1 1.2 christos /* 2 1.5 christos * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 1.2 christos * 4 1.4 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 5 1.2 christos * this file except in compliance with the License. You can obtain a copy 6 1.2 christos * in the file LICENSE in the source distribution or at 7 1.2 christos * https://www.openssl.org/source/license.html 8 1.2 christos */ 9 1.2 christos 10 1.4 christos /* 11 1.4 christos * DES low level APIs are deprecated for public use, but still ok for internal 12 1.4 christos * use. 13 1.4 christos */ 14 1.4 christos #include "internal/deprecated.h" 15 1.4 christos 16 1.2 christos #include <openssl/e_os2.h> 17 1.3 christos #include <string.h> 18 1.2 christos 19 1.3 christos #include "testutil.h" 20 1.4 christos #include "internal/nelem.h" 21 1.2 christos 22 1.3 christos #ifndef OPENSSL_NO_DES 23 1.2 christos # include <openssl/des.h> 24 1.2 christos 25 1.3 christos /* In case any platform doesn't use unsigned int for its checksums */ 26 1.3 christos # define TEST_cs_eq TEST_uint_eq 27 1.3 christos 28 1.3 christos # define DATA_BUF_SIZE 20 29 1.3 christos 30 1.2 christos /* tisk tisk - the test keys don't all have odd parity :-( */ 31 1.2 christos /* test data */ 32 1.2 christos # define NUM_TESTS 34 33 1.2 christos static unsigned char key_data[NUM_TESTS][8] = { 34 1.2 christos {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 35 1.2 christos {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 36 1.2 christos {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 37 1.2 christos {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 38 1.2 christos {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 39 1.2 christos {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 40 1.2 christos {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 41 1.2 christos {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}, 42 1.2 christos {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57}, 43 1.2 christos {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E}, 44 1.2 christos {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86}, 45 1.2 christos {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E}, 46 1.2 christos {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6}, 47 1.2 christos {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE}, 48 1.2 christos {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6}, 49 1.2 christos {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE}, 50 1.2 christos {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16}, 51 1.2 christos {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F}, 52 1.2 christos {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46}, 53 1.2 christos {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E}, 54 1.2 christos {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76}, 55 1.2 christos {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07}, 56 1.2 christos {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F}, 57 1.2 christos {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7}, 58 1.2 christos {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 59 1.2 christos {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6}, 60 1.2 christos {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF}, 61 1.2 christos {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, 62 1.2 christos {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, 63 1.2 christos {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, 64 1.2 christos {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 65 1.2 christos {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 66 1.2 christos {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 67 1.2 christos {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10} 68 1.2 christos }; 69 1.2 christos 70 1.2 christos static unsigned char plain_data[NUM_TESTS][8] = { 71 1.2 christos {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 72 1.2 christos {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 73 1.2 christos {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, 74 1.2 christos {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 75 1.2 christos {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 76 1.2 christos {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 77 1.2 christos {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 78 1.2 christos {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 79 1.2 christos {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42}, 80 1.2 christos {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA}, 81 1.2 christos {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72}, 82 1.2 christos {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A}, 83 1.2 christos {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2}, 84 1.2 christos {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A}, 85 1.2 christos {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2}, 86 1.2 christos {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A}, 87 1.2 christos {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02}, 88 1.2 christos {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A}, 89 1.2 christos {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32}, 90 1.2 christos {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA}, 91 1.2 christos {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62}, 92 1.2 christos {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2}, 93 1.2 christos {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA}, 94 1.2 christos {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92}, 95 1.2 christos {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A}, 96 1.2 christos {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2}, 97 1.2 christos {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A}, 98 1.2 christos {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 99 1.2 christos {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 100 1.2 christos {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 101 1.2 christos {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 102 1.2 christos {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 103 1.2 christos {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 104 1.2 christos {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF} 105 1.2 christos }; 106 1.2 christos 107 1.2 christos static unsigned char cipher_data[NUM_TESTS][8] = { 108 1.2 christos {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7}, 109 1.2 christos {0x73, 0x59, 0xB2, 0x16, 0x3E, 0x4E, 0xDC, 0x58}, 110 1.2 christos {0x95, 0x8E, 0x6E, 0x62, 0x7A, 0x05, 0x55, 0x7B}, 111 1.2 christos {0xF4, 0x03, 0x79, 0xAB, 0x9E, 0x0E, 0xC5, 0x33}, 112 1.2 christos {0x17, 0x66, 0x8D, 0xFC, 0x72, 0x92, 0x53, 0x2D}, 113 1.2 christos {0x8A, 0x5A, 0xE1, 0xF8, 0x1A, 0xB8, 0xF2, 0xDD}, 114 1.2 christos {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7}, 115 1.2 christos {0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4}, 116 1.2 christos {0x69, 0x0F, 0x5B, 0x0D, 0x9A, 0x26, 0x93, 0x9B}, 117 1.2 christos {0x7A, 0x38, 0x9D, 0x10, 0x35, 0x4B, 0xD2, 0x71}, 118 1.2 christos {0x86, 0x8E, 0xBB, 0x51, 0xCA, 0xB4, 0x59, 0x9A}, 119 1.2 christos {0x71, 0x78, 0x87, 0x6E, 0x01, 0xF1, 0x9B, 0x2A}, 120 1.2 christos {0xAF, 0x37, 0xFB, 0x42, 0x1F, 0x8C, 0x40, 0x95}, 121 1.2 christos {0x86, 0xA5, 0x60, 0xF1, 0x0E, 0xC6, 0xD8, 0x5B}, 122 1.2 christos {0x0C, 0xD3, 0xDA, 0x02, 0x00, 0x21, 0xDC, 0x09}, 123 1.2 christos {0xEA, 0x67, 0x6B, 0x2C, 0xB7, 0xDB, 0x2B, 0x7A}, 124 1.2 christos {0xDF, 0xD6, 0x4A, 0x81, 0x5C, 0xAF, 0x1A, 0x0F}, 125 1.2 christos {0x5C, 0x51, 0x3C, 0x9C, 0x48, 0x86, 0xC0, 0x88}, 126 1.2 christos {0x0A, 0x2A, 0xEE, 0xAE, 0x3F, 0xF4, 0xAB, 0x77}, 127 1.2 christos {0xEF, 0x1B, 0xF0, 0x3E, 0x5D, 0xFA, 0x57, 0x5A}, 128 1.2 christos {0x88, 0xBF, 0x0D, 0xB6, 0xD7, 0x0D, 0xEE, 0x56}, 129 1.2 christos {0xA1, 0xF9, 0x91, 0x55, 0x41, 0x02, 0x0B, 0x56}, 130 1.2 christos {0x6F, 0xBF, 0x1C, 0xAF, 0xCF, 0xFD, 0x05, 0x56}, 131 1.2 christos {0x2F, 0x22, 0xE4, 0x9B, 0xAB, 0x7C, 0xA1, 0xAC}, 132 1.2 christos {0x5A, 0x6B, 0x61, 0x2C, 0xC2, 0x6C, 0xCE, 0x4A}, 133 1.2 christos {0x5F, 0x4C, 0x03, 0x8E, 0xD1, 0x2B, 0x2E, 0x41}, 134 1.2 christos {0x63, 0xFA, 0xC0, 0xD0, 0x34, 0xD9, 0xF7, 0x93}, 135 1.2 christos {0x61, 0x7B, 0x3A, 0x0C, 0xE8, 0xF0, 0x71, 0x00}, 136 1.2 christos {0xDB, 0x95, 0x86, 0x05, 0xF8, 0xC8, 0xC6, 0x06}, 137 1.2 christos {0xED, 0xBF, 0xD1, 0xC6, 0x6C, 0x29, 0xCC, 0xC7}, 138 1.2 christos {0x35, 0x55, 0x50, 0xB2, 0x15, 0x0E, 0x24, 0x51}, 139 1.2 christos {0xCA, 0xAA, 0xAF, 0x4D, 0xEA, 0xF1, 0xDB, 0xAE}, 140 1.2 christos {0xD5, 0xD4, 0x4F, 0xF7, 0x20, 0x68, 0x3D, 0x0D}, 141 1.2 christos {0x2A, 0x2B, 0xB0, 0x08, 0xDF, 0x97, 0xC2, 0xF2} 142 1.2 christos }; 143 1.2 christos 144 1.2 christos static unsigned char cipher_ecb2[NUM_TESTS - 1][8] = { 145 1.2 christos {0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E}, 146 1.2 christos {0x19, 0x9E, 0x9D, 0x6D, 0xF3, 0x9A, 0xA8, 0x16}, 147 1.2 christos {0x2A, 0x4B, 0x4D, 0x24, 0x52, 0x43, 0x84, 0x27}, 148 1.2 christos {0x35, 0x84, 0x3C, 0x01, 0x9D, 0x18, 0xC5, 0xB6}, 149 1.2 christos {0x4A, 0x5B, 0x2F, 0x42, 0xAA, 0x77, 0x19, 0x25}, 150 1.2 christos {0xA0, 0x6B, 0xA9, 0xB8, 0xCA, 0x5B, 0x17, 0x8A}, 151 1.2 christos {0xAB, 0x9D, 0xB7, 0xFB, 0xED, 0x95, 0xF2, 0x74}, 152 1.2 christos {0x3D, 0x25, 0x6C, 0x23, 0xA7, 0x25, 0x2F, 0xD6}, 153 1.2 christos {0xB7, 0x6F, 0xAB, 0x4F, 0xBD, 0xBD, 0xB7, 0x67}, 154 1.2 christos {0x8F, 0x68, 0x27, 0xD6, 0x9C, 0xF4, 0x1A, 0x10}, 155 1.2 christos {0x82, 0x57, 0xA1, 0xD6, 0x50, 0x5E, 0x81, 0x85}, 156 1.2 christos {0xA2, 0x0F, 0x0A, 0xCD, 0x80, 0x89, 0x7D, 0xFA}, 157 1.2 christos {0xCD, 0x2A, 0x53, 0x3A, 0xDB, 0x0D, 0x7E, 0xF3}, 158 1.2 christos {0xD2, 0xC2, 0xBE, 0x27, 0xE8, 0x1B, 0x68, 0xE3}, 159 1.2 christos {0xE9, 0x24, 0xCF, 0x4F, 0x89, 0x3C, 0x5B, 0x0A}, 160 1.2 christos {0xA7, 0x18, 0xC3, 0x9F, 0xFA, 0x9F, 0xD7, 0x69}, 161 1.2 christos {0x77, 0x2C, 0x79, 0xB1, 0xD2, 0x31, 0x7E, 0xB1}, 162 1.2 christos {0x49, 0xAB, 0x92, 0x7F, 0xD0, 0x22, 0x00, 0xB7}, 163 1.2 christos {0xCE, 0x1C, 0x6C, 0x7D, 0x85, 0xE3, 0x4A, 0x6F}, 164 1.2 christos {0xBE, 0x91, 0xD6, 0xE1, 0x27, 0xB2, 0xE9, 0x87}, 165 1.2 christos {0x70, 0x28, 0xAE, 0x8F, 0xD1, 0xF5, 0x74, 0x1A}, 166 1.2 christos {0xAA, 0x37, 0x80, 0xBB, 0xF3, 0x22, 0x1D, 0xDE}, 167 1.2 christos {0xA6, 0xC4, 0xD2, 0x5E, 0x28, 0x93, 0xAC, 0xB3}, 168 1.2 christos {0x22, 0x07, 0x81, 0x5A, 0xE4, 0xB7, 0x1A, 0xAD}, 169 1.2 christos {0xDC, 0xCE, 0x05, 0xE7, 0x07, 0xBD, 0xF5, 0x84}, 170 1.2 christos {0x26, 0x1D, 0x39, 0x2C, 0xB3, 0xBA, 0xA5, 0x85}, 171 1.2 christos {0xB4, 0xF7, 0x0F, 0x72, 0xFB, 0x04, 0xF0, 0xDC}, 172 1.2 christos {0x95, 0xBA, 0xA9, 0x4E, 0x87, 0x36, 0xF2, 0x89}, 173 1.2 christos {0xD4, 0x07, 0x3A, 0xF1, 0x5A, 0x17, 0x82, 0x0E}, 174 1.2 christos {0xEF, 0x6F, 0xAF, 0xA7, 0x66, 0x1A, 0x7E, 0x89}, 175 1.2 christos {0xC1, 0x97, 0xF5, 0x58, 0x74, 0x8A, 0x20, 0xE7}, 176 1.2 christos {0x43, 0x34, 0xCF, 0xDA, 0x22, 0xC4, 0x86, 0xC8}, 177 1.2 christos {0x08, 0xD7, 0xB4, 0xFB, 0x62, 0x9D, 0x08, 0x85} 178 1.2 christos }; 179 1.2 christos 180 1.2 christos static unsigned char cbc_key[8] = 181 1.2 christos { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; 182 1.2 christos static unsigned char cbc2_key[8] = 183 1.2 christos { 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86 }; 184 1.2 christos static unsigned char cbc3_key[8] = 185 1.2 christos { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }; 186 1.2 christos static unsigned char cbc_iv[8] = 187 1.2 christos { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }; 188 1.2 christos /* 189 1.2 christos * Changed the following text constant to binary so it will work on ebcdic 190 1.2 christos * machines :-) 191 1.2 christos */ 192 1.2 christos /* static char cbc_data[40]="7654321 Now is the time for \0001"; */ 193 1.2 christos static unsigned char cbc_data[40] = { 194 1.2 christos 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, 195 1.2 christos 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, 196 1.2 christos 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20, 197 1.2 christos 0x66, 0x6F, 0x72, 0x20, 0x00, 0x31, 0x00, 0x00, 198 1.2 christos 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 199 1.2 christos }; 200 1.2 christos 201 1.2 christos static unsigned char cbc_ok[32] = { 202 1.2 christos 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, 203 1.2 christos 0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb, 204 1.2 christos 0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68, 205 1.2 christos 0x1d, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 206 1.2 christos }; 207 1.2 christos 208 1.2 christos # ifdef SCREW_THE_PARITY 209 1.2 christos # error "SCREW_THE_PARITY is not meant to be defined." 210 1.2 christos # error "Original vectors are preserved for reference only." 211 1.2 christos static unsigned char cbc2_key[8] = 212 1.2 christos { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }; 213 1.2 christos static unsigned char xcbc_ok[32] = { 214 1.2 christos 0x86, 0x74, 0x81, 0x0D, 0x61, 0xA4, 0xA5, 0x48, 215 1.2 christos 0xB9, 0x93, 0x03, 0xE1, 0xB8, 0xBB, 0xBD, 0xBD, 216 1.2 christos 0x64, 0x30, 0x0B, 0xB9, 0x06, 0x65, 0x81, 0x76, 217 1.2 christos 0x04, 0x1D, 0x77, 0x62, 0x17, 0xCA, 0x2B, 0xD2, 218 1.2 christos }; 219 1.2 christos # else 220 1.2 christos static unsigned char xcbc_ok[32] = { 221 1.2 christos 0x84, 0x6B, 0x29, 0x14, 0x85, 0x1E, 0x9A, 0x29, 222 1.2 christos 0x54, 0x73, 0x2F, 0x8A, 0xA0, 0xA6, 0x11, 0xC1, 223 1.2 christos 0x15, 0xCD, 0xC2, 0xD7, 0x95, 0x1B, 0x10, 0x53, 224 1.2 christos 0xA6, 0x3C, 0x5E, 0x03, 0xB2, 0x1A, 0xA3, 0xC4, 225 1.2 christos }; 226 1.2 christos # endif 227 1.2 christos 228 1.2 christos static unsigned char cbc3_ok[32] = { 229 1.2 christos 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0, 230 1.2 christos 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC, 231 1.2 christos 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4, 232 1.2 christos 0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75 233 1.2 christos }; 234 1.2 christos 235 1.2 christos static unsigned char pcbc_ok[32] = { 236 1.2 christos 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, 237 1.2 christos 0x6d, 0xec, 0xb4, 0x70, 0xa0, 0xe5, 0x6b, 0x15, 238 1.2 christos 0xae, 0xa6, 0xbf, 0x61, 0xed, 0x7d, 0x9c, 0x9f, 239 1.2 christos 0xf7, 0x17, 0x46, 0x3b, 0x8a, 0xb3, 0xcc, 0x88 240 1.2 christos }; 241 1.2 christos 242 1.2 christos static unsigned char cfb_key[8] = 243 1.2 christos { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; 244 1.2 christos static unsigned char cfb_iv[8] = 245 1.2 christos { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }; 246 1.2 christos static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8]; 247 1.2 christos static unsigned char plain[24] = { 248 1.2 christos 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 249 1.2 christos 0x20, 0x74, 0x68, 0x65, 0x20, 0x74, 250 1.2 christos 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f, 251 1.2 christos 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20 252 1.2 christos }; 253 1.2 christos 254 1.2 christos static unsigned char cfb_cipher8[24] = { 255 1.2 christos 0xf3, 0x1f, 0xda, 0x07, 0x01, 0x14, 0x62, 0xee, 0x18, 0x7f, 0x43, 0xd8, 256 1.2 christos 0x0a, 0x7c, 0xd9, 0xb5, 0xb0, 0xd2, 0x90, 0xda, 0x6e, 0x5b, 0x9a, 0x87 257 1.2 christos }; 258 1.2 christos 259 1.2 christos static unsigned char cfb_cipher16[24] = { 260 1.2 christos 0xF3, 0x09, 0x87, 0x87, 0x7F, 0x57, 0xF7, 0x3C, 0x36, 0xB6, 0xDB, 0x70, 261 1.2 christos 0xD8, 0xD5, 0x34, 0x19, 0xD3, 0x86, 0xB2, 0x23, 0xB7, 0xB2, 0xAD, 0x1B 262 1.2 christos }; 263 1.2 christos 264 1.2 christos static unsigned char cfb_cipher32[24] = { 265 1.2 christos 0xF3, 0x09, 0x62, 0x49, 0xA4, 0xDF, 0xA4, 0x9F, 0x33, 0xDC, 0x7B, 0xAD, 266 1.2 christos 0x4C, 0xC8, 0x9F, 0x64, 0xE4, 0x53, 0xE5, 0xEC, 0x67, 0x20, 0xDA, 0xB6 267 1.2 christos }; 268 1.2 christos 269 1.2 christos static unsigned char cfb_cipher48[24] = { 270 1.2 christos 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x30, 0xB5, 0x15, 0xEC, 0xBB, 0x85, 271 1.2 christos 0x97, 0x5A, 0x13, 0x8C, 0x68, 0x60, 0xE2, 0x38, 0x34, 0x3C, 0xDC, 0x1F 272 1.2 christos }; 273 1.2 christos 274 1.2 christos static unsigned char cfb_cipher64[24] = { 275 1.2 christos 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x6E, 0x51, 0xA6, 0x9E, 0x83, 0x9B, 276 1.2 christos 0x1A, 0x92, 0xF7, 0x84, 0x03, 0x46, 0x71, 0x33, 0x89, 0x8E, 0xA6, 0x22 277 1.2 christos }; 278 1.2 christos 279 1.2 christos static unsigned char ofb_key[8] = 280 1.2 christos { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; 281 1.2 christos static unsigned char ofb_iv[8] = 282 1.2 christos { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }; 283 1.2 christos static unsigned char ofb_buf1[24], ofb_buf2[24], ofb_tmp[8]; 284 1.2 christos static unsigned char ofb_cipher[24] = { 285 1.2 christos 0xf3, 0x09, 0x62, 0x49, 0xc7, 0xf4, 0x6e, 0x51, 286 1.2 christos 0x35, 0xf2, 0x4a, 0x24, 0x2e, 0xeb, 0x3d, 0x3f, 287 1.2 christos 0x3d, 0x6d, 0x5b, 0xe3, 0x25, 0x5a, 0xf8, 0xc3 288 1.2 christos }; 289 1.2 christos static DES_LONG cbc_cksum_ret = 0xF7FE62B4L; 290 1.2 christos static unsigned char cbc_cksum_data[8] = 291 1.2 christos { 0x1D, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 }; 292 1.2 christos 293 1.3 christos static char *pt(const unsigned char *p, char buf[DATA_BUF_SIZE]) 294 1.3 christos { 295 1.3 christos char *ret; 296 1.3 christos int i; 297 1.3 christos static const char *f = "0123456789ABCDEF"; 298 1.2 christos 299 1.3 christos ret = &(buf[0]); 300 1.3 christos for (i = 0; i < 8; i++) { 301 1.3 christos ret[i * 2] = f[(p[i] >> 4) & 0xf]; 302 1.3 christos ret[i * 2 + 1] = f[p[i] & 0xf]; 303 1.2 christos } 304 1.3 christos ret[16] = '\0'; 305 1.3 christos return ret; 306 1.3 christos } 307 1.3 christos 308 1.3 christos static int test_des_ecb(int i) 309 1.3 christos { 310 1.3 christos DES_key_schedule ks; 311 1.3 christos DES_cblock in, out, outin; 312 1.3 christos char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; 313 1.2 christos 314 1.3 christos DES_set_key_unchecked(&key_data[i], &ks); 315 1.3 christos memcpy(in, plain_data[i], 8); 316 1.3 christos memset(out, 0, 8); 317 1.3 christos memset(outin, 0, 8); 318 1.3 christos DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT); 319 1.3 christos DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT); 320 1.3 christos 321 1.3 christos if (!TEST_mem_eq(out, 8, cipher_data[i], 8)) { 322 1.3 christos TEST_info("Encryption error %2d k=%s p=%s", i + 1, 323 1.3 christos pt(key_data[i], b1), pt(in, b2)); 324 1.3 christos return 0; 325 1.3 christos } 326 1.3 christos if (!TEST_mem_eq(in, 8, outin, 8)) { 327 1.3 christos TEST_info("Decryption error %2d k=%s p=%s", i + 1, 328 1.3 christos pt(key_data[i], b1), pt(out, b2)); 329 1.3 christos return 0; 330 1.2 christos } 331 1.3 christos return 1; 332 1.3 christos } 333 1.3 christos 334 1.3 christos static int test_des_ede_ecb(int i) 335 1.3 christos { 336 1.3 christos DES_cblock in, out, outin; 337 1.3 christos DES_key_schedule ks, ks2, ks3; 338 1.3 christos char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; 339 1.2 christos 340 1.3 christos DES_set_key_unchecked(&key_data[i], &ks); 341 1.3 christos DES_set_key_unchecked(&key_data[i + 1], &ks2); 342 1.3 christos DES_set_key_unchecked(&key_data[i + 2], &ks3); 343 1.3 christos memcpy(in, plain_data[i], 8); 344 1.3 christos memset(out, 0, 8); 345 1.3 christos memset(outin, 0, 8); 346 1.3 christos DES_ecb3_encrypt(&in, &out, &ks, &ks2, &ks, DES_ENCRYPT); 347 1.3 christos DES_ecb3_encrypt(&out, &outin, &ks, &ks2, &ks, DES_DECRYPT); 348 1.3 christos 349 1.3 christos if (!TEST_mem_eq(out, 8, cipher_ecb2[i], 8)) { 350 1.3 christos TEST_info("Encryption error %2d k=%s p=%s", i + 1, 351 1.3 christos pt(key_data[i], b1), pt(in, b2)); 352 1.3 christos return 0; 353 1.3 christos } 354 1.3 christos if (!TEST_mem_eq(in, 8, outin, 8)) { 355 1.3 christos TEST_info("Decryption error %2d k=%s p=%s ", i + 1, 356 1.3 christos pt(key_data[i], b1), pt(out, b2)); 357 1.3 christos return 0; 358 1.2 christos } 359 1.3 christos return 1; 360 1.3 christos } 361 1.3 christos 362 1.3 christos static int test_des_cbc(void) 363 1.3 christos { 364 1.3 christos unsigned char cbc_in[40]; 365 1.3 christos unsigned char cbc_out[40]; 366 1.3 christos DES_cblock iv3; 367 1.3 christos DES_key_schedule ks; 368 1.3 christos const size_t cbc_data_len = strlen((char *)cbc_data); 369 1.3 christos 370 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 371 1.3 christos return 0; 372 1.3 christos memset(cbc_out, 0, sizeof(cbc_out)); 373 1.3 christos memset(cbc_in, 0, sizeof(cbc_in)); 374 1.2 christos memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 375 1.3 christos DES_ncbc_encrypt(cbc_data, cbc_out, cbc_data_len + 1, &ks, 376 1.2 christos &iv3, DES_ENCRYPT); 377 1.3 christos if (!TEST_mem_eq(cbc_out, 32, cbc_ok, 32)) 378 1.3 christos return 0; 379 1.2 christos 380 1.2 christos memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 381 1.3 christos DES_ncbc_encrypt(cbc_out, cbc_in, cbc_data_len + 1, &ks, 382 1.2 christos &iv3, DES_DECRYPT); 383 1.3 christos return TEST_mem_eq(cbc_in, cbc_data_len, cbc_data, cbc_data_len); 384 1.3 christos } 385 1.3 christos 386 1.3 christos static int test_des_ede_cbc(void) 387 1.3 christos { 388 1.3 christos DES_cblock iv3; 389 1.3 christos DES_key_schedule ks; 390 1.3 christos unsigned char cbc_in[40]; 391 1.3 christos unsigned char cbc_out[40]; 392 1.3 christos const size_t n = strlen((char *)cbc_data) + 1; 393 1.3 christos 394 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 395 1.3 christos return 0; 396 1.3 christos memset(cbc_out, 0, sizeof(cbc_out)); 397 1.3 christos memset(cbc_in, 0, sizeof(cbc_in)); 398 1.2 christos memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 399 1.3 christos DES_xcbc_encrypt(cbc_data, cbc_out, n, &ks, &iv3, &cbc2_key, &cbc3_key, 400 1.3 christos DES_ENCRYPT); 401 1.3 christos if (!TEST_mem_eq(cbc_out, sizeof(xcbc_ok), xcbc_ok, sizeof(xcbc_ok))) 402 1.3 christos return 0; 403 1.2 christos memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 404 1.3 christos DES_xcbc_encrypt(cbc_out, cbc_in, n, &ks, &iv3, &cbc2_key, &cbc3_key, 405 1.3 christos DES_DECRYPT); 406 1.3 christos return TEST_mem_eq(cbc_data, n, cbc_data, n); 407 1.3 christos } 408 1.3 christos 409 1.3 christos static int test_ede_cbc(void) 410 1.3 christos { 411 1.3 christos DES_cblock iv3; 412 1.3 christos DES_key_schedule ks, ks2, ks3; 413 1.3 christos unsigned char cbc_in[40]; 414 1.3 christos unsigned char cbc_out[40]; 415 1.3 christos const size_t i = strlen((char *)cbc_data) + 1; 416 1.3 christos const size_t n = (i + 7) / 8 * 8; 417 1.2 christos 418 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 419 1.3 christos return 0; 420 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc2_key, &ks2), 0)) 421 1.3 christos return 0; 422 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc3_key, &ks3), 0)) 423 1.3 christos return 0; 424 1.3 christos memset(cbc_out, 0, sizeof(cbc_out)); 425 1.3 christos memset(cbc_in, 0, sizeof(cbc_in)); 426 1.2 christos memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 427 1.2 christos 428 1.2 christos DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, 429 1.2 christos DES_ENCRYPT); 430 1.3 christos DES_ede3_cbc_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2, 431 1.2 christos &ks3, &iv3, DES_ENCRYPT); 432 1.3 christos if (!TEST_mem_eq(cbc_out, n, cbc3_ok, n)) 433 1.3 christos return 0; 434 1.2 christos 435 1.2 christos memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 436 1.3 christos DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, 437 1.3 christos DES_DECRYPT); 438 1.3 christos return TEST_mem_eq(cbc_in, i, cbc_data, i); 439 1.3 christos } 440 1.3 christos 441 1.3 christos static int test_input_align(int i) 442 1.3 christos { 443 1.3 christos unsigned char cbc_out[40]; 444 1.3 christos DES_cblock iv; 445 1.3 christos DES_key_schedule ks; 446 1.3 christos const size_t n = strlen(i + (char *)cbc_data) + 1; 447 1.3 christos 448 1.3 christos memset(cbc_out, 0, sizeof(cbc_out)); 449 1.3 christos memcpy(iv, cbc_iv, sizeof(cbc_iv)); 450 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 451 1.3 christos return 0; 452 1.3 christos DES_ncbc_encrypt(&cbc_data[i], cbc_out, n, &ks, &iv, DES_ENCRYPT); 453 1.3 christos return 1; 454 1.3 christos } 455 1.3 christos 456 1.3 christos static int test_output_align(int i) 457 1.3 christos { 458 1.3 christos unsigned char cbc_out[40]; 459 1.3 christos DES_cblock iv; 460 1.3 christos DES_key_schedule ks; 461 1.3 christos const size_t n = strlen((char *)cbc_data) + 1; 462 1.3 christos 463 1.3 christos memset(cbc_out, 0, sizeof(cbc_out)); 464 1.3 christos memcpy(iv, cbc_iv, sizeof(cbc_iv)); 465 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 466 1.3 christos return 0; 467 1.3 christos DES_ncbc_encrypt(cbc_data, &cbc_out[i], n, &ks, &iv, DES_ENCRYPT); 468 1.3 christos return 1; 469 1.3 christos } 470 1.3 christos 471 1.3 christos static int test_des_crypt(void) 472 1.3 christos { 473 1.3 christos if (!TEST_str_eq("efGnQx2725bI2", DES_crypt("testing", "ef"))) 474 1.3 christos return 0; 475 1.3 christos if (!TEST_str_eq("yA1Rp/1hZXIJk", DES_crypt("bca76;23", "yA"))) 476 1.3 christos return 0; 477 1.3 christos 478 1.3 christos if (!TEST_ptr_null(DES_crypt("testing", "y\202"))) 479 1.3 christos return 0; 480 1.3 christos if (!TEST_ptr_null(DES_crypt("testing", "\0A"))) 481 1.3 christos return 0; 482 1.3 christos if (!TEST_ptr_null(DES_crypt("testing", "A"))) 483 1.3 christos return 0; 484 1.3 christos return 1; 485 1.3 christos } 486 1.3 christos 487 1.3 christos static int test_des_pcbc(void) 488 1.3 christos { 489 1.3 christos unsigned char cbc_in[40]; 490 1.3 christos unsigned char cbc_out[40]; 491 1.3 christos DES_key_schedule ks; 492 1.3 christos const int n = strlen((char *)cbc_data) + 1; 493 1.3 christos 494 1.3 christos if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 495 1.3 christos return 0; 496 1.3 christos memset(cbc_out, 0, sizeof(cbc_out)); 497 1.3 christos memset(cbc_in, 0, sizeof(cbc_in)); 498 1.3 christos DES_pcbc_encrypt(cbc_data, cbc_out, n, &ks, 499 1.2 christos &cbc_iv, DES_ENCRYPT); 500 1.3 christos if (!TEST_mem_eq(cbc_out, sizeof(pcbc_ok), pcbc_ok, sizeof(pcbc_ok))) 501 1.3 christos return 0; 502 1.3 christos DES_pcbc_encrypt(cbc_out, cbc_in, n, &ks, 503 1.2 christos &cbc_iv, DES_DECRYPT); 504 1.3 christos return TEST_mem_eq(cbc_in, n, cbc_data, n); 505 1.3 christos } 506 1.3 christos 507 1.3 christos static int cfb_test(int bits, unsigned char *cfb_cipher) 508 1.3 christos { 509 1.3 christos DES_key_schedule ks; 510 1.3 christos 511 1.3 christos DES_set_key_checked(&cfb_key, &ks); 512 1.3 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 513 1.3 christos DES_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), &ks, &cfb_tmp, 514 1.3 christos DES_ENCRYPT); 515 1.3 christos if (!TEST_mem_eq(cfb_cipher, sizeof(plain), cfb_buf1, sizeof(plain))) 516 1.3 christos return 0; 517 1.3 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 518 1.3 christos DES_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), &ks, &cfb_tmp, 519 1.3 christos DES_DECRYPT); 520 1.3 christos return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); 521 1.3 christos } 522 1.3 christos 523 1.3 christos static int test_des_cfb8(void) 524 1.3 christos { 525 1.3 christos return cfb_test(8, cfb_cipher8); 526 1.3 christos } 527 1.3 christos 528 1.3 christos static int test_des_cfb16(void) 529 1.3 christos { 530 1.3 christos return cfb_test(16, cfb_cipher16); 531 1.3 christos } 532 1.3 christos 533 1.3 christos static int test_des_cfb32(void) 534 1.3 christos { 535 1.3 christos return cfb_test(32, cfb_cipher32); 536 1.3 christos } 537 1.3 christos 538 1.3 christos static int test_des_cfb48(void) 539 1.3 christos { 540 1.3 christos return cfb_test(48, cfb_cipher48); 541 1.3 christos } 542 1.2 christos 543 1.3 christos static int test_des_cfb64(void) 544 1.3 christos { 545 1.3 christos DES_key_schedule ks; 546 1.3 christos int n; 547 1.3 christos size_t i; 548 1.2 christos 549 1.3 christos if (!cfb_test(64, cfb_cipher64)) 550 1.3 christos return 0; 551 1.3 christos 552 1.3 christos DES_set_key_checked(&cfb_key, &ks); 553 1.3 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 554 1.3 christos n = 0; 555 1.3 christos DES_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &cfb_tmp, &n, DES_ENCRYPT); 556 1.3 christos DES_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, 557 1.3 christos &cfb_tmp, &n, DES_ENCRYPT); 558 1.3 christos if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) 559 1.3 christos return 0; 560 1.3 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 561 1.3 christos n = 0; 562 1.3 christos DES_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, &ks, &cfb_tmp, &n, DES_DECRYPT); 563 1.3 christos DES_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], 564 1.3 christos sizeof(plain) - 17, &ks, &cfb_tmp, &n, DES_DECRYPT); 565 1.3 christos if (!TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain))) 566 1.3 christos return 0; 567 1.2 christos 568 1.2 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 569 1.2 christos for (i = 0; i < sizeof(plain); i++) 570 1.3 christos DES_cfb_encrypt(&plain[i], &cfb_buf1[i], 8, 1, &ks, &cfb_tmp, 571 1.3 christos DES_ENCRYPT); 572 1.3 christos if (!TEST_mem_eq(cfb_cipher8, sizeof(plain), cfb_buf1, sizeof(plain))) 573 1.3 christos return 0; 574 1.2 christos 575 1.2 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 576 1.2 christos for (i = 0; i < sizeof(plain); i++) 577 1.3 christos DES_cfb_encrypt(&cfb_buf1[i], &cfb_buf2[i], 8, 1, &ks, &cfb_tmp, 578 1.3 christos DES_DECRYPT); 579 1.3 christos return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); 580 1.3 christos } 581 1.2 christos 582 1.3 christos static int test_des_ede_cfb64(void) 583 1.3 christos { 584 1.3 christos DES_key_schedule ks; 585 1.3 christos int n; 586 1.2 christos 587 1.3 christos DES_set_key_checked(&cfb_key, &ks); 588 1.3 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 589 1.3 christos n = 0; 590 1.3 christos DES_ede3_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &ks, &ks, &cfb_tmp, &n, 591 1.3 christos DES_ENCRYPT); 592 1.3 christos DES_ede3_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, 593 1.3 christos &ks, &ks, &cfb_tmp, &n, DES_ENCRYPT); 594 1.3 christos if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) 595 1.3 christos return 0; 596 1.3 christos memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 597 1.3 christos n = 0; 598 1.3 christos DES_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &ks, &ks, &ks, 599 1.3 christos &cfb_tmp, &n, DES_DECRYPT); 600 1.3 christos DES_ede3_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], sizeof(plain) - 17, 601 1.3 christos &ks, &ks, &ks, &cfb_tmp, &n, DES_DECRYPT); 602 1.3 christos return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); 603 1.3 christos } 604 1.3 christos 605 1.3 christos static int test_des_ofb(void) 606 1.3 christos { 607 1.3 christos DES_key_schedule ks; 608 1.2 christos 609 1.2 christos DES_set_key_checked(&ofb_key, &ks); 610 1.2 christos memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 611 1.2 christos DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp); 612 1.3 christos if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) 613 1.3 christos return 0; 614 1.3 christos 615 1.2 christos memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 616 1.2 christos DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks, 617 1.2 christos &ofb_tmp); 618 1.3 christos return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); 619 1.3 christos } 620 1.3 christos 621 1.3 christos static int test_des_ofb64(void) 622 1.3 christos { 623 1.3 christos DES_key_schedule ks; 624 1.3 christos int num; 625 1.3 christos size_t i; 626 1.2 christos 627 1.2 christos DES_set_key_checked(&ofb_key, &ks); 628 1.2 christos memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 629 1.2 christos memset(ofb_buf1, 0, sizeof(ofb_buf1)); 630 1.2 christos memset(ofb_buf2, 0, sizeof(ofb_buf1)); 631 1.2 christos num = 0; 632 1.2 christos for (i = 0; i < sizeof(plain); i++) { 633 1.3 christos DES_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ofb_tmp, &num); 634 1.2 christos } 635 1.3 christos if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) 636 1.3 christos return 0; 637 1.2 christos memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 638 1.2 christos num = 0; 639 1.2 christos DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp, 640 1.2 christos &num); 641 1.3 christos return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); 642 1.3 christos } 643 1.3 christos 644 1.3 christos static int test_des_ede_ofb64(void) 645 1.3 christos { 646 1.3 christos DES_key_schedule ks; 647 1.3 christos int num; 648 1.3 christos size_t i; 649 1.2 christos 650 1.2 christos DES_set_key_checked(&ofb_key, &ks); 651 1.2 christos memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 652 1.2 christos memset(ofb_buf1, 0, sizeof(ofb_buf1)); 653 1.2 christos memset(ofb_buf2, 0, sizeof(ofb_buf1)); 654 1.2 christos num = 0; 655 1.2 christos for (i = 0; i < sizeof(plain); i++) { 656 1.3 christos DES_ede3_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ks, 657 1.2 christos &ks, &ofb_tmp, &num); 658 1.2 christos } 659 1.3 christos if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) 660 1.3 christos return 0; 661 1.2 christos memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 662 1.2 christos num = 0; 663 1.2 christos DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks, 664 1.2 christos &ofb_tmp, &num); 665 1.3 christos return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); 666 1.2 christos } 667 1.2 christos 668 1.3 christos static int test_des_cbc_cksum(void) 669 1.2 christos { 670 1.3 christos DES_LONG cs; 671 1.2 christos DES_key_schedule ks; 672 1.3 christos unsigned char cret[8]; 673 1.2 christos 674 1.3 christos DES_set_key_checked(&cbc_key, &ks); 675 1.3 christos cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks, 676 1.3 christos &cbc_iv); 677 1.3 christos if (!TEST_cs_eq(cs, cbc_cksum_ret)) 678 1.3 christos return 0; 679 1.3 christos return TEST_mem_eq(cret, 8, cbc_cksum_data, 8); 680 1.2 christos } 681 1.2 christos 682 1.3 christos static int test_des_quad_cksum(void) 683 1.2 christos { 684 1.3 christos DES_LONG cs, lqret[4]; 685 1.2 christos 686 1.3 christos cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret, 687 1.3 christos (long)strlen((char *)cbc_data), 2, 688 1.3 christos (DES_cblock *)cbc_iv); 689 1.3 christos if (!TEST_cs_eq(cs, 0x70d7a63aL)) 690 1.3 christos return 0; 691 1.3 christos if (!TEST_cs_eq(lqret[0], 0x327eba8dL)) 692 1.3 christos return 0; 693 1.3 christos if (!TEST_cs_eq(lqret[1], 0x201a49ccL)) 694 1.3 christos return 0; 695 1.3 christos if (!TEST_cs_eq(lqret[2], 0x70d7a63aL)) 696 1.3 christos return 0; 697 1.3 christos if (!TEST_cs_eq(lqret[3], 0x501c2c26L)) 698 1.3 christos return 0; 699 1.3 christos return 1; 700 1.2 christos } 701 1.4 christos 702 1.4 christos /* 703 1.4 christos * Test TDES based key wrapping. 704 1.4 christos * The wrapping process uses a randomly generated IV so it is difficult to 705 1.4 christos * undertake KATs. End to end testing is performed instead. 706 1.4 christos */ 707 1.4 christos static const int test_des_key_wrap_sizes[] = { 708 1.4 christos 8, 16, 24, 32, 64, 80 709 1.4 christos }; 710 1.4 christos 711 1.4 christos static int test_des_key_wrap(int idx) 712 1.4 christos { 713 1.4 christos int in_bytes = test_des_key_wrap_sizes[idx]; 714 1.4 christos unsigned char in[100], c_txt[200], p_txt[200], key[24]; 715 1.4 christos int clen, clen_upd, clen_fin, plen, plen_upd, plen_fin, expect, bs, i; 716 1.4 christos EVP_CIPHER *cipher = NULL; 717 1.4 christos EVP_CIPHER_CTX *ctx = NULL; 718 1.4 christos int res = 0; 719 1.4 christos 720 1.4 christos /* Some sanity checks and cipher loading */ 721 1.4 christos if (!TEST_size_t_le(in_bytes, sizeof(in)) 722 1.4 christos || !TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, "DES3-WRAP", NULL)) 723 1.4 christos || !TEST_int_eq(bs = EVP_CIPHER_get_block_size(cipher), 8) 724 1.4 christos || !TEST_size_t_eq(bs * 3u, sizeof(key)) 725 1.4 christos || !TEST_true(in_bytes % bs == 0) 726 1.4 christos || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())) 727 1.4 christos goto err; 728 1.4 christos 729 1.4 christos /* Create random data to end to end test */ 730 1.4 christos for (i = 0; i < in_bytes; i++) 731 1.4 christos in[i] = test_random(); 732 1.4 christos 733 1.4 christos /* Build the key */ 734 1.4 christos memcpy(key, cbc_key, sizeof(cbc_key)); 735 1.4 christos memcpy(key + sizeof(cbc_key), cbc2_key, sizeof(cbc2_key)); 736 1.4 christos memcpy(key + sizeof(cbc_key) + sizeof(cbc3_key), cbc_key, sizeof(cbc3_key)); 737 1.4 christos 738 1.4 christos /* Wrap / encrypt the key */ 739 1.4 christos clen_upd = sizeof(c_txt); 740 1.4 christos if (!TEST_true(EVP_EncryptInit(ctx, cipher, key, NULL)) 741 1.4 christos || !TEST_true(EVP_EncryptUpdate(ctx, c_txt, &clen_upd, 742 1.4 christos in, in_bytes))) 743 1.4 christos goto err; 744 1.4 christos 745 1.4 christos expect = (in_bytes + (bs - 1)) / bs * bs + 2 * bs; 746 1.4 christos if (!TEST_int_eq(clen_upd, expect)) 747 1.4 christos goto err; 748 1.4 christos 749 1.4 christos clen_fin = sizeof(c_txt) - clen_upd; 750 1.4 christos if (!TEST_true(EVP_EncryptFinal(ctx, c_txt + clen_upd, &clen_fin)) 751 1.4 christos || !TEST_int_eq(clen_fin, 0)) 752 1.4 christos goto err; 753 1.4 christos clen = clen_upd + clen_fin; 754 1.4 christos 755 1.4 christos /* Decrypt the wrapped key */ 756 1.4 christos plen_upd = sizeof(p_txt); 757 1.4 christos if (!TEST_true(EVP_DecryptInit(ctx, cipher, key, NULL)) 758 1.4 christos || !TEST_true(EVP_DecryptUpdate(ctx, p_txt, &plen_upd, 759 1.4 christos c_txt, clen))) 760 1.4 christos goto err; 761 1.4 christos plen_fin = sizeof(p_txt) - plen_upd; 762 1.4 christos if (!TEST_true(EVP_DecryptFinal(ctx, p_txt + plen_upd, &plen_fin))) 763 1.4 christos goto err; 764 1.4 christos plen = plen_upd + plen_fin; 765 1.4 christos 766 1.4 christos if (!TEST_mem_eq(in, in_bytes, p_txt, plen)) 767 1.4 christos goto err; 768 1.4 christos res = 1; 769 1.4 christos err: 770 1.4 christos EVP_CIPHER_free(cipher); 771 1.4 christos EVP_CIPHER_CTX_free(ctx); 772 1.4 christos return res; 773 1.4 christos } 774 1.4 christos 775 1.4 christos /*- 776 1.4 christos * Weak and semi weak keys as taken from 777 1.4 christos * %A D.W. Davies 778 1.4 christos * %A W.L. Price 779 1.4 christos * %T Security for Computer Networks 780 1.4 christos * %I John Wiley & Sons 781 1.4 christos * %D 1984 782 1.4 christos */ 783 1.4 christos static struct { 784 1.4 christos const DES_cblock key; 785 1.4 christos int expect; 786 1.4 christos } weak_keys[] = { 787 1.4 christos /* weak keys */ 788 1.4 christos {{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, 1 }, 789 1.4 christos {{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}, 1 }, 790 1.4 christos {{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, 1 }, 791 1.4 christos {{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1}, 1 }, 792 1.4 christos /* semi-weak keys */ 793 1.4 christos {{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE}, 1 }, 794 1.4 christos {{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01}, 1 }, 795 1.4 christos {{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1}, 1 }, 796 1.4 christos {{0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E}, 1 }, 797 1.4 christos {{0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1}, 1 }, 798 1.4 christos {{0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01}, 1 }, 799 1.4 christos {{0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE}, 1 }, 800 1.4 christos {{0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E}, 1 }, 801 1.4 christos {{0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E}, 1 }, 802 1.4 christos {{0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01}, 1 }, 803 1.4 christos {{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, 1 }, 804 1.4 christos {{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}, 1 }, 805 1.4 christos /* good key */ 806 1.4 christos {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 } 807 1.4 christos }; 808 1.4 christos 809 1.4 christos static int test_des_weak_keys(int n) 810 1.4 christos { 811 1.4 christos const_DES_cblock *key = (unsigned char (*)[8])(intptr_t)weak_keys[n].key; 812 1.4 christos 813 1.4 christos return TEST_int_eq(DES_is_weak_key(key), weak_keys[n].expect); 814 1.4 christos } 815 1.4 christos 816 1.4 christos static struct { 817 1.4 christos const DES_cblock key; 818 1.4 christos int expect; 819 1.4 christos } bad_parity_keys[] = { 820 1.4 christos {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 0 }, 821 1.4 christos {{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 0 }, 822 1.4 christos /* Perturb each byte in turn to create even parity */ 823 1.4 christos {{0x48, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 824 1.4 christos {{0x49, 0xE8, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 825 1.4 christos {{0x49, 0xE9, 0x5C, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 826 1.4 christos {{0x49, 0xE9, 0x5D, 0x7D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 827 1.4 christos {{0x49, 0xE9, 0x5D, 0x6D, 0x5C, 0xA2, 0x29, 0xBF}, 0 }, 828 1.4 christos {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA3, 0x29, 0xBF}, 0 }, 829 1.4 christos {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x39, 0xBF}, 0 }, 830 1.4 christos {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBE}, 0 }, 831 1.4 christos /* Odd parity version of above */ 832 1.4 christos {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 1 } 833 1.4 christos }; 834 1.4 christos 835 1.4 christos static int test_des_check_bad_parity(int n) 836 1.4 christos { 837 1.4 christos const_DES_cblock *key = (unsigned char (*)[8])(intptr_t)bad_parity_keys[n].key; 838 1.4 christos 839 1.4 christos return TEST_int_eq(DES_check_key_parity(key), bad_parity_keys[n].expect); 840 1.4 christos } 841 1.5 christos 842 1.5 christos /* Test that two key 3DES can generate a random key without error */ 843 1.5 christos static int test_des_two_key(void) 844 1.5 christos { 845 1.5 christos int res = 0; 846 1.5 christos EVP_CIPHER *cipher = NULL; 847 1.5 christos EVP_CIPHER_CTX *ctx = NULL; 848 1.5 christos unsigned char key[16]; 849 1.5 christos 850 1.5 christos if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, "DES-EDE-ECB", NULL)) 851 1.5 christos || !TEST_ptr(ctx = EVP_CIPHER_CTX_new()) 852 1.5 christos || !EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) 853 1.5 christos || !EVP_CIPHER_CTX_set_key_length(ctx, sizeof(key)) 854 1.5 christos || !EVP_CIPHER_CTX_rand_key(ctx, key)) 855 1.5 christos goto err; 856 1.5 christos 857 1.5 christos res = 1; 858 1.5 christos err: 859 1.5 christos EVP_CIPHER_free(cipher); 860 1.5 christos EVP_CIPHER_CTX_free(ctx); 861 1.5 christos return res; 862 1.5 christos } 863 1.5 christos 864 1.3 christos #endif 865 1.2 christos 866 1.3 christos int setup_tests(void) 867 1.2 christos { 868 1.3 christos #ifndef OPENSSL_NO_DES 869 1.3 christos ADD_ALL_TESTS(test_des_ecb, NUM_TESTS); 870 1.3 christos ADD_TEST(test_des_cbc); 871 1.3 christos ADD_TEST(test_ede_cbc); 872 1.3 christos ADD_ALL_TESTS(test_des_ede_ecb, NUM_TESTS - 2); 873 1.3 christos ADD_TEST(test_des_ede_cbc); 874 1.3 christos ADD_TEST(test_des_pcbc); 875 1.3 christos ADD_TEST(test_des_cfb8); 876 1.3 christos ADD_TEST(test_des_cfb16); 877 1.3 christos ADD_TEST(test_des_cfb32); 878 1.3 christos ADD_TEST(test_des_cfb48); 879 1.3 christos ADD_TEST(test_des_cfb64); 880 1.3 christos ADD_TEST(test_des_ede_cfb64); 881 1.3 christos ADD_TEST(test_des_ofb); 882 1.3 christos ADD_TEST(test_des_ofb64); 883 1.3 christos ADD_TEST(test_des_ede_ofb64); 884 1.3 christos ADD_TEST(test_des_cbc_cksum); 885 1.3 christos ADD_TEST(test_des_quad_cksum); 886 1.3 christos ADD_TEST(test_des_crypt); 887 1.3 christos ADD_ALL_TESTS(test_input_align, 4); 888 1.3 christos ADD_ALL_TESTS(test_output_align, 4); 889 1.4 christos ADD_ALL_TESTS(test_des_key_wrap, OSSL_NELEM(test_des_key_wrap_sizes)); 890 1.4 christos ADD_ALL_TESTS(test_des_weak_keys, OSSL_NELEM(weak_keys)); 891 1.4 christos ADD_ALL_TESTS(test_des_check_bad_parity, OSSL_NELEM(bad_parity_keys)); 892 1.5 christos ADD_TEST(test_des_two_key); 893 1.3 christos #endif 894 1.3 christos return 1; 895 1.2 christos } 896
Indexes created Mon Mar 02 05:31:46 UTC 2026