ceph/src/crypto/isa-l/isa-l_crypto/aes/cbc_std_vectors.h

   1 /**********************************************************************
   2   Copyright(c) 2011-2016 Intel Corporation All rights reserved.
   3
   4   Redistribution and use in source and binary forms, with or without
   5   modification, are permitted provided that the following conditions
   6   are met:
   7     * Redistributions of source code must retain the above copyright
   8       notice, this list of conditions and the following disclaimer.
   9     * Redistributions in binary form must reproduce the above copyright
  10       notice, this list of conditions and the following disclaimer in
  11       the documentation and/or other materials provided with the
  12       distribution.
  13     * Neither the name of Intel Corporation nor the names of its
  14       contributors may be used to endorse or promote products derived
  15       from this software without specific prior written permission.
  16
  17   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  18   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  19   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  20   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  21   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  22   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  23   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  24   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  25   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  26   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  27   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  28 **********************************************************************/
  29
  30 #ifndef AES_CBC_STD_VECTORS_H_
  31 #define AES_CBC_STD_VECTORS_H_
  32 #include <aes_cbc.h>
  33
  34
  35 // struct to hold pointers to the cbc data vectors
  36 struct cbc_vector {
  37         uint8_t*             K;           // AES Key
  38         cbc_key_size         K_LEN;       // length of key in bits
  39         uint8_t*             IV;          // initial value used by GCM
  40         uint64_t             P_LEN;       // length of our plaintext
  41         uint8_t*             P;           // Plain text
  42         //outputs of encryption
  43         uint8_t*             EXP_C;       // same length as P
  44         // used in vector checks, not populated in std vector array
  45         uint8_t             *C;
  46         struct cbc_key_data *KEYS;
  47 };
  48
  49
  50 ///////////////////////////////////////////
  51 // Test vectors from:
  52 // Intel IPSec library 1..3
  53 //
  54 ///////////////////////////////////////////
  55 static unsigned char K1[] = {
  56         0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
  57 };
  58 static unsigned char IV1[] = {
  59         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
  60 };
  61 static unsigned char P1[] = {
  62         0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
  63         0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
  64         0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
  65         0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
  66 };
  67 static unsigned char C1[] = {
  68         0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
  69         0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
  70         0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b, 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
  71         0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09, 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7
  72 };
  73
  74 static unsigned char K2[] = {
  75         0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
  76         0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
  77 };
  78 static unsigned char IV2[] = {
  79         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
  80 };
  81 static unsigned char P2[] = {
  82         0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
  83         0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
  84         0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
  85         0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
  86 };
  87 static unsigned char C2[] = {
  88         0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
  89         0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d, 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
  90         0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf, 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
  91         0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc, 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b
  92 };
  93
  94 static unsigned char K3[] = {
  95                 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
  96                 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7
  97 };
  98 static unsigned char IV3[] = {
  99                 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
 100 };
 101 static unsigned char P3[] = {
 102                 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
 103                 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
 104                 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
 105                 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
 106 };
 107 static unsigned char C3[] = {
 108                 0x17, 0x70, 0x1a, 0x9d, 0x29, 0xc9, 0x1a, 0x94, 0xce, 0xed, 0x72, 0x3c, 0x34, 0xe8,
 109                 0x7a, 0xbe, 0x1c, 0x96, 0x84, 0x5c, 0xa8, 0xb7, 0xe8, 0x58, 0x6d, 0xfe, 0xf2, 0xfa,
 110                 0x6b, 0xed, 0x24, 0x09, 0x8a, 0x52, 0xce, 0xe8, 0xd7, 0x6d, 0xb6, 0x7b, 0xfd, 0xe2,
 111                 0x15, 0x53, 0xd3, 0x1c, 0x28, 0x33, 0xf7, 0x7e, 0xb5, 0x95, 0x00, 0xac, 0x49, 0x03,
 112                 0xbc, 0x70, 0x76, 0xb1, 0x84, 0x65, 0xd0, 0xea
 113 };
 114
 115 ///////////////////////////////////////////
 116 // Test vectors from:
 117 // 'https://tools.ietf.org/html/rfc3602#section-3.2'
 118 //  The AES-CBC Cipher Algorithm and Its Use with IPsec
 119 //
 120 ///////////////////////////////////////////
 121 /*
 122 Case #1: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key
 123 Key       : 0x06a9214036b8a15b512e03d534120006
 124 IV        : 0x3dafba429d9eb430b422da802c9fac41
 125 Plaintext : "Single block msg"
 126 Ciphertext: 0xe353779c1079aeb82708942dbe77181a
 127  *
 128  */
 129 static unsigned char K4[] = {
 130                 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06
 131 };
 132 static unsigned char IV4[] = {
 133                 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30, 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41
 134 };
 135 static unsigned char P4[] = {
 136                 "Single block msg"
 137 };
 138 static unsigned char C4[] = {
 139                 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8, 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a
 140 };
 141
 142 /*
 143 Case #2: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key
 144 Key       : 0xc286696d887c9aa0611bbb3e2025a45a
 145 IV        : 0x562e17996d093d28ddb3ba695a2e6f58
 146 Plaintext : 0x000102030405060708090a0b0c0d0e0f
 147               101112131415161718191a1b1c1d1e1f
 148 Ciphertext: 0xd296cd94c2cccf8a3a863028b5e1dc0a
 149               7586602d253cfff91b8266bea6d61ab1
 150 */
 151 static unsigned char K5[] = {
 152                 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a
 153 };
 154 static unsigned char IV5[] = {
 155                 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58
 156 };
 157 static unsigned char P5[] = {
 158                 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d,
 159                 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
 160                 0x1c, 0x1d, 0x1e, 0x1f
 161 };
 162 static unsigned char C5[] = {
 163                 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1,
 164                 0xdc, 0x0a, 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, 0x1b, 0x82, 0x66, 0xbe,
 165                 0xa6, 0xd6, 0x1a, 0xb1
 166 };
 167
 168 /*
 169 Case #3: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key
 170 Key       : 0x6c3ea0477630ce21a2ce334aa746c2cd
 171 IV        : 0xc782dc4c098c66cbd9cd27d825682c81
 172 Plaintext : "This is a 48-byte message (exactly 3 AES blocks)"
 173 Ciphertext: 0xd0a02b3836451753d493665d33f0e886
 174               2dea54cdb293abc7506939276772f8d5
 175               021c19216bad525c8579695d83ba2684
 176
 177  */
 178 static unsigned char K6[] = {
 179                 0x6c, 0x3e, 0xa0, 0x47, 0x76, 0x30, 0xce, 0x21, 0xa2, 0xce, 0x33, 0x4a, 0xa7, 0x46, 0xc2, 0xcd
 180 };
 181 static unsigned char IV6[] = {
 182                 0xc7, 0x82, 0xdc, 0x4c, 0x09, 0x8c, 0x66, 0xcb, 0xd9, 0xcd, 0x27, 0xd8, 0x25, 0x68, 0x2c, 0x81
 183 };
 184 static unsigned char P6[] = {
 185                 "This is a 48-byte message (exactly 3 AES blocks)"
 186 };
 187 static unsigned char C6[] = {
 188                 0xd0, 0xa0, 0x2b, 0x38, 0x36, 0x45, 0x17, 0x53, 0xd4, 0x93, 0x66, 0x5d, 0x33, 0xf0, 0xe8, 0x86,
 189                 0x2d, 0xea, 0x54, 0xcd, 0xb2, 0x93, 0xab, 0xc7, 0x50, 0x69, 0x39, 0x27, 0x67, 0x72, 0xf8, 0xd5,
 190                 0x02, 0x1c, 0x19, 0x21, 0x6b, 0xad, 0x52, 0x5c, 0x85, 0x79, 0x69, 0x5d, 0x83, 0xba, 0x26, 0x84
 191 };
 192
 193 /*
 194 Case #4: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key
 195 Key       : 0x56e47a38c5598974bc46903dba290349
 196 IV        : 0x8ce82eefbea0da3c44699ed7db51b7d9
 197 Plaintext : 0xa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 198               b0b1b2b3b4b5b6b7b8b9babbbcbdbebf
 199               c0c1c2c3c4c5c6c7c8c9cacbcccdcecf
 200               d0d1d2d3d4d5d6d7d8d9dadbdcdddedf
 201 Ciphertext: 0xc30e32ffedc0774e6aff6af0869f71aa
 202               0f3af07a9a31a9c684db207eb0ef8e4e
 203               35907aa632c3ffdf868bb7b29d3d46ad
 204               83ce9f9a102ee99d49a53e87f4c3da55
 205  */
 206 static unsigned char K7[] = {
 207                 0x56, 0xe4, 0x7a, 0x38, 0xc5, 0x59, 0x89, 0x74, 0xbc, 0x46, 0x90, 0x3d, 0xba, 0x29, 0x03, 0x49
 208 };
 209 static unsigned char IV7[] = {
 210                 0x8c, 0xe8, 0x2e, 0xef, 0xbe, 0xa0, 0xda, 0x3c, 0x44, 0x69, 0x9e, 0xd7, 0xdb, 0x51, 0xb7, 0xd9
 211 };
 212 static unsigned char P7[] = {
 213                 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
 214             0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
 215                 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
 216                 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf
 217 };
 218 static unsigned char C7[] = {
 219                 0xc3, 0x0e, 0x32, 0xff, 0xed, 0xc0, 0x77, 0x4e, 0x6a, 0xff, 0x6a, 0xf0, 0x86, 0x9f, 0x71, 0xaa,
 220                 0x0f, 0x3a, 0xf0, 0x7a, 0x9a, 0x31, 0xa9, 0xc6, 0x84, 0xdb, 0x20, 0x7e, 0xb0, 0xef, 0x8e, 0x4e,
 221                 0x35, 0x90, 0x7a, 0xa6, 0x32, 0xc3, 0xff, 0xdf, 0x86, 0x8b, 0xb7, 0xb2, 0x9d, 0x3d, 0x46, 0xad,
 222                 0x83, 0xce, 0x9f, 0x9a, 0x10, 0x2e, 0xe9, 0x9d, 0x49, 0xa5, 0x3e, 0x87, 0xf4, 0xc3, 0xda, 0x55
 223 };
 224
 225 /*
 226 Case #5: Sample transport-mode ESP packet (ping 192.168.123.100)
 227 Key: 90d382b4 10eeba7a d938c46c ec1a82bf
 228 SPI: 4321
 229 Source address: 192.168.123.3
 230 Destination address: 192.168.123.100
 231 Sequence number: 1
 232 IV: e96e8c08 ab465763 fd098d45 dd3ff893
 233
 234 Original packet:
 235 IP header (20 bytes): 45000054 08f20000 4001f9fe c0a87b03 c0a87b64
 236 Data (64 bytes):
 237 08000ebd a70a0000 8e9c083d b95b0700 08090a0b 0c0d0e0f 10111213 14151617
 238 18191a1b 1c1d1e1f 20212223 24252627 28292a2b 2c2d2e2f 30313233 34353637
 239
 240 Augment data with:
 241 Padding: 01020304 05060708 090a0b0c 0d0e
 242 Pad length: 0e
 243 Next header: 01 (ICMP)
 244
 245 Pre-encryption Data with padding, pad length and next header (80 bytes):
 246 08000ebd a70a0000 8e9c083d b95b0700 08090a0b 0c0d0e0f 10111213 14151617
 247 18191a1b 1c1d1e1f 20212223 24252627 28292a2b 2c2d2e2f 30313233 34353637
 248 01020304 05060708 090a0b0c 0d0e0e01
 249
 250 Post-encryption packet with SPI, Sequence number, IV:
 251 IP header: 4500007c 08f20000 4032f9a5 c0a87b03 c0a87b64
 252 SPI/Seq #: 00004321 00000001
 253 IV: e96e8c08 ab465763 fd098d45 dd3ff893
 254 Encrypted Data (80 bytes):
 255 f663c25d 325c18c6 a9453e19 4e120849 a4870b66 cc6b9965 330013b4 898dc856
 256 a4699e52 3a55db08 0b59ec3a 8e4b7e52 775b07d1 db34ed9c 538ab50c 551b874a
 257 a269add0 47ad2d59 13ac19b7 cfbad4a6
 258 */
 259 static unsigned char K8[] = {
 260                 0x90, 0xd3, 0x82, 0xb4, 0x10, 0xee, 0xba, 0x7a, 0xd9, 0x38, 0xc4, 0x6c, 0xec, 0x1a, 0x82, 0xbf
 261 };
 262 static unsigned char IV8[] = {
 263                 0xe9, 0x6e, 0x8c, 0x08, 0xab, 0x46, 0x57, 0x63, 0xfd, 0x09, 0x8d, 0x45, 0xdd, 0x3f, 0xf8, 0x93
 264 };
 265 static unsigned char P8[] = {
 266                 0x08, 0x00, 0x0e, 0xbd, 0xa7, 0x0a, 0x00, 0x00, 0x8e, 0x9c, 0x08, 0x3d, 0xb9, 0x5b, 0x07, 0x00,
 267                 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
 268                 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
 269                 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
 270                 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0e, 0x01
 271 };
 272 static unsigned char C8[] = {
 273                 0xf6, 0x63, 0xc2, 0x5d, 0x32, 0x5c, 0x18, 0xc6, 0xa9, 0x45, 0x3e, 0x19, 0x4e, 0x12, 0x08, 0x49,
 274                 0xa4, 0x87, 0x0b, 0x66, 0xcc, 0x6b, 0x99, 0x65, 0x33, 0x00, 0x13, 0xb4, 0x89, 0x8d, 0xc8, 0x56,
 275                 0xa4, 0x69, 0x9e, 0x52, 0x3a, 0x55, 0xdb, 0x08, 0x0b, 0x59, 0xec, 0x3a, 0x8e, 0x4b, 0x7e, 0x52,
 276                 0x77, 0x5b, 0x07, 0xd1, 0xdb, 0x34, 0xed, 0x9c, 0x53, 0x8a, 0xb5, 0x0c, 0x55, 0x1b, 0x87, 0x4a,
 277                 0xa2, 0x69, 0xad, 0xd0, 0x47, 0xad, 0x2d, 0x59, 0x13, 0xac, 0x19, 0xb7, 0xcf, 0xba, 0xd4, 0xa6
 278 };
 279
 280 /*
 281 Case #6: Sample transport-mode ESP packet
 282          (ping -p 77 -s 20 192.168.123.100)
 283 Key: 90d382b4 10eeba7a d938c46c ec1a82bf
 284 SPI: 4321
 285 Source address: 192.168.123.3
 286 Destination address: 192.168.123.100
 287 Sequence number: 8
 288 IV: 69d08df7 d203329d b093fc49 24e5bd80
 289
 290 Original packet:
 291 IP header (20 bytes): 45000030 08fe0000 4001fa16 c0a87b03 c0a87b64
 292 Data (28 bytes):
 293 0800b5e8 a80a0500 a69c083d 0b660e00 77777777 77777777 77777777
 294
 295 Augment data with:
 296 Padding: 0102
 297 Pad length: 02
 298 Next header: 01 (ICMP)
 299
 300 Pre-encryption Data with padding, pad length and next header (32 bytes):
 301 0800b5e8 a80a0500 a69c083d 0b660e00 77777777 77777777 77777777 01020201
 302
 303 Post-encryption packet with SPI, Sequence number, IV:
 304 IP header: 4500004c 08fe0000 4032f9c9 c0a87b03 c0a87b64
 305 SPI/Seq #: 00004321 00000008
 306 IV: 69d08df7 d203329d b093fc49 24e5bd80
 307 Encrypted Data (32 bytes):
 308 f5199588 1ec4e0c4 488987ce 742e8109 689bb379 d2d750c0 d915dca3 46a89f75
 309  */
 310 static unsigned char K9[] = {
 311                 0x90, 0xd3, 0x82, 0xb4, 0x10, 0xee, 0xba, 0x7a, 0xd9, 0x38, 0xc4, 0x6c, 0xec, 0x1a, 0x82, 0xbf
 312 };
 313 static unsigned char IV9[] = {
 314                 0x69, 0xd0, 0x8d, 0xf7, 0xd2, 0x03, 0x32, 0x9d, 0xb0, 0x93, 0xfc, 0x49, 0x24, 0xe5, 0xbd, 0x80
 315 };
 316 static unsigned char P9[] = {
 317                 0x08, 0x00, 0xb5, 0xe8, 0xa8, 0x0a, 0x05, 0x00, 0xa6, 0x9c, 0x08, 0x3d, 0x0b, 0x66, 0x0e, 0x00,
 318                 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x01, 0x02, 0x02, 0x01
 319 };
 320 static unsigned char C9[] = {
 321                 0xf5, 0x19, 0x95, 0x88, 0x1e, 0xc4, 0xe0, 0xc4, 0x48, 0x89, 0x87, 0xce, 0x74, 0x2e, 0x81, 0x09,
 322                 0x68, 0x9b, 0xb3, 0x79, 0xd2, 0xd7, 0x50, 0xc0, 0xd9, 0x15, 0xdc, 0xa3, 0x46, 0xa8, 0x9f, 0x75
 323 };
 324
 325 /*
 326 Case #7: Sample tunnel-mode ESP packet (ping 192.168.123.200)
 327 Key: 01234567 89abcdef 01234567 89abcdef
 328 SPI: 8765
 329 Source address: 192.168.123.3
 330 Destination address: 192.168.123.200
 331 Sequence number: 2
 332 IV: f4e76524 4f6407ad f13dc138 0f673f37
 333
 334 Original packet:
 335 IP header (20 bytes): 45000054 09040000 4001f988 c0a87b03 c0a87bc8
 336 Data (64 bytes):
 337 08009f76 a90a0100 b49c083d 02a20400 08090a0b 0c0d0e0f 10111213 14151617
 338 18191a1b 1c1d1e1f 20212223 24252627 28292a2b 2c2d2e2f 30313233 34353637
 339
 340 Augment data with:
 341 Padding: 01020304 05060708 090a
 342 Pad length: 0a
 343 Next header: 04 (IP-in-IP)
 344
 345 Pre-encryption Data with original IP header, padding, pad length and
 346                          next header (96 bytes):
 347 45000054 09040000 4001f988 c0a87b03 c0a87bc8 08009f76 a90a0100 b49c083d
 348 02a20400 08090a0b 0c0d0e0f 10111213 14151617 18191a1b 1c1d1e1f 20212223
 349 24252627 28292a2b 2c2d2e2f 30313233 34353637 01020304 05060708 090a0a04
 350
 351
 352 Post-encryption packet with SPI, Sequence number, IV:
 353 IP header: 4500008c 09050000 4032f91e c0a87b03 c0a87bc8
 354 SPI/Seq #: 00008765 00000002
 355 IV: f4e76524 4f6407ad f13dc138 0f673f37
 356 Encrypted Data (96 bytes):
 357 773b5241 a4c44922 5e4f3ce5 ed611b0c 237ca96c f74a9301 3c1b0ea1 a0cf70f8
 358 e4ecaec7 8ac53aad 7a0f022b 859243c6 47752e94 a859352b 8a4d4d2d ecd136e5
 359 c177f132 ad3fbfb2 201ac990 4c74ee0a 109e0ca1 e4dfe9d5 a100b842 f1c22f0d
 360  */
 361 static unsigned char K10[] = {
 362                 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
 363 };
 364 static unsigned char IV10[] = {
 365                 0xf4, 0xe7, 0x65, 0x24, 0x4f, 0x64, 0x07, 0xad, 0xf1, 0x3d, 0xc1, 0x38, 0x0f, 0x67, 0x3f, 0x37
 366 };
 367 static unsigned char P10[] = {
 368                 0x45, 0x00, 0x00, 0x54, 0x09, 0x04, 0x00, 0x00, 0x40, 0x01, 0xf9, 0x88, 0xc0, 0xa8, 0x7b, 0x03,
 369                 0xc0, 0xa8, 0x7b, 0xc8, 0x08, 0x00, 0x9f, 0x76, 0xa9, 0x0a, 0x01, 0x00, 0xb4, 0x9c, 0x08, 0x3d,
 370                 0x02, 0xa2, 0x04, 0x00, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13,
 371                 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
 372                 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
 373                 0x34, 0x35, 0x36, 0x37, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0a, 0x04
 374
 375 };
 376 static unsigned char C10[] = {
 377                 0x77, 0x3b, 0x52, 0x41, 0xa4, 0xc4, 0x49, 0x22, 0x5e, 0x4f, 0x3c, 0xe5, 0xed, 0x61, 0x1b, 0x0c,
 378                 0x23, 0x7c, 0xa9, 0x6c, 0xf7, 0x4a, 0x93, 0x01, 0x3c, 0x1b, 0x0e, 0xa1, 0xa0, 0xcf, 0x70, 0xf8,
 379                 0xe4, 0xec, 0xae, 0xc7, 0x8a, 0xc5, 0x3a, 0xad, 0x7a, 0x0f, 0x02, 0x2b, 0x85, 0x92, 0x43, 0xc6,
 380                 0x47, 0x75, 0x2e, 0x94, 0xa8, 0x59, 0x35, 0x2b, 0x8a, 0x4d, 0x4d, 0x2d, 0xec, 0xd1, 0x36, 0xe5,
 381                 0xc1, 0x77, 0xf1, 0x32, 0xad, 0x3f, 0xbf, 0xb2, 0x20, 0x1a, 0xc9, 0x90, 0x4c, 0x74, 0xee, 0x0a,
 382                 0x10, 0x9e, 0x0c, 0xa1, 0xe4, 0xdf, 0xe9, 0xd5, 0xa1, 0x00, 0xb8, 0x42, 0xf1, 0xc2, 0x2f, 0x0d
 383 };
 384
 385 /*
 386 Case #8: Sample tunnel-mode ESP packet
 387          (ping -p ff -s 40 192.168.123.200)
 388 Key: 01234567 89abcdef 01234567 89abcdef
 389 SPI: 8765
 390 Source address: 192.168.123.3
 391 Destination address: 192.168.123.200
 392 Sequence number: 5
 393 IV: 85d47224 b5f3dd5d 2101d4ea 8dffab22
 394
 395 Original packet:
 396 IP header (20 bytes): 45000044 090c0000 4001f990 c0a87b03 c0a87bc8
 397 Data (48 bytes):
 398 0800d63c aa0a0200 c69c083d a3de0300 ffffffff ffffffff ffffffff ffffffff
 399 ffffffff ffffffff ffffffff ffffffff
 400
 401 Augment data with:
 402 Padding: 01020304 05060708 090a
 403 Pad length: 0a
 404 Next header: 04 (IP-in-IP)
 405
 406 Pre-encryption Data with original IP header, padding, pad length and
 407                          next header (80 bytes):
 408 45000044 090c0000 4001f990 c0a87b03 c0a87bc8 0800d63c aa0a0200 c69c083d
 409 a3de0300 ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff
 410 ffffffff 01020304 05060708 090a0a04
 411
 412 Post-encryption packet with SPI, Sequence number, IV:
 413 IP header: 4500007c 090d0000 4032f926 c0a87b03 c0a87bc8
 414 SPI/Seq #: 00008765 00000005
 415 IV: 85d47224 b5f3dd5d 2101d4ea 8dffab22
 416 Encrypted Data (80 bytes):
 417 15b92683 819596a8 047232cc 00f7048f e45318e1 1f8a0f62 ede3c3fc 61203bb5
 418 0f980a08 c9843fd3 a1b06d5c 07ff9639 b7eb7dfb 3512e5de 435e7207 ed971ef3
 419 d2726d9b 5ef6affc 6d17a0de cbb13892
 420  */
 421 static unsigned char K11[] = {
 422                 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
 423 };
 424 static unsigned char IV11[] = {
 425                 0x85, 0xd4, 0x72, 0x24, 0xb5, 0xf3, 0xdd, 0x5d, 0x21, 0x01, 0xd4, 0xea, 0x8d, 0xff, 0xab, 0x22
 426 };
 427 static unsigned char P11[] = {
 428                 0x45, 0x00, 0x00, 0x44, 0x09, 0x0c, 0x00, 0x00, 0x40, 0x01, 0xf9, 0x90, 0xc0, 0xa8, 0x7b, 0x03,
 429                 0xc0, 0xa8, 0x7b, 0xc8, 0x08, 0x00, 0xd6, 0x3c, 0xaa, 0x0a, 0x02, 0x00, 0xc6, 0x9c, 0x08, 0x3d,
 430                 0xa3, 0xde, 0x03, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
 431                 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
 432                 0xff, 0xff, 0xff, 0xff, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0a, 0x04
 433 };
 434 static unsigned char C11[] = {
 435                 0x15, 0xb9, 0x26, 0x83, 0x81, 0x95, 0x96, 0xa8, 0x04, 0x72, 0x32, 0xcc, 0x00, 0xf7, 0x04, 0x8f,
 436                 0xe4, 0x53, 0x18, 0xe1, 0x1f, 0x8a, 0x0f, 0x62, 0xed, 0xe3, 0xc3, 0xfc, 0x61, 0x20, 0x3b, 0xb5,
 437                 0x0f, 0x98, 0x0a, 0x08, 0xc9, 0x84, 0x3f, 0xd3, 0xa1, 0xb0, 0x6d, 0x5c, 0x07, 0xff, 0x96, 0x39,
 438                 0xb7, 0xeb, 0x7d, 0xfb, 0x35, 0x12, 0xe5, 0xde, 0x43, 0x5e, 0x72, 0x07, 0xed, 0x97, 0x1e, 0xf3,
 439                 0xd2, 0x72, 0x6d, 0x9b, 0x5e, 0xf6, 0xaf, 0xfc, 0x6d, 0x17, 0xa0, 0xde, 0xcb, 0xb1, 0x38, 0x92
 440 };
 441
 442
 443 #define min_size(a, b) (((a)<(b))?(a):(b))
 444 // Plain and cypher text will be the same size
 445 // Those vectors using strings for plain text have an extra null terminator that needs
 446 // to be ignored
 447 #define vect_size(P, C) (min_size((sizeof(P)),(sizeof(C))))
 448 #define CBC_KEY_LEN(kdata) (sizeof(kdata))
 449
 450 //field order {K, Klen, IV, Plen, P, C};
 451 #define vector(N) {K##N, (CBC_KEY_LEN(K##N)), IV##N, vect_size(P##N,C##N), P##N, C##N, NULL, NULL, /*NULL, NULL*/}
 452 struct cbc_vector const cbc_vectors[] = {
 453         vector(1),
 454         vector(2),
 455         vector(3),
 456         vector(4),
 457         vector(5),
 458         vector(6),
 459         vector(7),
 460         vector(8),
 461         vector(9),
 462         vector(10),
 463         vector(11),
 464 };
 465
 466 #endif /* AES_CBC_STD_VECTORS_H_ */