_MSG_PART_MIDDLE, i * SHA256_BLOCK_SIZE, test->msg + off, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha256 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA256_BLOCK_SIZE; } rc = (int)ica_sha256(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha256_context, output); if (rc != 0) { V_(printf("ica_sha256 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA256_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA256_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha384_new_api_test(test_t * test) { sha512_context_t sha512_context; int rc = 0; size_t off; unsigned char output[SHA384_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA384_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha384(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha384 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest (new api)\n")); dump_array(output, SHA384_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA384_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA384_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha384(SHA_MSG_PART_FIRST, SHA384_BLOCK_SIZE, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha384 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA384_BLOCK_SIZE; off < test->msg_length - SHA384_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA384_BLOCK_SIZE + 1); rc = (int)ica_sha384(SHA_MSG_PART_MIDDLE, i * SHA384_BLOCK_SIZE, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha384 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA384_BLOCK_SIZE; } rc = (int)ica_sha384(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha384 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA384_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA384_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha512_new_api_test(test_t * test) { sha512_context_t sha512_context; int rc = 0; size_t off; unsigned char output[SHA512_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA512_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha512(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest (new api)\n")); dump_array(output, SHA512_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA512_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA512_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha512(SHA_MSG_PART_FIRST, SHA512_BLOCK_SIZE, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA512_BLOCK_SIZE; off < test->msg_length - SHA512_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA512_BLOCK_SIZE + 1); rc = (int)ica_sha512(SHA_MSG_PART_MIDDLE, i * SHA512_BLOCK_SIZE, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA512_BLOCK_SIZE; } rc = (int)ica_sha512(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA512_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA512_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha512_224_new_api_test(test_t * test) { sha512_context_t sha512_context; int rc = 0; size_t off; unsigned char output[SHA512_224_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA512_224_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha512_224(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_224 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest (new api)\n")); dump_array(output, SHA512_224_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA512_224_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA512_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha512_224(SHA_MSG_PART_FIRST, SHA512_BLOCK_SIZE, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_224 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA512_BLOCK_SIZE; off < test->msg_length - SHA512_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA512_BLOCK_SIZE + 1); rc = (int)ica_sha512_224(SHA_MSG_PART_MIDDLE, i * SHA512_BLOCK_SIZE, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_224 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA512_BLOCK_SIZE; } rc = (int)ica_sha512_224(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_224 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA512_224_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA512_224_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha512_256_new_api_test(test_t * test) { sha512_context_t sha512_context; int rc = 0; size_t off; unsigned char output[SHA512_256_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA512_256_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha512_256(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_256 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest (new api)\n")); dump_array(output, SHA512_256_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA512_256_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA512_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha512_256(SHA_MSG_PART_FIRST, SHA512_BLOCK_SIZE, test->msg, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_256 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA512_BLOCK_SIZE; off < test->msg_length - SHA512_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA512_BLOCK_SIZE + 1); rc = (int)ica_sha512_256(SHA_MSG_PART_MIDDLE, i * SHA512_BLOCK_SIZE, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_256 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA512_BLOCK_SIZE; } rc = (int)ica_sha512_256(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha512_context, output); if (rc != 0) { V_(printf("ica_sha512_256 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA512_256_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA512_256_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha3_224_api_test(test_t * test) { sha3_224_context_t sha3_224_context; int rc = 0; size_t off; unsigned char output[SHA3_224_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA3_224_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha3_224(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha3_224_context, output); if (rc != 0) { V_(printf("ica_sha3_224 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_224_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_224_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA3_224_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha3_224(SHA_MSG_PART_FIRST, SHA3_224_BLOCK_SIZE, test->msg, &sha3_224_context, output); if (rc != 0) { V_(printf("ica_sha3_224 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA3_224_BLOCK_SIZE; off < test->msg_length - SHA3_224_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA3_224_BLOCK_SIZE + 1); rc = (int)ica_sha3_224(SHA_MSG_PART_MIDDLE, i * SHA3_224_BLOCK_SIZE, test->msg + off, &sha3_224_context, output); if (rc != 0) { V_(printf("ica_sha3_224 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA3_224_BLOCK_SIZE; } rc = (int)ica_sha3_224(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha3_224_context, output); if (rc != 0) { V_(printf("ica_sha3_224 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_224_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_224_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha3_256_api_test(test_t * test) { sha3_256_context_t sha3_256_context; int rc = 0; size_t off; unsigned char output[SHA3_256_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA3_256_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha3_256(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha3_256_context, output); if (rc != 0) { V_(printf("ica_sha3_256 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_256_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_256_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA3_256_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha3_256(SHA_MSG_PART_FIRST, SHA3_256_BLOCK_SIZE, test->msg, &sha3_256_context, output); if (rc != 0) { V_(printf("ica_sha3_256 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA3_256_BLOCK_SIZE; off < test->msg_length - SHA3_256_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA3_256_BLOCK_SIZE + 1); rc = (int)ica_sha3_256(SHA_MSG_PART_MIDDLE, i * SHA3_256_BLOCK_SIZE, test->msg + off, &sha3_256_context, output); if (rc != 0) { V_(printf("ica_sha3_256 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA3_256_BLOCK_SIZE; } rc = (int)ica_sha3_256(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha3_256_context, output); if (rc != 0) { V_(printf("ica_sha3_256 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_256_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_256_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha3_384_api_test(test_t * test) { sha3_384_context_t sha3_384_context; int rc = 0; size_t off; unsigned char output[SHA3_384_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA3_384_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha3_384(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha3_384_context, output); if (rc != 0) { V_(printf("ica_sha3_384 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_384_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_384_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA3_384_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha3_384(SHA_MSG_PART_FIRST, SHA3_384_BLOCK_SIZE, test->msg, &sha3_384_context, output); if (rc != 0) { V_(printf("ica_sha3_384 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA3_384_BLOCK_SIZE; off < test->msg_length - SHA3_384_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA3_384_BLOCK_SIZE + 1); rc = (int)ica_sha3_384(SHA_MSG_PART_MIDDLE, i * SHA3_384_BLOCK_SIZE, test->msg + off, &sha3_384_context, output); if (rc != 0) { V_(printf("ica_sha3_384 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA3_384_BLOCK_SIZE; } rc = (int)ica_sha3_384(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha3_384_context, output); if (rc != 0) { V_(printf("ica_sha3_384 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_384_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_384_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } static int sha3_512_api_test(test_t * test) { sha3_512_context_t sha3_512_context; size_t off; int rc = 0; unsigned char output[SHA3_512_HASH_LENGTH]; time_t seed; int i; srand(time(&seed)); if (test->msg_digest_length != SHA3_512_HASH_LENGTH) CRITICAL_ERROR("this shouldn't happen."); rc = (int)ica_sha3_512(SHA_MSG_PART_ONLY, test->msg_length, test->msg, &sha3_512_context, output); if (rc != 0) { V_(printf("ica_sha3_512 failed with errno %d (0x%x).\n", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_512_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_512_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } if (test->msg_length <= SHA3_512_BLOCK_SIZE) return TEST_SUCC; rc = (int)ica_sha3_512(SHA_MSG_PART_FIRST, SHA3_512_BLOCK_SIZE, test->msg, &sha3_512_context, output); if (rc != 0) { V_(printf("ica_sha3_512 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FIRST", rc, (unsigned int)rc)); return TEST_FAIL; } for (off = SHA3_512_BLOCK_SIZE; off < test->msg_length - SHA3_512_BLOCK_SIZE;) { i = rand() % ((test->msg_length - off) / SHA3_512_BLOCK_SIZE + 1); rc = (int)ica_sha3_512(SHA_MSG_PART_MIDDLE, i * SHA3_512_BLOCK_SIZE, test->msg + off, &sha3_512_context, output); if (rc != 0) { V_(printf("ica_sha3_512 %s failed" " with errno %d (0x%x).\n", "SHA_MSG_PART_MIDDLE", rc, (unsigned int)rc)); return TEST_FAIL; } off += i * SHA3_512_BLOCK_SIZE; } rc = (int)ica_sha3_512(SHA_MSG_PART_FINAL, test->msg_length - off, test->msg + off, &sha3_512_context, output); if (rc != 0) { V_(printf("ica_sha3_512 %s failed with errno %d (0x%x).\n", "SHA_MSG_PART_FINAL", rc, (unsigned int)rc)); return TEST_FAIL; } VV_(printf("message digest\n")); dump_array(output, SHA3_512_HASH_LENGTH); if (memcmp(output, test->msg_digest, SHA3_512_HASH_LENGTH) != 0) { V_(printf("output is not what it should be.\n")); return TEST_FAIL; } return TEST_SUCC; } #endif /* NO_CPACF */ libica-4.0.1/test/shake_128_test.c000066400000000000000000000161571417716165400166340ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2016 */ /* (C) COPYRIGHT International Business Machines Corp. 2016 */ #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 3 /** * The SHAKE algo has a variable output length, so we cannot use a static * value as for the other SHA algos. However, a known answer test requires * having pre-calculated results, so let's use a fixed output length of * 512 bits (64 bytes) for this test. */ #define SHAKE128_64_HASH_LENGTH 64 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: "abc" { 0x61,0x62,0x63 }, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 2: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: "abc" 3, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 2: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHAKE128_64_HASH_LENGTH] = { // SHAKE_128(512) Hash for test 0: "abc" { 0x58,0x81,0x09,0x2D,0xD8,0x18,0xBF,0x5C,0xF8,0xA3,0xDD,0xB7,0x93,0xFB,0xCB,0xA7, 0x40,0x97,0xD5,0xC5,0x26,0xA6,0xD3,0x5F,0x97,0xB8,0x33,0x51,0x94,0x0F,0x2C,0xC8, 0x44,0xC5,0x0A,0xF3,0x2A,0xCD,0x3F,0x2C,0xDD,0x06,0x65,0x68,0x70,0x6F,0x50,0x9B, 0xC1,0xBD,0xDE,0x58,0x29,0x5D,0xAE,0x3F,0x89,0x1A,0x9A,0x0F,0xCA,0x57,0x83,0x78, }, // SHAKE_128(512) Hash for test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x1A,0x96,0x18,0x2B,0x50,0xFB,0x8C,0x7E,0x74,0xE0,0xA7,0x07,0x78,0x8F,0x55,0xE9, 0x82,0x09,0xB8,0xD9,0x1F,0xAD,0xE8,0xF3,0x2F,0x8D,0xD5,0xCF,0xF7,0xBF,0x21,0xF5, 0x4E,0xE5,0xF1,0x95,0x50,0x82,0x5A,0x6E,0x07,0x00,0x30,0x51,0x9E,0x94,0x42,0x63, 0xAC,0x1C,0x67,0x65,0x28,0x70,0x65,0x62,0x1F,0x9F,0xCB,0x32,0x01,0x72,0x3E,0x32, }, // SHAKE_128(512) Hash for test 2: 1,000,000 'a' { 0x9D,0x22,0x2C,0x79,0xC4,0xFF,0x9D,0x09,0x2C,0xF6,0xCA,0x86,0x14,0x3A,0xA4,0x11, 0xE3,0x69,0x97,0x38,0x08,0xEF,0x97,0x09,0x32,0x55,0x82,0x6C,0x55,0x72,0xEF,0x58, 0x42,0x4C,0x4B,0x5C,0x28,0x47,0x5F,0xFD,0xCF,0x98,0x16,0x63,0x86,0x7F,0xEC,0x63, 0x21,0xC1,0x26,0x2E,0x38,0x7B,0xCC,0xF8,0xCA,0x67,0x68,0x84,0xC4,0xA9,0xD0,0xC1, }, }; int new_api_shake_128_test(void) { shake_128_context_t shake_128_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHAKE128_64_HASH_LENGTH; unsigned char output_hash[SHAKE128_64_HASH_LENGTH]; unsigned int errors = 0; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 2 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 2) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); if (i != 2) dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); else VV_(printf("Data suppressed (1.000.000 'a'), too much output.\n")); rc = ica_shake_128(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &shake_128_context, output_hash, SHAKE128_64_HASH_LENGTH); if (rc != 0) { V_(printf("icaShake_128 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHAKE128_64_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } } // This test is the same as test 2, except that we use the SHAKE128_CONTEXT and // break it into calls of 1008 bytes each (which is 6 * 168, where 168 is the // SHAKE128 data block size. V_(printf("\nOriginal data for test 2 (chunks = 1008) is calls of 1008 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1008); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1008) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_shake_128(sha_message_part, (i < 1008) ? i : 1008, input_data, &shake_128_context, output_hash, SHAKE128_64_HASH_LENGTH); if (rc != 0) { V_(printf("ica_shake_128 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 1008; } VV_(printf("\nOutput hash for test 2 (chunks = 1008):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHAKE128_64_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 2, except that we use the // SHAKE_128_CONTEXT and break it into calls of 168 bytes each. V_(printf("\nOriginal data for test 2 (chunks = 168) is calls of 168 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 168); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 168) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_shake_128(sha_message_part, (i < 168) ? i : 168, input_data, &shake_128_context, output_hash, SHAKE128_64_HASH_LENGTH); if (rc != 0) { V_(printf("ica_shake_128 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 168; } VV_(printf("\nOutput hash for test 2 (chunks = 168):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHAKE128_64_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } if (errors) { printf("%d out of %d SHAKE_128 tests did not return the expected result.\n", errors, (NUM_FIPS_TESTS+2)); return TEST_FAIL; } else { printf("All SHAKE_128 tests passed.\n"); return TEST_SUCC; } } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHAKE-128 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); if (!sha3_available()) { printf("Skipping SHAKE-128 test, because SHA3/SHAKE not available on this machine.\n"); return TEST_SKIP; } rc = new_api_shake_128_test(); if (rc) { printf("new_api_shake_128_test: returned rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/shake_256_test.c000066400000000000000000000241611417716165400166300ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2016 */ /* (C) COPYRIGHT International Business Machines Corp. 2016 */ #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NUM_FIPS_TESTS 3 /** * The SHAKE algo has a variable output length, so we cannot use a static * value as for the other SHA algos. However, a known answer test requires * having pre-calculated results, so let's use a fixed big output length of * 2048 bits (256 bytes) for this test. This output length exceeds the * size of the KIMD/KLMD parmblock, so the output is directly written by * KIMD/KLMD to the provided output buffer. */ #define SHAKE256_256_HASH_LENGTH 256 unsigned char FIPS_TEST_DATA[NUM_FIPS_TESTS][64] = { // Test 0: "abc" { 0x61,0x62,0x63 }, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x61,0x62,0x63,0x64,0x62,0x63,0x64,0x65,0x63,0x64,0x65,0x66,0x64,0x65,0x66,0x67, 0x65,0x66,0x67,0x68,0x66,0x67,0x68,0x69,0x67,0x68,0x69,0x6a,0x68,0x69,0x6a,0x6b, 0x69,0x6a,0x6b,0x6c,0x6a,0x6b,0x6c,0x6d,0x6b,0x6c,0x6d,0x6e,0x6c,0x6d,0x6e,0x6f, 0x6d,0x6e,0x6f,0x70,0x6e,0x6f,0x70,0x71, }, // Test 2: 1,000,000 'a' -- don't actually use this... see the special case // in the loop below. { 0x61, }, }; unsigned int FIPS_TEST_DATA_SIZE[NUM_FIPS_TESTS] = { // Test 0: "abc" 3, // Test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 56, // Test 2: 1,000,000 'a' 1000000, }; unsigned char FIPS_TEST_RESULT[NUM_FIPS_TESTS][SHAKE256_256_HASH_LENGTH] = { // SHAKE_256(2048) Hash for test 0: "abc" { 0x48,0x33,0x66,0x60,0x13,0x60,0xa8,0x77,0x1c,0x68,0x63,0x08,0x0c,0xc4,0x11,0x4d, 0x8d,0xb4,0x45,0x30,0xf8,0xf1,0xe1,0xee,0x4f,0x94,0xea,0x37,0xe7,0x8b,0x57,0x39, 0xd5,0xa1,0x5b,0xef,0x18,0x6a,0x53,0x86,0xc7,0x57,0x44,0xc0,0x52,0x7e,0x1f,0xaa, 0x9f,0x87,0x26,0xe4,0x62,0xa1,0x2a,0x4f,0xeb,0x06,0xbd,0x88,0x01,0xe7,0x51,0xe4, 0x13,0x85,0x14,0x12,0x04,0xf3,0x29,0x97,0x9f,0xd3,0x04,0x7a,0x13,0xc5,0x65,0x77, 0x24,0xad,0xa6,0x4d,0x24,0x70,0x15,0x7b,0x3c,0xdc,0x28,0x86,0x20,0x94,0x4d,0x78, 0xdb,0xcd,0xdb,0xd9,0x12,0x99,0x3f,0x09,0x13,0xf1,0x64,0xfb,0x2c,0xe9,0x51,0x31, 0xa2,0xd0,0x9a,0x3e,0x6d,0x51,0xcb,0xfc,0x62,0x27,0x20,0xd7,0xa7,0x5c,0x63,0x34, 0xe8,0xa2,0xd7,0xec,0x71,0xa7,0xcc,0x29,0xcf,0x0e,0xa6,0x10,0xee,0xff,0x1a,0x58, 0x82,0x90,0xa5,0x30,0x00,0xfa,0xa7,0x99,0x32,0xbe,0xce,0xc0,0xbd,0x3c,0xd0,0xb3, 0x3a,0x7e,0x5d,0x39,0x7f,0xed,0x1a,0xda,0x94,0x42,0xb9,0x99,0x03,0xf4,0xdc,0xfd, 0x85,0x59,0xed,0x39,0x50,0xfa,0xf4,0x0f,0xe6,0xf3,0xb5,0xd7,0x10,0xed,0x3b,0x67, 0x75,0x13,0x77,0x1a,0xf6,0xbf,0xe1,0x19,0x34,0x81,0x7e,0x87,0x62,0xd9,0x89,0x6b, 0xa5,0x79,0xd8,0x8d,0x84,0xba,0x7a,0xa3,0xcd,0xc7,0x05,0x5f,0x67,0x96,0xf1,0x95, 0xbd,0x9a,0xe7,0x88,0xf2,0xf5,0xbb,0x96,0x10,0x0d,0x6b,0xba,0xff,0x7f,0xbc,0x6e, 0xea,0x24,0xd4,0x44,0x9a,0x24,0x77,0xd1,0x72,0xa5,0x50,0x7d,0xcc,0x93,0x14,0x12, }, // SHAKE_256(2048) Hash for test 1: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" { 0x4d,0x8c,0x2d,0xd2,0x43,0x5a,0x01,0x28,0xee,0xfb,0xb8,0xc3,0x6f,0x6f,0x87,0x13, 0x3a,0x79,0x11,0xe1,0x8d,0x97,0x9e,0xe1,0xae,0x6b,0xe5,0xd4,0xfd,0x2e,0x33,0x29, 0x40,0xd8,0x68,0x8a,0x4e,0x6a,0x59,0xaa,0x80,0x60,0xf1,0xf9,0xbc,0x99,0x6c,0x05, 0xac,0xa3,0xc6,0x96,0xa8,0xb6,0x62,0x79,0xdc,0x67,0x2c,0x74,0x0b,0xb2,0x24,0xec, 0x37,0xa9,0x2b,0x65,0xdb,0x05,0x39,0xc0,0x20,0x34,0x55,0xf5,0x1d,0x97,0xcc,0xe4, 0xcf,0xc4,0x91,0x27,0xd7,0x26,0x0a,0xfc,0x67,0x3a,0xf2,0x08,0xba,0xf1,0x9b,0xe2, 0x12,0x33,0xf3,0xde,0xbe,0x78,0xd0,0x67,0x60,0xcf,0xa5,0x51,0xee,0x1e,0x07,0x91, 0x41,0xd4,0x9d,0xd3,0xef,0x7e,0x18,0x2b,0x15,0x24,0xdf,0x82,0xea,0x1c,0xef,0xe1, 0xc6,0xc3,0x96,0x61,0x75,0xf0,0x22,0x8d,0x35,0x88,0x7c,0xd9,0xf0,0x9b,0x05,0x45, 0x7f,0x6d,0x95,0x2f,0x9b,0x3b,0x32,0x46,0x4e,0x0b,0x3c,0x54,0xdc,0xc1,0x3e,0xfd, 0xb4,0xc5,0x4e,0x29,0xcd,0xb4,0x08,0x8f,0xaf,0x48,0x2c,0xdd,0xd0,0xa5,0xe6,0xb8, 0x22,0xf5,0xa8,0x0d,0x0c,0xc7,0x8d,0x4c,0xc9,0x01,0x31,0x90,0x6f,0xd5,0x15,0x9e, 0xb5,0x14,0x2e,0x15,0x50,0x24,0xb6,0x24,0x02,0xeb,0x00,0x17,0xf9,0x86,0xc9,0x63, 0x8b,0xa6,0x19,0x70,0xe9,0x08,0x6d,0xd9,0x48,0x84,0x27,0x5f,0x48,0x4d,0x3c,0x3b, 0x84,0x22,0x11,0x0e,0xd6,0x4f,0x07,0x9a,0xb2,0xc9,0xac,0xff,0x78,0xe8,0xbd,0x49, 0x51,0x92,0x3f,0x75,0xf0,0xa2,0xf1,0x8c,0x43,0x80,0x6c,0xe5,0xde,0x92,0x38,0x6f, }, // SHAKE_256(2048) Hash for test 2: 1,000,000 'a' { 0x35,0x78,0xa7,0xa4,0xca,0x91,0x37,0x56,0x9c,0xdf,0x76,0xed,0x61,0x7d,0x31,0xbb, 0x99,0x4f,0xca,0x9c,0x1b,0xbf,0x8b,0x18,0x40,0x13,0xde,0x82,0x34,0xdf,0xd1,0x3a, 0x3f,0xd1,0x24,0xd4,0xdf,0x76,0xc0,0xa5,0x39,0xee,0x7d,0xd2,0xf6,0xe1,0xec,0x34, 0x61,0x24,0xc8,0x15,0xd9,0x41,0x0e,0x14,0x5e,0xb5,0x61,0xbc,0xd9,0x7b,0x18,0xab, 0x6c,0xe8,0xd5,0x55,0x3e,0x0e,0xab,0x3d,0x1f,0x7d,0xfb,0x8f,0x9d,0xee,0xfe,0x16, 0x84,0x7e,0x21,0x92,0xf6,0xf6,0x1f,0xb8,0x2f,0xb9,0x0d,0xde,0x60,0xb1,0x90,0x63, 0xc5,0x6a,0x4c,0x55,0xcd,0xd7,0xb6,0x72,0xb7,0x5b,0xf5,0x15,0xad,0xbf,0xe2,0x04, 0x90,0x3c,0x8c,0x00,0x36,0xde,0x54,0xa2,0x99,0x9a,0x92,0x0d,0xe9,0x0f,0x66,0xd7, 0xff,0x6e,0xc8,0xe4,0xc9,0x3d,0x24,0xae,0x34,0x6f,0xdc,0xb3,0xa5,0xa5,0xbd,0x57, 0x39,0xec,0x15,0xa6,0xed,0xdb,0x5c,0xe5,0xb0,0x2d,0xa5,0x30,0x39,0xfa,0xc6,0x3e, 0x19,0x55,0x5f,0xaa,0x2e,0xdd,0xc6,0x93,0xb1,0xf0,0xc2,0xa6,0xfc,0xbe,0x7c,0x0a, 0x0a,0x09,0x1d,0x0e,0xe7,0x00,0xd7,0x32,0x2e,0x4b,0x0f,0xf0,0x95,0x90,0xde,0x16, 0x64,0x22,0xf9,0xea,0xd5,0xda,0x4c,0x99,0x3d,0x60,0x5f,0xe4,0xd9,0xc6,0x34,0x84, 0x3a,0xa1,0x78,0xb1,0x76,0x72,0xc6,0x56,0x8c,0x8a,0x2e,0x62,0xab,0xeb,0xea,0x2c, 0x21,0xc3,0x02,0xbd,0x36,0x6a,0xd6,0x98,0x95,0x9e,0x1f,0x6e,0x43,0x4a,0xf1,0x55, 0x56,0x8b,0x27,0x34,0xd8,0x37,0x9f,0xcd,0x3f,0xfe,0x64,0x89,0xba,0xff,0xa6,0xd7, }, }; int new_api_shake_256_test(void) { shake_256_context_t shake_256_context; int rc = 0; int i = 0; unsigned char input_data[1000000]; unsigned int output_hash_length = SHAKE256_256_HASH_LENGTH; unsigned char output_hash[SHAKE256_256_HASH_LENGTH]; unsigned int errors = 0; for (i = 0; i < NUM_FIPS_TESTS; i++) { // Test 2 is a special one, because we want to keep the size of the // executable down, so we build it special, instead of using a static if (i != 2) memcpy(input_data, FIPS_TEST_DATA[i], FIPS_TEST_DATA_SIZE[i]); else memset(input_data, 'a', FIPS_TEST_DATA_SIZE[i]); VV_(printf("\nOriginal data for test %d:\n", i)); if (i != 2) dump_array(input_data, FIPS_TEST_DATA_SIZE[i]); else VV_(printf("Data suppressed (1.000.000 'a'), too much output.\n")); rc = ica_shake_256(SHA_MSG_PART_ONLY, FIPS_TEST_DATA_SIZE[i], input_data, &shake_256_context, output_hash, SHAKE256_256_HASH_LENGTH); if (rc != 0) { V_(printf("icaShake_256 failed with errno %d (0x%x).\n", rc, rc)); return TEST_FAIL; } VV_(printf("\nOutput hash for test %d:\n", i)); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[i], SHAKE256_256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } } // This test is the same as test 2, except that we use the SHA256_CONTEXT and // break it into calls of 1088 bytes each (which is 8 * 136, where 136 is the // SHAKE-256 block length. V_(printf("\nOriginal data for test 2(chunks = 1088) is calls of 1088 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 1088); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 1088) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_shake_256(sha_message_part, (i < 1088) ? i : 1088, input_data, &shake_256_context, output_hash, SHAKE256_256_HASH_LENGTH); if (rc != 0) { V_(printf("ica_shake_256 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 1088; } VV_(printf("\nOutput hash for test 2 (chunks = 1088):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHAKE256_256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } // This test is the same as test 2, except that we use the // SHA256_CONTEXT and break it into calls of 136 bytes each. V_(printf("\nOriginal data for test 2 (chunks = 136) is calls of 136 'a's at a time\n")); i = FIPS_TEST_DATA_SIZE[2]; while (i > 0) { unsigned int sha_message_part; memset(input_data, 'a', 136); if (i == (int)FIPS_TEST_DATA_SIZE[2]) sha_message_part = SHA_MSG_PART_FIRST; else if (i <= 136) sha_message_part = SHA_MSG_PART_FINAL; else sha_message_part = SHA_MSG_PART_MIDDLE; rc = ica_shake_256(sha_message_part, (i < 136) ? i : 136, input_data, &shake_256_context, output_hash, SHAKE256_256_HASH_LENGTH); if (rc != 0) { V_(printf("ica_shake_256 failed with errno %d (0x%x) on iteration %d.\n", rc, rc, i)); return TEST_FAIL; } i -= 136; } VV_(printf("\nOutput hash for test 2 (chunks = 136):\n")); dump_array(output_hash, output_hash_length); if (memcmp(output_hash, FIPS_TEST_RESULT[2], SHAKE256_256_HASH_LENGTH) != 0) { VV_(printf("This does NOT match the known result.\n")); errors++; } else { VV_(printf("Yep, it's what it should be.\n")); } if (errors) { printf("%d out of %d SHAKE_256 tests did not return the expected result.\n", errors, (NUM_FIPS_TESTS+2)); return TEST_FAIL; } else { printf("All SHAKE_256 tests passed.\n"); return TEST_SUCC; } } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping SHAKE-256 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; set_verbosity(argc, argv); if (!sha3_available()) { printf("Skipping SHAKE-256 test, because SHA3/SHAKE not available on this machine.\n"); return TEST_SKIP; } rc = new_api_shake_256_test(); if (rc) { printf("new_api_shake_256_test: returned rc = %i\n", rc); return TEST_FAIL; } return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/tdes_cbc_test.c000066400000000000000000000104761417716165400167130ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_RANDOM_TESTS 10000 void dump_cbc_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_3des_cbc(int iteration, unsigned int data_length) { unsigned int iv_length = sizeof(ica_des_vector_t); unsigned int key_length = sizeof(ica_des_key_triple_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_3des_cbc(input_data, encrypt, data_length, key, tmp_iv, 1); if (rc) { VV_(printf("ica_3des_cbc encrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("3DES CBC test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_3des_cbc(encrypt, decrypt, data_length, key, tmp_iv, 0); if (rc) { VV_(printf("ica_3des_cbc decrypt failed with rc = %i\n", rc)); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cbc_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Performs ECB,CBC and CFQ tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping TDES-CBC test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int data_length = sizeof(ica_des_vector_t); set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_3des_cbc(iteration, data_length); if (rc) { V_(printf("random_3des_cbc failed with rc = %i\n", rc)); error_count++; goto out; } data_length += sizeof(ica_des_vector_t); } out: if (error_count) { printf("%i 3DES-CBC tests failed.\n", error_count); return TEST_FAIL; } printf("All 3DES-CBC tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/tdes_cfb_test.c000066400000000000000000000113761417716165400167160ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 12 #define NR_RANDOM_TESTS 1000 void dump_cfb_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_des_cfb(int iteration, unsigned int data_length, unsigned int lcfb) { unsigned int iv_length = sizeof(ica_des_vector_t); unsigned int key_length = sizeof(ica_des_key_triple_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i," " lcfb = %i\n", key_length, data_length, iv_length, lcfb)); rc = ica_3des_cfb(input_data, encrypt, data_length, key, tmp_iv, lcfb, 1); if (rc) { VV_(printf("ica_3des_cfb encrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("3DES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_3des_cfb(encrypt, decrypt, data_length, key, tmp_iv, lcfb, 0); if (rc) { VV_(printf("ica_3des_cfb decrypt failed with rc = %i\n", rc)); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_cfb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping TDES-CFB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int rdata; unsigned int data_length = 1; unsigned int lcfb = 1; unsigned int j; set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { for (j = 1; j <= 2; j++) { if (!(data_length % lcfb)) { rc = random_des_cfb(iteration, data_length, lcfb); if (rc) { V_(printf("random_des_cfb failed with rc = %i\n", rc)); error_count++; } } switch (j) { case 1: lcfb = 1; break; case 2: lcfb = 8; break; } } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); exit(1); } data_length += (rdata % 8) + 1; } if (error_count) { printf("%i 3DES-CFB tests failed.\n", error_count); return TEST_FAIL; } printf("All 3DES-CFB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/tdes_ctr_test.c000066400000000000000000000105701417716165400167470ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_RANDOM_TESTS 1000 void dump_ctr_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int random_3des_ctr(int iteration, unsigned int data_length) { unsigned int key_length = sizeof(ica_des_key_triple_t); unsigned int iv_length = sizeof(ica_des_vector_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_random_number_generate(data_length, input_data); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("random number generate returned rc = %i, errno = %i\n", rc, errno)); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_3des_ctr(input_data, encrypt, data_length, key, tmp_iv, 32, 1); if (rc) { VV_(printf("ica_3des_ctr encrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Encrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } memcpy(tmp_iv, iv, iv_length); rc = ica_3des_ctr(encrypt, decrypt, data_length, key, tmp_iv, 32, 0); if (rc) { VV_(printf("ica_3des_ctr decrypt failed with rc = %i\n", rc)); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ctr_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping TDES-CTR test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else unsigned int endless = 0; unsigned int data_length = 1; unsigned int rdata; int error_count = 0; int i = 0; int rc = 0; set_verbosity(argc, argv); if (argc > 1) { if (strstr(argv[1], "endless")) endless = 1; } if (endless) { while (1) { VV_(printf("i = %i\n", i)); rc = random_3des_ctr(i, 320); if (rc) { VV_(printf("kat_3des_ctr failed with rc = %i\n", rc)); return TEST_FAIL; } else VV_(printf("kat_3des_ctr finished.n")); i++; } } else { for (i = 1; i < NR_RANDOM_TESTS; i++) { rc = random_3des_ctr(i, data_length); if (rc) { VV_(printf("random_3des_ctr failed with rc = %i\n", rc)); error_count++; } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { printf("ica_random_number_generate failed with errnor = %i\n", errno); exit(1); } data_length += (rdata % 8) + 1; } } if (error_count) { printf("%i 3DES-CTR tests failed.\n", error_count); return TEST_FAIL; } printf("All 3DES-CTR tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/tdes_ecb_test.c000066400000000000000000000174171417716165400167170ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_TESTS 2 #define NR_RANDOM_TESTS 10000 /* ECB data - 1 for 3DES192 */ unsigned char NIST_KEY_ECB_E1[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23, }; unsigned char NIST_TEST_DATA_ECB_E1[] = { 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, }; unsigned char NIST_TEST_RESULT_ECB_E1[] = { 0xCC, 0xE2, 0x1C, 0x81, 0x12, 0x25, 0x6F, 0xE6, }; /* ECB data - 2 - for 3DES128 */ unsigned char NIST_KEY_ECB_E2[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23, }; unsigned char NIST_TEST_DATA_ECB_E2[] = { 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x66, 0x63, 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, }; unsigned char NIST_TEST_RESULT_ECB_E2[] = { 0xA8, 0x26, 0xFD, 0x8C, 0xE5, 0x3B, 0x85, 0x5F, 0xCC, 0xE2, 0x1C, 0x81, 0x12, 0x25, 0x6F, 0xE6, 0x68, 0xD5, 0xC0, 0x5D, 0xD9, 0xB6, 0xB9, 0x00, }; void dump_ecb_data(unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } void get_sizes(unsigned int *data_length, unsigned int *key_length, unsigned int iteration) { switch (iteration) { case 1: *data_length = sizeof(NIST_TEST_DATA_ECB_E1); *key_length = sizeof(NIST_KEY_ECB_E1); break; case 2: *data_length = sizeof(NIST_TEST_DATA_ECB_E2); *key_length = sizeof(NIST_KEY_ECB_E2); break; default: *data_length = 0; *key_length = 0; break; } } void load_test_data(unsigned char *data, unsigned int data_length, unsigned char *result, unsigned char *key, unsigned int key_length, unsigned int iteration) { switch (iteration) { case 1: memcpy(data, NIST_TEST_DATA_ECB_E1, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E1, data_length); memcpy(key, NIST_KEY_ECB_E1, key_length); break; case 2: memcpy(data, NIST_TEST_DATA_ECB_E2, data_length); memcpy(result, NIST_TEST_RESULT_ECB_E2, data_length); memcpy(key, NIST_KEY_ECB_E2, key_length); break; } } int kat_3des_ecb(int iteration) { unsigned int data_length; unsigned int key_length; get_sizes(&data_length, &key_length, iteration); unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char result[data_length]; int rc = 0; VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i", key_length, data_length)); load_test_data(input_data, data_length, result, key, key_length, iteration); rc = ica_3des_ecb(input_data, encrypt, data_length, key, 1); if (rc) { VV_(printf("ica_3des_ecb encrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (memcmp(result, encrypt, data_length)) { VV_(printf("Encryption Result does not match the known ciphertext!\n")); VV_(printf("Expected data:\n")); dump_array(result, data_length); VV_(printf("Encryption Result:\n")); dump_array(encrypt, data_length); rc++; } if (rc) { VV_(printf("3DES ECB test exited after encryption\n")); return TEST_FAIL; } rc = ica_3des_ecb(encrypt, decrypt, data_length, key, 0); if (rc) { VV_(printf("ica_3des_ecb decrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_3des_ecb(int iteration, unsigned int data_length) { int rc = 0; unsigned int key_length = sizeof(ica_des_key_triple_t); unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; unsigned char key[key_length]; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, key, key_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i\n", key_length, data_length)); rc = ica_3des_ecb(input_data, encrypt, data_length, key, 1); if (rc) { VV_(printf("ica_3des_ecb encrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ecb_data(key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("3DES ECB test exited after encryption\n")); return TEST_FAIL; } rc = ica_3des_ecb(encrypt, decrypt, data_length, key, 0); if (rc) { VV_(printf("ica_3des_ecb decrypt failed with rc = %i\n", rc)); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ecb_data(key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; return TEST_FAIL; } if (rc) return TEST_FAIL; return TEST_SUCC; } /* * Performs ECB and CFQ tests. */ int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping TDES-ECB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int data_length = sizeof(ica_des_vector_t); set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_TESTS; iteration++) { rc = kat_3des_ecb(iteration); if (rc) { V_(printf("kat_3des_ecb failed with rc = %i\n", rc)); error_count++; } } for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_3des_ecb(iteration, data_length); if (rc) { V_(printf("random_3des_ecb failed with rc = %i\n", rc)); error_count++; goto out; } data_length += sizeof(ica_des_vector_t); } out: if (error_count) { printf("%i 3DES-ECB tests failed.\n", error_count); return TEST_FAIL; } printf("All 3DES-ECB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/tdes_ofb_test.c000066400000000000000000000107471417716165400167330ustar00rootroot00000000000000/* This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. */ /* Copyright IBM Corp. 2010, 2011 */ #include #include #include #include #include #include #include "ica_api.h" #include "testcase.h" #define NR_RANDOM_TESTS 10000 void dump_ofb_data(unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length, unsigned char *input_data, unsigned int data_length, unsigned char *output_data) { VV_(printf("IV \n")); dump_array(iv, iv_length); VV_(printf("Key \n")); dump_array(key, key_length); VV_(printf("Input Data\n")); dump_array(input_data, data_length); VV_(printf("Output Data\n")); dump_array(output_data, data_length); } int load_random_test_data(unsigned char *data, unsigned int data_length, unsigned char *iv, unsigned int iv_length, unsigned char *key, unsigned int key_length) { int rc; rc = ica_random_number_generate(data_length, data); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(iv_length, iv); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } rc = ica_random_number_generate(key_length, key); if (rc) { VV_(printf("ica_random_number_generate with rc = %i errnor = %i\n", rc, errno)); return TEST_FAIL; } return TEST_SUCC; } int random_3des_ofb(int iteration, unsigned int data_length) { unsigned int iv_length = sizeof(ica_des_vector_t); unsigned int key_length = sizeof(ica_des_key_triple_t); unsigned char iv[iv_length]; unsigned char tmp_iv[iv_length]; unsigned char key[key_length]; unsigned char input_data[data_length]; unsigned char encrypt[data_length]; unsigned char decrypt[data_length]; int rc = 0; memset(encrypt, 0x00, data_length); memset(decrypt, 0x00, data_length); load_random_test_data(input_data, data_length, iv, iv_length, key, key_length); memcpy(tmp_iv, iv, iv_length); VV_(printf("Test Parameters for iteration = %i\n", iteration)); VV_(printf("key length = %i, data length = %i, iv length = %i\n", key_length, data_length, iv_length)); rc = ica_3des_ofb(input_data, encrypt, data_length, key, tmp_iv, 1); if (rc) { VV_(printf("ica_3des_ofb encrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (!rc) { VV_(printf("Encrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, input_data, data_length, encrypt); } if (rc) { VV_(printf("3DES OFB test exited after encryption\n")); return TEST_FAIL; } memcpy(tmp_iv, iv, iv_length); rc = ica_3des_ofb(encrypt, decrypt, data_length, key, tmp_iv, 0); if (rc) { VV_(printf("ica_3des_ofb decrypt failed with rc = %i\n", rc)); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); return TEST_FAIL; } if (!rc) { VV_(printf("Decrypt:\n")); dump_ofb_data(iv, iv_length, key, key_length, encrypt, data_length, decrypt); } if (memcmp(decrypt, input_data, data_length)) { VV_(printf("Decryption Result does not match the original data!\n")); VV_(printf("Original data:\n")); dump_array(input_data, data_length); VV_(printf("Decryption Result:\n")); dump_array(decrypt, data_length); rc++; } if (rc) return TEST_FAIL; return TEST_SUCC; } int main(int argc, char **argv) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping TDES-OFB test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int rc = 0; int error_count = 0; int iteration; unsigned int rdata; unsigned int data_length = 1; set_verbosity(argc, argv); for(iteration = 1; iteration <= NR_RANDOM_TESTS; iteration++) { rc = random_3des_ofb(iteration, data_length); if (rc) { V_(printf("random_3des_ofb failed with rc = %i\n", rc)); error_count++; goto out; } // add a value between 1 and 8 to data_length if (ica_random_number_generate(sizeof(rdata), (unsigned char*) &rdata)) { V_(printf("ica_random_number_generate failed with errnor = %i\n", errno)); exit(1); } data_length += (rdata % 8) + 1; } out: if (error_count) { printf("%i 3DES-OFB tests failed.\n", error_count); return TEST_FAIL; } printf("All 3DES-OFB tests passed.\n"); return TEST_SUCC; #endif /* NO_CPACF */ } libica-4.0.1/test/testcase.h000066400000000000000000000106621417716165400157230ustar00rootroot00000000000000/* * Testcase infrastructure. */ #ifndef TESTCASE_H #define TESTCASE_H #include #include #include #include #include #include #include #include #include #include #include "../include/ica_api.h" #if defined(NO_SW_FALLBACKS) || defined(NO_CPACF) #define UNUSED(var) ((void)(var)) #endif /* automake test exist status */ #define TEST_SUCC 0 #define TEST_FAIL 1 #define TEST_SKIP 77 #define TEST_ERR 99 #define V_(print) if (verbosity_ >= 1) print #define VV_(print) if (verbosity_ >= 2) print # define EXIT_ERR(msg) \ do { \ printf("%s failed (%s:%d): %s\n", \ __func__, __FILE__, __LINE__, msg); \ exit(TEST_FAIL); \ } while (0) static int verbosity_; /* default verbosity level: 0 */ static inline void set_verbosity(int argc, char *argv[]) { int i; for (i = 1; i < argc; i++) { if (strcasestr(argv[i], "-vv")) { verbosity_ = 2; break; } if (strcasestr(argv[i], "-v")) { verbosity_ = 1; break; } } } static inline void dump_array(unsigned char array[], size_t len) { size_t i; for (i = 1; i <= len; i++) { VV_(printf("0x%02x ", array[i - 1])); if ((i % 8 == 0) || (i == len)) VV_(printf("\n")); } } static inline void dump_array_u64(uint64_t array[], size_t size) { size_t i; for (i = 1; i <= size; i++) { VV_(printf("0x%016llx ", (unsigned long long)array[i - 1])); if ((i % 8 == 0) || (i == size)) VV_(printf("\n")); } } static inline unsigned long long delta_usec(const struct timeval *t1, const struct timeval *t2) { return (t2->tv_sec * 1000000ULL + t2->tv_usec) - (t1->tv_sec * 1000000ULL + t1->tv_usec); } static inline long double ops_per_sec(unsigned long long ops, unsigned long long usec) { return ops / ((long double)usec / 1000000ULL); } static inline int sha3_available(void) { sha3_224_context_t sha3_224_context; unsigned char output_hash[SHA3_224_HASH_LENGTH]; unsigned char test_data[] = { 0x61,0x62,0x63 }; int rc = 0; rc = ica_sha3_224(SHA_MSG_PART_ONLY, sizeof(test_data), test_data, &sha3_224_context, output_hash); return (rc == ENODEV ? 0 : 1); } static inline int is_supported_by_hw(int nid) { ica_adapter_handle_t adapter_handle; ICA_EC_KEY *key; unsigned int privlen; int rc; char *icapath; /* save ICAPATH */ icapath = getenv("ICAPATH"); /* try to generate a key using hw */ setenv("ICAPATH", "1", 1); rc = 0; key = NULL; if (ica_open_adapter(&adapter_handle)) goto _ret_; key = ica_ec_key_new(nid, &privlen); if (key == NULL) goto _ret_; if (ica_ec_key_generate(adapter_handle, key)) goto _ret_; rc = 1; _ret_: ica_close_adapter(adapter_handle); if (key != NULL) ica_ec_key_free(key); /* restore ICAPATH */ if (icapath != NULL) setenv("ICAPATH", icapath, 1); return rc; } static inline int ecc_available(void) { return is_supported_by_hw(NID_X9_62_prime256v1); } #ifndef ICA_INTERNAL_TEST static inline unsigned int getenv_icapath() { char* s = getenv("ICAPATH"); int icapath=0; /* hw with sw fallback (default) */ int env_icapath; if (s) { if (sscanf(s, "%d", &env_icapath) == 1) { switch (env_icapath) { case 1: return 1; /* hw only */ case 2: return 2; /* sw only */ default: break; /* default */ } } } return icapath; } static inline void toggle_env_icapath() { if (getenv_icapath() == 1) setenv("ICAPATH", "2", 1); else if (getenv_icapath() == 2) setenv("ICAPATH", "1", 1); } static inline void unset_env_icapath() { unsetenv("ICAPATH"); } static inline int is_supported_openssl_curve(int nid) { EC_GROUP *ptr = EC_GROUP_new_by_curve_name(nid); if (ptr) EC_GROUP_free(ptr); return ptr ? 1 : 0; } static inline int sw_fallbacks_available(int nid) { switch (nid) { case NID_X9_62_prime192v1: case NID_secp224r1: case NID_X9_62_prime256v1: case NID_secp384r1: case NID_secp521r1: case NID_brainpoolP160r1: case NID_brainpoolP192r1: case NID_brainpoolP224r1: case NID_brainpoolP256r1: case NID_brainpoolP320r1: case NID_brainpoolP384r1: case NID_brainpoolP512r1: return 1; default: return 0; } } static inline int can_toggle(int nid) { unsigned int icapath = getenv_icapath(); switch (icapath) { case 0: case 1: if (is_supported_openssl_curve(nid) && sw_fallbacks_available(nid)) return 1; break; default: /* 2 */ if (is_supported_by_hw(nid)) return 1; break; } return 0; } #endif #endif /* TESTCASE_H */ libica-4.0.1/test/testdata/000077500000000000000000000000001417716165400155435ustar00rootroot00000000000000libica-4.0.1/test/testdata/sha2/000077500000000000000000000000001417716165400164005ustar00rootroot00000000000000libica-4.0.1/test/testdata/sha2/SHA1_1.txt000066400000000000000000000203231417716165400200550ustar00rootroot00000000000000# NIST SHA-1 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 20] Len = 0 Msg = 00 MD = da39a3ee5e6b4b0d3255bfef95601890afd80709 Len = 8 Msg = 36 MD = c1dfd96eea8cc2b62785275bca38ac261256e278 Len = 16 Msg = 195a MD = 0a1c2d555bbe431ad6288af5a54f93e0449c9232 Len = 24 Msg = df4bd2 MD = bf36ed5d74727dfd5d7854ec6b1d49468d8ee8aa Len = 32 Msg = 549e959e MD = b78bae6d14338ffccfd5d5b5674a275f6ef9c717 Len = 40 Msg = f7fb1be205 MD = 60b7d5bb560a1acf6fa45721bd0abb419a841a89 Len = 48 Msg = c0e5abeaea63 MD = a6d338459780c08363090fd8fc7d28dc80e8e01f Len = 56 Msg = 63bfc1ed7f78ab MD = 860328d80509500c1783169ebf0ba0c4b94da5e5 Len = 64 Msg = 7e3d7b3eada98866 MD = 24a2c34b976305277ce58c2f42d5092031572520 Len = 72 Msg = 9e61e55d9ed37b1c20 MD = 411ccee1f6e3677df12698411eb09d3ff580af97 Len = 80 Msg = 9777cf90dd7c7e863506 MD = 05c915b5ed4e4c4afffc202961f3174371e90b5c Len = 88 Msg = 4eb08c9e683c94bea00dfa MD = af320b42d7785ca6c8dd220463be23a2d2cb5afc Len = 96 Msg = 0938f2e2ebb64f8af8bbfc91 MD = 9f4e66b6ceea40dcf4b9166c28f1c88474141da9 Len = 104 Msg = 74c9996d14e87d3e6cbea7029d MD = e6c4363c0852951991057f40de27ec0890466f01 Len = 112 Msg = 51dca5c0f8e5d49596f32d3eb874 MD = 046a7b396c01379a684a894558779b07d8c7da20 Len = 120 Msg = 3a36ea49684820a2adc7fc4175ba78 MD = d58a262ee7b6577c07228e71ae9b3e04c8abcda9 Len = 128 Msg = 3552694cdf663fd94b224747ac406aaf MD = a150de927454202d94e656de4c7c0ca691de955d Len = 136 Msg = f216a1cbde2446b1edf41e93481d33e2ed MD = 35a4b39fef560e7ea61246676e1b7e13d587be30 Len = 144 Msg = a3cf714bf112647e727e8cfd46499acd35a6 MD = 7ce69b1acdce52ea7dbd382531fa1a83df13cae7 Len = 152 Msg = 148de640f3c11591a6f8c5c48632c5fb79d3b7 MD = b47be2c64124fa9a124a887af9551a74354ca411 Len = 160 Msg = 63a3cc83fd1ec1b6680e9974a0514e1a9ecebb6a MD = 8bb8c0d815a9c68a1d2910f39d942603d807fbcc Len = 168 Msg = 875a90909a8afc92fb7070047e9d081ec92f3d08b8 MD = b486f87fb833ebf0328393128646a6f6e660fcb1 Len = 176 Msg = 444b25f9c9259dc217772cc4478c44b6feff62353673 MD = 76159368f99dece30aadcfb9b7b41dab33688858 Len = 184 Msg = 487351c8a5f440e4d03386483d5fe7bb669d41adcbfdb7 MD = dbc1cb575ce6aeb9dc4ebf0f843ba8aeb1451e89 Len = 192 Msg = 46b061ef132b87f6d3b0ee2462f67d910977da20aed13705 MD = d7a98289679005eb930ab75efd8f650f991ee952 Len = 200 Msg = 3842b6137bb9d27f3ca5bafe5bbb62858344fe4ba5c41589a5 MD = fda26fa9b4874ab701ed0bb64d134f89b9c4cc50 Len = 208 Msg = 44d91d3d465a4111462ba0c7ec223da6735f4f5200453cf132c3 MD = c2ff7ccde143c8f0601f6974b1903eb8d5741b6e Len = 216 Msg = cce73f2eabcb52f785d5a6df63c0a105f34a91ca237fe534ee399d MD = 643c9dc20a929608f6caa9709d843ca6fa7a76f4 Len = 224 Msg = 664e6e7946839203037a65a12174b244de8cbc6ec3f578967a84f9ce MD = 509ef787343d5b5a269229b961b96241864a3d74 Len = 232 Msg = 9597f714b2e45e3399a7f02aec44921bd78be0fefee0c5e9b499488f6e MD = b61ce538f1a1e6c90432b233d7af5b6524ebfbe3 Len = 240 Msg = 75c5ad1f3cbd22e8a95fc3b089526788fb4ebceed3e7d4443da6e081a35e MD = 5b7b94076b2fc20d6adb82479e6b28d07c902b75 Len = 248 Msg = dd245bffe6a638806667768360a95d0574e1a0bd0d18329fdb915ca484ac0d MD = 6066db99fc358952cf7fb0ec4d89cb0158ed91d7 Len = 256 Msg = 0321794b739418c24e7c2e565274791c4be749752ad234ed56cb0a6347430c6b MD = b89962c94d60f6a332fd60f6f07d4f032a586b76 Len = 264 Msg = 4c3dcf95c2f0b5258c651fcd1d51bd10425d6203067d0748d37d1340d9ddda7db3 MD = 17bda899c13d35413d2546212bcd8a93ceb0657b Len = 272 Msg = b8d12582d25b45290a6e1bb95da429befcfdbf5b4dd41cdf3311d6988fa17cec0723 MD = badcdd53fdc144b8bf2cc1e64d10f676eebe66ed Len = 280 Msg = 6fda97527a662552be15efaeba32a3aea4ed449abb5c1ed8d9bfff544708a425d69b72 MD = 01b4646180f1f6d2e06bbe22c20e50030322673a Len = 288 Msg = 09fa2792acbb2417e8ed269041cc03c77006466e6e7ae002cf3f1af551e8ce0bb506d705 MD = 10016dc3a2719f9034ffcc689426d28292c42fc9 Len = 296 Msg = 5efa2987da0baf0a54d8d728792bcfa707a15798dc66743754406914d1cfe3709b1374eaeb MD = 9f42fa2bce6ef021d93c6b2d902273797e426535 Len = 304 Msg = 2836de99c0f641cd55e89f5af76638947b8227377ef88bfba662e5682babc1ec96c6992bc9a0 MD = cdf48bacbff6f6152515323f9b43a286e0cb8113 Len = 312 Msg = 42143a2b9e1d0b354df3264d08f7b602f54aad922a3d63006d097f683dc11b90178423bff2f7fe MD = b88fb75274b9b0fd57c0045988cfcef6c3ce6554 Len = 320 Msg = eb60c28ad8aeda807d69ebc87552024ad8aca68204f1bcd29dc5a81dd228b591e2efb7c4df75ef03 MD = c06d3a6a12d9e8db62e8cff40ca23820d61d8aa7 Len = 328 Msg = 7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c72015 MD = 6e40f9e83a4be93874bc97cdebb8da6889ae2c7a Len = 336 Msg = e70653637bc5e388ccd8dc44e5eace36f7398f2bac993042b9bc2f4fb3b0ee7e23a96439dc01134b8c7d MD = 3efc940c312ef0dfd4e1143812248db89542f6a5 Len = 344 Msg = dd37bc9f0b3a4788f9b54966f252174c8ce487cbe59c53c22b81bf77621a7ce7616dcb5b1e2ee63c2c309b MD = a0cf03f7badd0c3c3c4ea3717f5a4fb7e67b2e56 Len = 352 Msg = 5f485c637ae30b1e30497f0fb7ec364e13c906e2813daa34161b7ac4a4fd7a1bddd79601bbd22cef1f57cbc7 MD = a544e06f1a07ceb175a51d6d9c0111b3e15e9859 Len = 360 Msg = f6c237fb3cfe95ec8414cc16d203b4874e644cc9a543465cad2dc563488a659e8a2e7c981e2a9f22e5e868ffe1 MD = 199d986ed991b99a071f450c6b1121a727e8c735 Len = 368 Msg = da7ab3291553c659873c95913768953c6e526d3a26590898c0ade89ff56fbd110f1436af590b17fed49f8c4b2b1e MD = 33bac6104b0ad6128d091b5d5e2999099c9f05de Len = 376 Msg = 8cfa5fd56ee239ca47737591cba103e41a18acf8e8d257b0dbe8851134a81ff6b2e97104b39b76e19da256a17ce52d MD = 76d7db6e18c1f4ae225ce8ccc93c8f9a0dfeb969 Len = 384 Msg = 57e89659d878f360af6de45a9a5e372ef40c384988e82640a3d5e4b76d2ef181780b9a099ac06ef0f8a7f3f764209720 MD = f652f3b1549f16710c7402895911e2b86a9b2aee Len = 392 Msg = b91e64235dbd234eea2ae14a92a173ebe835347239cff8b02074416f55c6b60dc6ced06ae9f8d705505f0d617e4b29aef9 MD = 63faebb807f32be708cf00fc35519991dc4e7f68 Len = 400 Msg = e42a67362a581e8cf3d847502215755d7ad425ca030c4360b0f7ef513e6980265f61c9fa18dd9ce668f38dbc2a1ef8f83cd6 MD = 0e6730bc4a0e9322ea205f4edfff1fffda26af0a Len = 408 Msg = 634db92c22010e1cbf1e1623923180406c515272209a8acc42de05cc2e96a1e94c1f9f6b93234b7f4c55de8b1961a3bf352259 MD = b61a3a6f42e8e6604b93196c43c9e84d5359e6fe Len = 416 Msg = cc6ca3a8cb391cd8a5aff1faa7b3ffbdd21a5a3ce66cfaddbfe8b179e4c860be5ec66bd2c6de6a39a25622f9f2fcb3fc05af12b5 MD = 32d979ca1b3ed0ed8c890d99ec6dd85e6c16abf4 Len = 424 Msg = 7c0e6a0d35f8ac854c7245ebc73693731bbbc3e6fab644466de27bb522fcb99307126ae718fe8f00742e6e5cb7a687c88447cbc961 MD = 6f18190bd2d02fc93bce64756575cea36d08b1c3 Len = 432 Msg = c5581d40b331e24003901bd6bf244aca9e9601b9d81252bb38048642731f1146b8a4c69f88e148b2c8f8c14f15e1d6da57b2daa9991e MD = 68f525feea1d8dbe0117e417ca46708d18d7629a Len = 440 Msg = ec6b4a88713df27c0f2d02e738b69db43abda3921317259c864c1c386e9a5a3f533dc05f3beeb2bec2aac8e06db4c6cb3cddcf697e03d5 MD = a7272e2308622ff7a339460adc61efd0ea8dabdc Len = 448 Msg = 0321736beba578e90abc1a90aa56157d871618f6de0d764cc8c91e06c68ecd3b9de3824064503384db67beb7fe012232dacaef93a000fba7 MD = aef843b86916c16f66c84d83a6005d23fd005c9e Len = 456 Msg = d0a249a97b5f1486721a50d4c4ab3f5d674a0e29925d5bf2678ef6d8d521e456bd84aa755328c83fc890837726a8e7877b570dba39579aabdd MD = be2cd6f380969be59cde2dff5e848a44e7880bd6 Len = 464 Msg = c32138531118f08c7dcc292428ad20b45ab27d9517a18445f38b8f0c2795bcdfe3ffe384e65ecbf74d2c9d0da88398575326074904c1709ba072 MD = e5eb4543deee8f6a5287845af8b593a95a9749a1 Len = 472 Msg = b0f4cfb939ea785eabb7e7ca7c476cdd9b227f015d905368ba00ae96b9aaf720297491b3921267576b72c8f58d577617e844f9f0759b399c6b064c MD = 534c850448dd486787b62bdec2d4a0b140a1b170 Len = 480 Msg = bd02e51b0cf2c2b8d204a026b41a66fbfc2ac37ee9411fc449c8d1194a0792a28ee731407dfc89b6dfc2b10faa27723a184afef8fd83def858a32d3f MD = 6fbfa6e4edce4cc85a845bf0d228dc39acefc2fa Len = 488 Msg = e33146b83e4bb671392218da9a77f8d9f5974147182fb95ba662cb66011989c16d9af104735d6f79841aa4d1df276615b50108df8a29dbc9de31f4260d MD = 018872691d9b04e8220e09187df5bc5fa6257cd9 Len = 496 Msg = 411c13c75073c1e2d4b1ecf13139ba9656cd35c14201f1c7c6f0eeb58d2dbfe35bfdeccc92c3961cfabb590bc1eb77eac15732fb0275798680e0c7292e50 MD = d98d512a35572f8bd20de62e9510cc21145c5bf4 Len = 504 Msg = f2c76ef617fa2bfc8a4d6bcbb15fe88436fdc2165d3074629579079d4d5b86f5081ab177b4c3f530376c9c924cbd421a8daf8830d0940c4fb7589865830699 MD = 9f3ea255f6af95c5454e55d7354cabb45352ea0b Len = 512 Msg = 45927e32ddf801caf35e18e7b5078b7f5435278212ec6bb99df884f49b327c6486feae46ba187dc1cc9145121e1492e6b06e9007394dc33b7748f86ac3207cfe MD = a70cfbfe7563dd0e665c7c6715a96a8d756950c0 libica-4.0.1/test/testdata/sha2/SHA1_2.txt000066400000000000000000000312421417716165400200600ustar00rootroot00000000000000# NIST SHA-1 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 20] Len = 51200 Msg = 3a14145dd1fa9e46c4562eed0b0da10d845ad84f43cdb16e29933699b8f7151925295133af3e36503079925bf2c9226bc3924ba24cb00a559eba2e6c0e83c50c43e7d4748dc44b2578463746a2683a46c9b738c3285954ab044f1ba182f7fea2bbd506e81292c30ec6458676c3f2d0e8be50097b80d075b982da65febb5aaa21b67b4f56e7b288533fffe5b2fe70cb97c9e62592fc1b57c741e4734c62b4b0d25b621888b42c803c0dfbbdc3fbe9159c1200f4d04344e01c69f4af521e0ef8fdd311c7442006951158c177726165953fc226defdfe53fa02219380da986f6aea4510c653d34aae1947da7985d8ec33c701e14be0d44e8cbf91484eaa77dfeee0dae87b7d7600b29d03cd2dc40a87d77ef6b7a3426e3f7e9ce29b828c64666c29ba205089b12e8be5b422faf99c3d69aaca324eeb732db8e13c148245070dcc0b0c40ab412bde2039806247ea3917d194a4dab4a38c2121d6c63cb7a007dbf6cff9d1f66b8d1759e192147e60871bf784ad363e326122a3c3a99a89640dd9d2bca85a98d07ee21e2410c006232e53c4c10dce525f993825ef0cb76158c00d491c4163f938a746574c23ef47fbd7c71e95eb2a5af3dd6b90a31819a546c9814135ee74816baf4bec9ff227a9b02a7eef466fd3bcb7d4c4ca27f54abff4cf3da351d516983040f9c566a6f39409ce801d1dc350e270274abcc3cad2152a7b4758b61ed0a650ff59cbe866d870d06cd591620c2932e97d064ebfbf3711b275a947acf22b13949672e46f5b60a5cbab86345d75e716e97ffe6962fe031953646b577d79ae47c1ad4cf941ac129bc33499ed562311f537d53cf3f5acbd97d4f093726fdae1aba2ebf0f3a78276ba7fae19a394412f369c26c8d6c0f4eef2fec22b7fcc3e4ca5fef965b8e905156bc9c20b4060f5c943e01aa8f80bfc1d9299823a65dacc789e9c7eb3324f5c7614671879ab02676883cb5ae6431eecd2df6dd8c90ee2adecff4523e34721b0221f22576accc2c1935e248e8a9d40ed9641416adf612b08302ec190fce1a6289ff2c227e78be728d33cb55e9af0bb27ef20dee38446ff06cd95d86c06e727ed77f70f32f7d0bbc6af8544702023d5c168e40de9c0a5a4cf4a9a52600a41ec263194d11da28384c3afa19a6f231ed7e386f594249c66638a2fa7f6130ed73dfc5633cf93f08c8b475bf97f01acc909b7d3bb3b3e1f72845f05238d2e1d9162976d3bd23aead318793cf3bbcec20cb262d69fccdc52af4f775276df583c57a21efe14a2ba97417381d9f8157f6dcf1b0f17070da93b060cfaa107b43a751147ba922507bc00bce388ba7156bcb5fa8de41f5cc84ae45f02107740d47bcfa79792b0d8c9e82b2db1b668c4462ca3754e097507c36a55a37adf5e8807c45301dbcfe094afe5227d26326a5bad783e28a6a7a16ec7af95b8bc92dd4714bd07075a98aac2825ced928825489c53488ffbdfe62cfb9bc1ab88104f7de6c40df5a25e1697c80af492561fb68bf100429cd740ed9d150949a2fabe3ec4cbdf5d25b82d702e0f0f561bb0350ebac17b116fa210e57c23d7ef7ff50d893c5f2d549d3210cff7ff59298f8710545d738d5b104698f5528fce5a4c6347556d0a759b67f94f5b7b00af16f7c5f9b1fd71fec985a92046a5c0b633112bb2cdde3581d98bf4323b417bdbc55a51384d21229602d8b5ef00001e5721d4359616174617b70f0a0198d2d6a3ddc013154f51ee1caf11504f4ae81178cd9f693d5ba0a700ddfd250399b47bd00732f3d8df153d5a773664864ce701e3de79afeec202be04f25c2c816771d02aeab6d9c827f677160351d8dd2f84565efd6beff073c4f5ea9f3506c329913f782f57ad2e4c7b0419fa69949c1b4878b2d27b118c976eb37c8b8f9d11089a2f847d1a5752792d4d2b0587800b37b9d0a704b3fd0a56885f805e72d8b32c1608147d09bf7cd492b813ccb28472ac61c4043c1b9bb2d79b63bfc2e79ff0bc8c31f1d62bcef48534ae9bf6f28818a1c8bd9321bad4cb432e26015df4da12e18514e331886a01b59b98892c4f74463f74241a5c988e9fc1ca100dd7a4715fc28818b136297ced8c4ddca615d23044aeef5f6294bdb2747af689add9fc4d20881da5258c15edfe31d4e4ba5a82a45a15c1d83372322993963af9a70b06549c5acc2305dc54a37dcdb8168da268b9d09c70f5549efed9443c1ec8c414c96f1d611efa1acdef88b2877fdce6968a55ed6d86208fbf29accf942b5ecc9d4d87e9c49a932c08ed83e488b39d8fddf261faad8bc0aa7dbc897bc7e824874d9b8249acc9540334567b5cf7dbc04e20a8c63f87053c6e82be5791fdde80bdcdba4a854131a666fa335a63fd80afec07b26a04217efea3733700595d93db35c4b2c5e5aa5cf21e028b073fc229d131391a3791a37d6d11fb2f6b1b10919eb8db8cddb110d29ef4f3666a386d5e8ee45fe8142d368bf17fc0af801f3e602f0eba4f79309a1914ad76cc6b9827a84ecf2022e822022ff2b76abe27ac0d86f8ff080380ab71bbba1432c6f2a5178d79b825d29db62ef1d87fa265480ca88d5f536db0dc6abc40faf0d05be7a96697776816ff1a32e2590ca010abcb8535fdced1935f74b5a42e3b08f79432ea3b4eb1a79ab247de48f0f4e25b989860dd5cac421f1830d4510fe4255077bbb1bf398d3c59f20c01853df90c2b3498e5c734616ebce1f80eea6a5f0f820f6b4519e074f1fcc751e4c4c883e82a88b15b1c0c551d10c4b4ad98c8138e366128f072cbcf8c2b39fed02b1afb3cfe9bcc0c036df017c3c84cf782b0686a1477dbf8f28304d68d51fb0be2bac7d14f75d23ea5de9a237ef5a835d1aac66ac3586da6c08f7d97cb1630dd1230516fc61fa93a29e7bb0be954b1aeac3e9558ec0cc4420577a0978c918690e30500dd0aa03b48b810bb95abec4dac3cf53dfa369cca14e8c4d79d79c8e36b7cc03be5c4006eaf7ae2028a6cc66575a85626184a0f656392fd89733ac531b506e96c4d9c482cb996e4f8b1d6e8e25219eab97ccf6d7f792baa1ddf769056b7a809fade397f5cac359f05d48f5caa8bb7375ced6ebeff9cda53fdaad52f3cb98ba74d6044ade6d17e9992b93f2aa768a9c77832cf0bcd15c781909c01acc902d64bcd9b64dab1709a5c05298f58bf3118227614995bd12c1bbb3e7c9f0ee7dcb27de257420fa7d1b070c8ec26f0dc2d2bcebc5b75b7f328fe8a6f145a5e7d8d47c6f45b8654af3be95b41caaef9e5a50b55b4cf0a261b5397758b2ad7a3725ebcad6b70d7afb1f86da7da8bcc7cc2e1df3fc53701b031f30f04fa87c1e5b0973abbaf5edd2a964e63dbfaf62a805b29d012565d015d1d518dbf25f3be2d1e80e87628ed41cc4486f38008d5700d98c50658d107b336c7b53a2f72357682a461ef683ee4ab9da4e7471d6eee462b61fca8989dfebe4217663edb4a1793ec2a8176195a0dc2a69ebb843a930952e39e18df5b220acc8af6aec04b165fba739829a610e22e2fee1b48d560dff03f3c375fd228c8f282144ad3e8083cd69520d6a1a7d540109a7d01d86015ba6ab33f141aaa87f7808aeafd1edf992644ccfacd31a0f0da7ba95c3ab14de48c3e56f31d908e00177a8c14f5d7cd863a7107096321b9ea1a370792ac1bc552bd35d2603b0ba71c90a92f981c46da58e224ed5681b81c49670b5a274160f0e9b517cc8e54d11c62cad51c8058b32c96852726e8103fee9828c04b24dfc7f530ddacef86512b165b2ec6fbd49365eec88a405bc8f6fe5a5cc71e81907097fcaf9bbbe04f1b61bd8d2243739ab4a546775b3834fc1d3d851fabeda573db192fef580e4af198bb38820f162cdca3bb5c2a5fd6588e6b449a683cf55ed60895b4777d6bd375b281b0c25e05cfa148ef5969fee47085ca5abfc0e2fe55c0df52b3cf709b23e250fa4cd375d904f28b8865bca02823ea21c91cae05cf3139489a55809b66e3405a6f353fbe5972d654d0a7acad6c1ac457d7dbba0d319b492bb3c1116593bb97b728928e9f4fc2558b0d48c08d76fc1b56cd216c62ec3bf970e6200a35ec52f0516d8c4682819b7718886f81a90e72f805f3194d6cc8b850ff7b9af4753751520f864bf1ceb9a645e389457567fe24624c90e8e4948dbb56c0ba56568c3d5fc6d9baf616ebbd8bc6d458f226300db96113edb9b94002eb149ceb7db8e2c625539753b63e4155f102d43c9d1c6d02dafd4253b255d9f0f191795536a2df9a4b013197b2f0384b8002c97f6fdd84a62e3fc208fb3fc81f74d64141aa9deb8078d890cf13b43866e1cd9d678ff3dfc15e2e7954bdff74571de9daf701306e4154e19a420012a96dbc6b363d25e6e41b11d25081201e446094d42ebf62e4d0a58823383aa293f329b8e57e485b3cfd7bf0342fd64b23a201809f23e1f5407974bca653fd20be7e627e425bd2577f91aaa25bff9a6796f5048950a3a4e4ccd1769773d1d4a31cb2dfb68ab72141360771d04fa6169b00a42f58f1955254104173c2919c075333f86a07c6797e42eac99622190e9210e8194b9589e0316f952f32e5089ade578eb6c919fd893182223ee13fc01d55edd6bb1fe8216e8a5de2047ca7e1b5a1d8b255c59537cf822866ce1cd04cbda95b52f275f7c026a4467f2919b023d397fd293e26237c32b95c3ee10d7cc6d5d482e526136d6ef0c951f504d1a9d6de09ef7ad8b46ad59d1d4833df7eec354d1f8916bfc2f033b43fa6cbff6c3a03bd3fd52d8a371349f5f711cc3135c8a10dd2996e254a28185a4f6e8981b10ab15881d8cabe76c5e1238fe2923dfab713fc35d974c173bf24cb41d1b8f169c2e8971720dadb3a29a40f2de10c6c976191049072b0f9055a60ed5df6dfb95c09b06248d4e5494be79aa11936c226d26f260c2a8baa36c7a4d2a9eb068640528812a15e1d716f71a6cbc29a0a3cd47589d7fd4c4debe1824284e8322835ee13e7153c9f2208b7740e4058fa8503dc4656aebd3ee0fa60fedf7e907b85752b66cdc21b540c31881bc8004c7fce9ea80e7fb235486b5f1d0321c68a0e44cd5f15e21f27c402754a2f7c1387720e959e94abeb4db216a37e59b066bf338fc6f2e6cf3746392d5a6679d182f01b6c7128a28362eec30b4dedc7356616328be64da23c0f61f9b46a42be70546ec111b8adfeaf1efec46fe5d11758cc765262b8d611d0b1614dc02d47c90191ebad24f59571d62766fd6df3920fc0a2c9dc3cc1f6fa34242c7d792add612b414e28cead47c3a0860fb62a00987816f0f618408b15261070acd106e96d4d966d7f78376a2dbcb742e037d1934a1901bce54e979d9c5e0b9ec79190f25d56eb1d65e586b3ae24c063c0c7883512bc2a107ec6687ff168cdb467043ece1744d257eab9e41132c266f299b0776d572738f3a9c7dcba7e0cffbd7373390401dff225f53a780b215f4ef65238c8c38223d46e4e9b1bd5aa1449bed326a81c85eef48e6fb26b29e4c32377d3a8a0bff978a68755884c58dc4652c16f65b49e0a3b7f9b3e67e4f3e1b68b7e04482aea25ee5548a6d798cb7e6cc3cd2f788513f88c3c524ba20cf281002e11cd5f8bcb6e4d8ab929d026b7f74c43ebfba64203b6aad3bd7eaa0aad2c68b63b1637eeeb3d5cece1c7ba1fa4afaf7b22bb3914f4ae5debe4bfc907ac4bb8c801c71679d0f8e424c866dfaa180e5c127a57772270476c2ccdf7452b7844b60f6dc845540409add976ef85f09d7c1db1fbb7a995fee9a140820c679d98812b3086010ca80fd67fb4f44bf518ba61b800aec3169427fcc2cc0be877869468ded6545ab29d77c9225d4960774bf825f6a69a64084871e8987b6e71bd0df56399a7e0bc815ac6485d7b7d1852b1dd309f4cc780c5d86616ebf2b591805b42d9224b310dbf0883bdfab6995ad071f3ea7b993e00966d8eec83dce82f0a970332426b4f37b5ce378fbfb8a30d37b4c2bc513606cdc32f70d327df0d33a1eac1d5c1af4320abd569267526a61bd0a1d10cebca27cd94459434a1a32e848e7c022c67be14b2e844a1eae4aba76be361a8430ffeaaea51d88275b7d1520c1974519efc41cad3b6446843d3edb0e5b81bcfca867a960b410fc300321182b289fb339347df6e6d5bfd44990b94c87196f8cf0718e5f318ad13de3bd90ac55e28383273114107672096c0545549f8f7c7202e648ce8caf8dd0b5b90766523f83c54d5a7220e9da94d3861dc77b4475f91ba7748ac2a22951920c366cfc9a4690e76a49542ef391b2a0ab199397cbd913dee2f1b3e5403d6a97a9c24aedf5197e6c728a6398ce1a5ff3537f46549627612e6e0440b0d75a3d4407134d94f316b0c6fe842ce8ca02f13e07b53c1c53ff45ac7112ddbfe81e4e49bc7fd18c04ccdc7956dd2cb987ba1af34061f17965bf45bbc4b3d76ce2e811fb228e735dbaba660613dbcf6577ce31b595fc12d64be5f5fea15dca3268563ceae1b5af64755dc1ffce26a1772aadd9f760e9fcbd8711bac7cf7722cae8c7038b629be25ac52594c8ee442f8900d7883b39c23bb997b128a987967d70d4d91a7f3d87b88b4ab032f3ec9ae605aae9a0e3990b4c450e42a436724246decd0af618cb3f9e80567c410351b151677942c893072b9ada5b54d1e107f0fb5f21bb0afaa3fa10c478e83369b61dfe390c7173cc0cb9c3f3ff56262bb139179c8387ed97506d9be232928ea9724738f4d50416f0f21c442c7ac51589266137f152fff27148f0ac4403f9a7451eb3be25536946a48ff997ee4e20248ba02fb9082061de1b0629de748d8c31cf23e9ea45181f77491ea83ba3fa05c795e6fb274b7c7be4e7008f8efe0fc8a2aa2a5049ce83a51d7126ceac080ed4935a433a1f35b7accb77d0885a4b2b4d7e588a9d593c3688cd9f50c36564ed2b1c2b4d82fd516252e64feeaabce66079296cdd17a518a138fc35f53cf4551567a69b7e6c3e192d2cc9d1c37d134a4fea48598a6599ee44342dd7ac71e5432818d72d5e3c7e074888eaaff76619f13a0f3fa12afdb4279018d6e6ef2894d995bd2253559a29b67505cd2ce2fc2d75bf5683d63746804f25458c0635c79f62ded31ca00cfbcd711311e5fb2ea5ca42505eb95b27d69adf7458b19808b5719973e93a85dce7d5f1a33bc97d23097ce19d9654c275344052fdb0ec2ed09897c7f56de0875dd4dfa2b5e1ec35788db1cde78bca8ec7d63d4431ec903d35e79e88b3efc327084946fecbb2d2a687b90571deadaf226832ce2da16a5235a108d2466fdd36e754bba870451cf162e901e477d38a57100ee09f79dcc886ca9a92ffab69b4d04acbb270a1c28edcdd04fedb4a769076fa04461da34475c24e9b1c6302421513b3e5b43c0db497098774065664285e7322e109c54468f079441aeba8f5796c65d53b37770eabb3ebf4becef24f7952c03d3d7212d7bad7304da2a72dff80296b0124c29e4f086418a73daf1b86e9fc02ab6235a2d7da886bbdbac58e8ae6ea87da4adc3e296b35f411892d5e84eae8aef017bae1bf1882a036dbdd37122e1e40b315eab338449822b619d017d3fc7729ad96885c182564622b8e44b44fb6332a4e0e84b9f615091917782df3febf46072687148e5d619c161e3a92827e2fc7a8ed9d209edd5d174bb81c9d5f5f73c3cc0d61e5d5095d985081794d3e37fb5a41245a44fe78ad213f1a8fb4d690ea8eecc4bf72dca689e795f7b2eb240799598784ce78453255e567b149fae61d63e5fdeee85201bf77185ae38fe2e0579a43f0815220ffa517a25a0ec3d60a6f708753ee74f9f0ae959913c758cb0fc26eb7f0ac9dd5aa4b43068aa595dcb001a0e19345fdd1060e65f85525b619eeb297141c58fa1cc18f68707df82885736e75734077eb8dce5988a49381204619b293f6e8290f4cd20c088ea8890456c1205ebac006b676c61a4e2c636c1fd62d4cf5bec89f361c582ba39f9ecaa1d725a1dd26b674f72279cb56fe29490d5085dc3cfa522e16d1c078ba41d55f997d1d7d61457845162745d713a8699a813ba00aca37f9582a23b77dbd13c09a43bf151d9ba5a9e9abebd6e804a9b8e313fe28332dd6429fd87889a54c63f51d4913a90cdcc5bfe510e69958ba707bb52e2e7affe873b277ba46c389c8d0f75b122155b5b5041ed9fdbe09b3a5ab4683483314cb8a8ecd7238250185b2e92bd6275e87b2b50f6b1acab8948346a88ddffaa282208495e811ea89a033aafb27110121cb9e4d361929f09ce6322df6d61dadf34f894717b6d939eb4c1e01a56d8e2821adb2ee26adaa07a16b6abc24a3eedabbd9807282ae3abed041af776663b014c49a9b384f9cfd988ca07781a06ba61952bc80776532a8e1cf4d624ccc9e294f810ed18c1f6bb6fba501f30ef8b1e5e26e6513c64de8b63b3eabc11236915c40fd96d08a149e48d9811c67c49c0b20be456fb50f9b44e523b509566832d1cb9180bf2292ddb9359ab75c304318dbd9159e38de83ebbbb853b8d29caf5fd3e9a9b0d44236c920ffb7ae5e06faeda89180df6d1af39dc19213b0940e67fc1c58f20492b9f6757a29c8ec7e366c98f5cc787f58d4af400b251c32ca2622c61f7c230266f45241392646d84959089957fc64f4a8a64770dcc3b5c5e16e501c61d58520cd7bcadac287aa185be96f6d23a3eed5b90a3c8edb0078d07661708d67e7c0f632dad0a0cac07b231261f182fd457e99267aff186a6dedf8f58a2487a6454ee9437bf4119663226ef94d4f8949738cc56d631fac2f5e8d95eb52bc99b15087705be9b5cbd9d248729d25c9deac90a1e0ea6d1e987e74c03dc445d941fdac1321f89e862de9b045c46a6610f17b3f465249f36c8bfc233e572cfddb0f0fba7a84a624f5c66a6fb2eaed98857059d1f2bff89099e51cfc408861c5625f4c0e160ef0f78513c073184c8337b7c9aceb2f7072cf174255628f382f56efc157198e274590a494806cde6fe7be286c090d652a4509751239f862ecc20cd3c3955f3b74308ae4d72eaf8dcb77b647e5e29b3c33ebca23d33f1 MD = b09d1a963ba9bf92907707b7d48b96e0d37dbd79 libica-4.0.1/test/testdata/sha2/SHA224_1.txt000066400000000000000000000223451417716165400202320ustar00rootroot00000000000000# NIST SHA-224 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 28] Len = 0 Msg = 00 MD = d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f Len = 8 Msg = 84 MD = 3cd36921df5d6963e73739cf4d20211e2d8877c19cff087ade9d0e3a Len = 16 Msg = 5c7b MD = daff9bce685eb831f97fc1225b03c275a6c112e2d6e76f5faf7a36e6 Len = 24 Msg = 51ca3d MD = 2c8959023515476e38388abb43599a29876b4b33d56adc06032de3a2 Len = 32 Msg = 6084347e MD = ae57c0a6d49739ba338adfa53bdae063e5c09122b77604780a8eeaa3 Len = 40 Msg = 493e14623c MD = 7f631f295e024e74552083245ca8f988a3fb65680ae97c3040d2e65c Len = 48 Msg = d729d8cd1631 MD = 342e8e6b23c1c6a54910631f098e08e836259c57e49c1b1d023d166d Len = 56 Msg = cbf2061e10faa5 MD = 3aa702b1b66dc57d7aec3ccdbdfbd88592d7520f843ba5d0fa481168 Len = 64 Msg = 5f77b3664823c33e MD = bdf21ff325f754157ccf417f4855360a72e8fd117d28c8fe7da3ea38 Len = 72 Msg = 10713b894de4a734c0 MD = 03842600c86f5cd60c3a2147a067cb962a05303c3488b05cb45327bd Len = 80 Msg = 006470d57dad9893dc03 MD = c90026cda5ad24115059c62ae9add57793ade445d4742273288bbce7 Len = 88 Msg = 6f29ca274190400720bba2 MD = ac53157947aa4b2a19089182382a4363d182dd8e4ca79cd8571390be Len = 96 Msg = 17e8556176fcca2addbdde29 MD = cc6ad0488db0222066f740557b5758a19b30372b302332295d8c3aff Len = 104 Msg = dbf163601db9a122a4026824de MD = 9849845f4e47e1ece9a1c1e01a0d896ffea61c6c8894a75a11ce5f49 Len = 112 Msg = 5e1ef2ad86ceaf5439fe87d2ec9b MD = 223c5d5d4a0116b32cea044f9af0fe44babea1c5ab201502591bcd5f Len = 120 Msg = 65f3b9866fb8002b53cfaf806f702f MD = b1e0806a218d593821fde8e9eacc44ab5287c32209a94f011ab66b75 Len = 128 Msg = b776708ffb91b3515ac46598ab9fa796 MD = 427311b1d7ab2488791c4deeb4251d783fe5f9806bfdfb5188c5443d Len = 136 Msg = a4bc10b1a62c96d459fbaf3a5aa3face73 MD = d7e6634723ac25cb1879bdb1508da05313530419013fe255967a39e1 Len = 144 Msg = 9e8f3c6645c1749b55c50d2018ce40dc2427 MD = 2f5a583bf588c8988a572d128a95bea5ef1b66780a7d4be9c29efc31 Len = 152 Msg = 2db6d207c0b7d9117f24d78ee59abf2f316978 MD = 35681fce28307cae19522c23cbd4a77969347f7d8ee4a3088ba90ada Len = 160 Msg = 3df5e7f399f6dd61a12a9d4e9464fc4997c1f37b MD = a3e68076e30751085a843a6cbfbf0f3dee63d9c4219c914372e50b28 Len = 168 Msg = 65781d018f27ca0c72a9fa9ab4648ed369646dd3ce MD = d15ef0d872d02da6427b8d0349dea2f204e67133b7365b4b150efc3c Len = 176 Msg = af48eeddd93fee69d1bd7de428a63986011d10945eaf MD = b89d428ee42e397cf11029ecbb27baddd036c8938f51c8ab56b875ac Len = 184 Msg = df2bf0d5f9c994ac69d78baa0d512eceb74d8a047531c1 MD = db8e1ce68c8c6b84d6db755c2b8bf54f3c4b081a881efcddaf303294 Len = 192 Msg = 48d2f20955ea2d13433c20bc0404eb2e6ad79ed28f7cb4c0 MD = 3617cc3179f8b59adce181eebeed5e2763f62650949224a67e53694b Len = 200 Msg = 218f74a42d3a47ef3b806601fba024b078cbff4e4b85772e0e MD = b5f40b95dcc363b97e9d00b67c5d7c37f17ab563297d2d67a4df20c9 Len = 208 Msg = ef55b1e797000b04fcdb9b3021b09327e3b4e269d20cabdf418f MD = 827b223d51240c2e3271c534c19c5637b6fe10083e85bcf06761ef21 Len = 216 Msg = 96df4387dc2c40297043bea36483f65e4eb1e07e93359cb7e68610 MD = 98e430a63fcdedafc9419010f7f59a4d816a45b4f973beb62530ff8c Len = 224 Msg = 3ec0aa8d30d5ed825b77dc7095f421b1e608158797a377ff8bed641b MD = 3108321eb7ff857f6aae69101b937f32a51ea279a6c14ba5232ac8c1 Len = 232 Msg = 8b0239712039f077ce323b35f4e306787b9b35270096e57735cff45d84 MD = a5c740d3ce46bb2e0a048488f2b0605c6d0ca0ea2f382d043d13db97 Len = 240 Msg = 044be30167a9758c46c727921dc4eb4e0dcb965623423e6fdd44e7a4ea52 MD = 6eb78313c743ea8769d8340f284dda6ded64a1db64392f21abb82c5c Len = 248 Msg = 57f6118bacce47ecc31ce8b0c083d3c9219e0dbe9e4fbea154537c41231acc MD = 0dbb53c866d63af44c222c76c825df0e379dcedfb958db03b6fd29a5 Len = 256 Msg = fe1f0fb02c9011f4c8c5905934ed15136771737ce31c5859e67f235fe594f5f6 MD = bbeaacc632c2a3db2a9b47f157ab54aa27776c6e74cf0bcaa91b06d5 Len = 264 Msg = 14fb01ae9d6015ecb3e56d6ecdfa4bc0533186adf8457f5e4a5c57c687895f3db3 MD = 178272c7d7cc71b15074c27e3b7997d4a3ba99626986a1a16cf30030 Len = 272 Msg = ff6c49712f044f4063c14125c0cdfba18ed8b7138453768a45dfa2d82a05f1e84227 MD = 403284c888a7280bc8bfc25f0c34182cd378306a21a1404d4e1c40cf Len = 280 Msg = f900bd7e0117247f97c8fc7a665c76a35f571c3366571d6c4a3ee5d7fb93f1d1f726e2 MD = 48235b9820d66d8885faabf6a9ede63ba2a21b6177e987a33242373e Len = 288 Msg = 42d38188ac49440cfefb77db975e083e6b22348c4c67f0f8692e88ad140d861dc828d595 MD = 615344f890e5bcf71b5efe39de1fc942ba1fe30dd9e9146adb6a41bf Len = 296 Msg = 74fdd7d958b8ae7c2c3c5cff4266dfb2b3b842c9f59ecbbcaff575edcbcda08ccd6e08b764 MD = 66d7d6c54fc7775a0ba845ba3e11719fa535b9289f20b098c5f7a342 Len = 304 Msg = 934416dd0581e22f2bfbece7bb64afe820451fa21342df7e6f9fb37c4103381a1f7cd379bcc4 MD = fae8f1aa22def4dbaa814c5b0babdec43394951792c937050d2963a6 Len = 312 Msg = 102401c84a716ae72579c6ae79c359ea309ffd95abffae4c61884c03c9e99df77b6c92e492cacb MD = 8f34812d57a16ef8a51ad987660c5f8623e0fa9d89846e28d46d14d9 Len = 320 Msg = 79bc8fb60f85d15a2386566e3e7314df284533085add1c7bb6ead3ff760c86d5633a66404761b544 MD = 65c54014cfa30f0bc27d1c6efa96ae8481f4c2505bff272956eab0df Len = 328 Msg = db3121ea71294983b185207a9d8de3e484a66c0431bf07c962eb82977c4f834b7c3f1e7931a4a7f7a9 MD = 9316d2f021c2913d63a7e66924c87c161c3cfde0ea7ba07f54772862 Len = 336 Msg = 0dd51aa660c5cb4b7f78c46852c1db8707ab451c1367b6187388c8bb3873a1aa4210d0414cc6792a29a7 MD = 31989e7a62a5132a5070d77250d8904bb82d457dc63469d06b50185e Len = 344 Msg = 487fd2e5b694b7071d3789a258a51e8604dc0d3e8f5d62f39131968e602abe1ddf6b0278962a512408b553 MD = e798683438284626d710877d9eea3a0e02f349fc43acb7f9f8f9e81c Len = 352 Msg = 11183bdebfef58e4da5b1cb73be0d30b20da304d8659d921da2e270fd14626799537e4d12119e809ee97004a MD = 96870657d6cb668be3995aa8bd31df77840d1d1915d72482e83b6b2c Len = 360 Msg = a239de5c8e2644e8f030d94d98f1a30664e6fd961dc2977a9c08be5c31d8de89450945a53d79299ea2a1edde7f MD = e99743d4fd26c8800c36a67b6762247c29da6b62794123c59de06dc0 Len = 368 Msg = 917c4577aa6b0f9df49999fc1c958cb09b7fd5fc80be949670f03545eb27dcaed052076b24f96f5e0f2e2f4527c0 MD = 7ecd693d4d9cf43929464698efa0bac33c2e1424f816edc769260978 Len = 376 Msg = c3f1e735a6741aa481ad577a98dbac1f03cc80ea0dae1b94db2369ed4e93facd29c64e4e77b25038279120bdfa3715 MD = 86f0d89d8e14fd8b6606412d71a7a54a347b304ea5d49c208f2266ab Len = 384 Msg = de4fbfd553cdf37019f25afa82dc6b9970f4bb1ebbc37f80d3084c88a70722cdc523a9e3c2afbad0dc0221bfdec9a2f9 MD = 4c5262acb4a2a44eaa9bc6757024fb202ef4d5a7a16fa37252a422b5 Len = 392 Msg = db2e2eb636610cf42e9b33433acce1b3b925949f297dd83199f45d2861d64cd910c2db74a60b2089045e22cba0a536137d MD = 16bf4e45bcdc60447c68dcb30e6b08f55ce9f4124a29cf1f9a9d065d Len = 400 Msg = a8e729d336d5d6ac50e1e22f0b193b66e26042fc6459214129875e740ab2b142918c138aaf941863ad3b7e6065450613b273 MD = 452bf2e5ebfc4e451cc434bc09e2a10032eed0b7627cf55e7e5ed0e2 Len = 408 Msg = d05317d4b535f9d10f739d0c2dedf3ffb090c1ad9d205089b1346693f58273c4925c0face57ba45ad6fc687c66a88fc78878be MD = 4f03c439e097b51b00e314f675937c4d911505859fb7ab16adc65e44 Len = 416 Msg = 26bb4ed4f0424c60fe4212ff8c955e89e2f553a7d7701be59416d2089af59fa1074724e214e919b1e30f33fb78374b4b055bbc9b MD = e7c899e27009d4dc77c2d300f191b757e52c9e7eac4b023bfab2b52a Len = 424 Msg = f015ec83944f03292463c4345fdb1c26d1ea07645facbc9520ae244b6eb191e53dabadb4ac0fb15cda4ed77dfb9e1193abfafb1b81 MD = 459e40b3fbd612912f0217c60099379ce077cd02505871b0c9c14e7a Len = 432 Msg = 0786706f680c27b792d054faa63f499a8e6b5ddb90502946235bf74c022d772c809cb4171bfa4791539aca1abd91900e53ba93ca0efd MD = fadebab7c3d0fb8e97e429b79083087735e4ab385a789521260ef3ad Len = 440 Msg = 445e8698eeb8accbaac4ffa7d934fffd16014a430ef70f3a9174c6cfe96d1e3f6ab1377f4a7212dbb30146dd17d9f470c4dffc45b8e871 MD = 4c7ae028c0fe61f2a9cada61fae30685b77f04c6442576e912af9fa6 Len = 448 Msg = 52839f2f0853a30df14ec897a1914c685c1ac21470d00654c8c37663bfb65fa732dbb694d9dd09ced723b48d8f545846ba168988b61cc724 MD = 2f755a57674b49d5c25cb37348f35b6fd2de2552c749f2645ba63d20 Len = 456 Msg = 5fe8c2072d8900287ccaf07f3f66b0c22acd3e0bb91d9573754e19e373ac35271d8b43443436ac0c162850ef3d7f281409ad29a9bf716c77d1 MD = 42909757f6e229f69f04cc7a863c4e70e48c7c3575057b455c959775 Len = 464 Msg = e8064d83f3d643af8718c87e3ccd6a9733685eac61d572a22ab943f232fcb04f70858e8984449db14a76bb7eaf2458efc3ed2a32100622c52b7f MD = 1a1d8ed54cb45c97bc970754b43eb93d9eabde4c7b07f76ad82d8ede Len = 472 Msg = 87c9a517e28d1bb54ad20fca76460efd894d7786e68ee8d746b2f68208682157c8ad06cc324ad7a3189e09c6c39d4c768719c0a49a41669f2767d5 MD = 605977cf87b9b309bbddaaa64e528ace66b04df9f72c0e7ec88be1da Len = 480 Msg = 59fdac3b6b32039291801c7d6f46ede8d26dc5b7a192e007116739b617569f2523680b3c0b6631af453e55805aa760c6970833ac06963bbc9dbd455e MD = e9f0cb1dc8337e906385892f2348a8ba4412318ecad9b96e3711531f Len = 488 Msg = 30350a4df0b58ff49c0fa09e426fcd7007b290c760c825c1855d9b0023b82caa51e3cab4c60cfa61492be50568e5ac0f6db0fd468e39e4536403e3809f MD = 776cc6636c02408fbf65ace73ae80017108b917c16c5a912fd860241 Len = 496 Msg = ef797a0d43c30b4fe1014bdb9420879c2ff845d27e73d55a7df22930c8ece73253d8bb265b4ef2ff9c69455cc56ff25229b4126bb7bb26ee2c9ff36187b1 MD = f5b9ffb102affac352a4a535a00f89b06c268cf4881d712668906025 Len = 504 Msg = 716944de41710c29b659be10480bb25a351a39e577ee30e8f422d57cf62ad95bda39b6e70c61426e33fd84aca84cc7912d5eee45dc34076a5d2323a15c7964 MD = 61645ac748db567ac862796b8d06a47afebfa2e1783d5c5f3bcd81e2 Len = 512 Msg = a3310ba064be2e14ad32276e18cd0310c933a6e650c3c754d0243c6c61207865b4b65248f66a08edf6e0832689a9dc3a2e5d2095eeea50bd862bac88c8bd318d MD = b2a5586d9cbf0baa999157b4af06d88ae08d7c9faab4bc1a96829d65 libica-4.0.1/test/testdata/sha2/SHA224_2.txt000066400000000000000000000312641417716165400202330ustar00rootroot00000000000000# NIST SHA-224 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 28] Len = 51200 Msg = f61363eaa08cce68283076fa1ba17ffeeade05f89e216891c703e7e0b5e671e9eb94b763d12486bfa91e5465c4df1941f63e607e476f9d91eb28c17a75030c46472422d94d1b62eaeb0b734f330c1f7b5ccf65456f81c9eb44f1ef56adf4689ff109ccd37c3909f3d441fa3fcff33cb404da3dd47f1d95a5b9a59afcc7822efbd18bdcd9c64524e14e0712be005b16f5d6a60fb3dd0ca9c9318ee9f529750663cff47b7393095abd40a4e3532e0b5545ba7d046bf315ac5e96f205c83d9597ded38ad02a4b4b548e91619486c1cca2ad98a544832802476dcf1a15fd69aa8a74c597048556d4b95c2b864edf2166a5345867f683e39a21fdc44e421d177b862d8d613e0d1c6c3230f55b38e7b7a105e2e20b42f38ea4e3165dd6b4afaed134121331a74806da6711d7277b25e9456abf1ed9515c90e934c082f9923b96743c2a404e67c07ae8ff07b9343e2120197ed4f4194b465131bd041b000449362c457efa02a5fde15ca31a83c8aa64c5e6e6284d125837394325e910333462f8c1f7142a938985a4fffa531d2ce7753e744dc30f0d9eb9b0e9157849da470d43fafcf6b94a3ce22999adb970a81cdcf58b59ae245248531ee935b8ae3d68d380a0f92c8d6fe69cdaf263546283712250f3b2f072297c8eeb0c2cb128a4bd3b157b99bc904aae391ed1c52ddc070fceb9730191e3da62f07f1aa36b9d566ecd6b5381b0a822bd435c007a4bc77a1e6897d5ee9a5eac240342db41eff79ca411eaf05c0fbf413b42fe452bb70925c57952df2012cae9e74f9d17af441cbe8790fa1ad0e2bced4fbc6b6980778c502d88525a400111d7d65bf6959472f6043ed104988530876f213b0b34209536437e1dfe0df5701abe16afb61e99826bb5f25c6e332501080fda46466db418f145dfc0c0c2e865cde8d2d3467a667b651bcabaa2b3555e2714a26684dee309a49f78faff3fc1eb129c30500c71a265cb7cef7206e0bf4dccc8a0212d4d566f379a7252244d2707d12158ac72caf5488521880c04810bd9df71fd02a983b552917cf55195b4c2c3f2c07372df4f092d7a52be110360e1074858e08e6048a7bb9c8d287dbb3c3b265dc1a927bbc6831b9457b9086b43e7e1efc5724fbb63d4b03f173461fead3a38fb6c21556df80e1bba77a079a3f3c86ebcffdbcc209ee53c62604182c7ce6602b20804835fad5034d4fb9bec15382ab69850428df8bf8264edb1766a7c68688b6bdf793af8adf16ecb2bd4ea28d9b6c269fecf1bac8f5232c952fba08743e7dc0f37a901a0bf9ad1854f70fa44a013991952acfda2d6feaddc8bf9ac4e278cfb8459bc60bfadf366ebaf9aa5d153e9438e94febb445c2ddd0fa498173bdcfff2b48dd9dfbd3da334e593787237bbe2c9b20cf0def9e888cb4be4ff67b429e7c9851b2807033853435c4232e9dfa0a4326b02a7ed2844b77e7695572723d8ed86e14ad25ff765aa9c3605f1922fcad786a3bd4e703b3661fe79fdc7dcefafb833af63ff70028e51465d24ddf6900024ce41860bef99872e543d6478108077f1d7d7aed6c08d79ef49b7e71d9c6b0c33112da506f3aaffc887a914914a3ef73f7b407380d9feef2dae2e95da0c26b4ab574f626903d665d49fa4543b1391f94b26d4fa2543beb8b37ca9783bcf2bc134a88f0459a88583fda5186b9ef2e143bce07a8aeb84369c28bb0fd6696ce0fa780dd5d500691f1fe8a0eca2e16f969f3bb11a6dfd26cd6334744af88b6baf291c8d091b86ce0c02409808412d1218d370a29de981b1ead480ae4126ca55ff14cb31131f135fb4f4ab965490a964cfa702bae947a0abf7b9b471dca84eb137842b00db29cda580bcd1a0b8d67eec24e59a02e7cf819e5bd878c503c53e07c141e4024981df27d6245cc11c5dd3327d53df807fc84d117ef972b39ec6c2e004139f3f466e6f6d1ff2f1fe686bd1bf43bb7a3e9a7c2b8dc8e64d4295f304c268c204c0b839a600c4ef3a6184499f1adfe312441e314499a166af7bd09429385515ba8c892bab672be3dff1583f67cbb7935098f530bfbd7140416438f15cc733d66aab9f8aa72abe9688b6cc944e5b3595dc4405c1c581a03daa08b352c3f96acbbb26e49ec1d2e4cfdcb9c9927e51c0b05d50382b7e6e9625926c2afe865562bd56043eb122e604588301357f1f35bfab7bc274b8110bbbc0a39a863ece638473e24d9709f1ee88f72696faa458909c4fdfa4a3aea7e078d58399ad5ac3ac36b70809d6ef5773d7756d81fe4952e9be6431fdac566776332eda71899a8cb7e14f7041e3ab7cfc5999ffc92bb635c88db218d677f87a545591512b0145520cee04c1fda6858711762d8576673228b571003d36ecdc070347c78fcdfca53c34c39ea34307c5a03a96f7a6919c065339d2174825f349370970983d62640073b6cae5c01deeb2f10021c10b21b17bdfdb18c0e0ac748932f037cb03ef209f1e1a6aa1bd9243959fea7f515b2e8ed7f424abc1add157e21f3f062a887e18ca66e90a9945aaeeb6d581186f3fc11b62b99bf4e2599e849d267f447b751634c973aa1496fe6ed75db94b55e55fe0406657c859ed891be3017137588771c05ce36ce5ef6090e5e6d273d29c7a6296e529f63343a8e74f5d5825efac1625837861792303bfa418045c2c9e56f5f1e8f2f4bc651bdd1b42d8e86d30a7f03967708bc4eab87be20d17450c35ec1fb3e04f0fd4e54752cdfc3dfb6f80b1dc54742ca972c5765bf1ce08d33a21c4c05185e4c2643b31d0a48675d7536a32a31eb39403ae39a5287a63c04fdfea48a072df995595f03f1e48e767c44273920d412b91e19ed0adaa24d226012216df86bff7570f8e8bdb066227fa0c64253ae262e4098a6a11f6a9982521302c2ff03bdfd4043a78946c4e9a4f18f6e00790ea2ce7e6473b84e8ed7d649b2524bde5887b7e8a1c7a935abf9765a8c9dea1fded443b0e6039b2ec3d7c957b29334625333bfecffdbd110c21027491ce887ceab255e86b1d8b2268633dc2a98281541804c65bbd276896ec3c8281bd4d041fbd0205f7e3c55a5cc62567f20c78356e26c5c59d3be1a4a861d7c096138d7a12e0a5fc6f60a2cde96c4ca22e8e55781db73cdfcd307299d1d3bc63ba7bd813deb963e358c9fa0d50c4a0987d165f71e73332bdf286236e98aab114f6dd74f60ab20462bb0616411934e8eee78de0495702700714243c4c854f7f7b5121aa4d1e314f209ffe3e92cd26ee4f74d91e27f28cbb643bf2055a2128ee3fd330c23da3a00dc60c9bba28f30178612de36234423ade7c70d8c5c1f39ec50984f004f0206606fb0ac4d12a132d4fcc1993f397ce729ff8babec6a8841ace806d4ab88e1deb0268a261ccc0b6123b3940d21b791e9dc880228c4e385a02cf4d9526253e2297c9b5db5bf31463180350ab862002bb241fbbaf2aa698ffbf9117046d9429b8d22289be988e4ba2a771b861984b592c6d6d52698016f2fbbadc87c3054d776604d78c5101e590fb274b1a6af1e4a7f9e279ec5877e56bd45a7745d9d8984fb595ae679e7e4009f7005a1dcf773313abea0d3285f55d2d14062cf84ecdbdd92ced70c2adf8e6de1d9a666a97147fc6c9ecefccf7e3c4604228c1482bcb033f5374e54484552038f55d37a8caaf12e8db52e861b62a632be727ffdf77bcb4a6b293d4962d7f363f08b29480713032a06983c099cbb082b78a6bae623a871638d2b00660b05c701addff469a937e2816fce73f1e3d5f692cb35c967c7c14721d3a35444913d615f2fdad169d38833c731be62d95141e5fb1eb627ed3464b0f7d728854f960d46feeee25c9326826b5df4fe851a959d4ad6eb8e5300f9f14377f0313fe199f3dc4373ace2a002c4fdd811f557400136b9c8ca54d72d99057304b743c0c51d6fb5df4680f00b08be6fa8213955e424aca723337020dd920fc430a4d6d44480ff5824e015212e98ed45509b310d71806d9778af86cc9b657ebb8e4170d70a751137b6d8cfe29543cff363f882fa72a5080f5ba6ff36d183d0cd70058845615a53d8f78917b0d989d50e44c1958951f2fa732ea2400c3a9db47e7879b39bf3b115b07979930865eb9afa957eef46b9fac367743a0f9910e388532a0659672c0a0552bf42b875c4e9905cb88906cef54ce150ced6a48a0f25cacfe744002394e571343b4cfe7560f443893088626eae39d2d390f0a53b8fb50a6942bb3e5da8a407e97020db83e4ac23249ff588c23f7216446d20984a0d11b593cec47a81e1e627c6f046e63daa61cd935958f05643663a37a5dee42221dc5af3edf82b1cdb2c5f612e2794ef3cc59179ff0b2f873486ad31fd941f40487578fe12def69afed72d5c9c5b7e2506381d3ce3b49cf19d63eda7b6d8b040fb6d8e06efe13388b7870ffdcd5ae87bb149df50b9cddf11e88e8a2d64252d90b53508c2d7978872bfac75e9339e8a6fa87b3649e3bf5c64a056f117a7f21dbc005c87a66c7a5bc551c80d9351aeda5d663ce0acf4119b665f6db11ae4d7d72f6754692610f2241d286a2570c9f43ee1751f3cee6d6d12936023589b9d4f006744bd5bc657a787c6adf35c25ef174e785f82c982a21a68786d28460e43b01ff032e7ae0bc302ed7e4d04201743708fae7018050e44b1f381d0dd08077ab39c56bc63fe6ac58ccb80a00cffc969a858e0713f8df5c7bc5a4c35c21d0ba4b1ec074bc2bb67e1bda89a218e79b0c42750aabd79a2bdada1e3440678038f4443a59e5b846397aa0e1b175bf8fc61d565fd89cf4701da690b44e5bd5f4a06fbd15f688619955e71069984b9ed16512fecc5fa213829d07c40f5cdd4f86f071df350123602bf30f92f8a6ec5cb4603364430784dcd694479fb5c48f7c3d1043d124e07f5c05fc384f18431fa2409fc8ad4c380cf676e8ac4830f0360521e92dbc6afd64fe2d56ab6e50d7ad187e0a19046f5a000a6a837fe708469d913a6176c88dbe9aeeadebb01828ca5f65758a6e8f35d529bfb84b07a6c3308bc99161681c178de8d38da18e752984fb322e050e7625124fbe6a2a8eabeb14c7542dd249e190d11756d3628facda6e4926af6442e2c8773aaf88075a1e075c1adc169a623e7ef1ef1e8915f9e6c4ee13ea029052fba46db13818c9b428a06f4c0655a3fb5c6b5738d4b6a2154a6d6d1f252f7086e8435d7e04245ae4f13db5257cf1d35c63de6aba1f63f02b015f5436803ceb25d22dad67b9b3a132a066966de6f214cc7a60923da897e98332220920a333eb79e0e8c73500ce86e65da47aebeb614d95c9783788165a7464063cf6a5351b57c83bfe11b0807cf147527dc968344566fd79aec16412b47918a537818ddffd165b0af7f59fe2c5ca9ea47bebac69a6464db28a999944aee1e5369b149f48e0127a7659d9cbcdb1f9337e26497f318cd7cc9b9525ef534f9214e1ee16a418cc326da7ae27fdea49674e060549a9340000c45d56ce2ee8a075ecd0baef65f9ca5e7bc47d46fbe194fa3764a054f11b09a97b1f55fc1daaa772b7288606a791e07eedf54f9e8d599a9b35c17fd3208eb0ba3a0a1b1885426e72bb14dbc53588197b0b64ab977dfa643392452b2cfe34fc1c49462f882e57fd5b42ba4093d6877a3b1d361999926df9a894172bc953b6f5b5f0fa19b6e0925a1792423dd851360da76b96210c935a62e484600710e7bba36e774f6208639b8f8cf3d55afd6f3cd9a73daa4c584968a5cdaa47486b82ec0f30256c91e87e19a4a4af9b2068f842e624da9a21e57c40cc4d4df57541ebf140e144792ebdfbb49f450dbb1682b4ef3d048b8f291cf38ade4bb69116f9eb713e6a1aa0c2efa0158a59545dc5b36aece53198b1ea6378ede4ae2e44b3fd4a1512b4f007d4e636e46cc7cdabb364e4e0e6914927ee23d111e560fb36d5b4d084c3a60dd6ec0984c84e77c0ca6afbe874490ee51abdc5c79fe948658e038644665927bb3692c2546a375174e572e23f50158fb6b1ddaf223ff94eb675c6db7065dd21404f4f796c722f3d3322517fb11b52fb0215d84baa981b5a3412a51b1a27567be548aa9495873f2343a9913c057d083c126d360027535954298e28ae0b54cc1df2492c7c97516debeda3b980052040392ee27d356017bb24db10d7fd0b9547efaf7c5b993a7ac37d793852b277a902da9e9c37541e8d48b393c13b6ee292d0d86307c25346a749c12f8fe33c24c35407a9c2ebc4295d08e798c8db6a57f26ec35812e613828206a057d1f485d41440a8987c22ed492e03a9344e3f5a335d2a95d4c6513fb7b3020038250ef54e44cda5b3f4633746a842e2ad7bf0a43e7d0b37204a8a41ade245cb1bb4b8f45cfc03e6424f360ae774cc784c7675b240f7199184c7197f2cb6d8e748a67aeac4e4eb548db823cef53aa955596856ea01765c8b47658763fcd7c23e0722dc3f4fa38cd5dc55b3eb39a1e25f1c781cb648a0dd0eb34b5a53e4ee0bb6a050675bc5e2ef52764e6dc978527e80dccf4e7ddf1da3000ea21db9aea3bc395a59a2a7ee481ab4a4ccdad07df5859fe39474a68c96b64ba19155fc209ddbae7f651589927e17e1aef780690f3100a377f0179b18b31fd5b4418c84038573fc559b496a782beec3dcf6e9faf5aef676e10bbec34b1be5888fda49b91e02890d2524c5b369f8a54175f29dedf8156fff690cf186ec77104a798315033bbd27c8362811ca2d8c4642c31222a8e00e7326561c384cc56ea905bc6477ca205d5415d2ceb6198c91d8b00c7f029575400bd3f2621c7d9ca9b6a09ea6f776968b19dc3f3e3b064eac64729960c51a7e543eee830724813acf420368711d6f65ef7d05c6a128fb3a87f170b2def1a1c5f1155f5232d9c16789521661ec721d55308879af1f065f19ca87929f21109110c0960ea70cc1a3ea7ff0c1d3407de92ef7421e42df5c9ab31d2ec0a750a9522869cbe4cabd66908d5823ec0494c639b7ebb4ddc70ab214d026efe21393454cd593bcc7026c50f116bdf47f3d11d676b9b5e59f85c791343890d1e02b146be7dee670a09841052c4e556962c6df3409fdfcdd4ac53f7f64b201dda237f8a38b0d0cef58d4650fabfdc98d7de72568584869a5c7cf99060c08211a107f6a76a028aa41d5fe00f6d4ebc065b8e80cfbcd65a444ffebfeae92009a90134b906a8ef86b6f015e394011dfe3fbfc10bb74cf1a54c2d96196fe5f63114791e29209bd45f47fc33c3977c9a3da562fa95a5bc53121283c78887edbf83148738d99db95d7f07c02df282263fd4c7e3bf913391970b57d1279fdb66e899f9aa294cd677f75056ba8902dca49b6e17c06490c9532a0b5c942ac1c2f81dc0645053f5535e1e9db569c9770f6e29642577ae06df77889cc14b4590e707abb0c5283d559cd24f91b44c63c1a2e966417177e085fe753f2a06750c8fa01c3ec59c806a003b8b16e6d3e0ec753fbcdea07c5f9070aee2ba4d9c9fe41096bc23796af75e6797def0f784b5c7f42e3efeebb67d526959368682043a60b6335e1666b0fb7f0e3a445a6e57398ad10706439db08f9ad285f72041ddc306f2fe7873f7ff1b6066ab51df95bbeaa99e42a95930ead4de4edd9b240779c84b5960a1b8c7b5c59703639ded283357a8be798e8c3fc60b91209898ee6d68b8a25bf250713065988756eb8eff705dff1cb4142c6934e282581a7f76fbce4b22b06d2c0b29dc9ef2b5e3ab8ba3088c5f5a019b098c9ac0e7977edacbe8c46184da2f96384f16c262b73c3c3a647b4ed6f54976bc42ebd189d3d032fe11ca7c5d93f5a97e5d996066efc31601b023361482de5fab48a2a50791b12084234adc2b8261de33d1bef98dd41ac18812baa29667428e5cea59abef65842c0479e0016d09f6bd0f48020e3608a5b714188c44bb3708bb57c46b669fa3ebade5a2149c90bf16ce572d0d1efe01e66f5c1e227d1166b33f1253726596e13a3eae28430e4506647aa20d3a9c54346f62c6a007bc276ab4b21303e91963b20246c47905c6e864425a76450516c734a339da4ac6927bd79f9cd0724a02947ad66edf00d766f97d42d65a71171ec567244d0d8ac9807d21d657e11b0fa197c0291f547c325f06a5e886b52dcb04ed605514d6cc9b26a9ddfb9bbb6ac476ec166cc0ab37912f7e72a5d41cb7ab699da4d849dcacb5c5906071a0d5ede3130fd233fb69cf9e58ff67fd5707cb32cd549900347587a40daf5dcb2fb71105e681a7f13806a0945bd7fa7187fcb4eba0b0d17f6d3809e06f852a7a90d5708761effc370f08672da8b6ae84df6221507420d2a86c9a9fe56b805b027cb798f225894367d8f56fb4d009f8b9c5ee8cebc823111dab23a63d624f63f53be3d6c0a20c12263e4436e462407d72e3d854280d361131c169d9531430e9c556d0c69d57d6ecd4978b6926c0088162b1e6139fc3e8579717b395c0d1d330f56604f4c2b78838058d1152e689b0b8ebb86e47bd8ca858c036b768013bb4edf7e206cdeb617e883b879c90be1fe798904ff76cfbb804991fa6dbcc8ea244855f434cde71b64861e90f83bf1802fb84d31107ffe4d66bad37e0a73fd3a6007b9e124d82f0567439908d4d2a7ed38b222684267d13787be99b5c803e7ad7875536c79f77d1a27083b4a97f5f7cf204d52d11b960d21e83e2aca32d54ee973796abeba919a02acbe4e7bc80ea7cff073249625747db29323cfe3cd4ffa9659fa47fe6f0d4f66fe4b18c6f0848094af0bdfdce86ae8938f53d02923dab35d33e2335521d562ee2699e25196bf4ac765fdccceebde156ce4b875c3bbdf40e6081874eb57509b412b8ef3444227cd0f1b313391b639cde49b3906d91dc46ad8e08452e799e6c408151495c87d24d015d88e5c50d1e4d8a3babdca95d2f3f9dbc30e17716fffa3eaec120e05cd1e1d80a4fe8e31c545fe524c2e0a1d61d2b599ba9e09b362030290b96fa722bd7d7af98769125c18c6079956730e9952cb65b7cc1c72d2f95aa7a18415a847d2a9b0288ab531fa55ceba1fe2741e322e44d3e002 MD = 45ae4c1aa7ab5c5eb3ef6ed9bcd706fcfebf72bdb5f8f327e1f0bc02 libica-4.0.1/test/testdata/sha2/SHA256_1.txt000066400000000000000000000233551417716165400202410ustar00rootroot00000000000000# NIST SHA-256 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 32] Len = 0 Msg = 00 MD = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Len = 8 Msg = d3 MD = 28969cdfa74a12c82f3bad960b0b000aca2ac329deea5c2328ebc6f2ba9802c1 Len = 16 Msg = 11af MD = 5ca7133fa735326081558ac312c620eeca9970d1e70a4b95533d956f072d1f98 Len = 24 Msg = b4190e MD = dff2e73091f6c05e528896c4c831b9448653dc2ff043528f6769437bc7b975c2 Len = 32 Msg = 74ba2521 MD = b16aa56be3880d18cd41e68384cf1ec8c17680c45a02b1575dc1518923ae8b0e Len = 40 Msg = c299209682 MD = f0887fe961c9cd3beab957e8222494abb969b1ce4c6557976df8b0f6d20e9166 Len = 48 Msg = e1dc724d5621 MD = eca0a060b489636225b4fa64d267dabbe44273067ac679f20820bddc6b6a90ac Len = 56 Msg = 06e076f5a442d5 MD = 3fd877e27450e6bbd5d74bb82f9870c64c66e109418baa8e6bbcff355e287926 Len = 64 Msg = 5738c929c4f4ccb6 MD = 963bb88f27f512777aab6c8b1a02c70ec0ad651d428f870036e1917120fb48bf Len = 72 Msg = 3334c58075d3f4139e MD = 078da3d77ed43bd3037a433fd0341855023793f9afd08b4b08ea1e5597ceef20 Len = 80 Msg = 74cb9381d89f5aa73368 MD = 73d6fad1caaa75b43b21733561fd3958bdc555194a037c2addec19dc2d7a52bd Len = 88 Msg = 76ed24a0f40a41221ebfcf MD = 044cef802901932e46dc46b2545e6c99c0fc323a0ed99b081bda4216857f38ac Len = 96 Msg = 9baf69cba317f422fe26a9a0 MD = fe56287cd657e4afc50dba7a3a54c2a6324b886becdcd1fae473b769e551a09b Len = 104 Msg = 68511cdb2dbbf3530d7fb61cbc MD = af53430466715e99a602fc9f5945719b04dd24267e6a98471f7a7869bd3b4313 Len = 112 Msg = af397a8b8dd73ab702ce8e53aa9f MD = d189498a3463b18e846b8ab1b41583b0b7efc789dad8a7fb885bbf8fb5b45c5c Len = 120 Msg = 294af4802e5e925eb1c6cc9c724f09 MD = dcbaf335360de853b9cddfdafb90fa75567d0d3d58af8db9d764113aef570125 Len = 128 Msg = 0a27847cdc98bd6f62220b046edd762b MD = 80c25ec1600587e7f28b18b1b18e3cdc89928e39cab3bc25e4d4a4c139bcedc4 Len = 136 Msg = 1b503fb9a73b16ada3fcf1042623ae7610 MD = d5c30315f72ed05fe519a1bf75ab5fd0ffec5ac1acb0daf66b6b769598594509 Len = 144 Msg = 59eb45bbbeb054b0b97334d53580ce03f699 MD = 32c38c54189f2357e96bd77eb00c2b9c341ebebacc2945f97804f59a93238288 Len = 152 Msg = 58e5a3259cb0b6d12c83f723379e35fd298b60 MD = 9b5b37816de8fcdf3ec10b745428708df8f391c550ea6746b2cafe019c2b6ace Len = 160 Msg = c1ef39cee58e78f6fcdc12e058b7f902acd1a93b MD = 6dd52b0d8b48cc8146cebd0216fbf5f6ef7eeafc0ff2ff9d1422d6345555a142 Len = 168 Msg = 9cab7d7dcaec98cb3ac6c64dd5d4470d0b103a810c MD = 44d34809fc60d1fcafa7f37b794d1d3a765dd0d23194ebbe340f013f0c39b613 Len = 176 Msg = ea157c02ebaf1b22de221b53f2353936d2359d1e1c97 MD = 9df5c16a3f580406f07d96149303d8c408869b32053b726cf3defd241e484957 Len = 184 Msg = da999bc1f9c7acff32828a73e672d0a492f6ee895c6867 MD = 672b54e43f41ee77584bdf8bf854d97b6252c918f7ea2d26bc4097ea53a88f10 Len = 192 Msg = 47991301156d1d977c0338efbcad41004133aefbca6bcf7e MD = feeb4b2b59fec8fdb1e55194a493d8c871757b5723675e93d3ac034b380b7fc9 Len = 200 Msg = 2e7ea84da4bc4d7cfb463e3f2c8647057afff3fbececa1d200 MD = 76e3acbc718836f2df8ad2d0d2d76f0cfa5fea0986be918f10bcee730df441b9 Len = 208 Msg = 47c770eb4549b6eff6381d62e9beb464cd98d341cc1c09981a7a MD = 6733809c73e53666c735b3bd3daf87ebc77c72756150a616a194108d71231272 Len = 216 Msg = ac4c26d8b43b8579d8f61c9807026e83e9b586e1159bd43b851937 MD = 0e6e3c143c3a5f7f38505ed6adc9b48c18edf6dedf11635f6e8f9ac73c39fe9e Len = 224 Msg = 0777fc1e1ca47304c2e265692838109e26aab9e5c4ae4e8600df4b1f MD = ffb4fc03e054f8ecbc31470fc023bedcd4a406b9dd56c71da1b660dcc4842c65 Len = 232 Msg = 1a57251c431d4e6c2e06d65246a296915071a531425ecf255989422a66 MD = c644612cd326b38b1c6813b1daded34448805aef317c35f548dfb4a0d74b8106 Len = 240 Msg = 9b245fdad9baeb890d9c0d0eff816efb4ca138610bc7d78cb1a801ed3273 MD = c0e29eeeb0d3a7707947e623cdc7d1899adc70dd7861205ea5e5813954fb7957 Len = 248 Msg = 95a765809caf30ada90ad6d61c2b4b30250df0a7ce23b7753c9187f4319ce2 MD = a4139b74b102cf1e2fce229a6cd84c87501f50afa4c80feacf7d8cf5ed94f042 Len = 256 Msg = 09fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b95 MD = 4f44c1c7fbebb6f9601829f3897bfd650c56fa07844be76489076356ac1886a4 Len = 264 Msg = 0546f7b8682b5b95fd32385faf25854cb3f7b40cc8fa229fbd52b16934aab388a7 MD = b31ad3cd02b10db282b3576c059b746fb24ca6f09fef69402dc90ece7421cbb7 Len = 272 Msg = b12db4a1025529b3b7b1e45c6dbc7baa8897a0576e66f64bf3f8236113a6276ee77d MD = 1c38bf6bbfd32292d67d1d651fd9d5b623b6ec1e854406223f51d0df46968712 Len = 280 Msg = e68cb6d8c1866c0a71e7313f83dc11a5809cf5cfbeed1a587ce9c2c92e022abc1644bb MD = c2684c0dbb85c232b6da4fb5147dd0624429ec7e657991edd95eda37a587269e Len = 288 Msg = 4e3d8ac36d61d9e51480831155b253b37969fe7ef49db3b39926f3a00b69a36774366000 MD = bf9d5e5b5393053f055b380baed7e792ae85ad37c0ada5fd4519542ccc461cf3 Len = 296 Msg = 03b264be51e4b941864f9b70b4c958f5355aac294b4b87cb037f11f85f07eb57b3f0b89550 MD = d1f8bd684001ac5a4b67bbf79f87de524d2da99ac014dec3e4187728f4557471 Len = 304 Msg = d0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b MD = 49ba38db85c2796f85ffd57dd5ec337007414528ae33935b102d16a6b91ba6c1 Len = 312 Msg = b7c79d7e5f1eeccdfedf0e7bf43e730d447e607d8d1489823d09e11201a0b1258039e7bd4875b1 MD = 725e6f8d888ebaf908b7692259ab8839c3248edd22ca115bb13e025808654700 Len = 320 Msg = 64cd363ecce05fdfda2486d011a3db95b5206a19d3054046819dd0d36783955d7e5bf8ba18bf738a MD = 32caef024f84e97c30b4a7b9d04b678b3d8a6eb2259dff5b7f7c011f090845f8 Len = 328 Msg = 6ac6c63d618eaf00d91c5e2807e83c093912b8e202f78e139703498a79c6067f54497c6127a23910a6 MD = 4bb33e7c6916e08a9b3ed6bcef790aaaee0dcf2e7a01afb056182dea2dad7d63 Len = 336 Msg = d26826db9baeaa892691b68900b96163208e806a1da077429e454fa011840951a031327e605ab82ecce2 MD = 3ac7ac6bed82fdc8cd15b746f0ee7489158192c238f371c1883c9fe90b3e2831 Len = 344 Msg = 3f7a059b65d6cb0249204aac10b9f1a4ac9e5868adebbe935a9eb5b9019e1c938bfc4e5c5378997a3947f2 MD = bfce809534eefe871273964d32f091fe756c71a7f512ef5f2300bcd57f699e74 Len = 352 Msg = 60ffcb23d6b88e485b920af81d1083f6291d06ac8ca3a965b85914bc2add40544a027fca936bbde8f359051c MD = 1d26f3e04f89b4eaa9dbed9231bb051eef2e8311ad26fe53d0bf0b821eaf7567 Len = 360 Msg = 9ecd07b684bb9e0e6692e320cec4510ca79fcdb3a2212c26d90df65db33e692d073cc174840db797504e482eef MD = 0ffeb644a49e787ccc6970fe29705a4f4c2bfcfe7d19741c158333ff6982cc9c Len = 368 Msg = 9d64de7161895884e7fa3d6e9eb996e7ebe511b01fe19cd4a6b3322e80aaf52bf6447ed1854e71001f4d54f8931d MD = d048ee1524014adf9a56e60a388277de194c694cc787fc5a1b554ea9f07abfdf Len = 376 Msg = c4ad3c5e78d917ecb0cbbcd1c481fc2aaf232f7e289779f40e504cc309662ee96fecbd20647ef00e46199fbc482f46 MD = 50dbf40066f8d270484ee2ef6632282dfa300a85a8530eceeb0e04275e1c1efd Len = 384 Msg = 4eef5107459bddf8f24fc7656fd4896da8711db50400c0164847f692b886ce8d7f4d67395090b3534efd7b0d298da34b MD = 7c5d14ed83dab875ac25ce7feed6ef837d58e79dc601fb3c1fca48d4464e8b83 Len = 392 Msg = 047d2758e7c2c9623f9bdb93b6597c5e84a0cd34e610014bcb25b49ed05c7e356e98c7a672c3dddcaeb84317ef614d342f MD = 7d53eccd03da37bf58c1962a8f0f708a5c5c447f6a7e9e26137c169d5bdd82e4 Len = 400 Msg = 3d83df37172c81afd0de115139fbf4390c22e098c5af4c5ab4852406510bc0e6cf741769f44430c5270fdae0cb849d71cbab MD = 99dc772e91ea02d9e421d552d61901016b9fd4ad2df4a8212c1ec5ba13893ab2 Len = 408 Msg = 33fd9bc17e2b271fa04c6b93c0bdeae98654a7682d31d9b4dab7e6f32cd58f2f148a68fbe7a88c5ab1d88edccddeb30ab21e5e MD = cefdae1a3d75e792e8698d5e71f177cc761314e9ad5df9602c6e60ae65c4c267 Len = 416 Msg = 77a879cfa11d7fcac7a8282cc38a43dcf37643cc909837213bd6fd95d956b219a1406cbe73c52cd56c600e55b75bc37ea69641bc MD = c99d64fa4dadd4bc8a389531c68b4590c6df0b9099c4d583bc00889fb7b98008 Len = 424 Msg = 45a3e6b86527f20b4537f5af96cfc5ad8777a2dde6cf7511886c5590ece24fc61b226739d207dabfe32ba6efd9ff4cd5db1bd5ead3 MD = 4d12a849047c6acd4b2eee6be35fa9051b02d21d50d419543008c1d82c427072 Len = 432 Msg = 25362a4b9d74bde6128c4fdc672305900947bc3ada9d9d316ebcf1667ad4363189937251f149c72e064a48608d940b7574b17fefc0df MD = f8e4ccab6c979229f6066cc0cb0cfa81bb21447c16c68773be7e558e9f9d798d Len = 440 Msg = 3ebfb06db8c38d5ba037f1363e118550aad94606e26835a01af05078533cc25f2f39573c04b632f62f68c294ab31f2a3e2a1a0d8c2be51 MD = 6595a2ef537a69ba8583dfbf7f5bec0ab1f93ce4c8ee1916eff44a93af5749c4 Len = 448 Msg = 2d52447d1244d2ebc28650e7b05654bad35b3a68eedc7f8515306b496d75f3e73385dd1b002625024b81a02f2fd6dffb6e6d561cb7d0bd7a MD = cfb88d6faf2de3a69d36195acec2e255e2af2b7d933997f348e09f6ce5758360 Len = 456 Msg = 4cace422e4a015a75492b3b3bbfbdf3758eaff4fe504b46a26c90dacc119fa9050f603d2b58b398cad6d6d9fa922a154d9e0bc4389968274b0 MD = 4d54b2d284a6794581224e08f675541c8feab6eefa3ac1cfe5da4e03e62f72e4 Len = 464 Msg = 8620b86fbcaace4ff3c2921b8466ddd7bacae07eefef693cf17762dcabb89a84010fc9a0fb76ce1c26593ad637a61253f224d1b14a05addccabe MD = dba490256c9720c54c612a5bd1ef573cd51dc12b3e7bd8c6db2eabe0aacb846b Len = 472 Msg = d1be3f13febafefc14414d9fb7f693db16dc1ae270c5b647d80da8583587c1ad8cb8cb01824324411ca5ace3ca22e179a4ff4986f3f21190f3d7f3 MD = 02804978eba6e1de65afdbc6a6091ed6b1ecee51e8bff40646a251de6678b7ef Len = 480 Msg = f499cc3f6e3cf7c312ffdfba61b1260c37129c1afb391047193367b7b2edeb579253e51d62ba6d911e7b818ccae1553f6146ea780f78e2219f629309 MD = 0b66c8b4fefebc8dc7da0bbedc1114f228aa63c37d5c30e91ab500f3eadfcec5 Len = 488 Msg = 6dd6efd6f6caa63b729aa8186e308bc1bda06307c05a2c0ae5a3684e6e460811748690dc2b58775967cfcc645fd82064b1279fdca771803db9dca0ff53 MD = c464a7bf6d180de4f744bb2fe5dc27a3f681334ffd54a9814650e60260a478e3 Len = 496 Msg = 6511a2242ddb273178e19a82c57c85cb05a6887ff2014cf1a31cb9ba5df1695aadb25c22b3c5ed51c10d047d256b8e3442842ae4e6c525f8d7a5a944af2a MD = d6859c0b5a0b66376a24f56b2ab104286ed0078634ba19112ace0d6d60a9c1ae Len = 504 Msg = e2f76e97606a872e317439f1a03fcd92e632e5bd4e7cbc4e97f1afc19a16fde92d77cbe546416b51640cddb92af996534dfd81edb17c4424cf1ac4d75aceeb MD = 18041bd4665083001fba8c5411d2d748e8abbfdcdfd9218cb02b68a78e7d4c23 Len = 512 Msg = 5a86b737eaea8ee976a0a24da63e7ed7eefad18a101c1211e2b3650c5187c2a8a650547208251f6d4237e661c7bf4c77f335390394c37fa1a9f9be836ac28509 MD = 42e61e174fbb3897d6dd6cef3dd2802fe67b331953b06114a65c772859dfc1aa libica-4.0.1/test/testdata/sha2/SHA256_2.txt000066400000000000000000000312741417716165400202410ustar00rootroot00000000000000# NIST SHA-256 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 32] Len = 51200 Msg = 37ebe98ef52bfb240b9ad369153afe081bbcf9d7ae43e8ba336b8ac57e8a6da0a3365e3008072473bf9d6eac13e509c1619956e12a06fc696512da091a7d40232c675e737713fcf51aea6c0316c3bdbe196132b0943df2b013860105ce676fce7b88d0a167d7ec72c588b7b6465a83c9ea1d748d15713455e5d0e901c3cf646a38a09b0002dc5ab1687f350dca35c1a87cd404c0d529292082f77844203d86be0bb8a9d970a9af7baad8d050cbd9e024788eca91fbed39db930398180e393d949ad7e173d9c65498339a6ec670d049058653ad48af45cc4cbffd30c3b54cf1b290052b1864bcafd0accdf9b8e2a163134d2c982c1bba4a3dafec288e3cfd0ae1934a6f0e39122aebbd7a586e48d495167620708664d31c740bd868c1ccd5f0e94baf959e81502cb00da87330cbf149d5a8381e9eb519a8b97acad7a48c5b0c92623b861064ff1ce8455f32469381e6198c7b8abc341357d6a4c85f7fa517c4a47df728ac09a6645b0ca77df7c70cd4aacaf19c280949919132dde7993e9181e647e964ba99cd6bd10b893c8d90187a5009a23d295d43bfb4cc0e583b8052ac21651b23813bfc9912ea0c574e152f42d3f1975309588a4705196598ad93e1ab1d82954b4a18bc56e55039b6837fd893fa2bd7c70e21a5934dc2e990379ec6e8a2445dc55d57940a14e5164273f59cd58e5f6a8281e11c09536ea22821c98ac978537d7a02220d1d6552aee168a001715834596baabf7813e1c69949b23eb4b86658fd51819eadf8a13f067ca8a791cd1d53ab69d0e43f18bd72d5d93322cc1c36fbe33121f5ff01905328fc7c33d452a86468663c77fc80b0195ec1eca05a5daee339042b4f88a1f9371b472c6c5168c00e984937a134b282633dea25dde7e397b907b1e7d3d240a593e747007990782cf944fa078a7118fbfa793b2604fa15b82453209daa64475d0e95e2408319e8b5ce7460f4593a19e3831a9b363b1c5ddbcd273995fbc61ce7502b0233b1752223352e654837181d01a929f49faad422c65b8ae416ef81290b02b48e222c2b8c3ed57cf0494b928c1e11ad2da77baacd427785096aae1cd593cc356e551bc390cd5765ea41be30cf0266ae2e97d326c417c91e90d75f1f874555b88a14a7c5959a62f23976b77a4c754e35dfb7ddd1700df85f61a62b12a9eb4644caa7f8ba036b9f29c6315ff96c3f7148284ebe3239ecad50641f397ea24b46e21655352a4109b61479b9dd34972779f2f1a6a1d2887b8ff88289b2ebda2efe995668879bb93c4ebb3a585ab336f70b382205ac37c383475fa12ebddfb95b157172261597d2cb0f24f254feffaf75d224a3b407eb54cc7c8daa5483e4a79c347252d808a5f480a35987f6f09f6c6a73bd5cfbdb76a11ed78b86442b810cb703a5dec5874e8721af62e386591bd39d990b3521505e144100601b46de3f50752911ff37bb18f377de45ec4c60fc4ed8ea1717708d2d13fc9e1453a1c4a4db9e4fbe9b74cb8da14ad50c8c8f2ec944e10ee8e82ebb6a081959b0159f043a15fa1cb59bc5e035f7623fbfaa99ea0a1d81ae8692a4019e5a5edb3a4886c789675039fde87222975e86c2642eb0bd48408072fafb1a88507194c9bdd69f3418376a4d9e68c3b83b3f800605ff1dcf0917a6014b0dd77708b583ce3ea632746fee0e01a10500cba90016b4a9072847d809bb0481ae25f74f8ef290c7a087ae16f505fd0da670826a0b1174592d184e3a7e8622a5c84a30ab64aab75face50b96b217e8ea335c0605c638ed1c59370bb9ded004be428f49a79f74ec0fb296b3758f0b6b41930c7e029b55c8fa73cba7dc926151d4043c6bc8a716d7de9ae0cd3ef3ab2d19b0c813eaf12eacfb641d492b0001b2f0f699bd98e4581fd44c0c817646bdd77a71d8ed432f8d422812751a2f9178cf1800ee689ebf046cf9b161f9a7ef0a106cbe833398bf383288661b426fad8d4f570a8293629ee06856af295a58585a81f87f130e6e08f723234856e874bd0adbb2fc9e676deab6b9f22faacf12e875d1259ccea54f7294be02a16f34c427b51a33be8a0c460c4c07d51a2e7d5c0722a9fcfefd21c265d5aa2c57ae4fe95556b5e1388ea9756a6afb0856fb8fbe1d2bb1838be7a95049848fa9545b616badb753c453f266836eda3c92cd592bc0925690c42cd6667f866717827ebe91d0999f9de5f5fd6cf77f63737b65927aebcf6cefc7ca107fda8447e8bebf1f08a280d53a4b07f8e35904cc48cc08eda3c63a3475924bde1de6acebaa65fec5ee68ca22d3fe722bf33267de628c9db1ceda3c78cb2f9988682d641d068023f96aabde4e10071cdec2080f616ac30c2725ad3efe98a69a56873615a3a3161503a4f22621986def597b66641d07793d97cdc9a68f85fd3890a38928462b2fbe2bc5c509631438d2e344d1ced9e2b71748f1b6ddf33a3e597de3af03ce43d305b9f5acefdb2b71acc645d3b55fa3848484b7fa4cf25e71e766702f1003950bd2f45b304052861f6748a8f38175f1e96c91471f5a54999cc9937191b6adc9de0d2520d86590cd4aeab292ba9ae474edb5b8caad6ee095c9e74c0f5e5c9387559f946b2dc45da7fa1d4c2dae6973d5984841682af25ff7ff29d9721d6c7e76776e8965b6c681bc38e85da15954ecbcf20d7448204d9a6a477781c1564d363e4c634c36fbd3c3b50b332f1643c415d004ec999316e75694a8b98e2591678388dc6624058454ec3a7ce608b3f222b8bad5cef77095285e1d2ad746c557222dfc30605bfadaafc4f292e931a0f0d49b226d99d708247879aed5b9f2ca2fe6fb414f37373f844e13865524f206c54487aed53781834b3f6eefb248d95ba21bb60041d501f90a97a19dcd80920df7d84309148e3d0892e50687c86a45a1372926e00f200053f5f436e003e35bdc10fa99d9328853bf82d2091f1f087cc37678138ac0027e73cbcc99f7fe37939c98114fc7380c0ad1a26e3f5ec00bc7eae77045a55c62c18117879389c662837415852e7a2d01ac667a226fedb2596e3e137a83daec2712a65e8cec3e644e738d11bdfe9b19517fa593546373fddcb9e681fc97d1763bb9092a456cc0dfe1aa0e132387d105e3ccb7746ee199aa7af00bb96047310585fed40219dab43f057220a41e90c5f89fdac4a5d6b207c01d5ad4440c5ca29eed292c6f7000c58da111eb4b16e31efa6df3f3aff69e6447ac406aa96a9ece4b5b813bf8b3a499d09cd0969073468513355d6c19346c58480feaf470e0d45a13b74f2925488fd810e0f74afb9e82a24cdf61586bfae68dc92ea09b22d8c8f1ffe9db1e7e98892b5554ce2e15fd5f1cac5347df2eafd2a8d5f1aa8746b9403915da6d418c0b5a3aa8e09d6b65f9a49c3b7a5728e9baf95471404fdf64eb05da5f704dbad60ac9ac106cab2873fb1bc9023ad95c24852337a703d9cc04d6df7de594c3b2e4fb9f2996e0418ec8698a4c087c14a2687717f97e228e75afe295caae2f16513f47a45b4124a7c5ebacbacc562951233bf89f43ff85b703ec77f168c2278fbe6e57a0e7192125f4642d73f2f227d806287081bd30149b9d44fdb90029667622f9925b7826bd0343bc537c66e660f174b447860e1bb8846c3edcb639ebd213a4695f9cb471e188db7a859fcf3abae49569e676dec857b897627cb0bc1155ad6d45282d430176fde4262da2d5f41ff890ceb319d73dda804738456f30a3d68da41554d4cede62aa8549b24e211e76768e6b17379f842a24a449a0ba3ea73cfc72624b5afd118fd7e76a7c6b5bbfa7a6b6c97b97dea52decd51cf35a8e277140ffb2748777a1e3cc3211f3c12be099d0316f45023da6cd200339a718c72a5ca172903922e59648d08dc67f173788363c26e5df406391f107552925ba91b9e569f38101f5eef9a52d201288372abf6532beb4af19fa6d81eaf473d40896dbf4deac0f35c63bd1e129147c76e7aa8d0ef921631f55a7436411079f1bcc7b98714ac2c13b5e7326e60d918db1f05ffb19da767a95bb141a84c4b73664ccebf844f3601f7c853f009b21becba11af3106f1de5827b14e9fac84b2cbf16d18c045622acb260024768e8acc4c0ae2c0bd5f60a98023828cdec18ed8dc298a306c38d1ece01509f3265b5f8cbf441f0525097e8b48234bf69f65cf402c7540a023ed231ef95b222a900ea4bfaeec02c6d8b3b01648ad7a165237ca6b557b1ce287b0ea137f4ef54534070ee793695a9078ec89bcea389956878614ccbf917b61f8427b7cda870fdd92d2d297154262fc65f28ff1a54b2651afff12d6f36ee8c906107bbda399ce5e2cf0a430ad0dd86520841757126bad725bf1593c7959f16221894f5852ddad3172fef866b3321755491fd44fba009b42ec0b6c4fb9e901d7eb3b8acf70e94911f54c538bd0559c5740042b6df4a07c3e00bba0934d92a684b39592a576331e5a44672a227ccef3e595ffa1146ac1dcee0a70baa9acfd5c132b361b5ceb519984b0ee00cd2124aa8acb50c9e574fb19bd99c8fef5407faeedb28b796848bb372beb3f5bde55ed2cb140b60a53bba2df471f330208b09ffb8eda04315a06d693aa53d9bff8939ef6f3a68de6e1975f79f50b3d484665e4ee71124ed794be3a2baa7b5b918e62a095bc5d46e401a0979641fe465640e8d4d43eeba9d0cac76c7b86d22375123b988585e58f86566fd190d868eca08aa1e66932d6d3b14ecad3efd9f8cfcf2696ed42eadfa642324d941602cbaebb8639a00a17542afda32117051e4fbf243dfd255a559c49ac37c265827ba70b0bc618882336f43e1a6a729c57be478008cae6c74840bbe828c976ac628d7b6015bcb705612c277bac0727da645480a0e14fdc497956aef05c89d30f22c2c96c6dfc9dae30617e6206fbd957975b8ba0524f563289e1f5f09bdb6fd46fa6117e78e854f91d71699fcfcadfaa7d4db8fcb04bed08d68d11677b5085b295c1d414cb12456c84c669737af6c33992a5a9149fc7f9330bb291d38f6bed10318081dde8fd178f02eb0e8b7d022c8b63fdcc867546035775fcf7b32c8fee83df7cbb28372b23c71459b9566a7f64165da0a3d0e538a3dcc1b6a384f75f0263dc10e0924a0ef2ab459d0a52b7c112710c58cf72442253396b8a25d7644be166c3e7828aa62b1ca1f32f620ed969b021ec609fe926958a03cff21f08f7c8d3d3235b219fb0020a51b97b60f963ebb58f7a62a5b41104c0b28b58cfc81668825f87064e401c263421152b8790dbc99b3032c9615187f29fcc1a58e86364ad45524b5358fa2f0a3296729a3663a585e9aa922f534fefd16fb6f96cd9895709c5520cdcd24c8d107e387e520de055a3296544ef1c1ddd43b919a4ff139861f06ae5280d5aa5aaeb8f7d74ed6ea56093c2e697a30c29c4ac145aa99a372f1a03ae72495f52a40cfddedc12b6e9115aea5ea516c5a4223a8d0a0073c8b4abe3c6188fdd6d4ab627c9f4eab468fdc2a91945274ed18465a368f291a0050c9d638a31944091b35a8fd26a1ff65e2d17dfa32ef3ac412d8293b276849ad9af71fdf272363f771d0fa99996e24510e7bf731a7480cbbefff7801c0e5fd0a13dd8278162ec1687f85409a203e82d2bcdf7e7d1ae5509857c42fce80299fe06182e74a97c0c624ed5b6246e59781af9407fb28b34f7024f42d36eb92bb95f72cee379ed363daf2625b48e60d0489b23dfa57789c0dd2276b4575a01c2349171d2a58bcf29e659b868cdac1c30a02a160c078b6faa7e0696711d43447ea2108db3d34ec1bf9cfe802f601212d335445a4624829f8a600b18e9b3cf13a9787910f2fb27676fd809e7ea1a34c7306e766b2e7ae1bbb919cc888ea931d1eb2e27c6109b9a12c31e188a196a98bbe0b24cc315791d26ef01b77fe06c3011ac39a8f78d233b7651e586d14dcfc2636cb713ecabadb97374ce58498f8b2e557531793fd9207fe484a4e147f7b826502cd3785251973b23e2b62b7fdc74a10fce9c04f97511dbffe3f2c46887c25904b99df69e97b416bac18fadad67b71cc320eff8def185d41ae8558cbdae6ccee38b8cfb2bfe92d0aa99815b3ca1d115f21493b13adeeafce81a23c6b1bc15fc8f2b171284e6a1fd65c351b0c82b31112f022ddaa78dcfbac9f203eeef415c566a00c2c933f06ff18ee7674aba548592dc8214b1af8e929242f87c81b0cebe8106b5267ba39c5b51987e38858dce1d1f8d0cfee2bd61d217e5a5d41bb0c4aaf0e7b0a8c66e5b0291e4d05bfddcf8861bb31b32ea5ba80cb02472c11969b3b02a7f7bc025feace44726b6382012544f1bd1256744f4b1b0ff81f7b9f7462c5c92507f1316df228ec5c0786378b871e69479c3e26f232f5d6a709d3551d08f0ecced52f8158a2c40a234af448449c1cb1a1f6f5ae56171606582ebb9a5836c454eb86015ae7a4ac87105b371bf40d49b1134a037243a0878953b5bbd6ef944ae7c345ec24e4a0e8496b62d71a6381aa52e5bdeedc81784f45e0c75b72a8c9898ea0387a47153d7e3a7c895aab58a1497a5e794052d7457624478c24d44c7e8932c887322b422478418af64a389c152d12c7a6803e0fb0050dcf2b9d65a35a53b9845b9c3835fddd45dfd12e28f8845e03686b3707ef6003e7c1cd4f8d7406ee0d1cdc41d7b56fb630c1438fe33196e53389f1ec1540fe789c6599c0b589296214d831a86e89220ae97974f4d112f4c98c726027d0c9316d1303b87a43a86cb8b800835a677abfe1584e8be55a624612f56bdf71a054a2e834e35105a19a77f7dfdbf9dd2850ee44658ab0eae6e833c855bb9650eda7f8f4e74d8de73526f12773b2bcbb1bd35639f8730d8cdd6d64f496abae4e1f8cdc96148894aa691683515bcdf37ba6caa0cbf953c752a7b9819e9f834ff39ec8f6d8a3dd8dd5a431d47c7f74c7a633ff73ff507009c5ac9431cc588ba0c6d226edc17c94a0f14d3e8db0c7ef60c3293878dfe513f96b54c61c88a90aca4f246d6a5988f5f785ce0655f51b85e55af03e5772a083bfcf0816ebd97a4af416fa6414a9ad47b7198e51d55463807ef4f0d9b7c06a0a84762e4e46c8b39147a4bdd594b8d4d40b36f5e6b4d48726551890d040d229ee70ea3034d45b3c28eb80d686918fe6e219636b8f9b7e6fc08f4e3bed9bafc778aab274913e9cfd570732ab3fb434c9ba0928581232580495571e56f6705f2af05b56642c2b93df65c443a6caa5b167a4040d2438206d2cefd3114ab466eb3c9eaa5e66cf4447c89c493a2eee0b0ea6e7329b37c90ec2d0142bae7fef265ae3c9c053e44031c0a142bf9faa728e5170cdba59fa8da361d94d887d5d6f58b409bbc4bd4548990653a04dfb841fd784ac9cc4cfd34c88512de212074dfba30295badf22f1af2522c5fe1cd423bd8eae429d7a862bcd649ab61bf0d3b55daf4b6f0f390c503d7c1bdea453b5ef145bd8191802056bd9e0455a404b6afe5b25977f02f902caba46f988d91b2350ebe4091b5584d4f938a45803984a5291beadeeadda488dc7ed2dc4aae69ca8ae0bd4492f9b297c3fb257de986c1615d44dee59e1e14d34af9fd7852b13fdcb713dd1a03d341884a30ea1dc0104d63a31d291df035d317fea98ec44f5a86715014783172e667a748f162c5c26a8b34a0f133d89fb971bf6e0a01507efed010cc7f194b5e87a77d56a909d65efa0d5ccd6da9b5eb1d73422f97ffad8012af43a2905a98354b8362e9c459f0044336348eded53660d65a38a9efc42be13a6672790496d875a67e0078dfdd8340dab8547be140ca9f88891b635e195c20daa8359658785cbe3d09ce8a580f009324e6550b0196e305889262f28f49dead77e6f5a0e859c57d53c935a4c9590879b6528eb2bc3230217b0897cddfeff405a6a54b2f50c58311af1ede4ea0660b73037f9a097d9d0271b45e325bec666cc7cb65ae780e361639838d10fe79907a0da0efef85d2420a84e905bb33116789526a9a88319d460f539586762ab172e4a7f305f7ae36cb88c96d91aada0b4dda3418c670e27a5fdede39bd8659e477cbe08e645af927843dbdd67489b72693efeb3a7be0e121fdf5580474ca028f39a035e78d81dd212679d0a830c050ffd43af6642d60d410aaf34f7a5ea9cb2e12f21672e3f4e0c00ccdb05758e74df3893bd40a5d7921e2e149330fddbe0a2dae4210d50a3caa60b1b9db685f7704ae2d7302b18e8261052b779139747f462a6610a37252b170afbfce905fb6f7fb8c2b6100ee231507f403fee88ba5561580d4de4cdf600bf9e9816c9da1e1d2b91a1d966d04cdb98d3be55fb77af2daeeed750b8b60b494accaa12441d372afb3d47e7395b9e0e867595a1a6c8bff8638bcb138ddcac2f3efbf89762b68ebd77247c89929620f1a3cb8dcaf9632fde0996b33e6b2621da25924b4e2c8d6bff28ae0867786919ad763e6d79fc304a06277955795a7cb17186fb6bdfa98a16189544b228f3bcd3698737ff55b6185799459b796a63c6a61cea9d20f1e296d62f474c43750b77944e5f1c09072f019dbeeb64e9bc8dec4605d8e0322cdd97f56cc43084f5c983a584855654366fd5659ea23c6c15e1d7da51d82c683aa477b9f896563a5134c64e32814ea88b7f7af760f18bc91e656da92b72e98bc03f1c6bfb442830305529d681dc6bccae66da9b2e61b9c97e2397fdb92f7f6369b470529c570c2d3b329487981d148a462cdb992d792e34dd233e1c239657b8da0d59b804566cf81ad5f0a7a0ccb3a8fbda673887c153d2e56c484f9230d752be52c1e35bc9af5a7446237fc072afef777665c264c18e6a3c059fde2e8368f9bb898f1cc8393d1bf18b1757219670275f0bbc7deb0248c68af929111e19737479bcabab732d7e033aaeb277eac05e185e9e56b2450beaac784dd0308b7a5e8ca1f2fcd8852ddad9f7b7de264478e1891a391aa89964dae5ad0b7a829c2c9209db346ceb26c1b967cfac82ad574761443be3f0a910968239d23b11507ab978b3ce89e22b7d7283736b9786544ab4460f MD = 33b6229592ca719e4e46f35b287617fedadd3b7c38be3c8c1c9f446d2d9085b3 libica-4.0.1/test/testdata/sha2/SHA384_1.txt000066400000000000000000000765211417716165400202460ustar00rootroot00000000000000# NIST SHA-384 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 48] Len = 0 Msg = 00 MD = 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b Len = 8 Msg = c5 MD = b52b72da75d0666379e20f9b4a79c33a329a01f06a2fb7865c9062a28c1de860ba432edfd86b4cb1cb8a75b46076e3b1 Len = 16 Msg = 6ece MD = 53d4773da50d8be4145d8f3a7098ff3691a554a29ae6f652cc7121eb8bc96fd2210e06ae2fa2a36c4b3b3497341e70f0 Len = 24 Msg = 1fa4d5 MD = e4ca4663dff189541cd026dcc056626419028774666f5b379b99f4887c7237bdbd3bea46d5388be0efc2d4b7989ab2c4 Len = 32 Msg = 50e3853d MD = 936a3c3991716ba4c413bc03de20f5ce1c63703b3a5bdb6ab558c9ff70d537e46eb4a15d9f2c85e68d8678de5682695e Len = 40 Msg = 4b5fab61e0 MD = fb390aa5b70b068a54d6d5127df6a6227becc4d6f891fd3f6068b917a883c9b66f318fddb6384d10be8c7af0d3132f03 Len = 48 Msg = dad95a4b4d37 MD = 3a2b40f453925bc3ce17d640757ee0e899390b4a8d984d0297c1bae6b60b9f2603bf71c323fd171011372335e5702e40 Len = 56 Msg = 121835fe3700b7 MD = 7bd06a94acba7beb3c5a9b9e8769c3da6691c482d78b1e5c7619b36630eba4e596d11c410a4c87006f4716b6f17bb9a0 Len = 64 Msg = de60275bdafce4b1 MD = a3d861d866c1362423eb21c6bec8e44b74ce993c55baa2b6640567560ebecdaeda07183dbbbd95e0f522caee5ddbdaf0 Len = 72 Msg = 8d45a55d5ce1f928e6 MD = de76683575a050e2eb5ef95ee201f82416478a1d14bf3d96d1fd4efd52b1a28fed8dfee1830070001dc102a21f761d20 Len = 80 Msg = 5c7dde9b3894d73cefe1 MD = f31b22115fa7178e78223e06aae870547ab93c6eb3c3910b0ee16e6106db55935d6c0eb820132a2078ece1067efc81c3 Len = 88 Msg = 967fa34c07e4945a77051a MD = f8f24d81c4f8f23ecb42d76ed5d2b34c9cbc1f0a97234d1114804b5999759f3131c741d5768cc928163503c5f55f594b Len = 96 Msg = 2209112ee779bf6d95711105 MD = 09c54bf533a26c7447caa5783db2ec7ef5e55752da7f2a2c4e360982a94ec1ca2cb6a157d34eed28de978b4145e17ebc Len = 104 Msg = 20442e1c3f3c88919c39978b78 MD = 50bc95b036e0f54d833032a80d45c2ac38b3d29e9c7f72a2eb14781e9241d2a4b8e8dba6ee6f4c9e46a758d5712dbd39 Len = 112 Msg = 4d43702be4f0530319555d7f1a33 MD = 83c8f0bb762801eb26cc5115abebb657c18ff811de500b32b7a568a220a287e900b6c75224fe7429169fbd534cb588e1 Len = 120 Msg = 5e2a79a544af85f150f7a9d209fd44 MD = 8051ebc9cabb052cabe07e4023e2140808b77d25b07b96d2e3c22393f71b116c1a1e41bf62e57f73ff67871da7c93cf9 Len = 128 Msg = e1bb967b5d379a4aa39050274d09bd93 MD = 3b04f96965ad2fbabd4df25d5d8c95589d069c312ee48539090b2d7b495d2446c31eb2b8f8ffb3012bdce065323d9f48 Len = 136 Msg = bb84a014cd17cc232c98ae8b0709917e9d MD = 85227ae057f2082adf178cae996449100b6a3119e4c415a99e25be6ef20ba8c0eae818d60f71c5c83ff2d4c59aa75263 Len = 144 Msg = c3411a0592f1f4fa698815238997db356418 MD = 233ac44170d9f452a1a0231622030b15c104ff8ecaa3fccdb9e9e5031fd5b4220186a8edd032849c8b93dc183a5c8627 Len = 152 Msg = e831b739e8eb9f787f63c0bb071ddcc9f44cab MD = 91722d4b7aecc211bb8a5480c6855f3b71be4647e1dde0380c23afaa03f45c642606a24506e0317bf51506a483de28ac Len = 160 Msg = b8a7bbccde46e85f1223237d9353b78c3b19727b MD = 28ba69dc05e6e29de91924114d6c9fc7612f6d2a68b07fa001df059bcf98f7aa85389caeb966eaa299c79fe1fd1e40e3 Len = 168 Msg = cf391b8aabec6f81288c8b7b92843be23d2e847574 MD = 121e5ef697df491a53d7bae121416aa653d759a37db9d0b993031b18a0ef160ed98842a291e1ba2cea8b998bc5eee0b1 Len = 176 Msg = 9d65d88bffed764c286f34894f991600d1a67d622382 MD = 84b6e0d6a45329daf47a793418ed5dbde01336b4b9468bb69e5da61c42b691e6794e6ed0e8fb1b8e7d4cd3cbaadc520a Len = 184 Msg = bab6ea46fb717f73f0628132a2b96be383774f1e5d8b6d MD = e969aca1b50e928cad29a0d756457f6de8d7a4e589fd41e53a1e758c3b20f9b81b36bf098a49102fbf869651ca9a98b5 Len = 192 Msg = 8853b00e869764adb527a07b073c85a24e6c208ba47eef4e MD = 09ad44e85ac190e2d1c3ceb4efbea10ded34d0de961fe4ee268132c48e38660e6cf585bfffb8f7b00b0fad1514312b63 Len = 200 Msg = 71fe1ba5d299495d2a56039c64032ec6263d437f55e3f5bedb MD = b41a5d3b4af6d4b9c349e0788538e9a0311086894df7b72cf5aaf4091a7e039e4e89cc77a123474e6d1bac438e5e9f88 Len = 208 Msg = 4ebe07d03c93e849b4bbfe9f2d2294bf6ccab457f76d3f99cb64 MD = beba464d7065185587fad89bfcea9635bf0ab775c3eb8c147b5b2bd8601db6dba0590b50dd1068733f20dc68e004a090 Len = 216 Msg = 918ac0a97ec1632908489e5242ba284bc811aa7197242cf7226fcd MD = c4baf6397a4c6e26492b63a4aab7dffdd0051d8f51938ac24cfd8dae2f7afed1a4aa2430d7aeb0be2a72b21a6c50198c Len = 224 Msg = 97477f7272d8a89e38e796c533e9f8a8ae4c92ccaa5d907ed26a1a15 MD = d1ad524ebe908d7c5aff50e6cb780fd3a70e87c914a36b93c4e35f5b2cb03850b122b480ef8587d4a44f22467f4c480c Len = 232 Msg = 718e0cfe1386cb1421b4799b15788b862bf03a8072bb30d02303888032 MD = 6d8b8a5bc7ea365ea07f11d3b12e95872a9633684752495cc431636caf1b273a35321044af31c974d8575d38711f56c6 Len = 240 Msg = d3b07f0fd5d4cd3188aead8dc8338de42056e2e8487eca51ec37ef2daf27 MD = adcc2e954c91db3db2d71d0dee1f030e723bee1a23816fe003ac5dc862a0872ef51ff386c18be6ebcaa493f32d1195b9 Len = 248 Msg = 695b9efe1809abd5d44eae957ddf9c2cd3c75fae2f522855712a07c639c0b9 MD = 3bb95d164d94595a1187f77fc26c280ffbb08e74ec7947aa3e5b38bec7c6f8115c4d880788c2402dbb3e5b94afd130ee Len = 256 Msg = be01e520e69f04174ccf95455b1c81445298264d9adc4958574a52843d95b8ba MD = c5cf54b8e3105b1c7bf7a43754d915b0947f28b6dc94a019182929b5c848e11441c9e4e90c7449f4c3cd12954f0f5d99 Len = 264 Msg = 98ef7301f957d73d4e821d5873e8a9b5970fbd219d5cf74ec2291b8381181391b4 MD = b2564bbb159c3aeadbae0e4a4437f7c5111020e9ad0f4eb508147a961ac22a01e1a26df046b14ee5e8a49d9ed22b8cd1 Len = 272 Msg = 873ba7f8b71517ec50297b21cf94cdb7a58abbb8829206f0d3f328ff8a6939ac1d1d MD = 7405fdd557d2b5d4f65e9e85f508d3791495f1820d37cabfc8dbb74d7b41df8613d995c612d378dd88337e00951d0280 Len = 280 Msg = e3bd4bc3a60cddd26c20aa86364bd44f4a07f3302825ad0ac127881de4eafbccf988cb MD = 199d5423a0e26438f4cea0081a89e0b6c84ca93f7c3120c8104b51c6edc04e0f6a203bb77d59973a7411a0efbe93a09d Len = 288 Msg = 8716e4b86deff9da2a8ed55baa43582a7586ec9cd38ac3a933156158cd8e5b7887585e91 MD = 0d2306d9c0a8ce57bc7869b439376c07ce352a41d86ab6cf4a5654cccd5c724fe1b62b2c1101c986222f5264ab3fdd66 Len = 296 Msg = f8a503aaa25ef2cea25e31930c3a90db468cd3a862f4a93aab5de2777e82dc905cb03ee23c MD = 773ee958fe93dfd1b73af24d27ddce33144a9249d5a671682a56df30d0bbf92b9327130022075185d396de752959304f Len = 304 Msg = 669025175ea917cdd7a71ff4ec0c45bf1246d2a6f031c00b71de701e17939bfe92128b21911e MD = 9ff6be3f02c7c5d0206f4b944c0843cb68bea8f9b7c8cc0b729503db5005c7cd5cb14e3457d8f5eabf733fca9084f16b Len = 312 Msg = b35fb2262edfa14938a0fba03eb2a25d377974b11f556491a781d0ba2b3c0ff3e42749925fef8b MD = 835b05a4bf00c2594c3c8c13da6c273a0d9efdea0da72b71b19d326bf5ce968c2e577a7d99fc0f985afd23b46423129d Len = 320 Msg = 9d86b45df8d7dae0cf6b0bc208666ee1163a39e6116d6d240c9dc1c3a3c1db1dd3b1c6680fe9a196 MD = a84c469c24696f81d7df4ee8cd76aa584f8c9960eaa9908d3e3ebc5eea7d0b50afdded39deb94fd59323a21a6539e93f Len = 328 Msg = 414f5619f6dfd45853bbabd224cc305d77350ad253358910a74f3a4381a9b86680b3c4068c089849c4 MD = 848d481e3bbf5dd726f625cf6a444d995b36262c9f80d583b77accf1707e3f49bb3dc480a560694d769aa1ce65d69428 Len = 336 Msg = e2658324821ae7b0faa0cdd63ee9efb9fcbe82092d04696feb3da92c82521dfdc98f6b41b3ef365d219a MD = 3ea5d0799f1a4dcab9149a40ab74bec9c8d76d8e392c1e63e080ddec2ec535f80be9f00927be281ec97ac0c882bb0bbf Len = 344 Msg = 7e80271bb5f2cc7ddae4158658e4e8d06e04a39385da0ecac1cb8e91d68a9bd21ddb7320e79d10e3110758 MD = fa00bc0359a642dcb3559656094eb2fd4f63bc57f0d34abff26df5c54cc63dbeb4eac75905296e7fb69f871e134083f6 Len = 352 Msg = 43d2828e86f7856b78c66cfa3d602387c290975afd021a8b76af0918069cac35dec45de3cc52edc4ba14432e MD = 6c9e367e066032ce47ba2575565932002cc786f533c5551656abfe7391e7dcb5f9d9e047adace23d32f8acedfd0cafc5 Len = 360 Msg = 3f49bb645cced7530b8b82e6cf07fbf670f7ef0ba0583d16debafc639bdfbfc99b8417249f7f5a05410aa3a71f MD = 2b301a14647a67429cc3e7da02c4093a739640f7b47a305251d2855e75e09e60e262b279a073077d1fb6d0f04788f2b8 Len = 368 Msg = 31aac06a59b74bf478617c1637fa6c5593df168b8d58b1e923bf3e3d80e55d7170b16454160ab29ee1f7412ebc05 MD = ddd245c9b29ceac60506fb6bd6e8037889cb73d6ecc669fd129060a8a8f58971ac572d3ec9b44404f81381d0fd35a649 Len = 376 Msg = c10b2852054d8034e07906c7fce3ce99402321a648bb881f13fb276afc224c6aecc64800cd767ed2429db94b95a9c3 MD = a44640fb4ce6dfd4a10290a0aecdb453054a9b54f2583e97bb7dc2b005e5fa2b4fda17b1f75902f51c18c0caad35833c Len = 384 Msg = b1eeef324b499f19eba322215fe3ce19c9f000b698d2b2dab7145015046cc86d049ee15ad59dcd1564f30112e06444cb MD = 38742d18bfa6e918b888d68d1034e61f65dec0759172c2dbf08cf1e132b217eaf4ec29e15db7f4b07e08a70cc5662012 Len = 392 Msg = 790dbba09965c9774dd60a32e010c50d6d518968a220141dc33e7410f2da6c08ad0419bd9864d5327d2c5c44914b2e83f9 MD = 9174958bc8f4ed4731eced999bea2f63032f52bc8c46bcd903232f3fbc5046f0d6c203d43a078b822fc05101404f2635 Len = 400 Msg = f7b577f1396b23c27eb637e53d3d92460270b001cc612fd3b4d68bcdd09c2d50571ea4350636324cc2428a087e7bd8785f82 MD = 80afe111e44ad9aff9e39c4cf9e6b4c520072b4550e62b1740160a04f8d530612dc098917a556b44977d0e73df518bee Len = 408 Msg = 7370d9b453936955b9c9d336f4b283237986232de007bf412fb426ff5b4093c80c428c19a12e0b187484dc6d5f4746537fb1ed MD = 6cd29159820d34e5706dd867e6363758d312660d4daca8d2abf677f234746e97a0a6224eb054066a0b74e18c70965368 Len = 416 Msg = e8620170f0f39328bdf8888148cfd17730f314ea68d8fea02d16d98a3cca61484139d3ee92b748091dc841dda08483f1184025ce MD = 29c408a6a5045f397b56dfb5292c7c16028c63f068e699b86a891ff8501208ec9398dbaf463c00f39af7b2cbe45bac15 Len = 424 Msg = 75d4216bad77943bfe82be216157843b0da0fd16eeee847153a00b43e707b2ffe2c898168081f0bdb3af58f214cf67b920c385aca1 MD = 0170357385a20865a8d30c2df39406903ff88c7f70fa1a7a5aaa86711d64046c432a1b139668ae5abed637d1dc4107b7 Len = 432 Msg = 2fa90c2210e3096caed122b74eb9559977120e5d9a97eeb3f99bcba6c19cf8cf791ac6c8a0a94ae49246611dace7f24eb05673a36b3e MD = 6c2ced3fae94dbd92f4170b63f1ff6fcd8194f60937b22b4f3c95fc9e104b77148f9bc6c16a890de86d9ef1554c96fa0 Len = 440 Msg = a8de55170c6dc0d80de32f508bf49b7046aeea4b975a511b5ea3dc853bfa4b1e0138202d6785f6b3017914a86f824288d586dc0e8bc924 MD = 2bc3b10c148200f7919b57afe1d7db773ffd235e04fec6897dd94f13ad9c437ef50900a40937f82a39daf2aa2b3dfd68 Len = 448 Msg = accd9d05fb7ef3043470836137554af117440b3ccca7a280285494f90dfaea60dcbf40b230271932cd3875b1d3dca60d38865ff874180efa MD = b9e02df93e9254180d6a15288d77088b5a5ce517644109b4e2532be315f08dee43491608a1127dcdf69397406e23d231 Len = 456 Msg = 32b835c180cc4006c11a61c65b03c099510e1d4f0a94b63d54bd6bd5a8ab207ab0f4639206564edc3fa6af03280a67744f68106dc51ee35723 MD = df97a1c5dda6f9dde749f213e429db84f0dcd481d43bf58e6142968d629ecf05b262830a7dac87f67f4383975f3e821d Len = 464 Msg = 9409f9efadbf190b253367629f8f368c9d5ac262e94ab86f3559f9a1fe1a9b44b64e313121b34d43001c430bedc62fc586ea398acd8f17c7cfa2 MD = e1a69388ee6b6d234108ec29402cd0afd74957d990c7bdb544cf11e8eb2ccd170b6b5a74431be70364d7a31b926ff53c Len = 472 Msg = 289586baf8daced50db14c936529a0a6438eb5da8d3d469172b6a06f4ff3a956d4f9219563ac285cb8e70074cfcc152c02593a97733c36f4a9e97f MD = 509e996c1e11611c243021b8b78f2ad90c5a9263bbf35910db7c8ec102aa7c518066fff8ce88562fec2cd6dfe04056ae Len = 480 Msg = 156530cd6ed3baf1fd7232c7ff204f3c7d4d106016afa3bdff3786e84843ec556115626fdc84b2e874f1074e4f7d53e08079ee9fd01f80a8be7f20c0 MD = 7b8a598029ca0ed475a72c0644ac81c63d72fd51305dada07b0ab4a29e47422f59e12643179269ca3d7d10446b372b2c Len = 488 Msg = 30655a6b5a5965db992e7248d24141055e988d726abb8e729dc5c21ffcbaedbc0b1b5fea35b8751f6ec6625517312fff2234014176269b60959723787c MD = cfaf443e95deeb3cc1910771a2c0692a54b18b3633dc5414e71ae08877f0804818f67f7196c52e26b762dd12bb7a86ca Len = 496 Msg = 345c3c022e20144e135604078762ef5c8a8f038cf1b1d6a91709b59dd068396a9e971ab628f74886e765384a23607c1a1e6e973f8fbb0ff55104c46f5db3 MD = bfb1d5ee3a0b629058ecc521c706c2f9241c48cda3dcfdba660a2601d832a7a872a2bb840f3b98d21c37e28f9041a5b2 Len = 504 Msg = 0b94a0f43a92408963a59ded01a9338283a6ff1bfbacd9051a0104445c7f041e8037afde3b5a87d22d5a4796144cbc944091d6cc47b5ffd1f997ab1496ca31 MD = 07a045c9590e9901d0598e604c4649554a823de996fa438cc81a634344eeb98e5f3c0c234ba30e2285a4d7ab568f2610 Len = 512 Msg = 93035d3a13ae1b06dd033e764aca0124961da79c366c6c756bc4bcc11850a3a8d120854f34290fff7c8d6d83531dbdd1e81cc4ed4246e00bd4113ef451334daa MD = 8d46cc84b6c2deb206aa5c861798798751a26ee74b1daf3a557c41aebd65adc027559f7cd92b255b374c83bd55568b45 Len = 520 Msg = bfb94dfbe0d9a509b78d164a722050054dad91c9a8e260545d037eb450321aac48ed4459fdd8a41572bd6c9c84d18b6ec339247482cc3ee52a1bbd6bd4ae918216 MD = 13af0be02986ea3176e8c65534ec9f32c23b53c93a73b15c26b9ecbd8a1181ae184a372e9f5e0596cd6606849aeae8e0 Len = 528 Msg = 1c8924a16fa7c602aff5ee961798bd44fe53798bf44c3d6b0d13ef837de07377651c1e94ed236eb79349f86ac31ba151a7e711c5407e65beb63824f6ec39754b58f3 MD = 5be6482851ddafde582f2804071a702ae39bacb688741b7c37bbae99821ce4d3f47d5b097fd8eefa0ef9248a34f5d3ce Len = 536 Msg = 184215145da49db417e8bdd573d6282de073e674c3dea86b6c78591d4947f5655a9d9eb0e5f4ed046b1d8642da9aefa80448a299504160a1b000c9b4d3c62ab69b3d96 MD = 8995cd7fc0956e124075440686beece17a6256b282e7988a0c998f790e3995c974383179893477bcc32d1f114129b496 Len = 544 Msg = ca7a63adf41f4da33142910c967706b5c8a093350eb3e6d3aabe69a46a2872f47a39bbe77cdc1160daa450225b0e8e36f506978ce3ac9ae5f75721ef30da46b28f07242c MD = b89cc12b11e3afa58908580c47b25407abbf584f8e8d4b5631e9f450464c7e53cfd7e9f9d3cf35e587a6f02957ce4c28 Len = 552 Msg = 1da41a0af202b079521deb6109e312c2ade48544d2b498c07e91a102dd4650ce354f3f201b3ecab8e85e21d667959b43d08f4e90fa18dca2ccca8f6ff5e9a902dc8bf5c5da MD = 5c297e20c307aab7f325939fd4e2883b034fd547f1dd17fb6b97ade8b148e06ebbf3ff60cbf469e4933d5f48f0166cb7 Len = 560 Msg = dece42c8849be40c78b8de6da96c2a8d7e940545b9f3f39aa1ca03ec60a85471aa84d8e29f095874f331b90a4c157da9eb048d2c8fd235399672707366c766f10bb833f02183 MD = bb509e33e9ffcc4c01233146226ee9364cdac5658132460a76edf617a035b197c86434ee889438581458102618769382 Len = 568 Msg = 952008ebdedd480449bb96a025576c5f617bbb8307958a010767e0d736ffe5a196ea4467d8a5d3ba1f5476ff07b6410ae659dcef520a2c14e3902f8b399a289f41f5fdadb502dd MD = 9b63d9145bc714a8253dcdb8341b2f5714eb58b9d4b22ce45aae07f51297a3dc9c5b691a8a3cd438dc5bd18be400af21 Len = 576 Msg = 100132c315bfc9c4fb93023f5d3500d7208a68acb4d2c63096232c361a161c4c67c0a74bc3e4d72c11664b1d970321d405401924b3a0f6ce2b1a2899e7caa9a55ce725fc37f55d6a MD = b6ca04467ed3e623dba36f2e0248cefbe134cf555fdc14731175eaaf08e244ab0b15fca2f173a0ec98feaf359fb84a11 Len = 584 Msg = 99cba4019f5478789e674e08fe5d6ceadd698b0757ca39c605457c22c3d3b8ffb797d2be8f12960f099a5606b908d47207b2636a779948282de3661bb08b1b37ee576590800a492730 MD = e5378c7c251ae96f0359a30b3134fd77d61d0db68c42a1a2aac293195a596df42f677e6cb98abec90d6722baac63fc86 Len = 592 Msg = bb327a0bcb2574df47080e8c0d8a45ee1c0424ae0414dc0a9b8717d9f27d8ac987c7c9ecbc946073884d1fb96dbdb583aa758186b16fa429dbf15b8d5bb48cca71469e7ce0ad8e7fa14d MD = 0f75e65ff8494ae28d9a0a2e65959653275fc34b2fa27b9e10faafff07c45addef3b8f25953d5a2e54e31ebe6d429d26 Len = 600 Msg = 7fd9eeb5ff368040d299fd17a943b21d65deb2eccf6128d18a33eb174693538935374c32c333a867821dba08636f20022c2ce01826c7b7e41640ad186f90ed0ac647d47086744867e5c54b MD = 007251a2a577add048b1edc79d96c7df8fd5b5fa0d7264f122e4cb54c50bc316a8bc5f4f9dfd4469e29e9b030f563a6d Len = 608 Msg = 7ca9e369e82186984d5fc729e111a7e5d8ec19c5d74e13b5ab22e4993b05c88ebba6ba72237389a6e0722e12c96c5d6a54515ab00ad80efb38665a76e831abab0fa5cf020807078441585de5 MD = 3ee8c4184de9ceaecd0d3aea16271835f3d45c873358c93a515539c38e819414ea63b08d0a109346793d5e0f703125eb Len = 616 Msg = 5b4d945d55dea22e37821ec396476a4bfb617d2f392ad93afe67bcfda9cd9b725bc4ccdf516a83fd71dbff5a22b005fc61c58e471240bd2193ce13539730e63232f70f80308be48dab7266a1dd MD = df82d242e4cdc2eb40bf3db6a56e1aa0a66e553f1914bedc65c8cc6ad9564b6e85df59f4c443cbe4e0aee05986f7d690 Len = 624 Msg = e865f4a42bbbd0b73fe275b8ab90d3a9fb74ec5070192d38f60efef9564498b9adb716f31d50cf77c20ae4b2e85515307bb8d95fbeb9ad964001ac550dbc60cf213fd8a522edfaf54e5b1b93b2b2 MD = 091fa9ae2184e2268ef9ef23c7c809efad244536e00aa9e8b3a6c228d90e31da051b40f268a13bd6f62e69c91ae8cd2d Len = 632 Msg = 1d408c7b68e168f41bb46f9b2e9c8b04f968e4080252546814cc1cb2917dd5690886a9600a09c2673aec0329a4daf655508b06fc1646ef3bb3a472191d964db214a96a96fa89576ce4c4f6dbf1d176 MD = 7e23472c03431925f3b4559d886e8d5d837b3d39b8efe1b7a91e61a13810c4dbc2439634d7c6ababfc66e9b18e6541db Len = 640 Msg = 54ae030a4e27a05c1ea4a12e69c67544af9b4044cf157dc8cebbe8b2d49f9bc0779077603c90c5c55b891d3ac33b87b65e79e1b19695813718191b3bd8b7e42d5583f7cf1e60f84495b8f869f3719969 MD = cb65f823585773cb8802b6339182f13752a82864c898b445be5a11a969657ac2dc4a3bbeb87ac0abb232a2b124171096 Len = 648 Msg = f73cd386f73d0c6ade05771b33117117c602e52693f05b47e90032eacc39295f9793258fe6512eeab291baa0be222e143295a28e8697e42fa27ec02b44217f32a1edae2f4f35213562ca37b6d6cc5ef72d MD = f665c4d17a83d65a7ff16bfce279b58558250d76af68b8eb943753e411a57ceb31c1a131e54bcb7672584416e3d5719e Len = 656 Msg = 1d259612e6867e7d788c71d03c5136864ad6d84f24eaf913a34e69333116f812395288d4dcee6665e6d7dabd005ffc6327e3ca305cab78569d1107a115e619fc90110436317925066726774d1da3639c31a6 MD = 5dcf512e2b93d6ecdf7c3304534554ea79d22392e59bbe90df21e978c9fa3b34ff82e6dcfe8fe2236aa4af4e662e2a9d Len = 664 Msg = da8734414c45fc1d5a75a3cbacadb1bfb523d6fc391f882d0db0eef21f9ffd78b6a1e14cfad09e71b65cf7b05d7e8f2f4bae4e454e16068d65465639c729cfa92738563d37edc9676b7be604ffbc68ec3b6b72 MD = 8b328a31adf67dc7aeb864a359628410d5814a2f0cc683303f61432ce32177e1f538feead7e5000343916c7042f8b3cd Len = 672 Msg = b228c75903d80fbc6d1cf629ff1d14a92ec4bf0e121fd97bd306ed265efe7a5d5c5d8fc764af98ed6f5978f88d7cd8bcd71cbef6a58261d201de3cb15b3161287e6a104cc2cf882d839f1da0d3f68b426cf08ab9 MD = fc92ba4eac9a1bf120a7b6c2cc30335b9615b1a98e55d14854ff872966e71040737401c6bc08db5842ceace14cb7e7ea Len = 680 Msg = c90d473a6fd30be9a98bf442a9ad65a697d4629c33cd517dbbed02710fa8ee991360bc8e557b0a0bf0b869e6b0c3a9457607580edec3859f2060c9c0340289d53a5d755918ca54876599045a86a9bcb8163795ea8c MD = 807582b2520e990cfb74367343268b9148b2519b9e7cd9182edb3db9ae7afebedfe8ca118130e2ef9d31af9081da8222 Len = 688 Msg = 6df8c5c28d1728975a0b766cd7de63bbe7f48c3db3e6fd5a4b8df6e3905cef0351f3d973b4f2a7eed80b0de5b85c877353fb9e930ad2679149ad4cbe69910e68d5500b096c5abdbf27d684fcfcf1a57f02769283d5a0 MD = 7bda57d21a4434aada6758e282e612a4c0f41b242f9c790804d5bee25b81a821dc6f2a0ba56f1b3704802c9a6e153d85 Len = 696 Msg = 2cfc76f88cb6fb90927b69526ad5f03d6bd335f4f75b52b6a3c21e8f989ab0d03acb1ebe07e68a87c1b5607acf17d976e10ac4a3d30a8561d49a5e7ec720edace9f5f632b4bd63e104f4894a79caad2e1c31c736453485 MD = e16670ea837c259e418d3c0e1eaad4948c3457e15b1573056e24da25bff5c66b7e95d24c6bc1b8d6c2b812f64adc9553 Len = 704 Msg = 3f05108c2f33d39b3aa9e73efbad4b011b4e9e9fba409b7611e7e03956b2f3e5e0aa86f68c4bfada5f9223a66d574b08f9dd797cdda8f3c32d8e01921711f4870dec676027ecc56fc2010b496e95cfbf071c820f21edf25b MD = b272bab680f3ab27de72d94df384323f8555f1d17facd2588ac8648def2451f82f9b99c05ead8316fd181a2cfb97483a Len = 712 Msg = 1ffbe1aff0a1e7fa3e68be31a74612a1519b59397e7007ef61fc015f316d55b57be528cebcc2f09a2f22e3c5e4a6ae9612776b17ae87cd763c1a9eabe6846c5bcb347ffc99f10e3b5e64b29a9bd71a5e9b3c01a802715de2a9 MD = f08bda9d6762607519d53fecb0bffbfd3ff2924854833a759d631e910c42ca86741fc2e290af42e94b94898609b91390 Len = 720 Msg = f755d6b5642378f2847893901d9aa91c54a4b7abb97c5c7184063e8f1e97aa2de4ad7ac927dd3cce770c906921e2d298f67cf9844e61bf104db803b265b86b821c5f4d901067d07b38764e3f6c95fd4f28e3cfe48d8a9694a8f3 MD = f85e98ea054455242280854e97c4ed399b85ee7bc5c5fc3d62910a76f3a9600c3d904c832b70b58d7d998db8dc978135 Len = 728 Msg = 773577f3a642c4f13b1cb1f4103e9f6b2da86268a52f449cbb174c8349e3c0dc636ce85c373115a337eee26f7b70ba1060a79a1c76fd186399e6a5255db80f83b0be4a34ba876f7908840553ead380f3195507729d067ac2ee8eb4 MD = cc27869cd7e63695d19082446b068b77dde4e8604f8c0e9ce20a1b71aa9eff1460f32d5a54476275bdee8e7621491f46 Len = 736 Msg = 651589927e17e1aef780690f3100a377f0179b18b31fd5b4418c84038573fc559b496a782beec3dcf6e9faf5aef676e10bbec34b1be5888fda49b91e02890d2524c5b369f8a54175f29dedf8156fff690cf186ec77104a798315033b MD = da846042fb908eee5f5defd1055ff3e57103708278d379a8681f58bedc6ef89670b9f957c4e0edcaa42dfd8cd49df6ea Len = 744 Msg = 678652600eee42580f73623412e9c011cc02dec4d4cc1b79b27b6f9939695bf2185b2012ab0630f317d2e2de95dd69890e430783e99d7ed121c7c8da9ae70780b5aabf9022d1435cf5ed6da6fc6692c050c2b5f22b24fb1cf9135f9cb2 MD = 8a6ae41c9bccc16eac4860bd5fa91205a86fbfd09692578f7f36b3c135d96f9e9001c192dbeda975f7375bd43a23ba68 Len = 752 Msg = 416d3fb7b401fa5e78cd96d479d8860df147eef03adf13fce1c61131fb89cc2ebc63289745bd7db9bef14571a55318496572dbe52b9b349ef59f406cecd68909f364325380bb75f3aa62503c84f47a55aa6b9c9b199ebe414409ff3964cd MD = c5f20542e0c0ac1eb433de6229fe5baccfd4502e2c2275439385efda6374a1d0fc50cd9bba4233d470ad91a3356ea315 Len = 760 Msg = 6f09e876c0b83c9934ffb777f006338c5142a31375e9b21cfea9a7de12998c4ea6708ff1fdf5a8ee6bb67c675ffd8209a10064e2d758a8734eb48f07f7cf3d43b09f1bfdc5d07a52b77079f23cec28bf863bed97c859276df7f7129fce71eb MD = b3c968f3025f87dbd5cd3d364bf673e62827c35889532431becd87cfbe2cc75b7ef45696d19cd3452d0e7c2b69d09544 Len = 768 Msg = 0dc2b226b3431c69a76addc018fcbda22bd72c8ff01ed6549596798bd950f361c489a09c95cee2dcfd6401208ae6368d6630026b417cc4718ccb8b42e8872937de66895fd09142c42f066bf0ef3ab2b03803a8185fb65fc7148c376ddd4bf58a MD = aa645a4f8f602411260ace24d381f3f5dff0000c246343eb528e3dd027cd743815737906ac5c74ea83c2755e56b99509 Len = 776 Msg = 8dc71c84c8772753c86ab6afd80e8d1df9b0d7e8d69ebe67fa883a82412c26738c3399cab95573b4d3c4367c85c81852d5a6564c0fc7caaafe16c05e62aa06cc9fa542ceb35c88fb6ab82c29d5dcd530f807d3f1c3bcb3974421101d1aa6ac112d MD = 12239813097124e6248e7dbec985a6a25f622b1d07295cfcfbaff33b847df7fd94265e439fa535f3becbdb576922ac41 Len = 784 Msg = 3df3edd9fc93be9960b5a632e2847b30b10187c8f83de5b45fcb2e3ed475569a8b2ed0784348f9dacce7b323c6b65071abd8b32d1022b1e12787bd4989d3c5ac329d576ccd7608dd336716532e9b4c7f825826fb2e343623ef85c6270619bf5e3b27 MD = f36590f5211a9cf84eeb0a3b2e5dc1164e813191cda7cb883f3f4a074605ce6780cf2f1a105658706fbd2829db8a2a58 Len = 792 Msg = ced0ec6500cb891e6433d104ba5b1c1ebca397f3a5eeeaa0f0561729621ea50d4ae7ff1d0827178dccd84e4ca06d9891a90adbb7a9f4994ac947cf6296e71d2f49b826d64b123a7bf86f339fa4679caddbdf19cfed7d0206aa5f527a6b0cc00f52aa2b MD = c2c2d7d65d0b9108648e3233d15fc4e4cb62ed8fee9cdd18ab44b8486e2100fbe45ddcf74f46c15eb77fb1c893c12202 Len = 800 Msg = afa4a2c4fbaffe838dd149c78ea7851ea9396304b41806a093a90aae59c0c5bdb170cc9a7d22b90cbce52cc1b105108942df20c29ef3a913223b915e7ebc98ef135adefaa0f0a6441ea05920e868ce9d1ff6c8fe4dbec06a4849e5e55ad0627f9e09dfcb MD = cf6ef91d8567414f5c7f0b1f4ad09a976afc7c8327a382fca90f5a136b19be33100a664390a377f8d8a3015fb882125b Len = 808 Msg = 00f65a485bfd381113d6e79bf9e0d5e518c891988c073ba198ac3a20f25c2c81619723e88a3c0ed3075075fbbafb6a7b61d3bc336a5e6d6f08d166c4861e6a3bdc2e49b2806b567e7e821a55cb674a6cd699f7dc61a7054a8ff3dec73eb667f59644346be2 MD = 809c6b5d41da7cd10df90b02b193ac7d40cf2e46c139e9dbd208a988da2b25002cdbad1db2ecc1322da20b7d054e5fe6 Len = 816 Msg = b9ce382e1e82a873cc444248a3008c2cf64d18759057abe8f91c9d87f5dc83aa4eca0c51d30829b9a1d2712da1fac31f52942d77c9f20c2bf6d3751028d7d4f0d336d3dc92b27ec368caa4444b3180c1e37e98b58f25e647a9a6361f0b04cf78d17955766168 MD = 18cd10b3ea907b3770e8eb91c974666e2da2525afe7020b872b3ec6689e5e1cd0059dd4fd49ce44d75dc4c8430c322d6 Len = 824 Msg = 6778d82f3a98eecdfac55ddeebc52476a070094fbd65831801fdd60f837d80d23b90d472c5f4e5ca6273a50f40154ea8fb94013f6310ad18800433a1d379c84bdf799a99e8c7b676fbcd29cc2ed66552297de7a6e565179bb42b70d48299e0925a1d72ca2c792a MD = 71f08d9333df5cb885fd23d6cbb1db84f9b55908d069df50fa4795cc713a18439bcab8daca078356f5c75a619f2f8782 Len = 832 Msg = ba3a54a77d7c2b8ccec6d53136cd48827c87acdd1cd86ad1f56e862642ea2e1dcb4093f85d60f7bd77160738462e6c3fd3dd9d3a7c5cf7e2a1d60f489f84471902179f21f656ce0fff089278ea14441e04e7af71891622565f44c428044728fcc686212a32a5d809 MD = 3cc154f0542d8e3cacf9d79f231416816178a7ef2275fb257a48a2f763ffa2e15a33c27b970a416a057925aa0412d268 Len = 840 Msg = 7eec4f4f491b4eeaeb1cdbdb95e9511c2872372bf64a1f61cda1cd8032729c8beafd1edabf78036d80023c814ad8606106cb4e7f33f214c3e69c0f230e885474fd594f7f2444aa581e0c70ebf13073d89063eb81a43c5f608b2fc99fa1bcf5e2bfe62a6802e70c52ce MD = 2f8c5682a07438043e55f0b7759fe7eea5d9bdfc8b0f89800ebcf777bc05a941ea7f3cac45d4659de0f505d814590b6b Len = 848 Msg = f3715b9e3ddd7862e15ee87aa23f1aaa0580591e55cff3fee9b49b42aa0c0cc8cfb8efa3eb96ffb72ab06b83d7b47b3d22a5772421cfc51214005150edf532af10138ad45758add459908601eccc3703e810002a2e4c6202e98d84281475d55d3de9f3d98809cce1f665 MD = 04e7d55b0eb4bc3d3a21cfd2941dbb4dc44706588967186b40da54902aeea97b262c97f75e37ebe3cd60a804e7b9feca Len = 856 Msg = dfd7d792e162bf7a889109550a0fc4c415232af0c0d72dcbc2595299e1a1c2aeae549f7970e994c15e0ab02f113d740d38c32a4d8ec079cd099d37d954ab7ef2800902cdf7c7a19fb14b3c98aaf4c6ad93fe9a9bc7a61229828e55ad4d6270d1bdbca9975d450f9be91e56 MD = 08e5ef57d0c2aa23edfc75cfae39e6bc1a43b5db08b2e27bc9823114edf760367db9cf3cd9c3779755f6d39e219b7079 Len = 864 Msg = ffbc7c47f52e69f5c667f4ed578b46ff4592048f789081f3fb39321d0aa4627a6d4f261905649410a53a301c231fa787ae55c04f615a8f84196cecf2844d23007b44edd892649fc8ed10a2e855bf23fe8afd0b9edbb33296f5a7cf89f94634d9d1a2b8cac3b7f4e546f2329b MD = be10c7baf94608408a0accfbc8ce95e159d08d8ca75dd6c273f935947a7ec3463e10a58d3ceaa0b2198b0887a3a24a29 Len = 872 Msg = a39f202d866e8e96765fbb53b6772537dec043322f4a7475247036d7495c987850cef2a46218d3fab36e3bcd595c0aca5e98b9db14fa484ca8c9772dfa3839f7ac3066727a50b0d5c933d82f82f1220720e8063f08bc283f199c8a4f85c70043df4fe55e751d0d71df36fa43d8 MD = 3b2664ccb555a1b1f3ec996860146ea75ef7f3bd62028a19c26f63339399f4275a07f3c064d34766ebe8e4dd532f6629 Len = 880 Msg = b2c8261853e2218dfa135cb5387810352b8962e94e9fdc8695b41e7dba6ad122d14fdd0d2360dcc039ccce8b37fa0ead6ccc85bc26261d47cbaa78b925c6e380fef1856fed31dc616fe16b2039b1ac85cdee4ce04c0497998b41321868db08e35f358606585e0bb8c3da9a3be7a6 MD = 45b286f49fd05c45c921b7bfdbe2cb024441c372e07394dcccae0de834cd541f13a79dbb3e5078896e88438542bd2f12 Len = 888 Msg = a04f390a9cc2effad05db80d9076a8d4b6cc8bba97b27b423670b290b8e69c2b187230011c1481ac88d090f39154659494db5e410851c6e8b2b8a93717cae76037e0881978124fe7e1a0929d8891491f4e99646cc94062dc82411fa66130eda46560e75b98048236439465125e737b MD = e7089d72945cef851e689b4409cfb63d135f0b5cdfb0dac6c3a292dd70371ab4b79da1997d7992906ac7213502662920 Len = 896 Msg = f419494c3c6d0727b3395a483a2167182a7252f4fd099c2d4b71b053f94bb8b3adf3b51e8460cfec084ce9415c95798fbae4975c208c544645b54c44d2b97f2ecfce5c805be61f5ba1d35dcc07afdd51a87baa990506668cf710e18be9b0ebf943f366fa29c69f7a6616de72a3353b66 MD = aead8688c58c6ba4e9cadb4756b465dce0fb06f1cfaa478197f2ea89414e47e9572034adfed160703c79b82b3fd7ab78 Len = 904 Msg = aaf7584d53006cbf2d2040e51b7feebd2bbf1e9f6d817cd8062a6a9680e7f10464eefeb50b07cb46b14b9b3fcb2caa3b9ab664490115d5919456613bf172b58c5388fd52646a5783535b88212717ef605314b70b8a085024d4ab1fcbe2be74609e4cbdec0730fabd3cd77151d647a3767b MD = e6e79d8c61d0ea9fc70dd4dec1fa432849c3396e717b170badbd87a4c7974efc590ab8c1183a6232beff14534f004b02 Len = 912 Msg = a467f77369730201f2812204fd63ad0d2757be580d937dfeb221a06b21ed3213531d936152a0c1f09f0ad5fed19fd11e80ad982c61203e86b2508279d91d99fa483e2e97a3d6a6ad2548a8da404dddb58344f4bdc1c9ea907088885e4f532d9c4c73cdfda43c3a9e4ce5a2809096593cfac1 MD = 5a7508c2cc096bf65a4d4d337aea22008edb9a3bae869f94e09fb526a52c3368e9b28576fb950f078b7e43b5562120e6 Len = 920 Msg = 01abc90e9180fc9bb8ea67a405073ed6848bf33048076566476c55836bcb19d3e55e9400c5cc657bc7a95f1d703c390f5a8687e7cd7fe9138ea3837bfcadad6258a3eb8d65121fa8319bfde532aec0e694961bddd2b673f284124be5781100f40381b6ff99db92ea9cc82a4372e53924dac398 MD = 96b209d7cb2c2033b38350744767fa5c253e1bfdb99fe8418bff83804df02248140fe3b77b0bfd4a79b51f70405a434b Len = 928 Msg = b555d99056362bfc2bac2a1bbb71ba112d644e50b82b015e5a1ce3d9cd5e90b8b74b08d32119baa62abae251fc0015e400051ada4ecafce3681e5de727c20d47f5cadc663d46ac682022ca396a4b7ed1c413e0b72bd7eec4a0dfdc2a2185abb5d99afd50940528ca75ad89daeb9a1b61e15747f0 MD = abd39f79d72c6cd2e8e130f3603032fe3cef4177c3563930096df1f10b87e79cd4e2059cf1b9f8252184bb26f659a5da Len = 936 Msg = 14fb01ae9d6015ecb3e56d6ecdfa4bc0533186adf8457f5e4a5c57c687895f3db395d06ae7ffbd67ec41452009550dfc1878eec0df2eeab09e8665f7e59f9148a86b2bc695b36521a55b2302f2e869aac83f14d6feafc9e587322c3c44f052ea1c0578884f84f56307bc6dde31ba48118a0f62b6fd MD = fc9b9a95a8ce1c157720cb63101a7594df24f4cc74baf735b0ccf6abb925478ad507cd048d30cde1c788806f43ed3a81 Len = 944 Msg = 11ae0cbfee7bb3df90ce585f09b9cf8ff5bea69a68eeb6c22553f8ed118c9a61e7b752cc2c94f38766e63e1b891dfa05b23347b617d42fde3ec17eea6e76d3cb640bf8fa46586fb9dd5c4d9bfee04c4649571b781709f848ad7081afb6e2c746f071a551251050fd5df72ee65248ecdc24f2cbe74ed5 MD = 3214b5feec925059149fa852e3ae285a6eb377df926504e2f824572a3aebd2050a20144e7bede7e7fe238ee83e69f72c Len = 952 Msg = a5c4a47a04f4714269d5d922ba4694060aa2df49193720c819fac93bb8787ec55a107ac9a6602f0045fd2cc8e66744bf863ced91eeabe60e7d2c1d80276ecf3bbe91f1757096cf589214f3569c2c48bd74be7f8befddb28395814780a47c180a58b0d0276a7e9873d682f473e27de7275c925ede23b6cc MD = 6bd9e1303579d815f58e8c6c9855850133251778a632f7b312c4b3163b29b5ef6cb9511a08a31a237d9a7604afbfa056 Len = 960 Msg = 75264774af69ec7ee3125e205bd6d1cb8fdb22f7ea6dbe72d1f2c0f7e2205902796d75e379c79b11498615c21c9f52b8761a885eecc69d132b2b48c63bc074c3055ee5cc13f51d6c987e8188b030b837e8f754d40122b451f15b28cd2bdd576920e1de5806593a36d8e1e89b9ef3caefee5acd80b3e9c9d1 MD = ffa9e4e856d06227c1ccb959be558309cc10633173f4b66ceb382923b52b9150acfb08a7393500477a6ee4425a827e76 Len = 968 Msg = 791a36d748695e62db5003a8ad367df1f051c1ac6a21d711823e8e069b546e3fa06ceeaae06de70a1de249e1dffd0d940edc6acac00c4c15504c02d4b0933658005423455f00023b01cdc5b681b6083379c24595518a47c654f5e1a10947df10c05a3d716b2a973faf98e1ee3b675816598bb8d4c2a3b06eb7 MD = f8d33369680524ed6c6a716d4c502de3eac891f340f40e82e37501be1a90fb61d26e5daafe92bc6ef5ec0ae431168842 Len = 976 Msg = 74cd86bbed14d895301d8a54b2956b1c5cd1451eebab620b978d4ecef2cbdf7a14367381f5ee79281a773337740fb9f5853f4253c4b19f684341081d8f561b2ad773224151099588da90e04dddd565f67596c536d64c5b87e9480ad43601397507ad1b61ca0e349fb88f19feb48f770676fd562ee8259f50d0c9 MD = 73ee8d29c30821dcdfa4441639f037fb6ba3a9ca596dc43428043785756608f6207d80b7f78e573174fb9dfd42f0b8cd Len = 984 Msg = 46612e1a4d016c41700a3b5ccb38323353bd8da5b9942c9c9212df40b4bee06be362a15dad62c8b2924d789168b2d325fe35bd5100e1e29f1ac0fa7a60a94c9eee5a70cccbc75ac214b1946a5679cb523b378d5c690751b7a7a3b80d413712feae7024ce71d6295a3d5d16515c3622a052eb862ebdab81ca7fe3a0 MD = cac13a3784225be03d526f9abc1eb50a762e72c0e01172a15d578801089e5c9f26e53cc00ff755909453e2964d7df838 Len = 992 Msg = 1a857c1f105d068ceab0b1e12494890ec196362a48b0200a0d75d712b18fb14bec6bb5b68a33b7e0b4fdc5b77142c29c6d9151b9f884f59551f476e5256986a653d4a468f28141ed954721f2cd02054df0438738194545ed70234173ac4988b7d62812de4f2feada14f68e3b41bc9948d4139f4fb4da5939f26c0261 MD = b75d92b5cd3772846f7b68064a3567ae43e5010099f2b649f35087e7592aeec176646fc8c2629288944261cd35b5fcba Len = 1000 Msg = 9d36818d0c5a008be7904d1917aa3eccb5ef4f38cecb8c4e63c4b2e9b4b091a3bf25b4ed0332445f894c2a4c258b749afa17fad03cdd41713a869f899ba9a085e73fa9474a58db7a950d3a2386b60f79495d8bf73e72acaffdbf65e1989ff9cc206ba8c46a368d8512bac7c7c191d713aca949d45df297b1b6594a1a33 MD = a88da844579f3e3725d00daa8e1e287da4bfbb2d931ebe8d3b16021154be503341d6371d382ada744f86f5bbb56cdcfa Len = 1008 Msg = 4ae50ed626ee60dc5ea556e3ce0d3c18b9e6225b5620814e8b9621acf8f939dd370ad9c7620d85e6d67a229f37f517d1b580acae8df0b5c9d29d756f6d5ebd3b63b554e556469b5b4f8e7113bad1559fb254ca827fcd00425d18b0be7f2b48c2544c48d90982ec624f490be65e893fa93ac9467f35a0a8e1b56d9a403748 MD = f8cd943f429333c7c8d30a8576827f92c92ae18e0dbcae770601b79687bccf8c23e9e589dfeb45c3b9bcafdd545e45e7 Len = 1016 Msg = dbed7612448d46cbe0a384d1c93233f02ffd1c984ba765299518656d3723b766c1658d4b1e7047cdc729459e366ef9349efc40cbd990f2a9a24db7a5045e1dea12dce8f9d9f2aaed933f93031e7b8959ac5e7bf6bbbdf30b48f7eb783f8fe292371a2f245c5c94b4acae160767a20ce7c0ea7723d97691d8eedda9efd1fe2d MD = fb531a1ed181c732311e56f4b56ed91dcacc0dd6bf1eb4a44be6f87dd7cb1ef9dfb0310f4a79eaaa3f32bf3914d8624e Len = 1024 Msg = 3bf52cc5ee86b9a0190f390a5c0366a560b557000dbe5115fd9ee11630a62769011575f15881198f227876e8fe685a6939bc8b89fd48a34ec5e71e131462b2886794dffa68ccc6d564733e67ffef25e627c6f4b5460796e3bce67bf58ca6e8e555bc916a8531697ac948b90dc8616f25101db90b50c3d3dbc9e21e42ff387187 MD = 12b6cb35eda92ee37356ddee77781a17b3d90e563824a984faffc6fdd1693bd7626039635563cfc3b9a2b00f9c65eefd libica-4.0.1/test/testdata/sha2/SHA384_2.txt000066400000000000000000000623351417716165400202450ustar00rootroot00000000000000# NIST SHA-384 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 48] Len = 102400 Msg = 239daa03ac02c03bd74ace9a592656eedb68703f510cbbfa8775994ffcfa9cd7f4a13b7ac92aca908250a946a64bbb435399198c8afe08a5cdca29faec5af07d1ce1578f4969d424ad148822a2a8b90bb44a82dcfb8ac935a8a072b9ddf5d2b8c2e6670cd5c4c640811fd4f8f344398c290412f74bb7e6f03f81dc5678d42bd10e36d1b71445882c26f8f68e41272410d74e31a4238e481fbbf4cf9764fee110295bff58aff30230c32754ac355a60dde9b047ad2b15d5094382b346497bdebd3bdd57b94dd61d948035581c76e4d73b85b2bcd80a5676f800b1f029d15408206b4243a197f7bf9f86a969a5adcd6f74d4ddf9ee69591432190cee09a2904981e2142ad7345dd19afd0bee0e821e12cffdb864b6ef249500b71816ad64378827c8da7424cd103ccd0de451209cdea79328cc66fa45c1e3aa025fcedfc052ad5b441d88500a19e680dcbaf9a3a41516097f9f68801238e47821687f655de89f657e64d023927fb9fb95184e5f41cb477927bbd011ff8f82b23dbb9208e501488d9f37b3650e4a9c855e83b81b1c09212a4ba80775b4d0a39f7de16d90fda58f1bcf1e99dd258376685f859fa1ddd68e6611ec7674d80331880a617ac54fdd5c5635a2ea54803131eac2a56bb72b3b7673a11184d6132e13b50bc3206f83b09787fa4a0f92c75cb454ac6c8426ae3fbf9a249f98620f5b316ea990c655412729f6459f6e5fa10ce7ee476053b50fea5223c21c1ce1719173fb0c4fd6403049f8eb3f287083b64ab2ffbb0b3e2ef6441756a212771ce4d9c1a35b88b7f8f81eedae106d7dc5af1dfdd130f5ae570a56f67bed0811d80e3a03b0bfc3d14542aef086dff6feee348eb0aacda40cfaf427d8d9ca8752e097bc21685f898cefb602eabdd44c59c6eca4b3d3baa2bedd5cbfa3b96216a2fb28670314646150bdfb21c19919f6f8158067ee9420772ec9e8274163dd3d69f0694492fbf5d48578ba135f63d37c41a397df4a3427a9c2854366981f62840f88015ab4673b6993e89ae1aa622d679e38da15adfdf6c2e4db138492351974fc8b99b1529e5da8e2d544928ce04d3d769bf1100135b64afb91018a16ec2b9498c1d85255e98419da075f2eec235b89319583d82c258ec76f70b47f0b8ec06c4cf16744a390d845e44594beb17480d036ee38761815a7c3a740d56b5b61ff857ee5ed8f26db80b366598b48c51be39cef6ebaf1ab4c28c50dc90b57edae11669863133cc412a5ebca09ebd70f60ae74c3dcae51cf143a5608d2ff4aa9bc1e9700348152677c6e76761e5c70778b06e11a02bf9f6bb305fd0025584c77d54da12020ded9f66204dbd460881de5e3156a5da693e26672b0425d88bf653f3fc60b5eeed2da590c8ea24a9614e541b10397f291d222aa9964ad88c4dc9ee943b25d2468075b78c23554428aabd1733df8f0428b25671e7048c7e7a156fe5d293920d95422673bcc21782302f3e764cf1bfeb55c34baaa3f8517e3e6d68d843982dbe47bce038a71799655c79431faaf9448b4cba622364d4225e55d035444bbb616afa5b1394dfb663640a137b71e258c56a5a123a8aae3a87a53cc865a86f6fc5aa19973106cb00fe14c578480b9782bb1f1a65553ee49df9d96fc06a833337d2d2221bd91cfd99d1ee1b32294b1f198e001a2e12bebc70e1617b52c4431ba601a9a0337c25ebd3776677bbafbf0d8fc6b3c5d723887a55d6e3dbea0386ad3cea6710888ad02a606704678f3bd5c757edb099eae83ab2af52c6fe1098cc4c6ef5b10f8585aa1da3194e67276e3df0f47b7d22f3d13409ffed817e40f4629daeac0dd9b51cf24a2e16aaf31ea7560ef7e87fed6c8f02c4c9ffb9c905b708058e85d41b9191674463e7b0a7cf879c65e4cd4f55cf7235979011c66ad9511b18810bba5195837770e6f4e5d1c48f9fba2d9241e8971b3ad6e4cc3dd036532a3b28b616f84b73817429d6b11da81fce6034c02e324dfa81272a778695971da401e80d709c2dd233b29ef5b8f7c4b8b6fcbcdf3abf7e80b6fcf3ac4727964116f1418a6d99b74ffcb0c8ea53eca50ad7e408681dfc835e3abcb2e2e6029e4df18db7b5549d721d5ae33a1d1858e356afbac9c33e5606d38b0afab3f9b32994d23bcd06cbf3d8eaccee65168ce8ea5cace553a912687391265c3d87d8b5c2d6279ff3f74a596638c126dc6f1809346d6e08486240a04417ab24ede72986e452700ecf2f462aa477e620f27f40265c0951780a873faa12c777f9ae5a62b328ca2a1ca0e745e41e388a6169cf9beccbc105c93c9075c24a312b4ed14a0aa6ea7dd45e3be7c0123dfb5c6c84f891b90e24d9803116699564d523a9093e87feb41e0d27d2895b317e20aab6e652b8178d956b119a71a1affd33ff7cb8b06107100b132e17446dce794913b4f0968584e4a33911db4ab46e7dce1d4e52482c7c88c5a4b57cb18e4599f515fb561c709d8dcea1e575f9f84d51141b92885e50bb78ee3072655923336a85200e695d0fadf3885420ed1803e9319668fdad7b74307ae524c98393c31455a9d042bce0b942a050be38c31d5dbe79e583c44417ed98093b104f3a09e47505a3955cc34013f83ec85eb17a827c39a4520aaaeecc434eae6071680b141db1d532ed911ee3964b095fa41f85efd5d74b8c5bf5fff10bc0d4e5d6a8795ac5776eb857a42253b697aa772cd777adf133c9f4f65a1a3ebd9b174bae85073672121ca451ea60090b8a9cbf677db25554cbca1c783ba00dcf39dff26782274fba3e69976af86a8bfb705a88c276e86e871ba673401f33d6b729a98aa0247c0ef438f0020142a4450d055e73fc576c61fe8ff999ec6948320be70e74c6e057ecb6be2a64c35dafdcc6a632f14393c0c831a53de0dbce5f9843fe79316a4a5d61882a93402fadefbbaecf529156b08819b6f7dde8aca2ec81e5ec645108c6ef15cf0aa51484b7d65a2c0d47c4944224cef5047421cd8b6177681d7a4410faaf7221caea6281001630c4dc8d1b8aad197072377b2cccfc60f1512e059b1139f10ef707cdba931b01f81fb99d06b865e876c51d6d5a195a6d88277aa0b688197624d53de97d396d3be88320e2069c11146a5432c54a3139e99451afd636f42d818c32d9a82af28b16baa5af06aba4132fc3a6041d6da31f67ae761a109cd3caa58da67794544cd944c6edb075567f009d0b30fdc044fd8f5a4efb65da48a59574a186743889b6ec2895c1e1b8a77b5deeb99bac78609eee43fe580fadcaf8026180896c0f2baf4844bfc89f4b0f277f87574c8c803105c0b725226415b42995ee72f5cb72cab4522bad7855970e120a095caa1a8246d0bb266bd12f7c64e8b48e21722f2de764be4fd747b14724b971e7325ad2e9027e22143aeabe7c8d8402c2e474e37af21ec123d5bd1eb5d38c4ba380c5324ef46c89f30ad59d807ea9f52f6474a4f47b612f3a115f1a7dab08fbc0c08fe50ebd3a776554384912b8b900160a07c024f3ca4d05229411090bce06b16a0137c2ad466ecdbf794dbddc4fb8294d94e176fbc8af1771f2bed28639f107f5cfb6e5454ed4aea52f17ec59cc81ebb7a27584e3dac9e3980150849aeb4f36ec41eef125824d8a9db04428a1be01afd0b6e8b95c7f21fc0d369279ca3075c0c61e4c60ceaf3dd411a33efd44929c181158d79eb6244bb33a08e13c84d819381bab6bde91142a3da97e74c4d2f8c5a7020ebeaf9178abcba70ec9476b108dff457fa9a51d6f9709adb89229bd4f12cf1b2f0a667edac687fc9eb714ed9858a8dc11a26ee3f008dac6d7f39664041802d550474dced9208a736f374f7cce1da767f7c2965573f4236d53359577c629e4c908f1d001e24e35d3c6c631a920218d4198a6b61239ed6619c0b4a158f3ece75ebf96a7c884b43c765be075e34d28bd218aab388ad0693544971d34981bc58d0efaa20f833ed6e0d3851286cb9387d950346ca82fc5dbf3864ccbe9b5bc38386230b0a1b28f3ad583d8e8eeb291b344862c579f8188da3347584d1b2243d99bf1082ef8e6e4648d0fddb00848c65f911be8f86920a7c87710501d537e411e0a23c7896f90dcc879cffa147dfebfd14189d0cb9f7d914b2169baa91d1a327a1583156c8020e6fb2e5cb492ba34dcbcd868aa4dcd08d3b6e4cc0e9cf296a67230877824d54781610d2ea397479bbb76c830abfb5c42fdb013bfb2555e740b9b0db9466ed9553a9ea8ce3dbea083ca93836a7c50e7cc5dbb40ad4c7ecb22e058ef91268706ea70f883a3e9655f9d8897ac8e81ead9f5a23cfe2d3355c323b33068979f29d867d32320584d17cf3973f7b6155325ad6f39b9aea81d86d106f2b60b44f6b3d86dcf930153cf6289f82b380277769dfc99a2b5d4b6518e7f4d2d5e4a11e3b1815cd4cc991ee6c21a4a0ced445d52c031f56bb5f2c085e91856d19da796dc9f6dc571347a1239b2facfa76bee1f8e18d813033e9b6f010346c47e08963c57f9f828236f06f61eb1a5c9694852466f246962e7b4310a798985168103a88adc4dab0569e0d2033c4a95e7e117235a9c5f6075b7bb564b55c85dad993350fad00710edc31e5df1e8ea65abad3cd3c49c4657bbc1c87d7a0c6c3b2a14fc2214d9c2a431bd8c2d2acb1d7f750c4de63cc555a9b5b440093f23c197fc82e29e616fecef81b7cea21649504de4acbecd0bce29e0f3fdc69c0322851ea5717b1858f8f25d4e503a6f5cea2f7b7afcf41aba0d2fa7e70cd0a85e9f1319a55f1a32741b7f68080573e767341772988ba231d018d3390f7fd2b0b9eff8238caa647f3b2df0ba3f45efacbdad84bdcdc73db4e667b14eedb56147ad9ba0b6bbf1de5126c6d2ae64a02221d8cd13c79b3e2b0655704644024bf0df9238a96dc3a3ec5abf7cb1cf18929fd930f9212a816efec8a5c90ea2dda1f5db002d7e93246f12fe7d95fa86bb9bdd456ed8595100b82d5e7fe876f5e06604dc80009ce16e81e6aee9c9398fde3a5ef8dad108c5a9d83b5a1c451bb7bb0692569a5880a302aadbfe7c7ceb34e0ec99661d89dc12dd1dad2e33756962bde222dba78bc6827138676fae377c007421111faf593fa32b16f75d3ddfec8169a73ace4010eafa4ab92d75177f888cf8765a77f8c5a0011442ae59941b218e5eb44ec0ec8e4a64efbb729110bb8d34fe6ada218265a9b7192f46c5ee8d85040da7d336156a717ce0adeb665281f682e66d148ef4afa92faa4b3504a5cda36ce6d06ca0532c0c8cbe1f0c4735595111510b9e22980a5af558151da84241e9338aec7f921e49581ee86d39c631a8294acea4eb7f150c0b82a31b45235c80e2e25a5a907def5900cdf0371865eff4eba9aff76116d43b47620bdc60084d010d13e59923e63ec18304560b0c98c8d614b88541a36c5e0e9b1e02c6d2b9ac58e422bd26be4d95194b4c8a37aaf144b240f1df3236f22afc7311286931d9e2fef4a93181d4267ad6e6111d6b67e1ec1fdce02e37704ac39b7bd5dd41f1cb9949bb11f348fa036860dffc8004c7fd478554fde2c003d8a051f1f691df971137efa3f762da8466d67d956952a23fa5cf7955b5ad7a462e59c681ddf690964d37474bc400b527b35d53a2d1e5b2537dec623ba1eea4dbae484fb8067c0373c22ff71ef27d67488b65a984d0e9b397d836e6934d170e28eb0473e0fa82b6b4327a659a1d197f5b5177d5b7f0bf247167276cd901b6e4b26706c9b944bb18dbf0bf1949ae656bf4a81c7eb89bd693848d466b998a6ee70ca4d7c79d5f75b85f9f5688aa20f19b98f1bbeb133ce07f25cd1c7941217f739c26ffe409c55303b390e94a381f4eacbcc0eec1347e3d55e9a9020c6c719928e55fd7a57af0d3897c77dfc48fe3cd0dd4881d97a8ba7d964493af9b77f52c657cd1f7928d6c67b82ea6b28dfe38fd4d74c9d0b4fc9bf1dedb2f6dacf026a9b7c70ff821adb2802e2eb00a1d2f697fca120890cf8c7d6a9df1eed4c76170a19e587c21d9585ddd4a11263ee8700f952240c6e64df4e928324d347d61488da497a5993d2019b8af9a5a7bd9768c860de465874996a259bb5a21a2b01111b81322430982ac7e6da7ad8f23525db1872a7f04bc23503169a47433ac154d599a8dcc952f9ac4d2e725e203bf41f4ab6d7b50b2e81c011e7373fed7d3257c8c9f6505208dfe1fc3afdad67c9220d1c6b38107d49d8c0fc6119a78a29a69252751495a89a724f3cd4216f94e5e677b9ff3dc130e4f0bf2b4ce9860187448edc63a9b3b150d98076c286ad8fd768e6893a8dcf0a47f14408704ee53adf35d2cc5c5eb357723dfc10cdd56f40e7d1e2f4e4d142f5ba02d8fa94f1cb1d79a1e68c28db9c8147c54974bdb6bb8f5d49f162c4b022d8844b0269827940929caf53828fc77617189af1085ad09b6480f79d3ba3d3789aeef54abd008f4d819187a01859ca4a002de37c366ccc16a799046de749e14b254028385fd7dbf8d2a15255b54d8d1f26cec97065ba513440f097e9ce7e83a460c20b55b5cf044b6d1138fbc035b8fd70437457fc0d08fe17cdd99a580a618a33bbc72828afb34e3a2c6019a3d7f3ecc6d30bb8652d997b1478f207eeb422058675833921418f082239f337c5fbe4f510c8b61c07e2abb4203809b9f6456f1d41366811064b41810b7f18dd8e6b361f36689f0a4af4e6af21574636da86efdb4d479e37409670c1df47f89466ee8f7321fceb0a962af476011bd208003c4b4690f04c3338eac5d184d9bae3b54b98f7b7cbc5a4534d7a11a6cdd5b6d2322a67f3789b8e550ee8b8e47d8853e34bf8b5e11f5361e9252386fab476c9b62f35445e29b2cffecc807ee57b876b58b657b5883ebdc8c17a94dfe31adec816fa14e7ba49ba7e9dea352c711ae1b37d545ffe92712c62411478244b45353b595c6e58ed21da249931b1c86fa4beb3b8ecb697e900c8b5d2bb755b197ea2abe71deb9de1f93b485a69995dc65f45f47248048b7333b84bdd36338e350d4d9f280534c07c190472485a98f060949ffd142ef2df1a5225acc84e5bc4863a5f9f84dbf1c9a8c85e2acbcb548b248af3560467279dc4a4365efccb9506f64d00336369c9be4c4f71f94b867535fa8b6a88acbb4ccd5b7214ebe275885b6c8d57e42d7565a950f664663051a4f7cadd2c1a73f10975c604e6dbe113ddcbd1448d394ac86d919b055ffae2f589d87cc96094c0d3059feda2d5b4606f3c5e0bb8c9bb222a887f17c48c3bc93acbe0f9972f7ffd27e952b8940900c94f4b1d033134f01d635e7aab7b11b34de71217278fc06191b65c970f21a946837cb50fa1f9f662a43a988a3f7116ead7c60886eff93cc5e4480775da93dd0ff6be203cce5736991d78deb7bcefc467cd9d5334391cca305ea592f40130cfe28adc35ad70921c1cf2e5d70a083d42b299359b29ee41932c6794a41c6c41a447a7a09b6970f3d27389492c8a0ca3b953a156896ef4b0be4067dee5f6040d87c6b5d0fa78b7c27d264c6c8540b06951d24fc7c40a35b174f5c64bff89afde9ee81c35fce32c4748bda1168832ddd631b80a52f505988cddd1eca397dd56fa1134449747b1b6c959c1f20ee06a7933828d39bdc4680488205e41ae58fbe2aa093396be83ea3f92d8baa61d33f06dc86bd746d1d83a63ee66242e34e7ea3936ae6b78715997aee8ee2e250b2acaa2dd15209856da839c06d6aa19fcefb245e62766537a70bfeb14c3a7d7a06c02ffbaa8ef9714714b971899786bcf165cec029dac909f726add5d7eac24a3a2a06ba74bcdabd3469b3c6cd6168d7504ef18d137c395a904a06e0d47c674de73aad0eb26413c5a017a734ab60de5b66273b09c1e35cc5fd06a856b487b2f17882a15cf62d3b27249f124f961e3dd5ad8f19cab798a9b8b7ecf0abea656bd178827229b270b75e3c60737c2fe23dc280d6fc44671486cf3b6d8e64f8cdc86a61caadf979c72ed7521c494edb55249e9aaf810b52ef9a6601f8cff662097f38becba340aea8f83ef023023c2b0fa8e655691683fd724b19b61f33e4a8a0e6a909f5f093e38ea9d1b1054cd8814a21264ba44b42e9452f56925158b45f3c9547bdda14679af0ca5bff43778890cd33dae7e18dcc88f0ada9513fbcf9d83511a155089d304777c01a456e10d0bbd14770a4916c856edd4c8e5d2acf09b612d22269e1e9827b7c21b92dc5b755752ed2842c344601fd93827230b30d887b6e5d6766f697d299867595131ac96b5f1e6b81c95ac8d6d79bf5f1565906da9a9029dcc6c706b5441f225a8fbdc5a6cc388906167563586f5f0d88489d39948630bdef23c3d48eedaebe660e3f4a8c6ef5a16d9e04841b37654fa371e0143ae0b8803ae88d8fe408ddb034190fb67099de5b34ba98c9a3c24712ef8cd235321ca0173c9f84773928049e613abf9817ef7afcf806a2a266926d2da8d3e3fb0eac8ff960b3394912cdbbdf69edbf7dd6d2242d341ca28cf82a5fc68bf186044512c09d43be2c73e55c7bf9baac9fb631e4926255471907ccec8793e56038bf69d1fa89523ace664566cd83dfe1c10fbd892e12f81086a1596b8cfc61aa9caae18c86341893afbea77f18f44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b7340a972bae87dd05151fd639d99dbe503e5ba3e590340499b4e6ddbe0d22b028cb1268ac6c6ddc62d87fa8dc630de82391e81983e7879d652155858ae9a3b9779e3a0ea3da5784c98517e5f343bc6b1f8fb993e80138037cbd39f02347a4482a49ec09805ce76eafa7531e3cd01bbfba945ab38091c7ef47050e9e25bba6e4c73aa2e9e0889fe28bbbcbc207acce4e6b2c45e8cbfdb9a96a853dffe09a1e07c50ce91042c1d388f43eec71e24e269fc7c405b448c98fda4daa629602778c39aa2d391d05bd44da6fad3f9e6b18c73c56f814968579acea6700f6e109e873e2ed182d70c7cf465f54932fb7f0b122ac8f34ed1fe082a3625d157561454167ac145a10bbf77c6a70596d574f118bcb58d71719b1086905da865468b76336d9fda65f8d5f234923c5d4a820d45c2d23c9c4fb04ea5bb146ab794a3b23e22d4d4029b51dbac9aa04c86ce026e82ef9be97ef7d492c68efe86dac6387672089241c04f72c8f59337fe06891d3eb08960e2bacfa5117ae795d89a63cb7c1ccff00f9ce72442d507a07a67e29a26d877694fd841ea70c9ae22897ed3256f435e36661ecc2ff155dc24e9304343cd00a1fe5960b46d5abbcbedc00f7e0ef5f09dac6dcf665b7f7cfb0973ea13dedc33ef6728db90f47559273ea6d3cd4db62a74994d361d7091534c973f1cb934fa7649ebe3d13c4869aaa85d635426ac5cf9cb472ddc5a35d2e0b718764e9f0dd0d397d4b2c82231dfb637911e1af2f18c658afc36478373e72d25d23f092c310551c168be4aa9767f86bd24ffab9ae5f0779901900102f27b427c0ec3d3c86742f8aff02fde39e1f021205c2f9184503036e09e62923d7a3425a6142937db782fd14ab32d0d3a38db8f4a82d6541afaf4ab481ad4809ed3bae0892c9abacd2d73e378fbdf5d1444e7d921dd1b7ac3aae3dcb7bf10558bc4b67b0f9e3ee6074cb737220e6d5830cdbd068fb7278de62aa5d316d33b986e17d0fc1fb13c42ef9da2d331350086f49b041e7b562215ed40e3984e9f80d2ae92af6da0afbd56eeeaddc18bb8c06ec975652acc0333983fb54531456b058ab3fefcd57cdee8ab6df90f091adfd498182488316c0682a0445072a8e57ff248e5225e3d9a87e6c8d293e1b1c4f2648c4771143b42a738b464db130515227095acc87eace2f1de358680fbc373389ad3c021b251362e7d5d071ccf4ebc9da7f770b6032a3c66f97bf28804460efa9cf4e9ff097930e2782195dd4f8dc438bef899b596c0902c5f217d73a5437d8092772cd2c2bd180d528b76e43ac9143bdd208f8ddf74c68c37af8e0885c1a812a5e5f0618425d6f5322012f9390b94ee2ef6ba068550c6cea9ae8f104dc877f8fcc49c75f8b853e2416ad2e6f45a2c99d60283e8315c783adfa5e754a461d279c19f9ad6c57e751ea7f01c7212bec48300cc50fa8a9fc518fe1cfe993392a1df19fb514c947f25f08b3a59643c3f44f5d2dd8a05392193af319b3caaa165cc702e62299f0dc44c9f15d1f28519e6943774bc9ad1e5eacc489eab094e97e23b75285b8a96d754d0746f3c4d9d52ba9d910ff1e6263703562b6dd3cd4cbd10d6352f6fdcfb9b379bb7be03d4748ec3454bcb05d8ccd7731ba0c79cf06dbaf786fa69248794007693b02dafeed1760a75accf7fd78a6c4201efd48dda79379f310a0105f32aaf18a2a6e1c7027db19616fd44e74a2a9e78f25fbb2ef338db11c0ae1d9789844f25afe305d37a41e8700e8751c69b72171ed539a507a4714f541c2ee664af6c89a6a1adbf5bbde3c39e478f1fa2312b7c3c91c6b9a153ee3a702bd283f3cea805a2624d37e8332be92aa760d606741d78d8104b20836a75456ed7e21ccc4f016a21d90b970144e3031b18419d77cc0fb1fc391301354fcf185507a5db78983f612bee2e042f58d1b87a81799c7fa1cacfaff46585406cc45a2da364e67e132a91c98900a8f9d7bfb14ec951fca55b177bfa2988d32b271bb3fe926765662789a30292c7abe72973969fda11e57162bc5de3c0c5157eea9ecdd1bef681b93b263edff1cc3581b6b50e769b017e6c1f811c75a26470c21c134dad0e5961fdb9c70b668f576c50e74fc1daf468f01df83060b5b5ad0e7e2443de9b6ad72fbd0835b1a152af7bdb220758d3cd90620d568fd3ade2e7173a6cf626a2baba107e9038d998231e88aad0a77b690ebffdc2a2681b64125cb37e5bf3cdcae6482ecab9972b52ebeabc465af5d1a5a03ee9c64281e0e22b5208d359047c1bd7cab128eb1c4ed7905c3e3626ba038e69554da1a0a2cb30161241c0ceefdb9e7387c1218e8deb2ffcbc37029ebdb82c524b51d922958355bce484ce227d915aa3c9843c0ab3a9631552ce3329c89988436a1ff83221b159040ff983be76475750d62501c7563179c5652c502ea14ea925f8dc86370dfd45d5ddca6a08a2a49e60f8caf82e3e2a7cf23f78e117117e98de3eb30999220e2019941c0869c95136bd749caaa5323d718626db6f4be0d15b5884ca0bbf288df2b77d1ae74ab2f5274d95c29e95fc126268637d8132d6f1fc7912491313e721c397e0e98e1126397afaa2645c67625056803e859f34bb83822b2f59aafc26739ca105b48528edc536aae2ac6d812da056b6fe1b51b95632f655242256e2af2b84bd33a155f5cf4063479ec0584d25a969f2ed69202970a35fdf3acba22d48f084d3b4d885e294520ab81fc8a5311114971c519493ecd181c5b0b67c1346ba6aa3cbce829d5503a432e5aaeddd97ba88e81c73c7336a417231b2e35f3393cc42e98dcac725b8e5dee3b68a5687e6e9ae65da9b28860c881ea9cc0899897d48205e01f0cea67202a82513052d2b86642e153f11df16386d2f38e66c559d6df4ab0b1087c0a8eb22a801e4659751dff3af01311c156b57ba4ae3e958b9f8c99a8cf7a0d9c4b18b0d897e11f0be825960d92f9905f20bd23519b4bb14ed21fa006b2a9a2c034bba8af1a582efca455c7255a960159d800fa744b245e81aa069efeeade7c9a5fde063897d20a9e32350f0cb776c913f5278d773e56f1c68fe7d2ec0876df8d14f655ef80ed1682fa39da3e29fa7c4ff07748f4d5622f7fec29d8787c01600afcab144e6607e72d94dab53432bf8f506296a957a0c44c2057433c0ec61c92b68f52cdcfd7c101107a9e2c79622466b7b40c4b2a30fbec6a49da6a296716ebf24593ff0e2696d8ae240abc9828d7b6f87d2e9ae7068794804c45ef52ef8ec050a7c5046402f7f2891996c1faf737e4952694151881e5c934c71c3815bff2d4543e8c9a8bdd72c323c3c8e92c6dc3741038c346394394eeea52c3d0dc68c18c7f62510dc01675eef0db27aea6fd18e9fc3c42aab3bc239a0377e346316aa95d24cb98faab5eafca82a8297ef51586baab9978bf226c004f229ee1049f45e8caf6d2eacdc8165eea6bb344c69157cb6ab0e8fbf00fc3b972ca405398808b2e5a7800cd1380ce21c2ee951031f624257eae9342e9d663cda96cf4917e8f9ad8800aed96588ff686e8bdb6023dae1b436af730d41910cc9b577d344123070575e021e1fd0920100cc03bbe914623ad93c42d3a25ea395ed1019d77e932a14b94df7f965791fbbb11ee0ae743d7f14b94fea327bef9daaadd3c2047e009c8eda3e256634caf6d5834c68de8a08f9175d58f1b8215a45f213e6bb82ccc34f85c31ad58e132ae1f67e3ee473b2dc97eccc409d8c1b09641626314c78f0420ba27ac750988a01a6c6abdc9b957521223b0eed37d7f162c1bdee9cbc0e72e7978d092fdbad21b80eef110fd76a5a4063ab2c4906c02ccf26907410556edb19bded7738c1f561b5e116b8bdde1de99f1fe52d3b547053b65936bf735dbdb33f436acdcc4897d161e7e6a9cffad4aaa7219119aa670fee812358d7af1d2680c3f2ad12d2babcfa24e704eb2e70b726c03056f98089c485974c9ec5aaddcfcc0c925e4e325d8b6267ab1b86c08bf0e45313dcd4a4ffb7a1609caf904ee5e01e82eb258ad47a2d9390f9d1836f92a46cc693ccb2fe1411c944db3440817c82ff8dc4a8cda058c915099acee922ccfe478378ce9b760ffa86abd0d4de2debdcf695e7921f7e41886e3856bbc0c18223fcf08a8998f437995ffd443871397b188b021a8988567b922887f4401133fd3e137790a6b060d617dca2ff08018d715b463c263511104f0eca5d3e04e3628275157f54cceca2329b8503c9eb971118d0b0abd340c1940524dd21fab03e355cf0896f9ca452a2934ee3866a8939adb79c50b8e84fa1cae5fee83df1eb2a94d1d8f7b131d6ed4943587d94a98bf24995eaaec92f0db79a37c17318eb5eb0672b55e7acdb09c27d89e0db964f99c7cdfbe053486e1f0ded4298071ab0b1d796b08ee2c861e5db27ac0e86f2245ac22131a6c69b6e30aba94fa92bab078ba80aa9ac6f6d8d143f30f50b0512f077ea2d7f658f2cf7e697b8a61c6733b99429a95dd61703253bf67eacffe05c7b9747da2d453761d1e9db008f1a431a8f75645c163561f2f20509fb1912a03a8d63e20e826d45a4c3e27f6b52cb48c84ed6610c1af1d5a3bc177f8d836acc13ed83c2b2c706415c967989e03656fda6c15e279fb331fb7c4b1c601e3432ec4e649eefaf4537b4f01255034684e3ea1aafb6beff261d5ce666bab49572908955ba5c72eb412925caff1ff487859c988ddf862e12bedf7f4ad79984da86ac2a8fb767525006031c51257e658a7ea78e681a757fc2c29cec0e6462d7d5b8af5764226497c5dbee21ed4c1b5d37ba2c5411282bbaf5797f2c9cd6bdb66e4fc1983cc5fe4a310712bd063b9de476805473f2d151e7952cadc65af451288d9509767f66db727ed3967704bbad022f17467271dd8f0c89245142b288c7351ad0b07895cea3179387a3d85094f3c04ac82bd9f8138c33b9a691290b58c6e5fd49dd27e7c5ff41586b6067508e1625afdb2b31ee3cf1630dfd9502cc2ef7411e48b909db1397f9b5c6f6ac6d70bf3a47986d01bb2065a56d7086555fd0025065146ca8da7f124692e28c2f0f049506f8461ad1c6879100c1468cab2b068e1bbbf71d8c4dd21831d7054b799f104191ab2f592a79391c7cf1c8ce8a989a43a80637f53b9ad453c16c785b11835d6ae3499953923bfdaf21e53e757d0e52cb01301d1b3f2b4d68fe3983e37f25b3b905b8cd3093759df2f886f0a809f5f8cb2e1ff1b720660502f0276d0b4cecdad6fee21317b58ddf8c08ba2590b8b552ee35bdfbf364b5c4c7a01c80fdff3f9968d6adb2307fec8c26596a265511b629d920f082f5957f515f150102de2088b9179503f4a479fa6c67f47f3c1e9c614437f7a2d0e53a2b757357bf3cd9372e038d44cb1f9b2b1f46f8e0dfad13e21c6daec0ba2becdc23f8ab6f3c7613cd993c6febed7c3c1ec4e3802574c15e6a506ae68520dc3202cea2ae6462f8b769302f68905053b0d94f0ca8cc24c224bc6604894dbc2bde34943a253e1809eb945da31e3ddeec1fe42a8718dcd9f69061c4033c21765f18fbdd8ab70645f2d7d5885f39f97e8eb0c8bb1c775d7aa7c7e0d42fa90836c20add11580dc3d3fca5b4172c62cd18838b0c6c956e58ef1bf4c1fd50780ae49ad964986dce7da96c7ab973d241bf9511d938a4b9a4d3209a3d8da62d512f6830b018db91a33caf8d816d04197ddadb81c2d5ca4fc2d9f56ecacb398fda80aaccb580408b3409cda6df5732c9be23d31b6d6a48206f6f56dec4031d3ebe0492b61024302528ebebfebf0066a9aea46526037f85f4549f2b3153beba02a3c30935ea8c142528ebf1de47ee0682f3647aecab9ce99218705cb09e8278a332c6f5926b415254db10c78e9fab7c1c356bf8b38e4adcc464ebd1a3cedabfe812144016baca547aea625656f0bf2e3f1dc2c9c4d310c650e01672520a4bf79aebb5d00600af805ffce9847e62b086b35270d367a3770fff33fb28047b5f888167b28fad647940cabaae3a4d1c08ea3f7d7d00e326061f9906a2d902499dda652c1263520faffb85cbb8610c474ec4ad46f2368283455fe600116e959b8d550ee2dd363c28d91856d90fdf040a0b7bc354d65f8ae3bc35aeca52d00399b86244321cefb4d87f010689bc9e7a8ec6774a503162446df40ab80b6de5946da567cec4d67602472a1d5d85c684b9fa072009e10b27f84a7447cd6c6897923cdcce753f13b36e9c61d42275357b087757decab06d96eea1c452b5954dcd4331e6fd014bdb8e4000ad8e1f00126aae2d3c1953655e976d9b6d95382d246ff1714a5e3a9137efbf9a95b31acf6438f44340396da7e712be60f6761dddf364e2279057e7b92ebe3493a1abdc8a33cf22e2eba6e01e0fef2a17e75f2e4cc4965e794152d26bc9e3e71259df2dd887168031c4c87473de16f7e9c9b731229eecaf8fe4b6c14e0f46204046b5d46169f555595308f14e5c6f6dfd22e6ef098a4e1c9201eb7d0a08cf2744ef969bcee054eb8120cc1e5692e3d67c7d5430a78ea4ecaa2159ce48bc674347dceb48c7f51b88d2b47dc4348758788d5f69bca4b5d668fecb687bb034f4be71961aa4f3af3275749684ab9043b79d59528d5aa904cdd8b787804ee9775fdee9a48d77fb1682fa8e4e479b10cfe98b07dd28d45e856f84fcdd090d9c8d91ecd88eaa898632f15e4865305c5f32d58ac089a2f06a3fa5b3f6566b81707f712f65dddba13d0c68ebcb62a6b5237462e4acdc6377763a58aecd790e720e54e6f1b9188789c8abd0e73fcd1070059e7adff260d330297f6ebea8ce5aa81d14da78fbc71507ce170f9bcc2fd853acb704c5bb9d5ae52c15d129afdeb8ea46c7340e5473efe4f7590f4f980e6527c1c7e7dc2e1a615c260467370c308e013176dcf9eca37ce7ed78b64bcef51fb3ebd70d6d745f4e5ec0551a32e44d45b68529b981eadf24da557ceed694696ec1d3ed5dbfb4f48bb3a20fd06062bb46cfeae6b5f077af4f83da6e9e3912f4ba172014bf1c17627e23733a730bab04f8140ab7b78cba9c65ac2255aebd721d6b7e7b511bcac5309176dbdfea79eaafc24f8aa3a89fdc2dce1bd53905a7d96ce9be8cae5912e5e62b7384041df245450e4615b26e6f04ebf3999c228d42716a9d9ffa32623c9f0cb3e413b4f4c0e44d43c251edf2455b5c3aed1f192dd5629eede96ee51c901d2b938f33f4572af04fc88be65b1c68090a0ce10525cda7d49142638fd0705684ca323c8ace2e7791d407697d05d522357dd23bf64f5501eec905d706fa46d5ff72f8b5c04961f0ee636724bef103b9073bf2c49c9eae2bd8d09c0b7a6c8756b3aa4dc17e6dd8dd3084508350298f76a8ced6449c1abe6dbb2e71c7942c1921cbfa99276c437c867ebf2a50dcb562a140bee483a1cb6e0fbf69ead5fc44e67e6dea44b031d23332019d5e51099b6382f691864851baa7580b0b71fc59bbd5b5c203b6247523e62ae1a5524f80e57960f3d1235c54ee4f92c89c6d03539acd0df1cc584be23c7eb745606f11e89b8e855f052288536f4f031da246b393e8b8cf22ce90ec1e27e11f55541d61eac3893761b6ed92f64690f333a763d4c1ad7d447f8fc7d1d1ecf9aa3b0bc5052e6751bf216beb42e47af9ac31322e2e85f204b12d9966c0a491aca21c0dcdc65b8ed065c8ac8462c613717540cc0e8885be35615774d3823e20e44d23e09f6c1941ed707e0220b8431ae29588fb6bab6c19f89b23a678df49a088f5750ea1bf1287902a6af3270e04963355304aae60e00b35a6b9b9bc9e6a1a80e03d1f3d87eb68a1d9b509012ab08f4cfd613e3d6d899dd4cb423506894b95b456a199da8b4fec09c686cc17d4f00d15d54261819a11d6bd52e6a0c06694190ca1c906df94e41cae3906c3cfd66c197624fc3ae2b11dbfd883cc8451feedaf7008deedb66a52ff79795d7692f7cbba5734b651c978585e0ea51d682119fc5dc8d208d7c6d5429d52d0b26dc9feb6f9a04b992f9cb967bd450200d5987f6c2dfc486e4b779d5cff22842d31dab4d4dc39b2cd5bc43af5e466e09e521ef7e327f4b239d13189472ccfdef8492fe1ce6e0ab1795daac4a8d95a881f671b4a0952985890f15c62ac2c4326383d2e4d4bb4fb8fc5beb51e28a60742aa9cf74088b6d1819c3460f0320864a4189641bff4b8f596da054c121e535756677a1aa1055b85768521a6fb82c71ca0bedbcf007181de0ce0bad96632e6310b7f88ec352b4a9d807241944b43715261529440d96917a03afe66c3e30b697caa1a4ed6c49f8a02e58b1a93a71e0fee30fd49fb0f848321685d90725152e3227b5f553e150c239aedfa360cd9bba8d755e6836a6d6bcc4bde25c04e78ae5d0ac677248df1181e4fe2e41d65a7c144f71837c9f4bac6fa04e37d7ebf1fc8de1cd38a442c206b82080a745508dad9eb35c015a401bd3c1636c08d532d10476e40e9bf3b816aae57adafcf685b3aaaa67997aa9bf93f7626c8be7ec60011d4155e523e93f69789a5251720dec88edd7cabe31e3645081c35a2237860a0eb17dc5e5430d3f26ea3755a8a8d3db5a01976b4ed99fd4be0d548ac37a2a77566b7ca2838bd84ddb8a5ce33523e0f8c36079b7afd4279748f4969ce442525e8495de8a5460c2d1e3d36b998b65cdbb4194ef3e65b413128dc219ff09029625f5eb03dbbc546561fc5ff3d71fd0f2a95119786e04ebfadd09105f3fa64d5e5436b59d153ff92884718a862a6707e8397e58a5d511fe476d2749c6bd4085136fd39ffac563a1949fefdd8302057d26e225fce7f1f17d713984e8f1266c4c6ddf3904bd7aabf0224ac3e37b0c5fa32739e450cf4347cc10c88e685ed99e05c628f37e55939d6769eb9a16ee97ea0c71b7360ebc57696c9ea0c06270653a33a4e38f8743ae9c69d418eef25e33492b9ed097814f9cfaf18348b741d647d5789295599a082a4d99e9491ef03a7cd192f72c9552e98260dd5726df90e0f0042707950e3133a5155a21f2b6bb13c337b513019bee2ab62f9292d195da310c2ac18c8909e726ad883d06bc429d7aa4c0048b1627cd8386dbb3cebf968836eaddfa89d7d92681821ab51ffc5f31cfa02f23c7d0d58b74a2e9b353774e25631a82249817f869b4e13154c63948f28333b97541a801728e68de13c96f292c6629abc23fbfe44b3139808ea209bc5a45de139b9122584d21672d47b92db4179076df65d936292597097ce53bd415f3881db1e93ed63665ee1c5bd17b298b7172b081820d11339356bf9adaec2ed238ba6118e0931a18473506ee4 MD = d558f26d7e8e293a3911d606e7b7c822a92e28675a8e92389ca27ab0cbe71b2debbf0c360c8d33586c7a374550266db2 libica-4.0.1/test/testdata/sha2/SHA512_1.txt000066400000000000000000001065611417716165400202350ustar00rootroot00000000000000# NIST SHA-512 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 64] Len = 0 Msg = 00 MD = cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e Len = 8 Msg = 21 MD = 3831a6a6155e509dee59a7f451eb35324d8f8f2df6e3708894740f98fdee23889f4de5adb0c5010dfb555cda77c8ab5dc902094c52de3278f35a75ebc25f093a Len = 16 Msg = 9083 MD = 55586ebba48768aeb323655ab6f4298fc9f670964fc2e5f2731e34dfa4b0c09e6e1e12e3d7286b3145c61c2047fb1a2a1297f36da64160b31fa4c8c2cddd2fb4 Len = 24 Msg = 0a55db MD = 7952585e5330cb247d72bae696fc8a6b0f7d0804577e347d99bc1b11e52f384985a428449382306a89261ae143c2f3fb613804ab20b42dc097e5bf4a96ef919b Len = 32 Msg = 23be86d5 MD = 76d42c8eadea35a69990c63a762f330614a4699977f058adb988f406fb0be8f2ea3dce3a2bbd1d827b70b9b299ae6f9e5058ee97b50bd4922d6d37ddc761f8eb Len = 40 Msg = eb0ca946c1 MD = d39ecedfe6e705a821aee4f58bfc489c3d9433eb4ac1b03a97e321a2586b40dd0522f40fa5aef36afff591a78c916bfc6d1ca515c4983dd8695b1ec7951d723e Len = 48 Msg = 38667f39277b MD = 85708b8ff05d974d6af0801c152b95f5fa5c06af9a35230c5bea2752f031f9bd84bd844717b3add308a70dc777f90813c20b47b16385664eefc88449f04f2131 Len = 56 Msg = b39f71aaa8a108 MD = 258b8efa05b4a06b1e63c7a3f925c5ef11fa03e3d47d631bf4d474983783d8c0b09449009e842fc9fa15de586c67cf8955a17d790b20f41dadf67ee8cdcdfce6 Len = 64 Msg = 6f8d58b7cab1888c MD = a3941def2803c8dfc08f20c06ba7e9a332ae0c67e47ae57365c243ef40059b11be22c91da6a80c2cff0742a8f4bcd941bdee0b861ec872b215433ce8dcf3c031 Len = 72 Msg = 162b0cf9b3750f9438 MD = ade217305dc34392aa4b8e57f64f5a3afdd27f1fa969a9a2608353f82b95cfb4ae84598d01575a578a1068a59b34b5045ff6d5299c5cb7ee17180701b2d1d695 Len = 80 Msg = bad7c618f45be207975e MD = 5886828959d1f82254068be0bd14b6a88f59f534061fb20376a0541052dd3635edf3c6f0ca3d08775e13525df9333a2113c0b2af76515887529910b6c793c8a5 Len = 88 Msg = 6213e10a4420e0d9b77037 MD = 9982dc2a04dff165567f276fd463efef2b369fa2fbca8cee31ce0de8a79a2eb0b53e437f7d9d1f41c71d725cabb949b513075bad1740c9eefbf6a5c6633400c7 Len = 96 Msg = 6332c3c2a0a625a61df71858 MD = 9d60375d9858d9f2416fb86fa0a2189ee4213e8710314fd1ebed0fd158b043e6e7c9a76d62c6ba1e1d411a730902309ec676dd491433c6ef66c8f116233d6ce7 Len = 104 Msg = f47be3a2b019d1beededf5b80c MD = b94292625caa28c7be24a0997eb7328062a76d9b529c0f1d568f850df6d569b5e84df07e9e246be232033ffac3adf2d18f92ab9dacfc0ecf08aff7145f0b833b Len = 112 Msg = b1715f782ff02c6b88937f054116 MD = ee1a56ee78182ec41d2c3ab33d4c41871d437c5c1ca060ee9e219cb83689b4e5a4174dfdab5d1d1096a31a7c8d3abda75c1b5e6da97e1814901c505b0bc07f25 Len = 120 Msg = 9bcd5262868cd9c8a96c9e82987f03 MD = 2e07662a001b9755ae922c8e8a95756db5341dc0f2e62ae1cf827038f33ce055f63ad5c00b65391428434ddc01e5535e7fecbf53db66d93099b8e0b7e44e4b25 Len = 128 Msg = cd67bd4054aaa3baa0db178ce232fd5a MD = 0d8521f8f2f3900332d1a1a55c60ba81d04d28dfe8c504b6328ae787925fe0188f2ba91c3a9f0c1653c4bf0ada356455ea36fd31f8e73e3951cad4ebba8c6e04 Len = 136 Msg = 6ba004fd176791efb381b862e298c67b08 MD = 112e19144a9c51a223a002b977459920e38afd4ca610bd1c532349e9fa7c0d503215c01ad70e1b2ac5133cf2d10c9e8c1a4c9405f291da2dc45f706761c5e8fe Len = 144 Msg = c6a170936568651020edfe15df8012acda8d MD = c36c100cdb6c8c45b072f18256d63a66c9843acb4d07de62e0600711d4fbe64c8cf314ec3457c90308147cb7ac7e4d073ba10f0ced78ea724a474b32dae71231 Len = 152 Msg = 61be0c9f5cf62745c7da47c104597194db245c MD = b379249a3ca5f14c29456710114ba6f6136b34c3fc9f6fb91b59d491af782d6b237eb71aaffdd38079461cf690a46d9a4ddd602d19808ab6235d1d8aa01e8200 Len = 160 Msg = e07056d4f7277bc548099577720a581eec94141d MD = 59f1856303ff165e2ab5683dddeb6e8ad81f15bb578579b999eb5746680f22cfec6dba741e591ca4d9e53904837701b374be74bbc0847a92179ac2b67496d807 Len = 168 Msg = 67ebda0a3573a9a58751d4169e10c7e8663febb3a8 MD = 13963f81cfabfca71de4739fd24a10ce3897bba1d716907fc0a28490c192a7fc3ccb8db1f91af7a2d250d6617f0dfd1519d221d618a02e3e3fa9041cf35ed1ea Len = 176 Msg = 63e09db99eb4cd6238677859a567df313c8520d845b4 MD = 9083e5348b08eb9810b2d15781d8265845410de54fe61750d4b93853690649adc6e72490bc2b7c365e2390573d9414becc0939719e0cb78eca6b2c80c2fda920 Len = 184 Msg = f3e06b4bd79e380a65cb679a98ccd732563cc5ebe892e2 MD = 6b315f106b07c59eedc5ab1df813b3c0b903060e7217cc010e9070278512a885008dac8b2472a521e77835a7f4deadc1d591aa23b624b69948a99bb60121c54e Len = 192 Msg = 16b17074d3e3d97557f9ed77d920b4b1bff4e845b345a922 MD = 6884134582a760046433abcbd53db8ff1a89995862f305b887020f6da6c7b903a314721e972bf438483f452a8b09596298a576c903c91df4a414c7bd20fd1d07 Len = 200 Msg = 3edf93251349d22806bed25345fd5c190aac96d6cdb2d758b8 MD = 299e0daf6605e5b0c30e1ec8bb98e7a3bd7b33b388bdb457452dab509594406c8e7b841e6f4e75c8d6fbd614d5eb9e56c359bfafb4285754787ab72b46dd33f0 Len = 208 Msg = b2d5a14f01e6b778888c562a059ec819ad89992d16a09f7a54b4 MD = ab2e7d745d8ad393439af2a3fbc9cdc25510d4a04e78b526e12b1c0be3b22966872ebe652e2f46ed5c5acecd2f233a9175dd295ebeb3a0706fc66fa1b137042b Len = 216 Msg = 844b66f12ba0c5f9e92731f571539d1eef332e1549a49dbfa4c6de MD = c3f9c5781925774783ae9d839772d7513dfcea8c5af8da262c196f9fe80135b2b0c8c6ca0a1604e0a3460247620de20b299f2db7871982d27c2176ae5fa7ad65 Len = 224 Msg = 6b6cc692d39860b1f30203653e25d09c01e6a8043c1a9cb8b249a41e MD = 2e5263d9a4f21b210e0e161ed39df44102864325788647261a6e70ea4b1ee0abb57b57499bc82158d82336dd53f1ef4464c6a08126e138b2cc0892f765f6af85 Len = 232 Msg = ab1fc9ee845eeb205ec13725daf1fb1f5d50629b14ea9a2235a9350a88 MD = 72d188a9df5f3b00057bca22c92c0f8228422d974302d22d4b322e7a6c8fc3b2b50ec74c6842781f29f7075c3d4bd065878648846c39bb3e4e2692c0f053f7ed Len = 240 Msg = 594ed82acfc03c0e359cc560b8e4b85f6ee77ee59a70023c2b3d5b3285b2 MD = 5ef322cb4014ecbb713a13659612a222225984d31c187debc4459ba7901f03dac775400acfe3510b306b79894fb0e8437b412150c9193ee5a2164306ebb78301 Len = 248 Msg = f2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac MD = 7978f93ef7ed02c4a24abecba124d14dd214e1492ff1e168304c0eab89637da0f7a569c43dc4562bdb9404a018b6314fe0eebaccfb25ba76506aa7e9dcd956a7 Len = 256 Msg = 8ccb08d2a1a282aa8cc99902ecaf0f67a9f21cffe28005cb27fcf129e963f99d MD = 4551def2f9127386eea8d4dae1ea8d8e49b2add0509f27ccbce7d9e950ac7db01d5bca579c271b9f2d806730d88f58252fd0c2587851c3ac8a0e72b4e1dc0da6 Len = 264 Msg = 9f8c49320af9370cd3db20e9b50d3eaa59a6232d7a86fb7d472f124508d7968b05 MD = 81b002f15c4d48be8517f7ed89df302fb1435c9435efefed58f3eb8ea11910623f1eb9028a66e02121a7f08a7c604226f2324f483e91548dbbd2c441ab704ce5 Len = 272 Msg = 4ab9aa069475e54b25e5688a52dd4acd134169c858105f01a0a1b134c72d4af51f8e MD = 48ba5a63aba7e7bd8e420475331125a947928c67fdb00f65c4080d9a0b99c0672424e76a1ba6bd76dfe492c730f6f9adccaee7bb11571aadb31f6bb628cfa933 Len = 280 Msg = f0c1d3407de92ef7421e42df5c9ab31d2ec0a750a9522869cbe4cabd66908d5823ec04 MD = 9e75c5bca2c2af1d7739787f46e1d981c4f98e493d0724b5252c2fbae3c526719f1d27e6ccd0d705240281e8fbf3db75b9b3205c1413436d3b5d140004b8cca1 Len = 288 Msg = ae8c9f8fb41b519b6d943833fe1c32d1c4292fb1ddf1dbe2eb227d9e14d31ed74ebaef12 MD = 042f9fd0a4ed3d9fec3655ae11011c6f2bc7e457e8812b6d8be2cd45fc6c432a94558c88f22c01439618865e8e49e509c448b342ca914b120344aaf7bcbdca18 Len = 296 Msg = da39fb86237f00303844e61fc6cfe779e42af53349839590bcd2f0e4cbbc279ec0b7e885d1 MD = ecb43de8c233a731b38e30c5696f8876761b7ea72efe283fd07bedf20029f47c6d2a4427823e100fb087abaf22d7eff42a951c97c3dd05f48a20163fa4367cba Len = 304 Msg = 3e7271d2070ef095394620c4b016576c150f34bea60784613a0f660d7fa5ae56872b88c58398 MD = 8154d0da634ab2266061acc123acb407650ffe9164a22de3fe29bf05393b2aece92cf4db00ea5b4341c31ddb7de151683c8a71b5a44d5c3175790feac67d18ee Len = 312 Msg = 311fb67f6a0784bb01a2d5a3f3092c407a9d3322319dff9a79f894291c5fac37319fb408402e18 MD = 1870fe913abb0a4b4f53b6581ae18322cd05328514556607f3f4d7b6a2ac8e9185d94d947d8b9c88e0efa66d89b59f7439c75fdadd1816f7412306ab2b59d664 Len = 320 Msg = 7651ab491b8fa86f969d42977d09df5f8bee3e5899180b52c968b0db057a6f02a886ad617a84915a MD = f35e50e2e02b8781345f8ceb2198f068ba103476f715cfb487a452882c9f0de0c720b2a088a39d06a8a6b64ce4d6470dfeadc4f65ae06672c057e29f14c4daf9 Len = 328 Msg = dbe5db685ed7cb848c094524c1723519d49dc66ef9fe6d57e6862a6435750bfa0a70f104f5d396e61a MD = 2fa6e5b2c443a68050f093e7fb713bd6b18f6274c061ed61d79bf0688a61dba1940bcc30998276860943ab038902896d0fbf59b88b07c80de927037097150c40 Len = 336 Msg = 9fa83e96b2a6df23fb372895015678e0b2c9cd18a8542c3eaa2c435a76ae4dc9bd5136d970daff933acf MD = 3a2c0ec88a3e5347cf0ea9c078838300ef7356f9a6c342063277c106b880a00ed2be205c13064097bd372fde38007bc306561eb4e74bba2bb20bd354aa690ca6 Len = 344 Msg = 8a5a45e398bac1d9b896b5a2b4e3566b91d80ad20c977ea7450ff2efb521d82f65019ee762e0c85c6cc841 MD = 3c704620f4066d79c1ff67752980f39ef3d9c1023fa5a213a5265376b14a15166ffe069b51df7710d8907fef9406bf375d502ce086ac82aff17229aaa7a5a334 Len = 352 Msg = 49cfffdaf4d031e33b1d28a447450545f6c4293b38d5afbcb9883976c014f080576ec691ac1bff70b742efab MD = 8bcc4f1ea2b7862ef1591bfa73916665de8faf65439ddf5cc1be43cebfd5f60f205e835a2b186b675b041258c5cff42669316ce25b46a2f4d4218e102f0f5d6f Len = 360 Msg = 2ff845d85efbc4fa5637e9448d950496f19d8d57da99b7bd3df7474822f0a790586736416714e364c6e1fae04e MD = 236f6f4ed6e858c02d51787e60c578f731f694f8e52b5df4ecd5b04dff14c78e56bad1028d6f626c29d85aeee151a2a2846d3eed5cfafa9854a69fea8af6d04a Len = 368 Msg = cfca05fd893c0f005f5ff796f4da19ba27a1e729956b8b715e67ce4b2d2a382a72ec7814f2f507b1825209a20fcc MD = d80969284a4565add4dad6ab9b3bdf53446142f84aaf92d4b23dd22ee7241e6c81489ac8b246edcb6df9bd7b23d91a0c517f546feba4ed5790a2be6e165c1709 Len = 376 Msg = cfc425759a9c36bb9f4b32eed7767af6566f68ded0adeae25c7a70ca78ec09774d16c8bc357f6d6f7bd441bf62d942 MD = b587a785cdf455cc9c544e756c1e306300aa3c59f8725012e68ab4d54020b6d227a164d9f83c905e86f8cebeef708a69f976d6e7b18b9bf78e9b98cc4a5cd1b6 Len = 384 Msg = 097c9db919515242c99d973acb1dc4ed482768f974eb83b465f9f6c82503372006e4490835e2ec8f92301130bfb790b2 MD = ff5a376f938e73014caef7fe3962944a7230d020b7087869ebe7ec70302721cd06fcdc981c893a425d05e2f99fe198e4db50a088aee2bf1263212110efed422c Len = 392 Msg = 77e73d387e7bc80419ebf5482b61d5255caf819fb59251ff6a384e75f601ea026d83ef950ed0b67518fb99dee0d8aaef1f MD = c4c89cd882ec945cc888fb9a0127d35e585ecc14a75e4b5b3d8330538d22da28cf6af1ebec96dc247f109cd2aaab9756e6946a3d80db8363a4da3e6ddbb510a1 Len = 400 Msg = 317e5d9ac73ed0633fa18ebebbca7909ec3a5ef790478f9c38cacec44f196d895835b425774483043341381e7af2d383e51a MD = b10bb04491b9c0c334709b407cda1d503efb6b63ee944f2d366b6855e6e63e5b80115be4be7ff63edecdfb5923792e68123976d79212b3884dec2179d1fcf382 Len = 408 Msg = 209461f20666a346fedf4a530f41a6fa280c43665767be923bc1d80bbcb8c9f8f93ad75782ea2689c8c5d211d2053b993145a0 MD = 67b7a328d9444056a52ca2f695c5d3f3baafb625a14fb32eee8ff26a40ccb296bec1771a826b55f7ddb6170d4caf7795b612448e66a0f19356fe505927149b47 Len = 416 Msg = 5d61aa45c446f3bf93604b0511313b4e2f306d6b046fbd94797b926746836f2e1dbdc56124060c6ca9c911b1122192d112420827 MD = d3931bde2bde8271ed18ca0b9148b12f6f16161e637e376fc961f65bc33bcacf2f6addf26a3eaa81b196653cc37e8a739ec5b3df870d8c38c8f28691c22a39bb Len = 424 Msg = 9288c795bb0b86c0419d9c5637dcc37b39bfa18d441e3fbfca75bc0306e5432e8e7b3a5627b5bc7fdc424a77520abdff566e7f2bb8 MD = e363d0e95d8cd18c384016ebeed6d99c4fa2768e2bd58fca019c5108b9cde1cb46f3f884028a55ce282ec310a10037faa1b16b4a6a669957f0b00f350bbd63d0 Len = 432 Msg = 780427dc164b2f69b8c7d569266f461e2d30c88c4cd6057fb030a6cf636f24e3c0d0db742a7b6193fdaa15eec50dfb4fae6ec7653c91 MD = 2964b009fb1bf996de12e030b9d6e0608ae8b9dbf2acfb9beb76fc5361cc104ee85c2a46fb7b4cee90848312da302de49afe61c546477e2b25d223d5e3d33560 Len = 440 Msg = ec2a92e47f692b53c1355475c71ceff0b0952a8b3541b2938270247d44e7c5cc04e17236b353da028674eab4047d89ec5dad868cfd91ce MD = c83aca6147bfcbbc72c377efa8d53654ba0830c5a6a89e1d2a19b713e68fb534640deb833ca512247166dd273b5897e57d526f88eef58f6ff97baee0b4ee5644 Len = 448 Msg = c99e31ad4e23ac68e15e605d0b02437f8147c44f5445a55b68a10905276cce8676481c33e8cd3efe322bb13fe0107bb546ccbec7b8b38d10 MD = 52992d45a88221d972958e9f2854adaa9a21d2bf7051e1f1019ae78004da50c5b55c144a02afffe539d753949a2b056534f5b4c21f248a05baa52a6c38c7f5dd Len = 456 Msg = 9aa3e8ad92777dfeb121a646ce2e918d1e12b30754bc09470d6da4af6cc9642b012f041ff046569d4fd8d0dccfe448e59feefc908d9ad5af6f MD = 994d1cda4de40aff4713237cf9f78f7033af83369ac9c64e504091ea2f1caff6c5152d6a0c5608f82886c0093b3d7fbadd49dfd1f9e0f85accf23bc7dad48904 Len = 464 Msg = 5842512c37312511a3d8ae41f5801df60cd682d58b4a997342b6e717e94006c214813e6c63e75591f957a7ec301779838bec8ae3ed7febad0805 MD = 9763c43331ad0eb279d704c5f6e97e02da8724115026827f889e9fcda21f60fd230894ab35abb719890f3afa51afd31bc6852183b9c51059910af460abd2474d Len = 472 Msg = ca14e2ea2f37c78f78ef280f58707ec549a31a94361073e37701bfe503e4c01ee1f2e123e00e81a188f08fa050825709128a9b66bb8ae6ea47e41d MD = 4600e022a02258739f67fdd367cc1e662631fb087918768352062b9b3c8de8dbca0e9ec751b91f284694fbddb8d325c0637bccb21dd2efa92e48dbab2e5e9c26 Len = 480 Msg = 647629c779b24c1e76f41744aba17159487532a0156a7d8264db50d645e9595ff81e0c96a850f2aa56c844c613a4b892727a9bfc3d3e20386766f805 MD = 5bc842fc2d3b7eb31d2d3044df3ec32af114feaa7cfc27ebc8630f46ab6f0c543f59b812e776e5303861d17da3f1f16097641f3b808d4d5cb3e483946409746c Len = 488 Msg = 1c5dc0d1dd2e4c717635ff3e9b67caf957aec0f8f63c1b1e221e800a4c14848f4ea06e644e5d3e1de592ef5a8007fa3f07171b24bd07578d68963e5cb1 MD = cbf1ea86fa5b3dbf67be82fac41e84cccd0d296c757169b37837d273ccc015eecd102b9ce1cff68fdc7f05d22f2b774734f62ded54c8ee0bf57a5a82010d74f5 Len = 496 Msg = 8a555e75477d065b3af7e615475f37c0a667f73a4c7af5e4a69f28a68d9f4434776a8f90eab7f1d137eb4b22643c0a0d6a16fcfaa1bd62f2783546a9695f MD = c088e4a3d7da2f6f99a8f3f717361108872b8ffef921b383c24b8061d4e7c27fc56f4f20dc8f952a14043c5650b5a9e777c49c41cfeb3f2de97ee2e16b2c3924 Len = 504 Msg = ebb3e2ad7803508ba46e81e220b1cff33ea8381504110e9f8092ef085afef84db0d436931d085d0e1b06bd218cf571c79338da31a83b4cb1ec6c06d6b98768 MD = f33428d8fc67aa2cc1adcb2822f37f29cbd72abff68190483e415824f0bcecd447cb4f05a9c47031b9c50e0411c552f31cd04c30cea2bc64bcf825a5f8a66028 Len = 512 Msg = c1ca70ae1279ba0b918157558b4920d6b7fba8a06be515170f202fafd36fb7f79d69fad745dba6150568db1e2b728504113eeac34f527fc82f2200b462ecbf5d MD = 046e46623912b3932b8d662ab42583423843206301b58bf20ab6d76fd47f1cbbcf421df536ecd7e56db5354e7e0f98822d2129c197f6f0f222b8ec5231f3967d Len = 520 Msg = d3ddddf805b1678a02e39200f6440047acbb062e4a2f046a3ca7f1dd6eb03a18be00cd1eb158706a64af5834c68cf7f105b415194605222c99a2cbf72c50cb14bf MD = bae7c5d590bf25a493d8f48b8b4638ccb10541c67996e47287b984322009d27d1348f3ef2999f5ee0d38e112cd5a807a57830cdc318a1181e6c4653cdb8cf122 Len = 528 Msg = 8e8ef8aa336b3b98894c3126c71878910618838c00ac8590173c91749972ff3d42a61137029ad74501684f75e1b8d1d74336aa908c44082ae9eb162e901867f54905 MD = 41672931558a93762522b1d55389ecf1b8c0feb8b88f4587fbd417ca809055b0cb630d8bea133ab7f6cf1f21c6b35e2e25c0d19583258808e6c23e1a75336103 Len = 536 Msg = 52761e1dac0eaea898e0b07cd24f4b2e6bb7bc200ea4b0528842f17b87154559a2ea94459a0e480ae0bdf9f757dd4a335aed0e510138b024a04ed1d591b4323234dbd5 MD = b826fe80494e19c51b42f2582b2d080ba6b90512f35f2db67dd7fd5ee532eaa16498afba08b4996cbcfdf8d1a2df6b1da939e8265115a48aefa42f38205db436 Len = 544 Msg = 3804ebc43cbea80c2bd7e4fda5c5515500cd2d2b846a1378dbf218d5c377138606eb3cb8ac88f9076f6ff4436f90717427c9df1ba052acbbe4585e98b6e8e0bf800f1946 MD = 17dd6d87bc6773051e52047fd444996afa8124b0483fe121877f98553448772bd0e7751fc655e9cc2d29830211015d310f191474ca6adc0477a187c03b8fe252 Len = 552 Msg = 2249d698c4d807a8e7b4de21c485738959a0d67e5d2ca6f77983dfccb5dbf47931261e1f1537f3cbca253afb6bf4fe5e7672e1dcc860b3d6c8d243afe2d9758b375e955692 MD = 6af44563fc468d51182f6c3be58d45932af1d985c6f283976c91a9ff421f383fe21dc7322f397ccead583e26b3e3fda067976a7f34665df25a2ced7b4b09cdec Len = 560 Msg = 32a9c17033658c54f22c7135ddfc879de94d79593ef2dc7d3041bfa872738389864eeda27801794ccc4ff1fcb5ef3fc48833801d6fe959e3627f8ea1536ad00fa9c7d7d9f043 MD = 6a47699dd3ada2f11bc4ea42072b06cc20857bf164497df1285400c250f5848b6f71957dbdc845f5daeab913036661f69387893fc2d61c25fa59b9d85b19f401 Len = 568 Msg = 3d65f69a590a5baaabcd274fe3ef9e88920ffc7adf05c16d7b0f4d18d72bac1e94c3b3d83b8f4c552eb80e9fde3911403f8b000579816f02e1716fd627946031d0af0793e7f3e1 MD = ffb2d9450943c24b5933c24812459b75d3d9f380344c9bc06fa3e17ee448eca2f98ff79f7e2235ccd9f9a8176f68a2254bbc9b834d6ac8d2bfdbc1597c432c9f Len = 576 Msg = 76ff8b20a18cf104f6cdb65e2ba8f66ecf844af7e85e8ef2da19e8848a16052ec405a644dafb5ca08ec48f97327ac52c0e56218402c72a9a6dc1cf344d58a716a78d7d7529680bae MD = f8858144c6d709dd0689a526a548a43f17494950ba2ac20544799e8ea27201d78bce5b921e29a7b4029278e68341ef2a0ca4ba3894566b3c8f8950e3e545a689 Len = 584 Msg = ca88dddfc876a12f45f19562bc9ca250f43267ab251a7f345c3c022e20144e135604078762ef5c8a8f038cf1b1d6a91709b59dd068396a9e971ab628f74886e765384a23607c1a1e6e MD = 4f3d9eeef349ca51a7e419af1686f42795abde58a85335ce68d496e81e4436a80a61dc143a4300008c23a3e71f4ba98743195a3694a8d02fee11bd314569abc0 Len = 592 Msg = 0a78b16b4026f7ec063db4e7b77c42a298e524e268093c5038853e217dcd65f66428650165fca06a1b4c9cf1537fb5d463630ff3bd71cf32c3538b1fdda3fed5c9f601203319b7e1869a MD = 6095c3df5b9db7ce524d76123f77421ce888b86a477ae8c6db1d0be8d326d22c852915ab03c0c81a5b7ac71e2c14e74bda17a78d2b10585fa214f6546eb710a0 Len = 600 Msg = 20f10ef9a0e6128675340171cd248df30b586557620b615ca39a00db534315a9012dbdbfd6a994986eb829dbe6cdaf3a37d4f59ac27298742c8f777b6b12677f21eb289129579868705f27 MD = b4ead3f860eabbd36c770d66c7356f8107acd1485c7c94178c2eaabd50266d7645d009972586ef83ed43ed92882137df5117b88f35231b894ec1741ae7501145 Len = 608 Msg = 995c8f747ea418f7d63aba2260b34ac3c7dceebb78438ca4b1f982b7db9798ec1a7f32622264cb024c0d9e60e955a6e1d677c923518851990a459b767d0f13cd803460f61870db3391b44693 MD = a00a601edeaca83041dc452d438a8de549594e25d843c2cf60a0e009fb92d87abe28a72690ab657c8d35b43cd02d22ec0755de229d1f922fa6ca18a6d6c2aaae Len = 616 Msg = 0feb23c7e4a19bcbd70bd300d76ec9045d696f8c9687f49ec4154400e231d2f0862495150cf250b6f12f172a7d130f8fa5d175bf2f25e280172ccdfb327951701165302728a619aa2f242631c9 MD = eeb6dee30c119fb1e1eb5c15ff2b32d8b9c7464a4e4cc6815cd251a6bae29b49961dd5c2fa9c44a9b142ca062c7072cbf3db04299b767789040196bf0c06aa76 Len = 624 Msg = ac59a110623f1a64666f160ed32926676cb5be25dd9d962f441951b0efcb5d6a67ac1a4eae473e49c6257860728853ff415c5e8ec76a8a462ecfd343eeac22dad820722c597332fbfd94ebbd32c6 MD = f65ea942ae0a47e73b02b1442e5b26083db79307f64dd34a039c476faf18d5c514bb77a2c412a6074a7afc326ea66c74e5705fe2abbabf274333325a15b61fd9 Len = 632 Msg = 9e3e1077e1333a1fb1aa633ccf2f746588ad426489ea08dff5511438b5f4c0b110d1a4d47b540a12b21ea2aa070578ccfa5c22fe0b743ec0cc621c6b3a03b75f4d3eea5dce89e03269afcd9603d0db MD = 4b5c5df80c344c12388c723856cd06965b2190af652480476747dc2195ea3716f87c1762359583a5f31522f83f7833bec30f1f47d14540417dd463f5d258cd4a Len = 640 Msg = e881e3284c79d8f5237e699e4fbca84090c664bb53229f58cb0842b0436710c9b329d98191b8f030e9c1df89b03858c1569c6ff49a7c07c4a23a8a434b0fde13be4f94cb44ee629d5b44d336090d3de6 MD = 147d8071c7871ef9256cff32aa63ea031404fa5ee4ec09c56afdd5da919b0cc84a9d35d142c417715203316011cc620cd6855bb117063a5e52867facc680d5f4 Len = 648 Msg = e58521098911503de84311387d375c25929e6e55076eb6934fd8f2b1bb7b9667fbd76d5ee204828769a341b1f716da5bdfece6c62a9f4d4f988267fce1f5615540dbe375324eef607c910d976b45a5ea5f MD = f97ba056fa41f43b8e1987072a09e828c71c5ff6ad4e37f9ab6b89e2a078933dd23052fa72c6615b613904259e9ff9b55ef7b923b89bc8752f6babddd256e117 Len = 656 Msg = 3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c9f133e5f8527f1b184830e07c3458c83a8ca9f9d9c6998760e610668ba0f22e22b656a737e978b246a17840b7dc4091da85f MD = c8a466199acbcbc93f2ce042968508c046901631e3118a2d0bf39a9b42b4197a379b3a86cdeca9df2de1a3eb71b79ae9bf2d6575eadf1878029c4093133f54d3 Len = 664 Msg = 9af608d031ccf309d7273c607a8e5e36840d449b55db5b13f03aeb9af49fa7e7cf1383ee2ed9c5a8b7515f16fb1c7c84a681590bf90f56597b844db5ebee223d78109b72350772f7c72ea996603e1e84f2ba5f MD = f0ded9495b4f64cac585be8a737cfa14247a4a81cdf7f01ebcb134ace71f5a83df2cd72e7773fea1e82beae17e13857372792c8231e2ab9fbeb633e399d5f0ae Len = 672 Msg = d0df1bdf1df6203241722fb9c9c1cf7405017497ae154538ccf9224ad752e6ce1d4ae948639aca70cfe86b2b06543cb9914ebd3085aa3e2963f6e9b93d0b03a31ae26fcb9ca974eee016c091a6fcac37b21cc1d7 MD = c2da3ea3c8a3fd88a5bc5dea2bc076f861abedefae5a5fbd941ddfd1c41cc3312eb2dc826c2c0f65414fe72ebee447d2f9b1a6a56302660d1f86632ee80a175f Len = 680 Msg = 8cbc9480553acef7bcdba9716ea8d66b4131780917de2b0b048045fcb32b5cac054808e1fce6e94ad851ecb47fe6cb802225d3551e08ea122093d0078dada564212eacf1d6394e0007cc62a1d595ab14ca08a284bc MD = 63b39b88ceb848188b37316e04560e75a5340ab8d417932d231c997e892b41daa69d9fe3e9a14dd19ccfbbfa01488c208e7b946cfaf16ca2b1bf7c8d8da4e6b2 Len = 688 Msg = 38f184448f3cf82a54cafc556aff336f23f9149e612134b3fc00c8a56455653d88640b12f69062b8432c4335ad8f7ab4ff66cb7eb54f332561a36f024d92c3e26276f4fd48619628cff88e4b8e85cf14ca4767ed990d MD = 9a49265fc641c59f1a91872cdae490d3da73c0c60fd59648e1d17dba1a647a5b95629392bb4ff5163d1a3cb45427c1437a3b2e1d9f030c0a8bcc5ed22da9e2ed Len = 696 Msg = 70900618b1e9e9db62296fb6c6590c9f10b0a632765c489c887f1ab7c07791765a62e38465e1be281b1d396c6e080b7ee3e6fa56a30b9799d0e629be153ee76f81bc6a3295aa61489bfa87d53a8ad24248a6ede0dfcfe9 MD = 1c8c3357ff1f8d6ac4defb3af462a73e09159e3a20c6506edd8cd3052df941c81f68c5fbb893912619e28640977fe8eaae8e9d5d4e7d5f132552cefab4540bac Len = 704 Msg = 4e6ddae0d805afcd10a055bce584c848d050fb29fe8f1c64b18e1abfe46b65782e6ff536e89d8d40928b41ed7371365c8080a9647f7532ce6c6d4ac21cfb0c8020783851ec9a7dbc3948f8fca7adf8b2a78c04d898d31ff6 MD = 5c2f996c779b91b3c4639311f54fabbdde7e2212b53dbae4828c8399588fc00d3b2ae60918aaaf6bb48bc757e52b2bcea84f5d15bf4ec25d5519fb54f6f26e1b Len = 712 Msg = 696825f6d6ea8173ec47d0959a401c4ddf69f8f08ddd678a4d2ff976e3a4372bb39f4159845cb63585e1d4108d32e12fa7c5c9d7ce3508a7f53aca2b4bd951adbcd8984ebb7536563f5884c90bc5023b3316f7e4dc6958f743 MD = 3ce940ca96b00011375daa95c65f66907d69b3eb3b8d779e6fc971afcc05e990bc4c541f434590f6b18b68c080d0f24475a3e764e9cb85343301314ee2fb661e Len = 720 Msg = 79ecdfd47a29a74220a52819ce4589747f2b30b364d0852cce52f91e4f0f48e61c72fa76b60d3002cae89dfc5519d3430b95c098fa4678516b5e355109ea9b3745aa41d6f8206ee64ae720f8d44653b001057f2eba7f63cd42f9 MD = ba3d0fe04470f4cf8f08c46d82ae3afd1caea8c13bebbe026b5c1777aa59860af2e3da7751844e0be24072af48bc8a6fd77678aaee04e08f63395f5c8a465763 Len = 728 Msg = 9263fe75e8f6c7d5d642e2ca6a6eea4f44e9a0f249513ed79c9409ffca5526ca4491aebb1382057cc7c36722b0b6c3b15123cde312214f25353abfe30bca170568a8e1ba5408917403a01834080ab607c56a10d0265082498fe0b6 MD = 7736d7a7fc1eb05857ce7d88abfffa87f58c670bfdfc0a8031f60f379e4b6ad94ac8f13ffe28c697809b5cfac7f13be01e7496a85237c4025539051fb2e32fb6 Len = 736 Msg = 78c17bfe0e02eb526d1a44a1ac127be082181452b625394bd6dc093a2cb432e6ee59c2f8b5503aba30dae41e1a1c6702697c99b2c94e94af48b00caf53b2e0e4e1bbee81ee282c7b2b35f58cf421a07e828d57a6622626af25835399 MD = b56b6e343166328523e0d1693e5174da643ae83cf69c85a7b3c3bee247b77b84702069d9e6b4cab03bf17fe612009bf4239683ca78ca7e876aca7d07603ba714 Len = 744 Msg = 298bb304a920f960447d8fd38b061bf8fe4ac1f871d8a0feb4549feb72ca694a5a41b6867d94cd5af77d468ad2f315d127b6c41a862800f3985e573e037740298e2c5c6186a9fb83609be2d49f8b4c31f96a2e49b56dbf09571b38587f MD = 34e3878627904ffbbbd85266cc973c34f931e3cab5d4c31f841c553dd69f84838206067df4f9f3b9102001be19267151e673f5c2d4c2f8438a6999a0a325487d Len = 752 Msg = a3cf714bf112647e727e8cfd46499acd35a640dd393ddd263cd85cf6225f59890a0686dad1c54eb8d809b81c08a98dba131bbdd6fce8ff59d95db824d8831ea480529da739227a6e0f62b603b38c35cdc2581f614a31879b8be54aeefaa0 MD = 6f230ae4903ddbef0ba384c2e3506eab318bfd1a46ea76099f65a3fd529c91bc2865b9fd943e346de64626b8529f9db1377bf2c5e0129c66b50c6a5cfb364b3a Len = 760 Msg = 0a427ae55ef3a7e6044a08cf6128cbaaabfd776c4e9374708f2ece246fd73603d2f54ac3e01d16cfac2bdaf713920d66e8f0a3d54ee68cff64267d5528cdf2f295f474d10f81173e0143488ac53fc503c444ed23dec63a080ce90c2443dba8 MD = f6bbe5d0cf13ddf41c1436748a5d1ccae2948547b452c2171c7c8e8b66c6ae4de3c0e8b2962bcb60d3de3608479f80e455c9024d9716c38f6f1206861ab1eaac Len = 768 Msg = 2cbbb87511f4948efec3a61b511ededb1dda8b6ecfc0210c11e43a77ee32dc2e374afae4268e3d30427804868232a966b56006d3214037076bf6a265b72135af0fb2ef7909fea2dea412f7717446b276ff153753662b4d4148c02347e3259169 MD = 76897b87a8a1cf835c434f6d391c9e5227351af9d3e20a3389c796b98b424281a59068d9c8d567ec2bebc435b0126b059e2d86394a9854d6611e1c922f385496 Len = 776 Msg = 2b23324c9992f60a7fc010159a03cb9a2b290df4fa6a82359b9af602f0a403a5ef33ed5da5b2caf87b77e6a4b93b650348ce2a7dbc08f8da9203d710b587ba5947c65e899f4a759f8e2b049ae7850a8e3e2962f6ef93ea4c631de5d78e729ec5bc MD = 3beea0b373ed09cf1c919c51d86d642c9125e0ee81698dc4cbadf02e9e6925efb562fd9b87301a6377ca192be79c4118deabc450b54639000c2e312945451fb5 Len = 784 Msg = 4022f930c7033b00d986c65ff6bbbdf9ebd0e58c52844ff658df3893c3202dc533f873d4a7f5a5f944419fb5528c9b6788479a1e891306acae7995fc06db70a59baa95bef7da79f5e793f2db7f2a55825e4fdb4a34884af881ded1089fd5334502a2 MD = 0358775bbb733ccc49e78f544aeee512370d480d0e13c7e8d5c444c423e592146b45fdb91a1b694d35e36b60e4bc8397fca8bb9790e619339778b9cd1abe3fe9 Len = 792 Msg = 1cb77ba43ce77e236b9fc925f589b1c070780a84f99e8f50c1ff846ac92599cfe91612c8178325bee642a34f4dffdba2aa2ebcf7064339829b26f27993e1106c139c70d578cc05f0e1a777cceddb10a2c67fd9675e4a009df8037d6eeb38f5fba233df MD = 6502f46551a3fab3a96428fb97801d7a4aa2f17fef6603238df84e17c74309ed3d9489c8b16a9384ee634a3f86d0b3ba9a4dbc9c51ec8bd4bf8d61de6d3d87d7 Len = 800 Msg = 52167de2d6c502d99fa10c27b2ab6203bdebc2cafbbfdef15872a43dd610c2362f796ad9bcb5528d95870058fa454453f1e6065b315d410a3f2650e5d71e69d78d9767dfb4accc057fd2069266b0f180cb319e30ded7535bbe52d24be151de4bb598fc5c MD = 25cb3ed3983a91b4cf37a65193916c5e3e211b63e943e2f7b50a85d349a463b941aad33eff16561bdfdc92fda06a4e1d94b162de48f06d3c626940b31020925f Len = 808 Msg = cede6697d422ddaa78e2d55ae080b8b9e9356c69bc558201a2d4b0b3190a812c27b34bbcee3a62b781378b1bf636b372bcbae1fa2f816a046a0a649a5c555c641fea4ccd841cc761f38f777972f8c91b0324e71c333ce787f04741439bf087ef5e895011c0 MD = 0be42a25d77ac6ad995c6be48e783380bad25a61732f87cefb0cce1a769cd69081f494a1a12d657664ef2b4d9c41f2ee83f6e9a84327d8756af9f985595e7d3b Len = 816 Msg = 56d18d3e2e496440d0a5c9e1bcb464faf5bc70a8b562124f5fc9e9deb5fee6544b945e833b8b5d131b773ecb2cdd780cd4e1bb9e4f1e3cb0a1d64d19cf4b30e44e6c2d0cbcb4e284ce50db7a8a8062ddb63f981d9026c532bf8eeddf8af5a43848a32262178c MD = 982dc61c91a93770582eee8025aa55da8e9edb966bf5cf70d4a6534c0d53a2789a8c4fb65b7fed478cda02ed1e0d198d85c5c735b2417c5fab5d34e969fc8e7e Len = 824 Msg = 25a7320dfaec5af65da4d0f8688e29e8e95532ecc16679ea8aff0f407d898db6922855b0e8901aa9681aa3dca617cb440764cdc7293fbeaf7f585b593c2b0531738e0ade7c8626b9995f4a84d9fc9b593d6bbee01abc53c5be14bf6956fd2fd81000dafc7c7686 MD = 749c928c3d5510925bfe98659025b0ed7c01acd4d59a9bf1c54863a088091771dc9d407bdbf83b0f44b0902e10349ba79c84d0981d5e8c4f5c733a117fed0790 Len = 832 Msg = 3d7177b28ffd916e7e0634895833ba0bd9e0653df2cc4202c811536a005aec853a505e75db55d3c7107579041099e382a1feac80dde65d72368e909ab85f56d88e68d7c3c80c38f85bf8c2b36959409cc34ba8e3ad94fe8ee1927612d672d92141a329c4dd8a88a9 MD = 14a331508cd7d94fcce56a66bf65f20870a281c8442f8dbd4c2371454a2b66f8d0994a0b67692e771efc6a5e0b887acae7d6f4ec7338e1aa89f2abc7034c4e4c Len = 840 Msg = c033e4a512297caecdbead892b11a9f7007af9a74bcab89e0bd4ffdd542ca03ea12e17a06c42bd43fc5f3f757fce4f6f5831997abac3f95676e1ebdb11ca43e11aa31e5ebabe18ce8d1bbfd8b02f482e1ce581b532e307e6960eb97441506c2ed299e1282523f41527 MD = 95ac9b7d22aa458921874c4b4331e7d64761853217c3f83c601abcbccd7e2eaa6ca6ce9a22ebcfe5046d52f8a09097f043ab8bc59243fd770090bb432c3155e9 Len = 848 Msg = 69fff0f1a3dbfb36e32f025819fa99ea9a0edaef73145bf7fcd05d8bb0a646cb3b5d5256d524856acfd2e44d6b72e4ebf1ff23c0ff6c56f821e782d5a15f7052a1445b06668eeb4af700679ee7ae26496fbd4640c06aa149964dfd6011df835ac13b73c8ff21151e8440 MD = 45d4daa652558d1c12beb0f5662c712f325b4c802fc6eb9ee039c949d002bb786f1a732712be941f9c5c79b3e5c43064d63a38578e5a54ee526acb735b9ad45f Len = 856 Msg = b2c439c97ab7c63736b3796324d68eeb7a471ed142bd9622684167d61234fff82f93f907537a909bc2e75a4bcbc133cf57197662c1af746ae8b81e5b83de05d9b589851de25d3c99c004c1dfb12d93bf50d450af49c428716f5b90ef088e3b6a6b2c46d3ce67b379599018 MD = c48ec83be5fa669e6ec8db90aca9676cfe2ec0d5e8e7a2431687bb953c0a300be3db4075cca3bac4dfa4d971baf0fa1aff46639db4b238856ff36d1dfcd520f1 Len = 864 Msg = c016f522f26b7470e922b9a287e6d45f6c28813b68c1457e36d9ba266708272f9cbc5411f8db9d8bd5a9449fb6eb0cde7d4d03e5df019f2814a90ceed377c59d7d92623899bcb0268033073559d4d8de488686cbe3d67796e6df6ad4276d0b52cc62c49ebb58d7c95287aa6c MD = 7402f1a99b47e102b3b73140c6771b07ee6c33b3715e9c4027c441bee40511b735d95e508baea78da26fded9b7038e9a53defa58448aba40dc1e62d7ec592107 Len = 872 Msg = a766b2a7ef916721f4677b67dbc65ef9b4d1bda1ad4e53fc854b0236440822152a111939e5ab2ba207719472b63fd4f4a54f4bde44a205d334a2d72cfe05abf804f41841b86d36920be6b0b529331ac163a985556c84511ec986439f83e1d7311f57d848cfa02df9ea0cf6b99a MD = ddd60f93a3babc78299cf763e7919d45ac6f479700e1adb05ab137acdf89c1521ecb9dfeacd091e58ca57a1db964a9c3cd1fa39192cc1e9f734caa1c5fa62975 Len = 880 Msg = 10f2be77a4055771a67007cd8630e3230e38288499cb160380290174d66da57455b6baaa9785c84c8a663de41ed3bd544055b9170cec43cb3eb120eceaba1fe36e3eaa3fa4f99b425cd2519f09bc0282bada52d14ce625b1ded3b24d86b1dad342d2b7be322b775b04fc6b86afb4 MD = a872fa33d463b3343cec57c20c66979c33e1ad067bfc703454696aab5dd0003bc194318f4a8ebbc74503feb7211a472dadee991efe3e38f21a1310f8a76eac80 Len = 888 Msg = 324533e685f1852e358eea8ea8b81c288b3f3beb1f2bc2b8d3fdbac318382e3d7120de30c9c237aa0a34831deb1e5e060a7969cd3a9742ec1e64b354f7eb290cba1c681c66cc7ea994fdf5614f604d1a2718aab581c1c94931b1387e4b7dc73635bf3a7301174075fa70a9227d85d3 MD = 3b26c5170729d0814153becb95f1b65cd42f9a6d0649d914e4f69d938b5e9dc041cd0f5c8da0b484d7c7bc7b1bdefb08fe8b1bfedc81109345bc9e9a399feedf Len = 896 Msg = 518985977ee21d2bf622a20567124fcbf11c72df805365835ab3c041f4a9cd8a0ad63c9dee1018aa21a9fa3720f47dc48006f1aa3dba544950f87e627f369bc2793ede21223274492cceb77be7eea50e5a509059929a16d33a9f54796cde5770c74bd3ecc25318503f1a41976407aff2 MD = c00926a374cde55b8fbd77f50da1363da19744d3f464e07ce31794c5a61b6f9c85689fa1cfe136553527fd876be91673c2cac2dd157b2defea360851b6d92cf4 Len = 904 Msg = 9159767275ba6f79cbb3d58c0108339d8c6a41138991ab7aa58b14793b545b04bda61dd255127b12cc501d5aaad476e09fa14aec21626e8d57b7d08c36cdb79eea314bdd77e65779a0b54eab08c48ceb976adf631f4246a33f7ef896887ea8b5dfa2087a225c8c180f8970696101fc283b MD = 3cd3380a90868de17dee4bd4d7f90d7512696f0a92b2d089240d61a9d20cd3af094c78bf466c2d404dd2f662ec5f4a299be2adeadf627b98e50e1c072b769d62 Len = 912 Msg = fe2d8ae200e6657fdc7494af5a12b2ae940348f1f983f0ba98febbe99c80d115126d57dbf37296765ebb5990256696588b3851d54c8fbe7ade98a6faf7c20b5e4f730f54a7f912ca0ac31bbb53d17949ef69aa0de40c7bab12a871a9b90f68813ca87af4256422a268f4a1d8ec3aa1a947fd MD = 8025a8608df0f6a01c34cdec012d4cb25852e1b100b68172fc4e86ac8b7126b64859cb9e767a7e59060989cedbd925afc475ca7369bd43f85ae590e224e036dd Len = 920 Msg = dc28484ebfd293d62ac759d5754bdf502423e4d419fa79020805134b2ce3dff738c7556c91d810adbad8dd210f041296b73c2185d4646c97fc0a5b69ed49ac8c7ced0bd1cfd7e3c3cca47374d189247da6811a40b0ab097067ed4ad40ade2e4791e39204e398b3204971445822a1be0dd93af8 MD = 615115d2e8b62e345adaa4bdb95395a3b4fe27d71c4a111b86c1841463c5f03d6b20d164a39948ab08ae060720d05c10f6022e5c8caf2fa3bca2e04d9c539ded Len = 928 Msg = 5af8c0f26db4e99b47ec2e4a01a786e77899e46d464ac337f175027b61aef3149848af849d76ac39b9b0910fe6594817859e55974fa167518ed72d088dae6b414d744d477974fb719c626da792f981233de24b7579d8acca510a266d73c0ee8ee1424343eaf6ffcc59c86c1becce5894072c6c11 MD = 09da284d5b6556508be54c8ab6c97bbd472995c6bbd585917ecdb54ea9167208daaa070a7b2b7d8e93ce1315f0d1ef8d69667429c44dc5ee1499de57b229a398 Len = 936 Msg = 49cd0ba0df5bb3f43f68464e3e83e9cbd5d5ee077ffa5591e30f939cb30c93f7d454fb3fbf8bb05327a89c08dc4baf1eef50237317a405775357f1e0d1f31d9f0f0d98124019d47bf18363b1ecfbfe155c10cbc83300e01bc9ce0347c596b35f411e6d8229ad2855e42022b0373ade98663c6d6e9c MD = 30cbf0679a97c871574d2fc05d7aa760c6bc8a864b7d246c39b9e812f9b7ff7b4ef5197dd5b69493306688b8564de1ad47d75505c913ba6a78788f8caf5788bd Len = 944 Msg = a8a37dfc083ad2f47fff468738bf8b728eb7f1907e427fa15cb4424bc685e55ed7b2825c9c60b839ccc2fe5fb33e36f570cb8661609e630bda05ee641d938428867d90e00744a4aad494c93c5f6d1327878078590cdce1e647c9820818f467641fcd508e2f2ebfd0ff3d4f272393478f3b9e6f806b43 MD = 8e1c91729be8eb40226f6c58a029380ef7edb9dc166a5c3cdbcefe90bd30d85cb7c4b248e66abf0a3a4c842281299bef6db88858d9e5ab5244f70b7969e1c072 Len = 952 Msg = 36af17595494ef793c42f48410246df07d05936a918afe74cd005e537c586b2843701f5df8952242b74586f83339b48f4ba3a66bdeb457ecdf61784eac6765cd9b8c570dd628dbba6ae5836b9ac3dbcd795f9efdb8742a35bca232abf36eb3b6698b2933965802277ba953a6edcacaf330c1e4e8c7d45f MD = 158bfc348a30b4fabbe355a7d44bdc2122a4c850444c03f289003ce01bfc1ebf3ecc0febb6a8ff523d25db7681b05bdce048d11943ab476c1967cf6556c4a120 Len = 960 Msg = 42d66edc5f22e0c13c25504c5101a5d172d2db7209e461efa323c0bfaed27e5f808042ea9c3838ea31f9b76de465225ccfbd0c09ca0d9f07e9a43e3e46c7693e00a7e1d483900ddb0a629d5563456dbbf299ac91f92c3d3c17b05d180e6c87c6c93194c39d90273fcf4a482c56084f95e34c04311fa80438 MD = 061afb119a3c60876e04c10f12ad0f4b977593dc5a2d21096a57e7d3f7d4d44fdef934b2c17d7530674e4f4a1c176dbdcc54811a22e1b8712e4192fc2d4bf8e8 Len = 968 Msg = f91bb2e1a9c4cd96bf250426b3a6afd9b87ac51e93254d2dae3b16ec686ba80fb0bd7a84d218660e9007593075bc4f4c66567f0c7a5fd2010c999a8a0efa81f89ff5bfefe0fb910f0442e6d4a7c55bbb618c69a79a2ddd82a0938927f6fe3a80f04beaeb7c7636e3435d12dcf1c6bb6ed0a4edb69c9657fa93 MD = 6e692c8c694ee0a3565f37a299e0006b85ab4a821b20e76798220229f656efc6a20211a4e7e4ed77facde0d70e4d5d95bc8ed1d7a56d8df1446d562f044b344c Len = 976 Msg = d1eb961ca6a8f67c49b61e4d3ceaa2a1de6f0ea927b132bf987abdaa725b0e1e274e46830e99a2f75af608964df0dff9a99024fc6839bac5acd10202f921ac71a27fcda681aa3109ebf5f21ee3a849098ea3a551e844fae4b48b5c5bb97ccc802bc5520d68a14cb7e5fc056b67d889d876efb82d0e9a9a2499f1 MD = 39b2c76ec207120de4b320c7fe069e602c9c38f257596da7369395e87eb64b3acff988c1839ac269d5012c093f9edd4b7cabf13bdea7d42e969ab108269c6ab0 Len = 984 Msg = adf2263200f376886ba7b6f5e4411d5f07f7d9d101590c73ace114bafbcb0fdc99269e87cd2cead2a1cfe5744394d333aba408a07e21f30233b65b907472e9e3c7d6e7aa6d2c47a08a1be7bb877913a6b5604c723384478911c339e3b5fe527c7e288705a89c95d970b443347897e79f6c522bafe62b11ef8f3135 MD = 3c23d2d8cf4db6ac6a42e27208180f37668bef5ee0a3f879483c8e604e7f42583f202037b8d242c04a87345b8be6dc8b121d6484b9edad0d73c894c1288f5cae Len = 992 Msg = 18e75b47d898ac629c48e80dbfb75dae1e1700b771165eccdb18d628bfc4063dd6c3839a7ec4cd1255c4821b078cd174647b320bb685541d517c579f6b8e3cdd2e109a610c7a921653b204ad018d0340d9938735b60262662016767e1d8824a64954086229c0e3b5bd9ad88c54c1dc5aa4e768ff1a9470ee6f6e998f MD = 01c756b7c20b5f95fd2b079ab6a50f28b946fb16266b07c6060945dc4fe9e0d279c5b1505b9ec7d8f8f3c9ebf0c5ee9365aec08cf278d65b64daeccc19d3cbf4 Len = 1000 Msg = c2963342cfaa88ccd102a258e6d629f6b0d367dd55116502ca4451ea523623bc4175819a0648df3168e8ea8f10ed27354807d76e02ee1fdf1c9c655ee2b9fd08d557058dabdf8dcf964bfcacc996ae173971e26ea038d407c824260d06c2848a04a488c4c456dbcde2939e561ab908c4097b508638d6cda556465c9cc5 MD = a4d2f59393a5fea612c3c745f4bb9f41aaf3a3ce1679aa8afc1a62baa4ed452819418c8ae1a1e658757976692390fc43d4decf7d855cd8b498b6dc60cae05a90 Len = 1008 Msg = 85360c3d4257d9878e2f5c16d3cd7d0747df3d231e1a8f63fddc69b3b1101af72153de4c8154b090c9815f2466e0e4f02f3af3a89a7fd04e306664f93e5490d4ce7fc169d553c520ae15dd02c7c613c39b4acd00e0c9a3c501566e52cecea11f7303dd1da61abf3f2532fd396047b1887255f4b256c0afcf58f3ae48c947 MD = e8352ddcac59e377ea0f9c32bbb43dfd1b6c829fad1954240c41b7c45b0b09db11064b64e2442a96f6530aac2c4abf3beb1eae77f2bce4efe88fee1a70cf5423 Len = 1016 Msg = c13e6ca3abb893aa5f82c4a8ef754460628af6b75af02168f45b72f8f09e45ed127c203bc7bb80ff0c7bd96f8cc6d8110868eb2cfc01037d8058992a6cf2effcbfe498c842e53a2e68a793867968ba18efc4a78b21cdf6a11e5de821dcabab14921ddb33625d48a13baffad6fe8272dbdf4433bd0f7b813c981269c388f001 MD = 6e56f77f6883d0bd4face8b8d557f144661989f66d51b1fe4b8fc7124d66d9d20218616fea1bcf86c08d63bf8f2f21845a3e519083b937e70aa7c358310b5a7c Len = 1024 Msg = fd2203e467574e834ab07c9097ae164532f24be1eb5d88f1af7748ceff0d2c67a21f4e4097f9d3bb4e9fbf97186e0db6db0100230a52b453d421f8ab9c9a6043aa3295ea20d2f06a2f37470d8a99075f1b8a8336f6228cf08b5942fc1fb4299c7d2480e8e82bce175540bdfad7752bc95b577f229515394f3ae5cec870a4b2f8 MD = a21b1077d52b27ac545af63b32746c6e3c51cb0cb9f281eb9f3580a6d4996d5c9917d2a6e484627a9d5a06fa1b25327a9d710e027387fc3e07d7c4d14c6086cc libica-4.0.1/test/testdata/sha2/SHA512_2.txt000066400000000000000000000623751417716165400202420ustar00rootroot00000000000000# NIST SHA-512 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 64] Len = 102400 Msg = a1ed9fbb03c366c30f7513bc64f45ad979ad888031c6bba8afa553866bb3a468855fede15a658e26565075b8093dda437ce32cc6c5d04bf5d9f5f7dca26589c4515ae05af6799f0e4d5796badb3b7d843a26e805b21077ab09754d5b9b10c45bade75f70fe8701439f915c090575ab635d7ea4831f0fa891e62c3e4d7f3bbff53f0c53699a181b8df206b0efad74cdaa8af3488a355347701922b0f8756fe15ab2d3a28ef4b357b4efbf7bb2fcbe491f6b8ebc601b66ba10495f8ca6a6339251ac44352731e01c7f3dc3a39b19dd898ba856e84dfad06b391fecbb9d390f3aa4d566f47c7c27d3b7841a12f22c59f3b5e954b59bfa17c0b342d02425578b4119d741c7d4fb11e2246ecdaeff5fb8f167d58e099042c523455c13ae882830107957dd9779d625b28ea1e36109d884ea67140ece76fb61fbb912be430cd3850d8b00434ab136ebabbdc564115abf44467e4fdcea934c74b0d50ed7cafb8113a119777acac543ec35798359a8383d816c742efe47305e85aa62f8692a9b596034e9678afdfd24afb98983c90dec7ac2c611587ecb94591c502777794d3584f62fc5767ccda002bd9db66cbc28be9d8fbb1d7663600964c20cee34111a10295df8734c5721f8049c4bc8e63ae1f5ce70b35f2fb6edd5a7fd457dd7387976711bf9bb9223e04b53d629879b4c20db37ee16a02c7e59414b58649d07f752ad84ba9967f0e8f4e216f3a1ba30f9cdb6fd904da814c38e957858cf166c558dfe89c23f3d0daf440576791a2b504ad0cf4bdfbe3f908e73195587efb0af5a13b1a8b95507927fb8fb9bf2fca0a145116e4762d22d48e6f0150b6c2c33780eca0e0b29428b2661380eace5aee2cbf479db19a1f139e3d3edd0c18fef666e7a9b5dd7996e92725cac84d1db9ab9775fee5dea24842d0a5d5293a0799e123aa56ee5379241e31e78fca6345b27ec4d8d593de274f1cf648d07a6d0b1a3ff84972cef519b2348d1bd11bcfaedbd45f486a3c42818a2e89a6af55178bf64f5f359bbc34d3c7c873334d10e4e19c48a1552b237e598fd3f53fc02dcc12c4bbc2ff205a954fdb469ede425e35668a48457fa70e1407d6c9e384c178ed27fbe1be16af1e98e6733b6a7d6f5853a61c6fb6385c409624d56cbf0611db0d44027dcb1ca66ca2201613608102a3a238d90b7e0fb95f67293238f2444fa8aeef8edc546194e953853a7b0b99caa4b39726b7f7764cdf199d43ab27cfb9864492e789f495f9093fae66bee62825f00a39ac01cd0c95342ff9a05fc9f90dd860c6a303161a414098e4116b6aac830a08a8df55792310f31cb6ceb35360ab33760347d4537f1c2421ced11d13978047515d174f665a5e90626d35424e87201c16d15c7a1724d8285cd70c307b899c5c56df0a3c1f32cc9083756a8925ecfaf6a5a94760ebbc13c19c854931fcf345ad9b972ec82e1ce9780277d50474029a47b503af254ba54d8473620ebe32550abf922ddb6ffda933bb61dd0b20b3589ca3b768da33b160e3e573f5d321963f5a06cd0bb680184849df242d837a6e5f608f4f517f28b78f756910a92cf8a302b217cea936c5087a8a67cbd1c47dff97846ecf460450b8718093cc0472cfe35fb166f98ee29b48c083c9bb7244b7f19176c6d9cee0584ec783da28805b03d1a6c678e045307f53baa48995879a94fecdc63bd144b9bbf4e1fdb098b52c30e8687fc21534a6eda3b98b3bcc7a2cb141bce112485ff6d815616ccbaf1b9cd3a2153bd70b05bc62d35da634d2d2717994df55fec1790e595ac64f6fde1bf368a94d893c2410f77b4d0764293b191f7a52b5a355bf1886ac2f711431a83ee67c3871e64612eede938b57637d87c67d2ff5d047cbb3c6f63cfdf269a5800cdc6b0a12e1a93a07e85808be12962b53110708afb1a521fcb3a850eaae20080e4bc188b0f9ba1bf48b156fbc0027b857818c05a48f969c32656ac29a5055a2abcb2c2edc9d1d3b2d5d680ad1aa96914c254b777f2ff4750071f0cdb20eaae27dc0e776d65a270a2ad5dc748f70674899a2b1c86011636edf7fd6cc92179449fcc39ffb6eaf8c2b656acf3756001e60d8505b9327e257cc27d58959eb39a63b9159c226e60ba0f175a2dccdb5b8205c70d4a5420701462f821985000db35559d3e9ea83ecfd0a0ec41471923f3711be0b963b6fbdfcb30b76b256398a3326074cfa658cd4021bd5e9161a4f42db66e7f11b6a769d4312e26e468960d1279cd66511efbc4ba97ad95d4e533f7133946cd9eacef125530a46e13c7b30730f3e49a4b6d59ca4619bab8913a8fd3ace3edf2e7ae55a06dafd9b680ab80300686ec3945fb3a88eb902aef51c88031009aaa157522a2b821971627b47dc72d9b1b2f6ac73066a5b1e246649bf7ceb91847c45ece719e047bcea3e936a34ea9f89bf3565a74a4caa0f8563cf72f4012fbd384f67c04112c823dc8238e87de4a23ec8124852fbe9fc1baa2a2edd89fe5b12432050742c3d83ecccdfe458f3eb826f821fdd1c97acb1b1071bc065ab3d9432416b2f5927cafb864f9a1e225389c09a51a09c5aaa1f7b6e30db2c91d4497b8b97726d05e0359f7eb9534edb0929ed2ddb66fe93afbca9b19bcadbf8a1ac618cd9f891f0d217f034be9e1ef9815658b873b58c5e24fedd19cc7d56e07fc0f6c47d4026b079ec9e56a3dce6f44899a3b8bf2ebe20867076052765160fdb41abb0f5fb93bb342dea432d923f51eb6e4ebd12351c71609c15125104a1dd5088e0d0d88d7177bd46748890409098d63eca24016b1fc72fec3abfcdfe72bf5c1146a29968487c61e0bda5908a834f95a5a68c212340a860db476be295114c7a753db4bd3e714fde67361892b27fdca61d5453e610278b8003dbb5537af60b181f4675b85294586f546e501b6aeed694105429d4942ce729e0581a8512a951d199e1741f571a3ca132d6fa9f1678a3cc29366c5131d951baeb5d09fbeea3d7235faf2e56be8b53107d0056923785facab27ba9f06ba541af9f4b022c816df189eaf002f2eb603249bd6b2299509f122c66844136c4293d9476b2a19b5d604771c6649088802150995e87bd19043ca04d9ff0e0a8bdcdabf5fc1456cce5433f776c7d656bff47449bead6a495a4d71bbad93206aadb1b2340b9f0a045bb5f4007679ae031cb6a74ddece86793b506eb00acd801d18e8a2a011ad7fc7a424cffae225d9f5e76d367cbdf2d7497d744a4ab755380914aa336c3a92ae9ef0c74d4d837260166844aa3d22c266a267e08cf07ed25018eb1febfe4ef79f7189c6f56121094a4ce76189fad7e53a6a40bdbc0c25edce31e36e55bf15835929b54a509e84919f81abec5e1aa2045b8b51326205754dbc3b46c0f61757dfe4acbd7be46d73b3679cfd0eae054cc7d2ebe2680743369a21205a3c586fdbb248e4e9803c34b717ab8525ee03229dd5a6743a87322e307e06c7680b022d6aa58db88082dd5c186473246bb6e4db5cd7df0ca3b66c2e2a9f7218b7547cbbcc60bc0fcca8514e5e43c561168bda975374869d631d3cabeea56dfb91404f7fc98addd3131b1f71515bab2470976cbf4855a20ec3e52a0d423900583cf702e328cbf6eb9e02cf2cb9552c55bf0222b904223b470b36bebcef03311701a01d4db3cd113fb586e9e95dd850dc4cf484ee4f825a3083378120bdaa0a2028632827303535b79fcff60f068d20a15f941bc6f01d05b17311faa173d7935bf969acd868ae6b3ba6047e067c1ba38c400a6eaab19c47b222ebb2a8db31d3b1bcda31c823debab3104d0735872ce286367f050058a7251bd9ee2f9bbb61d208b8de3d5f296d2a0726d31b06ef65e3758a1b6931aee5a9d4e042fbe4dc0e984a369b5a054104c31f30be41e07b70b043850521a67bffdac57f0e9ee906e12e5d7e3c0f22354b8ee37636022bf5f551d66c66b5c6879cc0d7fe7a9e1400819b2bd8e7e41ecbe9923c3f62e450239bcc188a65aef8996564f0a4b085cc9498e79a8cc56261cc87d710d56a71b5cd0b2bef262b93a67b02cdf9bad5da7888cb1b94e1fd1053ffcc66497e7731c3bded764587dfec37f31a03db88142682a5c43d0020b7775d2e6146cd83b1abe2bae8b301f6aa4213ca550f7c5693f051b32b58c5921d1de51fed7f862c3f677b8ba4ec0bbbb41ba2c85df8c66c7ac04d7aa771cd7c548c559b191a5ac049edf4f9ca284b1e24024bb4d7c6a011f21edec1e192ff29874c136a8d1e3389f9c6b7cc0270a967227c79576e82f18f23936c5281c243e0dce38954f093f8cd75792accf3cb0dddd813917ac833a32c34a65ff32e0a81e87bdb1d21ea8291d5e58eb7c046415fc96c4efce38de19d314de01f6d9070a18a8dbc399825f2e5e9728dc572a2da877306b5225b6694c7e698c8148850ff8c0e3a0c448346ebde5044ffbba8b09f6d23cfd16ba9fb5509923ae6a70b16bc28bca955a6a8f8756354826c032b1897f921ee294097f32b4b7e5ec23ec089b15edb031ec6cfe1995d3b545a04c381ca14b48c4607ebf61f75f32ae5436d52e517b56ff00ec2a95eb24ee35326379341a426d1ae2a6eae386f37c6d61cdb196039901652e548f9cd4bd557ded151f70392bde4eb0fe8c07e21925b1d33d2852badb520ccb32879ec1018d8846dd75518c7c2ee852021d7f9744e1143ee1a3e4d5c6cb4e6e12bd0c5e95e8ccb629254892a7c1602c3e099b24eb20fcfb77aedce2dfdfa29d519a660bff19e3e194a9d5da23585ec62efaeb099057e49f5bb3ab707af1b1cf8baa5c378173462f8c7d89c193362ca6414bffb3b9085390fa5cc0fd4cb3f48b2d573f8fe1977c168d0ac4f76c0d6253118749c1e9b4d286f004cde7b998d336c34b807373f8ee2d22fc17da122098431c2749a286dfe9e7c94612ce4612e678c9d1df60dd0a14d9caac02e81a1226fccdc68fd4350bf219e29b402f76b4a6c7cd949cf6716da8b300a516a00874a6e6a2cf7ce568ab83b3d86ec679cfe08c8a2b0e69a2c575f23f4161b3a051aa80a737cca1448641273c174b264bb64900568e9995d46dc589d5298c7a579a465ca4f9288d70326f55193bbae003ce30baa354e0c229cedee82b156fcb4426ba8376636da1f6e18885e1923874307c4a14070a5e7f016d14858781a636e49b89ad7203268f57182f421bc74e635044f794e83b7d1d09cd290aa11aaa4db76d26235e64dd960f4ab6023e47572df1ccbbc5cd54c73c81636ebfde3ce6603b2032ad61e4ed669dfdcf5eafaefd448358291f3ce2c75e36c4683db565051efe391174432fe06171a5ddb0064aab37838ba219ad61e7e26874a80cbd2f70ea6f2c55306882512728e7639ed8c6eb8780ebc93d955eb369b4d8a0a56bf8a4530c8e706a48a8ba182216f3737d8038b4f9dd01038b35b4749a74d470285d29d964b3f57a69ef75c50bc8fff68b230d305cf3dc040583656387ddd625a8c97bfdf65146f952e32eae3481fb60781be38a38b4dca78ad440e71b88081e33da05313fdb076f9a105f543ab67879dad766430b8465768184d14fb3e7fcd27feb7003bfb5993585f352279cfaf98b19e1dfcb440718e99021813def9226dad38a26e5d4658ee3cd08d1b8c9a3f11cbbb7eab380a169892d46eb123d0b089fd542a4684c8f5b02c5cd48884f65e1b746e6017c2fe7d9cdbf41796d1aa734ba0b81730b5687701b16bd1106aca56de321f8ae85d04edc3fdccdb6bf071b1d91dce31d3fa0e280852654d5c45fe6d819034c5c70e04b0357fc282d8890cb35bfcfd40d85aa24eee97b210141d79ec2c1316d95cdfe60c19e940d384a263c1fac6ac0be6de0d32da08bae2dffa251b09452d8e4ed7924a97c4ad9718465e22dd02455ba68c351cf52ee58b65e5e9413dade1ac45fef1b1d99771963b7ae5202e382ff8c06e035367909cd24fe5ada7f3d39bfaeb5de98b04eaf4989648e00112f0d2aadb8c5f2157b64581450359965140c141e5fb631e43469d65d1b7370eb3b396399fec32cced294a5eee46d6547f7bbd49dee148b4bc31d6c493cfd28f3908e36cb698629d53701132f3b60a29a60cf5da7c157e939735077f849999cccc78210cc598d9dcae1304c4fb5bde5fee7cd3bc67a1ef03fdda965c4d1c750c928ab8e177f27dd1299b89deaf3e3a3d7e52bdb6488c814e16a7ec2496614c99b6c610b371b038c4e98f0a46b766070a7f161d92c7df1ebb0924719e066e08b95eb4914a5edaf1fc1977eec5badb2b0f18515a168ba1ad91ffd98d94464d8fb5b3dda46ee47690c2dfdc9d2361a69094728adc0b3dda16191f4fa9ccfe06cbd5dcc8afe6ab8efc5e63447f2853ce1ce0b4490b388493419b920d2b10d59fa26001fd1c7b5c291f18ce3afc9c385bb93d07164f6709d3165e7f9b7d267322fea04c0551f59f50e03748437c46ba564ef1937a105e74a27dac0f8205d68196c6dbe367b81c1b0a2705f8e967ef7fc6c3457ffcb6e66c085ecb69492deaa704e25aeeabb7b7795fdcc807b3255f2fb30081f425a9c7990ea104b7785c288c733965965ab8906057e8c99d291e5e7325eced197b51c9a4bb2e9f1e98f95ad9ebb54302fb226d79fb3150e0d4bab4f32571d1178817b43518ede4c8306e4635753d3e5c165d176c52a0a5fb3b622856ba767415d4614ff32bc61bddc822b54917ba9cc933d156e0641d0f14e77c8444ede41f3ce5986387fea28b84e87d6ebddb12a673dbe6f17e3a91d7545e728e67c5a11ab44525b89899677de619e73b38c92ea4829504b2eddbe246e22aaa0f644a96ada47c6e16cf02ff392be2c8e262e8f6de1eea935fd54ffaa2e7d28ecee684ab203410dd45d44350077acc882ce440529b6d61fbc1e09fbf338adf8495937cc9ba8e8bd90c4e64442ffb5e8fe166d92b259a82a4a0b4d21b43f4d8f62a1339d6c4d775c935e66bc2f8d82046c98fbc67c2cbd5f6c4f9f0f5184c454b560fc3bb863a5417864362b1ac369a13ab08f0f0bb29e35af4580234fbbbafebe12f236148ddb22ac80e50fb9140555f51787dac58db3336fa780fc234699d3e931a60af52e8166ac2ee3e87ef1bd89381886c85e0094df39c031f860b7d97ac3479828ceb84093f3e8c333d10f2ab1504e0c4629dddbafaa39e3b68c81f259d8bf392e25dd91211028f37053beb574fa2278d2ad57d01b2d6f36950b279d07961319698ee0eb948d8a052c7b72e63a72206cfc7d111aa82ffaab32612b01fa87eda9996e74b864c86678d6bcde457874e249320d9c23ed4e46b21d230ef9b92aa97a0c490ba0286d48befd9c535bc56ec2ae01d34b7440f4fddba3d545cca9fad10b50a3080b45c8cb581fae748187cc5bfbfa62c1a449a06a8864dc61f36384eecdf5010c82437748c4ab47a46f661a18c37a30710c6dfd1758debcd6167c356d4277e79b8db8056b952f0c856db6d483850fc0ec353457aecd800b34ae4aa8e6f937cb178609df8e3a19717a15108816c129a895b7234c7b46e72be013553bb662e3200313bf822b3408fb04fdf9a15d08663c0ffac148276572b37afe228a860fd88b00bf5f79ed036c2db870e8bcd0bb340fad8884e71d99c11667b738f1c060a67082d150433e48b16e07164436fc6a219810e8e485d86440e928e71f2de005cb54fc02386a894477506366b2ac3a859d79bc8466b0d245709040f64b8b7f5fb5cceeba8e5c68a73c696feaba8935ae260912e391f4b5cdee90527d2496f8df042cdd72b88556e17f1d8f0ab26a583459eab6aeecdddd6df98dbfe450dce71425193ab34d91de739dd1435f30ac2cc887830a1eddb8c3965fdcebb446c9c49f96f6a904b3fe59ee37492f40bbeb2ddb5d56afebfb3202d7500288758cea0bc1e8698aef922773b1c9d99567ca83d5dd39f9fa6ebbb615c19892f89079ba373b77d662cc5ea9965ed407383cc322bf5ebbd18c4f95d176b58802deadc3b6d16cf3c1c33380014c45c4666a286c3434c04171d7e720009053bcd68d15c16c64c6bab02ead8caaf017495bbdc2fc24e0b2695f5fcdd0b00d0c8592967119476bd95b2607a30b134c43a16ba58519915d9591fea67c2e8c474090ab7d3821e441254397d0ac51e69b4b8b1aa3f73af5d5fa69d42e7a9fe1d9a06c95c3e371af9f3b128a2c32177187af54fd5b81e6cf14414f746a31bb5d3eac67f5ed0b9f25d07b26717cdcb2507bef9d681ecd9389831ac153ec49f75ad0b511206b08f0c38f762de244f4b91ff27cd30f7022c7b19ce75df7271bea674a6af6c9c0741d2526ac67611712a22c75d78437f239f9d3dc2773e29d3ffb0f062e97368fc58aa7309e815255def3f290902f96077bb06ccb6ba18ad12eafce9e80511b1b85bfe627ccfa4a9382252ebd37438e425071f8e514757445507f027df0e2dc163d235e86a830ce52d4bc2d662d5ea51560c4e4a3c25e137c4dff571f009aede2445b7cd7c0d332161f3f7b25f2df6f03150fcca1e5ca0ce89f97491c3007e51233decd9597403a5ffa1594771844409df5d92d4a0f57a50c9ddd34dfffa846289423cd3a9c063b82dde505c41e3bce487bb76316af75907af147c6e4c00a8587eda0f8516f93aa4133144bb765146c852f012a9236a24396025d5bc5419d27d298fcdb5462872afdb229d2ab9d7caff6886cd037356c32f079848febc4dea17b3e8de2ce155f222aa39c372b27c30cff0050e0904c41d31caf63bfe2fa4d86f436daab29086a245abff1e5b0848608112f33f817bbb1c86d1c61882532784cd02a79a0ffbc56a5f03fb16ac6443425cf8dac7348344a77845904653d0ddd778181d140ac91932baddb6142f6d76bfaac7410eeac266a64d4edd2d394fcfb7baac57816ca28be29c5fb67eaacce8bdb1aab17c6ae029024e133335fb78030dd9e6de4afd3021624eb185bee628a125bbc7b1797e8695a1c3bd1dc663f283c21eef39d58518e59a18fcab3aab2aaae00e46c96dec5cb36cf4732048376657bcd1eff08ccc05df734168ae5cc07a0ad5f25081c07d098a4b285ec623407b85e53a0d8cd6999d16d3131c188befbfc9ebb10d62daf9362227a9a696bf46da1724a172941ab68892a4d441702efea1f00c92a4f323288a84e6bd721885112a14604d4690c2e96f5bcccdfe3fafb6ca861fdc3dbc04d2aeb772adead5db6814858387b00935fbfa7a35467c0c75dfdf930bd80246e3be49c3b1c138542a1440717497d886dbb4d0f6c586e25fe8418b20bace191829b504b18d40811ddbde55e01bc5e78f1cdb9ad766d759c070a374331305aabb3f7f8788ed74f0b9548bfcdb605905ac603aff25ff7f09b875cf42d7fec7deb58be47950b8a3aaafffe6dc682b9a59660f97a8e977c719ce5f8b9e11635adc9077ac8212d816da8743b69e9264d10c4491bb3c2bb8f7b28b96a030eb2a07cdd36a9e4bd53415a6ca87c2e95ef34645cf4e6e64f1a957fb7682d69f6c3c16d907cc837ca1b4e736ff35d366d6c0412d8daf77c845322f1d178cf4939c7fcf27b30423bd7e40d6b3aeb4b1bc01b40aec081aa00f2e3bc63ff61ac4b684dc7ae05f7c46b475c02845606c2494e7b5e8a9c8f8afe2b5ac658a9c960cad2b3b5e2b949bb40c8d1c26139bc5f49691ac258d53b26de8e06d5426906695239a85c431d8c9346bcf3c1846ea27e869068207bf33aea2cab967db3a5af427bed7a0f41ab66e907a41094605d2facab64e1dd767f056162f488042ee83a68a26ec76360db3f28ee0ed69f779dda660247267dcaf101190c094a1d06b92e68504e0eed23259bef745db4575ca9293735c794760bd1d46da25a5b3ced90f1be100bcef0fb22f3892531286061f7929ca056ba4a9b99f5fba05839c846082ac66c1876337b5bdc929b09a12f3a01bd12fc8516800cc1cc3f90837463a267403dcf0493190628cd982047bd38477fff1684d327aad1e1eda5fd7c89738566d870b340b4163e223d167f8bdb000c9aef33e3b16c2f8d62c0cb31a3e79c516f3a0bb36d47bf75d0a179e336990b1c1ae3d793b0528291ccfc1bf78a1d32b8e90b6b39eacc796faca15ef5e875ddd848939e1f40894871a8d61499afa8cb0e8cb31bc139b0d86e1ea3224211dfecd3dc64d3d0f26ee5bf5f1541a28508e9d492c7a9e3daa35103bf2d50323355bc912eee35733681eedd88002fac9acc03adb3cf721c5e0277c306b68560dd65c182b8862f509d40c85e9c4d4b025150acec682110c5346cb12e7dc52e38609e904b11c32e03875a16b50443006e59354a3328730298ee2091a89cdfb7337d5ead3cc33bbe06950c3e636887fc2b12e86ff46d1bd3e1fbecadb3dc6cbcdc84247cea35464bd446f5b40c3192aad30ef892b2aea1e14ade2f49e2c502abbe058e83d5f07973e70d952bf1e7e978f0bdd436f075abd73e15471ab7df280032720b56827d4bc2c96968eac703f3030ea019d1205a70123631e274a5935356e47a197962444394f5daff94fe0e55c5773617f5e4b5b51ebda4800c3e8a0b1c4e5e374117ede776f6e2b7aef97f782ce5107d29902fd1794efd8e35d51bb5ccdacef361f5c2ade547012f8d5bcfd0c5b2afb7c0c5116bae749d8b761bd0e9f5041ccc309e6b1d7c50c6c5d4a787f61c7a74367ff612da2a9914f66175322e0174f82051746fac88cea429094f306e9d96fe979b959ca37a56e46d7c73c7e88e87c1ae290a18e1a6fb19b79fb54190c5b2bf59c846276e0a289c4f2b99faa008c709b44be22f336370a8000c9c4413213826db7a6a4b7086789d19f35a52fafcbd40d12e7eeb382ac9cf80d446a05c3cb1d5bb268461814bd1775c6827694fc6c5079345430566895100b88b66fed2749a3c67512711e6d6cdbb94fe9396151398be6914d0e624fbb0dc15965fa81c656bdb7e7ec4c537b3c7ca422b2171f15f82e5c1319b0619fe73c23689a344a09b91335f23e003ea6f5a33f28253755af72e0e3a1023fdabfdf44389d9c44cf563c4c487d4fb467575ef7914789c28b896f4a84234ee356196bcf09e1b5539816a510f871689157f44021a26828df490ab714468246c35c1455829c1a2b892eb2bd094eb4d1bf95e763c87a7448b7189a11e532a4320874186407fb32470d18904cdd512fd265a9968f95225132717fa146654e725ad9268d5f062e0f5108de1a1a340acab3ab1c6b8c2fa1e92e3607871f3da4d4055ffbdc0f263b9b91a109b7eeb77f6ebbba75cc2140ff22832e36b561153cb37dc27a6b3c102cbc4e0120ce910dba0133ba3c23186d44e67b809791d7941cf508292ca3ad6c095cd24fabc9ccdfc36c63d3fad73760791c5c55af8448634e84efbc97ec2ce1d86263b4330f65d5a098932b355047c1a6ac6fd408f77b2ada467aa545af7f17a3b64a583f0824965b6c0bed78f60f37d17dfc2629503990c625f009be526fb77140cf62571cd3cbfccf123f4831596b04794b729af94a3d1c089b13883fc4694be839fb03b3381b89abf2492f69eb054687a3e1e45876dae4d6c1e82ddc46d43896d24acc351d2f0ce7f134b4068eaca08f4e9b8ed7850f2479abb33593bda14032e078390a48ae8c6b582860700a08187a92c720dc3e83e6d8a19a26cbf0776ba4acacd39a8141121f6f4cb90f27c2b92eb88d22d16adf31dbeac58aeba8ffc2d47e0f204e9290a5eb7dc9494cad82889407161d1dd1ca0e6ad05de85dade14caa9ec9aa8c42424db7ccc7988d63ef8f94c98a99283bed836d998ac988c7c4110f5301f9bd5800126ba26d2c3b12b2d51744111c5a70ef9bcc8e73b4d4be501ae9e6df934a9d71fdef48e38fbf82736203c2d1301b377a5b6ff74131a9592e6e229f8c0299d93e152b0652497f7bd93f4289f55cd35a33cd3f1c1bc86f610615a0c630ce14d30e630723e2e0e5c58c73bae1a329ea9fc4f822442a028e9f7f184da3f27d22558aed6ce9bade582735065514031dc8cfd5e401b996666ed8427e0f7efb992a255abd409e03cb3f6b7c01f9693fc2d5b20d9ac5c1867d78d7f74fd09e73aa960c25db6d8be42d0457086b90277ca07a0f152154a522cd12634594774c8136cdd2934dd9f8868e0eb4824c0197e53d1daf948198ad94e0a543d454ecd04dc7373f4d1d6e2c1075c54991ac34019f23285b33c37820013e9a404d97177200e43c1bfb531271ab6b91e0de9411add5da01d99aeedb48946d57225865e07ac216442d45f5af0d7ff7da3f100b80e2ade812f1700aab6b72f746b19cc72f2fbae3b73ed10d2c49b3a1082fd01a69e94fd7c16d5e20cfd2c664ceb4c2c4ecda11d6fd164aa2716d70f18378c6c8b40ae42f78140b362fc5b63a56f57165ffc3ee747e7d56bd66c1dd70b4e2991d498d94769ead2057b38b6a03483a52b150327a47a33b9d65f38d23a50135f22110ba86369a014488436e0b460b4c0db0c76fddd6d217c8a200186918d33878ddf2d9e3f6d6d820d3c7b4c18c07f3496a4dc13ea974db7f7c75abd85293b4d458d531d23fb9f95b3f27a6b35ca4f6aee8c872c549f24d69fc3a8e98daa772ad9aa30b7c98ab2e9ed44b8c0a3e4a1fe53122c89c3db2362f293709d0387937acac42af0989143d919b1baeedba6134964d410ce80d1e5d790c5564a8f56fce79959c65a09a5defdb9b8053855951fe69450f85d4429d8ceeab7ae64998f3febb5d97756954ec0c25dd60c5faa282450420727d8563968936108fd8dba96c8e1a0d1d268d3e2a5c1667a54a731e5dd112e6543a26f8731dfa437d8285b1424740ac15c234e17fa65743352b18534869399f9c05dd899b10e24a2a2c7037dcf1d242668f85c354b48f79fab012cbacd721543226d29f762a952f801ec4c3a4547bd8fad6a96e0f4c670fda20890ef2e1730dfee52fc16c33bcfa669fa8dd0137e174b8dec86a1a37870fbfc5a4a28050d7d0e78a1978e5f2feb1c3f9440e5b63ac2188f1083ddb3d968090e58c11c0ebf4a7d85cba4b4930045e8172c1dd1ba185e452559471bc253d6b35c969e3187c7399b6a43ac200b57508875347d3a7b714c7fe53928e23b923d795b9629ef2c9fbae6aabc1657249fab8bde4fd76686d00d175332b1a7abff1cc9afc9fccb59c35efdcb676bd08b43b750b6c0c51c68df10a9d3d869f28004e532bdc49f4c9bbc963f410815128bddf4759359ce92add917b5fb9cca49544e372309f889f96ee5e139b000ba93b2e8f368f85d4c8fa27852ba4ee24b229535733928e835484ff9c05b7cd3c4eaacdf24b95a5dc75a03178225225b7504cf4539e37f1639bfbb42d4331c03bc7dc63b18d53dddd7882c4106952a6ac0666f17fba08104ffc63d7b6d5f221319c38b77305b274ff5a0aa7f5078db92c5cdf10828fed327000242ee2c1e13845562893e1b998b469a29ea4d004eaa65fdb1f1a0525cfa1ee2ea6825611e54ca07c12bda2b3eee344d8a881496950b46c0a8ed6af8594a3f00f519abdcde8a6699660fe5ffb9d4ab7848f07073da92c7c71950e29b626819e298e40bdfbd18fc92d791ec0978c31eb2fbbfeb388dc56b6999a881ac06b832107c33afea5884de8c8c5e56c91a2df0760942ef453d17a4309070d2bac4df0a12e5a5129d2f428edefac1b0cf1c99e34a0825e73a570e04a4942650481b3124528b94de68bff6a002a968747bde8b49a76ed58d886a1d0f4e2b5584c47842f367b4af6dcd790594b02ebf2c6ffe66a606a3de2cafe4c91695bc6aeab06aa909cb27314b4be903ff3fe132431bead08af04dac5f116596cd03cdf2ecbc70c7d9e529e6e1648e56223a777e52f0324d6aecd2cc9f6d5b0a9510e67a25191923d64e532cda87e780b01837dfd68d5331c864c9cb5814439901658c6d0e86d241a17f397f915673181b51c8e33853cc2215e0990533969dd6844a263803662aa5adf0234ba030bf80e68fa13502e40b92e5f8d7169c74e827b0675a87ce3780c46e39c73d81b73b6f842a3721d0aea008bb05fa8c0d2fb110f8257fc8b98b732264c48bb1a04a651886aa1155fc24180807b089b200376736de0d3c774fd280542418f754966acb306097c62e1fd4d1f55e50eb45002c98edd496e7200b9d26be1ebf7072deb8ec2ba46bac36a6417c65118fb5a1a76fc4ca6e5b263f775be4d4d720ada8e395368eb4ae59fc19fa65ebd3c56f44408159412db260321d8f294ccfd505634f8038ce33c845daf5503cde178a8ec975f1e4d675452ba458b7826a7b450e3e7d1a716e8452067fc2e34fd05f578a9db241e61ee77bff12d3558ed26c092ea6e6b46ed438d402470d443d471db4e93d8fe1eb7ef6df40e9f7f98d090499ed19270e8fb3c3b6cfcd2ec373c6c51b21255962537b25d797b641042b62f76fd021b8595271a782d57ec21191c407f2d8e1c933bc97e70d79e44925d89497036e3d1545659276b099d8418f05b338e466ff39e68559dcd95e106aaf230275fd1de7b853279a93d8a36637cc4e38ea6861da35fb5c3559e3bab74020893116a565ae3c03270e915388b51f39e9b99ee7401f47d29fbef0852635442a79a4eb94ebfcfac5d242f1c9a021625856b9b8f9881ada1cde6b23561736f12d72d2875417408f1bb7ec379380479bc813bdeb17a069872a76ae84df0428d18a134e5c6b5e356385466ec559afa435d9af3a87aa3f97b99c270d777873876ff0c97ced33473802931c5f3d8494a3cb2d97c42159ac01fbd23e1c9dcafbdf16d213e2bc5458c506b59812029cc5e2c6345bcf4a8e7c54c87d4a304a4ef39c70be71144c371968ca7d484bb71ab9cdb18e69c055c136ec99edca0d1f6d014c08066f960f63ef9fd84abb40cd76f6e1178c504bf58a52560ac43be77fad9b6a474a6dcc986361e6babe5fb5b849f3b952be9dd68c52551d75611e740da92883b91b0a4c59ae16b9ec38a40efa0c36a30da5b0d49ca1b59f7464f0272bb83f04d7c8b379d5ac6495d75a36b11526365aa2d217eaa9010a7882405f756c83557a1e03f7f99ef6d217169366309c20893cbcb4516d33e8ca2529739ae34262f260063d56200815e59a3464e121f19395c5a5dcebf0bfd15b21c48f50e5400f9c332ad54ca1c37225bb9b4f05f9b7f7f28218ac5609bf5353fb0df4001fd7c1c98ff67c49e333a408d7b5d2632c41b615fe6fb31e1cb4d73b1d403236f78c21f0b2f392dc68eb24059b3e6f773e316676972571a29e32e5771515ca43e0efb8a8689ca982975c6ab2627fa6c0a409719af8d4789222bbf6ae5ef93ce57044fe670d6c30cb12f9e075ba03f8be023c70097fe7384b3eb2933767550a6a2a5e5b931decb92450663df62e65d5edbd4cea38a8f8216c46a933b8cad3a360738e68e31698b31cd403db8a2c1fdede49ad38af1061d443ef12608905dfa856f0479ead73fabf13226531c83f9c73ee4bffe3e322ceb1807c80924e84e389bc052c7578d27d2da5a00ce926d55625cc1897846b7c9959908376517fe489b81e46af85cbbeba8f52e16d5a3c89f774c6541692ae6a5c2cf298662673913cb3ec1943382c751d74996af91d5fc9dad17b62ef97329871bc353fc279e007671da4118a04f1a2204de7b152ab37118adc69e9a4ea8e739477c6ce2dd43bd3a355e4b3d684d1c25d9bdc38ec7c290d71e6104cb93518781ef025d80abdfd727bed1c64db3043524feed5863908cbfa4a9eecf0aeef77328bb5e0f1ebaf9b605b53b9c8ea8fbcee51b7620dcae986745f677e99f872112f6529769043219c29cc1a4b44970ba4d32d7610540496ef183ac0339d28757ccb25db5527a3ac863b48b15f6c532c91cd1dab5eed98897c326739ba7eb1621092683c1b4c7fa8c0114ba954a4c17b1a18acd7ac2ed949a47f6f5461b315b0831186dc276349bf00485f72d982447f9462758b96bc595ffe4bbd70c7ded7f93ac51c3c080094579d4cfeae4c896e929726e2279d0a9b24f013cc4f5b568a94be3992cc4ba8e1fb1d9ba3ac2c2ea26c98c29d4c2d9e013110842620aace702b63cb750d40c0a521f7b0e90cf6e682562fe1e159c6eb4e1cd6095595248b5b25e2075d8fb5ec7054b23929314b5580f7b2f168e10776b440b71fd52d57219e0cbf8996c3e980b61be370fec987d010b9d87d8e725dc4e6354a342f59c135ab5832aecb3a7a21f8eff214d4263b0ac424f6e2ec7e485a5672f5e2be9ae11c158102036563d644bb39647143e7e34a1db194cded6535bb877250a81d7145696f1fa403ffc08c6d6f90c132c88f0f328ff8389b1bd7d44cebcbd0f0c66d4c821aac7f4ce4e11b10a87e8eb5cc7c1d389d6168d6f246729315e7fd5943ff851a9a901a3adf45f0b2d86b2396da3fabe0b8759c1e0b21bf32784f3c5e10987d878162fb4a295fabe881df36428c6a29bf73bd58bcb10a088f956a245ba6d8a44d41ada9176d9ebb0637531d452d5c15295191054fae6fed2effd13bee913087f06dd89a1f16a39cb06b5f7f1b67b60ca2d4a948533db3db850a1ce9934a209705586c44cdaedecf5b806ca231b5e85ed07f5e9843f97662166695c3c64c396ff0b3d14fafb0d0d18c29034d248263ba26b4395bbe6c381f7777e4411411db5146f2cff131a70a31b6c7abc66067c87d1a05c2290ef079421cc080e7e92597197c8780fff00beb6e6feedeb471d087362ef67186d240aa987ad2e43ed211ecf705f4ccc2775a04f61c01047dd5571063ea08cfdb94b75c71161186ac5b415d9887ccebdf140bd7474fa0c5a91765f484bfbf55bdc2deff7a732ef0b6e14e596c566266ac62bbf3007f308acc9477c427247c7b93e9221403166dbae5009370e10677d5b0ffc4b8802f42dc3ee916dfb9cce2da04742b2aa974603dcd35ab34a52c5fb19327c0c864d45a229691cdd7bafd64d975f044b3dc11a901c5fd1005171c9c72b9973a731d02e9066a0b072cb95a84f26eea19402972aa9f75c34c72b57bb0a19aaa9c79174f71f00fd15d4f2348c5cd55ce2340002bd77f4324cafe1eae3eb6ccfe512af1fe77681e712acf876c99c2d118cd43fe81d229b49e1617a148893ab6ff13092ba47be71c671a2e641a936b5756a1bc83390d17409bb84febbf4295ef193ca422e5f1e5601f85dc37f7252f5f043b2a2c95fac08dba1c176c96dd60dbf9488c86177bfba02708697176d1a76ebde40d594d2dcde255cc0e9253cc24140bb112b3dd7c92430a0c46bf1e2b4bfcc046e6a7a30897e50b5285fb7a91481dcd20e73a9c7631df352c046f5194859fd7de46865c3da71c571a2e067fbf556fb9f26a98c8eb52cb34c22300b59ffcae41149d73cd1f83eeb5bd5751d7c8c4705ec02d4d075e8d9d85791311bec009ceb8846c0e7a30b6d293a6a25c17202dc627f49fc5cc424acca3bb5520d18745679a9822a4d813a87e9d508f93b267e9d7b20a42918c3902ef2c0379ac9268381f53da61d58b2ad1392f558f773e02913b699bb64ecb955e6b6aebf12375e54a4c90c59a1ef808d998c62012952e82ac57cb135b4c0f09a5c7fccf4c0400710475cde44bffa3102a13ee4ac97be85aa3b362fbb227cae8819b6e37faeca6adef3167b0e7e620e33b412430148a000d1fe4adcf4b5083c47a4c1bb07e4bed0e72e5fab60e70d5f49596f46a744e1a1c695228089754ce2fe850a1c3568057f53839f35e200e46c6b19bdb7479367b0b28824e3216a31e7d645f7ceb14485c049773ee23bd3cf7cc27b655c883e1c75bc60bacc659d9d95f66bf298228028daf194a47a1468b7d97607cdfd134be7380da44b04fc157932867f62443122d51774613ac514c582c9ae455e648fc5af40ccdc3e5490daae07b00aaf98853474bdfa66668ae4f41a9592be8058a5b15ed62291fd82c6f5235c9a93405dc7bdec15aa2c91932bfd65854bf99ca0fd19db423749ef56486dbf796ca27f5a9ec62767ad3a24a692e64de0017e18053e040ecc328f7c9abe4a6ca54fbfd359b3560cfb2b18858cc1b9b9f0dbd65e4f117bdfbc3ce80c14cf9511296b73a420ad7583184b4f1e0d5f7e90fb0288d4461d8536597cde078d2455954de7455b79352b7407356656f0 MD = 26263445024bbdbd0518b331a7ab88e7bdc8d8344a3480d1c19ad0e7c7cb22447cf88e53d2536fd215e25c5158dbc52ef56585f7ab5b771387811a9f9afbdb7f libica-4.0.1/test/testdata/sha2/SHA512_224.txt000066400000000000000000000644551417716165400204110ustar00rootroot00000000000000# NIST SHA-512/224 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 28] Len = 0 Msg = 00 MD = 6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4 Len = 8 Msg = cf MD = 4199239e87d47b6feda016802bf367fb6e8b5655eff6225cb2668f4a Len = 16 Msg = ca2d MD = 392b99b593b85e147f031986c2a9edfdb4ffd9f24c77c452d339c9fc Len = 24 Msg = 497604 MD = a9c345d58a959af20a42c84e28523ba47e3bf8fad8e8c3f32b7a72ae Len = 32 Msg = c2eb0c88 MD = c5b97f1e46d91c3940be8cfef1e49baa77b475db943e49f00cddbe72 Len = 40 Msg = d28bc2aa3f MD = e79de552120a87585e7313e24ecd74139a3be9ba2812936c4b33ca23 Len = 48 Msg = b4142ca79f6d MD = 2a0ed8eb0e18bc189f5c836dc6a5825baa6f7286fa5b9689b641bb3b Len = 56 Msg = 8daedf3c420c8c MD = 4edac91a8eba35a1431ef4d49705db12da382a786d15636774cbd708 Len = 64 Msg = 6963446913771410 MD = 21f6c373637e6a5e89d6e88811110c5c3fa12e497144912914c546e1 Len = 72 Msg = 6f316ab2b40f096819 MD = 5899542e9a78d1403929c4346993e213b83c32f91274bddbc63e4192 Len = 80 Msg = 5819a77fa1a8f9c35d17 MD = 2e944a5c534b80922f6c21e97277b4a01a4a0fa652d6d40b37fb0fc9 Len = 88 Msg = 3c7e038401fa74c6c06e41 MD = a74af68819afe81bcdaceba64201c0d41f843e4b08e4002a375be761 Len = 96 Msg = e243b9f901855447fa2af302 MD = 330c77ed20dc93cabf0df3442c620c9df5c7a02d7c79fc1d2ff7ff94 Len = 104 Msg = c5f942edc46407c6019cd926a0 MD = e180a0d83683cb7e79d812ab5d4288399c78895c6a918e99a2839155 Len = 112 Msg = e57d4c478ad6a64b8bf3352e75b6 MD = 18b3e8f5a1fb603c67060c12a736e57c5ccc0b89fc62c90b02dd926b Len = 120 Msg = 32d049928a583b5b954785805d8b26 MD = 18f87e8e6b54ec4336442f76eda0b32dcb64d463c0be69e348f86c34 Len = 128 Msg = 3b2542cb3fa560dd0d796d59ee151fee MD = dc4ab34db241b3fc2055c54f70a8fd304523d8c4202852f5f077644f Len = 136 Msg = ecbe367959a91b15eb08048b33752ef76d MD = b76eaa7dde45ed50c07b5bafafbfdcc0959c1a64eca7adc391aba245 Len = 144 Msg = 40bd7d47b636c2a749a247fdda75807c238b MD = 087ed68f1db90ffb2fb4ff7dc4b17fe08100b64383850378ef543339 Len = 152 Msg = 331c8939ef685ae0efcd4030378a8b0ab720c7 MD = 97874d56296a28f8df280448f76a9e806605da257a6083598f232e4d Len = 160 Msg = 26634d1eb3cc2793830c97f49674bda74743eb8f MD = 8294b112588dfb9c553ac88fbd8441722cec6a1d435311fe72e0110c Len = 168 Msg = 62ed23ab88c30fe1350f702f3b6d45253a0fc6aec1 MD = 309db70638771e2eec309abfda219e5f13bac5fa9d5e84e727764bca Len = 176 Msg = 827dbbe36fb2663c95eaf81c7ce441dca66405050ad8 MD = 39e786a93dc90e96471e466950a5a0f7f142ca69c1251b932e8bbf45 Len = 184 Msg = a2ada61a95cf8fb6f93cbd0aa67b70e286dc853afa51f8 MD = e821247c7bc7ac8ef07fb31ac25fb48a3fbc50fde399a3cb5889545f Len = 192 Msg = 5633ee7b8870002c01a3c6f68f7812f13adfe0bf6fa794bf MD = c34b467858b65202fd8c73ffac67cd8ee55118d12beb2b110b63ae43 Len = 200 Msg = da1dd1ebea3cc9474cf255dc23e35695026e86d6093abab251 MD = e650802f29ad20b900148cf3e9361399e6207d455257fbae3efee50c Len = 208 Msg = 8f71c9344ce6a535d104803d22119f57b5f9477e253817a52afa MD = 6b3a288bd84137cd7600ccf2d2ab9b797d0e87a18ccb468183396235 Len = 216 Msg = d668a21780594024db025dcb373ef3639bcd5743145527e24da67d MD = 2b93446d3aa2f1f9ea858e47806cc472f40e33085b7c7a6522cf6548 Len = 224 Msg = 03f8cf98035eac158ff18fd93b44cdb621597255d7c3d97a9e087989 MD = e1fc5f508deed8bf74883b6fdef8c3e0c86306e7f1d6300cce4d36dc Len = 232 Msg = 2a1f57998360e9216f5040e8f75f5bffba4368eeedede54aa0bb058a43 MD = bdc91e679fc2f4e40af13f03eca3f61a7ba33ac2c613d948ed7fc0bc Len = 240 Msg = cd5fee5fde5e9aa2884b4f4882cfa7d5571f8fd572c5f9bf77a3d21fda35 MD = 72b43417b071f4811833027731b0ca28549c0357530fe258ca00533e Len = 248 Msg = a9a73038a28e40feb374819df3a26db846fda284de7e88db01e2348c0ca38c MD = a5baddceed5b58614c95b8a621d58cd4b12559bd34795ef5be9cd603 Len = 256 Msg = be4850f5be6cb68cdba5948e3b94dbbce82989aa75b97073e55139aac849a894 MD = c11eedaadc5249cefafc5a9fadf39e812db700bd2767b8de1cdd6099 Len = 264 Msg = ced78bf0734a527f5c07ef6c8adf80ae252b8cff100d393ec1f8c01150721fcecd MD = d4237aa1956d37a6dcab7b07269f18228f7e3156c3555cf4d3d68c1a Len = 272 Msg = e400bc8994cff23eae189df3b1e7e440a6b5b1786197128105b5dfe2c6fe9d1ef31a MD = 45351adffefcfb5e39085461f8bff5f5652a5aa5a0401f04d4f56452 Len = 280 Msg = f15284a11c61e129ea0606bd6531f2f1213776e01e253d1def530bed1c3c42b3c68caa MD = fa425bc732d6033566c073560b2c5fe322aa4fa22aaa3ec51154ffd8 Len = 288 Msg = d858eed942fe926b52bada623fb8d0f18458e4163332e1c18c581f38cedafbba4d908462 MD = b2b308db948d7169c8eebb4d7a19be96d5c4b5849593ec587d3865e6 Len = 296 Msg = 78b8ad2372632398cf56717df3b141a4f38d5d83029bc1f02d07f52949a39917294141d414 MD = 71be05862b44e9f57ad9be17f1de185471eabd111c1725e835e09625 Len = 304 Msg = faff894c4a2ed70c4c9d6703b6bc3a3d2b2cba8f04769de350fc0cd01930056eea03fe688da1 MD = 59f5a8c843b982989a08e6852e34f0c03397c99a87864dfb1bbafe1c Len = 312 Msg = e6065e1eb7cf901c3b08dba4aeca7d4673c3fdbe60391c1b5d4d09202d7dd4ea8b6d25d379e72e MD = ea8564c988cb67e302bd40df21a5f796a0a116846493c86c3a1d080e Len = 320 Msg = 029d14c5a4a57a649a86c5f2e022e6ee098f29c9d4606548ff2775296038ec0931af0585acb4d9a0 MD = 716668cba7b1c0ddc1c4b3e6fe3f8917eada62506b6855e5af2b54e5 Len = 328 Msg = e3089c05ce1549c47a97785d82474c73cb096a27c5205de8ed9e3a8c971f7fa0eab741fd2c29879c40 MD = 75a0fa978c45d268124d8cd9ef0a08ecabbbed53412cfc7cb1c00398 Len = 336 Msg = 901db0f70f2d10626a8af408c5d15196693d49382178ad0de3b1c1d8b3ef3ff8c5a59e9ae286932d0c9a MD = 1470a4199fe4c7bc330760c1197e79457b1644764e28a62d386a78b4 Len = 344 Msg = 0431a7bfbbec1bb8116a62e1db7e1346862d31ad5110ff1bb9fa169a35dbb43a24e4575604ec8b18e41300 MD = 1e7590e408c038b794e9820b25d011c262062b96d111dccc46dc6783 Len = 352 Msg = d141753cef2e1b442eb01708f46719cd8653b22e1d9709073d7ccf9242b875d03cf19c2bfc7dcd596f6c6a83 MD = 0f357b8ca676a86ca63620b2239327accbd4252814a6b8c56895ea58 Len = 360 Msg = ce94e0126b020d68115a5ea41083b4717a13d9c57a5b6d0ae7a3237c19b62dd2fca2f42062b90dfc9edb68e04e MD = 935d391d626a135772319ec93fd652bd9fd5680107c987872ae67212 Len = 368 Msg = efc2d81b30043bb26c8d2c7a7d5bfe8ee579e463122d56a0e172b63060a83495d88bef7f0b625c9dba78ecb36ad0 MD = d9214789b7b736a7b28cebff8829a3999ff0c7496095b130c1e2e829 Len = 376 Msg = 5b27d6fe9981d136b52157b839bb5b78d7844df5a397efbe80986435d89889939139892c3c13acf58f56704315b0db MD = 4c792bb6b1e33a3a042dd4a69ada802e3ec0bd839daa88635b225efb Len = 384 Msg = 4dbe1290524bd73d9db5f21f9d035e183dc285b85ba755057c769777be227c470e3679ea9a7355d889bb8191ea2ea7e2 MD = 33a5a8d6119bb6dd7b2e72ece8e4d5d02aa99048c0459169ee9e6d04 Len = 392 Msg = bdfa173995a5b99fba74d8e255b711771731a8e1851d7dd693733b9d7567d3bab23229cd7a160cb8399c6c006c21c776b4 MD = 33c934b5102063213e7b53675c47b19c397fc3a51fb37ab46e179b10 Len = 400 Msg = 9463c563aa1fda894757398e11b04a4b4cee0dce9dab01ad134f449a673cfb388349f42e42728a7977cec90630c1d3803c72 MD = 4cae18a39a5ca4512b959da06bc9d63d07168084e35aaf03c8ba5d8d Len = 408 Msg = 2ee6e813ec84c2aded5800fc1cae94c09054e25d6bf0c4d10296d1e83e9adfb342a3c6364d016761e241ed4227fe53788cfa27 MD = 89c6929b3c19a1472a4524e1427823768e46451e48faa7a7db7c8604 Len = 416 Msg = 864833cb2912fa44929287bd0db7984968e5920d49f9725dc48707222d655f7f2b6e7fb40e80564263c7f450c53ef84df67247d7 MD = 2c102a8349c4e362abd6a258217763229898e27c2e721c73bc880752 Len = 424 Msg = e4dfe69723d430834bdcda7fa138f1fd26f22674be71169d914acfe2b2599014ff11d15c48108374b3f699165e78c7b547b08a6c69 MD = 52310bacf78ddd40d7e93eb321da4de541a7296f98f0ad9745915887 Len = 432 Msg = 6a3000176d0b029992d921e102eeee94dfb9b029d4019e4af06f517db44d78036a8dce00b90d49dd771994ebbe32c049420d3707e1df MD = 07de1ed3f8ea774a8e5e080669206c8572edbc3f165870913ab1e4f6 Len = 440 Msg = 55cab876556079eff98bf7b90e318f8ff583c2be55de882c0defe6996d1bc225a51ef7127df2a5cc47f2ca26123f17e72163fc859c3406 MD = 811fd907f3f74b9f214193048d70eda44f3a7465cdb882173bf79a0a Len = 448 Msg = 5dab016d4feb42ea606123c0ac4c3259cc7177af9cc955a64177b29f6bfc584ad8ae9abb1a673ac1997a8a73dbebd20b03dff2f89851482e MD = 340b5a71ed65407a686706b068edb92d0ad2a079c1c88bf78ad8a3a0 Len = 456 Msg = 0921afb403afd31e8b0839dcc15ba2c0fc32bcc90fa78ff8ccd51960c78e357d5d4cc2c6f469008583923de75679b24f0bcaa8f0e161df9b32 MD = dd30882cda2144b31ab179e8f905460168b8758d8be8d8078dd610ab Len = 464 Msg = c0facb87b9283d87fdd02760e4fa437b896b13de28786ba0cb192f9f263e5e75bf664fa7526d3b2073a5fcde752914ec8b6ef1902d1b70c5bd1b MD = 1e7adf0737572d1aaa5d4c917c94d05dc092d6e59059df659490f1c7 Len = 472 Msg = e0eafe1aed719fd7122a3edc9df7c4bedfbc1b0c3b1be6317c826f9c6b68e01ea2d3b7939b1e74c40cf9948c77b1c33afcb24e37734ad7e9b7af4c MD = c260130197dc7774313c75843dd820d589a68df59e1aef7cf347f565 Len = 480 Msg = c32ad1f821fbd8b5b7153ea8aa11055ea8fbde548660ecae28a8cb2ba2a6d1599c6e9305fb67abf6bea1b9db2568a88119193349c834a7da90b3ea13 MD = c91ee4c740a5663b3b19ed778a0516c01a3c0cbd3dfd6c09ef1afdb9 Len = 488 Msg = 2657c625f5ea51f66b1375f479123d863ba0514d208430574c61ba963ad2f191a6b8005aaad37dc02790ebc566228353ffd4342afa9ee81d35f6097e05 MD = 92f1334f253260e513d5e6f0d1a6af6ed2fbbcdb7fac85c39d6d4040 Len = 496 Msg = 5655c3671fbd8288ea14944af925eaec653408f56233650fc4391018c22f9977facd2facb6c5062b6e3dfc6b8e837b3a78fca153cd5e9e32e91f5e27ac2e MD = 58d6e83ba02833ba0e23fe3472d28e8f986398620f7464ff18e9f6ea Len = 504 Msg = 350bd6018cbbed86e050b3e7e60683e1f619b73b4c2e764b74eecdbb00f4018d7ce9245da4ede7e6d439afc8bf03eb8964a2a4d93ef3551abbfbfe1ff0ce74 MD = c8ec854e632b2c132d505affe1bc00ddbe99452e5b59ba76a02dd838 Len = 512 Msg = 4cd27324c28364873c6ddbc3e3a7e2cda9e8a72ad2f72201b262f874b8739f30ab60c34334c2e92f9d48533cd8ad2312c3e7c386aaa283b50dec844fa432d636 MD = ced6081761ff5259f132aa831b7a1b432d093fc857da0eeeb82be71f Len = 520 Msg = a4f2063fe6ec17550d7aa831091952dc4dc041a283c488187ef9b75e701ab0a25d6ab6e5cf9cc702ccf02cec05a04e37507acbda58cec933938a8b4b75a4425ce4 MD = af6b7fafcbe9cb25003c5702995fd656365a20e113c8e5b10312cdf0 Len = 528 Msg = c1d30f33ab4b410d0f8a809eb5cb681ec9153bde26693b20d440572cce350aa009fe8108b3a0fcaeb8e376b48b04885f23ab8bb6441cfd4cffb1255a7c88fa10f779 MD = 408f4fae70d0fd745ae44ed66740bdf1fec0dd4e23db06920c6f8ec5 Len = 536 Msg = 61b34b8aaae2e19e2d61924642351ade2baa6925f7a3a735a72e76b9905b775a004f0f7a24946b2529b3c144a205d9142ac6cdd74a6b0dca9d35a5563107c38a317573 MD = 19658b285db6cb9dbb4ceabfe671434cf1b85455a8b4da385ead830c Len = 544 Msg = 3413b09d3d12a333680f798c0e488776579d3f6a65f20412ced53c085060a6e1c061ed6a44b97e31c20297479875a1458e0ac08d08e0a8d281e0b2db349e2f831c7ffc05 MD = 008a3c6ca57853adb1af5d44595e62016b7af47226492b9f3c1a9713 Len = 552 Msg = b6e690d17d9d7f07185502bf6d275c84e3ac4f5f77c3d4b30d8e106603be84410c11849a3c18ea305f3e0b568f06ea540694ac0a306f4cd6048590b895703cb4e4f78578f9 MD = f51dd594c7dfeccef95e3d4024bb00f931a9e9516958c32d2259f5ca Len = 560 Msg = 13e6b1b4f021d610c81c97f0f952daba2766034d815b5dda4603bcf788ba60ee31541d5b4353b9f6645d96ad99ee90f6524b2963a7b7e476e1e8eeb83cbc0305eb29902a5d72 MD = 09900c5ae3074fe73e6c4eef51f785e57947bafbe1d8dea38868e3d1 Len = 568 Msg = 3a300f9c2dc3531917222034791824b49436be4dda760f67a21e54211fe77394935fd35cc08c71559fd231a2551672f46324e4081d4e9e725d566b9a788f6504713ec6d46d46fa MD = d71c18afd448113a45d06ba616a1945a567e26f336cb94a45c2519d7 Len = 576 Msg = 81c64d2313dce3126ba16d3216c0f334910f063b00720be322fdd68285587baef66860ff3c2b971506e46bdd21793911ee1982fe14213d8a7241727558db04dff6abcf0b14adf262 MD = c85acd75ec4ddef1f179f98fdcf8e006a1d80afc14749310aa97599d Len = 584 Msg = 09645b920bf81735d6b5caa43bb76dfda7497003a6595c2ca62ab7f5fe4928792ec2db426893275f50616eb6016a459c50bbd5a354a381b32667ca5de5376f6bfd61d8bca9c5b44fb7 MD = 650e31a81dcc7f3498900d205d611b101e89d7243e1dd77551b6c422 Len = 592 Msg = 3fd1d8fb9e7faf18a49a1bdc77fba093cbe09af00d461999e19aeee7cf9106e63955f7a491e1d9a8c9ae57c00a8f0500a8d9f50756c88584961e7af9740d53bf7457d74bc9b4f1afc774 MD = fb2589e942890fed8f99ecfe02d3a51683a5da582be9dadd25305d33 Len = 600 Msg = 5af0eb316e793fa9ea9d5141fa26cdc3cfcf9852976163a8ac1d81a10b5af5fd096fd06141d3baa0d183ce39c6a4ab21d46ac7c24b38074346098d0a250ed27f3e98f413d0395182382654 MD = 8f4c6a61321c6e500cf0dc2b7d7d97da9301f71420fac604feae19f2 Len = 608 Msg = b26d3233b551029077beea92859889691ac3853a9f972b2a6e8e55b8db40914f75927f1b892a7b1de8267c7aea0d3c19b3059a6cb5473c8e76d1788f945a750c068b8d02a46cf6e3ea1da2ea MD = 4d8360f3692defa11eda027f94099b3054b841f809d2aeefc885d2b8 Len = 616 Msg = 6fb0f3856dcc9addbd155916f0227630959f01c764acab99bc80dc435052ff4b1d7921639fd2baec4462caba213c2817e3a5170a09771bd951c30bcc70ba663406ceeaacd114639f21edc20a8c MD = 71f8e09f911dc8ac67999c10c059c203af4af5e436eed8f8a97a6f2d Len = 624 Msg = 8471e939d4531486c14c259aeec6f3c00dfdd6c050a8baa820db71cc122c4e0c1715ef55f3995a6bf02a4ce5d3cbcd790f72087939b05a9ebc93a905ceccf777a20d36eddfb55e5352afbe8ddf97 MD = 065cb93bb2406003776440d9a02af1e4170e777c7d2c13a113262ce0 Len = 632 Msg = c87a7448b7189a11e532a4320874186407fb32470d18904cdd512fd265a9968f95225132717fa146654e725ad9268d5f062e0f5108de1a1a340acab3ab1c6b8c2fa1e92e3607871f3da4d4055ffbdc MD = a39c7c5eacdb22669587a1846c2975b41f9b74833d9979de2d7f11c2 Len = 640 Msg = 26465ea06dbb61b4193a982c984a0358085fd6f14ca027ff60ede9fae9211d301194476691e51fc20ff68ae9ab37c864d528ef4861199816dd34d8e022be72ad299a4a1f200f1d53bdcb7009d327c605 MD = 21afd5f923bc7bae234f14ffd662f174b4d179c7241ddb57576fe502 Len = 648 Msg = 5dbf5c2711e26fba3423ecbff0d56eb8c934cb6f78ee8e96f6e2a8aad727621dd95096b3bdee1f2d55578e25dfa61e399103eb6b75255ec87714ec48bd3400f6367f35507612c9f1c1eb4f6d65f1a37d4d MD = ec5a139936f2c42a1f4110e2c52bf7c3cd3bae49955c608fadfa163d Len = 656 Msg = 25be46e3df2595aaaa9be9d21017aa2d64306720488c79b4719ce3eaaf867d4f276352d1e3ab46d18eedfc7978c4f650e106fe0b733ec5a7105dcbb4ceac7ef44005a624f843001a49f72910525dbe40378e MD = 276a0dbb542fb69ed409a91994625f8469b051be25b5968b3a6fb0e3 Len = 664 Msg = 2bf69b4b50312f07fcd68d466e329cea515af2bc9b78df5eb664ae82de74275aca94594f8e9996f6c0d2be40d9e0c1f1dfc85f534147322b0366efec1a4de92b1a5cd6530e78d69aa7a3b1339ad060c543f5d0 MD = 45a66110f93ad7873923b97336c23e87642e79c7897d9011ddecf03a Len = 672 Msg = a81a32139d69fbd64000f8d4a6ee10290ccc83e8c9e77b6081a2e59e9c157e33f6fa3137d8caa08d28230169dc6d2b10b4bdf0df29f9ae8fa13e21b7e47e7b92d36eb703589f2ad699ea5b49711214cb20a5b903 MD = 4143fa448de5ebc14aa204d934ee3971051c4e3074d4caaf0cc62af1 Len = 680 Msg = 471e434b7ef39a0551b2ed9250006353ecd915c82b77649ea1768fe99b3585ae9d7ff7a40f6bb23b33802cde5a1d5c755818cf2f35a6f97e257bc963ba3280eb59eec2faeb42ed47d44eaba8292bc3901d8a35d5bd MD = a12a51a59f116f87f757f2fde30e11980d7d96ebc959774a734ede74 Len = 688 Msg = 3e346c6aaf8f977620c3ac68fb608aef432d6cab296d1a93da6261949c10c07a19436414fad35793b827f434aff89e1f7557b18e69f2b9318f93e2d29be9b0354b8bf042fa3aef657366e93603f4c455d23ffe98725d MD = 307467396d59103a897e6a5b16dbaa2a0dc365e22395465a035fd293 Len = 696 Msg = 1ce1f01b46b4c9e04ce4b5e22fbbed4b025427c55848b03df98bbbe7d990f9834ab469de70d9729bf5512f33ffff0a3b5fb88ce60cef73cacf9205e73f2fa5e5f05ba49de85459db52e57462778a8f31e9d50605011009 MD = 5ba94e26394485eb0a9e3f3d3d9a6083b35daed5f0c889bc78924c35 Len = 704 Msg = d624f63f53be3d6c0a20c12263e4436e462407d72e3d854280d361131c169d9531430e9c556d0c69d57d6ecd4978b6926c0088162b1e6139fc3e8579717b395c0d1d330f56604f4c2b78838058d1152e689b0b8ebb86e47b MD = 37cdd523d922362ad463216f340f254e76aaaa0b45f6dffca30d55d0 Len = 712 Msg = 7f601132a3833a3e2a33a0f1a058d6a2db06f11e39afec8829974b64ed89ffee9ec98ab070496353371f9cb62a37c23de745056cb8fe98b415885b8c6a2fb8c41a59ca16c3bcc5ffc4ce92cdfc7db9f8d52184b581af62c984 MD = 10871c0e562e11aa59406eb4bcc832efe4942260ef08cfcf99e7db58 Len = 720 Msg = 12bf3a3337d3b6d553bb8cea92c369b930048ed2902c81f088820324ff244330bb9351317472d5822d8b01dcc413c4c2c72f411c89b77f227539627ba341daa6a9d75a9ab44a8ca9d72c43aaa29eb157f7cedaf419bd48320646 MD = 6f763886f273aa5f943ececf7b765d83ed1a78b43abef25907226b52 Len = 728 Msg = 424f1d07b708e60cc4d00396cb0e90597f3977aea7904be61f0b74de1f918dd3bf6b0a78bbf91e4674a3dc1438139ce7c3a1a00b060ff7632777a2fdc881f6e98cd9414cd7e1b0b0d6a3709ec009146f5b50375fc1ba62e3648330 MD = 7742c1511fc5a0297634fb3d928a058626518b7fb88db428e2a282ae Len = 736 Msg = 87e1b9edc7c6576998ca27a41ecf90410327adb96db5e8a12d4eca2c3a6511f05de803ed2d6503cb3e716263964a778160bbf2e8e5406d97b76b444b2f86a7451a7aed4db0f02bf7c6b506254463c5cdd83eabfdec5c831cd6097c72 MD = 4331fbe48d8a7fd2e69ab0279509131d44eb132427311724e2dc19cc Len = 744 Msg = 8fd0705684ca323c8ace2e7791d407697d05d522357dd23bf64f5501eec905d706fa46d5ff72f8b5c04961f0ee636724bef103b9073bf2c49c9eae2bd8d09c0b7a6c8756b3aa4dc17e6dd8dd3084508350298f76a8ced6449c1abe6dbb MD = 43ee3b234ea91228c05358fa56bb5072031fa413be371413a257a0da Len = 752 Msg = bdccba55407761a6b90ae88ecea8b95ce13ae66a34066d505184bb58a96c6e327b145fe9f7f9e016a49b4254ff8f9bf365cfc5f13254aa252be7bfbe1934cfecb720faddce5cfdeb9f3ab41481c0ddaacbfc1e4bf4964a14f9ace012ffd9 MD = 21fa866d8695008099e400210d04a2013701887d7afa98e8324e96de Len = 760 Msg = a8aa236cde557d8d365e6ed356636ee9117f7ae9e6bfb772c9da59fb271cc36724a4efd927cf11c998f47758e852b4e0d246fdd0e1c2d3b733fae39e7c602a9b4dd35ca3971387a06b79f3c303e54e1c06f705680882f52a503d43fddfbc88 MD = 102fb3632c675224b30ffaa5a322aef3354e1ff0183cdbfd06e5a17f Len = 768 Msg = 44c6c75e377f21fc9cd7c164ca5c4cb82c5538a58dfb323992e6bcf588c61b246053706bf88725a09d0a8adfcdeec0db419cd7732b0e3386bc3f3407e9e016546f4d15c314bfd57e30c302926deb3342cbc315a1e706c5607c127de42a9a739b MD = b9b62986eebdb35c88b12e0257537a05394ef5a16fad01c2fec57d6f Len = 776 Msg = d3c4a0b17f46cc5653bbd8300dfb0df6d0af3fb7c7639a830bdc9f68c7ab69a09a0235083cc721d465e73481eaed9f0c29d34262a8177217f912fa5ae1865f29b97669c1133ade59a1d2910f537b9b23c080e963c753f7e676dcdafd2a118467f8 MD = 49e4553a6c26e7a82cf70b15528037cdd658ae33653bf4ce8e86799b Len = 784 Msg = f6e3df95a4526aaf671b1ab9342db3ba0a6043da82b355c4a8d7664e09f29d5c0d9db601872e40e88b3d08f38061d521753b55b5b9b65895a58c3cf0bd0da823f81c7ede5b7a0a82cc4780ce26c5a5bb8960cca4f4eb04aa152d90575f9c97825e68 MD = 4854cb2a3a9c9e3ec91b4e7d79a753f6e2240f4b6e2050590d6f1647 Len = 792 Msg = c472244bd3325a84d37220e7ca6ecd40e3f20e52677a811ce8987f5bc0963950ba5c06c30e95fb48930ebdc1305e932493ccbf7f266d0f393f8daf9a9850418dfe992fa54d2b405f9b0f6aa7b435e89dc75e8c985e38556b93cb44e881156ca3faf149 MD = d459400905f4c1eeff90decd9cc994b394b21430379d6328c03af436 Len = 800 Msg = 8ff0520805a336aa768a1a75f2bec3ea876ac2246f2d496087bf3ebc03d88e3f604dc41a9b7cda2da1eb4ecd062c79c5f9041d9a78cc3d14c01631f90894f91c6e36d29632930754228a0ad25529c3251ccd283f368b0e6f43cf3e277b43cc02a0f3a405 MD = 616fa8495f55e77a308c223afe470b42c0e1a014574aa36d01f484bb Len = 808 Msg = 6a4cef9b8dca0ad7767515c8a61ac32c730b2894b60a106bc5699534a170f11370ff908f2d746a969ecf8fc1861503da1df2cd9cbda14bb9de11c8224440508277ebc30b746a2976a2d64545076c6d4cbc36996f9ee8b9ad47084c5e3d512eb8685ab198ca MD = d20490eb9633a321a69eb27d42dd619aceee533e850075fd16589bef Len = 816 Msg = 9a4fd44a08d9f5e7731603ac92b18e3d880ff2d5b9d7cee6dbb2b7ff504f2df3b3abcd38b18fc98d1a5a96df3700e46e5f53d32cc581646594de2da53ee452d71078b0aa0b6f5b39ef514bea985d52968dcd51ebd75bac0f0f03fb86bb0b0356db41e469be84 MD = bf3a90e1e0e8b1a20b08331da3c1996c8395a1e3b835799f879cc7df Len = 824 Msg = afce173b057b48406e163584c8d8c1a93b15804612c2278dca34412b692a2470120e24b0d57806e9cbf4b8a563053f22f76af0b1a39fe35c56a7a5cb29092d69f01911c20f78fa2f90de56b672174c2c434cf59cf184c9eddd6a57be31513a95747548395b840c MD = 373d08139139af96f22810c8e8443a781c88344b73b9b717a97f4a04 Len = 832 Msg = 5421cbce307d2c89a27a7b0a1d515e6927002bb65d3f0990b8b452f3106a3c52de80b9e6461e9b4555adfc368748ddc48c6d0d914bf94d6d2853b12782e749a380d6012d0eebc60d22d2ea5c4484ca164d06ae706f53f06b759761a94c9de87fc38b6c4d8fcdf40a MD = 5bc1dcf59342499195a61a0661af7a8e96097660a9f7e576572f3d0b Len = 840 Msg = 5add9071d1d5d1799c0f9223109b761b7b9ee1c30aa20025ea300a2baea1c512f1314b1c3c550e852a4f1ab9c9ff9ac444fc9e0abfe31b3883ef337a5bcab7ef3da3eb5a2d81891a5fd7085c9c581d8fe60c83185fa4f847670b888a053d0de1885cf7926e01491e84 MD = 0c370410dc8e22ee61c49d7a3bd3d7e80cc4f3f51acb26ae4ec5a3a1 Len = 848 Msg = e965ba8d1236a10b362cd75cacd0175cad0af65e13d9c57a6047b729029d470fd6d3d417ea4a8ec587be96c86f7661cf63bd5e9ee896d8614bac1d40e388e0339606dc189e0aba038d6f35d58f407c10f02bd7e9de328e9f6fa4070ce64c2e7a32e819b7b7dded6c5128 MD = 175c4a7fa491e7dbe3a2c8604b07bab0e2a2e34b270e16b4392e9716 Len = 856 Msg = 314158336fbf7845251e1a620613ad8c1a5996e512ae25cdd91ec84b6b837faeea4d9074ef7f7c6a1efa3115fdfe815106eed338fa531945792402b9d045703e124d2ccb6a8cd9c7af4d26713958487ff3bba805b2cad899c565ccb5ce79475dd0c9930188ef75a4019d60 MD = d6cd1901bbeaf4b69a7c211c50546fce3538a8388460ec29ff8166df Len = 864 Msg = 2c2d86197b39c194c65a93bdadc72a9e590fa75fa8ae6b758adf9116abb2bbf0525e121a89d8884b7ea5614a29ecf1a52fcfa7a606fb4a835a7e83d5b0da9c4b4a5787a04a9d22ca1a81b9750a20ccaf3b2a13e5bd81c00ef403042640a3d4dedcbfed9207ae167b6298a526 MD = 49dae21e7733ce09e392dd980ec3a0c2c54269376e231c19dcf5a774 Len = 872 Msg = bc106b071b53c4d855e1a3dda41db1a7a4460586b448a3fd9fd842747cbf532dd2763e7900f4ef2cdcc4914e9b5a9913f1a7070d78ebe8a156cb20b81ba366b6e81d90b0d60311da9551c03e548fdbb4e15d4b0e1250299363fc82afe05257e8462de814652733c9c8b1b71698 MD = 3baff8bc1f4351fc62ca40904a002198b5ef6924afba1d1fc61d8ae1 Len = 880 Msg = f627848c4afecd8df33da19c606aff119a3762c61c0539c3e6a8961bcd6a2a111552717f41a62a792aae0a2d4fbbb10d6c68dd314e20def6e5e04aec9b3ef1efe4ab139316f5d1c67c10e2b0a51587de028bc1a0b1e6c1af934da013a4a050448cbad39071f3aabc10e991ee0c81 MD = 2e0b5455cce69262066fdbf9390ad0dc56138b221b75d51298bb5b2e Len = 888 Msg = 15cb777ef3e451b928dbf288e46a3627044ff5de42add884a9af6b424d6e7399381581a6a743c7a577b02bb5da149ada4e449f48d09e34df4ca8d8f259f4e14c23471475a8f97331289f564ad6e8bd8fd4c5e51d5ecd19dd46dfcb4ea009e385bea857725fd1fc6423f09ccf42af48 MD = 9fa12561f1df9a2d793292e0f4df5327af529336b5b2118952f5c24e Len = 896 Msg = d24df75a00cf92677bb41a620fae519723937ebfe1f7b430970056505d76db4ff91acf16ff391a7a3d8085b655127a18acd80bfa831837f4644a6850c0273fbed6029449d65bb98a47b2ff1ca6997c50500d0b21a206936a5e4d8d56508ec01832ae4fddce5ef6ff62f1917c486adea6 MD = 5cae12ea9652269ea2aafc656cb83424746ea1d5d491f9a159594b2a Len = 904 Msg = 730963b1a462d234e8705db9278cc58dcb817bec6c9e62bcad0ad57c6158ec77f35bfb3d043c5c5355c96f2ae810de4e622d26e0b4605346fa630a21a3facd7fd3cb7b5305701622f5cbc9febd992ab83e4abc52c111b8b3de370d9e9eb4a5e5dc00eadaf1278907901c751fee4f303426 MD = 46c7046aa633fb5bc4d6952f853e39c53e771009183b66961593a3cf Len = 912 Msg = c1460b2e1e385c0b5756e210bffaa8f1cb12ebc3c60e7105c5fd1ce0def2beae95ad2fba97779d46ab4e24d3e5429e9c1c1fbd649f4c577124f300d90162defc9fb2b9522ba652678ed5f623a00c524f98ee8955c8dd8447871e8a236e371056c79cd27e428b2274ea35808a581e6c1126c6 MD = d8402ee634e18c967d110bd7053a302da650ccb38f259cbee5a24715 Len = 920 Msg = 48a84e3c4850a29e433c8a243bf4beb05b8a5bff38cc418158bfb968f1495cfff22e303e473e139b59cc5d22d561c1c8afb274fd66d09180899fbd777a8907bf72731181c5f0750668b562ccb04e86d95c0f314fd64cb741b6cd16c5887cd84acf613b2c4ad0908675e1e1485321d6896b87d9 MD = 3748808c1a4d1dc1b82ebab4cffc9d8cf5c251d045dc8affd756dae3 Len = 928 Msg = 41b2b071ee6a8e0bc62e9e03a8705f6da218e69b111c234c0a516520f981204f88bdef9bc3f4d58379c5c8bae59270d78dd62c4e6bb8569f4be0c8cd74899e128ad73ed1b36b96ccf936a597f08a3d4d987707818454c7773c9ce194e1fc1d140fa9a7fb07f75a4e0e283d8210814e3589a47f1c MD = 8776f08070e38582d4604170a9e658fc17034cbde9e03a002e728131 Len = 936 Msg = 54bf375944c002ccac87f55ff3eb58c45844f62d917ddd03b26b5fdb515d5ca6e8f5c4277a3657ab7addaff4e8f58176bda620c6894e424f5bd30747e13737e1d06ccbc4866ab0bdef80c7b0a5e730d55b9dc8207b70f0010e59914edd0c5d7ed5cd5717b0859569d215447d71eaee49f9d2f825af MD = 0cd690736dd1f390694f65c3b89e0cc2269f3b8208c806929a8f8cb9 Len = 944 Msg = d924b16dfe2f612d923b25669b45d9117d30a3531d5d30ad477c41734da2677ff19b0a268581b06b518d7c73352ef53990580a83601f5215aa8498241c8f960df19e014715fcc69689b594820aa99a08ede0928f4e1dfe1e69b6b1cb48a292779fd49db8f4c72a17025b727c60df4fe65e6f435f3080 MD = 304e38689250380e322505b4e23fff35b341e2d94cc62cfb44b51db5 Len = 952 Msg = 7d2d12b351a70306230e7dcc7664ca3883928093395ba8d5828f1f76c8813d82b8bab5ec45efbc24f0316eeb47646d67acf2cb7258c12a38a0622101768be24b32c71a1c936c199600cd33cc14b266d45a053d1e55cef303c462dca123d601e775ba0aec41046285db4b9516e436fda814339d3c376c4d MD = 40a7947aad6c1e73436d78672038fb99a4ed7cb145445e276643cf38 Len = 960 Msg = 5fee687802a5aac1332917cc5d0a9439ad95c764219bce45e2743094d34413306a7db0c1bfa5059ce25ac9e87293a5ff6b28a1174095dd222afb81f3bf67f6a1c65757304a7a226eedb8341c7f72f44ecf0bce15c1a7e35aa132fe0db7a5ca801c84430dccab6bfffb4b3eb0ad30e7ee814534a3cd5948b5 MD = d6657f115db759444744a125e40ade361d8a40fd88c91187dc5a50b3 Len = 968 Msg = 696730b7eca27066d541c4150a22e6a6b062c951f2177df6fd4254b14fff43b032ff8a418338972fb8db284f2287b1566ebcfded7292170827ab6b73f16629ad2755eafacff296b4a98d85e27089e40c5cc85b4deb64eca9e1a01fa18d1e5c054f52980a5736349caf3f21f57c90496f816f2a96e4f5c48235 MD = 391d6c2b645d1eaa7a7dd68140fbb7c23dd4ac0347887a782e4c3442 Len = 976 Msg = c8995ce09a8d80b790789915b77e53cb2ba0b3974327f0a509468555edfb843fba362d75c83dbf07744f8ecdcd8756609004cf6a574781200ddcda0ca53d7e100bf3dea85bfe0c6f5277cee50274f16fc92cdf9f835c74b6ffe90e67b0c6e3dea5189801bb980ff6123980e5bd0ccbffbe600cbf312d706fc7b3 MD = 3a6ad16c5957b54ee6691d227b2d2ecf9348b68435a50647a2cd55c9 Len = 984 Msg = 247f8754b008acea234d3b5cab5c613a695af8febdbcf3e4c5bbfdfb20015d7cf8a91d5b3f666b1d38023fe93a0b3ee1b1c9dfb36572cc6affa18b8bc9055d5db5566688a18e0fe1d955a985ddbd5325652f1da0a3a66dd7c81aa2bdc940f8ad6370ab015de660e00d2ec0571dda66ab8f76fbeeffbe9fd1280e8b MD = fe66026c1c2410927fa442cc122d5aed90308273401d429fd1ac8f61 Len = 992 Msg = 93dbada71b890e80d9b88a338a7df020a7bf9ffd9898536225fd3e8a2da25b589a18ff989438b188f5c53b96fd4d016c4850922afca57df2471866aa095858fdcd115da3fe554ce35840e3569cdc15ed8842a5350602f4daa4c5186b44312d5c140df051c1a68a9ae871a9f9cef1d5ac50db02a71d796122224c7c53 MD = f73154e76b5998e0792fb0ab1d721ee730b64a1b3a543061fc76cd17 Len = 1000 Msg = 6178736ea6aff4b99e7da97dee000adf72b37069df8ad5bba63fdb7e1be6109ad6c871a9596e2dabf4fcabfbe6c1cd82c50b772a20404b95622ab710f99332c2b812c2297a24c2c8097ee2193ea26fc969b1d524f28062cf41ed4cb5dc74f643cffd6fd851f83b77a4ac57c03dcc771e254c92419f72a0cf0b30a3560a MD = 33a7425316d2f6be1bdbb870d953132d55e29fdf8530463977940908 Len = 1008 Msg = 1c21b5842312111a9e2782fe97917e946b8d65987c43c91b27ed0cc8f63b316c16f6ecb60be5fb3ba2edb9bc277bf1acd927f0ed9b91dedbec8f4e8b198b1354b126558f3a21e59c227ece26f9e22da7dd3e422e35aec660a2a27fbc323b1324d7f81a99189176470723e7c1738eda8d5e1b82e3b1632ab22f6ccae4a814 MD = db43ca3dd7bca3d899648692e4ed8f03119628df313e1573723c58e9 Len = 1016 Msg = 4b9895235cb4956aefffe815415252e7d6b21921bd7f675315eff071d0bbd429b718c774aee96f6c3a330d5d40d1601e1069c7a2a19ea5ca1e87097da2608ffb4180816e478b42c3c4e9edb748773935eb7ca0df90dec0eb6b960130c1617880efb80b39ae03d617950ace4ce0aca4d36fd3ed0112a77f5d03021eb1b42458 MD = 9a9176e97aec99ab07f468f6a226876710d6d877021d27061d4d0132 Len = 1024 Msg = 9e127870be2431bcb4f4eb4efd5c2a6c5870c55e7a5e3b7503994a4cb136be4ed396887801450f600b22cb772fc00f8b8f0d2690e231a29f69b9f13f24f531e4479e45b5e8bc2992fac782567e0d7a59f853ca3a20bf18dbdbf684ac69817e2de075daaed9532659692d3b73530a12df7b8cd9e49ed0463041962c1ce7a24c31 MD = 7e2cf6226623535784c59cd6a7b27dac60ee23fdce8a804dbd6dfedd libica-4.0.1/test/testdata/sha2/SHA512_256.txt000066400000000000000000000664651417716165400204210ustar00rootroot00000000000000# NIST SHA-512/256 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 32] Len = 0 Msg = 00 MD = c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a Len = 8 Msg = fa MD = c4ef36923c64e51e875720e550298a5ab8a3f2f875b1e1a4c9b95babf7344fef Len = 16 Msg = 74e4 MD = 0c994228b8d3bd5ea5b5259157a9bba7a193118ad22817e6fbed2df1a32a4148 Len = 24 Msg = 6f63b4 MD = a9e2427cec314b2814aaba87039485fc8d3ade992fa1d9acbb7f6769460a7317 Len = 32 Msg = 2bf98e7f MD = 97d455e6881adbb8bf26ddc3ef120df4abb330adf8ed2ac7a4b6cce4a1727068 Len = 40 Msg = 77d2ee3fd1 MD = 329d0ae26df3646fb7db0b322cf1f3488d5381f66eb376fee40f0596d6d9dc4b Len = 48 Msg = 7dae8fc020d9 MD = 447044f03bc30e2caa245d26ce4c72c1454f708cfcd9a215841a88cf5ecd2095 Len = 56 Msg = 5b48b8b01a59d5 MD = 1a86b4d34cd104c13b5b8d419784ce4c6d35594f2a9300e81468f4dc0634832a Len = 64 Msg = b4e2e8501f54be91 MD = d25265bf9cbc0dd2f108a2f5e8f69db7d15e5b8fe9100fe887dae20b6e054fe8 Len = 72 Msg = 901db0f70f2d10626a MD = f84ce7a760c85e67872ffca1722b1b7741032d9139211077f963a32d9f84771b Len = 80 Msg = f24d98591ee3c732a172 MD = da234c1d6d18ad8f53070e4e5b9cff75385c13f3e44b014fc45c3509d0d06adb Len = 88 Msg = bfb272537f021ade9bb330 MD = 7c49a59a3c3fd8e24de85854f68a3b7ec60c2031742a9a2dabf49199d88c2db5 Len = 96 Msg = 0a5f7424babb5cb85715fb17 MD = 5cd40c51502600f3a0eec7b3a3addbf6672eeecc50b3de2fd86dd1c0a47e8a3f Len = 104 Msg = 57a10308aa2060aecad05adb2d MD = a5208ece1de1342d02ea9ab7cfe537a2c81fa0eaedb427a7b3cb6c291959a6a8 Len = 112 Msg = 5e4674e97a257c231d8e91391d0a MD = a88d7cbb6e31e87a6c99734f599d1588cb9439979b8210800eca0aa2067cd556 Len = 120 Msg = ba10b0da70e2a017cdc63f996dbc1b MD = f8a5aa22937453719eb40b1dcf68a346e202ba225f4d7acc87e5a736abed3423 Len = 128 Msg = a3481996c109c9efb6692b82173921b6 MD = fba0f0813ca5c513d0b547419a15e27a7097d3eb280a298c1c693b55e03d2d2c Len = 136 Msg = 0877c20cddcc86b833f7bc2dcf7a709a2e MD = f4c3a2604e2725e4d179edd1b445ba489979f4ea5937e0c6b20b422c720d8bfa Len = 144 Msg = 69445bd12f022f6a669bebe0467729f4dc7c MD = 26bf709b3474554ab8dd12d9524faca43034118bd955fc52cb1f355c6df22391 Len = 152 Msg = f751f428a0af0b90a912a3be78daf12a765b43 MD = 5e0f8a8739f556daba4da4e861f39d1edaaece0204963942a4e66a11ec1fcf13 Len = 160 Msg = 19829a8c723c58ca9580cdf0dad2b6d38cdf60a5 MD = 3aa791b396ab81df9107278b8dd1c46ee57579db4cf5f9b83c54b37b0a601fc9 Len = 168 Msg = ae43132ac30de180c24dadb88602caea91366b8e51 MD = b9f0141ba006a3983972dbaa5e2bfe7152e38110e02475f03d84b0a3c743cda9 Len = 176 Msg = 8d2782a7843aa477b8f3bca9f9f2bafb5813db4c8c43 MD = 5424b31989031809b5fc8969b7c48b5dc0c233fc34ffb5b223cd5f3a9712a8d6 Len = 184 Msg = 72321fffd7918d4f5cea105cb0b884a2356af11ebe1267 MD = 17e3fb33e7f85b1ad5634fbbce9b5f9909f3329f4d74acad3dd0941c1531cf54 Len = 192 Msg = a7efce3e31433fe68d75145d84bb02960fb968871a3c2f7f MD = 8ff0be0601e3ae9290715aed30634b13b8eb6f3c8b3294ee9b1fc342c260313e Len = 200 Msg = d4d022cf90e6437aa0bfdb89284244c16dee0b488bc345ab66 MD = cb3a62feb0484be0ff9b56ea92414c7083f2b5776e883508b3a61e57305ee83c Len = 208 Msg = 95de55287ad3cff69efec6e97c812456e47be25e433470c3259b MD = 41c7027d16e37259645d0173c86141f38d808e9e27dc2dfeeaf335ed7c99490c Len = 216 Msg = 63d8cfd72768c44920d7b015460489ad578c063be19053889cb809 MD = 876e59c8a64faf9d665f7cde5d42fbb331ba818ddcd284491ac51ed50e1613be Len = 224 Msg = bd2c5a9116bf0d75b3498ce2ee4ba2868e06e0c047ec40b181540896 MD = eb537df04d512c2fc844020f8ff32e043c04614b88cea0a4e05e0ff32ccffa06 Len = 232 Msg = 37a45643a280a9d1a1c83e094e01173acd8aa16825252dee4eb3a3678c MD = 80bca5ba3e632e8bad1589cd02d75d7d3e6a1aa9ff64c2b982d572f3d00d947d Len = 240 Msg = a7be84014e8d09d8d51657789c07f29f7da49c5b5c0f836fffc6baf8206d MD = c575b2ba075a63c4540084493636deabe9b8df61952f071559394d4dab810e08 Len = 248 Msg = 93c45fb91dcba420820bd3fee334b48fdf7b73d7b431ebdba79b2310a7fe19 MD = 98151839b8f3574e0a0b9f19e84afeb1c620fb2dcef248149c00613233337997 Len = 256 Msg = 1b77c8dcfd2fc4b54617054fa6b14d6e9d09ce9185a34a7fd2b27923998aab99 MD = 683b486861e598dabba740ac919522cf3b609c18205b6beca4ccbe6b0f6dc6db Len = 264 Msg = 8d5cb933401b35dc34b15de0f5474d3c9b6aeb9057531b7f4b6b32599f0eaef7d1 MD = 16c523d2b8830ea90dd6b6b1ca49e4b51673006ca30ff47a4dcd4e7b35ad4f62 Len = 272 Msg = d6a66d66bf546b97ebd033cbed3504931e45296334ae28f4178d3de6f03106aa8221 MD = 3f607a5c7aef13fe98dc9f6b6a4b52979e7c68781ef5e12f69ded20c497eda47 Len = 280 Msg = ce885ffb340fd7a43e2150699b3f98ef334270036794ec759aa01d29f087ed6b551549 MD = 1071f8b57328b767209c15a43e1d8452763865ac93d58f93c840876c1a5b21e0 Len = 288 Msg = f2c28d685486be99afe87bf90c9f309357b44f60b688446a1918aa321180bf4fe5be1559 MD = 35bd192cc10fa24bd7954e0e0ee20c09440efc6416e94ca25a47e765bf32ef1d Len = 296 Msg = 96e8e30c75fec82bef4de7ec8e053ea661cb72bc4eb9c1c1aaa638df07a826794dd8d00f0d MD = b556798f76ef742cc1eb5d10732a925fd8208b4f079a6c0e1fe0d92fd87564a5 Len = 304 Msg = 2915c9b58835f0ec1e011fe5e6db40ae3ef3d890e268934d1bb024a634394b202e503708b543 MD = 3868885b4e3ae2172305acaad25ffe9094c72348ee9d7b0acc20029e26a7d013 Len = 312 Msg = 673ccce2807cb47622b7e09ee8efd812b44faeef436c301505cc63cd2ca52db003e652c4827ba2 MD = c7752098c3b5fcea98425a180a5c96146b443aa8d76a0c79fdcf3716bdd2b906 Len = 320 Msg = c1a6ac69f48008db50958665df9d911b78dfe519d9f34366f6cd691f90f741d1081e592676d093c4 MD = bd18af5b2b24d769eade525c8fcd535212abf8e5df180d7f3e3d023033fce192 Len = 328 Msg = 3cd123ae7bfd2b31613ecc5ee8b86e8e59a52ff46aeb2bcfa9f4fbe41eba7b2c2c21d0cab98aaa3f8f MD = 7ce19714e1d3be680dde0e919d90157aabca76439df8f0979d19b3a686df6b28 Len = 336 Msg = a52dde5aea1f04399c5d91fb5c4e62da06b73a5d9bdc5a927fe85298e58e166187f154b69ac1057c01a7 MD = 035d362a4265031434c3aa153ab4aef6b00d5176227197430bb62884a085c5fe Len = 344 Msg = 381906808394c5f9385a06bc9b6e528095e6f6ac07f0fc755e13594768b7686766e897d662576178c2a17c MD = 22ea5298af2aa311a5b53f8b2838dfc008ae470bf96d2bb6794735ea72108879 Len = 352 Msg = a04a5d5d613d23703ab8dd0093d354829c5449823bcf09eb49124183fdc014b5a83b6b93a3c78c1b86edefb9 MD = 8ae688d5e9d0de9de834befe5c0829644def9c5da71ae0da4f79d1890487e25b Len = 360 Msg = 175e1059931a94e6e37ea53c87e3c71d46be2f410b2131f8f285f810a3c679f9df6fa9275838eeb8c6cdd45737 MD = 5641036ef6221e08e3c795b2ad566aac9a69f85df1a8d35b3ea2b780ced33421 Len = 368 Msg = 3ce38a2e287fda13384cb306237e8c74357848818d340a9488e64a157ddc2975aba9016f6f82418ebbe878f0c388 MD = bc2041029b16895afb1f59f7280f8a8f09be5dd241c675343f7ad8d75b834b75 Len = 376 Msg = 9628a195ca6e708cfccf9f434dbe6c5105327f0f28ee1cfd4a069d62a39f203366f67d364fa47b677b20439b7d8514 MD = df6d891d2c204354b827f530c54652940cb483f58d6b433973752c1fd1d2f84d Len = 384 Msg = d85bdb2df5d72f2190e4b3d4fa5b6d848a088bfcf0af52b8c64c584a689ff3fc06e8f1b7f7f0892350489210b6d5f315 MD = eb2681edf92a1f5559d10177110ad21ffd3fc1296e3cc83ece32e42f56ef7ded Len = 392 Msg = d078a5dc6ec589117119ba3cfb9b11de57fccb563bade8b34a4fd2c7dd6b3f7c0363586cc7a81babb12efee78f1dd5b474 MD = 0fc7046f02d070642d821c746785f209bb332690bb34335e6c6428051793e1a9 Len = 400 Msg = b7ae6037d9b452994fb755aa0cf57fbc687298060a471f9b0c3d8e9d5a9ae0ad5b3b4fa7d4e3628c09d327c0259bbd76db2f MD = cd1040a0d94382a6446a691c0a07c4f643edc11e3103e343608603b5bd101be3 Len = 408 Msg = 62f016dfc38a4c70b7f95d669e2d475704909e13c997d3da7e96b6cd11d83aa3adef789ddc49f7bcef042b319f033b15f44208 MD = 8aee50572b6b155cf40d6ed6c738bdbcaff2ade09bd4d8bc9c2f9a673373c44f Len = 416 Msg = be890898b03f7cb52a9d4300ac2e8a80715102b1538fe37ce92c3165f2fc3e07f67870bd2a1144a395c593bd71ef1475d463234b MD = ad156f2f416cceeb9a6a2520e79bba5295b584c59606fbdfda6ed13ed9d99af0 Len = 424 Msg = c12149eed4113efa31bb3c4b9aa933639a0e1ca716062ebe251e553a2217e07affe779cedb015bddd7d6bf44269c9780644e7f0e29 MD = b4941556b37c22c9d841bd0b1c4e5d8778b1c598d8b1ec55c4cff11cc7402d05 Len = 432 Msg = c579bffa9396172aa1d654b47930e65f95c0c74b6abda382a5ab3bd0b4d20bd588ee2a58992873de2b45e27bd01e40e92f5003d70334 MD = 63f898b4fe7a7d8c7ac776ed7811a922052791406429318fd5386a8f7864cfc6 Len = 440 Msg = 71b58f40e28bd9427f0f7821ece9c6e0f34b7f5cc924222692979a8e28ab1e0018445694ee52bfe0b3485011b3d05e3a84bcbdeb434028 MD = 7614582f42d5a907d4ceba0025798ee61d38072485f54ba3d742f29503f1911f Len = 448 Msg = 592335639cd4f2f9ae6624e895d6a729b5079ee1f45aba911b7fb98c7f8b2cafe24a7e4c94d63267dd686c25a06fb38138dff541a6cccb28 MD = 68d64cb4331b71e72b42c88b8f6513f4bc17d995254f04dc2b7cac022ad5edfa Len = 456 Msg = e26e1dc893fdced833eae15ac04ed4624a07e3c89dc3d1d8205be44bfd63327782ff1bc2c8f7175c920eb22e7790d40d442b46349cff72f1e1 MD = e1470b2f44e3955d2b5496292679d9086b7c0aa94f0d516e53a142e486c6ded8 Len = 464 Msg = 7def4d439a9b7a6c5700bb91688b1ca6c4ecdff263c6646446ab4d2ab947df80d5dbaac648ee6cd6593f339426fdc2c7303a36271a9ee9b6ae58 MD = a59591e28eb92dfbf290a06772bb145655979cd0fa0df15bf82aa27665abac03 Len = 472 Msg = 283998b5e2394fb1ce1cee355b677e79f89a09aa28fa52d5d993c307f27ea7b32b60995321333c52aa492d2a658d36ca960dc53a31b59c81355dc9 MD = 82f27f2abbe5fc2184b428eb92551e898a5177e997e337eebdc49320095c605e Len = 480 Msg = 09f352d1ae807b258a9d49873a4c4aa4c63bfb52bf9180728ae7981bfb93d1f5262df8e2714cd4e4ee91143be8e785cdbc0888cbea44c4926c7e18cf MD = c30efcccacda26ded16e92b0f2f2e667dc98f289a754cac628dfcb421ecc7240 Len = 488 Msg = e6c2b24789348d646a263ffcdb6fcd511e1aac527b227a7a907aecf6e9500806d09394a566b3ce6cf3a85db47b3588fb926ea6897078d5524890ef1fd6 MD = bf9ae2941d2bb948d33ae2a822e8738f744b5a9d692997719bd1a118743a0731 Len = 496 Msg = b099e1b52348f93a6c22896c72854ab04f2dd3d1f94c5fad21ddd12e5b35f57c80db097150997c4e5cd3f5ac241897b57cf7849334149f29f77b97017433 MD = 01d582c82ce6e6a8c0cfa81792110bc950fa55e31c101cc6f2df6b2aebc18925 Len = 504 Msg = ac4065c8dcd58031b7475c3debe032168fa9f7ae5ad02d48134dfe3b48c58bf243af82383ab5eeb2c65d54ad96e8fb1b657b8bd7297cda318e3f02a6a2e2b7 MD = 9fb9d7e6b81e86e441695ca5c762cf3b7735a75dbc4b2b1e3e5667848f6cdd73 Len = 512 Msg = d2bc0ce7217ff2e944e1ae47ad5873bf391f1b0cc07f6151eb4c50bb45b2fb6295326f716ce7e687fa0e3d5d25c5a8a8dd13a541a9292e8386e733f4f2a24728 MD = 9c1fea5786702d027bb5b66b3fa92de34621a8626982ec21c0ecf8daa79dea05 Len = 520 Msg = a82aa079ad878cf1d699e9612fd3aef603df30c3e8904358fb18a2976d7b91c33f43c0da4976732581c5e00d7a06d8302be4aab4f2d545dbd94d9cd817324fe2da MD = 46eb49bfc5b2ee3c97b91102525b6666d56bffaab4baa03059b89f24ec4b5622 Len = 528 Msg = 72fee29494c25b119b6c5a600c468ec22e42af5ba93eb79452864ebe469a86f83632c85201800f3288b553f7bec649ddfe704920a27a8f65d13aa755985a238b3cdc MD = f7eeddf08d3c1ab524167c908bcd8613d581cb0d03520d7b6b64d181bf13bf1e Len = 536 Msg = feb7a094dffb5c0cb6f723c1b5e7d764d4ab5f896b13e409005940a45defb3ebe67bd85e2a21d8d1b800de1434ffcbd2aac92aba211666dd742d3a575da66a32d375b1 MD = 40cfd88d613bc7d105e178081d2e3c5a09cd629465821909dbc1e9b8cd04a266 Len = 544 Msg = 8ce31ca2ab2e7cff5ff5bcbcee367463cd5eee65b80bdb010116446729d1c31ead8df2a3226024538425538accc35a0dc0b364a50fbca50d9d01480e1c3ea8e9dc4fc2f5 MD = d61fcf2c3178cbf34042a0fc02869f4670ea400ea384ccf04d8460806fe11dce Len = 552 Msg = 4963a36af562e045ec25e39a0d9c2a035d4f6d62044fc975986d1eaa9eabb6344ef0275e97007a1f63aa8cef1c44b5da6f54a8d350909a4a3e09a701c8a3711b50c80a760f MD = 69df54c0fbb35859b5fb247c92b5665ed27962f042a790519db8ce27343b9590 Len = 560 Msg = 0663ac246f643427d7198feb54919f97f9e036864dc32c02fc87af50cd26dbeed4b48a18e9f96e9059605d9fdb10eb57c5583e1c7f501e6338bd4cb8d9361506378526138d50 MD = db458a327dd21bb9c073bd5736a745e467538d9476b7647b74dcd17031bad72d Len = 568 Msg = e70df9ce76334cc2096c0e715d8c96652492b5b6637d3e801961c59421b9a66e59ff4a68047aa52d6d58036fcefc05dd6f99e64f120003448fb69b8fbc4ad34d8fe5fd1a872319 MD = 229be9deedbd16e948eebf8aa5838d276e0e6e295570c49eadc9f27c0e2e5798 Len = 576 Msg = dddad5815834a99d79abf4ed36af74065b2e70e87cb8483b2ee250d877e8de8b8296a2179768367b4bf0f674f478124360e9e2b0c7eb794ffd4e7c02eca935bf4240e394672b54e8 MD = 13b11a38ef74ab16bd65b84e83d34848bf3c56e6cab5c56cc0541e783df1d4b7 Len = 584 Msg = 84617bcdea87420cb0e93feebfde3aabbf7cc7178065c81c99e333684f381563b82fd76420f7c024ab31bc733c485c2996011d60c153ede0b078ebdb20446fdbc3b64af89ecd4f4eaf MD = 5bb51bcfeedc618a28ccf3bbd96be08972eeb1bc22d9bb64883dabdc6c3c6b54 Len = 592 Msg = 970f5a9308f929c5de78e8119b96caf0ad9c4a06f182c73e75a9711c82cd694fda3524863e2c118533b57b78067bb0870e0763aa31354fbfa9e91dda08fe88dc7a7fbf474b1a0a50a9d1 MD = 930a9c33e393ae8b1c39e072b08f972ad840db5401a4eded1f1fd14f8a0f68c6 Len = 600 Msg = f29ec443a7c4bf4fcbc2cc4e992f3b1e0c70ebf60a2019efdcb676c3e2617cd4853701706c8f0d53f3abe96dd99b78e6385dca60bb49ef7c0bad099f8ab4a5f6448c4cb723c754aa6202fc MD = 36d1cb5d930d73f01999533b035313a54b1e2cc223f07af829424230b8405177 Len = 608 Msg = 4913709a09e606f0034926f21ce0faeefc0483b5c0ade99fef950fd0b09a6bba3a6415e38b491de85d6d22c3562e20497fbf8af6f71299ede9fce33bbb942f5c88dc8800d1a3900f6fa917ea MD = 0948d1dc7a0a0172d3dae4ae40d128444f2f6309b443ad6a8ab3849def606a7e Len = 616 Msg = 3365dc87c7f29b50925f2d50b1e437a49ca995caac35fcb3db29dd19cc2e8c130b2ca1e795bd9f1f9be1d3df83f37f7530db383283868d782193e915774fbbcffce4d340b6cd0fe5008d38718a MD = 579d6c492dcfb032b9272aa0f54d13ece0fb2276619dd7e75f86aef3f58bfaea Len = 624 Msg = 45a899ee24ce1eb7ffe13aa5acb08cabe94ff003957153b72019c6664072d045e5fa096470e6e4331fc3cd44cc597452d8d468836226e7eabca7f5501ffeab349d45d2105868b0def2ce22db443c MD = 5c088cd0c18bf699edf47ddbbd1e11c9caa9161b852a6024492e7ab7dd5745ee Len = 632 Msg = 389d76c18d8d11eb5b7e6e80d79f93be52c784eb1101b7f35948c752c98f6c34ed05abdb0f964a4250b58700f8590a6e0b45170c1d8d08216656fba219ddc855f2bb36360e676e1a00fcaf92213c44 MD = b32d1b0acc097eddc13dbba91d2c144774f4bf1ba2275770b52858471de26ca1 Len = 640 Msg = 120b80b44a2435d4783766416ede1784e00d3467c7ed1b6304e75b5846febb812d637fa6b043e693bce4f7ca1df07d75a211519e7cbdd7a2e854cbe30e683ebe285bdbbde6306f0d119ba932705a1ef9 MD = 200818a7fa963423d0a90bd85475d67befdfa43bb49be7c026b9693743404dcd Len = 648 Msg = 713705674e20066d61bfe9ca763a8705cb6ca1e8cf95c6d729507661fcc687156922c8975645e5f36eba8a3069eccb298e96c498767c7c741259107df0180d15b9461d51ffc8e65035c92fcbfff744eead MD = 786ea368156477616fd76039f9b1caaa95763adcebc1cfdae8198f82a41182a9 Len = 656 Msg = 123ccaec522c2983b6cc2e06b0900c331db49dc5d5809cdf80cb14aeacbe184b1ddab5de643c2509b4204584f0a54a0408d0af6286d271f9648e7f5021566cf914f568b8fff36ee8e714bf1b23228e01b4ec MD = 91b3e2463558941d0626936a8d275722fe2e600bb24df78d7c46752675d1c4da Len = 664 Msg = 75d040ddea0428d8231dce4fbc98cc4a2f578a5f47475379d740aed8ab2ceb59bf6cfcf8af7786936fc438f13ceb5c02d207ab68e05e6637b944a2f94c3ce4f65661edb2d604d7b6c2976193f8c9882577f357 MD = 749bae9322af588495dbc0ce426debd9e9cc4c02f50c52ca246b5582840a86cb Len = 672 Msg = 7c238aafde6aabab177f718e0cfe1386cb1421b4799b15788b862bf03a8072bb30d02303888032baf5be242341822095fa71487c68024aa0c1df31aaa08e82e4b4508440b549df9c9de26844146c3cb82c060cb0 MD = 36ba7bf53f7d253738f590ee25c6120e0e89b1b89c2a0691db6d38b72c20055b Len = 680 Msg = 470be1ab595f8bfcbe651aafbe58a90cd4d72dba54f3437a50872c16bdc81593d21c9caeb13091874944f9977bca59e77b3031847afac62e82132450a165643549a72b78f77673bc13a88e9e17dd67e8f4560c07b2 MD = 8ef8d6472e09f566f70e17b454489c193d11fd99855f7e69c0eed389515df577 Len = 688 Msg = 6973b2d5fd42e78a2245c76f25681d704ea194e2b578281e58c6db6f6bbda92fef28bd2c86f4e55186f044824cd147c7d379daad8579dbe950d4ce3ffd06d3a2bd44d69d050606f19cc38880f3fb6c69b47be0759ddd MD = 226fa54ab31f5a78eab4f92b10972fcfc8ccad25e0ffa49365da83f27220f6cd Len = 696 Msg = c4d0d14c93058865d0fbe2e6e14e99f170cecd75c183f95343ef26bf65925fe9aab464dd005ea3a84eaa63bd4c3c43979711e39f0578e14f355d07986bcdc2819bb7d612c4f05170807abd49d8069a725cb70ccf7429d0 MD = 88e183a794f478a850856966fdedd71b14d8aba72819fb26f14d2315c67f2deb Len = 704 Msg = 73661799c7d2e24ea484299d8c8c1125739dce5cc307c327a3e5eaa879987757ad74b855b1b840fd3ec444bbe0864521b436ef3770434213a58defaa41d405e65870ccf92443f1f04aede48b5e3e7f4caaf1e8ce2b97b858 MD = ad1affd1b194bc0afc389a2cb23281244a8d80a524262b2560d58f7f6d226f51 Len = 712 Msg = d49063453b779b18933d233369881617c987fef4b18eea6fc600c1a24672d5643e0dbbcbfd345bf0c86743f2cf68413e609c300d5bb3122ee68c5f0561529dd49dec3139489475f8acc50afb9a5b7097a0f6d311829f2861e8 MD = 6768946a3a27f46288ddfd4cb7b5fc9e27cd3ba46ec959e6f3d0cb5bff68e226 Len = 720 Msg = 905888121360fe46f86dddd119076195213443f339907f87e5a05b122864a5b7ef2b3c6badabd2a74251ef5f21d63938b213f4f6f516c5336975bb572ce28fc463002b51dc766afaf2411fd6b14e58493b48e47a6aaf1207b72a MD = 145ff262e203957a88a875ef986ac484204b20d9c4be7d35ad59612764991d49 Len = 728 Msg = b752ac4adc97012119d895a800f318db6ae7e3c70344949d09e0f80550cc2fb48a860a41c570b8343581a261343b937487dd1ccce3d9378daf882af00c1daede13d851be5d7c198bc9026a29798f29f91ea422ab7694a753133c7a MD = 2f399dc553da607b1c2d490e6461664a5a2c007f1800d76a2aaf7742a86b9617 Len = 736 Msg = 1ef7001c52803938e937d93f5c853f661ce483b4262eac63d81a2389030368f841ec046289c2bfc100e012f512d9dfafc271608f3eec5e89b78ca38d6f55b1671413b4e44c9eb636915d12993f092b37ebb35d49f709348063d5dca3 MD = 77e371349c466f6c331fac0284987537c15d0430e3f0cca8f1fe2aa7c794ef09 Len = 744 Msg = 284bff3b6a683ff220f5cbfd3c2fb8a72bdb8506fcdd5b2dc50794a3422f7b14c084524739229a50c1e38e072078f1b8c1b9091ccb3aec888d1ffa651f31abe046318be2996c8243e28f593bc7bd7a19aadff737cd3bce2dba496c45e2 MD = bfaa54963521e6e1ac72b55ee4d654c041f62b73ad5a5305c58f47bb25db7cc2 Len = 752 Msg = 081d08397e1353073f8df24675588ad215e4dc3615a59d2ad9b9815aeecb9a69fa37e036f36f115e909dbb02fd8a96cad3be182947e944e3a281c3cdf1ad35d4fd62c9417dcb0b3c8beffe8e558e6bab154b78ef43117c2808af1255f7c5 MD = ea8fbe273cd2bb3ab9cc7f3640fb4e3153a028d8ba9a880b3b8219006c28281f Len = 760 Msg = 1ed6244a5996d5a4423c0106a4b8e785d750c7313843f3dfd6ac272c6eaa1dbe9abe5dcd457453e26246a3dfddbdc140d2d9bca0feb35a7f73616a428f1a567b2e9af86b1fc8aec6d597b1b55f2aa2219b3b662fa6bd340796c0ecda6c96ab MD = 8fc2263517c85d7ab8926595b8047b4b838a075a29b24da712303c3e6e597e49 Len = 768 Msg = 63188781f4e9cbd1e89a54a65da053b93722e1106f00f024ad1582421ab919326f8a6e17536d6596e3cf413a9231141733e37aae540f8711cefafe489a87c4f2e6fd942f6809f3bef3076763487de48c2ee88733c5bc870617a668c6f01471ed MD = 91a8e285029085e224987078066486b6c605cbac27e49e84f4639710ddd05d33 Len = 776 Msg = 371171b626ccea8b2980dcd33bcbb849fe57d201000bc2443d830a9be6befa2a6117d13f9177252b57c8855159ad5c7c02701876ca3c8cd6b78c931923e3f7f4c1be91e9dbc6b119dd4bc05917ee2387bf9d631f35c58b098bc2d2b5459b7a6a5d MD = e68655149dc14bc5759b8cacb7c2d2a850456a64a87af41de84f567ffe9c5e60 Len = 784 Msg = 9bf7c7d99059248589b18a3fd3b03f4a72d21d2aacd635b5cc71b86d2043180d440a6a62a2160f5c3afd93659f8fd5f1420c6857f3953adfa5e1731c7231a07cdf86111d60117fe21febf3c7f906e271c9649d0aea86e94bf728e9dad52b45d7f4d3 MD = 385b95541558ad0a9a20cb91116eda03c5a694ca95eab1caf5c0d1501899d3bd Len = 792 Msg = 1973263a26d4a418c691dd5f5ccb7dd7241ebcae24ccebbe60174c0f4eee279d89cc1a5bc9deb177136437e02d59cb065556b6e132b4fb340bf1301337548da3d5d44321bd370e25b6770e28e969d34495a0b73c059070bcbfefe5e2ff6141fc635346 MD = 39d8740d56e58f027a6af13cce9b6484b23fa6b3693354175c034ac1778a1a75 Len = 800 Msg = ec8ee65cef05452defe832e0a3a3ba6116a8d5d6a8638e2e566f63fd3c0aef8758c6c61a9182a1a2f899bb774d597a79c5b7525f0a40e74c845371a3d78e651dad865219b5bb0833eccb00171be5f898a081defc724eef9a606c20a899dcbd4e713550fe MD = 3e7a652d89df9ed7cacf53d033997c87528b8cc37d59b8eafbedbe4e8e9c5c3b Len = 808 Msg = df410a8b65f17139fc8eb8495df813b1f6f9f1b7471c7e628cc36d2e9c74f60311741a68a9972ef5ec5697060f22d3b719f8b90c4436016fa6ad066010f7cb68370a3c4e110eb78e826ccb07382840f4d470571d4a75524f8a7937096029d278982ef9a567 MD = 294c8788036098f49c23016534d032939d5e9638e3e4e8474533f52b668f2da1 Len = 816 Msg = 27c2ee5f63c114c1f61530685c19c21a4b7d47b3428e6b8265b87bf0884919628a773361e4a536f981e27e5ed1b312d619128ed20db6605ea09537bc1ba8b94c6cee75b0c1b3182c5612e3538bb95ce03aec44e247cdca1c79dafeab88b788e9772e9a922374 MD = cf027f6017618d970da83865d8da560f454ce2bd86af59624fb87c8e48beb208 Len = 824 Msg = 2f510b72ad1a26fead669ccafe9ad0fe31ce0a12f3d06bee9a6c2750fdebee6d89daabdb910d71aee6e3b2e2a8cab3f95b063ce43daf9427d7f9ad39d3b99b290d244a87edd97182f322c24e937664c94443a25dd4ebe528fe0cdf5a3e050adfe4b6513f68870c MD = 8969727f522ab392d11c3cfa7d02fa2f9b457a1de2afd360ac9b2b4fece84e32 Len = 832 Msg = 2a81eb0e6f1d13df6544c69321c561a489ff9d77b9ae11d7a604f8a201fc35c25feb945f965753536a0de1df696ee59c130a82b43e70d951b943d0563091124e4f6158a12a8be60eddcd58556f1a9e34fd354695147ff9065e0e496981feaaed440cbd3df460d5f7 MD = 3818a14b4abd900c823275d45afea6ed1df6cc659eb3ef387445f8ad3903623f Len = 840 Msg = 9aa1fa540acb4d2a59a6a3aa8c2fdbcd0a4a17b6b55508e65a036cb34b68d4f64a50ab05a9d574e1b03153b03fd0cf6db4aad6de0fcf01c655431a5d320ddcfde18bf91e510862848090c2b72b034bb4aa69b6e216858547acad8cfc76d9afde28f9ed87488c9e7d91 MD = f9424b3dd79d555e2f5f8a185933f77db95864f4b597ee805d5b62fe0396673e Len = 848 Msg = ccf2cc0cd223b80ebbd49db9ede7a22862812dbc4b1aa6c9fad07f8efe01716b9018084e2ea7616f85b7333d945c0c970f8cdd400130b98db67cda61d87ce55bd8f06e4e8f5abff22655d5d93328aca4249bbd76e10ac4a9adb7c6c04d64539d6d2209f53f6459006557 MD = 06d1cd544f954160ade83a102eb935f7f948009591b3eadaf4765868c63450d8 Len = 856 Msg = 5aa1b85ca84f24f487f69e796268826518154bd6a224583ef6c3f15c2bbb856bdd473599d32697badfefb33e06a55260e18b79a1433930751df0873c9e2bdb739e76562c3c83b5bbc67b4eb3da925111cbde4eb64669f71b36852840e45f24e563d722fd2b8f0860044276 MD = c760de5612ec9d047848727b261c8876b6c33b2c57ee1ac99da0890c009b9540 Len = 864 Msg = b613eebbad7a1860928ae7329a38cfe86f1174a579740ecc5cff1216c2470fe25accd5cc212cdd80e096e5d1f582db05579ffc73d50d3d519ecdeac706768d478729112106c627525860e99d05efbdde4c457d9a6744d5da104dec3a43fb463d4612e9e3e7b2be7e05d13bc1 MD = 012499f4e6e2af3b530d264bce97e344405ffe59c04b31432e7f0446a6ef33ae Len = 872 Msg = 823ef09a0a657d28ffe8173b6cf04bf4795a96b39b19339608d5323c6ed8cacfe42bf04121fc28d5eb439ce2d3a66bd42099437309c9326827bbb9fc29b02324cacd14bb0078650e76052f9d3d922620bf2f29c9f44317c9d82be3151c23eb6a1b6a858e11a1dbda8774faf512 MD = 08042c79507268fdcebf12719610219d1364117e66916b9e0c1a2aedf5b4a8df Len = 880 Msg = 9607cca45873add19a93dccf3d0f790e856ff30b84c8211ad69b8e628ffa142972ecac5264138423208c524c2b17e9250b780938b41d7cff43005eefeecfbdb53b4b62bf71eeedfe4cd028eaf5cb95c731dd4927d9cffdb18a1463209df4b68f5aea95f3684a11e9882605b28473 MD = 73b4086d690ace6940c01912acb3a57bfc15c4a16c40a90b4329f1fa9f3085d2 Len = 888 Msg = 5731f467c5b923c43af9c5fa849aad21ab8dd7db1ca1a687065571b705ea3ee4febdcd614ad4d98e16b79a4e09818ebb28367918f757ab06e1b481fbda822ef143adbb5b0e704d5d2222a73c0153ef14a817b5c9b7a2313fd115ccce4698e3f0efa9c73d5ab3089a27e3f3adb23759 MD = f5253b5c69db9c724aebf762ec51c221f8a4d4e2174a4b7f56e4d69aa44adfa3 Len = 896 Msg = 92b23c0bc4d8d07d22e28812710dff06cb9bbecea2c960ac0200f480164fa2e1ee19926c7f0b095cec51d55c040aec990bf9501abd7d355490c366f93a3ae5127347d14dfc3b8d98e0821feefa1cd671b75230ba1da1fa6d0cfbb910c42f491da8a5c455424ea65886db2e735b2d07b9 MD = 55a0597f11ff71c426201715beb585f254bb31c1dbade533f04e499c3391ff79 Len = 904 Msg = bcc51ea0a66564a171dabfa279e384f4d9fdcba38028215788ee7d78c3a2769596e6b2070a6fa2d1200d6ccb65e52900c7015154a70c736a2f562ac4e61f4c2c81116453fd0e63b9ea2c92cc0afecb541a16e90ef0c77d97c630c38cd675d4f027501ccea6c90f1f784118ed8fb5d2b97b MD = c16ca79c0ab44f39da1c65e8943ad2e90888c3d80b5e3b3b1bff59408b59d6f3 Len = 912 Msg = 2183bf5465b18359a451cf3030bab07fa761d11926444c7dba88c0a01760a4ec8d32db8837f588da76de234a9d3bcd49ee9fe092c63fcbb0149c1dc10f62df792990276a3edaea82124c12d5fa2fd09cd930347e4ebffb0f2cb6a8972b3bd614dde7cc82e328525960e3c358ae5e6481505e MD = 7e5b4bd808b900735c0fe665da9437dacaf85249df653c6ee72fb296e8a9b8bb Len = 920 Msg = 959ba94b728a8adf53513521022558183a632e24ad82a3904b47b966c2372a8741524ffa82fe408507423d7aa4344dd43db52482d15b4a03b7af7a3328994965fe1808b1bb36ea90cd3c6aa61122e7de954991bca26d89effad544265ecc312553559b18261bd0272ea7834a51d56f5fc9893d MD = 85c2f125e6d11f831807820ccf0a53932713dbcef3e23b0e3c0aad8f89139cc4 Len = 928 Msg = 30d62ff4263a731a205069cf7c0a0db0b50d3db13f08c00fb24586862b7e31c5eff1d51f52b6fc83d851eeae99842f9fea67484b39baca933979917340b1467ced9327840dc60b9cbf02a042d7dbf8d881da445527d2df3b94718ec9591606716fe2ae8c1f12a74d1f8c0af3feb77043c190b836 MD = 4543378ed5a054557889b4634d4aa77bd30726b797235010d6a4920bf9cc3b40 Len = 936 Msg = 3761a4861249c4e0115b997c2c87e85e5ea2bcaf44aea31ae65c1975d5cf45a476a3e3ba9d2e82625d05ef7e1fc2f10df205365222b98e330c9957df30f238b388aa135f19813444c797cf216d2fa9ef2db2150905f72290a3c1130e7b890f59167e1abbadcb444ff61820ae3e5378cbb8b03f1c15 MD = 088167f12e82a45698cad25b405da5e24a0f4515b28b915bfe799d0990723598 Len = 944 Msg = 6e26e2b41b80f26b87cba9bf5e11b734611e89110c9210157634c5667a89eaca14a612190d42e3f3db0f1baec34bd1924091fe49a8f63b910d51cc3461dade3adef70d5da55229bda62f3ad5bffdc1ae282a41520e3cfe847e1e05ae85b76c1b96c1db662bd94c33afd20e1c9c4f10efe1915c16868d MD = ad549004c75fa7818dfa6e906062a850589f7a8d17a1c411fc955168215e45cc Len = 952 Msg = fe8b3dca283022daf7022a88dfb8ff61847509c41e9cec4f22e652971fb2ea1ce59cb17ced5070e6f5a185d2ebd5e7ef0c43655d4d212e1dfa9796c69d17177921f196163722e8b0f96d953fcdaedc958d6af794e5aaa09dfc0ad34b560dd662f9b37702ce4e95214b91e1384feae63b4d1247cfade248 MD = 37a89a63b4a30e6a21549a245a2633ee5fdb618e6749f60522f5ad03a34d4465 Len = 960 Msg = 04c48b4c37a0dafe8ab2c517eeb472385661001376296ac5ca2aaf67db5c30dfbe0b59fcdd8b83c3fa271903705afa30bc421f6d3d517eeb38462e721f5bcb3d13c01c0ba749f373e7645578994ddb5dc28558bb6c80bcd0a79d391ace5ca4240bcc1da11d42f2b75950c19deff5dd686f12f3228c1dee1d MD = 29a6b04353ea82f3f2a28503a125233f8afc5b601921637a0a24b83436abf9b5 Len = 968 Msg = bc43ae59c1bed74fd4eb61be97b0276ec5adda96c67c3b4680378e026f3b4baff82c16b4fa3af159a7a2b1729277ae4208a2bf9aa42866411eab47986434df7eec2f727248b745f7fb140e3d8b82a9fdd7340ca5ab997db592de0369ebb41a983f53aadcd2bf3af3784a6165aa5a7e67d96ca9000259ea6a83 MD = 6e1244587179eff28881bb80b02d193908a4c4d014b4da5b7e93c09e2b2964f5 Len = 976 Msg = ddad789728581044ff760f79099e01a2cfc94ba27a070e22de714e28b85f54eb34db50e6b355432bca981cfa8efc21920fdd9147224d88d5640622f47ba2e32c9f0f57eb5a3df5d58b19495bb1bf538f66eb2a362ab1e41f626fbab4a0ff68cf2531d3cfa578eeea4ae3dec5fb4f5d41dddc5c981a9decaae294 MD = 6e3ff96f4e4a722c912392b3b5fa20ae762ccef244c011268720962184383a66 Len = 984 Msg = 8c7214e14eb6e0ee14de3ca0edcb510aec5079b3d143ff48e5d3268d261b6c99a4f80f432b18d1d82254f80fb3409a3e2d0017cda65de7ebe41896817e7d0c643e3c12cfca75121083121e81ae5934bad2c1c105600563139978f3edad98c32c20e5246d72f42c00ffbfb6e0243fa9e8a33d7e434965fc25ce9c46 MD = b4b4e5edda4fb4f7c0e734cbcca3c78dbd6f2c9a997ae85a6394108cbc5c567d Len = 992 Msg = 3b766fbba3339959b194163c36b4eb6505ac17e7b24e753e9916e3e1225da41b44d0031648213939d0fc91b3173dca587a60bdad3838403e76e449388600573368180d5091622084ecac74331f9382010ff6fde5a6aab57fd46fbbabd323c656b036d590075e16e30e8c07e3d41edb07cb561fb7850b9da6bb9e8162 MD = b450e083d9f3f58284ef80023e3bacb1826e560a22f6e6625d14ad1348df96b1 Len = 1000 Msg = 6ed8a9f9f2baf57e659aed127833edee9025a8481cf61d772556c75826a714f01fbc1953e5e184c4bc1cd21d27b3c272ffee09f1c31e470c2fde3adb109931bb564dc43c6b8ec33ac3cd6c49b5dae15789a8d98cd2519575fe5916622b378d0c3c11137b2cc89a27a334235ec7b132e555da7fe2f094eff9b94fc2b61f MD = 17312a26ef9b41ffebe31ee7ee51162704a2f05a5905ff8b692fd603942e9668 Len = 1008 Msg = dcb458193c4ba82a45bfdf028000841e4a8c671f8e2b841dd4dc2a3d7b0f5d86421478f00ed417bee7bf330e43058faf87095332cb13f744dd44633b89d055ee186702ca17f400225a8a63c7409b27d9376ccedc83c5490e3ced1cf896d6be4466943ecee1132cfea60ab754ff2b1344639d1e4540ab4225f8be9d9f2988 MD = 9392ce14d344de05e4f87f634b457079343e270fff5b5c7b731e9fef137115dd Len = 1016 Msg = 3e3a52d3261e1194249786d6c0e18d52d92f1c7639f079c26c51aa72d1032e5df13eea1d1006667002ad39de4099c29c3b4719b1f0904557bd2bb0a47374d869ac6b465b5f00c470b18ecb8c0ea53b5d790c4e832006cff534d587a0f77df95117ca4fd43a94935eda422228538d5e5d3a87a436f1db7e63785619ae86a6f9 MD = b34e72cefefb63d6e309bcfb4f0b1d350f2c5c582de3b93ad137f921a92a7e79 Len = 1024 Msg = bc8173c878ca60e9a0f823f9a589d4ff84547b389b117fb6bb1b614e7e75a9b1db0b21d9f73b42a73e94eccab3de5ae2845a54e5e24ba6c20fb4d245b964023b863040d6f080e953530d5fd944e8ffa525bf5364f65c88e06e6e22df4b8cee48e67738880a9f3f3406e9e6f001b0ac8f8e0ade7c814c0c5800d0b9e4ddf55622 MD = f691d01ee9ab675f3872313b77e6a4543c71e3e89aa94c48f91d6ee7fa1ab4fb libica-4.0.1/test/testdata/sha3/000077500000000000000000000000001417716165400164015ustar00rootroot00000000000000libica-4.0.1/test/testdata/sha3/SHA3_224_1.txt000066400000000000000000000775131417716165400204640ustar00rootroot00000000000000# NIST SHA3-224 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 224] Len = 0 Msg = 00 MD = 6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7 Len = 8 Msg = 01 MD = 488286d9d32716e5881ea1ee51f36d3660d70f0db03b3f612ce9eda4 Len = 16 Msg = 69cb MD = 94bd25c4cf6ca889126df37ddd9c36e6a9b28a4fe15cc3da6debcdd7 Len = 24 Msg = bf5831 MD = 1bb36bebde5f3cb6d8e4672acf6eec8728f31a54dacc2560da2a00cc Len = 32 Msg = d148ce6d MD = 0b521dac1efe292e20dfb585c8bff481899df72d59983315958391ba Len = 40 Msg = 91c71068f8 MD = 989f017709f50bd0230623c417f3daf194507f7b90a11127ba1638fa Len = 48 Msg = e7183e4d89c9 MD = 650618f3b945c07de85b8478d69609647d5e2a432c6b15fbb3db91e4 Len = 56 Msg = d85e470a7c6988 MD = 8a134c33c7abd673cd3d0c33956700760de980c5aee74c96e6ba08b2 Len = 64 Msg = e4ea2c16366b80d6 MD = 7dd1a8e3ffe8c99cc547a69af14bd63b15ac26bd3d36b8a99513e89e Len = 72 Msg = b29373f6f8839bd498 MD = e02a13fa4770f824bcd69799284878f19bfdc833ac6d865f28b757d0 Len = 80 Msg = 49ec72c29b63036dbecd MD = 47cab44618f62dd431ccb13b3b9cd985d816c5d6026afc38a281aa00 Len = 88 Msg = 502f4e28a6feb4c6a1cc47 MD = bbe61d85b4cae716329e2bcc4038e282b4d7836eb846228835f65308 Len = 96 Msg = e723c64b2258b5124f88405f MD = d09da094cfefaad46b7b335830a9305570f4f4afe79f8629ff9d0c3d Len = 104 Msg = 0d512eceb74d8a047531c1f716 MD = 29ae0744051e55167176317eb17850a22939d8d94ebb0a90b6d98fde Len = 112 Msg = 3b9ab76a23ae56340b5f4b80e1f3 MD = c0903be96f38051cfc2a5ad256aa0b8332217f450eab904ee84b6541 Len = 120 Msg = e9fef751a20297ad1938662d131e7a MD = 48eba36dfe0575597d13ca26133267199dae76d63d1b9e9612720d08 Len = 128 Msg = 2bbb42b920b7feb4e3962a1552cc390f MD = 0dfa61f6b439bf8e3a6f378fe30a4134e8b2dfb652997a2a76c2789f Len = 136 Msg = 2254e100bde9295093565a94877c21d05a MD = 6965256463276dbb26ad34a378c4bacaeae79d700283b188d44d73eb Len = 144 Msg = 784ef7adecbb9a4cb5ac1df8513d87ae9772 MD = e918a5d52a0d42ab8ba2ea386eb6ad83cb8dd9a6bd461506be356ead Len = 152 Msg = f4e68964f784fe5c4d0e00bb4622042fa7048e MD = 765f050c95ae3347cf3f4f5032b428faeab13694e8c7798eafb82475 Len = 160 Msg = a9ca7ec7aaf89db352fecba646ff73efe8e4a7e8 MD = 65d6a49739c0e287584ff9d1f3463ce2e555ae9678147e21b5889e98 Len = 168 Msg = b2f7018581a4e459cf9b9d9816fc17903ba8033f13 MD = c6837f12227bfbd86ccfe794053ce3a54052c8ca8430f526fd64b5f2 Len = 176 Msg = f50086b4dc7bca0baec0076a878dd89571d52e47855b MD = e39aa96fad581961bda032ed33dce36defde958baf9bae5dc558cf89 Len = 184 Msg = 6e6ef963f5000d0b91b0ad537ddc9697f8db8f10a3d5ee MD = 66dcb292b4d6bb4cdd4099b8e7bfea9658680c92c51562c091577056 Len = 192 Msg = 12a7b1a73b0b26a66362ec2a91ea5ff11af49a7a148a8cc5 MD = 6fc91ec8ad448173f591b865ed3eb89115a278003376523c00e22f2a Len = 200 Msg = 8a4768add4a9bd7b3f27461220ceae0218cf3322f4d2a980d1 MD = 9a88bc64e743f2acaa1670cca7e201a299e1cce6df7015b0d2535213 Len = 208 Msg = 5c5b8c1902c8608c204e72a813e2b625021b3182c48b00f7fe4f MD = 31802a0fa9ae7ae88626604ad9ae41381d6f7c3c90effcfcf70efcf7 Len = 216 Msg = e89e5cf07afb4a58ebeee17ff596d90b3274ba348f14f284fff025 MD = 3bc9b7973f55735b612ddee8cc7907a3f1429b06df7cb1293b989802 Len = 224 Msg = eb9e1143782a0f9fa815261c2adc2758fb1d88ffe40a0ae144189a48 MD = 9d70d22520094a113297a192ead33e316924fdc7a2a9f8ea7098b84b Len = 232 Msg = c4ba3bff885fb78357221a9a903bc7ebd11c771faf5789e5aabc993a5f MD = 7b0212b4ee0b14dba62c2db7a765ac56db46e0b06eb744ee35726ddd Len = 240 Msg = 07810e6b785177e52d0feac0394f3ecc41f35aa08ff1ed8162575f85888c MD = b413d6f0cce14b7a1044a14bb2803d53bef907093769a5aa63a8e316 Len = 248 Msg = 01c742dc9ab0b05df925d4a351e38bea7ca7ad783594e22487d5b8198583f3 MD = c42c707ddc7b630939544adbdbe567a333ac88c3b5e738dee8f862be Len = 256 Msg = dd0f85b55fdf56ba254e06f8c2b650cc6b86bf28a14d714011141a86b8f14bd9 MD = 0fe92469297c2c34911eae424710db6d312047898b9756edc5c2deb2 Len = 264 Msg = ddf48f4cdc856c448326092dcf6bfc4ebcf4b36fc2e516eba0956807588b6e827b MD = 6cd83ba70e1bd387d603ab14c9fdcbf9862d2ebf0987215f011abee8 Len = 272 Msg = c34d1f8729663569569f87b1fd6e0b954ae2e3b723d6c9fcae6ab09b13b4a87483b2 MD = e57e1d24dbd9a30ab311291f5d6a95530caa029c421dde0b487a577e Len = 280 Msg = 808de7cbf8d831ad4f17eb58031daed38bdab82f467f87c6b2e3a7c5de25c8e8229413 MD = b3c13f11227f4386afdcf7663a120990f27da205ffb9bf83676f86dc Len = 288 Msg = 5204a0a63707bd1cab67a8797994a052ee73884b325fdf37d86ef280b3f550c9eb4e7fd3 MD = 6aa1060f84127bf2c988230a907242e7d6972a01c6772ba0f7b8bc86 Len = 296 Msg = da9439bd090dfc2eccc1203a7a82c5d6467fec4e5b0a2b2c2b9ea65b03203a8ce365fbd98e MD = e8f0929f1f6209d41185292d35ebbf5a3bfe5492713b06d56579458d Len = 304 Msg = 668bbd38c0ad0881a7f095157d00f29b576b01ba54a8f1392e586c640ecb12b2a5c627a67884 MD = 75dd056962c5bb5d6f616a9f57892992946d048df57c0a36a40a365a Len = 312 Msg = d63ac3bcfee3a5bc503cf20fe8ff496bf7a8064769870c8fc514c29b55825b6288975beb94ba56 MD = c694da941a7a506cef471fdffb5230bb6c3cd2715341033ab7268e9b Len = 320 Msg = 985f06121aed603171020badc2075fd33256d67d40430839575ddaa7a3f1f22325d06ea40252d5e4 MD = 29f8846aaf234281b515ea1d45674535a6126c38bd959c1995cad7c9 Len = 328 Msg = 8783849552be4540cb24d67996a10d16444b2d936d2fa5fcff51fb0dd5ee03998c0454289215fce47f MD = 84502256e3f4291ef4d15e8705e579951fc0e39a2d58fda74852551f Len = 336 Msg = dab31c7b3f40825aac13f6772771b7e7fbc09fedf6eff778d51190ecfd4b0f256cf189baeeec507e945f MD = 97168a9c3b07ec4987a4cf1f2478731fc674f56a2caeef074590ed6b Len = 344 Msg = 1119b962bed5815734af7827ec536701a494ac5d4ab83eea1b16ecc80ce4e5f8694a7d11bcba2e34f084dd MD = 205d89e032f03c8519cf43b720478389b1788f3522c3d347febd2c70 Len = 352 Msg = d2c45e2c1fa0c44efc84e6c0654cc0d867a3e33733c725aa718d974ed6a4b7f8f91de7d3622b1e4be428de2a MD = d483e39b7add050eb4a793e54c85b250746e382399c74736f33da890 Len = 360 Msg = a873b148fe1807b89cbed930a7802abad6ca0442340e62ed21b84ead9a634713bb4de5648208c0eed6738d9cc8 MD = c86bcc12a6ab792c149aa83a6783ca8bb52b0ca4b2c12661c0a25d22 Len = 368 Msg = b3008f6f567d1eed9ab5b3bbce824d290e66f66bcfcff7f9b8994835b4d54a4e45c9b8651b37dbefe5e3fe5b674f MD = 23929753ad07e8476e7bdac8a0ca39e9aac158132653be10ebeeb50c Len = 376 Msg = 78d073b4e13f6850dc1ca36683abac72336465d790eb3575c942667d1e3ecc849f37a8d73604cb0fe726ffe55744a2 MD = 6229233fc655ea48bb5b48b73a081897d855f6cf10478228fc305842 Len = 384 Msg = 45325b80e043c0cdce3ec421ecda529481910c09730128b4bb927dda1659ddd8fd3ca667d857941e6f9fd939a1c57098 MD = 776aa1f54e038f390491a5d69bde7a2dbcba97c35574ebe60c9a772f Len = 392 Msg = 3bdd6821d938fac52101fbee5d6ba191fb3b6cb634dbf42cebaae57bd897481ae5ee04e2d871a4c333ab5ab6588144f2f1 MD = 62f8f3baea6dcf5af25d53ddfdac0bdcde88e3895df567c6c416a541 Len = 400 Msg = 86fc66f2618c98fe9efa1e3ac04e340385dc2b746cbc0f7c757b88342810fe70d81200952928e7aad0c0b6b19a044537b009 MD = 20a21eb1d3130a4519ce6abd5ab6817081ae1bef3603056476a00e41 Len = 408 Msg = f2a6168e7f92d313fc30f9e6f825a480916216f02e0308db70773ec165e25e81ffbf0220c5ca0cc6c91d3a09da99fa6efa877f MD = 5d6e5c82574f5e5c0339d3af1f9c28e17bcddc306a15187aff5d3dd7 Len = 416 Msg = 5e3b6b75b54f21b8016effb39276f5e7f493117ac4c0f2dec38a80ae2917dad83c68900120db1325f1f4697e0f5c25a8b92a9702 MD = 5dc2147f1cf655dabb5ca4b2970b4564eb19ec456e6f966bbae19762 Len = 424 Msg = e7f17c131950c06311f47799a0f5a6b4996f4cc890334450e1bd6cc6f5670771c0dc607f8eceb15300ec4220510ed5b7deb3429de6 MD = 4ce80dab9f933112a3fd78c1f76434b197806eddfe35cb0bdd845c15 Len = 432 Msg = c9aa3d0f6d878db11235e7b028f8d67e2ce26eee718f308e21132e377e3170e26ece95bd37a4bd7f873ba7f8b71517ec50297b21cf94 MD = 5963b41b13925a90c9e8fbcded9a82ade8aae36dee920199f6d6ac7f Len = 440 Msg = 0f170afafcefdfa8b0de328dab30b4e44d98d6aea2bc39557ff4658fce4fbf8526d8b5359f173c14e4da7cf88935c9369fc7d607863f25 MD = fe7e59028c7855c37ae3dc5ee324864cfee6b8bccc2c3b5a410b65d9 Len = 448 Msg = 6b2b92584146a433bee8b947cc1f35b617b73f5b1e0376ac8bdadfe5bfdf2263b205f74dfa53db7a29e5078f5c34a268119736ba390961f6 MD = 132cfa7e71fe0991abbd88ef588ac95ac9289b1d775b42033567dd33 Len = 456 Msg = 39f7a94312bea1b4fa989f5a6775df538f01704120838c4a3104256478b5c0cfbe8b86e2912c980b390ea412edddb69d461e50f9f313bc17af MD = fcc59655b8fec1a3d878345df9108bd99f4dd0e5218a55fc335e57f7 Len = 464 Msg = ac582b5a4bb0c5e9c40d8f277bda9de3d07fff01e820a1cdaf88708f1d60be60b9a5e83b5c593657387802b4182d1df4e9466e6d7ae6dc7c8079 MD = 5c2e10fae8f4304cd9361690e5d2c4cd15f10a7b14ea60208739579b Len = 472 Msg = 072753981998453438a520d9de2d5704292910148b8f794ec3765b240c7af1b79462fa9a2f000dd94d592d3a2a069dc244daf57b12c57675f3f89b MD = b0d290a6ebdd950811a2715f354b0d8935cb610a471cfc5dff5e0660 Len = 480 Msg = 66a9a6d0a322ed2852378af82c0a2c027b1082098ab750925a4dc2e8961d0062c9db02e8cf42a6b48afb0056d6c1f1fbbec3fbeef049535f6e9b3864 MD = d683488c8420eb2d61e528ab0a7b73aa780a085b9c7982293b2ac6ad Len = 488 Msg = 18419a8498d4e9bfaa911748186c5753d5da5aa033371ffc56650d0ae9b73f430f0d1f3c9d40362786c0429d977b899b64016eca82e64203f6685c12ee MD = 51d0cd33fd6579b05c366c6fcc653638b7b13b62798b99b36792cdc4 Len = 496 Msg = 4fc52009d58a0fc2573e83fa335b5c1df8c14b2e6daaf05bd6e13fd5722f28de4816772424c2f94ddc3de0d3d7e26812d014bb9fd83012dc9abf1ec9e3f1 MD = 630ee2beaf1c1592eaa6263fc562a260b6054e9eab1aa19536fda170 Len = 504 Msg = acdaa28692f334732088f5efab2c7951fe0f845b9e2c6f1253c3cdcde30a4e8d2120e38c26422219df41eda2c8334e13f669a65f5ba2075b467eded32936d5 MD = 7d4991d54c78af5809cd17024cadae783c6f5a1f0feb365b532580c2 Len = 512 Msg = d1593cd338b7a25bb5413f112a639fe31c981e505c81a820e638c25209e2ce56c8838a7c8117dbadccdec959a6f7cab0cf304315701d4ccf0167b4026a6744de MD = 84e18330723e4f90520d0b051a9bf9bd7b5c7ec0177803f15cf740e5 Len = 520 Msg = 8cf8ea25310126ae1fdce3c9195395a9d45051a2a3f08ce154d8265b54cca7031a7ec840c3a3359efa4c91c41b74baa698d54ffb9b0170f2edadc5201650c2bdc6 MD = 75de14169d16a9902f6e8a3359d94594a889c4aed9246caa6cf5612c Len = 528 Msg = e0320fee19af5bfd511a23cabba75acb0815525a3734305aafa49c1d8bdfbd853579646a36a7873c4cfff2eabd7e3902eccff1192aca1f6dce3cf1c988e6aca9f2c8 MD = d7f2018c303ee045de4b8cdefcfb5395674e3a8770d65f0757b4cd5e Len = 536 Msg = 1a424ecce1a82c47742171a701ad6e0ff1a762ce26f8e332818a7fa1a800a4e506a4bdc813a09ee1d57222ada79a12e2399549ffd80f1628ef55e231ce0913f9ab1930 MD = 277f96fca5d9ab055fae5d4dd10cc49c2237bd38d95bd8dbd168ec21 Len = 544 Msg = af172809570cc306333c25523f863c6d0e0154c55e404722f0d4ed419713dabf8e18493a0e0b53b220a36535b1e8f0bbe43e624fac9f566f992807b6f2d70bb805933e2e MD = 9581170093600cb67063a314d8decf109ff9368ffbc90ea2d3250577 Len = 552 Msg = a62f4b43250cdf3f43c1da439bc5e4224b15185b60d615e38e3c512425aab145401b57ac3fc0bcc178eafef52a2b7b04b2b89e760212f96c4ee694990831858f0fa7c13c24 MD = a0f5775a2d001a66f0882ce1415261994021988690840c6b4a3470c8 Len = 560 Msg = fcf81c93f917bb06f278f48826ef9ca8ba99ac8f00129fd9f8e81ca31750d5e54818af0331dd239eb77ee4b0c4d0c2d84794cef27da6bfeb707794d3bdbc7b349968f2a316d8 MD = a97a74fb01fec5caf3477220eef6e7c36d0ba4199ddc755f7ccf94ee Len = 568 Msg = e61d24b500581734c29902ade4c5035c090868df9f24bb330609fcdff4a72d6f18001424fd813cea32923d8aa86c3d215b2ab7d134237bb62e78f61cb9e9b4ef5ced23729d019a MD = 40758314f1abbd43e0bc9c73a1c7e24719d56eebcd967b39d355e978 Len = 576 Msg = 37b14f04233dfb4da5e5bd1852f77c41e25c4926936fe414c8108200f6f3cd78c03e2dd9615446c14bebc2c70d65506a7a5dec4808806291769e0dbab200e576f9fdb9e240c8b8ff MD = 2d36af0dd95619a96c5664d8987bbb82d183466ff44151034fed687b Len = 584 Msg = 45efb0a3d8fb7bb683913459727e8756d67959cfdd4f5b80e13ddf45e09debdc2cc68ceb632d6d45a2d0a869f6d4dc4c136c805849fe77b4b381e4c6b22a3ff69947a9b5aa6b7cbe42 MD = 125e983229f65bf01b59a9b619810a88f1c53b4c3b1960b52a205d99 Len = 592 Msg = 9b6c3c77746219dd88976966c68ead59eb62aa3cf6647798dc06d4fc7ef8bd44d8903f1b7b6f8bbf3d6249052f862e9ccfb0d1957f0bba233603bca0766286d17eb9746bc002abd69583 MD = 762629518833ba68333fc3e3b4d482c60b4e0e828872826b68313315 Len = 600 Msg = 9f452f900219017199edfc5d7d86a162d9750bba4cec77428ed1032e5711b6fb7c37c1a65b3d041c7aa1d4f16bbcfc54f35001436b60abfb6544c0b393fc1389e5c5bdbdf2eaab1d99dd59 MD = 19b432f5c38f665441d36c472d386008a5bbd82aa4eabeaabe3d28cc Len = 608 Msg = cbfd186592fa68dc3a21d62db1ba55121f58fecb11695859d70bd7ed2a21a2a013a699640842973b571bf4a7c8ee4f617d5e8a4d1e8c15ae33e77097d146eba27934b1e33d8a041f2444ca3a MD = b32ad13ba4a0b9fc1aa9a1a57bdbfbebdfab71cf5a16e06040f75787 Len = 616 Msg = 173225324c6c350ddba227b89a651e576d1ab6a96895453c33ea61ddb37fa253e666a84d0fea609814688495246161eb9cccdd792cb1b88f36f3125d766e2eabe84175cbe66dbecc91a0ccf173 MD = fc8feecaefffdaa966e9536b91dfc85ea5113a01d6b320677d727a7d Len = 624 Msg = 6999f398407480cd43bafdaedb8624d9ba0972aa5a2f3504a67fe54ef744b7bb41ea70cf8faa771fac6a2f5823de83826af4c3865b6faeeee3d1d0edfe7f0e9fe3207f917b467d841850fc6e648f MD = e7abcb4c0f218814ecf45fbf28a3f286d90c5e740aafd1647437c1e1 Len = 632 Msg = 2727eeb1d51098c69fd8141d78f21275b2bb949e7115fd3860526bbda25547c20cf31b79919fa37bfd4726c4e77906ffe0ca9705f1782da0454e799422c815e01e785d418fa881f84341d8cd71ec77 MD = 2be332c873ed4fb70bc1916c76bef2cd3385e674b83aa1ee8ad28a01 Len = 640 Msg = 1f48a5b401d88e6cbe37f3f634d55462865f7cde7990052a1e4a1e4cb2e58c84c2c7ef82923447d7c068b6aa25e388acfc05704e46da14316d37ccdd2706a7b79ddeb02dcdd76f342c9cb2f490c18dc1 MD = 448b70f575a8a1eb74030a985e9c504d4eaf6b1814e1146f782c9af5 Len = 648 Msg = 6dce9a9ecb48b9da8aef51a89e7f7fc1a6a78966b7bac0ac5ba7ab18d92b616bb74537bf7eeb9bd3bdfb40a450747c3de2e6eecfb12763049148fa9134c7870ba80636fb21fc7134f92b0364f5d27deaca MD = df855d544e17f01125022bc18e9ffced12f3cd39674e68184657ec7e Len = 656 Msg = d498b6901345afddc5aa50cac77f7f794d7929eed571d95b59c289a0c9f3b812b896bc7b566f5a639ed9948ed066c2c622c6e4dbb2ea37e7c06806d61a22c326d72356ec48c9b5182c29b5f923af20046605 MD = 5b225c29e4547777a2c6a1a2bbe9da2dc6a8c6d0d01d8d8022988be2 Len = 664 Msg = e958b80489aa6a38526244da165dc4464e7961e457f763abdb23f7e48d368331197b37cd5ab1e515ceb1124848504d8be587bf3041d10437ebd53915164556b59106bebdf99115122d99529e02ee155138a13a MD = 364a988400424557a9c60e4e1f32f0855a3383c90b007d30ee3ec333 Len = 672 Msg = f33ba982bc2c3308f948a1b64c7fb68fb891bc05fa18781b1dc95dc749f7009adc58cca2bb0cf790ebdbb4165bbfab9304a2a6f234688dcf273094dcd8d7b38416be57cedace5783d8b92993548256b5373f2b4e MD = ca37e52f2843a0f65692c5aeed0169601da3275dfb3ee6d81b467f60 Len = 680 Msg = 8b5d77a906c7ec7563af7551a796e5d5dcf02c42121d7b13a49aa9d4bc79d637190e4e6510ecaf92d1104fd4ec5bd8351446350722d1b2775dbc5e65f8fab473dc637b5ca8a9eb88f68d11dde15275d7c472f9db43 MD = 9337537de482f0cf88cad6b86e195a1e422e59cc60d41d0eca8b0091 Len = 688 Msg = 3a564a84c2b48ee26da138ce2d1ae3c7933bcd65e40288406e56f30d1c48690a4998389dd27b55376f9b4e7f43607fadb16e8933726f00a3e41264cda553532761fefc73e86ed79b849b94e0895451332dc80fe39a4b MD = 88eab3e16ca8da5716542bae3c7c736b541c896199b2cb941213767b Len = 696 Msg = 618a53989ffbbf54a76f01f9b87772491d87c8f25c58eb11b18a04f5ba8ed62574c351a466df64731c911458d765cbde83e7f29de90bc1bb26cc56b35c140555a7dcf00f5394d76a4cc531d7d5f57bac7dcbd06a4f73ba MD = 4a727cc6b4bd93d5ff2ecb81ab5057dfdcbe3e0c49436a58b9ff3ef2 Len = 704 Msg = 31857bb4e82497b526e426de6920a6063d02264d5249feffd14abdbbf03563d4c59ad1f7572c7d0efbc46a65dea9580bde0e387c9edce27cd9b20a46f62a70e6dd5f58e40aac3a22dfb6ba073facdadd58cd6f78c02bd219 MD = 9e614fc139645e158cd1b216e2623e586242af64f8483e6fca20ed4b Len = 712 Msg = 14859008c83f2831be4d6e54b781b9fb61dadc40c459a93ede11b4c78a7e5a55a71701427526a03b42d883f247904813cd812e7a947c8fa37406aa6145aea6d3fd9ed494186f35333d423ce31e0cd473a031a5803c5593e9a4 MD = 545fafa43afcaf38063d8a312c3a27e0d74bff957f8ef4d51cb29698 Len = 720 Msg = 267a14bad702ef0a8468b31c72715f0533f6b97e6e943839dea420719d6defc5a399f84689e64ecf931ee395ee49f1fe362199b73cc6cb0105b3654b16f19f06ee8aa6b5d5418743d4804f9a059270710d126765e6a49c4ce2e3 MD = 9b9360a5c747e6e1288f6f9d971051ffd84641f6d64e0a4b5142e4ec Len = 728 Msg = 6c98a8eb3ea4451401e0424c10cb722683b23f75ae254d62eba75abb9aa9698e65ba1ff7c9f86d36d1ca6f0425d19428441b00450e9a2ef685d5da1cd4de1e779184db743fc95a461797333808ae6e42fce1e9da5d82f90cd71b54 MD = 0c6f33f9534fc52f3700f37b9ee678b4c5c8a90b1a2eb1574002e377 Len = 736 Msg = 4bae62a008d9fdba351a1903c66d58e587361990f7c9eea05a2f51f90a2892f60e6c14c4ed36b908c4039bc89797fd88e54281b37f619b3d9a274587229ef48351e8cb1881cb0fc83e6ddc90a05b160fd7d0a1eb0835d57158e42c7b MD = 989c156ba1fd1f70deb378e46ffcbf6f2cf9cf977a92ac51643c97b4 Len = 744 Msg = 83ca6d4ebdf1c04062ca1abb977670ef9bcc889906935fd64ff4c739912e541b8f8c7932f595ef66e18256dfa1f51f63bfe7a9df3ae2aa431771d19318d6aa3bccfac1a4c8aa0a0433ff807a881e0d5a9722aac6cd57c77eb6a9edf8c0 MD = fb831f2456595fabee9d458625283a80bb4f8f031e9abdbf48b7b51e Len = 752 Msg = f4c7ad8d24ed5a682c473463e85391050c026fef0b0e6dca388e1a7e2bc872a46746a63f3a2c1ca6e4c8b7c5fb6b58850d77a58988ba091bd7fafb66ced184e548bcfb1b0e6e1485fb6a19cd5ed07640a0777b82273d5e80799b7fa7a57d MD = 13bee617474b3fc3447025f2a488dba8825d46a4e128b9a8bdeb1b85 Len = 760 Msg = 5f81c5aec92385bfdc55ebd600f23cb04ac9d5c7a1396f801ffea1a6b94aa617231761bdeebc9ec0f4bf9bfaf5ebc7ac82a2c96f1a74c46d94f0dad0bcb9ef7b41ddaff8cf63d2b278239e6558dbaed2797ef3b7f4cff8fe592f6a3551b3d7 MD = 143a6f0a20d5b4dbc5df64a7e50f9985631453eb09ded71667709083 Len = 768 Msg = 0735cecaedef99bf4c53242f0552f49f56bbe589a2f611af75f4f3aec366cdd6702d46391512580202b869097fceb8a45889fbbf9852472f94bc2f432bb8309c4d0c4d3fba01f6e90c5c2ea3f890ed95d132c31f4dadbf268c378fac5604e8a4 MD = 9f5e9f7429e5488a843c52ffb46ae2e84228919d32330a9193af3b21 Len = 776 Msg = 9b4e4df92e5152fe1ec56a9fc865f30bac7e949fc4f62f0b158d10b083636b4de9bb05db69fe31b50103fefc5f8daf3af7156b4552ca3667a9d720bbb2e4bcdabadfd4b7f4fc5bc811faa36710a9d17758a98d4a0474fec27e9ef5b74f5c689935 MD = 487a6f2f875cb253de4cef18ecb4f2a54388ebaffbfc4259bdd97f09 Len = 784 Msg = a61bef838867710ff4341b26b13b8d7af7e461ccd317b160cc4fdaaec7f1805a28ddd3663a4210a7d1b64a752e866aa7224a75bf77bd0d618bcc3b0a3eed6bfe0eb2b882819e6a4cc437bd38915ce53c55d94e9e9339286483dc230d0049777ea1c4 MD = e257bc45b62d0853ba4b0f8578698f4262c31a778cb6a6317b6e6d60 Len = 792 Msg = c0bd79e0c5f72fcb1de6c234bdb67bd0d3f481b962a3a01f2d8c483bd7d5d98548d51d27532716b195fdfb0ea0b77db759b54e269e69e48e2cb07bc9c06259927d2755f48e8d9a020c58a9c9221a9d836f03b30eabf9099c8eeba6abed63bb38275b28 MD = 92df7f848ada8a9698ddc2e7452ac8fc43cf83d2ca2cadd712c595f2 Len = 800 Msg = 77823af9b8796c63baebe7ba9dcde12c626b840ea04f42d878646970ca5bf7aba94eaf110da36ce0c834b654bcac93264a349f520e505f1ec903d3589e3a4adf82687a65ee6dd072d6bc05acdfbdf257cd70a5183a54b4fe8e87d1c22b2e9f4ee817c57d MD = 819a4340938497cd8b1def8444bb03f8429b9e87bad8000002d60b83 Len = 808 Msg = ada5651b4e240335600940f207b98371f7e743988957bffe0de8ef0862d1ba52c52b6950e7b05c3542c2fb13acaff0442d33940a0e3ea67232f8437eaa02128283ffc0cfe254ac8f542be3f05fbe4e855dd22ae98a81b9a55b3d3753111210048f2b50e068 MD = b6177d179cf17eddcd8988c9108b42af9c41adcc5942c4d33b0f1be2 Len = 816 Msg = ff4704bbbd719b011244ebedf2f2355338fcc7d64844c3a0f36a21569b55f74a9710f8f3d8d83b9bcd733f5885c32b3d149a5ad137d016c03b93a4d11aff8218e8eeec6d6d12a41d1441f3df040feb098ca2f003c4c277fc71300cdd2a399a7bb98ae711c446 MD = a1072b28f3453422e611421309aa49aaebba0273c72b835fdeea1132 Len = 824 Msg = eae4b62f697cf0bf40a1c2c109143c1dde18e24f1c289aba67e5c83eef52b70cf1433bb98013949285969630054e074ca2e249d465cb383dba51561cbcb626f0b3b1d542db1e1ff168f371c7c6764b4f25ade9eb351622212e99903614bbf1fe3914cdf203035a MD = f5273e4d0bf9779a0975fee23c447b3abb1cd17c34c723d62f3a2fd1 Len = 832 Msg = 0e39e0e6933c6104984fffe115dd8cde77edfee495480aa5e5def424f066a5770345fecb28b16caa5416bc79e2b83145409bd4bfe9a00c8493f06ea2a99dd658fb87b71eb57dafe58da55fa0411e790341e31a8ba8f35bbe71af23b4e8833fd65ec8b4e621e95340 MD = 62fb7d6b3810d0fd7d96b4ff5efe7bd283ddbbeda4a21a62f985a3dc Len = 840 Msg = e32bea9ab02de7d893ecb7857ba66df2c35ed258123065ca80e2a067fabb7dd4e79839ea0b3c58abace8e97bf42b0b8d97fcb09bb606a1da0243c32d24cc98985df008f8698362f2aa789e2a82b3e5b5011853d0c0e8fbd20c4d2b5f4733f2df8c5ae02e92a90d95d3 MD = 278e06fd12a3e314f60d59a323673ba0a22003e42ac48e1cd04a70d0 Len = 848 Msg = 4157752d3d175a4bc1334fd42c204111728e7059659dcedf334ea7ce30378798d67c598a0afacca5a1c5fba923d54c72cffc9887df1b8df10d96514955056815fd2dd855d32e8b58b6fdf4d45715f636416a0137179f7eb01d786daffa924ccabd523bb31d1b5f0d05c4 MD = 1cab43635d501e43ac42beee263755b9a29827e2a18b21d7be42e447 Len = 856 Msg = 2df12d8c256cd1a127e525ac3763e30c895982eee67ab7c150ce3deae906d2b9110d829ccfdf2793729e31e478e3a310ae525e059971a29515bad2273cee77ad89ad88d63d44e98402c63180cf5eb06d0be3b1faf5adfc5c43a79ffc09a6ee6cddf9c9a039421d5b2184ad MD = ee60f0d01008cface49af2ee5780ccdee37404c37642008a55fafaf2 Len = 864 Msg = 03be6940e859f9b072660dff28a187551c2425481dd0555d2dee4acc36164f84f8505b6f467ae6f772eafcc9065490d9b4ed12a690d044bf7da14986e571fe34aee28e1d698c4136cc9f95d462c990b6815a54467da6f41c1baa86c448f37ac10bbc2ad1b957b17368ce01a7 MD = a8aa80d4c925889b58eff41b89682b92bea60c1c3995043dac312d2d Len = 872 Msg = 0baf1ac243c1f34ca5e00aed4d867f967bc2b963e93956c35b6b68da7737de23d7a1405a5dd4a099c663cdc182d4c91bc35f7d3fd5f3ac35ad7a26dbc45e3e86264c7decc538984214a1a0a1d11679ae22f98d7ae483c1a74008a9cd7f7cf71b1f373a4226f5c58eb621ec56e2 MD = f12f7a1c5c1c383a2a5fff8932e2ae9dc342b37652d47356ffc1cb37 Len = 880 Msg = 3c29a8c83e48194a7b87b69e376a06063de2449bd171fa91e58ed2bc904ba853bb35e3f51e7c06e96b5482aac89acfa383bbba3701d20104f8101d69de615f45a24c3e02991bf0d3bb3d37390fe87ecc64032438424218862093a69dd7b99008573661f9996ffe8ed50b7e54f49c MD = 5c6b29c3cbfd1d2eadf7c791513b27f21c934de6378ef748b779b71d Len = 888 Msg = 68a3c06e0740b569c72ea6a90d8b45e83c7c350d2bcf1cf6d6dffa7553b8b998087c052e1c065d862bcc6a7a3e0a90acfa1dc410172c9dab140ead9a296811557e1647359acd40341efeb6f5b3fdc0044162a45e62b0ec341634bcecb830626930392f8c6bde85fa088a322054acfc MD = 58a691524398a5746df28ac083f15861750e0cdd1fd5e5f57c982c18 Len = 896 Msg = d4f757d1c33b9c0b38b4e93e8e2483ec51b4861299f1d650961457496d86614d42a36e3696bf168fd4663efc26e88cd58d151e1531467b73f69dc9ce4f8d41ce579ce1c91e6760e340e7677abdf4fec1040745aa5144640a39b8c4f884df80753a691653003d634fa5bfce81f94ec3f6 MD = be11259377f09821d9dc358592b6565d8ef2b414dfaa7db5609fb751 Len = 904 Msg = ecd9e95f7c5efc8336f80fe67e113657b31482bafc22dc5b45073482846cdc48414d2ea855ae75d9f28a0bdbe30dbe511503788e578f20f25e20bb770ca1d787f2f02911139275dbeaa5ae1aaf155f40d7134915dac34d0938358dc8be97cf1005a922bf3d71c331282f41c86993e0ccff MD = 6950ad0f91398b39965b1859ea918c531212face1e51d4d390f094e1 Len = 912 Msg = 834ddd8fc7ea0c3385ef8280d3a7b22d59ad17d710a51a544a293544f30659e816a98d38a2d4d92f6f96626a7c79d6f17bfd0a558f45e2fb541172b720ec629c88a7971326050f2b9ab80d30cf8c777f80e37c98fa61797523e81e1bbbc7cd6ee22e4249dae679ce0f3eccfb54495d7e7046 MD = ef21ee8d568c009eaa8d1ea770968cb718c4d56e7b2d966bfcbbf398 Len = 920 Msg = 6ff611208395d81500505dae050ff0c29c0afde2a8e89c96192863ea62c17e292d0502e94dcb7f47f4cdd574264f48716d02d616cf27c759fdf787cdcd43b169ea586c8bca25fa3ce1a08eb615655e2471a0faa81d2edca28eff4030fabf36f10fb5f50fe4eb727c308f317bba995b6310ae12 MD = 8a29f2c0d564935b8d31b7d007f58138489d140917a28ee85d43b6f2 Len = 928 Msg = f977ea38076328bb0ee2297cbe3b2a9755fe8bb95ae726298e04df05201a7ccf2046b82836e092da94a4eb1c291450121718159468e8a330fc2b1272c661fb62397e874ffcd7cccbe5425af725791001c0c035ea41c8c48dabd206ddb217666e2b688237c2127e96eb049d941b34126b373e1345 MD = 15180df5554387337f04de2f37a16b28125adbd02b6fa6cfdb24195d Len = 936 Msg = 22a8fb43d54fff82749cdce98abe8adafcd443ffe16bf0e99341e1f7064fc07a5907c816abdb326c30fef0f5846e9e313f32b602c9e00352706358fcb7fb81eaf1857a7b0ffddf27b741a465961806ccf672c17993f284b2aaa9a2c854250a4212aa7937a9bfeefc30ec5f0067c3aaf34a1dce2ee6 MD = d11fcbbb2fa03109f952a56e16867c70904552eb580a6659314bd5fe Len = 944 Msg = 68727636ff38c0ba8999dde3cbd9503900d5ccb01d3c9b7959fb411eedf95cce1805cef6670d1e1133901cc06b55c41d945e654c0d18035498d4f92d167ae21b927cba3a810a41594885a00bff354ffc753e368274d01374469f1b3f7793e436ddc0822ad698f13bd15fb3ed10e0b97fac5f8778d9ce MD = 21c71bd09ebf5d09155347c4f476b8f9c5aed4579573211887ab6084 Len = 952 Msg = 167cb772f096b2e3b1599cce3440d1af57c5b7df5d2f460b91acc7e52c9fdb19793bc0833751d09f3f664a4167095586a564420a7810125b832e38ae7bb3a0d14403ef6157c20d3d67e6e13a44115b19ff1fb8b64ffa018133b6d532d9da69b9bffbcd74189071a57101e7239401ea50ad1ea04aab961c MD = c46cb2dfeb8b961e6e84d72e05111e04d62e3f93a055164b135b9072 Len = 960 Msg = b88ff728c8f829841a14e56194bbf278d69f88317a81b4749aa5fdbc9383486e09bff96a2c5b5bdf392c4263438aef43334c33170ef4d89a76263cb9745f3fea74e35fbf91f722bb1351b56436cdd2992e61e6266753749611a9b449dce281c600e37251813446c1b16c858cf6ea6424cdc6e9860f07510f MD = 8891cdfe486a582e8340bd8b893996d7a4e547e3bf50551902e722f2 Len = 968 Msg = 520f27a4d096d4193d2bc0983cf83bbb5084845b41844800c1f5669b4f67f5785c9c886eac51b059005cc3caf2f7dcfc205c230a8c924f604386696f3d5dd2a68509879d991aa49314d7271a8a8ef711b42825d3cd0071ae3bf6109772bfac1b167fad995f99b7afc2c573f2ce6493e25411101dca79b6d2f1 MD = 216ea50997596f71edc94ed96e2b686628640f94a3c64adef05c2b63 Len = 976 Msg = 75c23e556178f00440533bcd25257934d0c6f5e68a64f1aa511bee9435c5277b02145fae1fdedce3b6b7b47015c547be55d00dfa3999920d586dbecf7ff95a775160d057308b32c661c17e5d6a772166bf69b9919ee91fe93877a50711939c85a9cf1ab65c28fa94879623faece20e1458b8821383fda2253762 MD = d1631028a8e0ec4adc689cabba8bf681d11e2e2a5059f293f7ef5be3 Len = 984 Msg = d23373b9405024d0c4b17aa503f7e2ff7d308083124ed2cbc4d990b9bee0d70b9635872fcfdaea58a2b696d1fd8c9492cd2ec11179ee755aae5663626219c0981348a8be50c9bdf77b061121cde246649af1f30bd7e84a93d952f8025f854d7bd3d59d0ecd07e6d4d909b23c7ae03fa06fe1de1c3424999fcc3618 MD = 726f6584ff9ea998ff326c9f73291ace8726d8697e7aa94f1ed42f7e Len = 992 Msg = 6f057f91480fecee8a7e3879dbf8c52040f96f5929c6b8b6aea223b91843ddeba387a2288264df3d241d14b5b6bc7defe9bcf174f5060a88de1f86fff59fed52a3e574f2620922dc0c12316e5869b779a18e8697ea0a50bf20a50f169ed8a308f785bd98efe6fdf4cac4574dcae9bbe5f3d7f56a11bad282fc9c84a7 MD = 6b40e5c86db3d9c384c22a46cbef5f8e8c427bb6bf43268edd918aeb Len = 1000 Msg = 6f77874dcad9479f5bcac3763662cc30cb99823c5ff469dcbd64c028286b0e579580fd3a17b56b099b97bf62d555798f7a250e08b0e4f238c3fcf684198bd48a68c208a6268be2bb416eda3011b523388bce8357b7f26122640420461abcabcb5004519adfa2d43db718bce7d0c8f1b4645c89315c65df1f0842e57412 MD = 0228626c63c20465d5139d1af0b9ce17e334ebe10a5eee2cafe96cb1 Len = 1008 Msg = ea841bd41b22e4c98b223332918eb791f51d1978540785f9c617675dbd02721831f7e7fdfa7714af7d671b588a64f49d8556b5d1c448116839771faf51a85dbb1bbff59fad8e3fe3c4eb8631aa050f505df85757ed9e9d1a26a8a0e96feeaa7af204cd23fd0e6d4ca8d5ff25b91a0f94c42a887297b230f6d5d57271e07c MD = ff33c64231dedfc247e11e35aaf82d283a9ad62034102ee2bb5d4609 Len = 1016 Msg = 7216a825029da1c9a9328d499b3ff98f6e18b8af368e2b19efc1c0121b35b965ab282f55232356d7fad002fe3f0b6ab7833b2cb6f2e392b0c37414cbd3661e538c8613ae0c9291928303f775dd2a2445a27e825a1a3544a9b411eb3aa87d0fdcdcd85c170511db620e747296bdc3afa39489c181f5abc76a8a404e47e4a214 MD = 9440d3710b43e79899e116987366b2dd36b44b2f39e377fa2d4fe143 Len = 1024 Msg = 44a8508a3c3976d563e933705be4dbeebc726304b511203df7c7d1efceb6e06e91f1e57f3d8e6c105dfdf8262d984816fe7ad8f8dc95ab596fff48301f8d03137ba37dabdc4a6e664583a26b8edc42d3c2405516c51386c33a7f2875a3087702ca6721f56195053fe5263a29c8d8538dce6ce146b8b43ae520ee79a5a450c6a2 MD = a2743d341023ff5f775d90185d3139a7756b0a65c19ee876ebeb92ae Len = 1032 Msg = a8ef4107f41ebbc5799a716b6b50e87c19e976042afca7702682e0a2398b42453430d15ed5c9d62448608212ed65d33a5ca2bcdca7728037df2e5f9fd9e974d0315dde8290241e3e2b2cc06f8c653ebc95bc2195c24d690caed42fe7d96589f3a85eae9bad995ab829e674abcfb8efaacb1eee5703f52b979d5d99a1c1694855a0 MD = b411a28ff46513d0c3d63cf78a9b6353466cba3b926a8d895ee14fdd Len = 1040 Msg = f649d801b4040b7b5152f58a01e7852f565efc77b5dafe4607eee953b0ba6774c5573f1c79767121d94381c3ba9013ebef2fb8b0bf9f081f96ecf13cfad04e44c11ebb358160a89049bfad5e8e241d71689ddeecff0278063fd86b0ad475c6a25265f556b30ddb50078e216267edcd4a2b7016345d4b76806d7b02c625f3f717e0f6 MD = b94debadc833d5706cd4736bb1dc75039827832ae408859e2e6a6941 Len = 1048 Msg = eb71b45a494e76462edf41a9fdcbb3f46fb863b9e259d0c8f4a79898516eebe8c90c3ea5a675440f3c7b1a18c14dc20c5f3dd27788c66d448acd73226327f52cd65cecc8beaa2acfa34d90ef8bfe824e12ba9870bdc4965b8ced9ff9ce13a5bd39e824893af410d08ade0cf802e7dc02b0b71d6c2a5c3356229084e53b3ae4e51b384f MD = fbbec05ee1fb5f5cd1106ed7384850059cdcda474ba7cec0407a272b Len = 1056 Msg = 4eca0c51d30829b9a1d2712da1fac31f52942d77c9f20c2bf6d3751028d7d4f0d336d3dc92b27ec368caa4444b3180c1e37e98b58f25e647a9a6361f0b04cf78d17955766168eebaa993a435a88e0b39307423d6ead87f639afea75ba44bbc6bd0fb5ac84a12c2c6ed9539a7c0f9abb0c1dc9483e2f321a85244926dfd95e2f05624aa7a MD = fe313eb74f955c0cbb1c446dd4ff853f32b3232d93faba7db6d1fab8 Len = 1064 Msg = 97784d14db62a7f98f5ac3df742e013489ec0b8777b05ef82bba06edc5c3a807b191c65513ca3fc7690615e56c2773c036edef29aac50c2211e20392018fc33d83c436f274f7c6062c3420025e7037993f1b8cddebf4aeb20421fc829c7fb23255372455c69244a0210e6a9e13b155a5ec9d6d0900e54a8f4d9f7a255e3a7fd06f1218e5d1 MD = 5504f39131773550b6f459f33a5b57a2ce60ce8bb78c574fef83dcf7 Len = 1072 Msg = 1ee9047351e2a13e4a2d5a826e304fef82241fbab5100835e1f850a20e51e34938b93dc852e58aab8adb0c3ccf61be9c90b53713c77ed0a5370309e6f19b290f1d642550f738c36818ddff74f77cae04af55617403b08c7a9f17e8fba0c21523575384b44ac4949e7c9dfbd1ef6a684f666c67856f8f84dba19cb38a23b0efad6eed229c536f MD = b8f253512dabf9d89d2080830f23da5893b0f87edc0bd624ea767f14 Len = 1080 Msg = 1f363d2f7aa89e2b6c5e172f530d1a35531d0083a5acfcd232d64db06134b8232da2368f7a46ead9a9ce55cd6af8cdbdd1582b6bad56c52a15769c3f43dcd68da60f6e7232fd2aecfb3fcd00029f8e5c4ed7ca3b3f9cf68920dbd747fb43f532b1034d9f49d546aa893be68fc3084658f22343b9068877387b8f68903071fe5877083be068d626 MD = e59a19686df36bf5fe798a9565722b8e0bdd9f8eedbbb4a34a9ca7ab Len = 1088 Msg = ecf5d9e29c1c04c11a9503cc223d0cee4866fa26df2b4f7c1a017939718f545746c0f137c9169692194105b2acf001e2f0e70f2332517a20c05899644af454cb8e00e5363593dc83f78d66bd0670ce8faa7244ff28d0de59e964dc68d87a30ec0ce03e49a73ce07dfea2ad54fa667bdfbe2f2222894d830dde4dc9aee3caefa4088683d7e8b9a966 MD = a886eb94f15df208be122912d4edf02561482278a9f847ddc91c9bd2 Len = 1096 Msg = 9f44357664b5e3a958780641cca52049f3b49f07484b5f762a5571f7c9541b4346f81fa416f04065a80003864754b3b54114a77a4938c8b21a9e4d3e5d59c9fccd4d68f699f975da099320ab655a7fb51328d2c6ff460b9b40858e99f88a35be7b6a97d6b4778af2c559e616ee608c32b018a753321e321be333bb6f618f666f9a7734ab3112859323 MD = 8839f755eee84e15c586b52e29a41ddc640ac432cf31370680987a44 Len = 1104 Msg = c1aa1266f223c148bfa3d0ab29f278334d8fcbfbf0f4ebef5c1b7a766b415155e1ea75d0fe2546115411faced7a04a27339b6bcd62e740697d06ce3cd2e0f00238c44c1d9faa85efebbbb3880313108124c5f3277c1f03ddf430a4bb4d88b67b6e3f7f96fc39e5aa2ca7e11fd5d1300aca144c5166269a1168a2e53c01c00b872c63f6833e5ace09bedf MD = 439e3c7a0d655a30a9749afdefb7e048814335849df76d526c287727 Len = 1112 Msg = 0a367d3789827ccd4bef5fe8eb78c20503241f07fb8c41d81e97fb53f3891962ca3c976395ac11d1f9ba7b20a52912e8e3ed92466ca5aa808166ade737ba8a0213e8fee8d67608ee9aed9e821edc9e575f1f07c3686169656ae09a0a0f70abd10cc31a8ef6e7496d56102fd8ff984e9a9f44e54495c966cf028f2a8423b46419de54541d9a08bd9654ac98 MD = 40318036a595630e4135f10703be1d759a6c7e5146e0fc82abeba184 Len = 1120 Msg = 8a05b00ae2d5f652f02f98a1b035003f8fa7ba1b17fc3778cdb1cae35ae1f768ea16ed05d25f515f75a23db468348911d4a749c51ce39615c07892318233a667c7f00e973fae98e7c8e9a8b7902480d87ac5bef8c4252661e6e8a2e4bd8a870fe83b1aa773ed5352b2abe193702c6dfb4aa8239e55ea6fc507a704e2540e23c917a01a1cb4420b07fb90ee2e MD = 9a26f054e57aea14242d7801f3d61ddca1523b738fc26fecfa5d9a6a Len = 1128 Msg = ba6442c6d2139201dfef32c1ffb0ce92dd64091bd507c250595395e993d9a5124b5199640c2fe51482774b6a27d1a1751fe0d4fe5fd02dba152ed3c344fd9249af06da85f96f0bef0a8fefb1b501885b97f70dd842d12fa19befa03080c3d6b8ae2a0d13e2fc8bfc3fe1277ef0670cac0e52bb93c4344f6db13d05188d53fbc6106538f50ffdeda2e915fab921 MD = 58470da58476bcb89450c521fc396c6dc51b9fb6465c979aba5f8eb4 Len = 1136 Msg = 96fdb76f83bf12b3f4f322bf613fc38b2c8e0678856230418b6b062fb358488d6eed7c5c0656ec48c9bbf2da6a1473eea43faa68204f27239928172a3e49c52b58e861282c4401702337e5ce280aff00528eb26ac368db0cd0ad0eb262af226a9b16ef3bbd325614488f820363ca6ea77da4a7e8345554e57623732ee6326534819eadfe81c7f51d81ec51e1e3fc MD = be92d4a6946de0e93d5bbe420651a8befb97cbdb5d63b22aaecf453d Len = 1144 Msg = 0eef947f1e4f01cdb5481ca6eaa25f2caca4c401612888fecef52e283748c8dfc7b47259322c1f4f985f98f6ad44c13117f51e0517c0974d6c7b78af7419bcce957b8bc1db8801c5e280312ef78d6aa47a9cb98b866aaec3d5e26392dda6bbde3fece8a0628b30955b55f03711a8e1eb9e409a7cf84f56c8d0d0f8b9ba184c778fae90dc0f5c3329cb86dcf743bbae MD = 98ec52c21cb988b1434b1653dd4ac806d118de6af1bb471c16577c34 Len = 1152 Msg = e65de91fdcb7606f14dbcfc94c9c94a57240a6b2c31ed410346c4dc011526559e44296fc988cc589de2dc713d0e82492d4991bd8c4c5e6c74c753fc09345225e1db8d565f0ce26f5f5d9f404a28cf00bd655a5fe04edb682942d675b86235f235965ad422ba5081a21865b8209ae81763e1c4c0cccbccdaad539cf773413a50f5ff1267b9238f5602adc06764f775d3c MD = 26ec9df54d9afe11710772bfbeccc83d9d0439d3530777c81b8ae6a3 libica-4.0.1/test/testdata/sha3/SHA3_224_2.txt000066400000000000000000000714371417716165400204640ustar00rootroot00000000000000# NIST SHA3-224 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 224] Len = 117152 Msg = 5841db7cfa4f11f67b411c7a4233b0bbc60f267f4668cfa4baa6886109648ecf7c1694a873ef134e5702e20fcfa706a73720cb064e7c14542ebcef3382356c44f335b0ece3e945585e7eb4be4d8756e6ed9f67ea804f5c3a433276e29f569810a3e656d0b2064e1b79ffbb10249c4781d2d421b146a8505cdf4f47f8ca91b93b7671aedd480ed79f91cb1e8cbdae827fcd0622e5075197c4eb5c87fd6aac77ce531de19a0ec987ed8c2b06bb7e85aee8c57e910d2a10da7a50a16177e6707cd0213317906aff070c54679b23d0e874c5a48597b219aec184f466fbf0a8a56d49cafb7745c577fe04cfc7044e1ca07c1d51615c5b3bf3f3ecc1f37def1713f54135bd2a4388fa15dee7936ac4c8766df8b45a0790f8a619ba9e8f10fd9b81bac14ac158121950f4a18312f40b3e2ff05eb5bac1dab891daf47284dca19cb964d0f14e2738e24142558a8dcbade496ac583cc7b1bfe37adfa42718086382819c7712aec23f4995a702e64c163224724aed31cb00c9e12ad0d1a494bccbb6a20abd95274fafb813cdb17e97fe20658a71267c0cd5801b695484d14022629ee455aa6202f70e9684596a3ab6ab010ea7ca0905d3596bf7fe13c496635fafa30e25466287e1e64bb0f63302f0445c8991fca1b567b312deb3b699db469e3a2dea249a7bfd36be3f5f4a16be8ff2ba3d10b0f372120cfd394ee50b8832058ca53ef8ad96ae1d1fda59fd1a56d9dca292ec8e09251a8cb56e984723856dbc2c71d349879ce0bf908465b847b2172b9cf0ec3deab7c85ac1e75985e8ba3feca2fb71c03173dc4399a54d23a6bb900630bfda669e0e649fa90a59466310f2bd77aadf04b205ead2c2a5d7e53e578e96e7677cb02e143682f6415f339a6dcd5632e5e7be1238519494eccca6186f570248509ac4a1af852c2ff335f497bb17e05b164f965af65bb096e2f3103aec3473dce3fe49ffc99bc5dc87a13062e019827ba4e03391264e4f51ef16c9aeb46d1129866fe85049be7485676c8f01c61b6519f7623ebfb073984b7cfb797cb14a03b9a2b4499d173761b3fa5ebb7e5364b0bd779d5eec7b12b40eef6bc9aac9137214a09613ed1b4eb5eda83e59e0713e8cef8c593c217173ca22b22e6042e60f85c0e6ddef493d4a98bcd9d6143007ef21389e5d806679dd030d2b0ce84bef876547de5184b8657531a7f5ec9175fcc0961f1572d1c17b9a8759c4cd06ceccc33931efb97b427b15a93664497bb73af9142d5960d73c60f07d8de43864d2650b2a0480df7bef677327f18fb578ffa8e2c2e8d2ef3bde0e280d32f217aa5fa2a7604afb892dc811d7d461dcf730542ec3c9dae8e6a5af6e8961cf5830807d6bde028ac78038d46188d80db4d94dbeb4e3508b040fbcb8685d9eec7d4b8c35a8fa394d4c8c461c40d05a7d80217445228b80828c302900e5eaef12c932798e41412c1af274fca694f5823aa6984ff260038147ea12948fcb7a7ac7a4aced911efc04792102047c474079cb900686cc57937a62847da36e04536796768090452772e8f241fc06a63ff967b8a433c1dbed83935cc43901a476bddf04a7770cb245ed010eba2ba92a6668748a4ce6a7280b1af6bb110d54390b020a9b9f5906e05eb37654f4579612a2d5c6c8efe9e0ba9aa1c80ad2c24536a9690fe2c7ee29d85b0d704d58487566dd8788faf402159a806034ce71207ba23a39166185fd1aa12543177f4cc5ed2cfec7e0a9c5faeecea79f5f9155ef9f85a5bb49a142508443a29d92743998a66eedddf65cc9981260f5a674dae6f758e8d237ce2967ad0dc7bc630ab4888749339211f39b68a62a5754bc99328c004fd2a9f4cd815add5d345adca6c59f5b7e84d5aaffee0aeaddbcab2bf620afd12b4b123c6f3285a81d9264518f31e8dbec689ef241de172ed496e139b52cb733955bf555dbc34fd5f5e9c10aec80c9d13ce7d52fe2f2f738b6ede02ffbde0cee350b3a883abc1f2e8c425b4fe638ac03150962aa09b313d02cca8f55f3bf16cab262c91db4a65f798ba41968a5e3f83b20d72dabdfa7d1c0de34d6f2c2563e8fb5688a5c7008767f9918e39c5008153f05581e7a8c589acf73339d4f932bea04e526668d976acc085fa5a13510306bd76b941e5e374ed7c494cfccb58cc783f2eba343f75054c9dc85533b790ce262cdfa9413a1090fee68e8114c6ad5b172216ee80be3c44fd5c2b22a9ab16da662e85b5fe78929254983180003b697711e5917fba4991be258838e33a4245a04d3ef36fd805fbf184eddcba4dae3fa90ee628ee6f8617c96bae7c275421cfc851dab3277c86af56e673daa06b93825954c037ab1ed830ff263b6f6f85ddf7ab0a8e4f8d4a5f4f1b1fb6c5c2d89fc41089f0683626d46fe7ebbb8d1c5dbb6fd0edc61301c0143db6871338a21307875724e3152035ff46ec22bb5fce3a6e9ad2522ec8158c3a0dc1c3358dceb98f4ea5ac34d8f9baad3894719741f5aa4c0b180e04b938fd3531c54a8a3f992a7b7c7486521e233382c7794eebee133bf8332a47f470fc919a4c29838de8a1e470b35c49c77f1d2f0466031135bea75dd79571b68a89d0e7cdbf6704bcf36985f365c57d0156780ba6b6ba7ee13e328e8eb496c0236e467e73fe2654940a607d781638869c4ea457ee1c07de9ae7455c7212f1fb4b98ddb3f19abfe9bf78273973473e0cf4c222a24f1883b6bf34403626332bce8f83f736db17cc4a7bc71e58697b3e66b75b93695e3eb6adbabfc3aa1f97acc05bca336594f7b3ed6591b638ef24c22a3075472b7ff1091a39e43026c2a2ed773cd612ceb3bd0f4909429f8968c651ce0c99ee4738d20382a94c264ab40776399f3205d0cbca46e3e3743a987ae275d8b843c96b2d442e7d855216746817cfae1f688d2a21c1f354608108047a0ba6c0a00d9905a1d9f2715a8071425366623b29d429296a168d012d03984bfaa45d1c7051bd854b05e7f49571c7131a65c6774b1f6a5d194a8c7085665bdd714f015285baa7889d5a978dc280989501b874c90fb4b143a3d06a392643d347825e5bf97c92f78e0d4a59837e476616bdb0e5c6c40eae6b8e3abea17c069f0882649577b1952de40f47c6ac0530a036b2f1a1f714b7b2335cfbe27ff3390f9f05f47653c11bab4937e5673e03c6e76365fd31c07e3a5d3984a68dfb1855a5899180472427a1002c0ba5a3dff684ac2b6b360db97cf10ffc99ad19c977e71146a99ab05f41bfbceaff0b14f86a045f0d173eae487d865afaf0720e518e67a354a2962a7bcbe242248688231dbaa070671e698c041c64ce934db7e439c8420c4231251df012932057369f66c684e390f7d5593f62b616cb73f5c123d8b2108c8dc9aa2352c25ce80183d358794568310dd08020eaf706e20b9d4055b4e85dd495d0a7a31a37aa0991f2a660ac6888c1379470e9034bdf92d88897e254b7845508eaa045ccff04f5a7079b27d68aefd1f395adf05220eb6e495c4a624ebc2e8e357c1653d184f84cbf3724069e18e7d3d05889cf5e02c4d4fc8cca4df962a700da099c85de75ee6f3915c395699f1b574c51b6ee6d8df657609eba1deb57a82d351785342a2e61eda3081c4caf89e4ccc61597c6271eea65f4167c5aaae78c93f52a72e76b3afd388b9270a4f665feb4dc18beff01323ba14568937caebedea588b6e82818081ae061597326c4bfa3a00cdf8ee192644469d329920c6d2a09026e41477e97324575b2a1965aa0f38e0ec6eeaa263121af500bbdfa727cd5b61b246e33438f25f758fe2f4cb8f1ae186198aa73258406d6c47dba2f57443e405039721e2f567fcb0ab24728ba5d4bdd3900a78c7801605567a792c31359c042521c117a8a939c1b2b5d7d9ce74a6937058d7a58962fda9599f7dc384f33f836915aa0dafdbd07720b8e572bb83f62d0479d7769f865e231dc0ceb01634962978e63c4a1e1394e6a5b935857b5a2d5138fcf43332749f394be4563b0e8308befb9c5d181edaedd5e7c2af5a3581b4c8b4e8152369b52ab48b14fcab9565fd099940f7bdd7b6430d8eda3b381281f15a1f45228f6dd0655b8457a84ad264ddd3fbd9f1827032fe57430ac1693ae04ece221c02bf654dbaf8dfb5425eee0711e4c86f33af12d38679ae592933d42932ee64749ffb7ab590514336b33010d6ff04a90ba58ce423433b76cf5bdf08e105808e55e08bd48e4e3059e3e108615a10fb46b32f610fa99e67437440b400922e4d47c7adb69a635e5bc9c3b52e091aac904672b975baedfdc3bf51befce1c3171d38d3eec6f5b9279a3ade17e92f9f3c8d524d2b110e78c919906dbefdd6fd27b808808b010c1a11b7553df082fb6f26b8114e6d7d33d16b2f5ed0290104c7c6e560d76db0080d8478c1e726419614d4d92c7c6701508049cdd283e54e96a95c6ee8de7a1a101be8a726e4a36e2816acba4adf02e58d0ecdbd938ddc2cb22b5119479f9b894dcaa50a2e3d4d51d8fb18221480247013025ec64af6f4e581d60eaf2622b943e6a5236a7ff90e32cf4d7fd83166b6eb0ae463af9fc717c02a31f9f72c6dba910431cb8ec120cd58359349a54a99a19e9a3d464139072c04d5c57bbb028a88bbcff803409dbb720c3156dd510722cbd1e9936e44c1be1bfaac18fdc14f8109096e813446bad1e496eb1da5a40f081ecc22714380def4ccead4b4e5d2bc5827c30a54c769c26a0d3e8c7008660b5381d66b5c2dbc39b2261b78219cb6f119c830cafa22715a8ed44c3cd76e5ea20cdb39ecde94c27aff13d7bee58b3595ccd699d7faaf262c46210722db3f557d3a163bcf7ee05848e47b64ce8a19175077384658dcd550e099dcb86703e41344e5192539c579474b68440bd198ad23cc24d67f7629fbb61e90eea732d8c3609e15cc3f5439c8562c935714ef95b122aeda988c59688b218d323d1cace1450433d317d04864334f936d9cc74f0b8cdda1a266b42821ec59d587b25ffda6d2c6ac26e2223dce23f827fffb6c1a81a6194b8328410cdc86269f9735b74cafd36fb117157b5afd011b91505d4a778067a15485c6792c22c150936baf6ec185aec7e9ad9824c77b337e7968a8aa8f8f373c65b028a5b17a059e580a06ca86afcd96fdf05365add023ea8550c6d48a367eb1260d370cc26dbad9977c2414c0b596a494e82f8534823726600f9d108ffda4c93ea3d9f8888248c9f7caef939a2073b9579e12ce831bd9fcb0ad17a6c66d114c567af7af2a41173621fb51913a76cb9cee19e686c32370321e331bdd580d2d02159b7a7ad1328fe8bc173154c8420616006191f61b20649151a890ff6d6561b2240d48a1a5de19a6712776256d098bef357ffd66b49c1ce1f21460522cfe13262ad84b6ccdcc1b3ae8310a4c5055c4ef377a101db51e02eaa880721fbe5fad24d00569237284ff6ac840d4119bad18ddab5ab465472f7d731cf3aead4b109575be9b8c0dbb8f2bffb959bcbc739aef833c28d0849256f546f575fc46fa9a35e19ba29b73d17409c16586aa9402a3b2a790eb4bc3bd1bd229dc0e4430f384f32f0f237e9ddbbbff7771ce86e27050c7124fab0f6af1067de579c76eb45f563929c4241dd302ed77eb883a38eee529978c227003c155a05c4273a7621a66996e955fb0605d6e91d8e350d0a90088b78addb1430f101270d80773b609aa2fd4f93c8bcc2f82462f8a28719abf60818109cca32b1b9e4ffe5afe20fd49ace38f44e6ee82728cb34ff58294a06356f90f7a22a0310fb435d348ed23830b67a953b65a30d911c1dc7a81b861e97e2918ea46a7525cd39aec760b9d23513824aaa6b762fadaf46aea3796947f7df6220599d6235eb450989b6f0cd6c96db62b0d13afc4f48b03ce040f9cdc9764b589e9a4915e6f416cf66a47b25fbde16fc4fb1f0649c5f627375389fb5950a6a1a6eb94de1f2b0c10fb82856402a6b549379c5425b9152346ebfe2d1bd3534ca4c034f027303a1c25f00bb18c852cef2ecb173972dc8e1849332e836412475ea520eb40d3574579911d2c5491b1f89905c99556567ad6df19570b143fddd5e28b0f390d4a5df42c3eca0ef5db4eb2bab6793d343a5a95809c9fbc6712fda5e240d346ddf30aee3c123fd91cd224025b2823385a84457401bc536a04463b5e65abb4393b3825dcb1f7c3b451defa8e83450fad509e031a6c60ba3c74445da874b4fc3aac80786594d4a0c71d679a013af485c59fee5c31c8701d5b3e732b2d1643f173ba34c932ec901c3b07d5ca01881dcca8cede185e1ed3c4eeea3a6f925340dd09ecbae1eac11580389890533676a82d7d65d4fe4b7573f71e0103ef8233930627ca7b88361b4a14e55600fd4a0b7ef06ced3ad7a0d537fe130a3574a3bf25b5f3dddf85be03171f6bcb8d8fe250855d9fed776b04470720f48d37c69dfedc3195ac4fa2298064ebf27fa0d3a94ba6bb3bedf38220d1cba7e91273ad19f9a1c436c031a5209b19bea1f99f8f4406ca546b7516e49c7e6bd91c2250f1bfb65db4fe9fee574a5b1fe1a0c1f48c5e89d76e550e48581f53d0ffb2443659363ff64a14d3ef8050c85c9c185f05929ddab752213ff1a8515ae060d6018daf279c56cea1e49be8d9eab936315b3c69a9035048f891799adc9a8446aee0beb939d36388cc5859568eca1ef9123e00d82b0c8c97028b48f7651ba5f762692f4015ee07bfbeb99394166f742be490b8a8cbfb518966b5c68697e629bc1b24490b62f428bd9e8eb0681be1a115ced7cea130da89644d975c111702fadd019a74e4c9eeb0c89560189b42298ffff99da98b03b01b71deba705e9077fea23b521991f2e38629cbb632f5354e24308c69b12eeb86eff842a56c37a84e1f53f2d49edb84db92286718683d9c584af2b0c44e529163ed41a0e0b662078e43374da96d8a28dfbc0c920e213d1e50e88b8d35e8be9c4ffd9321f4b8a7563f54977558ec6685f5ec1f7321c6bb643de6444a44e73bb5530738ed68d8d03d6939bb9169853644280aa733d8bd8016272b651079b3918475f3762bc480a36315daebca659fc40c7dfeedf9bc6f54db16a136065db488b0bfa996039117ea714b1f6f48d3a1d686feb039ee5444fe5b132fff557753e7e23911df9e55056b0e11f08e323bf53559b209d33928a5483f25bd07244ff678c1ea149b249bb1efe3713592b02502a92ea1ef0204c0f8f82f5534979c6e0701f6da9810bde8853d9872d6c1ec1a30faadd44b0f74a5a6d7d2aa7af7e55bec4b281186888fc6e81fd41cbb640ba1e7ef7d520642b35e18add12c786f269e0f1e0098c749c5bc425b3f78cdc238438f51472306e3e973b542d3e3164787c0d6422676419b8553fcba828df225998790e8b250353a3d6ce45d81d83dc63148ab7e41b3dec8f7117c04456413d356f5537c67e07a8fd8d20fc88312d3354cbef59bf958851745812b012f03191598153ed50ddbbc29e22d9d498099c1dcffab1b62f86b1ecf94287178e974ea338770baba4d4ae5518203f6a92176f00373968798e3f790390f90b7331bbf70754a8d30f5cf34dc4fe0de82af0db047f2d007a0086501c59ddb4063f86cea91230af4064c3aa1896b2545a825ec4fadf03d86ce792493a44323c0df9084ff3784ee2ea6883799d4ed79c1d3d1685c0c47e29c79b2c8b415720d9991c30c0549e11fc276716d25a51c03d9687d27dd4b3de8d0097cfa6d0073c152e358ac05af82c438e0ce854ce441ec15d0efd1dd521b77abe69f62c54d8f68733c190b0651af06194a69261779a45bfd73f00f610929b6b479e3a7c4e50b2a8403ccd21017b00dec1e08f98c4c8d791ab947897358aece7328107172ae322e0ea23aa82be9cc0039c374a5b646446ef30bbee61a27f4e7705ced6ad8914b9d99802b3660af4d0789a175d39a4d106110cf1bce5f5e4127347e4338fd769d9eab056724b651794c6220d22b424a3b7afa6f27eb48e5deb946f4da83e946715ace99b51936b799f44fa85554b5260be33851aae2e0a413c32e287af4a5e70ff989a4debde7c9f42ad5a1c4f7fbc7c9c152df6c5e2c83276e7580eb323843bfa2648eabb9d170d4147e73e8bb1d17bc3fd17f3405366b64e1a266f4e6aa41c97de8bfe1b5fc927fdad186894922fd2e823c9bcb7f054210453d415fb804c874b39ca04b5871183ea556436f48126065b51b9afa75a1f274c1ce79f24f4dc20a6c0997b04b37eb599d96106161f52aaafef7e4878f1361d87ede7676548d16d1cfb50dd73656f118e91856283cd442458556e13a74627983a3f49fb26eccac12052a6b89bfd714c3b2647e8c80b6907e73c3f9ddcd9620bf59995e7046136c1435f0178e91c13ba11f03ee55d6a4fc9df0c3943641b840d2c8541a7684693e21888d7bae521c4efb597c104be5a56ee923e01a0f79cec00517ad3c8dcfd70a7f268bfdb1abf0341987574b3656c1ceab35a1f32e1ce388a06f2c2a7dcf64b8773672075e4346d743d21d06ddd000042c4e8e875bd3fc80ebf75a4d0e2d183051e1c8007ec3251ec16255ab09fc6bf8b194303e604623902ed8be0d0891fb5a554e1750d9d296f1da5e87a18281099385320e81041c5fa0b039e1d332a2161ecba6e65e3719a038d8ee3c501009e3bbef4eb1b60efeb998ba43490555097065fa10be94603f4bdb013cfa207b39ff5936119f4747933760941d800d396e11152bb526591bed9fc39e6d4c798abb6756a3a2629a7784e4e086f10e51a6770218a6bca61532cba5d6f6acb7c3073723987e2982196678c501d8e4793b64cf4a54b34ec6316b8064fd531fc566b85439090fd0852adb18e4a9d1204b313a1cf1b39a930f138fb5e421fbeefdca65bbb3909dbdf5379f0c48c1bacd0b9df207001ca2b2082466112e283742e757d8149814721859a77bfbf932db1242e652377e7614d43accb73d49fc4f430c76d806f17fd40a3ae2348d00e27c187774235573ab38202b744ce03d838b18f38d2c39c5b80cbb1f50956b64bbe50732af2c08e8a256bf6582eba313a733ea25069d561ca761529059653d2da45e06fcff37f9e343b6d870605d2ed24e8ee02847f305ff341df715656baa63842e3d5bcc0acf6f76a094d27469288262e52386baf6ed744786d437dc705b0f459ed5d97e6f3391235b1b1528d93a2cca80dac6c56db786c8e60e7d263cf839cef6f6fe7d2bcd53323094c0e3740bd76ea72e71d2220a3a9f83d070ab9728e7077ec751310944bc8b67275c0c01448b36a2470e48db8f9ab4a64096d3499323d87d715a03d041d41748fe700d498c500ab84c258f61eeadef96867a0719e2f4293d1ba159476ba4bc1a3e844d148c2fd233653f0f7cce7b399dcba1add1bd63e204eeaf9c386b33632712213429eb2f7659bce32ff3d70d780137952f37cb76eb1b120b3569e88af5b5a0ce2a525259de7376995a90b26a960bf1ddf314b5372ccaae3d8aa28baf580d1013975569b3f3c8bee9f519079a79032201632f22ae8e58ebce05adfcac76778b78e3fbd7489ba2ba5c69577da60b31f189e552bbe2f70ff0450d51e289353a3986760c451dbf4792791e12bd9532dc87fee34328db5035e62a0955e54c7fa041c4b9505a3c48006fc87c126f6fd84e0be8c4cb10a18213f4066382aeff3befcbba128fbfac1c1579d2ec1e3a3de4cda6cdf0b21c3d74f1435f82a0e5a9517001f1ea901b7525ced71ed400c6063ea28037cfc0f3b60d17fac0ce773253a86b09f0aa1c17a04973b2359d7ebcd2ce15c0adc9bd3d1437cc42aeafce3b042a280b3fb8fb5b33724b319db061c4a97c6d8fb84670a45fd95943b38d6eabc4beee30677ef58e39879f7de07370859430f414dfaea2cea0da062456d020289b4c079fef62d158b770b7bd855075a89ad2f078aa691b63df241b0e20e0aa5a92bdb9815fce5963b715db1a15ae36d4c44aaae2a1dfa30c229ee0289726d4ebb0f74dfe40295354405e53bc17f57db219806a7b4d78027173309d9b45086880fee30b3d19db88d65b3366ca138c10eaa15c786a359dff39d9c2998eb2ef2cc482693a67724cc08f0f7c5e6c92ddb72364c71bd8e1b4640c5d3c1d2a6444ea5c467223a3d3e4c327642181cc1b4f3c056ba79cedda27f79405867196e56d68f352e40f1ac50b5847620a180f364a663abde643d0a75c8176db89ddfbbdd46f2faca944f4cf294997121f6a606b36fc67626a58aad0bdc95de72ba98172dfc6b85ea70b587aa65cbe7b49c1e5437cc737631d23a2deb099ef30551c4f8ef8373770c8ab6e4dea5a65a56e63c645828f4fc7e5ece1589fb7d4bef07f8e99868854e8f26e5fd05d0a339977992cfab11b5a96acfa8fc6f1ecb599e21a6519f182b6d00f9a538b6736d15e4dab3fe87135fed85996d3b00e003aca1535fd98a0ed062f0678710771a4e6fcd6e126992ba3e396d408d59f5ebb0a586f187e9dfd91eb0ebf50e2cbe11d1b7cfc830a95452eb2d80598be1b49e5ce4bda0b0fb16f350e74226ace5f216918e5a6d81262299e13a4d48eb6aa37452dab3d55d85b5ea31669170d5c4c9750843fbc29678a3dbbad042931e4d690a4d0817f3f022332a1acf68682b419ad9a079325be3095eb4d29ffecca7126bcca5ed48a11b59154f878215712ff4eca0e4ae8cbdf96099a1b2e9d05a18422237f80ad4513182e2a7021f4720265745576f54695d4c170b1ee65e75cfe46532d8bde13988c54811dd05077bf9d0d12b898b0b56be4d8519a8e76e4d929df4043b51f0e6bc6901296e2acb1272a20b05a3c213e35590335bcc3089d65697672cbc6eca6a607f56afb6cdeaa90f0c5d6a32cf3e8db796ca37f55c318e608336f2f87ece43298ab10b5378d6ae438250dfb2fccbc468d38234b0b515f464c3fc1d5bdc8cff5c1d98c2d0b62fa094a67dcca0c55c05cdc923d88ae577a6b7ec2ef27332770d8c9a867caaf0561e96eb5cc788c35fe06b0a07a9e06806f3fe5e3828bb0b2cdc3fa3f28f3ed1da76aec34646d77147e2d4f8a61f6db7148a8cbcb016bfb11f09f9ac757128b52d5760b0e2c12959c47b702797bf6f5d50d9076a2f42eddebe152f2677d8e524ef1f4156baccdad73608e11954e071c52c4de2f8fe43c1ee8a6c64a4821cf0ab606cb50726d078941d498c40564921790777a3eba58fd86b149e1ea91cb3d7b3519e5054cf629efafa8bf63f245fdaf382d4beb4cd8d9dceed28d196b03406c7134297b20cf99a864e6e9358377b1acf2ef3b7e6dec38ea4647b120fe5240a7125e7ffc1781c17c09960083e18417d665c4313e441d827662b23547713fa5f2c1a0cfce5993083246beeb9533f496f43ab41675faf21f49ea1a00d6ec53d7162601013a0d8dd594c26892b3a24d95d019c7d069b6f4772b8588fc1599143edbe889fe885cf89268269bdd2556197e30a8064862a1a9f2e4db03104c9e0c4208af40ac006d5aa6771960b43276dfb8dd927866aae39bf93b959324c223c34c67252ff4ea693e798944beff242a28ab9f7d251388a352f2f95b4021c051c0c2bef05dbe8d772973664fbda6419c7bbf3d12163543095547e6d413ed8e4f8b0ed6b8d2f332c0a5fcd5e16591d2f1605c81f852b5243f2c5ecaa913717446ac9677269779216b397c9fa2bfa91e545fea31d7e17c736a5fa16d824995ba5eabc468e1b33aa2a16e5b8c3cd2d46feb01d11659cc7178b576769705bb42a7be11ff73922e1dfd8aca016454a6fb0bdecd79f8241a7b7a46fa470fdd735e848f66ae5ee11109794dd7d6ef9544073b564c4b9fe0d384c345737b9eb079d299f8303bf27563e85f131d43f5a4b3de477b04add236007399db677a0c27d3872e22f90df7f72ca1f70323ae3d2cfb6a77747f085bcda830453060ac21e98b648b35488c350e741c8946718090d32591136a45c5004fd3a20e6be579a49fa950f858a620746344415d038f22b641383d6284dc4a8a6189b33eb47f495ff03335bcb39a317b9ea3f8bb6306fa771f3c55adebce01c0add34a1c35b484188533fa206fac2713669a29ea8e5c729b153ac13cc6a3506cdbb84fef130f929805b0876cb4646a046330bc33ab1cf1e9ca3869573ee1a1549341ab007915dba719b3c4e8a94b62163e6d99dee2cbde2ae74135467b125b417c7544978d50c80c694399db77e878109f59a8335df3a326135a0d50a4bde6fc3e5c03fb7747bf919c68ee8f45c312bc2dfdd279411ba7a5f78dd9bfe16baa4a82fed076608229fc5a2aab4a3c659ae09160fdfab9cc526f3be181d95ca30ff6f064944e708a6f164d92b85584557645738a12fcea8d0c4b865fede73aed7dc62f9535cccee6f7a71ba7fdf8441b10b37984fac8ffe63d03800d0530a6d15c84e8999d38a31e2b776c72627aa540cef24e559ba61e5f4d5dd2f5b2fec6d814f6c279b2da16bb724de9f9d025ce4b1ac99805dfdd7081a522241fda97c2890de5663c5ef9504433f339462d3fe7c45b01009dadb71cd3ab1a1d916644c36daf187bea88df7841d82f056163111a34f8622d24ec7a4adec80c66553f4df10a6359aa8c18d2b73ac8caf55058e38d225bb4c8a2866f242864c1a7734bfa73eb8f6e9b28f51b35b86b8cb01df6fd6816ebbf782062decf3be80287f1749372959d20f5c909021942293cdfd023a6d498104be6a4680f769fba95aed9a15f1592f33760743bce8c616aa4296fc927f931321fb93980493fda4442c533baa78568fb7b863373c9b59c968a3704cfc8fe68b9049ae492d65276edd37405a6b3e9a21bb40c0d9939bd7b15b7b0961dd10bc60ec231af86fcd8fb1c0e62594fcb6ac5bda99d0b9667cb864ff33d2e9b8a4ad2972125a14404f9ef3bbd38369c37305b4823df33509b0846ad0586d3313be114bde91fc2b536dcdcb1a69da5753e62ec24ea7a8fb01d9b4295b7328dc72bf814e8e1c61bbfd9aa49e6923aacc22a28feb8c617279e34ad0270cfea6445a3b85b81d2c3b34b378abf4248b7566b41ab1b6e7f5e010329660fa716556193eb4870ee84bd934296a5c52d92bba859cc13caaddcf627c544edf0a0541c8b994bd1db99bf5dc18a3f23e30f36eeac72128894dea688a1cecd6b2dc551e6eb400b7b25e84b4b470d7a2ba150fdf9699f5d31ff67a5bb75040c074f7dd45c876e726dd545ef2e2db18ee58858af84e7c9f33695b1a138ad5149eadd2fa726690cc9d0731774ae7960c57a1f8f14362fd61dc0de2462a6519ccb3b5f4590eb990358cb87c6a37435016512ee5ef3b848b023f76128afae67cddb235e2658531d3967879aba4228687cb7d47e2b16b13a3d4d02a62652f8f9cbc1ca613ac708ff983e2c335a19721bb903e9565f43ca0e67e3093584112b0e80c557f0e9a4af470725e1db10f2f8559f9179ff6343abcb142c3697acb5efafd32ff3939bb9f3fb6d63ce194493651e18a8abff9edefb792e71af530406eee3ac46c5d3b8cc7925b4411c755cc55f7e0c91a7e077db63219cfa9cf1f6cbcdb2f353f637a8a6ecccc307f377c1508e7e6195962958048ac9460f26f9e9ce3724909ead48d30ff2f982fd7aa8dbfc9c2500faa063a81f197c14f875f445d5d2426c6f138ca2ce33b3d96ada8f12912e7cd108ec15cef5b73feefcb06a71a946136d0e508d7bad5902b0983ab5cfd6ef89bc09a3c7344e0d1cbc65ffe1d7123c9f7cc28bd3c77209eeefcdc3a078948456aa43ec0241f2c21a66798be3ded75cef82d5ece4efe6ed807e529dda779398eb81fff04c5da87f41d4817cf7eec24d0a658d9c4a59d1adbf456fefeb329bd14e2b85d630f039ec9aefc4faa66f99b8f80f33c38d6ffbf1b42d6be1591374d7898e1dc733626eb02c9d8c2c76c92544c2660e8833982b60651c909dae80e553a4940febdf1c0d7400c71f3af1652e9a6f546814c63b2ba2dcfb244871e3b8eda524a269bb84dedf1c56c64d9fa97c6107c0878fcec2c16021b3700d2ba3b34c9625206a4f03ab9a8a30c98d07fed6429391b420d194b6423a2abc1263289f197e81cf1524023a4c523f7021b1cd05e51ab137ef5919d1ef314a507fa1da43fb661ff893c1e7549e7a690331257cd2f1a4075825edb9dc100efa737d6e21699b55e7e20bae1bc1380c98c9e7ec75020f3a7b5fea16dc9d4cd7216e345065d7a053c1d7a6740749c10fb30b698d1e60e6e2f593655aeade4c96a989cbd10e56b369951d8c9a12b4e28ca211df90e1b31fa65d3ebf444b65b752790c6a7984ae7c9d4bfde4a8a3c9428a4d23727e25c2618e9ba61f5967fa3614793f3bcf2fa7a2f9cbbfd62724518a119c8949dd515655a19813ae23a76771e3916a635b7809ce85fdab8c9efc15612a778a8e38cf37a2e73acf942971730fc7a9d40da5c59ba748ca092b9593da70dbc6706614062df1686a21f8f32ee5b9c8a9c65f367f26d64a1820de94516b5e2e7181fbfb5e00ea2d1150020a478616ef798881950f720293d139cb249e8fd42b600675743f77343d15a5dcf5221ecf4302629c4adb47d42cdb9c1acce20d7ad97b46fc08115c78a06068ab3c29758bcc2a9cd8de4d6df41c2091f41585aef740ab8bb63d3c755d5fd8e19a68c352f393da7d5cd8ccab096b86608186ef3af468d61bce9e288b8c816757ce00577eae9ffb4e51c0bfcbbb21f750e8a78879185ae53f6ab03e65ac0ef414728c4fc265f97358de1f9093b4475aaa5200b9320c1dc13fb3fde4cd660f665eac9412e4c0a72ce02c7ba6cc99e596b7e61ae82f77b95063d00c8389628ba77ea4a108ac66b30c31635f693e150195bccd7c7f3602377cf3e9658462478a9ebc843a99e40024fd92aa5041b0cea53e042eaee410559e2c3628914d20be14335f71e82d523503e64a29d896eb6cd879d63239818517f64875b317488b6e324eb195322cc0ae57aea2097ed0b898a32e7900a4bc5cf047b7f8b27fdc6a00ebd7f818a0fef413283fe272ca57ddfa0c4536c277ff5f8a9a63074e5270871b48b67d22ba0bb60b7f80528b459422391ea7559d3bb1548af633eaae166ea8684fd488d909bcd03e6359397d76ed51fdde3a1ebb7739049b640fe8fc563d968e0a17606814770855dcb2e16fe6cb30f056e7d844b3013763ebdf4b5d9745193681684ff563a528f8f273908a1b9789b88d97cd607770b48a938b59fb63eef808bbb09ba97faff6ceae858ff69fb722fd8b3043354cee45b964fc5bfe41a0fdabc0d58dabeffb3b8017ce26dafa95c368599b83eeb9e3b0986718988ebac3eec898c16d243bf3beb535379c5eb29736a0fec1d5b147b7becea3c85ad155bf94064c5a833becfe491611a83bac5127424e828980a67cd3370420f5e7f29afcb70ee28a16198983a24bb20a49e95facae1aeedacef7e39de3e1e785891711e31f87653770e59aec92fb21430f40628e43ab499e05c9017e8a0eff62856943da931ada4bd7c8a8a0e1ce643dd5d7e434c9aa9bbc6e4760dff3327072260fb74add6f4bad94ea3a07576e85dee3d66c0808beec1c51968726e7f6439fb331f59cc32dbf45ef72d889bc808b1080668371c79045a6f6e1febd2e027fcf73f986360efd3ffb2f880a8ed7af7fbaf5afafd7d0c8ad42a44e4e0a90fd2cecaf8df1828686d2b79e56597e71a068c48bd87ba2e90d2dd8a505fe77d58f53ddb015bee6f271806182014cc152fe4e1587096c3bdb07cc503f2f966ac461fb8abbba76cc1b6551e124b46cbf426f3a97346c0c086d5f9292bbf49e4d261b2cdb1ba3a09bca0b4e1fcc953fe1099b3231d926e27269bd8786617b9f87c365eeb816fac4bbc50b7e04c2cc4f8d6e2c41cbbd6276e295c8b41578ed218063e54a09f6e46a94d40cea764d82242c3bc76c4e294651bebb2920254a71aaa0ce4647b6018b1b8ec1b6985eb6df44273616bda065fafa6fa188d39f1d30c44fcb2eeea780175e1153b292a5460a39e428c13baab9a7f95e108bd66c3a52f6f5244646c5bab0bc8551a8e031422c8bcdd870ee546d75d7f2cfdd3072e9fec8fa9f3557f6f97cbc52843f88ecf56cc04910cadf87c88b1b92a824e99b715cc3c605a3292383a6e6e0b42094bda6f362bf9677152913124da861090ace1c956ec11d3ac535a254c297a8f30b8b9ce8f999332098239731f69bc3339af330d15254b19f32129bafd9e02a5ff64020740b3eaf6d715e99119dd3964ba1f1f637f5e5877d78a4b9deb221000c5cc37abf2216d205a7c164d9cab8a2f828b2b6f0e1de697aa0d14309d5c3f3a345fcf2f0c589649142333fb205b2aee3351db8239ea51d3eb083805acb2fcbccbad3d0307dff2cb84b9e71c4d72984b3d31a43f9b2a46b72b3a1b9f71bcc502ec1305ba6d0e0f323c9e94336c785ea110791a09aa7411dbeae1337084d014a7265fbdc7b48948179c4fcfd315e2ea9a5db6a182d05e6f9c9abc13fb6ea38803fab1c9bd66d839e6345bfe7dc228c8916568df1db52fac93cb1931c2879d8bb3e9d7be0e0c6161289521a48609d07510d80e373cb18e553bec97114888249c3174201f3c0dbb3a492f6f56ae45708cb316252e826de0e60f8fa4371fb8df26071a2941b9f34c41e2736389391d7f5bd2b03c396132ddfb7924cf179ab233d5af4c61da2a55aaf46ef1ccb0c8fa538f0a26c1fc6bb8cbf2233c76375c0cb917849b585cef9d4dee593af961d0549372c3fa34cc145831667837481ac620e56831877b2e8c42ab7c2baf7810d1b4b5c38aab234ccda9a4d4f2c5a3468b773f54408158e372de5a4a70dfd7526fb340ede8aa0bd32a25acaa2d38162efea82d480c29600055d8c0b5a33c858aeca8cb4e48776d139c44af62823f2f48b21c35c02ee02ef987ca756a4d56014eeb3d9b8134a3b572b69f339a8c1b4d38184bff5913362453ab1beec4d9bce8f2edca581337bf7374eb8dbfcec58cfe51c3dfd08f439bde930245a351d2c19b3b66d77770cc2b359ebda8ca5ba8e4c14a37105fbf4a91bc3c5fe0299dc314966cd8fd80265c576a549f68e9edb0b32475d4b6038592b84bb40673f8051516792bc694f8a082f4803b235674d1778896693f09525eb6601b9e886985245357a1ecc256477bba6315b6cbfa11c357d5a588e8b2c2c710399a50784957780858af242e89f3147d23a95c0bbc372ffc1ac079342aeb4b5a95567e388be58cae8a0f669dd8920745d6a99f65156b63bed875aed3da2247d013be7c4bb9c5beb06c2128829a9ad09ecca4f56abe152b2a8f339e2a590e692b3560ef445b6e9aa88fb2ee6f7873ed02a609f28eeecad2c9bf98cbca20061bc66abc2ba4d946bd0165032cc6dac3d8fbc3672b345002f716ea03bc15b7bfdc2c244ec5dfbbf472557cb0682b39f100f4d54ae40d6a44048c8f12f3af988226e7128752678bee771f4739250f2e8211883c03d17c960487a51f24e6ea3b03886185f435dec19b17c9450bf7e5210d6720684058047bcafd0b2ad81a7827aa7d362f2404a7f590f0ee06b7353fa9e99e47fa8f0c37841dd0f932ab12bbe6ed81df4e85234570568ee80cb9718131ad1379632e52783763b029b70c4447e14312c794963659fa523e51b781416c40de533f22ccbf590e32f707387a437eaf51bc7971d5a237dc2aabb597bd09236fe3fa03c9d8c76c9112220c377374f2c98ffb8f66d1fb719e36438e4dbb5d7907546461b8e0fef54877ddb324867d3698543c53f409a699c90b92361a0aa2cfbfa62ed38063cab59cda66968031a0acc4551b71a9fb3802e5111467bd396d89f16fb5c3a0dfbf1016c07920eb03a3d7a5f8f552e915246f6afd467d87b6324a350795ccaab340873eb061ecc55aeb59e5b6769241e5f011d316a4f20a0f858303145b590e9cf39d8d20dd449fc5eb75ec240b9a34ec2faca603cc6fc4a3dbc6d40c52f33ceb4cc58aa837d2eac328ee21b810f542a637926c2b09414821a97830562915c63cc091afad0e1226e128153ee9431dfb92ac559e12f800f4f7733990884a5b2affd37474a5bc8ce49e6d7d9c4e0e7eb0400288a45225395ba3cd6d8d29431deba30a006238efad94596d99b23cdfb2011cbe8e274efd550ca51c968eaf8fe878c4e8a800bd03eec6a0acfc296c33328ea754e88f800cee5879e5470d81ad4562e3d3edd8c8a5eafc12b0175a22a59a897e4a2a459bb06fff90cbe1825617bf3a7e704442e2220c951dfb6ddd16a334b1e022c601d8a45442981518a5834ba05ff3223dd78014de3220f3722aaeb8ab689b533e2ced4525c1ee653ebf9fd5a343e08e5d1f28fada43da4cd6bb5162594e0e70152f300f6f0e0240d669023242a6d509048243407b5a984bee07b51ce8b297fdcd91578f9a87821c720a60edd8c94f26d69975924bd6e9952ab83054b436e650d9fbba3232bedc7c944c2255005b9d5c45dd264cd6595c9d3f1559b6566b681dccb6de93b2247fd5af86dd2443be6e3dd4c5dbfc85525fe87dd7a79e4990abb9085b4b20b348faac3642e7d80d62203ff5dc1d0dd34261fb8947909908671fb73f71666590accb84db28d8ccd7f761d74b88501d6aba114ac41dab231d5f329cb461d6dee4b060e3d071268f3dee81a828631b97a619cc5ab0a26db8e2e982de19d513092a04594de8e4679ba9a83e072ef4e5f90ff221aff17e4ee703769effd2239150cb19232776cb027ea5b4c588c1a635de12c38fbef919c529f9b6d5767fd5d852625f4d04fccd9db4acb4d6a1730f81a3591e850c2a0d76fe300ac4e665745e9a6a57456afd447fba3908dff5d5895fe53d53901c16b1bad040f2fba43587aa755d819acdfac84f1bd5214fda4bbc37105a134f6341bf374c96ffd8547278329fb67ebbb277d182360baeb4e358009db119ddf1763d7e42cfbc81e95b7ede8d560f9f269cf6f89fb546f19d858d0f0a44070444d95c8783d62c49bd4ded132154b37379f1ea961df601aa68554d3ff345ac36b7e1316360fc6097b2803fce85086c8c1465d5427394e639b3b73b0bef4273d5a9326e8a60aef3fc67b6d9592edd7569844d5976470e4f1ffe4fb90b54a6f871b7514665197a50f85b465c5b8560786c583cb9b9feceb6dda67359a6d9ff948b60a25babe1caf21bfbb33b4e3f2de024fe98a8760152a7e34ac69f76d5c8e29313ca3097503d61c7c781f899a2923723e60598430536bcd169bdfce3de7f6d296f2d47effb2e2a8c4d3716d6663a07d9bcf7fba950e7402871cde4866aaf9eaed14023ee3939b6ea0b47087ce081bcc6d1d455019ae0ec49017af8d6f0b5e1a3c897374a90cc816170365005a805d07bc34f36f449b01bb38749bc4e074ef098d3b6f46da87334832a898ff92342ed590fbd13e9d3d1590871be816424c725fe71140dcfd6ba2abf88b51adff8a55def25a26e6acfd12eb85f4deaa1bfbb0c653f32d5f9a20dee77194d83128eb9ccbe9393c8ef941bf733be8c7a9f6e971e4d7c97df73a0eafa5a5ac74b495c0c9447e80595f0d72e5d1b0dde93a587e7d617e7b79cb649ddc8d9db96f5ecf6fa5f0b817c6816ff94cadecbc8e86cb229be64df26904a0352f4660a40f565d62f8789fe7cb1ba73cbcadf86efcb4d63d951b4e1495c9763e6e79f6569dc5c7ff8a833bd6af553ea5fd7cdbda7bed023731a788ca44436f2062cd68b660d296b022ba95cdbc58bb9bd6c09de75559d578383303fdbf9a1243d3ebbdaba2a651dc8ac5b4b5384ca6851122477fd01fd9687166c8934ff5e70f897afd1fa96880ea884ba0746c5988cd7449e0893668966fa6e9de763a7c77ed4b2330f9bf41ac44e5f462f4a0a5e7dac8de70eccd5b93f69d634d8cc8594943e28e5f212a595c51686a011b1c5b4e14d4880092de2158631f7d1ebf43b1e67a1762927e32d71879db5285d327a142e362f09662b0e16d20f4df58f5f1afd4fbb047cffa21e468240457f7030a9f4daf38bd3d448dc45b93e43003181c789d2d75e7207c3da7d5baad1f5e930e7ff6e01f98fa20bbf2a926b718280f0a37c87730e78cedd049e6a39c52c26a7866c5dedf29d7de8392df403441cdc20312de43a7f21b3320f124489a992b72937e43124017db672dcc85482550fd19513166f8a3aed63776c8150f6e9ca292a6eff7e20a0b0ea101ca24a850f0bdfc3bbde8fdecc3c4e119f64361e2022eb2f8e16ab704ac797547b143c77dc7175308deedbc4adaee1a53a236a7bc73d8bad27b22faf8a323cb46ac6b0d767d120601bbfc9c859b5ac86af47447c599a7937ce5a911ac97158c47e023e202bbb6fd6e7d9d0564ad12d4a71587abc519a3233e488766e831559e9278f3aee8290c21974b585fb1b91e27522df739849ed45360cc425f7619edeb6f9a63d9f16e1b58c34eb613326684a8b3634a5bc9ce430c299864661df6e45a266ffccbe532ec8b3bae3e87b05d4e3e11e00a785d51f734e3d575e2a47043d2fe1e45ed8c1f85a348927924f24584d3b6ccbef709d0f8b4d4aafb3bd430113d40cfc7a5addbf0863022ed52c2c72c4ee84eef4293f34f75444080d875de568235ac085c120e351e3b88247ae68b5096f08e24c0c361035e7dbe8b234f221b8922da927b81615a51b3e9a6022738f79516b5e5d963c31c56c64da58329a2673a5284ed68c37b6909de70f9544d762a32a1ebbb MD = 6d9ef20b491372152ba56e3758f885f8e40e282dcc19908b8493e7e3 libica-4.0.1/test/testdata/sha3/SHA3_256_1.txt000066400000000000000000000741031417716165400204610ustar00rootroot00000000000000# NIST SHA3-256 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 256] Len = 0 Msg = 00 MD = a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a Len = 8 Msg = e9 MD = f0d04dd1e6cfc29a4460d521796852f25d9ef8d28b44ee91ff5b759d72c1e6d6 Len = 16 Msg = d477 MD = 94279e8f5ccdf6e17f292b59698ab4e614dfe696a46c46da78305fc6a3146ab7 Len = 24 Msg = b053fa MD = 9d0ff086cd0ec06a682c51c094dc73abdc492004292344bd41b82a60498ccfdb Len = 32 Msg = e7372105 MD = 3a42b68ab079f28c4ca3c752296f279006c4fe78b1eb79d989777f051e4046ae Len = 40 Msg = 0296f2c40a MD = 53a018937221081d09ed0497377e32a1fa724025dfdc1871fa503d545df4b40d Len = 48 Msg = e6fd42037f80 MD = 2294f8d3834f24aa9037c431f8c233a66a57b23fa3de10530bbb6911f6e1850f Len = 56 Msg = 37b442385e0538 MD = cfa55031e716bbd7a83f2157513099e229a88891bb899d9ccd317191819998f8 Len = 64 Msg = 8bca931c8a132d2f MD = dbb8be5dec1d715bd117b24566dc3f24f2cc0c799795d0638d9537481ef1e03e Len = 72 Msg = fb8dfa3a132f9813ac MD = fd09b3501888445ffc8c3bb95d106440ceee469415fce1474743273094306e2e Len = 80 Msg = 71fbacdbf8541779c24a MD = cc4e5a216b01f987f24ab9cad5eb196e89d32ed4aac85acb727e18e40ceef00e Len = 88 Msg = 7e8f1fd1882e4a7c49e674 MD = 79bef78c78aa71e11a3375394c2562037cd0f82a033b48a6cc932cc43358fd9e Len = 96 Msg = 5c56a6b18c39e66e1b7a993a MD = b697556cb30d6df448ee38b973cb6942559de4c2567b1556240188c55ec0841c Len = 104 Msg = 9c76ca5b6f8d1212d8e6896ad8 MD = 69dfc3a25865f3535f18b4a7bd9c0c69d78455f1fc1f4bf4e29fc82bf32818ec Len = 112 Msg = 687ff7485b7eb51fe208f6ff9a1b MD = fe7e68ae3e1a91944e4d1d2146d9360e5333c099a256f3711edc372bc6eeb226 Len = 120 Msg = 4149f41be1d265e668c536b85dde41 MD = 229a7702448c640f55dafed08a52aa0b1139657ba9fc4c5eb8587e174ecd9b92 Len = 128 Msg = d83c721ee51b060c5a41438a8221e040 MD = b87d9e4722edd3918729ded9a6d03af8256998ee088a1ae662ef4bcaff142a96 Len = 136 Msg = 266e8cbd3e73d80df2a49cfdaf0dc39cd1 MD = 6c2de3c95900a1bcec6bd4ca780056af4acf3aa36ee640474b6e870187f59361 Len = 144 Msg = a1d7ce5104eb25d6131bb8f66e1fb13f3523 MD = ee9062f39720b821b88be5e64621d7e0ca026a9fe7248d78150b14bdbaa40bed Len = 152 Msg = d751ccd2cd65f27db539176920a70057a08a6b MD = 7aaca80dbeb8dc3677d18b84795985463650d72f2543e0ec709c9e70b8cd7b79 Len = 160 Msg = b32dec58865ab74614ea982efb93c08d9acb1bb0 MD = 6a12e535dbfddab6d374058d92338e760b1a211451a6c09be9b61ee22f3bb467 Len = 168 Msg = 4e0cc4f5c6dcf0e2efca1f9f129372e2dcbca57ea6 MD = d2b7717864e9438dd02a4f8bb0203b77e2d3cd8f8ffcf9dc684e63de5ef39f0d Len = 176 Msg = d16d978dfbaecf2c8a04090f6eebdb421a5a711137a6 MD = 7f497913318defdc60c924b3704b65ada7ca3ba203f23fb918c6fb03d4b0c0da Len = 184 Msg = 47249c7cb85d8f0242ab240efd164b9c8b0bd3104bba3b MD = 435e276f06ae73aa5d5d6018f58e0f009be351eada47b677c2f7c06455f384e7 Len = 192 Msg = cf549a383c0ac31eae870c40867eeb94fa1b6f3cac4473f2 MD = cdfd1afa793e48fd0ee5b34dfc53fbcee43e9d2ac21515e4746475453ab3831f Len = 200 Msg = 9b3fdf8d448680840d6284f2997d3af55ffd85f6f4b33d7f8d MD = 25005d10e84ff97c74a589013be42fb37f68db64bdfc7626efc0dd628077493a Len = 208 Msg = 6b22fe94be2d0b2528d9847e127eb6c7d6967e7ec8b9660e77cc MD = 157a52b0477639b3bc179667b35c1cdfbb3eef845e4486f0f84a526e940b518c Len = 216 Msg = d8decafdad377904a2789551135e782e302aed8450a42cfb89600c MD = 3ddecf5bba51643cd77ebde2141c8545f862067b209990d4cb65bfa65f4fa0c0 Len = 224 Msg = 938fe6afdbf14d1229e03576e532f078898769e20620ae2164f5abfa MD = 9511abd13c756772b852114578ef9b96f9dc7d0f2b8dcde6ea7d1bd14c518890 Len = 232 Msg = 66eb5e7396f5b451a02f39699da4dbc50538fb10678ec39a5e28baa3c0 MD = 540acf81810a199996a612e885781308802fe460e9c638cc022e17076be8597a Len = 240 Msg = de98968c8bd9408bd562ac6efbca2b10f5769aacaa01365763e1b2ce8048 MD = 6b2f2547781449d4fa158180a178ef68d7056121bf8a2f2f49891afc24978521 Len = 248 Msg = 94464e8fafd82f630e6aab9aa339d981db0a372dc5c1efb177305995ae2dc0 MD = ea7952ad759653cd47a18004ac2dbb9cf4a1e7bba8a530cf070570c711a634ea Len = 256 Msg = c178ce0f720a6d73c6cf1caa905ee724d5ba941c2e2628136e3aad7d853733ba MD = 64537b87892835ff0963ef9ad5145ab4cfce5d303a0cb0415b3b03f9d16e7d6b Len = 264 Msg = 6ef70a3a21f9f7dc41c553c9b7ef70db82ca6994ac89b3627da4f521f07e1ae263 MD = 0afe03b175a1c9489663d8a6f66d1b24aba5139b996400b8bd3d0e1a79580e4d Len = 272 Msg = 0c4a931ff7eace5ea7cd8d2a6761940838f30e43c5d1253299abd1bd903fed1e8b36 MD = dc5bebe05c499496a7ebfe04309cae515e3ea57c5d2a5fe2e6801243dd52c93b Len = 280 Msg = 210f7b00bf8b4337b42450c721c3f781256359d208733846b97c0a4b7b044c38dbb219 MD = 3305c9d28e05288a2d13994d64c88d3506399cd62b2b544213cf3539a8e92e2e Len = 288 Msg = 3cb8992759e2dc60ebb022bd8ee27f0f98039e6a9fe360373b48c7850ce113a0ff7b2ae5 MD = 3c00bf3e12ade9d2de2756506f809f147c8d6adc22e7bb666e0b1d26469e65a5 Len = 296 Msg = 22634f6ba7b4fccaa3ba4040b664dbe5a72bf394fb534e49c76ec4cdc223f4969e2d37e899 MD = a87e5c78837d7be0060d8f5eda975489ec961b28d7088f42a70f92414ae17793 Len = 304 Msg = 6e1dcd796b2015ee6760f98fdb40e668b2cf38b05c91f6a91e83bcc8ac59f816f90a59d64e8e MD = 746bf845c08aa186b5fe1ca35528232c4a491a3a2a32cd23e990bc603f3268ae Len = 312 Msg = ee0be20320f9d44073281265a6e9fa6b9d252495624b8d016b8ef57e1b4e859d8ad3b50b89416d MD = a3257baf14ca16e1137dc5158703f3b02ebc74fc7677165fe86d4be1f38e2f7c Len = 320 Msg = 8ae2da242635b6568289bf6bec8a438dbac1f5b4d50a90bb7449bdb92a59378e23452dbcabbbe879 MD = e25c44802c5cf2e9f633e683d37aa8c8db8a0e21c367808121d14d96c8a400b5 Len = 328 Msg = bdd0252dec5b798ef20e51791a18e8ca234d9bfde632a9e5395337a112dd97cdf068c9f57615424f59 MD = e02c1b197979c44a5a50d05ea4882c16d8205c2e3344265f8fe0e80aed06c065 Len = 336 Msg = c4c7b6315cb60b0e6cd01ef0b65f6486fdae4b94c6be21465c3a31c416ad2f06dcf3d6eae8eecf84ca7a MD = 2da21867cd6b5402d3caff92a05fddfca90199fd51a94a066af164ce3d36c949 Len = 344 Msg = b17977aced3a1184b14b0e41a04dd8b513c925ca19211e1abdc6c1b987ac845545fb3b820a083b4f7883c0 MD = f91b016d013ede8d6a2e1efd4c0dd99417da8b0222d787867ca02b0ea2e80e45 Len = 352 Msg = f65c3aa1d9981a84e49fc86d938f3f756f60e3858d5e1f6957dd4d268e28d68e90ba9a11d7b192d6c37fb30b MD = 3acbebf8eda9d3c99a6b6b666366c391e8200d55fd33ad8680734def1dc7ae85 Len = 360 Msg = 49abba1fa98f3c4470d5dd4ed36924af4a7ad62f4c2dd13e599238883ed7d0cb95bbaae58b460332e6b7681446 MD = 02bcd9ea4f1aa5276f38e30351a14a072bc5d53a52d04d559a65ca46f1bcb56e Len = 368 Msg = 275645b5a2514fe65a82efac57e406f224e0259677674f1d133f00a5ee9a6d1a8fed0eadbbff5a825041d2a9715d MD = c70a874d786cd0f3f09fa4dc1bb8f551d45f26d77ad63de1a9fdfb3b7c09c041 Len = 376 Msg = cd02b32107b9a640fc1bf439ac81a5c27d037c6076e1cfe6ad229638037ac1550e71cf9557c29c2fc6017afd5a8184 MD = 36c73d11d450784eb99af068cd4e1cbc5768c8a2118010aceec6d852dda80d95 Len = 384 Msg = 5a72e0e1aec82a6541f04883bb463b0c39c22b59431cfb8bfd332117a1afb5832ce5c76a58fcf6c6cb4e3e6f8e1112de MD = 90fc3193552ec71d3315ebbb807913afd4cd2f0833a65e40d011d64de5e66513 Len = 392 Msg = 43402165911890719f9179f883bbbc2a3be77682e60dd24b356a22621c6d2e3dcdd4cb2ce613b0dfe9f58629ee853e0394 MD = 5c4b6ceac9441defa99b10b805a725d4018b74b3e1f24ad8934fc89b41b8fd9e Len = 400 Msg = fc56ca9a93982a4669ccaba6e3d184a19de4ce800bb643a360c14572aedb22974f0c966b859d91ad5d713b7ad99935794d22 MD = e21806ce766bbce8b8d1b99bcf162fd154f54692351aec8e6914e1a694bda9ee Len = 408 Msg = ace6297e50d50a11388118efc88ef97209b11e9dfcb7ad482fc9bf7d8deecc237ad163d920c51f250306d6cedc411386a457c7 MD = f5581403a082bbf5ad7e09bdfccc43bf9683ebc88291d71d9ce885a37e952bd6 Len = 416 Msg = 3bad18046e9424de24e12944cd992cfba4556f0b2ae88b7bd342be5cff9586092bb66fac69c529040d10dd66aa35c1023d87eb68 MD = faed76ff5a1cd99183b311e502c54e516d70a87050cf8961c8cd46f65c1358cd Len = 424 Msg = e564c9a1f1aaf8545a259f52c3fd1821ed03c22fd7424a0b2ad629d5d3026ef4f27cbe06f30b991dfa54de2885f192af4dc4ddc46d MD = 811529c600c9d780f796a29a6b3e89f8a12b3f29c36f72b06cca7edc36f48dc0 Len = 432 Msg = 6043fa6465d69cab45520af5f0fd46c81dbf677531799802629863681cea30ffa3b00836fbf49f87051d92aaeac0ed09bcb9f0755b7b MD = b0fceecdaef6c76d5fc3835b523ce2416f4a9b9bd1f90234445df0f2b689f2f5 Len = 440 Msg = 2040c538c79237e6f2b8188c6375ec2f610ac2301607b9c23660c3a1e1c3a902cb2950c59aac3af28f984f6369c4debe8623dfa74c967b MD = e33dbdc0acc23fcfad3c759c4333410bd3a40efb1366ade157d2c81d65a0a6c7 Len = 448 Msg = 00ff6c96b7aa3cf27d036cf20af7031434113252574bda9cf9244d85aef2593d3a7a83bff6be904b75164a1766828042bc3f4f090d98a03d MD = d000eafca34815783bed9b050c6901c97f2e77d4771a0ed724dd8f6ff1448791 Len = 456 Msg = e8df14936cce118139e690f1662f88cfbc9c333b6dea658c02cb1d959644592842542fd9d8d61a04d4a892128f0ddff7b6502efffbabe5cb0a MD = 3479a9617a3adca35854c08fe987c2fe7ff2b01b04f2d952c107b3f066420551 Len = 464 Msg = 4ed981a31f70dd6b70c161be1f01fc1bba54d06d9494e7eb194e213d5e0e71e0fddd49cb1f075353da22624cbe4ba871aab32906e45b6fbb691b MD = 9c824a00e068d2fda73f9c2e7798e8d9394f57f94df0edeb132e78e8a379a0cf Len = 472 Msg = 7802b70c6158bc26d5f157671c3f3d81ab399db552b9f851b72333770348eb1fdb8a085f924095eb9d5ccfd8474b7ba5a61c7d7bcde5a7b44362cf MD = fa9726ccb068c0adb5d20079c35a318b3d951eb43b196c509ab790b7e9202207 Len = 480 Msg = ff83dcd7c1a488e5a128d5b746284552f1f2c091615d9519f459bc9010ca5e0ac19796c4a3fd7a15032a55a1410737d07855b07f61fbd8f5759e9218 MD = 8bd8d494a41acda4b7cd2994badaecff0f46ba2743458f6c3fdc0226f9492ede Len = 488 Msg = afd4764cc7d5de16a3cf80c51d0c0d919f18700c7dc9bc4e887d634fe0a3aa94097d590e4123b73f11ccb59e23496a3d53d2bfa908056c11c52c23abfb MD = e9e3b3da648cf230f1973f3814eb81316d2a496826ea39adf4674576f97e1167 Len = 496 Msg = 6fa6de509719ffbf17759f051453c0ac3cbe13346546bbc17050541074b034af197af06e41142211ee906a476039b3e07d6cb83a76aac6fca8eac307c034 MD = 766630993fbb651fd8d3603e3eebc81931fb1302a46791df259a6e13ca2cba9f Len = 504 Msg = 93cbb7e47c8859bef939155bea488090283ecf5023d99767c960d86baa333af05aa696fc170fb8bbac1e6473956d96b964580ee6640f0cc57be9598e55fc86 MD = d3212abca1100eb7658c0f916daf2692c57a47b772ee031c4ec6ad28a4a46de9 Len = 512 Msg = 67e384d209f1bc449fa67da6ce5fbbe84f4610129f2f0b40f7c0caea7ed5cb69be22ffb7541b2077ec1045356d9db4ee7141f7d3f84d324a5d00b33689f0cb78 MD = 9c9160268608ef09fe0bd3927d3dffa0c73499c528943e837be467b50e5c1f1e Len = 520 Msg = 4bef1a43faacc3e38412c875360606a8115d9197d59f61a85e0b48b433db27695dc962ed75d191c4013979f401cf3a67c472c99000d3a152227db61de313ab5a1c MD = 8703a1f7424c3535f1d4f88c9b03d194893499478969fbb0a5dc2808a069ab8f Len = 528 Msg = f0be5e961bb55b3a9452a536504f612a3e66aec8160a882e5156eb7278433b7ea21de31e39383d57fcdfb2fb4a8d227a9d6085fb55cad3abb78a225535da0e34efea MD = 2fa180209bf6b4ad13c357d917fabb3e52c101a0cdb3f2299fa0f7f81dfb848e Len = 536 Msg = 206f1c36ba25aea73398fffc9b65c4637cc1f05a6bbee014dccbd61e3b7aa9423887bbac62152a4bf73a4b7afabe54e08720589464da7985d8e6591ac081d115df2fe6 MD = 558ea7c800b687380cce7e06006e1ebe0b89973f788c4caac5780f22dbf382e8 Len = 544 Msg = 8cd71434c00663f3bda0205508a4a266548dc69e00ca91fde06d165b40279af92674f75bd8133e5a9eb9a075c9068f68f4b820008a1fb42d89d1d759859e68f8efc6fb60 MD = 085b343b08516f320a9b90fe50440a8bc51ae0850fa38d88724a4d6bd3df1ad4 Len = 552 Msg = 4cf5bbd91cac61c21102052634e99faedd6cdddcd4426b42b6a372f29a5a5f35f51ce580bb1845a3c7cfcd447d269e8caeb9b320bb731f53fe5c969a65b12f40603a685afe MD = f9dbb88c5bb4415e17dee9222174538eeab371b12d8d572cfdf55b806e3158e4 Len = 560 Msg = e00e46c96dec5cb36cf4732048376657bcd1eff08ccc05df734168ae5cc07a0ad5f25081c07d098a4b285ec623407b85e53a0d8cd6999d16d3131c188befbfc9ebb10d62daf9 MD = 3571326a1577c400b967ac1c26df2a0dcf5db7070eac262a8071da16afa7c419 Len = 568 Msg = 981f41a83d8f17f71fc03f915a30cd8ac91d99aa1b49ef5c29fb88c68646b93a588debcd67474b457400c339cca028731df0b599875ab80df6f18b11b0b1c62f2a07b3d8209402 MD = 62aea8760759a996f4d855e99bcd79e9a57ea362522d9b42fd82c12c9294a217 Len = 576 Msg = 5c589fc54fefc4d6e2249a36583e1992fc6b8a9c070e8e00c45a639af22063e66ae5cdb80238c82db043a5e1f39f65626e6d7be5d6a2d3380fa212f89211200412e5e4315fc04e40 MD = 18deba74e9d93ae7df93c6c316ef201bf5e3a661e68868e14d4f56264f5d858c Len = 584 Msg = 7c8691e7b2560fe87fcc5e2877f7e3c84d9101eca4818f6322a58986c6cf05627c0d6919ef2edc859f81fa1f33e0cc1f10edf7e52a9c33981af2ff0d720c94ea4d62170b2a4d1224fa MD = 5a5a438b57c1b3ce8756094252362afeaa9fc91cd45b385d16994ec8af49aa6b Len = 592 Msg = 97359b564b2bc20800ed1e5151b4d2581a0427ce9539d324c3637cfb0e5378dc2cf6d72946e2a3535a2f664ede88ed42a6814c84072b22c43de71e880a77c2d9a05b673bc15a82e3255f MD = be54f2e435f760d5b77c0ae61ef0aa7f5f3366f47819f350dc8a39aff8c73a8f Len = 600 Msg = a0dfaecd3e307c5ddf9a93603f7e19725a779218734904525b14586ff0ce0425e4efe7e1c06e745c28ed136f6031c4280fd4061d433ef700b6d1bc745064231fecf387015f94f504b6ad8c MD = 60d80f1c703dad5da93db222fb45fb7fa768c8aa2787f4b81f1e00365b8f49e2 Len = 608 Msg = 568d66d061306c3419a1928ce7edc8e3400c30998f09bdac6f63ff351eb23d362e8dc5927eac805d694ac9563dcd7fb2efa9591c0d827af9f39146f0424873aa8e3963d65734b1713baf0a44 MD = 7a4fe37f296991121792dd7c2c30390725a1eebbf20b766a5a1c3c6c3646d996 Len = 616 Msg = d65b9f881d1fc7f17d6dd429faca8404e6ce60fba7d89b7fba003c8ef84d8083182979327611fc341291ba80dc70ad3b2f28b6d29b988445e7fdb7c6561f45822ac81dbf677a0b27d961dc6358 MD = 51cc71b6934afcf28fa49942b76323f36cd6a0aecc5a0e49c10994ddcabdbb80 Len = 624 Msg = 711c88adf13e7a0e694652f2b9a397543f4937fafb4ccca7f1ad1d93cf74e818d0fedfaee099f019014ec9e1edfe9c03fdb11fe6492ad89011bf971a5c674461de15daff1f44b47adad308baa314 MD = 1780e52e306858478290c46b04d8068f078a7f6ad8e3790a68fc40dccfbdadc9 Len = 632 Msg = f714a27cd2d1bc754f5e4972ab940d366a754e029b6536655d977956a2c53880332424ddf597e6866a22bfca7aa26b7d74bc4c925014c4ed37bfe37245fa42628d1c2ee75dc909edc469ee3452d894 MD = f4afa72f3e489ad473dc247aae353da99fb005b490e2c4e1f5bd16a99732b100 Len = 640 Msg = fe0c3280422c4ef6c82116e947da89f344d6ff997bf1aec6807e7379a695d0ba20ae31d2666f73bbdbc3a6d6ac2c12dcfb5a79173dfc9cd2e0d6000e3114f2767edec995772c6b47dadc136d500251e5 MD = 89198e2363efd4e0ba7a8a45f690f02712e6f856668517bae118d11e9a9dc7cc Len = 648 Msg = 02e238461d0a99d49c4cd16f442edf682c39b93114fc3d79f8546a99e5ead02f0cfc45081561da44b5c70eb48340418707fd6b2614580d5c581868ba32f1ee3ac34bf6224845b32ba7f867e34700d45025 MD = abef81b33591eedcac0cf32fb5a91c931f2d719c37801409133552170ce50dbf Len = 656 Msg = fb7c8cd4031007f8159d5c4c6120dee6777a3ace0a245b56f31e8aae7828dab3cf35c308de1d0d684592ef3a9e55796603a92f68d109f7a3ac1635f7c4d334955614c812753431bb0a0743291a0fc41547f3 MD = 5a67284d39e4f37caa64ca1a54593c35f6d8f3a3ec20d460393a39f6f57c4486 Len = 664 Msg = 6b2e868c7d0ee1c240d3a67e2fdf36e8e23817c02644a54453d10454da5859d41e833a5285ec63e8ce28aa64a50435a7740eea4b7d5827892678b35993d3f5da7a1c64f533173f3d0fa37e1aebf70827052c26 MD = aecf5dab6fea9ffd1bce2cdfeec0bee9d214a669e8306d5b6688afa8957fc91f Len = 672 Msg = e5f3ba000c43bb6aca4e0a711a75912a48241cffa5b4b0b17f901f9e5097d94036c205f7a307d008567d05e58ac0dfaf6d971bf9d3d450cf2c7c83f6b328f676e9ab425642f5a5a71e389dc4fa49b6d7e848a09f MD = 182d6e4316f4bc18d7163b1b21462d99f99c6f34d2c00ee771ce54fd6c5018b9 Len = 680 Msg = 939c61e68af5e2fdb75a2eebb159a85b0c87a126ce22701622f5c5ef517c3ab0ed492b1650a6c862457c685c04732198645b95f84ccb0e726a07ce132827a044dc76b34d3f19a81721f1ea365bc23e2604949bd5e8 MD = 121057b0b9a627be07dc54e7d1b719f0a3df9d20d29a03a38b5df0a51503df93 Len = 688 Msg = 9eadaf4811a604c65eaa7b1c6e89f2c0ab96bebec25a950ba78aac16d9371ca1e7458acf331e077ef6a735d68474ab22d2389bdf357fb2136c9f40e1e1eb99592c2bbb95d94931016b4d37faa08b1e9bf71bf2d3708a MD = c237194b902e48dca5bd096cb51562079d0cdccb2af8088197676c17b0896be2 Len = 696 Msg = 71dcca239dced2ac5cc49a9bf9ea69a99be22ba62216716b524db80f337dee5eb7e032869e4adc1497babd1fa82fa8c3cfbd30d2eadfb4c5d40f99f9d194d7182c9cb7d41e8adbdcf2917e086782fdd756e2961c944070 MD = 377d1cffb626735810b613fd31ef9bbb4577cd752521abe3a41afa921e623da0 Len = 704 Msg = ea130d3236bca7dffb4b9e50e805309a503e7347227aeb9f1bd15c263a98dd65753d2eedaa734b9ad88f41158f32419ca529f3062b910c019f3f239f635fc1116e5ab7b242feb4471ed9168474e501d39d6bae52cc21061a MD = 85c7a52d53f7b41162ea9f1ef0d07c3fb8f0ec621617f88cb3828ebe5388ab3d Len = 712 Msg = 28f1be1156792af95c6f72e971bf1b64e0127b7653ff1e8c527f698907a27d1544815e38c7745529bc859260832416f2b41cd01e60c506239a7bf7553650bf70d1fe7a2c1220ac122ea1e18db27490447d8545a70bf0ffc8fa MD = b2eb3762a743d252567796692863b55636cb088e75527efd7306a2f6e3a48a85 Len = 720 Msg = c8400ef09c13e8acc8a72258f5d1d20302c6e43b53250c2f6c38ff15be77e3cac04d04b8421fc8fdff8be5ca71edd108e9287b42dea338bf859100eea376da08a0e695f0dc90b95e467cbd3c2a917a504a5ae01c310ae802c4bd MD = 69966e89b7bc7f39cd85791b92180ff3fed658d8240e393e1e6d7c24b8d0ac95 Len = 728 Msg = a48950c961438e09f4d054ac66a498e5f1a4f6eabfde9b4bf5776182f0e43bcbce5dd436318f73fa3f92220cee1a0ff07ef132d047a530cbb47e808f90b2cc2a80dc9a1dd1ab2bb274d7a390475a6b8d97dcd4c3e26ffde6e17cf6 MD = 44c00cf622beca0fad08539ea466dcbe4476aef6b277c450ce8282fbc9a49111 Len = 736 Msg = e543edcff8c094c0b329c8190b31c03fa86f06ace957918728692d783fa824ba4a4e1772afbe2d3f5cba701250d673405d2c38d52c52522c818947bcc0373835b198c4cc80b029d20884ac8c50893c3f565d528a0cb51bf8a197d9d6 MD = 6d5260384f3cefd3758fb900dcba3730d2b23cee03d197abeff01369dc73c180 Len = 744 Msg = 4e10ab631718aa5f6e69ee2c7e17908ec82cb81667e508f6981f3814790cfd5d112a305c91762c0bd9dd78e93ef3a64c8be77af945b74ff234a0b78f1ed962d0d68041f276d5ea40e8a63f2cab0a4a9ed3526c8c523db7cb776b9825b4 MD = d88e5f3b2d0a698fd943233760a3000a3360d9040e7374b22e39ea58d868102d Len = 752 Msg = 604d8842855354811cd736d95c7f46d043a194048b64bf6cda22c3e0391113dcc723e881ae2ad8dc5740aa6bda6669ddb96bb71acd10648380693f7b3d862c262553777004bd6852831618519fbb824759f4dd65af1b2a79cc01096d7c8d MD = 8a8ab6cf5c02b9ae8f4c170740eff1592f3eda11d3420ac8b421d93cfbb35db8 Len = 760 Msg = 628180e14f41ebdfde3b4439de55ee9cd743d41040f3457ef2280370dd659619fa0ce69580c709725b275a6eda8bcb82a8447c20fdf68cba15412f83e2a10079fe9399a3e3fa61975ec0a64041c0ecde59e4844e9f8a608cb22d2576854182 MD = 8d154bf6f9cb72efc0d8b3927a8f690060d1d48bbe5cc72094d2c8b149a75132 Len = 768 Msg = fc150b1619d5c344d615e86fca1a723f4eeb24fbe21b12facde3615a04744ef54d8a7191a4454357de35df878cb305692278648759681919d1af73c1fb0ff9783678aec838da933db0376e1629fcca3f32913f84bc2ff3ffc3f261d2312f591c MD = 3f626c8bb20a132495bd3022b3fcd0ce0604b91a9d70132dab4099f73dde23d5 Len = 776 Msg = 6dadbecdd15e5646e3f37a6fe5b328e06113cce3c8cf07285939afba44d117321017902b3a9d2ff51f60d18e1b585dcdf34e49e170ee60fa4d1dc246548d2c1fc38e7983f42769c43d65a28016f3f4d479ebe1cd8fec5d1f886dd21aca5067d94f MD = 9098ea34c40b541b153e80a8bd92da19432b18b7d329760b302f8a54c395dd06 Len = 784 Msg = 9cc5fd3035b72dc63b8c3c326fd013081e6b8716f526d3fe176b45256d4c37cc3dc8417dff49ada96c702b8fd715c65fc08a17a0a720b9cf1eedfd4922ccde6baba437f782ee33b95371056b0350dad743470c3b663299f16fcfd34f6fc459cd0ee4 MD = b0c04f24bb6d3d4fcbfdf9222d0e886f1eb60a0566a478085f7623a025a5b981 Len = 792 Msg = f3f063fbcf2d74aa5a02d240c962ed7bb119b3a212bdb41594e28428108e613152ed16e01e451fcf702b0e5a08f82eb12677652b93e05fdee00ae86cf2dc9a1fbf05b93952ec5b8515eacc324fb830e1ec236afd7d073d4b7f7ab1c2e048b99cbfa012 MD = f930d79360b581b1bbfdeac57133a339444f5c44538c921631eabaf058277d32 Len = 800 Msg = 840739a3d6992c13ec63e6dbf46f9d6875b2bd87d8878a7b265c074e13ab17643c2de356ad4a7bfda6d3c0cc9ff381638963e46257de087bbdd5e8cc3763836b4e833a421781791dfcae9901be5805c0bbf99cca6daf574634ec2c61556f32e642730510 MD = 19795657e08cfbb247a17cf209a4905f46e4ddf58eea47feee0be9bb9f5c460f Len = 808 Msg = 4a51b49393ab4d1b44fb6dc6628855a34e7c94d13b8b2142e5d5a7bf810e202cefdca50e3780844a33b9942f89e5c5b7dd6afb0a44541d44fb40687859780af5025fecc85e10cf8249429a3b0c6ff2d68c350c87c2fcbf936bd9de5701b2c48ce9a330c9ee MD = 128fb4114e43eefd19277c708be9e6873e66d7fd59c58a1485b7b015facfa795 Len = 816 Msg = afc309e6b7b74dfb0d368e3894266fc4a706c3325e21f5550d07a6560e3d9703c134ca6ad078e4a7b82ad6fa85b0bc1ddcab05d43f29d5c58d1da78ac80c37051b089ff31ce2c0c44e9ce3abea1da0f1df28008e178fdefafca493413bf1d256c729d0a9225e MD = 03e782b01a4ba10f640470bb3cae487eb9cbbaab8c9941978b194f6a312cf79e Len = 824 Msg = c5ae750f2230642092397b84ad5526c46ae9480ada16892816e0f2db7690b751035653ea2f33da3cc4168b591b46a5548eff7d012f60ccfdbb854deec9f0880c472de8e127b5144c56147cccee4732fbac68fc59a48da74b33ed9e643644bbe279795c7c737eba MD = f64b7ab243ce6e6c04b483888ba8a655465c21d95eb60c7b8d6e566a3811bae2 Len = 832 Msg = 603e13f61499e12ec6b33b68847a281d314f54dc705c0f3fc428981ff5689c04b519fadf83cbc9fcd0409c326035045df480570e265bb080940037ce4076a36437aafdb371c1a62af9ad9b614dfef89708fbbb5ebef2cb9528cc399781e4c5b22f1aa4dba623809f MD = 5f76962fd3d373e5db2953c0823a51fe81f874450bedf7e46876394b04d3ef66 Len = 840 Msg = e03115cfa19efcd796da389063c4be6acce684d983f8edfb3da6887b0b94fbb5e89e3a1a8e64fdd68f0670b1a02c2c33384a660c5a2266b3ae8a3b4cd76faecf011a7467b9b2a818020278a5a57d1eb1c87f1224c2d67dd02e81f1553eb75841532c2b7cca8fe5e418 MD = d107ee6ee4a58871a33c49657faa2573e475f11918c4a4e3801d0e17fb93c6e3 Len = 848 Msg = 0e6c1d58b1b9d3a2d399aafd60529e07d483a2755bb7e44c373b5355632d5fca76d6ff56c93af93ddcec5ed6f62753420c1b1758e48542df7b824b00a3a54dfaf0470b18d51e31e10b12dd8e324b5dc1bb8f3b7305cb762ec6ef137dadffd4a2466748861d9004f626b0 MD = 02ab2dbb02944354799051247b1a25c19f3696e1afcb502b859e83798b33fd77 Len = 856 Msg = 6db2a43a229b10c3629249fc5136468b4d84df7b89ec90ebf7aa7a036c53aa2dffae9e81b2c60580543dc706a5e3457abc87e248a60ec29150c2d221a6ec08a1fda4ec0daee8576904ec7ab059b1230e7bd93c4e55ba9496cbb1e352e5b8086e303b94c861288ce53c466b MD = 8cc4d39b2f5ba0bc9d2ee2a8777cf08533e60cc69b65a7b31c5c2121193aa31e Len = 864 Msg = 31d995f7ff8b6de70829a8336c610f10df2c866107a4922b25151849f8566861df5a79163d02767f21357ad82733997899261f03dafb1ce1056f20efd16d4374b89768565823c38e19e899d910b847b023f1867b6e4fed02e604b8243c0bc7cb05b9ea1f17955bfa36698c9c MD = c99c7191b34c9ad3f941d4ad442cc865205cbb4c2a6927c592e831cbc4d36fcf Len = 872 Msg = cb0b8cb7de621c8e0a0fc6be2fc18d0e8818a2c2dd0b3219fa87831a61583f903c4d105495976ccac973b3ae3a09771145931a9e74c19f22f45cba4c492b29b1401347122581dfe2370d3e0359578cd10a355c619711810a8f8c232578671312c0a45c7cf7e81bdd3b249044f3 MD = 6d2f57a7e42b35369cf2cd60caf9e65aca7d9aa019e6824bb806348f1acf3c7c Len = 880 Msg = 48dff78aed5f6e823054924a78dc1b8e51a117f1610181529f6d164ebf0f6406f0b02422cad8c916823759a361437ca17423d3fd84cc8afe486a31ccda01c732685418a32c064a7b9effb288e811ecc99adb2a759feecc3f702f31d9877dcdb717937c15fa2f163bea744400f58c MD = 14b631f0f00a3024ad1810dabf02711e28449668abe27f69380942268968d4f6 Len = 888 Msg = 06cc9fa542ceb35c88fb6ab82c29d5dcd530f807d3f1c3bcb3974421101d1aa6ac112de6bf979cd28eb0f70c40bcaf91ed3eca9bf9e0dbc6a0b73271d1c7506740ca9ebfb72d5e00ac5ce189193ffa308804b42a6d20402bb99031cdac65ec36eb7f59f5d299df2e0b8690f760b9a0 MD = 574fd82a9fceb8f7bbbf244d16e0412cbda8153b720846c32b8f10fe5779a881 Len = 896 Msg = 8d93627c0b7cbf61a7fe70e78c2c8ed23b1344b4cfed31bd85980dd37b4690e5b8758f7d6d2269957a39a1ac3451cc196696ae9e9606a04089e13456095a1ce1e593481b3ac84f53f1cb10f789b099f316c948398ad52fa13474bdf486de9b431bd5d57ef9d83a42139a05f112b2bd08 MD = 344ec86642eabb206b2fd930e4c5dde78aa878577d6c271cb0069d4999495652 Len = 904 Msg = d0af484b8be6b41c1971ae9d90650a1e894356c9191d6be303fa424f2b7c09544ec076a0f1865c8c97927ca137529d5bedc0df2ef08a4cc7c470b094b1eeaa86731c041633d24086b60f7369d59c57652dec9b3817477df9db289ba020e306c9a78a99b539128992deb23cfc508c5fc3af MD = b7ba998726477c32792e9c3eddc1cb6feb7c3933e49f2e7590d8ce7a2113e6f8 Len = 912 Msg = b212f7ef04ffcdcf72c39a6309486c0eeb390ff8f218d6bd978b976612f7f898c350e90bd130723e1126af69295019b4f52c06a629ab74e03887020b75d73f0f78e12785c42feb70a7e5f12761511c9688c44da6aaa02afa35b31edc94c3a0779b6ab9462525c0ccfba76986f873fe1e6ba9 MD = 2f26b96c1fa3f3dee728f17584e733b4189821c659b8885a5fb1d12d60d2aaa9 Len = 920 Msg = 86591ada83fba8175a0fe91d264e7f9b2df97ee4c32570e76b579d6140508951932abdadd6a4ca53b8bb8c42927aac0a02126881d52d97b82b80e72dd59f6a42021651ee1bb5f7b3eb2b21d003d784b75dda87c13f714b216282e8175474fa661b445d071bd5341f3a88302f410d0f8a857962 MD = e3edbc8c42ce5d2384dfb24fb1de5d4798b1bc3cc78c97033894040dfa6feb6c Len = 928 Msg = 92b5a8e84b6a2ac4d5b1e61d63804abd641dd630058ec6d5f752f135724ef1947a0a84c6611d32448de6307f7b7d857404e96b81df94f87768fcfdf09faa2fe37468847542afe012995ff1bd40b257a47a7309f8896bf4fb711de55bfeb3a8be0837729ef6067c578182f17ebb080a754f22773c MD = 80ed0a702812297c2aa1b6b4b530c2b5ed17ecfba6d51791cf152d4303ced2e6 Len = 936 Msg = d284a0a9a4de5d4c68cc23884c95ad7619aa39b20a2cf401deaeb3362c3ce356f79cc3fa82d3d1f565ec8137e1f435f171496afaa1152f722315dca5209f0031cce39b6c3d718e007dfb4fd8de5ce1408dda04476aa8a96817afa86a4f8fb5857ae091c67ebd7db5d783f434ead699aa96e56f610d MD = 654eccefd0a4fdb2ac0ab56288c64399b37bc4d57ff4a9f1cce94362fc491bda Len = 944 Msg = f57f0f8795385b805246a0a2573afc274346a9eccf50c626b0455a50bfb09668578b5a5afe54fbbd486444bdf97dba586aa224ce2e2b4b52f418ff06afa65a26f5204983a5f84734cd166c88cb70a73fb2db48f9ef20c1ee2c53ade07460114e98e7e2ebd24ac84ea90422eb143c4a42e2991a565959 MD = 135ec8b144a667dceae8fadd287df81c10ef3ebef87ff2fb56e60ae708a88f3b Len = 952 Msg = 2a41a52e6578873588a57f11f1be7c7eb398d01f3bfdec2c33fe6b65a68a534a6540978daa82e0c8fccb8c6c5242f7f97b8ffa75bdedb217bd8083439eea5cbb6d193c13bd62f5658ed4304774c6b1faf5b3dce432487840cabab415fb5d67640a739ca6e5414e760869708a9d7331e7e7ad7d55e035c7 MD = a6a1b8a26f6f440f19f16dce1d3001477d73ee7f6c374bce2922167b81970d6a Len = 960 Msg = 4d11aa5d3c6b6900f49ff90dd815744572be5648b64bde638b9db7a9877dd745fa8ea80e2f7f655cee85c71a4509e21d899e49b4973579815f947587a404ad83fd4a248020d9d2a65f46485373fc926d793161f63a196ae0af590923c5be2a0e5d2f69da97e0788550c9c1dee9574ddc4a61e533275d7729 MD = fc5159f0ddd6d765c85fcc3fc3ac1dc0d317d8ea0b110e96ac9f7a398dc386c5 Len = 968 Msg = 05cd99bfe031d123ca7061d3de0956f4bbf164bad792db881713d6599ddab55ee24fcee804e360896152c8766424f8309f7a24641a07be0feb5da5e5076a9af45842f385101f93433ca5199f9c6b5872b2b808e4198aba8e18dd12db772930b4912d6f5cabeb529884f4bb142de55e021b3276047b22b64cc5 MD = 8aa07742e6f1f47ad020ed6684edc8dba4af36b782955f0f972be3ae980aea0e Len = 976 Msg = 529684398d68bdc19e7a00ce32cc1a8c1315b97f07137474f61f0cb84a04f2879b1109c78c6dacf7f0abf362329e3298f36fc31ef4ec06653723a5f961301dfb63537ad15946611cb2cd54ea928e322e7423fd6d146ee0b98c2c71e3bdcd33edf0845fbebd9ae4192d07acd01b432135e05af0d22f3f0c5a3d62 MD = a07049b6ebd7b355479a3d802fda436b83ae6747d741cf9626f7c62f47cbd563 Len = 984 Msg = 982fb5f4af498a4a75e33a033235ea3ddb70d9d236519f883ff5b388cbef30126b98d96e93a65a26fb00d17246d18cf4e2db14a52f0f6b10e35a93beadc14ff118b02e95b38fc4736f973ba848e40b5527cb0599076d96bc578c4aada09e8faf6820bc4f562d5199974f808b7f95edca74e6b3940894a7f66534e0 MD = 09c60fec5a089a23f5da3ed2492aa21fcf7aa36183850fafc15ae8c63f596db0 Len = 992 Msg = ca88614828f8acdb5fcffab6bb2fb62d932b7808e4d9cc3139a835b0cef471d9f4d8ffc4b744dffebf4f997e74ce80db662538bceb5d768f0a77077e9700149ea0e6a46a088a62717216a14b60119dd19c31038ed870b4709161c6c339c5cc60945a582263f3be9a40cd1a04c921947900f6e266f2390f3c970f7b69 MD = fe2d4183ccdaa816b4446a9b6c07d0ba4b42ac743599db5dc482b1941f443c71 Len = 1000 Msg = ab6b92daf83275cb9c1b76cfb59fbcc8ac53188e0b6980918e7ac0c07c836ca9372d19e11251cca664bbb3c3db2e13b412a9820b65e95612042f5db24643cf9340b9808597735a1f92670ba573a2fb2f088d81087d70565574344af7576d35b2ed98318e2ca0067d4fa8e63f28045b83b6887d4ffa0668a10712ed5759 MD = 744538e1ae1cd7357710b56c3bc6f1bd7a8564118a1e0f9acc30fcf0b5396eef Len = 1008 Msg = bfd4c7c8e90858ccf9c8834abefd9c1846ca4a11966fdd139d6de24a6bebf4b19f58d5d51e52bddd0bc6f1c7f35998f44707cae7100aeb4adefe373101429da3fca1d15737329dbbf47c783a84de59bfbb2fcd75a1a148d26aebb8d3a9a76089c0f8e4d49b71a06f9e323e2cdb54888189887a44b1fa9cb32b7c8fb7c9e0 MD = 58b17843bc851a721c5a258eef57b3854d02190e732d9b8e7a9f926ac409c173 Len = 1016 Msg = c5019433c285da2bb93f119e58b4f36cd1e4d99dda35dbf4f8ae39c7fe65fa0ed03bd2b96dc649472d8f1a94477ed9f29592d97c9cd54da7c790ad1af3bb5cc030b7871bc64050db779d2caf0419895bf3b7b50b8e22fbe62fe30fe7bbd6ace86ddf7b00d5d9370f20cf0f97996f4bce70bb33f1ba022cdaba0f25d55fa031 MD = f7c92a3fb7f180370d628be78de874d693f74ccc7a54c741634258d8c512fd7f Len = 1024 Msg = 84b60cb3720bf29748483cf7abd0d1f1d9380459dfa968460c86e5d1a54f0b19dac6a78bf9509460e29dd466bb8bdf04e5483b782eb74d6448166f897add43d295e946942ad9a814fab95b4aaede6ae4c8108c8edaeff971f58f7cf96566c9dc9b6812586b70d5bc78e2f829ec8e179a6cd81d224b161175fd3a33aacfb1483f MD = 8814630a39dcb99792cc4e08cae5dd078973d15cd19f17bacf04deda9e62c45f Len = 1032 Msg = 14365d3301150d7c5ba6bb8c1fc26e9dab218fc5d01c9ed528b72482aadee9c27bef667907797d55514468f68791f053daa2df598d7db7d54beea493bdcbb0c75c7b36ad84b9996dca96354190bd96d9d7fbe8ff54ffaf77c55eb92985da50825ee3b4179f5ec88b6fa60bb361d0caf9493494fe4d28ef843f0f498a2a9331b82a MD = 9b690531dee948a9c559a2e0efab2ec824151a9175f2730a030b748d07cbaa7f Len = 1040 Msg = 4a757db93f6d4c6529211d70d5f8491799c0f73ae7f24bbd2138db2eaf2c63a85063b9f7adaa03fc348f275323248334e3ffdf9798859f9cf6693d29566ff7d50976c505ecb58e543c459b39acdf4ce4b5e80a682eaa7c1f1ce5fe4acb864ff91eb6892b23165735ea49626898b40ceeb78161f5d0ea4a103cb404d937f9d1dc362b MD = 1ac7cc7e2e8ea14fb1b90096f41265100712c5dd41519d78b2786cfb6355af72 Len = 1048 Msg = da11c39c77250f6264dda4b096341ff9c4cc2c900633b20ea1664bf32193f790a923112488f882450cf334819bbaca46ffb88eff0265aa803bc79ca42739e4347c6bff0bb9aa99780261ffe42be0d3b5135d03723338fb2776841a0b4bc26360f9ef769b34c2bec5ed2feb216e2fa30fa5c37430c0360ecbfba3af6fb6b8dedacbb95c MD = c163cd43de224ac5c262ae39db746cfcad66074ebaec4a6da23d86b310520f21 Len = 1056 Msg = 3341ca020d4835838b0d6c8f93aaaebb7af60730d208c85283f6369f1ee27fd96d38f2674f316ef9c29c1b6b42dd59ec5236f65f5845a401adceaa4cf5bbd91cac61c21102052634e99faedd6cdddcd4426b42b6a372f29a5a5f35f51ce580bb1845a3c7cfcd447d269e8caeb9b320bb731f53fe5c969a65b12f40603a685afed86bfe53 MD = 6c3e93f2b49f493344cc3eb1e9454f79363032beee2f7ea65b3d994b5cae438f Len = 1064 Msg = 989fc49594afc73405bacee4dbbe7135804f800368de39e2ea3bbec04e59c6c52752927ee3aa233ba0d8aab5410240f4c109d770c8c570777c928fce9a0bec9bc5156c821e204f0f14a9ab547e0319d3e758ae9e28eb2dbc3d9f7acf51bd52f41bf23aeb6d97b5780a35ba08b94965989744edd3b1d6d67ad26c68099af85f98d0f0e4fff9 MD = b10adeb6a9395a48788931d45a7b4e4f69300a76d8b716c40c614c3113a0f051 Len = 1072 Msg = e5022f4c7dfe2dbd207105e2f27aaedd5a765c27c0bc60de958b49609440501848ccf398cf66dfe8dd7d131e04f1432f32827a057b8904d218e68ba3b0398038d755bd13d5f168cfa8a11ab34c0540873940c2a62eace3552dcd6953c683fdb29983d4e417078f1988c560c9521e6f8c78997c32618fc510db282a985f868f2d973f82351d11 MD = 3293a4b9aeb8a65e1014d3847500ffc8241594e9c4564cbd7ce978bfa50767fe Len = 1080 Msg = b1f6076509938432145bb15dbe1a7b2e007934be5f753908b50fd24333455970a7429f2ffbd28bd6fe1804c4688311f318fe3fcd9f6744410243e115bcb00d7e039a4fee4c326c2d119c42abd2e8f4155a44472643704cc0bc72403b8a8ab0fd4d68e04a059d6e5ed45033b906326abb4eb4147052779bad6a03b55ca5bd8b140e131bed2dfada MD = f82d9602b231d332d902cb6436b15aef89acc591cb8626233ced20c0a6e80d7a Len = 1088 Msg = 56ea14d7fcb0db748ff649aaa5d0afdc2357528a9aad6076d73b2805b53d89e73681abfad26bee6c0f3d20215295f354f538ae80990d2281be6de0f6919aa9eb048c26b524f4d91ca87b54c0c54aa9b54ad02171e8bf31e8d158a9f586e92ffce994ecce9a5185cc80364d50a6f7b94849a914242fcb73f33a86ecc83c3403630d20650ddb8cd9c4 MD = 4beae3515ba35ec8cbd1d94567e22b0d7809c466abfbafe9610349597ba15b45 libica-4.0.1/test/testdata/sha3/SHA3_256_2.txt000066400000000000000000000663271417716165400204730ustar00rootroot00000000000000# NIST SHA3-256 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 256] Len = 110688 Msg = 5dd529a4bd07d70a7a3f1dac74f073b67ab8cadeb23815e23b220832109320e930a4e302fc3c69c9e0281b8f356dbba266dca57d52e8543bf2b527523c71657d47e780faaf5196f63b6e3d46bdd580573a8925684bcd32f6c33aaf78920eac4deac786f3a0f16779d43c0c37d4d1cbbc3ee6d4086590b7fcf6d9260edc13fc41606c7f5595c2e23af3b80fcb4209a3b9ba1c39c568d9eb33d3bc167be0275e41f3fdf287576c1122e00ace6ace241036f552dc081b4fd784a208062767f3d935e9a268f3ae98fc17e25bd17d42cb1a1b38b14637479b82d7aae87f7a381f75058b85680061eeaa0242d3a16a64a5ca50cb61febcb465f415348208dc1d523a9a21cb7a163a1523cc4999c59bfd5b27bef6898cfd2a54362488fe29b5dc3431daf39f269dffb66f5b3cd6c576d494394b0152796471104feeee856a6d3e6e61ae4827f5fd7978979966b12a65b3f909e033e34c575042475aae3f546c0ba8d3fe6a8b6e9f7004a26d0e537acf60319e66d5658d409192274f0f536e1a0b898db39ff41ae9ac0198be7be3401ca4e501c32fffc586faa7f6b75ae940e005ba99b3308a7f44f4188176f68a01b347bd38e189da7b91542abc79d82b5324c3e3ffe86574271911f1667cc77047fe11604da62b1d37c966c2817dce3f2e4f0babc53985db9acecc334eb836bc9964ca7747fc5cf18196fa184eab874d5acaa6baf58ddae65ecdeb8642128b97804d39a92fca667ee260d6d32aeb4a7e5dfc5cb996ceaabefd7c369449720d288321279f0cf88febe18fc39c1e255ef9c14cf450b1e33e8aff4577026bc005982a495c01e66d2061078b891b31410ce70d2438264db4de73ea8f747bb0e4bb0efd2ba076c6136007dabcf0f76b279c70caebeee47229d1a148c1f6a521c677b38530bba6b3d19906e48bc0d9d4bf56bb7f08df31282a613ba045c528c54f81ae49c0743ab58f1185ad5ec06875f281f1b4e5d3b6789fd4697b82a9ada5652028d14494dad43512adbb9eb94d55a66739f2e9921b6970735560e06adcc7f19e49a622e42d19ace2a598b4742f7cc44ebcbf7ce30704858624d7c7cf5c35dc41384fc429dc8bdac996cc06b6b7f3357fa2a6068f2250c65501689fa2d6f70c521e54902e8e32a811a8ddfe4a8dc1df42122cef5f15551c27129cd0a9f1136b18223ef0baec17fe00025503f758eeacdf34dba018881b6d467ffac2ad5693e0dd6d944b949e41c5e0cdbc7c84c083839d313a7f8522aba3f8710bde75ac7e52e726de09854bb8e3f73098d3ba6f874bc531d1f56d8c0ca48610558acb9cddab8076a591559b85428e54736f610a02ee9f5b296b976e465a3883622f75ceb7d2ee856f4dcc38afc8ec61d4b8413cfd5373d8c947cc6e62ab55f3ba363ce914af797ac7a4b1c73e5f5b7e441621aa7e6289d039f2d43767812787e305e896fd2a6b7e32fecef33bee21d34af1caff9003286a02d5776f5dc3f4686706417c782b0ab83ac3e961ad5d87896eb105e1381e9aceab577dbf4c5905bdcea00e44909aa051665ccbbc9c94d5c838be98f9809b2525bcdfadce3d2aa2af9e3a19954a5f73703e2f3caa117a53b731814bee6f621297bed7d04537201266613e2818b062cb3e4ba504d312f9497fe060e8680d5ca94b38a6aecb43229f099e130474c98cf2e31427eae1aaf8fe47cdc43511636f316ab2b40f0968198fc0de2175529dc32f86221bb779de60bb388116fc8e7884f41bb469bba6aeeb2bb5a8d0435a35f0c94ffbea3345b817c87a83bc038a55843887c72d794b1d81bb0d8488353398fc096729fd26ed3f066d345b2013ab005546d5726813a0bec387f3fab11486cecd37f634bb58197b15f28f92a8f39983e1662e3e824f4c9899d68d93b3a8fae04d9b23a28b9170752d9eb2afbe6dfde60edfbab2e3f6f8b3ecf203d6f6b938d5627c17fdd7989a3434bac53ac9477f2fc6fba056f3d04b18a2217e4ce30fe7b5f624facc063640c0148ef2bc314ac668f00009b21ba4eecea5ac267be071b089f0d9f39880330a22b3625fbc5d3e7b9874371c4fc13c88dddbdb22ed56a93b5838e42ae8ac579f61fb7e34c2b7eb45c83ae802b44f5ec24e2ef59b2aae7d2f2ab68dc844f469a885d2299a56a618cdff295be2692bd344288544b8b84eb63507521bf534bf33cc9722adb901928fbb452bd7e5f7bf62b573c70ea221a01cf4f8f4d8d841767bb49ed250b84ae316b6a227a633e571d5be38de9c80ed0a761504840a9af27f0a07a2ca5bbfba0276661f060ef3bbabf3067eb1367ba2f68e3f34eafa62d043a86eacf216f8d7557774c3ae584e02d483364d2823bbcacb2a1b8f0ef059622a1c91c232c8892c45e0889708cb6b41534ef5ad2bad67ecf113501dd833a7309d3017ef72ba9a3e3b7b49a1fcb17300921ceca7a21aa791d01187e6310d73c202aaa9389a3554979d0e60eb73508dc7f8b4c24275b3a540d0eb68f3ffc4e5a1c253eea7927fdebed462747d53f2e21fede020878dc08681596b9a4b2ca1275446f38f4342e0613b493f2e5d86dd998fd966ae7cd08975dcd357c6f69eec5e63f552331492a20597636c3695f259dba0250f132b275598daa67893fd3fedb557363783236b0cf15989b3332d81b0d0d837a3f89c7a6e17023a96aa67f5ec52b6736c2677b3654e0925dace2b1a289fc278ea04d6b21a1bddf779b23caa305d0b13b7c51854f6432f9eaaae99a40b71e350ace0e1b5a2ccf146e854844502ffdb7ee1080f3407f9545ceb7b7e099f6dc528b033c56d4e51c98dac3848aeaa5fb01bb296633ddf98ffc765dfe3302dbcef66bfa68ac165d3ea358d0590cd70a71154f1181c55c847b947df80cf01fc85e974a1e139983179dea75364628a9bfc879068354366082e094423064a6456f13cb81e8bdadcf86c2c4ac6fcc8cd75889938dd96df57e8767726f71a5d4181286f9cfd4c737403d35c85ae76c97e4473cfb219e3f810b0478b5524640e80c6510a8608ce0e489ad7f6c2d2796d8551e5b167e4c39779a8c8ce39728b67096d9495e005b6b24004a08368fbaebdcae405c8bf05dec27a1822c73aa83870c4be1a9911bdaf68448b558bdff1bcc03545fb9b2346dd84fb477cffc19012309a010b9e81f85f373c751e948e7c4d7fafbbf0b2f96d68e2e47efffc34f0c2af717d8f2a987e6e27100b2428df6406001e8f0c96aa4326e61d05d348fd91eff5337bccc7be168540a8958fce3970914d6c0a76ce9f90c0978e241f6b823b420bc643edfc5b8a4c8bec5b870f046a966e7f7157e23f1cddfd20230beb2db562f8141d1851d7a06a0fc5a43371a918bc69410fd65bf1ae2621b949c15265c9f9c40351764f9a2188d419babb7e8e42ac48982b1cc01f10430a42df6627913dac787d262e7d0cd44de3d2e348be1cb20e136e0c50993008dbc0a42d25f31bda251a69e5686496836243d66802b8bb2f89d0aafb9b6f8c5f964cc57b243d6a680cb5aed74e8a9ef46efc0f9110f4d480c589344025c89bdd1eb58f118b8de6af084e364105798ef01a1763a59afacd6e6b45f423152fc4491803e936836bf776c2efe86eb8b9cc3f0e9bbceeca5310c1230dd2ec9329726c2f3fba3434600587e29faca58dd0c2a9f19001b2c686034194e8b6e2c9400a0f0970ec51c5f378a80f676a2dac48d6f66bff1a3ab61b10b567de884eddfbf5f84e9e66d65eadb8a2f14d0a4f3ea972ed26efeecec39a9ee743f73078f7e29bf0a7d1100b29152d3d315c75536b79fd58c76867b5158c149dd13c96a8407e64bebc12d2374bb34040779991815a42dffdf9726c39d379dca0b9b4a226df56b92c346894a3ef0f57756a0e4720348b7fa46216e6a025e75db8a2673d39fdf30000b7dc3e983bb2dca2b3c2807a20dd4717aa5bbb333460ffac345e4d2bc2dba303ef75b85c57233590fabd22d547bf9e1d7a4ad43a286b2a4618a0bb42559808fd813bea376ceacc07e608167ad1b9ec7d7ae919fd2991464cf63570c7dfb299b61836bd73a29007cf1faa45b1e5539a00514272c35d58bb877526530187afbcf55a6f1757209c50af4eab96c2ab160e6ea75dc8d6ef4bf2bf3e7a4b3a7619db84efede22a0f960e701b14f0f44c89b18f2640017c05ef51bcf93942b8d3775d2980b804359606a8da2dec3d90f035eb2a74f507fec8ce41454d6c1fc5c752aaadb5d967c0de7588b52d3b64debea025093984c0a45f6f2b24e21acaa77a312ad73557f1120f6b15c9c2094d26df54c5f21ef316b5f25a751f614b2aa6139c4571a93a8c75506eb7de955fe0b07bd935aeca4cf07bab1889ff7207290cbb1b6341b88b1f2fc908d6bb4d4405c3b9b5db05e797353cb030cd8bbc57ae1f9937ec110b519189a3c0da2993c1a4a9c17221be1adacf41292aab8de842a229d67748a74994cccb061e2cf00fdda5a8bc976ea30d1fa5d23f8f8acb9dd1eb709964dfcb1b5cb73d19ab32d868a0f009d2ad297a686d9f3619e5d10f840b723d0b84194729b23a2705ee55a947126d142a3bbc0cd2cda5b7e1b7ea1f45f81fd753625fe21a9d3dd0f170fd2a533c0510edc98e21f4459f9bbc8a3cc387a0db889b8317639726a88106b7932435259e4742e0078176e0752bd4e82fc5f20c8c960871ab93475463826c4d7d5f94d521ff52078ff3ffa310af51582bec2f431b4ac4b3813ad32f571b4aba25a31955778144c68e403798566f5b6398ffe64d71ecf7d10320e2bf6a94c884f1b86cac861541a56c30c8c630b2188fdec7be3374c4c853970c1d0d853410354b6534e23802712d918b573586c2b367650c60fc0e1960c2a7c72b20914447549a7319007492fbe566198fee41e55270969574b02635e7a69a1ab600740c986a46abc50d210b085551a215f847641e34d72ca158a45e8485d8ca63b618d429feb7d2dd1129b6bf06bbed945b82873e3a91978ffa6fdd5fe9c9a2dc4963e4229854b30c1573db497f0dc3b220d995da0a2d9fe7a171faa159d569c9c13f83acc18715f81fe7c2cd48adec174e33d81c2d110c515291fc725e64e6d12793fbefffb8bf493a6db274ea05306ced7a962a2aa7a67417b72df97fdee29d82479212dd4d7aa86bedf566ec7b57590695182c895635f9f7cbd35f44ab25d5da42913de0af0ebdbc4fd1cad67928859f6ca64bd3858087fbb637cb35337720376e409a9246432f347b8fc831666c99c3e787ae8f9e50c7295ea166dbdea026a2b2e64e7a7ae1a6db5a768a84aaeb3c77ee057f45086d618bac5858bd15679022f6cc8420b4afccbad2d03557ad6d17c56966e37d2b9ffc2988a6c8633e9606c0223b620d5a7646d8cce3f433d6bad2b440f304c06fae4009dbd1de56c3f32f831f7910c8d6febf3e31f9ed9e8f99144c5bf40a953c61d7358b22c41d0a47b473d3ceb7d98e0fddf2e758482240d48596a2b11d85fa8166b582e19f407d593c9827847fc9ec7148fed8482e474f31ce99fe71631711d6988fa6569a4882f370fb03e28f1f56eba969ea13c7942579975e557e07d3e92812cde1c9dabc83dbf8a3502f10633647a83c07003a912a7387eb911e2f41ea3f7f771a818a24e7da7b98f4b4291ef34bec7e1656b0c6c6e9474a989a04ea7de3859339c7d00916b8a2e3d9b903d7f5c01e37ff5e50bc62a17f83543aad5508dbcc2b25e3d4f1783d148be585c516a46de570aa6043fa6465d69cab45520af5f0fd46c81dbf677531799802629863681cea30ffa3b00836fbf49f87051d92aaeac0ed09bcb9f0755b7b131796a447a993d57fe671c06f3e2b8293cfc034749191bc27d00ae916e084c0030c6a1049cf9b4d6547109ab6e6bf28816bbfbf3810ac9afc054d78601e74f070c92605f242fcfaeb0ac96865957d8d70424ae7679105017491ce8e5697f3b4623512aac86a7e851817e44f05b22f5a683ea8d3887b629a985ad55181b3c9b4e23a762855b0e996f556a9791da79b36724623ad23368c0d6f49aaec68dbbd97f7bf99a6217a04d488af600e35db8aca9443019ac02a4b010146948594759905aaadc44db23198e8db0b5035d5b6c3bed81b8bc4e8bf661f573adc458beb23a802ea3f45923e6d79f650c21786a010b946b70953225da70e780bcb53d7a32425075f52b549074b30df68fedccf013763e5ffc36ff76cd4766ca3a7d8ff076327c1f445c55df6fab5a0394cab39410165bddb003eee54b6013ce8b8fb8c7daa5439925f9f587241af41adf4ac4bc83667d6340aeb8f7d1555efc448e5056fbf54761fe968c2e2eac7c8ab3d098dff9e1039f0279c624fb91a8d1e9dbdf2446bd080842b4b21b0bba43f1a71e7874c0009edf9a07af03369f91fdd00acdc64767060aa6d6eff437defade4d671c21826f9fa35bdacc08fef99acebb9da4a37a8db1d78f7f9e303f74f1bf0b4ccc5ccd689698ec55a5acc11a43c2f106ec425c9babfd510155658f36d9026552318ced96141eb02ae475398bfd8914d90d296a0b44fab02eadfaa37f0146e009c4488f7288a33bace0e8b4b9486f9b76afdf2f672d3e1139f06618d81afb0fc5fd060f7874c5036e237dbf4cb504f9721cca1939b565f8c5c53e5bbc86ad4929544c0a3259029be134bad590c3e7b35e0c80b3fd8dd0db54b4f9f896c4cc20a66290fc1ab5da69988d16844fe5766d9cd7798c2d172d3d59181f5c1165e63acf905b51ac0bcaf116b51737b49a3f6cb1063b1e32d1c9935597150296da79dbf77631a760db42c6ce15338c6962a1452d214bc6b95e4471ec9a8198b1a2f598d07c8a69d394d05f314601eef8df5a9b83b112323b0d0c5d609adb6adc4fe805cd2bec156ed8f23ee2cff8dbcd50b9b4372e24cd027ebfba542089157141df87500ccd36ad1836ca550b9edf71774d43ca00fa13da13ad1d59c421053b193ab20b87b44a28c30c95fa915a766fa393aebec208831c7c730ad3ee29d6845687fa522517cc4c79f22665f9b21d22761b7977f9e6b734199fe7451709f5d75a45e4b67d8e39829d6600099d3c40245f432898011b1ccb6b82573fc757efbeb502f5baf98e1e85bdf69767f46f8c0fdfb920a18ffc204ce2d8bf26878a10a4f74da1d2118df7a04c227103b7b26d2f77cc1606ff206e332ff1a38bc017252481646d9e6e04317cd858115f2fab401da82a6d3ac71e5318a36b88f2198589a7f405dd7257877875e325ecfcf4c0c154e1229adf805c7b57ddb4f3dbfc6bbac9cf9065e0769e1925ed0a884f7f894d6fd3632347a341438b4f4c68bbd12034e464a29b8b439eb007668467d9586b60c8cf5a9b25b893482d78c05c1440599492539af2b5373fc984d012002cf7fd97ea658766dc2898f5b8da8f4277b25e364e2d17e000d9c7b238ca31e5acd6a64f5f16582aed8be8d8b7e527b058bfd4a6925177f7f093ed26ada5628cfb8cfc1391526b3bcc4af97d9539182a29b12371e95159aef70e06832e02326a7b8365712bba3f2e1afe4130eb46ef147d4ee104ddbd2b89a690ba5464511002bf4288e488be32863c1e66bf248efb03c5e183ebc9f56bfc61d46f16db2299ea3952ccea22cee3b8b213c054db81fa7c960182a3488aa99bcb319b46ecf72e857c2cb7fe947cc15a1f86e4be7ab03bf3602773b7c3ed52cc4540c561243f4c78ea48c09e583869ced6d05a388caa5deca6ebcd85e6adf622528a83f21b7b7219263f7d55e8922bab6a98877f7bd0cedcec96f6ba0b4d121295674d863d2c4e0a92694491c00ab5646d47f2efd2b40d58a3e185b0bc3b2531607f9879f3d22ea1c15eccee6912657e315723062bd4a7c46f2401067408adf3562bdb59f9fd929335a86cd86e49da7d694eae5ee1a31cc4a106ef27cd261adce904acb29a1f283351aeaacc2a0172d677a6fb568eafdacddbe2b69112240a529b8282f06eb74e26c80a1d5636d9dd1ddef87089ad7b6034924feddf0d72eaf8d03dd4bfe24672d1eb132ae31f5367b821abc464a8765bbd46c6fb6df9a34b34499f386d8f4d34c94d825a1f3ddea139c2495d741a212bbc7bb065ca713599994a1f2475e05c126161b031473d0c18174349a2347d1c3eb6a3c4c3710e9a549c64360f856fc38a5eba253717774c4ad5273549324bc82330414c8afe1c520ab21a9c700898441b05d969d1fc871fa807d094a8d9f0a567bdf6e032de44ed3a8eff8aec7bf43e32fb21f6a862e706ce03f1d047a816348ab41708317df2dc526765b9eb5bfe1260b3364400e701920b6ded70bc392715eab7342d2d79b09fe0e00f81e325307122a288eaa1f581320eba360e6ce9ad9a263bd0d78d3e08b8749d3f7b6a6415db075d9c42d21ac077465d6e01d0561461cbc66f9fb75755b67be3781ee79528a07d48d2f537c359c220ebf7e39cfae5ed39cb82de5242420a65476be4f134e371f308ef7a398bb7b34cda663c1934bc9cfedf9d2bd47b3824df5d7d560dcfd0b016f2243a5de064bb189d2b73dbbfe301895720f0c48eb2b6388a1eea93d27afb47b923be2b4ddb5a22c8ca136ae903bb77e6b0d598e94c0f0f41d33b39c93ca403a2609e18309610e9d1c4933d4c991b38e2bf32c8176ecfd2393ca05620a05ae9625d22ab453f6fdc4cad8bc9570db14affcea0d89585590fc4adb28f854080576d9c146ad801d7889de7659594fc0e2c8241a850e04a3b4678c8fa2c4397a4dc188fbbcd85b7d85d49f4a93882ce926c0ecaa1b78407f6e4c9f0dfd3081038f617bab149cabbf2f8d567df18ad0fde8819cc3582fd591c893cc7ec0a3f34cd23dfaf7d760378a7b9c4b36fcc703a52ef27c8cc39b8b80c9255b0a748558fd1e3d4c078c8ec88773e9c69e3aa88c8902fbd42ee42529f479e894d8a03d78be7b49bb04bb8d265d1e5d0fdd359335506b84ebd043337997e1c5bf11cc351b35f2498d16edc519b584de6d1a75f1c4a372750a9b692f410e08a423dc81d4090d8a250b64a89e6937ae552a7e802b02291db679b7dd7f4a04f76e0962458209ec4cc57d177780dd8aa3ab8c30e0a7b78b7630804b278d5c1fb409b9cba3a7e57b3e122b56dfd33f576bc6dc581dcfab7085c9677fd0bf3f07495f7b3e20ab63616af25c4a6aff55450f906120bd0aa581516a757c5f7fba65bd5797e346f74c46d84e5a1b9f6ce8fd96f065ae4abf6f66e2fcf36a5c3496e119d854e39cf167d48f0f6bf00682bf2608cd2e2a4c58cfc6406529714f459b2264ccfc66aa027eb1971bd8f128aaa4696e1105bd493c8e49748f5fb7c11c91d1a61ad593f9925785f85ce9488c4a5d6ecfa3328fcbd374988560dd673a204095e8aa2893100abcf9bab9e51abbccb3dc336bfdc75985485b7bc2eaa740b9701731643c8e77d073b4e61916923b966e5ca251ae8d7cbad4395e9cd09f5d4fe8ff89305babb74e445f8466c2d596125695253d8c0bbadadedb37d5d579184a71f4f8f6cb1257ebf9a29a87320e53a63230c317e0669e4d2fe90d57425af913d39e879ed5ecdf0e58243264ae63fbbcccd485c7f2c9ad7b8f0ae9095f6c8910d6a63d10c161d8212b8e53e57dfc15bbea2a71350a5a71cdc5e6d2d373d74faa41b42334d798c98b388706f2e902290b55d9924a704171a99b26d09dc8c3d449de6f3ff25fba3ab448b85273389dc014d58aedec6ba73578d772eb4fa4579e5673809b33a0eeb30422c93f50b3f4613d32e58c0445b446a342712cd250bb3737c98e3fdde35dbde39061d571a23094f03391767b448f2b90a4cc9a0c14182756a84231da702edfb958281dbe4d78e195a137b337b1616ca9c52b3ee63796f41ad8447b108f8aa2ee43c81e20fbf5d192447e4c22d45192556c341e48035c28ea203b256988998dea19e6e07df6cfeb50e40f4823f48824fb6392441bbe934a3049d035cca2822815a22d6cbf842db7374991af215a2daa0570ebb845b162e3531caab520266efbd8a542c9ccee37beb03aad89064f69acda5ce880b024f27abb5e72ac4f5c848f99ecd0ff8e7c178721810bdfb91964b3e2ee30a6425e6a97d0dacf23408ced6bc13d7d17eb75f29bf3e452b82200454685f06c32e5a9f3c3f9576a21dbfed017b961f118cd23f3808f2c2b1d294e35ee2b28432a804bb584a19ceaae08fa561ce820d50a1bcc3fc05b213d15b6495b323c605e98fb8dd7652d72f8d2afc7a701b541d1f6bdb901e3c18a31a8b13be09a205e64833eb782eb06a13c96b8aeea4e8a8e8ce39a325f6f2830aede026aebae3febfef43011dda094f15d010bf7488ccecdafd99c7e81eef8dc5dc0911fa5f702ced4f2bbe3110b3f2a041c91eae842e8c7e1e0aae790e79854e55546a135fccfd18d85c67445b47013d8ee30cef3f84244cb01acb3b4e37260f0a60a3ac4450fbad1b53a0da2248d75827fd1ed9036430c15438b2b1469edca23b9c3307a5b2b524a8bfdf650e20018a9d75d8de88553e666af2d97d901715928985bcc7ec589619e0ef87776762fc4f6ffbaf7226cda9b664b7b3f2a3366d4a74bb856f90b93af754713d83c69844110fed273677440f4be215d6a3088350447d8c41612b6b003783c3760cb426556a1dc8b48df23eeb61639bc62138744b1b1496553f24d47264ef74a584b893ccd4ea1cfc0b1044aac15997e6dfab9fca28da68557c058c2e1a0803508e4c7706cc1568521069cbd9d644b8dd40da4c5a182f50b68a56088fa16dde1b8bc8269fca20395b40575b050ab57cfdf76d208743840dfcfc9ec0139571835b0fe458f4498aee6c1d716898e91c32ed55acb2be4588ee9d4538495680c391837d0954a0e4c616290a307b21fbe999100e41598b98ae811be6cb0ac4ddc4674975afc02206623f06892d191cbdbe1dfa6393ab5bb75553fd73bf9aeb270493016c5011f438dfd7893ccfb905a90a1021084c2ecb2c2dd5b65e9e6035d6f4934fd392d093f69f5e357780d159384e3e186eb33a46518884db19d001316824f6894dd0628dca31617fdbe8f8a3f60ae644f9617449d205ffd0380cd47a75162b422da16e5e2e365fdccc70a5626cb0b73b5aef53622826953a3bad705d7838a00f158e5a618d0ec7d0ebb06e1106e00f6fe5b56e1bce5ae38d872a6b66dc1cf34477ef9d44713b28009c20993c5f098d573c4c1ad33f13792ebd0c0c332b23a386d74dcd83754bfec07029dd40cfbd8f85c12be024e4f0b4b24fdaf92eeffd2f4ab631618b03a1cab4ea6490caf34ca48016cd548d6a73249cb21fb8d684fa05048732dfe7a6dd0a326d496a3744575aba9fb8fe794a0b57628632a1b6a4baa358ecbabf15c96e3bed9b40a0124d6e10a9ee773474de39bb883ecc6a3ba9bfa89c3941858205d5ee2ae702f8e878e174e26570ad1cc18ecf923e4578f21e6983630f5fa9d8c6948f9ec2d8db364161e5d8a73daebd8e6b1205172634667d48a221d17db276963a9eadc16aad68415fe2112656dfe38f5f11555be7430540eda37d121425e7ef2899dc6501061b034c08105524b73b5eeb4c077f111b5b03c905b963cb8aa95bff1faf20647baae1b6b64ad65fab017790209ff33c33d4206b278b290c4737471e8e9a75ed54b467107b450c3041f263de4d834ab1030d3124a756e44ee21e4b177522e80447a42df9d583797f127a9e361155f8283f62b0b5f3a1281be1cad27a51dcf951cb1690c3338aa07472f6a1282a8c8dfa1f71297faafe66ebdcd977a7a32d2c5e35782a1d43cf03b90a12f734e79b7ebf49c505e22bc3234729a6a53fe797f3723d35645854c535c53e4c1aecd7074ce034bac09df493dfa65eced593adb1e14638fada1505019921960e86a077646af566df040393e50e91f2ce935353ef6832cf24e5c3c308b04697d6b4f057177b6766be2aa3983b32927c0278ef78c50ad0564031f51d4f1dbcba31406ce4b4d0deaab4bf0e600aee105126c0d89ab74ba764d92929824933ec73aa9376aea11d93a97f2ba499e89394288835af285aad10716c45c1809b856e6aaf38ae2380a45ef96a1af68438b5a658c331c3a003a1a41256126da69aa4baf5bbaa53d1b8276900f1e774dd8fd6cf68543fb6a066bbeabe33197e42eaf44abb6c633837dbf97a56c32bb004627967edb7ca1897e87e5ceb8fb58403e10696021dedabc450aceb614a5238773510184f5a6b39f4fd4b6300d8910f68315e35805cc42f15bab434c6f3f56ec49c3d5903d89dcb5639b5a5b48a1680ce305da1bcb56142aa7ea20eee5c8fd37afc4392a1aecc2d1a123f9d7d30c088c482a752fd945f86d100f8a25de07bf6e8c9e55dbf4980dfef1b6b92a1492977d99cadd1e996095c48161ab78c2c5459bca97522a345666413b9ac5de75fabee8be2e3a7071719436df29ab6ff9ca36c550f858a040ec75a46718437b5c0e24d49e9eb3abcb3e9ccb13b0b292ebde3bf506098ec38122e12e5e785c8733947249236170590e91568c053be76a01c9fc32d4111d1e5fc252e70602378c61554f5034c19a01a2306a809d15727ea1522084a25a2d36439272d848fefd114e1964efb904592cefe37fb0c4857c56344350f3582ae595935ce6080db3d59f62a858309b73d4615d743d2260d22d7b23623388deca6dc2b9e6597f3b6ae8bd05c9d41bc056342854a94ee05a45ac74d578724a1c82ee451bf97146bb6b5df39f4680b711f5a0093c4c57f29b2622c9b14cb442fb9990a7235cd66476fe5dc998e5030c7697418d7d23035e0abdb60321a8a27661597a6f37d931e1536b10c8586f0622d8863f3b7ff7f72e8e5191a98b52e3f03708d525c1362ac639f99d7747ab30021d08c19caa8fde6a112bda43591320b866efc851283c681a12f12d5ece632ab32f66ef3667b55e187a94ba5af2b301d4d5567c7cd4b394e5c59be706535d9b3df4e8f2941c2f1f42b1d25975befa2d4e6b84182d2d6355303a3ff4f640622ca956d5f23b33c6caef9d2dde1c25b04d2e12c3c5ed9b13540259257bb6fb3a85fe3c7716b51242072828ef71d78f9c087ab159ab43868d39630a95a5cfeead4d448d148788236b7df4395e3c2f6487073c2f8ff1b75697ab5b35d69ac87f832c8333f56d3fcc09d55bb9c464ab0c39f27b76adc0d173fa52f3c23181291883ccc41562ef5f77e3b7658e6714d4f07a70406dfb3f1a457ed73299ee827b2077d20e1ba235728bc2c91ba190723076122992fcc1971935eae221a255c745ff25e96a2dff6800706eb684da86a64907c8c6790b46ef56a9081ac6c6ad750f1c55b7df33bfb08f8daf24a82193d9a70c65effd82d3705a0a9e282beb40b762e1d1e475152b34a94c4dbc905ffd33d0ebb24b2749b041acc175b358fa54b3c4b5601934bb8b1dd5140f25437a0ddb4e0e7483fe49258cd534556453dc3291c000c9fe250e27929c4ebe07c95c0bfaa9db763e8a687a765bcd05e32677227adb2bd53a4ff446bc8460220c2beb3fb767bc7f25d48ff629c8f34fd7d9b56b969f9c4c76bb5632c317b303da7011f03b121856e0e3a7e2cda30df9e9727d570c93bcf6596f1d31ceddaf2919a0b568ad3156c416c09686897585ccc0fbb62c053ff39a8c752f8c055dbc5c72c4bfed364de0916f71462a86c5c290057b4a33a82caa02b6d5768b911f43638ce316c8feed1d8595009d16ec1b2c0d5ffb20b41ee147f48095d9759aabaa071105a4412c9975672d748591e2ff2b0a778220f78ee6343991bf3f94478a5b10a632509fe9da5001e2d6e5e590fa2751f418324321c4d799935a922ec143bc46f573022c5c361619592da4581f9388a87fc53ee2fe029adb2b6fb98c305e3770a6cfa22eae372f783d81ac33b753b6d8c0922c1a4f28e4c903059cf6bb633358614f19ee066504e634dbe4be7fc11aa95e86e43439bf1c29c32423b38adb18c4cdfa4db48d47fb2be6423440a0651ae202aa4f77e64eacc413d4360dc64e4d7d92d827c86a657d0efdbe840342c71f4d5304532d7e5dfb62991ebd4a97423c4b59f18f71c647f3581e57bc4d8b7092b0fa9fd99c287471cb0009a0b324414cf5ca4e6ef8c976c3d1f316c567a6e7d9d49e80ca0e0d1c76c6ee9ec79096d2e5458cf6aaa59a79574124028599b9b45e81e8b10cc955dc721c0ce41a29147e6f0148f12dc062d815705923e52aed60877e7f398916273dcd9501e382c5c7cb52f2a548dd91481c67263982cd646972be950d20273cabc6eff975a3e5aed743f7e04c02a46075ccb42a6c26268d56726a8c376ed0850bff4110122d2d2a6b6ec493e4276974117063459b18d6eedbe8f22ca72c6b376c7029a27d884082abd322d216c014164390de3f6e5ec7cf215dc03d0562e09bf9a2107661bc08fec0fa7a668ad38c8e33b58ce08c02df784f593b87f81617f9d71c5f5564d26be5d26b3218e76bbb240a66d5ef9e0b08308e62cbd12952f79931667c072ed1538108afb4aed58d8820f02c21364b8229400602d8e5401d6ac22d09d15468c1a7188b4d66f0fe43dbc90c8ed87b3c6e2af0dec0ca89e48058bdf38cc404baaa4ff383cdb2a807949c688714628718d7f2883f240a86bd81a7d3ac77bfdecb95325a17b8ff9c9b89b3458846282288c66b5050b7fea4742b4049805329ab44893a946f94b495602809a838ad901334417c903a000faab1830b6a96a66a33cc8f4eebb4ec3b5bfe7b84d9bfd00324c3530d8f2488a5621b93f07d17fbea3e0cae56a50e45fbb61e8a0d1f4437ea1bde01079637d529925b62d8c92ad71094acee3b0ba4295c6e685b8dc4ef6babc12c5550ed9a71010319f8a997f8c446fc5357e3659f1fc64a83f9ea0ee9f3b0de5656d1dc76e4977dfc5e4d2fa949f440a9f237fb26b0a11418690e465a575f3a030c72abf3b452c8ac9baad964ef802658c61f1462625592ceb4dfb36a20229cdc801ca1386b99abd2b7aadd513c537705db84fa7bc04a8d4ee3479f3fd560ce88b9b5076e90d6ef16bb348299bad5fa5a3a4cf3984fe9cc3ffe2d5004fe8096b0bf2625bcac705c1fae2f1264f16e79ffea6148e19998194a0b780fdf24ecbdfc9b58434b46cfba969885d3d96887ba9cf3a9417f25c03a17141224f8ce0b0b135432a943e65bd122811d0e21a78687d85e0e259a7bcaf84d20e2d7788445479ef29b9fcb157c696c72df0a6336d5a65b32773e59241c1b9438d07087ce023b447e7d6c0b599a491b72b311c89edadfce77cbd2e5a7206b9663c4364c35aaadaeffbf592c3d1d3ad88a81697866fffcd936f42a668c3db0f8a9a672f040a566847d49ae56466d044bc1315b9a16abc32376d98e035cdab165125e6d9a785c2e6d0103b3b0fef26f1b1fab2f573645fe553f6245e49e613783a7d56c736335cc1191d5af63ec1443f1acd72dd64f37731699779932da390afa6ff1baa38b990a1938a7ec96983c4774719e9d40e8e8eb0f8d00d01598caf273729b9e5178f1ae2dfb61b0728bd0444d75e6c6bc8ac02de822e533b4617cb796b9bc5fa6b0a381f4e4eb441f4c3a0223c099f173bc270348610e0a38bcb7200a4b3a46c9bd194b17fa2df0c463e0499f5b9d668c068533d750649dc832e3f67831ff9be227b9d43d450ffb8a592ce1694ddc6d30f042863efacd338d4a68018771f1a61b74ede30fce7aaf98b58491289e3c4e8703c6c425643216af8cae09e015faae9a2e1c42359c545217ff52228457a750b8c67ab533987c8c55801ed62a2401fd87dcadb756b7872d2ec0fd5d277f04bcecc2c420119d91dea7af1e2f0ea7edd90b070a0b1a28f988067eed07b61e3bda4a7d0dcf677b5b54cea017de34a5a88b4e369a062bf694abc6c48aebdc3d33f2fb81be88dc3ac135f2db72a94326195a77f1c56f2e293edd97173cd03fe2d64c26563d1418e3aacb3ae99559e4332890aec1f310cecae167a1016b7d87180b30f482f43bc47e005ccf51eab6bed2bd741d2c8cafb1e064910b097fbb5de4bae58d8f49c48811aa31d99bd7877a0ec04de9bcf8157f73afa3feb8e0526950cbb41805a6790ba690927f50c696bfec19643df9a00ae18caae5a194f60a526327e5bd6a7220f6449ac6e9f71ea93676b1013f6aea557e313d9f1d272aabc025b4c0a6481582f0f4b0174018478986b36e6b17973fc0006d501899f9e2fc5d9f5b8cf826f767a2bdbacbac3ba9fe58ab39ecee0808110c45cb993e9087c6ced80593de8d8097b3a7a02b54e9accf5467fbcaec46ab114dc3966a337682d1bed8981b7e0418d9ccba4a7f61a9b8c621ee9a4e38d8928868ee99d3a13339e5d3a8fe6d001327f695ffa00ffa0435a9684800c0fb46233e08cebd1cb04d16cab54f1dd18d4215b7b57d8b2248818b41d07e13685c19c8fad36ce88c874e80470dd5df8e4d1a4ae1d53cf10273a822560297bd8d84d8e88671cf036c4fbedf2683432aee67222e3f9c45bcf5a20162b0a59be4799a0beaa88bfff7042f239a2dbea0e83703e22998b39fd244fd15b41662937272c73a3829c905aa9c50071b2567f400b24be3a4b3c1521d37ad6b7e51e1864ec133ee39d0d2e8067cdaf1c9d525485aa765ac05596f678315da8b292ac97c60ae05ae55674fb0f2ecf46a0c07a1a3de5e79c6b65265e5ee28abfe1e66c37d90806603f4b4e7665533c6f94c81830d741eb0b71d664ad445b6494bc4d07692c6817d747e814311199a7926f10c728e04313109a45dc73d7008dcfa822f8bc2eaf773895b940ab9256935796370162f76dd2543b2fe832756668b94c24aa916e42b6fcaf4b5e56661e8217b0b7518f7b26bb4eeae12279ae1177ea0ebea79949c659ac0afae7c21b55e66b34fe320efa023059102615a9ef865dea665d7a246fbed1bf2f54676f109152ba99881d51d294c41b415b3c53c8396d32e97d9cd34e70a1be82f447cdf455399e64f18e08b332f8fe04fd00f7b6bf384c1ebb8a2654905c22bc37135f25161d8f1da70e841a715189b1880e16496c41ae6c83bc8e10a2637421b954a3215870f52a35196456e440470d88ae3fded51bc26962ce8b010b5a3b59d7862a77a0c6792108392a16e057ae4f7b7bc5058e19308be51a9db45fa2d0db3e1265a663a07388bcd835d919fa281ddcf1565c0bec714a672b468903dfed1c4993d52c25717cc7bf9127fbe5ca5cef39a95420b2e7fd2b759b062d8c53d893769519777acc1d748cde611dd82ab539fdfe5f1237ae3cb59cd46ce07db13be761707326c812be05912a81ad55adb994a68ac7aeeea1c86f5951eb604c7a8f6e86b092a881e7d6f188fffa3902c5e275dfb93e356c5528bf17adf21b7d123bcf52fff87b5cae00cec0e94b3f5405c853e6142364255ac63b74432180841ad9505299052dace7c403d550e52ecddfc3c5762607b99e05395adbbbea2df5e6d0b80226592de727892742e16885d4c66d30fc595b845af6fa93da62cc724718ca5cfe3264fabfefc8bf75f545e30d6c3d2cd548bf72d0a2728cecf238fbfc231ec58317a9128ba32b12fb06fdb4dc13bc2fbd5e73f3938a399c7fc4c039899856684d709613dee408f84eb10089d55f52a0011549951830c8492f64f2a983eb09dbb9b7cc6d2e14eaa5fd6deeb06dc1a9244d0780b5d318a719685d30da5f8d91966477bc9cfdc858c263b828f719cd1822fd9fba0458b44e93b7080b2a8112860eba1ad711c270cbc43e0a3f9c7de438329f6865df1d96373e981ff238acfc6fcb472bbc6a20a0cc21c8dea33eeea971c9aedc14c4a630e98087ef868317bdb7527814cd047cdad271b0cfe44d008f6d6ea87537436706edf00301287875c8e51ae980998f4b71672a624893454808838818ce5dd9e4aabd03a5ff68a73bc081ab07d9a259211702b279c300b619974cac7c41e906b37ecf31cd34c78dce1715795f9a67f0723e2da053d9dd2e19de31425f7a794838059d10f53bb5aac14f091c4d4d5af3d359508a8cf7891bbd2fc9f01ec27f1d06d1bf17ca9eb37ca9dad4fa7d6d1bc1a8fb13c781a684ed781e8f2c46c47b039455adbc99b85171ec4d119a5c73fae88795dffdde516131df1ce95d73fafd8a5523d1860f2310390d18477266eca8e6e3ac1d83ffa2ae7756cd711a02d0671fedaed2fa7759601080bedf292941863b31b064f061f4bd3c7382bed89fef4842b2692a808ee5d1c6ebc35115201d135416454ec9a1d21ddfb9ef1b1f9792317147e530ce9232d59aa2a835dcc7d9e0cff5dd23863bb5510f9e652e658673835a12958e2b4deafc2a49d005d69d027f1d54da9bacac38f71a95875130d90dee3ba71cab2d0e58b5e455fd49991c113ebab7e00fa35fb760af33c83c082bcbb2b479cd105a500683573b72699ad1a0a03693600810d2db3e2c0d9a3751eb3771430f394619bf9ee5017ec1ee623a1b640f8bed1d6bb1fee01f678febb493cbba65dbe3c511a97c6b61a47e6075d1fbcaa3e5e9a82a59ace707f61bb196b212feab645f05a8aa1986f6210a384c15bc749245d840b3565fb3641dc0318ec287ae724cfd90653e00b84d98f80e6b91f7d269205b6fbd24a1e5b2631fe3e351a44a68da61edcdd1cc8fc660ba3b3ac318648719c58d9e30fdfe815a7d316acbe372ddb10e964911c77dff0ce3476025a8bb7a76b942ed27de5e4f587ab25badef986f4565f27d5aabf36611e5cb42262347c1eba9081065cd957b019adf5c74032b9c2c0aaac128c4808a04442f77611289ebcd1745ae77462492da5020d3cad8bcc2b95f27bb18bbb5d958810c6652f10256bf76941dd8c29c35473d1f57fedabc9191f5e1d186fc03d2831ebaa5783931a127597bf506ed5cc0dcb4336fac83cb773a41719b100feb14189fd2ab4d65a849993255ba8e00f6d40f480571406e39f216d45f7e3061ec0c8d66ecee5f00c6be7993b9e4dab7fadd537afe0346e4a880ac20e401548c773a561661e509952d7e6cf030fa897cc94b4dcf859c4ca197a18ea9d7bb18fa2d1c0720ca35e99d4d17d7da2361f6b9f2ac62b844b2be0f87e322f18301ea357e2015088e477b7396094ea439b1bf19f78f16b7b3ed1788d9a40d7a8e8c44c8dae5145036904bc2a8d145f0cc705ef75851ee605b81e5c83d82b2b74290b52ec3e9697a5bb6b714e5fe3242541432ec85936e248437a538040d973a57e5b7c1e99ba8f9561169b4edeea81b7913f7641fd1fa86f664d242cd933f7626c1c93c8c7a375fce36b05d11211beea405f8e8878c380a0aaff9831ab21fed47db66095d13b9101cad47680044122e5d50d4044d208b10395f87734be8cd2223891a82abe682acd9db8b503bb60f6d1d8b0521d14d885c2b1a089e01b5ab9752515363296148a87e47f8b013f5782d5d1af8dbd451a4202866095dac975fcf5cdabd1536126f7582890c022990f0e1a4974b9c96db631ee9a9e65cdd0c3e3c9b7b940352886ba68ef551c0fd06fe2c8c8669eec94939aab78c3bf5f392eb51a6ba94c81f31c1bdec4356770ec5e4606d4ed03ccc39bc564a5386c380b9dbc0f72e1bddfc8d061e22c98 MD = 0b9e7cd4ed382cf5ba14f90aaccc61f88a82f9fd628e58b8441f28f8236ec511 libica-4.0.1/test/testdata/sha3/SHA3_384_1.txt000066400000000000000000000560671417716165400204740ustar00rootroot00000000000000# NIST SHA3-384 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 384] Len = 0 Msg = 00 MD = 0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004 Len = 8 Msg = 80 MD = 7541384852e10ff10d5fb6a7213a4a6c15ccc86d8bc1068ac04f69277142944f4ee50d91fdc56553db06b2f5039c8ab7 Len = 16 Msg = fb52 MD = d73a9d0e7f1802352ea54f3e062d3910577bf87edda48101de92a3de957e698b836085f5f10cab1de19fd0c906e48385 Len = 24 Msg = 6ab7d6 MD = ea12d6d32d69ad2154a57e0e1be481a45add739ee7dd6e2a27e544b6c8b5ad122654bbf95134d567987156295d5e57db Len = 32 Msg = 11587dcb MD = cb6e6ce4a266d438ddd52867f2e183021be50223c7d57f8fdcaa18093a9d0126607df026c025bff40bc314af43fd8a08 Len = 40 Msg = 4d7fc6cae6 MD = e570d463a010c71b78acd7f9790c78ce946e00cc54dae82bfc3833a10f0d8d35b03cbb4aa2f9ba4b27498807a397cd47 Len = 48 Msg = 5a6659e9f0e7 MD = 21b1f3f63b907f968821185a7fe30b16d47e1d6ee5b9c80be68947854de7a8ef4a03a6b2e4ec96abdd4fa29ab9796f28 Len = 56 Msg = 17510eca2fe11b MD = 35fba6958b6c68eae8f2b5f5bdf5ebcc565252bc70f983548c2dfd5406f111a0a95b1bb9a639988c8d65da912d2c3ea2 Len = 64 Msg = c44a2c58c84c393a MD = 60ad40f964d0edcf19281e415f7389968275ff613199a069c916a0ff7ef65503b740683162a622b913d43a46559e913c Len = 72 Msg = a36e5a59043b6333d7 MD = bd045661663436d07720ff3c8b6f922066dfe244456a56ca46dfb3f7e271116d932107c7b04cc7c60173e08d0c2e107c Len = 80 Msg = c0920f2bd1e2d302259b MD = 3d1584220409f88d38409a29ecaebb490ef884b5acba2c7eaf23914bab7f5f0fc97ee1e6336f88dfd4d0a06e902ccd25 Len = 88 Msg = 70ae731af5e0d92d264ec9 MD = 563359fd93fe09f3fe49fcf5f17e7f92aab589cdec3e55e4c3715e7775814bbbfb8c4c732e28d3b6e6404860812dc6e9 Len = 96 Msg = 69c74a9b0db538eeff64d93d MD = 88c66389ca2c320a39022aa441fa884fbc6ed2d3cc9ac475372d947d4960579a64e061a297d1831d3524f98d8094404b Len = 104 Msg = a4a9327be21b9277e08c40abc7 MD = 751f5da5ff9e2460c99348070d5068d8a3d7ffcec7fd0e6f68f6cd4a2ef4226df8d9b4613c3b0d10a168eaf54eabe01a Len = 112 Msg = cc4764d3e295097298f2af8882f6 MD = 10f287f256643ad0dfb5955dd34587882e445cd5ae8da337e7c170fc0c1e48a03fb7a54ec71335113dbdccccc944da41 Len = 120 Msg = 5a23ad0ce89e0fb1df4a95bb2488f0 MD = 23840671e7570a248cf3579c7c8810b5fcc35b975a3a43b506cc67faefa6dbe1c945abc09a903e199f759dcbc7f2c4d0 Len = 128 Msg = 65b27f6c5578a4d5d9f6519c554c3097 MD = dd734f4987fe1a71455cf9fb1ee8986882c82448827a7880fc90d2043c33b5cbc0ed58b8529e4c6bc3a7288829e0a40d Len = 136 Msg = a74847930a03abeea473e1f3dc30b88815 MD = dba6f929fe55f9d66c5f67c0af3b82f17bcf58b36752f3165c16083fea8fd478ee6903f27f820ad2dd9950afb48c6700 Len = 144 Msg = 6efaf78ed4d293927eef2c3a71930e6e887a MD = 8218498ab01b63041c2ba0709e3309496124ddf0904543a9e0d9d096a750dda97f7a02208af3d8c618d4be7c2bb2a288 Len = 152 Msg = fd039eb6e4657388b947ec01e737efbbad47da MD = c5b3130ef8dbc580e1103fecae69c9a882d9ebf5a3def5938b07f843452a09c9f72f0dbca91d33b021cf6aa6fe60d2ed Len = 160 Msg = 9c694943389bdc4e05ad7c2f63ceac2820e1d2d7 MD = f692c025c5c5f3d1275213c1df9bf9eb6d2188eda90ab5bffe631f1dbf70ebd628caee88b7d149e1ac4e262873979afe Len = 168 Msg = 0fb18357b018b9bbb2cbb4cac50bc85609c92b8e7f MD = d164306c99e3798790f0923fe92dbf2f96c3907127dacaa467c766ac75788062589272cb7690b8af2030dd8bd61a3df2 Len = 176 Msg = 26cb40a460e2e727aeb867e0140d0f34790110deb5d7 MD = af2a42a4c67c3226c55b89605b0dee27e796c2792115f6097203db5aed89e35f563a8246d399fde00c2a5b97ed5a5e17 Len = 184 Msg = 6690a3a0373c829facc56f824382f4feed6eb184642b4f MD = 84e1b68bc9e2daefc19b567dec911ef46f5f37a74fdbbb6155e7e646f2735df2ac44e239689eb5b536465dc571e55cb2 Len = 192 Msg = 7d80b160c4b536a3beb79980599344047c5f82a1dfc3eed4 MD = 041cc5861ba334563c61d4ef9710d4896c311c92edbe0d7cd53e803bf2f4eb6057235570770ce87c5520d7ec14198722 Len = 200 Msg = 02128283ffc0cfe254ac8f542be3f05fbe4e855dd22ae98a81 MD = 3840981a766d725f83d334e8982965033a5fbb5107d94ffef33b1f700cd46348091a49f6620c37ae3ef5b20513494826 Len = 208 Msg = 27911dd0a6843ccae965d876aa1916f1dcd71e518f7f2197152e MD = f59f8428555984d1526cded8129c649fb1b683d35cec7c5e1209441a6a9e7c17f0784151b5ab8a8c492b402a3acb98c4 Len = 216 Msg = d9378bb66e8c8dee556d691cbc9fdddd6333ca5d50668862c3c57d MD = 994532d1a557e990b1cc9e0395a2ad8b05619ca322db9da3c4ed2ee194c051d04582fde72dd2b8f674cf6ec958db75da Len = 224 Msg = ae1828047c5f82a7b9712f3399832124b892f2f7aea51c8fe3536cd6 MD = d51111f8bffb44d81ad19683198f29d2033144d3cd856c749cac5b9cae0e712f500f8d0ef813f38e305ce175a7d6162c Len = 232 Msg = 7dd2d76fa054cf461e132e9ef914acdc53080a508cdc5368ab8c6224ff MD = 6c0b3395e4c86518ab0a06267320ee9ec95e50385b7a2527ddaa1bd0ead262c56122d4f4eb08b0ae22b3ee7e6f44dd18 Len = 240 Msg = 6fd72888a021f36e550967cb5605b55b78657c9272d93c3ded340d67da6f MD = 0551583a5b4007401c77ef4382fd8e245c9cf12e976c9766af6b7ae3c7e07a82b3079f903b083d5ec85cb94e46a85ac0 Len = 248 Msg = d500eb9546553619cdc31e0848c502db92d547efef3ae5eeaa22258afcf0a9 MD = 5edde2f94f8695f277ec05efcc00761fafd272200aed0e63d221c2b6c65b4972a6526f9a1f2e6ace0e81938f043fe877 Len = 256 Msg = 6189597e0198a18c65fa0bdd0797f13037c75c4058b7d3454c0f71bd2dd13b6c MD = 110630ca7631b7620e6bee6ed6e929098965571936c34829484983eba9532b8175528c228c57439453f027a4f7c83ca3 Len = 264 Msg = 243b941d748541af303f8e9d2c371cd03e437d62a9df485ddc176dc65da8c7da00 MD = 5884201f7a555ea3c5deeb019fd9e8c161e1b89756045e475b141ec5135ce5a41c93e5e1f79534d36fd8345ba434da43 Len = 272 Msg = 2dc3d789582c1a806c3b491d5972ef8f1733f1f5e02866dc9de2a8029ec0ab608d13 MD = 05a3903b519cdf679120c7ccb4ef178b58e4502fcd461360988fa06669294851e629d9dd3e77ffb73d24599d5d3edd36 Len = 280 Msg = e5b3f6962fe57230780b3d55b29effe0dfebde2c81ba97d4512ecdbd33eca1576a7f82 MD = 7ac2776afb74f55bbc4f6eccf825ee13ac7445fb54974e6c24ebc0f03fdcd8530199a61106a31b4279e02201ee0f54fd Len = 288 Msg = da03486aa3cebbd6502e9f5a6f0f835e973a581befcc1aadefe7b3696ba71c70cd58c584 MD = 02c44ceec0bb7dc0f664ebe44230192b5b0bb646bb944d23fa1ff3586dc0523fa9d7f0dd6df5449ab9edd9a1096b07dc Len = 296 Msg = 3c686d321ba66185cdca83ba9f41984fa61b826ef56b136e13f1239dadf6e03d877866ccb8 MD = ad624edd9f2c3a32b56c53d9e813c01d66bcfe424c4a96907d52ac1ddd68370ec86dac67504a90e8a8e75502e01081d2 Len = 304 Msg = 4dcff99fac33840f6532547fb69b456902d6718fd5d4538e23462db6d00da61975f2b8e26298 MD = cf37dd27997c1bb7e6dc405170066e74c6ce517c029ed8dce126d025da74e0b8e86da567e8d7d8d5b5d3e2a546df7489 Len = 312 Msg = 2799f672328834d7eaef9439795d35ce93c9094f58ded9f17c968a97a50a9e461489fed988e7f6 MD = 85cfc23c97cb13910b808e7033809a45aa0b7f7138de618c2ca622c8b813c988e264af3b96c7925dcbd1d2761757d800 Len = 320 Msg = c7e947507822f28a562745a8fe6fed6cb47d73145804c894954e21245cde04fa9155a35904926aca MD = 8bddf3baebbc5b04fe0b0a9c3c2b730abe918ce4892d2843c613ee96da0228512f0d1307c7d1a8922e79a92e957dd18e Len = 328 Msg = 6c497bf6ff69cb39e3faa349212b8b6691ca237905ac0099c450b6d33abf362bedb65bdeb307bfea23 MD = 3639fab6191b35246278522cfacee0cd5b15580a26c505ae3c46b4b1c2572016b48f1b012bbbedec47916950fbb33a1d Len = 336 Msg = d15936f3b0c9018271812b4c81453c4457c7edd110bcea7f5735d6f5882d8f27155eb4cc285a65138ad6 MD = 0293eeef0aa3392c93d9c6ca89c08b317622572d4de2286a4b9ae6c2f9c9e0e64ee6c483d4f10859077e3c6868430214 Len = 344 Msg = df18139f34b8904ef0681c1b7a3c86653e44b2535d6cecd1a2a17cd5b9357be79b85e5e04dd9eff2ca8b9a MD = db9e171d6e3336631c9ceec6b4d732ce62b015939269fb69fae7d22725500e8a2fc9f1459cf0a31fb9d16d7c44583f52 Len = 352 Msg = 0459dcbc149333ea2f937b779a5f3728148449a9aea3662cdd2cc653ce6a2050f9c0d54bf9326c039b263eb9 MD = 464ba409fbb45e985f84ee24662eb7c042c3c2ad9649f1ac4a8b2be9c07d37ed2e4284362057493f6a7e52c356b05bc5 Len = 360 Msg = eb3f7002c8352270340b8da8643622e5f7e32cdb208a0dec06c6cb9e6b64cc4d8cb9de1d49397b3386464a25d1 MD = a26bd76ce42d818dbec462d8fe7cdd957e6b84ae8750fb5e1c9c76bc6000e23737e073a59b4600e5056524edc667909d Len = 368 Msg = 47e3e3d8c68ac9d9f4b3759d8c7d9dd901e35b096ee4c8b6cbe0cdf467463630926c08289abe153bfa1bcde3cd7c MD = b504ef475a568f9caba8352a0b2d243acdf3d2b41d8890a6fb3abb8aa28a29e0c7527d20e2d79b25b400ec27c314db72 Len = 376 Msg = 838d9c181c5ab59592723bd69360e0d7fd15232beada7591ea899ac78ffd53a32fc73a5fe522ed35d92a6e2bc148ca MD = 53e99e1158d59032ffe4b5ea304c7d2f7a61b6b2a96ac97832ca26013549fe3f7dcdf926bd74ceabe4f1ff172daed6e6 Len = 384 Msg = a90d2aa5b241e1ca9dab5b6dc05c3e2c93fc5a2210a6315d60f9b791b36b560d70e135ef8e7dba9441b74e53dab0606b MD = 4a16881ce156f45fdfdb45088e3f23be1b4c5a7a6a35315d36c51c75f275733319aca185d4ab33130ffe45f751f1bbc5 Len = 392 Msg = 8c29345d3a091a5d5d71ab8f5a068a5711f7ba00b1830d5ed0bcdfb1bb8b03cd0af5fe78789c7314f289df7eee288735fe MD = e27b39a96255ff69c45285fca6edaaa3954ce32c1e3d9b1f60c1b6676594bb45caf0889fc11daf93a1b60746229689dd Len = 400 Msg = 32876feefe9915a32399083472e3c3805ef261800b25582aa7c36395fd3ec05d47b49c4944bbcc2b8b5ebd081f63ae7943d0 MD = f96433cdb69a607433ea2eb77d87d3328867dc4076b67ccf17f50f9e08e89a86624b60f2ecdb8affcd431fc13173fe75 Len = 408 Msg = e2e77eb54f321f86f52ea3d3c8cdc3bc74d8b4f2f334591e5e63b781034da9d7b941d5827037dee40c58dc0d74c00996e582bc MD = a352ab33ca730482c376bdc573c9d1dc6d3597f9be9f798b74a57beaa8e9c57b78ee6761056eb67363e882fefcad4fb9 Len = 416 Msg = da14b6d0b2ec4cf1e7c790e7f8f4212b8f4d05f50e75e2a56a5d70623c0d2e0115a15428129109b3b136d756e38a5c8463304290 MD = aae7ad977e17ac0e560c0e0186433420f9fddcd191b9e91567cee05df88f1e1aee50424a313998a873f7a9c289a02217 Len = 424 Msg = 2db06f09abaa6a9e942d62741eacd0aa3b60d868bddf8717bef059d23f9efe170f8b5dc3ef87da3df361d4f12bfd720083a7a035e8 MD = 85d4e3e5abcb1b59ca6f551eb43b43ff64890511f73a9083a2ce6e9c2861c6e9664c765629024f4b01b0cd1594a5981b Len = 432 Msg = 26bad23e51c4560c172076538b28716782ee6304962f68e27182048948d5c367a51a1c206a3e9b25135b40883b2e220f61cb5787ed8f MD = a44c7f84ab962f68283404f8c5c4029dbc35d2138e075c9327580baf89f292937bf99422e45756b3f942bf0a5ae4acb6 Len = 440 Msg = 77a9f652a003a83d22fb849b73fed7d37830c0dc53f89cea7dbec24e14f37197765206fe0e6672016e4dec4d9ebbe3e1b4423771a5d0a8 MD = 29c8bb39bb2aad419a00a80216ec71ec5ec9ab54c41927e3e3f2f48f079a5886d7fe89db98c807ab686d2339001d6252 Len = 448 Msg = 268c7b3a84849fec5c769bc4ad377dea10c9d20c91dd17fdbd9670a2fc909d0e212129ec40dee41dbf6194a3b04ae8be5e84ad5426ca4496 MD = 0dfc6ffcf4a387ec09ff862c6139a6f7ac77abb2b5e1f6dc814eb71525f8657ac74a7697c2975c70a543af0e227d03ca Len = 456 Msg = b8324341a6891a6b5e001a7d2ebba6e02e8335c124185309a4c9e9907c43bd8d4fa73c527fdf783650316dd24b148870e1436ac05111e9cdcc MD = 6278d1cc17fb6d54129d04987d4774fa846dcac4ba8b6b72f41e63dc387ce0081ba29fb2c17c6744edae24e669cc9e75 Len = 464 Msg = 5ef8b3d79d299bee2c414560c7de626cc0d9fb429884aa69cc30095ef1f36b7e03a8ca25fb3601189f163b209e0facf8dc447f690b710fb47b72 MD = 7ec9505f33f4a5493574422de078e0490b61be8e8d6f158192bb7d2bdc2dc335598dc88d9b443cd1c14b883a77119df1 Len = 472 Msg = ad7321c9a8b8f0bfe100811114270daad57f6e88772326b62d88a37a6f55c2cf9f759115ed6a590878e4dcefb592db151538db7de20229d26a181c MD = 3782d2caa537294e809e9df837b1b07e2f1df07d0f4c12e12459f56eeaa478d5b3a41e519d9414eafa5ddd5661c831ba Len = 480 Msg = 0719d9664541f0a824f71c83b809bb6afc973c9f7428e1ed11f7c29a558e1698b796aefb49eec2b098faf06bd43e82e1312bf0388c38a5bb523506d3 MD = 362c05f678df92883d56e19221391fb00d0f0afcec51d3e0feb15ba2fb60693b09d69118af649648933259d7b1e240ab Len = 488 Msg = 5415c2596aa7d21e855be98491bd702357c19f21f46294f98a8aa37b3532ee1541ca35509adbef9d83eb99528ba14ef0bd2998a718da861c3f16fe6971 MD = 8f9fd7d879d6b51ee843e1fbcd40bb67449ae744db9f673e3452f028cb0189d9cb0fef7bdb5c760d63fea0e3ba3dd8d1 Len = 496 Msg = b979a25a424b1e4c7ea71b6645545248498a2b8c4b568e4c8f3ff6e58d2ac8fbe97be4bea57d796b96041d1514511da5f6351120be7ab428107ef3c66921 MD = e248a64b6ef112bf3d29948b1c995808e506c049f3906d74c3ee1e4d9f351658681901fe42c8e28024fe31014e2d342b Len = 504 Msg = e64c7bb9cd99ce547d43de3cc3b6f7d87a2df9d8a4760c18baf590c740ec53c89bfa075827e1f3f2858ce86f325077725e726103fbe94f7a1466c39f60924f MD = d1e5a72d2595f38714c6198ac14f8a5cdd894dcf9b4b8e975174b100df7bbf4f7ce291b4864f27c0b64e6330f6c1c82c Len = 512 Msg = 91b7a1fd0e20072d9c5be7196e5eaf8df36fdf145895b30d4e4c02010d7c663499ac9d7a44732f4c7430511ba6fb0ae4b3dc9405523a054fdf962f5c5b79c423 MD = 07c2e0aeae30da83b5a6b320aa1cf727b10c2034583d7acda55648fa3daa017aa15588b6e2149101c56e3d7df7c76df1 Len = 520 Msg = 5bbc2d4efe63cbfc9fc221dd8d8384075a79c80a27d6a8c5219e677f4c5bb8338013dc2ab1770acf735d13c0bc704621ec2691350cf3ea2f53bded45ef8fc70702 MD = dd0bbfe4b799642191abe316df9d59a3743566778b4459c51c3be3f658bdce45516ad188fbe1a8cad8a1fa78f8ebb645 Len = 528 Msg = 129549278e8976c38b5505815725400c3d2081edf141ad002e62ff299d9a0743f9c9f25971710b194dc88285d50b6cec6e140c19072f51cab32a9f6497abd3e407c6 MD = ca26aec527fadcd5ebeb4eafa7c102f79a3c2edb452afd04f6162dd7a17bdd1aad7d616508a89a3ec6a40791d915acc8 Len = 536 Msg = b9a9f378adeff4337bc7ec10d526c6dda07028375549f7fda7a81d05662c8a0da3b478f4152af42abb9f9a65c39da095abb8161ba6676b35411234bd466c2914e00370 MD = 99914f684e0b317f9338af0c71e9655a3af7153eb9fabaae61454bf8de9e0bfd274c1eff6c4b550e47afcb3b20fa7d9e Len = 544 Msg = 101da5b09700dcadf80e5b7900f4e94c54d5f175569a854e488aa36fb41ab7220b0662178ca07a596768528123de3b2a3d944aa412875cedfeaf58dcc6d5b4a033a53b69 MD = d3e32c9b271e11e4968397d85d76938b974ac1ba55bcbe8d7b7da02dbd7e3b9c9af0d98bbd7e50c436fcf9e3551e3432 Len = 552 Msg = 14761bbc5685b5de692973e2df7c9c4750889c19a952f912c817890546d5e37d940d13a14ac7925abbd875b8cd60e4920896ce6decc8db9f889da2b5489e1d110ff459d885 MD = 272222ed50631aff465c0e6fe49ecdfdca983bcb7231e50903e200b335b845108202c28315912c9c4fd50e2c6f13a9ea Len = 560 Msg = ed538009aeaed3284c29a6253702904967e0ea979f0a34a5f3d7b5ab886662da9b8e01efc4188e077c2cdeb5de0a8252aafbee948f86db62aae6e9e74abc89e6f6021a4db140 MD = 8361b680243b1661d6f1df53db363cae41c2ebb7438c00606d76b9c2a253faa1f09d6f520d69d692ec1dca0c7885119c Len = 568 Msg = c434d88468f1eda23848d0804b476933f24baeadec69743dd90d8455f1e1f290f6f1aaf3670c4c74f76d3ab83e9bef21ad8d9208c712ca478e70d5fb3c4bd48834c969dd38f484 MD = 9c26e96fcc09a76cc13d24ad25c9cef4300e96e97e4fb59b441baffed07f6a70b1464f2548c7fd7839810dbb9e9c1e18 Len = 576 Msg = 3064e5ba1e7751bf7198e0811ff4d4ca17d1311c25d9c3a316b562691cde75c974b0b52645c134ddcc709d77b6c1bd24cd684265d723c308bb4d0159e6b16d97ed9ceaa57436d302 MD = 1ea779739b204abe911b4923e6f60fece271eedfc7f074fe1919f0cbc6ce2a99234b003389520884b660165f5a1e80f8 Len = 584 Msg = 89d9521ad84b1c9afc2fbd0edc227193acd3330764b0d2cb71bf47c7aac946af85be13858b55976009f3b36b09ced4308052c817c9c4d0295225f61a9659a0874b88667cdcc5213919 MD = 4209bb8f869f6f17c8d5c368c489ac51a75e24a85a12de1b16fefc292ce636ff8fa360e82f05684f6b0b074ba370a933 Len = 592 Msg = 3216662da0227993d88288187177a0287de4eccf245d7c718b8045bbfb8869d93f1fb9e94d7478b0298e628c07e0edaab01dcf79264dc05f8b2181aa3f831dc949726fbcf80de4c9c9ed MD = 64c45e018cfbc88f8f4ffe3cef0df3a94aab3049fafae28e28efbb2a4b94809eb302caf901010abfa194f72965663d35 Len = 600 Msg = e776e6749c5b6c7def59cb98340984539280a9874f80412d4df0ee73d58acd1094d49ed4e35125834cf8cfe349e599144e4f2e200aba4fd3eb6d78cde027c1d5620e0270b5e83ab26b8d32 MD = 94bd67b7f2587b0bda5487cc45d00e4365f1ee40073cdf0d23a5ea3fba01eef42a46bfbac5306d67be02d8d918ae5c9a Len = 608 Msg = 5d8f84b2f208b58a68e88ce8efb543a8404f0ec0c9805c760ad359d13faab84d3f8bb1d2a4bb45e72c0ec9245ffda2e572f94e466cffa44b876d5c5ed914d1ff338e06b74ad1e74d1405d23d MD = 947350307748c29467f00103d0a07c3c228c5f494fc88fe2352ca5d10449d0dda7076780c05439a09694eb528d1f477a Len = 616 Msg = 357d5765595065efe281afb8d021d4764fba091adde05e02af0a437051a04a3b8e552ec48fb7152c470412c40e40eec58b842842d8993a5ae1c61eb20de5112321bc97af618bbfbaf8e2a87699 MD = 32286970204c3451958f5155f090448f061dd81b136a14592a3204c6b08e922ee5bb6d6534dbf8efb4bb7387092c8400 Len = 624 Msg = a8cb78e1485cbb7a9474c1c1f8e0f307cda5139a7e947df5ea20ac330a6dffcad4a9bd755f9f58724789eeee532615be550dd84f5241fde0e3058aeedbf287f02a460445027f5e6b3829bf71ecf4 MD = 51168bfeef8a981c0def0c4cb067baf15ce5feb8d5f7e9d6076b2836267391aee1fd3a0b5d3434ceb5cf2d6fa06fa063 Len = 632 Msg = 81acca82545e767ab59dcc750a09849cebad08ff31c9297f4fd510ebe6c27769938319180ccc66f36b1a7cf9c9f3538b0f6f371509f77cf0bc4d6d87facc85b933f2e27f8e1bf6cf388f80c0fcbfba MD = 4ae44d6509986893a8414753b57d11f9c554d89c15ad6d70687c56c6c2ac73537acbb0d51f48e6bea6cf762d58890d7a Len = 640 Msg = 94987498b1ca87a6f3fa4b999db726115c455d0ec24029b2f5810e49a94668864b8c470f7fc07c3dcd97f41c973b45ba4fa7879ee7546596881573b6863fc39d940eb3fa3444084f721341f5d23d2561 MD = a733b118be72a187ddcbe5ba67e04b589f9cd9f8482c4bd9d64c580aba7d19d2d1f9c1ddf95fe6efdeffd44f67fcabb5 Len = 648 Msg = de6b32c2d40d0659166db235259b530ea43f44e75d8b3e9e856ec4c1410bbea3696964af8b6c5dfd3304282369a4bc4e7cf66b91fecd0c7c105b59f1e0a496336f327440980a34614ee00fff2587d6b813 MD = 17ba30c0b5fc185b3245313b83dd0481145953101128914765784af751745b8a2b6a90a434548f3adaf1f07f18649890 Len = 656 Msg = 854211bedacc19f77b46cfa447a4ad672ea9b643f09f5cf5274ba28888207e2466b38127776fb976db8ad7165a378df6ee1e3a0f8109c9aff7e0d6126fd71333c6e6ebe15d7a65151d6a4a83b82c8a6f3149 MD = ca85632a9f7c32ac4705c6458770025dda4fd07a8d5d6921b897b0da490d64400587649f2d20bf608b9a18d071b63b48 Len = 664 Msg = 822373d9d3d5b06a8da48a43095740fb98c9caf717350fd2c3b058024ff705b9346b7f0a495a6d4d93802bc45ece777f8c6a6e7c2ef6b8135115ff911a2ba5241665b6f7cbfa1b9d93b011b3aaa1dac1853fb2 MD = 6e84587c8c6e54353a6032e7505902ef7f0f0538dd1bb32922e13a7d4d98c47a541015381eab27e9186398120da7fb32 Len = 672 Msg = c04b701f688092bbd1cf4217bc4b5877f2e60c087bdac46611482a61d51f820140403bc85be0c336332da0938734bde8c502014f3509266c73c6c93c22a1bd0ddf15a5ce7410c2894e9d092e32c079922ba1abb7 MD = 75c585503f15a526113608bc183180b1cb80f4d1b466c576bf021b1ce7a1528391f70e10446681849fa8a643cb2b6828 Len = 680 Msg = 009dd821cbed1235880fe647e191fe6f6555fdc98b8aad0ff3da5a6df0e5799044ef8e012ad54cb19a46fdd5c82f24f3ee77613d4bed961f6b7f4814aaac48bdf43c9234ce2e759e9af2f4ff16d86d5327c978dad5 MD = 02a09d37d31e4365c26bec0eaacecf29eea4e8d21ab915dd605248764d964f10ebb8fafdb591982d33869a1d08a7e313 Len = 688 Msg = 0b7dd6709d55e0d526d64c0c5af40acf595be353d705be7b7a0b1c4c83bbe6a1b1ec681f628e9d6cfc85ad9c8bb8b4ecac64c5b3a9b72f95e59afefa7bcec5be223a9b2b54836424afde52a29b22ab652d22cce34b39 MD = 5c84ae39d959b79555231746ad5b33689a31720ed0070f6772147977edd0aead07fb8b7b71b0bd587ebc5c1a80d564c7 Len = 696 Msg = 3e9b65d7bf4239420afa8639c8195b63902b24495b95c4143978e49843d88a92d1feed2eed1a88cd072d6d04ea26dce8ee4b14896fdb69bc7ff2971ed8ac5655148d2e9921218d74efdf17c56b533d0bb17d11e07d7458 MD = ab7890d1b51af10285752bf9da5eee5c3e87a285dc33262d0261aa9a575f303e94845d7ab21b48f4e6884568cd78b550 Len = 704 Msg = 9436da433d1ebd10b946b129cb34bccec9b8f705aaba3f8561352ed36a8449aba2dd7ba15b1bc308b0c02913163af63a346524dff5521432db477f529606afb5d552efc95cb040db566b4d39eddaa19319e518a7b5c6931e MD = 968ae9104f9c907c5a72936250dfedd62cd04f6e5ddd2c113490808a11884449aaef5d013ea3993a6cb6fc5c08754408 Len = 712 Msg = 37254bf9bc7cd4ed72e72b6bb623a0cc8eeb963d827aef65ad4bc54913235b6d3551533ce33421aa52ffbf186eb9a2787188eeb1b52ee645c6d4a631bc071415c80014940c28fbfeb0db472c326c8dacfd6ab21f3e225edef3 MD = 975e10fac9aa77b780e5f6c2151ec4a3c72ff26e41233cc774c074df1b78cce5af1191ba955a0bce15926ae691b0ffe7 Len = 720 Msg = 79e77cd08a6ef770bbe4bedf61557ea632b42d78637149670d4d6157d56ed7b2ccaee45d9439dcebc557b4118e86c15aa0ccc21c474b21abda1676cc56434d6d46422993e66dc99387dfa985358accf69884b9dd18a2c4d04448 MD = 94729f5f99a54f5a3ea69233ff9d522392d4596eb6ac2bbb07492ece3c67317412bb47ae317ddd20536c3adc003862f1 Len = 728 Msg = 64b76cb554f6becc238a3fcfc3eb97993667ec82fdc3fb28d42567709c3250c7997328aeddfdc2750451ac462281bf66fa94f4b8712c7a8342660574f20268e707c466627519c56259fea55be91e10faab3ad2ade6ce8b6557f202 MD = 26d48ef5067d704ee9e2a64e399de23068908b3c911ffc4056c168362c37385c92d37d51354b6505a82c4d22fec37eaa Len = 736 Msg = 3df27829bfb1ab7d381f146b30370ef56b392b73b35b1be5d8bbcf88f499dda7f3c327b45350b8972991ee466545de96560cf451711fda884e3d9b2af3e909d655d25cee1c931beda79c40fa507097bdf1126771a7b9543ad5cb84b9 MD = 5fa4ebfa24150236c03409f0857b31cb95b0150f381c8858b01559957b1268f73c698709233e6b15468675a102d0c5e5 Len = 744 Msg = b00f4e67ca08ccfa32b2698f70411d8f570f69c896e18ec8896cfe89551810543303f7df0c49f5b94783cce7df8d76d0b88d155633302d46003711f233339b1c9a8c20164ec8a328890a4932b7d90d92d023b548e4820558f8bd327010 MD = eaa756b5892fdfc793d74e3f9f4d6c7a5a6a2241dd11e0c38ced59c8ec7be377a41d1d06774a5970ce9722d8e119d0ad Len = 752 Msg = a4f95f6a46a9cbf384a7e98e102d1fdc96839d1bf26b35a5a0bd6cb9734fd17e8a178d4581943c0fe469fb4fe94cc2f15e1ef59ae05b35324eb57ca07dfc69d42d41d80b3c3bb64e1aea143c7d79790a56697dc803ec93e6c68f27f6761c MD = 1aff8d9c64f0c162ed0195d1f3a342a010d14be0636903c48020ba42de1cfa8b98ae2142d89af3e69e9eb4c735857dd1 Len = 760 Msg = 02713084bf93fdc35135515243c3bc0f4b2b447f2d3461c0dc104cbfe23479ab036762a91d1987c953f7b3386abc80b8734a1d4eabf94f3a9f2fb62c943152b5253846fc2ec8dbb2e93dc74857a7b05fe2d7ec8040ba8b0d9ae69777ee739a MD = 84da02114e341a3636f00822b32bd21a8a1f7b39f2956bd97f39346fedf9aae63b304c65c93a541e8bcda549576d5f27 Len = 768 Msg = 00ce225eaea24843406fa42cc8450e66f76ac9f549b8591f7d40942f4833fc734a034c8741c551d57ddafb5d94ceb4b25680f045038306e6bcc53e88386e2b45b80b3ba23dec8c13f8ca01c202ae968c4d0df04cdb38395d2df42a5aff646928 MD = 81d6e0d96575a9b8ca083ee9ec2ead57ddf72b97d7709086a2f4a749d3f61d16423463487562c7f09aba1b26e8cae47b Len = 776 Msg = 7af3feed9b0f6e9408e8c0397c9bb671d0f3f80926d2f48f68d2e814f12b3d3189d8174897f52a0c926ccf44b9d057cc04899fdc5a32e48c043fd99862e3f761dc3115351c8138d07a15ac23b8fc5454f0373e05ca1b7ad9f2f62d34caf5e1435c MD = 00e95f4e8a32a03e0a3afba0fd62c7c3c7120b41e297a7ff14958c0bdf015a478f7bab9a22082bfb0d206e88f4685117 Len = 784 Msg = 2eae76f4e7f48d36cd83607813ce6bd9ab0ecf846ad999df67f64706a4708977f0e9440f0b31dc350c17b355007fed90d4b577b175014763357ce5a271212a70702747c98f8f0ad89bf95d6b7fbb10a51f34d8f2835e974038a3dd6df3f2affb7811 MD = eb396cfaf26ee2775af3c9a3a3047664ca34cbc228ccbb966df187d518717df6a328ecc316ed0ed09b170080eccc486f Len = 792 Msg = 093e56d33bd9337ad2ad268d14bac69a64a8a7361350cf9f787e69a043f5beb50eb460703578a81be882639f7e9ac9a50c54affa3792fd38464a61a37c8a4551a4b9ff8eed1f487ef8a8f00430e4d0e35a53ff236ce049b7a3abdc5cd00b45c4f3d49b MD = 4a339128486e5b274fc4ed538c0ec9e57f780e9c500c5f92b04ae81a22fbeebf3785259a0bb3b6d9b47f31873cd8dffa Len = 800 Msg = 0593babe7a6202077c026e253cb4c60ee7bad7b1c31a20da7aa0ce56b622eb57ed07d21a7f0ae6c6fe3c8398cc48353decfb287f1204e024fcf82a13059953b9f85797ab2217dc8dab34a13226c33104661c1ca79396e7d97e91039d32bafc98cc8af3bb MD = 5981815c1618cc49cd5cf71a4b7b32b8cd7b7ef553bfaef2149ac723ff2582a2d345c5bd05943e155ced1e5f091c5601 Len = 808 Msg = ae1828047c5f82a7b9712f3399832124b892f2f7aea51c8fe3536cd6a584b4a7777cc1ecac158c03354bb467b8fe2c8ce2f4310afd1e80fec51cc5ad7702566b2c5d21bc6571e4b8e7c59cb4c9e23f1ecb57ada9e900e4aa308874c2d12d34be74c332bbce MD = 7257f5bfa7d33d1cf5f4550d0cb78750e84c5b7d25027da6acec64bdf30879a0e5c97fe7c468e743aa5ec2bddb29d193 Len = 816 Msg = 3bceedf5df8fe699871decb7dd48203e2518fb0fce0f865f46adce5c133a921320bf40915456204869a3ceb5fca3ed40e0a41a64b8951f0fc580694cfc55bd1f5ce926b07e3e32ac6e055de9b961ce49c7ee41e06b024559b933a79518192e969855889c85d1 MD = 60d7f8bd85fb7a13701db5aded2b7771ab5e476ec34f1fd4298978defbd2b31bb2979391559a164b3ed28f6a39031a11 Len = 824 Msg = 6c36147652e71b560becbca1e7656c81b4f70bece26321d5e55e67a3db9d89e26f2f2a38fd0f289bf7fa22c2877e38d9755412794cef24d7b855303c332e0cb5e01aa50bb74844f5e345108d6811d5010978038b699ffaa370de8473f0cda38b89a28ed6cabaf6 MD = b1319192df11faa00d3c4b068becc8f1ba3b00e0d1ff1f93c11a3663522fdb92ab3cca389634687c632e0a4b5a26ce92 Len = 832 Msg = 92c41d34bd249c182ad4e18e3b856770766f1757209675020d4c1cf7b6f7686c8c1472678c7c412514e63eb9f5aee9f5c9d5cb8d8748ab7a5465059d9cbbb8a56211ff32d4aaa23a23c86ead916fe254cc6b2bff7a9553df1551b531f95bb41cbbc4acddbd372921 MD = 71307eec1355f73e5b726ed9efa1129086af81364e30a291f684dfade693cc4bc3d6ffcb7f3b4012a21976ff9edcab61 libica-4.0.1/test/testdata/sha3/SHA3_384_2.txt000066400000000000000000000516661417716165400204750ustar00rootroot00000000000000# NIST SHA3-384 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 384] Len = 84832 Msg = 430063db3ca8e810920ec1a2c3028e809780692e0dd7770e950abcdf7f773483b4b61f05a4c49cda7f617967a8b64ac4673bb8c0ded81c253e4b4d3d3ac9b594bce8ab00d7bcfddffe40cba073f89c8501d5aba6ee59823a2cfbca12cfcd6266c45caed4bfd832a675755f540c10ac49cf16e9ea27a2d0d5c6e5de6626cb618032dbd18a436063b74dc6dc8b5b46a39b38c61b946ffa2f7e76d02f42270bda6a6f2dbc294a9bba9beffceb4d47e2a900a4ace8aab0abc7bea48365adbad4f6ade41a16b9bed25cd9c1df33a3ba2be5027b91f936d1fbbf1cb6c729b0c770dcd0f86a8743864d74f92d365d949c6a8028263df53fba334021156423523625b65b12e4b9cd8a5428849acb1029d3e8a2fa0b7885ce539a71532922fa9bef3ca9d79c525162b22fa0017064f56948ea7101930a51ea847a7b3d5ac95693dafcdfcbfd7afa07e62505f816cab35ce3bb18c426ba009b351985641120e143e0af80bf9d245ac60e7f7ff1f6c5f30a8da2bdcc2d513be94ec1b852b4f040b2e79bb33be41a19a612863575771c5d7c2ce6899f0e98a9ddb7b83c8ead011ee8d80aa1c83a23e0b0da7f500b019998b9a9d0a3c73354f37e584638a0621b21ee9c4272ed070657ea4eb5f73cfc024dc9eda833cc0250c0d519b5d4113d06f1cb198c4d33b38c255e576f538fd02023b5dfb66334e553b9e8e34b3a67a4893787392f5a21a67df214dbf48c8ce6bbc38466415989432486c19c528f2d016e9b2be375c33f48a16812c38dc9bba49bd43e6c933d52848cce682e10fee8bb7bc4beffa4ad1502bf2d62f88232a57387ffecd8f238180f5339e37fceac223a795b487405422c3aa1e90c611bf1d1bc48ec9492a772624e41713c79d3c462e62f07d22ce0aa0b590d4516e5a02bc7e5a6424181f912b8a81d1b7b03696c31276771620e7d0d3ac8cce88a6e580b105869aaf88f3240a285b1e2a604d6cc1665e7410302239242eea67c6fe38cb6337b59cbc3a39926a94dc36bc766630e9908781ebaf01b61aa3262a6ce2b8457b8b83e4ea9a575e954691c61e51058574278e2b091c0aea3fafeca10ae3088142876dfdab37e0fb42c3f846a09eafdd29a1deda08f5a2180bbb9a46217d9e0150a1c0518e714afadb838c32e3adc99a428606196bca7bf1f74cab943120ed383e61478af4f509cfc80bca05780ce76f874a70539218dcfa9ad9bd15ca5b7aa8645c50048f31a20ca0c34e48ae3a8daf4075ba232c5f59845ee93b455dbbdae45ad97658bd95b813fe50657716c520ec068e50028b1c8631cc01a29d5b90624e9a9f26e1f0bf90882929cc1b422b45a851fabe7c4ebec7856aa98f984497b5799be3ee5ad91defdbc9b5deafb0eb7056bb5171fae7d4b1f1a3575ec0c92048e7e76e390dc71f0a81489b09aed36415999b1906f8d6ecca090e71aca129c8a10c058493755b51950b3e2ff9832a43b9c389b7da10ac75642e14bed5b4170f32686ecd9a4c065403fc031b1ad73608e176ffc487bcc8fd34f35e657673e152918f8bbf99ec4874dbb64fb2ea158702012675b58c67cce2a0db342c1b5b493122e404c12ec0925270dc7cadd3c88dedbd547401549c18d43c584e6910e49f398b083278d573846b87d10252845acb2a6a73833e7ce44d306becf5a313aa53ca2e5ecd5d0a7f9f3e752689576866bf268d262bd361baca85b42bd27070171761716a0dd45a4f3339cd6f6a130c56ea80b9cec656afaa2142a9776d47d2b55a9e18bcac75315cf0ebf4fe3d1bccb5cdb764effb4eb30ce205b0621e9f97ff8dee78c901c61c4348c390656ad8360de94912fc2312288d7d3d6d7e7eee5c6031d11611a63d977cbb6f04378beed4b9cda44895e6475c966368352ef6ca8c81d6c4751912422f73c93cd4e708b63563db577a2fad54dba224f4abf62ebaa4defd571a51de8a40c2e2bb86e679c4b476a2d12c4bf0d1325b428146567f1531d215f77a6e535c77d49879aec857a0ee7ca4bfd35d5932dd0c3c9c78d27080bff5a1241991296f31436ae5910f1ac15fe0616213d63ef0583f8384d7fc9b73abd42f7b8c9cb9090979da8df22d4bac754c597642691aa0108fb7f8c837687481d8215c27d39ad06cf257e126a552d8bb0b0d4af36894b8b2673a66ee156fe9de8c27548fc8474bd847737dc309d8ccbdc6ed7ebb7705a0aa408b3dae090a6a1e5a91d338fd36d1e7e3bdb24bbd35fee9ea8a8feef715fe64b63b0b7c94d07bddee017697e4e218f841873d254202f5cbf064dd227b1e386e32ca4efe4b4a757990f6bd4111f177960b606cd43ac827c072fd04da65b6e54340a986979ee10d9e0dd1f5b906bd745d8be9cffd09ee3b83dcc3859b69586b705a6930dd022caa979f23de5425dea59b5d83d4f431fd7772b848edd9d87b5171fa89dc331795b312cf7cc5c701ad71fbeabf2a5e356e8229700d9c0a45b82dd4bb7be73e31b4dd7c394d5a762cd26fdbde0c2e9f96c9d1f4ae821ec1336756f4f7bff052f2f280504705fae609c605d781eb603cd887ed70ce36f4832421736f39e67615ddd7222b9347259b2af0ca6b90ed5dca7d314b2a499cabc48a7ef9a01c5ff70b54fb596a88716909f2fb2404658275acf75e619dcb33a309f8d86043f9ace187eaa78c89a12543b7044db93e7a3b4668c957d727ad9c78c7d1b62da77c5dc4202194422567d33426e150e07669785e9285b5f2647b27ab82b790d856fee31d787c2a00ba66fbc8ddecbd3048adda1c9e9f0169e0be75a9df1d00f6ef0bcd6bd56cd14eb5090f6040b8db2f21a1d10f0187c2a418e1f6f211648eefcc1d7d2deb763282b1d89e9903c843439dffedb44fc2621769703c22de4083496ace82d20f1ac6531d5029d17b8d8e041a12909afdf1785a7f03b5aaaa13968a67797ef6d4ecf526640a21b82c8b03e722746a2180777dd3b5f6e407e96021393eb8b21ac14f4783225126abab434d7353bfcaf66bd6db29aad447a930b8cbcc5d06dcbc58c455dfe4efa92a6c48e32f0a3f3368349218b2ca26712cf48feeba4eee4f39ffee78b3081009c2d40e3d80d28d44256f3bcf058057c0f1c948129980c99a324b2058a3287cf8f396f5e4ff29247d8c703666989a02e7a61393dfc09f433e23befc5e06a280d73b19a242109a9f302bec0467f2439225a867d59ef5f6c5bb9ccff4f17422b63507c0960d5b83581c7237485b9929903b772a9fe87023db92ec028ccb7205a782f840438f469fd9830de654aa03b88779a0f04534e5a2ff44cfdb364466e7bf517b0d3d40583cae143d8dbbeba87cd260a44d881cbd009b5186ce83e4e93578111e8bd5d906e64040af7200992df32ba0ff96baf86ca95a39cf50e8356f7b6c524140bfb1e9193a88d247b52ada97dd8b116070608b19967df816e5ae7026068581d06d536561f75d34833c1954e772af984f2aed8eedea8e9f651ec881c1c13b5e9f3146024cf15e4499180d137e858ee2974ce7ee72c0fc33efd61c1adb36e44611ddf24646c2dc811ddb4e9cb980a98eed78e83064a44743fbbe01a1dee200c6dcb5f0b7cbe6887865f8865714ee700bb61176eb202ee04e3d2911cd493d215f644bc9cd58d6b2a925e22ce93d4972d795c91c7521ab57c108c9d4e3b6a2b68e2d11d60d7a1e1b91c24aaac98f0c3270e0e2417505b43e3b02f2c38b83dd40c1bbaaaddeac2703a0bf74985e86b13f764c0f6e4138d3d41aa046563b4d2740987478d9d77b7c0b7492026e3eb0c2ea462b932b903784e9ee653715698f2b46810c0eb28e4497a37bde66b4d099dbd36ef43fe1b88e31c034c647899ca653c309d6cef049b4046c34f933d4caae467b6f5a482940a984f77c47ea1b5b4f3b3691594bebb0264cb62e76ec66736abd52b5b25e8abf15d900336ea1431bc64c21c628083d5837cb21c6dbe2e2615b8ae9d090e55e9a5fb87ae8af1fa954c7f10506b7864d88552a2f9c9cc9d11afd39b15e6a7f3d48e3adb80a8d97b6acb0d460d18c4894e70ac4402e4e03ab16cc64499dc37eaf615e1348178eabe37a1d60b5b51ab1bbeab53403ea4412d8db5585034d20862d7a0ba3cbae36eec8435a20843fe7642b1a00f3db6f2399f2df05068ebb16082fd998b9832cfab2cdaf139e4cc076e25aeb6a7e370b70eb81a877733c85f8872f2661df3f126eaa7bf3c6348ff54d8ed3d55e5dc76d9099fdbe0955ad2c5c85b3e7138f300ce7384be7ee7dce2ceffc1e6e58fcdd042727df865728411cb67656720a34066b18eec5c208e47805b2aca32ce6e6184d89179fa7cd55a8e5aafb7f7dd28832bb5830723882032dee4a030a8794a3e9c85adbc688f87835058e67a760f8d6458c499fc9a1f65440652aa1ad14ceb0c1f2f106dca0551a85faf55d56a1d9b8af4c51af4494d2426ff8b90b033b0187416c000b5a946f971c44544f15d711a9e079f4c16b97b277fd1799a1c580e9b1d881fc6bc8bba47858604fbf5d672d2479a3c788b710f34f885031083c8cc3ab17d34aaa9fbc9058dadd2c10a5e888b2eb383e57af9731439211039100954bed5fee7f3a47edbf9304299e0587c1b0cfb5d5cdd0cda0d8fe9b08a5ee8a50cee331120ebd79e58ec174c409e06b8931e559dafa6699b476cb03758c736245e9473c1c7d868e2a8a7ead3af443d9a5989e47d6489b8c4887538c062bc200cb1763d13c4037fd233ef50e0ce1924abd315510464ce22de377026529085cee76c5e3711ffb445f7618ff1798567e4726a89443a95bdce70be2625f6ca69693cf9120cc26133e1d89b4d76a9bc74a47786af6428e09ee402845fdbb3f8b11994bf5a622ed0c77cfe47f387755b8a8d43904d5ad52db88e1cf1e2f09102a605762600e25e35b93eefcf47cbe74aefc75dee2ccd4a6554f2476d790d98d08d566a96ca335979514e359912eb0671eb794d0a14668d6eba380a60eadad14ab133f87782fd2782d7d5580f1b8edab8c8cb9c4bcdcda8323289ee32fefe435959c5a931eeead13a93fade972c5d6c08cce6d1181ea9a298040d7a4b7d22f6e3cc34042cd7a05e88cde6519b0b00c34741f274dbd0a3848777eb36142fedf3d153a792d104c7d653ccc03882811ee75f6d160efbab6255e9d44caaf3dc08410c3646d9863f084285d9b11cb4565fe136997b26e0778f1da563575f514b1ae87bbd3a63b44e0ba9053ce18499526db8b60c4944f2fcd1e5a36c35dc9745ccf10530abb8c4fa7713bb3d77f8993ded74c610a7f09902d1b4cb370da92b92c66394d6c05e1c0bf4888f249c001cde8a1e4debbdb33d503692050c084f77faaf460ff8a2df26492c11693877258afeeabd35e6b41446afa98739324e55e1452fa35dde79c3497cc4b531c231ee4b65b5596549b49c1ce7d29c4ff20643d33af08168d06c90ec6b677dcf0af1e4c7db94fbc55ce4d127c058d82f9458a2b4a297e81716a3d079dfbb6f2b58e08d66282ea93d676d3dcf02e444c1606df8ec45cfe052f7470a57a068962ef4267491132d6db5b177687d741de6ee9d6dd0e3eb3e7201bc80c7ee7617f7be25ea1eae66364f158329d997dfacc89c9580af005c8ca50dae758ea629709cc435541527e7f4564525ab18870b38f2b48ecc1fad5f62825c124fe7e7801a8c296a8de0625f0c8a2ddf26adb3c06a6a1fd17ca752be680fd733355a1944becfd30dbd07c99529f3b6f9c22185c6ea3ac3a6b6d0553f455666585070a43d036eac650b12c253f19ac6baa6fa63e45f6a8a54a2201faba15ff2c8c8b0f03392709bbca08ab75f0c86466bfbc3b7e471005b256a2118c9263061ccc4a365ee12dd8758a4f70f8223bf1f54e801e88cc9061d5f335ba8637ad39dac6ccf6c352cbd5a823edf3284de4e37bd963e5ea50f83ba4b2855383f45508cb0e9be6bd28819fb8296cc882de43a78ee2c0181f6eb8019316e972e2730ad182063f8cc8bcdf852a0d5457945de8bc92ed3d3b9490304225930a9f4e0e2f428430103f529a363472423d36d93734a11c7b33b6e640217bd0a9414f035042da362ec695074b461c255a7fccce04c7e3afff3c108108ec1d28ec25f8ced3e5e73c54cb24333a5faab7d8a4bfef4102f2b1fbcedef154f0b492be3122fcf37917fb4486438302136eae2f3456b976865cc6e35488b3beffc0a2a1fb540a598cdaf7708099631ce1e67cc0b747b91fc2905368759454a139dfed39dd12935081beb55b528c5ff54b90b85fa5f97a97382bebdd9a8830965f40b6d86ed514830821b98774a2d625c10bc54e78e25a97679df4d54beae418d0c1a42019220a5b80a278675f636218e296380fa8a8f57ac15502c1f222fba33ea14983747fe1647bbf768d8b44806910ee9525dda3b7bbe5ef9a2645c6c3cfe98dfb850945361859e7485c70ccbd70ec73412350693df535cc3f948f5cf8f961d65ea7301874f1cba84276b87275dac5a2e08ad97fd4a14189477f574bf7aa4818c75c81702a8b1171094ecacc46014d1be7bea14e383a89956669361a4c7d0cc3ea3785d2d34efbe011571040aa8ed33cbb51705ac53b9e7ef0c4945e53cc10762baab5c6eba7bb63df2221662fce0893ffc5af2c082ec0b49b240a7eca2203ae003889a2e040007ae73286a322595da0199db6487d8eb0c4a9fa00f20c0946ba0c638a1d6d824ba3be0ab88e3ecb32ef9d4c3e3691d5ef2dc1d9005e960c6a4894be3f9ccff8fd6cb80d2f9de17e38e0ff43af5ce18ecc6e6723812af485dec85d9af287a41ea63489cc6448a6ecc002b4367241e923e8f4fe7c1bdda41024c7cb9c7b84665dd6a997caff14ebb178f350773f7c153fc5501c4538fd2135dca543451319a350ff1a668b48894c46b40158986f61f23cd20e351150f00861571f6907619dd77290357a8fd92c352711db311c6aaa0ca59f9ddd630c5ca62d3464a155dfa77f4d2a59483b397422dd02df7e65e9aad0f49e7d79acc39996e3e53380d2f5bd074b3e14543fe1d7b1d3178ca52744facbb45f3b9e60ff4d673ff9fa9be13c550bf74be522e05aed5ea3c07129b314f0796f4246b02247de739bd32837132bf5f9cbc45a38df1d1b85b98e1b90abc242468ff82d636315c36882115b06fb3d165d4337c20a7e90f8c3aee0ea5e73e556df90d15e0ca5f1a2928d34f16fdbf83ca2f826db2c616eeba4de597c07ade6b4811c7e67205d53e2ae07ae89f667e5ef67551203f30a0f8a85d2683f00ac5ed1f77d5fc7530bc50a07abee932f017e9516e479bb02eaeb5bf3158da1fe11a6359f4de5fcf933bd8f3bc4959b6e5b3ac44e20de8ee0868ac679324a5344506565e508a186a767b5f8a6fc040158b793035984b0fe006f765094932eb177fb14d9653832e2c21a36ccf5bcea6362b92fc8d59a8166d7083680b1c29b4b0d742d069c46ea9ffdbdc8829471994010c2599b5edcc077f8d333ed7d4b208e794e1673f6df692caee4e3a00fc49115e785b8d131c60e9fda6306ed33974f0a400b89b8014c1f075a0200abd43072635b55c6211ae0cc5ce03a28069121873cf61ecf3948277cbe73a7b80c6e2fbda6e0c4f9f166a77a2dcecb0fc0029459a5000a8f8e37fc12b0a03862584a1cc35f1c55ccd89194a880ea9826bff44a46c0f251230d6d34719c5456a805f4a223fa628ad73d4832c804c814155d02cdcf1f4185225d345b09c00464e1ac0a3a701767d67195e70c6907ebe1540daa99631e820915f439ea4bda3505b790d760182470bb5488fa8c0c38ca625b685837a35d186f7658fa6cd8397a9b827b089d8ca031bbd86cff2c11e5f829a3e39812f049993abbe1d25d0f6c2998fac0fa4d5e290f5a75e861871abdd999b615e6c5ea6268cd6f557e3581e0d6a058e94919fd1d8e19c551ce07971ef3551a55c0cae2462bc9f8fa4a70b0460624457a517df9fc127c4f5f91381787e9ce4959c29c885336a2f166b3b91afa4cb748eacfd3d55350e46c5867930c970177bb6848b53d183ddad1216659327bfebbcbc100c60fa1bdf4a4d29d92f6bafee3e927df9f810395e42090ceeb9759b0b4568390cf1965ae3fa164bfc2566216956b0f03d5f4b3d351685b59eaaa01f72371a8fc59732dc5f7ca755abbbc3b0d0eb98431d2f8a77aa500d793c0fb0326ab95b7afefbd4889ef888adac9989436a24d3e06211d3cf05192ac0928faebe39f3b16281c58746e79742bdc766c0c1802ae82dd4ac302d8d9862f266d3a1aa280ea7af149c50fe81805cecc6cb70145a255f943aa9a8798bf64077818291de7f32c2c980283998b5dd5ea16f6fa223403cc17b5daf439b475a49b7ab45864186868c188c1249fdcbd3d1468cfb5ed67a97944c06670a7b09ed071babc489bd85338c05020288130b8c3c42e316aa154f5f636efb78040119d601094ba6a139c3604af6a89fffc3bc3027fd3d6990c809bcb349058c3a16be3ebfea5194d79e89364f544892b5f628e61adf619b17d7eed50e45eb48b2a0424dca27863532d21fdd2288a882b29295d79e501955472a47d3fbca77567688eb2aa926b232babecd7c4bf89118ff804c2b3ab82b3f29aa5bdd03406f5e8eb702fee4519d32774adb3c530ecafca3a99509777f6000c43d741cac0f9c070014cef0040f0ede725f9044c1311dd5a6f4b799dc0d804121ccd8b8819fc6fad686992990c7cfdeb2e335bd1dc8504c1148fc05f1ca53a94640d0d80759b4df18f7a9d110e3a6d93fc012cef03d2c08eb8faa723e1fa0e13d7fa4a4c8a3305dcc4e480f0cca5c7722dc6fa0c0f779b23cb00a0a4c7231900e739c454be6001cfc73bc0b0de4b9616221945a185efff10d9364f5a22ccc5fbf0200e3188bedc5af4d4dee9a99843f0775c8257dda856e6520005bc8b63af65a1617a5b8f8bf00eec645e03c5187b81ac2552979d3d5d04c3f2563477643fce6962ab4b2973e74c0c5ea087a748875a1ef818d93b1b5c0cad81d35a6d6ae1a6c6a81388ecf32ca2d33868fdc6a501ea7e4957a54dceee6e8d32efa6d3d45f7f37a6458d50762a93df65f9cea9ba75a3189d81742bd48e9ad18a1da2513ce3c83ae1b3c0ea997baf9f7bd582d7054d149c6948de7ba8a72228fbefc55bf129024eeed0dc11c99a5681eeaeb2c4f212cf6830f03cb3c7e284d21cc8985abd99cdf2224f376c8301192542d7c6fa1d41341a893a274aceab438b415a83d3eeb07bb320615b61524a6807fcd337fcf362d301d66916c7097bdeb31df8206e00f7ac106dc9c086b3c0d39881339e33f0f23cecad0f93bf24dec6c81733f67f90f9df886edaff53241eec55847b6235b279c20971b026798d3e9c58a1906e9f1b117689b837704d2fcf02dd6b1d1c88a4541306d8dd37accf35bfe3618ff1231be91192be41cbdb332bc78e998b3593333ba05327095fcf573ea1d6cba536d1ffdb2141f59c5a83daefaae7b46845ec0b7aea7d00a6f737a1c3f2c14452a7f24382360602a9a4ed93751d873016b60989ac61f2da48a69c5b602321502abd2a9358b05d59fc436ed9469fdb81290e623a3a97433850e653d09db385939ffed14bd930c65006be8e38eeb2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a337338761466edc8f73fe2ce0fb374971d35061434771c8efe10cf8958c71d716f99d38834253a3d5cd6f59de7476937fe2710b1c40fcbd4d129aefd65b4b6fda08611c4b8b8fa7a5c7439bdc2c359b922340eb8eac72336a455f7f8b0fba89572c263ba16b4970682722fbc26c9dea135c650c82d1fab0ae4403b09ceee5aef52c949e6e28aa8487b6b67f787cd60768568873e1f9bdbe81d62f8af241f5651cd2544c980bd96d683ca431e6a4077afbd9502a916ae2e44bc28b16734f113734e40e4d095cfeb375819719f52c59cc33ad65387c6c92ab74d1be5b086262aba52b69aaa76343dc154c353e8b5bf384779970a58849f59964cb71619ac01049d76f0e6a5c68ce72af6626a8917afd2a316619799f47323883784b310fb242993278a5950fb2c7fdad98135ff0d1a147c8dc07bda8b072103a9ff5d2518020241f0dd534a88a570376a8a46c8ea80562a4c3e3798bcadca7ef0a164c4672d37104f8464d0e38a60e725e80d6554751032de354b330de99870b7f57a8d8d083084affa1eb2b04dba5098450a52cf5aeb2cb0403757f33d038f7c760edeee157725aeb8e13e6351e51a3e0bbe1fafc44f8e6ed97c66013aa401aaad8236fee78369a83b4cf27159998a83c6a93a9a23a5ce667b9afbbc44f29dbef6753453f0edc7491bc26d6ea7105805e04c32030b867333a1136788fe67ba460b684571c40ed4fdb4d21dcfdd11d930e327747ede89f352e46667fbc97bcdcc36dbe8dcd36f0932b10c61f96df6a4a169cb90623f08e540a0144b8938c76eae13409cf99196da747ad1f88fdc3730b3de9904518f8bcf998e9da0b5cea303882b16e05ca11ecf5f7cb34ff79a6c03f4ac205ec1629b08a9ea72f615edc732d6d8ff417a645f6e405120b6d53b0da4f06ce1ee363aaf271e5e24ba0e288c6316c74a4ed76de12dc372caeb8d40848a139b6e51247a40a14354337b23016b1ac450984708103c94557be25ca41d7929faa2162620c3f81dd5672fa7d90afbc06c1f59f8611dda2882b737689e54441b023b89cb9f8a2dd330f169ceb4a7b70a8a8e0fa186c94250b7cf0abdf0778dc3b6a239b0155f6a97d29d726e3a5a154f8c2749f0fdb4fda3711e0ccb3ee9aebaa4909672069626a256d5f9f4cea49f15fd7569551a6364a74b4e9dfece3d3f664851209007d0faa92a0530f10629dcd46ae31e4c81572fc2b2bb3ee742e4b86d1e9e78887d825f02c8d5e7e1652c2721310ab955a702b78c23fe70032172922593c30ec9fc4cbc55bfb26f54605e36830c56caef1fe8847a3b82d1e0ee696536445943d2f8729b087b1537b88c2263503951d3a7408b2f0345e2c4ff0e2b9a05acdbc841e6a683918788e19c4d0b363f648663ecbd6d1fbdff98d9bc054bb91a39c50c956b5b0e876187fd6e278b37a6fa5eec4deb00cf10b50f70a6684c3aea77af712beb028460959cdbaca024e00d8755ed395de8b591f2c13a5cbbafa80cf2f59693ea3f9da3a0320cd65b6ab7f98805d74d8a777bb85558973d53e878e81821fd5bed54a2c6fdd221899dbf37e178e94ae8f55f89fa493007c6d579360263df15f268f44c511b079a24fbb4d86bd67ab89a22e358ee4ae21c97c4f467f2726760d5e190f2c8944cd73709ce21ef2d2490df97b5710ad6d9361e86cc772ea0657e94fbbd2e93e61c794e2c7dace1e9916437c8385ab6799fe4d9bf73fc1d9a43cfbdfbdb68597cf0e0c8f845c1ea982bc321490e8e97afa0c937b37d5f55bcacb4af766e287fe554be35d1b9097fb56e0e2a7e8a8514f58633d7276b295d73eafde80ff7e77dabd262236d39fc07cdc2d5c1ed4ec6b4c7bab5267fafd29b7c98ebf60d0b4de92cd46d001f5b12195de48a7629cdcc0da2b8ddb410ddf3a623311f68121aa43904e54f5a6c9ed43ac22dccb5a88a1d7622fb0dfeaf5804f4044df89c93a882e3b07f79a0c977cad2b728fd1ede063384a50be6649fa07f0b9c4a18322627727fbc2d8c51da786e7789409c005eb496cfb565c7946669da5357afee973e39fb738459f81c040327afd50f3a089f27cfade09341ec97f69f71c2f9fc5a40327655a59f3d3ddaca8ed2070f57a603d246a5a30ee5fba8f946dd6ab2b1e9c0b37bac9c67cc55d3111c84bbab65574146745d695324401dc4590cbb64bfd4543f93dee54e35e26189594e5f8df39acbf7012bcfea6d487afa5e66418a76986f293762fcbd0a621a95bd856f0172ef08565597334f517324fdcf90798e66a47612dedf5f2eaa6362b8c1c056b073d28b06fa363ffc515eb0611511d00b00870d9f02ba992da654ee84fe95c30576d3c86b576f426bfd79b1a6c740f16af4ceaa003b7b17347eb4f26cdc5c209aec71550605d8e738a6428d416ec43a3883d9bfe8f19775dda41232e2d3b9fbcb451995597dd99accec47c7c3741236ee6e46c3dbcda61183b6eb04898d05c121215b1df83807d9a35007d5af6f916416f4745a4b181d96b117ae0bb360e5fd3701b46344bcda205651f15b57c9e83e2cb700f7a97964620056e99d12e7c11c775693e9d194c71b506292bd7f1b7d41aa367b00895a110fdbe51c5d0a9a2dab5ca09836212865071c127a6067ccd70b19f321296d42b9ecbe52b4b01ce0923671703fbcb6002a8023e20708b4567bf6f66db1b6b7cbb5a51210513acc63852a3035d90202b48e231241c70ae750d291ca16ab5d1b4daab591be60519b8b7d132362129a89ae164c41b238eb63448167ff7e5c70ea40ff9a97ad6098fcd0f06dc5957adacd6549883cd3eb2eda99eee611156396b75e2ad0be7dd07582dc75b68140506740729e538df74c499fd99198a96c4f3304fdb2d440a04e7baff6736a00e351b4853e9b2a9fcceac0357c1ffc22f38dca55983e21f8a5291fe6c78014af0eed470e51b699fca525273e09d09d184b9de12bc61346310d0ed6b9b81232f61391933e34771e2f10a9f30c0b59d7e3c4fe0be9ffe8cd74384e44bb40a04170a1dd2db76f6323a1afe79841e9125920002cbf22be05045cc785ce4e19b0cca92a2e7aec5ae146fed35cab522ba07d677db85f68891ea7352b43e8048bda30fa3d040f5f9fa7f4811b7780cf6b7ad0f4ae1f712dd99c0297e3e736511f731afe2b0c6f7395fdb8f2f8c6cd1bf107d08201d098e527e3c31f820e2db65d21e73f9495ffeae67900aeebd8f4ca84ee188a295a4b111cac4526762722c6cd5d22090a3f4507f990682f750c8c5d6f840567853aec43f04c253730a0d9e4d88b6814ec76e36d57da5bef150fe837496013b495f110f07b59dfdc5229a7b3173305ddcbcb3f8d89cd68885c21bcfa8b08effbdbfb3da8f64bd1805b100093f1fa97be18aaddeaf7dffa65bb006f19acf4e6a7d7d7e6dff998a6cdbc02991a0138aa4063a423083a98ae11a21a731747aa94331a1580f80dd6cc0ed56fc5a7bd739a0f3d35c357ba6dd016a1ee6d65b3a075481312b0a3ab6cbdde67b61aef9f420374f5de236c0fe62cef5aeab2a7996d0631337dea454af0f8c6c3740d342f1a531c3e1bc7b79387f1060d9de73f6166c3992ba5926f64da093279381127d563255f665d24ccfdd9e8e56a767fafa42449ea4c384d84a1ae6bac1960db3d2ac2e6c91f40cf1ea7426117d212e07aca3be5af1594701759d4acbdf49cafe6a79013e3b9352b1f1857f617d4e1ce234c0433422848aeaa25e328c2cb2a13b6d4812939d4c8cd60d991046ff3717d2bb213cf5df4c35dcf7e607c74ddb7ab1039ecb335e26a2a665374388abe20820694f0f65cfba301d9cbc3242edcc3ea9520593e6272a7c6a22e77fee2859d81565d1264c9bd563f5ba6819c6b28cd36b8504d273a05e02696b312d411fa46df7d82fe772eba6b6ae7973261a4422233fc224f1a370cc1ded699eb34937c9b10ee9f2bc9f6533128f0064c0084c99156d31eb563e407cb33c43b57ace19d28ba4c1a10c9ab4865ddf78c34e5672f6903cfce36a0cb774ad9f22feea986cc6e2ff87c43e2c7ea781e708193acd5d437ef6489495d47ebef45e2e026b6ed9aea06864e4bc1d6c9c64efd9eceb35b688c6e1408540603c626fc18e48661a0891ac278088ed35256ff03e13c7c95624cb5045093ed1769a6605106b594162a077ee840238393b52280b1edd2f3cf75016046cce47b2df40d4a092ecbb660f4a694ec7127c08f99acd9fd55faeace2e170ca9db5294963d5b327903af83be9ad6db437daddc235a66893acc2cb81dd80e28a1fe66b00c9020c81527c982ab7728e081d7fe2cfb81d00cfeb2e0f23b1d5722c3b8a953edb6ee69820db219a4340d132c12c14984aa89e3bdaca00fb26872a9839c92f6a5fc14953427f1df353c0401a6b07f983b2ef49bfc1bf286f033f12b661cac2ee1ea53e9aff8f139cb099e2a963381bf9ba990943e7340fe812a4316ffab6d531e0c0cb55a1348cff2274bfc5f0e80263284fe6af95523bcf195f8fa94eb4f19b6cbafb6c6e950f8370f9e0575c3f3427c5b8e9eb1341368ae117344da3ed9d948c3cd3c8afdb249064cf4c48ed643baf597d19dfa9288883327529444289618406ee5d4fab2d538ec49f0b7eec809f61ac457f749f2fb720d321757473afc5d3a377a0eaacb425e5591026e3a1bae6a785b921903c804dcb8ec220c77e8752e92b80a482f89721feebcba45e533b9ae8ae80091cc940d2eb29003324aa3a8f2f66b072fdd8ffd03f42778dd64b2a428bed433f018e9acce76d85b57240f0050b1cb011459414b81125bdea35d2b067fa0baac925d3b4c52922f6ae9b88d03ae61427894074fd63dd5d45c2622ef5909cd05cb172e0b6441810fe2686ca03b82917bee3d8c0e35909b3b61d45a72045d90302ffcffcc9d21cfe43261b4eb1073aed1d26f4bfed20ffecb903c6875a0f196e43b9237115f69db66db5425b00ad835eeb5a7bba444225d3f57dcd14ca74c4d7c8e95885c13803fe25dce33b1b346a32d08757f90f47e52f1392429899fe420739965581f520b79f13a2e6342824593076b66fc477b5a6c7ba4b0d59ee35fcc63dc902addb371f61de0f338f5003b72182efab63a416cf6493ae16a0f2a058db7c8947509804a40b2e2bb394ba5beccd9f38f31dbdf1cace45c646b4ccc7bf109fde0cb3570fae67adff4c8a8fb360fc739b2f3cebcffecd7998 MD = 0da901366899d382754b7f99a6aeba660b407dbd383f49514ffecea5254ddda1ed926bbbb50b9ce12455cd5e94f57573 libica-4.0.1/test/testdata/sha3/SHA3_512_1.txt000066400000000000000000000400671417716165400204560ustar00rootroot00000000000000# NIST SHA3-512 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 512] Len = 0 Msg = 00 MD = a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26 Len = 8 Msg = e5 MD = 150240baf95fb36f8ccb87a19a41767e7aed95125075a2b2dbba6e565e1ce8575f2b042b62e29a04e9440314a821c6224182964d8b557b16a492b3806f4c39c1 Len = 16 Msg = ef26 MD = 809b4124d2b174731db14585c253194c8619a68294c8c48947879316fef249b1575da81ab72aad8fae08d24ece75ca1be46d0634143705d79d2f5177856a0437 Len = 24 Msg = 37d518 MD = 4aa96b1547e6402c0eee781acaa660797efe26ec00b4f2e0aec4a6d10688dd64cbd7f12b3b6c7f802e2096c041208b9289aec380d1a748fdfcd4128553d781e3 Len = 32 Msg = fc7b8cda MD = 58a5422d6b15eb1f223ebe4f4a5281bc6824d1599d979f4c6fe45695ca89014260b859a2d46ebf75f51ff204927932c79270dd7aef975657bb48fe09d8ea008e Len = 40 Msg = 4775c86b1c MD = ce96da8bcd6bc9d81419f0dd3308e3ef541bc7b030eee1339cf8b3c4e8420cd303180f8da77037c8c1ae375cab81ee475710923b9519adbddedb36db0c199f70 Len = 48 Msg = 71a986d2f662 MD = def6aac2b08c98d56a0501a8cb93f5b47d6322daf99e03255457c303326395f765576930f8571d89c01e727cc79c2d4497f85c45691b554e20da810c2bc865ef Len = 56 Msg = ec83d707a1414a MD = 84fd3775bac5b87e550d03ec6fe4905cc60e851a4c33a61858d4e7d8a34d471f05008b9a1d63044445df5a9fce958cb012a6ac778ecf45104b0fcb979aa4692d Len = 64 Msg = af53fa3ff8a3cfb2 MD = 03c2ac02de1765497a0a6af466fb64758e3283ed83d02c0edb3904fd3cf296442e790018d4bf4ce55bc869cebb4aa1a799afc9d987e776fef5dfe6628e24de97 Len = 72 Msg = 3d6093966950abd846 MD = 53e30da8b74ae76abf1f65761653ebfbe87882e9ea0ea564addd7cfd5a6524578ad6be014d7799799ef5e15c679582b791159add823b95c91e26de62dcb74cfa Len = 80 Msg = 1ca984dcc913344370cf MD = 6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816 Len = 88 Msg = fc7b8cdadebe48588f6851 MD = c8439bb1285120b3c43631a00a3b5ac0badb4113586a3dd4f7c66c5d81012f7412617b169fa6d70f8e0a19e5e258e99a0ed2dcfa774c864c62a010e9b90ca00d Len = 96 Msg = ecb907adfb85f9154a3c23e8 MD = 94ae34fed2ef51a383fb853296e4b797e48e00cad27f094d2f411c400c4960ca4c610bf3dc40e94ecfd0c7a18e418877e182ca3ae5ca5136e2856a5531710f48 Len = 104 Msg = d91a9c324ece84b072d0753618 MD = fb1f06c4d1c0d066bdd850ab1a78b83296eba0ca423bb174d74283f46628e6095539214adfd82b462e8e9204a397a83c6842b721a32e8bb030927a568f3c29e6 Len = 112 Msg = c61a9188812ae73994bc0d6d4021 MD = 069e6ab1675fed8d44105f3b62bbf5b8ff7ae804098986879b11e0d7d9b1b4cb7bc47aeb74201f509ddc92e5633abd2cbe0ddca2480e9908afa632c8c8d5af2a Len = 120 Msg = a6e7b218449840d134b566290dc896 MD = 3605a21ce00b289022193b70b535e6626f324739542978f5b307194fcf0a5988f542c0838a0443bb9bb8ff922a6a177fdbd12cf805f3ed809c48e9769c8bbd91 Len = 128 Msg = 054095ba531eec22113cc345e83795c7 MD = f3adf5ccf2830cd621958021ef998252f2b6bc4c135096839586d5064a2978154ea076c600a97364bce0e9aab43b7f1f2da93537089de950557674ae6251ca4d Len = 136 Msg = 5b1ec1c4e920f5b995b6a788b6e989ac29 MD = 135eea17ca4785482c19cd668b8dd2913216903311fa21f6b670b9b573264f8875b5d3c071d92d63556549e523b2af1f1a508bd1f105d29a436f455cd2ca1604 Len = 144 Msg = 133b497b00932773a53ba9bf8e61d59f05f4 MD = 783964a1cf41d6d210a8d7c81ce6970aa62c9053cb89e15f88053957ecf607f42af08804e76f2fbdbb31809c9eefc60e233d6624367a3b9c30f8ee5f65be56ac Len = 152 Msg = 88c050ea6b66b01256bda299f399398e1e3162 MD = 6bf7fc8e9014f35c4bde6a2c7ce1965d9c1793f25c141021cc1c697d111363b3854953c2b4009df41878b5558e78a9a9092c22b8baa0ed6baca005455c6cca70 Len = 160 Msg = d7d5363350709e96939e6b68b3bbdef6999ac8d9 MD = 7a46beca553fffa8021b0989f40a6563a8afb641e8133090bc034ab6763e96d7b7a0da4de3abd5a67d8085f7c28b21a24aefb359c37fac61d3a5374b4b1fb6bb Len = 168 Msg = 54746a7ba28b5f263d2496bd0080d83520cd2dc503 MD = d77048df60e20d03d336bfa634bc9931c2d3c1e1065d3a07f14ae01a085fe7e7fe6a89dc4c7880f1038938aa8fcd99d2a782d1bbe5eec790858173c7830c87a2 Len = 176 Msg = 73df7885830633fc66c9eb16940b017e9c6f9f871978 MD = 0edee1ea019a5c004fd8ae9dc8c2dd38d4331abe2968e1e9e0c128d2506db981a307c0f19bc2e62487a92992af77588d3ab7854fe1b68302f796b9dcd9f336df Len = 184 Msg = 14cb35fa933e49b0d0a400183cbbea099c44995fae1163 MD = af2ef4b0c01e381b4c382208b66ad95d759ec91e386e953984aa5f07774632d53b581eba32ed1d369c46b0a57fee64a02a0e5107c22f14f2227b1d11424becb5 Len = 192 Msg = 75a06869ca2a6ea857e26e78bb78a139a671ccb098d8205a MD = 88be1934385522ae1d739666f395f1d7f99978d62883a261adf5d618d012dfab5224575634446876b86b3e5f7609d397d338a784b4311027b1024ddfd4995a0a Len = 200 Msg = b413ab364dd410573b53f4c2f28982ca07061726e5d999f3c2 MD = 289e889b25f9f38facfccf3bdbceea06ef3baad6e9612b7232cd553f4884a7a642f6583a1a589d4dcb2dc771f1ff6d711b85f731145a89b100680f9a55dcbb3f Len = 208 Msg = d7f9053984213ebabc842fd8ce483609a9af5dc140ecdbe63336 MD = f167cb30e4bacbdc5ed53bc615f8c9ea19ad4f6bd85ca0ff5fb1f1cbe5b576bda49276aa5814291a7e320f1d687b16ba8d7daab2b3d7e9af3cd9f84a1e9979a1 Len = 216 Msg = 9b7f9d11be48e786a11a472ab2344c57adf62f7c1d4e6d282074b6 MD = 82fa525d5efaa3cce39bffef8eee01afb52067097f8965cde71703345322645eae59dbaebed0805693104dfb0c5811c5828da9a75d812e5562615248c03ff880 Len = 224 Msg = 115784b1fccfabca457c4e27a24a7832280b7e7d6a123ffce5fdab72 MD = ec12c4ed5ae84808883c5351003f7e26e1eaf509c866b357f97472e5e19c84f99f16dbbb8bfff060d6c0fe0ca9c34a210c909b05f6a81f441627ce8e666f6dc7 Len = 232 Msg = c3b1ad16b2877def8d080477d8b59152fe5e84f3f3380d55182f36eb5f MD = 4b9144edeeec28fd52ba4176a78e080e57782d2329b67d8ac8780bb6e8c2057583172af1d068922feaaff759be5a6ea548f5db51f4c34dfe7236ca09a67921c7 Len = 240 Msg = 4c66ca7a01129eaca1d99a08dd7226a5824b840d06d0059c60e97d291dc4 MD = 567c46f2f636223bd5ed3dc98c3f7a739b42898e70886f132eac43c2a6fadabe0dd9f1b6bc4a9365e5232295ac1ac34701b0fb181d2f7f07a79d033dd426d5a2 Len = 248 Msg = 481041c2f56662316ee85a10b98e103c8d48804f6f9502cf1b51cfa525cec1 MD = 46f0058abe678195b576df5c7eb8d739468cad1908f7953ea39c93fa1d96845c38a2934d23804864a8368dae38191d983053ccd045a9ab87ef2619e9dd50c8c1 Len = 256 Msg = 7c1688217b313278b9eae8edcf8aa4271614296d0c1e8916f9e0e940d28b88c5 MD = 627ba4de74d05bb6df8991112e4d373bfced37acde1304e0f664f29fa126cb497c8a1b717b9929120883ec8898968e4649013b760a2180a9dc0fc9b27f5b7f3b Len = 264 Msg = 785f6513fcd92b674c450e85da22257b8e85bfa65e5d9b1b1ffc5c469ad337d1e3 MD = 5c11d6e4c5c5f76d26876c5976b6f555c255c785b2f28b6700ca2d8b3b3fa585636239277773330f4cf8c5d5203bcc091b8d47e7743bbc0b5a2c54444ee2acce Len = 272 Msg = 34f4468e2d567b1e326c0942970efa32c5ca2e95d42c98eb5d3cab2889490ea16ee5 MD = 49adfa335e183c94b3160154d6698e318c8b5dd100b0227e3e34cabea1fe0f745326220f64263961349996bbe1aae9054de6406e8b350408ab0b9f656bb8daf7 Len = 280 Msg = 53a0121c8993b6f6eec921d2445035dd90654add1298c6727a2aed9b59bafb7dd62070 MD = 918b4d92e1fcb65a4c1fa0bd75c562ac9d83186bb2fbfae5c4784de31a14654546e107df0e79076b8687bb3841c83ba9181f9956cd43428ba72f603881b33a71 Len = 288 Msg = d30fa4b40c9f84ac9bcbb535e86989ec6d1bec9b1b22e9b0f97370ed0f0d566082899d96 MD = 39f104c1da4af314d6bceb34eca1dfe4e67484519eb76ba38e4701e113e6cbc0200df86e4439d674b0f42c72233360478ba5244384d28e388c87aaa817007c69 Len = 296 Msg = f34d100269aee3ead156895e8644d4749464d5921d6157dffcbbadf7a719aee35ae0fd4872 MD = 565a1dd9d49f8ddefb79a3c7a209f53f0bc9f5396269b1ce2a2b283a3cb45ee3ae652e4ca10b26ced7e5236227006c94a37553db1b6fe5c0c2eded756c896bb1 Len = 304 Msg = 12529769fe5191d3fce860f434ab1130ce389d340fca232cc50b7536e62ad617742e022ea38a MD = daee10e815fff0f0985d208886e22f9bf20a3643eb9a29fda469b6a7dcd54b5213c851d6f19338d63688fe1f02936c5dae1b7c6d5906a13a9eeb934400b6fe8c Len = 312 Msg = b2e3a0eb36bf16afb618bfd42a56789179147effecc684d8e39f037ec7b2d23f3f57f6d7a7d0bb MD = 04029d6d9e8e394afa387f1d03ab6b8a0a6cbab4b6b3c86ef62f7142ab3c108388d42cb87258b9e6d36e5814d8a662657cf717b35a5708365e8ec0396ec5546b Len = 320 Msg = 25c4a5f4a07f2b81e0533313664bf615c73257e6b2930e752fe5050e25ff02731fd2872f4f56f727 MD = ec2d38e5bb5d7b18438d5f2029c86d05a03510db0e66aa299c28635abd0988c58be203f04b7e0cc25451d18f2341cd46f8705d46c2066dafab30d90d63bf3d2c Len = 328 Msg = 134bb8e7ea5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0a09921237acd7d66f4da23480b9c1222 MD = 8f966aef96831a1499d63560b2578021ad970bf7557b8bf8078b3e12cefab122fe71b1212dc704f7094a40b36b71d3ad7ce2d30f72c1baa4d4bbccb3251198ac Len = 336 Msg = f793256f039fad11af24cee4d223cd2a771598289995ab802b5930ba5c666a24188453dcd2f0842b8152 MD = 22c3d9712535153a3e206b1033929c0fd9d937c39ba13cf1a6544dfbd68ebc94867b15fda3f1d30b00bf47f2c4bf41dabdeaa5c397dae901c57db9cd77ddbcc0 Len = 344 Msg = 23cc7f9052d5e22e6712fab88e8dfaa928b6e015ca589c3b89cb745b756ca7c7634a503bf0228e71c28ee2 MD = 6ecf3ad6064218ee101a555d20fab6cbeb6b145b4eeb9c8c971fc7ce05581a34b3c52179590e8a134be2e88c7e549875f4ff89b96374c6995960de3a5098cced Len = 352 Msg = a60b7b3df15b3f1b19db15d480388b0f3b00837369aa2cc7c3d7315775d7309a2d6f6d1371d9c875350dec0a MD = 8d651605c6b32bf022ea06ce6306b2ca6b5ba2781af87ca2375860315c83ad88743030d148ed8d73194c461ec1e84c045fc914705747614c04c8865b51da94f7 Len = 360 Msg = 2745dd2f1b215ea509a912e5761cccc4f19fa93ba38445c528cb2f099de99ab9fac955baa211fd8539a671cdb6 MD = 4af918eb676ce278c730212ef79d818773a76a43c74d643f238e9b61acaf4030c617c4d6b3b7514c59b3e5e95d82e1e1e35443e851718b13b63e70b123d1b72c Len = 368 Msg = 88adee4b46d2a109c36fcfb660f17f48062f7a74679fb07e86cad84f79fd57c86d426356ec8e68c65b3caa5bc7ba MD = 6257acb9f589c919c93c0adc4e907fe011bef6018fbb18e618ba6fcc8cbc5e40641be589e86dbb0cf7d7d6bf33b98d8458cce0af7857f5a7c7647cf350e25af0 Len = 376 Msg = 7d40f2dc4af3cfa12b00d64940dc32a22d66d81cb628be2b8dda47ed6728020d55b695e75260f4ec18c6d74839086a MD = 5c46c84a0a02d898ed5885ce99c47c77afd29ae015d027f2485d630f9b41d00b7c1f1faf6ce57a08b604b35021f7f79600381994b731bd8e6a5b010aeb90e1eb Len = 384 Msg = 3689d8836af0dc132f85b212eb670b41ecf9d4aba141092a0a8eca2e6d5eb0ba4b7e61af9273624d14192df7388a8436 MD = 17355e61d66e40f750d0a9a8e8a88cd6f9bf6070b7efa76442698740b4487ea6c644d1654ef16a265204e03084a14cafdccf8ff298cd54c0b4009967b6dd47cc Len = 392 Msg = 58ff23dee2298c2ca7146227789c1d4093551047192d862fc34c1112d13f1f744456cecc4d4a02410523b4b15e598df75a MD = aca89aa547c46173b4b2a380ba980da6f9ac084f46ac9ddea5e4164aeef31a9955b814a45aec1d8ce340bd37680952c5d68226dda1cac2677f73c9fd9174fd13 Len = 400 Msg = 67f3f23df3bd8ebeb0096452fe4775fd9cc71fbb6e72fdcc7eb8094f42c903121d0817a927bcbabd3109d5a70420253deab2 MD = f4207cc565f266a245f29bf20b95b5d9a83e1bb68ad988edc91faa25f25286c8398bac7dd6628259bff98f28360f263dfc54c4228bc437c5691de1219b758d9f Len = 408 Msg = a225070c2cb122c3354c74a254fc7b84061cba33005cab88c409fbd3738ff67ce23c41ebef46c7a61610f5b93fa92a5bda9569 MD = e815a9a4e4887be014635e97958341e0519314b3a3289e1835121b153b462272b0aca418be96d60e5ab355d3eb463697c0191eb522b60b8463d89f4c3f1bf142 Len = 416 Msg = 6aa0886777e99c9acd5f1db6e12bda59a807f92411ae99c9d490b5656acb4b115c57beb3c1807a1b029ad64be1f03e15bafd91ec MD = 241f2ebaf7ad09e173b184244e69acd7ebc94774d0fa3902cbf267d4806063b044131bcf4af4cf180eb7bd4e7960ce5fe3dc6aebfc6b90eec461f414f79a67d9 Len = 424 Msg = 6a06092a3cd221ae86b286b31f326248270472c5ea510cb9064d6024d10efee7f59e98785d4f09da554e97cdec7b75429d788c112f MD = d14a1a47f2bef9e0d4b3e90a6be9ab5893e1110b12db38d33ffb9a61e1661aecc4ea100839cfee58a1c5aff72915c14170dd99e13f71b0a5fc1985bf43415cb0 Len = 432 Msg = dfc3fa61f7fffc7c88ed90e51dfc39a4f288b50d58ac83385b58a3b2a3a39d729862c40fcaf9bc308f713a43eecb0b72bb9458d204ba MD = 947bc873dc41df195f8045deb6ea1b840f633917e79c70a88d38b8862197dc2ab0cc6314e974fb5ba7e1703b22b1309e37bd430879056bdc166573075a9c5e04 Len = 440 Msg = 52958b1ff0049efa5d050ab381ec99732e554dcd03725da991a37a80bd4756cf65d367c54721e93f1e0a22f70d36e9f841336956d3c523 MD = 9cc5aad0f529f4bac491d733537b69c8ec700fe38ab423d815e0927c8657f9cb8f4207762d816ab697580122066bc2b68f4177335d0a6e9081540779e572c41f Len = 448 Msg = 302fa84fdaa82081b1192b847b81ddea10a9f05a0f04138fd1da84a39ba5e18e18bc3cea062e6df92ff1ace89b3c5f55043130108abf631e MD = 8c8eaae9a445643a37df34cfa6a7f09deccab2a222c421d2fc574bbc5641e504354391e81eb5130280b1226812556d474e951bb78dbdd9b77d19f647e2e7d7be Len = 456 Msg = b82f500d6bc2dddcdc162d46cbfaa5ae64025d5c1cd72472dcd2c42161c9871ce329f94df445f0c8aceecafd0344f6317ecbb62f0ec2223a35 MD = 55c69d7accd179d5d9fcc522f794e7af5f0eec7198ffa39f80fb55b866c0857ff3e7aeef33e130d9c74ef90606ca821d20b7608b12e6e561f9e6c7122ace3db0 Len = 464 Msg = 86da9107ca3e16a2b58950e656a15c085b88033e79313e2c0f92f99f06fa187efba5b8fea08eb7145f8476304180dd280f36a072b7eac197f085 MD = 0d3b1a0459b4eca801e0737ff9ea4a12b9a483a73a8a92742a93c297b7149326bd92c1643c8177c8924482ab3bbd916c417580cc75d3d3ae096de531bc5dc355 Len = 472 Msg = 141a6eafe157053e780ac7a57b97990616ce1759ed132cb453bcdfcabdbb70b3767da4eb94125d9c2a8d6d20bfaeacc1ffbe49c4b1bb5da7e9b5c6 MD = bdbdd5b94cdc89466e7670c63ba6a55b58294e93b351261a5457bf5a40f1b5b2e0acc7fceb1bfb4c8872777eeeaff7927fd3635ca18c996d870bf86b12b89ba5 Len = 480 Msg = 6e0c65ee0943e34d9bbd27a8547690f2291f5a86d713c2be258e6ac16919fe9c4d491895d3a961bb97f5fac255891a0eaa18f80e1fa1ebcb639fcfc1 MD = 39ebb992b8d39daae973e3813a50e9e79a67d8458a6f17f97a6dd30dd7d11d95701a11129ffeaf7d45781b21cac0c4c034e389d7590df5beeb9805072d0183b9 Len = 488 Msg = 57780b1c79e67fc3beaabead4a67a8cc98b83fa7647eae50c8798b96a516597b448851e93d1a62a098c4767333fcf7b463ce91edde2f3ad0d98f70716d MD = 3ef36c3effad6eb5ad2d0a67780f80d1b90efcb74db20410c2261a3ab0f784429df874814748dc1b6efaab3d06dd0a41ba54fce59b67d45838eaa4aa1fadfa0f Len = 496 Msg = bcc9849da4091d0edfe908e7c3386b0cadadb2859829c9dfee3d8ecf9dec86196eb2ceb093c5551f7e9a4927faabcfaa7478f7c899cbef4727417738fc06 MD = 1fcd8a2c7b4fd98fcdc5fa665bab49bde3f9f556aa66b3646638f5a2d3806192f8a33145d8d0c535c85adff3cc0ea3c2715b33cec9f8886e9f4377b3632e9055 Len = 504 Msg = 05a32829642ed4808d6554d16b9b8023353ce65a935d126602970dba791623004dede90b52ac7f0d4335130a63cba68c656c139989614de20913e83db320db MD = 49d8747bb53ddde6d1485965208670d1130bf35619d7506a2f2040d1129fcf0320207e5b36fea083e84ffc98755e691ad8bd5dc66f8972cb9857389344e11aad Len = 512 Msg = 56ac4f6845a451dac3e8886f97f7024b64b1b1e9c5181c059b5755b9a6042be653a2a0d5d56a9e1e774be5c9312f48b4798019345beae2ffcc63554a3c69862e MD = 5fde5c57a31febb98061f27e4506fa5c245506336ee90d595c91d791a5975c712b3ab9b3b5868f941db0aeb4c6d2837c4447442f8402e0e150a9dc0ef178dca8 Len = 520 Msg = 8a229f8d0294fe90d4cc8c875460d5d623f93287f905a999a2ab0f9a47046f78ef88b09445c671189c59388b3017cca2af8bdf59f8a6f04322b1701ec08624ab63 MD = 16b0fd239cc632842c443e1b92d286dd519cfc616a41f2456dd5cddebd10703c3e9cb669004b7f169bb4f99f350ec96904b0e8dd4de8e6be9953dc892c65099f Len = 528 Msg = 87d6aa9979025b2437ea8159ea1d3e5d6f17f0a5b913b56970212f56de7884840c0da9a72865e1892aa780b8b8f5f57b46fc070b81ca5f00eee0470ace89b1e1466a MD = d816acf1797decfe34f4cc49e52aa505cc59bd17fe69dc9543fad82e9cf96298183021f704054d3d06adde2bf54e82a090a57b239e88daa04cb76c4fc9127843 Len = 536 Msg = 0823616ab87e4904308628c2226e721bb4169b7d34e8744a0700b721e38fe05e3f813fe4075d4c1a936d3a33da20cfb3e3ac722e7df7865330b8f62a73d9119a1f2199 MD = e1da6be4403a4fd784c59be4e71c658a78bb8c5d7d571c5e816fbb3e218a4162f62de1c285f3779781cb5506e29c94e1b7c7d65af2aa71ea5c96d9585b5e45d5 Len = 544 Msg = 7d2d913c2460c09898b20366ae34775b1564f10edea49c073cebe41989bb93f38a533af1f425d3382f8aa40159b567358ee5a73b67df6d0dc09c1c92bf3f9a28124ab07f MD = 3aa1e19a52b86cf414d977768bb535b7e5817117d436b4425ec8d775e8cb0e0b538072213884c7ff1bb9ca9984c82d65cb0115cc07332b0ea903e3b38650e88e Len = 552 Msg = fca5f68fd2d3a52187b349a8d2726b608fccea7db42e906b8718e85a0ec654fac70f5a839a8d3ff90cfed7aeb5ea9b08f487fc84e1d9f7fb831dea254468a65ba18cc5a126 MD = 2c74f846ecc722ea4a1eb1162e231b6903291fffa95dd5e1d17dbc2c2be7dfe549a80dd34487d714130ddc9924aed904ad55f49c91c80ceb05c0c034dae0a0a4 Len = 560 Msg = 881ff70ca34a3e1a0e864fd2615ca2a0e63def254e688c37a20ef6297cb3ae4c76d746b5e3d6bb41bd0d05d7df3eeded74351f4eb0ac801abe6dc10ef9b635055ee1dfbf4144 MD = 9a10a7ce23c0497fe8783927f833232ae664f1e1b91302266b6ace25a9c253d1ecab1aaaa62f865469480b2145ed0e489ae3f3f9f7e6da27492c81b07e606fb6 Len = 568 Msg = b0de0430c200d74bf41ea0c92f8f28e11b68006a884e0d4b0d884533ee58b38a438cc1a75750b6434f467e2d0cd9aa4052ceb793291b93ef83fd5d8620456ce1aff2941b3605a4 MD = 9e9e469ca9226cd012f5c9cc39c96adc22f420030fcee305a0ed27974e3c802701603dac873ae4476e9c3d57e55524483fc01adaef87daa9e304078c59802757 Len = 576 Msg = 0ce9f8c3a990c268f34efd9befdb0f7c4ef8466cfdb01171f8de70dc5fefa92acbe93d29e2ac1a5c2979129f1ab08c0e77de7924ddf68a209cdfa0adc62f85c18637d9c6b33f4ff8 MD = b018a20fcf831dde290e4fb18c56342efe138472cbe142da6b77eea4fce52588c04c808eb32912faa345245a850346faec46c3a16d39bd2e1ddb1816bc57d2da libica-4.0.1/test/testdata/sha3/SHA3_512_2.txt000066400000000000000000000352261417716165400204600ustar00rootroot00000000000000# NIST SHA3-512 test vectors # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html [L = 512] Len = 58976 Msg = 27c74d76ffc8ecf7a69970c8584f294b04ee9a485e302bd630821e7ff050c49f9882f10db247adfdb2112c2589e1011f77c48e0f219dbf85e326f8a567324b857735efd60f05edc7b7e21d260fb551c8ac95d02c228f065b62a77912471aff236be62f193f8c151b5b152a131253820f4a6948e78a8e6820550d8b10b79048431d9f981e6a648bc246b13a33b944fdbafa49de8781204d9b636115e5df1d8eab3467142cb613b98421be37cf2d0f2991633b7a562ecf1d9535aafedae848392459478b8c4e2305289445082f963c6d5e2e4a049aba2240d673f03037fa9ab1763445e387581cd978464c959b1b5333e7027b649c4da11e26c43b92443c9a5f696c6c0563fd849c3ae0dec65be4dde2f588d882a40dd51f4dd0940c49d7d0a9c5aac1d96864e5b637090083b61a62e150676846f92545ac124002868df3c4f851954e47e0b6c68f376abcb4f6e5689ac0483399e5bb7a2b3ebc8ee859b6ffb5d6d61a38111ab08f02ab1941616c79740dd34261aef8fa0699eb3f1af54b08461c142d9244b92a1e5f73201240d81cd7feaf9c889d034fa3eb761d05a9d86715ebf8903fc2babca4176ad70fda50da2b5d8549f4fa05006cfc04308fbd86a5880b2a4a25d046ee89f239482179fd39d9f0fc528f0d2596c7943e81a1787c49094351632eb9854935b8887b2e6307c34780bdbe3f1d8c981e7acc172423e3dbff5d15e441c39e541031fe761fe19500ded46f95ee74618ed87755fafe06e2e3d21f20d44538ba9783254443dd3bcf7706b6bbe08358cd015d5381331969a2eae952173b245e009bf45b02ea4fb9deb028ec49a6e612f87815d6fac95b944a77aebea521c57e99e7cc9cdf715ca3ea33aa3fc0efffea097b68c765c4aece0313882a708f10dfac0474b083e2ee401a89f677c9c3b6272892bef06d2df961f545df5f208cedcb6278525f9744ecd99739725c0b2bf3137f467f17b80b249347951c265e214488e3cdd071c3a03db689cb88b52f2e9ef4331e1305ee6616ad228ba545d255fd5f568a55adaefdcb1f17c79f4cdcd59f136fa3e282b846b9f6adb0e38423300098e33848dc01637d5c69b61ee7bb27deb8595b5556beb4f4b8118b3eadf9ba357bb45e13c663db3bb4a8206f4f732c432b19d0d248a7b7af3975a51f86fefc8550ee841d337d6bed71fc8bf94cadecb7b3d88ac2211b58d2c30284ecd9d8fdd65ebc33ceebf71e7bd98c8124a611702099be108ea9c49e469cdfb20f6c2fc512ee44f18eb578f9ce358189582446bf6826f2e99ca84791f10c36b7ee07ac5d1f48ae49c55ba806cccc022cfd8ff5e1759f9da056e64f39bc5d2c19f374f6cce7b423c0dba3304c5ee838f07bafc5df314fe6ba232a829f8fd5eb62847ab61a507acbe03856b8d36dcf4b603b4c5fc0827df6c16a3e88ca53be9b190be0945044e1cd30453ce7a4dfca6201a32e6a8c5270f43d95e80ac2ee5e63c7ef6f3775aa325138681c66c69e21a55d1c1c8f4b887109b40bf1b0904afe6cf398ef489169b681810abfdc41901c3dfb0fe076060cc85db03421213b4ee5de256e286ead6bb2839294eef21e9f035263e240c6c5c6bd17b8783f06cbe15de0e6d9e152cf97717ff36c6f5064b21d0b1eff05288e9e9860553f150649edac9abc41e49c02d53a9e2dfc0a9d1bb0b391b3ccf7436b7ca05f0df169cabc591b35320ef7f34b0d5407c7ab89824b830d0caab3ddc063481e3d6bf604f92c0df2d9cda8e3ffb42708e449e0b2a6fd1273a38c1a80467eea5a21f4b6ae3ca1f079ad17776f69440c9e5a3c054fb239452d7edf6ba97ec54a9c34329a2e3b24ecf8da97e465d903a25e932781264d050482c62e0d1e0f3f502c9dac084e9dbce8b687d5558bf6fad28fb792bc00206b37bca3fe68a8a3f5e55185ea69d40b72cdfcdd5a33ab6930857bed051ea4d272c6213cd9e40edfedef55147526892c4d811204ade78bd9ada1685e090fdc0c2299faba46e91a6d31577e71d4a535a955ed402356d7f4ef7a0f9f3225f76e7684998e44cedf92f5c90615c58f50a02992f9ce63de6dad539eb86890e23e23b79fac2703f72e3f1ebbe361372f8e91550d8e03ebcc1080ac21830aa0c74cc3787cbb0b1f4c3ee99111d5acf03bc6d2d5cd9228e4a82733a30c57cf8c5c89166021af83bf527857f6d3c63c183b622950daef8575fb1c8fdf661efd79295ee318986ed70b934253f4079d5bd6b7c95f6e3d8b62c74b565c0937bfdd91b731f447e9e24f2c9605a333b7424f5238633cd8fd500701233d62c88822b7fc8d6b0f961af1334ae32a105cea9c60b5459887362224bb4c083968c5602fd3e23375fdad3585ca8c03176217a995d82767d00a2fb5f1c8d084b238a7c7ce786a32b5863341855d1b7d36610bfb14fdcf25738b6cbc9e74b41e109817c5e7f0bc119571d147d9341fd9eed5e1e80219d607e9d395421308215fbb51bd63628101587c882e4e6997bfa0a6854078457263959aaa514c38cb3ecd1c2b40a827746190d291f35e1dce2359c83ad1b4c6509f58efd748e4f50734f299ed499d1e110340fe55c77fdd20748cbbbc3ca36dfdb2d74e24231132022a569b617f48309f10f06a9c53ba91d7dac1e7d3284d23c0c39a20578adcd706497f8b4d8bb34368af287d2e3e1621397c81b4473dbbcee0fa2ace39244bcc59b8f7cf7a14e640b209719fd2319c758f83538adf24f457a6800ebe929a69f943a046d1b0c3e710c646523852d453752016c0d1648500a75a7dce5a2a933b460e29f2f7b640c099ec8d54b074ce430a365e4ff19f07e8a54418f309c8b8cb9c007a85ab563279c56b06fd7001c8741a178388525553b338ab7a043236b120e163bc87545641187b8ddad8dec069ef8e0cacf35c5111694ad9cb893f3a2542ff7d167e597f16a7a398316a637b5abb4f5d0119785ae813c214320b979dbd3adc97b1f42499592d24d5323d68f842e04452ab810c3780b887a5d711a226200f62f8b5701c6cb2b3e88c06d85300ca675433d2b382b1826083d4e323c89ff6c977ea497ba9bfc740d605d4c38d5b9a5769479d38409096139de87ec971cee97105b3959c335c43dcd687c5877fd159b86ad73597b09c63dabd2bcf8c057d9f0df39cc25b2209cc8fd05b01ab902aaf923e2bc258389c92bccbe3fff3ec72c0a829edf840df8f0a62accaafb7272d46eecf8b6b04425acac2b05935878e76f5478fee5ed4d0b6a75c521af833aea4c3d3043f5822359cb4f352d59ace5450e6f40de71d9e5e454886ab9303a88c55d14ac58eb23a792bf8579a9e5652a4ca3ab68b1f5c26f10697e69d7ff99e2908165afac2a1d476cf3df670fe909be7aa9996f1df44f5f2bf3c871124019bed873a0b8b214c79944f2bd9bd3b712f86b9ad9a276ffd92c739df6ef0cc44294099e66561f4dcb03b756b07679e2098e7bf1bcc1517ae85da3c27a520bde9cf8a05c27162827802d307a588586fc55e74848e34a41f80579290bc338b3f191633947536771549f6c4ce806576f68a0794cfacd9bace9a8f56fc4720179cfc84a30ea8bc89f377147692a5a5ab7b951dae691dc3406d24b590497074ae1ab9a3423b020c7e6529e4511bbc50de450e282c1b8afa1f444852a73fde38370379fb79e22c2d40b387efbe306c6ff79d1eae75ab9b873d9b2ced03a63a749a9d6312aecdcd27b525babc239b5d08ddcbed39f1e1f77184baf80e0c462b2ebf31a0724ac28e03c703ead3e92238267a17a250088747c0dbe8d53d2ae75a708e0657a3b68a17c85d943ebd798ea5ceb5c8657c2263327c296feb03c5506e41ef66b12b59ed0f7e5e21df0139a64b0a76286043a73f61ae589561e7454a10aaca97d6949ab21e2eb4f2f5279334d3e1a57db830ffe17b5e4fa35f72129de8b107e2ed66e3a3eddf464fa7b8eefee45c2b1098c892112992f6e00f2a94119d618e8f1e279b862499fc801d3bb2ce2781ee292695c999135435969799336dd8bf47e6936129246b64becc8038466a445ad7108a1e0a40e0abf40b1f47587b40d51a2f719bf7456849747df837149ae2efce0cedebbecd39a01b89d0bb69017eaaf0b1e35e6cb0c64f06d9acc18328a946bc6677854e09c5399256d17dd0c83946afb50f31f02f2b7f5c29c55dfbda436987674f7320bc2d8041ba4b15f3981ab241831d9ceb8840df5fb46a94e47a556019549e3d9ead187d11ff660c3c39c9f58c633627c584ac7af5c4c4eda7ce8a3158788b6c2fa62f37e86b49e81272ed177a9d825be7eb1755079ffbf0aa9f87e62e1a3f873a6d1ab6b0481d34dc0c2e21f27828bfb7852b7a7e8e362556b4f7878281e11629cc80024fdc097504d0361adb3d50dc9e1a8df040d99d1513d7801a3bf69aa163880924af703635f183aa0a1f3524380571e8bf37c859474acecaa943c192b1506c5e23b64bccfb0bf035f9a5a5c95d5253e2f049a3924361627e3b812af0cd583f27074eb7f250bade7df055d86ad3ef88238960b16f92c25b44d9dd79dd7ee3c80bd85efad0bb66142af617152d2042d85495633b19bbd381c38a3ff5804b59d0b39fcd5d8fc4775be514d3a33aceb50b1d193a89b846fe9ca4568fe702bc221fc764852857f3557b565171cbba65aee8251fcde373bcaa738e45b5978a59a67dee2d6da34fd1683c24b5d9d5d56b973815ae049172a43ecf2a609a4d41ab4eb2d0046d16a0e51966f748f409b26ad7c394cfc7dade86247820ae24514e39808516f06dc871b7cec07913a8ae7ae9d6514b89fe08dfeac33617373ceada8ba5c068fa5502ebd0f013501dde0e5471fcaae2e491619c5983d1b804cb620d2a26296d280d0c36b7e827246e7f6f6989b19500e8682e3e5bcc10aa1cb7ff0e9d6989ce847e2e79f41dc49e0f711ae1b95ddc4d9e6bb6ec7606bc9588ea0a066cd8a733168eb0dd10f6b265079e57e3896845730d8343cf34999d234e4aca1c20da4d42e526d98992ddb8225eec6e97823a99173d961b0f1cee7bfa78c1897940d641a6f92ff2a50239a07d1d45a6262b3b9fe4378d87d3b66b1ec20d368d4454364c055a8f435be971301d4b9048b80cd4217f0251cf438b794e24169020a6e5613608113014d1ceef31abf0b59c74ae6be593a6c93b882281d2c79ab988c77abfc75624f8ad2f391a6ace159bea83986ab5c62cdc13ca03e97355a1980dce9bb8c7989ed1559eb25aa52fc02c7a0d523757c09b749e30b71af9733415f9e4d0b4fd7584a25646c217a876fc4f9339653c932afb7825e3c57d2ccb59189230a21b3296e053f64ef0b93c4aceec7f2f58df33ac55cff00bb579d3051a8922db98552ea2b9cb7edec5a8295340ec8418b38afdedb06347ce1075b8c97f50ef0c3bcab94218f43620c84d373a5935eb1cffa4bb96141b72575ddba1bd8f5642ec11e39b1e04b5653a810e2ea721b0fc62c395334e89dfb8cc2412578c528162a3a4069bdd85f654547854d541a145fe1387c42ebe18976356ee82a2dcd0ba99587c9c8327a39f4c973688f5b1e0dd3b56d49b738ec82bb91c4193495612ea2d331f0e19a66799932a4210569ee65ef9543081cc65a2840347a8ad16a11ff7675d17c226ffd8ca71362456c0b1bcb2813426deffebac8888fea838cf65ffcb8ffeec2271ddff1b30e365c0fb9269bf1b1f3b1bd5c9f020926acb9c3d4cbb4ced3d2495c4e6e27417588cb8cee8f56f0e3df99e16a7763567b2984128fc5a64c8434982e5c28bbe6dbe21a5035c69a8a4b5e7d08a2c44ad50009790581de4fa6a38e2539d1a02df7b3cacef6095cc5423b08d19f8016472957951ef945862f51943786fb4964dc189fbb6fdae3c265ad45574e22acede6a7e474dc7a555db3f1e8c923ef2dd764ade23c639b4f880a2ffcd2391e63ab87f5392138154bb57bfc13cb8281f988564c4db650a3c72e114ec3f2290f5edfc985b812c836732de5d497b7395026e80f6814b1ad80c515198e2d4fa451f90b29cdf3d1f37a6647901007049ed640871e85e9c6d0cee3ed8162bb4321a2bcbe07527ee7404dbf62f932c44c4980d0d5f22a3f6e60ca7e17f760d065275e345900a7bbab451cc9309fb161e6cfec526538b98800e4102e14da0d1f3e3c00da7c94323cc668842e10d210627c88854fb540d85636c13c6e74b7cbea26c6272989408664a1210058845ee4387609c81336a8fb1c689ebba9a7ff31e3b75c3dac1f8418e5d4151dd31b9481765bca415779dfa65d2eb2fa8a3f3eb37e8864b0dc9fdd6e12c79b392847019c8e96506d96ef634e9af1c4956a9af4d53cf2862d25aabafa8e0459eeb2872479f3de22c92c17c268584a49f8c55b902b818e270f2190bb52aa02a7ab2c6c7bbe486bb7c0b1738b88179099b144f1bf1aeec3ddd36b024ceb195b2afad05785edfef79600b1930d324b8d5a3b53edd017f73c01163c7fee383e664a5a58e8b17d89da33f596f6e5db7668f2136ca051c71d4f3754405a2dde9bcc8c461080bcd16bbc180bec0fa4082aec07c609c9d29ce385e6fa01317a22b3f6775ab1cfd6ae26f5b8d02b4da62cdb6ef1cfb5cac0fdcc68a683e98651c9196c81e49726bd584e1facdedf418ade0a6a469cfb23bb8e4a7fec9e73d953163ea742904b15cf6443b25a84628bc0702a768cba344510b2d0242f863aaaecbe862f1fca481d9b569a26586d7f8cc5a7de1c1aa40bdf6f00100df5f7a86b8d16927c901f18ce9fa3d4041cf660a528d977b3a6e6fc3324fa6c95c64f47abc2b2e60839eb37794ad063d41ebbc095588999d587ff6fe0e1065844171982dc0c17f36a83db1ede2b60dc1ed43a19bde33cb71a5459d18911c865917ed2f48cf7ba4d1bf45b494dcfd9af3ce3ddd68f476741ca8292eb6c459517164408172ee41e458501e8414896bf5fb6b4237199f39ddc9e9916f83adb00ef4b3d1565427fb89f4e42fe916f2e665024cbb7856e7644f9ef1e62a245609040a890a76958191d9cc02e2ab421d573330fa0e68c6d5df10c347912544c74d7cd97052a9de05eb1d09329e913f14a7a8acfca5cf127092686173f829890762be8cef11b6d7b9f19cd2fccc64b6dfbc0a9fdae675e2c165a1a0fe85fd9b1d3212498fb06627a78ca050e9d2ec4e8480a1301d3b22dcce4102a76f9f6b2314a4c038d6958177d7a26faa8019f1b00ddab7884c0b9daba10cd29f4ead39c9f19f0f834e29cf6e4f1c520949093b8381b192ceefbdaff542b05aaf24193034be0d494f7fd417b519e39195cd0a9170e9ef7b2b8fbb2063b713e200774a180d83d5b4c7f0ff23f33dde74759385bd1f4c7bbac7b36cb89c0a1fb1bad2a8b9fb46df98102910b9d1c1f443d224e08537b23d97c9e3383e4943ba1104ba9bdaa711133f55b271a2f7af0f45d30685b261241d5a59a7877c1168ce4806b98b45b8eb59f0bc1488a60c0e16c3a1c3da0c44a8034aa188c1389d83429fe956e0c0d7dd99f26dd6bf8cb9e7f00563e3495a8949d7b0c60d4e3b949bfe5ed51a0214acedbb8e91807d1ea541875342ec3966d70c81d4f3bf974d9fb9eacdf18b5a09de25a70c509a29227824c2f5666812f6d7fbe9fe4e24023566e4ee3466334e66168d45b4d1ad2d61dc998932f6de3bd3301df876ffc6f8bd9024f2da5b9a47f5fb2c7ecd3d40f0a377a6c4541bd71ec58b7a94832f2de2abc681de08f946ae7c360a38a1bbdcdaaff1565ba1fcda2293901ba66f06df26c8af049a0668c1e9c46e2f5c767408534ff3ae3762c26faf07e6071780ab662edcf4b40e1ccf9362954ca4d395904cc34925b83ede941e2de73646cdff474a60af3c9a239256427fb678708346363092662e7b595f9b7004fc27e1b2340111260830bcbfaf2758aaf1999b56d18e3d286eb7ff712bfeec9d0e62dfad660245e7b17724cbbc675d4a0c572e337dc1faee29674d6c8be61b5ee58e48a5de716d0a70bada300141d7c6d05c300193f7f04a5fe76c34c77b83b048542584e57712f90ea1e4d4c6db5088054da9aa5b57a5a5d7de64af27e4aefc005c7d31c13cbb1b53d34ca1535d4ff773d5a1151d0aa3685af53ec7f34a24a8d64d5894bae7f0d806f91a7eeff05d7be19a212a213872f9b0d4016372d46b1e8fd0be951aa13a98f1ba5452e4bc017c194430d1ae0798c2a122b56aedab0dc4f68cb81c27911fc3dabf040778e8c362e17cd7f20ea29f29f58762c6acf69204d22a4d112be029c18ab03184f49c2b9602ea1d75872f0f9873ad115ef7de8045ea51865c6cb5e0fbc934e4b1a002c27e44350a4262d76e76e439ca1a168b61ee07aa69e53339cbd75ef32476c33f0f836e05a642e7c1462b10d693e25024bc69f1dc0195c79372be1396f9bba67e9a0d4a04fa5b5d161e1fbf2a769eefd21a1d7090535272ec5d19aec56b6892e5ec859ed80d760efd7fbab9dd7a3639bc02724c6e69057a6c154ef8278365cd9c8c513329e77c409ff064c598a792770bfcd04c1d4a97283a21c7b965489a9fcc02dbd1a091533c23f985ad03069bf0e6909f3a46feeec47f09eab926c3f0529dd78a3fe412e54ab2228537c59e37ee764747dc908ef496625621bf13fa4d2d3692c5479e7218b174f4cc2c86784fb7e2a830faa4018fe50c8fd395d4f79b77c0bbf6af76bad6bb90f6c253f09acc94533cc35e295fa9fba53c670110c2c07962db844013f106ae2fb1cf76a90e94cdf18966cfc8b0291e54e547cc6f61a67b4579d7c21e1f90d378ab5c5b59dc91aae319821429fdf7974113dabe9bde33c4901d57fd3e4c5b72946ecfcba90aa973527480f6f34dfbae954d889e3940519e6c4f6cb91c8151d3aa82928e40a2c66f6520c63dcfa91daa781cb936f490e74f01987ebd60c6593de36d0b6cc8abcfe745a7beb1641845d51107d54c71d5dc20767ff5d2b1215bfa67b9a42de62eac231991cf195ba25b75899644a95b171a59f48d39c0b79c40505dedc4984432456b0a64603f5b4f47d307516f15585f8842a248b24f1b3eee88ed92d2778abf820740aadbe90d28f137b4c1bc5710b40e23a93ac846850f4ee9412f389060dd4b3ee2eaa7e0183441e8b86d94392d1e944330ebe46f9c1848bd7e4c5dab6c95885a19ad2cec267c20303add608154a502eb60e26c900960c54acf72a99259ee21a10c7ad2d4dc067455629a86f82f52406361a7ca7274efabda5a27840ccdf1fe5ce4d90162e4dc27a0592b7066662c37f35ac264dd83cee4b347f656e070a507d2c852215ce6061f5947188493a13bcde373bca499e104561dbf6487d7ec12254de16e9a8b898a46c854ea2c468788eb7ad61bf16d3499eb62eafb7fb9e6403e1356b4d4b776728235a628cf49c01a7a01a86ab222259689c9ef42a74e09383b6d50ad38a855c6bde7685ad462f5fa60c0142e51805b021a99f6c1655dfa0105a3f7df2c25cd8cde27c009a55ace2e87ff3ff1354f7fe5851b290122b064a382fd72d419f886cecd3dd6bca9f8f2c0d506543ac6573848b297ae89470ded279cc3ea1468e729937271d3fb48060ab7341c79926c602f328954ade13a3d3d943a3c86257fbb5ee4b50adf4eea4abd1c8b8bd6808f310babf29c4f926508fdf244b16f91c83bccc87e52213ef78eb4f6c199958c979375bbd5b5bb232f35d549a16acce0a9311c47b58fc252d798964dc08fdb3eec4e156b1ae81a1cff8e6ca23bafc6988c63f569420ae913f3300c2a6fb5d31ff62a92c2a97d94063fd96b04f9c88543d89b00370d0bbf07b120be94b652a2b61eef95c86abc506856df7978c3fc3068f59fe5b8feda6cb87a2f53937daf738bca64c58646ed77caac683f058195f0904b374bf4febe17aeb724742fac156c276352cb03235730b4a93c65b31bd9ec42422ddaf4f301e96fcec8c8712ccab51152814e48eb43a4afb522928a7a114d0642483bbfc7e9098529e3f860e31677d1feb9f75b84f9fb4238e36e9384843a64b34f165d60bf9f782e3dab04ba43daf0cec26e46d8c15cf69a47a2d5227cdce5fd0b12d7a8cad5ce479d8a66999805f52c635a11cde3ef524316d6583d3f5a108844d8348554d111dbcc3c8d695c21687f6663c24da6dede9b18b125bb16dd6ebcc1107ce1a3bbc851936a8110d855d22e9132633f544e220b15dc4386498d85024c61b8a300bc7c13b8bc4b7854cabaa3ad6ffb8a3369a7f9d4ffba842091e0c0ab73efb3b3fcb48803d9f28717a7a84581c293188c57f4ce1ec1939fe312045fa7ef29f904a2f8183e6a7e276b15247cd7d132d0a64091f3bbcad5bdd9377b48087d6e5c3bd6d02b2f16f83f963cb7b07547e09acb4b07ce73c388c84b29cce296c4c7c79fc2c529a08667b7e143e84924caa55e41a0ddc90e54b5a781 MD = 00c128539a58423e5d6290f7aebd26eca08e6e5da7b93f151293af186fdea066759c47da8e57c9de526bcd63348326cdddd28f1e9a3ebc08dac6321599a783c3 libica-4.0.1/test/x_test.c000066400000000000000000000313231417716165400154060ustar00rootroot00000000000000/* * This program is released under the Common Public License V1.0 * * You should have received a copy of Common Public License V1.0 along with * with this program. * * Copyright IBM Corp. 2019 */ #include #include #include #include #include "ica_api.h" #include "testcase.h" #define ITERATIONS 1000 struct kat { const unsigned char *priv; const unsigned char *peer_pub; const unsigned char *shared_secret; }; #ifndef NO_CPACF static void check_functionlist(void); static void x25519_kat(void); static void x448_kat(void); static void x25519_pc(void); static void x448_pc(void); #endif /* NO_CPACF */ int main(int argc, char *argv[]) { #ifdef NO_CPACF UNUSED(argc); UNUSED(argv); printf("Skipping X25519/X448 test, because CPACF support disabled via config option.\n"); return TEST_SKIP; #else int i; set_verbosity(argc, argv); check_functionlist(); VV_(printf("\n=== X25519 KAT ===\n")); x25519_kat(); VV_(printf("\n=== X448 KAT ===\n")); x448_kat(); VV_(printf("\n=== X25519 PC ===\n")); for (i = 0; i < ITERATIONS; i++) x25519_pc(); VV_(printf("\n=== X448 PC ===\n")); for (i = 0; i < ITERATIONS; i++) x448_pc(); #endif /* NO_CPACF */ } #ifndef NO_CPACF static void check_functionlist(void) { unsigned int i, listlen, func; libica_func_list_element *list; if (ica_get_functionlist(NULL, &listlen)) EXIT_ERR("ica_get_functionlist failed."); func = 0; list = calloc(1, sizeof(*list) * listlen); if (list == NULL) EXIT_ERR("calloc failed."); if (ica_get_functionlist(list, &listlen)) EXIT_ERR("ica_get_functionlist failed."); for (i = 0; i < listlen; i++) { if (list[i].mech_mode_id == X25519_KEYGEN && (list[i].flags & 4)) func |= 0x01; if (list[i].mech_mode_id == X25519_DERIVE && (list[i].flags & 4)) func |= 0x02; if (list[i].mech_mode_id == X448_KEYGEN && (list[i].flags & 4)) func |= 0x04; if (list[i].mech_mode_id == X448_DERIVE && (list[i].flags & 4)) func |= 0x08; } free(list); if (func != (0x01 | 0x02 | 0x04 | 0x08)) exit(TEST_SKIP); } static void x25519_pc(void) { ICA_X25519_CTX *ctx1 = NULL, *ctx2 = NULL; EVP_PKEY *pkey1 = NULL, *pkey2 = NULL; EVP_PKEY_CTX *pctx = NULL; unsigned char priv[32], pub[32], key1[32], key2[32]; size_t keylen = 0; if (ica_x25519_ctx_new(&ctx1)) EXIT_ERR("ica_x448_ctx_new failed."); if (ica_x25519_ctx_new(&ctx2)) EXIT_ERR("ica_x448_ctx_new failed."); if (ica_x25519_key_gen(ctx1)) EXIT_ERR("ica_x25519_key_gen failed."); if (ica_x25519_key_gen(ctx2)) EXIT_ERR("ica_x25519_key_gen failed."); if (ica_x25519_key_get(ctx1, priv, NULL)) EXIT_ERR("ica_x25519_key_get failed."); if (ica_x25519_key_get(ctx2, NULL, pub)) EXIT_ERR("ica_x25519_key_get failed."); pkey1 = EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, NULL, priv, sizeof(priv)); if (pkey1 == NULL) EXIT_ERR("EVP_PKEY_new_raw_private_key failed."); pkey2 = EVP_PKEY_new_raw_public_key(EVP_PKEY_X25519, NULL, pub, sizeof(pub)); if (pkey2 == NULL) EXIT_ERR("EVP_PKEY_new_raw_private_key failed."); pctx = EVP_PKEY_CTX_new(pkey1, NULL); if (pctx == NULL) EXIT_ERR("EVP_PKEY_CTX_new failed."); if (EVP_PKEY_derive_init(pctx) != 1) EXIT_ERR("EVP_PKEY_derive_init failed."); if (EVP_PKEY_derive_set_peer(pctx, pkey2) != 1) EXIT_ERR("EVP_PKEY_derive_set_peer failed."); if (EVP_PKEY_derive(pctx, NULL, &keylen) != 1) EXIT_ERR("EVP_PKEY_derive failed."); if (EVP_PKEY_derive(pctx, key1, &keylen) != 1) EXIT_ERR("EVP_PKEY_derive failed."); if (ica_x25519_derive(ctx1, key2, pub) != 0) EXIT_ERR("ica_x25519_derive failed."); if (keylen != 32) EXIT_ERR("x25519 wrong shared secret size."); if (memcmp(key1, key2, keylen) != 0) EXIT_ERR("x25519 shared secrets do not match."); (void)ica_x25519_ctx_del(&ctx1); (void)ica_x25519_ctx_del(&ctx2); EVP_PKEY_free(pkey1); EVP_PKEY_free(pkey2); EVP_PKEY_CTX_free(pctx); } static void x448_pc(void) { ICA_X448_CTX *ctx1 = NULL, *ctx2 = NULL; EVP_PKEY *pkey1 = NULL, *pkey2 = NULL; EVP_PKEY_CTX *pctx = NULL; unsigned char priv[56], pub[56], key1[56], key2[56]; size_t keylen = 0; if (ica_x448_ctx_new(&ctx1)) EXIT_ERR("ica_x448_ctx_new failed."); if (ica_x448_ctx_new(&ctx2)) EXIT_ERR("ica_x448_ctx_new failed."); if (ica_x448_key_gen(ctx1)) EXIT_ERR("ica_x448_key_gen failed."); if (ica_x448_key_gen(ctx2)) EXIT_ERR("ica_x448_key_gen failed."); if (ica_x448_key_get(ctx1, priv, NULL)) EXIT_ERR("ica_x448_key_get failed."); if (ica_x448_key_get(ctx2, NULL, pub)) EXIT_ERR("ica_x448_key_get failed."); pkey1 = EVP_PKEY_new_raw_private_key(EVP_PKEY_X448, NULL, priv, sizeof(priv)); if (pkey1 == NULL) EXIT_ERR("EVP_PKEY_new_raw_private_key failed."); pkey2 = EVP_PKEY_new_raw_public_key(EVP_PKEY_X448, NULL, pub, sizeof(pub)); if (pkey2 == NULL) EXIT_ERR("EVP_PKEY_new_raw_private_key failed."); pctx = EVP_PKEY_CTX_new(pkey1, NULL); if (pctx == NULL) EXIT_ERR("EVP_PKEY_CTX_new failed."); if (EVP_PKEY_derive_init(pctx) != 1) EXIT_ERR("EVP_PKEY_derive_init failed."); if (EVP_PKEY_derive_set_peer(pctx, pkey2) != 1) EXIT_ERR("EVP_PKEY_derive_set_peer failed."); if (EVP_PKEY_derive(pctx, NULL, &keylen) != 1) EXIT_ERR("EVP_PKEY_derive failed."); if (EVP_PKEY_derive(pctx, key1, &keylen) != 1) EXIT_ERR("EVP_PKEY_derive failed."); if (ica_x448_derive(ctx1, key2, pub) != 0) EXIT_ERR("ica_x448_derive failed."); if (keylen != 56) EXIT_ERR("x448 wrong shared secret size."); if (memcmp(key1, key2, keylen) != 0) EXIT_ERR("x448 shared secrets do not match."); (void)ica_x448_ctx_del(&ctx1); (void)ica_x448_ctx_del(&ctx2); EVP_PKEY_free(pkey1); EVP_PKEY_free(pkey2); EVP_PKEY_CTX_free(pctx); } static void x25519_kat(void) { struct kat vec[] = { { /* some wycheproof test vectors */ .priv = (const unsigned char[]) { 0x28, 0x87, 0x96, 0xbc, 0x5a, 0xff, 0x4b, 0x81, 0xa3, 0x75, 0x01, 0x75, 0x7b, 0xc0, 0x75, 0x3a, 0x3c, 0x21, 0x96, 0x47, 0x90, 0xd3, 0x86, 0x99, 0x30, 0x8d, 0xeb, 0xc1, 0x7a, 0x6e, 0xaf, 0x8d }, .peer_pub = (const unsigned char[]) { 0xf0, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f }, .shared_secret = (const unsigned char[]) { 0xb4, 0xe0, 0xdd, 0x76, 0xda, 0x7b, 0x07, 0x17, 0x28, 0xb6, 0x1f, 0x85, 0x67, 0x71, 0xaa, 0x35, 0x6e, 0x57, 0xed, 0xa7, 0x8a, 0x5b, 0x16, 0x55, 0xcc, 0x38, 0x20, 0xfb, 0x5f, 0x85, 0x4c, 0x5c }, }, { .priv = (const unsigned char[]) { 0x60, 0x88, 0x7b, 0x3d, 0xc7, 0x24, 0x43, 0x02, 0x6e, 0xbe, 0xdb, 0xbb, 0xb7, 0x06, 0x65, 0xf4, 0x2b, 0x87, 0xad, 0xd1, 0x44, 0x0e, 0x77, 0x68, 0xfb, 0xd7, 0xe8, 0xe2, 0xce, 0x5f, 0x63, 0x9d }, .peer_pub = (const unsigned char[]) { 0xf0, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, .shared_secret = (const unsigned char[]) { 0x38, 0xd6, 0x30, 0x4c, 0x4a, 0x7e, 0x6d, 0x9f, 0x79, 0x59, 0x33, 0x4f, 0xb5, 0x24, 0x5b, 0xd2, 0xc7, 0x54, 0x52, 0x5d, 0x4c, 0x91, 0xdb, 0x95, 0x02, 0x06, 0x92, 0x62, 0x34, 0xc1, 0xf6, 0x33 }, }, { .priv = (const unsigned char[]) { 0xa0, 0xa4, 0xf1, 0x30, 0xb9, 0x8a, 0x5b, 0xe4, 0xb1, 0xce, 0xdb, 0x7c, 0xb8, 0x55, 0x84, 0xa3, 0x52, 0x0e, 0x14, 0x2d, 0x47, 0x4d, 0xc9, 0xcc, 0xb9, 0x09, 0xa0, 0x73, 0xa9, 0x76, 0xbf, 0x63 }, .peer_pub = (const unsigned char[]) { 0x0a, 0xb4, 0xe7, 0x63, 0x80, 0xd8, 0x4d, 0xde, 0x4f, 0x68, 0x33, 0xc5, 0x8f, 0x2a, 0x9f, 0xb8, 0xf8, 0x3b, 0xb0, 0x16, 0x9b, 0x17, 0x2b, 0xe4, 0xb6, 0xe0, 0x59, 0x28, 0x87, 0x74, 0x1a, 0x36 }, .shared_secret = (const unsigned char[]) { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, }, { .priv = (const unsigned char[]) { 0xa0, 0xa4, 0xf1, 0x30, 0xb9, 0x8a, 0x5b, 0xe4, 0xb1, 0xce, 0xdb, 0x7c, 0xb8, 0x55, 0x84, 0xa3, 0x52, 0x0e, 0x14, 0x2d, 0x47, 0x4d, 0xc9, 0xcc, 0xb9, 0x09, 0xa0, 0x73, 0xa9, 0x76, 0xbf, 0x63 }, .peer_pub = (const unsigned char[]) { 0x89, 0xe1, 0x0d, 0x57, 0x01, 0xb4, 0x33, 0x7d, 0x2d, 0x03, 0x21, 0x81, 0x53, 0x8b, 0x10, 0x64, 0xbd, 0x40, 0x84, 0x40, 0x1c, 0xec, 0xa1, 0xfd, 0x12, 0x66, 0x3a, 0x19, 0x59, 0x38, 0x80, 0x00 }, .shared_secret = (const unsigned char[]) { 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, }, { .priv = (const unsigned char[]) { 0xa0, 0xa4, 0xf1, 0x30, 0xb9, 0x8a, 0x5b, 0xe4, 0xb1, 0xce, 0xdb, 0x7c, 0xb8, 0x55, 0x84, 0xa3, 0x52, 0x0e, 0x14, 0x2d, 0x47, 0x4d, 0xc9, 0xcc, 0xb9, 0x09, 0xa0, 0x73, 0xa9, 0x76, 0xbf, 0x63 }, .peer_pub = (const unsigned char[]) { 0x2b, 0x55, 0xd3, 0xaa, 0x4a, 0x8f, 0x80, 0xc8, 0xc0, 0xb2, 0xae, 0x5f, 0x93, 0x3e, 0x85, 0xaf, 0x49, 0xbe, 0xac, 0x36, 0xc2, 0xfa, 0x73, 0x94, 0xba, 0xb7, 0x6c, 0x89, 0x33, 0xf8, 0xf8, 0x1d }, .shared_secret = (const unsigned char[]) { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, }, }; ICA_X25519_CTX *ctx = NULL; unsigned char shared_secret[32]; size_t i = 0; if (ica_x25519_ctx_new(&ctx)) EXIT_ERR("ica_x448_ctx_new failed."); for (i = 0; i < sizeof(vec) / sizeof(vec[0]); i++) { if (ica_x25519_key_set(ctx, vec[i].priv, NULL) != 0) EXIT_ERR("ica_x25519_key_set failed."); if (ica_x25519_derive(ctx, shared_secret, vec[i].peer_pub) != 0) EXIT_ERR("ica_x25519_derive failed."); if (memcmp(shared_secret, vec[i].shared_secret, 32) != 0) EXIT_ERR("x25519 shared secrets do not match."); } (void)ica_x25519_ctx_del(&ctx); } static void x448_kat(void) { struct kat vec[] = { { /* openssl test vectors */ .priv = (const unsigned char[]) { 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf, 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba, 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9, 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91, 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2, 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b }, .peer_pub = (const unsigned char[]) { 0x3e, 0xb7, 0xa8, 0x29, 0xb0, 0xcd, 0x20, 0xf5, 0xbc, 0xfc, 0x0b, 0x59, 0x9b, 0x6f, 0xec, 0xcf, 0x6d, 0xa4, 0x62, 0x71, 0x07, 0xbd, 0xb0, 0xd4, 0xf3, 0x45, 0xb4, 0x30, 0x27, 0xd8, 0xb9, 0x72, 0xfc, 0x3e, 0x34, 0xfb, 0x42, 0x32, 0xa1, 0x3c, 0xa7, 0x06, 0xdc, 0xb5, 0x7a, 0xec, 0x3d, 0xae, 0x07, 0xbd, 0xc1, 0xc6, 0x7b, 0xf3, 0x36, 0x09 }, .shared_secret = (const unsigned char[]) { 0x07, 0xff, 0xf4, 0x18, 0x1a, 0xc6, 0xcc, 0x95, 0xec, 0x1c, 0x16, 0xa9, 0x4a, 0x0f, 0x74, 0xd1, 0x2d, 0xa2, 0x32, 0xce, 0x40, 0xa7, 0x75, 0x52, 0x28, 0x1d, 0x28, 0x2b, 0xb6, 0x0c, 0x0b, 0x56, 0xfd, 0x24, 0x64, 0xc3, 0x35, 0x54, 0x39, 0x36, 0x52, 0x1c, 0x24, 0x40, 0x30, 0x85, 0xd5, 0x9a, 0x44, 0x9a, 0x50, 0x37, 0x51, 0x4a, 0x87, 0x9d } }, { .priv = (const unsigned char[]) { 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf, 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba, 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9, 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91, 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2, 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b }, .peer_pub = (const unsigned char[]) { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, .shared_secret = (const unsigned char[]) { 0x66, 0xe2, 0xe6, 0x82, 0xb1, 0xf8, 0xe6, 0x8c, 0x80, 0x9f, 0x1b, 0xb3, 0xe4, 0x06, 0xbd, 0x82, 0x69, 0x21, 0xd9, 0xc1, 0xa5, 0xbf, 0xbf, 0xcb, 0xab, 0x7a, 0xe7, 0x2f, 0xee, 0xce, 0xe6, 0x36, 0x60, 0xea, 0xbd, 0x54, 0x93, 0x4f, 0x33, 0x82, 0x06, 0x1d, 0x17, 0x60, 0x7f, 0x58, 0x1a, 0x90, 0xbd, 0xac, 0x91, 0x7a, 0x06, 0x49, 0x59, 0xfb } } }; ICA_X448_CTX *ctx = NULL; unsigned char shared_secret[56]; size_t i = 0; if (ica_x448_ctx_new(&ctx)) EXIT_ERR("ica_x448_ctx_new failed."); for (i = 0; i < sizeof(vec) / sizeof(vec[0]); i++) { if (ica_x448_key_set(ctx, vec[i].priv, NULL) != 0) EXIT_ERR("ica_x448_key_set failed."); if (ica_x448_derive(ctx, shared_secret, vec[i].peer_pub) != 0) EXIT_ERR("ica_x448_derive failed."); if (memcmp(shared_secret, vec[i].shared_secret, 56) != 0) EXIT_ERR("x448 shared secrets do not match."); } (void)ica_x448_ctx_del(&ctx); } #endif /* NO_CPACF */