From 50df573383d76f5587ba5434c016fec9346d577a Mon Sep 17 00:00:00 2001 From: Mark Wooding Date: Fri, 2 Nov 2018 00:00:02 +0000 Subject: [PATCH] symm/gcm.h, symm/gcm-def.h: Implement the GCM authenticated encryption mode. --- symm/Makefile.am | 3 +- symm/gcm-def.h | 959 ++++++++++++++++++++++++++++++++++++++++++++++++++ symm/gcm.c | 456 ++++++++++++++++++++++++ symm/gcm.h | 308 ++++++++++++++++ symm/t/blowfish | 171 +++++++++ symm/t/cast128 | 171 +++++++++ symm/t/cast256.local | 147 ++++++++ symm/t/des | 87 +++++ symm/t/des3 | 171 +++++++++ symm/t/desx | 171 +++++++++ symm/t/idea | 45 +++ symm/t/mars.local | 171 +++++++++ symm/t/noekeon | 45 +++ symm/t/rc2 | 171 +++++++++ symm/t/rc5 | 171 +++++++++ symm/t/rijndael.local | 462 ++++++++++++++++++++++++ symm/t/rijndael192 | 171 +++++++++ symm/t/rijndael256 | 171 +++++++++ symm/t/safer | 87 +++++ symm/t/safersk | 87 +++++ symm/t/serpent.local | 171 +++++++++ symm/t/skipjack | 45 +++ symm/t/square | 129 +++++++ symm/t/tea | 171 +++++++++ symm/t/twofish.local | 171 +++++++++ symm/t/xtea | 171 +++++++++ utils/advmodes | 103 +++++- 27 files changed, 5183 insertions(+), 3 deletions(-) create mode 100644 symm/gcm-def.h create mode 100644 symm/gcm.c create mode 100644 symm/gcm.h diff --git a/symm/Makefile.am b/symm/Makefile.am index 75ac7903..71457bd3 100644 --- a/symm/Makefile.am +++ b/symm/Makefile.am @@ -320,7 +320,8 @@ BLKCCIPHERMODES += counter BLKCMACMODES += cmac ## Various AEAD modes. -BLKCAEADMODES += eax +BLKCAEADMODES += eax gcm +libsymm_la_SOURCES += gcm.c ###-------------------------------------------------------------------------- ### Hash functions. diff --git a/symm/gcm-def.h b/symm/gcm-def.h new file mode 100644 index 00000000..f8688c4e --- /dev/null +++ b/symm/gcm-def.h @@ -0,0 +1,959 @@ +/* -*-c-*- + * + * The GCM authenticated encryption mode + * + * (c) 2018 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software: you can redistribute it and/or modify it + * under the terms of the GNU Library General Public License as published + * by the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb. If not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +#ifndef CATACOMB_GCM_DEF_H +#define CATACOMB_GCM_DEF_H + +#ifdef __cplusplus + extern "C" { +#endif + +/*----- Header files ------------------------------------------------------*/ + +#include + +#include +#include + +#ifndef CATACOMB_ARENA_H +# include "arena.h" +#endif + +#ifndef CATACOMB_BLKC_H +# include "blkc.h" +#endif + +#ifndef CATACOMB_CT_H +# include "ct.h" +#endif + +#ifndef CATACOMB_KEYSZ_H +# include "keysz.h" +#endif + +#ifndef CATACOMB_PARANOIA_H +# include "paranoia.h" +#endif + +#ifndef CATACOMB_RSVR_H +# include "rsvr.h" +#endif + +/*----- Type definitions --------------------------------------------------*/ + +typedef struct gcm_params { + unsigned f; /* flags */ +#define GCMF_SWAP 1u /* swap byte order? */ + unsigned n; /* number of words in block */ + uint32 poly; /* selected polynomial mask */ +} gcm_params; + +/*----- Utilities ---------------------------------------------------------*/ + +/* Supported block sizes. */ +#define GCM_WIDTHS(_) _(64) _(96) _(128) _(192) _(256) +#define GCM_NMAX 8 + +/* Polynomial tails for the supported block sizes. */ +#define GCM_POLY_64 0xd8000000 +#define GCM_POLY_96 0x82600000 +#define GCM_POLY_128 0xe1000000 +#define GCM_POLY_192 0xe1000000 +#define GCM_POLY_256 0xa4200000 + +/* Determine whether to set the @GCMF_SWAP@ flag. */ +#define GCM_SWAP_L GCMF_SWAP +#define GCM_SWAP_B 0 + +/* --- @gcm_mktable@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *ktab@ = where to write the table; there must be + * space for %$32 n$% $%n$%-word entries, i.e., + * %$32 n^2$% 32-bit words in total, where %$n$% is + * @p->n@, the block size in words + * @const uint32 *k@ = input field element + * + * Returns: --- + * + * Use: Construct a table for use by @gcm_mulk_...@ below, to + * multiply (vaguely) efficiently by @k@. + */ + +extern void gcm_mktable(const gcm_params */*p*/, + uint32 */*ktab*/, const uint32 */*k*/); + +/* --- @gcm_mulk_N@ --- * + * + * Arguments: @uint32 *a@ = accumulator to multiply + * @const uint32 *ktab@ = table constructed by @gcm_mktable@ + * + * Returns: --- + * + * Use: Multiply @a@ by @k@ (implicitly represented in @ktab@), + * updating @a@ in-place. There are separate functions for each + * supported block size because this is the function whose + * performance actually matters. + */ + +#define GCM_DECL_MULK(nbits) \ + extern void gcm_mulk_##nbits(uint32 */*a*/, const uint32 */*ktab*/); +GCM_WIDTHS(GCM_DECL_MULK) +#undef GCM_DECL_MULK + +/* Dispatch to the appropriate variant of @gcm_mulk@. */ +#define GCM_MULK(PRE, a, ktab) BLKC_GLUE(gcm_mulk_, BLKC_BITS(PRE))(a, ktab) + +/* --- @gcm_ghashdone@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *a@ = GHASH accumulator + * @const uint32 *ktab@ = multiplication table, built by + * @gcm_mktable@ + * @unsigned long xblocks, yblocks@ = number of whole blocks in + * the two inputs + * @unsigned xbytes, ybytes@ = number of trailing bytes in the + * two inputs + * + * Returns: --- + * + * Use: Finishes a GHASH operation by appending the appropriately + * encoded lengths of the two constituent messages. + */ + +extern void gcm_ghashdone(const gcm_params */*p*/, + uint32 */*a*/, const uint32 */*ktab*/, + unsigned long /*xblocks*/, unsigned /*xbytes*/, + unsigned long /*yblocks*/, unsigned /*ybytes*/); + +/* --- @gcm_concat@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *z@ = GHASH accumulator for suffix, updated + * @const uint32 *x@ = GHASH accumulator for prefix + * @const uint32 *ktab@ = multiplication table, built by + * @gcm_mktable@ + * @unsigned long n@ = length of suffix in whole blocks + * + * Returns: --- + * + * Use: On entry, @x@ and @z@ are the results of hashing two strings + * %$a$% and %$b$%, each a whole number of blocks long; in + * particular, %$b$% is @n@ blocks long. On exit, @z@ is + * updated to be the hash of %$a \cat b$%. + */ + +extern void gcm_concat(const gcm_params */*p*/, + uint32 */*z*/, const uint32 */*x*/, + const uint32 */*ktab*/, unsigned long /*n*/); + +/* Step the counter using GCM's strange only-the-last-32-bits convention. */ +#define GCM_STEP(PRE, w) BLKC_GLUE(GCM_STEP_, BLKC_ENDIAN(PRE))(PRE, w) +#define GCM_STEP_B(PRE, w) GCM_STEP_X(PRE, BLKC_ID, w) +#define GCM_STEP_L(PRE, w) GCM_STEP_X(PRE, ENDSWAP32, w) +#define GCM_STEP_X(PRE, op, w) do { \ + BLKC_W(w); \ + _w[PRE##_BLKSZ/4 - 1] = op(op(_w[PRE##_BLKSZ/4 - 1]) + 1); \ +} while (0) + +/*----- Macros ------------------------------------------------------------*/ + +/* --- @GCM_DEF@ --- * + * + * Arguments: @PRE@, @pre@ = prefixes for the underlying block cipher + * + * Use: Creates an implementation for the GCM authenticated- + * encryption mode. + */ + +#define GCM_DEF(PRE, pre) GCM_DEFX(PRE, pre, #pre, #pre) + +#define GCM_DEFX(PRE, pre, name, fname) \ + \ +static const gcm_params pre##_gcmparams = { \ + BLKC_GLUE(GCM_SWAP_, BLKC_ENDIAN(PRE)), \ + PRE##_BLKSZ/4, \ + BLKC_GLUE(GCM_POLY_, BLKC_BITS(PRE)) \ +}; \ + \ +const octet \ + pre##_gcmnoncesz[] = { KSZ_ANY, PRE##_BLKSZ - 4 }, \ + pre##_gcmtagsz[] = { KSZ_RANGE, PRE##_BLKSZ, 0, PRE##_BLKSZ, 1 }; \ + \ +static const rsvr_policy pre##_gcmpolicy = { 0, PRE##_BLKSZ, PRE##_BLKSZ }; \ + \ +/* --- @pre_gcmsetkey@ --- * \ + * \ + * Arguments: @pre_gcmkey *key@ = pointer to key block to fill in \ + * @const void *k@ = pointer to key material \ + * @size_t ksz@ = size of key material \ + * \ + * Returns: --- \ + * \ + * Use: Initializes an GCM key block. \ + */ \ + \ +void pre##_gcmsetkey(pre##_gcmkey *key, const void *k, size_t ksz) \ +{ \ + uint32 t[PRE##_BLKSZ/4]; \ + \ + /* Initialize the block cipher. */ \ + pre##_init(&key->ctx, k, ksz); \ + \ + /* Set up the GHASH multiplication table. */ \ + BLKC_ZERO(PRE, t); pre##_eblk(&key->ctx, t, t); \ + gcm_mktable(&pre##_gcmparams, key->ktab, t); \ +} \ + \ +/* --- @pre_gcmaadinit@ --- * \ + * \ + * Arguments: @pre_gcmaadctx *aad@ = pointer to AAD context \ + * @const pre_gcmkey *key@ = pointer to key block \ + * \ + * Returns: --- \ + * \ + * Use: Initializes an GCM AAD (`additional authenticated \ + * data') context associated with a given key. AAD \ + * contexts can be copied and/or reused, saving time if \ + * the AAD for a number of messages has a common prefix. \ + * \ + * The @key@ doesn't need to be kept around, though \ + * usually there'll at least be another copy in some GCM \ + * operation context because the AAD on its own isn't much \ + * good. \ + */ \ + \ +void pre##_gcmaadinit(pre##_gcmaadctx *aad, const pre##_gcmkey *key) \ + { aad->k = *key; aad->off = 0; aad->len = 0; BLKC_ZERO(PRE, aad->a); } \ + \ +/* --- @pre_gcmaadhash@ --- * \ + * \ + * Arguments: @pre_gcmaadctx *aad@ = pointer to AAD context \ + * @const void *p@ = pointer to AAD material \ + * @size_t sz@ = length of AAD material \ + * \ + * Returns: --- \ + * \ + * Use: Feeds AAD into the context. \ + */ \ + \ +void pre##_gcmaadhash(pre##_gcmaadctx *aad, const void *p, size_t sz) \ +{ \ + rsvr_state st; \ + const octet *q; \ + \ + rsvr_setup(&st, &pre##_gcmpolicy, aad->b, &aad->off, p, sz); \ + RSVR_DO(&st) while ((q = RSVR_NEXT(&st, PRE##_BLKSZ)) != 0) { \ + BLKC_XLOAD(PRE, aad->a, q); GCM_MULK(PRE, aad->a, aad->k.ktab); \ + aad->len++; \ + } \ +} \ + \ +/* --- @pre_gcminit@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM context \ + * @const pre_gcmkey *key@ = pointer to key block \ + * @const void *n@ = pointer to nonce \ + * @size_t nsz@ = size of nonce \ + * \ + * Returns: --- \ + * \ + * Use: Initialize an GCM operation context with a given key. \ + * \ + * The original key needn't be kept around any more. \ + */ \ + \ +void pre##_gcminit(pre##_gcmctx *ctx, const pre##_gcmkey *k, \ + const void *n, size_t nsz) \ + { ctx->k = *k; pre##_gcmreinit(ctx, n, nsz); } \ + \ +/* --- @pre_gcmreinit@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM context \ + * @const void *n@ = pointer to nonce \ + * @size_t nsz@ = size of nonce \ + * \ + * Returns: --- \ + * \ + * Use: Reinitialize an GCM operation context, changing the \ + * nonce. \ + */ \ + \ +void pre##_gcmreinit(pre##_gcmctx *ctx, const void *n, size_t nsz) \ +{ \ + octet b[PRE##_BLKSZ]; \ + const octet *q = n; \ + size_t nblocks; \ + unsigned i; \ + \ + /* Zero the counters. */ \ + ctx->off = 0; ctx->len = 0; \ + BLKC_ZERO(PRE, ctx->a); \ + \ + /* Calculate the initial counter from the nonce. */ \ + if (nsz == PRE##_BLKSZ - 4) { \ + /* Easy version: initialize the final word to 1 and copy the \ + * remaining words from the nonce. (The spec shows the nonce and \ + * counter the other way around for 64-bit block ciphers, but I'm \ + * sure this is just a mistake.) \ + */ \ + \ + for (i = 0; i < PRE##_BLKSZ/4 - 1; i++) \ + { ctx->c0[i] = BLKC_LOAD_E(PRE)(q); q += 4; } \ + ctx->c0[PRE##_BLKSZ/4 - 1] = BLKC_BWORD(PRE, 1); \ + } else { \ + /* Harder version: hash the nonce down with GHASH. */ \ + \ + BLKC_ZERO(PRE, ctx->c0); nblocks = 0; \ + while (nsz >= PRE##_BLKSZ) { \ + BLKC_XLOAD(PRE, ctx->c0, q); q += PRE##_BLKSZ; \ + GCM_MULK(PRE, ctx->c0, ctx->k.ktab); \ + nsz -= PRE##_BLKSZ; nblocks++; \ + } \ + if (nsz) { \ + memcpy(b, q, nsz); memset(b + nsz, 0, PRE##_BLKSZ - nsz); \ + BLKC_XLOAD(PRE, ctx->c0, b); \ + GCM_MULK(PRE, ctx->c0, ctx->k.ktab); \ + } \ + gcm_ghashdone(&pre##_gcmparams, ctx->c0, ctx->k.ktab, \ + 0, 0, nblocks, nsz); \ + } \ + \ + /* We must remember the initial counter for the final tag \ + * calculation. (I conjecture that storing the final counter instead \ + * would be just as secure, and require less state, but I've not \ + * proven this, and anyway it wouldn't interoperate.) Copy it to \ + * make the working counter. \ + */ \ + BLKC_MOVE(PRE, ctx->c, ctx->c0); \ +} \ + \ +/* --- @pre_gcmencrypt@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM operation context \ + * @const void *src@ = pointer to plaintext message chunk \ + * @size_t sz@ = size of the plaintext \ + * @buf *dst@ = a buffer to write the ciphertext to \ + * \ + * Returns: Zero on success; @-1@ on failure. \ + * \ + * Use: Encrypts a chunk of a plaintext message, writing a \ + * chunk of ciphertext to the output buffer and updating \ + * the operation state. \ + * \ + * For GCM, we always write a ciphertext chunk the same \ + * size as the plaintext. The messing about with @buf@ \ + * objects makes the interface consistent with other AEAD \ + * schemes which can't do this. \ + */ \ + \ +int pre##_gcmencrypt(pre##_gcmctx *ctx, \ + const void *src, size_t sz, buf *dst) \ +{ \ + rsvr_plan plan; \ + uint32 t[PRE##_BLKSZ/4]; \ + const octet *p = src; \ + octet *q, *r, y; \ + \ + /* Allocate space for the ciphertext. */ \ + if (sz) { q = buf_get(dst, sz); if (!q) return (-1); } \ + else q = 0; \ + \ + /* Determine the buffering plan. Our buffer is going to do double- \ + * duty here. The end portion is going to contain mask from the \ + * encrypted counter which we mix into the plaintext to encrypt it; \ + * the start portion, which originally mask bytes we've already used, \ + * will hold the output ciphertext, which will eventually be \ + * collected into the GHASH state. \ + */ \ + rsvr_mkplan(&plan, &pre##_gcmpolicy, ctx->off, sz); \ + \ + /* Initial portion, fulfilled from the buffer. If the buffer is \ + * empty, then that means that we haven't yet encrypted the current \ + * counter, so we should do that and advance it. \ + */ \ + if (plan.head) { \ + if (!ctx->off) { \ + GCM_STEP(PRE, ctx->c); pre##_eblk(&ctx->k.ctx, ctx->c, t); \ + BLKC_STORE(PRE, ctx->b, t); \ + } \ + r = ctx->b + ctx->off; ctx->off += plan.head; \ + while (plan.head--) { y = *p++ ^ *r; *r++ = *q++ = y; } \ + } \ + \ + /* If we've filled up the buffer then we need to cycle the MAC and \ + * reset the offset. \ + */ \ + if (plan.from_rsvr) { \ + BLKC_XLOAD(PRE, ctx->a, ctx->b); GCM_MULK(PRE, ctx->a, ctx->k.ktab); \ + ctx->len++; ctx->off = 0; \ + } \ + \ + /* Now to process the main body of the input. */ \ + while (plan.from_input) { \ + GCM_STEP(PRE, ctx->c); pre##_eblk(&ctx->k.ctx, ctx->c, t); \ + BLKC_XLOAD(PRE, t, p); p += PRE##_BLKSZ; \ + BLKC_STORE(PRE, q, t); q += PRE##_BLKSZ; \ + BLKC_XMOVE(PRE, ctx->a, t); GCM_MULK(PRE, ctx->a, ctx->k.ktab); \ + plan.from_input -= PRE##_BLKSZ; ctx->len++; \ + } \ + \ + /* Finally, deal with any final portion. If there is one, we know \ + * that the buffer is empty: we must have filled it above, or this \ + * would all count as `initial' data. \ + */ \ + if (plan.tail) { \ + GCM_STEP(PRE, ctx->c); pre##_eblk(&ctx->k.ctx, ctx->c, t); \ + BLKC_STORE(PRE, ctx->b, t); \ + r = ctx->b; ctx->off += plan.tail; \ + while (plan.tail--) { y = *p++ ^ *r; *r++ = *q++ = y; } \ + } \ + \ + /* And we're done. */ \ + return (0); \ +} \ + \ +/* --- @pre_gcmdecrypt@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM operation context \ + * @const void *src@ = pointer to ciphertext message chunk \ + * @size_t sz@ = size of the ciphertext \ + * @buf *dst@ = a buffer to write the plaintext to \ + * \ + * Returns: Zero on success; @-1@ on failure. \ + * \ + * Use: Decrypts a chunk of a ciphertext message, writing a \ + * chunk of plaintext to the output buffer and updating \ + * the operation state. \ + * \ + * For GCM, we always write a plaintext chunk the same \ + * size as the ciphertext. The messing about with @buf@ \ + * objects makes the interface consistent with other AEAD \ + * schemes which can't do this. \ + */ \ + \ +int pre##_gcmdecrypt(pre##_gcmctx *ctx, \ + const void *src, size_t sz, buf *dst) \ +{ \ + rsvr_plan plan; \ + uint32 t[PRE##_BLKSZ/4], u[PRE##_BLKSZ]; \ + const octet *p = src; \ + octet *q, *r, y; \ + \ + /* Allocate space for the plaintext. */ \ + if (sz) { q = buf_get(dst, sz); if (!q) return (-1); } \ + else q = 0; \ + \ + /* Determine the buffering plan. Our buffer is going to do double- \ + * duty here. The end portion is going to contain mask from the \ + * encrypted counter which we mix into the plaintext to encrypt it; \ + * the start portion, which originally mask bytes we've already used, \ + * will hold the input ciphertext, which will eventually be \ + * collected into the GHASH state. \ + */ \ + rsvr_mkplan(&plan, &pre##_gcmpolicy, ctx->off, sz); \ + \ + /* Initial portion, fulfilled from the buffer. If the buffer is \ + * empty, then that means that we haven't yet encrypted the current \ + * counter, so we should do that and advance it. \ + */ \ + if (plan.head) { \ + if (!ctx->off) { \ + GCM_STEP(PRE, ctx->c); pre##_eblk(&ctx->k.ctx, ctx->c, t); \ + BLKC_STORE(PRE, ctx->b, t); \ + } \ + r = ctx->b + ctx->off; ctx->off += plan.head; \ + while (plan.head--) { y = *p++; *q++ = y ^ *r; *r++ = y; } \ + } \ + \ + /* If we've filled up the buffer then we need to cycle the MAC and \ + * reset the offset. \ + */ \ + if (plan.from_rsvr) { \ + BLKC_XLOAD(PRE, ctx->a, ctx->b); GCM_MULK(PRE, ctx->a, ctx->k.ktab); \ + ctx->len++; ctx->off = 0; \ + } \ + \ + /* Now to process the main body of the input. */ \ + while (plan.from_input) { \ + GCM_STEP(PRE, ctx->c); pre##_eblk(&ctx->k.ctx, ctx->c, t); \ + BLKC_LOAD(PRE, u, p); p += PRE##_BLKSZ; \ + BLKC_XSTORE(PRE, q, t, u); q += PRE##_BLKSZ; \ + BLKC_XMOVE(PRE, ctx->a, u); GCM_MULK(PRE, ctx->a, ctx->k.ktab); \ + plan.from_input -= PRE##_BLKSZ; ctx->len++; \ + } \ + \ + /* Finally, deal with any final portion. If there is one, we know \ + * that the buffer is empty: we must have filled it above, or this \ + * would all count as `initial' data. \ + */ \ + if (plan.tail) { \ + GCM_STEP(PRE, ctx->c); pre##_eblk(&ctx->k.ctx, ctx->c, t); \ + BLKC_STORE(PRE, ctx->b, t); \ + r = ctx->b; ctx->off += plan.tail; \ + while (plan.tail--) { y = *p++; *q++ = y ^ *r; *r++ = y; } \ + } \ + \ + /* And we're done. */ \ + return (0); \ +} \ + \ +/* --- @pre_gcmtag@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to an GCM context \ + * @const pre_gcmaadctx *aad@ = pointer to AAD context, or \ + * null \ + * @octet *t@ = where to write a (full-length) tag \ + * \ + * Returns: --- \ + * \ + * Use: Finishes an GCM operation, by calculating the tag. \ + */ \ + \ +static void pre##_gcmtag(pre##_gcmctx *ctx, \ + const pre##_gcmaadctx *aad, octet *t) \ +{ \ + octet b[PRE##_BLKSZ]; \ + uint32 u[PRE##_BLKSZ/4]; \ + unsigned long n; \ + \ + /* Finish tagging the ciphertext. */ \ + if (ctx->off) { \ + memcpy(b, ctx->b, ctx->off); \ + memset(b + ctx->off, 0, PRE##_BLKSZ - ctx->off); \ + BLKC_XLOAD(PRE, ctx->a, b); GCM_MULK(PRE, ctx->a, ctx->k.ktab); \ + } \ + \ + /* If there's no AAD, because the pointer is null or no data was \ + * supplied, then apply that to the GHASH state. (Otherwise there's \ + * nothing to do here.) \ + */ \ + if (aad && (aad->len || aad->off)) { \ + BLKC_MOVE(PRE, u, aad->a); \ + if (aad->off) { \ + memcpy(b, aad->b, aad->off); \ + memset(b + aad->off, 0, PRE##_BLKSZ - aad->off); \ + BLKC_XLOAD(PRE, u, b); GCM_MULK(PRE, u, ctx->k.ktab); \ + } \ + n = ctx->len; if (ctx->off) n++; \ + gcm_concat(&pre##_gcmparams, ctx->a, u, ctx->k.ktab, n); \ + } \ + \ + /* Finish off the hash by appending the length. */ \ + gcm_ghashdone(&pre##_gcmparams, ctx->a, ctx->k.ktab, \ + aad ? aad->len : 0, aad ? aad->off : 0, \ + ctx->len, ctx->off); \ + \ + /* Mask the hash and store. */ \ + pre##_eblk(&ctx->k.ctx, ctx->c0, u); \ + BLKC_XSTORE(PRE, t, ctx->a, u); \ +} \ + \ +/* --- @pre_gcmencryptdone@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to an GCM context \ + * @const pre_gcmaadctx *aad@ = pointer to AAD context, or \ + * null \ + * @buf *dst@ = buffer for remaining ciphertext \ + * @void *tag@ = where to write the tag \ + * @size_t tsz@ = length of tag to store \ + * \ + * Returns: Zero on success; @-1@ on failure. \ + * \ + * Use: Completes an GCM encryption operation. The @aad@ \ + * pointer may be null if there is no additional \ + * authenticated data. GCM doesn't buffer ciphertext, but \ + * the output buffer is provided anyway for consistency \ + * with other AEAD schemes which don't have this property; \ + * the function will fail if the output buffer is broken. \ + */ \ + \ +int pre##_gcmencryptdone(pre##_gcmctx *ctx, \ + const pre##_gcmaadctx *aad, buf *dst, \ + void *tag, size_t tsz) \ +{ \ + octet t[PRE##_BLKSZ]; \ + \ + if (tsz > PRE##_BLKSZ) return (-1); \ + if (!BOK(dst)) return (-1); \ + pre##_gcmtag(ctx, aad, t); memcpy(tag, t, tsz); \ + return (0); \ +} \ + \ +/* --- @pre_gcmdecryptdone@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to an GCM context \ + * @const pre_gcmaadctx *aad@ = pointer to AAD context, or \ + * null \ + * @buf *dst@ = buffer for remaining plaintext \ + * @const void *tag@ = tag to verify \ + * @size_t tsz@ = length of tag \ + * \ + * Returns: @+1@ for complete success; @0@ if tag verification \ + * failed; @-1@ for other kinds of errors. \ + * \ + * Use: Completes an GCM decryption operation. The @aad@ \ + * pointer may be null if there is no additional \ + * authenticated data. GCM doesn't buffer plaintext, but \ + * the output buffer is provided anyway for consistency \ + * with other AEAD schemes which don't have this property; \ + * the function will fail if the output buffer is broken. \ + */ \ + \ +int pre##_gcmdecryptdone(pre##_gcmctx *ctx, \ + const pre##_gcmaadctx *aad, buf *dst, \ + const void *tag, size_t tsz) \ +{ \ + octet t[PRE##_BLKSZ]; \ + \ + if (tsz > PRE##_BLKSZ) return (-1); \ + if (!BOK(dst)) return (-1); \ + pre##_gcmtag(ctx, aad, t); \ + if (!ct_memeq(tag, t, tsz)) return (0); \ + else return (+1); \ +} \ + \ +/* --- Generic AEAD interface --- */ \ + \ +typedef struct gactx { \ + gaead_aad a; \ + pre##_gcmaadctx aad; \ +} gactx; \ + \ +static gaead_aad *gadup(const gaead_aad *a) \ + { gactx *aad = S_CREATE(gactx); *aad = *(gactx *)a; return (&aad->a); } \ + \ +static void gahash(gaead_aad *a, const void *h, size_t hsz) \ + { gactx *aad = (gactx *)a; pre##_gcmaadhash(&aad->aad, h, hsz); } \ + \ +static void gadestroy(gaead_aad *a) \ + { gactx *aad = (gactx *)a; BURN(*aad); S_DESTROY(aad); } \ + \ +static const gaead_aadops gaops = \ + { &pre##_gcm, gadup, gahash, gadestroy }; \ + \ +static gaead_aad *gaad(const pre##_gcmkey *k) \ +{ \ + gactx *aad = S_CREATE(gactx); \ + aad->a.ops = &gaops; \ + pre##_gcmaadinit(&aad->aad, k); \ + return (&aad->a); \ +} \ + \ +typedef struct gectx { \ + gaead_enc e; \ + pre##_gcmctx ctx; \ +} gectx; \ + \ +static gaead_aad *geaad(gaead_enc *e) \ + { gectx *enc = (gectx *)e; return (gaad(&enc->ctx.k)); } \ + \ +static int gereinit(gaead_enc *e, const void *n, size_t nsz, \ + size_t hsz, size_t msz, size_t tsz) \ +{ \ + gectx *enc = (gectx *)e; \ + \ + if (tsz > PRE##_BLKSZ) return (-1); \ + pre##_gcmreinit(&enc->ctx, n, nsz); \ + return (0); \ +} \ + \ +static int geenc(gaead_enc *e, const void *m, size_t msz, buf *b) \ +{ \ + gectx *enc = (gectx *)e; \ + return (pre##_gcmencrypt(&enc->ctx, m, msz, b)); \ +} \ + \ +static int gedone(gaead_enc *e, const gaead_aad *a, \ + buf *b, void *t, size_t tsz) \ +{ \ + gectx *enc = (gectx *)e; gactx *aad = (gactx *)a; \ + assert(!a || a->ops == &gaops); \ + return (pre##_gcmencryptdone(&enc->ctx, a ? &aad->aad : 0, b, t, tsz)); \ +} \ + \ +static void gedestroy(gaead_enc *e) \ + { gectx *enc = (gectx *)e; BURN(*enc); S_DESTROY(enc); } \ + \ +static const gaead_encops geops = \ + { &pre##_gcm, geaad, gereinit, geenc, gedone, gedestroy }; \ + \ +typedef struct gdctx { \ + gaead_dec d; \ + pre##_gcmctx ctx; \ +} gdctx; \ + \ +static gaead_aad *gdaad(gaead_dec *d) \ + { gdctx *dec = (gdctx *)d; return (gaad(&dec->ctx.k)); } \ + \ +static int gdreinit(gaead_dec *d, const void *n, size_t nsz, \ + size_t hsz, size_t csz, size_t tsz) \ +{ \ + gdctx *dec = (gdctx *)d; \ + \ + if (tsz > PRE##_BLKSZ) return (-1); \ + pre##_gcmreinit(&dec->ctx, n, nsz); \ + return (0); \ +} \ + \ +static int gddec(gaead_dec *d, const void *c, size_t csz, buf *b) \ +{ \ + gdctx *dec = (gdctx *)d; \ + return (pre##_gcmdecrypt(&dec->ctx, c, csz, b)); \ +} \ + \ +static int gddone(gaead_dec *d, const gaead_aad *a, \ + buf *b, const void *t, size_t tsz) \ +{ \ + gdctx *dec = (gdctx *)d; gactx *aad = (gactx *)a; \ + assert(!a || a->ops == &gaops); \ + return (pre##_gcmdecryptdone(&dec->ctx, a ? &aad->aad : 0, b, t, tsz)); \ +} \ + \ +static void gddestroy(gaead_dec *d) \ + { gdctx *dec = (gdctx *)d; BURN(*dec); S_DESTROY(dec); } \ + \ +static const gaead_decops gdops = \ + { &pre##_gcm, gdaad, gdreinit, gddec, gddone, gddestroy }; \ + \ +typedef struct gkctx { \ + gaead_key k; \ + pre##_gcmkey key; \ +} gkctx; \ + \ +static gaead_aad *gkaad(const gaead_key *k) \ + { gkctx *key = (gkctx *)k; return (gaad(&key->key)); } \ + \ +static gaead_enc *gkenc(const gaead_key *k, const void *n, size_t nsz, \ + size_t hsz, size_t msz, size_t tsz) \ +{ \ + gkctx *key = (gkctx *)k; \ + gectx *enc = S_CREATE(gectx); \ + \ + enc->e.ops = &geops; \ + pre##_gcminit(&enc->ctx, &key->key, n, nsz); \ + return (&enc->e); \ +} \ + \ +static gaead_dec *gkdec(const gaead_key *k, const void *n, size_t nsz, \ + size_t hsz, size_t csz, size_t tsz) \ +{ \ + gkctx *key = (gkctx *)k; \ + gdctx *dec = S_CREATE(gdctx); \ + \ + dec->d.ops = &gdops; \ + pre##_gcminit(&dec->ctx, &key->key, n, nsz); \ + return (&dec->d); \ +} \ + \ +static void gkdestroy(gaead_key *k) \ + { gkctx *key = (gkctx *)k; BURN(*key); S_DESTROY(key); } \ + \ +static const gaead_keyops gkops = \ + { &pre##_gcm, gkaad, gkenc, gkdec, gkdestroy }; \ + \ +static gaead_key *gckey(const void *k, size_t ksz) \ +{ \ + gkctx *key = S_CREATE(gkctx); \ + key->k.ops = &gkops; \ + pre##_gcmsetkey(&key->key, k, ksz); \ + return (&key->k); \ +} \ + \ +const gcaead pre##_gcm = { \ + name "-gcm", \ + pre##_keysz, pre##_gcmnoncesz, pre##_gcmtagsz, \ + PRE##_BLKSZ, 0, 0, 0, \ + gckey \ +}; \ + \ +GCM_TESTX(PRE, pre, name, fname) + +/*----- Test rig ----------------------------------------------------------*/ + +#define GCM_TEST(PRE, pre) GCM_TESTX(PRE, pre, #pre, #pre) + +/* --- @GCM_TEST@ --- * + * + * Arguments: @PRE, pre@ = prefixes for the underlying block cipher + * + * Use: Standard test rig for GCM functions. + */ + +#ifdef TEST_RIG + +#include + +#include +#include +#include + +#define GCM_TESTX(PRE, pre, name, fname) \ + \ +static int gcmverify(dstr *v) \ +{ \ + pre##_gcmkey key; \ + pre##_gcmaadctx aad; \ + pre##_gcmctx ctx; \ + int ok = 1, win; \ + int i; \ + octet *p; \ + int szs[] = { 1, 7, 192, -1, 0 }, *ip; \ + size_t hsz, msz; \ + dstr d = DSTR_INIT, t = DSTR_INIT; \ + buf b; \ + \ + dstr_ensure(&d, v[4].len > v[3].len ? v[4].len : v[3].len); \ + dstr_ensure(&t, v[5].len); t.len = v[5].len; \ + \ + pre##_gcmsetkey(&key, v[0].buf, v[0].len); \ + \ + for (ip = szs; *ip; ip++) { \ + \ + pre##_gcminit(&ctx, &key, (octet *)v[1].buf, v[1].len); \ + \ + i = *ip; \ + hsz = v[2].len; \ + if (i == -1) i = hsz; \ + if (i > hsz) continue; \ + p = (octet *)v[2].buf; \ + pre##_gcmaadinit(&aad, &key); \ + while (hsz) { \ + if (i > hsz) i = hsz; \ + pre##_gcmaadhash(&aad, p, i); \ + p += i; hsz -= i; \ + } \ + \ + buf_init(&b, d.buf, d.sz); \ + i = *ip; \ + msz = v[3].len; \ + if (i == -1) i = msz; \ + if (i > msz) continue; \ + p = (octet *)v[3].buf; \ + while (msz) { \ + if (i > msz) i = msz; \ + if (pre##_gcmencrypt(&ctx, p, i, &b)) { \ + puts("!! gcmencrypt reports failure"); \ + goto fail_enc; \ + } \ + p += i; msz -= i; \ + } \ + \ + if (pre##_gcmencryptdone(&ctx, &aad, &b, (octet *)t.buf, t.len)) { \ + puts("!! gcmencryptdone reports failure"); \ + goto fail_enc; \ + } \ + d.len = BLEN(&b); \ + \ + if (d.len != v[4].len || \ + memcmp(d.buf, v[4].buf, v[4].len) != 0 || \ + memcmp(t.buf, v[5].buf, v[5].len) != 0) { \ + fail_enc: \ + printf("\nfail encrypt:\n\tstep = %i", *ip); \ + fputs("\n\tkey = ", stdout); type_hex.dump(&v[0], stdout); \ + fputs("\n\tnonce = ", stdout); type_hex.dump(&v[1], stdout); \ + fputs("\n\theader = ", stdout); type_hex.dump(&v[2], stdout); \ + fputs("\n\tmessage = ", stdout); type_hex.dump(&v[3], stdout); \ + fputs("\n\texp ct = ", stdout); type_hex.dump(&v[4], stdout); \ + fputs("\n\tcalc ct = ", stdout); type_hex.dump(&d, stdout); \ + fputs("\n\texp tag = ", stdout); type_hex.dump(&v[5], stdout); \ + fputs("\n\tcalc tag = ", stdout); type_hex.dump(&t, stdout); \ + putchar('\n'); \ + ok = 0; \ + } \ + \ + pre##_gcminit(&ctx, &key, (octet *)v[1].buf, v[1].len); \ + \ + buf_init(&b, d.buf, d.sz); \ + i = *ip; \ + msz = v[4].len; \ + if (i == -1) i = msz; \ + if (i > msz) continue; \ + p = (octet *)v[4].buf; \ + while (msz) { \ + if (i > msz) i = msz; \ + if (pre##_gcmdecrypt(&ctx, p, i, &b)) { \ + puts("!! gcmdecrypt reports failure"); \ + win = 0; goto fail_dec; \ + } \ + p += i; msz -= i; \ + } \ + \ + win = pre##_gcmdecryptdone(&ctx, &aad, &b, \ + (octet *)v[5].buf, v[5].len); \ + if (win < 0) { \ + puts("!! gcmdecryptdone reports failure"); \ + goto fail_dec; \ + } \ + d.len = BLEN(&b); \ + \ + if (d.len != v[3].len || !win || \ + memcmp(d.buf, v[3].buf, v[3].len) != 0) { \ + fail_dec: \ + printf("\nfail decrypt:\n\tstep = %i", *ip); \ + fputs("\n\tkey = ", stdout); type_hex.dump(&v[0], stdout); \ + fputs("\n\tnonce = ", stdout); type_hex.dump(&v[1], stdout); \ + fputs("\n\theader = ", stdout); type_hex.dump(&v[2], stdout); \ + fputs("\n\tciphertext = ", stdout); type_hex.dump(&v[4], stdout); \ + fputs("\n\texp pt = ", stdout); type_hex.dump(&v[3], stdout); \ + fputs("\n\tcalc pt = ", stdout); type_hex.dump(&d, stdout); \ + fputs("\n\ttag = ", stdout); type_hex.dump(&v[5], stdout); \ + printf("\n\tverify %s", win ? "ok" : "FAILED"); \ + putchar('\n'); \ + ok = 0; \ + } \ + } \ + \ + dstr_destroy(&d); dstr_destroy(&t); \ + return (ok); \ +} \ + \ +static test_chunk aeaddefs[] = { \ + { name "-gcm", gcmverify, \ + { &type_hex, &type_hex, &type_hex, &type_hex, \ + &type_hex, &type_hex, 0 } }, \ + { 0, 0, { 0 } } \ +}; \ + \ +int main(int argc, char *argv[]) \ +{ \ + ego(argv[0]); \ + test_run(argc, argv, aeaddefs, SRCDIR"/t/" fname); \ + return (0); \ +} + +#else +# define GCM_TESTX(PRE, pre, name, fname) +#endif + +/*----- That's all, folks -------------------------------------------------*/ + +#ifdef __cplusplus + } +#endif + +#endif diff --git a/symm/gcm.c b/symm/gcm.c new file mode 100644 index 00000000..749f9d6f --- /dev/null +++ b/symm/gcm.c @@ -0,0 +1,456 @@ +/* -*-c-*- + * + * The GCM authenticated encryption mode + * + * (c) 2017 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software: you can redistribute it and/or modify it + * under the terms of the GNU Library General Public License as published + * by the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb. If not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +/*----- Header files ------------------------------------------------------*/ + +#include "config.h" + +#include + +#include + +#include "gcm.h" +#include "gcm-def.h" + +/*----- Overall strategy --------------------------------------------------* + * + * GCM is pretty awful to implement in software. (This presentation is going + * to be somewhat different to that in the specification, but I think it + * makes more sense like this.) + * + * We're given a %$w$%-bit blockcipher %$E$% with a key %$K$%. + * + * The main part is arithmetic in the finite field %$k = \gf{2^w}$%, which we + * represent as the quotient ring %$\gf{2}[t]/(p_w(t))$% for some irreducible + * degree-%$w$% polynomial %$p(t)$%, whose precise value isn't very important + * right now. We choose a secret point %$x = E_K(0^w)$%. + * + * We choose a length size %$z$% as follows: if %$w < 96%$ then %$z = w$%; + * otherwise %$z = w/2$%. Format a message pair as follows: + * + * %$F(a, b) = P_w(a) \cat P_w(b) \cat [\ell(a)]_z \cat [\ell(b)]_z$% + * + * where %$P_w(x) = x \cat 0^n$% where $%0 \le n < w$% such that + * %$\ell(x) + n \equiv 0 \pmod{w}$%. + * + * Hash a (block-aligned) message %$u$% as follows. First, split %$u$% into + * %$w$%-bit blocks %$u_0$%, %$u_1$%, %%\ldots%%, %$u_{n-1}$%. Interpret + * these as elements of %$k$%. Then + * + * %$G_x(u) = u_0 t^n + u_1 t^{n-1} + \cdots + u_{n-1} t$% + * + * converted back to a %$w$%-bit string. + * + * We're ready to go now. Suppose we're to encrypt a message %$M$% with + * header %$H$% and nonce %$N$%. If %$\ell(N) + 32 = w$% then let + * %$N' = N$% and let %$i_0 = 1$%; otherwise, let %$U = G_t(F(\epsilon, N))$% + * and split this into %$N' = U[0 \bitsto w - 32]$% and + * %$[i_0]_{32} = U[w - 32 \bitsto w]$%. + * + * Let %$n = \lceil \ell(M)/w \rceil$%. Compute + * + * %$y_j = E_K(N' \cat [i_0 + j]_{32})$% + * + * for %$0 \le j \le n$%. Let + * + * %$s = (y_1 \cat y_2 \cat \cdots \cat y_n)[0 \bitsto \ell(M)$% + * + * Let %$C = M \xor s$% and let %$T = G_x(F(H, C)) \xor y_0$%. These are the + * ciphertext and tag respectively. + * + * So why is this awful? + * + * For one thing, the bits are in a completely terrible order. The bytes are + * arranged in little-endian order, so the unit coefficient is in the first + * byte, and the degree-127 coefficient is in the last byte. But within each + * byte, the lowest-degree coefficient is in the most significant bit. It's + * therefore better to think of GCM as using a big-endian byte-ordering + * convention, but with the bits backwards. + * + * But messing about with byte ordering is expensive, so let's not do that in + * the inner loop. But multiplication in %$k$% is not easy either. Some + * kind of precomputed table would be nice, but that will leak secrets + * through the cache. + * + * I choose a particularly simple table: given %$x$%, let %$X[i'] = x t^i$%. + * Then $%$x y = \sum_{0\le in - 1]; m = -(t&1u); c = m&p->poly; + for (i = 0; i < p->n; i++) { t = x[i]; z[i] = (t >> 1) ^ c; c = t << 31; } +} + +/* --- @mul@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *z@ = where to write the result + * @const uint32 *x, *y@ = input field elements + * + * Returns: --- + * + * Use: Multiply the input field elements together, and write the + * product to @z@. It's safe for the operands to overlap. Both + * inputs and the output are in big-endian form, i.e., with the + * lowest-degree coefficients in the most significant bits. + */ + +static void mul(const gcm_params *p, uint32 *z, + const uint32 *x, const uint32 *y) +{ + uint32 m, t, u[GCM_NMAX], v[GCM_NMAX]; + unsigned i, j, k; + + /* We can't do this in-place at all, so use temporary space. Make a copy + * of @x@ in @u@, where we can clobber it, and build the product in @v@. + */ + for (i = 0; i < p->n; i++) { u[i] = x[i]; v[i] = 0; } + + /* Repeatedly multiply @x@ (in @u@) by %$t$%, and add together those + * %$x t^i$% selected by the bits of @y@. This is basically what you get + * by streaming the result of @gcm_mktable@ into @gcm_mulk_...@. + */ + for (i = 0; i < p->n; i++) { + t = y[i]; + for (j = 0; j < 32; j++) { + m = -((t >> 31)&1u); + for (k = 0; k < p->n; k++) v[k] ^= u[k]&m; + mult(p, u, u); t <<= 1; + } + } + + /* Write out the result now that it's ready. */ + for (i = 0; i < p->n; i++) z[i] = v[i]; +} + +/*----- Table-based multiplication ----------------------------------------*/ + +/* --- @gcm_mktable@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *ktab@ = where to write the table; there must be + * space for %$32 n$% $%n$%-word entries, i.e., + * %$32 n^2$% 32-bit words in total, where %$n$% is + * @p->n@, the block size in words + * @const uint32 *k@ = input field element + * + * Returns: --- + * + * Use: Construct a table for use by @gcm_mulk_...@ below, to + * multiply (vaguely) efficiently by @k@. + */ + +void gcm_mktable(const gcm_params *p, uint32 *ktab, const uint32 *k) +{ + unsigned m = (p->f&GCMF_SWAP ? 0x18 : 0); + unsigned i, j, o = m*p->n; + + /* As described above, the table stores entries %$K[i \xor m] = k t^i$%, + * where %$m = 0$% (big-endian cipher) or %$m = 24$% (little-endian). + * The first job is to store %$K[m] = k$%. + * + * We initially build the table with the entries in big-endian order, and + * then swap them if necessary. This makes the arithmetic functions more + * amenable for use by @gcm_concat@ below. + */ + if (!(p->f&GCMF_SWAP)) for (i = 0; i < p->n; i++) ktab[o + i] = k[i]; + else for (i = 0; i < p->n; i++) ktab[o + i] = ENDSWAP32(k[i]); + + /* Fill in the rest of the table by repeatedly multiplying the previous + * entry by %$t$%. + */ + for (i = 1; i < 32*p->n; i++) + { j = (i ^ m)*p->n; mult(p, ktab + j, ktab + o); o = j; } + + /* Finally, if the cipher uses a little-endian convention, then swap all of + * the individual words. + */ + if (p->f&GCMF_SWAP) + for (i = 0; i < 32*p->n*p->n; i++) ktab[i] = ENDSWAP32(ktab[i]); +} + +/* --- @gcm_mulk_N@ --- * + * + * Arguments: @uint32 *a@ = accumulator to multiply + * @const uint32 *ktab@ = table constructed by @gcm_mktable@ + * + * Returns: --- + * + * Use: Multiply @a@ by @k@ (implicitly represented in @ktab@), + * updating @a@ in-place. There are separate functions for each + * supported block size because this is the function whose + * performance actually matters. + */ + +#define DEF_MULK(nbits) \ +void gcm_mulk_##nbits(uint32 *a, const uint32 *ktab) \ +{ \ + uint32 m, t; \ + uint32 z[nbits/32]; \ + unsigned i, j, k; \ + \ + for (i = 0; i < nbits/32; i++) z[i] = 0; \ + \ + for (i = 0; i < nbits/32; i++) { \ + t = a[i]; \ + for (j = 0; j < 32; j++) { \ + m = -((t >> 31)&1u); \ + for (k = 0; k < nbits/32; k++) z[k] ^= *ktab++&m; \ + t <<= 1; \ + } \ + } \ + \ + for (i = 0; i < nbits/32; i++) a[i] = z[i]; \ +} +GCM_WIDTHS(DEF_MULK) + +/*----- Other utilities ---------------------------------------------------*/ + +/* --- @putlen@ --- * + * + * Arguments: @octet *p@ = pointer to output buffer + * @unsigned w@ = size of output buffer + * @unsigned blksz@ = block size (assumed fairly small) + * @unsigned long nblocks@ = number of blocks + * @unsigned nbytes@ = tail size in bytes (assumed small) + * + * Returns: --- + * + * Use: Store the overall length in %$\emph{bits}$% (i.e., + * @3*(nblocks*blksz + nbytes)@ in big-endian form in the + * buffer @p@. + */ + +static void putlen(octet *p, unsigned w, unsigned blksz, + unsigned long nblocks, unsigned nbytes) +{ + unsigned long nblo = nblocks&((1ul << (ULONG_BITS/2)) - 1), + nbhi = nblocks >> ULONG_BITS/2; + unsigned long nlo = nblo*blksz + nbytes, nhi = nbhi*blksz; + + /* This is fiddly. Split @nblocks@, which is the big number, into high and + * low halves, multiply those separately by @blksz@, propagate carries, and + * then multiply by eight. + */ + nhi += nlo >> ULONG_BITS/2; + nlo &= (1ul << (ULONG_BITS/2)) - 1; + nlo <<= 3; + + /* Now write out the size, feeding bits in from @nhi@ as necessary. */ + p += w; + while (w--) { + *--p = U8(nlo); + nlo = (nlo >> 8) | ((nhi&0xff) << (ULONG_BITS/2 - 5)); + nhi >>= 8; + } +} + +/* --- @mix@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *a@ = GHASH accumulator + * @const octet *q@ = pointer to an input block + * @const uint32 *ktab@ = multiplication table, built by + * @gcm_mktable@ + * + * Returns: --- + * + * Use: Fold the block @q@ into the GHASH accumulator. The + * calculation is %$a' = k (a + q)$%. + */ + +static void mix(const gcm_params *p, uint32 *a, + const octet *q, const uint32 *ktab) +{ + unsigned i; + + /* Convert the block from bytes into words, using the appropriate + * convention. + */ + if (p->f&GCMF_SWAP) + for (i = 0; i < p->n; i++) { a[i] ^= LOAD32_L(q); q += 4; } + else + for (i = 0; i < p->n; i++) { a[i] ^= LOAD32_B(q); q += 4; } + + /* Dispatch to the correct multiply-by-%$k$% function. */ + switch (p->n) { +#define CASE(nbits) case nbits/32: gcm_mulk_##nbits(a, ktab); break; + GCM_WIDTHS(CASE) +#undef CASE + default: abort(); + } +} + +/* --- @gcm_ghashdone@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *a@ = GHASH accumulator + * @const uint32 *ktab@ = multiplication table, built by + * @gcm_mktable@ + * @unsigned long xblocks, yblocks@ = number of whole blocks in + * the two inputs + * @unsigned xbytes, ybytes@ = number of trailing bytes in the + * two inputs + * + * Returns: --- + * + * Use: Finishes a GHASH operation by appending the appropriately + * encoded lengths of the two constituent messages. + */ + +void gcm_ghashdone(const gcm_params *p, uint32 *a, const uint32 *ktab, + unsigned long xblocks, unsigned xbytes, + unsigned long yblocks, unsigned ybytes) +{ + octet b[4*GCM_NMAX]; + unsigned w = p->n < 3 ? 4*p->n : 2*p->n; + + /* Construct the encoded lengths. Note that smaller-block versions of GCM + * encode the lengths in separate blocks. GCM is only officially defined + * for 64- and 128-bit blocks; I've placed the cutoff somewhat arbitrarily + * at 96 bits. + */ + putlen(b, w, 4*p->n, xblocks, xbytes); + putlen(b + w, w, 4*p->n, yblocks, ybytes); + + /* Feed the lengths into the accumulator. */ + mix(p, a, b, ktab); + if (p->n < 3) mix(p, a, b + w, ktab); +} + +/* --- @gcm_concat@ --- * + * + * Arguments: @const gcm_params *p@ = pointer to the parameters + * @uint32 *z@ = GHASH accumulator for suffix, updated + * @const uint32 *x@ = GHASH accumulator for prefix + * @const uint32 *ktab@ = multiplication table, built by + * @gcm_mktable@ + * @unsigned long n@ = length of suffix in whole blocks + * + * Returns: --- + * + * Use: On entry, @x@ and @z@ are the results of hashing two strings + * %$a$% and %$b$%, each a whole number of blocks long; in + * particular, %$b$% is @n@ blocks long. On exit, @z@ is + * updated to be the hash of %$a \cat b$%. + */ + +void gcm_concat(const gcm_params *p, uint32 *z, const uint32 *x, + const uint32 *ktab, unsigned long n) +{ + uint32 t[GCM_NMAX], u[GCM_NMAX]; + unsigned i, j; + + if (!n) { + /* If @n@ is zero, then there's not much to do. The mathematics + * (explained below) still works, but the code takes a shortcut which + * doesn't handle this case: so set %$z' = z + x k^n = z + x$%. + */ + + for (j = 0; j < p->n; j++) z[j] ^= x[j]; + } else { + /* We have %$x = a_0 t^m + \cdots + a_{m-2} t^2 + a_{m-1} t$% and + * %$z = b_0 t^n + \cdots + b_{n-2} t^2 + b_{n-1} t$%. What we'd like is + * the hash of %$a \cat b$%, which is %$z + x k^n$%. + * + * The first job, then, is to calculate %$k^n$%, and for this we use a + * simple left-to-right square-and-multiply algorithm. There's no need + * to keep %$n$% secret here. + */ + + /* Start by retrieving %$k$% from the table, and convert it to big-endian + * form. + */ + if (!(p->f&GCMF_SWAP)) for (j = 0; j < p->n; j++) u[j] = ktab[j]; + else for (j = 0; j < p->n; j++) u[j] = ENDSWAP32(ktab[24*p->n + j]); + + /* Now calculate %$k^n$%. */ + i = ULONG_BITS; +#define BIT (1ul << (ULONG_BITS - 1)) + while (!(n&BIT)) { n <<= 1; i--; } + n <<= 1; i--; for (j = 0; j < p->n; j++) t[j] = u[j]; + while (i--) { mul(p, t, t, t); if (n&BIT) mul(p, t, t, u); n <<= 1; } +#undef BIT + + /* Next, calculate %$x k^n$%. If we're using a little-endian convention + * then we must convert %$x$%; otherwise we can just use it in place. + */ + if (!(p->f&GCMF_SWAP)) + mul(p, t, t, x); + else { + for (j = 0; j < p->n; j++) u[j] = ENDSWAP32(x[j]); + mul(p, t, t, u); + } + + /* Finally, add %$x k^n$% onto %$z$%, converting back to little-endian if + * necessary. + */ + if (!(p->f&GCMF_SWAP)) for (j = 0; j < p->n; j++) z[j] ^= t[j]; + else for (j = 0; j < p->n; j++) z[j] ^= ENDSWAP32(t[j]); + } +} + +/*----- That's all, folks -------------------------------------------------*/ diff --git a/symm/gcm.h b/symm/gcm.h new file mode 100644 index 00000000..d3e6d030 --- /dev/null +++ b/symm/gcm.h @@ -0,0 +1,308 @@ +/* -*-c-*- + * + * The GCM authenticated encryption mode + * + * (c) 2018 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software: you can redistribute it and/or modify it + * under the terms of the GNU Library General Public License as published + * by the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb. If not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +/*----- Notes on GCM ------------------------------------------------------* + * + * The name is short for `Galois Counter Mode'. GCM was designed in 2005 by + * David McGrew and John Viega as a fast, patent-free authenticated + * encryption scheme; and it's specified by NIST in SP800-38D. It combines + * counter-mode encryption with a Carter--Wegman authenticator based on a + * polynomial hash over %$\gf{2^{128}}%, so it needs only one blockcipher + * application per message block, together with a multiplication by a + * constant in the finite field. GCM is essentially the winner in the + * authenticated-encryption-mode competition, to the extent that Intel and + * ARM both added instructions to their architectures to accelerate it. + * + * GCM allows arbitrary-sized nonces, though it's happiest if the nonce is 32 + * bits shorter than the block size, leaving a fixed-size block counter in + * the low 32 bits. It permits header data to be processed independently of + * the message, though doing this requires some slightly fiddly algebra and + * most implementations don't allow callers to take advantage of this. + * + * One downside is that the field multiplication is inefficient in software. + * Back in 2005 it was assumed that implementors would use large tables, but + * that leaks the authentication secret through the processor cache. This + * implementation runs in constant time, but the penalty is that, without + * dedicated processor support, it's much slower than an extra blockcipher + * application would have been. + * + * Another downside is that, while GCM came with a security proof, it was + * subtly incorrect in a few ways which mean that its concrete security is + * significantly less than one would expect. + * + * If interoperability isn't a concern, then OCB3 is probably a better + * choice; if the OCB patent situation is also worrying, then EAX is likely + * preferable. + */ + +#ifndef CATACOMB_GCM_H +#define CATACOMB_GCM_H + +#ifdef __cplusplus + extern "C" { +#endif + +/*----- Header files ------------------------------------------------------*/ + +#include + +#include +#include + +#ifndef CATACOMB_GAEAD_H +# include "gaead.h" +#endif + +/*----- Macros ------------------------------------------------------------*/ + +/* --- @GCM_DECL@ --- * + * + * Arguments: @PRE@, @pre@ = prefixes for the underlying block cipher + * + * Use: Creates declarations for GCM authenticated-encryption mode. + */ + +#define GCM_DECL(PRE, pre) \ + \ +typedef struct pre##_gcmkey { \ + pre##_ctx ctx; /* Block cipher key */ \ + uint32 ktab[32*PRE##_BLKSZ*PRE##_BLKSZ]; /* Multiplication table */ \ +} pre##_gcmkey; \ + \ +typedef struct pre##_gcmaadctx { \ + pre##_gcmkey k; /* Underlying key */ \ + uint32 a[PRE##_BLKSZ/4]; /* GHASH accumulator */ \ + octet b[PRE##_BLKSZ]; /* Input buffer */ \ + unsigned off; /* Length of stuff in buffer */ \ + unsigned long len; /* Number of blocks so far */ \ +} pre##_gcmaadctx; \ + \ +typedef struct pre##_gcmctx { \ + /* The buffer is split into two portions. The first N octets hold a \ + * chunk of ciphertext, which will be fed into the OMAC calculation; \ + * the remaining BLKSZ - N octets hold E_K(C), which is the XOR mask \ + * to apply to the plaintext or ciphertext. \ + */ \ + pre##_gcmkey k; /* Underlying key */ \ + uint32 c[PRE##_BLKSZ/4]; /* Current counter value */ \ + uint32 c0[PRE##_BLKSZ/4]; /* Initial counter */ \ + uint32 a[PRE##_BLKSZ]; /* GHASH accumulator */ \ + octet b[PRE##_BLKSZ]; /* Ciphertext/mask buffer */ \ + unsigned off; /* Crossover point in buffer */ \ + unsigned long len; /* Number of blocks so far */ \ +} pre##_gcmctx; \ + \ +extern const octet pre##_gcmnoncesz[], pre##_gcmtagsz[]; \ + \ +/* --- @pre_gcmsetkey@ --- * \ + * \ + * Arguments: @pre_gcmkey *key@ = pointer to key block to fill in \ + * @const void *k@ = pointer to key material \ + * @size_t ksz@ = size of key material \ + * \ + * Returns: --- \ + * \ + * Use: Initializes an GCM key block. \ + */ \ + \ +extern void pre##_gcmsetkey(pre##_gcmkey */*key*/, \ + const void */*k*/, size_t /*ksz*/); \ + \ +/* --- @pre_gcmaadinit@ --- * \ + * \ + * Arguments: @pre_gcmaadctx *aad@ = pointer to AAD context \ + * @const pre_gcmkey *key@ = pointer to key block \ + * \ + * Returns: --- \ + * \ + * Use: Initializes an GCM AAD (`additional authenticated \ + * data') context associated with a given key. AAD \ + * contexts can be copied and/or reused, saving time if \ + * the AAD for a number of messages has a common prefix. \ + * \ + * The @key@ doesn't need to be kept around, though \ + * usually there'll at least be another copy in some GCM \ + * operation context because the AAD on its own isn't much \ + * good. \ + */ \ + \ +extern void pre##_gcmaadinit(pre##_gcmaadctx */*aad*/, \ + const pre##_gcmkey */*key*/); \ + \ +/* --- @pre_gcmaadhash@ --- * \ + * \ + * Arguments: @pre_gcmaadctx *aad@ = pointer to AAD context \ + * @const void *p@ = pointer to AAD material \ + * @size_t sz@ = length of AAD material \ + * \ + * Returns: --- \ + * \ + * Use: Feeds AAD into the context. \ + */ \ + \ +extern void pre##_gcmaadhash(pre##_gcmaadctx */*aad*/, \ + const void */*p*/, size_t /*sz*/); \ + \ +/* --- @pre_gcminit@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM context \ + * @const pre_gcmkey *key@ = pointer to key block \ + * @const void *n@ = pointer to nonce \ + * @size_t nsz@ = size of nonce \ + * \ + * Returns: --- \ + * \ + * Use: Initialize an GCM operation context with a given key. \ + * \ + * The original key needn't be kept around any more. \ + */ \ + \ +extern void pre##_gcminit(pre##_gcmctx */*ctx*/, \ + const pre##_gcmkey */*k*/, \ + const void */*n*/, size_t /*nsz*/); \ + \ +/* --- @pre_gcmreinit@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM context \ + * @const void *n@ = pointer to nonce \ + * @size_t nsz@ = size of nonce \ + * \ + * Returns: --- \ + * \ + * Use: Reinitialize an GCM operation context, changing the \ + * nonce. \ + */ \ + \ +extern void pre##_gcmreinit(pre##_gcmctx */*ctx*/, \ + const void */*n*/, size_t /*nsz*/); \ + \ +/* --- @pre_gcmencrypt@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM operation context \ + * @const void *src@ = pointer to plaintext message chunk \ + * @size_t sz@ = size of the plaintext \ + * @buf *dst@ = a buffer to write the ciphertext to \ + * \ + * Returns: Zero on success; @-1@ on failure. \ + * \ + * Use: Encrypts a chunk of a plaintext message, writing a \ + * chunk of ciphertext to the output buffer and updating \ + * the operation state. \ + * \ + * For GCM, we always write a ciphertext chunk the same \ + * size as the plaintext. The messing about with @buf@ \ + * objects makes the interface consistent with other AEAD \ + * schemes which can't do this. \ + */ \ + \ +extern int pre##_gcmencrypt(pre##_gcmctx */*ctx*/, \ + const void */*src*/, size_t /*sz*/, \ + buf */*dst*/); \ + \ +/* --- @pre_gcmdecrypt@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to GCM operation context \ + * @const void *src@ = pointer to ciphertext message chunk \ + * @size_t sz@ = size of the ciphertext \ + * @buf *dst@ = a buffer to write the plaintext to \ + * \ + * Returns: Zero on success; @-1@ on failure. \ + * \ + * Use: Decrypts a chunk of a ciphertext message, writing a \ + * chunk of plaintext to the output buffer and updating \ + * the operation state. \ + * \ + * For GCM, we always write a plaintext chunk the same \ + * size as the ciphertext. The messing about with @buf@ \ + * objects makes the interface consistent with other AEAD \ + * schemes which can't do this. \ + */ \ + \ +extern int pre##_gcmdecrypt(pre##_gcmctx */*ctx*/, \ + const void */*src*/, size_t /*sz*/, \ + buf */*dst*/); \ + \ +/* --- @pre_gcmencryptdone@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to an GCM context \ + * @const pre_gcmaadctx *aad@ = pointer to AAD context, or \ + * null \ + * @buf *dst@ = buffer for remaining ciphertext \ + * @void *tag@ = where to write the tag \ + * @size_t tsz@ = length of tag to store \ + * \ + * Returns: Zero on success; @-1@ on failure. \ + * \ + * Use: Completes an GCM encryption operation. The @aad@ \ + * pointer may be null if there is no additional \ + * authenticated data. GCM doesn't buffer ciphertext, but \ + * the output buffer is provided anyway for consistency \ + * with other AEAD schemes which don't have this property; \ + * the function will fail if the output buffer is broken. \ + */ \ + \ +extern int pre##_gcmencryptdone(pre##_gcmctx */*ctx*/, \ + const pre##_gcmaadctx */*aad*/, \ + buf */*dst*/, \ + void */*tag*/, size_t /*tsz*/); \ + \ +/* --- @pre_gcmdecryptdone@ --- * \ + * \ + * Arguments: @pre_gcmctx *ctx@ = pointer to an GCM context \ + * @const pre_gcmaadctx *aad@ = pointer to AAD context, or \ + * null \ + * @buf *dst@ = buffer for remaining plaintext \ + * @const void *tag@ = tag to verify \ + * @size_t tsz@ = length of tag \ + * \ + * Returns: @+1@ for complete success; @0@ if tag verification \ + * failed; @-1@ for other kinds of errors. \ + * \ + * Use: Completes an GCM decryption operation. The @aad@ \ + * pointer may be null if there is no additional \ + * authenticated data. GCM doesn't buffer plaintext, but \ + * the output buffer is provided anyway for consistency \ + * with other AEAD schemes which don't have this property; \ + * the function will fail if the output buffer is broken. \ + */ \ + \ +extern int pre##_gcmdecryptdone(pre##_gcmctx */*ctx*/, \ + const pre##_gcmaadctx */*aad*/, \ + buf */*dst*/, \ + const void */*tag*/, size_t /*tsz*/); \ + \ +/* --- Generic AEAD interface --- */ \ + \ +extern const gcaead pre##_gcm; + +/*----- That's all, folks -------------------------------------------------*/ + +#ifdef __cplusplus + } +#endif + +#endif diff --git a/symm/t/blowfish b/symm/t/blowfish index a9a066f6..4faabb55 100644 --- a/symm/t/blowfish +++ b/symm/t/blowfish @@ -315,3 +315,174 @@ blowfish-eax { 1b485cb8f21d2744e6fdb19989d90693a8d2b935d0eae05facba546e91 8b86611191b4bdf3; } + +blowfish-gcm { + 60d7bcda163547d348b7551195e77022907dd1dff7dac5c9941d26d0c6eb14ad568f86edd1dc9268eeee533285a6ed810c9b689daaa906 + "" + "" + "" + "" + 6b5ff4ee552b5221; + 0d2d4b6003062365b0a54364c76c160f11896c4794846ecfa14a7130c9f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d + 1f + "" + "" + "" + 88af455e5264ee42; + 337f29549e6b0d27a4ba234085406a6136512061f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e + "" + 60 + "" + "" + 3349c44a62931118; + 57acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dceaa7b1cc49ae1d50c38201a894476b3f102b752eb95295 + "" + "" + 33 + 10 + 0084f273223d1321; + 966f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030 + 370c33d090c54215 + abd6b3ad54efc9a38378c5b93bf4f2aad2605faee2b03fb6 + 48e27fff63102758fe2b69ac26afa3349829b94586306fed + e506b433f4b8d79455ba85c9495a93fbdfd6d9b8905ff540 + 3a7eae4ca30b331e; + 54154f8f28523c03d4de1600157846b710ee72807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f70800df + 9fcbaca4 + 8b77dba189196d1ebba10b + 0467cb9fc2712a199e533fa9156308cdec3f768281e040a9b9a222bd689aef66f5 + 300fa70b6ef7bfd848bb6686af20bd3fdd3c24870e4b3e27ebe638a6574f74666b + 3c7cd92967f27b1b; + 306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe1dc8151784873f + 0eb5b647da6794 + c18b5337685a96ed65b9aca338527ef19b09c0 + 63c46f88de9fd41e72d7b97e23e6eabdff3bcd211499268878dbf30f1d + 5a4f347d4d422000d0df51f4cb24b0be321466d6730f7a811e36dc030c + 15585b78049dd4fe; + ad89d4b9b12012e4713df4 + "" + "" + "" + "" + fe363b1f2ccd1251; + 6795630e7952d22bb02d71 + 00 + "" + "" + "" + 9b93dde4b132c750; + b8b649377d20a8f083455b + "" + 66 + "" + "" + bbc2c3a8d6d3ee89; + 3e4ee1315f3c8f2aebfa92 + "" + "" + 14 + e6 + 66a62c95caa9cbfb; + 51dcd1af5813b70d30ce2f + 1fef6ef315d07983 + 91805da08da3aefc5f8584b7c5e617669c0f16e39815d4e9 + cfce3ed1ecdf3d264a7f16cb16c2e815f422cdf0c8e30308 + 2f5da54ea8b3beafd0f3dd6ac4e10650dd2ed421f8ce5ec1 + 9ce22826bbc14984; + be3c31e6bc58c0b7cadcb6 + 58b970e4 + 7479a684b5aefa69a4cd52 + 147ed12ca986981a874498ad0abef8bc4fcb70e27e98ef1f0446b42fb144d44b6d + e1b7effaaf9fd5e129cfc598bc26a0100ea9bac25c51aeabb75a7127e05c1bc9bc + ae765f924e885d78; + 00f06dc188d472a784e0c6 + f21195a3b9f4ae + 985511265febd11c164720eef9eb1c8dd0b009 + 51f284649016ed00456331854bc78bf43966eb0cfa9138ddc399084456 + 6bc0e656e9939d5fe58ad77acbcec603f5111cbe660d6b62d1c241ba6c + 47b8a5c7cd546e34; + 08fe95e81c + "" + "" + "" + "" + 70b8e6f27adb97d9; + 2533e31c9c + 1a + "" + "" + "" + f334ea3a3b8ec059; + 9851bc2810 + "" + d8 + "" + "" + 802c25c30e3c0441; + 58cbbc8424 + "" + "" + d1 + 79 + 74d9b3cdc4ce7003; + 26b807e6da + a089c3f9099c5ffb + 824173d7634c04226f30cbb7f0e4a973a8cd190107314717 + a77456f3ff669c732b58db8f48af65f7cc9e3fb90e1721b7 + f9e5d38f1d9ce21dc3b940af936de5b80b4ac4b034adb539 + 33d122be105fb43e; + 30374ffc9b + c597f56c + cbb2f294b38766fc69f6a9 + f2c0945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a1258b2b9b8f0911e3 + 9895b89d611def800949f45f4e61129a3722df9b15f37afca829d4fc08266acf57 + 7ac2cc22e1d5568d; + 2d65cc1770 + a18cbfe6effd1f + f6778554acf1270485b203a3c1c4c967c0a458 + cb948bdd409b687fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b0 + bb5e83aa69b5356dceec0fe74656f2e4399e12c85e09dd2f8fb609c72a + 2b642aa6511caace; + 3cf43e89957f9a3e8128f8743d16687b7bb8deb9bd205b + "" + "" + "" + "" + 991808a4cd53e573; + 70e04c091d205cdad9e9a79b1abf91b0851e5ca605ac84 + 51 + "" + "" + "" + 12bc329cc3ff10a9; + 399587011677508a15dde524af3e2bee0646541a42c2ec + "" + cc + "" + "" + 7ebd5d67b3fed4e4; + b44d65bad397abfaf529ee41cf9a05c7efedef3401539c + "" + "" + 51 + 1e + 6b6575eab9424e98; + d2a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a + 5718fd25014107c8 + e7d715a92add9589d1f5c054b2d983514605ec590294a319 + b9802068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70 + 4c86b78d99617ef3a0e2ba3306379b71221b44b4f53f5526 + 7cb8282ea97b3894; + d17d4569eaff59a332ba58d5d5589bfe079753ee1a957e + b6d6699e + 6b7ea2725cb2dac07ecde9 + 5759ac46fee6dda7abc8ad68daac90cfe22d2f1f2968cc42fa8b669ed3bb3542a9 + 9001bbc3c0a5c6447968b8eec61f2e49ca7129b0560ea49201d997d682bc36984f + 0c14462ce512a43d; + cf44bbc8c6254d980398bd94e66eb4563d405e51881e99 + 027b8ab9aea3cc + f860b0009740763d96836c5f87b95460938de1 + 288c69d80ea12ff4bb5f069b8a2e86041c1b9fc214e9ca2186ddf1f6a7 + 3bf9da6973a8dc56cebcb99962a74dc8638d11f4cb1d932162cd63136e + ff4072c9c5180f17; +} diff --git a/symm/t/cast128 b/symm/t/cast128 index 2940fdb2..17a8e658 100644 --- a/symm/t/cast128 +++ b/symm/t/cast128 @@ -211,3 +211,174 @@ cast128-eax { 9b3b606592501407cf47aa56b3136cca02d94d282ebf6d5f441b32b9f3 d8a34c6cae422b2c; } + +cast128-gcm { + 60d7bcda163547d348b7551195 + "" + "" + "" + "" + 827e37433b2c1494; + e77022907dd1dff7dac5c9941d + 26 + "" + "" + "" + 603a0e329e3029ed; + d0c6eb14ad568f86edd1dc9268 + "" + ee + "" + "" + 09e36329c9190d21; + ee533285a6ed810c9b689daaa9 + "" + "" + 06 + 0b + 83b106e61ac95294; + 0d2d4b6003062365b0a54364c7 + 6c160f11896c4794 + 846ecfa14a7130c9f137120634c9519848a877ff77bf7919 + 2a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085 + d83412ab72752e456aba4b235ea84e65d99a082caea1eba5 + 9ded1889068ab798; + 406a6136512061f7080cc07df0 + 591d8fa2 + 1f2dd88374d8cde8e160ad + 10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61cdbda3b3e9 + b0f1bd0e10c71ddab6c3c3a1b5cb5e0cf831042e831b12789ac9d617e21e573dac + 8a619f19a69e0bff; + 878731ebfedd4705e505da1435 + dceaa7b1cc49ae + 1d50c38201a894476b3f102b752eb952953396 + 6f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52eb + fa5b4ee08950d597fcb0affdf0f0aa8174ca0e9dcfc4ee13e4b5a2bae1 + b6ce5f7d53e6177b; + fda19d0ccc520f + "" + "" + "" + "" + 522de0429e89383a; + 215eb57bb3a4f3 + eb + "" + "" + "" + 45fb1e234c4d8ccd; + bbb18ac6c95a97 + "" + a4 + "" + "" + 89dab6195164787c; + 8030370c33d090 + "" + "" + c5 + bd + 870b563762624fec; + 4215abd6b3ad54 + efc9a38378c5b93b + f4f2aad2605faee2b03fb648e27fff63102758fe2b69ac26 + afa3349829b94586306fed54154f8f28523c03d4de160015 + 3cbe2ea8aa7c3ea77e46a9afbd7f69fc51f663820293720c + ff1dcf81a83ea960; + 7846b710ee7280 + 7a2219bf + b474fd71d891f24bb65d15 + 63259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebb + f54b9538cef3257defa694754b7e196a132d042c670e72a1dcb527f660b836f098 + 59f1ff473e5232e6; + a10b0467cb9fc2 + 712a199e533fa9 + 156308cdec3f768281e040a9b9a222bd689aef + 66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad + f8432f79ab5a3e07c7dff91e912d79f7e6b6828b8a10c74bf419d9448f + 0ec34f0d7a1b4c11; + 7d95214ade49cb3b6f5f + "" + "" + "" + "" + 08185a4aee37b676; + e8368131115c037ba323 + fe + "" + "" + "" + 14a6486a55038a65; + 1dc8151784873f0eb5b6 + "" + 47 + "" + "" + 598e10f99a3c9a58; + da6794c18b5337685a96 + "" + "" + ed + 39 + fd918834389b1469; + 65b9aca338527ef19b09 + c063c46f88de9fd4 + 1e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89 + d4b9b12012e4713df46795630e7952d22bb02d7100b8b649 + 1c3d067c765e17b338cf91585a0caf2f70bc663db8274944 + 09ab5e3cd3740b16; + 377d20a8f083455b663e + 4ee1315f + 3c8f2aebfa921451dcd1af + 5813b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584b7c5e617669c0f + 4b8874ad4cb500f61ff68c73c68dda4f440ad538ded72c0d5a265ce5721cf354f9 + 77bda550c71cc140; + 16e39815d4e9cfce3ed1 + ecdf3d264a7f16 + cb16c2e815f422cdf0c8e30308be3c31e6bc58 + c0b7cadcb658b970e47479a684b5aefa69a4cd52147ed12ca986981a87 + fba726477f0a66ba98a278b52e721b41ebb36556e59d2e9830e66fe0a1 + 9666883d3ef07a79; + 4498ad0abef8bc4fcb + "" + "" + "" + "" + 4417c135917f0b7e; + 70e27e98ef1f0446b4 + 2f + "" + "" + "" + 579b6455f429d389; + b144d44b6d00f06dc1 + "" + 88 + "" + "" + c0feccc75a38a7ea; + d472a784e0c6f21195 + "" + "" + a3 + ba + d3e312ae74483320; + b9f4ae985511265feb + d11c164720eef9eb + 1c8dd0b00951f284649016ed00456331854bc78bf43966eb + 0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851bc + ececbe9f36ef004be708cf21bf97615f62e9ef58803fe723 + 57ac52bfb40dd355; + 2810d858cbbc8424d1 + 26b807e6 + daa089c3f9099c5ffb8241 + 73d7634c04226f30cbb7f0e4a973a8cd190107314717a77456f3ff669c732b58db + 7dff8ee32fab541aa59bdccc84961db26644f6bd50773640afd3a22cd438f54026 + 916e18567fd17de8; + 8f48af65f7cc9e3fb9 + 0e1721b730374f + fc9bc597f56ccbb2f294b38766fc69f6a9f2c0 + 945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a1258b2b9b8f09 + 3c6ea417e98fd5ed2874ef3b1d8b512fbbe5449541a8912afce6b85441 + 6c1dcdd2eef63a3e; +} diff --git a/symm/t/cast256.local b/symm/t/cast256.local index 7aec70ee..4d4f6195 100644 --- a/symm/t/cast256.local +++ b/symm/t/cast256.local @@ -197,3 +197,150 @@ cast256-eax { 3afadb7496af2b3d618391fb535d6c6b42cb20a259c0f2d359d83055062b3f3c8715fbe13fe3b001c254ded295b2225e461ce11d2c 77dafdf4ffbffd0bafdc4b2a1c2a77f8; } + +cast256-gcm { + 60d7bcda163547d348b7551195 + "" + "" + "" + "" + e40bb3203b443cbb894937a4f69e6b67; + e77022907dd1dff7dac5c9941d + 26 + "" + "" + "" + e9c2fa823e33d9aac0cdff0f79008a96; + d0c6eb14ad568f86edd1dc9268 + "" + ee + "" + "" + c458bc5a2b89690b93e7d4603d8dc6c5; + ee533285a6ed810c9b689daaa9 + "" + "" + 06 + f3 + a32741ffd61b5bb53b79a7df1e2e849f; + 0d2d4b6003062365b0a54364c7 + 6c160f11896c4794846ecfa14a7130c9 + f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7 + 080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61 + e8b2a245b1b44140bfde7f135603a3f4c088770181f486cee855087f0468fba9e4af3194c57ae401fd5304b6aca87204 + 7ba17b157ad26810dcc34b7a04b11a38; + cdbda3b3e9878731ebfedd4705 + e505da1435dceaa7b1cc49ae1d50c3 + 8201a894476b3f102b752eb9529533966f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde + 52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33d090c54215abd6b3ad54efc9a38378c5b93bf4f2aad260 + e635fd965a15d413b93196514d7a577123025a4559f16734464afea880e538b0193db7477e52720ce3554332f406382cec81b57972 + c6fcab0d8311749afdfc54ff38f4484d; + 5faee2b03fb648e27fff6310 + "" + "" + "" + "" + 96bb8800b41ff193d4b4c65f59d19dde; + 2758fe2b69ac26afa3349829 + b9 + "" + "" + "" + 0318bc05a63c0e2dc859b0f13dad85ae; + 4586306fed54154f8f28523c + "" + 03 + "" + "" + 920fc4cab40ad51c11726fcb45c817ce; + d4de1600157846b710ee7280 + "" + "" + 7a + f6 + 947c572753bab643d56dd4095074acb1; + 2219bfb474fd71d891f24bb6 + 5d1563259f9eb53b571ea629c54d57dd + 2d42f70800df9fcbaca48b77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f768281e040a9b9a222 + bd689aef66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad7d95214ade49cb3b6f5fe836813111 + c663c80f1a24265a81261cf9ae9b38ea937ddc6a3662815341fb9677608d8a1ed64d70bea85fed028af8f56563d9a8c6 + 989401a20cf7eafc84c597493b6ad0a2; + 5c037ba323fe1dc815178487 + 3f0eb5b647da6794c18b5337685a96 + ed65b9aca338527ef19b09c063c46f88de9fd41e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89 + d4b9b12012e4713df46795630e7952d22bb02d7100b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa921451dcd1af5813b70d + fbc42f92cbccbe0dcc288a2781c8b0156a3ca42294cda5f5ba134558d63dfc445e57c58f5a262dba7c4fe923071a49006b0df6c76c + 27f0a0861ef2ce9d671123efa0f6bc26; + 30ce2f1fef6ef315 + "" + "" + "" + "" + 50e8f074272cc9a5a63212e7902d5df5; + d0798391805da08d + a3 + "" + "" + "" + 16203fda45ef8d1249caf3413f1718fc; + aefc5f8584b7c5e6 + "" + 17 + "" + "" + fe964dc3fd7220defc4b718b74e1bcfb; + 669c0f16e39815d4 + "" + "" + e9 + 8f + 07b2a554d209d7f24549dceb24015bf2; + cfce3ed1ecdf3d26 + 4a7f16cb16c2e815f422cdf0c8e30308 + be3c31e6bc58c0b7cadcb658b970e47479a684b5aefa69a4cd52147ed12ca986981a874498ad0abef8bc4fcb70e27e98 + ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae985511265febd11c164720eef9eb1c8dd0b009 + 1f97c51ad029f02dbebe7fd0faa41da5d523bf06055b9c13188549427c2b41f689be95c2a53dcd73a5497fbcd32b664d + 88fffe54f9bedb25fb5cd22f4d78b442; + 51f284649016ed00 + 456331854bc78bf43966eb0cfa9138 + ddc39908445608fe95e81c2533e31c9c1a9851bc2810d858cbbc8424d126b807e6daa089c3f9099c5ffb82 + 4173d7634c04226f30cbb7f0e4a973a8cd190107314717a77456f3ff669c732b58db8f48af65f7cc9e3fb90e1721b730374ffc9bc5 + 45170813ffb0c86e1d49c82c83b82d72ea126dbc788c27ec00b79ed4b266cbc66f9ef2311fb2c2464d1b81372dd120656250c427d0 + 736070378d728b22d9844d97bde5e22e; + 97f56ccbb2f294b38766fc69f6a9f2c094 + "" + "" + "" + "" + 7323880f89fb54d552c1a23505f238fb; + 5ffd505003cc0cae9ce021a5f1fa4ffa91 + 54 + "" + "" + "" + bbd60af0b8d37b6a322ab217d1d9cdc9; + 4485f1a1258b2b9b8f0911e32d65cc1770 + "" + a1 + "" + "" + 829cc05afc938051344df29091d390d6; + 8cbfe6effd1ff6778554acf1270485b203 + "" + "" + a3 + 5d + e3c0d0132c0bb48fe0424f4c72b763e8; + c1c4c967c0a458cb948bdd409b687fa3a6 + 827b480aa3a4c84cef64f6c9b53bf8f9 + 57f4b03cf43e89957f9a3e8128f8743d16687b7bb8deb9bd205b70e04c091d205cdad9e9a79b1abf91b0851e5ca605ac + 8451399587011677508a15dde524af3e2bee0646541a42c2ecccb44d65bad397abfaf529ee41cf9a05c7efedef340153 + 59516d118aa9a72775326beb658de1e0cfb0cda583731d1d69b0b47d0b0cd441844618383dca21b165b19a0c11dec493 + ae577e6433b84bef607dc9e0fcb9403a; + 9c51d2a90bbf7f1bfc338ab0ef5746ea8f + dcccd213e33f7e8a5718fd25014107 + c8e7d715a92add9589d1f5c054b2d983514605ec590294a319b9802068a9f891bc5ba5afabf8c3122d12d7 + ff3c41122d70d17d4569eaff59a332ba58d5d5589bfe079753ee1a957eb6d6699e6b7ea2725cb2dac07ecde95759ac46fee6dda7ab + 992b8af618edee3cfc8554dff63c15cb2767f995be01271c2cfd8fd552ba9736e3b40674bd386359c6ad649bd6ec0259891bdfdfcd + b50c46ca1142d5d4c72930495fa48515; +} diff --git a/symm/t/des b/symm/t/des index 27afbef4..a5238aa3 100644 --- a/symm/t/des +++ b/symm/t/des @@ -162,3 +162,90 @@ des-eax { df23153076ea552eabc472d40d9c4e859e707cb2acc2d8aa7e828b949b 01fcd2f2e30d870c; } + +des-gcm { + bef260d7bcda1635 + "" + "" + "" + "" + b95298cbf804f0df; + 47d348b7551195e7 + 70 + "" + "" + "" + 22c33c13d4284fda; + 22907dd1dff7dac5 + "" + c9 + "" + "" + 32e3e11e770712c8; + 941d26d0c6eb14ad + "" + "" + 56 + fa + 366c7284d32c1c2b; + 8f86edd1dc9268ee + ee533285a6ed810c + 9b689daaa9060d2d4b6003062365b0a54364c76c160f1189 + 6c4794846ecfa14a7130c9f137120634c9519848a877ff77 + 44f226038a81c0bf29f563401555ce1f15c8d35934f4757e + 19590fc8720cd177; + bf79192a5b50ade5 + d9cd739a + 3d1f337f29549e6b0d27a4 + ba234085406a6136512061f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10 + 4cf8117a588a98676db9fcbc8fd592fc8e065354683bdde62cbdaec0ba89ef9a7e + 0ddf3556750fe18e; + 997a21635c6d62c9 + 269029df3e6057 + acc87638f508046733d9ff61cdbda3b3e98787 + 31ebfedd4705e505da1435dceaa7b1cc49ae1d50c38201a894476b3f10 + bd611ed6e68f3bb8ae3b8b3eccae4a26c64ee9febe4fd46797bf634545 + 5233b3b52edfd9b3; + 2b752eb9529533 + "" + "" + "" + "" + deb6bb8d0f98e479; + 966f27043eb621 + b7 + "" + "" + "" + f72d871e2f82a356; + f65b000961040e + "" + f2 + "" + "" + 12e8da9a09fd309b; + f9b2fc5fa45072 + "" + "" + 7a + 06 + 51a7355bf0814b08; + 9b542cde52ebfd + a19d0ccc520f215e + b57bb3a4f3ebbbb18ac6c95a97a48030370c33d090c54215 + abd6b3ad54efc9a38378c5b93bf4f2aad2605faee2b03fb6 + 4826d7b427e8d7dbfd700e8ef337210c86c2d5994781ebb0 + 19ab2b84d1b8165a; + 48e27fff631027 + 58fe2b69 + ac26afa3349829b9458630 + 6fed54154f8f28523c03d4de1600157846b710ee72807a2219bfb474fd71d891f2 + 43672e659b8698b44928111f7554e23e567bec8fd062387337d29a6f8332f563e3 + c3ef31f3b831d4e9; + 4bb65d1563259f + 9eb53b571ea629 + c54d57dd2d42f70800df9fcbaca48b77dba189 + 196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f768281e040 + c34cf61443b0c83d4120ed5e4ffd2469382732dfb776bc2ce6771cfaf6 + 346dc157ce8660d5; +} diff --git a/symm/t/des3 b/symm/t/des3 index 71cd9f80..87ed8a7a 100644 --- a/symm/t/des3 +++ b/symm/t/des3 @@ -266,3 +266,174 @@ des3-eax { d05f8c73aa124cdfe56cd74db66498169f829858ed7ad4366d6388f6ae 1a54e1c0b2765dd8; } + +des3-gcm { + 60d7bcda163547d348b7551195e7 + "" + "" + "" + "" + 132e46ca9dbab9db; + 7022907dd1dff7dac5c9941d26d0 + c6 + "" + "" + "" + bfd51a7057175d5e; + eb14ad568f86edd1dc9268eeee53 + "" + 32 + "" + "" + d86615981ba738da; + 85a6ed810c9b689daaa9060d2d4b + "" + "" + 60 + 58 + ed191f4620eaf05c; + 03062365b0a54364c76c160f1189 + 6c4794846ecfa14a + 7130c9f137120634c9519848a877ff77bf79192a5b50ade5 + d9cd739a3d1f337f29549e6b0d27a4ba234085406a613651 + aa3017ec2824335d1d4ced7dfa26a12168b7f1666fc0c262 + 5f991803dc1e6270; + 2061f7080cc07df0591d8fa21f2d + d88374d8 + cde8e160ad10997a21635c + 6d62c9269029df3e6057acc87638f508046733d9ff61cdbda3b3e9878731ebfedd + 9c0ed71aaf781676ef39d8f8e1fc9688f0bb74b4b13346ef27c096114375191d99 + 1af29d5d8d54dd86; + 4705e505da1435dceaa7b1cc49ae + 1d50c38201a894 + 476b3f102b752eb9529533966f27043eb621b7 + f65b000961040ef2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f + 70bd822a653d5d478b5b833cba2e8317b4bc5cc0f3b63481cad478b43c + db44ad57ba2d5450; + 215eb57bb3a4f3eb + "" + "" + "" + "" + 1e48437f8a8d8ed9; + bbb18ac6c95a97a4 + 80 + "" + "" + "" + a5cbaee18d95f020; + 30370c33d090c542 + "" + 15 + "" + "" + 2d353887e03a32a7; + abd6b3ad54efc9a3 + "" + "" + 83 + 95 + 7e18fe4cf4d6debd; + 78c5b93bf4f2aad2 + 605faee2b03fb648 + e27fff63102758fe2b69ac26afa3349829b94586306fed54 + 154f8f28523c03d4de1600157846b710ee72807a2219bfb4 + 4db1999e265acd8766761cb5b48a3d7bf61e264daf209900 + c498552a4665b7a1; + 74fd71d891f24bb6 + 5d156325 + 9f9eb53b571ea629c54d57 + dd2d42f70800df9fcbaca48b77dba189196d1ebba10b0467cb9fc2712a199e533f + edcab4a157a12abde9e4743bd4d9351b0b6fe8c3b304c6daf3455197471e1eabdf + baf50f2e628a8632; + a9156308cdec3f76 + 8281e040a9b9a2 + 22bd689aef66f5306ceb0c6b08ac8b0a22260c + 571b4a42bb8fdb233bfa6a5cfb0bad7d95214ade49cb3b6f5fe8368131 + 31865bdd67531355562674e18401ba3e453fc36b8390c5ef81802616fb + a837fdccf1d1647e; + 115c037ba323fe1dc8151784873f0eb5 + "" + "" + "" + "" + b81a0ef79153b70a; + b647da6794c18b5337685a96ed65b9ac + a3 + "" + "" + "" + a519f2296fa3debe; + 38527ef19b09c063c46f88de9fd41e72 + "" + d7 + "" + "" + 5ec4b107491149c1; + b97e23e6eabdff3bcd211499268878db + "" + "" + f3 + 30 + 0824b10396c7f8ba; + 0f1dad89d4b9b12012e4713df4679563 + 0e7952d22bb02d71 + 00b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa92 + 1451dcd1af5813b70d30ce2f1fef6ef315d0798391805da0 + 0237988024ea8379f5a851a1a1df21241c0f794ef45c528b + 0bc36677cc8cad46; + 8da3aefc5f8584b7c5e617669c0f16e3 + 9815d4e9 + cfce3ed1ecdf3d264a7f16 + cb16c2e815f422cdf0c8e30308be3c31e6bc58c0b7cadcb658b970e47479a684b5 + 0a501f6458635eb8074e565be165b71b922c8907caaa5bc385bb62a4f2711a70a5 + d51e68d40adb01c0; + aefa69a4cd52147ed12ca986981a8744 + 98ad0abef8bc4f + cb70e27e98ef1f0446b42fb144d44b6d00f06d + c188d472a784e0c6f21195a3b9f4ae985511265febd11c164720eef9eb + 7af7a90baa5a4ec5904454bd0d62a3beafc988913073eb04f3748af96a + 20721ecf26d54b13; + 1c8dd0b00951f284649016ed00456331854bc78bf4 + "" + "" + "" + "" + ac407ef838e78ff3; + 3966eb0cfa9138ddc39908445608fe95e81c2533e3 + 1c + "" + "" + "" + de0e93debf2119fd; + 9c1a9851bc2810d858cbbc8424d126b807e6daa089 + "" + c3 + "" + "" + 292a3b10a3279110; + f9099c5ffb824173d7634c04226f30cbb7f0e4a973 + "" + "" + a8 + 68 + a0021d91c51fbdb5; + cd190107314717a77456f3ff669c732b58db8f48af + 65f7cc9e3fb90e17 + 21b730374ffc9bc597f56ccbb2f294b38766fc69f6a9f2c0 + 945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a125 + e47c416a265254284ec5ab752f010377d4ff57d4296ce09e + 5e479801a05652fb; + 8b2b9b8f0911e32d65cc1770a18cbfe6effd1ff677 + 8554acf1 + 270485b203a3c1c4c967c0 + a458cb948bdd409b687fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b03cf4 + 2d0fcd3ec8e72558fb6cad34d3a93a7ad4b5b5940fdc77c1dfd733a1ddf5e093d5 + 2e35100e8d1e24fb; + 3e89957f9a3e8128f8743d16687b7bb8deb9bd205b + 70e04c091d205c + dad9e9a79b1abf91b0851e5ca605ac84513995 + 87011677508a15dde524af3e2bee0646541a42c2ecccb44d65bad397ab + fc2c1515c5fc3f727fb3e98ba249a076c3da8668f5e89db6e7956de064 + a2411e499cacffef; +} diff --git a/symm/t/desx b/symm/t/desx index e5ec5c16..a51fad0b 100644 --- a/symm/t/desx +++ b/symm/t/desx @@ -218,3 +218,174 @@ desx-eax { bf860edf5f2e423766bd979b97a8b90082ad8f015e2c24997603fe75e7 783c8dbade8c11f5; } + +desx-gcm { + 60d7bcda163547d348b7551195e770 + "" + "" + "" + "" + 3cbc7b1df84dfef7; + 22907dd1dff7dac5c9941d26d0c6eb + 14 + "" + "" + "" + 37276edd9916fab0; + ad568f86edd1dc9268eeee533285a6 + "" + ed + "" + "" + 88e93bc3d86c7bf8; + 810c9b689daaa9060d2d4b60030623 + "" + "" + 65 + 4b + 742b8f2a4982002f; + b0a54364c76c160f11896c4794846e + cfa14a7130c9f137 + 120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d + 1f337f29549e6b0d27a4ba234085406a6136512061f7080c + ae84aba1c0a431bfee3521370654d195518e43fbbcae082e + 8ae1456ca69792a7; + c07df0591d8fa21f2dd88374d8cde8 + e160ad10 + 997a21635c6d62c9269029 + df3e6057acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da14 + 4f97aead4260eff9a4c1e39ef827ce568f08fcb95f2245503953f5c1e5b02036fb + b685fc67d7bac453; + 35dceaa7b1cc49ae1d50c38201a894 + 476b3f102b752e + b9529533966f27043eb621b7f65b000961040e + f2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3 + e8df8e4af153dbf70d1517d2f6d388f02705dd53c25b7f5c9d7c6c60f8 + fa07533070e3b62b; + ebbbb18ac6c95a97 + "" + "" + "" + "" + 52880f24cb1c97c4; + a48030370c33d090 + c5 + "" + "" + "" + ea8c5fd1be78bb6b; + 4215abd6b3ad54ef + "" + c9 + "" + "" + 6130a7a2a73d2517; + a38378c5b93bf4f2 + "" + "" + aa + bf + 6a2baada10b09a4f; + d2605faee2b03fb6 + 48e27fff63102758 + fe2b69ac26afa3349829b94586306fed54154f8f28523c03 + d4de1600157846b710ee72807a2219bfb474fd71d891f24b + 353616debc97a081ea320a9a6379498465389fc12a30c97e + 29ae2d4f192ff073; + b65d1563259f9eb5 + 3b571ea6 + 29c54d57dd2d42f70800df + 9fcbaca48b77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f + e098b62b321e856c615d30d670b21afbbecc1c01d58184165b0d766819f149ff4d + afd78ddc422cde3b; + 768281e040a9b9a2 + 22bd689aef66f5 + 306ceb0c6b08ac8b0a22260c571b4a42bb8fdb + 233bfa6a5cfb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe + 44c55447399ff836d71fa8adc5975f7fe504a62f8a031d118e9bdb8592 + 3aec6e5c527595ee; + 1dc8151784873f0eb5b647da6794c18b + "" + "" + "" + "" + b649714dae520d42; + 5337685a96ed65b9aca338527ef19b09 + c0 + "" + "" + "" + 0f7b54a0f0e759de; + 63c46f88de9fd41e72d7b97e23e6eabd + "" + ff + "" + "" + b5332afef45bc1e2; + 3bcd211499268878dbf30f1dad89d4b9 + "" + "" + b1 + d9 + 7d02b1fcfd1d0d3e; + 2012e4713df46795630e7952d22bb02d + 7100b8b649377d20 + a8f083455b663e4ee1315f3c8f2aebfa921451dcd1af5813 + b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584 + 902dda67a4bf1b44cc8f2b788541da0946d53815390326c4 + b2a841f844b8b948; + b7c5e617669c0f16e39815d4e9cfce3e + d1ecdf3d + 264a7f16cb16c2e815f422 + cdf0c8e30308be3c31e6bc58c0b7cadcb658b970e47479a684b5aefa69a4cd5214 + cfb2568095e376c9f50aed2f781748b98a68629a13f81842b6ed3315fe03633a37 + 9188774ecda5437a; + 7ed12ca986981a874498ad0abef8bc4f + cb70e27e98ef1f + 0446b42fb144d44b6d00f06dc188d472a784e0 + c6f21195a3b9f4ae985511265febd11c164720eef9eb1c8dd0b00951f2 + be0fd7ae8afa1502f49e7616bd5a20956f3ce40c05b3ec395eefc2ee91 + d16dddd5c97d9dad; + 84649016ed00456331854bc78bf43966eb0cfa9138ddc3 + "" + "" + "" + "" + 35514c76e6059f2d; + 9908445608fe95e81c2533e31c9c1a9851bc2810d858cb + bc + "" + "" + "" + 88e733af8182afbd; + 8424d126b807e6daa089c3f9099c5ffb824173d7634c04 + "" + 22 + "" + "" + fa4d035dde2e7d7c; + 6f30cbb7f0e4a973a8cd190107314717a77456f3ff669c + "" + "" + 73 + 45 + 706978229672282f; + 2b58db8f48af65f7cc9e3fb90e1721b730374ffc9bc597 + f56ccbb2f294b387 + 66fc69f6a9f2c0945ffd505003cc0cae9ce021a5f1fa4ffa + 91544485f1a1258b2b9b8f0911e32d65cc1770a18cbfe6ef + 9b5a4d527d5bc4c52350bb496dcbda3b072b99173b55d90d + 9b96c04ec2f5504e; + fd1ff6778554acf1270485b203a3c1c4c967c0a458cb94 + 8bdd409b + 687fa3a6827b480aa3a4c8 + 4cef64f6c9b53bf8f957f4b03cf43e89957f9a3e8128f8743d16687b7bb8deb9bd + 63b58db88053af9da1f93879beea44bee6faa6a2c672aefc6ec5517b273cecda73 + edbc4b6c82c99d4d; + 205b70e04c091d205cdad9e9a79b1abf91b0851e5ca605 + ac845139958701 + 1677508a15dde524af3e2bee0646541a42c2ec + ccb44d65bad397abfaf529ee41cf9a05c7efedef3401539c51d2a90bbf + e6bc35974509d938a953ad32ae829a5cced3f2846e756fbc99247ae1d5 + 623e465c7913e6b2; +} diff --git a/symm/t/idea b/symm/t/idea index 60f620bd..e9a85f6c 100644 --- a/symm/t/idea +++ b/symm/t/idea @@ -78,3 +78,48 @@ idea-eax { dfd640ccfb02298e9bdb44464e210bb5039e2fcfdf99a07198b5a41744 8100822295ddbb3c; } + +idea-gcm { + e4bef260d7bcda163547d348b7551195 + "" + "" + "" + "" + b53b4af5791611f9; + e77022907dd1dff7dac5c9941d26d0c6 + eb + "" + "" + "" + 5d33a50146fc1873; + 14ad568f86edd1dc9268eeee533285a6 + "" + ed + "" + "" + 476a48223872d6dc; + 810c9b689daaa9060d2d4b6003062365 + "" + "" + b0 + d7 + e7f3f045a67219ca; + a54364c76c160f11896c4794846ecfa1 + 4a7130c9f1371206 + 34c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f33 + 7f29549e6b0d27a4ba234085406a6136512061f7080cc07d + 35242bf91114f81e19e23a3ac1ccd5a9d133f097e1e32358 + d7871555c86f43c4; + f0591d8fa21f2dd88374d8cde8e160ad + 10997a21 + 635c6d62c9269029df3e60 + 57acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dcea + badb12a7460b5d77826a7f419823376c332f6816280031f04aaffa9b92ed8c83e9 + ca45ffd7a56d9250; + a7b1cc49ae1d50c38201a894476b3f10 + 2b752eb9529533 + 966f27043eb621b7f65b000961040ef2f9b2fc + 5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18a + 8508e77f69eba79e7dd8b644ed31dba2f0eba90d09b1170ec17caf72ee + 6c86db8654126e19; +} diff --git a/symm/t/mars.local b/symm/t/mars.local index b1d31b7f..13436bc8 100644 --- a/symm/t/mars.local +++ b/symm/t/mars.local @@ -197,3 +197,174 @@ mars-eax { 64f2ee469fb1577675427113e478b43ab8915dfc5a3370b0b55dadd51f1415083831183748bbbd393ee54171fa12a112addea5bffd 4172000e1d04402689bffffdf46cabac; } + +mars-gcm { + 60d7bcda163547d348b75511 + "" + "" + "" + "" + ebf333475ccfd01e22434b02b7356886; + 95e77022907dd1dff7dac5c9 + 94 + "" + "" + "" + 1f643ac59e0fe29a4c1a84833c1093b9; + 1d26d0c6eb14ad568f86edd1 + "" + dc + "" + "" + e8ed5ca386836f0fde3d8def53764182; + 9268eeee533285a6ed810c9b + "" + "" + 68 + c6 + 0a84b3ea1725580f6ff197fc09ad1d97; + 9daaa9060d2d4b6003062365 + b0a54364c76c160f11896c4794846ecf + a14a7130c9f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a61 + 36512061f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f50804 + 22ebe7296754751f308114594df1ce2c029a959eb46639dda878d75cc411f58924dd49d15b515cb32c987716b9668fff + 9a65ff41da556c3b4ea0154dbc6a7432; + 6733d9ff61cdbda3b3e98787 + 31ebfedd4705e505da1435dc + eaa7b1cc49ae1d50c38201a894476b3f102b75 + 2eb9529533966f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97 + 5ac307a7ba0e8c3f15b3da71b2dbe231914d92040e6099060e12312f940f512a4bea4f140ffc99e37cd4c004fe70fd9afead2070b93e171944 + 3e3a39a40c14cf4455054df3dc812412; + a48030370c33d090c54215ab + d6b3ad54efc9a38378c5b93bf4f2aa + d2605faee2b03fb648e27fff63102758fe2b69ac26afa3349829b94586306fed54154f8f28523c03d4de16 + 00157846b710ee72807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189 + 0c0dc2d9d390c165b844a4fe302c9468dd61b989ec85e415c2e66a02c6a9e88e6c4b29b59526b3bba15ac8c7c773fad8cd346313d5 + b66ce563af3c5adeb147f05f2a1332a7; + 196d1ebba10b0467cb9fc2712a199e533fa91563 + "" + "" + "" + "" + a3752b6bc192c30a8b4a33090b82c8f4; + 08cdec3f768281e040a9b9a222bd689aef66f530 + 6c + "" + "" + "" + 2d7f085e88e212c1d5a7470222846f6d; + eb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa + "" + 6a + "" + "" + afd0596615ac5995f94a4c4933d7bc2b; + 5cfb0bad7d95214ade49cb3b6f5fe8368131115c + "" + "" + 03 + ac + 06c5e4184cedd818df6808aed1cbaca3; + 7ba323fe1dc8151784873f0eb5b647da6794c18b + 5337685a96ed65b9aca338527ef19b09 + c063c46f88de9fd41e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89d4b9b12012e4713df46795630e7952d2 + 2bb02d7100b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa921451dcd1af5813b70d30ce2f1fef6ef315d07983 + 41ed7b09be9ff9174abf78851ec6b7dd1de6abae054b330e761068fcb38c10e658d4a4dcccf87c9bd972a7c3736681e7 + 87c051ef30fb9d6b610ac3d8b367d190; + 91805da08da3aefc5f8584b7c5e617669c0f16e3 + 9815d4e9cfce3ed1ecdf3d26 + 4a7f16cb16c2e815f422cdf0c8e30308be3c31 + e6bc58c0b7cadcb658b970e47479a684b5aefa69a4cd52147ed12ca986981a874498ad0abef8bc4fcb70e27e98ef1f0446b42fb144d44b6d00 + f08e36ab5ed57342834832ae777155f3b98a75495279de1d647d6cbe54143a9ccd11a1394c37aee68c4214deb21134425a11084387c60b3af4 + 4a3532e7462571f4c0aa720877fcc127; + f06dc188d472a784e0c6f21195a3b9f4ae985511 + 265febd11c164720eef9eb1c8dd0b0 + 0951f284649016ed00456331854bc78bf43966eb0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851 + bc2810d858cbbc8424d126b807e6daa089c3f9099c5ffb824173d7634c04226f30cbb7f0e4a973a8cd190107314717a77456f3ff66 + 0dea7dfec76fd70330daafa91a42de22cb7d9ccb8f762fb36eeb5cacf96cad8a5972e163c42f0ccffceab82352f7b357614c058b2f + 8e46584fadfee6bf54b6b3df1127e528; + 9c732b58db8f48af + "" + "" + "" + "" + 97b6cfc2d51f18dbfb036aead20cf7c9; + 65f7cc9e3fb90e17 + 21 + "" + "" + "" + e660c51ce4935fb6b0568b9da21fd6bc; + b730374ffc9bc597 + "" + f5 + "" + "" + 029a8fbbcffd6a6657ea08e6f8563c5c; + 6ccbb2f294b38766 + "" + "" + fc + 73 + 8a51e96b7e49dd61bf505d6be05880c1; + 69f6a9f2c0945ffd + 505003cc0cae9ce021a5f1fa4ffa9154 + 4485f1a1258b2b9b8f0911e32d65cc1770a18cbfe6effd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd40 + 9b687fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b03cf43e89957f9a3e8128f8743d16687b7bb8deb9bd205b70 + 51af1a674261ce3b602216b7be5490dc29b5c0fc13111ef312aee59aa415455eb45ecb08971640295ee6083d336852ff + 033c89302140a07d7ec18495ac6e04de; + e04c091d205cdad9 + e9a79b1abf91b0851e5ca605 + ac8451399587011677508a15dde524af3e2bee + 0646541a42c2ecccb44d65bad397abfaf529ee41cf9a05c7efedef3401539c51d2a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718 + 1322a51e98047b8ab460b5862ecb72506d86347ff23da7c246c7412e66f778c44fcac56086f6233cc65342b25825c27447162c75c4f4d47e77 + d1c84ad7d023b7339eeb10cf9d4a54b0; + fd25014107c8e7d7 + 15a92add9589d1f5c054b2d9835146 + 05ec590294a319b9802068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff59a332ba58d5 + d5589bfe079753ee1a957eb6d6699e6b7ea2725cb2dac07ecde95759ac46fee6dda7abc8ad68daac90cfe22d2f1f2968cc42fa8b66 + 7d49e4c21966171b11dcd2557bc759735b6a0f8883869a032ff7e3b7300f6c177a17c78de29b7dd1fb60dcd83df08d94b4f7b203fa + 9e558cfae2396ef731781539964cb64f; + 9ed3bb3542a9cf44bbc8c6254d980398bd94e66eb4563d405e51881e99027b8ab9aea3cc + "" + "" + "" + "" + d7edfedbfaaa00b83910524a6a72a0bd; + f860b0009740763d96836c5f87b95460938de1288c69d80ea12ff4bb5f069b8a2e86041c + 1b + "" + "" + "" + 9b47dca7222907d7728d60047341be6b; + 9fc214e9ca2186ddf1f6a7a3aa7e740da967828e3604b35b15ffaa6c36800d9645563a30 + "" + 8b + "" + "" + 4d7ff706428aed21fed40ba423e497f6; + a60076817523bd2abf1261b089d8f23a9c2835076a23faac2cdd67771cc667a8331f0a17 + "" + "" + 0b + ed + 513db06c53e14e17a0a6a2358c63eb84; + 66283e4f834a06148f302c3973accd56f6f24e33958b8c2e2352fd61e4fa8fec816ac861 + a8b33779f09e7a10fc02a8f48afa3080 + ee119a52a9a817e4f2b94b0820cab383a8cffeea7c486315799dc875fba578c8ec4837898a92142b5b0677da1ac27311 + 7b45bcfff5d5f8b6fde2893232a9f81d14517ffae475f6b94a43a67b3d380d2f9aaafe2dd721c0095c88088476892114 + 1cabcdd7bd2c878d0d509527aba73014be8fda187aad0fa6171cdf7b40611f6e0436653ff03bdc3540fc240fbf2edf11 + 4747f36bac04dfc0d594803a8b5f7393; + 50ba8095ffab1eaadf66fd22ac1976063e113ab61f813e28a1397a7974a1d7f4220c785f + e426a5a0e80f678d40414784 + 2941feeffdc2eb44dc8c0d5e8f444f7f4e0c89 + 3959b74dc23a7bb40e7e0013e5150686d2301b43a15a84e81d7f5cedaa49e2414ebf47970e560475cff206877de69146acc3ab6cf8556b7aa7 + 83be0a213ffe127c49ec5352ec0f5542abda27387079f4e8f6e056187eb8e7afe34ef415383f54eeb5332137ca5407e3bb19019796a375286c + 03d0ffe3b26614eb375f0f9043d69cfa; + 76945948d1b8834df2196c92ec1718dcdeee0d52d9539726d2810391b3f9d10c39b07ae8 + f08ce7cee4758a386a9943e97dedfb + e61e737882cd09c2b9a80f34c0fde11c2481b11fc76bfa4dbf710a9e544e0c536ca1e040f9ad5b04140d98 + edabe08485290a4d87d13b07398a1458c2c6b61dbdbc1cccada8c1a0a9aabb6c4e3c3554f8fb1ef61614c270295dfc0ca6551ca4bd + 9f02629363a56a6e8067f76d0df265f5d1d4774c129186fd96e0826e4d5a6fd643b6fc7e484caa72575f7774f8d7d55529c816b3a8 + 77d7548dfeed0ca41810c69586ef999d; +} diff --git a/symm/t/noekeon b/symm/t/noekeon index 4e6ade41..c51b4a77 100644 --- a/symm/t/noekeon +++ b/symm/t/noekeon @@ -62,3 +62,48 @@ noekeon-eax { 5fe35fcbf55279bdca2295b483181ccff932771ccd59aa3e35b39b6564032af118547a9704fffe57c789a88b70c7eca6eaabea82b8 4953808f5678ba307676326facca87d2; } + +noekeon-gcm { + e4bef260d7bcda163547d348b7551195 + "" + "" + "" + "" + d739a8af18e930e49547f57c7454eb47; + e77022907dd1dff7dac5c9941d26d0c6 + eb + "" + "" + "" + 6b26f591dfb442623c1590caefa4d323; + 14ad568f86edd1dc9268eeee533285a6 + "" + ed + "" + "" + 77fc8f1632e4f4294f6b9df680afc350; + 810c9b689daaa9060d2d4b6003062365 + "" + "" + b0 + 26 + e6aa7e364110e5c886e865b8fbffbece; + a54364c76c160f11896c4794846ecfa1 + 4a7130c9f137120634c9519848a877ff + 77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7080cc07df0591d8fa21f2dd8 + 8374d8cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61cdbda3b3e9878731ebfedd47 + 7d5aef8b63a47da6a441fa4e9b36c31c39c58ac1d95728acf41ca1f81784cfb58b66ad385bc75e43062531cb3e5a5662 + 8dcf9c1d3abaf968a359afb853e866bc; + 05e505da1435dceaa7b1cc49ae1d50c3 + 8201a894476b3f102b752eb9 + 529533966f27043eb621b7f65b000961040ef2 + f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33d090c54215abd6b3ad54efc9a38378 + 55ada77e6525df0ec6c424d43cedc25f04a9b1d37d2813c1ebc6a35d157c3137cb5f04753e86676a111d72e7303bb8430ac48f65fa5b125e7a + 8c0d31d253b49759c1289ca15bdd068a; + c5b93bf4f2aad2605faee2b03fb648e2 + 7fff63102758fe2b69ac26afa33498 + 29b94586306fed54154f8f28523c03d4de1600157846b710ee72807a2219bfb474fd71d891f24bb65d1563 + 259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f76 + 3e98ad97b1901fa089ddb06696ad688a3de2274b81d49c3198c17b2c1bd19556d0679d64d61f034880c89f111631bf78c4512599d7 + 5942a749a90e4af467a8a5782590dc69; +} diff --git a/symm/t/rc2 b/symm/t/rc2 index 60b352ff..7a9df082 100644 --- a/symm/t/rc2 +++ b/symm/t/rc2 @@ -209,3 +209,174 @@ rc2-eax { 9cf8b628ab6c3e8c69c289c3564027ff0de5e6bcecc38c05b8d1b7ec0a fd274b8e3c469eb6; } + +rc2-gcm { + 60d7bcda163547d348b7551195e77022907dd1dff7dac5c9941d26d0c6eb14ad568f86edd1dc9268ee + "" + "" + "" + "" + 359ae96bacf96c86; + ee533285a6ed810c9b689daaa9060d2d4b6003062365b0a54364c76c160f11896c4794846ecfa14a71 + 30 + "" + "" + "" + b106f982ce0fa16f; + c9f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085 + "" + 40 + "" + "" + 83c2efaff3e6fdf8; + 6a6136512061f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e + "" + "" + 60 + c9 + dcac5bc0a6fc80b2; + 57acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dceaa7b1cc49ae1d50c3 + 8201a894476b3f10 + 2b752eb9529533966f27043eb621b7f65b000961040ef2f9 + b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57b + 9c8dd0c92811769d381b46a75e60b5d80aebe054d178080f + bae3d5a852937cf2; + b3a4f3ebbbb18ac6c95a97a48030370c33d090c54215abd6b3ad54efc9a38378c5b93bf4f2aad2605f + aee2b03f + b648e27fff63102758fe2b + 69ac26afa3349829b94586306fed54154f8f28523c03d4de1600157846b710ee72 + 24efd192d24c0a27bb0453a186632e8084dee9028fd647362aa26cf46ed118f682 + 1505f15227faa14f; + 807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b + 77dba189196d1e + bba10b0467cb9fc2712a199e533fa9156308cd + ec3f768281e040a9b9a222bd689aef66f5306ceb0c6b08ac8b0a22260c + fe9f005b0bbe7851e82e3e55aadc6fa3297c4dc6aac7da88eea83d77c1 + ca6d92a0f8474851; + 571b4a42bb8fdb233bfa6a5cfb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe1dc8151784873f0eb5b647da6794c18b5337685a96ed65b9aca338527ef19b09c063c46f88de9fd41e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89d4b9b12012e4713df46795630e7952d22bb02d + "" + "" + "" + "" + 644405a0cd8f478c; + 7100b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa921451dcd1af5813b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584b7c5e617669c0f16e39815d4e9cfce3ed1ecdf3d264a7f16cb16c2e815f422cdf0c8e30308be3c31e6bc58c0b7cadcb658b970e47479a684b5aefa69a4cd52 + 14 + "" + "" + "" + 986911f8fb61ffd2; + 7ed12ca986981a874498ad0abef8bc4fcb70e27e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae985511265febd11c164720eef9eb1c8dd0b00951f284649016ed00456331854bc78bf43966eb0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851bc2810d858cbbc84 + "" + 24 + "" + "" + 55348e0c9fadf225; + d126b807e6daa089c3f9099c5ffb824173d7634c04226f30cbb7f0e4a973a8cd190107314717a77456f3ff669c732b58db8f48af65f7cc9e3fb90e1721b730374ffc9bc597f56ccbb2f294b38766fc69f6a9f2c0945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a1258b2b9b8f0911e32d65cc17 + "" + "" + 70 + 63 + 399484cb038779bb; + a18cbfe6effd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd409b687fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b03cf43e89957f9a3e8128f8743d16687b7bb8deb9bd205b70e04c091d205cdad9e9a79b1abf91b0851e5ca605ac8451399587011677508a15dde524af3e2bee06 + 46541a42c2ecccb4 + 4d65bad397abfaf529ee41cf9a05c7efedef3401539c51d2 + a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718 + c734efcfe1131a326af5fd518ab1033e7ffd7c4eb825b4c1 + 8255ef3dc1ff72a3; + fd25014107c8e7d715a92add9589d1f5c054b2d983514605ec590294a319b9802068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff59a332ba58d5d5589bfe079753ee1a957eb6d6699e6b7ea2725cb2dac07ecde95759ac46fee6dda7abc8ad68daac90cfe22d2f1f2968cc42fa8b66 + 9ed3bb35 + 42a9cf44bbc8c6254d9803 + 98bd94e66eb4563d405e51881e99027b8ab9aea3ccf860b0009740763d96836c5f + 7b2425dc58e780f0ab6b356cdb6ad2223d2dd69372109f08203100aa9095ec1551 + 094f16bdf157a900; + 87b95460938de1288c69d80ea12ff4bb5f069b8a2e86041c1b9fc214e9ca2186ddf1f6a7a3aa7e740da967828e3604b35b15ffaa6c36800d9645563a308ba60076817523bd2abf1261b089d8f23a9c2835076a23faac2cdd67771cc667a8331f0a170b66283e4f834a06148f302c3973accd56f6f24e33 + 958b8c2e2352fd + 61e4fa8fec816ac861a8b33779f09e7a10fc02 + a8f48afa3080ee119a52a9a817e4f2b94b0820cab383a8cffeea7c4863 + 1118c134e5ab39c5332fba8f3e0a566361c72bc4fd4a14219400ac57e7 + b8a684bad429d427; + 15799dc875fba578c8ec4837898a92142b5b06 + "" + "" + "" + "" + 441a5fc1a7aa3965; + 77da1ac273117b45bcfff5d5f8b6fde2893232 + a9 + "" + "" + "" + c2d97eafb2d4dec5; + f81d14517ffae475f6b94a43a67b3d380d2f9a + "" + aa + "" + "" + 137e2f9a5fbfaed9; + fe2dd721c0095c8808847689211450ba8095ff + "" + "" + ab + 8e + 1499fe34d82b9009; + 1eaadf66fd22ac1976063e113ab61f813e28a1 + 397a7974a1d7f422 + 0c785fe426a5a0e80f678d404147842941feeffdc2eb44dc + 8c0d5e8f444f7f4e0c893959b74dc23a7bb40e7e0013e515 + 46c4eff1fd15b9be037e2e240b8845cc9e7e2530ae6214ea + 9feaa7393f439893; + 0686d2301b43a15a84e81d7f5cedaa49e2414e + bf47970e + 560475cff206877de69146 + acc3ab6cf8556b7aa776945948d1b8834df2196c92ec1718dcdeee0d52d9539726 + 7af0b728198469b00a3792e3640858ea8e10f4f9a0ee2f97b007f3961499d92d0d + 1d5b27a15b866945; + d2810391b3f9d10c39b07ae8f08ce7cee4758a + 386a9943e97ded + fbe61e737882cd09c2b9a80f34c0fde11c2481 + b11fc76bfa4dbf710a9e544e0c536ca1e040f9ad5b04140d98edabe084 + dab65bbaad4fa9e2aeee14886c89799acfd26a90de80cd6851f05113d3 + c547859e516e9528; + 85290a4d87d13b07398a1458c2c6b61dbdbc1cccada8c1a0a9aabb + "" + "" + "" + "" + 666def937cca91b5; + 6c4e3c3554f8fb1ef61614c270295dfc0ca6551ca4bdb75359f91c + b9 + "" + "" + "" + cb3f188911d99a1a; + d921056b7de74fc9a9b37154ce6c0b396179d31f06a1dd5982cbc0 + "" + d7 + "" + "" + 223747afb3570769; + cb23841da1ae8f4ae480cda98ad6cf2bacf6f9fd3f821330c43f3d + "" + "" + f6 + f4 + 6ae1ee13e1831acb; + c2b3fac7cbcf96523d4723f91801325eb8553236651c96788d73d1 + 92ee53b3f3ebd66d + dd98cedbe88e245de25b1593b70f8601562d90a9b59ed034 + a867642d25d54756fa5c47f16f64b837bb4926214211a1c6 + d995a4197fa15265ee44b445bc0d3940c486f9c34ba9077e + 0b047045426e23e6; + 96ba172010abb433922a22d9fd881519165eb9d85197a21cc34ac0 + d5ae7be8 + dbf98e4ffed2cf6b1372a5 + aa47b54fd9d70c70e117bf1cae71b3a56f0e7d839ea59cc783443d64f2ed6a29b9 + a4ed2fa0d3f42b2c3270ac0801aeaa7f28f57b101c8a9a1c0e45a046e9c6887b00 + 4c3c11a4709bcf9c; + 6856beca34fd6544bcf86b799e2a1681160ccf055f0fd3001da597 + a1406d465b7b14 + 19ea51cf858f938f6daafbd656445a09898eaa + 96ffc3d1d2e31e4e34c94b8bfae64825ecd75a66d88eedb969ffe07669 + a1a0fe6856d107a0b49d164b72c0102a06bfc6ea17723f7587fab4808c + d797a4abd2ac973e; +} diff --git a/symm/t/rc5 b/symm/t/rc5 index 78e1a3de..921c438a 100644 --- a/symm/t/rc5 +++ b/symm/t/rc5 @@ -211,3 +211,174 @@ rc5-eax { a9dc22dc5d57626720b7c1260c63dae59cbad790ac527d5a26e7d943dd 86f8915e2fdee1e3; } + +rc5-gcm { + 60d7bcda163547d348b7551195e77022907dd1dff7dac5c9941d26d0c6eb14ad568f86edd1dc9268eeee533285a6ed810c9b689daaa9060d2d4b6003062365b0a54364c76c160f11896c4794846ecfa14a7130c9f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e6057 + "" + "" + "" + "" + e2f61b7a5d2e1c0a; + acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dceaa7b1cc49ae1d50c38201a894476b3f102b752eb9529533966f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33d090c54215abd6b3ad54efc9a38378c5b93bf4f2aad2605faee2b03fb648e27fff63102758fe2b69ac26afa3349829b94586306fed5415 + 4f + "" + "" + "" + 8054b24c29fed688; + 8f28523c03d4de1600157846b710ee72807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f768281e040a9b9a222bd689aef66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe1dc8151784873f0eb5b647da6794c18b5337685a + "" + 96 + "" + "" + db8e85bf23f737de; + ed65b9aca338527ef19b09c063c46f88de9fd41e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89d4b9b12012e4713df46795630e7952d22bb02d7100b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa921451dcd1af5813b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584b7c5e617669c0f16e39815d4e9cfce3ed1ecdf3d264a7f16cb16c2e815f422cdf0c8e30308be3c31e6bc58c0b7cadcb658b9 + "" + "" + 70 + 17 + 7c5e0036fc6b0768; + e47479a684b5aefa69a4cd52147ed12ca986981a874498ad0abef8bc4fcb70e27e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae985511265febd11c164720eef9eb1c8dd0b00951f284649016ed00456331854bc78bf43966eb0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851bc2810d858cbbc8424d126b807e6daa089c3f9099c5ffb824173d7634c04226f30cbb7f0e4a973a8cd190107 + 314717a77456f3ff + 669c732b58db8f48af65f7cc9e3fb90e1721b730374ffc9b + c597f56ccbb2f294b38766fc69f6a9f2c0945ffd505003cc + 3549c431f3e7576dfcaf3130ec16f3f548704d727782677b + 28148be1172ee6bf; + 0cae9ce021a5f1fa4ffa91544485f1a1258b2b9b8f0911e32d65cc1770a18cbfe6effd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd409b687fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b03cf43e89957f9a3e8128f8743d16687b7bb8deb9bd205b70e04c091d205cdad9e9a79b1abf91b0851e5ca605ac8451399587011677508a15dde524af3e2bee0646541a42c2ecccb44d65bad397abfaf529ee41cf + 9a05c7ef + edef3401539c51d2a90bbf + 7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718fd25014107c8e7d715a92add + 3ff03565f741b63e12a647f755353af479b9f3ddfa1d50ff1540221f0bbb5c8b1e + 81f81acac5371be7; + 9589d1f5c054b2d983514605ec590294a319b9802068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff59a332ba58d5d5589bfe079753ee1a957eb6d6699e6b7ea2725cb2dac07ecde95759ac46fee6dda7abc8ad68daac90cfe22d2f1f2968cc42fa8b669ed3bb3542a9cf44bbc8c6254d980398bd94e66eb4563d405e51881e99027b8ab9aea3ccf860b0009740763d96836c5f87b95460938de1288c69d80ea1 + 2ff4bb5f069b8a + 2e86041c1b9fc214e9ca2186ddf1f6a7a3aa7e + 740da967828e3604b35b15ffaa6c36800d9645563a308ba60076817523 + b0b28a3e099aecdda0b6756d2340184ab16df2c8cee22003ec3b783500 + 61d50b3d4e61fa34; + bd2abf1261b089d8f23a9c2835076a23faac2cdd67771cc667a8331f0a170b66283e4f834a06148f302c3973accd56f6f24e33958b8c2e2352fd61e4fa8fec816ac861a8b33779f09e7a10fc02a8f48afa3080ee119a52a9a817e4f2b94b0820cab383a8cffeea7c486315799dc875fba578c8ec4837898a92142b5b0677da1ac273117b45bcfff5d5f8b6fde2893232a9f81d14517ffae475f6b94a43a67b3d380d2f9aaafe2dd721c0095c8808847689211450ba8095ffab1eaadf66fd22ac1976063e113ab61f813e28a1397a7974a1d7f4220c785fe426a5a0e80f + "" + "" + "" + "" + 6133d10511794867; + 678d404147842941feeffdc2eb44dc8c0d5e8f444f7f4e0c893959b74dc23a7bb40e7e0013e5150686d2301b43a15a84e81d7f5cedaa49e2414ebf47970e560475cff206877de69146acc3ab6cf8556b7aa776945948d1b8834df2196c92ec1718dcdeee0d52d9539726d2810391b3f9d10c39b07ae8f08ce7cee4758a386a9943e97dedfbe61e737882cd09c2b9a80f34c0fde11c2481b11fc76bfa4dbf710a9e544e0c536ca1e040f9ad5b04140d98edabe08485290a4d87d13b07398a1458c2c6b61dbdbc1cccada8c1a0a9aabb6c4e3c3554f8fb1ef61614c27029 + 5d + "" + "" + "" + 25ff252aec8e0979; + fc0ca6551ca4bdb75359f91cb9d921056b7de74fc9a9b37154ce6c0b396179d31f06a1dd5982cbc0d7cb23841da1ae8f4ae480cda98ad6cf2bacf6f9fd3f821330c43f3df6c2b3fac7cbcf96523d4723f91801325eb8553236651c96788d73d192ee53b3f3ebd66ddd98cedbe88e245de25b1593b70f8601562d90a9b59ed034a867642d25d54756fa5c47f16f64b837bb4926214211a1c696ba172010abb433922a22d9fd881519165eb9d85197a21cc34ac0d5ae7be8dbf98e4ffed2cf6b1372a5aa47b54fd9d70c70e117bf1cae71b3a56f0e7d839ea59cc783443d + "" + 64 + "" + "" + 68c3eb5a75e3992e; + f2ed6a29b96856beca34fd6544bcf86b799e2a1681160ccf055f0fd3001da597a1406d465b7b1419ea51cf858f938f6daafbd656445a09898eaa96ffc3d1d2e31e4e34c94b8bfae64825ecd75a66d88eedb969ffe07669845ebb7a24c69f13d099f47166edf54538e88fbf433a7ff212085179e79771f6eee7283ab178ef2b800d7b969da05780ffc1ba78c70dda7a4ca2a25e771702fb1901ecfc8a959cb8e75079bb018ccc8c54f31b450e88f8e9002926ad0284c738f4cb0f58a1e34c8b15ad930c1b627235a2cb84241986c251f5b70be2367f047265264e0da72e + "" + "" + fe + ca + 187921ec9e1052c1; + 8995e6c932a17eab511eddb8e4ba463c663035a6ae8a7a899e4279d54d03f0e0f3e961dcfd40088d5be74088e4097efb0368c7e2f431ee6988cf2a0e9ebeb3de79c4f86c9e4fba61339d6d907eab7707ca48ff5ba1ae93d16225d469de5747bc1addf5748729720a320fe14fd29cfc59314fe2079c0a2535ded56112d6e3d33dcf7c71cd7d130323794e3da84a9df69703a9caf02d2a8f57ac71e554a6850d55882f8c7ae6994fc8528bd18c374fc43581d2f72a89584a2404a059f7f99c7241a0c879d6d4455b382a9ce757b3e7a1d07585ad9d7ea9c7c9cf54f3bc6d + 94238ab56d738e02 + abd651477cd726d6f3ebcd6fadeab50906642a7de6496247 + 060e7be3632ed9bd94bb42f45a8733b2cd2df9d1d905cfdb + ce458e557a153a69bff6fe3c4489c7a06e87dbbe31777fb2 + b90acc3a3f31e693; + 29983050d6bcdb686a0c897031ad09a5b8fa687ec3bad8e18dc2ad361f1e226e78876cd35f86c639733c5cd84aed8aaebabb7e0f24edfd9710b7bca91b612ea37fc5cc09f7f62f66b423fcd2dec5de24d264f2c839839c1b06319f687dbc68d9f07fd41ccb4f8cde8de201ec2680332bbded4883deea0b58b54bdd13c17ef292b0ded3caeb5e57fd21df10bc6186265ee6ea45907de6cb822fb2ef953aea358a03e0fce2e1b9511bd332c86e67f123377a8f0256b8dcc73ae1b3c6cd3f104e3cb24284cfed17811d64d492d39ea7496993a25b072945d83f923e66b0a6 + 689cf096 + 9c003a8fca80e322a4b1bf + 050c1220450433efb6b6d8a2d820cf27a64b9d47f636845dac557bb3e75f3a18fb + 17a5e823d237aa01c73f6414d39d44b2f564a0dd3f1a07a2899a8051d1f0df8f39 + 36f636bbcbf9dd90; + 8e173416867fcd0ee78ddd9236beec76d55ed58b10f91d07a037791ab96e83c4bf2fb5b205e592c172a5cbc19456c95c1bea6079f3867e52d663cb3884b2a0a8ff825df752423f3179bfeb89eca385f20ddce5f1f23564672e370ffc37d400a31e8aac1d426ce10df73c5ee478b3b63d91024780e974a8a2a0e7a36f84ab1286b627e7d01b38a84a6de738721ed80fd0d7f69fa658abb5a440d304128719b541a9451cead18e4c61d93d1f8fcc53574427767396322b3bf7d02cec05093696cec07591ada462271b1d1519eedde0df37a330fe8c22ebd77705917b7e32 + ae88f45a34a8ba + 3037235e19a394be4d26ce47317d8087684456 + b4cfc5555e925e3e7b2ebc829b2d0505ea617b0ca9531bcdb96040d390 + 57f5a0f8d6415a8a621157e06114338900a5cd0837278b2751fc96da0d + 5e3bc104eafa8f9c; + 40e632d562643ccb64286303040fcaf679e914eaddc05af8843ce6a427b99a5dc266de31c09165 + "" + "" + "" + "" + 7810963d0383460c; + 237eeefe4b58cc034b9f099f04678c2a9da898b39324cd3087a651014f6796f9c4881d89e127e6 + 22 + "" + "" + "" + 914c0d07b56a620c; + 21e47e57badd678d490c2f320ff8fb1c42761bd439f3e96dc0ed1d5b2169912af1a4e2c533c52b + "" + a3 + "" + "" + 841a2c9697997e1f; + e8c71c23a089e231480aa63c484fb34bd522397f102cb8ecf4f64e329884fe73be257a753b3820 + "" + "" + 0b + 05 + 8137867eb2cf4281; + c23f94a079bde2dd98d813655dafa15b85419d15c41a5153cce5d0e8c8702db2ba11927589678d + 4f7b8fcfad4818c4 + 11f15f452300903874f9a532ee46496ae753a2340af7b91f + 9632fc5ae71ae18b40de751ab6b6761ca16434a9935e466e + 38b42c255ef96643eb10b3bc9f2691c2e99fce686f1f475b + c32a64eb29ba1822; + 11c1cb072f32a59c313dba3db646ae909a096697d9a7b0556463ff1126ebc43263391424d02739 + d0787e80 + 4d8f1dccf6c897a8a48431 + 324324041b5302ccd501b538bd03d5cb5c90d1fd3f7d2be187a787032c79ed9007 + 181bd0dc71010e424ebc9ef3076822ee1f476f71597408a6bed166e9d1041c5144 + 4752f2416b0d0b58; + 64ee4ce1d3fc042c084f7d8c0c48ad7d6f1eabd0fd1ec24a88f26734d5c8d92dbd873a8fe11309 + 0d401bea4d28ff + 49f10ff593adc258e091abd31b62dd1735158f + 98765970acc6602da063aae01a2a199d3a4f37a5f062d216d2053a83b5 + 80090c15eefaee5a89856fb9a6e0d3754984998915327ea69facb3c3e5 + 67af4d834f3cdf11; + d3a0488ab0d2df631b2892cdfcf9fdd0f37de9ed67179aeae82fe00009428b297b553230a6d917fa0c1a233c9ebc8a4cba45b20543c540fc1b9dbce078b87a1534acf03897b95a3f372e9f6c5a + "" + "" + "" + "" + 2f94915a82b486df; + 5f2ae44a7dbce9ba43a39089de20de70d0544b5151db0a16e9769e8f2fc12c7f839fab269a0056284a697ffd4113a1cf43b5d5bdce2d86dead83f5a356e9106bedf908db61f1119f9700260ea9 + 37 + "" + "" + "" + f02d5d46eab2e377; + 9cc7232184d217158fee8ca42e75614739e9007f234fbcd86b0ad8f641a0449b6d9b0f99d1cb4a57a4d6f987feb0ade90aa1d81c4f497b3734be301da3e25fe692629db57311f422f3a1573f9e + "" + 05 + "" + "" + e3c6faf9bbec6f8a; + 53a23e96265e4326fa532d7136863e5b4bc6c99ade3d4eb23cacdf6e42ad8ca13187eba1532920ba31582b3793b05fa65e9f80c5814b91f4d3c581c7b16c46b484859c6d19eebaf124681aa3be + "" + "" + 99 + 50 + 8e188c981fa9757d; + 43307fa4ef095ef8e7e50b703dc0420e74227c9351366ef8e98e1e24b48aa989dbb8d0f10471ae5428a6012fbe4f5cb2dab2863e574842cc0b3774e00dcfa63b0db1716c7e916a26fc2e198f8d + b63ab59955989497 + 782f16c5816270ef3fbe4ea22f484ddc12ec8f4bdbd6ebdf + bafb21fcf5427dbee5f95b53a0b4cb6d7c128b79f4657895 + 4a73ab00c6b33f577e36b151435331661e7a4f8ad2cf2424 + 3feaf9765a80ad6d; + f4b0ba518dd61436140f20d40224baac3a602da83cb254a7e03f052c63c1f3f00f301cc944a1789133bb8048f07dc123f2ca7e20c83988e4bfea6d561ab5aea542db544a14376d5d52f7265c7a + 8d2fc4fe + ef99b9dba89eb472f71d8e + b5affe900d776e4cf74e52b6c86db981143082735c6473a86a5da3d2e8cbb8602e + f41bd01dcd02e66f0d3b4771c32053d11c302c6144fb40397bf548b21d6b748655 + c0c9b188065fbe55; + bbaf08bf9315fba15f46714bfd2c8312fb5744dfe84615ddb93f15360161f2efb1fc39b8b6ad97427dcaa0435bee7f3a5c11fd01b9c120aa6004f84bcba838a1c33beb4087719135b355dce9ff + d6fd639f192e4c + 2c9a2752bf74a3f63408d3b27df51f44ed5537 + bfb0162f05edbad1b2c36ceec1dc407475b8e05fcb5ee66c7205f21804 + 7a28b08624230f3c25eac43abc77e6525efd4ccf45b72033af74c47021 + 70cf57e5e7d02c97; +} diff --git a/symm/t/rijndael.local b/symm/t/rijndael.local index 5f68b95f..4039dbbb 100644 --- a/symm/t/rijndael.local +++ b/symm/t/rijndael.local @@ -305,3 +305,465 @@ rijndael-eax { 03f7e555335edc0f776c210da68ddceda30e7b6d11f62aab60a17f443e6000c31ca8927b28791f8b5dcff245c82b63ebca8cdbeb9a a860ca21635e5d2c1fa19d96a4c394fa; } + +rijndael-gcm { + + ## NIST examples. + feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + "" + "" + "" + 3247184b3c4f69a44dbcd22887bbb418; + feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + "" + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 + 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985 + 4d5c2af327cd64a62cf35abd2ba6fab4; + feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4 + "" + "" + 5f91d77123ef5eb9997913849b8dc1e9; + feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 + 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985 + 64c0232904af398a5b67c10b53a5024d; + feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d585 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091 + f07c2528eea2fca1211f905e1b6a881b; + + feffe9928665731c6d6a8f9467308308feffe9928665731c + cafebabefacedbaddecaf888 + "" + "" + "" + c835aa88aebbc94f5a02e179fdcfc3e4; + feffe9928665731c6d6a8f9467308308feffe9928665731c + cafebabefacedbaddecaf888 + "" + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 + 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256 + 9924a7c8587336bfb118024db8674a14; + feffe9928665731c6d6a8f9467308308feffe9928665731c + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4 + "" + "" + 02cc773bc919f4e1c5e9c54313bface0; + feffe9928665731c6d6a8f9467308308feffe9928665731c + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 + 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256 + 3b9153b4e7318a5f3bbeac108f8a8edb; + feffe9928665731c6d6a8f9467308308feffe9928665731c + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d585 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710 + 93ea28c659e269902a80acd208e7fc80; + + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + "" + "" + "" + fd2caa16a5832e76aa132c1453eeda7e; + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + "" + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 + 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad + b094dac5d93471bdec1a502270e3cc6c; + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4 + "" + "" + de34b6dcd4cee2fdbec3cea01af1ee44; + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 + 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad + c06d76f31930fef37acae23ed465ae62; + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + 3ad77bb40d7a3660a89ecaf32466ef97f5d3d585 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662 + e097195f4532da895fb917a5a55c6aa0; + + ## IEEE tests for P802.1. + ad7a2bd03eac835a6f620fdcb506b345 + 12153524c0895e81b2c28465 + d609b1f056637a0d46df998d88e5222ab2c2846512153524c0895e8108000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340001 + "" + "" + f09478a9b09007d06f46e9b6a1da25dd; + ad7a2bd03eac835a6f620fdcb506b345 + 12153524c0895e81b2c28465 + d609b1f056637a0d46df998d88e52e00b2c2846512153524c0895e81 + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0002 + 701afa1cc039c0d765128a665dab69243899bf7318ccdc81c9931da17fbe8edd7d17cb8b4c26fc81e3284f2b7fba713d + 4f8d55e7d3f06fd5a13c0c29b9d5b880; + 071b113b0ca743fecccf3d051f737382 + f0761e8dcd3d000176d457ed + e20106d7cd0df0761e8dcd3d88e5400076d457ed08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0003 + "" + "" + 0c017bc73b227dfcc9bafa1c41acc353; + 071b113b0ca743fecccf3d051f737382 + f0761e8dcd3d000176d457ed + e20106d7cd0df0761e8dcd3d88e54c2a76d457ed + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340004 + 13b4c72b389dc5018e72a171dd85a5d3752274d3a019fbcaed09a425cd9b2e1c9b72eee7c9de7d52b3f3 + d6a5284f4a6d3fe22a5d6c2b960494c3; + 013fe00b5f11be7f866d0cbbc55a7a90 + 7cfde9f9e33724c68932d612 + 84c5d513d2aaf6e5bbd2727788e523008932d6127cfde9f9e33724c608000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f0005 + "" + "" + 217867e50c2dad74c28c3b50abdf695a; + 013fe00b5f11be7f866d0cbbc55a7a90 + 7cfde9f9e33724c68932d612 + 84c5d513d2aaf6e5bbd2727788e52f008932d6127cfde9f9e33724c6 + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b0006 + 3a4de6fa32191014dbb303d92ee3a9e8a1b599c14d22fb080096e13811816a3c9c9bcf7c1b9b96da809204e29d0e2a7642 + bfd310a4837c816ccfa5ac23ab003988; + 88ee087fd95da9fbf6725aa9d757b0cd + 7ae8e2ca4ec500012e58495c + 68f2e77696ce7ae8e2ca4ec588e541002e58495c08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d0007 + "" + "" + 07922b8ebcf10bb2297588ca4c614523; + 88ee087fd95da9fbf6725aa9d757b0cd + 7ae8e2ca4ec500012e58495c + 68f2e77696ce7ae8e2ca4ec588e54d002e58495c + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748490008 + c31f53d99e5687f7365119b832d2aae70741d593f1f9e2ab3455779b078eb8feacdfec1f8e3e5277f8180b43361f6512adb16d2e38548a2c719dba7228d840 + 88f8757adb8aa788d8f65ad668be70e7; + + e3c08a8f06c6e3ad95a70557b23f75483ce33021a9c72b7025666204c69c0b72 + 12153524c0895e81b2c28465 + d609b1f056637a0d46df998d88e5222ab2c2846512153524c0895e8108000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340001 + "" + "" + 2f0bc5af409e06d609ea8b7d0fa5ea50; + e3c08a8f06c6e3ad95a70557b23f75483ce33021a9c72b7025666204c69c0b72 + 12153524c0895e81b2c28465 + d609b1f056637a0d46df998d88e52e00b2c2846512153524c0895e81 + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0002 + e2006eb42f5277022d9b19925bc419d7a592666c925fe2ef718eb4e308efeaa7c5273b394118860a5be2a97f56ab7836 + 5ca597cdbb3edb8d1a1151ea0af7b436; + 691d3ee909d7f54167fd1ca0b5d769081f2bde1aee655fdbab80bd5295ae6be7 + f0761e8dcd3d000176d457ed + e20106d7cd0df0761e8dcd3d88e5400076d457ed08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0003 + "" + "" + 35217c774bbc31b63166bcf9d4abed07; + 691d3ee909d7f54167fd1ca0b5d769081f2bde1aee655fdbab80bd5295ae6be7 + f0761e8dcd3d000176d457ed + e20106d7cd0df0761e8dcd3d88e54c2a76d457ed + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340004 + c1623f55730c93533097addad25664966125352b43adacbd61c5ef3ac90b5bee929ce4630ea79f6ce519 + 12af39c2d1fdc2051f8b7b3c9d397ef2; + 83c093b58de7ffe1c0da926ac43fb3609ac1c80fee1b624497ef942e2f79a823 + 7cfde9f9e33724c68932d612 + 84c5d513d2aaf6e5bbd2727788e523008932d6127cfde9f9e33724c608000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f0005 + "" + "" + 6ee160e8faeca4b36c86b234920ca975; + 83c093b58de7ffe1c0da926ac43fb3609ac1c80fee1b624497ef942e2f79a823 + 7cfde9f9e33724c68932d612 + 84c5d513d2aaf6e5bbd2727788e52f008932d6127cfde9f9e33724c6 + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b0006 + 110222ff8050cbece66a813ad09a73ed7a9a089c106b959389168ed6e8698ea902eb1277dbec2e68e473155a15a7daeed4 + a10f4e05139c23df00b3aadc71f0596a; + 4c973dbc7364621674f8b5b89e5c15511fced9216490fb1c1a2caa0ffe0407e5 + 7ae8e2ca4ec500012e58495c + 68f2e77696ce7ae8e2ca4ec588e541002e58495c08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d0007 + "" + "" + 00bda1b7e87608bcbf470f12157f4c07; + 4c973dbc7364621674f8b5b89e5c15511fced9216490fb1c1a2caa0ffe0407e5 + 7ae8e2ca4ec500012e58495c + 68f2e77696ce7ae8e2ca4ec588e54d002e58495c + 08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748490008 + ba8ae31bc506486d6873e4fce460e7dc57591ff00611f31c3834fe1c04ad80b66803afcf5b27e6333fa67c99da47c2f0ced68d531bd741a943cff7a6713bd0 + 2611cd7daa01d61c5c886dc1a8170107; + + ## From `The Galois/Counter Mode of Operation' by David McGrew and John + ## Viega. Some of these were duplicated in the NIST examples above, and so + ## are omitted here. + 00000000000000000000000000000000 + 000000000000000000000000 + "" + "" + "" + 58e2fccefa7e3061367f1d57a4e7455a; + 00000000000000000000000000000000 + 000000000000000000000000 + "" + 00000000000000000000000000000000 + 0388dace60b6a392f328c2b971b2fe78 + ab6e47d42cec13bdf53a67b21257bddf; + feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091 + 5bc94fbc3221a5db94fae95ae7121a47; + feffe9928665731c6d6a8f9467308308 + cafebabefacedbad + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598 + 3612d2e79e3b0785561be14aaca2fccb; + feffe9928665731c6d6a8f9467308308 + 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5 + 619cc5aefffe0bfa462af43c1699d050; + + 000000000000000000000000000000000000000000000000 + 000000000000000000000000 + "" + "" + "" + cd33b28ac773f74ba00ed1f312572435; + 000000000000000000000000000000000000000000000000 + 000000000000000000000000 + "" + 00000000000000000000000000000000 + 98e7247c07f0fe411c267e4384b0f600 + 2ff58d80033927ab8ef4d4587514f0fb; + feffe9928665731c6d6a8f9467308308feffe9928665731c + cafebabefacedbaddecaf888 + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710 + 2519498e80f1478f37ba55bd6d27618c; + feffe9928665731c6d6a8f9467308308feffe9928665731c + cafebabefacedbad + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7 + 65dcc57fcf623a24094fcca40d3533f8; + feffe9928665731c6d6a8f9467308308feffe9928665731c + 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b + dcf566ff291c25bbb8568fc3d376a6d9; + + 0000000000000000000000000000000000000000000000000000000000000000 + 000000000000000000000000 + "" + "" + "" + 530f8afbc74536b9a963b4f1c4cb738b; + 0000000000000000000000000000000000000000000000000000000000000000 + 000000000000000000000000 + "" + 00000000000000000000000000000000 + cea7403d4d606b6e074ec5d3baf39d18 + d0d1c8a799996bf0265b98b5d48ab919; + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + cafebabefacedbaddecaf888 + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662 + 76fc6ece0f4e1768cddf8853bb2d551b; + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + cafebabefacedbad + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f + 3a337dbf46a792c45e454913fe2ea8f2; + feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 + 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b + feedfacedeadbeeffeedfacedeadbeefabaddad2 + d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 + 5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f + a44a8266ee1c8eb0c8b5d4cf5ae9f19a; + + ## Further home-made tests, made using the toy Python implementation. + 60d7bcda163547d348b7551195e77022 + "" + "" + "" + "" + 58b01ea630bccf61f3b34c172d152383; + 907dd1dff7dac5c9941d26d0c6eb14ad + 56 + "" + "" + "" + 4728c593444566c1f955bbf6b3d38240; + 8f86edd1dc9268eeee533285a6ed810c + "" + 9b + "" + "" + d13020f394c38a8e22c46ccd91d10d77; + 689daaa9060d2d4b6003062365b0a543 + "" + "" + 64 + bc + 4daa100a72a49783462b47a93ae6bf16; + c76c160f11896c4794846ecfa14a7130 + c9f137120634c9519848a877ff77bf79 + 192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7080cc07df0591d8fa21f2dd88374d8 + cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505 + 382909981d309ca85ad62f43d0ed0d416f8040e3517772510ff95e50d9e411319e636647904a1c7ac2d857ed1996414b + 06ba36bc635adcbd1854fcef36614528; + da1435dceaa7b1cc49ae1d50c38201a8 + 94476b3f102b752eb9529533 + 966f27043eb621b7f65b000961040ef2f9b2fc + 5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33d090c54215abd6b3ad54efc9a38378c5b93b + 7629cb94f9f709fd7c0988e50e935c3f95dc15a4f49207d62b3ba01fe62f0733842b97e72753292de7f4b3d0518ec30933d80bb3c93c5f2165 + f894c92668f0264a7f663568f38c3d71; + f4f2aad2605faee2b03fb648e27fff63 + 102758fe2b69ac26afa3349829b945 + 86306fed54154f8f28523c03d4de1600157846b710ee72807a2219bfb474fd71d891f24bb65d1563259f9e + b53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f768281e0 + 08bcec80c6486cc37d15f4da0dd221864d01b6bf9726ea9de673625a80e07e1250da4071099ffc8b50dc5cd1bfaaac50abef3d1b5a + 9456d186568dd1aca2e61c96d2ae9998; + 40a9b9a222bd689aef66f5306ceb0c6b08ac8b0a + "" + "" + "" + "" + d18fdc91e2ace4c8f4d66cf473fb42db; + 22260c571b4a42bb8fdb233bfa6a5cfb0bad7d95 + 21 + "" + "" + "" + 93bcc629e1dc644f4f002440da2c9cca; + 4ade49cb3b6f5fe8368131115c037ba323fe1dc8 + "" + 15 + "" + "" + e87f107bb704c288cc68519cec9fa3d8; + 1784873f0eb5b647da6794c18b5337685a96ed65 + "" + "" + b9 + c1 + c59a50c109f521ba596b3bfdff74fe9d; + aca338527ef19b09c063c46f88de9fd41e72d7b9 + 7e23e6eabdff3bcd211499268878dbf3 + 0f1dad89d4b9b12012e4713df46795630e7952d22bb02d7100b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa92 + 1451dcd1af5813b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584b7c5e617669c0f16e39815d4e9cfce3ed1 + 8068670d29a2a061b8375eb1e34259255991e9fadde3c5662930c9d29fe66fa5d513bfd6f2201e1503974444c827154b + 67f81d876969b8f8af546599fb81b929; + ecdf3d264a7f16cb16c2e815f422cdf0c8e30308 + be3c31e6bc58c0b7cadcb658 + b970e47479a684b5aefa69a4cd52147ed12ca9 + 86981a874498ad0abef8bc4fcb70e27e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae985511265febd11c164720 + 23d16173096538a850efd193113ce4664d122a0e5ef73a70b50b57304b62704f65b9b1b1167d3e9a3cc66f95b873a856a05de800a91c2d43bc + c2a7ef96a5228db104f6a11034e50f8a; + eef9eb1c8dd0b00951f284649016ed0045633185 + 4bc78bf43966eb0cfa9138ddc39908 + 445608fe95e81c2533e31c9c1a9851bc2810d858cbbc8424d126b807e6daa089c3f9099c5ffb824173d763 + 4c04226f30cbb7f0e4a973a8cd190107314717a77456f3ff669c732b58db8f48af65f7cc9e3fb90e1721b730374ffc9bc597f56ccb + 9ef6b1732748b5f4fee62e025d4fa736336574ede8e760c680d546ecd9c51a03b3bfea4f3eff602cacdf9822717325ffff92196aa2 + 1279f19bf183b1499da8da81e174d2b8; + b2f294b38766fc69f6a9f2c0945ffd505003cc0cae9ce021a5f1fa4f + "" + "" + "" + "" + 565ff4cb468ce9c2c53451df7cc70651; + fa91544485f1a1258b2b9b8f0911e32d65cc1770a18cbfe6effd1ff6 + 77 + "" + "" + "" + e5f4f21a54e3788920c3fda8e47a561a; + 8554acf1270485b203a3c1c4c967c0a458cb948bdd409b687fa3a682 + "" + 7b + "" + "" + fea5e7d3d32a547d19d029133e417f4c; + 480aa3a4c84cef64f6c9b53bf8f957f4b03cf43e89957f9a3e8128f8 + "" + "" + 74 + 2c + a0b8a9979dfb02faac0cfd7798f31e6f; + 3d16687b7bb8deb9bd205b70e04c091d205cdad9e9a79b1abf91b085 + 1e5ca605ac8451399587011677508a15 + dde524af3e2bee0646541a42c2ecccb44d65bad397abfaf529ee41cf9a05c7efedef3401539c51d2a90bbf7f1bfc338a + b0ef5746ea8fdcccd213e33f7e8a5718fd25014107c8e7d715a92add9589d1f5c054b2d983514605ec590294a319b980 + c5c15ee7953a0b74712d9cfe36c7270a94c265f1af75b48e9147b54bf3509bea55e58c6ef3d7e60db1270d6f5f56d37b + 94d5625b8c1c2dc0eb7914e717dd640f; + 2068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff + 59a332ba58d5d5589bfe0797 + 53ee1a957eb6d6699e6b7ea2725cb2dac07ecd + e95759ac46fee6dda7abc8ad68daac90cfe22d2f1f2968cc42fa8b669ed3bb3542a9cf44bbc8c6254d980398bd94e66eb4563d405e51881e99 + 43f463f1b21cd0f9246af63db9eacb644edaa029de296e1e70d30a6d944e65ed2690d1a0abee3fc608b816f6b80cb15f044ea37d146f92f4c5 + 3b78d38c982a0c529ad66d6243694de8; + 027b8ab9aea3ccf860b0009740763d96836c5f87b95460938de1288c + 69d80ea12ff4bb5f069b8a2e86041c + 1b9fc214e9ca2186ddf1f6a7a3aa7e740da967828e3604b35b15ffaa6c36800d9645563a308ba600768175 + 23bd2abf1261b089d8f23a9c2835076a23faac2cdd67771cc667a8331f0a170b66283e4f834a06148f302c3973accd56f6f24e3395 + d76bde841be1e0f1c79d55aba162df14df0d8d27a79006ae86206959988ee72bdc2f865964dfb9f9367c28ff87aefdd0ffa01d9d97 + aaa345866f4b3dbee0f6213cac96bd7b; + 8b8c2e2352fd61e4fa8fec81 + "" + "" + "" + "" + 059b6263146de5fb545a936fc848b0b4; + 6ac861a8b33779f09e7a10fc + 02 + "" + "" + "" + 58624b8c9053c43796880707b3d67f20; + a8f48afa3080ee119a52a9a8 + "" + 17 + "" + "" + 687f0761db05bcdb0388336d76fd22e7; + e4f2b94b0820cab383a8cffe + "" + "" + ea + 18 + 767802f12d42935d7b001884afc02a9c; + 7c486315799dc875fba578c8 + ec4837898a92142b5b0677da1ac27311 + 7b45bcfff5d5f8b6fde2893232a9f81d14517ffae475f6b94a43a67b3d380d2f9aaafe2dd721c0095c88088476892114 + 50ba8095ffab1eaadf66fd22ac1976063e113ab61f813e28a1397a7974a1d7f4220c785fe426a5a0e80f678d40414784 + f32ff4b45a2e730c569689c1778053d0a0d98ff6ca284a29d5dec2d196cabe0b2ff7cccd2d76677cfa6f7f3f327e95dc + 6a8c65bf4d69020ca3653fe92b8a0750; + 2941feeffdc2eb44dc8c0d5e + 8f444f7f4e0c893959b74dc2 + 3a7bb40e7e0013e5150686d2301b43a15a84e8 + 1d7f5cedaa49e2414ebf47970e560475cff206877de69146acc3ab6cf8556b7aa776945948d1b8834df2196c92ec1718dcdeee0d52d9539726 + c4af011456e8d101166565373ad9e8f158794f83fd254b98c7c8b0fc4bf23d0c2dd3158db30946c967d9eab008d6a526e6c2bf28b0a615fd76 + 81383ad066041311a2eb1ab37d6c14eb; + d2810391b3f9d10c39b07ae8 + f08ce7cee4758a386a9943e97dedfb + e61e737882cd09c2b9a80f34c0fde11c2481b11fc76bfa4dbf710a9e544e0c536ca1e040f9ad5b04140d98 + edabe08485290a4d87d13b07398a1458c2c6b61dbdbc1cccada8c1a0a9aabb6c4e3c3554f8fb1ef61614c270295dfc0ca6551ca4bd + 502ab4639cc0336813c1e56e627ca9fd05ae8a04bb2b5a5dd7c03a5a4fc64ec1b9222fb965ee6c675f52bf3815a88d8a0ab837ad7b + 66578408dd93abb230ea3124f859308d; +} diff --git a/symm/t/rijndael192 b/symm/t/rijndael192 index ebfb230e..ceee24d4 100644 --- a/symm/t/rijndael192 +++ b/symm/t/rijndael192 @@ -3080,3 +3080,174 @@ rijndael192-eax { f2a5115aa965c209277a24b0c325ce806520f4725aba623a5edd757c9b8ae4da2f4e918ceb2ba756bea2b7e16ce28cd808151ff29ea78c662ddaf739313c5930e2859da808369301b81db91309 77613f8246951823e51a3370da0344a58531540bafeded71; } + +rijndael192-gcm { + 60d7bcda163547d348b7551195e77022 + "" + "" + "" + "" + 015da0e6189d029fc8dafe862408dcabc30fda92fc68e1ad; + 907dd1dff7dac5c9941d26d0c6eb14ad + 56 + "" + "" + "" + c932ffe01a259789c15ce089d5f8b7ea68f802ad4f95d278; + 8f86edd1dc9268eeee533285a6ed810c + "" + 9b + "" + "" + f00e7ec01693132f470761f98c38f8059d68abf0f24619cc; + 689daaa9060d2d4b6003062365b0a543 + "" + "" + 64 + 10 + fe5372d9b2db602ba2611ebc0100bce5c00bbed04792cb05; + c76c160f11896c4794846ecfa14a7130 + c9f137120634c9519848a877ff77bf79192a5b50ade5d9cd + 739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff + 61cdbda3b3e9878731ebfedd4705e505da1435dceaa7b1cc49ae1d50c38201a894476b3f102b752eb9529533966f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde + c59a7b60e5c4237f3c10e9cde0219aa4099ef7c0323b9b6a2b9c403327510e8966c95884af2892e93562b24c97711b08dcd6d3f96cd6ef4a4965ea599ce6483cc8cc7b356ed79aa4 + 5ce6dffcc1adf4308013c22d19323d83025c0f821b25bf4e; + 52ebfda19d0ccc520f215eb57bb3a4f3 + ebbbb18ac6c95a97a48030370c33d090c54215ab + d6b3ad54efc9a38378c5b93bf4f2aad2605faee2b03fb648e27fff + 63102758fe2b69ac26afa3349829b94586306fed54154f8f28523c03d4de1600157846b710ee72807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77 + c82c8f3a0ce6dcaefdb53e2e831e9192559ce8c45c1967f5a9ef2f3ec68b94c9c2206a606c318d53ffe10e195a5d3ad88a866976d18550e9e13e6d3df6954b675eda0b433bc4bf78a46eb25038c4c1e1a6 + e2203c3246cd4609749431f291149ec7359c6c1f98316738; + dba189196d1ebba10b0467cb9fc2712a + 199e533fa9156308cdec3f768281e040a9b9a222bd689a + ef66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe1dc8151784873f0eb5b647da6794c18b + 5337685a96ed65b9aca338527ef19b09c063c46f88de9fd41e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89d4b9b12012e4713df46795630e7952d22bb02d7100b8b649377d20a8f0 + e4e1aa2a9dc0ecadfab0d06a51cc52bc051eece169d640ea09e5ecbc5132389d823bf160bc0c3fd935be0a07b7350bf34aae3a6e93aa874aa8df85949f3ffce3ad63b63d972067f2ffb42da610 + 033ee0ffd59a68e6c64bcf376e1b4b5c3b55b704af3efd30; + 83455b663e4ee1315f3c8f2aebfa921451dcd1af + "" + "" + "" + "" + 11162ce42451687d06c7ea1d05f235a12f8c1dec59f7ffb9; + 5813b70d30ce2f1fef6ef315d0798391805da08d + a3 + "" + "" + "" + c9f80fcab02986639b9e1f4240582daf41b51a065bc6638b; + aefc5f8584b7c5e617669c0f16e39815d4e9cfce + "" + 3e + "" + "" + 64f584488df21b4e6a7cb5b54551516ed0585564f2605551; + d1ecdf3d264a7f16cb16c2e815f422cdf0c8e303 + "" + "" + 08 + 93 + 9dd3171ccac6312ff23949e0145b1f20c157eb70c7a100cf; + be3c31e6bc58c0b7cadcb658b970e47479a684b5 + aefa69a4cd52147ed12ca986981a874498ad0abef8bc4fcb + 70e27e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae985511265febd11c164720eef9eb1c8dd0b00951f284649016ed00456331854bc78bf43966eb0c + fa9138ddc39908445608fe95e81c2533e31c9c1a9851bc2810d858cbbc8424d126b807e6daa089c3f9099c5ffb824173d7634c04226f30cbb7f0e4a973a8cd190107314717a77456 + 2aa894b96eb2a06a0c601e1f32a5495741e7cd0d98ade2e22742931a96e86b1620f6bf3dc60e865f24029760aaac639a9628575a224c48cabb0b207a8c646da177f0180a9484003b + 09e91a6ca2951ac43b2dc376bfb2459f9d6793f3fa6f19b0; + f3ff669c732b58db8f48af65f7cc9e3fb90e1721 + b730374ffc9bc597f56ccbb2f294b38766fc69f6 + a9f2c0945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a125 + 8b2b9b8f0911e32d65cc1770a18cbfe6effd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd409b687fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b03cf43e89957f9a3e8128f8743d16 + 2a34e82df940e666655df615cd9499c3f0cbcb42d214c38a86130abd270c3f2a1aeb290e30d3aa4ff7e5386ebe20a7140c329e02f8e79ae908e55b44b32201191c1061d525d815983d8a413460155e66a4 + 62d2e5ef4662b6a369d06431d0b42ad0e89280500ba3eba1; + 687b7bb8deb9bd205b70e04c091d205cdad9e9a7 + 9b1abf91b0851e5ca605ac8451399587011677508a15dd + e524af3e2bee0646541a42c2ecccb44d65bad397abfaf529ee41cf9a05c7efedef3401539c51d2a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718fd250141 + 07c8e7d715a92add9589d1f5c054b2d983514605ec590294a319b9802068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff59a332ba58d5d5589bfe079753ee1a957eb6d6699e + a5d9d4f2cfeaa5003728d73631498986caf5ecd07f21be526aaf0ba42f4e94ea4601b93fd94d3cba101bfd9f4092d31c37a787d481bcf6e0327ec520952a55bae4cfdff57b0b5aae071e182b89 + bff9d687d796f186e930b3d45a7ef9da7cb6309fece26936; + 6b7ea2725cb2dac07ecde95759ac46fee6dda7abc8ad68daac90cfe2 + "" + "" + "" + "" + 20e8e27fd32514b1b14272c20f0df7247f31f1f4a12f25fc; + 2d2f1f2968cc42fa8b669ed3bb3542a9cf44bbc8c6254d980398bd94 + e6 + "" + "" + "" + ada7ffde4179f00a0efa887dc253ca41f00c318ed87aa2ee; + 6eb4563d405e51881e99027b8ab9aea3ccf860b0009740763d96836c + "" + 5f + "" + "" + 378e18a38eba655e06b6f1e4d453e0afbdecb51191f33822; + 87b95460938de1288c69d80ea12ff4bb5f069b8a2e86041c1b9fc214 + "" + "" + e9 + 7e + ab0bb740c0dc8e10d72db5f5d9340a7f3f58205422105151; + ca2186ddf1f6a7a3aa7e740da967828e3604b35b15ffaa6c36800d96 + 45563a308ba60076817523bd2abf1261b089d8f23a9c2835 + 076a23faac2cdd67771cc667a8331f0a170b66283e4f834a06148f302c3973accd56f6f24e33958b8c2e2352fd61e4fa8fec816ac861a8b33779f09e7a10fc02a8f48afa3080ee11 + 9a52a9a817e4f2b94b0820cab383a8cffeea7c486315799dc875fba578c8ec4837898a92142b5b0677da1ac273117b45bcfff5d5f8b6fde2893232a9f81d14517ffae475f6b94a43 + 3f01e886e13d4af838c1a081adb8940ef6f24dabe3bd968a1c256dd08fc8c2aef84f7c389d6049f553750678d40e05e73c272540a02ae22d37e3ea42b38b7b659661fda031256ac8 + 4e5447fbd4d6ae6b948968a3944daafb7dbfb2298afa517e; + a67b3d380d2f9aaafe2dd721c0095c8808847689211450ba8095ffab + 1eaadf66fd22ac1976063e113ab61f813e28a139 + 7a7974a1d7f4220c785fe426a5a0e80f678d404147842941feeffd + c2eb44dc8c0d5e8f444f7f4e0c893959b74dc23a7bb40e7e0013e5150686d2301b43a15a84e81d7f5cedaa49e2414ebf47970e560475cff206877de69146acc3ab6cf8556b7aa776945948d1b8834df219 + 0ce0e6e23e9b00a1925b4704d89f9ddc27e6184940419c3f4755b3a268f8ca0cefd898853791b75c9dfc09f72d8e3f1e76b68a7298131a24c15670b0f29150356b1dbb8281d2168fe870d5c2b13c7d515b + fc65f244ef465fab581fe151522e12881796968a24ec9f9c; + 6c92ec1718dcdeee0d52d9539726d2810391b3f9d10c39b07ae8f08c + e7cee4758a386a9943e97dedfbe61e737882cd09c2b9a8 + 0f34c0fde11c2481b11fc76bfa4dbf710a9e544e0c536ca1e040f9ad5b04140d98edabe08485290a4d87d13b07398a1458c2c6b61dbdbc1cccada8c1a0a9aabb6c4e3c + 3554f8fb1ef61614c270295dfc0ca6551ca4bdb75359f91cb9d921056b7de74fc9a9b37154ce6c0b396179d31f06a1dd5982cbc0d7cb23841da1ae8f4ae480cda98ad6cf2bacf6f9fd3f821330 + c9e1cff17ba016005ee6bd63700c2d80ed5281dd7ccd14d19514e1a0ec2a2134d9bef71d92a8bb3c71c0d4622800300d21d16cd076593c492361e2a849e71f7e51d9d6fff53b61bba0e19fb25e + 44aa54e465e68d39194421556344aea25bdc16f0a24c0685; + c43f3df6c2b3fac7cbcf9652 + "" + "" + "" + "" + ae9a5d3998de53f84bca8beed16dac8064c3ea73d0c67765; + 3d4723f91801325eb8553236 + 65 + "" + "" + "" + f062371cf3f7082c2e21c136112bc6dd3eb3b455a5624800; + 1c96788d73d192ee53b3f3eb + "" + d6 + "" + "" + 05013633667c00adb73c6442909065b53d12eb94db18480c; + 6ddd98cedbe88e245de25b15 + "" + "" + 93 + c6 + 78adfa0aabbe6558983554b3e73782cadcf950c21f27ee67; + b70f8601562d90a9b59ed034 + a867642d25d54756fa5c47f16f64b837bb4926214211a1c6 + 96ba172010abb433922a22d9fd881519165eb9d85197a21cc34ac0d5ae7be8dbf98e4ffed2cf6b1372a5aa47b54fd9d70c70e117bf1cae71b3a56f0e7d839ea59cc783443d64f2ed + 6a29b96856beca34fd6544bcf86b799e2a1681160ccf055f0fd3001da597a1406d465b7b1419ea51cf858f938f6daafbd656445a09898eaa96ffc3d1d2e31e4e34c94b8bfae64825 + da005542936f792bc7fed255ba5d8c04b90fa64185338a24a954b79a7d05252230a1167ef6eb35d1281c1927ffab7b5c714321e03a01274c3bd3583e3ec84f7c56d60000e18242f7 + 2ed230cfba9714d0d3d35df936ec750a695fccd25539b46b; + ecd75a66d88eedb969ffe076 + 69845ebb7a24c69f13d099f47166edf54538e88f + bf433a7ff212085179e79771f6eee7283ab178ef2b800d7b969da0 + 5780ffc1ba78c70dda7a4ca2a25e771702fb1901ecfc8a959cb8e75079bb018ccc8c54f31b450e88f8e9002926ad0284c738f4cb0f58a1e34c8b15ad930c1b627235a2cb84241986c251f5b70be2367f04 + 85ed87687fca97cdf0ccfe1d4e0fbdd56e674a6ef5ebcbc4979f80e6f8ebdc85672d01db63bef05103c1327baa49d7e6e12854ce3680f52bde86c075ff5df02daf0db3e48b564a804cb3b657f982a27ff3 + e37d522450d16ff30f15ffa74a0b894bfd33074c4ea06f44; + 7265264e0da72efe8995e6c9 + 32a17eab511eddb8e4ba463c663035a6ae8a7a899e4279 + d54d03f0e0f3e961dcfd40088d5be74088e4097efb0368c7e2f431ee6988cf2a0e9ebeb3de79c4f86c9e4fba61339d6d907eab7707ca48ff5ba1ae93d16225d469de57 + 47bc1addf5748729720a320fe14fd29cfc59314fe2079c0a2535ded56112d6e3d33dcf7c71cd7d130323794e3da84a9df69703a9caf02d2a8f57ac71e554a6850d55882f8c7ae6994fc8528bd1 + 0b9e340c141493f9676c99eaa36b0463639b3db40dce5e2bb48c3222a1b82595be0ae12890f61bdc22f71a07b8ad0136d395221c57e12ca7f8184d3adbf82497f5c6ac105b1545d433a9baf50f + b24035d9900bc75dc879617502f0f9891a2428fa9d6d472d; +} diff --git a/symm/t/rijndael256 b/symm/t/rijndael256 index 3ad53165..be3edb12 100644 --- a/symm/t/rijndael256 +++ b/symm/t/rijndael256 @@ -3093,3 +3093,174 @@ rijndael256-eax { df7563a9736256abeeb7e528afd5868258e5eaa52b09d86eae63321459d7b39a681aad1b3ff8fb742a54f1a07d511162e9b282e50e24ffb8a3ad99b6a284f644cf82fc460fde1bbd338510f55e14ace30d831b9b7339d8129ce086330fad250c6091037555 22faf1c600ec3c2e7eaab84d8fc7b1a5fb63ef32d7161877da051ebfaed826bb; } + +rijndael256-gcm { + 60d7bcda163547d348b7551195e77022 + "" + "" + "" + "" + 155fe406a3e36d08993ed00fcf78b03f9885b8626ffc1c4005c8f54a41d46bbb; + 907dd1dff7dac5c9941d26d0c6eb14ad + 56 + "" + "" + "" + 5315b508de9b123b9d77bb1999fe58c3ec72ae1e8beade22bdfb1375e9e18d1f; + 8f86edd1dc9268eeee533285a6ed810c + "" + 9b + "" + "" + 6e1adb0aee567f8e7b58dc7acacf8e2a46fe0d4607e84afdb57725a4c4c62f8e; + 689daaa9060d2d4b6003062365b0a543 + "" + "" + 64 + 6a + 414c6496cbca39176224573e7c509b4f8df43e5cf5a02344cf75a5ba418322b4; + c76c160f11896c4794846ecfa14a7130 + c9f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f2954 + 9e6b0d27a4ba234085406a6136512061f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dceaa7b1cc49ae1d50c38201a8 + 94476b3f102b752eb9529533966f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33d090c54215abd6b3ad54efc9a38378c5b93bf4f2aad2605faee2 + 8a0b21b3faf752a732569ab7ca7edc0abf9ba5e9700cb599ab530b374c93ff7825252d41a0eaf26f6eb98fb43ca7e38ecf59c1b6a008c290550aa1fbac54233f5dc3befcfea5687b7516511137cbbbda3bb51357375fae4eb18f948350d4e9b4 + c70aefe02e2accd4c5e7567b52e38d2f1cd68d2621cdfe4303bee6ad1285ac57; + b03fb648e27fff63102758fe2b69ac26 + afa3349829b94586306fed54154f8f28523c03d4de1600157846b710 + ee72807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f7 + 0800df9fcbaca48b77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f768281e040a9b9a222bd689aef66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe1dc815178487 + 4b27aebc1cab373e6f5f94978fbb9dd4ab846dd4c8e6659351837bc075a78d472dac621172e1c5f4c0c184381cac80f27999fcddfc597dc5f1e96106f4c974d12d3755de2be779cb06402712144fd67538d2278d7c79eaf7e965d62aebae459883e94598ebc722fb5f + 91201ac6618b71df23cf770cb2be511fa68ab0bb4666fc5a0f166c46fcd2af60; + 3f0eb5b647da6794c18b5337685a96ed + 65b9aca338527ef19b09c063c46f88de9fd41e72d7b97e23e6eabdff3bcd21 + 1499268878dbf30f1dad89d4b9b12012e4713df46795630e7952d22bb02d7100b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa921451dcd1af5813b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584b7c5e61766 + 9c0f16e39815d4e9cfce3ed1ecdf3d264a7f16cb16c2e815f422cdf0c8e30308be3c31e6bc58c0b7cadcb658b970e47479a684b5aefa69a4cd52147ed12ca986981a874498ad0abef8bc4fcb70e27e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0 + a0359a3a7cd37068cef9616e836e0dc51340c61800a8ca0c9a4e9aec807ed440cfa72d61d992bb4fd1ca3437804b9d3faae47b32aa37b2a2ea954c2bc6a4dfbe55ac20254bc6e65e257316355e37255c3358c287f9a85a809b1a339f928c7bc17d950fd4c7 + e1169f11b3af523780b7d6060ff7541119b99e149254be2ab460870fb20e0d8e; + c6f21195a3b9f4ae985511265febd11c164720ee + "" + "" + "" + "" + 88853f7a89a9d6ca3dbc23486aeabf94200f7b0222fc7c571c1124d33ad4bf09; + f9eb1c8dd0b00951f284649016ed00456331854b + c7 + "" + "" + "" + 705d0df1dae2209b02474644445391b9e6196b397ef49928be8dce7b1ba104c6; + 8bf43966eb0cfa9138ddc39908445608fe95e81c + "" + 25 + "" + "" + b1bfbd95d722b50e894535c7eb30e1dadb37f0c0774adb40dbad72e986b9e36e; + 33e31c9c1a9851bc2810d858cbbc8424d126b807 + "" + "" + e6 + 20 + 2cbef7fa0a697ec89874abb08dd7230ff6fb9e0eca0c5a694cab36328c8c95b4; + daa089c3f9099c5ffb824173d7634c04226f30cb + b7f0e4a973a8cd190107314717a77456f3ff669c732b58db8f48af65f7cc9e3f + b90e1721b730374ffc9bc597f56ccbb2f294b38766fc69f6a9f2c0945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a1258b2b9b8f0911e32d65cc1770a18cbfe6effd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd409b68 + 7fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b03cf43e89957f9a3e8128f8743d16687b7bb8deb9bd205b70e04c091d205cdad9e9a79b1abf91b0851e5ca605ac8451399587011677508a15dde524af3e2bee0646541a42c2ecccb44d65 + aab8f6ea96180e63aa3855416f27313b857947523e7341af0f8f5bd496ee8911a3dcb2db4514168dffb034762a8085a0785e79c8a67ca675f114e9846959d67fa3a333fe4bd09f7a118d2b2571a4a20d8c97c6e9428715a0fcf86a684d22faf5 + d3bf734339230e22db1a351306eb33335985be58380bfd61d1fdf52067ab901a; + bad397abfaf529ee41cf9a05c7efedef3401539c + 51d2a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718fd25 + 014107c8e7d715a92add9589d1f5c054b2d983514605ec590294a319b9802068a9f891 + bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff59a332ba58d5d5589bfe079753ee1a957eb6d6699e6b7ea2725cb2dac07ecde95759ac46fee6dda7abc8ad68daac90cfe22d2f1f2968cc42fa8b669ed3bb3542a9cf44bbc8c6254d980398bd94e66eb4563d + 18fbf012c8917f257b87572611b9618701201d22196532e1fd0375bb15585569238d33c780cfd180db25b82bba0886360b0d8068858473f594f4ec46c069a8b5367266a50cf5b11a2285d4f11eae276d1aa24d0a2ae91d6e9d58b3d342ad1cd576faf1617d0b9ef982 + c55c8221055fdf8cc4ff383c13866d83810e0c355df37b4785e6bd3a260e961d; + 405e51881e99027b8ab9aea3ccf860b000974076 + 3d96836c5f87b95460938de1288c69d80ea12ff4bb5f069b8a2e86041c1b9f + c214e9ca2186ddf1f6a7a3aa7e740da967828e3604b35b15ffaa6c36800d9645563a308ba60076817523bd2abf1261b089d8f23a9c2835076a23faac2cdd67771cc667a8331f0a170b66283e4f834a06148f302c3973accd56f6f2 + 4e33958b8c2e2352fd61e4fa8fec816ac861a8b33779f09e7a10fc02a8f48afa3080ee119a52a9a817e4f2b94b0820cab383a8cffeea7c486315799dc875fba578c8ec4837898a92142b5b0677da1ac273117b45bcfff5d5f8b6fde2893232a9f81d14517f + 6efc84f2bf195615f673c68a0e16fca98d6d9a156a74fb40b74ac9fa50db8c0a34d5b00793827ee2bcb942bea89ba023867de0d00f5d3066c10a035c5f626a0bd92da3b57312ff0e78fc6efdb08d7421a68ee134b28a684ab52b84f9f629009921d80ea20f + 1fb7f4fbc9bfc6b37ab7006cd6c661f5d8151f71f2e510af1edc1cb27a97c19e; + fae475f6b94a43a67b3d380d2f9aaafe2dd721c0095c880884768921 + "" + "" + "" + "" + 5cbb3eb9742ae2cce92f5e5c9e6fa1875edb5f6ee2207e3ecc61c06370f81105; + 1450ba8095ffab1eaadf66fd22ac1976063e113ab61f813e28a1397a + 79 + "" + "" + "" + c1b0dabf513241d592852453e603c0325644288f76937abf90c8b53cb484f508; + 74a1d7f4220c785fe426a5a0e80f678d404147842941feeffdc2eb44 + "" + dc + "" + "" + 9b8c23ac703837dc613935ba7bbb64343e29ed170ebf189cc79b301a6aba61a8; + 8c0d5e8f444f7f4e0c893959b74dc23a7bb40e7e0013e5150686d230 + "" + "" + 1b + ea + d744d421289bb50dad6cf39990222ffd62c6cb8d2a1511ff27367827224e6eb0; + 43a15a84e81d7f5cedaa49e2414ebf47970e560475cff206877de691 + 46acc3ab6cf8556b7aa776945948d1b8834df2196c92ec1718dcdeee0d52d953 + 9726d2810391b3f9d10c39b07ae8f08ce7cee4758a386a9943e97dedfbe61e737882cd09c2b9a80f34c0fde11c2481b11fc76bfa4dbf710a9e544e0c536ca1e040f9ad5b04140d98edabe08485290a4d87d13b07398a1458c2c6b61dbdbc1ccc + ada8c1a0a9aabb6c4e3c3554f8fb1ef61614c270295dfc0ca6551ca4bdb75359f91cb9d921056b7de74fc9a9b37154ce6c0b396179d31f06a1dd5982cbc0d7cb23841da1ae8f4ae480cda98ad6cf2bacf6f9fd3f821330c43f3df6c2b3fac7cb + c4a2f019ff18e90fa3cea69a2f34f2d1f2d498af1173c860fa6b6f20e91781ecdaca5cd4f674027476d9cfb5b921c2d5686d1bc581b70b63feb8042f4d30deeeaf44528b6cddcbaf9a5d6ee4144fe4be1b526f3ddc573aeefe159ad33b9677e0 + 52b3da4ccdecf74bcf3d144ab23854db12a64df3ed547b78da9214f373d9d5c8; + cf96523d4723f91801325eb8553236651c96788d73d192ee53b3f3eb + d66ddd98cedbe88e245de25b1593b70f8601562d90a9b59ed034a867 + 642d25d54756fa5c47f16f64b837bb4926214211a1c696ba172010abb433922a22d9fd + 881519165eb9d85197a21cc34ac0d5ae7be8dbf98e4ffed2cf6b1372a5aa47b54fd9d70c70e117bf1cae71b3a56f0e7d839ea59cc783443d64f2ed6a29b96856beca34fd6544bcf86b799e2a1681160ccf055f0fd3001da597a1406d465b7b1419ea51cf858f938f6d + cddb79cdcae1c1ecf2734f18295a6e756c73fe54e8939cc5f0f47a3f543800451b17bba62b7af7796674b9d882b05b9b1d0c39a0dfaef98c54f64996105972a740c5a7bc6bfabc63e7d6a8b0924129b9552d6b0ad95028006889241b670a675e4545f21b6256bcd7f2 + 36fb5ecbc6a1f55d402f7bdb27f362b41cf037ba5b0c8b5f9a8c5b56da81e4fb; + aafbd656445a09898eaa96ffc3d1d2e31e4e34c94b8bfae64825ecd7 + 5a66d88eedb969ffe07669845ebb7a24c69f13d099f47166edf54538e88fbf + 433a7ff212085179e79771f6eee7283ab178ef2b800d7b969da05780ffc1ba78c70dda7a4ca2a25e771702fb1901ecfc8a959cb8e75079bb018ccc8c54f31b450e88f8e9002926ad0284c738f4cb0f58a1e34c8b15ad930c1b6272 + 35a2cb84241986c251f5b70be2367f047265264e0da72efe8995e6c932a17eab511eddb8e4ba463c663035a6ae8a7a899e4279d54d03f0e0f3e961dcfd40088d5be74088e4097efb0368c7e2f431ee6988cf2a0e9ebeb3de79c4f86c9e4fba61339d6d907e + 58452492c095671447a7c66a0e3e53cb2c2f6d5d9258e3a44f7e04cbe229248769719166680ff0dbf7d06ea1162b23c71aab1b4732c913bd542d952be48e1ff46df1d55fbad872957481cb71c5728e201cbec2fdc4a58bda26099d3bc64f1c6418c68289f4 + d9d12a477bc9a18f1b3a4a9ee2b289ff2ea6fa36758427bf9d08f9a4a92b7008; + ab7707ca48ff5ba1ae93d162 + "" + "" + "" + "" + 3858f6b0bba7f351a9ede4c2b5fbd5c827e7e992c079ca19cc6f26b830a9c751; + 25d469de5747bc1addf57487 + 29 + "" + "" + "" + 9fdad124895e10fd8b53e2064b9f2b9d2b3cda627483e9603549c80253e44688; + 720a320fe14fd29cfc59314f + "" + e2 + "" + "" + c34c2d5413bddb6cb1ba41791d7911bcb2edd49b6d71773f1454961f1c62033e; + 079c0a2535ded56112d6e3d3 + "" + "" + 3d + 6c + b700b74ae722b913ab72d6b1207776e402d74fa4845d602768cdc6deb15f843c; + cf7c71cd7d130323794e3da8 + 4a9df69703a9caf02d2a8f57ac71e554a6850d55882f8c7ae6994fc8528bd18c + 374fc43581d2f72a89584a2404a059f7f99c7241a0c879d6d4455b382a9ce757b3e7a1d07585ad9d7ea9c7c9cf54f3bc6d94238ab56d738e02abd651477cd726d6f3ebcd6fadeab50906642a7de6496247060e7be3632ed9bd94bb42f45a8733 + b2cd2df9d1d905cfdb29983050d6bcdb686a0c897031ad09a5b8fa687ec3bad8e18dc2ad361f1e226e78876cd35f86c639733c5cd84aed8aaebabb7e0f24edfd9710b7bca91b612ea37fc5cc09f7f62f66b423fcd2dec5de24d264f2c839839c + 1e698dd38df7f079f6b406910c4c878e2605fe149c9a4f7d575877ade356ef2507eb11ad763a153ef93464f72fb80ccf6670651a22532662e1e33beee419e8a82c8e5f1e723ed1c0db76e90b94a97985e01ddf0b10719a689286b0cdf217760b + 7aa4400ac56abdd5ed32f35f5487361a090461e342f11168b122369d31860f96; + 1b06319f687dbc68d9f07fd4 + 1ccb4f8cde8de201ec2680332bbded4883deea0b58b54bdd13c17ef2 + 92b0ded3caeb5e57fd21df10bc6186265ee6ea45907de6cb822fb2ef953aea358a03e0 + fce2e1b9511bd332c86e67f123377a8f0256b8dcc73ae1b3c6cd3f104e3cb24284cfed17811d64d492d39ea7496993a25b072945d83f923e66b0a6689cf0969c003a8fca80e322a4b1bf050c1220450433efb6b6d8a2d820cf27a64b9d47f636845dac557bb3e75f3a + 10d009d35f7cf513d0f5045d1520d92a4971e792b83901e518ed440e68ed1f4eaa251584ce7703195b3f2d0b19ff558713922efe13ac3e8f8a5d7f608375326aa7a7499274df4e3c963007805ebd4b66c8c52059844edf60327144ab7febb0acc2dbcc82795aef7dfa + 02dfe024b324aa1ad7a4a9f1d1cee9c0ba3711e97510fa26ba8f87f7e195bc4c; + 18fb8e173416867fcd0ee78d + dd9236beec76d55ed58b10f91d07a037791ab96e83c4bf2fb5b205e592c172 + a5cbc19456c95c1bea6079f3867e52d663cb3884b2a0a8ff825df752423f3179bfeb89eca385f20ddce5f1f23564672e370ffc37d400a31e8aac1d426ce10df73c5ee478b3b63d91024780e974a8a2a0e7a36f84ab1286b627e7d0 + 1b38a84a6de738721ed80fd0d7f69fa658abb5a440d304128719b541a9451cead18e4c61d93d1f8fcc53574427767396322b3bf7d02cec05093696cec07591ada462271b1d1519eedde0df37a330fe8c22ebd77705917b7e32ae88f45a34a8ba3037235e19 + 4c8ecebea3c8b010464c18f765a3e100014f564146cfb6382d1e60f5727f37bcfd18f0227c1cc3817fdac6aa202fb93606338616cd140f999d57c36cbfcfd3eb38fb4c4cf5e34a9f0a16b703d268c428e4b3a2b26b4d3a19b08b5468632020ae7cf98a5b6a + 305e9c670143f7d88cefabee533e27ad48988b607be91f0aa2f17649d629b688; +} diff --git a/symm/t/safer b/symm/t/safer index 626e7faa..7f907a62 100644 --- a/symm/t/safer +++ b/symm/t/safer @@ -113,3 +113,90 @@ safer-eax { 27ebc64f0dc6fea2eb465c16ddcf0fb51567e3a14eeccdcf37be2ffb0a a925cad73bd83f84; } + +safer-gcm { + bef260d7bcda163547d348b7551195e7 + "" + "" + "" + "" + 54d777d84bb367be; + 7022907dd1dff7dac5c9941d26d0c6eb + 14 + "" + "" + "" + ee0bd152340f8fa7; + ad568f86edd1dc9268eeee533285a6ed + "" + 81 + "" + "" + ef542fad7971981b; + 0c9b689daaa9060d2d4b6003062365b0 + "" + "" + a5 + 68 + 9775c4709ae7e478; + 4364c76c160f11896c4794846ecfa14a + 7130c9f137120634 + c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f + 29549e6b0d27a4ba234085406a6136512061f7080cc07df0 + ca09cf420396beb0c928209ae8423ebaf1230ae572f41b22 + 1f53984176941a39; + 591d8fa21f2dd88374d8cde8e160ad10 + 997a2163 + 5c6d62c9269029df3e6057 + acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dceaa7 + b71e6a6900bbf0745a3372bc9fb843931af8c9605701f49519b02c8c2649f8ed92 + bbc316814a9c8ff6; + b1cc49ae1d50c38201a894476b3f102b + 752eb952953396 + 6f27043eb621b7f65b000961040ef2f9b2fc5f + a450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6 + 12f78c86a8fe1b71db510309fe43a4434a5ff6a2c4dc3bc01f0feea936 + b3a2d8864a3eabb9; + c95a97a48030370c + "" + "" + "" + "" + f0d316bc4b69c200; + 33d090c54215abd6 + b3 + "" + "" + "" + 92be4864decdb6b0; + ad54efc9a38378c5 + "" + b9 + "" + "" + 7699b3ba70391bab; + 3bf4f2aad2605fae + "" + "" + e2 + 2f + 6826c1faff7a71a4; + b03fb648e27fff63 + 102758fe2b69ac26 + afa3349829b94586306fed54154f8f28523c03d4de160015 + 7846b710ee72807a2219bfb474fd71d891f24bb65d156325 + 9c27bc6e00c2e0ddb8d5e399439bf477cc02f23cca50e560 + d21750cf96e20752; + 9f9eb53b571ea629 + c54d57dd + 2d42f70800df9fcbaca48b + 77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f768281e040 + 76b11272cd887c5f6fa869e7bf52578442dd96e83b0e7cbcfdba46f67ba2ee6fc0 + 23f48c9f5534edbf; + a9b9a222bd689aef + 66f5306ceb0c6b + 08ac8b0a22260c571b4a42bb8fdb233bfa6a5c + fb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe1dc8151784 + cac8eef1be089b75a8ddb79ca8588436e6e9bac025a6d89bac100dc284 + d41ff215540bd48c; +} diff --git a/symm/t/safersk b/symm/t/safersk index b47d2253..6c91da18 100644 --- a/symm/t/safersk +++ b/symm/t/safersk @@ -101,3 +101,90 @@ safersk-eax { bde1b3e1c19bb966ee531fa15ec929593e29aca538a004e1a98e6776f2 ed2e0c47042a787f; } + +safersk-gcm { + bef260d7bcda163547d348b7551195e7 + "" + "" + "" + "" + 27b0cf2d5823652b; + 7022907dd1dff7dac5c9941d26d0c6eb + 14 + "" + "" + "" + 284a84e5a061c638; + ad568f86edd1dc9268eeee533285a6ed + "" + 81 + "" + "" + e137081a8189b00d; + 0c9b689daaa9060d2d4b6003062365b0 + "" + "" + a5 + 07 + d1476d790c73fe20; + 4364c76c160f11896c4794846ecfa14a + 7130c9f137120634 + c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f + 29549e6b0d27a4ba234085406a6136512061f7080cc07df0 + 220e383555bc3c1db79dd7946ab1bcfb0c8ae7534e054dfe + b9125ab89a341129; + 591d8fa21f2dd88374d8cde8e160ad10 + 997a2163 + 5c6d62c9269029df3e6057 + acc87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dceaa7 + da40ac7ce7efbc6e5a0c8edad1fc6e37707dcd577c2b525173d91c0ee1843bf296 + 7fe1bd570ff9bc5e; + b1cc49ae1d50c38201a894476b3f102b + 752eb952953396 + 6f27043eb621b7f65b000961040ef2f9b2fc5f + a450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6 + 7088301eaa71ebd8aa7357fa70408eff7803127fdaf86f8f64fc46bde4 + 1b6b05d79e3e8a50; + c95a97a48030370c + "" + "" + "" + "" + c202c8435d5db9f9; + 33d090c54215abd6 + b3 + "" + "" + "" + 127f007760bb2caa; + ad54efc9a38378c5 + "" + b9 + "" + "" + 8e7eb7606063486c; + 3bf4f2aad2605fae + "" + "" + e2 + 87 + f7db784dd6349ec3; + b03fb648e27fff63 + 102758fe2b69ac26 + afa3349829b94586306fed54154f8f28523c03d4de160015 + 7846b710ee72807a2219bfb474fd71d891f24bb65d156325 + e9a1e4e745d37146bd75efe05e451dbf120fe907a9f5701f + 59283c69e487ac87; + 9f9eb53b571ea629 + c54d57dd + 2d42f70800df9fcbaca48b + 77dba189196d1ebba10b0467cb9fc2712a199e533fa9156308cdec3f768281e040 + 65b78f763a328655662a4ef7f9bacfe67e5e07df80edbcc853440ee1f7627d0355 + 38dbad9c5138e19e; + a9b9a222bd689aef + 66f5306ceb0c6b + 08ac8b0a22260c571b4a42bb8fdb233bfa6a5c + fb0bad7d95214ade49cb3b6f5fe8368131115c037ba323fe1dc8151784 + 0d4082f666ad6a4d337a93564bc648f4b09e2332d656aeebefd722a7ec + 4322ea279fd752dc; +} diff --git a/symm/t/serpent.local b/symm/t/serpent.local index 477caa91..b41ebef7 100644 --- a/symm/t/serpent.local +++ b/symm/t/serpent.local @@ -261,3 +261,174 @@ serpent-eax { 2ea09fe497954fcc5ff649f0c72b229294018f6d69846e4d55b35fcf561d6d73e36fd253241af102f1a5beabca9f878898bebc3c38 018ad589b2a12c05238a52773fd66463; } + +serpent-gcm { + 60d7bcda163547d348b7551195 + "" + "" + "" + "" + b7a5e3afee9d6b5d3272a42db95fe058; + e77022907dd1dff7dac5c9941d + 26 + "" + "" + "" + 5a3f93b2c28c3208f3f470a28ded0981; + d0c6eb14ad568f86edd1dc9268 + "" + ee + "" + "" + 31b6ec116273e033816b5ebeb8198b1c; + ee533285a6ed810c9b689daaa9 + "" + "" + 06 + 82 + 1edf5ba454a8cd5ef0aac6153800a101; + 0d2d4b6003062365b0a54364c7 + 6c160f11896c4794846ecfa14a7130c9 + f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7 + 080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61 + 08276a3d1fd2638903bb85fd5ad5b3abf64d1e384ad5262501e198e697c210d778ef1ca2cb78e3fc462d18daaba7ee12 + 75eb776d709e756036210b8d85056fdd; + cdbda3b3e9878731ebfedd4705 + e505da1435dceaa7b1cc49ae + 1d50c38201a894476b3f102b752eb952953396 + 6f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33 + 6cf5fafa1f1b67aef17c51ecd4cc8807863bb47816d9416eee45e144973c6bfe325b1dd7b29af06a4d9b0e2f993127dcbf33e8075f35781fe7 + 8827e78f2a8ba21a12f6c4078713d83b; + d090c54215abd6b3ad54efc9a3 + 8378c5b93bf4f2aad2605faee2b03f + b648e27fff63102758fe2b69ac26afa3349829b94586306fed54154f8f28523c03d4de1600157846b710ee + 72807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebba10b04 + 11687e1abefb35846b4c37d820220610a076a589e33bdc58b8b9f4f5318a945421139b3122e26578e3d34e00ab2cb88a0de1590b46 + 75d611a4d23fc1cc399cb1d06475c400; + 67cb9fc2712a199e533fa915 + "" + "" + "" + "" + 2e79ef91df0515538a3bf641867668d4; + 6308cdec3f768281e040a9b9 + a2 + "" + "" + "" + 4a3d8a26dac3498e97ec445243d6073f; + 22bd689aef66f5306ceb0c6b + "" + 08 + "" + "" + c47eae4dc6e8e34fd594bcf425c93137; + ac8b0a22260c571b4a42bb8f + "" + "" + db + 08 + d328c14d09ea87f05101640b5c19ec06; + 233bfa6a5cfb0bad7d95214a + de49cb3b6f5fe8368131115c037ba323 + fe1dc8151784873f0eb5b647da6794c18b5337685a96ed65b9aca338527ef19b09c063c46f88de9fd41e72d7b97e23e6 + eabdff3bcd211499268878dbf30f1dad89d4b9b12012e4713df46795630e7952d22bb02d7100b8b649377d20a8f08345 + 681e86e5aebd4a9648b78daa6bc86d34de3970fa7065f26789d65cb8d0d05639849b612fef76214315948d44f3e9c512 + 2a4f1ff8cc104ded9d693f28d62396a3; + 5b663e4ee1315f3c8f2aebfa + 921451dcd1af5813b70d30ce + 2f1fef6ef315d0798391805da08da3aefc5f85 + 84b7c5e617669c0f16e39815d4e9cfce3ed1ecdf3d264a7f16cb16c2e815f422cdf0c8e30308be3c31e6bc58c0b7cadcb658b970e47479a684 + cbd8037fa6cca0d3c5d760f9775d6ec6b3349a80089425f3a72f47fa138d41ddb7d165fdf2df4d5ea97d430b173363a87cf9d61ef829127ba7 + f2f7d0abeac736dbcb17c8b11a614ef5; + b5aefa69a4cd52147ed12ca9 + 86981a874498ad0abef8bc4fcb70e2 + 7e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae985511265febd11c164720ee + f9eb1c8dd0b00951f284649016ed00456331854bc78bf43966eb0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851bc2810d8 + 78aad8dbb0a294e0d23f61421d9adf39e537651cf5d91bc9e815307a021e916467f1abae1cf7eb09aadf42f053f6c9dbb099b7587c + f40974b1334cf4c25e29bc26f608bf94; + 58cbbc8424d126b8 + "" + "" + "" + "" + 65a882a10602424ef433579558fd91db; + 07e6daa089c3f909 + 9c + "" + "" + "" + 67a19a1d408be278d46cb09c2d09e5ca; + 5ffb824173d7634c + "" + 04 + "" + "" + af4590dab6b84c9ab769597a6075bb40; + 226f30cbb7f0e4a9 + "" + "" + 73 + 19 + ee176a9eb69f35199805f8c19b5061bb; + a8cd190107314717 + a77456f3ff669c732b58db8f48af65f7 + cc9e3fb90e1721b730374ffc9bc597f56ccbb2f294b38766fc69f6a9f2c0945ffd505003cc0cae9ce021a5f1fa4ffa91 + 544485f1a1258b2b9b8f0911e32d65cc1770a18cbfe6effd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd + bcece9311f7669d6f744b547aafeba06c7cb05e623325f183ec1c0b24424f612b10a539f684fd1c0730ee75e5deb2b55 + d6c09aed972bfb56ab024c80fa114965; + 409b687fa3a6827b + 480aa3a4c84cef64f6c9b53b + f8f957f4b03cf43e89957f9a3e8128f8743d16 + 687b7bb8deb9bd205b70e04c091d205cdad9e9a79b1abf91b0851e5ca605ac8451399587011677508a15dde524af3e2bee0646541a42c2eccc + fd90ce8763bd7ad21f288077677eb3cfee48137ffe89d5c5965b3d99592896c4eb94b6573c1610d266609da17e3192a833bddc1a656e91b4f0 + 87a7ea3dc29335c676a2d8453d5232ec; + b44d65bad397abfa + f529ee41cf9a05c7efedef3401539c + 51d2a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718fd25014107c8e7d715a92add9589d1f5c0 + 54b2d983514605ec590294a319b9802068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff59a332ba58d5d5589bfe + d29ece81f1d8523540fd3e4edae0f717730b301f05f3c9fae128581349a2740ae49266ed8d83a2216072ed232e280163b9531f80c1 + 9f123aa15e25f65aeda0a8c05855c696; + 079753ee1a957eb6d6699e6b7ea2725cb2 + "" + "" + "" + "" + 0d19fefb39f9d5ca47305f578da4c2a6; + dac07ecde95759ac46fee6dda7abc8ad68 + da + "" + "" + "" + 33e9c876994b5d473cee7028bd8bc422; + ac90cfe22d2f1f2968cc42fa8b669ed3bb + "" + 35 + "" + "" + b5f2eefdbd65dad3c85637c4644d81b8; + 42a9cf44bbc8c6254d980398bd94e66eb4 + "" + "" + 56 + a1 + 41f9c05ae9ec028487faba6297d754aa; + 3d405e51881e99027b8ab9aea3ccf860b0 + 009740763d96836c5f87b95460938de1 + 288c69d80ea12ff4bb5f069b8a2e86041c1b9fc214e9ca2186ddf1f6a7a3aa7e740da967828e3604b35b15ffaa6c3680 + 0d9645563a308ba60076817523bd2abf1261b089d8f23a9c2835076a23faac2cdd67771cc667a8331f0a170b66283e4f + 62a4e874b9bed58dfa604492bb7d314c941a359fb4704211a03bb5efb5bd1ead5f4bc209c9ed2ec55945e542da07de30 + 9ab10e04cce4cdb21816a452838e207e; + 834a06148f302c3973accd56f6f24e3395 + 8b8c2e2352fd61e4fa8fec81 + 6ac861a8b33779f09e7a10fc02a8f48afa3080 + ee119a52a9a817e4f2b94b0820cab383a8cffeea7c486315799dc875fba578c8ec4837898a92142b5b0677da1ac273117b45bcfff5d5f8b6fd + 6be1ebdac5a498d5c1005189710616d5317726377ccdde02d771a44d9127704c821f1056a1079d34e742ebfdfd11ef3aea46b18655bb2ffe88 + fd98fa8d62a384d07a991fb3caea3398; + e2893232a9f81d14517ffae475f6b94a43 + a67b3d380d2f9aaafe2dd721c0095c + 8808847689211450ba8095ffab1eaadf66fd22ac1976063e113ab61f813e28a1397a7974a1d7f4220c785f + e426a5a0e80f678d404147842941feeffdc2eb44dc8c0d5e8f444f7f4e0c893959b74dc23a7bb40e7e0013e5150686d2301b43a15a + 100ee38a4070af0c2e7ea43836fcfa78a65278a09ab122bdcdba11d93b63c2965341b19ff4be55ced558fa76d5c3fcb0227e037572 + cec6a5923cedad5ad0bc6551a039ed2d; +} diff --git a/symm/t/skipjack b/symm/t/skipjack index 6cd1da4f..9c7704b7 100644 --- a/symm/t/skipjack +++ b/symm/t/skipjack @@ -153,3 +153,48 @@ skipjack-eax { 1e9afd31797d761c4f9ffbf0031a227872fa8b21de658b8fdb22514c48 44adbb6a2eae0a93; } + +skipjack-gcm { + e4bef260d7bcda163547 + "" + "" + "" + "" + 6fa498e64c57905e; + d348b7551195e7702290 + 7d + "" + "" + "" + cc2fd0c06756c545; + d1dff7dac5c9941d26d0 + "" + c6 + "" + "" + d6c1997db60c0a1c; + eb14ad568f86edd1dc92 + "" + "" + 68 + 98 + 08825f061a3ea120; + eeee533285a6ed810c9b + 689daaa9060d2d4b + 6003062365b0a54364c76c160f11896c4794846ecfa14a71 + 30c9f137120634c9519848a877ff77bf79192a5b50ade5d9 + 0a048d8b451ed2cd53dc70a177834525881e84046c4dd904 + 222801fac5bfd46c; + cd739a3d1f337f29549e + 6b0d27a4 + ba234085406a6136512061 + f7080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029 + f3bf97b9c9c15761437a42c826abadf01e9207fd4b172e200a6d7aea3a77c85c3a + fff6db552209b7b8; + df3e6057acc87638f508 + 046733d9ff61cd + bda3b3e9878731ebfedd4705e505da1435dcea + a7b1cc49ae1d50c38201a894476b3f102b752eb9529533966f27043eb6 + b96e1e6d2db5000c5bbbd06e86ab26c3a2a060b3eeeb1899793a743bc9 + 74694b07f5866d80; +} diff --git a/symm/t/square b/symm/t/square index d639dd94..5a183dd8 100644 --- a/symm/t/square +++ b/symm/t/square @@ -671,3 +671,132 @@ square-eax { b11e564fe1caa81babd189007d9fdf983b4a086302d1eb98daec4f6c91849f873b84982b0a5c037b952355e0a0c916a3967e7ddb69 b87b90233e12e003b8ffc0fa198d2269; } + +square-gcm { + f260d7bc + "" + "" + "" + "" + 66ac17c939ebd05ca617e77ba83201e9; + da163547 + d3 + "" + "" + "" + 8361e8e723233ce477ef9132624bfb9e; + 48b75511 + "" + 95 + "" + "" + 29a7e874d6054c42dcc1ada2e6f38cf8; + e7702290 + "" + "" + 7d + 7d + d439d2be5e01a0d767739abd80dbc293; + d1dff7da + c5c9941d26d0c6eb14ad568f86edd1dc + 9268eeee533285a6ed810c9b689daaa9060d2d4b6003062365b0a54364c76c160f11896c4794846ecfa14a7130c9f137 + 120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7080c + f36d7d44b8637a2a560a8e89a7a5a5c754de68194a47bb2befdf2384e91eb38cc70807a42a687eb3113c9c223e1c8763 + e13b8f67d62247d887180b4cfb90eb6b; + c07df059 + 1d8fa21f2dd88374d8cde8e1 + 60ad10997a21635c6d62c9269029df3e6057ac + c87638f508046733d9ff61cdbda3b3e9878731ebfedd4705e505da1435dceaa7b1cc49ae1d50c38201a894476b3f102b752eb9529533966f27 + 863f1602c0fb45b1a3264e8140b5addd0a82feb9b5e632fc539b3ed83667eecbf32c65dcacec865ea475c3506d61d00db1ba24288ba1a13ef1 + 58de876618ed18d0aab09ef9acd06bae; + 043eb621 + b7f65b000961040ef2f9b2fc5fa450 + 727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33d090c54215abd6 + b3ad54efc9a38378c5b93bf4f2aad2605faee2b03fb648e27fff63102758fe2b69ac26afa3349829b94586306fed54154f8f28523c + 1e559d1bc26402ae885ebcb0946a573d44df5d59476510247197bc816467f5386887c5543f3a2256e26f44a91b31afcb7bcc85b2dc + 83783d53918eff6b310540ac8c1c5d85; + 03d4de1600157846b710ee72 + "" + "" + "" + "" + ddd01942ddf92df99dcada451c651de0; + 807a2219bfb474fd71d891f2 + 4b + "" + "" + "" + 85e41566cb1b62bbe5c3e3a2a5f35779; + b65d1563259f9eb53b571ea6 + "" + 29 + "" + "" + 212a5e2129cd24e177c03718181637d0; + c54d57dd2d42f70800df9fcb + "" + "" + ac + 28 + 1b1cb85207cef5e0fe224f9b1d77f836; + a48b77dba189196d1ebba10b + 0467cb9fc2712a199e533fa9156308cd + ec3f768281e040a9b9a222bd689aef66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad7d95214a + de49cb3b6f5fe8368131115c037ba323fe1dc8151784873f0eb5b647da6794c18b5337685a96ed65b9aca338527ef19b + 2e5f808b009e36fb4f2cf59ec0cdd6f7aac023b9e6037528879a3389aca459a56a337073116aadb30f44453a3bd540df + 637a59d017456d0fffea63306283df28; + 09c063c46f88de9fd41e72d7 + b97e23e6eabdff3bcd211499 + 268878dbf30f1dad89d4b9b12012e4713df467 + 95630e7952d22bb02d7100b8b649377d20a8f083455b663e4ee1315f3c8f2aebfa921451dcd1af5813b70d30ce2f1fef6ef315d0798391805d + f37ebcd6beca3d239c15bc8e98b774a0c527c87c6fa04ebed3098db72f36ddccba0ee84417d99156b229b6a9b3d6b0d4139233e7d6793618a7 + a21999c562eaf6d513e48d6a0e12d77c; + a08da3aefc5f8584b7c5e617 + 669c0f16e39815d4e9cfce3ed1ecdf + 3d264a7f16cb16c2e815f422cdf0c8e30308be3c31e6bc58c0b7cadcb658b970e47479a684b5aefa69a4cd + 52147ed12ca986981a874498ad0abef8bc4fcb70e27e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae98 + 5e606cf43bfe84c8a64a2ab5d04d377da99053d2dd80b4b9e3b161a04b58b96bc7b750b95fdb479d36cebaebb300526d6d3c8a97e1 + 7d73467c21c6b79fd07b6670875687f9; + 5511265febd11c16 + "" + "" + "" + "" + d06bc05e975b21905cefbf33aed2558b; + 4720eef9eb1c8dd0 + b0 + "" + "" + "" + 6088d2aa7493efa2bb71465f9b4a4a7f; + 0951f284649016ed + "" + 00 + "" + "" + bfc486eed4840dddb9b8eb5cdc0895bb; + 456331854bc78bf4 + "" + "" + 39 + 22 + a44fd42c2bed09a530a167ff512d53c0; + 66eb0cfa9138ddc3 + 9908445608fe95e81c2533e31c9c1a98 + 51bc2810d858cbbc8424d126b807e6daa089c3f9099c5ffb824173d7634c04226f30cbb7f0e4a973a8cd190107314717 + a77456f3ff669c732b58db8f48af65f7cc9e3fb90e1721b730374ffc9bc597f56ccbb2f294b38766fc69f6a9f2c0945f + e7ef1f4b63cb4ab8b7ee9c733450f6bf4f921ca5fef77eaebb8cf2fd614e0de3f87e22a59b20f4f7af7af8f9c2175924 + 1b90917328ea382e254f6d0aa8d8fb50; + fd505003cc0cae9c + e021a5f1fa4ffa91544485f1 + a1258b2b9b8f0911e32d65cc1770a18cbfe6ef + fd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd409b687fa3a6827b480aa3a4c84cef64f6c9b53bf8f957f4b03cf43e89957f9a + 90f4bb5b8e60ae32eb97f506c90a0e71156ec2e4a39c1ae669502bbbd6724a3f5713dcdcdacb374f31723a9003a8402dda6b0260362527a72f + 2256d08180ac3ed3ab48daa0b86d4cc0; + 3e8128f8743d1668 + 7b7bb8deb9bd205b70e04c091d205c + dad9e9a79b1abf91b0851e5ca605ac8451399587011677508a15dde524af3e2bee0646541a42c2ecccb44d + 65bad397abfaf529ee41cf9a05c7efedef3401539c51d2a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718fd25014107c8 + 58a997404e629f9e9d5652bd076188c9bd4a631d3e2486a944151f3cf29edbfc62e3910c0b341052b475d623f2339488c9983e0990 + 1762e398f8582d72954ed718af4f677a; +} diff --git a/symm/t/tea b/symm/t/tea index 35da6069..ede8865f 100644 --- a/symm/t/tea +++ b/symm/t/tea @@ -270,3 +270,174 @@ tea-eax { 39f472084e8a3a053d250ae58c6a88e6313311f092a388c01ed590e3be 62fab90c78f1e4d7; } + +tea-gcm { + 60d7bcda163547d348b7551195 + "" + "" + "" + "" + 104863c1b7cc0364; + e77022907dd1dff7dac5c9941d + 26 + "" + "" + "" + 6824d44998ad5200; + d0c6eb14ad568f86edd1dc9268 + "" + ee + "" + "" + 2be3fa8881eb57e1; + ee533285a6ed810c9b689daaa9 + "" + "" + 06 + 06 + 7ccc0eb121d76855; + 0d2d4b6003062365b0a54364c7 + 6c160f11896c4794 + 846ecfa14a7130c9f137120634c9519848a877ff77bf7919 + 2a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085 + ccf001b2a76cd3c5568865d926c0c3c6289456233782bb6d + b4afc9476231f8db; + 406a6136512061f7080cc07df0 + 591d8fa2 + 1f2dd88374d8cde8e160ad + 10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61cdbda3b3e9 + 556dc3cce065e32fd3631b31687e116db7a457f59687e62ec3b9e0f3713456edfd + c05e7bc1c66c2194; + 878731ebfedd4705e505da1435 + dceaa7b1cc49ae + 1d50c38201a894476b3f102b752eb952953396 + 6f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52eb + 65c59d689cade0038ba31ee851008842af4971efd43a6c0c83b662e9a7 + 53170fb69a4358c4; + fda19d0ccc520f + "" + "" + "" + "" + 353b4c25eb464d16; + 215eb57bb3a4f3 + eb + "" + "" + "" + f0b9141e092436ba; + bbb18ac6c95a97 + "" + a4 + "" + "" + 5a56e7ab195dff15; + 8030370c33d090 + "" + "" + c5 + 63 + 0ebbd392dd296be9; + 4215abd6b3ad54 + efc9a38378c5b93b + f4f2aad2605faee2b03fb648e27fff63102758fe2b69ac26 + afa3349829b94586306fed54154f8f28523c03d4de160015 + 89fbccd054ce4e0e729a9348449702044abe666342d15dee + 09c94f26212a5c9c; + 7846b710ee7280 + 7a2219bf + b474fd71d891f24bb65d15 + 63259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebb + 62666b6deb78f4ca61a19405496b18f9af1e6c16c03eeafed378c6c14dc2760f87 + 5c37f56a50aad8ba; + a10b0467cb9fc2 + 712a199e533fa9 + 156308cdec3f768281e040a9b9a222bd689aef + 66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad + e44a6687f1516bda0c8403c0befbf7537a4cf036dcdcfd96e11d2dfda4 + 26338cb7a4856da3; + 7d95214ade49cb3b6f5f + "" + "" + "" + "" + d2ea2800e7d48c03; + e8368131115c037ba323 + fe + "" + "" + "" + 9f49f14465230250; + 1dc8151784873f0eb5b6 + "" + 47 + "" + "" + 1844b6087e8cca0f; + da6794c18b5337685a96 + "" + "" + ed + 8f + 7aa8c91ba90be3c4; + 65b9aca338527ef19b09 + c063c46f88de9fd4 + 1e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89 + d4b9b12012e4713df46795630e7952d22bb02d7100b8b649 + d493f349ac86d68f2b5a119280b7e849a4fc67d29b952c51 + edf814101fdece49; + 377d20a8f083455b663e + 4ee1315f + 3c8f2aebfa921451dcd1af + 5813b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584b7c5e617669c0f + 72fde1faae8cceca80d4d76992f2636732bd05609713442fbf159576f9cb844e91 + c654365e3cecad77; + 16e39815d4e9cfce3ed1 + ecdf3d264a7f16 + cb16c2e815f422cdf0c8e30308be3c31e6bc58 + c0b7cadcb658b970e47479a684b5aefa69a4cd52147ed12ca986981a87 + e28f18dcf71cfb49b094dac380189402100d4256169995d2f33dce3e77 + c86e61eec92dda36; + 4498ad0abef8bc4fcb + "" + "" + "" + "" + 4b7087b7ee345d6c; + 70e27e98ef1f0446b4 + 2f + "" + "" + "" + 9c586b9f2a4a8338; + b144d44b6d00f06dc1 + "" + 88 + "" + "" + f9c5a60277aba1ef; + d472a784e0c6f21195 + "" + "" + a3 + 01 + 0546d37e096d7325; + b9f4ae985511265feb + d11c164720eef9eb + 1c8dd0b00951f284649016ed00456331854bc78bf43966eb + 0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851bc + c579381ec4d7849aa0c7959d8b5fa316430a709bf6949cbb + 479c8f6f98bf9a02; + 2810d858cbbc8424d1 + 26b807e6 + daa089c3f9099c5ffb8241 + 73d7634c04226f30cbb7f0e4a973a8cd190107314717a77456f3ff669c732b58db + 6aa3da0c805ece511ebb54408d1529d4d5f993373fbba6425692a5a643b6e6cf5d + f2b2f11c0f79c16c; + 8f48af65f7cc9e3fb9 + 0e1721b730374f + fc9bc597f56ccbb2f294b38766fc69f6a9f2c0 + 945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a1258b2b9b8f09 + ee503d12aef7e05140a33551f93a02eb6631e56e47a61f61b5357a4636 + 4f584686113ded23; +} diff --git a/symm/t/twofish.local b/symm/t/twofish.local index db1047db..3bc17bdb 100644 --- a/symm/t/twofish.local +++ b/symm/t/twofish.local @@ -197,3 +197,174 @@ twofish-eax { 1cc781e5396ac8524f32f3a2e1dd087ce19381548225aa1d043499e04890a78ba1c21cad856ff355265a9760b6f81ba5a9b34d275f bb1cd29c56a26e0a9ef3fc8341f8f663; } + +twofish-gcm { + 60d7bcda163547d348b7551195 + "" + "" + "" + "" + 7e0c01ab8086fe01a7c940e3d5e4c825; + e77022907dd1dff7dac5c9941d + 26 + "" + "" + "" + 03cc1ef1b342e6882d46938c5583bcde; + d0c6eb14ad568f86edd1dc9268 + "" + ee + "" + "" + 922c01776999bb27557eaff4621e6542; + ee533285a6ed810c9b689daaa9 + "" + "" + 06 + 2d + 65db54152b66c0a4630723dad69c59fe; + 0d2d4b6003062365b0a54364c7 + 6c160f11896c4794846ecfa14a7130c9 + f137120634c9519848a877ff77bf79192a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085406a6136512061f7 + 080cc07df0591d8fa21f2dd88374d8cde8e160ad10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61 + d2fd5ce98fff00c787eec5ba7c1428b7e298c61467e66996e9e34dd9f98e9dcb9e272339bcd0b5e261887f4a735d14e5 + bdee54527341a497d08ead912a0fd02b; + cdbda3b3e9878731ebfedd4705 + e505da1435dceaa7b1cc49ae + 1d50c38201a894476b3f102b752eb952953396 + 6f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52ebfda19d0ccc520f215eb57bb3a4f3ebbbb18ac6c95a97a48030370c33 + 7666e42e7493950c9783e8b919586b513c70b5ac09fcfcdd0a7199a12fded4b8c7499bc5803a2eb9c0e3934a4f42ff8fe32fad10326556567e + c341241121b63236496060eef63ffe36; + d090c54215abd6b3ad54efc9a3 + 8378c5b93bf4f2aad2605faee2b03f + b648e27fff63102758fe2b69ac26afa3349829b94586306fed54154f8f28523c03d4de1600157846b710ee + 72807a2219bfb474fd71d891f24bb65d1563259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebba10b04 + 5f0cf7d078722238b7aaac66bf90a3a9761e66f896d956d9414d54a425e983126667ab8b776f1363fc275661175db1ee73d5529c59 + 0e29764305b7acf72af4b12db37fdb18; + 67cb9fc2712a199e533fa915 + "" + "" + "" + "" + dbe0886648906617f156b7749baf20d2; + 6308cdec3f768281e040a9b9 + a2 + "" + "" + "" + d250af0db768e3345e8cb717015d4481; + 22bd689aef66f5306ceb0c6b + "" + 08 + "" + "" + 11cea01fc59f767221b1d1f2d0143b96; + ac8b0a22260c571b4a42bb8f + "" + "" + db + 51 + 2d05a8a0ba680cee9cd48e338c8b48a9; + 233bfa6a5cfb0bad7d95214a + de49cb3b6f5fe8368131115c037ba323 + fe1dc8151784873f0eb5b647da6794c18b5337685a96ed65b9aca338527ef19b09c063c46f88de9fd41e72d7b97e23e6 + eabdff3bcd211499268878dbf30f1dad89d4b9b12012e4713df46795630e7952d22bb02d7100b8b649377d20a8f08345 + 0499046ea761b7f3aa662f3bde9f5f0c37f36bb3fb0d364b585c4d2b0e4f4a66153fba1b366ac0c79439aeca1967adb8 + 8d5c3aac36d523729b5afb91924ee629; + 5b663e4ee1315f3c8f2aebfa + 921451dcd1af5813b70d30ce + 2f1fef6ef315d0798391805da08da3aefc5f85 + 84b7c5e617669c0f16e39815d4e9cfce3ed1ecdf3d264a7f16cb16c2e815f422cdf0c8e30308be3c31e6bc58c0b7cadcb658b970e47479a684 + ef0a5118e770a0a6ab603d85ad16ffecfc3e84c9c4e6390c6a658ba226d4f85ed42d57e886a1076bdd9ffae334371a545add74a74a6e59c7fb + 79064ad707bf5bb9f2443064d63635af; + b5aefa69a4cd52147ed12ca9 + 86981a874498ad0abef8bc4fcb70e2 + 7e98ef1f0446b42fb144d44b6d00f06dc188d472a784e0c6f21195a3b9f4ae985511265febd11c164720ee + f9eb1c8dd0b00951f284649016ed00456331854bc78bf43966eb0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851bc2810d8 + 83eadff65bdc0a99b0c11b2414491643ef798658f9a4a2c78a46c89ca7476745450aaa0add25c28bd3c0eefeac9e7f19f3d95904d0 + 10317aaa71d95a323784406eecfc6621; + 58cbbc8424d126b8 + "" + "" + "" + "" + 4108dabb7754ccdf2f498097fe2493bb; + 07e6daa089c3f909 + 9c + "" + "" + "" + d2b1658dfe8f7e211bf9f3bee32064a8; + 5ffb824173d7634c + "" + 04 + "" + "" + ab2e2975c1c3b9bc07bb7b2c7a3f55fc; + 226f30cbb7f0e4a9 + "" + "" + 73 + 51 + 104b6be42e4ebbd2b94e5da48806507a; + a8cd190107314717 + a77456f3ff669c732b58db8f48af65f7 + cc9e3fb90e1721b730374ffc9bc597f56ccbb2f294b38766fc69f6a9f2c0945ffd505003cc0cae9ce021a5f1fa4ffa91 + 544485f1a1258b2b9b8f0911e32d65cc1770a18cbfe6effd1ff6778554acf1270485b203a3c1c4c967c0a458cb948bdd + 8b86c6c7e623c9e343ae7b1fa3d1eb8d38263234e881594a86fa291136d838ea2326aab6f331ed8241dc5632ab3dd10a + b0a96f29b83f2b02056bf2e94ac43147; + 409b687fa3a6827b + 480aa3a4c84cef64f6c9b53b + f8f957f4b03cf43e89957f9a3e8128f8743d16 + 687b7bb8deb9bd205b70e04c091d205cdad9e9a79b1abf91b0851e5ca605ac8451399587011677508a15dde524af3e2bee0646541a42c2eccc + 96544d398a17314d02e7345a80062864904f86b8ba0280f29064775fb7669b6b2fc8f7e9b1fa6a213ec25349802826b9a6148ef2954df0a019 + c7a2ce4d1d3d9949eabebe7a572a5f7c; + b44d65bad397abfa + f529ee41cf9a05c7efedef3401539c + 51d2a90bbf7f1bfc338ab0ef5746ea8fdcccd213e33f7e8a5718fd25014107c8e7d715a92add9589d1f5c0 + 54b2d983514605ec590294a319b9802068a9f891bc5ba5afabf8c3122d12d7ff3c41122d70d17d4569eaff59a332ba58d5d5589bfe + ed9ebcc7d472e5707c7102b1cf72f2330419fbc2162a8d603f0bca3963eaf35992339cbe19b1525909be51f7a4cfebcb0b20efb5e7 + 11a34ad52fc2412ffde804945f7527de; + 079753ee1a957eb6d6699e6b7ea2725cb2 + "" + "" + "" + "" + bfce79cd62f6cd0cd7bb988245358c97; + dac07ecde95759ac46fee6dda7abc8ad68 + da + "" + "" + "" + 1582dba1ba23714f141583436dbb0af1; + ac90cfe22d2f1f2968cc42fa8b669ed3bb + "" + 35 + "" + "" + 7e202b58482cc68bee3ad6f7ccd6c034; + 42a9cf44bbc8c6254d980398bd94e66eb4 + "" + "" + 56 + 19 + e5560f7f46d1747af91a51b39fa2a553; + 3d405e51881e99027b8ab9aea3ccf860b0 + 009740763d96836c5f87b95460938de1 + 288c69d80ea12ff4bb5f069b8a2e86041c1b9fc214e9ca2186ddf1f6a7a3aa7e740da967828e3604b35b15ffaa6c3680 + 0d9645563a308ba60076817523bd2abf1261b089d8f23a9c2835076a23faac2cdd67771cc667a8331f0a170b66283e4f + a86b53285f02553f8eea5475249f7d19cdd539a0a2544e883ae030bdab6c626b5a459a384171205e95534a8e5c6658e1 + 6fca68ddf9bfb6b8a06b44be4bb55eec; + 834a06148f302c3973accd56f6f24e3395 + 8b8c2e2352fd61e4fa8fec81 + 6ac861a8b33779f09e7a10fc02a8f48afa3080 + ee119a52a9a817e4f2b94b0820cab383a8cffeea7c486315799dc875fba578c8ec4837898a92142b5b0677da1ac273117b45bcfff5d5f8b6fd + 25c9ca2752529fa0759c758d42f753af1a4ab5b3f036d585663ce2c886009a979951f8ea9e492a2175238be31f71aecb2a240e14be8873994e + 944a53fbe54197cb27d46c0f768fde88; + e2893232a9f81d14517ffae475f6b94a43 + a67b3d380d2f9aaafe2dd721c0095c + 8808847689211450ba8095ffab1eaadf66fd22ac1976063e113ab61f813e28a1397a7974a1d7f4220c785f + e426a5a0e80f678d404147842941feeffdc2eb44dc8c0d5e8f444f7f4e0c893959b74dc23a7bb40e7e0013e5150686d2301b43a15a + 365bec4034b390949b707acfee0545eb79e0b47d87cdb901af6c3e964a997fe8c0faa678fa214c8ec5887e250c0d3007b2f1e29a93 + 2fc6d2d214bcad3f502b9bf292029e1c; +} diff --git a/symm/t/xtea b/symm/t/xtea index e08b496f..007ab32c 100644 --- a/symm/t/xtea +++ b/symm/t/xtea @@ -266,3 +266,174 @@ xtea-eax { 913b6bc765751a1b774bdd80b81b54a40e6b943acb8d922c5ea0b049d3 32a223a2cb999dba; } + +xtea-gcm { + 60d7bcda163547d348b7551195 + "" + "" + "" + "" + 965c89c5e9e67150; + e77022907dd1dff7dac5c9941d + 26 + "" + "" + "" + 4bc1d47c6aa62964; + d0c6eb14ad568f86edd1dc9268 + "" + ee + "" + "" + efbae174fcba078d; + ee533285a6ed810c9b689daaa9 + "" + "" + 06 + e8 + 3c4fa10c897f0762; + 0d2d4b6003062365b0a54364c7 + 6c160f11896c4794 + 846ecfa14a7130c9f137120634c9519848a877ff77bf7919 + 2a5b50ade5d9cd739a3d1f337f29549e6b0d27a4ba234085 + bffee89ad704bd37259e148b3c038bf2ee483ee7e15cddd8 + f679257dc029e7f1; + 406a6136512061f7080cc07df0 + 591d8fa2 + 1f2dd88374d8cde8e160ad + 10997a21635c6d62c9269029df3e6057acc87638f508046733d9ff61cdbda3b3e9 + 77f4d28e0589a98ab60a4c53cf2a34a4212aee7756a9ebf17f5c52b982ae5dc249 + d61642f2623b785f; + 878731ebfedd4705e505da1435 + dceaa7b1cc49ae + 1d50c38201a894476b3f102b752eb952953396 + 6f27043eb621b7f65b000961040ef2f9b2fc5fa450727a9b542cde52eb + f9d9ebb1b908d8d19893ce0bebb4c2b87110adc572425cf0d88b32fe2c + aa3002dffd42e3ff; + fda19d0ccc520f + "" + "" + "" + "" + dbafe92d502b3295; + 215eb57bb3a4f3 + eb + "" + "" + "" + 09ac92680bc52ddf; + bbb18ac6c95a97 + "" + a4 + "" + "" + 2845ab8e15cc6e83; + 8030370c33d090 + "" + "" + c5 + 3e + 8b12bd215589da19; + 4215abd6b3ad54 + efc9a38378c5b93b + f4f2aad2605faee2b03fb648e27fff63102758fe2b69ac26 + afa3349829b94586306fed54154f8f28523c03d4de160015 + 3dd971d21e1f273a18a156a12cc084d265744982a0bc84ee + e4bc1c22d869ce1f; + 7846b710ee7280 + 7a2219bf + b474fd71d891f24bb65d15 + 63259f9eb53b571ea629c54d57dd2d42f70800df9fcbaca48b77dba189196d1ebb + 35afbe16c12e4a71ee59d1e03479d82c240119d25d7f759298ca0c6a7261ec0df7 + 0e3afa58d945282f; + a10b0467cb9fc2 + 712a199e533fa9 + 156308cdec3f768281e040a9b9a222bd689aef + 66f5306ceb0c6b08ac8b0a22260c571b4a42bb8fdb233bfa6a5cfb0bad + 91c7d3e6bdfdc99a009642e8586acdb300caf64ccfa844f823b02fb3a3 + 9d1d569032d47694; + 7d95214ade49cb3b6f5f + "" + "" + "" + "" + bf7b041a488d393e; + e8368131115c037ba323 + fe + "" + "" + "" + 41f54145c986899b; + 1dc8151784873f0eb5b6 + "" + 47 + "" + "" + 46aa574328fd728c; + da6794c18b5337685a96 + "" + "" + ed + fb + b2ae7fdba380ced8; + 65b9aca338527ef19b09 + c063c46f88de9fd4 + 1e72d7b97e23e6eabdff3bcd211499268878dbf30f1dad89 + d4b9b12012e4713df46795630e7952d22bb02d7100b8b649 + 9b3dd3969b6367d11a17e2c10241592ea531ecf0445749eb + ee022fa7e8e3a576; + 377d20a8f083455b663e + 4ee1315f + 3c8f2aebfa921451dcd1af + 5813b70d30ce2f1fef6ef315d0798391805da08da3aefc5f8584b7c5e617669c0f + 4d32b3228edff4d5a35588331c433defeca851b5843150082ac23d5607ea06c83e + d1458ac231a4ac20; + 16e39815d4e9cfce3ed1 + ecdf3d264a7f16 + cb16c2e815f422cdf0c8e30308be3c31e6bc58 + c0b7cadcb658b970e47479a684b5aefa69a4cd52147ed12ca986981a87 + 8603545fa254880d1fceb81d2e937217d0edfd7f6713078624772c0f40 + fdc8cb8bc51a1533; + 4498ad0abef8bc4fcb + "" + "" + "" + "" + 9c3e0d53b5dca992; + 70e27e98ef1f0446b4 + 2f + "" + "" + "" + 04bf8339880c70bd; + b144d44b6d00f06dc1 + "" + 88 + "" + "" + fefa3ef4a95dbe20; + d472a784e0c6f21195 + "" + "" + a3 + 6c + 05da912be7dd7846; + b9f4ae985511265feb + d11c164720eef9eb + 1c8dd0b00951f284649016ed00456331854bc78bf43966eb + 0cfa9138ddc39908445608fe95e81c2533e31c9c1a9851bc + e72acc6e0d4490e549b969d30f773905cd6dc77f4ce77b22 + bb74ac6f9139c65f; + 2810d858cbbc8424d1 + 26b807e6 + daa089c3f9099c5ffb8241 + 73d7634c04226f30cbb7f0e4a973a8cd190107314717a77456f3ff669c732b58db + 9e8854454d108c12f18f23fb9a251b52e734a3221aea99928614d209d6e57a4305 + 44d67f8883a717e5; + 8f48af65f7cc9e3fb9 + 0e1721b730374f + fc9bc597f56ccbb2f294b38766fc69f6a9f2c0 + 945ffd505003cc0cae9ce021a5f1fa4ffa91544485f1a1258b2b9b8f09 + ae7ea2a80ef6b2ec3b48f32be277ce5f984f50af216261f69bc2e65c2c + db4d7130d6508aa8; +} diff --git a/utils/advmodes b/utils/advmodes index 3af744e2..42fd38b4 100755 --- a/utils/advmodes +++ b/utils/advmodes @@ -1,7 +1,7 @@ #! /usr/bin/python from sys import argv -from struct import pack +from struct import unpack, pack from itertools import izip import catacomb as C @@ -280,6 +280,103 @@ def ctr(E, m, c0): return C.ByteString(m) ^ C.ByteString(y)[:len(m)] ###-------------------------------------------------------------------------- +### GCM. + +def gcm_mangle(x): + y = C.WriteBuffer() + for b in x: + b = ord(b) + bb = 0 + for i in xrange(8): + bb <<= 1 + if b&1: bb |= 1 + b >>= 1 + y.putu8(bb) + return C.ByteString(y) + +def gcm_mul(x, y): + w = len(x) + p = poly(8*w) + u, v = C.GF.loadl(gcm_mangle(x)), C.GF.loadl(gcm_mangle(y)) + z = (u*v)%p + return gcm_mangle(z.storel(w)) + +def gcm_pow(x, n): + w = len(x) + p = poly(8*w) + u = C.GF.loadl(gcm_mangle(x)) + z = pow(u, n, p) + return gcm_mangle(z.storel(w)) + +def gcm_ctr(E, m, c0): + y = C.WriteBuffer() + pre = c0[:-4] + c, = unpack('>L', c0[-4:]) + while y.size < len(m): + c += 1 + y.put(E.encrypt(pre + pack('>L', c))) + return C.ByteString(m) ^ C.ByteString(y)[:len(m)] + +def g(what, x, m, a0 = None): + n = len(x) + if a0 is None: a = Z(n) + else: a = a0 + i = 0 + for b in blocks0(m, n)[0]: + a = gcm_mul(a ^ b, x) + if VERBOSE: print '%s[%d] = %s -> %s' % (what, i, hex(b), hex(a)) + i += 1 + return a + +def gcm_pad(w, x): + return C.ByteString(x + Z(-len(x)%w)) + +def gcm_lens(w, a, b): + if w < 12: n = w + else: n = w/2 + return C.ByteString(C.MP(a).storeb(n) + C.MP(b).storeb(n)) + +def ghash(whata, whatb, x, a, b): + w = len(x) + ha = g(whata, x, gcm_pad(w, a)) + hb = g(whatb, x, gcm_pad(w, b)) + if a: + hc = gcm_mul(ha, gcm_pow(x, (len(b) + w - 1)/w)) ^ hb + if VERBOSE: print '%s || %s -> %s' % (whata, whatb, hex(hc)) + else: + hc = hb + return g(whatb, x, gcm_lens(w, 8*len(a), 8*len(b)), hc) + +def gcmenc(E, n, h, m, tsz = None): + w = E.__class__.blksz + x = E.encrypt(Z(w)) + if VERBOSE: print 'x = %s' % hex(x) + if len(n) + 4 == w: c0 = C.ByteString(n + pack('>L', 1)) + else: c0 = ghash('?', 'n', x, EMPTY, n) + if VERBOSE: print 'c0 = %s' % hex(c0) + y = gcm_ctr(E, m, c0) + t = ghash('h', 'y', x, h, y) ^ E.encrypt(c0) + return y, t + +def gcmdec(E, n, h, y, t): + w = E.__class__.blksz + x = E.encrypt(Z(w)) + if VERBOSE: print 'x = %s' % hex(x) + if len(n) + 4 == w: c0 = C.ByteString(n + pack('>L', 1)) + else: c0 = ghash('?', 'n', x, EMPTY, n) + if VERBOSE: print 'c0 = %s' % hex(c0) + m = gcm_ctr(E, y, c0) + tt = ghash('h', 'y', x, h, y) ^ E.encrypt(c0) + if t == tt: return m, + else: return None, + +def gcmgen(bc): + return [(0, 0, 0), (1, 0, 0), (0, 1, 0), (0, 0, 1), + (bc.blksz, 3*bc.blksz, 3*bc.blksz), + (bc.blksz - 4, bc.blksz + 3, 3*bc.blksz + 9), + (bc.blksz - 1, 3*bc.blksz - 5, 3*bc.blksz + 5)] + +###-------------------------------------------------------------------------- ### EAX. def eaxenc(E, n, h, m, tsz = None): @@ -336,7 +433,9 @@ intarg = struct(mk = lambda x: x, parse = int, show = None) MODEMAP = { 'eax-enc': (eaxgen, 3*[binarg] + [intarg], eaxenc), 'eax-dec': (dummygen, 4*[binarg], eaxdec), - 'cmac': (cmacgen, [binarg], cmac) } + 'cmac': (cmacgen, [binarg], cmac), + 'gcm-enc': (gcmgen, 3*[binarg] + [intarg], gcmenc), + 'gcm-dec': (dummygen, 4*[binarg], gcmdec) } mode = argv[1] bc = None -- 2.11.0