diff options
| author | Todd Short <tshort@akamai.com> | 2017-05-19 10:27:28 -0400 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2018-12-12 08:16:10 +1000 |
| commit | b1ceb439f234a998db84f27a3a245dab95d322ab (patch) | |
| tree | 98dbc974b4a6119fe88c01ae0a4017b13fa10e93 /test/recipes | |
| parent | 6de98b4fb6265f8a4b2e5b599d6714ff937dca6b (diff) | |
Add RFC5297 AES-SIV support
Based originally on github.com/dfoxfranke/libaes_siv
This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR
and CMAC code to reduce complexity at the cost of perfomance. The
expected use is for short inputs, not TLS-sized records.
Add multiple AAD input capacity in the EVP tests.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3540)
Diffstat (limited to 'test/recipes')
| -rw-r--r-- | test/recipes/30-test_evp.t | 2 | ||||
| -rw-r--r-- | test/recipes/30-test_evp_data/evpaessiv.txt | 44 |
2 files changed, 45 insertions, 1 deletions
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t index d8162bc886..c2079bd6e6 100644 --- a/test/recipes/30-test_evp.t +++ b/test/recipes/30-test_evp.t @@ -16,7 +16,7 @@ setup("test_evp"); my @files = ( "evpciph.txt", "evpdigest.txt", "evpencod.txt", "evpkdf.txt", "evpmac.txt", "evppbe.txt", "evppkey.txt", "evppkey_ecc.txt", - "evpcase.txt" ); + "evpcase.txt", "evpaessiv.txt" ); plan tests => scalar(@files); diff --git a/test/recipes/30-test_evp_data/evpaessiv.txt b/test/recipes/30-test_evp_data/evpaessiv.txt new file mode 100644 index 0000000000..5419918352 --- /dev/null +++ b/test/recipes/30-test_evp_data/evpaessiv.txt @@ -0,0 +1,44 @@ +# +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Tests start with one of these keywords +# Cipher Decrypt Derive Digest Encoding KDF MAC PBE +# PrivPubKeyPair Sign Verify VerifyRecover +# and continue until a blank line. Lines starting with a pound sign, +# like this prolog, are ignored. + +Title = RFC5297 AES-SIV +Cipher = aes-128-siv +Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff +AAD = 101112131415161718191a1b1c1d1e1f2021222324252627 +Tag = 85632d07c6e8f37f950acd320a2ecc93 +Plaintext = 112233445566778899aabbccddee +Ciphertext = 40c02b9690c4dc04daef7f6afe5c + +Cipher = aes-128-siv +Key = 7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f +AAD = 00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100 +AAD = 102030405060708090a0 +AAD = 09f911029d74e35bd84156c5635688c0 +Tag = 7bdb6e3b432667eb06f4d14bff2fbd0f +Plaintext = 7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553 +Ciphertext = cb900f2fddbe404326601965c889bf17dba77ceb094fa663b7a3f748ba8af829ea64ad544a272e9c485b62a3fd5c0d + +Cipher = aes-192-siv +Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfefffffefdfcfbfaf9f8f7f6f5f4f3f2f1f0 +AAD = 101112131415161718191a1b1c1d1e1f2021222324252627 +Tag = 89e869b93256785154f0963962fe0740 +Plaintext = 112233445566778899aabbccddee +Ciphertext = eff356e42dec1f4febded36642f2 + +Cipher = aes-256-siv +Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfefff0f1f2f3f4f5f6f7f8f9fafbfcfdfefffffefdfcfbfaf9f8f7f6f5f4f3f2f1f0 +AAD = 101112131415161718191a1b1c1d1e1f2021222324252627 +Tag = 724dfb2eaf94dbb19b0ba3a299a0801e +Plaintext = 112233445566778899aabbccddee +Ciphertext = f3b05a55498ec2552690b89810e4 |