Neil Horman wrote:
> On Sat, May 24, 2008 at 10:06:25AM +1000, Herbert Xu wrote:
>> Could you document the source of these vectors in the patch
>> description please?
>
> Sure, reposting
>
> Patch to add checking of DES3 test vectors using CBC mode. FIPS-140-2
> compliance mandates that any supported mode of operation must include a self
> test. This satisfies that requirement for cbc(des3_ede). The included test
> vector was generated by me using openssl. Key/IV was generated with the
> following command:
> openssl enc -des_ede_cbc -P
> input and output values were generated by repeating the string "Too many
> secrets" a few times over, truncating it to 128 bytes, and encrypting it with
> openssl using the aformentioned key. Tested successfully by myself
These tests both seem to fail on my machine. Did you verify that the tests pass
succesfully?
-Adrian
>
> Regards
> Neil
>
>
> Signed-off-by: Neil Horman <[EMAIL PROTECTED]>
>
>
> tcrypt.c | 8 +++++
> tcrypt.h | 93
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
> 2 files changed, 98 insertions(+), 3 deletions(-)
>
> diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
> index 6beabc5..649a8e4 100644
> --- a/crypto/tcrypt.c
> +++ b/crypto/tcrypt.c
> @@ -1180,6 +1180,14 @@ static void do_test(void)
> test_cipher("ecb(des3_ede)", DECRYPT, des3_ede_dec_tv_template,
> DES3_EDE_DEC_TEST_VECTORS);
>
> + test_cipher("cbc(des3_ede)", ENCRYPT,
> + des3_ede_cbc_enc_tv_template,
> + DES3_EDE_CBC_ENC_TEST_VECTORS);
> +
> + test_cipher("cbc(des3_ede)", DECRYPT,
> + des3_ede_cbc_dec_tv_template,
> + DES3_EDE_CBC_DEC_TEST_VECTORS);
> +
> test_hash("md4", md4_tv_template, MD4_TEST_VECTORS);
>
> test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS);
> diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h
> index 47bc0ec..8893733 100644
> --- a/crypto/tcrypt.h
> +++ b/crypto/tcrypt.h
> @@ -1442,6 +1442,8 @@ static struct hash_testvec hmac_sha512_tv_template[] = {
> #define DES_CBC_DEC_TEST_VECTORS 4
> #define DES3_EDE_ENC_TEST_VECTORS 3
> #define DES3_EDE_DEC_TEST_VECTORS 3
> +#define DES3_EDE_CBC_ENC_TEST_VECTORS 1
> +#define DES3_EDE_CBC_DEC_TEST_VECTORS 1
>
> static struct cipher_testvec des_enc_tv_template[] = {
> { /* From Applied Cryptography */
> @@ -1680,9 +1682,6 @@ static struct cipher_testvec des_cbc_dec_tv_template[]
> = {
> },
> };
>
> -/*
> - * We really need some more test vectors, especially for DES3 CBC.
> - */
> static struct cipher_testvec des3_ede_enc_tv_template[] = {
> { /* These are from openssl */
> .key = "\x01\x23\x45\x67\x89\xab\xcd\xef"
> @@ -1745,6 +1744,94 @@ static struct cipher_testvec
> des3_ede_dec_tv_template[] = {
> },
> };
>
> +static struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
> + { /* Generated from openssl */
> + .key = "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
> + "\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
> + "\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
> + .klen = 24,
> + .iv = "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
> + .input = "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
> + "\x53\x20\x63\x65\x65\x72\x73\x74"
> + "\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
> + "\x20\x79\x65\x53\x72\x63\x74\x65"
> + "\x20\x73\x6f\x54\x20\x6f\x61\x4d"
> + "\x79\x6e\x53\x20\x63\x65\x65\x72"
> + "\x73\x74\x54\x20\x6f\x6f\x4d\x20"
> + "\x6e\x61\x20\x79\x65\x53\x72\x63"
> + "\x74\x65\x20\x73\x6f\x54\x20\x6f"
> + "\x61\x4d\x79\x6e\x53\x20\x63\x65"
> + "\x65\x72\x73\x74\x54\x20\x6f\x6f"
> + "\x4d\x20\x6e\x61\x20\x79\x65\x53"
> + "\x72\x63\x74\x65\x20\x73\x6f\x54"
> + "\x20\x6f\x61\x4d\x79\x6e\x53\x20"
> + "\x63\x65\x65\x72\x73\x74\x54\x20"
> + "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
> + .ilen = 128,
> + .result = "\x15\x8d\x5d\x34\x1b\x3f\xda\xda"
> + "\x4f\xce\x21\x82\x12\x54\x21\x0d"
> + "\xb2\x36\xda\xcc\xff\xb2\xff\x79"
> + "\x30\xe9\x95\xf4\x52\xf6\xf1\x43"
> + "\xf2\x88\xe1\x1c\x42\xa1\x6a\x11"
> + "\xda\x8f\xbd\x94\x5e\xe5\xa8\x43"
> + "\xe4\x4f\xbd\x0d\x1e\x67\xa1\x89"
> + "\x9a\x4e\x66\x62\x50\xb3\x07\x3e"
> + "\xc8\xc1\x87\x3d\x96\x62\xf7\xe7"
> + "\x96\x15\xa8\x34\xb6\x94\x1a\x17"
> + "\x05\xde\x62\xd6\xd8\x73\xd6\xb4"
> + "\x24\x1f\x57\xb6\x80\x9a\x65\x50"
> + "\xa0\xee\x2f\x8b\x4c\x80\x86\xfb"
> + "\xbb\xda\xa0\xa2\x4b\x49\x6c\x72"
> + "\x69\x83\xe9\xaa\x92\x56\x33\x95"
> + "\xbc\x80\x88\x04\xde\xd5\x74\x9f",
> + .rlen = 128,
> + },
> +};
> +
> +static struct cipher_testvec des3_ede_cbc_dec_tv_template[] = {
> + { /* Generated from openssl */
> + .key = "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
> + "\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
> + "\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
> + .klen = 24,
> + .iv = "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
> + .input = "\x15\x8d\x5d\x34\x1b\x3f\xda\xda"
> + "\x4f\xce\x21\x82\x12\x54\x21\x0d"
> + "\xb2\x36\xda\xcc\xff\xb2\xff\x79"
> + "\x30\xe9\x95\xf4\x52\xf6\xf1\x43"
> + "\xf2\x88\xe1\x1c\x42\xa1\x6a\x11"
> + "\xda\x8f\xbd\x94\x5e\xe5\xa8\x43"
> + "\xe4\x4f\xbd\x0d\x1e\x67\xa1\x89"
> + "\x9a\x4e\x66\x62\x50\xb3\x07\x3e"
> + "\xc8\xc1\x87\x3d\x96\x62\xf7\xe7"
> + "\x96\x15\xa8\x34\xb6\x94\x1a\x17"
> + "\x05\xde\x62\xd6\xd8\x73\xd6\xb4"
> + "\x24\x1f\x57\xb6\x80\x9a\x65\x50"
> + "\xa0\xee\x2f\x8b\x4c\x80\x86\xfb"
> + "\xbb\xda\xa0\xa2\x4b\x49\x6c\x72"
> + "\x69\x83\xe9\xaa\x92\x56\x33\x95"
> + "\xbc\x80\x88\x04\xde\xd5\x74\x9f",
> + .ilen = 128,
> + .result = "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
> + "\x53\x20\x63\x65\x65\x72\x73\x74"
> + "\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
> + "\x20\x79\x65\x53\x72\x63\x74\x65"
> + "\x20\x73\x6f\x54\x20\x6f\x61\x4d"
> + "\x79\x6e\x53\x20\x63\x65\x65\x72"
> + "\x73\x74\x54\x20\x6f\x6f\x4d\x20"
> + "\x6e\x61\x20\x79\x65\x53\x72\x63"
> + "\x74\x65\x20\x73\x6f\x54\x20\x6f"
> + "\x61\x4d\x79\x6e\x53\x20\x63\x65"
> + "\x65\x72\x73\x74\x54\x20\x6f\x6f"
> + "\x4d\x20\x6e\x61\x20\x79\x65\x53"
> + "\x72\x63\x74\x65\x20\x73\x6f\x54"
> + "\x20\x6f\x61\x4d\x79\x6e\x53\x20"
> + "\x63\x65\x65\x72\x73\x74\x54\x20"
> + "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
> + .rlen = 128,
> + },
> +};
> +
> /*
> * Blowfish test vectors.
> */
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to [EMAIL PROTECTED]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
