summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2021-11-05 17:05:28 +0100
committerNIIBE Yutaka <gniibe@fsij.org>2021-11-09 15:33:32 +0900
commitfb931073707ed521366f0e4a2e54b3935ce649a3 (patch)
treeb7ba0bac1596956ca05e175f3273ad6c3bffaa58 /tests
parentdf66bd94e6e3650216b0d179d79d4c296f173855 (diff)
downloadlibgcrypt-fb931073707ed521366f0e4a2e54b3935ce649a3.tar.gz
tests: Explicit FIPS checking for symmetric algorithms.
* tests/basic.c (FLAG_CFB8): New. (check_ecb_cipher): Introduce new flag and explicitly check for algorithm functionality in regards to FIPS. (check_ctr_cipher): Ditto. (check_cfb_cipher): Replace the cfb8 flag with generic flag and explicitly check for algorithm funcionality in regards to FIPS. (check_ofb_cipher): Introduce new flag and explicitly check for algorithm functionality in regards to FIPS. (_check_poly1305_cipher): Explicitly check functionality in regards to FIPS mode. (check_ccm_cipher): Introduce new flag and explicitly check for algorithm functionality in regards to FIPS. (check_gost28147_cipher_basic): Explicitly check functionality in regards to FIPS mode. (check_stream_cipher_large_block): Explicitly check functionality in regards to FIPS mode. -- GnuPG-bug-id: 5512 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'tests')
-rw-r--r--tests/basic.c369
1 files changed, 233 insertions, 136 deletions
diff --git a/tests/basic.c b/tests/basic.c
index 5fe76ed8..03bb246c 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -59,6 +59,7 @@ test_spec_pubkey_t;
#define FLAG_SIGN (1 << 1)
#define FLAG_GRIP (1 << 2)
#define FLAG_NOFIPS (1 << 3)
+#define FLAG_CFB8 (1 << 4)
static int in_fips_mode;
@@ -695,6 +696,7 @@ check_ecb_cipher (void)
int algo;
const char *key;
int is_weak_key;
+ int flags;
struct
{
const char *plaintext;
@@ -708,7 +710,7 @@ check_ecb_cipher (void)
{ GCRY_CIPHER_BLOWFISH,
"\xf0\xe1\xd2\xc3\xb4\xa5\x96\x87\x78\x69\x5a\x4b\x3c\x2d\x1e\x0f"
"\x00\x11\x22\x33\x44\x55\x66\x77\x88",
- 0,
+ 0, FLAG_NOFIPS,
{ { "\xfe\xdc\xba\x98\x76\x54\x32\x10",
1,
8,
@@ -818,7 +820,7 @@ check_ecb_cipher (void)
"\x00\x11\x22\x33\x44\x55\x66\x77\x04\x68\x91\x04\xc2\xfd\x3b\x2f"
"\x58\x40\x23\x64\x1a\xba\x61\x76\x1f\x1f\x1f\x1f\x0e\x0e\x0e\x0e"
"\xff\xff\xff\xff\xff\xff\xff\xff",
- 0,
+ 0, FLAG_NOFIPS,
{ { "\xfe\xdc\xba\x98\x76\x54\x32\x10",
56,
8,
@@ -829,7 +831,7 @@ check_ecb_cipher (void)
/* Weak-key testing */
{ GCRY_CIPHER_DES,
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- 1,
+ 1, FLAG_NOFIPS,
{ { "\x00\x00\x00\x00\x00\x00\x00\x00",
8,
8,
@@ -840,7 +842,7 @@ check_ecb_cipher (void)
/* Weak-key testing */
{ GCRY_CIPHER_DES,
"\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
- 2,
+ 2, FLAG_NOFIPS,
{ { "\x00\x00\x00\x00\x00\x00\x00\x00",
8,
8,
@@ -850,7 +852,7 @@ check_ecb_cipher (void)
},
{ GCRY_CIPHER_SM4,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10",
- 0,
+ 0, FLAG_NOFIPS,
{ { "\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xcc\xcc\xcc\xcc\xdd\xdd\xdd\xdd"
"\xee\xee\xee\xee\xff\xff\xff\xff\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb",
16,
@@ -862,7 +864,7 @@ check_ecb_cipher (void)
},
{ GCRY_CIPHER_SM4,
"\xfe\xdc\xba\x98\x76\x54\x32\x10\x01\x23\x45\x67\x89\xab\xcd\xef",
- 0,
+ 0, FLAG_NOFIPS,
{ { "\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xcc\xcc\xcc\xcc\xdd\xdd\xdd\xdd"
"\xee\xee\xee\xee\xff\xff\xff\xff\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb",
16,
@@ -886,13 +888,25 @@ check_ecb_cipher (void)
{
algo = tv[i].algo;
- if (gcry_cipher_test_algo (algo) && in_fips_mode)
- {
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- algo);
- continue;
- }
+ if (gcry_cipher_test_algo (algo))
+ {
+ if (in_fips_mode && (tv[0].flags & FLAG_NOFIPS))
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ algo);
+ }
+ else
+ fail ("algorithm %d, gcry_cipher_test_algo unexpectedly failed: %s\n",
+ algo, gpg_strerror (err));
+ continue;
+ }
+ else if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ fail ("algorithm %d, gcry_cipher_test_algo did not fail as expected\n",
+ algo);
+ continue;
+ }
if (verbose)
fprintf (stderr, " checking ECB mode for %s [%i]\n",
@@ -1028,6 +1042,7 @@ check_ctr_cipher (void)
static const struct tv
{
int algo;
+ int flags;
char key[MAX_DATA_LEN];
char ctr[MAX_DATA_LEN];
struct data
@@ -1039,7 +1054,7 @@ check_ctr_cipher (void)
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
@@ -1058,7 +1073,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES192,
+ { GCRY_CIPHER_AES192, 0,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
@@ -1077,7 +1092,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES256,
+ { GCRY_CIPHER_AES256, 0,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
@@ -1098,7 +1113,7 @@ check_ctr_cipher (void)
},
/* Some truncation tests. With a truncated second block and
also with a single truncated block. */
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
@@ -1110,7 +1125,7 @@ check_ctr_cipher (void)
{"", 0, "" }
}
},
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
@@ -1122,7 +1137,7 @@ check_ctr_cipher (void)
{"", 0, "" }
}
},
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17",
@@ -1131,7 +1146,7 @@ check_ctr_cipher (void)
{"", 0, "" }
}
},
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{{"\x6b",
@@ -1141,7 +1156,7 @@ check_ctr_cipher (void)
}
},
/* Tests to see whether it works correctly as a stream cipher. */
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
@@ -1160,7 +1175,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{{"\x6b",
@@ -1191,7 +1206,7 @@ check_ctr_cipher (void)
/* Tests for counter overflow across 32-bit, 64-bit, 96-bit and 128-bit
* boundaries. Large buffer sizes are used to allow these vectors to be
* passed down to bulk CTR functions. */
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfa",
{ { "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -1263,7 +1278,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
"\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xfa",
{ { "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -1335,7 +1350,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
"\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfa",
{ { "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -1407,7 +1422,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xfa",
{ { "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -1479,7 +1494,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES256,
+ { GCRY_CIPHER_AES256, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfa",
@@ -1552,7 +1567,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES256,
+ { GCRY_CIPHER_AES256, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xfa",
@@ -1625,7 +1640,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES256,
+ { GCRY_CIPHER_AES256, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfa",
@@ -1698,7 +1713,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_AES256,
+ { GCRY_CIPHER_AES256, 0,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xfa",
@@ -1772,7 +1787,7 @@ check_ctr_cipher (void)
}
},
#ifdef USE_CAMELLIA
- { GCRY_CIPHER_CAMELLIA256,
+ { GCRY_CIPHER_CAMELLIA256, FLAG_NOFIPS,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfa",
@@ -1845,7 +1860,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_CAMELLIA256,
+ { GCRY_CIPHER_CAMELLIA256, FLAG_NOFIPS,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xfa",
@@ -1918,7 +1933,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_CAMELLIA256,
+ { GCRY_CIPHER_CAMELLIA256, FLAG_NOFIPS,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfa",
@@ -1991,7 +2006,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_CAMELLIA256,
+ { GCRY_CIPHER_CAMELLIA256, FLAG_NOFIPS,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xfa",
@@ -2067,7 +2082,7 @@ check_ctr_cipher (void)
#endif /*USE_CAMELLIA*/
#if USE_CAST5
/* A selfmade test vector using an 64 bit block cipher. */
- { GCRY_CIPHER_CAST5,
+ { GCRY_CIPHER_CAST5, FLAG_NOFIPS,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8",
{{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
@@ -2086,7 +2101,7 @@ check_ctr_cipher (void)
}
},
#endif /*USE_CAST5*/
- { GCRY_CIPHER_SM4,
+ { GCRY_CIPHER_SM4, FLAG_NOFIPS,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xbb\xbb\xbb\xbb"
@@ -2102,7 +2117,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { GCRY_CIPHER_SM4,
+ { GCRY_CIPHER_SM4, FLAG_NOFIPS,
"\xfe\xdc\xba\x98\x76\x54\x32\x10\x01\x23\x45\x67\x89\xab\xcd\xef",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xbb\xbb\xbb\xbb"
@@ -2118,7 +2133,7 @@ check_ctr_cipher (void)
{ "", 0, "" }
}
},
- { 0,
+ { 0, 0,
"",
"",
{
@@ -2139,11 +2154,23 @@ check_ctr_cipher (void)
if (!tv[i].algo)
continue;
- if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (tv[i].algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- tv[i].algo);
+ if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ }
+ else
+ fail ("algo %d CTR, gcry_cipher_test_algo unexpectedly failed: %s\n",
+ tv[i].algo, gpg_strerror (err));
+ continue;
+ }
+ else if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ fail ("algo %d CTR, gcry_cipher_test_algo did not fail as expected\n",
+ tv[i].algo);
continue;
}
@@ -2313,7 +2340,7 @@ check_cfb_cipher (void)
static const struct tv
{
int algo;
- int cfb8;
+ int flags;
char key[MAX_DATA_LEN];
char iv[MAX_DATA_LEN];
struct data
@@ -2380,7 +2407,7 @@ check_cfb_cipher (void)
"\x75\xa3\x85\x74\x1a\xb9\xce\xf8\x20\x31\x62\x3d\x55\xb1\xe4\x71" }
}
},
- { GCRY_CIPHER_AES, 1,
+ { GCRY_CIPHER_AES, FLAG_CFB8,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b",
@@ -2397,7 +2424,7 @@ check_cfb_cipher (void)
"\x4c"},
}
},
- { GCRY_CIPHER_AES192, 1,
+ { GCRY_CIPHER_AES192, FLAG_CFB8,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
"\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
@@ -2415,7 +2442,7 @@ check_cfb_cipher (void)
"\x1e"},
}
},
- { GCRY_CIPHER_AES256, 1,
+ { GCRY_CIPHER_AES256, FLAG_CFB8,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
@@ -2433,7 +2460,7 @@ check_cfb_cipher (void)
"\x85"},
}
},
- { GCRY_CIPHER_AES, 1,
+ { GCRY_CIPHER_AES, FLAG_CFB8,
"\x3a\x6f\x91\x59\x26\x3f\xa6\xce\xf2\xa0\x75\xca\xfa\xce\x58\x17",
"\x0f\xc2\x36\x62\xb7\xdb\xf7\x38\x27\xf0\xc7\xde\x32\x1c\xa3\x6e",
{ { "\x87\xef\xeb\x8d\x55\x9e\xd3\x36\x77\x28",
@@ -2441,7 +2468,7 @@ check_cfb_cipher (void)
"\x8e\x9c\x50\x42\x56\x14\xd5\x40\xce\x11"},
}
},
- { GCRY_CIPHER_AES192, 1,
+ { GCRY_CIPHER_AES192, FLAG_CFB8,
"\x53\x7e\x7b\xf6\x61\xfd\x40\x24\xa0\x24\x61\x3f\x15\xb1\x36\x90"
"\xf7\xd0\xc8\x47\xc1\xe1\x89\x65",
"\x3a\x81\xf9\xd9\xd3\xc1\x55\xb0\xca\xad\x5d\x73\x34\x94\x76\xfc",
@@ -2450,7 +2477,7 @@ check_cfb_cipher (void)
"\x38\x79\xfe\xa7\x2a\xc9\x99\x29\xe5\x3a"},
}
},
- { GCRY_CIPHER_AES256, 1,
+ { GCRY_CIPHER_AES256, FLAG_CFB8,
"\xeb\xbb\x45\x66\xb5\xe1\x82\xe0\xf0\x72\x46\x6b\x0b\x31\x1d\xf3"
"\x8f\x91\x75\xbc\x02\x13\xa5\x53\x0b\xce\x2e\xc4\xd7\x4f\x40\x0d",
"\x09\x56\xa4\x8e\x01\x00\x2c\x9e\x16\x37\x6d\x6e\x30\x8d\xba\xd1",
@@ -2459,7 +2486,7 @@ check_cfb_cipher (void)
"\x63\x8c\x68\x23\xe7\x25\x6f\xb5\x62\x6e"},
}
},
- { GCRY_CIPHER_3DES, 1,
+ { GCRY_CIPHER_3DES, FLAG_CFB8,
"\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab"
"\xfb\xa1\x62\xa8\x1f\x19\x7c\x15",
"\xb7\x40\xcc\x21\xe9\x25\xe3\xc8",
@@ -2468,7 +2495,7 @@ check_cfb_cipher (void)
"\xf4\x80\x1a\x8d\x03\x9d\xb4\xca\x8f\xf6"},
}
},
- { GCRY_CIPHER_3DES, 1,
+ { GCRY_CIPHER_3DES, FLAG_CFB8,
"\x7c\xa2\x89\x38\xba\x6b\xec\x1f\xfe\xc7\x8f\x7c\xd6\x97\x61\x94"
"\x7c\xa2\x89\x38\xba\x6b\xec\x1f",
"\x95\x38\x96\x58\x6e\x49\xd3\x8f",
@@ -2478,7 +2505,7 @@ check_cfb_cipher (void)
}
},
#ifdef USE_GOST28147
- { GCRY_CIPHER_GOST28147_MESH, 0,
+ { GCRY_CIPHER_GOST28147_MESH, FLAG_NOFIPS,
"\x48\x0c\x74\x1b\x02\x6b\x55\xd5\xb6\x6d\xd7\x1d\x40\x48\x05\x6b"
"\x6d\xeb\x3c\x29\x0f\x84\x80\x23\xee\x0d\x47\x77\xe3\xfe\x61\xc9",
"\x1f\x3f\x82\x1e\x0d\xd8\x1e\x22",
@@ -2618,7 +2645,7 @@ check_cfb_cipher (void)
"1.2.643.2.2.31.2"
},
#endif
- { GCRY_CIPHER_SM4, 0,
+ { GCRY_CIPHER_SM4, FLAG_NOFIPS,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xcc\xcc\xcc\xcc\xdd\xdd\xdd\xdd"
@@ -2628,7 +2655,7 @@ check_cfb_cipher (void)
"\x69\xd4\xc5\x4e\xd4\x33\xb9\xa0\x34\x60\x09\xbe\xb3\x7b\x2b\x3f" },
}
},
- { GCRY_CIPHER_SM4, 0,
+ { GCRY_CIPHER_SM4, FLAG_NOFIPS,
"\xfe\xdc\xba\x98\x76\x54\x32\x10\x01\x23\x45\x67\x89\xab\xcd\xef",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xcc\xcc\xcc\xcc\xdd\xdd\xdd\xdd"
@@ -2649,15 +2676,27 @@ check_cfb_cipher (void)
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
- if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (tv[i].algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- tv[i].algo);
+ if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ }
+ else
+ fail ("algo %d CFB, gcry_cipher_test_algo unexpectedly failed: %s\n",
+ tv[i].algo, gpg_strerror (err));
+ continue;
+ }
+ else if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ fail ("algo %d CFB, gcry_cipher_test_algo did not fail as expected\n",
+ tv[i].algo);
continue;
}
- mode = tv[i].cfb8? GCRY_CIPHER_MODE_CFB8 : GCRY_CIPHER_MODE_CFB;
+ mode = (tv[i].flags & FLAG_CFB8) ? GCRY_CIPHER_MODE_CFB8 : GCRY_CIPHER_MODE_CFB;
if (verbose)
fprintf (stderr, " checking CFB mode for %s [%i]\n",
@@ -2768,6 +2807,7 @@ check_ofb_cipher (void)
static const struct tv
{
int algo;
+ int flags;
char key[MAX_DATA_LEN];
char iv[MAX_DATA_LEN];
struct data
@@ -2780,7 +2820,7 @@ check_ofb_cipher (void)
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
- { GCRY_CIPHER_AES,
+ { GCRY_CIPHER_AES, 0,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
@@ -2797,7 +2837,7 @@ check_ofb_cipher (void)
"\x30\x4c\x65\x28\xf6\x59\xc7\x78\x66\xa5\x10\xd9\xc1\xd6\xae\x5e" },
}
},
- { GCRY_CIPHER_AES192,
+ { GCRY_CIPHER_AES192, 0,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
@@ -2815,7 +2855,7 @@ check_ofb_cipher (void)
"\x6d\x9f\x20\x08\x57\xca\x6c\x3e\x9c\xac\x52\x4b\xd9\xac\xc9\x2a" },
}
},
- { GCRY_CIPHER_AES256,
+ { GCRY_CIPHER_AES256, 0,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
@@ -2833,7 +2873,7 @@ check_ofb_cipher (void)
"\x01\x26\x14\x1d\x67\xf3\x7b\xe8\x53\x8f\x5a\x8b\xe7\x40\xe4\x84" }
}
},
- { GCRY_CIPHER_SM4,
+ { GCRY_CIPHER_SM4, FLAG_NOFIPS,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xcc\xcc\xcc\xcc\xdd\xdd\xdd\xdd"
@@ -2843,7 +2883,7 @@ check_ofb_cipher (void)
"\x1d\x01\xac\xa2\x48\x7c\xa5\x82\xcb\xf5\x46\x3e\x66\x98\x53\x9b" },
}
},
- { GCRY_CIPHER_SM4,
+ { GCRY_CIPHER_SM4, FLAG_NOFIPS,
"\xfe\xdc\xba\x98\x76\x54\x32\x10\x01\x23\x45\x67\x89\xab\xcd\xef",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xcc\xcc\xcc\xcc\xdd\xdd\xdd\xdd"
@@ -2864,11 +2904,23 @@ check_ofb_cipher (void)
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
- if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (tv[i].algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- tv[i].algo);
+ if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ }
+ else
+ fail ("algo %d OFB, gcry_cipher_test_algo unexpectedly failed: %s\n",
+ tv[i].algo, gpg_strerror (err));
+ continue;
+ }
+ else if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ fail ("algo %d OFB, gcry_cipher_test_algo did not fail as expected\n",
+ tv[i].algo);
continue;
}
@@ -6499,11 +6551,19 @@ _check_poly1305_cipher (unsigned int step)
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
- if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (tv[i].algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- tv[i].algo);
+ if (in_fips_mode)
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ }
+ continue;
+ }
+ else if (in_fips_mode)
+ {
+ fail ("poly1305, gcry_cipher_test_algo worked in fips mode\n");
continue;
}
@@ -6788,6 +6848,7 @@ check_ccm_cipher (void)
static const struct tv
{
int algo;
+ int flags;
int keylen;
const char *key;
int noncelen;
@@ -6801,7 +6862,7 @@ check_ccm_cipher (void)
} tv[] =
{
/* RFC 3610 */
- { GCRY_CIPHER_AES, /* Packet Vector #1 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #1 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x03\x02\x01\x00\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -6809,7 +6870,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
31,
"\x58\x8C\x97\x9A\x61\xC6\x63\xD2\xF0\x66\xD0\xC2\xC0\xF9\x89\x80\x6D\x5F\x6B\x61\xDA\xC3\x84\x17\xE8\xD1\x2C\xFD\xF9\x26\xE0"},
- { GCRY_CIPHER_AES, /* Packet Vector #2 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #2 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x04\x03\x02\x01\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -6817,7 +6878,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
32,
"\x72\xC9\x1A\x36\xE1\x35\xF8\xCF\x29\x1C\xA8\x94\x08\x5C\x87\xE3\xCC\x15\xC4\x39\xC9\xE4\x3A\x3B\xA0\x91\xD5\x6E\x10\x40\x09\x16"},
- { GCRY_CIPHER_AES, /* Packet Vector #3 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #3 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x05\x04\x03\x02\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -6825,7 +6886,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
33,
"\x51\xB1\xE5\xF4\x4A\x19\x7D\x1D\xA4\x6B\x0F\x8E\x2D\x28\x2A\xE8\x71\xE8\x38\xBB\x64\xDA\x85\x96\x57\x4A\xDA\xA7\x6F\xBD\x9F\xB0\xC5"},
- { GCRY_CIPHER_AES, /* Packet Vector #4 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #4 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x06\x05\x04\x03\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -6833,7 +6894,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
27,
"\xA2\x8C\x68\x65\x93\x9A\x9A\x79\xFA\xAA\x5C\x4C\x2A\x9D\x4A\x91\xCD\xAC\x8C\x96\xC8\x61\xB9\xC9\xE6\x1E\xF1"},
- { GCRY_CIPHER_AES, /* Packet Vector #5 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #5 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x07\x06\x05\x04\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -6841,7 +6902,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
28,
"\xDC\xF1\xFB\x7B\x5D\x9E\x23\xFB\x9D\x4E\x13\x12\x53\x65\x8A\xD8\x6E\xBD\xCA\x3E\x51\xE8\x3F\x07\x7D\x9C\x2D\x93"},
- { GCRY_CIPHER_AES, /* Packet Vector #6 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #6 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x08\x07\x06\x05\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -6849,7 +6910,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
29,
"\x6F\xC1\xB0\x11\xF0\x06\x56\x8B\x51\x71\xA4\x2D\x95\x3D\x46\x9B\x25\x70\xA4\xBD\x87\x40\x5A\x04\x43\xAC\x91\xCB\x94"},
- { GCRY_CIPHER_AES, /* Packet Vector #7 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #7 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x09\x08\x07\x06\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -6857,7 +6918,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
33,
"\x01\x35\xD1\xB2\xC9\x5F\x41\xD5\xD1\xD4\xFE\xC1\x85\xD1\x66\xB8\x09\x4E\x99\x9D\xFE\xD9\x6C\x04\x8C\x56\x60\x2C\x97\xAC\xBB\x74\x90"},
- { GCRY_CIPHER_AES, /* Packet Vector #8 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #8 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0A\x09\x08\x07\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -6865,7 +6926,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
34,
"\x7B\x75\x39\x9A\xC0\x83\x1D\xD2\xF0\xBB\xD7\x58\x79\xA2\xFD\x8F\x6C\xAE\x6B\x6C\xD9\xB7\xDB\x24\xC1\x7B\x44\x33\xF4\x34\x96\x3F\x34\xB4"},
- { GCRY_CIPHER_AES, /* Packet Vector #9 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #9 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0B\x0A\x09\x08\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -6873,7 +6934,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
35,
"\x82\x53\x1A\x60\xCC\x24\x94\x5A\x4B\x82\x79\x18\x1A\xB5\xC8\x4D\xF2\x1C\xE7\xF9\xB7\x3F\x42\xE1\x97\xEA\x9C\x07\xE5\x6B\x5E\xB1\x7E\x5F\x4E"},
- { GCRY_CIPHER_AES, /* Packet Vector #10 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #10 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0C\x0B\x0A\x09\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -6881,7 +6942,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
29,
"\x07\x34\x25\x94\x15\x77\x85\x15\x2B\x07\x40\x98\x33\x0A\xBB\x14\x1B\x94\x7B\x56\x6A\xA9\x40\x6B\x4D\x99\x99\x88\xDD"},
- { GCRY_CIPHER_AES, /* Packet Vector #11 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #11 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0D\x0C\x0B\x0A\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -6889,7 +6950,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
30,
"\x67\x6B\xB2\x03\x80\xB0\xE3\x01\xE8\xAB\x79\x59\x0A\x39\x6D\xA7\x8B\x83\x49\x34\xF5\x3A\xA2\xE9\x10\x7A\x8B\x6C\x02\x2C"},
- { GCRY_CIPHER_AES, /* Packet Vector #12 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #12 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0E\x0D\x0C\x0B\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -6897,7 +6958,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
31,
"\xC0\xFF\xA0\xD6\xF0\x5B\xDB\x67\xF2\x4D\x43\xA4\x33\x8D\x2A\xA4\xBE\xD7\xB2\x0E\x43\xCD\x1A\xA3\x16\x62\xE7\xAD\x65\xD6\xDB"},
- { GCRY_CIPHER_AES, /* Packet Vector #13 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #13 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x41\x2B\x4E\xA9\xCD\xBE\x3C\x96\x96\x76\x6C\xFA",
8, "\x0B\xE1\xA8\x8B\xAC\xE0\x18\xB1",
@@ -6905,7 +6966,7 @@ check_ccm_cipher (void)
"\x08\xE8\xCF\x97\xD8\x20\xEA\x25\x84\x60\xE9\x6A\xD9\xCF\x52\x89\x05\x4D\x89\x5C\xEA\xC4\x7C",
31,
"\x4C\xB9\x7F\x86\xA2\xA4\x68\x9A\x87\x79\x47\xAB\x80\x91\xEF\x53\x86\xA6\xFF\xBD\xD0\x80\xF8\xE7\x8C\xF7\xCB\x0C\xDD\xD7\xB3"},
- { GCRY_CIPHER_AES, /* Packet Vector #14 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #14 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x33\x56\x8E\xF7\xB2\x63\x3C\x96\x96\x76\x6C\xFA",
8, "\x63\x01\x8F\x76\xDC\x8A\x1B\xCB",
@@ -6913,7 +6974,7 @@ check_ccm_cipher (void)
"\x90\x20\xEA\x6F\x91\xBD\xD8\x5A\xFA\x00\x39\xBA\x4B\xAF\xF9\xBF\xB7\x9C\x70\x28\x94\x9C\xD0\xEC",
32,
"\x4C\xCB\x1E\x7C\xA9\x81\xBE\xFA\xA0\x72\x6C\x55\xD3\x78\x06\x12\x98\xC8\x5C\x92\x81\x4A\xBC\x33\xC5\x2E\xE8\x1D\x7D\x77\xC0\x8A"},
- { GCRY_CIPHER_AES, /* Packet Vector #15 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #15 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x10\x3F\xE4\x13\x36\x71\x3C\x96\x96\x76\x6C\xFA",
8, "\xAA\x6C\xFA\x36\xCA\xE8\x6B\x40",
@@ -6921,7 +6982,7 @@ check_ccm_cipher (void)
"\xB9\x16\xE0\xEA\xCC\x1C\x00\xD7\xDC\xEC\x68\xEC\x0B\x3B\xBB\x1A\x02\xDE\x8A\x2D\x1A\xA3\x46\x13\x2E",
33,
"\xB1\xD2\x3A\x22\x20\xDD\xC0\xAC\x90\x0D\x9A\xA0\x3C\x61\xFC\xF4\xA5\x59\xA4\x41\x77\x67\x08\x97\x08\xA7\x76\x79\x6E\xDB\x72\x35\x06"},
- { GCRY_CIPHER_AES, /* Packet Vector #16 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #16 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x76\x4C\x63\xB8\x05\x8E\x3C\x96\x96\x76\x6C\xFA",
12, "\xD0\xD0\x73\x5C\x53\x1E\x1B\xEC\xF0\x49\xC2\x44",
@@ -6929,7 +6990,7 @@ check_ccm_cipher (void)
"\x12\xDA\xAC\x56\x30\xEF\xA5\x39\x6F\x77\x0C\xE1\xA6\x6B\x21\xF7\xB2\x10\x1C",
27,
"\x14\xD2\x53\xC3\x96\x7B\x70\x60\x9B\x7C\xBB\x7C\x49\x91\x60\x28\x32\x45\x26\x9A\x6F\x49\x97\x5B\xCA\xDE\xAF"},
- { GCRY_CIPHER_AES, /* Packet Vector #17 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #17 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\xF8\xB6\x78\x09\x4E\x3B\x3C\x96\x96\x76\x6C\xFA",
12, "\x77\xB6\x0F\x01\x1C\x03\xE1\x52\x58\x99\xBC\xAE",
@@ -6937,7 +6998,7 @@ check_ccm_cipher (void)
"\xE8\x8B\x6A\x46\xC7\x8D\x63\xE5\x2E\xB8\xC5\x46\xEF\xB5\xDE\x6F\x75\xE9\xCC\x0D",
28,
"\x55\x45\xFF\x1A\x08\x5E\xE2\xEF\xBF\x52\xB2\xE0\x4B\xEE\x1E\x23\x36\xC7\x3E\x3F\x76\x2C\x0C\x77\x44\xFE\x7E\x3C"},
- { GCRY_CIPHER_AES, /* Packet Vector #18 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #18 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\xD5\x60\x91\x2D\x3F\x70\x3C\x96\x96\x76\x6C\xFA",
12, "\xCD\x90\x44\xD2\xB7\x1F\xDB\x81\x20\xEA\x60\xC0",
@@ -6945,7 +7006,7 @@ check_ccm_cipher (void)
"\x64\x35\xAC\xBA\xFB\x11\xA8\x2E\x2F\x07\x1D\x7C\xA4\xA5\xEB\xD9\x3A\x80\x3B\xA8\x7F",
29,
"\x00\x97\x69\xEC\xAB\xDF\x48\x62\x55\x94\xC5\x92\x51\xE6\x03\x57\x22\x67\x5E\x04\xC8\x47\x09\x9E\x5A\xE0\x70\x45\x51"},
- { GCRY_CIPHER_AES, /* Packet Vector #19 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #19 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x42\xFF\xF8\xF1\x95\x1C\x3C\x96\x96\x76\x6C\xFA",
8, "\xD8\x5B\xC7\xE6\x9F\x94\x4F\xB8",
@@ -6953,7 +7014,7 @@ check_ccm_cipher (void)
"\x8A\x19\xB9\x50\xBC\xF7\x1A\x01\x8E\x5E\x67\x01\xC9\x17\x87\x65\x98\x09\xD6\x7D\xBE\xDD\x18",
33,
"\xBC\x21\x8D\xAA\x94\x74\x27\xB6\xDB\x38\x6A\x99\xAC\x1A\xEF\x23\xAD\xE0\xB5\x29\x39\xCB\x6A\x63\x7C\xF9\xBE\xC2\x40\x88\x97\xC6\xBA"},
- { GCRY_CIPHER_AES, /* Packet Vector #20 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #20 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x92\x0F\x40\xE5\x6C\xDC\x3C\x96\x96\x76\x6C\xFA",
8, "\x74\xA0\xEB\xC9\x06\x9F\x5B\x37",
@@ -6961,7 +7022,7 @@ check_ccm_cipher (void)
"\x17\x61\x43\x3C\x37\xC5\xA3\x5F\xC1\xF3\x9F\x40\x63\x02\xEB\x90\x7C\x61\x63\xBE\x38\xC9\x84\x37",
34,
"\x58\x10\xE6\xFD\x25\x87\x40\x22\xE8\x03\x61\xA4\x78\xE3\xE9\xCF\x48\x4A\xB0\x4F\x44\x7E\xFF\xF6\xF0\xA4\x77\xCC\x2F\xC9\xBF\x54\x89\x44"},
- { GCRY_CIPHER_AES, /* Packet Vector #21 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #21 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x27\xCA\x0C\x71\x20\xBC\x3C\x96\x96\x76\x6C\xFA",
8, "\x44\xA3\xAA\x3A\xAE\x64\x75\xCA",
@@ -6969,7 +7030,7 @@ check_ccm_cipher (void)
"\xA4\x34\xA8\xE5\x85\x00\xC6\xE4\x15\x30\x53\x88\x62\xD6\x86\xEA\x9E\x81\x30\x1B\x5A\xE4\x22\x6B\xFA",
35,
"\xF2\xBE\xED\x7B\xC5\x09\x8E\x83\xFE\xB5\xB3\x16\x08\xF8\xE2\x9C\x38\x81\x9A\x89\xC8\xE7\x76\xF1\x54\x4D\x41\x51\xA4\xED\x3A\x8B\x87\xB9\xCE"},
- { GCRY_CIPHER_AES, /* Packet Vector #22 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #22 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x5B\x8C\xCB\xCD\x9A\xF8\x3C\x96\x96\x76\x6C\xFA",
12, "\xEC\x46\xBB\x63\xB0\x25\x20\xC3\x3C\x49\xFD\x70",
@@ -6977,7 +7038,7 @@ check_ccm_cipher (void)
"\xB9\x6B\x49\xE2\x1D\x62\x17\x41\x63\x28\x75\xDB\x7F\x6C\x92\x43\xD2\xD7\xC2",
29,
"\x31\xD7\x50\xA0\x9D\xA3\xED\x7F\xDD\xD4\x9A\x20\x32\xAA\xBF\x17\xEC\x8E\xBF\x7D\x22\xC8\x08\x8C\x66\x6B\xE5\xC1\x97"},
- { GCRY_CIPHER_AES, /* Packet Vector #23 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #23 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x3E\xBE\x94\x04\x4B\x9A\x3C\x96\x96\x76\x6C\xFA",
12, "\x47\xA6\x5A\xC7\x8B\x3D\x59\x42\x27\xE8\x5E\x71",
@@ -6985,7 +7046,7 @@ check_ccm_cipher (void)
"\xE2\xFC\xFB\xB8\x80\x44\x2C\x73\x1B\xF9\x51\x67\xC8\xFF\xD7\x89\x5E\x33\x70\x76",
30,
"\xE8\x82\xF1\xDB\xD3\x8C\xE3\xED\xA7\xC2\x3F\x04\xDD\x65\x07\x1E\xB4\x13\x42\xAC\xDF\x7E\x00\xDC\xCE\xC7\xAE\x52\x98\x7D"},
- { GCRY_CIPHER_AES, /* Packet Vector #24 */
+ { GCRY_CIPHER_AES, 0, /* Packet Vector #24 */
16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
13, "\x00\x8D\x49\x3B\x30\xAE\x8B\x3C\x96\x96\x76\x6C\xFA",
12, "\x6E\x37\xA6\xEF\x54\x6D\x95\x5D\x34\xAB\x60\x59",
@@ -6994,7 +7055,7 @@ check_ccm_cipher (void)
31,
"\xF3\x29\x05\xB8\x8A\x64\x1B\x04\xB9\xC9\xFF\xB5\x8C\xC3\x90\x90\x0F\x3D\xA1\x2A\xB1\x6D\xCE\x9E\x82\xEF\xA1\x6D\xA6\x20\x59"},
/* RFC 5528 */
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #1 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #1 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x03\x02\x01\x00\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -7002,7 +7063,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
31,
"\xBA\x73\x71\x85\xE7\x19\x31\x04\x92\xF3\x8A\x5F\x12\x51\xDA\x55\xFA\xFB\xC9\x49\x84\x8A\x0D\xFC\xAE\xCE\x74\x6B\x3D\xB9\xAD"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #2 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #2 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x04\x03\x02\x01\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -7010,7 +7071,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
32,
"\x5D\x25\x64\xBF\x8E\xAF\xE1\xD9\x95\x26\xEC\x01\x6D\x1B\xF0\x42\x4C\xFB\xD2\xCD\x62\x84\x8F\x33\x60\xB2\x29\x5D\xF2\x42\x83\xE8"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #3 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #3 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x05\x04\x03\x02\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -7018,7 +7079,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
33,
"\x81\xF6\x63\xD6\xC7\x78\x78\x17\xF9\x20\x36\x08\xB9\x82\xAD\x15\xDC\x2B\xBD\x87\xD7\x56\xF7\x92\x04\xF5\x51\xD6\x68\x2F\x23\xAA\x46"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #4 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #4 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x06\x05\x04\x03\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -7026,7 +7087,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
27,
"\xCA\xEF\x1E\x82\x72\x11\xB0\x8F\x7B\xD9\x0F\x08\xC7\x72\x88\xC0\x70\xA4\xA0\x8B\x3A\x93\x3A\x63\xE4\x97\xA0"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #5 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #5 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x07\x06\x05\x04\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -7034,7 +7095,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
28,
"\x2A\xD3\xBA\xD9\x4F\xC5\x2E\x92\xBE\x43\x8E\x82\x7C\x10\x23\xB9\x6A\x8A\x77\x25\x8F\xA1\x7B\xA7\xF3\x31\xDB\x09"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #6 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #6 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x08\x07\x06\x05\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -7042,7 +7103,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
29,
"\xFE\xA5\x48\x0B\xA5\x3F\xA8\xD3\xC3\x44\x22\xAA\xCE\x4D\xE6\x7F\xFA\x3B\xB7\x3B\xAB\xAB\x36\xA1\xEE\x4F\xE0\xFE\x28"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #7 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #7 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x09\x08\x07\x06\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -7050,7 +7111,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
33,
"\x54\x53\x20\x26\xE5\x4C\x11\x9A\x8D\x36\xD9\xEC\x6E\x1E\xD9\x74\x16\xC8\x70\x8C\x4B\x5C\x2C\xAC\xAF\xA3\xBC\xCF\x7A\x4E\xBF\x95\x73"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #8 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #8 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0A\x09\x08\x07\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -7058,7 +7119,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
34,
"\x8A\xD1\x9B\x00\x1A\x87\xD1\x48\xF4\xD9\x2B\xEF\x34\x52\x5C\xCC\xE3\xA6\x3C\x65\x12\xA6\xF5\x75\x73\x88\xE4\x91\x3E\xF1\x47\x01\xF4\x41"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #9 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #9 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0B\x0A\x09\x08\xA0\xA1\xA2\xA3\xA4\xA5",
8, "\x00\x01\x02\x03\x04\x05\x06\x07",
@@ -7066,7 +7127,7 @@ check_ccm_cipher (void)
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
35,
"\x5D\xB0\x8D\x62\x40\x7E\x6E\x31\xD6\x0F\x9C\xA2\xC6\x04\x74\x21\x9A\xC0\xBE\x50\xC0\xD4\xA5\x77\x87\x94\xD6\xE2\x30\xCD\x25\xC9\xFE\xBF\x87"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #10 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #10 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0C\x0B\x0A\x09\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -7074,7 +7135,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
29,
"\xDB\x11\x8C\xCE\xC1\xB8\x76\x1C\x87\x7C\xD8\x96\x3A\x67\xD6\xF3\xBB\xBC\x5C\xD0\x92\x99\xEB\x11\xF3\x12\xF2\x32\x37"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #11 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #11 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0D\x0C\x0B\x0A\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -7082,7 +7143,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
30,
"\x7C\xC8\x3D\x8D\xC4\x91\x03\x52\x5B\x48\x3D\xC5\xCA\x7E\xA9\xAB\x81\x2B\x70\x56\x07\x9D\xAF\xFA\xDA\x16\xCC\xCF\x2C\x4E"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #12 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #12 */
16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
13, "\x00\x00\x00\x0E\x0D\x0C\x0B\xA0\xA1\xA2\xA3\xA4\xA5",
12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
@@ -7090,7 +7151,7 @@ check_ccm_cipher (void)
"\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
31,
"\x2C\xD3\x5B\x88\x20\xD2\x3E\x7A\xA3\x51\xB0\xE9\x2F\xC7\x93\x67\x23\x8B\x2C\xC7\x48\xCB\xB9\x4C\x29\x47\x79\x3D\x64\xAF\x75"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #13 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #13 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\xA9\x70\x11\x0E\x19\x27\xB1\x60\xB6\xA3\x1C\x1C",
8, "\x6B\x7F\x46\x45\x07\xFA\xE4\x96",
@@ -7098,7 +7159,7 @@ check_ccm_cipher (void)
"\xC6\xB5\xF3\xE6\xCA\x23\x11\xAE\xF7\x47\x2B\x20\x3E\x73\x5E\xA5\x61\xAD\xB1\x7D\x56\xC5\xA3",
31,
"\xA4\x35\xD7\x27\x34\x8D\xDD\x22\x90\x7F\x7E\xB8\xF5\xFD\xBB\x4D\x93\x9D\xA6\x52\x4D\xB4\xF6\x45\x58\xC0\x2D\x25\xB1\x27\xEE"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #14 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #14 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\x83\xCD\x8C\xE0\xCB\x42\xB1\x60\xB6\xA3\x1C\x1C",
8, "\x98\x66\x05\xB4\x3D\xF1\x5D\xE7",
@@ -7106,7 +7167,7 @@ check_ccm_cipher (void)
"\x01\xF6\xCE\x67\x64\xC5\x74\x48\x3B\xB0\x2E\x6B\xBF\x1E\x0A\xBD\x26\xA2\x25\x72\xB4\xD8\x0E\xE7",
32,
"\x8A\xE0\x52\x50\x8F\xBE\xCA\x93\x2E\x34\x6F\x05\xE0\xDC\x0D\xFB\xCF\x93\x9E\xAF\xFA\x3E\x58\x7C\x86\x7D\x6E\x1C\x48\x70\x38\x06"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #15 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #15 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\x5F\x54\x95\x0B\x18\xF2\xB1\x60\xB6\xA3\x1C\x1C",
8, "\x48\xF2\xE7\xE1\xA7\x67\x1A\x51",
@@ -7114,7 +7175,7 @@ check_ccm_cipher (void)
"\xCD\xF1\xD8\x40\x6F\xC2\xE9\x01\x49\x53\x89\x70\x05\xFB\xFB\x8B\xA5\x72\x76\xF9\x24\x04\x60\x8E\x08",
33,
"\x08\xB6\x7E\xE2\x1C\x8B\xF2\x6E\x47\x3E\x40\x85\x99\xE9\xC0\x83\x6D\x6A\xF0\xBB\x18\xDF\x55\x46\x6C\xA8\x08\x78\xA7\x90\x47\x6D\xE5"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #16 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #16 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\xEC\x60\x08\x63\x31\x9A\xB1\x60\xB6\xA3\x1C\x1C",
12, "\xDE\x97\xDF\x3B\x8C\xBD\x6D\x8E\x50\x30\xDA\x4C",
@@ -7122,7 +7183,7 @@ check_ccm_cipher (void)
"\xB0\x05\xDC\xFA\x0B\x59\x18\x14\x26\xA9\x61\x68\x5A\x99\x3D\x8C\x43\x18\x5B",
27,
"\x63\xB7\x8B\x49\x67\xB1\x9E\xDB\xB7\x33\xCD\x11\x14\xF6\x4E\xB2\x26\x08\x93\x68\xC3\x54\x82\x8D\x95\x0C\xC5"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #17 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #17 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\x60\xCF\xF1\xA3\x1E\xA1\xB1\x60\xB6\xA3\x1C\x1C",
12, "\xA5\xEE\x93\xE4\x57\xDF\x05\x46\x6E\x78\x2D\xCF",
@@ -7130,7 +7191,7 @@ check_ccm_cipher (void)
"\x2E\x20\x21\x12\x98\x10\x5F\x12\x9D\x5E\xD9\x5B\x93\xF7\x2D\x30\xB2\xFA\xCC\xD7",
28,
"\x0B\xC6\xBB\xE2\xA8\xB9\x09\xF4\x62\x9E\xE6\xDC\x14\x8D\xA4\x44\x10\xE1\x8A\xF4\x31\x47\x38\x32\x76\xF6\x6A\x9F"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #18 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #18 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\x0F\x85\xCD\x99\x5C\x97\xB1\x60\xB6\xA3\x1C\x1C",
12, "\x24\xAA\x1B\xF9\xA5\xCD\x87\x61\x82\xA2\x50\x74",
@@ -7138,7 +7199,7 @@ check_ccm_cipher (void)
"\x26\x45\x94\x1E\x75\x63\x2D\x34\x91\xAF\x0F\xC0\xC9\x87\x6C\x3B\xE4\xAA\x74\x68\xC9",
29,
"\x22\x2A\xD6\x32\xFA\x31\xD6\xAF\x97\x0C\x34\x5F\x7E\x77\xCA\x3B\xD0\xDC\x25\xB3\x40\xA1\xA3\xD3\x1F\x8D\x4B\x44\xB7"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #19 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #19 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\xC2\x9B\x2C\xAA\xC4\xCD\xB1\x60\xB6\xA3\x1C\x1C",
8, "\x69\x19\x46\xB9\xCA\x07\xBE\x87",
@@ -7146,7 +7207,7 @@ check_ccm_cipher (void)
"\x07\x01\x35\xA6\x43\x7C\x9D\xB1\x20\xCD\x61\xD8\xF6\xC3\x9C\x3E\xA1\x25\xFD\x95\xA0\xD2\x3D",
33,
"\x05\xB8\xE1\xB9\xC4\x9C\xFD\x56\xCF\x13\x0A\xA6\x25\x1D\xC2\xEC\xC0\x6C\xCC\x50\x8F\xE6\x97\xA0\x06\x6D\x57\xC8\x4B\xEC\x18\x27\x68"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #20 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #20 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\x2C\x6B\x75\x95\xEE\x62\xB1\x60\xB6\xA3\x1C\x1C",
8, "\xD0\xC5\x4E\xCB\x84\x62\x7D\xC4",
@@ -7154,7 +7215,7 @@ check_ccm_cipher (void)
"\xC8\xC0\x88\x0E\x6C\x63\x6E\x20\x09\x3D\xD6\x59\x42\x17\xD2\xE1\x88\x77\xDB\x26\x4E\x71\xA5\xCC",
34,
"\x54\xCE\xB9\x68\xDE\xE2\x36\x11\x57\x5E\xC0\x03\xDF\xAA\x1C\xD4\x88\x49\xBD\xF5\xAE\x2E\xDB\x6B\x7F\xA7\x75\xB1\x50\xED\x43\x83\xC5\xA9"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #21 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #21 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\xC5\x3C\xD4\xC2\xAA\x24\xB1\x60\xB6\xA3\x1C\x1C",
8, "\xE2\x85\xE0\xE4\x80\x8C\xDA\x3D",
@@ -7162,7 +7223,7 @@ check_ccm_cipher (void)
"\xF7\x5D\xAA\x07\x10\xC4\xE6\x42\x97\x79\x4D\xC2\xB7\xD2\xA2\x07\x57\xB1\xAA\x4E\x44\x80\x02\xFF\xAB",
35,
"\xB1\x40\x45\x46\xBF\x66\x72\x10\xCA\x28\xE3\x09\xB3\x9B\xD6\xCA\x7E\x9F\xC8\x28\x5F\xE6\x98\xD4\x3C\xD2\x0A\x02\xE0\xBD\xCA\xED\x20\x10\xD3"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #22 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #22 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\xBE\xE9\x26\x7F\xBA\xDC\xB1\x60\xB6\xA3\x1C\x1C",
12, "\x6C\xAE\xF9\x94\x11\x41\x57\x0D\x7C\x81\x34\x05",
@@ -7170,7 +7231,7 @@ check_ccm_cipher (void)
"\xC2\x38\x82\x2F\xAC\x5F\x98\xFF\x92\x94\x05\xB0\xAD\x12\x7A\x4E\x41\x85\x4E",
29,
"\x94\xC8\x95\x9C\x11\x56\x9A\x29\x78\x31\xA7\x21\x00\x58\x57\xAB\x61\xB8\x7A\x2D\xEA\x09\x36\xB6\xEB\x5F\x62\x5F\x5D"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #23 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #23 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\xDF\xA8\xB1\x24\x50\x07\xB1\x60\xB6\xA3\x1C\x1C",
12, "\x36\xA5\x2C\xF1\x6B\x19\xA2\x03\x7A\xB7\x01\x1E",
@@ -7178,7 +7239,7 @@ check_ccm_cipher (void)
"\x4D\xBF\x3E\x77\x4A\xD2\x45\xE5\xD5\x89\x1F\x9D\x1C\x32\xA0\xAE\x02\x2C\x85\xD7",
30,
"\x58\x69\xE3\xAA\xD2\x44\x7C\x74\xE0\xFC\x05\xF9\xA4\xEA\x74\x57\x7F\x4D\xE8\xCA\x89\x24\x76\x42\x96\xAD\x04\x11\x9C\xE7"},
- { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #24 */
+ { GCRY_CIPHER_CAMELLIA128, FLAG_NOFIPS, /* Packet Vector #24 */
16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
13, "\x00\x3B\x8F\xD8\xD3\xA9\x37\xB1\x60\xB6\xA3\x1C\x1C",
12, "\xA4\xD4\x99\xF7\x84\x19\x72\x8C\x19\x17\x8B\x0C",
@@ -7200,11 +7261,22 @@ check_ccm_cipher (void)
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
- if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (tv[i].algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- tv[i].algo);
+ if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ }
+ else
+ fail ("cipher-ccm, gcry_cipher_test_algo failed: %s\n",
+ gpg_strerror (err));
+ continue;
+ }
+ else if (in_fips_mode && (tv[i].flags & FLAG_NOFIPS))
+ {
+ fail ("cipher-ccm, gcry_cipher_test_algo unexpectedly worked\n");
continue;
}
@@ -9149,11 +9221,19 @@ check_gost28147_cipher_basic (enum gcry_cipher_algos algo)
if (verbose)
fprintf (stderr, " Starting GOST28147 cipher checks.\n");
- if (gcry_cipher_test_algo (algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- algo);
+ if (in_fips_mode)
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ algo);
+ }
+ return;
+ }
+ else if (in_fips_mode)
+ {
+ fail ("gost28147, gcry_cipher_test_algo did not fail as expcected\n");
return;
}
@@ -9779,13 +9859,22 @@ check_stream_cipher (void)
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
- if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (tv[i].algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- tv[i].algo);
+ if (in_fips_mode)
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ }
continue;
}
+ else if (in_fips_mode)
+ {
+ fail ("stream, gcry_cipher_test_algo: did not fail as expected\n");
+ continue;
+ }
+
if (verbose)
fprintf (stderr, " checking stream mode for %s [%i] (%s)\n",
gcry_cipher_algo_name (tv[i].algo), tv[i].algo, tv[i].name);
@@ -10230,11 +10319,19 @@ check_stream_cipher_large_block (void)
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
- if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ if (gcry_cipher_test_algo (tv[i].algo))
{
- if (verbose)
- fprintf (stderr, " algorithm %d not available in fips mode\n",
- tv[i].algo);
+ if (in_fips_mode)
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ }
+ continue;
+ }
+ else if (in_fips_mode)
+ {
+ fail ("stream, gcry_cipher_test_algo: did not fail as expected\n");
continue;
}
View Lorry Controller Status