summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjoshua <>2022-11-07 17:41:40 +0000
committerjoshua <>2022-11-07 17:41:40 +0000
commit2113914a414168e4fd8a1801281dd15daeab0f54 (patch)
treea65ca779f87e18aab5ea1bf330119f256cbd3ad8
parent84785a5b19d0cc1b3d2fddb7ee7515636b62a407 (diff)
downloadopenbsd-2113914a414168e4fd8a1801281dd15daeab0f54.tar.gz
openbsd-2113914a414168e4fd8a1801281dd15daeab0f54.tar.bz2
openbsd-2113914a414168e4fd8a1801281dd15daeab0f54.zip
Add regress coverage for AES
ok tb@
Diffstat
-rw-r--r--src/regress/lib/libcrypto/aes/Makefile9
-rw-r--r--src/regress/lib/libcrypto/aes/aes_test.c977
2 files changed, 986 insertions, 0 deletions
diff --git a/src/regress/lib/libcrypto/aes/Makefile b/src/regress/lib/libcrypto/aes/Makefile
new file mode 100644
index 0000000000..3ed7ee76cf
--- /dev/null
+++ b/src/regress/lib/libcrypto/aes/Makefile
@@ -0,0 +1,9 @@
1# $OpenBSD: Makefile,v 1.1 2022/11/07 17:41:40 joshua Exp $
2
3PROG= aes_test
4LDADD= -lcrypto
5DPADD= ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libcrypto/aes/aes_test.c b/src/regress/lib/libcrypto/aes/aes_test.c
new file mode 100644
index 0000000000..13958270e7
--- /dev/null
+++ b/src/regress/lib/libcrypto/aes/aes_test.c
@@ -0,0 +1,977 @@
1/* $OpenBSD: aes_test.c,v 1.1 2022/11/07 17:41:40 joshua Exp $ */
2/*
3 * Copyright (c) 2022 Joshua Sing <joshua@hypera.dev>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/evp.h>
19#include <openssl/aes.h>
20
21#include <stdint.h>
22#include <string.h>
23
24struct aes_test {
25 const int mode;
26 const uint8_t key[64];
27 const uint8_t iv[64];
28 const int iv_len;
29 const uint8_t in[64];
30 const int in_len;
31 const uint8_t out[64];
32 const int out_len;
33 const int padding;
34};
35
36static const struct aes_test aes_tests[] = {
37 /* ECB - Test vectors from FIPS-197, Appendix C. */
38 {
39 .mode = NID_aes_128_ecb,
40 .key = {
41 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
42 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
43 },
44 .in = {
45 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
46 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
47 },
48 .in_len = 16,
49 .out = {
50 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
51 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a,
52 },
53 .out_len = 16,
54 },
55 {
56 .mode = NID_aes_192_ecb,
57 .key = {
58 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
59 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
60 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
61 },
62 .in = {
63 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
64 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
65 },
66 .in_len = 16,
67 .out = {
68 0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0,
69 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91,
70 },
71 .out_len = 16,
72 },
73 {
74 .mode = NID_aes_256_ecb,
75 .key = {
76 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
77 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
78 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
79 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
80 },
81 .in = {
82 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
83 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
84 },
85 .in_len = 16,
86 .out = {
87 0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf,
88 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89,
89 },
90 .out_len = 16,
91 },
92
93 /* CBC - Test vectors from RFC 3602 */
94 {
95 .mode = NID_aes_128_cbc,
96 .key = {
97 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b,
98 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06,
99 },
100 .iv = {
101 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30,
102 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41,
103 },
104 .iv_len = 16,
105 .in = {
106 0x53, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x20, 0x62,
107 0x6c, 0x6f, 0x63, 0x6b, 0x20, 0x6d, 0x73, 0x67,
108 },
109 .in_len = 16,
110 .out = {
111 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8,
112 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a,
113 },
114 .out_len = 16,
115 },
116 {
117 .mode = NID_aes_128_cbc,
118 .key = {
119 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0,
120 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a,
121 },
122 .iv = {
123 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28,
124 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58,
125 },
126 .iv_len = 16,
127 .in = {
128 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
129 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
130 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
131 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
132 },
133 .in_len = 32,
134 .out = {
135 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a,
136 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a,
137 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9,
138 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1,
139 },
140 .out_len = 32,
141 },
142 {
143 .mode = NID_aes_128_cbc,
144 .key = {
145 0x6c, 0x3e, 0xa0, 0x47, 0x76, 0x30, 0xce, 0x21,
146 0xa2, 0xce, 0x33, 0x4a, 0xa7, 0x46, 0xc2, 0xcd,
147 },
148 .iv = {
149 0xc7, 0x82, 0xdc, 0x4c, 0x09, 0x8c, 0x66, 0xcb,
150 0xd9, 0xcd, 0x27, 0xd8, 0x25, 0x68, 0x2c, 0x81,
151 },
152 .iv_len = 16,
153 .in = {
154 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
155 0x61, 0x20, 0x34, 0x38, 0x2d, 0x62, 0x79, 0x74,
156 0x65, 0x20, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67,
157 0x65, 0x20, 0x28, 0x65, 0x78, 0x61, 0x63, 0x74,
158 0x6c, 0x79, 0x20, 0x33, 0x20, 0x41, 0x45, 0x53,
159 0x20, 0x62, 0x6c, 0x6f, 0x63, 0x6b, 0x73, 0x29,
160 },
161 .in_len = 48,
162 .out = {
163 0xd0, 0xa0, 0x2b, 0x38, 0x36, 0x45, 0x17, 0x53,
164 0xd4, 0x93, 0x66, 0x5d, 0x33, 0xf0, 0xe8, 0x86,
165 0x2d, 0xea, 0x54, 0xcd, 0xb2, 0x93, 0xab, 0xc7,
166 0x50, 0x69, 0x39, 0x27, 0x67, 0x72, 0xf8, 0xd5,
167 0x02, 0x1c, 0x19, 0x21, 0x6b, 0xad, 0x52, 0x5c,
168 0x85, 0x79, 0x69, 0x5d, 0x83, 0xba, 0x26, 0x84,
169 },
170 .out_len = 48,
171 },
172 {
173 .mode = NID_aes_128_cbc,
174 .key = {
175 0x56, 0xe4, 0x7a, 0x38, 0xc5, 0x59, 0x89, 0x74,
176 0xbc, 0x46, 0x90, 0x3d, 0xba, 0x29, 0x03, 0x49,
177 },
178 .iv = {
179 0x8c, 0xe8, 0x2e, 0xef, 0xbe, 0xa0, 0xda, 0x3c,
180 0x44, 0x69, 0x9e, 0xd7, 0xdb, 0x51, 0xb7, 0xd9,
181 },
182 .iv_len = 16,
183 .in = {
184 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
185 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
186 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
187 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
188 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
189 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
190 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
191 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
192 },
193 .in_len = 64,
194 .out = {
195 0xc3, 0x0e, 0x32, 0xff, 0xed, 0xc0, 0x77, 0x4e,
196 0x6a, 0xff, 0x6a, 0xf0, 0x86, 0x9f, 0x71, 0xaa,
197 0x0f, 0x3a, 0xf0, 0x7a, 0x9a, 0x31, 0xa9, 0xc6,
198 0x84, 0xdb, 0x20, 0x7e, 0xb0, 0xef, 0x8e, 0x4e,
199 0x35, 0x90, 0x7a, 0xa6, 0x32, 0xc3, 0xff, 0xdf,
200 0x86, 0x8b, 0xb7, 0xb2, 0x9d, 0x3d, 0x46, 0xad,
201 0x83, 0xce, 0x9f, 0x9a, 0x10, 0x2e, 0xe9, 0x9d,
202 0x49, 0xa5, 0x3e, 0x87, 0xf4, 0xc3, 0xda, 0x55,
203 },
204 .out_len = 64,
205 },
206
207 /* CBC - Test vectors from NIST SP 800-38A */
208 {
209 .mode = NID_aes_128_cbc,
210 .key = {
211 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
212 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
213 },
214 .iv = {
215 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
216 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
217 },
218 .iv_len = 16,
219 .in = {
220 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
221 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
222 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
223 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
224 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
225 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
226 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
227 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
228 },
229 .in_len = 64,
230 .out = {
231 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
232 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
233 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
234 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
235 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
236 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
237 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
238 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7,
239 },
240 .out_len = 64,
241 },
242 {
243 .mode = NID_aes_192_cbc,
244 .key = {
245 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
246 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
247 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
248 },
249 .iv = {
250 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
251 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
252 },
253 .iv_len = 16,
254 .in = {
255 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
256 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
257 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
258 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
259 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
260 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
261 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
262 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
263 },
264 .in_len = 64,
265 .out = {
266 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d,
267 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8,
268 0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4,
269 0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a,
270 0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0,
271 0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0,
272 0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81,
273 0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd,
274 },
275 .out_len = 64,
276 },
277 {
278 .mode = NID_aes_256_cbc,
279 .key = {
280 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
281 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
282 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
283 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
284 },
285 .iv = {
286 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
287 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
288 },
289 .iv_len = 16,
290 .in = {
291 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
292 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
293 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
294 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
295 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
296 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
297 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
298 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
299 },
300 .in_len = 64,
301 .out = {
302 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
303 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
304 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
305 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
306 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
307 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
308 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
309 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b,
310 },
311 .out_len = 64,
312 },
313
314 /* CFB128 - Test vectors from NIST SP 800-38A */
315 {
316 .mode = NID_aes_128_cfb128,
317 .key = {
318 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
319 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
320 },
321 .iv = {
322 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
323 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
324 },
325 .iv_len = 16,
326 .in = {
327 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
328 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
329 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
330 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
331 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
332 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
333 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
334 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
335 },
336 .in_len = 64,
337 .out = {
338 0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20,
339 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a,
340 0xc8, 0xa6, 0x45, 0x37, 0xa0, 0xb3, 0xa9, 0x3f,
341 0xcd, 0xe3, 0xcd, 0xad, 0x9f, 0x1c, 0xe5, 0x8b,
342 0x26, 0x75, 0x1f, 0x67, 0xa3, 0xcb, 0xb1, 0x40,
343 0xb1, 0x80, 0x8c, 0xf1, 0x87, 0xa4, 0xf4, 0xdf,
344 0xc0, 0x4b, 0x05, 0x35, 0x7c, 0x5d, 0x1c, 0x0e,
345 0xea, 0xc4, 0xc6, 0x6f, 0x9f, 0xf7, 0xf2, 0xe6,
346 },
347 .out_len = 64,
348 },
349 {
350 .mode = NID_aes_192_cfb128,
351 .key = {
352 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
353 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
354 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
355 },
356 .iv = {
357 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
358 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
359 },
360 .iv_len = 16,
361 .in = {
362 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
363 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
364 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
365 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
366 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
367 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
368 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
369 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
370 },
371 .in_len = 64,
372 .out = {
373 0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab,
374 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74,
375 0x67, 0xce, 0x7f, 0x7f, 0x81, 0x17, 0x36, 0x21,
376 0x96, 0x1a, 0x2b, 0x70, 0x17, 0x1d, 0x3d, 0x7a,
377 0x2e, 0x1e, 0x8a, 0x1d, 0xd5, 0x9b, 0x88, 0xb1,
378 0xc8, 0xe6, 0x0f, 0xed, 0x1e, 0xfa, 0xc4, 0xc9,
379 0xc0, 0x5f, 0x9f, 0x9c, 0xa9, 0x83, 0x4f, 0xa0,
380 0x42, 0xae, 0x8f, 0xba, 0x58, 0x4b, 0x09, 0xff,
381 },
382 .out_len = 64,
383 },
384 {
385 .mode = NID_aes_256_cfb128,
386 .key = {
387 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
388 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
389 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
390 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
391 },
392 .iv = {
393 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
394 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
395 },
396 .iv_len = 16,
397 .in = {
398 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
399 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
400 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
401 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
402 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
403 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
404 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
405 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
406 },
407 .in_len = 64,
408 .out = {
409 0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b,
410 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60,
411 0x39, 0xff, 0xed, 0x14, 0x3b, 0x28, 0xb1, 0xc8,
412 0x32, 0x11, 0x3c, 0x63, 0x31, 0xe5, 0x40, 0x7b,
413 0xdf, 0x10, 0x13, 0x24, 0x15, 0xe5, 0x4b, 0x92,
414 0xa1, 0x3e, 0xd0, 0xa8, 0x26, 0x7a, 0xe2, 0xf9,
415 0x75, 0xa3, 0x85, 0x74, 0x1a, 0xb9, 0xce, 0xf8,
416 0x20, 0x31, 0x62, 0x3d, 0x55, 0xb1, 0xe4, 0x71,
417 },
418 .out_len = 64,
419 },
420
421 /* OFB128 - Test vectors from NIST SP 800-38A */
422 {
423 .mode = NID_aes_128_ofb128,
424 .key = {
425 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
426 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
427 },
428 .iv = {
429 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
430 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
431 },
432 .iv_len = 16,
433 .in = {
434 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
435 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
436 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
437 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
438 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
439 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
440 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
441 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
442 },
443 .in_len = 64,
444 .out = {
445 0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20,
446 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a,
447 0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03,
448 0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25,
449 0x97, 0x40, 0x05, 0x1e, 0x9c, 0x5f, 0xec, 0xf6,
450 0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc,
451 0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78,
452 0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e,
453 },
454 .out_len = 64,
455 },
456 {
457 .mode = NID_aes_192_ofb128,
458 .key = {
459 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
460 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
461 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
462 },
463 .iv = {
464 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
465 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
466 },
467 .iv_len = 16,
468 .in = {
469 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
470 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
471 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
472 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
473 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
474 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
475 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
476 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
477 },
478 .in_len = 64,
479 .out = {
480 0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab,
481 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74,
482 0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c,
483 0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01,
484 0x8d, 0x9a, 0x9a, 0xea, 0xc0, 0xf6, 0x59, 0x6f,
485 0x55, 0x9c, 0x6d, 0x4d, 0xaf, 0x59, 0xa5, 0xf2,
486 0x6d, 0x9f, 0x20, 0x08, 0x57, 0xca, 0x6c, 0x3e,
487 0x9c, 0xac, 0x52, 0x4b, 0xd9, 0xac, 0xc9, 0x2a,
488 },
489 .out_len = 64,
490 },
491 {
492 .mode = NID_aes_256_ofb128,
493 .key = {
494 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
495 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
496 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
497 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
498 },
499 .iv = {
500 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
501 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
502 },
503 .iv_len = 16,
504 .in = {
505 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
506 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
507 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
508 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
509 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
510 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
511 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
512 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
513 },
514 .in_len = 64,
515 .out = {
516 0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b,
517 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60,
518 0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a,
519 0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d,
520 0x71, 0xab, 0x47, 0xa0, 0x86, 0xe8, 0x6e, 0xed,
521 0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08,
522 0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8,
523 0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84,
524 },
525 .out_len = 64,
526 },
527};
528
529#define N_AES_TESTS (sizeof(aes_tests) / sizeof(aes_tests[0]))
530
531static int
532aes_ecb_test(size_t test_number, const char *label, int key_bits, const struct aes_test *at)
533{
534 AES_KEY key;
535 uint8_t out[64];
536
537 if (at->padding) {
538 /* XXX - Handle padding */
539 return 1;
540 }
541
542 /* Encryption */
543 memset(out, 0, sizeof(out));
544 AES_set_encrypt_key(at->key, key_bits, &key);
545 AES_ecb_encrypt(at->in, out, &key, 1);
546
547 if (memcmp(at->out, out, at->out_len) != 0) {
548 fprintf(stderr, "FAIL (%s:%zu): encryption mismatch\n",
549 label, test_number);
550 return 0;
551 }
552
553 /* Decryption */
554 memset(out, 0, sizeof(out));
555 AES_set_decrypt_key(at->key, key_bits, &key);
556 AES_ecb_encrypt(at->out, out, &key, 0);
557
558 if (memcmp(at->in, out, at->in_len) != 0) {
559 fprintf(stderr, "FAIL (%s:%zu): decryption mismatch\n",
560 label, test_number);
561 return 0;
562 }
563
564 return 1;
565}
566
567
568static int
569aes_cbc_test(size_t test_number, const char *label, int key_bits, const struct aes_test *at)
570{
571 AES_KEY key;
572 uint8_t out[64];
573 uint8_t iv[16];
574
575 if (at->padding) {
576 /* XXX - Handle padding */
577 return 1;
578 }
579
580 /* Encryption */
581 memset(out, 0, sizeof(out));
582 memcpy(iv, at->iv, at->iv_len);
583 AES_set_encrypt_key(at->key, key_bits, &key);
584 AES_cbc_encrypt(at->in, out, at->in_len, &key, iv, 1);
585
586 if (memcmp(at->out, out, at->out_len) != 0) {
587 fprintf(stderr, "FAIL (%s:%zu): encryption mismatch\n",
588 label, test_number);
589 return 0;
590 }
591
592 /* Decryption */
593 memset(out, 0, sizeof(out));
594 memcpy(iv, at->iv, at->iv_len);
595 AES_set_decrypt_key(at->key, key_bits, &key);
596 AES_cbc_encrypt(at->out, out, at->out_len, &key, iv, 0);
597
598 if (memcmp(at->in, out, at->in_len) != 0) {
599 fprintf(stderr, "FAIL (%s:%zu): decryption mismatch\n",
600 label, test_number);
601 return 0;
602 }
603
604 return 1;
605}
606
607static int
608aes_evp_test(size_t test_number, const struct aes_test *at, const char *label,
609 int key_bits, const EVP_CIPHER *cipher)
610{
611 EVP_CIPHER_CTX *ctx;
612 uint8_t out[64];
613 int in_len, out_len, total_len;
614 int i;
615 int success = 0;
616
617 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) {
618 fprintf(stderr, "FAIL (%s:%zu): EVP_CIPHER_CTX_new failed\n",
619 label, test_number);
620 goto failed;
621 }
622
623 /* EVP encryption */
624 total_len = 0;
625 memset(out, 0, sizeof(out));
626 if (!EVP_EncryptInit(ctx, cipher, NULL, NULL)) {
627 fprintf(stderr, "FAIL (%s:%zu): EVP_EncryptInit failed\n",
628 label, test_number);
629 goto failed;
630 }
631
632 if (!EVP_CIPHER_CTX_set_padding(ctx, at->padding)) {
633 fprintf(stderr,
634 "FAIL (%s:%zu): EVP_CIPHER_CTX_set_padding failed\n",
635 label, test_number);
636 goto failed;
637 }
638
639 if (!EVP_EncryptInit(ctx, NULL, at->key, at->iv)) {
640 fprintf(stderr, "FAIL (%s:%zu): EVP_EncryptInit failed\n",
641 label, test_number);
642 goto failed;
643 }
644
645 for (i = 0; i < at->in_len;) {
646 in_len = arc4random_uniform(at->in_len / 2);
647 if (in_len > at->in_len - i)
648 in_len = at->in_len - i;
649
650 if (!EVP_EncryptUpdate(ctx, out + total_len, &out_len,
651 at->in + i, in_len)) {
652 fprintf(stderr,
653 "FAIL (%s:%zu): EVP_EncryptUpdate failed\n",
654 label, test_number);
655 goto failed;
656 }
657
658 i += in_len;
659 total_len += out_len;
660 }
661
662 if (!EVP_EncryptFinal_ex(ctx, out + total_len, &out_len)) {
663 fprintf(stderr, "FAIL (%s:%zu): EVP_EncryptFinal_ex failed\n",
664 label, test_number);
665 goto failed;
666 }
667 total_len += out_len;
668
669 if (!EVP_CIPHER_CTX_reset(ctx)) {
670 fprintf(stderr,
671 "FAIL (%s:%zu): EVP_CIPHER_CTX_reset failed\n",
672 label, test_number);
673 goto failed;
674 }
675
676 if (total_len != at->out_len) {
677 fprintf(stderr,
678 "FAIL (%s:%zu): EVP encryption length mismatch "
679 "(%d != %d)\n", label, test_number, total_len, at->out_len);
680 goto failed;
681 }
682
683 if (memcmp(at->out, out, at->out_len) != 0) {
684 fprintf(stderr, "FAIL (%s:%zu): EVP encryption mismatch\n",
685 label, test_number);
686 goto failed;
687 }
688
689 /* EVP decryption */
690 total_len = 0;
691 memset(out, 0, sizeof(out));
692 if (!EVP_DecryptInit(ctx, cipher, NULL, NULL)) {
693 fprintf(stderr, "FAIL (%s:%zu): EVP_DecryptInit failed\n",
694 label, test_number);
695 goto failed;
696 }
697
698 if (!EVP_CIPHER_CTX_set_padding(ctx, at->padding)) {
699 fprintf(stderr,
700 "FAIL (%s:%zu): EVP_CIPHER_CTX_set_padding failed\n",
701 label, test_number);
702 goto failed;
703 }
704
705 if (!EVP_DecryptInit(ctx, NULL, at->key, at->iv)) {
706 fprintf(stderr, "FAIL (%s:%zu): EVP_DecryptInit failed\n",
707 label, test_number);
708 goto failed;
709 }
710
711 for (i = 0; i < at->out_len;) {
712 in_len = arc4random_uniform(at->out_len / 2);
713 if (in_len > at->out_len - i)
714 in_len = at->out_len - i;
715
716 if (!EVP_DecryptUpdate(ctx, out + total_len, &out_len,
717 at->out + i, in_len)) {
718 fprintf(stderr,
719 "FAIL (%s:%zu): EVP_DecryptUpdate failed\n",
720 label, test_number);
721 goto failed;
722 }
723
724 i += in_len;
725 total_len += out_len;
726 }
727
728 if (!EVP_DecryptFinal_ex(ctx, out + total_len, &out_len)) {
729 fprintf(stderr, "FAIL (%s:%zu): EVP_DecryptFinal_ex failed\n",
730 label, test_number);
731 goto failed;
732 }
733 total_len += out_len;
734
735 if (!EVP_CIPHER_CTX_reset(ctx)) {
736 fprintf(stderr,
737 "FAIL (%s:%zu): EVP_CIPHER_CTX_reset failed\n",
738 label, test_number);
739 goto failed;
740 }
741
742 if (total_len != at->in_len) {
743 fprintf(stderr,
744 "FAIL (%s:%zu): EVP decryption length mismatch\n",
745 label, test_number);
746 goto failed;
747 }
748
749 if (memcmp(at->in, out, at->in_len) != 0) {
750 fprintf(stderr, "FAIL (%s:%zu): EVP decryption mismatch\n",
751 label, test_number);
752 goto failed;
753 }
754
755 success = 1;
756
757 failed:
758 EVP_CIPHER_CTX_free(ctx);
759 return success;
760}
761
762
763static int
764aes_key_bits_from_nid(int nid)
765{
766 switch (nid) {
767 case NID_aes_128_ecb:
768 case NID_aes_128_cbc:
769 case NID_aes_128_cfb128:
770 case NID_aes_128_ofb128:
771 case NID_aes_128_gcm:
772 case NID_aes_128_ccm:
773 return 128;
774 case NID_aes_192_ecb:
775 case NID_aes_192_cbc:
776 case NID_aes_192_cfb128:
777 case NID_aes_192_ofb128:
778 case NID_aes_192_gcm:
779 case NID_aes_192_ccm:
780 return 192;
781 case NID_aes_256_ecb:
782 case NID_aes_256_cbc:
783 case NID_aes_256_cfb128:
784 case NID_aes_256_ofb128:
785 case NID_aes_256_gcm:
786 case NID_aes_256_ccm:
787 return 256;
788 default:
789 return -1;
790 }
791}
792
793static int
794aes_cipher_from_nid(int nid, const char **out_label,
795 const EVP_CIPHER **out_cipher)
796{
797 switch (nid) {
798 /* ECB */
799 case NID_aes_128_ecb:
800 *out_label = SN_aes_128_ecb;
801 *out_cipher = EVP_aes_128_ecb();
802 break;
803 case NID_aes_192_ecb:
804 *out_label = SN_aes_192_ecb;
805 *out_cipher = EVP_aes_192_ecb();
806 break;
807 case NID_aes_256_ecb:
808 *out_label = SN_aes_256_ecb;
809 *out_cipher = EVP_aes_256_ecb();
810 break;
811
812 /* CBC */
813 case NID_aes_128_cbc:
814 *out_label = SN_aes_128_cbc;
815 *out_cipher = EVP_aes_128_cbc();
816 break;
817 case NID_aes_192_cbc:
818 *out_label = SN_aes_192_cbc;
819 *out_cipher = EVP_aes_192_cbc();
820 break;
821 case NID_aes_256_cbc:
822 *out_label = SN_aes_256_cbc;
823 *out_cipher = EVP_aes_256_cbc();
824 break;
825
826 /* CFB128 */
827 case NID_aes_128_cfb128:
828 *out_label = SN_aes_128_cfb128;
829 *out_cipher = EVP_aes_128_cfb128();
830 break;
831 case NID_aes_192_cfb128:
832 *out_label = SN_aes_192_cfb128;
833 *out_cipher = EVP_aes_192_cfb128();
834 break;
835 case NID_aes_256_cfb128:
836 *out_label = SN_aes_256_cfb128;
837 *out_cipher = EVP_aes_256_cfb128();
838 break;
839
840 /* OFB128 */
841 case NID_aes_128_ofb128:
842 *out_label = SN_aes_128_ofb128;
843 *out_cipher = EVP_aes_128_ofb();
844 break;
845 case NID_aes_192_ofb128:
846 *out_label = SN_aes_192_ofb128;
847 *out_cipher = EVP_aes_192_ofb();
848 break;
849 case NID_aes_256_ofb128:
850 *out_label = SN_aes_256_ofb128;
851 *out_cipher = EVP_aes_256_ofb();
852 break;
853
854 /* GCM */
855 case NID_aes_128_gcm:
856 *out_label = SN_aes_128_gcm;
857 *out_cipher = EVP_aes_128_gcm();
858 break;
859 case NID_aes_192_gcm:
860 *out_label = SN_aes_192_gcm;
861 *out_cipher = EVP_aes_192_gcm();
862 break;
863 case NID_aes_256_gcm:
864 *out_label = SN_aes_256_gcm;
865 *out_cipher = EVP_aes_256_gcm();
866 break;
867
868 /* CCM */
869 case NID_aes_128_ccm:
870 *out_label = SN_aes_128_ccm;
871 *out_cipher = EVP_aes_128_ccm();
872 break;
873 case NID_aes_192_ccm:
874 *out_label = SN_aes_192_ccm;
875 *out_cipher = EVP_aes_192_ccm();
876 break;
877 case NID_aes_256_ccm:
878 *out_label = SN_aes_256_ccm;
879 *out_cipher = EVP_aes_256_ccm();
880 break;
881
882 /* Unknown */
883 default:
884 return 0;
885 }
886
887 return 1;
888}
889
890static int
891aes_test(void)
892{
893 const struct aes_test *at;
894 const char *label;
895 const EVP_CIPHER *cipher;
896 int key_bits;
897 size_t i;
898 int failed = 1;
899
900 for (i = 0; i < N_AES_TESTS; i++) {
901 at = &aes_tests[i];
902 key_bits = aes_key_bits_from_nid(at->mode);
903 if (!aes_cipher_from_nid(at->mode, &label, &cipher))
904 goto failed;
905
906 switch (at->mode) {
907 /* ECB */
908 case NID_aes_128_ecb:
909 case NID_aes_192_ecb:
910 case NID_aes_256_ecb:
911 if (!aes_ecb_test(i, label, key_bits, at))
912 goto failed;
913 break;
914
915 /* CBC */
916 case NID_aes_128_cbc:
917 case NID_aes_192_cbc:
918 case NID_aes_256_cbc:
919 if (!aes_cbc_test(i, label, key_bits, at))
920 goto failed;
921 break;
922
923 /* CFB128 */
924 case NID_aes_128_cfb128:
925 case NID_aes_192_cfb128:
926 case NID_aes_256_cfb128:
927 /* XXX - CFB128 non-EVP tests */
928 break;
929
930 /* OFB128 */
931 case NID_aes_128_ofb128:
932 case NID_aes_192_ofb128:
933 case NID_aes_256_ofb128:
934 /* XXX - OFB128 non-EVP tests */
935 break;
936
937 /* GCM */
938 case NID_aes_128_gcm:
939 case NID_aes_192_gcm:
940 case NID_aes_256_gcm:
941 /* GCM is EVP-only */
942 break;
943
944 /* CCM */
945 case NID_aes_128_ccm:
946 case NID_aes_192_ccm:
947 case NID_aes_256_ccm:
948 /* XXX - CCM non-EVP tests */
949 break;
950
951 /* Unknown */
952 default:
953 fprintf(stderr, "FAIL: unknown mode (%d)\n",
954 at->mode);
955 goto failed;
956 }
957
958 if (!aes_evp_test(i, at, label, key_bits, cipher))
959 goto failed;
960 }
961
962 failed = 0;
963
964 failed:
965 return failed;
966}
967
968int
969main(int argc, char **argv)
970{
971 int failed = 0;
972
973 failed |= aes_test();
974
975 return failed;
976}
977
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 08:23:50 +0000