Commit 2407d60872dd2a95404c6048f775f3b64d438f4b
Committed by
Herbert Xu
1 parent
332f8840f7
Exists in
master
and in
4 other branches
[CRYPTO] salsa20: Salsa20 stream cipher
This patch implements the Salsa20 stream cipher using the blkcipher interface. The core cipher code comes from Daniel Bernstein's submission to eSTREAM: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ref/ The test vectors comes from: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ It has been tested successfully with "modprobe tcrypt mode=34" on an UML instance. Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Showing 5 changed files with 424 additions and 1 deletions Side-by-side Diff
crypto/Kconfig
... | ... | @@ -454,6 +454,18 @@ |
454 | 454 | See also: |
455 | 455 | <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> |
456 | 456 | |
457 | +config CRYPTO_SALSA20 | |
458 | + tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" | |
459 | + depends on EXPERIMENTAL | |
460 | + select CRYPTO_BLKCIPHER | |
461 | + help | |
462 | + Salsa20 stream cipher algorithm. | |
463 | + | |
464 | + Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT | |
465 | + Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> | |
466 | + | |
467 | + The Salsa20 stream cipher algorithm is designed by Daniel J. | |
468 | + Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> | |
457 | 469 | |
458 | 470 | config CRYPTO_DEFLATE |
459 | 471 | tristate "Deflate compression algorithm" |
crypto/Makefile
... | ... | @@ -49,6 +49,7 @@ |
49 | 49 | obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.o |
50 | 50 | obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o |
51 | 51 | obj-$(CONFIG_CRYPTO_SEED) += seed.o |
52 | +obj-$(CONFIG_CRYPTO_SALSA20) += salsa20_generic.o | |
52 | 53 | obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o |
53 | 54 | obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o |
54 | 55 | obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o |
crypto/salsa20_generic.c
1 | +/* | |
2 | + * Salsa20: Salsa20 stream cipher algorithm | |
3 | + * | |
4 | + * Copyright (c) 2007 Tan Swee Heng <thesweeheng@gmail.com> | |
5 | + * | |
6 | + * Derived from: | |
7 | + * - salsa20.c: Public domain C code by Daniel J. Bernstein <djb@cr.yp.to> | |
8 | + * | |
9 | + * Salsa20 is a stream cipher candidate in eSTREAM, the ECRYPT Stream | |
10 | + * Cipher Project. It is designed by Daniel J. Bernstein <djb@cr.yp.to>. | |
11 | + * More information about eSTREAM and Salsa20 can be found here: | |
12 | + * http://www.ecrypt.eu.org/stream/ | |
13 | + * http://cr.yp.to/snuffle.html | |
14 | + * | |
15 | + * This program is free software; you can redistribute it and/or modify it | |
16 | + * under the terms of the GNU General Public License as published by the Free | |
17 | + * Software Foundation; either version 2 of the License, or (at your option) | |
18 | + * any later version. | |
19 | + * | |
20 | + */ | |
21 | + | |
22 | +#include <linux/init.h> | |
23 | +#include <linux/module.h> | |
24 | +#include <linux/errno.h> | |
25 | +#include <linux/crypto.h> | |
26 | +#include <linux/types.h> | |
27 | +#include <crypto/algapi.h> | |
28 | +#include <asm/byteorder.h> | |
29 | + | |
30 | +#define SALSA20_IV_SIZE 8U | |
31 | +#define SALSA20_MIN_KEY_SIZE 16U | |
32 | +#define SALSA20_MAX_KEY_SIZE 32U | |
33 | + | |
34 | +/* | |
35 | + * Start of code taken from D. J. Bernstein's reference implementation. | |
36 | + * With some modifications and optimizations made to suit our needs. | |
37 | + */ | |
38 | + | |
39 | +/* | |
40 | +salsa20-ref.c version 20051118 | |
41 | +D. J. Bernstein | |
42 | +Public domain. | |
43 | +*/ | |
44 | + | |
45 | +#define ROTATE(v,n) (((v) << (n)) | ((v) >> (32 - (n)))) | |
46 | +#define XOR(v,w) ((v) ^ (w)) | |
47 | +#define PLUS(v,w) (((v) + (w))) | |
48 | +#define PLUSONE(v) (PLUS((v),1)) | |
49 | +#define U32TO8_LITTLE(p, v) \ | |
50 | + { (p)[0] = (v >> 0) & 0xff; (p)[1] = (v >> 8) & 0xff; \ | |
51 | + (p)[2] = (v >> 16) & 0xff; (p)[3] = (v >> 24) & 0xff; } | |
52 | +#define U8TO32_LITTLE(p) \ | |
53 | + (((u32)((p)[0]) ) | ((u32)((p)[1]) << 8) | \ | |
54 | + ((u32)((p)[2]) << 16) | ((u32)((p)[3]) << 24) ) | |
55 | + | |
56 | +struct salsa20_ctx | |
57 | +{ | |
58 | + u32 input[16]; | |
59 | +}; | |
60 | + | |
61 | +static void salsa20_wordtobyte(u8 output[64], const u32 input[16]) | |
62 | +{ | |
63 | + u32 x[16]; | |
64 | + int i; | |
65 | + | |
66 | + memcpy(x, input, sizeof(x)); | |
67 | + for (i = 20; i > 0; i -= 2) { | |
68 | + x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 0],x[12]), 7)); | |
69 | + x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[ 4],x[ 0]), 9)); | |
70 | + x[12] = XOR(x[12],ROTATE(PLUS(x[ 8],x[ 4]),13)); | |
71 | + x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[12],x[ 8]),18)); | |
72 | + x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 5],x[ 1]), 7)); | |
73 | + x[13] = XOR(x[13],ROTATE(PLUS(x[ 9],x[ 5]), 9)); | |
74 | + x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[13],x[ 9]),13)); | |
75 | + x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 1],x[13]),18)); | |
76 | + x[14] = XOR(x[14],ROTATE(PLUS(x[10],x[ 6]), 7)); | |
77 | + x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[14],x[10]), 9)); | |
78 | + x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 2],x[14]),13)); | |
79 | + x[10] = XOR(x[10],ROTATE(PLUS(x[ 6],x[ 2]),18)); | |
80 | + x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[15],x[11]), 7)); | |
81 | + x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 3],x[15]), 9)); | |
82 | + x[11] = XOR(x[11],ROTATE(PLUS(x[ 7],x[ 3]),13)); | |
83 | + x[15] = XOR(x[15],ROTATE(PLUS(x[11],x[ 7]),18)); | |
84 | + x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[ 0],x[ 3]), 7)); | |
85 | + x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[ 1],x[ 0]), 9)); | |
86 | + x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[ 2],x[ 1]),13)); | |
87 | + x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[ 3],x[ 2]),18)); | |
88 | + x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 5],x[ 4]), 7)); | |
89 | + x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 6],x[ 5]), 9)); | |
90 | + x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 7],x[ 6]),13)); | |
91 | + x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 4],x[ 7]),18)); | |
92 | + x[11] = XOR(x[11],ROTATE(PLUS(x[10],x[ 9]), 7)); | |
93 | + x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[11],x[10]), 9)); | |
94 | + x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 8],x[11]),13)); | |
95 | + x[10] = XOR(x[10],ROTATE(PLUS(x[ 9],x[ 8]),18)); | |
96 | + x[12] = XOR(x[12],ROTATE(PLUS(x[15],x[14]), 7)); | |
97 | + x[13] = XOR(x[13],ROTATE(PLUS(x[12],x[15]), 9)); | |
98 | + x[14] = XOR(x[14],ROTATE(PLUS(x[13],x[12]),13)); | |
99 | + x[15] = XOR(x[15],ROTATE(PLUS(x[14],x[13]),18)); | |
100 | + } | |
101 | + for (i = 0; i < 16; ++i) | |
102 | + x[i] = PLUS(x[i],input[i]); | |
103 | + for (i = 0; i < 16; ++i) | |
104 | + U32TO8_LITTLE(output + 4 * i,x[i]); | |
105 | +} | |
106 | + | |
107 | +static const char sigma[16] = "expand 32-byte k"; | |
108 | +static const char tau[16] = "expand 16-byte k"; | |
109 | + | |
110 | +static void salsa20_keysetup(struct salsa20_ctx *ctx, const u8 *k, u32 kbytes) | |
111 | +{ | |
112 | + const char *constants; | |
113 | + | |
114 | + ctx->input[1] = U8TO32_LITTLE(k + 0); | |
115 | + ctx->input[2] = U8TO32_LITTLE(k + 4); | |
116 | + ctx->input[3] = U8TO32_LITTLE(k + 8); | |
117 | + ctx->input[4] = U8TO32_LITTLE(k + 12); | |
118 | + if (kbytes == 32) { /* recommended */ | |
119 | + k += 16; | |
120 | + constants = sigma; | |
121 | + } else { /* kbytes == 16 */ | |
122 | + constants = tau; | |
123 | + } | |
124 | + ctx->input[11] = U8TO32_LITTLE(k + 0); | |
125 | + ctx->input[12] = U8TO32_LITTLE(k + 4); | |
126 | + ctx->input[13] = U8TO32_LITTLE(k + 8); | |
127 | + ctx->input[14] = U8TO32_LITTLE(k + 12); | |
128 | + ctx->input[0] = U8TO32_LITTLE(constants + 0); | |
129 | + ctx->input[5] = U8TO32_LITTLE(constants + 4); | |
130 | + ctx->input[10] = U8TO32_LITTLE(constants + 8); | |
131 | + ctx->input[15] = U8TO32_LITTLE(constants + 12); | |
132 | +} | |
133 | + | |
134 | +static void salsa20_ivsetup(struct salsa20_ctx *ctx, const u8 *iv) | |
135 | +{ | |
136 | + ctx->input[6] = U8TO32_LITTLE(iv + 0); | |
137 | + ctx->input[7] = U8TO32_LITTLE(iv + 4); | |
138 | + ctx->input[8] = 0; | |
139 | + ctx->input[9] = 0; | |
140 | +} | |
141 | + | |
142 | +static void salsa20_encrypt_bytes(struct salsa20_ctx *ctx, u8 *dst, | |
143 | + const u8 *src, unsigned int bytes) | |
144 | +{ | |
145 | + u8 buf[64]; | |
146 | + int i; | |
147 | + | |
148 | + if (dst != src) | |
149 | + memcpy(dst, src, bytes); | |
150 | + | |
151 | + while (bytes) { | |
152 | + salsa20_wordtobyte(buf, ctx->input); | |
153 | + | |
154 | + ctx->input[8] = PLUSONE(ctx->input[8]); | |
155 | + if (!ctx->input[8]) | |
156 | + ctx->input[9] = PLUSONE(ctx->input[9]); | |
157 | + | |
158 | + if (bytes <= 64) { | |
159 | + for (i = 0; i < bytes/4; ++i) | |
160 | + ((u32*)dst)[i] ^= ((u32*)buf)[i]; | |
161 | + for (i = bytes - bytes % 4; i < bytes; ++i) | |
162 | + dst[i] ^= buf[i]; | |
163 | + return; | |
164 | + } | |
165 | + | |
166 | + for (i = 0; i < 64/4; ++i) | |
167 | + ((u32*)dst)[i] ^= ((u32*)buf)[i]; | |
168 | + bytes -= 64; | |
169 | + dst += 64; | |
170 | + } | |
171 | +} | |
172 | + | |
173 | +/* | |
174 | + * End of code taken from D. J. Bernstein's reference implementation. | |
175 | + */ | |
176 | + | |
177 | +static int setkey(struct crypto_tfm *tfm, const u8 *key, | |
178 | + unsigned int keysize) | |
179 | +{ | |
180 | + struct salsa20_ctx *ctx = crypto_tfm_ctx(tfm); | |
181 | + salsa20_keysetup(ctx, key, keysize); | |
182 | + return 0; | |
183 | +} | |
184 | + | |
185 | +static int encrypt(struct blkcipher_desc *desc, | |
186 | + struct scatterlist *dst, struct scatterlist *src, | |
187 | + unsigned int nbytes) | |
188 | +{ | |
189 | + struct blkcipher_walk walk; | |
190 | + struct crypto_blkcipher *tfm = desc->tfm; | |
191 | + struct salsa20_ctx *ctx = crypto_blkcipher_ctx(tfm); | |
192 | + int err; | |
193 | + | |
194 | + blkcipher_walk_init(&walk, dst, src, nbytes); | |
195 | + err = blkcipher_walk_virt(desc, &walk); | |
196 | + | |
197 | + salsa20_ivsetup(ctx, walk.iv); | |
198 | + salsa20_encrypt_bytes(ctx, walk.dst.virt.addr, | |
199 | + walk.src.virt.addr, nbytes); | |
200 | + | |
201 | + err = blkcipher_walk_done(desc, &walk, 0); | |
202 | + return err; | |
203 | +} | |
204 | + | |
205 | +static struct crypto_alg alg = { | |
206 | + .cra_name = "salsa20", | |
207 | + .cra_driver_name = "salsa20-generic", | |
208 | + .cra_priority = 100, | |
209 | + .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, | |
210 | + .cra_type = &crypto_blkcipher_type, | |
211 | + .cra_blocksize = 1, | |
212 | + .cra_ctxsize = sizeof(struct salsa20_ctx), | |
213 | + .cra_alignmask = 3, | |
214 | + .cra_module = THIS_MODULE, | |
215 | + .cra_list = LIST_HEAD_INIT(alg.cra_list), | |
216 | + .cra_u = { | |
217 | + .blkcipher = { | |
218 | + .setkey = setkey, | |
219 | + .encrypt = encrypt, | |
220 | + .decrypt = encrypt, | |
221 | + .min_keysize = SALSA20_MIN_KEY_SIZE, | |
222 | + .max_keysize = SALSA20_MAX_KEY_SIZE, | |
223 | + .ivsize = SALSA20_IV_SIZE, | |
224 | + } | |
225 | + } | |
226 | +}; | |
227 | + | |
228 | +static int __init init(void) | |
229 | +{ | |
230 | + return crypto_register_alg(&alg); | |
231 | +} | |
232 | + | |
233 | +static void __exit fini(void) | |
234 | +{ | |
235 | + crypto_unregister_alg(&alg); | |
236 | +} | |
237 | + | |
238 | +module_init(init); | |
239 | +module_exit(fini); | |
240 | + | |
241 | +MODULE_LICENSE("GPL"); | |
242 | +MODULE_DESCRIPTION ("Salsa20 stream cipher algorithm"); | |
243 | +MODULE_ALIAS("salsa20"); |
crypto/tcrypt.c
... | ... | @@ -80,7 +80,7 @@ |
80 | 80 | "cast6", "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", |
81 | 81 | "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", |
82 | 82 | "khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", "fcrypt", |
83 | - "camellia", "seed", NULL | |
83 | + "camellia", "seed", "salsa20", NULL | |
84 | 84 | }; |
85 | 85 | |
86 | 86 | static void hexdump(unsigned char *buf, unsigned int len) |
... | ... | @@ -1307,6 +1307,12 @@ |
1307 | 1307 | break; |
1308 | 1308 | case 33: |
1309 | 1309 | test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS); |
1310 | + break; | |
1311 | + | |
1312 | + case 34: | |
1313 | + test_cipher("salsa20", ENCRYPT, | |
1314 | + salsa20_stream_enc_tv_template, | |
1315 | + SALSA20_STREAM_ENC_TEST_VECTORS); | |
1310 | 1316 | break; |
1311 | 1317 | |
1312 | 1318 | case 100: |
crypto/tcrypt.h
... | ... | @@ -4644,6 +4644,167 @@ |
4644 | 4644 | } |
4645 | 4645 | }; |
4646 | 4646 | |
4647 | +#define SALSA20_STREAM_ENC_TEST_VECTORS 4 | |
4648 | +static struct cipher_testvec salsa20_stream_enc_tv_template[] = { | |
4649 | + /* | |
4650 | + * Testvectors from verified.test-vectors submitted to ECRYPT. | |
4651 | + * They are truncated to size 39, 64, 111, 129 to test a variety | |
4652 | + * of input length. | |
4653 | + */ | |
4654 | + { /* Set 3, vector 0 */ | |
4655 | + .key = { | |
4656 | + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | |
4657 | + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F | |
4658 | + }, | |
4659 | + .klen = 16, | |
4660 | + .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
4661 | + .input = { | |
4662 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4663 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4664 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4665 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4666 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4667 | + }, | |
4668 | + .ilen = 39, | |
4669 | + .result = { | |
4670 | + 0x2D, 0xD5, 0xC3, 0xF7, 0xBA, 0x2B, 0x20, 0xF7, | |
4671 | + 0x68, 0x02, 0x41, 0x0C, 0x68, 0x86, 0x88, 0x89, | |
4672 | + 0x5A, 0xD8, 0xC1, 0xBD, 0x4E, 0xA6, 0xC9, 0xB1, | |
4673 | + 0x40, 0xFB, 0x9B, 0x90, 0xE2, 0x10, 0x49, 0xBF, | |
4674 | + 0x58, 0x3F, 0x52, 0x79, 0x70, 0xEB, 0xC1, | |
4675 | + }, | |
4676 | + .rlen = 39, | |
4677 | + }, { /* Set 5, vector 0 */ | |
4678 | + .key = { | |
4679 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4680 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | |
4681 | + }, | |
4682 | + .klen = 16, | |
4683 | + .iv = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
4684 | + .input = { | |
4685 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4686 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4687 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4688 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4689 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4690 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4691 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4692 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4693 | + }, | |
4694 | + .ilen = 64, | |
4695 | + .result = { | |
4696 | + 0xB6, 0x6C, 0x1E, 0x44, 0x46, 0xDD, 0x95, 0x57, | |
4697 | + 0xE5, 0x78, 0xE2, 0x23, 0xB0, 0xB7, 0x68, 0x01, | |
4698 | + 0x7B, 0x23, 0xB2, 0x67, 0xBB, 0x02, 0x34, 0xAE, | |
4699 | + 0x46, 0x26, 0xBF, 0x44, 0x3F, 0x21, 0x97, 0x76, | |
4700 | + 0x43, 0x6F, 0xB1, 0x9F, 0xD0, 0xE8, 0x86, 0x6F, | |
4701 | + 0xCD, 0x0D, 0xE9, 0xA9, 0x53, 0x8F, 0x4A, 0x09, | |
4702 | + 0xCA, 0x9A, 0xC0, 0x73, 0x2E, 0x30, 0xBC, 0xF9, | |
4703 | + 0x8E, 0x4F, 0x13, 0xE4, 0xB9, 0xE2, 0x01, 0xD9, | |
4704 | + }, | |
4705 | + .rlen = 64, | |
4706 | + }, { /* Set 3, vector 27 */ | |
4707 | + .key = { | |
4708 | + 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, | |
4709 | + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, | |
4710 | + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, | |
4711 | + 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A | |
4712 | + }, | |
4713 | + .klen = 32, | |
4714 | + .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
4715 | + .input = { | |
4716 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4717 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4718 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4719 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4720 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4721 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4722 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4723 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4724 | + | |
4725 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4726 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4727 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4728 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4729 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4730 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4731 | + }, | |
4732 | + .ilen = 111, | |
4733 | + .result = { | |
4734 | + 0xAE, 0x39, 0x50, 0x8E, 0xAC, 0x9A, 0xEC, 0xE7, | |
4735 | + 0xBF, 0x97, 0xBB, 0x20, 0xB9, 0xDE, 0xE4, 0x1F, | |
4736 | + 0x87, 0xD9, 0x47, 0xF8, 0x28, 0x91, 0x35, 0x98, | |
4737 | + 0xDB, 0x72, 0xCC, 0x23, 0x29, 0x48, 0x56, 0x5E, | |
4738 | + 0x83, 0x7E, 0x0B, 0xF3, 0x7D, 0x5D, 0x38, 0x7B, | |
4739 | + 0x2D, 0x71, 0x02, 0xB4, 0x3B, 0xB5, 0xD8, 0x23, | |
4740 | + 0xB0, 0x4A, 0xDF, 0x3C, 0xEC, 0xB6, 0xD9, 0x3B, | |
4741 | + 0x9B, 0xA7, 0x52, 0xBE, 0xC5, 0xD4, 0x50, 0x59, | |
4742 | + | |
4743 | + 0x15, 0x14, 0xB4, 0x0E, 0x40, 0xE6, 0x53, 0xD1, | |
4744 | + 0x83, 0x9C, 0x5B, 0xA0, 0x92, 0x29, 0x6B, 0x5E, | |
4745 | + 0x96, 0x5B, 0x1E, 0x2F, 0xD3, 0xAC, 0xC1, 0x92, | |
4746 | + 0xB1, 0x41, 0x3F, 0x19, 0x2F, 0xC4, 0x3B, 0xC6, | |
4747 | + 0x95, 0x46, 0x45, 0x54, 0xE9, 0x75, 0x03, 0x08, | |
4748 | + 0x44, 0xAF, 0xE5, 0x8A, 0x81, 0x12, 0x09, | |
4749 | + }, | |
4750 | + .rlen = 111, | |
4751 | + | |
4752 | + }, { /* Set 5, vector 27 */ | |
4753 | + .key = { | |
4754 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4755 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4756 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4757 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | |
4758 | + }, | |
4759 | + .klen = 32, | |
4760 | + .iv = { 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00 }, | |
4761 | + .input = { | |
4762 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4763 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4764 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4765 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4766 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4767 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4768 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4769 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4770 | + | |
4771 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4772 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4773 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4774 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4775 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4776 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4777 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4778 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
4779 | + | |
4780 | + 0x00, | |
4781 | + }, | |
4782 | + .ilen = 129, | |
4783 | + .result = { | |
4784 | + 0xD2, 0xDB, 0x1A, 0x5C, 0xF1, 0xC1, 0xAC, 0xDB, | |
4785 | + 0xE8, 0x1A, 0x7A, 0x43, 0x40, 0xEF, 0x53, 0x43, | |
4786 | + 0x5E, 0x7F, 0x4B, 0x1A, 0x50, 0x52, 0x3F, 0x8D, | |
4787 | + 0x28, 0x3D, 0xCF, 0x85, 0x1D, 0x69, 0x6E, 0x60, | |
4788 | + 0xF2, 0xDE, 0x74, 0x56, 0x18, 0x1B, 0x84, 0x10, | |
4789 | + 0xD4, 0x62, 0xBA, 0x60, 0x50, 0xF0, 0x61, 0xF2, | |
4790 | + 0x1C, 0x78, 0x7F, 0xC1, 0x24, 0x34, 0xAF, 0x58, | |
4791 | + 0xBF, 0x2C, 0x59, 0xCA, 0x90, 0x77, 0xF3, 0xB0, | |
4792 | + | |
4793 | + 0x5B, 0x4A, 0xDF, 0x89, 0xCE, 0x2C, 0x2F, 0xFC, | |
4794 | + 0x67, 0xF0, 0xE3, 0x45, 0xE8, 0xB3, 0xB3, 0x75, | |
4795 | + 0xA0, 0x95, 0x71, 0xA1, 0x29, 0x39, 0x94, 0xCA, | |
4796 | + 0x45, 0x2F, 0xBD, 0xCB, 0x10, 0xB6, 0xBE, 0x9F, | |
4797 | + 0x8E, 0xF9, 0xB2, 0x01, 0x0A, 0x5A, 0x0A, 0xB7, | |
4798 | + 0x6B, 0x9D, 0x70, 0x8E, 0x4B, 0xD6, 0x2F, 0xCD, | |
4799 | + 0x2E, 0x40, 0x48, 0x75, 0xE9, 0xE2, 0x21, 0x45, | |
4800 | + 0x0B, 0xC9, 0xB6, 0xB5, 0x66, 0xBC, 0x9A, 0x59, | |
4801 | + | |
4802 | + 0x5A, | |
4803 | + }, | |
4804 | + .rlen = 129, | |
4805 | + } | |
4806 | +}; | |
4807 | + | |
4647 | 4808 | /* |
4648 | 4809 | * Compression stuff. |
4649 | 4810 | */ |