1
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
3
* LibTomCrypt is a library that provides various cryptographic
4
* algorithms in a highly modular and flexible manner.
6
* The library is free for all purposes without any express
9
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
14
GCM implementation, testing, by Tom St Denis
22
@return CRYPT_OK on success
45
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
46
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
58
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
59
0x00, 0x00, 0x00, 0x00 },
66
{ 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
67
0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }
73
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
74
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
78
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
79
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
87
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
88
0x00, 0x00, 0x00, 0x00 },
92
{ 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
93
0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 },
96
{ 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
97
0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf }
103
{ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
104
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
108
{ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
109
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
110
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
111
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
112
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
113
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
114
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
115
0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55, },
123
{ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
124
0xde, 0xca, 0xf8, 0x88, },
128
{ 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
129
0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
130
0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
131
0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
132
0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
133
0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
134
0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
135
0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85, },
138
{ 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
139
0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4, }
145
{ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
146
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
150
{ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
151
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
152
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
153
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
154
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
155
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
156
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
157
0xba, 0x63, 0x7b, 0x39, },
161
{ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
162
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
163
0xab, 0xad, 0xda, 0xd2, },
167
{ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
168
0xde, 0xca, 0xf8, 0x88, },
172
{ 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
173
0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
174
0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
175
0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
176
0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
177
0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
178
0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
179
0x3d, 0x58, 0xe0, 0x91, },
182
{ 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
183
0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47, }
190
{ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
191
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
195
{ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
196
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
197
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
198
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
199
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
200
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
201
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
202
0xba, 0x63, 0x7b, 0x39, },
206
{ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
207
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
208
0xab, 0xad, 0xda, 0xd2, },
212
{ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, },
216
{ 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
217
0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
218
0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
219
0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
220
0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
221
0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
222
0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
223
0xc2, 0x3f, 0x45, 0x98, },
226
{ 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
227
0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb, }
233
{ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
234
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
238
{ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
239
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
240
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
241
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
242
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
243
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
244
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
245
0xba, 0x63, 0x7b, 0x39, },
249
{ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
250
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
251
0xab, 0xad, 0xda, 0xd2, },
255
{ 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
256
0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
257
0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
258
0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
259
0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
260
0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
261
0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
262
0xa6, 0x37, 0xb3, 0x9b, },
266
{ 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
267
0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
268
0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
269
0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
270
0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
271
0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
272
0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
273
0x4c, 0x34, 0xae, 0xe5, },
276
{ 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
277
0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50, }
280
/* rest of test cases are the same except AES key size changes... ignored... */
284
unsigned char out[2][64], T[2][16];
287
idx = find_cipher("aes");
289
idx = find_cipher("rijndael");
295
for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
297
if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen,
298
tests[x].IV, tests[x].IVlen,
299
tests[x].A, tests[x].alen,
300
(unsigned char*)tests[x].P, tests[x].ptlen,
301
out[0], T[0], &y, GCM_ENCRYPT)) != CRYPT_OK) {
305
if (memcmp(out[0], tests[x].C, tests[x].ptlen)) {
307
printf("\nCiphertext wrong %lu\n", x);
308
for (y = 0; y < tests[x].ptlen; y++) {
309
printf("%02x", out[0][y] & 255);
313
return CRYPT_FAIL_TESTVECTOR;
316
if (memcmp(T[0], tests[x].T, 16)) {
318
printf("\nTag on plaintext wrong %lu\n", x);
319
for (y = 0; y < 16; y++) {
320
printf("%02x", T[0][y] & 255);
324
return CRYPT_FAIL_TESTVECTOR;
328
if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen,
329
tests[x].IV, tests[x].IVlen,
330
tests[x].A, tests[x].alen,
331
out[1], tests[x].ptlen,
332
out[0], T[1], &y, GCM_DECRYPT)) != CRYPT_OK) {
336
if (memcmp(out[1], tests[x].P, tests[x].ptlen)) {
338
printf("\nplaintext wrong %lu\n", x);
339
for (y = 0; y < tests[x].ptlen; y++) {
340
printf("%02x", out[0][y] & 255);
344
return CRYPT_FAIL_TESTVECTOR;
347
if (memcmp(T[1], tests[x].T, 16)) {
349
printf("\nTag on ciphertext wrong %lu\n", x);
350
for (y = 0; y < 16; y++) {
351
printf("%02x", T[1][y] & 255);
355
return CRYPT_FAIL_TESTVECTOR;
366
/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_test.c,v $ */
367
/* $Revision: 1.15 $ */
368
/* $Date: 2005/05/05 14:35:58 $ */