Re: [PATCH] tcrypt: add self test for des3_ebe cipher operating in cbc mode

[Neil Horman <nhorman@xxxxxxxxxxxxx>]

On Sun, Jun 01, 2008 at 03:10:14AM +0200, Adrian-Ken Rueegsegger wrote:
> Neil Horman wrote:
> > On Sat, May 24, 2008 at 10:06:25AM +1000, Herbert Xu wrote:
> >> Could you document the source of these vectors in the patch
> >> description please?
> > 
> > Sure, reposting
> > 
> > Patch to add checking  of DES3 test vectors using CBC mode.  FIPS-140-2
> > compliance mandates that any supported mode of operation must include a self
> > test.  This satisfies that requirement for cbc(des3_ede).  The included test
> > vector was generated by me using openssl.  Key/IV was generated with the
> > following command: 
> > openssl enc -des_ede_cbc -P
> > input and output values were generated by repeating the string "Too many
> > secrets" a few times over, truncating it to 128 bytes, and encrypting it with
> > openssl using the aformentioned key.  Tested successfully by myself
> 
> These tests both seem to fail on my machine. Did you verify that the tests pass succesfully?
> 
> -Adrian
> 
Yes, of course I did.  I clearly indicated that I did in my commit message
above.  I just verified on a separate system as well.  You had mentioned that
some of the standard NIST vectors that you obtained were failing on your system
as well, is something perhaps misconfigured in your kernel build?  Mind you I
can't imagine what that would be, and if it were just my vectors that were
failing for you I could imagine I missed something that would work in my testing
but fail in yours, but if standard vectors are failing it seems something else
might be wrong


Regards
Neil


> > 
> > Regards
> > Neil
> > 
> > 
> > Signed-off-by: Neil Horman <nhorman@xxxxxxxxxxxxx>
> > 
> > 
> > tcrypt.c |    8 +++++
> > tcrypt.h |   93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
> > 2 files changed, 98 insertions(+), 3 deletions(-)
> > 
> > diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
> > index 6beabc5..649a8e4 100644
> > --- a/crypto/tcrypt.c
> > +++ b/crypto/tcrypt.c
> > @@ -1180,6 +1180,14 @@ static void do_test(void)
> >  		test_cipher("ecb(des3_ede)", DECRYPT, des3_ede_dec_tv_template,
> >  			    DES3_EDE_DEC_TEST_VECTORS);
> >  
> > +		test_cipher("cbc(des3_ede)", ENCRYPT,
> > +			    des3_ede_cbc_enc_tv_template,
> > +			    DES3_EDE_CBC_ENC_TEST_VECTORS);
> > +
> > +		test_cipher("cbc(des3_ede)", DECRYPT,
> > +			    des3_ede_cbc_dec_tv_template,
> > +			    DES3_EDE_CBC_DEC_TEST_VECTORS);
> > +
> >  		test_hash("md4", md4_tv_template, MD4_TEST_VECTORS);
> >  
> >  		test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS);
> > diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h
> > index 47bc0ec..8893733 100644
> > --- a/crypto/tcrypt.h
> > +++ b/crypto/tcrypt.h
> > @@ -1442,6 +1442,8 @@ static struct hash_testvec hmac_sha512_tv_template[] = {
> >  #define DES_CBC_DEC_TEST_VECTORS	4
> >  #define DES3_EDE_ENC_TEST_VECTORS	3
> >  #define DES3_EDE_DEC_TEST_VECTORS	3
> > +#define DES3_EDE_CBC_ENC_TEST_VECTORS	1
> > +#define DES3_EDE_CBC_DEC_TEST_VECTORS	1
> >  
> >  static struct cipher_testvec des_enc_tv_template[] = {
> >  	{ /* From Applied Cryptography */
> > @@ -1680,9 +1682,6 @@ static struct cipher_testvec des_cbc_dec_tv_template[] = {
> >  	},
> >  };
> >  
> > -/*
> > - * We really need some more test vectors, especially for DES3 CBC.
> > - */
> >  static struct cipher_testvec des3_ede_enc_tv_template[] = {
> >  	{ /* These are from openssl */
> >  		.key	= "\x01\x23\x45\x67\x89\xab\xcd\xef"
> > @@ -1745,6 +1744,94 @@ static struct cipher_testvec des3_ede_dec_tv_template[] = {
> >  	},
> >  };
> >  
> > +static struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
> > +	{ /* Generated from openssl */
> > +		.key	= "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
> > +			  "\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
> > +			  "\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
> > +		.klen	= 24,
> > +		.iv	= "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
> > +		.input	= "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
> > +			  "\x53\x20\x63\x65\x65\x72\x73\x74"
> > +			  "\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
> > +			  "\x20\x79\x65\x53\x72\x63\x74\x65"
> > +			  "\x20\x73\x6f\x54\x20\x6f\x61\x4d"
> > +			  "\x79\x6e\x53\x20\x63\x65\x65\x72"
> > +			  "\x73\x74\x54\x20\x6f\x6f\x4d\x20"
> > +			  "\x6e\x61\x20\x79\x65\x53\x72\x63"
> > +			  "\x74\x65\x20\x73\x6f\x54\x20\x6f"
> > +			  "\x61\x4d\x79\x6e\x53\x20\x63\x65"
> > +			  "\x65\x72\x73\x74\x54\x20\x6f\x6f"
> > +			  "\x4d\x20\x6e\x61\x20\x79\x65\x53"
> > +			  "\x72\x63\x74\x65\x20\x73\x6f\x54"
> > +			  "\x20\x6f\x61\x4d\x79\x6e\x53\x20"
> > +			  "\x63\x65\x65\x72\x73\x74\x54\x20"
> > +			  "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
> > +		.ilen	= 128,
> > +		.result = "\x15\x8d\x5d\x34\x1b\x3f\xda\xda"
> > +			  "\x4f\xce\x21\x82\x12\x54\x21\x0d"
> > +			  "\xb2\x36\xda\xcc\xff\xb2\xff\x79"
> > +			  "\x30\xe9\x95\xf4\x52\xf6\xf1\x43"
> > +			  "\xf2\x88\xe1\x1c\x42\xa1\x6a\x11"
> > +			  "\xda\x8f\xbd\x94\x5e\xe5\xa8\x43"
> > +			  "\xe4\x4f\xbd\x0d\x1e\x67\xa1\x89"
> > +			  "\x9a\x4e\x66\x62\x50\xb3\x07\x3e"
> > +			  "\xc8\xc1\x87\x3d\x96\x62\xf7\xe7"
> > +			  "\x96\x15\xa8\x34\xb6\x94\x1a\x17"
> > +			  "\x05\xde\x62\xd6\xd8\x73\xd6\xb4"
> > +			  "\x24\x1f\x57\xb6\x80\x9a\x65\x50"
> > +			  "\xa0\xee\x2f\x8b\x4c\x80\x86\xfb"
> > +			  "\xbb\xda\xa0\xa2\x4b\x49\x6c\x72"
> > +			  "\x69\x83\xe9\xaa\x92\x56\x33\x95"
> > +			  "\xbc\x80\x88\x04\xde\xd5\x74\x9f",
> > +		.rlen	= 128,
> > +	},
> > +};
> > +
> > +static struct cipher_testvec des3_ede_cbc_dec_tv_template[] = {
> > +	{ /* Generated from openssl */
> > +		.key	= "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
> > +			  "\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
> > +			  "\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
> > +		.klen	= 24,
> > +		.iv	= "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
> > +		.input =  "\x15\x8d\x5d\x34\x1b\x3f\xda\xda"
> > +			  "\x4f\xce\x21\x82\x12\x54\x21\x0d"
> > +			  "\xb2\x36\xda\xcc\xff\xb2\xff\x79"
> > +			  "\x30\xe9\x95\xf4\x52\xf6\xf1\x43"
> > +			  "\xf2\x88\xe1\x1c\x42\xa1\x6a\x11"
> > +			  "\xda\x8f\xbd\x94\x5e\xe5\xa8\x43"
> > +			  "\xe4\x4f\xbd\x0d\x1e\x67\xa1\x89"
> > +			  "\x9a\x4e\x66\x62\x50\xb3\x07\x3e"
> > +			  "\xc8\xc1\x87\x3d\x96\x62\xf7\xe7"
> > +			  "\x96\x15\xa8\x34\xb6\x94\x1a\x17"
> > +			  "\x05\xde\x62\xd6\xd8\x73\xd6\xb4"
> > +			  "\x24\x1f\x57\xb6\x80\x9a\x65\x50"
> > +			  "\xa0\xee\x2f\x8b\x4c\x80\x86\xfb"
> > +			  "\xbb\xda\xa0\xa2\x4b\x49\x6c\x72"
> > +			  "\x69\x83\xe9\xaa\x92\x56\x33\x95"
> > +			  "\xbc\x80\x88\x04\xde\xd5\x74\x9f",
> > +		.ilen	= 128,
> > +		.result	= "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
> > +			  "\x53\x20\x63\x65\x65\x72\x73\x74"
> > +			  "\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
> > +			  "\x20\x79\x65\x53\x72\x63\x74\x65"
> > +			  "\x20\x73\x6f\x54\x20\x6f\x61\x4d"
> > +			  "\x79\x6e\x53\x20\x63\x65\x65\x72"
> > +			  "\x73\x74\x54\x20\x6f\x6f\x4d\x20"
> > +			  "\x6e\x61\x20\x79\x65\x53\x72\x63"
> > +			  "\x74\x65\x20\x73\x6f\x54\x20\x6f"
> > +			  "\x61\x4d\x79\x6e\x53\x20\x63\x65"
> > +			  "\x65\x72\x73\x74\x54\x20\x6f\x6f"
> > +			  "\x4d\x20\x6e\x61\x20\x79\x65\x53"
> > +			  "\x72\x63\x74\x65\x20\x73\x6f\x54"
> > +			  "\x20\x6f\x61\x4d\x79\x6e\x53\x20"
> > +			  "\x63\x65\x65\x72\x73\x74\x54\x20"
> > +			  "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
> > +		.rlen	= 128,
> > +	},
> > +};
> > +
> >  /*
> >   * Blowfish test vectors.
> >   */
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> > the body of a message to majordomo@xxxxxxxxxxxxxxx
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html