1 /* 2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* 11 * DES low level APIs are deprecated for public use, but still ok for internal 12 * use. 13 */ 14 #include "internal/deprecated.h" 15 16 #include <openssl/e_os2.h> 17 #include <string.h> 18 19 #include "testutil.h" 20 #include "internal/nelem.h" 21 22 #ifndef OPENSSL_NO_DES 23 # include <openssl/des.h> 24 25 /* In case any platform doesn't use unsigned int for its checksums */ 26 # define TEST_cs_eq TEST_uint_eq 27 28 # define DATA_BUF_SIZE 20 29 30 /* tisk tisk - the test keys don't all have odd parity :-( */ 31 /* test data */ 32 # define NUM_TESTS 34 33 static unsigned char key_data[NUM_TESTS][8] = { 34 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 35 {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 36 {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 37 {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 38 {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 39 {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 40 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 41 {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}, 42 {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57}, 43 {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E}, 44 {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86}, 45 {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E}, 46 {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6}, 47 {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE}, 48 {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6}, 49 {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE}, 50 {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16}, 51 {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F}, 52 {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46}, 53 {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E}, 54 {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76}, 55 {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07}, 56 {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F}, 57 {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7}, 58 {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 59 {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6}, 60 {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF}, 61 {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, 62 {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, 63 {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, 64 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 65 {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 66 {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 67 {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10} 68 }; 69 70 static unsigned char plain_data[NUM_TESTS][8] = { 71 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 72 {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 73 {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, 74 {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 75 {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 76 {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 77 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 78 {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 79 {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42}, 80 {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA}, 81 {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72}, 82 {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A}, 83 {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2}, 84 {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A}, 85 {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2}, 86 {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A}, 87 {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02}, 88 {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A}, 89 {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32}, 90 {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA}, 91 {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62}, 92 {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2}, 93 {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA}, 94 {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92}, 95 {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A}, 96 {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2}, 97 {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A}, 98 {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 99 {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 100 {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, 101 {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 102 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 103 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 104 {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF} 105 }; 106 107 static unsigned char cipher_data[NUM_TESTS][8] = { 108 {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7}, 109 {0x73, 0x59, 0xB2, 0x16, 0x3E, 0x4E, 0xDC, 0x58}, 110 {0x95, 0x8E, 0x6E, 0x62, 0x7A, 0x05, 0x55, 0x7B}, 111 {0xF4, 0x03, 0x79, 0xAB, 0x9E, 0x0E, 0xC5, 0x33}, 112 {0x17, 0x66, 0x8D, 0xFC, 0x72, 0x92, 0x53, 0x2D}, 113 {0x8A, 0x5A, 0xE1, 0xF8, 0x1A, 0xB8, 0xF2, 0xDD}, 114 {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7}, 115 {0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4}, 116 {0x69, 0x0F, 0x5B, 0x0D, 0x9A, 0x26, 0x93, 0x9B}, 117 {0x7A, 0x38, 0x9D, 0x10, 0x35, 0x4B, 0xD2, 0x71}, 118 {0x86, 0x8E, 0xBB, 0x51, 0xCA, 0xB4, 0x59, 0x9A}, 119 {0x71, 0x78, 0x87, 0x6E, 0x01, 0xF1, 0x9B, 0x2A}, 120 {0xAF, 0x37, 0xFB, 0x42, 0x1F, 0x8C, 0x40, 0x95}, 121 {0x86, 0xA5, 0x60, 0xF1, 0x0E, 0xC6, 0xD8, 0x5B}, 122 {0x0C, 0xD3, 0xDA, 0x02, 0x00, 0x21, 0xDC, 0x09}, 123 {0xEA, 0x67, 0x6B, 0x2C, 0xB7, 0xDB, 0x2B, 0x7A}, 124 {0xDF, 0xD6, 0x4A, 0x81, 0x5C, 0xAF, 0x1A, 0x0F}, 125 {0x5C, 0x51, 0x3C, 0x9C, 0x48, 0x86, 0xC0, 0x88}, 126 {0x0A, 0x2A, 0xEE, 0xAE, 0x3F, 0xF4, 0xAB, 0x77}, 127 {0xEF, 0x1B, 0xF0, 0x3E, 0x5D, 0xFA, 0x57, 0x5A}, 128 {0x88, 0xBF, 0x0D, 0xB6, 0xD7, 0x0D, 0xEE, 0x56}, 129 {0xA1, 0xF9, 0x91, 0x55, 0x41, 0x02, 0x0B, 0x56}, 130 {0x6F, 0xBF, 0x1C, 0xAF, 0xCF, 0xFD, 0x05, 0x56}, 131 {0x2F, 0x22, 0xE4, 0x9B, 0xAB, 0x7C, 0xA1, 0xAC}, 132 {0x5A, 0x6B, 0x61, 0x2C, 0xC2, 0x6C, 0xCE, 0x4A}, 133 {0x5F, 0x4C, 0x03, 0x8E, 0xD1, 0x2B, 0x2E, 0x41}, 134 {0x63, 0xFA, 0xC0, 0xD0, 0x34, 0xD9, 0xF7, 0x93}, 135 {0x61, 0x7B, 0x3A, 0x0C, 0xE8, 0xF0, 0x71, 0x00}, 136 {0xDB, 0x95, 0x86, 0x05, 0xF8, 0xC8, 0xC6, 0x06}, 137 {0xED, 0xBF, 0xD1, 0xC6, 0x6C, 0x29, 0xCC, 0xC7}, 138 {0x35, 0x55, 0x50, 0xB2, 0x15, 0x0E, 0x24, 0x51}, 139 {0xCA, 0xAA, 0xAF, 0x4D, 0xEA, 0xF1, 0xDB, 0xAE}, 140 {0xD5, 0xD4, 0x4F, 0xF7, 0x20, 0x68, 0x3D, 0x0D}, 141 {0x2A, 0x2B, 0xB0, 0x08, 0xDF, 0x97, 0xC2, 0xF2} 142 }; 143 144 static unsigned char cipher_ecb2[NUM_TESTS - 1][8] = { 145 {0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E}, 146 {0x19, 0x9E, 0x9D, 0x6D, 0xF3, 0x9A, 0xA8, 0x16}, 147 {0x2A, 0x4B, 0x4D, 0x24, 0x52, 0x43, 0x84, 0x27}, 148 {0x35, 0x84, 0x3C, 0x01, 0x9D, 0x18, 0xC5, 0xB6}, 149 {0x4A, 0x5B, 0x2F, 0x42, 0xAA, 0x77, 0x19, 0x25}, 150 {0xA0, 0x6B, 0xA9, 0xB8, 0xCA, 0x5B, 0x17, 0x8A}, 151 {0xAB, 0x9D, 0xB7, 0xFB, 0xED, 0x95, 0xF2, 0x74}, 152 {0x3D, 0x25, 0x6C, 0x23, 0xA7, 0x25, 0x2F, 0xD6}, 153 {0xB7, 0x6F, 0xAB, 0x4F, 0xBD, 0xBD, 0xB7, 0x67}, 154 {0x8F, 0x68, 0x27, 0xD6, 0x9C, 0xF4, 0x1A, 0x10}, 155 {0x82, 0x57, 0xA1, 0xD6, 0x50, 0x5E, 0x81, 0x85}, 156 {0xA2, 0x0F, 0x0A, 0xCD, 0x80, 0x89, 0x7D, 0xFA}, 157 {0xCD, 0x2A, 0x53, 0x3A, 0xDB, 0x0D, 0x7E, 0xF3}, 158 {0xD2, 0xC2, 0xBE, 0x27, 0xE8, 0x1B, 0x68, 0xE3}, 159 {0xE9, 0x24, 0xCF, 0x4F, 0x89, 0x3C, 0x5B, 0x0A}, 160 {0xA7, 0x18, 0xC3, 0x9F, 0xFA, 0x9F, 0xD7, 0x69}, 161 {0x77, 0x2C, 0x79, 0xB1, 0xD2, 0x31, 0x7E, 0xB1}, 162 {0x49, 0xAB, 0x92, 0x7F, 0xD0, 0x22, 0x00, 0xB7}, 163 {0xCE, 0x1C, 0x6C, 0x7D, 0x85, 0xE3, 0x4A, 0x6F}, 164 {0xBE, 0x91, 0xD6, 0xE1, 0x27, 0xB2, 0xE9, 0x87}, 165 {0x70, 0x28, 0xAE, 0x8F, 0xD1, 0xF5, 0x74, 0x1A}, 166 {0xAA, 0x37, 0x80, 0xBB, 0xF3, 0x22, 0x1D, 0xDE}, 167 {0xA6, 0xC4, 0xD2, 0x5E, 0x28, 0x93, 0xAC, 0xB3}, 168 {0x22, 0x07, 0x81, 0x5A, 0xE4, 0xB7, 0x1A, 0xAD}, 169 {0xDC, 0xCE, 0x05, 0xE7, 0x07, 0xBD, 0xF5, 0x84}, 170 {0x26, 0x1D, 0x39, 0x2C, 0xB3, 0xBA, 0xA5, 0x85}, 171 {0xB4, 0xF7, 0x0F, 0x72, 0xFB, 0x04, 0xF0, 0xDC}, 172 {0x95, 0xBA, 0xA9, 0x4E, 0x87, 0x36, 0xF2, 0x89}, 173 {0xD4, 0x07, 0x3A, 0xF1, 0x5A, 0x17, 0x82, 0x0E}, 174 {0xEF, 0x6F, 0xAF, 0xA7, 0x66, 0x1A, 0x7E, 0x89}, 175 {0xC1, 0x97, 0xF5, 0x58, 0x74, 0x8A, 0x20, 0xE7}, 176 {0x43, 0x34, 0xCF, 0xDA, 0x22, 0xC4, 0x86, 0xC8}, 177 {0x08, 0xD7, 0xB4, 0xFB, 0x62, 0x9D, 0x08, 0x85} 178 }; 179 180 static unsigned char cbc_key[8] = 181 { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; 182 static unsigned char cbc2_key[8] = 183 { 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86 }; 184 static unsigned char cbc3_key[8] = 185 { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }; 186 static unsigned char cbc_iv[8] = 187 { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }; 188 /* 189 * Changed the following text constant to binary so it will work on ebcdic 190 * machines :-) 191 */ 192 /* static char cbc_data[40]="7654321 Now is the time for \0001"; */ 193 static unsigned char cbc_data[40] = { 194 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, 195 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, 196 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20, 197 0x66, 0x6F, 0x72, 0x20, 0x00, 0x31, 0x00, 0x00, 198 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 199 }; 200 201 static unsigned char cbc_ok[32] = { 202 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, 203 0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb, 204 0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68, 205 0x1d, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 206 }; 207 208 # ifdef SCREW_THE_PARITY 209 # error "SCREW_THE_PARITY is not meant to be defined." 210 # error "Original vectors are preserved for reference only." 211 static unsigned char cbc2_key[8] = 212 { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }; 213 static unsigned char xcbc_ok[32] = { 214 0x86, 0x74, 0x81, 0x0D, 0x61, 0xA4, 0xA5, 0x48, 215 0xB9, 0x93, 0x03, 0xE1, 0xB8, 0xBB, 0xBD, 0xBD, 216 0x64, 0x30, 0x0B, 0xB9, 0x06, 0x65, 0x81, 0x76, 217 0x04, 0x1D, 0x77, 0x62, 0x17, 0xCA, 0x2B, 0xD2, 218 }; 219 # else 220 static unsigned char xcbc_ok[32] = { 221 0x84, 0x6B, 0x29, 0x14, 0x85, 0x1E, 0x9A, 0x29, 222 0x54, 0x73, 0x2F, 0x8A, 0xA0, 0xA6, 0x11, 0xC1, 223 0x15, 0xCD, 0xC2, 0xD7, 0x95, 0x1B, 0x10, 0x53, 224 0xA6, 0x3C, 0x5E, 0x03, 0xB2, 0x1A, 0xA3, 0xC4, 225 }; 226 # endif 227 228 static unsigned char cbc3_ok[32] = { 229 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0, 230 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC, 231 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4, 232 0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75 233 }; 234 235 static unsigned char pcbc_ok[32] = { 236 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, 237 0x6d, 0xec, 0xb4, 0x70, 0xa0, 0xe5, 0x6b, 0x15, 238 0xae, 0xa6, 0xbf, 0x61, 0xed, 0x7d, 0x9c, 0x9f, 239 0xf7, 0x17, 0x46, 0x3b, 0x8a, 0xb3, 0xcc, 0x88 240 }; 241 242 static unsigned char cfb_key[8] = 243 { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; 244 static unsigned char cfb_iv[8] = 245 { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }; 246 static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8]; 247 static unsigned char plain[24] = { 248 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 249 0x20, 0x74, 0x68, 0x65, 0x20, 0x74, 250 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f, 251 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20 252 }; 253 254 static unsigned char cfb_cipher8[24] = { 255 0xf3, 0x1f, 0xda, 0x07, 0x01, 0x14, 0x62, 0xee, 0x18, 0x7f, 0x43, 0xd8, 256 0x0a, 0x7c, 0xd9, 0xb5, 0xb0, 0xd2, 0x90, 0xda, 0x6e, 0x5b, 0x9a, 0x87 257 }; 258 259 static unsigned char cfb_cipher16[24] = { 260 0xF3, 0x09, 0x87, 0x87, 0x7F, 0x57, 0xF7, 0x3C, 0x36, 0xB6, 0xDB, 0x70, 261 0xD8, 0xD5, 0x34, 0x19, 0xD3, 0x86, 0xB2, 0x23, 0xB7, 0xB2, 0xAD, 0x1B 262 }; 263 264 static unsigned char cfb_cipher32[24] = { 265 0xF3, 0x09, 0x62, 0x49, 0xA4, 0xDF, 0xA4, 0x9F, 0x33, 0xDC, 0x7B, 0xAD, 266 0x4C, 0xC8, 0x9F, 0x64, 0xE4, 0x53, 0xE5, 0xEC, 0x67, 0x20, 0xDA, 0xB6 267 }; 268 269 static unsigned char cfb_cipher48[24] = { 270 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x30, 0xB5, 0x15, 0xEC, 0xBB, 0x85, 271 0x97, 0x5A, 0x13, 0x8C, 0x68, 0x60, 0xE2, 0x38, 0x34, 0x3C, 0xDC, 0x1F 272 }; 273 274 static unsigned char cfb_cipher64[24] = { 275 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x6E, 0x51, 0xA6, 0x9E, 0x83, 0x9B, 276 0x1A, 0x92, 0xF7, 0x84, 0x03, 0x46, 0x71, 0x33, 0x89, 0x8E, 0xA6, 0x22 277 }; 278 279 static unsigned char ofb_key[8] = 280 { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; 281 static unsigned char ofb_iv[8] = 282 { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }; 283 static unsigned char ofb_buf1[24], ofb_buf2[24], ofb_tmp[8]; 284 static unsigned char ofb_cipher[24] = { 285 0xf3, 0x09, 0x62, 0x49, 0xc7, 0xf4, 0x6e, 0x51, 286 0x35, 0xf2, 0x4a, 0x24, 0x2e, 0xeb, 0x3d, 0x3f, 287 0x3d, 0x6d, 0x5b, 0xe3, 0x25, 0x5a, 0xf8, 0xc3 288 }; 289 static DES_LONG cbc_cksum_ret = 0xF7FE62B4L; 290 static unsigned char cbc_cksum_data[8] = 291 { 0x1D, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 }; 292 293 static char *pt(const unsigned char *p, char buf[DATA_BUF_SIZE]) 294 { 295 char *ret; 296 int i; 297 static const char *f = "0123456789ABCDEF"; 298 299 ret = &(buf[0]); 300 for (i = 0; i < 8; i++) { 301 ret[i * 2] = f[(p[i] >> 4) & 0xf]; 302 ret[i * 2 + 1] = f[p[i] & 0xf]; 303 } 304 ret[16] = '\0'; 305 return ret; 306 } 307 308 static int test_des_ecb(int i) 309 { 310 DES_key_schedule ks; 311 DES_cblock in, out, outin; 312 char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; 313 314 DES_set_key_unchecked(&key_data[i], &ks); 315 memcpy(in, plain_data[i], 8); 316 memset(out, 0, 8); 317 memset(outin, 0, 8); 318 DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT); 319 DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT); 320 321 if (!TEST_mem_eq(out, 8, cipher_data[i], 8)) { 322 TEST_info("Encryption error %2d k=%s p=%s", i + 1, 323 pt(key_data[i], b1), pt(in, b2)); 324 return 0; 325 } 326 if (!TEST_mem_eq(in, 8, outin, 8)) { 327 TEST_info("Decryption error %2d k=%s p=%s", i + 1, 328 pt(key_data[i], b1), pt(out, b2)); 329 return 0; 330 } 331 return 1; 332 } 333 334 static int test_des_ede_ecb(int i) 335 { 336 DES_cblock in, out, outin; 337 DES_key_schedule ks, ks2, ks3; 338 char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; 339 340 DES_set_key_unchecked(&key_data[i], &ks); 341 DES_set_key_unchecked(&key_data[i + 1], &ks2); 342 DES_set_key_unchecked(&key_data[i + 2], &ks3); 343 memcpy(in, plain_data[i], 8); 344 memset(out, 0, 8); 345 memset(outin, 0, 8); 346 DES_ecb3_encrypt(&in, &out, &ks, &ks2, &ks, DES_ENCRYPT); 347 DES_ecb3_encrypt(&out, &outin, &ks, &ks2, &ks, DES_DECRYPT); 348 349 if (!TEST_mem_eq(out, 8, cipher_ecb2[i], 8)) { 350 TEST_info("Encryption error %2d k=%s p=%s", i + 1, 351 pt(key_data[i], b1), pt(in, b2)); 352 return 0; 353 } 354 if (!TEST_mem_eq(in, 8, outin, 8)) { 355 TEST_info("Decryption error %2d k=%s p=%s ", i + 1, 356 pt(key_data[i], b1), pt(out, b2)); 357 return 0; 358 } 359 return 1; 360 } 361 362 static int test_des_cbc(void) 363 { 364 unsigned char cbc_in[40]; 365 unsigned char cbc_out[40]; 366 DES_cblock iv3; 367 DES_key_schedule ks; 368 const size_t cbc_data_len = strlen((char *)cbc_data); 369 370 if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 371 return 0; 372 memset(cbc_out, 0, sizeof(cbc_out)); 373 memset(cbc_in, 0, sizeof(cbc_in)); 374 memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 375 DES_ncbc_encrypt(cbc_data, cbc_out, cbc_data_len + 1, &ks, 376 &iv3, DES_ENCRYPT); 377 if (!TEST_mem_eq(cbc_out, 32, cbc_ok, 32)) 378 return 0; 379 380 memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 381 DES_ncbc_encrypt(cbc_out, cbc_in, cbc_data_len + 1, &ks, 382 &iv3, DES_DECRYPT); 383 return TEST_mem_eq(cbc_in, cbc_data_len, cbc_data, cbc_data_len); 384 } 385 386 static int test_des_ede_cbc(void) 387 { 388 DES_cblock iv3; 389 DES_key_schedule ks; 390 unsigned char cbc_in[40]; 391 unsigned char cbc_out[40]; 392 const size_t n = strlen((char *)cbc_data) + 1; 393 394 if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 395 return 0; 396 memset(cbc_out, 0, sizeof(cbc_out)); 397 memset(cbc_in, 0, sizeof(cbc_in)); 398 memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 399 DES_xcbc_encrypt(cbc_data, cbc_out, n, &ks, &iv3, &cbc2_key, &cbc3_key, 400 DES_ENCRYPT); 401 if (!TEST_mem_eq(cbc_out, sizeof(xcbc_ok), xcbc_ok, sizeof(xcbc_ok))) 402 return 0; 403 memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 404 DES_xcbc_encrypt(cbc_out, cbc_in, n, &ks, &iv3, &cbc2_key, &cbc3_key, 405 DES_DECRYPT); 406 return TEST_mem_eq(cbc_data, n, cbc_data, n); 407 } 408 409 static int test_ede_cbc(void) 410 { 411 DES_cblock iv3; 412 DES_key_schedule ks, ks2, ks3; 413 unsigned char cbc_in[40]; 414 unsigned char cbc_out[40]; 415 const size_t i = strlen((char *)cbc_data) + 1; 416 const size_t n = (i + 7) / 8 * 8; 417 418 if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 419 return 0; 420 if (!TEST_int_eq(DES_set_key_checked(&cbc2_key, &ks2), 0)) 421 return 0; 422 if (!TEST_int_eq(DES_set_key_checked(&cbc3_key, &ks3), 0)) 423 return 0; 424 memset(cbc_out, 0, sizeof(cbc_out)); 425 memset(cbc_in, 0, sizeof(cbc_in)); 426 memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 427 428 DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, 429 DES_ENCRYPT); 430 DES_ede3_cbc_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2, 431 &ks3, &iv3, DES_ENCRYPT); 432 if (!TEST_mem_eq(cbc_out, n, cbc3_ok, n)) 433 return 0; 434 435 memcpy(iv3, cbc_iv, sizeof(cbc_iv)); 436 DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, 437 DES_DECRYPT); 438 return TEST_mem_eq(cbc_in, i, cbc_data, i); 439 } 440 441 static int test_input_align(int i) 442 { 443 unsigned char cbc_out[40]; 444 DES_cblock iv; 445 DES_key_schedule ks; 446 const size_t n = strlen(i + (char *)cbc_data) + 1; 447 448 memset(cbc_out, 0, sizeof(cbc_out)); 449 memcpy(iv, cbc_iv, sizeof(cbc_iv)); 450 if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 451 return 0; 452 DES_ncbc_encrypt(&cbc_data[i], cbc_out, n, &ks, &iv, DES_ENCRYPT); 453 return 1; 454 } 455 456 static int test_output_align(int i) 457 { 458 unsigned char cbc_out[40]; 459 DES_cblock iv; 460 DES_key_schedule ks; 461 const size_t n = strlen((char *)cbc_data) + 1; 462 463 memset(cbc_out, 0, sizeof(cbc_out)); 464 memcpy(iv, cbc_iv, sizeof(cbc_iv)); 465 if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 466 return 0; 467 DES_ncbc_encrypt(cbc_data, &cbc_out[i], n, &ks, &iv, DES_ENCRYPT); 468 return 1; 469 } 470 471 static int test_des_crypt(void) 472 { 473 if (!TEST_str_eq("efGnQx2725bI2", DES_crypt("testing", "ef"))) 474 return 0; 475 if (!TEST_str_eq("yA1Rp/1hZXIJk", DES_crypt("bca76;23", "yA"))) 476 return 0; 477 478 if (!TEST_ptr_null(DES_crypt("testing", "y\202"))) 479 return 0; 480 if (!TEST_ptr_null(DES_crypt("testing", "\0A"))) 481 return 0; 482 if (!TEST_ptr_null(DES_crypt("testing", "A"))) 483 return 0; 484 return 1; 485 } 486 487 static int test_des_pcbc(void) 488 { 489 unsigned char cbc_in[40]; 490 unsigned char cbc_out[40]; 491 DES_key_schedule ks; 492 const int n = strlen((char *)cbc_data) + 1; 493 494 if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) 495 return 0; 496 memset(cbc_out, 0, sizeof(cbc_out)); 497 memset(cbc_in, 0, sizeof(cbc_in)); 498 DES_pcbc_encrypt(cbc_data, cbc_out, n, &ks, 499 &cbc_iv, DES_ENCRYPT); 500 if (!TEST_mem_eq(cbc_out, sizeof(pcbc_ok), pcbc_ok, sizeof(pcbc_ok))) 501 return 0; 502 DES_pcbc_encrypt(cbc_out, cbc_in, n, &ks, 503 &cbc_iv, DES_DECRYPT); 504 return TEST_mem_eq(cbc_in, n, cbc_data, n); 505 } 506 507 static int cfb_test(int bits, unsigned char *cfb_cipher) 508 { 509 DES_key_schedule ks; 510 511 DES_set_key_checked(&cfb_key, &ks); 512 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 513 DES_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), &ks, &cfb_tmp, 514 DES_ENCRYPT); 515 if (!TEST_mem_eq(cfb_cipher, sizeof(plain), cfb_buf1, sizeof(plain))) 516 return 0; 517 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 518 DES_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), &ks, &cfb_tmp, 519 DES_DECRYPT); 520 return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); 521 } 522 523 static int test_des_cfb8(void) 524 { 525 return cfb_test(8, cfb_cipher8); 526 } 527 528 static int test_des_cfb16(void) 529 { 530 return cfb_test(16, cfb_cipher16); 531 } 532 533 static int test_des_cfb32(void) 534 { 535 return cfb_test(32, cfb_cipher32); 536 } 537 538 static int test_des_cfb48(void) 539 { 540 return cfb_test(48, cfb_cipher48); 541 } 542 543 static int test_des_cfb64(void) 544 { 545 DES_key_schedule ks; 546 int n; 547 size_t i; 548 549 if (!cfb_test(64, cfb_cipher64)) 550 return 0; 551 552 DES_set_key_checked(&cfb_key, &ks); 553 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 554 n = 0; 555 DES_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &cfb_tmp, &n, DES_ENCRYPT); 556 DES_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, 557 &cfb_tmp, &n, DES_ENCRYPT); 558 if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) 559 return 0; 560 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 561 n = 0; 562 DES_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, &ks, &cfb_tmp, &n, DES_DECRYPT); 563 DES_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], 564 sizeof(plain) - 17, &ks, &cfb_tmp, &n, DES_DECRYPT); 565 if (!TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain))) 566 return 0; 567 568 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 569 for (i = 0; i < sizeof(plain); i++) 570 DES_cfb_encrypt(&plain[i], &cfb_buf1[i], 8, 1, &ks, &cfb_tmp, 571 DES_ENCRYPT); 572 if (!TEST_mem_eq(cfb_cipher8, sizeof(plain), cfb_buf1, sizeof(plain))) 573 return 0; 574 575 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 576 for (i = 0; i < sizeof(plain); i++) 577 DES_cfb_encrypt(&cfb_buf1[i], &cfb_buf2[i], 8, 1, &ks, &cfb_tmp, 578 DES_DECRYPT); 579 return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); 580 } 581 582 static int test_des_ede_cfb64(void) 583 { 584 DES_key_schedule ks; 585 int n; 586 587 DES_set_key_checked(&cfb_key, &ks); 588 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 589 n = 0; 590 DES_ede3_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &ks, &ks, &cfb_tmp, &n, 591 DES_ENCRYPT); 592 DES_ede3_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, 593 &ks, &ks, &cfb_tmp, &n, DES_ENCRYPT); 594 if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) 595 return 0; 596 memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); 597 n = 0; 598 DES_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &ks, &ks, &ks, 599 &cfb_tmp, &n, DES_DECRYPT); 600 DES_ede3_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], sizeof(plain) - 17, 601 &ks, &ks, &ks, &cfb_tmp, &n, DES_DECRYPT); 602 return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); 603 } 604 605 static int test_des_ofb(void) 606 { 607 DES_key_schedule ks; 608 609 DES_set_key_checked(&ofb_key, &ks); 610 memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 611 DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp); 612 if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) 613 return 0; 614 615 memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 616 DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks, 617 &ofb_tmp); 618 return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); 619 } 620 621 static int test_des_ofb64(void) 622 { 623 DES_key_schedule ks; 624 int num; 625 size_t i; 626 627 DES_set_key_checked(&ofb_key, &ks); 628 memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 629 memset(ofb_buf1, 0, sizeof(ofb_buf1)); 630 memset(ofb_buf2, 0, sizeof(ofb_buf1)); 631 num = 0; 632 for (i = 0; i < sizeof(plain); i++) { 633 DES_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ofb_tmp, &num); 634 } 635 if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) 636 return 0; 637 memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 638 num = 0; 639 DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp, 640 &num); 641 return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); 642 } 643 644 static int test_des_ede_ofb64(void) 645 { 646 DES_key_schedule ks; 647 int num; 648 size_t i; 649 650 DES_set_key_checked(&ofb_key, &ks); 651 memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 652 memset(ofb_buf1, 0, sizeof(ofb_buf1)); 653 memset(ofb_buf2, 0, sizeof(ofb_buf1)); 654 num = 0; 655 for (i = 0; i < sizeof(plain); i++) { 656 DES_ede3_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ks, 657 &ks, &ofb_tmp, &num); 658 } 659 if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) 660 return 0; 661 memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); 662 num = 0; 663 DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks, 664 &ofb_tmp, &num); 665 return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); 666 } 667 668 static int test_des_cbc_cksum(void) 669 { 670 DES_LONG cs; 671 DES_key_schedule ks; 672 unsigned char cret[8]; 673 674 DES_set_key_checked(&cbc_key, &ks); 675 cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks, 676 &cbc_iv); 677 if (!TEST_cs_eq(cs, cbc_cksum_ret)) 678 return 0; 679 return TEST_mem_eq(cret, 8, cbc_cksum_data, 8); 680 } 681 682 static int test_des_quad_cksum(void) 683 { 684 DES_LONG cs, lqret[4]; 685 686 cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret, 687 (long)strlen((char *)cbc_data), 2, 688 (DES_cblock *)cbc_iv); 689 if (!TEST_cs_eq(cs, 0x70d7a63aL)) 690 return 0; 691 if (!TEST_cs_eq(lqret[0], 0x327eba8dL)) 692 return 0; 693 if (!TEST_cs_eq(lqret[1], 0x201a49ccL)) 694 return 0; 695 if (!TEST_cs_eq(lqret[2], 0x70d7a63aL)) 696 return 0; 697 if (!TEST_cs_eq(lqret[3], 0x501c2c26L)) 698 return 0; 699 return 1; 700 } 701 702 /* 703 * Test TDES based key wrapping. 704 * The wrapping process uses a randomly generated IV so it is difficult to 705 * undertake KATs. End to end testing is performed instead. 706 */ 707 static const int test_des_key_wrap_sizes[] = { 708 8, 16, 24, 32, 64, 80 709 }; 710 711 static int test_des_key_wrap(int idx) 712 { 713 int in_bytes = test_des_key_wrap_sizes[idx]; 714 unsigned char in[100], c_txt[200], p_txt[200], key[24]; 715 int clen, clen_upd, clen_fin, plen, plen_upd, plen_fin, expect, bs, i; 716 EVP_CIPHER *cipher = NULL; 717 EVP_CIPHER_CTX *ctx = NULL; 718 int res = 0; 719 720 /* Some sanity checks and cipher loading */ 721 if (!TEST_size_t_le(in_bytes, sizeof(in)) 722 || !TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, "DES3-WRAP", NULL)) 723 || !TEST_int_eq(bs = EVP_CIPHER_get_block_size(cipher), 8) 724 || !TEST_size_t_eq(bs * 3u, sizeof(key)) 725 || !TEST_true(in_bytes % bs == 0) 726 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())) 727 goto err; 728 729 /* Create random data to end to end test */ 730 for (i = 0; i < in_bytes; i++) 731 in[i] = test_random(); 732 733 /* Build the key */ 734 memcpy(key, cbc_key, sizeof(cbc_key)); 735 memcpy(key + sizeof(cbc_key), cbc2_key, sizeof(cbc2_key)); 736 memcpy(key + sizeof(cbc_key) + sizeof(cbc3_key), cbc_key, sizeof(cbc3_key)); 737 738 /* Wrap / encrypt the key */ 739 clen_upd = sizeof(c_txt); 740 if (!TEST_true(EVP_EncryptInit(ctx, cipher, key, NULL)) 741 || !TEST_true(EVP_EncryptUpdate(ctx, c_txt, &clen_upd, 742 in, in_bytes))) 743 goto err; 744 745 expect = (in_bytes + (bs - 1)) / bs * bs + 2 * bs; 746 if (!TEST_int_eq(clen_upd, expect)) 747 goto err; 748 749 clen_fin = sizeof(c_txt) - clen_upd; 750 if (!TEST_true(EVP_EncryptFinal(ctx, c_txt + clen_upd, &clen_fin)) 751 || !TEST_int_eq(clen_fin, 0)) 752 goto err; 753 clen = clen_upd + clen_fin; 754 755 /* Decrypt the wrapped key */ 756 plen_upd = sizeof(p_txt); 757 if (!TEST_true(EVP_DecryptInit(ctx, cipher, key, NULL)) 758 || !TEST_true(EVP_DecryptUpdate(ctx, p_txt, &plen_upd, 759 c_txt, clen))) 760 goto err; 761 plen_fin = sizeof(p_txt) - plen_upd; 762 if (!TEST_true(EVP_DecryptFinal(ctx, p_txt + plen_upd, &plen_fin))) 763 goto err; 764 plen = plen_upd + plen_fin; 765 766 if (!TEST_mem_eq(in, in_bytes, p_txt, plen)) 767 goto err; 768 res = 1; 769 err: 770 EVP_CIPHER_free(cipher); 771 EVP_CIPHER_CTX_free(ctx); 772 return res; 773 } 774 775 /*- 776 * Weak and semi weak keys as taken from 777 * %A D.W. Davies 778 * %A W.L. Price 779 * %T Security for Computer Networks 780 * %I John Wiley & Sons 781 * %D 1984 782 */ 783 static struct { 784 const DES_cblock key; 785 int expect; 786 } weak_keys[] = { 787 /* weak keys */ 788 {{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, 1 }, 789 {{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}, 1 }, 790 {{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, 1 }, 791 {{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1}, 1 }, 792 /* semi-weak keys */ 793 {{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE}, 1 }, 794 {{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01}, 1 }, 795 {{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1}, 1 }, 796 {{0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E}, 1 }, 797 {{0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1}, 1 }, 798 {{0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01}, 1 }, 799 {{0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE}, 1 }, 800 {{0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E}, 1 }, 801 {{0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E}, 1 }, 802 {{0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01}, 1 }, 803 {{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, 1 }, 804 {{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}, 1 }, 805 /* good key */ 806 {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 } 807 }; 808 809 static int test_des_weak_keys(int n) 810 { 811 const_DES_cblock *key = (unsigned char (*)[8])weak_keys[n].key; 812 813 return TEST_int_eq(DES_is_weak_key(key), weak_keys[n].expect); 814 } 815 816 static struct { 817 const DES_cblock key; 818 int expect; 819 } bad_parity_keys[] = { 820 {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 0 }, 821 {{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 0 }, 822 /* Perturb each byte in turn to create even parity */ 823 {{0x48, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 824 {{0x49, 0xE8, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 825 {{0x49, 0xE9, 0x5C, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 826 {{0x49, 0xE9, 0x5D, 0x7D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, 827 {{0x49, 0xE9, 0x5D, 0x6D, 0x5C, 0xA2, 0x29, 0xBF}, 0 }, 828 {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA3, 0x29, 0xBF}, 0 }, 829 {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x39, 0xBF}, 0 }, 830 {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBE}, 0 }, 831 /* Odd parity version of above */ 832 {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 1 } 833 }; 834 835 static int test_des_check_bad_parity(int n) 836 { 837 const_DES_cblock *key = (unsigned char (*)[8])bad_parity_keys[n].key; 838 839 return TEST_int_eq(DES_check_key_parity(key), bad_parity_keys[n].expect); 840 } 841 842 /* Test that two key 3DES can generate a random key without error */ 843 static int test_des_two_key(void) 844 { 845 int res = 0; 846 EVP_CIPHER *cipher = NULL; 847 EVP_CIPHER_CTX *ctx = NULL; 848 unsigned char key[16]; 849 850 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, "DES-EDE-ECB", NULL)) 851 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new()) 852 || !EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) 853 || !EVP_CIPHER_CTX_set_key_length(ctx, sizeof(key)) 854 || !EVP_CIPHER_CTX_rand_key(ctx, key)) 855 goto err; 856 857 res = 1; 858 err: 859 EVP_CIPHER_free(cipher); 860 EVP_CIPHER_CTX_free(ctx); 861 return res; 862 } 863 864 #endif 865 866 int setup_tests(void) 867 { 868 #ifndef OPENSSL_NO_DES 869 ADD_ALL_TESTS(test_des_ecb, NUM_TESTS); 870 ADD_TEST(test_des_cbc); 871 ADD_TEST(test_ede_cbc); 872 ADD_ALL_TESTS(test_des_ede_ecb, NUM_TESTS - 2); 873 ADD_TEST(test_des_ede_cbc); 874 ADD_TEST(test_des_pcbc); 875 ADD_TEST(test_des_cfb8); 876 ADD_TEST(test_des_cfb16); 877 ADD_TEST(test_des_cfb32); 878 ADD_TEST(test_des_cfb48); 879 ADD_TEST(test_des_cfb64); 880 ADD_TEST(test_des_ede_cfb64); 881 ADD_TEST(test_des_ofb); 882 ADD_TEST(test_des_ofb64); 883 ADD_TEST(test_des_ede_ofb64); 884 ADD_TEST(test_des_cbc_cksum); 885 ADD_TEST(test_des_quad_cksum); 886 ADD_TEST(test_des_crypt); 887 ADD_ALL_TESTS(test_input_align, 4); 888 ADD_ALL_TESTS(test_output_align, 4); 889 ADD_ALL_TESTS(test_des_key_wrap, OSSL_NELEM(test_des_key_wrap_sizes)); 890 ADD_ALL_TESTS(test_des_weak_keys, OSSL_NELEM(weak_keys)); 891 ADD_ALL_TESTS(test_des_check_bad_parity, OSSL_NELEM(bad_parity_keys)); 892 ADD_TEST(test_des_two_key); 893 #endif 894 return 1; 895 } 896