* fips/cmac/fips_cmac_selftest.c: Because the examples in SP_800-38B
aren't trustworthy (see examples 13 and 14, they have the same mac, as do examples 17 and 18), use examples from official test vectors instead.
This commit is contained in:
parent
d8ba2a42e9
commit
e775bbc464
@ -64,56 +64,46 @@ typedef struct {
|
||||
|
||||
/* from http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf */
|
||||
static const CMAC_KAT vector[] = {
|
||||
{ EVP_aes_128_cbc, /* Example 3: Mlen = 320 */
|
||||
{ 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
|
||||
0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c }, 128,
|
||||
{ 0x6b,0xc1,0xbe,0xe2, 0x2e,0x40,0x9f,0x96,
|
||||
0xe9,0x3d,0x7e,0x11, 0x73,0x93,0x17,0x2a,
|
||||
0xae,0x2d,0x8a,0x57, 0x1e,0x03,0xac,0x9c,
|
||||
0x9e,0xb7,0x6f,0xac, 0x45,0xaf,0x8e,0x51,
|
||||
0x30,0xc8,0x1c,0x46, 0xa3,0x5c,0xe4,0x11 }, 320,
|
||||
{ 0xdf,0xa6,0x67,0x47, 0xde,0x9a,0xe6,0x30,
|
||||
0x30,0xca,0x32,0x61, 0x14,0x97,0xc8,0x27 }, 128
|
||||
{ EVP_aes_128_cbc, /* Count = 32 from CMACGenAES128.txt */
|
||||
{ 0x77,0xa7,0x7f,0xaf, 0x29,0x0c,0x1f,0xa3,
|
||||
0x0c,0x68,0x3d,0xf1, 0x6b,0xa7,0xa7,0x7b, }, 128,
|
||||
{ 0x02,0x06,0x83,0xe1, 0xf0,0x39,0x2f,0x4c,
|
||||
0xac,0x54,0x31,0x8b, 0x60,0x29,0x25,0x9e,
|
||||
0x9c,0x55,0x3d,0xbc, 0x4b,0x6a,0xd9,0x98,
|
||||
0xe6,0x4d,0x58,0xe4, 0xe7,0xdc,0x2e,0x13, }, 256,
|
||||
{ 0xfb,0xfe,0xa4,0x1b, }, 32
|
||||
},
|
||||
{ EVP_aes_192_cbc, /* Example 5: Mlen = 0 */
|
||||
{ 0x8e,0x73,0xb0,0xf7, 0xda,0x0e,0x64,0x52,
|
||||
0xc8,0x10,0xf3,0x2b, 0x80,0x90,0x79,0xe5,
|
||||
0x62,0xf8,0xea,0xd2, 0x52,0x2c,0x6b,0x7b, }, 192,
|
||||
{ EVP_aes_192_cbc, /* Count = 23 from CMACGenAES192.txt */
|
||||
{ 0x7b,0x32,0x39,0x13, 0x69,0xaa,0x4c,0xa9,
|
||||
0x75,0x58,0x09,0x5b, 0xe3,0xc3,0xec,0x86,
|
||||
0x2b,0xd0,0x57,0xce, 0xf1,0xe3,0x2d,0x62, }, 192,
|
||||
{ 0x0 }, 0,
|
||||
{ 0xd1,0x7d,0xdf,0x46, 0xad,0xaa,0xcd,0xe5,
|
||||
0x31,0xca,0xc4,0x83, 0xde,0x7a,0x93,0x67, }, 128
|
||||
{ 0xe4,0xd9,0x34,0x0b, 0x03,0xe6,0x7d,0xef,
|
||||
0xd4,0x96,0x9c,0xc1, 0xed,0x37,0x35,0xe6, }, 128,
|
||||
},
|
||||
{ EVP_aes_256_cbc, /* Example 12: Mlen = 512 */
|
||||
{ 0x60,0x3d,0xeb,0x10, 0x15,0xca,0x71,0xbe,
|
||||
0x2b,0x73,0xae,0xf0, 0x85,0x7d,0x77,0x81,
|
||||
0x1f,0x35,0x2c,0x07, 0x3b,0x61,0x08,0xd7,
|
||||
0x2d,0x98,0x10,0xa3, 0x09,0x14,0xdf,0xf4, }, 256,
|
||||
{ 0x6b,0xc1,0xbe,0xe2, 0x2e,0x40,0x9f,0x96,
|
||||
0xe9,0x3d,0x7e,0x11, 0x73,0x93,0x17,0x2a,
|
||||
0xae,0x2d,0x8a,0x57, 0x1e,0x03,0xac,0x9c,
|
||||
0x9e,0xb7,0x6f,0xac, 0x45,0xaf,0x8e,0x51,
|
||||
0x30,0xc8,0x1c,0x46, 0xa3,0x5c,0xe4,0x11,
|
||||
0xe5,0xfb,0xc1,0x19, 0x1a,0x0a,0x52,0xef,
|
||||
0xf6,0x9f,0x24,0x45, 0xdf,0x4f,0x9b,0x17,
|
||||
0xad,0x2b,0x41,0x7b, 0xe6,0x6c,0x37,0x10, }, 512,
|
||||
{ 0xe1,0x99,0x21,0x90, 0x54,0x9f,0x6e,0xd5,
|
||||
0x69,0x6a,0x2c,0x05, 0x6c,0x31,0x54,0x10, }, 128,
|
||||
{ EVP_aes_256_cbc, /* Count = 33 from CMACGenAES256.txt */
|
||||
{ 0x0b,0x12,0x2a,0xc8, 0xf3,0x4e,0xd1,0xfe,
|
||||
0x08,0x2a,0x36,0x25, 0xd1,0x57,0x56,0x14,
|
||||
0x54,0x16,0x7a,0xc1, 0x45,0xa1,0x0b,0xbf,
|
||||
0x77,0xc6,0xa7,0x05, 0x96,0xd5,0x74,0xf1, }, 256,
|
||||
{ 0x49,0x8b,0x53,0xfd, 0xec,0x87,0xed,0xcb,
|
||||
0xf0,0x70,0x97,0xdc, 0xcd,0xe9,0x3a,0x08,
|
||||
0x4b,0xad,0x75,0x01, 0xa2,0x24,0xe3,0x88,
|
||||
0xdf,0x34,0x9c,0xe1, 0x89,0x59,0xfe,0x84,
|
||||
0x85,0xf8,0xad,0x15, 0x37,0xf0,0xd8,0x96,
|
||||
0xea,0x73,0xbe,0xdc, 0x72,0x14,0x71,0x3f, }, 384,
|
||||
{ 0xf6,0x2c,0x46,0x32, 0x9b, }, 40,
|
||||
},
|
||||
# if 0
|
||||
/* Removed because the actual result was:
|
||||
0x74,0x3d,0xdb,0xe0, 0xce,0x2d,0xc2,0xed
|
||||
I suspect an error on my part -- Richard Levitte
|
||||
*/
|
||||
{ EVP_des_ede3_cbc, /* Example 15: Mlen = 160 */
|
||||
{ 0x8a,0xa8,0x3b,0xf8, 0xcb,0xda,0x10,0x62,
|
||||
0x0b,0xc1,0xbf,0x19, 0xfb,0xb6,0xcd,0x58,
|
||||
0xbc,0x31,0x3d,0x4a, 0x37,0x1c,0xa8,0xb5, }, 192,
|
||||
{ 0x6b,0xc1,0xbe,0xe2, 0x2e,0x40,0x9f,0x96,
|
||||
0xe9,0x3d,0x7e,0x11, 0x73,0x93,0x17,0x2a,
|
||||
0xae,0x2d,0x8a,0x57, }, 160,
|
||||
{ 0xd3,0x2b,0xce,0xbe, 0x43,0xd2,0x3d,0x80, }, 64,
|
||||
{ EVP_des_ede3_cbc, /* Count = 41 from CMACGenTDES3.req */
|
||||
{ 0x89,0xbc,0xd9,0x52, 0xa8,0xc8,0xab,0x37,
|
||||
0x1a,0xf4,0x8a,0xc7, 0xd0,0x70,0x85,0xd5,
|
||||
0xef,0xf7,0x02,0xe6, 0xd6,0x2c,0xdc,0x23, }, 192,
|
||||
{ 0xfa,0x62,0x0c,0x1b, 0xbe,0x97,0x31,0x9e,
|
||||
0x9a,0x0c,0xf0,0x49, 0x21,0x21,0xf7,0xa2,
|
||||
0x0e,0xb0,0x8a,0x6a, 0x70,0x9d,0xcb,0xd0,
|
||||
0x0a,0xaf,0x38,0xe4, 0xf9,0x9e,0x75,0x4e, }, 256,
|
||||
{ 0x8f,0x49,0xa1,0xb7, 0xd6,0xaa,0x22,0x58, }, 64,
|
||||
},
|
||||
# endif
|
||||
};
|
||||
|
||||
int FIPS_selftest_cmac()
|
||||
@ -133,7 +123,7 @@ int FIPS_selftest_cmac()
|
||||
CMAC_Final(ctx, out, &outlen);
|
||||
CMAC_CTX_cleanup(ctx);
|
||||
|
||||
if(outlen != t->macsize/8 || memcmp(out,t->mac,outlen))
|
||||
if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8))
|
||||
{
|
||||
FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);
|
||||
return 0;
|
||||
|
Loading…
x
Reference in New Issue
Block a user