diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-06-08 14:33:27 +1000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-07-15 23:11:50 +0200 |
commit | 7cc355c2e4e081dca3c6c345a75a2ab16800c807 (patch) | |
tree | af03550512bc59ca961934e9009c6c8fd4be5656 /test/recipes | |
parent | c35b8535768e22cd3b7743f4887a72e53a621a5f (diff) | |
download | openssl-7cc355c2e4e081dca3c6c345a75a2ab16800c807.tar.gz |
Add AES_CBC_CTS ciphers to providers
Added Algorithm names AES-128-CBC-CTS, AES-192-CBC-CTS and AES-256-CBC-CTS.
CS1, CS2 and CS3 variants are supported.
Only single shot updates are supported.
The cipher returns the mode EVP_CIPH_CBC_MODE (Internally it shares the aes_cbc cipher code). This
would allow existing code that uses AES_CBC to switch to the CTS variant without breaking code that
tests for this mode. Because it shares the aes_cbc code the cts128.c functions could not be used directly.
The cipher returns the flag EVP_CIPH_FLAG_CTS.
EVP_CIPH_FLAG_FIPS & EVP_CIPH_FLAG_NON_FIPS_ALLOW have been deprecated.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12094)
Diffstat (limited to 'test/recipes')
-rw-r--r-- | test/recipes/30-test_evp.t | 3 | ||||
-rw-r--r-- | test/recipes/30-test_evp_data/evpciph_aes_cts.txt | 362 |
2 files changed, 364 insertions, 1 deletions
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t index 3855d8a3b9..32639b77a5 100644 --- a/test/recipes/30-test_evp.t +++ b/test/recipes/30-test_evp.t @@ -32,7 +32,8 @@ my @configs = ( $defaultcnf ); push @configs, 'fips.cnf' unless $no_fips; my @files = qw( evprand.txt evpciph.txt evpdigest.txt evppkey.txt - evppkey_ecc.txt ); + evppkey_ecc.txt evpciph_aes_cts.txt); + my @defltfiles = qw( evpencod.txt evpkdf.txt evppkey_kdf.txt evpmac.txt evppbe.txt evpcase.txt evpccmcavs.txt ); my @ideafiles = qw( evpciph_idea.txt ); diff --git a/test/recipes/30-test_evp_data/evpciph_aes_cts.txt b/test/recipes/30-test_evp_data/evpciph_aes_cts.txt new file mode 100644 index 0000000000..83bac2c5c8 --- /dev/null +++ b/test/recipes/30-test_evp_data/evpciph_aes_cts.txt @@ -0,0 +1,362 @@ +# +# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Original test vectors were taken from https://www.ietf.org/rfc/rfc3962.txt for CS3 +# These have an IV of all zeros, for a 128 bit AES key. + +# 17 bytes Input +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b652074686520 +Ciphertext = c6353568f2bf8cb4d8a580362da7ff7f97 + +# 31 bytes input +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320 +Ciphertext = fc00783e0efdb2c1d445d4c8eff7ed2297687268d6ecccc0c07b25e25ecfe5 + +# 32 bytes input (CS3 always swaps the last 2 byte blocks - so it is not equivalent to CBC for a full block) +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = 39312523a78662d5be7fcbcc98ebf5a897687268d6ecccc0c07b25e25ecfe584 + +# 47 bytes input +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c +Ciphertext = 97687268d6ecccc0c07b25e25ecfe584b3fffd940c16a18c1b5549d2f838029e39312523a78662d5be7fcbcc98ebf5 + +# 48 bytes input +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20 +Ciphertext = 97687268d6ecccc0c07b25e25ecfe5849dad8bbb96c4cdc03bc103e1a194bbd839312523a78662d5be7fcbcc98ebf5a8 + +# 64 bytes input (CS3 always swaps the last 2 byte blocks - so it is not equivalent to CBC for a full block) +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a84807efe836ee89a526730dbc2f7bc8409dad8bbb96c4cdc03bc103e1a194bbd8 + +#------------------------------------------------------ +# AES_CBC results for aligned block lengths. (Result should be the same as 32 byte CTS1 & CTS2) + +# 32 bytes input +Cipher = AES-128-CBC +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8 + +# 48 bytes input +Cipher = AES-128-CBC +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20 +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd8 + +# 64 bytes input +Cipher = AES-128-CBC +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840 + +#------------------------------------------------------ +# Manually edited using the same inputs to also produce CS2 ciphertext +# where aligned blocks are the same as CBC mode, and partial lengths +# are the same as CS3. + +# 17 bytes Input (For partial blocks the output should match CS3) +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b652074686520 +Ciphertext = c6353568f2bf8cb4d8a580362da7ff7f97 + +# 31 bytes input (For partial blocks the output should match CS3) +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320 +Ciphertext = fc00783e0efdb2c1d445d4c8eff7ed2297687268d6ecccc0c07b25e25ecfe5 + +# 32 bytes input (Aligned blocks should match normal CBC mode) +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8 + +# 47 bytes input +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c +Ciphertext = 97687268d6ecccc0c07b25e25ecfe584b3fffd940c16a18c1b5549d2f838029e39312523a78662d5be7fcbcc98ebf5 + +# 64 bytes input (CS2 is equivalent to CBC when the last block in full) +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840 + +#------------------------------------------------------ +# Manually edited using the same inputs to also produce CS1 ciphertext +# where aligned blocks are the same as CBC mode, and partial lengths +# have the last 2 blocks swapped compared to CS3. + +# 17 bytes Input((Default is CS1 if CTSMode is not specified) +Cipher = AES-128-CBC-CTS +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b652074686520 +Ciphertext = 97c6353568f2bf8cb4d8a580362da7ff7f + +# 31 bytes input +Cipher = AES-128-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320 +Ciphertext = 97687268d6ecccc0c07b25e25ecfe5fc00783e0efdb2c1d445d4c8eff7ed22 + +# 32 bytes input +Cipher = AES-128-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8 + +# 47 bytes input +Cipher = AES-128-CBC-CTS +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5b3fffd940c16a18c1b5549d2f838029e + +# 64 bytes input (CS1 is equivalent to CBC when the last block in full) +Cipher = AES-128-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e +Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840 + +#------------------------------------------------------------------------------- +# Generated test values using an IV. + +# 47 bytes input +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c +Ciphertext = 5432a630742dee7beb70f9f1400ee6a0426da5c54a9990f5ae0b7825f51f0060b557cfb581949a4bdf3bb67dedd472 + +# 47 bytes input +Cipher = AES-128-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69 +IV =000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c +Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472426da5c54a9990f5ae0b7825f51f0060 + +# 127 bytes +Cipher = AES-128-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f7570 +Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472b9fc50e4e7dacf9e3d94b6cc031f9997a22d2fea7e6ef4aba2b717b0fa3f150e5e86e46b9e51c6ea5091a92aa791ce826b2e4fbaaf0e0314939625434b9530ce56f299891a48d26bdc287f54b230340d652a4721bf0f082ede80b6399800a92f + +# 129 bytes +Cipher = AES-128-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e49 +Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472b9fc50e4e7dacf9e3d94b6cc031f9997a22d2fea7e6ef4aba2b717b0fa3f150e5e86e46b9e51c6ea5091a92aa791ce826b2e4fbaaf0e0314939625434b9530ce56f299891a48d26bdc287f54b230340d14fde9fd1098b9b1db788b5868a8d009eeef + +#------------------------------------------------------------------------------- +# 17 Bytes +Cipher = AES-192-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV =000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b652074686520 +Ciphertext = de1b402de8f79f947cc6b5880588d9b6e9 + +# 31 Bytes +Cipher = AES-192-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320 +Ciphertext = dea2b610546f3b1e1d231821e283e153e9de17d6248fb492bdea1fb2e09c8e + +# 32 Bytes +Cipher = AES-192-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = 31d005cc9fea948fed1ba6308dad9dd1e9de17d6248fb492bdea1fb2e09c8e8e + +# 17 Bytes +Cipher = AES-192-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b652074686520 +Ciphertext = de1b402de8f79f947cc6b5880588d9b6e9 + +# 31 Bytes +Cipher = AES-192-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320 +Ciphertext = dea2b610546f3b1e1d231821e283e153e9de17d6248fb492bdea1fb2e09c8e + +# 32 Bytes +Cipher = AES-192-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = e9de17d6248fb492bdea1fb2e09c8e8e31d005cc9fea948fed1ba6308dad9dd1 + +# 17 Bytes +Cipher = AES-192-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b652074686520 +Ciphertext = e9de1b402de8f79f947cc6b5880588d9b6 + +# 31 Bytes +Cipher = AES-192-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320 +Ciphertext = e9de17d6248fb492bdea1fb2e09c8edea2b610546f3b1e1d231821e283e153 + +# 32 Bytes +Cipher = AES-192-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69636869636b656e20 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = e9de17d6248fb492bdea1fb2e09c8e8e31d005cc9fea948fed1ba6308dad9dd1 + +#------------------------------------------------------------------------------- +# 17 Bytes +Cipher = AES-256-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69636869636b656e207465726979616b69 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b652074686520 +Ciphertext = 6b5f5abc21c4d04156c73850da3bba29e9 + +# 31 Bytes +Cipher = AES-256-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69636869636b656e207465726979616b69 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320 +Ciphertext = f22553af78ee4f468f02fbe6f0f2168ee954e79fae9310dc75b6070e1d6253 + +# 32 Bytes +Cipher = AES-256-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69636869636b656e207465726979616b69 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043 +Ciphertext = 2c0463982174df10baa9d8f782c5a5b3e954e79fae9310dc75b6070e1d625346 + +#------------------------------------------------------------------------------ +# Failure tests + +# 15 bytes should fail for CS1 +Cipher = AES-128-CBC-CTS +CTSMode = CS1 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 0102030405060708090A0B0C0D0E0F +Result = CIPHERUPDATE_ERROR + +# 15 bytes should fail for CS2 +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS2 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 0102030405060708090A0B0C0D0E0F +Result = CIPHERUPDATE_ERROR + +# 15 bytes should fail for CS3 +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 0102030405060708090A0B0C0D0E0F +Result = CIPHERUPDATE_ERROR + +# 16 bytes should fail for CS3 (since it always needs 2 blocks). +Cipher = AES-128-CBC-CTS +Availablein = default +CTSMode = CS3 +Key = 636869636b656e207465726979616b69 +IV = 00000000000000000000000000000000 +Plaintext = 0102030405060708090A0B0C0D0E0F00 +Result = CIPHERUPDATE_ERROR |