From: =?ISO-8859-1?Q?Adrian-Ken_R=FCegsegger?= <rueegsegger@swiss-it.ch>
Subject: Re: [PATCH] tcrypt: add self test for des3_ebe cipher operating in
 cbc mode
Date: Fri, 30 May 2008 19:26:38 +0200
Message-ID: <484038CE.2080606@swiss-it.ch>
References: <20080523195145.GA28328@hmsreliant.think-freely.org> <20080524000624.GB26747@gondor.apana.org.au> <20080524003458.GB10168@localhost.localdomain>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
	linux-crypto@vger.kernel.org, davem@davemloft.net
To: Neil Horman <nhorman@tuxdriver.com>
Return-path: <linux-crypto-owner@vger.kernel.org>
Received: from zux006-004-203.adsl.green.ch ([81.6.4.203]:34281 "EHLO
	mailx.swiss-it.ch" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752586AbYE3R0o (ORCPT
	<rfc822;linux-crypto@vger.kernel.org>);
	Fri, 30 May 2008 13:26:44 -0400
In-Reply-To: <20080524003458.GB10168@localhost.localdomain>
Sender: linux-crypto-owner@vger.kernel.org
List-ID: <linux-crypto.vger.kernel.org>

Neil Horman wrote:
> On Sat, May 24, 2008 at 10:06:25AM +1000, Herbert Xu wrote:
>> Could you document the source of these vectors in the patch
>> description please?
> 
> Sure, reposting
> 
> Patch to add checking  of DES3 test vectors using CBC mode.  FIPS-140-2
> compliance mandates that any supported mode of operation must include a self
> test.  This satisfies that requirement for cbc(des3_ede).  The included test
> vector was generated by me using openssl.  Key/IV was generated with the
> following command: 
> openssl enc -des_ede_cbc -P
> input and output values were generated by repeating the string "Too many
> secrets" a few times over, truncating it to 128 bytes, and encrypting it with
> openssl using the aformentioned key.  Tested successfully by myself

I was wondering why you created your own test vectors. Wouldn't standardized test vectors by NIST or ANSI be preferable?

-Adrian

> 
> Regards
> Neil
> 
> 
> Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
> 
> 
> tcrypt.c |    8 +++++
> tcrypt.h |   93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
> 2 files changed, 98 insertions(+), 3 deletions(-)
> 
> diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
> index 6beabc5..649a8e4 100644
> --- a/crypto/tcrypt.c
> +++ b/crypto/tcrypt.c
> @@ -1180,6 +1180,14 @@ static void do_test(void)
>  		test_cipher("ecb(des3_ede)", DECRYPT, des3_ede_dec_tv_template,
>  			    DES3_EDE_DEC_TEST_VECTORS);
>  
> +		test_cipher("cbc(des3_ede)", ENCRYPT,
> +			    des3_ede_cbc_enc_tv_template,
> +			    DES3_EDE_CBC_ENC_TEST_VECTORS);
> +
> +		test_cipher("cbc(des3_ede)", DECRYPT,
> +			    des3_ede_cbc_dec_tv_template,
> +			    DES3_EDE_CBC_DEC_TEST_VECTORS);
> +
>  		test_hash("md4", md4_tv_template, MD4_TEST_VECTORS);
>  
>  		test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS);
> diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h
> index 47bc0ec..8893733 100644
> --- a/crypto/tcrypt.h
> +++ b/crypto/tcrypt.h
> @@ -1442,6 +1442,8 @@ static struct hash_testvec hmac_sha512_tv_template[] = {
>  #define DES_CBC_DEC_TEST_VECTORS	4
>  #define DES3_EDE_ENC_TEST_VECTORS	3
>  #define DES3_EDE_DEC_TEST_VECTORS	3
> +#define DES3_EDE_CBC_ENC_TEST_VECTORS	1
> +#define DES3_EDE_CBC_DEC_TEST_VECTORS	1
>  
>  static struct cipher_testvec des_enc_tv_template[] = {
>  	{ /* From Applied Cryptography */
> @@ -1680,9 +1682,6 @@ static struct cipher_testvec des_cbc_dec_tv_template[] = {
>  	},
>  };
>  
> -/*
> - * We really need some more test vectors, especially for DES3 CBC.
> - */
>  static struct cipher_testvec des3_ede_enc_tv_template[] = {
>  	{ /* These are from openssl */
>  		.key	= "\x01\x23\x45\x67\x89\xab\xcd\xef"
> @@ -1745,6 +1744,94 @@ static struct cipher_testvec des3_ede_dec_tv_template[] = {
>  	},
>  };
>  
> +static struct cipher_testvec des3_ede_cbc_enc_tv_template[] = {
> +	{ /* Generated from openssl */
> +		.key	= "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
> +			  "\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
> +			  "\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
> +		.klen	= 24,
> +		.iv	= "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
> +		.input	= "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
> +			  "\x53\x20\x63\x65\x65\x72\x73\x74"
> +			  "\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
> +			  "\x20\x79\x65\x53\x72\x63\x74\x65"
> +			  "\x20\x73\x6f\x54\x20\x6f\x61\x4d"
> +			  "\x79\x6e\x53\x20\x63\x65\x65\x72"
> +			  "\x73\x74\x54\x20\x6f\x6f\x4d\x20"
> +			  "\x6e\x61\x20\x79\x65\x53\x72\x63"
> +			  "\x74\x65\x20\x73\x6f\x54\x20\x6f"
> +			  "\x61\x4d\x79\x6e\x53\x20\x63\x65"
> +			  "\x65\x72\x73\x74\x54\x20\x6f\x6f"
> +			  "\x4d\x20\x6e\x61\x20\x79\x65\x53"
> +			  "\x72\x63\x74\x65\x20\x73\x6f\x54"
> +			  "\x20\x6f\x61\x4d\x79\x6e\x53\x20"
> +			  "\x63\x65\x65\x72\x73\x74\x54\x20"
> +			  "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
> +		.ilen	= 128,
> +		.result = "\x15\x8d\x5d\x34\x1b\x3f\xda\xda"
> +			  "\x4f\xce\x21\x82\x12\x54\x21\x0d"
> +			  "\xb2\x36\xda\xcc\xff\xb2\xff\x79"
> +			  "\x30\xe9\x95\xf4\x52\xf6\xf1\x43"
> +			  "\xf2\x88\xe1\x1c\x42\xa1\x6a\x11"
> +			  "\xda\x8f\xbd\x94\x5e\xe5\xa8\x43"
> +			  "\xe4\x4f\xbd\x0d\x1e\x67\xa1\x89"
> +			  "\x9a\x4e\x66\x62\x50\xb3\x07\x3e"
> +			  "\xc8\xc1\x87\x3d\x96\x62\xf7\xe7"
> +			  "\x96\x15\xa8\x34\xb6\x94\x1a\x17"
> +			  "\x05\xde\x62\xd6\xd8\x73\xd6\xb4"
> +			  "\x24\x1f\x57\xb6\x80\x9a\x65\x50"
> +			  "\xa0\xee\x2f\x8b\x4c\x80\x86\xfb"
> +			  "\xbb\xda\xa0\xa2\x4b\x49\x6c\x72"
> +			  "\x69\x83\xe9\xaa\x92\x56\x33\x95"
> +			  "\xbc\x80\x88\x04\xde\xd5\x74\x9f",
> +		.rlen	= 128,
> +	},
> +};
> +
> +static struct cipher_testvec des3_ede_cbc_dec_tv_template[] = {
> +	{ /* Generated from openssl */
> +		.key	= "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24"
> +			  "\x44\x4D\x99\x5A\x12\xD6\x40\xC0"
> +			  "\xEA\xC2\x84\xE8\x14\x95\xDB\xE8",
> +		.klen	= 24,
> +		.iv	= "\x7D\x33\x88\x93\x0F\x93\xB2\x42",
> +		.input =  "\x15\x8d\x5d\x34\x1b\x3f\xda\xda"
> +			  "\x4f\xce\x21\x82\x12\x54\x21\x0d"
> +			  "\xb2\x36\xda\xcc\xff\xb2\xff\x79"
> +			  "\x30\xe9\x95\xf4\x52\xf6\xf1\x43"
> +			  "\xf2\x88\xe1\x1c\x42\xa1\x6a\x11"
> +			  "\xda\x8f\xbd\x94\x5e\xe5\xa8\x43"
> +			  "\xe4\x4f\xbd\x0d\x1e\x67\xa1\x89"
> +			  "\x9a\x4e\x66\x62\x50\xb3\x07\x3e"
> +			  "\xc8\xc1\x87\x3d\x96\x62\xf7\xe7"
> +			  "\x96\x15\xa8\x34\xb6\x94\x1a\x17"
> +			  "\x05\xde\x62\xd6\xd8\x73\xd6\xb4"
> +			  "\x24\x1f\x57\xb6\x80\x9a\x65\x50"
> +			  "\xa0\xee\x2f\x8b\x4c\x80\x86\xfb"
> +			  "\xbb\xda\xa0\xa2\x4b\x49\x6c\x72"
> +			  "\x69\x83\xe9\xaa\x92\x56\x33\x95"
> +			  "\xbc\x80\x88\x04\xde\xd5\x74\x9f",
> +		.ilen	= 128,
> +		.result	= "\x6f\x54\x20\x6f\x61\x4d\x79\x6e"
> +			  "\x53\x20\x63\x65\x65\x72\x73\x74"
> +			  "\x54\x20\x6f\x6f\x4d\x20\x6e\x61"
> +			  "\x20\x79\x65\x53\x72\x63\x74\x65"
> +			  "\x20\x73\x6f\x54\x20\x6f\x61\x4d"
> +			  "\x79\x6e\x53\x20\x63\x65\x65\x72"
> +			  "\x73\x74\x54\x20\x6f\x6f\x4d\x20"
> +			  "\x6e\x61\x20\x79\x65\x53\x72\x63"
> +			  "\x74\x65\x20\x73\x6f\x54\x20\x6f"
> +			  "\x61\x4d\x79\x6e\x53\x20\x63\x65"
> +			  "\x65\x72\x73\x74\x54\x20\x6f\x6f"
> +			  "\x4d\x20\x6e\x61\x20\x79\x65\x53"
> +			  "\x72\x63\x74\x65\x20\x73\x6f\x54"
> +			  "\x20\x6f\x61\x4d\x79\x6e\x53\x20"
> +			  "\x63\x65\x65\x72\x73\x74\x54\x20"
> +			  "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79",
> +		.rlen	= 128,
> +	},
> +};
> +
>  /*
>   * Blowfish test vectors.
>   */
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html