summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2018-06-05 15:51:21 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2018-06-05 15:51:21 -0700
commit3e1a29b3bf66c2850ea8eba78c59c234921c0b69 (patch)
tree641a5428e3a1ef205fafede3d6a03dae85d30e92
parentfd59ccc53062964007beda8787ffd9cd93968d63 (diff)
parentb268b3506d9910ca8238e92cb1dc51340574b2f2 (diff)
downloadlinux-3e1a29b3bf66c2850ea8eba78c59c234921c0b69.tar.bz2
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu: "API: - Decryption test vectors are now automatically generated from encryption test vectors. Algorithms: - Fix unaligned access issues in crc32/crc32c. - Add zstd compression algorithm. - Add AEGIS. - Add MORUS. Drivers: - Add accelerated AEGIS/MORUS on x86. - Add accelerated SM4 on arm64. - Removed x86 assembly salsa implementation as it is slower than C. - Add authenc(hmac(sha*), cbc(aes)) support in inside-secure. - Add ctr(aes) support in crypto4xx. - Add hardware key support in ccree. - Add support for new Centaur CPU in via-rng" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (112 commits) crypto: chtls - free beyond end rspq_skb_cache crypto: chtls - kbuild warnings crypto: chtls - dereference null variable crypto: chtls - wait for memory sendmsg, sendpage crypto: chtls - key len correction crypto: salsa20 - Revert "crypto: salsa20 - export generic helpers" crypto: x86/salsa20 - remove x86 salsa20 implementations crypto: ccp - Add GET_ID SEV command crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command crypto: qat - Add MODULE_FIRMWARE for all qat drivers crypto: ccree - silence debug prints crypto: ccree - better clock handling crypto: ccree - correct host regs offset crypto: chelsio - Remove separate buffer used for DMA map B0 block in CCM crypt: chelsio - Send IV as Immediate for cipher algo crypto: chelsio - Return -ENOSPC for transient busy indication. crypto: caam/qi - fix warning in init_cgr() crypto: caam - fix rfc4543 descriptors crypto: caam - fix MC firmware detection crypto: clarify licensing of OpenSSL asm code ...
-rw-r--r--arch/arm/crypto/sha1-armv4-large.S10
-rw-r--r--arch/arm/crypto/sha256-armv4.pl11
-rw-r--r--arch/arm/crypto/sha256-core.S_shipped11
-rw-r--r--arch/arm/crypto/sha512-armv4.pl11
-rw-r--r--arch/arm/crypto/sha512-core.S_shipped11
-rw-r--r--arch/arm64/crypto/Kconfig6
-rw-r--r--arch/arm64/crypto/Makefile3
-rw-r--r--arch/arm64/crypto/aes-ce-ccm-core.S150
-rw-r--r--arch/arm64/crypto/aes-ce.S15
-rw-r--r--arch/arm64/crypto/aes-modes.S331
-rw-r--r--arch/arm64/crypto/aes-neonbs-core.S305
-rw-r--r--arch/arm64/crypto/crc32-ce-core.S40
-rw-r--r--arch/arm64/crypto/crct10dif-ce-core.S32
-rw-r--r--arch/arm64/crypto/ghash-ce-core.S113
-rw-r--r--arch/arm64/crypto/ghash-ce-glue.c28
-rw-r--r--arch/arm64/crypto/sha1-ce-core.S42
-rw-r--r--arch/arm64/crypto/sha2-ce-core.S37
-rw-r--r--arch/arm64/crypto/sha256-core.S_shipped12
-rw-r--r--arch/arm64/crypto/sha3-ce-core.S77
-rw-r--r--arch/arm64/crypto/sha512-armv8.pl12
-rw-r--r--arch/arm64/crypto/sha512-ce-core.S27
-rw-r--r--arch/arm64/crypto/sha512-core.S_shipped12
-rw-r--r--arch/arm64/crypto/sm4-ce-core.S36
-rw-r--r--arch/arm64/crypto/sm4-ce-glue.c73
-rw-r--r--arch/x86/crypto/Makefile25
-rw-r--r--arch/x86/crypto/aegis128-aesni-asm.S749
-rw-r--r--arch/x86/crypto/aegis128-aesni-glue.c407
-rw-r--r--arch/x86/crypto/aegis128l-aesni-asm.S825
-rw-r--r--arch/x86/crypto/aegis128l-aesni-glue.c407
-rw-r--r--arch/x86/crypto/aegis256-aesni-asm.S702
-rw-r--r--arch/x86/crypto/aegis256-aesni-glue.c407
-rw-r--r--arch/x86/crypto/ghash-clmulni-intel_glue.c2
-rw-r--r--arch/x86/crypto/morus1280-avx2-asm.S621
-rw-r--r--arch/x86/crypto/morus1280-avx2-glue.c68
-rw-r--r--arch/x86/crypto/morus1280-sse2-asm.S895
-rw-r--r--arch/x86/crypto/morus1280-sse2-glue.c68
-rw-r--r--arch/x86/crypto/morus1280_glue.c302
-rw-r--r--arch/x86/crypto/morus640-sse2-asm.S614
-rw-r--r--arch/x86/crypto/morus640-sse2-glue.c68
-rw-r--r--arch/x86/crypto/morus640_glue.c298
-rw-r--r--arch/x86/crypto/salsa20-i586-asm_32.S938
-rw-r--r--arch/x86/crypto/salsa20-x86_64-asm_64.S805
-rw-r--r--arch/x86/crypto/salsa20_glue.c91
-rw-r--r--crypto/Kconfig138
-rw-r--r--crypto/Makefile6
-rw-r--r--crypto/aegis.h80
-rw-r--r--crypto/aegis128.c463
-rw-r--r--crypto/aegis128l.c527
-rw-r--r--crypto/aegis256.c478
-rw-r--r--crypto/algapi.c10
-rw-r--r--crypto/authenc.c1
-rw-r--r--crypto/authencesn.c1
-rw-r--r--crypto/cfb.c7
-rw-r--r--crypto/cipher.c3
-rw-r--r--crypto/crc32_generic.c15
-rw-r--r--crypto/crc32c_generic.c8
-rw-r--r--crypto/ctr.c4
-rw-r--r--crypto/cts.c5
-rw-r--r--crypto/ecc.c66
-rw-r--r--crypto/ecc.h4
-rw-r--r--crypto/ecdh.c4
-rw-r--r--crypto/morus1280.c549
-rw-r--r--crypto/morus640.c544
-rw-r--r--crypto/pcbc.c5
-rw-r--r--crypto/rsa.c1
-rw-r--r--crypto/salsa20_generic.c20
-rw-r--r--crypto/sm4_generic.c10
-rw-r--r--crypto/tcrypt.c122
-rw-r--r--crypto/testmgr.c613
-rw-r--r--crypto/testmgr.h18635
-rw-r--r--crypto/zstd.c265
-rw-r--r--drivers/char/hw_random/Kconfig1
-rw-r--r--drivers/char/hw_random/n2-drv.c2
-rw-r--r--drivers/char/hw_random/stm32-rng.c9
-rw-r--r--drivers/char/hw_random/via-rng.c2
-rw-r--r--drivers/crypto/Kconfig16
-rw-r--r--drivers/crypto/amcc/crypto4xx_alg.c231
-rw-r--r--drivers/crypto/amcc/crypto4xx_core.c317
-rw-r--r--drivers/crypto/amcc/crypto4xx_core.h35
-rw-r--r--drivers/crypto/caam/caamalg.c231
-rw-r--r--drivers/crypto/caam/caamalg_desc.c4
-rw-r--r--drivers/crypto/caam/caamalg_qi.c227
-rw-r--r--drivers/crypto/caam/caampkc.c71
-rw-r--r--drivers/crypto/caam/caampkc.h8
-rw-r--r--drivers/crypto/caam/ctrl.c78
-rw-r--r--drivers/crypto/caam/ctrl.h2
-rw-r--r--drivers/crypto/caam/intern.h1
-rw-r--r--drivers/crypto/caam/qi.c5
-rw-r--r--drivers/crypto/caam/regs.h6
-rw-r--r--drivers/crypto/cavium/zip/common.h21
-rw-r--r--drivers/crypto/cavium/zip/zip_crypto.c22
-rw-r--r--drivers/crypto/cavium/zip/zip_deflate.c4
-rw-r--r--drivers/crypto/cavium/zip/zip_device.c4
-rw-r--r--drivers/crypto/cavium/zip/zip_inflate.c4
-rw-r--r--drivers/crypto/cavium/zip/zip_main.c24
-rw-r--r--drivers/crypto/cavium/zip/zip_main.h1
-rw-r--r--drivers/crypto/cavium/zip/zip_regs.h42
-rw-r--r--drivers/crypto/ccp/psp-dev.c143
-rw-r--r--drivers/crypto/ccp/psp-dev.h4
-rw-r--r--drivers/crypto/ccree/cc_cipher.c350
-rw-r--r--drivers/crypto/ccree/cc_cipher.h30
-rw-r--r--drivers/crypto/ccree/cc_debugfs.c7
-rw-r--r--drivers/crypto/ccree/cc_driver.c36
-rw-r--r--drivers/crypto/ccree/cc_driver.h2
-rw-r--r--drivers/crypto/ccree/cc_host_regs.h6
-rw-r--r--drivers/crypto/chelsio/chcr_algo.c303
-rw-r--r--drivers/crypto/chelsio/chcr_algo.h3
-rw-r--r--drivers/crypto/chelsio/chcr_core.h2
-rw-r--r--drivers/crypto/chelsio/chcr_crypto.h15
-rw-r--r--drivers/crypto/chelsio/chcr_ipsec.c35
-rw-r--r--drivers/crypto/chelsio/chtls/chtls.h11
-rw-r--r--drivers/crypto/chelsio/chtls/chtls_cm.c28
-rw-r--r--drivers/crypto/chelsio/chtls/chtls_hw.c6
-rw-r--r--drivers/crypto/chelsio/chtls/chtls_io.c158
-rw-r--r--drivers/crypto/chelsio/chtls/chtls_main.c16
-rw-r--r--drivers/crypto/exynos-rng.c6
-rw-r--r--drivers/crypto/inside-secure/safexcel.c32
-rw-r--r--drivers/crypto/inside-secure/safexcel.h44
-rw-r--r--drivers/crypto/inside-secure/safexcel_cipher.c642
-rw-r--r--drivers/crypto/inside-secure/safexcel_hash.c23
-rw-r--r--drivers/crypto/nx/nx-842-powernv.c2
-rw-r--r--drivers/crypto/omap-sham.c2
-rw-r--r--drivers/crypto/picoxcell_crypto.c6
-rw-r--r--drivers/crypto/qat/qat_c3xxx/adf_drv.c2
-rw-r--r--drivers/crypto/qat/qat_c62x/adf_drv.c2
-rw-r--r--drivers/crypto/qat/qat_dh895xcc/adf_drv.c1
-rw-r--r--drivers/crypto/vmx/aes.c2
-rw-r--r--drivers/crypto/vmx/aes_cbc.c3
-rw-r--r--drivers/crypto/vmx/aes_ctr.c2
-rw-r--r--drivers/crypto/vmx/aes_xts.c2
-rw-r--r--drivers/crypto/vmx/aesp8-ppc.pl49
-rw-r--r--drivers/crypto/vmx/ghash.c2
-rw-r--r--drivers/crypto/vmx/ghashp8-ppc.pl9
-rw-r--r--include/crypto/algapi.h8
-rw-r--r--include/crypto/morus1280_glue.h137
-rw-r--r--include/crypto/morus640_glue.h137
-rw-r--r--include/crypto/morus_common.h23
-rw-r--r--include/crypto/salsa20.h27
-rw-r--r--include/crypto/sm4.h3
-rw-r--r--include/linux/psp-sev.h23
-rw-r--r--include/uapi/linux/psp-sev.h12
141 files changed, 20656 insertions, 15349 deletions
diff --git a/arch/arm/crypto/sha1-armv4-large.S b/arch/arm/crypto/sha1-armv4-large.S
index 99207c45ec10..f82cd8cf5a09 100644
--- a/arch/arm/crypto/sha1-armv4-large.S
+++ b/arch/arm/crypto/sha1-armv4-large.S
@@ -1,4 +1,14 @@
#define __ARM_ARCH__ __LINUX_ARM_ARCH__
+@ SPDX-License-Identifier: GPL-2.0
+
+@ This code is taken from the OpenSSL project but the author (Andy Polyakov)
+@ has relicensed it under the GPLv2. Therefore this program is free software;
+@ you can redistribute it and/or modify it under the terms of the GNU General
+@ Public License version 2 as published by the Free Software Foundation.
+@
+@ The original headers, including the original license headers, are
+@ included below for completeness.
+
@ ====================================================================
@ Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@ project. The module is, however, dual licensed under OpenSSL and
diff --git a/arch/arm/crypto/sha256-armv4.pl b/arch/arm/crypto/sha256-armv4.pl
index fac0533ea633..b9ec44060ed3 100644
--- a/arch/arm/crypto/sha256-armv4.pl
+++ b/arch/arm/crypto/sha256-armv4.pl
@@ -1,12 +1,19 @@
#!/usr/bin/env perl
+# SPDX-License-Identifier: GPL-2.0
+
+# This code is taken from the OpenSSL project but the author (Andy Polyakov)
+# has relicensed it under the GPLv2. Therefore this program is free software;
+# you can redistribute it and/or modify it under the terms of the GNU General
+# Public License version 2 as published by the Free Software Foundation.
+#
+# The original headers, including the original license headers, are
+# included below for completeness.
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and
# CRYPTOGAMS licenses depending on where you obtain it. For further
# details see http://www.openssl.org/~appro/cryptogams/.
-#
-# Permission to use under GPL terms is granted.
# ====================================================================
# SHA256 block procedure for ARMv4. May 2007.
diff --git a/arch/arm/crypto/sha256-core.S_shipped b/arch/arm/crypto/sha256-core.S_shipped
index 555a1a8eec90..3b58300d611c 100644
--- a/arch/arm/crypto/sha256-core.S_shipped
+++ b/arch/arm/crypto/sha256-core.S_shipped
@@ -1,11 +1,18 @@
+@ SPDX-License-Identifier: GPL-2.0
+
+@ This code is taken from the OpenSSL project but the author (Andy Polyakov)
+@ has relicensed it under the GPLv2. Therefore this program is free software;
+@ you can redistribute it and/or modify it under the terms of the GNU General
+@ Public License version 2 as published by the Free Software Foundation.
+@
+@ The original headers, including the original license headers, are
+@ included below for completeness.
@ ====================================================================
@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@ project. The module is, however, dual licensed under OpenSSL and
@ CRYPTOGAMS licenses depending on where you obtain it. For further
@ details see http://www.openssl.org/~appro/cryptogams/.
-@
-@ Permission to use under GPL terms is granted.
@ ====================================================================
@ SHA256 block procedure for ARMv4. May 2007.
diff --git a/arch/arm/crypto/sha512-armv4.pl b/arch/arm/crypto/sha512-armv4.pl
index a2b11a844357..fb5d15048c0b 100644
--- a/arch/arm/crypto/sha512-armv4.pl
+++ b/arch/arm/crypto/sha512-armv4.pl
@@ -1,12 +1,19 @@
#!/usr/bin/env perl
+# SPDX-License-Identifier: GPL-2.0
+
+# This code is taken from the OpenSSL project but the author (Andy Polyakov)
+# has relicensed it under the GPLv2. Therefore this program is free software;
+# you can redistribute it and/or modify it under the terms of the GNU General
+# Public License version 2 as published by the Free Software Foundation.
+#
+# The original headers, including the original license headers, are
+# included below for completeness.
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and
# CRYPTOGAMS licenses depending on where you obtain it. For further
# details see http://www.openssl.org/~appro/cryptogams/.
-#
-# Permission to use under GPL terms is granted.
# ====================================================================
# SHA512 block procedure for ARMv4. September 2007.
diff --git a/arch/arm/crypto/sha512-core.S_shipped b/arch/arm/crypto/sha512-core.S_shipped
index 3694c4d4ca2b..b1c334a49cda 100644
--- a/arch/arm/crypto/sha512-core.S_shipped
+++ b/arch/arm/crypto/sha512-core.S_shipped
@@ -1,11 +1,18 @@
+@ SPDX-License-Identifier: GPL-2.0
+
+@ This code is taken from the OpenSSL project but the author (Andy Polyakov)
+@ has relicensed it under the GPLv2. Therefore this program is free software;
+@ you can redistribute it and/or modify it under the terms of the GNU General
+@ Public License version 2 as published by the Free Software Foundation.
+@
+@ The original headers, including the original license headers, are
+@ included below for completeness.
@ ====================================================================
@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@ project. The module is, however, dual licensed under OpenSSL and
@ CRYPTOGAMS licenses depending on where you obtain it. For further
@ details see http://www.openssl.org/~appro/cryptogams/.
-@
-@ Permission to use under GPL terms is granted.
@ ====================================================================
@ SHA512 block procedure for ARMv4. September 2007.
diff --git a/arch/arm64/crypto/Kconfig b/arch/arm64/crypto/Kconfig
index cb5a243110c4..e3fdb0fd6f70 100644
--- a/arch/arm64/crypto/Kconfig
+++ b/arch/arm64/crypto/Kconfig
@@ -47,6 +47,12 @@ config CRYPTO_SM3_ARM64_CE
select CRYPTO_HASH
select CRYPTO_SM3
+config CRYPTO_SM4_ARM64_CE
+ tristate "SM4 symmetric cipher (ARMv8.2 Crypto Extensions)"
+ depends on KERNEL_MODE_NEON
+ select CRYPTO_ALGAPI
+ select CRYPTO_SM4
+
config CRYPTO_GHASH_ARM64_CE
tristate "GHASH/AES-GCM using ARMv8 Crypto Extensions"
depends on KERNEL_MODE_NEON
diff --git a/arch/arm64/crypto/Makefile b/arch/arm64/crypto/Makefile
index f35ac684b1c0..bcafd016618e 100644
--- a/arch/arm64/crypto/Makefile
+++ b/arch/arm64/crypto/Makefile
@@ -23,6 +23,9 @@ sha3-ce-y := sha3-ce-glue.o sha3-ce-core.o
obj-$(CONFIG_CRYPTO_SM3_ARM64_CE) += sm3-ce.o
sm3-ce-y := sm3-ce-glue.o sm3-ce-core.o
+obj-$(CONFIG_CRYPTO_SM4_ARM64_CE) += sm4-ce.o
+sm4-ce-y := sm4-ce-glue.o sm4-ce-core.o
+
obj-$(CONFIG_CRYPTO_GHASH_ARM64_CE) += ghash-ce.o
ghash-ce-y := ghash-ce-glue.o ghash-ce-core.o
diff --git a/arch/arm64/crypto/aes-ce-ccm-core.S b/arch/arm64/crypto/aes-ce-ccm-core.S
index e3a375c4cb83..88f5aef7934c 100644
--- a/arch/arm64/crypto/aes-ce-ccm-core.S
+++ b/arch/arm64/crypto/aes-ce-ccm-core.S
@@ -19,24 +19,33 @@
* u32 *macp, u8 const rk[], u32 rounds);
*/
ENTRY(ce_aes_ccm_auth_data)
- ldr w8, [x3] /* leftover from prev round? */
+ frame_push 7
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
+
+ ldr w25, [x22] /* leftover from prev round? */
ld1 {v0.16b}, [x0] /* load mac */
- cbz w8, 1f
- sub w8, w8, #16
+ cbz w25, 1f
+ sub w25, w25, #16
eor v1.16b, v1.16b, v1.16b
-0: ldrb w7, [x1], #1 /* get 1 byte of input */
- subs w2, w2, #1
- add w8, w8, #1
+0: ldrb w7, [x20], #1 /* get 1 byte of input */
+ subs w21, w21, #1
+ add w25, w25, #1
ins v1.b[0], w7
ext v1.16b, v1.16b, v1.16b, #1 /* rotate in the input bytes */
beq 8f /* out of input? */
- cbnz w8, 0b
+ cbnz w25, 0b
eor v0.16b, v0.16b, v1.16b
-1: ld1 {v3.4s}, [x4] /* load first round key */
- prfm pldl1strm, [x1]
- cmp w5, #12 /* which key size? */
- add x6, x4, #16
- sub w7, w5, #2 /* modified # of rounds */
+1: ld1 {v3.4s}, [x23] /* load first round key */
+ prfm pldl1strm, [x20]
+ cmp w24, #12 /* which key size? */
+ add x6, x23, #16
+ sub w7, w24, #2 /* modified # of rounds */
bmi 2f
bne 5f
mov v5.16b, v3.16b
@@ -55,33 +64,43 @@ ENTRY(ce_aes_ccm_auth_data)
ld1 {v5.4s}, [x6], #16 /* load next round key */
bpl 3b
aese v0.16b, v4.16b
- subs w2, w2, #16 /* last data? */
+ subs w21, w21, #16 /* last data? */
eor v0.16b, v0.16b, v5.16b /* final round */
bmi 6f
- ld1 {v1.16b}, [x1], #16 /* load next input block */
+ ld1 {v1.16b}, [x20], #16 /* load next input block */
eor v0.16b, v0.16b, v1.16b /* xor with mac */
- bne 1b
-6: st1 {v0.16b}, [x0] /* store mac */
+ beq 6f
+
+ if_will_cond_yield_neon
+ st1 {v0.16b}, [x19] /* store mac */
+ do_cond_yield_neon
+ ld1 {v0.16b}, [x19] /* reload mac */
+ endif_yield_neon
+
+ b 1b
+6: st1 {v0.16b}, [x19] /* store mac */
beq 10f
- adds w2, w2, #16
+ adds w21, w21, #16
beq 10f
- mov w8, w2
-7: ldrb w7, [x1], #1
+ mov w25, w21
+7: ldrb w7, [x20], #1
umov w6, v0.b[0]
eor w6, w6, w7
- strb w6, [x0], #1
- subs w2, w2, #1
+ strb w6, [x19], #1
+ subs w21, w21, #1
beq 10f
ext v0.16b, v0.16b, v0.16b, #1 /* rotate out the mac bytes */
b 7b
-8: mov w7, w8
- add w8, w8, #16
+8: mov w7, w25
+ add w25, w25, #16
9: ext v1.16b, v1.16b, v1.16b, #1
adds w7, w7, #1
bne 9b
eor v0.16b, v0.16b, v1.16b
- st1 {v0.16b}, [x0]
-10: str w8, [x3]
+ st1 {v0.16b}, [x19]
+10: str w25, [x22]
+
+ frame_pop
ret
ENDPROC(ce_aes_ccm_auth_data)
@@ -126,19 +145,29 @@ ENTRY(ce_aes_ccm_final)
ENDPROC(ce_aes_ccm_final)
.macro aes_ccm_do_crypt,enc
- ldr x8, [x6, #8] /* load lower ctr */
- ld1 {v0.16b}, [x5] /* load mac */
-CPU_LE( rev x8, x8 ) /* keep swabbed ctr in reg */
+ frame_push 8
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
+ mov x25, x6
+
+ ldr x26, [x25, #8] /* load lower ctr */
+ ld1 {v0.16b}, [x24] /* load mac */
+CPU_LE( rev x26, x26 ) /* keep swabbed ctr in reg */
0: /* outer loop */
- ld1 {v1.8b}, [x6] /* load upper ctr */
- prfm pldl1strm, [x1]
- add x8, x8, #1
- rev x9, x8
- cmp w4, #12 /* which key size? */
- sub w7, w4, #2 /* get modified # of rounds */
+ ld1 {v1.8b}, [x25] /* load upper ctr */
+ prfm pldl1strm, [x20]
+ add x26, x26, #1
+ rev x9, x26
+ cmp w23, #12 /* which key size? */
+ sub w7, w23, #2 /* get modified # of rounds */
ins v1.d[1], x9 /* no carry in lower ctr */
- ld1 {v3.4s}, [x3] /* load first round key */
- add x10, x3, #16
+ ld1 {v3.4s}, [x22] /* load first round key */
+ add x10, x22, #16
bmi 1f
bne 4f
mov v5.16b, v3.16b
@@ -165,9 +194,9 @@ CPU_LE( rev x8, x8 ) /* keep swabbed ctr in reg */
bpl 2b
aese v0.16b, v4.16b
aese v1.16b, v4.16b
- subs w2, w2, #16
- bmi 6f /* partial block? */
- ld1 {v2.16b}, [x1], #16 /* load next input block */
+ subs w21, w21, #16
+ bmi 7f /* partial block? */
+ ld1 {v2.16b}, [x20], #16 /* load next input block */
.if \enc == 1
eor v2.16b, v2.16b, v5.16b /* final round enc+mac */
eor v1.16b, v1.16b, v2.16b /* xor with crypted ctr */
@@ -176,18 +205,29 @@ CPU_LE( rev x8, x8 ) /* keep swabbed ctr in reg */
eor v1.16b, v2.16b, v5.16b /* final round enc */
.endif
eor v0.16b, v0.16b, v2.16b /* xor mac with pt ^ rk[last] */
- st1 {v1.16b}, [x0], #16 /* write output block */
- bne 0b
-CPU_LE( rev x8, x8 )
- st1 {v0.16b}, [x5] /* store mac */
- str x8, [x6, #8] /* store lsb end of ctr (BE) */
-5: ret
-
-6: eor v0.16b, v0.16b, v5.16b /* final round mac */
+ st1 {v1.16b}, [x19], #16 /* write output block */
+ beq 5f
+
+ if_will_cond_yield_neon
+ st1 {v0.16b}, [x24] /* store mac */
+ do_cond_yield_neon
+ ld1 {v0.16b}, [x24] /* reload mac */
+ endif_yield_neon
+
+ b 0b
+5:
+CPU_LE( rev x26, x26 )
+ st1 {v0.16b}, [x24] /* store mac */
+ str x26, [x25, #8] /* store lsb end of ctr (BE) */
+
+6: frame_pop
+ ret
+
+7: eor v0.16b, v0.16b, v5.16b /* final round mac */
eor v1.16b, v1.16b, v5.16b /* final round enc */
- st1 {v0.16b}, [x5] /* store mac */
- add w2, w2, #16 /* process partial tail block */
-7: ldrb w9, [x1], #1 /* get 1 byte of input */
+ st1 {v0.16b}, [x24] /* store mac */
+ add w21, w21, #16 /* process partial tail block */
+8: ldrb w9, [x20], #1 /* get 1 byte of input */
umov w6, v1.b[0] /* get top crypted ctr byte */
umov w7, v0.b[0] /* get top mac byte */
.if \enc == 1
@@ -197,13 +237,13 @@ CPU_LE( rev x8, x8 )
eor w9, w9, w6
eor w7, w7, w9
.endif
- strb w9, [x0], #1 /* store out byte */
- strb w7, [x5], #1 /* store mac byte */
- subs w2, w2, #1
- beq 5b
+ strb w9, [x19], #1 /* store out byte */
+ strb w7, [x24], #1 /* store mac byte */
+ subs w21, w21, #1
+ beq 6b
ext v0.16b, v0.16b, v0.16b, #1 /* shift out mac byte */
ext v1.16b, v1.16b, v1.16b, #1 /* shift out ctr byte */
- b 7b
+ b 8b
.endm
/*
diff --git a/arch/arm64/crypto/aes-ce.S b/arch/arm64/crypto/aes-ce.S
index 50330f5c3adc..623e74ed1c67 100644
--- a/arch/arm64/crypto/aes-ce.S
+++ b/arch/arm64/crypto/aes-ce.S
@@ -30,18 +30,21 @@
.endm
/* prepare for encryption with key in rk[] */
- .macro enc_prepare, rounds, rk, ignore
- load_round_keys \rounds, \rk
+ .macro enc_prepare, rounds, rk, temp
+ mov \temp, \rk
+ load_round_keys \rounds, \temp
.endm
/* prepare for encryption (again) but with new key in rk[] */
- .macro enc_switch_key, rounds, rk, ignore
- load_round_keys \rounds, \rk
+ .macro enc_switch_key, rounds, rk, temp
+ mov \temp, \rk
+ load_round_keys \rounds, \temp
.endm
/* prepare for decryption with key in rk[] */
- .macro dec_prepare, rounds, rk, ignore
- load_round_keys \rounds, \rk
+ .macro dec_prepare, rounds, rk, temp
+ mov \temp, \rk
+ load_round_keys \rounds, \temp
.endm
.macro do_enc_Nx, de, mc, k, i0, i1, i2, i3
diff --git a/arch/arm64/crypto/aes-modes.S b/arch/arm64/crypto/aes-modes.S
index a68412e1e3a4..483a7130cf0e 100644
--- a/arch/arm64/crypto/aes-modes.S
+++ b/arch/arm64/crypto/aes-modes.S
@@ -14,12 +14,12 @@
.align 4
aes_encrypt_block4x:
- encrypt_block4x v0, v1, v2, v3, w3, x2, x8, w7
+ encrypt_block4x v0, v1, v2, v3, w22, x21, x8, w7
ret
ENDPROC(aes_encrypt_block4x)
aes_decrypt_block4x:
- decrypt_block4x v0, v1, v2, v3, w3, x2, x8, w7
+ decrypt_block4x v0, v1, v2, v3, w22, x21, x8, w7
ret
ENDPROC(aes_decrypt_block4x)
@@ -31,57 +31,71 @@ ENDPROC(aes_decrypt_block4x)
*/
AES_ENTRY(aes_ecb_encrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 5
- enc_prepare w3, x2, x5
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+
+.Lecbencrestart:
+ enc_prepare w22, x21, x5
.LecbencloopNx:
- subs w4, w4, #4
+ subs w23, w23, #4
bmi .Lecbenc1x
- ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 pt blocks */
+ ld1 {v0.16b-v3.16b}, [x20], #64 /* get 4 pt blocks */
bl aes_encrypt_block4x
- st1 {v0.16b-v3.16b}, [x0], #64
+ st1 {v0.16b-v3.16b}, [x19], #64
+ cond_yield_neon .Lecbencrestart
b .LecbencloopNx
.Lecbenc1x:
- adds w4, w4, #4
+ adds w23, w23, #4
beq .Lecbencout
.Lecbencloop:
- ld1 {v0.16b}, [x1], #16 /* get next pt block */
- encrypt_block v0, w3, x2, x5, w6
- st1 {v0.16b}, [x0], #16
- subs w4, w4, #1
+ ld1 {v0.16b}, [x20], #16 /* get next pt block */
+ encrypt_block v0, w22, x21, x5, w6
+ st1 {v0.16b}, [x19], #16
+ subs w23, w23, #1
bne .Lecbencloop
.Lecbencout:
- ldp x29, x30, [sp], #16
+ frame_pop
ret
AES_ENDPROC(aes_ecb_encrypt)
AES_ENTRY(aes_ecb_decrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 5
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
- dec_prepare w3, x2, x5
+.Lecbdecrestart:
+ dec_prepare w22, x21, x5
.LecbdecloopNx:
- subs w4, w4, #4
+ subs w23, w23, #4
bmi .Lecbdec1x
- ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 ct blocks */
+ ld1 {v0.16b-v3.16b}, [x20], #64 /* get 4 ct blocks */
bl aes_decrypt_block4x
- st1 {v0.16b-v3.16b}, [x0], #64
+ st1 {v0.16b-v3.16b}, [x19], #64
+ cond_yield_neon .Lecbdecrestart
b .LecbdecloopNx
.Lecbdec1x:
- adds w4, w4, #4
+ adds w23, w23, #4
beq .Lecbdecout
.Lecbdecloop:
- ld1 {v0.16b}, [x1], #16 /* get next ct block */
- decrypt_block v0, w3, x2, x5, w6
- st1 {v0.16b}, [x0], #16
- subs w4, w4, #1
+ ld1 {v0.16b}, [x20], #16 /* get next ct block */
+ decrypt_block v0, w22, x21, x5, w6
+ st1 {v0.16b}, [x19], #16
+ subs w23, w23, #1
bne .Lecbdecloop
.Lecbdecout:
- ldp x29, x30, [sp], #16
+ frame_pop
ret
AES_ENDPROC(aes_ecb_decrypt)
@@ -94,78 +108,100 @@ AES_ENDPROC(aes_ecb_decrypt)
*/
AES_ENTRY(aes_cbc_encrypt)
- ld1 {v4.16b}, [x5] /* get iv */
- enc_prepare w3, x2, x6
+ frame_push 6
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
+
+.Lcbcencrestart:
+ ld1 {v4.16b}, [x24] /* get iv */
+ enc_prepare w22, x21, x6
.Lcbcencloop4x:
- subs w4, w4, #4
+ subs w23, w23, #4
bmi .Lcbcenc1x
- ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 pt blocks */
+ ld1 {v0.16b-v3.16b}, [x20], #64 /* get 4 pt blocks */
eor v0.16b, v0.16b, v4.16b /* ..and xor with iv */
- encrypt_block v0, w3, x2, x6, w7
+ encrypt_block v0, w22, x21, x6, w7
eor v1.16b, v1.16b, v0.16b
- encrypt_block v1, w3, x2, x6, w7
+ encrypt_block v1, w22, x21, x6, w7
eor v2.16b, v2.16b, v1.16b
- encrypt_block v2, w3, x2, x6, w7
+ encrypt_block v2, w22, x21, x6, w7
eor v3.16b, v3.16b, v2.16b
- encrypt_block v3, w3, x2, x6, w7
- st1 {v0.16b-v3.16b}, [x0], #64
+ encrypt_block v3, w22, x21, x6, w7
+ st1 {v0.16b-v3.16b}, [x19], #64
mov v4.16b, v3.16b
+ st1 {v4.16b}, [x24] /* return iv */
+ cond_yield_neon .Lcbcencrestart
b .Lcbcencloop4x
.Lcbcenc1x:
- adds w4, w4, #4
+ adds w23, w23, #4
beq .Lcbcencout
.Lcbcencloop:
- ld1 {v0.16b}, [x1], #16 /* get next pt block */
+ ld1 {v0.16b}, [x20], #16 /* get next pt block */
eor v4.16b, v4.16b, v0.16b /* ..and xor with iv */
- encrypt_block v4, w3, x2, x6, w7
- st1 {v4.16b}, [x0], #16
- subs w4, w4, #1
+ encrypt_block v4, w22, x21, x6, w7
+ st1 {v4.16b}, [x19], #16
+ subs w23, w23, #1
bne .Lcbcencloop
.Lcbcencout:
- st1 {v4.16b}, [x5] /* return iv */
+ st1 {v4.16b}, [x24] /* return iv */
+ frame_pop
ret
AES_ENDPROC(aes_cbc_encrypt)
AES_ENTRY(aes_cbc_decrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 6
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
- ld1 {v7.16b}, [x5] /* get iv */
- dec_prepare w3, x2, x6
+.Lcbcdecrestart:
+ ld1 {v7.16b}, [x24] /* get iv */
+ dec_prepare w22, x21, x6
.LcbcdecloopNx:
- subs w4, w4, #4
+ subs w23, w23, #4
bmi .Lcbcdec1x
- ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 ct blocks */
+ ld1 {v0.16b-v3.16b}, [x20], #64 /* get 4 ct blocks */
mov v4.16b, v0.16b
mov v5.16b, v1.16b
mov v6.16b, v2.16b
bl aes_decrypt_block4x
- sub x1, x1, #16
+ sub x20, x20, #16
eor v0.16b, v0.16b, v7.16b
eor v1.16b, v1.16b, v4.16b
- ld1 {v7.16b}, [x1], #16 /* reload 1 ct block */
+ ld1 {v7.16b}, [x20], #16 /* reload 1 ct block */
eor v2.16b, v2.16b, v5.16b
eor v3.16b, v3.16b, v6.16b
- st1 {v0.16b-v3.16b}, [x0], #64
+ st1 {v0.16b-v3.16b}, [x19], #64
+ st1 {v7.16b}, [x24] /* return iv */
+ cond_yield_neon .Lcbcdecrestart
b .LcbcdecloopNx
.Lcbcdec1x:
- adds w4, w4, #4
+ adds w23, w23, #4
beq .Lcbcdecout
.Lcbcdecloop:
- ld1 {v1.16b}, [x1], #16 /* get next ct block */
+ ld1 {v1.16b}, [x20], #16 /* get next ct block */
mov v0.16b, v1.16b /* ...and copy to v0 */
- decrypt_block v0, w3, x2, x6, w7
+ decrypt_block v0, w22, x21, x6, w7
eor v0.16b, v0.16b, v7.16b /* xor with iv => pt */
mov v7.16b, v1.16b /* ct is next iv */
- st1 {v0.16b}, [x0], #16
- subs w4, w4, #1
+ st1 {v0.16b}, [x19], #16
+ subs w23, w23, #1
bne .Lcbcdecloop
.Lcbcdecout:
- st1 {v7.16b}, [x5] /* return iv */
- ldp x29, x30, [sp], #16
+ st1 {v7.16b}, [x24] /* return iv */
+ frame_pop
ret
AES_ENDPROC(aes_cbc_decrypt)
@@ -176,19 +212,26 @@ AES_ENDPROC(aes_cbc_decrypt)
*/
AES_ENTRY(aes_ctr_encrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 6
- enc_prepare w3, x2, x6
- ld1 {v4.16b}, [x5]
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
+
+.Lctrrestart:
+ enc_prepare w22, x21, x6
+ ld1 {v4.16b}, [x24]
umov x6, v4.d[1] /* keep swabbed ctr in reg */
rev x6, x6
- cmn w6, w4 /* 32 bit overflow? */
- bcs .Lctrloop
.LctrloopNx:
- subs w4, w4, #4
+ subs w23, w23, #4
bmi .Lctr1x
+ cmn w6, #4 /* 32 bit overflow? */
+ bcs .Lctr1x
ldr q8, =0x30000000200000001 /* addends 1,2,3[,0] */
dup v7.4s, w6
mov v0.16b, v4.16b
@@ -200,25 +243,27 @@ AES_ENTRY(aes_ctr_encrypt)
mov v1.s[3], v8.s[0]
mov v2.s[3], v8.s[1]
mov v3.s[3], v8.s[2]
- ld1 {v5.16b-v7.16b}, [x1], #48 /* get 3 input blocks */
+ ld1 {v5.16b-v7.16b}, [x20], #48 /* get 3 input blocks */
bl aes_encrypt_block4x
eor v0.16b, v5.16b, v0.16b
- ld1 {v5.16b}, [x1], #16 /* get 1 input block */
+ ld1 {v5.16b}, [x20], #16 /* get 1 input block */
eor v1.16b, v6.16b, v1.16b
eor v2.16b, v7.16b, v2.16b
eor v3.16b, v5.16b, v3.16b
- st1 {v0.16b-v3.16b}, [x0], #64
+ st1 {v0.16b-v3.16b}, [x19], #64
add x6, x6, #4
rev x7, x6
ins v4.d[1], x7
- cbz w4, .Lctrout
+ cbz w23, .Lctrout
+ st1 {v4.16b}, [x24] /* return next CTR value */
+ cond_yield_neon .Lctrrestart
b .LctrloopNx
.Lctr1x:
- adds w4, w4, #4
+ adds w23, w23, #4
beq .Lctrout
.Lctrloop:
mov v0.16b, v4.16b
- encrypt_block v0, w3, x2, x8, w7
+ encrypt_block v0, w22, x21, x8, w7
adds x6, x6, #1 /* increment BE ctr */
rev x7, x6
@@ -226,22 +271,22 @@ AES_ENTRY(aes_ctr_encrypt)
bcs .Lctrcarry /* overflow? */
.Lctrcarrydone:
- subs w4, w4, #1
+ subs w23, w23, #1
bmi .Lctrtailblock /* blocks <0 means tail block */
- ld1 {v3.16b}, [x1], #16
+ ld1 {v3.16b}, [x20], #16
eor v3.16b, v0.16b, v3.16b
- st1 {v3.16b}, [x0], #16
+ st1 {v3.16b}, [x19], #16
bne .Lctrloop
.Lctrout:
- st1 {v4.16b}, [x5] /* return next CTR value */
- ldp x29, x30, [sp], #16
+ st1 {v4.16b}, [x24] /* return next CTR value */
+.Lctrret:
+ frame_pop
ret
.Lctrtailblock:
- st1 {v0.16b}, [x0]
- ldp x29, x30, [sp], #16
- ret
+ st1 {v0.16b}, [x19]
+ b .Lctrret
.Lctrcarry:
umov x7, v4.d[0] /* load upper word of ctr */
@@ -274,10 +319,16 @@ CPU_LE( .quad 1, 0x87 )
CPU_BE( .quad 0x87, 1 )
AES_ENTRY(aes_xts_encrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 6
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x6
- ld1 {v4.16b}, [x6]
+ ld1 {v4.16b}, [x24]
cbz w7, .Lxtsencnotfirst
enc_prepare w3, x5, x8
@@ -286,15 +337,17 @@ AES_ENTRY(aes_xts_encrypt)
ldr q7, .Lxts_mul_x
b .LxtsencNx
+.Lxtsencrestart:
+ ld1 {v4.16b}, [x24]
.Lxtsencnotfirst:
- enc_prepare w3, x2, x8
+ enc_prepare w22, x21, x8
.LxtsencloopNx:
ldr q7, .Lxts_mul_x
next_tweak v4, v4, v7, v8
.LxtsencNx:
- subs w4, w4, #4
+ subs w23, w23, #4
bmi .Lxtsenc1x
- ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 pt blocks */
+ ld1 {v0.16b-v3.16b}, [x20], #64 /* get 4 pt blocks */
next_tweak v5, v4, v7, v8
eor v0.16b, v0.16b, v4.16b
next_tweak v6, v5, v7, v8
@@ -307,35 +360,43 @@ AES_ENTRY(aes_xts_encrypt)
eor v0.16b, v0.16b, v4.16b
eor v1.16b, v1.16b, v5.16b
eor v2.16b, v2.16b, v6.16b
- st1 {v0.16b-v3.16b}, [x0], #64
+ st1 {v0.16b-v3.16b}, [x19], #64
mov v4.16b, v7.16b
- cbz w4, .Lxtsencout
+ cbz w23, .Lxtsencout
+ st1 {v4.16b}, [x24]
+ cond_yield_neon .Lxtsencrestart
b .LxtsencloopNx
.Lxtsenc1x:
- adds w4, w4, #4
+ adds w23, w23, #4
beq .Lxtsencout
.Lxtsencloop:
- ld1 {v1.16b}, [x1], #16
+ ld1 {v1.16b}, [x20], #16
eor v0.16b, v1.16b, v4.16b
- encrypt_block v0, w3, x2, x8, w7
+ encrypt_block v0, w22, x21, x8, w7
eor v0.16b, v0.16b, v4.16b
- st1 {v0.16b}, [x0], #16
- subs w4, w4, #1
+ st1 {v0.16b}, [x19], #16
+ subs w23, w23, #1
beq .Lxtsencout
next_tweak v4, v4, v7, v8
b .Lxtsencloop
.Lxtsencout:
- st1 {v4.16b}, [x6]
- ldp x29, x30, [sp], #16
+ st1 {v4.16b}, [x24]
+ frame_pop
ret
AES_ENDPROC(aes_xts_encrypt)
AES_ENTRY(aes_xts_decrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 6
- ld1 {v4.16b}, [x6]
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x6
+
+ ld1 {v4.16b}, [x24]
cbz w7, .Lxtsdecnotfirst
enc_prepare w3, x5, x8
@@ -344,15 +405,17 @@ AES_ENTRY(aes_xts_decrypt)
ldr q7, .Lxts_mul_x
b .LxtsdecNx
+.Lxtsdecrestart:
+ ld1 {v4.16b}, [x24]
.Lxtsdecnotfirst:
- dec_prepare w3, x2, x8
+ dec_prepare w22, x21, x8
.LxtsdecloopNx:
ldr q7, .Lxts_mul_x
next_tweak v4, v4, v7, v8
.LxtsdecNx:
- subs w4, w4, #4
+ subs w23, w23, #4
bmi .Lxtsdec1x
- ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 ct blocks */
+ ld1 {v0.16b-v3.16b}, [x20], #64 /* get 4 ct blocks */
next_tweak v5, v4, v7, v8
eor v0.16b, v0.16b, v4.16b
next_tweak v6, v5, v7, v8
@@ -365,26 +428,28 @@ AES_ENTRY(aes_xts_decrypt)
eor v0.16b, v0.16b, v4.16b
eor v1.16b, v1.16b, v5.16b
eor v2.16b, v2.16b, v6.16b
- st1 {v0.16b-v3.16b}, [x0], #64
+ st1 {v0.16b-v3.16b}, [x19], #64
mov v4.16b, v7.16b
- cbz w4, .Lxtsdecout
+ cbz w23, .Lxtsdecout
+ st1 {v4.16b}, [x24]
+ cond_yield_neon .Lxtsdecrestart
b .LxtsdecloopNx
.Lxtsdec1x:
- adds w4, w4, #4
+ adds w23, w23, #4
beq .Lxtsdecout
.Lxtsdecloop:
- ld1 {v1.16b}, [x1], #16
+ ld1 {v1.16b}, [x20], #16
eor v0.16b, v1.16b, v4.16b
- decrypt_block v0, w3, x2, x8, w7
+ decrypt_block v0, w22, x21, x8, w7
eor v0.16b, v0.16b, v4.16b
- st1 {v0.16b}, [x0], #16
- subs w4, w4, #1
+ st1 {v0.16b}, [x19], #16
+ subs w23, w23, #1
beq .Lxtsdecout
next_tweak v4, v4, v7, v8
b .Lxtsdecloop
.Lxtsdecout:
- st1 {v4.16b}, [x6]
- ldp x29, x30, [sp], #16
+ st1 {v4.16b}, [x24]
+ frame_pop
ret
AES_ENDPROC(aes_xts_decrypt)
@@ -393,43 +458,61 @@ AES_ENDPROC(aes_xts_decrypt)
* int blocks, u8 dg[], int enc_before, int enc_after)
*/
AES_ENTRY(aes_mac_update)
- ld1 {v0.16b}, [x4] /* get dg */
+ frame_push 6
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x6
+
+ ld1 {v0.16b}, [x23] /* get dg */
enc_prepare w2, x1, x7
cbz w5, .Lmacloop4x
encrypt_block v0, w2, x1, x7, w8
.Lmacloop4x:
- subs w3, w3, #4
+ subs w22, w22, #4
bmi .Lmac1x
- ld1 {v1.16b-v4.16b}, [x0], #64 /* get next pt block */
+ ld1 {v1.16b-v4.16b}, [x19], #64 /* get next pt block */
eor v0.16b, v0.16b, v1.16b /* ..and xor with dg */
- encrypt_block v0, w2, x1, x7, w8
+ encrypt_block v0, w21, x20, x7, w8
eor v0.16b, v0.16b, v2.16b
- encrypt_block v0, w2, x1, x7, w8
+ encrypt_block v0, w21, x20, x7, w8
eor v0.16b, v0.16b, v3.16b
- encrypt_block v0, w2, x1, x7, w8
+ encrypt_block v0, w21, x20, x7, w8
eor v0.16b, v0.16b, v4.16b
- cmp w3, wzr
- csinv x5, x6, xzr, eq
+ cmp w22, wzr
+ csinv x5, x24, xzr, eq
cbz w5, .Lmacout
- encrypt_block v0, w2, x1, x7, w8
+ encrypt_block v0, w21, x20, x7, w8
+ st1 {v0.16b}, [x23] /* return dg */
+ cond_yield_neon .Lmacrestart
b .Lmacloop4x
.Lmac1x:
- add w3, w3, #4
+ add w22, w22, #4
.Lmacloop:
- cbz w3, .Lmacout
- ld1 {v1.16b}, [x0], #16 /* get next pt block */
+ cbz w22, .Lmacout
+ ld1 {v1.16b}, [x19], #16 /* get next pt block */
eor v0.16b, v0.16b, v1.16b /* ..and xor with dg */
- subs w3, w3, #1
- csinv x5, x6, xzr, eq
+ subs w22, w22, #1
+ csinv x5, x24, xzr, eq
cbz w5, .Lmacout
- encrypt_block v0, w2, x1, x7, w8
+.Lmacenc:
+ encrypt_block v0, w21, x20, x7, w8
b .Lmacloop
.Lmacout:
- st1 {v0.16b}, [x4] /* return dg */
+ st1 {v0.16b}, [x23] /* return dg */
+ frame_pop
ret
+
+.Lmacrestart:
+ ld1 {v0.16b}, [x23] /* get dg */
+ enc_prepare w21, x20, x0
+ b .Lmacloop4x
AES_ENDPROC(aes_mac_update)
diff --git a/arch/arm64/crypto/aes-neonbs-core.S b/arch/arm64/crypto/aes-neonbs-core.S
index ca0472500433..e613a87f8b53 100644
--- a/arch/arm64/crypto/aes-neonbs-core.S
+++ b/arch/arm64/crypto/aes-neonbs-core.S
@@ -565,54 +565,61 @@ ENDPROC(aesbs_decrypt8)
* int blocks)
*/
.macro __ecb_crypt, do8, o0, o1, o2, o3, o4, o5, o6, o7
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 5
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
99: mov x5, #1
- lsl x5, x5, x4
- subs w4, w4, #8
- csel x4, x4, xzr, pl
+ lsl x5, x5, x23
+ subs w23, w23, #8
+ csel x23, x23, xzr, pl
csel x5, x5, xzr, mi
- ld1 {v0.16b}, [x1], #16
+ ld1 {v0.16b}, [x20], #16
tbnz x5, #1, 0f
- ld1 {v1.16b}, [x1], #16
+ ld1 {v1.16b}, [x20], #16
tbnz x5, #2, 0f
- ld1 {v2.16b}, [x1], #16
+ ld1 {v2.16b}, [x20], #16
tbnz x5, #3, 0f
- ld1 {v3.16b}, [x1], #16
+ ld1 {v3.16b}, [x20], #16
tbnz x5, #4, 0f
- ld1 {v4.16b}, [x1], #16
+ ld1 {v4.16b}, [x20], #16
tbnz x5, #5, 0f
- ld1 {v5.16b}, [x1], #16
+ ld1 {v5.16b}, [x20], #16
tbnz x5, #6, 0f
- ld1 {v6.16b}, [x1], #16
+ ld1 {v6.16b}, [x20], #16
tbnz x5, #7, 0f
- ld1 {v7.16b}, [x1], #16
+ ld1 {v7.16b}, [x20], #16
-0: mov bskey, x2
- mov rounds, x3
+0: mov bskey, x21
+ mov rounds, x22
bl \do8
- st1 {\o0\().16b}, [x0], #16
+ st1 {\o0\().16b}, [x19], #16
tbnz x5, #1, 1f
- st1 {\o1\().16b}, [x0], #16
+ st1 {\o1\().16b}, [x19], #16
tbnz x5, #2, 1f
- st1 {\o2\().16b}, [x0], #16
+ st1 {\o2\().16b}, [x19], #16
tbnz x5, #3, 1f
- st1 {\o3\().16b}, [x0], #16
+ st1 {\o3\().16b}, [x19], #16
tbnz x5, #4, 1f
- st1 {\o4\().16b}, [x0], #16
+ st1 {\o4\().16b}, [x19], #16
tbnz x5, #5, 1f
- st1 {\o5\().16b}, [x0], #16
+ st1 {\o5\().16b}, [x19], #16
tbnz x5, #6, 1f
- st1 {\o6\().16b}, [x0], #16
+ st1 {\o6\().16b}, [x19], #16
tbnz x5, #7, 1f
- st1 {\o7\().16b}, [x0], #16
+ st1 {\o7\().16b}, [x19], #16
- cbnz x4, 99b
+ cbz x23, 1f
+ cond_yield_neon
+ b 99b
-1: ldp x29, x30, [sp], #16
+1: frame_pop
ret
.endm
@@ -632,43 +639,49 @@ ENDPROC(aesbs_ecb_decrypt)
*/
.align 4
ENTRY(aesbs_cbc_decrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
+ frame_push 6
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
99: mov x6, #1
- lsl x6, x6, x4
- subs w4, w4, #8
- csel x4, x4, xzr, pl
+ lsl x6, x6, x23
+ subs w23, w23, #8
+ csel x23, x23, xzr, pl
csel x6, x6, xzr, mi
- ld1 {v0.16b}, [x1], #16
+ ld1 {v0.16b}, [x20], #16
mov v25.16b, v0.16b
tbnz x6, #1, 0f
- ld1 {v1.16b}, [x1], #16
+ ld1 {v1.16b}, [x20], #16
mov v26.16b, v1.16b
tbnz x6, #2, 0f
- ld1 {v2.16b}, [x1], #16
+ ld1 {v2.16b}, [x20], #16
mov v27.16b, v2.16b
tbnz x6, #3, 0f
- ld1 {v3.16b}, [x1], #16
+ ld1 {v3.16b}, [x20], #16
mov v28.16b, v3.16b
tbnz x6, #4, 0f
- ld1 {v4.16b}, [x1], #16
+ ld1 {v4.16b}, [x20], #16
mov v29.16b, v4.16b
tbnz x6, #5, 0f
- ld1 {v5.16b}, [x1], #16
+ ld1 {v5.16b}, [x20], #16
mov v30.16b, v5.16b
tbnz x6, #6, 0f
- ld1 {v6.16b}, [x1], #16
+ ld1 {v6.16b}, [x20], #16
mov v31.16b, v6.16b
tbnz x6, #7, 0f
- ld1 {v7.16b}, [x1]
+ ld1 {v7.16b}, [x20]
-0: mov bskey, x2
- mov rounds, x3
+0: mov bskey, x21
+ mov rounds, x22
bl aesbs_decrypt8
- ld1 {v24.16b}, [x5] // load IV
+ ld1 {v24.16b}, [x24] // load IV
eor v1.16b, v1.16b, v25.16b
eor v6.16b, v6.16b, v26.16b
@@ -679,34 +692,36 @@ ENTRY(aesbs_cbc_decrypt)
eor v3.16b, v3.16b, v30.16b
eor v5.16b, v5.16b, v31.16b
- st1 {v0.16b}, [x0], #16
+ st1 {v0.16b}, [x19], #16
mov v24.16b, v25.16b
tbnz x6, #1, 1f
- st1 {v1.16b}, [x0], #16
+ st1 {v1.16b}, [x19], #16
mov v24.16b, v26.16b
tbnz x6, #2, 1f
- st1 {v6.16b}, [x0], #16
+ st1 {v6.16b}, [x19], #16
mov v24.16b, v27.16b
tbnz x6, #3, 1f
- st1 {v4.16b}, [x0], #16
+ st1 {v4.16b}, [x19], #16
mov v24.16b, v28.16b
tbnz x6, #4, 1f
- st1 {v2.16b}, [x0], #16
+ st1 {v2.16b}, [x19], #16
mov v24.16b, v29.16b
tbnz x6, #5, 1f
- st1 {v7.16b}, [x0], #16
+ st1 {v7.16b}, [x19], #16
mov v24.16b, v30.16b
tbnz x6, #6, 1f
- st1 {v3.16b}, [x0], #16
+ st1 {v3.16b}, [x19], #16
mov v24.16b, v31.16b
tbnz x6, #7, 1f
- ld1 {v24.16b}, [x1], #16
- st1 {v5.16b}, [x0], #16
-1: st1 {v24.16b}, [x5] // store IV
+ ld1 {v24.16b}, [x20], #16
+ st1 {v5.16b}, [x19], #16
+1: st1 {v24.16b}, [x24] // store IV
- cbnz x4, 99b
+ cbz x23, 2f
+ cond_yield_neon
+ b 99b
- ldp x29, x30, [sp], #16
+2: frame_pop
ret
ENDPROC(aesbs_cbc_decrypt)
@@ -731,87 +746,93 @@ CPU_BE( .quad 0x87, 1 )
*/
__xts_crypt8:
mov x6, #1
- lsl x6, x6, x4
- subs w4, w4, #8
- csel x4, x4, xzr, pl
+ lsl x6, x6, x23
+ subs w23, w23, #8
+ csel x23, x23, xzr, pl
csel x6, x6, xzr, mi
- ld1 {v0.16b}, [x1], #16
+ ld1 {v0.16b}, [x20], #16
next_tweak v26, v25, v30, v31
eor v0.16b, v0.16b, v25.16b
tbnz x6, #1, 0f
- ld1 {v1.16b}, [x1], #16
+ ld1 {v1.16b}, [x20], #16
next_tweak v27, v26, v30, v31
eor v1.16b, v1.16b, v26.16b
tbnz x6, #2, 0f
- ld1 {v2.16b}, [x1], #16
+ ld1 {v2.16b}, [x20], #16
next_tweak v28, v27, v30, v31
eor v2.16b, v2.16b, v27.16b
tbnz x6, #3, 0f
- ld1 {v3.16b}, [x1], #16
+ ld1 {v3.16b}, [x20], #16
next_tweak v29, v28, v30, v31
eor v3.16b, v3.16b, v28.16b
tbnz x6, #4, 0f
- ld1 {v4.16b}, [x1], #16
- str q29, [sp, #16]
+ ld1 {v4.16b}, [x20], #16
+ str q29, [sp, #.Lframe_local_offset]
eor v4.16b, v4.16b, v29.16b
next_tweak v29, v29, v30, v31
tbnz x6, #5, 0f
- ld1 {v5.16b}, [x1], #16
- str q29, [sp, #32]
+ ld1 {v5.16b}, [x20], #16
+ str q29, [sp, #.Lframe_local_offset + 16]
eor v5.16b, v5.16b, v29.16b
next_tweak v29, v29, v30, v31
tbnz x6, #6, 0f
- ld1 {v6.16b}, [x1], #16
- str q29, [sp, #48]
+ ld1 {v6.16b}, [x20], #16
+ str q29, [sp, #.Lframe_local_offset + 32]
eor v6.16b, v6.16b, v29.16b
next_tweak v29, v29, v30, v31
tbnz x6, #7, 0f
- ld1 {v7.16b}, [x1], #16
- str q29, [sp, #64]
+ ld1 {v7.16b}, [x20], #16
+ str q29, [sp, #.Lframe_local_offset + 48]
eor v7.16b, v7.16b, v29.16b
next_tweak v29, v29, v30, v31
-0: mov bskey, x2
- mov rounds, x3
+0: mov bskey, x21
+ mov rounds, x22
br x7
ENDPROC(__xts_crypt8)
.macro __xts_crypt, do8, o0, o1, o2, o3, o4, o5, o6, o7
- stp x29, x30, [sp, #-80]!
- mov x29, sp
+ frame_push 6, 64
- ldr q30, .Lxts_mul_x
- ld1 {v25.16b}, [x5]
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
+
+0: ldr q30, .Lxts_mul_x
+ ld1 {v25.16b}, [x24]
99: adr x7, \do8
bl __xts_crypt8
- ldp q16, q17, [sp, #16]
- ldp q18, q19, [sp, #48]
+ ldp q16, q17, [sp, #.Lframe_local_offset]
+ ldp q18, q19, [sp, #.Lframe_local_offset + 32]
eor \o0\().16b, \o0\().16b, v25.16b
eor \o1\().16b, \o1\().16b, v26.16b
eor \o2\().16b, \o2\().16b, v27.16b
eor \o3\().16b, \o3\().16b, v28.16b
- st1 {\o0\().16b}, [x0], #16
+ st1 {\o0\().16b}, [x19], #16
mov v25.16b, v26.16b
tbnz x6, #1, 1f
- st1 {\o1\().16b}, [x0], #16
+ st1 {\o1\().16b}, [x19], #16
mov v25.16b, v27.16b
tbnz x6, #2, 1f
- st1 {\o2\().16b}, [x0], #16
+ st1 {\o2\().16b}, [x19], #16
mov v25.16b, v28.16b
tbnz x6, #3, 1f
- st1 {\o3\().16b}, [x0], #16
+ st1 {\o3\().16b}, [x19], #16
mov v25.16b, v29.16b
tbnz x6, #4, 1f
@@ -820,18 +841,22 @@ ENDPROC(__xts_crypt8)
eor \o6\().16b, \o6\().16b, v18.16b
eor \o7\().16b, \o7\().16b, v19.16b
- st1 {\o4\().16b}, [x0], #16
+ st1 {\o4\().16b}, [x19], #16
tbnz x6, #5, 1f
- st1 {\o5\().16b}, [x0], #16
+ st1 {\o5\().16b}, [x19], #16
tbnz x6, #6, 1f
- st1 {\o6\().16b}, [x0], #16
+ st1 {\o6\().16b}, [x19], #16
tbnz x6, #7, 1f
- st1 {\o7\().16b}, [x0], #16
+ st1 {\o7\().16b}, [x19], #16
+
+ cbz x23, 1f
+ st1 {v25.16b}, [x24]
- cbnz x4, 99b
+ cond_yield_neon 0b
+ b 99b
-1: st1 {v25.16b}, [x5]
- ldp x29, x30, [sp], #80
+1: st1 {v25.16b}, [x24]
+ frame_pop
ret
.endm
@@ -856,24 +881,31 @@ ENDPROC(aesbs_xts_decrypt)
* int rounds, int blocks, u8 iv[], u8 final[])
*/
ENTRY(aesbs_ctr_encrypt)
- stp x29, x30, [sp, #-16]!
- mov x29, sp
-
- cmp x6, #0
- cset x10, ne
- add x4, x4, x10 // do one extra block if final
-
- ldp x7, x8, [x5]
- ld1 {v0.16b}, [x5]
+ frame_push 8
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
+ mov x25, x6
+
+ cmp x25, #0
+ cset x26, ne
+ add x23, x23, x26 // do one extra block if final
+
+98: ldp x7, x8, [x24]
+ ld1 {v0.16b}, [x24]
CPU_LE( rev x7, x7 )
CPU_LE( rev x8, x8 )
adds x8, x8, #1
adc x7, x7, xzr
99: mov x9, #1
- lsl x9, x9, x4
- subs w4, w4, #8
- csel x4, x4, xzr, pl
+ lsl x9, x9, x23
+ subs w23, w23, #8
+ csel x23, x23, xzr, pl
csel x9, x9, xzr, le
tbnz x9, #1, 0f
@@ -891,82 +923,85 @@ CPU_LE( rev x8, x8 )
tbnz x9, #7, 0f
next_ctr v7
-0: mov bskey, x2
- mov rounds, x3
+0: mov bskey, x21
+ mov rounds, x22
bl aesbs_encrypt8
- lsr x9, x9, x10 // disregard the extra block
+ lsr x9, x9, x26 // disregard the extra block
tbnz x9, #0, 0f
- ld1 {v8.16b}, [x1], #16
+ ld1 {v8.16b}, [x20], #16
eor v0.16b, v0.16b, v8.16b
- st1 {v0.16b}, [x0], #16
+ st1 {v0.16b}, [x19], #16
tbnz x9, #1, 1f
- ld1 {v9.16b}, [x1], #16
+ ld1 {v9.16b}, [x20], #16
eor v1.16b, v1.16b, v9.16b
- st1 {v1.16b}, [x0], #16
+ st1 {v1.16b}, [x19], #16
tbnz x9, #2, 2f
- ld1 {v10.16b}, [x1], #16
+ ld1 {v10.16b}, [x20], #16
eor v4.16b, v4.16b, v10.16b
- st1 {v4.16b}, [x0], #16
+ st1 {v4.16b}, [x19], #16
tbnz x9, #3, 3f
- ld1 {v11.16b}, [x1], #16
+ ld1 {v11.16b}, [x20], #16
eor v6.16b, v6.16b, v11.16b
- st1 {v6.16b}, [x0], #16
+ st1 {v6.16b}, [x19], #16
tbnz x9, #4, 4f
- ld1 {v12.16b}, [x1], #16
+ ld1 {v12.16b}, [x20], #16
eor v3.16b, v3.16b, v12.16b
- st1 {v3.16b}, [x0], #16
+ st1 {v3.16b}, [x19], #16
tbnz x9, #5, 5f
- ld1 {v13.16b}, [x1], #16
+ ld1 {v13.16b}, [x20], #16
eor v7.16b, v7.16b, v13.16b
- st1 {v7.16b}, [x0], #16
+ st1 {v7.16b}, [x19], #16
tbnz x9, #6, 6f
- ld1 {v14.16b}, [x1], #16
+ ld1 {v14.16b}, [x20], #16
eor v2.16b, v2.16b, v14.16b
- st1 {v2.16b}, [x0], #16
+ st1 {v2.16b}, [x19], #16
tbnz x9, #7, 7f
- ld1 {v15.16b}, [x1], #16
+ ld1 {v15.16b}, [x20], #16
eor v5.16b, v5.16b, v15.16b
- st1 {v5.16b}, [x0], #16
+ st1 {v5.16b}, [x19], #16
8: next_ctr v0
- cbnz x4, 99b
+ st1 {v0.16b}, [x24]
+ cbz x23, 0f
+
+ cond_yield_neon 98b
+ b 99b
-0: st1 {v0.16b}, [x5]
- ldp x29, x30, [sp], #16
+0: frame_pop
ret
/*
* If we are handling the tail of the input (x6 != NULL), return the
* final keystream block back to the caller.
*/
-1: cbz x6, 8b
- st1 {v1.16b}, [x6]
+1: cbz x25, 8b
+ st1 {v1.16b}, [x25]
b 8b
-2: cbz x6, 8b
- st1 {v4.16b}, [x6]
+2: cbz x25, 8b
+ st1 {v4.16b}, [x25]
b 8b
-3: cbz x6, 8b
- st1 {v6.16b}, [x6]
+3: cbz x25, 8b
+ st1 {v6.16b}, [x25]
b 8b
-4: cbz x6, 8b
- st1 {v3.16b}, [x6]
+4: cbz x25, 8b
+ st1 {v3.16b}, [x25]
b 8b
-5: cbz x6, 8b
- st1 {v7.16b}, [x6]
+5: cbz x25, 8b
+ st1 {v7.16b}, [x25]
b 8b
-6: cbz x6, 8b
- st1 {v2.16b}, [x6]
+6: cbz x25, 8b
+ st1 {v2.16b}, [x25]
b 8b
-7: cbz x6, 8b
- st1 {v5.16b}, [x6]
+7: cbz x25, 8b
+ st1 {v5.16b}, [x25]
b 8b
ENDPROC(aesbs_ctr_encrypt)
diff --git a/arch/arm64/crypto/crc32-ce-core.S b/arch/arm64/crypto/crc32-ce-core.S
index 16ed3c7ebd37..8061bf0f9c66 100644
--- a/arch/arm64/crypto/crc32-ce-core.S
+++ b/arch/arm64/crypto/crc32-ce-core.S
@@ -100,9 +100,10 @@
dCONSTANT .req d0
qCONSTANT .req q0
- BUF .req x0
- LEN .req x1
- CRC .req x2
+ BUF .req x19
+ LEN .req x20
+ CRC .req x21
+ CONST .req x22
vzr .req v9
@@ -123,7 +124,14 @@ ENTRY(crc32_pmull_le)
ENTRY(crc32c_pmull_le)
adr_l x3, .Lcrc32c_constants
-0: bic LEN, LEN, #15
+0: frame_push 4, 64
+
+ mov BUF, x0
+ mov LEN, x1
+ mov CRC, x2
+ mov CONST, x3
+
+ bic LEN, LEN, #15
ld1 {v1.16b-v4.16b}, [BUF], #0x40
movi vzr.16b, #0
fmov dCONSTANT, CRC
@@ -132,7 +140,7 @@ ENTRY(crc32c_pmull_le)
cmp LEN, #0x40
b.lt less_64
- ldr qCONSTANT, [x3]
+ ldr qCONSTANT, [CONST]
loop_64: /* 64 bytes Full cache line folding */
sub LEN, LEN, #0x40
@@ -162,10 +170,21 @@ loop_64: /* 64 bytes Full cache line folding */
eor v4.16b, v4.16b, v8.16b
cmp LEN, #0x40
- b.ge loop_64
+ b.lt less_64
+
+ if_will_cond_yield_neon
+ stp q1, q2, [sp, #.Lframe_local_offset]
+ stp q3, q4, [sp, #.Lframe_local_offset + 32]
+ do_cond_yield_neon
+ ldp q1, q2, [sp, #.Lframe_local_offset]
+ ldp q3, q4, [sp, #.Lframe_local_offset + 32]
+ ldr qCONSTANT, [CONST]
+ movi vzr.16b, #0
+ endif_yield_neon
+ b loop_64
less_64: /* Folding cache line into 128bit */
- ldr qCONSTANT, [x3, #16]
+ ldr qCONSTANT, [CONST, #16]
pmull2 v5.1q, v1.2d, vCONSTANT.2d
pmull v1.1q, v1.1d, vCONSTANT.1d
@@ -204,8 +223,8 @@ fold_64:
eor v1.16b, v1.16b, v2.16b
/* final 32-bit fold */
- ldr dCONSTANT, [x3, #32]
- ldr d3, [x3, #40]
+ ldr dCONSTANT, [CONST, #32]
+ ldr d3, [CONST, #40]
ext v2.16b, v1.16b, vzr.16b, #4
and v1.16b, v1.16b, v3.16b
@@ -213,7 +232,7 @@ fold_64:
eor v1.16b, v1.16b, v2.16b
/* Finish up with the bit-reversed barrett reduction 64 ==> 32 bits */
- ldr qCONSTANT, [x3, #48]
+ ldr qCONSTANT, [CONST, #48]
and v2.16b, v1.16b, v3.16b
ext v2.16b, vzr.16b, v2.16b, #8
@@ -223,6 +242,7 @@ fold_64:
eor v1.16b, v1.16b, v2.16b
mov w0, v1.s[1]
+ frame_pop
ret
ENDPROC(crc32_pmull_le)
ENDPROC(crc32c_pmull_le)
diff --git a/arch/arm64/crypto/crct10dif-ce-core.S b/arch/arm64/crypto/crct10dif-ce-core.S
index f179c01bd55c..663ea71cdb38 100644
--- a/arch/arm64/crypto/crct10dif-ce-core.S
+++ b/arch/arm64/crypto/crct10dif-ce-core.S
@@ -74,13 +74,19 @@
.text
.cpu generic+crypto
- arg1_low32 .req w0
- arg2 .req x1
- arg3 .req x2
+ arg1_low32 .req w19
+ arg2 .req x20
+ arg3 .req x21
vzr .req v13
ENTRY(crc_t10dif_pmull)
+ frame_push 3, 128
+
+ mov arg1_low32, w0
+ mov arg2, x1
+ mov arg3, x2
+
movi vzr.16b, #0 // init zero register
// adjust the 16-bit initial_crc value, scale it to 32 bits
@@ -175,8 +181,25 @@ CPU_LE( ext v12.16b, v12.16b, v12.16b, #8 )
subs arg3, arg3, #128
// check if there is another 64B in the buffer to be able to fold
- b.ge _fold_64_B_loop
+ b.lt _fold_64_B_end
+
+ if_will_cond_yield_neon
+ stp q0, q1, [sp, #.Lframe_local_offset]
+ stp q2, q3, [sp, #.Lframe_local_offset + 32]
+ stp q4, q5, [sp, #.Lframe_local_offset + 64]
+ stp q6, q7, [sp, #.Lframe_local_offset + 96]
+ do_cond_yield_neon
+ ldp q0, q1, [sp, #.Lframe_local_offset]
+ ldp q2, q3, [sp, #.Lframe_local_offset + 32]
+ ldp q4, q5, [sp, #.Lframe_local_offset + 64]
+ ldp q6, q7, [sp, #.Lframe_local_offset + 96]
+ ldr_l q10, rk3, x8
+ movi vzr.16b, #0 // init zero register
+ endif_yield_neon
+
+ b _fold_64_B_loop
+_fold_64_B_end:
// at this point, the buffer pointer is pointing at the last y Bytes
// of the buffer the 64B of folded data is in 4 of the vector
// registers: v0, v1, v2, v3
@@ -304,6 +327,7 @@ _barrett:
_cleanup:
// scale the result back to 16 bits
lsr x0, x0, #16
+ frame_pop
ret
_less_than_128:
diff --git a/arch/arm64/crypto/ghash-ce-core.S b/arch/arm64/crypto/ghash-ce-core.S
index 11ebf1ae248a..dcffb9e77589 100644
--- a/arch/arm64/crypto/ghash-ce-core.S
+++ b/arch/arm64/crypto/ghash-ce-core.S
@@ -213,22 +213,31 @@
.endm
.macro __pmull_ghash, pn
- ld1 {SHASH.2d}, [x3]
- ld1 {XL.2d}, [x1]
+ frame_push 5
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+
+0: ld1 {SHASH.2d}, [x22]
+ ld1 {XL.2d}, [x20]
ext SHASH2.16b, SHASH.16b, SHASH.16b, #8
eor SHASH2.16b, SHASH2.16b, SHASH.16b
__pmull_pre_\pn
/* do the head block first, if supplied */
- cbz x4, 0f
- ld1 {T1.2d}, [x4]
- b 1f
+ cbz x23, 1f
+ ld1 {T1.2d}, [x23]
+ mov x23, xzr
+ b 2f
-0: ld1 {T1.2d}, [x2], #16
- sub w0, w0, #1
+1: ld1 {T1.2d}, [x21], #16
+ sub w19, w19, #1
-1: /* multiply XL by SHASH in GF(2^128) */
+2: /* multiply XL by SHASH in GF(2^128) */
CPU_LE( rev64 T1.16b, T1.16b )
ext T2.16b, XL.16b, XL.16b, #8
@@ -250,9 +259,18 @@ CPU_LE( rev64 T1.16b, T1.16b )
eor T2.16b, T2.16b, XH.16b
eor XL.16b, XL.16b, T2.16b
- cbnz w0, 0b
+ cbz w19, 3f
+
+ if_will_cond_yield_neon
+ st1 {XL.2d}, [x20]
+ do_cond_yield_neon
+ b 0b
+ endif_yield_neon
+
+ b 1b
- st1 {XL.2d}, [x1]
+3: st1 {XL.2d}, [x20]
+ frame_pop
ret
.endm
@@ -304,38 +322,55 @@ ENDPROC(pmull_ghash_update_p8)
.endm
.macro pmull_gcm_do_crypt, enc
- ld1 {SHASH.2d}, [x4]
- ld1 {XL.2d}, [x1]
- ldr x8, [x5, #8] // load lower counter
+ frame_push 10
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+ mov x24, x5
+ mov x25, x6
+ mov x26, x7
+ .if \enc == 1
+ ldr x27, [sp, #96] // first stacked arg
+ .endif
+
+ ldr x28, [x24, #8] // load lower counter
+CPU_LE( rev x28, x28 )
+
+0: mov x0, x25
+ load_round_keys w26, x0
+ ld1 {SHASH.2d}, [x23]
+ ld1 {XL.2d}, [x20]
movi MASK.16b, #0xe1
ext SHASH2.16b, SHASH.16b, SHASH.16b, #8
-CPU_LE( rev x8, x8 )
shl MASK.2d, MASK.2d, #57
eor SHASH2.16b, SHASH2.16b, SHASH.16b
.if \enc == 1
- ld1 {KS.16b}, [x7]
+ ld1 {KS.16b}, [x27]
.endif
-0: ld1 {CTR.8b}, [x5] // load upper counter
- ld1 {INP.16b}, [x3], #16
- rev x9, x8
- add x8, x8, #1
- sub w0, w0, #1
+1: ld1 {CTR.8b}, [x24] // load upper counter
+ ld1 {INP.16b}, [x22], #16
+ rev x9, x28
+ add x28, x28, #1
+ sub w19, w19, #1
ins CTR.d[1], x9 // set lower counter
.if \enc == 1
eor INP.16b, INP.16b, KS.16b // encrypt input
- st1 {INP.16b}, [x2], #16
+ st1 {INP.16b}, [x21], #16
.endif
rev64 T1.16b, INP.16b
- cmp w6, #12
- b.ge 2f // AES-192/256?
+ cmp w26, #12
+ b.ge 4f // AES-192/256?
-1: enc_round CTR, v21
+2: enc_round CTR, v21
ext T2.16b, XL.16b, XL.16b, #8
ext IN1.16b, T1.16b, T1.16b, #8
@@ -390,27 +425,39 @@ CPU_LE( rev x8, x8 )
.if \enc == 0
eor INP.16b, INP.16b, KS.16b
- st1 {INP.16b}, [x2], #16
+ st1 {INP.16b}, [x21], #16
.endif
- cbnz w0, 0b
+ cbz w19, 3f
-CPU_LE( rev x8, x8 )
- st1 {XL.2d}, [x1]
- str x8, [x5, #8] // store lower counter
+ if_will_cond_yield_neon
+ st1 {XL.2d}, [x20]
+ .if \enc == 1
+ st1 {KS.16b}, [x27]
+ .endif
+ do_cond_yield_neon
+ b 0b
+ endif_yield_neon
+ b 1b
+
+3: st1 {XL.2d}, [x20]
.if \enc == 1
- st1 {KS.16b}, [x7]
+ st1 {KS.16b}, [x27]
.endif
+CPU_LE( rev x28, x28 )
+ str x28, [x24, #8] // store lower counter
+
+ frame_pop
ret
-2: b.eq 3f // AES-192?
+4: b.eq 5f // AES-192?
enc_round CTR, v17
enc_round CTR, v18
-3: enc_round CTR, v19
+5: enc_round CTR, v19
enc_round CTR, v20
- b 1b
+ b 2b
.endm
/*
diff --git a/arch/arm64/crypto/ghash-ce-glue.c b/arch/arm64/crypto/ghash-ce-glue.c
index cfc9c92814fd..7cf0b1aa6ea8 100644
--- a/arch/arm64/crypto/ghash-ce-glue.c
+++ b/arch/arm64/crypto/ghash-ce-glue.c
@@ -63,11 +63,12 @@ static void (*pmull_ghash_update)(int blocks, u64 dg[], const char *src,
asmlinkage void pmull_gcm_encrypt(int blocks, u64 dg[], u8 dst[],
const u8 src[], struct ghash_key const *k,
- u8 ctr[], int rounds, u8 ks[]);
+ u8 ctr[], u32 const rk[], int rounds,
+ u8 ks[]);
asmlinkage void pmull_gcm_decrypt(int blocks, u64 dg[], u8 dst[],
const u8 src[], struct ghash_key const *k,
- u8 ctr[], int rounds);
+ u8 ctr[], u32 const rk[], int rounds);
asmlinkage void pmull_gcm_encrypt_block(u8 dst[], u8 const src[],
u32 const rk[], int rounds);
@@ -368,26 +369,29 @@ static int gcm_encrypt(struct aead_request *req)
pmull_gcm_encrypt_block(ks, iv, NULL,
num_rounds(&ctx->aes_key));
put_unaligned_be32(3, iv + GCM_IV_SIZE);
+ kernel_neon_end();
- err = skcipher_walk_aead_encrypt(&walk, req, true);
+ err = skcipher_walk_aead_encrypt(&walk, req, false);
while (walk.nbytes >= AES_BLOCK_SIZE) {
int blocks = walk.nbytes / AES_BLOCK_SIZE;
+ kernel_neon_begin();
pmull_gcm_encrypt(blocks, dg, walk.dst.virt.addr,
walk.src.virt.addr, &ctx->ghash_key,
- iv, num_rounds(&ctx->aes_key), ks);
+ iv, ctx->aes_key.key_enc,
+ num_rounds(&ctx->aes_key), ks);
+ kernel_neon_end();
err = skcipher_walk_done(&walk,
walk.nbytes % AES_BLOCK_SIZE);
}
- kernel_neon_end();
} else {
__aes_arm64_encrypt(ctx->aes_key.key_enc, tag, iv,
num_rounds(&ctx->aes_key));
put_unaligned_be32(2, iv + GCM_IV_SIZE);
- err = skcipher_walk_aead_encrypt(&walk, req, true);
+ err = skcipher_walk_aead_encrypt(&walk, req, false);
while (walk.nbytes >= AES_BLOCK_SIZE) {
int blocks = walk.nbytes / AES_BLOCK_SIZE;
@@ -467,15 +471,19 @@ static int gcm_decrypt(struct aead_request *req)
pmull_gcm_encrypt_block(tag, iv, ctx->aes_key.key_enc,
num_rounds(&ctx->aes_key));
put_unaligned_be32(2, iv + GCM_IV_SIZE);
+ kernel_neon_end();
- err = skcipher_walk_aead_decrypt(&walk, req, true);
+ err = skcipher_walk_aead_decrypt(&walk, req, false);
while (walk.nbytes >= AES_BLOCK_SIZE) {
int blocks = walk.nbytes / AES_BLOCK_SIZE;
+ kernel_neon_begin();
pmull_gcm_decrypt(blocks, dg, walk.dst.virt.addr,
walk.src.virt.addr, &ctx->ghash_key,
- iv, num_rounds(&ctx->aes_key));
+ iv, ctx->aes_key.key_enc,
+ num_rounds(&ctx->aes_key));
+ kernel_neon_end();
err = skcipher_walk_done(&walk,
walk.nbytes % AES_BLOCK_SIZE);
@@ -483,14 +491,12 @@ static int gcm_decrypt(struct aead_request *req)
if (walk.nbytes)
pmull_gcm_encrypt_block(iv, iv, NULL,
num_rounds(&ctx->aes_key));
-
- kernel_neon_end();
} else {
__aes_arm64_encrypt(ctx->aes_key.key_enc, tag, iv,
num_rounds(&ctx->aes_key));
put_unaligned_be32(2, iv + GCM_IV_SIZE);
- err = skcipher_walk_aead_decrypt(&walk, req, true);
+ err = skcipher_walk_aead_decrypt(&walk, req, false);
while (walk.nbytes >= AES_BLOCK_SIZE) {
int blocks = walk.nbytes / AES_BLOCK_SIZE;
diff --git a/arch/arm64/crypto/sha1-ce-core.S b/arch/arm64/crypto/sha1-ce-core.S
index 46049850727d..78eb35fb5056 100644
--- a/arch/arm64/crypto/sha1-ce-core.S
+++ b/arch/arm64/crypto/sha1-ce-core.S
@@ -69,30 +69,36 @@
* int blocks)
*/
ENTRY(sha1_ce_transform)
+ frame_push 3
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+
/* load round constants */
- loadrc k0.4s, 0x5a827999, w6
+0: loadrc k0.4s, 0x5a827999, w6
loadrc k1.4s, 0x6ed9eba1, w6
loadrc k2.4s, 0x8f1bbcdc, w6
loadrc k3.4s, 0xca62c1d6, w6
/* load state */
- ld1 {dgav.4s}, [x0]
- ldr dgb, [x0, #16]
+ ld1 {dgav.4s}, [x19]
+ ldr dgb, [x19, #16]
/* load sha1_ce_state::finalize */
ldr_l w4, sha1_ce_offsetof_finalize, x4
- ldr w4, [x0, x4]
+ ldr w4, [x19, x4]
/* load input */
-0: ld1 {v8.4s-v11.4s}, [x1], #64
- sub w2, w2, #1
+1: ld1 {v8.4s-v11.4s}, [x20], #64
+ sub w21, w21, #1
CPU_LE( rev32 v8.16b, v8.16b )
CPU_LE( rev32 v9.16b, v9.16b )
CPU_LE( rev32 v10.16b, v10.16b )
CPU_LE( rev32 v11.16b, v11.16b )
-1: add t0.4s, v8.4s, k0.4s
+2: add t0.4s, v8.4s, k0.4s
mov dg0v.16b, dgav.16b
add_update c, ev, k0, 8, 9, 10, 11, dgb
@@ -123,16 +129,25 @@ CPU_LE( rev32 v11.16b, v11.16b )
add dgbv.2s, dgbv.2s, dg1v.2s
add dgav.4s, dgav.4s, dg0v.4s
- cbnz w2, 0b
+ cbz w21, 3f
+
+ if_will_cond_yield_neon
+ st1 {dgav.4s}, [x19]
+ str dgb, [x19, #16]
+ do_cond_yield_neon
+ b 0b
+ endif_yield_neon
+
+ b 1b
/*
* Final block: add padding and total bit count.
* Skip if the input size was not a round multiple of the block size,
* the padding is handled by the C code in that case.
*/
- cbz x4, 3f
+3: cbz x4, 4f
ldr_l w4, sha1_ce_offsetof_count, x4
- ldr x4, [x0, x4]
+ ldr x4, [x19, x4]
movi v9.2d, #0
mov x8, #0x80000000
movi v10.2d, #0
@@ -141,10 +156,11 @@ CPU_LE( rev32 v11.16b, v11.16b )
mov x4, #0
mov v11.d[0], xzr
mov v11.d[1], x7
- b 1b
+ b 2b
/* store new state */
-3: st1 {dgav.4s}, [x0]
- str dgb, [x0, #16]
+4: st1 {dgav.4s}, [x19]
+ str dgb, [x19, #16]
+ frame_pop
ret
ENDPROC(sha1_ce_transform)
diff --git a/arch/arm64/crypto/sha2-ce-core.S b/arch/arm64/crypto/sha2-ce-core.S
index 4c3c89b812ce..cd8b36412469 100644
--- a/arch/arm64/crypto/sha2-ce-core.S
+++ b/arch/arm64/crypto/sha2-ce-core.S
@@ -79,30 +79,36 @@
*/
.text
ENTRY(sha2_ce_transform)
+ frame_push 3
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+
/* load round constants */
- adr_l x8, .Lsha2_rcon
+0: adr_l x8, .Lsha2_rcon
ld1 { v0.4s- v3.4s}, [x8], #64
ld1 { v4.4s- v7.4s}, [x8], #64
ld1 { v8.4s-v11.4s}, [x8], #64
ld1 {v12.4s-v15.4s}, [x8]
/* load state */
- ld1 {dgav.4s, dgbv.4s}, [x0]
+ ld1 {dgav.4s, dgbv.4s}, [x19]
/* load sha256_ce_state::finalize */
ldr_l w4, sha256_ce_offsetof_finalize, x4
- ldr w4, [x0, x4]
+ ldr w4, [x19, x4]
/* load input */
-0: ld1 {v16.4s-v19.4s}, [x1], #64
- sub w2, w2, #1
+1: ld1 {v16.4s-v19.4s}, [x20], #64
+ sub w21, w21, #1
CPU_LE( rev32 v16.16b, v16.16b )
CPU_LE( rev32 v17.16b, v17.16b )
CPU_LE( rev32 v18.16b, v18.16b )
CPU_LE( rev32 v19.16b, v19.16b )
-1: add t0.4s, v16.4s, v0.4s
+2: add t0.4s, v16.4s, v0.4s
mov dg0v.16b, dgav.16b
mov dg1v.16b, dgbv.16b
@@ -131,16 +137,24 @@ CPU_LE( rev32 v19.16b, v19.16b )
add dgbv.4s, dgbv.4s, dg1v.4s
/* handled all input blocks? */
- cbnz w2, 0b
+ cbz w21, 3f
+
+ if_will_cond_yield_neon
+ st1 {dgav.4s, dgbv.4s}, [x19]
+ do_cond_yield_neon
+ b 0b
+ endif_yield_neon
+
+ b 1b
/*
* Final block: add padding and total bit count.
* Skip if the input size was not a round multiple of the block size,
* the padding is handled by the C code in that case.
*/
- cbz x4, 3f
+3: cbz x4, 4f
ldr_l w4, sha256_ce_offsetof_count, x4
- ldr x4, [x0, x4]
+ ldr x4, [x19, x4]
movi v17.2d, #0
mov x8, #0x80000000
movi v18.2d, #0
@@ -149,9 +163,10 @@ CPU_LE( rev32 v19.16b, v19.16b )
mov x4, #0
mov v19.d[0], xzr
mov v19.d[1], x7
- b 1b
+ b 2b
/* store new state */
-3: st1 {dgav.4s, dgbv.4s}, [x0]
+4: st1 {dgav.4s, dgbv.4s}, [x19]
+ frame_pop
ret
ENDPROC(sha2_ce_transform)
diff --git a/arch/arm64/crypto/sha256-core.S_shipped b/arch/arm64/crypto/sha256-core.S_shipped
index 3ce82cc860bc..7c7ce2e3bad6 100644
--- a/arch/arm64/crypto/sha256-core.S_shipped
+++ b/arch/arm64/crypto/sha256-core.S_shipped
@@ -1,3 +1,13 @@
+// SPDX-License-Identifier: GPL-2.0
+
+// This code is taken from the OpenSSL project but the author (Andy Polyakov)
+// has relicensed it under the GPLv2. Therefore this program is free software;
+// you can redistribute it and/or modify it under the terms of the GNU General
+// Public License version 2 as published by the Free Software Foundation.
+//
+// The original headers, including the original license headers, are
+// included below for completeness.
+
// Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
//
// Licensed under the OpenSSL license (the "License"). You may not use
@@ -10,8 +20,6 @@
// project. The module is, however, dual licensed under OpenSSL and
// CRYPTOGAMS licenses depending on where you obtain it. For further
// details see http://www.openssl.org/~appro/cryptogams/.
-//
-// Permission to use under GPLv2 terms is granted.
// ====================================================================
//
// SHA256/512 for ARMv8.
diff --git a/arch/arm64/crypto/sha3-ce-core.S b/arch/arm64/crypto/sha3-ce-core.S
index 332ad7530690..a7d587fa54f6 100644
--- a/arch/arm64/crypto/sha3-ce-core.S
+++ b/arch/arm64/crypto/sha3-ce-core.S
@@ -41,9 +41,16 @@
*/
.text
ENTRY(sha3_ce_transform)
- /* load state */
- add x8, x0, #32
- ld1 { v0.1d- v3.1d}, [x0]
+ frame_push 4
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+
+0: /* load state */
+ add x8, x19, #32
+ ld1 { v0.1d- v3.1d}, [x19]
ld1 { v4.1d- v7.1d}, [x8], #32
ld1 { v8.1d-v11.1d}, [x8], #32
ld1 {v12.1d-v15.1d}, [x8], #32
@@ -51,13 +58,13 @@ ENTRY(sha3_ce_transform)
ld1 {v20.1d-v23.1d}, [x8], #32
ld1 {v24.1d}, [x8]
-0: sub w2, w2, #1
+1: sub w21, w21, #1
mov w8, #24
adr_l x9, .Lsha3_rcon
/* load input */
- ld1 {v25.8b-v28.8b}, [x1], #32
- ld1 {v29.8b-v31.8b}, [x1], #24
+ ld1 {v25.8b-v28.8b}, [x20], #32
+ ld1 {v29.8b-v31.8b}, [x20], #24
eor v0.8b, v0.8b, v25.8b
eor v1.8b, v1.8b, v26.8b
eor v2.8b, v2.8b, v27.8b
@@ -66,10 +73,10 @@ ENTRY(sha3_ce_transform)
eor v5.8b, v5.8b, v30.8b
eor v6.8b, v6.8b, v31.8b
- tbnz x3, #6, 2f // SHA3-512
+ tbnz x22, #6, 3f // SHA3-512
- ld1 {v25.8b-v28.8b}, [x1], #32
- ld1 {v29.8b-v30.8b}, [x1], #16
+ ld1 {v25.8b-v28.8b}, [x20], #32
+ ld1 {v29.8b-v30.8b}, [x20], #16
eor v7.8b, v7.8b, v25.8b
eor v8.8b, v8.8b, v26.8b
eor v9.8b, v9.8b, v27.8b
@@ -77,34 +84,34 @@ ENTRY(sha3_ce_transform)
eor v11.8b, v11.8b, v29.8b
eor v12.8b, v12.8b, v30.8b
- tbnz x3, #4, 1f // SHA3-384 or SHA3-224
+ tbnz x22, #4, 2f // SHA3-384 or SHA3-224
// SHA3-256
- ld1 {v25.8b-v28.8b}, [x1], #32
+ ld1 {v25.8b-v28.8b}, [x20], #32
eor v13.8b, v13.8b, v25.8b
eor v14.8b, v14.8b, v26.8b
eor v15.8b, v15.8b, v27.8b
eor v16.8b, v16.8b, v28.8b
- b 3f
+ b 4f
-1: tbz x3, #2, 3f // bit 2 cleared? SHA-384
+2: tbz x22, #2, 4f // bit 2 cleared? SHA-384
// SHA3-224
- ld1 {v25.8b-v28.8b}, [x1], #32
- ld1 {v29.8b}, [x1], #8
+ ld1 {v25.8b-v28.8b}, [x20], #32
+ ld1 {v29.8b}, [x20], #8
eor v13.8b, v13.8b, v25.8b
eor v14.8b, v14.8b, v26.8b
eor v15.8b, v15.8b, v27.8b
eor v16.8b, v16.8b, v28.8b
eor v17.8b, v17.8b, v29.8b
- b 3f
+ b 4f
// SHA3-512
-2: ld1 {v25.8b-v26.8b}, [x1], #16
+3: ld1 {v25.8b-v26.8b}, [x20], #16
eor v7.8b, v7.8b, v25.8b
eor v8.8b, v8.8b, v26.8b
-3: sub w8, w8, #1
+4: sub w8, w8, #1
eor3 v29.16b, v4.16b, v9.16b, v14.16b
eor3 v26.16b, v1.16b, v6.16b, v11.16b
@@ -183,17 +190,33 @@ ENTRY(sha3_ce_transform)
eor v0.16b, v0.16b, v31.16b
- cbnz w8, 3b
- cbnz w2, 0b
+ cbnz w8, 4b
+ cbz w21, 5f
+
+ if_will_cond_yield_neon
+ add x8, x19, #32
+ st1 { v0.1d- v3.1d}, [x19]
+ st1 { v4.1d- v7.1d}, [x8], #32
+ st1 { v8.1d-v11.1d}, [x8], #32
+ st1 {v12.1d-v15.1d}, [x8], #32
+ st1 {v16.1d-v19.1d}, [x8], #32
+ st1 {v20.1d-v23.1d}, [x8], #32
+ st1 {v24.1d}, [x8]
+ do_cond_yield_neon
+ b 0b
+ endif_yield_neon
+
+ b 1b
/* save state */
- st1 { v0.1d- v3.1d}, [x0], #32
- st1 { v4.1d- v7.1d}, [x0], #32
- st1 { v8.1d-v11.1d}, [x0], #32
- st1 {v12.1d-v15.1d}, [x0], #32
- st1 {v16.1d-v19.1d}, [x0], #32
- st1 {v20.1d-v23.1d}, [x0], #32
- st1 {v24.1d}, [x0]
+5: st1 { v0.1d- v3.1d}, [x19], #32
+ st1 { v4.1d- v7.1d}, [x19], #32
+ st1 { v8.1d-v11.1d}, [x19], #32
+ st1 {v12.1d-v15.1d}, [x19], #32
+ st1 {v16.1d-v19.1d}, [x19], #32
+ st1 {v20.1d-v23.1d}, [x19], #32
+ st1 {v24.1d}, [x19]
+ frame_pop
ret
ENDPROC(sha3_ce_transform)
diff --git a/arch/arm64/crypto/sha512-armv8.pl b/arch/arm64/crypto/sha512-armv8.pl
index c55efb308544..2d8655d5b1af 100644
--- a/arch/arm64/crypto/sha512-armv8.pl
+++ b/arch/arm64/crypto/sha512-armv8.pl
@@ -1,4 +1,14 @@
#! /usr/bin/env perl
+# SPDX-License-Identifier: GPL-2.0
+
+# This code is taken from the OpenSSL project but the author (Andy Polyakov)
+# has relicensed it under the GPLv2. Therefore this program is free software;
+# you can redistribute it and/or modify it under the terms of the GNU General
+# Public License version 2 as published by the Free Software Foundation.
+#
+# The original headers, including the original license headers, are
+# included below for completeness.
+
# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
@@ -11,8 +21,6 @@
# project. The module is, however, dual licensed under OpenSSL and
# CRYPTOGAMS licenses depending on where you obtain it. For further
# details see http://www.openssl.org/~appro/cryptogams/.
-#
-# Permission to use under GPLv2 terms is granted.
# ====================================================================
#
# SHA256/512 for ARMv8.
diff --git a/arch/arm64/crypto/sha512-ce-core.S b/arch/arm64/crypto/sha512-ce-core.S
index 7f3bca5c59a2..ce65e3abe4f2 100644
--- a/arch/arm64/crypto/sha512-ce-core.S
+++ b/arch/arm64/crypto/sha512-ce-core.S
@@ -107,17 +107,23 @@
*/
.text
ENTRY(sha512_ce_transform)
+ frame_push 3
+
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+
/* load state */
- ld1 {v8.2d-v11.2d}, [x0]
+0: ld1 {v8.2d-v11.2d}, [x19]
/* load first 4 round constants */
adr_l x3, .Lsha512_rcon
ld1 {v20.2d-v23.2d}, [x3], #64
/* load input */
-0: ld1 {v12.2d-v15.2d}, [x1], #64
- ld1 {v16.2d-v19.2d}, [x1], #64
- sub w2, w2, #1
+1: ld1 {v12.2d-v15.2d}, [x20], #64
+ ld1 {v16.2d-v19.2d}, [x20], #64
+ sub w21, w21, #1
CPU_LE( rev64 v12.16b, v12.16b )
CPU_LE( rev64 v13.16b, v13.16b )
@@ -196,9 +202,18 @@ CPU_LE( rev64 v19.16b, v19.16b )
add v11.2d, v11.2d, v3.2d
/* handled all input blocks? */
- cbnz w2, 0b
+ cbz w21, 3f
+
+ if_will_cond_yield_neon
+ st1 {v8.2d-v11.2d}, [x19]
+ do_cond_yield_neon
+ b 0b
+ endif_yield_neon
+
+ b 1b
/* store new state */
-3: st1 {v8.2d-v11.2d}, [x0]
+3: st1 {v8.2d-v11.2d}, [x19]
+ frame_pop
ret
ENDPROC(sha512_ce_transform)
diff --git a/arch/arm64/crypto/sha512-core.S_shipped b/arch/arm64/crypto/sha512-core.S_shipped
index bd0f59f06c9d..e063a6106720 100644
--- a/arch/arm64/crypto/sha512-core.S_shipped
+++ b/arch/arm64/crypto/sha512-core.S_shipped
@@ -1,3 +1,13 @@
+// SPDX-License-Identifier: GPL-2.0
+
+// This code is taken from the OpenSSL project but the author (Andy Polyakov)
+// has relicensed it under the GPLv2. Therefore this program is free software;
+// you can redistribute it and/or modify it under the terms of the GNU General
+// Public License version 2 as published by the Free Software Foundation.
+//
+// The original headers, including the original license headers, are
+// included below for completeness.
+
// Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
//
// Licensed under the OpenSSL license (the "License"). You may not use
@@ -10,8 +20,6 @@
// project. The module is, however, dual licensed under OpenSSL and
// CRYPTOGAMS licenses depending on where you obtain it. For further
// details see http://www.openssl.org/~appro/cryptogams/.
-//
-// Permission to use under GPLv2 terms is granted.
// ====================================================================
//
// SHA256/512 for ARMv8.
diff --git a/arch/arm64/crypto/sm4-ce-core.S b/arch/arm64/crypto/sm4-ce-core.S
new file mode 100644
index 000000000000..af3bfbc3f4d4
--- /dev/null
+++ b/arch/arm64/crypto/sm4-ce-core.S
@@ -0,0 +1,36 @@
+// SPDX-License-Identifier: GPL-2.0
+
+#include <linux/linkage.h>
+#include <asm/assembler.h>
+
+ .irp b, 0, 1, 2, 3, 4, 5, 6, 7, 8
+ .set .Lv\b\().4s, \b
+ .endr
+
+ .macro sm4e, rd, rn
+ .inst 0xcec08400 | .L\rd | (.L\rn << 5)
+ .endm
+
+ /*
+ * void sm4_ce_do_crypt(const u32 *rk, u32 *out, const u32 *in);
+ */
+ .text
+ENTRY(sm4_ce_do_crypt)
+ ld1 {v8.4s}, [x2]
+ ld1 {v0.4s-v3.4s}, [x0], #64
+CPU_LE( rev32 v8.16b, v8.16b )
+ ld1 {v4.4s-v7.4s}, [x0]
+ sm4e v8.4s, v0.4s
+ sm4e v8.4s, v1.4s
+ sm4e v8.4s, v2.4s
+ sm4e v8.4s, v3.4s
+ sm4e v8.4s, v4.4s
+ sm4e v8.4s, v5.4s
+ sm4e v8.4s, v6.4s
+ sm4e v8.4s, v7.4s
+ rev64 v8.4s, v8.4s
+ ext v8.16b, v8.16b, v8.16b, #8
+CPU_LE( rev32 v8.16b, v8.16b )
+ st1 {v8.4s}, [x1]
+ ret
+ENDPROC(sm4_ce_do_crypt)
diff --git a/arch/arm64/crypto/sm4-ce-glue.c b/arch/arm64/crypto/sm4-ce-glue.c
new file mode 100644
index 000000000000..b7fb5274b250
--- /dev/null
+++ b/arch/arm64/crypto/sm4-ce-glue.c
@@ -0,0 +1,73 @@
+// SPDX-License-Identifier: GPL-2.0
+
+#include <asm/neon.h>
+#include <asm/simd.h>
+#include <crypto/sm4.h>
+#include <linux/module.h>
+#include <linux/cpufeature.h>
+#include <linux/crypto.h>
+#include <linux/types.h>
+
+MODULE_ALIAS_CRYPTO("sm4");
+MODULE_ALIAS_CRYPTO("sm4-ce");
+MODULE_DESCRIPTION("SM4 symmetric cipher using ARMv8 Crypto Extensions");
+MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>");
+MODULE_LICENSE("GPL v2");
+
+asmlinkage void sm4_ce_do_crypt(const u32 *rk, void *out, const void *in);
+
+static void sm4_ce_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
+{
+ const struct crypto_sm4_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ if (!may_use_simd()) {
+ crypto_sm4_encrypt(tfm, out, in);
+ } else {
+ kernel_neon_begin();
+ sm4_ce_do_crypt(ctx->rkey_enc, out, in);
+ kernel_neon_end();
+ }
+}
+
+static void sm4_ce_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
+{
+ const struct crypto_sm4_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ if (!may_use_simd()) {
+ crypto_sm4_decrypt(tfm, out, in);
+ } else {
+ kernel_neon_begin();
+ sm4_ce_do_crypt(ctx->rkey_dec, out, in);
+ kernel_neon_end();
+ }
+}
+
+static struct crypto_alg sm4_ce_alg = {
+ .cra_name = "sm4",
+ .cra_driver_name = "sm4-ce",
+ .cra_priority = 200,
+ .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
+ .cra_blocksize = SM4_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto_sm4_ctx),
+ .cra_module = THIS_MODULE,
+ .cra_u.cipher = {
+ .cia_min_keysize = SM4_KEY_SIZE,
+ .cia_max_keysize = SM4_KEY_SIZE,
+ .cia_setkey = crypto_sm4_set_key,
+ .cia_encrypt = sm4_ce_encrypt,
+ .cia_decrypt = sm4_ce_decrypt
+ }
+};
+
+static int __init sm4_ce_mod_init(void)
+{
+ return crypto_register_alg(&sm4_ce_alg);
+}
+
+static void __exit sm4_ce_mod_fini(void)
+{
+ crypto_unregister_alg(&sm4_ce_alg);
+}
+
+module_cpu_feature_match(SM3, sm4_ce_mod_init);
+module_exit(sm4_ce_mod_fini);
diff --git a/arch/x86/crypto/Makefile b/arch/x86/crypto/Makefile
index 5f07333bb224..a450ad573dcb 100644
--- a/arch/x86/crypto/Makefile
+++ b/arch/x86/crypto/Makefile
@@ -15,7 +15,6 @@ obj-$(CONFIG_CRYPTO_GLUE_HELPER_X86) += glue_helper.o
obj-$(CONFIG_CRYPTO_AES_586) += aes-i586.o
obj-$(CONFIG_CRYPTO_TWOFISH_586) += twofish-i586.o
-obj-$(CONFIG_CRYPTO_SALSA20_586) += salsa20-i586.o
obj-$(CONFIG_CRYPTO_SERPENT_SSE2_586) += serpent-sse2-i586.o
obj-$(CONFIG_CRYPTO_AES_X86_64) += aes-x86_64.o
@@ -24,7 +23,6 @@ obj-$(CONFIG_CRYPTO_CAMELLIA_X86_64) += camellia-x86_64.o
obj-$(CONFIG_CRYPTO_BLOWFISH_X86_64) += blowfish-x86_64.o
obj-$(CONFIG_CRYPTO_TWOFISH_X86_64) += twofish-x86_64.o
obj-$(CONFIG_CRYPTO_TWOFISH_X86_64_3WAY) += twofish-x86_64-3way.o
-obj-$(CONFIG_CRYPTO_SALSA20_X86_64) += salsa20-x86_64.o
obj-$(CONFIG_CRYPTO_CHACHA20_X86_64) += chacha20-x86_64.o
obj-$(CONFIG_CRYPTO_SERPENT_SSE2_X86_64) += serpent-sse2-x86_64.o
obj-$(CONFIG_CRYPTO_AES_NI_INTEL) += aesni-intel.o
@@ -38,6 +36,16 @@ obj-$(CONFIG_CRYPTO_SHA512_SSSE3) += sha512-ssse3.o
obj-$(CONFIG_CRYPTO_CRCT10DIF_PCLMUL) += crct10dif-pclmul.o
obj-$(CONFIG_CRYPTO_POLY1305_X86_64) += poly1305-x86_64.o
+obj-$(CONFIG_CRYPTO_AEGIS128_AESNI_SSE2) += aegis128-aesni.o
+obj-$(CONFIG_CRYPTO_AEGIS128L_AESNI_SSE2) += aegis128l-aesni.o
+obj-$(CONFIG_CRYPTO_AEGIS256_AESNI_SSE2) += aegis256-aesni.o
+
+obj-$(CONFIG_CRYPTO_MORUS640_GLUE) += morus640_glue.o
+obj-$(CONFIG_CRYPTO_MORUS1280_GLUE) += morus1280_glue.o
+
+obj-$(CONFIG_CRYPTO_MORUS640_SSE2) += morus640-sse2.o
+obj-$(CONFIG_CRYPTO_MORUS1280_SSE2) += morus1280-sse2.o
+
# These modules require assembler to support AVX.
ifeq ($(avx_supported),yes)
obj-$(CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64) += \
@@ -55,11 +63,12 @@ ifeq ($(avx2_supported),yes)
obj-$(CONFIG_CRYPTO_SHA1_MB) += sha1-mb/
obj-$(CONFIG_CRYPTO_SHA256_MB) += sha256-mb/
obj-$(CONFIG_CRYPTO_SHA512_MB) += sha512-mb/
+
+ obj-$(CONFIG_CRYPTO_MORUS1280_AVX2) += morus1280-avx2.o
endif
aes-i586-y := aes-i586-asm_32.o aes_glue.o
twofish-i586-y := twofish-i586-asm_32.o twofish_glue.o
-salsa20-i586-y := salsa20-i586-asm_32.o salsa20_glue.o
serpent-sse2-i586-y := serpent-sse2-i586-asm_32.o serpent_sse2_glue.o
aes-x86_64-y := aes-x86_64-asm_64.o aes_glue.o
@@ -68,10 +77,16 @@ camellia-x86_64-y := camellia-x86_64-asm_64.o camellia_glue.o
blowfish-x86_64-y := blowfish-x86_64-asm_64.o blowfish_glue.o
twofish-x86_64-y := twofish-x86_64-asm_64.o twofish_glue.o
twofish-x86_64-3way-y := twofish-x86_64-asm_64-3way.o twofish_glue_3way.o
-salsa20-x86_64-y := salsa20-x86_64-asm_64.o salsa20_glue.o
chacha20-x86_64-y := chacha20-ssse3-x86_64.o chacha20_glue.o
serpent-sse2-x86_64-y := serpent-sse2-x86_64-asm_64.o serpent_sse2_glue.o
+aegis128-aesni-y := aegis128-aesni-asm.o aegis128-aesni-glue.o
+aegis128l-aesni-y := aegis128l-aesni-asm.o aegis128l-aesni-glue.o
+aegis256-aesni-y := aegis256-aesni-asm.o aegis256-aesni-glue.o
+
+morus640-sse2-y := morus640-sse2-asm.o morus640-sse2-glue.o
+morus1280-sse2-y := morus1280-sse2-asm.o morus1280-sse2-glue.o
+
ifeq ($(avx_supported),yes)
camellia-aesni-avx-x86_64-y := camellia-aesni-avx-asm_64.o \
camellia_aesni_avx_glue.o
@@ -87,6 +102,8 @@ ifeq ($(avx2_supported),yes)
camellia-aesni-avx2-y := camellia-aesni-avx2-asm_64.o camellia_aesni_avx2_glue.o
chacha20-x86_64-y += chacha20-avx2-x86_64.o
serpent-avx2-y := serpent-avx2-asm_64.o serpent_avx2_glue.o
+
+ morus1280-avx2-y := morus1280-avx2-asm.o morus1280-avx2-glue.o
endif
aesni-intel-y := aesni-intel_asm.o aesni-intel_glue.o fpu.o
diff --git a/arch/x86/crypto/aegis128-aesni-asm.S b/arch/x86/crypto/aegis128-aesni-asm.S
new file mode 100644
index 000000000000..9254e0b6cc06
--- /dev/null
+++ b/arch/x86/crypto/aegis128-aesni-asm.S
@@ -0,0 +1,749 @@
+/*
+ * AES-NI + SSE2 implementation of AEGIS-128
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/linkage.h>
+#include <asm/frame.h>
+
+#define STATE0 %xmm0
+#define STATE1 %xmm1
+#define STATE2 %xmm2
+#define STATE3 %xmm3
+#define STATE4 %xmm4
+#define KEY %xmm5
+#define MSG %xmm5
+#define T0 %xmm6
+#define T1 %xmm7
+
+#define STATEP %rdi
+#define LEN %rsi
+#define SRC %rdx
+#define DST %rcx
+
+.section .rodata.cst16.aegis128_const, "aM", @progbits, 32
+.align 16
+.Laegis128_const_0:
+ .byte 0x00, 0x01, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d
+ .byte 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62
+.Laegis128_const_1:
+ .byte 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1
+ .byte 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd
+
+.section .rodata.cst16.aegis128_counter, "aM", @progbits, 16
+.align 16
+.Laegis128_counter:
+ .byte 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+ .byte 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+
+.text
+
+/*
+ * aegis128_update
+ * input:
+ * STATE[0-4] - input state
+ * output:
+ * STATE[0-4] - output state (shifted positions)
+ * changed:
+ * T0
+ */
+.macro aegis128_update
+ movdqa STATE4, T0
+ aesenc STATE0, STATE4
+ aesenc STATE1, STATE0
+ aesenc STATE2, STATE1
+ aesenc STATE3, STATE2
+ aesenc T0, STATE3
+.endm
+
+/*
+ * __load_partial: internal ABI
+ * input:
+ * LEN - bytes
+ * SRC - src
+ * output:
+ * MSG - message block
+ * changed:
+ * T0
+ * %r8
+ * %r9
+ */
+__load_partial:
+ xor %r9, %r9
+ pxor MSG, MSG
+
+ mov LEN, %r8
+ and $0x1, %r8
+ jz .Lld_partial_1
+
+ mov LEN, %r8
+ and $0x1E, %r8
+ add SRC, %r8
+ mov (%r8), %r9b
+
+.Lld_partial_1:
+ mov LEN, %r8
+ and $0x2, %r8
+ jz .Lld_partial_2
+
+ mov LEN, %r8
+ and $0x1C, %r8
+ add SRC, %r8
+ shl $0x10, %r9
+ mov (%r8), %r9w
+
+.Lld_partial_2:
+ mov LEN, %r8
+ and $0x4, %r8
+ jz .Lld_partial_4
+
+ mov LEN, %r8
+ and $0x18, %r8
+ add SRC, %r8
+ shl $32, %r9
+ mov (%r8), %r8d
+ xor %r8, %r9
+
+.Lld_partial_4:
+ movq %r9, MSG
+
+ mov LEN, %r8
+ and $0x8, %r8
+ jz .Lld_partial_8
+
+ mov LEN, %r8
+ and $0x10, %r8
+ add SRC, %r8
+ pslldq $8, MSG
+ movq (%r8), T0
+ pxor T0, MSG
+
+.Lld_partial_8:
+ ret
+ENDPROC(__load_partial)
+
+/*
+ * __store_partial: internal ABI
+ * input:
+ * LEN - bytes
+ * DST - dst
+ * output:
+ * T0 - message block
+ * changed:
+ * %r8
+ * %r9
+ * %r10
+ */
+__store_partial:
+ mov LEN, %r8
+ mov DST, %r9
+
+ movq T0, %r10
+
+ cmp $8, %r8
+ jl .Lst_partial_8
+
+ mov %r10, (%r9)
+ psrldq $8, T0
+ movq T0, %r10
+
+ sub $8, %r8
+ add $8, %r9
+
+.Lst_partial_8:
+ cmp $4, %r8
+ jl .Lst_partial_4
+
+ mov %r10d, (%r9)
+ shr $32, %r10
+
+ sub $4, %r8
+ add $4, %r9
+
+.Lst_partial_4:
+ cmp $2, %r8
+ jl .Lst_partial_2
+
+ mov %r10w, (%r9)
+ shr $0x10, %r10
+
+ sub $2, %r8
+ add $2, %r9
+
+.Lst_partial_2:
+ cmp $1, %r8
+ jl .Lst_partial_1
+
+ mov %r10b, (%r9)
+
+.Lst_partial_1:
+ ret
+ENDPROC(__store_partial)
+
+/*
+ * void crypto_aegis128_aesni_init(void *state, const void *key, const void *iv);
+ */
+ENTRY(crypto_aegis128_aesni_init)
+ FRAME_BEGIN
+
+ /* load IV: */
+ movdqu (%rdx), T1
+
+ /* load key: */
+ movdqa (%rsi), KEY
+ pxor KEY, T1
+ movdqa T1, STATE0
+ movdqa KEY, STATE3
+ movdqa KEY, STATE4
+
+ /* load the constants: */
+ movdqa .Laegis128_const_0, STATE2
+ movdqa .Laegis128_const_1, STATE1
+ pxor STATE2, STATE3
+ pxor STATE1, STATE4
+
+ /* update 10 times with KEY / KEY xor IV: */
+ aegis128_update; pxor KEY, STATE4
+ aegis128_update; pxor T1, STATE3
+ aegis128_update; pxor KEY, STATE2
+ aegis128_update; pxor T1, STATE1
+ aegis128_update; pxor KEY, STATE0
+ aegis128_update; pxor T1, STATE4
+ aegis128_update; pxor KEY, STATE3
+ aegis128_update; pxor T1, STATE2
+ aegis128_update; pxor KEY, STATE1
+ aegis128_update; pxor T1, STATE0
+
+ /* store the state: */
+ movdqu STATE0, 0x00(STATEP)
+ movdqu STATE1, 0x10(STATEP)
+ movdqu STATE2, 0x20(STATEP)
+ movdqu STATE3, 0x30(STATEP)
+ movdqu STATE4, 0x40(STATEP)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128_aesni_init)
+
+/*
+ * void crypto_aegis128_aesni_ad(void *state, unsigned int length,
+ * const void *data);
+ */
+ENTRY(crypto_aegis128_aesni_ad)
+ FRAME_BEGIN
+
+ cmp $0x10, LEN
+ jb .Lad_out
+
+ /* load the state: */
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+
+ mov SRC, %r8
+ and $0xF, %r8
+ jnz .Lad_u_loop
+
+.align 8
+.Lad_a_loop:
+ movdqa 0x00(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE4
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_1
+
+ movdqa 0x10(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE3
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_2
+
+ movdqa 0x20(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE2
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_3
+
+ movdqa 0x30(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE1
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_4
+
+ movdqa 0x40(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE0
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_0
+
+ add $0x50, SRC
+ jmp .Lad_a_loop
+
+.align 8
+.Lad_u_loop:
+ movdqu 0x00(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE4
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_1
+
+ movdqu 0x10(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE3
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_2
+
+ movdqu 0x20(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE2
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_3
+
+ movdqu 0x30(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE1
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_4
+
+ movdqu 0x40(SRC), MSG
+ aegis128_update
+ pxor MSG, STATE0
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_0
+
+ add $0x50, SRC
+ jmp .Lad_u_loop
+
+ /* store the state: */
+.Lad_out_0:
+ movdqu STATE0, 0x00(STATEP)
+ movdqu STATE1, 0x10(STATEP)
+ movdqu STATE2, 0x20(STATEP)
+ movdqu STATE3, 0x30(STATEP)
+ movdqu STATE4, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lad_out_1:
+ movdqu STATE4, 0x00(STATEP)
+ movdqu STATE0, 0x10(STATEP)
+ movdqu STATE1, 0x20(STATEP)
+ movdqu STATE2, 0x30(STATEP)
+ movdqu STATE3, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lad_out_2:
+ movdqu STATE3, 0x00(STATEP)
+ movdqu STATE4, 0x10(STATEP)
+ movdqu STATE0, 0x20(STATEP)
+ movdqu STATE1, 0x30(STATEP)
+ movdqu STATE2, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lad_out_3:
+ movdqu STATE2, 0x00(STATEP)
+ movdqu STATE3, 0x10(STATEP)
+ movdqu STATE4, 0x20(STATEP)
+ movdqu STATE0, 0x30(STATEP)
+ movdqu STATE1, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lad_out_4:
+ movdqu STATE1, 0x00(STATEP)
+ movdqu STATE2, 0x10(STATEP)
+ movdqu STATE3, 0x20(STATEP)
+ movdqu STATE4, 0x30(STATEP)
+ movdqu STATE0, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lad_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128_aesni_ad)
+
+.macro encrypt_block a s0 s1 s2 s3 s4 i
+ movdq\a (\i * 0x10)(SRC), MSG
+ movdqa MSG, T0
+ pxor \s1, T0
+ pxor \s4, T0
+ movdqa \s2, T1
+ pand \s3, T1
+ pxor T1, T0
+ movdq\a T0, (\i * 0x10)(DST)
+
+ aegis128_update
+ pxor MSG, \s4
+
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lenc_out_\i
+.endm
+
+/*
+ * void crypto_aegis128_aesni_enc(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128_aesni_enc)
+ FRAME_BEGIN
+
+ cmp $0x10, LEN
+ jb .Lenc_out
+
+ /* load the state: */
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+
+ mov SRC, %r8
+ or DST, %r8
+ and $0xF, %r8
+ jnz .Lenc_u_loop
+
+.align 8
+.Lenc_a_loop:
+ encrypt_block a STATE0 STATE1 STATE2 STATE3 STATE4 0
+ encrypt_block a STATE4 STATE0 STATE1 STATE2 STATE3 1
+ encrypt_block a STATE3 STATE4 STATE0 STATE1 STATE2 2
+ encrypt_block a STATE2 STATE3 STATE4 STATE0 STATE1 3
+ encrypt_block a STATE1 STATE2 STATE3 STATE4 STATE0 4
+
+ add $0x50, SRC
+ add $0x50, DST
+ jmp .Lenc_a_loop
+
+.align 8
+.Lenc_u_loop:
+ encrypt_block u STATE0 STATE1 STATE2 STATE3 STATE4 0
+ encrypt_block u STATE4 STATE0 STATE1 STATE2 STATE3 1
+ encrypt_block u STATE3 STATE4 STATE0 STATE1 STATE2 2
+ encrypt_block u STATE2 STATE3 STATE4 STATE0 STATE1 3
+ encrypt_block u STATE1 STATE2 STATE3 STATE4 STATE0 4
+
+ add $0x50, SRC
+ add $0x50, DST
+ jmp .Lenc_u_loop
+
+ /* store the state: */
+.Lenc_out_0:
+ movdqu STATE4, 0x00(STATEP)
+ movdqu STATE0, 0x10(STATEP)
+ movdqu STATE1, 0x20(STATEP)
+ movdqu STATE2, 0x30(STATEP)
+ movdqu STATE3, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lenc_out_1:
+ movdqu STATE3, 0x00(STATEP)
+ movdqu STATE4, 0x10(STATEP)
+ movdqu STATE0, 0x20(STATEP)
+ movdqu STATE1, 0x30(STATEP)
+ movdqu STATE2, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lenc_out_2:
+ movdqu STATE2, 0x00(STATEP)
+ movdqu STATE3, 0x10(STATEP)
+ movdqu STATE4, 0x20(STATEP)
+ movdqu STATE0, 0x30(STATEP)
+ movdqu STATE1, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lenc_out_3:
+ movdqu STATE1, 0x00(STATEP)
+ movdqu STATE2, 0x10(STATEP)
+ movdqu STATE3, 0x20(STATEP)
+ movdqu STATE4, 0x30(STATEP)
+ movdqu STATE0, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lenc_out_4:
+ movdqu STATE0, 0x00(STATEP)
+ movdqu STATE1, 0x10(STATEP)
+ movdqu STATE2, 0x20(STATEP)
+ movdqu STATE3, 0x30(STATEP)
+ movdqu STATE4, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Lenc_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128_aesni_enc)
+
+/*
+ * void crypto_aegis128_aesni_enc_tail(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128_aesni_enc_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+
+ /* encrypt message: */
+ call __load_partial
+
+ movdqa MSG, T0
+ pxor STATE1, T0
+ pxor STATE4, T0
+ movdqa STATE2, T1
+ pand STATE3, T1
+ pxor T1, T0
+
+ call __store_partial
+
+ aegis128_update
+ pxor MSG, STATE4
+
+ /* store the state: */
+ movdqu STATE4, 0x00(STATEP)
+ movdqu STATE0, 0x10(STATEP)
+ movdqu STATE1, 0x20(STATEP)
+ movdqu STATE2, 0x30(STATEP)
+ movdqu STATE3, 0x40(STATEP)
+
+ FRAME_END
+ENDPROC(crypto_aegis128_aesni_enc_tail)
+
+.macro decrypt_block a s0 s1 s2 s3 s4 i
+ movdq\a (\i * 0x10)(SRC), MSG
+ pxor \s1, MSG
+ pxor \s4, MSG
+ movdqa \s2, T1
+ pand \s3, T1
+ pxor T1, MSG
+ movdq\a MSG, (\i * 0x10)(DST)
+
+ aegis128_update
+ pxor MSG, \s4
+
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Ldec_out_\i
+.endm
+
+/*
+ * void crypto_aegis128_aesni_dec(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128_aesni_dec)
+ FRAME_BEGIN
+
+ cmp $0x10, LEN
+ jb .Ldec_out
+
+ /* load the state: */
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+
+ mov SRC, %r8
+ or DST, %r8
+ and $0xF, %r8
+ jnz .Ldec_u_loop
+
+.align 8
+.Ldec_a_loop:
+ decrypt_block a STATE0 STATE1 STATE2 STATE3 STATE4 0
+ decrypt_block a STATE4 STATE0 STATE1 STATE2 STATE3 1
+ decrypt_block a STATE3 STATE4 STATE0 STATE1 STATE2 2
+ decrypt_block a STATE2 STATE3 STATE4 STATE0 STATE1 3
+ decrypt_block a STATE1 STATE2 STATE3 STATE4 STATE0 4
+
+ add $0x50, SRC
+ add $0x50, DST
+ jmp .Ldec_a_loop
+
+.align 8
+.Ldec_u_loop:
+ decrypt_block u STATE0 STATE1 STATE2 STATE3 STATE4 0
+ decrypt_block u STATE4 STATE0 STATE1 STATE2 STATE3 1
+ decrypt_block u STATE3 STATE4 STATE0 STATE1 STATE2 2
+ decrypt_block u STATE2 STATE3 STATE4 STATE0 STATE1 3
+ decrypt_block u STATE1 STATE2 STATE3 STATE4 STATE0 4
+
+ add $0x50, SRC
+ add $0x50, DST
+ jmp .Ldec_u_loop
+
+ /* store the state: */
+.Ldec_out_0:
+ movdqu STATE4, 0x00(STATEP)
+ movdqu STATE0, 0x10(STATEP)
+ movdqu STATE1, 0x20(STATEP)
+ movdqu STATE2, 0x30(STATEP)
+ movdqu STATE3, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Ldec_out_1:
+ movdqu STATE3, 0x00(STATEP)
+ movdqu STATE4, 0x10(STATEP)
+ movdqu STATE0, 0x20(STATEP)
+ movdqu STATE1, 0x30(STATEP)
+ movdqu STATE2, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Ldec_out_2:
+ movdqu STATE2, 0x00(STATEP)
+ movdqu STATE3, 0x10(STATEP)
+ movdqu STATE4, 0x20(STATEP)
+ movdqu STATE0, 0x30(STATEP)
+ movdqu STATE1, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Ldec_out_3:
+ movdqu STATE1, 0x00(STATEP)
+ movdqu STATE2, 0x10(STATEP)
+ movdqu STATE3, 0x20(STATEP)
+ movdqu STATE4, 0x30(STATEP)
+ movdqu STATE0, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Ldec_out_4:
+ movdqu STATE0, 0x00(STATEP)
+ movdqu STATE1, 0x10(STATEP)
+ movdqu STATE2, 0x20(STATEP)
+ movdqu STATE3, 0x30(STATEP)
+ movdqu STATE4, 0x40(STATEP)
+ FRAME_END
+ ret
+
+.Ldec_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128_aesni_dec)
+
+/*
+ * void crypto_aegis128_aesni_dec_tail(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128_aesni_dec_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+
+ /* decrypt message: */
+ call __load_partial
+
+ pxor STATE1, MSG
+ pxor STATE4, MSG
+ movdqa STATE2, T1
+ pand STATE3, T1
+ pxor T1, MSG
+
+ movdqa MSG, T0
+ call __store_partial
+
+ /* mask with byte count: */
+ movq LEN, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ movdqa .Laegis128_counter, T1
+ pcmpgtb T1, T0
+ pand T0, MSG
+
+ aegis128_update
+ pxor MSG, STATE4
+
+ /* store the state: */
+ movdqu STATE4, 0x00(STATEP)
+ movdqu STATE0, 0x10(STATEP)
+ movdqu STATE1, 0x20(STATEP)
+ movdqu STATE2, 0x30(STATEP)
+ movdqu STATE3, 0x40(STATEP)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128_aesni_dec_tail)
+
+/*
+ * void crypto_aegis128_aesni_final(void *state, void *tag_xor,
+ * u64 assoclen, u64 cryptlen);
+ */
+ENTRY(crypto_aegis128_aesni_final)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+
+ /* prepare length block: */
+ movq %rdx, MSG
+ movq %rcx, T0
+ pslldq $8, T0
+ pxor T0, MSG
+ psllq $3, MSG /* multiply by 8 (to get bit count) */
+
+ pxor STATE3, MSG
+
+ /* update state: */
+ aegis128_update; pxor MSG, STATE4
+ aegis128_update; pxor MSG, STATE3
+ aegis128_update; pxor MSG, STATE2
+ aegis128_update; pxor MSG, STATE1
+ aegis128_update; pxor MSG, STATE0
+ aegis128_update; pxor MSG, STATE4
+ aegis128_update; pxor MSG, STATE3
+
+ /* xor tag: */
+ movdqu (%rsi), MSG
+
+ pxor STATE0, MSG
+ pxor STATE1, MSG
+ pxor STATE2, MSG
+ pxor STATE3, MSG
+ pxor STATE4, MSG
+
+ movdqu MSG, (%rsi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128_aesni_final)
diff --git a/arch/x86/crypto/aegis128-aesni-glue.c b/arch/x86/crypto/aegis128-aesni-glue.c
new file mode 100644
index 000000000000..5de7c0d46edf
--- /dev/null
+++ b/arch/x86/crypto/aegis128-aesni-glue.c
@@ -0,0 +1,407 @@
+/*
+ * The AEGIS-128 Authenticated-Encryption Algorithm
+ * Glue for AES-NI + SSE2 implementation
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/cryptd.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/scatterwalk.h>
+#include <linux/module.h>
+#include <asm/fpu/api.h>
+#include <asm/cpu_device_id.h>
+
+#define AEGIS128_BLOCK_ALIGN 16
+#define AEGIS128_BLOCK_SIZE 16
+#define AEGIS128_NONCE_SIZE 16
+#define AEGIS128_STATE_BLOCKS 5
+#define AEGIS128_KEY_SIZE 16
+#define AEGIS128_MIN_AUTH_SIZE 8
+#define AEGIS128_MAX_AUTH_SIZE 16
+
+asmlinkage void crypto_aegis128_aesni_init(void *state, void *key, void *iv);
+
+asmlinkage void crypto_aegis128_aesni_ad(
+ void *state, unsigned int length, const void *data);
+
+asmlinkage void crypto_aegis128_aesni_enc(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128_aesni_dec(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128_aesni_enc_tail(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128_aesni_dec_tail(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128_aesni_final(
+ void *state, void *tag_xor, unsigned int cryptlen,
+ unsigned int assoclen);
+
+struct aegis_block {
+ u8 bytes[AEGIS128_BLOCK_SIZE] __aligned(AEGIS128_BLOCK_ALIGN);
+};
+
+struct aegis_state {
+ struct aegis_block blocks[AEGIS128_STATE_BLOCKS];
+};
+
+struct aegis_ctx {
+ struct aegis_block key;
+};
+
+struct aegis_crypt_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_blocks)(void *state, unsigned int length, const void *src,
+ void *dst);
+ void (*crypt_tail)(void *state, unsigned int length, const void *src,
+ void *dst);
+};
+
+static void crypto_aegis128_aesni_process_ad(
+ struct aegis_state *state, struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ struct aegis_block buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= AEGIS128_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = AEGIS128_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ crypto_aegis128_aesni_ad(state,
+ AEGIS128_BLOCK_SIZE,
+ buf.bytes);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_aegis128_aesni_ad(state, left, src);
+
+ src += left & ~(AEGIS128_BLOCK_SIZE - 1);
+ left &= AEGIS128_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+ pos += left;
+ assoclen -= size;
+
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, AEGIS128_BLOCK_SIZE - pos);
+ crypto_aegis128_aesni_ad(state, AEGIS128_BLOCK_SIZE, buf.bytes);
+ }
+}
+
+static void crypto_aegis128_aesni_process_crypt(
+ struct aegis_state *state, struct aead_request *req,
+ const struct aegis_crypt_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *src, *dst;
+ unsigned int chunksize, base;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops->crypt_blocks(state, chunksize, src, dst);
+
+ base = chunksize & ~(AEGIS128_BLOCK_SIZE - 1);
+ src += base;
+ dst += base;
+ chunksize &= AEGIS128_BLOCK_SIZE - 1;
+
+ if (chunksize > 0)
+ ops->crypt_tail(state, chunksize, src, dst);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static struct aegis_ctx *crypto_aegis128_aesni_ctx(struct crypto_aead *aead)
+{
+ u8 *ctx = crypto_aead_ctx(aead);
+ ctx = PTR_ALIGN(ctx, __alignof__(struct aegis_ctx));
+ return (void *)ctx;
+}
+
+static int crypto_aegis128_aesni_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct aegis_ctx *ctx = crypto_aegis128_aesni_ctx(aead);
+
+ if (keylen != AEGIS128_KEY_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ memcpy(ctx->key.bytes, key, AEGIS128_KEY_SIZE);
+
+ return 0;
+}
+
+static int crypto_aegis128_aesni_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ if (authsize > AEGIS128_MAX_AUTH_SIZE)
+ return -EINVAL;
+ if (authsize < AEGIS128_MIN_AUTH_SIZE)
+ return -EINVAL;
+ return 0;
+}
+
+static void crypto_aegis128_aesni_crypt(struct aead_request *req,
+ struct aegis_block *tag_xor,
+ unsigned int cryptlen,
+ const struct aegis_crypt_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_ctx *ctx = crypto_aegis128_aesni_ctx(tfm);
+ struct aegis_state state;
+
+ kernel_fpu_begin();
+
+ crypto_aegis128_aesni_init(&state, ctx->key.bytes, req->iv);
+ crypto_aegis128_aesni_process_ad(&state, req->src, req->assoclen);
+ crypto_aegis128_aesni_process_crypt(&state, req, ops);
+ crypto_aegis128_aesni_final(&state, tag_xor, req->assoclen, cryptlen);
+
+ kernel_fpu_end();
+}
+
+static int crypto_aegis128_aesni_encrypt(struct aead_request *req)
+{
+ static const struct aegis_crypt_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_blocks = crypto_aegis128_aesni_enc,
+ .crypt_tail = crypto_aegis128_aesni_enc_tail,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_aegis128_aesni_crypt(req, &tag, cryptlen, &OPS);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst,
+ req->assoclen + cryptlen, authsize, 1);
+ return 0;
+}
+
+static int crypto_aegis128_aesni_decrypt(struct aead_request *req)
+{
+ static const struct aegis_block zeros = {};
+
+ static const struct aegis_crypt_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_blocks = crypto_aegis128_aesni_dec,
+ .crypt_tail = crypto_aegis128_aesni_dec_tail,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src,
+ req->assoclen + cryptlen, authsize, 0);
+
+ crypto_aegis128_aesni_crypt(req, &tag, cryptlen, &OPS);
+
+ return crypto_memneq(tag.bytes, zeros.bytes, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_aegis128_aesni_init_tfm(struct crypto_aead *aead)
+{
+ return 0;
+}
+
+static void crypto_aegis128_aesni_exit_tfm(struct crypto_aead *aead)
+{
+}
+
+static int cryptd_aegis128_aesni_setkey(struct crypto_aead *aead,
+ const u8 *key, unsigned int keylen)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setkey(&cryptd_tfm->base, key, keylen);
+}
+
+static int cryptd_aegis128_aesni_setauthsize(struct crypto_aead *aead,
+ unsigned int authsize)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setauthsize(&cryptd_tfm->base, authsize);
+}
+
+static int cryptd_aegis128_aesni_encrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_encrypt(req);
+}
+
+static int cryptd_aegis128_aesni_decrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_decrypt(req);
+}
+
+static int cryptd_aegis128_aesni_init_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead *cryptd_tfm;
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_tfm = cryptd_alloc_aead("__aegis128-aesni", CRYPTO_ALG_INTERNAL,
+ CRYPTO_ALG_INTERNAL);
+ if (IS_ERR(cryptd_tfm))
+ return PTR_ERR(cryptd_tfm);
+
+ *ctx = cryptd_tfm;
+ crypto_aead_set_reqsize(aead, crypto_aead_reqsize(&cryptd_tfm->base));
+ return 0;
+}
+
+static void cryptd_aegis128_aesni_exit_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_free_aead(*ctx);
+}
+
+static struct aead_alg crypto_aegis128_aesni_alg[] = {
+ {
+ .setkey = crypto_aegis128_aesni_setkey,
+ .setauthsize = crypto_aegis128_aesni_setauthsize,
+ .encrypt = crypto_aegis128_aesni_encrypt,
+ .decrypt = crypto_aegis128_aesni_decrypt,
+ .init = crypto_aegis128_aesni_init_tfm,
+ .exit = crypto_aegis128_aesni_exit_tfm,
+
+ .ivsize = AEGIS128_NONCE_SIZE,
+ .maxauthsize = AEGIS128_MAX_AUTH_SIZE,
+ .chunksize = AEGIS128_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_INTERNAL,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct aegis_ctx) +
+ __alignof__(struct aegis_ctx),
+ .cra_alignmask = 0,
+
+ .cra_name = "__aegis128",
+ .cra_driver_name = "__aegis128-aesni",
+
+ .cra_module = THIS_MODULE,
+ }
+ }, {
+ .setkey = cryptd_aegis128_aesni_setkey,
+ .setauthsize = cryptd_aegis128_aesni_setauthsize,
+ .encrypt = cryptd_aegis128_aesni_encrypt,
+ .decrypt = cryptd_aegis128_aesni_decrypt,
+ .init = cryptd_aegis128_aesni_init_tfm,
+ .exit = cryptd_aegis128_aesni_exit_tfm,
+
+ .ivsize = AEGIS128_NONCE_SIZE,
+ .maxauthsize = AEGIS128_MAX_AUTH_SIZE,
+ .chunksize = AEGIS128_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_ASYNC,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct cryptd_aead *),
+ .cra_alignmask = 0,
+
+ .cra_priority = 400,
+
+ .cra_name = "aegis128",
+ .cra_driver_name = "aegis128-aesni",
+
+ .cra_module = THIS_MODULE,
+ }
+ }
+};
+
+static const struct x86_cpu_id aesni_cpu_id[] = {
+ X86_FEATURE_MATCH(X86_FEATURE_AES),
+ X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+ {}
+};
+MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
+
+static int __init crypto_aegis128_aesni_module_init(void)
+{
+ if (!x86_match_cpu(aesni_cpu_id))
+ return -ENODEV;
+
+ return crypto_register_aeads(crypto_aegis128_aesni_alg,
+ ARRAY_SIZE(crypto_aegis128_aesni_alg));
+}
+
+static void __exit crypto_aegis128_aesni_module_exit(void)
+{
+ crypto_unregister_aeads(crypto_aegis128_aesni_alg,
+ ARRAY_SIZE(crypto_aegis128_aesni_alg));
+}
+
+module_init(crypto_aegis128_aesni_module_init);
+module_exit(crypto_aegis128_aesni_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("AEGIS-128 AEAD algorithm -- AESNI+SSE2 implementation");
+MODULE_ALIAS_CRYPTO("aegis128");
+MODULE_ALIAS_CRYPTO("aegis128-aesni");
diff --git a/arch/x86/crypto/aegis128l-aesni-asm.S b/arch/x86/crypto/aegis128l-aesni-asm.S
new file mode 100644
index 000000000000..9263c344f2c7
--- /dev/null
+++ b/arch/x86/crypto/aegis128l-aesni-asm.S
@@ -0,0 +1,825 @@
+/*
+ * AES-NI + SSE2 implementation of AEGIS-128L
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/linkage.h>
+#include <asm/frame.h>
+
+#define STATE0 %xmm0
+#define STATE1 %xmm1
+#define STATE2 %xmm2
+#define STATE3 %xmm3
+#define STATE4 %xmm4
+#define STATE5 %xmm5
+#define STATE6 %xmm6
+#define STATE7 %xmm7
+#define MSG0 %xmm8
+#define MSG1 %xmm9
+#define T0 %xmm10
+#define T1 %xmm11
+#define T2 %xmm12
+#define T3 %xmm13
+
+#define STATEP %rdi
+#define LEN %rsi
+#define SRC %rdx
+#define DST %rcx
+
+.section .rodata.cst16.aegis128l_const, "aM", @progbits, 32
+.align 16
+.Laegis128l_const_0:
+ .byte 0x00, 0x01, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d
+ .byte 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62
+.Laegis128l_const_1:
+ .byte 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1
+ .byte 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd
+
+.section .rodata.cst16.aegis128l_counter, "aM", @progbits, 16
+.align 16
+.Laegis128l_counter0:
+ .byte 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+ .byte 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+.Laegis128l_counter1:
+ .byte 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
+ .byte 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+
+.text
+
+/*
+ * __load_partial: internal ABI
+ * input:
+ * LEN - bytes
+ * SRC - src
+ * output:
+ * MSG0 - first message block
+ * MSG1 - second message block
+ * changed:
+ * T0
+ * %r8
+ * %r9
+ */
+__load_partial:
+ xor %r9, %r9
+ pxor MSG0, MSG0
+ pxor MSG1, MSG1
+
+ mov LEN, %r8
+ and $0x1, %r8
+ jz .Lld_partial_1
+
+ mov LEN, %r8
+ and $0x1E, %r8
+ add SRC, %r8
+ mov (%r8), %r9b
+
+.Lld_partial_1:
+ mov LEN, %r8
+ and $0x2, %r8
+ jz .Lld_partial_2
+
+ mov LEN, %r8
+ and $0x1C, %r8
+ add SRC, %r8
+ shl $0x10, %r9
+ mov (%r8), %r9w
+
+.Lld_partial_2:
+ mov LEN, %r8
+ and $0x4, %r8
+ jz .Lld_partial_4
+
+ mov LEN, %r8
+ and $0x18, %r8
+ add SRC, %r8
+ shl $32, %r9
+ mov (%r8), %r8d
+ xor %r8, %r9
+
+.Lld_partial_4:
+ movq %r9, MSG0
+
+ mov LEN, %r8
+ and $0x8, %r8
+ jz .Lld_partial_8
+
+ mov LEN, %r8
+ and $0x10, %r8
+ add SRC, %r8
+ pslldq $8, MSG0
+ movq (%r8), T0
+ pxor T0, MSG0
+
+.Lld_partial_8:
+ mov LEN, %r8
+ and $0x10, %r8
+ jz .Lld_partial_16
+
+ movdqa MSG0, MSG1
+ movdqu (SRC), MSG0
+
+.Lld_partial_16:
+ ret
+ENDPROC(__load_partial)
+
+/*
+ * __store_partial: internal ABI
+ * input:
+ * LEN - bytes
+ * DST - dst
+ * output:
+ * T0 - first message block
+ * T1 - second message block
+ * changed:
+ * %r8
+ * %r9
+ * %r10
+ */
+__store_partial:
+ mov LEN, %r8
+ mov DST, %r9
+
+ cmp $16, %r8
+ jl .Lst_partial_16
+
+ movdqu T0, (%r9)
+ movdqa T1, T0
+
+ sub $16, %r8
+ add $16, %r9
+
+.Lst_partial_16:
+ movq T0, %r10
+
+ cmp $8, %r8
+ jl .Lst_partial_8
+
+ mov %r10, (%r9)
+ psrldq $8, T0
+ movq T0, %r10
+
+ sub $8, %r8
+ add $8, %r9
+
+.Lst_partial_8:
+ cmp $4, %r8
+ jl .Lst_partial_4
+
+ mov %r10d, (%r9)
+ shr $32, %r10
+
+ sub $4, %r8
+ add $4, %r9
+
+.Lst_partial_4:
+ cmp $2, %r8
+ jl .Lst_partial_2
+
+ mov %r10w, (%r9)
+ shr $0x10, %r10
+
+ sub $2, %r8
+ add $2, %r9
+
+.Lst_partial_2:
+ cmp $1, %r8
+ jl .Lst_partial_1
+
+ mov %r10b, (%r9)
+
+.Lst_partial_1:
+ ret
+ENDPROC(__store_partial)
+
+.macro update
+ movdqa STATE7, T0
+ aesenc STATE0, STATE7
+ aesenc STATE1, STATE0
+ aesenc STATE2, STATE1
+ aesenc STATE3, STATE2
+ aesenc STATE4, STATE3
+ aesenc STATE5, STATE4
+ aesenc STATE6, STATE5
+ aesenc T0, STATE6
+.endm
+
+.macro update0
+ update
+ pxor MSG0, STATE7
+ pxor MSG1, STATE3
+.endm
+
+.macro update1
+ update
+ pxor MSG0, STATE6
+ pxor MSG1, STATE2
+.endm
+
+.macro update2
+ update
+ pxor MSG0, STATE5
+ pxor MSG1, STATE1
+.endm
+
+.macro update3
+ update
+ pxor MSG0, STATE4
+ pxor MSG1, STATE0
+.endm
+
+.macro update4
+ update
+ pxor MSG0, STATE3
+ pxor MSG1, STATE7
+.endm
+
+.macro update5
+ update
+ pxor MSG0, STATE2
+ pxor MSG1, STATE6
+.endm
+
+.macro update6
+ update
+ pxor MSG0, STATE1
+ pxor MSG1, STATE5
+.endm
+
+.macro update7
+ update
+ pxor MSG0, STATE0
+ pxor MSG1, STATE4
+.endm
+
+.macro state_load
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+ movdqu 0x50(STATEP), STATE5
+ movdqu 0x60(STATEP), STATE6
+ movdqu 0x70(STATEP), STATE7
+.endm
+
+.macro state_store s0 s1 s2 s3 s4 s5 s6 s7
+ movdqu \s7, 0x00(STATEP)
+ movdqu \s0, 0x10(STATEP)
+ movdqu \s1, 0x20(STATEP)
+ movdqu \s2, 0x30(STATEP)
+ movdqu \s3, 0x40(STATEP)
+ movdqu \s4, 0x50(STATEP)
+ movdqu \s5, 0x60(STATEP)
+ movdqu \s6, 0x70(STATEP)
+.endm
+
+.macro state_store0
+ state_store STATE0 STATE1 STATE2 STATE3 STATE4 STATE5 STATE6 STATE7
+.endm
+
+.macro state_store1
+ state_store STATE7 STATE0 STATE1 STATE2 STATE3 STATE4 STATE5 STATE6
+.endm
+
+.macro state_store2
+ state_store STATE6 STATE7 STATE0 STATE1 STATE2 STATE3 STATE4 STATE5
+.endm
+
+.macro state_store3
+ state_store STATE5 STATE6 STATE7 STATE0 STATE1 STATE2 STATE3 STATE4
+.endm
+
+.macro state_store4
+ state_store STATE4 STATE5 STATE6 STATE7 STATE0 STATE1 STATE2 STATE3
+.endm
+
+.macro state_store5
+ state_store STATE3 STATE4 STATE5 STATE6 STATE7 STATE0 STATE1 STATE2
+.endm
+
+.macro state_store6
+ state_store STATE2 STATE3 STATE4 STATE5 STATE6 STATE7 STATE0 STATE1
+.endm
+
+.macro state_store7
+ state_store STATE1 STATE2 STATE3 STATE4 STATE5 STATE6 STATE7 STATE0
+.endm
+
+/*
+ * void crypto_aegis128l_aesni_init(void *state, const void *key, const void *iv);
+ */
+ENTRY(crypto_aegis128l_aesni_init)
+ FRAME_BEGIN
+
+ /* load key: */
+ movdqa (%rsi), MSG1
+ movdqa MSG1, STATE0
+ movdqa MSG1, STATE4
+ movdqa MSG1, STATE5
+ movdqa MSG1, STATE6
+ movdqa MSG1, STATE7
+
+ /* load IV: */
+ movdqu (%rdx), MSG0
+ pxor MSG0, STATE0
+ pxor MSG0, STATE4
+
+ /* load the constants: */
+ movdqa .Laegis128l_const_0, STATE2
+ movdqa .Laegis128l_const_1, STATE1
+ movdqa STATE1, STATE3
+ pxor STATE2, STATE5
+ pxor STATE1, STATE6
+ pxor STATE2, STATE7
+
+ /* update 10 times with IV and KEY: */
+ update0
+ update1
+ update2
+ update3
+ update4
+ update5
+ update6
+ update7
+ update0
+ update1
+
+ state_store1
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128l_aesni_init)
+
+.macro ad_block a i
+ movdq\a (\i * 0x20 + 0x00)(SRC), MSG0
+ movdq\a (\i * 0x20 + 0x10)(SRC), MSG1
+ update\i
+ sub $0x20, LEN
+ cmp $0x20, LEN
+ jl .Lad_out_\i
+.endm
+
+/*
+ * void crypto_aegis128l_aesni_ad(void *state, unsigned int length,
+ * const void *data);
+ */
+ENTRY(crypto_aegis128l_aesni_ad)
+ FRAME_BEGIN
+
+ cmp $0x20, LEN
+ jb .Lad_out
+
+ state_load
+
+ mov SRC, %r8
+ and $0xf, %r8
+ jnz .Lad_u_loop
+
+.align 8
+.Lad_a_loop:
+ ad_block a 0
+ ad_block a 1
+ ad_block a 2
+ ad_block a 3
+ ad_block a 4
+ ad_block a 5
+ ad_block a 6
+ ad_block a 7
+
+ add $0x100, SRC
+ jmp .Lad_a_loop
+
+.align 8
+.Lad_u_loop:
+ ad_block u 0
+ ad_block u 1
+ ad_block u 2
+ ad_block u 3
+ ad_block u 4
+ ad_block u 5
+ ad_block u 6
+ ad_block u 7
+
+ add $0x100, SRC
+ jmp .Lad_u_loop
+
+.Lad_out_0:
+ state_store0
+ FRAME_END
+ ret
+
+.Lad_out_1:
+ state_store1
+ FRAME_END
+ ret
+
+.Lad_out_2:
+ state_store2
+ FRAME_END
+ ret
+
+.Lad_out_3:
+ state_store3
+ FRAME_END
+ ret
+
+.Lad_out_4:
+ state_store4
+ FRAME_END
+ ret
+
+.Lad_out_5:
+ state_store5
+ FRAME_END
+ ret
+
+.Lad_out_6:
+ state_store6
+ FRAME_END
+ ret
+
+.Lad_out_7:
+ state_store7
+ FRAME_END
+ ret
+
+.Lad_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128l_aesni_ad)
+
+.macro crypt m0 m1 s0 s1 s2 s3 s4 s5 s6 s7
+ pxor \s1, \m0
+ pxor \s6, \m0
+ movdqa \s2, T3
+ pand \s3, T3
+ pxor T3, \m0
+
+ pxor \s2, \m1
+ pxor \s5, \m1
+ movdqa \s6, T3
+ pand \s7, T3
+ pxor T3, \m1
+.endm
+
+.macro crypt0 m0 m1
+ crypt \m0 \m1 STATE0 STATE1 STATE2 STATE3 STATE4 STATE5 STATE6 STATE7
+.endm
+
+.macro crypt1 m0 m1
+ crypt \m0 \m1 STATE7 STATE0 STATE1 STATE2 STATE3 STATE4 STATE5 STATE6
+.endm
+
+.macro crypt2 m0 m1
+ crypt \m0 \m1 STATE6 STATE7 STATE0 STATE1 STATE2 STATE3 STATE4 STATE5
+.endm
+
+.macro crypt3 m0 m1
+ crypt \m0 \m1 STATE5 STATE6 STATE7 STATE0 STATE1 STATE2 STATE3 STATE4
+.endm
+
+.macro crypt4 m0 m1
+ crypt \m0 \m1 STATE4 STATE5 STATE6 STATE7 STATE0 STATE1 STATE2 STATE3
+.endm
+
+.macro crypt5 m0 m1
+ crypt \m0 \m1 STATE3 STATE4 STATE5 STATE6 STATE7 STATE0 STATE1 STATE2
+.endm
+
+.macro crypt6 m0 m1
+ crypt \m0 \m1 STATE2 STATE3 STATE4 STATE5 STATE6 STATE7 STATE0 STATE1
+.endm
+
+.macro crypt7 m0 m1
+ crypt \m0 \m1 STATE1 STATE2 STATE3 STATE4 STATE5 STATE6 STATE7 STATE0
+.endm
+
+.macro encrypt_block a i
+ movdq\a (\i * 0x20 + 0x00)(SRC), MSG0
+ movdq\a (\i * 0x20 + 0x10)(SRC), MSG1
+ movdqa MSG0, T0
+ movdqa MSG1, T1
+ crypt\i T0, T1
+ movdq\a T0, (\i * 0x20 + 0x00)(DST)
+ movdq\a T1, (\i * 0x20 + 0x10)(DST)
+
+ update\i
+
+ sub $0x20, LEN
+ cmp $0x20, LEN
+ jl .Lenc_out_\i
+.endm
+
+.macro decrypt_block a i
+ movdq\a (\i * 0x20 + 0x00)(SRC), MSG0
+ movdq\a (\i * 0x20 + 0x10)(SRC), MSG1
+ crypt\i MSG0, MSG1
+ movdq\a MSG0, (\i * 0x20 + 0x00)(DST)
+ movdq\a MSG1, (\i * 0x20 + 0x10)(DST)
+
+ update\i
+
+ sub $0x20, LEN
+ cmp $0x20, LEN
+ jl .Ldec_out_\i
+.endm
+
+/*
+ * void crypto_aegis128l_aesni_enc(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128l_aesni_enc)
+ FRAME_BEGIN
+
+ cmp $0x20, LEN
+ jb .Lenc_out
+
+ state_load
+
+ mov SRC, %r8
+ or DST, %r8
+ and $0xf, %r8
+ jnz .Lenc_u_loop
+
+.align 8
+.Lenc_a_loop:
+ encrypt_block a 0
+ encrypt_block a 1
+ encrypt_block a 2
+ encrypt_block a 3
+ encrypt_block a 4
+ encrypt_block a 5
+ encrypt_block a 6
+ encrypt_block a 7
+
+ add $0x100, SRC
+ add $0x100, DST
+ jmp .Lenc_a_loop
+
+.align 8
+.Lenc_u_loop:
+ encrypt_block u 0
+ encrypt_block u 1
+ encrypt_block u 2
+ encrypt_block u 3
+ encrypt_block u 4
+ encrypt_block u 5
+ encrypt_block u 6
+ encrypt_block u 7
+
+ add $0x100, SRC
+ add $0x100, DST
+ jmp .Lenc_u_loop
+
+.Lenc_out_0:
+ state_store0
+ FRAME_END
+ ret
+
+.Lenc_out_1:
+ state_store1
+ FRAME_END
+ ret
+
+.Lenc_out_2:
+ state_store2
+ FRAME_END
+ ret
+
+.Lenc_out_3:
+ state_store3
+ FRAME_END
+ ret
+
+.Lenc_out_4:
+ state_store4
+ FRAME_END
+ ret
+
+.Lenc_out_5:
+ state_store5
+ FRAME_END
+ ret
+
+.Lenc_out_6:
+ state_store6
+ FRAME_END
+ ret
+
+.Lenc_out_7:
+ state_store7
+ FRAME_END
+ ret
+
+.Lenc_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128l_aesni_enc)
+
+/*
+ * void crypto_aegis128l_aesni_enc_tail(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128l_aesni_enc_tail)
+ FRAME_BEGIN
+
+ state_load
+
+ /* encrypt message: */
+ call __load_partial
+
+ movdqa MSG0, T0
+ movdqa MSG1, T1
+ crypt0 T0, T1
+
+ call __store_partial
+
+ update0
+
+ state_store0
+
+ FRAME_END
+ENDPROC(crypto_aegis128l_aesni_enc_tail)
+
+/*
+ * void crypto_aegis128l_aesni_dec(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128l_aesni_dec)
+ FRAME_BEGIN
+
+ cmp $0x20, LEN
+ jb .Ldec_out
+
+ state_load
+
+ mov SRC, %r8
+ or DST, %r8
+ and $0xF, %r8
+ jnz .Ldec_u_loop
+
+.align 8
+.Ldec_a_loop:
+ decrypt_block a 0
+ decrypt_block a 1
+ decrypt_block a 2
+ decrypt_block a 3
+ decrypt_block a 4
+ decrypt_block a 5
+ decrypt_block a 6
+ decrypt_block a 7
+
+ add $0x100, SRC
+ add $0x100, DST
+ jmp .Ldec_a_loop
+
+.align 8
+.Ldec_u_loop:
+ decrypt_block u 0
+ decrypt_block u 1
+ decrypt_block u 2
+ decrypt_block u 3
+ decrypt_block u 4
+ decrypt_block u 5
+ decrypt_block u 6
+ decrypt_block u 7
+
+ add $0x100, SRC
+ add $0x100, DST
+ jmp .Ldec_u_loop
+
+.Ldec_out_0:
+ state_store0
+ FRAME_END
+ ret
+
+.Ldec_out_1:
+ state_store1
+ FRAME_END
+ ret
+
+.Ldec_out_2:
+ state_store2
+ FRAME_END
+ ret
+
+.Ldec_out_3:
+ state_store3
+ FRAME_END
+ ret
+
+.Ldec_out_4:
+ state_store4
+ FRAME_END
+ ret
+
+.Ldec_out_5:
+ state_store5
+ FRAME_END
+ ret
+
+.Ldec_out_6:
+ state_store6
+ FRAME_END
+ ret
+
+.Ldec_out_7:
+ state_store7
+ FRAME_END
+ ret
+
+.Ldec_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128l_aesni_dec)
+
+/*
+ * void crypto_aegis128l_aesni_dec_tail(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis128l_aesni_dec_tail)
+ FRAME_BEGIN
+
+ state_load
+
+ /* decrypt message: */
+ call __load_partial
+
+ crypt0 MSG0, MSG1
+
+ movdqa MSG0, T0
+ movdqa MSG1, T1
+ call __store_partial
+
+ /* mask with byte count: */
+ movq LEN, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ movdqa T0, T1
+ movdqa .Laegis128l_counter0, T2
+ movdqa .Laegis128l_counter1, T3
+ pcmpgtb T2, T0
+ pcmpgtb T3, T1
+ pand T0, MSG0
+ pand T1, MSG1
+
+ update0
+
+ state_store0
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128l_aesni_dec_tail)
+
+/*
+ * void crypto_aegis128l_aesni_final(void *state, void *tag_xor,
+ * u64 assoclen, u64 cryptlen);
+ */
+ENTRY(crypto_aegis128l_aesni_final)
+ FRAME_BEGIN
+
+ state_load
+
+ /* prepare length block: */
+ movq %rdx, MSG0
+ movq %rcx, T0
+ pslldq $8, T0
+ pxor T0, MSG0
+ psllq $3, MSG0 /* multiply by 8 (to get bit count) */
+
+ pxor STATE2, MSG0
+ movdqa MSG0, MSG1
+
+ /* update state: */
+ update0
+ update1
+ update2
+ update3
+ update4
+ update5
+ update6
+
+ /* xor tag: */
+ movdqu (%rsi), T0
+
+ pxor STATE1, T0
+ pxor STATE2, T0
+ pxor STATE3, T0
+ pxor STATE4, T0
+ pxor STATE5, T0
+ pxor STATE6, T0
+ pxor STATE7, T0
+
+ movdqu T0, (%rsi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis128l_aesni_final)
diff --git a/arch/x86/crypto/aegis128l-aesni-glue.c b/arch/x86/crypto/aegis128l-aesni-glue.c
new file mode 100644
index 000000000000..876e4866e633
--- /dev/null
+++ b/arch/x86/crypto/aegis128l-aesni-glue.c
@@ -0,0 +1,407 @@
+/*
+ * The AEGIS-128L Authenticated-Encryption Algorithm
+ * Glue for AES-NI + SSE2 implementation
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/cryptd.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/scatterwalk.h>
+#include <linux/module.h>
+#include <asm/fpu/api.h>
+#include <asm/cpu_device_id.h>
+
+#define AEGIS128L_BLOCK_ALIGN 16
+#define AEGIS128L_BLOCK_SIZE 32
+#define AEGIS128L_NONCE_SIZE 16
+#define AEGIS128L_STATE_BLOCKS 8
+#define AEGIS128L_KEY_SIZE 16
+#define AEGIS128L_MIN_AUTH_SIZE 8
+#define AEGIS128L_MAX_AUTH_SIZE 16
+
+asmlinkage void crypto_aegis128l_aesni_init(void *state, void *key, void *iv);
+
+asmlinkage void crypto_aegis128l_aesni_ad(
+ void *state, unsigned int length, const void *data);
+
+asmlinkage void crypto_aegis128l_aesni_enc(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128l_aesni_dec(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128l_aesni_enc_tail(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128l_aesni_dec_tail(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis128l_aesni_final(
+ void *state, void *tag_xor, unsigned int cryptlen,
+ unsigned int assoclen);
+
+struct aegis_block {
+ u8 bytes[AEGIS128L_BLOCK_SIZE] __aligned(AEGIS128L_BLOCK_ALIGN);
+};
+
+struct aegis_state {
+ struct aegis_block blocks[AEGIS128L_STATE_BLOCKS];
+};
+
+struct aegis_ctx {
+ struct aegis_block key;
+};
+
+struct aegis_crypt_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_blocks)(void *state, unsigned int length, const void *src,
+ void *dst);
+ void (*crypt_tail)(void *state, unsigned int length, const void *src,
+ void *dst);
+};
+
+static void crypto_aegis128l_aesni_process_ad(
+ struct aegis_state *state, struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ struct aegis_block buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= AEGIS128L_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = AEGIS128L_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ crypto_aegis128l_aesni_ad(state,
+ AEGIS128L_BLOCK_SIZE,
+ buf.bytes);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_aegis128l_aesni_ad(state, left, src);
+
+ src += left & ~(AEGIS128L_BLOCK_SIZE - 1);
+ left &= AEGIS128L_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+ pos += left;
+ assoclen -= size;
+
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, AEGIS128L_BLOCK_SIZE - pos);
+ crypto_aegis128l_aesni_ad(state, AEGIS128L_BLOCK_SIZE, buf.bytes);
+ }
+}
+
+static void crypto_aegis128l_aesni_process_crypt(
+ struct aegis_state *state, struct aead_request *req,
+ const struct aegis_crypt_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *src, *dst;
+ unsigned int chunksize, base;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops->crypt_blocks(state, chunksize, src, dst);
+
+ base = chunksize & ~(AEGIS128L_BLOCK_SIZE - 1);
+ src += base;
+ dst += base;
+ chunksize &= AEGIS128L_BLOCK_SIZE - 1;
+
+ if (chunksize > 0)
+ ops->crypt_tail(state, chunksize, src, dst);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static struct aegis_ctx *crypto_aegis128l_aesni_ctx(struct crypto_aead *aead)
+{
+ u8 *ctx = crypto_aead_ctx(aead);
+ ctx = PTR_ALIGN(ctx, __alignof__(struct aegis_ctx));
+ return (void *)ctx;
+}
+
+static int crypto_aegis128l_aesni_setkey(struct crypto_aead *aead,
+ const u8 *key, unsigned int keylen)
+{
+ struct aegis_ctx *ctx = crypto_aegis128l_aesni_ctx(aead);
+
+ if (keylen != AEGIS128L_KEY_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ memcpy(ctx->key.bytes, key, AEGIS128L_KEY_SIZE);
+
+ return 0;
+}
+
+static int crypto_aegis128l_aesni_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ if (authsize > AEGIS128L_MAX_AUTH_SIZE)
+ return -EINVAL;
+ if (authsize < AEGIS128L_MIN_AUTH_SIZE)
+ return -EINVAL;
+ return 0;
+}
+
+static void crypto_aegis128l_aesni_crypt(struct aead_request *req,
+ struct aegis_block *tag_xor,
+ unsigned int cryptlen,
+ const struct aegis_crypt_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_ctx *ctx = crypto_aegis128l_aesni_ctx(tfm);
+ struct aegis_state state;
+
+ kernel_fpu_begin();
+
+ crypto_aegis128l_aesni_init(&state, ctx->key.bytes, req->iv);
+ crypto_aegis128l_aesni_process_ad(&state, req->src, req->assoclen);
+ crypto_aegis128l_aesni_process_crypt(&state, req, ops);
+ crypto_aegis128l_aesni_final(&state, tag_xor, req->assoclen, cryptlen);
+
+ kernel_fpu_end();
+}
+
+static int crypto_aegis128l_aesni_encrypt(struct aead_request *req)
+{
+ static const struct aegis_crypt_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_blocks = crypto_aegis128l_aesni_enc,
+ .crypt_tail = crypto_aegis128l_aesni_enc_tail,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_aegis128l_aesni_crypt(req, &tag, cryptlen, &OPS);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst,
+ req->assoclen + cryptlen, authsize, 1);
+ return 0;
+}
+
+static int crypto_aegis128l_aesni_decrypt(struct aead_request *req)
+{
+ static const struct aegis_block zeros = {};
+
+ static const struct aegis_crypt_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_blocks = crypto_aegis128l_aesni_dec,
+ .crypt_tail = crypto_aegis128l_aesni_dec_tail,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src,
+ req->assoclen + cryptlen, authsize, 0);
+
+ crypto_aegis128l_aesni_crypt(req, &tag, cryptlen, &OPS);
+
+ return crypto_memneq(tag.bytes, zeros.bytes, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_aegis128l_aesni_init_tfm(struct crypto_aead *aead)
+{
+ return 0;
+}
+
+static void crypto_aegis128l_aesni_exit_tfm(struct crypto_aead *aead)
+{
+}
+
+static int cryptd_aegis128l_aesni_setkey(struct crypto_aead *aead,
+ const u8 *key, unsigned int keylen)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setkey(&cryptd_tfm->base, key, keylen);
+}
+
+static int cryptd_aegis128l_aesni_setauthsize(struct crypto_aead *aead,
+ unsigned int authsize)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setauthsize(&cryptd_tfm->base, authsize);
+}
+
+static int cryptd_aegis128l_aesni_encrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_encrypt(req);
+}
+
+static int cryptd_aegis128l_aesni_decrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_decrypt(req);
+}
+
+static int cryptd_aegis128l_aesni_init_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead *cryptd_tfm;
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_tfm = cryptd_alloc_aead("__aegis128l-aesni", CRYPTO_ALG_INTERNAL,
+ CRYPTO_ALG_INTERNAL);
+ if (IS_ERR(cryptd_tfm))
+ return PTR_ERR(cryptd_tfm);
+
+ *ctx = cryptd_tfm;
+ crypto_aead_set_reqsize(aead, crypto_aead_reqsize(&cryptd_tfm->base));
+ return 0;
+}
+
+static void cryptd_aegis128l_aesni_exit_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_free_aead(*ctx);
+}
+
+static struct aead_alg crypto_aegis128l_aesni_alg[] = {
+ {
+ .setkey = crypto_aegis128l_aesni_setkey,
+ .setauthsize = crypto_aegis128l_aesni_setauthsize,
+ .encrypt = crypto_aegis128l_aesni_encrypt,
+ .decrypt = crypto_aegis128l_aesni_decrypt,
+ .init = crypto_aegis128l_aesni_init_tfm,
+ .exit = crypto_aegis128l_aesni_exit_tfm,
+
+ .ivsize = AEGIS128L_NONCE_SIZE,
+ .maxauthsize = AEGIS128L_MAX_AUTH_SIZE,
+ .chunksize = AEGIS128L_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_INTERNAL,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct aegis_ctx) +
+ __alignof__(struct aegis_ctx),
+ .cra_alignmask = 0,
+
+ .cra_name = "__aegis128l",
+ .cra_driver_name = "__aegis128l-aesni",
+
+ .cra_module = THIS_MODULE,
+ }
+ }, {
+ .setkey = cryptd_aegis128l_aesni_setkey,
+ .setauthsize = cryptd_aegis128l_aesni_setauthsize,
+ .encrypt = cryptd_aegis128l_aesni_encrypt,
+ .decrypt = cryptd_aegis128l_aesni_decrypt,
+ .init = cryptd_aegis128l_aesni_init_tfm,
+ .exit = cryptd_aegis128l_aesni_exit_tfm,
+
+ .ivsize = AEGIS128L_NONCE_SIZE,
+ .maxauthsize = AEGIS128L_MAX_AUTH_SIZE,
+ .chunksize = AEGIS128L_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_ASYNC,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct cryptd_aead *),
+ .cra_alignmask = 0,
+
+ .cra_priority = 400,
+
+ .cra_name = "aegis128l",
+ .cra_driver_name = "aegis128l-aesni",
+
+ .cra_module = THIS_MODULE,
+ }
+ }
+};
+
+static const struct x86_cpu_id aesni_cpu_id[] = {
+ X86_FEATURE_MATCH(X86_FEATURE_AES),
+ X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+ {}
+};
+MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
+
+static int __init crypto_aegis128l_aesni_module_init(void)
+{
+ if (!x86_match_cpu(aesni_cpu_id))
+ return -ENODEV;
+
+ return crypto_register_aeads(crypto_aegis128l_aesni_alg,
+ ARRAY_SIZE(crypto_aegis128l_aesni_alg));
+}
+
+static void __exit crypto_aegis128l_aesni_module_exit(void)
+{
+ crypto_unregister_aeads(crypto_aegis128l_aesni_alg,
+ ARRAY_SIZE(crypto_aegis128l_aesni_alg));
+}
+
+module_init(crypto_aegis128l_aesni_module_init);
+module_exit(crypto_aegis128l_aesni_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("AEGIS-128L AEAD algorithm -- AESNI+SSE2 implementation");
+MODULE_ALIAS_CRYPTO("aegis128l");
+MODULE_ALIAS_CRYPTO("aegis128l-aesni");
diff --git a/arch/x86/crypto/aegis256-aesni-asm.S b/arch/x86/crypto/aegis256-aesni-asm.S
new file mode 100644
index 000000000000..1d977d515bf9
--- /dev/null
+++ b/arch/x86/crypto/aegis256-aesni-asm.S
@@ -0,0 +1,702 @@
+/*
+ * AES-NI + SSE2 implementation of AEGIS-128L
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/linkage.h>
+#include <asm/frame.h>
+
+#define STATE0 %xmm0
+#define STATE1 %xmm1
+#define STATE2 %xmm2
+#define STATE3 %xmm3
+#define STATE4 %xmm4
+#define STATE5 %xmm5
+#define MSG %xmm6
+#define T0 %xmm7
+#define T1 %xmm8
+#define T2 %xmm9
+#define T3 %xmm10
+
+#define STATEP %rdi
+#define LEN %rsi
+#define SRC %rdx
+#define DST %rcx
+
+.section .rodata.cst16.aegis256_const, "aM", @progbits, 32
+.align 16
+.Laegis256_const_0:
+ .byte 0x00, 0x01, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d
+ .byte 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62
+.Laegis256_const_1:
+ .byte 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1
+ .byte 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd
+
+.section .rodata.cst16.aegis256_counter, "aM", @progbits, 16
+.align 16
+.Laegis256_counter:
+ .byte 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+ .byte 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+
+.text
+
+/*
+ * __load_partial: internal ABI
+ * input:
+ * LEN - bytes
+ * SRC - src
+ * output:
+ * MSG - message block
+ * changed:
+ * T0
+ * %r8
+ * %r9
+ */
+__load_partial:
+ xor %r9, %r9
+ pxor MSG, MSG
+
+ mov LEN, %r8
+ and $0x1, %r8
+ jz .Lld_partial_1
+
+ mov LEN, %r8
+ and $0x1E, %r8
+ add SRC, %r8
+ mov (%r8), %r9b
+
+.Lld_partial_1:
+ mov LEN, %r8
+ and $0x2, %r8
+ jz .Lld_partial_2
+
+ mov LEN, %r8
+ and $0x1C, %r8
+ add SRC, %r8
+ shl $0x10, %r9
+ mov (%r8), %r9w
+
+.Lld_partial_2:
+ mov LEN, %r8
+ and $0x4, %r8
+ jz .Lld_partial_4
+
+ mov LEN, %r8
+ and $0x18, %r8
+ add SRC, %r8
+ shl $32, %r9
+ mov (%r8), %r8d
+ xor %r8, %r9
+
+.Lld_partial_4:
+ movq %r9, MSG
+
+ mov LEN, %r8
+ and $0x8, %r8
+ jz .Lld_partial_8
+
+ mov LEN, %r8
+ and $0x10, %r8
+ add SRC, %r8
+ pslldq $8, MSG
+ movq (%r8), T0
+ pxor T0, MSG
+
+.Lld_partial_8:
+ ret
+ENDPROC(__load_partial)
+
+/*
+ * __store_partial: internal ABI
+ * input:
+ * LEN - bytes
+ * DST - dst
+ * output:
+ * T0 - message block
+ * changed:
+ * %r8
+ * %r9
+ * %r10
+ */
+__store_partial:
+ mov LEN, %r8
+ mov DST, %r9
+
+ movq T0, %r10
+
+ cmp $8, %r8
+ jl .Lst_partial_8
+
+ mov %r10, (%r9)
+ psrldq $8, T0
+ movq T0, %r10
+
+ sub $8, %r8
+ add $8, %r9
+
+.Lst_partial_8:
+ cmp $4, %r8
+ jl .Lst_partial_4
+
+ mov %r10d, (%r9)
+ shr $32, %r10
+
+ sub $4, %r8
+ add $4, %r9
+
+.Lst_partial_4:
+ cmp $2, %r8
+ jl .Lst_partial_2
+
+ mov %r10w, (%r9)
+ shr $0x10, %r10
+
+ sub $2, %r8
+ add $2, %r9
+
+.Lst_partial_2:
+ cmp $1, %r8
+ jl .Lst_partial_1
+
+ mov %r10b, (%r9)
+
+.Lst_partial_1:
+ ret
+ENDPROC(__store_partial)
+
+.macro update
+ movdqa STATE5, T0
+ aesenc STATE0, STATE5
+ aesenc STATE1, STATE0
+ aesenc STATE2, STATE1
+ aesenc STATE3, STATE2
+ aesenc STATE4, STATE3
+ aesenc T0, STATE4
+.endm
+
+.macro update0 m
+ update
+ pxor \m, STATE5
+.endm
+
+.macro update1 m
+ update
+ pxor \m, STATE4
+.endm
+
+.macro update2 m
+ update
+ pxor \m, STATE3
+.endm
+
+.macro update3 m
+ update
+ pxor \m, STATE2
+.endm
+
+.macro update4 m
+ update
+ pxor \m, STATE1
+.endm
+
+.macro update5 m
+ update
+ pxor \m, STATE0
+.endm
+
+.macro state_load
+ movdqu 0x00(STATEP), STATE0
+ movdqu 0x10(STATEP), STATE1
+ movdqu 0x20(STATEP), STATE2
+ movdqu 0x30(STATEP), STATE3
+ movdqu 0x40(STATEP), STATE4
+ movdqu 0x50(STATEP), STATE5
+.endm
+
+.macro state_store s0 s1 s2 s3 s4 s5
+ movdqu \s5, 0x00(STATEP)
+ movdqu \s0, 0x10(STATEP)
+ movdqu \s1, 0x20(STATEP)
+ movdqu \s2, 0x30(STATEP)
+ movdqu \s3, 0x40(STATEP)
+ movdqu \s4, 0x50(STATEP)
+.endm
+
+.macro state_store0
+ state_store STATE0 STATE1 STATE2 STATE3 STATE4 STATE5
+.endm
+
+.macro state_store1
+ state_store STATE5 STATE0 STATE1 STATE2 STATE3 STATE4
+.endm
+
+.macro state_store2
+ state_store STATE4 STATE5 STATE0 STATE1 STATE2 STATE3
+.endm
+
+.macro state_store3
+ state_store STATE3 STATE4 STATE5 STATE0 STATE1 STATE2
+.endm
+
+.macro state_store4
+ state_store STATE2 STATE3 STATE4 STATE5 STATE0 STATE1
+.endm
+
+.macro state_store5
+ state_store STATE1 STATE2 STATE3 STATE4 STATE5 STATE0
+.endm
+
+/*
+ * void crypto_aegis256_aesni_init(void *state, const void *key, const void *iv);
+ */
+ENTRY(crypto_aegis256_aesni_init)
+ FRAME_BEGIN
+
+ /* load key: */
+ movdqa 0x00(%rsi), MSG
+ movdqa 0x10(%rsi), T1
+ movdqa MSG, STATE4
+ movdqa T1, STATE5
+
+ /* load IV: */
+ movdqu 0x00(%rdx), T2
+ movdqu 0x10(%rdx), T3
+ pxor MSG, T2
+ pxor T1, T3
+ movdqa T2, STATE0
+ movdqa T3, STATE1
+
+ /* load the constants: */
+ movdqa .Laegis256_const_0, STATE3
+ movdqa .Laegis256_const_1, STATE2
+ pxor STATE3, STATE4
+ pxor STATE2, STATE5
+
+ /* update 10 times with IV and KEY: */
+ update0 MSG
+ update1 T1
+ update2 T2
+ update3 T3
+ update4 MSG
+ update5 T1
+ update0 T2
+ update1 T3
+ update2 MSG
+ update3 T1
+ update4 T2
+ update5 T3
+ update0 MSG
+ update1 T1
+ update2 T2
+ update3 T3
+
+ state_store3
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis256_aesni_init)
+
+.macro ad_block a i
+ movdq\a (\i * 0x10)(SRC), MSG
+ update\i MSG
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lad_out_\i
+.endm
+
+/*
+ * void crypto_aegis256_aesni_ad(void *state, unsigned int length,
+ * const void *data);
+ */
+ENTRY(crypto_aegis256_aesni_ad)
+ FRAME_BEGIN
+
+ cmp $0x10, LEN
+ jb .Lad_out
+
+ state_load
+
+ mov SRC, %r8
+ and $0xf, %r8
+ jnz .Lad_u_loop
+
+.align 8
+.Lad_a_loop:
+ ad_block a 0
+ ad_block a 1
+ ad_block a 2
+ ad_block a 3
+ ad_block a 4
+ ad_block a 5
+
+ add $0x60, SRC
+ jmp .Lad_a_loop
+
+.align 8
+.Lad_u_loop:
+ ad_block u 0
+ ad_block u 1
+ ad_block u 2
+ ad_block u 3
+ ad_block u 4
+ ad_block u 5
+
+ add $0x60, SRC
+ jmp .Lad_u_loop
+
+.Lad_out_0:
+ state_store0
+ FRAME_END
+ ret
+
+.Lad_out_1:
+ state_store1
+ FRAME_END
+ ret
+
+.Lad_out_2:
+ state_store2
+ FRAME_END
+ ret
+
+.Lad_out_3:
+ state_store3
+ FRAME_END
+ ret
+
+.Lad_out_4:
+ state_store4
+ FRAME_END
+ ret
+
+.Lad_out_5:
+ state_store5
+ FRAME_END
+ ret
+
+.Lad_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis256_aesni_ad)
+
+.macro crypt m s0 s1 s2 s3 s4 s5
+ pxor \s1, \m
+ pxor \s4, \m
+ pxor \s5, \m
+ movdqa \s2, T3
+ pand \s3, T3
+ pxor T3, \m
+.endm
+
+.macro crypt0 m
+ crypt \m STATE0 STATE1 STATE2 STATE3 STATE4 STATE5
+.endm
+
+.macro crypt1 m
+ crypt \m STATE5 STATE0 STATE1 STATE2 STATE3 STATE4
+.endm
+
+.macro crypt2 m
+ crypt \m STATE4 STATE5 STATE0 STATE1 STATE2 STATE3
+.endm
+
+.macro crypt3 m
+ crypt \m STATE3 STATE4 STATE5 STATE0 STATE1 STATE2
+.endm
+
+.macro crypt4 m
+ crypt \m STATE2 STATE3 STATE4 STATE5 STATE0 STATE1
+.endm
+
+.macro crypt5 m
+ crypt \m STATE1 STATE2 STATE3 STATE4 STATE5 STATE0
+.endm
+
+.macro encrypt_block a i
+ movdq\a (\i * 0x10)(SRC), MSG
+ movdqa MSG, T0
+ crypt\i T0
+ movdq\a T0, (\i * 0x10)(DST)
+
+ update\i MSG
+
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Lenc_out_\i
+.endm
+
+.macro decrypt_block a i
+ movdq\a (\i * 0x10)(SRC), MSG
+ crypt\i MSG
+ movdq\a MSG, (\i * 0x10)(DST)
+
+ update\i MSG
+
+ sub $0x10, LEN
+ cmp $0x10, LEN
+ jl .Ldec_out_\i
+.endm
+
+/*
+ * void crypto_aegis256_aesni_enc(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis256_aesni_enc)
+ FRAME_BEGIN
+
+ cmp $0x10, LEN
+ jb .Lenc_out
+
+ state_load
+
+ mov SRC, %r8
+ or DST, %r8
+ and $0xf, %r8
+ jnz .Lenc_u_loop
+
+.align 8
+.Lenc_a_loop:
+ encrypt_block a 0
+ encrypt_block a 1
+ encrypt_block a 2
+ encrypt_block a 3
+ encrypt_block a 4
+ encrypt_block a 5
+
+ add $0x60, SRC
+ add $0x60, DST
+ jmp .Lenc_a_loop
+
+.align 8
+.Lenc_u_loop:
+ encrypt_block u 0
+ encrypt_block u 1
+ encrypt_block u 2
+ encrypt_block u 3
+ encrypt_block u 4
+ encrypt_block u 5
+
+ add $0x60, SRC
+ add $0x60, DST
+ jmp .Lenc_u_loop
+
+.Lenc_out_0:
+ state_store0
+ FRAME_END
+ ret
+
+.Lenc_out_1:
+ state_store1
+ FRAME_END
+ ret
+
+.Lenc_out_2:
+ state_store2
+ FRAME_END
+ ret
+
+.Lenc_out_3:
+ state_store3
+ FRAME_END
+ ret
+
+.Lenc_out_4:
+ state_store4
+ FRAME_END
+ ret
+
+.Lenc_out_5:
+ state_store5
+ FRAME_END
+ ret
+
+.Lenc_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis256_aesni_enc)
+
+/*
+ * void crypto_aegis256_aesni_enc_tail(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis256_aesni_enc_tail)
+ FRAME_BEGIN
+
+ state_load
+
+ /* encrypt message: */
+ call __load_partial
+
+ movdqa MSG, T0
+ crypt0 T0
+
+ call __store_partial
+
+ update0 MSG
+
+ state_store0
+
+ FRAME_END
+ENDPROC(crypto_aegis256_aesni_enc_tail)
+
+/*
+ * void crypto_aegis256_aesni_dec(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis256_aesni_dec)
+ FRAME_BEGIN
+
+ cmp $0x10, LEN
+ jb .Ldec_out
+
+ state_load
+
+ mov SRC, %r8
+ or DST, %r8
+ and $0xF, %r8
+ jnz .Ldec_u_loop
+
+.align 8
+.Ldec_a_loop:
+ decrypt_block a 0
+ decrypt_block a 1
+ decrypt_block a 2
+ decrypt_block a 3
+ decrypt_block a 4
+ decrypt_block a 5
+
+ add $0x60, SRC
+ add $0x60, DST
+ jmp .Ldec_a_loop
+
+.align 8
+.Ldec_u_loop:
+ decrypt_block u 0
+ decrypt_block u 1
+ decrypt_block u 2
+ decrypt_block u 3
+ decrypt_block u 4
+ decrypt_block u 5
+
+ add $0x60, SRC
+ add $0x60, DST
+ jmp .Ldec_u_loop
+
+.Ldec_out_0:
+ state_store0
+ FRAME_END
+ ret
+
+.Ldec_out_1:
+ state_store1
+ FRAME_END
+ ret
+
+.Ldec_out_2:
+ state_store2
+ FRAME_END
+ ret
+
+.Ldec_out_3:
+ state_store3
+ FRAME_END
+ ret
+
+.Ldec_out_4:
+ state_store4
+ FRAME_END
+ ret
+
+.Ldec_out_5:
+ state_store5
+ FRAME_END
+ ret
+
+.Ldec_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis256_aesni_dec)
+
+/*
+ * void crypto_aegis256_aesni_dec_tail(void *state, unsigned int length,
+ * const void *src, void *dst);
+ */
+ENTRY(crypto_aegis256_aesni_dec_tail)
+ FRAME_BEGIN
+
+ state_load
+
+ /* decrypt message: */
+ call __load_partial
+
+ crypt0 MSG
+
+ movdqa MSG, T0
+ call __store_partial
+
+ /* mask with byte count: */
+ movq LEN, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ movdqa .Laegis256_counter, T1
+ pcmpgtb T1, T0
+ pand T0, MSG
+
+ update0 MSG
+
+ state_store0
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis256_aesni_dec_tail)
+
+/*
+ * void crypto_aegis256_aesni_final(void *state, void *tag_xor,
+ * u64 assoclen, u64 cryptlen);
+ */
+ENTRY(crypto_aegis256_aesni_final)
+ FRAME_BEGIN
+
+ state_load
+
+ /* prepare length block: */
+ movq %rdx, MSG
+ movq %rcx, T0
+ pslldq $8, T0
+ pxor T0, MSG
+ psllq $3, MSG /* multiply by 8 (to get bit count) */
+
+ pxor STATE3, MSG
+
+ /* update state: */
+ update0 MSG
+ update1 MSG
+ update2 MSG
+ update3 MSG
+ update4 MSG
+ update5 MSG
+ update0 MSG
+
+ /* xor tag: */
+ movdqu (%rsi), MSG
+
+ pxor STATE0, MSG
+ pxor STATE1, MSG
+ pxor STATE2, MSG
+ pxor STATE3, MSG
+ pxor STATE4, MSG
+ pxor STATE5, MSG
+
+ movdqu MSG, (%rsi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_aegis256_aesni_final)
diff --git a/arch/x86/crypto/aegis256-aesni-glue.c b/arch/x86/crypto/aegis256-aesni-glue.c
new file mode 100644
index 000000000000..2b5dd3af8f4d
--- /dev/null
+++ b/arch/x86/crypto/aegis256-aesni-glue.c
@@ -0,0 +1,407 @@
+/*
+ * The AEGIS-256 Authenticated-Encryption Algorithm
+ * Glue for AES-NI + SSE2 implementation
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/cryptd.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/scatterwalk.h>
+#include <linux/module.h>
+#include <asm/fpu/api.h>
+#include <asm/cpu_device_id.h>
+
+#define AEGIS256_BLOCK_ALIGN 16
+#define AEGIS256_BLOCK_SIZE 16
+#define AEGIS256_NONCE_SIZE 32
+#define AEGIS256_STATE_BLOCKS 6
+#define AEGIS256_KEY_SIZE 32
+#define AEGIS256_MIN_AUTH_SIZE 8
+#define AEGIS256_MAX_AUTH_SIZE 16
+
+asmlinkage void crypto_aegis256_aesni_init(void *state, void *key, void *iv);
+
+asmlinkage void crypto_aegis256_aesni_ad(
+ void *state, unsigned int length, const void *data);
+
+asmlinkage void crypto_aegis256_aesni_enc(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis256_aesni_dec(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis256_aesni_enc_tail(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis256_aesni_dec_tail(
+ void *state, unsigned int length, const void *src, void *dst);
+
+asmlinkage void crypto_aegis256_aesni_final(
+ void *state, void *tag_xor, unsigned int cryptlen,
+ unsigned int assoclen);
+
+struct aegis_block {
+ u8 bytes[AEGIS256_BLOCK_SIZE] __aligned(AEGIS256_BLOCK_ALIGN);
+};
+
+struct aegis_state {
+ struct aegis_block blocks[AEGIS256_STATE_BLOCKS];
+};
+
+struct aegis_ctx {
+ struct aegis_block key[AEGIS256_KEY_SIZE / AEGIS256_BLOCK_SIZE];
+};
+
+struct aegis_crypt_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_blocks)(void *state, unsigned int length, const void *src,
+ void *dst);
+ void (*crypt_tail)(void *state, unsigned int length, const void *src,
+ void *dst);
+};
+
+static void crypto_aegis256_aesni_process_ad(
+ struct aegis_state *state, struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ struct aegis_block buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= AEGIS256_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = AEGIS256_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ crypto_aegis256_aesni_ad(state,
+ AEGIS256_BLOCK_SIZE,
+ buf.bytes);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_aegis256_aesni_ad(state, left, src);
+
+ src += left & ~(AEGIS256_BLOCK_SIZE - 1);
+ left &= AEGIS256_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+ pos += left;
+ assoclen -= size;
+
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, AEGIS256_BLOCK_SIZE - pos);
+ crypto_aegis256_aesni_ad(state, AEGIS256_BLOCK_SIZE, buf.bytes);
+ }
+}
+
+static void crypto_aegis256_aesni_process_crypt(
+ struct aegis_state *state, struct aead_request *req,
+ const struct aegis_crypt_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *src, *dst;
+ unsigned int chunksize, base;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops->crypt_blocks(state, chunksize, src, dst);
+
+ base = chunksize & ~(AEGIS256_BLOCK_SIZE - 1);
+ src += base;
+ dst += base;
+ chunksize &= AEGIS256_BLOCK_SIZE - 1;
+
+ if (chunksize > 0)
+ ops->crypt_tail(state, chunksize, src, dst);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static struct aegis_ctx *crypto_aegis256_aesni_ctx(struct crypto_aead *aead)
+{
+ u8 *ctx = crypto_aead_ctx(aead);
+ ctx = PTR_ALIGN(ctx, __alignof__(struct aegis_ctx));
+ return (void *)ctx;
+}
+
+static int crypto_aegis256_aesni_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct aegis_ctx *ctx = crypto_aegis256_aesni_ctx(aead);
+
+ if (keylen != AEGIS256_KEY_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ memcpy(ctx->key, key, AEGIS256_KEY_SIZE);
+
+ return 0;
+}
+
+static int crypto_aegis256_aesni_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ if (authsize > AEGIS256_MAX_AUTH_SIZE)
+ return -EINVAL;
+ if (authsize < AEGIS256_MIN_AUTH_SIZE)
+ return -EINVAL;
+ return 0;
+}
+
+static void crypto_aegis256_aesni_crypt(struct aead_request *req,
+ struct aegis_block *tag_xor,
+ unsigned int cryptlen,
+ const struct aegis_crypt_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_ctx *ctx = crypto_aegis256_aesni_ctx(tfm);
+ struct aegis_state state;
+
+ kernel_fpu_begin();
+
+ crypto_aegis256_aesni_init(&state, ctx->key, req->iv);
+ crypto_aegis256_aesni_process_ad(&state, req->src, req->assoclen);
+ crypto_aegis256_aesni_process_crypt(&state, req, ops);
+ crypto_aegis256_aesni_final(&state, tag_xor, req->assoclen, cryptlen);
+
+ kernel_fpu_end();
+}
+
+static int crypto_aegis256_aesni_encrypt(struct aead_request *req)
+{
+ static const struct aegis_crypt_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_blocks = crypto_aegis256_aesni_enc,
+ .crypt_tail = crypto_aegis256_aesni_enc_tail,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_aegis256_aesni_crypt(req, &tag, cryptlen, &OPS);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst,
+ req->assoclen + cryptlen, authsize, 1);
+ return 0;
+}
+
+static int crypto_aegis256_aesni_decrypt(struct aead_request *req)
+{
+ static const struct aegis_block zeros = {};
+
+ static const struct aegis_crypt_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_blocks = crypto_aegis256_aesni_dec,
+ .crypt_tail = crypto_aegis256_aesni_dec_tail,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src,
+ req->assoclen + cryptlen, authsize, 0);
+
+ crypto_aegis256_aesni_crypt(req, &tag, cryptlen, &OPS);
+
+ return crypto_memneq(tag.bytes, zeros.bytes, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_aegis256_aesni_init_tfm(struct crypto_aead *aead)
+{
+ return 0;
+}
+
+static void crypto_aegis256_aesni_exit_tfm(struct crypto_aead *aead)
+{
+}
+
+static int cryptd_aegis256_aesni_setkey(struct crypto_aead *aead,
+ const u8 *key, unsigned int keylen)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setkey(&cryptd_tfm->base, key, keylen);
+}
+
+static int cryptd_aegis256_aesni_setauthsize(struct crypto_aead *aead,
+ unsigned int authsize)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setauthsize(&cryptd_tfm->base, authsize);
+}
+
+static int cryptd_aegis256_aesni_encrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_encrypt(req);
+}
+
+static int cryptd_aegis256_aesni_decrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_decrypt(req);
+}
+
+static int cryptd_aegis256_aesni_init_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead *cryptd_tfm;
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_tfm = cryptd_alloc_aead("__aegis256-aesni", CRYPTO_ALG_INTERNAL,
+ CRYPTO_ALG_INTERNAL);
+ if (IS_ERR(cryptd_tfm))
+ return PTR_ERR(cryptd_tfm);
+
+ *ctx = cryptd_tfm;
+ crypto_aead_set_reqsize(aead, crypto_aead_reqsize(&cryptd_tfm->base));
+ return 0;
+}
+
+static void cryptd_aegis256_aesni_exit_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_free_aead(*ctx);
+}
+
+static struct aead_alg crypto_aegis256_aesni_alg[] = {
+ {
+ .setkey = crypto_aegis256_aesni_setkey,
+ .setauthsize = crypto_aegis256_aesni_setauthsize,
+ .encrypt = crypto_aegis256_aesni_encrypt,
+ .decrypt = crypto_aegis256_aesni_decrypt,
+ .init = crypto_aegis256_aesni_init_tfm,
+ .exit = crypto_aegis256_aesni_exit_tfm,
+
+ .ivsize = AEGIS256_NONCE_SIZE,
+ .maxauthsize = AEGIS256_MAX_AUTH_SIZE,
+ .chunksize = AEGIS256_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_INTERNAL,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct aegis_ctx) +
+ __alignof__(struct aegis_ctx),
+ .cra_alignmask = 0,
+
+ .cra_name = "__aegis256",
+ .cra_driver_name = "__aegis256-aesni",
+
+ .cra_module = THIS_MODULE,
+ }
+ }, {
+ .setkey = cryptd_aegis256_aesni_setkey,
+ .setauthsize = cryptd_aegis256_aesni_setauthsize,
+ .encrypt = cryptd_aegis256_aesni_encrypt,
+ .decrypt = cryptd_aegis256_aesni_decrypt,
+ .init = cryptd_aegis256_aesni_init_tfm,
+ .exit = cryptd_aegis256_aesni_exit_tfm,
+
+ .ivsize = AEGIS256_NONCE_SIZE,
+ .maxauthsize = AEGIS256_MAX_AUTH_SIZE,
+ .chunksize = AEGIS256_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_ASYNC,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct cryptd_aead *),
+ .cra_alignmask = 0,
+
+ .cra_priority = 400,
+
+ .cra_name = "aegis256",
+ .cra_driver_name = "aegis256-aesni",
+
+ .cra_module = THIS_MODULE,
+ }
+ }
+};
+
+static const struct x86_cpu_id aesni_cpu_id[] = {
+ X86_FEATURE_MATCH(X86_FEATURE_AES),
+ X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+ {}
+};
+MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
+
+static int __init crypto_aegis256_aesni_module_init(void)
+{
+ if (!x86_match_cpu(aesni_cpu_id))
+ return -ENODEV;
+
+ return crypto_register_aeads(crypto_aegis256_aesni_alg,
+ ARRAY_SIZE(crypto_aegis256_aesni_alg));
+}
+
+static void __exit crypto_aegis256_aesni_module_exit(void)
+{
+ crypto_unregister_aeads(crypto_aegis256_aesni_alg,
+ ARRAY_SIZE(crypto_aegis256_aesni_alg));
+}
+
+module_init(crypto_aegis256_aesni_module_init);
+module_exit(crypto_aegis256_aesni_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("AEGIS-256 AEAD algorithm -- AESNI+SSE2 implementation");
+MODULE_ALIAS_CRYPTO("aegis256");
+MODULE_ALIAS_CRYPTO("aegis256-aesni");
diff --git a/arch/x86/crypto/ghash-clmulni-intel_glue.c b/arch/x86/crypto/ghash-clmulni-intel_glue.c
index 0420bab19efb..2ddbe3a1868b 100644
--- a/arch/x86/crypto/ghash-clmulni-intel_glue.c
+++ b/arch/x86/crypto/ghash-clmulni-intel_glue.c
@@ -364,5 +364,5 @@ module_exit(ghash_pclmulqdqni_mod_exit);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("GHASH Message Digest Algorithm, "
- "acclerated by PCLMULQDQ-NI");
+ "accelerated by PCLMULQDQ-NI");
MODULE_ALIAS_CRYPTO("ghash");
diff --git a/arch/x86/crypto/morus1280-avx2-asm.S b/arch/x86/crypto/morus1280-avx2-asm.S
new file mode 100644
index 000000000000..37d422e77931
--- /dev/null
+++ b/arch/x86/crypto/morus1280-avx2-asm.S
@@ -0,0 +1,621 @@
+/*
+ * AVX2 implementation of MORUS-1280
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/linkage.h>
+#include <asm/frame.h>
+
+#define SHUFFLE_MASK(i0, i1, i2, i3) \
+ (i0 | (i1 << 2) | (i2 << 4) | (i3 << 6))
+
+#define MASK1 SHUFFLE_MASK(3, 0, 1, 2)
+#define MASK2 SHUFFLE_MASK(2, 3, 0, 1)
+#define MASK3 SHUFFLE_MASK(1, 2, 3, 0)
+
+#define STATE0 %ymm0
+#define STATE0_LOW %xmm0
+#define STATE1 %ymm1
+#define STATE2 %ymm2
+#define STATE3 %ymm3
+#define STATE4 %ymm4
+#define KEY %ymm5
+#define MSG %ymm5
+#define MSG_LOW %xmm5
+#define T0 %ymm6
+#define T0_LOW %xmm6
+#define T1 %ymm7
+
+.section .rodata.cst32.morus1280_const, "aM", @progbits, 32
+.align 32
+.Lmorus1280_const:
+ .byte 0x00, 0x01, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d
+ .byte 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62
+ .byte 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1
+ .byte 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd
+
+.section .rodata.cst32.morus1280_counter, "aM", @progbits, 32
+.align 32
+.Lmorus1280_counter:
+ .byte 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+ .byte 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+ .byte 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
+ .byte 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+
+.text
+
+.macro morus1280_round s0, s1, s2, s3, s4, b, w
+ vpand \s1, \s2, T0
+ vpxor T0, \s0, \s0
+ vpxor \s3, \s0, \s0
+ vpsllq $\b, \s0, T0
+ vpsrlq $(64 - \b), \s0, \s0
+ vpxor T0, \s0, \s0
+ vpermq $\w, \s3, \s3
+.endm
+
+/*
+ * __morus1280_update: internal ABI
+ * input:
+ * STATE[0-4] - input state
+ * MSG - message block
+ * output:
+ * STATE[0-4] - output state
+ * changed:
+ * T0
+ */
+__morus1280_update:
+ morus1280_round STATE0, STATE1, STATE2, STATE3, STATE4, 13, MASK1
+ vpxor MSG, STATE1, STATE1
+ morus1280_round STATE1, STATE2, STATE3, STATE4, STATE0, 46, MASK2
+ vpxor MSG, STATE2, STATE2
+ morus1280_round STATE2, STATE3, STATE4, STATE0, STATE1, 38, MASK3
+ vpxor MSG, STATE3, STATE3
+ morus1280_round STATE3, STATE4, STATE0, STATE1, STATE2, 7, MASK2
+ vpxor MSG, STATE4, STATE4
+ morus1280_round STATE4, STATE0, STATE1, STATE2, STATE3, 4, MASK1
+ ret
+ENDPROC(__morus1280_update)
+
+/*
+ * __morus1280_update_zero: internal ABI
+ * input:
+ * STATE[0-4] - input state
+ * output:
+ * STATE[0-4] - output state
+ * changed:
+ * T0
+ */
+__morus1280_update_zero:
+ morus1280_round STATE0, STATE1, STATE2, STATE3, STATE4, 13, MASK1
+ morus1280_round STATE1, STATE2, STATE3, STATE4, STATE0, 46, MASK2
+ morus1280_round STATE2, STATE3, STATE4, STATE0, STATE1, 38, MASK3
+ morus1280_round STATE3, STATE4, STATE0, STATE1, STATE2, 7, MASK2
+ morus1280_round STATE4, STATE0, STATE1, STATE2, STATE3, 4, MASK1
+ ret
+ENDPROC(__morus1280_update_zero)
+
+/*
+ * __load_partial: internal ABI
+ * input:
+ * %rsi - src
+ * %rcx - bytes
+ * output:
+ * MSG - message block
+ * changed:
+ * %r8
+ * %r9
+ */
+__load_partial:
+ xor %r9, %r9
+ vpxor MSG, MSG, MSG
+
+ mov %rcx, %r8
+ and $0x1, %r8
+ jz .Lld_partial_1
+
+ mov %rcx, %r8
+ and $0x1E, %r8
+ add %rsi, %r8
+ mov (%r8), %r9b
+
+.Lld_partial_1:
+ mov %rcx, %r8
+ and $0x2, %r8
+ jz .Lld_partial_2
+
+ mov %rcx, %r8
+ and $0x1C, %r8
+ add %rsi, %r8
+ shl $16, %r9
+ mov (%r8), %r9w
+
+.Lld_partial_2:
+ mov %rcx, %r8
+ and $0x4, %r8
+ jz .Lld_partial_4
+
+ mov %rcx, %r8
+ and $0x18, %r8
+ add %rsi, %r8
+ shl $32, %r9
+ mov (%r8), %r8d
+ xor %r8, %r9
+
+.Lld_partial_4:
+ movq %r9, MSG_LOW
+
+ mov %rcx, %r8
+ and $0x8, %r8
+ jz .Lld_partial_8
+
+ mov %rcx, %r8
+ and $0x10, %r8
+ add %rsi, %r8
+ pshufd $MASK2, MSG_LOW, MSG_LOW
+ pinsrq $0, (%r8), MSG_LOW
+
+.Lld_partial_8:
+ mov %rcx, %r8
+ and $0x10, %r8
+ jz .Lld_partial_16
+
+ vpermq $MASK2, MSG, MSG
+ movdqu (%rsi), MSG_LOW
+
+.Lld_partial_16:
+ ret
+ENDPROC(__load_partial)
+
+/*
+ * __store_partial: internal ABI
+ * input:
+ * %rdx - dst
+ * %rcx - bytes
+ * output:
+ * T0 - message block
+ * changed:
+ * %r8
+ * %r9
+ * %r10
+ */
+__store_partial:
+ mov %rcx, %r8
+ mov %rdx, %r9
+
+ cmp $16, %r8
+ jl .Lst_partial_16
+
+ movdqu T0_LOW, (%r9)
+ vpermq $MASK2, T0, T0
+
+ sub $16, %r8
+ add $16, %r9
+
+.Lst_partial_16:
+ movq T0_LOW, %r10
+
+ cmp $8, %r8
+ jl .Lst_partial_8
+
+ mov %r10, (%r9)
+ pextrq $1, T0_LOW, %r10
+
+ sub $8, %r8
+ add $8, %r9
+
+.Lst_partial_8:
+ cmp $4, %r8
+ jl .Lst_partial_4
+
+ mov %r10d, (%r9)
+ shr $32, %r10
+
+ sub $4, %r8
+ add $4, %r9
+
+.Lst_partial_4:
+ cmp $2, %r8
+ jl .Lst_partial_2
+
+ mov %r10w, (%r9)
+ shr $16, %r10
+
+ sub $2, %r8
+ add $2, %r9
+
+.Lst_partial_2:
+ cmp $1, %r8
+ jl .Lst_partial_1
+
+ mov %r10b, (%r9)
+
+.Lst_partial_1:
+ ret
+ENDPROC(__store_partial)
+
+/*
+ * void crypto_morus1280_avx2_init(void *state, const void *key,
+ * const void *iv);
+ */
+ENTRY(crypto_morus1280_avx2_init)
+ FRAME_BEGIN
+
+ /* load IV: */
+ vpxor STATE0, STATE0, STATE0
+ movdqu (%rdx), STATE0_LOW
+ /* load key: */
+ vmovdqu (%rsi), KEY
+ vmovdqa KEY, STATE1
+ /* load all ones: */
+ vpcmpeqd STATE2, STATE2, STATE2
+ /* load all zeros: */
+ vpxor STATE3, STATE3, STATE3
+ /* load the constant: */
+ vmovdqa .Lmorus1280_const, STATE4
+
+ /* update 16 times with zero: */
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+
+ /* xor-in the key again after updates: */
+ vpxor KEY, STATE1, STATE1
+
+ /* store the state: */
+ vmovdqu STATE0, (0 * 32)(%rdi)
+ vmovdqu STATE1, (1 * 32)(%rdi)
+ vmovdqu STATE2, (2 * 32)(%rdi)
+ vmovdqu STATE3, (3 * 32)(%rdi)
+ vmovdqu STATE4, (4 * 32)(%rdi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_avx2_init)
+
+/*
+ * void crypto_morus1280_avx2_ad(void *state, const void *data,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_avx2_ad)
+ FRAME_BEGIN
+
+ cmp $32, %rdx
+ jb .Lad_out
+
+ /* load the state: */
+ vmovdqu (0 * 32)(%rdi), STATE0
+ vmovdqu (1 * 32)(%rdi), STATE1
+ vmovdqu (2 * 32)(%rdi), STATE2
+ vmovdqu (3 * 32)(%rdi), STATE3
+ vmovdqu (4 * 32)(%rdi), STATE4
+
+ mov %rsi, %r8
+ and $0x1F, %r8
+ jnz .Lad_u_loop
+
+.align 4
+.Lad_a_loop:
+ vmovdqa (%rsi), MSG
+ call __morus1280_update
+ sub $32, %rdx
+ add $32, %rsi
+ cmp $32, %rdx
+ jge .Lad_a_loop
+
+ jmp .Lad_cont
+.align 4
+.Lad_u_loop:
+ vmovdqu (%rsi), MSG
+ call __morus1280_update
+ sub $32, %rdx
+ add $32, %rsi
+ cmp $32, %rdx
+ jge .Lad_u_loop
+
+.Lad_cont:
+ /* store the state: */
+ vmovdqu STATE0, (0 * 32)(%rdi)
+ vmovdqu STATE1, (1 * 32)(%rdi)
+ vmovdqu STATE2, (2 * 32)(%rdi)
+ vmovdqu STATE3, (3 * 32)(%rdi)
+ vmovdqu STATE4, (4 * 32)(%rdi)
+
+.Lad_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_avx2_ad)
+
+/*
+ * void crypto_morus1280_avx2_enc(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_avx2_enc)
+ FRAME_BEGIN
+
+ cmp $32, %rcx
+ jb .Lenc_out
+
+ /* load the state: */
+ vmovdqu (0 * 32)(%rdi), STATE0
+ vmovdqu (1 * 32)(%rdi), STATE1
+ vmovdqu (2 * 32)(%rdi), STATE2
+ vmovdqu (3 * 32)(%rdi), STATE3
+ vmovdqu (4 * 32)(%rdi), STATE4
+
+ mov %rsi, %r8
+ or %rdx, %r8
+ and $0x1F, %r8
+ jnz .Lenc_u_loop
+
+.align 4
+.Lenc_a_loop:
+ vmovdqa (%rsi), MSG
+ vmovdqa MSG, T0
+ vpxor STATE0, T0, T0
+ vpermq $MASK3, STATE1, T1
+ vpxor T1, T0, T0
+ vpand STATE2, STATE3, T1
+ vpxor T1, T0, T0
+ vmovdqa T0, (%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Lenc_a_loop
+
+ jmp .Lenc_cont
+.align 4
+.Lenc_u_loop:
+ vmovdqu (%rsi), MSG
+ vmovdqa MSG, T0
+ vpxor STATE0, T0, T0
+ vpermq $MASK3, STATE1, T1
+ vpxor T1, T0, T0
+ vpand STATE2, STATE3, T1
+ vpxor T1, T0, T0
+ vmovdqu T0, (%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Lenc_u_loop
+
+.Lenc_cont:
+ /* store the state: */
+ vmovdqu STATE0, (0 * 32)(%rdi)
+ vmovdqu STATE1, (1 * 32)(%rdi)
+ vmovdqu STATE2, (2 * 32)(%rdi)
+ vmovdqu STATE3, (3 * 32)(%rdi)
+ vmovdqu STATE4, (4 * 32)(%rdi)
+
+.Lenc_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_avx2_enc)
+
+/*
+ * void crypto_morus1280_avx2_enc_tail(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_avx2_enc_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ vmovdqu (0 * 32)(%rdi), STATE0
+ vmovdqu (1 * 32)(%rdi), STATE1
+ vmovdqu (2 * 32)(%rdi), STATE2
+ vmovdqu (3 * 32)(%rdi), STATE3
+ vmovdqu (4 * 32)(%rdi), STATE4
+
+ /* encrypt message: */
+ call __load_partial
+
+ vmovdqa MSG, T0
+ vpxor STATE0, T0, T0
+ vpermq $MASK3, STATE1, T1
+ vpxor T1, T0, T0
+ vpand STATE2, STATE3, T1
+ vpxor T1, T0, T0
+
+ call __store_partial
+
+ call __morus1280_update
+
+ /* store the state: */
+ vmovdqu STATE0, (0 * 32)(%rdi)
+ vmovdqu STATE1, (1 * 32)(%rdi)
+ vmovdqu STATE2, (2 * 32)(%rdi)
+ vmovdqu STATE3, (3 * 32)(%rdi)
+ vmovdqu STATE4, (4 * 32)(%rdi)
+
+ FRAME_END
+ENDPROC(crypto_morus1280_avx2_enc_tail)
+
+/*
+ * void crypto_morus1280_avx2_dec(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_avx2_dec)
+ FRAME_BEGIN
+
+ cmp $32, %rcx
+ jb .Ldec_out
+
+ /* load the state: */
+ vmovdqu (0 * 32)(%rdi), STATE0
+ vmovdqu (1 * 32)(%rdi), STATE1
+ vmovdqu (2 * 32)(%rdi), STATE2
+ vmovdqu (3 * 32)(%rdi), STATE3
+ vmovdqu (4 * 32)(%rdi), STATE4
+
+ mov %rsi, %r8
+ or %rdx, %r8
+ and $0x1F, %r8
+ jnz .Ldec_u_loop
+
+.align 4
+.Ldec_a_loop:
+ vmovdqa (%rsi), MSG
+ vpxor STATE0, MSG, MSG
+ vpermq $MASK3, STATE1, T0
+ vpxor T0, MSG, MSG
+ vpand STATE2, STATE3, T0
+ vpxor T0, MSG, MSG
+ vmovdqa MSG, (%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Ldec_a_loop
+
+ jmp .Ldec_cont
+.align 4
+.Ldec_u_loop:
+ vmovdqu (%rsi), MSG
+ vpxor STATE0, MSG, MSG
+ vpermq $MASK3, STATE1, T0
+ vpxor T0, MSG, MSG
+ vpand STATE2, STATE3, T0
+ vpxor T0, MSG, MSG
+ vmovdqu MSG, (%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Ldec_u_loop
+
+.Ldec_cont:
+ /* store the state: */
+ vmovdqu STATE0, (0 * 32)(%rdi)
+ vmovdqu STATE1, (1 * 32)(%rdi)
+ vmovdqu STATE2, (2 * 32)(%rdi)
+ vmovdqu STATE3, (3 * 32)(%rdi)
+ vmovdqu STATE4, (4 * 32)(%rdi)
+
+.Ldec_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_avx2_dec)
+
+/*
+ * void crypto_morus1280_avx2_dec_tail(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_avx2_dec_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ vmovdqu (0 * 32)(%rdi), STATE0
+ vmovdqu (1 * 32)(%rdi), STATE1
+ vmovdqu (2 * 32)(%rdi), STATE2
+ vmovdqu (3 * 32)(%rdi), STATE3
+ vmovdqu (4 * 32)(%rdi), STATE4
+
+ /* decrypt message: */
+ call __load_partial
+
+ vpxor STATE0, MSG, MSG
+ vpermq $MASK3, STATE1, T0
+ vpxor T0, MSG, MSG
+ vpand STATE2, STATE3, T0
+ vpxor T0, MSG, MSG
+ vmovdqa MSG, T0
+
+ call __store_partial
+
+ /* mask with byte count: */
+ movq %rcx, T0_LOW
+ vpbroadcastb T0_LOW, T0
+ vmovdqa .Lmorus1280_counter, T1
+ vpcmpgtb T1, T0, T0
+ vpand T0, MSG, MSG
+
+ call __morus1280_update
+
+ /* store the state: */
+ vmovdqu STATE0, (0 * 32)(%rdi)
+ vmovdqu STATE1, (1 * 32)(%rdi)
+ vmovdqu STATE2, (2 * 32)(%rdi)
+ vmovdqu STATE3, (3 * 32)(%rdi)
+ vmovdqu STATE4, (4 * 32)(%rdi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_avx2_dec_tail)
+
+/*
+ * void crypto_morus1280_avx2_final(void *state, void *tag_xor,
+ * u64 assoclen, u64 cryptlen);
+ */
+ENTRY(crypto_morus1280_avx2_final)
+ FRAME_BEGIN
+
+ /* load the state: */
+ vmovdqu (0 * 32)(%rdi), STATE0
+ vmovdqu (1 * 32)(%rdi), STATE1
+ vmovdqu (2 * 32)(%rdi), STATE2
+ vmovdqu (3 * 32)(%rdi), STATE3
+ vmovdqu (4 * 32)(%rdi), STATE4
+
+ /* xor state[0] into state[4]: */
+ vpxor STATE0, STATE4, STATE4
+
+ /* prepare length block: */
+ vpxor MSG, MSG, MSG
+ vpinsrq $0, %rdx, MSG_LOW, MSG_LOW
+ vpinsrq $1, %rcx, MSG_LOW, MSG_LOW
+ vpsllq $3, MSG, MSG /* multiply by 8 (to get bit count) */
+
+ /* update state: */
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+
+ /* xor tag: */
+ vmovdqu (%rsi), MSG
+
+ vpxor STATE0, MSG, MSG
+ vpermq $MASK3, STATE1, T0
+ vpxor T0, MSG, MSG
+ vpand STATE2, STATE3, T0
+ vpxor T0, MSG, MSG
+ vmovdqu MSG, (%rsi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_avx2_final)
diff --git a/arch/x86/crypto/morus1280-avx2-glue.c b/arch/x86/crypto/morus1280-avx2-glue.c
new file mode 100644
index 000000000000..f111f36d26dc
--- /dev/null
+++ b/arch/x86/crypto/morus1280-avx2-glue.c
@@ -0,0 +1,68 @@
+/*
+ * The MORUS-1280 Authenticated-Encryption Algorithm
+ * Glue for AVX2 implementation
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/internal/aead.h>
+#include <crypto/morus1280_glue.h>
+#include <linux/module.h>
+#include <asm/fpu/api.h>
+#include <asm/cpu_device_id.h>
+
+asmlinkage void crypto_morus1280_avx2_init(void *state, const void *key,
+ const void *iv);
+asmlinkage void crypto_morus1280_avx2_ad(void *state, const void *data,
+ unsigned int length);
+
+asmlinkage void crypto_morus1280_avx2_enc(void *state, const void *src,
+ void *dst, unsigned int length);
+asmlinkage void crypto_morus1280_avx2_dec(void *state, const void *src,
+ void *dst, unsigned int length);
+
+asmlinkage void crypto_morus1280_avx2_enc_tail(void *state, const void *src,
+ void *dst, unsigned int length);
+asmlinkage void crypto_morus1280_avx2_dec_tail(void *state, const void *src,
+ void *dst, unsigned int length);
+
+asmlinkage void crypto_morus1280_avx2_final(void *state, void *tag_xor,
+ u64 assoclen, u64 cryptlen);
+
+MORUS1280_DECLARE_ALGS(avx2, "morus1280-avx2", 400);
+
+static const struct x86_cpu_id avx2_cpu_id[] = {
+ X86_FEATURE_MATCH(X86_FEATURE_AVX2),
+ {}
+};
+MODULE_DEVICE_TABLE(x86cpu, avx2_cpu_id);
+
+static int __init crypto_morus1280_avx2_module_init(void)
+{
+ if (!x86_match_cpu(avx2_cpu_id))
+ return -ENODEV;
+
+ return crypto_register_aeads(crypto_morus1280_avx2_algs,
+ ARRAY_SIZE(crypto_morus1280_avx2_algs));
+}
+
+static void __exit crypto_morus1280_avx2_module_exit(void)
+{
+ crypto_unregister_aeads(crypto_morus1280_avx2_algs,
+ ARRAY_SIZE(crypto_morus1280_avx2_algs));
+}
+
+module_init(crypto_morus1280_avx2_module_init);
+module_exit(crypto_morus1280_avx2_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("MORUS-1280 AEAD algorithm -- AVX2 implementation");
+MODULE_ALIAS_CRYPTO("morus1280");
+MODULE_ALIAS_CRYPTO("morus1280-avx2");
diff --git a/arch/x86/crypto/morus1280-sse2-asm.S b/arch/x86/crypto/morus1280-sse2-asm.S
new file mode 100644
index 000000000000..1fe637c7be9d
--- /dev/null
+++ b/arch/x86/crypto/morus1280-sse2-asm.S
@@ -0,0 +1,895 @@
+/*
+ * SSE2 implementation of MORUS-1280
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/linkage.h>
+#include <asm/frame.h>
+
+#define SHUFFLE_MASK(i0, i1, i2, i3) \
+ (i0 | (i1 << 2) | (i2 << 4) | (i3 << 6))
+
+#define MASK2 SHUFFLE_MASK(2, 3, 0, 1)
+
+#define STATE0_LO %xmm0
+#define STATE0_HI %xmm1
+#define STATE1_LO %xmm2
+#define STATE1_HI %xmm3
+#define STATE2_LO %xmm4
+#define STATE2_HI %xmm5
+#define STATE3_LO %xmm6
+#define STATE3_HI %xmm7
+#define STATE4_LO %xmm8
+#define STATE4_HI %xmm9
+#define KEY_LO %xmm10
+#define KEY_HI %xmm11
+#define MSG_LO %xmm10
+#define MSG_HI %xmm11
+#define T0_LO %xmm12
+#define T0_HI %xmm13
+#define T1_LO %xmm14
+#define T1_HI %xmm15
+
+.section .rodata.cst16.morus640_const, "aM", @progbits, 16
+.align 16
+.Lmorus640_const_0:
+ .byte 0x00, 0x01, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d
+ .byte 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62
+.Lmorus640_const_1:
+ .byte 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1
+ .byte 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd
+
+.section .rodata.cst16.morus640_counter, "aM", @progbits, 16
+.align 16
+.Lmorus640_counter_0:
+ .byte 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+ .byte 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+.Lmorus640_counter_1:
+ .byte 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
+ .byte 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+
+.text
+
+.macro rol1 hi, lo
+ /*
+ * HI_1 | HI_0 || LO_1 | LO_0
+ * ==>
+ * HI_0 | HI_1 || LO_1 | LO_0
+ * ==>
+ * HI_0 | LO_1 || LO_0 | HI_1
+ */
+ pshufd $MASK2, \hi, \hi
+ movdqa \hi, T0_LO
+ punpcklqdq \lo, T0_LO
+ punpckhqdq \hi, \lo
+ movdqa \lo, \hi
+ movdqa T0_LO, \lo
+.endm
+
+.macro rol2 hi, lo
+ movdqa \lo, T0_LO
+ movdqa \hi, \lo
+ movdqa T0_LO, \hi
+.endm
+
+.macro rol3 hi, lo
+ /*
+ * HI_1 | HI_0 || LO_1 | LO_0
+ * ==>
+ * HI_0 | HI_1 || LO_1 | LO_0
+ * ==>
+ * LO_0 | HI_1 || HI_0 | LO_1
+ */
+ pshufd $MASK2, \hi, \hi
+ movdqa \lo, T0_LO
+ punpckhqdq \hi, T0_LO
+ punpcklqdq \lo, \hi
+ movdqa T0_LO, \lo
+.endm
+
+.macro morus1280_round s0_l, s0_h, s1_l, s1_h, s2_l, s2_h, s3_l, s3_h, s4_l, s4_h, b, w
+ movdqa \s1_l, T0_LO
+ pand \s2_l, T0_LO
+ pxor T0_LO, \s0_l
+
+ movdqa \s1_h, T0_LO
+ pand \s2_h, T0_LO
+ pxor T0_LO, \s0_h
+
+ pxor \s3_l, \s0_l
+ pxor \s3_h, \s0_h
+
+ movdqa \s0_l, T0_LO
+ psllq $\b, T0_LO
+ psrlq $(64 - \b), \s0_l
+ pxor T0_LO, \s0_l
+
+ movdqa \s0_h, T0_LO
+ psllq $\b, T0_LO
+ psrlq $(64 - \b), \s0_h
+ pxor T0_LO, \s0_h
+
+ \w \s3_h, \s3_l
+.endm
+
+/*
+ * __morus1280_update: internal ABI
+ * input:
+ * STATE[0-4] - input state
+ * MSG - message block
+ * output:
+ * STATE[0-4] - output state
+ * changed:
+ * T0
+ */
+__morus1280_update:
+ morus1280_round \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ 13, rol1
+ pxor MSG_LO, STATE1_LO
+ pxor MSG_HI, STATE1_HI
+ morus1280_round \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ 46, rol2
+ pxor MSG_LO, STATE2_LO
+ pxor MSG_HI, STATE2_HI
+ morus1280_round \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ 38, rol3
+ pxor MSG_LO, STATE3_LO
+ pxor MSG_HI, STATE3_HI
+ morus1280_round \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ 7, rol2
+ pxor MSG_LO, STATE4_LO
+ pxor MSG_HI, STATE4_HI
+ morus1280_round \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ 4, rol1
+ ret
+ENDPROC(__morus1280_update)
+
+/*
+ * __morus1280_update_zero: internal ABI
+ * input:
+ * STATE[0-4] - input state
+ * output:
+ * STATE[0-4] - output state
+ * changed:
+ * T0
+ */
+__morus1280_update_zero:
+ morus1280_round \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ 13, rol1
+ morus1280_round \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ 46, rol2
+ morus1280_round \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ 38, rol3
+ morus1280_round \
+ STATE3_LO, STATE3_HI, \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ 7, rol2
+ morus1280_round \
+ STATE4_LO, STATE4_HI, \
+ STATE0_LO, STATE0_HI, \
+ STATE1_LO, STATE1_HI, \
+ STATE2_LO, STATE2_HI, \
+ STATE3_LO, STATE3_HI, \
+ 4, rol1
+ ret
+ENDPROC(__morus1280_update_zero)
+
+/*
+ * __load_partial: internal ABI
+ * input:
+ * %rsi - src
+ * %rcx - bytes
+ * output:
+ * MSG - message block
+ * changed:
+ * %r8
+ * %r9
+ */
+__load_partial:
+ xor %r9, %r9
+ pxor MSG_LO, MSG_LO
+ pxor MSG_HI, MSG_HI
+
+ mov %rcx, %r8
+ and $0x1, %r8
+ jz .Lld_partial_1
+
+ mov %rcx, %r8
+ and $0x1E, %r8
+ add %rsi, %r8
+ mov (%r8), %r9b
+
+.Lld_partial_1:
+ mov %rcx, %r8
+ and $0x2, %r8
+ jz .Lld_partial_2
+
+ mov %rcx, %r8
+ and $0x1C, %r8
+ add %rsi, %r8
+ shl $16, %r9
+ mov (%r8), %r9w
+
+.Lld_partial_2:
+ mov %rcx, %r8
+ and $0x4, %r8
+ jz .Lld_partial_4
+
+ mov %rcx, %r8
+ and $0x18, %r8
+ add %rsi, %r8
+ shl $32, %r9
+ mov (%r8), %r8d
+ xor %r8, %r9
+
+.Lld_partial_4:
+ movq %r9, MSG_LO
+
+ mov %rcx, %r8
+ and $0x8, %r8
+ jz .Lld_partial_8
+
+ mov %rcx, %r8
+ and $0x10, %r8
+ add %rsi, %r8
+ pslldq $8, MSG_LO
+ movq (%r8), T0_LO
+ pxor T0_LO, MSG_LO
+
+.Lld_partial_8:
+ mov %rcx, %r8
+ and $0x10, %r8
+ jz .Lld_partial_16
+
+ movdqa MSG_LO, MSG_HI
+ movdqu (%rsi), MSG_LO
+
+.Lld_partial_16:
+ ret
+ENDPROC(__load_partial)
+
+/*
+ * __store_partial: internal ABI
+ * input:
+ * %rdx - dst
+ * %rcx - bytes
+ * output:
+ * T0 - message block
+ * changed:
+ * %r8
+ * %r9
+ * %r10
+ */
+__store_partial:
+ mov %rcx, %r8
+ mov %rdx, %r9
+
+ cmp $16, %r8
+ jl .Lst_partial_16
+
+ movdqu T0_LO, (%r9)
+ movdqa T0_HI, T0_LO
+
+ sub $16, %r8
+ add $16, %r9
+
+.Lst_partial_16:
+ movq T0_LO, %r10
+
+ cmp $8, %r8
+ jl .Lst_partial_8
+
+ mov %r10, (%r9)
+ psrldq $8, T0_LO
+ movq T0_LO, %r10
+
+ sub $8, %r8
+ add $8, %r9
+
+.Lst_partial_8:
+ cmp $4, %r8
+ jl .Lst_partial_4
+
+ mov %r10d, (%r9)
+ shr $32, %r10
+
+ sub $4, %r8
+ add $4, %r9
+
+.Lst_partial_4:
+ cmp $2, %r8
+ jl .Lst_partial_2
+
+ mov %r10w, (%r9)
+ shr $16, %r10
+
+ sub $2, %r8
+ add $2, %r9
+
+.Lst_partial_2:
+ cmp $1, %r8
+ jl .Lst_partial_1
+
+ mov %r10b, (%r9)
+
+.Lst_partial_1:
+ ret
+ENDPROC(__store_partial)
+
+/*
+ * void crypto_morus1280_sse2_init(void *state, const void *key,
+ * const void *iv);
+ */
+ENTRY(crypto_morus1280_sse2_init)
+ FRAME_BEGIN
+
+ /* load IV: */
+ pxor STATE0_HI, STATE0_HI
+ movdqu (%rdx), STATE0_LO
+ /* load key: */
+ movdqu 0(%rsi), KEY_LO
+ movdqu 16(%rsi), KEY_HI
+ movdqa KEY_LO, STATE1_LO
+ movdqa KEY_HI, STATE1_HI
+ /* load all ones: */
+ pcmpeqd STATE2_LO, STATE2_LO
+ pcmpeqd STATE2_HI, STATE2_HI
+ /* load all zeros: */
+ pxor STATE3_LO, STATE3_LO
+ pxor STATE3_HI, STATE3_HI
+ /* load the constant: */
+ movdqa .Lmorus640_const_0, STATE4_LO
+ movdqa .Lmorus640_const_1, STATE4_HI
+
+ /* update 16 times with zero: */
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+ call __morus1280_update_zero
+
+ /* xor-in the key again after updates: */
+ pxor KEY_LO, STATE1_LO
+ pxor KEY_HI, STATE1_HI
+
+ /* store the state: */
+ movdqu STATE0_LO, (0 * 16)(%rdi)
+ movdqu STATE0_HI, (1 * 16)(%rdi)
+ movdqu STATE1_LO, (2 * 16)(%rdi)
+ movdqu STATE1_HI, (3 * 16)(%rdi)
+ movdqu STATE2_LO, (4 * 16)(%rdi)
+ movdqu STATE2_HI, (5 * 16)(%rdi)
+ movdqu STATE3_LO, (6 * 16)(%rdi)
+ movdqu STATE3_HI, (7 * 16)(%rdi)
+ movdqu STATE4_LO, (8 * 16)(%rdi)
+ movdqu STATE4_HI, (9 * 16)(%rdi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_sse2_init)
+
+/*
+ * void crypto_morus1280_sse2_ad(void *state, const void *data,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_sse2_ad)
+ FRAME_BEGIN
+
+ cmp $32, %rdx
+ jb .Lad_out
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0_LO
+ movdqu (1 * 16)(%rdi), STATE0_HI
+ movdqu (2 * 16)(%rdi), STATE1_LO
+ movdqu (3 * 16)(%rdi), STATE1_HI
+ movdqu (4 * 16)(%rdi), STATE2_LO
+ movdqu (5 * 16)(%rdi), STATE2_HI
+ movdqu (6 * 16)(%rdi), STATE3_LO
+ movdqu (7 * 16)(%rdi), STATE3_HI
+ movdqu (8 * 16)(%rdi), STATE4_LO
+ movdqu (9 * 16)(%rdi), STATE4_HI
+
+ mov %rsi, %r8
+ and $0xF, %r8
+ jnz .Lad_u_loop
+
+.align 4
+.Lad_a_loop:
+ movdqa 0(%rsi), MSG_LO
+ movdqa 16(%rsi), MSG_HI
+ call __morus1280_update
+ sub $32, %rdx
+ add $32, %rsi
+ cmp $32, %rdx
+ jge .Lad_a_loop
+
+ jmp .Lad_cont
+.align 4
+.Lad_u_loop:
+ movdqu 0(%rsi), MSG_LO
+ movdqu 16(%rsi), MSG_HI
+ call __morus1280_update
+ sub $32, %rdx
+ add $32, %rsi
+ cmp $32, %rdx
+ jge .Lad_u_loop
+
+.Lad_cont:
+ /* store the state: */
+ movdqu STATE0_LO, (0 * 16)(%rdi)
+ movdqu STATE0_HI, (1 * 16)(%rdi)
+ movdqu STATE1_LO, (2 * 16)(%rdi)
+ movdqu STATE1_HI, (3 * 16)(%rdi)
+ movdqu STATE2_LO, (4 * 16)(%rdi)
+ movdqu STATE2_HI, (5 * 16)(%rdi)
+ movdqu STATE3_LO, (6 * 16)(%rdi)
+ movdqu STATE3_HI, (7 * 16)(%rdi)
+ movdqu STATE4_LO, (8 * 16)(%rdi)
+ movdqu STATE4_HI, (9 * 16)(%rdi)
+
+.Lad_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_sse2_ad)
+
+/*
+ * void crypto_morus1280_sse2_enc(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_sse2_enc)
+ FRAME_BEGIN
+
+ cmp $32, %rcx
+ jb .Lenc_out
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0_LO
+ movdqu (1 * 16)(%rdi), STATE0_HI
+ movdqu (2 * 16)(%rdi), STATE1_LO
+ movdqu (3 * 16)(%rdi), STATE1_HI
+ movdqu (4 * 16)(%rdi), STATE2_LO
+ movdqu (5 * 16)(%rdi), STATE2_HI
+ movdqu (6 * 16)(%rdi), STATE3_LO
+ movdqu (7 * 16)(%rdi), STATE3_HI
+ movdqu (8 * 16)(%rdi), STATE4_LO
+ movdqu (9 * 16)(%rdi), STATE4_HI
+
+ mov %rsi, %r8
+ or %rdx, %r8
+ and $0xF, %r8
+ jnz .Lenc_u_loop
+
+.align 4
+.Lenc_a_loop:
+ movdqa 0(%rsi), MSG_LO
+ movdqa 16(%rsi), MSG_HI
+ movdqa STATE1_LO, T1_LO
+ movdqa STATE1_HI, T1_HI
+ rol3 T1_HI, T1_LO
+ movdqa MSG_LO, T0_LO
+ movdqa MSG_HI, T0_HI
+ pxor T1_LO, T0_LO
+ pxor T1_HI, T0_HI
+ pxor STATE0_LO, T0_LO
+ pxor STATE0_HI, T0_HI
+ movdqa STATE2_LO, T1_LO
+ movdqa STATE2_HI, T1_HI
+ pand STATE3_LO, T1_LO
+ pand STATE3_HI, T1_HI
+ pxor T1_LO, T0_LO
+ pxor T1_HI, T0_HI
+ movdqa T0_LO, 0(%rdx)
+ movdqa T0_HI, 16(%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Lenc_a_loop
+
+ jmp .Lenc_cont
+.align 4
+.Lenc_u_loop:
+ movdqu 0(%rsi), MSG_LO
+ movdqu 16(%rsi), MSG_HI
+ movdqa STATE1_LO, T1_LO
+ movdqa STATE1_HI, T1_HI
+ rol3 T1_HI, T1_LO
+ movdqa MSG_LO, T0_LO
+ movdqa MSG_HI, T0_HI
+ pxor T1_LO, T0_LO
+ pxor T1_HI, T0_HI
+ pxor STATE0_LO, T0_LO
+ pxor STATE0_HI, T0_HI
+ movdqa STATE2_LO, T1_LO
+ movdqa STATE2_HI, T1_HI
+ pand STATE3_LO, T1_LO
+ pand STATE3_HI, T1_HI
+ pxor T1_LO, T0_LO
+ pxor T1_HI, T0_HI
+ movdqu T0_LO, 0(%rdx)
+ movdqu T0_HI, 16(%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Lenc_u_loop
+
+.Lenc_cont:
+ /* store the state: */
+ movdqu STATE0_LO, (0 * 16)(%rdi)
+ movdqu STATE0_HI, (1 * 16)(%rdi)
+ movdqu STATE1_LO, (2 * 16)(%rdi)
+ movdqu STATE1_HI, (3 * 16)(%rdi)
+ movdqu STATE2_LO, (4 * 16)(%rdi)
+ movdqu STATE2_HI, (5 * 16)(%rdi)
+ movdqu STATE3_LO, (6 * 16)(%rdi)
+ movdqu STATE3_HI, (7 * 16)(%rdi)
+ movdqu STATE4_LO, (8 * 16)(%rdi)
+ movdqu STATE4_HI, (9 * 16)(%rdi)
+
+.Lenc_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_sse2_enc)
+
+/*
+ * void crypto_morus1280_sse2_enc_tail(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_sse2_enc_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0_LO
+ movdqu (1 * 16)(%rdi), STATE0_HI
+ movdqu (2 * 16)(%rdi), STATE1_LO
+ movdqu (3 * 16)(%rdi), STATE1_HI
+ movdqu (4 * 16)(%rdi), STATE2_LO
+ movdqu (5 * 16)(%rdi), STATE2_HI
+ movdqu (6 * 16)(%rdi), STATE3_LO
+ movdqu (7 * 16)(%rdi), STATE3_HI
+ movdqu (8 * 16)(%rdi), STATE4_LO
+ movdqu (9 * 16)(%rdi), STATE4_HI
+
+ /* encrypt message: */
+ call __load_partial
+
+ movdqa STATE1_LO, T1_LO
+ movdqa STATE1_HI, T1_HI
+ rol3 T1_HI, T1_LO
+ movdqa MSG_LO, T0_LO
+ movdqa MSG_HI, T0_HI
+ pxor T1_LO, T0_LO
+ pxor T1_HI, T0_HI
+ pxor STATE0_LO, T0_LO
+ pxor STATE0_HI, T0_HI
+ movdqa STATE2_LO, T1_LO
+ movdqa STATE2_HI, T1_HI
+ pand STATE3_LO, T1_LO
+ pand STATE3_HI, T1_HI
+ pxor T1_LO, T0_LO
+ pxor T1_HI, T0_HI
+
+ call __store_partial
+
+ call __morus1280_update
+
+ /* store the state: */
+ movdqu STATE0_LO, (0 * 16)(%rdi)
+ movdqu STATE0_HI, (1 * 16)(%rdi)
+ movdqu STATE1_LO, (2 * 16)(%rdi)
+ movdqu STATE1_HI, (3 * 16)(%rdi)
+ movdqu STATE2_LO, (4 * 16)(%rdi)
+ movdqu STATE2_HI, (5 * 16)(%rdi)
+ movdqu STATE3_LO, (6 * 16)(%rdi)
+ movdqu STATE3_HI, (7 * 16)(%rdi)
+ movdqu STATE4_LO, (8 * 16)(%rdi)
+ movdqu STATE4_HI, (9 * 16)(%rdi)
+
+ FRAME_END
+ENDPROC(crypto_morus1280_sse2_enc_tail)
+
+/*
+ * void crypto_morus1280_sse2_dec(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_sse2_dec)
+ FRAME_BEGIN
+
+ cmp $32, %rcx
+ jb .Ldec_out
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0_LO
+ movdqu (1 * 16)(%rdi), STATE0_HI
+ movdqu (2 * 16)(%rdi), STATE1_LO
+ movdqu (3 * 16)(%rdi), STATE1_HI
+ movdqu (4 * 16)(%rdi), STATE2_LO
+ movdqu (5 * 16)(%rdi), STATE2_HI
+ movdqu (6 * 16)(%rdi), STATE3_LO
+ movdqu (7 * 16)(%rdi), STATE3_HI
+ movdqu (8 * 16)(%rdi), STATE4_LO
+ movdqu (9 * 16)(%rdi), STATE4_HI
+
+ mov %rsi, %r8
+ or %rdx, %r8
+ and $0xF, %r8
+ jnz .Ldec_u_loop
+
+.align 4
+.Ldec_a_loop:
+ movdqa 0(%rsi), MSG_LO
+ movdqa 16(%rsi), MSG_HI
+ pxor STATE0_LO, MSG_LO
+ pxor STATE0_HI, MSG_HI
+ movdqa STATE1_LO, T1_LO
+ movdqa STATE1_HI, T1_HI
+ rol3 T1_HI, T1_LO
+ pxor T1_LO, MSG_LO
+ pxor T1_HI, MSG_HI
+ movdqa STATE2_LO, T1_LO
+ movdqa STATE2_HI, T1_HI
+ pand STATE3_LO, T1_LO
+ pand STATE3_HI, T1_HI
+ pxor T1_LO, MSG_LO
+ pxor T1_HI, MSG_HI
+ movdqa MSG_LO, 0(%rdx)
+ movdqa MSG_HI, 16(%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Ldec_a_loop
+
+ jmp .Ldec_cont
+.align 4
+.Ldec_u_loop:
+ movdqu 0(%rsi), MSG_LO
+ movdqu 16(%rsi), MSG_HI
+ pxor STATE0_LO, MSG_LO
+ pxor STATE0_HI, MSG_HI
+ movdqa STATE1_LO, T1_LO
+ movdqa STATE1_HI, T1_HI
+ rol3 T1_HI, T1_LO
+ pxor T1_LO, MSG_LO
+ pxor T1_HI, MSG_HI
+ movdqa STATE2_LO, T1_LO
+ movdqa STATE2_HI, T1_HI
+ pand STATE3_LO, T1_LO
+ pand STATE3_HI, T1_HI
+ pxor T1_LO, MSG_LO
+ pxor T1_HI, MSG_HI
+ movdqu MSG_LO, 0(%rdx)
+ movdqu MSG_HI, 16(%rdx)
+
+ call __morus1280_update
+ sub $32, %rcx
+ add $32, %rsi
+ add $32, %rdx
+ cmp $32, %rcx
+ jge .Ldec_u_loop
+
+.Ldec_cont:
+ /* store the state: */
+ movdqu STATE0_LO, (0 * 16)(%rdi)
+ movdqu STATE0_HI, (1 * 16)(%rdi)
+ movdqu STATE1_LO, (2 * 16)(%rdi)
+ movdqu STATE1_HI, (3 * 16)(%rdi)
+ movdqu STATE2_LO, (4 * 16)(%rdi)
+ movdqu STATE2_HI, (5 * 16)(%rdi)
+ movdqu STATE3_LO, (6 * 16)(%rdi)
+ movdqu STATE3_HI, (7 * 16)(%rdi)
+ movdqu STATE4_LO, (8 * 16)(%rdi)
+ movdqu STATE4_HI, (9 * 16)(%rdi)
+
+.Ldec_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_sse2_dec)
+
+/*
+ * void crypto_morus1280_sse2_dec_tail(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus1280_sse2_dec_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0_LO
+ movdqu (1 * 16)(%rdi), STATE0_HI
+ movdqu (2 * 16)(%rdi), STATE1_LO
+ movdqu (3 * 16)(%rdi), STATE1_HI
+ movdqu (4 * 16)(%rdi), STATE2_LO
+ movdqu (5 * 16)(%rdi), STATE2_HI
+ movdqu (6 * 16)(%rdi), STATE3_LO
+ movdqu (7 * 16)(%rdi), STATE3_HI
+ movdqu (8 * 16)(%rdi), STATE4_LO
+ movdqu (9 * 16)(%rdi), STATE4_HI
+
+ /* decrypt message: */
+ call __load_partial
+
+ pxor STATE0_LO, MSG_LO
+ pxor STATE0_HI, MSG_HI
+ movdqa STATE1_LO, T1_LO
+ movdqa STATE1_HI, T1_HI
+ rol3 T1_HI, T1_LO
+ pxor T1_LO, MSG_LO
+ pxor T1_HI, MSG_HI
+ movdqa STATE2_LO, T1_LO
+ movdqa STATE2_HI, T1_HI
+ pand STATE3_LO, T1_LO
+ pand STATE3_HI, T1_HI
+ pxor T1_LO, MSG_LO
+ pxor T1_HI, MSG_HI
+ movdqa MSG_LO, T0_LO
+ movdqa MSG_HI, T0_HI
+
+ call __store_partial
+
+ /* mask with byte count: */
+ movq %rcx, T0_LO
+ punpcklbw T0_LO, T0_LO
+ punpcklbw T0_LO, T0_LO
+ punpcklbw T0_LO, T0_LO
+ punpcklbw T0_LO, T0_LO
+ movdqa T0_LO, T0_HI
+ movdqa .Lmorus640_counter_0, T1_LO
+ movdqa .Lmorus640_counter_1, T1_HI
+ pcmpgtb T1_LO, T0_LO
+ pcmpgtb T1_HI, T0_HI
+ pand T0_LO, MSG_LO
+ pand T0_HI, MSG_HI
+
+ call __morus1280_update
+
+ /* store the state: */
+ movdqu STATE0_LO, (0 * 16)(%rdi)
+ movdqu STATE0_HI, (1 * 16)(%rdi)
+ movdqu STATE1_LO, (2 * 16)(%rdi)
+ movdqu STATE1_HI, (3 * 16)(%rdi)
+ movdqu STATE2_LO, (4 * 16)(%rdi)
+ movdqu STATE2_HI, (5 * 16)(%rdi)
+ movdqu STATE3_LO, (6 * 16)(%rdi)
+ movdqu STATE3_HI, (7 * 16)(%rdi)
+ movdqu STATE4_LO, (8 * 16)(%rdi)
+ movdqu STATE4_HI, (9 * 16)(%rdi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_sse2_dec_tail)
+
+/*
+ * void crypto_morus1280_sse2_final(void *state, void *tag_xor,
+ * u64 assoclen, u64 cryptlen);
+ */
+ENTRY(crypto_morus1280_sse2_final)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0_LO
+ movdqu (1 * 16)(%rdi), STATE0_HI
+ movdqu (2 * 16)(%rdi), STATE1_LO
+ movdqu (3 * 16)(%rdi), STATE1_HI
+ movdqu (4 * 16)(%rdi), STATE2_LO
+ movdqu (5 * 16)(%rdi), STATE2_HI
+ movdqu (6 * 16)(%rdi), STATE3_LO
+ movdqu (7 * 16)(%rdi), STATE3_HI
+ movdqu (8 * 16)(%rdi), STATE4_LO
+ movdqu (9 * 16)(%rdi), STATE4_HI
+
+ /* xor state[0] into state[4]: */
+ pxor STATE0_LO, STATE4_LO
+ pxor STATE0_HI, STATE4_HI
+
+ /* prepare length block: */
+ movq %rdx, MSG_LO
+ movq %rcx, T0_LO
+ pslldq $8, T0_LO
+ pxor T0_LO, MSG_LO
+ psllq $3, MSG_LO /* multiply by 8 (to get bit count) */
+ pxor MSG_HI, MSG_HI
+
+ /* update state: */
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+ call __morus1280_update
+
+ /* xor tag: */
+ movdqu 0(%rsi), MSG_LO
+ movdqu 16(%rsi), MSG_HI
+
+ pxor STATE0_LO, MSG_LO
+ pxor STATE0_HI, MSG_HI
+ movdqa STATE1_LO, T0_LO
+ movdqa STATE1_HI, T0_HI
+ rol3 T0_HI, T0_LO
+ pxor T0_LO, MSG_LO
+ pxor T0_HI, MSG_HI
+ movdqa STATE2_LO, T0_LO
+ movdqa STATE2_HI, T0_HI
+ pand STATE3_LO, T0_LO
+ pand STATE3_HI, T0_HI
+ pxor T0_LO, MSG_LO
+ pxor T0_HI, MSG_HI
+
+ movdqu MSG_LO, 0(%rsi)
+ movdqu MSG_HI, 16(%rsi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus1280_sse2_final)
diff --git a/arch/x86/crypto/morus1280-sse2-glue.c b/arch/x86/crypto/morus1280-sse2-glue.c
new file mode 100644
index 000000000000..839270aa713c
--- /dev/null
+++ b/arch/x86/crypto/morus1280-sse2-glue.c
@@ -0,0 +1,68 @@
+/*
+ * The MORUS-1280 Authenticated-Encryption Algorithm
+ * Glue for SSE2 implementation
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/internal/aead.h>
+#include <crypto/morus1280_glue.h>
+#include <linux/module.h>
+#include <asm/fpu/api.h>
+#include <asm/cpu_device_id.h>
+
+asmlinkage void crypto_morus1280_sse2_init(void *state, const void *key,
+ const void *iv);
+asmlinkage void crypto_morus1280_sse2_ad(void *state, const void *data,
+ unsigned int length);
+
+asmlinkage void crypto_morus1280_sse2_enc(void *state, const void *src,
+ void *dst, unsigned int length);
+asmlinkage void crypto_morus1280_sse2_dec(void *state, const void *src,
+ void *dst, unsigned int length);
+
+asmlinkage void crypto_morus1280_sse2_enc_tail(void *state, const void *src,
+ void *dst, unsigned int length);
+asmlinkage void crypto_morus1280_sse2_dec_tail(void *state, const void *src,
+ void *dst, unsigned int length);
+
+asmlinkage void crypto_morus1280_sse2_final(void *state, void *tag_xor,
+ u64 assoclen, u64 cryptlen);
+
+MORUS1280_DECLARE_ALGS(sse2, "morus1280-sse2", 350);
+
+static const struct x86_cpu_id sse2_cpu_id[] = {
+ X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+ {}
+};
+MODULE_DEVICE_TABLE(x86cpu, sse2_cpu_id);
+
+static int __init crypto_morus1280_sse2_module_init(void)
+{
+ if (!x86_match_cpu(sse2_cpu_id))
+ return -ENODEV;
+
+ return crypto_register_aeads(crypto_morus1280_sse2_algs,
+ ARRAY_SIZE(crypto_morus1280_sse2_algs));
+}
+
+static void __exit crypto_morus1280_sse2_module_exit(void)
+{
+ crypto_unregister_aeads(crypto_morus1280_sse2_algs,
+ ARRAY_SIZE(crypto_morus1280_sse2_algs));
+}
+
+module_init(crypto_morus1280_sse2_module_init);
+module_exit(crypto_morus1280_sse2_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("MORUS-1280 AEAD algorithm -- SSE2 implementation");
+MODULE_ALIAS_CRYPTO("morus1280");
+MODULE_ALIAS_CRYPTO("morus1280-sse2");
diff --git a/arch/x86/crypto/morus1280_glue.c b/arch/x86/crypto/morus1280_glue.c
new file mode 100644
index 000000000000..0dccdda1eb3a
--- /dev/null
+++ b/arch/x86/crypto/morus1280_glue.c
@@ -0,0 +1,302 @@
+/*
+ * The MORUS-1280 Authenticated-Encryption Algorithm
+ * Common x86 SIMD glue skeleton
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/cryptd.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/morus1280_glue.h>
+#include <crypto/scatterwalk.h>
+#include <linux/err.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/scatterlist.h>
+#include <asm/fpu/api.h>
+
+struct morus1280_state {
+ struct morus1280_block s[MORUS_STATE_BLOCKS];
+};
+
+struct morus1280_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_blocks)(void *state, const void *src, void *dst,
+ unsigned int length);
+ void (*crypt_tail)(void *state, const void *src, void *dst,
+ unsigned int length);
+};
+
+static void crypto_morus1280_glue_process_ad(
+ struct morus1280_state *state,
+ const struct morus1280_glue_ops *ops,
+ struct scatterlist *sg_src, unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ struct morus1280_block buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= MORUS1280_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = MORUS1280_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ ops->ad(state, buf.bytes, MORUS1280_BLOCK_SIZE);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ ops->ad(state, src, left);
+ src += left & ~(MORUS1280_BLOCK_SIZE - 1);
+ left &= MORUS1280_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+
+ pos += left;
+ assoclen -= size;
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, MORUS1280_BLOCK_SIZE - pos);
+ ops->ad(state, buf.bytes, MORUS1280_BLOCK_SIZE);
+ }
+}
+
+static void crypto_morus1280_glue_process_crypt(struct morus1280_state *state,
+ struct morus1280_ops ops,
+ struct aead_request *req)
+{
+ struct skcipher_walk walk;
+ u8 *cursor_src, *cursor_dst;
+ unsigned int chunksize, base;
+
+ ops.skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ cursor_src = walk.src.virt.addr;
+ cursor_dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops.crypt_blocks(state, cursor_src, cursor_dst, chunksize);
+
+ base = chunksize & ~(MORUS1280_BLOCK_SIZE - 1);
+ cursor_src += base;
+ cursor_dst += base;
+ chunksize &= MORUS1280_BLOCK_SIZE - 1;
+
+ if (chunksize > 0)
+ ops.crypt_tail(state, cursor_src, cursor_dst,
+ chunksize);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+int crypto_morus1280_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct morus1280_ctx *ctx = crypto_aead_ctx(aead);
+
+ if (keylen == MORUS1280_BLOCK_SIZE) {
+ memcpy(ctx->key.bytes, key, MORUS1280_BLOCK_SIZE);
+ } else if (keylen == MORUS1280_BLOCK_SIZE / 2) {
+ memcpy(ctx->key.bytes, key, keylen);
+ memcpy(ctx->key.bytes + keylen, key, keylen);
+ } else {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(crypto_morus1280_glue_setkey);
+
+int crypto_morus1280_glue_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ return (authsize <= MORUS_MAX_AUTH_SIZE) ? 0 : -EINVAL;
+}
+EXPORT_SYMBOL_GPL(crypto_morus1280_glue_setauthsize);
+
+static void crypto_morus1280_glue_crypt(struct aead_request *req,
+ struct morus1280_ops ops,
+ unsigned int cryptlen,
+ struct morus1280_block *tag_xor)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus1280_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus1280_state state;
+
+ kernel_fpu_begin();
+
+ ctx->ops->init(&state, &ctx->key, req->iv);
+ crypto_morus1280_glue_process_ad(&state, ctx->ops, req->src, req->assoclen);
+ crypto_morus1280_glue_process_crypt(&state, ops, req);
+ ctx->ops->final(&state, tag_xor, req->assoclen, cryptlen);
+
+ kernel_fpu_end();
+}
+
+int crypto_morus1280_glue_encrypt(struct aead_request *req)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus1280_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus1280_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_blocks = ctx->ops->enc,
+ .crypt_tail = ctx->ops->enc_tail,
+ };
+
+ struct morus1280_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_morus1280_glue_crypt(req, OPS, cryptlen, &tag);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst,
+ req->assoclen + cryptlen, authsize, 1);
+ return 0;
+}
+EXPORT_SYMBOL_GPL(crypto_morus1280_glue_encrypt);
+
+int crypto_morus1280_glue_decrypt(struct aead_request *req)
+{
+ static const u8 zeros[MORUS1280_BLOCK_SIZE] = {};
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus1280_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus1280_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_blocks = ctx->ops->dec,
+ .crypt_tail = ctx->ops->dec_tail,
+ };
+
+ struct morus1280_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src,
+ req->assoclen + cryptlen, authsize, 0);
+
+ crypto_morus1280_glue_crypt(req, OPS, cryptlen, &tag);
+
+ return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0;
+}
+EXPORT_SYMBOL_GPL(crypto_morus1280_glue_decrypt);
+
+void crypto_morus1280_glue_init_ops(struct crypto_aead *aead,
+ const struct morus1280_glue_ops *ops)
+{
+ struct morus1280_ctx *ctx = crypto_aead_ctx(aead);
+ ctx->ops = ops;
+}
+EXPORT_SYMBOL_GPL(crypto_morus1280_glue_init_ops);
+
+int cryptd_morus1280_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setkey(&cryptd_tfm->base, key, keylen);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus1280_glue_setkey);
+
+int cryptd_morus1280_glue_setauthsize(struct crypto_aead *aead,
+ unsigned int authsize)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setauthsize(&cryptd_tfm->base, authsize);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus1280_glue_setauthsize);
+
+int cryptd_morus1280_glue_encrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_encrypt(req);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus1280_glue_encrypt);
+
+int cryptd_morus1280_glue_decrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_decrypt(req);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus1280_glue_decrypt);
+
+int cryptd_morus1280_glue_init_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead *cryptd_tfm;
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ const char *name = crypto_aead_alg(aead)->base.cra_driver_name;
+ char internal_name[CRYPTO_MAX_ALG_NAME];
+
+ if (snprintf(internal_name, CRYPTO_MAX_ALG_NAME, "__%s", name)
+ >= CRYPTO_MAX_ALG_NAME)
+ return -ENAMETOOLONG;
+
+ cryptd_tfm = cryptd_alloc_aead(internal_name, CRYPTO_ALG_INTERNAL,
+ CRYPTO_ALG_INTERNAL);
+ if (IS_ERR(cryptd_tfm))
+ return PTR_ERR(cryptd_tfm);
+
+ *ctx = cryptd_tfm;
+ crypto_aead_set_reqsize(aead, crypto_aead_reqsize(&cryptd_tfm->base));
+ return 0;
+}
+EXPORT_SYMBOL_GPL(cryptd_morus1280_glue_init_tfm);
+
+void cryptd_morus1280_glue_exit_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_free_aead(*ctx);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus1280_glue_exit_tfm);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("MORUS-1280 AEAD mode -- glue for x86 optimizations");
diff --git a/arch/x86/crypto/morus640-sse2-asm.S b/arch/x86/crypto/morus640-sse2-asm.S
new file mode 100644
index 000000000000..71c72a0a0862
--- /dev/null
+++ b/arch/x86/crypto/morus640-sse2-asm.S
@@ -0,0 +1,614 @@
+/*
+ * SSE2 implementation of MORUS-640
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/linkage.h>
+#include <asm/frame.h>
+
+#define SHUFFLE_MASK(i0, i1, i2, i3) \
+ (i0 | (i1 << 2) | (i2 << 4) | (i3 << 6))
+
+#define MASK1 SHUFFLE_MASK(3, 0, 1, 2)
+#define MASK2 SHUFFLE_MASK(2, 3, 0, 1)
+#define MASK3 SHUFFLE_MASK(1, 2, 3, 0)
+
+#define STATE0 %xmm0
+#define STATE1 %xmm1
+#define STATE2 %xmm2
+#define STATE3 %xmm3
+#define STATE4 %xmm4
+#define KEY %xmm5
+#define MSG %xmm5
+#define T0 %xmm6
+#define T1 %xmm7
+
+.section .rodata.cst16.morus640_const, "aM", @progbits, 32
+.align 16
+.Lmorus640_const_0:
+ .byte 0x00, 0x01, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d
+ .byte 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62
+.Lmorus640_const_1:
+ .byte 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1
+ .byte 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd
+
+.section .rodata.cst16.morus640_counter, "aM", @progbits, 16
+.align 16
+.Lmorus640_counter:
+ .byte 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+ .byte 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+
+.text
+
+.macro morus640_round s0, s1, s2, s3, s4, b, w
+ movdqa \s1, T0
+ pand \s2, T0
+ pxor T0, \s0
+ pxor \s3, \s0
+ movdqa \s0, T0
+ pslld $\b, T0
+ psrld $(32 - \b), \s0
+ pxor T0, \s0
+ pshufd $\w, \s3, \s3
+.endm
+
+/*
+ * __morus640_update: internal ABI
+ * input:
+ * STATE[0-4] - input state
+ * MSG - message block
+ * output:
+ * STATE[0-4] - output state
+ * changed:
+ * T0
+ */
+__morus640_update:
+ morus640_round STATE0, STATE1, STATE2, STATE3, STATE4, 5, MASK1
+ pxor MSG, STATE1
+ morus640_round STATE1, STATE2, STATE3, STATE4, STATE0, 31, MASK2
+ pxor MSG, STATE2
+ morus640_round STATE2, STATE3, STATE4, STATE0, STATE1, 7, MASK3
+ pxor MSG, STATE3
+ morus640_round STATE3, STATE4, STATE0, STATE1, STATE2, 22, MASK2
+ pxor MSG, STATE4
+ morus640_round STATE4, STATE0, STATE1, STATE2, STATE3, 13, MASK1
+ ret
+ENDPROC(__morus640_update)
+
+
+/*
+ * __morus640_update_zero: internal ABI
+ * input:
+ * STATE[0-4] - input state
+ * output:
+ * STATE[0-4] - output state
+ * changed:
+ * T0
+ */
+__morus640_update_zero:
+ morus640_round STATE0, STATE1, STATE2, STATE3, STATE4, 5, MASK1
+ morus640_round STATE1, STATE2, STATE3, STATE4, STATE0, 31, MASK2
+ morus640_round STATE2, STATE3, STATE4, STATE0, STATE1, 7, MASK3
+ morus640_round STATE3, STATE4, STATE0, STATE1, STATE2, 22, MASK2
+ morus640_round STATE4, STATE0, STATE1, STATE2, STATE3, 13, MASK1
+ ret
+ENDPROC(__morus640_update_zero)
+
+/*
+ * __load_partial: internal ABI
+ * input:
+ * %rsi - src
+ * %rcx - bytes
+ * output:
+ * MSG - message block
+ * changed:
+ * T0
+ * %r8
+ * %r9
+ */
+__load_partial:
+ xor %r9, %r9
+ pxor MSG, MSG
+
+ mov %rcx, %r8
+ and $0x1, %r8
+ jz .Lld_partial_1
+
+ mov %rcx, %r8
+ and $0x1E, %r8
+ add %rsi, %r8
+ mov (%r8), %r9b
+
+.Lld_partial_1:
+ mov %rcx, %r8
+ and $0x2, %r8
+ jz .Lld_partial_2
+
+ mov %rcx, %r8
+ and $0x1C, %r8
+ add %rsi, %r8
+ shl $16, %r9
+ mov (%r8), %r9w
+
+.Lld_partial_2:
+ mov %rcx, %r8
+ and $0x4, %r8
+ jz .Lld_partial_4
+
+ mov %rcx, %r8
+ and $0x18, %r8
+ add %rsi, %r8
+ shl $32, %r9
+ mov (%r8), %r8d
+ xor %r8, %r9
+
+.Lld_partial_4:
+ movq %r9, MSG
+
+ mov %rcx, %r8
+ and $0x8, %r8
+ jz .Lld_partial_8
+
+ mov %rcx, %r8
+ and $0x10, %r8
+ add %rsi, %r8
+ pslldq $8, MSG
+ movq (%r8), T0
+ pxor T0, MSG
+
+.Lld_partial_8:
+ ret
+ENDPROC(__load_partial)
+
+/*
+ * __store_partial: internal ABI
+ * input:
+ * %rdx - dst
+ * %rcx - bytes
+ * output:
+ * T0 - message block
+ * changed:
+ * %r8
+ * %r9
+ * %r10
+ */
+__store_partial:
+ mov %rcx, %r8
+ mov %rdx, %r9
+
+ movq T0, %r10
+
+ cmp $8, %r8
+ jl .Lst_partial_8
+
+ mov %r10, (%r9)
+ psrldq $8, T0
+ movq T0, %r10
+
+ sub $8, %r8
+ add $8, %r9
+
+.Lst_partial_8:
+ cmp $4, %r8
+ jl .Lst_partial_4
+
+ mov %r10d, (%r9)
+ shr $32, %r10
+
+ sub $4, %r8
+ add $4, %r9
+
+.Lst_partial_4:
+ cmp $2, %r8
+ jl .Lst_partial_2
+
+ mov %r10w, (%r9)
+ shr $16, %r10
+
+ sub $2, %r8
+ add $2, %r9
+
+.Lst_partial_2:
+ cmp $1, %r8
+ jl .Lst_partial_1
+
+ mov %r10b, (%r9)
+
+.Lst_partial_1:
+ ret
+ENDPROC(__store_partial)
+
+/*
+ * void crypto_morus640_sse2_init(void *state, const void *key, const void *iv);
+ */
+ENTRY(crypto_morus640_sse2_init)
+ FRAME_BEGIN
+
+ /* load IV: */
+ movdqu (%rdx), STATE0
+ /* load key: */
+ movdqu (%rsi), KEY
+ movdqa KEY, STATE1
+ /* load all ones: */
+ pcmpeqd STATE2, STATE2
+ /* load the constants: */
+ movdqa .Lmorus640_const_0, STATE3
+ movdqa .Lmorus640_const_1, STATE4
+
+ /* update 16 times with zero: */
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+ call __morus640_update_zero
+
+ /* xor-in the key again after updates: */
+ pxor KEY, STATE1
+
+ /* store the state: */
+ movdqu STATE0, (0 * 16)(%rdi)
+ movdqu STATE1, (1 * 16)(%rdi)
+ movdqu STATE2, (2 * 16)(%rdi)
+ movdqu STATE3, (3 * 16)(%rdi)
+ movdqu STATE4, (4 * 16)(%rdi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus640_sse2_init)
+
+/*
+ * void crypto_morus640_sse2_ad(void *state, const void *data,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus640_sse2_ad)
+ FRAME_BEGIN
+
+ cmp $16, %rdx
+ jb .Lad_out
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0
+ movdqu (1 * 16)(%rdi), STATE1
+ movdqu (2 * 16)(%rdi), STATE2
+ movdqu (3 * 16)(%rdi), STATE3
+ movdqu (4 * 16)(%rdi), STATE4
+
+ mov %rsi, %r8
+ and $0xF, %r8
+ jnz .Lad_u_loop
+
+.align 4
+.Lad_a_loop:
+ movdqa (%rsi), MSG
+ call __morus640_update
+ sub $16, %rdx
+ add $16, %rsi
+ cmp $16, %rdx
+ jge .Lad_a_loop
+
+ jmp .Lad_cont
+.align 4
+.Lad_u_loop:
+ movdqu (%rsi), MSG
+ call __morus640_update
+ sub $16, %rdx
+ add $16, %rsi
+ cmp $16, %rdx
+ jge .Lad_u_loop
+
+.Lad_cont:
+ /* store the state: */
+ movdqu STATE0, (0 * 16)(%rdi)
+ movdqu STATE1, (1 * 16)(%rdi)
+ movdqu STATE2, (2 * 16)(%rdi)
+ movdqu STATE3, (3 * 16)(%rdi)
+ movdqu STATE4, (4 * 16)(%rdi)
+
+.Lad_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus640_sse2_ad)
+
+/*
+ * void crypto_morus640_sse2_enc(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus640_sse2_enc)
+ FRAME_BEGIN
+
+ cmp $16, %rcx
+ jb .Lenc_out
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0
+ movdqu (1 * 16)(%rdi), STATE1
+ movdqu (2 * 16)(%rdi), STATE2
+ movdqu (3 * 16)(%rdi), STATE3
+ movdqu (4 * 16)(%rdi), STATE4
+
+ mov %rsi, %r8
+ or %rdx, %r8
+ and $0xF, %r8
+ jnz .Lenc_u_loop
+
+.align 4
+.Lenc_a_loop:
+ movdqa (%rsi), MSG
+ movdqa MSG, T0
+ pxor STATE0, T0
+ pshufd $MASK3, STATE1, T1
+ pxor T1, T0
+ movdqa STATE2, T1
+ pand STATE3, T1
+ pxor T1, T0
+ movdqa T0, (%rdx)
+
+ call __morus640_update
+ sub $16, %rcx
+ add $16, %rsi
+ add $16, %rdx
+ cmp $16, %rcx
+ jge .Lenc_a_loop
+
+ jmp .Lenc_cont
+.align 4
+.Lenc_u_loop:
+ movdqu (%rsi), MSG
+ movdqa MSG, T0
+ pxor STATE0, T0
+ pshufd $MASK3, STATE1, T1
+ pxor T1, T0
+ movdqa STATE2, T1
+ pand STATE3, T1
+ pxor T1, T0
+ movdqu T0, (%rdx)
+
+ call __morus640_update
+ sub $16, %rcx
+ add $16, %rsi
+ add $16, %rdx
+ cmp $16, %rcx
+ jge .Lenc_u_loop
+
+.Lenc_cont:
+ /* store the state: */
+ movdqu STATE0, (0 * 16)(%rdi)
+ movdqu STATE1, (1 * 16)(%rdi)
+ movdqu STATE2, (2 * 16)(%rdi)
+ movdqu STATE3, (3 * 16)(%rdi)
+ movdqu STATE4, (4 * 16)(%rdi)
+
+.Lenc_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus640_sse2_enc)
+
+/*
+ * void crypto_morus640_sse2_enc_tail(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus640_sse2_enc_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0
+ movdqu (1 * 16)(%rdi), STATE1
+ movdqu (2 * 16)(%rdi), STATE2
+ movdqu (3 * 16)(%rdi), STATE3
+ movdqu (4 * 16)(%rdi), STATE4
+
+ /* encrypt message: */
+ call __load_partial
+
+ movdqa MSG, T0
+ pxor STATE0, T0
+ pshufd $MASK3, STATE1, T1
+ pxor T1, T0
+ movdqa STATE2, T1
+ pand STATE3, T1
+ pxor T1, T0
+
+ call __store_partial
+
+ call __morus640_update
+
+ /* store the state: */
+ movdqu STATE0, (0 * 16)(%rdi)
+ movdqu STATE1, (1 * 16)(%rdi)
+ movdqu STATE2, (2 * 16)(%rdi)
+ movdqu STATE3, (3 * 16)(%rdi)
+ movdqu STATE4, (4 * 16)(%rdi)
+
+ FRAME_END
+ENDPROC(crypto_morus640_sse2_enc_tail)
+
+/*
+ * void crypto_morus640_sse2_dec(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus640_sse2_dec)
+ FRAME_BEGIN
+
+ cmp $16, %rcx
+ jb .Ldec_out
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0
+ movdqu (1 * 16)(%rdi), STATE1
+ movdqu (2 * 16)(%rdi), STATE2
+ movdqu (3 * 16)(%rdi), STATE3
+ movdqu (4 * 16)(%rdi), STATE4
+
+ mov %rsi, %r8
+ or %rdx, %r8
+ and $0xF, %r8
+ jnz .Ldec_u_loop
+
+.align 4
+.Ldec_a_loop:
+ movdqa (%rsi), MSG
+ pxor STATE0, MSG
+ pshufd $MASK3, STATE1, T0
+ pxor T0, MSG
+ movdqa STATE2, T0
+ pand STATE3, T0
+ pxor T0, MSG
+ movdqa MSG, (%rdx)
+
+ call __morus640_update
+ sub $16, %rcx
+ add $16, %rsi
+ add $16, %rdx
+ cmp $16, %rcx
+ jge .Ldec_a_loop
+
+ jmp .Ldec_cont
+.align 4
+.Ldec_u_loop:
+ movdqu (%rsi), MSG
+ pxor STATE0, MSG
+ pshufd $MASK3, STATE1, T0
+ pxor T0, MSG
+ movdqa STATE2, T0
+ pand STATE3, T0
+ pxor T0, MSG
+ movdqu MSG, (%rdx)
+
+ call __morus640_update
+ sub $16, %rcx
+ add $16, %rsi
+ add $16, %rdx
+ cmp $16, %rcx
+ jge .Ldec_u_loop
+
+.Ldec_cont:
+ /* store the state: */
+ movdqu STATE0, (0 * 16)(%rdi)
+ movdqu STATE1, (1 * 16)(%rdi)
+ movdqu STATE2, (2 * 16)(%rdi)
+ movdqu STATE3, (3 * 16)(%rdi)
+ movdqu STATE4, (4 * 16)(%rdi)
+
+.Ldec_out:
+ FRAME_END
+ ret
+ENDPROC(crypto_morus640_sse2_dec)
+
+/*
+ * void crypto_morus640_sse2_dec_tail(void *state, const void *src, void *dst,
+ * unsigned int length);
+ */
+ENTRY(crypto_morus640_sse2_dec_tail)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0
+ movdqu (1 * 16)(%rdi), STATE1
+ movdqu (2 * 16)(%rdi), STATE2
+ movdqu (3 * 16)(%rdi), STATE3
+ movdqu (4 * 16)(%rdi), STATE4
+
+ /* decrypt message: */
+ call __load_partial
+
+ pxor STATE0, MSG
+ pshufd $MASK3, STATE1, T0
+ pxor T0, MSG
+ movdqa STATE2, T0
+ pand STATE3, T0
+ pxor T0, MSG
+ movdqa MSG, T0
+
+ call __store_partial
+
+ /* mask with byte count: */
+ movq %rcx, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ punpcklbw T0, T0
+ movdqa .Lmorus640_counter, T1
+ pcmpgtb T1, T0
+ pand T0, MSG
+
+ call __morus640_update
+
+ /* store the state: */
+ movdqu STATE0, (0 * 16)(%rdi)
+ movdqu STATE1, (1 * 16)(%rdi)
+ movdqu STATE2, (2 * 16)(%rdi)
+ movdqu STATE3, (3 * 16)(%rdi)
+ movdqu STATE4, (4 * 16)(%rdi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus640_sse2_dec_tail)
+
+/*
+ * void crypto_morus640_sse2_final(void *state, void *tag_xor,
+ * u64 assoclen, u64 cryptlen);
+ */
+ENTRY(crypto_morus640_sse2_final)
+ FRAME_BEGIN
+
+ /* load the state: */
+ movdqu (0 * 16)(%rdi), STATE0
+ movdqu (1 * 16)(%rdi), STATE1
+ movdqu (2 * 16)(%rdi), STATE2
+ movdqu (3 * 16)(%rdi), STATE3
+ movdqu (4 * 16)(%rdi), STATE4
+
+ /* xor state[0] into state[4]: */
+ pxor STATE0, STATE4
+
+ /* prepare length block: */
+ movq %rdx, MSG
+ movq %rcx, T0
+ pslldq $8, T0
+ pxor T0, MSG
+ psllq $3, MSG /* multiply by 8 (to get bit count) */
+
+ /* update state: */
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+ call __morus640_update
+
+ /* xor tag: */
+ movdqu (%rsi), MSG
+
+ pxor STATE0, MSG
+ pshufd $MASK3, STATE1, T0
+ pxor T0, MSG
+ movdqa STATE2, T0
+ pand STATE3, T0
+ pxor T0, MSG
+
+ movdqu MSG, (%rsi)
+
+ FRAME_END
+ ret
+ENDPROC(crypto_morus640_sse2_final)
diff --git a/arch/x86/crypto/morus640-sse2-glue.c b/arch/x86/crypto/morus640-sse2-glue.c
new file mode 100644
index 000000000000..26b47e2db8d2
--- /dev/null
+++ b/arch/x86/crypto/morus640-sse2-glue.c
@@ -0,0 +1,68 @@
+/*
+ * The MORUS-640 Authenticated-Encryption Algorithm
+ * Glue for SSE2 implementation
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/internal/aead.h>
+#include <crypto/morus640_glue.h>
+#include <linux/module.h>
+#include <asm/fpu/api.h>
+#include <asm/cpu_device_id.h>
+
+asmlinkage void crypto_morus640_sse2_init(void *state, const void *key,
+ const void *iv);
+asmlinkage void crypto_morus640_sse2_ad(void *state, const void *data,
+ unsigned int length);
+
+asmlinkage void crypto_morus640_sse2_enc(void *state, const void *src,
+ void *dst, unsigned int length);
+asmlinkage void crypto_morus640_sse2_dec(void *state, const void *src,
+ void *dst, unsigned int length);
+
+asmlinkage void crypto_morus640_sse2_enc_tail(void *state, const void *src,
+ void *dst, unsigned int length);
+asmlinkage void crypto_morus640_sse2_dec_tail(void *state, const void *src,
+ void *dst, unsigned int length);
+
+asmlinkage void crypto_morus640_sse2_final(void *state, void *tag_xor,
+ u64 assoclen, u64 cryptlen);
+
+MORUS640_DECLARE_ALGS(sse2, "morus640-sse2", 400);
+
+static const struct x86_cpu_id sse2_cpu_id[] = {
+ X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+ {}
+};
+MODULE_DEVICE_TABLE(x86cpu, sse2_cpu_id);
+
+static int __init crypto_morus640_sse2_module_init(void)
+{
+ if (!x86_match_cpu(sse2_cpu_id))
+ return -ENODEV;
+
+ return crypto_register_aeads(crypto_morus640_sse2_algs,
+ ARRAY_SIZE(crypto_morus640_sse2_algs));
+}
+
+static void __exit crypto_morus640_sse2_module_exit(void)
+{
+ crypto_unregister_aeads(crypto_morus640_sse2_algs,
+ ARRAY_SIZE(crypto_morus640_sse2_algs));
+}
+
+module_init(crypto_morus640_sse2_module_init);
+module_exit(crypto_morus640_sse2_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("MORUS-640 AEAD algorithm -- SSE2 implementation");
+MODULE_ALIAS_CRYPTO("morus640");
+MODULE_ALIAS_CRYPTO("morus640-sse2");
diff --git a/arch/x86/crypto/morus640_glue.c b/arch/x86/crypto/morus640_glue.c
new file mode 100644
index 000000000000..7b58fe4d9bd1
--- /dev/null
+++ b/arch/x86/crypto/morus640_glue.c
@@ -0,0 +1,298 @@
+/*
+ * The MORUS-640 Authenticated-Encryption Algorithm
+ * Common x86 SIMD glue skeleton
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/cryptd.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/morus640_glue.h>
+#include <crypto/scatterwalk.h>
+#include <linux/err.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/scatterlist.h>
+#include <asm/fpu/api.h>
+
+struct morus640_state {
+ struct morus640_block s[MORUS_STATE_BLOCKS];
+};
+
+struct morus640_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_blocks)(void *state, const void *src, void *dst,
+ unsigned int length);
+ void (*crypt_tail)(void *state, const void *src, void *dst,
+ unsigned int length);
+};
+
+static void crypto_morus640_glue_process_ad(
+ struct morus640_state *state,
+ const struct morus640_glue_ops *ops,
+ struct scatterlist *sg_src, unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ struct morus640_block buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= MORUS640_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = MORUS640_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ ops->ad(state, buf.bytes, MORUS640_BLOCK_SIZE);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ ops->ad(state, src, left);
+ src += left & ~(MORUS640_BLOCK_SIZE - 1);
+ left &= MORUS640_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+
+ pos += left;
+ assoclen -= size;
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, MORUS640_BLOCK_SIZE - pos);
+ ops->ad(state, buf.bytes, MORUS640_BLOCK_SIZE);
+ }
+}
+
+static void crypto_morus640_glue_process_crypt(struct morus640_state *state,
+ struct morus640_ops ops,
+ struct aead_request *req)
+{
+ struct skcipher_walk walk;
+ u8 *cursor_src, *cursor_dst;
+ unsigned int chunksize, base;
+
+ ops.skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ cursor_src = walk.src.virt.addr;
+ cursor_dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops.crypt_blocks(state, cursor_src, cursor_dst, chunksize);
+
+ base = chunksize & ~(MORUS640_BLOCK_SIZE - 1);
+ cursor_src += base;
+ cursor_dst += base;
+ chunksize &= MORUS640_BLOCK_SIZE - 1;
+
+ if (chunksize > 0)
+ ops.crypt_tail(state, cursor_src, cursor_dst,
+ chunksize);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+int crypto_morus640_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct morus640_ctx *ctx = crypto_aead_ctx(aead);
+
+ if (keylen != MORUS640_BLOCK_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ memcpy(ctx->key.bytes, key, MORUS640_BLOCK_SIZE);
+ return 0;
+}
+EXPORT_SYMBOL_GPL(crypto_morus640_glue_setkey);
+
+int crypto_morus640_glue_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ return (authsize <= MORUS_MAX_AUTH_SIZE) ? 0 : -EINVAL;
+}
+EXPORT_SYMBOL_GPL(crypto_morus640_glue_setauthsize);
+
+static void crypto_morus640_glue_crypt(struct aead_request *req,
+ struct morus640_ops ops,
+ unsigned int cryptlen,
+ struct morus640_block *tag_xor)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus640_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus640_state state;
+
+ kernel_fpu_begin();
+
+ ctx->ops->init(&state, &ctx->key, req->iv);
+ crypto_morus640_glue_process_ad(&state, ctx->ops, req->src, req->assoclen);
+ crypto_morus640_glue_process_crypt(&state, ops, req);
+ ctx->ops->final(&state, tag_xor, req->assoclen, cryptlen);
+
+ kernel_fpu_end();
+}
+
+int crypto_morus640_glue_encrypt(struct aead_request *req)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus640_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus640_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_blocks = ctx->ops->enc,
+ .crypt_tail = ctx->ops->enc_tail,
+ };
+
+ struct morus640_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_morus640_glue_crypt(req, OPS, cryptlen, &tag);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst,
+ req->assoclen + cryptlen, authsize, 1);
+ return 0;
+}
+EXPORT_SYMBOL_GPL(crypto_morus640_glue_encrypt);
+
+int crypto_morus640_glue_decrypt(struct aead_request *req)
+{
+ static const u8 zeros[MORUS640_BLOCK_SIZE] = {};
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus640_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus640_ops OPS = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_blocks = ctx->ops->dec,
+ .crypt_tail = ctx->ops->dec_tail,
+ };
+
+ struct morus640_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src,
+ req->assoclen + cryptlen, authsize, 0);
+
+ crypto_morus640_glue_crypt(req, OPS, cryptlen, &tag);
+
+ return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0;
+}
+EXPORT_SYMBOL_GPL(crypto_morus640_glue_decrypt);
+
+void crypto_morus640_glue_init_ops(struct crypto_aead *aead,
+ const struct morus640_glue_ops *ops)
+{
+ struct morus640_ctx *ctx = crypto_aead_ctx(aead);
+ ctx->ops = ops;
+}
+EXPORT_SYMBOL_GPL(crypto_morus640_glue_init_ops);
+
+int cryptd_morus640_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setkey(&cryptd_tfm->base, key, keylen);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus640_glue_setkey);
+
+int cryptd_morus640_glue_setauthsize(struct crypto_aead *aead,
+ unsigned int authsize)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ return crypto_aead_setauthsize(&cryptd_tfm->base, authsize);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus640_glue_setauthsize);
+
+int cryptd_morus640_glue_encrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_encrypt(req);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus640_glue_encrypt);
+
+int cryptd_morus640_glue_decrypt(struct aead_request *req)
+{
+ struct crypto_aead *aead = crypto_aead_reqtfm(req);
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ struct cryptd_aead *cryptd_tfm = *ctx;
+
+ aead = &cryptd_tfm->base;
+ if (irq_fpu_usable() && (!in_atomic() ||
+ !cryptd_aead_queued(cryptd_tfm)))
+ aead = cryptd_aead_child(cryptd_tfm);
+
+ aead_request_set_tfm(req, aead);
+
+ return crypto_aead_decrypt(req);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus640_glue_decrypt);
+
+int cryptd_morus640_glue_init_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead *cryptd_tfm;
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+ const char *name = crypto_aead_alg(aead)->base.cra_driver_name;
+ char internal_name[CRYPTO_MAX_ALG_NAME];
+
+ if (snprintf(internal_name, CRYPTO_MAX_ALG_NAME, "__%s", name)
+ >= CRYPTO_MAX_ALG_NAME)
+ return -ENAMETOOLONG;
+
+ cryptd_tfm = cryptd_alloc_aead(internal_name, CRYPTO_ALG_INTERNAL,
+ CRYPTO_ALG_INTERNAL);
+ if (IS_ERR(cryptd_tfm))
+ return PTR_ERR(cryptd_tfm);
+
+ *ctx = cryptd_tfm;
+ crypto_aead_set_reqsize(aead, crypto_aead_reqsize(&cryptd_tfm->base));
+ return 0;
+}
+EXPORT_SYMBOL_GPL(cryptd_morus640_glue_init_tfm);
+
+void cryptd_morus640_glue_exit_tfm(struct crypto_aead *aead)
+{
+ struct cryptd_aead **ctx = crypto_aead_ctx(aead);
+
+ cryptd_free_aead(*ctx);
+}
+EXPORT_SYMBOL_GPL(cryptd_morus640_glue_exit_tfm);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("MORUS-640 AEAD mode -- glue for x86 optimizations");
diff --git a/arch/x86/crypto/salsa20-i586-asm_32.S b/arch/x86/crypto/salsa20-i586-asm_32.S
deleted file mode 100644
index 6014b7b9e52a..000000000000
--- a/arch/x86/crypto/salsa20-i586-asm_32.S
+++ /dev/null
@@ -1,938 +0,0 @@
-# Derived from:
-# salsa20_pm.s version 20051229
-# D. J. Bernstein
-# Public domain.
-
-#include <linux/linkage.h>
-
-.text
-
-# enter salsa20_encrypt_bytes
-ENTRY(salsa20_encrypt_bytes)
- mov %esp,%eax
- and $31,%eax
- add $256,%eax
- sub %eax,%esp
- # eax_stack = eax
- movl %eax,80(%esp)
- # ebx_stack = ebx
- movl %ebx,84(%esp)
- # esi_stack = esi
- movl %esi,88(%esp)
- # edi_stack = edi
- movl %edi,92(%esp)
- # ebp_stack = ebp
- movl %ebp,96(%esp)
- # x = arg1
- movl 4(%esp,%eax),%edx
- # m = arg2
- movl 8(%esp,%eax),%esi
- # out = arg3
- movl 12(%esp,%eax),%edi
- # bytes = arg4
- movl 16(%esp,%eax),%ebx
- # bytes -= 0
- sub $0,%ebx
- # goto done if unsigned<=
- jbe ._done
-._start:
- # in0 = *(uint32 *) (x + 0)
- movl 0(%edx),%eax
- # in1 = *(uint32 *) (x + 4)
- movl 4(%edx),%ecx
- # in2 = *(uint32 *) (x + 8)
- movl 8(%edx),%ebp
- # j0 = in0
- movl %eax,164(%esp)
- # in3 = *(uint32 *) (x + 12)
- movl 12(%edx),%eax
- # j1 = in1
- movl %ecx,168(%esp)
- # in4 = *(uint32 *) (x + 16)
- movl 16(%edx),%ecx
- # j2 = in2
- movl %ebp,172(%esp)
- # in5 = *(uint32 *) (x + 20)
- movl 20(%edx),%ebp
- # j3 = in3
- movl %eax,176(%esp)
- # in6 = *(uint32 *) (x + 24)
- movl 24(%edx),%eax
- # j4 = in4
- movl %ecx,180(%esp)
- # in7 = *(uint32 *) (x + 28)
- movl 28(%edx),%ecx
- # j5 = in5
- movl %ebp,184(%esp)
- # in8 = *(uint32 *) (x + 32)
- movl 32(%edx),%ebp
- # j6 = in6
- movl %eax,188(%esp)
- # in9 = *(uint32 *) (x + 36)
- movl 36(%edx),%eax
- # j7 = in7
- movl %ecx,192(%esp)
- # in10 = *(uint32 *) (x + 40)
- movl 40(%edx),%ecx
- # j8 = in8
- movl %ebp,196(%esp)
- # in11 = *(uint32 *) (x + 44)
- movl 44(%edx),%ebp
- # j9 = in9
- movl %eax,200(%esp)
- # in12 = *(uint32 *) (x + 48)
- movl 48(%edx),%eax
- # j10 = in10
- movl %ecx,204(%esp)
- # in13 = *(uint32 *) (x + 52)
- movl 52(%edx),%ecx
- # j11 = in11
- movl %ebp,208(%esp)
- # in14 = *(uint32 *) (x + 56)
- movl 56(%edx),%ebp
- # j12 = in12
- movl %eax,212(%esp)
- # in15 = *(uint32 *) (x + 60)
- movl 60(%edx),%eax
- # j13 = in13
- movl %ecx,216(%esp)
- # j14 = in14
- movl %ebp,220(%esp)
- # j15 = in15
- movl %eax,224(%esp)
- # x_backup = x
- movl %edx,64(%esp)
-._bytesatleast1:
- # bytes - 64
- cmp $64,%ebx
- # goto nocopy if unsigned>=
- jae ._nocopy
- # ctarget = out
- movl %edi,228(%esp)
- # out = &tmp
- leal 0(%esp),%edi
- # i = bytes
- mov %ebx,%ecx
- # while (i) { *out++ = *m++; --i }
- rep movsb
- # out = &tmp
- leal 0(%esp),%edi
- # m = &tmp
- leal 0(%esp),%esi
-._nocopy:
- # out_backup = out
- movl %edi,72(%esp)
- # m_backup = m
- movl %esi,68(%esp)
- # bytes_backup = bytes
- movl %ebx,76(%esp)
- # in0 = j0
- movl 164(%esp),%eax
- # in1 = j1
- movl 168(%esp),%ecx
- # in2 = j2
- movl 172(%esp),%edx
- # in3 = j3
- movl 176(%esp),%ebx
- # x0 = in0
- movl %eax,100(%esp)
- # x1 = in1
- movl %ecx,104(%esp)
- # x2 = in2
- movl %edx,108(%esp)
- # x3 = in3
- movl %ebx,112(%esp)
- # in4 = j4
- movl 180(%esp),%eax
- # in5 = j5
- movl 184(%esp),%ecx
- # in6 = j6
- movl 188(%esp),%edx
- # in7 = j7
- movl 192(%esp),%ebx
- # x4 = in4
- movl %eax,116(%esp)
- # x5 = in5
- movl %ecx,120(%esp)
- # x6 = in6
- movl %edx,124(%esp)
- # x7 = in7
- movl %ebx,128(%esp)
- # in8 = j8
- movl 196(%esp),%eax
- # in9 = j9
- movl 200(%esp),%ecx
- # in10 = j10
- movl 204(%esp),%edx
- # in11 = j11
- movl 208(%esp),%ebx
- # x8 = in8
- movl %eax,132(%esp)
- # x9 = in9
- movl %ecx,136(%esp)
- # x10 = in10
- movl %edx,140(%esp)
- # x11 = in11
- movl %ebx,144(%esp)
- # in12 = j12
- movl 212(%esp),%eax
- # in13 = j13
- movl 216(%esp),%ecx
- # in14 = j14
- movl 220(%esp),%edx
- # in15 = j15
- movl 224(%esp),%ebx
- # x12 = in12
- movl %eax,148(%esp)
- # x13 = in13
- movl %ecx,152(%esp)
- # x14 = in14
- movl %edx,156(%esp)
- # x15 = in15
- movl %ebx,160(%esp)
- # i = 20
- mov $20,%ebp
- # p = x0
- movl 100(%esp),%eax
- # s = x5
- movl 120(%esp),%ecx
- # t = x10
- movl 140(%esp),%edx
- # w = x15
- movl 160(%esp),%ebx
-._mainloop:
- # x0 = p
- movl %eax,100(%esp)
- # x10 = t
- movl %edx,140(%esp)
- # p += x12
- addl 148(%esp),%eax
- # x5 = s
- movl %ecx,120(%esp)
- # t += x6
- addl 124(%esp),%edx
- # x15 = w
- movl %ebx,160(%esp)
- # r = x1
- movl 104(%esp),%esi
- # r += s
- add %ecx,%esi
- # v = x11
- movl 144(%esp),%edi
- # v += w
- add %ebx,%edi
- # p <<<= 7
- rol $7,%eax
- # p ^= x4
- xorl 116(%esp),%eax
- # t <<<= 7
- rol $7,%edx
- # t ^= x14
- xorl 156(%esp),%edx
- # r <<<= 7
- rol $7,%esi
- # r ^= x9
- xorl 136(%esp),%esi
- # v <<<= 7
- rol $7,%edi
- # v ^= x3
- xorl 112(%esp),%edi
- # x4 = p
- movl %eax,116(%esp)
- # x14 = t
- movl %edx,156(%esp)
- # p += x0
- addl 100(%esp),%eax
- # x9 = r
- movl %esi,136(%esp)
- # t += x10
- addl 140(%esp),%edx
- # x3 = v
- movl %edi,112(%esp)
- # p <<<= 9
- rol $9,%eax
- # p ^= x8
- xorl 132(%esp),%eax
- # t <<<= 9
- rol $9,%edx
- # t ^= x2
- xorl 108(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 9
- rol $9,%ecx
- # s ^= x13
- xorl 152(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 9
- rol $9,%ebx
- # w ^= x7
- xorl 128(%esp),%ebx
- # x8 = p
- movl %eax,132(%esp)
- # x2 = t
- movl %edx,108(%esp)
- # p += x4
- addl 116(%esp),%eax
- # x13 = s
- movl %ecx,152(%esp)
- # t += x14
- addl 156(%esp),%edx
- # x7 = w
- movl %ebx,128(%esp)
- # p <<<= 13
- rol $13,%eax
- # p ^= x12
- xorl 148(%esp),%eax
- # t <<<= 13
- rol $13,%edx
- # t ^= x6
- xorl 124(%esp),%edx
- # r += s
- add %ecx,%esi
- # r <<<= 13
- rol $13,%esi
- # r ^= x1
- xorl 104(%esp),%esi
- # v += w
- add %ebx,%edi
- # v <<<= 13
- rol $13,%edi
- # v ^= x11
- xorl 144(%esp),%edi
- # x12 = p
- movl %eax,148(%esp)
- # x6 = t
- movl %edx,124(%esp)
- # p += x8
- addl 132(%esp),%eax
- # x1 = r
- movl %esi,104(%esp)
- # t += x2
- addl 108(%esp),%edx
- # x11 = v
- movl %edi,144(%esp)
- # p <<<= 18
- rol $18,%eax
- # p ^= x0
- xorl 100(%esp),%eax
- # t <<<= 18
- rol $18,%edx
- # t ^= x10
- xorl 140(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 18
- rol $18,%ecx
- # s ^= x5
- xorl 120(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 18
- rol $18,%ebx
- # w ^= x15
- xorl 160(%esp),%ebx
- # x0 = p
- movl %eax,100(%esp)
- # x10 = t
- movl %edx,140(%esp)
- # p += x3
- addl 112(%esp),%eax
- # p <<<= 7
- rol $7,%eax
- # x5 = s
- movl %ecx,120(%esp)
- # t += x9
- addl 136(%esp),%edx
- # x15 = w
- movl %ebx,160(%esp)
- # r = x4
- movl 116(%esp),%esi
- # r += s
- add %ecx,%esi
- # v = x14
- movl 156(%esp),%edi
- # v += w
- add %ebx,%edi
- # p ^= x1
- xorl 104(%esp),%eax
- # t <<<= 7
- rol $7,%edx
- # t ^= x11
- xorl 144(%esp),%edx
- # r <<<= 7
- rol $7,%esi
- # r ^= x6
- xorl 124(%esp),%esi
- # v <<<= 7
- rol $7,%edi
- # v ^= x12
- xorl 148(%esp),%edi
- # x1 = p
- movl %eax,104(%esp)
- # x11 = t
- movl %edx,144(%esp)
- # p += x0
- addl 100(%esp),%eax
- # x6 = r
- movl %esi,124(%esp)
- # t += x10
- addl 140(%esp),%edx
- # x12 = v
- movl %edi,148(%esp)
- # p <<<= 9
- rol $9,%eax
- # p ^= x2
- xorl 108(%esp),%eax
- # t <<<= 9
- rol $9,%edx
- # t ^= x8
- xorl 132(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 9
- rol $9,%ecx
- # s ^= x7
- xorl 128(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 9
- rol $9,%ebx
- # w ^= x13
- xorl 152(%esp),%ebx
- # x2 = p
- movl %eax,108(%esp)
- # x8 = t
- movl %edx,132(%esp)
- # p += x1
- addl 104(%esp),%eax
- # x7 = s
- movl %ecx,128(%esp)
- # t += x11
- addl 144(%esp),%edx
- # x13 = w
- movl %ebx,152(%esp)
- # p <<<= 13
- rol $13,%eax
- # p ^= x3
- xorl 112(%esp),%eax
- # t <<<= 13
- rol $13,%edx
- # t ^= x9
- xorl 136(%esp),%edx
- # r += s
- add %ecx,%esi
- # r <<<= 13
- rol $13,%esi
- # r ^= x4
- xorl 116(%esp),%esi
- # v += w
- add %ebx,%edi
- # v <<<= 13
- rol $13,%edi
- # v ^= x14
- xorl 156(%esp),%edi
- # x3 = p
- movl %eax,112(%esp)
- # x9 = t
- movl %edx,136(%esp)
- # p += x2
- addl 108(%esp),%eax
- # x4 = r
- movl %esi,116(%esp)
- # t += x8
- addl 132(%esp),%edx
- # x14 = v
- movl %edi,156(%esp)
- # p <<<= 18
- rol $18,%eax
- # p ^= x0
- xorl 100(%esp),%eax
- # t <<<= 18
- rol $18,%edx
- # t ^= x10
- xorl 140(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 18
- rol $18,%ecx
- # s ^= x5
- xorl 120(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 18
- rol $18,%ebx
- # w ^= x15
- xorl 160(%esp),%ebx
- # x0 = p
- movl %eax,100(%esp)
- # x10 = t
- movl %edx,140(%esp)
- # p += x12
- addl 148(%esp),%eax
- # x5 = s
- movl %ecx,120(%esp)
- # t += x6
- addl 124(%esp),%edx
- # x15 = w
- movl %ebx,160(%esp)
- # r = x1
- movl 104(%esp),%esi
- # r += s
- add %ecx,%esi
- # v = x11
- movl 144(%esp),%edi
- # v += w
- add %ebx,%edi
- # p <<<= 7
- rol $7,%eax
- # p ^= x4
- xorl 116(%esp),%eax
- # t <<<= 7
- rol $7,%edx
- # t ^= x14
- xorl 156(%esp),%edx
- # r <<<= 7
- rol $7,%esi
- # r ^= x9
- xorl 136(%esp),%esi
- # v <<<= 7
- rol $7,%edi
- # v ^= x3
- xorl 112(%esp),%edi
- # x4 = p
- movl %eax,116(%esp)
- # x14 = t
- movl %edx,156(%esp)
- # p += x0
- addl 100(%esp),%eax
- # x9 = r
- movl %esi,136(%esp)
- # t += x10
- addl 140(%esp),%edx
- # x3 = v
- movl %edi,112(%esp)
- # p <<<= 9
- rol $9,%eax
- # p ^= x8
- xorl 132(%esp),%eax
- # t <<<= 9
- rol $9,%edx
- # t ^= x2
- xorl 108(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 9
- rol $9,%ecx
- # s ^= x13
- xorl 152(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 9
- rol $9,%ebx
- # w ^= x7
- xorl 128(%esp),%ebx
- # x8 = p
- movl %eax,132(%esp)
- # x2 = t
- movl %edx,108(%esp)
- # p += x4
- addl 116(%esp),%eax
- # x13 = s
- movl %ecx,152(%esp)
- # t += x14
- addl 156(%esp),%edx
- # x7 = w
- movl %ebx,128(%esp)
- # p <<<= 13
- rol $13,%eax
- # p ^= x12
- xorl 148(%esp),%eax
- # t <<<= 13
- rol $13,%edx
- # t ^= x6
- xorl 124(%esp),%edx
- # r += s
- add %ecx,%esi
- # r <<<= 13
- rol $13,%esi
- # r ^= x1
- xorl 104(%esp),%esi
- # v += w
- add %ebx,%edi
- # v <<<= 13
- rol $13,%edi
- # v ^= x11
- xorl 144(%esp),%edi
- # x12 = p
- movl %eax,148(%esp)
- # x6 = t
- movl %edx,124(%esp)
- # p += x8
- addl 132(%esp),%eax
- # x1 = r
- movl %esi,104(%esp)
- # t += x2
- addl 108(%esp),%edx
- # x11 = v
- movl %edi,144(%esp)
- # p <<<= 18
- rol $18,%eax
- # p ^= x0
- xorl 100(%esp),%eax
- # t <<<= 18
- rol $18,%edx
- # t ^= x10
- xorl 140(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 18
- rol $18,%ecx
- # s ^= x5
- xorl 120(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 18
- rol $18,%ebx
- # w ^= x15
- xorl 160(%esp),%ebx
- # x0 = p
- movl %eax,100(%esp)
- # x10 = t
- movl %edx,140(%esp)
- # p += x3
- addl 112(%esp),%eax
- # p <<<= 7
- rol $7,%eax
- # x5 = s
- movl %ecx,120(%esp)
- # t += x9
- addl 136(%esp),%edx
- # x15 = w
- movl %ebx,160(%esp)
- # r = x4
- movl 116(%esp),%esi
- # r += s
- add %ecx,%esi
- # v = x14
- movl 156(%esp),%edi
- # v += w
- add %ebx,%edi
- # p ^= x1
- xorl 104(%esp),%eax
- # t <<<= 7
- rol $7,%edx
- # t ^= x11
- xorl 144(%esp),%edx
- # r <<<= 7
- rol $7,%esi
- # r ^= x6
- xorl 124(%esp),%esi
- # v <<<= 7
- rol $7,%edi
- # v ^= x12
- xorl 148(%esp),%edi
- # x1 = p
- movl %eax,104(%esp)
- # x11 = t
- movl %edx,144(%esp)
- # p += x0
- addl 100(%esp),%eax
- # x6 = r
- movl %esi,124(%esp)
- # t += x10
- addl 140(%esp),%edx
- # x12 = v
- movl %edi,148(%esp)
- # p <<<= 9
- rol $9,%eax
- # p ^= x2
- xorl 108(%esp),%eax
- # t <<<= 9
- rol $9,%edx
- # t ^= x8
- xorl 132(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 9
- rol $9,%ecx
- # s ^= x7
- xorl 128(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 9
- rol $9,%ebx
- # w ^= x13
- xorl 152(%esp),%ebx
- # x2 = p
- movl %eax,108(%esp)
- # x8 = t
- movl %edx,132(%esp)
- # p += x1
- addl 104(%esp),%eax
- # x7 = s
- movl %ecx,128(%esp)
- # t += x11
- addl 144(%esp),%edx
- # x13 = w
- movl %ebx,152(%esp)
- # p <<<= 13
- rol $13,%eax
- # p ^= x3
- xorl 112(%esp),%eax
- # t <<<= 13
- rol $13,%edx
- # t ^= x9
- xorl 136(%esp),%edx
- # r += s
- add %ecx,%esi
- # r <<<= 13
- rol $13,%esi
- # r ^= x4
- xorl 116(%esp),%esi
- # v += w
- add %ebx,%edi
- # v <<<= 13
- rol $13,%edi
- # v ^= x14
- xorl 156(%esp),%edi
- # x3 = p
- movl %eax,112(%esp)
- # x9 = t
- movl %edx,136(%esp)
- # p += x2
- addl 108(%esp),%eax
- # x4 = r
- movl %esi,116(%esp)
- # t += x8
- addl 132(%esp),%edx
- # x14 = v
- movl %edi,156(%esp)
- # p <<<= 18
- rol $18,%eax
- # p ^= x0
- xorl 100(%esp),%eax
- # t <<<= 18
- rol $18,%edx
- # t ^= x10
- xorl 140(%esp),%edx
- # s += r
- add %esi,%ecx
- # s <<<= 18
- rol $18,%ecx
- # s ^= x5
- xorl 120(%esp),%ecx
- # w += v
- add %edi,%ebx
- # w <<<= 18
- rol $18,%ebx
- # w ^= x15
- xorl 160(%esp),%ebx
- # i -= 4
- sub $4,%ebp
- # goto mainloop if unsigned >
- ja ._mainloop
- # x0 = p
- movl %eax,100(%esp)
- # x5 = s
- movl %ecx,120(%esp)
- # x10 = t
- movl %edx,140(%esp)
- # x15 = w
- movl %ebx,160(%esp)
- # out = out_backup
- movl 72(%esp),%edi
- # m = m_backup
- movl 68(%esp),%esi
- # in0 = x0
- movl 100(%esp),%eax
- # in1 = x1
- movl 104(%esp),%ecx
- # in0 += j0
- addl 164(%esp),%eax
- # in1 += j1
- addl 168(%esp),%ecx
- # in0 ^= *(uint32 *) (m + 0)
- xorl 0(%esi),%eax
- # in1 ^= *(uint32 *) (m + 4)
- xorl 4(%esi),%ecx
- # *(uint32 *) (out + 0) = in0
- movl %eax,0(%edi)
- # *(uint32 *) (out + 4) = in1
- movl %ecx,4(%edi)
- # in2 = x2
- movl 108(%esp),%eax
- # in3 = x3
- movl 112(%esp),%ecx
- # in2 += j2
- addl 172(%esp),%eax
- # in3 += j3
- addl 176(%esp),%ecx
- # in2 ^= *(uint32 *) (m + 8)
- xorl 8(%esi),%eax
- # in3 ^= *(uint32 *) (m + 12)
- xorl 12(%esi),%ecx
- # *(uint32 *) (out + 8) = in2
- movl %eax,8(%edi)
- # *(uint32 *) (out + 12) = in3
- movl %ecx,12(%edi)
- # in4 = x4
- movl 116(%esp),%eax
- # in5 = x5
- movl 120(%esp),%ecx
- # in4 += j4
- addl 180(%esp),%eax
- # in5 += j5
- addl 184(%esp),%ecx
- # in4 ^= *(uint32 *) (m + 16)
- xorl 16(%esi),%eax
- # in5 ^= *(uint32 *) (m + 20)
- xorl 20(%esi),%ecx
- # *(uint32 *) (out + 16) = in4
- movl %eax,16(%edi)
- # *(uint32 *) (out + 20) = in5
- movl %ecx,20(%edi)
- # in6 = x6
- movl 124(%esp),%eax
- # in7 = x7
- movl 128(%esp),%ecx
- # in6 += j6
- addl 188(%esp),%eax
- # in7 += j7
- addl 192(%esp),%ecx
- # in6 ^= *(uint32 *) (m + 24)
- xorl 24(%esi),%eax
- # in7 ^= *(uint32 *) (m + 28)
- xorl 28(%esi),%ecx
- # *(uint32 *) (out + 24) = in6
- movl %eax,24(%edi)
- # *(uint32 *) (out + 28) = in7
- movl %ecx,28(%edi)
- # in8 = x8
- movl 132(%esp),%eax
- # in9 = x9
- movl 136(%esp),%ecx
- # in8 += j8
- addl 196(%esp),%eax
- # in9 += j9
- addl 200(%esp),%ecx
- # in8 ^= *(uint32 *) (m + 32)
- xorl 32(%esi),%eax
- # in9 ^= *(uint32 *) (m + 36)
- xorl 36(%esi),%ecx
- # *(uint32 *) (out + 32) = in8
- movl %eax,32(%edi)
- # *(uint32 *) (out + 36) = in9
- movl %ecx,36(%edi)
- # in10 = x10
- movl 140(%esp),%eax
- # in11 = x11
- movl 144(%esp),%ecx
- # in10 += j10
- addl 204(%esp),%eax
- # in11 += j11
- addl 208(%esp),%ecx
- # in10 ^= *(uint32 *) (m + 40)
- xorl 40(%esi),%eax
- # in11 ^= *(uint32 *) (m + 44)
- xorl 44(%esi),%ecx
- # *(uint32 *) (out + 40) = in10
- movl %eax,40(%edi)
- # *(uint32 *) (out + 44) = in11
- movl %ecx,44(%edi)
- # in12 = x12
- movl 148(%esp),%eax
- # in13 = x13
- movl 152(%esp),%ecx
- # in12 += j12
- addl 212(%esp),%eax
- # in13 += j13
- addl 216(%esp),%ecx
- # in12 ^= *(uint32 *) (m + 48)
- xorl 48(%esi),%eax
- # in13 ^= *(uint32 *) (m + 52)
- xorl 52(%esi),%ecx
- # *(uint32 *) (out + 48) = in12
- movl %eax,48(%edi)
- # *(uint32 *) (out + 52) = in13
- movl %ecx,52(%edi)
- # in14 = x14
- movl 156(%esp),%eax
- # in15 = x15
- movl 160(%esp),%ecx
- # in14 += j14
- addl 220(%esp),%eax
- # in15 += j15
- addl 224(%esp),%ecx
- # in14 ^= *(uint32 *) (m + 56)
- xorl 56(%esi),%eax
- # in15 ^= *(uint32 *) (m + 60)
- xorl 60(%esi),%ecx
- # *(uint32 *) (out + 56) = in14
- movl %eax,56(%edi)
- # *(uint32 *) (out + 60) = in15
- movl %ecx,60(%edi)
- # bytes = bytes_backup
- movl 76(%esp),%ebx
- # in8 = j8
- movl 196(%esp),%eax
- # in9 = j9
- movl 200(%esp),%ecx
- # in8 += 1
- add $1,%eax
- # in9 += 0 + carry
- adc $0,%ecx
- # j8 = in8
- movl %eax,196(%esp)
- # j9 = in9
- movl %ecx,200(%esp)
- # bytes - 64
- cmp $64,%ebx
- # goto bytesatleast65 if unsigned>
- ja ._bytesatleast65
- # goto bytesatleast64 if unsigned>=
- jae ._bytesatleast64
- # m = out
- mov %edi,%esi
- # out = ctarget
- movl 228(%esp),%edi
- # i = bytes
- mov %ebx,%ecx
- # while (i) { *out++ = *m++; --i }
- rep movsb
-._bytesatleast64:
- # x = x_backup
- movl 64(%esp),%eax
- # in8 = j8
- movl 196(%esp),%ecx
- # in9 = j9
- movl 200(%esp),%edx
- # *(uint32 *) (x + 32) = in8
- movl %ecx,32(%eax)
- # *(uint32 *) (x + 36) = in9
- movl %edx,36(%eax)
-._done:
- # eax = eax_stack
- movl 80(%esp),%eax
- # ebx = ebx_stack
- movl 84(%esp),%ebx
- # esi = esi_stack
- movl 88(%esp),%esi
- # edi = edi_stack
- movl 92(%esp),%edi
- # ebp = ebp_stack
- movl 96(%esp),%ebp
- # leave
- add %eax,%esp
- ret
-._bytesatleast65:
- # bytes -= 64
- sub $64,%ebx
- # out += 64
- add $64,%edi
- # m += 64
- add $64,%esi
- # goto bytesatleast1
- jmp ._bytesatleast1
-ENDPROC(salsa20_encrypt_bytes)
diff --git a/arch/x86/crypto/salsa20-x86_64-asm_64.S b/arch/x86/crypto/salsa20-x86_64-asm_64.S
deleted file mode 100644
index 03a4918f41ee..000000000000
--- a/arch/x86/crypto/salsa20-x86_64-asm_64.S
+++ /dev/null
@@ -1,805 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0 */
-#include <linux/linkage.h>
-
-# enter salsa20_encrypt_bytes
-ENTRY(salsa20_encrypt_bytes)
- mov %rsp,%r11
- and $31,%r11
- add $256,%r11
- sub %r11,%rsp
- # x = arg1
- mov %rdi,%r8
- # m = arg2
- mov %rsi,%rsi
- # out = arg3
- mov %rdx,%rdi
- # bytes = arg4
- mov %rcx,%rdx
- # unsigned>? bytes - 0
- cmp $0,%rdx
- # comment:fp stack unchanged by jump
- # goto done if !unsigned>
- jbe ._done
- # comment:fp stack unchanged by fallthrough
-# start:
-._start:
- # r11_stack = r11
- movq %r11,0(%rsp)
- # r12_stack = r12
- movq %r12,8(%rsp)
- # r13_stack = r13
- movq %r13,16(%rsp)
- # r14_stack = r14
- movq %r14,24(%rsp)
- # r15_stack = r15
- movq %r15,32(%rsp)
- # rbx_stack = rbx
- movq %rbx,40(%rsp)
- # rbp_stack = rbp
- movq %rbp,48(%rsp)
- # in0 = *(uint64 *) (x + 0)
- movq 0(%r8),%rcx
- # in2 = *(uint64 *) (x + 8)
- movq 8(%r8),%r9
- # in4 = *(uint64 *) (x + 16)
- movq 16(%r8),%rax
- # in6 = *(uint64 *) (x + 24)
- movq 24(%r8),%r10
- # in8 = *(uint64 *) (x + 32)
- movq 32(%r8),%r11
- # in10 = *(uint64 *) (x + 40)
- movq 40(%r8),%r12
- # in12 = *(uint64 *) (x + 48)
- movq 48(%r8),%r13
- # in14 = *(uint64 *) (x + 56)
- movq 56(%r8),%r14
- # j0 = in0
- movq %rcx,56(%rsp)
- # j2 = in2
- movq %r9,64(%rsp)
- # j4 = in4
- movq %rax,72(%rsp)
- # j6 = in6
- movq %r10,80(%rsp)
- # j8 = in8
- movq %r11,88(%rsp)
- # j10 = in10
- movq %r12,96(%rsp)
- # j12 = in12
- movq %r13,104(%rsp)
- # j14 = in14
- movq %r14,112(%rsp)
- # x_backup = x
- movq %r8,120(%rsp)
-# bytesatleast1:
-._bytesatleast1:
- # unsigned<? bytes - 64
- cmp $64,%rdx
- # comment:fp stack unchanged by jump
- # goto nocopy if !unsigned<
- jae ._nocopy
- # ctarget = out
- movq %rdi,128(%rsp)
- # out = &tmp
- leaq 192(%rsp),%rdi
- # i = bytes
- mov %rdx,%rcx
- # while (i) { *out++ = *m++; --i }
- rep movsb
- # out = &tmp
- leaq 192(%rsp),%rdi
- # m = &tmp
- leaq 192(%rsp),%rsi
- # comment:fp stack unchanged by fallthrough
-# nocopy:
-._nocopy:
- # out_backup = out
- movq %rdi,136(%rsp)
- # m_backup = m
- movq %rsi,144(%rsp)
- # bytes_backup = bytes
- movq %rdx,152(%rsp)
- # x1 = j0
- movq 56(%rsp),%rdi
- # x0 = x1
- mov %rdi,%rdx
- # (uint64) x1 >>= 32
- shr $32,%rdi
- # x3 = j2
- movq 64(%rsp),%rsi
- # x2 = x3
- mov %rsi,%rcx
- # (uint64) x3 >>= 32
- shr $32,%rsi
- # x5 = j4
- movq 72(%rsp),%r8
- # x4 = x5
- mov %r8,%r9
- # (uint64) x5 >>= 32
- shr $32,%r8
- # x5_stack = x5
- movq %r8,160(%rsp)
- # x7 = j6
- movq 80(%rsp),%r8
- # x6 = x7
- mov %r8,%rax
- # (uint64) x7 >>= 32
- shr $32,%r8
- # x9 = j8
- movq 88(%rsp),%r10
- # x8 = x9
- mov %r10,%r11
- # (uint64) x9 >>= 32
- shr $32,%r10
- # x11 = j10
- movq 96(%rsp),%r12
- # x10 = x11
- mov %r12,%r13
- # x10_stack = x10
- movq %r13,168(%rsp)
- # (uint64) x11 >>= 32
- shr $32,%r12
- # x13 = j12
- movq 104(%rsp),%r13
- # x12 = x13
- mov %r13,%r14
- # (uint64) x13 >>= 32
- shr $32,%r13
- # x15 = j14
- movq 112(%rsp),%r15
- # x14 = x15
- mov %r15,%rbx
- # (uint64) x15 >>= 32
- shr $32,%r15
- # x15_stack = x15
- movq %r15,176(%rsp)
- # i = 20
- mov $20,%r15
-# mainloop:
-._mainloop:
- # i_backup = i
- movq %r15,184(%rsp)
- # x5 = x5_stack
- movq 160(%rsp),%r15
- # a = x12 + x0
- lea (%r14,%rdx),%rbp
- # (uint32) a <<<= 7
- rol $7,%ebp
- # x4 ^= a
- xor %rbp,%r9
- # b = x1 + x5
- lea (%rdi,%r15),%rbp
- # (uint32) b <<<= 7
- rol $7,%ebp
- # x9 ^= b
- xor %rbp,%r10
- # a = x0 + x4
- lea (%rdx,%r9),%rbp
- # (uint32) a <<<= 9
- rol $9,%ebp
- # x8 ^= a
- xor %rbp,%r11
- # b = x5 + x9
- lea (%r15,%r10),%rbp
- # (uint32) b <<<= 9
- rol $9,%ebp
- # x13 ^= b
- xor %rbp,%r13
- # a = x4 + x8
- lea (%r9,%r11),%rbp
- # (uint32) a <<<= 13
- rol $13,%ebp
- # x12 ^= a
- xor %rbp,%r14
- # b = x9 + x13
- lea (%r10,%r13),%rbp
- # (uint32) b <<<= 13
- rol $13,%ebp
- # x1 ^= b
- xor %rbp,%rdi
- # a = x8 + x12
- lea (%r11,%r14),%rbp
- # (uint32) a <<<= 18
- rol $18,%ebp
- # x0 ^= a
- xor %rbp,%rdx
- # b = x13 + x1
- lea (%r13,%rdi),%rbp
- # (uint32) b <<<= 18
- rol $18,%ebp
- # x5 ^= b
- xor %rbp,%r15
- # x10 = x10_stack
- movq 168(%rsp),%rbp
- # x5_stack = x5
- movq %r15,160(%rsp)
- # c = x6 + x10
- lea (%rax,%rbp),%r15
- # (uint32) c <<<= 7
- rol $7,%r15d
- # x14 ^= c
- xor %r15,%rbx
- # c = x10 + x14
- lea (%rbp,%rbx),%r15
- # (uint32) c <<<= 9
- rol $9,%r15d
- # x2 ^= c
- xor %r15,%rcx
- # c = x14 + x2
- lea (%rbx,%rcx),%r15
- # (uint32) c <<<= 13
- rol $13,%r15d
- # x6 ^= c
- xor %r15,%rax
- # c = x2 + x6
- lea (%rcx,%rax),%r15
- # (uint32) c <<<= 18
- rol $18,%r15d
- # x10 ^= c
- xor %r15,%rbp
- # x15 = x15_stack
- movq 176(%rsp),%r15
- # x10_stack = x10
- movq %rbp,168(%rsp)
- # d = x11 + x15
- lea (%r12,%r15),%rbp
- # (uint32) d <<<= 7
- rol $7,%ebp
- # x3 ^= d
- xor %rbp,%rsi
- # d = x15 + x3
- lea (%r15,%rsi),%rbp
- # (uint32) d <<<= 9
- rol $9,%ebp
- # x7 ^= d
- xor %rbp,%r8
- # d = x3 + x7
- lea (%rsi,%r8),%rbp
- # (uint32) d <<<= 13
- rol $13,%ebp
- # x11 ^= d
- xor %rbp,%r12
- # d = x7 + x11
- lea (%r8,%r12),%rbp
- # (uint32) d <<<= 18
- rol $18,%ebp
- # x15 ^= d
- xor %rbp,%r15
- # x15_stack = x15
- movq %r15,176(%rsp)
- # x5 = x5_stack
- movq 160(%rsp),%r15
- # a = x3 + x0
- lea (%rsi,%rdx),%rbp
- # (uint32) a <<<= 7
- rol $7,%ebp
- # x1 ^= a
- xor %rbp,%rdi
- # b = x4 + x5
- lea (%r9,%r15),%rbp
- # (uint32) b <<<= 7
- rol $7,%ebp
- # x6 ^= b
- xor %rbp,%rax
- # a = x0 + x1
- lea (%rdx,%rdi),%rbp
- # (uint32) a <<<= 9
- rol $9,%ebp
- # x2 ^= a
- xor %rbp,%rcx
- # b = x5 + x6
- lea (%r15,%rax),%rbp
- # (uint32) b <<<= 9
- rol $9,%ebp
- # x7 ^= b
- xor %rbp,%r8
- # a = x1 + x2
- lea (%rdi,%rcx),%rbp
- # (uint32) a <<<= 13
- rol $13,%ebp
- # x3 ^= a
- xor %rbp,%rsi
- # b = x6 + x7
- lea (%rax,%r8),%rbp
- # (uint32) b <<<= 13
- rol $13,%ebp
- # x4 ^= b
- xor %rbp,%r9
- # a = x2 + x3
- lea (%rcx,%rsi),%rbp
- # (uint32) a <<<= 18
- rol $18,%ebp
- # x0 ^= a
- xor %rbp,%rdx
- # b = x7 + x4
- lea (%r8,%r9),%rbp
- # (uint32) b <<<= 18
- rol $18,%ebp
- # x5 ^= b
- xor %rbp,%r15
- # x10 = x10_stack
- movq 168(%rsp),%rbp
- # x5_stack = x5
- movq %r15,160(%rsp)
- # c = x9 + x10
- lea (%r10,%rbp),%r15
- # (uint32) c <<<= 7
- rol $7,%r15d
- # x11 ^= c
- xor %r15,%r12
- # c = x10 + x11
- lea (%rbp,%r12),%r15
- # (uint32) c <<<= 9
- rol $9,%r15d
- # x8 ^= c
- xor %r15,%r11
- # c = x11 + x8
- lea (%r12,%r11),%r15
- # (uint32) c <<<= 13
- rol $13,%r15d
- # x9 ^= c
- xor %r15,%r10
- # c = x8 + x9
- lea (%r11,%r10),%r15
- # (uint32) c <<<= 18
- rol $18,%r15d
- # x10 ^= c
- xor %r15,%rbp
- # x15 = x15_stack
- movq 176(%rsp),%r15
- # x10_stack = x10
- movq %rbp,168(%rsp)
- # d = x14 + x15
- lea (%rbx,%r15),%rbp
- # (uint32) d <<<= 7
- rol $7,%ebp
- # x12 ^= d
- xor %rbp,%r14
- # d = x15 + x12
- lea (%r15,%r14),%rbp
- # (uint32) d <<<= 9
- rol $9,%ebp
- # x13 ^= d
- xor %rbp,%r13
- # d = x12 + x13
- lea (%r14,%r13),%rbp
- # (uint32) d <<<= 13
- rol $13,%ebp
- # x14 ^= d
- xor %rbp,%rbx
- # d = x13 + x14
- lea (%r13,%rbx),%rbp
- # (uint32) d <<<= 18
- rol $18,%ebp
- # x15 ^= d
- xor %rbp,%r15
- # x15_stack = x15
- movq %r15,176(%rsp)
- # x5 = x5_stack
- movq 160(%rsp),%r15
- # a = x12 + x0
- lea (%r14,%rdx),%rbp
- # (uint32) a <<<= 7
- rol $7,%ebp
- # x4 ^= a
- xor %rbp,%r9
- # b = x1 + x5
- lea (%rdi,%r15),%rbp
- # (uint32) b <<<= 7
- rol $7,%ebp
- # x9 ^= b
- xor %rbp,%r10
- # a = x0 + x4
- lea (%rdx,%r9),%rbp
- # (uint32) a <<<= 9
- rol $9,%ebp
- # x8 ^= a
- xor %rbp,%r11
- # b = x5 + x9
- lea (%r15,%r10),%rbp
- # (uint32) b <<<= 9
- rol $9,%ebp
- # x13 ^= b
- xor %rbp,%r13
- # a = x4 + x8
- lea (%r9,%r11),%rbp
- # (uint32) a <<<= 13
- rol $13,%ebp
- # x12 ^= a
- xor %rbp,%r14
- # b = x9 + x13
- lea (%r10,%r13),%rbp
- # (uint32) b <<<= 13
- rol $13,%ebp
- # x1 ^= b
- xor %rbp,%rdi
- # a = x8 + x12
- lea (%r11,%r14),%rbp
- # (uint32) a <<<= 18
- rol $18,%ebp
- # x0 ^= a
- xor %rbp,%rdx
- # b = x13 + x1
- lea (%r13,%rdi),%rbp
- # (uint32) b <<<= 18
- rol $18,%ebp
- # x5 ^= b
- xor %rbp,%r15
- # x10 = x10_stack
- movq 168(%rsp),%rbp
- # x5_stack = x5
- movq %r15,160(%rsp)
- # c = x6 + x10
- lea (%rax,%rbp),%r15
- # (uint32) c <<<= 7
- rol $7,%r15d
- # x14 ^= c
- xor %r15,%rbx
- # c = x10 + x14
- lea (%rbp,%rbx),%r15
- # (uint32) c <<<= 9
- rol $9,%r15d
- # x2 ^= c
- xor %r15,%rcx
- # c = x14 + x2
- lea (%rbx,%rcx),%r15
- # (uint32) c <<<= 13
- rol $13,%r15d
- # x6 ^= c
- xor %r15,%rax
- # c = x2 + x6
- lea (%rcx,%rax),%r15
- # (uint32) c <<<= 18
- rol $18,%r15d
- # x10 ^= c
- xor %r15,%rbp
- # x15 = x15_stack
- movq 176(%rsp),%r15
- # x10_stack = x10
- movq %rbp,168(%rsp)
- # d = x11 + x15
- lea (%r12,%r15),%rbp
- # (uint32) d <<<= 7
- rol $7,%ebp
- # x3 ^= d
- xor %rbp,%rsi
- # d = x15 + x3
- lea (%r15,%rsi),%rbp
- # (uint32) d <<<= 9
- rol $9,%ebp
- # x7 ^= d
- xor %rbp,%r8
- # d = x3 + x7
- lea (%rsi,%r8),%rbp
- # (uint32) d <<<= 13
- rol $13,%ebp
- # x11 ^= d
- xor %rbp,%r12
- # d = x7 + x11
- lea (%r8,%r12),%rbp
- # (uint32) d <<<= 18
- rol $18,%ebp
- # x15 ^= d
- xor %rbp,%r15
- # x15_stack = x15
- movq %r15,176(%rsp)
- # x5 = x5_stack
- movq 160(%rsp),%r15
- # a = x3 + x0
- lea (%rsi,%rdx),%rbp
- # (uint32) a <<<= 7
- rol $7,%ebp
- # x1 ^= a
- xor %rbp,%rdi
- # b = x4 + x5
- lea (%r9,%r15),%rbp
- # (uint32) b <<<= 7
- rol $7,%ebp
- # x6 ^= b
- xor %rbp,%rax
- # a = x0 + x1
- lea (%rdx,%rdi),%rbp
- # (uint32) a <<<= 9
- rol $9,%ebp
- # x2 ^= a
- xor %rbp,%rcx
- # b = x5 + x6
- lea (%r15,%rax),%rbp
- # (uint32) b <<<= 9
- rol $9,%ebp
- # x7 ^= b
- xor %rbp,%r8
- # a = x1 + x2
- lea (%rdi,%rcx),%rbp
- # (uint32) a <<<= 13
- rol $13,%ebp
- # x3 ^= a
- xor %rbp,%rsi
- # b = x6 + x7
- lea (%rax,%r8),%rbp
- # (uint32) b <<<= 13
- rol $13,%ebp
- # x4 ^= b
- xor %rbp,%r9
- # a = x2 + x3
- lea (%rcx,%rsi),%rbp
- # (uint32) a <<<= 18
- rol $18,%ebp
- # x0 ^= a
- xor %rbp,%rdx
- # b = x7 + x4
- lea (%r8,%r9),%rbp
- # (uint32) b <<<= 18
- rol $18,%ebp
- # x5 ^= b
- xor %rbp,%r15
- # x10 = x10_stack
- movq 168(%rsp),%rbp
- # x5_stack = x5
- movq %r15,160(%rsp)
- # c = x9 + x10
- lea (%r10,%rbp),%r15
- # (uint32) c <<<= 7
- rol $7,%r15d
- # x11 ^= c
- xor %r15,%r12
- # c = x10 + x11
- lea (%rbp,%r12),%r15
- # (uint32) c <<<= 9
- rol $9,%r15d
- # x8 ^= c
- xor %r15,%r11
- # c = x11 + x8
- lea (%r12,%r11),%r15
- # (uint32) c <<<= 13
- rol $13,%r15d
- # x9 ^= c
- xor %r15,%r10
- # c = x8 + x9
- lea (%r11,%r10),%r15
- # (uint32) c <<<= 18
- rol $18,%r15d
- # x10 ^= c
- xor %r15,%rbp
- # x15 = x15_stack
- movq 176(%rsp),%r15
- # x10_stack = x10
- movq %rbp,168(%rsp)
- # d = x14 + x15
- lea (%rbx,%r15),%rbp
- # (uint32) d <<<= 7
- rol $7,%ebp
- # x12 ^= d
- xor %rbp,%r14
- # d = x15 + x12
- lea (%r15,%r14),%rbp
- # (uint32) d <<<= 9
- rol $9,%ebp
- # x13 ^= d
- xor %rbp,%r13
- # d = x12 + x13
- lea (%r14,%r13),%rbp
- # (uint32) d <<<= 13
- rol $13,%ebp
- # x14 ^= d
- xor %rbp,%rbx
- # d = x13 + x14
- lea (%r13,%rbx),%rbp
- # (uint32) d <<<= 18
- rol $18,%ebp
- # x15 ^= d
- xor %rbp,%r15
- # x15_stack = x15
- movq %r15,176(%rsp)
- # i = i_backup
- movq 184(%rsp),%r15
- # unsigned>? i -= 4
- sub $4,%r15
- # comment:fp stack unchanged by jump
- # goto mainloop if unsigned>
- ja ._mainloop
- # (uint32) x2 += j2
- addl 64(%rsp),%ecx
- # x3 <<= 32
- shl $32,%rsi
- # x3 += j2
- addq 64(%rsp),%rsi
- # (uint64) x3 >>= 32
- shr $32,%rsi
- # x3 <<= 32
- shl $32,%rsi
- # x2 += x3
- add %rsi,%rcx
- # (uint32) x6 += j6
- addl 80(%rsp),%eax
- # x7 <<= 32
- shl $32,%r8
- # x7 += j6
- addq 80(%rsp),%r8
- # (uint64) x7 >>= 32
- shr $32,%r8
- # x7 <<= 32
- shl $32,%r8
- # x6 += x7
- add %r8,%rax
- # (uint32) x8 += j8
- addl 88(%rsp),%r11d
- # x9 <<= 32
- shl $32,%r10
- # x9 += j8
- addq 88(%rsp),%r10
- # (uint64) x9 >>= 32
- shr $32,%r10
- # x9 <<= 32
- shl $32,%r10
- # x8 += x9
- add %r10,%r11
- # (uint32) x12 += j12
- addl 104(%rsp),%r14d
- # x13 <<= 32
- shl $32,%r13
- # x13 += j12
- addq 104(%rsp),%r13
- # (uint64) x13 >>= 32
- shr $32,%r13
- # x13 <<= 32
- shl $32,%r13
- # x12 += x13
- add %r13,%r14
- # (uint32) x0 += j0
- addl 56(%rsp),%edx
- # x1 <<= 32
- shl $32,%rdi
- # x1 += j0
- addq 56(%rsp),%rdi
- # (uint64) x1 >>= 32
- shr $32,%rdi
- # x1 <<= 32
- shl $32,%rdi
- # x0 += x1
- add %rdi,%rdx
- # x5 = x5_stack
- movq 160(%rsp),%rdi
- # (uint32) x4 += j4
- addl 72(%rsp),%r9d
- # x5 <<= 32
- shl $32,%rdi
- # x5 += j4
- addq 72(%rsp),%rdi
- # (uint64) x5 >>= 32
- shr $32,%rdi
- # x5 <<= 32
- shl $32,%rdi
- # x4 += x5
- add %rdi,%r9
- # x10 = x10_stack
- movq 168(%rsp),%r8
- # (uint32) x10 += j10
- addl 96(%rsp),%r8d
- # x11 <<= 32
- shl $32,%r12
- # x11 += j10
- addq 96(%rsp),%r12
- # (uint64) x11 >>= 32
- shr $32,%r12
- # x11 <<= 32
- shl $32,%r12
- # x10 += x11
- add %r12,%r8
- # x15 = x15_stack
- movq 176(%rsp),%rdi
- # (uint32) x14 += j14
- addl 112(%rsp),%ebx
- # x15 <<= 32
- shl $32,%rdi
- # x15 += j14
- addq 112(%rsp),%rdi
- # (uint64) x15 >>= 32
- shr $32,%rdi
- # x15 <<= 32
- shl $32,%rdi
- # x14 += x15
- add %rdi,%rbx
- # out = out_backup
- movq 136(%rsp),%rdi
- # m = m_backup
- movq 144(%rsp),%rsi
- # x0 ^= *(uint64 *) (m + 0)
- xorq 0(%rsi),%rdx
- # *(uint64 *) (out + 0) = x0
- movq %rdx,0(%rdi)
- # x2 ^= *(uint64 *) (m + 8)
- xorq 8(%rsi),%rcx
- # *(uint64 *) (out + 8) = x2
- movq %rcx,8(%rdi)
- # x4 ^= *(uint64 *) (m + 16)
- xorq 16(%rsi),%r9
- # *(uint64 *) (out + 16) = x4
- movq %r9,16(%rdi)
- # x6 ^= *(uint64 *) (m + 24)
- xorq 24(%rsi),%rax
- # *(uint64 *) (out + 24) = x6
- movq %rax,24(%rdi)
- # x8 ^= *(uint64 *) (m + 32)
- xorq 32(%rsi),%r11
- # *(uint64 *) (out + 32) = x8
- movq %r11,32(%rdi)
- # x10 ^= *(uint64 *) (m + 40)
- xorq 40(%rsi),%r8
- # *(uint64 *) (out + 40) = x10
- movq %r8,40(%rdi)
- # x12 ^= *(uint64 *) (m + 48)
- xorq 48(%rsi),%r14
- # *(uint64 *) (out + 48) = x12
- movq %r14,48(%rdi)
- # x14 ^= *(uint64 *) (m + 56)
- xorq 56(%rsi),%rbx
- # *(uint64 *) (out + 56) = x14
- movq %rbx,56(%rdi)
- # bytes = bytes_backup
- movq 152(%rsp),%rdx
- # in8 = j8
- movq 88(%rsp),%rcx
- # in8 += 1
- add $1,%rcx
- # j8 = in8
- movq %rcx,88(%rsp)
- # unsigned>? unsigned<? bytes - 64
- cmp $64,%rdx
- # comment:fp stack unchanged by jump
- # goto bytesatleast65 if unsigned>
- ja ._bytesatleast65
- # comment:fp stack unchanged by jump
- # goto bytesatleast64 if !unsigned<
- jae ._bytesatleast64
- # m = out
- mov %rdi,%rsi
- # out = ctarget
- movq 128(%rsp),%rdi
- # i = bytes
- mov %rdx,%rcx
- # while (i) { *out++ = *m++; --i }
- rep movsb
- # comment:fp stack unchanged by fallthrough
-# bytesatleast64:
-._bytesatleast64:
- # x = x_backup
- movq 120(%rsp),%rdi
- # in8 = j8
- movq 88(%rsp),%rsi
- # *(uint64 *) (x + 32) = in8
- movq %rsi,32(%rdi)
- # r11 = r11_stack
- movq 0(%rsp),%r11
- # r12 = r12_stack
- movq 8(%rsp),%r12
- # r13 = r13_stack
- movq 16(%rsp),%r13
- # r14 = r14_stack
- movq 24(%rsp),%r14
- # r15 = r15_stack
- movq 32(%rsp),%r15
- # rbx = rbx_stack
- movq 40(%rsp),%rbx
- # rbp = rbp_stack
- movq 48(%rsp),%rbp
- # comment:fp stack unchanged by fallthrough
-# done:
-._done:
- # leave
- add %r11,%rsp
- mov %rdi,%rax
- mov %rsi,%rdx
- ret
-# bytesatleast65:
-._bytesatleast65:
- # bytes -= 64
- sub $64,%rdx
- # out += 64
- add $64,%rdi
- # m += 64
- add $64,%rsi
- # comment:fp stack unchanged by jump
- # goto bytesatleast1
- jmp ._bytesatleast1
-ENDPROC(salsa20_encrypt_bytes)
diff --git a/arch/x86/crypto/salsa20_glue.c b/arch/x86/crypto/salsa20_glue.c
deleted file mode 100644
index b07d7d959806..000000000000
--- a/arch/x86/crypto/salsa20_glue.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Glue code for optimized assembly version of Salsa20.
- *
- * Copyright (c) 2007 Tan Swee Heng <thesweeheng@gmail.com>
- *
- * The assembly codes are public domain assembly codes written by Daniel. J.
- * Bernstein <djb@cr.yp.to>. The codes are modified to include indentation
- * and to remove extraneous comments and functions that are not needed.
- * - i586 version, renamed as salsa20-i586-asm_32.S
- * available from <http://cr.yp.to/snuffle/salsa20/x86-pm/salsa20.s>
- * - x86-64 version, renamed as salsa20-x86_64-asm_64.S
- * available from <http://cr.yp.to/snuffle/salsa20/amd64-3/salsa20.s>
- *
- * Also modified to set up the initial state using the generic C code rather
- * than in assembly.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- */
-
-#include <asm/unaligned.h>
-#include <crypto/internal/skcipher.h>
-#include <crypto/salsa20.h>
-#include <linux/module.h>
-
-asmlinkage void salsa20_encrypt_bytes(u32 state[16], const u8 *src, u8 *dst,
- u32 bytes);
-
-static int salsa20_asm_crypt(struct skcipher_request *req)
-{
- struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
- const struct salsa20_ctx *ctx = crypto_skcipher_ctx(tfm);
- struct skcipher_walk walk;
- u32 state[16];
- int err;
-
- err = skcipher_walk_virt(&walk, req, true);
-
- crypto_salsa20_init(state, ctx, walk.iv);
-
- while (walk.nbytes > 0) {
- unsigned int nbytes = walk.nbytes;
-
- if (nbytes < walk.total)
- nbytes = round_down(nbytes, walk.stride);
-
- salsa20_encrypt_bytes(state, walk.src.virt.addr,
- walk.dst.virt.addr, nbytes);
- err = skcipher_walk_done(&walk, walk.nbytes - nbytes);
- }
-
- return err;
-}
-
-static struct skcipher_alg alg = {
- .base.cra_name = "salsa20",
- .base.cra_driver_name = "salsa20-asm",
- .base.cra_priority = 200,
- .base.cra_blocksize = 1,
- .base.cra_ctxsize = sizeof(struct salsa20_ctx),
- .base.cra_module = THIS_MODULE,
-
- .min_keysize = SALSA20_MIN_KEY_SIZE,
- .max_keysize = SALSA20_MAX_KEY_SIZE,
- .ivsize = SALSA20_IV_SIZE,
- .chunksize = SALSA20_BLOCK_SIZE,
- .setkey = crypto_salsa20_setkey,
- .encrypt = salsa20_asm_crypt,
- .decrypt = salsa20_asm_crypt,
-};
-
-static int __init init(void)
-{
- return crypto_register_skcipher(&alg);
-}
-
-static void __exit fini(void)
-{
- crypto_unregister_skcipher(&alg);
-}
-
-module_init(init);
-module_exit(fini);
-
-MODULE_LICENSE("GPL");
-MODULE_DESCRIPTION ("Salsa20 stream cipher algorithm (optimized assembly version)");
-MODULE_ALIAS_CRYPTO("salsa20");
-MODULE_ALIAS_CRYPTO("salsa20-asm");
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 76e8c88c97b4..f3e40ac56d93 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -289,6 +289,107 @@ config CRYPTO_CHACHA20POLY1305
with the Poly1305 authenticator. It is defined in RFC7539 for use in
IETF protocols.
+config CRYPTO_AEGIS128
+ tristate "AEGIS-128 AEAD algorithm"
+ select CRYPTO_AEAD
+ select CRYPTO_AES # for AES S-box tables
+ help
+ Support for the AEGIS-128 dedicated AEAD algorithm.
+
+config CRYPTO_AEGIS128L
+ tristate "AEGIS-128L AEAD algorithm"
+ select CRYPTO_AEAD
+ select CRYPTO_AES # for AES S-box tables
+ help
+ Support for the AEGIS-128L dedicated AEAD algorithm.
+
+config CRYPTO_AEGIS256
+ tristate "AEGIS-256 AEAD algorithm"
+ select CRYPTO_AEAD
+ select CRYPTO_AES # for AES S-box tables
+ help
+ Support for the AEGIS-256 dedicated AEAD algorithm.
+
+config CRYPTO_AEGIS128_AESNI_SSE2
+ tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
+ depends on X86 && 64BIT
+ select CRYPTO_AEAD
+ select CRYPTO_CRYPTD
+ help
+ AESNI+SSE2 implementation of the AEGSI-128 dedicated AEAD algorithm.
+
+config CRYPTO_AEGIS128L_AESNI_SSE2
+ tristate "AEGIS-128L AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
+ depends on X86 && 64BIT
+ select CRYPTO_AEAD
+ select CRYPTO_CRYPTD
+ help
+ AESNI+SSE2 implementation of the AEGSI-128L dedicated AEAD algorithm.
+
+config CRYPTO_AEGIS256_AESNI_SSE2
+ tristate "AEGIS-256 AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
+ depends on X86 && 64BIT
+ select CRYPTO_AEAD
+ select CRYPTO_CRYPTD
+ help
+ AESNI+SSE2 implementation of the AEGSI-256 dedicated AEAD algorithm.
+
+config CRYPTO_MORUS640
+ tristate "MORUS-640 AEAD algorithm"
+ select CRYPTO_AEAD
+ help
+ Support for the MORUS-640 dedicated AEAD algorithm.
+
+config CRYPTO_MORUS640_GLUE
+ tristate
+ depends on X86
+ select CRYPTO_AEAD
+ select CRYPTO_CRYPTD
+ help
+ Common glue for SIMD optimizations of the MORUS-640 dedicated AEAD
+ algorithm.
+
+config CRYPTO_MORUS640_SSE2
+ tristate "MORUS-640 AEAD algorithm (x86_64 SSE2 implementation)"
+ depends on X86 && 64BIT
+ select CRYPTO_AEAD
+ select CRYPTO_MORUS640_GLUE
+ help
+ SSE2 implementation of the MORUS-640 dedicated AEAD algorithm.
+
+config CRYPTO_MORUS1280
+ tristate "MORUS-1280 AEAD algorithm"
+ select CRYPTO_AEAD
+ help
+ Support for the MORUS-1280 dedicated AEAD algorithm.
+
+config CRYPTO_MORUS1280_GLUE
+ tristate
+ depends on X86
+ select CRYPTO_AEAD
+ select CRYPTO_CRYPTD
+ help
+ Common glue for SIMD optimizations of the MORUS-1280 dedicated AEAD
+ algorithm.
+
+config CRYPTO_MORUS1280_SSE2
+ tristate "MORUS-1280 AEAD algorithm (x86_64 SSE2 implementation)"
+ depends on X86 && 64BIT
+ select CRYPTO_AEAD
+ select CRYPTO_MORUS1280_GLUE
+ help
+ SSE2 optimizedimplementation of the MORUS-1280 dedicated AEAD
+ algorithm.
+
+config CRYPTO_MORUS1280_AVX2
+ tristate "MORUS-1280 AEAD algorithm (x86_64 AVX2 implementation)"
+ depends on X86 && 64BIT
+ select CRYPTO_AEAD
+ select CRYPTO_MORUS1280_GLUE
+ help
+ AVX2 optimized implementation of the MORUS-1280 dedicated AEAD
+ algorithm.
+
config CRYPTO_SEQIV
tristate "Sequence Number IV Generator"
select CRYPTO_AEAD
@@ -1335,34 +1436,6 @@ config CRYPTO_SALSA20
The Salsa20 stream cipher algorithm is designed by Daniel J.
Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
-config CRYPTO_SALSA20_586
- tristate "Salsa20 stream cipher algorithm (i586)"
- depends on (X86 || UML_X86) && !64BIT
- select CRYPTO_BLKCIPHER
- select CRYPTO_SALSA20
- help
- Salsa20 stream cipher algorithm.
-
- Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
- Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
-
- The Salsa20 stream cipher algorithm is designed by Daniel J.
- Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
-
-config CRYPTO_SALSA20_X86_64
- tristate "Salsa20 stream cipher algorithm (x86_64)"
- depends on (X86 || UML_X86) && 64BIT
- select CRYPTO_BLKCIPHER
- select CRYPTO_SALSA20
- help
- Salsa20 stream cipher algorithm.
-
- Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
- Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
-
- The Salsa20 stream cipher algorithm is designed by Daniel J.
- Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
-
config CRYPTO_CHACHA20
tristate "ChaCha20 cipher algorithm"
select CRYPTO_BLKCIPHER
@@ -1695,6 +1768,15 @@ config CRYPTO_LZ4HC
help
This is the LZ4 high compression mode algorithm.
+config CRYPTO_ZSTD
+ tristate "Zstd compression algorithm"
+ select CRYPTO_ALGAPI
+ select CRYPTO_ACOMP2
+ select ZSTD_COMPRESS
+ select ZSTD_DECOMPRESS
+ help
+ This is the zstd algorithm.
+
comment "Random Number Generation"
config CRYPTO_ANSI_CPRNG
diff --git a/crypto/Makefile b/crypto/Makefile
index 3a5f01616f74..6d1d40eeb964 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -86,6 +86,11 @@ obj-$(CONFIG_CRYPTO_KEYWRAP) += keywrap.o
obj-$(CONFIG_CRYPTO_GCM) += gcm.o
obj-$(CONFIG_CRYPTO_CCM) += ccm.o
obj-$(CONFIG_CRYPTO_CHACHA20POLY1305) += chacha20poly1305.o
+obj-$(CONFIG_CRYPTO_AEGIS128) += aegis128.o
+obj-$(CONFIG_CRYPTO_AEGIS128L) += aegis128l.o
+obj-$(CONFIG_CRYPTO_AEGIS256) += aegis256.o
+obj-$(CONFIG_CRYPTO_MORUS640) += morus640.o
+obj-$(CONFIG_CRYPTO_MORUS1280) += morus1280.o
obj-$(CONFIG_CRYPTO_PCRYPT) += pcrypt.o
obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o
obj-$(CONFIG_CRYPTO_MCRYPTD) += mcryptd.o
@@ -137,6 +142,7 @@ obj-$(CONFIG_CRYPTO_USER_API_HASH) += algif_hash.o
obj-$(CONFIG_CRYPTO_USER_API_SKCIPHER) += algif_skcipher.o
obj-$(CONFIG_CRYPTO_USER_API_RNG) += algif_rng.o
obj-$(CONFIG_CRYPTO_USER_API_AEAD) += algif_aead.o
+obj-$(CONFIG_CRYPTO_ZSTD) += zstd.o
ecdh_generic-y := ecc.o
ecdh_generic-y += ecdh.o
diff --git a/crypto/aegis.h b/crypto/aegis.h
new file mode 100644
index 000000000000..f1c6900ddb80
--- /dev/null
+++ b/crypto/aegis.h
@@ -0,0 +1,80 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * AEGIS common definitions
+ *
+ * Copyright (c) 2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (c) 2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#ifndef _CRYPTO_AEGIS_H
+#define _CRYPTO_AEGIS_H
+
+#include <crypto/aes.h>
+#include <linux/types.h>
+
+#define AEGIS_BLOCK_SIZE 16
+
+union aegis_block {
+ __le64 words64[AEGIS_BLOCK_SIZE / sizeof(__le64)];
+ u32 words32[AEGIS_BLOCK_SIZE / sizeof(u32)];
+ u8 bytes[AEGIS_BLOCK_SIZE];
+};
+
+#define AEGIS_BLOCK_ALIGN (__alignof__(union aegis_block))
+#define AEGIS_ALIGNED(p) IS_ALIGNED((uintptr_t)p, AEGIS_BLOCK_ALIGN)
+
+static const union aegis_block crypto_aegis_const[2] = {
+ { .words64 = {
+ cpu_to_le64(U64_C(0x0d08050302010100)),
+ cpu_to_le64(U64_C(0x6279e99059372215)),
+ } },
+ { .words64 = {
+ cpu_to_le64(U64_C(0xf12fc26d55183ddb)),
+ cpu_to_le64(U64_C(0xdd28b57342311120)),
+ } },
+};
+
+static void crypto_aegis_block_xor(union aegis_block *dst,
+ const union aegis_block *src)
+{
+ dst->words64[0] ^= src->words64[0];
+ dst->words64[1] ^= src->words64[1];
+}
+
+static void crypto_aegis_block_and(union aegis_block *dst,
+ const union aegis_block *src)
+{
+ dst->words64[0] &= src->words64[0];
+ dst->words64[1] &= src->words64[1];
+}
+
+static void crypto_aegis_aesenc(union aegis_block *dst,
+ const union aegis_block *src,
+ const union aegis_block *key)
+{
+ u32 *d = dst->words32;
+ const u8 *s = src->bytes;
+ const u32 *k = key->words32;
+ const u32 *t0 = crypto_ft_tab[0];
+ const u32 *t1 = crypto_ft_tab[1];
+ const u32 *t2 = crypto_ft_tab[2];
+ const u32 *t3 = crypto_ft_tab[3];
+ u32 d0, d1, d2, d3;
+
+ d0 = t0[s[ 0]] ^ t1[s[ 5]] ^ t2[s[10]] ^ t3[s[15]] ^ k[0];
+ d1 = t0[s[ 4]] ^ t1[s[ 9]] ^ t2[s[14]] ^ t3[s[ 3]] ^ k[1];
+ d2 = t0[s[ 8]] ^ t1[s[13]] ^ t2[s[ 2]] ^ t3[s[ 7]] ^ k[2];
+ d3 = t0[s[12]] ^ t1[s[ 1]] ^ t2[s[ 6]] ^ t3[s[11]] ^ k[3];
+
+ d[0] = d0;
+ d[1] = d1;
+ d[2] = d2;
+ d[3] = d3;
+}
+
+#endif /* _CRYPTO_AEGIS_H */
diff --git a/crypto/aegis128.c b/crypto/aegis128.c
new file mode 100644
index 000000000000..38271303ce16
--- /dev/null
+++ b/crypto/aegis128.c
@@ -0,0 +1,463 @@
+/*
+ * The AEGIS-128 Authenticated-Encryption Algorithm
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/algapi.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/scatterwalk.h>
+#include <linux/err.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/scatterlist.h>
+
+#include "aegis.h"
+
+#define AEGIS128_NONCE_SIZE 16
+#define AEGIS128_STATE_BLOCKS 5
+#define AEGIS128_KEY_SIZE 16
+#define AEGIS128_MIN_AUTH_SIZE 8
+#define AEGIS128_MAX_AUTH_SIZE 16
+
+struct aegis_state {
+ union aegis_block blocks[AEGIS128_STATE_BLOCKS];
+};
+
+struct aegis_ctx {
+ union aegis_block key;
+};
+
+struct aegis128_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_chunk)(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size);
+};
+
+static void crypto_aegis128_update(struct aegis_state *state)
+{
+ union aegis_block tmp;
+ unsigned int i;
+
+ tmp = state->blocks[AEGIS128_STATE_BLOCKS - 1];
+ for (i = AEGIS128_STATE_BLOCKS - 1; i > 0; i--)
+ crypto_aegis_aesenc(&state->blocks[i], &state->blocks[i - 1],
+ &state->blocks[i]);
+ crypto_aegis_aesenc(&state->blocks[0], &tmp, &state->blocks[0]);
+}
+
+static void crypto_aegis128_update_a(struct aegis_state *state,
+ const union aegis_block *msg)
+{
+ crypto_aegis128_update(state);
+ crypto_aegis_block_xor(&state->blocks[0], msg);
+}
+
+static void crypto_aegis128_update_u(struct aegis_state *state, const void *msg)
+{
+ crypto_aegis128_update(state);
+ crypto_xor(state->blocks[0].bytes, msg, AEGIS_BLOCK_SIZE);
+}
+
+static void crypto_aegis128_init(struct aegis_state *state,
+ const union aegis_block *key,
+ const u8 *iv)
+{
+ union aegis_block key_iv;
+ unsigned int i;
+
+ key_iv = *key;
+ crypto_xor(key_iv.bytes, iv, AEGIS_BLOCK_SIZE);
+
+ state->blocks[0] = key_iv;
+ state->blocks[1] = crypto_aegis_const[1];
+ state->blocks[2] = crypto_aegis_const[0];
+ state->blocks[3] = *key;
+ state->blocks[4] = *key;
+
+ crypto_aegis_block_xor(&state->blocks[3], &crypto_aegis_const[0]);
+ crypto_aegis_block_xor(&state->blocks[4], &crypto_aegis_const[1]);
+
+ for (i = 0; i < 5; i++) {
+ crypto_aegis128_update_a(state, key);
+ crypto_aegis128_update_a(state, &key_iv);
+ }
+}
+
+static void crypto_aegis128_ad(struct aegis_state *state,
+ const u8 *src, unsigned int size)
+{
+ if (AEGIS_ALIGNED(src)) {
+ const union aegis_block *src_blk =
+ (const union aegis_block *)src;
+
+ while (size >= AEGIS_BLOCK_SIZE) {
+ crypto_aegis128_update_a(state, src_blk);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src_blk++;
+ }
+ } else {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ crypto_aegis128_update_u(state, src);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ }
+ }
+}
+
+static void crypto_aegis128_encrypt_chunk(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ union aegis_block tmp;
+
+ if (AEGIS_ALIGNED(src) && AEGIS_ALIGNED(dst)) {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ union aegis_block *dst_blk =
+ (union aegis_block *)dst;
+ const union aegis_block *src_blk =
+ (const union aegis_block *)src;
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_aegis_block_xor(&tmp, src_blk);
+
+ crypto_aegis128_update_a(state, src_blk);
+
+ *dst_blk = tmp;
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_xor(tmp.bytes, src, AEGIS_BLOCK_SIZE);
+
+ crypto_aegis128_update_u(state, src);
+
+ memcpy(dst, tmp.bytes, AEGIS_BLOCK_SIZE);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union aegis_block msg = {};
+ memcpy(msg.bytes, src, size);
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+
+ crypto_aegis128_update_a(state, &msg);
+
+ crypto_aegis_block_xor(&msg, &tmp);
+
+ memcpy(dst, msg.bytes, size);
+ }
+}
+
+static void crypto_aegis128_decrypt_chunk(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ union aegis_block tmp;
+
+ if (AEGIS_ALIGNED(src) && AEGIS_ALIGNED(dst)) {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ union aegis_block *dst_blk =
+ (union aegis_block *)dst;
+ const union aegis_block *src_blk =
+ (const union aegis_block *)src;
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_aegis_block_xor(&tmp, src_blk);
+
+ crypto_aegis128_update_a(state, &tmp);
+
+ *dst_blk = tmp;
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_xor(tmp.bytes, src, AEGIS_BLOCK_SIZE);
+
+ crypto_aegis128_update_a(state, &tmp);
+
+ memcpy(dst, tmp.bytes, AEGIS_BLOCK_SIZE);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union aegis_block msg = {};
+ memcpy(msg.bytes, src, size);
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_aegis_block_xor(&msg, &tmp);
+
+ memset(msg.bytes + size, 0, AEGIS_BLOCK_SIZE - size);
+
+ crypto_aegis128_update_a(state, &msg);
+
+ memcpy(dst, msg.bytes, size);
+ }
+}
+
+static void crypto_aegis128_process_ad(struct aegis_state *state,
+ struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ union aegis_block buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= AEGIS_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = AEGIS_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ crypto_aegis128_update_a(state, &buf);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_aegis128_ad(state, src, left);
+ src += left & ~(AEGIS_BLOCK_SIZE - 1);
+ left &= AEGIS_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+
+ pos += left;
+ assoclen -= size;
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, AEGIS_BLOCK_SIZE - pos);
+ crypto_aegis128_update_a(state, &buf);
+ }
+}
+
+static void crypto_aegis128_process_crypt(struct aegis_state *state,
+ struct aead_request *req,
+ const struct aegis128_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *src, *dst;
+ unsigned int chunksize;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops->crypt_chunk(state, dst, src, chunksize);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static void crypto_aegis128_final(struct aegis_state *state,
+ union aegis_block *tag_xor,
+ u64 assoclen, u64 cryptlen)
+{
+ u64 assocbits = assoclen * 8;
+ u64 cryptbits = cryptlen * 8;
+
+ union aegis_block tmp;
+ unsigned int i;
+
+ tmp.words64[0] = cpu_to_le64(assocbits);
+ tmp.words64[1] = cpu_to_le64(cryptbits);
+
+ crypto_aegis_block_xor(&tmp, &state->blocks[3]);
+
+ for (i = 0; i < 7; i++)
+ crypto_aegis128_update_a(state, &tmp);
+
+ for (i = 0; i < AEGIS128_STATE_BLOCKS; i++)
+ crypto_aegis_block_xor(tag_xor, &state->blocks[i]);
+}
+
+static int crypto_aegis128_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct aegis_ctx *ctx = crypto_aead_ctx(aead);
+
+ if (keylen != AEGIS128_KEY_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ memcpy(ctx->key.bytes, key, AEGIS128_KEY_SIZE);
+ return 0;
+}
+
+static int crypto_aegis128_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ if (authsize > AEGIS128_MAX_AUTH_SIZE)
+ return -EINVAL;
+ if (authsize < AEGIS128_MIN_AUTH_SIZE)
+ return -EINVAL;
+ return 0;
+}
+
+static void crypto_aegis128_crypt(struct aead_request *req,
+ union aegis_block *tag_xor,
+ unsigned int cryptlen,
+ const struct aegis128_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_ctx *ctx = crypto_aead_ctx(tfm);
+ struct aegis_state state;
+
+ crypto_aegis128_init(&state, &ctx->key, req->iv);
+ crypto_aegis128_process_ad(&state, req->src, req->assoclen);
+ crypto_aegis128_process_crypt(&state, req, ops);
+ crypto_aegis128_final(&state, tag_xor, req->assoclen, cryptlen);
+}
+
+static int crypto_aegis128_encrypt(struct aead_request *req)
+{
+ static const struct aegis128_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_chunk = crypto_aegis128_encrypt_chunk,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union aegis_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_aegis128_crypt(req, &tag, cryptlen, &ops);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst, req->assoclen + cryptlen,
+ authsize, 1);
+ return 0;
+}
+
+static int crypto_aegis128_decrypt(struct aead_request *req)
+{
+ static const struct aegis128_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_chunk = crypto_aegis128_decrypt_chunk,
+ };
+ static const u8 zeros[AEGIS128_MAX_AUTH_SIZE] = {};
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union aegis_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src, req->assoclen + cryptlen,
+ authsize, 0);
+
+ crypto_aegis128_crypt(req, &tag, cryptlen, &ops);
+
+ return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_aegis128_init_tfm(struct crypto_aead *tfm)
+{
+ return 0;
+}
+
+static void crypto_aegis128_exit_tfm(struct crypto_aead *tfm)
+{
+}
+
+static struct aead_alg crypto_aegis128_alg = {
+ .setkey = crypto_aegis128_setkey,
+ .setauthsize = crypto_aegis128_setauthsize,
+ .encrypt = crypto_aegis128_encrypt,
+ .decrypt = crypto_aegis128_decrypt,
+ .init = crypto_aegis128_init_tfm,
+ .exit = crypto_aegis128_exit_tfm,
+
+ .ivsize = AEGIS128_NONCE_SIZE,
+ .maxauthsize = AEGIS128_MAX_AUTH_SIZE,
+ .chunksize = AEGIS_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct aegis_ctx),
+ .cra_alignmask = 0,
+
+ .cra_priority = 100,
+
+ .cra_name = "aegis128",
+ .cra_driver_name = "aegis128-generic",
+
+ .cra_module = THIS_MODULE,
+ }
+};
+
+static int __init crypto_aegis128_module_init(void)
+{
+ return crypto_register_aead(&crypto_aegis128_alg);
+}
+
+static void __exit crypto_aegis128_module_exit(void)
+{
+ crypto_unregister_aead(&crypto_aegis128_alg);
+}
+
+module_init(crypto_aegis128_module_init);
+module_exit(crypto_aegis128_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("AEGIS-128 AEAD algorithm");
+MODULE_ALIAS_CRYPTO("aegis128");
+MODULE_ALIAS_CRYPTO("aegis128-generic");
diff --git a/crypto/aegis128l.c b/crypto/aegis128l.c
new file mode 100644
index 000000000000..0cc1a7525c85
--- /dev/null
+++ b/crypto/aegis128l.c
@@ -0,0 +1,527 @@
+/*
+ * The AEGIS-128L Authenticated-Encryption Algorithm
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/algapi.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/scatterwalk.h>
+#include <linux/err.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/scatterlist.h>
+
+#include "aegis.h"
+
+#define AEGIS128L_CHUNK_BLOCKS 2
+#define AEGIS128L_CHUNK_SIZE (AEGIS128L_CHUNK_BLOCKS * AEGIS_BLOCK_SIZE)
+#define AEGIS128L_NONCE_SIZE 16
+#define AEGIS128L_STATE_BLOCKS 8
+#define AEGIS128L_KEY_SIZE 16
+#define AEGIS128L_MIN_AUTH_SIZE 8
+#define AEGIS128L_MAX_AUTH_SIZE 16
+
+union aegis_chunk {
+ union aegis_block blocks[AEGIS128L_CHUNK_BLOCKS];
+ u8 bytes[AEGIS128L_CHUNK_SIZE];
+};
+
+struct aegis_state {
+ union aegis_block blocks[AEGIS128L_STATE_BLOCKS];
+};
+
+struct aegis_ctx {
+ union aegis_block key;
+};
+
+struct aegis128l_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_chunk)(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size);
+};
+
+static void crypto_aegis128l_update(struct aegis_state *state)
+{
+ union aegis_block tmp;
+ unsigned int i;
+
+ tmp = state->blocks[AEGIS128L_STATE_BLOCKS - 1];
+ for (i = AEGIS128L_STATE_BLOCKS - 1; i > 0; i--)
+ crypto_aegis_aesenc(&state->blocks[i], &state->blocks[i - 1],
+ &state->blocks[i]);
+ crypto_aegis_aesenc(&state->blocks[0], &tmp, &state->blocks[0]);
+}
+
+static void crypto_aegis128l_update_a(struct aegis_state *state,
+ const union aegis_chunk *msg)
+{
+ crypto_aegis128l_update(state);
+ crypto_aegis_block_xor(&state->blocks[0], &msg->blocks[0]);
+ crypto_aegis_block_xor(&state->blocks[4], &msg->blocks[1]);
+}
+
+static void crypto_aegis128l_update_u(struct aegis_state *state,
+ const void *msg)
+{
+ crypto_aegis128l_update(state);
+ crypto_xor(state->blocks[0].bytes, msg + 0 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+ crypto_xor(state->blocks[4].bytes, msg + 1 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+}
+
+static void crypto_aegis128l_init(struct aegis_state *state,
+ const union aegis_block *key,
+ const u8 *iv)
+{
+ union aegis_block key_iv;
+ union aegis_chunk chunk;
+ unsigned int i;
+
+ memcpy(chunk.blocks[0].bytes, iv, AEGIS_BLOCK_SIZE);
+ chunk.blocks[1] = *key;
+
+ key_iv = *key;
+ crypto_aegis_block_xor(&key_iv, &chunk.blocks[0]);
+
+ state->blocks[0] = key_iv;
+ state->blocks[1] = crypto_aegis_const[1];
+ state->blocks[2] = crypto_aegis_const[0];
+ state->blocks[3] = crypto_aegis_const[1];
+ state->blocks[4] = key_iv;
+ state->blocks[5] = *key;
+ state->blocks[6] = *key;
+ state->blocks[7] = *key;
+
+ crypto_aegis_block_xor(&state->blocks[5], &crypto_aegis_const[0]);
+ crypto_aegis_block_xor(&state->blocks[6], &crypto_aegis_const[1]);
+ crypto_aegis_block_xor(&state->blocks[7], &crypto_aegis_const[0]);
+
+ for (i = 0; i < 10; i++) {
+ crypto_aegis128l_update_a(state, &chunk);
+ }
+}
+
+static void crypto_aegis128l_ad(struct aegis_state *state,
+ const u8 *src, unsigned int size)
+{
+ if (AEGIS_ALIGNED(src)) {
+ const union aegis_chunk *src_chunk =
+ (const union aegis_chunk *)src;
+
+ while (size >= AEGIS128L_CHUNK_SIZE) {
+ crypto_aegis128l_update_a(state, src_chunk);
+
+ size -= AEGIS128L_CHUNK_SIZE;
+ src_chunk += 1;
+ }
+ } else {
+ while (size >= AEGIS128L_CHUNK_SIZE) {
+ crypto_aegis128l_update_u(state, src);
+
+ size -= AEGIS128L_CHUNK_SIZE;
+ src += AEGIS128L_CHUNK_SIZE;
+ }
+ }
+}
+
+static void crypto_aegis128l_encrypt_chunk(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ union aegis_chunk tmp;
+ union aegis_block *tmp0 = &tmp.blocks[0];
+ union aegis_block *tmp1 = &tmp.blocks[1];
+
+ if (AEGIS_ALIGNED(src) && AEGIS_ALIGNED(dst)) {
+ while (size >= AEGIS128L_CHUNK_SIZE) {
+ union aegis_chunk *dst_blk =
+ (union aegis_chunk *)dst;
+ const union aegis_chunk *src_blk =
+ (const union aegis_chunk *)src;
+
+ *tmp0 = state->blocks[2];
+ crypto_aegis_block_and(tmp0, &state->blocks[3]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[6]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[1]);
+ crypto_aegis_block_xor(tmp0, &src_blk->blocks[0]);
+
+ *tmp1 = state->blocks[6];
+ crypto_aegis_block_and(tmp1, &state->blocks[7]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[5]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[2]);
+ crypto_aegis_block_xor(tmp1, &src_blk->blocks[1]);
+
+ crypto_aegis128l_update_a(state, src_blk);
+
+ *dst_blk = tmp;
+
+ size -= AEGIS128L_CHUNK_SIZE;
+ src += AEGIS128L_CHUNK_SIZE;
+ dst += AEGIS128L_CHUNK_SIZE;
+ }
+ } else {
+ while (size >= AEGIS128L_CHUNK_SIZE) {
+ *tmp0 = state->blocks[2];
+ crypto_aegis_block_and(tmp0, &state->blocks[3]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[6]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[1]);
+ crypto_xor(tmp0->bytes, src + 0 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+
+ *tmp1 = state->blocks[6];
+ crypto_aegis_block_and(tmp1, &state->blocks[7]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[5]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[2]);
+ crypto_xor(tmp1->bytes, src + 1 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+
+ crypto_aegis128l_update_u(state, src);
+
+ memcpy(dst, tmp.bytes, AEGIS128L_CHUNK_SIZE);
+
+ size -= AEGIS128L_CHUNK_SIZE;
+ src += AEGIS128L_CHUNK_SIZE;
+ dst += AEGIS128L_CHUNK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union aegis_chunk msg = {};
+ memcpy(msg.bytes, src, size);
+
+ *tmp0 = state->blocks[2];
+ crypto_aegis_block_and(tmp0, &state->blocks[3]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[6]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[1]);
+
+ *tmp1 = state->blocks[6];
+ crypto_aegis_block_and(tmp1, &state->blocks[7]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[5]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[2]);
+
+ crypto_aegis128l_update_a(state, &msg);
+
+ crypto_aegis_block_xor(&msg.blocks[0], tmp0);
+ crypto_aegis_block_xor(&msg.blocks[1], tmp1);
+
+ memcpy(dst, msg.bytes, size);
+ }
+}
+
+static void crypto_aegis128l_decrypt_chunk(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ union aegis_chunk tmp;
+ union aegis_block *tmp0 = &tmp.blocks[0];
+ union aegis_block *tmp1 = &tmp.blocks[1];
+
+ if (AEGIS_ALIGNED(src) && AEGIS_ALIGNED(dst)) {
+ while (size >= AEGIS128L_CHUNK_SIZE) {
+ union aegis_chunk *dst_blk =
+ (union aegis_chunk *)dst;
+ const union aegis_chunk *src_blk =
+ (const union aegis_chunk *)src;
+
+ *tmp0 = state->blocks[2];
+ crypto_aegis_block_and(tmp0, &state->blocks[3]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[6]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[1]);
+ crypto_aegis_block_xor(tmp0, &src_blk->blocks[0]);
+
+ *tmp1 = state->blocks[6];
+ crypto_aegis_block_and(tmp1, &state->blocks[7]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[5]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[2]);
+ crypto_aegis_block_xor(tmp1, &src_blk->blocks[1]);
+
+ crypto_aegis128l_update_a(state, &tmp);
+
+ *dst_blk = tmp;
+
+ size -= AEGIS128L_CHUNK_SIZE;
+ src += AEGIS128L_CHUNK_SIZE;
+ dst += AEGIS128L_CHUNK_SIZE;
+ }
+ } else {
+ while (size >= AEGIS128L_CHUNK_SIZE) {
+ *tmp0 = state->blocks[2];
+ crypto_aegis_block_and(tmp0, &state->blocks[3]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[6]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[1]);
+ crypto_xor(tmp0->bytes, src + 0 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+
+ *tmp1 = state->blocks[6];
+ crypto_aegis_block_and(tmp1, &state->blocks[7]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[5]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[2]);
+ crypto_xor(tmp1->bytes, src + 1 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+
+ crypto_aegis128l_update_a(state, &tmp);
+
+ memcpy(dst, tmp.bytes, AEGIS128L_CHUNK_SIZE);
+
+ size -= AEGIS128L_CHUNK_SIZE;
+ src += AEGIS128L_CHUNK_SIZE;
+ dst += AEGIS128L_CHUNK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union aegis_chunk msg = {};
+ memcpy(msg.bytes, src, size);
+
+ *tmp0 = state->blocks[2];
+ crypto_aegis_block_and(tmp0, &state->blocks[3]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[6]);
+ crypto_aegis_block_xor(tmp0, &state->blocks[1]);
+ crypto_aegis_block_xor(&msg.blocks[0], tmp0);
+
+ *tmp1 = state->blocks[6];
+ crypto_aegis_block_and(tmp1, &state->blocks[7]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[5]);
+ crypto_aegis_block_xor(tmp1, &state->blocks[2]);
+ crypto_aegis_block_xor(&msg.blocks[1], tmp1);
+
+ memset(msg.bytes + size, 0, AEGIS128L_CHUNK_SIZE - size);
+
+ crypto_aegis128l_update_a(state, &msg);
+
+ memcpy(dst, msg.bytes, size);
+ }
+}
+
+static void crypto_aegis128l_process_ad(struct aegis_state *state,
+ struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ union aegis_chunk buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= AEGIS128L_CHUNK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = AEGIS128L_CHUNK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ crypto_aegis128l_update_a(state, &buf);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_aegis128l_ad(state, src, left);
+ src += left & ~(AEGIS128L_CHUNK_SIZE - 1);
+ left &= AEGIS128L_CHUNK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+
+ pos += left;
+ assoclen -= size;
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, AEGIS128L_CHUNK_SIZE - pos);
+ crypto_aegis128l_update_a(state, &buf);
+ }
+}
+
+static void crypto_aegis128l_process_crypt(struct aegis_state *state,
+ struct aead_request *req,
+ const struct aegis128l_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *src, *dst;
+ unsigned int chunksize;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops->crypt_chunk(state, dst, src, chunksize);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static void crypto_aegis128l_final(struct aegis_state *state,
+ union aegis_block *tag_xor,
+ u64 assoclen, u64 cryptlen)
+{
+ u64 assocbits = assoclen * 8;
+ u64 cryptbits = cryptlen * 8;
+
+ union aegis_chunk tmp;
+ unsigned int i;
+
+ tmp.blocks[0].words64[0] = cpu_to_le64(assocbits);
+ tmp.blocks[0].words64[1] = cpu_to_le64(cryptbits);
+
+ crypto_aegis_block_xor(&tmp.blocks[0], &state->blocks[2]);
+
+ tmp.blocks[1] = tmp.blocks[0];
+ for (i = 0; i < 7; i++)
+ crypto_aegis128l_update_a(state, &tmp);
+
+ for (i = 0; i < 7; i++)
+ crypto_aegis_block_xor(tag_xor, &state->blocks[i]);
+}
+
+static int crypto_aegis128l_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct aegis_ctx *ctx = crypto_aead_ctx(aead);
+
+ if (keylen != AEGIS128L_KEY_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ memcpy(ctx->key.bytes, key, AEGIS128L_KEY_SIZE);
+ return 0;
+}
+
+static int crypto_aegis128l_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ if (authsize > AEGIS128L_MAX_AUTH_SIZE)
+ return -EINVAL;
+ if (authsize < AEGIS128L_MIN_AUTH_SIZE)
+ return -EINVAL;
+ return 0;
+}
+
+static void crypto_aegis128l_crypt(struct aead_request *req,
+ union aegis_block *tag_xor,
+ unsigned int cryptlen,
+ const struct aegis128l_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_ctx *ctx = crypto_aead_ctx(tfm);
+ struct aegis_state state;
+
+ crypto_aegis128l_init(&state, &ctx->key, req->iv);
+ crypto_aegis128l_process_ad(&state, req->src, req->assoclen);
+ crypto_aegis128l_process_crypt(&state, req, ops);
+ crypto_aegis128l_final(&state, tag_xor, req->assoclen, cryptlen);
+}
+
+static int crypto_aegis128l_encrypt(struct aead_request *req)
+{
+ static const struct aegis128l_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_chunk = crypto_aegis128l_encrypt_chunk,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union aegis_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_aegis128l_crypt(req, &tag, cryptlen, &ops);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst, req->assoclen + cryptlen,
+ authsize, 1);
+ return 0;
+}
+
+static int crypto_aegis128l_decrypt(struct aead_request *req)
+{
+ static const struct aegis128l_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_chunk = crypto_aegis128l_decrypt_chunk,
+ };
+ static const u8 zeros[AEGIS128L_MAX_AUTH_SIZE] = {};
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union aegis_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src, req->assoclen + cryptlen,
+ authsize, 0);
+
+ crypto_aegis128l_crypt(req, &tag, cryptlen, &ops);
+
+ return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_aegis128l_init_tfm(struct crypto_aead *tfm)
+{
+ return 0;
+}
+
+static void crypto_aegis128l_exit_tfm(struct crypto_aead *tfm)
+{
+}
+
+static struct aead_alg crypto_aegis128l_alg = {
+ .setkey = crypto_aegis128l_setkey,
+ .setauthsize = crypto_aegis128l_setauthsize,
+ .encrypt = crypto_aegis128l_encrypt,
+ .decrypt = crypto_aegis128l_decrypt,
+ .init = crypto_aegis128l_init_tfm,
+ .exit = crypto_aegis128l_exit_tfm,
+
+ .ivsize = AEGIS128L_NONCE_SIZE,
+ .maxauthsize = AEGIS128L_MAX_AUTH_SIZE,
+ .chunksize = AEGIS128L_CHUNK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct aegis_ctx),
+ .cra_alignmask = 0,
+
+ .cra_priority = 100,
+
+ .cra_name = "aegis128l",
+ .cra_driver_name = "aegis128l-generic",
+
+ .cra_module = THIS_MODULE,
+ }
+};
+
+static int __init crypto_aegis128l_module_init(void)
+{
+ return crypto_register_aead(&crypto_aegis128l_alg);
+}
+
+static void __exit crypto_aegis128l_module_exit(void)
+{
+ crypto_unregister_aead(&crypto_aegis128l_alg);
+}
+
+module_init(crypto_aegis128l_module_init);
+module_exit(crypto_aegis128l_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("AEGIS-128L AEAD algorithm");
+MODULE_ALIAS_CRYPTO("aegis128l");
+MODULE_ALIAS_CRYPTO("aegis128l-generic");
diff --git a/crypto/aegis256.c b/crypto/aegis256.c
new file mode 100644
index 000000000000..a489d741d33a
--- /dev/null
+++ b/crypto/aegis256.c
@@ -0,0 +1,478 @@
+/*
+ * The AEGIS-256 Authenticated-Encryption Algorithm
+ *
+ * Copyright (c) 2017-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <crypto/algapi.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/scatterwalk.h>
+#include <linux/err.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/scatterlist.h>
+
+#include "aegis.h"
+
+#define AEGIS256_NONCE_SIZE 32
+#define AEGIS256_STATE_BLOCKS 6
+#define AEGIS256_KEY_SIZE 32
+#define AEGIS256_MIN_AUTH_SIZE 8
+#define AEGIS256_MAX_AUTH_SIZE 16
+
+struct aegis_state {
+ union aegis_block blocks[AEGIS256_STATE_BLOCKS];
+};
+
+struct aegis_ctx {
+ union aegis_block key[AEGIS256_KEY_SIZE / AEGIS_BLOCK_SIZE];
+};
+
+struct aegis256_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_chunk)(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size);
+};
+
+static void crypto_aegis256_update(struct aegis_state *state)
+{
+ union aegis_block tmp;
+ unsigned int i;
+
+ tmp = state->blocks[AEGIS256_STATE_BLOCKS - 1];
+ for (i = AEGIS256_STATE_BLOCKS - 1; i > 0; i--)
+ crypto_aegis_aesenc(&state->blocks[i], &state->blocks[i - 1],
+ &state->blocks[i]);
+ crypto_aegis_aesenc(&state->blocks[0], &tmp, &state->blocks[0]);
+}
+
+static void crypto_aegis256_update_a(struct aegis_state *state,
+ const union aegis_block *msg)
+{
+ crypto_aegis256_update(state);
+ crypto_aegis_block_xor(&state->blocks[0], msg);
+}
+
+static void crypto_aegis256_update_u(struct aegis_state *state, const void *msg)
+{
+ crypto_aegis256_update(state);
+ crypto_xor(state->blocks[0].bytes, msg, AEGIS_BLOCK_SIZE);
+}
+
+static void crypto_aegis256_init(struct aegis_state *state,
+ const union aegis_block *key,
+ const u8 *iv)
+{
+ union aegis_block key_iv[2];
+ unsigned int i;
+
+ key_iv[0] = key[0];
+ key_iv[1] = key[1];
+ crypto_xor(key_iv[0].bytes, iv + 0 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+ crypto_xor(key_iv[1].bytes, iv + 1 * AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+
+ state->blocks[0] = key_iv[0];
+ state->blocks[1] = key_iv[1];
+ state->blocks[2] = crypto_aegis_const[1];
+ state->blocks[3] = crypto_aegis_const[0];
+ state->blocks[4] = key[0];
+ state->blocks[5] = key[1];
+
+ crypto_aegis_block_xor(&state->blocks[4], &crypto_aegis_const[0]);
+ crypto_aegis_block_xor(&state->blocks[5], &crypto_aegis_const[1]);
+
+ for (i = 0; i < 4; i++) {
+ crypto_aegis256_update_a(state, &key[0]);
+ crypto_aegis256_update_a(state, &key[1]);
+ crypto_aegis256_update_a(state, &key_iv[0]);
+ crypto_aegis256_update_a(state, &key_iv[1]);
+ }
+}
+
+static void crypto_aegis256_ad(struct aegis_state *state,
+ const u8 *src, unsigned int size)
+{
+ if (AEGIS_ALIGNED(src)) {
+ const union aegis_block *src_blk =
+ (const union aegis_block *)src;
+
+ while (size >= AEGIS_BLOCK_SIZE) {
+ crypto_aegis256_update_a(state, src_blk);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src_blk++;
+ }
+ } else {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ crypto_aegis256_update_u(state, src);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ }
+ }
+}
+
+static void crypto_aegis256_encrypt_chunk(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ union aegis_block tmp;
+
+ if (AEGIS_ALIGNED(src) && AEGIS_ALIGNED(dst)) {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ union aegis_block *dst_blk =
+ (union aegis_block *)dst;
+ const union aegis_block *src_blk =
+ (const union aegis_block *)src;
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[5]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_aegis_block_xor(&tmp, src_blk);
+
+ crypto_aegis256_update_a(state, src_blk);
+
+ *dst_blk = tmp;
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[5]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_xor(tmp.bytes, src, AEGIS_BLOCK_SIZE);
+
+ crypto_aegis256_update_u(state, src);
+
+ memcpy(dst, tmp.bytes, AEGIS_BLOCK_SIZE);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union aegis_block msg = {};
+ memcpy(msg.bytes, src, size);
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[5]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+
+ crypto_aegis256_update_a(state, &msg);
+
+ crypto_aegis_block_xor(&msg, &tmp);
+
+ memcpy(dst, msg.bytes, size);
+ }
+}
+
+static void crypto_aegis256_decrypt_chunk(struct aegis_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ union aegis_block tmp;
+
+ if (AEGIS_ALIGNED(src) && AEGIS_ALIGNED(dst)) {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ union aegis_block *dst_blk =
+ (union aegis_block *)dst;
+ const union aegis_block *src_blk =
+ (const union aegis_block *)src;
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[5]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_aegis_block_xor(&tmp, src_blk);
+
+ crypto_aegis256_update_a(state, &tmp);
+
+ *dst_blk = tmp;
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= AEGIS_BLOCK_SIZE) {
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[5]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_xor(tmp.bytes, src, AEGIS_BLOCK_SIZE);
+
+ crypto_aegis256_update_a(state, &tmp);
+
+ memcpy(dst, tmp.bytes, AEGIS_BLOCK_SIZE);
+
+ size -= AEGIS_BLOCK_SIZE;
+ src += AEGIS_BLOCK_SIZE;
+ dst += AEGIS_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union aegis_block msg = {};
+ memcpy(msg.bytes, src, size);
+
+ tmp = state->blocks[2];
+ crypto_aegis_block_and(&tmp, &state->blocks[3]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[5]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[4]);
+ crypto_aegis_block_xor(&tmp, &state->blocks[1]);
+ crypto_aegis_block_xor(&msg, &tmp);
+
+ memset(msg.bytes + size, 0, AEGIS_BLOCK_SIZE - size);
+
+ crypto_aegis256_update_a(state, &msg);
+
+ memcpy(dst, msg.bytes, size);
+ }
+}
+
+static void crypto_aegis256_process_ad(struct aegis_state *state,
+ struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ union aegis_block buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= AEGIS_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = AEGIS_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+ crypto_aegis256_update_a(state, &buf);
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_aegis256_ad(state, src, left);
+ src += left & ~(AEGIS_BLOCK_SIZE - 1);
+ left &= AEGIS_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+
+ pos += left;
+ assoclen -= size;
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, AEGIS_BLOCK_SIZE - pos);
+ crypto_aegis256_update_a(state, &buf);
+ }
+}
+
+static void crypto_aegis256_process_crypt(struct aegis_state *state,
+ struct aead_request *req,
+ const struct aegis256_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *src, *dst;
+ unsigned int chunksize;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+ chunksize = walk.nbytes;
+
+ ops->crypt_chunk(state, dst, src, chunksize);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static void crypto_aegis256_final(struct aegis_state *state,
+ union aegis_block *tag_xor,
+ u64 assoclen, u64 cryptlen)
+{
+ u64 assocbits = assoclen * 8;
+ u64 cryptbits = cryptlen * 8;
+
+ union aegis_block tmp;
+ unsigned int i;
+
+ tmp.words64[0] = cpu_to_le64(assocbits);
+ tmp.words64[1] = cpu_to_le64(cryptbits);
+
+ crypto_aegis_block_xor(&tmp, &state->blocks[3]);
+
+ for (i = 0; i < 7; i++)
+ crypto_aegis256_update_a(state, &tmp);
+
+ for (i = 0; i < AEGIS256_STATE_BLOCKS; i++)
+ crypto_aegis_block_xor(tag_xor, &state->blocks[i]);
+}
+
+static int crypto_aegis256_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct aegis_ctx *ctx = crypto_aead_ctx(aead);
+
+ if (keylen != AEGIS256_KEY_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ memcpy(ctx->key[0].bytes, key, AEGIS_BLOCK_SIZE);
+ memcpy(ctx->key[1].bytes, key + AEGIS_BLOCK_SIZE,
+ AEGIS_BLOCK_SIZE);
+ return 0;
+}
+
+static int crypto_aegis256_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ if (authsize > AEGIS256_MAX_AUTH_SIZE)
+ return -EINVAL;
+ if (authsize < AEGIS256_MIN_AUTH_SIZE)
+ return -EINVAL;
+ return 0;
+}
+
+static void crypto_aegis256_crypt(struct aead_request *req,
+ union aegis_block *tag_xor,
+ unsigned int cryptlen,
+ const struct aegis256_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct aegis_ctx *ctx = crypto_aead_ctx(tfm);
+ struct aegis_state state;
+
+ crypto_aegis256_init(&state, ctx->key, req->iv);
+ crypto_aegis256_process_ad(&state, req->src, req->assoclen);
+ crypto_aegis256_process_crypt(&state, req, ops);
+ crypto_aegis256_final(&state, tag_xor, req->assoclen, cryptlen);
+}
+
+static int crypto_aegis256_encrypt(struct aead_request *req)
+{
+ static const struct aegis256_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_chunk = crypto_aegis256_encrypt_chunk,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union aegis_block tag = {};
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_aegis256_crypt(req, &tag, cryptlen, &ops);
+
+ scatterwalk_map_and_copy(tag.bytes, req->dst, req->assoclen + cryptlen,
+ authsize, 1);
+ return 0;
+}
+
+static int crypto_aegis256_decrypt(struct aead_request *req)
+{
+ static const struct aegis256_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_chunk = crypto_aegis256_decrypt_chunk,
+ };
+ static const u8 zeros[AEGIS256_MAX_AUTH_SIZE] = {};
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union aegis_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag.bytes, req->src, req->assoclen + cryptlen,
+ authsize, 0);
+
+ crypto_aegis256_crypt(req, &tag, cryptlen, &ops);
+
+ return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_aegis256_init_tfm(struct crypto_aead *tfm)
+{
+ return 0;
+}
+
+static void crypto_aegis256_exit_tfm(struct crypto_aead *tfm)
+{
+}
+
+static struct aead_alg crypto_aegis256_alg = {
+ .setkey = crypto_aegis256_setkey,
+ .setauthsize = crypto_aegis256_setauthsize,
+ .encrypt = crypto_aegis256_encrypt,
+ .decrypt = crypto_aegis256_decrypt,
+ .init = crypto_aegis256_init_tfm,
+ .exit = crypto_aegis256_exit_tfm,
+
+ .ivsize = AEGIS256_NONCE_SIZE,
+ .maxauthsize = AEGIS256_MAX_AUTH_SIZE,
+ .chunksize = AEGIS_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct aegis_ctx),
+ .cra_alignmask = 0,
+
+ .cra_priority = 100,
+
+ .cra_name = "aegis256",
+ .cra_driver_name = "aegis256-generic",
+
+ .cra_module = THIS_MODULE,
+ }
+};
+
+static int __init crypto_aegis256_module_init(void)
+{
+ return crypto_register_aead(&crypto_aegis256_alg);
+}
+
+static void __exit crypto_aegis256_module_exit(void)
+{
+ crypto_unregister_aead(&crypto_aegis256_alg);
+}
+
+module_init(crypto_aegis256_module_init);
+module_exit(crypto_aegis256_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("AEGIS-256 AEAD algorithm");
+MODULE_ALIAS_CRYPTO("aegis256");
+MODULE_ALIAS_CRYPTO("aegis256-generic");
diff --git a/crypto/algapi.c b/crypto/algapi.c
index 2a0271b5f62a..c0755cf4f53f 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -10,6 +10,7 @@
*
*/
+#include <crypto/algapi.h>
#include <linux/err.h>
#include <linux/errno.h>
#include <linux/fips.h>
@@ -59,6 +60,15 @@ static int crypto_check_alg(struct crypto_alg *alg)
if (alg->cra_blocksize > PAGE_SIZE / 8)
return -EINVAL;
+ if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
+ CRYPTO_ALG_TYPE_CIPHER) {
+ if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK)
+ return -EINVAL;
+
+ if (alg->cra_blocksize > MAX_CIPHER_BLOCKSIZE)
+ return -EINVAL;
+ }
+
if (alg->cra_priority < 0)
return -EINVAL;
diff --git a/crypto/authenc.c b/crypto/authenc.c
index d3d6d72fe649..4fa8d40d947b 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -108,6 +108,7 @@ static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key,
CRYPTO_TFM_RES_MASK);
out:
+ memzero_explicit(&keys, sizeof(keys));
return err;
badkey:
diff --git a/crypto/authencesn.c b/crypto/authencesn.c
index 15f91ddd7f0e..50b804747e20 100644
--- a/crypto/authencesn.c
+++ b/crypto/authencesn.c
@@ -90,6 +90,7 @@ static int crypto_authenc_esn_setkey(struct crypto_aead *authenc_esn, const u8 *
CRYPTO_TFM_RES_MASK);
out:
+ memzero_explicit(&keys, sizeof(keys));
return err;
badkey:
diff --git a/crypto/cfb.c b/crypto/cfb.c
index 94ee39bed758..a0d68c09e1b9 100644
--- a/crypto/cfb.c
+++ b/crypto/cfb.c
@@ -53,9 +53,8 @@ static void crypto_cfb_encrypt_one(struct crypto_skcipher *tfm,
static void crypto_cfb_final(struct skcipher_walk *walk,
struct crypto_skcipher *tfm)
{
- const unsigned int bsize = crypto_cfb_bsize(tfm);
const unsigned long alignmask = crypto_skcipher_alignmask(tfm);
- u8 tmp[bsize + alignmask];
+ u8 tmp[MAX_CIPHER_BLOCKSIZE + MAX_CIPHER_ALIGNMASK];
u8 *stream = PTR_ALIGN(tmp + 0, alignmask + 1);
u8 *src = walk->src.virt.addr;
u8 *dst = walk->dst.virt.addr;
@@ -94,7 +93,7 @@ static int crypto_cfb_encrypt_inplace(struct skcipher_walk *walk,
unsigned int nbytes = walk->nbytes;
u8 *src = walk->src.virt.addr;
u8 *iv = walk->iv;
- u8 tmp[bsize];
+ u8 tmp[MAX_CIPHER_BLOCKSIZE];
do {
crypto_cfb_encrypt_one(tfm, iv, tmp);
@@ -164,7 +163,7 @@ static int crypto_cfb_decrypt_inplace(struct skcipher_walk *walk,
unsigned int nbytes = walk->nbytes;
u8 *src = walk->src.virt.addr;
u8 *iv = walk->iv;
- u8 tmp[bsize];
+ u8 tmp[MAX_CIPHER_BLOCKSIZE];
do {
crypto_cfb_encrypt_one(tfm, iv, tmp);
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 94fa3551476b..57836c30a49a 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -13,6 +13,7 @@
*
*/
+#include <crypto/algapi.h>
#include <linux/kernel.h>
#include <linux/crypto.h>
#include <linux/errno.h>
@@ -67,7 +68,7 @@ static void cipher_crypt_unaligned(void (*fn)(struct crypto_tfm *, u8 *,
{
unsigned long alignmask = crypto_tfm_alg_alignmask(tfm);
unsigned int size = crypto_tfm_alg_blocksize(tfm);
- u8 buffer[size + alignmask];
+ u8 buffer[MAX_CIPHER_BLOCKSIZE + MAX_CIPHER_ALIGNMASK];
u8 *tmp = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
memcpy(tmp, src, size);
diff --git a/crypto/crc32_generic.c b/crypto/crc32_generic.c
index 718cbce8d169..00facd27bcc2 100644
--- a/crypto/crc32_generic.c
+++ b/crypto/crc32_generic.c
@@ -29,6 +29,7 @@
* This is crypto api shash wrappers to crc32_le.
*/
+#include <asm/unaligned.h>
#include <linux/crc32.h>
#include <crypto/internal/hash.h>
#include <linux/init.h>
@@ -39,11 +40,6 @@
#define CHKSUM_BLOCK_SIZE 1
#define CHKSUM_DIGEST_SIZE 4
-static u32 __crc32_le(u32 crc, unsigned char const *p, size_t len)
-{
- return crc32_le(crc, p, len);
-}
-
/** No default init with ~0 */
static int crc32_cra_init(struct crypto_tfm *tfm)
{
@@ -54,7 +50,6 @@ static int crc32_cra_init(struct crypto_tfm *tfm)
return 0;
}
-
/*
* Setting the seed allows arbitrary accumulators and flexible XOR policy
* If your algorithm starts with ~0, then XOR with ~0 before you set
@@ -69,7 +64,7 @@ static int crc32_setkey(struct crypto_shash *hash, const u8 *key,
crypto_shash_set_flags(hash, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
- *mctx = le32_to_cpup((__le32 *)key);
+ *mctx = get_unaligned_le32(key);
return 0;
}
@@ -88,7 +83,7 @@ static int crc32_update(struct shash_desc *desc, const u8 *data,
{
u32 *crcp = shash_desc_ctx(desc);
- *crcp = __crc32_le(*crcp, data, len);
+ *crcp = crc32_le(*crcp, data, len);
return 0;
}
@@ -96,7 +91,7 @@ static int crc32_update(struct shash_desc *desc, const u8 *data,
static int __crc32_finup(u32 *crcp, const u8 *data, unsigned int len,
u8 *out)
{
- *(__le32 *)out = cpu_to_le32(__crc32_le(*crcp, data, len));
+ put_unaligned_le32(crc32_le(*crcp, data, len), out);
return 0;
}
@@ -110,7 +105,7 @@ static int crc32_final(struct shash_desc *desc, u8 *out)
{
u32 *crcp = shash_desc_ctx(desc);
- *(__le32 *)out = cpu_to_le32p(crcp);
+ put_unaligned_le32(*crcp, out);
return 0;
}
diff --git a/crypto/crc32c_generic.c b/crypto/crc32c_generic.c
index 372320399622..7283066ecc98 100644
--- a/crypto/crc32c_generic.c
+++ b/crypto/crc32c_generic.c
@@ -35,6 +35,7 @@
*
*/
+#include <asm/unaligned.h>
#include <crypto/internal/hash.h>
#include <linux/init.h>
#include <linux/module.h>
@@ -82,7 +83,7 @@ static int chksum_setkey(struct crypto_shash *tfm, const u8 *key,
crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
- mctx->key = le32_to_cpu(*(__le32 *)key);
+ mctx->key = get_unaligned_le32(key);
return 0;
}
@@ -99,13 +100,13 @@ static int chksum_final(struct shash_desc *desc, u8 *out)
{
struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
- *(__le32 *)out = ~cpu_to_le32p(&ctx->crc);
+ put_unaligned_le32(~ctx->crc, out);
return 0;
}
static int __chksum_finup(u32 *crcp, const u8 *data, unsigned int len, u8 *out)
{
- *(__le32 *)out = ~cpu_to_le32(__crc32c_le(*crcp, data, len));
+ put_unaligned_le32(~__crc32c_le(*crcp, data, len), out);
return 0;
}
@@ -148,7 +149,6 @@ static struct shash_alg alg = {
.cra_priority = 100,
.cra_flags = CRYPTO_ALG_OPTIONAL_KEY,
.cra_blocksize = CHKSUM_BLOCK_SIZE,
- .cra_alignmask = 3,
.cra_ctxsize = sizeof(struct chksum_ctx),
.cra_module = THIS_MODULE,
.cra_init = crc32c_cra_init,
diff --git a/crypto/ctr.c b/crypto/ctr.c
index 854d924f9d8e..435b75bd619e 100644
--- a/crypto/ctr.c
+++ b/crypto/ctr.c
@@ -58,7 +58,7 @@ static void crypto_ctr_crypt_final(struct blkcipher_walk *walk,
unsigned int bsize = crypto_cipher_blocksize(tfm);
unsigned long alignmask = crypto_cipher_alignmask(tfm);
u8 *ctrblk = walk->iv;
- u8 tmp[bsize + alignmask];
+ u8 tmp[MAX_CIPHER_BLOCKSIZE + MAX_CIPHER_ALIGNMASK];
u8 *keystream = PTR_ALIGN(tmp + 0, alignmask + 1);
u8 *src = walk->src.virt.addr;
u8 *dst = walk->dst.virt.addr;
@@ -106,7 +106,7 @@ static int crypto_ctr_crypt_inplace(struct blkcipher_walk *walk,
unsigned int nbytes = walk->nbytes;
u8 *ctrblk = walk->iv;
u8 *src = walk->src.virt.addr;
- u8 tmp[bsize + alignmask];
+ u8 tmp[MAX_CIPHER_BLOCKSIZE + MAX_CIPHER_ALIGNMASK];
u8 *keystream = PTR_ALIGN(tmp + 0, alignmask + 1);
do {
diff --git a/crypto/cts.c b/crypto/cts.c
index 4773c188e6d9..4e28d83ae37d 100644
--- a/crypto/cts.c
+++ b/crypto/cts.c
@@ -40,6 +40,7 @@
* rfc3962 includes errata information in its Appendix A.
*/
+#include <crypto/algapi.h>
#include <crypto/internal/skcipher.h>
#include <linux/err.h>
#include <linux/init.h>
@@ -104,7 +105,7 @@ static int cts_cbc_encrypt(struct skcipher_request *req)
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
struct skcipher_request *subreq = &rctx->subreq;
int bsize = crypto_skcipher_blocksize(tfm);
- u8 d[bsize * 2] __aligned(__alignof__(u32));
+ u8 d[MAX_CIPHER_BLOCKSIZE * 2] __aligned(__alignof__(u32));
struct scatterlist *sg;
unsigned int offset;
int lastn;
@@ -183,7 +184,7 @@ static int cts_cbc_decrypt(struct skcipher_request *req)
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
struct skcipher_request *subreq = &rctx->subreq;
int bsize = crypto_skcipher_blocksize(tfm);
- u8 d[bsize * 2] __aligned(__alignof__(u32));
+ u8 d[MAX_CIPHER_BLOCKSIZE * 2] __aligned(__alignof__(u32));
struct scatterlist *sg;
unsigned int offset;
u8 *space;
diff --git a/crypto/ecc.c b/crypto/ecc.c
index 9c066b5ac12d..815541309a95 100644
--- a/crypto/ecc.c
+++ b/crypto/ecc.c
@@ -515,7 +515,7 @@ static void vli_mmod_fast_256(u64 *result, const u64 *product,
static bool vli_mmod_fast(u64 *result, u64 *product,
const u64 *curve_prime, unsigned int ndigits)
{
- u64 tmp[2 * ndigits];
+ u64 tmp[2 * ECC_MAX_DIGITS];
switch (ndigits) {
case 3:
@@ -536,7 +536,7 @@ static bool vli_mmod_fast(u64 *result, u64 *product,
static void vli_mod_mult_fast(u64 *result, const u64 *left, const u64 *right,
const u64 *curve_prime, unsigned int ndigits)
{
- u64 product[2 * ndigits];
+ u64 product[2 * ECC_MAX_DIGITS];
vli_mult(product, left, right, ndigits);
vli_mmod_fast(result, product, curve_prime, ndigits);
@@ -546,7 +546,7 @@ static void vli_mod_mult_fast(u64 *result, const u64 *left, const u64 *right,
static void vli_mod_square_fast(u64 *result, const u64 *left,
const u64 *curve_prime, unsigned int ndigits)
{
- u64 product[2 * ndigits];
+ u64 product[2 * ECC_MAX_DIGITS];
vli_square(product, left, ndigits);
vli_mmod_fast(result, product, curve_prime, ndigits);
@@ -560,8 +560,8 @@ static void vli_mod_square_fast(u64 *result, const u64 *left,
static void vli_mod_inv(u64 *result, const u64 *input, const u64 *mod,
unsigned int ndigits)
{
- u64 a[ndigits], b[ndigits];
- u64 u[ndigits], v[ndigits];
+ u64 a[ECC_MAX_DIGITS], b[ECC_MAX_DIGITS];
+ u64 u[ECC_MAX_DIGITS], v[ECC_MAX_DIGITS];
u64 carry;
int cmp_result;
@@ -649,8 +649,8 @@ static void ecc_point_double_jacobian(u64 *x1, u64 *y1, u64 *z1,
u64 *curve_prime, unsigned int ndigits)
{
/* t1 = x, t2 = y, t3 = z */
- u64 t4[ndigits];
- u64 t5[ndigits];
+ u64 t4[ECC_MAX_DIGITS];
+ u64 t5[ECC_MAX_DIGITS];
if (vli_is_zero(z1, ndigits))
return;
@@ -711,7 +711,7 @@ static void ecc_point_double_jacobian(u64 *x1, u64 *y1, u64 *z1,
static void apply_z(u64 *x1, u64 *y1, u64 *z, u64 *curve_prime,
unsigned int ndigits)
{
- u64 t1[ndigits];
+ u64 t1[ECC_MAX_DIGITS];
vli_mod_square_fast(t1, z, curve_prime, ndigits); /* z^2 */
vli_mod_mult_fast(x1, x1, t1, curve_prime, ndigits); /* x1 * z^2 */
@@ -724,7 +724,7 @@ static void xycz_initial_double(u64 *x1, u64 *y1, u64 *x2, u64 *y2,
u64 *p_initial_z, u64 *curve_prime,
unsigned int ndigits)
{
- u64 z[ndigits];
+ u64 z[ECC_MAX_DIGITS];
vli_set(x2, x1, ndigits);
vli_set(y2, y1, ndigits);
@@ -750,7 +750,7 @@ static void xycz_add(u64 *x1, u64 *y1, u64 *x2, u64 *y2, u64 *curve_prime,
unsigned int ndigits)
{
/* t1 = X1, t2 = Y1, t3 = X2, t4 = Y2 */
- u64 t5[ndigits];
+ u64 t5[ECC_MAX_DIGITS];
/* t5 = x2 - x1 */
vli_mod_sub(t5, x2, x1, curve_prime, ndigits);
@@ -791,9 +791,9 @@ static void xycz_add_c(u64 *x1, u64 *y1, u64 *x2, u64 *y2, u64 *curve_prime,
unsigned int ndigits)
{
/* t1 = X1, t2 = Y1, t3 = X2, t4 = Y2 */
- u64 t5[ndigits];
- u64 t6[ndigits];
- u64 t7[ndigits];
+ u64 t5[ECC_MAX_DIGITS];
+ u64 t6[ECC_MAX_DIGITS];
+ u64 t7[ECC_MAX_DIGITS];
/* t5 = x2 - x1 */
vli_mod_sub(t5, x2, x1, curve_prime, ndigits);
@@ -846,9 +846,9 @@ static void ecc_point_mult(struct ecc_point *result,
unsigned int ndigits)
{
/* R0 and R1 */
- u64 rx[2][ndigits];
- u64 ry[2][ndigits];
- u64 z[ndigits];
+ u64 rx[2][ECC_MAX_DIGITS];
+ u64 ry[2][ECC_MAX_DIGITS];
+ u64 z[ECC_MAX_DIGITS];
int i, nb;
int num_bits = vli_num_bits(scalar, ndigits);
@@ -943,13 +943,13 @@ int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits,
int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey)
{
const struct ecc_curve *curve = ecc_get_curve(curve_id);
- u64 priv[ndigits];
+ u64 priv[ECC_MAX_DIGITS];
unsigned int nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT;
unsigned int nbits = vli_num_bits(curve->n, ndigits);
int err;
/* Check that N is included in Table 1 of FIPS 186-4, section 6.1.1 */
- if (nbits < 160)
+ if (nbits < 160 || ndigits > ARRAY_SIZE(priv))
return -EINVAL;
/*
@@ -988,10 +988,10 @@ int ecc_make_pub_key(unsigned int curve_id, unsigned int ndigits,
{
int ret = 0;
struct ecc_point *pk;
- u64 priv[ndigits];
+ u64 priv[ECC_MAX_DIGITS];
const struct ecc_curve *curve = ecc_get_curve(curve_id);
- if (!private_key || !curve) {
+ if (!private_key || !curve || ndigits > ARRAY_SIZE(priv)) {
ret = -EINVAL;
goto out;
}
@@ -1025,30 +1025,25 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
{
int ret = 0;
struct ecc_point *product, *pk;
- u64 *priv, *rand_z;
+ u64 priv[ECC_MAX_DIGITS];
+ u64 rand_z[ECC_MAX_DIGITS];
+ unsigned int nbytes;
const struct ecc_curve *curve = ecc_get_curve(curve_id);
- if (!private_key || !public_key || !curve) {
+ if (!private_key || !public_key || !curve ||
+ ndigits > ARRAY_SIZE(priv) || ndigits > ARRAY_SIZE(rand_z)) {
ret = -EINVAL;
goto out;
}
- priv = kmalloc_array(ndigits, sizeof(*priv), GFP_KERNEL);
- if (!priv) {
- ret = -ENOMEM;
- goto out;
- }
+ nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT;
- rand_z = kmalloc_array(ndigits, sizeof(*rand_z), GFP_KERNEL);
- if (!rand_z) {
- ret = -ENOMEM;
- goto kfree_out;
- }
+ get_random_bytes(rand_z, nbytes);
pk = ecc_alloc_point(ndigits);
if (!pk) {
ret = -ENOMEM;
- goto kfree_out;
+ goto out;
}
product = ecc_alloc_point(ndigits);
@@ -1057,8 +1052,6 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
goto err_alloc_product;
}
- get_random_bytes(rand_z, ndigits << ECC_DIGITS_TO_BYTES_SHIFT);
-
ecc_swap_digits(public_key, pk->x, ndigits);
ecc_swap_digits(&public_key[ndigits], pk->y, ndigits);
ecc_swap_digits(private_key, priv, ndigits);
@@ -1073,9 +1066,6 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
ecc_free_point(product);
err_alloc_product:
ecc_free_point(pk);
-kfree_out:
- kzfree(priv);
- kzfree(rand_z);
out:
return ret;
}
diff --git a/crypto/ecc.h b/crypto/ecc.h
index e4fd4492c765..f75a86baa3bd 100644
--- a/crypto/ecc.h
+++ b/crypto/ecc.h
@@ -26,7 +26,9 @@
#ifndef _CRYPTO_ECC_H
#define _CRYPTO_ECC_H
-#define ECC_MAX_DIGITS 4 /* 256 */
+#define ECC_CURVE_NIST_P192_DIGITS 3
+#define ECC_CURVE_NIST_P256_DIGITS 4
+#define ECC_MAX_DIGITS ECC_CURVE_NIST_P256_DIGITS
#define ECC_DIGITS_TO_BYTES_SHIFT 3
diff --git a/crypto/ecdh.c b/crypto/ecdh.c
index d2ec33f0e098..bf6300175b9c 100644
--- a/crypto/ecdh.c
+++ b/crypto/ecdh.c
@@ -30,8 +30,8 @@ static inline struct ecdh_ctx *ecdh_get_ctx(struct crypto_kpp *tfm)
static unsigned int ecdh_supported_curve(unsigned int curve_id)
{
switch (curve_id) {
- case ECC_CURVE_NIST_P192: return 3;
- case ECC_CURVE_NIST_P256: return 4;
+ case ECC_CURVE_NIST_P192: return ECC_CURVE_NIST_P192_DIGITS;
+ case ECC_CURVE_NIST_P256: return ECC_CURVE_NIST_P256_DIGITS;
default: return 0;
}
}
diff --git a/crypto/morus1280.c b/crypto/morus1280.c
new file mode 100644
index 000000000000..6180b2557836
--- /dev/null
+++ b/crypto/morus1280.c
@@ -0,0 +1,549 @@
+/*
+ * The MORUS-1280 Authenticated-Encryption Algorithm
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <asm/unaligned.h>
+#include <crypto/algapi.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/morus_common.h>
+#include <crypto/scatterwalk.h>
+#include <linux/err.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/scatterlist.h>
+
+#define MORUS1280_WORD_SIZE 8
+#define MORUS1280_BLOCK_SIZE (MORUS_BLOCK_WORDS * MORUS1280_WORD_SIZE)
+#define MORUS1280_BLOCK_ALIGN (__alignof__(__le64))
+#define MORUS1280_ALIGNED(p) IS_ALIGNED((uintptr_t)p, MORUS1280_BLOCK_ALIGN)
+
+struct morus1280_block {
+ u64 words[MORUS_BLOCK_WORDS];
+};
+
+union morus1280_block_in {
+ __le64 words[MORUS_BLOCK_WORDS];
+ u8 bytes[MORUS1280_BLOCK_SIZE];
+};
+
+struct morus1280_state {
+ struct morus1280_block s[MORUS_STATE_BLOCKS];
+};
+
+struct morus1280_ctx {
+ struct morus1280_block key;
+};
+
+struct morus1280_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_chunk)(struct morus1280_state *state,
+ u8 *dst, const u8 *src, unsigned int size);
+};
+
+static const struct morus1280_block crypto_morus1280_const[1] = {
+ { .words = {
+ U64_C(0x0d08050302010100),
+ U64_C(0x6279e99059372215),
+ U64_C(0xf12fc26d55183ddb),
+ U64_C(0xdd28b57342311120),
+ } },
+};
+
+static void crypto_morus1280_round(struct morus1280_block *b0,
+ struct morus1280_block *b1,
+ struct morus1280_block *b2,
+ struct morus1280_block *b3,
+ struct morus1280_block *b4,
+ const struct morus1280_block *m,
+ unsigned int b, unsigned int w)
+{
+ unsigned int i;
+ struct morus1280_block tmp;
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ b0->words[i] ^= b1->words[i] & b2->words[i];
+ b0->words[i] ^= b3->words[i];
+ b0->words[i] ^= m->words[i];
+ b0->words[i] = rol64(b0->words[i], b);
+ }
+
+ tmp = *b3;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ b3->words[(i + w) % MORUS_BLOCK_WORDS] = tmp.words[i];
+}
+
+static void crypto_morus1280_update(struct morus1280_state *state,
+ const struct morus1280_block *m)
+{
+ static const struct morus1280_block z = {};
+
+ struct morus1280_block *s = state->s;
+
+ crypto_morus1280_round(&s[0], &s[1], &s[2], &s[3], &s[4], &z, 13, 1);
+ crypto_morus1280_round(&s[1], &s[2], &s[3], &s[4], &s[0], m, 46, 2);
+ crypto_morus1280_round(&s[2], &s[3], &s[4], &s[0], &s[1], m, 38, 3);
+ crypto_morus1280_round(&s[3], &s[4], &s[0], &s[1], &s[2], m, 7, 2);
+ crypto_morus1280_round(&s[4], &s[0], &s[1], &s[2], &s[3], m, 4, 1);
+}
+
+static void crypto_morus1280_load_a(struct morus1280_block *dst, const u8 *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ dst->words[i] = le64_to_cpu(*(const __le64 *)src);
+ src += MORUS1280_WORD_SIZE;
+ }
+}
+
+static void crypto_morus1280_load_u(struct morus1280_block *dst, const u8 *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ dst->words[i] = get_unaligned_le64(src);
+ src += MORUS1280_WORD_SIZE;
+ }
+}
+
+static void crypto_morus1280_load(struct morus1280_block *dst, const u8 *src)
+{
+ if (MORUS1280_ALIGNED(src))
+ crypto_morus1280_load_a(dst, src);
+ else
+ crypto_morus1280_load_u(dst, src);
+}
+
+static void crypto_morus1280_store_a(u8 *dst, const struct morus1280_block *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ *(__le64 *)dst = cpu_to_le64(src->words[i]);
+ dst += MORUS1280_WORD_SIZE;
+ }
+}
+
+static void crypto_morus1280_store_u(u8 *dst, const struct morus1280_block *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ put_unaligned_le64(src->words[i], dst);
+ dst += MORUS1280_WORD_SIZE;
+ }
+}
+
+static void crypto_morus1280_store(u8 *dst, const struct morus1280_block *src)
+{
+ if (MORUS1280_ALIGNED(dst))
+ crypto_morus1280_store_a(dst, src);
+ else
+ crypto_morus1280_store_u(dst, src);
+}
+
+static void crypto_morus1280_ad(struct morus1280_state *state, const u8 *src,
+ unsigned int size)
+{
+ struct morus1280_block m;
+
+ if (MORUS1280_ALIGNED(src)) {
+ while (size >= MORUS1280_BLOCK_SIZE) {
+ crypto_morus1280_load_a(&m, src);
+ crypto_morus1280_update(state, &m);
+
+ size -= MORUS1280_BLOCK_SIZE;
+ src += MORUS1280_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= MORUS1280_BLOCK_SIZE) {
+ crypto_morus1280_load_u(&m, src);
+ crypto_morus1280_update(state, &m);
+
+ size -= MORUS1280_BLOCK_SIZE;
+ src += MORUS1280_BLOCK_SIZE;
+ }
+ }
+}
+
+static void crypto_morus1280_core(const struct morus1280_state *state,
+ struct morus1280_block *blk)
+{
+ unsigned int i;
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ blk->words[(i + 3) % MORUS_BLOCK_WORDS] ^= state->s[1].words[i];
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ blk->words[i] ^= state->s[0].words[i];
+ blk->words[i] ^= state->s[2].words[i] & state->s[3].words[i];
+ }
+}
+
+static void crypto_morus1280_encrypt_chunk(struct morus1280_state *state,
+ u8 *dst, const u8 *src,
+ unsigned int size)
+{
+ struct morus1280_block c, m;
+
+ if (MORUS1280_ALIGNED(src) && MORUS1280_ALIGNED(dst)) {
+ while (size >= MORUS1280_BLOCK_SIZE) {
+ crypto_morus1280_load_a(&m, src);
+ c = m;
+ crypto_morus1280_core(state, &c);
+ crypto_morus1280_store_a(dst, &c);
+ crypto_morus1280_update(state, &m);
+
+ src += MORUS1280_BLOCK_SIZE;
+ dst += MORUS1280_BLOCK_SIZE;
+ size -= MORUS1280_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= MORUS1280_BLOCK_SIZE) {
+ crypto_morus1280_load_u(&m, src);
+ c = m;
+ crypto_morus1280_core(state, &c);
+ crypto_morus1280_store_u(dst, &c);
+ crypto_morus1280_update(state, &m);
+
+ src += MORUS1280_BLOCK_SIZE;
+ dst += MORUS1280_BLOCK_SIZE;
+ size -= MORUS1280_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union morus1280_block_in tail;
+
+ memcpy(tail.bytes, src, size);
+ memset(tail.bytes + size, 0, MORUS1280_BLOCK_SIZE - size);
+
+ crypto_morus1280_load_a(&m, tail.bytes);
+ c = m;
+ crypto_morus1280_core(state, &c);
+ crypto_morus1280_store_a(tail.bytes, &c);
+ crypto_morus1280_update(state, &m);
+
+ memcpy(dst, tail.bytes, size);
+ }
+}
+
+static void crypto_morus1280_decrypt_chunk(struct morus1280_state *state,
+ u8 *dst, const u8 *src,
+ unsigned int size)
+{
+ struct morus1280_block m;
+
+ if (MORUS1280_ALIGNED(src) && MORUS1280_ALIGNED(dst)) {
+ while (size >= MORUS1280_BLOCK_SIZE) {
+ crypto_morus1280_load_a(&m, src);
+ crypto_morus1280_core(state, &m);
+ crypto_morus1280_store_a(dst, &m);
+ crypto_morus1280_update(state, &m);
+
+ src += MORUS1280_BLOCK_SIZE;
+ dst += MORUS1280_BLOCK_SIZE;
+ size -= MORUS1280_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= MORUS1280_BLOCK_SIZE) {
+ crypto_morus1280_load_u(&m, src);
+ crypto_morus1280_core(state, &m);
+ crypto_morus1280_store_u(dst, &m);
+ crypto_morus1280_update(state, &m);
+
+ src += MORUS1280_BLOCK_SIZE;
+ dst += MORUS1280_BLOCK_SIZE;
+ size -= MORUS1280_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union morus1280_block_in tail;
+
+ memcpy(tail.bytes, src, size);
+ memset(tail.bytes + size, 0, MORUS1280_BLOCK_SIZE - size);
+
+ crypto_morus1280_load_a(&m, tail.bytes);
+ crypto_morus1280_core(state, &m);
+ crypto_morus1280_store_a(tail.bytes, &m);
+ memset(tail.bytes + size, 0, MORUS1280_BLOCK_SIZE - size);
+ crypto_morus1280_load_a(&m, tail.bytes);
+ crypto_morus1280_update(state, &m);
+
+ memcpy(dst, tail.bytes, size);
+ }
+}
+
+static void crypto_morus1280_init(struct morus1280_state *state,
+ const struct morus1280_block *key,
+ const u8 *iv)
+{
+ static const struct morus1280_block z = {};
+
+ union morus1280_block_in tmp;
+ unsigned int i;
+
+ memcpy(tmp.bytes, iv, MORUS_NONCE_SIZE);
+ memset(tmp.bytes + MORUS_NONCE_SIZE, 0,
+ MORUS1280_BLOCK_SIZE - MORUS_NONCE_SIZE);
+
+ crypto_morus1280_load(&state->s[0], tmp.bytes);
+ state->s[1] = *key;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ state->s[2].words[i] = U64_C(0xFFFFFFFFFFFFFFFF);
+ state->s[3] = z;
+ state->s[4] = crypto_morus1280_const[0];
+
+ for (i = 0; i < 16; i++)
+ crypto_morus1280_update(state, &z);
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ state->s[1].words[i] ^= key->words[i];
+}
+
+static void crypto_morus1280_process_ad(struct morus1280_state *state,
+ struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ struct morus1280_block m;
+ union morus1280_block_in buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= MORUS1280_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = MORUS1280_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+
+ crypto_morus1280_load_a(&m, buf.bytes);
+ crypto_morus1280_update(state, &m);
+
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_morus1280_ad(state, src, left);
+ src += left & ~(MORUS1280_BLOCK_SIZE - 1);
+ left &= MORUS1280_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+
+ pos += left;
+ assoclen -= size;
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, MORUS1280_BLOCK_SIZE - pos);
+
+ crypto_morus1280_load_a(&m, buf.bytes);
+ crypto_morus1280_update(state, &m);
+ }
+}
+
+static void crypto_morus1280_process_crypt(struct morus1280_state *state,
+ struct aead_request *req,
+ const struct morus1280_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *dst;
+ const u8 *src;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+
+ ops->crypt_chunk(state, dst, src, walk.nbytes);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static void crypto_morus1280_final(struct morus1280_state *state,
+ struct morus1280_block *tag_xor,
+ u64 assoclen, u64 cryptlen)
+{
+ u64 assocbits = assoclen * 8;
+ u64 cryptbits = cryptlen * 8;
+
+ struct morus1280_block tmp;
+ unsigned int i;
+
+ tmp.words[0] = cpu_to_le64(assocbits);
+ tmp.words[1] = cpu_to_le64(cryptbits);
+ tmp.words[2] = 0;
+ tmp.words[3] = 0;
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ state->s[4].words[i] ^= state->s[0].words[i];
+
+ for (i = 0; i < 10; i++)
+ crypto_morus1280_update(state, &tmp);
+
+ crypto_morus1280_core(state, tag_xor);
+}
+
+static int crypto_morus1280_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct morus1280_ctx *ctx = crypto_aead_ctx(aead);
+ union morus1280_block_in tmp;
+
+ if (keylen == MORUS1280_BLOCK_SIZE)
+ crypto_morus1280_load(&ctx->key, key);
+ else if (keylen == MORUS1280_BLOCK_SIZE / 2) {
+ memcpy(tmp.bytes, key, keylen);
+ memcpy(tmp.bytes + keylen, key, keylen);
+
+ crypto_morus1280_load(&ctx->key, tmp.bytes);
+ } else {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
+static int crypto_morus1280_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ return (authsize <= MORUS_MAX_AUTH_SIZE) ? 0 : -EINVAL;
+}
+
+static void crypto_morus1280_crypt(struct aead_request *req,
+ struct morus1280_block *tag_xor,
+ unsigned int cryptlen,
+ const struct morus1280_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus1280_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus1280_state state;
+
+ crypto_morus1280_init(&state, &ctx->key, req->iv);
+ crypto_morus1280_process_ad(&state, req->src, req->assoclen);
+ crypto_morus1280_process_crypt(&state, req, ops);
+ crypto_morus1280_final(&state, tag_xor, req->assoclen, cryptlen);
+}
+
+static int crypto_morus1280_encrypt(struct aead_request *req)
+{
+ static const struct morus1280_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_chunk = crypto_morus1280_encrypt_chunk,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus1280_block tag = {};
+ union morus1280_block_in tag_out;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_morus1280_crypt(req, &tag, cryptlen, &ops);
+ crypto_morus1280_store(tag_out.bytes, &tag);
+
+ scatterwalk_map_and_copy(tag_out.bytes, req->dst,
+ req->assoclen + cryptlen, authsize, 1);
+ return 0;
+}
+
+static int crypto_morus1280_decrypt(struct aead_request *req)
+{
+ static const struct morus1280_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_chunk = crypto_morus1280_decrypt_chunk,
+ };
+ static const u8 zeros[MORUS1280_BLOCK_SIZE] = {};
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union morus1280_block_in tag_in;
+ struct morus1280_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag_in.bytes, req->src,
+ req->assoclen + cryptlen, authsize, 0);
+
+ crypto_morus1280_load(&tag, tag_in.bytes);
+ crypto_morus1280_crypt(req, &tag, cryptlen, &ops);
+ crypto_morus1280_store(tag_in.bytes, &tag);
+
+ return crypto_memneq(tag_in.bytes, zeros, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_morus1280_init_tfm(struct crypto_aead *tfm)
+{
+ return 0;
+}
+
+static void crypto_morus1280_exit_tfm(struct crypto_aead *tfm)
+{
+}
+
+static struct aead_alg crypto_morus1280_alg = {
+ .setkey = crypto_morus1280_setkey,
+ .setauthsize = crypto_morus1280_setauthsize,
+ .encrypt = crypto_morus1280_encrypt,
+ .decrypt = crypto_morus1280_decrypt,
+ .init = crypto_morus1280_init_tfm,
+ .exit = crypto_morus1280_exit_tfm,
+
+ .ivsize = MORUS_NONCE_SIZE,
+ .maxauthsize = MORUS_MAX_AUTH_SIZE,
+ .chunksize = MORUS1280_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct morus1280_ctx),
+ .cra_alignmask = 0,
+
+ .cra_priority = 100,
+
+ .cra_name = "morus1280",
+ .cra_driver_name = "morus1280-generic",
+
+ .cra_module = THIS_MODULE,
+ }
+};
+
+
+static int __init crypto_morus1280_module_init(void)
+{
+ return crypto_register_aead(&crypto_morus1280_alg);
+}
+
+static void __exit crypto_morus1280_module_exit(void)
+{
+ crypto_unregister_aead(&crypto_morus1280_alg);
+}
+
+module_init(crypto_morus1280_module_init);
+module_exit(crypto_morus1280_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("MORUS-1280 AEAD algorithm");
+MODULE_ALIAS_CRYPTO("morus1280");
+MODULE_ALIAS_CRYPTO("morus1280-generic");
diff --git a/crypto/morus640.c b/crypto/morus640.c
new file mode 100644
index 000000000000..9fbcde307daf
--- /dev/null
+++ b/crypto/morus640.c
@@ -0,0 +1,544 @@
+/*
+ * The MORUS-640 Authenticated-Encryption Algorithm
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include <asm/unaligned.h>
+#include <crypto/algapi.h>
+#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
+#include <crypto/morus_common.h>
+#include <crypto/scatterwalk.h>
+#include <linux/err.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/scatterlist.h>
+
+#define MORUS640_WORD_SIZE 4
+#define MORUS640_BLOCK_SIZE (MORUS_BLOCK_WORDS * MORUS640_WORD_SIZE)
+#define MORUS640_BLOCK_ALIGN (__alignof__(__le32))
+#define MORUS640_ALIGNED(p) IS_ALIGNED((uintptr_t)p, MORUS640_BLOCK_ALIGN)
+
+struct morus640_block {
+ u32 words[MORUS_BLOCK_WORDS];
+};
+
+union morus640_block_in {
+ __le32 words[MORUS_BLOCK_WORDS];
+ u8 bytes[MORUS640_BLOCK_SIZE];
+};
+
+struct morus640_state {
+ struct morus640_block s[MORUS_STATE_BLOCKS];
+};
+
+struct morus640_ctx {
+ struct morus640_block key;
+};
+
+struct morus640_ops {
+ int (*skcipher_walk_init)(struct skcipher_walk *walk,
+ struct aead_request *req, bool atomic);
+
+ void (*crypt_chunk)(struct morus640_state *state,
+ u8 *dst, const u8 *src, unsigned int size);
+};
+
+static const struct morus640_block crypto_morus640_const[2] = {
+ { .words = {
+ U32_C(0x02010100),
+ U32_C(0x0d080503),
+ U32_C(0x59372215),
+ U32_C(0x6279e990),
+ } },
+ { .words = {
+ U32_C(0x55183ddb),
+ U32_C(0xf12fc26d),
+ U32_C(0x42311120),
+ U32_C(0xdd28b573),
+ } },
+};
+
+static void crypto_morus640_round(struct morus640_block *b0,
+ struct morus640_block *b1,
+ struct morus640_block *b2,
+ struct morus640_block *b3,
+ struct morus640_block *b4,
+ const struct morus640_block *m,
+ unsigned int b, unsigned int w)
+{
+ unsigned int i;
+ struct morus640_block tmp;
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ b0->words[i] ^= b1->words[i] & b2->words[i];
+ b0->words[i] ^= b3->words[i];
+ b0->words[i] ^= m->words[i];
+ b0->words[i] = rol32(b0->words[i], b);
+ }
+
+ tmp = *b3;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ b3->words[(i + w) % MORUS_BLOCK_WORDS] = tmp.words[i];
+}
+
+static void crypto_morus640_update(struct morus640_state *state,
+ const struct morus640_block *m)
+{
+ static const struct morus640_block z = {};
+
+ struct morus640_block *s = state->s;
+
+ crypto_morus640_round(&s[0], &s[1], &s[2], &s[3], &s[4], &z, 5, 1);
+ crypto_morus640_round(&s[1], &s[2], &s[3], &s[4], &s[0], m, 31, 2);
+ crypto_morus640_round(&s[2], &s[3], &s[4], &s[0], &s[1], m, 7, 3);
+ crypto_morus640_round(&s[3], &s[4], &s[0], &s[1], &s[2], m, 22, 2);
+ crypto_morus640_round(&s[4], &s[0], &s[1], &s[2], &s[3], m, 13, 1);
+}
+
+static void crypto_morus640_load_a(struct morus640_block *dst, const u8 *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ dst->words[i] = le32_to_cpu(*(const __le32 *)src);
+ src += MORUS640_WORD_SIZE;
+ }
+}
+
+static void crypto_morus640_load_u(struct morus640_block *dst, const u8 *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ dst->words[i] = get_unaligned_le32(src);
+ src += MORUS640_WORD_SIZE;
+ }
+}
+
+static void crypto_morus640_load(struct morus640_block *dst, const u8 *src)
+{
+ if (MORUS640_ALIGNED(src))
+ crypto_morus640_load_a(dst, src);
+ else
+ crypto_morus640_load_u(dst, src);
+}
+
+static void crypto_morus640_store_a(u8 *dst, const struct morus640_block *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ *(__le32 *)dst = cpu_to_le32(src->words[i]);
+ dst += MORUS640_WORD_SIZE;
+ }
+}
+
+static void crypto_morus640_store_u(u8 *dst, const struct morus640_block *src)
+{
+ unsigned int i;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ put_unaligned_le32(src->words[i], dst);
+ dst += MORUS640_WORD_SIZE;
+ }
+}
+
+static void crypto_morus640_store(u8 *dst, const struct morus640_block *src)
+{
+ if (MORUS640_ALIGNED(dst))
+ crypto_morus640_store_a(dst, src);
+ else
+ crypto_morus640_store_u(dst, src);
+}
+
+static void crypto_morus640_ad(struct morus640_state *state, const u8 *src,
+ unsigned int size)
+{
+ struct morus640_block m;
+
+ if (MORUS640_ALIGNED(src)) {
+ while (size >= MORUS640_BLOCK_SIZE) {
+ crypto_morus640_load_a(&m, src);
+ crypto_morus640_update(state, &m);
+
+ size -= MORUS640_BLOCK_SIZE;
+ src += MORUS640_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= MORUS640_BLOCK_SIZE) {
+ crypto_morus640_load_u(&m, src);
+ crypto_morus640_update(state, &m);
+
+ size -= MORUS640_BLOCK_SIZE;
+ src += MORUS640_BLOCK_SIZE;
+ }
+ }
+}
+
+static void crypto_morus640_core(const struct morus640_state *state,
+ struct morus640_block *blk)
+{
+ unsigned int i;
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ blk->words[(i + 3) % MORUS_BLOCK_WORDS] ^= state->s[1].words[i];
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++) {
+ blk->words[i] ^= state->s[0].words[i];
+ blk->words[i] ^= state->s[2].words[i] & state->s[3].words[i];
+ }
+}
+
+static void crypto_morus640_encrypt_chunk(struct morus640_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ struct morus640_block c, m;
+
+ if (MORUS640_ALIGNED(src) && MORUS640_ALIGNED(dst)) {
+ while (size >= MORUS640_BLOCK_SIZE) {
+ crypto_morus640_load_a(&m, src);
+ c = m;
+ crypto_morus640_core(state, &c);
+ crypto_morus640_store_a(dst, &c);
+ crypto_morus640_update(state, &m);
+
+ src += MORUS640_BLOCK_SIZE;
+ dst += MORUS640_BLOCK_SIZE;
+ size -= MORUS640_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= MORUS640_BLOCK_SIZE) {
+ crypto_morus640_load_u(&m, src);
+ c = m;
+ crypto_morus640_core(state, &c);
+ crypto_morus640_store_u(dst, &c);
+ crypto_morus640_update(state, &m);
+
+ src += MORUS640_BLOCK_SIZE;
+ dst += MORUS640_BLOCK_SIZE;
+ size -= MORUS640_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union morus640_block_in tail;
+
+ memcpy(tail.bytes, src, size);
+ memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size);
+
+ crypto_morus640_load_a(&m, tail.bytes);
+ c = m;
+ crypto_morus640_core(state, &c);
+ crypto_morus640_store_a(tail.bytes, &c);
+ crypto_morus640_update(state, &m);
+
+ memcpy(dst, tail.bytes, size);
+ }
+}
+
+static void crypto_morus640_decrypt_chunk(struct morus640_state *state, u8 *dst,
+ const u8 *src, unsigned int size)
+{
+ struct morus640_block m;
+
+ if (MORUS640_ALIGNED(src) && MORUS640_ALIGNED(dst)) {
+ while (size >= MORUS640_BLOCK_SIZE) {
+ crypto_morus640_load_a(&m, src);
+ crypto_morus640_core(state, &m);
+ crypto_morus640_store_a(dst, &m);
+ crypto_morus640_update(state, &m);
+
+ src += MORUS640_BLOCK_SIZE;
+ dst += MORUS640_BLOCK_SIZE;
+ size -= MORUS640_BLOCK_SIZE;
+ }
+ } else {
+ while (size >= MORUS640_BLOCK_SIZE) {
+ crypto_morus640_load_u(&m, src);
+ crypto_morus640_core(state, &m);
+ crypto_morus640_store_u(dst, &m);
+ crypto_morus640_update(state, &m);
+
+ src += MORUS640_BLOCK_SIZE;
+ dst += MORUS640_BLOCK_SIZE;
+ size -= MORUS640_BLOCK_SIZE;
+ }
+ }
+
+ if (size > 0) {
+ union morus640_block_in tail;
+
+ memcpy(tail.bytes, src, size);
+
+ crypto_morus640_load_a(&m, src);
+ crypto_morus640_core(state, &m);
+ crypto_morus640_store_a(tail.bytes, &m);
+ memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size);
+ crypto_morus640_load_a(&m, tail.bytes);
+ crypto_morus640_update(state, &m);
+
+ memcpy(dst, tail.bytes, size);
+ }
+}
+
+static void crypto_morus640_init(struct morus640_state *state,
+ const struct morus640_block *key,
+ const u8 *iv)
+{
+ static const struct morus640_block z = {};
+
+ unsigned int i;
+
+ crypto_morus640_load(&state->s[0], iv);
+ state->s[1] = *key;
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ state->s[2].words[i] = U32_C(0xFFFFFFFF);
+ state->s[3] = crypto_morus640_const[0];
+ state->s[4] = crypto_morus640_const[1];
+
+ for (i = 0; i < 16; i++)
+ crypto_morus640_update(state, &z);
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ state->s[1].words[i] ^= key->words[i];
+}
+
+static void crypto_morus640_process_ad(struct morus640_state *state,
+ struct scatterlist *sg_src,
+ unsigned int assoclen)
+{
+ struct scatter_walk walk;
+ struct morus640_block m;
+ union morus640_block_in buf;
+ unsigned int pos = 0;
+
+ scatterwalk_start(&walk, sg_src);
+ while (assoclen != 0) {
+ unsigned int size = scatterwalk_clamp(&walk, assoclen);
+ unsigned int left = size;
+ void *mapped = scatterwalk_map(&walk);
+ const u8 *src = (const u8 *)mapped;
+
+ if (pos + size >= MORUS640_BLOCK_SIZE) {
+ if (pos > 0) {
+ unsigned int fill = MORUS640_BLOCK_SIZE - pos;
+ memcpy(buf.bytes + pos, src, fill);
+
+ crypto_morus640_load_a(&m, buf.bytes);
+ crypto_morus640_update(state, &m);
+
+ pos = 0;
+ left -= fill;
+ src += fill;
+ }
+
+ crypto_morus640_ad(state, src, left);
+ src += left & ~(MORUS640_BLOCK_SIZE - 1);
+ left &= MORUS640_BLOCK_SIZE - 1;
+ }
+
+ memcpy(buf.bytes + pos, src, left);
+
+ pos += left;
+ assoclen -= size;
+ scatterwalk_unmap(mapped);
+ scatterwalk_advance(&walk, size);
+ scatterwalk_done(&walk, 0, assoclen);
+ }
+
+ if (pos > 0) {
+ memset(buf.bytes + pos, 0, MORUS640_BLOCK_SIZE - pos);
+
+ crypto_morus640_load_a(&m, buf.bytes);
+ crypto_morus640_update(state, &m);
+ }
+}
+
+static void crypto_morus640_process_crypt(struct morus640_state *state,
+ struct aead_request *req,
+ const struct morus640_ops *ops)
+{
+ struct skcipher_walk walk;
+ u8 *dst;
+ const u8 *src;
+
+ ops->skcipher_walk_init(&walk, req, false);
+
+ while (walk.nbytes) {
+ src = walk.src.virt.addr;
+ dst = walk.dst.virt.addr;
+
+ ops->crypt_chunk(state, dst, src, walk.nbytes);
+
+ skcipher_walk_done(&walk, 0);
+ }
+}
+
+static void crypto_morus640_final(struct morus640_state *state,
+ struct morus640_block *tag_xor,
+ u64 assoclen, u64 cryptlen)
+{
+ u64 assocbits = assoclen * 8;
+ u64 cryptbits = cryptlen * 8;
+
+ u32 assocbits_lo = (u32)assocbits;
+ u32 assocbits_hi = (u32)(assocbits >> 32);
+ u32 cryptbits_lo = (u32)cryptbits;
+ u32 cryptbits_hi = (u32)(cryptbits >> 32);
+
+ struct morus640_block tmp;
+ unsigned int i;
+
+ tmp.words[0] = cpu_to_le32(assocbits_lo);
+ tmp.words[1] = cpu_to_le32(assocbits_hi);
+ tmp.words[2] = cpu_to_le32(cryptbits_lo);
+ tmp.words[3] = cpu_to_le32(cryptbits_hi);
+
+ for (i = 0; i < MORUS_BLOCK_WORDS; i++)
+ state->s[4].words[i] ^= state->s[0].words[i];
+
+ for (i = 0; i < 10; i++)
+ crypto_morus640_update(state, &tmp);
+
+ crypto_morus640_core(state, tag_xor);
+}
+
+static int crypto_morus640_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen)
+{
+ struct morus640_ctx *ctx = crypto_aead_ctx(aead);
+
+ if (keylen != MORUS640_BLOCK_SIZE) {
+ crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ crypto_morus640_load(&ctx->key, key);
+ return 0;
+}
+
+static int crypto_morus640_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize)
+{
+ return (authsize <= MORUS_MAX_AUTH_SIZE) ? 0 : -EINVAL;
+}
+
+static void crypto_morus640_crypt(struct aead_request *req,
+ struct morus640_block *tag_xor,
+ unsigned int cryptlen,
+ const struct morus640_ops *ops)
+{
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus640_ctx *ctx = crypto_aead_ctx(tfm);
+ struct morus640_state state;
+
+ crypto_morus640_init(&state, &ctx->key, req->iv);
+ crypto_morus640_process_ad(&state, req->src, req->assoclen);
+ crypto_morus640_process_crypt(&state, req, ops);
+ crypto_morus640_final(&state, tag_xor, req->assoclen, cryptlen);
+}
+
+static int crypto_morus640_encrypt(struct aead_request *req)
+{
+ static const struct morus640_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_encrypt,
+ .crypt_chunk = crypto_morus640_encrypt_chunk,
+ };
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct morus640_block tag = {};
+ union morus640_block_in tag_out;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen;
+
+ crypto_morus640_crypt(req, &tag, cryptlen, &ops);
+ crypto_morus640_store(tag_out.bytes, &tag);
+
+ scatterwalk_map_and_copy(tag_out.bytes, req->dst,
+ req->assoclen + cryptlen, authsize, 1);
+ return 0;
+}
+
+static int crypto_morus640_decrypt(struct aead_request *req)
+{
+ static const struct morus640_ops ops = {
+ .skcipher_walk_init = skcipher_walk_aead_decrypt,
+ .crypt_chunk = crypto_morus640_decrypt_chunk,
+ };
+ static const u8 zeros[MORUS640_BLOCK_SIZE] = {};
+
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ union morus640_block_in tag_in;
+ struct morus640_block tag;
+ unsigned int authsize = crypto_aead_authsize(tfm);
+ unsigned int cryptlen = req->cryptlen - authsize;
+
+ scatterwalk_map_and_copy(tag_in.bytes, req->src,
+ req->assoclen + cryptlen, authsize, 0);
+
+ crypto_morus640_load(&tag, tag_in.bytes);
+ crypto_morus640_crypt(req, &tag, cryptlen, &ops);
+ crypto_morus640_store(tag_in.bytes, &tag);
+
+ return crypto_memneq(tag_in.bytes, zeros, authsize) ? -EBADMSG : 0;
+}
+
+static int crypto_morus640_init_tfm(struct crypto_aead *tfm)
+{
+ return 0;
+}
+
+static void crypto_morus640_exit_tfm(struct crypto_aead *tfm)
+{
+}
+
+static struct aead_alg crypto_morus640_alg = {
+ .setkey = crypto_morus640_setkey,
+ .setauthsize = crypto_morus640_setauthsize,
+ .encrypt = crypto_morus640_encrypt,
+ .decrypt = crypto_morus640_decrypt,
+ .init = crypto_morus640_init_tfm,
+ .exit = crypto_morus640_exit_tfm,
+
+ .ivsize = MORUS_NONCE_SIZE,
+ .maxauthsize = MORUS_MAX_AUTH_SIZE,
+ .chunksize = MORUS640_BLOCK_SIZE,
+
+ .base = {
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD,
+ .cra_blocksize = 1,
+ .cra_ctxsize = sizeof(struct morus640_ctx),
+ .cra_alignmask = 0,
+
+ .cra_priority = 100,
+
+ .cra_name = "morus640",
+ .cra_driver_name = "morus640-generic",
+
+ .cra_module = THIS_MODULE,
+ }
+};
+
+static int __init crypto_morus640_module_init(void)
+{
+ return crypto_register_aead(&crypto_morus640_alg);
+}
+
+static void __exit crypto_morus640_module_exit(void)
+{
+ crypto_unregister_aead(&crypto_morus640_alg);
+}
+
+module_init(crypto_morus640_module_init);
+module_exit(crypto_morus640_module_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Ondrej Mosnacek <omosnacek@gmail.com>");
+MODULE_DESCRIPTION("MORUS-640 AEAD algorithm");
+MODULE_ALIAS_CRYPTO("morus640");
+MODULE_ALIAS_CRYPTO("morus640-generic");
diff --git a/crypto/pcbc.c b/crypto/pcbc.c
index d9e45a958720..ef802f6e9642 100644
--- a/crypto/pcbc.c
+++ b/crypto/pcbc.c
@@ -14,6 +14,7 @@
*
*/
+#include <crypto/algapi.h>
#include <crypto/internal/skcipher.h>
#include <linux/err.h>
#include <linux/init.h>
@@ -72,7 +73,7 @@ static int crypto_pcbc_encrypt_inplace(struct skcipher_request *req,
unsigned int nbytes = walk->nbytes;
u8 *src = walk->src.virt.addr;
u8 *iv = walk->iv;
- u8 tmpbuf[bsize];
+ u8 tmpbuf[MAX_CIPHER_BLOCKSIZE];
do {
memcpy(tmpbuf, src, bsize);
@@ -144,7 +145,7 @@ static int crypto_pcbc_decrypt_inplace(struct skcipher_request *req,
unsigned int nbytes = walk->nbytes;
u8 *src = walk->src.virt.addr;
u8 *iv = walk->iv;
- u8 tmpbuf[bsize] __aligned(__alignof__(u32));
+ u8 tmpbuf[MAX_CIPHER_BLOCKSIZE] __aligned(__alignof__(u32));
do {
memcpy(tmpbuf, src, bsize);
diff --git a/crypto/rsa.c b/crypto/rsa.c
index b067f3a93880..4167980c243d 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -215,7 +215,6 @@ static int rsa_verify(struct akcipher_request *req)
goto err_free_m;
}
- ret = -ENOMEM;
s = mpi_read_raw_from_sgl(req->src, req->src_len);
if (!s) {
ret = -ENOMEM;
diff --git a/crypto/salsa20_generic.c b/crypto/salsa20_generic.c
index 5074006a56c3..8c77bc78a09f 100644
--- a/crypto/salsa20_generic.c
+++ b/crypto/salsa20_generic.c
@@ -21,9 +21,17 @@
#include <asm/unaligned.h>
#include <crypto/internal/skcipher.h>
-#include <crypto/salsa20.h>
#include <linux/module.h>
+#define SALSA20_IV_SIZE 8
+#define SALSA20_MIN_KEY_SIZE 16
+#define SALSA20_MAX_KEY_SIZE 32
+#define SALSA20_BLOCK_SIZE 64
+
+struct salsa20_ctx {
+ u32 initial_state[16];
+};
+
static void salsa20_block(u32 *state, __le32 *stream)
{
u32 x[16];
@@ -93,16 +101,15 @@ static void salsa20_docrypt(u32 *state, u8 *dst, const u8 *src,
}
}
-void crypto_salsa20_init(u32 *state, const struct salsa20_ctx *ctx,
+static void salsa20_init(u32 *state, const struct salsa20_ctx *ctx,
const u8 *iv)
{
memcpy(state, ctx->initial_state, sizeof(ctx->initial_state));
state[6] = get_unaligned_le32(iv + 0);
state[7] = get_unaligned_le32(iv + 4);
}
-EXPORT_SYMBOL_GPL(crypto_salsa20_init);
-int crypto_salsa20_setkey(struct crypto_skcipher *tfm, const u8 *key,
+static int salsa20_setkey(struct crypto_skcipher *tfm, const u8 *key,
unsigned int keysize)
{
static const char sigma[16] = "expand 32-byte k";
@@ -143,7 +150,6 @@ int crypto_salsa20_setkey(struct crypto_skcipher *tfm, const u8 *key,
return 0;
}
-EXPORT_SYMBOL_GPL(crypto_salsa20_setkey);
static int salsa20_crypt(struct skcipher_request *req)
{
@@ -155,7 +161,7 @@ static int salsa20_crypt(struct skcipher_request *req)
err = skcipher_walk_virt(&walk, req, true);
- crypto_salsa20_init(state, ctx, walk.iv);
+ salsa20_init(state, ctx, walk.iv);
while (walk.nbytes > 0) {
unsigned int nbytes = walk.nbytes;
@@ -183,7 +189,7 @@ static struct skcipher_alg alg = {
.max_keysize = SALSA20_MAX_KEY_SIZE,
.ivsize = SALSA20_IV_SIZE,
.chunksize = SALSA20_BLOCK_SIZE,
- .setkey = crypto_salsa20_setkey,
+ .setkey = salsa20_setkey,
.encrypt = salsa20_crypt,
.decrypt = salsa20_crypt,
};
diff --git a/crypto/sm4_generic.c b/crypto/sm4_generic.c
index f537a2766c55..c18eebfd5edd 100644
--- a/crypto/sm4_generic.c
+++ b/crypto/sm4_generic.c
@@ -190,21 +190,23 @@ static void sm4_do_crypt(const u32 *rk, u32 *out, const u32 *in)
/* encrypt a block of text */
-static void sm4_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
+void crypto_sm4_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
const struct crypto_sm4_ctx *ctx = crypto_tfm_ctx(tfm);
sm4_do_crypt(ctx->rkey_enc, (u32 *)out, (u32 *)in);
}
+EXPORT_SYMBOL_GPL(crypto_sm4_encrypt);
/* decrypt a block of text */
-static void sm4_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
+void crypto_sm4_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
const struct crypto_sm4_ctx *ctx = crypto_tfm_ctx(tfm);
sm4_do_crypt(ctx->rkey_dec, (u32 *)out, (u32 *)in);
}
+EXPORT_SYMBOL_GPL(crypto_sm4_decrypt);
static struct crypto_alg sm4_alg = {
.cra_name = "sm4",
@@ -219,8 +221,8 @@ static struct crypto_alg sm4_alg = {
.cia_min_keysize = SM4_KEY_SIZE,
.cia_max_keysize = SM4_KEY_SIZE,
.cia_setkey = crypto_sm4_set_key,
- .cia_encrypt = sm4_encrypt,
- .cia_decrypt = sm4_decrypt
+ .cia_encrypt = crypto_sm4_encrypt,
+ .cia_decrypt = crypto_sm4_decrypt
}
}
};
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 51fe7c8744ae..d5bcdd905007 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -158,9 +158,9 @@ struct test_mb_aead_data {
};
static int do_mult_aead_op(struct test_mb_aead_data *data, int enc,
- u32 num_mb)
+ u32 num_mb, int *rc)
{
- int i, rc[num_mb], err = 0;
+ int i, err = 0;
/* Fire up a bunch of concurrent requests */
for (i = 0; i < num_mb; i++) {
@@ -188,18 +188,26 @@ static int test_mb_aead_jiffies(struct test_mb_aead_data *data, int enc,
{
unsigned long start, end;
int bcount;
- int ret;
+ int ret = 0;
+ int *rc;
+
+ rc = kcalloc(num_mb, sizeof(*rc), GFP_KERNEL);
+ if (!rc)
+ return -ENOMEM;
for (start = jiffies, end = start + secs * HZ, bcount = 0;
time_before(jiffies, end); bcount++) {
- ret = do_mult_aead_op(data, enc, num_mb);
+ ret = do_mult_aead_op(data, enc, num_mb, rc);
if (ret)
- return ret;
+ goto out;
}
pr_cont("%d operations in %d seconds (%ld bytes)\n",
bcount * num_mb, secs, (long)bcount * blen * num_mb);
- return 0;
+
+out:
+ kfree(rc);
+ return ret;
}
static int test_mb_aead_cycles(struct test_mb_aead_data *data, int enc,
@@ -208,10 +216,15 @@ static int test_mb_aead_cycles(struct test_mb_aead_data *data, int enc,
unsigned long cycles = 0;
int ret = 0;
int i;
+ int *rc;
+
+ rc = kcalloc(num_mb, sizeof(*rc), GFP_KERNEL);
+ if (!rc)
+ return -ENOMEM;
/* Warm-up run. */
for (i = 0; i < 4; i++) {
- ret = do_mult_aead_op(data, enc, num_mb);
+ ret = do_mult_aead_op(data, enc, num_mb, rc);
if (ret)
goto out;
}
@@ -221,7 +234,7 @@ static int test_mb_aead_cycles(struct test_mb_aead_data *data, int enc,
cycles_t start, end;
start = get_cycles();
- ret = do_mult_aead_op(data, enc, num_mb);
+ ret = do_mult_aead_op(data, enc, num_mb, rc);
end = get_cycles();
if (ret)
@@ -230,11 +243,11 @@ static int test_mb_aead_cycles(struct test_mb_aead_data *data, int enc,
cycles += end - start;
}
-out:
- if (ret == 0)
- pr_cont("1 operation in %lu cycles (%d bytes)\n",
- (cycles + 4) / (8 * num_mb), blen);
+ pr_cont("1 operation in %lu cycles (%d bytes)\n",
+ (cycles + 4) / (8 * num_mb), blen);
+out:
+ kfree(rc);
return ret;
}
@@ -705,9 +718,10 @@ struct test_mb_ahash_data {
char *xbuf[XBUFSIZE];
};
-static inline int do_mult_ahash_op(struct test_mb_ahash_data *data, u32 num_mb)
+static inline int do_mult_ahash_op(struct test_mb_ahash_data *data, u32 num_mb,
+ int *rc)
{
- int i, rc[num_mb], err = 0;
+ int i, err = 0;
/* Fire up a bunch of concurrent requests */
for (i = 0; i < num_mb; i++)
@@ -731,18 +745,26 @@ static int test_mb_ahash_jiffies(struct test_mb_ahash_data *data, int blen,
{
unsigned long start, end;
int bcount;
- int ret;
+ int ret = 0;
+ int *rc;
+
+ rc = kcalloc(num_mb, sizeof(*rc), GFP_KERNEL);
+ if (!rc)
+ return -ENOMEM;
for (start = jiffies, end = start + secs * HZ, bcount = 0;
time_before(jiffies, end); bcount++) {
- ret = do_mult_ahash_op(data, num_mb);
+ ret = do_mult_ahash_op(data, num_mb, rc);
if (ret)
- return ret;
+ goto out;
}
pr_cont("%d operations in %d seconds (%ld bytes)\n",
bcount * num_mb, secs, (long)bcount * blen * num_mb);
- return 0;
+
+out:
+ kfree(rc);
+ return ret;
}
static int test_mb_ahash_cycles(struct test_mb_ahash_data *data, int blen,
@@ -751,10 +773,15 @@ static int test_mb_ahash_cycles(struct test_mb_ahash_data *data, int blen,
unsigned long cycles = 0;
int ret = 0;
int i;
+ int *rc;
+
+ rc = kcalloc(num_mb, sizeof(*rc), GFP_KERNEL);
+ if (!rc)
+ return -ENOMEM;
/* Warm-up run. */
for (i = 0; i < 4; i++) {
- ret = do_mult_ahash_op(data, num_mb);
+ ret = do_mult_ahash_op(data, num_mb, rc);
if (ret)
goto out;
}
@@ -764,7 +791,7 @@ static int test_mb_ahash_cycles(struct test_mb_ahash_data *data, int blen,
cycles_t start, end;
start = get_cycles();
- ret = do_mult_ahash_op(data, num_mb);
+ ret = do_mult_ahash_op(data, num_mb, rc);
end = get_cycles();
if (ret)
@@ -773,11 +800,11 @@ static int test_mb_ahash_cycles(struct test_mb_ahash_data *data, int blen,
cycles += end - start;
}
-out:
- if (ret == 0)
- pr_cont("1 operation in %lu cycles (%d bytes)\n",
- (cycles + 4) / (8 * num_mb), blen);
+ pr_cont("1 operation in %lu cycles (%d bytes)\n",
+ (cycles + 4) / (8 * num_mb), blen);
+out:
+ kfree(rc);
return ret;
}
@@ -1118,9 +1145,9 @@ struct test_mb_skcipher_data {
};
static int do_mult_acipher_op(struct test_mb_skcipher_data *data, int enc,
- u32 num_mb)
+ u32 num_mb, int *rc)
{
- int i, rc[num_mb], err = 0;
+ int i, err = 0;
/* Fire up a bunch of concurrent requests */
for (i = 0; i < num_mb; i++) {
@@ -1148,18 +1175,26 @@ static int test_mb_acipher_jiffies(struct test_mb_skcipher_data *data, int enc,
{
unsigned long start, end;
int bcount;
- int ret;
+ int ret = 0;
+ int *rc;
+
+ rc = kcalloc(num_mb, sizeof(*rc), GFP_KERNEL);
+ if (!rc)
+ return -ENOMEM;
for (start = jiffies, end = start + secs * HZ, bcount = 0;
time_before(jiffies, end); bcount++) {
- ret = do_mult_acipher_op(data, enc, num_mb);
+ ret = do_mult_acipher_op(data, enc, num_mb, rc);
if (ret)
- return ret;
+ goto out;
}
pr_cont("%d operations in %d seconds (%ld bytes)\n",
bcount * num_mb, secs, (long)bcount * blen * num_mb);
- return 0;
+
+out:
+ kfree(rc);
+ return ret;
}
static int test_mb_acipher_cycles(struct test_mb_skcipher_data *data, int enc,
@@ -1168,10 +1203,15 @@ static int test_mb_acipher_cycles(struct test_mb_skcipher_data *data, int enc,
unsigned long cycles = 0;
int ret = 0;
int i;
+ int *rc;
+
+ rc = kcalloc(num_mb, sizeof(*rc), GFP_KERNEL);
+ if (!rc)
+ return -ENOMEM;
/* Warm-up run. */
for (i = 0; i < 4; i++) {
- ret = do_mult_acipher_op(data, enc, num_mb);
+ ret = do_mult_acipher_op(data, enc, num_mb, rc);
if (ret)
goto out;
}
@@ -1181,7 +1221,7 @@ static int test_mb_acipher_cycles(struct test_mb_skcipher_data *data, int enc,
cycles_t start, end;
start = get_cycles();
- ret = do_mult_acipher_op(data, enc, num_mb);
+ ret = do_mult_acipher_op(data, enc, num_mb, rc);
end = get_cycles();
if (ret)
@@ -1190,11 +1230,11 @@ static int test_mb_acipher_cycles(struct test_mb_skcipher_data *data, int enc,
cycles += end - start;
}
-out:
- if (ret == 0)
- pr_cont("1 operation in %lu cycles (%d bytes)\n",
- (cycles + 4) / (8 * num_mb), blen);
+ pr_cont("1 operation in %lu cycles (%d bytes)\n",
+ (cycles + 4) / (8 * num_mb), blen);
+out:
+ kfree(rc);
return ret;
}
@@ -1606,7 +1646,7 @@ static inline int tcrypt_test(const char *alg)
return ret;
}
-static int do_test(const char *alg, u32 type, u32 mask, int m)
+static int do_test(const char *alg, u32 type, u32 mask, int m, u32 num_mb)
{
int i;
int ret = 0;
@@ -1621,7 +1661,7 @@ static int do_test(const char *alg, u32 type, u32 mask, int m)
}
for (i = 1; i < 200; i++)
- ret += do_test(NULL, 0, 0, i);
+ ret += do_test(NULL, 0, 0, i, num_mb);
break;
case 1:
@@ -1902,10 +1942,6 @@ static int do_test(const char *alg, u32 type, u32 mask, int m)
ret += tcrypt_test("vmac(aes)");
break;
- case 110:
- ret += tcrypt_test("hmac(crc32)");
- break;
-
case 111:
ret += tcrypt_test("hmac(sha3-224)");
break;
@@ -2903,7 +2939,7 @@ static int __init tcrypt_mod_init(void)
goto err_free_tv;
}
- err = do_test(alg, type, mask, mode);
+ err = do_test(alg, type, mask, mode, num_mb);
if (err) {
printk(KERN_ERR "tcrypt: one or more tests failed!\n");
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index af4a01c5037b..d1d99843cce4 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -84,10 +84,8 @@ struct aead_test_suite {
};
struct cipher_test_suite {
- struct {
- const struct cipher_testvec *vecs;
- unsigned int count;
- } enc, dec;
+ const struct cipher_testvec *vecs;
+ unsigned int count;
};
struct comp_test_suite {
@@ -988,6 +986,7 @@ static int test_cipher(struct crypto_cipher *tfm, int enc,
unsigned int i, j, k;
char *q;
const char *e;
+ const char *input, *result;
void *data;
char *xbuf[XBUFSIZE];
int ret = -ENOMEM;
@@ -1008,14 +1007,16 @@ static int test_cipher(struct crypto_cipher *tfm, int enc,
if (fips_enabled && template[i].fips_skip)
continue;
+ input = enc ? template[i].ptext : template[i].ctext;
+ result = enc ? template[i].ctext : template[i].ptext;
j++;
ret = -EINVAL;
- if (WARN_ON(template[i].ilen > PAGE_SIZE))
+ if (WARN_ON(template[i].len > PAGE_SIZE))
goto out;
data = xbuf[0];
- memcpy(data, template[i].input, template[i].ilen);
+ memcpy(data, input, template[i].len);
crypto_cipher_clear_flags(tfm, ~0);
if (template[i].wk)
@@ -1031,7 +1032,7 @@ static int test_cipher(struct crypto_cipher *tfm, int enc,
} else if (ret)
continue;
- for (k = 0; k < template[i].ilen;
+ for (k = 0; k < template[i].len;
k += crypto_cipher_blocksize(tfm)) {
if (enc)
crypto_cipher_encrypt_one(tfm, data + k,
@@ -1042,10 +1043,10 @@ static int test_cipher(struct crypto_cipher *tfm, int enc,
}
q = data;
- if (memcmp(q, template[i].result, template[i].rlen)) {
+ if (memcmp(q, result, template[i].len)) {
printk(KERN_ERR "alg: cipher: Test %d failed "
"on %s for %s\n", j, e, algo);
- hexdump(q, template[i].rlen);
+ hexdump(q, template[i].len);
ret = -EINVAL;
goto out;
}
@@ -1073,6 +1074,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
struct scatterlist sgout[8];
const char *e, *d;
struct crypto_wait wait;
+ const char *input, *result;
void *data;
char iv[MAX_IVLEN];
char *xbuf[XBUFSIZE];
@@ -1116,19 +1118,21 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
if (fips_enabled && template[i].fips_skip)
continue;
- if (template[i].iv)
+ if (template[i].iv && !(template[i].generates_iv && enc))
memcpy(iv, template[i].iv, ivsize);
else
memset(iv, 0, MAX_IVLEN);
+ input = enc ? template[i].ptext : template[i].ctext;
+ result = enc ? template[i].ctext : template[i].ptext;
j++;
ret = -EINVAL;
- if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
+ if (WARN_ON(align_offset + template[i].len > PAGE_SIZE))
goto out;
data = xbuf[0];
data += align_offset;
- memcpy(data, template[i].input, template[i].ilen);
+ memcpy(data, input, template[i].len);
crypto_skcipher_clear_flags(tfm, ~0);
if (template[i].wk)
@@ -1144,15 +1148,15 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
} else if (ret)
continue;
- sg_init_one(&sg[0], data, template[i].ilen);
+ sg_init_one(&sg[0], data, template[i].len);
if (diff_dst) {
data = xoutbuf[0];
data += align_offset;
- sg_init_one(&sgout[0], data, template[i].ilen);
+ sg_init_one(&sgout[0], data, template[i].len);
}
skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
- template[i].ilen, iv);
+ template[i].len, iv);
ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) :
crypto_skcipher_decrypt(req), &wait);
@@ -1163,17 +1167,16 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
}
q = data;
- if (memcmp(q, template[i].result, template[i].rlen)) {
+ if (memcmp(q, result, template[i].len)) {
pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n",
d, j, e, algo);
- hexdump(q, template[i].rlen);
+ hexdump(q, template[i].len);
ret = -EINVAL;
goto out;
}
- if (template[i].iv_out &&
- memcmp(iv, template[i].iv_out,
- crypto_skcipher_ivsize(tfm))) {
+ if (template[i].generates_iv && enc &&
+ memcmp(iv, template[i].iv, crypto_skcipher_ivsize(tfm))) {
pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n",
d, j, e, algo);
hexdump(iv, crypto_skcipher_ivsize(tfm));
@@ -1194,11 +1197,13 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
if (fips_enabled && template[i].fips_skip)
continue;
- if (template[i].iv)
+ if (template[i].iv && !(template[i].generates_iv && enc))
memcpy(iv, template[i].iv, ivsize);
else
memset(iv, 0, MAX_IVLEN);
+ input = enc ? template[i].ptext : template[i].ctext;
+ result = enc ? template[i].ctext : template[i].ptext;
j++;
crypto_skcipher_clear_flags(tfm, ~0);
if (template[i].wk)
@@ -1226,7 +1231,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
- memcpy(q, template[i].input + temp, template[i].tap[k]);
+ memcpy(q, input + temp, template[i].tap[k]);
if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE)
q[template[i].tap[k]] = 0;
@@ -1248,7 +1253,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
}
skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
- template[i].ilen, iv);
+ template[i].len, iv);
ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) :
crypto_skcipher_decrypt(req), &wait);
@@ -1269,8 +1274,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
q = xbuf[IDX[k] >> PAGE_SHIFT] +
offset_in_page(IDX[k]);
- if (memcmp(q, template[i].result + temp,
- template[i].tap[k])) {
+ if (memcmp(q, result + temp, template[i].tap[k])) {
pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
d, j, e, k, algo);
hexdump(q, template[i].tap[k]);
@@ -1342,19 +1346,30 @@ static int test_comp(struct crypto_comp *tfm,
int ctcount, int dtcount)
{
const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm));
+ char *output, *decomp_output;
unsigned int i;
- char result[COMP_BUF_SIZE];
int ret;
+ output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL);
+ if (!output)
+ return -ENOMEM;
+
+ decomp_output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL);
+ if (!decomp_output) {
+ kfree(output);
+ return -ENOMEM;
+ }
+
for (i = 0; i < ctcount; i++) {
int ilen;
unsigned int dlen = COMP_BUF_SIZE;
- memset(result, 0, sizeof (result));
+ memset(output, 0, sizeof(COMP_BUF_SIZE));
+ memset(decomp_output, 0, sizeof(COMP_BUF_SIZE));
ilen = ctemplate[i].inlen;
ret = crypto_comp_compress(tfm, ctemplate[i].input,
- ilen, result, &dlen);
+ ilen, output, &dlen);
if (ret) {
printk(KERN_ERR "alg: comp: compression failed "
"on test %d for %s: ret=%d\n", i + 1, algo,
@@ -1362,7 +1377,17 @@ static int test_comp(struct crypto_comp *tfm,
goto out;
}
- if (dlen != ctemplate[i].outlen) {
+ ilen = dlen;
+ dlen = COMP_BUF_SIZE;
+ ret = crypto_comp_decompress(tfm, output,
+ ilen, decomp_output, &dlen);
+ if (ret) {
+ pr_err("alg: comp: compression failed: decompress: on test %d for %s failed: ret=%d\n",
+ i + 1, algo, -ret);
+ goto out;
+ }
+
+ if (dlen != ctemplate[i].inlen) {
printk(KERN_ERR "alg: comp: Compression test %d "
"failed for %s: output len = %d\n", i + 1, algo,
dlen);
@@ -1370,10 +1395,11 @@ static int test_comp(struct crypto_comp *tfm,
goto out;
}
- if (memcmp(result, ctemplate[i].output, dlen)) {
- printk(KERN_ERR "alg: comp: Compression test %d "
- "failed for %s\n", i + 1, algo);
- hexdump(result, dlen);
+ if (memcmp(decomp_output, ctemplate[i].input,
+ ctemplate[i].inlen)) {
+ pr_err("alg: comp: compression failed: output differs: on test %d for %s\n",
+ i + 1, algo);
+ hexdump(decomp_output, dlen);
ret = -EINVAL;
goto out;
}
@@ -1383,11 +1409,11 @@ static int test_comp(struct crypto_comp *tfm,
int ilen;
unsigned int dlen = COMP_BUF_SIZE;
- memset(result, 0, sizeof (result));
+ memset(decomp_output, 0, sizeof(COMP_BUF_SIZE));
ilen = dtemplate[i].inlen;
ret = crypto_comp_decompress(tfm, dtemplate[i].input,
- ilen, result, &dlen);
+ ilen, decomp_output, &dlen);
if (ret) {
printk(KERN_ERR "alg: comp: decompression failed "
"on test %d for %s: ret=%d\n", i + 1, algo,
@@ -1403,10 +1429,10 @@ static int test_comp(struct crypto_comp *tfm,
goto out;
}
- if (memcmp(result, dtemplate[i].output, dlen)) {
+ if (memcmp(decomp_output, dtemplate[i].output, dlen)) {
printk(KERN_ERR "alg: comp: Decompression test %d "
"failed for %s\n", i + 1, algo);
- hexdump(result, dlen);
+ hexdump(decomp_output, dlen);
ret = -EINVAL;
goto out;
}
@@ -1415,11 +1441,13 @@ static int test_comp(struct crypto_comp *tfm,
ret = 0;
out:
+ kfree(decomp_output);
+ kfree(output);
return ret;
}
static int test_acomp(struct crypto_acomp *tfm,
- const struct comp_testvec *ctemplate,
+ const struct comp_testvec *ctemplate,
const struct comp_testvec *dtemplate,
int ctcount, int dtcount)
{
@@ -1681,8 +1709,9 @@ out:
static int alg_test_cipher(const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
{
+ const struct cipher_test_suite *suite = &desc->suite.cipher;
struct crypto_cipher *tfm;
- int err = 0;
+ int err;
tfm = crypto_alloc_cipher(driver, type, mask);
if (IS_ERR(tfm)) {
@@ -1691,18 +1720,10 @@ static int alg_test_cipher(const struct alg_test_desc *desc,
return PTR_ERR(tfm);
}
- if (desc->suite.cipher.enc.vecs) {
- err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
- desc->suite.cipher.enc.count);
- if (err)
- goto out;
- }
-
- if (desc->suite.cipher.dec.vecs)
- err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
- desc->suite.cipher.dec.count);
+ err = test_cipher(tfm, ENCRYPT, suite->vecs, suite->count);
+ if (!err)
+ err = test_cipher(tfm, DECRYPT, suite->vecs, suite->count);
-out:
crypto_free_cipher(tfm);
return err;
}
@@ -1710,8 +1731,9 @@ out:
static int alg_test_skcipher(const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
{
+ const struct cipher_test_suite *suite = &desc->suite.cipher;
struct crypto_skcipher *tfm;
- int err = 0;
+ int err;
tfm = crypto_alloc_skcipher(driver, type, mask);
if (IS_ERR(tfm)) {
@@ -1720,18 +1742,10 @@ static int alg_test_skcipher(const struct alg_test_desc *desc,
return PTR_ERR(tfm);
}
- if (desc->suite.cipher.enc.vecs) {
- err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
- desc->suite.cipher.enc.count);
- if (err)
- goto out;
- }
-
- if (desc->suite.cipher.dec.vecs)
- err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
- desc->suite.cipher.dec.count);
+ err = test_skcipher(tfm, ENCRYPT, suite->vecs, suite->count);
+ if (!err)
+ err = test_skcipher(tfm, DECRYPT, suite->vecs, suite->count);
-out:
crypto_free_skcipher(tfm);
return err;
}
@@ -1774,8 +1788,9 @@ static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
return err;
}
-static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
- u32 type, u32 mask)
+static int __alg_test_hash(const struct hash_testvec *template,
+ unsigned int tcount, const char *driver,
+ u32 type, u32 mask)
{
struct crypto_ahash *tfm;
int err;
@@ -1787,16 +1802,51 @@ static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
return PTR_ERR(tfm);
}
- err = test_hash(tfm, desc->suite.hash.vecs,
- desc->suite.hash.count, true);
+ err = test_hash(tfm, template, tcount, true);
if (!err)
- err = test_hash(tfm, desc->suite.hash.vecs,
- desc->suite.hash.count, false);
-
+ err = test_hash(tfm, template, tcount, false);
crypto_free_ahash(tfm);
return err;
}
+static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
+ u32 type, u32 mask)
+{
+ const struct hash_testvec *template = desc->suite.hash.vecs;
+ unsigned int tcount = desc->suite.hash.count;
+ unsigned int nr_unkeyed, nr_keyed;
+ int err;
+
+ /*
+ * For OPTIONAL_KEY algorithms, we have to do all the unkeyed tests
+ * first, before setting a key on the tfm. To make this easier, we
+ * require that the unkeyed test vectors (if any) are listed first.
+ */
+
+ for (nr_unkeyed = 0; nr_unkeyed < tcount; nr_unkeyed++) {
+ if (template[nr_unkeyed].ksize)
+ break;
+ }
+ for (nr_keyed = 0; nr_unkeyed + nr_keyed < tcount; nr_keyed++) {
+ if (!template[nr_unkeyed + nr_keyed].ksize) {
+ pr_err("alg: hash: test vectors for %s out of order, "
+ "unkeyed ones must come first\n", desc->alg);
+ return -EINVAL;
+ }
+ }
+
+ err = 0;
+ if (nr_unkeyed) {
+ err = __alg_test_hash(template, nr_unkeyed, driver, type, mask);
+ template += nr_unkeyed;
+ }
+
+ if (!err && nr_keyed)
+ err = __alg_test_hash(template, nr_keyed, driver, type, mask);
+
+ return err;
+}
+
static int alg_test_crc32c(const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
{
@@ -2316,6 +2366,33 @@ static int alg_test_null(const struct alg_test_desc *desc,
/* Please keep this list sorted by algorithm name. */
static const struct alg_test_desc alg_test_descs[] = {
{
+ .alg = "aegis128",
+ .test = alg_test_aead,
+ .suite = {
+ .aead = {
+ .enc = __VECS(aegis128_enc_tv_template),
+ .dec = __VECS(aegis128_dec_tv_template),
+ }
+ }
+ }, {
+ .alg = "aegis128l",
+ .test = alg_test_aead,
+ .suite = {
+ .aead = {
+ .enc = __VECS(aegis128l_enc_tv_template),
+ .dec = __VECS(aegis128l_dec_tv_template),
+ }
+ }
+ }, {
+ .alg = "aegis256",
+ .test = alg_test_aead,
+ .suite = {
+ .aead = {
+ .enc = __VECS(aegis256_enc_tv_template),
+ .dec = __VECS(aegis256_dec_tv_template),
+ }
+ }
+ }, {
.alg = "ansi_cprng",
.test = alg_test_cprng,
.suite = {
@@ -2488,93 +2565,70 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(aes_cbc_enc_tv_template),
- .dec = __VECS(aes_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(aes_cbc_tv_template)
+ },
}, {
.alg = "cbc(anubis)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(anubis_cbc_enc_tv_template),
- .dec = __VECS(anubis_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(anubis_cbc_tv_template)
+ },
}, {
.alg = "cbc(blowfish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(bf_cbc_enc_tv_template),
- .dec = __VECS(bf_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(bf_cbc_tv_template)
+ },
}, {
.alg = "cbc(camellia)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(camellia_cbc_enc_tv_template),
- .dec = __VECS(camellia_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(camellia_cbc_tv_template)
+ },
}, {
.alg = "cbc(cast5)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast5_cbc_enc_tv_template),
- .dec = __VECS(cast5_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(cast5_cbc_tv_template)
+ },
}, {
.alg = "cbc(cast6)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast6_cbc_enc_tv_template),
- .dec = __VECS(cast6_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(cast6_cbc_tv_template)
+ },
}, {
.alg = "cbc(des)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(des_cbc_enc_tv_template),
- .dec = __VECS(des_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(des_cbc_tv_template)
+ },
}, {
.alg = "cbc(des3_ede)",
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(des3_ede_cbc_enc_tv_template),
- .dec = __VECS(des3_ede_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(des3_ede_cbc_tv_template)
+ },
+ }, {
+ /* Same as cbc(aes) except the key is stored in
+ * hardware secure memory which we reference by index
+ */
+ .alg = "cbc(paes)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
}, {
.alg = "cbc(serpent)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(serpent_cbc_enc_tv_template),
- .dec = __VECS(serpent_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(serpent_cbc_tv_template)
+ },
}, {
.alg = "cbc(twofish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(tf_cbc_enc_tv_template),
- .dec = __VECS(tf_cbc_dec_tv_template)
- }
- }
+ .cipher = __VECS(tf_cbc_tv_template)
+ },
}, {
.alg = "cbcmac(aes)",
.fips_allowed = 1,
@@ -2596,11 +2650,8 @@ static const struct alg_test_desc alg_test_descs[] = {
.alg = "chacha20",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(chacha20_enc_tv_template),
- .dec = __VECS(chacha20_enc_tv_template),
- }
- }
+ .cipher = __VECS(chacha20_tv_template)
+ },
}, {
.alg = "cmac(aes)",
.fips_allowed = 1,
@@ -2643,92 +2694,69 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(aes_ctr_enc_tv_template),
- .dec = __VECS(aes_ctr_dec_tv_template)
- }
+ .cipher = __VECS(aes_ctr_tv_template)
}
}, {
.alg = "ctr(blowfish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(bf_ctr_enc_tv_template),
- .dec = __VECS(bf_ctr_dec_tv_template)
- }
+ .cipher = __VECS(bf_ctr_tv_template)
}
}, {
.alg = "ctr(camellia)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(camellia_ctr_enc_tv_template),
- .dec = __VECS(camellia_ctr_dec_tv_template)
- }
+ .cipher = __VECS(camellia_ctr_tv_template)
}
}, {
.alg = "ctr(cast5)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast5_ctr_enc_tv_template),
- .dec = __VECS(cast5_ctr_dec_tv_template)
- }
+ .cipher = __VECS(cast5_ctr_tv_template)
}
}, {
.alg = "ctr(cast6)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast6_ctr_enc_tv_template),
- .dec = __VECS(cast6_ctr_dec_tv_template)
- }
+ .cipher = __VECS(cast6_ctr_tv_template)
}
}, {
.alg = "ctr(des)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(des_ctr_enc_tv_template),
- .dec = __VECS(des_ctr_dec_tv_template)
- }
+ .cipher = __VECS(des_ctr_tv_template)
}
}, {
.alg = "ctr(des3_ede)",
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(des3_ede_ctr_enc_tv_template),
- .dec = __VECS(des3_ede_ctr_dec_tv_template)
- }
+ .cipher = __VECS(des3_ede_ctr_tv_template)
}
}, {
+ /* Same as ctr(aes) except the key is stored in
+ * hardware secure memory which we reference by index
+ */
+ .alg = "ctr(paes)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "ctr(serpent)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(serpent_ctr_enc_tv_template),
- .dec = __VECS(serpent_ctr_dec_tv_template)
- }
+ .cipher = __VECS(serpent_ctr_tv_template)
}
}, {
.alg = "ctr(twofish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(tf_ctr_enc_tv_template),
- .dec = __VECS(tf_ctr_dec_tv_template)
- }
+ .cipher = __VECS(tf_ctr_tv_template)
}
}, {
.alg = "cts(cbc(aes))",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cts_mode_enc_tv_template),
- .dec = __VECS(cts_mode_dec_tv_template)
- }
+ .cipher = __VECS(cts_mode_tv_template)
}
}, {
.alg = "deflate",
@@ -2876,64 +2904,43 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(aes_enc_tv_template),
- .dec = __VECS(aes_dec_tv_template)
- }
+ .cipher = __VECS(aes_tv_template)
}
}, {
.alg = "ecb(anubis)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(anubis_enc_tv_template),
- .dec = __VECS(anubis_dec_tv_template)
- }
+ .cipher = __VECS(anubis_tv_template)
}
}, {
.alg = "ecb(arc4)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(arc4_enc_tv_template),
- .dec = __VECS(arc4_dec_tv_template)
- }
+ .cipher = __VECS(arc4_tv_template)
}
}, {
.alg = "ecb(blowfish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(bf_enc_tv_template),
- .dec = __VECS(bf_dec_tv_template)
- }
+ .cipher = __VECS(bf_tv_template)
}
}, {
.alg = "ecb(camellia)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(camellia_enc_tv_template),
- .dec = __VECS(camellia_dec_tv_template)
- }
+ .cipher = __VECS(camellia_tv_template)
}
}, {
.alg = "ecb(cast5)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast5_enc_tv_template),
- .dec = __VECS(cast5_dec_tv_template)
- }
+ .cipher = __VECS(cast5_tv_template)
}
}, {
.alg = "ecb(cast6)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast6_enc_tv_template),
- .dec = __VECS(cast6_dec_tv_template)
- }
+ .cipher = __VECS(cast6_tv_template)
}
}, {
.alg = "ecb(cipher_null)",
@@ -2943,134 +2950,96 @@ static const struct alg_test_desc alg_test_descs[] = {
.alg = "ecb(des)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(des_enc_tv_template),
- .dec = __VECS(des_dec_tv_template)
- }
+ .cipher = __VECS(des_tv_template)
}
}, {
.alg = "ecb(des3_ede)",
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(des3_ede_enc_tv_template),
- .dec = __VECS(des3_ede_dec_tv_template)
- }
+ .cipher = __VECS(des3_ede_tv_template)
}
}, {
.alg = "ecb(fcrypt)",
.test = alg_test_skcipher,
.suite = {
.cipher = {
- .enc = {
- .vecs = fcrypt_pcbc_enc_tv_template,
- .count = 1
- },
- .dec = {
- .vecs = fcrypt_pcbc_dec_tv_template,
- .count = 1
- }
+ .vecs = fcrypt_pcbc_tv_template,
+ .count = 1
}
}
}, {
.alg = "ecb(khazad)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(khazad_enc_tv_template),
- .dec = __VECS(khazad_dec_tv_template)
- }
+ .cipher = __VECS(khazad_tv_template)
}
}, {
+ /* Same as ecb(aes) except the key is stored in
+ * hardware secure memory which we reference by index
+ */
+ .alg = "ecb(paes)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "ecb(seed)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(seed_enc_tv_template),
- .dec = __VECS(seed_dec_tv_template)
- }
+ .cipher = __VECS(seed_tv_template)
}
}, {
.alg = "ecb(serpent)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(serpent_enc_tv_template),
- .dec = __VECS(serpent_dec_tv_template)
- }
+ .cipher = __VECS(serpent_tv_template)
}
}, {
.alg = "ecb(sm4)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(sm4_enc_tv_template),
- .dec = __VECS(sm4_dec_tv_template)
- }
+ .cipher = __VECS(sm4_tv_template)
}
}, {
.alg = "ecb(speck128)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(speck128_enc_tv_template),
- .dec = __VECS(speck128_dec_tv_template)
- }
+ .cipher = __VECS(speck128_tv_template)
}
}, {
.alg = "ecb(speck64)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(speck64_enc_tv_template),
- .dec = __VECS(speck64_dec_tv_template)
- }
+ .cipher = __VECS(speck64_tv_template)
}
}, {
.alg = "ecb(tea)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(tea_enc_tv_template),
- .dec = __VECS(tea_dec_tv_template)
- }
+ .cipher = __VECS(tea_tv_template)
}
}, {
.alg = "ecb(tnepres)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(tnepres_enc_tv_template),
- .dec = __VECS(tnepres_dec_tv_template)
- }
+ .cipher = __VECS(tnepres_tv_template)
}
}, {
.alg = "ecb(twofish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(tf_enc_tv_template),
- .dec = __VECS(tf_dec_tv_template)
- }
+ .cipher = __VECS(tf_tv_template)
}
}, {
.alg = "ecb(xeta)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(xeta_enc_tv_template),
- .dec = __VECS(xeta_dec_tv_template)
- }
+ .cipher = __VECS(xeta_tv_template)
}
}, {
.alg = "ecb(xtea)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(xtea_enc_tv_template),
- .dec = __VECS(xtea_dec_tv_template)
- }
+ .cipher = __VECS(xtea_tv_template)
}
}, {
.alg = "ecdh",
@@ -3097,12 +3066,6 @@ static const struct alg_test_desc alg_test_descs[] = {
.hash = __VECS(ghash_tv_template)
}
}, {
- .alg = "hmac(crc32)",
- .test = alg_test_hash,
- .suite = {
- .hash = __VECS(bfin_crc_tv_template)
- }
- }, {
.alg = "hmac(md5)",
.test = alg_test_hash,
.suite = {
@@ -3192,55 +3155,37 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(aes_kw_enc_tv_template),
- .dec = __VECS(aes_kw_dec_tv_template)
- }
+ .cipher = __VECS(aes_kw_tv_template)
}
}, {
.alg = "lrw(aes)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(aes_lrw_enc_tv_template),
- .dec = __VECS(aes_lrw_dec_tv_template)
- }
+ .cipher = __VECS(aes_lrw_tv_template)
}
}, {
.alg = "lrw(camellia)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(camellia_lrw_enc_tv_template),
- .dec = __VECS(camellia_lrw_dec_tv_template)
- }
+ .cipher = __VECS(camellia_lrw_tv_template)
}
}, {
.alg = "lrw(cast6)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast6_lrw_enc_tv_template),
- .dec = __VECS(cast6_lrw_dec_tv_template)
- }
+ .cipher = __VECS(cast6_lrw_tv_template)
}
}, {
.alg = "lrw(serpent)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(serpent_lrw_enc_tv_template),
- .dec = __VECS(serpent_lrw_dec_tv_template)
- }
+ .cipher = __VECS(serpent_lrw_tv_template)
}
}, {
.alg = "lrw(twofish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(tf_lrw_enc_tv_template),
- .dec = __VECS(tf_lrw_dec_tv_template)
- }
+ .cipher = __VECS(tf_lrw_tv_template)
}
}, {
.alg = "lz4",
@@ -3291,23 +3236,42 @@ static const struct alg_test_desc alg_test_descs[] = {
.hash = __VECS(michael_mic_tv_template)
}
}, {
+ .alg = "morus1280",
+ .test = alg_test_aead,
+ .suite = {
+ .aead = {
+ .enc = __VECS(morus1280_enc_tv_template),
+ .dec = __VECS(morus1280_dec_tv_template),
+ }
+ }
+ }, {
+ .alg = "morus640",
+ .test = alg_test_aead,
+ .suite = {
+ .aead = {
+ .enc = __VECS(morus640_enc_tv_template),
+ .dec = __VECS(morus640_dec_tv_template),
+ }
+ }
+ }, {
.alg = "ofb(aes)",
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(aes_ofb_enc_tv_template),
- .dec = __VECS(aes_ofb_dec_tv_template)
- }
+ .cipher = __VECS(aes_ofb_tv_template)
}
}, {
+ /* Same as ofb(aes) except the key is stored in
+ * hardware secure memory which we reference by index
+ */
+ .alg = "ofb(paes)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "pcbc(fcrypt)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(fcrypt_pcbc_enc_tv_template),
- .dec = __VECS(fcrypt_pcbc_dec_tv_template)
- }
+ .cipher = __VECS(fcrypt_pcbc_tv_template)
}
}, {
.alg = "pkcs1pad(rsa,sha224)",
@@ -3339,10 +3303,7 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(aes_ctr_rfc3686_enc_tv_template),
- .dec = __VECS(aes_ctr_rfc3686_dec_tv_template)
- }
+ .cipher = __VECS(aes_ctr_rfc3686_tv_template)
}
}, {
.alg = "rfc4106(gcm(aes))",
@@ -3426,9 +3387,7 @@ static const struct alg_test_desc alg_test_descs[] = {
.alg = "salsa20",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(salsa20_stream_enc_tv_template)
- }
+ .cipher = __VECS(salsa20_stream_tv_template)
}
}, {
.alg = "sha1",
@@ -3552,66 +3511,60 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_skcipher,
.fips_allowed = 1,
.suite = {
- .cipher = {
- .enc = __VECS(aes_xts_enc_tv_template),
- .dec = __VECS(aes_xts_dec_tv_template)
- }
+ .cipher = __VECS(aes_xts_tv_template)
}
}, {
.alg = "xts(camellia)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(camellia_xts_enc_tv_template),
- .dec = __VECS(camellia_xts_dec_tv_template)
- }
+ .cipher = __VECS(camellia_xts_tv_template)
}
}, {
.alg = "xts(cast6)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(cast6_xts_enc_tv_template),
- .dec = __VECS(cast6_xts_dec_tv_template)
- }
+ .cipher = __VECS(cast6_xts_tv_template)
}
}, {
+ /* Same as xts(aes) except the key is stored in
+ * hardware secure memory which we reference by index
+ */
+ .alg = "xts(paes)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "xts(serpent)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(serpent_xts_enc_tv_template),
- .dec = __VECS(serpent_xts_dec_tv_template)
- }
+ .cipher = __VECS(serpent_xts_tv_template)
}
}, {
.alg = "xts(speck128)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(speck128_xts_enc_tv_template),
- .dec = __VECS(speck128_xts_dec_tv_template)
- }
+ .cipher = __VECS(speck128_xts_tv_template)
}
}, {
.alg = "xts(speck64)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(speck64_xts_enc_tv_template),
- .dec = __VECS(speck64_xts_dec_tv_template)
- }
+ .cipher = __VECS(speck64_xts_tv_template)
}
}, {
.alg = "xts(twofish)",
.test = alg_test_skcipher,
.suite = {
- .cipher = {
- .enc = __VECS(tf_xts_enc_tv_template),
- .dec = __VECS(tf_xts_dec_tv_template)
- }
+ .cipher = __VECS(tf_xts_tv_template)
}
}, {
+ .alg = "xts4096(paes)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
+ .alg = "xts512(paes)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "zlib-deflate",
.test = alg_test_comp,
.fips_allowed = 1,
@@ -3621,6 +3574,16 @@ static const struct alg_test_desc alg_test_descs[] = {
.decomp = __VECS(zlib_deflate_decomp_tv_template)
}
}
+ }, {
+ .alg = "zstd",
+ .test = alg_test_comp,
+ .fips_allowed = 1,
+ .suite = {
+ .comp = {
+ .comp = __VECS(zstd_comp_tv_template),
+ .decomp = __VECS(zstd_decomp_tv_template)
+ }
+ }
}
};
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 004c0a0f8004..b950aa234e43 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -44,14 +44,13 @@ struct hash_testvec {
};
/*
- * cipher_testvec: structure to describe a cipher test
- * @key: A pointer to a key used by the test
- * @klen: The length of @key
- * @iv: A pointer to the IV used by the test
- * @input: A pointer to data used as input
- * @ilen The length of data in @input
- * @result: A pointer to what the test need to produce
- * @rlen: The length of data in @result
+ * cipher_testvec: structure to describe a symmetric cipher test
+ * @key: Pointer to key
+ * @klen: Length of @key in bytes
+ * @iv: Pointer to IV (optional for some ciphers)
+ * @ptext: Pointer to plaintext
+ * @ctext: Pointer to ciphertext
+ * @len: Length of @ptext and @ctext in bytes
* @fail: If set to one, the test need to fail
* @wk: Does the test need CRYPTO_TFM_REQ_WEAK_KEY
* ( e.g. test needs to fail due to a weak key )
@@ -60,23 +59,23 @@ struct hash_testvec {
* @also_non_np: if set to 1, the test will be also done without
* splitting data in @np SGs
* @fips_skip: Skip the test vector in FIPS mode
+ * @generates_iv: Encryption should ignore the given IV, and output @iv.
+ * Decryption takes @iv. Needed for AES Keywrap ("kw(aes)").
*/
-
struct cipher_testvec {
const char *key;
const char *iv;
- const char *iv_out;
- const char *input;
- const char *result;
+ const char *ptext;
+ const char *ctext;
unsigned short tap[MAX_TAP];
int np;
unsigned char also_non_np;
bool fail;
unsigned char wk; /* weak key flag */
unsigned char klen;
- unsigned short ilen;
- unsigned short rlen;
+ unsigned short len;
bool fips_skip;
+ bool generates_iv;
};
struct aead_testvec {
@@ -5542,111 +5541,121 @@ static const struct hash_testvec poly1305_tv_template[] = {
/*
* DES test vectors.
*/
-static const struct cipher_testvec des_enc_tv_template[] = {
+static const struct cipher_testvec des_tv_template[] = {
{ /* From Applied Cryptography */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7",
- .ilen = 8,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7",
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
+ .len = 8,
}, { /* Same key, different plaintext block */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x22\x33\x44\x55\x66\x77\x88\x99",
- .ilen = 8,
- .result = "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b",
- .rlen = 8,
+ .ptext = "\x22\x33\x44\x55\x66\x77\x88\x99",
+ .ctext = "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b",
+ .len = 8,
}, { /* Sbox test from NBS */
.key = "\x7c\xa1\x10\x45\x4a\x1a\x6e\x57",
.klen = 8,
- .input = "\x01\xa1\xd6\xd0\x39\x77\x67\x42",
- .ilen = 8,
- .result = "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b",
- .rlen = 8,
+ .ptext = "\x01\xa1\xd6\xd0\x39\x77\x67\x42",
+ .ctext = "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b",
+ .len = 8,
}, { /* Three blocks */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
"\x22\x33\x44\x55\x66\x77\x88\x99"
"\xca\xfe\xba\xbe\xfe\xed\xbe\xef",
- .ilen = 24,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
"\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b"
"\xb4\x99\x26\xf7\x1f\xe1\xd4\x90",
- .rlen = 24,
+ .len = 24,
}, { /* Weak key */
.fail = true,
.wk = 1,
.key = "\x01\x01\x01\x01\x01\x01\x01\x01",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7",
- .ilen = 8,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7",
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
+ .len = 8,
}, { /* Two blocks -- for testing encryption across pages */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
"\x22\x33\x44\x55\x66\x77\x88\x99",
- .ilen = 16,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
"\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b",
- .rlen = 16,
+ .len = 16,
.np = 2,
.tap = { 8, 8 }
+ }, {
+ .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ .klen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
+ "\xa3\x99\x7b\xca\xaf\x69\xa0\xf5",
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
+ "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b",
+ .len = 16,
+ .np = 2,
+ .tap = { 8, 8 }
+ }, {
+ .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ .klen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
+ "\xa3\x99\x7b\xca\xaf\x69\xa0\xf5",
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
+ "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b",
+ .len = 16,
+ .np = 3,
+ .tap = { 3, 12, 1 }
}, { /* Four blocks -- for testing encryption with chunking */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
"\x22\x33\x44\x55\x66\x77\x88\x99"
"\xca\xfe\xba\xbe\xfe\xed\xbe\xef"
"\x22\x33\x44\x55\x66\x77\x88\x99",
- .ilen = 32,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
"\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b"
"\xb4\x99\x26\xf7\x1f\xe1\xd4\x90"
"\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b",
- .rlen = 32,
+ .len = 32,
.np = 3,
.tap = { 14, 10, 8 }
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
"\x22\x33\x44\x55\x66\x77\x88\x99"
"\xca\xfe\xba\xbe\xfe\xed\xbe\xef",
- .ilen = 24,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
"\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b"
"\xb4\x99\x26\xf7\x1f\xe1\xd4\x90",
- .rlen = 24,
+ .len = 24,
.np = 4,
.tap = { 2, 1, 3, 18 }
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
"\x22\x33\x44\x55\x66\x77\x88\x99",
- .ilen = 16,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
"\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b",
- .rlen = 16,
+ .len = 16,
.np = 5,
.tap = { 2, 2, 2, 2, 8 }
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7",
- .ilen = 8,
- .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7",
+ .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
+ .len = 8,
.np = 8,
.tap = { 1, 1, 1, 1, 1, 1, 1, 1 }
}, { /* Generated with Crypto++ */
.key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
.klen = 8,
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -5677,8 +5686,7 @@ static const struct cipher_testvec des_enc_tv_template[] = {
"\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
"\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
"\xC6\x2F\xBB\x24\x8D\x19\x82\xEB",
- .ilen = 248,
- .result = "\x88\xCB\x1F\xAB\x2F\x2A\x49\x57"
+ .ctext = "\x88\xCB\x1F\xAB\x2F\x2A\x49\x57"
"\x92\xB9\x77\xFF\x2F\x47\x58\xDD"
"\xD7\x8A\x91\x95\x26\x33\x78\xB2"
"\x33\xBA\xB2\x3E\x02\xF5\x1F\xEF"
@@ -5709,180 +5717,68 @@ static const struct cipher_testvec des_enc_tv_template[] = {
"\x46\x31\x4C\x5E\x2E\x95\x61\xEF"
"\xE1\x58\x39\x09\xB4\x8B\x40\xAC"
"\x5F\x62\xC7\x72\xD9\xFC\xCB\x9A",
- .rlen = 248,
+ .len = 248,
.also_non_np = 1,
.np = 3,
.tap = { 248 - 10, 2, 8 },
},
};
-static const struct cipher_testvec des_dec_tv_template[] = {
- { /* From Applied Cryptography */
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .input = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
- .ilen = 8,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xe7",
- .rlen = 8,
- }, { /* Sbox test from NBS */
- .key = "\x7c\xa1\x10\x45\x4a\x1a\x6e\x57",
- .klen = 8,
- .input = "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b",
- .ilen = 8,
- .result = "\x01\xa1\xd6\xd0\x39\x77\x67\x42",
- .rlen = 8,
- }, { /* Two blocks, for chunking test */
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .input = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
- "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b",
- .ilen = 16,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
- "\xa3\x99\x7b\xca\xaf\x69\xa0\xf5",
- .rlen = 16,
- .np = 2,
- .tap = { 8, 8 }
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .input = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d"
- "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b",
- .ilen = 16,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xe7"
- "\xa3\x99\x7b\xca\xaf\x69\xa0\xf5",
- .rlen = 16,
- .np = 3,
- .tap = { 3, 12, 1 }
- }, { /* Generated with Crypto++ */
- .key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
- .klen = 8,
- .input = "\x88\xCB\x1F\xAB\x2F\x2A\x49\x57"
- "\x92\xB9\x77\xFF\x2F\x47\x58\xDD"
- "\xD7\x8A\x91\x95\x26\x33\x78\xB2"
- "\x33\xBA\xB2\x3E\x02\xF5\x1F\xEF"
- "\x98\xC5\xA6\xD2\x7D\x79\xEC\xB3"
- "\x45\xF3\x4C\x61\xAC\x6C\xC2\x55"
- "\xE5\xD3\x06\x58\x8A\x42\x3E\xDD"
- "\x3D\x20\x45\xE9\x6F\x0D\x25\xA8"
- "\xA5\xC7\x69\xCE\xD5\x3B\x7B\xC9"
- "\x9E\x65\xE7\xA3\xF2\xE4\x18\x94"
- "\xD2\x81\xE9\x33\x2B\x2D\x49\xC4"
- "\xFE\xDA\x7F\xE2\xF2\x8C\x9C\xDC"
- "\x73\x58\x11\x1F\x81\xD7\x21\x1A"
- "\x80\xD0\x0D\xE8\x45\xD6\xD8\xD5"
- "\x2E\x51\x16\xCA\x09\x89\x54\x62"
- "\xF7\x04\x3D\x75\xB9\xA3\x84\xF4"
- "\x62\xF0\x02\x58\x83\xAF\x30\x87"
- "\x85\x3F\x01\xCD\x8E\x58\x42\xC4"
- "\x41\x73\xE0\x15\x0A\xE6\x2E\x80"
- "\x94\xF8\x5B\x3A\x4E\xDF\x51\xB2"
- "\x9D\xE4\xC4\x9D\xF7\x3F\xF8\x8E"
- "\x37\x22\x4D\x00\x2A\xEF\xC1\x0F"
- "\x14\xA0\x66\xAB\x79\x39\xD0\x8E"
- "\xE9\x95\x61\x74\x12\xED\x07\xD7"
- "\xDD\x95\xDC\x7B\x57\x25\x27\x9C"
- "\x51\x96\x16\xF7\x94\x61\xB8\x87"
- "\xF0\x21\x1B\x32\xFB\x07\x0F\x29"
- "\x56\xBD\x9D\x22\xA2\x9F\xA2\xB9"
- "\x46\x31\x4C\x5E\x2E\x95\x61\xEF"
- "\xE1\x58\x39\x09\xB4\x8B\x40\xAC"
- "\x5F\x62\xC7\x72\xD9\xFC\xCB\x9A",
- .ilen = 248,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82\xEB",
- .rlen = 248,
- .also_non_np = 1,
- .np = 3,
- .tap = { 248 - 10, 2, 8 },
- },
-};
-
-static const struct cipher_testvec des_cbc_enc_tv_template[] = {
+static const struct cipher_testvec des_cbc_tv_template[] = {
{ /* From OpenSSL */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
.iv = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .input = "\x37\x36\x35\x34\x33\x32\x31\x20"
+ .ptext = "\x37\x36\x35\x34\x33\x32\x31\x20"
"\x4e\x6f\x77\x20\x69\x73\x20\x74"
"\x68\x65\x20\x74\x69\x6d\x65\x20",
- .ilen = 24,
- .result = "\xcc\xd1\x73\xff\xab\x20\x39\xf4"
+ .ctext = "\xcc\xd1\x73\xff\xab\x20\x39\xf4"
"\xac\xd8\xae\xfd\xdf\xd8\xa1\xeb"
"\x46\x8e\x91\x15\x78\x88\xba\x68",
- .rlen = 24,
+ .len = 24,
}, { /* FIPS Pub 81 */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
.iv = "\x12\x34\x56\x78\x90\xab\xcd\xef",
- .input = "\x4e\x6f\x77\x20\x69\x73\x20\x74",
- .ilen = 8,
- .result = "\xe5\xc7\xcd\xde\x87\x2b\xf2\x7c",
- .rlen = 8,
+ .ptext = "\x4e\x6f\x77\x20\x69\x73\x20\x74",
+ .ctext = "\xe5\xc7\xcd\xde\x87\x2b\xf2\x7c",
+ .len = 8,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
.iv = "\xe5\xc7\xcd\xde\x87\x2b\xf2\x7c",
- .input = "\x68\x65\x20\x74\x69\x6d\x65\x20",
- .ilen = 8,
- .result = "\x43\xe9\x34\x00\x8c\x38\x9c\x0f",
- .rlen = 8,
+ .ptext = "\x68\x65\x20\x74\x69\x6d\x65\x20",
+ .ctext = "\x43\xe9\x34\x00\x8c\x38\x9c\x0f",
+ .len = 8,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
.iv = "\x43\xe9\x34\x00\x8c\x38\x9c\x0f",
- .input = "\x66\x6f\x72\x20\x61\x6c\x6c\x20",
- .ilen = 8,
- .result = "\x68\x37\x88\x49\x9a\x7c\x05\xf6",
- .rlen = 8,
+ .ptext = "\x66\x6f\x72\x20\x61\x6c\x6c\x20",
+ .ctext = "\x68\x37\x88\x49\x9a\x7c\x05\xf6",
+ .len = 8,
+ .np = 2,
+ .tap = { 4, 4 },
+ .also_non_np = 1,
}, { /* Copy of openssl vector for chunk testing */
/* From OpenSSL */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
.iv = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .input = "\x37\x36\x35\x34\x33\x32\x31\x20"
+ .ptext = "\x37\x36\x35\x34\x33\x32\x31\x20"
"\x4e\x6f\x77\x20\x69\x73\x20\x74"
"\x68\x65\x20\x74\x69\x6d\x65\x20",
- .ilen = 24,
- .result = "\xcc\xd1\x73\xff\xab\x20\x39\xf4"
+ .ctext = "\xcc\xd1\x73\xff\xab\x20\x39\xf4"
"\xac\xd8\xae\xfd\xdf\xd8\xa1\xeb"
"\x46\x8e\x91\x15\x78\x88\xba\x68",
- .rlen = 24,
+ .len = 24,
.np = 2,
.tap = { 13, 11 }
}, { /* Generated with Crypto++ */
.key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
.klen = 8,
.iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47",
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -5913,85 +5809,7 @@ static const struct cipher_testvec des_cbc_enc_tv_template[] = {
"\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
"\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
"\xC6\x2F\xBB\x24\x8D\x19\x82\xEB",
- .ilen = 248,
- .result = "\x71\xCC\x56\x1C\x87\x2C\x43\x20"
- "\x1C\x20\x13\x09\xF9\x2B\x40\x47"
- "\x99\x10\xD1\x1B\x65\x33\x33\xBA"
- "\x88\x0D\xA2\xD1\x86\xFF\x4D\xF4"
- "\x5A\x0C\x12\x96\x32\x57\xAA\x26"
- "\xA7\xF4\x32\x8D\xBC\x10\x31\x9E"
- "\x81\x72\x74\xDE\x30\x19\x69\x49"
- "\x54\x9C\xC3\xEB\x0B\x97\xDD\xD1"
- "\xE8\x6D\x0D\x05\x83\xA5\x12\x08"
- "\x47\xF8\x88\x03\x86\x51\x3C\xEF"
- "\xE7\x11\x73\x4D\x44\x2B\xE2\x16"
- "\xE8\xA5\x06\x50\x66\x70\x0E\x14"
- "\xBA\x21\x3B\xD5\x23\x5B\xA7\x8F"
- "\x56\xB6\xA7\x44\xDB\x86\xAB\x69"
- "\x33\x3C\xBE\x64\xC4\x22\xD3\xFE"
- "\x49\x90\x88\x6A\x09\x8F\x76\x59"
- "\xCB\xB7\xA0\x2D\x79\x75\x92\x8A"
- "\x82\x1D\xC2\xFE\x09\x1F\x78\x6B"
- "\x2F\xD6\xA4\x87\x1E\xC4\x53\x63"
- "\x80\x02\x61\x2F\xE3\x46\xB6\xB5"
- "\xAA\x95\xF4\xEE\xA7\x64\x2B\x4F"
- "\x20\xCF\xD2\x47\x4E\x39\x65\xB3"
- "\x11\x87\xA2\x6C\x49\x7E\x36\xC7"
- "\x62\x8B\x48\x0D\x6A\x64\x00\xBD"
- "\x71\x91\x8C\xE9\x70\x19\x01\x4F"
- "\x4E\x68\x23\xBA\xDA\x24\x2E\x45"
- "\x02\x14\x33\x21\xAE\x58\x4B\xCF"
- "\x3B\x4B\xE8\xF8\xF6\x4F\x34\x93"
- "\xD7\x07\x8A\xD7\x18\x92\x36\x8C"
- "\x82\xA9\xBD\x6A\x31\x91\x39\x11"
- "\xC6\x4A\xF3\x55\xC7\x29\x2E\x63",
- .rlen = 248,
- .also_non_np = 1,
- .np = 3,
- .tap = { 248 - 10, 2, 8 },
- },
-};
-
-static const struct cipher_testvec des_cbc_dec_tv_template[] = {
- { /* FIPS Pub 81 */
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .iv = "\x12\x34\x56\x78\x90\xab\xcd\xef",
- .input = "\xe5\xc7\xcd\xde\x87\x2b\xf2\x7c",
- .ilen = 8,
- .result = "\x4e\x6f\x77\x20\x69\x73\x20\x74",
- .rlen = 8,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .iv = "\xe5\xc7\xcd\xde\x87\x2b\xf2\x7c",
- .input = "\x43\xe9\x34\x00\x8c\x38\x9c\x0f",
- .ilen = 8,
- .result = "\x68\x65\x20\x74\x69\x6d\x65\x20",
- .rlen = 8,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .iv = "\x43\xe9\x34\x00\x8c\x38\x9c\x0f",
- .input = "\x68\x37\x88\x49\x9a\x7c\x05\xf6",
- .ilen = 8,
- .result = "\x66\x6f\x72\x20\x61\x6c\x6c\x20",
- .rlen = 8,
- }, { /* Copy of above, for chunk testing */
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .iv = "\x43\xe9\x34\x00\x8c\x38\x9c\x0f",
- .input = "\x68\x37\x88\x49\x9a\x7c\x05\xf6",
- .ilen = 8,
- .result = "\x66\x6f\x72\x20\x61\x6c\x6c\x20",
- .rlen = 8,
- .np = 2,
- .tap = { 4, 4 }
- }, { /* Generated with Crypto++ */
- .key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
- .klen = 8,
- .iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47",
- .input = "\x71\xCC\x56\x1C\x87\x2C\x43\x20"
+ .ctext = "\x71\xCC\x56\x1C\x87\x2C\x43\x20"
"\x1C\x20\x13\x09\xF9\x2B\x40\x47"
"\x99\x10\xD1\x1B\x65\x33\x33\xBA"
"\x88\x0D\xA2\xD1\x86\xFF\x4D\xF4"
@@ -6022,51 +5840,19 @@ static const struct cipher_testvec des_cbc_dec_tv_template[] = {
"\xD7\x07\x8A\xD7\x18\x92\x36\x8C"
"\x82\xA9\xBD\x6A\x31\x91\x39\x11"
"\xC6\x4A\xF3\x55\xC7\x29\x2E\x63",
- .ilen = 248,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82\xEB",
- .rlen = 248,
+ .len = 248,
.also_non_np = 1,
.np = 3,
.tap = { 248 - 10, 2, 8 },
},
};
-static const struct cipher_testvec des_ctr_enc_tv_template[] = {
+static const struct cipher_testvec des_ctr_tv_template[] = {
{ /* Generated with Crypto++ */
.key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
.klen = 8,
.iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -6097,8 +5883,7 @@ static const struct cipher_testvec des_ctr_enc_tv_template[] = {
"\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
"\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
"\xC6\x2F\xBB\x24\x8D\x19\x82\xEB",
- .ilen = 248,
- .result = "\x2F\x96\x06\x0F\x50\xC9\x68\x03"
+ .ctext = "\x2F\x96\x06\x0F\x50\xC9\x68\x03"
"\x0F\x31\xD4\x64\xA5\x29\x77\x35"
"\xBC\x7A\x9F\x19\xE7\x0D\x33\x3E"
"\x12\x0B\x8C\xAE\x48\xAE\xD9\x02"
@@ -6129,7 +5914,7 @@ static const struct cipher_testvec des_ctr_enc_tv_template[] = {
"\x5C\xC4\x15\xC9\x9A\x21\xC5\xCD"
"\x19\x7F\x99\x19\x53\xCE\x1D\x14"
"\x69\x74\xA1\x06\x46\x0F\x4E\x75",
- .rlen = 248,
+ .len = 248,
.also_non_np = 1,
.np = 3,
.tap = { 248 - 10, 2, 8 },
@@ -6137,7 +5922,7 @@ static const struct cipher_testvec des_ctr_enc_tv_template[] = {
.key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
.klen = 8,
.iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47",
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -6168,8 +5953,7 @@ static const struct cipher_testvec des_ctr_enc_tv_template[] = {
"\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
"\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
"\xC6\x2F\xBB\x24\x8D\x19\x82",
- .ilen = 247,
- .result = "\x62\xE5\xF4\xDC\x99\xE7\x89\xE3"
+ .ctext = "\x62\xE5\xF4\xDC\x99\xE7\x89\xE3"
"\xF4\x10\xCC\x21\x99\xEB\xDC\x15"
"\x19\x13\x93\x27\x9D\xB6\x6F\x45"
"\x17\x55\x61\x72\xC8\xD3\x7F\xA5"
@@ -6200,193 +5984,44 @@ static const struct cipher_testvec des_ctr_enc_tv_template[] = {
"\xDF\x85\x2D\xE1\xB2\xD6\xAB\x94"
"\xA5\xA6\xE7\xB0\x51\x36\x52\x37"
"\x91\x45\x05\x3E\x58\xBF\x32",
- .rlen = 247,
- .also_non_np = 1,
- .np = 2,
- .tap = { 247 - 8, 8 },
- },
-};
-
-static const struct cipher_testvec des_ctr_dec_tv_template[] = {
- { /* Generated with Crypto++ */
- .key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
- .klen = 8,
- .iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x2F\x96\x06\x0F\x50\xC9\x68\x03"
- "\x0F\x31\xD4\x64\xA5\x29\x77\x35"
- "\xBC\x7A\x9F\x19\xE7\x0D\x33\x3E"
- "\x12\x0B\x8C\xAE\x48\xAE\xD9\x02"
- "\x0A\xD4\xB0\xD6\x37\xB2\x65\x1C"
- "\x4B\x65\xEB\x24\xB5\x8E\xAD\x47"
- "\x0D\xDA\x79\x77\xA0\x29\xA0\x2B"
- "\xC8\x0F\x85\xDC\x03\x13\xA9\x04"
- "\x19\x40\xBE\xBE\x5C\x49\x4A\x69"
- "\xED\xE8\xE1\x9E\x14\x43\x74\xDE"
- "\xEC\x6E\x11\x3F\x36\xEF\x7B\xFB"
- "\xBE\x4C\x91\x43\x22\x65\x72\x48"
- "\xE2\x12\xED\x88\xAC\xA7\xC9\x91"
- "\x14\xA2\x36\x1C\x29\xFF\xC8\x4F"
- "\x72\x5C\x4B\xB0\x1E\x93\xC2\xFA"
- "\x9D\x53\x86\xA0\xAE\xC6\xB7\x3C"
- "\x59\x0C\xD0\x8F\xA6\xD8\xA4\x31"
- "\xB7\x30\x1C\x21\x38\xFB\x68\x8C"
- "\x2E\xF5\x6E\x73\xC3\x16\x5F\x12"
- "\x0C\x33\xB9\x1E\x7B\x70\xDE\x86"
- "\x32\xB3\xC1\x16\xAB\xD9\x49\x0B"
- "\x96\x28\x72\x6B\xF3\x30\xA9\xEB"
- "\x69\xE2\x1E\x58\x46\xA2\x8E\xC7"
- "\xC0\xEF\x07\xB7\x77\x2C\x00\x05"
- "\x46\xBD\xFE\x53\x81\x8B\xA4\x03"
- "\x20\x0F\xDB\x78\x0B\x1F\x53\x04"
- "\x4C\x60\x4C\xC3\x2A\x86\x86\x7E"
- "\x13\xD2\x26\xED\x5D\x3E\x9C\xF2"
- "\x5C\xC4\x15\xC9\x9A\x21\xC5\xCD"
- "\x19\x7F\x99\x19\x53\xCE\x1D\x14"
- "\x69\x74\xA1\x06\x46\x0F\x4E\x75",
- .ilen = 248,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82\xEB",
- .rlen = 248,
- .also_non_np = 1,
- .np = 3,
- .tap = { 248 - 10, 2, 8 },
- }, { /* Generated with Crypto++ */
- .key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55",
- .klen = 8,
- .iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47",
- .input = "\x62\xE5\xF4\xDC\x99\xE7\x89\xE3"
- "\xF4\x10\xCC\x21\x99\xEB\xDC\x15"
- "\x19\x13\x93\x27\x9D\xB6\x6F\x45"
- "\x17\x55\x61\x72\xC8\xD3\x7F\xA5"
- "\x32\xD0\xD3\x02\x15\xA4\x05\x23"
- "\x9C\x23\x61\x60\x77\x7B\x6C\x95"
- "\x26\x49\x42\x2E\xF3\xC1\x8C\x6D"
- "\xC8\x47\xD5\x94\xE7\x53\xC8\x23"
- "\x1B\xA5\x0B\xCB\x12\xD3\x7A\x12"
- "\xA4\x42\x15\x34\xF7\x5F\xDC\x58"
- "\x5B\x58\x4C\xAD\xD1\x33\x8E\xE6"
- "\xE5\xA0\xDA\x4D\x94\x3D\x63\xA8"
- "\x02\x82\xBB\x16\xB8\xDC\xB5\x58"
- "\xC3\x2D\x79\xE4\x25\x79\x43\xF9"
- "\x6D\xD3\xCA\xC0\xE8\x12\xD4\x7E"
- "\x04\x25\x79\xFD\x27\xFB\xC4\xEA"
- "\x32\x94\x48\x92\xF3\x68\x1A\x7F"
- "\x36\x33\x43\x79\xF7\xCA\xC2\x38"
- "\xC0\x68\xD4\x53\xA9\xCC\x43\x0C"
- "\x40\x57\x3E\xED\x00\x9F\x22\x6E"
- "\x80\x99\x0B\xCC\x40\x63\x46\x8A"
- "\xE8\xC4\x9B\x6D\x7A\x08\x6E\xA9"
- "\x6F\x84\xBC\xB3\xF4\x95\x0B\x2D"
- "\x6A\xBA\x37\x50\xC3\xCF\x9F\x7C"
- "\x59\x5E\xDE\x0B\x30\xFA\x34\x8A"
- "\xF8\xD1\xA2\xF8\x4E\xBD\x5D\x5E"
- "\x7D\x71\x99\xE0\xF6\xE5\x7C\xE0"
- "\x6D\xEE\x82\x89\x92\xD4\xF5\xD7"
- "\xDF\x85\x2D\xE1\xB2\xD6\xAB\x94"
- "\xA5\xA6\xE7\xB0\x51\x36\x52\x37"
- "\x91\x45\x05\x3E\x58\xBF\x32",
- .ilen = 247,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82",
- .rlen = 247,
+ .len = 247,
.also_non_np = 1,
.np = 2,
.tap = { 247 - 8, 8 },
},
};
-static const struct cipher_testvec des3_ede_enc_tv_template[] = {
+static const struct cipher_testvec des3_ede_tv_template[] = {
{ /* These are from openssl */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\x55\x55\x55\x55\x55\x55\x55\x55"
"\xfe\xdc\xba\x98\x76\x54\x32\x10",
.klen = 24,
- .input = "\x73\x6f\x6d\x65\x64\x61\x74\x61",
- .ilen = 8,
- .result = "\x18\xd7\x48\xe5\x63\x62\x05\x72",
- .rlen = 8,
+ .ptext = "\x73\x6f\x6d\x65\x64\x61\x74\x61",
+ .ctext = "\x18\xd7\x48\xe5\x63\x62\x05\x72",
+ .len = 8,
}, {
.key = "\x03\x52\x02\x07\x67\x20\x82\x17"
"\x86\x02\x87\x66\x59\x08\x21\x98"
"\x64\x05\x6a\xbd\xfe\xa9\x34\x57",
.klen = 24,
- .input = "\x73\x71\x75\x69\x67\x67\x6c\x65",
- .ilen = 8,
- .result = "\xc0\x7d\x2a\x0f\xa5\x66\xfa\x30",
- .rlen = 8,
+ .ptext = "\x73\x71\x75\x69\x67\x67\x6c\x65",
+ .ctext = "\xc0\x7d\x2a\x0f\xa5\x66\xfa\x30",
+ .len = 8,
}, {
.key = "\x10\x46\x10\x34\x89\x98\x80\x20"
"\x91\x07\xd0\x15\x89\x19\x01\x01"
"\x19\x07\x92\x10\x98\x1a\x01\x01",
.klen = 24,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 8,
- .result = "\xe1\xef\x62\xc3\x32\xfe\x82\x5b",
- .rlen = 8,
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ctext = "\xe1\xef\x62\xc3\x32\xfe\x82\x5b",
+ .len = 8,
}, { /* Generated with Crypto++ */
.key = "\xF3\x9C\xD6\xF3\x9C\xB9\x5A\x67"
"\x00\x5A\x67\x00\x2D\xCE\xEB\x2D"
"\xCE\xEB\xB4\x51\x72\xB4\x51\x72",
.klen = 24,
- .input = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
+ .ptext = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
"\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
"\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
"\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
@@ -6448,8 +6083,7 @@ static const struct cipher_testvec des3_ede_enc_tv_template[] = {
"\xFB\x42\xF6\x59\x20\x54\x3F\x86"
"\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
"\xB8\x03\xEA\x7D\xE1\x48\xD3\x47",
- .ilen = 496,
- .result = "\x4E\x9A\x40\x3D\x61\x7D\x17\xFA"
+ .ctext = "\x4E\x9A\x40\x3D\x61\x7D\x17\xFA"
"\x16\x86\x88\x0B\xD8\xAE\xF8\xE4"
"\x81\x01\x04\x00\x76\xFA\xED\xD3"
"\x44\x7E\x21\x9D\xF0\xFB\x2B\x64"
@@ -6511,186 +6145,21 @@ static const struct cipher_testvec des3_ede_enc_tv_template[] = {
"\x12\xE1\x71\x4A\xF9\x2A\xF5\xF6"
"\x93\x03\xD7\x51\x09\xFA\xBE\x68"
"\xD8\x45\xFF\x33\xBA\xBB\x2B\x63",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec des3_ede_dec_tv_template[] = {
- { /* These are from openssl */
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\x55\x55\x55\x55\x55\x55\x55\x55"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .klen = 24,
- .input = "\x18\xd7\x48\xe5\x63\x62\x05\x72",
- .ilen = 8,
- .result = "\x73\x6f\x6d\x65\x64\x61\x74\x61",
- .rlen = 8,
- }, {
- .key = "\x03\x52\x02\x07\x67\x20\x82\x17"
- "\x86\x02\x87\x66\x59\x08\x21\x98"
- "\x64\x05\x6a\xbd\xfe\xa9\x34\x57",
- .klen = 24,
- .input = "\xc0\x7d\x2a\x0f\xa5\x66\xfa\x30",
- .ilen = 8,
- .result = "\x73\x71\x75\x69\x67\x67\x6c\x65",
- .rlen = 8,
- }, {
- .key = "\x10\x46\x10\x34\x89\x98\x80\x20"
- "\x91\x07\xd0\x15\x89\x19\x01\x01"
- "\x19\x07\x92\x10\x98\x1a\x01\x01",
- .klen = 24,
- .input = "\xe1\xef\x62\xc3\x32\xfe\x82\x5b",
- .ilen = 8,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 8,
- }, { /* Generated with Crypto++ */
- .key = "\xF3\x9C\xD6\xF3\x9C\xB9\x5A\x67"
- "\x00\x5A\x67\x00\x2D\xCE\xEB\x2D"
- "\xCE\xEB\xB4\x51\x72\xB4\x51\x72",
- .klen = 24,
- .input = "\x4E\x9A\x40\x3D\x61\x7D\x17\xFA"
- "\x16\x86\x88\x0B\xD8\xAE\xF8\xE4"
- "\x81\x01\x04\x00\x76\xFA\xED\xD3"
- "\x44\x7E\x21\x9D\xF0\xFB\x2B\x64"
- "\xCA\x4E\x90\xE0\xC0\x63\x28\x92"
- "\xF3\x1F\xA4\x53\x2C\x77\xCC\x77"
- "\x69\x56\xD0\x19\xAD\x00\x2D\x97"
- "\xBC\xDE\x49\x6A\x82\xBC\x16\xE2"
- "\x2F\x3E\x72\xEE\xD1\xCE\xFC\x1B"
- "\xEA\x32\x56\xE4\x0B\xAF\x27\x36"
- "\xAF\x08\xB9\x61\xB7\x48\x23\x27"
- "\xEE\x4D\xC8\x79\x56\x06\xEB\xC7"
- "\x5B\xCA\x0A\xC6\x5E\x5C\xCB\xB6"
- "\x9D\xDA\x04\x59\xE2\x09\x48\x7E"
- "\x6B\x37\xC6\xFE\x92\xA9\x1E\x6E"
- "\x0D\x19\xFA\x33\x0F\xEE\x36\x68"
- "\x11\xBB\xF9\x5A\x73\xAB\x3A\xEA"
- "\xAC\x28\xD8\xD5\x27\xE8\x6B\x16"
- "\x45\x86\x50\x01\x70\x35\x99\x92"
- "\xDF\x0C\x07\x88\x8B\x7F\x9E\x4B"
- "\xD2\x04\x84\x90\xC4\x27\xDF\x0A"
- "\x49\xA8\xA7\x1A\x6D\x78\x16\xCA"
- "\xB3\x18\x5C\xC3\x93\x63\x5A\x68"
- "\x77\x02\xBA\xED\x62\x71\xB1\xD9"
- "\x5E\xE5\x6F\x1A\xCC\x1D\xBE\x2E"
- "\x11\xF3\xA6\x97\xCA\x8E\xBF\xB4"
- "\x56\xA1\x36\x6B\xB1\x0A\x3E\x70"
- "\xEA\xD7\xCD\x72\x7B\x79\xC8\xAD"
- "\x6B\xFE\xFB\xBA\x64\xAE\x19\xC1"
- "\x82\xCF\x8A\xA1\x50\x17\x7F\xB2"
- "\x6F\x7B\x0F\x52\xC5\x3E\x4A\x52"
- "\x3F\xD9\x3F\x01\xA6\x41\x1A\xB3"
- "\xB3\x7A\x0E\x8E\x75\xB2\xB1\x5F"
- "\xDB\xEA\x84\x13\x26\x6C\x85\x4E"
- "\xAE\x6B\xDC\xE7\xE7\xAD\xB0\x06"
- "\x5C\xBA\x92\xD0\x30\xBB\x8D\xD2"
- "\xAE\x4C\x70\x85\xA0\x07\xE3\x2C"
- "\xD1\x27\x9C\xCF\xDB\x13\xB7\xE5"
- "\xF9\x6A\x02\xD0\x39\x9D\xB6\xE7"
- "\xD1\x17\x25\x08\xF9\xA9\xA6\x67"
- "\x38\x80\xD1\x22\xAB\x1A\xD7\x26"
- "\xAD\xCA\x19\x1B\xFA\x18\xA7\x57"
- "\x31\xEC\xC9\xED\xDB\x79\xC0\x48"
- "\xAC\x31\x9F\x03\x8B\x62\x5B\x7E"
- "\x0E\xA6\xD0\x64\xEE\xEA\x00\xFC"
- "\x58\xC8\xDE\x51\x4E\x17\x15\x11"
- "\x66\x58\xB6\x90\xDC\xDF\xA1\x49"
- "\xCA\x79\xE9\x31\x31\x42\xDC\x56"
- "\x0B\xCD\xB6\x0D\xC7\x64\xF7\x19"
- "\xD9\x42\x05\x7F\xBC\x2F\xFC\x90"
- "\xAE\x29\x86\xAA\x43\x7A\x4F\x6B"
- "\xCE\xEA\xBC\x31\x8D\x65\x9D\x46"
- "\xEA\x77\xB4\xF9\x58\xEA\x5D\x84"
- "\xE4\xDC\x14\xBB\xBD\x15\x0E\xDA"
- "\xD8\xE4\xA4\x5D\x61\xF9\x58\x0F"
- "\xE4\x82\x77\xCE\x87\xC0\x09\xF0"
- "\xD6\x10\x9E\x34\xE1\x0C\x67\x55"
- "\x7B\x6D\xD5\x51\x4B\x00\xEE\xBA"
- "\xF2\x7B\xBE\x75\x07\x42\x9D\x99"
- "\x12\xE1\x71\x4A\xF9\x2A\xF5\xF6"
- "\x93\x03\xD7\x51\x09\xFA\xBE\x68"
- "\xD8\x45\xFF\x33\xBA\xBB\x2B\x63",
- .ilen = 496,
- .result = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
- "\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
- "\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
- "\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
- "\xFE\x41\x28\x5C\x27\x8E\x11\x85"
- "\x6C\xF7\x5E\xC2\x55\x3C\xA0\x0B"
- "\x92\x65\xE9\x70\xDB\x4F\xD6\xB9"
- "\x00\xB4\x1F\xE6\x49\xFD\x44\x2F"
- "\x53\x3A\x8D\x14\x98\x63\xCA\x5D"
- "\xC1\xA8\x33\xA7\x0E\x91\x78\xEC"
- "\x77\xDE\x42\xD5\xBC\x07\x8B\x12"
- "\xE5\x4C\xF0\x5B\x22\x56\x39\x80"
- "\x6B\x9F\x66\xC9\x50\xC4\xAF\x36"
- "\xBA\x0D\x94\x7F\xE3\x4A\xDD\x41"
- "\x28\xB3\x1A\x8E\x11\xF8\x43\xF7"
- "\x5E\x21\x55\x3C\x87\x6E\x92\x65"
- "\xCC\x57\xDB\xA2\x35\xB9\x00\xEB"
- "\x72\xE6\x49\xD0\x44\x2F\xB6\x19"
- "\x8D\x14\xFF\x46\xCA\x5D\x24\xA8"
- "\x33\x9A\x6D\x91\x78\xC3\x77\xDE"
- "\xA1\x08\xBC\x07\xEE\x71\xE5\x4C"
- "\xD7\x5B\x22\xB5\x1C\x80\x6B\xF2"
- "\x45\xC9\x50\x3B\xAF\x36\x99\x60"
- "\x94\x7F\xC6\x4A\xDD\xA4\x0F\xB3"
- "\x1A\xED\x74\xF8\x43\x2A\x5E\x21"
- "\x88\x13\x87\x6E\xF1\x58\xCC\x57"
- "\x3E\xA2\x35\x9C\x67\xEB\x72\xC5"
- "\x49\xD0\xBB\x02\xB6\x19\xE0\x4B"
- "\xFF\x46\x29\x5D\x24\x8F\x16\x9A"
- "\x6D\xF4\x5F\xC3\xAA\x3D\xA1\x08"
- "\x93\x7A\xEE\x71\xD8\x4C\xD7\xBE"
- "\x01\xB5\x1C\xE7\x4E\xF2\x45\x2C"
- "\x50\x3B\x82\x15\x99\x60\xCB\x52"
- "\xC6\xA9\x30\xA4\x0F\x96\x79\xED"
- "\x74\xDF\x43\x2A\xBD\x04\x88\x13"
- "\xFA\x4D\xF1\x58\x23\x57\x3E\x81"
- "\x68\x9C\x67\xCE\x51\xC5\xAC\x37"
- "\xBB\x02\x95\x7C\xE0\x4B\xD2\x46"
- "\x29\xB0\x1B\x8F\x16\xF9\x40\xF4"
- "\x5F\x26\xAA\x3D\x84\x6F\x93\x7A"
- "\xCD\x54\xD8\xA3\x0A\xBE\x01\xE8"
- "\x73\xE7\x4E\xD1\x45\x2C\xB7\x1E"
- "\x82\x15\xFC\x47\xCB\x52\x25\xA9"
- "\x30\x9B\x62\x96\x79\xC0\x74\xDF"
- "\xA6\x09\xBD\x04\xEF\x76\xFA\x4D"
- "\xD4\x58\x23\x8A\x1D\x81\x68\xF3"
- "\x5A\xCE\x51\x38\xAC\x37\x9E\x61"
- "\x95\x7C\xC7\x4B\xD2\xA5\x0C\xB0"
- "\x1B\xE2\x75\xF9\x40\x2B\x5F\x26"
- "\x89\x10\x84\x6F\xF6\x59\xCD\x54"
- "\x3F\xA3\x0A\x9D\x64\xE8\x73\xDA"
- "\x4E\xD1\xB8\x03\xB7\x1E\xE1\x48"
- "\xFC\x47\x2E\x52\x25\x8C\x17\x9B"
- "\x62\xF5\x5C\xC0\xAB\x32\xA6\x09"
- "\x90\x7B\xEF\x76\xD9\x4D\xD4\xBF"
- "\x06\x8A\x1D\xE4\x4F\xF3\x5A\x2D"
- "\x51\x38\x83\x6A\x9E\x61\xC8\x53"
- "\xC7\xAE\x31\xA5\x0C\x97\x7E\xE2"
- "\x75\xDC\x40\x2B\xB2\x05\x89\x10"
- "\xFB\x42\xF6\x59\x20\x54\x3F\x86"
- "\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
- "\xB8\x03\xEA\x7D\xE1\x48\xD3\x47",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
+static const struct cipher_testvec des3_ede_cbc_tv_template[] = {
{ /* Generated from openssl */
.key = "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
"\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
"\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
.klen = 24,
.iv = "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
- .input = "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
+ .ptext = "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
"\x53\x20\x63\x65\x65\x72\x73\x74"
"\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
"\x20\x79\x65\x53\x72\x63\x74\x65"
@@ -6706,8 +6175,7 @@ static const struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
"\x20\x6f\x61\x4d\x79\x6e\x53\x20"
"\x63\x65\x65\x72\x73\x74\x54\x20"
"\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
- .ilen = 128,
- .result = "\x0e\x2d\xb6\x97\x3c\x56\x33\xf4"
+ .ctext = "\x0e\x2d\xb6\x97\x3c\x56\x33\xf4"
"\x67\x17\x21\xc7\x6e\x8a\xd5\x49"
"\x74\xb3\x49\x05\xc5\x1c\xd0\xed"
"\x12\x56\x5c\x53\x96\xb6\x00\x7d"
@@ -6723,7 +6191,7 @@ static const struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
"\xd6\xbc\x5a\xd3\x2d\x54\x43\xcc"
"\x9d\xde\xa5\x70\xe9\x42\x45\x8a"
"\x6b\xfa\xb1\x91\x13\xb0\xd9\x19",
- .rlen = 128,
+ .len = 128,
}, { /* Generated with Crypto++ */
.key = "\x9C\xD6\xF3\x9C\xB9\x5A\x67\x00"
"\x5A\x67\x00\x2D\xCE\xEB\x2D\xCE"
@@ -6731,7 +6199,7 @@ static const struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
.klen = 24,
.iv = "\xB2\xD7\x48\xED\x06\x44\xF9\x12"
"\xB7\x28\x4D\x83\x24\x59\xF2\x17",
- .input = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
+ .ptext = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
"\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
"\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
"\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
@@ -6793,125 +6261,7 @@ static const struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
"\xFB\x42\xF6\x59\x20\x54\x3F\x86"
"\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
"\xB8\x03\xEA\x7D\xE1\x48\xD3\x47",
- .ilen = 496,
- .result = "\xF8\xF6\xB5\x60\x5C\x5A\x75\x84"
- "\x87\x81\x53\xBA\xC9\x6F\xEC\xD5"
- "\x1E\x68\x8E\x85\x12\x86\x1D\x38"
- "\x1C\x91\x40\xCC\x69\x6A\xD5\x35"
- "\x0D\x7C\xB5\x07\x7C\x7B\x2A\xAF"
- "\x32\xBC\xA1\xB3\x84\x31\x1B\x3C"
- "\x0A\x2B\xFA\xD3\x9F\xB0\x8C\x37"
- "\x8F\x9D\xA7\x6D\x6C\xFA\xD7\x90"
- "\xE3\x69\x54\xED\x3A\xC4\xF1\x6B"
- "\xB1\xCC\xFB\x7D\xD8\x8E\x17\x0B"
- "\x9C\xF6\x4C\xD6\xFF\x03\x4E\xD9"
- "\xE6\xA5\xAD\x25\xE6\x17\x69\x63"
- "\x11\x35\x61\x94\x88\x7B\x1C\x48"
- "\xF1\x24\x20\x29\x6B\x93\x1A\x8E"
- "\x43\x03\x89\xD8\xB1\xDA\x47\x7B"
- "\x79\x3A\x83\x76\xDA\xAE\xC6\xBB"
- "\x22\xF8\xE8\x3D\x9A\x65\x54\xD8"
- "\x4C\xE9\xE7\xE4\x63\x2F\x5C\x73"
- "\x5A\xC3\xAE\x46\xA8\xCD\x57\xE6"
- "\x67\x88\xA5\x20\x6F\x5F\x97\xC7"
- "\xCC\x15\xA2\x0A\x93\xEA\x33\xE7"
- "\x03\x5F\xEC\x64\x30\x6F\xEE\xD7"
- "\x7E\xDF\xD6\xE9\x6F\x3F\xD6\x1E"
- "\xBE\x67\x6C\x5B\x97\xA0\x09\xE6"
- "\xEE\xFE\x55\xA3\x29\x65\xE0\x12"
- "\xA1\x6A\x8A\x6F\xF2\xE6\xF1\x96"
- "\x87\xFB\x9C\x05\xDD\x80\xEC\xFF"
- "\xC5\xED\x50\xFE\xFC\x91\xCD\xCE"
- "\x25\x2C\x5F\xD9\xAD\x95\x7D\x99"
- "\xF0\x05\xC4\x71\x46\x5F\xF9\x0D"
- "\xD2\x63\xDF\x9B\x96\x2E\x2B\xA6"
- "\x2B\x1C\xD5\xFB\x96\x24\x60\x60"
- "\x54\x40\xB8\x62\xA4\xF8\x46\x95"
- "\x73\x28\xA3\xA6\x16\x2B\x17\xE7"
- "\x7A\xF8\x62\x54\x3B\x64\x69\xE1"
- "\x71\x34\x29\x5B\x4E\x05\x9B\xFA"
- "\x5E\xF1\x96\xB7\xCE\x16\x9B\x59"
- "\xF1\x1A\x4C\x51\x26\xFD\x79\xE2"
- "\x3B\x8E\x71\x69\x6A\x91\xB6\x65"
- "\x32\x09\xB8\xE4\x09\x1F\xEA\x39"
- "\xCE\x20\x65\x9F\xD6\xD1\xC7\xF0"
- "\x73\x50\x08\x56\x20\x9B\x94\x23"
- "\x14\x39\xB7\x2B\xB1\x2D\x6D\x6F"
- "\x41\x5B\xCC\xE2\x18\xAE\x62\x89"
- "\x78\x8E\x67\x23\xD0\xFB\x2B\xE5"
- "\x25\xC9\x48\x97\xB5\xD3\x17\xD5"
- "\x6A\x9F\xA7\x48\x0C\x2B\x73\x3B"
- "\x57\x08\xAE\x91\xF2\xB7\x57\x89"
- "\xF4\xD0\xB0\x07\xB0\x42\x6C\xAF"
- "\x98\x1A\xE7\xD1\xAC\x1E\xB5\x02"
- "\xD4\x56\x42\x79\x79\x7F\x2A\x77"
- "\x25\xE9\x7D\xC1\x88\x19\x2B\x49"
- "\x6F\x46\x59\xAB\x56\x1F\x61\xE0"
- "\x0C\x24\x9C\xC9\x5B\x63\xA9\x12"
- "\xCF\x88\x96\xB6\xA8\x24\xC6\xA8"
- "\x21\x85\x1A\x62\x7E\x34\xBB\xEB"
- "\xBD\x02\x2A\xC7\xD8\x89\x80\xC5"
- "\xB1\xBB\x60\xA5\x22\xFC\x6F\x38"
- "\x02\x80\xA3\x28\x22\x75\xE1\xE9"
- "\x90\xE9\xFA\x4B\x00\x10\xAC\x58"
- "\x83\x70\xFF\x86\xE6\xAA\x0F\x1F"
- "\x95\x63\x73\xA2\x44\xAC\xF8\xA5",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec des3_ede_cbc_dec_tv_template[] = {
- { /* Generated from openssl */
- .key = "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
- "\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
- "\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
- .klen = 24,
- .iv = "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
- .input = "\x0e\x2d\xb6\x97\x3c\x56\x33\xf4"
- "\x67\x17\x21\xc7\x6e\x8a\xd5\x49"
- "\x74\xb3\x49\x05\xc5\x1c\xd0\xed"
- "\x12\x56\x5c\x53\x96\xb6\x00\x7d"
- "\x90\x48\xfc\xf5\x8d\x29\x39\xcc"
- "\x8a\xd5\x35\x18\x36\x23\x4e\xd7"
- "\x76\xd1\xda\x0c\x94\x67\xbb\x04"
- "\x8b\xf2\x03\x6c\xa8\xcf\xb6\xea"
- "\x22\x64\x47\xaa\x8f\x75\x13\xbf"
- "\x9f\xc2\xc3\xf0\xc9\x56\xc5\x7a"
- "\x71\x63\x2e\x89\x7b\x1e\x12\xca"
- "\xe2\x5f\xaf\xd8\xa4\xf8\xc9\x7a"
- "\xd6\xf9\x21\x31\x62\x44\x45\xa6"
- "\xd6\xbc\x5a\xd3\x2d\x54\x43\xcc"
- "\x9d\xde\xa5\x70\xe9\x42\x45\x8a"
- "\x6b\xfa\xb1\x91\x13\xb0\xd9\x19",
- .ilen = 128,
- .result = "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
- "\x53\x20\x63\x65\x65\x72\x73\x74"
- "\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
- "\x20\x79\x65\x53\x72\x63\x74\x65"
- "\x20\x73\x6f\x54\x20\x6f\x61\x4d"
- "\x79\x6e\x53\x20\x63\x65\x65\x72"
- "\x73\x74\x54\x20\x6f\x6f\x4d\x20"
- "\x6e\x61\x20\x79\x65\x53\x72\x63"
- "\x74\x65\x20\x73\x6f\x54\x20\x6f"
- "\x61\x4d\x79\x6e\x53\x20\x63\x65"
- "\x65\x72\x73\x74\x54\x20\x6f\x6f"
- "\x4d\x20\x6e\x61\x20\x79\x65\x53"
- "\x72\x63\x74\x65\x20\x73\x6f\x54"
- "\x20\x6f\x61\x4d\x79\x6e\x53\x20"
- "\x63\x65\x65\x72\x73\x74\x54\x20"
- "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
- .rlen = 128,
- }, { /* Generated with Crypto++ */
- .key = "\x9C\xD6\xF3\x9C\xB9\x5A\x67\x00"
- "\x5A\x67\x00\x2D\xCE\xEB\x2D\xCE"
- "\xEB\xB4\x51\x72\xB4\x51\x72\x1F",
- .klen = 24,
- .iv = "\xB2\xD7\x48\xED\x06\x44\xF9\x12"
- "\xB7\x28\x4D\x83\x24\x59\xF2\x17",
- .input = "\xF8\xF6\xB5\x60\x5C\x5A\x75\x84"
+ .ctext = "\xF8\xF6\xB5\x60\x5C\x5A\x75\x84"
"\x87\x81\x53\xBA\xC9\x6F\xEC\xD5"
"\x1E\x68\x8E\x85\x12\x86\x1D\x38"
"\x1C\x91\x40\xCC\x69\x6A\xD5\x35"
@@ -6973,77 +6323,14 @@ static const struct cipher_testvec des3_ede_cbc_dec_tv_template[] = {
"\x90\xE9\xFA\x4B\x00\x10\xAC\x58"
"\x83\x70\xFF\x86\xE6\xAA\x0F\x1F"
"\x95\x63\x73\xA2\x44\xAC\xF8\xA5",
- .ilen = 496,
- .result = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
- "\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
- "\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
- "\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
- "\xFE\x41\x28\x5C\x27\x8E\x11\x85"
- "\x6C\xF7\x5E\xC2\x55\x3C\xA0\x0B"
- "\x92\x65\xE9\x70\xDB\x4F\xD6\xB9"
- "\x00\xB4\x1F\xE6\x49\xFD\x44\x2F"
- "\x53\x3A\x8D\x14\x98\x63\xCA\x5D"
- "\xC1\xA8\x33\xA7\x0E\x91\x78\xEC"
- "\x77\xDE\x42\xD5\xBC\x07\x8B\x12"
- "\xE5\x4C\xF0\x5B\x22\x56\x39\x80"
- "\x6B\x9F\x66\xC9\x50\xC4\xAF\x36"
- "\xBA\x0D\x94\x7F\xE3\x4A\xDD\x41"
- "\x28\xB3\x1A\x8E\x11\xF8\x43\xF7"
- "\x5E\x21\x55\x3C\x87\x6E\x92\x65"
- "\xCC\x57\xDB\xA2\x35\xB9\x00\xEB"
- "\x72\xE6\x49\xD0\x44\x2F\xB6\x19"
- "\x8D\x14\xFF\x46\xCA\x5D\x24\xA8"
- "\x33\x9A\x6D\x91\x78\xC3\x77\xDE"
- "\xA1\x08\xBC\x07\xEE\x71\xE5\x4C"
- "\xD7\x5B\x22\xB5\x1C\x80\x6B\xF2"
- "\x45\xC9\x50\x3B\xAF\x36\x99\x60"
- "\x94\x7F\xC6\x4A\xDD\xA4\x0F\xB3"
- "\x1A\xED\x74\xF8\x43\x2A\x5E\x21"
- "\x88\x13\x87\x6E\xF1\x58\xCC\x57"
- "\x3E\xA2\x35\x9C\x67\xEB\x72\xC5"
- "\x49\xD0\xBB\x02\xB6\x19\xE0\x4B"
- "\xFF\x46\x29\x5D\x24\x8F\x16\x9A"
- "\x6D\xF4\x5F\xC3\xAA\x3D\xA1\x08"
- "\x93\x7A\xEE\x71\xD8\x4C\xD7\xBE"
- "\x01\xB5\x1C\xE7\x4E\xF2\x45\x2C"
- "\x50\x3B\x82\x15\x99\x60\xCB\x52"
- "\xC6\xA9\x30\xA4\x0F\x96\x79\xED"
- "\x74\xDF\x43\x2A\xBD\x04\x88\x13"
- "\xFA\x4D\xF1\x58\x23\x57\x3E\x81"
- "\x68\x9C\x67\xCE\x51\xC5\xAC\x37"
- "\xBB\x02\x95\x7C\xE0\x4B\xD2\x46"
- "\x29\xB0\x1B\x8F\x16\xF9\x40\xF4"
- "\x5F\x26\xAA\x3D\x84\x6F\x93\x7A"
- "\xCD\x54\xD8\xA3\x0A\xBE\x01\xE8"
- "\x73\xE7\x4E\xD1\x45\x2C\xB7\x1E"
- "\x82\x15\xFC\x47\xCB\x52\x25\xA9"
- "\x30\x9B\x62\x96\x79\xC0\x74\xDF"
- "\xA6\x09\xBD\x04\xEF\x76\xFA\x4D"
- "\xD4\x58\x23\x8A\x1D\x81\x68\xF3"
- "\x5A\xCE\x51\x38\xAC\x37\x9E\x61"
- "\x95\x7C\xC7\x4B\xD2\xA5\x0C\xB0"
- "\x1B\xE2\x75\xF9\x40\x2B\x5F\x26"
- "\x89\x10\x84\x6F\xF6\x59\xCD\x54"
- "\x3F\xA3\x0A\x9D\x64\xE8\x73\xDA"
- "\x4E\xD1\xB8\x03\xB7\x1E\xE1\x48"
- "\xFC\x47\x2E\x52\x25\x8C\x17\x9B"
- "\x62\xF5\x5C\xC0\xAB\x32\xA6\x09"
- "\x90\x7B\xEF\x76\xD9\x4D\xD4\xBF"
- "\x06\x8A\x1D\xE4\x4F\xF3\x5A\x2D"
- "\x51\x38\x83\x6A\x9E\x61\xC8\x53"
- "\xC7\xAE\x31\xA5\x0C\x97\x7E\xE2"
- "\x75\xDC\x40\x2B\xB2\x05\x89\x10"
- "\xFB\x42\xF6\x59\x20\x54\x3F\x86"
- "\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
- "\xB8\x03\xEA\x7D\xE1\x48\xD3\x47",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec des3_ede_ctr_enc_tv_template[] = {
+static const struct cipher_testvec des3_ede_ctr_tv_template[] = {
{ /* Generated with Crypto++ */
.key = "\x9C\xD6\xF3\x9C\xB9\x5A\x67\x00"
"\x5A\x67\x00\x2D\xCE\xEB\x2D\xCE"
@@ -7051,7 +6338,7 @@ static const struct cipher_testvec des3_ede_ctr_enc_tv_template[] = {
.klen = 24,
.iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
+ .ptext = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
"\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
"\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
"\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
@@ -7113,8 +6400,7 @@ static const struct cipher_testvec des3_ede_ctr_enc_tv_template[] = {
"\xFB\x42\xF6\x59\x20\x54\x3F\x86"
"\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
"\xB8\x03\xEA\x7D\xE1\x48\xD3\x47",
- .ilen = 496,
- .result = "\x07\xC2\x08\x20\x72\x1F\x49\xEF"
+ .ctext = "\x07\xC2\x08\x20\x72\x1F\x49\xEF"
"\x19\xCD\x6F\x32\x53\x05\x22\x15"
"\xA2\x85\x2B\xDB\x85\xD2\xD8\xB9"
"\xDD\x0D\x1B\x45\xCB\x69\x11\xD4"
@@ -7176,7 +6462,7 @@ static const struct cipher_testvec des3_ede_ctr_enc_tv_template[] = {
"\x46\xB9\x91\xB6\xE7\x3D\x51\x42"
"\xFD\x51\xB0\xC6\x2C\x63\x13\x78"
"\x5C\xEE\xFC\xCF\xC4\x70\x00\x34",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
@@ -7187,7 +6473,7 @@ static const struct cipher_testvec des3_ede_ctr_enc_tv_template[] = {
.klen = 24,
.iv = "\xB2\xD7\x48\xED\x06\x44\xF9\x12"
"\xB7\x28\x4D\x83\x24\x59\xF2\x17",
- .input = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
+ .ptext = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
"\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
"\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
"\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
@@ -7250,222 +6536,7 @@ static const struct cipher_testvec des3_ede_ctr_enc_tv_template[] = {
"\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
"\xB8\x03\xEA\x7D\xE1\x48\xD3\x47"
"\x2E\xB1\x18",
- .ilen = 499,
- .result = "\x23\xFF\x5C\x99\x75\xBB\x1F\xD4"
- "\xBC\x27\x9D\x36\x60\xA9\xC9\xF7"
- "\x94\x9D\x1B\xFF\x8E\x95\x57\x89"
- "\x8C\x2E\x33\x70\x43\x61\xE6\xD2"
- "\x82\x33\x63\xB6\xC4\x34\x5E\xF8"
- "\x96\x07\xA7\xD2\x3B\x8E\xC9\xAA"
- "\x7C\xA0\x55\x89\x2E\xE1\x85\x25"
- "\x14\x04\xDA\x6B\xE0\xEE\x56\xCF"
- "\x08\x2E\x69\xD4\x54\xDE\x22\x84"
- "\x69\xA6\xA7\xD3\x3A\x9A\xE8\x05"
- "\x63\xDB\xBF\x46\x3A\x26\x2E\x0F"
- "\x58\x5C\x46\xEA\x07\x40\xDA\xE1"
- "\x14\x1D\xCD\x4F\x06\xC0\xCA\x54"
- "\x1E\xC9\x45\x85\x67\x7C\xC2\xB5"
- "\x97\x5D\x61\x78\x2E\x46\xEC\x6A"
- "\x53\xF4\xD0\xAE\xFA\xB4\x86\x29"
- "\x9F\x17\x33\x24\xD8\xB9\xB2\x05"
- "\x93\x88\xEA\xF7\xA0\x70\x69\x49"
- "\x88\x6B\x73\x40\x41\x8D\xD9\xD9"
- "\x7E\x78\xE9\xBE\x6C\x14\x22\x7A"
- "\x66\xE1\xDA\xED\x10\xFF\x69\x1D"
- "\xB9\xAA\xF2\x56\x72\x1B\x23\xE2"
- "\x45\x54\x8B\xA3\x70\x23\xB4\x5E"
- "\x8E\x96\xC9\x05\x00\xB3\xB6\xC2"
- "\x2A\x02\x43\x7A\x62\xD5\xC8\xD2"
- "\xC2\xD0\xE4\x78\xA1\x7B\x3E\xE8"
- "\x9F\x7F\x7D\x40\x54\x30\x3B\xC0"
- "\xA5\x54\xFD\xCA\x25\xEC\x44\x3E"
- "\x1A\x54\x7F\x88\xD0\xE1\xFE\x71"
- "\xCE\x05\x49\x89\xBA\xD6\x72\xE7"
- "\xD6\x5D\x3F\xA2\xD9\xAB\xC5\x02"
- "\xD6\x43\x22\xAF\xA2\xE4\x80\x85"
- "\xD7\x87\xB9\xEA\x43\xDB\xC8\xEF"
- "\x5C\x82\x2E\x98\x0D\x30\x41\x6B"
- "\x08\x48\x8D\xF0\xF8\x60\xD7\x9D"
- "\xE9\xDE\x40\xAD\x0D\xAD\x0D\x58"
- "\x2A\x98\x35\xFE\xF7\xDD\x4B\x40"
- "\xDE\xB0\x05\xD9\x7B\x09\x4D\xBC"
- "\x42\xC0\xF1\x15\x0B\xFA\x26\x6B"
- "\xC6\x12\x13\x4F\xCB\x35\xBA\x35"
- "\xDD\x7A\x36\x9C\x12\x57\x55\x83"
- "\x78\x58\x09\xD0\xB0\xCF\x7C\x5C"
- "\x38\xCF\xBD\x79\x5B\x13\x4D\x97"
- "\xC1\x85\x6F\x97\xC9\xE8\xC2\xA4"
- "\x98\xE2\xBD\x77\x6B\x53\x39\x1A"
- "\x28\x10\xE7\xE0\xE7\xDE\x9D\x69"
- "\x78\x6F\x8E\xD2\xD9\x5D\xD2\x15"
- "\x9E\xB5\x4D\x8C\xC0\x78\x22\x2F"
- "\x17\x11\x2E\x99\xD7\xE3\xA4\x4F"
- "\x65\xA5\x6B\x03\x2C\x35\x6F\xDA"
- "\x8A\x19\x08\xE1\x08\x48\x59\x51"
- "\x53\x4B\xD1\xDF\xDA\x14\x50\x5F"
- "\xDF\xB5\x8C\xDF\xC6\xFD\x85\xFA"
- "\xD4\xF9\x64\x45\x65\x0D\x7D\xF4"
- "\xC8\xCD\x3F\x32\xAF\xDD\x30\xED"
- "\x7B\xAA\xAC\xF0\xDA\x7F\xDF\x75"
- "\x1C\xA4\xF1\xCB\x5E\x4F\x0B\xB4"
- "\x97\x73\x28\xDE\xCF\xAF\x82\xBD"
- "\xC4\xBA\xB4\x9C\x0D\x16\x77\x42"
- "\x42\x39\x7C\x53\xA4\xD4\xDD\x40"
- "\x5C\x60\x1F\x6E\xA7\xE2\xDC\xE7"
- "\x32\x0F\x05\x2F\xF2\x4C\x95\x3B"
- "\xF2\x79\xD9",
- .rlen = 499,
- .also_non_np = 1,
- .np = 2,
- .tap = { 499 - 16, 16 },
- },
-};
-
-static const struct cipher_testvec des3_ede_ctr_dec_tv_template[] = {
- { /* Generated with Crypto++ */
- .key = "\x9C\xD6\xF3\x9C\xB9\x5A\x67\x00"
- "\x5A\x67\x00\x2D\xCE\xEB\x2D\xCE"
- "\xEB\xB4\x51\x72\xB4\x51\x72\x1F",
- .klen = 24,
- .iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
- "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x07\xC2\x08\x20\x72\x1F\x49\xEF"
- "\x19\xCD\x6F\x32\x53\x05\x22\x15"
- "\xA2\x85\x2B\xDB\x85\xD2\xD8\xB9"
- "\xDD\x0D\x1B\x45\xCB\x69\x11\xD4"
- "\xEA\xBE\xB2\x45\x5D\x0C\xAE\xBE"
- "\xA0\xC1\x27\xAC\x65\x9F\x53\x7E"
- "\xAF\xC2\x1B\xB5\xB8\x6D\x36\x0C"
- "\x25\xC0\xF8\x6D\x0B\x29\x01\xDA"
- "\x13\x78\xDC\x89\x12\x12\x43\xFA"
- "\xF6\x12\xEF\x8D\x87\x62\x78\x83"
- "\xE2\xBE\x41\x20\x4C\x6D\x35\x1B"
- "\xD1\x0C\x30\xCF\xE2\xDE\x2B\x03"
- "\xBF\x45\x73\xD4\xE5\x59\x95\xD1"
- "\xB3\x9B\x27\x62\x97\xBD\xDE\x7F"
- "\xA4\xD2\x39\x80\xAA\x50\x23\xF0"
- "\x74\x88\x3D\xA8\x6A\x18\x79\x3B"
- "\xC4\x96\x6C\x8D\x22\x40\x92\x6E"
- "\xD6\xAD\x2A\x1F\xDE\x63\xC0\xE7"
- "\x07\xF7\x2D\xF7\xB5\xF3\xF0\xCC"
- "\x01\x7C\x2A\x9B\xC2\x10\xCA\xAA"
- "\xFD\x2B\x3F\xC5\xF3\xF6\xFC\x9B"
- "\x45\xDB\x53\xE4\x5B\xF3\xC9\x7B"
- "\x8E\x52\xFF\xC8\x02\xB8\xAC\x9D"
- "\xA1\x00\x39\xDA\x3D\x2D\x0E\x01"
- "\x09\x7D\x8D\x5E\xBE\x53\xB9\xB0"
- "\x8E\xE7\xE2\x96\x6A\xB2\x78\xEA"
- "\xDE\x23\x8B\xA5\xFA\x5C\xE3\xDA"
- "\xBF\x8E\x31\x6A\x55\xD1\x6A\xB2"
- "\xB5\x46\x6F\xA5\xF0\xEE\xBA\x1F"
- "\x9F\x98\xB0\x66\x4F\xD0\x3F\xA9"
- "\xDF\x5F\x58\xC4\xF4\xFF\x75\x5C"
- "\x40\x3A\x09\x7E\x6E\x1C\x97\xD4"
- "\xCC\xE7\xE7\x71\xCF\x0B\x15\x08"
- "\x71\xFA\x07\x97\xCD\xE6\xCA\x1D"
- "\x14\x28\x0C\xCF\x99\x13\x7A\xF1"
- "\xEB\xFA\xFA\x92\x07\xDE\x1D\xA1"
- "\xD3\x36\x69\xFE\x51\x4D\x9F\x2E"
- "\x83\x37\x4F\x1F\x48\x30\xED\x04"
- "\x4D\xA4\xEF\x3A\xCA\x76\xF4\x1C"
- "\x41\x8F\x63\x37\x78\x2F\x86\xA6"
- "\xEF\x41\x7E\xD2\xAF\x88\xAB\x67"
- "\x52\x71\xC3\x8E\xF8\x26\x93\x72"
- "\xAA\xD6\x0E\xE7\x0B\x46\xB1\x3A"
- "\xB4\x08\xA9\xA8\xA0\xCF\x20\x0C"
- "\x52\xBC\x8B\x05\x56\xB2\xBC\x31"
- "\x9B\x74\xB9\x29\x29\x96\x9A\x50"
- "\xDC\x45\xDC\x1A\xEB\x0C\x64\xD4"
- "\xD3\x05\x7E\x59\x55\xC3\xF4\x90"
- "\xC2\xAB\xF8\x9B\x8A\xDA\xCE\xA1"
- "\xC3\xF4\xAD\x77\xDD\x44\xC8\xAC"
- "\xA3\xF1\xC9\xD2\x19\x5C\xB0\xCA"
- "\xA2\x34\xC1\xF7\x6C\xFD\xAC\x65"
- "\x32\xDC\x48\xC4\xF2\x00\x6B\x77"
- "\xF1\x7D\x76\xAC\xC0\x31\x63\x2A"
- "\xA5\x3A\x62\xC8\x91\xB1\x03\x65"
- "\xCB\x43\xD1\x06\xDF\xC3\x67\xBC"
- "\xDC\xE0\xCD\x35\xCE\x49\x65\xA0"
- "\x52\x7B\xA7\x0D\x07\xA9\x1B\xB0"
- "\x40\x77\x72\xC2\xEA\x0E\x3A\x78"
- "\x46\xB9\x91\xB6\xE7\x3D\x51\x42"
- "\xFD\x51\xB0\xC6\x2C\x63\x13\x78"
- "\x5C\xEE\xFC\xCF\xC4\x70\x00\x34",
- .ilen = 496,
- .result = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
- "\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
- "\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
- "\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
- "\xFE\x41\x28\x5C\x27\x8E\x11\x85"
- "\x6C\xF7\x5E\xC2\x55\x3C\xA0\x0B"
- "\x92\x65\xE9\x70\xDB\x4F\xD6\xB9"
- "\x00\xB4\x1F\xE6\x49\xFD\x44\x2F"
- "\x53\x3A\x8D\x14\x98\x63\xCA\x5D"
- "\xC1\xA8\x33\xA7\x0E\x91\x78\xEC"
- "\x77\xDE\x42\xD5\xBC\x07\x8B\x12"
- "\xE5\x4C\xF0\x5B\x22\x56\x39\x80"
- "\x6B\x9F\x66\xC9\x50\xC4\xAF\x36"
- "\xBA\x0D\x94\x7F\xE3\x4A\xDD\x41"
- "\x28\xB3\x1A\x8E\x11\xF8\x43\xF7"
- "\x5E\x21\x55\x3C\x87\x6E\x92\x65"
- "\xCC\x57\xDB\xA2\x35\xB9\x00\xEB"
- "\x72\xE6\x49\xD0\x44\x2F\xB6\x19"
- "\x8D\x14\xFF\x46\xCA\x5D\x24\xA8"
- "\x33\x9A\x6D\x91\x78\xC3\x77\xDE"
- "\xA1\x08\xBC\x07\xEE\x71\xE5\x4C"
- "\xD7\x5B\x22\xB5\x1C\x80\x6B\xF2"
- "\x45\xC9\x50\x3B\xAF\x36\x99\x60"
- "\x94\x7F\xC6\x4A\xDD\xA4\x0F\xB3"
- "\x1A\xED\x74\xF8\x43\x2A\x5E\x21"
- "\x88\x13\x87\x6E\xF1\x58\xCC\x57"
- "\x3E\xA2\x35\x9C\x67\xEB\x72\xC5"
- "\x49\xD0\xBB\x02\xB6\x19\xE0\x4B"
- "\xFF\x46\x29\x5D\x24\x8F\x16\x9A"
- "\x6D\xF4\x5F\xC3\xAA\x3D\xA1\x08"
- "\x93\x7A\xEE\x71\xD8\x4C\xD7\xBE"
- "\x01\xB5\x1C\xE7\x4E\xF2\x45\x2C"
- "\x50\x3B\x82\x15\x99\x60\xCB\x52"
- "\xC6\xA9\x30\xA4\x0F\x96\x79\xED"
- "\x74\xDF\x43\x2A\xBD\x04\x88\x13"
- "\xFA\x4D\xF1\x58\x23\x57\x3E\x81"
- "\x68\x9C\x67\xCE\x51\xC5\xAC\x37"
- "\xBB\x02\x95\x7C\xE0\x4B\xD2\x46"
- "\x29\xB0\x1B\x8F\x16\xF9\x40\xF4"
- "\x5F\x26\xAA\x3D\x84\x6F\x93\x7A"
- "\xCD\x54\xD8\xA3\x0A\xBE\x01\xE8"
- "\x73\xE7\x4E\xD1\x45\x2C\xB7\x1E"
- "\x82\x15\xFC\x47\xCB\x52\x25\xA9"
- "\x30\x9B\x62\x96\x79\xC0\x74\xDF"
- "\xA6\x09\xBD\x04\xEF\x76\xFA\x4D"
- "\xD4\x58\x23\x8A\x1D\x81\x68\xF3"
- "\x5A\xCE\x51\x38\xAC\x37\x9E\x61"
- "\x95\x7C\xC7\x4B\xD2\xA5\x0C\xB0"
- "\x1B\xE2\x75\xF9\x40\x2B\x5F\x26"
- "\x89\x10\x84\x6F\xF6\x59\xCD\x54"
- "\x3F\xA3\x0A\x9D\x64\xE8\x73\xDA"
- "\x4E\xD1\xB8\x03\xB7\x1E\xE1\x48"
- "\xFC\x47\x2E\x52\x25\x8C\x17\x9B"
- "\x62\xF5\x5C\xC0\xAB\x32\xA6\x09"
- "\x90\x7B\xEF\x76\xD9\x4D\xD4\xBF"
- "\x06\x8A\x1D\xE4\x4F\xF3\x5A\x2D"
- "\x51\x38\x83\x6A\x9E\x61\xC8\x53"
- "\xC7\xAE\x31\xA5\x0C\x97\x7E\xE2"
- "\x75\xDC\x40\x2B\xB2\x05\x89\x10"
- "\xFB\x42\xF6\x59\x20\x54\x3F\x86"
- "\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
- "\xB8\x03\xEA\x7D\xE1\x48\xD3\x47",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- }, { /* Generated with Crypto++ */
- .key = "\x9C\xD6\xF3\x9C\xB9\x5A\x67\x00"
- "\x5A\x67\x00\x2D\xCE\xEB\x2D\xCE"
- "\xEB\xB4\x51\x72\xB4\x51\x72\x1F",
- .klen = 24,
- .iv = "\xB2\xD7\x48\xED\x06\x44\xF9\x12"
- "\xB7\x28\x4D\x83\x24\x59\xF2\x17",
- .input = "\x23\xFF\x5C\x99\x75\xBB\x1F\xD4"
+ .ctext = "\x23\xFF\x5C\x99\x75\xBB\x1F\xD4"
"\xBC\x27\x9D\x36\x60\xA9\xC9\xF7"
"\x94\x9D\x1B\xFF\x8E\x95\x57\x89"
"\x8C\x2E\x33\x70\x43\x61\xE6\xD2"
@@ -7528,71 +6599,7 @@ static const struct cipher_testvec des3_ede_ctr_dec_tv_template[] = {
"\x5C\x60\x1F\x6E\xA7\xE2\xDC\xE7"
"\x32\x0F\x05\x2F\xF2\x4C\x95\x3B"
"\xF2\x79\xD9",
- .ilen = 499,
- .result = "\x05\xEC\x77\xFB\x42\xD5\x59\x20"
- "\x8B\x12\x86\x69\xF0\x5B\xCF\x56"
- "\x39\xAD\x34\x9F\x66\xEA\x7D\xC4"
- "\x48\xD3\xBA\x0D\xB1\x18\xE3\x4A"
- "\xFE\x41\x28\x5C\x27\x8E\x11\x85"
- "\x6C\xF7\x5E\xC2\x55\x3C\xA0\x0B"
- "\x92\x65\xE9\x70\xDB\x4F\xD6\xB9"
- "\x00\xB4\x1F\xE6\x49\xFD\x44\x2F"
- "\x53\x3A\x8D\x14\x98\x63\xCA\x5D"
- "\xC1\xA8\x33\xA7\x0E\x91\x78\xEC"
- "\x77\xDE\x42\xD5\xBC\x07\x8B\x12"
- "\xE5\x4C\xF0\x5B\x22\x56\x39\x80"
- "\x6B\x9F\x66\xC9\x50\xC4\xAF\x36"
- "\xBA\x0D\x94\x7F\xE3\x4A\xDD\x41"
- "\x28\xB3\x1A\x8E\x11\xF8\x43\xF7"
- "\x5E\x21\x55\x3C\x87\x6E\x92\x65"
- "\xCC\x57\xDB\xA2\x35\xB9\x00\xEB"
- "\x72\xE6\x49\xD0\x44\x2F\xB6\x19"
- "\x8D\x14\xFF\x46\xCA\x5D\x24\xA8"
- "\x33\x9A\x6D\x91\x78\xC3\x77\xDE"
- "\xA1\x08\xBC\x07\xEE\x71\xE5\x4C"
- "\xD7\x5B\x22\xB5\x1C\x80\x6B\xF2"
- "\x45\xC9\x50\x3B\xAF\x36\x99\x60"
- "\x94\x7F\xC6\x4A\xDD\xA4\x0F\xB3"
- "\x1A\xED\x74\xF8\x43\x2A\x5E\x21"
- "\x88\x13\x87\x6E\xF1\x58\xCC\x57"
- "\x3E\xA2\x35\x9C\x67\xEB\x72\xC5"
- "\x49\xD0\xBB\x02\xB6\x19\xE0\x4B"
- "\xFF\x46\x29\x5D\x24\x8F\x16\x9A"
- "\x6D\xF4\x5F\xC3\xAA\x3D\xA1\x08"
- "\x93\x7A\xEE\x71\xD8\x4C\xD7\xBE"
- "\x01\xB5\x1C\xE7\x4E\xF2\x45\x2C"
- "\x50\x3B\x82\x15\x99\x60\xCB\x52"
- "\xC6\xA9\x30\xA4\x0F\x96\x79\xED"
- "\x74\xDF\x43\x2A\xBD\x04\x88\x13"
- "\xFA\x4D\xF1\x58\x23\x57\x3E\x81"
- "\x68\x9C\x67\xCE\x51\xC5\xAC\x37"
- "\xBB\x02\x95\x7C\xE0\x4B\xD2\x46"
- "\x29\xB0\x1B\x8F\x16\xF9\x40\xF4"
- "\x5F\x26\xAA\x3D\x84\x6F\x93\x7A"
- "\xCD\x54\xD8\xA3\x0A\xBE\x01\xE8"
- "\x73\xE7\x4E\xD1\x45\x2C\xB7\x1E"
- "\x82\x15\xFC\x47\xCB\x52\x25\xA9"
- "\x30\x9B\x62\x96\x79\xC0\x74\xDF"
- "\xA6\x09\xBD\x04\xEF\x76\xFA\x4D"
- "\xD4\x58\x23\x8A\x1D\x81\x68\xF3"
- "\x5A\xCE\x51\x38\xAC\x37\x9E\x61"
- "\x95\x7C\xC7\x4B\xD2\xA5\x0C\xB0"
- "\x1B\xE2\x75\xF9\x40\x2B\x5F\x26"
- "\x89\x10\x84\x6F\xF6\x59\xCD\x54"
- "\x3F\xA3\x0A\x9D\x64\xE8\x73\xDA"
- "\x4E\xD1\xB8\x03\xB7\x1E\xE1\x48"
- "\xFC\x47\x2E\x52\x25\x8C\x17\x9B"
- "\x62\xF5\x5C\xC0\xAB\x32\xA6\x09"
- "\x90\x7B\xEF\x76\xD9\x4D\xD4\xBF"
- "\x06\x8A\x1D\xE4\x4F\xF3\x5A\x2D"
- "\x51\x38\x83\x6A\x9E\x61\xC8\x53"
- "\xC7\xAE\x31\xA5\x0C\x97\x7E\xE2"
- "\x75\xDC\x40\x2B\xB2\x05\x89\x10"
- "\xFB\x42\xF6\x59\x20\x54\x3F\x86"
- "\x69\x9D\x64\xCF\x56\xDA\xAD\x34"
- "\xB8\x03\xEA\x7D\xE1\x48\xD3\x47"
- "\x2E\xB1\x18",
- .rlen = 499,
+ .len = 499,
.also_non_np = 1,
.np = 2,
.tap = { 499 - 16, 16 },
@@ -7602,45 +6609,40 @@ static const struct cipher_testvec des3_ede_ctr_dec_tv_template[] = {
/*
* Blowfish test vectors.
*/
-static const struct cipher_testvec bf_enc_tv_template[] = {
+static const struct cipher_testvec bf_tv_template[] = {
{ /* DES test vectors from OpenSSL */
.key = "\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 8,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 8,
- .result = "\x4e\xf9\x97\x45\x61\x98\xdd\x78",
- .rlen = 8,
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ctext = "\x4e\xf9\x97\x45\x61\x98\xdd\x78",
+ .len = 8,
}, {
.key = "\x1f\x1f\x1f\x1f\x0e\x0e\x0e\x0e",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .ilen = 8,
- .result = "\xa7\x90\x79\x51\x08\xea\x3c\xae",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ .ctext = "\xa7\x90\x79\x51\x08\xea\x3c\xae",
+ .len = 8,
}, {
.key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
.klen = 8,
- .input = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .ilen = 8,
- .result = "\xe8\x7a\x24\x4e\x2c\xc8\x5e\x82",
- .rlen = 8,
+ .ptext = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
+ .ctext = "\xe8\x7a\x24\x4e\x2c\xc8\x5e\x82",
+ .len = 8,
}, { /* Vary the keylength... */
.key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87"
"\x78\x69\x5a\x4b\x3c\x2d\x1e\x0f",
.klen = 16,
- .input = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .ilen = 8,
- .result = "\x93\x14\x28\x87\xee\x3b\xe1\x5c",
- .rlen = 8,
+ .ptext = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
+ .ctext = "\x93\x14\x28\x87\xee\x3b\xe1\x5c",
+ .len = 8,
}, {
.key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87"
"\x78\x69\x5a\x4b\x3c\x2d\x1e\x0f"
"\x00\x11\x22\x33\x44",
.klen = 21,
- .input = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .ilen = 8,
- .result = "\xe6\xf5\x1e\xd7\x9b\x9d\xb2\x1f",
- .rlen = 8,
+ .ptext = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
+ .ctext = "\xe6\xf5\x1e\xd7\x9b\x9d\xb2\x1f",
+ .len = 8,
}, { /* Generated with bf488 */
.key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87"
"\x78\x69\x5a\x4b\x3c\x2d\x1e\x0f"
@@ -7650,17 +6652,16 @@ static const struct cipher_testvec bf_enc_tv_template[] = {
"\x1f\x1f\x1f\x1f\x0e\x0e\x0e\x0e"
"\xff\xff\xff\xff\xff\xff\xff\xff",
.klen = 56,
- .input = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .ilen = 8,
- .result = "\xc0\x45\x04\x01\x2e\x4e\x1f\x53",
- .rlen = 8,
+ .ptext = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
+ .ctext = "\xc0\x45\x04\x01\x2e\x4e\x1f\x53",
+ .len = 8,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
"\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
"\x78\xBE\x9B\x78\x55\x32\x0F\x55",
.klen = 32,
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -7723,136 +6724,7 @@ static const struct cipher_testvec bf_enc_tv_template[] = {
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
"\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .ilen = 504,
- .result = "\x96\x87\x3D\x0C\x7B\xFB\xBD\x1F"
- "\xE3\xC1\x99\x6D\x39\xD4\xC2\x7D"
- "\xD7\x87\xA1\xF2\xDF\x51\x71\x26"
- "\xC2\xF4\x6D\xFF\xF6\xCD\x6B\x40"
- "\xE1\xB3\xBF\xD4\x38\x2B\xC8\x3B"
- "\xD3\xB2\xD4\x61\xC7\x9F\x06\xE9"
- "\xCD\xF3\x88\x39\x39\x7A\xDF\x19"
- "\xE8\x03\x2A\x0B\x9E\xA0\x2B\x86"
- "\x31\xF8\x9D\xB1\xEE\x78\x9D\xB5"
- "\xCD\x8B\x7C\x2E\xF5\xA2\x2D\x5D"
- "\x6E\x66\xAF\x38\x6C\xD3\x13\xED"
- "\x14\xEA\x5D\xD0\x17\x77\x0F\x4A"
- "\x50\xF2\xD0\x0F\xC8\xF7\x1E\x7B"
- "\x9D\x5B\x54\x65\x4F\x16\x8A\x97"
- "\xF3\xF6\xD4\xAA\x87\x36\x77\x72"
- "\x99\x4A\xB5\x5E\x88\xC3\xCD\x7D"
- "\x1D\x97\xF9\x11\xBD\xE0\x1F\x1F"
- "\x96\x3E\x4B\x22\xF4\xC0\xE6\xB8"
- "\x47\x82\x98\x23\x33\x36\xBC\x1B"
- "\x36\xE7\xF6\xCF\x97\x37\x16\xC0"
- "\x87\x31\x8B\xB0\xDB\x19\x42\xA5"
- "\x1F\x90\x7E\x66\x34\xDD\x5E\xE9"
- "\x4F\xB2\x2B\x9A\xDE\xB3\x5D\x71"
- "\x4D\x68\xF0\xDC\xA6\xEA\xE3\x9B"
- "\x60\x00\x55\x57\x06\x8B\xD5\xB3"
- "\x86\x30\x78\xDA\x33\x9A\x9D\xCC"
- "\xBA\x0B\x81\x06\x77\x43\xC7\xC9"
- "\xDB\x37\x60\x11\x45\x59\x6D\x2D"
- "\x90\x3D\x65\x3E\xD0\x13\xC6\x3C"
- "\x0E\x78\x7D\x9A\x00\xD6\x2F\x0B"
- "\x3B\x53\x19\x1E\xA8\x9B\x11\xD9"
- "\x98\xE4\x7F\xC3\x6E\x51\x24\x70"
- "\x9F\x04\x9C\xC2\x9E\x44\x84\xE3"
- "\xE0\x8A\x44\xA2\x5C\x94\x74\x34"
- "\x37\x52\x7C\x03\xE8\x8E\x97\xE1"
- "\x5B\x5C\x0E\xB0\x70\xFE\x54\x3F"
- "\xD8\x65\xA9\xC5\xCD\xEC\xF4\x45"
- "\x55\xC5\xA7\xA3\x19\x80\x28\x51"
- "\xBE\x64\x4A\xC1\xD4\xE1\xBE\xEB"
- "\x73\x4C\xB6\xF9\x5F\x6D\x82\xBC"
- "\x3E\x42\x14\x49\x88\x51\xBF\x68"
- "\x45\x75\x27\x1B\x0A\x72\xED\xAF"
- "\xDA\xC4\x4D\x67\x0D\xEE\x75\xE3"
- "\x34\xDD\x91\x19\x42\x3A\xCB\xDA"
- "\x38\xFA\x3C\x93\x62\xF2\xE3\x81"
- "\xB3\xE4\xBB\xF6\x0D\x0B\x1D\x09"
- "\x9C\x52\x0D\x50\x63\xA4\xB2\xD2"
- "\x82\xA0\x23\x3F\x1F\xB6\xED\x6E"
- "\xC2\x9C\x1C\xD0\x9A\x40\xB6\xFC"
- "\x36\x56\x6E\x85\x73\xD7\x52\xBA"
- "\x35\x5E\x32\x89\x5D\x42\xF5\x36"
- "\x52\x8D\x46\x7D\xC8\x71\xAD\x33"
- "\xE1\xAF\x6A\xA8\xEC\xBA\x1C\xDC"
- "\xFE\x88\xE6\x16\xE4\xC8\x13\x00"
- "\x3C\xDA\x59\x32\x38\x19\xD5\xEB"
- "\xB6\x7F\x78\x45\x1B\x8E\x07\x8C"
- "\x66\x52\x75\xFF\xAF\xCE\x2D\x2B"
- "\x22\x29\xCA\xB3\x5F\x7F\xE3\x29"
- "\xB2\xB8\x9D\xEB\x16\xC8\xC5\x1D"
- "\xC9\x0D\x59\x82\x27\x57\x9D\x42"
- "\x54\x59\x09\xA5\x3D\xC5\x84\x68"
- "\x56\xEB\x36\x77\x3D\xAA\xB8\xF5"
- "\xC9\x1A\xFB\x5D\xDE\xBB\x43\xF4",
- .rlen = 504,
- .also_non_np = 1,
- .np = 3,
- .tap = { 504 - 10, 2, 8 },
- },
-};
-
-static const struct cipher_testvec bf_dec_tv_template[] = {
- { /* DES test vectors from OpenSSL */
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 8,
- .input = "\x4e\xf9\x97\x45\x61\x98\xdd\x78",
- .ilen = 8,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 8,
- }, {
- .key = "\x1f\x1f\x1f\x1f\x0e\x0e\x0e\x0e",
- .klen = 8,
- .input = "\xa7\x90\x79\x51\x08\xea\x3c\xae",
- .ilen = 8,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .rlen = 8,
- }, {
- .key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
- .klen = 8,
- .input = "\xe8\x7a\x24\x4e\x2c\xc8\x5e\x82",
- .ilen = 8,
- .result = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .rlen = 8,
- }, { /* Vary the keylength... */
- .key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87"
- "\x78\x69\x5a\x4b\x3c\x2d\x1e\x0f",
- .klen = 16,
- .input = "\x93\x14\x28\x87\xee\x3b\xe1\x5c",
- .ilen = 8,
- .result = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .rlen = 8,
- }, {
- .key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87"
- "\x78\x69\x5a\x4b\x3c\x2d\x1e\x0f"
- "\x00\x11\x22\x33\x44",
- .klen = 21,
- .input = "\xe6\xf5\x1e\xd7\x9b\x9d\xb2\x1f",
- .ilen = 8,
- .result = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .rlen = 8,
- }, { /* Generated with bf488, using OpenSSL, Libgcrypt and Nettle */
- .key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87"
- "\x78\x69\x5a\x4b\x3c\x2d\x1e\x0f"
- "\x00\x11\x22\x33\x44\x55\x66\x77"
- "\x04\x68\x91\x04\xc2\xfd\x3b\x2f"
- "\x58\x40\x23\x64\x1a\xba\x61\x76"
- "\x1f\x1f\x1f\x1f\x0e\x0e\x0e\x0e"
- "\xff\xff\xff\xff\xff\xff\xff\xff",
- .klen = 56,
- .input = "\xc0\x45\x04\x01\x2e\x4e\x1f\x53",
- .ilen = 8,
- .result = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .rlen = 8,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .input = "\x96\x87\x3D\x0C\x7B\xFB\xBD\x1F"
+ .ctext = "\x96\x87\x3D\x0C\x7B\xFB\xBD\x1F"
"\xE3\xC1\x99\x6D\x39\xD4\xC2\x7D"
"\xD7\x87\xA1\xF2\xDF\x51\x71\x26"
"\xC2\xF4\x6D\xFF\xF6\xCD\x6B\x40"
@@ -7915,93 +6787,28 @@ static const struct cipher_testvec bf_dec_tv_template[] = {
"\x54\x59\x09\xA5\x3D\xC5\x84\x68"
"\x56\xEB\x36\x77\x3D\xAA\xB8\xF5"
"\xC9\x1A\xFB\x5D\xDE\xBB\x43\xF4",
- .ilen = 504,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .rlen = 504,
+ .len = 504,
.also_non_np = 1,
.np = 3,
.tap = { 504 - 10, 2, 8 },
},
};
-static const struct cipher_testvec bf_cbc_enc_tv_template[] = {
+static const struct cipher_testvec bf_cbc_tv_template[] = {
{ /* From OpenSSL */
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
.klen = 16,
.iv = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .input = "\x37\x36\x35\x34\x33\x32\x31\x20"
+ .ptext = "\x37\x36\x35\x34\x33\x32\x31\x20"
"\x4e\x6f\x77\x20\x69\x73\x20\x74"
"\x68\x65\x20\x74\x69\x6d\x65\x20"
"\x66\x6f\x72\x20\x00\x00\x00\x00",
- .ilen = 32,
- .result = "\x6b\x77\xb4\xd6\x30\x06\xde\xe6"
+ .ctext = "\x6b\x77\xb4\xd6\x30\x06\xde\xe6"
"\x05\xb1\x56\xe2\x74\x03\x97\x93"
"\x58\xde\xb9\xe7\x15\x46\x16\xd9"
"\x59\xf1\x65\x2b\xd5\xff\x92\xcc",
- .rlen = 32,
+ .len = 32,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -8009,7 +6816,7 @@ static const struct cipher_testvec bf_cbc_enc_tv_template[] = {
"\x78\xBE\x9B\x78\x55\x32\x0F\x55",
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -8072,8 +6879,7 @@ static const struct cipher_testvec bf_cbc_enc_tv_template[] = {
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
"\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .ilen = 504,
- .result = "\xB4\xFE\xA5\xBB\x3D\x2C\x27\x06"
+ .ctext = "\xB4\xFE\xA5\xBB\x3D\x2C\x27\x06"
"\x06\x2B\x3A\x92\xB2\xF5\x5E\x62"
"\x84\xCD\xF7\x66\x7E\x41\x6C\x8E"
"\x1B\xD9\x02\xB6\x48\xB0\x87\x25"
@@ -8136,171 +6942,14 @@ static const struct cipher_testvec bf_cbc_enc_tv_template[] = {
"\xCD\xE9\xD5\x0C\xFE\x12\x39\xA9"
"\x93\x9B\xEE\xB5\x97\x41\xD2\xA0"
"\xB4\x98\xD8\x6B\x74\xE7\x65\xF4",
- .rlen = 504,
- .also_non_np = 1,
- .np = 3,
- .tap = { 504 - 10, 2, 8 },
- },
-};
-
-static const struct cipher_testvec bf_cbc_dec_tv_template[] = {
- { /* From OpenSSL */
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
- .klen = 16,
- .iv = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .input = "\x6b\x77\xb4\xd6\x30\x06\xde\xe6"
- "\x05\xb1\x56\xe2\x74\x03\x97\x93"
- "\x58\xde\xb9\xe7\x15\x46\x16\xd9"
- "\x59\xf1\x65\x2b\xd5\xff\x92\xcc",
- .ilen = 32,
- .result = "\x37\x36\x35\x34\x33\x32\x31\x20"
- "\x4e\x6f\x77\x20\x69\x73\x20\x74"
- "\x68\x65\x20\x74\x69\x6d\x65\x20"
- "\x66\x6f\x72\x20\x00\x00\x00\x00",
- .rlen = 32,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\xB4\xFE\xA5\xBB\x3D\x2C\x27\x06"
- "\x06\x2B\x3A\x92\xB2\xF5\x5E\x62"
- "\x84\xCD\xF7\x66\x7E\x41\x6C\x8E"
- "\x1B\xD9\x02\xB6\x48\xB0\x87\x25"
- "\x01\x9C\x93\x63\x51\x60\x82\xD2"
- "\x4D\xE5\xC2\xB7\xAE\x60\xD8\xAD"
- "\x9F\xAB\x6C\xFA\x20\x05\xDA\x6F"
- "\x1F\xD1\xD8\x36\x0F\xB5\x16\x69"
- "\x3C\xAF\xB3\x30\x18\x33\xE6\xB5"
- "\x43\x29\x9D\x94\xF4\x2F\x0A\x65"
- "\x40\xB2\xB2\xB2\x42\x89\xEE\x8A"
- "\x60\xD3\x52\xA8\xED\x91\xDF\xE1"
- "\x91\x73\x7C\x28\xA1\x14\xC3\x4C"
- "\x82\x72\x4B\x7D\x7D\x32\xD5\x19"
- "\xE8\xB8\x6B\x30\x21\x09\x0E\x27"
- "\x10\x9D\x2D\x3A\x6A\x4B\x7B\xE6"
- "\x8D\x4E\x02\x32\xFF\x7F\x8E\x13"
- "\xB0\x96\xF4\xC2\xA1\x60\x8A\x69"
- "\xEF\x0F\x86\xD0\x25\x13\x1A\x7C"
- "\x6E\xF0\x41\xA3\xFB\xB3\xAB\x40"
- "\x7D\x19\xA0\x11\x4F\x3E\x1D\x43"
- "\x65\xFE\x15\x40\xD0\x62\x41\x02"
- "\xEA\x0C\x7A\xC3\x84\xEE\xB0\xBE"
- "\xBE\xC8\x57\x51\xCD\x4F\xAD\x5C"
- "\xCC\x79\xBA\x0D\x85\x3A\xED\x6B"
- "\xAC\x6B\xA3\x4D\xBC\xE8\x02\x6A"
- "\xC2\x6D\xBD\x5E\x89\x95\x86\x43"
- "\x2C\x17\x4B\xC6\x40\xA2\xBD\x24"
- "\x04\xF0\x86\x08\x78\x18\x42\xE0"
- "\x39\x1B\x22\x9E\x89\x4C\x04\x6B"
- "\x65\xC5\xB6\x0E\xF6\x63\xFC\xD7"
- "\xAE\x9E\x87\x13\xCC\xD3\x1A\xEC"
- "\xF0\x51\xCC\x93\x68\xFC\xE9\x19"
- "\x7C\x4E\x9B\xCC\x17\xAD\xD2\xFC"
- "\x97\x18\x92\xFF\x15\x11\xCE\xED"
- "\x04\x41\x05\xA3\x92\xFF\x3B\xE6"
- "\xB6\x8C\x90\xC6\xCD\x15\xA0\x04"
- "\x25\x8B\x5D\x5B\x5F\xDB\xAE\x68"
- "\xEF\xB3\x61\x18\xDB\x83\x9B\x39"
- "\xCA\x82\xD1\x88\xF0\xA2\x5C\x02"
- "\x87\xBD\x8D\x8F\xBB\x62\xF0\x35"
- "\x75\x6F\x06\x81\x0A\x97\x4D\xF0"
- "\x43\x12\x73\x77\xDB\x91\x83\x5B"
- "\xE7\x3A\xA6\x07\x7B\xBF\x2C\x50"
- "\x94\xDE\x7B\x65\xDA\x1C\xF1\x9F"
- "\x7E\x12\x40\xB2\x3E\x19\x23\xF1"
- "\x7C\x1B\x5F\xA8\xF3\xAC\x63\x87"
- "\xEB\x3E\x0C\xBE\xA3\x63\x97\x88"
- "\x8D\x27\xC6\x2A\xF8\xF2\x67\x9A"
- "\x0D\x14\x16\x2B\x6F\xCB\xD4\x76"
- "\x14\x48\x2E\xDE\x2A\x44\x5E\x45"
- "\xF1\x97\x82\xEF\xB7\xAE\xED\x3A"
- "\xED\x73\xD3\x79\xF7\x38\x1D\xD0"
- "\xC5\xF8\x69\x83\x28\x84\x87\x56"
- "\x3F\xAE\x81\x04\x79\x1F\xD1\x09"
- "\xC5\xE5\x05\x0D\x64\x16\xCE\x42"
- "\xC5\xF8\xDB\x57\x89\x33\x22\xFC"
- "\xB4\xD7\x94\xB9\xF3\xCC\x02\x90"
- "\x02\xBA\x55\x1E\x24\x3E\x02\x1D"
- "\xC6\xCD\x8F\xD9\xBD\xED\xB0\x51"
- "\xCD\xE9\xD5\x0C\xFE\x12\x39\xA9"
- "\x93\x9B\xEE\xB5\x97\x41\xD2\xA0"
- "\xB4\x98\xD8\x6B\x74\xE7\x65\xF4",
- .ilen = 504,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .rlen = 504,
+ .len = 504,
.also_non_np = 1,
.np = 3,
.tap = { 504 - 10, 2, 8 },
},
};
-static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
+static const struct cipher_testvec bf_ctr_tv_template[] = {
{ /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -8308,7 +6957,7 @@ static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
"\x78\xBE\x9B\x78\x55\x32\x0F\x55",
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -8371,8 +7020,7 @@ static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
"\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .ilen = 504,
- .result = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
+ .ctext = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
"\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
"\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
"\x0D\x70\x86\x5A\x44\xAD\x85\x17"
@@ -8435,7 +7083,7 @@ static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
"\x64\xBB\x15\xB8\x56\xCF\xEE\xE5"
"\x32\x44\x96\x1C\xD8\xEB\x95\xD2"
"\xF3\x71\xEF\xEB\x4E\xBB\x4D\x29",
- .rlen = 504,
+ .len = 504,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -8443,7 +7091,7 @@ static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
"\x78\xBE\x9B\x78\x55\x32\x0F\x55",
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -8506,8 +7154,7 @@ static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
"\x2B\xC2\x59\xF0\x64\xFB\x92",
- .ilen = 503,
- .result = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
+ .ctext = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
"\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
"\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
"\x0D\x70\x86\x5A\x44\xAD\x85\x17"
@@ -8570,7 +7217,7 @@ static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
"\x64\xBB\x15\xB8\x56\xCF\xEE\xE5"
"\x32\x44\x96\x1C\xD8\xEB\x95\xD2"
"\xF3\x71\xEF\xEB\x4E\xBB\x4D",
- .rlen = 503,
+ .len = 503,
.also_non_np = 1,
.np = 2,
.tap = { 503 - 8, 8 },
@@ -8581,210 +7228,7 @@ static const struct cipher_testvec bf_ctr_enc_tv_template[] = {
"\x78\xBE\x9B\x78\x55\x32\x0F\x55",
.klen = 32,
.iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .ilen = 504,
- .result = "\x5F\x58\x6E\x60\x51\x6E\xDC\x3D"
- "\xD1\xBB\xF7\xB7\xFD\x04\x44\x82"
- "\xDC\x9F\x4B\x02\xF1\xD2\x5A\x6F"
- "\x25\xF9\x27\x21\xF2\xD2\x9A\x01"
- "\xBD\xAD\x3D\x93\x87\xCA\x0D\xFE"
- "\xB7\x2C\x17\x1F\x42\x8C\x13\xB2"
- "\x62\x44\x72\xB9\x5D\xC0\xF8\x37"
- "\xDF\xEA\x78\x81\x8F\xA6\x34\xB2"
- "\x07\x09\x7C\xB9\x3A\xA0\x2B\x18"
- "\x34\x6A\x9D\x3D\xA5\xEB\xF4\x60"
- "\xF8\x98\xA2\x39\x81\x23\x6C\xA9"
- "\x70\xCA\xCC\x45\xD8\x1F\xDF\x44"
- "\x2A\x67\x7A\x88\x28\xDC\x36\x83"
- "\x18\xD7\x48\x43\x17\x2B\x1B\xE6"
- "\x0B\x82\x59\x14\x26\x67\x08\x09"
- "\x5B\x5D\x38\xD0\x81\xCE\x54\x2A"
- "\xCD\x22\x94\x42\xF5\xBA\x74\x7E"
- "\xD9\x00\x40\xA9\x0D\x0B\xBD\x8E"
- "\xC4\x8E\x5E\x17\x8F\x48\xE2\xB8"
- "\xF4\xCC\x19\x76\xAB\x48\x29\xAA"
- "\x81\xD5\xCE\xD5\x8A\x3B\xC9\x21"
- "\xEF\x50\x4F\x04\x02\xBF\xE1\x1F"
- "\x59\x28\x1A\xE4\x18\x16\xA0\x29"
- "\xBF\x34\xA9\x2D\x28\x83\xC0\x5E"
- "\xEA\x44\xC4\x6E\xAB\x24\x79\x9D"
- "\x2D\xA1\xE8\x55\xCA\x74\xFC\xBD"
- "\xFE\xDD\xDA\xA5\xFB\x34\x90\x31"
- "\x0E\x62\x28\x9B\xDC\xD7\xA1\xBB"
- "\xF0\x1A\xB3\xE2\xD0\xFA\xBD\xE8"
- "\x5C\x5A\x10\x67\xF6\x6A\x17\x3F"
- "\xC5\xE9\x09\x08\xDD\x22\x77\x42"
- "\x26\x6A\x6A\x7A\x3F\x87\x80\x0C"
- "\xF0\xFF\x15\x8E\x84\x86\xC0\x10"
- "\x0F\x8D\x33\x06\xB8\x72\xA4\x47"
- "\x6B\xED\x2E\x05\x94\x6C\x5C\x5B"
- "\x13\xF6\x77\xEE\x3B\x16\xDF\xC2"
- "\x63\x66\x07\x6D\x3F\x6C\x51\x7C"
- "\x1C\xAC\x80\xB6\x58\x48\xB7\x9D"
- "\xB4\x19\xD8\x19\x45\x66\x27\x02"
- "\xA1\xA9\x99\xF3\x1F\xE5\xA7\x1D"
- "\x31\xE7\x1B\x0D\xFF\xBB\xB5\xA1"
- "\xF5\x9C\x45\x1E\x18\x19\xA1\xE7"
- "\xC2\xF1\xBF\x68\xC3\xEC\xCF\x53"
- "\x67\xA6\x2B\x7D\x3C\x6D\x24\xC3"
- "\xE8\xE6\x07\x5A\x09\xE0\x32\xA8"
- "\x52\xF6\xE9\xED\x0E\xC6\x0A\x6A"
- "\xFC\x60\x2A\xE0\x93\xCE\xB8\x2E"
- "\xA2\xA8\x0E\x79\x9E\x34\x5D\x37"
- "\x6F\x12\xFE\x48\x7B\xE7\xB9\x22"
- "\x29\xE8\xD7\xBE\x5D\xD1\x8B\xD9"
- "\x91\x51\x4E\x71\xF2\x98\x85\x16"
- "\x25\x7A\x76\x8A\x51\x0E\x65\x14"
- "\x81\xB5\x3A\x37\xFD\xEC\xB5\x8A"
- "\xE1\xCF\x41\x72\x14\x29\x4C\xF0"
- "\x20\xD9\x9A\xC5\x66\xA4\x03\x76"
- "\x5B\xA4\x15\x4F\x0E\x64\x39\x40"
- "\x25\xF9\x20\x22\xF5\x88\xF5\xBA"
- "\xE4\xDF\x45\x61\xBF\x8D\x7A\x24"
- "\x4B\x92\x71\xD9\x2F\x77\xA7\x95"
- "\xA8\x7F\x61\xD5\xA4\x57\xB0\xFB"
- "\xB5\x77\xBA\x1C\xEE\x71\xFA\xB0"
- "\x16\x4C\x18\x6B\xF2\x69\xA0\x07"
- "\xEF\xBE\xEC\x69\xAC\xA8\x63\x9E",
- .rlen = 504,
- },
-};
-
-static const struct cipher_testvec bf_ctr_dec_tv_template[] = {
- { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
- "\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
- "\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
- "\x0D\x70\x86\x5A\x44\xAD\x85\x17"
- "\xE4\x1F\x5E\xA5\x89\xAC\x32\xBC"
- "\x3D\xA7\xE9\x0A\x5C\x70\x4D\xDE"
- "\x99\x38\x07\xCA\x1D\x21\xC1\x11"
- "\x97\xEB\x98\x75\xC4\x73\x45\x83"
- "\x46\x1C\x9C\x91\x87\xC1\xA0\x56"
- "\x98\xA1\x8B\xDB\x22\x76\xBD\x62"
- "\xA4\xBC\xE8\x86\xDA\xD2\x51\x13"
- "\x13\xD2\x96\x68\x69\x10\x67\x0C"
- "\xD0\x17\x25\x7C\xB2\xAE\x4F\x93"
- "\xA6\x82\x20\xCF\x0F\xA6\x47\x79"
- "\x88\x09\x40\x59\xBD\x12\x64\xB5"
- "\x19\x38\x0D\xFF\x86\xD9\x42\x20"
- "\x81\x0D\x96\x99\xAF\x22\x1F\x94"
- "\x5C\x6E\xEC\xEA\xA3\x39\xCB\x09"
- "\x43\x19\x7F\xD0\xBB\x10\xC2\x49"
- "\xF7\xE9\xF2\xEE\xBF\xF7\xF8\xB3"
- "\x0E\x1A\xF1\x8D\x70\x82\x0C\x04"
- "\xFD\x29\x1A\xAC\xC0\x92\x48\x34"
- "\x6A\xE3\x1D\x4F\xFC\x1C\x72\x6A"
- "\x57\xCB\xAD\xD0\x98\xAB\xB1\x01"
- "\x03\x6A\x45\xDD\x07\x71\x5F\x5B"
- "\xB5\x4A\xE4\xE5\xB9\xB9\xBC\xAC"
- "\x44\xF7\x41\xA4\x5F\x2E\xE9\x28"
- "\xE3\x05\xD2\x94\x78\x4C\x33\x1B"
- "\xBD\xC1\x6E\x51\xD9\xAD\xD9\x86"
- "\x15\x4A\x78\xAE\x7B\xAD\x3B\xBC"
- "\x2F\xE0\x0E\xC5\x7B\x54\x97\x5F"
- "\x60\x51\x14\x65\xF9\x91\xE9\xDA"
- "\x9A\xBC\xFC\x19\x29\x67\xAA\x63"
- "\x5E\xF2\x48\x88\xEB\x79\xE1\xE4"
- "\xF7\xF6\x4C\xA9\xE2\x8C\x3B\xE0"
- "\xED\x52\xAE\x90\x8F\x5B\x98\x34"
- "\x29\x94\x34\x7F\xF9\x6C\x1E\xB6"
- "\xA4\xE7\x2D\x06\x54\x9D\xC3\x02"
- "\xC1\x90\xA4\x72\x31\x6B\x24\x51"
- "\x0B\xB3\x7C\x63\x15\xBA\xAF\x5D"
- "\x41\xE0\x37\x6D\xBE\x41\x58\xDE"
- "\xF2\x07\x62\x99\xBE\xC1\x8C\x0F"
- "\x0F\x28\xFB\x8F\x0E\x1D\x91\xE2"
- "\xDA\x99\x5C\x49\xBA\x9C\xA8\x86"
- "\x82\x63\x11\xB3\x54\x49\x00\x08"
- "\x07\xF2\xE8\x1F\x34\x49\x61\xF4"
- "\x81\xE9\xF6\xA9\x5A\x28\x60\x1F"
- "\x66\x99\x08\x06\xF2\xE8\x2D\xD1"
- "\xD0\x67\xBA\x32\x1F\x02\x86\x7B"
- "\xFB\x79\x3D\xC5\xB1\x7F\x15\xAF"
- "\xD7\xBF\x31\x46\x22\x7F\xAE\x5B"
- "\x8B\x95\x47\xC2\xB1\x62\xA1\xCE"
- "\x52\xAC\x9C\x8B\xC2\x49\x7F\xBC"
- "\x9C\x89\xB8\xB6\xCA\xE3\x8F\xEA"
- "\xAC\xB4\x5D\xE4\x50\xDC\x3A\xB5"
- "\x91\x04\x94\x99\x03\x3B\x42\x6D"
- "\x9C\x4A\x02\xF5\xB5\x38\x98\xA8"
- "\x5C\x97\x2E\x4D\x79\x67\x71\xAF"
- "\xF0\x70\x77\xFF\x2D\xDA\xA0\x9E"
- "\x23\x8D\xD6\xA6\x68\x10\x78\x9A"
- "\x64\xBB\x15\xB8\x56\xCF\xEE\xE5"
- "\x32\x44\x96\x1C\xD8\xEB\x95\xD2"
- "\xF3\x71\xEF\xEB\x4E\xBB\x4D\x29",
- .ilen = 504,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -8847,153 +7291,7 @@ static const struct cipher_testvec bf_ctr_dec_tv_template[] = {
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
"\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .rlen = 504,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
- "\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
- "\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
- "\x0D\x70\x86\x5A\x44\xAD\x85\x17"
- "\xE4\x1F\x5E\xA5\x89\xAC\x32\xBC"
- "\x3D\xA7\xE9\x0A\x5C\x70\x4D\xDE"
- "\x99\x38\x07\xCA\x1D\x21\xC1\x11"
- "\x97\xEB\x98\x75\xC4\x73\x45\x83"
- "\x46\x1C\x9C\x91\x87\xC1\xA0\x56"
- "\x98\xA1\x8B\xDB\x22\x76\xBD\x62"
- "\xA4\xBC\xE8\x86\xDA\xD2\x51\x13"
- "\x13\xD2\x96\x68\x69\x10\x67\x0C"
- "\xD0\x17\x25\x7C\xB2\xAE\x4F\x93"
- "\xA6\x82\x20\xCF\x0F\xA6\x47\x79"
- "\x88\x09\x40\x59\xBD\x12\x64\xB5"
- "\x19\x38\x0D\xFF\x86\xD9\x42\x20"
- "\x81\x0D\x96\x99\xAF\x22\x1F\x94"
- "\x5C\x6E\xEC\xEA\xA3\x39\xCB\x09"
- "\x43\x19\x7F\xD0\xBB\x10\xC2\x49"
- "\xF7\xE9\xF2\xEE\xBF\xF7\xF8\xB3"
- "\x0E\x1A\xF1\x8D\x70\x82\x0C\x04"
- "\xFD\x29\x1A\xAC\xC0\x92\x48\x34"
- "\x6A\xE3\x1D\x4F\xFC\x1C\x72\x6A"
- "\x57\xCB\xAD\xD0\x98\xAB\xB1\x01"
- "\x03\x6A\x45\xDD\x07\x71\x5F\x5B"
- "\xB5\x4A\xE4\xE5\xB9\xB9\xBC\xAC"
- "\x44\xF7\x41\xA4\x5F\x2E\xE9\x28"
- "\xE3\x05\xD2\x94\x78\x4C\x33\x1B"
- "\xBD\xC1\x6E\x51\xD9\xAD\xD9\x86"
- "\x15\x4A\x78\xAE\x7B\xAD\x3B\xBC"
- "\x2F\xE0\x0E\xC5\x7B\x54\x97\x5F"
- "\x60\x51\x14\x65\xF9\x91\xE9\xDA"
- "\x9A\xBC\xFC\x19\x29\x67\xAA\x63"
- "\x5E\xF2\x48\x88\xEB\x79\xE1\xE4"
- "\xF7\xF6\x4C\xA9\xE2\x8C\x3B\xE0"
- "\xED\x52\xAE\x90\x8F\x5B\x98\x34"
- "\x29\x94\x34\x7F\xF9\x6C\x1E\xB6"
- "\xA4\xE7\x2D\x06\x54\x9D\xC3\x02"
- "\xC1\x90\xA4\x72\x31\x6B\x24\x51"
- "\x0B\xB3\x7C\x63\x15\xBA\xAF\x5D"
- "\x41\xE0\x37\x6D\xBE\x41\x58\xDE"
- "\xF2\x07\x62\x99\xBE\xC1\x8C\x0F"
- "\x0F\x28\xFB\x8F\x0E\x1D\x91\xE2"
- "\xDA\x99\x5C\x49\xBA\x9C\xA8\x86"
- "\x82\x63\x11\xB3\x54\x49\x00\x08"
- "\x07\xF2\xE8\x1F\x34\x49\x61\xF4"
- "\x81\xE9\xF6\xA9\x5A\x28\x60\x1F"
- "\x66\x99\x08\x06\xF2\xE8\x2D\xD1"
- "\xD0\x67\xBA\x32\x1F\x02\x86\x7B"
- "\xFB\x79\x3D\xC5\xB1\x7F\x15\xAF"
- "\xD7\xBF\x31\x46\x22\x7F\xAE\x5B"
- "\x8B\x95\x47\xC2\xB1\x62\xA1\xCE"
- "\x52\xAC\x9C\x8B\xC2\x49\x7F\xBC"
- "\x9C\x89\xB8\xB6\xCA\xE3\x8F\xEA"
- "\xAC\xB4\x5D\xE4\x50\xDC\x3A\xB5"
- "\x91\x04\x94\x99\x03\x3B\x42\x6D"
- "\x9C\x4A\x02\xF5\xB5\x38\x98\xA8"
- "\x5C\x97\x2E\x4D\x79\x67\x71\xAF"
- "\xF0\x70\x77\xFF\x2D\xDA\xA0\x9E"
- "\x23\x8D\xD6\xA6\x68\x10\x78\x9A"
- "\x64\xBB\x15\xB8\x56\xCF\xEE\xE5"
- "\x32\x44\x96\x1C\xD8\xEB\x95\xD2"
- "\xF3\x71\xEF\xEB\x4E\xBB\x4D",
- .ilen = 503,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92",
- .rlen = 503,
- .also_non_np = 1,
- .np = 2,
- .tap = { 503 - 8, 8 },
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x5F\x58\x6E\x60\x51\x6E\xDC\x3D"
+ .ctext = "\x5F\x58\x6E\x60\x51\x6E\xDC\x3D"
"\xD1\xBB\xF7\xB7\xFD\x04\x44\x82"
"\xDC\x9F\x4B\x02\xF1\xD2\x5A\x6F"
"\x25\xF9\x27\x21\xF2\xD2\x9A\x01"
@@ -9056,114 +7354,47 @@ static const struct cipher_testvec bf_ctr_dec_tv_template[] = {
"\xB5\x77\xBA\x1C\xEE\x71\xFA\xB0"
"\x16\x4C\x18\x6B\xF2\x69\xA0\x07"
"\xEF\xBE\xEC\x69\xAC\xA8\x63\x9E",
- .ilen = 504,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06",
- .rlen = 504,
+ .len = 504,
},
};
/*
* Twofish test vectors.
*/
-static const struct cipher_testvec tf_enc_tv_template[] = {
+static const struct cipher_testvec tf_tv_template[] = {
{
.key = zeroed_string,
.klen = 16,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
+ .ptext = zeroed_string,
+ .ctext = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
"\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10"
"\x00\x11\x22\x33\x44\x55\x66\x77",
.klen = 24,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\xcf\xd1\xd2\xe5\xa9\xbe\x9c\xdf"
+ .ptext = zeroed_string,
+ .ctext = "\xcf\xd1\xd2\xe5\xa9\xbe\x9c\xdf"
"\x50\x1f\x13\xb8\x92\xbd\x22\x48",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10"
"\x00\x11\x22\x33\x44\x55\x66\x77"
"\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
.klen = 32,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\x37\x52\x7b\xe0\x05\x23\x34\xb8"
+ .ptext = zeroed_string,
+ .ctext = "\x37\x52\x7b\xe0\x05\x23\x34\xb8"
"\x9f\x0c\xfc\xca\xe8\x7c\xfa\x20",
- .rlen = 16,
+ .len = 16,
}, { /* Generated with Crypto++ */
.key = "\x3F\x85\x62\x3F\x1C\xF9\xD6\x1C"
"\xF9\xD6\xB3\x90\x6D\x4A\x90\x6D"
"\x4A\x27\x04\xE1\x27\x04\xE1\xBE"
"\x9B\x78\xBE\x9B\x78\x55\x32\x0F",
.klen = 32,
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -9225,113 +7456,7 @@ static const struct cipher_testvec tf_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\x88\xCB\x1E\xC2\xAF\x8A\x97\xFF"
- "\xF6\x90\x46\x9C\x4A\x0F\x08\xDC"
- "\xDE\xAB\xAD\xFA\xFC\xA8\xC2\x3D"
- "\xE0\xE4\x8B\x3F\xD5\xA3\xF7\x14"
- "\x34\x9E\xB6\x08\xB2\xDD\xA8\xF5"
- "\xDF\xFA\xC7\xE8\x09\x50\x76\x08"
- "\xA2\xB6\x6A\x59\xC0\x2B\x6D\x05"
- "\x89\xF6\x82\xF0\xD3\xDB\x06\x02"
- "\xB5\x11\x5C\x5E\x79\x1A\xAC\x43"
- "\x5C\xC0\x30\x4B\x6B\x16\xA1\x40"
- "\x80\x27\x88\xBA\x2C\x74\x42\xE0"
- "\x1B\xA5\x85\x08\xB9\xE6\x22\x7A"
- "\x36\x3B\x0D\x9F\xA0\x22\x6C\x2A"
- "\x91\x75\x47\xBC\x67\x21\x4E\xF9"
- "\xEA\xFF\xD9\xD5\xC0\xFC\x9E\x2C"
- "\x3E\xAD\xC6\x61\x0E\x93\x7A\x22"
- "\x09\xC8\x8D\xC1\x8E\xB4\x8B\x5C"
- "\xC6\x24\x42\xB8\x23\x66\x80\xA9"
- "\x32\x0B\x7A\x29\xBF\xB3\x0B\x63"
- "\x43\x27\x13\xA9\xBE\xEB\xBD\xF3"
- "\x33\x62\x70\xE2\x1B\x86\x7A\xA1"
- "\x51\x4A\x16\xFE\x29\x63\x7E\xD0"
- "\x7A\xA4\x6E\x2C\xF8\xC1\xDB\xE8"
- "\xCB\x4D\xD2\x8C\x04\x14\xB4\x66"
- "\x41\xB7\x3A\x96\x16\x7C\x1D\x5B"
- "\xB6\x41\x42\x64\x43\xEE\x6E\x7C"
- "\x8B\xAF\x01\x9C\xA4\x6E\x75\x8F"
- "\xDE\x10\x9F\xA6\xE7\xD6\x44\x97"
- "\x66\xA3\x96\x0F\x1C\x25\x60\xF5"
- "\x3C\x2E\x32\x69\x0E\x82\xFF\x27"
- "\x0F\xB5\x06\xDA\xD8\x31\x15\x6C"
- "\xDF\x18\x6C\x87\xF5\x3B\x11\x9A"
- "\x1B\x42\x1F\x5B\x29\x19\x96\x13"
- "\x68\x2E\x5E\x08\x1C\x8F\x32\x4B"
- "\x81\x77\x6D\xF4\xA0\x01\x42\xEC"
- "\xDD\x5B\xFD\x3A\x8E\x6A\x14\xFB"
- "\x83\x54\xDF\x0F\x86\xB7\xEA\x40"
- "\x46\x39\xF7\x2A\x89\x8D\x4E\x96"
- "\x5F\x5F\x6D\x76\xC6\x13\x9D\x3D"
- "\x1D\x5F\x0C\x7D\xE2\xBC\xC2\x16"
- "\x16\xBE\x89\x3E\xB0\x61\xA2\x5D"
- "\xAF\xD1\x40\x5F\x1A\xB8\x26\x41"
- "\xC6\xBD\x36\xEF\xED\x29\x50\x6D"
- "\x10\xEF\x26\xE8\xA8\x93\x11\x3F"
- "\x2D\x1F\x88\x20\x77\x45\xF5\x66"
- "\x08\xB9\xF1\xEF\xB1\x93\xA8\x81"
- "\x65\xC5\xCD\x3E\x8C\x06\x60\x2C"
- "\xB2\x10\x7A\xCA\x05\x25\x59\xDB"
- "\xC7\x28\xF5\x20\x35\x52\x9E\x62"
- "\xF8\x88\x24\x1C\x4D\x84\x12\x39"
- "\x39\xE4\x2E\xF4\xD4\x9D\x2B\xBC"
- "\x87\x66\xE6\xC0\x6B\x31\x9A\x66"
- "\x03\xDC\x95\xD8\x6B\xD0\x30\x8F"
- "\xDF\x8F\x8D\xFA\xEC\x1F\x08\xBD"
- "\xA3\x63\xE2\x71\x4F\x03\x94\x87"
- "\x50\xDF\x15\x1F\xED\x3A\xA3\x7F"
- "\x1F\x2A\xB5\xA1\x69\xAC\x4B\x0D"
- "\x84\x9B\x2A\xE9\x55\xDD\x46\x91"
- "\x15\x33\xF3\x2B\x9B\x46\x97\x00"
- "\xF0\x29\xD8\x59\x5D\x33\x37\xF9"
- "\x58\x33\x9B\x78\xC7\x58\x48\x6B"
- "\x2C\x75\x64\xC4\xCA\xC1\x7E\xD5",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec tf_dec_tv_template[] = {
- {
- .key = zeroed_string,
- .klen = 16,
- .input = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
- "\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10"
- "\x00\x11\x22\x33\x44\x55\x66\x77",
- .klen = 24,
- .input = "\xcf\xd1\xd2\xe5\xa9\xbe\x9c\xdf"
- "\x50\x1f\x13\xb8\x92\xbd\x22\x48",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10"
- "\x00\x11\x22\x33\x44\x55\x66\x77"
- "\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .klen = 32,
- .input = "\x37\x52\x7b\xe0\x05\x23\x34\xb8"
- "\x9f\x0c\xfc\xca\xe8\x7c\xfa\x20",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, { /* Generated with Crypto++ */
- .key = "\x3F\x85\x62\x3F\x1C\xF9\xD6\x1C"
- "\xF9\xD6\xB3\x90\x6D\x4A\x90\x6D"
- "\x4A\x27\x04\xE1\x27\x04\xE1\xBE"
- "\x9B\x78\xBE\x9B\x78\x55\x32\x0F",
- .klen = 32,
- .input = "\x88\xCB\x1E\xC2\xAF\x8A\x97\xFF"
+ .ctext = "\x88\xCB\x1E\xC2\xAF\x8A\x97\xFF"
"\xF6\x90\x46\x9C\x4A\x0F\x08\xDC"
"\xDE\xAB\xAD\xFA\xFC\xA8\xC2\x3D"
"\xE0\xE4\x8B\x3F\xD5\xA3\xF7\x14"
@@ -9393,119 +7518,52 @@ static const struct cipher_testvec tf_dec_tv_template[] = {
"\xF0\x29\xD8\x59\x5D\x33\x37\xF9"
"\x58\x33\x9B\x78\xC7\x58\x48\x6B"
"\x2C\x75\x64\xC4\xCA\xC1\x7E\xD5",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec tf_cbc_enc_tv_template[] = {
+static const struct cipher_testvec tf_cbc_tv_template[] = {
{ /* Generated with Nettle */
.key = zeroed_string,
.klen = 16,
.iv = zeroed_string,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
+ .ptext = zeroed_string,
+ .ctext = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
"\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a",
- .rlen = 16,
+ .len = 16,
}, {
.key = zeroed_string,
.klen = 16,
.iv = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
"\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a",
- .input = zeroed_string,
- .ilen = 16,
- .result = "\xd4\x91\xdb\x16\xe7\xb1\xc3\x9e"
+ .ptext = zeroed_string,
+ .ctext = "\xd4\x91\xdb\x16\xe7\xb1\xc3\x9e"
"\x86\xcb\x08\x6b\x78\x9f\x54\x19",
- .rlen = 16,
+ .len = 16,
}, {
.key = zeroed_string,
.klen = 16,
.iv = "\xd4\x91\xdb\x16\xe7\xb1\xc3\x9e"
"\x86\xcb\x08\x6b\x78\x9f\x54\x19",
- .input = zeroed_string,
- .ilen = 16,
- .result = "\x05\xef\x8c\x61\xa8\x11\x58\x26"
+ .ptext = zeroed_string,
+ .ctext = "\x05\xef\x8c\x61\xa8\x11\x58\x26"
"\x34\xba\x5c\xb7\x10\x6a\xa6\x41",
- .rlen = 16,
+ .len = 16,
}, {
.key = zeroed_string,
.klen = 16,
.iv = zeroed_string,
- .input = zeroed_string,
- .ilen = 48,
- .result = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
+ .ptext = zeroed_string,
+ .ctext = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
"\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a"
"\xd4\x91\xdb\x16\xe7\xb1\xc3\x9e"
"\x86\xcb\x08\x6b\x78\x9f\x54\x19"
"\x05\xef\x8c\x61\xa8\x11\x58\x26"
"\x34\xba\x5c\xb7\x10\x6a\xa6\x41",
- .rlen = 48,
+ .len = 48,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -9514,7 +7572,7 @@ static const struct cipher_testvec tf_cbc_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -9576,128 +7634,7 @@ static const struct cipher_testvec tf_cbc_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xC8\xFF\xF2\x53\xA6\x27\x09\xD1"
- "\x33\x38\xC2\xC0\x0C\x14\x7E\xB5"
- "\x26\x1B\x05\x0C\x05\x12\x3F\xC0"
- "\xF9\x1C\x02\x28\x40\x96\x6F\xD0"
- "\x3D\x32\xDF\xDA\x56\x00\x6E\xEE"
- "\x5B\x2A\x72\x9D\xC2\x4D\x19\xBC"
- "\x8C\x53\xFA\x87\x6F\xDD\x81\xA3"
- "\xB1\xD3\x44\x65\xDF\xE7\x63\x38"
- "\x4A\xFC\xDC\xEC\x3F\x26\x8E\xB8"
- "\x43\xFC\xFE\x18\xB5\x11\x6D\x31"
- "\x81\x8B\x0D\x75\xF6\x80\xEC\x84"
- "\x04\xB9\xE6\x09\x63\xED\x39\xDB"
- "\xC3\xF6\x14\xD6\x6E\x5E\x8B\xBD"
- "\x3E\xFA\xD7\x98\x50\x6F\xD9\x63"
- "\x02\xCD\x0D\x39\x4B\x0D\xEC\x80"
- "\xE3\x6A\x17\xF4\xCC\xAD\xFF\x68"
- "\x45\xDD\xC8\x83\x1D\x41\x96\x0D"
- "\x91\x2E\x05\xD3\x59\x82\xE0\x43"
- "\x90\x4F\xB9\xF7\xAD\x6B\x2E\xAF"
- "\xA7\x84\x00\x53\xCD\x6F\xD1\x0C"
- "\x4E\xF9\x5A\x23\xFB\xCA\xC7\xD3"
- "\xA9\xAA\x9D\xB2\x3F\x66\xF1\xAC"
- "\x25\x21\x8F\xF7\xEF\xF2\x6A\xDF"
- "\xE8\xDA\x75\x1A\x8A\xF1\xDD\x38"
- "\x1F\xF9\x3D\x68\x4A\xBB\x9E\x34"
- "\x1F\x66\x1F\x9C\x2B\x54\xFF\x60"
- "\x7F\x29\x4B\x55\x80\x8F\x4E\xA7"
- "\xA6\x9A\x0A\xD9\x0D\x19\x00\xF8"
- "\x1F\xBC\x0C\x40\x6B\xEC\x99\x25"
- "\x94\x70\x74\x0E\x1D\xC5\xBC\x12"
- "\xF3\x42\xBE\x95\xBF\xFB\x4E\x55"
- "\x9A\xB9\xCE\x14\x16\x5B\xDC\xD3"
- "\x75\x42\x62\x04\x31\x1F\x95\x7C"
- "\x66\x1A\x97\xDC\x2F\x40\x5C\x39"
- "\x78\xE6\x02\xDB\x49\xE1\xC6\x47"
- "\xC2\x78\x9A\xBB\xF3\xBE\xCB\x93"
- "\xD8\xB8\xE8\xBB\x8C\xB3\x9B\xA7"
- "\xC2\x89\xF3\x91\x88\x83\x3D\xF0"
- "\x29\xA2\xCD\xB5\x79\x16\xC2\x40"
- "\x11\x03\x8E\x9C\xFD\xC9\x43\xC4"
- "\xC2\x19\xF0\x4A\x32\xEF\x0C\x2B"
- "\xD3\x2B\xE9\xD4\x4C\xDE\x95\xCF"
- "\x04\x03\xD3\x2C\x7F\x82\xC8\xFA"
- "\x0F\xD8\x7A\x39\x7B\x01\x41\x9C"
- "\x78\xB6\xC9\xBF\xF9\x78\x57\x88"
- "\xB1\xA5\xE1\xE0\xD9\x16\xD4\xC8"
- "\xEE\xC4\xBE\x7B\x55\x59\x00\x48"
- "\x1B\xBC\x14\xFA\x2A\x9D\xC9\x1C"
- "\xFB\x28\x3F\x95\xDD\xB7\xD6\xCE"
- "\x3A\x7F\x09\x0C\x0E\x69\x30\x7D"
- "\xBC\x68\x9C\x91\x2A\x59\x57\x04"
- "\xED\x1A\x1E\x00\xB1\x85\x92\x04"
- "\x28\x8C\x0C\x3C\xC1\xD5\x12\xF7"
- "\x4C\x3E\xB0\xE7\x86\x62\x68\x91"
- "\xFC\xC4\xE2\xCE\xA6\xDC\x5E\x93"
- "\x5D\x8D\x8C\x68\xB3\xB2\xB9\x64"
- "\x16\xB8\xC8\x6F\xD8\xEE\x21\xBD"
- "\xAC\x18\x0C\x7D\x0D\x05\xAB\xF1"
- "\xFA\xDD\xE2\x48\xDF\x4C\x02\x39"
- "\x69\xA1\x62\xBD\x49\x3A\x9D\x91"
- "\x30\x70\x56\xA4\x37\xDD\x7C\xC0"
- "\x0A\xA3\x30\x10\x26\x25\x41\x2C",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec tf_cbc_dec_tv_template[] = {
- { /* Reverse of the first four above */
- .key = zeroed_string,
- .klen = 16,
- .iv = zeroed_string,
- .input = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
- "\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = zeroed_string,
- .klen = 16,
- .iv = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
- "\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a",
- .input = "\xd4\x91\xdb\x16\xe7\xb1\xc3\x9e"
- "\x86\xcb\x08\x6b\x78\x9f\x54\x19",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = zeroed_string,
- .klen = 16,
- .iv = "\xd4\x91\xdb\x16\xe7\xb1\xc3\x9e"
- "\x86\xcb\x08\x6b\x78\x9f\x54\x19",
- .input = "\x05\xef\x8c\x61\xa8\x11\x58\x26"
- "\x34\xba\x5c\xb7\x10\x6a\xa6\x41",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = zeroed_string,
- .klen = 16,
- .iv = zeroed_string,
- .input = "\x9f\x58\x9f\x5c\xf6\x12\x2c\x32"
- "\xb6\xbf\xec\x2f\x2a\xe8\xc3\x5a"
- "\xd4\x91\xdb\x16\xe7\xb1\xc3\x9e"
- "\x86\xcb\x08\x6b\x78\x9f\x54\x19"
- "\x05\xef\x8c\x61\xa8\x11\x58\x26"
- "\x34\xba\x5c\xb7\x10\x6a\xa6\x41",
- .ilen = 48,
- .result = zeroed_string,
- .rlen = 48,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xC8\xFF\xF2\x53\xA6\x27\x09\xD1"
+ .ctext = "\xC8\xFF\xF2\x53\xA6\x27\x09\xD1"
"\x33\x38\xC2\xC0\x0C\x14\x7E\xB5"
"\x26\x1B\x05\x0C\x05\x12\x3F\xC0"
"\xF9\x1C\x02\x28\x40\x96\x6F\xD0"
@@ -9759,77 +7696,14 @@ static const struct cipher_testvec tf_cbc_dec_tv_template[] = {
"\x69\xA1\x62\xBD\x49\x3A\x9D\x91"
"\x30\x70\x56\xA4\x37\xDD\x7C\xC0"
"\x0A\xA3\x30\x10\x26\x25\x41\x2C",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
+static const struct cipher_testvec tf_ctr_tv_template[] = {
{ /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -9838,7 +7712,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -9900,8 +7774,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
+ .ctext = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
"\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
"\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
"\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
@@ -9963,7 +7836,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
"\xE8\x47\x2A\x4D\xFD\xA1\xBC\xE3"
"\xB9\x32\xE2\xC1\x82\xAC\xFE\xCC"
"\xC5\xC9\x7F\x9E\xCF\x33\x7A\xDF",
- .rlen = 496,
+ .len = 496,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -9972,7 +7845,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -10034,8 +7907,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xEB\x44\xAF\x49\x27\xB8\xFB\x44"
+ .ctext = "\xEB\x44\xAF\x49\x27\xB8\xFB\x44"
"\x4C\xA6\xC3\x0C\x8B\xD0\x01\x0C"
"\x53\xC8\x16\x38\xDE\x40\x4F\x91"
"\x25\x6D\x4C\xA0\x9A\x87\x1E\xDA"
@@ -10097,7 +7969,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
"\x4C\xB6\xF8\xF4\x5F\x48\x52\x54"
"\x94\x63\xA8\x4E\xCF\xD2\x1B\x1B"
"\x22\x18\x6A\xAF\x6E\x3E\xE1\x0D",
- .rlen = 496,
+ .len = 496,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -10106,7 +7978,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -10169,355 +8041,7 @@ static const struct cipher_testvec tf_ctr_enc_tv_template[] = {
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
"\x2B\xC2\x59",
- .ilen = 499,
- .result = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
- "\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
- "\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
- "\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
- "\x9F\x8D\x40\x9F\x24\xFD\x92\xA0"
- "\xBC\x8F\x35\xDD\x67\x38\xD8\xAA"
- "\xCF\xF8\x48\xCA\xFB\xE4\x5C\x60"
- "\x01\x41\x21\x12\x38\xAB\x52\x4F"
- "\xA8\x57\x20\xE0\x21\x6A\x17\x0D"
- "\x0E\xF9\x8E\x49\x42\x00\x3C\x94"
- "\x14\xC0\xD0\x8D\x8A\x98\xEB\x29"
- "\xEC\xAE\x96\x44\xC0\x3C\x48\xDC"
- "\x29\x35\x25\x2F\xE7\x11\x6C\x68"
- "\xC8\x67\x0A\x2F\xF4\x07\xBE\xF9"
- "\x2C\x31\x87\x40\xAB\xB2\xB6\xFA"
- "\xD2\xC9\x6D\x5C\x50\xE9\xE6\x7E"
- "\xE3\x0A\xD2\xD5\x6D\x8D\x64\x9E"
- "\x70\xCE\x03\x76\xDD\xE0\xF0\x8C"
- "\x84\x86\x8B\x6A\xFE\xC7\xF9\x69"
- "\x2E\xFE\xFC\xC2\xC4\x1A\x55\x58"
- "\xB3\xBE\xE2\x7E\xED\x39\x42\x6C"
- "\xB4\x42\x97\x9A\xEC\xE1\x0A\x06"
- "\x02\xC5\x03\x9D\xC4\x48\x15\x66"
- "\x35\x6A\xC2\xC9\xA2\x26\x30\xBB"
- "\xDB\x2D\xC8\x08\x2B\xA0\x29\x1A"
- "\x23\x61\x48\xEA\x80\x04\x27\xAA"
- "\x69\x49\xE8\xE8\x4A\x83\x6B\x5A"
- "\xCA\x7C\xD3\xB1\xB5\x0B\xCC\x23"
- "\x74\x1F\xA9\x87\xCD\xED\xC0\x2D"
- "\xBF\xEB\xCF\x16\x2D\x2A\x2E\x1D"
- "\x96\xBA\x36\x11\x45\x41\xDA\xCE"
- "\xA4\x48\x80\x8B\x06\xF4\x98\x89"
- "\x8B\x23\x08\x53\xF4\xD4\x5A\x24"
- "\x8B\xF8\x43\x73\xD1\xEE\xC4\xB0"
- "\xF8\xFE\x09\x0C\x75\x05\x38\x0B"
- "\x7C\x81\xDE\x9D\xE4\x61\x37\x63"
- "\x63\xAD\x12\xD2\x04\xB9\xCE\x45"
- "\x5A\x1A\x6E\xB3\x78\x2A\xA4\x74"
- "\x86\xD0\xE3\xFF\xDA\x38\x9C\xB5"
- "\xB8\xB1\xDB\x38\x2F\xC5\x6A\xB4"
- "\xEB\x6E\x96\xE8\x43\x80\xB5\x51"
- "\x61\x2D\x48\xAA\x07\x65\x11\x8C"
- "\x48\xE3\x90\x7E\x78\x3A\xEC\x97"
- "\x05\x3D\x84\xE7\x90\x2B\xAA\xBD"
- "\x83\x29\x0E\x1A\x81\x73\x7B\xE0"
- "\x7A\x01\x4A\x37\x3B\x77\x7F\x8D"
- "\x49\xA4\x2F\x6E\xBE\x68\x99\x08"
- "\x99\xAA\x4C\x12\x04\xAE\x1F\x77"
- "\x35\x88\xF1\x65\x06\x0A\x0B\x4D"
- "\x47\xF9\x50\x38\x5D\x71\xF9\x6E"
- "\xDE\xEC\x61\x35\x2C\x4C\x96\x50"
- "\xE8\x28\x93\x9C\x7E\x01\xC6\x04"
- "\xB2\xD6\xBC\x6C\x17\xEB\xC1\x7D"
- "\x11\xE9\x43\x83\x76\xAA\x53\x37"
- "\x0C\x1D\x39\x89\x53\x72\x09\x7E"
- "\xD9\x85\x16\x04\xA5\x2C\x05\x6F"
- "\x17\x0C\x6E\x66\xAA\x84\xA7\xD9"
- "\xE2\xD9\xC4\xEB\x43\x3E\xB1\x8D"
- "\x7C\x36\xC7\x71\x70\x9C\x10\xD8"
- "\xE8\x47\x2A\x4D\xFD\xA1\xBC\xE3"
- "\xB9\x32\xE2\xC1\x82\xAC\xFE\xCC"
- "\xC5\xC9\x7F\x9E\xCF\x33\x7A\xDF"
- "\x6C\x82\x9D",
- .rlen = 499,
- .also_non_np = 1,
- .np = 2,
- .tap = { 499 - 16, 16 },
- },
-};
-
-static const struct cipher_testvec tf_ctr_dec_tv_template[] = {
- { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
- "\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
- "\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
- "\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
- "\x9F\x8D\x40\x9F\x24\xFD\x92\xA0"
- "\xBC\x8F\x35\xDD\x67\x38\xD8\xAA"
- "\xCF\xF8\x48\xCA\xFB\xE4\x5C\x60"
- "\x01\x41\x21\x12\x38\xAB\x52\x4F"
- "\xA8\x57\x20\xE0\x21\x6A\x17\x0D"
- "\x0E\xF9\x8E\x49\x42\x00\x3C\x94"
- "\x14\xC0\xD0\x8D\x8A\x98\xEB\x29"
- "\xEC\xAE\x96\x44\xC0\x3C\x48\xDC"
- "\x29\x35\x25\x2F\xE7\x11\x6C\x68"
- "\xC8\x67\x0A\x2F\xF4\x07\xBE\xF9"
- "\x2C\x31\x87\x40\xAB\xB2\xB6\xFA"
- "\xD2\xC9\x6D\x5C\x50\xE9\xE6\x7E"
- "\xE3\x0A\xD2\xD5\x6D\x8D\x64\x9E"
- "\x70\xCE\x03\x76\xDD\xE0\xF0\x8C"
- "\x84\x86\x8B\x6A\xFE\xC7\xF9\x69"
- "\x2E\xFE\xFC\xC2\xC4\x1A\x55\x58"
- "\xB3\xBE\xE2\x7E\xED\x39\x42\x6C"
- "\xB4\x42\x97\x9A\xEC\xE1\x0A\x06"
- "\x02\xC5\x03\x9D\xC4\x48\x15\x66"
- "\x35\x6A\xC2\xC9\xA2\x26\x30\xBB"
- "\xDB\x2D\xC8\x08\x2B\xA0\x29\x1A"
- "\x23\x61\x48\xEA\x80\x04\x27\xAA"
- "\x69\x49\xE8\xE8\x4A\x83\x6B\x5A"
- "\xCA\x7C\xD3\xB1\xB5\x0B\xCC\x23"
- "\x74\x1F\xA9\x87\xCD\xED\xC0\x2D"
- "\xBF\xEB\xCF\x16\x2D\x2A\x2E\x1D"
- "\x96\xBA\x36\x11\x45\x41\xDA\xCE"
- "\xA4\x48\x80\x8B\x06\xF4\x98\x89"
- "\x8B\x23\x08\x53\xF4\xD4\x5A\x24"
- "\x8B\xF8\x43\x73\xD1\xEE\xC4\xB0"
- "\xF8\xFE\x09\x0C\x75\x05\x38\x0B"
- "\x7C\x81\xDE\x9D\xE4\x61\x37\x63"
- "\x63\xAD\x12\xD2\x04\xB9\xCE\x45"
- "\x5A\x1A\x6E\xB3\x78\x2A\xA4\x74"
- "\x86\xD0\xE3\xFF\xDA\x38\x9C\xB5"
- "\xB8\xB1\xDB\x38\x2F\xC5\x6A\xB4"
- "\xEB\x6E\x96\xE8\x43\x80\xB5\x51"
- "\x61\x2D\x48\xAA\x07\x65\x11\x8C"
- "\x48\xE3\x90\x7E\x78\x3A\xEC\x97"
- "\x05\x3D\x84\xE7\x90\x2B\xAA\xBD"
- "\x83\x29\x0E\x1A\x81\x73\x7B\xE0"
- "\x7A\x01\x4A\x37\x3B\x77\x7F\x8D"
- "\x49\xA4\x2F\x6E\xBE\x68\x99\x08"
- "\x99\xAA\x4C\x12\x04\xAE\x1F\x77"
- "\x35\x88\xF1\x65\x06\x0A\x0B\x4D"
- "\x47\xF9\x50\x38\x5D\x71\xF9\x6E"
- "\xDE\xEC\x61\x35\x2C\x4C\x96\x50"
- "\xE8\x28\x93\x9C\x7E\x01\xC6\x04"
- "\xB2\xD6\xBC\x6C\x17\xEB\xC1\x7D"
- "\x11\xE9\x43\x83\x76\xAA\x53\x37"
- "\x0C\x1D\x39\x89\x53\x72\x09\x7E"
- "\xD9\x85\x16\x04\xA5\x2C\x05\x6F"
- "\x17\x0C\x6E\x66\xAA\x84\xA7\xD9"
- "\xE2\xD9\xC4\xEB\x43\x3E\xB1\x8D"
- "\x7C\x36\xC7\x71\x70\x9C\x10\xD8"
- "\xE8\x47\x2A\x4D\xFD\xA1\xBC\xE3"
- "\xB9\x32\xE2\xC1\x82\xAC\xFE\xCC"
- "\xC5\xC9\x7F\x9E\xCF\x33\x7A\xDF",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
- "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\xEB\x44\xAF\x49\x27\xB8\xFB\x44"
- "\x4C\xA6\xC3\x0C\x8B\xD0\x01\x0C"
- "\x53\xC8\x16\x38\xDE\x40\x4F\x91"
- "\x25\x6D\x4C\xA0\x9A\x87\x1E\xDA"
- "\x88\x7E\x89\xE9\x67\x2B\x83\xA2"
- "\x5F\x2E\x23\x3E\x45\xB9\x77\x7B"
- "\xA6\x7E\x47\x36\x81\x9F\x9B\xF3"
- "\xE0\xF0\xD7\x47\xA9\xC8\xEF\x33"
- "\x0C\x43\xFE\x67\x50\x0A\x2C\x3E"
- "\xA0\xE1\x25\x8E\x80\x07\x4A\xC0"
- "\x64\x89\x9F\x6A\x27\x96\x07\xA6"
- "\x9B\xC8\x1B\x21\x60\xAE\x5D\x01"
- "\xE2\xCD\xC8\xAA\x6C\x9D\x1C\x34"
- "\x39\x18\x09\xA4\x82\x59\x78\xE7"
- "\xFC\x59\x65\xF2\x94\xFF\xFB\xE2"
- "\x3C\xDA\xB1\x90\x95\xBF\x91\xE3"
- "\xE6\x87\x31\x9E\x16\x85\xAD\xB1"
- "\x4C\xAE\x43\x4D\x19\x58\xB5\x5E"
- "\x2E\xF5\x09\xAA\x39\xF4\xC0\xB3"
- "\xD4\x4D\xDB\x73\x7A\xD4\xF1\xBF"
- "\x89\x16\x4D\x2D\xA2\x26\x33\x72"
- "\x18\x33\x7E\xD6\xD2\x16\xA4\x54"
- "\xF4\x8C\xB3\x52\xDF\x21\x9C\xEB"
- "\xBF\x49\xD3\xF9\x05\x06\xCB\xD2"
- "\xA9\xD2\x3B\x6E\x19\x8C\xBC\x19"
- "\xAB\x89\xD6\xD8\xCD\x56\x89\x5E"
- "\xAC\x00\xE3\x50\x63\x4A\x80\x9A"
- "\x05\xBC\x50\x39\xD3\x32\xD9\x0D"
- "\xE3\x20\x0D\x75\x54\xEC\xE6\x31"
- "\x14\xB9\x3A\x59\x00\x43\x37\x8E"
- "\x8C\x5A\x79\x62\x14\x76\x8A\xAE"
- "\x8F\xCC\xA1\x6C\x38\x78\xDD\x2D"
- "\x8B\x6D\xEA\xBD\x7B\x25\xFF\x60"
- "\xC9\x87\xB1\x79\x1E\xA5\x86\x68"
- "\x81\xB4\xE2\xC1\x05\x7D\x3A\x73"
- "\xD0\xDA\x75\x77\x9E\x05\x27\xF1"
- "\x08\xA9\x66\x64\x6C\xBC\x82\x17"
- "\x2C\x23\x5F\x62\x4D\x02\x1A\x58"
- "\xE7\xB7\x23\x6D\xE2\x20\xDA\xEF"
- "\xB4\xB3\x3F\xB2\x2B\x69\x98\x83"
- "\x95\x87\x13\x57\x60\xD7\xB5\xB1"
- "\xEE\x0A\x2F\x95\x36\x4C\x76\x5D"
- "\x5F\xD9\x19\xED\xB9\xA5\x48\xBF"
- "\xC8\xAB\x0F\x71\xCC\x61\x8E\x0A"
- "\xD0\x29\x44\xA8\xB9\xC1\xE8\xC8"
- "\xC9\xA8\x28\x81\xFB\x50\xF2\xF0"
- "\x26\xAE\x39\xB8\x91\xCD\xA8\xAC"
- "\xDE\x55\x1B\x50\x14\x53\x44\x17"
- "\x54\x46\xFC\xB1\xE4\x07\x6B\x9A"
- "\x01\x14\xF0\x2E\x2E\xDB\x46\x1B"
- "\x1A\x09\x97\xA9\xB6\x97\x79\x06"
- "\xFB\xCB\x85\xCF\xDD\xA1\x41\xB1"
- "\x00\xAA\xF7\xE0\x89\x73\xFB\xE5"
- "\xBF\x84\xDB\xC9\xCD\xC4\xA2\x0D"
- "\x3B\xAC\xF9\xDF\x96\xBF\x88\x23"
- "\x41\x67\xA1\x24\x99\x7E\xCC\x9B"
- "\x02\x8F\x6A\x49\xF6\x25\xBA\x7A"
- "\xF4\x78\xFD\x79\x62\x63\x4F\x14"
- "\xD6\x11\x11\x04\x05\x5F\x7E\xEA"
- "\x4C\xB6\xF8\xF4\x5F\x48\x52\x54"
- "\x94\x63\xA8\x4E\xCF\xD2\x1B\x1B"
- "\x22\x18\x6A\xAF\x6E\x3E\xE1\x0D",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
+ .ctext = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
"\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
"\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
"\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
@@ -10580,78 +8104,14 @@ static const struct cipher_testvec tf_ctr_dec_tv_template[] = {
"\xB9\x32\xE2\xC1\x82\xAC\xFE\xCC"
"\xC5\xC9\x7F\x9E\xCF\x33\x7A\xDF"
"\x6C\x82\x9D",
- .ilen = 499,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59",
- .rlen = 499,
+ .len = 499,
.also_non_np = 1,
.np = 2,
.tap = { 499 - 16, 16 },
},
};
-static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
+static const struct cipher_testvec tf_lrw_tv_template[] = {
/* Generated from AES-LRW test vectors */
{
.key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
@@ -10661,12 +8121,11 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xa1\x6c\x50\x69\x26\xa4\xef\x7b"
+ .ctext = "\xa1\x6c\x50\x69\x26\xa4\xef\x7b"
"\x7c\xc6\x91\xeb\x72\xdd\x9b\xee",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
"\xd7\x79\xe8\x0f\x54\x88\x79\x44"
@@ -10675,12 +8134,11 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xab\x72\x0a\xad\x3b\x0c\xf0\xc9"
+ .ctext = "\xab\x72\x0a\xad\x3b\x0c\xf0\xc9"
"\x42\x2f\xf1\xae\xf1\x3c\xb1\xbd",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
"\x30\xfe\x69\xe2\x37\x7f\x98\x47"
@@ -10689,12 +8147,11 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x85\xa7\x56\x67\x08\xfa\x42\xe1"
+ .ctext = "\x85\xa7\x56\x67\x08\xfa\x42\xe1"
"\x22\xe6\x82\xfc\xd9\xb4\xd7\xd4",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
"\x25\x83\xf7\x3c\x1f\x01\x28\x74"
@@ -10704,12 +8161,11 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xd2\xaf\x69\x35\x24\x1d\x0e\x1c"
+ .ctext = "\xd2\xaf\x69\x35\x24\x1d\x0e\x1c"
"\x84\x8b\x05\xe4\xa2\x2f\x16\xf5",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
"\xf8\x86\xce\xac\x93\xc5\xad\xc6"
@@ -10719,12 +8175,11 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x4a\x23\x56\xd7\xff\x90\xd0\x9a"
+ .ctext = "\x4a\x23\x56\xd7\xff\x90\xd0\x9a"
"\x0d\x7c\x26\xfc\xf0\xf0\xf6\xe4",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -10735,12 +8190,11 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x30\xaf\x26\x05\x9d\x5d\x0a\x58"
+ .ctext = "\x30\xaf\x26\x05\x9d\x5d\x0a\x58"
"\xe2\xe7\xce\x8a\xb2\x56\x6d\x76",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
"\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
@@ -10751,12 +8205,11 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xdf\xcf\xdc\xd2\xe1\xcf\x86\x75"
+ .ctext = "\xdf\xcf\xdc\xd2\xe1\xcf\x86\x75"
"\x17\x66\x5e\x0c\x14\xa1\x3d\x40",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -10767,7 +8220,7 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ .ptext = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
"\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
"\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
"\x50\x38\x1f\x71\x49\xb6\x57\xd6"
@@ -10831,196 +8284,7 @@ static const struct cipher_testvec tf_lrw_enc_tv_template[] = {
"\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
"\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
"\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .ilen = 512,
- .result = "\x30\x38\xeb\xaf\x12\x43\x1a\x89"
- "\x62\xa2\x36\xe5\xcf\x77\x1e\xd9"
- "\x08\xc3\x0d\xdd\x95\xab\x19\x96"
- "\x27\x52\x41\xc3\xca\xfb\xf6\xee"
- "\x40\x2d\xdf\xdd\x00\x0c\xb9\x0a"
- "\x3a\xf0\xc0\xd1\xda\x63\x9e\x45"
- "\x42\xe9\x29\xc0\xb4\x07\xb4\x31"
- "\x66\x77\x72\xb5\xb6\xb3\x57\x46"
- "\x34\x9a\xfe\x03\xaf\x6b\x36\x07"
- "\x63\x8e\xc2\x5d\xa6\x0f\xb6\x7d"
- "\xfb\x6d\x82\x51\xb6\x98\xd0\x71"
- "\xe7\x10\x7a\xdf\xb2\xbd\xf1\x1d"
- "\x72\x2b\x54\x13\xe3\x6d\x79\x37"
- "\xa9\x39\x2c\xdf\x21\xab\x87\xd5"
- "\xee\xef\x9a\x12\x50\x39\x2e\x1b"
- "\x7d\xe6\x6a\x27\x48\xb9\xe7\xac"
- "\xaa\xcd\x79\x5f\xf2\xf3\xa0\x08"
- "\x6f\x2c\xf4\x0e\xd1\xb8\x89\x25"
- "\x31\x9d\xef\xb1\x1d\x27\x55\x04"
- "\xc9\x8c\xb7\x68\xdc\xb6\x67\x8a"
- "\xdb\xcf\x22\xf2\x3b\x6f\xce\xbb"
- "\x26\xbe\x4f\x27\x04\x42\xd1\x44"
- "\x4c\x08\xa3\x95\x4c\x7f\x1a\xaf"
- "\x1d\x28\x14\xfd\xb1\x1a\x34\x18"
- "\xf5\x1e\x28\x69\x95\x6a\x5a\xba"
- "\x8e\xb2\x58\x1d\x28\x17\x13\x3d"
- "\x38\x7d\x14\x8d\xab\x5d\xf9\xe8"
- "\x3c\x0f\x2b\x0d\x2b\x08\xb4\x4b"
- "\x6b\x0d\xc8\xa7\x84\xc2\x3a\x1a"
- "\xb7\xbd\xda\x92\x29\xb8\x5b\x5a"
- "\x63\xa5\x99\x82\x09\x72\x8f\xc6"
- "\xa4\x62\x24\x69\x8c\x2d\x26\x00"
- "\x99\x83\x91\xd6\xc6\xcf\x57\x67"
- "\x38\xea\xf2\xfc\x29\xe0\x73\x39"
- "\xf9\x13\x94\x6d\xe2\x58\x28\x75"
- "\x3e\xae\x71\x90\x07\x70\x1c\x38"
- "\x5b\x4c\x1e\xb5\xa5\x3b\x20\xef"
- "\xb1\x4c\x3e\x1a\x72\x62\xbb\x22"
- "\x82\x09\xe3\x18\x3f\x4f\x48\xfc"
- "\xdd\xac\xfc\xb6\x09\xdb\xd2\x7b"
- "\xd6\xb7\x7e\x41\x2f\x14\xf5\x0e"
- "\xc3\xac\x4a\xed\xe7\x82\xef\x31"
- "\x1f\x1a\x51\x1e\x29\x60\xc8\x98"
- "\x93\x51\x1d\x3d\x62\x59\x83\x82"
- "\x0c\xf1\xd7\x8d\xac\x33\x44\x81"
- "\x3c\x59\xb7\xd4\x5b\x65\x82\xc4"
- "\xec\xdc\x24\xfd\x0e\x1a\x79\x94"
- "\x34\xb0\x62\xfa\x98\x49\x26\x1f"
- "\xf4\x9e\x40\x44\x5b\x1f\xf8\xbe"
- "\x36\xff\xc6\xc6\x9d\xf2\xd6\xcc"
- "\x63\x93\x29\xb9\x0b\x6d\xd7\x6c"
- "\xdb\xf6\x21\x80\xf7\x5a\x37\x15"
- "\x0c\xe3\x36\xc8\x74\x75\x20\x91"
- "\xdf\x52\x2d\x0c\xe7\x45\xff\x46"
- "\xb3\xf4\xec\xc2\xbd\xd3\x37\xb6"
- "\x26\xa2\x5d\x7d\x61\xbf\x10\x46"
- "\x57\x8d\x05\x96\x70\x0b\xd6\x41"
- "\x5c\xe9\xd3\x54\x81\x39\x3a\xdd"
- "\x5f\x92\x81\x6e\x35\x03\xd4\x72"
- "\x3d\x5a\xe7\xb9\x3b\x0c\x84\x23"
- "\x45\x5d\xec\x72\xc1\x52\xef\x2e"
- "\x81\x00\xd3\xfe\x4c\x3c\x05\x61"
- "\x80\x18\xc4\x6c\x03\xd3\xb7\xba"
- "\x11\xd7\xb8\x6e\xea\xe1\x80\x30",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec tf_lrw_dec_tv_template[] = {
- /* Generated from AES-LRW test vectors */
- /* same as enc vectors with input and result reversed */
- {
- .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
- "\x4c\x26\x84\x14\xb5\x68\x01\x85"
- "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
- "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\xa1\x6c\x50\x69\x26\xa4\xef\x7b"
- "\x7c\xc6\x91\xeb\x72\xdd\x9b\xee",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
- "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
- "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
- "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\xab\x72\x0a\xad\x3b\x0c\xf0\xc9"
- "\x42\x2f\xf1\xae\xf1\x3c\xb1\xbd",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
- "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
- "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
- "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x85\xa7\x56\x67\x08\xfa\x42\xe1"
- "\x22\xe6\x82\xfc\xd9\xb4\xd7\xd4",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
- "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
- "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
- "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
- "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\xd2\xaf\x69\x35\x24\x1d\x0e\x1c"
- "\x84\x8b\x05\xe4\xa2\x2f\x16\xf5",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
- "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
- "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
- "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
- "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x4a\x23\x56\xd7\xff\x90\xd0\x9a"
- "\x0d\x7c\x26\xfc\xf0\xf0\xf6\xe4",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\xaf\x26\x05\x9d\x5d\x0a\x58"
- "\xe2\xe7\xce\x8a\xb2\x56\x6d\x76",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
- "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
- "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
- "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
- "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
- "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\xdf\xcf\xdc\xd2\xe1\xcf\x86\x75"
- "\x17\x66\x5e\x0c\x14\xa1\x3d\x40",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x38\xeb\xaf\x12\x43\x1a\x89"
+ .ctext = "\x30\x38\xeb\xaf\x12\x43\x1a\x89"
"\x62\xa2\x36\xe5\xcf\x77\x1e\xd9"
"\x08\xc3\x0d\xdd\x95\xab\x19\x96"
"\x27\x52\x41\xc3\xca\xfb\xf6\xee"
@@ -11084,79 +8348,14 @@ static const struct cipher_testvec tf_lrw_dec_tv_template[] = {
"\x81\x00\xd3\xfe\x4c\x3c\x05\x61"
"\x80\x18\xc4\x6c\x03\xd3\xb7\xba"
"\x11\xd7\xb8\x6e\xea\xe1\x80\x30",
- .ilen = 512,
- .result = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
- "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
- "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
- "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
- "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
- "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
- "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
- "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
- "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
- "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
- "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
- "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
- "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
- "\x4c\x96\x12\xed\x7c\x92\x03\x01"
- "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
- "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
- "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
- "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
- "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
- "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
- "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
- "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
- "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
- "\x76\x12\x73\x44\x1a\x56\xd7\x72"
- "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
- "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
- "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
- "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
- "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
- "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
- "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
- "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
- "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
- "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
- "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
- "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
- "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
- "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
- "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
- "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
- "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
- "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
- "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
- "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
- "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
- "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
- "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
- "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
- "\x62\x73\x65\xfd\x46\x63\x25\x3d"
- "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
- "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
- "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
- "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
- "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
- "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
- "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
- "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
- "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
- "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
- "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
- "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
- "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
- "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
- "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
},
};
-static const struct cipher_testvec tf_xts_enc_tv_template[] = {
+static const struct cipher_testvec tf_xts_tv_template[] = {
/* Generated from AES-XTS test vectors */
{
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -11166,16 +8365,15 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 32,
- .result = "\x4b\xc9\x44\x4a\x11\xa3\xef\xac"
+ .ctext = "\x4b\xc9\x44\x4a\x11\xa3\xef\xac"
"\x30\x74\xe4\x44\x52\x77\x97\x43"
"\xa7\x60\xb2\x45\x2e\xf9\x00\x90"
"\x9f\xaa\xfd\x89\x6e\x9d\x4a\xe0",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x11\x11\x11\x11\x11\x11\x11\x11"
"\x11\x11\x11\x11\x11\x11\x11\x11"
@@ -11184,16 +8382,15 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\x57\x0e\x8f\xe5\x2a\x35\x61\x4f"
+ .ctext = "\x57\x0e\x8f\xe5\x2a\x35\x61\x4f"
"\x32\xd3\xbd\x36\x05\x15\x44\x2c"
"\x58\x06\xf7\xf8\x00\xa8\xb6\xd5"
"\xc6\x28\x92\xdb\xd8\x34\xa2\xe9",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
"\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
@@ -11202,16 +8399,15 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\x96\x45\x8f\x8d\x7a\x75\xb1\xde"
+ .ctext = "\x96\x45\x8f\x8d\x7a\x75\xb1\xde"
"\x40\x0c\x89\x56\xf6\x4d\xa7\x07"
"\x38\xbb\x5b\xe9\xcd\x84\xae\xb2"
"\x7b\x6a\x62\xf4\x8c\xb5\x37\xea",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -11220,7 +8416,7 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -11284,8 +8480,7 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\xa9\x78\xae\x1e\xea\xa2\x44\x4c"
+ .ctext = "\xa9\x78\xae\x1e\xea\xa2\x44\x4c"
"\xa2\x7a\x64\x1f\xaf\x46\xc1\xe0"
"\x6c\xb2\xf3\x92\x9a\xd6\x7d\x58"
"\xb8\x2d\xb9\x5d\x58\x07\x66\x50"
@@ -11349,7 +8544,7 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
"\x43\xc4\x46\x24\x22\x4f\x8f\x7e"
"\xe5\xf4\x6d\x1e\x0e\x18\x7a\xbb"
"\xa6\x8f\xfb\x49\x49\xd8\x7e\x5a",
- .rlen = 512,
+ .len = 512,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -11362,7 +8557,7 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
.klen = 64,
.iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -11426,8 +8621,7 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\xd7\x4b\x93\x7d\x13\xa2\xa2\xe1"
+ .ctext = "\xd7\x4b\x93\x7d\x13\xa2\xa2\xe1"
"\x35\x39\x71\x88\x76\x1e\xc9\xea"
"\x86\xad\xf3\x14\x48\x3d\x5e\xe9"
"\xe9\x2d\xb2\x56\x59\x35\x9d\xec"
@@ -11491,350 +8685,7 @@ static const struct cipher_testvec tf_xts_enc_tv_template[] = {
"\xf3\xea\x67\x52\x78\xc2\xce\x70"
"\xa4\x05\x0b\xb2\xb3\xa8\x30\x97"
"\x37\x30\xe1\x91\x8d\xb3\x2a\xff",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec tf_xts_dec_tv_template[] = {
- /* Generated from AES-XTS test vectors */
- /* same as enc vectors with input and result reversed */
- {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x4b\xc9\x44\x4a\x11\xa3\xef\xac"
- "\x30\x74\xe4\x44\x52\x77\x97\x43"
- "\xa7\x60\xb2\x45\x2e\xf9\x00\x90"
- "\x9f\xaa\xfd\x89\x6e\x9d\x4a\xe0",
- .ilen = 32,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 32,
- }, {
- .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x57\x0e\x8f\xe5\x2a\x35\x61\x4f"
- "\x32\xd3\xbd\x36\x05\x15\x44\x2c"
- "\x58\x06\xf7\xf8\x00\xa8\xb6\xd5"
- "\xc6\x28\x92\xdb\xd8\x34\xa2\xe9",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
- "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x96\x45\x8f\x8d\x7a\x75\xb1\xde"
- "\x40\x0c\x89\x56\xf6\x4d\xa7\x07"
- "\x38\xbb\x5b\xe9\xcd\x84\xae\xb2"
- "\x7b\x6a\x62\xf4\x8c\xb5\x37\xea",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xa9\x78\xae\x1e\xea\xa2\x44\x4c"
- "\xa2\x7a\x64\x1f\xaf\x46\xc1\xe0"
- "\x6c\xb2\xf3\x92\x9a\xd6\x7d\x58"
- "\xb8\x2d\xb9\x5d\x58\x07\x66\x50"
- "\xea\x35\x35\x8c\xb2\x46\x61\x06"
- "\x5d\x65\xfc\x57\x8f\x69\x74\xab"
- "\x8a\x06\x69\xb5\x6c\xda\x66\xc7"
- "\x52\x90\xbb\x8e\x6d\x8b\xb5\xa2"
- "\x78\x1d\xc2\xa9\xc2\x73\x00\xc3"
- "\x32\x36\x7c\x97\x6b\x4e\x8a\x50"
- "\xe4\x91\x83\x96\x8f\xf4\x94\x1a"
- "\xa6\x27\xe1\x33\xcb\x91\xc6\x5f"
- "\x94\x75\xbc\xd7\x3e\x3e\x6f\x9e"
- "\xa9\x31\x80\x5e\xe5\xdb\xc8\x53"
- "\x01\x73\x68\x32\x25\x19\xfa\xfb"
- "\xe4\xcf\xb9\x3e\xa2\xa0\x8f\x31"
- "\xbf\x54\x06\x93\xa8\xb1\x0f\xb6"
- "\x7c\x3c\xde\x6f\x0f\xfb\x0c\x11"
- "\x39\x80\x39\x09\x97\x65\xf2\x83"
- "\xae\xe6\xa1\x6f\x47\xb8\x49\xde"
- "\x99\x36\x20\x7d\x97\x3b\xec\xfa"
- "\xb4\x33\x6e\x7a\xc7\x46\x84\x49"
- "\x91\xcd\xe1\x57\x0d\xed\x40\x08"
- "\x13\xf1\x4e\x3e\xa4\xa4\x5c\xe6"
- "\xd2\x0c\x20\x8f\x3e\xdf\x3f\x47"
- "\x9a\x2f\xde\x6d\x66\xc9\x99\x4a"
- "\x2d\x9e\x9d\x4b\x1a\x27\xa2\x12"
- "\x99\xf0\xf8\xb1\xb6\xf6\x57\xc3"
- "\xca\x1c\xa3\x8e\xed\x39\x28\xb5"
- "\x10\x1b\x4b\x08\x42\x00\x4a\xd3"
- "\xad\x5a\xc6\x8e\xc8\xbb\x95\xc4"
- "\x4b\xaa\xfe\xd5\x42\xa8\xa3\x6d"
- "\x3c\xf3\x34\x91\x2d\xb4\xdd\x20"
- "\x0c\x90\x6d\xa3\x9b\x66\x9d\x24"
- "\x02\xa6\xa9\x3f\x3f\x58\x5d\x47"
- "\x24\x65\x63\x7e\xbd\x8c\xe6\x52"
- "\x7d\xef\x33\x53\x63\xec\xaa\x0b"
- "\x64\x15\xa9\xa6\x1f\x10\x00\x38"
- "\x35\xa8\xe7\xbe\x23\x70\x22\xe0"
- "\xd3\xb9\xe6\xfd\xe6\xaa\x03\x50"
- "\xf3\x3c\x27\x36\x8b\xcc\xfe\x9c"
- "\x9c\xa3\xb3\xe7\x68\x9b\xa2\x71"
- "\xe0\x07\xd9\x1f\x68\x1f\xac\x5e"
- "\x7a\x74\x85\xa9\x6a\x90\xab\x2c"
- "\x38\x51\xbc\x1f\x43\x4a\x56\x1c"
- "\xf8\x47\x03\x4e\x67\xa8\x1f\x99"
- "\x04\x39\x73\x32\xb2\x86\x79\xe7"
- "\x14\x28\x70\xb8\xe2\x7d\x69\x85"
- "\xb6\x0f\xc5\xd0\xd0\x01\x5c\xe6"
- "\x09\x0f\x75\xf7\xb6\x81\xd2\x11"
- "\x20\x9c\xa1\xee\x11\x44\x79\xd0"
- "\xb2\x34\x77\xda\x10\x9a\x6f\x6f"
- "\xef\x7c\xd9\xdc\x35\xb7\x61\xdd"
- "\xf1\xa4\xc6\x1c\xbf\x05\x22\xac"
- "\xfe\x2f\x85\x00\x44\xdf\x33\x16"
- "\x35\xb6\xa3\xd3\x70\xdf\x69\x35"
- "\x6a\xc7\xb4\x99\x45\x27\xc8\x8e"
- "\x5a\x14\x30\xd0\x55\x3e\x4f\x64"
- "\x0d\x38\xe3\xdf\x8b\xa8\x93\x26"
- "\x75\xae\xf6\xb5\x23\x0b\x17\x31"
- "\xbf\x27\xb8\xb5\x94\x31\xa7\x8f"
- "\x43\xc4\x46\x24\x22\x4f\x8f\x7e"
- "\xe5\xf4\x6d\x1e\x0e\x18\x7a\xbb"
- "\xa6\x8f\xfb\x49\x49\xd8\x7e\x5a",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x62\x49\x77\x57\x24\x70\x93\x69"
- "\x99\x59\x57\x49\x66\x96\x76\x27"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95"
- "\x02\x88\x41\x97\x16\x93\x99\x37"
- "\x51\x05\x82\x09\x74\x94\x45\x92",
- .klen = 64,
- .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xd7\x4b\x93\x7d\x13\xa2\xa2\xe1"
- "\x35\x39\x71\x88\x76\x1e\xc9\xea"
- "\x86\xad\xf3\x14\x48\x3d\x5e\xe9"
- "\xe9\x2d\xb2\x56\x59\x35\x9d\xec"
- "\x84\xfa\x7e\x9d\x6d\x33\x36\x8f"
- "\xce\xf4\xa9\x21\x0b\x5f\x96\xec"
- "\xcb\xf9\x57\x68\x33\x88\x39\xbf"
- "\x2f\xbb\x59\x03\xbd\x66\x8b\x11"
- "\x11\x65\x51\x2e\xb8\x67\x05\xd1"
- "\x27\x11\x5c\xd4\xcc\x97\xc2\xb3"
- "\xa9\x55\xaf\x07\x56\xd1\xdc\xf5"
- "\x85\xdc\x46\xe6\xf0\x24\xeb\x93"
- "\x4d\xf0\x9b\xf5\x73\x1c\xda\x03"
- "\x22\xc8\x3a\x4f\xb4\x19\x91\x09"
- "\x54\x0b\xf6\xfe\x17\x3d\x1a\x53"
- "\x72\x60\x79\xcb\x0e\x32\x8a\x77"
- "\xd5\xed\xdb\x33\xd7\x62\x16\x69"
- "\x63\xe0\xab\xb5\xf6\x9c\x5f\x3d"
- "\x69\x35\x61\x86\xf8\x86\xb9\x89"
- "\x6e\x59\x35\xac\xf6\x6b\x33\xa0"
- "\xea\xef\x96\x62\xd8\xa9\xcf\x56"
- "\xbf\xdb\x8a\xfd\xa1\x82\x77\x73"
- "\x3d\x94\x4a\x49\x42\x6d\x08\x60"
- "\xa1\xea\xab\xb6\x88\x13\x94\xb8"
- "\x51\x98\xdb\x35\x85\xdf\xf6\xb9"
- "\x8f\xcd\xdf\x80\xd3\x40\x2d\x72"
- "\xb8\xb2\x6c\x02\x43\x35\x22\x2a"
- "\x31\xed\xcd\x16\x19\xdf\x62\x0f"
- "\x29\xcf\x87\x04\xec\x02\x4f\xe4"
- "\xa2\xed\x73\xc6\x69\xd3\x7e\x89"
- "\x0b\x76\x10\x7c\xd6\xf9\x6a\x25"
- "\xed\xcc\x60\x5d\x61\x20\xc1\x97"
- "\x56\x91\x57\x28\xbe\x71\x0d\xcd"
- "\xde\xc4\x9e\x55\x91\xbe\xd1\x28"
- "\x9b\x90\xeb\x73\xf3\x68\x51\xc6"
- "\xdf\x82\xcc\xd8\x1f\xce\x5b\x27"
- "\xc0\x60\x5e\x33\xd6\xa7\x20\xea"
- "\xb2\x54\xc7\x5d\x6a\x3b\x67\x47"
- "\xcf\xa0\xe3\xab\x86\xaf\xc1\x42"
- "\xe6\xb0\x23\x4a\xaf\x53\xdf\xa0"
- "\xad\x12\x32\x31\x03\xf7\x21\xbe"
- "\x2d\xd5\x82\x42\xb6\x4a\x3d\xcd"
- "\xd8\x81\x77\xa9\x49\x98\x6c\x09"
- "\xc5\xa3\x61\x12\x62\x85\x6b\xcd"
- "\xb3\xf4\x20\x0c\x41\xc4\x05\x37"
- "\x46\x5f\xeb\x71\x8b\xf1\xaf\x6e"
- "\xba\xf3\x50\x2e\xfe\xa8\x37\xeb"
- "\xe8\x8c\x4f\xa4\x0c\xf1\x31\xc8"
- "\x6e\x71\x4f\xa5\xd7\x97\x73\xe0"
- "\x93\x4a\x2f\xda\x7b\xe0\x20\x54"
- "\x1f\x8d\x85\x79\x0b\x7b\x5e\x75"
- "\xb9\x07\x67\xcc\xc8\xe7\x21\x15"
- "\xa7\xc8\x98\xff\x4b\x80\x1c\x12"
- "\xa8\x54\xe1\x38\x52\xe6\x74\x81"
- "\x97\x47\xa1\x41\x0e\xc0\x50\xe3"
- "\x55\x0e\xc3\xa7\x70\x77\xce\x07"
- "\xed\x8c\x88\xe6\xa1\x5b\x14\xec"
- "\xe6\xde\x06\x6d\x74\xc5\xd9\xfa"
- "\xe5\x2f\x5a\xff\xc8\x05\xee\x27"
- "\x35\x61\xbf\x0b\x19\x78\x9b\xd2"
- "\x04\xc7\x05\xb1\x79\xb4\xff\x5f"
- "\xf3\xea\x67\x52\x78\xc2\xce\x70"
- "\xa4\x05\x0b\xb2\xb3\xa8\x30\x97"
- "\x37\x30\xe1\x91\x8d\xb3\x2a\xff",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
@@ -11845,51 +8696,47 @@ static const struct cipher_testvec tf_xts_dec_tv_template[] = {
* Serpent test vectors. These are backwards because Serpent writes
* octet sequences in right-to-left mode.
*/
-static const struct cipher_testvec serpent_enc_tv_template[] = {
+static const struct cipher_testvec serpent_tv_template[] = {
{
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .ilen = 16,
- .result = "\x12\x07\xfc\xce\x9b\xd0\xd6\x47"
+ .ctext = "\x12\x07\xfc\xce\x9b\xd0\xd6\x47"
"\x6a\xe9\x8f\xbe\xd1\x43\xa0\xe2",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
.klen = 16,
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .ilen = 16,
- .result = "\x4c\x7d\x8a\x32\x80\x72\xa2\x2c"
+ .ctext = "\x4c\x7d\x8a\x32\x80\x72\xa2\x2c"
"\x82\x3e\x4a\x1f\x3a\xcd\xa1\x6d",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
.klen = 32,
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .ilen = 16,
- .result = "\xde\x26\x9f\xf8\x33\xe4\x32\xb8"
+ .ctext = "\xde\x26\x9f\xf8\x33\xe4\x32\xb8"
"\x5b\x2e\x88\xd2\x70\x1c\xe7\x5c",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80",
.klen = 16,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\xdd\xd2\x6b\x98\xa5\xff\xd8\x2c"
+ .ptext = zeroed_string,
+ .ctext = "\xdd\xd2\x6b\x98\xa5\xff\xd8\x2c"
"\x05\x34\x5a\x9d\xad\xbf\xaf\x49",
- .rlen = 16,
+ .len = 16,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
"\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
"\x78\xBE\x9B\x78\x55\x32\x0F\x55",
.klen = 32,
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -11951,8 +8798,7 @@ static const struct cipher_testvec serpent_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xFB\xB0\x5D\xDE\xC0\xFE\xFC\xEB"
+ .ctext = "\xFB\xB0\x5D\xDE\xC0\xFE\xFC\xEB"
"\xB1\x80\x10\x43\xDE\x62\x70\xBD"
"\xFA\x8A\x93\xEA\x6B\xF7\xC5\xD7"
"\x0C\xD1\xBB\x29\x25\x14\x4C\x22"
@@ -12014,281 +8860,93 @@ static const struct cipher_testvec serpent_enc_tv_template[] = {
"\x34\xC1\xC9\xF2\x28\x4A\xCD\x02"
"\x75\x55\x9B\xFF\x36\x73\xAB\x7C"
"\xF4\x46\x2E\xEB\xAC\xF3\xD2\xB7",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec tnepres_enc_tv_template[] = {
+static const struct cipher_testvec tnepres_tv_template[] = {
+ { /* KeySize=0 */
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .ctext = "\x41\xcc\x6b\x31\x59\x31\x45\x97"
+ "\x6d\x6f\xbb\x38\x4b\x37\x21\x28",
+ .len = 16,
+ },
{ /* KeySize=128, PT=0, I=1 */
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
.key = "\x80\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 16,
- .ilen = 16,
- .result = "\x49\xaf\xbf\xad\x9d\x5a\x34\x05"
+ .ctext = "\x49\xaf\xbf\xad\x9d\x5a\x34\x05"
"\x2c\xd8\xff\xa5\x98\x6b\xd2\xdd",
- .rlen = 16,
+ .len = 16,
+ }, { /* KeySize=128 */
+ .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .klen = 16,
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .ctext = "\xea\xf4\xd7\xfc\xd8\x01\x34\x47"
+ "\x81\x45\x0b\xfa\x0c\xd6\xad\x6e",
+ .len = 16,
+ }, { /* KeySize=128, I=121 */
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80",
+ .klen = 16,
+ .ptext = zeroed_string,
+ .ctext = "\x3d\xda\xbf\xc0\x06\xda\xab\x06"
+ "\x46\x2a\xf4\xef\x81\x54\x4e\x26",
+ .len = 16,
}, { /* KeySize=192, PT=0, I=1 */
.key = "\x80\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 24,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 16,
- .result = "\xe7\x8e\x54\x02\xc7\x19\x55\x68"
+ .ctext = "\xe7\x8e\x54\x02\xc7\x19\x55\x68"
"\xac\x36\x78\xf7\xa3\xf6\x0c\x66",
- .rlen = 16,
+ .len = 16,
}, { /* KeySize=256, PT=0, I=1 */
.key = "\x80\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 32,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 16,
- .result = "\xab\xed\x96\xe7\x66\xbf\x28\xcb"
+ .ctext = "\xab\xed\x96\xe7\x66\xbf\x28\xcb"
"\xc0\xeb\xd2\x1a\x82\xef\x08\x19",
- .rlen = 16,
+ .len = 16,
}, { /* KeySize=256, I=257 */
.key = "\x1f\x1e\x1d\x1c\x1b\x1a\x19\x18"
"\x17\x16\x15\x14\x13\x12\x11\x10"
"\x0f\x0e\x0d\x0c\x0b\x0a\x09\x08"
"\x07\x06\x05\x04\x03\x02\x01\x00",
.klen = 32,
- .input = "\x0f\x0e\x0d\x0c\x0b\x0a\x09\x08"
+ .ptext = "\x0f\x0e\x0d\x0c\x0b\x0a\x09\x08"
"\x07\x06\x05\x04\x03\x02\x01\x00",
- .ilen = 16,
- .result = "\x5c\xe7\x1c\x70\xd2\x88\x2e\x5b"
+ .ctext = "\x5c\xe7\x1c\x70\xd2\x88\x2e\x5b"
"\xb8\x32\xe4\x33\xf8\x9f\x26\xde",
- .rlen = 16,
- },
-};
-
-
-static const struct cipher_testvec serpent_dec_tv_template[] = {
- {
- .input = "\x12\x07\xfc\xce\x9b\xd0\xd6\x47"
- "\x6a\xe9\x8f\xbe\xd1\x43\xa0\xe2",
- .ilen = 16,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .rlen = 16,
- }, {
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .klen = 16,
- .input = "\x4c\x7d\x8a\x32\x80\x72\xa2\x2c"
- "\x82\x3e\x4a\x1f\x3a\xcd\xa1\x6d",
- .ilen = 16,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .rlen = 16,
- }, {
+ .len = 16,
+ }, { /* KeySize=256 */
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
.klen = 32,
- .input = "\xde\x26\x9f\xf8\x33\xe4\x32\xb8"
- "\x5b\x2e\x88\xd2\x70\x1c\xe7\x5c",
- .ilen = 16,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .rlen = 16,
- }, {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80",
- .klen = 16,
- .input = "\xdd\xd2\x6b\x98\xa5\xff\xd8\x2c"
- "\x05\x34\x5a\x9d\xad\xbf\xaf\x49",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .input = "\xFB\xB0\x5D\xDE\xC0\xFE\xFC\xEB"
- "\xB1\x80\x10\x43\xDE\x62\x70\xBD"
- "\xFA\x8A\x93\xEA\x6B\xF7\xC5\xD7"
- "\x0C\xD1\xBB\x29\x25\x14\x4C\x22"
- "\x77\xA6\x38\x00\xDB\xB9\xE2\x07"
- "\xD1\xAC\x82\xBA\xEA\x67\xAA\x39"
- "\x99\x34\x89\x5B\x54\xE9\x12\x13"
- "\x3B\x04\xE5\x12\x42\xC5\x79\xAB"
- "\x0D\xC7\x3C\x58\x2D\xA3\x98\xF6"
- "\xE4\x61\x9E\x17\x0B\xCE\xE8\xAA"
- "\xB5\x6C\x1A\x3A\x67\x52\x81\x6A"
- "\x04\xFF\x8A\x1B\x96\xFE\xE6\x87"
- "\x3C\xD4\x39\x7D\x36\x9B\x03\xD5"
- "\xB6\xA0\x75\x3C\x83\xE6\x1C\x73"
- "\x9D\x74\x2B\x77\x53\x2D\xE5\xBD"
- "\x69\xDA\x7A\x01\xF5\x6A\x70\x39"
- "\x30\xD4\x2C\xF2\x8E\x06\x4B\x39"
- "\xB3\x12\x1D\xB3\x17\x46\xE6\xD6"
- "\xB6\x31\x36\x34\x38\x3C\x1D\x69"
- "\x9F\x47\x28\x9A\x1D\x96\x70\x54"
- "\x8E\x88\xCB\xE0\xF5\x6A\xAE\x0A"
- "\x3C\xD5\x93\x1C\x21\xC9\x14\x3A"
- "\x23\x9C\x9B\x79\xC7\x75\xC8\x39"
- "\xA6\xAC\x65\x9A\x99\x37\xAF\x6D"
- "\xBD\xB5\x32\xFD\xD8\x9C\x95\x7B"
- "\xC6\x6A\x80\x64\xEA\xEF\x6D\x3F"
- "\xA9\xFE\x5B\x16\xA3\xCF\x32\xC8"
- "\xEF\x50\x22\x20\x93\x30\xBE\xE2"
- "\x38\x05\x65\xAF\xBA\xB6\xE4\x72"
- "\xA9\xEE\x05\x42\x88\xBD\x9D\x49"
- "\xAD\x93\xCA\x4D\x45\x11\x43\x4D"
- "\xB8\xF5\x74\x2B\x48\xE7\x21\xE4"
- "\x4E\x3A\x4C\xDE\x65\x7A\x5A\xAD"
- "\x86\xE6\x23\xEC\x6B\xA7\x17\xE6"
- "\xF6\xA1\xAC\x29\xAE\xF9\x9B\x69"
- "\x73\x65\x65\x51\xD6\x0B\x4E\x8C"
- "\x17\x15\x9D\xB0\xCF\xB2\x42\x2B"
- "\x51\xC3\x03\xE8\xB7\x7D\x2D\x39"
- "\xE8\x10\x93\x16\xC8\x68\x4C\x60"
- "\x87\x70\x14\xD0\x01\x57\xCB\x42"
- "\x13\x59\xB1\x7F\x12\x4F\xBB\xC7"
- "\xBD\x2B\xD4\xA9\x12\x26\x4F\xDE"
- "\xFD\x72\xEC\xD7\x6F\x97\x14\x90"
- "\x0E\x37\x13\xE6\x67\x1D\xE5\xFE"
- "\x9E\x18\x3C\x8F\x3A\x3F\x59\x9B"
- "\x71\x80\x05\x35\x3F\x40\x0B\x21"
- "\x76\xE5\xEF\x42\x6C\xDB\x31\x05"
- "\x5F\x05\xCF\x14\xE3\xF0\x61\xA2"
- "\x49\x03\x5E\x77\x2E\x20\xBA\xA1"
- "\xAF\x46\x51\xC0\x2B\xC4\x64\x1E"
- "\x65\xCC\x51\x58\x0A\xDF\xF0\x5F"
- "\x75\x9F\x48\xCD\x81\xEC\xC3\xF6"
- "\xED\xC9\x4B\x7B\x4E\x26\x23\xE1"
- "\xBB\xE9\x83\x0B\xCF\xE4\xDE\x00"
- "\x48\xFF\xBF\x6C\xB4\x72\x16\xEF"
- "\xC7\x46\xEE\x48\x8C\xB8\xAF\x45"
- "\x91\x76\xE7\x6E\x65\x3D\x15\x86"
- "\x10\xF8\xDB\x66\x97\x7C\x43\x4D"
- "\x79\x12\x4E\xCE\x06\xD1\xD1\x6A"
- "\x34\xC1\xC9\xF2\x28\x4A\xCD\x02"
- "\x75\x55\x9B\xFF\x36\x73\xAB\x7C"
- "\xF4\x46\x2E\xEB\xAC\xF3\xD2\xB7",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec tnepres_dec_tv_template[] = {
- {
- .input = "\x41\xcc\x6b\x31\x59\x31\x45\x97"
- "\x6d\x6f\xbb\x38\x4b\x37\x21\x28",
- .ilen = 16,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .rlen = 16,
- }, {
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .klen = 16,
- .input = "\xea\xf4\xd7\xfc\xd8\x01\x34\x47"
- "\x81\x45\x0b\xfa\x0c\xd6\xad\x6e",
- .ilen = 16,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .rlen = 16,
- }, {
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .klen = 32,
- .input = "\x64\xa9\x1a\x37\xed\x9f\xe7\x49"
+ .ctext = "\x64\xa9\x1a\x37\xed\x9f\xe7\x49"
"\xa8\x4e\x76\xd6\xf5\x0d\x78\xee",
- .ilen = 16,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .rlen = 16,
- }, { /* KeySize=128, I=121 */
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80",
- .klen = 16,
- .input = "\x3d\xda\xbf\xc0\x06\xda\xab\x06"
- "\x46\x2a\xf4\xef\x81\x54\x4e\x26",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- },
+ .len = 16,
+ }
};
-static const struct cipher_testvec serpent_cbc_enc_tv_template[] = {
+static const struct cipher_testvec serpent_cbc_tv_template[] = {
{ /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -12297,7 +8955,7 @@ static const struct cipher_testvec serpent_cbc_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -12359,8 +9017,7 @@ static const struct cipher_testvec serpent_cbc_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\x80\xCF\x11\x41\x1A\xB9\x4B\x9C"
+ .ctext = "\x80\xCF\x11\x41\x1A\xB9\x4B\x9C"
"\xFF\xB7\x6C\xEA\xF0\xAF\x77\x6E"
"\x71\x75\x95\x9D\x4E\x1C\xCF\xAD"
"\x81\x34\xE9\x8F\xAE\x5A\x91\x1C"
@@ -12422,155 +9079,14 @@ static const struct cipher_testvec serpent_cbc_enc_tv_template[] = {
"\x02\xC4\xAF\xFA\xAD\x31\xF4\xBF"
"\xFC\x66\xAA\x37\xF2\x37\x39\x6B"
"\xBC\x08\x3A\xA2\x29\xB3\xDF\xD1",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec serpent_cbc_dec_tv_template[] = {
- { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x80\xCF\x11\x41\x1A\xB9\x4B\x9C"
- "\xFF\xB7\x6C\xEA\xF0\xAF\x77\x6E"
- "\x71\x75\x95\x9D\x4E\x1C\xCF\xAD"
- "\x81\x34\xE9\x8F\xAE\x5A\x91\x1C"
- "\x38\x63\x35\x7E\x79\x18\x0A\xE8"
- "\x67\x06\x76\xD5\xFF\x22\x2F\xDA"
- "\xB6\x2D\x57\x13\xB6\x3C\xBC\x97"
- "\xFE\x53\x75\x35\x97\x7F\x51\xEA"
- "\xDF\x5D\xE8\x9D\xCC\xD9\xAE\xE7"
- "\x62\x67\xFF\x04\xC2\x18\x22\x5F"
- "\x2E\x06\xC1\xE2\x26\xCD\xC6\x1E"
- "\xE5\x2C\x4E\x87\x23\xDD\xF0\x41"
- "\x08\xA5\xB4\x3E\x07\x1E\x0B\xBB"
- "\x72\x84\xF8\x0A\x3F\x38\x5E\x91"
- "\x15\x26\xE1\xDB\xA4\x3D\x74\xD2"
- "\x41\x1E\x3F\xA9\xC6\x7D\x2A\xAB"
- "\x27\xDF\x89\x1D\x86\x3E\xF7\x5A"
- "\xF6\xE3\x0F\xC7\x6B\x4C\x96\x7C"
- "\x2D\x12\xA5\x05\x92\xCB\xD7\x4A"
- "\x4D\x1E\x88\x21\xE1\x63\xB4\xFC"
- "\x4A\xF2\xCD\x35\xB9\xD7\x70\x97"
- "\x5A\x5E\x7E\x96\x52\x20\xDC\x25"
- "\xE9\x6B\x36\xB4\xE0\x98\x85\x2C"
- "\x3C\xD2\xF7\x78\x8A\x73\x26\x9B"
- "\xAF\x0B\x11\xE8\x4D\x67\x23\xE9"
- "\x77\xDF\x58\xF6\x6F\x9E\xA4\xC5"
- "\x10\xA1\x82\x0E\x80\xA0\x8F\x4B"
- "\xA1\xC0\x12\x54\x4E\xC9\x20\x92"
- "\x11\x00\x10\x4E\xB3\x7C\xCA\x63"
- "\xE5\x3F\xD3\x41\x37\xCD\x74\xB7"
- "\xA5\x7C\x61\xB8\x0B\x7A\x7F\x4D"
- "\xFE\x96\x7D\x1B\xBE\x60\x37\xB7"
- "\x81\x92\x66\x67\x15\x1E\x39\x98"
- "\x52\xC0\xF4\x69\xC0\x99\x4F\x5A"
- "\x2E\x32\xAD\x7C\x8B\xE9\xAD\x05"
- "\x55\xF9\x0A\x1F\x97\x5C\xFA\x2B"
- "\xF4\x99\x76\x3A\x6E\x4D\xE1\x4C"
- "\x14\x4E\x6F\x87\xEE\x1A\x85\xA3"
- "\x96\xC6\x66\x49\xDA\x0D\x71\xAC"
- "\x04\x05\x46\xD3\x90\x0F\x64\x64"
- "\x01\x66\x2C\x62\x5D\x34\xD1\xCB"
- "\x3A\x24\xCE\x95\xEF\xAE\x2C\x97"
- "\x0E\x0C\x1D\x36\x49\xEB\xE9\x3D"
- "\x62\xA6\x19\x28\x9E\x26\xB4\x3F"
- "\xD7\x55\x42\x3C\xCD\x72\x0A\xF0"
- "\x7D\xE9\x95\x45\x86\xED\xB1\xE0"
- "\x8D\xE9\xC5\x86\x13\x24\x28\x7D"
- "\x74\xEF\xCA\x50\x12\x7E\x64\x8F"
- "\x1B\xF5\x5B\xFE\xE2\xAC\xFA\xE7"
- "\xBD\x38\x8C\x11\x20\xEF\xB1\xAA"
- "\x7B\xE5\xE5\x78\xAD\x9D\x2D\xA2"
- "\x8E\xDD\x48\xB3\xEF\x18\x92\x7E"
- "\xE6\x75\x0D\x54\x64\x11\xA3\x3A"
- "\xDB\x97\x0F\xD3\xDF\x07\xD3\x7E"
- "\x1E\xD1\x87\xE4\x74\xBB\x46\xF4"
- "\xBA\x23\x2D\x8D\x29\x07\x12\xCF"
- "\x34\xCD\x72\x7F\x01\x30\xE7\xA0"
- "\xF8\xDD\xA8\x08\xF0\xBC\xB1\xA2"
- "\xCC\xE1\x6B\x5F\xBE\xEA\xF1\xE4"
- "\x02\xC4\xAF\xFA\xAD\x31\xF4\xBF"
- "\xFC\x66\xAA\x37\xF2\x37\x39\x6B"
- "\xBC\x08\x3A\xA2\x29\xB3\xDF\xD1",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
+static const struct cipher_testvec serpent_ctr_tv_template[] = {
{ /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -12579,7 +9095,7 @@ static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -12641,8 +9157,7 @@ static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\x84\x68\xEC\xF2\x1C\x88\x20\xCA"
+ .ctext = "\x84\x68\xEC\xF2\x1C\x88\x20\xCA"
"\x37\x69\xE3\x3A\x22\x85\x48\x46"
"\x70\xAA\x25\xB4\xCD\x8B\x04\x4E"
"\x8D\x15\x2B\x98\xDF\x7B\x6D\xB9"
@@ -12704,7 +9219,7 @@ static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
"\xB2\xE6\x7E\x86\x7A\x12\x17\x5B"
"\x30\xF3\x9B\x0D\xFA\x57\xE4\x50"
"\x40\x53\x77\x8C\x15\xF8\x8D\x13",
- .rlen = 496,
+ .len = 496,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -12713,7 +9228,7 @@ static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -12776,8 +9291,7 @@ static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
"\x2B\xC2\x59",
- .ilen = 499,
- .result = "\x84\x68\xEC\xF2\x1C\x88\x20\xCA"
+ .ctext = "\x84\x68\xEC\xF2\x1C\x88\x20\xCA"
"\x37\x69\xE3\x3A\x22\x85\x48\x46"
"\x70\xAA\x25\xB4\xCD\x8B\x04\x4E"
"\x8D\x15\x2B\x98\xDF\x7B\x6D\xB9"
@@ -12840,7 +9354,7 @@ static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
"\x30\xF3\x9B\x0D\xFA\x57\xE4\x50"
"\x40\x53\x77\x8C\x15\xF8\x8D\x13"
"\x38\xE2\xE5",
- .rlen = 499,
+ .len = 499,
.also_non_np = 1,
.np = 2,
.tap = { 499 - 16, 16 },
@@ -12852,208 +9366,7 @@ static const struct cipher_testvec serpent_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\x06\x9A\xF8\xB4\x53\x88\x62\xFC"
- "\x68\xB8\x2E\xDF\xC1\x05\x0F\x3D"
- "\xAF\x4D\x95\xAE\xC4\xE9\x1C\xDC"
- "\xF6\x2B\x8F\x90\x89\xF6\x7E\x1A"
- "\xA6\xB9\xE4\xF4\xFA\xCA\xE5\x7E"
- "\x71\x28\x06\x4F\xE8\x08\x39\xDA"
- "\xA5\x0E\xC8\xC0\xB8\x16\xE5\x69"
- "\xE5\xCA\xEC\x4F\x63\x2C\xC0\x9B"
- "\x9F\x3E\x39\x79\xF0\xCD\x64\x35"
- "\x4A\xD3\xC8\xA9\x31\xCD\x48\x5B"
- "\x92\x3D\x8F\x3F\x96\xBD\xB3\x18"
- "\x74\x2A\x5D\x29\x3F\x57\x8F\xE2"
- "\x67\x9A\xE0\xE5\xD4\x4A\xE2\x47"
- "\xBC\xF6\xEB\x14\xF3\x8C\x20\xC2"
- "\x7D\xE2\x43\x81\x86\x72\x2E\xB1"
- "\x39\xF6\x95\xE1\x1F\xCB\x76\x33"
- "\x5B\x7D\x23\x0F\x3A\x67\x2A\x2F"
- "\xB9\x37\x9D\xDD\x1F\x16\xA1\x3C"
- "\x70\xFE\x52\xAA\x93\x3C\xC4\x46"
- "\xB1\xE5\xFF\xDA\xAF\xE2\x84\xFE"
- "\x25\x92\xB2\x63\xBD\x49\x77\xB4"
- "\x22\xA4\x6A\xD5\x04\xE0\x45\x58"
- "\x1C\x34\x96\x7C\x03\x0C\x13\xA2"
- "\x05\x22\xE2\xCB\x5A\x35\x03\x09"
- "\x40\xD2\x82\x05\xCA\x58\x73\xF2"
- "\x29\x5E\x01\x47\x13\x32\x78\xBE"
- "\x06\xB0\x51\xDB\x6C\x31\xA0\x1C"
- "\x74\xBC\x8D\x25\xDF\xF8\x65\xD1"
- "\x38\x35\x11\x26\x4A\xB4\x06\x32"
- "\xFA\xD2\x07\x77\xB3\x74\x98\x80"
- "\x61\x59\xA8\x9F\xF3\x6F\x2A\xBF"
- "\xE6\xA5\x9A\xC4\x6B\xA6\x49\x6F"
- "\xBC\x47\xD9\xFB\xC6\xEF\x25\x65"
- "\x96\xAC\x9F\xE4\x81\x4B\xD8\xBA"
- "\xD6\x9B\xC9\x6D\x58\x40\x81\x02"
- "\x73\x44\x4E\x43\x6E\x37\xBB\x11"
- "\xE3\xF9\xB8\x2F\xEC\x76\x34\xEA"
- "\x90\xCD\xB7\x2E\x0E\x32\x71\xE8"
- "\xBB\x4E\x0B\x98\xA4\x17\x17\x5B"
- "\x07\xB5\x82\x3A\xC4\xE8\x42\x51"
- "\x5A\x4C\x4E\x7D\xBF\xC4\xC0\x4F"
- "\x68\xB8\xC6\x4A\x32\x6F\x0B\xD7"
- "\x85\xED\x6B\xFB\x72\xD2\xA5\x8F"
- "\xBF\xF9\xAC\x59\x50\xA8\x08\x70"
- "\xEC\xBD\x0A\xBF\xE5\x87\xA1\xC2"
- "\x92\x14\x78\xAF\xE8\xEA\x2E\xDD"
- "\xC1\x03\x9A\xAA\x89\x8B\x32\x46"
- "\x5B\x18\x27\xBA\x46\xAA\x64\xDE"
- "\xE3\xD5\xA3\xFC\x7B\x5B\x61\xDB"
- "\x7E\xDA\xEC\x30\x17\x19\xF8\x80"
- "\xB5\x5E\x27\xB5\x37\x3A\x1F\x28"
- "\x07\x73\xC3\x63\xCE\xFF\x8C\xFE"
- "\x81\x4E\xF8\x24\xF3\xB8\xC7\xE8"
- "\x16\x9A\xCC\x58\x2F\x88\x1C\x4B"
- "\xBB\x33\xA2\x73\xF0\x1C\x89\x0E"
- "\xDC\x34\x27\x89\x98\xCE\x1C\xA2"
- "\xD8\xB8\x90\xBE\xEC\x72\x28\x13"
- "\xAC\x7B\xF1\xD0\x7F\x7A\x28\x50"
- "\xB7\x99\x65\x8A\xC9\xC6\x21\x34"
- "\x7F\x67\x9D\xB7\x2C\xCC\xF5\x17"
- "\x2B\x89\xAC\xB0\xD7\x1E\x47\xB0"
- "\x61\xAF\xD4\x63\x6D\xB8\x2D\x20",
- .rlen = 496,
- },
-};
-
-static const struct cipher_testvec serpent_ctr_dec_tv_template[] = {
- { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x84\x68\xEC\xF2\x1C\x88\x20\xCA"
- "\x37\x69\xE3\x3A\x22\x85\x48\x46"
- "\x70\xAA\x25\xB4\xCD\x8B\x04\x4E"
- "\x8D\x15\x2B\x98\xDF\x7B\x6D\xB9"
- "\xE0\x4A\x73\x00\x65\xB6\x1A\x0D"
- "\x5C\x60\xDF\x34\xDC\x60\x4C\xDF"
- "\xB5\x1F\x26\x8C\xDA\xC1\x11\xA8"
- "\x80\xFA\x37\x7A\x89\xAA\xAE\x7B"
- "\x92\x6E\xB9\xDC\xC9\x62\x4F\x88"
- "\x0A\x5D\x97\x2F\x6B\xAC\x03\x7C"
- "\x22\xF6\x55\x5A\xFA\x35\xA5\x17"
- "\xA1\x5C\x5E\x2B\x63\x2D\xB9\x91"
- "\x3E\x83\x26\x00\x4E\xD5\xBE\xCE"
- "\x79\xC4\x3D\xFC\x70\xA0\xAD\x96"
- "\xBA\x58\x2A\x1C\xDF\xC2\x3A\xA5"
- "\x7C\xB5\x12\x89\xED\xBF\xB6\x09"
- "\x13\x4F\x7D\x61\x3C\x5C\x27\xFC"
- "\x5D\xE1\x4F\xA1\xEA\xB3\xCA\xB9"
- "\xE6\xD0\x97\x81\xDE\xD1\xFB\x8A"
- "\x30\xDB\xA3\x5D\xEC\x25\x0B\x86"
- "\x71\xC8\xA7\x67\xE8\xBC\x7D\x4C"
- "\xAE\x82\xD3\x73\x31\x09\xCB\xB3"
- "\x4D\xD4\xC0\x8A\x2B\xFA\xA6\x55"
- "\x39\x0A\xBC\x6E\x75\xAB\xC2\xE2"
- "\x8A\xF2\x26\xCD\x63\x38\x35\xF7"
- "\xAE\x12\x83\xCD\x8A\x9E\x7E\x4C"
- "\xFE\x4D\xD7\xCE\x5C\x6E\x4C\xAF"
- "\xE3\xCD\x76\xA7\x87\xA1\x54\x7C"
- "\xEC\x32\xC7\x83\x2A\xFF\xF8\xEA"
- "\x87\xB2\x47\xA3\x9D\xC2\x9C\xA2"
- "\xB7\x2C\x7C\x1A\x24\xCB\x88\x61"
- "\xFF\xA7\x1A\x16\x01\xDD\x4B\xFC"
- "\x2E\xE0\x48\x67\x09\x42\xCC\x91"
- "\xBE\x20\x38\xC0\x5E\x3B\x95\x00"
- "\xA1\x96\x66\x0B\x8A\xE9\x9E\xF7"
- "\x6B\x34\x0A\x51\xC0\x3B\xEB\x71"
- "\x07\x97\x38\x4B\x5C\x56\x98\x67"
- "\x78\x9C\xD0\x0E\x2B\xB5\x67\x90"
- "\x75\xF8\xFE\x6D\x4E\x85\xCC\x0D"
- "\x18\x06\x15\x9D\x5A\x10\x13\x37"
- "\xA3\xD6\x68\xA2\xDF\x7E\xC7\x12"
- "\xC9\x0D\x4D\x91\xB0\x2A\x55\xFF"
- "\x6F\x73\x13\xDF\x28\xB5\x2A\x2C"
- "\xE4\xFC\x20\xD9\xF1\x7A\x82\xB1"
- "\xCB\x57\xB6\x3D\x8C\xF4\x8E\x27"
- "\x37\xDC\x35\xF3\x79\x01\x53\xA4"
- "\x7B\x37\xDE\x7C\x04\xAE\x50\xDB"
- "\x9B\x1E\x8C\x07\xA7\x52\x49\x50"
- "\x34\x25\x65\xDD\xA9\x8F\x7E\xBD"
- "\x7A\xC9\x36\xAE\xDE\x21\x48\x64"
- "\xC2\x02\xBA\xBE\x11\x1E\x3D\x9C"
- "\x98\x52\xCC\x04\xBD\x5E\x61\x26"
- "\x10\xD3\x21\xD9\x6E\x25\x98\x77"
- "\x8E\x98\x63\xF6\xF6\x52\xFB\x13"
- "\xAA\x30\xF2\xB9\xA4\x43\x53\x39"
- "\x1C\x97\x07\x7E\x6B\xFF\x3D\x43"
- "\xA6\x71\x6B\x66\x8F\x58\x3F\x71"
- "\x90\x47\x40\x92\xE6\x69\xD1\x96"
- "\x34\xB3\x3B\xE5\x43\xE4\xD5\x56"
- "\xB2\xE6\x7E\x86\x7A\x12\x17\x5B"
- "\x30\xF3\x9B\x0D\xFA\x57\xE4\x50"
- "\x40\x53\x77\x8C\x15\xF8\x8D\x13",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -13115,155 +9428,7 @@ static const struct cipher_testvec serpent_ctr_dec_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x84\x68\xEC\xF2\x1C\x88\x20\xCA"
- "\x37\x69\xE3\x3A\x22\x85\x48\x46"
- "\x70\xAA\x25\xB4\xCD\x8B\x04\x4E"
- "\x8D\x15\x2B\x98\xDF\x7B\x6D\xB9"
- "\xE0\x4A\x73\x00\x65\xB6\x1A\x0D"
- "\x5C\x60\xDF\x34\xDC\x60\x4C\xDF"
- "\xB5\x1F\x26\x8C\xDA\xC1\x11\xA8"
- "\x80\xFA\x37\x7A\x89\xAA\xAE\x7B"
- "\x92\x6E\xB9\xDC\xC9\x62\x4F\x88"
- "\x0A\x5D\x97\x2F\x6B\xAC\x03\x7C"
- "\x22\xF6\x55\x5A\xFA\x35\xA5\x17"
- "\xA1\x5C\x5E\x2B\x63\x2D\xB9\x91"
- "\x3E\x83\x26\x00\x4E\xD5\xBE\xCE"
- "\x79\xC4\x3D\xFC\x70\xA0\xAD\x96"
- "\xBA\x58\x2A\x1C\xDF\xC2\x3A\xA5"
- "\x7C\xB5\x12\x89\xED\xBF\xB6\x09"
- "\x13\x4F\x7D\x61\x3C\x5C\x27\xFC"
- "\x5D\xE1\x4F\xA1\xEA\xB3\xCA\xB9"
- "\xE6\xD0\x97\x81\xDE\xD1\xFB\x8A"
- "\x30\xDB\xA3\x5D\xEC\x25\x0B\x86"
- "\x71\xC8\xA7\x67\xE8\xBC\x7D\x4C"
- "\xAE\x82\xD3\x73\x31\x09\xCB\xB3"
- "\x4D\xD4\xC0\x8A\x2B\xFA\xA6\x55"
- "\x39\x0A\xBC\x6E\x75\xAB\xC2\xE2"
- "\x8A\xF2\x26\xCD\x63\x38\x35\xF7"
- "\xAE\x12\x83\xCD\x8A\x9E\x7E\x4C"
- "\xFE\x4D\xD7\xCE\x5C\x6E\x4C\xAF"
- "\xE3\xCD\x76\xA7\x87\xA1\x54\x7C"
- "\xEC\x32\xC7\x83\x2A\xFF\xF8\xEA"
- "\x87\xB2\x47\xA3\x9D\xC2\x9C\xA2"
- "\xB7\x2C\x7C\x1A\x24\xCB\x88\x61"
- "\xFF\xA7\x1A\x16\x01\xDD\x4B\xFC"
- "\x2E\xE0\x48\x67\x09\x42\xCC\x91"
- "\xBE\x20\x38\xC0\x5E\x3B\x95\x00"
- "\xA1\x96\x66\x0B\x8A\xE9\x9E\xF7"
- "\x6B\x34\x0A\x51\xC0\x3B\xEB\x71"
- "\x07\x97\x38\x4B\x5C\x56\x98\x67"
- "\x78\x9C\xD0\x0E\x2B\xB5\x67\x90"
- "\x75\xF8\xFE\x6D\x4E\x85\xCC\x0D"
- "\x18\x06\x15\x9D\x5A\x10\x13\x37"
- "\xA3\xD6\x68\xA2\xDF\x7E\xC7\x12"
- "\xC9\x0D\x4D\x91\xB0\x2A\x55\xFF"
- "\x6F\x73\x13\xDF\x28\xB5\x2A\x2C"
- "\xE4\xFC\x20\xD9\xF1\x7A\x82\xB1"
- "\xCB\x57\xB6\x3D\x8C\xF4\x8E\x27"
- "\x37\xDC\x35\xF3\x79\x01\x53\xA4"
- "\x7B\x37\xDE\x7C\x04\xAE\x50\xDB"
- "\x9B\x1E\x8C\x07\xA7\x52\x49\x50"
- "\x34\x25\x65\xDD\xA9\x8F\x7E\xBD"
- "\x7A\xC9\x36\xAE\xDE\x21\x48\x64"
- "\xC2\x02\xBA\xBE\x11\x1E\x3D\x9C"
- "\x98\x52\xCC\x04\xBD\x5E\x61\x26"
- "\x10\xD3\x21\xD9\x6E\x25\x98\x77"
- "\x8E\x98\x63\xF6\xF6\x52\xFB\x13"
- "\xAA\x30\xF2\xB9\xA4\x43\x53\x39"
- "\x1C\x97\x07\x7E\x6B\xFF\x3D\x43"
- "\xA6\x71\x6B\x66\x8F\x58\x3F\x71"
- "\x90\x47\x40\x92\xE6\x69\xD1\x96"
- "\x34\xB3\x3B\xE5\x43\xE4\xD5\x56"
- "\xB2\xE6\x7E\x86\x7A\x12\x17\x5B"
- "\x30\xF3\x9B\x0D\xFA\x57\xE4\x50"
- "\x40\x53\x77\x8C\x15\xF8\x8D\x13"
- "\x38\xE2\xE5",
- .ilen = 499,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59",
- .rlen = 499,
- .also_non_np = 1,
- .np = 2,
- .tap = { 499 - 16, 16 },
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
- "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x06\x9A\xF8\xB4\x53\x88\x62\xFC"
+ .ctext = "\x06\x9A\xF8\xB4\x53\x88\x62\xFC"
"\x68\xB8\x2E\xDF\xC1\x05\x0F\x3D"
"\xAF\x4D\x95\xAE\xC4\xE9\x1C\xDC"
"\xF6\x2B\x8F\x90\x89\xF6\x7E\x1A"
@@ -13325,74 +9490,11 @@ static const struct cipher_testvec serpent_ctr_dec_tv_template[] = {
"\x7F\x67\x9D\xB7\x2C\xCC\xF5\x17"
"\x2B\x89\xAC\xB0\xD7\x1E\x47\xB0"
"\x61\xAF\xD4\x63\x6D\xB8\x2D\x20",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
+ .len = 496,
},
};
-static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
+static const struct cipher_testvec serpent_lrw_tv_template[] = {
/* Generated from AES-LRW test vectors */
{
.key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
@@ -13402,12 +9504,11 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x6f\xbf\xd4\xa4\x5d\x71\x16\x79"
+ .ctext = "\x6f\xbf\xd4\xa4\x5d\x71\x16\x79"
"\x63\x9c\xa6\x8e\x40\xbe\x0d\x8a",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
"\xd7\x79\xe8\x0f\x54\x88\x79\x44"
@@ -13416,12 +9517,11 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xfd\xb2\x66\x98\x80\x96\x55\xad"
+ .ctext = "\xfd\xb2\x66\x98\x80\x96\x55\xad"
"\x08\x94\x54\x9c\x21\x7c\x69\xe3",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
"\x30\xfe\x69\xe2\x37\x7f\x98\x47"
@@ -13430,12 +9530,11 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x14\x5e\x3d\x70\xc0\x6e\x9c\x34"
+ .ctext = "\x14\x5e\x3d\x70\xc0\x6e\x9c\x34"
"\x5b\x5e\xcf\x0f\xe4\x8c\x21\x5c",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
"\x25\x83\xf7\x3c\x1f\x01\x28\x74"
@@ -13445,12 +9544,11 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x25\x39\xaa\xa5\xf0\x65\xc8\xdc"
+ .ctext = "\x25\x39\xaa\xa5\xf0\x65\xc8\xdc"
"\x5d\x45\x95\x30\x8f\xff\x2f\x1b",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
"\xf8\x86\xce\xac\x93\xc5\xad\xc6"
@@ -13460,12 +9558,11 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x0c\x20\x20\x63\xd6\x8b\xfc\x8f"
+ .ctext = "\x0c\x20\x20\x63\xd6\x8b\xfc\x8f"
"\xc0\xe2\x17\xbb\xd2\x59\x6f\x26",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -13476,12 +9573,11 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xc1\x35\x2e\x53\xf0\x96\x4d\x9c"
+ .ctext = "\xc1\x35\x2e\x53\xf0\x96\x4d\x9c"
"\x2e\x18\xe6\x99\xcd\xd3\x15\x68",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
"\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
@@ -13492,12 +9588,11 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x86\x0a\xc6\xa9\x1a\x9f\xe7\xe6"
+ .ctext = "\x86\x0a\xc6\xa9\x1a\x9f\xe7\xe6"
"\x64\x3b\x33\xd6\xd5\x84\xd6\xdf",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -13508,7 +9603,7 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ .ptext = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
"\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
"\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
"\x50\x38\x1f\x71\x49\xb6\x57\xd6"
@@ -13572,196 +9667,7 @@ static const struct cipher_testvec serpent_lrw_enc_tv_template[] = {
"\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
"\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
"\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .ilen = 512,
- .result = "\xe3\x5a\x38\x0f\x4d\x92\x3a\x74"
- "\x15\xb1\x50\x8c\x9a\xd8\x99\x1d"
- "\x82\xec\xf1\x5f\x03\x6d\x02\x58"
- "\x90\x67\xfc\xdd\x8d\xe1\x38\x08"
- "\x7b\xc9\x9b\x4b\x04\x09\x50\x15"
- "\xce\xab\xda\x33\x30\x20\x12\xfa"
- "\x83\xc4\xa6\x9a\x2e\x7d\x90\xd9"
- "\xa6\xa6\x67\x43\xb4\xa7\xa8\x5c"
- "\xbb\x6a\x49\x2b\x8b\xf8\xd0\x22"
- "\xe5\x9e\xba\xe8\x8c\x67\xb8\x5b"
- "\x60\xbc\xf5\xa4\x95\x4e\x66\xe5"
- "\x6d\x8e\xa9\xf6\x65\x2e\x04\xf5"
- "\xba\xb5\xdb\x88\xc2\xf6\x7a\x4b"
- "\x89\x58\x7c\x9a\xae\x26\xe8\xb7"
- "\xb7\x28\xcc\xd6\xcc\xa5\x98\x4d"
- "\xb9\x91\xcb\xb4\xe4\x8b\x96\x47"
- "\x5f\x03\x8b\xdd\x94\xd1\xee\x12"
- "\xa7\x83\x80\xf2\xc1\x15\x74\x4f"
- "\x49\xf9\xb0\x7e\x6f\xdc\x73\x2f"
- "\xe2\xcf\xe0\x1b\x34\xa5\xa0\x52"
- "\xfb\x3c\x5d\x85\x91\xe6\x6d\x98"
- "\x04\xd6\xdd\x4c\x00\x64\xd9\x54"
- "\x5c\x3c\x08\x1d\x4c\x06\x9f\xb8"
- "\x1c\x4d\x8d\xdc\xa4\x3c\xb9\x3b"
- "\x9e\x85\xce\xc3\xa8\x4a\x0c\xd9"
- "\x04\xc3\x6f\x17\x66\xa9\x1f\x59"
- "\xd9\xe2\x19\x36\xa3\x88\xb8\x0b"
- "\x0f\x4a\x4d\xf8\xc8\x6f\xd5\x43"
- "\xeb\xa0\xab\x1f\x61\xc0\x06\xeb"
- "\x93\xb7\xb8\x6f\x0d\xbd\x07\x49"
- "\xb3\xac\x5d\xcf\x31\xa0\x27\x26"
- "\x21\xbe\x94\x2e\x19\xea\xf4\xee"
- "\xb5\x13\x89\xf7\x94\x0b\xef\x59"
- "\x44\xc5\x78\x8b\x3c\x3b\x71\x20"
- "\xf9\x35\x0c\x70\x74\xdc\x5b\xc2"
- "\xb4\x11\x0e\x2c\x61\xa1\x52\x46"
- "\x18\x11\x16\xc6\x86\x44\xa7\xaf"
- "\xd5\x0c\x7d\xa6\x9e\x25\x2d\x1b"
- "\x9a\x8f\x0f\xf8\x6a\x61\xa0\xea"
- "\x3f\x0e\x90\xd6\x8f\x83\x30\x64"
- "\xb5\x51\x2d\x08\x3c\xcd\x99\x36"
- "\x96\xd4\xb1\xb5\x48\x30\xca\x48"
- "\xf7\x11\xa8\xf5\x97\x8a\x6a\x6d"
- "\x12\x33\x2f\xc0\xe8\xda\xec\x8a"
- "\xe1\x88\x72\x63\xde\x20\xa3\xe1"
- "\x8e\xac\x84\x37\x35\xf5\xf7\x3f"
- "\x00\x02\x0e\xe4\xc1\x53\x68\x3f"
- "\xaa\xd5\xac\x52\x3d\x20\x2f\x4d"
- "\x7c\x83\xd0\xbd\xaa\x97\x35\x36"
- "\x98\x88\x59\x5d\xe7\x24\xe3\x90"
- "\x9d\x30\x47\xa7\xc3\x60\x35\xf4"
- "\xd5\xdb\x0e\x4d\x44\xc1\x81\x8b"
- "\xfd\xbd\xc3\x2b\xba\x68\xfe\x8d"
- "\x49\x5a\x3c\x8a\xa3\x01\xae\x25"
- "\x42\xab\xd2\x87\x1b\x35\xd6\xd2"
- "\xd7\x70\x1c\x1f\x72\xd1\xe1\x39"
- "\x1c\x58\xa2\xb4\xd0\x78\x55\x72"
- "\x76\x59\xea\xd9\xd7\x6e\x63\x8b"
- "\xcc\x9b\xa7\x74\x89\xfc\xa3\x68"
- "\x86\x28\xd1\xbb\x54\x8d\x66\xad"
- "\x2a\x92\xf9\x4e\x04\x3d\xae\xfd"
- "\x1b\x2b\x7f\xc3\x2f\x1a\x78\x0a"
- "\x5c\xc6\x84\xfe\x7c\xcb\x26\xfd"
- "\xd9\x51\x0f\xd7\x94\x2f\xc5\xa7",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec serpent_lrw_dec_tv_template[] = {
- /* Generated from AES-LRW test vectors */
- /* same as enc vectors with input and result reversed */
- {
- .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
- "\x4c\x26\x84\x14\xb5\x68\x01\x85"
- "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
- "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x6f\xbf\xd4\xa4\x5d\x71\x16\x79"
- "\x63\x9c\xa6\x8e\x40\xbe\x0d\x8a",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
- "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
- "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
- "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\xfd\xb2\x66\x98\x80\x96\x55\xad"
- "\x08\x94\x54\x9c\x21\x7c\x69\xe3",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
- "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
- "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
- "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x14\x5e\x3d\x70\xc0\x6e\x9c\x34"
- "\x5b\x5e\xcf\x0f\xe4\x8c\x21\x5c",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
- "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
- "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
- "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
- "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x25\x39\xaa\xa5\xf0\x65\xc8\xdc"
- "\x5d\x45\x95\x30\x8f\xff\x2f\x1b",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
- "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
- "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
- "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
- "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x0c\x20\x20\x63\xd6\x8b\xfc\x8f"
- "\xc0\xe2\x17\xbb\xd2\x59\x6f\x26",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\xc1\x35\x2e\x53\xf0\x96\x4d\x9c"
- "\x2e\x18\xe6\x99\xcd\xd3\x15\x68",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
- "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
- "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
- "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
- "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
- "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x86\x0a\xc6\xa9\x1a\x9f\xe7\xe6"
- "\x64\x3b\x33\xd6\xd5\x84\xd6\xdf",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\xe3\x5a\x38\x0f\x4d\x92\x3a\x74"
+ .ctext = "\xe3\x5a\x38\x0f\x4d\x92\x3a\x74"
"\x15\xb1\x50\x8c\x9a\xd8\x99\x1d"
"\x82\xec\xf1\x5f\x03\x6d\x02\x58"
"\x90\x67\xfc\xdd\x8d\xe1\x38\x08"
@@ -13825,79 +9731,14 @@ static const struct cipher_testvec serpent_lrw_dec_tv_template[] = {
"\x1b\x2b\x7f\xc3\x2f\x1a\x78\x0a"
"\x5c\xc6\x84\xfe\x7c\xcb\x26\xfd"
"\xd9\x51\x0f\xd7\x94\x2f\xc5\xa7",
- .ilen = 512,
- .result = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
- "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
- "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
- "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
- "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
- "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
- "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
- "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
- "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
- "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
- "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
- "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
- "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
- "\x4c\x96\x12\xed\x7c\x92\x03\x01"
- "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
- "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
- "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
- "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
- "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
- "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
- "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
- "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
- "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
- "\x76\x12\x73\x44\x1a\x56\xd7\x72"
- "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
- "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
- "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
- "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
- "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
- "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
- "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
- "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
- "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
- "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
- "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
- "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
- "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
- "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
- "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
- "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
- "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
- "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
- "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
- "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
- "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
- "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
- "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
- "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
- "\x62\x73\x65\xfd\x46\x63\x25\x3d"
- "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
- "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
- "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
- "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
- "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
- "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
- "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
- "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
- "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
- "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
- "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
- "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
- "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
- "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
- "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
},
};
-static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
+static const struct cipher_testvec serpent_xts_tv_template[] = {
/* Generated from AES-XTS test vectors */
{
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -13907,16 +9748,15 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 32,
- .result = "\xe1\x08\xb8\x1d\x2c\xf5\x33\x64"
+ .ctext = "\xe1\x08\xb8\x1d\x2c\xf5\x33\x64"
"\xc8\x12\x04\xc7\xb3\x70\xe8\xc4"
"\x6a\x31\xc5\xf3\x00\xca\xb9\x16"
"\xde\xe2\x77\x66\xf7\xfe\x62\x08",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x11\x11\x11\x11\x11\x11\x11\x11"
"\x11\x11\x11\x11\x11\x11\x11\x11"
@@ -13925,16 +9765,15 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\x1a\x0a\x09\x5f\xcd\x07\x07\x98"
+ .ctext = "\x1a\x0a\x09\x5f\xcd\x07\x07\x98"
"\x41\x86\x12\xaf\xb3\xd7\x68\x13"
"\xed\x81\xcd\x06\x87\x43\x1a\xbb"
"\x13\x3d\xd6\x1e\x2b\xe1\x77\xbe",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
"\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
@@ -13943,16 +9782,15 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\xf9\x9b\x28\xb8\x5c\xaf\x8c\x61"
+ .ctext = "\xf9\x9b\x28\xb8\x5c\xaf\x8c\x61"
"\xb6\x1c\x81\x8f\x2c\x87\x60\x89"
"\x0d\x8d\x7a\xe8\x60\x48\xcc\x86"
"\xc1\x68\x45\xaa\x00\xe9\x24\xc5",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -13961,7 +9799,7 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -14025,8 +9863,7 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\xfe\x47\x4a\xc8\x60\x7e\xb4\x8b"
+ .ctext = "\xfe\x47\x4a\xc8\x60\x7e\xb4\x8b"
"\x0d\x10\xf4\xb0\x0d\xba\xf8\x53"
"\x65\x6e\x38\x4b\xdb\xaa\xb1\x9e"
"\x28\xca\xb0\x22\xb3\x85\x75\xf4"
@@ -14090,7 +9927,7 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
"\xef\x91\x64\x1d\x18\x07\x4e\x31"
"\x88\x21\x7c\xb0\xa5\x12\x4c\x3c"
"\xb0\x20\xbd\xda\xdf\xf9\x7c\xdd",
- .rlen = 512,
+ .len = 512,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -14103,7 +9940,7 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
.klen = 64,
.iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -14167,8 +10004,7 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\x2b\xc9\xb4\x6b\x10\x94\xa9\x32"
+ .ctext = "\x2b\xc9\xb4\x6b\x10\x94\xa9\x32"
"\xaa\xb0\x20\xc6\x44\x3d\x74\x1f"
"\x75\x01\xa7\xf6\xf5\xf7\x62\x1b"
"\x80\x1b\x82\xcb\x01\x59\x91\x7f"
@@ -14232,350 +10068,7 @@ static const struct cipher_testvec serpent_xts_enc_tv_template[] = {
"\x30\x05\xc8\x92\x98\x80\xff\x7a"
"\xaf\x43\x0b\xc5\x20\x41\x92\x20"
"\xd4\xa0\x91\x98\x11\x5f\x4d\xb1",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec serpent_xts_dec_tv_template[] = {
- /* Generated from AES-XTS test vectors */
- /* same as enc vectors with input and result reversed */
- {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xe1\x08\xb8\x1d\x2c\xf5\x33\x64"
- "\xc8\x12\x04\xc7\xb3\x70\xe8\xc4"
- "\x6a\x31\xc5\xf3\x00\xca\xb9\x16"
- "\xde\xe2\x77\x66\xf7\xfe\x62\x08",
- .ilen = 32,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 32,
- }, {
- .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x1a\x0a\x09\x5f\xcd\x07\x07\x98"
- "\x41\x86\x12\xaf\xb3\xd7\x68\x13"
- "\xed\x81\xcd\x06\x87\x43\x1a\xbb"
- "\x13\x3d\xd6\x1e\x2b\xe1\x77\xbe",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
- "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xf9\x9b\x28\xb8\x5c\xaf\x8c\x61"
- "\xb6\x1c\x81\x8f\x2c\x87\x60\x89"
- "\x0d\x8d\x7a\xe8\x60\x48\xcc\x86"
- "\xc1\x68\x45\xaa\x00\xe9\x24\xc5",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xfe\x47\x4a\xc8\x60\x7e\xb4\x8b"
- "\x0d\x10\xf4\xb0\x0d\xba\xf8\x53"
- "\x65\x6e\x38\x4b\xdb\xaa\xb1\x9e"
- "\x28\xca\xb0\x22\xb3\x85\x75\xf4"
- "\x00\x5c\x75\x14\x06\xd6\x25\x82"
- "\xe6\xcb\x08\xf7\x29\x90\x23\x8e"
- "\xa4\x68\x57\xe4\xf0\xd8\x32\xf3"
- "\x80\x51\x67\xb5\x0b\x85\x69\xe8"
- "\x19\xfe\xc4\xc7\x3e\xea\x90\xd3"
- "\x8f\xa3\xf2\x0a\xac\x17\x4b\xa0"
- "\x63\x5a\x16\x0f\xf0\xce\x66\x1f"
- "\x2c\x21\x07\xf1\xa4\x03\xa3\x44"
- "\x41\x61\x87\x5d\x6b\xb3\xef\xd4"
- "\xfc\xaa\x32\x7e\x55\x58\x04\x41"
- "\xc9\x07\x33\xc6\xa2\x68\xd6\x5a"
- "\x55\x79\x4b\x6f\xcf\x89\xb9\x19"
- "\xe5\x54\x13\x15\xb2\x1a\xfa\x15"
- "\xc2\xf0\x06\x59\xfa\xa0\x25\x05"
- "\x58\xfa\x43\x91\x16\x85\x40\xbb"
- "\x0d\x34\x4d\xc5\x1e\x20\xd5\x08"
- "\xcd\x22\x22\x41\x11\x9f\x6c\x7c"
- "\x8d\x57\xc9\xba\x57\xe8\x2c\xf7"
- "\xa0\x42\xa8\xde\xfc\xa3\xca\x98"
- "\x4b\x43\xb1\xce\x4b\xbf\x01\x67"
- "\x6e\x29\x60\xbd\x10\x14\x84\x82"
- "\x83\x82\x0c\x63\x73\x92\x02\x7c"
- "\x55\x37\x20\x80\x17\x51\xc8\xbc"
- "\x46\x02\xcb\x38\x07\x6d\xe2\x85"
- "\xaa\x29\xaf\x24\x58\x0d\xf0\x75"
- "\x08\x0a\xa5\x34\x25\x16\xf3\x74"
- "\xa7\x0b\x97\xbe\xc1\xa9\xdc\x29"
- "\x1a\x0a\x56\xc1\x1a\x91\x97\x8c"
- "\x0b\xc7\x16\xed\x5a\x22\xa6\x2e"
- "\x8c\x2b\x4f\x54\x76\x47\x53\x8e"
- "\xe8\x00\xec\x92\xb9\x55\xe6\xa2"
- "\xf3\xe2\x4f\x6a\x66\x60\xd0\x87"
- "\xe6\xd1\xcc\xe3\x6a\xc5\x2d\x21"
- "\xcc\x9d\x6a\xb6\x75\xaa\xe2\x19"
- "\x21\x9f\xa1\x5e\x4c\xfd\x72\xf9"
- "\x94\x4e\x63\xc7\xae\xfc\xed\x47"
- "\xe2\xfe\x7a\x63\x77\xfe\x97\x82"
- "\xb1\x10\x6e\x36\x1d\xe1\xc4\x80"
- "\xec\x69\x41\xec\xa7\x8a\xe0\x2f"
- "\xe3\x49\x26\xa2\x41\xb2\x08\x0f"
- "\x28\xb4\xa7\x39\xa1\x99\x2d\x1e"
- "\x43\x42\x35\xd0\xcf\xec\x77\x67"
- "\xb2\x3b\x9e\x1c\x35\xde\x4f\x5e"
- "\x73\x3f\x5d\x6f\x07\x4b\x2e\x50"
- "\xab\x6c\x6b\xff\xea\x00\x67\xaa"
- "\x0e\x82\x32\xdd\x3d\xb5\xe5\x76"
- "\x2b\x77\x3f\xbe\x12\x75\xfb\x92"
- "\xc6\x89\x67\x4d\xca\xf7\xd4\x50"
- "\xc0\x74\x47\xcc\xd9\x0a\xd4\xc6"
- "\x3b\x17\x2e\xe3\x35\xbb\x53\xb5"
- "\x86\xad\x51\xcc\xd5\x96\xb8\xdc"
- "\x03\x57\xe6\x98\x52\x2f\x61\x62"
- "\xc4\x5c\x9c\x36\x71\x07\xfb\x94"
- "\xe3\x02\xc4\x2b\x08\x75\xc7\x35"
- "\xfb\x2e\x88\x7b\xbb\x67\x00\xe1"
- "\xc9\xdd\x99\xb2\x13\x53\x1a\x4e"
- "\x76\x87\x19\x04\x1a\x2f\x38\x3e"
- "\xef\x91\x64\x1d\x18\x07\x4e\x31"
- "\x88\x21\x7c\xb0\xa5\x12\x4c\x3c"
- "\xb0\x20\xbd\xda\xdf\xf9\x7c\xdd",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x62\x49\x77\x57\x24\x70\x93\x69"
- "\x99\x59\x57\x49\x66\x96\x76\x27"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95"
- "\x02\x88\x41\x97\x16\x93\x99\x37"
- "\x51\x05\x82\x09\x74\x94\x45\x92",
- .klen = 64,
- .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x2b\xc9\xb4\x6b\x10\x94\xa9\x32"
- "\xaa\xb0\x20\xc6\x44\x3d\x74\x1f"
- "\x75\x01\xa7\xf6\xf5\xf7\x62\x1b"
- "\x80\x1b\x82\xcb\x01\x59\x91\x7f"
- "\x80\x3a\x98\xf0\xd2\xca\xc4\xc3"
- "\x34\xfd\xe6\x11\xf9\x33\x45\x12"
- "\x48\xc5\x8c\x25\xf1\xc5\xc5\x23"
- "\xd3\x44\xb4\x73\xd5\x04\xc0\xb7"
- "\xca\x2f\xf5\xcd\xc5\xb4\xdd\xb0"
- "\xf4\x60\xe8\xfb\xc6\x9c\xc5\x78"
- "\xcd\xec\x7d\xdc\x19\x9c\x72\x64"
- "\x63\x0b\x38\x2e\x76\xdd\x2d\x36"
- "\x49\xb0\x1d\xea\x78\x9e\x00\xca"
- "\x20\xcc\x1b\x1e\x98\x74\xab\xed"
- "\x79\xf7\xd0\x6c\xd8\x93\x80\x29"
- "\xac\xa5\x5e\x34\xa9\xab\xa0\x55"
- "\x9a\xea\xaa\x95\x4d\x7b\xfe\x46"
- "\x26\x8a\xfd\x88\xa2\xa8\xa6\xae"
- "\x25\x42\x17\xbf\x76\x8f\x1c\x3d"
- "\xec\x9a\xda\x64\x96\xb5\x61\xff"
- "\x99\xeb\x12\x96\x85\x82\x9d\xd5"
- "\x81\x85\x14\xa8\x59\xac\x8c\x94"
- "\xbb\x3b\x85\x2b\xdf\xb3\x0c\xba"
- "\x82\xc6\x4d\xca\x86\xea\x53\x28"
- "\x4c\xe0\x4e\x31\xe3\x73\x2f\x79"
- "\x9d\x42\xe1\x03\xe3\x8b\xc4\xff"
- "\x05\xca\x81\x7b\xda\xa2\xde\x63"
- "\x3a\x10\xbe\xc2\xac\x32\xc4\x05"
- "\x47\x7e\xef\x67\xe2\x5f\x5b\xae"
- "\xed\xf1\x70\x34\x16\x9a\x07\x7b"
- "\xf2\x25\x2b\xb0\xf8\x3c\x15\x9a"
- "\xa6\x59\x55\x5f\xc1\xf4\x1e\xcd"
- "\x93\x1f\x06\xba\xd4\x9a\x22\x69"
- "\xfa\x8e\x95\x0d\xf3\x23\x59\x2c"
- "\xfe\x00\xba\xf0\x0e\xbc\x6d\xd6"
- "\x62\xf0\x7a\x0e\x83\x3e\xdb\x32"
- "\xfd\x43\x7d\xda\x42\x51\x87\x43"
- "\x9d\xf9\xef\xf4\x30\x97\xf8\x09"
- "\x88\xfc\x3f\x93\x70\xc1\x4a\xec"
- "\x27\x5f\x11\xac\x71\xc7\x48\x46"
- "\x2f\xf9\xdf\x8d\x9f\xf7\x2e\x56"
- "\x0d\x4e\xb0\x32\x76\xce\x86\x81"
- "\xcd\xdf\xe4\x00\xbf\xfd\x5f\x24"
- "\xaf\xf7\x9a\xde\xff\x18\xac\x14"
- "\x90\xc5\x01\x39\x34\x0f\x24\xf3"
- "\x13\x2f\x5e\x4f\x30\x9a\x36\x40"
- "\xec\xea\xbc\xcd\x9e\x0e\x5b\x23"
- "\x50\x88\x97\x40\x69\xb1\x37\xf5"
- "\xc3\x15\xf9\x3f\xb7\x79\x64\xe8"
- "\x7b\x10\x20\xb9\x2b\x46\x83\x5b"
- "\xd8\x39\xfc\xe4\xfa\x88\x52\xf2"
- "\x72\xb0\x97\x4e\x89\xb3\x48\x00"
- "\xc1\x16\x73\x50\x77\xba\xa6\x65"
- "\x20\x2d\xb0\x02\x27\x89\xda\x99"
- "\x45\xfb\xe9\xd3\x1d\x39\x2f\xd6"
- "\x2a\xda\x09\x12\x11\xaf\xe6\x57"
- "\x01\x04\x8a\xff\x86\x8b\xac\xf8"
- "\xee\xe4\x1c\x98\x5b\xcf\x6b\x76"
- "\xa3\x0e\x33\x74\x40\x18\x39\x72"
- "\x66\x50\x31\xfd\x70\xdf\xe8\x51"
- "\x96\x21\x36\xb2\x9b\xfa\x85\xd1"
- "\x30\x05\xc8\x92\x98\x80\xff\x7a"
- "\xaf\x43\x0b\xc5\x20\x41\x92\x20"
- "\xd4\xa0\x91\x98\x11\x5f\x4d\xb1",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
@@ -14587,17 +10080,16 @@ static const struct cipher_testvec serpent_xts_dec_tv_template[] = {
* https://tools.ietf.org/html/draft-crypto-sm4-00#ref-GBT.32907-2016
*/
-static const struct cipher_testvec sm4_enc_tv_template[] = {
+static const struct cipher_testvec sm4_tv_template[] = {
{ /* SM4 Appendix A: Example Calculations. Example 1. */
.key = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
"\xFE\xDC\xBA\x98\x76\x54\x32\x10",
.klen = 16,
- .input = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
+ .ptext = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
"\xFE\xDC\xBA\x98\x76\x54\x32\x10",
- .ilen = 16,
- .result = "\x68\x1E\xDF\x34\xD2\x06\x96\x5E"
+ .ctext = "\x68\x1E\xDF\x34\xD2\x06\x96\x5E"
"\x86\xB3\xE9\x4F\x53\x6E\x42\x46",
- .rlen = 16,
+ .len = 16,
}, { /*
* SM4 Appendix A: Example Calculations.
* Last 10 iterations of Example 2.
@@ -14605,7 +10097,7 @@ static const struct cipher_testvec sm4_enc_tv_template[] = {
.key = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
"\xFE\xDC\xBA\x98\x76\x54\x32\x10",
.klen = 16,
- .input = "\x99\x4a\xc3\xe7\xc3\x57\x89\x6a"
+ .ptext = "\x99\x4a\xc3\xe7\xc3\x57\x89\x6a"
"\x81\xfc\xa8\xe\x38\x3e\xef\x80"
"\xb1\x98\xf2\xde\x3f\x4b\xae\xd1"
"\xf0\xf1\x30\x4c\x1\x27\x5a\x8f"
@@ -14625,50 +10117,7 @@ static const struct cipher_testvec sm4_enc_tv_template[] = {
"\xed\xce\x0\x19\xe\x16\x2\x6e"
"\x87\xff\x2c\xac\xe8\xe7\xe9\xbf"
"\x31\x51\xec\x47\xc3\x51\x83\xc1",
- .ilen = 160,
- .result = "\xb1\x98\xf2\xde\x3f\x4b\xae\xd1"
- "\xf0\xf1\x30\x4c\x1\x27\x5a\x8f"
- "\x45\xe1\x39\xb7\xae\xff\x1f\x27"
- "\xad\x57\x15\xab\x31\x5d\xc\xef"
- "\x8c\xc8\x80\xbd\x11\x98\xf3\x7b"
- "\xa2\xdd\x14\x20\xf9\xe8\xbb\x82"
- "\xf7\x32\xca\x4b\xa8\xf7\xb3\x4d"
- "\x27\xd1\xcd\xe6\xb6\x65\x5a\x23"
- "\xc2\xf3\x54\x84\x53\xe3\xb9\x20"
- "\xa5\x37\x0\xbe\xe7\x7b\x48\xfb"
- "\x21\x3d\x9e\x48\x1d\x9e\xf5\xbf"
- "\x77\xd5\xb4\x4a\x53\x71\x94\x7a"
- "\x88\xa6\x6e\x6\x93\xca\x43\xa5"
- "\xc4\xf6\xcd\x53\x4b\x7b\x8e\xfe"
- "\xb4\x28\x7c\x42\x29\x32\x5d\x88"
- "\xed\xce\x0\x19\xe\x16\x2\x6e"
- "\x87\xff\x2c\xac\xe8\xe7\xe9\xbf"
- "\x31\x51\xec\x47\xc3\x51\x83\xc1"
- "\x59\x52\x98\xc7\xc6\xfd\x27\x1f"
- "\x4\x2\xf8\x4\xc3\x3d\x3f\x66",
- .rlen = 160
- }
-};
-
-static const struct cipher_testvec sm4_dec_tv_template[] = {
- { /* SM4 Appendix A: Example Calculations. Example 1. */
- .key = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
- "\xFE\xDC\xBA\x98\x76\x54\x32\x10",
- .klen = 16,
- .input = "\x68\x1E\xDF\x34\xD2\x06\x96\x5E"
- "\x86\xB3\xE9\x4F\x53\x6E\x42\x46",
- .ilen = 16,
- .result = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
- "\xFE\xDC\xBA\x98\x76\x54\x32\x10",
- .rlen = 16,
- }, { /*
- * SM4 Appendix A: Example Calculations.
- * Last 10 iterations of Example 2.
- */
- .key = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
- "\xFE\xDC\xBA\x98\x76\x54\x32\x10",
- .klen = 16,
- .input = "\xb1\x98\xf2\xde\x3f\x4b\xae\xd1"
+ .ctext = "\xb1\x98\xf2\xde\x3f\x4b\xae\xd1"
"\xf0\xf1\x30\x4c\x1\x27\x5a\x8f"
"\x45\xe1\x39\xb7\xae\xff\x1f\x27"
"\xad\x57\x15\xab\x31\x5d\xc\xef"
@@ -14688,28 +10137,7 @@ static const struct cipher_testvec sm4_dec_tv_template[] = {
"\x31\x51\xec\x47\xc3\x51\x83\xc1"
"\x59\x52\x98\xc7\xc6\xfd\x27\x1f"
"\x4\x2\xf8\x4\xc3\x3d\x3f\x66",
- .ilen = 160,
- .result = "\x99\x4a\xc3\xe7\xc3\x57\x89\x6a"
- "\x81\xfc\xa8\xe\x38\x3e\xef\x80"
- "\xb1\x98\xf2\xde\x3f\x4b\xae\xd1"
- "\xf0\xf1\x30\x4c\x1\x27\x5a\x8f"
- "\x45\xe1\x39\xb7\xae\xff\x1f\x27"
- "\xad\x57\x15\xab\x31\x5d\xc\xef"
- "\x8c\xc8\x80\xbd\x11\x98\xf3\x7b"
- "\xa2\xdd\x14\x20\xf9\xe8\xbb\x82"
- "\xf7\x32\xca\x4b\xa8\xf7\xb3\x4d"
- "\x27\xd1\xcd\xe6\xb6\x65\x5a\x23"
- "\xc2\xf3\x54\x84\x53\xe3\xb9\x20"
- "\xa5\x37\x0\xbe\xe7\x7b\x48\xfb"
- "\x21\x3d\x9e\x48\x1d\x9e\xf5\xbf"
- "\x77\xd5\xb4\x4a\x53\x71\x94\x7a"
- "\x88\xa6\x6e\x6\x93\xca\x43\xa5"
- "\xc4\xf6\xcd\x53\x4b\x7b\x8e\xfe"
- "\xb4\x28\x7c\x42\x29\x32\x5d\x88"
- "\xed\xce\x0\x19\xe\x16\x2\x6e"
- "\x87\xff\x2c\xac\xe8\xe7\xe9\xbf"
- "\x31\x51\xec\x47\xc3\x51\x83\xc1",
- .rlen = 160
+ .len = 160
}
};
@@ -14727,86 +10155,45 @@ static const struct cipher_testvec sm4_dec_tv_template[] = {
* the lowest memory address.
*/
-static const struct cipher_testvec speck128_enc_tv_template[] = {
+static const struct cipher_testvec speck128_tv_template[] = {
{ /* Speck128/128 */
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
.klen = 16,
- .input = "\x20\x6d\x61\x64\x65\x20\x69\x74"
+ .ptext = "\x20\x6d\x61\x64\x65\x20\x69\x74"
"\x20\x65\x71\x75\x69\x76\x61\x6c",
- .ilen = 16,
- .result = "\x18\x0d\x57\x5c\xdf\xfe\x60\x78"
+ .ctext = "\x18\x0d\x57\x5c\xdf\xfe\x60\x78"
"\x65\x32\x78\x79\x51\x98\x5d\xa6",
- .rlen = 16,
+ .len = 16,
}, { /* Speck128/192 */
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17",
.klen = 24,
- .input = "\x65\x6e\x74\x20\x74\x6f\x20\x43"
+ .ptext = "\x65\x6e\x74\x20\x74\x6f\x20\x43"
"\x68\x69\x65\x66\x20\x48\x61\x72",
- .ilen = 16,
- .result = "\x86\x18\x3c\xe0\x5d\x18\xbc\xf9"
+ .ctext = "\x86\x18\x3c\xe0\x5d\x18\xbc\xf9"
"\x66\x55\x13\x13\x3a\xcf\xe4\x1b",
- .rlen = 16,
+ .len = 16,
}, { /* Speck128/256 */
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
.klen = 32,
- .input = "\x70\x6f\x6f\x6e\x65\x72\x2e\x20"
+ .ptext = "\x70\x6f\x6f\x6e\x65\x72\x2e\x20"
"\x49\x6e\x20\x74\x68\x6f\x73\x65",
- .ilen = 16,
- .result = "\x43\x8f\x18\x9c\x8d\xb4\xee\x4e"
- "\x3e\xf5\xc0\x05\x04\x01\x09\x41",
- .rlen = 16,
- },
-};
-
-static const struct cipher_testvec speck128_dec_tv_template[] = {
- { /* Speck128/128 */
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .klen = 16,
- .input = "\x18\x0d\x57\x5c\xdf\xfe\x60\x78"
- "\x65\x32\x78\x79\x51\x98\x5d\xa6",
- .ilen = 16,
- .result = "\x20\x6d\x61\x64\x65\x20\x69\x74"
- "\x20\x65\x71\x75\x69\x76\x61\x6c",
- .rlen = 16,
- }, { /* Speck128/192 */
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17",
- .klen = 24,
- .input = "\x86\x18\x3c\xe0\x5d\x18\xbc\xf9"
- "\x66\x55\x13\x13\x3a\xcf\xe4\x1b",
- .ilen = 16,
- .result = "\x65\x6e\x74\x20\x74\x6f\x20\x43"
- "\x68\x69\x65\x66\x20\x48\x61\x72",
- .rlen = 16,
- }, { /* Speck128/256 */
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .klen = 32,
- .input = "\x43\x8f\x18\x9c\x8d\xb4\xee\x4e"
+ .ctext = "\x43\x8f\x18\x9c\x8d\xb4\xee\x4e"
"\x3e\xf5\xc0\x05\x04\x01\x09\x41",
- .ilen = 16,
- .result = "\x70\x6f\x6f\x6e\x65\x72\x2e\x20"
- "\x49\x6e\x20\x74\x68\x6f\x73\x65",
- .rlen = 16,
+ .len = 16,
},
};
/*
* Speck128-XTS test vectors, taken from the AES-XTS test vectors with the
- * result recomputed with Speck128 as the cipher
+ * ciphertext recomputed with Speck128 as the cipher
*/
-
-static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
+static const struct cipher_testvec speck128_xts_tv_template[] = {
{
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -14815,16 +10202,15 @@ static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 32,
- .result = "\xbe\xa0\xe7\x03\xd7\xfe\xab\x62"
+ .ctext = "\xbe\xa0\xe7\x03\xd7\xfe\xab\x62"
"\x3b\x99\x4a\x64\x74\x77\xac\xed"
"\xd8\xf4\xa6\xcf\xae\xb9\x07\x42"
"\x51\xd9\xb6\x1d\xe0\x5e\xbc\x54",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x11\x11\x11\x11\x11\x11\x11\x11"
"\x11\x11\x11\x11\x11\x11\x11\x11"
@@ -14833,16 +10219,15 @@ static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\xfb\x53\x81\x75\x6f\x9f\x34\xad"
+ .ctext = "\xfb\x53\x81\x75\x6f\x9f\x34\xad"
"\x7e\x01\xed\x7b\xcc\xda\x4e\x4a"
"\xd4\x84\xa4\x53\xd5\x88\x73\x1b"
"\xfd\xcb\xae\x0d\xf3\x04\xee\xe6",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
"\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
@@ -14851,16 +10236,15 @@ static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\x21\x52\x84\x15\xd1\xf7\x21\x55"
+ .ctext = "\x21\x52\x84\x15\xd1\xf7\x21\x55"
"\xd9\x75\x4a\xd3\xc5\xdb\x9f\x7d"
"\xda\x63\xb2\xf1\x82\xb0\x89\x59"
"\x86\xd4\xaa\xaa\xdd\xff\x4f\x92",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -14869,7 +10253,7 @@ static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -14933,8 +10317,7 @@ static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\x57\xb5\xf8\x71\x6e\x6d\xdd\x82"
+ .ctext = "\x57\xb5\xf8\x71\x6e\x6d\xdd\x82"
"\x53\xd0\xed\x2d\x30\xc1\x20\xef"
"\x70\x67\x5e\xff\x09\x70\xbb\xc1"
"\x3a\x7b\x48\x26\xd9\x0b\xf4\x48"
@@ -14998,7 +10381,7 @@ static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
"\xaa\xf2\x01\xa9\xc1\x8d\xee\xca"
"\x47\x26\xef\x39\xb8\xb4\xf2\xd1"
"\xd6\xbb\x1b\x2a\xc1\x34\x14\xcf",
- .rlen = 512,
+ .len = 512,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -15011,271 +10394,7 @@ static const struct cipher_testvec speck128_xts_enc_tv_template[] = {
.klen = 64,
.iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\xc5\x85\x2a\x4b\x73\xe4\xf6\xf1"
- "\x7e\xf9\xf6\xe9\xa3\x73\x36\xcb"
- "\xaa\xb6\x22\xb0\x24\x6e\x3d\x73"
- "\x92\x99\xde\xd3\x76\xed\xcd\x63"
- "\x64\x3a\x22\x57\xc1\x43\x49\xd4"
- "\x79\x36\x31\x19\x62\xae\x10\x7e"
- "\x7d\xcf\x7a\xe2\x6b\xce\x27\xfa"
- "\xdc\x3d\xd9\x83\xd3\x42\x4c\xe0"
- "\x1b\xd6\x1d\x1a\x6f\xd2\x03\x00"
- "\xfc\x81\x99\x8a\x14\x62\xf5\x7e"
- "\x0d\xe7\x12\xe8\x17\x9d\x0b\xec"
- "\xe2\xf7\xc9\xa7\x63\xd1\x79\xb6"
- "\x62\x62\x37\xfe\x0a\x4c\x4a\x37"
- "\x70\xc7\x5e\x96\x5f\xbc\x8e\x9e"
- "\x85\x3c\x4f\x26\x64\x85\xbc\x68"
- "\xb0\xe0\x86\x5e\x26\x41\xce\x11"
- "\x50\xda\x97\x14\xe9\x9e\xc7\x6d"
- "\x3b\xdc\x43\xde\x2b\x27\x69\x7d"
- "\xfc\xb0\x28\xbd\x8f\xb1\xc6\x31"
- "\x14\x4d\xf0\x74\x37\xfd\x07\x25"
- "\x96\x55\xe5\xfc\x9e\x27\x2a\x74"
- "\x1b\x83\x4d\x15\x83\xac\x57\xa0"
- "\xac\xa5\xd0\x38\xef\x19\x56\x53"
- "\x25\x4b\xfc\xce\x04\x23\xe5\x6b"
- "\xf6\xc6\x6c\x32\x0b\xb3\x12\xc5"
- "\xed\x22\x34\x1c\x5d\xed\x17\x06"
- "\x36\xa3\xe6\x77\xb9\x97\x46\xb8"
- "\xe9\x3f\x7e\xc7\xbc\x13\x5c\xdc"
- "\x6e\x3f\x04\x5e\xd1\x59\xa5\x82"
- "\x35\x91\x3d\x1b\xe4\x97\x9f\x92"
- "\x1c\x5e\x5f\x6f\x41\xd4\x62\xa1"
- "\x8d\x39\xfc\x42\xfb\x38\x80\xb9"
- "\x0a\xe3\xcc\x6a\x93\xd9\x7a\xb1"
- "\xe9\x69\xaf\x0a\x6b\x75\x38\xa7"
- "\xa1\xbf\xf7\xda\x95\x93\x4b\x78"
- "\x19\xf5\x94\xf9\xd2\x00\x33\x37"
- "\xcf\xf5\x9e\x9c\xf3\xcc\xa6\xee"
- "\x42\xb2\x9e\x2c\x5f\x48\x23\x26"
- "\x15\x25\x17\x03\x3d\xfe\x2c\xfc"
- "\xeb\xba\xda\xe0\x00\x05\xb6\xa6"
- "\x07\xb3\xe8\x36\x5b\xec\x5b\xbf"
- "\xd6\x5b\x00\x74\xc6\x97\xf1\x6a"
- "\x49\xa1\xc3\xfa\x10\x52\xb9\x14"
- "\xad\xb7\x73\xf8\x78\x12\xc8\x59"
- "\x17\x80\x4c\x57\x39\xf1\x6d\x80"
- "\x25\x77\x0f\x5e\x7d\xf0\xaf\x21"
- "\xec\xce\xb7\xc8\x02\x8a\xed\x53"
- "\x2c\x25\x68\x2e\x1f\x85\x5e\x67"
- "\xd1\x07\x7a\x3a\x89\x08\xe0\x34"
- "\xdc\xdb\x26\xb4\x6b\x77\xfc\x40"
- "\x31\x15\x72\xa0\xf0\x73\xd9\x3b"
- "\xd5\xdb\xfe\xfc\x8f\xa9\x44\xa2"
- "\x09\x9f\xc6\x33\xe5\xe2\x88\xe8"
- "\xf3\xf0\x1a\xf4\xce\x12\x0f\xd6"
- "\xf7\x36\xe6\xa4\xf4\x7a\x10\x58"
- "\xcc\x1f\x48\x49\x65\x47\x75\xe9"
- "\x28\xe1\x65\x7b\xf2\xc4\xb5\x07"
- "\xf2\xec\x76\xd8\x8f\x09\xf3\x16"
- "\xa1\x51\x89\x3b\xeb\x96\x42\xac"
- "\x65\xe0\x67\x63\x29\xdc\xb4\x7d"
- "\xf2\x41\x51\x6a\xcb\xde\x3c\xfb"
- "\x66\x8d\x13\xca\xe0\x59\x2a\x00"
- "\xc9\x53\x4c\xe6\x9e\xe2\x73\xd5"
- "\x67\x19\xb2\xbd\x9a\x63\xd7\x5c",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- }
-};
-
-static const struct cipher_testvec speck128_xts_dec_tv_template[] = {
- {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xbe\xa0\xe7\x03\xd7\xfe\xab\x62"
- "\x3b\x99\x4a\x64\x74\x77\xac\xed"
- "\xd8\xf4\xa6\xcf\xae\xb9\x07\x42"
- "\x51\xd9\xb6\x1d\xe0\x5e\xbc\x54",
- .ilen = 32,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 32,
- }, {
- .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xfb\x53\x81\x75\x6f\x9f\x34\xad"
- "\x7e\x01\xed\x7b\xcc\xda\x4e\x4a"
- "\xd4\x84\xa4\x53\xd5\x88\x73\x1b"
- "\xfd\xcb\xae\x0d\xf3\x04\xee\xe6",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
- "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x21\x52\x84\x15\xd1\xf7\x21\x55"
- "\xd9\x75\x4a\xd3\xc5\xdb\x9f\x7d"
- "\xda\x63\xb2\xf1\x82\xb0\x89\x59"
- "\x86\xd4\xaa\xaa\xdd\xff\x4f\x92",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x57\xb5\xf8\x71\x6e\x6d\xdd\x82"
- "\x53\xd0\xed\x2d\x30\xc1\x20\xef"
- "\x70\x67\x5e\xff\x09\x70\xbb\xc1"
- "\x3a\x7b\x48\x26\xd9\x0b\xf4\x48"
- "\xbe\xce\xb1\xc7\xb2\x67\xc4\xa7"
- "\x76\xf8\x36\x30\xb7\xb4\x9a\xd9"
- "\xf5\x9d\xd0\x7b\xc1\x06\x96\x44"
- "\x19\xc5\x58\x84\x63\xb9\x12\x68"
- "\x68\xc7\xaa\x18\x98\xf2\x1f\x5c"
- "\x39\xa6\xd8\x32\x2b\xc3\x51\xfd"
- "\x74\x79\x2e\xb4\x44\xd7\x69\xc4"
- "\xfc\x29\xe6\xed\x26\x1e\xa6\x9d"
- "\x1c\xbe\x00\x0e\x7f\x3a\xca\xfb"
- "\x6d\x13\x65\xa0\xf9\x31\x12\xe2"
- "\x26\xd1\xec\x2b\x0a\x8b\x59\x99"
- "\xa7\x49\xa0\x0e\x09\x33\x85\x50"
- "\xc3\x23\xca\x7a\xdd\x13\x45\x5f"
- "\xde\x4c\xa7\xcb\x00\x8a\x66\x6f"
- "\xa2\xb6\xb1\x2e\xe1\xa0\x18\xf6"
- "\xad\xf3\xbd\xeb\xc7\xef\x55\x4f"
- "\x79\x91\x8d\x36\x13\x7b\xd0\x4a"
- "\x6c\x39\xfb\x53\xb8\x6f\x02\x51"
- "\xa5\x20\xac\x24\x1c\x73\x59\x73"
- "\x58\x61\x3a\x87\x58\xb3\x20\x56"
- "\x39\x06\x2b\x4d\xd3\x20\x2b\x89"
- "\x3f\xa2\xf0\x96\xeb\x7f\xa4\xcd"
- "\x11\xae\xbd\xcb\x3a\xb4\xd9\x91"
- "\x09\x35\x71\x50\x65\xac\x92\xe3"
- "\x7b\x32\xc0\x7a\xdd\xd4\xc3\x92"
- "\x6f\xeb\x79\xde\x6f\xd3\x25\xc9"
- "\xcd\x63\xf5\x1e\x7a\x3b\x26\x9d"
- "\x77\x04\x80\xa9\xbf\x38\xb5\xbd"
- "\xb8\x05\x07\xbd\xfd\xab\x7b\xf8"
- "\x2a\x26\xcc\x49\x14\x6d\x55\x01"
- "\x06\x94\xd8\xb2\x2d\x53\x83\x1b"
- "\x8f\xd4\xdd\x57\x12\x7e\x18\xba"
- "\x8e\xe2\x4d\x80\xef\x7e\x6b\x9d"
- "\x24\xa9\x60\xa4\x97\x85\x86\x2a"
- "\x01\x00\x09\xf1\xcb\x4a\x24\x1c"
- "\xd8\xf6\xe6\x5b\xe7\x5d\xf2\xc4"
- "\x97\x1c\x10\xc6\x4d\x66\x4f\x98"
- "\x87\x30\xac\xd5\xea\x73\x49\x10"
- "\x80\xea\xe5\x5f\x4d\x5f\x03\x33"
- "\x66\x02\x35\x3d\x60\x06\x36\x4f"
- "\x14\x1c\xd8\x07\x1f\x78\xd0\xf8"
- "\x4f\x6c\x62\x7c\x15\xa5\x7c\x28"
- "\x7c\xcc\xeb\x1f\xd1\x07\x90\x93"
- "\x7e\xc2\xa8\x3a\x80\xc0\xf5\x30"
- "\xcc\x75\xcf\x16\x26\xa9\x26\x3b"
- "\xe7\x68\x2f\x15\x21\x5b\xe4\x00"
- "\xbd\x48\x50\xcd\x75\x70\xc4\x62"
- "\xbb\x41\xfb\x89\x4a\x88\x3b\x3b"
- "\x51\x66\x02\x69\x04\x97\x36\xd4"
- "\x75\xae\x0b\xa3\x42\xf8\xca\x79"
- "\x8f\x93\xe9\xcc\x38\xbd\xd6\xd2"
- "\xf9\x70\x4e\xc3\x6a\x8e\x25\xbd"
- "\xea\x15\x5a\xa0\x85\x7e\x81\x0d"
- "\x03\xe7\x05\x39\xf5\x05\x26\xee"
- "\xec\xaa\x1f\x3d\xc9\x98\x76\x01"
- "\x2c\xf4\xfc\xa3\x88\x77\x38\xc4"
- "\x50\x65\x50\x6d\x04\x1f\xdf\x5a"
- "\xaa\xf2\x01\xa9\xc1\x8d\xee\xca"
- "\x47\x26\xef\x39\xb8\xb4\xf2\xd1"
- "\xd6\xbb\x1b\x2a\xc1\x34\x14\xcf",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -15339,20 +10458,7 @@ static const struct cipher_testvec speck128_xts_dec_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x62\x49\x77\x57\x24\x70\x93\x69"
- "\x99\x59\x57\x49\x66\x96\x76\x27"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95"
- "\x02\x88\x41\x97\x16\x93\x99\x37"
- "\x51\x05\x82\x09\x74\x94\x45\x92",
- .klen = 64,
- .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xc5\x85\x2a\x4b\x73\xe4\xf6\xf1"
+ .ctext = "\xc5\x85\x2a\x4b\x73\xe4\xf6\xf1"
"\x7e\xf9\xf6\xe9\xa3\x73\x36\xcb"
"\xaa\xb6\x22\xb0\x24\x6e\x3d\x73"
"\x92\x99\xde\xd3\x76\xed\xcd\x63"
@@ -15416,124 +10522,36 @@ static const struct cipher_testvec speck128_xts_dec_tv_template[] = {
"\x66\x8d\x13\xca\xe0\x59\x2a\x00"
"\xc9\x53\x4c\xe6\x9e\xe2\x73\xd5"
"\x67\x19\xb2\xbd\x9a\x63\xd7\x5c",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
}
};
-static const struct cipher_testvec speck64_enc_tv_template[] = {
+static const struct cipher_testvec speck64_tv_template[] = {
{ /* Speck64/96 */
.key = "\x00\x01\x02\x03\x08\x09\x0a\x0b"
"\x10\x11\x12\x13",
.klen = 12,
- .input = "\x65\x61\x6e\x73\x20\x46\x61\x74",
- .ilen = 8,
- .result = "\x6c\x94\x75\x41\xec\x52\x79\x9f",
- .rlen = 8,
+ .ptext = "\x65\x61\x6e\x73\x20\x46\x61\x74",
+ .ctext = "\x6c\x94\x75\x41\xec\x52\x79\x9f",
+ .len = 8,
}, { /* Speck64/128 */
.key = "\x00\x01\x02\x03\x08\x09\x0a\x0b"
"\x10\x11\x12\x13\x18\x19\x1a\x1b",
.klen = 16,
- .input = "\x2d\x43\x75\x74\x74\x65\x72\x3b",
- .ilen = 8,
- .result = "\x8b\x02\x4e\x45\x48\xa5\x6f\x8c",
- .rlen = 8,
- },
-};
-
-static const struct cipher_testvec speck64_dec_tv_template[] = {
- { /* Speck64/96 */
- .key = "\x00\x01\x02\x03\x08\x09\x0a\x0b"
- "\x10\x11\x12\x13",
- .klen = 12,
- .input = "\x6c\x94\x75\x41\xec\x52\x79\x9f",
- .ilen = 8,
- .result = "\x65\x61\x6e\x73\x20\x46\x61\x74",
- .rlen = 8,
- }, { /* Speck64/128 */
- .key = "\x00\x01\x02\x03\x08\x09\x0a\x0b"
- "\x10\x11\x12\x13\x18\x19\x1a\x1b",
- .klen = 16,
- .input = "\x8b\x02\x4e\x45\x48\xa5\x6f\x8c",
- .ilen = 8,
- .result = "\x2d\x43\x75\x74\x74\x65\x72\x3b",
- .rlen = 8,
+ .ptext = "\x2d\x43\x75\x74\x74\x65\x72\x3b",
+ .ctext = "\x8b\x02\x4e\x45\x48\xa5\x6f\x8c",
+ .len = 8,
},
};
/*
- * Speck64-XTS test vectors, taken from the AES-XTS test vectors with the result
- * recomputed with Speck64 as the cipher, and key lengths adjusted
+ * Speck64-XTS test vectors, taken from the AES-XTS test vectors with the
+ * ciphertext recomputed with Speck64 as the cipher, and key lengths adjusted
*/
-
-static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
+static const struct cipher_testvec speck64_xts_tv_template[] = {
{
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -15541,16 +10559,15 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
.klen = 24,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 32,
- .result = "\x84\xaf\x54\x07\x19\xd4\x7c\xa6"
+ .ctext = "\x84\xaf\x54\x07\x19\xd4\x7c\xa6"
"\xe4\xfe\xdf\xc4\x1f\x34\xc3\xc2"
"\x80\xf5\x72\xe7\xcd\xf0\x99\x22"
"\x35\xa7\x2f\x06\xef\xdc\x51\xaa",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x11\x11\x11\x11\x11\x11\x11\x11"
"\x11\x11\x11\x11\x11\x11\x11\x11"
@@ -15558,16 +10575,15 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
.klen = 24,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\x12\x56\x73\xcd\x15\x87\xa8\x59"
+ .ctext = "\x12\x56\x73\xcd\x15\x87\xa8\x59"
"\xcf\x84\xae\xd9\x1c\x66\xd6\x9f"
"\xb3\x12\x69\x7e\x36\xeb\x52\xff"
"\x62\xdd\xba\x90\xb3\xe1\xee\x99",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
"\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
@@ -15575,16 +10591,15 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
.klen = 24,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\x15\x1b\xe4\x2c\xa2\x5a\x2d\x2c"
+ .ctext = "\x15\x1b\xe4\x2c\xa2\x5a\x2d\x2c"
"\x27\x36\xc0\xbf\x5d\xea\x36\x37"
"\x2d\x1a\x88\xbc\x66\xb5\xd0\x0b"
"\xa1\xbc\x19\xb2\x0f\x3b\x75\x34",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -15592,7 +10607,7 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
.klen = 24,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -15656,8 +10671,7 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\xaf\xa1\x81\xa6\x32\xbb\x15\x8e"
+ .ctext = "\xaf\xa1\x81\xa6\x32\xbb\x15\x8e"
"\xf8\x95\x2e\xd3\xe6\xee\x7e\x09"
"\x0c\x1a\xf5\x02\x97\x8b\xe3\xb3"
"\x11\xc7\x39\x96\xd0\x95\xf4\x56"
@@ -15721,7 +10735,7 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
"\x50\xf7\x5f\xf4\xc2\xca\x41\x97"
"\x37\xbe\x75\x74\xcd\xf0\x75\x6e"
"\x25\x23\x94\xbd\xda\x8d\xb0\xd4",
- .rlen = 512,
+ .len = 512,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -15730,7 +10744,7 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -15794,8 +10808,7 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\x55\xed\x71\xd3\x02\x8e\x15\x3b"
+ .ctext = "\x55\xed\x71\xd3\x02\x8e\x15\x3b"
"\xc6\x71\x29\x2d\x3e\x89\x9f\x59"
"\x68\x6a\xcc\x8a\x56\x97\xf3\x95"
"\x4e\x51\x08\xda\x2a\xf8\x6f\x3c"
@@ -15859,340 +10872,7 @@ static const struct cipher_testvec speck64_xts_enc_tv_template[] = {
"\x9b\x63\x76\x32\x2f\x19\x72\x10"
"\x9f\x21\x0c\xf1\x66\x50\x7f\xa5"
"\x0d\x1f\x46\xe0\xba\xd3\x2f\x3c",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- }
-};
-
-static const struct cipher_testvec speck64_xts_dec_tv_template[] = {
- {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 24,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x84\xaf\x54\x07\x19\xd4\x7c\xa6"
- "\xe4\xfe\xdf\xc4\x1f\x34\xc3\xc2"
- "\x80\xf5\x72\xe7\xcd\xf0\x99\x22"
- "\x35\xa7\x2f\x06\xef\xdc\x51\xaa",
- .ilen = 32,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 32,
- }, {
- .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 24,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x12\x56\x73\xcd\x15\x87\xa8\x59"
- "\xcf\x84\xae\xd9\x1c\x66\xd6\x9f"
- "\xb3\x12\x69\x7e\x36\xeb\x52\xff"
- "\x62\xdd\xba\x90\xb3\xe1\xee\x99",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
- "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 24,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x15\x1b\xe4\x2c\xa2\x5a\x2d\x2c"
- "\x27\x36\xc0\xbf\x5d\xea\x36\x37"
- "\x2d\x1a\x88\xbc\x66\xb5\xd0\x0b"
- "\xa1\xbc\x19\xb2\x0f\x3b\x75\x34",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x31\x41\x59\x26\x53\x58\x97\x93",
- .klen = 24,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xaf\xa1\x81\xa6\x32\xbb\x15\x8e"
- "\xf8\x95\x2e\xd3\xe6\xee\x7e\x09"
- "\x0c\x1a\xf5\x02\x97\x8b\xe3\xb3"
- "\x11\xc7\x39\x96\xd0\x95\xf4\x56"
- "\xf4\xdd\x03\x38\x01\x44\x2c\xcf"
- "\x88\xae\x8e\x3c\xcd\xe7\xaa\x66"
- "\xfe\x3d\xc6\xfb\x01\x23\x51\x43"
- "\xd5\xd2\x13\x86\x94\x34\xe9\x62"
- "\xf9\x89\xe3\xd1\x7b\xbe\xf8\xef"
- "\x76\x35\x04\x3f\xdb\x23\x9d\x0b"
- "\x85\x42\xb9\x02\xd6\xcc\xdb\x96"
- "\xa7\x6b\x27\xb6\xd4\x45\x8f\x7d"
- "\xae\xd2\x04\xd5\xda\xc1\x7e\x24"
- "\x8c\x73\xbe\x48\x7e\xcf\x65\x28"
- "\x29\xe5\xbe\x54\x30\xcb\x46\x95"
- "\x4f\x2e\x8a\x36\xc8\x27\xc5\xbe"
- "\xd0\x1a\xaf\xab\x26\xcd\x9e\x69"
- "\xa1\x09\x95\x71\x26\xe9\xc4\xdf"
- "\xe6\x31\xc3\x46\xda\xaf\x0b\x41"
- "\x1f\xab\xb1\x8e\xd6\xfc\x0b\xb3"
- "\x82\xc0\x37\x27\xfc\x91\xa7\x05"
- "\xfb\xc5\xdc\x2b\x74\x96\x48\x43"
- "\x5d\x9c\x19\x0f\x60\x63\x3a\x1f"
- "\x6f\xf0\x03\xbe\x4d\xfd\xc8\x4a"
- "\xc6\xa4\x81\x6d\xc3\x12\x2a\x5c"
- "\x07\xff\xf3\x72\x74\x48\xb5\x40"
- "\x50\xb5\xdd\x90\x43\x31\x18\x15"
- "\x7b\xf2\xa6\xdb\x83\xc8\x4b\x4a"
- "\x29\x93\x90\x8b\xda\x07\xf0\x35"
- "\x6d\x90\x88\x09\x4e\x83\xf5\x5b"
- "\x94\x12\xbb\x33\x27\x1d\x3f\x23"
- "\x51\xa8\x7c\x07\xa2\xae\x77\xa6"
- "\x50\xfd\xcc\xc0\x4f\x80\x7a\x9f"
- "\x66\xdd\xcd\x75\x24\x8b\x33\xf7"
- "\x20\xdb\x83\x9b\x4f\x11\x63\x6e"
- "\xcf\x37\xef\xc9\x11\x01\x5c\x45"
- "\x32\x99\x7c\x3c\x9e\x42\x89\xe3"
- "\x70\x6d\x15\x9f\xb1\xe6\xb6\x05"
- "\xfe\x0c\xb9\x49\x2d\x90\x6d\xcc"
- "\x5d\x3f\xc1\xfe\x89\x0a\x2e\x2d"
- "\xa0\xa8\x89\x3b\x73\x39\xa5\x94"
- "\x4c\xa4\xa6\xbb\xa7\x14\x46\x89"
- "\x10\xff\xaf\xef\xca\xdd\x4f\x80"
- "\xb3\xdf\x3b\xab\xd4\xe5\x5a\xc7"
- "\x33\xca\x00\x8b\x8b\x3f\xea\xec"
- "\x68\x8a\xc2\x6d\xfd\xd4\x67\x0f"
- "\x22\x31\xe1\x0e\xfe\x5a\x04\xd5"
- "\x64\xa3\xf1\x1a\x76\x28\xcc\x35"
- "\x36\xa7\x0a\x74\xf7\x1c\x44\x9b"
- "\xc7\x1b\x53\x17\x02\xea\xd1\xad"
- "\x13\x51\x73\xc0\xa0\xb2\x05\x32"
- "\xa8\xa2\x37\x2e\xe1\x7a\x3a\x19"
- "\x26\xb4\x6c\x62\x5d\xb3\x1a\x1d"
- "\x59\xda\xee\x1a\x22\x18\xda\x0d"
- "\x88\x0f\x55\x8b\x72\x62\xfd\xc1"
- "\x69\x13\xcd\x0d\x5f\xc1\x09\x52"
- "\xee\xd6\xe3\x84\x4d\xee\xf6\x88"
- "\xaf\x83\xdc\x76\xf4\xc0\x93\x3f"
- "\x4a\x75\x2f\xb0\x0b\x3e\xc4\x54"
- "\x7d\x69\x8d\x00\x62\x77\x0d\x14"
- "\xbe\x7c\xa6\x7d\xc5\x24\x4f\xf3"
- "\x50\xf7\x5f\xf4\xc2\xca\x41\x97"
- "\x37\xbe\x75\x74\xcd\xf0\x75\x6e"
- "\x25\x23\x94\xbd\xda\x8d\xb0\xd4",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x62\x49\x77\x57\x24\x70\x93\x69"
- "\x99\x59\x57\x49\x66\x96\x76\x27",
- .klen = 32,
- .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x55\xed\x71\xd3\x02\x8e\x15\x3b"
- "\xc6\x71\x29\x2d\x3e\x89\x9f\x59"
- "\x68\x6a\xcc\x8a\x56\x97\xf3\x95"
- "\x4e\x51\x08\xda\x2a\xf8\x6f\x3c"
- "\x78\x16\xea\x80\xdb\x33\x75\x94"
- "\xf9\x29\xc4\x2b\x76\x75\x97\xc7"
- "\xf2\x98\x2c\xf9\xff\xc8\xd5\x2b"
- "\x18\xf1\xaf\xcf\x7c\xc5\x0b\xee"
- "\xad\x3c\x76\x7c\xe6\x27\xa2\x2a"
- "\xe4\x66\xe1\xab\xa2\x39\xfc\x7c"
- "\xf5\xec\x32\x74\xa3\xb8\x03\x88"
- "\x52\xfc\x2e\x56\x3f\xa1\xf0\x9f"
- "\x84\x5e\x46\xed\x20\x89\xb6\x44"
- "\x8d\xd0\xed\x54\x47\x16\xbe\x95"
- "\x8a\xb3\x6b\x72\xc4\x32\x52\x13"
- "\x1b\xb0\x82\xbe\xac\xf9\x70\xa6"
- "\x44\x18\xdd\x8c\x6e\xca\x6e\x45"
- "\x8f\x1e\x10\x07\x57\x25\x98\x7b"
- "\x17\x8c\x78\xdd\x80\xa7\xd9\xd8"
- "\x63\xaf\xb9\x67\x57\xfd\xbc\xdb"
- "\x44\xe9\xc5\x65\xd1\xc7\x3b\xff"
- "\x20\xa0\x80\x1a\xc3\x9a\xad\x5e"
- "\x5d\x3b\xd3\x07\xd9\xf5\xfd\x3d"
- "\x4a\x8b\xa8\xd2\x6e\x7a\x51\x65"
- "\x6c\x8e\x95\xe0\x45\xc9\x5f\x4a"
- "\x09\x3c\x3d\x71\x7f\x0c\x84\x2a"
- "\xc8\x48\x52\x1a\xc2\xd5\xd6\x78"
- "\x92\x1e\xa0\x90\x2e\xea\xf0\xf3"
- "\xdc\x0f\xb1\xaf\x0d\x9b\x06\x2e"
- "\x35\x10\x30\x82\x0d\xe7\xc5\x9b"
- "\xde\x44\x18\xbd\x9f\xd1\x45\xa9"
- "\x7b\x7a\x4a\xad\x35\x65\x27\xca"
- "\xb2\xc3\xd4\x9b\x71\x86\x70\xee"
- "\xf1\x89\x3b\x85\x4b\x5b\xaa\xaf"
- "\xfc\x42\xc8\x31\x59\xbe\x16\x60"
- "\x4f\xf9\xfa\x12\xea\xd0\xa7\x14"
- "\xf0\x7a\xf3\xd5\x8d\xbd\x81\xef"
- "\x52\x7f\x29\x51\x94\x20\x67\x3c"
- "\xd1\xaf\x77\x9f\x22\x5a\x4e\x63"
- "\xe7\xff\x73\x25\xd1\xdd\x96\x8a"
- "\x98\x52\x6d\xf3\xac\x3e\xf2\x18"
- "\x6d\xf6\x0a\x29\xa6\x34\x3d\xed"
- "\xe3\x27\x0d\x9d\x0a\x02\x44\x7e"
- "\x5a\x7e\x67\x0f\x0a\x9e\xd6\xad"
- "\x91\xe6\x4d\x81\x8c\x5c\x59\xaa"
- "\xfb\xeb\x56\x53\xd2\x7d\x4c\x81"
- "\x65\x53\x0f\x41\x11\xbd\x98\x99"
- "\xf9\xc6\xfa\x51\x2e\xa3\xdd\x8d"
- "\x84\x98\xf9\x34\xed\x33\x2a\x1f"
- "\x82\xed\xc1\x73\x98\xd3\x02\xdc"
- "\xe6\xc2\x33\x1d\xa2\xb4\xca\x76"
- "\x63\x51\x34\x9d\x96\x12\xae\xce"
- "\x83\xc9\x76\x5e\xa4\x1b\x53\x37"
- "\x17\xd5\xc0\x80\x1d\x62\xf8\x3d"
- "\x54\x27\x74\xbb\x10\x86\x57\x46"
- "\x68\xe1\xed\x14\xe7\x9d\xfc\x84"
- "\x47\xbc\xc2\xf8\x19\x4b\x99\xcf"
- "\x7a\xe9\xc4\xb8\x8c\x82\x72\x4d"
- "\x7b\x4f\x38\x55\x36\x71\x64\xc1"
- "\xfc\x5c\x75\x52\x33\x02\x18\xf8"
- "\x17\xe1\x2b\xc2\x43\x39\xbd\x76"
- "\x9b\x63\x76\x32\x2f\x19\x72\x10"
- "\x9f\x21\x0c\xf1\x66\x50\x7f\xa5"
- "\x0d\x1f\x46\xe0\xba\xd3\x2f\x3c",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
@@ -16200,37 +10880,34 @@ static const struct cipher_testvec speck64_xts_dec_tv_template[] = {
};
/* Cast6 test vectors from RFC 2612 */
-static const struct cipher_testvec cast6_enc_tv_template[] = {
+static const struct cipher_testvec cast6_tv_template[] = {
{
.key = "\x23\x42\xbb\x9e\xfa\x38\x54\x2c"
"\x0a\xf7\x56\x47\xf2\x9f\x61\x5d",
.klen = 16,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\xc8\x42\xa0\x89\x72\xb4\x3d\x20"
+ .ptext = zeroed_string,
+ .ctext = "\xc8\x42\xa0\x89\x72\xb4\x3d\x20"
"\x83\x6c\x91\xd1\xb7\x53\x0f\x6b",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x23\x42\xbb\x9e\xfa\x38\x54\x2c"
"\xbe\xd0\xac\x83\x94\x0a\xc2\x98"
"\xba\xc7\x7a\x77\x17\x94\x28\x63",
.klen = 24,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\x1b\x38\x6c\x02\x10\xdc\xad\xcb"
+ .ptext = zeroed_string,
+ .ctext = "\x1b\x38\x6c\x02\x10\xdc\xad\xcb"
"\xdd\x0e\x41\xaa\x08\xa7\xa7\xe8",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x23\x42\xbb\x9e\xfa\x38\x54\x2c"
"\xbe\xd0\xac\x83\x94\x0a\xc2\x98"
"\x8d\x7c\x47\xce\x26\x49\x08\x46"
"\x1c\xc1\xb5\x13\x7a\xe6\xb6\x04",
.klen = 32,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\x4f\x6a\x20\x38\x28\x68\x97\xb9"
+ .ptext = zeroed_string,
+ .ctext = "\x4f\x6a\x20\x38\x28\x68\x97\xb9"
"\xc9\x87\x01\x36\x55\x33\x17\xfa",
- .rlen = 16,
+ .len = 16,
}, { /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -16239,7 +10916,7 @@ static const struct cipher_testvec cast6_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -16301,116 +10978,7 @@ static const struct cipher_testvec cast6_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xC3\x70\x22\x32\xF5\x80\xCB\x54"
- "\xFC\x30\xE0\xF6\xEB\x39\x57\xA6"
- "\xB6\xB9\xC5\xA4\x91\x55\x14\x97"
- "\xC1\x20\xFF\x6C\x5C\xF0\x67\xEA"
- "\x2F\xED\xD8\xC9\xFB\x38\x3F\xFE"
- "\x93\xBE\xDC\x00\xD3\x7F\xAD\x4C"
- "\x5A\x08\x92\xD1\x47\x0C\xFA\x6C"
- "\xD0\x6A\x99\x10\x72\xF8\x47\x62"
- "\x81\x42\xF8\xD8\xF5\xBB\x94\x08"
- "\xAA\x97\xA2\x8B\x69\xB3\xD2\x7E"
- "\xBC\xB5\x00\x0C\xE5\x44\x4B\x58"
- "\xE8\x63\xDC\xB3\xC4\xE5\x23\x12"
- "\x5A\x72\x85\x47\x8B\xEC\x9F\x26"
- "\x84\xB6\xED\x10\x33\x63\x9B\x5F"
- "\x4D\x53\xEE\x94\x45\x8B\x60\x58"
- "\x86\x20\xF9\x1E\x82\x08\x3E\x58"
- "\x60\x1B\x34\x19\x02\xBE\x4E\x09"
- "\xBB\x7C\x15\xCC\x60\x27\x55\x7A"
- "\x12\xB8\xD8\x08\x89\x3C\xA6\xF3"
- "\xF1\xDD\xA7\x07\xA3\x12\x85\x28"
- "\xE9\x57\xAC\x80\x0C\x5C\x0F\x3A"
- "\x5D\xC2\x91\xC7\x90\xE4\x8C\x43"
- "\x92\xE4\x7C\x26\x69\x4D\x83\x68"
- "\x14\x96\x42\x47\xBD\xA9\xE4\x8A"
- "\x33\x19\xEB\x54\x8E\x0D\x4B\x6E"
- "\x91\x51\xB5\x36\x08\xDE\x1C\x06"
- "\x03\xBD\xDE\x81\x26\xF7\x99\xC2"
- "\xBA\xF7\x6D\x87\x0D\xE4\xA6\xCF"
- "\xC1\xF5\x27\x05\xB8\x02\x57\x72"
- "\xE6\x42\x13\x0B\xC6\x47\x05\x74"
- "\x24\x15\xF7\x0D\xC2\x23\x9D\xB9"
- "\x3C\x77\x18\x93\xBA\xB4\xFC\x8C"
- "\x98\x82\x67\x67\xB4\xD7\xD3\x43"
- "\x23\x08\x02\xB7\x9B\x99\x05\xFB"
- "\xD3\xB5\x00\x0A\xA9\x9D\x66\xD6"
- "\x2E\x49\x58\xD0\xA8\x57\x29\x7F"
- "\x0A\x0E\x7D\xFC\x92\x83\xCC\x67"
- "\xA2\xB1\x70\x3A\x8F\x87\x4A\x8D"
- "\x17\xE2\x58\x2B\x88\x0D\x68\x62"
- "\xBF\x35\xD1\x6F\xC0\xF0\x18\x62"
- "\xB2\xC7\x2D\x58\xC7\x16\xDE\x08"
- "\xEB\x84\x1D\x25\xA7\x38\x94\x06"
- "\x93\x9D\xF8\xFE\x88\x71\xE7\x84"
- "\x2C\xA0\x38\xA3\x1D\x48\xCF\x29"
- "\x0B\xBC\xD8\x50\x99\x1A\x26\xFB"
- "\x8E\x75\x3D\x73\xEB\x6A\xED\x29"
- "\xE0\x8E\xED\xFC\xFE\x6F\xF6\xBA"
- "\x41\xE2\x10\x4C\x01\x8B\x69\x2B"
- "\x25\x3F\x4D\x70\x7B\x92\xD6\x3B"
- "\xAC\xF9\x77\x18\xD9\x6A\x30\xA6"
- "\x2E\xFA\x30\xFF\xC8\xD5\x1D\x06"
- "\x59\x28\x1D\x86\x43\x04\x5D\x3B"
- "\x99\x4C\x04\x5A\x21\x17\x8B\x76"
- "\x8F\x72\xCB\xA1\x9C\x29\x4C\xC3"
- "\x65\xA2\x58\x2A\xC5\x66\x24\xBF"
- "\xBA\xE6\x0C\xDD\x34\x24\x74\xC8"
- "\x84\x0A\x66\x2C\xBE\x8F\x32\xA9"
- "\xE7\xE4\xA1\xD7\xDA\xAB\x23\x1E"
- "\xEB\xEE\x6C\x94\x6F\x9C\x2E\xD1"
- "\x49\x2C\xF3\xD4\x90\xCC\x93\x4C"
- "\x84\x52\x6D\x68\xDE\xC6\x64\xB2"
- "\x11\x74\x93\x57\xB4\x7E\xC6\x00",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast6_dec_tv_template[] = {
- {
- .key = "\x23\x42\xbb\x9e\xfa\x38\x54\x2c"
- "\x0a\xf7\x56\x47\xf2\x9f\x61\x5d",
- .klen = 16,
- .input = "\xc8\x42\xa0\x89\x72\xb4\x3d\x20"
- "\x83\x6c\x91\xd1\xb7\x53\x0f\x6b",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = "\x23\x42\xbb\x9e\xfa\x38\x54\x2c"
- "\xbe\xd0\xac\x83\x94\x0a\xc2\x98"
- "\xba\xc7\x7a\x77\x17\x94\x28\x63",
- .klen = 24,
- .input = "\x1b\x38\x6c\x02\x10\xdc\xad\xcb"
- "\xdd\x0e\x41\xaa\x08\xa7\xa7\xe8",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = "\x23\x42\xbb\x9e\xfa\x38\x54\x2c"
- "\xbe\xd0\xac\x83\x94\x0a\xc2\x98"
- "\x8d\x7c\x47\xce\x26\x49\x08\x46"
- "\x1c\xc1\xb5\x13\x7a\xe6\xb6\x04",
- .klen = 32,
- .input = "\x4f\x6a\x20\x38\x28\x68\x97\xb9"
- "\xc9\x87\x01\x36\x55\x33\x17\xfa",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xC3\x70\x22\x32\xF5\x80\xCB\x54"
+ .ctext = "\xC3\x70\x22\x32\xF5\x80\xCB\x54"
"\xFC\x30\xE0\xF6\xEB\x39\x57\xA6"
"\xB6\xB9\xC5\xA4\x91\x55\x14\x97"
"\xC1\x20\xFF\x6C\x5C\xF0\x67\xEA"
@@ -16472,77 +11040,14 @@ static const struct cipher_testvec cast6_dec_tv_template[] = {
"\x49\x2C\xF3\xD4\x90\xCC\x93\x4C"
"\x84\x52\x6D\x68\xDE\xC6\x64\xB2"
"\x11\x74\x93\x57\xB4\x7E\xC6\x00",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec cast6_cbc_enc_tv_template[] = {
+static const struct cipher_testvec cast6_cbc_tv_template[] = {
{ /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -16551,7 +11056,7 @@ static const struct cipher_testvec cast6_cbc_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -16613,8 +11118,7 @@ static const struct cipher_testvec cast6_cbc_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xDF\x77\x68\x96\xC7\xBA\xF8\xE2"
+ .ctext = "\xDF\x77\x68\x96\xC7\xBA\xF8\xE2"
"\x0E\x24\x99\x1A\xAA\xF3\xC6\x9F"
"\xA0\x73\xB3\x70\xC3\x68\x64\x70"
"\xAD\x33\x02\xFB\x88\x74\xAA\x78"
@@ -16676,14 +11180,14 @@ static const struct cipher_testvec cast6_cbc_enc_tv_template[] = {
"\xC5\x5C\xAD\xB6\x07\xB6\x84\xF3"
"\x4D\x59\x7D\xC5\x28\x69\xFA\x92"
"\x22\x46\x89\x2D\x0F\x2B\x08\x24",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec cast6_cbc_dec_tv_template[] = {
+static const struct cipher_testvec cast6_ctr_tv_template[] = {
{ /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -16692,155 +11196,13 @@ static const struct cipher_testvec cast6_cbc_dec_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xDF\x77\x68\x96\xC7\xBA\xF8\xE2"
- "\x0E\x24\x99\x1A\xAA\xF3\xC6\x9F"
- "\xA0\x73\xB3\x70\xC3\x68\x64\x70"
- "\xAD\x33\x02\xFB\x88\x74\xAA\x78"
- "\xC7\x47\x1A\x18\x61\x2D\xAC\x9F"
- "\x7E\x6F\xDF\x05\x13\x76\xA6\x72"
- "\xB7\x13\x09\x0F\x7D\x38\xDF\x25"
- "\x4E\xFD\x50\x45\xFA\x35\x6A\xC0"
- "\x57\x95\xE1\x21\x26\x10\x9A\x21"
- "\xA1\x8A\x51\x05\xD1\xB1\x78\x35"
- "\x98\xF5\xAE\xC0\xC1\x8B\x94\xFF"
- "\xD0\x69\x3F\x42\xC2\x01\xA7\x9B"
- "\x23\x16\x47\x72\x81\x13\x3A\x72"
- "\xEC\xD9\x40\x88\x00\x9C\xB0\xA8"
- "\x9C\xAC\xCE\x11\x73\x7B\x63\x3E"
- "\xA3\x63\x98\x7D\x35\xE4\xD9\x83"
- "\xE2\xD0\x52\x87\x0C\x1F\xB0\xB3"
- "\x41\x1A\x93\x8D\x76\x31\x9F\xF2"
- "\xFE\x09\xA3\x8F\x22\x6A\x3B\xB9"
- "\x6C\x9E\xE4\xA1\xA0\xC4\xE7\xA1"
- "\x21\x9C\x1A\xCA\x65\xDE\x44\x03"
- "\x99\xF2\xD2\x39\xE3\x3F\x0F\x37"
- "\x53\x50\x23\xA4\x81\x6E\xDA\xFB"
- "\xF8\x7B\x01\xD7\xB2\x32\x9C\xB8"
- "\xB1\x0E\x99\x17\xB5\x38\xF9\xD7"
- "\x86\x2D\x6E\x94\x5C\x99\x9D\xB3"
- "\xD3\x63\x4B\x2A\x7D\x44\x6A\xB2"
- "\xC1\x03\xE6\x5A\x37\xD8\x64\x18"
- "\xAA\x32\xCE\x29\xED\xC0\xA2\xCB"
- "\x8D\xAF\xCD\xBE\x8F\xB6\xEC\xB4"
- "\x89\x05\x81\x6E\x71\x4F\xC3\x28"
- "\x10\xC1\x62\xC4\x41\xE9\xD2\x39"
- "\xF3\x22\x39\x12\x2C\xC2\x95\x2D"
- "\xBF\x93\x58\x4B\x04\xD1\x8D\x57"
- "\xAE\xEB\x60\x03\x56\x35\xAD\x5A"
- "\xE9\xC3\xFF\x4E\x31\xE1\x37\xF8"
- "\x7D\xEE\x65\x8A\xB6\x88\x1A\x3E"
- "\x07\x09\x82\xBA\xF0\x80\x8A\xD0"
- "\xA0\x3F\x6A\xE9\x24\x87\x19\x65"
- "\x73\x3F\x12\x91\x47\x54\xBA\x39"
- "\x30\x5B\x1E\xE5\xC2\xF9\x3F\xEF"
- "\xD6\x75\xF9\xB8\x7C\x8B\x05\x76"
- "\xEE\xB7\x08\x25\x4B\xB6\x7B\x47"
- "\x72\xC0\x4C\xD4\xDA\xE0\x75\xF1"
- "\x7C\xE8\x94\x9E\x16\x6E\xB8\x12"
- "\xA1\xC1\x6E\x3B\x1C\x59\x41\x2D"
- "\x23\xFA\x7D\x77\xB8\x46\x75\xFE"
- "\x4F\x10\xD3\x09\x60\xA1\x36\x96"
- "\x5B\xC2\xDC\x6E\x84\x7D\x9B\x14"
- "\x80\x21\x83\x58\x3C\x76\xFD\x28"
- "\x1D\xF9\x93\x13\xD7\x0E\x62\x14"
- "\x5A\xC5\x4E\x08\xA5\x56\xA4\x3C"
- "\x68\x93\x44\x70\xDF\xCF\x4A\x51"
- "\x0B\x81\x29\x41\xE5\x62\x4D\x36"
- "\xB3\xEA\x94\xA6\xB9\xDD\x3F\x09"
- "\x62\x34\xA0\x6A\x7E\x7D\xF5\xF6"
- "\x01\x91\xB4\x27\xDA\x59\xD6\x17"
- "\x56\x4D\x82\x62\x37\xA3\x48\x01"
- "\x99\x91\x77\xB2\x08\x6B\x2C\x37"
- "\xC5\x5C\xAD\xB6\x07\xB6\x84\xF3"
- "\x4D\x59\x7D\xC5\x28\x69\xFA\x92"
- "\x22\x46\x89\x2D\x0F\x2B\x08\x24",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast6_ctr_enc_tv_template[] = {
- { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A",
- .ilen = 17,
- .result = "\x26\x0A\xF1\xE2\x3F\x8A\xEF\xA3"
+ .ctext = "\x26\x0A\xF1\xE2\x3F\x8A\xEF\xA3"
"\x53\x9A\x5E\x1B\x2A\x1A\xC6\x0A"
"\x57",
- .rlen = 17,
+ .len = 17,
}, { /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -16849,7 +11211,7 @@ static const struct cipher_testvec cast6_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -16911,8 +11273,7 @@ static const struct cipher_testvec cast6_ctr_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\x26\x0A\xF1\xE2\x3F\x8A\xEF\xA3"
+ .ctext = "\x26\x0A\xF1\xE2\x3F\x8A\xEF\xA3"
"\x53\x9A\x5E\x1B\x2A\x1A\xC6\x0A"
"\x57\xA3\xEF\x47\x2A\xE8\x88\xA7"
"\x3C\xD0\xEC\xB9\x94\x50\x7D\x56"
@@ -16974,171 +11335,14 @@ static const struct cipher_testvec cast6_ctr_enc_tv_template[] = {
"\x9B\x66\x8D\x32\xBA\x81\x34\x87"
"\x0E\x74\x33\x30\x62\xB9\x89\xDF"
"\xF9\xC5\xDD\x27\xB3\x39\xCB\xCB",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec cast6_ctr_dec_tv_template[] = {
- { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x26\x0A\xF1\xE2\x3F\x8A\xEF\xA3"
- "\x53\x9A\x5E\x1B\x2A\x1A\xC6\x0A"
- "\x57",
- .ilen = 17,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A",
- .rlen = 17,
- }, { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x26\x0A\xF1\xE2\x3F\x8A\xEF\xA3"
- "\x53\x9A\x5E\x1B\x2A\x1A\xC6\x0A"
- "\x57\xA3\xEF\x47\x2A\xE8\x88\xA7"
- "\x3C\xD0\xEC\xB9\x94\x50\x7D\x56"
- "\xBC\xE1\xC1\xF5\xE1\xEE\x12\xF8"
- "\x4F\x03\x82\x3A\x93\x6B\x4C\xD3"
- "\xE3\xF3\xFA\xC2\x23\x55\x98\x20"
- "\x49\x76\x9B\x6B\xC1\x23\xBF\xE5"
- "\xD4\xC4\x2F\x61\xE1\x67\x2A\x30"
- "\x6F\x29\xCA\x54\xF8\x1B\xA6\x7D"
- "\x66\x45\xEE\xC8\x19\xBE\x50\xF0"
- "\x5F\x65\xF8\x1E\x4D\x07\x87\xD9"
- "\xD3\xD9\x1B\x09\x89\xFD\x42\xC5"
- "\xDB\xEB\x86\xF1\x67\x04\x0F\x5C"
- "\x81\xDF\x82\x12\xC7\x4C\x1B\x07"
- "\xDE\xE6\xFA\x29\x86\xD1\xB0\xBA"
- "\x3D\x6A\x69\x76\xEC\x0F\xB4\xE6"
- "\xCD\xA7\xF8\xA8\xB8\xE0\x33\xF5"
- "\x49\x61\x22\x52\x64\x8C\x46\x41"
- "\x1F\x48\x5F\x4F\xA2\x89\x36\x17"
- "\x20\xF8\x2F\x8F\x4B\xFA\xF2\xC0"
- "\x1E\x18\xA2\xF8\xB7\x6D\x98\xE3"
- "\x00\x14\x15\x59\xC1\x30\x64\xAF"
- "\xA8\x01\x38\xAB\xD4\x8B\xEC\x7C"
- "\x44\x9A\xC6\x2C\x2E\x2B\x2B\xF4"
- "\x02\x37\xC4\x69\xEF\x36\xC1\xF3"
- "\xA0\xFB\xFE\x29\xAD\x39\xCF\xD0"
- "\x51\x73\xA3\x22\x42\x41\xAB\xD2"
- "\x0F\x50\x14\xB9\x54\xD3\xD4\xFA"
- "\xBF\xC9\xBB\xCE\xC4\x1D\x2D\xAF"
- "\xC9\x3F\x07\x87\x42\x4B\x3A\x54"
- "\x34\x8E\x37\xA3\x03\x6F\x65\x66"
- "\xDB\x44\xC3\xE8\xD7\xDD\x7D\xDD"
- "\x61\xB4\x2B\x80\xA3\x98\x13\xF5"
- "\x5A\xD3\x34\x58\xC3\x6E\xF6\xB8"
- "\x0A\xC6\x50\x01\x8E\xD5\x6C\x7D"
- "\xFE\x16\xB6\xCF\xFC\x51\x40\xAE"
- "\xB3\x15\xAC\x90\x6F\x0B\x28\x3A"
- "\x60\x40\x38\x90\x20\x46\xC7\xB3"
- "\x0B\x12\x6D\x3B\x15\x14\xF9\xF4"
- "\x11\x41\x76\x6B\xB3\x60\x82\x3C"
- "\x84\xFB\x08\x2E\x92\x25\xCB\x79"
- "\x6F\x58\xC5\x94\x00\x00\x47\xB6"
- "\x9E\xDC\x0F\x29\x70\x46\x20\x76"
- "\x65\x75\x66\x5C\x00\x96\xB3\xE1"
- "\x0B\xA7\x11\x8B\x2E\x61\x4E\x45"
- "\x73\xFC\x91\xAB\x79\x41\x23\x14"
- "\x13\xB6\x72\x6C\x46\xB3\x03\x11"
- "\xE4\xF1\xEE\xC9\x7A\xCF\x96\x32"
- "\xB6\xF0\x8B\x97\xB4\xCF\x82\xB7"
- "\x15\x48\x44\x99\x09\xF6\xE0\xD7"
- "\xBC\xF1\x5B\x91\x4F\x30\x22\xA2"
- "\x45\xC4\x68\x55\xC2\xBE\xA7\xD2"
- "\x12\x53\x35\x9C\xF9\xE7\x35\x5D"
- "\x81\xE4\x86\x42\xC3\x58\xFB\xF0"
- "\x38\x9B\x8E\x5A\xEF\x83\x33\x0F"
- "\x00\x4E\x3F\x9F\xF5\x84\x62\xC4"
- "\x19\x35\x88\x22\x45\x59\x0E\x8F"
- "\xEC\x27\xDD\x4A\xA4\x1F\xBC\x41"
- "\x9B\x66\x8D\x32\xBA\x81\x34\x87"
- "\x0E\x74\x33\x30\x62\xB9\x89\xDF"
- "\xF9\xC5\xDD\x27\xB3\x39\xCB\xCB",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast6_lrw_enc_tv_template[] = {
+static const struct cipher_testvec cast6_lrw_tv_template[] = {
{ /* Generated from TF test vectors */
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -17149,7 +11353,7 @@ static const struct cipher_testvec cast6_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ .ptext = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
"\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
"\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
"\x50\x38\x1f\x71\x49\xb6\x57\xd6"
@@ -17213,90 +11417,7 @@ static const struct cipher_testvec cast6_lrw_enc_tv_template[] = {
"\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
"\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
"\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .ilen = 512,
- .result = "\x55\x25\x09\x8B\xB5\xD5\xF8\xBF"
- "\x37\x4A\xFE\x3C\x47\xD8\xE6\xEB"
- "\xCA\xA4\x9B\xB0\xAB\x6D\x64\xCA"
- "\x58\xB6\x73\xF0\xD7\x52\x34\xEF"
- "\xFB\x3E\x96\x81\xB7\x71\x34\xA4"
- "\x55\x20\xBE\x39\x5A\x2B\xF9\xD1"
- "\x65\x0B\xDA\xD3\x7E\xB3\xA6\xF7"
- "\x2E\x0B\x5A\x52\xDB\x39\x8C\x9B"
- "\x61\x17\x5F\xAF\xB6\x5A\xC8\x08"
- "\xA7\xB7\x2A\x11\x7C\x97\x38\x9D"
- "\x59\x0E\x66\x59\x5E\xD8\x8B\xCE"
- "\x70\xE0\xC3\x42\xB0\x8C\x0F\xBA"
- "\xB2\x0D\x81\xB6\xBE\x61\x1C\x2D"
- "\x7E\xEA\x91\x25\xAC\xEC\xF8\x28"
- "\x80\x1D\xF0\x30\xBA\x62\x77\x7D"
- "\xDB\x15\x69\xDF\xFA\x2A\x81\x64"
- "\x95\x5B\xA4\x7F\x3E\x4F\xE3\x30"
- "\xB0\x5C\xC2\x05\xF8\xF0\x29\xE7"
- "\x0A\xA0\x66\xB2\x5D\x0F\x39\x2B"
- "\xB4\xB3\x00\xA9\xD0\xAB\x63\x61"
- "\x5E\xDB\xFC\x11\x74\x25\x96\x65"
- "\xE8\xE2\x34\x57\x77\x15\x5E\x70"
- "\xFF\x10\x90\xC3\x64\xF0\x11\x0A"
- "\x63\x3A\xD3\x55\x92\x15\x4B\x0C"
- "\xC7\x08\x89\x17\x3B\x99\xAD\x63"
- "\xE7\x06\xDF\x52\xBC\x15\x64\x45"
- "\x9D\x7A\xFB\x69\xBC\x2D\x6E\xA9"
- "\x35\xD9\xD8\xF5\x0C\xC4\xA2\x23"
- "\x9C\x18\x8B\xA8\x8C\xFE\xF8\x0E"
- "\xBD\xAB\x60\x1A\x51\x17\x54\x27"
- "\xB6\xE8\xBE\x0F\xA9\xA5\x82\x19"
- "\x2F\x6F\x20\xA7\x47\xED\x74\x6C"
- "\x4E\xC1\xF8\x8C\x14\xF3\xBB\x1F"
- "\xED\x4D\x8F\x7C\x37\xEF\x19\xA1"
- "\x07\x16\xDE\x76\xCC\x5E\x94\x02"
- "\xFB\xBF\xE4\x81\x50\xCE\xFC\x0F"
- "\x9E\xCF\x3D\xF6\x67\x00\xBF\xA7"
- "\x6E\x21\x58\x36\x06\xDE\xB3\xD4"
- "\xA2\xFA\xD8\x4E\xE0\xB9\x7F\x23"
- "\x51\x21\x2B\x32\x68\xAA\xF8\xA8"
- "\x93\x08\xB5\x6D\xE6\x43\x2C\xB7"
- "\x31\xB2\x0F\xD0\xA2\x51\xC0\x25"
- "\x30\xC7\x10\x3F\x97\x27\x01\x8E"
- "\xFA\xD8\x4F\x78\xD8\x2E\x1D\xEB"
- "\xA1\x37\x52\x0F\x7B\x5E\x87\xA8"
- "\x22\xE2\xE6\x92\xA7\x5F\x11\x32"
- "\xCC\x93\x34\xFC\xD1\x7E\xAE\x54"
- "\xBC\x6A\x1B\x91\xD1\x2E\x21\xEC"
- "\x5D\xF1\xC4\xF1\x55\x20\xBF\xE5"
- "\x96\x3D\x69\x91\x20\x4E\xF2\x61"
- "\xDA\x77\xFE\xEE\xC3\x74\x57\x2A"
- "\x78\x39\xB0\xE0\xCF\x12\x56\xD6"
- "\x05\xDC\xF9\x19\x66\x44\x1D\xF9"
- "\x82\x37\xD4\xC2\x60\xB6\x31\xDF"
- "\x0C\xAF\xBC\x8B\x55\x9A\xC8\x2D"
- "\xAB\xA7\x88\x7B\x41\xE8\x29\xC9"
- "\x9B\x8D\xA7\x00\x86\x25\xB6\x14"
- "\xF5\x13\x73\xD7\x4B\x6B\x83\xF3"
- "\xAF\x96\x00\xE4\xB7\x3C\x65\xA6"
- "\x15\xB7\x94\x7D\x4E\x70\x4C\x75"
- "\xF3\xB4\x02\xA9\x17\x1C\x7A\x0A"
- "\xC0\xD5\x33\x11\x56\xDE\xDC\xF5"
- "\x8D\xD9\xCD\x3B\x22\x67\x18\xC7"
- "\xC4\xF5\x99\x61\xBC\xBB\x5B\x46",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast6_lrw_dec_tv_template[] = {
- { /* Generated from TF test vectors */
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x55\x25\x09\x8B\xB5\xD5\xF8\xBF"
+ .ctext = "\x55\x25\x09\x8B\xB5\xD5\xF8\xBF"
"\x37\x4A\xFE\x3C\x47\xD8\xE6\xEB"
"\xCA\xA4\x9B\xB0\xAB\x6D\x64\xCA"
"\x58\xB6\x73\xF0\xD7\x52\x34\xEF"
@@ -17360,79 +11481,14 @@ static const struct cipher_testvec cast6_lrw_dec_tv_template[] = {
"\xC0\xD5\x33\x11\x56\xDE\xDC\xF5"
"\x8D\xD9\xCD\x3B\x22\x67\x18\xC7"
"\xC4\xF5\x99\x61\xBC\xBB\x5B\x46",
- .ilen = 512,
- .result = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
- "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
- "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
- "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
- "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
- "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
- "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
- "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
- "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
- "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
- "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
- "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
- "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
- "\x4c\x96\x12\xed\x7c\x92\x03\x01"
- "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
- "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
- "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
- "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
- "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
- "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
- "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
- "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
- "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
- "\x76\x12\x73\x44\x1a\x56\xd7\x72"
- "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
- "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
- "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
- "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
- "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
- "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
- "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
- "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
- "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
- "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
- "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
- "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
- "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
- "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
- "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
- "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
- "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
- "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
- "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
- "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
- "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
- "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
- "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
- "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
- "\x62\x73\x65\xfd\x46\x63\x25\x3d"
- "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
- "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
- "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
- "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
- "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
- "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
- "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
- "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
- "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
- "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
- "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
- "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
- "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
- "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
- "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
},
};
-static const struct cipher_testvec cast6_xts_enc_tv_template[] = {
+static const struct cipher_testvec cast6_xts_tv_template[] = {
{ /* Generated from TF test vectors */
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -17445,7 +11501,7 @@ static const struct cipher_testvec cast6_xts_enc_tv_template[] = {
.klen = 64,
.iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -17509,8 +11565,7 @@ static const struct cipher_testvec cast6_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\xDE\x6F\x22\xA5\xE8\x39\xE8\x78"
+ .ctext = "\xDE\x6F\x22\xA5\xE8\x39\xE8\x78"
"\x88\x5A\x4F\x8D\x82\x76\x52\x6D"
"\xB2\x41\x16\xF4\x2B\xA6\xEB\xF6"
"\xE2\xC5\x62\x8D\x61\xA1\x01\xED"
@@ -17574,207 +11629,54 @@ static const struct cipher_testvec cast6_xts_enc_tv_template[] = {
"\x45\x72\x80\x17\x81\xBD\x9D\x62"
"\xA1\xAC\xE8\xCF\xC6\x74\xCF\xDC"
"\x22\x60\x4E\xE8\xA4\x5D\x85\xB9",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast6_xts_dec_tv_template[] = {
- { /* Generated from TF test vectors */
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x62\x49\x77\x57\x24\x70\x93\x69"
- "\x99\x59\x57\x49\x66\x96\x76\x27"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95"
- "\x02\x88\x41\x97\x16\x93\x99\x37"
- "\x51\x05\x82\x09\x74\x94\x45\x92",
- .klen = 64,
- .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xDE\x6F\x22\xA5\xE8\x39\xE8\x78"
- "\x88\x5A\x4F\x8D\x82\x76\x52\x6D"
- "\xB2\x41\x16\xF4\x2B\xA6\xEB\xF6"
- "\xE2\xC5\x62\x8D\x61\xA1\x01\xED"
- "\xD9\x38\x01\xC1\x43\x63\x4E\x88"
- "\xC9\x4B\x5A\x88\x80\xB7\x5C\x71"
- "\x47\xEE\x11\xD8\xB7\x2D\x5D\x13"
- "\x1A\xB1\x68\x5B\x61\xA7\xA9\x81"
- "\x8B\x83\xA1\x6A\xAA\x36\xD6\xB6"
- "\x60\x54\x09\x32\xFE\x6A\x76\x2E"
- "\x28\xFF\xD5\xD6\xDD\x1D\x45\x7D"
- "\xF0\x8B\xF3\x32\x4E\x6C\x12\xCB"
- "\xB8\x25\x70\xF8\x40\xBC\x90\x1B"
- "\x11\xC3\x59\xAF\xF0\x2F\x92\xDD"
- "\xD3\x3B\xCF\x60\xA1\x78\x94\x57"
- "\xAF\x76\xC1\x67\xA6\x3C\xCD\x98"
- "\xB1\xF7\x27\xB9\xA3\xBD\x10\xEA"
- "\xCD\x8B\xC2\xF2\x14\xF2\xB2\x67"
- "\x05\xDD\x1D\x58\x6E\x2F\x95\x08"
- "\x3A\xF8\x78\x76\x82\x56\xA7\xEC"
- "\x51\x4B\x85\x77\xC2\x4C\x4A\x34"
- "\x71\x38\x17\x91\x44\xE8\xFC\x65"
- "\x99\x0D\x52\x91\xEE\xF8\xEF\x27"
- "\x2A\x9E\x6E\x78\xC4\x26\x87\xF4"
- "\x8A\xF0\x2D\x04\xE8\x14\x92\x5D"
- "\x59\x22\x9B\x29\x5C\x18\xF0\xC3"
- "\x47\xF3\x76\xD8\xE4\xF3\x1B\xD1"
- "\x70\xA3\x0D\xB5\x70\x02\x1D\xA3"
- "\x91\x3B\x49\x73\x18\xAB\xD4\xC9"
- "\xC3\x1E\xEF\x1F\xFE\xD5\x59\x8A"
- "\xD7\xF6\xC9\x71\x67\x79\xD7\x0E"
- "\xBE\x1F\x8E\xEC\x55\x7E\x4F\x24"
- "\xE6\x87\xEA\xFE\x96\x25\x67\x8E"
- "\x93\x03\xFA\xFF\xCE\xAF\xB2\x3C"
- "\x6F\xEB\x57\xFB\xD3\x28\x87\xA9"
- "\xCE\xC2\xF5\x9C\xC6\x67\xB5\x97"
- "\x49\xF7\x04\xCB\xEF\x84\x98\x33"
- "\xAF\x38\xD3\x04\x1C\x24\x71\x38"
- "\xC7\x71\xDD\x43\x0D\x12\x4A\x18"
- "\xBA\xC4\xAF\xBA\xB2\x5B\xEB\x95"
- "\x02\x43\x5D\xCE\x19\xCC\xCD\x66"
- "\x91\x0B\x8C\x7F\x51\xC4\xBF\x3C"
- "\x8B\xF1\xCC\xAA\x29\xD7\x87\xCB"
- "\x3E\xC5\xF3\xC9\x75\xE8\xA3\x5B"
- "\x30\x45\xA9\xB7\xAF\x80\x64\x6F"
- "\x75\x4A\xA7\xC0\x6D\x19\x6B\xDE"
- "\x17\xDE\x6D\xEA\x87\x9F\x95\xAE"
- "\xF5\x3C\xEE\x54\xB8\x27\x84\xF8"
- "\x97\xA3\xE1\x6F\x38\x24\x34\x88"
- "\xCE\xBD\x32\x52\xE0\x00\x6C\x94"
- "\xC9\xD7\x5D\x37\x81\x33\x2E\x7F"
- "\x4F\x7E\x2E\x0D\x94\xBD\xEA\x59"
- "\x34\x39\xA8\x35\x12\xB7\xBC\xAC"
- "\xEA\x52\x9C\x78\x02\x6D\x92\x36"
- "\xFB\x59\x2B\xA4\xEA\x7B\x1B\x83"
- "\xE1\x4D\x5E\x2A\x7E\x92\xB1\x64"
- "\xDE\xE0\x27\x4B\x0A\x6F\x4C\xE3"
- "\xB0\xEB\x31\xE4\x69\x95\xAB\x35"
- "\x8B\x2C\xF5\x6B\x7F\xF1\xA2\x82"
- "\xF8\xD9\x47\x82\xA9\x82\x03\x91"
- "\x69\x1F\xBE\x4C\xE7\xC7\x34\x2F"
- "\x45\x72\x80\x17\x81\xBD\x9D\x62"
- "\xA1\xAC\xE8\xCF\xC6\x74\xCF\xDC"
- "\x22\x60\x4E\xE8\xA4\x5D\x85\xB9",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
},
};
-
/*
* AES test vectors.
*/
-static const struct cipher_testvec aes_enc_tv_template[] = {
+static const struct cipher_testvec aes_tv_template[] = {
{ /* From FIPS-197 */
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
.klen = 16,
- .input = "\x00\x11\x22\x33\x44\x55\x66\x77"
+ .ptext = "\x00\x11\x22\x33\x44\x55\x66\x77"
"\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .ilen = 16,
- .result = "\x69\xc4\xe0\xd8\x6a\x7b\x04\x30"
+ .ctext = "\x69\xc4\xe0\xd8\x6a\x7b\x04\x30"
"\xd8\xcd\xb7\x80\x70\xb4\xc5\x5a",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17",
.klen = 24,
- .input = "\x00\x11\x22\x33\x44\x55\x66\x77"
+ .ptext = "\x00\x11\x22\x33\x44\x55\x66\x77"
"\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .ilen = 16,
- .result = "\xdd\xa9\x7c\xa4\x86\x4c\xdf\xe0"
+ .ctext = "\xdd\xa9\x7c\xa4\x86\x4c\xdf\xe0"
"\x6e\xaf\x70\xa0\xec\x0d\x71\x91",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
.klen = 32,
- .input = "\x00\x11\x22\x33\x44\x55\x66\x77"
+ .ptext = "\x00\x11\x22\x33\x44\x55\x66\x77"
"\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .ilen = 16,
- .result = "\x8e\xa2\xb7\xca\x51\x67\x45\xbf"
+ .ctext = "\x8e\xa2\xb7\xca\x51\x67\x45\xbf"
"\xea\xfc\x49\x90\x4b\x49\x60\x89",
- .rlen = 16,
+ .len = 16,
}, { /* Generated with Crypto++ */
.key = "\xA6\xC9\x83\xA6\xC9\xEC\x0F\x32"
"\x55\x0F\x32\x55\x78\x9B\xBE\x78"
"\x9B\xBE\xE1\x04\x27\xE1\x04\x27"
"\x4A\x6D\x90\x4A\x6D\x90\xB3\xD6",
.klen = 32,
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -17836,8 +11738,7 @@ static const struct cipher_testvec aes_enc_tv_template[] = {
"\xAE\x17\xA3\x0C\x75\x01\x6A\xD3"
"\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
"\xED\x56\xBF\x28\xB4\x1D\x86\x12",
- .ilen = 496,
- .result = "\x71\x73\xF7\xDB\x24\x93\x21\x6D"
+ .ctext = "\x71\x73\xF7\xDB\x24\x93\x21\x6D"
"\x61\x1E\xBB\x63\x42\x79\xDB\x64"
"\x6F\x82\xC0\xCA\xA3\x9B\xFA\x0B"
"\xD9\x08\xC7\x4A\x90\xAE\x8F\x5F"
@@ -17899,197 +11800,24 @@ static const struct cipher_testvec aes_enc_tv_template[] = {
"\x88\xE6\x68\x47\xE3\x2B\xC5\xFF"
"\x09\x79\xA0\x43\x5C\x0D\x08\x58"
"\x17\xBB\xC0\x6B\x62\x3F\x56\xE9",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec aes_dec_tv_template[] = {
- { /* From FIPS-197 */
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .klen = 16,
- .input = "\x69\xc4\xe0\xd8\x6a\x7b\x04\x30"
- "\xd8\xcd\xb7\x80\x70\xb4\xc5\x5a",
- .ilen = 16,
- .result = "\x00\x11\x22\x33\x44\x55\x66\x77"
- "\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .rlen = 16,
- }, {
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17",
- .klen = 24,
- .input = "\xdd\xa9\x7c\xa4\x86\x4c\xdf\xe0"
- "\x6e\xaf\x70\xa0\xec\x0d\x71\x91",
- .ilen = 16,
- .result = "\x00\x11\x22\x33\x44\x55\x66\x77"
- "\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .rlen = 16,
- }, {
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .klen = 32,
- .input = "\x8e\xa2\xb7\xca\x51\x67\x45\xbf"
- "\xea\xfc\x49\x90\x4b\x49\x60\x89",
- .ilen = 16,
- .result = "\x00\x11\x22\x33\x44\x55\x66\x77"
- "\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .rlen = 16,
- }, { /* Generated with Crypto++ */
- .key = "\xA6\xC9\x83\xA6\xC9\xEC\x0F\x32"
- "\x55\x0F\x32\x55\x78\x9B\xBE\x78"
- "\x9B\xBE\xE1\x04\x27\xE1\x04\x27"
- "\x4A\x6D\x90\x4A\x6D\x90\xB3\xD6",
- .klen = 32,
- .input = "\x71\x73\xF7\xDB\x24\x93\x21\x6D"
- "\x61\x1E\xBB\x63\x42\x79\xDB\x64"
- "\x6F\x82\xC0\xCA\xA3\x9B\xFA\x0B"
- "\xD9\x08\xC7\x4A\x90\xAE\x8F\x5F"
- "\x5E\x06\xF0\x5F\x31\x51\x18\x37"
- "\x45\xD7\xCA\x3A\xFD\x6C\x3F\xE1"
- "\xDD\x8D\x22\x65\x2B\x00\x50\xCE"
- "\xBA\x28\x67\xD7\xCE\x0E\x0D\xEA"
- "\x78\x69\x7F\xAE\x8F\x8B\x69\x37"
- "\x75\xE0\xDC\x96\xE0\xB7\xF4\x09"
- "\xCB\x6D\xA2\xFB\xDA\xAF\x09\xF8"
- "\x81\x82\x27\xFA\x45\x9C\x29\xA4"
- "\x22\x8B\x78\x69\x5B\x46\xF9\x39"
- "\x1B\xCC\xF9\x1D\x09\xEB\xBC\x5C"
- "\x41\x72\x51\x97\x1D\x07\x49\xA0"
- "\x1B\x8E\x65\x4B\xB2\x6A\x12\x03"
- "\x6A\x60\x95\xAC\xBD\xAC\x1A\x64"
- "\xDE\x5A\xA5\xF0\x83\x2F\xCB\xCA"
- "\x22\x74\xA6\x6C\x9B\x73\xCE\x3F"
- "\xE1\x8B\x22\x17\x59\x0C\x47\x89"
- "\x33\xA1\xD6\x47\x03\x19\x4F\xA8"
- "\x67\x69\xF0\x5B\xF0\x20\xAD\x06"
- "\x27\x81\x92\xD8\xC5\xBA\x98\x12"
- "\xBE\x24\xB5\x2F\x75\x02\xC2\xAD"
- "\x12\x2F\x07\x32\xEE\x39\xAF\x64"
- "\x05\x8F\xB3\xD4\xEB\x1B\x46\x6E"
- "\xD9\x21\xF9\xC4\xB7\xC9\x45\x68"
- "\xB4\xA1\x74\x9F\x82\x47\xEB\xCC"
- "\xBD\x0A\x14\x95\x0F\x8B\xA8\x2F"
- "\x4B\x1B\xA7\xBF\x82\xA6\x43\x0C"
- "\xB9\x39\x4A\xA8\x10\x6F\x50\x7B"
- "\x25\xFB\x26\x81\xE0\x2F\xF0\x96"
- "\x8D\x8B\xAC\x92\x0F\xF6\xED\x64"
- "\x63\x29\x4C\x8E\x18\x13\xC5\xBF"
- "\xFC\xA0\xD9\xBF\x7C\x3A\x0E\x29"
- "\x6F\xD1\x6C\x6F\xA5\xDA\xBF\xB1"
- "\x30\xEA\x44\x2D\xC3\x8F\x16\xE1"
- "\x66\xFA\xA3\x21\x3E\xFC\x13\xCA"
- "\xF0\xF6\xF0\x59\xBD\x8F\x38\x50"
- "\x31\xCB\x69\x3F\x96\x15\xD6\xF5"
- "\xAE\xFF\xF6\xAA\x41\x85\x4C\x10"
- "\x58\xE3\xF9\x44\xE6\x28\xDA\x9A"
- "\xDC\x6A\x80\x34\x73\x97\x1B\xC5"
- "\xCA\x26\x16\x77\x0E\x60\xAB\x89"
- "\x0F\x04\x27\xBD\xCE\x3E\x71\xB4"
- "\xA0\xD7\x22\x7E\xDB\xEB\x24\x70"
- "\x42\x71\x51\x78\x70\xB3\xE0\x3D"
- "\x84\x8E\x8D\x7B\xD0\x6D\xEA\x92"
- "\x11\x08\x42\x4F\xE5\xAD\x26\x92"
- "\xD2\x00\xAE\xA8\xE3\x4B\x37\x47"
- "\x22\xC1\x95\xC1\x63\x7F\xCB\x03"
- "\xF3\xE3\xD7\x9D\x60\xC7\xBC\xEA"
- "\x35\xA2\xFD\x45\x52\x39\x13\x6F"
- "\xC1\x53\xF3\x53\xDF\x33\x84\xD7"
- "\xD2\xC8\x37\xB0\x75\xE3\x41\x46"
- "\xB3\xC7\x83\x2E\x8A\xBB\xA4\xE5"
- "\x7F\x3C\xFD\x8B\xEB\xEA\x63\xBD"
- "\xB7\x46\xE7\xBF\x09\x9C\x0D\x0F"
- "\x40\x86\x7F\x51\xE1\x11\x9C\xCB"
- "\x88\xE6\x68\x47\xE3\x2B\xC5\xFF"
- "\x09\x79\xA0\x43\x5C\x0D\x08\x58"
- "\x17\xBB\xC0\x6B\x62\x3F\x56\xE9",
- .ilen = 496,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82\xEB"
- "\x54\xE0\x49\xB2\x1B\xA7\x10\x79"
- "\x05\x6E\xD7\x40\xCC\x35\x9E\x07"
- "\x93\xFC\x65\xF1\x5A\xC3\x2C\xB8"
- "\x21\x8A\x16\x7F\xE8\x51\xDD\x46"
- "\xAF\x18\xA4\x0D\x76\x02\x6B\xD4"
- "\x3D\xC9\x32\x9B\x04\x90\xF9\x62"
- "\xEE\x57\xC0\x29\xB5\x1E\x87\x13"
- "\x7C\xE5\x4E\xDA\x43\xAC\x15\xA1"
- "\x0A\x73\xFF\x68\xD1\x3A\xC6\x2F"
- "\x98\x01\x8D\xF6\x5F\xEB\x54\xBD"
- "\x26\xB2\x1B\x84\x10\x79\xE2\x4B"
- "\xD7\x40\xA9\x12\x9E\x07\x70\xFC"
- "\x65\xCE\x37\xC3\x2C\x95\x21\x8A"
- "\xF3\x5C\xE8\x51\xBA\x23\xAF\x18"
- "\x81\x0D\x76\xDF\x48\xD4\x3D\xA6"
- "\x0F\x9B\x04\x6D\xF9\x62\xCB\x34"
- "\xC0\x29\x92\x1E\x87\xF0\x59\xE5"
- "\x4E\xB7\x20\xAC\x15\x7E\x0A\x73"
- "\xDC\x45\xD1\x3A\xA3\x0C\x98\x01"
- "\x6A\xF6\x5F\xC8\x31\xBD\x26\x8F"
- "\x1B\x84\xED\x56\xE2\x4B\xB4\x1D"
- "\xA9\x12\x7B\x07\x70\xD9\x42\xCE"
- "\x37\xA0\x09\x95\xFE\x67\xF3\x5C"
- "\xC5\x2E\xBA\x23\x8C\x18\x81\xEA"
- "\x53\xDF\x48\xB1\x1A\xA6\x0F\x78"
- "\x04\x6D\xD6\x3F\xCB\x34\x9D\x06"
- "\x92\xFB\x64\xF0\x59\xC2\x2B\xB7"
- "\x20\x89\x15\x7E\xE7\x50\xDC\x45"
- "\xAE\x17\xA3\x0C\x75\x01\x6A\xD3"
- "\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
- "\xED\x56\xBF\x28\xB4\x1D\x86\x12",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
+static const struct cipher_testvec aes_cbc_tv_template[] = {
{ /* From RFC 3602 */
.key = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
"\x51\x2e\x03\xd5\x34\x12\x00\x06",
.klen = 16,
.iv = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
"\xb4\x22\xda\x80\x2c\x9f\xac\x41",
- .input = "Single block msg",
- .ilen = 16,
- .result = "\xe3\x53\x77\x9c\x10\x79\xae\xb8"
+ .ptext = "Single block msg",
+ .ctext = "\xe3\x53\x77\x9c\x10\x79\xae\xb8"
"\x27\x08\x94\x2d\xbe\x77\x18\x1a",
- .rlen = 16,
+ .len = 16,
.also_non_np = 1,
.np = 8,
.tap = { 3, 2, 3, 2, 3, 1, 1, 1 },
@@ -18099,16 +11827,15 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
.klen = 16,
.iv = "\x56\x2e\x17\x99\x6d\x09\x3d\x28"
"\xdd\xb3\xba\x69\x5a\x2e\x6f\x58",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .ilen = 32,
- .result = "\xd2\x96\xcd\x94\xc2\xcc\xcf\x8a"
+ .ctext = "\xd2\x96\xcd\x94\xc2\xcc\xcf\x8a"
"\x3a\x86\x30\x28\xb5\xe1\xdc\x0a"
"\x75\x86\x60\x2d\x25\x3c\xff\xf9"
"\x1b\x82\x66\xbe\xa6\xd6\x1a\xb1",
- .rlen = 32,
+ .len = 32,
}, { /* From NIST SP800-38A */
.key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52"
"\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
@@ -18116,7 +11843,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
.klen = 24,
.iv = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
"\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
"\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
"\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
@@ -18124,8 +11851,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
"\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
"\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .ilen = 64,
- .result = "\x4f\x02\x1d\xb2\x43\xbc\x63\x3d"
+ .ctext = "\x4f\x02\x1d\xb2\x43\xbc\x63\x3d"
"\x71\x78\x18\x3a\x9f\xa0\x71\xe8"
"\xb4\xd9\xad\xa9\xad\x7d\xed\xf4"
"\xe5\xe7\x38\x76\x3f\x69\x14\x5a"
@@ -18133,7 +11859,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
"\x7f\xa9\xba\xac\x3d\xf1\x02\xe0"
"\x08\xb0\xe2\x79\x88\x59\x88\x81"
"\xd9\x20\xa9\xe6\x4f\x56\x15\xcd",
- .rlen = 64,
+ .len = 64,
}, {
.key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe"
"\x2b\x73\xae\xf0\x85\x7d\x77\x81"
@@ -18142,7 +11868,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
"\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
"\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
"\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
@@ -18150,8 +11876,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
"\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
"\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .ilen = 64,
- .result = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba"
+ .ctext = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba"
"\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6"
"\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d"
"\x67\x9f\x77\x7b\xc6\x70\x2c\x7d"
@@ -18159,7 +11884,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
"\xa5\x30\xe2\x63\x04\x23\x14\x61"
"\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc"
"\xda\x6c\x19\x07\x8c\x6a\x9d\x1b",
- .rlen = 64,
+ .len = 64,
}, { /* Generated with Crypto++ */
.key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55"
"\x0F\x32\x55\x78\x9B\xBE\x78\x9B"
@@ -18168,7 +11893,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
.klen = 32,
.iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47"
"\xE2\x7D\x18\xD6\x71\x0C\xA7\x42",
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -18230,8 +11955,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
"\xAE\x17\xA3\x0C\x75\x01\x6A\xD3"
"\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
"\xED\x56\xBF\x28\xB4\x1D\x86\x12",
- .ilen = 496,
- .result = "\xEA\x65\x8A\x19\xB0\x66\xC1\x3F"
+ .ctext = "\xEA\x65\x8A\x19\xB0\x66\xC1\x3F"
"\xCE\xF1\x97\x75\xC1\xFD\xB5\xAF"
"\x52\x65\xF7\xFF\xBC\xD8\x2D\x9F"
"\x2F\xB9\x26\x9B\x6F\x10\xB7\xB8"
@@ -18293,229 +12017,7 @@ static const struct cipher_testvec aes_cbc_enc_tv_template[] = {
"\xBC\x06\x41\xE3\x01\xB4\x4E\x0A"
"\xE0\x1F\x91\xF8\x82\x96\x2D\x65"
"\xA3\xAA\x13\xCC\x50\xFF\x7B\x02",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec aes_cbc_dec_tv_template[] = {
- { /* From RFC 3602 */
- .key = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
- "\x51\x2e\x03\xd5\x34\x12\x00\x06",
- .klen = 16,
- .iv = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
- "\xb4\x22\xda\x80\x2c\x9f\xac\x41",
- .input = "\xe3\x53\x77\x9c\x10\x79\xae\xb8"
- "\x27\x08\x94\x2d\xbe\x77\x18\x1a",
- .ilen = 16,
- .result = "Single block msg",
- .rlen = 16,
- .also_non_np = 1,
- .np = 8,
- .tap = { 3, 2, 3, 2, 3, 1, 1, 1 },
- }, {
- .key = "\xc2\x86\x69\x6d\x88\x7c\x9a\xa0"
- "\x61\x1b\xbb\x3e\x20\x25\xa4\x5a",
- .klen = 16,
- .iv = "\x56\x2e\x17\x99\x6d\x09\x3d\x28"
- "\xdd\xb3\xba\x69\x5a\x2e\x6f\x58",
- .input = "\xd2\x96\xcd\x94\xc2\xcc\xcf\x8a"
- "\x3a\x86\x30\x28\xb5\xe1\xdc\x0a"
- "\x75\x86\x60\x2d\x25\x3c\xff\xf9"
- "\x1b\x82\x66\xbe\xa6\xd6\x1a\xb1",
- .ilen = 32,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .rlen = 32,
- }, { /* From NIST SP800-38A */
- .key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52"
- "\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
- "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
- .klen = 24,
- .iv = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .input = "\x4f\x02\x1d\xb2\x43\xbc\x63\x3d"
- "\x71\x78\x18\x3a\x9f\xa0\x71\xe8"
- "\xb4\xd9\xad\xa9\xad\x7d\xed\xf4"
- "\xe5\xe7\x38\x76\x3f\x69\x14\x5a"
- "\x57\x1b\x24\x20\x12\xfb\x7a\xe0"
- "\x7f\xa9\xba\xac\x3d\xf1\x02\xe0"
- "\x08\xb0\xe2\x79\x88\x59\x88\x81"
- "\xd9\x20\xa9\xe6\x4f\x56\x15\xcd",
- .ilen = 64,
- .result = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
- "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
- "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
- "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
- "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
- "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
- "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
- "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .rlen = 64,
- }, {
- .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe"
- "\x2b\x73\xae\xf0\x85\x7d\x77\x81"
- "\x1f\x35\x2c\x07\x3b\x61\x08\xd7"
- "\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
- .klen = 32,
- .iv = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .input = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba"
- "\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6"
- "\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d"
- "\x67\x9f\x77\x7b\xc6\x70\x2c\x7d"
- "\x39\xf2\x33\x69\xa9\xd9\xba\xcf"
- "\xa5\x30\xe2\x63\x04\x23\x14\x61"
- "\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc"
- "\xda\x6c\x19\x07\x8c\x6a\x9d\x1b",
- .ilen = 64,
- .result = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
- "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
- "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
- "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
- "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
- "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
- "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
- "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .rlen = 64,
- }, { /* Generated with Crypto++ */
- .key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55"
- "\x0F\x32\x55\x78\x9B\xBE\x78\x9B"
- "\xBE\xE1\x04\x27\xE1\x04\x27\x4A"
- "\x6D\x90\x4A\x6D\x90\xB3\xD6\xF9",
- .klen = 32,
- .iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47"
- "\xE2\x7D\x18\xD6\x71\x0C\xA7\x42",
- .input = "\xEA\x65\x8A\x19\xB0\x66\xC1\x3F"
- "\xCE\xF1\x97\x75\xC1\xFD\xB5\xAF"
- "\x52\x65\xF7\xFF\xBC\xD8\x2D\x9F"
- "\x2F\xB9\x26\x9B\x6F\x10\xB7\xB8"
- "\x26\xA1\x02\x46\xA2\xAD\xC6\xC0"
- "\x11\x15\xFF\x6D\x1E\x82\x04\xA6"
- "\xB1\x74\xD1\x08\x13\xFD\x90\x7C"
- "\xF5\xED\xD3\xDB\x5A\x0A\x0C\x2F"
- "\x0A\x70\xF1\x88\x07\xCF\x21\x26"
- "\x40\x40\x8A\xF5\x53\xF7\x24\x4F"
- "\x83\x38\x43\x5F\x08\x99\xEB\xE3"
- "\xDC\x02\x64\x67\x50\x6E\x15\xC3"
- "\x01\x1A\xA0\x81\x13\x65\xA6\x73"
- "\x71\xA6\x3B\x91\x83\x77\xBE\xFA"
- "\xDB\x71\x73\xA6\xC1\xAE\x43\xC3"
- "\x36\xCE\xD6\xEB\xF9\x30\x1C\x4F"
- "\x80\x38\x5E\x9C\x6E\xAB\x98\x2F"
- "\x53\xAF\xCF\xC8\x9A\xB8\x86\x43"
- "\x3E\x86\xE7\xA1\xF4\x2F\x30\x40"
- "\x03\xA8\x6C\x50\x42\x9F\x77\x59"
- "\x89\xA0\xC5\xEC\x9A\xB8\xDD\x99"
- "\x16\x24\x02\x07\x48\xAE\xF2\x31"
- "\x34\x0E\xC3\x85\xFE\x1C\x95\x99"
- "\x87\x58\x98\x8B\xE7\xC6\xC5\x70"
- "\x73\x81\x07\x7C\x56\x2F\xD8\x1B"
- "\xB7\xB9\x2B\xAB\xE3\x01\x87\x0F"
- "\xD8\xBB\xC0\x0D\xAC\x2C\x2F\x98"
- "\x3C\x0B\xA2\x99\x4A\x8C\xF7\x04"
- "\xE0\xE0\xCF\xD1\x81\x5B\xFE\xF5"
- "\x24\x04\xFD\xB8\xDF\x13\xD8\xCD"
- "\xF1\xE3\x3D\x98\x50\x02\x77\x9E"
- "\xBC\x22\xAB\xFA\xC2\x43\x1F\x66"
- "\x20\x02\x23\xDA\xDF\xA0\x89\xF6"
- "\xD8\xF3\x45\x24\x53\x6F\x16\x77"
- "\x02\x3E\x7B\x36\x5F\xA0\x3B\x78"
- "\x63\xA2\xBD\xB5\xA4\xCA\x1E\xD3"
- "\x57\xBC\x0B\x9F\x43\x51\x28\x4F"
- "\x07\x50\x6C\x68\x12\x07\xCF\xFA"
- "\x6B\x72\x0B\xEB\xF8\x88\x90\x2C"
- "\x7E\xF5\x91\xD1\x03\xD8\xD5\xBD"
- "\x22\x39\x7B\x16\x03\x01\x69\xAF"
- "\x3D\x38\x66\x28\x0C\xBE\x5B\xC5"
- "\x03\xB4\x2F\x51\x8A\x56\x17\x2B"
- "\x88\x42\x6D\x40\x68\x8F\xD0\x11"
- "\x19\xF9\x1F\x43\x79\x95\x31\xFA"
- "\x28\x7A\x3D\xF7\x66\xEB\xEF\xAC"
- "\x06\xB2\x01\xAD\xDB\x68\xDB\xEC"
- "\x8D\x53\x6E\x72\x68\xA3\xC7\x63"
- "\x43\x2B\x78\xE0\x04\x29\x8F\x72"
- "\xB2\x2C\xE6\x84\x03\x30\x6D\xCD"
- "\x26\x92\x37\xE1\x2F\xBB\x8B\x9D"
- "\xE4\x4C\xF6\x93\xBC\xD9\xAD\x44"
- "\x52\x65\xC7\xB0\x0E\x3F\x0E\x61"
- "\x56\x5D\x1C\x6D\xA7\x05\x2E\xBC"
- "\x58\x08\x15\xAB\x12\xAB\x17\x4A"
- "\x5E\x1C\xF2\xCD\xB8\xA2\xAE\xFB"
- "\x9B\x2E\x0E\x85\x34\x80\x0E\x3F"
- "\x4C\xB8\xDB\xCE\x1C\x90\xA1\x61"
- "\x6C\x69\x09\x35\x9E\xD4\xF4\xAD"
- "\xBC\x06\x41\xE3\x01\xB4\x4E\x0A"
- "\xE0\x1F\x91\xF8\x82\x96\x2D\x65"
- "\xA3\xAA\x13\xCC\x50\xFF\x7B\x02",
- .ilen = 496,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82\xEB"
- "\x54\xE0\x49\xB2\x1B\xA7\x10\x79"
- "\x05\x6E\xD7\x40\xCC\x35\x9E\x07"
- "\x93\xFC\x65\xF1\x5A\xC3\x2C\xB8"
- "\x21\x8A\x16\x7F\xE8\x51\xDD\x46"
- "\xAF\x18\xA4\x0D\x76\x02\x6B\xD4"
- "\x3D\xC9\x32\x9B\x04\x90\xF9\x62"
- "\xEE\x57\xC0\x29\xB5\x1E\x87\x13"
- "\x7C\xE5\x4E\xDA\x43\xAC\x15\xA1"
- "\x0A\x73\xFF\x68\xD1\x3A\xC6\x2F"
- "\x98\x01\x8D\xF6\x5F\xEB\x54\xBD"
- "\x26\xB2\x1B\x84\x10\x79\xE2\x4B"
- "\xD7\x40\xA9\x12\x9E\x07\x70\xFC"
- "\x65\xCE\x37\xC3\x2C\x95\x21\x8A"
- "\xF3\x5C\xE8\x51\xBA\x23\xAF\x18"
- "\x81\x0D\x76\xDF\x48\xD4\x3D\xA6"
- "\x0F\x9B\x04\x6D\xF9\x62\xCB\x34"
- "\xC0\x29\x92\x1E\x87\xF0\x59\xE5"
- "\x4E\xB7\x20\xAC\x15\x7E\x0A\x73"
- "\xDC\x45\xD1\x3A\xA3\x0C\x98\x01"
- "\x6A\xF6\x5F\xC8\x31\xBD\x26\x8F"
- "\x1B\x84\xED\x56\xE2\x4B\xB4\x1D"
- "\xA9\x12\x7B\x07\x70\xD9\x42\xCE"
- "\x37\xA0\x09\x95\xFE\x67\xF3\x5C"
- "\xC5\x2E\xBA\x23\x8C\x18\x81\xEA"
- "\x53\xDF\x48\xB1\x1A\xA6\x0F\x78"
- "\x04\x6D\xD6\x3F\xCB\x34\x9D\x06"
- "\x92\xFB\x64\xF0\x59\xC2\x2B\xB7"
- "\x20\x89\x15\x7E\xE7\x50\xDC\x45"
- "\xAE\x17\xA3\x0C\x75\x01\x6A\xD3"
- "\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
- "\xED\x56\xBF\x28\xB4\x1D\x86\x12",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
@@ -20225,7 +13727,7 @@ static const struct aead_testvec hmac_sha512_des3_ede_cbc_enc_tv_temp[] = {
},
};
-static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
+static const struct cipher_testvec aes_lrw_tv_template[] = {
/* from http://grouper.ieee.org/groups/1619/email/pdf00017.pdf */
{ /* LRW-32-AES 1 */
.key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
@@ -20235,12 +13737,11 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xf1\xb2\x73\xcd\x65\xa3\xdf\x5f"
+ .ctext = "\xf1\xb2\x73\xcd\x65\xa3\xdf\x5f"
"\xe9\x5d\x48\x92\x54\x63\x4e\xb8",
- .rlen = 16,
+ .len = 16,
}, { /* LRW-32-AES 2 */
.key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
"\xd7\x79\xe8\x0f\x54\x88\x79\x44"
@@ -20249,12 +13750,11 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x00\xc8\x2b\xae\x95\xbb\xcd\xe5"
+ .ctext = "\x00\xc8\x2b\xae\x95\xbb\xcd\xe5"
"\x27\x4f\x07\x69\xb2\x60\xe1\x36",
- .rlen = 16,
+ .len = 16,
}, { /* LRW-32-AES 3 */
.key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
"\x30\xfe\x69\xe2\x37\x7f\x98\x47"
@@ -20263,12 +13763,11 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x76\x32\x21\x83\xed\x8f\xf1\x82"
+ .ctext = "\x76\x32\x21\x83\xed\x8f\xf1\x82"
"\xf9\x59\x62\x03\x69\x0e\x5e\x01",
- .rlen = 16,
+ .len = 16,
}, { /* LRW-32-AES 4 */
.key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
"\x25\x83\xf7\x3c\x1f\x01\x28\x74"
@@ -20278,12 +13777,11 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x9c\x0f\x15\x2f\x55\xa2\xd8\xf0"
+ .ctext = "\x9c\x0f\x15\x2f\x55\xa2\xd8\xf0"
"\xd6\x7b\x8f\x9e\x28\x22\xbc\x41",
- .rlen = 16,
+ .len = 16,
}, { /* LRW-32-AES 5 */
.key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
"\xf8\x86\xce\xac\x93\xc5\xad\xc6"
@@ -20293,12 +13791,11 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xd4\x27\x6a\x7f\x14\x91\x3d\x65"
+ .ctext = "\xd4\x27\x6a\x7f\x14\x91\x3d\x65"
"\xc8\x60\x48\x02\x87\xe3\x34\x06",
- .rlen = 16,
+ .len = 16,
}, { /* LRW-32-AES 6 */
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -20309,12 +13806,11 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\xbd\x06\xb8\xe1\xdb\x98\x89\x9e"
+ .ctext = "\xbd\x06\xb8\xe1\xdb\x98\x89\x9e"
"\xc4\x98\xe4\x91\xcf\x1c\x70\x2b",
- .rlen = 16,
+ .len = 16,
}, { /* LRW-32-AES 7 */
.key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
"\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
@@ -20325,12 +13821,11 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x5b\x90\x8e\xc1\xab\xdd\x67\x5f"
+ .ctext = "\x5b\x90\x8e\xc1\xab\xdd\x67\x5f"
"\x3d\x69\x8a\x95\x53\xc8\x9c\xe5",
- .rlen = 16,
+ .len = 16,
}, {
/* http://www.mail-archive.com/stds-p1619@listserv.ieee.org/msg00173.html */
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
@@ -20342,7 +13837,7 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ .ptext = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
"\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
"\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
"\x50\x38\x1f\x71\x49\xb6\x57\xd6"
@@ -20406,197 +13901,7 @@ static const struct cipher_testvec aes_lrw_enc_tv_template[] = {
"\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
"\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
"\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .ilen = 512,
- .result = "\x1a\x1d\xa9\x30\xad\xf9\x2f\x9b"
- "\xb6\x1d\xae\xef\xf0\x2f\xf8\x5a"
- "\x39\x3c\xbf\x2a\xb2\x45\xb2\x23"
- "\x1b\x63\x3c\xcf\xaa\xbe\xcf\x4e"
- "\xfa\xe8\x29\xc2\x20\x68\x2b\x3c"
- "\x2e\x8b\xf7\x6e\x25\xbd\xe3\x3d"
- "\x66\x27\xd6\xaf\xd6\x64\x3e\xe3"
- "\xe8\x58\x46\x97\x39\x51\x07\xde"
- "\xcb\x37\xbc\xa9\xc0\x5f\x75\xc3"
- "\x0e\x84\x23\x1d\x16\xd4\x1c\x59"
- "\x9c\x1a\x02\x55\xab\x3a\x97\x1d"
- "\xdf\xdd\xc7\x06\x51\xd7\x70\xae"
- "\x23\xc6\x8c\xf5\x1e\xa0\xe5\x82"
- "\xb8\xb2\xbf\x04\xa0\x32\x8e\x68"
- "\xeb\xaf\x6e\x2d\x94\x22\x2f\xce"
- "\x4c\xb5\x59\xe2\xa2\x2f\xa0\x98"
- "\x1a\x97\xc6\xd4\xb5\x00\x59\xf2"
- "\x84\x14\x72\xb1\x9a\x6e\xa3\x7f"
- "\xea\x20\xe7\xcb\x65\x77\x3a\xdf"
- "\xc8\x97\x67\x15\xc2\x2a\x27\xcc"
- "\x18\x55\xa1\x24\x0b\x24\x24\xaf"
- "\x5b\xec\x68\xb8\xc8\xf5\xba\x63"
- "\xff\xed\x89\xce\xd5\x3d\x88\xf3"
- "\x25\xef\x05\x7c\x3a\xef\xeb\xd8"
- "\x7a\x32\x0d\xd1\x1e\x58\x59\x99"
- "\x90\x25\xb5\x26\xb0\xe3\x2b\x6c"
- "\x4c\xa9\x8b\x84\x4f\x5e\x01\x50"
- "\x41\x30\x58\xc5\x62\x74\x52\x1d"
- "\x45\x24\x6a\x42\x64\x4f\x97\x1c"
- "\xa8\x66\xb5\x6d\x79\xd4\x0d\x48"
- "\xc5\x5f\xf3\x90\x32\xdd\xdd\xe1"
- "\xe4\xa9\x9f\xfc\xc3\x52\x5a\x46"
- "\xe4\x81\x84\x95\x36\x59\x7a\x6b"
- "\xaa\xb3\x60\xad\xce\x9f\x9f\x28"
- "\xe0\x01\x75\x22\xc4\x4e\xa9\x62"
- "\x5c\x62\x0d\x00\xcb\x13\xe8\x43"
- "\x72\xd4\x2d\x53\x46\xb5\xd1\x16"
- "\x22\x18\xdf\x34\x33\xf5\xd6\x1c"
- "\xb8\x79\x78\x97\x94\xff\x72\x13"
- "\x4c\x27\xfc\xcb\xbf\x01\x53\xa6"
- "\xb4\x50\x6e\xde\xdf\xb5\x43\xa4"
- "\x59\xdf\x52\xf9\x7c\xe0\x11\x6f"
- "\x2d\x14\x8e\x24\x61\x2c\xe1\x17"
- "\xcc\xce\x51\x0c\x19\x8a\x82\x30"
- "\x94\xd5\x3d\x6a\x53\x06\x5e\xbd"
- "\xb7\xeb\xfa\xfd\x27\x51\xde\x85"
- "\x1e\x86\x53\x11\x53\x94\x00\xee"
- "\x2b\x8c\x08\x2a\xbf\xdd\xae\x11"
- "\xcb\x1e\xa2\x07\x9a\x80\xcf\x62"
- "\x9b\x09\xdc\x95\x3c\x96\x8e\xb1"
- "\x09\xbd\xe4\xeb\xdb\xca\x70\x7a"
- "\x9e\xfa\x31\x18\x45\x3c\x21\x33"
- "\xb0\xb3\x2b\xea\xf3\x71\x2d\xe1"
- "\x03\xad\x1b\x48\xd4\x67\x27\xf0"
- "\x62\xe4\x3d\xfb\x9b\x08\x76\xe7"
- "\xdd\x2b\x01\x39\x04\x5a\x58\x7a"
- "\xf7\x11\x90\xec\xbd\x51\x5c\x32"
- "\x6b\xd7\x35\x39\x02\x6b\xf2\xa6"
- "\xd0\x0d\x07\xe1\x06\xc4\x5b\x7d"
- "\xe4\x6a\xd7\xee\x15\x1f\x83\xb4"
- "\xa3\xa7\x5e\xc3\x90\xb7\xef\xd3"
- "\xb7\x4f\xf8\x92\x4c\xb7\x3c\x29"
- "\xcd\x7e\x2b\x5d\x43\xea\x42\xe7"
- "\x74\x3f\x7d\x58\x88\x75\xde\x3e",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- }
-};
-
-static const struct cipher_testvec aes_lrw_dec_tv_template[] = {
- /* from http://grouper.ieee.org/groups/1619/email/pdf00017.pdf */
- /* same as enc vectors with input and result reversed */
- { /* LRW-32-AES 1 */
- .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
- "\x4c\x26\x84\x14\xb5\x68\x01\x85"
- "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
- "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\xf1\xb2\x73\xcd\x65\xa3\xdf\x5f"
- "\xe9\x5d\x48\x92\x54\x63\x4e\xb8",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, { /* LRW-32-AES 2 */
- .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
- "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
- "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
- "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x00\xc8\x2b\xae\x95\xbb\xcd\xe5"
- "\x27\x4f\x07\x69\xb2\x60\xe1\x36",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, { /* LRW-32-AES 3 */
- .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
- "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
- "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
- "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x76\x32\x21\x83\xed\x8f\xf1\x82"
- "\xf9\x59\x62\x03\x69\x0e\x5e\x01",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, { /* LRW-32-AES 4 */
- .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
- "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
- "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
- "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
- "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x9c\x0f\x15\x2f\x55\xa2\xd8\xf0"
- "\xd6\x7b\x8f\x9e\x28\x22\xbc\x41",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, { /* LRW-32-AES 5 */
- .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
- "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
- "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
- "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
- "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\xd4\x27\x6a\x7f\x14\x91\x3d\x65"
- "\xc8\x60\x48\x02\x87\xe3\x34\x06",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, { /* LRW-32-AES 6 */
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\xbd\x06\xb8\xe1\xdb\x98\x89\x9e"
- "\xc4\x98\xe4\x91\xcf\x1c\x70\x2b",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, { /* LRW-32-AES 7 */
- .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
- "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
- "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
- "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
- "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
- "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x5b\x90\x8e\xc1\xab\xdd\x67\x5f"
- "\x3d\x69\x8a\x95\x53\xc8\x9c\xe5",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
-/* http://www.mail-archive.com/stds-p1619@listserv.ieee.org/msg00173.html */
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x1a\x1d\xa9\x30\xad\xf9\x2f\x9b"
+ .ctext = "\x1a\x1d\xa9\x30\xad\xf9\x2f\x9b"
"\xb6\x1d\xae\xef\xf0\x2f\xf8\x5a"
"\x39\x3c\xbf\x2a\xb2\x45\xb2\x23"
"\x1b\x63\x3c\xcf\xaa\xbe\xcf\x4e"
@@ -20660,79 +13965,14 @@ static const struct cipher_testvec aes_lrw_dec_tv_template[] = {
"\xb7\x4f\xf8\x92\x4c\xb7\x3c\x29"
"\xcd\x7e\x2b\x5d\x43\xea\x42\xe7"
"\x74\x3f\x7d\x58\x88\x75\xde\x3e",
- .ilen = 512,
- .result = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
- "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
- "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
- "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
- "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
- "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
- "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
- "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
- "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
- "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
- "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
- "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
- "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
- "\x4c\x96\x12\xed\x7c\x92\x03\x01"
- "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
- "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
- "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
- "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
- "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
- "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
- "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
- "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
- "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
- "\x76\x12\x73\x44\x1a\x56\xd7\x72"
- "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
- "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
- "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
- "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
- "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
- "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
- "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
- "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
- "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
- "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
- "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
- "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
- "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
- "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
- "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
- "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
- "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
- "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
- "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
- "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
- "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
- "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
- "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
- "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
- "\x62\x73\x65\xfd\x46\x63\x25\x3d"
- "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
- "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
- "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
- "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
- "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
- "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
- "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
- "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
- "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
- "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
- "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
- "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
- "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
- "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
- "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
}
};
-static const struct cipher_testvec aes_xts_enc_tv_template[] = {
+static const struct cipher_testvec aes_xts_tv_template[] = {
/* http://grouper.ieee.org/groups/1619/email/pdf00086.pdf */
{ /* XTS-AES 1 */
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -20743,16 +13983,15 @@ static const struct cipher_testvec aes_xts_enc_tv_template[] = {
.fips_skip = 1,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 32,
- .result = "\x91\x7c\xf6\x9e\xbd\x68\xb2\xec"
+ .ctext = "\x91\x7c\xf6\x9e\xbd\x68\xb2\xec"
"\x9b\x9f\xe9\xa3\xea\xdd\xa6\x92"
"\xcd\x43\xd2\xf5\x95\x98\xed\x85"
"\x8c\x02\xc2\x65\x2f\xbf\x92\x2e",
- .rlen = 32,
+ .len = 32,
}, { /* XTS-AES 2 */
.key = "\x11\x11\x11\x11\x11\x11\x11\x11"
"\x11\x11\x11\x11\x11\x11\x11\x11"
@@ -20761,16 +14000,15 @@ static const struct cipher_testvec aes_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\xc4\x54\x18\x5e\x6a\x16\x93\x6e"
+ .ctext = "\xc4\x54\x18\x5e\x6a\x16\x93\x6e"
"\x39\x33\x40\x38\xac\xef\x83\x8b"
"\xfb\x18\x6f\xff\x74\x80\xad\xc4"
"\x28\x93\x82\xec\xd6\xd3\x94\xf0",
- .rlen = 32,
+ .len = 32,
}, { /* XTS-AES 3 */
.key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
"\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
@@ -20779,16 +14017,15 @@ static const struct cipher_testvec aes_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\xaf\x85\x33\x6b\x59\x7a\xfc\x1a"
+ .ctext = "\xaf\x85\x33\x6b\x59\x7a\xfc\x1a"
"\x90\x0b\x2e\xb2\x1e\xc9\x49\xd2"
"\x92\xdf\x4c\x04\x7e\x0b\x21\x53"
"\x21\x86\xa5\x97\x1a\x22\x7a\x89",
- .rlen = 32,
+ .len = 32,
}, { /* XTS-AES 4 */
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -20797,7 +14034,7 @@ static const struct cipher_testvec aes_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -20861,8 +14098,7 @@ static const struct cipher_testvec aes_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\x27\xa7\x47\x9b\xef\xa1\xd4\x76"
+ .ctext = "\x27\xa7\x47\x9b\xef\xa1\xd4\x76"
"\x48\x9f\x30\x8c\xd4\xcf\xa6\xe2"
"\xa9\x6e\x4b\xbe\x32\x08\xff\x25"
"\x28\x7d\xd3\x81\x96\x16\xe8\x9c"
@@ -20926,7 +14162,7 @@ static const struct cipher_testvec aes_xts_enc_tv_template[] = {
"\xf2\x62\x73\x57\x79\xa4\x18\xf2"
"\x0a\x28\x2d\xf9\x20\x14\x7b\xea"
"\xbe\x42\x1e\xe5\x31\x9d\x05\x68",
- .rlen = 512,
+ .len = 512,
}, { /* XTS-AES 10, XTS-AES-256, data unit 512 bytes */
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -20939,273 +14175,7 @@ static const struct cipher_testvec aes_xts_enc_tv_template[] = {
.klen = 64,
.iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\x1c\x3b\x3a\x10\x2f\x77\x03\x86"
- "\xe4\x83\x6c\x99\xe3\x70\xcf\x9b"
- "\xea\x00\x80\x3f\x5e\x48\x23\x57"
- "\xa4\xae\x12\xd4\x14\xa3\xe6\x3b"
- "\x5d\x31\xe2\x76\xf8\xfe\x4a\x8d"
- "\x66\xb3\x17\xf9\xac\x68\x3f\x44"
- "\x68\x0a\x86\xac\x35\xad\xfc\x33"
- "\x45\xbe\xfe\xcb\x4b\xb1\x88\xfd"
- "\x57\x76\x92\x6c\x49\xa3\x09\x5e"
- "\xb1\x08\xfd\x10\x98\xba\xec\x70"
- "\xaa\xa6\x69\x99\xa7\x2a\x82\xf2"
- "\x7d\x84\x8b\x21\xd4\xa7\x41\xb0"
- "\xc5\xcd\x4d\x5f\xff\x9d\xac\x89"
- "\xae\xba\x12\x29\x61\xd0\x3a\x75"
- "\x71\x23\xe9\x87\x0f\x8a\xcf\x10"
- "\x00\x02\x08\x87\x89\x14\x29\xca"
- "\x2a\x3e\x7a\x7d\x7d\xf7\xb1\x03"
- "\x55\x16\x5c\x8b\x9a\x6d\x0a\x7d"
- "\xe8\xb0\x62\xc4\x50\x0d\xc4\xcd"
- "\x12\x0c\x0f\x74\x18\xda\xe3\xd0"
- "\xb5\x78\x1c\x34\x80\x3f\xa7\x54"
- "\x21\xc7\x90\xdf\xe1\xde\x18\x34"
- "\xf2\x80\xd7\x66\x7b\x32\x7f\x6c"
- "\x8c\xd7\x55\x7e\x12\xac\x3a\x0f"
- "\x93\xec\x05\xc5\x2e\x04\x93\xef"
- "\x31\xa1\x2d\x3d\x92\x60\xf7\x9a"
- "\x28\x9d\x6a\x37\x9b\xc7\x0c\x50"
- "\x84\x14\x73\xd1\xa8\xcc\x81\xec"
- "\x58\x3e\x96\x45\xe0\x7b\x8d\x96"
- "\x70\x65\x5b\xa5\xbb\xcf\xec\xc6"
- "\xdc\x39\x66\x38\x0a\xd8\xfe\xcb"
- "\x17\xb6\xba\x02\x46\x9a\x02\x0a"
- "\x84\xe1\x8e\x8f\x84\x25\x20\x70"
- "\xc1\x3e\x9f\x1f\x28\x9b\xe5\x4f"
- "\xbc\x48\x14\x57\x77\x8f\x61\x60"
- "\x15\xe1\x32\x7a\x02\xb1\x40\xf1"
- "\x50\x5e\xb3\x09\x32\x6d\x68\x37"
- "\x8f\x83\x74\x59\x5c\x84\x9d\x84"
- "\xf4\xc3\x33\xec\x44\x23\x88\x51"
- "\x43\xcb\x47\xbd\x71\xc5\xed\xae"
- "\x9b\xe6\x9a\x2f\xfe\xce\xb1\xbe"
- "\xc9\xde\x24\x4f\xbe\x15\x99\x2b"
- "\x11\xb7\x7c\x04\x0f\x12\xbd\x8f"
- "\x6a\x97\x5a\x44\xa0\xf9\x0c\x29"
- "\xa9\xab\xc3\xd4\xd8\x93\x92\x72"
- "\x84\xc5\x87\x54\xcc\xe2\x94\x52"
- "\x9f\x86\x14\xdc\xd2\xab\xa9\x91"
- "\x92\x5f\xed\xc4\xae\x74\xff\xac"
- "\x6e\x33\x3b\x93\xeb\x4a\xff\x04"
- "\x79\xda\x9a\x41\x0e\x44\x50\xe0"
- "\xdd\x7a\xe4\xc6\xe2\x91\x09\x00"
- "\x57\x5d\xa4\x01\xfc\x07\x05\x9f"
- "\x64\x5e\x8b\x7e\x9b\xfd\xef\x33"
- "\x94\x30\x54\xff\x84\x01\x14\x93"
- "\xc2\x7b\x34\x29\xea\xed\xb4\xed"
- "\x53\x76\x44\x1a\x77\xed\x43\x85"
- "\x1a\xd7\x7f\x16\xf5\x41\xdf\xd2"
- "\x69\xd5\x0d\x6a\x5f\x14\xfb\x0a"
- "\xab\x1c\xbb\x4c\x15\x50\xbe\x97"
- "\xf7\xab\x40\x66\x19\x3c\x4c\xaa"
- "\x77\x3d\xad\x38\x01\x4b\xd2\x09"
- "\x2f\xa7\x55\xc8\x24\xbb\x5e\x54"
- "\xc4\xf3\x6f\xfd\xa9\xfc\xea\x70"
- "\xb9\xc6\xe6\x93\xe1\x48\xc1\x51",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- }
-};
-
-static const struct cipher_testvec aes_xts_dec_tv_template[] = {
- /* http://grouper.ieee.org/groups/1619/email/pdf00086.pdf */
- { /* XTS-AES 1 */
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 32,
- .fips_skip = 1,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x91\x7c\xf6\x9e\xbd\x68\xb2\xec"
- "\x9b\x9f\xe9\xa3\xea\xdd\xa6\x92"
- "\xcd\x43\xd2\xf5\x95\x98\xed\x85"
- "\x8c\x02\xc2\x65\x2f\xbf\x92\x2e",
- .ilen = 32,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 32,
- }, { /* XTS-AES 2 */
- .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xc4\x54\x18\x5e\x6a\x16\x93\x6e"
- "\x39\x33\x40\x38\xac\xef\x83\x8b"
- "\xfb\x18\x6f\xff\x74\x80\xad\xc4"
- "\x28\x93\x82\xec\xd6\xd3\x94\xf0",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, { /* XTS-AES 3 */
- .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
- "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xaf\x85\x33\x6b\x59\x7a\xfc\x1a"
- "\x90\x0b\x2e\xb2\x1e\xc9\x49\xd2"
- "\x92\xdf\x4c\x04\x7e\x0b\x21\x53"
- "\x21\x86\xa5\x97\x1a\x22\x7a\x89",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, { /* XTS-AES 4 */
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x27\xa7\x47\x9b\xef\xa1\xd4\x76"
- "\x48\x9f\x30\x8c\xd4\xcf\xa6\xe2"
- "\xa9\x6e\x4b\xbe\x32\x08\xff\x25"
- "\x28\x7d\xd3\x81\x96\x16\xe8\x9c"
- "\xc7\x8c\xf7\xf5\xe5\x43\x44\x5f"
- "\x83\x33\xd8\xfa\x7f\x56\x00\x00"
- "\x05\x27\x9f\xa5\xd8\xb5\xe4\xad"
- "\x40\xe7\x36\xdd\xb4\xd3\x54\x12"
- "\x32\x80\x63\xfd\x2a\xab\x53\xe5"
- "\xea\x1e\x0a\x9f\x33\x25\x00\xa5"
- "\xdf\x94\x87\xd0\x7a\x5c\x92\xcc"
- "\x51\x2c\x88\x66\xc7\xe8\x60\xce"
- "\x93\xfd\xf1\x66\xa2\x49\x12\xb4"
- "\x22\x97\x61\x46\xae\x20\xce\x84"
- "\x6b\xb7\xdc\x9b\xa9\x4a\x76\x7a"
- "\xae\xf2\x0c\x0d\x61\xad\x02\x65"
- "\x5e\xa9\x2d\xc4\xc4\xe4\x1a\x89"
- "\x52\xc6\x51\xd3\x31\x74\xbe\x51"
- "\xa1\x0c\x42\x11\x10\xe6\xd8\x15"
- "\x88\xed\xe8\x21\x03\xa2\x52\xd8"
- "\xa7\x50\xe8\x76\x8d\xef\xff\xed"
- "\x91\x22\x81\x0a\xae\xb9\x9f\x91"
- "\x72\xaf\x82\xb6\x04\xdc\x4b\x8e"
- "\x51\xbc\xb0\x82\x35\xa6\xf4\x34"
- "\x13\x32\xe4\xca\x60\x48\x2a\x4b"
- "\xa1\xa0\x3b\x3e\x65\x00\x8f\xc5"
- "\xda\x76\xb7\x0b\xf1\x69\x0d\xb4"
- "\xea\xe2\x9c\x5f\x1b\xad\xd0\x3c"
- "\x5c\xcf\x2a\x55\xd7\x05\xdd\xcd"
- "\x86\xd4\x49\x51\x1c\xeb\x7e\xc3"
- "\x0b\xf1\x2b\x1f\xa3\x5b\x91\x3f"
- "\x9f\x74\x7a\x8a\xfd\x1b\x13\x0e"
- "\x94\xbf\xf9\x4e\xff\xd0\x1a\x91"
- "\x73\x5c\xa1\x72\x6a\xcd\x0b\x19"
- "\x7c\x4e\x5b\x03\x39\x36\x97\xe1"
- "\x26\x82\x6f\xb6\xbb\xde\x8e\xcc"
- "\x1e\x08\x29\x85\x16\xe2\xc9\xed"
- "\x03\xff\x3c\x1b\x78\x60\xf6\xde"
- "\x76\xd4\xce\xcd\x94\xc8\x11\x98"
- "\x55\xef\x52\x97\xca\x67\xe9\xf3"
- "\xe7\xff\x72\xb1\xe9\x97\x85\xca"
- "\x0a\x7e\x77\x20\xc5\xb3\x6d\xc6"
- "\xd7\x2c\xac\x95\x74\xc8\xcb\xbc"
- "\x2f\x80\x1e\x23\xe5\x6f\xd3\x44"
- "\xb0\x7f\x22\x15\x4b\xeb\xa0\xf0"
- "\x8c\xe8\x89\x1e\x64\x3e\xd9\x95"
- "\xc9\x4d\x9a\x69\xc9\xf1\xb5\xf4"
- "\x99\x02\x7a\x78\x57\x2a\xee\xbd"
- "\x74\xd2\x0c\xc3\x98\x81\xc2\x13"
- "\xee\x77\x0b\x10\x10\xe4\xbe\xa7"
- "\x18\x84\x69\x77\xae\x11\x9f\x7a"
- "\x02\x3a\xb5\x8c\xca\x0a\xd7\x52"
- "\xaf\xe6\x56\xbb\x3c\x17\x25\x6a"
- "\x9f\x6e\x9b\xf1\x9f\xdd\x5a\x38"
- "\xfc\x82\xbb\xe8\x72\xc5\x53\x9e"
- "\xdb\x60\x9e\xf4\xf7\x9c\x20\x3e"
- "\xbb\x14\x0f\x2e\x58\x3c\xb2\xad"
- "\x15\xb4\xaa\x5b\x65\x50\x16\xa8"
- "\x44\x92\x77\xdb\xd4\x77\xef\x2c"
- "\x8d\x6c\x01\x7d\xb7\x38\xb1\x8d"
- "\xeb\x4a\x42\x7d\x19\x23\xce\x3f"
- "\xf2\x62\x73\x57\x79\xa4\x18\xf2"
- "\x0a\x28\x2d\xf9\x20\x14\x7b\xea"
- "\xbe\x42\x1e\xe5\x31\x9d\x05\x68",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -21269,20 +14239,7 @@ static const struct cipher_testvec aes_xts_dec_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
- }, { /* XTS-AES 10, XTS-AES-256, data unit 512 bytes */
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x62\x49\x77\x57\x24\x70\x93\x69"
- "\x99\x59\x57\x49\x66\x96\x76\x27"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95"
- "\x02\x88\x41\x97\x16\x93\x99\x37"
- "\x51\x05\x82\x09\x74\x94\x45\x92",
- .klen = 64,
- .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x1c\x3b\x3a\x10\x2f\x77\x03\x86"
+ .ctext = "\x1c\x3b\x3a\x10\x2f\x77\x03\x86"
"\xe4\x83\x6c\x99\xe3\x70\xcf\x9b"
"\xea\x00\x80\x3f\x5e\x48\x23\x57"
"\xa4\xae\x12\xd4\x14\xa3\xe6\x3b"
@@ -21346,87 +14303,21 @@ static const struct cipher_testvec aes_xts_dec_tv_template[] = {
"\x2f\xa7\x55\xc8\x24\xbb\x5e\x54"
"\xc4\xf3\x6f\xfd\xa9\xfc\xea\x70"
"\xb9\xc6\xe6\x93\xe1\x48\xc1\x51",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
}
};
-
-static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
+static const struct cipher_testvec aes_ctr_tv_template[] = {
{ /* From NIST Special Publication 800-38A, Appendix F.5 */
.key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6"
"\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
.klen = 16,
.iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
"\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
"\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
"\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
@@ -21434,8 +14325,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
"\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .ilen = 64,
- .result = "\x87\x4d\x61\x91\xb6\x20\xe3\x26"
+ .ctext = "\x87\x4d\x61\x91\xb6\x20\xe3\x26"
"\x1b\xef\x68\x64\x99\x0d\xb6\xce"
"\x98\x06\xf6\x6b\x79\x70\xfd\xff"
"\x86\x17\x18\x7b\xb9\xff\xfd\xff"
@@ -21443,7 +14333,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\x5b\x4f\x09\x02\x0d\xb0\x3e\xab"
"\x1e\x03\x1d\xda\x2f\xbe\x03\xd1"
"\x79\x21\x70\xa0\xf3\x00\x9c\xee",
- .rlen = 64,
+ .len = 64,
}, {
.key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52"
"\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
@@ -21451,7 +14341,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
.klen = 24,
.iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
"\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
"\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
"\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
@@ -21459,8 +14349,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
"\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .ilen = 64,
- .result = "\x1a\xbc\x93\x24\x17\x52\x1c\xa2"
+ .ctext = "\x1a\xbc\x93\x24\x17\x52\x1c\xa2"
"\x4f\x2b\x04\x59\xfe\x7e\x6e\x0b"
"\x09\x03\x39\xec\x0a\xa6\xfa\xef"
"\xd5\xcc\xc2\xc6\xf4\xce\x8e\x94"
@@ -21468,7 +14357,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\xd1\xbd\x1d\x66\x56\x20\xab\xf7"
"\x4f\x78\xa7\xf6\xd2\x98\x09\x58"
"\x5a\x97\xda\xec\x58\xc6\xb0\x50",
- .rlen = 64,
+ .len = 64,
}, {
.key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe"
"\x2b\x73\xae\xf0\x85\x7d\x77\x81"
@@ -21477,7 +14366,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
"\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
"\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
"\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
@@ -21485,8 +14374,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
"\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .ilen = 64,
- .result = "\x60\x1e\xc3\x13\x77\x57\x89\xa5"
+ .ctext = "\x60\x1e\xc3\x13\x77\x57\x89\xa5"
"\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28"
"\xf4\x43\xe3\xca\x4d\x62\xb5\x9a"
"\xca\x84\xe9\x90\xca\xca\xf5\xc5"
@@ -21494,7 +14382,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\xe8\x70\x17\xba\x2d\x84\x98\x8d"
"\xdf\xc9\xc5\x8d\xb6\x7a\xad\xa6"
"\x13\xc2\xdd\x08\x45\x79\x41\xa6",
- .rlen = 64,
+ .len = 64,
}, { /* Generated with Crypto++ */
.key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55"
"\x0F\x32\x55\x78\x9B\xBE\x78\x9B"
@@ -21503,7 +14391,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -21565,8 +14453,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\xAE\x17\xA3\x0C\x75\x01\x6A\xD3"
"\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
"\xED\x56\xBF\x28\xB4\x1D\x86\x12",
- .ilen = 496,
- .result = "\x04\xF3\xD3\x88\x17\xEF\xDC\xEF"
+ .ctext = "\x04\xF3\xD3\x88\x17\xEF\xDC\xEF"
"\x8B\x04\xF8\x3A\x66\x8D\x1A\x53"
"\x57\x1F\x4B\x23\xE4\xA0\xAF\xF9"
"\x69\x95\x35\x98\x8D\x4D\x8C\xC1"
@@ -21628,7 +14515,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\x10\x09\x9B\x46\x9B\xF2\x2C\x2B"
"\xFA\x3A\x05\x4C\xFA\xD1\xFF\xFE"
"\xF1\x4C\xE5\xB2\x91\x64\x0C\x51",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
@@ -21640,7 +14527,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47"
"\xE2\x7D\x18\xD6\x71\x0C\xA7\x42",
- .input = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
+ .ptext = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
"\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
"\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
"\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
@@ -21703,299 +14590,7 @@ static const struct cipher_testvec aes_ctr_enc_tv_template[] = {
"\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
"\xED\x56\xBF\x28\xB4\x1D\x86\x12"
"\x7B\xE4\x4D",
- .ilen = 499,
- .result = "\xDA\x4E\x3F\xBC\xE8\xB6\x3A\xA2"
- "\xD5\x4D\x84\x4A\xA9\x0C\xE1\xA5"
- "\xB8\x73\xBC\xF9\xBB\x59\x2F\x44"
- "\x8B\xAB\x82\x6C\xB4\x32\x9A\xDE"
- "\x5A\x0B\xDB\x7A\x6B\xF2\x38\x9F"
- "\x06\xF7\xF7\xFF\xFF\xC0\x8A\x2E"
- "\x76\xEA\x06\x32\x23\xF3\x59\x2E"
- "\x75\xDE\x71\x86\x3C\x98\x23\x44"
- "\x5B\xF2\xFA\x6A\x00\xBB\xC1\xAD"
- "\x58\xBD\x3E\x6F\x2E\xB4\x19\x04"
- "\x70\x8B\x92\x55\x23\xE9\x6A\x3A"
- "\x78\x7A\x1B\x10\x85\x52\x9C\x12"
- "\xE4\x55\x81\x21\xCE\x53\xD0\x3B"
- "\x63\x77\x2C\x74\xD1\xF5\x60\xF3"
- "\xA1\xDE\x44\x3C\x8F\x4D\x2F\xDD"
- "\x8A\xFE\x3C\x42\x8E\xD3\xF2\x8E"
- "\xA8\x28\x69\x65\x31\xE1\x45\x83"
- "\xE4\x49\xC4\x9C\xA7\x28\xAA\x21"
- "\xCD\x5D\x0F\x15\xB7\x93\x07\x26"
- "\xB0\x65\x6D\x91\x90\x23\x7A\xC6"
- "\xDB\x68\xB0\xA1\x8E\xA4\x76\x4E"
- "\xC6\x91\x83\x20\x92\x4D\x63\x7A"
- "\x45\x18\x18\x74\x19\xAD\x71\x01"
- "\x6B\x23\xAD\x9D\x4E\xE4\x6E\x46"
- "\xC9\x73\x7A\xF9\x02\x95\xF4\x07"
- "\x0E\x7A\xA6\xC5\xAE\xFA\x15\x2C"
- "\x51\x71\xF1\xDC\x22\xB6\xAC\xD8"
- "\x19\x24\x44\xBC\x0C\xFB\x3C\x2D"
- "\xB1\x50\x47\x15\x0E\xDB\xB6\xD7"
- "\xE8\x61\xE5\x95\x52\x1E\x3E\x49"
- "\x70\xE9\x66\x04\x4C\xE1\xAF\xBD"
- "\xDD\x15\x3B\x20\x59\x24\xFF\xB0"
- "\x39\xAA\xE7\xBF\x23\xA3\x6E\xD5"
- "\x15\xF0\x61\x4F\xAE\x89\x10\x58"
- "\x5A\x33\x95\x52\x2A\xB5\x77\x9C"
- "\xA5\x43\x80\x40\x27\x2D\xAE\xD9"
- "\x3F\xE0\x80\x94\x78\x79\xCB\x7E"
- "\xAD\x12\x44\x4C\xEC\x27\xB0\xEE"
- "\x0B\x05\x2A\x82\x99\x58\xBB\x7A"
- "\x8D\x6D\x9D\x8E\xE2\x8E\xE7\x93"
- "\x2F\xB3\x09\x8D\x06\xD5\xEE\x70"
- "\x16\xAE\x35\xC5\x52\x0F\x46\x1F"
- "\x71\xF9\x5E\xF2\x67\xDC\x98\x2F"
- "\xA3\x23\xAA\xD5\xD0\x49\xF4\xA6"
- "\xF6\xB8\x32\xCD\xD6\x85\x73\x60"
- "\x59\x20\xE7\x55\x0E\x91\xE2\x0C"
- "\x3F\x1C\xEB\x3D\xDF\x52\x64\xF2"
- "\x7D\x8B\x5D\x63\x16\xB9\xB2\x5D"
- "\x5E\xAB\xB2\x97\xAB\x78\x44\xE7"
- "\xC6\x72\x20\xC5\x90\x9B\xDC\x5D"
- "\xB0\xEF\x44\xEF\x87\x31\x8D\xF4"
- "\xFB\x81\x5D\xF7\x96\x96\xD4\x50"
- "\x89\xA7\xF6\xB9\x67\x76\x40\x9E"
- "\x9D\x40\xD5\x2C\x30\xB8\x01\x8F"
- "\xE4\x7B\x71\x48\xA9\xA0\xA0\x1D"
- "\x87\x52\xA4\x91\xA9\xD7\xA9\x51"
- "\xD9\x59\xF7\xCC\x63\x22\xC1\x8D"
- "\x84\x7B\xD8\x22\x32\x5C\x6F\x1D"
- "\x6E\x9F\xFA\xDD\x49\x40\xDC\x37"
- "\x14\x8C\xE1\x80\x1B\xDD\x36\x2A"
- "\xD0\xE9\x54\x99\x5D\xBA\x3B\x11"
- "\xD8\xFE\xC9\x5B\x5C\x25\xE5\x76"
- "\xFB\xF2\x3F",
- .rlen = 499,
- .also_non_np = 1,
- .np = 2,
- .tap = { 499 - 16, 16 },
- },
-};
-
-static const struct cipher_testvec aes_ctr_dec_tv_template[] = {
- { /* From NIST Special Publication 800-38A, Appendix F.5 */
- .key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6"
- "\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
- .klen = 16,
- .iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .input = "\x87\x4d\x61\x91\xb6\x20\xe3\x26"
- "\x1b\xef\x68\x64\x99\x0d\xb6\xce"
- "\x98\x06\xf6\x6b\x79\x70\xfd\xff"
- "\x86\x17\x18\x7b\xb9\xff\xfd\xff"
- "\x5a\xe4\xdf\x3e\xdb\xd5\xd3\x5e"
- "\x5b\x4f\x09\x02\x0d\xb0\x3e\xab"
- "\x1e\x03\x1d\xda\x2f\xbe\x03\xd1"
- "\x79\x21\x70\xa0\xf3\x00\x9c\xee",
- .ilen = 64,
- .result = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
- "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
- "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
- "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
- "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
- "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
- "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
- "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .rlen = 64,
- }, {
- .key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52"
- "\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
- "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
- .klen = 24,
- .iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .input = "\x1a\xbc\x93\x24\x17\x52\x1c\xa2"
- "\x4f\x2b\x04\x59\xfe\x7e\x6e\x0b"
- "\x09\x03\x39\xec\x0a\xa6\xfa\xef"
- "\xd5\xcc\xc2\xc6\xf4\xce\x8e\x94"
- "\x1e\x36\xb2\x6b\xd1\xeb\xc6\x70"
- "\xd1\xbd\x1d\x66\x56\x20\xab\xf7"
- "\x4f\x78\xa7\xf6\xd2\x98\x09\x58"
- "\x5a\x97\xda\xec\x58\xc6\xb0\x50",
- .ilen = 64,
- .result = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
- "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
- "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
- "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
- "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
- "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
- "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
- "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .rlen = 64,
- }, {
- .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe"
- "\x2b\x73\xae\xf0\x85\x7d\x77\x81"
- "\x1f\x35\x2c\x07\x3b\x61\x08\xd7"
- "\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
- .klen = 32,
- .iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .input = "\x60\x1e\xc3\x13\x77\x57\x89\xa5"
- "\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28"
- "\xf4\x43\xe3\xca\x4d\x62\xb5\x9a"
- "\xca\x84\xe9\x90\xca\xca\xf5\xc5"
- "\x2b\x09\x30\xda\xa2\x3d\xe9\x4c"
- "\xe8\x70\x17\xba\x2d\x84\x98\x8d"
- "\xdf\xc9\xc5\x8d\xb6\x7a\xad\xa6"
- "\x13\xc2\xdd\x08\x45\x79\x41\xa6",
- .ilen = 64,
- .result = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
- "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
- "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
- "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
- "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
- "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
- "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
- "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .rlen = 64,
- }, { /* Generated with Crypto++ */
- .key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55"
- "\x0F\x32\x55\x78\x9B\xBE\x78\x9B"
- "\xBE\xE1\x04\x27\xE1\x04\x27\x4A"
- "\x6D\x90\x4A\x6D\x90\xB3\xD6\xF9",
- .klen = 32,
- .iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
- "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x04\xF3\xD3\x88\x17\xEF\xDC\xEF"
- "\x8B\x04\xF8\x3A\x66\x8D\x1A\x53"
- "\x57\x1F\x4B\x23\xE4\xA0\xAF\xF9"
- "\x69\x95\x35\x98\x8D\x4D\x8C\xC1"
- "\xF0\xB2\x7F\x80\xBB\x54\x28\xA2"
- "\x7A\x1B\x9F\x77\xEC\x0E\x6E\xDE"
- "\xF0\xEC\xB8\xE4\x20\x62\xEE\xDB"
- "\x5D\xF5\xDD\xE3\x54\xFC\xDD\xEB"
- "\x6A\xEE\x65\xA1\x21\xD6\xD7\x81"
- "\x47\x61\x12\x4D\xC2\x8C\xFA\x78"
- "\x1F\x28\x02\x01\xC3\xFC\x1F\xEC"
- "\x0F\x10\x4F\xB3\x12\x45\xC6\x3B"
- "\x7E\x08\xF9\x5A\xD0\x5D\x73\x2D"
- "\x58\xA4\xE5\xCB\x1C\xB4\xCE\x74"
- "\x32\x41\x1F\x31\x9C\x08\xA2\x5D"
- "\x67\xEB\x72\x1D\xF8\xE7\x70\x54"
- "\x34\x4B\x31\x69\x84\x66\x96\x44"
- "\x56\xCC\x1E\xD9\xE6\x13\x6A\xB9"
- "\x2D\x0A\x05\x45\x2D\x90\xCC\xDF"
- "\x16\x5C\x5F\x79\x34\x52\x54\xFE"
- "\xFE\xCD\xAD\x04\x2E\xAD\x86\x06"
- "\x1F\x37\xE8\x28\xBC\xD3\x8F\x5B"
- "\x92\x66\x87\x3B\x8A\x0A\x1A\xCC"
- "\x6E\xAB\x9F\x0B\xFA\x5C\xE6\xFD"
- "\x3C\x98\x08\x12\xEC\xAA\x9E\x11"
- "\xCA\xB2\x1F\xCE\x5E\x5B\xB2\x72"
- "\x9C\xCC\x5D\xC5\xE0\x32\xC0\x56"
- "\xD5\x45\x16\xD2\xAF\x13\x66\xF7"
- "\x8C\x67\xAC\x79\xB2\xAF\x56\x27"
- "\x3F\xCC\xFE\xCB\x1E\xC0\x75\xF1"
- "\xA7\xC9\xC3\x1D\x8E\xDD\xF9\xD4"
- "\x42\xC8\x21\x08\x16\xF7\x01\xD7"
- "\xAC\x8E\x3F\x1D\x56\xC1\x06\xE4"
- "\x9C\x62\xD6\xA5\x6A\x50\x44\xB3"
- "\x35\x1C\x82\xB9\x10\xF9\x42\xA1"
- "\xFC\x74\x9B\x44\x4F\x25\x02\xE3"
- "\x08\xF5\xD4\x32\x39\x08\x11\xE8"
- "\xD2\x6B\x50\x53\xD4\x08\xD1\x6B"
- "\x3A\x4A\x68\x7B\x7C\xCD\x46\x5E"
- "\x0D\x07\x19\xDB\x67\xD7\x98\x91"
- "\xD7\x17\x10\x9B\x7B\x8A\x9B\x33"
- "\xAE\xF3\x00\xA6\xD4\x15\xD9\xEA"
- "\x85\x99\x22\xE8\x91\x38\x70\x83"
- "\x93\x01\x24\x6C\xFA\x9A\xB9\x07"
- "\xEA\x8D\x3B\xD9\x2A\x43\x59\x16"
- "\x2F\x69\xEE\x84\x36\x44\x76\x98"
- "\xF3\x04\x2A\x7C\x74\x3D\x29\x2B"
- "\x0D\xAD\x8F\x44\x82\x9E\x57\x8D"
- "\xAC\xED\x18\x1F\x50\xA4\xF5\x98"
- "\x1F\xBD\x92\x91\x1B\x2D\xA6\xD6"
- "\xD2\xE3\x02\xAA\x92\x3B\xC6\xB3"
- "\x1B\x39\x72\xD5\x26\xCA\x04\xE0"
- "\xFC\x58\x78\xBB\xB1\x3F\xA1\x9C"
- "\x42\x24\x3E\x2E\x22\xBB\x4B\xBA"
- "\xF4\x52\x0A\xE6\xAE\x47\xB4\x7D"
- "\x1D\xA8\xBE\x81\x1A\x75\xDA\xAC"
- "\xA6\x25\x1E\xEF\x3A\xC0\x6C\x63"
- "\xEF\xDC\xC9\x79\x10\x26\xE8\x61"
- "\x29\xFC\xA4\x05\xDF\x7D\x5C\x63"
- "\x10\x09\x9B\x46\x9B\xF2\x2C\x2B"
- "\xFA\x3A\x05\x4C\xFA\xD1\xFF\xFE"
- "\xF1\x4C\xE5\xB2\x91\x64\x0C\x51",
- .ilen = 496,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82\xEB"
- "\x54\xE0\x49\xB2\x1B\xA7\x10\x79"
- "\x05\x6E\xD7\x40\xCC\x35\x9E\x07"
- "\x93\xFC\x65\xF1\x5A\xC3\x2C\xB8"
- "\x21\x8A\x16\x7F\xE8\x51\xDD\x46"
- "\xAF\x18\xA4\x0D\x76\x02\x6B\xD4"
- "\x3D\xC9\x32\x9B\x04\x90\xF9\x62"
- "\xEE\x57\xC0\x29\xB5\x1E\x87\x13"
- "\x7C\xE5\x4E\xDA\x43\xAC\x15\xA1"
- "\x0A\x73\xFF\x68\xD1\x3A\xC6\x2F"
- "\x98\x01\x8D\xF6\x5F\xEB\x54\xBD"
- "\x26\xB2\x1B\x84\x10\x79\xE2\x4B"
- "\xD7\x40\xA9\x12\x9E\x07\x70\xFC"
- "\x65\xCE\x37\xC3\x2C\x95\x21\x8A"
- "\xF3\x5C\xE8\x51\xBA\x23\xAF\x18"
- "\x81\x0D\x76\xDF\x48\xD4\x3D\xA6"
- "\x0F\x9B\x04\x6D\xF9\x62\xCB\x34"
- "\xC0\x29\x92\x1E\x87\xF0\x59\xE5"
- "\x4E\xB7\x20\xAC\x15\x7E\x0A\x73"
- "\xDC\x45\xD1\x3A\xA3\x0C\x98\x01"
- "\x6A\xF6\x5F\xC8\x31\xBD\x26\x8F"
- "\x1B\x84\xED\x56\xE2\x4B\xB4\x1D"
- "\xA9\x12\x7B\x07\x70\xD9\x42\xCE"
- "\x37\xA0\x09\x95\xFE\x67\xF3\x5C"
- "\xC5\x2E\xBA\x23\x8C\x18\x81\xEA"
- "\x53\xDF\x48\xB1\x1A\xA6\x0F\x78"
- "\x04\x6D\xD6\x3F\xCB\x34\x9D\x06"
- "\x92\xFB\x64\xF0\x59\xC2\x2B\xB7"
- "\x20\x89\x15\x7E\xE7\x50\xDC\x45"
- "\xAE\x17\xA3\x0C\x75\x01\x6A\xD3"
- "\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
- "\xED\x56\xBF\x28\xB4\x1D\x86\x12",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- }, { /* Generated with Crypto++ */
- .key = "\xC9\x83\xA6\xC9\xEC\x0F\x32\x55"
- "\x0F\x32\x55\x78\x9B\xBE\x78\x9B"
- "\xBE\xE1\x04\x27\xE1\x04\x27\x4A"
- "\x6D\x90\x4A\x6D\x90\xB3\xD6\xF9",
- .klen = 32,
- .iv = "\xE7\x82\x1D\xB8\x53\x11\xAC\x47"
- "\xE2\x7D\x18\xD6\x71\x0C\xA7\x42",
- .input = "\xDA\x4E\x3F\xBC\xE8\xB6\x3A\xA2"
+ .ctext = "\xDA\x4E\x3F\xBC\xE8\xB6\x3A\xA2"
"\xD5\x4D\x84\x4A\xA9\x0C\xE1\xA5"
"\xB8\x73\xBC\xF9\xBB\x59\x2F\x44"
"\x8B\xAB\x82\x6C\xB4\x32\x9A\xDE"
@@ -22058,105 +14653,39 @@ static const struct cipher_testvec aes_ctr_dec_tv_template[] = {
"\xD0\xE9\x54\x99\x5D\xBA\x3B\x11"
"\xD8\xFE\xC9\x5B\x5C\x25\xE5\x76"
"\xFB\xF2\x3F",
- .ilen = 499,
- .result = "\x50\xB9\x22\xAE\x17\x80\x0C\x75"
- "\xDE\x47\xD3\x3C\xA5\x0E\x9A\x03"
- "\x6C\xF8\x61\xCA\x33\xBF\x28\x91"
- "\x1D\x86\xEF\x58\xE4\x4D\xB6\x1F"
- "\xAB\x14\x7D\x09\x72\xDB\x44\xD0"
- "\x39\xA2\x0B\x97\x00\x69\xF5\x5E"
- "\xC7\x30\xBC\x25\x8E\x1A\x83\xEC"
- "\x55\xE1\x4A\xB3\x1C\xA8\x11\x7A"
- "\x06\x6F\xD8\x41\xCD\x36\x9F\x08"
- "\x94\xFD\x66\xF2\x5B\xC4\x2D\xB9"
- "\x22\x8B\x17\x80\xE9\x52\xDE\x47"
- "\xB0\x19\xA5\x0E\x77\x03\x6C\xD5"
- "\x3E\xCA\x33\x9C\x05\x91\xFA\x63"
- "\xEF\x58\xC1\x2A\xB6\x1F\x88\x14"
- "\x7D\xE6\x4F\xDB\x44\xAD\x16\xA2"
- "\x0B\x74\x00\x69\xD2\x3B\xC7\x30"
- "\x99\x02\x8E\xF7\x60\xEC\x55\xBE"
- "\x27\xB3\x1C\x85\x11\x7A\xE3\x4C"
- "\xD8\x41\xAA\x13\x9F\x08\x71\xFD"
- "\x66\xCF\x38\xC4\x2D\x96\x22\x8B"
- "\xF4\x5D\xE9\x52\xBB\x24\xB0\x19"
- "\x82\x0E\x77\xE0\x49\xD5\x3E\xA7"
- "\x10\x9C\x05\x6E\xFA\x63\xCC\x35"
- "\xC1\x2A\x93\x1F\x88\xF1\x5A\xE6"
- "\x4F\xB8\x21\xAD\x16\x7F\x0B\x74"
- "\xDD\x46\xD2\x3B\xA4\x0D\x99\x02"
- "\x6B\xF7\x60\xC9\x32\xBE\x27\x90"
- "\x1C\x85\xEE\x57\xE3\x4C\xB5\x1E"
- "\xAA\x13\x7C\x08\x71\xDA\x43\xCF"
- "\x38\xA1\x0A\x96\xFF\x68\xF4\x5D"
- "\xC6\x2F\xBB\x24\x8D\x19\x82\xEB"
- "\x54\xE0\x49\xB2\x1B\xA7\x10\x79"
- "\x05\x6E\xD7\x40\xCC\x35\x9E\x07"
- "\x93\xFC\x65\xF1\x5A\xC3\x2C\xB8"
- "\x21\x8A\x16\x7F\xE8\x51\xDD\x46"
- "\xAF\x18\xA4\x0D\x76\x02\x6B\xD4"
- "\x3D\xC9\x32\x9B\x04\x90\xF9\x62"
- "\xEE\x57\xC0\x29\xB5\x1E\x87\x13"
- "\x7C\xE5\x4E\xDA\x43\xAC\x15\xA1"
- "\x0A\x73\xFF\x68\xD1\x3A\xC6\x2F"
- "\x98\x01\x8D\xF6\x5F\xEB\x54\xBD"
- "\x26\xB2\x1B\x84\x10\x79\xE2\x4B"
- "\xD7\x40\xA9\x12\x9E\x07\x70\xFC"
- "\x65\xCE\x37\xC3\x2C\x95\x21\x8A"
- "\xF3\x5C\xE8\x51\xBA\x23\xAF\x18"
- "\x81\x0D\x76\xDF\x48\xD4\x3D\xA6"
- "\x0F\x9B\x04\x6D\xF9\x62\xCB\x34"
- "\xC0\x29\x92\x1E\x87\xF0\x59\xE5"
- "\x4E\xB7\x20\xAC\x15\x7E\x0A\x73"
- "\xDC\x45\xD1\x3A\xA3\x0C\x98\x01"
- "\x6A\xF6\x5F\xC8\x31\xBD\x26\x8F"
- "\x1B\x84\xED\x56\xE2\x4B\xB4\x1D"
- "\xA9\x12\x7B\x07\x70\xD9\x42\xCE"
- "\x37\xA0\x09\x95\xFE\x67\xF3\x5C"
- "\xC5\x2E\xBA\x23\x8C\x18\x81\xEA"
- "\x53\xDF\x48\xB1\x1A\xA6\x0F\x78"
- "\x04\x6D\xD6\x3F\xCB\x34\x9D\x06"
- "\x92\xFB\x64\xF0\x59\xC2\x2B\xB7"
- "\x20\x89\x15\x7E\xE7\x50\xDC\x45"
- "\xAE\x17\xA3\x0C\x75\x01\x6A\xD3"
- "\x3C\xC8\x31\x9A\x03\x8F\xF8\x61"
- "\xED\x56\xBF\x28\xB4\x1D\x86\x12"
- "\x7B\xE4\x4D",
- .rlen = 499,
+ .len = 499,
.also_non_np = 1,
.np = 2,
.tap = { 499 - 16, 16 },
},
};
-static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
+static const struct cipher_testvec aes_ctr_rfc3686_tv_template[] = {
{ /* From RFC 3686 */
.key = "\xae\x68\x52\xf8\x12\x10\x67\xcc"
"\x4b\xf7\xa5\x76\x55\x77\xf3\x9e"
"\x00\x00\x00\x30",
.klen = 20,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "Single block msg",
- .ilen = 16,
- .result = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79"
+ .ptext = "Single block msg",
+ .ctext = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79"
"\x2d\x61\x75\xa3\x26\x13\x11\xb8",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x7e\x24\x06\x78\x17\xfa\xe0\xd7"
"\x43\xd6\xce\x1f\x32\x53\x91\x63"
"\x00\x6c\xb6\xdb",
.klen = 20,
.iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .ilen = 32,
- .result = "\x51\x04\xa1\x06\x16\x8a\x72\xd9"
+ .ctext = "\x51\x04\xa1\x06\x16\x8a\x72\xd9"
"\x79\x0d\x41\xee\x8e\xda\xd3\x88"
"\xeb\x2e\x1e\xfc\x46\xda\x57\xc8"
"\xfc\xe6\x30\xdf\x91\x41\xbe\x28",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79"
"\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed"
@@ -22164,11 +14693,10 @@ static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
"\x00\x00\x00\x48",
.klen = 28,
.iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb",
- .input = "Single block msg",
- .ilen = 16,
- .result = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8"
+ .ptext = "Single block msg",
+ .ctext = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8"
"\x4e\x79\x35\xa0\x03\xcb\xe9\x28",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c"
"\x19\xe7\x34\x08\x19\xe0\xf6\x9c"
@@ -22176,16 +14704,15 @@ static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
"\x00\x96\xb0\x3b",
.klen = 28,
.iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .ilen = 32,
- .result = "\x45\x32\x43\xfc\x60\x9b\x23\x32"
+ .ctext = "\x45\x32\x43\xfc\x60\x9b\x23\x32"
"\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f"
"\x84\x90\x70\x1c\x5a\xd4\xa7\x9c"
"\xfc\x1f\xe0\xff\x42\xf4\xfb\x00",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f"
"\x4c\x8a\x05\x42\xc8\x69\x6f\x6c"
@@ -22194,11 +14721,10 @@ static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
"\x00\x00\x00\x60",
.klen = 36,
.iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2",
- .input = "Single block msg",
- .ilen = 16,
- .result = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7"
+ .ptext = "Single block msg",
+ .ctext = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7"
"\x56\x08\x63\xdc\x71\xe3\xe0\xc0",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb"
"\x07\x96\x36\x58\x79\xef\xf8\x86"
@@ -22207,16 +14733,15 @@ static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
"\x00\xfa\xac\x24",
.klen = 36,
.iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .ilen = 32,
- .result = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c"
+ .ctext = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c"
"\x49\xee\x00\x0b\x80\x4e\xb2\xa9"
"\xb8\x30\x6b\x50\x8f\x83\x9d\x6a"
"\x55\x30\x83\x1d\x93\x44\xaf\x1c",
- .rlen = 32,
+ .len = 32,
}, {
// generated using Crypto++
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
@@ -22226,7 +14751,7 @@ static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
"\x00\x00\x00\x00",
.klen = 32 + 4,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input =
+ .ptext =
"\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
@@ -22740,8 +15265,7 @@ static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
"\x10\x2f\x4e\x6d\x8c\xab\xca\xe9"
"\x08\x27\x46\x65\x84\xa3\xc2\xe1"
"\x00\x21\x42\x63",
- .ilen = 4100,
- .result =
+ .ctext =
"\xf0\x5c\x74\xad\x4e\xbc\x99\xe2"
"\xae\xff\x91\x3a\x44\xcf\x38\x32"
"\x1e\xad\xa7\xcd\xa1\x39\x95\xaa"
@@ -23255,104 +15779,13 @@ static const struct cipher_testvec aes_ctr_rfc3686_enc_tv_template[] = {
"\x41\x01\x18\x5d\x5d\x07\x97\xa6"
"\x4b\xef\x31\x18\xea\xac\xb1\x84"
"\x21\xed\xda\x86",
- .rlen = 4100,
+ .len = 4100,
.np = 2,
.tap = { 4064, 36 },
},
};
-static const struct cipher_testvec aes_ctr_rfc3686_dec_tv_template[] = {
- { /* From RFC 3686 */
- .key = "\xae\x68\x52\xf8\x12\x10\x67\xcc"
- "\x4b\xf7\xa5\x76\x55\x77\xf3\x9e"
- "\x00\x00\x00\x30",
- .klen = 20,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79"
- "\x2d\x61\x75\xa3\x26\x13\x11\xb8",
- .ilen = 16,
- .result = "Single block msg",
- .rlen = 16,
- }, {
- .key = "\x7e\x24\x06\x78\x17\xfa\xe0\xd7"
- "\x43\xd6\xce\x1f\x32\x53\x91\x63"
- "\x00\x6c\xb6\xdb",
- .klen = 20,
- .iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b",
- .input = "\x51\x04\xa1\x06\x16\x8a\x72\xd9"
- "\x79\x0d\x41\xee\x8e\xda\xd3\x88"
- "\xeb\x2e\x1e\xfc\x46\xda\x57\xc8"
- "\xfc\xe6\x30\xdf\x91\x41\xbe\x28",
- .ilen = 32,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .rlen = 32,
- }, {
- .key = "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79"
- "\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed"
- "\x86\x3d\x06\xcc\xfd\xb7\x85\x15"
- "\x00\x00\x00\x48",
- .klen = 28,
- .iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb",
- .input = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8"
- "\x4e\x79\x35\xa0\x03\xcb\xe9\x28",
- .ilen = 16,
- .result = "Single block msg",
- .rlen = 16,
- }, {
- .key = "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c"
- "\x19\xe7\x34\x08\x19\xe0\xf6\x9c"
- "\x67\x8c\x3d\xb8\xe6\xf6\xa9\x1a"
- "\x00\x96\xb0\x3b",
- .klen = 28,
- .iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d",
- .input = "\x45\x32\x43\xfc\x60\x9b\x23\x32"
- "\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f"
- "\x84\x90\x70\x1c\x5a\xd4\xa7\x9c"
- "\xfc\x1f\xe0\xff\x42\xf4\xfb\x00",
- .ilen = 32,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .rlen = 32,
- }, {
- .key = "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f"
- "\x4c\x8a\x05\x42\xc8\x69\x6f\x6c"
- "\x6a\x81\xaf\x1e\xec\x96\xb4\xd3"
- "\x7f\xc1\xd6\x89\xe6\xc1\xc1\x04"
- "\x00\x00\x00\x60",
- .klen = 36,
- .iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2",
- .input = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7"
- "\x56\x08\x63\xdc\x71\xe3\xe0\xc0",
- .ilen = 16,
- .result = "Single block msg",
- .rlen = 16,
- }, {
- .key = "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb"
- "\x07\x96\x36\x58\x79\xef\xf8\x86"
- "\xc6\x6d\xd5\x1a\x5b\x6a\x99\x74"
- "\x4b\x50\x59\x0c\x87\xa2\x38\x84"
- "\x00\xfa\xac\x24",
- .klen = 36,
- .iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75",
- .input = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c"
- "\x49\xee\x00\x0b\x80\x4e\xb2\xa9"
- "\xb8\x30\x6b\x50\x8f\x83\x9d\x6a"
- "\x55\x30\x83\x1d\x93\x44\xaf\x1c",
- .ilen = 32,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .rlen = 32,
- },
-};
-
-static const struct cipher_testvec aes_ofb_enc_tv_template[] = {
+static const struct cipher_testvec aes_ofb_tv_template[] = {
/* From NIST Special Publication 800-38A, Appendix F.5 */
{
.key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6"
@@ -23360,7 +15793,7 @@ static const struct cipher_testvec aes_ofb_enc_tv_template[] = {
.klen = 16,
.iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
"\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
"\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
"\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
@@ -23368,8 +15801,7 @@ static const struct cipher_testvec aes_ofb_enc_tv_template[] = {
"\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
"\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .ilen = 64,
- .result = "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20"
+ .ctext = "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20"
"\x33\x34\x49\xf8\xe8\x3c\xfb\x4a"
"\x77\x89\x50\x8d\x16\x91\x8f\x03\xf5"
"\x3c\x52\xda\xc5\x4e\xd8\x25"
@@ -23377,36 +15809,7 @@ static const struct cipher_testvec aes_ofb_enc_tv_template[] = {
"\x44\xf7\xa8\x22\x60\xed\xcc"
"\x30\x4c\x65\x28\xf6\x59\xc7\x78"
"\x66\xa5\x10\xd9\xc1\xd6\xae\x5e",
- .rlen = 64,
- }
-};
-
-static const struct cipher_testvec aes_ofb_dec_tv_template[] = {
- /* From NIST Special Publication 800-38A, Appendix F.5 */
- {
- .key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6"
- "\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
- .klen = 16,
- .iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08"
- "\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .input = "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20"
- "\x33\x34\x49\xf8\xe8\x3c\xfb\x4a"
- "\x77\x89\x50\x8d\x16\x91\x8f\x03\xf5"
- "\x3c\x52\xda\xc5\x4e\xd8\x25"
- "\x97\x40\x05\x1e\x9c\x5f\xec\xf6\x43"
- "\x44\xf7\xa8\x22\x60\xed\xcc"
- "\x30\x4c\x65\x28\xf6\x59\xc7\x78"
- "\x66\xa5\x10\xd9\xc1\xd6\xae\x5e",
- .ilen = 64,
- .result = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
- "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
- "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
- "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
- "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
- "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
- "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
- "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
- .rlen = 64,
+ .len = 64,
}
};
@@ -27377,6 +19780,6241 @@ static const struct aead_testvec rfc7539esp_dec_tv_template[] = {
},
};
+static const struct aead_testvec aegis128_enc_tv_template[] = {
+ {
+ .key = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .klen = 16,
+ .iv = "\x1e\x92\x1c\xcf\x88\x3d\x54\x0d"
+ "\x40\x6d\x59\x48\xfc\x92\x61\x03",
+ .assoc = "",
+ .alen = 0,
+ .input = "",
+ .ilen = 0,
+ .result = "\x07\xa5\x11\xf2\x9d\x40\xb8\x6d"
+ "\xda\xb8\x12\x34\x4c\x53\xd9\x72",
+ .rlen = 16,
+ }, {
+ .key = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .klen = 16,
+ .iv = "\x5a\xb7\x56\x6e\x98\xb9\xfd\x29"
+ "\xc1\x47\x0b\xda\xf6\xb6\x23\x09",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x79",
+ .ilen = 1,
+ .result = "\x9e\x78\x52\xae\xcb\x9e\xe4\xd3"
+ "\x9a\xd7\x5d\xd7\xaa\x9a\xe9\x5a"
+ "\xcc",
+ .rlen = 17,
+ }, {
+ .key = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .klen = 16,
+ .iv = "\x97\xdb\x90\x0e\xa8\x35\xa5\x45"
+ "\x42\x21\xbd\x6b\xf0\xda\xe6\x0f",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47",
+ .ilen = 15,
+ .result = "\xc3\x80\x83\x04\x5f\xaa\x61\xc7"
+ "\xca\xdd\x6f\xac\x85\x08\xb5\x35"
+ "\x2b\xc2\x3e\x0b\x1b\x39\x37\x2b"
+ "\x7a\x21\x16\xb3\xe6\x67\x66",
+ .rlen = 31,
+ }, {
+ .key = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .klen = 16,
+ .iv = "\xd3\x00\xc9\xad\xb8\xb0\x4e\x61"
+ "\xc3\xfb\x6f\xfd\xea\xff\xa9\x15",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .ilen = 16,
+ .result = "\x23\x25\x30\xe5\x6a\xb6\x36\x7d"
+ "\x38\xfd\x3a\xd2\xc2\x58\xa9\x11"
+ "\x1e\xa8\x30\x9c\x16\xa4\xdb\x65"
+ "\x51\x10\x16\x27\x70\x9b\x64\x29",
+ .rlen = 32,
+ }, {
+ .key = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .klen = 16,
+ .iv = "\x10\x25\x03\x4c\xc8\x2c\xf7\x7d"
+ "\x44\xd5\x21\x8e\xe4\x23\x6b\x1c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f"
+ "\xd3",
+ .ilen = 17,
+ .result = "\x2a\x8d\x56\x91\xc6\xf3\x56\xa5"
+ "\x1f\xf0\x89\x2e\x13\xad\xe6\xf6"
+ "\x46\x80\xb1\x0e\x18\x30\x40\x97"
+ "\x03\xdf\x64\x3c\xbe\x93\x9e\xc9"
+ "\x3b",
+ .rlen = 33,
+ }, {
+ .key = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .klen = 16,
+ .iv = "\x4c\x49\x3d\xec\xd8\xa8\xa0\x98"
+ "\xc5\xb0\xd3\x1f\xde\x48\x2e\x22",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25"
+ "\xfe\x8d\x45\x19\x1e\xc0\x0b\x99"
+ "\x88\x11\x39\x12\x1c\x3a\xbb",
+ .ilen = 31,
+ .result = "\x4e\xf6\xfa\x13\xde\x43\x63\x4c"
+ "\xe2\x04\x3e\xe4\x85\x14\xb6\x3f"
+ "\xb1\x8f\x4c\xdb\x41\xa2\x14\x99"
+ "\xf5\x53\x0f\x73\x86\x7e\x97\xa1"
+ "\x4b\x56\x5b\x94\xce\xcd\x74\xcd"
+ "\x75\xc4\x53\x01\x89\x45\x59",
+ .rlen = 47,
+ }, {
+ .key = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .klen = 16,
+ .iv = "\x89\x6e\x77\x8b\xe8\x23\x49\xb4"
+ "\x45\x8a\x85\xb1\xd8\x6c\xf1\x28",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b"
+ "\x28\x50\x51\x9d\x24\x60\x8d\xb3"
+ "\x49\x3e\x17\xea\xf6\x99\x5a\xdd",
+ .ilen = 32,
+ .result = "\xa4\x9a\xb7\xfd\xa0\xd4\xd6\x47"
+ "\x95\xf4\x58\x38\x14\x83\x27\x01"
+ "\x4c\xed\x32\x2c\xf7\xd6\x31\xf7"
+ "\x38\x1b\x2c\xc9\xb6\x31\xce\xaa"
+ "\xa5\x3c\x1a\x18\x5c\xce\xb9\xdf"
+ "\x51\x52\x77\xf2\x5e\x85\x80\x41",
+ .rlen = 48,
+ }, {
+ .key = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .klen = 16,
+ .iv = "\xc5\x93\xb0\x2a\xf8\x9f\xf1\xd0"
+ "\xc6\x64\x37\x42\xd2\x90\xb3\x2e",
+ .assoc = "\xd5",
+ .alen = 1,
+ .input = "",
+ .ilen = 0,
+ .result = "\xfb\xd4\x83\x71\x9e\x63\xad\x60"
+ "\xb9\xf9\xeb\x34\x52\x49\xcf\xb7",
+ .rlen = 16,
+ }, {
+ .key = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .klen = 16,
+ .iv = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34",
+ .assoc = "\x11\x81\x78\x32\x4d\xb9\x44\x73"
+ "\x68\x75\x16\xf8\xcb\x7e\xa7",
+ .alen = 15,
+ .input = "",
+ .ilen = 0,
+ .result = "\x0c\xaf\x2e\x96\xf6\x97\x08\x71"
+ "\x7d\x3a\x84\xc4\x44\x57\x77\x7e",
+ .rlen = 16,
+ }, {
+ .key = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .klen = 16,
+ .iv = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b",
+ .assoc = "\x4e\xa5\xb2\xd1\x5d\x35\xed\x8f"
+ "\xe8\x4f\xc8\x89\xc5\xa2\x69\xbc",
+ .alen = 16,
+ .input = "",
+ .ilen = 0,
+ .result = "\xc7\x87\x09\x3b\xc7\x19\x74\x22"
+ "\x22\xa5\x67\x10\xb2\x36\xb3\x45",
+ .rlen = 16,
+ }, {
+ .key = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .klen = 16,
+ .iv = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41",
+ .assoc = "\x8a\xca\xec\x70\x6d\xb1\x96\xab"
+ "\x69\x29\x7a\x1b\xbf\xc7\x2c\xc2"
+ "\x07",
+ .alen = 17,
+ .input = "",
+ .ilen = 0,
+ .result = "\x02\xc6\x3b\x46\x65\xb2\xef\x91"
+ "\x31\xf0\x45\x48\x8a\x2a\xed\xe4",
+ .rlen = 16,
+ }, {
+ .key = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .klen = 16,
+ .iv = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47",
+ .assoc = "\xc7\xef\x26\x10\x7d\x2c\x3f\xc6"
+ "\xea\x03\x2c\xac\xb9\xeb\xef\xc9"
+ "\x31\x6b\x08\x12\xfc\xd8\x37\x2d"
+ "\xe0\x17\x3a\x2e\x83\x5c\x8f",
+ .alen = 31,
+ .input = "",
+ .ilen = 0,
+ .result = "\x20\x85\xa8\xd0\x91\x48\x85\xf3"
+ "\x5a\x16\xc0\x57\x68\x47\xdd\xcb",
+ .rlen = 16,
+ }, {
+ .key = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .klen = 16,
+ .iv = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d",
+ .assoc = "\x03\x14\x5f\xaf\x8d\xa8\xe7\xe2"
+ "\x6b\xde\xde\x3e\xb3\x10\xb1\xcf"
+ "\x5c\x2d\x14\x96\x01\x78\xb9\x47"
+ "\xa1\x44\x19\x06\x5d\xbb\x2e\x2f",
+ .alen = 32,
+ .input = "",
+ .ilen = 0,
+ .result = "\x6a\xf8\x8d\x9c\x42\x75\x35\x79"
+ "\xc1\x96\xbd\x31\x6e\x69\x1b\x50",
+ .rlen = 16,
+ }, {
+ .key = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .klen = 16,
+ .iv = "\x31\x6f\x0b\xe6\x59\x85\xe6\x77"
+ "\xcc\x81\x63\xab\xae\x6b\x43\x54",
+ .assoc = "\x40",
+ .alen = 1,
+ .input = "\x4f",
+ .ilen = 1,
+ .result = "\x01\x24\xb1\xba\xf6\xd3\xdf\x83"
+ "\x70\x45\xe3\x2a\x9d\x5c\x63\x98"
+ "\x39",
+ .rlen = 17,
+ }, {
+ .key = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .klen = 16,
+ .iv = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a",
+ .assoc = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .alen = 15,
+ .input = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67",
+ .ilen = 15,
+ .result = "\x18\x78\xc2\x6e\xe1\xf7\xe6\x8a"
+ "\xca\x0e\x62\x00\xa8\x21\xb5\x21"
+ "\x3d\x36\xdb\xf7\xcc\x31\x94\x9c"
+ "\x98\xbd\x71\x7a\xef\xa4\xfa",
+ .rlen = 31,
+ }, {
+ .key = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .klen = 16,
+ .iv = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60",
+ .assoc = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .alen = 16,
+ .input = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .ilen = 16,
+ .result = "\xea\xd1\x81\x75\xb4\x13\x1d\x86"
+ "\xd4\x17\x26\xe5\xd6\x89\x39\x04"
+ "\xa9\x6c\xca\xac\x40\x73\xb2\x4c"
+ "\x9c\xb9\x0e\x79\x4c\x40\x65\xc6",
+ .rlen = 32,
+ }, {
+ .key = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .klen = 16,
+ .iv = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66",
+ .assoc = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .alen = 17,
+ .input = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69"
+ "\xd0",
+ .ilen = 17,
+ .result = "\xf4\xb2\x84\xd1\x81\xfa\x98\x1c"
+ "\x38\x2d\x69\x90\x1c\x71\x38\x98"
+ "\x9f\xe1\x19\x3b\x63\x91\xaf\x6e"
+ "\x4b\x07\x2c\xac\x53\xc5\xd5\xfe"
+ "\x93",
+ .rlen = 33,
+ }, {
+ .key = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .klen = 16,
+ .iv = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d",
+ .assoc = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .alen = 31,
+ .input = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70"
+ "\xfa\xa9\xd0\x4d\x5c\x40\x23\xcd"
+ "\x98\x34\xab\x37\x56\xae\x32",
+ .ilen = 31,
+ .result = "\xa0\xe7\x0a\x60\xe7\xb8\x8a\xdb"
+ "\x94\xd3\x93\xf2\x41\x86\x16\xdd"
+ "\x4c\xe8\xe7\xe0\x62\x48\x89\x40"
+ "\xc0\x49\x9b\x63\x32\xec\x8b\xdb"
+ "\xdc\xa6\xea\x2c\xc2\x7f\xf5\x04"
+ "\xcb\xe5\x47\xbb\xa7\xd1\x9d",
+ .rlen = 47,
+ }, {
+ .key = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .klen = 16,
+ .iv = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73",
+ .assoc = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .alen = 32,
+ .input = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76"
+ "\x24\x6b\xdc\xd1\x61\xe0\xa5\xe7"
+ "\x5a\x61\x8a\x0f\x30\x0d\xd1\xec",
+ .ilen = 32,
+ .result = "\x62\xdc\x2d\x68\x2d\x71\xbb\x33"
+ "\x13\xdf\xc0\x46\xf6\x61\x94\xa7"
+ "\x60\xd3\xd4\xca\xd9\xbe\x82\xf3"
+ "\xf1\x5b\xa0\xfa\x15\xba\xda\xea"
+ "\x87\x68\x47\x08\x5d\xdd\x83\xb0"
+ "\x60\xf4\x93\x20\xdf\x34\x8f\xea",
+ .rlen = 48,
+ }, {
+ .key = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .klen = 16,
+ .iv = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79",
+ .assoc = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d",
+ .alen = 33,
+ .input = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c"
+ "\x4f\x2e\xe8\x55\x66\x80\x27\x00"
+ "\x1b\x8f\x68\xe7\x0a\x6c\x71\xc3"
+ "\x21\x78\x55\x9d\x9c\x65\x7b\xcd"
+ "\x0a\x34\x97\xff\x47\x37\xb0\x2a"
+ "\x80\x0d\x19\x98\x33\xa9\x7a\xe3"
+ "\x2e\x4c\xc6\xf3\x8c\x88\x42\x01"
+ "\xbd",
+ .ilen = 65,
+ .result = "\x84\xc5\x21\xab\xe1\xeb\xbb\x6d"
+ "\xaa\x2a\xaf\xeb\x3b\x3b\x69\xe7"
+ "\x2c\x47\xef\x9d\xb7\x53\x36\xb7"
+ "\xb6\xf5\xe5\xa8\xc9\x9e\x02\xd7"
+ "\x83\x88\xc2\xbd\x2f\xf9\x10\xc0"
+ "\xf5\xa1\x6e\xd3\x97\x64\x82\xa3"
+ "\xfb\xda\x2c\xb1\x94\xa1\x58\x32"
+ "\xe8\xd4\x39\xfc\x9e\x26\xf9\xf1"
+ "\x61\xe6\xae\x07\xf2\xe0\xa7\x44"
+ "\x96\x28\x3b\xee\x6b\xc6\x16\x31"
+ "\x3f",
+ .rlen = 81,
+ }, {
+ .key = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .klen = 16,
+ .iv = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f",
+ .assoc = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .alen = 65,
+ .input = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82"
+ "\x79\xf0\xf3\xd9\x6c\x20\xa9\x1a"
+ "\xdc\xbc\x47\xc0\xe4\xcb\x10\x99"
+ "\x2f",
+ .ilen = 33,
+ .result = "\x8f\x23\x47\xfb\xf2\xac\x23\x83"
+ "\x77\x09\xac\x74\xef\xd2\x56\xae"
+ "\x20\x7b\x7b\xca\x45\x8e\xc8\xc2"
+ "\x50\xbd\xc7\x44\x1c\x54\x98\xd8"
+ "\x1f\xd0\x9a\x79\xaa\xf9\xe1\xb3"
+ "\xb4\x98\x5a\x9b\xe4\x4d\xbf\x4e"
+ "\x39",
+ .rlen = 49,
+ }, {
+ .key = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .klen = 16,
+ .iv = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85",
+ .assoc = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .alen = 16,
+ .input = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .ilen = 16,
+ .result = "\x42\xc3\x58\xfb\x29\xe2\x4a\x56"
+ "\xf1\xf5\xe1\x51\x55\x4b\x0a\x45"
+ "\x46\xb5\x8d\xac\xb6\x34\xd8\x8b"
+ "\xde\x20\x59\x77\xc1\x74\x90",
+ .rlen = 31,
+ }, {
+ .key = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .klen = 16,
+ .iv = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c",
+ .assoc = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .alen = 16,
+ .input = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .ilen = 16,
+ .result = "\xb2\xfb\xf6\x97\x69\x7a\xe9\xec"
+ "\xe2\x94\xa1\x8b\xa0\x2b\x60\x72"
+ "\x1d\x04\xdd\x6a\xef\x46\x8f\x68"
+ "\xe9\xe0\x17\x45\x70\x12",
+ .rlen = 30,
+ }, {
+ .key = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .klen = 16,
+ .iv = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92",
+ .assoc = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .alen = 16,
+ .input = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .ilen = 16,
+ .result = "\x47\xda\x54\x42\x51\x72\xc4\x8b"
+ "\xf5\x57\x0f\x2f\x49\x0e\x11\x3b"
+ "\x78\x93\xec\xfc\xf4\xff\xe1\x2d",
+ .rlen = 24,
+ },
+};
+
+/*
+ * AEGIS-128 test vectors - generated via reference implementation from
+ * SUPERCOP (https://bench.cr.yp.to/supercop.html):
+ *
+ * https://bench.cr.yp.to/supercop/supercop-20170228.tar.xz
+ * (see crypto_aead/aegis128/)
+ */
+static const struct aead_testvec aegis128_dec_tv_template[] = {
+ {
+ .key = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .klen = 16,
+ .iv = "\x1e\x92\x1c\xcf\x88\x3d\x54\x0d"
+ "\x40\x6d\x59\x48\xfc\x92\x61\x03",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x07\xa5\x11\xf2\x9d\x40\xb8\x6d"
+ "\xda\xb8\x12\x34\x4c\x53\xd9\x72",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .klen = 16,
+ .iv = "\x5a\xb7\x56\x6e\x98\xb9\xfd\x29"
+ "\xc1\x47\x0b\xda\xf6\xb6\x23\x09",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x9e\x78\x52\xae\xcb\x9e\xe4\xd3"
+ "\x9a\xd7\x5d\xd7\xaa\x9a\xe9\x5a"
+ "\xcc",
+ .ilen = 17,
+ .result = "\x79",
+ .rlen = 1,
+ }, {
+ .key = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .klen = 16,
+ .iv = "\x97\xdb\x90\x0e\xa8\x35\xa5\x45"
+ "\x42\x21\xbd\x6b\xf0\xda\xe6\x0f",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xc3\x80\x83\x04\x5f\xaa\x61\xc7"
+ "\xca\xdd\x6f\xac\x85\x08\xb5\x35"
+ "\x2b\xc2\x3e\x0b\x1b\x39\x37\x2b"
+ "\x7a\x21\x16\xb3\xe6\x67\x66",
+ .ilen = 31,
+ .result = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47",
+ .rlen = 15,
+ }, {
+ .key = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .klen = 16,
+ .iv = "\xd3\x00\xc9\xad\xb8\xb0\x4e\x61"
+ "\xc3\xfb\x6f\xfd\xea\xff\xa9\x15",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x23\x25\x30\xe5\x6a\xb6\x36\x7d"
+ "\x38\xfd\x3a\xd2\xc2\x58\xa9\x11"
+ "\x1e\xa8\x30\x9c\x16\xa4\xdb\x65"
+ "\x51\x10\x16\x27\x70\x9b\x64\x29",
+ .ilen = 32,
+ .result = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .rlen = 16,
+ }, {
+ .key = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .klen = 16,
+ .iv = "\x10\x25\x03\x4c\xc8\x2c\xf7\x7d"
+ "\x44\xd5\x21\x8e\xe4\x23\x6b\x1c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x2a\x8d\x56\x91\xc6\xf3\x56\xa5"
+ "\x1f\xf0\x89\x2e\x13\xad\xe6\xf6"
+ "\x46\x80\xb1\x0e\x18\x30\x40\x97"
+ "\x03\xdf\x64\x3c\xbe\x93\x9e\xc9"
+ "\x3b",
+ .ilen = 33,
+ .result = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f"
+ "\xd3",
+ .rlen = 17,
+ }, {
+ .key = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .klen = 16,
+ .iv = "\x4c\x49\x3d\xec\xd8\xa8\xa0\x98"
+ "\xc5\xb0\xd3\x1f\xde\x48\x2e\x22",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x4e\xf6\xfa\x13\xde\x43\x63\x4c"
+ "\xe2\x04\x3e\xe4\x85\x14\xb6\x3f"
+ "\xb1\x8f\x4c\xdb\x41\xa2\x14\x99"
+ "\xf5\x53\x0f\x73\x86\x7e\x97\xa1"
+ "\x4b\x56\x5b\x94\xce\xcd\x74\xcd"
+ "\x75\xc4\x53\x01\x89\x45\x59",
+ .ilen = 47,
+ .result = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25"
+ "\xfe\x8d\x45\x19\x1e\xc0\x0b\x99"
+ "\x88\x11\x39\x12\x1c\x3a\xbb",
+ .rlen = 31,
+ }, {
+ .key = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .klen = 16,
+ .iv = "\x89\x6e\x77\x8b\xe8\x23\x49\xb4"
+ "\x45\x8a\x85\xb1\xd8\x6c\xf1\x28",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa4\x9a\xb7\xfd\xa0\xd4\xd6\x47"
+ "\x95\xf4\x58\x38\x14\x83\x27\x01"
+ "\x4c\xed\x32\x2c\xf7\xd6\x31\xf7"
+ "\x38\x1b\x2c\xc9\xb6\x31\xce\xaa"
+ "\xa5\x3c\x1a\x18\x5c\xce\xb9\xdf"
+ "\x51\x52\x77\xf2\x5e\x85\x80\x41",
+ .ilen = 48,
+ .result = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b"
+ "\x28\x50\x51\x9d\x24\x60\x8d\xb3"
+ "\x49\x3e\x17\xea\xf6\x99\x5a\xdd",
+ .rlen = 32,
+ }, {
+ .key = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .klen = 16,
+ .iv = "\xc5\x93\xb0\x2a\xf8\x9f\xf1\xd0"
+ "\xc6\x64\x37\x42\xd2\x90\xb3\x2e",
+ .assoc = "\xd5",
+ .alen = 1,
+ .input = "\xfb\xd4\x83\x71\x9e\x63\xad\x60"
+ "\xb9\xf9\xeb\x34\x52\x49\xcf\xb7",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .klen = 16,
+ .iv = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34",
+ .assoc = "\x11\x81\x78\x32\x4d\xb9\x44\x73"
+ "\x68\x75\x16\xf8\xcb\x7e\xa7",
+ .alen = 15,
+ .input = "\x0c\xaf\x2e\x96\xf6\x97\x08\x71"
+ "\x7d\x3a\x84\xc4\x44\x57\x77\x7e",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .klen = 16,
+ .iv = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b",
+ .assoc = "\x4e\xa5\xb2\xd1\x5d\x35\xed\x8f"
+ "\xe8\x4f\xc8\x89\xc5\xa2\x69\xbc",
+ .alen = 16,
+ .input = "\xc7\x87\x09\x3b\xc7\x19\x74\x22"
+ "\x22\xa5\x67\x10\xb2\x36\xb3\x45",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .klen = 16,
+ .iv = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41",
+ .assoc = "\x8a\xca\xec\x70\x6d\xb1\x96\xab"
+ "\x69\x29\x7a\x1b\xbf\xc7\x2c\xc2"
+ "\x07",
+ .alen = 17,
+ .input = "\x02\xc6\x3b\x46\x65\xb2\xef\x91"
+ "\x31\xf0\x45\x48\x8a\x2a\xed\xe4",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .klen = 16,
+ .iv = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47",
+ .assoc = "\xc7\xef\x26\x10\x7d\x2c\x3f\xc6"
+ "\xea\x03\x2c\xac\xb9\xeb\xef\xc9"
+ "\x31\x6b\x08\x12\xfc\xd8\x37\x2d"
+ "\xe0\x17\x3a\x2e\x83\x5c\x8f",
+ .alen = 31,
+ .input = "\x20\x85\xa8\xd0\x91\x48\x85\xf3"
+ "\x5a\x16\xc0\x57\x68\x47\xdd\xcb",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .klen = 16,
+ .iv = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d",
+ .assoc = "\x03\x14\x5f\xaf\x8d\xa8\xe7\xe2"
+ "\x6b\xde\xde\x3e\xb3\x10\xb1\xcf"
+ "\x5c\x2d\x14\x96\x01\x78\xb9\x47"
+ "\xa1\x44\x19\x06\x5d\xbb\x2e\x2f",
+ .alen = 32,
+ .input = "\x6a\xf8\x8d\x9c\x42\x75\x35\x79"
+ "\xc1\x96\xbd\x31\x6e\x69\x1b\x50",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .klen = 16,
+ .iv = "\x31\x6f\x0b\xe6\x59\x85\xe6\x77"
+ "\xcc\x81\x63\xab\xae\x6b\x43\x54",
+ .assoc = "\x40",
+ .alen = 1,
+ .input = "\x01\x24\xb1\xba\xf6\xd3\xdf\x83"
+ "\x70\x45\xe3\x2a\x9d\x5c\x63\x98"
+ "\x39",
+ .ilen = 17,
+ .result = "\x4f",
+ .rlen = 1,
+ }, {
+ .key = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .klen = 16,
+ .iv = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a",
+ .assoc = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .alen = 15,
+ .input = "\x18\x78\xc2\x6e\xe1\xf7\xe6\x8a"
+ "\xca\x0e\x62\x00\xa8\x21\xb5\x21"
+ "\x3d\x36\xdb\xf7\xcc\x31\x94\x9c"
+ "\x98\xbd\x71\x7a\xef\xa4\xfa",
+ .ilen = 31,
+ .result = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67",
+ .rlen = 15,
+ }, {
+ .key = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .klen = 16,
+ .iv = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60",
+ .assoc = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .alen = 16,
+ .input = "\xea\xd1\x81\x75\xb4\x13\x1d\x86"
+ "\xd4\x17\x26\xe5\xd6\x89\x39\x04"
+ "\xa9\x6c\xca\xac\x40\x73\xb2\x4c"
+ "\x9c\xb9\x0e\x79\x4c\x40\x65\xc6",
+ .ilen = 32,
+ .result = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .rlen = 16,
+ }, {
+ .key = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .klen = 16,
+ .iv = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66",
+ .assoc = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .alen = 17,
+ .input = "\xf4\xb2\x84\xd1\x81\xfa\x98\x1c"
+ "\x38\x2d\x69\x90\x1c\x71\x38\x98"
+ "\x9f\xe1\x19\x3b\x63\x91\xaf\x6e"
+ "\x4b\x07\x2c\xac\x53\xc5\xd5\xfe"
+ "\x93",
+ .ilen = 33,
+ .result = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69"
+ "\xd0",
+ .rlen = 17,
+ }, {
+ .key = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .klen = 16,
+ .iv = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d",
+ .assoc = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .alen = 31,
+ .input = "\xa0\xe7\x0a\x60\xe7\xb8\x8a\xdb"
+ "\x94\xd3\x93\xf2\x41\x86\x16\xdd"
+ "\x4c\xe8\xe7\xe0\x62\x48\x89\x40"
+ "\xc0\x49\x9b\x63\x32\xec\x8b\xdb"
+ "\xdc\xa6\xea\x2c\xc2\x7f\xf5\x04"
+ "\xcb\xe5\x47\xbb\xa7\xd1\x9d",
+ .ilen = 47,
+ .result = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70"
+ "\xfa\xa9\xd0\x4d\x5c\x40\x23\xcd"
+ "\x98\x34\xab\x37\x56\xae\x32",
+ .rlen = 31,
+ }, {
+ .key = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .klen = 16,
+ .iv = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73",
+ .assoc = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .alen = 32,
+ .input = "\x62\xdc\x2d\x68\x2d\x71\xbb\x33"
+ "\x13\xdf\xc0\x46\xf6\x61\x94\xa7"
+ "\x60\xd3\xd4\xca\xd9\xbe\x82\xf3"
+ "\xf1\x5b\xa0\xfa\x15\xba\xda\xea"
+ "\x87\x68\x47\x08\x5d\xdd\x83\xb0"
+ "\x60\xf4\x93\x20\xdf\x34\x8f\xea",
+ .ilen = 48,
+ .result = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76"
+ "\x24\x6b\xdc\xd1\x61\xe0\xa5\xe7"
+ "\x5a\x61\x8a\x0f\x30\x0d\xd1\xec",
+ .rlen = 32,
+ }, {
+ .key = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .klen = 16,
+ .iv = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79",
+ .assoc = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d",
+ .alen = 33,
+ .input = "\x84\xc5\x21\xab\xe1\xeb\xbb\x6d"
+ "\xaa\x2a\xaf\xeb\x3b\x3b\x69\xe7"
+ "\x2c\x47\xef\x9d\xb7\x53\x36\xb7"
+ "\xb6\xf5\xe5\xa8\xc9\x9e\x02\xd7"
+ "\x83\x88\xc2\xbd\x2f\xf9\x10\xc0"
+ "\xf5\xa1\x6e\xd3\x97\x64\x82\xa3"
+ "\xfb\xda\x2c\xb1\x94\xa1\x58\x32"
+ "\xe8\xd4\x39\xfc\x9e\x26\xf9\xf1"
+ "\x61\xe6\xae\x07\xf2\xe0\xa7\x44"
+ "\x96\x28\x3b\xee\x6b\xc6\x16\x31"
+ "\x3f",
+ .ilen = 81,
+ .result = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c"
+ "\x4f\x2e\xe8\x55\x66\x80\x27\x00"
+ "\x1b\x8f\x68\xe7\x0a\x6c\x71\xc3"
+ "\x21\x78\x55\x9d\x9c\x65\x7b\xcd"
+ "\x0a\x34\x97\xff\x47\x37\xb0\x2a"
+ "\x80\x0d\x19\x98\x33\xa9\x7a\xe3"
+ "\x2e\x4c\xc6\xf3\x8c\x88\x42\x01"
+ "\xbd",
+ .rlen = 65,
+ }, {
+ .key = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .klen = 16,
+ .iv = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f",
+ .assoc = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .alen = 65,
+ .input = "\x8f\x23\x47\xfb\xf2\xac\x23\x83"
+ "\x77\x09\xac\x74\xef\xd2\x56\xae"
+ "\x20\x7b\x7b\xca\x45\x8e\xc8\xc2"
+ "\x50\xbd\xc7\x44\x1c\x54\x98\xd8"
+ "\x1f\xd0\x9a\x79\xaa\xf9\xe1\xb3"
+ "\xb4\x98\x5a\x9b\xe4\x4d\xbf\x4e"
+ "\x39",
+ .ilen = 49,
+ .result = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82"
+ "\x79\xf0\xf3\xd9\x6c\x20\xa9\x1a"
+ "\xdc\xbc\x47\xc0\xe4\xcb\x10\x99"
+ "\x2f",
+ .rlen = 33,
+ }, {
+ .key = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .klen = 16,
+ .iv = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85",
+ .assoc = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .alen = 16,
+ .input = "\x42\xc3\x58\xfb\x29\xe2\x4a\x56"
+ "\xf1\xf5\xe1\x51\x55\x4b\x0a\x45"
+ "\x46\xb5\x8d\xac\xb6\x34\xd8\x8b"
+ "\xde\x20\x59\x77\xc1\x74\x90",
+ .ilen = 31,
+ .result = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .rlen = 16,
+ }, {
+ .key = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .klen = 16,
+ .iv = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c",
+ .assoc = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .alen = 16,
+ .input = "\xb2\xfb\xf6\x97\x69\x7a\xe9\xec"
+ "\xe2\x94\xa1\x8b\xa0\x2b\x60\x72"
+ "\x1d\x04\xdd\x6a\xef\x46\x8f\x68"
+ "\xe9\xe0\x17\x45\x70\x12",
+ .ilen = 30,
+ .result = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .rlen = 16,
+ }, {
+ .key = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .klen = 16,
+ .iv = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92",
+ .assoc = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .alen = 16,
+ .input = "\x47\xda\x54\x42\x51\x72\xc4\x8b"
+ "\xf5\x57\x0f\x2f\x49\x0e\x11\x3b"
+ "\x78\x93\xec\xfc\xf4\xff\xe1\x2d",
+ .ilen = 24,
+ .result = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .rlen = 16,
+ },
+};
+
+/*
+ * AEGIS-128L test vectors - generated via reference implementation from
+ * SUPERCOP (https://bench.cr.yp.to/supercop.html):
+ *
+ * https://bench.cr.yp.to/supercop/supercop-20170228.tar.xz
+ * (see crypto_aead/aegis128l/)
+ */
+static const struct aead_testvec aegis128l_enc_tv_template[] = {
+ {
+ .key = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .klen = 16,
+ .iv = "\x1e\x92\x1c\xcf\x88\x3d\x54\x0d"
+ "\x40\x6d\x59\x48\xfc\x92\x61\x03",
+ .assoc = "",
+ .alen = 0,
+ .input = "",
+ .ilen = 0,
+ .result = "\x30\x4f\xf3\xe9\xb1\xfa\x81\xa6"
+ "\x20\x72\x78\xdd\x93\xc8\x57\xef",
+ .rlen = 16,
+ }, {
+ .key = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .klen = 16,
+ .iv = "\x5a\xb7\x56\x6e\x98\xb9\xfd\x29"
+ "\xc1\x47\x0b\xda\xf6\xb6\x23\x09",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x79",
+ .ilen = 1,
+ .result = "\xa9\x24\xa0\xb6\x2d\xdd\x29\xdb"
+ "\x40\xb3\x71\xc5\x22\x58\x31\x77"
+ "\x6d",
+ .rlen = 17,
+ }, {
+ .key = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .klen = 16,
+ .iv = "\x97\xdb\x90\x0e\xa8\x35\xa5\x45"
+ "\x42\x21\xbd\x6b\xf0\xda\xe6\x0f",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47",
+ .ilen = 15,
+ .result = "\xbb\x0a\x53\xc4\xaa\x7e\xa4\x03"
+ "\x2b\xee\x62\x99\x7b\x98\x13\x1f"
+ "\xe0\x76\x4c\x2e\x53\x99\x4f\xbe"
+ "\xe1\xa8\x04\x7f\xe1\x71\xbe",
+ .rlen = 31,
+ }, {
+ .key = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .klen = 16,
+ .iv = "\xd3\x00\xc9\xad\xb8\xb0\x4e\x61"
+ "\xc3\xfb\x6f\xfd\xea\xff\xa9\x15",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .ilen = 16,
+ .result = "\x66\xdf\x6e\x71\xc0\x6e\xa4\x4c"
+ "\x9d\xb7\x8c\x9a\xdb\x1f\xd2\x2e"
+ "\x23\xb6\xa4\xfb\xd3\x86\xdd\xbb"
+ "\xde\x54\x9b\xf5\x92\x8b\x93\xc5",
+ .rlen = 32,
+ }, {
+ .key = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .klen = 16,
+ .iv = "\x10\x25\x03\x4c\xc8\x2c\xf7\x7d"
+ "\x44\xd5\x21\x8e\xe4\x23\x6b\x1c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f"
+ "\xd3",
+ .ilen = 17,
+ .result = "\x4f\xc3\x69\xb6\xd3\xa4\x64\x8b"
+ "\x71\xc3\x8a\x91\x22\x4f\x1b\xd2"
+ "\x33\x6d\x86\xbc\xf8\x2f\x06\xf9"
+ "\x82\x64\xc7\x72\x00\x30\xfc\xf0"
+ "\xf8",
+ .rlen = 33,
+ }, {
+ .key = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .klen = 16,
+ .iv = "\x4c\x49\x3d\xec\xd8\xa8\xa0\x98"
+ "\xc5\xb0\xd3\x1f\xde\x48\x2e\x22",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25"
+ "\xfe\x8d\x45\x19\x1e\xc0\x0b\x99"
+ "\x88\x11\x39\x12\x1c\x3a\xbb",
+ .ilen = 31,
+ .result = "\xe3\x93\x15\xae\x5f\x9d\x3c\xb5"
+ "\xd6\x9d\xee\xee\xcf\xaa\xaf\xe1"
+ "\x45\x10\x96\xe0\xbf\x55\x0f\x4c"
+ "\x1a\xfd\xf4\xda\x4e\x10\xde\xc9"
+ "\x0e\x6f\xc7\x3c\x49\x94\x41\xfc"
+ "\x59\x28\x88\x3c\x79\x10\x6b",
+ .rlen = 47,
+ }, {
+ .key = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .klen = 16,
+ .iv = "\x89\x6e\x77\x8b\xe8\x23\x49\xb4"
+ "\x45\x8a\x85\xb1\xd8\x6c\xf1\x28",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b"
+ "\x28\x50\x51\x9d\x24\x60\x8d\xb3"
+ "\x49\x3e\x17\xea\xf6\x99\x5a\xdd",
+ .ilen = 32,
+ .result = "\x1c\x8e\x22\x34\xfd\xab\xe6\x0d"
+ "\x1c\x9f\x06\x54\x8b\x0b\xb4\x40"
+ "\xde\x11\x59\x3e\xfd\x74\xf6\x42"
+ "\x97\x17\xf7\x24\xb6\x7e\xc4\xc6"
+ "\x06\xa3\x94\xda\x3d\x7f\x55\x0a"
+ "\x92\x07\x2f\xa6\xf3\x6b\x2c\xfc",
+ .rlen = 48,
+ }, {
+ .key = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .klen = 16,
+ .iv = "\xc5\x93\xb0\x2a\xf8\x9f\xf1\xd0"
+ "\xc6\x64\x37\x42\xd2\x90\xb3\x2e",
+ .assoc = "\xd5",
+ .alen = 1,
+ .input = "",
+ .ilen = 0,
+ .result = "\xa0\x2a\xb4\x9a\x91\x00\x15\xb8"
+ "\x0f\x9a\x15\x60\x0e\x9b\x13\x8f",
+ .rlen = 16,
+ }, {
+ .key = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .klen = 16,
+ .iv = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34",
+ .assoc = "\x11\x81\x78\x32\x4d\xb9\x44\x73"
+ "\x68\x75\x16\xf8\xcb\x7e\xa7",
+ .alen = 15,
+ .input = "",
+ .ilen = 0,
+ .result = "\x4c\x26\xad\x9c\x14\xfd\x9c\x8c"
+ "\x84\xfb\x26\xfb\xd5\xca\x62\x39",
+ .rlen = 16,
+ }, {
+ .key = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .klen = 16,
+ .iv = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b",
+ .assoc = "\x4e\xa5\xb2\xd1\x5d\x35\xed\x8f"
+ "\xe8\x4f\xc8\x89\xc5\xa2\x69\xbc",
+ .alen = 16,
+ .input = "",
+ .ilen = 0,
+ .result = "\x45\x85\x0e\x0f\xf4\xae\x96\xa1"
+ "\x99\x4d\x6d\xb4\x67\x32\xb0\x3a",
+ .rlen = 16,
+ }, {
+ .key = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .klen = 16,
+ .iv = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41",
+ .assoc = "\x8a\xca\xec\x70\x6d\xb1\x96\xab"
+ "\x69\x29\x7a\x1b\xbf\xc7\x2c\xc2"
+ "\x07",
+ .alen = 17,
+ .input = "",
+ .ilen = 0,
+ .result = "\x33\xb1\x42\x97\x8e\x16\x7b\x63"
+ "\x06\xba\x5b\xcb\xae\x6d\x8b\x56",
+ .rlen = 16,
+ }, {
+ .key = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .klen = 16,
+ .iv = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47",
+ .assoc = "\xc7\xef\x26\x10\x7d\x2c\x3f\xc6"
+ "\xea\x03\x2c\xac\xb9\xeb\xef\xc9"
+ "\x31\x6b\x08\x12\xfc\xd8\x37\x2d"
+ "\xe0\x17\x3a\x2e\x83\x5c\x8f",
+ .alen = 31,
+ .input = "",
+ .ilen = 0,
+ .result = "\xda\x44\x08\x8c\x2a\xa5\x07\x35"
+ "\x0b\x54\x4e\x6d\xe3\xfd\xc4\x5f",
+ .rlen = 16,
+ }, {
+ .key = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .klen = 16,
+ .iv = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d",
+ .assoc = "\x03\x14\x5f\xaf\x8d\xa8\xe7\xe2"
+ "\x6b\xde\xde\x3e\xb3\x10\xb1\xcf"
+ "\x5c\x2d\x14\x96\x01\x78\xb9\x47"
+ "\xa1\x44\x19\x06\x5d\xbb\x2e\x2f",
+ .alen = 32,
+ .input = "",
+ .ilen = 0,
+ .result = "\x1b\xb1\xf1\xa8\x9e\xc2\xb2\x88"
+ "\x40\x7f\x7b\x19\x7a\x52\x8c\xf0",
+ .rlen = 16,
+ }, {
+ .key = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .klen = 16,
+ .iv = "\x31\x6f\x0b\xe6\x59\x85\xe6\x77"
+ "\xcc\x81\x63\xab\xae\x6b\x43\x54",
+ .assoc = "\x40",
+ .alen = 1,
+ .input = "\x4f",
+ .ilen = 1,
+ .result = "\x6e\xc8\xfb\x15\x9d\x98\x49\xc9"
+ "\xa0\x98\x09\x85\xbe\x56\x8e\x79"
+ "\xf4",
+ .rlen = 17,
+ }, {
+ .key = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .klen = 16,
+ .iv = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a",
+ .assoc = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .alen = 15,
+ .input = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67",
+ .ilen = 15,
+ .result = "\x99\x2e\x84\x50\x64\x5c\xab\x29"
+ "\x20\xba\xb9\x2f\x62\x3a\xce\x2a"
+ "\x75\x25\x3b\xe3\x40\xe0\x1d\xfc"
+ "\x20\x63\x0b\x49\x7e\x97\x08",
+ .rlen = 31,
+ }, {
+ .key = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .klen = 16,
+ .iv = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60",
+ .assoc = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .alen = 16,
+ .input = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .ilen = 16,
+ .result = "\xd9\x8e\xfd\x50\x8f\x02\x9f\xee"
+ "\x78\x08\x12\xec\x09\xaf\x53\x14"
+ "\x90\x3e\x3d\x76\xad\x71\x21\x08"
+ "\x77\xe5\x4b\x15\xc2\xe6\xbc\xdb",
+ .rlen = 32,
+ }, {
+ .key = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .klen = 16,
+ .iv = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66",
+ .assoc = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .alen = 17,
+ .input = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69"
+ "\xd0",
+ .ilen = 17,
+ .result = "\xf3\xe7\x95\x86\xcf\x34\x95\x96"
+ "\x17\xfe\x1b\xae\x1b\x31\xf2\x1a"
+ "\xbd\xbc\xc9\x4e\x11\x29\x09\x5c"
+ "\x05\xd3\xb4\x2e\x4a\x74\x59\x49"
+ "\x7d",
+ .rlen = 33,
+ }, {
+ .key = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .klen = 16,
+ .iv = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d",
+ .assoc = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .alen = 31,
+ .input = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70"
+ "\xfa\xa9\xd0\x4d\x5c\x40\x23\xcd"
+ "\x98\x34\xab\x37\x56\xae\x32",
+ .ilen = 31,
+ .result = "\x06\x96\xb2\xbf\x63\xf4\x1e\x24"
+ "\x0d\x19\x15\x61\x65\x3b\x06\x26"
+ "\x71\xe8\x7e\x16\xdb\x96\x01\x01"
+ "\x52\xcd\x49\x5b\x07\x33\x4e\xe7"
+ "\xaa\x91\xf5\xd5\xc6\xfe\x41\xb5"
+ "\xed\x90\xce\xb9\xcd\xcc\xa1",
+ .rlen = 47,
+ }, {
+ .key = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .klen = 16,
+ .iv = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73",
+ .assoc = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .alen = 32,
+ .input = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76"
+ "\x24\x6b\xdc\xd1\x61\xe0\xa5\xe7"
+ "\x5a\x61\x8a\x0f\x30\x0d\xd1\xec",
+ .ilen = 32,
+ .result = "\xf9\xd7\xee\x17\xfd\x24\xcd\xf1"
+ "\xbc\x0f\x35\x97\x97\x0c\x4b\x18"
+ "\xce\x58\xc8\x3b\xd4\x85\x93\x79"
+ "\xcc\x9c\xea\xc1\x73\x13\x0b\x4c"
+ "\xcc\x6f\x28\xf8\xa4\x4e\xb8\x56"
+ "\x64\x4e\x47\xce\xb2\xb4\x92\xb4",
+ .rlen = 48,
+ }, {
+ .key = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .klen = 16,
+ .iv = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79",
+ .assoc = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d",
+ .alen = 33,
+ .input = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c"
+ "\x4f\x2e\xe8\x55\x66\x80\x27\x00"
+ "\x1b\x8f\x68\xe7\x0a\x6c\x71\xc3"
+ "\x21\x78\x55\x9d\x9c\x65\x7b\xcd"
+ "\x0a\x34\x97\xff\x47\x37\xb0\x2a"
+ "\x80\x0d\x19\x98\x33\xa9\x7a\xe3"
+ "\x2e\x4c\xc6\xf3\x8c\x88\x42\x01"
+ "\xbd",
+ .ilen = 65,
+ .result = "\x58\xfa\x3a\x3d\xd9\x88\x63\xe8"
+ "\xc5\x78\x50\x8b\x4a\xc9\xdf\x7f"
+ "\x4b\xfa\xc8\x2e\x67\x43\xf3\x63"
+ "\x42\x8e\x99\x5a\x9c\x0b\x84\x77"
+ "\xbc\x46\x76\x48\x82\xc7\x57\x96"
+ "\xe1\x65\xd1\xed\x1d\xdd\x80\x24"
+ "\xa6\x4d\xa9\xf1\x53\x8b\x5e\x0e"
+ "\x26\xb9\xcc\x37\xe5\x43\xe1\x5a"
+ "\x8a\xd6\x8c\x5a\xe4\x95\xd1\x8d"
+ "\xf7\x33\x64\xc1\xd3\xf2\xfc\x35"
+ "\x01",
+ .rlen = 81,
+ }, {
+ .key = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .klen = 16,
+ .iv = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f",
+ .assoc = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .alen = 65,
+ .input = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82"
+ "\x79\xf0\xf3\xd9\x6c\x20\xa9\x1a"
+ "\xdc\xbc\x47\xc0\xe4\xcb\x10\x99"
+ "\x2f",
+ .ilen = 33,
+ .result = "\x4c\xa9\xac\x71\xed\x10\xa6\x24"
+ "\xb7\xa7\xdf\x8b\xf5\xc2\x41\xcb"
+ "\x05\xc9\xd6\x97\xb6\x10\x7f\x17"
+ "\xc2\xc0\x93\xcf\xe0\x94\xfd\x99"
+ "\xf2\x62\x25\x28\x01\x23\x6f\x8b"
+ "\x04\x52\xbc\xb0\x3e\x66\x52\x90"
+ "\x9f",
+ .rlen = 49,
+ }, {
+ .key = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .klen = 16,
+ .iv = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85",
+ .assoc = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .alen = 16,
+ .input = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .ilen = 16,
+ .result = "\x6d\xed\x04\x7a\x2f\x0c\x30\xa5"
+ "\x96\xe6\x97\xe4\x10\xeb\x40\x95"
+ "\xc5\x9a\xdf\x31\xd5\xa5\xa6\xec"
+ "\x05\xa8\x31\x50\x11\x19\x44",
+ .rlen = 31,
+ }, {
+ .key = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .klen = 16,
+ .iv = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c",
+ .assoc = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .alen = 16,
+ .input = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .ilen = 16,
+ .result = "\x30\x95\x7d\xea\xdc\x62\xc0\x88"
+ "\xa1\xe3\x8d\x8c\xac\x04\x10\xa7"
+ "\xfa\xfa\x07\xbd\xa0\xf0\x36\xeb"
+ "\x21\x93\x2e\x31\x84\x83",
+ .rlen = 30,
+ }, {
+ .key = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .klen = 16,
+ .iv = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92",
+ .assoc = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .alen = 16,
+ .input = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .ilen = 16,
+ .result = "\x93\xcd\xee\xd4\xcb\x9d\x8d\x16"
+ "\x63\x0d\x43\xd5\x49\xca\xa8\x85"
+ "\x49\xc0\xae\x13\xbc\x26\x1d\x4b",
+ .rlen = 24,
+ },
+};
+
+static const struct aead_testvec aegis128l_dec_tv_template[] = {
+ {
+ .key = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .klen = 16,
+ .iv = "\x1e\x92\x1c\xcf\x88\x3d\x54\x0d"
+ "\x40\x6d\x59\x48\xfc\x92\x61\x03",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x30\x4f\xf3\xe9\xb1\xfa\x81\xa6"
+ "\x20\x72\x78\xdd\x93\xc8\x57\xef",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .klen = 16,
+ .iv = "\x5a\xb7\x56\x6e\x98\xb9\xfd\x29"
+ "\xc1\x47\x0b\xda\xf6\xb6\x23\x09",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa9\x24\xa0\xb6\x2d\xdd\x29\xdb"
+ "\x40\xb3\x71\xc5\x22\x58\x31\x77"
+ "\x6d",
+ .ilen = 17,
+ .result = "\x79",
+ .rlen = 1,
+ }, {
+ .key = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .klen = 16,
+ .iv = "\x97\xdb\x90\x0e\xa8\x35\xa5\x45"
+ "\x42\x21\xbd\x6b\xf0\xda\xe6\x0f",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xbb\x0a\x53\xc4\xaa\x7e\xa4\x03"
+ "\x2b\xee\x62\x99\x7b\x98\x13\x1f"
+ "\xe0\x76\x4c\x2e\x53\x99\x4f\xbe"
+ "\xe1\xa8\x04\x7f\xe1\x71\xbe",
+ .ilen = 31,
+ .result = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47",
+ .rlen = 15,
+ }, {
+ .key = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .klen = 16,
+ .iv = "\xd3\x00\xc9\xad\xb8\xb0\x4e\x61"
+ "\xc3\xfb\x6f\xfd\xea\xff\xa9\x15",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x66\xdf\x6e\x71\xc0\x6e\xa4\x4c"
+ "\x9d\xb7\x8c\x9a\xdb\x1f\xd2\x2e"
+ "\x23\xb6\xa4\xfb\xd3\x86\xdd\xbb"
+ "\xde\x54\x9b\xf5\x92\x8b\x93\xc5",
+ .ilen = 32,
+ .result = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .rlen = 16,
+ }, {
+ .key = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .klen = 16,
+ .iv = "\x10\x25\x03\x4c\xc8\x2c\xf7\x7d"
+ "\x44\xd5\x21\x8e\xe4\x23\x6b\x1c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x4f\xc3\x69\xb6\xd3\xa4\x64\x8b"
+ "\x71\xc3\x8a\x91\x22\x4f\x1b\xd2"
+ "\x33\x6d\x86\xbc\xf8\x2f\x06\xf9"
+ "\x82\x64\xc7\x72\x00\x30\xfc\xf0"
+ "\xf8",
+ .ilen = 33,
+ .result = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f"
+ "\xd3",
+ .rlen = 17,
+ }, {
+ .key = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .klen = 16,
+ .iv = "\x4c\x49\x3d\xec\xd8\xa8\xa0\x98"
+ "\xc5\xb0\xd3\x1f\xde\x48\x2e\x22",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xe3\x93\x15\xae\x5f\x9d\x3c\xb5"
+ "\xd6\x9d\xee\xee\xcf\xaa\xaf\xe1"
+ "\x45\x10\x96\xe0\xbf\x55\x0f\x4c"
+ "\x1a\xfd\xf4\xda\x4e\x10\xde\xc9"
+ "\x0e\x6f\xc7\x3c\x49\x94\x41\xfc"
+ "\x59\x28\x88\x3c\x79\x10\x6b",
+ .ilen = 47,
+ .result = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25"
+ "\xfe\x8d\x45\x19\x1e\xc0\x0b\x99"
+ "\x88\x11\x39\x12\x1c\x3a\xbb",
+ .rlen = 31,
+ }, {
+ .key = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .klen = 16,
+ .iv = "\x89\x6e\x77\x8b\xe8\x23\x49\xb4"
+ "\x45\x8a\x85\xb1\xd8\x6c\xf1\x28",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x1c\x8e\x22\x34\xfd\xab\xe6\x0d"
+ "\x1c\x9f\x06\x54\x8b\x0b\xb4\x40"
+ "\xde\x11\x59\x3e\xfd\x74\xf6\x42"
+ "\x97\x17\xf7\x24\xb6\x7e\xc4\xc6"
+ "\x06\xa3\x94\xda\x3d\x7f\x55\x0a"
+ "\x92\x07\x2f\xa6\xf3\x6b\x2c\xfc",
+ .ilen = 48,
+ .result = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b"
+ "\x28\x50\x51\x9d\x24\x60\x8d\xb3"
+ "\x49\x3e\x17\xea\xf6\x99\x5a\xdd",
+ .rlen = 32,
+ }, {
+ .key = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .klen = 16,
+ .iv = "\xc5\x93\xb0\x2a\xf8\x9f\xf1\xd0"
+ "\xc6\x64\x37\x42\xd2\x90\xb3\x2e",
+ .assoc = "\xd5",
+ .alen = 1,
+ .input = "\xa0\x2a\xb4\x9a\x91\x00\x15\xb8"
+ "\x0f\x9a\x15\x60\x0e\x9b\x13\x8f",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .klen = 16,
+ .iv = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34",
+ .assoc = "\x11\x81\x78\x32\x4d\xb9\x44\x73"
+ "\x68\x75\x16\xf8\xcb\x7e\xa7",
+ .alen = 15,
+ .input = "\x4c\x26\xad\x9c\x14\xfd\x9c\x8c"
+ "\x84\xfb\x26\xfb\xd5\xca\x62\x39",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .klen = 16,
+ .iv = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b",
+ .assoc = "\x4e\xa5\xb2\xd1\x5d\x35\xed\x8f"
+ "\xe8\x4f\xc8\x89\xc5\xa2\x69\xbc",
+ .alen = 16,
+ .input = "\x45\x85\x0e\x0f\xf4\xae\x96\xa1"
+ "\x99\x4d\x6d\xb4\x67\x32\xb0\x3a",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .klen = 16,
+ .iv = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41",
+ .assoc = "\x8a\xca\xec\x70\x6d\xb1\x96\xab"
+ "\x69\x29\x7a\x1b\xbf\xc7\x2c\xc2"
+ "\x07",
+ .alen = 17,
+ .input = "\x33\xb1\x42\x97\x8e\x16\x7b\x63"
+ "\x06\xba\x5b\xcb\xae\x6d\x8b\x56",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .klen = 16,
+ .iv = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47",
+ .assoc = "\xc7\xef\x26\x10\x7d\x2c\x3f\xc6"
+ "\xea\x03\x2c\xac\xb9\xeb\xef\xc9"
+ "\x31\x6b\x08\x12\xfc\xd8\x37\x2d"
+ "\xe0\x17\x3a\x2e\x83\x5c\x8f",
+ .alen = 31,
+ .input = "\xda\x44\x08\x8c\x2a\xa5\x07\x35"
+ "\x0b\x54\x4e\x6d\xe3\xfd\xc4\x5f",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .klen = 16,
+ .iv = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d",
+ .assoc = "\x03\x14\x5f\xaf\x8d\xa8\xe7\xe2"
+ "\x6b\xde\xde\x3e\xb3\x10\xb1\xcf"
+ "\x5c\x2d\x14\x96\x01\x78\xb9\x47"
+ "\xa1\x44\x19\x06\x5d\xbb\x2e\x2f",
+ .alen = 32,
+ .input = "\x1b\xb1\xf1\xa8\x9e\xc2\xb2\x88"
+ "\x40\x7f\x7b\x19\x7a\x52\x8c\xf0",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .klen = 16,
+ .iv = "\x31\x6f\x0b\xe6\x59\x85\xe6\x77"
+ "\xcc\x81\x63\xab\xae\x6b\x43\x54",
+ .assoc = "\x40",
+ .alen = 1,
+ .input = "\x6e\xc8\xfb\x15\x9d\x98\x49\xc9"
+ "\xa0\x98\x09\x85\xbe\x56\x8e\x79"
+ "\xf4",
+ .ilen = 17,
+ .result = "\x4f",
+ .rlen = 1,
+ }, {
+ .key = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .klen = 16,
+ .iv = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a",
+ .assoc = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .alen = 15,
+ .input = "\x99\x2e\x84\x50\x64\x5c\xab\x29"
+ "\x20\xba\xb9\x2f\x62\x3a\xce\x2a"
+ "\x75\x25\x3b\xe3\x40\xe0\x1d\xfc"
+ "\x20\x63\x0b\x49\x7e\x97\x08",
+ .ilen = 31,
+ .result = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67",
+ .rlen = 15,
+ }, {
+ .key = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .klen = 16,
+ .iv = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60",
+ .assoc = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .alen = 16,
+ .input = "\xd9\x8e\xfd\x50\x8f\x02\x9f\xee"
+ "\x78\x08\x12\xec\x09\xaf\x53\x14"
+ "\x90\x3e\x3d\x76\xad\x71\x21\x08"
+ "\x77\xe5\x4b\x15\xc2\xe6\xbc\xdb",
+ .ilen = 32,
+ .result = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .rlen = 16,
+ }, {
+ .key = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .klen = 16,
+ .iv = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66",
+ .assoc = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .alen = 17,
+ .input = "\xf3\xe7\x95\x86\xcf\x34\x95\x96"
+ "\x17\xfe\x1b\xae\x1b\x31\xf2\x1a"
+ "\xbd\xbc\xc9\x4e\x11\x29\x09\x5c"
+ "\x05\xd3\xb4\x2e\x4a\x74\x59\x49"
+ "\x7d",
+ .ilen = 33,
+ .result = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69"
+ "\xd0",
+ .rlen = 17,
+ }, {
+ .key = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .klen = 16,
+ .iv = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d",
+ .assoc = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .alen = 31,
+ .input = "\x06\x96\xb2\xbf\x63\xf4\x1e\x24"
+ "\x0d\x19\x15\x61\x65\x3b\x06\x26"
+ "\x71\xe8\x7e\x16\xdb\x96\x01\x01"
+ "\x52\xcd\x49\x5b\x07\x33\x4e\xe7"
+ "\xaa\x91\xf5\xd5\xc6\xfe\x41\xb5"
+ "\xed\x90\xce\xb9\xcd\xcc\xa1",
+ .ilen = 47,
+ .result = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70"
+ "\xfa\xa9\xd0\x4d\x5c\x40\x23\xcd"
+ "\x98\x34\xab\x37\x56\xae\x32",
+ .rlen = 31,
+ }, {
+ .key = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .klen = 16,
+ .iv = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73",
+ .assoc = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .alen = 32,
+ .input = "\xf9\xd7\xee\x17\xfd\x24\xcd\xf1"
+ "\xbc\x0f\x35\x97\x97\x0c\x4b\x18"
+ "\xce\x58\xc8\x3b\xd4\x85\x93\x79"
+ "\xcc\x9c\xea\xc1\x73\x13\x0b\x4c"
+ "\xcc\x6f\x28\xf8\xa4\x4e\xb8\x56"
+ "\x64\x4e\x47\xce\xb2\xb4\x92\xb4",
+ .ilen = 48,
+ .result = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76"
+ "\x24\x6b\xdc\xd1\x61\xe0\xa5\xe7"
+ "\x5a\x61\x8a\x0f\x30\x0d\xd1\xec",
+ .rlen = 32,
+ }, {
+ .key = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .klen = 16,
+ .iv = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79",
+ .assoc = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d",
+ .alen = 33,
+ .input = "\x58\xfa\x3a\x3d\xd9\x88\x63\xe8"
+ "\xc5\x78\x50\x8b\x4a\xc9\xdf\x7f"
+ "\x4b\xfa\xc8\x2e\x67\x43\xf3\x63"
+ "\x42\x8e\x99\x5a\x9c\x0b\x84\x77"
+ "\xbc\x46\x76\x48\x82\xc7\x57\x96"
+ "\xe1\x65\xd1\xed\x1d\xdd\x80\x24"
+ "\xa6\x4d\xa9\xf1\x53\x8b\x5e\x0e"
+ "\x26\xb9\xcc\x37\xe5\x43\xe1\x5a"
+ "\x8a\xd6\x8c\x5a\xe4\x95\xd1\x8d"
+ "\xf7\x33\x64\xc1\xd3\xf2\xfc\x35"
+ "\x01",
+ .ilen = 81,
+ .result = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c"
+ "\x4f\x2e\xe8\x55\x66\x80\x27\x00"
+ "\x1b\x8f\x68\xe7\x0a\x6c\x71\xc3"
+ "\x21\x78\x55\x9d\x9c\x65\x7b\xcd"
+ "\x0a\x34\x97\xff\x47\x37\xb0\x2a"
+ "\x80\x0d\x19\x98\x33\xa9\x7a\xe3"
+ "\x2e\x4c\xc6\xf3\x8c\x88\x42\x01"
+ "\xbd",
+ .rlen = 65,
+ }, {
+ .key = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .klen = 16,
+ .iv = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f",
+ .assoc = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .alen = 65,
+ .input = "\x4c\xa9\xac\x71\xed\x10\xa6\x24"
+ "\xb7\xa7\xdf\x8b\xf5\xc2\x41\xcb"
+ "\x05\xc9\xd6\x97\xb6\x10\x7f\x17"
+ "\xc2\xc0\x93\xcf\xe0\x94\xfd\x99"
+ "\xf2\x62\x25\x28\x01\x23\x6f\x8b"
+ "\x04\x52\xbc\xb0\x3e\x66\x52\x90"
+ "\x9f",
+ .ilen = 49,
+ .result = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82"
+ "\x79\xf0\xf3\xd9\x6c\x20\xa9\x1a"
+ "\xdc\xbc\x47\xc0\xe4\xcb\x10\x99"
+ "\x2f",
+ .rlen = 33,
+ }, {
+ .key = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .klen = 16,
+ .iv = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85",
+ .assoc = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .alen = 16,
+ .input = "\x6d\xed\x04\x7a\x2f\x0c\x30\xa5"
+ "\x96\xe6\x97\xe4\x10\xeb\x40\x95"
+ "\xc5\x9a\xdf\x31\xd5\xa5\xa6\xec"
+ "\x05\xa8\x31\x50\x11\x19\x44",
+ .ilen = 31,
+ .result = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .rlen = 16,
+ }, {
+ .key = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .klen = 16,
+ .iv = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c",
+ .assoc = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .alen = 16,
+ .input = "\x30\x95\x7d\xea\xdc\x62\xc0\x88"
+ "\xa1\xe3\x8d\x8c\xac\x04\x10\xa7"
+ "\xfa\xfa\x07\xbd\xa0\xf0\x36\xeb"
+ "\x21\x93\x2e\x31\x84\x83",
+ .ilen = 30,
+ .result = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .rlen = 16,
+ }, {
+ .key = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .klen = 16,
+ .iv = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92",
+ .assoc = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .alen = 16,
+ .input = "\x93\xcd\xee\xd4\xcb\x9d\x8d\x16"
+ "\x63\x0d\x43\xd5\x49\xca\xa8\x85"
+ "\x49\xc0\xae\x13\xbc\x26\x1d\x4b",
+ .ilen = 24,
+ .result = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .rlen = 16,
+ },
+};
+
+/*
+ * AEGIS-256 test vectors - generated via reference implementation from
+ * SUPERCOP (https://bench.cr.yp.to/supercop.html):
+ *
+ * https://bench.cr.yp.to/supercop/supercop-20170228.tar.xz
+ * (see crypto_aead/aegis256/)
+ */
+static const struct aead_testvec aegis256_enc_tv_template[] = {
+ {
+ .key = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81"
+ "\xca\xb0\x82\x21\x41\xa8\xe0\x06"
+ "\x30\x0b\x37\xf6\xb6\x17\xe7\xb5",
+ .klen = 32,
+ .iv = "\x1e\x92\x1c\xcf\x88\x3d\x54\x0d"
+ "\x40\x6d\x59\x48\xfc\x92\x61\x03"
+ "\x95\x61\x05\x42\x82\x50\xc0\x0c"
+ "\x60\x16\x6f\xec\x6d\x2f\xcf\x6b",
+ .assoc = "",
+ .alen = 0,
+ .input = "",
+ .ilen = 0,
+ .result = "\xd5\x65\x3a\xa9\x03\x51\xd7\xaa"
+ "\xfa\x4b\xd8\xa2\x41\x9b\xc1\xb2",
+ .rlen = 16,
+ }, {
+ .key = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87"
+ "\xf4\x72\x8e\xa5\x46\x48\x62\x20"
+ "\xf1\x38\x16\xce\x90\x76\x87\x8c",
+ .klen = 32,
+ .iv = "\x5a\xb7\x56\x6e\x98\xb9\xfd\x29"
+ "\xc1\x47\x0b\xda\xf6\xb6\x23\x09"
+ "\xbf\x23\x11\xc6\x87\xf0\x42\x26"
+ "\x22\x44\x4e\xc4\x47\x8e\x6e\x41",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x79",
+ .ilen = 1,
+ .result = "\x84\xa2\x8f\xad\xdb\x8d\x2c\x16"
+ "\x9e\x89\xd9\x06\xa6\xa8\x14\x29"
+ "\x8b",
+ .rlen = 17,
+ }, {
+ .key = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e"
+ "\x1f\x35\x9a\x29\x4b\xe8\xe4\x39"
+ "\xb3\x66\xf5\xa6\x6a\xd5\x26\x62",
+ .klen = 32,
+ .iv = "\x97\xdb\x90\x0e\xa8\x35\xa5\x45"
+ "\x42\x21\xbd\x6b\xf0\xda\xe6\x0f"
+ "\xe9\xe5\x1d\x4a\x8c\x90\xc4\x40"
+ "\xe3\x71\x2d\x9c\x21\xed\x0e\x18",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47",
+ .ilen = 15,
+ .result = "\x09\x94\x1f\xa6\x13\xc3\x74\x75"
+ "\x17\xad\x8a\x0e\xd8\x66\x9a\x28"
+ "\xd7\x30\x66\x09\x2a\xdc\xfa\x2a"
+ "\x9f\x3b\xd7\xdd\x66\xd1\x2b",
+ .rlen = 31,
+ }, {
+ .key = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94"
+ "\x49\xf7\xa5\xad\x50\x88\x66\x53"
+ "\x74\x94\xd4\x7f\x44\x34\xc5\x39",
+ .klen = 32,
+ .iv = "\xd3\x00\xc9\xad\xb8\xb0\x4e\x61"
+ "\xc3\xfb\x6f\xfd\xea\xff\xa9\x15"
+ "\x14\xa8\x28\xce\x92\x30\x46\x59"
+ "\xa4\x9f\x0b\x75\xfb\x4c\xad\xee",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .ilen = 16,
+ .result = "\x8a\x46\xa2\x22\x8c\x03\xab\x6f"
+ "\x54\x63\x4e\x7f\xc9\x8e\xfa\x70"
+ "\x7b\xe5\x8d\x78\xbc\xe9\xb6\xa1"
+ "\x29\x17\xc8\x3b\x52\xa4\x98\x72",
+ .rlen = 32,
+ }, {
+ .key = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a"
+ "\x74\xb9\xb1\x32\x55\x28\xe8\x6d"
+ "\x35\xc1\xb3\x57\x1f\x93\x64\x0f",
+ .klen = 32,
+ .iv = "\x10\x25\x03\x4c\xc8\x2c\xf7\x7d"
+ "\x44\xd5\x21\x8e\xe4\x23\x6b\x1c"
+ "\x3e\x6a\x34\x53\x97\xd0\xc8\x73"
+ "\x66\xcd\xea\x4d\xd5\xab\x4c\xc5",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f"
+ "\xd3",
+ .ilen = 17,
+ .result = "\x71\x6b\x37\x0b\x02\x61\x28\x12"
+ "\x83\xab\x66\x90\x84\xc7\xd1\xc5"
+ "\xb2\x7a\xb4\x7b\xb4\xfe\x02\xb2"
+ "\xc0\x00\x39\x13\xb5\x51\x68\x44"
+ "\xad",
+ .rlen = 33,
+ }, {
+ .key = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0"
+ "\x9e\x7c\xbc\xb6\x5b\xc8\x6a\x86"
+ "\xf7\xef\x91\x30\xf9\xf2\x04\xe6",
+ .klen = 32,
+ .iv = "\x4c\x49\x3d\xec\xd8\xa8\xa0\x98"
+ "\xc5\xb0\xd3\x1f\xde\x48\x2e\x22"
+ "\x69\x2c\x3f\xd7\x9c\x70\x4a\x8d"
+ "\x27\xfa\xc9\x26\xaf\x0a\xeb\x9c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25"
+ "\xfe\x8d\x45\x19\x1e\xc0\x0b\x99"
+ "\x88\x11\x39\x12\x1c\x3a\xbb",
+ .ilen = 31,
+ .result = "\xaf\xa4\x34\x0d\x59\xe6\x1c\x2f"
+ "\x06\x3b\x52\x18\x49\x75\x1b\xf0"
+ "\x53\x09\x72\x7b\x45\x79\xe0\xbe"
+ "\x89\x85\x23\x15\xb8\x79\x07\x4c"
+ "\x53\x7a\x15\x37\x0a\xee\xb7\xfb"
+ "\xc4\x1f\x12\x27\xcf\x77\x90",
+ .rlen = 47,
+ }, {
+ .key = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6"
+ "\xc8\x3e\xc8\x3a\x60\x68\xec\xa0"
+ "\xb8\x1c\x70\x08\xd3\x51\xa3\xbd",
+ .klen = 32,
+ .iv = "\x89\x6e\x77\x8b\xe8\x23\x49\xb4"
+ "\x45\x8a\x85\xb1\xd8\x6c\xf1\x28"
+ "\x93\xef\x4b\x5b\xa1\x10\xcc\xa6"
+ "\xe8\x28\xa8\xfe\x89\x69\x8b\x72",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b"
+ "\x28\x50\x51\x9d\x24\x60\x8d\xb3"
+ "\x49\x3e\x17\xea\xf6\x99\x5a\xdd",
+ .ilen = 32,
+ .result = "\xe2\xc9\x0b\x33\x31\x02\xb3\xb4"
+ "\x33\xfe\xeb\xa8\xb7\x9b\xb2\xd7"
+ "\xeb\x0f\x05\x2b\xba\xb3\xca\xef"
+ "\xf6\xd1\xb6\xc0\xb9\x9b\x85\xc5"
+ "\xbf\x7a\x3e\xcc\x31\x76\x09\x80"
+ "\x32\x5d\xbb\xe8\x38\x0e\x77\xd3",
+ .rlen = 48,
+ }, {
+ .key = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad"
+ "\xf3\x00\xd4\xbf\x65\x08\x6e\xb9"
+ "\x7a\x4a\x4f\xe0\xad\xb0\x42\x93",
+ .klen = 32,
+ .iv = "\xc5\x93\xb0\x2a\xf8\x9f\xf1\xd0"
+ "\xc6\x64\x37\x42\xd2\x90\xb3\x2e"
+ "\xbd\xb1\x57\xe0\xa6\xb0\x4e\xc0"
+ "\xaa\x55\x87\xd6\x63\xc8\x2a\x49",
+ .assoc = "\xd5",
+ .alen = 1,
+ .input = "",
+ .ilen = 0,
+ .result = "\x96\x43\x30\xca\x6c\x4f\xd7\x12"
+ "\xba\xd9\xb3\x18\x86\xdf\xc3\x52",
+ .rlen = 16,
+ }, {
+ .key = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3"
+ "\x1d\xc3\xdf\x43\x6a\xa8\xf0\xd3"
+ "\x3b\x77\x2e\xb9\x87\x0f\xe1\x6a",
+ .klen = 32,
+ .iv = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34"
+ "\xe8\x73\x62\x64\xab\x50\xd0\xda"
+ "\x6b\x83\x66\xaf\x3e\x27\xc9\x1f",
+ .assoc = "\x11\x81\x78\x32\x4d\xb9\x44\x73"
+ "\x68\x75\x16\xf8\xcb\x7e\xa7",
+ .alen = 15,
+ .input = "",
+ .ilen = 0,
+ .result = "\x2f\xab\x45\xe2\xa7\x46\xc5\x83"
+ "\x11\x9f\xb0\x74\xee\xc7\x03\xdd",
+ .rlen = 16,
+ }, {
+ .key = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9"
+ "\x47\x85\xeb\xc7\x6f\x48\x72\xed"
+ "\xfc\xa5\x0d\x91\x61\x6e\x81\x40",
+ .klen = 32,
+ .iv = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b"
+ "\x12\x35\x6e\xe8\xb0\xf0\x52\xf3"
+ "\x2d\xb0\x45\x87\x18\x86\x68\xf6",
+ .assoc = "\x4e\xa5\xb2\xd1\x5d\x35\xed\x8f"
+ "\xe8\x4f\xc8\x89\xc5\xa2\x69\xbc",
+ .alen = 16,
+ .input = "",
+ .ilen = 0,
+ .result = "\x16\x44\x73\x33\x5d\xf2\xb9\x04"
+ "\x6b\x79\x98\xef\xdb\xd5\xc5\xf1",
+ .rlen = 16,
+ }, {
+ .key = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf"
+ "\x72\x47\xf6\x4b\x74\xe8\xf4\x06"
+ "\xbe\xd3\xec\x6a\x3b\xcd\x20\x17",
+ .klen = 32,
+ .iv = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41"
+ "\x3c\xf8\x79\x6c\xb6\x90\xd4\x0d"
+ "\xee\xde\x23\x60\xf2\xe5\x08\xcc",
+ .assoc = "\x8a\xca\xec\x70\x6d\xb1\x96\xab"
+ "\x69\x29\x7a\x1b\xbf\xc7\x2c\xc2"
+ "\x07",
+ .alen = 17,
+ .input = "",
+ .ilen = 0,
+ .result = "\xa4\x9b\xb8\x47\xc0\xed\x7a\x45"
+ "\x98\x54\x8c\xed\x3d\x17\xf0\xdd",
+ .rlen = 16,
+ }, {
+ .key = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6"
+ "\x9c\x0a\x02\xd0\x79\x88\x76\x20"
+ "\x7f\x00\xca\x42\x15\x2c\xbf\xed",
+ .klen = 32,
+ .iv = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47"
+ "\x67\xba\x85\xf1\xbb\x30\x56\x26"
+ "\xaf\x0b\x02\x38\xcc\x44\xa7\xa3",
+ .assoc = "\xc7\xef\x26\x10\x7d\x2c\x3f\xc6"
+ "\xea\x03\x2c\xac\xb9\xeb\xef\xc9"
+ "\x31\x6b\x08\x12\xfc\xd8\x37\x2d"
+ "\xe0\x17\x3a\x2e\x83\x5c\x8f",
+ .alen = 31,
+ .input = "",
+ .ilen = 0,
+ .result = "\x20\x24\xe2\x33\x5c\x60\xc9\xf0"
+ "\xa4\x96\x2f\x0d\x53\xc2\xf8\xfc",
+ .rlen = 16,
+ }, {
+ .key = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc"
+ "\xc6\xcc\x0e\x54\x7f\x28\xf8\x3a"
+ "\x40\x2e\xa9\x1a\xf0\x8b\x5e\xc4",
+ .klen = 32,
+ .iv = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d"
+ "\x91\x7c\x91\x75\xc0\xd0\xd8\x40"
+ "\x71\x39\xe1\x10\xa6\xa3\x46\x7a",
+ .assoc = "\x03\x14\x5f\xaf\x8d\xa8\xe7\xe2"
+ "\x6b\xde\xde\x3e\xb3\x10\xb1\xcf"
+ "\x5c\x2d\x14\x96\x01\x78\xb9\x47"
+ "\xa1\x44\x19\x06\x5d\xbb\x2e\x2f",
+ .alen = 32,
+ .input = "",
+ .ilen = 0,
+ .result = "\x6f\x4a\xb9\xe0\xff\x51\xa3\xf1"
+ "\xd2\x64\x3e\x66\x6a\xb2\x03\xc0",
+ .rlen = 16,
+ }, {
+ .key = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2"
+ "\xf1\x8e\x19\xd8\x84\xc8\x7a\x53"
+ "\x02\x5b\x88\xf3\xca\xea\xfe\x9b",
+ .klen = 32,
+ .iv = "\x31\x6f\x0b\xe6\x59\x85\xe6\x77"
+ "\xcc\x81\x63\xab\xae\x6b\x43\x54"
+ "\xbb\x3f\x9c\xf9\xc5\x70\x5a\x5a"
+ "\x32\x67\xc0\xe9\x80\x02\xe5\x50",
+ .assoc = "\x40",
+ .alen = 1,
+ .input = "\x4f",
+ .ilen = 1,
+ .result = "\x2c\xfb\xad\x7e\xbe\xa0\x9a\x5b"
+ "\x7a\x3f\x81\xf7\xfc\x1b\x79\x83"
+ "\xc7",
+ .rlen = 17,
+ }, {
+ .key = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8"
+ "\x1b\x50\x25\x5d\x89\x68\xfc\x6d"
+ "\xc3\x89\x67\xcb\xa4\x49\x9d\x71",
+ .klen = 32,
+ .iv = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a"
+ "\xe6\x01\xa8\x7e\xca\x10\xdc\x73"
+ "\xf4\x94\x9f\xc1\x5a\x61\x85\x27",
+ .assoc = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .alen = 15,
+ .input = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67",
+ .ilen = 15,
+ .result = "\x1f\x7f\xca\x3c\x2b\xe7\x27\xba"
+ "\x7e\x98\x83\x02\x34\x23\xf7\x94"
+ "\xde\x35\xe6\x1d\x14\x18\xe5\x38"
+ "\x14\x80\x6a\xa7\x1b\xae\x1d",
+ .rlen = 31,
+ }, {
+ .key = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf"
+ "\x46\x13\x31\xe1\x8e\x08\x7e\x87"
+ "\x85\xb6\x46\xa3\x7e\xa8\x3c\x48",
+ .klen = 32,
+ .iv = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60"
+ "\x10\xc3\xb3\x02\xcf\xb0\x5e\x8d"
+ "\xb5\xc2\x7e\x9a\x35\xc0\x24\xfd",
+ .assoc = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .alen = 16,
+ .input = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .ilen = 16,
+ .result = "\x05\x86\x9e\xd7\x2b\xa3\x97\x01"
+ "\xbe\x28\x98\x10\x6f\xe9\x61\x32"
+ "\x96\xbb\xb1\x2e\x8f\x0c\x44\xb9"
+ "\x46\x2d\x55\xe3\x42\x67\xf2\xaf",
+ .rlen = 32,
+ }, {
+ .key = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5"
+ "\x70\xd5\x3c\x65\x93\xa8\x00\xa0"
+ "\x46\xe4\x25\x7c\x58\x08\xdb\x1e",
+ .klen = 32,
+ .iv = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66"
+ "\x3b\x86\xbf\x86\xd4\x50\xe0\xa7"
+ "\x76\xef\x5c\x72\x0f\x1f\xc3\xd4",
+ .assoc = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .alen = 17,
+ .input = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69"
+ "\xd0",
+ .ilen = 17,
+ .result = "\x9c\xe0\x06\x7b\x86\xcf\x2e\xd8"
+ "\x45\x65\x1b\x72\x9b\xaa\xa3\x1e"
+ "\x87\x9d\x26\xdf\xff\x81\x11\xd2"
+ "\x47\x41\xb9\x24\xc1\x8a\xa3\x8b"
+ "\x55",
+ .rlen = 33,
+ }, {
+ .key = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb"
+ "\x9a\x97\x48\xe9\x98\x48\x82\xba"
+ "\x07\x11\x04\x54\x32\x67\x7b\xf5",
+ .klen = 32,
+ .iv = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d"
+ "\x65\x48\xcb\x0a\xda\xf0\x62\xc0"
+ "\x38\x1d\x3b\x4a\xe9\x7e\x62\xaa",
+ .assoc = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .alen = 31,
+ .input = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70"
+ "\xfa\xa9\xd0\x4d\x5c\x40\x23\xcd"
+ "\x98\x34\xab\x37\x56\xae\x32",
+ .ilen = 31,
+ .result = "\xa0\xc8\xde\x83\x0d\xc3\x4e\xd5"
+ "\x69\x7f\x7a\xdd\x8c\x46\xda\xba"
+ "\x0a\x5c\x0e\x7f\xac\xee\x02\xd2"
+ "\xe5\x4b\x0a\xba\xb8\xa4\x7b\x66"
+ "\xde\xae\xdb\xc2\xc0\x0b\xf7\x2b"
+ "\xdf\xb8\xea\xd8\xa9\x38\xed",
+ .rlen = 47,
+ }, {
+ .key = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1"
+ "\xc5\x5a\x53\x6e\x9d\xe8\x04\xd4"
+ "\xc9\x3f\xe2\x2d\x0c\xc6\x1a\xcb",
+ .klen = 32,
+ .iv = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73"
+ "\x8f\x0a\xd6\x8f\xdf\x90\xe4\xda"
+ "\xf9\x4a\x1a\x23\xc3\xdd\x02\x81",
+ .assoc = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .alen = 32,
+ .input = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76"
+ "\x24\x6b\xdc\xd1\x61\xe0\xa5\xe7"
+ "\x5a\x61\x8a\x0f\x30\x0d\xd1\xec",
+ .ilen = 32,
+ .result = "\xd3\x68\x14\x70\x3c\x01\x43\x86"
+ "\x02\xab\xbe\x75\xaa\xe7\xf5\x53"
+ "\x5c\x05\xbd\x9b\x19\xbb\x2a\x61"
+ "\x8f\x69\x05\x75\x8e\xca\x60\x0c"
+ "\x5b\xa2\x48\x61\x32\x74\x11\x2b"
+ "\xf6\xcf\x06\x78\x6f\x78\x1a\x4a",
+ .rlen = 48,
+ }, {
+ .key = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7"
+ "\xef\x1c\x5f\xf2\xa3\x88\x86\xed"
+ "\x8a\x6d\xc1\x05\xe7\x25\xb9\xa2",
+ .klen = 32,
+ .iv = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79"
+ "\xba\xcd\xe2\x13\xe4\x30\x66\xf4"
+ "\xba\x78\xf9\xfb\x9d\x3c\xa1\x58",
+ .assoc = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d",
+ .alen = 33,
+ .input = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c"
+ "\x4f\x2e\xe8\x55\x66\x80\x27\x00"
+ "\x1b\x8f\x68\xe7\x0a\x6c\x71\xc3"
+ "\x21\x78\x55\x9d\x9c\x65\x7b\xcd"
+ "\x0a\x34\x97\xff\x47\x37\xb0\x2a"
+ "\x80\x0d\x19\x98\x33\xa9\x7a\xe3"
+ "\x2e\x4c\xc6\xf3\x8c\x88\x42\x01"
+ "\xbd",
+ .ilen = 65,
+ .result = "\x07\x0a\x35\xb0\x82\x03\x5a\xd2"
+ "\x15\x3a\x6c\x72\x83\x9b\xb1\x75"
+ "\xea\xf2\xfc\xff\xc6\xf1\x13\xa4"
+ "\x1a\x93\x33\x79\x97\x82\x81\xc0"
+ "\x96\xc2\x00\xab\x39\xae\xa1\x62"
+ "\x53\xa3\x86\xc9\x07\x8c\xaf\x22"
+ "\x47\x31\x29\xca\x4a\x95\xf5\xd5"
+ "\x20\x63\x5a\x54\x80\x2c\x4a\x63"
+ "\xfb\x18\x73\x31\x4f\x08\x21\x5d"
+ "\x20\xe9\xc3\x7e\xea\x25\x77\x3a"
+ "\x65",
+ .rlen = 81,
+ }, {
+ .key = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe"
+ "\x19\xde\x6b\x76\xa8\x28\x08\x07"
+ "\x4b\x9a\xa0\xdd\xc1\x84\x58\x79",
+ .klen = 32,
+ .iv = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f"
+ "\xe4\x8f\xed\x97\xe9\xd0\xe8\x0d"
+ "\x7c\xa6\xd8\xd4\x77\x9b\x40\x2e",
+ .assoc = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .alen = 65,
+ .input = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82"
+ "\x79\xf0\xf3\xd9\x6c\x20\xa9\x1a"
+ "\xdc\xbc\x47\xc0\xe4\xcb\x10\x99"
+ "\x2f",
+ .ilen = 33,
+ .result = "\x33\xc1\xda\xfa\x15\x21\x07\x8e"
+ "\x93\x68\xea\x64\x7b\x3d\x4b\x6b"
+ "\x71\x5e\x5e\x6b\x92\xaa\x65\xc2"
+ "\x7a\x2a\xc1\xa9\x0a\xa1\x24\x81"
+ "\x26\x3a\x5a\x09\xe8\xce\x73\x72"
+ "\xde\x7b\x58\x9e\x85\xb9\xa4\x28"
+ "\xda",
+ .rlen = 49,
+ }, {
+ .key = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04"
+ "\x44\xa1\x76\xfb\xad\xc8\x8a\x21"
+ "\x0d\xc8\x7f\xb6\x9b\xe3\xf8\x4f",
+ .klen = 32,
+ .iv = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85"
+ "\x0e\x51\xf9\x1c\xee\x70\x6a\x27"
+ "\x3d\xd3\xb7\xac\x51\xfa\xdf\x05",
+ .assoc = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .alen = 16,
+ .input = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .ilen = 16,
+ .result = "\x3e\xf8\x86\x3d\x39\xf8\x96\x02"
+ "\x0f\xdf\xc9\x6e\x37\x1e\x57\x99"
+ "\x07\x2a\x1a\xac\xd1\xda\xfd\x3b"
+ "\xc7\xff\xbd\xbc\x85\x09\x0b",
+ .rlen = 31,
+ }, {
+ .key = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a"
+ "\x6e\x63\x82\x7f\xb2\x68\x0c\x3a"
+ "\xce\xf5\x5e\x8e\x75\x42\x97\x26",
+ .klen = 32,
+ .iv = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c"
+ "\x39\x14\x05\xa0\xf3\x10\xec\x41"
+ "\xff\x01\x95\x84\x2b\x59\x7f\xdb",
+ .assoc = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .alen = 16,
+ .input = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .ilen = 16,
+ .result = "\x2f\xc4\xd8\x0d\xa6\x07\xef\x2e"
+ "\x6c\xd9\x84\x63\x70\x97\x61\x37"
+ "\x08\x2f\x16\x90\x9e\x62\x30\x0d"
+ "\x62\xd5\xc8\xf0\x46\x1a",
+ .rlen = 30,
+ }, {
+ .key = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10"
+ "\x98\x25\x8d\x03\xb7\x08\x8e\x54"
+ "\x90\x23\x3d\x67\x4f\xa1\x36\xfc",
+ .klen = 32,
+ .iv = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92"
+ "\x63\xd6\x10\x24\xf8\xb0\x6e\x5a"
+ "\xc0\x2e\x74\x5d\x06\xb8\x1e\xb2",
+ .assoc = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .alen = 16,
+ .input = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .ilen = 16,
+ .result = "\xce\xf3\x17\x87\x49\xc2\x00\x46"
+ "\xc6\x12\x5c\x8f\x81\x38\xaa\x55"
+ "\xf8\x67\x75\xf1\x75\xe3\x2a\x24",
+ .rlen = 24,
+ },
+};
+
+static const struct aead_testvec aegis256_dec_tv_template[] = {
+ {
+ .key = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81"
+ "\xca\xb0\x82\x21\x41\xa8\xe0\x06"
+ "\x30\x0b\x37\xf6\xb6\x17\xe7\xb5",
+ .klen = 32,
+ .iv = "\x1e\x92\x1c\xcf\x88\x3d\x54\x0d"
+ "\x40\x6d\x59\x48\xfc\x92\x61\x03"
+ "\x95\x61\x05\x42\x82\x50\xc0\x0c"
+ "\x60\x16\x6f\xec\x6d\x2f\xcf\x6b",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xd5\x65\x3a\xa9\x03\x51\xd7\xaa"
+ "\xfa\x4b\xd8\xa2\x41\x9b\xc1\xb2",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87"
+ "\xf4\x72\x8e\xa5\x46\x48\x62\x20"
+ "\xf1\x38\x16\xce\x90\x76\x87\x8c",
+ .klen = 32,
+ .iv = "\x5a\xb7\x56\x6e\x98\xb9\xfd\x29"
+ "\xc1\x47\x0b\xda\xf6\xb6\x23\x09"
+ "\xbf\x23\x11\xc6\x87\xf0\x42\x26"
+ "\x22\x44\x4e\xc4\x47\x8e\x6e\x41",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x84\xa2\x8f\xad\xdb\x8d\x2c\x16"
+ "\x9e\x89\xd9\x06\xa6\xa8\x14\x29"
+ "\x8b",
+ .ilen = 17,
+ .result = "\x79",
+ .rlen = 1,
+ }, {
+ .key = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e"
+ "\x1f\x35\x9a\x29\x4b\xe8\xe4\x39"
+ "\xb3\x66\xf5\xa6\x6a\xd5\x26\x62",
+ .klen = 32,
+ .iv = "\x97\xdb\x90\x0e\xa8\x35\xa5\x45"
+ "\x42\x21\xbd\x6b\xf0\xda\xe6\x0f"
+ "\xe9\xe5\x1d\x4a\x8c\x90\xc4\x40"
+ "\xe3\x71\x2d\x9c\x21\xed\x0e\x18",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x09\x94\x1f\xa6\x13\xc3\x74\x75"
+ "\x17\xad\x8a\x0e\xd8\x66\x9a\x28"
+ "\xd7\x30\x66\x09\x2a\xdc\xfa\x2a"
+ "\x9f\x3b\xd7\xdd\x66\xd1\x2b",
+ .ilen = 31,
+ .result = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47",
+ .rlen = 15,
+ }, {
+ .key = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94"
+ "\x49\xf7\xa5\xad\x50\x88\x66\x53"
+ "\x74\x94\xd4\x7f\x44\x34\xc5\x39",
+ .klen = 32,
+ .iv = "\xd3\x00\xc9\xad\xb8\xb0\x4e\x61"
+ "\xc3\xfb\x6f\xfd\xea\xff\xa9\x15"
+ "\x14\xa8\x28\xce\x92\x30\x46\x59"
+ "\xa4\x9f\x0b\x75\xfb\x4c\xad\xee",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x8a\x46\xa2\x22\x8c\x03\xab\x6f"
+ "\x54\x63\x4e\x7f\xc9\x8e\xfa\x70"
+ "\x7b\xe5\x8d\x78\xbc\xe9\xb6\xa1"
+ "\x29\x17\xc8\x3b\x52\xa4\x98\x72",
+ .ilen = 32,
+ .result = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .rlen = 16,
+ }, {
+ .key = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a"
+ "\x74\xb9\xb1\x32\x55\x28\xe8\x6d"
+ "\x35\xc1\xb3\x57\x1f\x93\x64\x0f",
+ .klen = 32,
+ .iv = "\x10\x25\x03\x4c\xc8\x2c\xf7\x7d"
+ "\x44\xd5\x21\x8e\xe4\x23\x6b\x1c"
+ "\x3e\x6a\x34\x53\x97\xd0\xc8\x73"
+ "\x66\xcd\xea\x4d\xd5\xab\x4c\xc5",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x71\x6b\x37\x0b\x02\x61\x28\x12"
+ "\x83\xab\x66\x90\x84\xc7\xd1\xc5"
+ "\xb2\x7a\xb4\x7b\xb4\xfe\x02\xb2"
+ "\xc0\x00\x39\x13\xb5\x51\x68\x44"
+ "\xad",
+ .ilen = 33,
+ .result = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f"
+ "\xd3",
+ .rlen = 17,
+ }, {
+ .key = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0"
+ "\x9e\x7c\xbc\xb6\x5b\xc8\x6a\x86"
+ "\xf7\xef\x91\x30\xf9\xf2\x04\xe6",
+ .klen = 32,
+ .iv = "\x4c\x49\x3d\xec\xd8\xa8\xa0\x98"
+ "\xc5\xb0\xd3\x1f\xde\x48\x2e\x22"
+ "\x69\x2c\x3f\xd7\x9c\x70\x4a\x8d"
+ "\x27\xfa\xc9\x26\xaf\x0a\xeb\x9c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xaf\xa4\x34\x0d\x59\xe6\x1c\x2f"
+ "\x06\x3b\x52\x18\x49\x75\x1b\xf0"
+ "\x53\x09\x72\x7b\x45\x79\xe0\xbe"
+ "\x89\x85\x23\x15\xb8\x79\x07\x4c"
+ "\x53\x7a\x15\x37\x0a\xee\xb7\xfb"
+ "\xc4\x1f\x12\x27\xcf\x77\x90",
+ .ilen = 47,
+ .result = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25"
+ "\xfe\x8d\x45\x19\x1e\xc0\x0b\x99"
+ "\x88\x11\x39\x12\x1c\x3a\xbb",
+ .rlen = 31,
+ }, {
+ .key = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6"
+ "\xc8\x3e\xc8\x3a\x60\x68\xec\xa0"
+ "\xb8\x1c\x70\x08\xd3\x51\xa3\xbd",
+ .klen = 32,
+ .iv = "\x89\x6e\x77\x8b\xe8\x23\x49\xb4"
+ "\x45\x8a\x85\xb1\xd8\x6c\xf1\x28"
+ "\x93\xef\x4b\x5b\xa1\x10\xcc\xa6"
+ "\xe8\x28\xa8\xfe\x89\x69\x8b\x72",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xe2\xc9\x0b\x33\x31\x02\xb3\xb4"
+ "\x33\xfe\xeb\xa8\xb7\x9b\xb2\xd7"
+ "\xeb\x0f\x05\x2b\xba\xb3\xca\xef"
+ "\xf6\xd1\xb6\xc0\xb9\x9b\x85\xc5"
+ "\xbf\x7a\x3e\xcc\x31\x76\x09\x80"
+ "\x32\x5d\xbb\xe8\x38\x0e\x77\xd3",
+ .ilen = 48,
+ .result = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b"
+ "\x28\x50\x51\x9d\x24\x60\x8d\xb3"
+ "\x49\x3e\x17\xea\xf6\x99\x5a\xdd",
+ .rlen = 32,
+ }, {
+ .key = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad"
+ "\xf3\x00\xd4\xbf\x65\x08\x6e\xb9"
+ "\x7a\x4a\x4f\xe0\xad\xb0\x42\x93",
+ .klen = 32,
+ .iv = "\xc5\x93\xb0\x2a\xf8\x9f\xf1\xd0"
+ "\xc6\x64\x37\x42\xd2\x90\xb3\x2e"
+ "\xbd\xb1\x57\xe0\xa6\xb0\x4e\xc0"
+ "\xaa\x55\x87\xd6\x63\xc8\x2a\x49",
+ .assoc = "\xd5",
+ .alen = 1,
+ .input = "\x96\x43\x30\xca\x6c\x4f\xd7\x12"
+ "\xba\xd9\xb3\x18\x86\xdf\xc3\x52",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3"
+ "\x1d\xc3\xdf\x43\x6a\xa8\xf0\xd3"
+ "\x3b\x77\x2e\xb9\x87\x0f\xe1\x6a",
+ .klen = 32,
+ .iv = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34"
+ "\xe8\x73\x62\x64\xab\x50\xd0\xda"
+ "\x6b\x83\x66\xaf\x3e\x27\xc9\x1f",
+ .assoc = "\x11\x81\x78\x32\x4d\xb9\x44\x73"
+ "\x68\x75\x16\xf8\xcb\x7e\xa7",
+ .alen = 15,
+ .input = "\x2f\xab\x45\xe2\xa7\x46\xc5\x83"
+ "\x11\x9f\xb0\x74\xee\xc7\x03\xdd",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9"
+ "\x47\x85\xeb\xc7\x6f\x48\x72\xed"
+ "\xfc\xa5\x0d\x91\x61\x6e\x81\x40",
+ .klen = 32,
+ .iv = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b"
+ "\x12\x35\x6e\xe8\xb0\xf0\x52\xf3"
+ "\x2d\xb0\x45\x87\x18\x86\x68\xf6",
+ .assoc = "\x4e\xa5\xb2\xd1\x5d\x35\xed\x8f"
+ "\xe8\x4f\xc8\x89\xc5\xa2\x69\xbc",
+ .alen = 16,
+ .input = "\x16\x44\x73\x33\x5d\xf2\xb9\x04"
+ "\x6b\x79\x98\xef\xdb\xd5\xc5\xf1",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf"
+ "\x72\x47\xf6\x4b\x74\xe8\xf4\x06"
+ "\xbe\xd3\xec\x6a\x3b\xcd\x20\x17",
+ .klen = 32,
+ .iv = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41"
+ "\x3c\xf8\x79\x6c\xb6\x90\xd4\x0d"
+ "\xee\xde\x23\x60\xf2\xe5\x08\xcc",
+ .assoc = "\x8a\xca\xec\x70\x6d\xb1\x96\xab"
+ "\x69\x29\x7a\x1b\xbf\xc7\x2c\xc2"
+ "\x07",
+ .alen = 17,
+ .input = "\xa4\x9b\xb8\x47\xc0\xed\x7a\x45"
+ "\x98\x54\x8c\xed\x3d\x17\xf0\xdd",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6"
+ "\x9c\x0a\x02\xd0\x79\x88\x76\x20"
+ "\x7f\x00\xca\x42\x15\x2c\xbf\xed",
+ .klen = 32,
+ .iv = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47"
+ "\x67\xba\x85\xf1\xbb\x30\x56\x26"
+ "\xaf\x0b\x02\x38\xcc\x44\xa7\xa3",
+ .assoc = "\xc7\xef\x26\x10\x7d\x2c\x3f\xc6"
+ "\xea\x03\x2c\xac\xb9\xeb\xef\xc9"
+ "\x31\x6b\x08\x12\xfc\xd8\x37\x2d"
+ "\xe0\x17\x3a\x2e\x83\x5c\x8f",
+ .alen = 31,
+ .input = "\x20\x24\xe2\x33\x5c\x60\xc9\xf0"
+ "\xa4\x96\x2f\x0d\x53\xc2\xf8\xfc",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc"
+ "\xc6\xcc\x0e\x54\x7f\x28\xf8\x3a"
+ "\x40\x2e\xa9\x1a\xf0\x8b\x5e\xc4",
+ .klen = 32,
+ .iv = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d"
+ "\x91\x7c\x91\x75\xc0\xd0\xd8\x40"
+ "\x71\x39\xe1\x10\xa6\xa3\x46\x7a",
+ .assoc = "\x03\x14\x5f\xaf\x8d\xa8\xe7\xe2"
+ "\x6b\xde\xde\x3e\xb3\x10\xb1\xcf"
+ "\x5c\x2d\x14\x96\x01\x78\xb9\x47"
+ "\xa1\x44\x19\x06\x5d\xbb\x2e\x2f",
+ .alen = 32,
+ .input = "\x6f\x4a\xb9\xe0\xff\x51\xa3\xf1"
+ "\xd2\x64\x3e\x66\x6a\xb2\x03\xc0",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2"
+ "\xf1\x8e\x19\xd8\x84\xc8\x7a\x53"
+ "\x02\x5b\x88\xf3\xca\xea\xfe\x9b",
+ .klen = 32,
+ .iv = "\x31\x6f\x0b\xe6\x59\x85\xe6\x77"
+ "\xcc\x81\x63\xab\xae\x6b\x43\x54"
+ "\xbb\x3f\x9c\xf9\xc5\x70\x5a\x5a"
+ "\x32\x67\xc0\xe9\x80\x02\xe5\x50",
+ .assoc = "\x40",
+ .alen = 1,
+ .input = "\x2c\xfb\xad\x7e\xbe\xa0\x9a\x5b"
+ "\x7a\x3f\x81\xf7\xfc\x1b\x79\x83"
+ "\xc7",
+ .ilen = 17,
+ .result = "\x4f",
+ .rlen = 1,
+ }, {
+ .key = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8"
+ "\x1b\x50\x25\x5d\x89\x68\xfc\x6d"
+ "\xc3\x89\x67\xcb\xa4\x49\x9d\x71",
+ .klen = 32,
+ .iv = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a"
+ "\xe6\x01\xa8\x7e\xca\x10\xdc\x73"
+ "\xf4\x94\x9f\xc1\x5a\x61\x85\x27",
+ .assoc = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .alen = 15,
+ .input = "\x1f\x7f\xca\x3c\x2b\xe7\x27\xba"
+ "\x7e\x98\x83\x02\x34\x23\xf7\x94"
+ "\xde\x35\xe6\x1d\x14\x18\xe5\x38"
+ "\x14\x80\x6a\xa7\x1b\xae\x1d",
+ .ilen = 31,
+ .result = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67",
+ .rlen = 15,
+ }, {
+ .key = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf"
+ "\x46\x13\x31\xe1\x8e\x08\x7e\x87"
+ "\x85\xb6\x46\xa3\x7e\xa8\x3c\x48",
+ .klen = 32,
+ .iv = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60"
+ "\x10\xc3\xb3\x02\xcf\xb0\x5e\x8d"
+ "\xb5\xc2\x7e\x9a\x35\xc0\x24\xfd",
+ .assoc = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .alen = 16,
+ .input = "\x05\x86\x9e\xd7\x2b\xa3\x97\x01"
+ "\xbe\x28\x98\x10\x6f\xe9\x61\x32"
+ "\x96\xbb\xb1\x2e\x8f\x0c\x44\xb9"
+ "\x46\x2d\x55\xe3\x42\x67\xf2\xaf",
+ .ilen = 32,
+ .result = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .rlen = 16,
+ }, {
+ .key = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5"
+ "\x70\xd5\x3c\x65\x93\xa8\x00\xa0"
+ "\x46\xe4\x25\x7c\x58\x08\xdb\x1e",
+ .klen = 32,
+ .iv = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66"
+ "\x3b\x86\xbf\x86\xd4\x50\xe0\xa7"
+ "\x76\xef\x5c\x72\x0f\x1f\xc3\xd4",
+ .assoc = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .alen = 17,
+ .input = "\x9c\xe0\x06\x7b\x86\xcf\x2e\xd8"
+ "\x45\x65\x1b\x72\x9b\xaa\xa3\x1e"
+ "\x87\x9d\x26\xdf\xff\x81\x11\xd2"
+ "\x47\x41\xb9\x24\xc1\x8a\xa3\x8b"
+ "\x55",
+ .ilen = 33,
+ .result = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69"
+ "\xd0",
+ .rlen = 17,
+ }, {
+ .key = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb"
+ "\x9a\x97\x48\xe9\x98\x48\x82\xba"
+ "\x07\x11\x04\x54\x32\x67\x7b\xf5",
+ .klen = 32,
+ .iv = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d"
+ "\x65\x48\xcb\x0a\xda\xf0\x62\xc0"
+ "\x38\x1d\x3b\x4a\xe9\x7e\x62\xaa",
+ .assoc = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .alen = 31,
+ .input = "\xa0\xc8\xde\x83\x0d\xc3\x4e\xd5"
+ "\x69\x7f\x7a\xdd\x8c\x46\xda\xba"
+ "\x0a\x5c\x0e\x7f\xac\xee\x02\xd2"
+ "\xe5\x4b\x0a\xba\xb8\xa4\x7b\x66"
+ "\xde\xae\xdb\xc2\xc0\x0b\xf7\x2b"
+ "\xdf\xb8\xea\xd8\xa9\x38\xed",
+ .ilen = 47,
+ .result = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70"
+ "\xfa\xa9\xd0\x4d\x5c\x40\x23\xcd"
+ "\x98\x34\xab\x37\x56\xae\x32",
+ .rlen = 31,
+ }, {
+ .key = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1"
+ "\xc5\x5a\x53\x6e\x9d\xe8\x04\xd4"
+ "\xc9\x3f\xe2\x2d\x0c\xc6\x1a\xcb",
+ .klen = 32,
+ .iv = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73"
+ "\x8f\x0a\xd6\x8f\xdf\x90\xe4\xda"
+ "\xf9\x4a\x1a\x23\xc3\xdd\x02\x81",
+ .assoc = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .alen = 32,
+ .input = "\xd3\x68\x14\x70\x3c\x01\x43\x86"
+ "\x02\xab\xbe\x75\xaa\xe7\xf5\x53"
+ "\x5c\x05\xbd\x9b\x19\xbb\x2a\x61"
+ "\x8f\x69\x05\x75\x8e\xca\x60\x0c"
+ "\x5b\xa2\x48\x61\x32\x74\x11\x2b"
+ "\xf6\xcf\x06\x78\x6f\x78\x1a\x4a",
+ .ilen = 48,
+ .result = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76"
+ "\x24\x6b\xdc\xd1\x61\xe0\xa5\xe7"
+ "\x5a\x61\x8a\x0f\x30\x0d\xd1\xec",
+ .rlen = 32,
+ }, {
+ .key = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7"
+ "\xef\x1c\x5f\xf2\xa3\x88\x86\xed"
+ "\x8a\x6d\xc1\x05\xe7\x25\xb9\xa2",
+ .klen = 32,
+ .iv = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79"
+ "\xba\xcd\xe2\x13\xe4\x30\x66\xf4"
+ "\xba\x78\xf9\xfb\x9d\x3c\xa1\x58",
+ .assoc = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d",
+ .alen = 33,
+ .input = "\x07\x0a\x35\xb0\x82\x03\x5a\xd2"
+ "\x15\x3a\x6c\x72\x83\x9b\xb1\x75"
+ "\xea\xf2\xfc\xff\xc6\xf1\x13\xa4"
+ "\x1a\x93\x33\x79\x97\x82\x81\xc0"
+ "\x96\xc2\x00\xab\x39\xae\xa1\x62"
+ "\x53\xa3\x86\xc9\x07\x8c\xaf\x22"
+ "\x47\x31\x29\xca\x4a\x95\xf5\xd5"
+ "\x20\x63\x5a\x54\x80\x2c\x4a\x63"
+ "\xfb\x18\x73\x31\x4f\x08\x21\x5d"
+ "\x20\xe9\xc3\x7e\xea\x25\x77\x3a"
+ "\x65",
+ .ilen = 81,
+ .result = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c"
+ "\x4f\x2e\xe8\x55\x66\x80\x27\x00"
+ "\x1b\x8f\x68\xe7\x0a\x6c\x71\xc3"
+ "\x21\x78\x55\x9d\x9c\x65\x7b\xcd"
+ "\x0a\x34\x97\xff\x47\x37\xb0\x2a"
+ "\x80\x0d\x19\x98\x33\xa9\x7a\xe3"
+ "\x2e\x4c\xc6\xf3\x8c\x88\x42\x01"
+ "\xbd",
+ .rlen = 65,
+ }, {
+ .key = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe"
+ "\x19\xde\x6b\x76\xa8\x28\x08\x07"
+ "\x4b\x9a\xa0\xdd\xc1\x84\x58\x79",
+ .klen = 32,
+ .iv = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f"
+ "\xe4\x8f\xed\x97\xe9\xd0\xe8\x0d"
+ "\x7c\xa6\xd8\xd4\x77\x9b\x40\x2e",
+ .assoc = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .alen = 65,
+ .input = "\x33\xc1\xda\xfa\x15\x21\x07\x8e"
+ "\x93\x68\xea\x64\x7b\x3d\x4b\x6b"
+ "\x71\x5e\x5e\x6b\x92\xaa\x65\xc2"
+ "\x7a\x2a\xc1\xa9\x0a\xa1\x24\x81"
+ "\x26\x3a\x5a\x09\xe8\xce\x73\x72"
+ "\xde\x7b\x58\x9e\x85\xb9\xa4\x28"
+ "\xda",
+ .ilen = 49,
+ .result = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82"
+ "\x79\xf0\xf3\xd9\x6c\x20\xa9\x1a"
+ "\xdc\xbc\x47\xc0\xe4\xcb\x10\x99"
+ "\x2f",
+ .rlen = 33,
+ }, {
+ .key = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04"
+ "\x44\xa1\x76\xfb\xad\xc8\x8a\x21"
+ "\x0d\xc8\x7f\xb6\x9b\xe3\xf8\x4f",
+ .klen = 32,
+ .iv = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85"
+ "\x0e\x51\xf9\x1c\xee\x70\x6a\x27"
+ "\x3d\xd3\xb7\xac\x51\xfa\xdf\x05",
+ .assoc = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .alen = 16,
+ .input = "\x3e\xf8\x86\x3d\x39\xf8\x96\x02"
+ "\x0f\xdf\xc9\x6e\x37\x1e\x57\x99"
+ "\x07\x2a\x1a\xac\xd1\xda\xfd\x3b"
+ "\xc7\xff\xbd\xbc\x85\x09\x0b",
+ .ilen = 31,
+ .result = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .rlen = 16,
+ }, {
+ .key = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a"
+ "\x6e\x63\x82\x7f\xb2\x68\x0c\x3a"
+ "\xce\xf5\x5e\x8e\x75\x42\x97\x26",
+ .klen = 32,
+ .iv = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c"
+ "\x39\x14\x05\xa0\xf3\x10\xec\x41"
+ "\xff\x01\x95\x84\x2b\x59\x7f\xdb",
+ .assoc = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .alen = 16,
+ .input = "\x2f\xc4\xd8\x0d\xa6\x07\xef\x2e"
+ "\x6c\xd9\x84\x63\x70\x97\x61\x37"
+ "\x08\x2f\x16\x90\x9e\x62\x30\x0d"
+ "\x62\xd5\xc8\xf0\x46\x1a",
+ .ilen = 30,
+ .result = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .rlen = 16,
+ }, {
+ .key = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10"
+ "\x98\x25\x8d\x03\xb7\x08\x8e\x54"
+ "\x90\x23\x3d\x67\x4f\xa1\x36\xfc",
+ .klen = 32,
+ .iv = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92"
+ "\x63\xd6\x10\x24\xf8\xb0\x6e\x5a"
+ "\xc0\x2e\x74\x5d\x06\xb8\x1e\xb2",
+ .assoc = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .alen = 16,
+ .input = "\xce\xf3\x17\x87\x49\xc2\x00\x46"
+ "\xc6\x12\x5c\x8f\x81\x38\xaa\x55"
+ "\xf8\x67\x75\xf1\x75\xe3\x2a\x24",
+ .ilen = 24,
+ .result = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .rlen = 16,
+ },
+};
+
+/*
+ * MORUS-640 test vectors - generated via reference implementation from
+ * SUPERCOP (https://bench.cr.yp.to/supercop.html):
+ *
+ * https://bench.cr.yp.to/supercop/supercop-20170228.tar.xz
+ * (see crypto_aead/morus640128v2/)
+ */
+static const struct aead_testvec morus640_enc_tv_template[] = {
+ {
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 16,
+ .iv = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .assoc = "",
+ .alen = 0,
+ .input = "",
+ .ilen = 0,
+ .result = "\x89\x62\x7d\xf3\x07\x9d\x52\x05"
+ "\x53\xc3\x04\x60\x93\xb4\x37\x9a",
+ .rlen = 16,
+ }, {
+ .key = "\x3c\x24\x39\x9f\x10\x7b\xa8\x1b"
+ "\x80\xda\xb2\x91\xf9\x24\xc2\x06",
+ .klen = 16,
+ .iv = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x69",
+ .ilen = 1,
+ .result = "\xa8\x8d\xe4\x90\xb5\x50\x8f\x78"
+ "\xb6\x10\x9a\x59\x5f\x61\x37\x70"
+ "\x09",
+ .rlen = 17,
+ }, {
+ .key = "\x79\x49\x73\x3e\x20\xf7\x51\x37"
+ "\x01\xb4\x64\x22\xf3\x48\x85\x0c",
+ .klen = 16,
+ .iv = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa6\xa4\x1e\x76\xec\xd4\x50\xcc"
+ "\x62\x58\xe9\x8f\xef\xa4\x17",
+ .ilen = 15,
+ .result = "\x76\xdd\xb9\x05\x3d\xce\x61\x38"
+ "\xf3\xef\xf7\xe5\xd7\xfd\x70\xa5"
+ "\xcf\x9d\x64\xb8\x0a\x9f\xfd\x8b"
+ "\xd4\x6e\xfe\xd9\xc8\x63\x4b",
+ .rlen = 31,
+ }, {
+ .key = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47\x12",
+ .klen = 16,
+ .iv = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xe2\xc9\x58\x15\xfc\x4f\xf8\xe8"
+ "\xe3\x32\x9b\x21\xe9\xc8\xd9\x97",
+ .ilen = 16,
+ .result = "\xdc\x72\xe8\x14\xfb\x63\xad\x72"
+ "\x1f\x57\x9a\x1f\x88\x81\xdb\xd6"
+ "\xc1\x91\x9d\xb9\x25\xc4\x99\x4c"
+ "\x97\xcd\x8a\x0c\x9d\x68\x00\x1c",
+ .rlen = 32,
+ }, {
+ .key = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .klen = 16,
+ .iv = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x1f\xee\x92\xb4\x0c\xcb\xa1\x04"
+ "\x64\x0c\x4d\xb2\xe3\xec\x9c\x9d"
+ "\x09",
+ .ilen = 17,
+ .result = "\x6b\x4f\x3b\x90\x9a\xa2\xb3\x82"
+ "\x0a\xb8\x55\xee\xeb\x73\x4d\x7f"
+ "\x54\x11\x3a\x8a\x31\xa3\xb5\xf2"
+ "\xcd\x49\xdb\xf3\xee\x26\xbd\xa2"
+ "\x0d",
+ .rlen = 33,
+ }, {
+ .key = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f",
+ .klen = 16,
+ .iv = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x5c\x13\xcb\x54\x1c\x47\x4a\x1f"
+ "\xe5\xe6\xff\x44\xdd\x11\x5f\xa3"
+ "\x33\xdd\xc2\xf8\xdd\x18\x2b\x93"
+ "\x57\x05\x01\x1c\x66\x22\xd3",
+ .ilen = 31,
+ .result = "\x59\xd1\x0f\x6b\xee\x27\x84\x92"
+ "\xb7\xa9\xb5\xdd\x02\xa4\x12\xa5"
+ "\x50\x32\xb4\x9a\x2e\x35\x83\x55"
+ "\x36\x12\x12\xed\xa3\x31\xc5\x30"
+ "\xa7\xe2\x4a\x6d\x05\x59\x43\x91"
+ "\x75\xfa\x6c\x17\xc6\x73\xca",
+ .rlen = 47,
+ }, {
+ .key = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25",
+ .klen = 16,
+ .iv = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x98\x37\x05\xf3\x2c\xc2\xf3\x3b"
+ "\x66\xc0\xb1\xd5\xd7\x35\x21\xaa"
+ "\x5d\x9f\xce\x7c\xe2\xb8\xad\xad"
+ "\x19\x33\xe0\xf4\x40\x81\x72\x28",
+ .ilen = 32,
+ .result = "\xdb\x49\x68\x0f\x91\x5b\x21\xb1"
+ "\xcf\x50\xb2\x4c\x32\xe1\xa6\x69"
+ "\xc0\xfb\x44\x1f\xa0\x9a\xeb\x39"
+ "\x1b\xde\x68\x38\xcc\x27\x52\xc5"
+ "\xf6\x3e\x74\xea\x66\x5b\x5f\x0c"
+ "\x65\x9e\x58\xe6\x52\xa2\xfe\x59",
+ .rlen = 48,
+ }, {
+ .key = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b",
+ .klen = 16,
+ .iv = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .assoc = "\xc5",
+ .alen = 1,
+ .input = "",
+ .ilen = 0,
+ .result = "\x56\xe7\x24\x52\xdd\x95\x60\x5b"
+ "\x09\x48\x39\x69\x9c\xb3\x62\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xe4\x25\xcd\xfa\x80\xdd\x46\xde"
+ "\x07\xd1\x90\x8b\xcf\x23\x15\x31",
+ .klen = 16,
+ .iv = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .assoc = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76",
+ .alen = 15,
+ .input = "",
+ .ilen = 0,
+ .result = "\xdd\xfa\x6c\x1f\x5d\x86\x87\x01"
+ "\x13\xe5\x73\x46\x46\xf2\x5c\xe1",
+ .rlen = 16,
+ }, {
+ .key = "\x20\x4a\x07\x99\x91\x58\xee\xfa"
+ "\x88\xab\x42\x1c\xc9\x47\xd7\x38",
+ .klen = 16,
+ .iv = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .assoc = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b",
+ .alen = 16,
+ .input = "",
+ .ilen = 0,
+ .result = "\xa6\x1b\xb9\xd7\x5e\x3c\xcf\xac"
+ "\xa9\x21\x45\x0b\x16\x52\xf7\xe1",
+ .rlen = 16,
+ }, {
+ .key = "\x5d\x6f\x41\x39\xa1\xd4\x97\x16"
+ "\x09\x85\xf4\xae\xc3\x6b\x9a\x3e",
+ .klen = 16,
+ .iv = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .assoc = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41"
+ "\x3c",
+ .alen = 17,
+ .input = "",
+ .ilen = 0,
+ .result = "\x15\xff\xde\x3b\x34\xfc\xf6\xf9"
+ "\xbb\xa8\x62\xad\x0a\xf5\x48\x60",
+ .rlen = 16,
+ }, {
+ .key = "\x99\x93\x7a\xd8\xb1\x50\x40\x31"
+ "\x8a\x60\xa6\x3f\xbd\x90\x5d\x44",
+ .klen = 16,
+ .iv = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .assoc = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47"
+ "\x67\xba\x85\xf1\xbb\x30\x56\x26"
+ "\xaf\x0b\x02\x38\xcc\x44\xa7",
+ .alen = 31,
+ .input = "",
+ .ilen = 0,
+ .result = "\xd2\x9d\xf8\x3b\xd7\x84\xe9\x2d"
+ "\x4b\xef\x75\x16\x0a\x99\xae\x6b",
+ .rlen = 16,
+ }, {
+ .key = "\xd6\xb8\xb4\x77\xc1\xcb\xe9\x4d"
+ "\x0a\x3a\x58\xd1\xb7\xb4\x1f\x4a",
+ .klen = 16,
+ .iv = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .assoc = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d"
+ "\x91\x7c\x91\x75\xc0\xd0\xd8\x40"
+ "\x71\x39\xe1\x10\xa6\xa3\x46\x7a",
+ .alen = 32,
+ .input = "",
+ .ilen = 0,
+ .result = "\xe4\x8d\xa7\xa7\x45\xc1\x31\x4f"
+ "\xce\xfb\xaf\xd6\xc2\xe6\xee\xc0",
+ .rlen = 16,
+ }, {
+ .key = "\x12\xdd\xee\x17\xd1\x47\x92\x69"
+ "\x8b\x14\x0a\x62\xb1\xd9\xe2\x50",
+ .klen = 16,
+ .iv = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .assoc = "\x31",
+ .alen = 1,
+ .input = "\x40",
+ .ilen = 1,
+ .result = "\xe2\x67\x38\x4f\xb9\xad\x7d\x38"
+ "\x01\xfe\x84\x14\x85\xf8\xd1\xe3"
+ "\x22",
+ .rlen = 17,
+ }, {
+ .key = "\x4f\x01\x27\xb6\xe1\xc3\x3a\x85"
+ "\x0c\xee\xbc\xf4\xab\xfd\xa5\x57",
+ .klen = 16,
+ .iv = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .assoc = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06",
+ .alen = 15,
+ .input = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .ilen = 15,
+ .result = "\x77\x32\x61\xeb\xb4\x33\x29\x92"
+ "\x29\x95\xc5\x8e\x85\x76\xab\xfc"
+ "\x07\x95\xa7\x44\x74\xf7\x22\xff"
+ "\xd8\xd8\x36\x3d\x8a\x7f\x9e",
+ .rlen = 31,
+ }, {
+ .key = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67\x5d",
+ .klen = 16,
+ .iv = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .assoc = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60",
+ .alen = 16,
+ .input = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .ilen = 16,
+ .result = "\xd8\xfd\x44\x45\xf6\x42\x12\x38"
+ "\xf2\x0b\xea\x4f\x9e\x11\x61\x07"
+ "\x48\x67\x98\x18\x9b\xd0\x0c\x59"
+ "\x67\xa4\x11\xb3\x2b\xd6\xc1\x70",
+ .rlen = 32,
+ }, {
+ .key = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .klen = 16,
+ .iv = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .assoc = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66"
+ "\x3b",
+ .alen = 17,
+ .input = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .ilen = 17,
+ .result = "\xb1\xab\x53\x4e\xc7\x40\x16\xb6"
+ "\x71\x3a\x00\x9f\x41\x88\xb0\xb2"
+ "\x71\x83\x85\x5f\xc8\x79\x0a\x99"
+ "\x99\xdc\x89\x1c\x88\xd2\x3e\xf9"
+ "\x83",
+ .rlen = 33,
+ }, {
+ .key = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69",
+ .klen = 16,
+ .iv = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .assoc = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d"
+ "\x65\x48\xcb\x0a\xda\xf0\x62\xc0"
+ "\x38\x1d\x3b\x4a\xe9\x7e\x62",
+ .alen = 31,
+ .input = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .ilen = 31,
+ .result = "\x29\xc4\xf0\x03\xc1\x86\xdf\x06"
+ "\x5c\x7b\xef\x64\x87\x00\xd1\x37"
+ "\xa7\x08\xbc\x7f\x8f\x41\x54\xd0"
+ "\x3e\xf1\xc3\xa2\x96\x84\xdd\x2a"
+ "\x2d\x21\x30\xf9\x02\xdb\x06\x0c"
+ "\xf1\x5a\x66\x69\xe0\xca\x83",
+ .rlen = 47,
+ }, {
+ .key = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70",
+ .klen = 16,
+ .iv = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .assoc = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73"
+ "\x8f\x0a\xd6\x8f\xdf\x90\xe4\xda"
+ "\xf9\x4a\x1a\x23\xc3\xdd\x02\x81",
+ .alen = 32,
+ .input = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .ilen = 32,
+ .result = "\xe2\x2e\x44\xdf\xd3\x60\x6d\xb2"
+ "\x70\x57\x37\xc5\xc2\x4f\x8d\x14"
+ "\xc6\xbf\x8b\xec\xf5\x62\x67\xf2"
+ "\x2f\xa1\xe6\xd6\xa7\xb1\x8c\x54"
+ "\xe5\x6b\x49\xf9\x6e\x90\xc3\xaa"
+ "\x7a\x00\x2e\x4d\x7f\x31\x2e\x81",
+ .rlen = 48,
+ }, {
+ .key = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76",
+ .klen = 16,
+ .iv = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .assoc = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79"
+ "\xba\xcd\xe2\x13\xe4\x30\x66\xf4"
+ "\xba\x78\xf9\xfb\x9d\x3c\xa1\x58"
+ "\x1a",
+ .alen = 33,
+ .input = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d\x4d\x54\x51\x84\x61\xf6\x8e"
+ "\x03\x31\xf2\x25\x16\xcc\xaa\xc6"
+ "\x75\x73\x20\x30\x59\x54\xb2\xf0"
+ "\x3a\x4b\xe0\x23\x8e\xa6\x08\x35"
+ "\x8a",
+ .ilen = 65,
+ .result = "\xc7\xca\x26\x61\x57\xee\xa2\xb9"
+ "\xb1\x37\xde\x95\x06\x90\x11\x08"
+ "\x4d\x30\x9f\x24\xc0\x56\xb7\xe1"
+ "\x0b\x9f\xd2\x57\xe9\xd2\xb1\x76"
+ "\x56\x9a\xb4\x58\xc5\x08\xfc\xb5"
+ "\xf2\x31\x9b\xc9\xcd\xb3\x64\xdb"
+ "\x6f\x50\xbf\xf4\x73\x9d\xfb\x6b"
+ "\xef\x35\x25\x48\xed\xcf\x29\xa8"
+ "\xac\xc3\xb9\xcb\x61\x8f\x73\x92"
+ "\x2c\x7a\x6f\xda\xf9\x09\x6f\xe1"
+ "\xc4",
+ .rlen = 81,
+ }, {
+ .key = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c",
+ .klen = 16,
+ .iv = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .assoc = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f"
+ "\xe4\x8f\xed\x97\xe9\xd0\xe8\x0d"
+ "\x7c\xa6\xd8\xd4\x77\x9b\x40\x2e"
+ "\x28\xce\x57\x34\xcd\x6e\x84\x4c"
+ "\x17\x3c\xe1\xb2\xa8\x0b\xbb\xf1"
+ "\x96\x41\x0d\x69\xe8\x54\x0a\xc8"
+ "\x15\x4e\x91\x92\x89\x4b\xb7\x9b"
+ "\x21",
+ .alen = 65,
+ .input = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac",
+ .ilen = 33,
+ .result = "\x57\xcd\x3d\x46\xc5\xf9\x68\x3b"
+ "\x2c\x0f\xb4\x7e\x7b\x64\x3e\x40"
+ "\xf3\x78\x63\x34\x89\x79\x39\x6b"
+ "\x61\x64\x4a\x9a\xfa\x70\xa4\xd3"
+ "\x54\x0b\xea\x05\xa6\x95\x64\xed"
+ "\x3d\x69\xa2\x0c\x27\x56\x2f\x34"
+ "\x66",
+ .rlen = 49,
+ }, {
+ .key = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82",
+ .klen = 16,
+ .iv = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .assoc = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85",
+ .alen = 16,
+ .input = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .ilen = 16,
+ .result = "\xfc\x85\x06\x28\x8f\xe8\x23\x1f"
+ "\x33\x98\x87\xde\x08\xb6\xb6\xae"
+ "\x3e\xa4\xf8\x19\xf1\x92\x60\x39"
+ "\xb9\x6b\x3f\xdf\xc8\xcb\x30",
+ .rlen = 31,
+ }, {
+ .key = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .klen = 16,
+ .iv = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .assoc = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c",
+ .alen = 16,
+ .input = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .ilen = 16,
+ .result = "\x74\x7d\x70\x07\xe9\xba\x01\xee"
+ "\x6c\xc6\x6f\x50\x25\x33\xbe\x50"
+ "\x17\xb8\x17\x62\xed\x80\xa2\xf5"
+ "\x03\xde\x85\x71\x5d\x34",
+ .rlen = 30,
+ }, {
+ .key = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .klen = 16,
+ .iv = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .assoc = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92",
+ .alen = 16,
+ .input = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .ilen = 16,
+ .result = "\xf4\xb3\x85\xf9\xac\xde\xb1\x38"
+ "\x29\xfd\x6c\x7c\x49\xe5\x1d\xaf"
+ "\xba\xea\xd4\xfa\x3f\x11\x33\x98",
+ .rlen = 24,
+ }, {
+ .key = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .klen = 16,
+ .iv = "\xbb\x3a\xf7\x57\xc6\x36\x7c\x22"
+ "\x36\xab\xde\xc6\x6d\x32\x70\x17",
+ .assoc = "\xcb\x03\x85\xbf\x0a\xd5\x26\xa9"
+ "\x56\xe1\x0a\xeb\x6c\xfb\xa1\x98",
+ .alen = 16,
+ .input = "\xda\xcc\x14\x27\x4e\x74\xd1\x30"
+ "\x76\x18\x37\x0f\x6a\xc4\xd1\x1a",
+ .ilen = 16,
+ .result = "\xe6\x5c\x49\x4f\x78\xf3\x62\x86"
+ "\xe1\xb7\xa5\xc3\x32\x88\x3c\x8c"
+ "\x6e",
+ .rlen = 17,
+ },
+};
+
+static const struct aead_testvec morus640_dec_tv_template[] = {
+ {
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 16,
+ .iv = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x89\x62\x7d\xf3\x07\x9d\x52\x05"
+ "\x53\xc3\x04\x60\x93\xb4\x37\x9a",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x3c\x24\x39\x9f\x10\x7b\xa8\x1b"
+ "\x80\xda\xb2\x91\xf9\x24\xc2\x06",
+ .klen = 16,
+ .iv = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa8\x8d\xe4\x90\xb5\x50\x8f\x78"
+ "\xb6\x10\x9a\x59\x5f\x61\x37\x70"
+ "\x09",
+ .ilen = 17,
+ .result = "\x69",
+ .rlen = 1,
+ }, {
+ .key = "\x79\x49\x73\x3e\x20\xf7\x51\x37"
+ "\x01\xb4\x64\x22\xf3\x48\x85\x0c",
+ .klen = 16,
+ .iv = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x76\xdd\xb9\x05\x3d\xce\x61\x38"
+ "\xf3\xef\xf7\xe5\xd7\xfd\x70\xa5"
+ "\xcf\x9d\x64\xb8\x0a\x9f\xfd\x8b"
+ "\xd4\x6e\xfe\xd9\xc8\x63\x4b",
+ .ilen = 31,
+ .result = "\xa6\xa4\x1e\x76\xec\xd4\x50\xcc"
+ "\x62\x58\xe9\x8f\xef\xa4\x17",
+ .rlen = 15,
+ }, {
+ .key = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47\x12",
+ .klen = 16,
+ .iv = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xdc\x72\xe8\x14\xfb\x63\xad\x72"
+ "\x1f\x57\x9a\x1f\x88\x81\xdb\xd6"
+ "\xc1\x91\x9d\xb9\x25\xc4\x99\x4c"
+ "\x97\xcd\x8a\x0c\x9d\x68\x00\x1c",
+ .ilen = 32,
+ .result = "\xe2\xc9\x58\x15\xfc\x4f\xf8\xe8"
+ "\xe3\x32\x9b\x21\xe9\xc8\xd9\x97",
+ .rlen = 16,
+ }, {
+ .key = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .klen = 16,
+ .iv = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x6b\x4f\x3b\x90\x9a\xa2\xb3\x82"
+ "\x0a\xb8\x55\xee\xeb\x73\x4d\x7f"
+ "\x54\x11\x3a\x8a\x31\xa3\xb5\xf2"
+ "\xcd\x49\xdb\xf3\xee\x26\xbd\xa2"
+ "\x0d",
+ .ilen = 33,
+ .result = "\x1f\xee\x92\xb4\x0c\xcb\xa1\x04"
+ "\x64\x0c\x4d\xb2\xe3\xec\x9c\x9d"
+ "\x09",
+ .rlen = 17,
+ }, {
+ .key = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f",
+ .klen = 16,
+ .iv = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x59\xd1\x0f\x6b\xee\x27\x84\x92"
+ "\xb7\xa9\xb5\xdd\x02\xa4\x12\xa5"
+ "\x50\x32\xb4\x9a\x2e\x35\x83\x55"
+ "\x36\x12\x12\xed\xa3\x31\xc5\x30"
+ "\xa7\xe2\x4a\x6d\x05\x59\x43\x91"
+ "\x75\xfa\x6c\x17\xc6\x73\xca",
+ .ilen = 47,
+ .result = "\x5c\x13\xcb\x54\x1c\x47\x4a\x1f"
+ "\xe5\xe6\xff\x44\xdd\x11\x5f\xa3"
+ "\x33\xdd\xc2\xf8\xdd\x18\x2b\x93"
+ "\x57\x05\x01\x1c\x66\x22\xd3",
+ .rlen = 31,
+ }, {
+ .key = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25",
+ .klen = 16,
+ .iv = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xdb\x49\x68\x0f\x91\x5b\x21\xb1"
+ "\xcf\x50\xb2\x4c\x32\xe1\xa6\x69"
+ "\xc0\xfb\x44\x1f\xa0\x9a\xeb\x39"
+ "\x1b\xde\x68\x38\xcc\x27\x52\xc5"
+ "\xf6\x3e\x74\xea\x66\x5b\x5f\x0c"
+ "\x65\x9e\x58\xe6\x52\xa2\xfe\x59",
+ .ilen = 48,
+ .result = "\x98\x37\x05\xf3\x2c\xc2\xf3\x3b"
+ "\x66\xc0\xb1\xd5\xd7\x35\x21\xaa"
+ "\x5d\x9f\xce\x7c\xe2\xb8\xad\xad"
+ "\x19\x33\xe0\xf4\x40\x81\x72\x28",
+ .rlen = 32,
+ }, {
+ .key = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b",
+ .klen = 16,
+ .iv = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .assoc = "\xc5",
+ .alen = 1,
+ .input = "\x56\xe7\x24\x52\xdd\x95\x60\x5b"
+ "\x09\x48\x39\x69\x9c\xb3\x62\x46",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xe4\x25\xcd\xfa\x80\xdd\x46\xde"
+ "\x07\xd1\x90\x8b\xcf\x23\x15\x31",
+ .klen = 16,
+ .iv = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .assoc = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76",
+ .alen = 15,
+ .input = "\xdd\xfa\x6c\x1f\x5d\x86\x87\x01"
+ "\x13\xe5\x73\x46\x46\xf2\x5c\xe1",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x20\x4a\x07\x99\x91\x58\xee\xfa"
+ "\x88\xab\x42\x1c\xc9\x47\xd7\x38",
+ .klen = 16,
+ .iv = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .assoc = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b",
+ .alen = 16,
+ .input = "\xa6\x1b\xb9\xd7\x5e\x3c\xcf\xac"
+ "\xa9\x21\x45\x0b\x16\x52\xf7\xe1",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x5d\x6f\x41\x39\xa1\xd4\x97\x16"
+ "\x09\x85\xf4\xae\xc3\x6b\x9a\x3e",
+ .klen = 16,
+ .iv = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .assoc = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41"
+ "\x3c",
+ .alen = 17,
+ .input = "\x15\xff\xde\x3b\x34\xfc\xf6\xf9"
+ "\xbb\xa8\x62\xad\x0a\xf5\x48\x60",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x99\x93\x7a\xd8\xb1\x50\x40\x31"
+ "\x8a\x60\xa6\x3f\xbd\x90\x5d\x44",
+ .klen = 16,
+ .iv = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .assoc = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47"
+ "\x67\xba\x85\xf1\xbb\x30\x56\x26"
+ "\xaf\x0b\x02\x38\xcc\x44\xa7",
+ .alen = 31,
+ .input = "\xd2\x9d\xf8\x3b\xd7\x84\xe9\x2d"
+ "\x4b\xef\x75\x16\x0a\x99\xae\x6b",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xd6\xb8\xb4\x77\xc1\xcb\xe9\x4d"
+ "\x0a\x3a\x58\xd1\xb7\xb4\x1f\x4a",
+ .klen = 16,
+ .iv = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .assoc = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d"
+ "\x91\x7c\x91\x75\xc0\xd0\xd8\x40"
+ "\x71\x39\xe1\x10\xa6\xa3\x46\x7a",
+ .alen = 32,
+ .input = "\xe4\x8d\xa7\xa7\x45\xc1\x31\x4f"
+ "\xce\xfb\xaf\xd6\xc2\xe6\xee\xc0",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x12\xdd\xee\x17\xd1\x47\x92\x69"
+ "\x8b\x14\x0a\x62\xb1\xd9\xe2\x50",
+ .klen = 16,
+ .iv = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .assoc = "\x31",
+ .alen = 1,
+ .input = "\xe2\x67\x38\x4f\xb9\xad\x7d\x38"
+ "\x01\xfe\x84\x14\x85\xf8\xd1\xe3"
+ "\x22",
+ .ilen = 17,
+ .result = "\x40",
+ .rlen = 1,
+ }, {
+ .key = "\x4f\x01\x27\xb6\xe1\xc3\x3a\x85"
+ "\x0c\xee\xbc\xf4\xab\xfd\xa5\x57",
+ .klen = 16,
+ .iv = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .assoc = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06",
+ .alen = 15,
+ .input = "\x77\x32\x61\xeb\xb4\x33\x29\x92"
+ "\x29\x95\xc5\x8e\x85\x76\xab\xfc"
+ "\x07\x95\xa7\x44\x74\xf7\x22\xff"
+ "\xd8\xd8\x36\x3d\x8a\x7f\x9e",
+ .ilen = 31,
+ .result = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37",
+ .rlen = 15,
+ }, {
+ .key = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67\x5d",
+ .klen = 16,
+ .iv = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .assoc = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60",
+ .alen = 16,
+ .input = "\xd8\xfd\x44\x45\xf6\x42\x12\x38"
+ "\xf2\x0b\xea\x4f\x9e\x11\x61\x07"
+ "\x48\x67\x98\x18\x9b\xd0\x0c\x59"
+ "\x67\xa4\x11\xb3\x2b\xd6\xc1\x70",
+ .ilen = 32,
+ .result = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2",
+ .rlen = 16,
+ }, {
+ .key = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .klen = 16,
+ .iv = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .assoc = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66"
+ "\x3b",
+ .alen = 17,
+ .input = "\xb1\xab\x53\x4e\xc7\x40\x16\xb6"
+ "\x71\x3a\x00\x9f\x41\x88\xb0\xb2"
+ "\x71\x83\x85\x5f\xc8\x79\x0a\x99"
+ "\x99\xdc\x89\x1c\x88\xd2\x3e\xf9"
+ "\x83",
+ .ilen = 33,
+ .result = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05",
+ .rlen = 17,
+ }, {
+ .key = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69",
+ .klen = 16,
+ .iv = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .assoc = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d"
+ "\x65\x48\xcb\x0a\xda\xf0\x62\xc0"
+ "\x38\x1d\x3b\x4a\xe9\x7e\x62",
+ .alen = 31,
+ .input = "\x29\xc4\xf0\x03\xc1\x86\xdf\x06"
+ "\x5c\x7b\xef\x64\x87\x00\xd1\x37"
+ "\xa7\x08\xbc\x7f\x8f\x41\x54\xd0"
+ "\x3e\xf1\xc3\xa2\x96\x84\xdd\x2a"
+ "\x2d\x21\x30\xf9\x02\xdb\x06\x0c"
+ "\xf1\x5a\x66\x69\xe0\xca\x83",
+ .ilen = 47,
+ .result = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a",
+ .rlen = 31,
+ }, {
+ .key = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70",
+ .klen = 16,
+ .iv = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .assoc = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73"
+ "\x8f\x0a\xd6\x8f\xdf\x90\xe4\xda"
+ "\xf9\x4a\x1a\x23\xc3\xdd\x02\x81",
+ .alen = 32,
+ .input = "\xe2\x2e\x44\xdf\xd3\x60\x6d\xb2"
+ "\x70\x57\x37\xc5\xc2\x4f\x8d\x14"
+ "\xc6\xbf\x8b\xec\xf5\x62\x67\xf2"
+ "\x2f\xa1\xe6\xd6\xa7\xb1\x8c\x54"
+ "\xe5\x6b\x49\xf9\x6e\x90\xc3\xaa"
+ "\x7a\x00\x2e\x4d\x7f\x31\x2e\x81",
+ .ilen = 48,
+ .result = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37",
+ .rlen = 32,
+ }, {
+ .key = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76",
+ .klen = 16,
+ .iv = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .assoc = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79"
+ "\xba\xcd\xe2\x13\xe4\x30\x66\xf4"
+ "\xba\x78\xf9\xfb\x9d\x3c\xa1\x58"
+ "\x1a",
+ .alen = 33,
+ .input = "\xc7\xca\x26\x61\x57\xee\xa2\xb9"
+ "\xb1\x37\xde\x95\x06\x90\x11\x08"
+ "\x4d\x30\x9f\x24\xc0\x56\xb7\xe1"
+ "\x0b\x9f\xd2\x57\xe9\xd2\xb1\x76"
+ "\x56\x9a\xb4\x58\xc5\x08\xfc\xb5"
+ "\xf2\x31\x9b\xc9\xcd\xb3\x64\xdb"
+ "\x6f\x50\xbf\xf4\x73\x9d\xfb\x6b"
+ "\xef\x35\x25\x48\xed\xcf\x29\xa8"
+ "\xac\xc3\xb9\xcb\x61\x8f\x73\x92"
+ "\x2c\x7a\x6f\xda\xf9\x09\x6f\xe1"
+ "\xc4",
+ .ilen = 81,
+ .result = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d\x4d\x54\x51\x84\x61\xf6\x8e"
+ "\x03\x31\xf2\x25\x16\xcc\xaa\xc6"
+ "\x75\x73\x20\x30\x59\x54\xb2\xf0"
+ "\x3a\x4b\xe0\x23\x8e\xa6\x08\x35"
+ "\x8a",
+ .rlen = 65,
+ }, {
+ .key = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c",
+ .klen = 16,
+ .iv = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .assoc = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f"
+ "\xe4\x8f\xed\x97\xe9\xd0\xe8\x0d"
+ "\x7c\xa6\xd8\xd4\x77\x9b\x40\x2e"
+ "\x28\xce\x57\x34\xcd\x6e\x84\x4c"
+ "\x17\x3c\xe1\xb2\xa8\x0b\xbb\xf1"
+ "\x96\x41\x0d\x69\xe8\x54\x0a\xc8"
+ "\x15\x4e\x91\x92\x89\x4b\xb7\x9b"
+ "\x21",
+ .alen = 65,
+ .input = "\x57\xcd\x3d\x46\xc5\xf9\x68\x3b"
+ "\x2c\x0f\xb4\x7e\x7b\x64\x3e\x40"
+ "\xf3\x78\x63\x34\x89\x79\x39\x6b"
+ "\x61\x64\x4a\x9a\xfa\x70\xa4\xd3"
+ "\x54\x0b\xea\x05\xa6\x95\x64\xed"
+ "\x3d\x69\xa2\x0c\x27\x56\x2f\x34"
+ "\x66",
+ .ilen = 49,
+ .result = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac",
+ .rlen = 33,
+ }, {
+ .key = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82",
+ .klen = 16,
+ .iv = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .assoc = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85",
+ .alen = 16,
+ .input = "\xfc\x85\x06\x28\x8f\xe8\x23\x1f"
+ "\x33\x98\x87\xde\x08\xb6\xb6\xae"
+ "\x3e\xa4\xf8\x19\xf1\x92\x60\x39"
+ "\xb9\x6b\x3f\xdf\xc8\xcb\x30",
+ .ilen = 31,
+ .result = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07",
+ .rlen = 16,
+ }, {
+ .key = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .klen = 16,
+ .iv = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .assoc = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c",
+ .alen = 16,
+ .input = "\x74\x7d\x70\x07\xe9\xba\x01\xee"
+ "\x6c\xc6\x6f\x50\x25\x33\xbe\x50"
+ "\x17\xb8\x17\x62\xed\x80\xa2\xf5"
+ "\x03\xde\x85\x71\x5d\x34",
+ .ilen = 30,
+ .result = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d",
+ .rlen = 16,
+ }, {
+ .key = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .klen = 16,
+ .iv = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .assoc = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92",
+ .alen = 16,
+ .input = "\xf4\xb3\x85\xf9\xac\xde\xb1\x38"
+ "\x29\xfd\x6c\x7c\x49\xe5\x1d\xaf"
+ "\xba\xea\xd4\xfa\x3f\x11\x33\x98",
+ .ilen = 24,
+ .result = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13",
+ .rlen = 16,
+ }, {
+ .key = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .klen = 16,
+ .iv = "\xbb\x3a\xf7\x57\xc6\x36\x7c\x22"
+ "\x36\xab\xde\xc6\x6d\x32\x70\x17",
+ .assoc = "\xcb\x03\x85\xbf\x0a\xd5\x26\xa9"
+ "\x56\xe1\x0a\xeb\x6c\xfb\xa1\x98",
+ .alen = 16,
+ .input = "\xe6\x5c\x49\x4f\x78\xf3\x62\x86"
+ "\xe1\xb7\xa5\xc3\x32\x88\x3c\x8c"
+ "\x6e",
+ .ilen = 17,
+ .result = "\xda\xcc\x14\x27\x4e\x74\xd1\x30"
+ "\x76\x18\x37\x0f\x6a\xc4\xd1\x1a",
+ .rlen = 16,
+ },
+};
+
+/*
+ * MORUS-1280 test vectors - generated via reference implementation from
+ * SUPERCOP (https://bench.cr.yp.to/supercop.html):
+ *
+ * https://bench.cr.yp.to/supercop/supercop-20170228.tar.xz
+ * (see crypto_aead/morus1280128v2/ and crypto_aead/morus1280256v2/ )
+ */
+static const struct aead_testvec morus1280_enc_tv_template[] = {
+ {
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 16,
+ .iv = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .assoc = "",
+ .alen = 0,
+ .input = "",
+ .ilen = 0,
+ .result = "\x91\x85\x0f\xf5\x52\x9e\xce\xce"
+ "\x65\x99\xc7\xbf\xd3\x76\xe8\x98",
+ .rlen = 16,
+ }, {
+ .key = "\x3c\x24\x39\x9f\x10\x7b\xa8\x1b"
+ "\x80\xda\xb2\x91\xf9\x24\xc2\x06",
+ .klen = 16,
+ .iv = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x69",
+ .ilen = 1,
+ .result = "\x88\xc3\x4c\xf0\x2f\x43\x76\x13"
+ "\x96\xda\x76\x34\x33\x4e\xd5\x39"
+ "\x73",
+ .rlen = 17,
+ }, {
+ .key = "\x79\x49\x73\x3e\x20\xf7\x51\x37"
+ "\x01\xb4\x64\x22\xf3\x48\x85\x0c",
+ .klen = 16,
+ .iv = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xa6\xa4\x1e\x76\xec\xd4\x50\xcc"
+ "\x62\x58\xe9\x8f\xef\xa4\x17\x91"
+ "\xb4\x96\x9f\x6b\xce\x38\xa5\x46"
+ "\x13\x7d\x64\x93\xd7\x05\xf5",
+ .ilen = 31,
+ .result = "\x3e\x5c\x3b\x58\x3b\x7d\x2a\x22"
+ "\x75\x0b\x24\xa6\x0e\xc3\xde\x52"
+ "\x97\x0b\x64\xd4\xce\x90\x52\xf7"
+ "\xef\xdb\x6a\x38\xd2\xa8\xa1\x0d"
+ "\xe0\x61\x33\x24\xc6\x4d\x51\xbc"
+ "\xa4\x21\x74\xcf\x19\x16\x59",
+ .rlen = 47,
+ }, {
+ .key = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47\x12",
+ .klen = 16,
+ .iv = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xe2\xc9\x58\x15\xfc\x4f\xf8\xe8"
+ "\xe3\x32\x9b\x21\xe9\xc8\xd9\x97"
+ "\xde\x58\xab\xf0\xd3\xd8\x27\x60"
+ "\xd5\xaa\x43\x6b\xb1\x64\x95\xa4",
+ .ilen = 32,
+ .result = "\x30\x82\x9c\x2b\x67\xcb\xf9\x1f"
+ "\xde\x9f\x77\xb2\xda\x92\x61\x5c"
+ "\x09\x0b\x2d\x9a\x26\xaa\x1c\x06"
+ "\xab\x74\xb7\x2b\x95\x5f\x9f\xa1"
+ "\x9a\xff\x50\xa0\xa2\xff\xc5\xad"
+ "\x21\x8e\x84\x5c\x12\x61\xb2\xae",
+ .rlen = 48,
+ }, {
+ .key = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .klen = 16,
+ .iv = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x1f\xee\x92\xb4\x0c\xcb\xa1\x04"
+ "\x64\x0c\x4d\xb2\xe3\xec\x9c\x9d"
+ "\x09\x1a\xb7\x74\xd8\x78\xa9\x79"
+ "\x96\xd8\x22\x43\x8c\xc3\x34\x7b"
+ "\xc4",
+ .ilen = 33,
+ .result = "\x67\x5d\x8e\x45\xc8\x39\xf5\x17"
+ "\xc1\x1d\x2a\xdd\x88\x67\xda\x1f"
+ "\x6d\xe8\x37\x28\x5a\xc1\x5e\x9f"
+ "\xa6\xec\xc6\x92\x05\x4b\xc0\xa3"
+ "\x63\xef\x88\xa4\x9b\x0a\x5c\xed"
+ "\x2b\x6a\xac\x63\x52\xaa\x10\x94"
+ "\xd0",
+ .rlen = 49,
+ }, {
+ .key = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f",
+ .klen = 16,
+ .iv = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x5c\x13\xcb\x54\x1c\x47\x4a\x1f"
+ "\xe5\xe6\xff\x44\xdd\x11\x5f\xa3"
+ "\x33\xdd\xc2\xf8\xdd\x18\x2b\x93"
+ "\x57\x05\x01\x1c\x66\x22\xd3\x51"
+ "\xd3\xdf\x18\xc9\x30\x66\xed\xb1"
+ "\x96\x58\xd5\x8c\x64\x8c\x7c\xf5"
+ "\x01\xd0\x74\x5f\x9b\xaa\xf6\xd1"
+ "\xe6\x16\xa2\xac\xde\x47\x40",
+ .ilen = 63,
+ .result = "\x7d\x61\x1a\x35\x20\xcc\x07\x88"
+ "\x03\x98\x87\xcf\xc0\x6e\x4d\x19"
+ "\xe3\xd4\x0b\xfb\x29\x8f\x49\x1a"
+ "\x3a\x06\x77\xce\x71\x2c\xcd\xdd"
+ "\xed\xf6\xc9\xbe\xa6\x3b\xb8\xfc"
+ "\x6c\xbe\x77\xed\x74\x0e\x20\x85"
+ "\xd0\x65\xde\x24\x6f\xe3\x25\xc5"
+ "\xdf\x5b\x0f\xbd\x8a\x88\x78\xc9"
+ "\xe5\x81\x37\xde\x84\x7a\xf6\x84"
+ "\x99\x7a\x72\x9c\x54\x31\xa1",
+ .rlen = 79,
+ }, {
+ .key = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25",
+ .klen = 16,
+ .iv = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x98\x37\x05\xf3\x2c\xc2\xf3\x3b"
+ "\x66\xc0\xb1\xd5\xd7\x35\x21\xaa"
+ "\x5d\x9f\xce\x7c\xe2\xb8\xad\xad"
+ "\x19\x33\xe0\xf4\x40\x81\x72\x28"
+ "\xe1\x8b\x1c\xf8\x91\x78\xff\xaf"
+ "\xb0\x68\x69\xf2\x27\x35\x91\x84"
+ "\x2e\x37\x5b\x00\x04\xff\x16\x9c"
+ "\xb5\x19\x39\xeb\xd9\xcd\x29\x9a",
+ .ilen = 64,
+ .result = "\x05\xc5\xb1\xf9\x1b\xb9\xab\x2c"
+ "\xa5\x07\x12\xa7\x12\x39\x60\x66"
+ "\x30\x81\x4a\x03\x78\x28\x45\x52"
+ "\xd2\x2b\x24\xfd\x8b\xa5\xb7\x66"
+ "\x6f\x45\xd7\x3b\x67\x6f\x51\xb9"
+ "\xc0\x3d\x6c\xca\x1e\xae\xff\xb6"
+ "\x79\xa9\xe4\x82\x5d\x4c\x2d\xdf"
+ "\xeb\x71\x40\xc9\x2c\x40\x45\x6d"
+ "\x73\x77\x01\xf3\x4f\xf3\x9d\x2a"
+ "\x5d\x57\xa8\xa1\x18\xa2\xad\xcb",
+ .rlen = 80,
+ }, {
+ .key = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b",
+ .klen = 16,
+ .iv = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .assoc = "\xc5",
+ .alen = 1,
+ .input = "",
+ .ilen = 0,
+ .result = "\x4d\xbf\x11\xac\x7f\x97\x0b\x2e"
+ "\x89\x3b\x9d\x0f\x83\x1c\x08\xc3",
+ .rlen = 16,
+ }, {
+ .key = "\xe4\x25\xcd\xfa\x80\xdd\x46\xde"
+ "\x07\xd1\x90\x8b\xcf\x23\x15\x31",
+ .klen = 16,
+ .iv = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .assoc = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34"
+ "\xe8\x73\x62\x64\xab\x50\xd0\xda"
+ "\x6b\x83\x66\xaf\x3e\x27\xc9",
+ .alen = 31,
+ .input = "",
+ .ilen = 0,
+ .result = "\x5b\xc0\x8d\x54\xe4\xec\xbe\x38"
+ "\x03\x12\xf9\xcc\x9e\x46\x42\x92",
+ .rlen = 16,
+ }, {
+ .key = "\x20\x4a\x07\x99\x91\x58\xee\xfa"
+ "\x88\xab\x42\x1c\xc9\x47\xd7\x38",
+ .klen = 16,
+ .iv = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .assoc = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b"
+ "\x12\x35\x6e\xe8\xb0\xf0\x52\xf3"
+ "\x2d\xb0\x45\x87\x18\x86\x68\xf6",
+ .alen = 32,
+ .input = "",
+ .ilen = 0,
+ .result = "\x48\xc5\xc3\x4c\x40\x2e\x2f\xc2"
+ "\x6d\x65\xe0\x67\x9c\x1d\xa0\xf0",
+ .rlen = 16,
+ }, {
+ .key = "\x5d\x6f\x41\x39\xa1\xd4\x97\x16"
+ "\x09\x85\xf4\xae\xc3\x6b\x9a\x3e",
+ .klen = 16,
+ .iv = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .assoc = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41"
+ "\x3c\xf8\x79\x6c\xb6\x90\xd4\x0d"
+ "\xee\xde\x23\x60\xf2\xe5\x08\xcc"
+ "\x97",
+ .alen = 33,
+ .input = "",
+ .ilen = 0,
+ .result = "\x28\x64\x78\x51\x55\xd8\x56\x4a"
+ "\x58\x3e\xf7\xbe\xee\x21\xfe\x94",
+ .rlen = 16,
+ }, {
+ .key = "\x99\x93\x7a\xd8\xb1\x50\x40\x31"
+ "\x8a\x60\xa6\x3f\xbd\x90\x5d\x44",
+ .klen = 16,
+ .iv = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .assoc = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47"
+ "\x67\xba\x85\xf1\xbb\x30\x56\x26"
+ "\xaf\x0b\x02\x38\xcc\x44\xa7\xa3"
+ "\xa6\xbf\x31\x93\x60\xcd\xda\x63"
+ "\x2c\xb1\xaa\x19\xc8\x19\xf8\xeb"
+ "\x03\xa1\xe8\xbe\x37\x54\xec\xa2"
+ "\xcd\x2c\x45\x58\xbd\x8e\x80",
+ .alen = 63,
+ .input = "",
+ .ilen = 0,
+ .result = "\xb3\xa6\x00\x4e\x09\x20\xac\x21"
+ "\x77\x72\x69\x76\x2d\x36\xe5\xc8",
+ .rlen = 16,
+ }, {
+ .key = "\xd6\xb8\xb4\x77\xc1\xcb\xe9\x4d"
+ "\x0a\x3a\x58\xd1\xb7\xb4\x1f\x4a",
+ .klen = 16,
+ .iv = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .assoc = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d"
+ "\x91\x7c\x91\x75\xc0\xd0\xd8\x40"
+ "\x71\x39\xe1\x10\xa6\xa3\x46\x7a"
+ "\xb4\x6b\x35\xc2\xc1\xdf\xed\x60"
+ "\x46\xc1\x3e\x7f\x8c\xc2\x0e\x7a"
+ "\x30\x08\xd0\x5f\xa0\xaa\x0c\x6d"
+ "\x9c\x2f\xdb\x97\xb8\x15\x69\x01",
+ .alen = 64,
+ .input = "",
+ .ilen = 0,
+ .result = "\x65\x33\x7b\xa1\x63\xf4\x20\xdd"
+ "\xe4\xb9\x4a\xaa\x9a\x21\xaa\x14",
+ .rlen = 16,
+ }, {
+ .key = "\x12\xdd\xee\x17\xd1\x47\x92\x69"
+ "\x8b\x14\x0a\x62\xb1\xd9\xe2\x50",
+ .klen = 16,
+ .iv = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .assoc = "\x31",
+ .alen = 1,
+ .input = "\x40",
+ .ilen = 1,
+ .result = "\x1d\x47\x17\x34\x86\xf5\x54\x1a"
+ "\x6d\x28\xb8\x5d\x6c\xcf\xa0\xb9"
+ "\xbf",
+ .rlen = 17,
+ }, {
+ .key = "\x4f\x01\x27\xb6\xe1\xc3\x3a\x85"
+ "\x0c\xee\xbc\xf4\xab\xfd\xa5\x57",
+ .klen = 16,
+ .iv = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .assoc = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a"
+ "\xe6\x01\xa8\x7e\xca\x10\xdc\x73"
+ "\xf4\x94\x9f\xc1\x5a\x61\x85",
+ .alen = 31,
+ .input = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37\xdb"
+ "\xb0\xb2\x2b\x9f\x0b\xb8\xbd\x7a"
+ "\x24\xa0\xd6\xb7\x11\x79\x6c",
+ .ilen = 31,
+ .result = "\x78\x90\x52\xae\x0f\xf7\x2e\xef"
+ "\x63\x09\x08\x58\xb5\x56\xbd\x72"
+ "\x6e\x42\xcf\x27\x04\x7c\xdb\x92"
+ "\x18\xe9\xa4\x33\x90\xba\x62\xb5"
+ "\x70\xd3\x88\x9b\x4f\x05\xa7\x51"
+ "\x85\x87\x17\x09\x42\xed\x4e",
+ .rlen = 47,
+ }, {
+ .key = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67\x5d",
+ .klen = 16,
+ .iv = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .assoc = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60"
+ "\x10\xc3\xb3\x02\xcf\xb0\x5e\x8d"
+ "\xb5\xc2\x7e\x9a\x35\xc0\x24\xfd",
+ .alen = 32,
+ .input = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2"
+ "\xdb\x74\x36\x23\x11\x58\x3f\x93"
+ "\xe5\xcd\xb5\x90\xeb\xd8\x0c\xb3",
+ .ilen = 32,
+ .result = "\x1d\x2c\x57\xe0\x50\x38\x3d\x41"
+ "\x2e\x71\xc8\x3b\x92\x43\x58\xaf"
+ "\x5a\xfb\xad\x8f\xd9\xd5\x8a\x5e"
+ "\xdb\xf3\xcd\x3a\x2b\xe1\x2c\x1a"
+ "\xb0\xed\xe3\x0c\x6e\xf9\xf2\xd6"
+ "\x90\xe6\xb1\x0e\xa5\x8a\xac\xb7",
+ .rlen = 48,
+ }, {
+ .key = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .klen = 16,
+ .iv = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .assoc = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66"
+ "\x3b\x86\xbf\x86\xd4\x50\xe0\xa7"
+ "\x76\xef\x5c\x72\x0f\x1f\xc3\xd4"
+ "\xee",
+ .alen = 33,
+ .input = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05\x36\x42\xa7\x16\xf8\xc1\xad"
+ "\xa7\xfb\x94\x68\xc5\x37\xab\x8a"
+ "\x72",
+ .ilen = 33,
+ .result = "\x59\x10\x84\x1c\x83\x4c\x8b\xfc"
+ "\xfd\x2e\x4b\x46\x84\xff\x78\x4e"
+ "\x50\xda\x5c\xb9\x61\x1d\xf5\xb9"
+ "\xfe\xbb\x7f\xae\x8c\xc1\x24\xbd"
+ "\x8c\x6f\x1f\x9b\xce\xc6\xc1\x37"
+ "\x08\x06\x5a\xe5\x96\x10\x95\xc2"
+ "\x5e",
+ .rlen = 49,
+ }, {
+ .key = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69",
+ .klen = 16,
+ .iv = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .assoc = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d"
+ "\x65\x48\xcb\x0a\xda\xf0\x62\xc0"
+ "\x38\x1d\x3b\x4a\xe9\x7e\x62\xaa"
+ "\xfd\xc9\x4a\xa9\xa9\x39\x4b\x54"
+ "\xc8\x0e\x24\x7f\x5e\x10\x7a\x45"
+ "\x10\x0b\x56\x85\xad\x54\xaa\x66"
+ "\xa8\x43\xcd\xd4\x9b\xb7\xfa",
+ .alen = 63,
+ .input = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a\x60"
+ "\x80\xf4\x4b\xf4\xc1\x3d\xd0\x93"
+ "\xcf\x12\xc9\x59\x8f\x7a\x7f\xa8"
+ "\x1b\xa5\x50\xed\x87\xa9\x72\x59"
+ "\x9c\x44\xb2\xa4\x99\x98\x34",
+ .ilen = 63,
+ .result = "\x9a\x12\xbc\xdf\x72\xa8\x56\x22"
+ "\x49\x2d\x07\x92\xfc\x3d\x6d\x5f"
+ "\xef\x36\x19\xae\x91\xfa\xd6\x63"
+ "\x46\xea\x8a\x39\x14\x21\xa6\x37"
+ "\x18\xfc\x97\x3e\x16\xa5\x4d\x39"
+ "\x45\x2e\x69\xcc\x9c\x5f\xdf\x6d"
+ "\x5e\xa2\xbf\xac\x83\x32\x72\x52"
+ "\x58\x58\x23\x40\xfd\xa5\xc2\xe6"
+ "\xe9\x5a\x50\x98\x00\x58\xc9\x86"
+ "\x4f\x20\x37\xdb\x7b\x22\xa3",
+ .rlen = 79,
+ }, {
+ .key = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70",
+ .klen = 16,
+ .iv = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .assoc = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73"
+ "\x8f\x0a\xd6\x8f\xdf\x90\xe4\xda"
+ "\xf9\x4a\x1a\x23\xc3\xdd\x02\x81"
+ "\x0b\x76\x4f\xd7\x0a\x4b\x5e\x51"
+ "\xe3\x1d\xb9\xe5\x21\xb9\x8f\xd4"
+ "\x3d\x72\x3e\x26\x16\xa9\xca\x32"
+ "\x77\x47\x63\x14\x95\x3d\xe4\x34",
+ .alen = 64,
+ .input = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37"
+ "\x8f\xa1\x50\x23\x22\x4f\xe3\x91"
+ "\xe9\x21\x5e\xbf\x52\x23\x95\x37"
+ "\x48\x0c\x38\x8f\xf0\xff\x92\x24"
+ "\x6b\x47\x49\xe3\x94\x1f\x1e\x01",
+ .ilen = 64,
+ .result = "\xe6\xeb\x92\x5a\x5b\xf0\x2d\xbb"
+ "\x23\xec\x35\xe3\xae\xc9\xfb\x0b"
+ "\x90\x14\x46\xeb\xa8\x8d\xb0\x9b"
+ "\x39\xda\x8b\x48\xec\xb2\x00\x4e"
+ "\x80\x6f\x46\x4f\x9b\x1e\xbb\x35"
+ "\xea\x5a\xbc\xa2\x36\xa5\x89\x45"
+ "\xc2\xd6\xd7\x15\x0b\xf6\x6c\x56"
+ "\xec\x99\x7d\x61\xb3\x15\x93\xed"
+ "\x83\x1e\xd9\x48\x84\x0b\x37\xfe"
+ "\x95\x74\x44\xd5\x54\xa6\x27\x06",
+ .rlen = 80,
+ }, {
+ .key = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76",
+ .klen = 16,
+ .iv = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .assoc = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79"
+ "\xba\xcd\xe2\x13\xe4\x30\x66\xf4"
+ "\xba\x78\xf9\xfb\x9d\x3c\xa1\x58"
+ "\x1a\x22\x53\x05\x6b\x5c\x71\x4f"
+ "\xfd\x2d\x4d\x4c\xe5\x62\xa5\x63"
+ "\x6a\xda\x26\xc8\x7f\xff\xea\xfd"
+ "\x46\x4a\xfa\x53\x8f\xc4\xcd\x68"
+ "\x58",
+ .alen = 65,
+ .input = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d\x4d\x54\x51\x84\x61\xf6\x8e"
+ "\x03\x31\xf2\x25\x16\xcc\xaa\xc6"
+ "\x75\x73\x20\x30\x59\x54\xb2\xf0"
+ "\x3a\x4b\xe0\x23\x8e\xa6\x08\x35"
+ "\x8a\xdf\x27\xa0\xe4\x60\x99\xae"
+ "\x8e\x43\xd9\x39\x7b\x10\x40\x67"
+ "\x5c\x7e\xc9\x70\x63\x34\xca\x59"
+ "\xfe\x86\xbc\xb7\x9c\x39\xf3\x6d"
+ "\x6a\x41\x64\x6f\x16\x7f\x65\x7e"
+ "\x89\x84\x68\xeb\xb0\x51\xbe\x55"
+ "\x33\x16\x59\x6c\x3b\xef\x88\xad"
+ "\x2f\xab\xbc\x25\x76\x87\x41\x2f"
+ "\x36",
+ .ilen = 129,
+ .result = "\x89\x24\x27\x86\xdc\xd7\x6b\xd9"
+ "\xd1\xcd\xdc\x16\xdd\x2c\xc1\xfb"
+ "\x52\xb5\xb3\xab\x50\x99\x3f\xa0"
+ "\x38\xa4\x74\xa5\x04\x15\x63\x05"
+ "\x8f\x54\x81\x06\x5a\x6b\xa4\x63"
+ "\x6d\xa7\x21\xcb\xff\x42\x30\x8e"
+ "\x3b\xd1\xca\x3f\x4b\x1a\xb8\xc3"
+ "\x42\x01\xe6\xbc\x75\x15\x87\xee"
+ "\xc9\x8e\x65\x01\xd9\xd8\xb5\x9f"
+ "\x48\x86\xa6\x5f\x2c\xc7\xb5\xb0"
+ "\xed\x5d\x14\x7c\x3f\x40\xb1\x0b"
+ "\x72\xef\x94\x8d\x7a\x85\x56\xe5"
+ "\x56\x08\x15\x56\xba\xaf\xbd\xf0"
+ "\x20\xef\xa0\xf6\xa9\xad\xa2\xc9"
+ "\x1c\x3b\x28\x51\x7e\x77\xb2\x18"
+ "\x4f\x61\x64\x37\x22\x36\x6d\x78"
+ "\xed\xed\x35\xe8\x83\xa5\xec\x25"
+ "\x6b\xff\x5f\x1a\x09\x96\x3d\xdc"
+ "\x20",
+ .rlen = 145,
+ }, {
+ .key = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c",
+ .klen = 16,
+ .iv = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .assoc = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f"
+ "\xe4\x8f\xed\x97\xe9\xd0\xe8\x0d"
+ "\x7c\xa6\xd8\xd4\x77\x9b\x40\x2e"
+ "\x28\xce\x57\x34\xcd\x6e\x84\x4c"
+ "\x17\x3c\xe1\xb2\xa8\x0b\xbb\xf1"
+ "\x96\x41\x0d\x69\xe8\x54\x0a\xc8"
+ "\x15\x4e\x91\x92\x89\x4b\xb7\x9b"
+ "\x21\xf7\x42\x89\xac\x12\x2a\x54"
+ "\x69\xee\x18\xc7\x8d\xed\xe8\xfd"
+ "\xbb\x04\x28\xe6\x8a\x3c\x98\xc1"
+ "\x04\x2d\xa9\xa1\x24\x83\xff\xe9"
+ "\x55\x7a\xf0\xd1\xf6\x63\x05\xe1"
+ "\xd9\x1e\x75\x72\xc1\x9f\xae\x32"
+ "\xe1\x6b\xcd\x9e\x61\x19\x23\x86"
+ "\xd9\xd2\xaf\x8e\xd5\xd3\xa8\xa9"
+ "\x51",
+ .alen = 129,
+ .input = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .ilen = 65,
+ .result = "\x36\x78\xb9\x22\xde\x62\x35\x55"
+ "\x1a\x7a\xf5\x45\xbc\xd7\x15\x82"
+ "\x01\xe9\x5a\x07\xea\x46\xaf\x91"
+ "\xcb\x73\xa5\xee\xe1\xb4\xbf\xc2"
+ "\xdb\xd2\x9d\x59\xde\xfc\x83\x00"
+ "\xf5\x46\xac\x97\xd5\x57\xa9\xb9"
+ "\x1f\x8c\xe8\xca\x68\x8b\x91\x0c"
+ "\x01\xbe\x0a\xaf\x7c\xf6\x67\xa4"
+ "\xbf\xbc\x88\x3f\x5d\xd1\xf9\x19"
+ "\x0f\x9d\xb2\xaf\xb9\x6e\x17\xdf"
+ "\xa2",
+ .rlen = 81,
+ }, {
+ .key = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82",
+ .klen = 16,
+ .iv = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .assoc = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85"
+ "\x0e\x51\xf9\x1c\xee\x70\x6a\x27"
+ "\x3d\xd3\xb7\xac\x51\xfa\xdf\x05",
+ .alen = 32,
+ .input = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07"
+ "\xd9\x02\x7c\x3d\x2f\x18\x4b\x2d"
+ "\x6e\xde\xee\xa2\x08\x12\xc7\xba",
+ .ilen = 32,
+ .result = "\x08\x1b\x95\x0e\x41\x95\x02\x4b"
+ "\x9c\xbb\xa8\xd0\x7c\xd3\x44\x6e"
+ "\x89\x14\x33\x70\x0a\xbc\xea\x39"
+ "\x88\xaa\x2b\xd5\x73\x11\x55\xf5"
+ "\x33\x33\x9c\xd7\x42\x34\x49\x8e"
+ "\x2f\x03\x30\x05\x47\xaf\x34",
+ .rlen = 47,
+ }, {
+ .key = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .klen = 16,
+ .iv = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .assoc = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c"
+ "\x39\x14\x05\xa0\xf3\x10\xec\x41"
+ "\xff\x01\x95\x84\x2b\x59\x7f\xdb",
+ .alen = 32,
+ .input = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d"
+ "\x03\xc4\x88\xc1\x35\xb8\xcd\x47"
+ "\x2f\x0c\xcd\x7a\xe2\x71\x66\x91",
+ .ilen = 32,
+ .result = "\x97\xca\xf4\xe0\x8d\x89\xbf\x68"
+ "\x0c\x60\xb9\x27\xdf\xaa\x41\xc6"
+ "\x25\xd8\xf7\x1f\x10\x15\x48\x61"
+ "\x4c\x95\x00\xdf\x51\x9b\x7f\xe6"
+ "\x24\x40\x9e\xbe\x3b\xeb\x1b\x98"
+ "\xb9\x9c\xe5\xef\xf2\x05",
+ .rlen = 46,
+ }, {
+ .key = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .klen = 16,
+ .iv = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .assoc = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92"
+ "\x63\xd6\x10\x24\xf8\xb0\x6e\x5a"
+ "\xc0\x2e\x74\x5d\x06\xb8\x1e\xb2",
+ .alen = 32,
+ .input = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13"
+ "\x2e\x86\x93\x45\x3a\x58\x4f\x61"
+ "\xf0\x3a\xac\x53\xbc\xd0\x06\x68",
+ .ilen = 32,
+ .result = "\x63\x4c\x2a\x8e\xb4\x6b\x63\x0d"
+ "\xb5\xec\x9b\x4e\x12\x23\xa3\xcf"
+ "\x1a\x5a\x70\x15\x5a\x10\x40\x51"
+ "\xca\x47\x4c\x9d\xc9\x97\xf4\x77"
+ "\xdb\xc8\x10\x2d\xdc\x65\x20\x3f",
+ .rlen = 40,
+ }, {
+ .key = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .klen = 16,
+ .iv = "\xbb\x3a\xf7\x57\xc6\x36\x7c\x22"
+ "\x36\xab\xde\xc6\x6d\x32\x70\x17",
+ .assoc = "\xcb\x03\x85\xbf\x0a\xd5\x26\xa9"
+ "\x56\xe1\x0a\xeb\x6c\xfb\xa1\x98"
+ "\x8d\x98\x1c\xa8\xfe\x50\xf0\x74"
+ "\x81\x5c\x53\x35\xe0\x17\xbd\x88",
+ .alen = 32,
+ .input = "\xda\xcc\x14\x27\x4e\x74\xd1\x30"
+ "\x76\x18\x37\x0f\x6a\xc4\xd1\x1a"
+ "\x58\x49\x9f\xc9\x3f\xf8\xd1\x7a"
+ "\xb2\x67\x8b\x2b\x96\x2f\xa5\x3e",
+ .ilen = 32,
+ .result = "\xf1\x62\x44\xc7\x5f\x19\xca\x43"
+ "\x47\x2c\xaf\x68\x82\xbd\x51\xef"
+ "\x3d\x65\xd8\x45\x2d\x06\x07\x78"
+ "\x08\x2e\xb3\x23\xcd\x81\x12\x55"
+ "\x1a",
+ .rlen = 33,
+ }, {
+ .key = "\xe9\x95\xa2\x8f\x93\x13\x7b\xb7"
+ "\x96\x4e\x63\x33\x69\x8d\x02\x9b"
+ "\x23\xf9\x22\xeb\x80\xa0\xb1\x81"
+ "\xe2\x73\xc3\x21\x4d\x47\x8d\xf4",
+ .klen = 32,
+ .iv = "\xf8\x5e\x31\xf7\xd7\xb2\x25\x3e"
+ "\xb7\x85\x90\x58\x67\x57\x33\x1d",
+ .assoc = "",
+ .alen = 0,
+ .input = "",
+ .ilen = 0,
+ .result = "\xdf\x2f\x83\xc0\x45\x4a\x2c\xcf"
+ "\xb9\xd2\x41\xf6\x80\xa1\x52\x70",
+ .rlen = 16,
+ }, {
+ .key = "\x25\xba\xdc\x2e\xa3\x8f\x24\xd3"
+ "\x17\x29\x15\xc5\x63\xb2\xc5\xa1"
+ "\x4d\xbc\x2d\x6f\x85\x40\x33\x9a"
+ "\xa3\xa0\xa1\xfa\x27\xa6\x2c\xca",
+ .klen = 32,
+ .iv = "\x34\x83\x6a\x96\xe7\x2d\xce\x5a"
+ "\x38\x5f\x42\xe9\x61\x7b\xf5\x23",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x53",
+ .ilen = 1,
+ .result = "\x01\xd8\x55\x3c\xc0\x5a\x4b\xc7"
+ "\x01\xf4\x08\xe3\x0d\xf7\xf0\x78"
+ "\x53",
+ .rlen = 17,
+ }, {
+ .key = "\x62\xdf\x16\xcd\xb3\x0a\xcc\xef"
+ "\x98\x03\xc7\x56\x5d\xd6\x87\xa8"
+ "\x77\x7e\x39\xf3\x8a\xe0\xb5\xb4"
+ "\x65\xce\x80\xd2\x01\x05\xcb\xa1",
+ .klen = 32,
+ .iv = "\x71\xa8\xa4\x35\xf7\xa9\x76\x75"
+ "\xb8\x39\xf4\x7a\x5b\x9f\xb8\x29",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x8f\x3a\xc1\x05\x7f\xe7\xcb\x83"
+ "\xf9\xa6\x4d\xc3\x58\x31\x19\x2c"
+ "\xd7\x90\xc2\x56\x4e\xd8\x57\xc7"
+ "\xf6\xf0\x27\xb4\x25\x4c\x83",
+ .ilen = 31,
+ .result = "\xc2\x4b\x41\x0f\x2d\xb9\x62\x07"
+ "\xff\x8e\x74\xf8\xa1\xa6\xd5\x37"
+ "\xa5\x64\x31\x5c\xca\x73\x9b\x43"
+ "\xe6\x70\x63\x46\x95\xcb\xf7\xb5"
+ "\x20\x8c\x75\x7a\x2a\x17\x2f\xa9"
+ "\xb8\x4d\x11\x42\xd1\xf8\xf1",
+ .rlen = 47,
+ }, {
+ .key = "\x9e\x03\x4f\x6d\xc3\x86\x75\x0a"
+ "\x19\xdd\x79\xe8\x57\xfb\x4a\xae"
+ "\xa2\x40\x45\x77\x90\x80\x37\xce"
+ "\x26\xfb\x5f\xaa\xdb\x64\x6b\x77",
+ .klen = 32,
+ .iv = "\xae\xcc\xde\xd5\x07\x25\x1f\x91"
+ "\x39\x14\xa6\x0c\x55\xc4\x7b\x30",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xcc\x5f\xfb\xa4\x8f\x63\x74\x9f"
+ "\x7a\x81\xff\x55\x52\x56\xdc\x33"
+ "\x01\x52\xcd\xdb\x53\x78\xd9\xe1"
+ "\xb7\x1d\x06\x8d\xff\xab\x22\x98",
+ .ilen = 32,
+ .result = "\xbb\x01\x7c\xd1\x2c\x33\x7b\x37"
+ "\x0a\xee\xc4\x30\x19\xd7\x3a\x6f"
+ "\xf8\x2b\x67\xf5\x3b\x84\x87\x2a"
+ "\xfb\x07\x7a\x82\xb5\xe4\x85\x26"
+ "\x1e\xa8\xe5\x04\x54\xce\xe5\x5f"
+ "\xb5\x3f\xc1\xd5\x7f\xbd\xd2\xa6",
+ .rlen = 48,
+ }, {
+ .key = "\xdb\x28\x89\x0c\xd3\x01\x1e\x26"
+ "\x9a\xb7\x2b\x79\x51\x1f\x0d\xb4"
+ "\xcc\x03\x50\xfc\x95\x20\xb9\xe7"
+ "\xe8\x29\x3e\x83\xb5\xc3\x0a\x4e",
+ .klen = 32,
+ .iv = "\xea\xf1\x18\x74\x17\xa0\xc8\xad"
+ "\xba\xee\x58\x9d\x4f\xe8\x3d\x36",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x08\x84\x34\x44\x9f\xde\x1c\xbb"
+ "\xfb\x5b\xb1\xe6\x4c\x7a\x9f\x39"
+ "\x2c\x14\xd9\x5f\x59\x18\x5b\xfb"
+ "\x79\x4b\xe5\x65\xd9\x0a\xc1\x6f"
+ "\x2e",
+ .ilen = 33,
+ .result = "\xc2\xf4\x40\x55\xf9\x59\xff\x73"
+ "\x08\xf5\x98\x92\x0c\x7b\x35\x9a"
+ "\xa8\xf4\x42\x7e\x6f\x93\xca\x22"
+ "\x23\x06\x1e\xf8\x89\x22\xf4\x46"
+ "\x7c\x7c\x67\x75\xab\xe5\x75\xaa"
+ "\x15\xd7\x83\x19\xfd\x31\x59\x5b"
+ "\x32",
+ .rlen = 49,
+ }, {
+ .key = "\x17\x4d\xc3\xab\xe3\x7d\xc7\x42"
+ "\x1b\x91\xdd\x0a\x4b\x43\xcf\xba"
+ "\xf6\xc5\x5c\x80\x9a\xc0\x3b\x01"
+ "\xa9\x56\x1d\x5b\x8f\x22\xa9\x25",
+ .klen = 32,
+ .iv = "\x27\x16\x51\x13\x27\x1c\x71\xc9"
+ "\x3b\xc8\x0a\x2f\x49\x0c\x00\x3c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x45\xa8\x6e\xe3\xaf\x5a\xc5\xd7"
+ "\x7c\x35\x63\x77\x46\x9f\x61\x3f"
+ "\x56\xd7\xe4\xe3\x5e\xb8\xdc\x14"
+ "\x3a\x79\xc4\x3e\xb3\x69\x61\x46"
+ "\x3c\xb6\x83\x4e\xb4\x26\xc7\x73"
+ "\x22\xda\x52\x8b\x7d\x11\x98\xea"
+ "\x62\xe1\x14\x1e\xdc\xfe\x0f\xad"
+ "\x20\x76\x5a\xdc\x4e\x71\x13",
+ .ilen = 63,
+ .result = "\xc9\x82\x3b\x4b\x87\x84\xa5\xdb"
+ "\xa0\x8c\xd3\x3e\x7f\x8d\xe8\x28"
+ "\x2a\xdc\xfa\x01\x84\x87\x9a\x70"
+ "\x81\x75\x37\x0a\xd2\x75\xa9\xb6"
+ "\x21\x72\xee\x7e\x65\x95\xe5\xcc"
+ "\x01\xb7\x39\xa6\x51\x15\xca\xff"
+ "\x61\xdc\x97\x38\xcc\xf4\xca\xc7"
+ "\x83\x9b\x05\x11\x72\x60\xf0\xb4"
+ "\x7e\x06\xab\x0a\xc0\xbb\x59\x23"
+ "\xaa\x2d\xfc\x4e\x35\x05\x59",
+ .rlen = 79,
+ }, {
+ .key = "\x54\x71\xfd\x4b\xf3\xf9\x6f\x5e"
+ "\x9c\x6c\x8f\x9c\x45\x68\x92\xc1"
+ "\x21\x87\x67\x04\x9f\x60\xbd\x1b"
+ "\x6a\x84\xfc\x34\x6a\x81\x48\xfb",
+ .klen = 32,
+ .iv = "\x63\x3b\x8b\xb3\x37\x98\x1a\xe5"
+ "\xbc\xa2\xbc\xc0\x43\x31\xc2\x42",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x81\xcd\xa8\x82\xbf\xd6\x6e\xf3"
+ "\xfd\x0f\x15\x09\x40\xc3\x24\x45"
+ "\x81\x99\xf0\x67\x63\x58\x5e\x2e"
+ "\xfb\xa6\xa3\x16\x8d\xc8\x00\x1c"
+ "\x4b\x62\x87\x7c\x15\x38\xda\x70"
+ "\x3d\xea\xe7\xf2\x40\xba\xae\x79"
+ "\x8f\x48\xfc\xbf\x45\x53\x2e\x78"
+ "\xef\x79\xf0\x1b\x49\xf7\xfd\x9c",
+ .ilen = 64,
+ .result = "\x11\x7c\x7d\xef\xce\x29\x95\xec"
+ "\x7e\x9f\x42\xa6\x26\x07\xa1\x75"
+ "\x2f\x4e\x09\x9a\xf6\x6b\xc2\xfa"
+ "\x0d\xd0\x17\xdc\x25\x1e\x9b\xdc"
+ "\x5f\x8c\x1c\x60\x15\x4f\x9b\x20"
+ "\x7b\xff\xcd\x82\x60\x84\xf4\xa5"
+ "\x20\x9a\x05\x19\x5b\x02\x0a\x72"
+ "\x43\x11\x26\x58\xcf\xc5\x41\xcf"
+ "\x13\xcc\xde\x32\x92\xfa\x86\xf2"
+ "\xaf\x16\xe8\x8f\xca\xb6\xfd\x54",
+ .rlen = 80,
+ }, {
+ .key = "\x90\x96\x36\xea\x03\x74\x18\x7a"
+ "\x1d\x46\x42\x2d\x3f\x8c\x54\xc7"
+ "\x4b\x4a\x73\x89\xa4\x00\x3f\x34"
+ "\x2c\xb1\xdb\x0c\x44\xe0\xe8\xd2",
+ .klen = 32,
+ .iv = "\xa0\x5f\xc5\x52\x47\x13\xc2\x01"
+ "\x3d\x7c\x6e\x52\x3d\x55\x85\x48",
+ .assoc = "\xaf",
+ .alen = 1,
+ .input = "",
+ .ilen = 0,
+ .result = "\x9b\xc5\x3b\x20\x0a\x88\x56\xbe"
+ "\x69\xdf\xc4\xc4\x02\x46\x3a\xf0",
+ .rlen = 16,
+ }, {
+ .key = "\xcd\xbb\x70\x89\x13\xf0\xc1\x95"
+ "\x9e\x20\xf4\xbf\x39\xb1\x17\xcd"
+ "\x76\x0c\x7f\x0d\xa9\xa0\xc1\x4e"
+ "\xed\xdf\xb9\xe4\x1e\x3f\x87\xa8",
+ .klen = 32,
+ .iv = "\xdc\x84\xfe\xf1\x58\x8f\x6b\x1c"
+ "\xbe\x57\x20\xe3\x37\x7a\x48\x4f",
+ .assoc = "\xeb\x4d\x8d\x59\x9c\x2e\x15\xa3"
+ "\xde\x8d\x4d\x07\x36\x43\x78\xd0"
+ "\x0b\x6d\x84\x4f\x2c\xf0\x82\x5b"
+ "\x4e\xf6\x29\xd1\x8b\x6f\x56",
+ .alen = 31,
+ .input = "",
+ .ilen = 0,
+ .result = "\xe0\x6d\xa1\x07\x98\x2f\x40\x2d"
+ "\x2e\x9a\xd6\x61\x43\xc0\x74\x69",
+ .rlen = 16,
+ }, {
+ .key = "\x0a\xe0\xaa\x29\x24\x6c\x6a\xb1"
+ "\x1f\xfa\xa6\x50\x33\xd5\xda\xd3"
+ "\xa0\xce\x8a\x91\xae\x40\x43\x68"
+ "\xae\x0d\x98\xbd\xf8\x9e\x26\x7f",
+ .klen = 32,
+ .iv = "\x19\xa9\x38\x91\x68\x0b\x14\x38"
+ "\x3f\x31\xd2\x74\x31\x9e\x0a\x55",
+ .assoc = "\x28\x72\xc7\xf8\xac\xaa\xbe\xbf"
+ "\x5f\x67\xff\x99\x30\x67\x3b\xd6"
+ "\x35\x2f\x90\xd3\x31\x90\x04\x74"
+ "\x0f\x23\x08\xa9\x65\xce\xf6\xea",
+ .alen = 32,
+ .input = "",
+ .ilen = 0,
+ .result = "\xb9\x57\x13\x3e\x82\x31\x61\x65"
+ "\x0d\x7f\x6c\x96\x93\x5c\x50\xe2",
+ .rlen = 16,
+ }, {
+ .key = "\x46\x04\xe3\xc8\x34\xe7\x12\xcd"
+ "\xa0\xd4\x58\xe2\x2d\xf9\x9c\xda"
+ "\xca\x91\x96\x15\xb4\xe0\xc5\x81"
+ "\x70\x3a\x77\x95\xd2\xfd\xc5\x55",
+ .klen = 32,
+ .iv = "\x55\xcd\x72\x30\x78\x86\xbd\x54"
+ "\xc0\x0b\x84\x06\x2b\xc2\xcd\x5b",
+ .assoc = "\x64\x97\x00\x98\xbc\x25\x67\xdb"
+ "\xe0\x41\xb1\x2a\x2a\x8c\xfe\xdd"
+ "\x5f\xf2\x9c\x58\x36\x30\x86\x8e"
+ "\xd1\x51\xe6\x81\x3f\x2d\x95\xc1"
+ "\x01",
+ .alen = 33,
+ .input = "",
+ .ilen = 0,
+ .result = "\x81\x96\x34\xde\xbb\x36\xdd\x3e"
+ "\x4e\x5e\xcb\x44\x21\xb8\x3f\xf1",
+ .rlen = 16,
+ }, {
+ .key = "\x83\x29\x1d\x67\x44\x63\xbb\xe9"
+ "\x20\xaf\x0a\x73\x27\x1e\x5f\xe0"
+ "\xf5\x53\xa1\x9a\xb9\x80\x47\x9b"
+ "\x31\x68\x56\x6e\xac\x5c\x65\x2c",
+ .klen = 32,
+ .iv = "\x92\xf2\xac\xcf\x88\x02\x65\x70"
+ "\x41\xe5\x36\x97\x25\xe7\x90\x61",
+ .assoc = "\xa1\xbb\x3a\x37\xcc\xa1\x10\xf7"
+ "\x61\x1c\x63\xbc\x24\xb0\xc0\xe3"
+ "\x8a\xb4\xa7\xdc\x3b\xd0\x08\xa8"
+ "\x92\x7f\xc5\x5a\x19\x8c\x34\x97"
+ "\x0f\x95\x9b\x18\xe4\x8d\xb4\x24"
+ "\xb9\x33\x28\x18\xe1\x9d\x14\xe0"
+ "\x64\xb2\x89\x7d\x78\xa8\x05\x7e"
+ "\x07\x8c\xfc\x88\x2d\xb8\x53",
+ .alen = 63,
+ .input = "",
+ .ilen = 0,
+ .result = "\x2e\x99\xb6\x79\x57\x56\x80\x36"
+ "\x8e\xc4\x1c\x12\x7d\x71\x36\x0c",
+ .rlen = 16,
+ }, {
+ .key = "\xbf\x4e\x57\x07\x54\xdf\x64\x05"
+ "\xa1\x89\xbc\x04\x21\x42\x22\xe6"
+ "\x1f\x15\xad\x1e\xbe\x20\xc9\xb4"
+ "\xf3\x95\x35\x46\x86\xbb\x04\x03",
+ .klen = 32,
+ .iv = "\xce\x17\xe5\x6f\x98\x7e\x0e\x8c"
+ "\xc2\xbf\xe8\x29\x1f\x0b\x52\x68",
+ .assoc = "\xdd\xe0\x74\xd6\xdc\x1d\xb8\x13"
+ "\xe2\xf6\x15\x4d\x1e\xd4\x83\xe9"
+ "\xb4\x76\xb3\x60\x40\x70\x8a\xc1"
+ "\x53\xac\xa4\x32\xf3\xeb\xd3\x6e"
+ "\x1e\x42\xa0\x46\x45\x9f\xc7\x22"
+ "\xd3\x43\xbc\x7e\xa5\x47\x2a\x6f"
+ "\x91\x19\x70\x1e\xe1\xfe\x25\x49"
+ "\xd6\x8f\x93\xc7\x28\x3f\x3d\x03",
+ .alen = 64,
+ .input = "",
+ .ilen = 0,
+ .result = "\x7b\x25\x3d\x47\xd4\xa7\x08\xce"
+ "\x3b\x89\x40\x36\xba\x6d\x0e\xa2",
+ .rlen = 16,
+ }, {
+ .key = "\xfc\x72\x90\xa6\x64\x5a\x0d\x21"
+ "\x22\x63\x6e\x96\x1b\x67\xe4\xec"
+ "\x49\xd7\xb9\xa2\xc3\xc0\x4b\xce"
+ "\xb4\xc3\x14\x1e\x61\x1a\xa3\xd9",
+ .klen = 32,
+ .iv = "\x0b\x3c\x1f\x0e\xa8\xf9\xb7\xa7"
+ "\x42\x9a\x9a\xba\x19\x30\x15\x6e",
+ .assoc = "\x1a",
+ .alen = 1,
+ .input = "\x29",
+ .ilen = 1,
+ .result = "\xe6\x09\x6f\x95\x9a\x18\xc8\xf6"
+ "\x17\x75\x81\x16\xdf\x26\xff\x67"
+ "\x92",
+ .rlen = 17,
+ }, {
+ .key = "\x38\x97\xca\x45\x74\xd6\xb6\x3c"
+ "\xa3\x3d\x20\x27\x15\x8b\xa7\xf2"
+ "\x74\x9a\xc4\x27\xc8\x60\xcd\xe8"
+ "\x75\xf0\xf2\xf7\x3b\x79\x42\xb0",
+ .klen = 32,
+ .iv = "\x47\x60\x59\xad\xb8\x75\x60\xc3"
+ "\xc3\x74\x4c\x4c\x13\x54\xd8\x74",
+ .assoc = "\x56\x29\xe7\x15\xfc\x14\x0a\x4a"
+ "\xe4\xaa\x79\x70\x12\x1d\x08\xf6"
+ "\x09\xfb\xca\x69\x4b\xb0\x8e\xf5"
+ "\xd6\x07\x62\xe3\xa8\xa9\x12",
+ .alen = 31,
+ .input = "\x66\xf3\x75\x7d\x40\xb3\xb4\xd1"
+ "\x04\xe1\xa6\x94\x10\xe6\x39\x77"
+ "\xd3\xac\x4d\x8a\x8c\x58\x6e\xfb"
+ "\x06\x13\x9a\xd9\x5e\xc0\xfa",
+ .ilen = 31,
+ .result = "\x82\xc0\x56\xf0\xd7\xc4\xc9\xfd"
+ "\x3c\xd1\x2a\xd4\x15\x86\x9d\xda"
+ "\xea\x6c\x6f\xa1\x33\xb0\x7a\x01"
+ "\x57\xe7\xf3\x7b\x73\xe7\x54\x10"
+ "\xc6\x91\xe2\xc6\xa0\x69\xe7\xe6"
+ "\x76\xc3\xf5\x3a\x76\xfd\x4a",
+ .rlen = 47,
+ }, {
+ .key = "\x75\xbc\x04\xe5\x84\x52\x5e\x58"
+ "\x24\x17\xd2\xb9\x0e\xaf\x6a\xf9"
+ "\x9e\x5c\xd0\xab\xcd\x00\x4f\x01"
+ "\x37\x1e\xd1\xcf\x15\xd8\xe2\x86",
+ .klen = 32,
+ .iv = "\x84\x85\x92\x4d\xc8\xf1\x08\xdf"
+ "\x44\x4e\xff\xdd\x0d\x78\x9a\x7a",
+ .assoc = "\x93\x4e\x21\xb4\x0c\x90\xb3\x66"
+ "\x65\x84\x2b\x01\x0b\x42\xcb\xfc"
+ "\x33\xbd\xd6\xed\x50\x50\x10\x0e"
+ "\x97\x35\x41\xbb\x82\x08\xb1\xf2",
+ .alen = 32,
+ .input = "\xa2\x17\xaf\x1c\x50\x2e\x5d\xed"
+ "\x85\xbb\x58\x26\x0a\x0b\xfc\x7d"
+ "\xfe\x6e\x59\x0e\x91\xf8\xf0\x15"
+ "\xc8\x40\x78\xb1\x38\x1f\x99\xa7",
+ .ilen = 32,
+ .result = "\x01\x47\x8e\x6c\xf6\x64\x89\x3a"
+ "\x71\xce\xe4\xaa\x45\x70\xe6\x84"
+ "\x62\x48\x08\x64\x86\x6a\xdf\xec"
+ "\xb4\xa0\xfb\x34\x03\x0c\x19\xf4"
+ "\x2b\x7b\x36\x73\xec\x54\xa9\x1e"
+ "\x30\x85\xdb\xe4\xac\xe9\x2c\xca",
+ .rlen = 48,
+ }, {
+ .key = "\xb1\xe1\x3e\x84\x94\xcd\x07\x74"
+ "\xa5\xf2\x84\x4a\x08\xd4\x2c\xff"
+ "\xc8\x1e\xdb\x2f\xd2\xa0\xd1\x1b"
+ "\xf8\x4c\xb0\xa8\xef\x37\x81\x5d",
+ .klen = 32,
+ .iv = "\xc0\xaa\xcc\xec\xd8\x6c\xb1\xfb"
+ "\xc5\x28\xb1\x6e\x07\x9d\x5d\x81",
+ .assoc = "\xd0\x73\x5a\x54\x1d\x0b\x5b\x82"
+ "\xe5\x5f\xdd\x93\x05\x66\x8e\x02"
+ "\x5e\x80\xe1\x71\x55\xf0\x92\x28"
+ "\x59\x62\x20\x94\x5c\x67\x50\xc8"
+ "\x58",
+ .alen = 33,
+ .input = "\xdf\x3c\xe9\xbc\x61\xaa\x06\x09"
+ "\x06\x95\x0a\xb7\x04\x2f\xbe\x84"
+ "\x28\x30\x64\x92\x96\x98\x72\x2e"
+ "\x89\x6e\x57\x8a\x13\x7e\x38\x7e"
+ "\xdb",
+ .ilen = 33,
+ .result = "\x85\xe0\xf8\x0f\x8e\x49\xe3\x60"
+ "\xcb\x4a\x54\x94\xcf\xf5\x7e\x34"
+ "\xe9\xf8\x80\x65\x53\xd0\x72\x70"
+ "\x4f\x7d\x9d\xd1\x15\x6f\xb9\x2c"
+ "\xfa\xe8\xdd\xac\x2e\xe1\x3f\x67"
+ "\x63\x0f\x1a\x59\xb7\x89\xdb\xf4"
+ "\xc3",
+ .rlen = 49,
+ }, {
+ .key = "\xee\x05\x77\x23\xa5\x49\xb0\x90"
+ "\x26\xcc\x36\xdc\x02\xf8\xef\x05"
+ "\xf3\xe1\xe7\xb3\xd8\x40\x53\x35"
+ "\xb9\x79\x8f\x80\xc9\x96\x20\x33",
+ .klen = 32,
+ .iv = "\xfd\xce\x06\x8b\xe9\xe8\x5a\x17"
+ "\x46\x02\x63\x00\x01\xc1\x20\x87",
+ .assoc = "\x0c\x98\x94\xf3\x2d\x87\x04\x9e"
+ "\x66\x39\x8f\x24\xff\x8a\x50\x08"
+ "\x88\x42\xed\xf6\x5a\x90\x14\x42"
+ "\x1a\x90\xfe\x6c\x36\xc6\xf0\x9f"
+ "\x66\xa0\xb5\x2d\x2c\xf8\x25\x15"
+ "\x55\x90\xa2\x7e\x77\x94\x96\x3a"
+ "\x71\x1c\xf7\x44\xee\xa8\xc3\x42"
+ "\xe2\xa3\x84\x04\x0b\xe1\xce",
+ .alen = 63,
+ .input = "\x1b\x61\x23\x5b\x71\x26\xae\x25"
+ "\x87\x6f\xbc\x49\xfe\x53\x81\x8a"
+ "\x53\xf2\x70\x17\x9b\x38\xf4\x48"
+ "\x4b\x9b\x36\x62\xed\xdd\xd8\x54"
+ "\xea\xcb\xb6\x79\x45\xfc\xaa\x54"
+ "\x5c\x94\x47\x58\xa7\xff\x9c\x9e"
+ "\x7c\xb6\xf1\xac\xc8\xfd\x8b\x35"
+ "\xd5\xa4\x6a\xd4\x09\xc2\x08",
+ .ilen = 63,
+ .result = "\x00\xe5\x5b\x87\x5c\x20\x22\x8a"
+ "\xda\x1f\xd3\xff\xbb\xb2\xb0\xf8"
+ "\xef\xe9\xeb\x9e\x7c\x80\xf4\x2b"
+ "\x59\xc0\x79\xbc\x17\xa0\x15\x01"
+ "\xf5\x72\xfb\x5a\xe7\xaf\x07\xe3"
+ "\x1b\x49\x21\x34\x23\x63\x55\x5e"
+ "\xee\x4f\x34\x17\xfa\xfe\xa5\x0c"
+ "\xed\x0b\x23\xea\x9b\xda\x57\x2f"
+ "\xf6\xa9\xae\x0d\x4e\x40\x96\x45"
+ "\x7f\xfa\xf0\xbf\xc4\x98\x78",
+ .rlen = 79,
+ }, {
+ .key = "\x2a\x2a\xb1\xc3\xb5\xc5\x59\xac"
+ "\xa7\xa6\xe8\x6d\xfc\x1d\xb2\x0b"
+ "\x1d\xa3\xf3\x38\xdd\xe0\xd5\x4e"
+ "\x7b\xa7\x6e\x58\xa3\xf5\xbf\x0a",
+ .klen = 32,
+ .iv = "\x39\xf3\x3f\x2b\xf9\x64\x03\x33"
+ "\xc7\xdd\x15\x91\xfb\xe6\xe2\x8d",
+ .assoc = "\x49\xbc\xce\x92\x3d\x02\xad\xba"
+ "\xe7\x13\x41\xb6\xf9\xaf\x13\x0f"
+ "\xb2\x04\xf8\x7a\x5f\x30\x96\x5b"
+ "\xdc\xbd\xdd\x44\x10\x25\x8f\x75"
+ "\x75\x4d\xb9\x5b\x8e\x0a\x38\x13"
+ "\x6f\x9f\x36\xe4\x3a\x3e\xac\xc9"
+ "\x9d\x83\xde\xe5\x57\xfd\xe3\x0e"
+ "\xb1\xa7\x1b\x44\x05\x67\xb7\x37",
+ .alen = 64,
+ .input = "\x58\x85\x5c\xfa\x81\xa1\x57\x40"
+ "\x08\x4a\x6e\xda\xf8\x78\x44\x90"
+ "\x7d\xb5\x7b\x9b\xa1\xd8\x76\x62"
+ "\x0c\xc9\x15\x3b\xc7\x3c\x77\x2b"
+ "\xf8\x78\xba\xa7\xa6\x0e\xbd\x52"
+ "\x76\xa3\xdc\xbe\x6b\xa8\xb1\x2d"
+ "\xa9\x1d\xd8\x4e\x31\x53\xab\x00"
+ "\xa5\xa7\x01\x13\x04\x49\xf2\x04",
+ .ilen = 64,
+ .result = "\x28\xdd\xb9\x4a\x12\xc7\x0a\xe1"
+ "\x58\x06\x1a\x9b\x8c\x67\xdf\xeb"
+ "\x35\x35\x60\x9d\x06\x40\x65\xc1"
+ "\x93\xe8\xb3\x82\x50\x29\xdd\xb5"
+ "\x2b\xcb\xde\x18\x78\x6b\x42\xbe"
+ "\x6d\x24\xd0\xb2\x7d\xd7\x08\x8f"
+ "\x4a\x18\x98\xad\x8c\xf2\x97\xb4"
+ "\xf4\x77\xe4\xbf\x41\x3b\xc4\x06"
+ "\xce\x9e\x34\x81\xf0\x89\x11\x13"
+ "\x02\x65\xa1\x7c\xdf\x07\x33\x06",
+ .rlen = 80,
+ }, {
+ .key = "\x67\x4f\xeb\x62\xc5\x40\x01\xc7"
+ "\x28\x80\x9a\xfe\xf6\x41\x74\x12"
+ "\x48\x65\xfe\xbc\xe2\x80\x57\x68"
+ "\x3c\xd4\x4d\x31\x7d\x54\x5f\xe1",
+ .klen = 32,
+ .iv = "\x76\x18\x79\xca\x09\xdf\xac\x4e"
+ "\x48\xb7\xc7\x23\xf5\x0a\xa5\x93",
+ .assoc = "\x85\xe1\x08\x32\x4d\x7e\x56\xd5"
+ "\x68\xed\xf3\x47\xf3\xd3\xd6\x15"
+ "\xdd\xc7\x04\xfe\x64\xd0\x18\x75"
+ "\x9d\xeb\xbc\x1d\xea\x84\x2e\x4c"
+ "\x83\xf9\xbe\x8a\xef\x1c\x4b\x10"
+ "\x89\xaf\xcb\x4b\xfe\xe7\xc1\x58"
+ "\xca\xea\xc6\x87\xc0\x53\x03\xd9"
+ "\x80\xaa\xb2\x83\xff\xee\xa1\x6a"
+ "\x04",
+ .alen = 65,
+ .input = "\x94\xaa\x96\x9a\x91\x1d\x00\x5c"
+ "\x88\x24\x20\x6b\xf2\x9c\x06\x96"
+ "\xa7\x77\x87\x1f\xa6\x78\xf8\x7b"
+ "\xcd\xf6\xf4\x13\xa1\x9b\x16\x02"
+ "\x07\x24\xbf\xd5\x08\x20\xd0\x4f"
+ "\x90\xb3\x70\x24\x2f\x51\xc7\xbb"
+ "\xd6\x84\xc0\xef\x9a\xa8\xca\xcc"
+ "\x74\xab\x97\x53\xfe\xd0\xdb\x37"
+ "\x37\x6a\x0e\x9f\x3f\xa3\x2a\xe3"
+ "\x1b\x34\x6d\x51\x72\x2b\x17\xe7"
+ "\x4d\xaa\x2c\x18\xda\xa3\x33\x89"
+ "\x2a\x9f\xf4\xd2\xed\x76\x3d\x3f"
+ "\x3c\x15\x9d\x8e\x4f\x3c\x27\xb0"
+ "\x42\x3f\x2f\x8a\xd4\xc2\x10\xb2"
+ "\x27\x7f\xe3\x34\x80\x02\x49\x4b"
+ "\x07\x68\x22\x2a\x88\x25\x53\xb2"
+ "\x2f",
+ .ilen = 129,
+ .result = "\x85\x39\x69\x35\xfb\xf9\xb0\xa6"
+ "\x85\x43\x88\xd0\xd7\x78\x60\x19"
+ "\x3e\x1f\xb1\xa4\xd6\xc5\x96\xec"
+ "\xf7\x84\x85\xc7\x27\x0f\x74\x57"
+ "\x28\x9e\xdd\x90\x3c\x43\x12\xc5"
+ "\x51\x3d\x39\x8f\xa5\xf4\xe0\x0b"
+ "\x57\x04\xf1\x6d\xfe\x9b\x84\x27"
+ "\xe8\xeb\x4d\xda\x02\x0a\xc5\x49"
+ "\x1a\x55\x5e\x50\x56\x4d\x94\xda"
+ "\x20\xf8\x12\x54\x50\xb3\x11\xda"
+ "\xed\x44\x27\x67\xd5\xd1\x8b\x4b"
+ "\x38\x67\x56\x65\x59\xda\xe6\x97"
+ "\x81\xae\x2f\x92\x3b\xae\x22\x1c"
+ "\x91\x59\x38\x18\x00\xe8\xba\x92"
+ "\x04\x19\x56\xdf\xb0\x82\xeb\x6f"
+ "\x2e\xdb\x54\x3c\x4b\xbb\x60\x90"
+ "\x4c\x50\x10\x62\xba\x7a\xb1\x68"
+ "\x37\xd7\x87\x4e\xe4\x66\x09\x1f"
+ "\xa5",
+ .rlen = 145,
+ }, {
+ .key = "\xa3\x73\x24\x01\xd5\xbc\xaa\xe3"
+ "\xa9\x5a\x4c\x90\xf0\x65\x37\x18"
+ "\x72\x28\x0a\x40\xe7\x20\xd9\x82"
+ "\xfe\x02\x2b\x09\x57\xb3\xfe\xb7",
+ .klen = 32,
+ .iv = "\xb3\x3d\xb3\x69\x19\x5b\x54\x6a"
+ "\xc9\x91\x79\xb4\xef\x2e\x68\x99",
+ .assoc = "\xc2\x06\x41\xd1\x5d\xfa\xff\xf1"
+ "\xe9\xc7\xa5\xd9\xed\xf8\x98\x1b"
+ "\x07\x89\x10\x82\x6a\x70\x9a\x8f"
+ "\x5e\x19\x9b\xf5\xc5\xe3\xcd\x22"
+ "\x92\xa5\xc2\xb8\x51\x2e\x5e\x0e"
+ "\xa4\xbe\x5f\xb1\xc1\x90\xd7\xe7"
+ "\xf7\x52\xae\x28\x29\xa8\x22\xa4"
+ "\x4f\xae\x48\xc2\xfa\x75\x8b\x9e"
+ "\xce\x83\x2a\x88\x07\x55\xbb\x89"
+ "\xf6\xdf\xac\xdf\x83\x08\xbf\x7d"
+ "\xac\x30\x8b\x8e\x02\xac\x00\xf1"
+ "\x30\x46\xe1\xbc\x75\xbf\x49\xbb"
+ "\x26\x4e\x29\xf0\x2f\x21\xc6\x13"
+ "\x92\xd9\x3d\x11\xe4\x10\x00\x8e"
+ "\xd4\xd4\x58\x65\xa6\x2b\xe3\x25"
+ "\xb1\x8f\x15\x93\xe7\x71\xb9\x2c"
+ "\x4b",
+ .alen = 129,
+ .input = "\xd1\xcf\xd0\x39\xa1\x99\xa9\x78"
+ "\x09\xfe\xd2\xfd\xec\xc1\xc9\x9d"
+ "\xd2\x39\x93\xa3\xab\x18\x7a\x95"
+ "\x8f\x24\xd3\xeb\x7b\xfa\xb5\xd8"
+ "\x15\xd1\xc3\x04\x69\x32\xe3\x4d"
+ "\xaa\xc2\x04\x8b\xf2\xfa\xdc\x4a"
+ "\x02\xeb\xa8\x90\x03\xfd\xea\x97"
+ "\x43\xaf\x2e\x92\xf8\x57\xc5\x6a"
+ "\x00",
+ .ilen = 65,
+ .result = "\x7d\xde\x53\x22\xe4\x23\x3b\x30"
+ "\x78\xde\x35\x90\x7a\xd9\x0b\x93"
+ "\xf6\x0e\x0b\xed\x40\xee\x10\x9c"
+ "\x96\x3a\xd3\x34\xb2\xd0\x67\xcf"
+ "\x63\x7f\x2d\x0c\xcf\x96\xec\x64"
+ "\x1a\x87\xcc\x7d\x2c\x5e\x81\x4b"
+ "\xd2\x8f\x4c\x7c\x00\xb1\xb4\xe0"
+ "\x87\x4d\xb1\xbc\xd8\x78\x2c\x17"
+ "\xf2\x3b\xd8\x28\x40\xe2\x76\xf6"
+ "\x20\x13\x83\x46\xaf\xff\xe3\x0f"
+ "\x72",
+ .rlen = 81,
+ }, {
+ .key = "\xe0\x98\x5e\xa1\xe5\x38\x53\xff"
+ "\x2a\x35\xfe\x21\xea\x8a\xfa\x1e"
+ "\x9c\xea\x15\xc5\xec\xc0\x5b\x9b"
+ "\xbf\x2f\x0a\xe1\x32\x12\x9d\x8e",
+ .klen = 32,
+ .iv = "\xef\x61\xed\x08\x29\xd7\xfd\x86"
+ "\x4a\x6b\x2b\x46\xe9\x53\x2a\xa0",
+ .assoc = "\xfe\x2a\x7b\x70\x6d\x75\xa7\x0d"
+ "\x6a\xa2\x57\x6a\xe7\x1c\x5b\x21"
+ "\x31\x4b\x1b\x07\x6f\x10\x1c\xa8"
+ "\x20\x46\x7a\xce\x9f\x42\x6d\xf9",
+ .alen = 32,
+ .input = "\x0d\xf4\x09\xd8\xb1\x14\x51\x94"
+ "\x8a\xd8\x84\x8e\xe6\xe5\x8c\xa3"
+ "\xfc\xfc\x9e\x28\xb0\xb8\xfc\xaf"
+ "\x50\x52\xb1\xc4\x55\x59\x55\xaf",
+ .ilen = 32,
+ .result = "\x5a\xcd\x8c\x57\xf2\x6a\xb6\xbe"
+ "\x53\xc7\xaa\x9a\x60\x74\x9c\xc4"
+ "\xa2\xc2\xd0\x6d\xe1\x03\x63\xdc"
+ "\xbb\x51\x7e\x9c\x89\x73\xde\x4e"
+ "\x24\xf8\x52\x7c\x15\x41\x0e\xba"
+ "\x69\x0e\x36\x5f\x2f\x22\x8c",
+ .rlen = 47,
+ }, {
+ .key = "\x1c\xbd\x98\x40\xf5\xb3\xfc\x1b"
+ "\xaa\x0f\xb0\xb3\xe4\xae\xbc\x24"
+ "\xc7\xac\x21\x49\xf1\x60\xdd\xb5"
+ "\x80\x5d\xe9\xba\x0c\x71\x3c\x64",
+ .klen = 32,
+ .iv = "\x2c\x86\x26\xa8\x39\x52\xa6\xa2"
+ "\xcb\x45\xdd\xd7\xe3\x77\xed\xa6",
+ .assoc = "\x3b\x4f\xb5\x10\x7d\xf1\x50\x29"
+ "\xeb\x7c\x0a\xfb\xe1\x40\x1e\x27"
+ "\x5c\x0d\x27\x8b\x74\xb0\x9e\xc2"
+ "\xe1\x74\x59\xa6\x79\xa1\x0c\xd0",
+ .alen = 32,
+ .input = "\x4a\x18\x43\x77\xc1\x90\xfa\xb0"
+ "\x0b\xb2\x36\x20\xe0\x09\x4e\xa9"
+ "\x26\xbe\xaa\xac\xb5\x58\x7e\xc8"
+ "\x11\x7f\x90\x9c\x2f\xb8\xf4\x85",
+ .ilen = 32,
+ .result = "\x47\xd6\xce\x78\xd6\xbf\x4a\x51"
+ "\xb8\xda\x92\x3c\xfd\xda\xac\x8e"
+ "\x8d\x88\xd7\x4d\x90\xe5\xeb\xa1"
+ "\xab\xd6\x7c\x76\xad\xea\x7d\x76"
+ "\x53\xee\xb0\xcd\xd0\x02\xbb\x70"
+ "\x5b\x6f\x7b\xe2\x8c\xe8",
+ .rlen = 46,
+ }, {
+ .key = "\x59\xe1\xd2\xdf\x05\x2f\xa4\x37"
+ "\x2b\xe9\x63\x44\xde\xd3\x7f\x2b"
+ "\xf1\x6f\x2d\xcd\xf6\x00\x5f\xcf"
+ "\x42\x8a\xc8\x92\xe6\xd0\xdc\x3b",
+ .klen = 32,
+ .iv = "\x68\xab\x60\x47\x49\xce\x4f\xbe"
+ "\x4c\x20\x8f\x68\xdd\x9c\xb0\xac",
+ .assoc = "\x77\x74\xee\xaf\x8d\x6d\xf9\x45"
+ "\x6c\x56\xbc\x8d\xdb\x65\xe0\x2e"
+ "\x86\xd0\x32\x0f\x79\x50\x20\xdb"
+ "\xa2\xa1\x37\x7e\x53\x00\xab\xa6",
+ .alen = 32,
+ .input = "\x86\x3d\x7d\x17\xd1\x0c\xa3\xcc"
+ "\x8c\x8d\xe8\xb1\xda\x2e\x11\xaf"
+ "\x51\x80\xb5\x30\xba\xf8\x00\xe2"
+ "\xd3\xad\x6f\x75\x09\x18\x93\x5c",
+ .ilen = 32,
+ .result = "\x9f\xa9\x2b\xa4\x8f\x00\x05\x2b"
+ "\xe7\x68\x81\x51\xbb\xfb\xdf\x60"
+ "\xbb\xac\xe8\xc1\xdc\x68\xae\x68"
+ "\x3a\xcd\x7a\x06\x49\xfe\x80\x11"
+ "\xe6\x61\x99\xe2\xdd\xbe\x2c\xbf",
+ .rlen = 40,
+ }, {
+ .key = "\x96\x06\x0b\x7f\x15\xab\x4d\x53"
+ "\xac\xc3\x15\xd6\xd8\xf7\x42\x31"
+ "\x1b\x31\x38\x51\xfc\xa0\xe1\xe8"
+ "\x03\xb8\xa7\x6b\xc0\x2f\x7b\x11",
+ .klen = 32,
+ .iv = "\xa5\xcf\x9a\xe6\x59\x4a\xf7\xd9"
+ "\xcd\xfa\x41\xfa\xd7\xc0\x72\xb2",
+ .assoc = "\xb4\x99\x28\x4e\x9d\xe8\xa2\x60"
+ "\xed\x30\x6e\x1e\xd5\x89\xa3\x34"
+ "\xb1\x92\x3e\x93\x7e\xf0\xa2\xf5"
+ "\x64\xcf\x16\x57\x2d\x5f\x4a\x7d",
+ .alen = 32,
+ .input = "\xc3\x62\xb7\xb6\xe2\x87\x4c\xe7"
+ "\x0d\x67\x9a\x43\xd4\x52\xd4\xb5"
+ "\x7b\x43\xc1\xb5\xbf\x98\x82\xfc"
+ "\x94\xda\x4e\x4d\xe4\x77\x32\x32",
+ .ilen = 32,
+ .result = "\xe2\x34\xfa\x25\xfd\xfb\x89\x5e"
+ "\x5b\x4e\x0b\x15\x6e\x39\xfb\x0c"
+ "\x73\xc7\xd9\x6b\xbe\xce\x9b\x70"
+ "\xc7\x4f\x96\x16\x03\xfc\xea\xfb"
+ "\x56",
+ .rlen = 33,
+ },
+};
+
+static const struct aead_testvec morus1280_dec_tv_template[] = {
+ {
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 16,
+ .iv = "\x0f\xc9\x8e\x67\x44\x9e\xaa\x86"
+ "\x20\x36\x2c\x24\xfe\xc9\x30\x81",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x91\x85\x0f\xf5\x52\x9e\xce\xce"
+ "\x65\x99\xc7\xbf\xd3\x76\xe8\x98",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x3c\x24\x39\x9f\x10\x7b\xa8\x1b"
+ "\x80\xda\xb2\x91\xf9\x24\xc2\x06",
+ .klen = 16,
+ .iv = "\x4b\xed\xc8\x07\x54\x1a\x52\xa2"
+ "\xa1\x10\xde\xb5\xf8\xed\xf3\x87",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x88\xc3\x4c\xf0\x2f\x43\x76\x13"
+ "\x96\xda\x76\x34\x33\x4e\xd5\x39"
+ "\x73",
+ .ilen = 17,
+ .result = "\x69",
+ .rlen = 1,
+ }, {
+ .key = "\x79\x49\x73\x3e\x20\xf7\x51\x37"
+ "\x01\xb4\x64\x22\xf3\x48\x85\x0c",
+ .klen = 16,
+ .iv = "\x88\x12\x01\xa6\x64\x96\xfb\xbe"
+ "\x22\xea\x90\x47\xf2\x11\xb5\x8e",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x3e\x5c\x3b\x58\x3b\x7d\x2a\x22"
+ "\x75\x0b\x24\xa6\x0e\xc3\xde\x52"
+ "\x97\x0b\x64\xd4\xce\x90\x52\xf7"
+ "\xef\xdb\x6a\x38\xd2\xa8\xa1\x0d"
+ "\xe0\x61\x33\x24\xc6\x4d\x51\xbc"
+ "\xa4\x21\x74\xcf\x19\x16\x59",
+ .ilen = 47,
+ .result = "\xa6\xa4\x1e\x76\xec\xd4\x50\xcc"
+ "\x62\x58\xe9\x8f\xef\xa4\x17\x91"
+ "\xb4\x96\x9f\x6b\xce\x38\xa5\x46"
+ "\x13\x7d\x64\x93\xd7\x05\xf5",
+ .rlen = 31,
+ }, {
+ .key = "\xb5\x6e\xad\xdd\x30\x72\xfa\x53"
+ "\x82\x8e\x16\xb4\xed\x6d\x47\x12",
+ .klen = 16,
+ .iv = "\xc4\x37\x3b\x45\x74\x11\xa4\xda"
+ "\xa2\xc5\x42\xd8\xec\x36\x78\x94",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x30\x82\x9c\x2b\x67\xcb\xf9\x1f"
+ "\xde\x9f\x77\xb2\xda\x92\x61\x5c"
+ "\x09\x0b\x2d\x9a\x26\xaa\x1c\x06"
+ "\xab\x74\xb7\x2b\x95\x5f\x9f\xa1"
+ "\x9a\xff\x50\xa0\xa2\xff\xc5\xad"
+ "\x21\x8e\x84\x5c\x12\x61\xb2\xae",
+ .ilen = 48,
+ .result = "\xe2\xc9\x58\x15\xfc\x4f\xf8\xe8"
+ "\xe3\x32\x9b\x21\xe9\xc8\xd9\x97"
+ "\xde\x58\xab\xf0\xd3\xd8\x27\x60"
+ "\xd5\xaa\x43\x6b\xb1\x64\x95\xa4",
+ .rlen = 32,
+ }, {
+ .key = "\xf2\x92\xe6\x7d\x40\xee\xa3\x6f"
+ "\x03\x68\xc8\x45\xe7\x91\x0a\x18",
+ .klen = 16,
+ .iv = "\x01\x5c\x75\xe5\x84\x8d\x4d\xf6"
+ "\x23\x9f\xf4\x6a\xe6\x5a\x3b\x9a",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x67\x5d\x8e\x45\xc8\x39\xf5\x17"
+ "\xc1\x1d\x2a\xdd\x88\x67\xda\x1f"
+ "\x6d\xe8\x37\x28\x5a\xc1\x5e\x9f"
+ "\xa6\xec\xc6\x92\x05\x4b\xc0\xa3"
+ "\x63\xef\x88\xa4\x9b\x0a\x5c\xed"
+ "\x2b\x6a\xac\x63\x52\xaa\x10\x94"
+ "\xd0",
+ .ilen = 49,
+ .result = "\x1f\xee\x92\xb4\x0c\xcb\xa1\x04"
+ "\x64\x0c\x4d\xb2\xe3\xec\x9c\x9d"
+ "\x09\x1a\xb7\x74\xd8\x78\xa9\x79"
+ "\x96\xd8\x22\x43\x8c\xc3\x34\x7b"
+ "\xc4",
+ .rlen = 33,
+ }, {
+ .key = "\x2e\xb7\x20\x1c\x50\x6a\x4b\x8b"
+ "\x84\x42\x7a\xd7\xe1\xb5\xcd\x1f",
+ .klen = 16,
+ .iv = "\x3d\x80\xae\x84\x94\x09\xf6\x12"
+ "\xa4\x79\xa6\xfb\xe0\x7f\xfd\xa0",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x7d\x61\x1a\x35\x20\xcc\x07\x88"
+ "\x03\x98\x87\xcf\xc0\x6e\x4d\x19"
+ "\xe3\xd4\x0b\xfb\x29\x8f\x49\x1a"
+ "\x3a\x06\x77\xce\x71\x2c\xcd\xdd"
+ "\xed\xf6\xc9\xbe\xa6\x3b\xb8\xfc"
+ "\x6c\xbe\x77\xed\x74\x0e\x20\x85"
+ "\xd0\x65\xde\x24\x6f\xe3\x25\xc5"
+ "\xdf\x5b\x0f\xbd\x8a\x88\x78\xc9"
+ "\xe5\x81\x37\xde\x84\x7a\xf6\x84"
+ "\x99\x7a\x72\x9c\x54\x31\xa1",
+ .ilen = 79,
+ .result = "\x5c\x13\xcb\x54\x1c\x47\x4a\x1f"
+ "\xe5\xe6\xff\x44\xdd\x11\x5f\xa3"
+ "\x33\xdd\xc2\xf8\xdd\x18\x2b\x93"
+ "\x57\x05\x01\x1c\x66\x22\xd3\x51"
+ "\xd3\xdf\x18\xc9\x30\x66\xed\xb1"
+ "\x96\x58\xd5\x8c\x64\x8c\x7c\xf5"
+ "\x01\xd0\x74\x5f\x9b\xaa\xf6\xd1"
+ "\xe6\x16\xa2\xac\xde\x47\x40",
+ .rlen = 63,
+ }, {
+ .key = "\x6b\xdc\x5a\xbb\x60\xe5\xf4\xa6"
+ "\x05\x1d\x2c\x68\xdb\xda\x8f\x25",
+ .klen = 16,
+ .iv = "\x7a\xa5\xe8\x23\xa4\x84\x9e\x2d"
+ "\x25\x53\x58\x8c\xda\xa3\xc0\xa6",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x05\xc5\xb1\xf9\x1b\xb9\xab\x2c"
+ "\xa5\x07\x12\xa7\x12\x39\x60\x66"
+ "\x30\x81\x4a\x03\x78\x28\x45\x52"
+ "\xd2\x2b\x24\xfd\x8b\xa5\xb7\x66"
+ "\x6f\x45\xd7\x3b\x67\x6f\x51\xb9"
+ "\xc0\x3d\x6c\xca\x1e\xae\xff\xb6"
+ "\x79\xa9\xe4\x82\x5d\x4c\x2d\xdf"
+ "\xeb\x71\x40\xc9\x2c\x40\x45\x6d"
+ "\x73\x77\x01\xf3\x4f\xf3\x9d\x2a"
+ "\x5d\x57\xa8\xa1\x18\xa2\xad\xcb",
+ .ilen = 80,
+ .result = "\x98\x37\x05\xf3\x2c\xc2\xf3\x3b"
+ "\x66\xc0\xb1\xd5\xd7\x35\x21\xaa"
+ "\x5d\x9f\xce\x7c\xe2\xb8\xad\xad"
+ "\x19\x33\xe0\xf4\x40\x81\x72\x28"
+ "\xe1\x8b\x1c\xf8\x91\x78\xff\xaf"
+ "\xb0\x68\x69\xf2\x27\x35\x91\x84"
+ "\x2e\x37\x5b\x00\x04\xff\x16\x9c"
+ "\xb5\x19\x39\xeb\xd9\xcd\x29\x9a",
+ .rlen = 64,
+ }, {
+ .key = "\xa7\x00\x93\x5b\x70\x61\x9d\xc2"
+ "\x86\xf7\xde\xfa\xd5\xfe\x52\x2b",
+ .klen = 16,
+ .iv = "\xb6\xca\x22\xc3\xb4\x00\x47\x49"
+ "\xa6\x2d\x0a\x1e\xd4\xc7\x83\xad",
+ .assoc = "\xc5",
+ .alen = 1,
+ .input = "\x4d\xbf\x11\xac\x7f\x97\x0b\x2e"
+ "\x89\x3b\x9d\x0f\x83\x1c\x08\xc3",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xe4\x25\xcd\xfa\x80\xdd\x46\xde"
+ "\x07\xd1\x90\x8b\xcf\x23\x15\x31",
+ .klen = 16,
+ .iv = "\xf3\xee\x5c\x62\xc4\x7c\xf0\x65"
+ "\x27\x08\xbd\xaf\xce\xec\x45\xb3",
+ .assoc = "\x02\xb8\xea\xca\x09\x1b\x9a\xec"
+ "\x47\x3e\xe9\xd4\xcc\xb5\x76\x34"
+ "\xe8\x73\x62\x64\xab\x50\xd0\xda"
+ "\x6b\x83\x66\xaf\x3e\x27\xc9",
+ .alen = 31,
+ .input = "\x5b\xc0\x8d\x54\xe4\xec\xbe\x38"
+ "\x03\x12\xf9\xcc\x9e\x46\x42\x92",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x20\x4a\x07\x99\x91\x58\xee\xfa"
+ "\x88\xab\x42\x1c\xc9\x47\xd7\x38",
+ .klen = 16,
+ .iv = "\x2f\x13\x95\x01\xd5\xf7\x99\x81"
+ "\xa8\xe2\x6f\x41\xc8\x10\x08\xb9",
+ .assoc = "\x3f\xdc\x24\x69\x19\x96\x43\x08"
+ "\xc8\x18\x9b\x65\xc6\xd9\x39\x3b"
+ "\x12\x35\x6e\xe8\xb0\xf0\x52\xf3"
+ "\x2d\xb0\x45\x87\x18\x86\x68\xf6",
+ .alen = 32,
+ .input = "\x48\xc5\xc3\x4c\x40\x2e\x2f\xc2"
+ "\x6d\x65\xe0\x67\x9c\x1d\xa0\xf0",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x5d\x6f\x41\x39\xa1\xd4\x97\x16"
+ "\x09\x85\xf4\xae\xc3\x6b\x9a\x3e",
+ .klen = 16,
+ .iv = "\x6c\x38\xcf\xa1\xe5\x73\x41\x9d"
+ "\x29\xbc\x21\xd2\xc2\x35\xcb\xbf",
+ .assoc = "\x7b\x01\x5d\x08\x29\x12\xec\x24"
+ "\x49\xf3\x4d\xf7\xc0\xfe\xfb\x41"
+ "\x3c\xf8\x79\x6c\xb6\x90\xd4\x0d"
+ "\xee\xde\x23\x60\xf2\xe5\x08\xcc"
+ "\x97",
+ .alen = 33,
+ .input = "\x28\x64\x78\x51\x55\xd8\x56\x4a"
+ "\x58\x3e\xf7\xbe\xee\x21\xfe\x94",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x99\x93\x7a\xd8\xb1\x50\x40\x31"
+ "\x8a\x60\xa6\x3f\xbd\x90\x5d\x44",
+ .klen = 16,
+ .iv = "\xa8\x5c\x09\x40\xf5\xef\xea\xb8"
+ "\xaa\x96\xd3\x64\xbc\x59\x8d\xc6",
+ .assoc = "\xb8\x26\x97\xa8\x39\x8e\x94\x3f"
+ "\xca\xcd\xff\x88\xba\x22\xbe\x47"
+ "\x67\xba\x85\xf1\xbb\x30\x56\x26"
+ "\xaf\x0b\x02\x38\xcc\x44\xa7\xa3"
+ "\xa6\xbf\x31\x93\x60\xcd\xda\x63"
+ "\x2c\xb1\xaa\x19\xc8\x19\xf8\xeb"
+ "\x03\xa1\xe8\xbe\x37\x54\xec\xa2"
+ "\xcd\x2c\x45\x58\xbd\x8e\x80",
+ .alen = 63,
+ .input = "\xb3\xa6\x00\x4e\x09\x20\xac\x21"
+ "\x77\x72\x69\x76\x2d\x36\xe5\xc8",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xd6\xb8\xb4\x77\xc1\xcb\xe9\x4d"
+ "\x0a\x3a\x58\xd1\xb7\xb4\x1f\x4a",
+ .klen = 16,
+ .iv = "\xe5\x81\x42\xdf\x05\x6a\x93\xd4"
+ "\x2b\x70\x85\xf5\xb6\x7d\x50\xcc",
+ .assoc = "\xf4\x4a\xd1\x47\x49\x09\x3d\x5b"
+ "\x4b\xa7\xb1\x19\xb4\x46\x81\x4d"
+ "\x91\x7c\x91\x75\xc0\xd0\xd8\x40"
+ "\x71\x39\xe1\x10\xa6\xa3\x46\x7a"
+ "\xb4\x6b\x35\xc2\xc1\xdf\xed\x60"
+ "\x46\xc1\x3e\x7f\x8c\xc2\x0e\x7a"
+ "\x30\x08\xd0\x5f\xa0\xaa\x0c\x6d"
+ "\x9c\x2f\xdb\x97\xb8\x15\x69\x01",
+ .alen = 64,
+ .input = "\x65\x33\x7b\xa1\x63\xf4\x20\xdd"
+ "\xe4\xb9\x4a\xaa\x9a\x21\xaa\x14",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x12\xdd\xee\x17\xd1\x47\x92\x69"
+ "\x8b\x14\x0a\x62\xb1\xd9\xe2\x50",
+ .klen = 16,
+ .iv = "\x22\xa6\x7c\x7f\x15\xe6\x3c\xf0"
+ "\xac\x4b\x37\x86\xb0\xa2\x13\xd2",
+ .assoc = "\x31",
+ .alen = 1,
+ .input = "\x1d\x47\x17\x34\x86\xf5\x54\x1a"
+ "\x6d\x28\xb8\x5d\x6c\xcf\xa0\xb9"
+ "\xbf",
+ .ilen = 17,
+ .result = "\x40",
+ .rlen = 1,
+ }, {
+ .key = "\x4f\x01\x27\xb6\xe1\xc3\x3a\x85"
+ "\x0c\xee\xbc\xf4\xab\xfd\xa5\x57",
+ .klen = 16,
+ .iv = "\x5e\xcb\xb6\x1e\x25\x62\xe4\x0c"
+ "\x2d\x25\xe9\x18\xaa\xc6\xd5\xd8",
+ .assoc = "\x6d\x94\x44\x86\x69\x00\x8f\x93"
+ "\x4d\x5b\x15\x3c\xa8\x8f\x06\x5a"
+ "\xe6\x01\xa8\x7e\xca\x10\xdc\x73"
+ "\xf4\x94\x9f\xc1\x5a\x61\x85",
+ .alen = 31,
+ .input = "\x78\x90\x52\xae\x0f\xf7\x2e\xef"
+ "\x63\x09\x08\x58\xb5\x56\xbd\x72"
+ "\x6e\x42\xcf\x27\x04\x7c\xdb\x92"
+ "\x18\xe9\xa4\x33\x90\xba\x62\xb5"
+ "\x70\xd3\x88\x9b\x4f\x05\xa7\x51"
+ "\x85\x87\x17\x09\x42\xed\x4e",
+ .ilen = 47,
+ .result = "\x7c\x5d\xd3\xee\xad\x9f\x39\x1a"
+ "\x6d\x92\x42\x61\xa7\x58\x37\xdb"
+ "\xb0\xb2\x2b\x9f\x0b\xb8\xbd\x7a"
+ "\x24\xa0\xd6\xb7\x11\x79\x6c",
+ .rlen = 31,
+ }, {
+ .key = "\x8b\x26\x61\x55\xf1\x3e\xe3\xa1"
+ "\x8d\xc8\x6e\x85\xa5\x21\x67\x5d",
+ .klen = 16,
+ .iv = "\x9b\xef\xf0\xbd\x35\xdd\x8d\x28"
+ "\xad\xff\x9b\xa9\xa4\xeb\x98\xdf",
+ .assoc = "\xaa\xb8\x7e\x25\x79\x7c\x37\xaf"
+ "\xce\x36\xc7\xce\xa2\xb4\xc9\x60"
+ "\x10\xc3\xb3\x02\xcf\xb0\x5e\x8d"
+ "\xb5\xc2\x7e\x9a\x35\xc0\x24\xfd",
+ .alen = 32,
+ .input = "\x1d\x2c\x57\xe0\x50\x38\x3d\x41"
+ "\x2e\x71\xc8\x3b\x92\x43\x58\xaf"
+ "\x5a\xfb\xad\x8f\xd9\xd5\x8a\x5e"
+ "\xdb\xf3\xcd\x3a\x2b\xe1\x2c\x1a"
+ "\xb0\xed\xe3\x0c\x6e\xf9\xf2\xd6"
+ "\x90\xe6\xb1\x0e\xa5\x8a\xac\xb7",
+ .ilen = 48,
+ .result = "\xb9\x82\x0c\x8d\xbd\x1b\xe2\x36"
+ "\xee\x6c\xf4\xf2\xa1\x7d\xf9\xe2"
+ "\xdb\x74\x36\x23\x11\x58\x3f\x93"
+ "\xe5\xcd\xb5\x90\xeb\xd8\x0c\xb3",
+ .rlen = 32,
+ }, {
+ .key = "\xc8\x4b\x9b\xf5\x01\xba\x8c\xbd"
+ "\x0e\xa3\x21\x16\x9f\x46\x2a\x63",
+ .klen = 16,
+ .iv = "\xd7\x14\x29\x5d\x45\x59\x36\x44"
+ "\x2e\xd9\x4d\x3b\x9e\x0f\x5b\xe5",
+ .assoc = "\xe6\xdd\xb8\xc4\x89\xf8\xe0\xca"
+ "\x4f\x10\x7a\x5f\x9c\xd8\x8b\x66"
+ "\x3b\x86\xbf\x86\xd4\x50\xe0\xa7"
+ "\x76\xef\x5c\x72\x0f\x1f\xc3\xd4"
+ "\xee",
+ .alen = 33,
+ .input = "\x59\x10\x84\x1c\x83\x4c\x8b\xfc"
+ "\xfd\x2e\x4b\x46\x84\xff\x78\x4e"
+ "\x50\xda\x5c\xb9\x61\x1d\xf5\xb9"
+ "\xfe\xbb\x7f\xae\x8c\xc1\x24\xbd"
+ "\x8c\x6f\x1f\x9b\xce\xc6\xc1\x37"
+ "\x08\x06\x5a\xe5\x96\x10\x95\xc2"
+ "\x5e",
+ .ilen = 49,
+ .result = "\xf5\xa6\x46\x2c\xce\x97\x8a\x51"
+ "\x6f\x46\xa6\x83\x9b\xa1\xbc\xe8"
+ "\x05\x36\x42\xa7\x16\xf8\xc1\xad"
+ "\xa7\xfb\x94\x68\xc5\x37\xab\x8a"
+ "\x72",
+ .rlen = 33,
+ }, {
+ .key = "\x05\x70\xd5\x94\x12\x36\x35\xd8"
+ "\x8f\x7d\xd3\xa8\x99\x6a\xed\x69",
+ .klen = 16,
+ .iv = "\x14\x39\x63\xfc\x56\xd5\xdf\x5f"
+ "\xaf\xb3\xff\xcc\x98\x33\x1d\xeb",
+ .assoc = "\x23\x02\xf1\x64\x9a\x73\x89\xe6"
+ "\xd0\xea\x2c\xf1\x96\xfc\x4e\x6d"
+ "\x65\x48\xcb\x0a\xda\xf0\x62\xc0"
+ "\x38\x1d\x3b\x4a\xe9\x7e\x62\xaa"
+ "\xfd\xc9\x4a\xa9\xa9\x39\x4b\x54"
+ "\xc8\x0e\x24\x7f\x5e\x10\x7a\x45"
+ "\x10\x0b\x56\x85\xad\x54\xaa\x66"
+ "\xa8\x43\xcd\xd4\x9b\xb7\xfa",
+ .alen = 63,
+ .input = "\x9a\x12\xbc\xdf\x72\xa8\x56\x22"
+ "\x49\x2d\x07\x92\xfc\x3d\x6d\x5f"
+ "\xef\x36\x19\xae\x91\xfa\xd6\x63"
+ "\x46\xea\x8a\x39\x14\x21\xa6\x37"
+ "\x18\xfc\x97\x3e\x16\xa5\x4d\x39"
+ "\x45\x2e\x69\xcc\x9c\x5f\xdf\x6d"
+ "\x5e\xa2\xbf\xac\x83\x32\x72\x52"
+ "\x58\x58\x23\x40\xfd\xa5\xc2\xe6"
+ "\xe9\x5a\x50\x98\x00\x58\xc9\x86"
+ "\x4f\x20\x37\xdb\x7b\x22\xa3",
+ .ilen = 79,
+ .result = "\x32\xcb\x80\xcc\xde\x12\x33\x6d"
+ "\xf0\x20\x58\x15\x95\xc6\x7f\xee"
+ "\x2f\xf9\x4e\x2c\x1b\x98\x43\xc7"
+ "\x68\x28\x73\x40\x9f\x96\x4a\x60"
+ "\x80\xf4\x4b\xf4\xc1\x3d\xd0\x93"
+ "\xcf\x12\xc9\x59\x8f\x7a\x7f\xa8"
+ "\x1b\xa5\x50\xed\x87\xa9\x72\x59"
+ "\x9c\x44\xb2\xa4\x99\x98\x34",
+ .rlen = 63,
+ }, {
+ .key = "\x41\x94\x0e\x33\x22\xb1\xdd\xf4"
+ "\x10\x57\x85\x39\x93\x8f\xaf\x70",
+ .klen = 16,
+ .iv = "\x50\x5d\x9d\x9b\x66\x50\x88\x7b"
+ "\x30\x8e\xb1\x5e\x92\x58\xe0\xf1",
+ .assoc = "\x5f\x27\x2b\x03\xaa\xef\x32\x02"
+ "\x50\xc4\xde\x82\x90\x21\x11\x73"
+ "\x8f\x0a\xd6\x8f\xdf\x90\xe4\xda"
+ "\xf9\x4a\x1a\x23\xc3\xdd\x02\x81"
+ "\x0b\x76\x4f\xd7\x0a\x4b\x5e\x51"
+ "\xe3\x1d\xb9\xe5\x21\xb9\x8f\xd4"
+ "\x3d\x72\x3e\x26\x16\xa9\xca\x32"
+ "\x77\x47\x63\x14\x95\x3d\xe4\x34",
+ .alen = 64,
+ .input = "\xe6\xeb\x92\x5a\x5b\xf0\x2d\xbb"
+ "\x23\xec\x35\xe3\xae\xc9\xfb\x0b"
+ "\x90\x14\x46\xeb\xa8\x8d\xb0\x9b"
+ "\x39\xda\x8b\x48\xec\xb2\x00\x4e"
+ "\x80\x6f\x46\x4f\x9b\x1e\xbb\x35"
+ "\xea\x5a\xbc\xa2\x36\xa5\x89\x45"
+ "\xc2\xd6\xd7\x15\x0b\xf6\x6c\x56"
+ "\xec\x99\x7d\x61\xb3\x15\x93\xed"
+ "\x83\x1e\xd9\x48\x84\x0b\x37\xfe"
+ "\x95\x74\x44\xd5\x54\xa6\x27\x06",
+ .ilen = 80,
+ .result = "\x6e\xf0\xba\x6b\xee\x8e\xdc\x89"
+ "\x71\xfb\x0a\xa6\x8f\xea\x41\xf4"
+ "\x5a\xbb\x59\xb0\x20\x38\xc5\xe0"
+ "\x29\x56\x52\x19\x79\xf5\xe9\x37"
+ "\x8f\xa1\x50\x23\x22\x4f\xe3\x91"
+ "\xe9\x21\x5e\xbf\x52\x23\x95\x37"
+ "\x48\x0c\x38\x8f\xf0\xff\x92\x24"
+ "\x6b\x47\x49\xe3\x94\x1f\x1e\x01",
+ .rlen = 64,
+ }, {
+ .key = "\x7e\xb9\x48\xd3\x32\x2d\x86\x10"
+ "\x91\x31\x37\xcb\x8d\xb3\x72\x76",
+ .klen = 16,
+ .iv = "\x8d\x82\xd6\x3b\x76\xcc\x30\x97"
+ "\xb1\x68\x63\xef\x8c\x7c\xa3\xf7",
+ .assoc = "\x9c\x4b\x65\xa2\xba\x6b\xdb\x1e"
+ "\xd1\x9e\x90\x13\x8a\x45\xd3\x79"
+ "\xba\xcd\xe2\x13\xe4\x30\x66\xf4"
+ "\xba\x78\xf9\xfb\x9d\x3c\xa1\x58"
+ "\x1a\x22\x53\x05\x6b\x5c\x71\x4f"
+ "\xfd\x2d\x4d\x4c\xe5\x62\xa5\x63"
+ "\x6a\xda\x26\xc8\x7f\xff\xea\xfd"
+ "\x46\x4a\xfa\x53\x8f\xc4\xcd\x68"
+ "\x58",
+ .alen = 65,
+ .input = "\x89\x24\x27\x86\xdc\xd7\x6b\xd9"
+ "\xd1\xcd\xdc\x16\xdd\x2c\xc1\xfb"
+ "\x52\xb5\xb3\xab\x50\x99\x3f\xa0"
+ "\x38\xa4\x74\xa5\x04\x15\x63\x05"
+ "\x8f\x54\x81\x06\x5a\x6b\xa4\x63"
+ "\x6d\xa7\x21\xcb\xff\x42\x30\x8e"
+ "\x3b\xd1\xca\x3f\x4b\x1a\xb8\xc3"
+ "\x42\x01\xe6\xbc\x75\x15\x87\xee"
+ "\xc9\x8e\x65\x01\xd9\xd8\xb5\x9f"
+ "\x48\x86\xa6\x5f\x2c\xc7\xb5\xb0"
+ "\xed\x5d\x14\x7c\x3f\x40\xb1\x0b"
+ "\x72\xef\x94\x8d\x7a\x85\x56\xe5"
+ "\x56\x08\x15\x56\xba\xaf\xbd\xf0"
+ "\x20\xef\xa0\xf6\xa9\xad\xa2\xc9"
+ "\x1c\x3b\x28\x51\x7e\x77\xb2\x18"
+ "\x4f\x61\x64\x37\x22\x36\x6d\x78"
+ "\xed\xed\x35\xe8\x83\xa5\xec\x25"
+ "\x6b\xff\x5f\x1a\x09\x96\x3d\xdc"
+ "\x20",
+ .ilen = 145,
+ .result = "\xab\x14\xf3\x0a\xfe\x0a\x85\xa5"
+ "\xf2\xd5\xbc\x38\x89\x0e\x04\xfb"
+ "\x84\x7d\x65\x34\x25\xd8\x47\xfa"
+ "\xeb\x83\x31\xf1\x54\x54\x89\x0d"
+ "\x9d\x4d\x54\x51\x84\x61\xf6\x8e"
+ "\x03\x31\xf2\x25\x16\xcc\xaa\xc6"
+ "\x75\x73\x20\x30\x59\x54\xb2\xf0"
+ "\x3a\x4b\xe0\x23\x8e\xa6\x08\x35"
+ "\x8a\xdf\x27\xa0\xe4\x60\x99\xae"
+ "\x8e\x43\xd9\x39\x7b\x10\x40\x67"
+ "\x5c\x7e\xc9\x70\x63\x34\xca\x59"
+ "\xfe\x86\xbc\xb7\x9c\x39\xf3\x6d"
+ "\x6a\x41\x64\x6f\x16\x7f\x65\x7e"
+ "\x89\x84\x68\xeb\xb0\x51\xbe\x55"
+ "\x33\x16\x59\x6c\x3b\xef\x88\xad"
+ "\x2f\xab\xbc\x25\x76\x87\x41\x2f"
+ "\x36",
+ .rlen = 129,
+ }, {
+ .key = "\xba\xde\x82\x72\x42\xa9\x2f\x2c"
+ "\x12\x0b\xe9\x5c\x87\xd7\x35\x7c",
+ .klen = 16,
+ .iv = "\xc9\xa7\x10\xda\x86\x48\xd9\xb3"
+ "\x32\x42\x15\x80\x85\xa1\x65\xfe",
+ .assoc = "\xd8\x70\x9f\x42\xca\xe6\x83\x3a"
+ "\x52\x79\x42\xa5\x84\x6a\x96\x7f"
+ "\xe4\x8f\xed\x97\xe9\xd0\xe8\x0d"
+ "\x7c\xa6\xd8\xd4\x77\x9b\x40\x2e"
+ "\x28\xce\x57\x34\xcd\x6e\x84\x4c"
+ "\x17\x3c\xe1\xb2\xa8\x0b\xbb\xf1"
+ "\x96\x41\x0d\x69\xe8\x54\x0a\xc8"
+ "\x15\x4e\x91\x92\x89\x4b\xb7\x9b"
+ "\x21\xf7\x42\x89\xac\x12\x2a\x54"
+ "\x69\xee\x18\xc7\x8d\xed\xe8\xfd"
+ "\xbb\x04\x28\xe6\x8a\x3c\x98\xc1"
+ "\x04\x2d\xa9\xa1\x24\x83\xff\xe9"
+ "\x55\x7a\xf0\xd1\xf6\x63\x05\xe1"
+ "\xd9\x1e\x75\x72\xc1\x9f\xae\x32"
+ "\xe1\x6b\xcd\x9e\x61\x19\x23\x86"
+ "\xd9\xd2\xaf\x8e\xd5\xd3\xa8\xa9"
+ "\x51",
+ .alen = 129,
+ .input = "\x36\x78\xb9\x22\xde\x62\x35\x55"
+ "\x1a\x7a\xf5\x45\xbc\xd7\x15\x82"
+ "\x01\xe9\x5a\x07\xea\x46\xaf\x91"
+ "\xcb\x73\xa5\xee\xe1\xb4\xbf\xc2"
+ "\xdb\xd2\x9d\x59\xde\xfc\x83\x00"
+ "\xf5\x46\xac\x97\xd5\x57\xa9\xb9"
+ "\x1f\x8c\xe8\xca\x68\x8b\x91\x0c"
+ "\x01\xbe\x0a\xaf\x7c\xf6\x67\xa4"
+ "\xbf\xbc\x88\x3f\x5d\xd1\xf9\x19"
+ "\x0f\x9d\xb2\xaf\xb9\x6e\x17\xdf"
+ "\xa2",
+ .ilen = 81,
+ .result = "\xe8\x39\x2d\xaa\x0e\x85\x2d\xc1"
+ "\x72\xaf\x6e\xc9\x82\x33\xc7\x01"
+ "\xaf\x40\x70\xb8\x2a\x78\xc9\x14"
+ "\xac\xb1\x10\xca\x2e\xb3\x28\xe4"
+ "\xac\xfa\x58\x7f\xe5\x73\x09\x8c"
+ "\x1d\x40\x87\x8c\xd9\x75\xc0\x55"
+ "\xa2\xda\x07\xd1\xc2\xa9\xd1\xbb"
+ "\x09\x4f\x77\x62\x88\x2d\xf2\x68"
+ "\x54",
+ .rlen = 65,
+ }, {
+ .key = "\xf7\x02\xbb\x11\x52\x24\xd8\x48"
+ "\x93\xe6\x9b\xee\x81\xfc\xf7\x82",
+ .klen = 16,
+ .iv = "\x06\xcc\x4a\x79\x96\xc3\x82\xcf"
+ "\xb3\x1c\xc7\x12\x7f\xc5\x28\x04",
+ .assoc = "\x15\x95\xd8\xe1\xda\x62\x2c\x56"
+ "\xd3\x53\xf4\x36\x7e\x8e\x59\x85"
+ "\x0e\x51\xf9\x1c\xee\x70\x6a\x27"
+ "\x3d\xd3\xb7\xac\x51\xfa\xdf\x05",
+ .alen = 32,
+ .input = "\x08\x1b\x95\x0e\x41\x95\x02\x4b"
+ "\x9c\xbb\xa8\xd0\x7c\xd3\x44\x6e"
+ "\x89\x14\x33\x70\x0a\xbc\xea\x39"
+ "\x88\xaa\x2b\xd5\x73\x11\x55\xf5"
+ "\x33\x33\x9c\xd7\x42\x34\x49\x8e"
+ "\x2f\x03\x30\x05\x47\xaf\x34",
+ .ilen = 47,
+ .result = "\x24\x5e\x67\x49\x1e\x01\xd6\xdd"
+ "\xf3\x89\x20\x5b\x7c\x57\x89\x07"
+ "\xd9\x02\x7c\x3d\x2f\x18\x4b\x2d"
+ "\x6e\xde\xee\xa2\x08\x12\xc7\xba",
+ .rlen = 32,
+ }, {
+ .key = "\x33\x27\xf5\xb1\x62\xa0\x80\x63"
+ "\x14\xc0\x4d\x7f\x7b\x20\xba\x89",
+ .klen = 16,
+ .iv = "\x42\xf0\x84\x19\xa6\x3f\x2b\xea"
+ "\x34\xf6\x79\xa3\x79\xe9\xeb\x0a",
+ .assoc = "\x51\xb9\x12\x80\xea\xde\xd5\x71"
+ "\x54\x2d\xa6\xc8\x78\xb2\x1b\x8c"
+ "\x39\x14\x05\xa0\xf3\x10\xec\x41"
+ "\xff\x01\x95\x84\x2b\x59\x7f\xdb",
+ .alen = 32,
+ .input = "\x97\xca\xf4\xe0\x8d\x89\xbf\x68"
+ "\x0c\x60\xb9\x27\xdf\xaa\x41\xc6"
+ "\x25\xd8\xf7\x1f\x10\x15\x48\x61"
+ "\x4c\x95\x00\xdf\x51\x9b\x7f\xe6"
+ "\x24\x40\x9e\xbe\x3b\xeb\x1b\x98"
+ "\xb9\x9c\xe5\xef\xf2\x05",
+ .ilen = 46,
+ .result = "\x61\x83\xa0\xe8\x2e\x7d\x7f\xf8"
+ "\x74\x63\xd2\xec\x76\x7c\x4c\x0d"
+ "\x03\xc4\x88\xc1\x35\xb8\xcd\x47"
+ "\x2f\x0c\xcd\x7a\xe2\x71\x66\x91",
+ .rlen = 32,
+ }, {
+ .key = "\x70\x4c\x2f\x50\x72\x1c\x29\x7f"
+ "\x95\x9a\xff\x10\x75\x45\x7d\x8f",
+ .klen = 16,
+ .iv = "\x7f\x15\xbd\xb8\xb6\xba\xd3\x06"
+ "\xb5\xd1\x2b\x35\x73\x0e\xad\x10",
+ .assoc = "\x8e\xde\x4c\x20\xfa\x59\x7e\x8d"
+ "\xd5\x07\x58\x59\x72\xd7\xde\x92"
+ "\x63\xd6\x10\x24\xf8\xb0\x6e\x5a"
+ "\xc0\x2e\x74\x5d\x06\xb8\x1e\xb2",
+ .alen = 32,
+ .input = "\x63\x4c\x2a\x8e\xb4\x6b\x63\x0d"
+ "\xb5\xec\x9b\x4e\x12\x23\xa3\xcf"
+ "\x1a\x5a\x70\x15\x5a\x10\x40\x51"
+ "\xca\x47\x4c\x9d\xc9\x97\xf4\x77"
+ "\xdb\xc8\x10\x2d\xdc\x65\x20\x3f",
+ .ilen = 40,
+ .result = "\x9d\xa7\xda\x88\x3e\xf8\x28\x14"
+ "\xf5\x3e\x85\x7d\x70\xa0\x0f\x13"
+ "\x2e\x86\x93\x45\x3a\x58\x4f\x61"
+ "\xf0\x3a\xac\x53\xbc\xd0\x06\x68",
+ .rlen = 32,
+ }, {
+ .key = "\xac\x70\x69\xef\x82\x97\xd2\x9b"
+ "\x15\x74\xb1\xa2\x6f\x69\x3f\x95",
+ .klen = 16,
+ .iv = "\xbb\x3a\xf7\x57\xc6\x36\x7c\x22"
+ "\x36\xab\xde\xc6\x6d\x32\x70\x17",
+ .assoc = "\xcb\x03\x85\xbf\x0a\xd5\x26\xa9"
+ "\x56\xe1\x0a\xeb\x6c\xfb\xa1\x98"
+ "\x8d\x98\x1c\xa8\xfe\x50\xf0\x74"
+ "\x81\x5c\x53\x35\xe0\x17\xbd\x88",
+ .alen = 32,
+ .input = "\xf1\x62\x44\xc7\x5f\x19\xca\x43"
+ "\x47\x2c\xaf\x68\x82\xbd\x51\xef"
+ "\x3d\x65\xd8\x45\x2d\x06\x07\x78"
+ "\x08\x2e\xb3\x23\xcd\x81\x12\x55"
+ "\x1a",
+ .ilen = 33,
+ .result = "\xda\xcc\x14\x27\x4e\x74\xd1\x30"
+ "\x76\x18\x37\x0f\x6a\xc4\xd1\x1a"
+ "\x58\x49\x9f\xc9\x3f\xf8\xd1\x7a"
+ "\xb2\x67\x8b\x2b\x96\x2f\xa5\x3e",
+ .rlen = 32,
+ }, {
+ .key = "\xe9\x95\xa2\x8f\x93\x13\x7b\xb7"
+ "\x96\x4e\x63\x33\x69\x8d\x02\x9b"
+ "\x23\xf9\x22\xeb\x80\xa0\xb1\x81"
+ "\xe2\x73\xc3\x21\x4d\x47\x8d\xf4",
+ .klen = 32,
+ .iv = "\xf8\x5e\x31\xf7\xd7\xb2\x25\x3e"
+ "\xb7\x85\x90\x58\x67\x57\x33\x1d",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xdf\x2f\x83\xc0\x45\x4a\x2c\xcf"
+ "\xb9\xd2\x41\xf6\x80\xa1\x52\x70",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x25\xba\xdc\x2e\xa3\x8f\x24\xd3"
+ "\x17\x29\x15\xc5\x63\xb2\xc5\xa1"
+ "\x4d\xbc\x2d\x6f\x85\x40\x33\x9a"
+ "\xa3\xa0\xa1\xfa\x27\xa6\x2c\xca",
+ .klen = 32,
+ .iv = "\x34\x83\x6a\x96\xe7\x2d\xce\x5a"
+ "\x38\x5f\x42\xe9\x61\x7b\xf5\x23",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x01\xd8\x55\x3c\xc0\x5a\x4b\xc7"
+ "\x01\xf4\x08\xe3\x0d\xf7\xf0\x78"
+ "\x53",
+ .ilen = 17,
+ .result = "\x53",
+ .rlen = 1,
+ }, {
+ .key = "\x62\xdf\x16\xcd\xb3\x0a\xcc\xef"
+ "\x98\x03\xc7\x56\x5d\xd6\x87\xa8"
+ "\x77\x7e\x39\xf3\x8a\xe0\xb5\xb4"
+ "\x65\xce\x80\xd2\x01\x05\xcb\xa1",
+ .klen = 32,
+ .iv = "\x71\xa8\xa4\x35\xf7\xa9\x76\x75"
+ "\xb8\x39\xf4\x7a\x5b\x9f\xb8\x29",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xc2\x4b\x41\x0f\x2d\xb9\x62\x07"
+ "\xff\x8e\x74\xf8\xa1\xa6\xd5\x37"
+ "\xa5\x64\x31\x5c\xca\x73\x9b\x43"
+ "\xe6\x70\x63\x46\x95\xcb\xf7\xb5"
+ "\x20\x8c\x75\x7a\x2a\x17\x2f\xa9"
+ "\xb8\x4d\x11\x42\xd1\xf8\xf1",
+ .ilen = 47,
+ .result = "\x8f\x3a\xc1\x05\x7f\xe7\xcb\x83"
+ "\xf9\xa6\x4d\xc3\x58\x31\x19\x2c"
+ "\xd7\x90\xc2\x56\x4e\xd8\x57\xc7"
+ "\xf6\xf0\x27\xb4\x25\x4c\x83",
+ .rlen = 31,
+ }, {
+ .key = "\x9e\x03\x4f\x6d\xc3\x86\x75\x0a"
+ "\x19\xdd\x79\xe8\x57\xfb\x4a\xae"
+ "\xa2\x40\x45\x77\x90\x80\x37\xce"
+ "\x26\xfb\x5f\xaa\xdb\x64\x6b\x77",
+ .klen = 32,
+ .iv = "\xae\xcc\xde\xd5\x07\x25\x1f\x91"
+ "\x39\x14\xa6\x0c\x55\xc4\x7b\x30",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xbb\x01\x7c\xd1\x2c\x33\x7b\x37"
+ "\x0a\xee\xc4\x30\x19\xd7\x3a\x6f"
+ "\xf8\x2b\x67\xf5\x3b\x84\x87\x2a"
+ "\xfb\x07\x7a\x82\xb5\xe4\x85\x26"
+ "\x1e\xa8\xe5\x04\x54\xce\xe5\x5f"
+ "\xb5\x3f\xc1\xd5\x7f\xbd\xd2\xa6",
+ .ilen = 48,
+ .result = "\xcc\x5f\xfb\xa4\x8f\x63\x74\x9f"
+ "\x7a\x81\xff\x55\x52\x56\xdc\x33"
+ "\x01\x52\xcd\xdb\x53\x78\xd9\xe1"
+ "\xb7\x1d\x06\x8d\xff\xab\x22\x98",
+ .rlen = 32,
+ }, {
+ .key = "\xdb\x28\x89\x0c\xd3\x01\x1e\x26"
+ "\x9a\xb7\x2b\x79\x51\x1f\x0d\xb4"
+ "\xcc\x03\x50\xfc\x95\x20\xb9\xe7"
+ "\xe8\x29\x3e\x83\xb5\xc3\x0a\x4e",
+ .klen = 32,
+ .iv = "\xea\xf1\x18\x74\x17\xa0\xc8\xad"
+ "\xba\xee\x58\x9d\x4f\xe8\x3d\x36",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xc2\xf4\x40\x55\xf9\x59\xff\x73"
+ "\x08\xf5\x98\x92\x0c\x7b\x35\x9a"
+ "\xa8\xf4\x42\x7e\x6f\x93\xca\x22"
+ "\x23\x06\x1e\xf8\x89\x22\xf4\x46"
+ "\x7c\x7c\x67\x75\xab\xe5\x75\xaa"
+ "\x15\xd7\x83\x19\xfd\x31\x59\x5b"
+ "\x32",
+ .ilen = 49,
+ .result = "\x08\x84\x34\x44\x9f\xde\x1c\xbb"
+ "\xfb\x5b\xb1\xe6\x4c\x7a\x9f\x39"
+ "\x2c\x14\xd9\x5f\x59\x18\x5b\xfb"
+ "\x79\x4b\xe5\x65\xd9\x0a\xc1\x6f"
+ "\x2e",
+ .rlen = 33,
+ }, {
+ .key = "\x17\x4d\xc3\xab\xe3\x7d\xc7\x42"
+ "\x1b\x91\xdd\x0a\x4b\x43\xcf\xba"
+ "\xf6\xc5\x5c\x80\x9a\xc0\x3b\x01"
+ "\xa9\x56\x1d\x5b\x8f\x22\xa9\x25",
+ .klen = 32,
+ .iv = "\x27\x16\x51\x13\x27\x1c\x71\xc9"
+ "\x3b\xc8\x0a\x2f\x49\x0c\x00\x3c",
+ .assoc = "",
+ .alen = 0,
+ .input = "\xc9\x82\x3b\x4b\x87\x84\xa5\xdb"
+ "\xa0\x8c\xd3\x3e\x7f\x8d\xe8\x28"
+ "\x2a\xdc\xfa\x01\x84\x87\x9a\x70"
+ "\x81\x75\x37\x0a\xd2\x75\xa9\xb6"
+ "\x21\x72\xee\x7e\x65\x95\xe5\xcc"
+ "\x01\xb7\x39\xa6\x51\x15\xca\xff"
+ "\x61\xdc\x97\x38\xcc\xf4\xca\xc7"
+ "\x83\x9b\x05\x11\x72\x60\xf0\xb4"
+ "\x7e\x06\xab\x0a\xc0\xbb\x59\x23"
+ "\xaa\x2d\xfc\x4e\x35\x05\x59",
+ .ilen = 79,
+ .result = "\x45\xa8\x6e\xe3\xaf\x5a\xc5\xd7"
+ "\x7c\x35\x63\x77\x46\x9f\x61\x3f"
+ "\x56\xd7\xe4\xe3\x5e\xb8\xdc\x14"
+ "\x3a\x79\xc4\x3e\xb3\x69\x61\x46"
+ "\x3c\xb6\x83\x4e\xb4\x26\xc7\x73"
+ "\x22\xda\x52\x8b\x7d\x11\x98\xea"
+ "\x62\xe1\x14\x1e\xdc\xfe\x0f\xad"
+ "\x20\x76\x5a\xdc\x4e\x71\x13",
+ .rlen = 63,
+ }, {
+ .key = "\x54\x71\xfd\x4b\xf3\xf9\x6f\x5e"
+ "\x9c\x6c\x8f\x9c\x45\x68\x92\xc1"
+ "\x21\x87\x67\x04\x9f\x60\xbd\x1b"
+ "\x6a\x84\xfc\x34\x6a\x81\x48\xfb",
+ .klen = 32,
+ .iv = "\x63\x3b\x8b\xb3\x37\x98\x1a\xe5"
+ "\xbc\xa2\xbc\xc0\x43\x31\xc2\x42",
+ .assoc = "",
+ .alen = 0,
+ .input = "\x11\x7c\x7d\xef\xce\x29\x95\xec"
+ "\x7e\x9f\x42\xa6\x26\x07\xa1\x75"
+ "\x2f\x4e\x09\x9a\xf6\x6b\xc2\xfa"
+ "\x0d\xd0\x17\xdc\x25\x1e\x9b\xdc"
+ "\x5f\x8c\x1c\x60\x15\x4f\x9b\x20"
+ "\x7b\xff\xcd\x82\x60\x84\xf4\xa5"
+ "\x20\x9a\x05\x19\x5b\x02\x0a\x72"
+ "\x43\x11\x26\x58\xcf\xc5\x41\xcf"
+ "\x13\xcc\xde\x32\x92\xfa\x86\xf2"
+ "\xaf\x16\xe8\x8f\xca\xb6\xfd\x54",
+ .ilen = 80,
+ .result = "\x81\xcd\xa8\x82\xbf\xd6\x6e\xf3"
+ "\xfd\x0f\x15\x09\x40\xc3\x24\x45"
+ "\x81\x99\xf0\x67\x63\x58\x5e\x2e"
+ "\xfb\xa6\xa3\x16\x8d\xc8\x00\x1c"
+ "\x4b\x62\x87\x7c\x15\x38\xda\x70"
+ "\x3d\xea\xe7\xf2\x40\xba\xae\x79"
+ "\x8f\x48\xfc\xbf\x45\x53\x2e\x78"
+ "\xef\x79\xf0\x1b\x49\xf7\xfd\x9c",
+ .rlen = 64,
+ }, {
+ .key = "\x90\x96\x36\xea\x03\x74\x18\x7a"
+ "\x1d\x46\x42\x2d\x3f\x8c\x54\xc7"
+ "\x4b\x4a\x73\x89\xa4\x00\x3f\x34"
+ "\x2c\xb1\xdb\x0c\x44\xe0\xe8\xd2",
+ .klen = 32,
+ .iv = "\xa0\x5f\xc5\x52\x47\x13\xc2\x01"
+ "\x3d\x7c\x6e\x52\x3d\x55\x85\x48",
+ .assoc = "\xaf",
+ .alen = 1,
+ .input = "\x9b\xc5\x3b\x20\x0a\x88\x56\xbe"
+ "\x69\xdf\xc4\xc4\x02\x46\x3a\xf0",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xcd\xbb\x70\x89\x13\xf0\xc1\x95"
+ "\x9e\x20\xf4\xbf\x39\xb1\x17\xcd"
+ "\x76\x0c\x7f\x0d\xa9\xa0\xc1\x4e"
+ "\xed\xdf\xb9\xe4\x1e\x3f\x87\xa8",
+ .klen = 32,
+ .iv = "\xdc\x84\xfe\xf1\x58\x8f\x6b\x1c"
+ "\xbe\x57\x20\xe3\x37\x7a\x48\x4f",
+ .assoc = "\xeb\x4d\x8d\x59\x9c\x2e\x15\xa3"
+ "\xde\x8d\x4d\x07\x36\x43\x78\xd0"
+ "\x0b\x6d\x84\x4f\x2c\xf0\x82\x5b"
+ "\x4e\xf6\x29\xd1\x8b\x6f\x56",
+ .alen = 31,
+ .input = "\xe0\x6d\xa1\x07\x98\x2f\x40\x2d"
+ "\x2e\x9a\xd6\x61\x43\xc0\x74\x69",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x0a\xe0\xaa\x29\x24\x6c\x6a\xb1"
+ "\x1f\xfa\xa6\x50\x33\xd5\xda\xd3"
+ "\xa0\xce\x8a\x91\xae\x40\x43\x68"
+ "\xae\x0d\x98\xbd\xf8\x9e\x26\x7f",
+ .klen = 32,
+ .iv = "\x19\xa9\x38\x91\x68\x0b\x14\x38"
+ "\x3f\x31\xd2\x74\x31\x9e\x0a\x55",
+ .assoc = "\x28\x72\xc7\xf8\xac\xaa\xbe\xbf"
+ "\x5f\x67\xff\x99\x30\x67\x3b\xd6"
+ "\x35\x2f\x90\xd3\x31\x90\x04\x74"
+ "\x0f\x23\x08\xa9\x65\xce\xf6\xea",
+ .alen = 32,
+ .input = "\xb9\x57\x13\x3e\x82\x31\x61\x65"
+ "\x0d\x7f\x6c\x96\x93\x5c\x50\xe2",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x46\x04\xe3\xc8\x34\xe7\x12\xcd"
+ "\xa0\xd4\x58\xe2\x2d\xf9\x9c\xda"
+ "\xca\x91\x96\x15\xb4\xe0\xc5\x81"
+ "\x70\x3a\x77\x95\xd2\xfd\xc5\x55",
+ .klen = 32,
+ .iv = "\x55\xcd\x72\x30\x78\x86\xbd\x54"
+ "\xc0\x0b\x84\x06\x2b\xc2\xcd\x5b",
+ .assoc = "\x64\x97\x00\x98\xbc\x25\x67\xdb"
+ "\xe0\x41\xb1\x2a\x2a\x8c\xfe\xdd"
+ "\x5f\xf2\x9c\x58\x36\x30\x86\x8e"
+ "\xd1\x51\xe6\x81\x3f\x2d\x95\xc1"
+ "\x01",
+ .alen = 33,
+ .input = "\x81\x96\x34\xde\xbb\x36\xdd\x3e"
+ "\x4e\x5e\xcb\x44\x21\xb8\x3f\xf1",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\x83\x29\x1d\x67\x44\x63\xbb\xe9"
+ "\x20\xaf\x0a\x73\x27\x1e\x5f\xe0"
+ "\xf5\x53\xa1\x9a\xb9\x80\x47\x9b"
+ "\x31\x68\x56\x6e\xac\x5c\x65\x2c",
+ .klen = 32,
+ .iv = "\x92\xf2\xac\xcf\x88\x02\x65\x70"
+ "\x41\xe5\x36\x97\x25\xe7\x90\x61",
+ .assoc = "\xa1\xbb\x3a\x37\xcc\xa1\x10\xf7"
+ "\x61\x1c\x63\xbc\x24\xb0\xc0\xe3"
+ "\x8a\xb4\xa7\xdc\x3b\xd0\x08\xa8"
+ "\x92\x7f\xc5\x5a\x19\x8c\x34\x97"
+ "\x0f\x95\x9b\x18\xe4\x8d\xb4\x24"
+ "\xb9\x33\x28\x18\xe1\x9d\x14\xe0"
+ "\x64\xb2\x89\x7d\x78\xa8\x05\x7e"
+ "\x07\x8c\xfc\x88\x2d\xb8\x53",
+ .alen = 63,
+ .input = "\x2e\x99\xb6\x79\x57\x56\x80\x36"
+ "\x8e\xc4\x1c\x12\x7d\x71\x36\x0c",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xbf\x4e\x57\x07\x54\xdf\x64\x05"
+ "\xa1\x89\xbc\x04\x21\x42\x22\xe6"
+ "\x1f\x15\xad\x1e\xbe\x20\xc9\xb4"
+ "\xf3\x95\x35\x46\x86\xbb\x04\x03",
+ .klen = 32,
+ .iv = "\xce\x17\xe5\x6f\x98\x7e\x0e\x8c"
+ "\xc2\xbf\xe8\x29\x1f\x0b\x52\x68",
+ .assoc = "\xdd\xe0\x74\xd6\xdc\x1d\xb8\x13"
+ "\xe2\xf6\x15\x4d\x1e\xd4\x83\xe9"
+ "\xb4\x76\xb3\x60\x40\x70\x8a\xc1"
+ "\x53\xac\xa4\x32\xf3\xeb\xd3\x6e"
+ "\x1e\x42\xa0\x46\x45\x9f\xc7\x22"
+ "\xd3\x43\xbc\x7e\xa5\x47\x2a\x6f"
+ "\x91\x19\x70\x1e\xe1\xfe\x25\x49"
+ "\xd6\x8f\x93\xc7\x28\x3f\x3d\x03",
+ .alen = 64,
+ .input = "\x7b\x25\x3d\x47\xd4\xa7\x08\xce"
+ "\x3b\x89\x40\x36\xba\x6d\x0e\xa2",
+ .ilen = 16,
+ .result = "",
+ .rlen = 0,
+ }, {
+ .key = "\xfc\x72\x90\xa6\x64\x5a\x0d\x21"
+ "\x22\x63\x6e\x96\x1b\x67\xe4\xec"
+ "\x49\xd7\xb9\xa2\xc3\xc0\x4b\xce"
+ "\xb4\xc3\x14\x1e\x61\x1a\xa3\xd9",
+ .klen = 32,
+ .iv = "\x0b\x3c\x1f\x0e\xa8\xf9\xb7\xa7"
+ "\x42\x9a\x9a\xba\x19\x30\x15\x6e",
+ .assoc = "\x1a",
+ .alen = 1,
+ .input = "\xe6\x09\x6f\x95\x9a\x18\xc8\xf6"
+ "\x17\x75\x81\x16\xdf\x26\xff\x67"
+ "\x92",
+ .ilen = 17,
+ .result = "\x29",
+ .rlen = 1,
+ }, {
+ .key = "\x38\x97\xca\x45\x74\xd6\xb6\x3c"
+ "\xa3\x3d\x20\x27\x15\x8b\xa7\xf2"
+ "\x74\x9a\xc4\x27\xc8\x60\xcd\xe8"
+ "\x75\xf0\xf2\xf7\x3b\x79\x42\xb0",
+ .klen = 32,
+ .iv = "\x47\x60\x59\xad\xb8\x75\x60\xc3"
+ "\xc3\x74\x4c\x4c\x13\x54\xd8\x74",
+ .assoc = "\x56\x29\xe7\x15\xfc\x14\x0a\x4a"
+ "\xe4\xaa\x79\x70\x12\x1d\x08\xf6"
+ "\x09\xfb\xca\x69\x4b\xb0\x8e\xf5"
+ "\xd6\x07\x62\xe3\xa8\xa9\x12",
+ .alen = 31,
+ .input = "\x82\xc0\x56\xf0\xd7\xc4\xc9\xfd"
+ "\x3c\xd1\x2a\xd4\x15\x86\x9d\xda"
+ "\xea\x6c\x6f\xa1\x33\xb0\x7a\x01"
+ "\x57\xe7\xf3\x7b\x73\xe7\x54\x10"
+ "\xc6\x91\xe2\xc6\xa0\x69\xe7\xe6"
+ "\x76\xc3\xf5\x3a\x76\xfd\x4a",
+ .ilen = 47,
+ .result = "\x66\xf3\x75\x7d\x40\xb3\xb4\xd1"
+ "\x04\xe1\xa6\x94\x10\xe6\x39\x77"
+ "\xd3\xac\x4d\x8a\x8c\x58\x6e\xfb"
+ "\x06\x13\x9a\xd9\x5e\xc0\xfa",
+ .rlen = 31,
+ }, {
+ .key = "\x75\xbc\x04\xe5\x84\x52\x5e\x58"
+ "\x24\x17\xd2\xb9\x0e\xaf\x6a\xf9"
+ "\x9e\x5c\xd0\xab\xcd\x00\x4f\x01"
+ "\x37\x1e\xd1\xcf\x15\xd8\xe2\x86",
+ .klen = 32,
+ .iv = "\x84\x85\x92\x4d\xc8\xf1\x08\xdf"
+ "\x44\x4e\xff\xdd\x0d\x78\x9a\x7a",
+ .assoc = "\x93\x4e\x21\xb4\x0c\x90\xb3\x66"
+ "\x65\x84\x2b\x01\x0b\x42\xcb\xfc"
+ "\x33\xbd\xd6\xed\x50\x50\x10\x0e"
+ "\x97\x35\x41\xbb\x82\x08\xb1\xf2",
+ .alen = 32,
+ .input = "\x01\x47\x8e\x6c\xf6\x64\x89\x3a"
+ "\x71\xce\xe4\xaa\x45\x70\xe6\x84"
+ "\x62\x48\x08\x64\x86\x6a\xdf\xec"
+ "\xb4\xa0\xfb\x34\x03\x0c\x19\xf4"
+ "\x2b\x7b\x36\x73\xec\x54\xa9\x1e"
+ "\x30\x85\xdb\xe4\xac\xe9\x2c\xca",
+ .ilen = 48,
+ .result = "\xa2\x17\xaf\x1c\x50\x2e\x5d\xed"
+ "\x85\xbb\x58\x26\x0a\x0b\xfc\x7d"
+ "\xfe\x6e\x59\x0e\x91\xf8\xf0\x15"
+ "\xc8\x40\x78\xb1\x38\x1f\x99\xa7",
+ .rlen = 32,
+ }, {
+ .key = "\xb1\xe1\x3e\x84\x94\xcd\x07\x74"
+ "\xa5\xf2\x84\x4a\x08\xd4\x2c\xff"
+ "\xc8\x1e\xdb\x2f\xd2\xa0\xd1\x1b"
+ "\xf8\x4c\xb0\xa8\xef\x37\x81\x5d",
+ .klen = 32,
+ .iv = "\xc0\xaa\xcc\xec\xd8\x6c\xb1\xfb"
+ "\xc5\x28\xb1\x6e\x07\x9d\x5d\x81",
+ .assoc = "\xd0\x73\x5a\x54\x1d\x0b\x5b\x82"
+ "\xe5\x5f\xdd\x93\x05\x66\x8e\x02"
+ "\x5e\x80\xe1\x71\x55\xf0\x92\x28"
+ "\x59\x62\x20\x94\x5c\x67\x50\xc8"
+ "\x58",
+ .alen = 33,
+ .input = "\x85\xe0\xf8\x0f\x8e\x49\xe3\x60"
+ "\xcb\x4a\x54\x94\xcf\xf5\x7e\x34"
+ "\xe9\xf8\x80\x65\x53\xd0\x72\x70"
+ "\x4f\x7d\x9d\xd1\x15\x6f\xb9\x2c"
+ "\xfa\xe8\xdd\xac\x2e\xe1\x3f\x67"
+ "\x63\x0f\x1a\x59\xb7\x89\xdb\xf4"
+ "\xc3",
+ .ilen = 49,
+ .result = "\xdf\x3c\xe9\xbc\x61\xaa\x06\x09"
+ "\x06\x95\x0a\xb7\x04\x2f\xbe\x84"
+ "\x28\x30\x64\x92\x96\x98\x72\x2e"
+ "\x89\x6e\x57\x8a\x13\x7e\x38\x7e"
+ "\xdb",
+ .rlen = 33,
+ }, {
+ .key = "\xee\x05\x77\x23\xa5\x49\xb0\x90"
+ "\x26\xcc\x36\xdc\x02\xf8\xef\x05"
+ "\xf3\xe1\xe7\xb3\xd8\x40\x53\x35"
+ "\xb9\x79\x8f\x80\xc9\x96\x20\x33",
+ .klen = 32,
+ .iv = "\xfd\xce\x06\x8b\xe9\xe8\x5a\x17"
+ "\x46\x02\x63\x00\x01\xc1\x20\x87",
+ .assoc = "\x0c\x98\x94\xf3\x2d\x87\x04\x9e"
+ "\x66\x39\x8f\x24\xff\x8a\x50\x08"
+ "\x88\x42\xed\xf6\x5a\x90\x14\x42"
+ "\x1a\x90\xfe\x6c\x36\xc6\xf0\x9f"
+ "\x66\xa0\xb5\x2d\x2c\xf8\x25\x15"
+ "\x55\x90\xa2\x7e\x77\x94\x96\x3a"
+ "\x71\x1c\xf7\x44\xee\xa8\xc3\x42"
+ "\xe2\xa3\x84\x04\x0b\xe1\xce",
+ .alen = 63,
+ .input = "\x00\xe5\x5b\x87\x5c\x20\x22\x8a"
+ "\xda\x1f\xd3\xff\xbb\xb2\xb0\xf8"
+ "\xef\xe9\xeb\x9e\x7c\x80\xf4\x2b"
+ "\x59\xc0\x79\xbc\x17\xa0\x15\x01"
+ "\xf5\x72\xfb\x5a\xe7\xaf\x07\xe3"
+ "\x1b\x49\x21\x34\x23\x63\x55\x5e"
+ "\xee\x4f\x34\x17\xfa\xfe\xa5\x0c"
+ "\xed\x0b\x23\xea\x9b\xda\x57\x2f"
+ "\xf6\xa9\xae\x0d\x4e\x40\x96\x45"
+ "\x7f\xfa\xf0\xbf\xc4\x98\x78",
+ .ilen = 79,
+ .result = "\x1b\x61\x23\x5b\x71\x26\xae\x25"
+ "\x87\x6f\xbc\x49\xfe\x53\x81\x8a"
+ "\x53\xf2\x70\x17\x9b\x38\xf4\x48"
+ "\x4b\x9b\x36\x62\xed\xdd\xd8\x54"
+ "\xea\xcb\xb6\x79\x45\xfc\xaa\x54"
+ "\x5c\x94\x47\x58\xa7\xff\x9c\x9e"
+ "\x7c\xb6\xf1\xac\xc8\xfd\x8b\x35"
+ "\xd5\xa4\x6a\xd4\x09\xc2\x08",
+ .rlen = 63,
+ }, {
+ .key = "\x2a\x2a\xb1\xc3\xb5\xc5\x59\xac"
+ "\xa7\xa6\xe8\x6d\xfc\x1d\xb2\x0b"
+ "\x1d\xa3\xf3\x38\xdd\xe0\xd5\x4e"
+ "\x7b\xa7\x6e\x58\xa3\xf5\xbf\x0a",
+ .klen = 32,
+ .iv = "\x39\xf3\x3f\x2b\xf9\x64\x03\x33"
+ "\xc7\xdd\x15\x91\xfb\xe6\xe2\x8d",
+ .assoc = "\x49\xbc\xce\x92\x3d\x02\xad\xba"
+ "\xe7\x13\x41\xb6\xf9\xaf\x13\x0f"
+ "\xb2\x04\xf8\x7a\x5f\x30\x96\x5b"
+ "\xdc\xbd\xdd\x44\x10\x25\x8f\x75"
+ "\x75\x4d\xb9\x5b\x8e\x0a\x38\x13"
+ "\x6f\x9f\x36\xe4\x3a\x3e\xac\xc9"
+ "\x9d\x83\xde\xe5\x57\xfd\xe3\x0e"
+ "\xb1\xa7\x1b\x44\x05\x67\xb7\x37",
+ .alen = 64,
+ .input = "\x28\xdd\xb9\x4a\x12\xc7\x0a\xe1"
+ "\x58\x06\x1a\x9b\x8c\x67\xdf\xeb"
+ "\x35\x35\x60\x9d\x06\x40\x65\xc1"
+ "\x93\xe8\xb3\x82\x50\x29\xdd\xb5"
+ "\x2b\xcb\xde\x18\x78\x6b\x42\xbe"
+ "\x6d\x24\xd0\xb2\x7d\xd7\x08\x8f"
+ "\x4a\x18\x98\xad\x8c\xf2\x97\xb4"
+ "\xf4\x77\xe4\xbf\x41\x3b\xc4\x06"
+ "\xce\x9e\x34\x81\xf0\x89\x11\x13"
+ "\x02\x65\xa1\x7c\xdf\x07\x33\x06",
+ .ilen = 80,
+ .result = "\x58\x85\x5c\xfa\x81\xa1\x57\x40"
+ "\x08\x4a\x6e\xda\xf8\x78\x44\x90"
+ "\x7d\xb5\x7b\x9b\xa1\xd8\x76\x62"
+ "\x0c\xc9\x15\x3b\xc7\x3c\x77\x2b"
+ "\xf8\x78\xba\xa7\xa6\x0e\xbd\x52"
+ "\x76\xa3\xdc\xbe\x6b\xa8\xb1\x2d"
+ "\xa9\x1d\xd8\x4e\x31\x53\xab\x00"
+ "\xa5\xa7\x01\x13\x04\x49\xf2\x04",
+ .rlen = 64,
+ }, {
+ .key = "\x67\x4f\xeb\x62\xc5\x40\x01\xc7"
+ "\x28\x80\x9a\xfe\xf6\x41\x74\x12"
+ "\x48\x65\xfe\xbc\xe2\x80\x57\x68"
+ "\x3c\xd4\x4d\x31\x7d\x54\x5f\xe1",
+ .klen = 32,
+ .iv = "\x76\x18\x79\xca\x09\xdf\xac\x4e"
+ "\x48\xb7\xc7\x23\xf5\x0a\xa5\x93",
+ .assoc = "\x85\xe1\x08\x32\x4d\x7e\x56\xd5"
+ "\x68\xed\xf3\x47\xf3\xd3\xd6\x15"
+ "\xdd\xc7\x04\xfe\x64\xd0\x18\x75"
+ "\x9d\xeb\xbc\x1d\xea\x84\x2e\x4c"
+ "\x83\xf9\xbe\x8a\xef\x1c\x4b\x10"
+ "\x89\xaf\xcb\x4b\xfe\xe7\xc1\x58"
+ "\xca\xea\xc6\x87\xc0\x53\x03\xd9"
+ "\x80\xaa\xb2\x83\xff\xee\xa1\x6a"
+ "\x04",
+ .alen = 65,
+ .input = "\x85\x39\x69\x35\xfb\xf9\xb0\xa6"
+ "\x85\x43\x88\xd0\xd7\x78\x60\x19"
+ "\x3e\x1f\xb1\xa4\xd6\xc5\x96\xec"
+ "\xf7\x84\x85\xc7\x27\x0f\x74\x57"
+ "\x28\x9e\xdd\x90\x3c\x43\x12\xc5"
+ "\x51\x3d\x39\x8f\xa5\xf4\xe0\x0b"
+ "\x57\x04\xf1\x6d\xfe\x9b\x84\x27"
+ "\xe8\xeb\x4d\xda\x02\x0a\xc5\x49"
+ "\x1a\x55\x5e\x50\x56\x4d\x94\xda"
+ "\x20\xf8\x12\x54\x50\xb3\x11\xda"
+ "\xed\x44\x27\x67\xd5\xd1\x8b\x4b"
+ "\x38\x67\x56\x65\x59\xda\xe6\x97"
+ "\x81\xae\x2f\x92\x3b\xae\x22\x1c"
+ "\x91\x59\x38\x18\x00\xe8\xba\x92"
+ "\x04\x19\x56\xdf\xb0\x82\xeb\x6f"
+ "\x2e\xdb\x54\x3c\x4b\xbb\x60\x90"
+ "\x4c\x50\x10\x62\xba\x7a\xb1\x68"
+ "\x37\xd7\x87\x4e\xe4\x66\x09\x1f"
+ "\xa5",
+ .ilen = 145,
+ .result = "\x94\xaa\x96\x9a\x91\x1d\x00\x5c"
+ "\x88\x24\x20\x6b\xf2\x9c\x06\x96"
+ "\xa7\x77\x87\x1f\xa6\x78\xf8\x7b"
+ "\xcd\xf6\xf4\x13\xa1\x9b\x16\x02"
+ "\x07\x24\xbf\xd5\x08\x20\xd0\x4f"
+ "\x90\xb3\x70\x24\x2f\x51\xc7\xbb"
+ "\xd6\x84\xc0\xef\x9a\xa8\xca\xcc"
+ "\x74\xab\x97\x53\xfe\xd0\xdb\x37"
+ "\x37\x6a\x0e\x9f\x3f\xa3\x2a\xe3"
+ "\x1b\x34\x6d\x51\x72\x2b\x17\xe7"
+ "\x4d\xaa\x2c\x18\xda\xa3\x33\x89"
+ "\x2a\x9f\xf4\xd2\xed\x76\x3d\x3f"
+ "\x3c\x15\x9d\x8e\x4f\x3c\x27\xb0"
+ "\x42\x3f\x2f\x8a\xd4\xc2\x10\xb2"
+ "\x27\x7f\xe3\x34\x80\x02\x49\x4b"
+ "\x07\x68\x22\x2a\x88\x25\x53\xb2"
+ "\x2f",
+ .rlen = 129,
+ }, {
+ .key = "\xa3\x73\x24\x01\xd5\xbc\xaa\xe3"
+ "\xa9\x5a\x4c\x90\xf0\x65\x37\x18"
+ "\x72\x28\x0a\x40\xe7\x20\xd9\x82"
+ "\xfe\x02\x2b\x09\x57\xb3\xfe\xb7",
+ .klen = 32,
+ .iv = "\xb3\x3d\xb3\x69\x19\x5b\x54\x6a"
+ "\xc9\x91\x79\xb4\xef\x2e\x68\x99",
+ .assoc = "\xc2\x06\x41\xd1\x5d\xfa\xff\xf1"
+ "\xe9\xc7\xa5\xd9\xed\xf8\x98\x1b"
+ "\x07\x89\x10\x82\x6a\x70\x9a\x8f"
+ "\x5e\x19\x9b\xf5\xc5\xe3\xcd\x22"
+ "\x92\xa5\xc2\xb8\x51\x2e\x5e\x0e"
+ "\xa4\xbe\x5f\xb1\xc1\x90\xd7\xe7"
+ "\xf7\x52\xae\x28\x29\xa8\x22\xa4"
+ "\x4f\xae\x48\xc2\xfa\x75\x8b\x9e"
+ "\xce\x83\x2a\x88\x07\x55\xbb\x89"
+ "\xf6\xdf\xac\xdf\x83\x08\xbf\x7d"
+ "\xac\x30\x8b\x8e\x02\xac\x00\xf1"
+ "\x30\x46\xe1\xbc\x75\xbf\x49\xbb"
+ "\x26\x4e\x29\xf0\x2f\x21\xc6\x13"
+ "\x92\xd9\x3d\x11\xe4\x10\x00\x8e"
+ "\xd4\xd4\x58\x65\xa6\x2b\xe3\x25"
+ "\xb1\x8f\x15\x93\xe7\x71\xb9\x2c"
+ "\x4b",
+ .alen = 129,
+ .input = "\x7d\xde\x53\x22\xe4\x23\x3b\x30"
+ "\x78\xde\x35\x90\x7a\xd9\x0b\x93"
+ "\xf6\x0e\x0b\xed\x40\xee\x10\x9c"
+ "\x96\x3a\xd3\x34\xb2\xd0\x67\xcf"
+ "\x63\x7f\x2d\x0c\xcf\x96\xec\x64"
+ "\x1a\x87\xcc\x7d\x2c\x5e\x81\x4b"
+ "\xd2\x8f\x4c\x7c\x00\xb1\xb4\xe0"
+ "\x87\x4d\xb1\xbc\xd8\x78\x2c\x17"
+ "\xf2\x3b\xd8\x28\x40\xe2\x76\xf6"
+ "\x20\x13\x83\x46\xaf\xff\xe3\x0f"
+ "\x72",
+ .ilen = 81,
+ .result = "\xd1\xcf\xd0\x39\xa1\x99\xa9\x78"
+ "\x09\xfe\xd2\xfd\xec\xc1\xc9\x9d"
+ "\xd2\x39\x93\xa3\xab\x18\x7a\x95"
+ "\x8f\x24\xd3\xeb\x7b\xfa\xb5\xd8"
+ "\x15\xd1\xc3\x04\x69\x32\xe3\x4d"
+ "\xaa\xc2\x04\x8b\xf2\xfa\xdc\x4a"
+ "\x02\xeb\xa8\x90\x03\xfd\xea\x97"
+ "\x43\xaf\x2e\x92\xf8\x57\xc5\x6a"
+ "\x00",
+ .rlen = 65,
+ }, {
+ .key = "\xe0\x98\x5e\xa1\xe5\x38\x53\xff"
+ "\x2a\x35\xfe\x21\xea\x8a\xfa\x1e"
+ "\x9c\xea\x15\xc5\xec\xc0\x5b\x9b"
+ "\xbf\x2f\x0a\xe1\x32\x12\x9d\x8e",
+ .klen = 32,
+ .iv = "\xef\x61\xed\x08\x29\xd7\xfd\x86"
+ "\x4a\x6b\x2b\x46\xe9\x53\x2a\xa0",
+ .assoc = "\xfe\x2a\x7b\x70\x6d\x75\xa7\x0d"
+ "\x6a\xa2\x57\x6a\xe7\x1c\x5b\x21"
+ "\x31\x4b\x1b\x07\x6f\x10\x1c\xa8"
+ "\x20\x46\x7a\xce\x9f\x42\x6d\xf9",
+ .alen = 32,
+ .input = "\x5a\xcd\x8c\x57\xf2\x6a\xb6\xbe"
+ "\x53\xc7\xaa\x9a\x60\x74\x9c\xc4"
+ "\xa2\xc2\xd0\x6d\xe1\x03\x63\xdc"
+ "\xbb\x51\x7e\x9c\x89\x73\xde\x4e"
+ "\x24\xf8\x52\x7c\x15\x41\x0e\xba"
+ "\x69\x0e\x36\x5f\x2f\x22\x8c",
+ .ilen = 47,
+ .result = "\x0d\xf4\x09\xd8\xb1\x14\x51\x94"
+ "\x8a\xd8\x84\x8e\xe6\xe5\x8c\xa3"
+ "\xfc\xfc\x9e\x28\xb0\xb8\xfc\xaf"
+ "\x50\x52\xb1\xc4\x55\x59\x55\xaf",
+ .rlen = 32,
+ }, {
+ .key = "\x1c\xbd\x98\x40\xf5\xb3\xfc\x1b"
+ "\xaa\x0f\xb0\xb3\xe4\xae\xbc\x24"
+ "\xc7\xac\x21\x49\xf1\x60\xdd\xb5"
+ "\x80\x5d\xe9\xba\x0c\x71\x3c\x64",
+ .klen = 32,
+ .iv = "\x2c\x86\x26\xa8\x39\x52\xa6\xa2"
+ "\xcb\x45\xdd\xd7\xe3\x77\xed\xa6",
+ .assoc = "\x3b\x4f\xb5\x10\x7d\xf1\x50\x29"
+ "\xeb\x7c\x0a\xfb\xe1\x40\x1e\x27"
+ "\x5c\x0d\x27\x8b\x74\xb0\x9e\xc2"
+ "\xe1\x74\x59\xa6\x79\xa1\x0c\xd0",
+ .alen = 32,
+ .input = "\x47\xd6\xce\x78\xd6\xbf\x4a\x51"
+ "\xb8\xda\x92\x3c\xfd\xda\xac\x8e"
+ "\x8d\x88\xd7\x4d\x90\xe5\xeb\xa1"
+ "\xab\xd6\x7c\x76\xad\xea\x7d\x76"
+ "\x53\xee\xb0\xcd\xd0\x02\xbb\x70"
+ "\x5b\x6f\x7b\xe2\x8c\xe8",
+ .ilen = 46,
+ .result = "\x4a\x18\x43\x77\xc1\x90\xfa\xb0"
+ "\x0b\xb2\x36\x20\xe0\x09\x4e\xa9"
+ "\x26\xbe\xaa\xac\xb5\x58\x7e\xc8"
+ "\x11\x7f\x90\x9c\x2f\xb8\xf4\x85",
+ .rlen = 32,
+ }, {
+ .key = "\x59\xe1\xd2\xdf\x05\x2f\xa4\x37"
+ "\x2b\xe9\x63\x44\xde\xd3\x7f\x2b"
+ "\xf1\x6f\x2d\xcd\xf6\x00\x5f\xcf"
+ "\x42\x8a\xc8\x92\xe6\xd0\xdc\x3b",
+ .klen = 32,
+ .iv = "\x68\xab\x60\x47\x49\xce\x4f\xbe"
+ "\x4c\x20\x8f\x68\xdd\x9c\xb0\xac",
+ .assoc = "\x77\x74\xee\xaf\x8d\x6d\xf9\x45"
+ "\x6c\x56\xbc\x8d\xdb\x65\xe0\x2e"
+ "\x86\xd0\x32\x0f\x79\x50\x20\xdb"
+ "\xa2\xa1\x37\x7e\x53\x00\xab\xa6",
+ .alen = 32,
+ .input = "\x9f\xa9\x2b\xa4\x8f\x00\x05\x2b"
+ "\xe7\x68\x81\x51\xbb\xfb\xdf\x60"
+ "\xbb\xac\xe8\xc1\xdc\x68\xae\x68"
+ "\x3a\xcd\x7a\x06\x49\xfe\x80\x11"
+ "\xe6\x61\x99\xe2\xdd\xbe\x2c\xbf",
+ .ilen = 40,
+ .result = "\x86\x3d\x7d\x17\xd1\x0c\xa3\xcc"
+ "\x8c\x8d\xe8\xb1\xda\x2e\x11\xaf"
+ "\x51\x80\xb5\x30\xba\xf8\x00\xe2"
+ "\xd3\xad\x6f\x75\x09\x18\x93\x5c",
+ .rlen = 32,
+ }, {
+ .key = "\x96\x06\x0b\x7f\x15\xab\x4d\x53"
+ "\xac\xc3\x15\xd6\xd8\xf7\x42\x31"
+ "\x1b\x31\x38\x51\xfc\xa0\xe1\xe8"
+ "\x03\xb8\xa7\x6b\xc0\x2f\x7b\x11",
+ .klen = 32,
+ .iv = "\xa5\xcf\x9a\xe6\x59\x4a\xf7\xd9"
+ "\xcd\xfa\x41\xfa\xd7\xc0\x72\xb2",
+ .assoc = "\xb4\x99\x28\x4e\x9d\xe8\xa2\x60"
+ "\xed\x30\x6e\x1e\xd5\x89\xa3\x34"
+ "\xb1\x92\x3e\x93\x7e\xf0\xa2\xf5"
+ "\x64\xcf\x16\x57\x2d\x5f\x4a\x7d",
+ .alen = 32,
+ .input = "\xe2\x34\xfa\x25\xfd\xfb\x89\x5e"
+ "\x5b\x4e\x0b\x15\x6e\x39\xfb\x0c"
+ "\x73\xc7\xd9\x6b\xbe\xce\x9b\x70"
+ "\xc7\x4f\x96\x16\x03\xfc\xea\xfb"
+ "\x56",
+ .ilen = 33,
+ .result = "\xc3\x62\xb7\xb6\xe2\x87\x4c\xe7"
+ "\x0d\x67\x9a\x43\xd4\x52\xd4\xb5"
+ "\x7b\x43\xc1\xb5\xbf\x98\x82\xfc"
+ "\x94\xda\x4e\x4d\xe4\x77\x32\x32",
+ .rlen = 32,
+ },
+};
+
/*
* All key wrapping test vectors taken from
* http://csrc.nist.gov/groups/STM/cavp/documents/mac/kwtestvectors.zip
@@ -27385,35 +26023,31 @@ static const struct aead_testvec rfc7539esp_dec_tv_template[] = {
* semiblock of the ciphertext from the test vector. For decryption, iv is
* the first semiblock of the ciphertext.
*/
-static const struct cipher_testvec aes_kw_enc_tv_template[] = {
+static const struct cipher_testvec aes_kw_tv_template[] = {
{
.key = "\x75\x75\xda\x3a\x93\x60\x7c\xc2"
"\xbf\xd8\xce\xc7\xaa\xdf\xd9\xa6",
.klen = 16,
- .input = "\x42\x13\x6d\x3c\x38\x4a\x3e\xea"
+ .ptext = "\x42\x13\x6d\x3c\x38\x4a\x3e\xea"
"\xc9\x5a\x06\x6f\xd2\x8f\xed\x3f",
- .ilen = 16,
- .result = "\xf6\x85\x94\x81\x6f\x64\xca\xa3"
+ .ctext = "\xf6\x85\x94\x81\x6f\x64\xca\xa3"
"\xf5\x6f\xab\xea\x25\x48\xf5\xfb",
- .rlen = 16,
- .iv_out = "\x03\x1f\x6b\xd7\xe6\x1e\x64\x3d",
- },
-};
-
-static const struct cipher_testvec aes_kw_dec_tv_template[] = {
- {
+ .len = 16,
+ .iv = "\x03\x1f\x6b\xd7\xe6\x1e\x64\x3d",
+ .generates_iv = true,
+ }, {
.key = "\x80\xaa\x99\x73\x27\xa4\x80\x6b"
"\x6a\x7a\x41\xa5\x2b\x86\xc3\x71"
"\x03\x86\xf9\x32\x78\x6e\xf7\x96"
"\x76\xfa\xfb\x90\xb8\x26\x3c\x5f",
.klen = 32,
- .input = "\xd3\x3d\x3d\x97\x7b\xf0\xa9\x15"
- "\x59\xf9\x9c\x8a\xcd\x29\x3d\x43",
- .ilen = 16,
- .result = "\x0a\x25\x6b\xa7\x5c\xfa\x03\xaa"
+ .ptext = "\x0a\x25\x6b\xa7\x5c\xfa\x03\xaa"
"\xa0\x2b\xa9\x42\x03\xf1\x5b\xaa",
- .rlen = 16,
+ .ctext = "\xd3\x3d\x3d\x97\x7b\xf0\xa9\x15"
+ "\x59\xf9\x9c\x8a\xcd\x29\x3d\x43",
+ .len = 16,
.iv = "\x42\x3c\x96\x0d\x8a\x2a\xc4\xc1",
+ .generates_iv = true,
},
};
@@ -28340,36 +26974,33 @@ static const struct drbg_testvec drbg_nopr_ctr_aes128_tv_template[] = {
};
/* Cast5 test vectors from RFC 2144 */
-static const struct cipher_testvec cast5_enc_tv_template[] = {
+static const struct cipher_testvec cast5_tv_template[] = {
{
.key = "\x01\x23\x45\x67\x12\x34\x56\x78"
"\x23\x45\x67\x89\x34\x56\x78\x9a",
.klen = 16,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .ilen = 8,
- .result = "\x23\x8b\x4f\xe5\x84\x7e\x44\xb2",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ .ctext = "\x23\x8b\x4f\xe5\x84\x7e\x44\xb2",
+ .len = 8,
}, {
.key = "\x01\x23\x45\x67\x12\x34\x56\x78"
"\x23\x45",
.klen = 10,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .ilen = 8,
- .result = "\xeb\x6a\x71\x1a\x2c\x02\x27\x1b",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ .ctext = "\xeb\x6a\x71\x1a\x2c\x02\x27\x1b",
+ .len = 8,
}, {
.key = "\x01\x23\x45\x67\x12",
.klen = 5,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .ilen = 8,
- .result = "\x7a\xc8\x16\xd1\x6e\x9b\x30\x2e",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ .ctext = "\x7a\xc8\x16\xd1\x6e\x9b\x30\x2e",
+ .len = 8,
}, { /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
.klen = 16,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -28431,8 +27062,7 @@ static const struct cipher_testvec cast5_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\x8D\xFC\x81\x9C\xCB\xAA\x5A\x1C"
+ .ctext = "\x8D\xFC\x81\x9C\xCB\xAA\x5A\x1C"
"\x7E\x95\xCF\x40\xAB\x4D\x6F\xEA"
"\xD3\xD9\xB0\x9A\xB7\xC7\xE0\x2E"
"\xD1\x39\x34\x92\x8F\xFA\x14\xF1"
@@ -28494,181 +27124,20 @@ static const struct cipher_testvec cast5_enc_tv_template[] = {
"\x5D\x0B\x3F\x03\x8F\x30\xF9\xAE"
"\x4F\xFE\x24\x9C\x9A\x02\xE5\x57"
"\xF5\xBC\x25\xD6\x02\x56\x57\x1C",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec cast5_dec_tv_template[] = {
- {
- .key = "\x01\x23\x45\x67\x12\x34\x56\x78"
- "\x23\x45\x67\x89\x34\x56\x78\x9a",
- .klen = 16,
- .input = "\x23\x8b\x4f\xe5\x84\x7e\x44\xb2",
- .ilen = 8,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .rlen = 8,
- }, {
- .key = "\x01\x23\x45\x67\x12\x34\x56\x78"
- "\x23\x45",
- .klen = 10,
- .input = "\xeb\x6a\x71\x1a\x2c\x02\x27\x1b",
- .ilen = 8,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .rlen = 8,
- }, {
- .key = "\x01\x23\x45\x67\x12",
- .klen = 5,
- .input = "\x7a\xc8\x16\xd1\x6e\x9b\x30\x2e",
- .ilen = 8,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .rlen = 8,
- }, { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
- .klen = 16,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x8D\xFC\x81\x9C\xCB\xAA\x5A\x1C"
- "\x7E\x95\xCF\x40\xAB\x4D\x6F\xEA"
- "\xD3\xD9\xB0\x9A\xB7\xC7\xE0\x2E"
- "\xD1\x39\x34\x92\x8F\xFA\x14\xF1"
- "\xD5\xD2\x7B\x59\x1F\x35\x28\xC2"
- "\x20\xD9\x42\x06\xC9\x0B\x10\x04"
- "\xF8\x79\xCD\x32\x86\x75\x4C\xB6"
- "\x7B\x1C\x52\xB1\x91\x64\x22\x4B"
- "\x13\xC7\xAE\x98\x0E\xB5\xCF\x6F"
- "\x3F\xF4\x43\x96\x73\x0D\xA2\x05"
- "\xDB\xFD\x28\x90\x2C\x56\xB9\x37"
- "\x5B\x69\x0C\xAD\x84\x67\xFF\x15"
- "\x4A\xD4\xA7\xD3\xDD\x99\x47\x3A"
- "\xED\x34\x35\x78\x6B\x91\xC9\x32"
- "\xE1\xBF\xBC\xB4\x04\x85\x6A\x39"
- "\xC0\xBA\x51\xD0\x0F\x4E\xD1\xE2"
- "\x1C\xFD\x0E\x05\x07\xF4\x10\xED"
- "\xA2\x17\xFF\xF5\x64\xC6\x1A\x22"
- "\xAD\x78\xE7\xD7\x11\xE9\x99\xB9"
- "\xAA\xEC\x6F\xF8\x3B\xBF\xCE\x77"
- "\x93\xE8\xAD\x1D\x50\x6C\xAE\xBC"
- "\xBA\x5C\x80\xD1\x91\x65\x51\x1B"
- "\xE8\x0A\xCD\x99\x96\x71\x3D\xB6"
- "\x78\x75\x37\x55\xC1\xF5\x90\x40"
- "\x34\xF4\x7E\xC8\xCC\x3A\x5F\x6E"
- "\x36\xA1\xA1\xC2\x3A\x72\x42\x8E"
- "\x0E\x37\x88\xE8\xCE\x83\xCB\xAD"
- "\xE0\x69\x77\x50\xC7\x0C\x99\xCA"
- "\x19\x5B\x30\x25\x9A\xEF\x9B\x0C"
- "\xEF\x8F\x74\x4C\xCF\x49\x4E\xB9"
- "\xC5\xAE\x9E\x2E\x78\x9A\xB9\x48"
- "\xD5\x81\xE4\x37\x1D\xBF\x27\xD9"
- "\xC5\xD6\x65\x43\x45\x8C\xBB\xB6"
- "\x55\xF4\x06\xBB\x49\x53\x8B\x1B"
- "\x07\xA9\x96\x69\x5B\xCB\x0F\xBC"
- "\x93\x85\x90\x0F\x0A\x68\x40\x2A"
- "\x95\xED\x2D\x88\xBF\x71\xD0\xBB"
- "\xEC\xB0\x77\x6C\x79\xFC\x3C\x05"
- "\x49\x3F\xB8\x24\xEF\x8E\x09\xA2"
- "\x1D\xEF\x92\x02\x96\xD4\x7F\xC8"
- "\x03\xB2\xCA\xDB\x17\x5C\x52\xCF"
- "\xDD\x70\x37\x63\xAA\xA5\x83\x20"
- "\x52\x02\xF6\xB9\xE7\x6E\x0A\xB6"
- "\x79\x03\xA0\xDA\xA3\x79\x21\xBD"
- "\xE3\x37\x3A\xC0\xF7\x2C\x32\xBE"
- "\x8B\xE8\xA6\x00\xC7\x32\xD5\x06"
- "\xBB\xE3\xAB\x06\x21\x82\xB8\x32"
- "\x31\x34\x2A\xA7\x1F\x64\x99\xBF"
- "\xFA\xDA\x3D\x75\xF7\x48\xD5\x48"
- "\x4B\x52\x7E\xF6\x7C\xAB\x67\x59"
- "\xC5\xDC\xA8\xC6\x63\x85\x4A\xDF"
- "\xF0\x40\x5F\xCF\xE3\x58\x52\x67"
- "\x7A\x24\x32\xC5\xEC\x9E\xA9\x6F"
- "\x58\x56\xDD\x94\x1F\x71\x8D\xF4"
- "\x6E\xFF\x2C\xA7\xA5\xD8\xBA\xAF"
- "\x1D\x8B\xA2\x46\xB5\xC4\x9F\x57"
- "\x8D\xD8\xB3\x3C\x02\x0D\xBB\x84"
- "\xC7\xBD\xB4\x9A\x6E\xBB\xB1\x37"
- "\x95\x79\xC4\xA7\xEA\x1D\xDC\x33"
- "\x5D\x0B\x3F\x03\x8F\x30\xF9\xAE"
- "\x4F\xFE\x24\x9C\x9A\x02\xE5\x57"
- "\xF5\xBC\x25\xD6\x02\x56\x57\x1C",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast5_cbc_enc_tv_template[] = {
+static const struct cipher_testvec cast5_cbc_tv_template[] = {
{ /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
.klen = 16,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -28730,83 +27199,7 @@ static const struct cipher_testvec cast5_cbc_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\x05\x28\xCE\x61\x90\x80\xE1\x78"
- "\xB9\x2A\x97\x7C\xB0\x83\xD8\x1A"
- "\xDE\x58\x7F\xD7\xFD\x72\xB8\xFB"
- "\xDA\xF0\x6E\x77\x14\x47\x82\xBA"
- "\x29\x0E\x25\x6E\xB4\x39\xD9\x7F"
- "\x05\xA7\xA7\x3A\xC1\x5D\x9E\x39"
- "\xA7\xFB\x0D\x05\x00\xF3\x58\x67"
- "\x60\xEC\x73\x77\x46\x85\x9B\x6A"
- "\x08\x3E\xBE\x59\xFB\xE4\x96\x34"
- "\xB4\x05\x49\x1A\x97\x43\xAD\xA0"
- "\xA9\x1E\x6E\x74\xF1\x94\xEC\xA8"
- "\xB5\x8A\x20\xEA\x89\x6B\x19\xAA"
- "\xA7\xF1\x33\x67\x90\x23\x0D\xEE"
- "\x81\xD5\x78\x4F\xD3\x63\xEA\x46"
- "\xB5\xB2\x6E\xBB\xCA\x76\x06\x10"
- "\x96\x2A\x0A\xBA\xF9\x41\x5A\x1D"
- "\x36\x7C\x56\x14\x54\x83\xFA\xA1"
- "\x27\xDD\xBA\x8A\x90\x29\xD6\xA6"
- "\xFA\x48\x3E\x1E\x23\x6E\x98\xA8"
- "\xA7\xD9\x67\x92\x5C\x13\xB4\x71"
- "\xA8\xAA\x89\x4A\xA4\xB3\x49\x7C"
- "\x7D\x7F\xCE\x6F\x29\x2E\x7E\x37"
- "\xC8\x52\x60\xD9\xE7\xCA\x60\x98"
- "\xED\xCD\xE8\x60\x83\xAD\x34\x4D"
- "\x96\x4A\x99\x2B\xB7\x14\x75\x66"
- "\x6C\x2C\x1A\xBA\x4B\xBB\x49\x56"
- "\xE1\x86\xA2\x0E\xD0\xF0\x07\xD3"
- "\x18\x38\x09\x9C\x0E\x8B\x86\x07"
- "\x90\x12\x37\x49\x27\x98\x69\x18"
- "\xB0\xCC\xFB\xD3\xBD\x04\xA0\x85"
- "\x4B\x22\x97\x07\xB6\x97\xE9\x95"
- "\x0F\x88\x36\xA9\x44\x00\xC6\xE9"
- "\x27\x53\x5C\x5B\x1F\xD3\xE2\xEE"
- "\xD0\xCD\x63\x30\xA9\xC0\xDD\x49"
- "\xFE\x16\xA4\x07\x0D\xE2\x5D\x97"
- "\xDE\x89\xBA\x2E\xF3\xA9\x5E\xBE"
- "\x03\x55\x0E\x02\x41\x4A\x45\x06"
- "\xBE\xEA\x32\xF2\xDC\x91\x5C\x20"
- "\x94\x02\x30\xD2\xFC\x29\xFA\x8E"
- "\x34\xA0\x31\xB8\x34\xBA\xAE\x54"
- "\xB5\x88\x1F\xDC\x43\xDC\x22\x9F"
- "\xDC\xCE\xD3\xFA\xA4\xA8\xBC\x8A"
- "\xC7\x5A\x43\x21\xA5\xB1\xDB\xC3"
- "\x84\x3B\xB4\x9B\xB5\xA7\xF1\x0A"
- "\xB6\x37\x21\x19\x55\xC2\xBD\x99"
- "\x49\x24\xBB\x7C\xB3\x8E\xEF\xD2"
- "\x3A\xCF\xA0\x31\x28\x0E\x25\xA2"
- "\x11\xB4\x18\x17\x1A\x65\x92\x56"
- "\xE8\xE0\x52\x9C\x61\x18\x2A\xB1"
- "\x1A\x01\x22\x45\x17\x62\x52\x6C"
- "\x91\x44\xCF\x98\xC7\xC0\x79\x26"
- "\x32\x66\x6F\x23\x7F\x94\x36\x88"
- "\x3C\xC9\xD0\xB7\x45\x30\x31\x86"
- "\x3D\xC6\xA3\x98\x62\x84\x1A\x8B"
- "\x16\x88\xC7\xA3\xE9\x4F\xE0\x86"
- "\xA4\x93\xA8\x34\x5A\xCA\xDF\xCA"
- "\x46\x38\xD2\xF4\xE0\x2D\x1E\xC9"
- "\x7C\xEF\x53\xB7\x60\x72\x41\xBF"
- "\x29\x00\x87\x02\xAF\x44\x4C\xB7"
- "\x8C\xF5\x3F\x19\xF4\x80\x45\xA7"
- "\x15\x5F\xDB\xE9\xB1\x83\xD2\xE6"
- "\x1D\x18\x66\x44\x5B\x8F\x14\xEB",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast5_cbc_dec_tv_template[] = {
- { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
- .klen = 16,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x05\x28\xCE\x61\x90\x80\xE1\x78"
+ .ctext = "\x05\x28\xCE\x61\x90\x80\xE1\x78"
"\xB9\x2A\x97\x7C\xB0\x83\xD8\x1A"
"\xDE\x58\x7F\xD7\xFD\x72\xB8\xFB"
"\xDA\xF0\x6E\x77\x14\x47\x82\xBA"
@@ -28868,96 +27261,32 @@ static const struct cipher_testvec cast5_cbc_dec_tv_template[] = {
"\x8C\xF5\x3F\x19\xF4\x80\x45\xA7"
"\x15\x5F\xDB\xE9\xB1\x83\xD2\xE6"
"\x1D\x18\x66\x44\x5B\x8F\x14\xEB",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
},
};
-static const struct cipher_testvec cast5_ctr_enc_tv_template[] = {
+static const struct cipher_testvec cast5_ctr_tv_template[] = {
{ /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
.klen = 16,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A",
- .ilen = 17,
- .result = "\xFF\xC4\x2E\x82\x3D\xF8\xA8\x39"
+ .ctext = "\xFF\xC4\x2E\x82\x3D\xF8\xA8\x39"
"\x7C\x52\xC4\xD3\xBB\x62\xC6\xA8"
"\x0C",
- .rlen = 17,
+ .len = 17,
}, { /* Generated from TF test vectors */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
.klen = 16,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -29019,96 +27348,7 @@ static const struct cipher_testvec cast5_ctr_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xFF\xC4\x2E\x82\x3D\xF8\xA8\x39"
- "\x7C\x52\xC4\xD3\xBB\x62\xC6\xA8"
- "\x0C\x63\xA5\x55\xE3\xF8\x1C\x7F"
- "\xDC\x59\xF9\xA0\x52\xAD\x83\xDF"
- "\xD5\x3B\x53\x4A\xAA\x1F\x49\x44"
- "\xE8\x20\xCC\xF8\x97\xE6\xE0\x3C"
- "\x5A\xD2\x83\xEC\xEE\x25\x3F\xCF"
- "\x0D\xC2\x79\x80\x99\x6E\xFF\x7B"
- "\x64\xB0\x7B\x86\x29\x1D\x9F\x17"
- "\x10\xA5\xA5\xEB\x16\x55\x9E\xE3"
- "\x88\x18\x52\x56\x48\x58\xD1\x6B"
- "\xE8\x74\x6E\x48\xB0\x2E\x69\x63"
- "\x32\xAA\xAC\x26\x55\x45\x94\xDE"
- "\x30\x26\x26\xE6\x08\x82\x2F\x5F"
- "\xA7\x15\x94\x07\x75\x2D\xC6\x3A"
- "\x1B\xA0\x39\xFB\xBA\xB9\x06\x56"
- "\xF6\x9F\xF1\x2F\x9B\xF3\x89\x8B"
- "\x08\xC8\x9D\x5E\x6B\x95\x09\xC7"
- "\x98\xB7\x62\xA4\x1D\x25\xFA\xC5"
- "\x62\xC8\x5D\x6B\xB4\x85\x88\x7F"
- "\x3B\x29\xF9\xB4\x32\x62\x69\xBF"
- "\x32\xB8\xEB\xFD\x0E\x26\xAA\xA3"
- "\x44\x67\x90\x20\xAC\x41\xDF\x43"
- "\xC6\xC7\x19\x9F\x2C\x28\x74\xEB"
- "\x3E\x7F\x7A\x80\x5B\xE4\x08\x60"
- "\xC7\xC9\x71\x34\x44\xCE\x05\xFD"
- "\xA8\x91\xA8\x44\x5E\xD3\x89\x2C"
- "\xAE\x59\x0F\x07\x88\x79\x53\x26"
- "\xAF\xAC\xCB\x1D\x6F\x08\x25\x62"
- "\xD0\x82\x65\x66\xE4\x2A\x29\x1C"
- "\x9C\x64\x5F\x49\x9D\xF8\x62\xF9"
- "\xED\xC4\x13\x52\x75\xDC\xE4\xF9"
- "\x68\x0F\x8A\xCD\xA6\x8D\x75\xAA"
- "\x49\xA1\x86\x86\x37\x5C\x6B\x3D"
- "\x56\xE5\x6F\xBE\x27\xC0\x10\xF8"
- "\x3C\x4D\x17\x35\x14\xDC\x1C\xA0"
- "\x6E\xAE\xD1\x10\xDD\x83\x06\xC2"
- "\x23\xD3\xC7\x27\x15\x04\x2C\x27"
- "\xDD\x1F\x2E\x97\x09\x9C\x33\x7D"
- "\xAC\x50\x1B\x2E\xC9\x52\x0C\x14"
- "\x4B\x78\xC4\xDE\x07\x6A\x12\x02"
- "\x6E\xD7\x4B\x91\xB9\x88\x4D\x02"
- "\xC3\xB5\x04\xBC\xE0\x67\xCA\x18"
- "\x22\xA1\xAE\x9A\x21\xEF\xB2\x06"
- "\x35\xCD\xEC\x37\x70\x2D\xFC\x1E"
- "\xA8\x31\xE7\xFC\xE5\x8E\x88\x66"
- "\x16\xB5\xC8\x45\x21\x37\xBD\x24"
- "\xA9\xD5\x36\x12\x9F\x6E\x67\x80"
- "\x87\x54\xD5\xAF\x97\xE1\x15\xA7"
- "\x11\xF0\x63\x7B\xE1\x44\x14\x1C"
- "\x06\x32\x05\x8C\x6C\xDB\x9B\x36"
- "\x6A\x6B\xAD\x3A\x27\x55\x20\x4C"
- "\x76\x36\x43\xE8\x16\x60\xB5\xF3"
- "\xDF\x5A\xC6\xA5\x69\x78\x59\x51"
- "\x54\x68\x65\x06\x84\xDE\x3D\xAE"
- "\x38\x91\xBD\xCC\xA2\x8A\xEC\xE6"
- "\x9E\x83\xAE\x1E\x8E\x34\x5D\xDE"
- "\x91\xCE\x8F\xED\x40\xF7\xC8\x8B"
- "\x9A\x13\x4C\xAD\x89\x97\x9E\xD1"
- "\x91\x01\xD7\x21\x23\x28\x1E\xCC"
- "\x8C\x98\xDB\xDE\xFC\x72\x94\xAA"
- "\xC0\x0D\x96\xAA\x23\xF8\xFE\x13",
- .rlen = 496,
- .also_non_np = 1,
- .np = 3,
- .tap = { 496 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec cast5_ctr_dec_tv_template[] = {
- { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
- .klen = 16,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\xFF\xC4\x2E\x82\x3D\xF8\xA8\x39"
- "\x7C\x52\xC4\xD3\xBB\x62\xC6\xA8"
- "\x0C",
- .ilen = 17,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A",
- .rlen = 17,
- }, { /* Generated from TF test vectors */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A",
- .klen = 16,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
- .input = "\xFF\xC4\x2E\x82\x3D\xF8\xA8\x39"
+ .ctext = "\xFF\xC4\x2E\x82\x3D\xF8\xA8\x39"
"\x7C\x52\xC4\xD3\xBB\x62\xC6\xA8"
"\x0C\x63\xA5\x55\xE3\xF8\x1C\x7F"
"\xDC\x59\xF9\xA0\x52\xAD\x83\xDF"
@@ -29170,70 +27410,7 @@ static const struct cipher_testvec cast5_ctr_dec_tv_template[] = {
"\x91\x01\xD7\x21\x23\x28\x1E\xCC"
"\x8C\x98\xDB\xDE\xFC\x72\x94\xAA"
"\xC0\x0D\x96\xAA\x23\xF8\xFE\x13",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
+ .len = 496,
.also_non_np = 1,
.np = 3,
.tap = { 496 - 20, 4, 16 },
@@ -29243,408 +27420,190 @@ static const struct cipher_testvec cast5_ctr_dec_tv_template[] = {
/*
* ARC4 test vectors from OpenSSL
*/
-static const struct cipher_testvec arc4_enc_tv_template[] = {
+static const struct cipher_testvec arc4_tv_template[] = {
{
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .ilen = 8,
- .result = "\x75\xb7\x87\x80\x99\xe0\xc5\x96",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ .ctext = "\x75\xb7\x87\x80\x99\xe0\xc5\x96",
+ .len = 8,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 8,
- .result = "\x74\x94\xc2\xe7\x10\x4b\x08\x79",
- .rlen = 8,
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ctext = "\x74\x94\xc2\xe7\x10\x4b\x08\x79",
+ .len = 8,
}, {
.key = "\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 8,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 8,
- .result = "\xde\x18\x89\x41\xa3\x37\x5d\x3a",
- .rlen = 8,
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ctext = "\xde\x18\x89\x41\xa3\x37\x5d\x3a",
+ .len = 8,
}, {
.key = "\xef\x01\x23\x45",
.klen = 4,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00",
- .ilen = 20,
- .result = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf"
+ .ctext = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf"
"\xbd\x61\x5a\x11\x62\xe1\xc7\xba"
"\x36\xb6\x78\x58",
- .rlen = 20,
+ .len = 20,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
.klen = 8,
- .input = "\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
+ .ptext = "\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
"\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
"\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
"\x12\x34\x56\x78",
- .ilen = 28,
- .result = "\x66\xa0\x94\x9f\x8a\xf7\xd6\x89"
+ .ctext = "\x66\xa0\x94\x9f\x8a\xf7\xd6\x89"
"\x1f\x7f\x83\x2b\xa8\x33\xc0\x0c"
"\x89\x2e\xbe\x30\x14\x3c\xe2\x87"
"\x40\x01\x1e\xcf",
- .rlen = 28,
+ .len = 28,
}, {
.key = "\xef\x01\x23\x45",
.klen = 4,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00",
- .ilen = 10,
- .result = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf"
+ .ctext = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf"
"\xbd\x61",
- .rlen = 10,
+ .len = 10,
}, {
.key = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
"\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 16,
- .input = "\x01\x23\x45\x67\x89\xAB\xCD\xEF",
- .ilen = 8,
- .result = "\x69\x72\x36\x59\x1B\x52\x42\xB1",
- .rlen = 8,
- },
-};
-
-static const struct cipher_testvec arc4_dec_tv_template[] = {
- {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .input = "\x75\xb7\x87\x80\x99\xe0\xc5\x96",
- .ilen = 8,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .rlen = 8,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .input = "\x74\x94\xc2\xe7\x10\x4b\x08\x79",
- .ilen = 8,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 8,
- }, {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 8,
- .input = "\xde\x18\x89\x41\xa3\x37\x5d\x3a",
- .ilen = 8,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 8,
- }, {
- .key = "\xef\x01\x23\x45",
- .klen = 4,
- .input = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf"
- "\xbd\x61\x5a\x11\x62\xe1\xc7\xba"
- "\x36\xb6\x78\x58",
- .ilen = 20,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00",
- .rlen = 20,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef",
- .klen = 8,
- .input = "\x66\xa0\x94\x9f\x8a\xf7\xd6\x89"
- "\x1f\x7f\x83\x2b\xa8\x33\xc0\x0c"
- "\x89\x2e\xbe\x30\x14\x3c\xe2\x87"
- "\x40\x01\x1e\xcf",
- .ilen = 28,
- .result = "\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
- "\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
- "\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
- "\x12\x34\x56\x78",
- .rlen = 28,
- }, {
- .key = "\xef\x01\x23\x45",
- .klen = 4,
- .input = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf"
- "\xbd\x61",
- .ilen = 10,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00",
- .rlen = 10,
- }, {
- .key = "\x01\x23\x45\x67\x89\xAB\xCD\xEF"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 16,
- .input = "\x69\x72\x36\x59\x1B\x52\x42\xB1",
- .ilen = 8,
- .result = "\x01\x23\x45\x67\x89\xAB\xCD\xEF",
- .rlen = 8,
+ .ptext = "\x01\x23\x45\x67\x89\xAB\xCD\xEF",
+ .ctext = "\x69\x72\x36\x59\x1B\x52\x42\xB1",
+ .len = 8,
},
};
/*
* TEA test vectors
*/
-static const struct cipher_testvec tea_enc_tv_template[] = {
+static const struct cipher_testvec tea_tv_template[] = {
{
.key = zeroed_string,
.klen = 16,
- .input = zeroed_string,
- .ilen = 8,
- .result = "\x0a\x3a\xea\x41\x40\xa9\xba\x94",
- .rlen = 8,
+ .ptext = zeroed_string,
+ .ctext = "\x0a\x3a\xea\x41\x40\xa9\xba\x94",
+ .len = 8,
}, {
.key = "\x2b\x02\x05\x68\x06\x14\x49\x76"
"\x77\x5d\x0e\x26\x6c\x28\x78\x43",
.klen = 16,
- .input = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
- .ilen = 8,
- .result = "\x77\x5d\x2a\x6a\xf6\xce\x92\x09",
- .rlen = 8,
+ .ptext = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
+ .ctext = "\x77\x5d\x2a\x6a\xf6\xce\x92\x09",
+ .len = 8,
}, {
.key = "\x09\x65\x43\x11\x66\x44\x39\x25"
"\x51\x3a\x16\x10\x0a\x08\x12\x6e",
.klen = 16,
- .input = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
+ .ptext = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
"\x65\x73\x74\x5f\x76\x65\x63\x74",
- .ilen = 16,
- .result = "\xbe\x7a\xbb\x81\x95\x2d\x1f\x1e"
+ .ctext = "\xbe\x7a\xbb\x81\x95\x2d\x1f\x1e"
"\xdd\x89\xa1\x25\x04\x21\xdf\x95",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x4d\x76\x32\x17\x05\x3f\x75\x2c"
"\x5d\x04\x16\x36\x15\x72\x63\x2f",
.klen = 16,
- .input = "\x54\x65\x61\x20\x69\x73\x20\x67"
+ .ptext = "\x54\x65\x61\x20\x69\x73\x20\x67"
"\x6f\x6f\x64\x20\x66\x6f\x72\x20"
"\x79\x6f\x75\x21\x21\x21\x20\x72"
"\x65\x61\x6c\x6c\x79\x21\x21\x21",
- .ilen = 32,
- .result = "\xe0\x4d\x5d\x3c\xb7\x8c\x36\x47"
- "\x94\x18\x95\x91\xa9\xfc\x49\xf8"
- "\x44\xd1\x2d\xc2\x99\xb8\x08\x2a"
- "\x07\x89\x73\xc2\x45\x92\xc6\x90",
- .rlen = 32,
- }
-};
-
-static const struct cipher_testvec tea_dec_tv_template[] = {
- {
- .key = zeroed_string,
- .klen = 16,
- .input = "\x0a\x3a\xea\x41\x40\xa9\xba\x94",
- .ilen = 8,
- .result = zeroed_string,
- .rlen = 8,
- }, {
- .key = "\x2b\x02\x05\x68\x06\x14\x49\x76"
- "\x77\x5d\x0e\x26\x6c\x28\x78\x43",
- .klen = 16,
- .input = "\x77\x5d\x2a\x6a\xf6\xce\x92\x09",
- .ilen = 8,
- .result = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
- .rlen = 8,
- }, {
- .key = "\x09\x65\x43\x11\x66\x44\x39\x25"
- "\x51\x3a\x16\x10\x0a\x08\x12\x6e",
- .klen = 16,
- .input = "\xbe\x7a\xbb\x81\x95\x2d\x1f\x1e"
- "\xdd\x89\xa1\x25\x04\x21\xdf\x95",
- .ilen = 16,
- .result = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
- "\x65\x73\x74\x5f\x76\x65\x63\x74",
- .rlen = 16,
- }, {
- .key = "\x4d\x76\x32\x17\x05\x3f\x75\x2c"
- "\x5d\x04\x16\x36\x15\x72\x63\x2f",
- .klen = 16,
- .input = "\xe0\x4d\x5d\x3c\xb7\x8c\x36\x47"
+ .ctext = "\xe0\x4d\x5d\x3c\xb7\x8c\x36\x47"
"\x94\x18\x95\x91\xa9\xfc\x49\xf8"
"\x44\xd1\x2d\xc2\x99\xb8\x08\x2a"
"\x07\x89\x73\xc2\x45\x92\xc6\x90",
- .ilen = 32,
- .result = "\x54\x65\x61\x20\x69\x73\x20\x67"
- "\x6f\x6f\x64\x20\x66\x6f\x72\x20"
- "\x79\x6f\x75\x21\x21\x21\x20\x72"
- "\x65\x61\x6c\x6c\x79\x21\x21\x21",
- .rlen = 32,
+ .len = 32,
}
};
/*
* XTEA test vectors
*/
-static const struct cipher_testvec xtea_enc_tv_template[] = {
+static const struct cipher_testvec xtea_tv_template[] = {
{
.key = zeroed_string,
.klen = 16,
- .input = zeroed_string,
- .ilen = 8,
- .result = "\xd8\xd4\xe9\xde\xd9\x1e\x13\xf7",
- .rlen = 8,
+ .ptext = zeroed_string,
+ .ctext = "\xd8\xd4\xe9\xde\xd9\x1e\x13\xf7",
+ .len = 8,
}, {
.key = "\x2b\x02\x05\x68\x06\x14\x49\x76"
"\x77\x5d\x0e\x26\x6c\x28\x78\x43",
.klen = 16,
- .input = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
- .ilen = 8,
- .result = "\x94\xeb\xc8\x96\x84\x6a\x49\xa8",
- .rlen = 8,
+ .ptext = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
+ .ctext = "\x94\xeb\xc8\x96\x84\x6a\x49\xa8",
+ .len = 8,
}, {
.key = "\x09\x65\x43\x11\x66\x44\x39\x25"
"\x51\x3a\x16\x10\x0a\x08\x12\x6e",
.klen = 16,
- .input = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
+ .ptext = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
"\x65\x73\x74\x5f\x76\x65\x63\x74",
- .ilen = 16,
- .result = "\x3e\xce\xae\x22\x60\x56\xa8\x9d"
+ .ctext = "\x3e\xce\xae\x22\x60\x56\xa8\x9d"
"\x77\x4d\xd4\xb4\x87\x24\xe3\x9a",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x4d\x76\x32\x17\x05\x3f\x75\x2c"
"\x5d\x04\x16\x36\x15\x72\x63\x2f",
.klen = 16,
- .input = "\x54\x65\x61\x20\x69\x73\x20\x67"
+ .ptext = "\x54\x65\x61\x20\x69\x73\x20\x67"
"\x6f\x6f\x64\x20\x66\x6f\x72\x20"
"\x79\x6f\x75\x21\x21\x21\x20\x72"
"\x65\x61\x6c\x6c\x79\x21\x21\x21",
- .ilen = 32,
- .result = "\x99\x81\x9f\x5d\x6f\x4b\x31\x3a"
- "\x86\xff\x6f\xd0\xe3\x87\x70\x07"
- "\x4d\xb8\xcf\xf3\x99\x50\xb3\xd4"
- "\x73\xa2\xfa\xc9\x16\x59\x5d\x81",
- .rlen = 32,
- }
-};
-
-static const struct cipher_testvec xtea_dec_tv_template[] = {
- {
- .key = zeroed_string,
- .klen = 16,
- .input = "\xd8\xd4\xe9\xde\xd9\x1e\x13\xf7",
- .ilen = 8,
- .result = zeroed_string,
- .rlen = 8,
- }, {
- .key = "\x2b\x02\x05\x68\x06\x14\x49\x76"
- "\x77\x5d\x0e\x26\x6c\x28\x78\x43",
- .klen = 16,
- .input = "\x94\xeb\xc8\x96\x84\x6a\x49\xa8",
- .ilen = 8,
- .result = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
- .rlen = 8,
- }, {
- .key = "\x09\x65\x43\x11\x66\x44\x39\x25"
- "\x51\x3a\x16\x10\x0a\x08\x12\x6e",
- .klen = 16,
- .input = "\x3e\xce\xae\x22\x60\x56\xa8\x9d"
- "\x77\x4d\xd4\xb4\x87\x24\xe3\x9a",
- .ilen = 16,
- .result = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
- "\x65\x73\x74\x5f\x76\x65\x63\x74",
- .rlen = 16,
- }, {
- .key = "\x4d\x76\x32\x17\x05\x3f\x75\x2c"
- "\x5d\x04\x16\x36\x15\x72\x63\x2f",
- .klen = 16,
- .input = "\x99\x81\x9f\x5d\x6f\x4b\x31\x3a"
+ .ctext = "\x99\x81\x9f\x5d\x6f\x4b\x31\x3a"
"\x86\xff\x6f\xd0\xe3\x87\x70\x07"
"\x4d\xb8\xcf\xf3\x99\x50\xb3\xd4"
"\x73\xa2\xfa\xc9\x16\x59\x5d\x81",
- .ilen = 32,
- .result = "\x54\x65\x61\x20\x69\x73\x20\x67"
- "\x6f\x6f\x64\x20\x66\x6f\x72\x20"
- "\x79\x6f\x75\x21\x21\x21\x20\x72"
- "\x65\x61\x6c\x6c\x79\x21\x21\x21",
- .rlen = 32,
+ .len = 32,
}
};
/*
* KHAZAD test vectors.
*/
-static const struct cipher_testvec khazad_enc_tv_template[] = {
+static const struct cipher_testvec khazad_tv_template[] = {
{
.key = "\x80\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 16,
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 8,
- .result = "\x49\xa4\xce\x32\xac\x19\x0e\x3f",
- .rlen = 8,
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ctext = "\x49\xa4\xce\x32\xac\x19\x0e\x3f",
+ .len = 8,
}, {
.key = "\x38\x38\x38\x38\x38\x38\x38\x38"
"\x38\x38\x38\x38\x38\x38\x38\x38",
.klen = 16,
- .input = "\x38\x38\x38\x38\x38\x38\x38\x38",
- .ilen = 8,
- .result = "\x7e\x82\x12\xa1\xd9\x5b\xe4\xf9",
- .rlen = 8,
+ .ptext = "\x38\x38\x38\x38\x38\x38\x38\x38",
+ .ctext = "\x7e\x82\x12\xa1\xd9\x5b\xe4\xf9",
+ .len = 8,
}, {
.key = "\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2"
"\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2",
.klen = 16,
- .input = "\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2",
- .ilen = 8,
- .result = "\xaa\xbe\xc1\x95\xc5\x94\x1a\x9c",
- .rlen = 8,
+ .ptext = "\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2",
+ .ctext = "\xaa\xbe\xc1\x95\xc5\x94\x1a\x9c",
+ .len = 8,
}, {
.key = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f"
"\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
.klen = 16,
- .input = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
- .ilen = 8,
- .result = "\x04\x74\xf5\x70\x50\x16\xd3\xb8",
- .rlen = 8,
+ .ptext = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
+ .ctext = "\x04\x74\xf5\x70\x50\x16\xd3\xb8",
+ .len = 8,
}, {
.key = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f"
"\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
.klen = 16,
- .input = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f"
+ .ptext = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f"
"\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
- .ilen = 16,
- .result = "\x04\x74\xf5\x70\x50\x16\xd3\xb8"
+ .ctext = "\x04\x74\xf5\x70\x50\x16\xd3\xb8"
"\x04\x74\xf5\x70\x50\x16\xd3\xb8",
- .rlen = 16,
- },
-};
-
-static const struct cipher_testvec khazad_dec_tv_template[] = {
- {
- .key = "\x80\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 16,
- .input = "\x49\xa4\xce\x32\xac\x19\x0e\x3f",
- .ilen = 8,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 8,
- }, {
- .key = "\x38\x38\x38\x38\x38\x38\x38\x38"
- "\x38\x38\x38\x38\x38\x38\x38\x38",
- .klen = 16,
- .input = "\x7e\x82\x12\xa1\xd9\x5b\xe4\xf9",
- .ilen = 8,
- .result = "\x38\x38\x38\x38\x38\x38\x38\x38",
- .rlen = 8,
- }, {
- .key = "\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2"
- "\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2",
- .klen = 16,
- .input = "\xaa\xbe\xc1\x95\xc5\x94\x1a\x9c",
- .ilen = 8,
- .result = "\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2",
- .rlen = 8,
- }, {
- .key = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f"
- "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
- .klen = 16,
- .input = "\x04\x74\xf5\x70\x50\x16\xd3\xb8",
- .ilen = 8,
- .result = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
- .rlen = 8,
- }, {
- .key = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f"
- "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
- .klen = 16,
- .input = "\x04\x74\xf5\x70\x50\x16\xd3\xb8"
- "\x04\x74\xf5\x70\x50\x16\xd3\xb8",
- .ilen = 16,
- .result = "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f"
- "\x2f\x2f\x2f\x2f\x2f\x2f\x2f\x2f",
- .rlen = 16,
+ .len = 16,
},
};
@@ -29652,53 +27611,49 @@ static const struct cipher_testvec khazad_dec_tv_template[] = {
* Anubis test vectors.
*/
-static const struct cipher_testvec anubis_enc_tv_template[] = {
+static const struct cipher_testvec anubis_tv_template[] = {
{
.key = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
.klen = 16,
- .input = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
+ .ptext = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- .ilen = 16,
- .result = "\x6d\xc5\xda\xa2\x26\x7d\x62\x6f"
+ .ctext = "\x6d\xc5\xda\xa2\x26\x7d\x62\x6f"
"\x08\xb7\x52\x8e\x6e\x6e\x86\x90",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x03\x03\x03\x03\x03\x03\x03\x03"
"\x03\x03\x03\x03\x03\x03\x03\x03"
"\x03\x03\x03\x03",
.klen = 20,
- .input = "\x03\x03\x03\x03\x03\x03\x03\x03"
+ .ptext = "\x03\x03\x03\x03\x03\x03\x03\x03"
"\x03\x03\x03\x03\x03\x03\x03\x03",
- .ilen = 16,
- .result = "\xdb\xf1\x42\xf4\xd1\x8a\xc7\x49"
+ .ctext = "\xdb\xf1\x42\xf4\xd1\x8a\xc7\x49"
"\x87\x41\x6f\x82\x0a\x98\x64\xae",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x24\x24\x24\x24\x24\x24\x24\x24"
"\x24\x24\x24\x24\x24\x24\x24\x24"
"\x24\x24\x24\x24\x24\x24\x24\x24"
"\x24\x24\x24\x24",
.klen = 28,
- .input = "\x24\x24\x24\x24\x24\x24\x24\x24"
+ .ptext = "\x24\x24\x24\x24\x24\x24\x24\x24"
"\x24\x24\x24\x24\x24\x24\x24\x24",
- .ilen = 16,
- .result = "\xfd\x1b\x4a\xe3\xbf\xf0\xad\x3d"
+ .ctext = "\xfd\x1b\x4a\xe3\xbf\xf0\xad\x3d"
"\x06\xd3\x61\x27\xfd\x13\x9e\xde",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x25\x25\x25\x25\x25\x25\x25\x25"
"\x25\x25\x25\x25\x25\x25\x25\x25"
"\x25\x25\x25\x25\x25\x25\x25\x25"
"\x25\x25\x25\x25\x25\x25\x25\x25",
.klen = 32,
- .input = "\x25\x25\x25\x25\x25\x25\x25\x25"
+ .ptext = "\x25\x25\x25\x25\x25\x25\x25\x25"
"\x25\x25\x25\x25\x25\x25\x25\x25",
- .ilen = 16,
- .result = "\x1a\x91\xfb\x2b\xb7\x78\x6b\xc4"
+ .ctext = "\x1a\x91\xfb\x2b\xb7\x78\x6b\xc4"
"\x17\xd9\xff\x40\x3b\x0e\xe5\xfe",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35"
@@ -29706,93 +27661,28 @@ static const struct cipher_testvec anubis_enc_tv_template[] = {
"\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35",
.klen = 40,
- .input = "\x35\x35\x35\x35\x35\x35\x35\x35"
+ .ptext = "\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35",
- .ilen = 16,
- .result = "\xa5\x2c\x85\x6f\x9c\xba\xa0\x97"
+ .ctext = "\xa5\x2c\x85\x6f\x9c\xba\xa0\x97"
"\x9e\xc6\x84\x0f\x17\x21\x07\xee",
- .rlen = 16,
+ .len = 16,
},
};
-static const struct cipher_testvec anubis_dec_tv_template[] = {
+static const struct cipher_testvec anubis_cbc_tv_template[] = {
{
.key = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
.klen = 16,
- .input = "\x6d\xc5\xda\xa2\x26\x7d\x62\x6f"
- "\x08\xb7\x52\x8e\x6e\x6e\x86\x90",
- .ilen = 16,
- .result = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
- "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- .rlen = 16,
- }, {
-
- .key = "\x03\x03\x03\x03\x03\x03\x03\x03"
- "\x03\x03\x03\x03\x03\x03\x03\x03"
- "\x03\x03\x03\x03",
- .klen = 20,
- .input = "\xdb\xf1\x42\xf4\xd1\x8a\xc7\x49"
- "\x87\x41\x6f\x82\x0a\x98\x64\xae",
- .ilen = 16,
- .result = "\x03\x03\x03\x03\x03\x03\x03\x03"
- "\x03\x03\x03\x03\x03\x03\x03\x03",
- .rlen = 16,
- }, {
- .key = "\x24\x24\x24\x24\x24\x24\x24\x24"
- "\x24\x24\x24\x24\x24\x24\x24\x24"
- "\x24\x24\x24\x24\x24\x24\x24\x24"
- "\x24\x24\x24\x24",
- .klen = 28,
- .input = "\xfd\x1b\x4a\xe3\xbf\xf0\xad\x3d"
- "\x06\xd3\x61\x27\xfd\x13\x9e\xde",
- .ilen = 16,
- .result = "\x24\x24\x24\x24\x24\x24\x24\x24"
- "\x24\x24\x24\x24\x24\x24\x24\x24",
- .rlen = 16,
- }, {
- .key = "\x25\x25\x25\x25\x25\x25\x25\x25"
- "\x25\x25\x25\x25\x25\x25\x25\x25"
- "\x25\x25\x25\x25\x25\x25\x25\x25"
- "\x25\x25\x25\x25\x25\x25\x25\x25",
- .klen = 32,
- .input = "\x1a\x91\xfb\x2b\xb7\x78\x6b\xc4"
- "\x17\xd9\xff\x40\x3b\x0e\xe5\xfe",
- .ilen = 16,
- .result = "\x25\x25\x25\x25\x25\x25\x25\x25"
- "\x25\x25\x25\x25\x25\x25\x25\x25",
- .rlen = 16,
- }, {
- .key = "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35",
- .input = "\xa5\x2c\x85\x6f\x9c\xba\xa0\x97"
- "\x9e\xc6\x84\x0f\x17\x21\x07\xee",
- .klen = 40,
- .ilen = 16,
- .result = "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35",
- .rlen = 16,
- },
-};
-
-static const struct cipher_testvec anubis_cbc_enc_tv_template[] = {
- {
- .key = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
- "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- .klen = 16,
- .input = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
+ .ptext = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- .ilen = 32,
- .result = "\x6d\xc5\xda\xa2\x26\x7d\x62\x6f"
+ .ctext = "\x6d\xc5\xda\xa2\x26\x7d\x62\x6f"
"\x08\xb7\x52\x8e\x6e\x6e\x86\x90"
"\x86\xd8\xb5\x6f\x98\x5e\x8a\x66"
"\x4f\x1f\x78\xa1\xbb\x37\xf1\xbe",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35"
@@ -29800,263 +27690,114 @@ static const struct cipher_testvec anubis_cbc_enc_tv_template[] = {
"\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35",
.klen = 40,
- .input = "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35",
- .ilen = 32,
- .result = "\xa5\x2c\x85\x6f\x9c\xba\xa0\x97"
- "\x9e\xc6\x84\x0f\x17\x21\x07\xee"
- "\xa2\xbc\x06\x98\xc6\x4b\xda\x75"
- "\x2e\xaa\xbe\x58\xce\x01\x5b\xc7",
- .rlen = 32,
- },
-};
-
-static const struct cipher_testvec anubis_cbc_dec_tv_template[] = {
- {
- .key = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
- "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- .klen = 16,
- .input = "\x6d\xc5\xda\xa2\x26\x7d\x62\x6f"
- "\x08\xb7\x52\x8e\x6e\x6e\x86\x90"
- "\x86\xd8\xb5\x6f\x98\x5e\x8a\x66"
- "\x4f\x1f\x78\xa1\xbb\x37\xf1\xbe",
- .ilen = 32,
- .result = "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
- "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
- "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe"
- "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- .rlen = 32,
- }, {
- .key = "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
+ .ptext = "\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35"
"\x35\x35\x35\x35\x35\x35\x35\x35",
- .klen = 40,
- .input = "\xa5\x2c\x85\x6f\x9c\xba\xa0\x97"
+ .ctext = "\xa5\x2c\x85\x6f\x9c\xba\xa0\x97"
"\x9e\xc6\x84\x0f\x17\x21\x07\xee"
"\xa2\xbc\x06\x98\xc6\x4b\xda\x75"
"\x2e\xaa\xbe\x58\xce\x01\x5b\xc7",
- .ilen = 32,
- .result = "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35"
- "\x35\x35\x35\x35\x35\x35\x35\x35",
- .rlen = 32,
+ .len = 32,
},
};
/*
* XETA test vectors
*/
-static const struct cipher_testvec xeta_enc_tv_template[] = {
+static const struct cipher_testvec xeta_tv_template[] = {
{
.key = zeroed_string,
.klen = 16,
- .input = zeroed_string,
- .ilen = 8,
- .result = "\xaa\x22\x96\xe5\x6c\x61\xf3\x45",
- .rlen = 8,
+ .ptext = zeroed_string,
+ .ctext = "\xaa\x22\x96\xe5\x6c\x61\xf3\x45",
+ .len = 8,
}, {
.key = "\x2b\x02\x05\x68\x06\x14\x49\x76"
"\x77\x5d\x0e\x26\x6c\x28\x78\x43",
.klen = 16,
- .input = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
- .ilen = 8,
- .result = "\x82\x3e\xeb\x35\xdc\xdd\xd9\xc3",
- .rlen = 8,
+ .ptext = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
+ .ctext = "\x82\x3e\xeb\x35\xdc\xdd\xd9\xc3",
+ .len = 8,
}, {
.key = "\x09\x65\x43\x11\x66\x44\x39\x25"
"\x51\x3a\x16\x10\x0a\x08\x12\x6e",
.klen = 16,
- .input = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
+ .ptext = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
"\x65\x73\x74\x5f\x76\x65\x63\x74",
- .ilen = 16,
- .result = "\xe2\x04\xdb\xf2\x89\x85\x9e\xea"
+ .ctext = "\xe2\x04\xdb\xf2\x89\x85\x9e\xea"
"\x61\x35\xaa\xed\xb5\xcb\x71\x2c",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x4d\x76\x32\x17\x05\x3f\x75\x2c"
"\x5d\x04\x16\x36\x15\x72\x63\x2f",
.klen = 16,
- .input = "\x54\x65\x61\x20\x69\x73\x20\x67"
+ .ptext = "\x54\x65\x61\x20\x69\x73\x20\x67"
"\x6f\x6f\x64\x20\x66\x6f\x72\x20"
"\x79\x6f\x75\x21\x21\x21\x20\x72"
"\x65\x61\x6c\x6c\x79\x21\x21\x21",
- .ilen = 32,
- .result = "\x0b\x03\xcd\x8a\xbe\x95\xfd\xb1"
- "\xc1\x44\x91\x0b\xa5\xc9\x1b\xb4"
- "\xa9\xda\x1e\x9e\xb1\x3e\x2a\x8f"
- "\xea\xa5\x6a\x85\xd1\xf4\xa8\xa5",
- .rlen = 32,
- }
-};
-
-static const struct cipher_testvec xeta_dec_tv_template[] = {
- {
- .key = zeroed_string,
- .klen = 16,
- .input = "\xaa\x22\x96\xe5\x6c\x61\xf3\x45",
- .ilen = 8,
- .result = zeroed_string,
- .rlen = 8,
- }, {
- .key = "\x2b\x02\x05\x68\x06\x14\x49\x76"
- "\x77\x5d\x0e\x26\x6c\x28\x78\x43",
- .klen = 16,
- .input = "\x82\x3e\xeb\x35\xdc\xdd\xd9\xc3",
- .ilen = 8,
- .result = "\x74\x65\x73\x74\x20\x6d\x65\x2e",
- .rlen = 8,
- }, {
- .key = "\x09\x65\x43\x11\x66\x44\x39\x25"
- "\x51\x3a\x16\x10\x0a\x08\x12\x6e",
- .klen = 16,
- .input = "\xe2\x04\xdb\xf2\x89\x85\x9e\xea"
- "\x61\x35\xaa\xed\xb5\xcb\x71\x2c",
- .ilen = 16,
- .result = "\x6c\x6f\x6e\x67\x65\x72\x5f\x74"
- "\x65\x73\x74\x5f\x76\x65\x63\x74",
- .rlen = 16,
- }, {
- .key = "\x4d\x76\x32\x17\x05\x3f\x75\x2c"
- "\x5d\x04\x16\x36\x15\x72\x63\x2f",
- .klen = 16,
- .input = "\x0b\x03\xcd\x8a\xbe\x95\xfd\xb1"
+ .ctext = "\x0b\x03\xcd\x8a\xbe\x95\xfd\xb1"
"\xc1\x44\x91\x0b\xa5\xc9\x1b\xb4"
"\xa9\xda\x1e\x9e\xb1\x3e\x2a\x8f"
"\xea\xa5\x6a\x85\xd1\xf4\xa8\xa5",
- .ilen = 32,
- .result = "\x54\x65\x61\x20\x69\x73\x20\x67"
- "\x6f\x6f\x64\x20\x66\x6f\x72\x20"
- "\x79\x6f\x75\x21\x21\x21\x20\x72"
- "\x65\x61\x6c\x6c\x79\x21\x21\x21",
- .rlen = 32,
+ .len = 32,
}
};
/*
* FCrypt test vectors
*/
-static const struct cipher_testvec fcrypt_pcbc_enc_tv_template[] = {
+static const struct cipher_testvec fcrypt_pcbc_tv_template[] = {
{ /* http://www.openafs.org/pipermail/openafs-devel/2000-December/005320.html */
.key = "\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 8,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 8,
- .result = "\x0E\x09\x00\xC7\x3E\xF7\xED\x41",
- .rlen = 8,
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ctext = "\x0E\x09\x00\xC7\x3E\xF7\xED\x41",
+ .len = 8,
}, {
.key = "\x11\x44\x77\xAA\xDD\x00\x33\x66",
.klen = 8,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x12\x34\x56\x78\x9A\xBC\xDE\xF0",
- .ilen = 8,
- .result = "\xD8\xED\x78\x74\x77\xEC\x06\x80",
- .rlen = 8,
+ .ptext = "\x12\x34\x56\x78\x9A\xBC\xDE\xF0",
+ .ctext = "\xD8\xED\x78\x74\x77\xEC\x06\x80",
+ .len = 8,
}, { /* From Arla */
.key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
.klen = 8,
.iv = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .input = "The quick brown fox jumps over the lazy dogs.\0\0",
- .ilen = 48,
- .result = "\x00\xf0\x0e\x11\x75\xe6\x23\x82"
+ .ptext = "The quick brown fox jumps over the lazy dogs.\0\0",
+ .ctext = "\x00\xf0\x0e\x11\x75\xe6\x23\x82"
"\xee\xac\x98\x62\x44\x51\xe4\x84"
"\xc3\x59\xd8\xaa\x64\x60\xae\xf7"
"\xd2\xd9\x13\x79\x72\xa3\x45\x03"
"\x23\xb5\x62\xd7\x0c\xf5\x27\xd1"
"\xf8\x91\x3c\xac\x44\x22\x92\xef",
- .rlen = 48,
+ .len = 48,
}, {
.key = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
.klen = 8,
.iv = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
- .input = "The quick brown fox jumps over the lazy dogs.\0\0",
- .ilen = 48,
- .result = "\xca\x90\xf5\x9d\xcb\xd4\xd2\x3c"
+ .ptext = "The quick brown fox jumps over the lazy dogs.\0\0",
+ .ctext = "\xca\x90\xf5\x9d\xcb\xd4\xd2\x3c"
"\x01\x88\x7f\x3e\x31\x6e\x62\x9d"
"\xd8\xe0\x57\xa3\x06\x3a\x42\x58"
"\x2a\x28\xfe\x72\x52\x2f\xdd\xe0"
"\x19\x89\x09\x1c\x2a\x8e\x8c\x94"
"\xfc\xc7\x68\xe4\x88\xaa\xde\x0f",
- .rlen = 48,
+ .len = 48,
}, { /* split-page version */
.key = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
.klen = 8,
.iv = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
- .input = "The quick brown fox jumps over the lazy dogs.\0\0",
- .ilen = 48,
- .result = "\xca\x90\xf5\x9d\xcb\xd4\xd2\x3c"
+ .ptext = "The quick brown fox jumps over the lazy dogs.\0\0",
+ .ctext = "\xca\x90\xf5\x9d\xcb\xd4\xd2\x3c"
"\x01\x88\x7f\x3e\x31\x6e\x62\x9d"
"\xd8\xe0\x57\xa3\x06\x3a\x42\x58"
"\x2a\x28\xfe\x72\x52\x2f\xdd\xe0"
"\x19\x89\x09\x1c\x2a\x8e\x8c\x94"
"\xfc\xc7\x68\xe4\x88\xaa\xde\x0f",
- .rlen = 48,
- .np = 2,
- .tap = { 20, 28 },
- }
-};
-
-static const struct cipher_testvec fcrypt_pcbc_dec_tv_template[] = {
- { /* http://www.openafs.org/pipermail/openafs-devel/2000-December/005320.html */
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 8,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x0E\x09\x00\xC7\x3E\xF7\xED\x41",
- .ilen = 8,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 8,
- }, {
- .key = "\x11\x44\x77\xAA\xDD\x00\x33\x66",
- .klen = 8,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xD8\xED\x78\x74\x77\xEC\x06\x80",
- .ilen = 8,
- .result = "\x12\x34\x56\x78\x9A\xBC\xDE\xF0",
- .rlen = 8,
- }, { /* From Arla */
- .key = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
- .klen = 8,
- .iv = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .input = "\x00\xf0\x0e\x11\x75\xe6\x23\x82"
- "\xee\xac\x98\x62\x44\x51\xe4\x84"
- "\xc3\x59\xd8\xaa\x64\x60\xae\xf7"
- "\xd2\xd9\x13\x79\x72\xa3\x45\x03"
- "\x23\xb5\x62\xd7\x0c\xf5\x27\xd1"
- "\xf8\x91\x3c\xac\x44\x22\x92\xef",
- .ilen = 48,
- .result = "The quick brown fox jumps over the lazy dogs.\0\0",
- .rlen = 48,
- }, {
- .key = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .klen = 8,
- .iv = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
- .input = "\xca\x90\xf5\x9d\xcb\xd4\xd2\x3c"
- "\x01\x88\x7f\x3e\x31\x6e\x62\x9d"
- "\xd8\xe0\x57\xa3\x06\x3a\x42\x58"
- "\x2a\x28\xfe\x72\x52\x2f\xdd\xe0"
- "\x19\x89\x09\x1c\x2a\x8e\x8c\x94"
- "\xfc\xc7\x68\xe4\x88\xaa\xde\x0f",
- .ilen = 48,
- .result = "The quick brown fox jumps over the lazy dogs.\0\0",
- .rlen = 48,
- }, { /* split-page version */
- .key = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .klen = 8,
- .iv = "\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87",
- .input = "\xca\x90\xf5\x9d\xcb\xd4\xd2\x3c"
- "\x01\x88\x7f\x3e\x31\x6e\x62\x9d"
- "\xd8\xe0\x57\xa3\x06\x3a\x42\x58"
- "\x2a\x28\xfe\x72\x52\x2f\xdd\xe0"
- "\x19\x89\x09\x1c\x2a\x8e\x8c\x94"
- "\xfc\xc7\x68\xe4\x88\xaa\xde\x0f",
- .ilen = 48,
- .result = "The quick brown fox jumps over the lazy dogs.\0\0",
- .rlen = 48,
+ .len = 48,
.np = 2,
.tap = { 20, 28 },
}
@@ -30065,47 +27806,44 @@ static const struct cipher_testvec fcrypt_pcbc_dec_tv_template[] = {
/*
* CAMELLIA test vectors.
*/
-static const struct cipher_testvec camellia_enc_tv_template[] = {
+static const struct cipher_testvec camellia_tv_template[] = {
{
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10",
.klen = 16,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .ilen = 16,
- .result = "\x67\x67\x31\x38\x54\x96\x69\x73"
+ .ctext = "\x67\x67\x31\x38\x54\x96\x69\x73"
"\x08\x57\x06\x56\x48\xea\xbe\x43",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10"
"\x00\x11\x22\x33\x44\x55\x66\x77",
.klen = 24,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .ilen = 16,
- .result = "\xb4\x99\x34\x01\xb3\xe9\x96\xf8"
+ .ctext = "\xb4\x99\x34\x01\xb3\xe9\x96\xf8"
"\x4e\xe5\xce\xe7\xd7\x9b\x09\xb9",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10"
"\x00\x11\x22\x33\x44\x55\x66\x77"
"\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
.klen = 32,
- .input = "\x01\x23\x45\x67\x89\xab\xcd\xef"
+ .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xef"
"\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .ilen = 16,
- .result = "\x9a\xcc\x23\x7d\xff\x16\xd7\x6c"
+ .ctext = "\x9a\xcc\x23\x7d\xff\x16\xd7\x6c"
"\x20\xef\x7c\x91\x9e\x3a\x75\x09",
- .rlen = 16,
+ .len = 16,
}, { /* Generated with Crypto++ */
.key = "\x3F\x85\x62\x3F\x1C\xF9\xD6\x1C"
"\xF9\xD6\xB3\x90\x6D\x4A\x90\x6D"
"\x4A\x27\x04\xE1\x27\x04\xE1\xBE"
"\x9B\x78\xBE\x9B\x78\x55\x32\x0F",
.klen = 32,
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -30231,181 +27969,7 @@ static const struct cipher_testvec camellia_enc_tv_template[] = {
"\xB1\x25\xBC\x53\xEA\x5E\xF5\x8C"
"\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
"\x72\x09\xA0\x14\xAB\x42\xD9\x4D",
- .ilen = 1008,
- .result = "\xED\xCD\xDB\xB8\x68\xCE\xBD\xEA"
- "\x9D\x9D\xCD\x9F\x4F\xFC\x4D\xB7"
- "\xA5\xFF\x6F\x43\x0F\xBA\x32\x04"
- "\xB3\xC2\xB9\x03\xAA\x91\x56\x29"
- "\x0D\xD0\xFD\xC4\x65\xA5\x69\xB9"
- "\xF1\xF6\xB1\xA5\xB2\x75\x4F\x8A"
- "\x8D\x7D\x1B\x9B\xC7\x68\x72\xF8"
- "\x01\x9B\x17\x0A\x29\xE7\x61\x28"
- "\x7F\xA7\x50\xCA\x20\x2C\x96\x3B"
- "\x6E\x5C\x5D\x3F\xB5\x7F\xF3\x2B"
- "\x04\xEF\x9D\xD4\xCE\x41\x28\x8E"
- "\x83\x54\xAE\x7C\x82\x46\x10\xC9"
- "\xC4\x8A\x1E\x1F\x4C\xA9\xFC\xEC"
- "\x3C\x8C\x30\xFC\x59\xD2\x54\xC4"
- "\x6F\x50\xC6\xCA\x8C\x14\x5B\x9C"
- "\x18\x56\x5B\xF8\x33\x0E\x4A\xDB"
- "\xEC\xB5\x6E\x5B\x31\xC4\x0E\x98"
- "\x9F\x32\xBA\xA2\x18\xCF\x55\x43"
- "\xFE\x80\x8F\x60\xCF\x05\x30\x9B"
- "\x70\x50\x1E\x9C\x08\x87\xE6\x20"
- "\xD2\xF3\x27\xF8\x2A\x8D\x12\xB2"
- "\xBC\x5F\xFE\x52\x52\xF6\x7F\xB6"
- "\xB8\x30\x86\x3B\x0F\x94\x1E\x79"
- "\x13\x94\x35\xA2\xB1\x35\x5B\x05"
- "\x2A\x98\x6B\x96\x4C\xB1\x20\xBE"
- "\xB6\x14\xC2\x06\xBF\xFD\x5F\x2A"
- "\xF5\x33\xC8\x19\x45\x14\x44\x5D"
- "\xFE\x94\x7B\xBB\x63\x13\x57\xC3"
- "\x2A\x8F\x6C\x11\x2A\x07\xA7\x6A"
- "\xBF\x20\xD3\x99\xC6\x00\x0B\xBF"
- "\x83\x46\x25\x3A\xB0\xF6\xC5\xC8"
- "\x00\xCA\xE5\x28\x4A\x7C\x95\x9C"
- "\x7B\x43\xAB\xF9\xE4\xF8\x74\xAB"
- "\xA7\xB8\x9C\x0F\x53\x7B\xB6\x74"
- "\x60\x64\x0D\x1C\x80\xD1\x20\x9E"
- "\xDC\x14\x27\x9B\xFC\xBD\x5C\x96"
- "\xD2\x51\xDC\x96\xEE\xE5\xEA\x2B"
- "\x02\x7C\xAA\x3C\xDC\x9D\x7B\x01"
- "\x20\xC3\xE1\x0B\xDD\xAB\xF3\x1E"
- "\x19\xA8\x84\x29\x5F\xCC\xC3\x5B"
- "\xE4\x33\x59\xDC\x12\xEB\x2B\x4D"
- "\x5B\x55\x23\xB7\x40\x31\xDE\xEE"
- "\x18\xC9\x3C\x4D\xBC\xED\xE0\x42"
- "\xAD\xDE\xA0\xA3\xC3\xFE\x44\xD3"
- "\xE1\x9A\xDA\xAB\x32\xFC\x1A\xBF"
- "\x63\xA9\xF0\x6A\x08\x46\xBD\x48"
- "\x83\x06\xAB\x82\x99\x01\x16\x1A"
- "\x03\x36\xC5\x59\x6B\xB8\x8C\x9F"
- "\xC6\x51\x3D\xE5\x7F\xBF\xAB\xBC"
- "\xC9\xA1\x88\x34\x5F\xA9\x7C\x3B"
- "\x9F\x1B\x98\x2B\x4F\xFB\x9B\xF0"
- "\xCD\xB6\x45\xB2\x29\x2E\x34\x23"
- "\xA9\x97\xC0\x22\x8C\x42\x9B\x5F"
- "\x40\xC8\xD7\x3D\x82\x9A\x6F\xAA"
- "\x74\x83\x29\x05\xE8\xC4\x4D\x01"
- "\xB5\xE5\x84\x3F\x7F\xD3\xE0\x99"
- "\xDA\xE7\x6F\x30\xFD\xAA\x92\x30"
- "\xA5\x46\x8B\xA2\xE6\x58\x62\x7C"
- "\x2C\x35\x1B\x38\x85\x7D\xE8\xF3"
- "\x87\x4F\xDA\xD8\x5F\xFC\xB6\x44"
- "\xD0\xE3\x9B\x8B\xBF\xD6\xB8\xC4"
- "\x73\xAE\x1D\x8B\x5B\x74\x8B\xCB"
- "\xA4\xAD\xCF\x5D\xD4\x58\xC9\xCD"
- "\xF7\x90\x68\xCF\xC9\x11\x52\x3E"
- "\xE8\xA1\xA3\x78\x8B\xD0\xAC\x0A"
- "\xD4\xC9\xA3\xA5\x55\x30\xC8\x3E"
- "\xED\x28\x39\xE9\x63\xED\x41\x70"
- "\x51\xE3\xC4\xA0\xFC\xD5\x43\xCB"
- "\x4D\x65\xC8\xFD\x3A\x91\x8F\x60"
- "\x8A\xA6\x6D\x9D\x3E\x01\x23\x4B"
- "\x50\x47\xC9\xDC\x9B\xDE\x37\xC5"
- "\xBF\x67\xB1\x6B\x78\x38\xD5\x7E"
- "\xB6\xFF\x67\x83\x3B\x6E\xBE\x23"
- "\x45\xFA\x1D\x69\x44\xFD\xC6\xB9"
- "\xD0\x4A\x92\xD1\xBE\xF6\x4A\xB7"
- "\xCA\xA8\xA2\x9E\x13\x87\x57\x92"
- "\x64\x7C\x85\x0B\xB3\x29\x37\xD8"
- "\xE6\xAA\xAF\xC4\x03\x67\xA3\xBF"
- "\x2E\x45\x83\xB6\xD8\x54\x00\x89"
- "\xF6\xBC\x3A\x7A\x88\x58\x51\xED"
- "\xF4\x4E\x01\xA5\xC3\x2E\xD9\x42"
- "\xBD\x6E\x0D\x0B\x21\xB0\x1A\xCC"
- "\xA4\xD3\x3F\xDC\x9B\x81\xD8\xF1"
- "\xEA\x7A\x6A\xB7\x07\xC9\x6D\x91"
- "\x6D\x3A\xF5\x5F\xA6\xFF\x87\x1E"
- "\x3F\xDD\xC0\x72\xEA\xAC\x08\x15"
- "\x21\xE6\xC6\xB6\x0D\xD8\x51\x86"
- "\x2A\x03\x73\xF7\x29\xD4\xC4\xE4"
- "\x7F\x95\x10\xF7\xAB\x3F\x92\x23"
- "\xD3\xCE\x9C\x2E\x46\x3B\x63\x43"
- "\xBB\xC2\x82\x7A\x83\xD5\x55\xE2"
- "\xE7\x9B\x2F\x92\xAF\xFD\x81\x56"
- "\x79\xFD\x3E\xF9\x46\xE0\x25\xD4"
- "\x38\xDE\xBC\x2C\xC4\x7A\x2A\x8F"
- "\x94\x4F\xD0\xAD\x9B\x37\x18\xD4"
- "\x0E\x4D\x0F\x02\x3A\xDC\x5A\xA2"
- "\x39\x25\x55\x20\x5A\xA6\x02\x9F"
- "\xE6\x77\x21\x77\xE5\x4B\x7B\x0B"
- "\x30\xF8\x5F\x33\x0F\x49\xCD\xFF"
- "\xF2\xE4\x35\xF9\xF0\x63\xC3\x7E"
- "\xF1\xA6\x73\xB4\xDF\xE7\xBB\x78"
- "\xFF\x21\xA9\xF3\xF3\xCF\x5D\xBA"
- "\xED\x87\x98\xAC\xFE\x48\x97\x6D"
- "\xA6\x7F\x69\x31\xB1\xC4\xFF\x14"
- "\xC6\x76\xD4\x10\xDD\xF6\x49\x2C"
- "\x9C\xC8\x6D\x76\xC0\x8F\x5F\x55"
- "\x2F\x3C\x8A\x30\xAA\xC3\x16\x55"
- "\xC6\xFC\x8D\x8B\xB9\xE5\x80\x6C"
- "\xC8\x7E\xBD\x65\x58\x36\xD5\xBC"
- "\xF0\x33\x52\x29\x70\xF9\x5C\xE9"
- "\xAC\x1F\xB5\x73\x56\x66\x54\xAF"
- "\x1B\x8F\x7D\xED\xAB\x03\xCE\xE3"
- "\xAE\x47\xB6\x69\x86\xE9\x01\x31"
- "\x83\x18\x3D\xF4\x74\x7B\xF9\x42"
- "\x4C\xFD\x75\x4A\x6D\xF0\x03\xA6"
- "\x2B\x20\x63\xDA\x49\x65\x5E\x8B"
- "\xC0\x19\xE3\x8D\xD9\xF3\xB0\x34"
- "\xD3\x52\xFC\x68\x00\x43\x1B\x37"
- "\x31\x93\x51\x1C\x63\x97\x70\xB0"
- "\x99\x78\x83\x13\xFD\xCF\x53\x81"
- "\x36\x46\xB5\x42\x52\x2F\x32\xEB"
- "\x4A\x3D\xF1\x8F\x1C\x54\x2E\xFC"
- "\x41\x75\x5A\x8C\x8E\x6F\xE7\x1A"
- "\xAE\xEF\x3E\x82\x12\x0B\x74\x72"
- "\xF8\xB2\xAA\x7A\xD6\xFF\xFA\x55"
- "\x33\x1A\xBB\xD3\xA2\x7E\x97\x66",
- .rlen = 1008,
- .also_non_np = 1,
- .np = 3,
- .tap = { 1008 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec camellia_dec_tv_template[] = {
- {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .klen = 16,
- .input = "\x67\x67\x31\x38\x54\x96\x69\x73"
- "\x08\x57\x06\x56\x48\xea\xbe\x43",
- .ilen = 16,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .rlen = 16,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10"
- "\x00\x11\x22\x33\x44\x55\x66\x77",
- .klen = 24,
- .input = "\xb4\x99\x34\x01\xb3\xe9\x96\xf8"
- "\x4e\xe5\xce\xe7\xd7\x9b\x09\xb9",
- .ilen = 16,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .rlen = 16,
- }, {
- .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10"
- "\x00\x11\x22\x33\x44\x55\x66\x77"
- "\x88\x99\xaa\xbb\xcc\xdd\xee\xff",
- .klen = 32,
- .input = "\x9a\xcc\x23\x7d\xff\x16\xd7\x6c"
- "\x20\xef\x7c\x91\x9e\x3a\x75\x09",
- .ilen = 16,
- .result = "\x01\x23\x45\x67\x89\xab\xcd\xef"
- "\xfe\xdc\xba\x98\x76\x54\x32\x10",
- .rlen = 16,
- }, { /* Generated with Crypto++ */
- .key = "\x3F\x85\x62\x3F\x1C\xF9\xD6\x1C"
- "\xF9\xD6\xB3\x90\x6D\x4A\x90\x6D"
- "\x4A\x27\x04\xE1\x27\x04\xE1\xBE"
- "\x9B\x78\xBE\x9B\x78\x55\x32\x0F",
- .klen = 32,
- .input = "\xED\xCD\xDB\xB8\x68\xCE\xBD\xEA"
+ .ctext = "\xED\xCD\xDB\xB8\x68\xCE\xBD\xEA"
"\x9D\x9D\xCD\x9F\x4F\xFC\x4D\xB7"
"\xA5\xFF\x6F\x43\x0F\xBA\x32\x04"
"\xB3\xC2\xB9\x03\xAA\x91\x56\x29"
@@ -30531,168 +28095,39 @@ static const struct cipher_testvec camellia_dec_tv_template[] = {
"\xAE\xEF\x3E\x82\x12\x0B\x74\x72"
"\xF8\xB2\xAA\x7A\xD6\xFF\xFA\x55"
"\x33\x1A\xBB\xD3\xA2\x7E\x97\x66",
- .ilen = 1008,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06"
- "\x9D\x34\xCB\x3F\xD6\x6D\x04\x78"
- "\x0F\xA6\x1A\xB1\x48\xDF\x53\xEA"
- "\x81\x18\x8C\x23\xBA\x2E\xC5\x5C"
- "\xF3\x67\xFE\x95\x09\xA0\x37\xCE"
- "\x42\xD9\x70\x07\x7B\x12\xA9\x1D"
- "\xB4\x4B\xE2\x56\xED\x84\x1B\x8F"
- "\x26\xBD\x31\xC8\x5F\xF6\x6A\x01"
- "\x98\x0C\xA3\x3A\xD1\x45\xDC\x73"
- "\x0A\x7E\x15\xAC\x20\xB7\x4E\xE5"
- "\x59\xF0\x87\x1E\x92\x29\xC0\x34"
- "\xCB\x62\xF9\x6D\x04\x9B\x0F\xA6"
- "\x3D\xD4\x48\xDF\x76\x0D\x81\x18"
- "\xAF\x23\xBA\x51\xE8\x5C\xF3\x8A"
- "\x21\x95\x2C\xC3\x37\xCE\x65\xFC"
- "\x70\x07\x9E\x12\xA9\x40\xD7\x4B"
- "\xE2\x79\x10\x84\x1B\xB2\x26\xBD"
- "\x54\xEB\x5F\xF6\x8D\x01\x98\x2F"
- "\xC6\x3A\xD1\x68\xFF\x73\x0A\xA1"
- "\x15\xAC\x43\xDA\x4E\xE5\x7C\x13"
- "\x87\x1E\xB5\x29\xC0\x57\xEE\x62"
- "\xF9\x90\x04\x9B\x32\xC9\x3D\xD4"
- "\x6B\x02\x76\x0D\xA4\x18\xAF\x46"
- "\xDD\x51\xE8\x7F\x16\x8A\x21\xB8"
- "\x2C\xC3\x5A\xF1\x65\xFC\x93\x07"
- "\x9E\x35\xCC\x40\xD7\x6E\x05\x79"
- "\x10\xA7\x1B\xB2\x49\xE0\x54\xEB"
- "\x82\x19\x8D\x24\xBB\x2F\xC6\x5D"
- "\xF4\x68\xFF\x96\x0A\xA1\x38\xCF"
- "\x43\xDA\x71\x08\x7C\x13\xAA\x1E"
- "\xB5\x4C\xE3\x57\xEE\x85\x1C\x90"
- "\x27\xBE\x32\xC9\x60\xF7\x6B\x02"
- "\x99\x0D\xA4\x3B\xD2\x46\xDD\x74"
- "\x0B\x7F\x16\xAD\x21\xB8\x4F\xE6"
- "\x5A\xF1\x88\x1F\x93\x2A\xC1\x35"
- "\xCC\x63\xFA\x6E\x05\x9C\x10\xA7"
- "\x3E\xD5\x49\xE0\x77\x0E\x82\x19"
- "\xB0\x24\xBB\x52\xE9\x5D\xF4\x8B"
- "\x22\x96\x2D\xC4\x38\xCF\x66\xFD"
- "\x71\x08\x9F\x13\xAA\x41\xD8\x4C"
- "\xE3\x7A\x11\x85\x1C\xB3\x27\xBE"
- "\x55\xEC\x60\xF7\x8E\x02\x99\x30"
- "\xC7\x3B\xD2\x69\x00\x74\x0B\xA2"
- "\x16\xAD\x44\xDB\x4F\xE6\x7D\x14"
- "\x88\x1F\xB6\x2A\xC1\x58\xEF\x63"
- "\xFA\x91\x05\x9C\x33\xCA\x3E\xD5"
- "\x6C\x03\x77\x0E\xA5\x19\xB0\x47"
- "\xDE\x52\xE9\x80\x17\x8B\x22\xB9"
- "\x2D\xC4\x5B\xF2\x66\xFD\x94\x08"
- "\x9F\x36\xCD\x41\xD8\x6F\x06\x7A"
- "\x11\xA8\x1C\xB3\x4A\xE1\x55\xEC"
- "\x83\x1A\x8E\x25\xBC\x30\xC7\x5E"
- "\xF5\x69\x00\x97\x0B\xA2\x39\xD0"
- "\x44\xDB\x72\x09\x7D\x14\xAB\x1F"
- "\xB6\x4D\xE4\x58\xEF\x86\x1D\x91"
- "\x28\xBF\x33\xCA\x61\xF8\x6C\x03"
- "\x9A\x0E\xA5\x3C\xD3\x47\xDE\x75"
- "\x0C\x80\x17\xAE\x22\xB9\x50\xE7"
- "\x5B\xF2\x89\x20\x94\x2B\xC2\x36"
- "\xCD\x64\xFB\x6F\x06\x9D\x11\xA8"
- "\x3F\xD6\x4A\xE1\x78\x0F\x83\x1A"
- "\xB1\x25\xBC\x53\xEA\x5E\xF5\x8C"
- "\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
- "\x72\x09\xA0\x14\xAB\x42\xD9\x4D",
- .rlen = 1008,
+ .len = 1008,
.also_non_np = 1,
.np = 3,
.tap = { 1008 - 20, 4, 16 },
},
};
-static const struct cipher_testvec camellia_cbc_enc_tv_template[] = {
+static const struct cipher_testvec camellia_cbc_tv_template[] = {
{
.key = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
"\x51\x2e\x03\xd5\x34\x12\x00\x06",
.klen = 16,
.iv = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
"\xb4\x22\xda\x80\x2c\x9f\xac\x41",
- .input = "Single block msg",
- .ilen = 16,
- .result = "\xea\x32\x12\x76\x3b\x50\x10\xe7"
+ .ptext = "Single block msg",
+ .ctext = "\xea\x32\x12\x76\x3b\x50\x10\xe7"
"\x18\xf6\xfd\x5d\xf6\x8f\x13\x51",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xc2\x86\x69\x6d\x88\x7c\x9a\xa0"
"\x61\x1b\xbb\x3e\x20\x25\xa4\x5a",
.klen = 16,
.iv = "\x56\x2e\x17\x99\x6d\x09\x3d\x28"
"\xdd\xb3\xba\x69\x5a\x2e\x6f\x58",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .ilen = 32,
- .result = "\xa5\xdf\x6e\x50\xda\x70\x6c\x01"
+ .ctext = "\xa5\xdf\x6e\x50\xda\x70\x6c\x01"
"\x4a\xab\xf3\xf2\xd6\xfc\x6c\xfd"
"\x19\xb4\x3e\x57\x1c\x02\x5e\xa0"
"\x15\x78\xe0\x5e\xf2\xcb\x87\x16",
- .rlen = 32,
+ .len = 32,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -30701,7 +28136,7 @@ static const struct cipher_testvec camellia_cbc_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -30827,8 +28262,7 @@ static const struct cipher_testvec camellia_cbc_enc_tv_template[] = {
"\xB1\x25\xBC\x53\xEA\x5E\xF5\x8C"
"\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
"\x72\x09\xA0\x14\xAB\x42\xD9\x4D",
- .ilen = 1008,
- .result = "\xCD\x3E\x2A\x3B\x3E\x94\xC5\x77"
+ .ctext = "\xCD\x3E\x2A\x3B\x3E\x94\xC5\x77"
"\xBA\xBB\x5B\xB1\xDE\x7B\xA4\x40"
"\x88\x39\xE3\xFD\x94\x4B\x25\x58"
"\xE1\x4B\xC4\x18\x7A\xFD\x17\x2B"
@@ -30954,310 +28388,14 @@ static const struct cipher_testvec camellia_cbc_enc_tv_template[] = {
"\x43\x94\x23\x7E\xEE\xF0\xA5\x79"
"\x55\x01\xD4\x58\xB2\xF2\x85\x49"
"\x70\xC5\xB9\x0B\x3B\x7A\x6E\x6C",
- .rlen = 1008,
- .also_non_np = 1,
- .np = 3,
- .tap = { 1008 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec camellia_cbc_dec_tv_template[] = {
- {
- .key = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
- "\x51\x2e\x03\xd5\x34\x12\x00\x06",
- .klen = 16,
- .iv = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
- "\xb4\x22\xda\x80\x2c\x9f\xac\x41",
- .input = "\xea\x32\x12\x76\x3b\x50\x10\xe7"
- "\x18\xf6\xfd\x5d\xf6\x8f\x13\x51",
- .ilen = 16,
- .result = "Single block msg",
- .rlen = 16,
- }, {
- .key = "\xc2\x86\x69\x6d\x88\x7c\x9a\xa0"
- "\x61\x1b\xbb\x3e\x20\x25\xa4\x5a",
- .klen = 16,
- .iv = "\x56\x2e\x17\x99\x6d\x09\x3d\x28"
- "\xdd\xb3\xba\x69\x5a\x2e\x6f\x58",
- .input = "\xa5\xdf\x6e\x50\xda\x70\x6c\x01"
- "\x4a\xab\xf3\xf2\xd6\xfc\x6c\xfd"
- "\x19\xb4\x3e\x57\x1c\x02\x5e\xa0"
- "\x15\x78\xe0\x5e\xf2\xcb\x87\x16",
- .ilen = 32,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
- .rlen = 32,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xCD\x3E\x2A\x3B\x3E\x94\xC5\x77"
- "\xBA\xBB\x5B\xB1\xDE\x7B\xA4\x40"
- "\x88\x39\xE3\xFD\x94\x4B\x25\x58"
- "\xE1\x4B\xC4\x18\x7A\xFD\x17\x2B"
- "\xB9\xF9\xC2\x27\x6A\xB6\x31\x27"
- "\xA6\xAD\xEF\xE5\x5D\xE4\x02\x01"
- "\x56\x2E\x10\xC2\x2C\xFF\xC6\x83"
- "\xB5\xDC\x4F\x63\xAD\x0E\x63\x5E"
- "\x56\xC8\x18\x3D\x79\x86\x97\xEF"
- "\x57\x0E\x63\xA1\xC1\x41\x48\xB8"
- "\x98\xB7\x51\x6D\x18\xF6\x19\x82"
- "\x37\x49\x88\xA4\xEF\x91\x21\x47"
- "\x03\x28\xEA\x42\xF4\xFB\x7A\x58"
- "\x28\x90\x77\x46\xD8\xD2\x35\x16"
- "\x44\xA9\x9E\x49\x52\x2A\xE4\x16"
- "\x5D\xF7\x65\xEB\x0F\xC9\x29\xE6"
- "\xCF\x76\x91\x89\x8A\x94\x39\xFA"
- "\x6B\x5F\x63\x53\x74\x43\x91\xF5"
- "\x3F\xBC\x88\x53\xB2\x1A\x02\x3F"
- "\x9D\x32\x84\xEB\x56\x28\xD6\x06"
- "\xD5\xB2\x20\xA9\xFC\xC3\x76\x62"
- "\x32\xCC\x86\xC8\x36\x67\x5E\x7E"
- "\xA4\xAA\x15\x63\x6B\xA9\x86\xAF"
- "\x1A\x52\x82\x36\x5F\xF4\x3F\x7A"
- "\x9B\x78\x62\x3B\x02\x28\x60\xB3"
- "\xBA\x82\xB1\xDD\xC9\x60\x8F\x47"
- "\xF1\x6B\xFE\xE5\x39\x34\xA0\x28"
- "\xA4\xB3\xC9\x7E\xED\x28\x8D\x70"
- "\xB2\x1D\xFD\xC6\x00\xCF\x1A\x94"
- "\x28\xF8\xC1\x34\xB7\x58\xA5\x6C"
- "\x1A\x9D\xE4\xE4\xF6\xB9\xB4\xB0"
- "\x5D\x51\x54\x9A\x53\xA0\xF9\x32"
- "\xBD\x31\x54\x14\x7B\x33\xEE\x17"
- "\xD3\xC7\x1F\x48\xBF\x0B\x22\xA2"
- "\x7D\x0C\xDF\xD0\x2E\x98\xFA\xD2"
- "\xFA\xCF\x24\x1D\x99\x9B\xD0\x7E"
- "\xF4\x4F\x88\xFF\x45\x99\x4A\xF4"
- "\xF2\x0A\x5B\x3B\x21\xAB\x92\xAE"
- "\x40\x78\x91\x95\xC4\x2F\xA3\xE8"
- "\x18\xC7\x07\xA6\xC8\xC0\x66\x33"
- "\x35\xC0\xB4\xA0\xF8\xEE\x1E\xF3"
- "\x40\xF5\x40\x54\xF1\x84\x8C\xEA"
- "\x27\x38\x1F\xF8\x77\xC7\xDF\xD8"
- "\x1D\xE2\xD9\x59\x40\x4F\x59\xD4"
- "\xF8\x17\x99\x8D\x58\x2D\x72\x44"
- "\x9D\x1D\x91\x64\xD6\x3F\x0A\x82"
- "\xC7\x57\x3D\xEF\xD3\x41\xFA\xA7"
- "\x68\xA3\xB8\xA5\x93\x74\x2E\x85"
- "\x4C\x9D\x69\x59\xCE\x15\xAE\xBF"
- "\x9C\x8F\x14\x64\x5D\x7F\xCF\x0B"
- "\xCE\x43\x5D\x28\xC0\x2F\xFB\x18"
- "\x79\x9A\xFC\x43\x16\x7C\x6B\x7B"
- "\x38\xB8\x48\x36\x66\x4E\x20\x43"
- "\xBA\x76\x13\x9A\xC3\xF2\xEB\x52"
- "\xD7\xDC\xB2\x67\x63\x14\x25\xCD"
- "\xB1\x13\x4B\xDE\x8C\x59\x21\x84"
- "\x81\x8D\x97\x23\x45\x33\x7C\xF3"
- "\xC5\xBC\x79\x95\xAA\x84\x68\x31"
- "\x2D\x1A\x68\xFE\xEC\x92\x94\xDA"
- "\x94\x2A\x6F\xD6\xFE\xE5\x76\x97"
- "\xF4\x6E\xEE\xCB\x2B\x95\x4E\x36"
- "\x5F\x74\x8C\x86\x5B\x71\xD0\x20"
- "\x78\x1A\x7F\x18\x8C\xD9\xCD\xF5"
- "\x21\x41\x56\x72\x13\xE1\x86\x07"
- "\x07\x26\xF3\x4F\x7B\xEA\xB5\x18"
- "\xFE\x94\x2D\x9F\xE0\x72\x18\x65"
- "\xB2\xA5\x63\x48\xB4\x13\x22\xF7"
- "\x25\xF1\x80\xA8\x7F\x54\x86\x7B"
- "\x39\xAE\x95\x0C\x09\x32\x22\x2D"
- "\x4D\x73\x39\x0C\x09\x2C\x7C\x10"
- "\xD0\x4B\x53\xF6\x90\xC5\x99\x2F"
- "\x15\xE1\x7F\xC6\xC5\x7A\x52\x14"
- "\x65\xEE\x93\x54\xD0\x66\x15\x3C"
- "\x4C\x68\xFD\x64\x0F\xF9\x10\x39"
- "\x46\x7A\xDD\x97\x20\xEE\xC7\xD2"
- "\x98\x4A\xB6\xE6\xF5\xA8\x1F\x4F"
- "\xDB\xAB\x6D\xD5\x9B\x34\x16\x97"
- "\x2F\x64\xE5\x37\xEF\x0E\xA1\xE9"
- "\xBE\x31\x31\x96\x8B\x40\x18\x75"
- "\x11\x75\x14\x32\xA5\x2D\x1B\x6B"
- "\xDB\x59\xEB\xFA\x3D\x8E\x7C\xC4"
- "\xDE\x68\xC8\x9F\xC9\x99\xE3\xC6"
- "\x71\xB0\x12\x57\x89\x0D\xC0\x2B"
- "\x9F\x12\x6A\x04\x67\xF1\x95\x31"
- "\x59\xFD\x84\x95\x2C\x9C\x5B\xEC"
- "\x09\xB0\x43\x96\x4A\x64\x80\x40"
- "\xB9\x72\x19\xDD\x70\x42\xFA\xB1"
- "\x4A\x2C\x0C\x0A\x60\x6E\xE3\x7C"
- "\x37\x5A\xBE\xA4\x62\xCF\x29\xAB"
- "\x7F\x4D\xA6\xB3\xE2\xB6\x64\xC6"
- "\x33\x0B\xF3\xD5\x01\x38\x74\xA4"
- "\x67\x1E\x75\x68\xC3\xAD\x76\xE9"
- "\xE9\xBC\xF0\xEB\xD8\xFD\x31\x8A"
- "\x5F\xC9\x18\x94\x4B\x86\x66\xFC"
- "\xBD\x0B\x3D\xB3\x9F\xFA\x1F\xD9"
- "\x78\xC4\xE3\x24\x1C\x67\xA2\xF8"
- "\x43\xBC\x76\x75\xBF\x6C\x05\xB3"
- "\x32\xE8\x7C\x80\xDB\xC7\xB6\x61"
- "\x1A\x3E\x2B\xA7\x25\xED\x8F\xA0"
- "\x00\x4B\xF8\x90\xCA\xD8\xFB\x12"
- "\xAC\x1F\x18\xE9\xD2\x5E\xA2\x8E"
- "\xE4\x84\x6B\x9D\xEB\x1E\x6B\xA3"
- "\x7B\xDC\xCE\x15\x97\x27\xB2\x65"
- "\xBC\x0E\x47\xAB\x55\x13\x53\xAB"
- "\x0E\x34\x55\x02\x5F\x27\xC5\x89"
- "\xDF\xC5\x70\xC4\xDD\x76\x82\xEE"
- "\x68\xA6\x09\xB0\xE5\x5E\xF1\x0C"
- "\xE3\xF3\x09\x9B\xFE\x65\x4B\xB8"
- "\x30\xEC\xD5\x7C\x6A\xEC\x1D\xD2"
- "\x93\xB7\xA1\x1A\x02\xD4\xC0\xD6"
- "\x8D\x4D\x83\x9A\xED\x29\x4E\x14"
- "\x86\xD5\x3C\x1A\xD5\xB9\x0A\x6A"
- "\x72\x22\xD5\x92\x38\xF1\xA1\x86"
- "\xB2\x41\x51\xCA\x4E\xAB\x8F\xD3"
- "\x80\x56\xC3\xD7\x65\xE1\xB3\x86"
- "\xCB\xCE\x98\xA1\xD4\x59\x1C\x06"
- "\x01\xED\xF8\x29\x91\x19\x5C\x9A"
- "\xEE\x28\x1B\x48\xD7\x32\xEF\x9F"
- "\x6C\x2B\x66\x4E\x78\xD5\x8B\x72"
- "\x80\xE7\x29\xDC\x23\x55\x98\x54"
- "\xB1\xFF\x3E\x95\x56\xA8\x78\x78"
- "\xEF\xC4\xA5\x11\x2D\x2B\xD8\x93"
- "\x30\x6E\x7E\x51\xBB\x42\x5F\x03"
- "\x43\x94\x23\x7E\xEE\xF0\xA5\x79"
- "\x55\x01\xD4\x58\xB2\xF2\x85\x49"
- "\x70\xC5\xB9\x0B\x3B\x7A\x6E\x6C",
- .ilen = 1008,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06"
- "\x9D\x34\xCB\x3F\xD6\x6D\x04\x78"
- "\x0F\xA6\x1A\xB1\x48\xDF\x53\xEA"
- "\x81\x18\x8C\x23\xBA\x2E\xC5\x5C"
- "\xF3\x67\xFE\x95\x09\xA0\x37\xCE"
- "\x42\xD9\x70\x07\x7B\x12\xA9\x1D"
- "\xB4\x4B\xE2\x56\xED\x84\x1B\x8F"
- "\x26\xBD\x31\xC8\x5F\xF6\x6A\x01"
- "\x98\x0C\xA3\x3A\xD1\x45\xDC\x73"
- "\x0A\x7E\x15\xAC\x20\xB7\x4E\xE5"
- "\x59\xF0\x87\x1E\x92\x29\xC0\x34"
- "\xCB\x62\xF9\x6D\x04\x9B\x0F\xA6"
- "\x3D\xD4\x48\xDF\x76\x0D\x81\x18"
- "\xAF\x23\xBA\x51\xE8\x5C\xF3\x8A"
- "\x21\x95\x2C\xC3\x37\xCE\x65\xFC"
- "\x70\x07\x9E\x12\xA9\x40\xD7\x4B"
- "\xE2\x79\x10\x84\x1B\xB2\x26\xBD"
- "\x54\xEB\x5F\xF6\x8D\x01\x98\x2F"
- "\xC6\x3A\xD1\x68\xFF\x73\x0A\xA1"
- "\x15\xAC\x43\xDA\x4E\xE5\x7C\x13"
- "\x87\x1E\xB5\x29\xC0\x57\xEE\x62"
- "\xF9\x90\x04\x9B\x32\xC9\x3D\xD4"
- "\x6B\x02\x76\x0D\xA4\x18\xAF\x46"
- "\xDD\x51\xE8\x7F\x16\x8A\x21\xB8"
- "\x2C\xC3\x5A\xF1\x65\xFC\x93\x07"
- "\x9E\x35\xCC\x40\xD7\x6E\x05\x79"
- "\x10\xA7\x1B\xB2\x49\xE0\x54\xEB"
- "\x82\x19\x8D\x24\xBB\x2F\xC6\x5D"
- "\xF4\x68\xFF\x96\x0A\xA1\x38\xCF"
- "\x43\xDA\x71\x08\x7C\x13\xAA\x1E"
- "\xB5\x4C\xE3\x57\xEE\x85\x1C\x90"
- "\x27\xBE\x32\xC9\x60\xF7\x6B\x02"
- "\x99\x0D\xA4\x3B\xD2\x46\xDD\x74"
- "\x0B\x7F\x16\xAD\x21\xB8\x4F\xE6"
- "\x5A\xF1\x88\x1F\x93\x2A\xC1\x35"
- "\xCC\x63\xFA\x6E\x05\x9C\x10\xA7"
- "\x3E\xD5\x49\xE0\x77\x0E\x82\x19"
- "\xB0\x24\xBB\x52\xE9\x5D\xF4\x8B"
- "\x22\x96\x2D\xC4\x38\xCF\x66\xFD"
- "\x71\x08\x9F\x13\xAA\x41\xD8\x4C"
- "\xE3\x7A\x11\x85\x1C\xB3\x27\xBE"
- "\x55\xEC\x60\xF7\x8E\x02\x99\x30"
- "\xC7\x3B\xD2\x69\x00\x74\x0B\xA2"
- "\x16\xAD\x44\xDB\x4F\xE6\x7D\x14"
- "\x88\x1F\xB6\x2A\xC1\x58\xEF\x63"
- "\xFA\x91\x05\x9C\x33\xCA\x3E\xD5"
- "\x6C\x03\x77\x0E\xA5\x19\xB0\x47"
- "\xDE\x52\xE9\x80\x17\x8B\x22\xB9"
- "\x2D\xC4\x5B\xF2\x66\xFD\x94\x08"
- "\x9F\x36\xCD\x41\xD8\x6F\x06\x7A"
- "\x11\xA8\x1C\xB3\x4A\xE1\x55\xEC"
- "\x83\x1A\x8E\x25\xBC\x30\xC7\x5E"
- "\xF5\x69\x00\x97\x0B\xA2\x39\xD0"
- "\x44\xDB\x72\x09\x7D\x14\xAB\x1F"
- "\xB6\x4D\xE4\x58\xEF\x86\x1D\x91"
- "\x28\xBF\x33\xCA\x61\xF8\x6C\x03"
- "\x9A\x0E\xA5\x3C\xD3\x47\xDE\x75"
- "\x0C\x80\x17\xAE\x22\xB9\x50\xE7"
- "\x5B\xF2\x89\x20\x94\x2B\xC2\x36"
- "\xCD\x64\xFB\x6F\x06\x9D\x11\xA8"
- "\x3F\xD6\x4A\xE1\x78\x0F\x83\x1A"
- "\xB1\x25\xBC\x53\xEA\x5E\xF5\x8C"
- "\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
- "\x72\x09\xA0\x14\xAB\x42\xD9\x4D",
- .rlen = 1008,
+ .len = 1008,
.also_non_np = 1,
.np = 3,
.tap = { 1008 - 20, 4, 16 },
},
};
-static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
+static const struct cipher_testvec camellia_ctr_tv_template[] = {
{ /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -31266,7 +28404,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -31328,8 +28466,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
"\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
"\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
"\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .ilen = 496,
- .result = "\xF3\x06\x3A\x84\xCD\xBA\x8E\x11"
+ .ctext = "\xF3\x06\x3A\x84\xCD\xBA\x8E\x11"
"\xB7\x74\x6F\x5C\x97\xFB\x36\xFE"
"\xDE\x71\x58\xD4\x15\xD1\xC1\xA4"
"\xC9\x28\x74\xA6\x6B\xC7\x95\xA6"
@@ -31391,7 +28528,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
"\x7E\x42\xEC\xB6\x6F\x4D\x6B\x48"
"\xE6\xA6\x50\x80\x78\x9E\xF1\xB0"
"\x4D\xB2\x0D\x3D\xFC\x40\x25\x4D",
- .rlen = 496,
+ .len = 496,
}, { /* Generated with Crypto++ */
.key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
"\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
@@ -31400,7 +28537,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
"\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -31527,8 +28664,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
"\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
"\x72\x09\xA0\x14\xAB\x42\xD9\x4D"
"\xE4\x7B\x12",
- .ilen = 1011,
- .result = "\xF3\x06\x3A\x84\xCD\xBA\x8E\x11"
+ .ctext = "\xF3\x06\x3A\x84\xCD\xBA\x8E\x11"
"\xB7\x74\x6F\x5C\x97\xFB\x36\xFE"
"\xDE\x71\x58\xD4\x15\xD1\xC1\xA4"
"\xC9\x28\x74\xA6\x6B\xC7\x95\xA6"
@@ -31655,7 +28791,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
"\x45\xE3\x35\x0D\x69\x91\x54\x1C"
"\xE7\x2C\x49\x08\x8B\x72\xFA\x5C"
"\xF1\x6B\xD9",
- .rlen = 1011,
+ .len = 1011,
.also_non_np = 1,
.np = 2,
.tap = { 1011 - 16, 16 },
@@ -31667,7 +28803,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
.klen = 32,
.iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
+ .ptext = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
"\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
"\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
"\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
@@ -31793,8 +28929,7 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
"\xB1\x25\xBC\x53\xEA\x5E\xF5\x8C"
"\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
"\x72\x09\xA0\x14\xAB\x42\xD9\x4D",
- .ilen = 1008,
- .result = "\x85\x79\x6C\x8B\x2B\x6D\x14\xF9"
+ .ctext = "\x85\x79\x6C\x8B\x2B\x6D\x14\xF9"
"\xA6\x83\xB6\x80\x5B\x3A\xF3\x7E"
"\x30\x29\xEB\x1F\xDC\x19\x5F\xEB"
"\xF7\xC4\x27\x04\x51\x87\xD7\x6F"
@@ -31920,678 +29055,11 @@ static const struct cipher_testvec camellia_ctr_enc_tv_template[] = {
"\xC5\x9B\x03\x70\x29\x2A\x49\x09"
"\x67\xA1\xEA\xD6\x3A\x5B\xBF\x71"
"\x1D\x48\x64\x6C\xFB\xC0\x9E\x36",
- .rlen = 1008,
+ .len = 1008,
},
};
-static const struct cipher_testvec camellia_ctr_dec_tv_template[] = {
- { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xF3\x06\x3A\x84\xCD\xBA\x8E\x11"
- "\xB7\x74\x6F\x5C\x97\xFB\x36\xFE"
- "\xDE\x71\x58\xD4\x15\xD1\xC1\xA4"
- "\xC9\x28\x74\xA6\x6B\xC7\x95\xA6"
- "\x6C\x77\xF7\x2F\xDF\xC7\xBB\x85"
- "\x60\xFC\xE8\x94\xE8\xB5\x09\x2C"
- "\x1E\x43\xEF\x6C\xE9\x98\xC5\xA0"
- "\x7B\x13\xE5\x7F\xF8\x49\x9A\x8C"
- "\xE6\x7B\x08\xC3\x32\x66\x55\x4E"
- "\xA5\x44\x1D\x2C\x18\xC7\x29\x1F"
- "\x61\x28\x4A\xE3\xCD\xE5\x47\xB2"
- "\x82\x2F\x66\x83\x91\x51\xAE\xD7"
- "\x1C\x91\x3C\x57\xE3\x1D\x5A\xC9"
- "\xFD\xC5\x58\x58\xEF\xCC\x33\xC9"
- "\x0F\xEA\x26\x32\xD1\x15\x19\x2D"
- "\x25\xB4\x7F\xB0\xDF\xFB\x88\x60"
- "\x4E\x4D\x06\x7D\xCC\x1F\xED\x3B"
- "\x68\x84\xD5\xB3\x1B\xE7\xB9\xA1"
- "\x68\x8B\x2C\x1A\x44\xDA\x63\xD3"
- "\x29\xE9\x59\x32\x1F\x30\x1C\x43"
- "\xEA\x3A\xA3\x6B\x54\x3C\xAA\x11"
- "\xAD\x38\x20\xC9\xB9\x8A\x64\x66"
- "\x5A\x07\x49\xDF\xA1\x9C\xF9\x76"
- "\x36\x65\xB6\x81\x8F\x76\x09\xE5"
- "\xEB\xD1\x29\xA4\xE4\xF4\x4C\xCD"
- "\xAF\xFC\xB9\x16\xD9\xC3\x73\x6A"
- "\x33\x12\xF8\x7E\xBC\xCC\x7D\x80"
- "\xBF\x3C\x25\x06\x13\x84\xFA\x35"
- "\xF7\x40\xFA\xA1\x44\x13\x70\xD8"
- "\x01\xF9\x85\x15\x63\xEC\x7D\xB9"
- "\x02\xD8\xBA\x41\x6C\x92\x68\x66"
- "\x95\xDD\xD6\x42\xE7\xBB\xE1\xFD"
- "\x28\x3E\x94\xB6\xBD\xA7\xBF\x47"
- "\x58\x8D\xFF\x19\x30\x75\x0D\x48"
- "\x94\xE9\xA6\xCD\xB3\x8E\x1E\xCD"
- "\x59\xBC\x1A\xAC\x3C\x4F\xA9\xEB"
- "\xF4\xA7\xE4\x75\x4A\x18\x40\xC9"
- "\x1E\xEC\x06\x9C\x28\x4B\xF7\x2B"
- "\xE2\xEF\xD6\x42\x2E\xBB\xFC\x0A"
- "\x79\xA2\x99\x28\x93\x1B\x00\x57"
- "\x35\x1E\x1A\x93\x90\xA4\x68\x95"
- "\x5E\x57\x40\xD5\xA9\xAA\x19\x48"
- "\xEC\xFF\x76\x77\xDC\x78\x89\x76"
- "\xE5\x3B\x00\xEC\x58\x4D\xD1\xE3"
- "\xC8\x6C\x2C\x45\x5E\x5F\xD9\x4E"
- "\x71\xA5\x36\x6D\x03\xF1\xC7\xD5"
- "\xF3\x63\xC0\xD8\xCB\x2B\xF1\xA8"
- "\xB9\x2B\xE6\x0B\xB9\x65\x78\xA0"
- "\xC4\x46\xE6\x9B\x8B\x43\x2D\xAB"
- "\x70\xA6\xE0\x59\x1E\xAC\x9D\xE0"
- "\x76\x44\x45\xF3\x24\x11\x57\x98"
- "\x9A\x86\xB4\x12\x80\x28\x86\x20"
- "\x23\x9D\x2D\xE9\x38\x32\xB1\xE1"
- "\xCF\x0A\x23\x73\x7D\xC5\x80\x3D"
- "\x9F\x6D\xA0\xD0\xEE\x93\x8A\x79"
- "\x3A\xDD\x1D\xBB\x9E\x26\x5D\x01"
- "\x44\xD0\xD4\x4E\xC3\xF1\xE4\x38"
- "\x09\x62\x0A\x1A\x4E\xD2\x63\x0F"
- "\x6E\x3E\xD2\xA4\x3A\xF4\xF3\xFF"
- "\x7E\x42\xEC\xB6\x6F\x4D\x6B\x48"
- "\xE6\xA6\x50\x80\x78\x9E\xF1\xB0"
- "\x4D\xB2\x0D\x3D\xFC\x40\x25\x4D",
- .ilen = 496,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7",
- .rlen = 496,
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
- "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
- .input = "\xF3\x06\x3A\x84\xCD\xBA\x8E\x11"
- "\xB7\x74\x6F\x5C\x97\xFB\x36\xFE"
- "\xDE\x71\x58\xD4\x15\xD1\xC1\xA4"
- "\xC9\x28\x74\xA6\x6B\xC7\x95\xA6"
- "\x6C\x77\xF7\x2F\xDF\xC7\xBB\x85"
- "\x60\xFC\xE8\x94\xE8\xB5\x09\x2C"
- "\x1E\x43\xEF\x6C\xE9\x98\xC5\xA0"
- "\x7B\x13\xE5\x7F\xF8\x49\x9A\x8C"
- "\xE6\x7B\x08\xC3\x32\x66\x55\x4E"
- "\xA5\x44\x1D\x2C\x18\xC7\x29\x1F"
- "\x61\x28\x4A\xE3\xCD\xE5\x47\xB2"
- "\x82\x2F\x66\x83\x91\x51\xAE\xD7"
- "\x1C\x91\x3C\x57\xE3\x1D\x5A\xC9"
- "\xFD\xC5\x58\x58\xEF\xCC\x33\xC9"
- "\x0F\xEA\x26\x32\xD1\x15\x19\x2D"
- "\x25\xB4\x7F\xB0\xDF\xFB\x88\x60"
- "\x4E\x4D\x06\x7D\xCC\x1F\xED\x3B"
- "\x68\x84\xD5\xB3\x1B\xE7\xB9\xA1"
- "\x68\x8B\x2C\x1A\x44\xDA\x63\xD3"
- "\x29\xE9\x59\x32\x1F\x30\x1C\x43"
- "\xEA\x3A\xA3\x6B\x54\x3C\xAA\x11"
- "\xAD\x38\x20\xC9\xB9\x8A\x64\x66"
- "\x5A\x07\x49\xDF\xA1\x9C\xF9\x76"
- "\x36\x65\xB6\x81\x8F\x76\x09\xE5"
- "\xEB\xD1\x29\xA4\xE4\xF4\x4C\xCD"
- "\xAF\xFC\xB9\x16\xD9\xC3\x73\x6A"
- "\x33\x12\xF8\x7E\xBC\xCC\x7D\x80"
- "\xBF\x3C\x25\x06\x13\x84\xFA\x35"
- "\xF7\x40\xFA\xA1\x44\x13\x70\xD8"
- "\x01\xF9\x85\x15\x63\xEC\x7D\xB9"
- "\x02\xD8\xBA\x41\x6C\x92\x68\x66"
- "\x95\xDD\xD6\x42\xE7\xBB\xE1\xFD"
- "\x28\x3E\x94\xB6\xBD\xA7\xBF\x47"
- "\x58\x8D\xFF\x19\x30\x75\x0D\x48"
- "\x94\xE9\xA6\xCD\xB3\x8E\x1E\xCD"
- "\x59\xBC\x1A\xAC\x3C\x4F\xA9\xEB"
- "\xF4\xA7\xE4\x75\x4A\x18\x40\xC9"
- "\x1E\xEC\x06\x9C\x28\x4B\xF7\x2B"
- "\xE2\xEF\xD6\x42\x2E\xBB\xFC\x0A"
- "\x79\xA2\x99\x28\x93\x1B\x00\x57"
- "\x35\x1E\x1A\x93\x90\xA4\x68\x95"
- "\x5E\x57\x40\xD5\xA9\xAA\x19\x48"
- "\xEC\xFF\x76\x77\xDC\x78\x89\x76"
- "\xE5\x3B\x00\xEC\x58\x4D\xD1\xE3"
- "\xC8\x6C\x2C\x45\x5E\x5F\xD9\x4E"
- "\x71\xA5\x36\x6D\x03\xF1\xC7\xD5"
- "\xF3\x63\xC0\xD8\xCB\x2B\xF1\xA8"
- "\xB9\x2B\xE6\x0B\xB9\x65\x78\xA0"
- "\xC4\x46\xE6\x9B\x8B\x43\x2D\xAB"
- "\x70\xA6\xE0\x59\x1E\xAC\x9D\xE0"
- "\x76\x44\x45\xF3\x24\x11\x57\x98"
- "\x9A\x86\xB4\x12\x80\x28\x86\x20"
- "\x23\x9D\x2D\xE9\x38\x32\xB1\xE1"
- "\xCF\x0A\x23\x73\x7D\xC5\x80\x3D"
- "\x9F\x6D\xA0\xD0\xEE\x93\x8A\x79"
- "\x3A\xDD\x1D\xBB\x9E\x26\x5D\x01"
- "\x44\xD0\xD4\x4E\xC3\xF1\xE4\x38"
- "\x09\x62\x0A\x1A\x4E\xD2\x63\x0F"
- "\x6E\x3E\xD2\xA4\x3A\xF4\xF3\xFF"
- "\x7E\x42\xEC\xB6\x6F\x4D\x6B\x48"
- "\xE6\xA6\x50\x80\x78\x9E\xF1\xB0"
- "\x4D\xB2\x0D\x3D\xFC\x40\x25\x4D"
- "\x93\x11\x1C\xE9\xD2\x9F\x6E\x90"
- "\xE5\x41\x4A\xE2\x3C\x45\x29\x35"
- "\xEC\xD6\x47\x50\xCB\x7B\xA2\x32"
- "\xF7\x8B\x62\xF1\xE3\x9A\xFE\xC7"
- "\x1D\x8C\x02\x72\x68\x09\xE9\xB6"
- "\x4A\x80\xE6\xB1\x56\xDF\x90\xD4"
- "\x93\x74\xA4\xCE\x20\x23\xBF\x48"
- "\xA5\xDE\x1B\xFA\x40\x69\x31\x98"
- "\x62\x6E\xA5\xC7\xBF\x0C\x62\xE5"
- "\x6D\xE1\x93\xF1\x83\x10\x1C\xCA"
- "\xF6\x5C\x19\xF8\x90\x78\xCB\xE4"
- "\x0B\x3A\xB5\xF8\x43\x86\xD3\x3F"
- "\xBA\x83\x34\x3C\x42\xCC\x7D\x28"
- "\x29\x63\x4F\xD8\x02\x17\xC5\x07"
- "\x2C\xA4\xAC\x79\xCB\xC3\xA9\x09"
- "\x81\x45\x18\xED\xE4\xCB\x42\x3B"
- "\x87\x2D\x23\xDC\xC5\xBA\x45\xBD"
- "\x92\xE5\x02\x97\x96\xCE\xAD\xEC"
- "\xBA\xD8\x76\xF8\xCA\xC1\x31\xEC"
- "\x1E\x4F\x3F\x83\xF8\x33\xE8\x6E"
- "\xCC\xF8\x5F\xDD\x65\x50\x99\x69"
- "\xAF\x48\xCE\xA5\xBA\xB6\x14\x9F"
- "\x05\x93\xB2\xE6\x59\xC8\x28\xFE"
- "\x8F\x37\xF9\x64\xB9\xA5\x56\x8F"
- "\xF1\x1B\x90\xEF\xAE\xEB\xFC\x09"
- "\x11\x7A\xF2\x19\x0A\x0A\x9A\x3C"
- "\xE2\x5E\x29\xFA\x31\x9B\xC1\x74"
- "\x1E\x10\x3E\x07\xA9\x31\x6D\xF8"
- "\x81\xF5\xD5\x8A\x04\x23\x51\xAC"
- "\xA2\xE2\x63\xFD\x27\x1F\x79\x5B"
- "\x1F\xE8\xDA\x11\x49\x4D\x1C\xBA"
- "\x54\xCC\x0F\xBA\x92\x69\xE5\xCB"
- "\x41\x1A\x67\xA6\x40\x82\x70\x8C"
- "\x19\x79\x08\xA4\x51\x20\x7D\xC9"
- "\x12\x27\xAE\x20\x0D\x2C\xA1\x6D"
- "\xF4\x55\xD4\xE7\xE6\xD4\x28\x08"
- "\x00\x70\x12\x56\x56\x50\xAD\x14"
- "\x5C\x3E\xA2\xD1\x36\x3F\x36\x48"
- "\xED\xB1\x57\x3E\x5D\x15\xF6\x1E"
- "\x53\xE9\xA4\x3E\xED\x7D\xCF\x7D"
- "\x29\xAF\xF3\x1E\x51\xA8\x9F\x85"
- "\x8B\xF0\xBB\xCE\xCC\x39\xC3\x64"
- "\x4B\xF2\xAD\x70\x19\xD4\x44\x8F"
- "\x91\x76\xE8\x15\x66\x34\x9F\xF6"
- "\x0F\x15\xA4\xA8\x24\xF8\x58\xB1"
- "\x38\x46\x47\xC7\x9B\xCA\xE9\x42"
- "\x44\xAA\xE6\xB5\x9C\x91\xA4\xD3"
- "\x16\xA0\xED\x42\xBE\xB5\x06\x19"
- "\xBE\x67\xE8\xBC\x22\x32\xA4\x1E"
- "\x93\xEB\xBE\xE9\xE1\x93\xE5\x31"
- "\x3A\xA2\x75\xDF\xE3\x6B\xE7\xCC"
- "\xB4\x70\x20\xE0\x6D\x82\x7C\xC8"
- "\x94\x5C\x5E\x37\x18\xAD\xED\x8B"
- "\x44\x86\xCA\x5E\x07\xB7\x70\x8D"
- "\x40\x48\x19\x73\x7C\x78\x64\x0B"
- "\xDB\x01\xCA\xAE\x63\x19\xE9\xD1"
- "\x6B\x2C\x84\x10\x45\x42\x2E\xC3"
- "\xDF\x7F\xAA\xE8\x87\x1B\x63\x46"
- "\x74\x28\x9D\x05\x30\x20\x62\x41"
- "\xC0\x9F\x2C\x36\x2B\x78\xD7\x26"
- "\xDF\x58\x51\xED\xFA\xDC\x87\x79"
- "\xBF\x8C\xBF\xC4\x0F\xE5\x05\xDA"
- "\x45\xE3\x35\x0D\x69\x91\x54\x1C"
- "\xE7\x2C\x49\x08\x8B\x72\xFA\x5C"
- "\xF1\x6B\xD9",
- .ilen = 1011,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06"
- "\x9D\x34\xCB\x3F\xD6\x6D\x04\x78"
- "\x0F\xA6\x1A\xB1\x48\xDF\x53\xEA"
- "\x81\x18\x8C\x23\xBA\x2E\xC5\x5C"
- "\xF3\x67\xFE\x95\x09\xA0\x37\xCE"
- "\x42\xD9\x70\x07\x7B\x12\xA9\x1D"
- "\xB4\x4B\xE2\x56\xED\x84\x1B\x8F"
- "\x26\xBD\x31\xC8\x5F\xF6\x6A\x01"
- "\x98\x0C\xA3\x3A\xD1\x45\xDC\x73"
- "\x0A\x7E\x15\xAC\x20\xB7\x4E\xE5"
- "\x59\xF0\x87\x1E\x92\x29\xC0\x34"
- "\xCB\x62\xF9\x6D\x04\x9B\x0F\xA6"
- "\x3D\xD4\x48\xDF\x76\x0D\x81\x18"
- "\xAF\x23\xBA\x51\xE8\x5C\xF3\x8A"
- "\x21\x95\x2C\xC3\x37\xCE\x65\xFC"
- "\x70\x07\x9E\x12\xA9\x40\xD7\x4B"
- "\xE2\x79\x10\x84\x1B\xB2\x26\xBD"
- "\x54\xEB\x5F\xF6\x8D\x01\x98\x2F"
- "\xC6\x3A\xD1\x68\xFF\x73\x0A\xA1"
- "\x15\xAC\x43\xDA\x4E\xE5\x7C\x13"
- "\x87\x1E\xB5\x29\xC0\x57\xEE\x62"
- "\xF9\x90\x04\x9B\x32\xC9\x3D\xD4"
- "\x6B\x02\x76\x0D\xA4\x18\xAF\x46"
- "\xDD\x51\xE8\x7F\x16\x8A\x21\xB8"
- "\x2C\xC3\x5A\xF1\x65\xFC\x93\x07"
- "\x9E\x35\xCC\x40\xD7\x6E\x05\x79"
- "\x10\xA7\x1B\xB2\x49\xE0\x54\xEB"
- "\x82\x19\x8D\x24\xBB\x2F\xC6\x5D"
- "\xF4\x68\xFF\x96\x0A\xA1\x38\xCF"
- "\x43\xDA\x71\x08\x7C\x13\xAA\x1E"
- "\xB5\x4C\xE3\x57\xEE\x85\x1C\x90"
- "\x27\xBE\x32\xC9\x60\xF7\x6B\x02"
- "\x99\x0D\xA4\x3B\xD2\x46\xDD\x74"
- "\x0B\x7F\x16\xAD\x21\xB8\x4F\xE6"
- "\x5A\xF1\x88\x1F\x93\x2A\xC1\x35"
- "\xCC\x63\xFA\x6E\x05\x9C\x10\xA7"
- "\x3E\xD5\x49\xE0\x77\x0E\x82\x19"
- "\xB0\x24\xBB\x52\xE9\x5D\xF4\x8B"
- "\x22\x96\x2D\xC4\x38\xCF\x66\xFD"
- "\x71\x08\x9F\x13\xAA\x41\xD8\x4C"
- "\xE3\x7A\x11\x85\x1C\xB3\x27\xBE"
- "\x55\xEC\x60\xF7\x8E\x02\x99\x30"
- "\xC7\x3B\xD2\x69\x00\x74\x0B\xA2"
- "\x16\xAD\x44\xDB\x4F\xE6\x7D\x14"
- "\x88\x1F\xB6\x2A\xC1\x58\xEF\x63"
- "\xFA\x91\x05\x9C\x33\xCA\x3E\xD5"
- "\x6C\x03\x77\x0E\xA5\x19\xB0\x47"
- "\xDE\x52\xE9\x80\x17\x8B\x22\xB9"
- "\x2D\xC4\x5B\xF2\x66\xFD\x94\x08"
- "\x9F\x36\xCD\x41\xD8\x6F\x06\x7A"
- "\x11\xA8\x1C\xB3\x4A\xE1\x55\xEC"
- "\x83\x1A\x8E\x25\xBC\x30\xC7\x5E"
- "\xF5\x69\x00\x97\x0B\xA2\x39\xD0"
- "\x44\xDB\x72\x09\x7D\x14\xAB\x1F"
- "\xB6\x4D\xE4\x58\xEF\x86\x1D\x91"
- "\x28\xBF\x33\xCA\x61\xF8\x6C\x03"
- "\x9A\x0E\xA5\x3C\xD3\x47\xDE\x75"
- "\x0C\x80\x17\xAE\x22\xB9\x50\xE7"
- "\x5B\xF2\x89\x20\x94\x2B\xC2\x36"
- "\xCD\x64\xFB\x6F\x06\x9D\x11\xA8"
- "\x3F\xD6\x4A\xE1\x78\x0F\x83\x1A"
- "\xB1\x25\xBC\x53\xEA\x5E\xF5\x8C"
- "\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
- "\x72\x09\xA0\x14\xAB\x42\xD9\x4D"
- "\xE4\x7B\x12",
- .rlen = 1011,
- .also_non_np = 1,
- .np = 2,
- .tap = { 1011 - 16, 16 },
- }, { /* Generated with Crypto++ */
- .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
- "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
- "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
- "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
- .klen = 32,
- .iv = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
- "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFD",
- .input = "\x85\x79\x6C\x8B\x2B\x6D\x14\xF9"
- "\xA6\x83\xB6\x80\x5B\x3A\xF3\x7E"
- "\x30\x29\xEB\x1F\xDC\x19\x5F\xEB"
- "\xF7\xC4\x27\x04\x51\x87\xD7\x6F"
- "\xB8\x4E\x07\xFB\xAC\x3B\x08\xB4"
- "\x4D\xCB\xE8\xE1\x71\x7D\x4F\x48"
- "\xCD\x81\x64\xA5\xC4\x07\x1A\x9A"
- "\x4B\x62\x90\x0E\xC8\xB3\x2B\x6B"
- "\x8F\x9C\x6E\x72\x4B\xBA\xEF\x07"
- "\x2C\x56\x07\x5E\x37\x30\x60\xA9"
- "\xE3\xEF\xD6\x69\xE1\xA1\x77\x64"
- "\x93\x75\x7A\xB7\x7A\x3B\xE9\x43"
- "\x23\x35\x95\x91\x80\x8A\xC7\xCF"
- "\xC3\xD5\xBF\xE7\xFE\x4C\x06\x6B"
- "\x05\x19\x48\xE2\x62\xBA\x4F\xF2"
- "\xFB\xEE\xE4\xCB\x79\x9D\xA3\x10"
- "\x1D\x29\x8C\x1D\x7A\x88\x5A\xDD"
- "\x4E\xB6\x18\xAA\xCD\xE6\x33\x96"
- "\xD9\x0F\x90\x5A\x78\x76\x4D\x77"
- "\x3C\x20\x89\x3B\xA3\xF9\x07\xFD"
- "\xE4\xE8\x20\x2D\x15\x0A\x63\x49"
- "\xF5\x4F\x89\xD8\xDE\xA1\x28\x78"
- "\x28\x07\x09\x1B\x03\x94\x1D\x4B"
- "\x82\x28\x1E\x1D\x95\xBA\xAC\x85"
- "\x71\x6E\x3C\x18\x4B\x77\x74\x79"
- "\xBF\x67\x0A\x53\x3C\x94\xD9\x60"
- "\xE9\x6D\x40\x34\xA0\x2A\x53\x5D"
- "\x27\xD5\x47\xF9\xC3\x4B\x27\x29"
- "\xE4\x76\x9C\x3F\xA7\x1C\x87\xFC"
- "\x6E\x0F\xCF\x9B\x60\xF0\xF0\x8B"
- "\x70\x1C\x84\x81\x72\x4D\xB4\x98"
- "\x23\x62\xE7\x6A\x2B\xFC\xA5\xB2"
- "\xFF\xF5\x71\x07\xCD\x90\x23\x13"
- "\x19\xD7\x79\x36\x6C\x9D\x55\x8B"
- "\x93\x78\x86\x05\x69\x46\xD0\xC5"
- "\x39\x09\xEB\x79\xEF\xFA\x9F\xAE"
- "\xF3\xD5\x44\xC3\xFD\x86\xD2\x7C"
- "\x83\x4B\xD8\x75\x9C\x18\x04\x7B"
- "\x73\xAD\x72\xA4\xF6\xAB\xCF\x4B"
- "\xCC\x01\x45\x90\xA6\x43\x05\x0C"
- "\x6C\x4F\x62\x77\x57\x97\x9F\xEE"
- "\x75\xA7\x3C\x38\xD1\x0F\x3D\x0E"
- "\x2C\x43\x98\xFB\x13\x65\x73\xE4"
- "\x3C\x1E\xD6\x90\x08\xF7\xE0\x99"
- "\x3B\xF1\x9D\x6C\x48\xA9\x0E\x32"
- "\x17\xC2\xCC\x20\xA1\x19\x26\xAA"
- "\xE0\x75\x2F\xFB\x54\x66\x0A\xDF"
- "\xB5\xF2\x1F\xC1\x34\x3C\x30\x56"
- "\xE8\xDC\xF7\x92\x6B\xBF\x17\x24"
- "\xEC\x94\xB5\x3B\xD6\xCE\xA2\x54"
- "\x10\x7F\x50\xDE\x69\x77\xD5\x37"
- "\xFE\x9C\x10\x83\xC5\xEB\xC9\x53"
- "\xB7\xF3\xC4\x20\xAF\x0A\x7E\x57"
- "\x3A\xE6\x75\xFE\x89\x00\x6E\x48"
- "\xFB\x99\x17\x2C\xF6\x64\x40\x95"
- "\x5E\xDC\x7A\xA6\x70\xC7\xF4\xDD"
- "\x52\x05\x24\x34\xF9\x0E\xC8\x64"
- "\x6D\xE2\xD8\x80\x53\x31\x4C\xFE"
- "\xB4\x3A\x5F\x19\xCF\x42\x1B\x22"
- "\x0B\x2D\x7B\xF1\xC5\x43\xF7\x5E"
- "\x12\xA8\x01\x64\x16\x0B\x26\x5A"
- "\x0C\x95\x0F\x40\xC5\x5A\x06\x7C"
- "\xCF\xF5\xD5\xB7\x7A\x34\x23\xB6"
- "\xAA\x9E\xA8\x98\xA2\xF8\x3D\xD3"
- "\x3F\x23\x69\x63\x56\x96\x45\xD6"
- "\x74\x23\x1D\x5C\x63\xCC\xD8\x78"
- "\x16\xE2\x9C\xD2\x80\x02\xF2\x28"
- "\x69\x2F\xC4\xA8\x15\x15\x24\x3B"
- "\xCB\xF0\x14\xE4\x62\xC8\xF3\xD1"
- "\x03\x58\x1B\x33\x77\x74\x1F\xB4"
- "\x07\x86\xF2\x21\xB7\x41\xAE\xBF"
- "\x25\xC2\xFF\x51\xEF\xEA\xCE\xC4"
- "\x5F\xD9\xB8\x18\x6A\xF0\x0F\x0D"
- "\xF8\x04\xBB\x6D\x62\x33\x87\x26"
- "\x4F\x2F\x14\x6E\xDC\xDB\x66\x09"
- "\x2A\xEF\x7D\x84\x10\xAC\x82\x5E"
- "\xD2\xE4\xAD\x74\x7A\x6D\xCC\x3A"
- "\x7B\x62\xD8\xD6\x07\x2D\xF7\xDF"
- "\x9B\xB3\x82\xCF\x9C\x1D\x76\x5C"
- "\xAC\x7B\xD4\x9B\x45\xA1\x64\x11"
- "\x66\xF1\xA7\x0B\xF9\xDD\x00\xDD"
- "\xA4\x45\x3D\x3E\x03\xC9\x2E\xCB"
- "\xC3\x14\x84\x72\xFD\x41\xDC\xBD"
- "\x75\xBE\xA8\xE5\x16\x48\x64\x39"
- "\xCA\xF3\xE6\xDC\x25\x24\xF1\x6D"
- "\xB2\x8D\xC5\x38\x54\xD3\x5D\x6D"
- "\x0B\x29\x10\x15\x0E\x13\x3B\xAC"
- "\x7E\xCC\x9E\x3E\x18\x48\xA6\x02"
- "\xEF\x03\xB2\x2E\xE3\xD2\x70\x21"
- "\xB4\x19\x26\xBE\x3A\x3D\x05\xE0"
- "\xF8\x09\xAF\xE4\x31\x26\x92\x2F"
- "\x8F\x55\xAC\xED\x0B\xB2\xA5\x34"
- "\xBE\x50\xB1\x02\x22\x96\xE3\x40"
- "\x7B\x70\x50\x6E\x3B\xD5\xE5\xA0"
- "\x8E\xA2\xAD\x14\x60\x5C\x7A\x2B"
- "\x3D\x1B\x7F\xC1\xC0\x2C\x56\x36"
- "\xD2\x0A\x32\x06\x97\x34\xB9\xF4"
- "\x6F\x9F\x7E\x80\xD0\x9D\xF7\x6A"
- "\x21\xC1\xA2\x6A\xB1\x96\x5B\x4D"
- "\x7A\x15\x6C\xC4\x4E\xB8\xE0\x9E"
- "\x6C\x50\xF3\x9C\xC9\xB5\x23\xB7"
- "\xF1\xD4\x29\x4A\x23\xC4\xAD\x1E"
- "\x2C\x07\xD2\x43\x5F\x57\x93\xCA"
- "\x85\xF9\x9F\xAD\x4C\xF1\xE4\xB1"
- "\x1A\x8E\x28\xA4\xB6\x52\x77\x7E"
- "\x68\xC6\x47\xB9\x76\xCC\x65\x5F"
- "\x0B\xF9\x67\x93\xD8\x0E\x9A\x37"
- "\x5F\x41\xED\x64\x6C\xAD\x5F\xED"
- "\x3F\x8D\xFB\x8E\x1E\xA0\xE4\x1F"
- "\xC2\xC7\xED\x18\x43\xE1\x20\x86"
- "\x5D\xBC\x30\x70\x22\xA1\xDC\x53"
- "\x10\x3A\x8D\x47\x82\xCD\x7F\x59"
- "\x03\x2D\x6D\xF5\xE7\x79\xD4\x07"
- "\x68\x2A\xA5\x42\x19\x4D\xAF\xF5"
- "\xED\x47\x83\xBC\x5F\x62\x84\xDA"
- "\xDA\x41\xFF\xB0\x1D\x64\xA3\xC8"
- "\xBD\x4E\xE0\xB8\x7F\xEE\x55\x0A"
- "\x4E\x61\xB2\x51\xF6\x9C\x95\xF6"
- "\x92\xBB\xF6\xC5\xF0\x09\x86\xDE"
- "\x37\x9E\x29\xF9\x2A\x18\x73\x0D"
- "\xDC\x7E\x6B\x7B\x1B\x43\x8C\xEA"
- "\x13\xC8\x1A\x47\x0A\x2D\x6D\x56"
- "\xCD\xD2\xE7\x53\x1A\xAB\x1C\x3C"
- "\xC5\x9B\x03\x70\x29\x2A\x49\x09"
- "\x67\xA1\xEA\xD6\x3A\x5B\xBF\x71"
- "\x1D\x48\x64\x6C\xFB\xC0\x9E\x36",
- .ilen = 1008,
- .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
- "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
- "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
- "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
- "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
- "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
- "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
- "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
- "\xC3\x37\xCE\x65\xFC\x70\x07\x9E"
- "\x12\xA9\x40\xD7\x4B\xE2\x79\x10"
- "\x84\x1B\xB2\x26\xBD\x54\xEB\x5F"
- "\xF6\x8D\x01\x98\x2F\xC6\x3A\xD1"
- "\x68\xFF\x73\x0A\xA1\x15\xAC\x43"
- "\xDA\x4E\xE5\x7C\x13\x87\x1E\xB5"
- "\x29\xC0\x57\xEE\x62\xF9\x90\x04"
- "\x9B\x32\xC9\x3D\xD4\x6B\x02\x76"
- "\x0D\xA4\x18\xAF\x46\xDD\x51\xE8"
- "\x7F\x16\x8A\x21\xB8\x2C\xC3\x5A"
- "\xF1\x65\xFC\x93\x07\x9E\x35\xCC"
- "\x40\xD7\x6E\x05\x79\x10\xA7\x1B"
- "\xB2\x49\xE0\x54\xEB\x82\x19\x8D"
- "\x24\xBB\x2F\xC6\x5D\xF4\x68\xFF"
- "\x96\x0A\xA1\x38\xCF\x43\xDA\x71"
- "\x08\x7C\x13\xAA\x1E\xB5\x4C\xE3"
- "\x57\xEE\x85\x1C\x90\x27\xBE\x32"
- "\xC9\x60\xF7\x6B\x02\x99\x0D\xA4"
- "\x3B\xD2\x46\xDD\x74\x0B\x7F\x16"
- "\xAD\x21\xB8\x4F\xE6\x5A\xF1\x88"
- "\x1F\x93\x2A\xC1\x35\xCC\x63\xFA"
- "\x6E\x05\x9C\x10\xA7\x3E\xD5\x49"
- "\xE0\x77\x0E\x82\x19\xB0\x24\xBB"
- "\x52\xE9\x5D\xF4\x8B\x22\x96\x2D"
- "\xC4\x38\xCF\x66\xFD\x71\x08\x9F"
- "\x13\xAA\x41\xD8\x4C\xE3\x7A\x11"
- "\x85\x1C\xB3\x27\xBE\x55\xEC\x60"
- "\xF7\x8E\x02\x99\x30\xC7\x3B\xD2"
- "\x69\x00\x74\x0B\xA2\x16\xAD\x44"
- "\xDB\x4F\xE6\x7D\x14\x88\x1F\xB6"
- "\x2A\xC1\x58\xEF\x63\xFA\x91\x05"
- "\x9C\x33\xCA\x3E\xD5\x6C\x03\x77"
- "\x0E\xA5\x19\xB0\x47\xDE\x52\xE9"
- "\x80\x17\x8B\x22\xB9\x2D\xC4\x5B"
- "\xF2\x66\xFD\x94\x08\x9F\x36\xCD"
- "\x41\xD8\x6F\x06\x7A\x11\xA8\x1C"
- "\xB3\x4A\xE1\x55\xEC\x83\x1A\x8E"
- "\x25\xBC\x30\xC7\x5E\xF5\x69\x00"
- "\x97\x0B\xA2\x39\xD0\x44\xDB\x72"
- "\x09\x7D\x14\xAB\x1F\xB6\x4D\xE4"
- "\x58\xEF\x86\x1D\x91\x28\xBF\x33"
- "\xCA\x61\xF8\x6C\x03\x9A\x0E\xA5"
- "\x3C\xD3\x47\xDE\x75\x0C\x80\x17"
- "\xAE\x22\xB9\x50\xE7\x5B\xF2\x89"
- "\x20\x94\x2B\xC2\x36\xCD\x64\xFB"
- "\x6F\x06\x9D\x11\xA8\x3F\xD6\x4A"
- "\xE1\x78\x0F\x83\x1A\xB1\x25\xBC"
- "\x53\xEA\x5E\xF5\x8C\x00\x97\x2E"
- "\xC5\x39\xD0\x67\xFE\x72\x09\xA0"
- "\x14\xAB\x42\xD9\x4D\xE4\x7B\x12"
- "\x86\x1D\xB4\x28\xBF\x56\xED\x61"
- "\xF8\x8F\x03\x9A\x31\xC8\x3C\xD3"
- "\x6A\x01\x75\x0C\xA3\x17\xAE\x45"
- "\xDC\x50\xE7\x7E\x15\x89\x20\xB7"
- "\x2B\xC2\x59\xF0\x64\xFB\x92\x06"
- "\x9D\x34\xCB\x3F\xD6\x6D\x04\x78"
- "\x0F\xA6\x1A\xB1\x48\xDF\x53\xEA"
- "\x81\x18\x8C\x23\xBA\x2E\xC5\x5C"
- "\xF3\x67\xFE\x95\x09\xA0\x37\xCE"
- "\x42\xD9\x70\x07\x7B\x12\xA9\x1D"
- "\xB4\x4B\xE2\x56\xED\x84\x1B\x8F"
- "\x26\xBD\x31\xC8\x5F\xF6\x6A\x01"
- "\x98\x0C\xA3\x3A\xD1\x45\xDC\x73"
- "\x0A\x7E\x15\xAC\x20\xB7\x4E\xE5"
- "\x59\xF0\x87\x1E\x92\x29\xC0\x34"
- "\xCB\x62\xF9\x6D\x04\x9B\x0F\xA6"
- "\x3D\xD4\x48\xDF\x76\x0D\x81\x18"
- "\xAF\x23\xBA\x51\xE8\x5C\xF3\x8A"
- "\x21\x95\x2C\xC3\x37\xCE\x65\xFC"
- "\x70\x07\x9E\x12\xA9\x40\xD7\x4B"
- "\xE2\x79\x10\x84\x1B\xB2\x26\xBD"
- "\x54\xEB\x5F\xF6\x8D\x01\x98\x2F"
- "\xC6\x3A\xD1\x68\xFF\x73\x0A\xA1"
- "\x15\xAC\x43\xDA\x4E\xE5\x7C\x13"
- "\x87\x1E\xB5\x29\xC0\x57\xEE\x62"
- "\xF9\x90\x04\x9B\x32\xC9\x3D\xD4"
- "\x6B\x02\x76\x0D\xA4\x18\xAF\x46"
- "\xDD\x51\xE8\x7F\x16\x8A\x21\xB8"
- "\x2C\xC3\x5A\xF1\x65\xFC\x93\x07"
- "\x9E\x35\xCC\x40\xD7\x6E\x05\x79"
- "\x10\xA7\x1B\xB2\x49\xE0\x54\xEB"
- "\x82\x19\x8D\x24\xBB\x2F\xC6\x5D"
- "\xF4\x68\xFF\x96\x0A\xA1\x38\xCF"
- "\x43\xDA\x71\x08\x7C\x13\xAA\x1E"
- "\xB5\x4C\xE3\x57\xEE\x85\x1C\x90"
- "\x27\xBE\x32\xC9\x60\xF7\x6B\x02"
- "\x99\x0D\xA4\x3B\xD2\x46\xDD\x74"
- "\x0B\x7F\x16\xAD\x21\xB8\x4F\xE6"
- "\x5A\xF1\x88\x1F\x93\x2A\xC1\x35"
- "\xCC\x63\xFA\x6E\x05\x9C\x10\xA7"
- "\x3E\xD5\x49\xE0\x77\x0E\x82\x19"
- "\xB0\x24\xBB\x52\xE9\x5D\xF4\x8B"
- "\x22\x96\x2D\xC4\x38\xCF\x66\xFD"
- "\x71\x08\x9F\x13\xAA\x41\xD8\x4C"
- "\xE3\x7A\x11\x85\x1C\xB3\x27\xBE"
- "\x55\xEC\x60\xF7\x8E\x02\x99\x30"
- "\xC7\x3B\xD2\x69\x00\x74\x0B\xA2"
- "\x16\xAD\x44\xDB\x4F\xE6\x7D\x14"
- "\x88\x1F\xB6\x2A\xC1\x58\xEF\x63"
- "\xFA\x91\x05\x9C\x33\xCA\x3E\xD5"
- "\x6C\x03\x77\x0E\xA5\x19\xB0\x47"
- "\xDE\x52\xE9\x80\x17\x8B\x22\xB9"
- "\x2D\xC4\x5B\xF2\x66\xFD\x94\x08"
- "\x9F\x36\xCD\x41\xD8\x6F\x06\x7A"
- "\x11\xA8\x1C\xB3\x4A\xE1\x55\xEC"
- "\x83\x1A\x8E\x25\xBC\x30\xC7\x5E"
- "\xF5\x69\x00\x97\x0B\xA2\x39\xD0"
- "\x44\xDB\x72\x09\x7D\x14\xAB\x1F"
- "\xB6\x4D\xE4\x58\xEF\x86\x1D\x91"
- "\x28\xBF\x33\xCA\x61\xF8\x6C\x03"
- "\x9A\x0E\xA5\x3C\xD3\x47\xDE\x75"
- "\x0C\x80\x17\xAE\x22\xB9\x50\xE7"
- "\x5B\xF2\x89\x20\x94\x2B\xC2\x36"
- "\xCD\x64\xFB\x6F\x06\x9D\x11\xA8"
- "\x3F\xD6\x4A\xE1\x78\x0F\x83\x1A"
- "\xB1\x25\xBC\x53\xEA\x5E\xF5\x8C"
- "\x00\x97\x2E\xC5\x39\xD0\x67\xFE"
- "\x72\x09\xA0\x14\xAB\x42\xD9\x4D",
- .rlen = 1008,
- },
-};
-
-static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
+static const struct cipher_testvec camellia_lrw_tv_template[] = {
/* Generated from AES-LRW test vectors */
{
.key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
@@ -32601,12 +29069,11 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x92\x68\x19\xd7\xb7\x5b\x0a\x31"
+ .ctext = "\x92\x68\x19\xd7\xb7\x5b\x0a\x31"
"\x97\xcc\x72\xbe\x99\x17\xeb\x3e",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
"\xd7\x79\xe8\x0f\x54\x88\x79\x44"
@@ -32615,12 +29082,11 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x73\x09\xb7\x50\xb6\x77\x30\x50"
+ .ctext = "\x73\x09\xb7\x50\xb6\x77\x30\x50"
"\x5c\x8a\x9c\x26\x77\x9d\xfc\x4a",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
"\x30\xfe\x69\xe2\x37\x7f\x98\x47"
@@ -32629,12 +29095,11 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x90\xae\x83\xe0\x22\xb9\x60\x91"
+ .ctext = "\x90\xae\x83\xe0\x22\xb9\x60\x91"
"\xfa\xa9\xb7\x98\xe3\xed\x87\x01",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
"\x25\x83\xf7\x3c\x1f\x01\x28\x74"
@@ -32644,12 +29109,11 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x99\xe9\x6e\xd4\xc9\x21\xa5\xf0"
+ .ctext = "\x99\xe9\x6e\xd4\xc9\x21\xa5\xf0"
"\xd8\x83\xef\xd9\x07\x16\x5f\x35",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
"\xf8\x86\xce\xac\x93\xc5\xad\xc6"
@@ -32659,12 +29123,11 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 40,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x42\x88\xf4\xcb\x21\x11\x6d\x8e"
+ .ctext = "\x42\x88\xf4\xcb\x21\x11\x6d\x8e"
"\xde\x1a\xf2\x29\xf1\x4a\xe0\x15",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -32675,12 +29138,11 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x40\xaa\x34\x86\x4a\x8f\x78\xb9"
+ .ctext = "\x40\xaa\x34\x86\x4a\x8f\x78\xb9"
"\xdb\xdb\x0f\x3d\x48\x70\xbe\x8d",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
"\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
@@ -32691,12 +29153,11 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ .ptext = "\x30\x31\x32\x33\x34\x35\x36\x37"
"\x38\x39\x41\x42\x43\x44\x45\x46",
- .ilen = 16,
- .result = "\x04\xab\x28\x37\x31\x7a\x26\xab"
+ .ctext = "\x04\xab\x28\x37\x31\x7a\x26\xab"
"\xa1\x70\x1b\x9c\xe7\xdd\x83\xff",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
"\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
@@ -32707,7 +29168,7 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
.klen = 48,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ .ptext = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
"\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
"\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
"\x50\x38\x1f\x71\x49\xb6\x57\xd6"
@@ -32771,8 +29232,7 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
"\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
"\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
"\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .ilen = 512,
- .result = "\x90\x69\x8e\xf2\x14\x86\x59\xf9"
+ .ctext = "\x90\x69\x8e\xf2\x14\x86\x59\xf9"
"\xec\xe7\xfa\x3f\x48\x9d\x7f\x96"
"\x67\x76\xac\x2c\xd2\x63\x18\x93"
"\x13\xf8\xf1\xf6\x71\x77\xb3\xee"
@@ -32836,267 +29296,14 @@ static const struct cipher_testvec camellia_lrw_enc_tv_template[] = {
"\x93\x6c\x01\xf7\xcc\x4e\x20\xd1"
"\xb2\x1a\xd8\x4c\xbd\x1d\x10\xe9"
"\x5a\xa8\x92\x7f\xba\xe6\x0c\x95",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
},
};
-static const struct cipher_testvec camellia_lrw_dec_tv_template[] = {
- /* Generated from AES-LRW test vectors */
- /* same as enc vectors with input and result reversed */
- {
- .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
- "\x4c\x26\x84\x14\xb5\x68\x01\x85"
- "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
- "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x92\x68\x19\xd7\xb7\x5b\x0a\x31"
- "\x97\xcc\x72\xbe\x99\x17\xeb\x3e",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
- "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
- "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
- "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x73\x09\xb7\x50\xb6\x77\x30\x50"
- "\x5c\x8a\x9c\x26\x77\x9d\xfc\x4a",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
- "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
- "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
- "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x90\xae\x83\xe0\x22\xb9\x60\x91"
- "\xfa\xa9\xb7\x98\xe3\xed\x87\x01",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
- "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
- "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
- "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
- "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x99\xe9\x6e\xd4\xc9\x21\xa5\xf0"
- "\xd8\x83\xef\xd9\x07\x16\x5f\x35",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
- "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
- "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
- "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
- "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
- .klen = 40,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x42\x88\xf4\xcb\x21\x11\x6d\x8e"
- "\xde\x1a\xf2\x29\xf1\x4a\xe0\x15",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x40\xaa\x34\x86\x4a\x8f\x78\xb9"
- "\xdb\xdb\x0f\x3d\x48\x70\xbe\x8d",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
- "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
- "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
- "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
- "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
- "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x02\x00\x00\x00\x00",
- .input = "\x04\xab\x28\x37\x31\x7a\x26\xab"
- "\xa1\x70\x1b\x9c\xe7\xdd\x83\xff",
- .ilen = 16,
- .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x41\x42\x43\x44\x45\x46",
- .rlen = 16,
- }, {
- .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
- "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
- "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
- "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
- "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
- "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
- .klen = 48,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x90\x69\x8e\xf2\x14\x86\x59\xf9"
- "\xec\xe7\xfa\x3f\x48\x9d\x7f\x96"
- "\x67\x76\xac\x2c\xd2\x63\x18\x93"
- "\x13\xf8\xf1\xf6\x71\x77\xb3\xee"
- "\x93\xb2\xcc\xf3\x26\xc1\x16\x4f"
- "\xd4\xe8\x43\xc1\x68\xa3\x3e\x06"
- "\x38\x51\xff\xa8\xb9\xa4\xeb\xb1"
- "\x62\xdd\x78\x81\xea\x1d\xef\x04"
- "\x1d\x07\xc1\x67\xc8\xd6\x77\xa1"
- "\x84\x95\xf4\x9a\xd9\xbc\x2d\xe2"
- "\xf6\x80\xfc\x91\x2a\xbc\x42\xa0"
- "\x40\x41\x69\xaa\x71\xc0\x37\xec"
- "\x39\xf3\xf2\xec\x82\xc3\x88\x79"
- "\xbc\xc3\xaa\xb7\xcf\x6a\x72\x80"
- "\x4c\xf4\x84\x8f\x13\x9e\x94\x5c"
- "\xe5\xb2\x91\xbb\x92\x51\x4d\xf1"
- "\xd6\x0d\x71\x6b\x7a\xc2\x2f\x12"
- "\x6f\x75\xc7\x80\x99\x50\x84\xcf"
- "\xa8\xeb\xd6\xe1\x1c\x59\x81\x7e"
- "\xb9\xb3\xde\x7a\x93\x14\x12\xa2"
- "\xf7\x43\xb3\x9d\x1a\x87\x65\x91"
- "\x42\x08\x40\x82\x06\x1c\x2d\x55"
- "\x6e\x48\xd5\x74\x07\x6e\x9d\x80"
- "\xeb\xb4\x97\xa1\x36\xdf\xfa\x74"
- "\x79\x7f\x5a\x75\xe7\x71\xc8\x8c"
- "\x7e\xf8\x3a\x77\xcd\x32\x05\xf9"
- "\x3d\xd4\xe9\xa2\xbb\xc4\x8b\x83"
- "\x42\x5c\x82\xfa\xe9\x4b\x96\x3b"
- "\x7f\x89\x8b\xf9\xf1\x87\xda\xf0"
- "\x87\xef\x13\x5d\xf0\xe2\xc5\xc1"
- "\xed\x14\xa9\x57\x19\x63\x40\x04"
- "\x24\xeb\x6e\x19\xd1\x3d\x70\x78"
- "\xeb\xda\x55\x70\x2c\x4f\x41\x5b"
- "\x56\x9f\x1a\xd3\xac\xf1\xc0\xc3"
- "\x21\xec\xd7\xd2\x55\x32\x7c\x2e"
- "\x3c\x48\x8e\xb4\x85\x35\x47\xfe"
- "\xe2\x88\x79\x98\x6a\xc9\x8d\xff"
- "\xe9\x89\x6e\xb8\xe2\x97\x00\xbd"
- "\xa4\x8f\xba\xd0\x8c\xcb\x79\x99"
- "\xb3\xb2\xb2\x7a\xc3\xb7\xef\x75"
- "\x23\x52\x76\xc3\x50\x6e\x66\xf8"
- "\xa2\xe2\xce\xba\x40\x21\x3f\xc9"
- "\x0a\x32\x7f\xf7\x08\x8c\x66\xcf"
- "\xd3\xdf\x57\x59\x83\xb8\xe1\x85"
- "\xd6\x8f\xfb\x48\x1f\x3a\xc4\x2f"
- "\xb4\x2d\x58\xab\xd8\x7f\x5e\x3a"
- "\xbc\x62\x3e\xe2\x6a\x52\x0d\x76"
- "\x2f\x1c\x1a\x30\xed\x95\x2a\x44"
- "\x35\xa5\x83\x04\x84\x01\x99\x56"
- "\xb7\xe3\x10\x96\xfa\xdc\x19\xdd"
- "\xe2\x7f\xcb\xa0\x49\x1b\xff\x4c"
- "\x73\xf6\xbb\x94\x00\xe8\xa9\x3d"
- "\xe2\x20\xe9\x3f\xfa\x07\x5d\x77"
- "\x06\xd5\x4f\x4d\x02\xb8\x40\x1b"
- "\x30\xed\x1a\x50\x19\xef\xc4\x2c"
- "\x02\xd9\xc5\xd3\x11\x33\x37\xe5"
- "\x2b\xa3\x95\xa6\xee\xd8\x74\x1d"
- "\x68\xa0\xeb\xbf\xdd\x5e\x99\x96"
- "\x91\xc3\x94\x24\xa5\x12\xa2\x37"
- "\xb3\xac\xcf\x2a\xfd\x55\x34\xfe"
- "\x79\x92\x3e\xe6\x1b\x49\x57\x5d"
- "\x93\x6c\x01\xf7\xcc\x4e\x20\xd1"
- "\xb2\x1a\xd8\x4c\xbd\x1d\x10\xe9"
- "\x5a\xa8\x92\x7f\xba\xe6\x0c\x95",
- .ilen = 512,
- .result = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
- "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
- "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
- "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
- "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
- "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
- "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
- "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
- "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
- "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
- "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
- "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
- "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
- "\x4c\x96\x12\xed\x7c\x92\x03\x01"
- "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
- "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
- "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
- "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
- "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
- "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
- "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
- "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
- "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
- "\x76\x12\x73\x44\x1a\x56\xd7\x72"
- "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
- "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
- "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
- "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
- "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
- "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
- "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
- "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
- "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
- "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
- "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
- "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
- "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
- "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
- "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
- "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
- "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
- "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
- "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
- "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
- "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
- "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
- "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
- "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
- "\x62\x73\x65\xfd\x46\x63\x25\x3d"
- "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
- "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
- "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
- "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
- "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
- "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
- "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
- "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
- "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
- "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
- "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
- "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
- "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
- "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
- "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
+static const struct cipher_testvec camellia_xts_tv_template[] = {
/* Generated from AES-XTS test vectors */
{
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -33106,16 +29313,15 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 32,
- .result = "\x06\xcb\xa5\xf1\x04\x63\xb2\x41"
+ .ctext = "\x06\xcb\xa5\xf1\x04\x63\xb2\x41"
"\xdc\xca\xfa\x09\xba\x74\xb9\x05"
"\x78\xba\xa4\xf8\x67\x4d\x7e\xad"
"\x20\x18\xf5\x0c\x41\x16\x2a\x61",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x11\x11\x11\x11\x11\x11\x11\x11"
"\x11\x11\x11\x11\x11\x11\x11\x11"
@@ -33124,16 +29330,15 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\xc2\xb9\xdc\x44\x1d\xdf\xf2\x86"
+ .ctext = "\xc2\xb9\xdc\x44\x1d\xdf\xf2\x86"
"\x8d\x35\x42\x0a\xa5\x5e\x3d\x4f"
"\xb5\x37\x06\xff\xbd\xd4\x91\x70"
"\x80\x1f\xb2\x39\x10\x89\x44\xf5",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
"\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
@@ -33142,16 +29347,15 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ .ptext = "\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44"
"\x44\x44\x44\x44\x44\x44\x44\x44",
- .ilen = 32,
- .result = "\x52\x1f\x9d\xf5\x5a\x58\x5a\x7e"
+ .ctext = "\x52\x1f\x9d\xf5\x5a\x58\x5a\x7e"
"\x9f\xd0\x8e\x02\x9c\x9a\x6a\xa7"
"\xb4\x3b\xce\xe7\x17\xaa\x89\x6a"
"\x35\x3c\x6b\xb5\x61\x1c\x79\x38",
- .rlen = 32,
+ .len = 32,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -33160,7 +29364,7 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -33224,8 +29428,7 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\xc7\xf9\x0a\xaa\xcb\xb5\x8f\x33"
+ .ctext = "\xc7\xf9\x0a\xaa\xcb\xb5\x8f\x33"
"\x60\xc3\xe9\x47\x90\xb7\x50\x57"
"\xa3\xad\x81\x2f\xf5\x22\x96\x02"
"\xaa\x7f\xea\xac\x29\x78\xca\x2a"
@@ -33289,7 +29492,7 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
"\xcc\x06\xdb\xe7\x82\x29\x63\xd1"
"\x52\x84\x4f\xee\x27\xe8\x02\xd4"
"\x34\x3c\x69\xc2\xbd\x20\xe6\x7a",
- .rlen = 512,
+ .len = 512,
}, {
.key = "\x27\x18\x28\x18\x28\x45\x90\x45"
"\x23\x53\x60\x28\x74\x71\x35\x26"
@@ -33302,7 +29505,7 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
.klen = 64,
.iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
@@ -33366,8 +29569,7 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
"\xe8\xe9\xea\xeb\xec\xed\xee\xef"
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
"\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .ilen = 512,
- .result = "\x49\xcd\xb8\xbf\x2f\x73\x37\x28"
+ .ctext = "\x49\xcd\xb8\xbf\x2f\x73\x37\x28"
"\x9a\x7f\x6e\x57\x55\xb8\x07\x88"
"\x4a\x0d\x8b\x55\x60\xed\xb6\x7b"
"\xf1\x74\xac\x96\x05\x7b\x32\xca"
@@ -33431,350 +29633,7 @@ static const struct cipher_testvec camellia_xts_enc_tv_template[] = {
"\xb1\x02\x0a\x5c\x79\x19\x3b\x75"
"\xb7\x16\xd8\x12\x5c\xcd\x7d\x4e"
"\xd5\xc6\x99\xcc\x4e\x6c\x94\x95",
- .rlen = 512,
- .also_non_np = 1,
- .np = 3,
- .tap = { 512 - 20, 4, 16 },
- },
-};
-
-static const struct cipher_testvec camellia_xts_dec_tv_template[] = {
- /* Generated from AES-XTS test vectors */
- /* same as enc vectors with input and result reversed */
- {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x06\xcb\xa5\xf1\x04\x63\xb2\x41"
- "\xdc\xca\xfa\x09\xba\x74\xb9\x05"
- "\x78\xba\xa4\xf8\x67\x4d\x7e\xad"
- "\x20\x18\xf5\x0c\x41\x16\x2a\x61",
- .ilen = 32,
- .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .rlen = 32,
- }, {
- .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x11\x11\x11\x11\x11\x11\x11\x11"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xc2\xb9\xdc\x44\x1d\xdf\xf2\x86"
- "\x8d\x35\x42\x0a\xa5\x5e\x3d\x4f"
- "\xb5\x37\x06\xff\xbd\xd4\x91\x70"
- "\x80\x1f\xb2\x39\x10\x89\x44\xf5",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
- "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
- "\x22\x22\x22\x22\x22\x22\x22\x22"
- "\x22\x22\x22\x22\x22\x22\x22\x22",
- .klen = 32,
- .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x52\x1f\x9d\xf5\x5a\x58\x5a\x7e"
- "\x9f\xd0\x8e\x02\x9c\x9a\x6a\xa7"
- "\xb4\x3b\xce\xe7\x17\xaa\x89\x6a"
- "\x35\x3c\x6b\xb5\x61\x1c\x79\x38",
- .ilen = 32,
- .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44"
- "\x44\x44\x44\x44\x44\x44\x44\x44",
- .rlen = 32,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95",
- .klen = 32,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\xc7\xf9\x0a\xaa\xcb\xb5\x8f\x33"
- "\x60\xc3\xe9\x47\x90\xb7\x50\x57"
- "\xa3\xad\x81\x2f\xf5\x22\x96\x02"
- "\xaa\x7f\xea\xac\x29\x78\xca\x2a"
- "\x7c\xcd\x31\x1a\x3c\x40\x0a\x73"
- "\x09\x66\xad\x72\x0e\x4d\x5d\x77"
- "\xbc\xb8\x76\x80\x37\x59\xa9\x01"
- "\x9e\xfb\xdb\x6c\x93\xef\xb6\x8d"
- "\x1e\xc1\x94\xa8\xd4\xb5\xb0\x01"
- "\xd5\x01\x97\x28\xcd\x7a\x1f\xe8"
- "\x08\xda\x76\x00\x65\xcf\x7b\x31"
- "\xc6\xfa\xf2\x3b\x00\xa7\x6a\x9e"
- "\x6c\x43\x80\x87\xe0\xbb\x4e\xe5"
- "\xdc\x8a\xdf\xc3\x1d\x1b\x41\x04"
- "\xfb\x54\xdd\x29\x27\xc2\x65\x17"
- "\x36\x88\xb0\x85\x8d\x73\x7e\x4b"
- "\x1d\x16\x8a\x52\xbc\xa6\xbc\xa4"
- "\x8c\xd1\x04\x16\xbf\x8c\x01\x0f"
- "\x7e\x6b\x59\x15\x29\xd1\x9b\xd3"
- "\x6c\xee\xac\xdc\x45\x58\xca\x5b"
- "\x70\x0e\x6a\x12\x86\x82\x79\x9f"
- "\x16\xd4\x9d\x67\xcd\x70\x65\x26"
- "\x21\x72\x1e\xa1\x94\x8a\x83\x0c"
- "\x92\x42\x58\x5e\xa2\xc5\x31\xf3"
- "\x7b\xd1\x31\xd4\x15\x80\x31\x61"
- "\x5c\x53\x10\xdd\xea\xc8\x83\x5c"
- "\x7d\xa7\x05\x66\xcc\x1e\xbb\x05"
- "\x47\xae\xb4\x0f\x84\xd8\xf6\xb5"
- "\xa1\xc6\x52\x00\x52\xe8\xdc\xd9"
- "\x16\x31\xb2\x47\x91\x67\xaa\x28"
- "\x2c\x29\x85\xa3\xf7\xf2\x24\x93"
- "\x23\x80\x1f\xa8\x1b\x82\x8d\xdc"
- "\x9f\x0b\xcd\xb4\x3c\x20\xbc\xec"
- "\x4f\xc7\xee\xf8\xfd\xd9\xfb\x7e"
- "\x3f\x0d\x23\xfa\x3f\xa7\xcc\x66"
- "\x1c\xfe\xa6\x86\xf6\xf7\x85\xc7"
- "\x43\xc1\xd4\xfc\xe4\x79\xc9\x1d"
- "\xf8\x89\xcd\x20\x27\x84\x5d\x5c"
- "\x8e\x4f\x1f\xeb\x08\x21\x4f\xa3"
- "\xe0\x7e\x0b\x9c\xe7\x42\xcf\xb7"
- "\x3f\x43\xcc\x86\x71\x34\x6a\xd9"
- "\x5e\xec\x8f\x36\xc9\x0a\x03\xfe"
- "\x18\x41\xdc\x9e\x2e\x75\x20\x3e"
- "\xcc\x77\xe0\x8f\xe8\x43\x37\x4c"
- "\xed\x1a\x5a\xb3\xfa\x43\xc9\x71"
- "\x9f\xc5\xce\xcf\xff\xe7\x77\x1e"
- "\x35\x93\xde\x6b\xc0\x6a\x7e\xa9"
- "\x34\xb8\x27\x74\x08\xda\xf2\x4a"
- "\x23\x5b\x9f\x55\x3a\x57\x82\x52"
- "\xea\x6d\xc3\xc7\xf2\xc8\xb5\xdc"
- "\xc5\xb9\xbb\xaa\xf2\x29\x9f\x49"
- "\x7a\xef\xfe\xdc\x9f\xc9\x28\xe2"
- "\x96\x0b\x35\x84\x05\x0d\xd6\x2a"
- "\xea\x5a\xbf\x69\xde\xee\x4f\x8f"
- "\x84\xb9\xcf\xa7\x57\xea\xe0\xe8"
- "\x96\xef\x0f\x0e\xec\xc7\xa6\x74"
- "\xb1\xfe\x7a\x6d\x11\xdd\x0e\x15"
- "\x4a\x1e\x73\x7f\x55\xea\xf6\xe1"
- "\x5b\xb6\x71\xda\xb0\x0c\xba\x26"
- "\x5c\x48\x38\x6d\x1c\x32\xb2\x7d"
- "\x05\x87\xc2\x1e\x7e\x2d\xd4\x33"
- "\xcc\x06\xdb\xe7\x82\x29\x63\xd1"
- "\x52\x84\x4f\xee\x27\xe8\x02\xd4"
- "\x34\x3c\x69\xc2\xbd\x20\xe6\x7a",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
- }, {
- .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
- "\x23\x53\x60\x28\x74\x71\x35\x26"
- "\x62\x49\x77\x57\x24\x70\x93\x69"
- "\x99\x59\x57\x49\x66\x96\x76\x27"
- "\x31\x41\x59\x26\x53\x58\x97\x93"
- "\x23\x84\x62\x64\x33\x83\x27\x95"
- "\x02\x88\x41\x97\x16\x93\x99\x37"
- "\x51\x05\x82\x09\x74\x94\x45\x92",
- .klen = 64,
- .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x49\xcd\xb8\xbf\x2f\x73\x37\x28"
- "\x9a\x7f\x6e\x57\x55\xb8\x07\x88"
- "\x4a\x0d\x8b\x55\x60\xed\xb6\x7b"
- "\xf1\x74\xac\x96\x05\x7b\x32\xca"
- "\xd1\x4e\xf1\x58\x29\x16\x24\x6c"
- "\xf2\xb3\xe4\x88\x84\xac\x4d\xee"
- "\x97\x07\x82\xf0\x07\x12\x38\x0a"
- "\x67\x62\xaf\xfd\x85\x9f\x0a\x55"
- "\xa5\x20\xc5\x60\xe4\x68\x53\xa4"
- "\x0e\x2e\x65\xe3\xe4\x0c\x30\x7c"
- "\x1c\x01\x4f\x55\xa9\x13\xeb\x25"
- "\x21\x87\xbc\xd3\xe7\x67\x4f\x38"
- "\xa8\x14\x25\x71\xe9\x2e\x4c\x21"
- "\x41\x82\x0c\x45\x39\x35\xa8\x75"
- "\x03\x29\x01\x84\x8c\xab\x48\xbe"
- "\x11\x56\x22\x67\xb7\x67\x1a\x09"
- "\xa1\x72\x25\x41\x3c\x39\x65\x80"
- "\x7d\x2f\xf8\x2c\x73\x04\x58\x9d"
- "\xdd\x16\x8b\x63\x70\x4e\xc5\x17"
- "\x21\xe0\x84\x51\x4b\x6f\x05\x52"
- "\xe3\x63\x34\xfa\xa4\xaf\x33\x20"
- "\xc1\xae\x32\xc4\xb8\x2b\xdb\x76"
- "\xd9\x02\x31\x2f\xa3\xc6\xd0\x7b"
- "\xaf\x1b\x84\xe3\x9b\xbf\xa6\xe0"
- "\xb8\x8a\x13\x88\x71\xf4\x11\xa5"
- "\xe9\xa9\x10\x33\xe0\xbe\x49\x89"
- "\x41\x22\xf5\x9d\x80\x3e\x3b\x76"
- "\x01\x16\x50\x6e\x7c\x6a\x81\xe9"
- "\x13\x2c\xde\xb2\x5f\x79\xba\xb2"
- "\xb1\x75\xae\xd2\x07\x98\x4b\x69"
- "\xae\x7d\x5b\x90\xc2\x6c\xe6\x98"
- "\xd3\x4c\xa1\xa3\x9c\xc9\x33\x6a"
- "\x0d\x23\xb1\x79\x25\x13\x4b\xe5"
- "\xaf\x93\x20\x5c\x7f\x06\x7a\x34"
- "\x0b\x78\xe3\x67\x26\xe0\xad\x95"
- "\xc5\x4e\x26\x22\xcf\x73\x77\x62"
- "\x3e\x10\xd7\x90\x4b\x52\x1c\xc9"
- "\xef\x38\x52\x18\x0e\x29\x7e\xef"
- "\x34\xfe\x31\x95\xc5\xbc\xa8\xe2"
- "\xa8\x4e\x9f\xea\xa6\xf0\xfe\x5d"
- "\xc5\x39\x86\xed\x2f\x6d\xa0\xfe"
- "\x96\xcd\x41\x10\x78\x4e\x0c\xc9"
- "\xc3\x6d\x0f\xb7\xe8\xe0\x62\xab"
- "\x8b\xf1\x21\x89\xa1\x12\xaa\xfa"
- "\x9d\x70\xbe\x4c\xa8\x98\x89\x01"
- "\xb9\xe2\x61\xde\x0c\x4a\x0b\xaa"
- "\x89\xf5\x14\x79\x18\x8f\x3b\x0d"
- "\x21\x17\xf8\x59\x15\x24\x64\x22"
- "\x57\x48\x80\xd5\x3d\x92\x30\x07"
- "\xd9\xa1\x4a\x23\x16\x43\x48\x0e"
- "\x2b\x2d\x1b\x87\xef\x7e\xbd\xfa"
- "\x49\xbc\x7e\x68\x6e\xa8\x46\x95"
- "\xad\x5e\xfe\x0a\xa8\xd3\x1a\x5d"
- "\x6b\x84\xf3\x00\xba\x52\x05\x02"
- "\xe3\x96\x4e\xb6\x79\x3f\x43\xd3"
- "\x4d\x3f\xd6\xab\x0a\xc4\x75\x2d"
- "\xd1\x08\xc3\x6a\xc8\x37\x29\xa0"
- "\xcc\x9a\x05\xdd\x5c\xe1\xff\x66"
- "\xf2\x7a\x1d\xf2\xaf\xa9\x48\x89"
- "\xf5\x21\x0f\x02\x48\x83\x74\xbf"
- "\x2e\xe6\x93\x7b\xa0\xf4\xb1\x2b"
- "\xb1\x02\x0a\x5c\x79\x19\x3b\x75"
- "\xb7\x16\xd8\x12\x5c\xcd\x7d\x4e"
- "\xd5\xc6\x99\xcc\x4e\x6c\x94\x95",
- .ilen = 512,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
- "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
- "\x10\x11\x12\x13\x14\x15\x16\x17"
- "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
- "\x20\x21\x22\x23\x24\x25\x26\x27"
- "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
- "\x30\x31\x32\x33\x34\x35\x36\x37"
- "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
- "\x40\x41\x42\x43\x44\x45\x46\x47"
- "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
- "\x50\x51\x52\x53\x54\x55\x56\x57"
- "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
- "\x60\x61\x62\x63\x64\x65\x66\x67"
- "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
- "\x70\x71\x72\x73\x74\x75\x76\x77"
- "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
- "\x80\x81\x82\x83\x84\x85\x86\x87"
- "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
- "\x90\x91\x92\x93\x94\x95\x96\x97"
- "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
- "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
- "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
- "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
- "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
- "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
- "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
- "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
- "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
- "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
- "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
- "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
- "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
- .rlen = 512,
+ .len = 512,
.also_non_np = 1,
.np = 3,
.tap = { 512 - 20, 4, 16 },
@@ -33784,91 +29643,45 @@ static const struct cipher_testvec camellia_xts_dec_tv_template[] = {
/*
* SEED test vectors
*/
-static const struct cipher_testvec seed_enc_tv_template[] = {
+static const struct cipher_testvec seed_tv_template[] = {
{
.key = zeroed_string,
.klen = 16,
- .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .ilen = 16,
- .result = "\x5e\xba\xc6\xe0\x05\x4e\x16\x68"
+ .ctext = "\x5e\xba\xc6\xe0\x05\x4e\x16\x68"
"\x19\xaf\xf1\xcc\x6d\x34\x6c\xdb",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
.klen = 16,
- .input = zeroed_string,
- .ilen = 16,
- .result = "\xc1\x1f\x22\xf2\x01\x40\x50\x50"
+ .ptext = zeroed_string,
+ .ctext = "\xc1\x1f\x22\xf2\x01\x40\x50\x50"
"\x84\x48\x35\x97\xe4\x37\x0f\x43",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x47\x06\x48\x08\x51\xe6\x1b\xe8"
"\x5d\x74\xbf\xb3\xfd\x95\x61\x85",
.klen = 16,
- .input = "\x83\xa2\xf8\xa2\x88\x64\x1f\xb9"
+ .ptext = "\x83\xa2\xf8\xa2\x88\x64\x1f\xb9"
"\xa4\xe9\xa5\xcc\x2f\x13\x1c\x7d",
- .ilen = 16,
- .result = "\xee\x54\xd1\x3e\xbc\xae\x70\x6d"
+ .ctext = "\xee\x54\xd1\x3e\xbc\xae\x70\x6d"
"\x22\x6b\xc3\x14\x2c\xd4\x0d\x4a",
- .rlen = 16,
+ .len = 16,
}, {
.key = "\x28\xdb\xc3\xbc\x49\xff\xd8\x7d"
"\xcf\xa5\x09\xb1\x1d\x42\x2b\xe7",
.klen = 16,
- .input = "\xb4\x1e\x6b\xe2\xeb\xa8\x4a\x14"
+ .ptext = "\xb4\x1e\x6b\xe2\xeb\xa8\x4a\x14"
"\x8e\x2e\xed\x84\x59\x3c\x5e\xc7",
- .ilen = 16,
- .result = "\x9b\x9b\x7b\xfc\xd1\x81\x3c\xb9"
- "\x5d\x0b\x36\x18\xf4\x0f\x51\x22",
- .rlen = 16,
- }
-};
-
-static const struct cipher_testvec seed_dec_tv_template[] = {
- {
- .key = zeroed_string,
- .klen = 16,
- .input = "\x5e\xba\xc6\xe0\x05\x4e\x16\x68"
- "\x19\xaf\xf1\xcc\x6d\x34\x6c\xdb",
- .ilen = 16,
- .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .rlen = 16,
- }, {
- .key = "\x00\x01\x02\x03\x04\x05\x06\x07"
- "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .klen = 16,
- .input = "\xc1\x1f\x22\xf2\x01\x40\x50\x50"
- "\x84\x48\x35\x97\xe4\x37\x0f\x43",
- .ilen = 16,
- .result = zeroed_string,
- .rlen = 16,
- }, {
- .key = "\x47\x06\x48\x08\x51\xe6\x1b\xe8"
- "\x5d\x74\xbf\xb3\xfd\x95\x61\x85",
- .klen = 16,
- .input = "\xee\x54\xd1\x3e\xbc\xae\x70\x6d"
- "\x22\x6b\xc3\x14\x2c\xd4\x0d\x4a",
- .ilen = 16,
- .result = "\x83\xa2\xf8\xa2\x88\x64\x1f\xb9"
- "\xa4\xe9\xa5\xcc\x2f\x13\x1c\x7d",
- .rlen = 16,
- }, {
- .key = "\x28\xdb\xc3\xbc\x49\xff\xd8\x7d"
- "\xcf\xa5\x09\xb1\x1d\x42\x2b\xe7",
- .klen = 16,
- .input = "\x9b\x9b\x7b\xfc\xd1\x81\x3c\xb9"
+ .ctext = "\x9b\x9b\x7b\xfc\xd1\x81\x3c\xb9"
"\x5d\x0b\x36\x18\xf4\x0f\x51\x22",
- .ilen = 16,
- .result = "\xb4\x1e\x6b\xe2\xeb\xa8\x4a\x14"
- "\x8e\x2e\xed\x84\x59\x3c\x5e\xc7",
- .rlen = 16,
+ .len = 16,
}
};
-static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
+static const struct cipher_testvec salsa20_stream_tv_template[] = {
/*
* Testvectors from verified.test-vectors submitted to ECRYPT.
* They are truncated to size 39, 64, 111, 129 to test a variety
@@ -33879,24 +29692,23 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
.klen = 16,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 39,
- .result = "\x2D\xD5\xC3\xF7\xBA\x2B\x20\xF7"
+ .ctext = "\x2D\xD5\xC3\xF7\xBA\x2B\x20\xF7"
"\x68\x02\x41\x0C\x68\x86\x88\x89"
"\x5A\xD8\xC1\xBD\x4E\xA6\xC9\xB1"
"\x40\xFB\x9B\x90\xE2\x10\x49\xBF"
"\x58\x3F\x52\x79\x70\xEB\xC1",
- .rlen = 39,
+ .len = 39,
}, { /* Set 5, vector 0 */
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 16,
.iv = "\x80\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -33904,8 +29716,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 64,
- .result = "\xB6\x6C\x1E\x44\x46\xDD\x95\x57"
+ .ctext = "\xB6\x6C\x1E\x44\x46\xDD\x95\x57"
"\xE5\x78\xE2\x23\xB0\xB7\x68\x01"
"\x7B\x23\xB2\x67\xBB\x02\x34\xAE"
"\x46\x26\xBF\x44\x3F\x21\x97\x76"
@@ -33913,7 +29724,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\xCD\x0D\xE9\xA9\x53\x8F\x4A\x09"
"\xCA\x9A\xC0\x73\x2E\x30\xBC\xF9"
"\x8E\x4F\x13\xE4\xB9\xE2\x01\xD9",
- .rlen = 64,
+ .len = 64,
}, { /* Set 3, vector 27 */
.key = "\x1B\x1C\x1D\x1E\x1F\x20\x21\x22"
"\x23\x24\x25\x26\x27\x28\x29\x2A"
@@ -33921,7 +29732,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x33\x34\x35\x36\x37\x38\x39\x3A",
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -33935,8 +29746,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 111,
- .result = "\xAE\x39\x50\x8E\xAC\x9A\xEC\xE7"
+ .ctext = "\xAE\x39\x50\x8E\xAC\x9A\xEC\xE7"
"\xBF\x97\xBB\x20\xB9\xDE\xE4\x1F"
"\x87\xD9\x47\xF8\x28\x91\x35\x98"
"\xDB\x72\xCC\x23\x29\x48\x56\x5E"
@@ -33950,7 +29760,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\xB1\x41\x3F\x19\x2F\xC4\x3B\xC6"
"\x95\x46\x45\x54\xE9\x75\x03\x08"
"\x44\xAF\xE5\x8A\x81\x12\x09",
- .rlen = 111,
+ .len = 111,
}, { /* Set 5, vector 27 */
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -33958,7 +29768,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x00\x00\x00\x00\x00\x00\x00\x00",
.klen = 32,
.iv = "\x00\x00\x00\x10\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -33975,8 +29785,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00",
- .ilen = 129,
- .result = "\xD2\xDB\x1A\x5C\xF1\xC1\xAC\xDB"
+ .ctext = "\xD2\xDB\x1A\x5C\xF1\xC1\xAC\xDB"
"\xE8\x1A\x7A\x43\x40\xEF\x53\x43"
"\x5E\x7F\x4B\x1A\x50\x52\x3F\x8D"
"\x28\x3D\xCF\x85\x1D\x69\x6E\x60"
@@ -33993,7 +29802,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x2E\x40\x48\x75\xE9\xE2\x21\x45"
"\x0B\xC9\xB6\xB5\x66\xBC\x9A\x59"
"\x5A",
- .rlen = 129,
+ .len = 129,
}, { /* large test vector generated using Crypto++ */
.key = "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
@@ -34002,7 +29811,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input =
+ .ptext =
"\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17"
@@ -34516,8 +30325,7 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\x10\x2f\x4e\x6d\x8c\xab\xca\xe9"
"\x08\x27\x46\x65\x84\xa3\xc2\xe1"
"\x00\x21\x42\x63",
- .ilen = 4100,
- .result =
+ .ctext =
"\xb5\x81\xf5\x64\x18\x73\xe3\xf0"
"\x4c\x13\xf2\x77\x18\x60\x65\x5e"
"\x29\x01\xce\x98\x55\x53\xf9\x0c"
@@ -35031,13 +30839,13 @@ static const struct cipher_testvec salsa20_stream_enc_tv_template[] = {
"\xfc\x3f\x09\x7a\x0b\xdc\xc5\x1b"
"\x87\x13\xc6\x5b\x59\x8d\xf2\xc8"
"\xaf\xdf\x11\x95",
- .rlen = 4100,
+ .len = 4100,
.np = 2,
.tap = { 4064, 36 },
},
};
-static const struct cipher_testvec chacha20_enc_tv_template[] = {
+static const struct cipher_testvec chacha20_tv_template[] = {
{ /* RFC7539 A.2. Test Vector #1 */
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -35046,7 +30854,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
.klen = 32,
.iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ .ptext = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -35054,8 +30862,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00",
- .ilen = 64,
- .result = "\x76\xb8\xe0\xad\xa0\xf1\x3d\x90"
+ .ctext = "\x76\xb8\xe0\xad\xa0\xf1\x3d\x90"
"\x40\x5d\x6a\xe5\x53\x86\xbd\x28"
"\xbd\xd2\x19\xb8\xa0\x8d\xed\x1a"
"\xa8\x36\xef\xcc\x8b\x77\x0d\xc7"
@@ -35063,7 +30870,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x77\x24\xe0\x3f\xb8\xd8\x4a\x37"
"\x6a\x43\xb8\xf4\x15\x18\xa1\x1c"
"\xc3\x87\xb6\x69\xb2\xee\x65\x86",
- .rlen = 64,
+ .len = 64,
}, { /* RFC7539 A.2. Test Vector #2 */
.key = "\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -35072,7 +30879,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
.klen = 32,
.iv = "\x01\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x41\x6e\x79\x20\x73\x75\x62\x6d"
+ .ptext = "\x41\x6e\x79\x20\x73\x75\x62\x6d"
"\x69\x73\x73\x69\x6f\x6e\x20\x74"
"\x6f\x20\x74\x68\x65\x20\x49\x45"
"\x54\x46\x20\x69\x6e\x74\x65\x6e"
@@ -35119,8 +30926,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x20\x77\x68\x69\x63\x68\x20\x61"
"\x72\x65\x20\x61\x64\x64\x72\x65"
"\x73\x73\x65\x64\x20\x74\x6f",
- .ilen = 375,
- .result = "\xa3\xfb\xf0\x7d\xf3\xfa\x2f\xde"
+ .ctext = "\xa3\xfb\xf0\x7d\xf3\xfa\x2f\xde"
"\x4f\x37\x6c\xa2\x3e\x82\x73\x70"
"\x41\x60\x5d\x9f\x4f\x4f\x57\xbd"
"\x8c\xff\x2c\x1d\x4b\x79\x55\xec"
@@ -35167,7 +30973,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x7a\xc6\x1d\xd2\x9c\x6f\x21\xba"
"\x5b\x86\x2f\x37\x30\xe3\x7c\xfd"
"\xc4\xfd\x80\x6c\x22\xf2\x21",
- .rlen = 375,
+ .len = 375,
.also_non_np = 1,
.np = 3,
.tap = { 375 - 20, 4, 16 },
@@ -35180,7 +30986,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
.klen = 32,
.iv = "\x2a\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x02",
- .input = "\x27\x54\x77\x61\x73\x20\x62\x72"
+ .ptext = "\x27\x54\x77\x61\x73\x20\x62\x72"
"\x69\x6c\x6c\x69\x67\x2c\x20\x61"
"\x6e\x64\x20\x74\x68\x65\x20\x73"
"\x6c\x69\x74\x68\x79\x20\x74\x6f"
@@ -35196,8 +31002,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x68\x65\x20\x6d\x6f\x6d\x65\x20"
"\x72\x61\x74\x68\x73\x20\x6f\x75"
"\x74\x67\x72\x61\x62\x65\x2e",
- .ilen = 127,
- .result = "\x62\xe6\x34\x7f\x95\xed\x87\xa4"
+ .ctext = "\x62\xe6\x34\x7f\x95\xed\x87\xa4"
"\x5f\xfa\xe7\x42\x6f\x27\xa1\xdf"
"\x5f\xb6\x91\x10\x04\x4c\x0d\x73"
"\x11\x8e\xff\xa9\x5b\x01\xe5\xcf"
@@ -35213,7 +31018,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x50\xd6\x15\x4b\x6d\xa7\x31\xb1"
"\x87\xb5\x8d\xfd\x72\x8a\xfa\x36"
"\x75\x7a\x79\x7a\xc1\x88\xd1",
- .rlen = 127,
+ .len = 127,
}, { /* Self-made test vector for long data */
.key = "\x1c\x92\x40\xa5\xeb\x55\xd3\x8a"
"\xf3\x33\x88\x86\x04\xf6\xb5\xf0"
@@ -35222,7 +31027,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
.klen = 32,
.iv = "\x1c\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x01",
- .input = "\x49\xee\xe0\xdc\x24\x90\x40\xcd"
+ .ptext = "\x49\xee\xe0\xdc\x24\x90\x40\xcd"
"\xc5\x40\x8f\x47\x05\xbc\xdd\x81"
"\x47\xc6\x8d\xe6\xb1\x8f\xd7\xcb"
"\x09\x0e\x6e\x22\x48\x1f\xbf\xb8"
@@ -35383,8 +31188,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x08\x7c\xbc\x66\x8a\xb0\xb6\x9f"
"\x92\xd6\x41\x7c\x5b\x2a\x00\x79"
"\x72",
- .ilen = 1281,
- .result = "\x45\xe8\xe0\xb6\x9c\xca\xfd\x87"
+ .ctext = "\x45\xe8\xe0\xb6\x9c\xca\xfd\x87"
"\xe8\x1d\x37\x96\x8a\xe3\x40\x35"
"\xcf\x5e\x3a\x46\x3d\xfb\xd0\x69"
"\xde\xaf\x7a\xd5\x0d\xe9\x52\xec"
@@ -35545,7 +31349,7 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
"\x23\x45\x89\x42\xa0\x30\xeb\xbf"
"\xa1\xed\xad\xd5\x76\xfa\x24\x8f"
"\x98",
- .rlen = 1281,
+ .len = 1281,
.also_non_np = 1,
.np = 3,
.tap = { 1200, 1, 80 },
@@ -35555,30 +31359,28 @@ static const struct cipher_testvec chacha20_enc_tv_template[] = {
/*
* CTS (Cipher Text Stealing) mode tests
*/
-static const struct cipher_testvec cts_mode_enc_tv_template[] = {
+static const struct cipher_testvec cts_mode_tv_template[] = {
{ /* from rfc3962 */
.klen = 16,
.key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
"\x74\x65\x72\x69\x79\x61\x6b\x69",
- .ilen = 17,
- .input = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
+ .ptext = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
"\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20",
- .rlen = 17,
- .result = "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4"
+ .len = 17,
+ .ctext = "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4"
"\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
"\x97",
}, {
.klen = 16,
.key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
"\x74\x65\x72\x69\x79\x61\x6b\x69",
- .ilen = 31,
- .input = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
+ .ptext = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
"\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c"
"\x20\x47\x61\x75\x27\x73\x20",
- .rlen = 31,
- .result = "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1"
+ .len = 31,
+ .ctext = "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1"
"\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0"
"\xc0\x7b\x25\xe2\x5e\xcf\xe5",
@@ -35586,13 +31388,12 @@ static const struct cipher_testvec cts_mode_enc_tv_template[] = {
.klen = 16,
.key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
"\x74\x65\x72\x69\x79\x61\x6b\x69",
- .ilen = 32,
- .input = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
+ .ptext = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
"\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c"
"\x20\x47\x61\x75\x27\x73\x20\x43",
- .rlen = 32,
- .result = "\x39\x31\x25\x23\xa7\x86\x62\xd5"
+ .len = 32,
+ .ctext = "\x39\x31\x25\x23\xa7\x86\x62\xd5"
"\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0"
"\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
@@ -35600,15 +31401,14 @@ static const struct cipher_testvec cts_mode_enc_tv_template[] = {
.klen = 16,
.key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
"\x74\x65\x72\x69\x79\x61\x6b\x69",
- .ilen = 47,
- .input = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
+ .ptext = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
"\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c"
"\x20\x47\x61\x75\x27\x73\x20\x43"
"\x68\x69\x63\x6b\x65\x6e\x2c\x20"
"\x70\x6c\x65\x61\x73\x65\x2c",
- .rlen = 47,
- .result = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
+ .len = 47,
+ .ctext = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
"\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\xb3\xff\xfd\x94\x0c\x16\xa1\x8c"
"\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
@@ -35618,15 +31418,14 @@ static const struct cipher_testvec cts_mode_enc_tv_template[] = {
.klen = 16,
.key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
"\x74\x65\x72\x69\x79\x61\x6b\x69",
- .ilen = 48,
- .input = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
+ .ptext = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
"\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c"
"\x20\x47\x61\x75\x27\x73\x20\x43"
"\x68\x69\x63\x6b\x65\x6e\x2c\x20"
"\x70\x6c\x65\x61\x73\x65\x2c\x20",
- .rlen = 48,
- .result = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
+ .len = 48,
+ .ctext = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
"\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0"
"\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
@@ -35636,8 +31435,7 @@ static const struct cipher_testvec cts_mode_enc_tv_template[] = {
.klen = 16,
.key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
"\x74\x65\x72\x69\x79\x61\x6b\x69",
- .ilen = 64,
- .input = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
+ .ptext = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
"\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c"
"\x20\x47\x61\x75\x27\x73\x20\x43"
@@ -35645,110 +31443,8 @@ static const struct cipher_testvec cts_mode_enc_tv_template[] = {
"\x70\x6c\x65\x61\x73\x65\x2c\x20"
"\x61\x6e\x64\x20\x77\x6f\x6e\x74"
"\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
- .rlen = 64,
- .result = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
- "\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
- "\x39\x31\x25\x23\xa7\x86\x62\xd5"
- "\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
- "\x48\x07\xef\xe8\x36\xee\x89\xa5"
- "\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
- "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0"
- "\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
- }
-};
-
-static const struct cipher_testvec cts_mode_dec_tv_template[] = {
- { /* from rfc3962 */
- .klen = 16,
- .key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
- "\x74\x65\x72\x69\x79\x61\x6b\x69",
- .rlen = 17,
- .result = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
- "\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20",
- .ilen = 17,
- .input = "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4"
- "\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
- "\x97",
- }, {
- .klen = 16,
- .key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
- "\x74\x65\x72\x69\x79\x61\x6b\x69",
- .rlen = 31,
- .result = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
- "\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c"
- "\x20\x47\x61\x75\x27\x73\x20",
- .ilen = 31,
- .input = "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1"
- "\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
- "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
- "\xc0\x7b\x25\xe2\x5e\xcf\xe5",
- }, {
- .klen = 16,
- .key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
- "\x74\x65\x72\x69\x79\x61\x6b\x69",
- .rlen = 32,
- .result = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
- "\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c"
- "\x20\x47\x61\x75\x27\x73\x20\x43",
- .ilen = 32,
- .input = "\x39\x31\x25\x23\xa7\x86\x62\xd5"
- "\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
- "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
- "\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
- }, {
- .klen = 16,
- .key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
- "\x74\x65\x72\x69\x79\x61\x6b\x69",
- .rlen = 47,
- .result = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
- "\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c"
- "\x20\x47\x61\x75\x27\x73\x20\x43"
- "\x68\x69\x63\x6b\x65\x6e\x2c\x20"
- "\x70\x6c\x65\x61\x73\x65\x2c",
- .ilen = 47,
- .input = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
- "\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
- "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c"
- "\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
- "\x39\x31\x25\x23\xa7\x86\x62\xd5"
- "\xbe\x7f\xcb\xcc\x98\xeb\xf5",
- }, {
- .klen = 16,
- .key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
- "\x74\x65\x72\x69\x79\x61\x6b\x69",
- .rlen = 48,
- .result = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
- "\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c"
- "\x20\x47\x61\x75\x27\x73\x20\x43"
- "\x68\x69\x63\x6b\x65\x6e\x2c\x20"
- "\x70\x6c\x65\x61\x73\x65\x2c\x20",
- .ilen = 48,
- .input = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
- "\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
- "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0"
- "\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
- "\x39\x31\x25\x23\xa7\x86\x62\xd5"
- "\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
- }, {
- .klen = 16,
- .key = "\x63\x68\x69\x63\x6b\x65\x6e\x20"
- "\x74\x65\x72\x69\x79\x61\x6b\x69",
- .rlen = 64,
- .result = "\x49\x20\x77\x6f\x75\x6c\x64\x20"
- "\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c"
- "\x20\x47\x61\x75\x27\x73\x20\x43"
- "\x68\x69\x63\x6b\x65\x6e\x2c\x20"
- "\x70\x6c\x65\x61\x73\x65\x2c\x20"
- "\x61\x6e\x64\x20\x77\x6f\x6e\x74"
- "\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
- .ilen = 64,
- .input = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
+ .len = 64,
+ .ctext = "\x97\x68\x72\x68\xd6\xec\xcc\xc0"
"\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x39\x31\x25\x23\xa7\x86\x62\xd5"
"\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
@@ -36058,6 +31754,15 @@ static const struct hash_testvec michael_mic_tv_template[] = {
*/
static const struct hash_testvec crc32_tv_template[] = {
{
+ .psize = 0,
+ .digest = "\x00\x00\x00\x00",
+ },
+ {
+ .plaintext = "abcdefg",
+ .psize = 7,
+ .digest = "\xd8\xb5\x46\xac",
+ },
+ {
.key = "\x87\xa9\xcb\xed",
.ksize = 4,
.psize = 0,
@@ -36494,6 +32199,11 @@ static const struct hash_testvec crc32c_tv_template[] = {
.digest = "\x00\x00\x00\x00",
},
{
+ .plaintext = "abcdefg",
+ .psize = 7,
+ .digest = "\x41\xf4\x27\xe6",
+ },
+ {
.key = "\x87\xa9\xcb\xed",
.ksize = 4,
.psize = 0,
@@ -36921,94 +32631,6 @@ static const struct hash_testvec crc32c_tv_template[] = {
}
};
-/*
- * Blakcifn CRC test vectors
- */
-static const struct hash_testvec bfin_crc_tv_template[] = {
- {
- .psize = 0,
- .digest = "\x00\x00\x00\x00",
- },
- {
- .key = "\x87\xa9\xcb\xed",
- .ksize = 4,
- .psize = 0,
- .digest = "\x87\xa9\xcb\xed",
- },
- {
- .key = "\xff\xff\xff\xff",
- .ksize = 4,
- .plaintext = "\x01\x02\x03\x04\x05\x06\x07\x08"
- "\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10"
- "\x11\x12\x13\x14\x15\x16\x17\x18"
- "\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20"
- "\x21\x22\x23\x24\x25\x26\x27\x28",
- .psize = 40,
- .digest = "\x84\x0c\x8d\xa2",
- },
- {
- .key = "\xff\xff\xff\xff",
- .ksize = 4,
- .plaintext = "\x01\x02\x03\x04\x05\x06\x07\x08"
- "\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10"
- "\x11\x12\x13\x14\x15\x16\x17\x18"
- "\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20"
- "\x21\x22\x23\x24\x25\x26",
- .psize = 38,
- .digest = "\x8c\x58\xec\xb7",
- },
- {
- .key = "\xff\xff\xff\xff",
- .ksize = 4,
- .plaintext = "\x01\x02\x03\x04\x05\x06\x07\x08"
- "\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10"
- "\x11\x12\x13\x14\x15\x16\x17\x18"
- "\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20"
- "\x21\x22\x23\x24\x25\x26\x27",
- .psize = 39,
- .digest = "\xdc\x50\x28\x7b",
- },
- {
- .key = "\xff\xff\xff\xff",
- .ksize = 4,
- .plaintext = "\x01\x02\x03\x04\x05\x06\x07\x08"
- "\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10"
- "\x11\x12\x13\x14\x15\x16\x17\x18"
- "\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20"
- "\x21\x22\x23\x24\x25\x26\x27\x28"
- "\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30"
- "\x31\x32\x33\x34\x35\x36\x37\x38"
- "\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40"
- "\x41\x42\x43\x44\x45\x46\x47\x48"
- "\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50"
- "\x51\x52\x53\x54\x55\x56\x57\x58"
- "\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60"
- "\x61\x62\x63\x64\x65\x66\x67\x68"
- "\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70"
- "\x71\x72\x73\x74\x75\x76\x77\x78"
- "\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80"
- "\x81\x82\x83\x84\x85\x86\x87\x88"
- "\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90"
- "\x91\x92\x93\x94\x95\x96\x97\x98"
- "\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0"
- "\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8"
- "\xa9\xaa\xab\xac\xad\xae\xaf\xb0"
- "\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8"
- "\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0"
- "\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8"
- "\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0"
- "\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8"
- "\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0"
- "\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8"
- "\xe9\xea\xeb\xec\xed\xee\xef\xf0",
- .psize = 240,
- .digest = "\x10\x19\x4a\x5c",
- .np = 2,
- .tap = { 31, 209 }
- },
-
-};
-
static const struct comp_testvec lz4_comp_tv_template[] = {
{
.inlen = 255,
@@ -37131,4 +32753,75 @@ static const struct comp_testvec lz4hc_decomp_tv_template[] = {
},
};
+static const struct comp_testvec zstd_comp_tv_template[] = {
+ {
+ .inlen = 68,
+ .outlen = 39,
+ .input = "The algorithm is zstd. "
+ "The algorithm is zstd. "
+ "The algorithm is zstd.",
+ .output = "\x28\xb5\x2f\xfd\x00\x50\xf5\x00\x00\xb8\x54\x68\x65"
+ "\x20\x61\x6c\x67\x6f\x72\x69\x74\x68\x6d\x20\x69\x73"
+ "\x20\x7a\x73\x74\x64\x2e\x20\x01\x00\x55\x73\x36\x01"
+ ,
+ },
+ {
+ .inlen = 244,
+ .outlen = 151,
+ .input = "zstd, short for Zstandard, is a fast lossless "
+ "compression algorithm, targeting real-time "
+ "compression scenarios at zlib-level and better "
+ "compression ratios. The zstd compression library "
+ "provides in-memory compression and decompression "
+ "functions.",
+ .output = "\x28\xb5\x2f\xfd\x00\x50\x75\x04\x00\x42\x4b\x1e\x17"
+ "\x90\x81\x31\x00\xf2\x2f\xe4\x36\xc9\xef\x92\x88\x32"
+ "\xc9\xf2\x24\x94\xd8\x68\x9a\x0f\x00\x0c\xc4\x31\x6f"
+ "\x0d\x0c\x38\xac\x5c\x48\x03\xcd\x63\x67\xc0\xf3\xad"
+ "\x4e\x90\xaa\x78\xa0\xa4\xc5\x99\xda\x2f\xb6\x24\x60"
+ "\xe2\x79\x4b\xaa\xb6\x6b\x85\x0b\xc9\xc6\x04\x66\x86"
+ "\xe2\xcc\xe2\x25\x3f\x4f\x09\xcd\xb8\x9d\xdb\xc1\x90"
+ "\xa9\x11\xbc\x35\x44\x69\x2d\x9c\x64\x4f\x13\x31\x64"
+ "\xcc\xfb\x4d\x95\x93\x86\x7f\x33\x7f\x1a\xef\xe9\x30"
+ "\xf9\x67\xa1\x94\x0a\x69\x0f\x60\xcd\xc3\xab\x99\xdc"
+ "\x42\xed\x97\x05\x00\x33\xc3\x15\x95\x3a\x06\xa0\x0e"
+ "\x20\xa9\x0e\x82\xb9\x43\x45\x01",
+ },
+};
+
+static const struct comp_testvec zstd_decomp_tv_template[] = {
+ {
+ .inlen = 43,
+ .outlen = 68,
+ .input = "\x28\xb5\x2f\xfd\x04\x50\xf5\x00\x00\xb8\x54\x68\x65"
+ "\x20\x61\x6c\x67\x6f\x72\x69\x74\x68\x6d\x20\x69\x73"
+ "\x20\x7a\x73\x74\x64\x2e\x20\x01\x00\x55\x73\x36\x01"
+ "\x6b\xf4\x13\x35",
+ .output = "The algorithm is zstd. "
+ "The algorithm is zstd. "
+ "The algorithm is zstd.",
+ },
+ {
+ .inlen = 155,
+ .outlen = 244,
+ .input = "\x28\xb5\x2f\xfd\x04\x50\x75\x04\x00\x42\x4b\x1e\x17"
+ "\x90\x81\x31\x00\xf2\x2f\xe4\x36\xc9\xef\x92\x88\x32"
+ "\xc9\xf2\x24\x94\xd8\x68\x9a\x0f\x00\x0c\xc4\x31\x6f"
+ "\x0d\x0c\x38\xac\x5c\x48\x03\xcd\x63\x67\xc0\xf3\xad"
+ "\x4e\x90\xaa\x78\xa0\xa4\xc5\x99\xda\x2f\xb6\x24\x60"
+ "\xe2\x79\x4b\xaa\xb6\x6b\x85\x0b\xc9\xc6\x04\x66\x86"
+ "\xe2\xcc\xe2\x25\x3f\x4f\x09\xcd\xb8\x9d\xdb\xc1\x90"
+ "\xa9\x11\xbc\x35\x44\x69\x2d\x9c\x64\x4f\x13\x31\x64"
+ "\xcc\xfb\x4d\x95\x93\x86\x7f\x33\x7f\x1a\xef\xe9\x30"
+ "\xf9\x67\xa1\x94\x0a\x69\x0f\x60\xcd\xc3\xab\x99\xdc"
+ "\x42\xed\x97\x05\x00\x33\xc3\x15\x95\x3a\x06\xa0\x0e"
+ "\x20\xa9\x0e\x82\xb9\x43\x45\x01\xaa\x6d\xda\x0d",
+ .output = "zstd, short for Zstandard, is a fast lossless "
+ "compression algorithm, targeting real-time "
+ "compression scenarios at zlib-level and better "
+ "compression ratios. The zstd compression library "
+ "provides in-memory compression and decompression "
+ "functions.",
+ },
+};
#endif /* _CRYPTO_TESTMGR_H */
diff --git a/crypto/zstd.c b/crypto/zstd.c
new file mode 100644
index 000000000000..9a76b3ed8b8b
--- /dev/null
+++ b/crypto/zstd.c
@@ -0,0 +1,265 @@
+/*
+ * Cryptographic API.
+ *
+ * Copyright (c) 2017-present, Facebook, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published by
+ * the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ */
+#include <linux/crypto.h>
+#include <linux/init.h>
+#include <linux/interrupt.h>
+#include <linux/mm.h>
+#include <linux/module.h>
+#include <linux/net.h>
+#include <linux/vmalloc.h>
+#include <linux/zstd.h>
+#include <crypto/internal/scompress.h>
+
+
+#define ZSTD_DEF_LEVEL 3
+
+struct zstd_ctx {
+ ZSTD_CCtx *cctx;
+ ZSTD_DCtx *dctx;
+ void *cwksp;
+ void *dwksp;
+};
+
+static ZSTD_parameters zstd_params(void)
+{
+ return ZSTD_getParams(ZSTD_DEF_LEVEL, 0, 0);
+}
+
+static int zstd_comp_init(struct zstd_ctx *ctx)
+{
+ int ret = 0;
+ const ZSTD_parameters params = zstd_params();
+ const size_t wksp_size = ZSTD_CCtxWorkspaceBound(params.cParams);
+
+ ctx->cwksp = vzalloc(wksp_size);
+ if (!ctx->cwksp) {
+ ret = -ENOMEM;
+ goto out;
+ }
+
+ ctx->cctx = ZSTD_initCCtx(ctx->cwksp, wksp_size);
+ if (!ctx->cctx) {
+ ret = -EINVAL;
+ goto out_free;
+ }
+out:
+ return ret;
+out_free:
+ vfree(ctx->cwksp);
+ goto out;
+}
+
+static int zstd_decomp_init(struct zstd_ctx *ctx)
+{
+ int ret = 0;
+ const size_t wksp_size = ZSTD_DCtxWorkspaceBound();
+
+ ctx->dwksp = vzalloc(wksp_size);
+ if (!ctx->dwksp) {
+ ret = -ENOMEM;
+ goto out;
+ }
+
+ ctx->dctx = ZSTD_initDCtx(ctx->dwksp, wksp_size);
+ if (!ctx->dctx) {
+ ret = -EINVAL;
+ goto out_free;
+ }
+out:
+ return ret;
+out_free:
+ vfree(ctx->dwksp);
+ goto out;
+}
+
+static void zstd_comp_exit(struct zstd_ctx *ctx)
+{
+ vfree(ctx->cwksp);
+ ctx->cwksp = NULL;
+ ctx->cctx = NULL;
+}
+
+static void zstd_decomp_exit(struct zstd_ctx *ctx)
+{
+ vfree(ctx->dwksp);
+ ctx->dwksp = NULL;
+ ctx->dctx = NULL;
+}
+
+static int __zstd_init(void *ctx)
+{
+ int ret;
+
+ ret = zstd_comp_init(ctx);
+ if (ret)
+ return ret;
+ ret = zstd_decomp_init(ctx);
+ if (ret)
+ zstd_comp_exit(ctx);
+ return ret;
+}
+
+static void *zstd_alloc_ctx(struct crypto_scomp *tfm)
+{
+ int ret;
+ struct zstd_ctx *ctx;
+
+ ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
+ if (!ctx)
+ return ERR_PTR(-ENOMEM);
+
+ ret = __zstd_init(ctx);
+ if (ret) {
+ kfree(ctx);
+ return ERR_PTR(ret);
+ }
+
+ return ctx;
+}
+
+static int zstd_init(struct crypto_tfm *tfm)
+{
+ struct zstd_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ return __zstd_init(ctx);
+}
+
+static void __zstd_exit(void *ctx)
+{
+ zstd_comp_exit(ctx);
+ zstd_decomp_exit(ctx);
+}
+
+static void zstd_free_ctx(struct crypto_scomp *tfm, void *ctx)
+{
+ __zstd_exit(ctx);
+ kzfree(ctx);
+}
+
+static void zstd_exit(struct crypto_tfm *tfm)
+{
+ struct zstd_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ __zstd_exit(ctx);
+}
+
+static int __zstd_compress(const u8 *src, unsigned int slen,
+ u8 *dst, unsigned int *dlen, void *ctx)
+{
+ size_t out_len;
+ struct zstd_ctx *zctx = ctx;
+ const ZSTD_parameters params = zstd_params();
+
+ out_len = ZSTD_compressCCtx(zctx->cctx, dst, *dlen, src, slen, params);
+ if (ZSTD_isError(out_len))
+ return -EINVAL;
+ *dlen = out_len;
+ return 0;
+}
+
+static int zstd_compress(struct crypto_tfm *tfm, const u8 *src,
+ unsigned int slen, u8 *dst, unsigned int *dlen)
+{
+ struct zstd_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ return __zstd_compress(src, slen, dst, dlen, ctx);
+}
+
+static int zstd_scompress(struct crypto_scomp *tfm, const u8 *src,
+ unsigned int slen, u8 *dst, unsigned int *dlen,
+ void *ctx)
+{
+ return __zstd_compress(src, slen, dst, dlen, ctx);
+}
+
+static int __zstd_decompress(const u8 *src, unsigned int slen,
+ u8 *dst, unsigned int *dlen, void *ctx)
+{
+ size_t out_len;
+ struct zstd_ctx *zctx = ctx;
+
+ out_len = ZSTD_decompressDCtx(zctx->dctx, dst, *dlen, src, slen);
+ if (ZSTD_isError(out_len))
+ return -EINVAL;
+ *dlen = out_len;
+ return 0;
+}
+
+static int zstd_decompress(struct crypto_tfm *tfm, const u8 *src,
+ unsigned int slen, u8 *dst, unsigned int *dlen)
+{
+ struct zstd_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ return __zstd_decompress(src, slen, dst, dlen, ctx);
+}
+
+static int zstd_sdecompress(struct crypto_scomp *tfm, const u8 *src,
+ unsigned int slen, u8 *dst, unsigned int *dlen,
+ void *ctx)
+{
+ return __zstd_decompress(src, slen, dst, dlen, ctx);
+}
+
+static struct crypto_alg alg = {
+ .cra_name = "zstd",
+ .cra_flags = CRYPTO_ALG_TYPE_COMPRESS,
+ .cra_ctxsize = sizeof(struct zstd_ctx),
+ .cra_module = THIS_MODULE,
+ .cra_init = zstd_init,
+ .cra_exit = zstd_exit,
+ .cra_u = { .compress = {
+ .coa_compress = zstd_compress,
+ .coa_decompress = zstd_decompress } }
+};
+
+static struct scomp_alg scomp = {
+ .alloc_ctx = zstd_alloc_ctx,
+ .free_ctx = zstd_free_ctx,
+ .compress = zstd_scompress,
+ .decompress = zstd_sdecompress,
+ .base = {
+ .cra_name = "zstd",
+ .cra_driver_name = "zstd-scomp",
+ .cra_module = THIS_MODULE,
+ }
+};
+
+static int __init zstd_mod_init(void)
+{
+ int ret;
+
+ ret = crypto_register_alg(&alg);
+ if (ret)
+ return ret;
+
+ ret = crypto_register_scomp(&scomp);
+ if (ret)
+ crypto_unregister_alg(&alg);
+
+ return ret;
+}
+
+static void __exit zstd_mod_fini(void)
+{
+ crypto_unregister_alg(&alg);
+ crypto_unregister_scomp(&scomp);
+}
+
+module_init(zstd_mod_init);
+module_exit(zstd_mod_fini);
+
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("Zstd Compression Algorithm");
+MODULE_ALIAS_CRYPTO("zstd");
diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
index d53541e96bee..c34b257d852d 100644
--- a/drivers/char/hw_random/Kconfig
+++ b/drivers/char/hw_random/Kconfig
@@ -347,6 +347,7 @@ config HW_RANDOM_STM32
tristate "STMicroelectronics STM32 random number generator"
depends on HW_RANDOM && (ARCH_STM32 || COMPILE_TEST)
depends on HAS_IOMEM
+ default HW_RANDOM
help
This driver provides kernel-side support for the Random Number
Generator hardware found on STM32 microcontrollers.
diff --git a/drivers/char/hw_random/n2-drv.c b/drivers/char/hw_random/n2-drv.c
index 92dd4e925315..f8411515fe1c 100644
--- a/drivers/char/hw_random/n2-drv.c
+++ b/drivers/char/hw_random/n2-drv.c
@@ -435,7 +435,7 @@ static int n2rng_data_read(struct hwrng *rng, u32 *data)
*data = np->test_data & 0xffffffff;
len = 4;
} else {
- dev_err(&np->op->dev, "RNG error, restesting\n");
+ dev_err(&np->op->dev, "RNG error, retesting\n");
np->flags &= ~N2RNG_FLAG_READY;
if (!(np->flags & N2RNG_FLAG_SHUTDOWN))
schedule_delayed_work(&np->work, 0);
diff --git a/drivers/char/hw_random/stm32-rng.c b/drivers/char/hw_random/stm32-rng.c
index 0d2328da3b76..042860d97b15 100644
--- a/drivers/char/hw_random/stm32-rng.c
+++ b/drivers/char/hw_random/stm32-rng.c
@@ -187,8 +187,13 @@ static int stm32_rng_runtime_resume(struct device *dev)
}
#endif
-static UNIVERSAL_DEV_PM_OPS(stm32_rng_pm_ops, stm32_rng_runtime_suspend,
- stm32_rng_runtime_resume, NULL);
+static const struct dev_pm_ops stm32_rng_pm_ops = {
+ SET_RUNTIME_PM_OPS(stm32_rng_runtime_suspend,
+ stm32_rng_runtime_resume, NULL)
+ SET_SYSTEM_SLEEP_PM_OPS(pm_runtime_force_suspend,
+ pm_runtime_force_resume)
+};
+
static const struct of_device_id stm32_rng_match[] = {
{
diff --git a/drivers/char/hw_random/via-rng.c b/drivers/char/hw_random/via-rng.c
index 6e9df558325b..ffe9b0c6c647 100644
--- a/drivers/char/hw_random/via-rng.c
+++ b/drivers/char/hw_random/via-rng.c
@@ -135,7 +135,7 @@ static int via_rng_init(struct hwrng *rng)
* is always enabled if CPUID rng_en is set. There is no
* RNG configuration like it used to be the case in this
* register */
- if ((c->x86 == 6) && (c->x86_model >= 0x0f)) {
+ if (((c->x86 == 6) && (c->x86_model >= 0x0f)) || (c->x86 > 6)){
if (!boot_cpu_has(X86_FEATURE_XSTORE_EN)) {
pr_err(PFX "can't enable hardware RNG "
"if XSTORE is not enabled\n");
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index d1ea1a07cecb..43cccf6aff61 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -302,6 +302,7 @@ config CRYPTO_DEV_PPC4XX
select CRYPTO_AEAD
select CRYPTO_AES
select CRYPTO_CCM
+ select CRYPTO_CTR
select CRYPTO_GCM
select CRYPTO_BLKCIPHER
help
@@ -419,7 +420,7 @@ config CRYPTO_DEV_EXYNOS_RNG
config CRYPTO_DEV_S5P
tristate "Support for Samsung S5PV210/Exynos crypto accelerator"
depends on ARCH_S5PV210 || ARCH_EXYNOS || COMPILE_TEST
- depends on HAS_IOMEM && HAS_DMA
+ depends on HAS_IOMEM
select CRYPTO_AES
select CRYPTO_BLKCIPHER
help
@@ -466,7 +467,6 @@ endif # if CRYPTO_DEV_UX500
config CRYPTO_DEV_ATMEL_AUTHENC
tristate "Support for Atmel IPSEC/SSL hw accelerator"
- depends on HAS_DMA
depends on ARCH_AT91 || COMPILE_TEST
select CRYPTO_AUTHENC
select CRYPTO_DEV_ATMEL_AES
@@ -479,7 +479,6 @@ config CRYPTO_DEV_ATMEL_AUTHENC
config CRYPTO_DEV_ATMEL_AES
tristate "Support for Atmel AES hw accelerator"
- depends on HAS_DMA
depends on ARCH_AT91 || COMPILE_TEST
select CRYPTO_AES
select CRYPTO_AEAD
@@ -494,7 +493,6 @@ config CRYPTO_DEV_ATMEL_AES
config CRYPTO_DEV_ATMEL_TDES
tristate "Support for Atmel DES/TDES hw accelerator"
- depends on HAS_DMA
depends on ARCH_AT91 || COMPILE_TEST
select CRYPTO_DES
select CRYPTO_BLKCIPHER
@@ -508,7 +506,6 @@ config CRYPTO_DEV_ATMEL_TDES
config CRYPTO_DEV_ATMEL_SHA
tristate "Support for Atmel SHA hw accelerator"
- depends on HAS_DMA
depends on ARCH_AT91 || COMPILE_TEST
select CRYPTO_HASH
help
@@ -574,7 +571,8 @@ config CRYPTO_DEV_CAVIUM_ZIP
config CRYPTO_DEV_QCE
tristate "Qualcomm crypto engine accelerator"
- depends on (ARCH_QCOM || COMPILE_TEST) && HAS_DMA && HAS_IOMEM
+ depends on ARCH_QCOM || COMPILE_TEST
+ depends on HAS_IOMEM
select CRYPTO_AES
select CRYPTO_DES
select CRYPTO_ECB
@@ -598,7 +596,6 @@ source "drivers/crypto/vmx/Kconfig"
config CRYPTO_DEV_IMGTEC_HASH
tristate "Imagination Technologies hardware hash accelerator"
depends on MIPS || COMPILE_TEST
- depends on HAS_DMA
select CRYPTO_MD5
select CRYPTO_SHA1
select CRYPTO_SHA256
@@ -650,7 +647,6 @@ config CRYPTO_DEV_ROCKCHIP
config CRYPTO_DEV_MEDIATEK
tristate "MediaTek's EIP97 Cryptographic Engine driver"
- depends on HAS_DMA
depends on (ARM && ARCH_MEDIATEK) || COMPILE_TEST
select CRYPTO_AES
select CRYPTO_AEAD
@@ -688,9 +684,10 @@ source "drivers/crypto/stm32/Kconfig"
config CRYPTO_DEV_SAFEXCEL
tristate "Inside Secure's SafeXcel cryptographic engine driver"
- depends on HAS_DMA && OF
+ depends on OF
depends on (ARM64 && ARCH_MVEBU) || (COMPILE_TEST && 64BIT)
select CRYPTO_AES
+ select CRYPTO_AUTHENC
select CRYPTO_BLKCIPHER
select CRYPTO_HASH
select CRYPTO_HMAC
@@ -706,7 +703,6 @@ config CRYPTO_DEV_SAFEXCEL
config CRYPTO_DEV_ARTPEC6
tristate "Support for Axis ARTPEC-6/7 hardware crypto acceleration."
depends on ARM && (ARCH_ARTPEC || COMPILE_TEST)
- depends on HAS_DMA
depends on OF
select CRYPTO_AEAD
select CRYPTO_AES
diff --git a/drivers/crypto/amcc/crypto4xx_alg.c b/drivers/crypto/amcc/crypto4xx_alg.c
index ea83d0bff0e9..f5c07498ea4f 100644
--- a/drivers/crypto/amcc/crypto4xx_alg.c
+++ b/drivers/crypto/amcc/crypto4xx_alg.c
@@ -31,6 +31,7 @@
#include <crypto/gcm.h>
#include <crypto/sha.h>
#include <crypto/ctr.h>
+#include <crypto/skcipher.h>
#include "crypto4xx_reg_def.h"
#include "crypto4xx_core.h"
#include "crypto4xx_sa.h"
@@ -74,51 +75,57 @@ static void set_dynamic_sa_command_1(struct dynamic_sa_ctl *sa, u32 cm,
sa->sa_command_1.bf.copy_hdr = cp_hdr;
}
-int crypto4xx_encrypt(struct ablkcipher_request *req)
+static inline int crypto4xx_crypt(struct skcipher_request *req,
+ const unsigned int ivlen, bool decrypt)
{
- struct crypto4xx_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
- unsigned int ivlen = crypto_ablkcipher_ivsize(
- crypto_ablkcipher_reqtfm(req));
- __le32 iv[ivlen];
+ struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req);
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher);
+ __le32 iv[AES_IV_SIZE];
if (ivlen)
- crypto4xx_memcpy_to_le32(iv, req->info, ivlen);
+ crypto4xx_memcpy_to_le32(iv, req->iv, ivlen);
return crypto4xx_build_pd(&req->base, ctx, req->src, req->dst,
- req->nbytes, iv, ivlen, ctx->sa_out, ctx->sa_len, 0);
+ req->cryptlen, iv, ivlen, decrypt ? ctx->sa_in : ctx->sa_out,
+ ctx->sa_len, 0, NULL);
}
-int crypto4xx_decrypt(struct ablkcipher_request *req)
+int crypto4xx_encrypt_noiv(struct skcipher_request *req)
{
- struct crypto4xx_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
- unsigned int ivlen = crypto_ablkcipher_ivsize(
- crypto_ablkcipher_reqtfm(req));
- __le32 iv[ivlen];
+ return crypto4xx_crypt(req, 0, false);
+}
- if (ivlen)
- crypto4xx_memcpy_to_le32(iv, req->info, ivlen);
+int crypto4xx_encrypt_iv(struct skcipher_request *req)
+{
+ return crypto4xx_crypt(req, AES_IV_SIZE, false);
+}
- return crypto4xx_build_pd(&req->base, ctx, req->src, req->dst,
- req->nbytes, iv, ivlen, ctx->sa_in, ctx->sa_len, 0);
+int crypto4xx_decrypt_noiv(struct skcipher_request *req)
+{
+ return crypto4xx_crypt(req, 0, true);
+}
+
+int crypto4xx_decrypt_iv(struct skcipher_request *req)
+{
+ return crypto4xx_crypt(req, AES_IV_SIZE, true);
}
/**
* AES Functions
*/
-static int crypto4xx_setkey_aes(struct crypto_ablkcipher *cipher,
+static int crypto4xx_setkey_aes(struct crypto_skcipher *cipher,
const u8 *key,
unsigned int keylen,
unsigned char cm,
u8 fb)
{
- struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
- struct crypto4xx_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher);
struct dynamic_sa_ctl *sa;
int rc;
if (keylen != AES_KEYSIZE_256 &&
keylen != AES_KEYSIZE_192 && keylen != AES_KEYSIZE_128) {
- crypto_ablkcipher_set_flags(cipher,
+ crypto_skcipher_set_flags(cipher,
CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
@@ -134,7 +141,8 @@ static int crypto4xx_setkey_aes(struct crypto_ablkcipher *cipher,
/* Setup SA */
sa = ctx->sa_in;
- set_dynamic_sa_command_0(sa, SA_NOT_SAVE_HASH, SA_NOT_SAVE_IV,
+ set_dynamic_sa_command_0(sa, SA_NOT_SAVE_HASH, (cm == CRYPTO_MODE_CBC ?
+ SA_SAVE_IV : SA_NOT_SAVE_IV),
SA_LOAD_HASH_FROM_SA, SA_LOAD_IV_FROM_STATE,
SA_NO_HEADER_PROC, SA_HASH_ALG_NULL,
SA_CIPHER_ALG_AES, SA_PAD_TYPE_ZERO,
@@ -158,39 +166,38 @@ static int crypto4xx_setkey_aes(struct crypto_ablkcipher *cipher,
return 0;
}
-int crypto4xx_setkey_aes_cbc(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_aes_cbc(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen)
{
return crypto4xx_setkey_aes(cipher, key, keylen, CRYPTO_MODE_CBC,
CRYPTO_FEEDBACK_MODE_NO_FB);
}
-int crypto4xx_setkey_aes_cfb(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_aes_cfb(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen)
{
return crypto4xx_setkey_aes(cipher, key, keylen, CRYPTO_MODE_CFB,
CRYPTO_FEEDBACK_MODE_128BIT_CFB);
}
-int crypto4xx_setkey_aes_ecb(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_aes_ecb(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen)
{
return crypto4xx_setkey_aes(cipher, key, keylen, CRYPTO_MODE_ECB,
CRYPTO_FEEDBACK_MODE_NO_FB);
}
-int crypto4xx_setkey_aes_ofb(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_aes_ofb(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen)
{
return crypto4xx_setkey_aes(cipher, key, keylen, CRYPTO_MODE_OFB,
CRYPTO_FEEDBACK_MODE_64BIT_OFB);
}
-int crypto4xx_setkey_rfc3686(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_rfc3686(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen)
{
- struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher);
- struct crypto4xx_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher);
int rc;
rc = crypto4xx_setkey_aes(cipher, key, keylen - CTR_RFC3686_NONCE_SIZE,
@@ -204,35 +211,117 @@ int crypto4xx_setkey_rfc3686(struct crypto_ablkcipher *cipher,
return 0;
}
-int crypto4xx_rfc3686_encrypt(struct ablkcipher_request *req)
+int crypto4xx_rfc3686_encrypt(struct skcipher_request *req)
{
- struct crypto4xx_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req);
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher);
__le32 iv[AES_IV_SIZE / 4] = {
ctx->iv_nonce,
- cpu_to_le32p((u32 *) req->info),
- cpu_to_le32p((u32 *) (req->info + 4)),
+ cpu_to_le32p((u32 *) req->iv),
+ cpu_to_le32p((u32 *) (req->iv + 4)),
cpu_to_le32(1) };
return crypto4xx_build_pd(&req->base, ctx, req->src, req->dst,
- req->nbytes, iv, AES_IV_SIZE,
- ctx->sa_out, ctx->sa_len, 0);
+ req->cryptlen, iv, AES_IV_SIZE,
+ ctx->sa_out, ctx->sa_len, 0, NULL);
}
-int crypto4xx_rfc3686_decrypt(struct ablkcipher_request *req)
+int crypto4xx_rfc3686_decrypt(struct skcipher_request *req)
{
- struct crypto4xx_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req);
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher);
__le32 iv[AES_IV_SIZE / 4] = {
ctx->iv_nonce,
- cpu_to_le32p((u32 *) req->info),
- cpu_to_le32p((u32 *) (req->info + 4)),
+ cpu_to_le32p((u32 *) req->iv),
+ cpu_to_le32p((u32 *) (req->iv + 4)),
cpu_to_le32(1) };
return crypto4xx_build_pd(&req->base, ctx, req->src, req->dst,
- req->nbytes, iv, AES_IV_SIZE,
- ctx->sa_out, ctx->sa_len, 0);
+ req->cryptlen, iv, AES_IV_SIZE,
+ ctx->sa_out, ctx->sa_len, 0, NULL);
+}
+
+static int
+crypto4xx_ctr_crypt(struct skcipher_request *req, bool encrypt)
+{
+ struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req);
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher);
+ size_t iv_len = crypto_skcipher_ivsize(cipher);
+ unsigned int counter = be32_to_cpup((__be32 *)(req->iv + iv_len - 4));
+ unsigned int nblks = ALIGN(req->cryptlen, AES_BLOCK_SIZE) /
+ AES_BLOCK_SIZE;
+
+ /*
+ * The hardware uses only the last 32-bits as the counter while the
+ * kernel tests (aes_ctr_enc_tv_template[4] for example) expect that
+ * the whole IV is a counter. So fallback if the counter is going to
+ * overlow.
+ */
+ if (counter + nblks < counter) {
+ struct skcipher_request *subreq = skcipher_request_ctx(req);
+ int ret;
+
+ skcipher_request_set_tfm(subreq, ctx->sw_cipher.cipher);
+ skcipher_request_set_callback(subreq, req->base.flags,
+ NULL, NULL);
+ skcipher_request_set_crypt(subreq, req->src, req->dst,
+ req->cryptlen, req->iv);
+ ret = encrypt ? crypto_skcipher_encrypt(subreq)
+ : crypto_skcipher_decrypt(subreq);
+ skcipher_request_zero(subreq);
+ return ret;
+ }
+
+ return encrypt ? crypto4xx_encrypt_iv(req)
+ : crypto4xx_decrypt_iv(req);
+}
+
+static int crypto4xx_sk_setup_fallback(struct crypto4xx_ctx *ctx,
+ struct crypto_skcipher *cipher,
+ const u8 *key,
+ unsigned int keylen)
+{
+ int rc;
+
+ crypto_skcipher_clear_flags(ctx->sw_cipher.cipher,
+ CRYPTO_TFM_REQ_MASK);
+ crypto_skcipher_set_flags(ctx->sw_cipher.cipher,
+ crypto_skcipher_get_flags(cipher) & CRYPTO_TFM_REQ_MASK);
+ rc = crypto_skcipher_setkey(ctx->sw_cipher.cipher, key, keylen);
+ crypto_skcipher_clear_flags(cipher, CRYPTO_TFM_RES_MASK);
+ crypto_skcipher_set_flags(cipher,
+ crypto_skcipher_get_flags(ctx->sw_cipher.cipher) &
+ CRYPTO_TFM_RES_MASK);
+
+ return rc;
+}
+
+int crypto4xx_setkey_aes_ctr(struct crypto_skcipher *cipher,
+ const u8 *key, unsigned int keylen)
+{
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher);
+ int rc;
+
+ rc = crypto4xx_sk_setup_fallback(ctx, cipher, key, keylen);
+ if (rc)
+ return rc;
+
+ return crypto4xx_setkey_aes(cipher, key, keylen,
+ CRYPTO_MODE_CTR, CRYPTO_FEEDBACK_MODE_NO_FB);
+}
+
+int crypto4xx_encrypt_ctr(struct skcipher_request *req)
+{
+ return crypto4xx_ctr_crypt(req, true);
+}
+
+int crypto4xx_decrypt_ctr(struct skcipher_request *req)
+{
+ return crypto4xx_ctr_crypt(req, false);
}
static inline bool crypto4xx_aead_need_fallback(struct aead_request *req,
+ unsigned int len,
bool is_ccm, bool decrypt)
{
struct crypto_aead *aead = crypto_aead_reqtfm(req);
@@ -242,14 +331,14 @@ static inline bool crypto4xx_aead_need_fallback(struct aead_request *req,
return true;
/*
- * hardware does not handle cases where cryptlen
- * is less than a block
+ * hardware does not handle cases where plaintext
+ * is less than a block.
*/
- if (req->cryptlen < AES_BLOCK_SIZE)
+ if (len < AES_BLOCK_SIZE)
return true;
- /* assoc len needs to be a multiple of 4 */
- if (req->assoclen & 0x3)
+ /* assoc len needs to be a multiple of 4 and <= 1020 */
+ if (req->assoclen & 0x3 || req->assoclen > 1020)
return true;
/* CCM supports only counter field length of 2 and 4 bytes */
@@ -262,13 +351,7 @@ static inline bool crypto4xx_aead_need_fallback(struct aead_request *req,
static int crypto4xx_aead_fallback(struct aead_request *req,
struct crypto4xx_ctx *ctx, bool do_decrypt)
{
- char aead_req_data[sizeof(struct aead_request) +
- crypto_aead_reqsize(ctx->sw_cipher.aead)]
- __aligned(__alignof__(struct aead_request));
-
- struct aead_request *subreq = (void *) aead_req_data;
-
- memset(subreq, 0, sizeof(aead_req_data));
+ struct aead_request *subreq = aead_request_ctx(req);
aead_request_set_tfm(subreq, ctx->sw_cipher.aead);
aead_request_set_callback(subreq, req->base.flags,
@@ -280,10 +363,10 @@ static int crypto4xx_aead_fallback(struct aead_request *req,
crypto_aead_encrypt(subreq);
}
-static int crypto4xx_setup_fallback(struct crypto4xx_ctx *ctx,
- struct crypto_aead *cipher,
- const u8 *key,
- unsigned int keylen)
+static int crypto4xx_aead_setup_fallback(struct crypto4xx_ctx *ctx,
+ struct crypto_aead *cipher,
+ const u8 *key,
+ unsigned int keylen)
{
int rc;
@@ -311,7 +394,7 @@ int crypto4xx_setkey_aes_ccm(struct crypto_aead *cipher, const u8 *key,
struct dynamic_sa_ctl *sa;
int rc = 0;
- rc = crypto4xx_setup_fallback(ctx, cipher, key, keylen);
+ rc = crypto4xx_aead_setup_fallback(ctx, cipher, key, keylen);
if (rc)
return rc;
@@ -366,19 +449,20 @@ int crypto4xx_setkey_aes_ccm(struct crypto_aead *cipher, const u8 *key,
static int crypto4xx_crypt_aes_ccm(struct aead_request *req, bool decrypt)
{
struct crypto4xx_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct crypto4xx_aead_reqctx *rctx = aead_request_ctx(req);
struct crypto_aead *aead = crypto_aead_reqtfm(req);
- unsigned int len = req->cryptlen;
__le32 iv[16];
- u32 tmp_sa[ctx->sa_len * 4];
+ u32 tmp_sa[SA_AES128_CCM_LEN + 4];
struct dynamic_sa_ctl *sa = (struct dynamic_sa_ctl *)tmp_sa;
-
- if (crypto4xx_aead_need_fallback(req, true, decrypt))
- return crypto4xx_aead_fallback(req, ctx, decrypt);
+ unsigned int len = req->cryptlen;
if (decrypt)
len -= crypto_aead_authsize(aead);
- memcpy(tmp_sa, decrypt ? ctx->sa_in : ctx->sa_out, sizeof(tmp_sa));
+ if (crypto4xx_aead_need_fallback(req, len, true, decrypt))
+ return crypto4xx_aead_fallback(req, ctx, decrypt);
+
+ memcpy(tmp_sa, decrypt ? ctx->sa_in : ctx->sa_out, ctx->sa_len * 4);
sa->sa_command_0.bf.digest_len = crypto_aead_authsize(aead) >> 2;
if (req->iv[0] == 1) {
@@ -391,7 +475,7 @@ static int crypto4xx_crypt_aes_ccm(struct aead_request *req, bool decrypt)
return crypto4xx_build_pd(&req->base, ctx, req->src, req->dst,
len, iv, sizeof(iv),
- sa, ctx->sa_len, req->assoclen);
+ sa, ctx->sa_len, req->assoclen, rctx->dst);
}
int crypto4xx_encrypt_aes_ccm(struct aead_request *req)
@@ -470,7 +554,7 @@ int crypto4xx_setkey_aes_gcm(struct crypto_aead *cipher,
return -EINVAL;
}
- rc = crypto4xx_setup_fallback(ctx, cipher, key, keylen);
+ rc = crypto4xx_aead_setup_fallback(ctx, cipher, key, keylen);
if (rc)
return rc;
@@ -523,22 +607,23 @@ static inline int crypto4xx_crypt_aes_gcm(struct aead_request *req,
bool decrypt)
{
struct crypto4xx_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
- unsigned int len = req->cryptlen;
+ struct crypto4xx_aead_reqctx *rctx = aead_request_ctx(req);
__le32 iv[4];
+ unsigned int len = req->cryptlen;
+
+ if (decrypt)
+ len -= crypto_aead_authsize(crypto_aead_reqtfm(req));
- if (crypto4xx_aead_need_fallback(req, false, decrypt))
+ if (crypto4xx_aead_need_fallback(req, len, false, decrypt))
return crypto4xx_aead_fallback(req, ctx, decrypt);
crypto4xx_memcpy_to_le32(iv, req->iv, GCM_AES_IV_SIZE);
iv[3] = cpu_to_le32(1);
- if (decrypt)
- len -= crypto_aead_authsize(crypto_aead_reqtfm(req));
-
return crypto4xx_build_pd(&req->base, ctx, req->src, req->dst,
len, iv, sizeof(iv),
decrypt ? ctx->sa_in : ctx->sa_out,
- ctx->sa_len, req->assoclen);
+ ctx->sa_len, req->assoclen, rctx->dst);
}
int crypto4xx_encrypt_aes_gcm(struct aead_request *req)
@@ -623,7 +708,7 @@ int crypto4xx_hash_update(struct ahash_request *req)
return crypto4xx_build_pd(&req->base, ctx, req->src, &dst,
req->nbytes, NULL, 0, ctx->sa_in,
- ctx->sa_len, 0);
+ ctx->sa_len, 0, NULL);
}
int crypto4xx_hash_final(struct ahash_request *req)
@@ -642,7 +727,7 @@ int crypto4xx_hash_digest(struct ahash_request *req)
return crypto4xx_build_pd(&req->base, ctx, req->src, &dst,
req->nbytes, NULL, 0, ctx->sa_in,
- ctx->sa_len, 0);
+ ctx->sa_len, 0, NULL);
}
/**
diff --git a/drivers/crypto/amcc/crypto4xx_core.c b/drivers/crypto/amcc/crypto4xx_core.c
index 76f459ad2821..9cb234c72549 100644
--- a/drivers/crypto/amcc/crypto4xx_core.c
+++ b/drivers/crypto/amcc/crypto4xx_core.c
@@ -41,6 +41,7 @@
#include <crypto/gcm.h>
#include <crypto/sha.h>
#include <crypto/scatterwalk.h>
+#include <crypto/skcipher.h>
#include <crypto/internal/aead.h>
#include <crypto/internal/skcipher.h>
#include "crypto4xx_reg_def.h"
@@ -526,31 +527,38 @@ static void crypto4xx_ret_sg_desc(struct crypto4xx_device *dev,
}
}
-static void crypto4xx_ablkcipher_done(struct crypto4xx_device *dev,
+static void crypto4xx_cipher_done(struct crypto4xx_device *dev,
struct pd_uinfo *pd_uinfo,
struct ce_pd *pd)
{
- struct crypto4xx_ctx *ctx;
- struct ablkcipher_request *ablk_req;
+ struct skcipher_request *req;
struct scatterlist *dst;
dma_addr_t addr;
- ablk_req = ablkcipher_request_cast(pd_uinfo->async_req);
- ctx = crypto_tfm_ctx(ablk_req->base.tfm);
+ req = skcipher_request_cast(pd_uinfo->async_req);
if (pd_uinfo->using_sd) {
- crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo, ablk_req->nbytes,
- ablk_req->dst);
+ crypto4xx_copy_pkt_to_dst(dev, pd, pd_uinfo,
+ req->cryptlen, req->dst);
} else {
dst = pd_uinfo->dest_va;
addr = dma_map_page(dev->core_dev->device, sg_page(dst),
dst->offset, dst->length, DMA_FROM_DEVICE);
}
+
+ if (pd_uinfo->sa_va->sa_command_0.bf.save_iv == SA_SAVE_IV) {
+ struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
+
+ crypto4xx_memcpy_from_le32((u32 *)req->iv,
+ pd_uinfo->sr_va->save_iv,
+ crypto_skcipher_ivsize(skcipher));
+ }
+
crypto4xx_ret_sg_desc(dev, pd_uinfo);
if (pd_uinfo->state & PD_ENTRY_BUSY)
- ablkcipher_request_complete(ablk_req, -EINPROGRESS);
- ablkcipher_request_complete(ablk_req, 0);
+ skcipher_request_complete(req, -EINPROGRESS);
+ skcipher_request_complete(req, 0);
}
static void crypto4xx_ahash_done(struct crypto4xx_device *dev,
@@ -580,7 +588,7 @@ static void crypto4xx_aead_done(struct crypto4xx_device *dev,
struct scatterlist *dst = pd_uinfo->dest_va;
size_t cp_len = crypto_aead_authsize(
crypto_aead_reqtfm(aead_req));
- u32 icv[cp_len];
+ u32 icv[AES_BLOCK_SIZE];
int err = 0;
if (pd_uinfo->using_sd) {
@@ -595,7 +603,7 @@ static void crypto4xx_aead_done(struct crypto4xx_device *dev,
if (pd_uinfo->sa_va->sa_command_0.bf.dir == DIR_OUTBOUND) {
/* append icv at the end */
crypto4xx_memcpy_from_le32(icv, pd_uinfo->sr_va->save_digest,
- cp_len);
+ sizeof(icv));
scatterwalk_map_and_copy(icv, dst, aead_req->cryptlen,
cp_len, 1);
@@ -605,7 +613,7 @@ static void crypto4xx_aead_done(struct crypto4xx_device *dev,
aead_req->assoclen + aead_req->cryptlen -
cp_len, cp_len, 0);
- crypto4xx_memcpy_from_le32(icv, icv, cp_len);
+ crypto4xx_memcpy_from_le32(icv, icv, sizeof(icv));
if (crypto_memneq(icv, pd_uinfo->sr_va->save_digest, cp_len))
err = -EBADMSG;
@@ -641,8 +649,8 @@ static void crypto4xx_pd_done(struct crypto4xx_device *dev, u32 idx)
struct pd_uinfo *pd_uinfo = &dev->pdr_uinfo[idx];
switch (crypto_tfm_alg_type(pd_uinfo->async_req->tfm)) {
- case CRYPTO_ALG_TYPE_ABLKCIPHER:
- crypto4xx_ablkcipher_done(dev, pd_uinfo, pd);
+ case CRYPTO_ALG_TYPE_SKCIPHER:
+ crypto4xx_cipher_done(dev, pd_uinfo, pd);
break;
case CRYPTO_ALG_TYPE_AEAD:
crypto4xx_aead_done(dev, pd_uinfo, pd);
@@ -687,9 +695,9 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
const __le32 *iv, const u32 iv_len,
const struct dynamic_sa_ctl *req_sa,
const unsigned int sa_len,
- const unsigned int assoclen)
+ const unsigned int assoclen,
+ struct scatterlist *_dst)
{
- struct scatterlist _dst[2];
struct crypto4xx_device *dev = ctx->dev;
struct dynamic_sa_ctl *sa;
struct ce_gd *gd;
@@ -936,15 +944,27 @@ static void crypto4xx_ctx_init(struct crypto4xx_alg *amcc_alg,
ctx->sa_len = 0;
}
-static int crypto4xx_ablk_init(struct crypto_tfm *tfm)
+static int crypto4xx_sk_init(struct crypto_skcipher *sk)
{
- struct crypto_alg *alg = tfm->__crt_alg;
+ struct skcipher_alg *alg = crypto_skcipher_alg(sk);
struct crypto4xx_alg *amcc_alg;
- struct crypto4xx_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk);
+
+ if (alg->base.cra_flags & CRYPTO_ALG_NEED_FALLBACK) {
+ ctx->sw_cipher.cipher =
+ crypto_alloc_skcipher(alg->base.cra_name, 0,
+ CRYPTO_ALG_NEED_FALLBACK |
+ CRYPTO_ALG_ASYNC);
+ if (IS_ERR(ctx->sw_cipher.cipher))
+ return PTR_ERR(ctx->sw_cipher.cipher);
+
+ crypto_skcipher_set_reqsize(sk,
+ sizeof(struct skcipher_request) + 32 +
+ crypto_skcipher_reqsize(ctx->sw_cipher.cipher));
+ }
amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.cipher);
crypto4xx_ctx_init(amcc_alg, ctx);
- tfm->crt_ablkcipher.reqsize = sizeof(struct crypto4xx_ctx);
return 0;
}
@@ -953,9 +973,13 @@ static void crypto4xx_common_exit(struct crypto4xx_ctx *ctx)
crypto4xx_free_sa(ctx);
}
-static void crypto4xx_ablk_exit(struct crypto_tfm *tfm)
+static void crypto4xx_sk_exit(struct crypto_skcipher *sk)
{
- crypto4xx_common_exit(crypto_tfm_ctx(tfm));
+ struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(sk);
+
+ crypto4xx_common_exit(ctx);
+ if (ctx->sw_cipher.cipher)
+ crypto_free_skcipher(ctx->sw_cipher.cipher);
}
static int crypto4xx_aead_init(struct crypto_aead *tfm)
@@ -972,9 +996,9 @@ static int crypto4xx_aead_init(struct crypto_aead *tfm)
amcc_alg = container_of(alg, struct crypto4xx_alg, alg.u.aead);
crypto4xx_ctx_init(amcc_alg, ctx);
- crypto_aead_set_reqsize(tfm, sizeof(struct aead_request) +
- max(sizeof(struct crypto4xx_ctx), 32 +
- crypto_aead_reqsize(ctx->sw_cipher.aead)));
+ crypto_aead_set_reqsize(tfm, max(sizeof(struct aead_request) + 32 +
+ crypto_aead_reqsize(ctx->sw_cipher.aead),
+ sizeof(struct crypto4xx_aead_reqctx)));
return 0;
}
@@ -1012,7 +1036,7 @@ static int crypto4xx_register_alg(struct crypto4xx_device *sec_dev,
break;
default:
- rc = crypto_register_alg(&alg->alg.u.cipher);
+ rc = crypto_register_skcipher(&alg->alg.u.cipher);
break;
}
@@ -1041,7 +1065,7 @@ static void crypto4xx_unregister_alg(struct crypto4xx_device *sec_dev)
break;
default:
- crypto_unregister_alg(&alg->alg.u.cipher);
+ crypto_unregister_skcipher(&alg->alg.u.cipher);
}
kfree(alg);
}
@@ -1103,126 +1127,131 @@ static irqreturn_t crypto4xx_ce_interrupt_handler_revb(int irq, void *data)
*/
static struct crypto4xx_alg_common crypto4xx_alg[] = {
/* Crypto AES modes */
- { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, .u.cipher = {
- .cra_name = "cbc(aes)",
- .cra_driver_name = "cbc-aes-ppc4xx",
- .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
- CRYPTO_ALG_ASYNC |
- CRYPTO_ALG_KERN_DRIVER_ONLY,
- .cra_blocksize = AES_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct crypto4xx_ctx),
- .cra_type = &crypto_ablkcipher_type,
- .cra_init = crypto4xx_ablk_init,
- .cra_exit = crypto4xx_ablk_exit,
- .cra_module = THIS_MODULE,
- .cra_u = {
- .ablkcipher = {
- .min_keysize = AES_MIN_KEY_SIZE,
- .max_keysize = AES_MAX_KEY_SIZE,
- .ivsize = AES_IV_SIZE,
- .setkey = crypto4xx_setkey_aes_cbc,
- .encrypt = crypto4xx_encrypt,
- .decrypt = crypto4xx_decrypt,
- }
- }
- }},
- { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, .u.cipher = {
- .cra_name = "cfb(aes)",
- .cra_driver_name = "cfb-aes-ppc4xx",
- .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
- CRYPTO_ALG_ASYNC |
- CRYPTO_ALG_KERN_DRIVER_ONLY,
- .cra_blocksize = AES_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct crypto4xx_ctx),
- .cra_type = &crypto_ablkcipher_type,
- .cra_init = crypto4xx_ablk_init,
- .cra_exit = crypto4xx_ablk_exit,
- .cra_module = THIS_MODULE,
- .cra_u = {
- .ablkcipher = {
- .min_keysize = AES_MIN_KEY_SIZE,
- .max_keysize = AES_MAX_KEY_SIZE,
- .ivsize = AES_IV_SIZE,
- .setkey = crypto4xx_setkey_aes_cfb,
- .encrypt = crypto4xx_encrypt,
- .decrypt = crypto4xx_decrypt,
- }
- }
+ { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = {
+ .base = {
+ .cra_name = "cbc(aes)",
+ .cra_driver_name = "cbc-aes-ppc4xx",
+ .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
+ .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
+ CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto4xx_ctx),
+ .cra_module = THIS_MODULE,
+ },
+ .min_keysize = AES_MIN_KEY_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE,
+ .ivsize = AES_IV_SIZE,
+ .setkey = crypto4xx_setkey_aes_cbc,
+ .encrypt = crypto4xx_encrypt_iv,
+ .decrypt = crypto4xx_decrypt_iv,
+ .init = crypto4xx_sk_init,
+ .exit = crypto4xx_sk_exit,
} },
- { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, .u.cipher = {
- .cra_name = "rfc3686(ctr(aes))",
- .cra_driver_name = "rfc3686-ctr-aes-ppc4xx",
- .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
- CRYPTO_ALG_ASYNC |
- CRYPTO_ALG_KERN_DRIVER_ONLY,
- .cra_blocksize = AES_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct crypto4xx_ctx),
- .cra_type = &crypto_ablkcipher_type,
- .cra_init = crypto4xx_ablk_init,
- .cra_exit = crypto4xx_ablk_exit,
- .cra_module = THIS_MODULE,
- .cra_u = {
- .ablkcipher = {
- .min_keysize = AES_MIN_KEY_SIZE +
- CTR_RFC3686_NONCE_SIZE,
- .max_keysize = AES_MAX_KEY_SIZE +
- CTR_RFC3686_NONCE_SIZE,
- .ivsize = CTR_RFC3686_IV_SIZE,
- .setkey = crypto4xx_setkey_rfc3686,
- .encrypt = crypto4xx_rfc3686_encrypt,
- .decrypt = crypto4xx_rfc3686_decrypt,
- }
- }
+ { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = {
+ .base = {
+ .cra_name = "cfb(aes)",
+ .cra_driver_name = "cfb-aes-ppc4xx",
+ .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
+ .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
+ CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto4xx_ctx),
+ .cra_module = THIS_MODULE,
+ },
+ .min_keysize = AES_MIN_KEY_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE,
+ .ivsize = AES_IV_SIZE,
+ .setkey = crypto4xx_setkey_aes_cfb,
+ .encrypt = crypto4xx_encrypt_iv,
+ .decrypt = crypto4xx_decrypt_iv,
+ .init = crypto4xx_sk_init,
+ .exit = crypto4xx_sk_exit,
} },
- { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, .u.cipher = {
- .cra_name = "ecb(aes)",
- .cra_driver_name = "ecb-aes-ppc4xx",
- .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
- CRYPTO_ALG_ASYNC |
- CRYPTO_ALG_KERN_DRIVER_ONLY,
- .cra_blocksize = AES_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct crypto4xx_ctx),
- .cra_type = &crypto_ablkcipher_type,
- .cra_init = crypto4xx_ablk_init,
- .cra_exit = crypto4xx_ablk_exit,
- .cra_module = THIS_MODULE,
- .cra_u = {
- .ablkcipher = {
- .min_keysize = AES_MIN_KEY_SIZE,
- .max_keysize = AES_MAX_KEY_SIZE,
- .setkey = crypto4xx_setkey_aes_ecb,
- .encrypt = crypto4xx_encrypt,
- .decrypt = crypto4xx_decrypt,
- }
- }
+ { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = {
+ .base = {
+ .cra_name = "ctr(aes)",
+ .cra_driver_name = "ctr-aes-ppc4xx",
+ .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
+ .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
+ CRYPTO_ALG_NEED_FALLBACK |
+ CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto4xx_ctx),
+ .cra_module = THIS_MODULE,
+ },
+ .min_keysize = AES_MIN_KEY_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE,
+ .ivsize = AES_IV_SIZE,
+ .setkey = crypto4xx_setkey_aes_ctr,
+ .encrypt = crypto4xx_encrypt_ctr,
+ .decrypt = crypto4xx_decrypt_ctr,
+ .init = crypto4xx_sk_init,
+ .exit = crypto4xx_sk_exit,
} },
- { .type = CRYPTO_ALG_TYPE_ABLKCIPHER, .u.cipher = {
- .cra_name = "ofb(aes)",
- .cra_driver_name = "ofb-aes-ppc4xx",
- .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
- .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER |
- CRYPTO_ALG_ASYNC |
- CRYPTO_ALG_KERN_DRIVER_ONLY,
- .cra_blocksize = AES_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct crypto4xx_ctx),
- .cra_type = &crypto_ablkcipher_type,
- .cra_init = crypto4xx_ablk_init,
- .cra_exit = crypto4xx_ablk_exit,
- .cra_module = THIS_MODULE,
- .cra_u = {
- .ablkcipher = {
- .min_keysize = AES_MIN_KEY_SIZE,
- .max_keysize = AES_MAX_KEY_SIZE,
- .ivsize = AES_IV_SIZE,
- .setkey = crypto4xx_setkey_aes_ofb,
- .encrypt = crypto4xx_encrypt,
- .decrypt = crypto4xx_decrypt,
- }
- }
+ { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = {
+ .base = {
+ .cra_name = "rfc3686(ctr(aes))",
+ .cra_driver_name = "rfc3686-ctr-aes-ppc4xx",
+ .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
+ .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
+ CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto4xx_ctx),
+ .cra_module = THIS_MODULE,
+ },
+ .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE,
+ .ivsize = CTR_RFC3686_IV_SIZE,
+ .setkey = crypto4xx_setkey_rfc3686,
+ .encrypt = crypto4xx_rfc3686_encrypt,
+ .decrypt = crypto4xx_rfc3686_decrypt,
+ .init = crypto4xx_sk_init,
+ .exit = crypto4xx_sk_exit,
+ } },
+ { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = {
+ .base = {
+ .cra_name = "ecb(aes)",
+ .cra_driver_name = "ecb-aes-ppc4xx",
+ .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
+ .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
+ CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto4xx_ctx),
+ .cra_module = THIS_MODULE,
+ },
+ .min_keysize = AES_MIN_KEY_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE,
+ .setkey = crypto4xx_setkey_aes_ecb,
+ .encrypt = crypto4xx_encrypt_noiv,
+ .decrypt = crypto4xx_decrypt_noiv,
+ .init = crypto4xx_sk_init,
+ .exit = crypto4xx_sk_exit,
+ } },
+ { .type = CRYPTO_ALG_TYPE_SKCIPHER, .u.cipher = {
+ .base = {
+ .cra_name = "ofb(aes)",
+ .cra_driver_name = "ofb-aes-ppc4xx",
+ .cra_priority = CRYPTO4XX_CRYPTO_PRIORITY,
+ .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
+ CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto4xx_ctx),
+ .cra_module = THIS_MODULE,
+ },
+ .min_keysize = AES_MIN_KEY_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE,
+ .ivsize = AES_IV_SIZE,
+ .setkey = crypto4xx_setkey_aes_ofb,
+ .encrypt = crypto4xx_encrypt_iv,
+ .decrypt = crypto4xx_decrypt_iv,
+ .init = crypto4xx_sk_init,
+ .exit = crypto4xx_sk_exit,
} },
/* AEAD */
diff --git a/drivers/crypto/amcc/crypto4xx_core.h b/drivers/crypto/amcc/crypto4xx_core.h
index 23b726da6534..e2ca56722f07 100644
--- a/drivers/crypto/amcc/crypto4xx_core.h
+++ b/drivers/crypto/amcc/crypto4xx_core.h
@@ -25,6 +25,7 @@
#include <linux/ratelimit.h>
#include <crypto/internal/hash.h>
#include <crypto/internal/aead.h>
+#include <crypto/internal/skcipher.h>
#include "crypto4xx_reg_def.h"
#include "crypto4xx_sa.h"
@@ -127,14 +128,19 @@ struct crypto4xx_ctx {
__le32 iv_nonce;
u32 sa_len;
union {
+ struct crypto_skcipher *cipher;
struct crypto_aead *aead;
} sw_cipher;
};
+struct crypto4xx_aead_reqctx {
+ struct scatterlist dst[2];
+};
+
struct crypto4xx_alg_common {
u32 type;
union {
- struct crypto_alg cipher;
+ struct skcipher_alg cipher;
struct ahash_alg hash;
struct aead_alg aead;
} u;
@@ -157,21 +163,28 @@ int crypto4xx_build_pd(struct crypto_async_request *req,
const __le32 *iv, const u32 iv_len,
const struct dynamic_sa_ctl *sa,
const unsigned int sa_len,
- const unsigned int assoclen);
-int crypto4xx_setkey_aes_cbc(struct crypto_ablkcipher *cipher,
+ const unsigned int assoclen,
+ struct scatterlist *dst_tmp);
+int crypto4xx_setkey_aes_cbc(struct crypto_skcipher *cipher,
+ const u8 *key, unsigned int keylen);
+int crypto4xx_setkey_aes_cfb(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen);
-int crypto4xx_setkey_aes_cfb(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_aes_ctr(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen);
-int crypto4xx_setkey_aes_ecb(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_aes_ecb(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen);
-int crypto4xx_setkey_aes_ofb(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_aes_ofb(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen);
-int crypto4xx_setkey_rfc3686(struct crypto_ablkcipher *cipher,
+int crypto4xx_setkey_rfc3686(struct crypto_skcipher *cipher,
const u8 *key, unsigned int keylen);
-int crypto4xx_encrypt(struct ablkcipher_request *req);
-int crypto4xx_decrypt(struct ablkcipher_request *req);
-int crypto4xx_rfc3686_encrypt(struct ablkcipher_request *req);
-int crypto4xx_rfc3686_decrypt(struct ablkcipher_request *req);
+int crypto4xx_encrypt_ctr(struct skcipher_request *req);
+int crypto4xx_decrypt_ctr(struct skcipher_request *req);
+int crypto4xx_encrypt_iv(struct skcipher_request *req);
+int crypto4xx_decrypt_iv(struct skcipher_request *req);
+int crypto4xx_encrypt_noiv(struct skcipher_request *req);
+int crypto4xx_decrypt_noiv(struct skcipher_request *req);
+int crypto4xx_rfc3686_encrypt(struct skcipher_request *req);
+int crypto4xx_rfc3686_decrypt(struct skcipher_request *req);
int crypto4xx_sha1_alg_init(struct crypto_tfm *tfm);
int crypto4xx_hash_digest(struct ahash_request *req);
int crypto4xx_hash_final(struct ahash_request *req);
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 7207a535942d..d67667970f7e 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -769,15 +769,18 @@ struct aead_edesc {
* @src_nents: number of segments in input s/w scatterlist
* @dst_nents: number of segments in output s/w scatterlist
* @iv_dma: dma address of iv for checking continuity and link table
+ * @iv_dir: DMA mapping direction for IV
* @sec4_sg_bytes: length of dma mapped sec4_sg space
* @sec4_sg_dma: bus physical mapped address of h/w link table
* @sec4_sg: pointer to h/w link table
* @hw_desc: the h/w job descriptor followed by any referenced link tables
+ * and IV
*/
struct ablkcipher_edesc {
int src_nents;
int dst_nents;
dma_addr_t iv_dma;
+ enum dma_data_direction iv_dir;
int sec4_sg_bytes;
dma_addr_t sec4_sg_dma;
struct sec4_sg_entry *sec4_sg;
@@ -787,7 +790,8 @@ struct ablkcipher_edesc {
static void caam_unmap(struct device *dev, struct scatterlist *src,
struct scatterlist *dst, int src_nents,
int dst_nents,
- dma_addr_t iv_dma, int ivsize, dma_addr_t sec4_sg_dma,
+ dma_addr_t iv_dma, int ivsize,
+ enum dma_data_direction iv_dir, dma_addr_t sec4_sg_dma,
int sec4_sg_bytes)
{
if (dst != src) {
@@ -799,7 +803,7 @@ static void caam_unmap(struct device *dev, struct scatterlist *src,
}
if (iv_dma)
- dma_unmap_single(dev, iv_dma, ivsize, DMA_TO_DEVICE);
+ dma_unmap_single(dev, iv_dma, ivsize, iv_dir);
if (sec4_sg_bytes)
dma_unmap_single(dev, sec4_sg_dma, sec4_sg_bytes,
DMA_TO_DEVICE);
@@ -810,7 +814,7 @@ static void aead_unmap(struct device *dev,
struct aead_request *req)
{
caam_unmap(dev, req->src, req->dst,
- edesc->src_nents, edesc->dst_nents, 0, 0,
+ edesc->src_nents, edesc->dst_nents, 0, 0, DMA_NONE,
edesc->sec4_sg_dma, edesc->sec4_sg_bytes);
}
@@ -823,7 +827,7 @@ static void ablkcipher_unmap(struct device *dev,
caam_unmap(dev, req->src, req->dst,
edesc->src_nents, edesc->dst_nents,
- edesc->iv_dma, ivsize,
+ edesc->iv_dma, ivsize, edesc->iv_dir,
edesc->sec4_sg_dma, edesc->sec4_sg_bytes);
}
@@ -912,6 +916,18 @@ static void ablkcipher_encrypt_done(struct device *jrdev, u32 *desc, u32 err,
scatterwalk_map_and_copy(req->info, req->dst, req->nbytes - ivsize,
ivsize, 0);
+ /* In case initial IV was generated, copy it in GIVCIPHER request */
+ if (edesc->iv_dir == DMA_FROM_DEVICE) {
+ u8 *iv;
+ struct skcipher_givcrypt_request *greq;
+
+ greq = container_of(req, struct skcipher_givcrypt_request,
+ creq);
+ iv = (u8 *)edesc->hw_desc + desc_bytes(edesc->hw_desc) +
+ edesc->sec4_sg_bytes;
+ memcpy(greq->giv, iv, ivsize);
+ }
+
kfree(edesc);
ablkcipher_request_complete(req, err);
@@ -922,10 +938,10 @@ static void ablkcipher_decrypt_done(struct device *jrdev, u32 *desc, u32 err,
{
struct ablkcipher_request *req = context;
struct ablkcipher_edesc *edesc;
+#ifdef DEBUG
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
-#ifdef DEBUG
dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err);
#endif
@@ -943,14 +959,6 @@ static void ablkcipher_decrypt_done(struct device *jrdev, u32 *desc, u32 err,
edesc->dst_nents > 1 ? 100 : req->nbytes, 1);
ablkcipher_unmap(jrdev, edesc, req);
-
- /*
- * The crypto API expects us to set the IV (req->info) to the last
- * ciphertext block.
- */
- scatterwalk_map_and_copy(req->info, req->src, req->nbytes - ivsize,
- ivsize, 0);
-
kfree(edesc);
ablkcipher_request_complete(req, err);
@@ -1099,15 +1107,14 @@ static void init_authenc_job(struct aead_request *req,
*/
static void init_ablkcipher_job(u32 *sh_desc, dma_addr_t ptr,
struct ablkcipher_edesc *edesc,
- struct ablkcipher_request *req,
- bool iv_contig)
+ struct ablkcipher_request *req)
{
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
u32 *desc = edesc->hw_desc;
- u32 out_options = 0, in_options;
- dma_addr_t dst_dma, src_dma;
- int len, sec4_sg_index = 0;
+ u32 out_options = 0;
+ dma_addr_t dst_dma;
+ int len;
#ifdef DEBUG
print_hex_dump(KERN_ERR, "presciv@"__stringify(__LINE__)": ",
@@ -1123,30 +1130,18 @@ static void init_ablkcipher_job(u32 *sh_desc, dma_addr_t ptr,
len = desc_len(sh_desc);
init_job_desc_shared(desc, ptr, len, HDR_SHARE_DEFER | HDR_REVERSE);
- if (iv_contig) {
- src_dma = edesc->iv_dma;
- in_options = 0;
- } else {
- src_dma = edesc->sec4_sg_dma;
- sec4_sg_index += edesc->src_nents + 1;
- in_options = LDST_SGF;
- }
- append_seq_in_ptr(desc, src_dma, req->nbytes + ivsize, in_options);
+ append_seq_in_ptr(desc, edesc->sec4_sg_dma, req->nbytes + ivsize,
+ LDST_SGF);
if (likely(req->src == req->dst)) {
- if (edesc->src_nents == 1 && iv_contig) {
- dst_dma = sg_dma_address(req->src);
- } else {
- dst_dma = edesc->sec4_sg_dma +
- sizeof(struct sec4_sg_entry);
- out_options = LDST_SGF;
- }
+ dst_dma = edesc->sec4_sg_dma + sizeof(struct sec4_sg_entry);
+ out_options = LDST_SGF;
} else {
if (edesc->dst_nents == 1) {
dst_dma = sg_dma_address(req->dst);
} else {
- dst_dma = edesc->sec4_sg_dma +
- sec4_sg_index * sizeof(struct sec4_sg_entry);
+ dst_dma = edesc->sec4_sg_dma + (edesc->src_nents + 1) *
+ sizeof(struct sec4_sg_entry);
out_options = LDST_SGF;
}
}
@@ -1158,13 +1153,12 @@ static void init_ablkcipher_job(u32 *sh_desc, dma_addr_t ptr,
*/
static void init_ablkcipher_giv_job(u32 *sh_desc, dma_addr_t ptr,
struct ablkcipher_edesc *edesc,
- struct ablkcipher_request *req,
- bool iv_contig)
+ struct ablkcipher_request *req)
{
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
u32 *desc = edesc->hw_desc;
- u32 out_options, in_options;
+ u32 in_options;
dma_addr_t dst_dma, src_dma;
int len, sec4_sg_index = 0;
@@ -1190,15 +1184,9 @@ static void init_ablkcipher_giv_job(u32 *sh_desc, dma_addr_t ptr,
}
append_seq_in_ptr(desc, src_dma, req->nbytes, in_options);
- if (iv_contig) {
- dst_dma = edesc->iv_dma;
- out_options = 0;
- } else {
- dst_dma = edesc->sec4_sg_dma +
- sec4_sg_index * sizeof(struct sec4_sg_entry);
- out_options = LDST_SGF;
- }
- append_seq_out_ptr(desc, dst_dma, req->nbytes + ivsize, out_options);
+ dst_dma = edesc->sec4_sg_dma + sec4_sg_index *
+ sizeof(struct sec4_sg_entry);
+ append_seq_out_ptr(desc, dst_dma, req->nbytes + ivsize, LDST_SGF);
}
/*
@@ -1287,7 +1275,7 @@ static struct aead_edesc *aead_edesc_alloc(struct aead_request *req,
GFP_DMA | flags);
if (!edesc) {
caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0,
- 0, 0, 0);
+ 0, DMA_NONE, 0, 0);
return ERR_PTR(-ENOMEM);
}
@@ -1491,8 +1479,7 @@ static int aead_decrypt(struct aead_request *req)
* allocate and map the ablkcipher extended descriptor for ablkcipher
*/
static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
- *req, int desc_bytes,
- bool *iv_contig_out)
+ *req, int desc_bytes)
{
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
@@ -1501,8 +1488,8 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
struct ablkcipher_edesc *edesc;
- dma_addr_t iv_dma = 0;
- bool in_contig;
+ dma_addr_t iv_dma;
+ u8 *iv;
int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
int dst_sg_idx, sec4_sg_ents, sec4_sg_bytes;
@@ -1546,33 +1533,20 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
}
}
- iv_dma = dma_map_single(jrdev, req->info, ivsize, DMA_TO_DEVICE);
- if (dma_mapping_error(jrdev, iv_dma)) {
- dev_err(jrdev, "unable to map IV\n");
- caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0,
- 0, 0, 0);
- return ERR_PTR(-ENOMEM);
- }
-
- if (mapped_src_nents == 1 &&
- iv_dma + ivsize == sg_dma_address(req->src)) {
- in_contig = true;
- sec4_sg_ents = 0;
- } else {
- in_contig = false;
- sec4_sg_ents = 1 + mapped_src_nents;
- }
+ sec4_sg_ents = 1 + mapped_src_nents;
dst_sg_idx = sec4_sg_ents;
sec4_sg_ents += mapped_dst_nents > 1 ? mapped_dst_nents : 0;
sec4_sg_bytes = sec4_sg_ents * sizeof(struct sec4_sg_entry);
- /* allocate space for base edesc and hw desc commands, link tables */
- edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes,
+ /*
+ * allocate space for base edesc and hw desc commands, link tables, IV
+ */
+ edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes + ivsize,
GFP_DMA | flags);
if (!edesc) {
dev_err(jrdev, "could not allocate extended descriptor\n");
- caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, 0, 0);
+ caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, DMA_NONE, 0, 0);
return ERR_PTR(-ENOMEM);
}
@@ -1581,13 +1555,24 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
edesc->sec4_sg_bytes = sec4_sg_bytes;
edesc->sec4_sg = (void *)edesc + sizeof(struct ablkcipher_edesc) +
desc_bytes;
+ edesc->iv_dir = DMA_TO_DEVICE;
- if (!in_contig) {
- dma_to_sec4_sg_one(edesc->sec4_sg, iv_dma, ivsize, 0);
- sg_to_sec4_sg_last(req->src, mapped_src_nents,
- edesc->sec4_sg + 1, 0);
+ /* Make sure IV is located in a DMAable area */
+ iv = (u8 *)edesc->hw_desc + desc_bytes + sec4_sg_bytes;
+ memcpy(iv, req->info, ivsize);
+
+ iv_dma = dma_map_single(jrdev, iv, ivsize, DMA_TO_DEVICE);
+ if (dma_mapping_error(jrdev, iv_dma)) {
+ dev_err(jrdev, "unable to map IV\n");
+ caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, DMA_NONE, 0, 0);
+ kfree(edesc);
+ return ERR_PTR(-ENOMEM);
}
+ dma_to_sec4_sg_one(edesc->sec4_sg, iv_dma, ivsize, 0);
+ sg_to_sec4_sg_last(req->src, mapped_src_nents, edesc->sec4_sg + 1, 0);
+
if (mapped_dst_nents > 1) {
sg_to_sec4_sg_last(req->dst, mapped_dst_nents,
edesc->sec4_sg + dst_sg_idx, 0);
@@ -1598,7 +1583,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
if (dma_mapping_error(jrdev, edesc->sec4_sg_dma)) {
dev_err(jrdev, "unable to map S/G table\n");
caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, 0, 0);
+ iv_dma, ivsize, DMA_TO_DEVICE, 0, 0);
kfree(edesc);
return ERR_PTR(-ENOMEM);
}
@@ -1611,7 +1596,6 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
sec4_sg_bytes, 1);
#endif
- *iv_contig_out = in_contig;
return edesc;
}
@@ -1621,19 +1605,16 @@ static int ablkcipher_encrypt(struct ablkcipher_request *req)
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
struct device *jrdev = ctx->jrdev;
- bool iv_contig;
u32 *desc;
int ret = 0;
/* allocate extended descriptor */
- edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN *
- CAAM_CMD_SZ, &iv_contig);
+ edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN * CAAM_CMD_SZ);
if (IS_ERR(edesc))
return PTR_ERR(edesc);
/* Create and submit job descriptor*/
- init_ablkcipher_job(ctx->sh_desc_enc,
- ctx->sh_desc_enc_dma, edesc, req, iv_contig);
+ init_ablkcipher_job(ctx->sh_desc_enc, ctx->sh_desc_enc_dma, edesc, req);
#ifdef DEBUG
print_hex_dump(KERN_ERR, "ablkcipher jobdesc@"__stringify(__LINE__)": ",
DUMP_PREFIX_ADDRESS, 16, 4, edesc->hw_desc,
@@ -1657,20 +1638,25 @@ static int ablkcipher_decrypt(struct ablkcipher_request *req)
struct ablkcipher_edesc *edesc;
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
+ int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
struct device *jrdev = ctx->jrdev;
- bool iv_contig;
u32 *desc;
int ret = 0;
/* allocate extended descriptor */
- edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN *
- CAAM_CMD_SZ, &iv_contig);
+ edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN * CAAM_CMD_SZ);
if (IS_ERR(edesc))
return PTR_ERR(edesc);
+ /*
+ * The crypto API expects us to set the IV (req->info) to the last
+ * ciphertext block.
+ */
+ scatterwalk_map_and_copy(req->info, req->src, req->nbytes - ivsize,
+ ivsize, 0);
+
/* Create and submit job descriptor*/
- init_ablkcipher_job(ctx->sh_desc_dec,
- ctx->sh_desc_dec_dma, edesc, req, iv_contig);
+ init_ablkcipher_job(ctx->sh_desc_dec, ctx->sh_desc_dec_dma, edesc, req);
desc = edesc->hw_desc;
#ifdef DEBUG
print_hex_dump(KERN_ERR, "ablkcipher jobdesc@"__stringify(__LINE__)": ",
@@ -1695,8 +1681,7 @@ static int ablkcipher_decrypt(struct ablkcipher_request *req)
*/
static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
struct skcipher_givcrypt_request *greq,
- int desc_bytes,
- bool *iv_contig_out)
+ int desc_bytes)
{
struct ablkcipher_request *req = &greq->creq;
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
@@ -1706,8 +1691,8 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents, mapped_dst_nents;
struct ablkcipher_edesc *edesc;
- dma_addr_t iv_dma = 0;
- bool out_contig;
+ dma_addr_t iv_dma;
+ u8 *iv;
int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
int dst_sg_idx, sec4_sg_ents, sec4_sg_bytes;
@@ -1752,36 +1737,20 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
}
}
- /*
- * Check if iv can be contiguous with source and destination.
- * If so, include it. If not, create scatterlist.
- */
- iv_dma = dma_map_single(jrdev, greq->giv, ivsize, DMA_TO_DEVICE);
- if (dma_mapping_error(jrdev, iv_dma)) {
- dev_err(jrdev, "unable to map IV\n");
- caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0,
- 0, 0, 0);
- return ERR_PTR(-ENOMEM);
- }
-
sec4_sg_ents = mapped_src_nents > 1 ? mapped_src_nents : 0;
dst_sg_idx = sec4_sg_ents;
- if (mapped_dst_nents == 1 &&
- iv_dma + ivsize == sg_dma_address(req->dst)) {
- out_contig = true;
- } else {
- out_contig = false;
- sec4_sg_ents += 1 + mapped_dst_nents;
- }
+ sec4_sg_ents += 1 + mapped_dst_nents;
- /* allocate space for base edesc and hw desc commands, link tables */
+ /*
+ * allocate space for base edesc and hw desc commands, link tables, IV
+ */
sec4_sg_bytes = sec4_sg_ents * sizeof(struct sec4_sg_entry);
- edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes,
+ edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes + ivsize,
GFP_DMA | flags);
if (!edesc) {
dev_err(jrdev, "could not allocate extended descriptor\n");
- caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, 0, 0);
+ caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, DMA_NONE, 0, 0);
return ERR_PTR(-ENOMEM);
}
@@ -1790,24 +1759,33 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
edesc->sec4_sg_bytes = sec4_sg_bytes;
edesc->sec4_sg = (void *)edesc + sizeof(struct ablkcipher_edesc) +
desc_bytes;
+ edesc->iv_dir = DMA_FROM_DEVICE;
+
+ /* Make sure IV is located in a DMAable area */
+ iv = (u8 *)edesc->hw_desc + desc_bytes + sec4_sg_bytes;
+ iv_dma = dma_map_single(jrdev, iv, ivsize, DMA_FROM_DEVICE);
+ if (dma_mapping_error(jrdev, iv_dma)) {
+ dev_err(jrdev, "unable to map IV\n");
+ caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, DMA_NONE, 0, 0);
+ kfree(edesc);
+ return ERR_PTR(-ENOMEM);
+ }
if (mapped_src_nents > 1)
sg_to_sec4_sg_last(req->src, mapped_src_nents, edesc->sec4_sg,
0);
- if (!out_contig) {
- dma_to_sec4_sg_one(edesc->sec4_sg + dst_sg_idx,
- iv_dma, ivsize, 0);
- sg_to_sec4_sg_last(req->dst, mapped_dst_nents,
- edesc->sec4_sg + dst_sg_idx + 1, 0);
- }
+ dma_to_sec4_sg_one(edesc->sec4_sg + dst_sg_idx, iv_dma, ivsize, 0);
+ sg_to_sec4_sg_last(req->dst, mapped_dst_nents, edesc->sec4_sg +
+ dst_sg_idx + 1, 0);
edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
sec4_sg_bytes, DMA_TO_DEVICE);
if (dma_mapping_error(jrdev, edesc->sec4_sg_dma)) {
dev_err(jrdev, "unable to map S/G table\n");
caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, 0, 0);
+ iv_dma, ivsize, DMA_FROM_DEVICE, 0, 0);
kfree(edesc);
return ERR_PTR(-ENOMEM);
}
@@ -1820,7 +1798,6 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
sec4_sg_bytes, 1);
#endif
- *iv_contig_out = out_contig;
return edesc;
}
@@ -1831,19 +1808,17 @@ static int ablkcipher_givencrypt(struct skcipher_givcrypt_request *creq)
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
struct device *jrdev = ctx->jrdev;
- bool iv_contig = false;
u32 *desc;
int ret = 0;
/* allocate extended descriptor */
- edesc = ablkcipher_giv_edesc_alloc(creq, DESC_JOB_IO_LEN *
- CAAM_CMD_SZ, &iv_contig);
+ edesc = ablkcipher_giv_edesc_alloc(creq, DESC_JOB_IO_LEN * CAAM_CMD_SZ);
if (IS_ERR(edesc))
return PTR_ERR(edesc);
/* Create and submit job descriptor*/
init_ablkcipher_giv_job(ctx->sh_desc_givenc, ctx->sh_desc_givenc_dma,
- edesc, req, iv_contig);
+ edesc, req);
#ifdef DEBUG
print_hex_dump(KERN_ERR,
"ablkcipher jobdesc@" __stringify(__LINE__) ": ",
diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c
index 8ae7a1be7dfd..a408edd84f34 100644
--- a/drivers/crypto/caam/caamalg_desc.c
+++ b/drivers/crypto/caam/caamalg_desc.c
@@ -1093,7 +1093,7 @@ void cnstr_shdsc_rfc4543_encap(u32 * const desc, struct alginfo *cdata,
read_move_cmd = append_move(desc, MOVE_SRC_DESCBUF | MOVE_DEST_MATH3 |
(0x6 << MOVE_LEN_SHIFT));
write_move_cmd = append_move(desc, MOVE_SRC_MATH3 | MOVE_DEST_DESCBUF |
- (0x8 << MOVE_LEN_SHIFT));
+ (0x8 << MOVE_LEN_SHIFT) | MOVE_WAITCOMP);
/* Will read assoclen + cryptlen bytes */
append_math_sub(desc, VARSEQINLEN, SEQINLEN, REG0, CAAM_CMD_SZ);
@@ -1178,7 +1178,7 @@ void cnstr_shdsc_rfc4543_decap(u32 * const desc, struct alginfo *cdata,
read_move_cmd = append_move(desc, MOVE_SRC_DESCBUF | MOVE_DEST_MATH3 |
(0x6 << MOVE_LEN_SHIFT));
write_move_cmd = append_move(desc, MOVE_SRC_MATH3 | MOVE_DEST_DESCBUF |
- (0x8 << MOVE_LEN_SHIFT));
+ (0x8 << MOVE_LEN_SHIFT) | MOVE_WAITCOMP);
/* Will read assoclen + cryptlen bytes */
append_math_sub(desc, VARSEQINLEN, SEQOUTLEN, REG0, CAAM_CMD_SZ);
diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c
index cacda0831390..6e61cc93c2b0 100644
--- a/drivers/crypto/caam/caamalg_qi.c
+++ b/drivers/crypto/caam/caamalg_qi.c
@@ -728,7 +728,7 @@ badkey:
* @assoclen: associated data length, in CAAM endianness
* @assoclen_dma: bus physical mapped address of req->assoclen
* @drv_req: driver-specific request structure
- * @sgt: the h/w link table
+ * @sgt: the h/w link table, followed by IV
*/
struct aead_edesc {
int src_nents;
@@ -739,9 +739,6 @@ struct aead_edesc {
unsigned int assoclen;
dma_addr_t assoclen_dma;
struct caam_drv_req drv_req;
-#define CAAM_QI_MAX_AEAD_SG \
- ((CAAM_QI_MEMCACHE_SIZE - offsetof(struct aead_edesc, sgt)) / \
- sizeof(struct qm_sg_entry))
struct qm_sg_entry sgt[0];
};
@@ -753,7 +750,7 @@ struct aead_edesc {
* @qm_sg_bytes: length of dma mapped h/w link table
* @qm_sg_dma: bus physical mapped address of h/w link table
* @drv_req: driver-specific request structure
- * @sgt: the h/w link table
+ * @sgt: the h/w link table, followed by IV
*/
struct ablkcipher_edesc {
int src_nents;
@@ -762,9 +759,6 @@ struct ablkcipher_edesc {
int qm_sg_bytes;
dma_addr_t qm_sg_dma;
struct caam_drv_req drv_req;
-#define CAAM_QI_MAX_ABLKCIPHER_SG \
- ((CAAM_QI_MEMCACHE_SIZE - offsetof(struct ablkcipher_edesc, sgt)) / \
- sizeof(struct qm_sg_entry))
struct qm_sg_entry sgt[0];
};
@@ -986,17 +980,8 @@ static struct aead_edesc *aead_edesc_alloc(struct aead_request *req,
}
}
- if ((alg->caam.rfc3686 && encrypt) || !alg->caam.geniv) {
+ if ((alg->caam.rfc3686 && encrypt) || !alg->caam.geniv)
ivsize = crypto_aead_ivsize(aead);
- iv_dma = dma_map_single(qidev, req->iv, ivsize, DMA_TO_DEVICE);
- if (dma_mapping_error(qidev, iv_dma)) {
- dev_err(qidev, "unable to map IV\n");
- caam_unmap(qidev, req->src, req->dst, src_nents,
- dst_nents, 0, 0, op_type, 0, 0);
- qi_cache_free(edesc);
- return ERR_PTR(-ENOMEM);
- }
- }
/*
* Create S/G table: req->assoclen, [IV,] req->src [, req->dst].
@@ -1004,16 +989,33 @@ static struct aead_edesc *aead_edesc_alloc(struct aead_request *req,
*/
qm_sg_ents = 1 + !!ivsize + mapped_src_nents +
(mapped_dst_nents > 1 ? mapped_dst_nents : 0);
- if (unlikely(qm_sg_ents > CAAM_QI_MAX_AEAD_SG)) {
- dev_err(qidev, "Insufficient S/G entries: %d > %zu\n",
- qm_sg_ents, CAAM_QI_MAX_AEAD_SG);
- caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, op_type, 0, 0);
+ sg_table = &edesc->sgt[0];
+ qm_sg_bytes = qm_sg_ents * sizeof(*sg_table);
+ if (unlikely(offsetof(struct aead_edesc, sgt) + qm_sg_bytes + ivsize >
+ CAAM_QI_MEMCACHE_SIZE)) {
+ dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
+ qm_sg_ents, ivsize);
+ caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, 0, 0, 0);
qi_cache_free(edesc);
return ERR_PTR(-ENOMEM);
}
- sg_table = &edesc->sgt[0];
- qm_sg_bytes = qm_sg_ents * sizeof(*sg_table);
+
+ if (ivsize) {
+ u8 *iv = (u8 *)(sg_table + qm_sg_ents);
+
+ /* Make sure IV is located in a DMAable area */
+ memcpy(iv, req->iv, ivsize);
+
+ iv_dma = dma_map_single(qidev, iv, ivsize, DMA_TO_DEVICE);
+ if (dma_mapping_error(qidev, iv_dma)) {
+ dev_err(qidev, "unable to map IV\n");
+ caam_unmap(qidev, req->src, req->dst, src_nents,
+ dst_nents, 0, 0, 0, 0, 0);
+ qi_cache_free(edesc);
+ return ERR_PTR(-ENOMEM);
+ }
+ }
edesc->src_nents = src_nents;
edesc->dst_nents = dst_nents;
@@ -1166,15 +1168,27 @@ static void ablkcipher_done(struct caam_drv_req *drv_req, u32 status)
#endif
ablkcipher_unmap(qidev, edesc, req);
- qi_cache_free(edesc);
+
+ /* In case initial IV was generated, copy it in GIVCIPHER request */
+ if (edesc->drv_req.drv_ctx->op_type == GIVENCRYPT) {
+ u8 *iv;
+ struct skcipher_givcrypt_request *greq;
+
+ greq = container_of(req, struct skcipher_givcrypt_request,
+ creq);
+ iv = (u8 *)edesc->sgt + edesc->qm_sg_bytes;
+ memcpy(greq->giv, iv, ivsize);
+ }
/*
* The crypto API expects us to set the IV (req->info) to the last
* ciphertext block. This is used e.g. by the CTS mode.
*/
- scatterwalk_map_and_copy(req->info, req->dst, req->nbytes - ivsize,
- ivsize, 0);
+ if (edesc->drv_req.drv_ctx->op_type != DECRYPT)
+ scatterwalk_map_and_copy(req->info, req->dst, req->nbytes -
+ ivsize, ivsize, 0);
+ qi_cache_free(edesc);
ablkcipher_request_complete(req, status);
}
@@ -1189,9 +1203,9 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
struct ablkcipher_edesc *edesc;
dma_addr_t iv_dma;
- bool in_contig;
+ u8 *iv;
int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
- int dst_sg_idx, qm_sg_ents;
+ int dst_sg_idx, qm_sg_ents, qm_sg_bytes;
struct qm_sg_entry *sg_table, *fd_sgt;
struct caam_drv_ctx *drv_ctx;
enum optype op_type = encrypt ? ENCRYPT : DECRYPT;
@@ -1238,55 +1252,53 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
}
}
- iv_dma = dma_map_single(qidev, req->info, ivsize, DMA_TO_DEVICE);
- if (dma_mapping_error(qidev, iv_dma)) {
- dev_err(qidev, "unable to map IV\n");
- caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
- 0, 0, 0, 0);
- return ERR_PTR(-ENOMEM);
- }
-
- if (mapped_src_nents == 1 &&
- iv_dma + ivsize == sg_dma_address(req->src)) {
- in_contig = true;
- qm_sg_ents = 0;
- } else {
- in_contig = false;
- qm_sg_ents = 1 + mapped_src_nents;
- }
+ qm_sg_ents = 1 + mapped_src_nents;
dst_sg_idx = qm_sg_ents;
qm_sg_ents += mapped_dst_nents > 1 ? mapped_dst_nents : 0;
- if (unlikely(qm_sg_ents > CAAM_QI_MAX_ABLKCIPHER_SG)) {
- dev_err(qidev, "Insufficient S/G entries: %d > %zu\n",
- qm_sg_ents, CAAM_QI_MAX_ABLKCIPHER_SG);
- caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, op_type, 0, 0);
+ qm_sg_bytes = qm_sg_ents * sizeof(struct qm_sg_entry);
+ if (unlikely(offsetof(struct ablkcipher_edesc, sgt) + qm_sg_bytes +
+ ivsize > CAAM_QI_MEMCACHE_SIZE)) {
+ dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
+ qm_sg_ents, ivsize);
+ caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, 0, 0, 0);
return ERR_PTR(-ENOMEM);
}
- /* allocate space for base edesc and link tables */
+ /* allocate space for base edesc, link tables and IV */
edesc = qi_cache_alloc(GFP_DMA | flags);
if (unlikely(!edesc)) {
dev_err(qidev, "could not allocate extended descriptor\n");
- caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, op_type, 0, 0);
+ caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, 0, 0, 0);
+ return ERR_PTR(-ENOMEM);
+ }
+
+ /* Make sure IV is located in a DMAable area */
+ sg_table = &edesc->sgt[0];
+ iv = (u8 *)(sg_table + qm_sg_ents);
+ memcpy(iv, req->info, ivsize);
+
+ iv_dma = dma_map_single(qidev, iv, ivsize, DMA_TO_DEVICE);
+ if (dma_mapping_error(qidev, iv_dma)) {
+ dev_err(qidev, "unable to map IV\n");
+ caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, 0, 0, 0);
+ qi_cache_free(edesc);
return ERR_PTR(-ENOMEM);
}
edesc->src_nents = src_nents;
edesc->dst_nents = dst_nents;
edesc->iv_dma = iv_dma;
- sg_table = &edesc->sgt[0];
- edesc->qm_sg_bytes = qm_sg_ents * sizeof(*sg_table);
+ edesc->qm_sg_bytes = qm_sg_bytes;
edesc->drv_req.app_ctx = req;
edesc->drv_req.cbk = ablkcipher_done;
edesc->drv_req.drv_ctx = drv_ctx;
- if (!in_contig) {
- dma_to_qm_sg_one(sg_table, iv_dma, ivsize, 0);
- sg_to_qm_sg_last(req->src, mapped_src_nents, sg_table + 1, 0);
- }
+ dma_to_qm_sg_one(sg_table, iv_dma, ivsize, 0);
+ sg_to_qm_sg_last(req->src, mapped_src_nents, sg_table + 1, 0);
if (mapped_dst_nents > 1)
sg_to_qm_sg_last(req->dst, mapped_dst_nents, sg_table +
@@ -1304,20 +1316,12 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
fd_sgt = &edesc->drv_req.fd_sgt[0];
- if (!in_contig)
- dma_to_qm_sg_one_last_ext(&fd_sgt[1], edesc->qm_sg_dma,
- ivsize + req->nbytes, 0);
- else
- dma_to_qm_sg_one_last(&fd_sgt[1], iv_dma, ivsize + req->nbytes,
- 0);
+ dma_to_qm_sg_one_last_ext(&fd_sgt[1], edesc->qm_sg_dma,
+ ivsize + req->nbytes, 0);
if (req->src == req->dst) {
- if (!in_contig)
- dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma +
- sizeof(*sg_table), req->nbytes, 0);
- else
- dma_to_qm_sg_one(&fd_sgt[0], sg_dma_address(req->src),
- req->nbytes, 0);
+ dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma +
+ sizeof(*sg_table), req->nbytes, 0);
} else if (mapped_dst_nents > 1) {
dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma + dst_sg_idx *
sizeof(*sg_table), req->nbytes, 0);
@@ -1341,10 +1345,10 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
int src_nents, mapped_src_nents, dst_nents, mapped_dst_nents;
struct ablkcipher_edesc *edesc;
dma_addr_t iv_dma;
- bool out_contig;
+ u8 *iv;
int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
struct qm_sg_entry *sg_table, *fd_sgt;
- int dst_sg_idx, qm_sg_ents;
+ int dst_sg_idx, qm_sg_ents, qm_sg_bytes;
struct caam_drv_ctx *drv_ctx;
drv_ctx = get_drv_ctx(ctx, GIVENCRYPT);
@@ -1392,46 +1396,45 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
mapped_dst_nents = src_nents;
}
- iv_dma = dma_map_single(qidev, creq->giv, ivsize, DMA_FROM_DEVICE);
- if (dma_mapping_error(qidev, iv_dma)) {
- dev_err(qidev, "unable to map IV\n");
- caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
- 0, 0, 0, 0);
- return ERR_PTR(-ENOMEM);
- }
-
qm_sg_ents = mapped_src_nents > 1 ? mapped_src_nents : 0;
dst_sg_idx = qm_sg_ents;
- if (mapped_dst_nents == 1 &&
- iv_dma + ivsize == sg_dma_address(req->dst)) {
- out_contig = true;
- } else {
- out_contig = false;
- qm_sg_ents += 1 + mapped_dst_nents;
- }
- if (unlikely(qm_sg_ents > CAAM_QI_MAX_ABLKCIPHER_SG)) {
- dev_err(qidev, "Insufficient S/G entries: %d > %zu\n",
- qm_sg_ents, CAAM_QI_MAX_ABLKCIPHER_SG);
- caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, GIVENCRYPT, 0, 0);
+ qm_sg_ents += 1 + mapped_dst_nents;
+ qm_sg_bytes = qm_sg_ents * sizeof(struct qm_sg_entry);
+ if (unlikely(offsetof(struct ablkcipher_edesc, sgt) + qm_sg_bytes +
+ ivsize > CAAM_QI_MEMCACHE_SIZE)) {
+ dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
+ qm_sg_ents, ivsize);
+ caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, 0, 0, 0);
return ERR_PTR(-ENOMEM);
}
- /* allocate space for base edesc and link tables */
+ /* allocate space for base edesc, link tables and IV */
edesc = qi_cache_alloc(GFP_DMA | flags);
if (!edesc) {
dev_err(qidev, "could not allocate extended descriptor\n");
- caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
- iv_dma, ivsize, GIVENCRYPT, 0, 0);
+ caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, 0, 0, 0);
+ return ERR_PTR(-ENOMEM);
+ }
+
+ /* Make sure IV is located in a DMAable area */
+ sg_table = &edesc->sgt[0];
+ iv = (u8 *)(sg_table + qm_sg_ents);
+ iv_dma = dma_map_single(qidev, iv, ivsize, DMA_FROM_DEVICE);
+ if (dma_mapping_error(qidev, iv_dma)) {
+ dev_err(qidev, "unable to map IV\n");
+ caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
+ 0, 0, 0, 0);
+ qi_cache_free(edesc);
return ERR_PTR(-ENOMEM);
}
edesc->src_nents = src_nents;
edesc->dst_nents = dst_nents;
edesc->iv_dma = iv_dma;
- sg_table = &edesc->sgt[0];
- edesc->qm_sg_bytes = qm_sg_ents * sizeof(*sg_table);
+ edesc->qm_sg_bytes = qm_sg_bytes;
edesc->drv_req.app_ctx = req;
edesc->drv_req.cbk = ablkcipher_done;
edesc->drv_req.drv_ctx = drv_ctx;
@@ -1439,11 +1442,9 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
if (mapped_src_nents > 1)
sg_to_qm_sg_last(req->src, mapped_src_nents, sg_table, 0);
- if (!out_contig) {
- dma_to_qm_sg_one(sg_table + dst_sg_idx, iv_dma, ivsize, 0);
- sg_to_qm_sg_last(req->dst, mapped_dst_nents, sg_table +
- dst_sg_idx + 1, 0);
- }
+ dma_to_qm_sg_one(sg_table + dst_sg_idx, iv_dma, ivsize, 0);
+ sg_to_qm_sg_last(req->dst, mapped_dst_nents, sg_table + dst_sg_idx + 1,
+ 0);
edesc->qm_sg_dma = dma_map_single(qidev, sg_table, edesc->qm_sg_bytes,
DMA_TO_DEVICE);
@@ -1464,13 +1465,8 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
dma_to_qm_sg_one(&fd_sgt[1], sg_dma_address(req->src),
req->nbytes, 0);
- if (!out_contig)
- dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma + dst_sg_idx *
- sizeof(*sg_table), ivsize + req->nbytes,
- 0);
- else
- dma_to_qm_sg_one(&fd_sgt[0], sg_dma_address(req->dst),
- ivsize + req->nbytes, 0);
+ dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma + dst_sg_idx *
+ sizeof(*sg_table), ivsize + req->nbytes, 0);
return edesc;
}
@@ -1480,6 +1476,7 @@ static inline int ablkcipher_crypt(struct ablkcipher_request *req, bool encrypt)
struct ablkcipher_edesc *edesc;
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
+ int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
int ret;
if (unlikely(caam_congested))
@@ -1490,6 +1487,14 @@ static inline int ablkcipher_crypt(struct ablkcipher_request *req, bool encrypt)
if (IS_ERR(edesc))
return PTR_ERR(edesc);
+ /*
+ * The crypto API expects us to set the IV (req->info) to the last
+ * ciphertext block.
+ */
+ if (!encrypt)
+ scatterwalk_map_and_copy(req->info, req->src, req->nbytes -
+ ivsize, ivsize, 0);
+
ret = caam_qi_enqueue(ctx->qidev, &edesc->drv_req);
if (!ret) {
ret = -EINPROGRESS;
diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c
index 7a897209f181..578ea63a3109 100644
--- a/drivers/crypto/caam/caampkc.c
+++ b/drivers/crypto/caam/caampkc.c
@@ -66,7 +66,7 @@ static void rsa_priv_f2_unmap(struct device *dev, struct rsa_edesc *edesc,
struct caam_rsa_key *key = &ctx->key;
struct rsa_priv_f2_pdb *pdb = &edesc->pdb.priv_f2;
size_t p_sz = key->p_sz;
- size_t q_sz = key->p_sz;
+ size_t q_sz = key->q_sz;
dma_unmap_single(dev, pdb->d_dma, key->d_sz, DMA_TO_DEVICE);
dma_unmap_single(dev, pdb->p_dma, p_sz, DMA_TO_DEVICE);
@@ -83,7 +83,7 @@ static void rsa_priv_f3_unmap(struct device *dev, struct rsa_edesc *edesc,
struct caam_rsa_key *key = &ctx->key;
struct rsa_priv_f3_pdb *pdb = &edesc->pdb.priv_f3;
size_t p_sz = key->p_sz;
- size_t q_sz = key->p_sz;
+ size_t q_sz = key->q_sz;
dma_unmap_single(dev, pdb->p_dma, p_sz, DMA_TO_DEVICE);
dma_unmap_single(dev, pdb->q_dma, q_sz, DMA_TO_DEVICE);
@@ -166,18 +166,71 @@ static void rsa_priv_f3_done(struct device *dev, u32 *desc, u32 err,
akcipher_request_complete(req, err);
}
+static int caam_rsa_count_leading_zeros(struct scatterlist *sgl,
+ unsigned int nbytes,
+ unsigned int flags)
+{
+ struct sg_mapping_iter miter;
+ int lzeros, ents;
+ unsigned int len;
+ unsigned int tbytes = nbytes;
+ const u8 *buff;
+
+ ents = sg_nents_for_len(sgl, nbytes);
+ if (ents < 0)
+ return ents;
+
+ sg_miter_start(&miter, sgl, ents, SG_MITER_FROM_SG | flags);
+
+ lzeros = 0;
+ len = 0;
+ while (nbytes > 0) {
+ while (len && !*buff) {
+ lzeros++;
+ len--;
+ buff++;
+ }
+
+ if (len && *buff)
+ break;
+
+ sg_miter_next(&miter);
+ buff = miter.addr;
+ len = miter.length;
+
+ nbytes -= lzeros;
+ lzeros = 0;
+ }
+
+ miter.consumed = lzeros;
+ sg_miter_stop(&miter);
+ nbytes -= lzeros;
+
+ return tbytes - nbytes;
+}
+
static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req,
size_t desclen)
{
struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
struct device *dev = ctx->dev;
+ struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req);
struct rsa_edesc *edesc;
gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
GFP_KERNEL : GFP_ATOMIC;
+ int sg_flags = (flags == GFP_ATOMIC) ? SG_MITER_ATOMIC : 0;
int sgc;
int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes;
int src_nents, dst_nents;
+ int lzeros;
+
+ lzeros = caam_rsa_count_leading_zeros(req->src, req->src_len, sg_flags);
+ if (lzeros < 0)
+ return ERR_PTR(lzeros);
+
+ req->src_len -= lzeros;
+ req->src = scatterwalk_ffwd(req_ctx->src, req->src, lzeros);
src_nents = sg_nents_for_len(req->src, req->src_len);
dst_nents = sg_nents_for_len(req->dst, req->dst_len);
@@ -344,7 +397,7 @@ static int set_rsa_priv_f2_pdb(struct akcipher_request *req,
struct rsa_priv_f2_pdb *pdb = &edesc->pdb.priv_f2;
int sec4_sg_index = 0;
size_t p_sz = key->p_sz;
- size_t q_sz = key->p_sz;
+ size_t q_sz = key->q_sz;
pdb->d_dma = dma_map_single(dev, key->d, key->d_sz, DMA_TO_DEVICE);
if (dma_mapping_error(dev, pdb->d_dma)) {
@@ -419,7 +472,7 @@ static int set_rsa_priv_f3_pdb(struct akcipher_request *req,
struct rsa_priv_f3_pdb *pdb = &edesc->pdb.priv_f3;
int sec4_sg_index = 0;
size_t p_sz = key->p_sz;
- size_t q_sz = key->p_sz;
+ size_t q_sz = key->q_sz;
pdb->p_dma = dma_map_single(dev, key->p, p_sz, DMA_TO_DEVICE);
if (dma_mapping_error(dev, pdb->p_dma)) {
@@ -730,19 +783,12 @@ static u8 *caam_read_rsa_crt(const u8 *ptr, size_t nbytes, size_t dstlen)
*/
static inline u8 *caam_read_raw_data(const u8 *buf, size_t *nbytes)
{
- u8 *val;
caam_rsa_drop_leading_zeros(&buf, nbytes);
if (!*nbytes)
return NULL;
- val = kzalloc(*nbytes, GFP_DMA | GFP_KERNEL);
- if (!val)
- return NULL;
-
- memcpy(val, buf, *nbytes);
-
- return val;
+ return kmemdup(buf, *nbytes, GFP_DMA | GFP_KERNEL);
}
static int caam_rsa_check_key_length(unsigned int len)
@@ -953,6 +999,7 @@ static struct akcipher_alg caam_rsa = {
.max_size = caam_rsa_max_size,
.init = caam_rsa_init_tfm,
.exit = caam_rsa_exit_tfm,
+ .reqsize = sizeof(struct caam_rsa_req_ctx),
.base = {
.cra_name = "rsa",
.cra_driver_name = "rsa-caam",
diff --git a/drivers/crypto/caam/caampkc.h b/drivers/crypto/caam/caampkc.h
index fd145c46eae1..82645bcf8b27 100644
--- a/drivers/crypto/caam/caampkc.h
+++ b/drivers/crypto/caam/caampkc.h
@@ -96,6 +96,14 @@ struct caam_rsa_ctx {
};
/**
+ * caam_rsa_req_ctx - per request context.
+ * @src: input scatterlist (stripped of leading zeros)
+ */
+struct caam_rsa_req_ctx {
+ struct scatterlist src[2];
+};
+
+/**
* rsa_edesc - s/w-extended rsa descriptor
* @src_nents : number of segments in input scatterlist
* @dst_nents : number of segments in output scatterlist
diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c
index e4cc636e1104..538c01f428c1 100644
--- a/drivers/crypto/caam/ctrl.c
+++ b/drivers/crypto/caam/ctrl.c
@@ -322,9 +322,9 @@ static int caam_remove(struct platform_device *pdev)
/*
* De-initialize RNG state handles initialized by this driver.
- * In case of DPAA 2.x, RNG is managed by MC firmware.
+ * In case of SoCs with Management Complex, RNG is managed by MC f/w.
*/
- if (!caam_dpaa2 && ctrlpriv->rng4_sh_init)
+ if (!ctrlpriv->mc_en && ctrlpriv->rng4_sh_init)
deinstantiate_rng(ctrldev, ctrlpriv->rng4_sh_init);
/* Shut down debug views */
@@ -396,11 +396,56 @@ start_rng:
clrsetbits_32(&r4tst->rtmctl, RTMCTL_PRGM, RTMCTL_SAMP_MODE_RAW_ES_SC);
}
+static int caam_get_era_from_hw(struct caam_ctrl __iomem *ctrl)
+{
+ static const struct {
+ u16 ip_id;
+ u8 maj_rev;
+ u8 era;
+ } id[] = {
+ {0x0A10, 1, 1},
+ {0x0A10, 2, 2},
+ {0x0A12, 1, 3},
+ {0x0A14, 1, 3},
+ {0x0A14, 2, 4},
+ {0x0A16, 1, 4},
+ {0x0A10, 3, 4},
+ {0x0A11, 1, 4},
+ {0x0A18, 1, 4},
+ {0x0A11, 2, 5},
+ {0x0A12, 2, 5},
+ {0x0A13, 1, 5},
+ {0x0A1C, 1, 5}
+ };
+ u32 ccbvid, id_ms;
+ u8 maj_rev, era;
+ u16 ip_id;
+ int i;
+
+ ccbvid = rd_reg32(&ctrl->perfmon.ccb_id);
+ era = (ccbvid & CCBVID_ERA_MASK) >> CCBVID_ERA_SHIFT;
+ if (era) /* This is '0' prior to CAAM ERA-6 */
+ return era;
+
+ id_ms = rd_reg32(&ctrl->perfmon.caam_id_ms);
+ ip_id = (id_ms & SECVID_MS_IPID_MASK) >> SECVID_MS_IPID_SHIFT;
+ maj_rev = (id_ms & SECVID_MS_MAJ_REV_MASK) >> SECVID_MS_MAJ_REV_SHIFT;
+
+ for (i = 0; i < ARRAY_SIZE(id); i++)
+ if (id[i].ip_id == ip_id && id[i].maj_rev == maj_rev)
+ return id[i].era;
+
+ return -ENOTSUPP;
+}
+
/**
* caam_get_era() - Return the ERA of the SEC on SoC, based
- * on "sec-era" propery in the DTS. This property is updated by u-boot.
+ * on "sec-era" optional property in the DTS. This property is updated
+ * by u-boot.
+ * In case this property is not passed an attempt to retrieve the CAAM
+ * era via register reads will be made.
**/
-int caam_get_era(void)
+static int caam_get_era(struct caam_ctrl __iomem *ctrl)
{
struct device_node *caam_node;
int ret;
@@ -410,9 +455,11 @@ int caam_get_era(void)
ret = of_property_read_u32(caam_node, "fsl,sec-era", &prop);
of_node_put(caam_node);
- return ret ? -ENOTSUPP : prop;
+ if (!ret)
+ return prop;
+ else
+ return caam_get_era_from_hw(ctrl);
}
-EXPORT_SYMBOL(caam_get_era);
static const struct of_device_id caam_match[] = {
{
@@ -571,11 +618,15 @@ static int caam_probe(struct platform_device *pdev)
/*
* Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel,
* long pointers in master configuration register.
- * In case of DPAA 2.x, Management Complex firmware performs
+ * In case of SoCs with Management Complex, MC f/w performs
* the configuration.
*/
caam_dpaa2 = !!(comp_params & CTPR_MS_DPAA2);
- if (!caam_dpaa2)
+ np = of_find_compatible_node(NULL, NULL, "fsl,qoriq-mc");
+ ctrlpriv->mc_en = !!np;
+ of_node_put(np);
+
+ if (!ctrlpriv->mc_en)
clrsetbits_32(&ctrl->mcr, MCFGR_AWCACHE_MASK | MCFGR_LONG_PTR,
MCFGR_AWCACHE_CACH | MCFGR_AWCACHE_BUFF |
MCFGR_WDENABLE | MCFGR_LARGE_BURST |
@@ -623,7 +674,7 @@ static int caam_probe(struct platform_device *pdev)
goto iounmap_ctrl;
}
- ctrlpriv->era = caam_get_era();
+ ctrlpriv->era = caam_get_era(ctrl);
ret = of_platform_populate(nprop, caam_match, NULL, dev);
if (ret) {
@@ -686,9 +737,9 @@ static int caam_probe(struct platform_device *pdev)
/*
* If SEC has RNG version >= 4 and RNG state handle has not been
* already instantiated, do RNG instantiation
- * In case of DPAA 2.x, RNG is managed by MC firmware.
+ * In case of SoCs with Management Complex, RNG is managed by MC f/w.
*/
- if (!caam_dpaa2 &&
+ if (!ctrlpriv->mc_en &&
(cha_vid_ls & CHA_ID_LS_RNG_MASK) >> CHA_ID_LS_RNG_SHIFT >= 4) {
ctrlpriv->rng4_sh_init =
rd_reg32(&ctrl->r4tst[0].rdsta);
@@ -757,9 +808,8 @@ static int caam_probe(struct platform_device *pdev)
/* Report "alive" for developer to see */
dev_info(dev, "device ID = 0x%016llx (Era %d)\n", caam_id,
ctrlpriv->era);
- dev_info(dev, "job rings = %d, qi = %d, dpaa2 = %s\n",
- ctrlpriv->total_jobrs, ctrlpriv->qi_present,
- caam_dpaa2 ? "yes" : "no");
+ dev_info(dev, "job rings = %d, qi = %d\n",
+ ctrlpriv->total_jobrs, ctrlpriv->qi_present);
#ifdef CONFIG_DEBUG_FS
debugfs_create_file("rq_dequeued", S_IRUSR | S_IRGRP | S_IROTH,
diff --git a/drivers/crypto/caam/ctrl.h b/drivers/crypto/caam/ctrl.h
index be693a2cc25e..f3ecd67922a7 100644
--- a/drivers/crypto/caam/ctrl.h
+++ b/drivers/crypto/caam/ctrl.h
@@ -9,8 +9,6 @@
#define CTRL_H
/* Prototypes for backend-level services exposed to APIs */
-int caam_get_era(void);
-
extern bool caam_dpaa2;
#endif /* CTRL_H */
diff --git a/drivers/crypto/caam/intern.h b/drivers/crypto/caam/intern.h
index 7696a774a362..babc78abd155 100644
--- a/drivers/crypto/caam/intern.h
+++ b/drivers/crypto/caam/intern.h
@@ -82,6 +82,7 @@ struct caam_drv_private {
*/
u8 total_jobrs; /* Total Job Rings in device */
u8 qi_present; /* Nonzero if QI present in device */
+ u8 mc_en; /* Nonzero if MC f/w is active */
int secvio_irq; /* Security violation interrupt number */
int virt_en; /* Virtualization enabled in CAAM */
int era; /* CAAM Era (internal HW revision) */
diff --git a/drivers/crypto/caam/qi.c b/drivers/crypto/caam/qi.c
index b9480828da38..67f7f8c42c93 100644
--- a/drivers/crypto/caam/qi.c
+++ b/drivers/crypto/caam/qi.c
@@ -657,9 +657,8 @@ static int init_cgr(struct device *qidev)
{
int ret;
struct qm_mcc_initcgr opts;
- const u64 cpus = *(u64 *)qman_affine_cpus();
- const int num_cpus = hweight64(cpus);
- const u64 val = num_cpus * MAX_RSP_FQ_BACKLOG_PER_CPU;
+ const u64 val = (u64)cpumask_weight(qman_affine_cpus()) *
+ MAX_RSP_FQ_BACKLOG_PER_CPU;
ret = qman_alloc_cgrid(&qipriv.cgr.cgrid);
if (ret) {
diff --git a/drivers/crypto/caam/regs.h b/drivers/crypto/caam/regs.h
index fee363865d88..4fb91ba39c36 100644
--- a/drivers/crypto/caam/regs.h
+++ b/drivers/crypto/caam/regs.h
@@ -312,11 +312,17 @@ struct caam_perfmon {
/* Component Instantiation Parameters fe0-fff */
u32 rtic_id; /* RVID - RTIC Version ID */
+#define CCBVID_ERA_MASK 0xff000000
+#define CCBVID_ERA_SHIFT 24
u32 ccb_id; /* CCBVID - CCB Version ID */
u32 cha_id_ms; /* CHAVID - CHA Version ID Most Significant*/
u32 cha_id_ls; /* CHAVID - CHA Version ID Least Significant*/
u32 cha_num_ms; /* CHANUM - CHA Number Most Significant */
u32 cha_num_ls; /* CHANUM - CHA Number Least Significant*/
+#define SECVID_MS_IPID_MASK 0xffff0000
+#define SECVID_MS_IPID_SHIFT 16
+#define SECVID_MS_MAJ_REV_MASK 0x0000ff00
+#define SECVID_MS_MAJ_REV_SHIFT 8
u32 caam_id_ms; /* CAAMVID - CAAM Version ID MS */
u32 caam_id_ls; /* CAAMVID - CAAM Version ID LS */
};
diff --git a/drivers/crypto/cavium/zip/common.h b/drivers/crypto/cavium/zip/common.h
index dc451e0a43c5..58fb3ed6e644 100644
--- a/drivers/crypto/cavium/zip/common.h
+++ b/drivers/crypto/cavium/zip/common.h
@@ -46,8 +46,10 @@
#ifndef __COMMON_H__
#define __COMMON_H__
+#include <linux/delay.h>
#include <linux/init.h>
#include <linux/interrupt.h>
+#include <linux/io.h>
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/pci.h>
@@ -149,6 +151,25 @@ struct zip_operation {
u32 sizeofzops;
};
+static inline int zip_poll_result(union zip_zres_s *result)
+{
+ int retries = 1000;
+
+ while (!result->s.compcode) {
+ if (!--retries) {
+ pr_err("ZIP ERR: request timed out");
+ return -ETIMEDOUT;
+ }
+ udelay(10);
+ /*
+ * Force re-reading of compcode which is updated
+ * by the ZIP coprocessor.
+ */
+ rmb();
+ }
+ return 0;
+}
+
/* error messages */
#define zip_err(fmt, args...) pr_err("ZIP ERR:%s():%d: " \
fmt "\n", __func__, __LINE__, ## args)
diff --git a/drivers/crypto/cavium/zip/zip_crypto.c b/drivers/crypto/cavium/zip/zip_crypto.c
index 8df4d26cf9d4..b92b6e7e100f 100644
--- a/drivers/crypto/cavium/zip/zip_crypto.c
+++ b/drivers/crypto/cavium/zip/zip_crypto.c
@@ -124,7 +124,7 @@ int zip_compress(const u8 *src, unsigned int slen,
struct zip_kernel_ctx *zip_ctx)
{
struct zip_operation *zip_ops = NULL;
- struct zip_state zip_state;
+ struct zip_state *zip_state;
struct zip_device *zip = NULL;
int ret;
@@ -135,20 +135,23 @@ int zip_compress(const u8 *src, unsigned int slen,
if (!zip)
return -ENODEV;
- memset(&zip_state, 0, sizeof(struct zip_state));
+ zip_state = kzalloc(sizeof(*zip_state), GFP_ATOMIC);
+ if (!zip_state)
+ return -ENOMEM;
+
zip_ops = &zip_ctx->zip_comp;
zip_ops->input_len = slen;
zip_ops->output_len = *dlen;
memcpy(zip_ops->input, src, slen);
- ret = zip_deflate(zip_ops, &zip_state, zip);
+ ret = zip_deflate(zip_ops, zip_state, zip);
if (!ret) {
*dlen = zip_ops->output_len;
memcpy(dst, zip_ops->output, *dlen);
}
-
+ kfree(zip_state);
return ret;
}
@@ -157,7 +160,7 @@ int zip_decompress(const u8 *src, unsigned int slen,
struct zip_kernel_ctx *zip_ctx)
{
struct zip_operation *zip_ops = NULL;
- struct zip_state zip_state;
+ struct zip_state *zip_state;
struct zip_device *zip = NULL;
int ret;
@@ -168,7 +171,10 @@ int zip_decompress(const u8 *src, unsigned int slen,
if (!zip)
return -ENODEV;
- memset(&zip_state, 0, sizeof(struct zip_state));
+ zip_state = kzalloc(sizeof(*zip_state), GFP_ATOMIC);
+ if (!zip_state)
+ return -ENOMEM;
+
zip_ops = &zip_ctx->zip_decomp;
memcpy(zip_ops->input, src, slen);
@@ -179,13 +185,13 @@ int zip_decompress(const u8 *src, unsigned int slen,
zip_ops->input_len = slen;
zip_ops->output_len = *dlen;
- ret = zip_inflate(zip_ops, &zip_state, zip);
+ ret = zip_inflate(zip_ops, zip_state, zip);
if (!ret) {
*dlen = zip_ops->output_len;
memcpy(dst, zip_ops->output, *dlen);
}
-
+ kfree(zip_state);
return ret;
}
diff --git a/drivers/crypto/cavium/zip/zip_deflate.c b/drivers/crypto/cavium/zip/zip_deflate.c
index 9a944b8c1e29..d7133f857d67 100644
--- a/drivers/crypto/cavium/zip/zip_deflate.c
+++ b/drivers/crypto/cavium/zip/zip_deflate.c
@@ -129,8 +129,8 @@ int zip_deflate(struct zip_operation *zip_ops, struct zip_state *s,
/* Stats update for compression requests submitted */
atomic64_inc(&zip_dev->stats.comp_req_submit);
- while (!result_ptr->s.compcode)
- continue;
+ /* Wait for completion or error */
+ zip_poll_result(result_ptr);
/* Stats update for compression requests completed */
atomic64_inc(&zip_dev->stats.comp_req_complete);
diff --git a/drivers/crypto/cavium/zip/zip_device.c b/drivers/crypto/cavium/zip/zip_device.c
index ccf21fb91513..f174ec29ed69 100644
--- a/drivers/crypto/cavium/zip/zip_device.c
+++ b/drivers/crypto/cavium/zip/zip_device.c
@@ -87,12 +87,12 @@ u32 zip_load_instr(union zip_inst_s *instr,
* Distribute the instructions between the enabled queues based on
* the CPU id.
*/
- if (smp_processor_id() % 2 == 0)
+ if (raw_smp_processor_id() % 2 == 0)
queue = 0;
else
queue = 1;
- zip_dbg("CPU Core: %d Queue number:%d", smp_processor_id(), queue);
+ zip_dbg("CPU Core: %d Queue number:%d", raw_smp_processor_id(), queue);
/* Take cmd buffer lock */
spin_lock(&zip_dev->iq[queue].lock);
diff --git a/drivers/crypto/cavium/zip/zip_inflate.c b/drivers/crypto/cavium/zip/zip_inflate.c
index 50cbdd83dbf2..7e0d73e2f89e 100644
--- a/drivers/crypto/cavium/zip/zip_inflate.c
+++ b/drivers/crypto/cavium/zip/zip_inflate.c
@@ -143,8 +143,8 @@ int zip_inflate(struct zip_operation *zip_ops, struct zip_state *s,
/* Decompression requests submitted stats update */
atomic64_inc(&zip_dev->stats.decomp_req_submit);
- while (!result_ptr->s.compcode)
- continue;
+ /* Wait for completion or error */
+ zip_poll_result(result_ptr);
/* Decompression requests completed stats update */
atomic64_inc(&zip_dev->stats.decomp_req_complete);
diff --git a/drivers/crypto/cavium/zip/zip_main.c b/drivers/crypto/cavium/zip/zip_main.c
index 1cd8aa488185..be055b9547f6 100644
--- a/drivers/crypto/cavium/zip/zip_main.c
+++ b/drivers/crypto/cavium/zip/zip_main.c
@@ -113,7 +113,7 @@ struct zip_device *zip_get_device(int node)
*/
int zip_get_node_id(void)
{
- return cpu_to_node(smp_processor_id());
+ return cpu_to_node(raw_smp_processor_id());
}
/* Initializes the ZIP h/w sub-system */
@@ -469,6 +469,8 @@ static int zip_show_stats(struct seq_file *s, void *unused)
struct zip_stats *st;
for (index = 0; index < MAX_ZIP_DEVICES; index++) {
+ u64 pending = 0;
+
if (zip_dev[index]) {
zip = zip_dev[index];
st = &zip->stats;
@@ -476,16 +478,15 @@ static int zip_show_stats(struct seq_file *s, void *unused)
/* Get all the pending requests */
for (q = 0; q < ZIP_NUM_QUEUES; q++) {
val = zip_reg_read((zip->reg_base +
- ZIP_DBG_COREX_STA(q)));
- val = (val >> 32);
- val = val & 0xffffff;
- atomic64_add(val, &st->pending_req);
+ ZIP_DBG_QUEX_STA(q)));
+ pending += val >> 32 & 0xffffff;
}
- avg_chunk = (atomic64_read(&st->comp_in_bytes) /
- atomic64_read(&st->comp_req_complete));
- avg_cr = (atomic64_read(&st->comp_in_bytes) /
- atomic64_read(&st->comp_out_bytes));
+ val = atomic64_read(&st->comp_req_complete);
+ avg_chunk = (val) ? atomic64_read(&st->comp_in_bytes) / val : 0;
+
+ val = atomic64_read(&st->comp_out_bytes);
+ avg_cr = (val) ? atomic64_read(&st->comp_in_bytes) / val : 0;
seq_printf(s, " ZIP Device %d Stats\n"
"-----------------------------------\n"
"Comp Req Submitted : \t%lld\n"
@@ -513,10 +514,7 @@ static int zip_show_stats(struct seq_file *s, void *unused)
(u64)atomic64_read(&st->decomp_in_bytes),
(u64)atomic64_read(&st->decomp_out_bytes),
(u64)atomic64_read(&st->decomp_bad_reqs),
- (u64)atomic64_read(&st->pending_req));
-
- /* Reset pending requests count */
- atomic64_set(&st->pending_req, 0);
+ pending);
}
}
return 0;
diff --git a/drivers/crypto/cavium/zip/zip_main.h b/drivers/crypto/cavium/zip/zip_main.h
index 64e051f60784..e1e4fa92ce80 100644
--- a/drivers/crypto/cavium/zip/zip_main.h
+++ b/drivers/crypto/cavium/zip/zip_main.h
@@ -74,7 +74,6 @@ struct zip_stats {
atomic64_t comp_req_complete;
atomic64_t decomp_req_submit;
atomic64_t decomp_req_complete;
- atomic64_t pending_req;
atomic64_t comp_in_bytes;
atomic64_t comp_out_bytes;
atomic64_t decomp_in_bytes;
diff --git a/drivers/crypto/cavium/zip/zip_regs.h b/drivers/crypto/cavium/zip/zip_regs.h
index d0be682305c1..874e0236c87e 100644
--- a/drivers/crypto/cavium/zip/zip_regs.h
+++ b/drivers/crypto/cavium/zip/zip_regs.h
@@ -443,7 +443,7 @@ union zip_corex_bist_status {
static inline u64 ZIP_COREX_BIST_STATUS(u64 param1)
{
- if (((param1 <= 1)))
+ if (param1 <= 1)
return 0x0520ull + (param1 & 1) * 0x8ull;
pr_err("ZIP_COREX_BIST_STATUS: %llu\n", param1);
return 0;
@@ -537,7 +537,7 @@ union zip_dbg_corex_inst {
static inline u64 ZIP_DBG_COREX_INST(u64 param1)
{
- if (((param1 <= 1)))
+ if (param1 <= 1)
return 0x0640ull + (param1 & 1) * 0x8ull;
pr_err("ZIP_DBG_COREX_INST: %llu\n", param1);
return 0;
@@ -568,7 +568,7 @@ union zip_dbg_corex_sta {
static inline u64 ZIP_DBG_COREX_STA(u64 param1)
{
- if (((param1 <= 1)))
+ if (param1 <= 1)
return 0x0680ull + (param1 & 1) * 0x8ull;
pr_err("ZIP_DBG_COREX_STA: %llu\n", param1);
return 0;
@@ -599,7 +599,7 @@ union zip_dbg_quex_sta {
static inline u64 ZIP_DBG_QUEX_STA(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x1800ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_DBG_QUEX_STA: %llu\n", param1);
return 0;
@@ -817,7 +817,7 @@ union zip_msix_pbax {
static inline u64 ZIP_MSIX_PBAX(u64 param1)
{
- if (((param1 == 0)))
+ if (param1 == 0)
return 0x0000838000FF0000ull;
pr_err("ZIP_MSIX_PBAX: %llu\n", param1);
return 0;
@@ -846,7 +846,7 @@ union zip_msix_vecx_addr {
static inline u64 ZIP_MSIX_VECX_ADDR(u64 param1)
{
- if (((param1 <= 17)))
+ if (param1 <= 17)
return 0x0000838000F00000ull + (param1 & 31) * 0x10ull;
pr_err("ZIP_MSIX_VECX_ADDR: %llu\n", param1);
return 0;
@@ -875,7 +875,7 @@ union zip_msix_vecx_ctl {
static inline u64 ZIP_MSIX_VECX_CTL(u64 param1)
{
- if (((param1 <= 17)))
+ if (param1 <= 17)
return 0x0000838000F00008ull + (param1 & 31) * 0x10ull;
pr_err("ZIP_MSIX_VECX_CTL: %llu\n", param1);
return 0;
@@ -900,7 +900,7 @@ union zip_quex_done {
static inline u64 ZIP_QUEX_DONE(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x2000ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_DONE: %llu\n", param1);
return 0;
@@ -925,7 +925,7 @@ union zip_quex_done_ack {
static inline u64 ZIP_QUEX_DONE_ACK(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x2200ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_DONE_ACK: %llu\n", param1);
return 0;
@@ -950,7 +950,7 @@ union zip_quex_done_ena_w1c {
static inline u64 ZIP_QUEX_DONE_ENA_W1C(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x2600ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_DONE_ENA_W1C: %llu\n", param1);
return 0;
@@ -975,7 +975,7 @@ union zip_quex_done_ena_w1s {
static inline u64 ZIP_QUEX_DONE_ENA_W1S(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x2400ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_DONE_ENA_W1S: %llu\n", param1);
return 0;
@@ -1004,7 +1004,7 @@ union zip_quex_done_wait {
static inline u64 ZIP_QUEX_DONE_WAIT(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x2800ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_DONE_WAIT: %llu\n", param1);
return 0;
@@ -1029,7 +1029,7 @@ union zip_quex_doorbell {
static inline u64 ZIP_QUEX_DOORBELL(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x4000ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_DOORBELL: %llu\n", param1);
return 0;
@@ -1058,7 +1058,7 @@ union zip_quex_err_ena_w1c {
static inline u64 ZIP_QUEX_ERR_ENA_W1C(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x3600ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_ERR_ENA_W1C: %llu\n", param1);
return 0;
@@ -1087,7 +1087,7 @@ union zip_quex_err_ena_w1s {
static inline u64 ZIP_QUEX_ERR_ENA_W1S(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x3400ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_ERR_ENA_W1S: %llu\n", param1);
return 0;
@@ -1120,7 +1120,7 @@ union zip_quex_err_int {
static inline u64 ZIP_QUEX_ERR_INT(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x3000ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_ERR_INT: %llu\n", param1);
return 0;
@@ -1150,7 +1150,7 @@ union zip_quex_err_int_w1s {
static inline u64 ZIP_QUEX_ERR_INT_W1S(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x3200ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_ERR_INT_W1S: %llu\n", param1);
return 0;
@@ -1179,7 +1179,7 @@ union zip_quex_gcfg {
static inline u64 ZIP_QUEX_GCFG(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x1A00ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_GCFG: %llu\n", param1);
return 0;
@@ -1204,7 +1204,7 @@ union zip_quex_map {
static inline u64 ZIP_QUEX_MAP(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x1400ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_MAP: %llu\n", param1);
return 0;
@@ -1236,7 +1236,7 @@ union zip_quex_sbuf_addr {
static inline u64 ZIP_QUEX_SBUF_ADDR(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x1000ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_SBUF_ADDR: %llu\n", param1);
return 0;
@@ -1276,7 +1276,7 @@ union zip_quex_sbuf_ctl {
static inline u64 ZIP_QUEX_SBUF_CTL(u64 param1)
{
- if (((param1 <= 7)))
+ if (param1 <= 7)
return 0x1200ull + (param1 & 7) * 0x8ull;
pr_err("ZIP_QUEX_SBUF_CTL: %llu\n", param1);
return 0;
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index d95ec526587a..ff478d826d7d 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -22,11 +22,17 @@
#include <linux/delay.h>
#include <linux/hw_random.h>
#include <linux/ccp.h>
+#include <linux/firmware.h>
#include "sp-dev.h"
#include "psp-dev.h"
+#define SEV_VERSION_GREATER_OR_EQUAL(_maj, _min) \
+ ((psp_master->api_major) >= _maj && \
+ (psp_master->api_minor) >= _min)
+
#define DEVICE_NAME "sev"
+#define SEV_FW_FILE "amd/sev.fw"
static DEFINE_MUTEX(sev_cmd_mutex);
static struct sev_misc_dev *misc_dev;
@@ -112,6 +118,8 @@ static int sev_cmd_buffer_len(int cmd)
case SEV_CMD_RECEIVE_UPDATE_DATA: return sizeof(struct sev_data_receive_update_data);
case SEV_CMD_RECEIVE_UPDATE_VMSA: return sizeof(struct sev_data_receive_update_vmsa);
case SEV_CMD_LAUNCH_UPDATE_SECRET: return sizeof(struct sev_data_launch_secret);
+ case SEV_CMD_DOWNLOAD_FIRMWARE: return sizeof(struct sev_data_download_firmware);
+ case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id);
default: return 0;
}
@@ -378,6 +386,79 @@ void *psp_copy_user_blob(u64 __user uaddr, u32 len)
}
EXPORT_SYMBOL_GPL(psp_copy_user_blob);
+static int sev_get_api_version(void)
+{
+ struct sev_user_data_status *status;
+ int error, ret;
+
+ status = &psp_master->status_cmd_buf;
+ ret = sev_platform_status(status, &error);
+ if (ret) {
+ dev_err(psp_master->dev,
+ "SEV: failed to get status. Error: %#x\n", error);
+ return 1;
+ }
+
+ psp_master->api_major = status->api_major;
+ psp_master->api_minor = status->api_minor;
+ psp_master->build = status->build;
+
+ return 0;
+}
+
+/* Don't fail if SEV FW couldn't be updated. Continue with existing SEV FW */
+static int sev_update_firmware(struct device *dev)
+{
+ struct sev_data_download_firmware *data;
+ const struct firmware *firmware;
+ int ret, error, order;
+ struct page *p;
+ u64 data_size;
+
+ ret = request_firmware(&firmware, SEV_FW_FILE, dev);
+ if (ret < 0)
+ return -1;
+
+ /*
+ * SEV FW expects the physical address given to it to be 32
+ * byte aligned. Memory allocated has structure placed at the
+ * beginning followed by the firmware being passed to the SEV
+ * FW. Allocate enough memory for data structure + alignment
+ * padding + SEV FW.
+ */
+ data_size = ALIGN(sizeof(struct sev_data_download_firmware), 32);
+
+ order = get_order(firmware->size + data_size);
+ p = alloc_pages(GFP_KERNEL, order);
+ if (!p) {
+ ret = -1;
+ goto fw_err;
+ }
+
+ /*
+ * Copy firmware data to a kernel allocated contiguous
+ * memory region.
+ */
+ data = page_address(p);
+ memcpy(page_address(p) + data_size, firmware->data, firmware->size);
+
+ data->address = __psp_pa(page_address(p) + data_size);
+ data->len = firmware->size;
+
+ ret = sev_do_cmd(SEV_CMD_DOWNLOAD_FIRMWARE, data, &error);
+ if (ret)
+ dev_dbg(dev, "Failed to update SEV firmware: %#x\n", error);
+ else
+ dev_info(dev, "SEV firmware update successful\n");
+
+ __free_pages(p, order);
+
+fw_err:
+ release_firmware(firmware);
+
+ return ret;
+}
+
static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp)
{
struct sev_user_data_pek_cert_import input;
@@ -430,6 +511,46 @@ e_free:
return ret;
}
+static int sev_ioctl_do_get_id(struct sev_issue_cmd *argp)
+{
+ struct sev_data_get_id *data;
+ u64 data_size, user_size;
+ void *id_blob, *mem;
+ int ret;
+
+ /* SEV GET_ID available from SEV API v0.16 and up */
+ if (!SEV_VERSION_GREATER_OR_EQUAL(0, 16))
+ return -ENOTSUPP;
+
+ /* SEV FW expects the buffer it fills with the ID to be
+ * 8-byte aligned. Memory allocated should be enough to
+ * hold data structure + alignment padding + memory
+ * where SEV FW writes the ID.
+ */
+ data_size = ALIGN(sizeof(struct sev_data_get_id), 8);
+ user_size = sizeof(struct sev_user_data_get_id);
+
+ mem = kzalloc(data_size + user_size, GFP_KERNEL);
+ if (!mem)
+ return -ENOMEM;
+
+ data = mem;
+ id_blob = mem + data_size;
+
+ data->address = __psp_pa(id_blob);
+ data->len = user_size;
+
+ ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error);
+ if (!ret) {
+ if (copy_to_user((void __user *)argp->data, id_blob, data->len))
+ ret = -EFAULT;
+ }
+
+ kfree(mem);
+
+ return ret;
+}
+
static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp)
{
struct sev_user_data_pdh_cert_export input;
@@ -567,6 +688,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
case SEV_PDH_CERT_EXPORT:
ret = sev_ioctl_do_pdh_export(&input);
break;
+ case SEV_GET_ID:
+ ret = sev_ioctl_do_get_id(&input);
+ break;
default:
ret = -EINVAL;
goto out;
@@ -750,7 +874,6 @@ EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user);
void psp_pci_init(void)
{
- struct sev_user_data_status *status;
struct sp_device *sp;
int error, rc;
@@ -760,6 +883,13 @@ void psp_pci_init(void)
psp_master = sp->psp_data;
+ if (sev_get_api_version())
+ goto err;
+
+ if (SEV_VERSION_GREATER_OR_EQUAL(0, 15) &&
+ sev_update_firmware(psp_master->dev) == 0)
+ sev_get_api_version();
+
/* Initialize the platform */
rc = sev_platform_init(&error);
if (rc) {
@@ -767,16 +897,9 @@ void psp_pci_init(void)
goto err;
}
- /* Display SEV firmware version */
- status = &psp_master->status_cmd_buf;
- rc = sev_platform_status(status, &error);
- if (rc) {
- dev_err(sp->dev, "SEV: failed to get status error %#x\n", error);
- goto err;
- }
+ dev_info(sp->dev, "SEV API:%d.%d build:%d\n", psp_master->api_major,
+ psp_master->api_minor, psp_master->build);
- dev_info(sp->dev, "SEV API:%d.%d build:%d\n", status->api_major,
- status->api_minor, status->build);
return;
err:
diff --git a/drivers/crypto/ccp/psp-dev.h b/drivers/crypto/ccp/psp-dev.h
index c81f0b11287a..c7e9098a233c 100644
--- a/drivers/crypto/ccp/psp-dev.h
+++ b/drivers/crypto/ccp/psp-dev.h
@@ -78,6 +78,10 @@ struct psp_device {
struct sev_misc_dev *sev_misc;
struct sev_user_data_status status_cmd_buf;
struct sev_data_init init_cmd_buf;
+
+ u8 api_major;
+ u8 api_minor;
+ u8 build;
};
#endif /* __PSP_DEV_H */
diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c
index df98f7afe645..d2810c183b73 100644
--- a/drivers/crypto/ccree/cc_cipher.c
+++ b/drivers/crypto/ccree/cc_cipher.c
@@ -42,6 +42,7 @@ struct cc_cipher_ctx {
int cipher_mode;
int flow_mode;
unsigned int flags;
+ bool hw_key;
struct cc_user_key_info user;
struct cc_hw_key_info hw;
struct crypto_shash *shash_tfm;
@@ -49,6 +50,13 @@ struct cc_cipher_ctx {
static void cc_cipher_complete(struct device *dev, void *cc_req, int err);
+static inline bool cc_is_hw_key(struct crypto_tfm *tfm)
+{
+ struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm);
+
+ return ctx_p->hw_key;
+}
+
static int validate_keys_sizes(struct cc_cipher_ctx *ctx_p, u32 size)
{
switch (ctx_p->flow_mode) {
@@ -211,7 +219,7 @@ struct tdes_keys {
u8 key3[DES_KEY_SIZE];
};
-static enum cc_hw_crypto_key hw_key_to_cc_hw_key(int slot_num)
+static enum cc_hw_crypto_key cc_slot_to_hw_key(int slot_num)
{
switch (slot_num) {
case 0:
@@ -226,69 +234,100 @@ static enum cc_hw_crypto_key hw_key_to_cc_hw_key(int slot_num)
return END_OF_KEYS;
}
-static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key,
- unsigned int keylen)
+static int cc_cipher_sethkey(struct crypto_skcipher *sktfm, const u8 *key,
+ unsigned int keylen)
{
struct crypto_tfm *tfm = crypto_skcipher_tfm(sktfm);
struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm);
struct device *dev = drvdata_to_dev(ctx_p->drvdata);
- u32 tmp[DES3_EDE_EXPKEY_WORDS];
- struct cc_crypto_alg *cc_alg =
- container_of(tfm->__crt_alg, struct cc_crypto_alg,
- skcipher_alg.base);
- unsigned int max_key_buf_size = cc_alg->skcipher_alg.max_keysize;
+ struct cc_hkey_info hki;
- dev_dbg(dev, "Setting key in context @%p for %s. keylen=%u\n",
+ dev_dbg(dev, "Setting HW key in context @%p for %s. keylen=%u\n",
ctx_p, crypto_tfm_alg_name(tfm), keylen);
dump_byte_array("key", (u8 *)key, keylen);
/* STAT_PHASE_0: Init and sanity checks */
+ /* This check the size of the hardware key token */
+ if (keylen != sizeof(hki)) {
+ dev_err(dev, "Unsupported HW key size %d.\n", keylen);
+ crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ if (ctx_p->flow_mode != S_DIN_to_AES) {
+ dev_err(dev, "HW key not supported for non-AES flows\n");
+ return -EINVAL;
+ }
+
+ memcpy(&hki, key, keylen);
+
+ /* The real key len for crypto op is the size of the HW key
+ * referenced by the HW key slot, not the hardware key token
+ */
+ keylen = hki.keylen;
+
if (validate_keys_sizes(ctx_p, keylen)) {
dev_err(dev, "Unsupported key size %d.\n", keylen);
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
- if (cc_is_hw_key(tfm)) {
- /* setting HW key slots */
- struct arm_hw_key_info *hki = (struct arm_hw_key_info *)key;
+ ctx_p->hw.key1_slot = cc_slot_to_hw_key(hki.hw_key1);
+ if (ctx_p->hw.key1_slot == END_OF_KEYS) {
+ dev_err(dev, "Unsupported hw key1 number (%d)\n", hki.hw_key1);
+ return -EINVAL;
+ }
- if (ctx_p->flow_mode != S_DIN_to_AES) {
- dev_err(dev, "HW key not supported for non-AES flows\n");
+ if (ctx_p->cipher_mode == DRV_CIPHER_XTS ||
+ ctx_p->cipher_mode == DRV_CIPHER_ESSIV ||
+ ctx_p->cipher_mode == DRV_CIPHER_BITLOCKER) {
+ if (hki.hw_key1 == hki.hw_key2) {
+ dev_err(dev, "Illegal hw key numbers (%d,%d)\n",
+ hki.hw_key1, hki.hw_key2);
return -EINVAL;
}
-
- ctx_p->hw.key1_slot = hw_key_to_cc_hw_key(hki->hw_key1);
- if (ctx_p->hw.key1_slot == END_OF_KEYS) {
- dev_err(dev, "Unsupported hw key1 number (%d)\n",
- hki->hw_key1);
+ ctx_p->hw.key2_slot = cc_slot_to_hw_key(hki.hw_key2);
+ if (ctx_p->hw.key2_slot == END_OF_KEYS) {
+ dev_err(dev, "Unsupported hw key2 number (%d)\n",
+ hki.hw_key2);
return -EINVAL;
}
+ }
- if (ctx_p->cipher_mode == DRV_CIPHER_XTS ||
- ctx_p->cipher_mode == DRV_CIPHER_ESSIV ||
- ctx_p->cipher_mode == DRV_CIPHER_BITLOCKER) {
- if (hki->hw_key1 == hki->hw_key2) {
- dev_err(dev, "Illegal hw key numbers (%d,%d)\n",
- hki->hw_key1, hki->hw_key2);
- return -EINVAL;
- }
- ctx_p->hw.key2_slot =
- hw_key_to_cc_hw_key(hki->hw_key2);
- if (ctx_p->hw.key2_slot == END_OF_KEYS) {
- dev_err(dev, "Unsupported hw key2 number (%d)\n",
- hki->hw_key2);
- return -EINVAL;
- }
- }
+ ctx_p->keylen = keylen;
+ ctx_p->hw_key = true;
+ dev_dbg(dev, "cc_is_hw_key ret 0");
+
+ return 0;
+}
+
+static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key,
+ unsigned int keylen)
+{
+ struct crypto_tfm *tfm = crypto_skcipher_tfm(sktfm);
+ struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm);
+ struct device *dev = drvdata_to_dev(ctx_p->drvdata);
+ u32 tmp[DES3_EDE_EXPKEY_WORDS];
+ struct cc_crypto_alg *cc_alg =
+ container_of(tfm->__crt_alg, struct cc_crypto_alg,
+ skcipher_alg.base);
+ unsigned int max_key_buf_size = cc_alg->skcipher_alg.max_keysize;
+
+ dev_dbg(dev, "Setting key in context @%p for %s. keylen=%u\n",
+ ctx_p, crypto_tfm_alg_name(tfm), keylen);
+ dump_byte_array("key", (u8 *)key, keylen);
- ctx_p->keylen = keylen;
- dev_dbg(dev, "cc_is_hw_key ret 0");
+ /* STAT_PHASE_0: Init and sanity checks */
- return 0;
+ if (validate_keys_sizes(ctx_p, keylen)) {
+ dev_err(dev, "Unsupported key size %d.\n", keylen);
+ crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
}
+ ctx_p->hw_key = false;
+
/*
* Verify DES weak keys
* Note that we're dropping the expanded key since the
@@ -735,6 +774,241 @@ static int cc_cipher_decrypt(struct skcipher_request *req)
/* Block cipher alg */
static const struct cc_alg_template skcipher_algs[] = {
{
+ .name = "xts(paes)",
+ .driver_name = "xts-paes-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_XTS,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_630,
+ },
+ {
+ .name = "xts512(paes)",
+ .driver_name = "xts-paes-du512-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_XTS,
+ .flow_mode = S_DIN_to_AES,
+ .data_unit = 512,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "xts4096(paes)",
+ .driver_name = "xts-paes-du4096-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_XTS,
+ .flow_mode = S_DIN_to_AES,
+ .data_unit = 4096,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "essiv(paes)",
+ .driver_name = "essiv-paes-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_ESSIV,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "essiv512(paes)",
+ .driver_name = "essiv-paes-du512-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_ESSIV,
+ .flow_mode = S_DIN_to_AES,
+ .data_unit = 512,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "essiv4096(paes)",
+ .driver_name = "essiv-paes-du4096-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_ESSIV,
+ .flow_mode = S_DIN_to_AES,
+ .data_unit = 4096,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "bitlocker(paes)",
+ .driver_name = "bitlocker-paes-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_BITLOCKER,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "bitlocker512(paes)",
+ .driver_name = "bitlocker-paes-du512-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_BITLOCKER,
+ .flow_mode = S_DIN_to_AES,
+ .data_unit = 512,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "bitlocker4096(paes)",
+ .driver_name = "bitlocker-paes-du4096-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_BITLOCKER,
+ .flow_mode = S_DIN_to_AES,
+ .data_unit = 4096,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "ecb(paes)",
+ .driver_name = "ecb-paes-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = 0,
+ },
+ .cipher_mode = DRV_CIPHER_ECB,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "cbc(paes)",
+ .driver_name = "cbc-paes-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_CBC,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "ofb(paes)",
+ .driver_name = "ofb-paes-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_OFB,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "cts1(cbc(paes))",
+ .driver_name = "cts1-cbc-paes-ccree",
+ .blocksize = AES_BLOCK_SIZE,
+ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_CBC_CTS,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
+ .name = "ctr(paes)",
+ .driver_name = "ctr-paes-ccree",
+ .blocksize = 1,
+ .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
+ .template_skcipher = {
+ .setkey = cc_cipher_sethkey,
+ .encrypt = cc_cipher_encrypt,
+ .decrypt = cc_cipher_decrypt,
+ .min_keysize = CC_HW_KEY_SIZE,
+ .max_keysize = CC_HW_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ },
+ .cipher_mode = DRV_CIPHER_CTR,
+ .flow_mode = S_DIN_to_AES,
+ .min_hw_rev = CC_HW_REV_712,
+ },
+ {
.name = "xts(aes)",
.driver_name = "xts-aes-ccree",
.blocksize = AES_BLOCK_SIZE,
diff --git a/drivers/crypto/ccree/cc_cipher.h b/drivers/crypto/ccree/cc_cipher.h
index 2a2a6f46c515..68444cfa936b 100644
--- a/drivers/crypto/ccree/cc_cipher.h
+++ b/drivers/crypto/ccree/cc_cipher.h
@@ -13,18 +13,6 @@
#include "cc_driver.h"
#include "cc_buffer_mgr.h"
-/* Crypto cipher flags */
-#define CC_CRYPTO_CIPHER_KEY_KFDE0 BIT(0)
-#define CC_CRYPTO_CIPHER_KEY_KFDE1 BIT(1)
-#define CC_CRYPTO_CIPHER_KEY_KFDE2 BIT(2)
-#define CC_CRYPTO_CIPHER_KEY_KFDE3 BIT(3)
-#define CC_CRYPTO_CIPHER_DU_SIZE_512B BIT(4)
-
-#define CC_CRYPTO_CIPHER_KEY_KFDE_MASK (CC_CRYPTO_CIPHER_KEY_KFDE0 | \
- CC_CRYPTO_CIPHER_KEY_KFDE1 | \
- CC_CRYPTO_CIPHER_KEY_KFDE2 | \
- CC_CRYPTO_CIPHER_KEY_KFDE3)
-
struct cipher_req_ctx {
struct async_gen_req_ctx gen_ctx;
enum cc_req_dma_buf_type dma_buf_type;
@@ -42,18 +30,12 @@ int cc_cipher_alloc(struct cc_drvdata *drvdata);
int cc_cipher_free(struct cc_drvdata *drvdata);
-struct arm_hw_key_info {
- int hw_key1;
- int hw_key2;
-};
+struct cc_hkey_info {
+ u16 keylen;
+ u8 hw_key1;
+ u8 hw_key2;
+} __packed;
-/*
- * This is a stub function that will replaced when we
- * implement secure keys
- */
-static inline bool cc_is_hw_key(struct crypto_tfm *tfm)
-{
- return false;
-}
+#define CC_HW_KEY_SIZE sizeof(struct cc_hkey_info)
#endif /*__CC_CIPHER_H__*/
diff --git a/drivers/crypto/ccree/cc_debugfs.c b/drivers/crypto/ccree/cc_debugfs.c
index 08f8db489cf0..5ca184e42483 100644
--- a/drivers/crypto/ccree/cc_debugfs.c
+++ b/drivers/crypto/ccree/cc_debugfs.c
@@ -26,7 +26,8 @@ struct cc_debugfs_ctx {
static struct dentry *cc_debugfs_dir;
static struct debugfs_reg32 debug_regs[] = {
- CC_DEBUG_REG(HOST_SIGNATURE),
+ { .name = "SIGNATURE" }, /* Must be 0th */
+ { .name = "VERSION" }, /* Must be 1st */
CC_DEBUG_REG(HOST_IRR),
CC_DEBUG_REG(HOST_POWER_DOWN_EN),
CC_DEBUG_REG(AXIM_MON_ERR),
@@ -34,7 +35,6 @@ static struct debugfs_reg32 debug_regs[] = {
CC_DEBUG_REG(HOST_IMR),
CC_DEBUG_REG(AXIM_CFG),
CC_DEBUG_REG(AXIM_CACHE_PARAMS),
- CC_DEBUG_REG(HOST_VERSION),
CC_DEBUG_REG(GPR_HOST),
CC_DEBUG_REG(AXIM_MON_COMP),
};
@@ -58,6 +58,9 @@ int cc_debugfs_init(struct cc_drvdata *drvdata)
struct debugfs_regset32 *regset;
struct dentry *file;
+ debug_regs[0].offset = drvdata->sig_offset;
+ debug_regs[1].offset = drvdata->ver_offset;
+
ctx = devm_kzalloc(dev, sizeof(*ctx), GFP_KERNEL);
if (!ctx)
return -ENOMEM;
diff --git a/drivers/crypto/ccree/cc_driver.c b/drivers/crypto/ccree/cc_driver.c
index 89ce013ae093..bd974fef05e4 100644
--- a/drivers/crypto/ccree/cc_driver.c
+++ b/drivers/crypto/ccree/cc_driver.c
@@ -168,14 +168,14 @@ int init_cc_regs(struct cc_drvdata *drvdata, bool is_probe)
val = cc_ioread(drvdata, CC_REG(AXIM_CACHE_PARAMS));
if (is_probe)
- dev_info(dev, "Cache params previous: 0x%08X\n", val);
+ dev_dbg(dev, "Cache params previous: 0x%08X\n", val);
cc_iowrite(drvdata, CC_REG(AXIM_CACHE_PARAMS), cache_params);
val = cc_ioread(drvdata, CC_REG(AXIM_CACHE_PARAMS));
if (is_probe)
- dev_info(dev, "Cache params current: 0x%08X (expect: 0x%08X)\n",
- val, cache_params);
+ dev_dbg(dev, "Cache params current: 0x%08X (expect: 0x%08X)\n",
+ val, cache_params);
return 0;
}
@@ -190,6 +190,7 @@ static int init_cc_resources(struct platform_device *plat_dev)
u64 dma_mask;
const struct cc_hw_data *hw_rev;
const struct of_device_id *dev_id;
+ struct clk *clk;
int rc = 0;
new_drvdata = devm_kzalloc(dev, sizeof(*new_drvdata), GFP_KERNEL);
@@ -207,15 +208,36 @@ static int init_cc_resources(struct platform_device *plat_dev)
if (hw_rev->rev >= CC_HW_REV_712) {
new_drvdata->hash_len_sz = HASH_LEN_SIZE_712;
new_drvdata->axim_mon_offset = CC_REG(AXIM_MON_COMP);
+ new_drvdata->sig_offset = CC_REG(HOST_SIGNATURE_712);
+ new_drvdata->ver_offset = CC_REG(HOST_VERSION_712);
} else {
new_drvdata->hash_len_sz = HASH_LEN_SIZE_630;
new_drvdata->axim_mon_offset = CC_REG(AXIM_MON_COMP8);
+ new_drvdata->sig_offset = CC_REG(HOST_SIGNATURE_630);
+ new_drvdata->ver_offset = CC_REG(HOST_VERSION_630);
}
platform_set_drvdata(plat_dev, new_drvdata);
new_drvdata->plat_dev = plat_dev;
- new_drvdata->clk = of_clk_get(np, 0);
+ clk = devm_clk_get(dev, NULL);
+ if (IS_ERR(clk))
+ switch (PTR_ERR(clk)) {
+ /* Clock is optional so this might be fine */
+ case -ENOENT:
+ break;
+
+ /* Clock not available, let's try again soon */
+ case -EPROBE_DEFER:
+ return -EPROBE_DEFER;
+
+ default:
+ dev_err(dev, "Error getting clock: %ld\n",
+ PTR_ERR(clk));
+ return PTR_ERR(clk);
+ }
+ new_drvdata->clk = clk;
+
new_drvdata->coherent = of_dma_is_coherent(np);
/* Get device resources */
@@ -265,7 +287,7 @@ static int init_cc_resources(struct platform_device *plat_dev)
}
if (rc) {
- dev_err(dev, "Failed in dma_set_mask, mask=%pad\n", &dma_mask);
+ dev_err(dev, "Failed in dma_set_mask, mask=%llx\n", dma_mask);
return rc;
}
@@ -276,7 +298,7 @@ static int init_cc_resources(struct platform_device *plat_dev)
}
/* Verify correct mapping */
- signature_val = cc_ioread(new_drvdata, CC_REG(HOST_SIGNATURE));
+ signature_val = cc_ioread(new_drvdata, new_drvdata->sig_offset);
if (signature_val != hw_rev->sig) {
dev_err(dev, "Invalid CC signature: SIGNATURE=0x%08X != expected=0x%08X\n",
signature_val, hw_rev->sig);
@@ -287,7 +309,7 @@ static int init_cc_resources(struct platform_device *plat_dev)
/* Display HW versions */
dev_info(dev, "ARM CryptoCell %s Driver: HW version 0x%08X, Driver version %s\n",
- hw_rev->name, cc_ioread(new_drvdata, CC_REG(HOST_VERSION)),
+ hw_rev->name, cc_ioread(new_drvdata, new_drvdata->ver_offset),
DRV_MODULE_VERSION);
rc = init_cc_regs(new_drvdata, true);
diff --git a/drivers/crypto/ccree/cc_driver.h b/drivers/crypto/ccree/cc_driver.h
index 2048fdeb9579..95f82b2d1e70 100644
--- a/drivers/crypto/ccree/cc_driver.h
+++ b/drivers/crypto/ccree/cc_driver.h
@@ -129,6 +129,8 @@ struct cc_drvdata {
enum cc_hw_rev hw_rev;
u32 hash_len_sz;
u32 axim_mon_offset;
+ u32 sig_offset;
+ u32 ver_offset;
};
struct cc_crypto_alg {
diff --git a/drivers/crypto/ccree/cc_host_regs.h b/drivers/crypto/ccree/cc_host_regs.h
index f51001898ca1..616b2e1c41ba 100644
--- a/drivers/crypto/ccree/cc_host_regs.h
+++ b/drivers/crypto/ccree/cc_host_regs.h
@@ -45,7 +45,8 @@
#define CC_HOST_ICR_DSCRPTR_WATERMARK_QUEUE0_CLEAR_BIT_SIZE 0x1UL
#define CC_HOST_ICR_AXIM_COMP_INT_CLEAR_BIT_SHIFT 0x17UL
#define CC_HOST_ICR_AXIM_COMP_INT_CLEAR_BIT_SIZE 0x1UL
-#define CC_HOST_SIGNATURE_REG_OFFSET 0xA24UL
+#define CC_HOST_SIGNATURE_712_REG_OFFSET 0xA24UL
+#define CC_HOST_SIGNATURE_630_REG_OFFSET 0xAC8UL
#define CC_HOST_SIGNATURE_VALUE_BIT_SHIFT 0x0UL
#define CC_HOST_SIGNATURE_VALUE_BIT_SIZE 0x20UL
#define CC_HOST_BOOT_REG_OFFSET 0xA28UL
@@ -105,7 +106,8 @@
#define CC_HOST_BOOT_ONLY_ENCRYPT_LOCAL_BIT_SIZE 0x1UL
#define CC_HOST_BOOT_AES_EXISTS_LOCAL_BIT_SHIFT 0x1EUL
#define CC_HOST_BOOT_AES_EXISTS_LOCAL_BIT_SIZE 0x1UL
-#define CC_HOST_VERSION_REG_OFFSET 0xA40UL
+#define CC_HOST_VERSION_712_REG_OFFSET 0xA40UL
+#define CC_HOST_VERSION_630_REG_OFFSET 0xAD8UL
#define CC_HOST_VERSION_VALUE_BIT_SHIFT 0x0UL
#define CC_HOST_VERSION_VALUE_BIT_SIZE 0x20UL
#define CC_HOST_KFDE0_VALID_REG_OFFSET 0xA60UL
diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c
index 59fe6631e73e..b916c4eb608c 100644
--- a/drivers/crypto/chelsio/chcr_algo.c
+++ b/drivers/crypto/chelsio/chcr_algo.c
@@ -203,13 +203,8 @@ static inline void chcr_handle_aead_resp(struct aead_request *req,
int err)
{
struct chcr_aead_reqctx *reqctx = aead_request_ctx(req);
- struct crypto_aead *tfm = crypto_aead_reqtfm(req);
- struct uld_ctx *u_ctx = ULD_CTX(a_ctx(tfm));
- chcr_aead_dma_unmap(&u_ctx->lldi.pdev->dev, req, reqctx->op);
- if (reqctx->b0_dma)
- dma_unmap_single(&u_ctx->lldi.pdev->dev, reqctx->b0_dma,
- reqctx->b0_len, DMA_BIDIRECTIONAL);
+ chcr_aead_common_exit(req);
if (reqctx->verify == VERIFY_SW) {
chcr_verify_tag(req, input, &err);
reqctx->verify = VERIFY_HW;
@@ -638,7 +633,6 @@ static int chcr_sg_ent_in_wr(struct scatterlist *src,
src = sg_next(src);
srcskip = 0;
}
-
if (sg_dma_len(dst) == dstskip) {
dst = sg_next(dst);
dstskip = 0;
@@ -688,6 +682,7 @@ static int chcr_cipher_fallback(struct crypto_skcipher *cipher,
int err;
SKCIPHER_REQUEST_ON_STACK(subreq, cipher);
+
skcipher_request_set_tfm(subreq, cipher);
skcipher_request_set_callback(subreq, flags, NULL, NULL);
skcipher_request_set_crypt(subreq, src, dst,
@@ -760,13 +755,13 @@ static struct sk_buff *create_cipher_wr(struct cipher_wr_param *wrparam)
nents = sg_nents_xlen(reqctx->dstsg, wrparam->bytes, CHCR_DST_SG_SIZE,
reqctx->dst_ofst);
- dst_size = get_space_for_phys_dsgl(nents + 1);
+ dst_size = get_space_for_phys_dsgl(nents);
kctx_len = roundup(ablkctx->enckey_len, 16);
transhdr_len = CIPHER_TRANSHDR_SIZE(kctx_len, dst_size);
nents = sg_nents_xlen(reqctx->srcsg, wrparam->bytes,
CHCR_SRC_SG_SIZE, reqctx->src_ofst);
- temp = reqctx->imm ? roundup(IV + wrparam->req->nbytes, 16) :
- (sgl_len(nents + MIN_CIPHER_SG) * 8);
+ temp = reqctx->imm ? roundup(wrparam->bytes, 16) :
+ (sgl_len(nents) * 8);
transhdr_len += temp;
transhdr_len = roundup(transhdr_len, 16);
skb = alloc_skb(SGE_MAX_WR_LEN, flags);
@@ -788,7 +783,7 @@ static struct sk_buff *create_cipher_wr(struct cipher_wr_param *wrparam)
ablkctx->ciph_mode,
0, 0, IV >> 1);
chcr_req->sec_cpl.ivgen_hdrlen = FILL_SEC_CPL_IVGEN_HDRLEN(0, 0, 0,
- 0, 0, dst_size);
+ 0, 1, dst_size);
chcr_req->key_ctx.ctx_hdr = ablkctx->key_ctx_hdr;
if ((reqctx->op == CHCR_DECRYPT_OP) &&
@@ -818,8 +813,8 @@ static struct sk_buff *create_cipher_wr(struct cipher_wr_param *wrparam)
chcr_add_cipher_dst_ent(wrparam->req, phys_cpl, wrparam, wrparam->qid);
atomic_inc(&adap->chcr_stats.cipher_rqst);
- temp = sizeof(struct cpl_rx_phys_dsgl) + dst_size + kctx_len
- +(reqctx->imm ? (IV + wrparam->bytes) : 0);
+ temp = sizeof(struct cpl_rx_phys_dsgl) + dst_size + kctx_len + IV
+ + (reqctx->imm ? (wrparam->bytes) : 0);
create_wreq(c_ctx(tfm), chcr_req, &(wrparam->req->base), reqctx->imm, 0,
transhdr_len, temp,
ablkctx->ciph_mode == CHCR_SCMD_CIPHER_MODE_AES_CBC);
@@ -1022,7 +1017,7 @@ static int chcr_update_tweak(struct ablkcipher_request *req, u8 *iv,
ret = crypto_cipher_setkey(cipher, key, keylen);
if (ret)
goto out;
- /*H/W sends the encrypted IV in dsgl when AADIVDROP bit is 0*/
+ crypto_cipher_encrypt_one(cipher, iv, iv);
for (i = 0; i < round8; i++)
gf128mul_x8_ble((le128 *)iv, (le128 *)iv);
@@ -1113,16 +1108,8 @@ static int chcr_handle_cipher_resp(struct ablkcipher_request *req,
goto complete;
}
- if (unlikely(cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
- c_ctx(tfm)->tx_qidx))) {
- if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
- err = -EBUSY;
- goto unmap;
- }
-
- }
if (!reqctx->imm) {
- bytes = chcr_sg_ent_in_wr(reqctx->srcsg, reqctx->dstsg, 1,
+ bytes = chcr_sg_ent_in_wr(reqctx->srcsg, reqctx->dstsg, 0,
CIP_SPACE_LEFT(ablkctx->enckey_len),
reqctx->src_ofst, reqctx->dst_ofst);
if ((bytes + reqctx->processed) >= req->nbytes)
@@ -1133,11 +1120,7 @@ static int chcr_handle_cipher_resp(struct ablkcipher_request *req,
/*CTR mode counter overfloa*/
bytes = req->nbytes - reqctx->processed;
}
- dma_sync_single_for_cpu(&ULD_CTX(c_ctx(tfm))->lldi.pdev->dev,
- reqctx->iv_dma, IV, DMA_BIDIRECTIONAL);
err = chcr_update_cipher_iv(req, fw6_pld, reqctx->iv);
- dma_sync_single_for_device(&ULD_CTX(c_ctx(tfm))->lldi.pdev->dev,
- reqctx->iv_dma, IV, DMA_BIDIRECTIONAL);
if (err)
goto unmap;
@@ -1212,7 +1195,6 @@ static int process_cipher(struct ablkcipher_request *req,
dnents = sg_nents_xlen(req->dst, req->nbytes,
CHCR_DST_SG_SIZE, 0);
- dnents += 1; // IV
phys_dsgl = get_space_for_phys_dsgl(dnents);
kctx_len = roundup(ablkctx->enckey_len, 16);
transhdr_len = CIPHER_TRANSHDR_SIZE(kctx_len, phys_dsgl);
@@ -1225,8 +1207,7 @@ static int process_cipher(struct ablkcipher_request *req,
}
if (!reqctx->imm) {
- bytes = chcr_sg_ent_in_wr(req->src, req->dst,
- MIN_CIPHER_SG,
+ bytes = chcr_sg_ent_in_wr(req->src, req->dst, 0,
CIP_SPACE_LEFT(ablkctx->enckey_len),
0, 0);
if ((bytes + reqctx->processed) >= req->nbytes)
@@ -1293,13 +1274,14 @@ static int chcr_aes_encrypt(struct ablkcipher_request *req)
{
struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
struct sk_buff *skb = NULL;
- int err;
+ int err, isfull = 0;
struct uld_ctx *u_ctx = ULD_CTX(c_ctx(tfm));
if (unlikely(cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
c_ctx(tfm)->tx_qidx))) {
+ isfull = 1;
if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG))
- return -EBUSY;
+ return -ENOSPC;
}
err = process_cipher(req, u_ctx->lldi.rxq_ids[c_ctx(tfm)->rx_qidx],
@@ -1309,7 +1291,7 @@ static int chcr_aes_encrypt(struct ablkcipher_request *req)
skb->dev = u_ctx->lldi.ports[0];
set_wr_txq(skb, CPL_PRIORITY_DATA, c_ctx(tfm)->tx_qidx);
chcr_send_wr(skb);
- return -EINPROGRESS;
+ return isfull ? -EBUSY : -EINPROGRESS;
}
static int chcr_aes_decrypt(struct ablkcipher_request *req)
@@ -1317,12 +1299,13 @@ static int chcr_aes_decrypt(struct ablkcipher_request *req)
struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
struct uld_ctx *u_ctx = ULD_CTX(c_ctx(tfm));
struct sk_buff *skb = NULL;
- int err;
+ int err, isfull = 0;
if (unlikely(cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
c_ctx(tfm)->tx_qidx))) {
+ isfull = 1;
if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG))
- return -EBUSY;
+ return -ENOSPC;
}
err = process_cipher(req, u_ctx->lldi.rxq_ids[c_ctx(tfm)->rx_qidx],
@@ -1332,7 +1315,7 @@ static int chcr_aes_decrypt(struct ablkcipher_request *req)
skb->dev = u_ctx->lldi.ports[0];
set_wr_txq(skb, CPL_PRIORITY_DATA, c_ctx(tfm)->tx_qidx);
chcr_send_wr(skb);
- return -EINPROGRESS;
+ return isfull ? -EBUSY : -EINPROGRESS;
}
static int chcr_device_init(struct chcr_context *ctx)
@@ -1574,14 +1557,15 @@ static int chcr_ahash_update(struct ahash_request *req)
u8 remainder = 0, bs;
unsigned int nbytes = req->nbytes;
struct hash_wr_param params;
- int error;
+ int error, isfull = 0;
bs = crypto_tfm_alg_blocksize(crypto_ahash_tfm(rtfm));
u_ctx = ULD_CTX(h_ctx(rtfm));
if (unlikely(cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
h_ctx(rtfm)->tx_qidx))) {
+ isfull = 1;
if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG))
- return -EBUSY;
+ return -ENOSPC;
}
if (nbytes + req_ctx->reqlen >= bs) {
@@ -1633,7 +1617,7 @@ static int chcr_ahash_update(struct ahash_request *req)
set_wr_txq(skb, CPL_PRIORITY_DATA, h_ctx(rtfm)->tx_qidx);
chcr_send_wr(skb);
- return -EINPROGRESS;
+ return isfull ? -EBUSY : -EINPROGRESS;
unmap:
chcr_hash_dma_unmap(&u_ctx->lldi.pdev->dev, req);
return error;
@@ -1710,15 +1694,16 @@ static int chcr_ahash_finup(struct ahash_request *req)
struct sk_buff *skb;
struct hash_wr_param params;
u8 bs;
- int error;
+ int error, isfull = 0;
bs = crypto_tfm_alg_blocksize(crypto_ahash_tfm(rtfm));
u_ctx = ULD_CTX(h_ctx(rtfm));
if (unlikely(cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
h_ctx(rtfm)->tx_qidx))) {
+ isfull = 1;
if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG))
- return -EBUSY;
+ return -ENOSPC;
}
chcr_init_hctx_per_wr(req_ctx);
error = chcr_hash_dma_map(&u_ctx->lldi.pdev->dev, req);
@@ -1777,7 +1762,7 @@ static int chcr_ahash_finup(struct ahash_request *req)
set_wr_txq(skb, CPL_PRIORITY_DATA, h_ctx(rtfm)->tx_qidx);
chcr_send_wr(skb);
- return -EINPROGRESS;
+ return isfull ? -EBUSY : -EINPROGRESS;
unmap:
chcr_hash_dma_unmap(&u_ctx->lldi.pdev->dev, req);
return error;
@@ -1791,7 +1776,7 @@ static int chcr_ahash_digest(struct ahash_request *req)
struct sk_buff *skb;
struct hash_wr_param params;
u8 bs;
- int error;
+ int error, isfull = 0;
rtfm->init(req);
bs = crypto_tfm_alg_blocksize(crypto_ahash_tfm(rtfm));
@@ -1799,8 +1784,9 @@ static int chcr_ahash_digest(struct ahash_request *req)
u_ctx = ULD_CTX(h_ctx(rtfm));
if (unlikely(cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
h_ctx(rtfm)->tx_qidx))) {
+ isfull = 1;
if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG))
- return -EBUSY;
+ return -ENOSPC;
}
chcr_init_hctx_per_wr(req_ctx);
@@ -1856,7 +1842,7 @@ static int chcr_ahash_digest(struct ahash_request *req)
skb->dev = u_ctx->lldi.ports[0];
set_wr_txq(skb, CPL_PRIORITY_DATA, h_ctx(rtfm)->tx_qidx);
chcr_send_wr(skb);
- return -EINPROGRESS;
+ return isfull ? -EBUSY : -EINPROGRESS;
unmap:
chcr_hash_dma_unmap(&u_ctx->lldi.pdev->dev, req);
return error;
@@ -1875,11 +1861,6 @@ static int chcr_ahash_continue(struct ahash_request *req)
bs = crypto_tfm_alg_blocksize(crypto_ahash_tfm(rtfm));
u_ctx = ULD_CTX(h_ctx(rtfm));
- if (unlikely(cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
- h_ctx(rtfm)->tx_qidx))) {
- if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG))
- return -EBUSY;
- }
get_alg_config(&params.alg_prm, crypto_ahash_digestsize(rtfm));
params.kctx_len = roundup(params.alg_prm.result_size, 16);
if (is_hmac(crypto_ahash_tfm(rtfm))) {
@@ -2192,22 +2173,35 @@ static void chcr_hmac_cra_exit(struct crypto_tfm *tfm)
}
}
-static int chcr_aead_common_init(struct aead_request *req,
- unsigned short op_type)
+inline void chcr_aead_common_exit(struct aead_request *req)
+{
+ struct chcr_aead_reqctx *reqctx = aead_request_ctx(req);
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct uld_ctx *u_ctx = ULD_CTX(a_ctx(tfm));
+
+ chcr_aead_dma_unmap(&u_ctx->lldi.pdev->dev, req, reqctx->op);
+}
+
+static int chcr_aead_common_init(struct aead_request *req)
{
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
struct chcr_aead_ctx *aeadctx = AEAD_CTX(a_ctx(tfm));
struct chcr_aead_reqctx *reqctx = aead_request_ctx(req);
- int error = -EINVAL;
unsigned int authsize = crypto_aead_authsize(tfm);
+ int error = -EINVAL;
/* validate key size */
if (aeadctx->enckey_len == 0)
goto err;
- if (op_type && req->cryptlen < authsize)
+ if (reqctx->op && req->cryptlen < authsize)
goto err;
+ if (reqctx->b0_len)
+ reqctx->scratch_pad = reqctx->iv + IV;
+ else
+ reqctx->scratch_pad = NULL;
+
error = chcr_aead_dma_map(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev, req,
- op_type);
+ reqctx->op);
if (error) {
error = -ENOMEM;
goto err;
@@ -2244,7 +2238,7 @@ static int chcr_aead_fallback(struct aead_request *req, unsigned short op_type)
aead_request_set_tfm(subreq, aeadctx->sw_cipher);
aead_request_set_callback(subreq, req->base.flags,
req->base.complete, req->base.data);
- aead_request_set_crypt(subreq, req->src, req->dst, req->cryptlen,
+ aead_request_set_crypt(subreq, req->src, req->dst, req->cryptlen,
req->iv);
aead_request_set_ad(subreq, req->assoclen);
return op_type ? crypto_aead_decrypt(subreq) :
@@ -2253,8 +2247,7 @@ static int chcr_aead_fallback(struct aead_request *req, unsigned short op_type)
static struct sk_buff *create_authenc_wr(struct aead_request *req,
unsigned short qid,
- int size,
- unsigned short op_type)
+ int size)
{
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
struct chcr_aead_ctx *aeadctx = AEAD_CTX(a_ctx(tfm));
@@ -2278,18 +2271,20 @@ static struct sk_buff *create_authenc_wr(struct aead_request *req,
if (req->cryptlen == 0)
return NULL;
- reqctx->b0_dma = 0;
+ reqctx->b0_len = 0;
+ error = chcr_aead_common_init(req);
+ if (error)
+ return ERR_PTR(error);
+
if (subtype == CRYPTO_ALG_SUB_TYPE_CBC_NULL ||
- subtype == CRYPTO_ALG_SUB_TYPE_CTR_NULL) {
+ subtype == CRYPTO_ALG_SUB_TYPE_CTR_NULL) {
null = 1;
assoclen = 0;
+ reqctx->aad_nents = 0;
}
- error = chcr_aead_common_init(req, op_type);
- if (error)
- return ERR_PTR(error);
dnents = sg_nents_xlen(req->dst, assoclen, CHCR_DST_SG_SIZE, 0);
dnents += sg_nents_xlen(req->dst, req->cryptlen +
- (op_type ? -authsize : authsize), CHCR_DST_SG_SIZE,
+ (reqctx->op ? -authsize : authsize), CHCR_DST_SG_SIZE,
req->assoclen);
dnents += MIN_AUTH_SG; // For IV
@@ -2306,11 +2301,10 @@ static struct sk_buff *create_authenc_wr(struct aead_request *req,
transhdr_len = roundup(transhdr_len, 16);
if (chcr_aead_need_fallback(req, dnents, T6_MAX_AAD_SIZE,
- transhdr_len, op_type)) {
+ transhdr_len, reqctx->op)) {
atomic_inc(&adap->chcr_stats.fallback);
- chcr_aead_dma_unmap(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev, req,
- op_type);
- return ERR_PTR(chcr_aead_fallback(req, op_type));
+ chcr_aead_common_exit(req);
+ return ERR_PTR(chcr_aead_fallback(req, reqctx->op));
}
skb = alloc_skb(SGE_MAX_WR_LEN, flags);
if (!skb) {
@@ -2320,7 +2314,7 @@ static struct sk_buff *create_authenc_wr(struct aead_request *req,
chcr_req = __skb_put_zero(skb, transhdr_len);
- temp = (op_type == CHCR_ENCRYPT_OP) ? 0 : authsize;
+ temp = (reqctx->op == CHCR_ENCRYPT_OP) ? 0 : authsize;
/*
* Input order is AAD,IV and Payload. where IV should be included as
@@ -2344,8 +2338,8 @@ static struct sk_buff *create_authenc_wr(struct aead_request *req,
temp = CHCR_SCMD_CIPHER_MODE_AES_CTR;
else
temp = CHCR_SCMD_CIPHER_MODE_AES_CBC;
- chcr_req->sec_cpl.seqno_numivs = FILL_SEC_CPL_SCMD0_SEQNO(op_type,
- (op_type == CHCR_ENCRYPT_OP) ? 1 : 0,
+ chcr_req->sec_cpl.seqno_numivs = FILL_SEC_CPL_SCMD0_SEQNO(reqctx->op,
+ (reqctx->op == CHCR_ENCRYPT_OP) ? 1 : 0,
temp,
actx->auth_mode, aeadctx->hmac_ctrl,
IV >> 1);
@@ -2353,7 +2347,7 @@ static struct sk_buff *create_authenc_wr(struct aead_request *req,
0, 0, dst_size);
chcr_req->key_ctx.ctx_hdr = aeadctx->key_ctx_hdr;
- if (op_type == CHCR_ENCRYPT_OP ||
+ if (reqctx->op == CHCR_ENCRYPT_OP ||
subtype == CRYPTO_ALG_SUB_TYPE_CTR_SHA ||
subtype == CRYPTO_ALG_SUB_TYPE_CTR_NULL)
memcpy(chcr_req->key_ctx.key, aeadctx->key,
@@ -2376,20 +2370,18 @@ static struct sk_buff *create_authenc_wr(struct aead_request *req,
}
phys_cpl = (struct cpl_rx_phys_dsgl *)((u8 *)(chcr_req + 1) + kctx_len);
ulptx = (struct ulptx_sgl *)((u8 *)(phys_cpl + 1) + dst_size);
- chcr_add_aead_dst_ent(req, phys_cpl, assoclen, op_type, qid);
- chcr_add_aead_src_ent(req, ulptx, assoclen, op_type);
+ chcr_add_aead_dst_ent(req, phys_cpl, assoclen, qid);
+ chcr_add_aead_src_ent(req, ulptx, assoclen);
atomic_inc(&adap->chcr_stats.cipher_rqst);
temp = sizeof(struct cpl_rx_phys_dsgl) + dst_size +
kctx_len + (reqctx->imm ? (assoclen + IV + req->cryptlen) : 0);
create_wreq(a_ctx(tfm), chcr_req, &req->base, reqctx->imm, size,
transhdr_len, temp, 0);
reqctx->skb = skb;
- reqctx->op = op_type;
return skb;
err:
- chcr_aead_dma_unmap(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev, req,
- op_type);
+ chcr_aead_common_exit(req);
return ERR_PTR(error);
}
@@ -2408,11 +2400,14 @@ int chcr_aead_dma_map(struct device *dev,
-authsize : authsize);
if (!req->cryptlen || !dst_size)
return 0;
- reqctx->iv_dma = dma_map_single(dev, reqctx->iv, IV,
+ reqctx->iv_dma = dma_map_single(dev, reqctx->iv, (IV + reqctx->b0_len),
DMA_BIDIRECTIONAL);
if (dma_mapping_error(dev, reqctx->iv_dma))
return -ENOMEM;
-
+ if (reqctx->b0_len)
+ reqctx->b0_dma = reqctx->iv_dma + IV;
+ else
+ reqctx->b0_dma = 0;
if (req->src == req->dst) {
error = dma_map_sg(dev, req->src, sg_nents(req->src),
DMA_BIDIRECTIONAL);
@@ -2452,7 +2447,7 @@ void chcr_aead_dma_unmap(struct device *dev,
if (!req->cryptlen || !dst_size)
return;
- dma_unmap_single(dev, reqctx->iv_dma, IV,
+ dma_unmap_single(dev, reqctx->iv_dma, (IV + reqctx->b0_len),
DMA_BIDIRECTIONAL);
if (req->src == req->dst) {
dma_unmap_sg(dev, req->src, sg_nents(req->src),
@@ -2467,8 +2462,7 @@ void chcr_aead_dma_unmap(struct device *dev,
void chcr_add_aead_src_ent(struct aead_request *req,
struct ulptx_sgl *ulptx,
- unsigned int assoclen,
- unsigned short op_type)
+ unsigned int assoclen)
{
struct ulptx_walk ulp_walk;
struct chcr_aead_reqctx *reqctx = aead_request_ctx(req);
@@ -2476,7 +2470,7 @@ void chcr_add_aead_src_ent(struct aead_request *req,
if (reqctx->imm) {
u8 *buf = (u8 *)ulptx;
- if (reqctx->b0_dma) {
+ if (reqctx->b0_len) {
memcpy(buf, reqctx->scratch_pad, reqctx->b0_len);
buf += reqctx->b0_len;
}
@@ -2489,7 +2483,7 @@ void chcr_add_aead_src_ent(struct aead_request *req,
buf, req->cryptlen, req->assoclen);
} else {
ulptx_walk_init(&ulp_walk, ulptx);
- if (reqctx->b0_dma)
+ if (reqctx->b0_len)
ulptx_walk_add_page(&ulp_walk, reqctx->b0_len,
&reqctx->b0_dma);
ulptx_walk_add_sg(&ulp_walk, req->src, assoclen, 0);
@@ -2503,7 +2497,6 @@ void chcr_add_aead_src_ent(struct aead_request *req,
void chcr_add_aead_dst_ent(struct aead_request *req,
struct cpl_rx_phys_dsgl *phys_cpl,
unsigned int assoclen,
- unsigned short op_type,
unsigned short qid)
{
struct chcr_aead_reqctx *reqctx = aead_request_ctx(req);
@@ -2513,32 +2506,30 @@ void chcr_add_aead_dst_ent(struct aead_request *req,
u32 temp;
dsgl_walk_init(&dsgl_walk, phys_cpl);
- if (reqctx->b0_dma)
+ if (reqctx->b0_len)
dsgl_walk_add_page(&dsgl_walk, reqctx->b0_len, &reqctx->b0_dma);
dsgl_walk_add_sg(&dsgl_walk, req->dst, assoclen, 0);
dsgl_walk_add_page(&dsgl_walk, IV, &reqctx->iv_dma);
- temp = req->cryptlen + (op_type ? -authsize : authsize);
+ temp = req->cryptlen + (reqctx->op ? -authsize : authsize);
dsgl_walk_add_sg(&dsgl_walk, req->dst, temp, req->assoclen);
dsgl_walk_end(&dsgl_walk, qid);
}
void chcr_add_cipher_src_ent(struct ablkcipher_request *req,
- struct ulptx_sgl *ulptx,
+ void *ulptx,
struct cipher_wr_param *wrparam)
{
struct ulptx_walk ulp_walk;
struct chcr_blkcipher_req_ctx *reqctx = ablkcipher_request_ctx(req);
+ u8 *buf = ulptx;
+ memcpy(buf, reqctx->iv, IV);
+ buf += IV;
if (reqctx->imm) {
- u8 *buf = (u8 *)ulptx;
-
- memcpy(buf, reqctx->iv, IV);
- buf += IV;
sg_pcopy_to_buffer(req->src, sg_nents(req->src),
buf, wrparam->bytes, reqctx->processed);
} else {
- ulptx_walk_init(&ulp_walk, ulptx);
- ulptx_walk_add_page(&ulp_walk, IV, &reqctx->iv_dma);
+ ulptx_walk_init(&ulp_walk, (struct ulptx_sgl *)buf);
ulptx_walk_add_sg(&ulp_walk, reqctx->srcsg, wrparam->bytes,
reqctx->src_ofst);
reqctx->srcsg = ulp_walk.last_sg;
@@ -2556,7 +2547,6 @@ void chcr_add_cipher_dst_ent(struct ablkcipher_request *req,
struct dsgl_walk dsgl_walk;
dsgl_walk_init(&dsgl_walk, phys_cpl);
- dsgl_walk_add_page(&dsgl_walk, IV, &reqctx->iv_dma);
dsgl_walk_add_sg(&dsgl_walk, reqctx->dstsg, wrparam->bytes,
reqctx->dst_ofst);
reqctx->dstsg = dsgl_walk.last_sg;
@@ -2630,12 +2620,6 @@ int chcr_cipher_dma_map(struct device *dev,
struct ablkcipher_request *req)
{
int error;
- struct chcr_blkcipher_req_ctx *reqctx = ablkcipher_request_ctx(req);
-
- reqctx->iv_dma = dma_map_single(dev, reqctx->iv, IV,
- DMA_BIDIRECTIONAL);
- if (dma_mapping_error(dev, reqctx->iv_dma))
- return -ENOMEM;
if (req->src == req->dst) {
error = dma_map_sg(dev, req->src, sg_nents(req->src),
@@ -2658,17 +2642,12 @@ int chcr_cipher_dma_map(struct device *dev,
return 0;
err:
- dma_unmap_single(dev, reqctx->iv_dma, IV, DMA_BIDIRECTIONAL);
return -ENOMEM;
}
void chcr_cipher_dma_unmap(struct device *dev,
struct ablkcipher_request *req)
{
- struct chcr_blkcipher_req_ctx *reqctx = ablkcipher_request_ctx(req);
-
- dma_unmap_single(dev, reqctx->iv_dma, IV,
- DMA_BIDIRECTIONAL);
if (req->src == req->dst) {
dma_unmap_sg(dev, req->src, sg_nents(req->src),
DMA_BIDIRECTIONAL);
@@ -2738,7 +2717,8 @@ static inline int crypto_ccm_check_iv(const u8 *iv)
static int ccm_format_packet(struct aead_request *req,
struct chcr_aead_ctx *aeadctx,
unsigned int sub_type,
- unsigned short op_type)
+ unsigned short op_type,
+ unsigned int assoclen)
{
struct chcr_aead_reqctx *reqctx = aead_request_ctx(req);
int rc = 0;
@@ -2748,13 +2728,13 @@ static int ccm_format_packet(struct aead_request *req,
memcpy(reqctx->iv + 1, &aeadctx->salt[0], 3);
memcpy(reqctx->iv + 4, req->iv, 8);
memset(reqctx->iv + 12, 0, 4);
- *((unsigned short *)(reqctx->scratch_pad + 16)) =
- htons(req->assoclen - 8);
} else {
memcpy(reqctx->iv, req->iv, 16);
- *((unsigned short *)(reqctx->scratch_pad + 16)) =
- htons(req->assoclen);
}
+ if (assoclen)
+ *((unsigned short *)(reqctx->scratch_pad + 16)) =
+ htons(assoclen);
+
generate_b0(req, aeadctx, op_type);
/* zero the ctr value */
memset(reqctx->iv + 15 - reqctx->iv[0], 0, reqctx->iv[0] + 1);
@@ -2836,8 +2816,7 @@ static int aead_ccm_validate_input(unsigned short op_type,
static struct sk_buff *create_aead_ccm_wr(struct aead_request *req,
unsigned short qid,
- int size,
- unsigned short op_type)
+ int size)
{
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
struct chcr_aead_ctx *aeadctx = AEAD_CTX(a_ctx(tfm));
@@ -2855,22 +2834,20 @@ static struct sk_buff *create_aead_ccm_wr(struct aead_request *req,
GFP_ATOMIC;
struct adapter *adap = padap(a_ctx(tfm)->dev);
- reqctx->b0_dma = 0;
sub_type = get_aead_subtype(tfm);
if (sub_type == CRYPTO_ALG_SUB_TYPE_AEAD_RFC4309)
assoclen -= 8;
- error = chcr_aead_common_init(req, op_type);
+ reqctx->b0_len = CCM_B0_SIZE + (assoclen ? CCM_AAD_FIELD_SIZE : 0);
+ error = chcr_aead_common_init(req);
if (error)
return ERR_PTR(error);
-
- reqctx->b0_len = CCM_B0_SIZE + (assoclen ? CCM_AAD_FIELD_SIZE : 0);
- error = aead_ccm_validate_input(op_type, req, aeadctx, sub_type);
+ error = aead_ccm_validate_input(reqctx->op, req, aeadctx, sub_type);
if (error)
goto err;
dnents = sg_nents_xlen(req->dst, assoclen, CHCR_DST_SG_SIZE, 0);
dnents += sg_nents_xlen(req->dst, req->cryptlen
- + (op_type ? -authsize : authsize),
+ + (reqctx->op ? -authsize : authsize),
CHCR_DST_SG_SIZE, req->assoclen);
dnents += MIN_CCM_SG; // For IV and B0
dst_size = get_space_for_phys_dsgl(dnents);
@@ -2886,11 +2863,10 @@ static struct sk_buff *create_aead_ccm_wr(struct aead_request *req,
transhdr_len = roundup(transhdr_len, 16);
if (chcr_aead_need_fallback(req, dnents, T6_MAX_AAD_SIZE -
- reqctx->b0_len, transhdr_len, op_type)) {
+ reqctx->b0_len, transhdr_len, reqctx->op)) {
atomic_inc(&adap->chcr_stats.fallback);
- chcr_aead_dma_unmap(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev, req,
- op_type);
- return ERR_PTR(chcr_aead_fallback(req, op_type));
+ chcr_aead_common_exit(req);
+ return ERR_PTR(chcr_aead_fallback(req, reqctx->op));
}
skb = alloc_skb(SGE_MAX_WR_LEN, flags);
@@ -2901,7 +2877,7 @@ static struct sk_buff *create_aead_ccm_wr(struct aead_request *req,
chcr_req = (struct chcr_wr *) __skb_put_zero(skb, transhdr_len);
- fill_sec_cpl_for_aead(&chcr_req->sec_cpl, dst_size, req, op_type);
+ fill_sec_cpl_for_aead(&chcr_req->sec_cpl, dst_size, req, reqctx->op);
chcr_req->key_ctx.ctx_hdr = aeadctx->key_ctx_hdr;
memcpy(chcr_req->key_ctx.key, aeadctx->key, aeadctx->enckey_len);
@@ -2910,21 +2886,11 @@ static struct sk_buff *create_aead_ccm_wr(struct aead_request *req,
phys_cpl = (struct cpl_rx_phys_dsgl *)((u8 *)(chcr_req + 1) + kctx_len);
ulptx = (struct ulptx_sgl *)((u8 *)(phys_cpl + 1) + dst_size);
- error = ccm_format_packet(req, aeadctx, sub_type, op_type);
+ error = ccm_format_packet(req, aeadctx, sub_type, reqctx->op, assoclen);
if (error)
goto dstmap_fail;
-
- reqctx->b0_dma = dma_map_single(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev,
- &reqctx->scratch_pad, reqctx->b0_len,
- DMA_BIDIRECTIONAL);
- if (dma_mapping_error(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev,
- reqctx->b0_dma)) {
- error = -ENOMEM;
- goto dstmap_fail;
- }
-
- chcr_add_aead_dst_ent(req, phys_cpl, assoclen, op_type, qid);
- chcr_add_aead_src_ent(req, ulptx, assoclen, op_type);
+ chcr_add_aead_dst_ent(req, phys_cpl, assoclen, qid);
+ chcr_add_aead_src_ent(req, ulptx, assoclen);
atomic_inc(&adap->chcr_stats.aead_rqst);
temp = sizeof(struct cpl_rx_phys_dsgl) + dst_size +
@@ -2933,20 +2899,18 @@ static struct sk_buff *create_aead_ccm_wr(struct aead_request *req,
create_wreq(a_ctx(tfm), chcr_req, &req->base, reqctx->imm, 0,
transhdr_len, temp, 0);
reqctx->skb = skb;
- reqctx->op = op_type;
return skb;
dstmap_fail:
kfree_skb(skb);
err:
- chcr_aead_dma_unmap(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev, req, op_type);
+ chcr_aead_common_exit(req);
return ERR_PTR(error);
}
static struct sk_buff *create_gcm_wr(struct aead_request *req,
unsigned short qid,
- int size,
- unsigned short op_type)
+ int size)
{
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
struct chcr_aead_ctx *aeadctx = AEAD_CTX(a_ctx(tfm));
@@ -2966,13 +2930,13 @@ static struct sk_buff *create_gcm_wr(struct aead_request *req,
if (get_aead_subtype(tfm) == CRYPTO_ALG_SUB_TYPE_AEAD_RFC4106)
assoclen = req->assoclen - 8;
- reqctx->b0_dma = 0;
- error = chcr_aead_common_init(req, op_type);
+ reqctx->b0_len = 0;
+ error = chcr_aead_common_init(req);
if (error)
return ERR_PTR(error);
dnents = sg_nents_xlen(req->dst, assoclen, CHCR_DST_SG_SIZE, 0);
dnents += sg_nents_xlen(req->dst, req->cryptlen +
- (op_type ? -authsize : authsize),
+ (reqctx->op ? -authsize : authsize),
CHCR_DST_SG_SIZE, req->assoclen);
dnents += MIN_GCM_SG; // For IV
dst_size = get_space_for_phys_dsgl(dnents);
@@ -2986,11 +2950,11 @@ static struct sk_buff *create_gcm_wr(struct aead_request *req,
transhdr_len += temp;
transhdr_len = roundup(transhdr_len, 16);
if (chcr_aead_need_fallback(req, dnents, T6_MAX_AAD_SIZE,
- transhdr_len, op_type)) {
+ transhdr_len, reqctx->op)) {
+
atomic_inc(&adap->chcr_stats.fallback);
- chcr_aead_dma_unmap(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev, req,
- op_type);
- return ERR_PTR(chcr_aead_fallback(req, op_type));
+ chcr_aead_common_exit(req);
+ return ERR_PTR(chcr_aead_fallback(req, reqctx->op));
}
skb = alloc_skb(SGE_MAX_WR_LEN, flags);
if (!skb) {
@@ -3001,7 +2965,7 @@ static struct sk_buff *create_gcm_wr(struct aead_request *req,
chcr_req = __skb_put_zero(skb, transhdr_len);
//Offset of tag from end
- temp = (op_type == CHCR_ENCRYPT_OP) ? 0 : authsize;
+ temp = (reqctx->op == CHCR_ENCRYPT_OP) ? 0 : authsize;
chcr_req->sec_cpl.op_ivinsrtofst = FILL_SEC_CPL_OP_IVINSR(
a_ctx(tfm)->dev->rx_channel_id, 2,
(assoclen + 1));
@@ -3014,7 +2978,7 @@ static struct sk_buff *create_gcm_wr(struct aead_request *req,
FILL_SEC_CPL_AUTHINSERT(0, assoclen + IV + 1,
temp, temp);
chcr_req->sec_cpl.seqno_numivs =
- FILL_SEC_CPL_SCMD0_SEQNO(op_type, (op_type ==
+ FILL_SEC_CPL_SCMD0_SEQNO(reqctx->op, (reqctx->op ==
CHCR_ENCRYPT_OP) ? 1 : 0,
CHCR_SCMD_CIPHER_MODE_AES_GCM,
CHCR_SCMD_AUTH_MODE_GHASH,
@@ -3040,19 +3004,18 @@ static struct sk_buff *create_gcm_wr(struct aead_request *req,
phys_cpl = (struct cpl_rx_phys_dsgl *)((u8 *)(chcr_req + 1) + kctx_len);
ulptx = (struct ulptx_sgl *)((u8 *)(phys_cpl + 1) + dst_size);
- chcr_add_aead_dst_ent(req, phys_cpl, assoclen, op_type, qid);
- chcr_add_aead_src_ent(req, ulptx, assoclen, op_type);
+ chcr_add_aead_dst_ent(req, phys_cpl, assoclen, qid);
+ chcr_add_aead_src_ent(req, ulptx, assoclen);
atomic_inc(&adap->chcr_stats.aead_rqst);
temp = sizeof(struct cpl_rx_phys_dsgl) + dst_size +
kctx_len + (reqctx->imm ? (assoclen + IV + req->cryptlen) : 0);
create_wreq(a_ctx(tfm), chcr_req, &req->base, reqctx->imm, size,
transhdr_len, temp, reqctx->verify);
reqctx->skb = skb;
- reqctx->op = op_type;
return skb;
err:
- chcr_aead_dma_unmap(&ULD_CTX(a_ctx(tfm))->lldi.pdev->dev, req, op_type);
+ chcr_aead_common_exit(req);
return ERR_PTR(error);
}
@@ -3461,6 +3424,7 @@ static int chcr_authenc_setkey(struct crypto_aead *authenc, const u8 *key,
}
{
SHASH_DESC_ON_STACK(shash, base_hash);
+
shash->tfm = base_hash;
shash->flags = crypto_shash_get_flags(base_hash);
bs = crypto_shash_blocksize(base_hash);
@@ -3585,13 +3549,13 @@ out:
}
static int chcr_aead_op(struct aead_request *req,
- unsigned short op_type,
int size,
create_wr_t create_wr_fn)
{
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
struct uld_ctx *u_ctx;
struct sk_buff *skb;
+ int isfull = 0;
if (!a_ctx(tfm)->dev) {
pr_err("chcr : %s : No crypto device.\n", __func__);
@@ -3600,13 +3564,13 @@ static int chcr_aead_op(struct aead_request *req,
u_ctx = ULD_CTX(a_ctx(tfm));
if (cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0],
a_ctx(tfm)->tx_qidx)) {
+ isfull = 1;
if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG))
- return -EBUSY;
+ return -ENOSPC;
}
/* Form a WR from req */
- skb = create_wr_fn(req, u_ctx->lldi.rxq_ids[a_ctx(tfm)->rx_qidx], size,
- op_type);
+ skb = create_wr_fn(req, u_ctx->lldi.rxq_ids[a_ctx(tfm)->rx_qidx], size);
if (IS_ERR(skb) || !skb)
return PTR_ERR(skb);
@@ -3614,7 +3578,7 @@ static int chcr_aead_op(struct aead_request *req,
skb->dev = u_ctx->lldi.ports[0];
set_wr_txq(skb, CPL_PRIORITY_DATA, a_ctx(tfm)->tx_qidx);
chcr_send_wr(skb);
- return -EINPROGRESS;
+ return isfull ? -EBUSY : -EINPROGRESS;
}
static int chcr_aead_encrypt(struct aead_request *req)
@@ -3623,21 +3587,19 @@ static int chcr_aead_encrypt(struct aead_request *req)
struct chcr_aead_reqctx *reqctx = aead_request_ctx(req);
reqctx->verify = VERIFY_HW;
+ reqctx->op = CHCR_ENCRYPT_OP;
switch (get_aead_subtype(tfm)) {
case CRYPTO_ALG_SUB_TYPE_CTR_SHA:
case CRYPTO_ALG_SUB_TYPE_CBC_SHA:
case CRYPTO_ALG_SUB_TYPE_CBC_NULL:
case CRYPTO_ALG_SUB_TYPE_CTR_NULL:
- return chcr_aead_op(req, CHCR_ENCRYPT_OP, 0,
- create_authenc_wr);
+ return chcr_aead_op(req, 0, create_authenc_wr);
case CRYPTO_ALG_SUB_TYPE_AEAD_CCM:
case CRYPTO_ALG_SUB_TYPE_AEAD_RFC4309:
- return chcr_aead_op(req, CHCR_ENCRYPT_OP, 0,
- create_aead_ccm_wr);
+ return chcr_aead_op(req, 0, create_aead_ccm_wr);
default:
- return chcr_aead_op(req, CHCR_ENCRYPT_OP, 0,
- create_gcm_wr);
+ return chcr_aead_op(req, 0, create_gcm_wr);
}
}
@@ -3655,21 +3617,18 @@ static int chcr_aead_decrypt(struct aead_request *req)
size = 0;
reqctx->verify = VERIFY_HW;
}
-
+ reqctx->op = CHCR_DECRYPT_OP;
switch (get_aead_subtype(tfm)) {
case CRYPTO_ALG_SUB_TYPE_CBC_SHA:
case CRYPTO_ALG_SUB_TYPE_CTR_SHA:
case CRYPTO_ALG_SUB_TYPE_CBC_NULL:
case CRYPTO_ALG_SUB_TYPE_CTR_NULL:
- return chcr_aead_op(req, CHCR_DECRYPT_OP, size,
- create_authenc_wr);
+ return chcr_aead_op(req, size, create_authenc_wr);
case CRYPTO_ALG_SUB_TYPE_AEAD_CCM:
case CRYPTO_ALG_SUB_TYPE_AEAD_RFC4309:
- return chcr_aead_op(req, CHCR_DECRYPT_OP, size,
- create_aead_ccm_wr);
+ return chcr_aead_op(req, size, create_aead_ccm_wr);
default:
- return chcr_aead_op(req, CHCR_DECRYPT_OP, size,
- create_gcm_wr);
+ return chcr_aead_op(req, size, create_gcm_wr);
}
}
diff --git a/drivers/crypto/chelsio/chcr_algo.h b/drivers/crypto/chelsio/chcr_algo.h
index dba3dff1e209..1871500309e2 100644
--- a/drivers/crypto/chelsio/chcr_algo.h
+++ b/drivers/crypto/chelsio/chcr_algo.h
@@ -146,7 +146,7 @@
kctx_len)
#define CIPHER_TRANSHDR_SIZE(kctx_len, sge_pairs) \
(TRANSHDR_SIZE((kctx_len)) + (sge_pairs) +\
- sizeof(struct cpl_rx_phys_dsgl))
+ sizeof(struct cpl_rx_phys_dsgl) + AES_BLOCK_SIZE)
#define HASH_TRANSHDR_SIZE(kctx_len)\
(TRANSHDR_SIZE(kctx_len) + DUMMY_BYTES)
@@ -259,7 +259,6 @@
ULP_TX_SC_MORE_V((immdatalen)))
#define MAX_NK 8
#define MAX_DSGL_ENT 32
-#define MIN_CIPHER_SG 1 /* IV */
#define MIN_AUTH_SG 1 /* IV */
#define MIN_GCM_SG 1 /* IV */
#define MIN_DIGEST_SG 1 /*Partial Buffer*/
diff --git a/drivers/crypto/chelsio/chcr_core.h b/drivers/crypto/chelsio/chcr_core.h
index 1a20424e18c6..de3a9c085daf 100644
--- a/drivers/crypto/chelsio/chcr_core.h
+++ b/drivers/crypto/chelsio/chcr_core.h
@@ -56,7 +56,7 @@
#define MAX_SALT 4
#define CIP_WR_MIN_LEN (sizeof(struct chcr_wr) + \
sizeof(struct cpl_rx_phys_dsgl) + \
- sizeof(struct ulptx_sgl))
+ sizeof(struct ulptx_sgl) + 16) //IV
#define HASH_WR_MIN_LEN (sizeof(struct chcr_wr) + \
DUMMY_BYTES + \
diff --git a/drivers/crypto/chelsio/chcr_crypto.h b/drivers/crypto/chelsio/chcr_crypto.h
index c8e8972af283..54835cb109e5 100644
--- a/drivers/crypto/chelsio/chcr_crypto.h
+++ b/drivers/crypto/chelsio/chcr_crypto.h
@@ -190,8 +190,8 @@ struct chcr_aead_reqctx {
short int dst_nents;
u16 imm;
u16 verify;
- u8 iv[CHCR_MAX_CRYPTO_IV_LEN];
- unsigned char scratch_pad[MAX_SCRATCH_PAD_SIZE];
+ u8 iv[CHCR_MAX_CRYPTO_IV_LEN + MAX_SCRATCH_PAD_SIZE];
+ u8 *scratch_pad;
};
struct ulptx_walk {
@@ -295,7 +295,6 @@ struct chcr_blkcipher_req_ctx {
unsigned int src_ofst;
unsigned int dst_ofst;
unsigned int op;
- dma_addr_t iv_dma;
u16 imm;
u8 iv[CHCR_MAX_CRYPTO_IV_LEN];
};
@@ -312,8 +311,7 @@ struct chcr_alg_template {
typedef struct sk_buff *(*create_wr_t)(struct aead_request *req,
unsigned short qid,
- int size,
- unsigned short op_type);
+ int size);
void chcr_verify_tag(struct aead_request *req, u8 *input, int *err);
int chcr_aead_dma_map(struct device *dev, struct aead_request *req,
@@ -322,12 +320,12 @@ void chcr_aead_dma_unmap(struct device *dev, struct aead_request *req,
unsigned short op_type);
void chcr_add_aead_dst_ent(struct aead_request *req,
struct cpl_rx_phys_dsgl *phys_cpl,
- unsigned int assoclen, unsigned short op_type,
+ unsigned int assoclen,
unsigned short qid);
void chcr_add_aead_src_ent(struct aead_request *req, struct ulptx_sgl *ulptx,
- unsigned int assoclen, unsigned short op_type);
+ unsigned int assoclen);
void chcr_add_cipher_src_ent(struct ablkcipher_request *req,
- struct ulptx_sgl *ulptx,
+ void *ulptx,
struct cipher_wr_param *wrparam);
int chcr_cipher_dma_map(struct device *dev, struct ablkcipher_request *req);
void chcr_cipher_dma_unmap(struct device *dev, struct ablkcipher_request *req);
@@ -340,4 +338,5 @@ void chcr_add_hash_src_ent(struct ahash_request *req, struct ulptx_sgl *ulptx,
struct hash_wr_param *param);
int chcr_hash_dma_map(struct device *dev, struct ahash_request *req);
void chcr_hash_dma_unmap(struct device *dev, struct ahash_request *req);
+void chcr_aead_common_exit(struct aead_request *req);
#endif /* __CHCR_CRYPTO_H__ */
diff --git a/drivers/crypto/chelsio/chcr_ipsec.c b/drivers/crypto/chelsio/chcr_ipsec.c
index 8e0aa3f175c9..461b97e2f1fd 100644
--- a/drivers/crypto/chelsio/chcr_ipsec.c
+++ b/drivers/crypto/chelsio/chcr_ipsec.c
@@ -346,18 +346,23 @@ inline void *copy_cpltx_pktxt(struct sk_buff *skb,
struct net_device *dev,
void *pos)
{
+ struct cpl_tx_pkt_core *cpl;
+ struct sge_eth_txq *q;
struct adapter *adap;
struct port_info *pi;
- struct sge_eth_txq *q;
- struct cpl_tx_pkt_core *cpl;
- u64 cntrl = 0;
u32 ctrl0, qidx;
+ u64 cntrl = 0;
+ int left;
pi = netdev_priv(dev);
adap = pi->adapter;
qidx = skb->queue_mapping;
q = &adap->sge.ethtxq[qidx + pi->first_qset];
+ left = (void *)q->q.stat - pos;
+ if (!left)
+ pos = q->q.desc;
+
cpl = (struct cpl_tx_pkt_core *)pos;
cntrl = TXPKT_L4CSUM_DIS_F | TXPKT_IPCSUM_DIS_F;
@@ -382,18 +387,17 @@ inline void *copy_key_cpltx_pktxt(struct sk_buff *skb,
void *pos,
struct ipsec_sa_entry *sa_entry)
{
- struct adapter *adap;
- struct port_info *pi;
- struct sge_eth_txq *q;
- unsigned int len, qidx;
struct _key_ctx *key_ctx;
int left, eoq, key_len;
+ struct sge_eth_txq *q;
+ struct adapter *adap;
+ struct port_info *pi;
+ unsigned int qidx;
pi = netdev_priv(dev);
adap = pi->adapter;
qidx = skb->queue_mapping;
q = &adap->sge.ethtxq[qidx + pi->first_qset];
- len = sa_entry->enckey_len + sizeof(struct cpl_tx_pkt_core);
key_len = sa_entry->kctx_len;
/* end of queue, reset pos to start of queue */
@@ -411,19 +415,14 @@ inline void *copy_key_cpltx_pktxt(struct sk_buff *skb,
pos += sizeof(struct _key_ctx);
left -= sizeof(struct _key_ctx);
- if (likely(len <= left)) {
+ if (likely(key_len <= left)) {
memcpy(key_ctx->key, sa_entry->key, key_len);
pos += key_len;
} else {
- if (key_len <= left) {
- memcpy(pos, sa_entry->key, key_len);
- pos += key_len;
- } else {
- memcpy(pos, sa_entry->key, left);
- memcpy(q->q.desc, sa_entry->key + left,
- key_len - left);
- pos = (u8 *)q->q.desc + (key_len - left);
- }
+ memcpy(pos, sa_entry->key, left);
+ memcpy(q->q.desc, sa_entry->key + left,
+ key_len - left);
+ pos = (u8 *)q->q.desc + (key_len - left);
}
/* Copy CPL TX PKT XT */
pos = copy_cpltx_pktxt(skb, dev, pos);
diff --git a/drivers/crypto/chelsio/chtls/chtls.h b/drivers/crypto/chelsio/chtls/chtls.h
index f4b8f1ec0061..a53a0e6ba024 100644
--- a/drivers/crypto/chelsio/chtls/chtls.h
+++ b/drivers/crypto/chelsio/chtls/chtls.h
@@ -67,11 +67,6 @@ enum {
CPL_RET_UNKNOWN_TID = 4 /* unexpected unknown TID */
};
-#define TLS_RCV_ST_READ_HEADER 0xF0
-#define TLS_RCV_ST_READ_BODY 0xF1
-#define TLS_RCV_ST_READ_DONE 0xF2
-#define TLS_RCV_ST_READ_NB 0xF3
-
#define LISTEN_INFO_HASH_SIZE 32
#define RSPQ_HASH_BITS 5
struct listen_info {
@@ -149,6 +144,7 @@ struct chtls_dev {
struct list_head rcu_node;
struct list_head na_node;
unsigned int send_page_order;
+ int max_host_sndbuf;
struct key_map kmap;
};
@@ -278,6 +274,7 @@ struct tlsrx_cmp_hdr {
#define TLSRX_HDR_PKT_MAC_ERROR_F TLSRX_HDR_PKT_MAC_ERROR_V(1U)
#define TLSRX_HDR_PKT_ERROR_M 0x1F
+#define CONTENT_TYPE_ERROR 0x7F
struct ulp_mem_rw {
__be32 cmd;
@@ -347,8 +344,8 @@ enum {
ULPCB_FLAG_HOLD = 1 << 3, /* skb not ready for Tx yet */
ULPCB_FLAG_COMPL = 1 << 4, /* request WR completion */
ULPCB_FLAG_URG = 1 << 5, /* urgent data */
- ULPCB_FLAG_TLS_ND = 1 << 6, /* payload of zero length */
- ULPCB_FLAG_NO_HDR = 1 << 7, /* not a ofld wr */
+ ULPCB_FLAG_TLS_HDR = 1 << 6, /* payload with tls hdr */
+ ULPCB_FLAG_NO_HDR = 1 << 7, /* not a ofld wr */
};
/* The ULP mode/submode of an skbuff */
diff --git a/drivers/crypto/chelsio/chtls/chtls_cm.c b/drivers/crypto/chelsio/chtls/chtls_cm.c
index 82a473a0cefa..2bb6f0380758 100644
--- a/drivers/crypto/chelsio/chtls/chtls_cm.c
+++ b/drivers/crypto/chelsio/chtls/chtls_cm.c
@@ -1537,6 +1537,10 @@ static int chtls_rx_data(struct chtls_dev *cdev, struct sk_buff *skb)
struct sock *sk;
sk = lookup_tid(cdev->tids, hwtid);
+ if (unlikely(!sk)) {
+ pr_err("can't find conn. for hwtid %u.\n", hwtid);
+ return -EINVAL;
+ }
skb_dst_set(skb, NULL);
process_cpl_msg(chtls_recv_data, sk, skb);
return 0;
@@ -1585,6 +1589,10 @@ static int chtls_rx_pdu(struct chtls_dev *cdev, struct sk_buff *skb)
struct sock *sk;
sk = lookup_tid(cdev->tids, hwtid);
+ if (unlikely(!sk)) {
+ pr_err("can't find conn. for hwtid %u.\n", hwtid);
+ return -EINVAL;
+ }
skb_dst_set(skb, NULL);
process_cpl_msg(chtls_recv_pdu, sk, skb);
return 0;
@@ -1600,12 +1608,14 @@ static void chtls_set_hdrlen(struct sk_buff *skb, unsigned int nlen)
static void chtls_rx_hdr(struct sock *sk, struct sk_buff *skb)
{
- struct cpl_rx_tls_cmp *cmp_cpl = cplhdr(skb);
+ struct tlsrx_cmp_hdr *tls_hdr_pkt;
+ struct cpl_rx_tls_cmp *cmp_cpl;
struct sk_buff *skb_rec;
struct chtls_sock *csk;
struct chtls_hws *tlsk;
struct tcp_sock *tp;
+ cmp_cpl = cplhdr(skb);
csk = rcu_dereference_sk_user_data(sk);
tlsk = &csk->tlshws;
tp = tcp_sk(sk);
@@ -1615,16 +1625,18 @@ static void chtls_rx_hdr(struct sock *sk, struct sk_buff *skb)
skb_reset_transport_header(skb);
__skb_pull(skb, sizeof(*cmp_cpl));
+ tls_hdr_pkt = (struct tlsrx_cmp_hdr *)skb->data;
+ if (tls_hdr_pkt->res_to_mac_error & TLSRX_HDR_PKT_ERROR_M)
+ tls_hdr_pkt->type = CONTENT_TYPE_ERROR;
if (!skb->data_len)
- __skb_trim(skb, CPL_RX_TLS_CMP_LENGTH_G
- (ntohl(cmp_cpl->pdulength_length)));
+ __skb_trim(skb, TLS_HEADER_LENGTH);
tp->rcv_nxt +=
CPL_RX_TLS_CMP_PDULENGTH_G(ntohl(cmp_cpl->pdulength_length));
+ ULP_SKB_CB(skb)->flags |= ULPCB_FLAG_TLS_HDR;
skb_rec = __skb_dequeue(&tlsk->sk_recv_queue);
if (!skb_rec) {
- ULP_SKB_CB(skb)->flags |= ULPCB_FLAG_TLS_ND;
__skb_queue_tail(&sk->sk_receive_queue, skb);
} else {
chtls_set_hdrlen(skb, tlsk->pldlen);
@@ -1646,6 +1658,10 @@ static int chtls_rx_cmp(struct chtls_dev *cdev, struct sk_buff *skb)
struct sock *sk;
sk = lookup_tid(cdev->tids, hwtid);
+ if (unlikely(!sk)) {
+ pr_err("can't find conn. for hwtid %u.\n", hwtid);
+ return -EINVAL;
+ }
skb_dst_set(skb, NULL);
process_cpl_msg(chtls_rx_hdr, sk, skb);
@@ -2105,6 +2121,10 @@ static int chtls_wr_ack(struct chtls_dev *cdev, struct sk_buff *skb)
struct sock *sk;
sk = lookup_tid(cdev->tids, hwtid);
+ if (unlikely(!sk)) {
+ pr_err("can't find conn. for hwtid %u.\n", hwtid);
+ return -EINVAL;
+ }
process_cpl_msg(chtls_rx_ack, sk, skb);
return 0;
diff --git a/drivers/crypto/chelsio/chtls/chtls_hw.c b/drivers/crypto/chelsio/chtls/chtls_hw.c
index 54a13aa99121..55d50140f9e5 100644
--- a/drivers/crypto/chelsio/chtls/chtls_hw.c
+++ b/drivers/crypto/chelsio/chtls/chtls_hw.c
@@ -213,7 +213,7 @@ static int chtls_key_info(struct chtls_sock *csk,
struct _key_ctx *kctx,
u32 keylen, u32 optname)
{
- unsigned char key[CHCR_KEYCTX_CIPHER_KEY_SIZE_256];
+ unsigned char key[AES_KEYSIZE_128];
struct tls12_crypto_info_aes_gcm_128 *gcm_ctx;
unsigned char ghash_h[AEAD_H_SIZE];
struct crypto_cipher *cipher;
@@ -228,10 +228,6 @@ static int chtls_key_info(struct chtls_sock *csk,
if (keylen == AES_KEYSIZE_128) {
ck_size = CHCR_KEYCTX_CIPHER_KEY_SIZE_128;
- } else if (keylen == AES_KEYSIZE_192) {
- ck_size = CHCR_KEYCTX_CIPHER_KEY_SIZE_192;
- } else if (keylen == AES_KEYSIZE_256) {
- ck_size = CHCR_KEYCTX_CIPHER_KEY_SIZE_256;
} else {
pr_err("GCM: Invalid key length %d\n", keylen);
return -EINVAL;
diff --git a/drivers/crypto/chelsio/chtls/chtls_io.c b/drivers/crypto/chelsio/chtls/chtls_io.c
index 5a75be43950f..51fc6821cbbf 100644
--- a/drivers/crypto/chelsio/chtls/chtls_io.c
+++ b/drivers/crypto/chelsio/chtls/chtls_io.c
@@ -907,11 +907,83 @@ static int chtls_skb_copy_to_page_nocache(struct sock *sk,
}
/* Read TLS header to find content type and data length */
-static u16 tls_header_read(struct tls_hdr *thdr, struct iov_iter *from)
+static int tls_header_read(struct tls_hdr *thdr, struct iov_iter *from)
{
if (copy_from_iter(thdr, sizeof(*thdr), from) != sizeof(*thdr))
return -EFAULT;
- return (__force u16)cpu_to_be16(thdr->length);
+ return (__force int)cpu_to_be16(thdr->length);
+}
+
+static int csk_mem_free(struct chtls_dev *cdev, struct sock *sk)
+{
+ return (cdev->max_host_sndbuf - sk->sk_wmem_queued);
+}
+
+static int csk_wait_memory(struct chtls_dev *cdev,
+ struct sock *sk, long *timeo_p)
+{
+ DEFINE_WAIT_FUNC(wait, woken_wake_function);
+ int sndbuf, err = 0;
+ long current_timeo;
+ long vm_wait = 0;
+ bool noblock;
+
+ current_timeo = *timeo_p;
+ noblock = (*timeo_p ? false : true);
+ sndbuf = cdev->max_host_sndbuf;
+ if (csk_mem_free(cdev, sk)) {
+ current_timeo = (prandom_u32() % (HZ / 5)) + 2;
+ vm_wait = (prandom_u32() % (HZ / 5)) + 2;
+ }
+
+ add_wait_queue(sk_sleep(sk), &wait);
+ while (1) {
+ sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
+
+ if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
+ goto do_error;
+ if (!*timeo_p) {
+ if (noblock)
+ set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
+ goto do_nonblock;
+ }
+ if (signal_pending(current))
+ goto do_interrupted;
+ sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
+ if (csk_mem_free(cdev, sk) && !vm_wait)
+ break;
+
+ set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
+ sk->sk_write_pending++;
+ sk_wait_event(sk, &current_timeo, sk->sk_err ||
+ (sk->sk_shutdown & SEND_SHUTDOWN) ||
+ (csk_mem_free(cdev, sk) && !vm_wait), &wait);
+ sk->sk_write_pending--;
+
+ if (vm_wait) {
+ vm_wait -= current_timeo;
+ current_timeo = *timeo_p;
+ if (current_timeo != MAX_SCHEDULE_TIMEOUT) {
+ current_timeo -= vm_wait;
+ if (current_timeo < 0)
+ current_timeo = 0;
+ }
+ vm_wait = 0;
+ }
+ *timeo_p = current_timeo;
+ }
+do_rm_wq:
+ remove_wait_queue(sk_sleep(sk), &wait);
+ return err;
+do_error:
+ err = -EPIPE;
+ goto do_rm_wq;
+do_nonblock:
+ err = -EAGAIN;
+ goto do_rm_wq;
+do_interrupted:
+ err = sock_intr_errno(*timeo_p);
+ goto do_rm_wq;
}
int chtls_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
@@ -952,6 +1024,8 @@ int chtls_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
copy = mss - skb->len;
skb->ip_summed = CHECKSUM_UNNECESSARY;
}
+ if (!csk_mem_free(cdev, sk))
+ goto wait_for_sndbuf;
if (is_tls_tx(csk) && !csk->tlshws.txleft) {
struct tls_hdr hdr;
@@ -1009,9 +1083,10 @@ new_buf:
int off = TCP_OFF(sk);
bool merge;
- if (page)
- pg_size <<= compound_order(page);
+ if (!page)
+ goto wait_for_memory;
+ pg_size <<= compound_order(page);
if (off < pg_size &&
skb_can_coalesce(skb, i, page, off)) {
merge = 1;
@@ -1099,8 +1174,10 @@ copy:
if (ULP_SKB_CB(skb)->flags & ULPCB_FLAG_NO_APPEND)
push_frames_if_head(sk);
continue;
+wait_for_sndbuf:
+ set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
wait_for_memory:
- err = sk_stream_wait_memory(sk, &timeo);
+ err = csk_wait_memory(cdev, sk, &timeo);
if (err)
goto do_error;
}
@@ -1131,6 +1208,7 @@ int chtls_sendpage(struct sock *sk, struct page *page,
int offset, size_t size, int flags)
{
struct chtls_sock *csk;
+ struct chtls_dev *cdev;
int mss, err, copied;
struct tcp_sock *tp;
long timeo;
@@ -1138,6 +1216,7 @@ int chtls_sendpage(struct sock *sk, struct page *page,
tp = tcp_sk(sk);
copied = 0;
csk = rcu_dereference_sk_user_data(sk);
+ cdev = csk->cdev;
timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT);
err = sk_stream_wait_connect(sk, &timeo);
@@ -1152,10 +1231,11 @@ int chtls_sendpage(struct sock *sk, struct page *page,
struct sk_buff *skb = skb_peek_tail(&csk->txq);
int copy, i;
- copy = mss - skb->len;
if (!skb || (ULP_SKB_CB(skb)->flags & ULPCB_FLAG_NO_APPEND) ||
- copy <= 0) {
+ (copy = mss - skb->len) <= 0) {
new_buf:
+ if (!csk_mem_free(cdev, sk))
+ goto wait_for_sndbuf;
if (is_tls_tx(csk)) {
skb = get_record_skb(sk,
@@ -1167,7 +1247,7 @@ new_buf:
skb = get_tx_skb(sk, 0);
}
if (!skb)
- goto do_error;
+ goto wait_for_memory;
copy = mss;
}
if (copy > size)
@@ -1206,8 +1286,12 @@ new_buf:
if (unlikely(ULP_SKB_CB(skb)->flags & ULPCB_FLAG_NO_APPEND))
push_frames_if_head(sk);
continue;
-
+wait_for_sndbuf:
set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
+wait_for_memory:
+ err = csk_wait_memory(cdev, sk, &timeo);
+ if (err)
+ goto do_error;
}
out:
csk_reset_flag(csk, CSK_TX_MORE_DATA);
@@ -1409,7 +1493,7 @@ static int chtls_pt_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
break;
chtls_cleanup_rbuf(sk, copied);
sk_wait_data(sk, &timeo, NULL);
- continue;
+ continue;
found_ok_skb:
if (!skb->len) {
skb_dst_set(skb, NULL);
@@ -1449,31 +1533,13 @@ found_ok_skb:
}
}
}
- if (hws->rstate == TLS_RCV_ST_READ_BODY) {
- if (skb_copy_datagram_msg(skb, offset,
- msg, avail)) {
- if (!copied) {
- copied = -EFAULT;
- break;
- }
- }
- } else {
- struct tlsrx_cmp_hdr *tls_hdr_pkt =
- (struct tlsrx_cmp_hdr *)skb->data;
-
- if ((tls_hdr_pkt->res_to_mac_error &
- TLSRX_HDR_PKT_ERROR_M))
- tls_hdr_pkt->type = 0x7F;
-
- /* CMP pld len is for recv seq */
- hws->rcvpld = skb->hdr_len;
- if (skb_copy_datagram_msg(skb, offset, msg, avail)) {
- if (!copied) {
- copied = -EFAULT;
- break;
- }
+ if (skb_copy_datagram_msg(skb, offset, msg, avail)) {
+ if (!copied) {
+ copied = -EFAULT;
+ break;
}
}
+
copied += avail;
len -= avail;
hws->copied_seq += avail;
@@ -1481,32 +1547,20 @@ skip_copy:
if (tp->urg_data && after(tp->copied_seq, tp->urg_seq))
tp->urg_data = 0;
- if (hws->rstate == TLS_RCV_ST_READ_BODY &&
- (avail + offset) >= skb->len) {
+ if ((avail + offset) >= skb->len) {
if (likely(skb))
chtls_free_skb(sk, skb);
buffers_freed++;
- hws->rstate = TLS_RCV_ST_READ_HEADER;
- atomic_inc(&adap->chcr_stats.tls_pdu_rx);
- tp->copied_seq += hws->rcvpld;
+ if (ULP_SKB_CB(skb)->flags & ULPCB_FLAG_TLS_HDR) {
+ tp->copied_seq += skb->len;
+ hws->rcvpld = skb->hdr_len;
+ } else {
+ tp->copied_seq += hws->rcvpld;
+ }
hws->copied_seq = 0;
if (copied >= target &&
!skb_peek(&sk->sk_receive_queue))
break;
- } else {
- if (likely(skb)) {
- if (ULP_SKB_CB(skb)->flags &
- ULPCB_FLAG_TLS_ND)
- hws->rstate =
- TLS_RCV_ST_READ_HEADER;
- else
- hws->rstate =
- TLS_RCV_ST_READ_BODY;
- chtls_free_skb(sk, skb);
- }
- buffers_freed++;
- tp->copied_seq += avail;
- hws->copied_seq = 0;
}
} while (len > 0);
diff --git a/drivers/crypto/chelsio/chtls/chtls_main.c b/drivers/crypto/chelsio/chtls/chtls_main.c
index 007c45c38fc7..9b07f9165658 100644
--- a/drivers/crypto/chelsio/chtls/chtls_main.c
+++ b/drivers/crypto/chelsio/chtls/chtls_main.c
@@ -216,7 +216,6 @@ static void *chtls_uld_add(const struct cxgb4_lld_info *info)
cdev->lldi = lldi;
cdev->pdev = lldi->pdev;
cdev->tids = lldi->tids;
- cdev->ports = (struct net_device **)(cdev + 1);
cdev->ports = lldi->ports;
cdev->mtus = lldi->mtus;
cdev->tids = lldi->tids;
@@ -239,6 +238,7 @@ static void *chtls_uld_add(const struct cxgb4_lld_info *info)
spin_lock_init(&cdev->idr_lock);
cdev->send_page_order = min_t(uint, get_order(32768),
send_page_order);
+ cdev->max_host_sndbuf = 48 * 1024;
if (lldi->vr->key.size)
if (chtls_init_kmap(cdev, lldi))
@@ -250,7 +250,7 @@ static void *chtls_uld_add(const struct cxgb4_lld_info *info)
return cdev;
out_rspq_skb:
- for (j = 0; j <= i; j++)
+ for (j = 0; j < i; j++)
kfree_skb(cdev->rspq_skb_cache[j]);
kfree_skb(cdev->askb);
out_skb:
@@ -441,7 +441,7 @@ nomem:
static int do_chtls_getsockopt(struct sock *sk, char __user *optval,
int __user *optlen)
{
- struct tls_crypto_info crypto_info;
+ struct tls_crypto_info crypto_info = { 0 };
crypto_info.version = TLS_1_2_VERSION;
if (copy_to_user(optval, &crypto_info, sizeof(struct tls_crypto_info)))
@@ -491,9 +491,13 @@ static int do_chtls_setsockopt(struct sock *sk, int optname,
switch (tmp_crypto_info.cipher_type) {
case TLS_CIPHER_AES_GCM_128: {
- rc = copy_from_user(crypto_info, optval,
- sizeof(struct
- tls12_crypto_info_aes_gcm_128));
+ /* Obtain version and type from previous copy */
+ crypto_info[0] = tmp_crypto_info;
+ /* Now copy the following data */
+ rc = copy_from_user((char *)crypto_info + sizeof(*crypto_info),
+ optval + sizeof(*crypto_info),
+ sizeof(struct tls12_crypto_info_aes_gcm_128)
+ - sizeof(*crypto_info));
if (rc) {
rc = -EFAULT;
diff --git a/drivers/crypto/exynos-rng.c b/drivers/crypto/exynos-rng.c
index 86f5f459762e..2cfabb99cb6e 100644
--- a/drivers/crypto/exynos-rng.c
+++ b/drivers/crypto/exynos-rng.c
@@ -319,8 +319,7 @@ static int exynos_rng_remove(struct platform_device *pdev)
static int __maybe_unused exynos_rng_suspend(struct device *dev)
{
- struct platform_device *pdev = to_platform_device(dev);
- struct exynos_rng_dev *rng = platform_get_drvdata(pdev);
+ struct exynos_rng_dev *rng = dev_get_drvdata(dev);
int ret;
/* If we were never seeded then after resume it will be the same */
@@ -350,8 +349,7 @@ static int __maybe_unused exynos_rng_suspend(struct device *dev)
static int __maybe_unused exynos_rng_resume(struct device *dev)
{
- struct platform_device *pdev = to_platform_device(dev);
- struct exynos_rng_dev *rng = platform_get_drvdata(pdev);
+ struct exynos_rng_dev *rng = dev_get_drvdata(dev);
int ret;
/* Never seeded so nothing to do */
diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-secure/safexcel.c
index b6be62025325..4e86f864a952 100644
--- a/drivers/crypto/inside-secure/safexcel.c
+++ b/drivers/crypto/inside-secure/safexcel.c
@@ -20,6 +20,7 @@
#include <linux/platform_device.h>
#include <linux/workqueue.h>
+#include <crypto/internal/aead.h>
#include <crypto/internal/hash.h>
#include <crypto/internal/skcipher.h>
@@ -352,6 +353,7 @@ static int safexcel_hw_init(struct safexcel_crypto_priv *priv)
/* H/W capabilities selection */
val = EIP197_FUNCTION_RSVD;
val |= EIP197_PROTOCOL_ENCRYPT_ONLY | EIP197_PROTOCOL_HASH_ONLY;
+ val |= EIP197_PROTOCOL_ENCRYPT_HASH | EIP197_PROTOCOL_HASH_DECRYPT;
val |= EIP197_ALG_AES_ECB | EIP197_ALG_AES_CBC;
val |= EIP197_ALG_SHA1 | EIP197_ALG_HMAC_SHA1;
val |= EIP197_ALG_SHA2 | EIP197_ALG_HMAC_SHA2;
@@ -537,6 +539,27 @@ finalize:
EIP197_HIA_CDR(priv, ring) + EIP197_HIA_xDR_PREP_COUNT);
}
+inline int safexcel_rdesc_check_errors(struct safexcel_crypto_priv *priv,
+ struct safexcel_result_desc *rdesc)
+{
+ if (likely(!rdesc->result_data.error_code))
+ return 0;
+
+ if (rdesc->result_data.error_code & 0x407f) {
+ /* Fatal error (bits 0-7, 14) */
+ dev_err(priv->dev,
+ "cipher: result: result descriptor error (%d)\n",
+ rdesc->result_data.error_code);
+ return -EIO;
+ } else if (rdesc->result_data.error_code == BIT(9)) {
+ /* Authentication failed */
+ return -EBADMSG;
+ }
+
+ /* All other non-fatal errors */
+ return -EINVAL;
+}
+
void safexcel_complete(struct safexcel_crypto_priv *priv, int ring)
{
struct safexcel_command_desc *cdesc;
@@ -770,6 +793,9 @@ static struct safexcel_alg_template *safexcel_algs[] = {
&safexcel_alg_hmac_sha1,
&safexcel_alg_hmac_sha224,
&safexcel_alg_hmac_sha256,
+ &safexcel_alg_authenc_hmac_sha1_cbc_aes,
+ &safexcel_alg_authenc_hmac_sha224_cbc_aes,
+ &safexcel_alg_authenc_hmac_sha256_cbc_aes,
};
static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv)
@@ -781,6 +807,8 @@ static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv)
if (safexcel_algs[i]->type == SAFEXCEL_ALG_TYPE_SKCIPHER)
ret = crypto_register_skcipher(&safexcel_algs[i]->alg.skcipher);
+ else if (safexcel_algs[i]->type == SAFEXCEL_ALG_TYPE_AEAD)
+ ret = crypto_register_aead(&safexcel_algs[i]->alg.aead);
else
ret = crypto_register_ahash(&safexcel_algs[i]->alg.ahash);
@@ -794,6 +822,8 @@ fail:
for (j = 0; j < i; j++) {
if (safexcel_algs[j]->type == SAFEXCEL_ALG_TYPE_SKCIPHER)
crypto_unregister_skcipher(&safexcel_algs[j]->alg.skcipher);
+ else if (safexcel_algs[j]->type == SAFEXCEL_ALG_TYPE_AEAD)
+ crypto_unregister_aead(&safexcel_algs[j]->alg.aead);
else
crypto_unregister_ahash(&safexcel_algs[j]->alg.ahash);
}
@@ -808,6 +838,8 @@ static void safexcel_unregister_algorithms(struct safexcel_crypto_priv *priv)
for (i = 0; i < ARRAY_SIZE(safexcel_algs); i++) {
if (safexcel_algs[i]->type == SAFEXCEL_ALG_TYPE_SKCIPHER)
crypto_unregister_skcipher(&safexcel_algs[i]->alg.skcipher);
+ else if (safexcel_algs[i]->type == SAFEXCEL_ALG_TYPE_AEAD)
+ crypto_unregister_aead(&safexcel_algs[i]->alg.aead);
else
crypto_unregister_ahash(&safexcel_algs[i]->alg.ahash);
}
diff --git a/drivers/crypto/inside-secure/safexcel.h b/drivers/crypto/inside-secure/safexcel.h
index b470a849721f..8b3ee9b59f53 100644
--- a/drivers/crypto/inside-secure/safexcel.h
+++ b/drivers/crypto/inside-secure/safexcel.h
@@ -11,8 +11,10 @@
#ifndef __SAFEXCEL_H__
#define __SAFEXCEL_H__
+#include <crypto/aead.h>
#include <crypto/algapi.h>
#include <crypto/internal/hash.h>
+#include <crypto/sha.h>
#include <crypto/skcipher.h>
#define EIP197_HIA_VERSION_LE 0xca35
@@ -20,7 +22,7 @@
/* Static configuration */
#define EIP197_DEFAULT_RING_SIZE 400
-#define EIP197_MAX_TOKENS 5
+#define EIP197_MAX_TOKENS 8
#define EIP197_MAX_RINGS 4
#define EIP197_FETCH_COUNT 1
#define EIP197_MAX_BATCH_SZ 64
@@ -28,6 +30,17 @@
#define EIP197_GFP_FLAGS(base) ((base).flags & CRYPTO_TFM_REQ_MAY_SLEEP ? \
GFP_KERNEL : GFP_ATOMIC)
+/* Custom on-stack requests (for invalidation) */
+#define EIP197_SKCIPHER_REQ_SIZE sizeof(struct skcipher_request) + \
+ sizeof(struct safexcel_cipher_req)
+#define EIP197_AHASH_REQ_SIZE sizeof(struct ahash_request) + \
+ sizeof(struct safexcel_ahash_req)
+#define EIP197_AEAD_REQ_SIZE sizeof(struct aead_request) + \
+ sizeof(struct safexcel_cipher_req)
+#define EIP197_REQUEST_ON_STACK(name, type, size) \
+ char __##name##_desc[size] CRYPTO_MINALIGN_ATTR; \
+ struct type##_request *name = (void *)__##name##_desc
+
/* Register base offsets */
#define EIP197_HIA_AIC(priv) ((priv)->base + (priv)->offsets.hia_aic)
#define EIP197_HIA_AIC_G(priv) ((priv)->base + (priv)->offsets.hia_aic_g)
@@ -274,7 +287,7 @@ struct safexcel_context_record {
u32 control0;
u32 control1;
- __le32 data[12];
+ __le32 data[24];
} __packed;
/* control0 */
@@ -286,8 +299,8 @@ struct safexcel_context_record {
#define CONTEXT_CONTROL_TYPE_CRYPTO_IN 0x5
#define CONTEXT_CONTROL_TYPE_ENCRYPT_HASH_OUT 0x6
#define CONTEXT_CONTROL_TYPE_DECRYPT_HASH_IN 0x7
-#define CONTEXT_CONTROL_TYPE_HASH_ENCRYPT_OUT 0x14
-#define CONTEXT_CONTROL_TYPE_HASH_DECRYPT_OUT 0x15
+#define CONTEXT_CONTROL_TYPE_HASH_ENCRYPT_OUT 0xe
+#define CONTEXT_CONTROL_TYPE_HASH_DECRYPT_IN 0xf
#define CONTEXT_CONTROL_RESTART_HASH BIT(4)
#define CONTEXT_CONTROL_NO_FINISH_HASH BIT(5)
#define CONTEXT_CONTROL_SIZE(n) ((n) << 8)
@@ -391,11 +404,15 @@ struct safexcel_token {
u8 opcode:4;
} __packed;
+#define EIP197_TOKEN_HASH_RESULT_VERIFY BIT(16)
+
#define EIP197_TOKEN_STAT_LAST_HASH BIT(0)
#define EIP197_TOKEN_STAT_LAST_PACKET BIT(1)
#define EIP197_TOKEN_OPCODE_DIRECTION 0x0
#define EIP197_TOKEN_OPCODE_INSERT 0x2
#define EIP197_TOKEN_OPCODE_NOOP EIP197_TOKEN_OPCODE_INSERT
+#define EIP197_TOKEN_OPCODE_RETRIEVE 0x4
+#define EIP197_TOKEN_OPCODE_VERIFY 0xd
#define EIP197_TOKEN_OPCODE_BYPASS GENMASK(3, 0)
static inline void eip197_noop_token(struct safexcel_token *token)
@@ -479,6 +496,7 @@ struct safexcel_ring {
enum safexcel_alg_type {
SAFEXCEL_ALG_TYPE_SKCIPHER,
+ SAFEXCEL_ALG_TYPE_AEAD,
SAFEXCEL_ALG_TYPE_AHASH,
};
@@ -581,6 +599,16 @@ struct safexcel_context {
bool exit_inv;
};
+struct safexcel_ahash_export_state {
+ u64 len;
+ u64 processed;
+
+ u32 digest;
+
+ u32 state[SHA256_DIGEST_SIZE / sizeof(u32)];
+ u8 cache[SHA256_BLOCK_SIZE];
+};
+
/*
* Template structure to describe the algorithms in order to register them.
* It also has the purpose to contain our private structure and is actually
@@ -591,6 +619,7 @@ struct safexcel_alg_template {
enum safexcel_alg_type type;
union {
struct skcipher_alg skcipher;
+ struct aead_alg aead;
struct ahash_alg ahash;
} alg;
};
@@ -601,6 +630,8 @@ struct safexcel_inv_result {
};
void safexcel_dequeue(struct safexcel_crypto_priv *priv, int ring);
+int safexcel_rdesc_check_errors(struct safexcel_crypto_priv *priv,
+ struct safexcel_result_desc *rdesc);
void safexcel_complete(struct safexcel_crypto_priv *priv, int ring);
int safexcel_invalidate_cache(struct crypto_async_request *async,
struct safexcel_crypto_priv *priv,
@@ -625,6 +656,8 @@ struct safexcel_result_desc *safexcel_add_rdesc(struct safexcel_crypto_priv *pri
bool first, bool last,
dma_addr_t data, u32 len);
void safexcel_inv_complete(struct crypto_async_request *req, int error);
+int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned int keylen,
+ void *istate, void *ostate);
/* available algorithms */
extern struct safexcel_alg_template safexcel_alg_ecb_aes;
@@ -635,5 +668,8 @@ extern struct safexcel_alg_template safexcel_alg_sha256;
extern struct safexcel_alg_template safexcel_alg_hmac_sha1;
extern struct safexcel_alg_template safexcel_alg_hmac_sha224;
extern struct safexcel_alg_template safexcel_alg_hmac_sha256;
+extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_aes;
+extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha224_cbc_aes;
+extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha256_cbc_aes;
#endif
diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c
index bafb60505fab..6bb60fda2043 100644
--- a/drivers/crypto/inside-secure/safexcel_cipher.c
+++ b/drivers/crypto/inside-secure/safexcel_cipher.c
@@ -12,8 +12,12 @@
#include <linux/dma-mapping.h>
#include <linux/dmapool.h>
+#include <crypto/aead.h>
#include <crypto/aes.h>
+#include <crypto/authenc.h>
+#include <crypto/sha.h>
#include <crypto/skcipher.h>
+#include <crypto/internal/aead.h>
#include <crypto/internal/skcipher.h>
#include "safexcel.h"
@@ -28,9 +32,16 @@ struct safexcel_cipher_ctx {
struct safexcel_crypto_priv *priv;
u32 mode;
+ bool aead;
__le32 key[8];
unsigned int key_len;
+
+ /* All the below is AEAD specific */
+ u32 alg;
+ u32 state_sz;
+ u32 ipad[SHA256_DIGEST_SIZE / sizeof(u32)];
+ u32 opad[SHA256_DIGEST_SIZE / sizeof(u32)];
};
struct safexcel_cipher_req {
@@ -38,18 +49,16 @@ struct safexcel_cipher_req {
bool needs_inv;
};
-static void safexcel_cipher_token(struct safexcel_cipher_ctx *ctx,
- struct crypto_async_request *async,
- struct safexcel_command_desc *cdesc,
- u32 length)
+static void safexcel_skcipher_token(struct safexcel_cipher_ctx *ctx, u8 *iv,
+ struct safexcel_command_desc *cdesc,
+ u32 length)
{
- struct skcipher_request *req = skcipher_request_cast(async);
struct safexcel_token *token;
unsigned offset = 0;
if (ctx->mode == CONTEXT_CONTROL_CRYPTO_MODE_CBC) {
offset = AES_BLOCK_SIZE / sizeof(u32);
- memcpy(cdesc->control_data.token, req->iv, AES_BLOCK_SIZE);
+ memcpy(cdesc->control_data.token, iv, AES_BLOCK_SIZE);
cdesc->control_data.options |= EIP197_OPTION_4_TOKEN_IV_CMD;
}
@@ -65,8 +74,64 @@ static void safexcel_cipher_token(struct safexcel_cipher_ctx *ctx,
EIP197_TOKEN_INS_TYPE_OUTPUT;
}
-static int safexcel_aes_setkey(struct crypto_skcipher *ctfm, const u8 *key,
- unsigned int len)
+static void safexcel_aead_token(struct safexcel_cipher_ctx *ctx, u8 *iv,
+ struct safexcel_command_desc *cdesc,
+ enum safexcel_cipher_direction direction,
+ u32 cryptlen, u32 assoclen, u32 digestsize)
+{
+ struct safexcel_token *token;
+ unsigned offset = 0;
+
+ if (ctx->mode == CONTEXT_CONTROL_CRYPTO_MODE_CBC) {
+ offset = AES_BLOCK_SIZE / sizeof(u32);
+ memcpy(cdesc->control_data.token, iv, AES_BLOCK_SIZE);
+
+ cdesc->control_data.options |= EIP197_OPTION_4_TOKEN_IV_CMD;
+ }
+
+ token = (struct safexcel_token *)(cdesc->control_data.token + offset);
+
+ if (direction == SAFEXCEL_DECRYPT)
+ cryptlen -= digestsize;
+
+ token[0].opcode = EIP197_TOKEN_OPCODE_DIRECTION;
+ token[0].packet_length = assoclen;
+ token[0].instructions = EIP197_TOKEN_INS_TYPE_HASH |
+ EIP197_TOKEN_INS_TYPE_OUTPUT;
+
+ token[1].opcode = EIP197_TOKEN_OPCODE_DIRECTION;
+ token[1].packet_length = cryptlen;
+ token[1].stat = EIP197_TOKEN_STAT_LAST_HASH;
+ token[1].instructions = EIP197_TOKEN_INS_LAST |
+ EIP197_TOKEN_INS_TYPE_CRYTO |
+ EIP197_TOKEN_INS_TYPE_HASH |
+ EIP197_TOKEN_INS_TYPE_OUTPUT;
+
+ if (direction == SAFEXCEL_ENCRYPT) {
+ token[2].opcode = EIP197_TOKEN_OPCODE_INSERT;
+ token[2].packet_length = digestsize;
+ token[2].stat = EIP197_TOKEN_STAT_LAST_HASH |
+ EIP197_TOKEN_STAT_LAST_PACKET;
+ token[2].instructions = EIP197_TOKEN_INS_TYPE_OUTPUT |
+ EIP197_TOKEN_INS_INSERT_HASH_DIGEST;
+ } else {
+ token[2].opcode = EIP197_TOKEN_OPCODE_RETRIEVE;
+ token[2].packet_length = digestsize;
+ token[2].stat = EIP197_TOKEN_STAT_LAST_HASH |
+ EIP197_TOKEN_STAT_LAST_PACKET;
+ token[2].instructions = EIP197_TOKEN_INS_INSERT_HASH_DIGEST;
+
+ token[3].opcode = EIP197_TOKEN_OPCODE_VERIFY;
+ token[3].packet_length = digestsize |
+ EIP197_TOKEN_HASH_RESULT_VERIFY;
+ token[3].stat = EIP197_TOKEN_STAT_LAST_HASH |
+ EIP197_TOKEN_STAT_LAST_PACKET;
+ token[3].instructions = EIP197_TOKEN_INS_TYPE_OUTPUT;
+ }
+}
+
+static int safexcel_skcipher_aes_setkey(struct crypto_skcipher *ctfm,
+ const u8 *key, unsigned int len)
{
struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm);
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
@@ -98,41 +163,123 @@ static int safexcel_aes_setkey(struct crypto_skcipher *ctfm, const u8 *key,
return 0;
}
+static int safexcel_aead_aes_setkey(struct crypto_aead *ctfm, const u8 *key,
+ unsigned int len)
+{
+ struct crypto_tfm *tfm = crypto_aead_tfm(ctfm);
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct safexcel_ahash_export_state istate, ostate;
+ struct safexcel_crypto_priv *priv = ctx->priv;
+ struct crypto_authenc_keys keys;
+
+ if (crypto_authenc_extractkeys(&keys, key, len) != 0)
+ goto badkey;
+
+ if (keys.enckeylen > sizeof(ctx->key))
+ goto badkey;
+
+ /* Encryption key */
+ if (priv->version == EIP197 && ctx->base.ctxr_dma &&
+ memcmp(ctx->key, keys.enckey, keys.enckeylen))
+ ctx->base.needs_inv = true;
+
+ /* Auth key */
+ switch (ctx->alg) {
+ case CONTEXT_CONTROL_CRYPTO_ALG_SHA1:
+ if (safexcel_hmac_setkey("safexcel-sha1", keys.authkey,
+ keys.authkeylen, &istate, &ostate))
+ goto badkey;
+ break;
+ case CONTEXT_CONTROL_CRYPTO_ALG_SHA224:
+ if (safexcel_hmac_setkey("safexcel-sha224", keys.authkey,
+ keys.authkeylen, &istate, &ostate))
+ goto badkey;
+ break;
+ case CONTEXT_CONTROL_CRYPTO_ALG_SHA256:
+ if (safexcel_hmac_setkey("safexcel-sha256", keys.authkey,
+ keys.authkeylen, &istate, &ostate))
+ goto badkey;
+ break;
+ default:
+ dev_err(priv->dev, "aead: unsupported hash algorithm\n");
+ goto badkey;
+ }
+
+ crypto_aead_set_flags(ctfm, crypto_aead_get_flags(ctfm) &
+ CRYPTO_TFM_RES_MASK);
+
+ if (priv->version == EIP197 && ctx->base.ctxr_dma &&
+ (memcmp(ctx->ipad, istate.state, ctx->state_sz) ||
+ memcmp(ctx->opad, ostate.state, ctx->state_sz)))
+ ctx->base.needs_inv = true;
+
+ /* Now copy the keys into the context */
+ memcpy(ctx->key, keys.enckey, keys.enckeylen);
+ ctx->key_len = keys.enckeylen;
+
+ memcpy(ctx->ipad, &istate.state, ctx->state_sz);
+ memcpy(ctx->opad, &ostate.state, ctx->state_sz);
+
+ memzero_explicit(&keys, sizeof(keys));
+ return 0;
+
+badkey:
+ crypto_aead_set_flags(ctfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ memzero_explicit(&keys, sizeof(keys));
+ return -EINVAL;
+}
+
static int safexcel_context_control(struct safexcel_cipher_ctx *ctx,
struct crypto_async_request *async,
+ struct safexcel_cipher_req *sreq,
struct safexcel_command_desc *cdesc)
{
struct safexcel_crypto_priv *priv = ctx->priv;
- struct skcipher_request *req = skcipher_request_cast(async);
- struct safexcel_cipher_req *sreq = skcipher_request_ctx(req);
int ctrl_size;
- if (sreq->direction == SAFEXCEL_ENCRYPT)
+ if (ctx->aead) {
+ if (sreq->direction == SAFEXCEL_ENCRYPT)
+ cdesc->control_data.control0 |= CONTEXT_CONTROL_TYPE_ENCRYPT_HASH_OUT;
+ else
+ cdesc->control_data.control0 |= CONTEXT_CONTROL_TYPE_HASH_DECRYPT_IN;
+ } else {
cdesc->control_data.control0 |= CONTEXT_CONTROL_TYPE_CRYPTO_OUT;
- else
- cdesc->control_data.control0 |= CONTEXT_CONTROL_TYPE_CRYPTO_IN;
+
+ /* The decryption control type is a combination of the
+ * encryption type and CONTEXT_CONTROL_TYPE_NULL_IN, for all
+ * types.
+ */
+ if (sreq->direction == SAFEXCEL_DECRYPT)
+ cdesc->control_data.control0 |= CONTEXT_CONTROL_TYPE_NULL_IN;
+ }
cdesc->control_data.control0 |= CONTEXT_CONTROL_KEY_EN;
cdesc->control_data.control1 |= ctx->mode;
+ if (ctx->aead)
+ cdesc->control_data.control0 |= CONTEXT_CONTROL_DIGEST_HMAC |
+ ctx->alg;
+
switch (ctx->key_len) {
case AES_KEYSIZE_128:
cdesc->control_data.control0 |= CONTEXT_CONTROL_CRYPTO_ALG_AES128;
- ctrl_size = 4;
break;
case AES_KEYSIZE_192:
cdesc->control_data.control0 |= CONTEXT_CONTROL_CRYPTO_ALG_AES192;
- ctrl_size = 6;
break;
case AES_KEYSIZE_256:
cdesc->control_data.control0 |= CONTEXT_CONTROL_CRYPTO_ALG_AES256;
- ctrl_size = 8;
break;
default:
dev_err(priv->dev, "aes keysize not supported: %u\n",
ctx->key_len);
return -EINVAL;
}
+
+ ctrl_size = ctx->key_len / sizeof(u32);
+ if (ctx->aead)
+ /* Take in account the ipad+opad digests */
+ ctrl_size += ctx->state_sz / sizeof(u32) * 2;
cdesc->control_data.control0 |= CONTEXT_CONTROL_SIZE(ctrl_size);
return 0;
@@ -140,9 +287,12 @@ static int safexcel_context_control(struct safexcel_cipher_ctx *ctx,
static int safexcel_handle_req_result(struct safexcel_crypto_priv *priv, int ring,
struct crypto_async_request *async,
+ struct scatterlist *src,
+ struct scatterlist *dst,
+ unsigned int cryptlen,
+ struct safexcel_cipher_req *sreq,
bool *should_complete, int *ret)
{
- struct skcipher_request *req = skcipher_request_cast(async);
struct safexcel_result_desc *rdesc;
int ndesc = 0;
@@ -158,12 +308,8 @@ static int safexcel_handle_req_result(struct safexcel_crypto_priv *priv, int rin
break;
}
- if (rdesc->result_data.error_code) {
- dev_err(priv->dev,
- "cipher: result: result descriptor error (%d)\n",
- rdesc->result_data.error_code);
- *ret = -EIO;
- }
+ if (likely(!*ret))
+ *ret = safexcel_rdesc_check_errors(priv, rdesc);
ndesc++;
} while (!rdesc->last_seg);
@@ -171,16 +317,16 @@ static int safexcel_handle_req_result(struct safexcel_crypto_priv *priv, int rin
safexcel_complete(priv, ring);
spin_unlock_bh(&priv->ring[ring].egress_lock);
- if (req->src == req->dst) {
- dma_unmap_sg(priv->dev, req->src,
- sg_nents_for_len(req->src, req->cryptlen),
+ if (src == dst) {
+ dma_unmap_sg(priv->dev, src,
+ sg_nents_for_len(src, cryptlen),
DMA_BIDIRECTIONAL);
} else {
- dma_unmap_sg(priv->dev, req->src,
- sg_nents_for_len(req->src, req->cryptlen),
+ dma_unmap_sg(priv->dev, src,
+ sg_nents_for_len(src, cryptlen),
DMA_TO_DEVICE);
- dma_unmap_sg(priv->dev, req->dst,
- sg_nents_for_len(req->dst, req->cryptlen),
+ dma_unmap_sg(priv->dev, dst,
+ sg_nents_for_len(dst, cryptlen),
DMA_FROM_DEVICE);
}
@@ -189,39 +335,43 @@ static int safexcel_handle_req_result(struct safexcel_crypto_priv *priv, int rin
return ndesc;
}
-static int safexcel_aes_send(struct crypto_async_request *async,
- int ring, struct safexcel_request *request,
- int *commands, int *results)
+static int safexcel_aes_send(struct crypto_async_request *base, int ring,
+ struct safexcel_request *request,
+ struct safexcel_cipher_req *sreq,
+ struct scatterlist *src, struct scatterlist *dst,
+ unsigned int cryptlen, unsigned int assoclen,
+ unsigned int digestsize, u8 *iv, int *commands,
+ int *results)
{
- struct skcipher_request *req = skcipher_request_cast(async);
- struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(base->tfm);
struct safexcel_crypto_priv *priv = ctx->priv;
struct safexcel_command_desc *cdesc;
struct safexcel_result_desc *rdesc;
struct scatterlist *sg;
- int nr_src, nr_dst, n_cdesc = 0, n_rdesc = 0, queued = req->cryptlen;
+ unsigned int totlen = cryptlen + assoclen;
+ int nr_src, nr_dst, n_cdesc = 0, n_rdesc = 0, queued = totlen;
int i, ret = 0;
- if (req->src == req->dst) {
- nr_src = dma_map_sg(priv->dev, req->src,
- sg_nents_for_len(req->src, req->cryptlen),
+ if (src == dst) {
+ nr_src = dma_map_sg(priv->dev, src,
+ sg_nents_for_len(src, totlen),
DMA_BIDIRECTIONAL);
nr_dst = nr_src;
if (!nr_src)
return -EINVAL;
} else {
- nr_src = dma_map_sg(priv->dev, req->src,
- sg_nents_for_len(req->src, req->cryptlen),
+ nr_src = dma_map_sg(priv->dev, src,
+ sg_nents_for_len(src, totlen),
DMA_TO_DEVICE);
if (!nr_src)
return -EINVAL;
- nr_dst = dma_map_sg(priv->dev, req->dst,
- sg_nents_for_len(req->dst, req->cryptlen),
+ nr_dst = dma_map_sg(priv->dev, dst,
+ sg_nents_for_len(dst, totlen),
DMA_FROM_DEVICE);
if (!nr_dst) {
- dma_unmap_sg(priv->dev, req->src,
- sg_nents_for_len(req->src, req->cryptlen),
+ dma_unmap_sg(priv->dev, src,
+ sg_nents_for_len(src, totlen),
DMA_TO_DEVICE);
return -EINVAL;
}
@@ -229,10 +379,17 @@ static int safexcel_aes_send(struct crypto_async_request *async,
memcpy(ctx->base.ctxr->data, ctx->key, ctx->key_len);
+ if (ctx->aead) {
+ memcpy(ctx->base.ctxr->data + ctx->key_len / sizeof(u32),
+ ctx->ipad, ctx->state_sz);
+ memcpy(ctx->base.ctxr->data + (ctx->key_len + ctx->state_sz) / sizeof(u32),
+ ctx->opad, ctx->state_sz);
+ }
+
spin_lock_bh(&priv->ring[ring].egress_lock);
/* command descriptors */
- for_each_sg(req->src, sg, nr_src, i) {
+ for_each_sg(src, sg, nr_src, i) {
int len = sg_dma_len(sg);
/* Do not overflow the request */
@@ -240,7 +397,7 @@ static int safexcel_aes_send(struct crypto_async_request *async,
len = queued;
cdesc = safexcel_add_cdesc(priv, ring, !n_cdesc, !(queued - len),
- sg_dma_address(sg), len, req->cryptlen,
+ sg_dma_address(sg), len, totlen,
ctx->base.ctxr_dma);
if (IS_ERR(cdesc)) {
/* No space left in the command descriptor ring */
@@ -250,8 +407,14 @@ static int safexcel_aes_send(struct crypto_async_request *async,
n_cdesc++;
if (n_cdesc == 1) {
- safexcel_context_control(ctx, async, cdesc);
- safexcel_cipher_token(ctx, async, cdesc, req->cryptlen);
+ safexcel_context_control(ctx, base, sreq, cdesc);
+ if (ctx->aead)
+ safexcel_aead_token(ctx, iv, cdesc,
+ sreq->direction, cryptlen,
+ assoclen, digestsize);
+ else
+ safexcel_skcipher_token(ctx, iv, cdesc,
+ cryptlen);
}
queued -= len;
@@ -260,7 +423,7 @@ static int safexcel_aes_send(struct crypto_async_request *async,
}
/* result descriptors */
- for_each_sg(req->dst, sg, nr_dst, i) {
+ for_each_sg(dst, sg, nr_dst, i) {
bool first = !i, last = (i == nr_dst - 1);
u32 len = sg_dma_len(sg);
@@ -276,7 +439,7 @@ static int safexcel_aes_send(struct crypto_async_request *async,
spin_unlock_bh(&priv->ring[ring].egress_lock);
- request->req = &req->base;
+ request->req = base;
*commands = n_cdesc;
*results = n_rdesc;
@@ -291,16 +454,16 @@ cdesc_rollback:
spin_unlock_bh(&priv->ring[ring].egress_lock);
- if (req->src == req->dst) {
- dma_unmap_sg(priv->dev, req->src,
- sg_nents_for_len(req->src, req->cryptlen),
+ if (src == dst) {
+ dma_unmap_sg(priv->dev, src,
+ sg_nents_for_len(src, totlen),
DMA_BIDIRECTIONAL);
} else {
- dma_unmap_sg(priv->dev, req->src,
- sg_nents_for_len(req->src, req->cryptlen),
+ dma_unmap_sg(priv->dev, src,
+ sg_nents_for_len(src, totlen),
DMA_TO_DEVICE);
- dma_unmap_sg(priv->dev, req->dst,
- sg_nents_for_len(req->dst, req->cryptlen),
+ dma_unmap_sg(priv->dev, dst,
+ sg_nents_for_len(dst, totlen),
DMA_FROM_DEVICE);
}
@@ -309,11 +472,10 @@ cdesc_rollback:
static int safexcel_handle_inv_result(struct safexcel_crypto_priv *priv,
int ring,
- struct crypto_async_request *async,
+ struct crypto_async_request *base,
bool *should_complete, int *ret)
{
- struct skcipher_request *req = skcipher_request_cast(async);
- struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(base->tfm);
struct safexcel_result_desc *rdesc;
int ndesc = 0, enq_ret;
@@ -354,7 +516,7 @@ static int safexcel_handle_inv_result(struct safexcel_crypto_priv *priv,
ctx->base.ring = ring;
spin_lock_bh(&priv->ring[ring].queue_lock);
- enq_ret = crypto_enqueue_request(&priv->ring[ring].queue, async);
+ enq_ret = crypto_enqueue_request(&priv->ring[ring].queue, base);
spin_unlock_bh(&priv->ring[ring].queue_lock);
if (enq_ret != -EINPROGRESS)
@@ -368,9 +530,10 @@ static int safexcel_handle_inv_result(struct safexcel_crypto_priv *priv,
return ndesc;
}
-static int safexcel_handle_result(struct safexcel_crypto_priv *priv, int ring,
- struct crypto_async_request *async,
- bool *should_complete, int *ret)
+static int safexcel_skcipher_handle_result(struct safexcel_crypto_priv *priv,
+ int ring,
+ struct crypto_async_request *async,
+ bool *should_complete, int *ret)
{
struct skcipher_request *req = skcipher_request_cast(async);
struct safexcel_cipher_req *sreq = skcipher_request_ctx(req);
@@ -381,24 +544,48 @@ static int safexcel_handle_result(struct safexcel_crypto_priv *priv, int ring,
err = safexcel_handle_inv_result(priv, ring, async,
should_complete, ret);
} else {
- err = safexcel_handle_req_result(priv, ring, async,
+ err = safexcel_handle_req_result(priv, ring, async, req->src,
+ req->dst, req->cryptlen, sreq,
should_complete, ret);
}
return err;
}
-static int safexcel_cipher_send_inv(struct crypto_async_request *async,
+static int safexcel_aead_handle_result(struct safexcel_crypto_priv *priv,
+ int ring,
+ struct crypto_async_request *async,
+ bool *should_complete, int *ret)
+{
+ struct aead_request *req = aead_request_cast(async);
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct safexcel_cipher_req *sreq = aead_request_ctx(req);
+ int err;
+
+ if (sreq->needs_inv) {
+ sreq->needs_inv = false;
+ err = safexcel_handle_inv_result(priv, ring, async,
+ should_complete, ret);
+ } else {
+ err = safexcel_handle_req_result(priv, ring, async, req->src,
+ req->dst,
+ req->cryptlen + crypto_aead_authsize(tfm),
+ sreq, should_complete, ret);
+ }
+
+ return err;
+}
+
+static int safexcel_cipher_send_inv(struct crypto_async_request *base,
int ring, struct safexcel_request *request,
int *commands, int *results)
{
- struct skcipher_request *req = skcipher_request_cast(async);
- struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(base->tfm);
struct safexcel_crypto_priv *priv = ctx->priv;
int ret;
- ret = safexcel_invalidate_cache(async, priv,
- ctx->base.ctxr_dma, ring, request);
+ ret = safexcel_invalidate_cache(base, priv, ctx->base.ctxr_dma, ring,
+ request);
if (unlikely(ret))
return ret;
@@ -408,9 +595,9 @@ static int safexcel_cipher_send_inv(struct crypto_async_request *async,
return 0;
}
-static int safexcel_send(struct crypto_async_request *async,
- int ring, struct safexcel_request *request,
- int *commands, int *results)
+static int safexcel_skcipher_send(struct crypto_async_request *async, int ring,
+ struct safexcel_request *request,
+ int *commands, int *results)
{
struct skcipher_request *req = skcipher_request_cast(async);
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
@@ -421,59 +608,108 @@ static int safexcel_send(struct crypto_async_request *async,
BUG_ON(priv->version == EIP97 && sreq->needs_inv);
if (sreq->needs_inv)
- ret = safexcel_cipher_send_inv(async, ring, request,
- commands, results);
+ ret = safexcel_cipher_send_inv(async, ring, request, commands,
+ results);
+ else
+ ret = safexcel_aes_send(async, ring, request, sreq, req->src,
+ req->dst, req->cryptlen, 0, 0, req->iv,
+ commands, results);
+ return ret;
+}
+
+static int safexcel_aead_send(struct crypto_async_request *async, int ring,
+ struct safexcel_request *request, int *commands,
+ int *results)
+{
+ struct aead_request *req = aead_request_cast(async);
+ struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct safexcel_cipher_req *sreq = aead_request_ctx(req);
+ struct safexcel_crypto_priv *priv = ctx->priv;
+ int ret;
+
+ BUG_ON(priv->version == EIP97 && sreq->needs_inv);
+
+ if (sreq->needs_inv)
+ ret = safexcel_cipher_send_inv(async, ring, request, commands,
+ results);
else
- ret = safexcel_aes_send(async, ring, request,
+ ret = safexcel_aes_send(async, ring, request, sreq, req->src,
+ req->dst, req->cryptlen, req->assoclen,
+ crypto_aead_authsize(tfm), req->iv,
commands, results);
return ret;
}
-static int safexcel_cipher_exit_inv(struct crypto_tfm *tfm)
+static int safexcel_cipher_exit_inv(struct crypto_tfm *tfm,
+ struct crypto_async_request *base,
+ struct safexcel_cipher_req *sreq,
+ struct safexcel_inv_result *result)
{
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
struct safexcel_crypto_priv *priv = ctx->priv;
- SKCIPHER_REQUEST_ON_STACK(req, __crypto_skcipher_cast(tfm));
- struct safexcel_cipher_req *sreq = skcipher_request_ctx(req);
- struct safexcel_inv_result result = {};
int ring = ctx->base.ring;
- memset(req, 0, sizeof(struct skcipher_request));
+ init_completion(&result->completion);
- /* create invalidation request */
- init_completion(&result.completion);
- skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
- safexcel_inv_complete, &result);
-
- skcipher_request_set_tfm(req, __crypto_skcipher_cast(tfm));
- ctx = crypto_tfm_ctx(req->base.tfm);
+ ctx = crypto_tfm_ctx(base->tfm);
ctx->base.exit_inv = true;
sreq->needs_inv = true;
spin_lock_bh(&priv->ring[ring].queue_lock);
- crypto_enqueue_request(&priv->ring[ring].queue, &req->base);
+ crypto_enqueue_request(&priv->ring[ring].queue, base);
spin_unlock_bh(&priv->ring[ring].queue_lock);
queue_work(priv->ring[ring].workqueue,
&priv->ring[ring].work_data.work);
- wait_for_completion(&result.completion);
+ wait_for_completion(&result->completion);
- if (result.error) {
+ if (result->error) {
dev_warn(priv->dev,
"cipher: sync: invalidate: completion error %d\n",
- result.error);
- return result.error;
+ result->error);
+ return result->error;
}
return 0;
}
-static int safexcel_aes(struct skcipher_request *req,
- enum safexcel_cipher_direction dir, u32 mode)
+static int safexcel_skcipher_exit_inv(struct crypto_tfm *tfm)
{
- struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ EIP197_REQUEST_ON_STACK(req, skcipher, EIP197_SKCIPHER_REQ_SIZE);
struct safexcel_cipher_req *sreq = skcipher_request_ctx(req);
+ struct safexcel_inv_result result = {};
+
+ memset(req, 0, sizeof(struct skcipher_request));
+
+ skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
+ safexcel_inv_complete, &result);
+ skcipher_request_set_tfm(req, __crypto_skcipher_cast(tfm));
+
+ return safexcel_cipher_exit_inv(tfm, &req->base, sreq, &result);
+}
+
+static int safexcel_aead_exit_inv(struct crypto_tfm *tfm)
+{
+ EIP197_REQUEST_ON_STACK(req, aead, EIP197_AEAD_REQ_SIZE);
+ struct safexcel_cipher_req *sreq = aead_request_ctx(req);
+ struct safexcel_inv_result result = {};
+
+ memset(req, 0, sizeof(struct aead_request));
+
+ aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
+ safexcel_inv_complete, &result);
+ aead_request_set_tfm(req, __crypto_aead_cast(tfm));
+
+ return safexcel_cipher_exit_inv(tfm, &req->base, sreq, &result);
+}
+
+static int safexcel_aes(struct crypto_async_request *base,
+ struct safexcel_cipher_req *sreq,
+ enum safexcel_cipher_direction dir, u32 mode)
+{
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(base->tfm);
struct safexcel_crypto_priv *priv = ctx->priv;
int ret, ring;
@@ -489,7 +725,7 @@ static int safexcel_aes(struct skcipher_request *req,
} else {
ctx->base.ring = safexcel_select_ring(priv);
ctx->base.ctxr = dma_pool_zalloc(priv->context_pool,
- EIP197_GFP_FLAGS(req->base),
+ EIP197_GFP_FLAGS(*base),
&ctx->base.ctxr_dma);
if (!ctx->base.ctxr)
return -ENOMEM;
@@ -498,7 +734,7 @@ static int safexcel_aes(struct skcipher_request *req,
ring = ctx->base.ring;
spin_lock_bh(&priv->ring[ring].queue_lock);
- ret = crypto_enqueue_request(&priv->ring[ring].queue, &req->base);
+ ret = crypto_enqueue_request(&priv->ring[ring].queue, base);
spin_unlock_bh(&priv->ring[ring].queue_lock);
queue_work(priv->ring[ring].workqueue,
@@ -509,14 +745,14 @@ static int safexcel_aes(struct skcipher_request *req,
static int safexcel_ecb_aes_encrypt(struct skcipher_request *req)
{
- return safexcel_aes(req, SAFEXCEL_ENCRYPT,
- CONTEXT_CONTROL_CRYPTO_MODE_ECB);
+ return safexcel_aes(&req->base, skcipher_request_ctx(req),
+ SAFEXCEL_ENCRYPT, CONTEXT_CONTROL_CRYPTO_MODE_ECB);
}
static int safexcel_ecb_aes_decrypt(struct skcipher_request *req)
{
- return safexcel_aes(req, SAFEXCEL_DECRYPT,
- CONTEXT_CONTROL_CRYPTO_MODE_ECB);
+ return safexcel_aes(&req->base, skcipher_request_ctx(req),
+ SAFEXCEL_DECRYPT, CONTEXT_CONTROL_CRYPTO_MODE_ECB);
}
static int safexcel_skcipher_cra_init(struct crypto_tfm *tfm)
@@ -526,34 +762,64 @@ static int safexcel_skcipher_cra_init(struct crypto_tfm *tfm)
container_of(tfm->__crt_alg, struct safexcel_alg_template,
alg.skcipher.base);
- ctx->priv = tmpl->priv;
- ctx->base.send = safexcel_send;
- ctx->base.handle_result = safexcel_handle_result;
-
crypto_skcipher_set_reqsize(__crypto_skcipher_cast(tfm),
sizeof(struct safexcel_cipher_req));
+ ctx->priv = tmpl->priv;
+
+ ctx->base.send = safexcel_skcipher_send;
+ ctx->base.handle_result = safexcel_skcipher_handle_result;
return 0;
}
-static void safexcel_skcipher_cra_exit(struct crypto_tfm *tfm)
+static int safexcel_cipher_cra_exit(struct crypto_tfm *tfm)
{
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
- struct safexcel_crypto_priv *priv = ctx->priv;
- int ret;
- memzero_explicit(ctx->key, 8 * sizeof(u32));
+ memzero_explicit(ctx->key, sizeof(ctx->key));
/* context not allocated, skip invalidation */
if (!ctx->base.ctxr)
+ return -ENOMEM;
+
+ memzero_explicit(ctx->base.ctxr->data, sizeof(ctx->base.ctxr->data));
+ return 0;
+}
+
+static void safexcel_skcipher_cra_exit(struct crypto_tfm *tfm)
+{
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct safexcel_crypto_priv *priv = ctx->priv;
+ int ret;
+
+ if (safexcel_cipher_cra_exit(tfm))
return;
- memzero_explicit(ctx->base.ctxr->data, 8 * sizeof(u32));
+ if (priv->version == EIP197) {
+ ret = safexcel_skcipher_exit_inv(tfm);
+ if (ret)
+ dev_warn(priv->dev, "skcipher: invalidation error %d\n",
+ ret);
+ } else {
+ dma_pool_free(priv->context_pool, ctx->base.ctxr,
+ ctx->base.ctxr_dma);
+ }
+}
+
+static void safexcel_aead_cra_exit(struct crypto_tfm *tfm)
+{
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct safexcel_crypto_priv *priv = ctx->priv;
+ int ret;
+
+ if (safexcel_cipher_cra_exit(tfm))
+ return;
if (priv->version == EIP197) {
- ret = safexcel_cipher_exit_inv(tfm);
+ ret = safexcel_aead_exit_inv(tfm);
if (ret)
- dev_warn(priv->dev, "cipher: invalidation error %d\n", ret);
+ dev_warn(priv->dev, "aead: invalidation error %d\n",
+ ret);
} else {
dma_pool_free(priv->context_pool, ctx->base.ctxr,
ctx->base.ctxr_dma);
@@ -563,7 +829,7 @@ static void safexcel_skcipher_cra_exit(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_ecb_aes = {
.type = SAFEXCEL_ALG_TYPE_SKCIPHER,
.alg.skcipher = {
- .setkey = safexcel_aes_setkey,
+ .setkey = safexcel_skcipher_aes_setkey,
.encrypt = safexcel_ecb_aes_encrypt,
.decrypt = safexcel_ecb_aes_decrypt,
.min_keysize = AES_MIN_KEY_SIZE,
@@ -586,20 +852,20 @@ struct safexcel_alg_template safexcel_alg_ecb_aes = {
static int safexcel_cbc_aes_encrypt(struct skcipher_request *req)
{
- return safexcel_aes(req, SAFEXCEL_ENCRYPT,
- CONTEXT_CONTROL_CRYPTO_MODE_CBC);
+ return safexcel_aes(&req->base, skcipher_request_ctx(req),
+ SAFEXCEL_ENCRYPT, CONTEXT_CONTROL_CRYPTO_MODE_CBC);
}
static int safexcel_cbc_aes_decrypt(struct skcipher_request *req)
{
- return safexcel_aes(req, SAFEXCEL_DECRYPT,
- CONTEXT_CONTROL_CRYPTO_MODE_CBC);
+ return safexcel_aes(&req->base, skcipher_request_ctx(req),
+ SAFEXCEL_DECRYPT, CONTEXT_CONTROL_CRYPTO_MODE_CBC);
}
struct safexcel_alg_template safexcel_alg_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_SKCIPHER,
.alg.skcipher = {
- .setkey = safexcel_aes_setkey,
+ .setkey = safexcel_skcipher_aes_setkey,
.encrypt = safexcel_cbc_aes_encrypt,
.decrypt = safexcel_cbc_aes_decrypt,
.min_keysize = AES_MIN_KEY_SIZE,
@@ -620,3 +886,139 @@ struct safexcel_alg_template safexcel_alg_cbc_aes = {
},
},
};
+
+static int safexcel_aead_encrypt(struct aead_request *req)
+{
+ struct safexcel_cipher_req *creq = aead_request_ctx(req);
+
+ return safexcel_aes(&req->base, creq, SAFEXCEL_ENCRYPT,
+ CONTEXT_CONTROL_CRYPTO_MODE_CBC);
+}
+
+static int safexcel_aead_decrypt(struct aead_request *req)
+{
+ struct safexcel_cipher_req *creq = aead_request_ctx(req);
+
+ return safexcel_aes(&req->base, creq, SAFEXCEL_DECRYPT,
+ CONTEXT_CONTROL_CRYPTO_MODE_CBC);
+}
+
+static int safexcel_aead_cra_init(struct crypto_tfm *tfm)
+{
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct safexcel_alg_template *tmpl =
+ container_of(tfm->__crt_alg, struct safexcel_alg_template,
+ alg.aead.base);
+
+ crypto_aead_set_reqsize(__crypto_aead_cast(tfm),
+ sizeof(struct safexcel_cipher_req));
+
+ ctx->priv = tmpl->priv;
+
+ ctx->aead = true;
+ ctx->base.send = safexcel_aead_send;
+ ctx->base.handle_result = safexcel_aead_handle_result;
+ return 0;
+}
+
+static int safexcel_aead_sha1_cra_init(struct crypto_tfm *tfm)
+{
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ safexcel_aead_cra_init(tfm);
+ ctx->alg = CONTEXT_CONTROL_CRYPTO_ALG_SHA1;
+ ctx->state_sz = SHA1_DIGEST_SIZE;
+ return 0;
+}
+
+struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_aes = {
+ .type = SAFEXCEL_ALG_TYPE_AEAD,
+ .alg.aead = {
+ .setkey = safexcel_aead_aes_setkey,
+ .encrypt = safexcel_aead_encrypt,
+ .decrypt = safexcel_aead_decrypt,
+ .ivsize = AES_BLOCK_SIZE,
+ .maxauthsize = SHA1_DIGEST_SIZE,
+ .base = {
+ .cra_name = "authenc(hmac(sha1),cbc(aes))",
+ .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-aes",
+ .cra_priority = 300,
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
+ .cra_alignmask = 0,
+ .cra_init = safexcel_aead_sha1_cra_init,
+ .cra_exit = safexcel_aead_cra_exit,
+ .cra_module = THIS_MODULE,
+ },
+ },
+};
+
+static int safexcel_aead_sha256_cra_init(struct crypto_tfm *tfm)
+{
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ safexcel_aead_cra_init(tfm);
+ ctx->alg = CONTEXT_CONTROL_CRYPTO_ALG_SHA256;
+ ctx->state_sz = SHA256_DIGEST_SIZE;
+ return 0;
+}
+
+struct safexcel_alg_template safexcel_alg_authenc_hmac_sha256_cbc_aes = {
+ .type = SAFEXCEL_ALG_TYPE_AEAD,
+ .alg.aead = {
+ .setkey = safexcel_aead_aes_setkey,
+ .encrypt = safexcel_aead_encrypt,
+ .decrypt = safexcel_aead_decrypt,
+ .ivsize = AES_BLOCK_SIZE,
+ .maxauthsize = SHA256_DIGEST_SIZE,
+ .base = {
+ .cra_name = "authenc(hmac(sha256),cbc(aes))",
+ .cra_driver_name = "safexcel-authenc-hmac-sha256-cbc-aes",
+ .cra_priority = 300,
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
+ .cra_alignmask = 0,
+ .cra_init = safexcel_aead_sha256_cra_init,
+ .cra_exit = safexcel_aead_cra_exit,
+ .cra_module = THIS_MODULE,
+ },
+ },
+};
+
+static int safexcel_aead_sha224_cra_init(struct crypto_tfm *tfm)
+{
+ struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ safexcel_aead_cra_init(tfm);
+ ctx->alg = CONTEXT_CONTROL_CRYPTO_ALG_SHA224;
+ ctx->state_sz = SHA256_DIGEST_SIZE;
+ return 0;
+}
+
+struct safexcel_alg_template safexcel_alg_authenc_hmac_sha224_cbc_aes = {
+ .type = SAFEXCEL_ALG_TYPE_AEAD,
+ .alg.aead = {
+ .setkey = safexcel_aead_aes_setkey,
+ .encrypt = safexcel_aead_encrypt,
+ .decrypt = safexcel_aead_decrypt,
+ .ivsize = AES_BLOCK_SIZE,
+ .maxauthsize = SHA224_DIGEST_SIZE,
+ .base = {
+ .cra_name = "authenc(hmac(sha224),cbc(aes))",
+ .cra_driver_name = "safexcel-authenc-hmac-sha224-cbc-aes",
+ .cra_priority = 300,
+ .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
+ .cra_alignmask = 0,
+ .cra_init = safexcel_aead_sha224_cra_init,
+ .cra_exit = safexcel_aead_cra_exit,
+ .cra_module = THIS_MODULE,
+ },
+ },
+};
diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c
index 317b9e480312..d138d6b8fec5 100644
--- a/drivers/crypto/inside-secure/safexcel_hash.c
+++ b/drivers/crypto/inside-secure/safexcel_hash.c
@@ -50,16 +50,6 @@ struct safexcel_ahash_req {
u8 cache_next[SHA256_BLOCK_SIZE] __aligned(sizeof(u32));
};
-struct safexcel_ahash_export_state {
- u64 len;
- u64 processed;
-
- u32 digest;
-
- u32 state[SHA256_DIGEST_SIZE / sizeof(u32)];
- u8 cache[SHA256_BLOCK_SIZE];
-};
-
static void safexcel_hash_token(struct safexcel_command_desc *cdesc,
u32 input_length, u32 result_length)
{
@@ -146,11 +136,8 @@ static int safexcel_handle_req_result(struct safexcel_crypto_priv *priv, int rin
dev_err(priv->dev,
"hash: result: could not retrieve the result descriptor\n");
*ret = PTR_ERR(rdesc);
- } else if (rdesc->result_data.error_code) {
- dev_err(priv->dev,
- "hash: result: result descriptor error (%d)\n",
- rdesc->result_data.error_code);
- *ret = -EINVAL;
+ } else {
+ *ret = safexcel_rdesc_check_errors(priv, rdesc);
}
safexcel_complete(priv, ring);
@@ -480,7 +467,7 @@ static int safexcel_ahash_exit_inv(struct crypto_tfm *tfm)
{
struct safexcel_ahash_ctx *ctx = crypto_tfm_ctx(tfm);
struct safexcel_crypto_priv *priv = ctx->priv;
- AHASH_REQUEST_ON_STACK(req, __crypto_ahash_cast(tfm));
+ EIP197_REQUEST_ON_STACK(req, ahash, EIP197_AHASH_REQ_SIZE);
struct safexcel_ahash_req *rctx = ahash_request_ctx(req);
struct safexcel_inv_result result = {};
int ring = ctx->base.ring;
@@ -912,8 +899,8 @@ static int safexcel_hmac_init_iv(struct ahash_request *areq,
return crypto_ahash_export(areq, state);
}
-static int safexcel_hmac_setkey(const char *alg, const u8 *key,
- unsigned int keylen, void *istate, void *ostate)
+int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned int keylen,
+ void *istate, void *ostate)
{
struct ahash_request *areq;
struct crypto_ahash *tfm;
diff --git a/drivers/crypto/nx/nx-842-powernv.c b/drivers/crypto/nx/nx-842-powernv.c
index 1e87637c412d..36afd6d8753c 100644
--- a/drivers/crypto/nx/nx-842-powernv.c
+++ b/drivers/crypto/nx/nx-842-powernv.c
@@ -334,7 +334,7 @@ static int wait_for_csb(struct nx842_workmem *wmem,
return -EPROTO;
case CSB_CC_SEQUENCE:
/* should not happen, we don't use chained CRBs */
- CSB_ERR(csb, "CRB seqeunce number error");
+ CSB_ERR(csb, "CRB sequence number error");
return -EPROTO;
case CSB_CC_UNKNOWN_CODE:
CSB_ERR(csb, "Unknown subfunction code");
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index ad02aa63b519..d1a1c74fb56a 100644
--- a/drivers/crypto/omap-sham.c
+++ b/drivers/crypto/omap-sham.c
@@ -1087,7 +1087,7 @@ static void omap_sham_finish_req(struct ahash_request *req, int err)
if (test_bit(FLAGS_SGS_COPIED, &dd->flags))
free_pages((unsigned long)sg_virt(ctx->sg),
- get_order(ctx->sg->length));
+ get_order(ctx->sg->length + ctx->bufcnt));
if (test_bit(FLAGS_SGS_ALLOCED, &dd->flags))
kfree(ctx->sg);
diff --git a/drivers/crypto/picoxcell_crypto.c b/drivers/crypto/picoxcell_crypto.c
index a4df966adbf6..321d5e2ac833 100644
--- a/drivers/crypto/picoxcell_crypto.c
+++ b/drivers/crypto/picoxcell_crypto.c
@@ -1169,8 +1169,7 @@ static void spacc_spacc_complete(unsigned long data)
#ifdef CONFIG_PM
static int spacc_suspend(struct device *dev)
{
- struct platform_device *pdev = to_platform_device(dev);
- struct spacc_engine *engine = platform_get_drvdata(pdev);
+ struct spacc_engine *engine = dev_get_drvdata(dev);
/*
* We only support standby mode. All we have to do is gate the clock to
@@ -1184,8 +1183,7 @@ static int spacc_suspend(struct device *dev)
static int spacc_resume(struct device *dev)
{
- struct platform_device *pdev = to_platform_device(dev);
- struct spacc_engine *engine = platform_get_drvdata(pdev);
+ struct spacc_engine *engine = dev_get_drvdata(dev);
return clk_enable(engine->clk);
}
diff --git a/drivers/crypto/qat/qat_c3xxx/adf_drv.c b/drivers/crypto/qat/qat_c3xxx/adf_drv.c
index f172171668ee..ba197f34c252 100644
--- a/drivers/crypto/qat/qat_c3xxx/adf_drv.c
+++ b/drivers/crypto/qat/qat_c3xxx/adf_drv.c
@@ -329,5 +329,7 @@ module_exit(adfdrv_release);
MODULE_LICENSE("Dual BSD/GPL");
MODULE_AUTHOR("Intel");
+MODULE_FIRMWARE(ADF_C3XXX_FW);
+MODULE_FIRMWARE(ADF_C3XXX_MMP);
MODULE_DESCRIPTION("Intel(R) QuickAssist Technology");
MODULE_VERSION(ADF_DRV_VERSION);
diff --git a/drivers/crypto/qat/qat_c62x/adf_drv.c b/drivers/crypto/qat/qat_c62x/adf_drv.c
index 58a984c9c3ec..59a5a0df50b6 100644
--- a/drivers/crypto/qat/qat_c62x/adf_drv.c
+++ b/drivers/crypto/qat/qat_c62x/adf_drv.c
@@ -329,5 +329,7 @@ module_exit(adfdrv_release);
MODULE_LICENSE("Dual BSD/GPL");
MODULE_AUTHOR("Intel");
+MODULE_FIRMWARE(ADF_C62X_FW);
+MODULE_FIRMWARE(ADF_C62X_MMP);
MODULE_DESCRIPTION("Intel(R) QuickAssist Technology");
MODULE_VERSION(ADF_DRV_VERSION);
diff --git a/drivers/crypto/qat/qat_dh895xcc/adf_drv.c b/drivers/crypto/qat/qat_dh895xcc/adf_drv.c
index 2ce01f010c74..be5c5a988ca5 100644
--- a/drivers/crypto/qat/qat_dh895xcc/adf_drv.c
+++ b/drivers/crypto/qat/qat_dh895xcc/adf_drv.c
@@ -332,5 +332,6 @@ module_exit(adfdrv_release);
MODULE_LICENSE("Dual BSD/GPL");
MODULE_AUTHOR("Intel");
MODULE_FIRMWARE(ADF_DH895XCC_FW);
+MODULE_FIRMWARE(ADF_DH895XCC_MMP);
MODULE_DESCRIPTION("Intel(R) QuickAssist Technology");
MODULE_VERSION(ADF_DRV_VERSION);
diff --git a/drivers/crypto/vmx/aes.c b/drivers/crypto/vmx/aes.c
index 96072b9b55c4..d7316f7a3a69 100644
--- a/drivers/crypto/vmx/aes.c
+++ b/drivers/crypto/vmx/aes.c
@@ -48,8 +48,6 @@ static int p8_aes_init(struct crypto_tfm *tfm)
alg, PTR_ERR(fallback));
return PTR_ERR(fallback);
}
- printk(KERN_INFO "Using '%s' as fallback implementation.\n",
- crypto_tfm_alg_driver_name((struct crypto_tfm *) fallback));
crypto_cipher_set_flags(fallback,
crypto_cipher_get_flags((struct
diff --git a/drivers/crypto/vmx/aes_cbc.c b/drivers/crypto/vmx/aes_cbc.c
index 7394d35d5936..5285ece4f33a 100644
--- a/drivers/crypto/vmx/aes_cbc.c
+++ b/drivers/crypto/vmx/aes_cbc.c
@@ -52,9 +52,6 @@ static int p8_aes_cbc_init(struct crypto_tfm *tfm)
alg, PTR_ERR(fallback));
return PTR_ERR(fallback);
}
- printk(KERN_INFO "Using '%s' as fallback implementation.\n",
- crypto_skcipher_driver_name(fallback));
-
crypto_skcipher_set_flags(
fallback,
diff --git a/drivers/crypto/vmx/aes_ctr.c b/drivers/crypto/vmx/aes_ctr.c
index fc60d00a2e84..cd777c75291d 100644
--- a/drivers/crypto/vmx/aes_ctr.c
+++ b/drivers/crypto/vmx/aes_ctr.c
@@ -50,8 +50,6 @@ static int p8_aes_ctr_init(struct crypto_tfm *tfm)
alg, PTR_ERR(fallback));
return PTR_ERR(fallback);
}
- printk(KERN_INFO "Using '%s' as fallback implementation.\n",
- crypto_skcipher_driver_name(fallback));
crypto_skcipher_set_flags(
fallback,
diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c
index 8cd6e62e4c90..8bd9aff0f55f 100644
--- a/drivers/crypto/vmx/aes_xts.c
+++ b/drivers/crypto/vmx/aes_xts.c
@@ -53,8 +53,6 @@ static int p8_aes_xts_init(struct crypto_tfm *tfm)
alg, PTR_ERR(fallback));
return PTR_ERR(fallback);
}
- printk(KERN_INFO "Using '%s' as fallback implementation.\n",
- crypto_skcipher_driver_name(fallback));
crypto_skcipher_set_flags(
fallback,
diff --git a/drivers/crypto/vmx/aesp8-ppc.pl b/drivers/crypto/vmx/aesp8-ppc.pl
index 0b4a293b8a1e..d6a9f63d65ba 100644
--- a/drivers/crypto/vmx/aesp8-ppc.pl
+++ b/drivers/crypto/vmx/aesp8-ppc.pl
@@ -1,12 +1,51 @@
#! /usr/bin/env perl
-# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+# SPDX-License-Identifier: GPL-2.0
+
+# This code is taken from CRYPTOGAMs[1] and is included here using the option
+# in the license to distribute the code under the GPL. Therefore this program
+# is free software; you can redistribute it and/or modify it under the terms of
+# the GNU General Public License version 2 as published by the Free Software
+# Foundation.
#
-# Licensed under the OpenSSL license (the "License"). You may not use
-# this file except in compliance with the License. You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
+# [1] https://www.openssl.org/~appro/cryptogams/
+# Copyright (c) 2006-2017, CRYPTOGAMS by <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# * Redistributions of source code must retain copyright notices,
+# this list of conditions and the following disclaimer.
+#
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials
+# provided with the distribution.
#
+# * Neither the name of the CRYPTOGAMS nor the names of its
+# copyright holder and contributors may be used to endorse or
+# promote products derived from this software without specific
+# prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and
diff --git a/drivers/crypto/vmx/ghash.c b/drivers/crypto/vmx/ghash.c
index 27a94a119009..1c4b5b889fba 100644
--- a/drivers/crypto/vmx/ghash.c
+++ b/drivers/crypto/vmx/ghash.c
@@ -64,8 +64,6 @@ static int p8_ghash_init_tfm(struct crypto_tfm *tfm)
alg, PTR_ERR(fallback));
return PTR_ERR(fallback);
}
- printk(KERN_INFO "Using '%s' as fallback implementation.\n",
- crypto_tfm_alg_driver_name(crypto_shash_tfm(fallback)));
crypto_shash_set_flags(fallback,
crypto_shash_get_flags((struct crypto_shash
diff --git a/drivers/crypto/vmx/ghashp8-ppc.pl b/drivers/crypto/vmx/ghashp8-ppc.pl
index d8429cb71f02..f746af271460 100644
--- a/drivers/crypto/vmx/ghashp8-ppc.pl
+++ b/drivers/crypto/vmx/ghashp8-ppc.pl
@@ -1,5 +1,14 @@
#!/usr/bin/env perl
+# SPDX-License-Identifier: GPL-2.0
+
+# This code is taken from the OpenSSL project but the author (Andy Polyakov)
+# has relicensed it under the GPLv2. Therefore this program is free software;
+# you can redistribute it and/or modify it under the terms of the GNU General
+# Public License version 2 as published by the Free Software Foundation.
#
+# The original headers, including the original license headers, are
+# included below for completeness.
+
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index 1aba888241dd..bd5e8ccf1687 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -17,6 +17,14 @@
#include <linux/kernel.h>
#include <linux/skbuff.h>
+/*
+ * Maximum values for blocksize and alignmask, used to allocate
+ * static buffers that are big enough for any combination of
+ * ciphers and architectures.
+ */
+#define MAX_CIPHER_BLOCKSIZE 16
+#define MAX_CIPHER_ALIGNMASK 15
+
struct crypto_aead;
struct crypto_instance;
struct module;
diff --git a/include/crypto/morus1280_glue.h b/include/crypto/morus1280_glue.h
new file mode 100644
index 000000000000..b26dd70efd9a
--- /dev/null
+++ b/include/crypto/morus1280_glue.h
@@ -0,0 +1,137 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * The MORUS-1280 Authenticated-Encryption Algorithm
+ * Common glue skeleton -- header file
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#ifndef _CRYPTO_MORUS1280_GLUE_H
+#define _CRYPTO_MORUS1280_GLUE_H
+
+#include <linux/module.h>
+#include <linux/types.h>
+#include <crypto/algapi.h>
+#include <crypto/aead.h>
+#include <crypto/morus_common.h>
+
+#define MORUS1280_WORD_SIZE 8
+#define MORUS1280_BLOCK_SIZE (MORUS_BLOCK_WORDS * MORUS1280_WORD_SIZE)
+
+struct morus1280_block {
+ u8 bytes[MORUS1280_BLOCK_SIZE];
+};
+
+struct morus1280_glue_ops {
+ void (*init)(void *state, const void *key, const void *iv);
+ void (*ad)(void *state, const void *data, unsigned int length);
+ void (*enc)(void *state, const void *src, void *dst, unsigned int length);
+ void (*dec)(void *state, const void *src, void *dst, unsigned int length);
+ void (*enc_tail)(void *state, const void *src, void *dst, unsigned int length);
+ void (*dec_tail)(void *state, const void *src, void *dst, unsigned int length);
+ void (*final)(void *state, void *tag_xor, u64 assoclen, u64 cryptlen);
+};
+
+struct morus1280_ctx {
+ const struct morus1280_glue_ops *ops;
+ struct morus1280_block key;
+};
+
+void crypto_morus1280_glue_init_ops(struct crypto_aead *aead,
+ const struct morus1280_glue_ops *ops);
+int crypto_morus1280_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen);
+int crypto_morus1280_glue_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize);
+int crypto_morus1280_glue_encrypt(struct aead_request *req);
+int crypto_morus1280_glue_decrypt(struct aead_request *req);
+
+int cryptd_morus1280_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen);
+int cryptd_morus1280_glue_setauthsize(struct crypto_aead *aead,
+ unsigned int authsize);
+int cryptd_morus1280_glue_encrypt(struct aead_request *req);
+int cryptd_morus1280_glue_decrypt(struct aead_request *req);
+int cryptd_morus1280_glue_init_tfm(struct crypto_aead *aead);
+void cryptd_morus1280_glue_exit_tfm(struct crypto_aead *aead);
+
+#define MORUS1280_DECLARE_ALGS(id, driver_name, priority) \
+ static const struct morus1280_glue_ops crypto_morus1280_##id##_ops = {\
+ .init = crypto_morus1280_##id##_init, \
+ .ad = crypto_morus1280_##id##_ad, \
+ .enc = crypto_morus1280_##id##_enc, \
+ .enc_tail = crypto_morus1280_##id##_enc_tail, \
+ .dec = crypto_morus1280_##id##_dec, \
+ .dec_tail = crypto_morus1280_##id##_dec_tail, \
+ .final = crypto_morus1280_##id##_final, \
+ }; \
+ \
+ static int crypto_morus1280_##id##_init_tfm(struct crypto_aead *tfm) \
+ { \
+ crypto_morus1280_glue_init_ops(tfm, &crypto_morus1280_##id##_ops); \
+ return 0; \
+ } \
+ \
+ static void crypto_morus1280_##id##_exit_tfm(struct crypto_aead *tfm) \
+ { \
+ } \
+ \
+ struct aead_alg crypto_morus1280_##id##_algs[] = {\
+ { \
+ .setkey = crypto_morus1280_glue_setkey, \
+ .setauthsize = crypto_morus1280_glue_setauthsize, \
+ .encrypt = crypto_morus1280_glue_encrypt, \
+ .decrypt = crypto_morus1280_glue_decrypt, \
+ .init = crypto_morus1280_##id##_init_tfm, \
+ .exit = crypto_morus1280_##id##_exit_tfm, \
+ \
+ .ivsize = MORUS_NONCE_SIZE, \
+ .maxauthsize = MORUS_MAX_AUTH_SIZE, \
+ .chunksize = MORUS1280_BLOCK_SIZE, \
+ \
+ .base = { \
+ .cra_flags = CRYPTO_ALG_INTERNAL, \
+ .cra_blocksize = 1, \
+ .cra_ctxsize = sizeof(struct morus1280_ctx), \
+ .cra_alignmask = 0, \
+ \
+ .cra_name = "__morus1280", \
+ .cra_driver_name = "__"driver_name, \
+ \
+ .cra_module = THIS_MODULE, \
+ } \
+ }, { \
+ .setkey = cryptd_morus1280_glue_setkey, \
+ .setauthsize = cryptd_morus1280_glue_setauthsize, \
+ .encrypt = cryptd_morus1280_glue_encrypt, \
+ .decrypt = cryptd_morus1280_glue_decrypt, \
+ .init = cryptd_morus1280_glue_init_tfm, \
+ .exit = cryptd_morus1280_glue_exit_tfm, \
+ \
+ .ivsize = MORUS_NONCE_SIZE, \
+ .maxauthsize = MORUS_MAX_AUTH_SIZE, \
+ .chunksize = MORUS1280_BLOCK_SIZE, \
+ \
+ .base = { \
+ .cra_flags = CRYPTO_ALG_ASYNC, \
+ .cra_blocksize = 1, \
+ .cra_ctxsize = sizeof(struct crypto_aead *), \
+ .cra_alignmask = 0, \
+ \
+ .cra_priority = priority, \
+ \
+ .cra_name = "morus1280", \
+ .cra_driver_name = driver_name, \
+ \
+ .cra_module = THIS_MODULE, \
+ } \
+ } \
+ }
+
+#endif /* _CRYPTO_MORUS1280_GLUE_H */
diff --git a/include/crypto/morus640_glue.h b/include/crypto/morus640_glue.h
new file mode 100644
index 000000000000..90c8db07e740
--- /dev/null
+++ b/include/crypto/morus640_glue.h
@@ -0,0 +1,137 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * The MORUS-640 Authenticated-Encryption Algorithm
+ * Common glue skeleton -- header file
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#ifndef _CRYPTO_MORUS640_GLUE_H
+#define _CRYPTO_MORUS640_GLUE_H
+
+#include <linux/module.h>
+#include <linux/types.h>
+#include <crypto/algapi.h>
+#include <crypto/aead.h>
+#include <crypto/morus_common.h>
+
+#define MORUS640_WORD_SIZE 4
+#define MORUS640_BLOCK_SIZE (MORUS_BLOCK_WORDS * MORUS640_WORD_SIZE)
+
+struct morus640_block {
+ u8 bytes[MORUS640_BLOCK_SIZE];
+};
+
+struct morus640_glue_ops {
+ void (*init)(void *state, const void *key, const void *iv);
+ void (*ad)(void *state, const void *data, unsigned int length);
+ void (*enc)(void *state, const void *src, void *dst, unsigned int length);
+ void (*dec)(void *state, const void *src, void *dst, unsigned int length);
+ void (*enc_tail)(void *state, const void *src, void *dst, unsigned int length);
+ void (*dec_tail)(void *state, const void *src, void *dst, unsigned int length);
+ void (*final)(void *state, void *tag_xor, u64 assoclen, u64 cryptlen);
+};
+
+struct morus640_ctx {
+ const struct morus640_glue_ops *ops;
+ struct morus640_block key;
+};
+
+void crypto_morus640_glue_init_ops(struct crypto_aead *aead,
+ const struct morus640_glue_ops *ops);
+int crypto_morus640_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen);
+int crypto_morus640_glue_setauthsize(struct crypto_aead *tfm,
+ unsigned int authsize);
+int crypto_morus640_glue_encrypt(struct aead_request *req);
+int crypto_morus640_glue_decrypt(struct aead_request *req);
+
+int cryptd_morus640_glue_setkey(struct crypto_aead *aead, const u8 *key,
+ unsigned int keylen);
+int cryptd_morus640_glue_setauthsize(struct crypto_aead *aead,
+ unsigned int authsize);
+int cryptd_morus640_glue_encrypt(struct aead_request *req);
+int cryptd_morus640_glue_decrypt(struct aead_request *req);
+int cryptd_morus640_glue_init_tfm(struct crypto_aead *aead);
+void cryptd_morus640_glue_exit_tfm(struct crypto_aead *aead);
+
+#define MORUS640_DECLARE_ALGS(id, driver_name, priority) \
+ static const struct morus640_glue_ops crypto_morus640_##id##_ops = {\
+ .init = crypto_morus640_##id##_init, \
+ .ad = crypto_morus640_##id##_ad, \
+ .enc = crypto_morus640_##id##_enc, \
+ .enc_tail = crypto_morus640_##id##_enc_tail, \
+ .dec = crypto_morus640_##id##_dec, \
+ .dec_tail = crypto_morus640_##id##_dec_tail, \
+ .final = crypto_morus640_##id##_final, \
+ }; \
+ \
+ static int crypto_morus640_##id##_init_tfm(struct crypto_aead *tfm) \
+ { \
+ crypto_morus640_glue_init_ops(tfm, &crypto_morus640_##id##_ops); \
+ return 0; \
+ } \
+ \
+ static void crypto_morus640_##id##_exit_tfm(struct crypto_aead *tfm) \
+ { \
+ } \
+ \
+ struct aead_alg crypto_morus640_##id##_algs[] = {\
+ { \
+ .setkey = crypto_morus640_glue_setkey, \
+ .setauthsize = crypto_morus640_glue_setauthsize, \
+ .encrypt = crypto_morus640_glue_encrypt, \
+ .decrypt = crypto_morus640_glue_decrypt, \
+ .init = crypto_morus640_##id##_init_tfm, \
+ .exit = crypto_morus640_##id##_exit_tfm, \
+ \
+ .ivsize = MORUS_NONCE_SIZE, \
+ .maxauthsize = MORUS_MAX_AUTH_SIZE, \
+ .chunksize = MORUS640_BLOCK_SIZE, \
+ \
+ .base = { \
+ .cra_flags = CRYPTO_ALG_INTERNAL, \
+ .cra_blocksize = 1, \
+ .cra_ctxsize = sizeof(struct morus640_ctx), \
+ .cra_alignmask = 0, \
+ \
+ .cra_name = "__morus640", \
+ .cra_driver_name = "__"driver_name, \
+ \
+ .cra_module = THIS_MODULE, \
+ } \
+ }, { \
+ .setkey = cryptd_morus640_glue_setkey, \
+ .setauthsize = cryptd_morus640_glue_setauthsize, \
+ .encrypt = cryptd_morus640_glue_encrypt, \
+ .decrypt = cryptd_morus640_glue_decrypt, \
+ .init = cryptd_morus640_glue_init_tfm, \
+ .exit = cryptd_morus640_glue_exit_tfm, \
+ \
+ .ivsize = MORUS_NONCE_SIZE, \
+ .maxauthsize = MORUS_MAX_AUTH_SIZE, \
+ .chunksize = MORUS640_BLOCK_SIZE, \
+ \
+ .base = { \
+ .cra_flags = CRYPTO_ALG_ASYNC, \
+ .cra_blocksize = 1, \
+ .cra_ctxsize = sizeof(struct crypto_aead *), \
+ .cra_alignmask = 0, \
+ \
+ .cra_priority = priority, \
+ \
+ .cra_name = "morus640", \
+ .cra_driver_name = driver_name, \
+ \
+ .cra_module = THIS_MODULE, \
+ } \
+ } \
+ }
+
+#endif /* _CRYPTO_MORUS640_GLUE_H */
diff --git a/include/crypto/morus_common.h b/include/crypto/morus_common.h
new file mode 100644
index 000000000000..39f28c749951
--- /dev/null
+++ b/include/crypto/morus_common.h
@@ -0,0 +1,23 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * The MORUS Authenticated-Encryption Algorithm
+ * Common definitions
+ *
+ * Copyright (c) 2016-2018 Ondrej Mosnacek <omosnacek@gmail.com>
+ * Copyright (C) 2017-2018 Red Hat, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#ifndef _CRYPTO_MORUS_COMMON_H
+#define _CRYPTO_MORUS_COMMON_H
+
+#define MORUS_BLOCK_WORDS 4
+#define MORUS_STATE_BLOCKS 5
+#define MORUS_NONCE_SIZE 16
+#define MORUS_MAX_AUTH_SIZE 16
+
+#endif /* _CRYPTO_MORUS_COMMON_H */
diff --git a/include/crypto/salsa20.h b/include/crypto/salsa20.h
deleted file mode 100644
index 19ed48aefc86..000000000000
--- a/include/crypto/salsa20.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0 */
-/*
- * Common values for the Salsa20 algorithm
- */
-
-#ifndef _CRYPTO_SALSA20_H
-#define _CRYPTO_SALSA20_H
-
-#include <linux/types.h>
-
-#define SALSA20_IV_SIZE 8
-#define SALSA20_MIN_KEY_SIZE 16
-#define SALSA20_MAX_KEY_SIZE 32
-#define SALSA20_BLOCK_SIZE 64
-
-struct crypto_skcipher;
-
-struct salsa20_ctx {
- u32 initial_state[16];
-};
-
-void crypto_salsa20_init(u32 *state, const struct salsa20_ctx *ctx,
- const u8 *iv);
-int crypto_salsa20_setkey(struct crypto_skcipher *tfm, const u8 *key,
- unsigned int keysize);
-
-#endif /* _CRYPTO_SALSA20_H */
diff --git a/include/crypto/sm4.h b/include/crypto/sm4.h
index b64e64d20b28..7afd730d16ff 100644
--- a/include/crypto/sm4.h
+++ b/include/crypto/sm4.h
@@ -25,4 +25,7 @@ int crypto_sm4_set_key(struct crypto_tfm *tfm, const u8 *in_key,
int crypto_sm4_expand_key(struct crypto_sm4_ctx *ctx, const u8 *in_key,
unsigned int key_len);
+void crypto_sm4_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in);
+void crypto_sm4_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in);
+
#endif
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 93addfa34061..827c601841c4 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -54,6 +54,8 @@ enum sev_cmd {
SEV_CMD_PDH_CERT_EXPORT = 0x008,
SEV_CMD_PDH_GEN = 0x009,
SEV_CMD_DF_FLUSH = 0x00A,
+ SEV_CMD_DOWNLOAD_FIRMWARE = 0x00B,
+ SEV_CMD_GET_ID = 0x00C,
/* Guest commands */
SEV_CMD_DECOMMISSION = 0x020,
@@ -130,6 +132,27 @@ struct sev_data_pek_cert_import {
} __packed;
/**
+ * struct sev_data_download_firmware - DOWNLOAD_FIRMWARE command parameters
+ *
+ * @address: physical address of firmware image
+ * @len: len of the firmware image
+ */
+struct sev_data_download_firmware {
+ u64 address; /* In */
+ u32 len; /* In */
+} __packed;
+
+/**
+ * struct sev_data_get_id - GET_ID command parameters
+ *
+ * @address: physical address of region to place unique CPU ID(s)
+ * @len: len of the region
+ */
+struct sev_data_get_id {
+ u64 address; /* In */
+ u32 len; /* In/Out */
+} __packed;
+/**
* struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters
*
* @pdh_address: PDH certificate address
diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h
index 9008f31c7eb6..ac8c60bcc83b 100644
--- a/include/uapi/linux/psp-sev.h
+++ b/include/uapi/linux/psp-sev.h
@@ -30,6 +30,7 @@ enum {
SEV_PDH_GEN,
SEV_PDH_CERT_EXPORT,
SEV_PEK_CERT_IMPORT,
+ SEV_GET_ID,
SEV_MAX,
};
@@ -124,6 +125,17 @@ struct sev_user_data_pdh_cert_export {
} __packed;
/**
+ * struct sev_user_data_get_id - GET_ID command parameters
+ *
+ * @socket1: Buffer to pass unique ID of first socket
+ * @socket2: Buffer to pass unique ID of second socket
+ */
+struct sev_user_data_get_id {
+ __u8 socket1[64]; /* Out */
+ __u8 socket2[64]; /* Out */
+} __packed;
+
+/**
* struct sev_issue_cmd - SEV ioctl parameters
*
* @cmd: SEV commands to execute