diff --git a/aes.c b/aes.c
index 6f265a8..f8f34c9 100644
--- a/aes.c
+++ b/aes.c
@@ -317,73 +317,54 @@ void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
int rijndael_test(void)
{
int errno;
-
- static const unsigned char pt128[16] = {
- 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
- 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
- static const unsigned char key128[16] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
- static const unsigned char ct128[16] = {
- 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
- 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a };
-
- static const unsigned char key192[24] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 };
- static const unsigned char ct192[16] = {
- 0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0,
- 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91 };
-
- static const unsigned char key256[32] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f };
- static const unsigned char ct256[16] = {
- 0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf,
- 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89 };
+ static const struct {
+ int keylen;
+ unsigned char key[32], pt[16], ct[16];
+ } tests[] = {
+ { 16,
+ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+ { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
+ { 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
+ 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a }
+ }, {
+ 24,
+ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 },
+ { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
+ { 0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0,
+ 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91 }
+ }, {
+ 32,
+ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
+ { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
+ { 0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf,
+ 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89 }
+ }
+ };
+
symmetric_key key;
unsigned char tmp[2][16];
+ int i;
+
+ for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
+ if ((errno = rijndael_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) {
+ return errno;
+ }
- if ((errno = rijndael_setup(key128, 16, 0, &key)) != CRYPT_OK) {
- return errno;
- }
-
- rijndael_ecb_encrypt(pt128, tmp[0], &key);
- rijndael_ecb_decrypt(tmp[0], tmp[1], &key);
- if (memcmp(tmp[0], ct128, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
- if (memcmp(tmp[1], pt128, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
-
- if ((errno = rijndael_setup(key192, 24, 0, &key)) != CRYPT_OK) {
- return errno;
- }
-
- rijndael_ecb_encrypt(pt128, tmp[0], &key);
- rijndael_ecb_decrypt(tmp[0], tmp[1], &key);
- if (memcmp(tmp[0], ct192, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
- if (memcmp(tmp[1], pt128, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
-
- if ((errno = rijndael_setup(key256, 32, 0, &key)) != CRYPT_OK) {
- return errno;
- }
- rijndael_ecb_encrypt(pt128, tmp[0], &key);
- rijndael_ecb_decrypt(tmp[0], tmp[1], &key);
- if (memcmp(tmp[0], ct256, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
- if (memcmp(tmp[1], pt128, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
+ rijndael_ecb_encrypt(tests[i].pt, tmp[0], &key);
+ rijndael_ecb_decrypt(tmp[0], tmp[1], &key);
+ if (memcmp(tmp[0], tests[i].ct, 16) || memcmp(tmp[1], tests[i].pt, 16)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
+ }
return CRYPT_OK;
}
diff --git a/blowfish.c b/blowfish.c
index e00cec7..431ec7c 100644
--- a/blowfish.c
+++ b/blowfish.c
@@ -634,9 +634,9 @@ int blowfish_test(void)
}
};
unsigned char buf[2][8];
- int x, failed;
+ int x;
- for (x = failed = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
+ for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
/* setup key */
if ((errno = blowfish_setup(tests[x].key, 8, 16, &key)) != CRYPT_OK) {
return errno;
@@ -647,32 +647,11 @@ int blowfish_test(void)
blowfish_ecb_decrypt(buf[0], buf[1], &key);
/* compare */
- if (memcmp(buf[0], tests[x].ct, 8)) {
-#if 0
- int y;
- printf("\nEncrypt test %d failed\n", x);
- for (y = 0; y < 8; y++) printf("%02x ", buf[0][y]);
- printf("\n");
-#endif
- failed = 1;
- }
-
- if (memcmp(buf[1], tests[x].pt, 8)) {
-#if 0
- int y;
- printf("\nDecrypt test %d failed\n", x);
- for (y = 0; y < 8; y++) printf("%02x ", buf[1][y]);
- printf("\n");
-#endif
- failed = 1;
+ if (memcmp(buf[0], tests[x].ct, 8) || memcmp(buf[1], tests[x].pt, 8)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
}
-
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
int blowfish_keysize(int *desired_keysize)
diff --git a/cast5.c b/cast5.c
index 62431d7..336e921 100644
--- a/cast5.c
+++ b/cast5.c
@@ -583,23 +583,8 @@ int cast5_test(void)
return errno;
}
cast5_ecb_encrypt(tests[i].pt, buf, &key);
- if (memcmp(buf, tests[i].ct, 8)) {
-#if 0
- int j;
- printf("\n\n\nFailed encrypt test: %d\n", i);
- for (j = 0; j < 8; j++) printf("%02x ", buf[j]);
- printf("\n");
-#endif
- return CRYPT_FAIL_TESTVECTOR;
- }
cast5_ecb_decrypt(buf, buf2, &key);
- if (memcmp(buf2, tests[i].pt, 8)) {
-#if 0
- int j;
- printf("\n\n\nFailed decrypt test: %d\n", i);
- for (j = 0; j < 8; j++) printf("%02x ", buf2[j]);
- printf("\n");
-#endif
+ if (memcmp(buf, tests[i].ct, 8) || memcmp(buf2, tests[i].pt, 8)) {
return CRYPT_FAIL_TESTVECTOR;
}
diff --git a/changes b/changes
index 5988099..cd8c1f2 100644
--- a/changes
+++ b/changes
@@ -1,3 +1,13 @@
+Nov 25th, 2002
+v0.76 -- Updated makefiles a bit more, use "-Os" instead of "-O2" to optimize for size. Got the lib
+ downto 265KB using GCC 3.2 on my x86 box.
+ -- Updated the SAFER+, Twofish and Rijndael test vector routine to use the table driven design.
+ -- Updated all other test vector routines to return as soon as an error is found
+ -- fixed a bug in the test program where errors in the hash test routines would not be reported
+ correctly. I found this by temporarily changing one of the bytes of the test vectors. All the
+ hashes check out [the demos/test.c would still have reported an error, just the wrong one].
+
+
Nov 24th, 2002
v0.75 -- Fixed a flaw in hash_filehandle, it should ARGCHK that the filehandle is not NULL
-- Fixed a bug where in hash_file if the call to hash_filehandle failed the open file would
diff --git a/crypt.pdf b/crypt.pdf
index b26f720..d76ccc4 100644
Binary files a/crypt.pdf and b/crypt.pdf differ
diff --git a/crypt.tex b/crypt.tex
index eb7df20..fc68be9 100644
--- a/crypt.tex
+++ b/crypt.tex
@@ -44,7 +44,7 @@
\def\gap{\vspace{0.5ex}}
\makeindex
\begin{document}
-\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.75}
+\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.76}
\author{Tom St Denis \\
Algonquin College \\
\\
diff --git a/demos/test.c b/demos/test.c
index 39d966e..ca05e31 100644
--- a/demos/test.c
+++ b/demos/test.c
@@ -307,7 +307,7 @@ void hash_tests(void)
printf("Hash tests\n");
for (x = 0; hash_descriptor[x].name != NULL; x++) {
printf(" %10s (%2d) ", hash_descriptor[x].name, hash_descriptor[x].ID);
- if (hash_descriptor[x].test() != CRYPT_OK)
+ if ((errno = hash_descriptor[x].test()) != CRYPT_OK)
printf("**failed** Reason: %s\n", error_to_string(errno));
else
printf("passed\n");
diff --git a/des.c b/des.c
index 6edda71..ae35bdf 100644
--- a/des.c
+++ b/des.c
@@ -630,7 +630,7 @@ int des_test(void)
http://www.ecs.soton.ac.uk/~prw99r/ez438/vectors.txt
***/
};
- int i, failed=0;
+ int i;
unsigned char out[8];
symmetric_key des;
@@ -646,29 +646,10 @@ int des_test(void)
}
if (memcmp(cases[i].out, out, sizeof out) != 0) {
-#if 0
- int j;
- printf("DES test #%d failed!\n", cases[i].num);
-
- printf( "got: ");
- for (j=0; j < (int)sizeof out; j++) {
- printf("%02x ", out[j] & 0xff);
- }
- printf("\nwanted: ");
- for(j=0; j < (int)sizeof out; j++) {
- printf("%02x ", cases[i].out[j] & 0xff);
- }
- printf("\n");
-#endif
-
- failed++;
+ return CRYPT_FAIL_TESTVECTOR;
}
}
- if(failed > 0) {
- return CRYPT_FAIL_TESTVECTOR;
- }
-
return CRYPT_OK;
}
diff --git a/ecc.c b/ecc.c
index e2cae85..e7ebe7d 100644
--- a/ecc.c
+++ b/ecc.c
@@ -251,8 +251,8 @@ static int dbl_point(ecc_point *P, ecc_point *R, mp_int *modulus)
if (mp_mul_2(&P->y, &tmp) != MP_OKAY) { goto error; } /* tmp = 2*y */
if (mp_invmod(&tmp, modulus, &tmp) != MP_OKAY) { goto error; } /* tmp = 1/tmp mod modulus */
if (mp_sqr(&P->x, &s) != MP_OKAY) { goto error; } /* s = x^2 */
- if (mp_mul_d(&s, 3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) */
- if (mp_sub_d(&s, 3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) - 3 */
+ if (mp_mul_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) */
+ if (mp_sub_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) - 3 */
if (mp_mulmod(&s, &tmp, modulus, &s) != MP_OKAY) { goto error; } /* s = tmp * s mod modulus */
/* Xr = s^2 - 2Xp */
@@ -565,10 +565,11 @@ static int compress_y_point(ecc_point *pt, int idx, int *result)
if (mp_exptmod(&tmp, &tmp2, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = (x^3 - 3x + b)^((p+1)/4) mod p */
/* if tmp equals the y point give a 0, otherwise 1 */
- if (mp_cmp(&tmp, &pt->y) == 0)
+ if (mp_cmp(&tmp, &pt->y) == 0) {
*result = 0;
- else
+ } else {
*result = 1;
+ }
res = CRYPT_OK;
goto done;
diff --git a/makefile b/makefile
index 53de606..48afa64 100644
--- a/makefile
+++ b/makefile
@@ -9,7 +9,7 @@
# a build. This is easy to remedy though, for those that have problems.
# The version
-VERSION=0.75
+VERSION=0.76
#Compiler and Linker Names
CC=gcc
@@ -34,10 +34,10 @@ CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wno-unused -Werror \
-DXCLOCKS_PER_SEC=$(XCLOCKS_PER_SEC)
#optimize for SPEED (comment out SIZE/DEBUG line as well)
-#CFLAGS += -O3 -fomit-frame-pointer -funroll-loops
+#CFLAGS += -O3 -funroll-loops
#optimize for SIZE (comment out SPEED/DEBUG line as well)
-CFLAGS += -O2
+CFLAGS += -Os
#compile for DEBUGGING
#CFLAGS += -g3
diff --git a/makefile.ps2 b/makefile.ps2
index 932a17e..a7cc405 100644
--- a/makefile.ps2
+++ b/makefile.ps2
@@ -51,7 +51,7 @@ CFLAGS += -DNO_FILE
#CFLAGS += -O3 -fomit-frame-pointer -funroll-loops
#optimize for SIZE (comment out SPEED line as well)
-CFLAGS += -O2
+CFLAGS += -Os
#These flags control how the library gets built.
diff --git a/md2.c b/md2.c
index e29db7a..c26fb12 100644
--- a/md2.c
+++ b/md2.c
@@ -180,19 +180,6 @@ int md2_test(void)
md2_process(&md, tests[i].msg, strlen(tests[i].msg));
md2_done(&md, buf);
if (memcmp(buf, tests[i].md, 16)) {
-#if 0
- int j;
- printf("\n\nFailed test %d\n\n", i);
- for (j = 0; j < 16; j++) {
- printf("%02x ", buf[j]);
- }
- printf("\n");
- printf("Should have been\n");
- for (j = 0; j < 16; j++) {
- printf("%02x ", tests[i].md[j]);
- }
- printf("\n");
-#endif
return CRYPT_FAIL_TESTVECTOR;
}
}
diff --git a/md4.c b/md4.c
index bbf2700..6cfaeba 100644
--- a/md4.c
+++ b/md4.c
@@ -249,39 +249,19 @@ int md4_test(void)
{0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19,
0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36} },
};
- int i, failed;
+ int i;
hash_state md;
unsigned char digest[16];
- failed = 0;
for(i = 0; i < (int)(sizeof(cases) / sizeof(cases[0])); i++) {
md4_init(&md);
md4_process(&md, cases[i].input, cases[i].inputlen);
md4_done(&md, digest);
- if(memcmp(digest, cases[i].digest, 16) != 0) {
-#if 0
- int j;
- printf("\nMD4 test #%d failed\n", cases[i].num);
- printf( "Result: 0x");
- for(j=0; j < 16; j++) {
- printf("%2x", digest[j]);
- }
- printf("\nCorrect: 0x");
- for(j=0; j < 16; j++) {
- printf("%2x", cases[i].digest[j]);
- }
- printf("\n");
-#endif
- failed++;
- } else {
-/* printf("MD4 test #%d succeeded.\n", cases[i].num); */
+ if (memcmp(digest, cases[i].digest, 16) != 0) {
+ return CRYPT_FAIL_TESTVECTOR;
}
- }
- if (failed) {
- return CRYPT_FAIL_TESTVECTOR;
}
-
return CRYPT_OK;
}
diff --git a/md5.c b/md5.c
index 2baf1b6..a489f62 100644
--- a/md5.c
+++ b/md5.c
@@ -236,31 +236,19 @@ int md5_test(void)
{ NULL, { 0 } }
};
- int failed, i;
+ int i;
unsigned char tmp[16];
hash_state md;
- for (failed = i = 0; tests[i].msg != NULL; i++) {
+ for (i = 0; tests[i].msg != NULL; i++) {
md5_init(&md);
md5_process(&md, tests[i].msg, strlen(tests[i].msg));
md5_done(&md, tmp);
if (memcmp(tmp, tests[i].hash, 16)) {
-#if 0
- int j;
- printf("MD5 Test %d (len == %d) failed\nGot (as a result): ", i, strlen(tests[i].msg));
- for (j = 0; j < 16; j++) {
- printf("%02x ", tmp[j]);
- }
- printf("\n");
-#endif
- failed = 1;
+ return CRYPT_FAIL_TESTVECTOR;
}
}
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
#endif
diff --git a/mycrypt.h b/mycrypt.h
index 1604854..fc8eeaf 100644
--- a/mycrypt.h
+++ b/mycrypt.h
@@ -13,8 +13,8 @@ extern "C" {
#endif
/* version */
-#define CRYPT 0x0075
-#define SCRYPT "0.75"
+#define CRYPT 0x0076
+#define SCRYPT "0.76"
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
#define MAXBLOCKSIZE 128
diff --git a/notes/tech0002.txt b/notes/tech0002.txt
new file mode 100644
index 0000000..b9990e0
--- /dev/null
+++ b/notes/tech0002.txt
@@ -0,0 +1,52 @@
+Tech Note 0002
+How to avoid non-intrusive timing attacks with online computations
+Tom St Denis
+
+Introduction
+------------
+
+A timing attack is when an attacker can observe a side channel of the device (in this case time). In this tech note
+we consider only non-intrusive timing attacks with respect to online computations. That is an attacker can
+determine when a computation (such as a public key encryption) begins and ends but cannot observe the device
+directly. This is specifically important for applications which transmit data via a public network.
+
+Consider a Diffie-Hellman encryption which requires the sender to make up a public key "y = g^x mod p". Libtomcrypt
+uses the MPI bignum library to perform the operation. The time it takes to compute y is controlled by the number
+of 1 bits in the exponent 'x'. To a large extent there will be the same number of squaring operations. "1" bits in
+the exponent require the sender to perform a multiplication. This means to a certain extent an attacker can
+determine not only the magnitude of 'x' but the number of one bits. With this information the attacker cannot directly
+learn the key used. However, good cryptography mandates the close scrutiny of any practical side channel.
+
+Similar logic applies to the other various routines. Fortunately for this case there is a simple solution. First,
+determine the maximum time the particular operation can require. For instance, on an Athlon 1.53Ghz XP processor a
+DH-768 encryption requires roughly 50 milliseconds. Take that time and round it up. Now place a delay after the call.
+
+For example,
+
+void demo(void) {
+ clock_t t1;
+
+ // get initial clock
+ t1 = clock();
+
+ // some PK function
+
+ // now delay
+ while (clock() < (t1 + 100));
+
+ // transmit data...
+
+}
+
+This code has the effect of taking at least 100 ms always. In effect someone analyzing the traffic will see that the
+operations always take a fixed amount of time. Since no two platforms are the same this type of fix has not been
+incorporated into libtomcrypt (nor is it desired for many platforms). This requires on the developers part to profile
+the code to determine the delays required.
+
+Note that this "quick" fix has no effect against an intrusive attacker. For example, power consumption will drop
+significantly in the loop after the operation. However, this type of fix is more important to secure the user of the
+application/device. For example, a user placing an order online won't try to cheat themselves by cracking open their
+device and performing side-channel cryptanalysis. An attacker over a network might try to use the timing information
+against the user.
+
+
diff --git a/rc2.c b/rc2.c
index c4a8b81..70494b2 100644
--- a/rc2.c
+++ b/rc2.c
@@ -258,11 +258,10 @@ int rc2_test(void)
{ 0x22, 0x69, 0x55, 0x2a, 0xb0, 0xf8, 0x5c, 0xa6 }
}
};
- int x, failed, errno;
+ int x, errno;
symmetric_key skey;
unsigned char buf[2][8];
- failed = 0;
for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
zeromem(buf, sizeof(buf));
if ((errno = rc2_setup(tests[x].key, tests[x].keylen, 0, &skey)) != CRYPT_OK) {
@@ -272,36 +271,11 @@ int rc2_test(void)
rc2_ecb_encrypt(tests[x].pt, buf[0], &skey);
rc2_ecb_decrypt(buf[0], buf[1], &skey);
- if (memcmp(buf[0], tests[x].ct, 8)) {
-#if 0
- int y;
- printf("\nTest %d failed to encrypt\n", x);
- for (y = 0; y < 8; y++) {
- printf("%02x ", buf[0][y]);
- }
- printf("\n");
-#endif
- failed = 1;
- }
-
- if (memcmp(buf[1], tests[x].pt, 8)) {
-#if 0
- int y;
- printf("\nTest %d failed to decrypt\n", x);
- for (y = 0; y < 8; y++) {
- printf("%02x ", buf[1][y]);
- }
- printf("\n");
-#endif
- failed = 1;
+ if (memcmp(buf[0], tests[x].ct, 8) || memcmp(buf[1], tests[x].pt, 8)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
}
-
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
int rc2_keysize(int *keysize)
diff --git a/rc5.c b/rc5.c
index d699ba6..82866d3 100644
--- a/rc5.c
+++ b/rc5.c
@@ -175,10 +175,10 @@ int rc5_test(void)
}
};
unsigned char buf[2][8];
- int x, failed, errno;
+ int x, errno;
symmetric_key key;
- for (x = failed = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
+ for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
/* setup key */
if ((errno = rc5_setup(tests[x].key, 16, 12, &key)) != CRYPT_OK) {
return errno;
@@ -189,32 +189,11 @@ int rc5_test(void)
rc5_ecb_decrypt(buf[0], buf[1], &key);
/* compare */
- if (memcmp(buf[0], tests[x].ct, 8)) {
-#if 0
- int y;
- printf("\nEncrypt test %d failed\n", x);
- for (y = 0; y < 8; y++) printf("%02x ", buf[0][y]);
- printf("\n");
-#endif
- failed = 1;
- }
-
- if (memcmp(buf[1], tests[x].pt, 8)) {
-#if 0
- int y;
- printf("\nDecrypt test %d failed\n", x);
- for (y = 0; y < 8; y++) printf("%02x ", buf[1][y]);
- printf("\n");
-#endif
- failed = 1;
+ if (memcmp(buf[0], tests[x].ct, 8) || memcmp(buf[1], tests[x].pt, 8)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
}
-
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
int rc5_keysize(int *desired_keysize)
diff --git a/rc6.c b/rc6.c
index fc7aacd..14fb74b 100644
--- a/rc6.c
+++ b/rc6.c
@@ -195,10 +195,10 @@ int rc6_test(void)
}
};
unsigned char buf[2][16];
- int x, failed, errno;
+ int x, errno;
symmetric_key key;
- for (x = failed = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
+ for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
/* setup key */
if ((errno = rc6_setup(tests[x].key, tests[x].keylen, 0, &key)) != CRYPT_OK) {
return errno;
@@ -209,32 +209,11 @@ int rc6_test(void)
rc6_ecb_decrypt(buf[0], buf[1], &key);
/* compare */
- if (memcmp(buf[0], tests[x].ct, 16)) {
-#if 0
- int y;
- printf("\nEncrypt test %d failed\n", x);
- for (y = 0; y < 16; y++) printf("%02x ", buf[0][y]);
- printf("\n");
-#endif
- failed = 1;
- }
-
- if (memcmp(buf[1], tests[x].pt, 16)) {
-#if 0
- int y;
- printf("\nDecrypt test %d failed\n", x);
- for (y = 0; y < 16; y++) printf("%02x ", buf[1][y]);
- printf("\n");
-#endif
- failed = 1;
+ if (memcmp(buf[0], tests[x].ct, 16) || memcmp(buf[1], tests[x].pt, 16)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
}
-
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
int rc6_keysize(int *desired_keysize)
diff --git a/safer+.c b/safer+.c
index 13254b7..6c1086a 100644
--- a/safer+.c
+++ b/safer+.c
@@ -407,77 +407,55 @@ void saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_ke
int saferp_test(void)
{
- static const unsigned char key128[16] =
- { 41, 35, 190, 132, 225, 108, 214, 174,
- 82, 144, 73, 241, 241, 187, 233, 235 };
- static const unsigned char pt128[16] =
- { 179, 166, 219, 60, 135, 12, 62, 153,
- 36, 94, 13, 28, 6, 183, 71, 222 };
- static const unsigned char ct128[16] =
- { 224, 31, 182, 10, 12, 255, 84, 70,
- 127, 13, 89, 249, 9, 57, 165, 220 };
-
- static const unsigned char key192[24] =
- { 72, 211, 143, 117, 230, 217, 29, 42,
- 229, 192, 247, 43, 120, 129, 135, 68,
- 14, 95, 80, 0, 212, 97, 141, 190 };
- static const unsigned char pt192[16] =
- { 123, 5, 21, 7, 59, 51, 130, 31,
- 24, 112, 146, 218, 100, 84, 206, 177 };
- static const unsigned char ct192[16] =
- { 92, 136, 4, 63, 57, 95, 100, 0,
- 150, 130, 130, 16, 193, 111, 219, 133 };
-
- static const unsigned char key256[32] =
- { 243, 168, 141, 254, 190, 242, 235, 113,
- 255, 160, 208, 59, 117, 6, 140, 126,
- 135, 120, 115, 77, 208, 190, 130, 190,
- 219, 194, 70, 65, 43, 140, 250, 48 };
- static const unsigned char pt256[16] =
- { 127, 112, 240, 167, 84, 134, 50, 149,
- 170, 91, 104, 19, 11, 230, 252, 245 };
- static const unsigned char ct256[16] =
- { 88, 11, 25, 36, 172, 229, 202, 213,
- 170, 65, 105, 153, 220, 104, 153, 138 };
+ static const struct {
+ int keylen;
+ unsigned char key[32], pt[16], ct[16];
+ } tests[] = {
+ {
+ 16,
+ { 41, 35, 190, 132, 225, 108, 214, 174,
+ 82, 144, 73, 241, 241, 187, 233, 235 },
+ { 179, 166, 219, 60, 135, 12, 62, 153,
+ 36, 94, 13, 28, 6, 183, 71, 222 },
+ { 224, 31, 182, 10, 12, 255, 84, 70,
+ 127, 13, 89, 249, 9, 57, 165, 220 }
+ }, {
+ 24,
+ { 72, 211, 143, 117, 230, 217, 29, 42,
+ 229, 192, 247, 43, 120, 129, 135, 68,
+ 14, 95, 80, 0, 212, 97, 141, 190 },
+ { 123, 5, 21, 7, 59, 51, 130, 31,
+ 24, 112, 146, 218, 100, 84, 206, 177 },
+ { 92, 136, 4, 63, 57, 95, 100, 0,
+ 150, 130, 130, 16, 193, 111, 219, 133 }
+ }, {
+ 32,
+ { 243, 168, 141, 254, 190, 242, 235, 113,
+ 255, 160, 208, 59, 117, 6, 140, 126,
+ 135, 120, 115, 77, 208, 190, 130, 190,
+ 219, 194, 70, 65, 43, 140, 250, 48 },
+ { 127, 112, 240, 167, 84, 134, 50, 149,
+ 170, 91, 104, 19, 11, 230, 252, 245 },
+ { 88, 11, 25, 36, 172, 229, 202, 213,
+ 170, 65, 105, 153, 220, 104, 153, 138 }
+ }
+ };
unsigned char buf[2][16];
symmetric_key skey;
- int errno;
+ int errno, i;
- /* test 128-bit key */
- if ((errno = saferp_setup(key128, 16, 0, &skey)) != CRYPT_OK) {
- return errno;
- }
- saferp_ecb_encrypt(pt128, buf[0], &skey);
- saferp_ecb_decrypt(buf[0], buf[1], &skey);
+ for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
+ if ((errno = saferp_setup(tests[i].key, tests[i].keylen, 0, &skey)) != CRYPT_OK) {
+ return errno;
+ }
+ saferp_ecb_encrypt(tests[i].pt, buf[0], &skey);
+ saferp_ecb_decrypt(buf[0], buf[1], &skey);
- /* compare */
- if (memcmp(buf[0], &ct128, 16) || memcmp(buf[1], &pt128, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
-
- /* test 192-bit key */
- if ((errno = saferp_setup(key192, 24, 0, &skey)) != CRYPT_OK) {
- return errno;
- }
- saferp_ecb_encrypt(pt192, buf[0], &skey);
- saferp_ecb_decrypt(buf[0], buf[1], &skey);
-
- /* compare */
- if (memcmp(buf[0], &ct192, 16) || memcmp(buf[1], &pt192, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
-
- /* test 256-bit key */
- if ((errno = saferp_setup(key256, 32, 0, &skey)) != CRYPT_OK) {
- return errno;
- }
- saferp_ecb_encrypt(pt256, buf[0], &skey);
- saferp_ecb_decrypt(buf[0], buf[1], &skey);
-
- /* compare */
- if (memcmp(buf[0], &ct256, 16) || memcmp(buf[1], &pt256, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
+ /* compare */
+ if (memcmp(buf[0], tests[i].ct, 16) || memcmp(buf[1], tests[i].pt, 16)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
}
return CRYPT_OK;
diff --git a/serpent.c b/serpent.c
index 05902e5..b3f8ef7 100644
--- a/serpent.c
+++ b/serpent.c
@@ -661,10 +661,10 @@ int serpent_test(void)
};
unsigned char buf[2][16];
- int x, failed, errno;
+ int x, errno;
symmetric_key key;
- for (x = failed = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
+ for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
/* setup key */
if ((errno = serpent_setup(tests[x].key, tests[x].keylen, 0, &key))!= CRYPT_OK) {
return errno;
@@ -675,32 +675,11 @@ int serpent_test(void)
serpent_ecb_decrypt(buf[0], buf[1], &key);
/* compare */
- if (memcmp(buf[0], tests[x].ct, 16)) {
-#if 0
- int y;
- printf("\nEncrypt test %d failed\n", x);
- for (y = 0; y < 16; y++) printf("%02x ", buf[0][y]);
- printf("\n");
-#endif
- failed = 1;
- }
-
- if (memcmp(buf[1], tests[x].pt, 16)) {
-#if 0
- int y;
- printf("\nDecrypt test %d failed\n", x);
- for (y = 0; y < 16; y++) printf("%02x ", buf[1][y]);
- printf("\n");
-#endif
- failed = 1;
+ if (memcmp(buf[0], tests[x].ct, 16) || memcmp(buf[1], tests[x].pt, 16)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
}
-
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
int serpent_keysize(int *desired_keysize)
diff --git a/sha1.c b/sha1.c
index 4e5e07d..f27a536 100644
--- a/sha1.c
+++ b/sha1.c
@@ -196,35 +196,22 @@ int sha1_test(void)
{ 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E,
0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5,
0xE5, 0x46, 0x70, 0xF1 }
- },
- { NULL, { 0 }}
+ }
};
- int failed, i;
+ int i;
unsigned char tmp[20];
hash_state md;
- for (failed = i = 0; tests[i].msg != NULL; i++) {
+ for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
sha1_init(&md);
sha1_process(&md, tests[i].msg, strlen(tests[i].msg));
sha1_done(&md, tmp);
if (memcmp(tmp, tests[i].hash, 20)) {
-#if 0
- int j;
- printf("\nSHA-1 Test %d failed\nGot (as a result): ", i);
- for (j = 0; j < 20; j++) {
- printf("%02x ", tmp[j]);
- }
- printf("\n");
-#endif
- failed = 1;
+ return CRYPT_FAIL_TESTVECTOR;
}
}
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
#endif
diff --git a/sha256.c b/sha256.c
index b54421d..a38f7e9 100644
--- a/sha256.c
+++ b/sha256.c
@@ -32,7 +32,7 @@ static const unsigned long K[64] = {
};
/* Various logical functions */
-#define Ch(x,y,z) ((x & y) ^ (~x & z))
+#define Ch(x,y,z) ((x & y) | (~x & z))
#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
#define S(x, n) ROR((x),(n))
#define R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
@@ -194,34 +194,21 @@ int sha256_test(void)
0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }
},
- { NULL, { 0 } }
};
- int failed, i;
+ int i;
unsigned char tmp[32];
hash_state md;
- for (failed = i = 0; tests[i].msg != NULL; i++) {
+ for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
sha256_init(&md);
sha256_process(&md, tests[i].msg, strlen(tests[i].msg));
sha256_done(&md, tmp);
if (memcmp(tmp, tests[i].hash, 32)) {
-#if 0
- int j;
- printf("\nSHA-256 Test %d failed\nGot (as a result): ", i);
- for (j = 0; j < 32; j++) {
- printf("%02x ", tmp[j]);
- }
- printf("\n");
-#endif
- failed = 1;
+ return CRYPT_FAIL_TESTVECTOR;
}
}
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
#endif
diff --git a/sha384.c b/sha384.c
index 4c4f492..72835e9 100644
--- a/sha384.c
+++ b/sha384.c
@@ -71,34 +71,21 @@ int sha384_test(void)
0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9,
0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39 }
},
- { NULL, { 0 }}
};
- int failed, i;
+ int i;
unsigned char tmp[48];
hash_state md;
- for (failed = i = 0; tests[i].msg != NULL; i++) {
+ for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
sha384_init(&md);
sha384_process(&md, tests[i].msg, strlen(tests[i].msg));
sha384_done(&md, tmp);
if (memcmp(tmp, tests[i].hash, 48)) {
-#if 0
- int j;
- printf("\nSHA-384 Test %d failed\nGot (as a result): ", i);
- for (j = 0; j < 48; j++) {
- printf("%02x ", tmp[j]);
- }
- printf("\n");
-#endif
- failed = 1;
+ return CRYPT_FAIL_TESTVECTOR;
}
}
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
diff --git a/sha512.c b/sha512.c
index ecb3107..dfeaf54 100644
--- a/sha512.c
+++ b/sha512.c
@@ -59,7 +59,7 @@ CONST64(0x5fcb6fab3ad6faec), CONST64(0x6c44198c4a475817)
};
/* Various logical functions */
-#define Ch(x,y,z) ((x & y) ^ (~x & z))
+#define Ch(x,y,z) ((x & y) | (~x & z))
#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
#define S(x, n) ROR64((x),(n))
#define R(x, n) (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)n))
@@ -232,34 +232,21 @@ int sha512_test(void)
0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 }
},
- { NULL, { 0 }}
};
- int failed, i;
+ int i;
unsigned char tmp[64];
hash_state md;
- for (failed = i = 0; tests[i].msg != NULL; i++) {
+ for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
sha512_init(&md);
sha512_process(&md, tests[i].msg, strlen(tests[i].msg));
sha512_done(&md, tmp);
if (memcmp(tmp, tests[i].hash, 64)) {
-#if 0
- int j;
- printf("\nSHA-512 Test %d failed\nGot (as a result): ", i);
- for (j = 0; j < 64; j++) {
- printf("%02x ", tmp[j]);
- }
- printf("\n");
-#endif
- failed = 1;
+ return CRYPT_FAIL_TESTVECTOR;
}
}
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
#ifdef SHA384
diff --git a/tiger.c b/tiger.c
index 07fb3ce..2b685e2 100644
--- a/tiger.c
+++ b/tiger.c
@@ -718,34 +718,21 @@ int tiger_test(void)
0x58, 0x48, 0xa7, 0xe0, 0xae, 0x6a, 0xac, 0x76,
0xe4, 0xff, 0x59, 0x0a, 0xe7, 0x15, 0xfd, 0x25 }
},
- { NULL, { 0 }}
};
- int failed, i;
+ int i;
unsigned char tmp[24];
hash_state md;
- for (failed = i = 0; tests[i].msg != NULL; i++) {
+ for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
tiger_init(&md);
tiger_process(&md, tests[i].msg, strlen(tests[i].msg));
tiger_done(&md, tmp);
if (memcmp(tmp, tests[i].hash, 24)) {
-#if 0
- int j;
- printf("\nTIGER-192 Test %d failed\nGot (as a result): ", i);
- for (j = 0; j < 24; j++) {
- printf("%02x ", tmp[j]);
- }
- printf("\n");
-#endif
- failed = 1;
+ return CRYPT_FAIL_TESTVECTOR;
}
}
- if (failed == 1) {
- return CRYPT_FAIL_TESTVECTOR;
- } else {
- return CRYPT_OK;
- }
+ return CRYPT_OK;
}
#endif
diff --git a/twofish.c b/twofish.c
index b057c6e..eafd458 100644
--- a/twofish.c
+++ b/twofish.c
@@ -225,9 +225,9 @@ static unsigned long sbox(int i, unsigned long x)
burn_stack(sizeof(unsigned char) * 11);
return y;
}
-#endif
+#endif /* CLEAN_STACK */
-#endif
+#endif /* TWOFISH_TABLES */
/* computes ab mod p */
static unsigned long gf_mult(unsigned long a, unsigned long b, unsigned long p)
@@ -637,70 +637,54 @@ void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
int twofish_test(void)
{
- static const unsigned char key128[16] = {
- 0x9F, 0x58, 0x9F, 0x5C, 0xF6, 0x12, 0x2C, 0x32,
- 0xB6, 0xBF, 0xEC, 0x2F, 0x2A, 0xE8, 0xC3, 0x5A };
- static const unsigned char pt128[16] = {
- 0xD4, 0x91, 0xDB, 0x16, 0xE7, 0xB1, 0xC3, 0x9E,
- 0x86, 0xCB, 0x08, 0x6B, 0x78, 0x9F, 0x54, 0x19 };
- static const unsigned char ct128[16] = {
- 0x01, 0x9F, 0x98, 0x09, 0xDE, 0x17, 0x11, 0x85,
- 0x8F, 0xAA, 0xC3, 0xA3, 0xBA, 0x20, 0xFB, 0xC3 };
+ static const struct {
+ int keylen;
+ unsigned char key[32], pt[16], ct[16];
+ } tests[] = {
+ { 16,
+ { 0x9F, 0x58, 0x9F, 0x5C, 0xF6, 0x12, 0x2C, 0x32,
+ 0xB6, 0xBF, 0xEC, 0x2F, 0x2A, 0xE8, 0xC3, 0x5A },
+ { 0xD4, 0x91, 0xDB, 0x16, 0xE7, 0xB1, 0xC3, 0x9E,
+ 0x86, 0xCB, 0x08, 0x6B, 0x78, 0x9F, 0x54, 0x19 },
+ { 0x01, 0x9F, 0x98, 0x09, 0xDE, 0x17, 0x11, 0x85,
+ 0x8F, 0xAA, 0xC3, 0xA3, 0xBA, 0x20, 0xFB, 0xC3 }
+ }, {
+ 24,
+ { 0x88, 0xB2, 0xB2, 0x70, 0x6B, 0x10, 0x5E, 0x36,
+ 0xB4, 0x46, 0xBB, 0x6D, 0x73, 0x1A, 0x1E, 0x88,
+ 0xEF, 0xA7, 0x1F, 0x78, 0x89, 0x65, 0xBD, 0x44 },
+ { 0x39, 0xDA, 0x69, 0xD6, 0xBA, 0x49, 0x97, 0xD5,
+ 0x85, 0xB6, 0xDC, 0x07, 0x3C, 0xA3, 0x41, 0xB2 },
+ { 0x18, 0x2B, 0x02, 0xD8, 0x14, 0x97, 0xEA, 0x45,
+ 0xF9, 0xDA, 0xAC, 0xDC, 0x29, 0x19, 0x3A, 0x65 }
+ }, {
+ 32,
+ { 0xD4, 0x3B, 0xB7, 0x55, 0x6E, 0xA3, 0x2E, 0x46,
+ 0xF2, 0xA2, 0x82, 0xB7, 0xD4, 0x5B, 0x4E, 0x0D,
+ 0x57, 0xFF, 0x73, 0x9D, 0x4D, 0xC9, 0x2C, 0x1B,
+ 0xD7, 0xFC, 0x01, 0x70, 0x0C, 0xC8, 0x21, 0x6F },
+ { 0x90, 0xAF, 0xE9, 0x1B, 0xB2, 0x88, 0x54, 0x4F,
+ 0x2C, 0x32, 0xDC, 0x23, 0x9B, 0x26, 0x35, 0xE6 },
+ { 0x6C, 0xB4, 0x56, 0x1C, 0x40, 0xBF, 0x0A, 0x97,
+ 0x05, 0x93, 0x1C, 0xB6, 0xD4, 0x08, 0xE7, 0xFA }
+ }
+};
- static const unsigned char key192[24] = {
- 0x88, 0xB2, 0xB2, 0x70, 0x6B, 0x10, 0x5E, 0x36,
- 0xB4, 0x46, 0xBB, 0x6D, 0x73, 0x1A, 0x1E, 0x88,
- 0xEF, 0xA7, 0x1F, 0x78, 0x89, 0x65, 0xBD, 0x44 };
- static const unsigned char pt192[16] = {
- 0x39, 0xDA, 0x69, 0xD6, 0xBA, 0x49, 0x97, 0xD5,
- 0x85, 0xB6, 0xDC, 0x07, 0x3C, 0xA3, 0x41, 0xB2 };
- static const unsigned char ct192[16] = {
- 0x18, 0x2B, 0x02, 0xD8, 0x14, 0x97, 0xEA, 0x45,
- 0xF9, 0xDA, 0xAC, 0xDC, 0x29, 0x19, 0x3A, 0x65 };
-
- static const unsigned char key256[32] = {
- 0xD4, 0x3B, 0xB7, 0x55, 0x6E, 0xA3, 0x2E, 0x46,
- 0xF2, 0xA2, 0x82, 0xB7, 0xD4, 0x5B, 0x4E, 0x0D,
- 0x57, 0xFF, 0x73, 0x9D, 0x4D, 0xC9, 0x2C, 0x1B,
- 0xD7, 0xFC, 0x01, 0x70, 0x0C, 0xC8, 0x21, 0x6F };
- static const unsigned char pt256[16] = {
- 0x90, 0xAF, 0xE9, 0x1B, 0xB2, 0x88, 0x54, 0x4F,
- 0x2C, 0x32, 0xDC, 0x23, 0x9B, 0x26, 0x35, 0xE6 };
- static const unsigned char ct256[16] = {
- 0x6C, 0xB4, 0x56, 0x1C, 0x40, 0xBF, 0x0A, 0x97,
- 0x05, 0x93, 0x1C, 0xB6, 0xD4, 0x08, 0xE7, 0xFA };
symmetric_key key;
unsigned char tmp[2][16];
- int errno;
-
- if ((errno = twofish_setup(key128, 16, 0, &key)) != CRYPT_OK) {
- return errno;
- }
- twofish_ecb_encrypt(pt128, tmp[0], &key);
- twofish_ecb_decrypt(tmp[0], tmp[1], &key);
- if (memcmp(tmp[0], ct128, 16) || memcmp(tmp[1], pt128, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
+ int errno, i;
- if ((errno = twofish_setup(key192, 24, 0, &key)) != CRYPT_OK) {
- return errno;
- }
- twofish_ecb_encrypt(pt192, tmp[0], &key);
- twofish_ecb_decrypt(tmp[0], tmp[1], &key);
- if (memcmp(tmp[0], ct192, 16) || memcmp(tmp[1], pt192, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
-
- if ((errno = twofish_setup(key256, 32, 0, &key)) != CRYPT_OK) {
- return errno;
- }
- twofish_ecb_encrypt(pt256, tmp[0], &key);
- twofish_ecb_decrypt(tmp[0], tmp[1], &key);
- if (memcmp(tmp[0], ct256, 16) || memcmp(tmp[1], pt256, 16)) {
- return CRYPT_FAIL_TESTVECTOR;
- }
-
+ for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
+ if ((errno = twofish_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) {
+ return errno;
+ }
+ twofish_ecb_encrypt(tests[i].pt, tmp[0], &key);
+ twofish_ecb_decrypt(tmp[0], tmp[1], &key);
+ if (memcmp(tmp[0], tests[i].ct, 16) || memcmp(tmp[1], tests[i].pt, 16)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
+ }
return CRYPT_OK;
}