mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 09:30:51 +02:00
fixes for F-3325:
wolfcrypt/src/aes.c: enforce AES-XTS K1!=K2 constraint in wc_AesXtsSetKeyNoInit() unless WC_AES_XTS_ALLOW_DUPLICATE_KEYS and !HAVE_FIPS: tests/api/test_aes.c: add negative tests to test_wc_AesXtsSetKey() for K1==K2; wolfcrypt/test/test.c: fix keys in aes_xts_128_inplace_test() and aes_xts_192_inplace_test() so that K1!=K2, update test vectors, and remove associated !HAVE_FIPS gating; linuxkm/lkcapi_aes_glue.c: synchronize aes_xts_128_test() test of ciphertext stealing in-place with wolfcrypt/test/test.c. wrapper/rust/wolfssl-wolfcrypt/src/aes.rs: synchronize XTS streaming test with wolfcrypt/test/test.c. linuxkm/: refactor self-test sensing with version-gated setup in linuxkm_wc_port.h and refactored gates in lkcapi_glue.c.
This commit is contained in:
@@ -80,6 +80,7 @@ CONFIG_CRYPTO_GCM
|
||||
CONFIG_CRYPTO_HMAC
|
||||
CONFIG_CRYPTO_MANAGER
|
||||
CONFIG_CRYPTO_RSA
|
||||
CONFIG_CRYPTO_SELFTESTS
|
||||
CONFIG_CRYPTO_SELFTESTS_FULL
|
||||
CONFIG_CRYPTO_SHA1
|
||||
CONFIG_CRYPTO_SHA256
|
||||
|
||||
@@ -371,6 +371,29 @@
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/ctype.h>
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 16, 0)
|
||||
#if defined(CONFIG_CRYPTO_MANAGER) && !defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
#define WC_LINUXKM_HAVE_SELFTEST
|
||||
#endif
|
||||
#if defined(WC_LINUXKM_HAVE_SELFTEST) && defined(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS)
|
||||
#define WC_LINUXKM_HAVE_SELFTEST_FULL
|
||||
#endif
|
||||
#else
|
||||
/* see Linux 698de822780f */
|
||||
#if defined(CONFIG_CRYPTO_MANAGER) && defined(CONFIG_CRYPTO_SELFTESTS)
|
||||
#define WC_LINUXKM_HAVE_SELFTEST
|
||||
#endif
|
||||
/* see Linux ac90aad0e9 */
|
||||
#if defined(WC_LINUXKM_HAVE_SELFTEST) && defined(CONFIG_CRYPTO_SELFTESTS_FULL)
|
||||
#define WC_LINUXKM_HAVE_SELFTEST_FULL
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Kernel non-FIPS self-test ("testmgr") has a KAT with all-zeros keys. */
|
||||
#if defined(WC_LINUXKM_HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
#define WC_AES_XTS_ALLOW_DUPLICATE_KEYS
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_FORTIFY_SOURCE) || defined(DEBUG_LINUXKM_FORTIFY_OVERLAY)
|
||||
#ifdef WC_CONTAINERIZE_THIS
|
||||
/* the inline definitions in fortify-string.h use non-inline
|
||||
|
||||
@@ -3832,12 +3832,11 @@ static int aes_xts_128_test(void)
|
||||
0xff, 0x8d, 0xbc, 0x1d, 0x9f, 0x7f, 0xc8, 0x22
|
||||
};
|
||||
|
||||
#ifndef HAVE_FIPS /* FIPS requires different keys for main and tweak. */
|
||||
static const unsigned char k3[] = {
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x21,
|
||||
};
|
||||
static const unsigned char i3[] = {
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
@@ -3851,13 +3850,12 @@ static int aes_xts_128_test(void)
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20
|
||||
};
|
||||
static const unsigned char c3[] = {
|
||||
0xA2, 0x07, 0x47, 0x76, 0x3F, 0xEC, 0x0C, 0x23,
|
||||
0x1B, 0xD0, 0xBD, 0x46, 0x9A, 0x27, 0x38, 0x12,
|
||||
0x95, 0x02, 0x3D, 0x5D, 0xC6, 0x94, 0x51, 0x36,
|
||||
0xA0, 0x85, 0xD2, 0x69, 0x6E, 0x87, 0x0A, 0xBF,
|
||||
0xB5, 0x5A, 0xDD, 0xCB, 0x80, 0xE0, 0xFC, 0xCD
|
||||
0x39, 0x06, 0xE7, 0xF3, 0x33, 0x0B, 0x1B, 0x1D,
|
||||
0x2B, 0x11, 0xB0, 0xB7, 0xAF, 0x43, 0xB1, 0x8F,
|
||||
0xE6, 0xBE, 0x79, 0x34, 0xBD, 0x31, 0x64, 0x3D,
|
||||
0xA1, 0x16, 0xB5, 0xF0, 0x9B, 0x1D, 0x41, 0xF2,
|
||||
0x3F, 0xED, 0x11, 0x37, 0xCB, 0x4D, 0xAD, 0xA4
|
||||
};
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
if ((aes = (XtsAes *)XMALLOC(sizeof(*aes), NULL, DYNAMIC_TYPE_AES))
|
||||
== NULL)
|
||||
@@ -4048,8 +4046,6 @@ static int aes_xts_128_test(void)
|
||||
goto out;
|
||||
}
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
|
||||
/* Test ciphertext stealing in-place. */
|
||||
XMEMCPY(buf, p3, sizeof(p3));
|
||||
ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
|
||||
@@ -4075,8 +4071,6 @@ static int aes_xts_128_test(void)
|
||||
goto out;
|
||||
}
|
||||
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
{
|
||||
#define LARGE_XTS_SZ 1024
|
||||
int i;
|
||||
|
||||
+11
-22
@@ -31,8 +31,7 @@
|
||||
#error LINUXKM_LKCAPI_REGISTER is supported only on Linux kernel versions >= 5.4.0.
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
#ifdef WC_LINUXKM_HAVE_SELFTEST
|
||||
/* kernel crypto self-test includes test setups that have different expected
|
||||
* results FIPS vs non-FIPS, and the required kernel exported symbol
|
||||
* "fips_enabled" is only available in CONFIG_CRYPTO_FIPS kernels (otherwise
|
||||
@@ -65,8 +64,7 @@
|
||||
#define WOLFSSL_LINUXKM_LKCAPI_PRIORITY 100000
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS) || \
|
||||
defined(CONFIG_CRYPTO_SELFTESTS_FULL)
|
||||
#ifdef WC_LINUXKM_HAVE_SELFTEST_FULL
|
||||
static int disable_setkey_warnings = 0;
|
||||
#else
|
||||
#define disable_setkey_warnings 0
|
||||
@@ -227,8 +225,7 @@ static wolfSSL_Atomic_Int linuxkm_lkcapi_registering_now = WOLFSSL_ATOMIC_INITIA
|
||||
static int linuxkm_lkcapi_register(void);
|
||||
static int linuxkm_lkcapi_unregister(void);
|
||||
|
||||
#if defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
#if defined(HAVE_FIPS) && defined(WC_LINUXKM_HAVE_SELFTEST)
|
||||
static int enabled_fips = 0;
|
||||
#endif
|
||||
|
||||
@@ -271,8 +268,7 @@ static ssize_t deinstall_algs_handler(struct kobject *kobj, struct kobj_attribut
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#if defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
#if defined(HAVE_FIPS) && defined(WC_LINUXKM_HAVE_SELFTEST)
|
||||
if (enabled_fips) {
|
||||
pr_info("wolfCrypt: restoring fips_enabled to off.\n");
|
||||
enabled_fips = fips_enabled = 0;
|
||||
@@ -343,8 +339,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
if (ret)
|
||||
goto out;
|
||||
|
||||
#if defined(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS) || \
|
||||
defined(CONFIG_CRYPTO_SELFTESTS_FULL)
|
||||
#ifdef WC_LINUXKM_HAVE_SELFTEST_FULL
|
||||
/* temporarily disable warnings around setkey failures, which are expected
|
||||
* from the crypto fuzzer in FIPS configs, and potentially in others.
|
||||
* unexpected setkey failures are fatal errors returned by the fuzzer.
|
||||
@@ -352,8 +347,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
disable_setkey_warnings = 1;
|
||||
#endif
|
||||
#if !defined(LINUXKM_DONT_FORCE_FIPS_ENABLED) && \
|
||||
defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
defined(HAVE_FIPS) && defined(WC_LINUXKM_HAVE_SELFTEST)
|
||||
if (! fips_enabled) {
|
||||
/* assert system-wide FIPS status, to disable FIPS-forbidden
|
||||
* test vectors and fuzzing from the CRYPTO_MANAGER.
|
||||
@@ -397,8 +391,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
#if defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
#if defined(HAVE_FIPS) && defined(WC_LINUXKM_HAVE_SELFTEST)
|
||||
/* Same as above, but allow for option to skip problematic algs that are
|
||||
* not consistently labeled fips_allowed in crypto/testmgr.c, and hence
|
||||
* may be rejected by the kernel at runtime if is_fips is true. */
|
||||
@@ -560,8 +553,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
#ifdef LINUXKM_LKCAPI_REGISTER_ECDSA
|
||||
#if (LINUX_VERSION_CODE < KERNEL_VERSION(6, 3, 0)) && \
|
||||
defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_FIPS) && \
|
||||
defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
defined(WC_LINUXKM_HAVE_SELFTEST)
|
||||
/*
|
||||
* ecdsa was not recognized as fips_allowed before linux v6.3
|
||||
* in kernel crypto/testmgr.c.
|
||||
@@ -601,8 +593,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
|
||||
#if (LINUX_VERSION_CODE < KERNEL_VERSION(6, 3, 0)) && \
|
||||
defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_FIPS) && \
|
||||
defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
defined(WC_LINUXKM_HAVE_SELFTEST)
|
||||
#endif
|
||||
|
||||
#endif /* LINUXKM_LKCAPI_REGISTER_ECDSA */
|
||||
@@ -624,8 +615,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
* enabled. Failures because of !fips_allowed are skipped over.
|
||||
*/
|
||||
#if defined(HAVE_FIPS) && defined(CONFIG_CRYPTO_FIPS) && \
|
||||
defined(CONFIG_CRYPTO_MANAGER) && \
|
||||
!defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
|
||||
defined(WC_LINUXKM_HAVE_SELFTEST)
|
||||
#if defined(LINUXKM_ECC192)
|
||||
REGISTER_ALG_OPTIONAL(ecdh_nist_p192, kpp, linuxkm_test_ecdh_nist_p192);
|
||||
#endif /* LINUXKM_ECC192 */
|
||||
@@ -724,8 +714,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
#undef REGISTER_ALG
|
||||
#undef REGISTER_ALG_OPTIONAL
|
||||
|
||||
#if defined(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS) || \
|
||||
defined(CONFIG_CRYPTO_SELFTESTS_FULL)
|
||||
#ifdef WC_LINUXKM_HAVE_SELFTEST_FULL
|
||||
disable_setkey_warnings = 0;
|
||||
#endif
|
||||
|
||||
|
||||
@@ -5132,6 +5132,9 @@ int test_wc_AesXtsSetKey(void)
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
|
||||
};
|
||||
#if defined(HAVE_FIPS) || !defined(WC_AES_XTS_ALLOW_DUPLICATE_KEYS)
|
||||
static const byte dupKey32[AES_256_KEY_SIZE * 2] = { 0 };
|
||||
#endif
|
||||
byte* key;
|
||||
word32 keyLen;
|
||||
|
||||
@@ -5177,6 +5180,22 @@ int test_wc_AesXtsSetKey(void)
|
||||
AES_ENCRYPTION, NULL, INVALID_DEVID), WC_NO_ERR_TRACE(WC_KEY_SIZE_E));
|
||||
ExpectIntEQ(wc_AesXtsSetKey(&aes, key, keyLen, -2, NULL, INVALID_DEVID),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
|
||||
#if defined(HAVE_FIPS) || !defined(WC_AES_XTS_ALLOW_DUPLICATE_KEYS)
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ExpectIntEQ(wc_AesXtsSetKey(&aes, dupKey32, AES_128_KEY_SIZE * 2,
|
||||
AES_ENCRYPTION, NULL, INVALID_DEVID), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
#endif
|
||||
#if defined(WOLFSSL_AES_192) && !defined(HAVE_FIPS)
|
||||
ExpectIntEQ(wc_AesXtsSetKey(&aes, dupKey32, AES_192_KEY_SIZE * 2,
|
||||
AES_ENCRYPTION, NULL, INVALID_DEVID), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
ExpectIntEQ(wc_AesXtsSetKey(&aes, dupKey32, AES_256_KEY_SIZE * 2,
|
||||
AES_ENCRYPTION, NULL, INVALID_DEVID), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
#endif
|
||||
#endif /* HAVE_FIPS || !WC_AES_XTS_ALLOW_DUPLICATE_KEYS */
|
||||
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
} /* END test_wc_AesXtsSetKey */
|
||||
|
||||
+2
-2
@@ -15517,9 +15517,9 @@ int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key, word32 len, int dir)
|
||||
|
||||
keySz = len/2;
|
||||
|
||||
#ifdef HAVE_FIPS
|
||||
#if defined(HAVE_FIPS) || !defined(WC_AES_XTS_ALLOW_DUPLICATE_KEYS)
|
||||
if (XMEMCMP(key, key + keySz, keySz) == 0) {
|
||||
WOLFSSL_MSG("FIPS AES-XTS main and tweak keys must differ");
|
||||
WOLFSSL_MSG("AES-XTS main and tweak keys must differ");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
#endif
|
||||
|
||||
+12
-18
@@ -16604,7 +16604,6 @@ static wc_test_ret_t aes_xts_partial_test_common(XtsAes *aes,
|
||||
* structurally identical and only differ in the key constants and expected
|
||||
* ciphertext.
|
||||
*/
|
||||
#ifndef HAVE_FIPS
|
||||
static wc_test_ret_t aes_xts_inplace_test_common(XtsAes *aes,
|
||||
const unsigned char *k3, word32 k3Sz,
|
||||
const unsigned char *i3, word32 i3Sz,
|
||||
@@ -16707,7 +16706,6 @@ static wc_test_ret_t aes_xts_inplace_test_common(XtsAes *aes,
|
||||
out:
|
||||
return ret;
|
||||
}
|
||||
#endif /* !HAVE_FIPS */
|
||||
|
||||
/* test vectors from http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html */
|
||||
#ifdef WOLFSSL_AES_128
|
||||
@@ -16933,14 +16931,13 @@ static wc_test_ret_t aes_xts_128_partial_test(XtsAes *aes)
|
||||
p2, sizeof(p2), c2, sizeof(c2));
|
||||
}
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
static wc_test_ret_t aes_xts_128_inplace_test(XtsAes *aes)
|
||||
{
|
||||
WOLFSSL_SMALL_STACK_STATIC const unsigned char k3[] = {
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x21
|
||||
};
|
||||
WOLFSSL_SMALL_STACK_STATIC const unsigned char i3[] = {
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
@@ -16954,17 +16951,16 @@ static wc_test_ret_t aes_xts_128_inplace_test(XtsAes *aes)
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20
|
||||
};
|
||||
WOLFSSL_SMALL_STACK_STATIC const unsigned char c3[] = {
|
||||
0xA2, 0x07, 0x47, 0x76, 0x3F, 0xEC, 0x0C, 0x23,
|
||||
0x1B, 0xD0, 0xBD, 0x46, 0x9A, 0x27, 0x38, 0x12,
|
||||
0x95, 0x02, 0x3D, 0x5D, 0xC6, 0x94, 0x51, 0x36,
|
||||
0xA0, 0x85, 0xD2, 0x69, 0x6E, 0x87, 0x0A, 0xBF,
|
||||
0xB5, 0x5A, 0xDD, 0xCB, 0x80, 0xE0, 0xFC, 0xCD
|
||||
0x39, 0x06, 0xE7, 0xF3, 0x33, 0x0B, 0x1B, 0x1D,
|
||||
0x2B, 0x11, 0xB0, 0xB7, 0xAF, 0x43, 0xB1, 0x8F,
|
||||
0xE6, 0xBE, 0x79, 0x34, 0xBD, 0x31, 0x64, 0x3D,
|
||||
0xA1, 0x16, 0xB5, 0xF0, 0x9B, 0x1D, 0x41, 0xF2,
|
||||
0x3F, 0xED, 0x11, 0x37, 0xCB, 0x4D, 0xAD, 0xA4
|
||||
};
|
||||
return aes_xts_inplace_test_common(aes,
|
||||
k3, sizeof(k3), i3, sizeof(i3),
|
||||
p3, sizeof(p3), c3, sizeof(c3));
|
||||
}
|
||||
#endif /* !HAVE_FIPS */
|
||||
|
||||
#if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM) && \
|
||||
!defined(WOLFSSL_AFALG)
|
||||
@@ -17047,11 +17043,9 @@ static wc_test_ret_t aes_xts_128_test(void)
|
||||
if (ret != 0)
|
||||
ERROR_OUT(ret, out);
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
ret = aes_xts_128_inplace_test(aes);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(ret, out);
|
||||
#endif /* !HAVE_FIPS */
|
||||
|
||||
#if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM) && \
|
||||
!defined(WOLFSSL_AFALG)
|
||||
@@ -17313,7 +17307,7 @@ static wc_test_ret_t aes_xts_192_inplace_test(XtsAes *aes)
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x21
|
||||
};
|
||||
WOLFSSL_SMALL_STACK_STATIC const unsigned char i3[] = {
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
@@ -17327,11 +17321,11 @@ static wc_test_ret_t aes_xts_192_inplace_test(XtsAes *aes)
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20
|
||||
};
|
||||
WOLFSSL_SMALL_STACK_STATIC const unsigned char c3[] = {
|
||||
0xa4, 0xf2, 0x71, 0x5d, 0x80, 0x60, 0x68, 0xa0,
|
||||
0x80, 0x61, 0xd7, 0xc1, 0x55, 0xc8, 0x3a, 0x2e,
|
||||
0xd7, 0xf4, 0x62, 0xaf, 0xbd, 0x2d, 0xf9, 0x5f,
|
||||
0xe8, 0xc5, 0x99, 0x3d, 0x58, 0x3c, 0xeb, 0xba,
|
||||
0x86, 0xea, 0x2c, 0x7e, 0x1f, 0xba, 0x81, 0xde
|
||||
0x72, 0x7A, 0xBC, 0x25, 0x37, 0x20, 0x65, 0x1E,
|
||||
0xF8, 0x45, 0xB0, 0x16, 0xE7, 0xEE, 0xDA, 0x36,
|
||||
0xAB, 0x4F, 0xF4, 0xDB, 0x3C, 0xFB, 0x75, 0x19,
|
||||
0xA3, 0x01, 0x74, 0x28, 0xD5, 0x92, 0x09, 0x7A,
|
||||
0xDB, 0x0D, 0x96, 0x9F, 0xB7, 0xA2, 0xB7, 0x57
|
||||
};
|
||||
return aes_xts_inplace_test_common(aes,
|
||||
k3, sizeof(k3), i3, sizeof(i3),
|
||||
|
||||
@@ -2725,7 +2725,7 @@ impl Drop for XTS {
|
||||
/// 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
/// 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
/// 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
/// 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
/// 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x21,
|
||||
/// ];
|
||||
/// let tweak: [u8; 16] = [
|
||||
/// 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
@@ -2739,11 +2739,11 @@ impl Drop for XTS {
|
||||
/// 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20
|
||||
/// ];
|
||||
/// let expected_cipher: [u8; 40] = [
|
||||
/// 0xA2, 0x07, 0x47, 0x76, 0x3F, 0xEC, 0x0C, 0x23,
|
||||
/// 0x1B, 0xD0, 0xBD, 0x46, 0x9A, 0x27, 0x38, 0x12,
|
||||
/// 0x95, 0x02, 0x3D, 0x5D, 0xC6, 0x94, 0x51, 0x36,
|
||||
/// 0xA0, 0x85, 0xD2, 0x69, 0x6E, 0x87, 0x0A, 0xBF,
|
||||
/// 0xB5, 0x5A, 0xDD, 0xCB, 0x80, 0xE0, 0xFC, 0xCD
|
||||
/// 0x39, 0x06, 0xE7, 0xF3, 0x33, 0x0B, 0x1B, 0x1D,
|
||||
/// 0x2B, 0x11, 0xB0, 0xB7, 0xAF, 0x43, 0xB1, 0x8F,
|
||||
/// 0xE6, 0xBE, 0x79, 0x34, 0xBD, 0x31, 0x64, 0x3D,
|
||||
/// 0xA1, 0x16, 0xB5, 0xF0, 0x9B, 0x1D, 0x41, 0xF2,
|
||||
/// 0x3F, 0xED, 0x11, 0x37, 0xCB, 0x4D, 0xAD, 0xA4
|
||||
/// ];
|
||||
///
|
||||
/// let mut xtsstream = XTSStream::new().expect("Failed to create XTSStream");
|
||||
|
||||
Reference in New Issue
Block a user