xref: /openbsd-src/regress/lib/libcrypto/aes/aes_test.c (revision 31f5e83b1ebc7530d7ca9b949a7f43cbb335af01)
1*31f5e83bStb /*	$OpenBSD: aes_test.c,v 1.3 2023/09/28 08:21:43 tb Exp $ */
207fd6877Sjoshua /*
307fd6877Sjoshua  * Copyright (c) 2022 Joshua Sing <joshua@hypera.dev>
407fd6877Sjoshua  *
507fd6877Sjoshua  * Permission to use, copy, modify, and distribute this software for any
607fd6877Sjoshua  * purpose with or without fee is hereby granted, provided that the above
707fd6877Sjoshua  * copyright notice and this permission notice appear in all copies.
807fd6877Sjoshua  *
907fd6877Sjoshua  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
1007fd6877Sjoshua  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
1107fd6877Sjoshua  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
1207fd6877Sjoshua  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
1307fd6877Sjoshua  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
1407fd6877Sjoshua  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1507fd6877Sjoshua  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1607fd6877Sjoshua  */
1707fd6877Sjoshua 
1807fd6877Sjoshua #include <openssl/evp.h>
1907fd6877Sjoshua #include <openssl/aes.h>
2007fd6877Sjoshua 
2107fd6877Sjoshua #include <stdint.h>
2207fd6877Sjoshua #include <string.h>
2307fd6877Sjoshua 
2407fd6877Sjoshua struct aes_test {
2507fd6877Sjoshua 	const int mode;
2607fd6877Sjoshua 	const uint8_t key[64];
2707fd6877Sjoshua 	const uint8_t iv[64];
2807fd6877Sjoshua 	const int iv_len;
2907fd6877Sjoshua 	const uint8_t in[64];
3007fd6877Sjoshua 	const int in_len;
3107fd6877Sjoshua 	const uint8_t out[64];
3207fd6877Sjoshua 	const int out_len;
3307fd6877Sjoshua 	const int padding;
3407fd6877Sjoshua };
3507fd6877Sjoshua 
3607fd6877Sjoshua static const struct aes_test aes_tests[] = {
3707fd6877Sjoshua 	/* ECB - Test vectors from FIPS-197, Appendix C. */
3807fd6877Sjoshua 	{
3907fd6877Sjoshua 		.mode = NID_aes_128_ecb,
4007fd6877Sjoshua 		.key = {
4107fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
4207fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
4307fd6877Sjoshua 		},
4407fd6877Sjoshua 		.in = {
4507fd6877Sjoshua 			0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
4607fd6877Sjoshua 			0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
4707fd6877Sjoshua 		},
4807fd6877Sjoshua 		.in_len = 16,
4907fd6877Sjoshua 		.out = {
5007fd6877Sjoshua 			0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
5107fd6877Sjoshua 			0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a,
5207fd6877Sjoshua 		},
5307fd6877Sjoshua 		.out_len = 16,
5407fd6877Sjoshua 	},
5507fd6877Sjoshua 	{
5607fd6877Sjoshua 		.mode = NID_aes_192_ecb,
5707fd6877Sjoshua 		.key = {
5807fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
5907fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
6007fd6877Sjoshua 			0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
6107fd6877Sjoshua 		},
6207fd6877Sjoshua 		.in = {
6307fd6877Sjoshua 			0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
6407fd6877Sjoshua 			0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
6507fd6877Sjoshua 		},
6607fd6877Sjoshua 		.in_len = 16,
6707fd6877Sjoshua 		.out = {
6807fd6877Sjoshua 			0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0,
6907fd6877Sjoshua 			0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91,
7007fd6877Sjoshua 		},
7107fd6877Sjoshua 		.out_len = 16,
7207fd6877Sjoshua 	},
7307fd6877Sjoshua 	{
7407fd6877Sjoshua 		.mode = NID_aes_256_ecb,
7507fd6877Sjoshua 		.key = {
7607fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
7707fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
7807fd6877Sjoshua 			0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
7907fd6877Sjoshua 			0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
8007fd6877Sjoshua 		},
8107fd6877Sjoshua 		.in = {
8207fd6877Sjoshua 			0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
8307fd6877Sjoshua 			0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
8407fd6877Sjoshua 		},
8507fd6877Sjoshua 		.in_len = 16,
8607fd6877Sjoshua 		.out = {
8707fd6877Sjoshua 			0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf,
8807fd6877Sjoshua 			0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89,
8907fd6877Sjoshua 		},
9007fd6877Sjoshua 		.out_len = 16,
9107fd6877Sjoshua 	},
9207fd6877Sjoshua 
9307fd6877Sjoshua 	/* CBC - Test vectors from RFC 3602 */
9407fd6877Sjoshua 	{
9507fd6877Sjoshua 		.mode = NID_aes_128_cbc,
9607fd6877Sjoshua 		.key = {
9707fd6877Sjoshua 			0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b,
9807fd6877Sjoshua 			0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06,
9907fd6877Sjoshua 		},
10007fd6877Sjoshua 		.iv = {
10107fd6877Sjoshua 			0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30,
10207fd6877Sjoshua 			0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41,
10307fd6877Sjoshua 		},
10407fd6877Sjoshua 		.iv_len = 16,
10507fd6877Sjoshua 		.in = {
10607fd6877Sjoshua 			0x53, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x20, 0x62,
10707fd6877Sjoshua 			0x6c, 0x6f, 0x63, 0x6b, 0x20, 0x6d, 0x73, 0x67,
10807fd6877Sjoshua 		},
10907fd6877Sjoshua 		.in_len = 16,
11007fd6877Sjoshua 		.out = {
11107fd6877Sjoshua 			0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8,
11207fd6877Sjoshua 			0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a,
11307fd6877Sjoshua 		},
11407fd6877Sjoshua 		.out_len = 16,
11507fd6877Sjoshua 	},
11607fd6877Sjoshua 	{
11707fd6877Sjoshua 		.mode = NID_aes_128_cbc,
11807fd6877Sjoshua 		.key = {
11907fd6877Sjoshua 			0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0,
12007fd6877Sjoshua 			0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a,
12107fd6877Sjoshua 		},
12207fd6877Sjoshua 		.iv = {
12307fd6877Sjoshua 			0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28,
12407fd6877Sjoshua 			0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58,
12507fd6877Sjoshua 		},
12607fd6877Sjoshua 		.iv_len = 16,
12707fd6877Sjoshua 		.in = {
12807fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
12907fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
13007fd6877Sjoshua 			0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
13107fd6877Sjoshua 			0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
13207fd6877Sjoshua 		},
13307fd6877Sjoshua 		.in_len = 32,
13407fd6877Sjoshua 		.out = {
13507fd6877Sjoshua 			0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a,
13607fd6877Sjoshua 			0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a,
13707fd6877Sjoshua 			0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9,
13807fd6877Sjoshua 			0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1,
13907fd6877Sjoshua 		},
14007fd6877Sjoshua 		.out_len = 32,
14107fd6877Sjoshua 	},
14207fd6877Sjoshua 	{
14307fd6877Sjoshua 		.mode = NID_aes_128_cbc,
14407fd6877Sjoshua 		.key = {
14507fd6877Sjoshua 			0x6c, 0x3e, 0xa0, 0x47, 0x76, 0x30, 0xce, 0x21,
14607fd6877Sjoshua 			0xa2, 0xce, 0x33, 0x4a, 0xa7, 0x46, 0xc2, 0xcd,
14707fd6877Sjoshua 		},
14807fd6877Sjoshua 		.iv = {
14907fd6877Sjoshua 			0xc7, 0x82, 0xdc, 0x4c, 0x09, 0x8c, 0x66, 0xcb,
15007fd6877Sjoshua 			0xd9, 0xcd, 0x27, 0xd8, 0x25, 0x68, 0x2c, 0x81,
15107fd6877Sjoshua 		},
15207fd6877Sjoshua 		.iv_len = 16,
15307fd6877Sjoshua 		.in = {
15407fd6877Sjoshua 			0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
15507fd6877Sjoshua 			0x61, 0x20, 0x34, 0x38, 0x2d, 0x62, 0x79, 0x74,
15607fd6877Sjoshua 			0x65, 0x20, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67,
15707fd6877Sjoshua 			0x65, 0x20, 0x28, 0x65, 0x78, 0x61, 0x63, 0x74,
15807fd6877Sjoshua 			0x6c, 0x79, 0x20, 0x33, 0x20, 0x41, 0x45, 0x53,
15907fd6877Sjoshua 			0x20, 0x62, 0x6c, 0x6f, 0x63, 0x6b, 0x73, 0x29,
16007fd6877Sjoshua 		},
16107fd6877Sjoshua 		.in_len = 48,
16207fd6877Sjoshua 		.out = {
16307fd6877Sjoshua 			0xd0, 0xa0, 0x2b, 0x38, 0x36, 0x45, 0x17, 0x53,
16407fd6877Sjoshua 			0xd4, 0x93, 0x66, 0x5d, 0x33, 0xf0, 0xe8, 0x86,
16507fd6877Sjoshua 			0x2d, 0xea, 0x54, 0xcd, 0xb2, 0x93, 0xab, 0xc7,
16607fd6877Sjoshua 			0x50, 0x69, 0x39, 0x27, 0x67, 0x72, 0xf8, 0xd5,
16707fd6877Sjoshua 			0x02, 0x1c, 0x19, 0x21, 0x6b, 0xad, 0x52, 0x5c,
16807fd6877Sjoshua 			0x85, 0x79, 0x69, 0x5d, 0x83, 0xba, 0x26, 0x84,
16907fd6877Sjoshua 		},
17007fd6877Sjoshua 		.out_len = 48,
17107fd6877Sjoshua 	},
17207fd6877Sjoshua 	{
17307fd6877Sjoshua 		.mode = NID_aes_128_cbc,
17407fd6877Sjoshua 		.key = {
17507fd6877Sjoshua 			0x56, 0xe4, 0x7a, 0x38, 0xc5, 0x59, 0x89, 0x74,
17607fd6877Sjoshua 			0xbc, 0x46, 0x90, 0x3d, 0xba, 0x29, 0x03, 0x49,
17707fd6877Sjoshua 		},
17807fd6877Sjoshua 		.iv = {
17907fd6877Sjoshua 			0x8c, 0xe8, 0x2e, 0xef, 0xbe, 0xa0, 0xda, 0x3c,
18007fd6877Sjoshua 			0x44, 0x69, 0x9e, 0xd7, 0xdb, 0x51, 0xb7, 0xd9,
18107fd6877Sjoshua 		},
18207fd6877Sjoshua 		.iv_len = 16,
18307fd6877Sjoshua 		.in = {
18407fd6877Sjoshua 			0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
18507fd6877Sjoshua 			0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
18607fd6877Sjoshua 			0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
18707fd6877Sjoshua 			0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
18807fd6877Sjoshua 			0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
18907fd6877Sjoshua 			0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
19007fd6877Sjoshua 			0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
19107fd6877Sjoshua 			0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
19207fd6877Sjoshua 		},
19307fd6877Sjoshua 		.in_len = 64,
19407fd6877Sjoshua 		.out = {
19507fd6877Sjoshua 			0xc3, 0x0e, 0x32, 0xff, 0xed, 0xc0, 0x77, 0x4e,
19607fd6877Sjoshua 			0x6a, 0xff, 0x6a, 0xf0, 0x86, 0x9f, 0x71, 0xaa,
19707fd6877Sjoshua 			0x0f, 0x3a, 0xf0, 0x7a, 0x9a, 0x31, 0xa9, 0xc6,
19807fd6877Sjoshua 			0x84, 0xdb, 0x20, 0x7e, 0xb0, 0xef, 0x8e, 0x4e,
19907fd6877Sjoshua 			0x35, 0x90, 0x7a, 0xa6, 0x32, 0xc3, 0xff, 0xdf,
20007fd6877Sjoshua 			0x86, 0x8b, 0xb7, 0xb2, 0x9d, 0x3d, 0x46, 0xad,
20107fd6877Sjoshua 			0x83, 0xce, 0x9f, 0x9a, 0x10, 0x2e, 0xe9, 0x9d,
20207fd6877Sjoshua 			0x49, 0xa5, 0x3e, 0x87, 0xf4, 0xc3, 0xda, 0x55,
20307fd6877Sjoshua 		},
20407fd6877Sjoshua 		.out_len = 64,
20507fd6877Sjoshua 	},
20607fd6877Sjoshua 
20707fd6877Sjoshua 	/* CBC - Test vectors from NIST SP 800-38A */
20807fd6877Sjoshua 	{
20907fd6877Sjoshua 		.mode = NID_aes_128_cbc,
21007fd6877Sjoshua 		.key = {
21107fd6877Sjoshua 			0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
21207fd6877Sjoshua 			0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
21307fd6877Sjoshua 		},
21407fd6877Sjoshua 		.iv = {
21507fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
21607fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
21707fd6877Sjoshua 		},
21807fd6877Sjoshua 		.iv_len = 16,
21907fd6877Sjoshua 		.in = {
22007fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
22107fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
22207fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
22307fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
22407fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
22507fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
22607fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
22707fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
22807fd6877Sjoshua 		},
22907fd6877Sjoshua 		.in_len = 64,
23007fd6877Sjoshua 		.out = {
23107fd6877Sjoshua 			0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
23207fd6877Sjoshua 			0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
23307fd6877Sjoshua 			0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
23407fd6877Sjoshua 			0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
23507fd6877Sjoshua 			0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
23607fd6877Sjoshua 			0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
23707fd6877Sjoshua 			0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
23807fd6877Sjoshua 			0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7,
23907fd6877Sjoshua 		},
24007fd6877Sjoshua 		.out_len = 64,
24107fd6877Sjoshua 	},
24207fd6877Sjoshua 	{
24307fd6877Sjoshua 		.mode = NID_aes_192_cbc,
24407fd6877Sjoshua 		.key = {
24507fd6877Sjoshua 			0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
24607fd6877Sjoshua 			0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
24707fd6877Sjoshua 			0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
24807fd6877Sjoshua 		},
24907fd6877Sjoshua 		.iv = {
25007fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
25107fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
25207fd6877Sjoshua 		},
25307fd6877Sjoshua 		.iv_len = 16,
25407fd6877Sjoshua 		.in = {
25507fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
25607fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
25707fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
25807fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
25907fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
26007fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
26107fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
26207fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
26307fd6877Sjoshua 		},
26407fd6877Sjoshua 		.in_len = 64,
26507fd6877Sjoshua 		.out = {
26607fd6877Sjoshua 			0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d,
26707fd6877Sjoshua 			0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8,
26807fd6877Sjoshua 			0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4,
26907fd6877Sjoshua 			0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a,
27007fd6877Sjoshua 			0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0,
27107fd6877Sjoshua 			0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0,
27207fd6877Sjoshua 			0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81,
27307fd6877Sjoshua 			0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd,
27407fd6877Sjoshua 		},
27507fd6877Sjoshua 		.out_len = 64,
27607fd6877Sjoshua 	},
27707fd6877Sjoshua 	{
27807fd6877Sjoshua 		.mode = NID_aes_256_cbc,
27907fd6877Sjoshua 		.key = {
28007fd6877Sjoshua 			0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
28107fd6877Sjoshua 			0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
28207fd6877Sjoshua 			0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
28307fd6877Sjoshua 			0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
28407fd6877Sjoshua 		},
28507fd6877Sjoshua 		.iv = {
28607fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
28707fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
28807fd6877Sjoshua 		},
28907fd6877Sjoshua 		.iv_len = 16,
29007fd6877Sjoshua 		.in = {
29107fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
29207fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
29307fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
29407fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
29507fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
29607fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
29707fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
29807fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
29907fd6877Sjoshua 		},
30007fd6877Sjoshua 		.in_len = 64,
30107fd6877Sjoshua 		.out = {
30207fd6877Sjoshua 			0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
30307fd6877Sjoshua 			0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
30407fd6877Sjoshua 			0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
30507fd6877Sjoshua 			0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
30607fd6877Sjoshua 			0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
30707fd6877Sjoshua 			0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
30807fd6877Sjoshua 			0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
30907fd6877Sjoshua 			0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b,
31007fd6877Sjoshua 		},
31107fd6877Sjoshua 		.out_len = 64,
31207fd6877Sjoshua 	},
31307fd6877Sjoshua 
31407fd6877Sjoshua 	/* CFB128 - Test vectors from NIST SP 800-38A */
31507fd6877Sjoshua 	{
31607fd6877Sjoshua 		.mode = NID_aes_128_cfb128,
31707fd6877Sjoshua 		.key = {
31807fd6877Sjoshua 			0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
31907fd6877Sjoshua 			0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
32007fd6877Sjoshua 		},
32107fd6877Sjoshua 		.iv = {
32207fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
32307fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
32407fd6877Sjoshua 		},
32507fd6877Sjoshua 		.iv_len = 16,
32607fd6877Sjoshua 		.in = {
32707fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
32807fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
32907fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
33007fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
33107fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
33207fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
33307fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
33407fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
33507fd6877Sjoshua 		},
33607fd6877Sjoshua 		.in_len = 64,
33707fd6877Sjoshua 		.out = {
33807fd6877Sjoshua 			0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20,
33907fd6877Sjoshua 			0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a,
34007fd6877Sjoshua 			0xc8, 0xa6, 0x45, 0x37, 0xa0, 0xb3, 0xa9, 0x3f,
34107fd6877Sjoshua 			0xcd, 0xe3, 0xcd, 0xad, 0x9f, 0x1c, 0xe5, 0x8b,
34207fd6877Sjoshua 			0x26, 0x75, 0x1f, 0x67, 0xa3, 0xcb, 0xb1, 0x40,
34307fd6877Sjoshua 			0xb1, 0x80, 0x8c, 0xf1, 0x87, 0xa4, 0xf4, 0xdf,
34407fd6877Sjoshua 			0xc0, 0x4b, 0x05, 0x35, 0x7c, 0x5d, 0x1c, 0x0e,
34507fd6877Sjoshua 			0xea, 0xc4, 0xc6, 0x6f, 0x9f, 0xf7, 0xf2, 0xe6,
34607fd6877Sjoshua 		},
34707fd6877Sjoshua 		.out_len = 64,
34807fd6877Sjoshua 	},
34907fd6877Sjoshua 	{
35007fd6877Sjoshua 		.mode = NID_aes_192_cfb128,
35107fd6877Sjoshua 		.key = {
35207fd6877Sjoshua 			0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
35307fd6877Sjoshua 			0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
35407fd6877Sjoshua 			0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
35507fd6877Sjoshua 		},
35607fd6877Sjoshua 		.iv = {
35707fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
35807fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
35907fd6877Sjoshua 		},
36007fd6877Sjoshua 		.iv_len = 16,
36107fd6877Sjoshua 		.in = {
36207fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
36307fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
36407fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
36507fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
36607fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
36707fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
36807fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
36907fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
37007fd6877Sjoshua 		},
37107fd6877Sjoshua 		.in_len = 64,
37207fd6877Sjoshua 		.out = {
37307fd6877Sjoshua 			0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab,
37407fd6877Sjoshua 			0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74,
37507fd6877Sjoshua 			0x67, 0xce, 0x7f, 0x7f, 0x81, 0x17, 0x36, 0x21,
37607fd6877Sjoshua 			0x96, 0x1a, 0x2b, 0x70, 0x17, 0x1d, 0x3d, 0x7a,
37707fd6877Sjoshua 			0x2e, 0x1e, 0x8a, 0x1d, 0xd5, 0x9b, 0x88, 0xb1,
37807fd6877Sjoshua 			0xc8, 0xe6, 0x0f, 0xed, 0x1e, 0xfa, 0xc4, 0xc9,
37907fd6877Sjoshua 			0xc0, 0x5f, 0x9f, 0x9c, 0xa9, 0x83, 0x4f, 0xa0,
38007fd6877Sjoshua 			0x42, 0xae, 0x8f, 0xba, 0x58, 0x4b, 0x09, 0xff,
38107fd6877Sjoshua 		},
38207fd6877Sjoshua 		.out_len = 64,
38307fd6877Sjoshua 	},
38407fd6877Sjoshua 	{
38507fd6877Sjoshua 		.mode = NID_aes_256_cfb128,
38607fd6877Sjoshua 		.key = {
38707fd6877Sjoshua 			0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
38807fd6877Sjoshua 			0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
38907fd6877Sjoshua 			0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
39007fd6877Sjoshua 			0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
39107fd6877Sjoshua 		},
39207fd6877Sjoshua 		.iv = {
39307fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
39407fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
39507fd6877Sjoshua 		},
39607fd6877Sjoshua 		.iv_len = 16,
39707fd6877Sjoshua 		.in = {
39807fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
39907fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
40007fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
40107fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
40207fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
40307fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
40407fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
40507fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
40607fd6877Sjoshua 		},
40707fd6877Sjoshua 		.in_len = 64,
40807fd6877Sjoshua 		.out = {
40907fd6877Sjoshua 			0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b,
41007fd6877Sjoshua 			0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60,
41107fd6877Sjoshua 			0x39, 0xff, 0xed, 0x14, 0x3b, 0x28, 0xb1, 0xc8,
41207fd6877Sjoshua 			0x32, 0x11, 0x3c, 0x63, 0x31, 0xe5, 0x40, 0x7b,
41307fd6877Sjoshua 			0xdf, 0x10, 0x13, 0x24, 0x15, 0xe5, 0x4b, 0x92,
41407fd6877Sjoshua 			0xa1, 0x3e, 0xd0, 0xa8, 0x26, 0x7a, 0xe2, 0xf9,
41507fd6877Sjoshua 			0x75, 0xa3, 0x85, 0x74, 0x1a, 0xb9, 0xce, 0xf8,
41607fd6877Sjoshua 			0x20, 0x31, 0x62, 0x3d, 0x55, 0xb1, 0xe4, 0x71,
41707fd6877Sjoshua 		},
41807fd6877Sjoshua 		.out_len = 64,
41907fd6877Sjoshua 	},
42007fd6877Sjoshua 
42107fd6877Sjoshua 	/* OFB128 - Test vectors from NIST SP 800-38A */
42207fd6877Sjoshua 	{
42307fd6877Sjoshua 		.mode = NID_aes_128_ofb128,
42407fd6877Sjoshua 		.key = {
42507fd6877Sjoshua 			0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
42607fd6877Sjoshua 			0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
42707fd6877Sjoshua 		},
42807fd6877Sjoshua 		.iv = {
42907fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
43007fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
43107fd6877Sjoshua 		},
43207fd6877Sjoshua 		.iv_len = 16,
43307fd6877Sjoshua 		.in = {
43407fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
43507fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
43607fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
43707fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
43807fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
43907fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
44007fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
44107fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
44207fd6877Sjoshua 		},
44307fd6877Sjoshua 		.in_len = 64,
44407fd6877Sjoshua 		.out = {
44507fd6877Sjoshua 			0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20,
44607fd6877Sjoshua 			0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a,
44707fd6877Sjoshua 			0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03,
44807fd6877Sjoshua 			0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25,
44907fd6877Sjoshua 			0x97, 0x40, 0x05, 0x1e, 0x9c, 0x5f, 0xec, 0xf6,
45007fd6877Sjoshua 			0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc,
45107fd6877Sjoshua 			0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78,
45207fd6877Sjoshua 			0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e,
45307fd6877Sjoshua 		},
45407fd6877Sjoshua 		.out_len = 64,
45507fd6877Sjoshua 	},
45607fd6877Sjoshua 	{
45707fd6877Sjoshua 		.mode = NID_aes_192_ofb128,
45807fd6877Sjoshua 		.key = {
45907fd6877Sjoshua 			0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
46007fd6877Sjoshua 			0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
46107fd6877Sjoshua 			0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
46207fd6877Sjoshua 		},
46307fd6877Sjoshua 		.iv = {
46407fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
46507fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
46607fd6877Sjoshua 		},
46707fd6877Sjoshua 		.iv_len = 16,
46807fd6877Sjoshua 		.in = {
46907fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
47007fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
47107fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
47207fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
47307fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
47407fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
47507fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
47607fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
47707fd6877Sjoshua 		},
47807fd6877Sjoshua 		.in_len = 64,
47907fd6877Sjoshua 		.out = {
48007fd6877Sjoshua 			0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab,
48107fd6877Sjoshua 			0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74,
48207fd6877Sjoshua 			0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c,
48307fd6877Sjoshua 			0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01,
48407fd6877Sjoshua 			0x8d, 0x9a, 0x9a, 0xea, 0xc0, 0xf6, 0x59, 0x6f,
48507fd6877Sjoshua 			0x55, 0x9c, 0x6d, 0x4d, 0xaf, 0x59, 0xa5, 0xf2,
48607fd6877Sjoshua 			0x6d, 0x9f, 0x20, 0x08, 0x57, 0xca, 0x6c, 0x3e,
48707fd6877Sjoshua 			0x9c, 0xac, 0x52, 0x4b, 0xd9, 0xac, 0xc9, 0x2a,
48807fd6877Sjoshua 		},
48907fd6877Sjoshua 		.out_len = 64,
49007fd6877Sjoshua 	},
49107fd6877Sjoshua 	{
49207fd6877Sjoshua 		.mode = NID_aes_256_ofb128,
49307fd6877Sjoshua 		.key = {
49407fd6877Sjoshua 			0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
49507fd6877Sjoshua 			0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
49607fd6877Sjoshua 			0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
49707fd6877Sjoshua 			0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
49807fd6877Sjoshua 		},
49907fd6877Sjoshua 		.iv = {
50007fd6877Sjoshua 			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
50107fd6877Sjoshua 			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
50207fd6877Sjoshua 		},
50307fd6877Sjoshua 		.iv_len = 16,
50407fd6877Sjoshua 		.in = {
50507fd6877Sjoshua 			0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
50607fd6877Sjoshua 			0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
50707fd6877Sjoshua 			0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
50807fd6877Sjoshua 			0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
50907fd6877Sjoshua 			0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
51007fd6877Sjoshua 			0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
51107fd6877Sjoshua 			0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
51207fd6877Sjoshua 			0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
51307fd6877Sjoshua 		},
51407fd6877Sjoshua 		.in_len = 64,
51507fd6877Sjoshua 		.out = {
51607fd6877Sjoshua 			0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b,
51707fd6877Sjoshua 			0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60,
51807fd6877Sjoshua 			0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a,
51907fd6877Sjoshua 			0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d,
52007fd6877Sjoshua 			0x71, 0xab, 0x47, 0xa0, 0x86, 0xe8, 0x6e, 0xed,
52107fd6877Sjoshua 			0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08,
52207fd6877Sjoshua 			0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8,
52307fd6877Sjoshua 			0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84,
52407fd6877Sjoshua 		},
52507fd6877Sjoshua 		.out_len = 64,
52607fd6877Sjoshua 	},
52707fd6877Sjoshua };
52807fd6877Sjoshua 
52907fd6877Sjoshua #define N_AES_TESTS (sizeof(aes_tests) / sizeof(aes_tests[0]))
53007fd6877Sjoshua 
53107fd6877Sjoshua static int
aes_ecb_test(size_t test_number,const char * label,int key_bits,const struct aes_test * at)5328edb0357Sjoshua aes_ecb_test(size_t test_number, const char *label, int key_bits,
5338edb0357Sjoshua     const struct aes_test *at)
53407fd6877Sjoshua {
53507fd6877Sjoshua 	AES_KEY key;
53607fd6877Sjoshua 	uint8_t out[64];
53707fd6877Sjoshua 
53807fd6877Sjoshua 	if (at->padding) {
53907fd6877Sjoshua 		/* XXX - Handle padding */
54007fd6877Sjoshua 		return 1;
54107fd6877Sjoshua 	}
54207fd6877Sjoshua 
54307fd6877Sjoshua 	/* Encryption */
54407fd6877Sjoshua 	memset(out, 0, sizeof(out));
54507fd6877Sjoshua 	AES_set_encrypt_key(at->key, key_bits, &key);
54607fd6877Sjoshua 	AES_ecb_encrypt(at->in, out, &key, 1);
54707fd6877Sjoshua 
54807fd6877Sjoshua 	if (memcmp(at->out, out, at->out_len) != 0) {
54907fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): encryption mismatch\n",
55007fd6877Sjoshua 		    label, test_number);
55107fd6877Sjoshua 		return 0;
55207fd6877Sjoshua 	}
55307fd6877Sjoshua 
55407fd6877Sjoshua 	/* Decryption */
55507fd6877Sjoshua 	memset(out, 0, sizeof(out));
55607fd6877Sjoshua 	AES_set_decrypt_key(at->key, key_bits, &key);
55707fd6877Sjoshua 	AES_ecb_encrypt(at->out, out, &key, 0);
55807fd6877Sjoshua 
55907fd6877Sjoshua 	if (memcmp(at->in, out, at->in_len) != 0) {
56007fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): decryption mismatch\n",
56107fd6877Sjoshua 		    label, test_number);
56207fd6877Sjoshua 		return 0;
56307fd6877Sjoshua 	}
56407fd6877Sjoshua 
56507fd6877Sjoshua 	return 1;
56607fd6877Sjoshua }
56707fd6877Sjoshua 
56807fd6877Sjoshua 
56907fd6877Sjoshua static int
aes_cbc_test(size_t test_number,const char * label,int key_bits,const struct aes_test * at)5708edb0357Sjoshua aes_cbc_test(size_t test_number, const char *label, int key_bits,
5718edb0357Sjoshua     const struct aes_test *at)
57207fd6877Sjoshua {
57307fd6877Sjoshua 	AES_KEY key;
57407fd6877Sjoshua 	uint8_t out[64];
57507fd6877Sjoshua 	uint8_t iv[16];
57607fd6877Sjoshua 
57707fd6877Sjoshua 	if (at->padding) {
57807fd6877Sjoshua 		/* XXX - Handle padding */
57907fd6877Sjoshua 		return 1;
58007fd6877Sjoshua 	}
58107fd6877Sjoshua 
58207fd6877Sjoshua 	/* Encryption */
58307fd6877Sjoshua 	memset(out, 0, sizeof(out));
58407fd6877Sjoshua 	memcpy(iv, at->iv, at->iv_len);
58507fd6877Sjoshua 	AES_set_encrypt_key(at->key, key_bits, &key);
58607fd6877Sjoshua 	AES_cbc_encrypt(at->in, out, at->in_len, &key, iv, 1);
58707fd6877Sjoshua 
58807fd6877Sjoshua 	if (memcmp(at->out, out, at->out_len) != 0) {
58907fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): encryption mismatch\n",
59007fd6877Sjoshua 		    label, test_number);
59107fd6877Sjoshua 		return 0;
59207fd6877Sjoshua 	}
59307fd6877Sjoshua 
59407fd6877Sjoshua 	/* Decryption */
59507fd6877Sjoshua 	memset(out, 0, sizeof(out));
59607fd6877Sjoshua 	memcpy(iv, at->iv, at->iv_len);
59707fd6877Sjoshua 	AES_set_decrypt_key(at->key, key_bits, &key);
59807fd6877Sjoshua 	AES_cbc_encrypt(at->out, out, at->out_len, &key, iv, 0);
59907fd6877Sjoshua 
60007fd6877Sjoshua 	if (memcmp(at->in, out, at->in_len) != 0) {
60107fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): decryption mismatch\n",
60207fd6877Sjoshua 		    label, test_number);
60307fd6877Sjoshua 		return 0;
60407fd6877Sjoshua 	}
60507fd6877Sjoshua 
60607fd6877Sjoshua 	return 1;
60707fd6877Sjoshua }
60807fd6877Sjoshua 
60907fd6877Sjoshua static int
aes_evp_test(size_t test_number,const struct aes_test * at,const char * label,int key_bits,const EVP_CIPHER * cipher)61007fd6877Sjoshua aes_evp_test(size_t test_number, const struct aes_test *at, const char *label,
61107fd6877Sjoshua     int key_bits, const EVP_CIPHER *cipher)
61207fd6877Sjoshua {
61307fd6877Sjoshua 	EVP_CIPHER_CTX *ctx;
61407fd6877Sjoshua 	uint8_t out[64];
61507fd6877Sjoshua 	int in_len, out_len, total_len;
61607fd6877Sjoshua 	int i;
61707fd6877Sjoshua 	int success = 0;
61807fd6877Sjoshua 
61907fd6877Sjoshua 	if ((ctx = EVP_CIPHER_CTX_new()) == NULL) {
62007fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP_CIPHER_CTX_new failed\n",
62107fd6877Sjoshua 		    label, test_number);
62207fd6877Sjoshua 		goto failed;
62307fd6877Sjoshua 	}
62407fd6877Sjoshua 
62507fd6877Sjoshua 	/* EVP encryption */
62607fd6877Sjoshua 	total_len = 0;
62707fd6877Sjoshua 	memset(out, 0, sizeof(out));
62807fd6877Sjoshua 	if (!EVP_EncryptInit(ctx, cipher, NULL, NULL)) {
62907fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP_EncryptInit failed\n",
63007fd6877Sjoshua 		    label, test_number);
63107fd6877Sjoshua 		goto failed;
63207fd6877Sjoshua 	}
63307fd6877Sjoshua 
63407fd6877Sjoshua 	if (!EVP_CIPHER_CTX_set_padding(ctx, at->padding)) {
63507fd6877Sjoshua 		fprintf(stderr,
63607fd6877Sjoshua 		    "FAIL (%s:%zu): EVP_CIPHER_CTX_set_padding failed\n",
63707fd6877Sjoshua 		    label, test_number);
63807fd6877Sjoshua 		goto failed;
63907fd6877Sjoshua 	}
64007fd6877Sjoshua 
64107fd6877Sjoshua 	if (!EVP_EncryptInit(ctx, NULL, at->key, at->iv)) {
64207fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP_EncryptInit failed\n",
64307fd6877Sjoshua 		    label, test_number);
64407fd6877Sjoshua 		goto failed;
64507fd6877Sjoshua 	}
64607fd6877Sjoshua 
64707fd6877Sjoshua 	for (i = 0; i < at->in_len;) {
64807fd6877Sjoshua 		in_len = arc4random_uniform(at->in_len / 2);
64907fd6877Sjoshua 		if (in_len > at->in_len - i)
65007fd6877Sjoshua 			in_len = at->in_len - i;
65107fd6877Sjoshua 
65207fd6877Sjoshua 		if (!EVP_EncryptUpdate(ctx, out + total_len, &out_len,
65307fd6877Sjoshua 		    at->in + i, in_len)) {
65407fd6877Sjoshua 			fprintf(stderr,
65507fd6877Sjoshua 			    "FAIL (%s:%zu): EVP_EncryptUpdate failed\n",
65607fd6877Sjoshua 			    label, test_number);
65707fd6877Sjoshua 			goto failed;
65807fd6877Sjoshua 		}
65907fd6877Sjoshua 
66007fd6877Sjoshua 		i += in_len;
66107fd6877Sjoshua 		total_len += out_len;
66207fd6877Sjoshua 	}
66307fd6877Sjoshua 
66407fd6877Sjoshua 	if (!EVP_EncryptFinal_ex(ctx, out + total_len, &out_len)) {
66507fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP_EncryptFinal_ex failed\n",
66607fd6877Sjoshua 		    label, test_number);
66707fd6877Sjoshua 		goto failed;
66807fd6877Sjoshua 	}
66907fd6877Sjoshua 	total_len += out_len;
67007fd6877Sjoshua 
67107fd6877Sjoshua 	if (!EVP_CIPHER_CTX_reset(ctx)) {
67207fd6877Sjoshua 		fprintf(stderr,
67307fd6877Sjoshua 		    "FAIL (%s:%zu): EVP_CIPHER_CTX_reset failed\n",
67407fd6877Sjoshua 		    label, test_number);
67507fd6877Sjoshua 		goto failed;
67607fd6877Sjoshua 	}
67707fd6877Sjoshua 
67807fd6877Sjoshua 	if (total_len != at->out_len) {
67907fd6877Sjoshua 		fprintf(stderr,
68007fd6877Sjoshua 		    "FAIL (%s:%zu): EVP encryption length mismatch "
68107fd6877Sjoshua 		    "(%d != %d)\n", label, test_number, total_len, at->out_len);
68207fd6877Sjoshua 		goto failed;
68307fd6877Sjoshua 	}
68407fd6877Sjoshua 
68507fd6877Sjoshua 	if (memcmp(at->out, out, at->out_len) != 0) {
68607fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP encryption mismatch\n",
68707fd6877Sjoshua 		    label, test_number);
68807fd6877Sjoshua 		goto failed;
68907fd6877Sjoshua 	}
69007fd6877Sjoshua 
69107fd6877Sjoshua 	/* EVP decryption */
69207fd6877Sjoshua 	total_len = 0;
69307fd6877Sjoshua 	memset(out, 0, sizeof(out));
69407fd6877Sjoshua 	if (!EVP_DecryptInit(ctx, cipher, NULL, NULL)) {
69507fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP_DecryptInit failed\n",
69607fd6877Sjoshua 		    label, test_number);
69707fd6877Sjoshua 		goto failed;
69807fd6877Sjoshua 	}
69907fd6877Sjoshua 
70007fd6877Sjoshua 	if (!EVP_CIPHER_CTX_set_padding(ctx, at->padding)) {
70107fd6877Sjoshua 		fprintf(stderr,
70207fd6877Sjoshua 		    "FAIL (%s:%zu): EVP_CIPHER_CTX_set_padding failed\n",
70307fd6877Sjoshua 		    label, test_number);
70407fd6877Sjoshua 		goto failed;
70507fd6877Sjoshua 	}
70607fd6877Sjoshua 
70707fd6877Sjoshua 	if (!EVP_DecryptInit(ctx, NULL, at->key, at->iv)) {
70807fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP_DecryptInit failed\n",
70907fd6877Sjoshua 		    label, test_number);
71007fd6877Sjoshua 		goto failed;
71107fd6877Sjoshua 	}
71207fd6877Sjoshua 
71307fd6877Sjoshua 	for (i = 0; i < at->out_len;) {
71407fd6877Sjoshua 		in_len = arc4random_uniform(at->out_len / 2);
71507fd6877Sjoshua 		if (in_len > at->out_len - i)
71607fd6877Sjoshua 			in_len = at->out_len - i;
71707fd6877Sjoshua 
71807fd6877Sjoshua 		if (!EVP_DecryptUpdate(ctx, out + total_len, &out_len,
71907fd6877Sjoshua 		    at->out + i, in_len)) {
72007fd6877Sjoshua 			fprintf(stderr,
72107fd6877Sjoshua 			    "FAIL (%s:%zu): EVP_DecryptUpdate failed\n",
72207fd6877Sjoshua 			    label, test_number);
72307fd6877Sjoshua 			goto failed;
72407fd6877Sjoshua 		}
72507fd6877Sjoshua 
72607fd6877Sjoshua 		i += in_len;
72707fd6877Sjoshua 		total_len += out_len;
72807fd6877Sjoshua 	}
72907fd6877Sjoshua 
73007fd6877Sjoshua 	if (!EVP_DecryptFinal_ex(ctx, out + total_len, &out_len)) {
73107fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP_DecryptFinal_ex failed\n",
73207fd6877Sjoshua 		    label, test_number);
73307fd6877Sjoshua 		goto failed;
73407fd6877Sjoshua 	}
73507fd6877Sjoshua 	total_len += out_len;
73607fd6877Sjoshua 
73707fd6877Sjoshua 	if (!EVP_CIPHER_CTX_reset(ctx)) {
73807fd6877Sjoshua 		fprintf(stderr,
73907fd6877Sjoshua 		    "FAIL (%s:%zu): EVP_CIPHER_CTX_reset failed\n",
74007fd6877Sjoshua 		    label, test_number);
74107fd6877Sjoshua 		goto failed;
74207fd6877Sjoshua 	}
74307fd6877Sjoshua 
74407fd6877Sjoshua 	if (total_len != at->in_len) {
74507fd6877Sjoshua 		fprintf(stderr,
74607fd6877Sjoshua 		    "FAIL (%s:%zu): EVP decryption length mismatch\n",
74707fd6877Sjoshua 		    label, test_number);
74807fd6877Sjoshua 		goto failed;
74907fd6877Sjoshua 	}
75007fd6877Sjoshua 
75107fd6877Sjoshua 	if (memcmp(at->in, out, at->in_len) != 0) {
75207fd6877Sjoshua 		fprintf(stderr, "FAIL (%s:%zu): EVP decryption mismatch\n",
75307fd6877Sjoshua 		    label, test_number);
75407fd6877Sjoshua 		goto failed;
75507fd6877Sjoshua 	}
75607fd6877Sjoshua 
75707fd6877Sjoshua 	success = 1;
75807fd6877Sjoshua 
75907fd6877Sjoshua  failed:
76007fd6877Sjoshua 	EVP_CIPHER_CTX_free(ctx);
76107fd6877Sjoshua 	return success;
76207fd6877Sjoshua }
76307fd6877Sjoshua 
76407fd6877Sjoshua 
76507fd6877Sjoshua static int
aes_key_bits_from_nid(int nid)76607fd6877Sjoshua aes_key_bits_from_nid(int nid)
76707fd6877Sjoshua {
76807fd6877Sjoshua 	switch (nid) {
76907fd6877Sjoshua 	case NID_aes_128_ecb:
77007fd6877Sjoshua 	case NID_aes_128_cbc:
77107fd6877Sjoshua 	case NID_aes_128_cfb128:
77207fd6877Sjoshua 	case NID_aes_128_ofb128:
77307fd6877Sjoshua 	case NID_aes_128_gcm:
77407fd6877Sjoshua 	case NID_aes_128_ccm:
77507fd6877Sjoshua 		return 128;
77607fd6877Sjoshua 	case NID_aes_192_ecb:
77707fd6877Sjoshua 	case NID_aes_192_cbc:
77807fd6877Sjoshua 	case NID_aes_192_cfb128:
77907fd6877Sjoshua 	case NID_aes_192_ofb128:
78007fd6877Sjoshua 	case NID_aes_192_gcm:
78107fd6877Sjoshua 	case NID_aes_192_ccm:
78207fd6877Sjoshua 		return 192;
78307fd6877Sjoshua 	case NID_aes_256_ecb:
78407fd6877Sjoshua 	case NID_aes_256_cbc:
78507fd6877Sjoshua 	case NID_aes_256_cfb128:
78607fd6877Sjoshua 	case NID_aes_256_ofb128:
78707fd6877Sjoshua 	case NID_aes_256_gcm:
78807fd6877Sjoshua 	case NID_aes_256_ccm:
78907fd6877Sjoshua 		return 256;
79007fd6877Sjoshua 	default:
79107fd6877Sjoshua 		return -1;
79207fd6877Sjoshua 	}
79307fd6877Sjoshua }
79407fd6877Sjoshua 
79507fd6877Sjoshua static int
aes_cipher_from_nid(int nid,const char ** out_label,const EVP_CIPHER ** out_cipher)79607fd6877Sjoshua aes_cipher_from_nid(int nid, const char **out_label,
79707fd6877Sjoshua     const EVP_CIPHER **out_cipher)
79807fd6877Sjoshua {
79907fd6877Sjoshua 	switch (nid) {
80007fd6877Sjoshua 	/* ECB */
80107fd6877Sjoshua 	case NID_aes_128_ecb:
80207fd6877Sjoshua 		*out_label = SN_aes_128_ecb;
80307fd6877Sjoshua 		*out_cipher = EVP_aes_128_ecb();
80407fd6877Sjoshua 		break;
80507fd6877Sjoshua 	case NID_aes_192_ecb:
80607fd6877Sjoshua 		*out_label = SN_aes_192_ecb;
80707fd6877Sjoshua 		*out_cipher = EVP_aes_192_ecb();
80807fd6877Sjoshua 		break;
80907fd6877Sjoshua 	case NID_aes_256_ecb:
81007fd6877Sjoshua 		*out_label = SN_aes_256_ecb;
81107fd6877Sjoshua 		*out_cipher = EVP_aes_256_ecb();
81207fd6877Sjoshua 		break;
81307fd6877Sjoshua 
81407fd6877Sjoshua 	/* CBC */
81507fd6877Sjoshua 	case NID_aes_128_cbc:
81607fd6877Sjoshua 		*out_label = SN_aes_128_cbc;
81707fd6877Sjoshua 		*out_cipher = EVP_aes_128_cbc();
81807fd6877Sjoshua 		break;
81907fd6877Sjoshua 	case NID_aes_192_cbc:
82007fd6877Sjoshua 		*out_label = SN_aes_192_cbc;
82107fd6877Sjoshua 		*out_cipher = EVP_aes_192_cbc();
82207fd6877Sjoshua 		break;
82307fd6877Sjoshua 	case NID_aes_256_cbc:
82407fd6877Sjoshua 		*out_label = SN_aes_256_cbc;
82507fd6877Sjoshua 		*out_cipher = EVP_aes_256_cbc();
82607fd6877Sjoshua 		break;
82707fd6877Sjoshua 
82807fd6877Sjoshua 	/* CFB128 */
82907fd6877Sjoshua 	case NID_aes_128_cfb128:
83007fd6877Sjoshua 		*out_label = SN_aes_128_cfb128;
83107fd6877Sjoshua 		*out_cipher = EVP_aes_128_cfb128();
83207fd6877Sjoshua 		break;
83307fd6877Sjoshua 	case NID_aes_192_cfb128:
83407fd6877Sjoshua 		*out_label = SN_aes_192_cfb128;
83507fd6877Sjoshua 		*out_cipher = EVP_aes_192_cfb128();
83607fd6877Sjoshua 		break;
83707fd6877Sjoshua 	case NID_aes_256_cfb128:
83807fd6877Sjoshua 		*out_label = SN_aes_256_cfb128;
83907fd6877Sjoshua 		*out_cipher = EVP_aes_256_cfb128();
84007fd6877Sjoshua 		break;
84107fd6877Sjoshua 
84207fd6877Sjoshua 	/* OFB128 */
84307fd6877Sjoshua 	case NID_aes_128_ofb128:
84407fd6877Sjoshua 		*out_label = SN_aes_128_ofb128;
84507fd6877Sjoshua 		*out_cipher = EVP_aes_128_ofb();
84607fd6877Sjoshua 		break;
84707fd6877Sjoshua 	case NID_aes_192_ofb128:
84807fd6877Sjoshua 		*out_label = SN_aes_192_ofb128;
84907fd6877Sjoshua 		*out_cipher = EVP_aes_192_ofb();
85007fd6877Sjoshua 		break;
85107fd6877Sjoshua 	case NID_aes_256_ofb128:
85207fd6877Sjoshua 		*out_label = SN_aes_256_ofb128;
85307fd6877Sjoshua 		*out_cipher = EVP_aes_256_ofb();
85407fd6877Sjoshua 		break;
85507fd6877Sjoshua 
85607fd6877Sjoshua 	/* GCM */
85707fd6877Sjoshua 	case NID_aes_128_gcm:
85807fd6877Sjoshua 		*out_label = SN_aes_128_gcm;
85907fd6877Sjoshua 		*out_cipher = EVP_aes_128_gcm();
86007fd6877Sjoshua 		break;
86107fd6877Sjoshua 	case NID_aes_192_gcm:
86207fd6877Sjoshua 		*out_label = SN_aes_192_gcm;
86307fd6877Sjoshua 		*out_cipher = EVP_aes_192_gcm();
86407fd6877Sjoshua 		break;
86507fd6877Sjoshua 	case NID_aes_256_gcm:
86607fd6877Sjoshua 		*out_label = SN_aes_256_gcm;
86707fd6877Sjoshua 		*out_cipher = EVP_aes_256_gcm();
86807fd6877Sjoshua 		break;
86907fd6877Sjoshua 
87007fd6877Sjoshua 	/* CCM */
87107fd6877Sjoshua 	case NID_aes_128_ccm:
87207fd6877Sjoshua 		*out_label = SN_aes_128_ccm;
87307fd6877Sjoshua 		*out_cipher = EVP_aes_128_ccm();
87407fd6877Sjoshua 		break;
87507fd6877Sjoshua 	case NID_aes_192_ccm:
87607fd6877Sjoshua 		*out_label = SN_aes_192_ccm;
87707fd6877Sjoshua 		*out_cipher = EVP_aes_192_ccm();
87807fd6877Sjoshua 		break;
87907fd6877Sjoshua 	case NID_aes_256_ccm:
88007fd6877Sjoshua 		*out_label = SN_aes_256_ccm;
88107fd6877Sjoshua 		*out_cipher = EVP_aes_256_ccm();
88207fd6877Sjoshua 		break;
88307fd6877Sjoshua 
88407fd6877Sjoshua 	/* Unknown */
88507fd6877Sjoshua 	default:
88607fd6877Sjoshua 		return 0;
88707fd6877Sjoshua 	}
88807fd6877Sjoshua 
88907fd6877Sjoshua 	return 1;
89007fd6877Sjoshua }
89107fd6877Sjoshua 
89207fd6877Sjoshua static int
aes_test(void)89307fd6877Sjoshua aes_test(void)
89407fd6877Sjoshua {
89507fd6877Sjoshua 	const struct aes_test *at;
89607fd6877Sjoshua 	const char *label;
89707fd6877Sjoshua 	const EVP_CIPHER *cipher;
89807fd6877Sjoshua 	int key_bits;
89907fd6877Sjoshua 	size_t i;
90007fd6877Sjoshua 	int failed = 1;
90107fd6877Sjoshua 
90207fd6877Sjoshua 	for (i = 0; i < N_AES_TESTS; i++) {
90307fd6877Sjoshua 		at = &aes_tests[i];
90407fd6877Sjoshua 		key_bits = aes_key_bits_from_nid(at->mode);
90507fd6877Sjoshua 		if (!aes_cipher_from_nid(at->mode, &label, &cipher))
90607fd6877Sjoshua 			goto failed;
90707fd6877Sjoshua 
90807fd6877Sjoshua 		switch (at->mode) {
90907fd6877Sjoshua 		/* ECB */
91007fd6877Sjoshua 		case NID_aes_128_ecb:
91107fd6877Sjoshua 		case NID_aes_192_ecb:
91207fd6877Sjoshua 		case NID_aes_256_ecb:
91307fd6877Sjoshua 			if (!aes_ecb_test(i, label, key_bits, at))
91407fd6877Sjoshua 				goto failed;
91507fd6877Sjoshua 			break;
91607fd6877Sjoshua 
91707fd6877Sjoshua 		/* CBC */
91807fd6877Sjoshua 		case NID_aes_128_cbc:
91907fd6877Sjoshua 		case NID_aes_192_cbc:
92007fd6877Sjoshua 		case NID_aes_256_cbc:
92107fd6877Sjoshua 			if (!aes_cbc_test(i, label, key_bits, at))
92207fd6877Sjoshua 				goto failed;
92307fd6877Sjoshua 			break;
92407fd6877Sjoshua 
92507fd6877Sjoshua 		/* CFB128 */
92607fd6877Sjoshua 		case NID_aes_128_cfb128:
92707fd6877Sjoshua 		case NID_aes_192_cfb128:
92807fd6877Sjoshua 		case NID_aes_256_cfb128:
92907fd6877Sjoshua 			/* XXX - CFB128 non-EVP tests */
93007fd6877Sjoshua 			break;
93107fd6877Sjoshua 
93207fd6877Sjoshua 		/* OFB128 */
93307fd6877Sjoshua 		case NID_aes_128_ofb128:
93407fd6877Sjoshua 		case NID_aes_192_ofb128:
93507fd6877Sjoshua 		case NID_aes_256_ofb128:
93607fd6877Sjoshua 			/* XXX - OFB128 non-EVP tests */
93707fd6877Sjoshua 			break;
93807fd6877Sjoshua 
93907fd6877Sjoshua 		/* GCM */
94007fd6877Sjoshua 		case NID_aes_128_gcm:
94107fd6877Sjoshua 		case NID_aes_192_gcm:
94207fd6877Sjoshua 		case NID_aes_256_gcm:
94307fd6877Sjoshua 			/* GCM is EVP-only */
94407fd6877Sjoshua 			break;
94507fd6877Sjoshua 
94607fd6877Sjoshua 		/* CCM */
94707fd6877Sjoshua 		case NID_aes_128_ccm:
94807fd6877Sjoshua 		case NID_aes_192_ccm:
94907fd6877Sjoshua 		case NID_aes_256_ccm:
95007fd6877Sjoshua 			/* XXX - CCM non-EVP tests */
95107fd6877Sjoshua 			break;
95207fd6877Sjoshua 
95307fd6877Sjoshua 		/* Unknown */
95407fd6877Sjoshua 		default:
95507fd6877Sjoshua 			fprintf(stderr, "FAIL: unknown mode (%d)\n",
95607fd6877Sjoshua 			    at->mode);
95707fd6877Sjoshua 			goto failed;
95807fd6877Sjoshua 		}
95907fd6877Sjoshua 
96007fd6877Sjoshua 		if (!aes_evp_test(i, at, label, key_bits, cipher))
96107fd6877Sjoshua 			goto failed;
96207fd6877Sjoshua 	}
96307fd6877Sjoshua 
96407fd6877Sjoshua 	failed = 0;
96507fd6877Sjoshua 
96607fd6877Sjoshua  failed:
96707fd6877Sjoshua 	return failed;
96807fd6877Sjoshua }
96907fd6877Sjoshua 
97007fd6877Sjoshua int
main(int argc,char ** argv)97107fd6877Sjoshua main(int argc, char **argv)
97207fd6877Sjoshua {
97307fd6877Sjoshua 	int failed = 0;
97407fd6877Sjoshua 
97507fd6877Sjoshua 	failed |= aes_test();
97607fd6877Sjoshua 
97707fd6877Sjoshua 	return failed;
97807fd6877Sjoshua }
97907fd6877Sjoshua 
980