Powered by ViewCVS 1.0-dev
* added speed measurement code and cleaned a few things up.
/* ecrypt-test.c */
/*
* API conformance test and test vector generation (DRAFT)
*
* Based on the NESSIE test suite (http://www.cryptonessie.org/)
*/
/* ------------------------------------------------------------------------- */
#define QUOTE(str) QUOTE_HELPER(str)
#define QUOTE_HELPER(str) # str
#include "ecrypt-portable.h"
#include QUOTE(ECRYPT_API)
#if defined(ECRYPT_SSYN) || defined(ECRYPT_SSYN_AE)
#error self-synchronising stream ciphers are not supported yet
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
/* ------------------------------------------------------------------------- */
int compare_blocks(const u8 *m1, const u8 *m2, int len_bits)
{
int i;
const int lenb = (len_bits + 7) >> 3;
const int mask0 = (1 << (((len_bits - 1) & 7) + 1)) - 1;
if ((m1[0] & mask0) != (m2[0] & mask0))
return 1;
for (i = 1; i < lenb; i++)
if (m1[i] != m2[i])
return 1;
return 0;
}
void print_data(FILE *fd, const char *str, const u8 *val, int len)
{
int i;
static const char hex[] = "0123456789ABCDEF";
fprintf(fd, "%28s = ", str);
for (i = 0; i < len; i++)
{
if (i > 0 && (i & 0xF) == 0 && (len > 24))
fprintf(fd, "\n%28s ", "");
putc(hex[(val[i] >> 4) & 0xF], fd);
putc(hex[(val[i] ) & 0xF], fd);
}
fprintf(fd, "\n");
}
void print_chunk(FILE *fd, const char *str, const u8 *val, int start, int len)
{
char indexed[80];
sprintf(indexed, "%s[%d..%d]", str, start, start + len - 1);
print_data(fd, indexed, val + start, len);
}
void xor_digest(const u8 *stream, int size, u8 *out, int outsize)
{
int i;
memset(out, 0, outsize);
for (i = 0; i < size; i++)
out[i % outsize] ^= stream[i];
}
/* ------------------------------------------------------------------------- */
double cpu_speed = 0.0;
double test_time = 3.0;
int test_packet = 1;
int test_setup = 1;
int output_vectors = 0;
int single_key = 0;
int errors = 0;
/* ------------------------------------------------------------------------- */
void check_status()
{
const double sec = (double)clock() / (double)CLOCKS_PER_SEC;
if (errors >= 10)
{
fprintf(stderr, "Too many errors (%d errors). Aborting test.\n", errors);
exit(1);
}
if (sec > test_time)
{
fprintf(stderr, "Time out (%.2f seconds). Aborting test.\n", sec);
exit(2);
}
}
/* ------------------------------------------------------------------------- */
#if defined(ECRYPT_SYNC_AE) || defined(ECRYPT_SSYN_AE)
#define ECRYPT_AE
#define CTX ECRYPT_AE_ctx
#define IVSETUP ECRYPT_AE_ivsetup
#define ENCRYPT_BYTES ECRYPT_AE_encrypt_bytes
#define DECRYPT_BYTES ECRYPT_AE_decrypt_bytes
#define AUTHENTICATE_BYTES ECRYPT_AE_authenticate_bytes
#define ENCRYPT_BLOCKS ECRYPT_AE_encrypt_blocks
#define DECRYPT_BLOCKS ECRYPT_AE_decrypt_blocks
#define KEYSETUP ECRYPT_AE_keysetup
#define ENCRYPT_PACKET ECRYPT_AE_encrypt_packet
#define DECRYPT_PACKET ECRYPT_AE_decrypt_packet
#define FINALIZE ECRYPT_AE_finalize
#else
#define CTX ECRYPT_ctx
#define IVSETUP ECRYPT_ivsetup
#define ENCRYPT_BYTES ECRYPT_encrypt_bytes
#define DECRYPT_BYTES ECRYPT_decrypt_bytes
#define ENCRYPT_BLOCKS ECRYPT_encrypt_blocks
#define DECRYPT_BLOCKS ECRYPT_decrypt_blocks
#define KEYSETUP(ctx, key, keysize, ivsize, macsize) \
ECRYPT_keysetup(ctx, key, keysize, ivsize)
#define ENCRYPT_PACKET( \
ctx, iv, aad, aadlen, plaintext, ciphertext, msglen, mac) \
ECRYPT_encrypt_packet(ctx, iv, plaintext, ciphertext, msglen)
#define DECRYPT_PACKET( \
ctx, iv, aad, aadlen, ciphertext, plaintext, msglen, mac) \
ECRYPT_decrypt_packet(ctx, iv, ciphertext, plaintext, msglen)
#define FINALIZE(ctx, checkmac)
#define ECRYPT_MAXMACSIZE 0
#define ECRYPT_MACSIZE(i) (i)
#endif
#define NONZEROSIZE(s) (((s) <= 0) ? 4 : (s))
#define MAXKEYSIZEB NONZEROSIZE((ECRYPT_MAXKEYSIZE + 7) / 8)
#define MAXIVSIZEB NONZEROSIZE((ECRYPT_MAXIVSIZE + 7) / 8)
#define MAXMACSIZEB NONZEROSIZE((ECRYPT_MAXMACSIZE + 7) / 8)
/* ------------------------------------------------------------------------- */
void print_header(FILE *fd)
{
fprintf(fd,
"****************************************"
"****************************************\n");
fprintf(fd,
"* ECRYPT Stream"
" Cipher Project *\n");
fprintf(fd,
"****************************************"
"****************************************\n");
}
void print_primitive(FILE *fd, int keysize, int ivsize, int macsize)
{
fprintf(fd, "\n");
fprintf(fd, "Primitive Name: %s\n", ECRYPT_NAME);
fprintf(fd, "================%.*s\n", (int)strlen(ECRYPT_NAME),
"==========================================");
fprintf(fd, "Key size: %d bits\n", keysize);
fprintf(fd, "IV size: %d bits\n", ivsize);
#ifdef ECRYPT_AE
fprintf(fd, "MAC size: %d bits\n", macsize);
#endif
fprintf(fd, "\n");
fprintf(fd, "Preferred block length: %d bytes\n", ECRYPT_BLOCKLENGTH);
fprintf(fd, "\n");
}
/* ------------------------------------------------------------------------- */
#define TEST_STREAM_SIZEB 0x200
#define LONG_TEST_STREAM_SIZEB 0x20000
#define TEST_CHUNK 64
#ifdef ECRYPT_LONG_VECTORS
#define TEST_STEP 1
#else
#define TEST_STEP 9
#endif
typedef struct
{
int keysize;
int ivsize;
int msglen;
CTX ctx;
u8 key[MAXKEYSIZEB];
u8 iv[MAXIVSIZEB];
u8 plaintext[LONG_TEST_STREAM_SIZEB];
u8 ciphertext[LONG_TEST_STREAM_SIZEB];
u8 checktext[LONG_TEST_STREAM_SIZEB];
#ifdef ECRYPT_AE
int macsize;
int aadlen;
u8 aad[TEST_CHUNK];
u8 mac[MAXMACSIZEB];
u8 checkmac[MAXMACSIZEB];
#endif
u8 xored[TEST_CHUNK];
FILE *fd;
int vector;
} test_struct;
void encrypt_and_check(test_struct* t, void (*print)(test_struct*, int))
{
u8* plaintext;
u8* ciphertext;
u8* checktext;
int msglen;
unsigned int i;
memset(t->ciphertext, 0, sizeof(t->ciphertext));
#ifdef ECRYPT_AE
memset(t->mac, 0, sizeof(t->mac));
#endif
KEYSETUP(&t->ctx, t->key, t->keysize, t->ivsize, t->macsize);
ENCRYPT_PACKET(&t->ctx, t->iv,
t->aad, t->aadlen, t->plaintext, t->ciphertext, t->msglen, t->mac);
print(t, 0);
#ifdef ECRYPT_AE
memset(t->checkmac, 0, sizeof(t->checkmac));
#endif
memset(t->checktext, 0, sizeof(t->checktext));
KEYSETUP(&t->ctx, t->key, t->keysize, t->ivsize, t->macsize);
DECRYPT_PACKET(&t->ctx, t->iv,
t->aad, t->aadlen, t->ciphertext, t->checktext, t->msglen, t->checkmac);
if (compare_blocks(t->plaintext, t->checktext, t->msglen * 8) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> decrypt_packet:\n"
"*** decrypted text differs from plaintext:\n");
print(t, 1);
}
#ifdef ECRYPT_AE
else if (compare_blocks(t->mac, t->checkmac, t->macsize) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> decrypt_packet:\n"
"*** decryption MAC differs from encryption MAC:\n");
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
}
memset(t->checkmac, 0, sizeof(t->checkmac));
#endif
memset(t->checktext, 0, sizeof(t->checktext));
IVSETUP(&t->ctx, t->iv);
#ifdef ECRYPT_SUPPORTS_AAD
AUTHENTICATE_BYTES(&t->ctx, t->aad, t->aadlen);
#endif
ENCRYPT_BYTES(&t->ctx, t->plaintext, t->checktext, t->msglen);
FINALIZE(&t->ctx, t->checkmac);
if (compare_blocks(t->ciphertext, t->checktext, t->msglen * 8) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> encrypt_bytes:\n"
"*** encrypt_bytes generates different ciphertext:\n");
print(t, 2);
}
#ifdef ECRYPT_AE
else if (compare_blocks(t->mac, t->checkmac, t->macsize) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> encrypt_bytes:\n"
"*** encrypt_bytes generates different MAC:\n");
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
}
memset(t->checkmac, 0, sizeof(t->checkmac));
#endif
memset(t->checktext, 0, sizeof(t->checktext));
IVSETUP(&t->ctx, t->iv);
#ifdef ECRYPT_SUPPORTS_AAD
AUTHENTICATE_BYTES(&t->ctx, t->aad, t->aadlen);
#endif
DECRYPT_BYTES(&t->ctx, t->ciphertext, t->checktext, t->msglen);
FINALIZE(&t->ctx, t->checkmac);
if (compare_blocks(t->plaintext, t->checktext, t->msglen * 8) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> decrypt_bytes:\n"
"*** decrypt_bytes generates different plaintext:\n");
print(t, 2);
}
#ifdef ECRYPT_AE
else if (compare_blocks(t->mac, t->checkmac, t->macsize) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> decrypt_bytes:\n"
"*** decrypt_bytes generates different MAC:\n");
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
}
memset(t->checkmac, 0, sizeof(t->checkmac));
#endif
memset(t->checktext, 0, sizeof(t->checktext));
IVSETUP(&t->ctx, t->iv);
#ifdef ECRYPT_SUPPORTS_AAD
AUTHENTICATE_BYTES(&t->ctx, t->aad, t->aadlen);
#endif
plaintext = t->plaintext;
checktext = t->checktext;
msglen = t->msglen;
for (i = (t->vector + 1) * 1381; msglen >= ECRYPT_BLOCKLENGTH; i *= 1487)
{
const int blocks = i % (msglen / ECRYPT_BLOCKLENGTH + 1);
const int bytes = blocks * ECRYPT_BLOCKLENGTH;
ENCRYPT_BLOCKS(&t->ctx, plaintext, checktext, blocks);
plaintext += bytes;
checktext += bytes;
msglen -= bytes;
if (blocks == 0)
break;
}
ENCRYPT_BYTES(&t->ctx, plaintext, checktext, msglen);
FINALIZE(&t->ctx, t->checkmac);
if (compare_blocks(t->ciphertext, t->checktext, t->msglen * 8) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> encrypt_blocks/bytes:\n"
"*** encrypt_blocks/bytes generates different ciphertext:\n");
print(t, 2);
}
#ifdef ECRYPT_AE
else if (compare_blocks(t->mac, t->checkmac, t->macsize) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> encrypt_blocks/bytes:\n"
"*** encrypt_blocks/bytes generates different MAC:\n");
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
}
memset(t->checkmac, 0, sizeof(t->checkmac));
#endif
memset(t->checktext, 0, sizeof(t->checktext));
IVSETUP(&t->ctx, t->iv);
#ifdef ECRYPT_SUPPORTS_AAD
AUTHENTICATE_BYTES(&t->ctx, t->aad, t->aadlen);
#endif
ciphertext = t->ciphertext;
checktext = t->checktext;
msglen = t->msglen;
for (i = (t->vector + 1) * 1381; msglen >= ECRYPT_BLOCKLENGTH; i *= 1487)
{
const int blocks = i % (msglen / ECRYPT_BLOCKLENGTH + 1);
const int bytes = blocks * ECRYPT_BLOCKLENGTH;
DECRYPT_BLOCKS(&t->ctx, ciphertext, checktext, blocks);
ciphertext += bytes;
checktext += bytes;
msglen -= bytes;
if (blocks == 0)
break;
}
DECRYPT_BYTES(&t->ctx, ciphertext, checktext, msglen);
FINALIZE(&t->ctx, t->checkmac);
if (compare_blocks(t->plaintext, t->checktext, t->msglen * 8) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> decrypt_blocks/bytes:\n"
"*** decrypt_blocks/bytes generates different plaintext:\n");
print(t, 2);
}
#ifdef ECRYPT_AE
else if (compare_blocks(t->mac, t->checkmac, t->macsize) != 0)
{
++errors;
fprintf(t->fd,
"*** ERROR: encrypt_packet <-> decrypt_blocks/bytes:\n"
"*** decrypt_blocks/bytes generates different MAC:\n");
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
}
#endif
fprintf(t->fd, "\n");
check_status();
}
void print_stream(test_struct* t, int type)
{
const int chunk = TEST_CHUNK;
switch (type)
{
case 0:
print_data(t->fd, "key", t->key, (t->keysize + 7) / 8);
print_data(t->fd, "IV", t->iv, (t->ivsize + 7) / 8);
print_chunk(t->fd, "stream", t->ciphertext, 0, chunk);
print_chunk(t->fd, "stream", t->ciphertext, t->msglen/2-chunk, chunk);
print_chunk(t->fd, "stream", t->ciphertext, t->msglen/2, chunk);
print_chunk(t->fd, "stream", t->ciphertext, t->msglen-chunk, chunk);
xor_digest(t->ciphertext, t->msglen, t->xored, chunk);
print_data(t->fd, "xor-digest", t->xored, chunk);
#ifdef ECRYPT_AE
print_data(t->fd, "MAC", t->mac, (t->macsize + 7) / 8);
#endif
break;
case 1:
print_chunk(t->fd, "decryption", t->checktext, 0, chunk);
print_chunk(t->fd, "decryption", t->checktext, t->msglen/2-chunk, chunk);
print_chunk(t->fd, "decryption", t->checktext, t->msglen/2, chunk);
print_chunk(t->fd, "decryption", t->checktext, t->msglen-chunk, chunk);
xor_digest(t->checktext, t->msglen, t->xored, chunk);
print_data(t->fd, "xor-digest", t->xored, chunk);
#ifdef ECRYPT_AE
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
#endif
break;
case 2:
print_chunk(t->fd, "stream", t->checktext, 0, chunk);
print_chunk(t->fd, "stream", t->checktext, t->msglen/2-chunk, chunk);
print_chunk(t->fd, "stream", t->checktext, t->msglen/2, chunk);
print_chunk(t->fd, "stream", t->checktext, t->msglen-chunk, chunk);
xor_digest(t->checktext, t->msglen, t->xored, chunk);
print_data(t->fd, "xor-digest", t->xored, chunk);
#ifdef ECRYPT_AE
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
#endif
break;
}
}
void print_pair(test_struct* t, int type)
{
switch (type)
{
case 0:
print_data(t->fd, "key", t->key, (t->keysize + 7) / 8);
print_data(t->fd, "IV", t->iv, (t->ivsize + 7) / 8);
#ifdef ECRYPT_SUPPORTS_AAD
if (t->aadlen)
print_data(t->fd, "AAD", t->aad, t->aadlen);
#endif
print_data(t->fd, "plaintext", t->plaintext, t->msglen);
print_data(t->fd, "ciphertext", t->ciphertext, t->msglen);
#ifdef ECRYPT_AE
print_data(t->fd, "MAC", t->mac, (t->macsize + 7) / 8);
#endif
break;
case 1:
print_data(t->fd, "decryption", t->checktext, t->msglen);
#ifdef ECRYPT_AE
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
#endif
break;
case 2:
print_data(t->fd, "ciphertext", t->checktext, t->msglen);
#ifdef ECRYPT_AE
print_data(t->fd, "MAC", t->checkmac, (t->macsize + 7) / 8);
#endif
break;
}
}
void test_vectors(FILE *fd, int keysize, int ivsize, int macsize)
{
#define STREAM_VECTOR(set, vect) \
do { \
fprintf(fd, "Set %d, vector#%3d:\n", set, t.vector = vect); \
encrypt_and_check(&t, print_stream); \
} while (0)
#define MAC_VECTOR(set, vect) \
do { \
fprintf(fd, "Set %d, vector#%3d:\n", set, t.vector = vect); \
encrypt_and_check(&t, print_pair); \
} while (0)
#define AAD_VECTOR(set, vect) \
do { \
fprintf(fd, "Set %d, vector#%3d:\n", set, t.vector = vect); \
encrypt_and_check(&t, print_pair); \
} while (0)
test_struct t;
int i, v;
print_primitive(fd, keysize, ivsize, macsize);
memset(t.plaintext, 0, sizeof(t.plaintext));
memset(t.ciphertext, 0, sizeof(t.ciphertext));
/* check key stream */
t.fd = fd;
t.keysize = keysize;
t.ivsize = ivsize;
#ifdef ECRYPT_AE
t.macsize = macsize;
t.aadlen = 0;
#endif
t.msglen = TEST_STREAM_SIZEB;
fprintf(t.fd, "Test vectors -- set 1\n");
fprintf(t.fd, "=====================\n\n");
fprintf(t.fd, "(stream is generated by encrypting %d zero bytes)\n\n",
t.msglen);
memset(t.iv, 0, sizeof(t.iv));
for (v = 0; v < t.keysize; v += TEST_STEP)
{
memset(t.key, 0, sizeof(t.key));
t.key[v >> 3] = 1 << (7 - (v & 7));
STREAM_VECTOR(1, v);
}
fprintf(t.fd, "Test vectors -- set 2\n");
fprintf(t.fd, "=====================\n\n");
memset(t.iv, 0, sizeof(t.iv));
for (v = 0; v < 256; v += TEST_STEP)
{
memset(t.key, v, sizeof(t.key));
STREAM_VECTOR(2, v);
}
fprintf(fd, "Test vectors -- set 3\n");
fprintf(fd, "=====================\n\n");
memset(t.iv, 0, sizeof(t.iv));
for (v = 0; v < 256; v += TEST_STEP)
{
for (i = 0; i < sizeof(t.key); i++)
t.key[i] = (i + v) & 0xFF;
STREAM_VECTOR(3, v);
}
t.msglen = LONG_TEST_STREAM_SIZEB;
fprintf(t.fd, "Test vectors -- set 4\n");
fprintf(t.fd, "=====================\n\n");
for (v = 0; v < 4; v++)
{
for (i = 0; i< sizeof(t.key); i++)
t.key[i] = (i * 0x53 + v * 5) & 0xFF;
STREAM_VECTOR(4, v);
}
t.msglen = TEST_STREAM_SIZEB;
fprintf(t.fd, "Test vectors -- set 5\n");
fprintf(t.fd, "=====================\n\n");
memset(t.key, 0, sizeof(t.key));
for (v = 0; v < t.ivsize; v += TEST_STEP)
{
memset(t.iv, 0, sizeof(t.iv));
t.iv[v >> 3] = 1 << (7 - (v & 7));
STREAM_VECTOR(5, v);
}
t.msglen = LONG_TEST_STREAM_SIZEB;
fprintf(t.fd, "Test vectors -- set 6\n");
fprintf(t.fd, "=====================\n\n");
for (v = 0; v < 4; v++)
{
for (i = 0; i < sizeof(t.key); i++)
t.key[i] = (i * 0x53 + v * 5) & 0xFF;
for (i = 0; i < sizeof(t.iv); i++)
t.iv[i] = (i * 0x67 + v * 9 + 13) & 0xFF;
STREAM_VECTOR(6, v);
}
#if defined(ECRYPT_AE) || !defined(ECRYPT_GENERATES_KEYSTREAM)
/* check MAC */
t.msglen = TEST_STREAM_SIZEB;
fprintf(t.fd, "Test vectors -- set 7\n");
fprintf(t.fd, "=====================\n\n");
memset(t.key, 0, sizeof(t.key));
memset(t.iv, 0, sizeof(t.iv));
memset(t.plaintext, 0, sizeof(t.plaintext));
for (i = 0; i < sizeof(t.key); i++)
t.key[i] = (i * 0x11) & 0xFF;
for (v = 0; v <= TEST_CHUNK; v += TEST_STEP)
{
t.msglen = v;
MAC_VECTOR(7, v);
}
t.msglen = TEST_CHUNK / 2;
fprintf(t.fd, "Test vectors -- set 8\n");
fprintf(t.fd, "=====================\n\n");
memset(t.key, 0, sizeof(t.key));
memset(t.iv, 0, sizeof(t.iv));
for (v = 0; v < t.msglen * 8; v += TEST_STEP)
{
memset(t.plaintext, 0, sizeof(t.plaintext));
t.plaintext[v >> 3] = 1 << (7 - (v & 7));
MAC_VECTOR(8, v);
}
fprintf(t.fd, "Test vectors -- set 9\n");
fprintf(t.fd, "=====================\n\n");
for (v = 0; v < 4; v++)
{
for (i = 0; i < sizeof(t.key); i++)
t.key[i] = (i * 0x53 + v * 5) & 0xFF;
for (i = 0; i < sizeof(t.iv); i++)
t.iv[i] = (i * 0x67 + v * 9 + 13) & 0xFF;
for (i = 0; i < t.msglen; i++)
t.plaintext[i] = (i * 0x61 + v * 7 + 109) & 0xFF;
MAC_VECTOR(9, v);
}
#ifdef ECRYPT_SUPPORTS_AAD
/* check AAD */
t.msglen = TEST_CHUNK / 2;
fprintf(t.fd, "Test vectors -- set 10\n");
fprintf(t.fd, "======================\n\n");
memset(t.key, 0, sizeof(t.key));
memset(t.iv, 0, sizeof(t.iv));
memset(t.plaintext, 0, sizeof(t.plaintext));
memset(t.aad, 0, sizeof(t.aad));
for (i = 0; i < sizeof(t.key); i++)
t.key[i] = (i * 0x11) & 0xFF;
for (v = 0; v <= TEST_CHUNK; v += TEST_STEP)
{
t.aadlen = v;
AAD_VECTOR(10, v);
}
t.aadlen = TEST_CHUNK / 2;
fprintf(t.fd, "Test vectors -- set 11\n");
fprintf(t.fd, "======================\n\n");
memset(t.key, 0, sizeof(t.key));
memset(t.iv, 0, sizeof(t.iv));
memset(t.plaintext, 0, sizeof(t.plaintext));
for (v = 0; v < t.aadlen * 8; v += TEST_STEP)
{
memset(t.aad, 0, sizeof(t.aad));
t.aad[v >> 3] = 1 << (7 - (v & 7));
AAD_VECTOR(11, v);
}
fprintf(t.fd, "Test vectors -- set 12\n");
fprintf(t.fd, "======================\n\n");
for (v = 0; v < 4; v++)
{
for (i = 0; i < sizeof(t.key); i++)
t.key[i] = (i * 0x53 + v * 5) & 0xFF;
for (i = 0; i < sizeof(t.iv); i++)
t.iv[i] = (i * 0x67 + v * 9 + 13) & 0xFF;
for (i = 0; i < t.msglen; i++)
t.plaintext[i] = (i * 0x61 + v * 7 + 109) & 0xFF;
for (i = 0; i < t.aadlen; i++)
t.aad[i] = (i * 0x25 + v * 13 + 11) & 0xFF;
AAD_VECTOR(12, v);
}
#endif
#endif
fprintf(t.fd, "\n\nEnd of test vectors\n");
}
/* ------------------------------------------------------------------------- */
void test_if_conform_to_api(FILE *fd, int keysize, int ivsize, int macsize)
{
CTX ctx[2];
u8 key[2][MAXKEYSIZEB];
u8 iv[2][MAXIVSIZEB];
u8 plaintext[TEST_CHUNK + ECRYPT_BLOCKLENGTH];
u8 ciphertext[3][TEST_CHUNK + ECRYPT_BLOCKLENGTH];
#ifdef ECRYPT_AE
u8 mac[3][MAXMACSIZEB];
#endif
int msglen = TEST_CHUNK;
int i;
for(i = 0; i < MAXKEYSIZEB; i++)
{
key[0][i] = 3 * i + 5;
key[1][i] = 240 - 5 * i;
}
for(i = 0; i < MAXIVSIZEB; i++)
{
iv[0][i] = 9 * i + 25;
iv[1][i] = 11 * i + 17;
}
memset(plaintext, 0, sizeof(plaintext));
memset(ciphertext, 0, sizeof(ciphertext));
KEYSETUP(&ctx[0], key[0], keysize, ivsize, macsize);
IVSETUP(&ctx[0], iv[0]);
ENCRYPT_BYTES(&ctx[0], plaintext, ciphertext[0], msglen);
FINALIZE(&ctx[0], mac[0]);
IVSETUP(&ctx[0], iv[0]);
ENCRYPT_BYTES(&ctx[0], plaintext, ciphertext[1], msglen);
FINALIZE(&ctx[0], mac[1]);
if (compare_blocks(ciphertext[0], ciphertext[1], msglen * 8) != 0)
{
++errors;
fprintf(fd,
"*** ERROR: Code does not conform to ECRYPT API:\n"
"*** Two calls to ivsetup produced different results:\n");
print_data(fd, "K", key[0], (keysize + 7) / 8);
print_data(fd, "IV", iv[0], (ivsize + 7) / 8);
print_data(fd, "P", plaintext, msglen);
print_data(fd, "C after 1st IV setup", ciphertext[0], msglen);
print_data(fd, "C after 2nd IV setup", ciphertext[1], msglen);
fprintf(fd, "\n");
fflush(fd);
}
#ifdef ECRYPT_AE
else if (compare_blocks(mac[0], mac[1], macsize) != 0)
{
++errors;
fprintf(fd,
"*** ERROR: Code does not conform to ECRYPT API:\n"
"*** Two calls to ivsetup produced different results:\n");
print_data(fd, "K", key[0], (keysize + 7) / 8);
print_data(fd, "IV", iv[0], (ivsize + 7) / 8);
print_data(fd, "P", plaintext, msglen);
print_data(fd, "MAC after 1st IV setup", mac[0], (macsize + 7) / 8);
print_data(fd, "MAC after 2nd IV setup", mac[1], (macsize + 7) / 8);
fprintf(fd, "\n");
fflush(fd);
}
#endif
check_status();
memset(ciphertext, 0, sizeof(ciphertext));
KEYSETUP(&ctx[0], key[0], keysize, ivsize, macsize);
IVSETUP(&ctx[0], iv[0]);
ENCRYPT_BYTES(&ctx[0], plaintext, ciphertext[0], msglen);
FINALIZE(&ctx[0], mac[0]);
KEYSETUP(&ctx[1], key[1], keysize, ivsize, macsize);
IVSETUP(&ctx[1], iv[1]);
ENCRYPT_BYTES(&ctx[1], plaintext, ciphertext[1], msglen);
FINALIZE(&ctx[1], mac[1]);
IVSETUP(&ctx[0], iv[0]);
IVSETUP(&ctx[1], iv[1]);
ENCRYPT_BYTES(&ctx[0], plaintext, ciphertext[2], msglen);
FINALIZE(&ctx[0], mac[2]);
if (compare_blocks(ciphertext[0], ciphertext[2], msglen * 8) != 0)
{
++errors;
fprintf(fd,
"*** ERROR: Code does not conform to ECRYPT API:\n"
"*** code produces inconsistent results when calls with different\n"
"*** contexts are interleaved:\n");
if (compare_blocks(ciphertext[1], ciphertext[2], msglen * 8) == 0)
fprintf(fd,
"*** (this is probably due to the use of static state variables)\n");
print_data(fd, "K1", key[0], (keysize + 7) / 8);
print_data(fd, "K2", key[1], (keysize + 7) / 8);
print_data(fd, "IV1", iv[0], (ivsize + 7) / 8);
print_data(fd, "IV2", iv[0], (ivsize + 7) / 8);
print_data(fd, "P", plaintext, msglen);
print_data(fd, "C by K1", ciphertext[0], msglen);
print_data(fd, "C by K2", ciphertext[1], msglen);
print_data(fd, "C by K1 after IV2 setup", ciphertext[2], msglen);
fprintf(fd, "\n");
fflush(fd);
}
#ifdef ECRYPT_AE
else if (compare_blocks(mac[0], mac[2], macsize) != 0)
{
++errors;
fprintf(fd,
"*** ERROR: Code does not conform to ECRYPT API:\n"
"*** code produces inconsistent results when calls with different\n"
"*** contexts are interleaved:\n");
if (compare_blocks(mac[1], mac[2], macsize) == 0)
fprintf(fd,
"*** (this is probably due to the use of static state variables)\n");
print_data(fd, "K1", key[0], (keysize + 7) / 8);
print_data(fd, "K2", key[1], (keysize + 7) / 8);
print_data(fd, "IV1", iv[0], (ivsize + 7) / 8);
print_data(fd, "IV2", iv[0], (ivsize + 7) / 8);
print_data(fd, "P", plaintext, msglen);
print_data(fd, "MAC by K1", mac[0], (macsize + 7) / 8);
print_data(fd, "MAC by K2", mac[1], (macsize + 7) / 8);
print_data(fd, "MAC by K1 after IV2 setup", mac[2], (macsize + 7) / 8);
fprintf(fd, "\n");
fflush(fd);
}
#endif
check_status();
#define B ECRYPT_BLOCKLENGTH
memset(ciphertext, 0, sizeof(ciphertext));
KEYSETUP(&ctx[0], key[0], keysize, ivsize, macsize);
IVSETUP(&ctx[0], iv[0]);
ENCRYPT_BYTES(&ctx[0], plaintext + B, ciphertext[0] + B, msglen);
FINALIZE(&ctx[0], mac[0]);
KEYSETUP(&ctx[1], key[1], keysize, ivsize, macsize);
IVSETUP(&ctx[1], iv[1]);
ENCRYPT_BLOCKS(&ctx[1], plaintext, ciphertext[1], 1);
ENCRYPT_BYTES(&ctx[1], plaintext + B, ciphertext[1] + B, msglen);
FINALIZE(&ctx[1], mac[1]);
IVSETUP(&ctx[0], iv[0]);
IVSETUP(&ctx[1], iv[1]);
ENCRYPT_BLOCKS(&ctx[1], plaintext, ciphertext[2], 1);
ENCRYPT_BYTES(&ctx[0], plaintext + B, ciphertext[2] + B, msglen);
FINALIZE(&ctx[0], mac[2]);
if (compare_blocks(ciphertext[0] + B, ciphertext[2] + B, msglen * 8) != 0)
{
++errors;
fprintf(fd,
"*** ERROR: Code does not conform to ECRYPT API:\n"
"*** code produces inconsistent results when calls with different\n"
"*** contexts are interleaved:\n");
if (compare_blocks(ciphertext[1], ciphertext[2], (msglen + B) * 8) == 0)
fprintf(fd,
"*** (this is probably due to the use of static state variables)\n");
print_data(fd, "K1", key[0], (keysize + 7) / 8);
print_data(fd, "K2", key[1], (keysize + 7) / 8);
print_data(fd, "IV1", iv[0], (ivsize + 7) / 8);
print_data(fd, "IV2", iv[1], (ivsize + 7) / 8);
print_data(fd, "(last part of) P", plaintext + B, msglen);
print_data(fd, "C by K1", ciphertext[0] + B, msglen);
print_data(fd, "last part of C by K2", ciphertext[1] + B, msglen);
print_data(fd, "C by K1 after calls K2", ciphertext[2] + B, msglen);
fprintf(fd, "\n");
fflush(fd);
}
#ifdef ECRYPT_AE
else if (compare_blocks(mac[0], mac[2], macsize) != 0)
{
++errors;
fprintf(fd,
"*** ERROR: Code does not conform to ECRYPT API:\n"
"*** code produces inconsistent results when calls with different\n"
"*** contexts are interleaved:\n");
if (compare_blocks(mac[1], mac[2], macsize) == 0)
fprintf(fd,
"*** (this is probably due to the use of static state variables)\n");
print_data(fd, "K1", key[0], (keysize + 7) / 8);
print_data(fd, "K2", key[1], (keysize + 7) / 8);
print_data(fd, "IV1", iv[0], (ivsize + 7) / 8);
print_data(fd, "IV2", iv[1], (ivsize + 7) / 8);
print_data(fd, "(last part of) P", plaintext, msglen);
print_data(fd, "MAC by K1", mac[0], (macsize + 7) / 8);
print_data(fd, "MAC by K2", mac[1], (macsize + 7) / 8);
print_data(fd, "MAC by K1 after K2 calls", mac[2], (macsize + 7) / 8);
fprintf(fd, "\n");
fflush(fd);
}
#endif
check_status();
#ifdef ECRYPT_SUPPORTS_AAD
KEYSETUP(&ctx[0], key[0], keysize, ivsize, macsize);
IVSETUP(&ctx[0], iv[0]);
AUTHENTICATE_BYTES(&ctx[0], plaintext, msglen);
FINALIZE(&ctx[0], mac[0]);
KEYSETUP(&ctx[1], key[1], keysize, ivsize, macsize);
IVSETUP(&ctx[1], iv[1]);
AUTHENTICATE_BYTES(&ctx[1], plaintext, msglen);
FINALIZE(&ctx[1], mac[1]);
IVSETUP(&ctx[0], iv[0]);
AUTHENTICATE_BYTES(&ctx[0], plaintext, msglen);
IVSETUP(&ctx[1], iv[1]);
AUTHENTICATE_BYTES(&ctx[1], plaintext, msglen);
FINALIZE(&ctx[1], mac[2]);
FINALIZE(&ctx[0], mac[2]);
if (compare_blocks(mac[0], mac[2], macsize) != 0)
{
++errors;
fprintf(fd,
"*** ERROR: Code does not conform to ECRYPT API:\n"
"*** code produces inconsistent results when calls with different\n"
"*** contexts are interleaved:\n");
if (compare_blocks(mac[1], mac[2], macsize) == 0)
fprintf(fd,
"*** (this is probably due to the use of static state variables)\n");
print_data(fd, "K1", key[0], (keysize + 7) / 8);
print_data(fd, "K2", key[1], (keysize + 7) / 8);
print_data(fd, "IV1", iv[0], (ivsize + 7) / 8);
print_data(fd, "IV2", iv[1], (ivsize + 7) / 8);
print_data(fd, "AAD", plaintext, msglen);
print_data(fd, "MAC by K1", mac[0], (macsize + 7) / 8);
print_data(fd, "MAC by K2", mac[1], (macsize + 7) / 8);
print_data(fd, "MAC by K1 after K2 calls", mac[2], (macsize + 7) / 8);
fprintf(fd, "\n");
fflush(fd);
}
check_status();
#endif
}
/* ------------------------------------------------------------------------- */
#define KEYS_TO_TEST 100
#define TEST_TARGET 0x1000
#define TEST_BLOCKS (TEST_TARGET + ECRYPT_BLOCKLENGTH - 1) / ECRYPT_BLOCKLENGTH
#define TEST_SPEED(LOOP, TEST) \
do { \
\
for (keys_to_test = 1; 1; keys_to_test *= 10) \
{ \
/* First test a few times to let data enter the cache */ \
for(i = j = 0; i < keys_to_test; i++, j++) \
TEST; \
\
/* And then compute how many tests can be made in 1/10th second */ \
start = clock(); \
\
for(i = 0; clock() < start + CLOCKS_PER_SEC / 10; ) \
for(j = 0; j < keys_to_test; j++, i++) \
TEST; \
\
if ((i < 10) || (keys_to_test * 10 > KEYS_TO_TEST)) \
break; \
} \
\
start = clock(); \
\
for(i = 0; clock() < start + CLOCKS_PER_SEC; ) \
for(j = 0; j < keys_to_test; j++, i++) \
TEST; \
\
/* Now test for about test_time seconds under keys_to_test keys */ \
\
tests = test_time * i * CLOCKS_PER_SEC / (clock() - start); \
tests_per_key = tests / keys_to_test; \
\
/* truncate to multiples of 100 keys */ \
if (tests_per_key > 500) \
tests_per_key = tests_per_key - tests_per_key % 100; \
\
/* truncate to multiples of 10 keys */ \
if (tests_per_key > 50) \
tests_per_key = tests_per_key - tests_per_key % 10; \
\
/* Perform at least one test per key */ \
if (tests_per_key < 1) \
tests_per_key = 1; \
\
tests = tests_per_key * keys_to_test; \
\
start = clock(); \
\
LOOP \
TEST; \
\
finish = clock(); \
\
clocks = (int)(finish - start); \
usec = (double)clocks \
/ (double)CLOCKS_PER_SEC \
/ (double)tests \
* 1000000.0; \
\
} while (0)
#define FOR_I_FOR_J \
for(i = 0; i < keys_to_test; i++) \
for(j = 0; j < tests_per_key; j++)
#define FOR_J_FOR_I \
for(j = 0; j < tests_per_key; j++) \
for(i = 0; i < keys_to_test; i++)
void test_speed(FILE *fd, int keysize, int ivsize, int macsize)
{
CTX ctx[KEYS_TO_TEST];
u8 key[KEYS_TO_TEST][MAXKEYSIZEB];
u8 iv[KEYS_TO_TEST][MAXIVSIZEB];
u8 text[2][TEST_BLOCKS * ECRYPT_BLOCKLENGTH];
#ifdef ECRYPT_AE
u8 mac[MAXMACSIZEB];
#endif
int tests, tests_per_key, keys_to_test;
clock_t start, finish;
int clocks;
double usec, usec_enc, size;
static const int sizes[3] = {40, 576, 1500};
static const double ratios[3] = {7.0, 4.0, 1.0};
double usecs[3];
int i, j, k;
print_primitive(fd, keysize, ivsize, macsize);
fprintf(fd, "CPU speed: %.1f MHz\n", cpu_speed);
/* get clock tick resolution */
for(start = clock(); (finish = clock()) == start; );
clocks = (int)(finish - start);
fprintf(fd,
"Clock tick resolution: %d (%f seconds, %.1f ticks/second)\n"
"Expected measurement accuracy: %.4f%% (if run alone on the cpu)\n",
clocks, (double)clocks / (double)CLOCKS_PER_SEC,
(double)CLOCKS_PER_SEC / (double)clocks,
100.0 * (double)clocks / (double)CLOCKS_PER_SEC / test_time);
fprintf(fd, "\n");
fprintf(fd, "Testing memory requirements:\n\n");
fflush(fd);
fprintf(fd, "Size of %s: %d bytes\n\n", QUOTE(CTX), (int)sizeof(CTX));
for(i = 0; i < KEYS_TO_TEST; i++)
{
for(j = 0; j < MAXKEYSIZEB; j++)
key[i][j] = U8V(rand());
for(j = 0; j < MAXIVSIZEB; j++)
iv[i][j] = U8V(rand());
KEYSETUP(&ctx[i], key[i], keysize, ivsize, macsize);
IVSETUP(&ctx[i], iv[i]);
}
for(i = 0; i < TEST_BLOCKS * ECRYPT_BLOCKLENGTH; i++)
text[0][i] = U8V(rand());
fprintf(fd, "Testing stream encryption speed:\n\n");
fflush(fd);
TEST_SPEED(FOR_I_FOR_J, do
{
ENCRYPT_BLOCKS(&ctx[i % KEYS_TO_TEST],
text[i % 2], text[(i + 1) % 2], TEST_BLOCKS);
} while (0));
fprintf(fd,
"Encrypted %d blocks of %d bytes (under %d keys, %d blocks/key)\n",
tests, TEST_BLOCKS * ECRYPT_BLOCKLENGTH, keys_to_test, tests_per_key);
fprintf(fd, "Total time: %d clock ticks (%.2f seconds)\n",
clocks, (double)clocks / (double)CLOCKS_PER_SEC);
usec /= (double)(TEST_BLOCKS * ECRYPT_BLOCKLENGTH);
usec_enc = usec;
fprintf(fd, "Encryption speed (cycles/byte): %.2f\n", usec * cpu_speed);
fprintf(fd, "Encryption speed (Mbps): %.2f\n", 8.0 / usec);
fprintf(fd, "\n");
for(i = 0; i < KEYS_TO_TEST; i++)
FINALIZE(&ctx[i], mac);
if (test_packet)
{
fprintf(fd, "Testing packet encryption speed:\n\n");
fflush(fd);
for (k = 0; k < 3; k++)
{
TEST_SPEED(FOR_I_FOR_J, do
{
ENCRYPT_PACKET(&ctx[i % KEYS_TO_TEST], iv[j % KEYS_TO_TEST],
NULL, 0, text[i % 2], text[(i + 1) % 2], sizes[k], mac);
} while (0));
usecs[k] = usec;
fprintf(fd, "Encrypted %d packets of %d bytes "
"(under %d keys, %d packets/key)\n",
tests, sizes[k], keys_to_test, tests_per_key);
fprintf(fd, "Total time: %d clock ticks (%.2f seconds)\n",
(int)clocks, (double)clocks / (double)CLOCKS_PER_SEC);
fprintf(fd, "Encryption speed (cycles/packet): %.2f\n",
usec * cpu_speed);
usec /= (double)sizes[k];
fprintf(fd, "Encryption speed (cycles/byte): %.2f\n",
usec * cpu_speed);
fprintf(fd, "Encryption speed (Mbps): %.2f\n", 8.0 / usec);
fprintf(fd, "Overhead: %.1f%%\n", 100.0 * (usec / usec_enc - 1.0));
fprintf(fd, "\n");
fflush(fd);
}
fprintf(fd, "Weighted average (Simple Imix):\n");
usec = size = 0;
for (k = 0; k < 3; k++)
{
usec += ratios[k] * usecs[k];
size += ratios[k] * sizes[k];
}
usec /= size;
fprintf(fd, "Encryption speed (cycles/byte): %.2f\n", usec * cpu_speed);
fprintf(fd, "Encryption speed (Mbps): %.2f\n", 8.0 / usec);
fprintf(fd, "Overhead: %.1f%%\n", 100.0 * (usec / usec_enc - 1.0));
fprintf(fd, "\n");
}
if (test_setup)
{
fprintf(fd, "Testing key setup speed:\n\n");
fflush(fd);
TEST_SPEED(FOR_J_FOR_I, do
{
KEYSETUP(&ctx[0], key[i % KEYS_TO_TEST], keysize, ivsize, macsize);
} while (0));
fprintf(fd,
"Did %d key setups (under %d keys, %d setups/key)\n",
tests, keys_to_test, tests_per_key);
fprintf(fd, "Total time: %d clock ticks (%.2f seconds)\n",
clocks, (double)clocks / (double)CLOCKS_PER_SEC);
fprintf(fd, "Key setup speed (cycles/setup): %.2f\n", usec * cpu_speed);
fprintf(fd, "Key setup speed (setups/second): %.2f\n", 1000000.0 / usec);
fprintf(fd, "\n");
#ifndef ECRYPT_AE
fprintf(fd, "Testing IV setup speed:\n\n");
#else
fprintf(fd, "Testing speed of IV setup + finalize:\n\n");
#endif
fflush(fd);
TEST_SPEED(FOR_I_FOR_J, do
{
IVSETUP(&ctx[i % KEYS_TO_TEST], iv[j % KEYS_TO_TEST]);
FINALIZE(&ctx[i % KEYS_TO_TEST], mac);
} while (0));
fprintf(fd,
"Did %d IV setups (under %d keys, %d setups/key)\n",
tests, keys_to_test, tests_per_key);
fprintf(fd, "Total time: %d clock ticks (%.2f seconds)\n",
clocks, (double)clocks / (double)CLOCKS_PER_SEC);
fprintf(fd, "IV setup speed (cycles/setup): %.2f\n", usec * cpu_speed);
fprintf(fd, "IV setup speed (setups/second): %.2f\n", 1000000.0 / usec);
fprintf(fd, "\n");
fflush(fd);
}
fprintf(fd, "\nEnd of performance measurements\n");
fflush(fd);
}
/* ------------------------------------------------------------------------- */
void run_tests(FILE *fd, int keysize, int ivsize, int macsize)
{
if (output_vectors)
{
test_if_conform_to_api(fd, keysize, ivsize, macsize);
if (errors == 0)
test_vectors(fd, keysize, ivsize, macsize);
}
if (cpu_speed > 0)
test_speed(fd, keysize, ivsize, macsize);
}
/* ------------------------------------------------------------------------- */
int main(int argc, char *argv[])
{
int keysize = 0;
int ivsize = 0;
int macsize = 0;
int k, i, m;
while((argc > 1) && (argv[1][0] == '-'))
{
switch (argv[1][1])
{
case 'v':
output_vectors = 1;
break;
case 'c':
argc--;
argv++;
if (argc > 1)
cpu_speed = atof(argv[1]);
break;
case 't':
argc--;
argv++;
if (argc > 1)
test_time = atof(argv[1]);
break;
case 'p':
test_packet = 0;
break;
case 'k':
test_setup = 0;
break;
case 's':
single_key = 1;
break;
}
argc--;
argv++;
}
if (!output_vectors && (cpu_speed <= 0))
{
printf("Usage: ecrypt-test [OPTIONS]\n"
"\n"
" -v generate test vectors\n"
" -c MHZ perform speed measurements assuming the given "
"clock frequency\n"
" -t SEC limit the duration of the tests (default: 3 seconds)\n"
" -p do not test packet encryption speed\n"
" -k do not test key and IV setup speed\n"
" -s perform tests for a single key and IV length\n");
exit(1);
}
print_header(stdout);
ECRYPT_init();
for (k = 0; ECRYPT_KEYSIZE(k) <= ECRYPT_MAXKEYSIZE; k++)
{
if ((k > 0) && (ECRYPT_KEYSIZE(k) <= ECRYPT_KEYSIZE(k - 1)))
{
++errors;
fprintf(stdout,
"*** ERROR: ECRYPT_KEYSIZE(i) does not conform to API.\n");
break;
}
if (abs(ECRYPT_KEYSIZE(k) - 128) < abs(keysize - 128))
keysize = ECRYPT_KEYSIZE(k);
}
for (i = 0; ECRYPT_IVSIZE(i) <= ECRYPT_MAXIVSIZE; i++)
{
if ((i > 0) && (ECRYPT_IVSIZE(i) <= ECRYPT_IVSIZE(i - 1)))
{
++errors;
fprintf(stdout,
"*** ERROR: ECRYPT_IVSIZE(i) does not conform to API.\n");
break;
}
if (abs(ECRYPT_IVSIZE(i) - 64) < abs(ivsize - 64))
ivsize = ECRYPT_IVSIZE(i);
}
for (m = 0; ECRYPT_MACSIZE(m) <= ECRYPT_MAXMACSIZE; m++)
{
if ((m > 0) && (ECRYPT_MACSIZE(m) <= ECRYPT_MACSIZE(m - 1)))
{
++errors;
fprintf(stdout,
"*** ERROR: ECRYPT_MACSIZE(i) does not conform to API.\n");
break;
}
if (abs(ECRYPT_MACSIZE(m) - 64) < abs(macsize - 64))
macsize = ECRYPT_MACSIZE(m);
}
check_status();
if (single_key)
run_tests(stdout, keysize, ivsize, macsize);
else
for (k = 0; (keysize=ECRYPT_KEYSIZE(k)) <= ECRYPT_MAXKEYSIZE; k++)
{
if ((k > 0) && (keysize <= ECRYPT_KEYSIZE(k - 1)))
break;
/* Only powers of 2 or multiples of 80 larger than 64 */
if (((keysize & (keysize - 1)) && (keysize % 80)) || (keysize < 64))
continue;
/* Not interested in key sizes exceeding 256 bits */
if (keysize > 256)
break;
for (i = 0; (ivsize=ECRYPT_IVSIZE(i)) <= ECRYPT_MAXIVSIZE; i++)
{
if ((i > 0) && (ivsize <= ECRYPT_IVSIZE(i - 1)))
break;
/* Only powers of 2 larger than 32 or multiples of 80 */
if (((ivsize & (ivsize - 1)) || (ivsize < 32)) && (ivsize % 80))
continue;
/* Not interested in IV sizes exceeding 256 bits */
if (ivsize > 256)
break;
for (m = 0; (macsize=ECRYPT_MACSIZE(m)) <= ECRYPT_MAXMACSIZE; m++)
{
if ((m > 0) && (macsize <= ECRYPT_MACSIZE(m - 1)))
break;
/* Only multiples of 32 */
if (macsize % 32)
continue;
/* Not interested in MAC sizes exceeding 256 bits */
if (macsize > 256)
break;
run_tests(stdout, keysize, ivsize, macsize);
}
}
}
fprintf(stderr, "Elapsed time: %.2f seconds.\n",
(double)clock() / (double)CLOCKS_PER_SEC);
fprintf(stderr, "There were %d errors.\n", errors);
if (errors)
return 1;
else
return 0;
}
|
eSTREAM Project Powered by ViewCVS 1.0-dev |
ViewCVS and CVS Help |