qemu/tests/test-crypto-xts.c
<<
>>
Prefs
   1/*
   2 * QEMU Crypto XTS cipher mode
   3 *
   4 * Copyright (c) 2015-2016 Red Hat, Inc.
   5 *
   6 * This library is free software; you can redistribute it and/or
   7 * modify it under the terms of the GNU Lesser General Public
   8 * License as published by the Free Software Foundation; either
   9 * version 2 of the License, or (at your option) any later version.
  10 *
  11 * This library is distributed in the hope that it will be useful,
  12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14 * Lesser General Public License for more details.
  15 *
  16 * You should have received a copy of the GNU Lesser General Public
  17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
  18 *
  19 * This code is originally derived from public domain / WTFPL code in
  20 * LibTomCrypt crytographic library http://libtom.org. The XTS code
  21 * was donated by Elliptic Semiconductor Inc (www.ellipticsemi.com)
  22 * to the LibTom Projects
  23 *
  24 */
  25
  26#include "qemu/osdep.h"
  27#include "crypto/init.h"
  28#include "crypto/xts.h"
  29#include "crypto/aes.h"
  30
  31typedef struct {
  32    const char *path;
  33    int keylen;
  34    unsigned char key1[32];
  35    unsigned char key2[32];
  36    uint64_t seqnum;
  37    unsigned long PTLEN;
  38    unsigned char PTX[512], CTX[512];
  39} QCryptoXTSTestData;
  40
  41static const QCryptoXTSTestData test_data[] = {
  42    /* #1 32 byte key, 32 byte PTX */
  43    {
  44        "/crypto/xts/t-1-key-32-ptx-32",
  45        32,
  46        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  47          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
  48        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  49          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
  50        0,
  51        32,
  52        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  53          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  54          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  55          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
  56        { 0x91, 0x7c, 0xf6, 0x9e, 0xbd, 0x68, 0xb2, 0xec,
  57          0x9b, 0x9f, 0xe9, 0xa3, 0xea, 0xdd, 0xa6, 0x92,
  58          0xcd, 0x43, 0xd2, 0xf5, 0x95, 0x98, 0xed, 0x85,
  59          0x8c, 0x02, 0xc2, 0x65, 0x2f, 0xbf, 0x92, 0x2e },
  60    },
  61
  62    /* #2, 32 byte key, 32 byte PTX */
  63    {
  64        "/crypto/xts/t-2-key-32-ptx-32",
  65        32,
  66        { 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
  67          0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11 },
  68        { 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
  69          0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 },
  70        0x3333333333LL,
  71        32,
  72        { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
  73          0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
  74          0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
  75          0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
  76        { 0xc4, 0x54, 0x18, 0x5e, 0x6a, 0x16, 0x93, 0x6e,
  77          0x39, 0x33, 0x40, 0x38, 0xac, 0xef, 0x83, 0x8b,
  78          0xfb, 0x18, 0x6f, 0xff, 0x74, 0x80, 0xad, 0xc4,
  79          0x28, 0x93, 0x82, 0xec, 0xd6, 0xd3, 0x94, 0xf0 },
  80    },
  81
  82    /* #5 from xts.7, 32 byte key, 32 byte PTX */
  83    {
  84        "/crypto/xts/t-5-key-32-ptx-32",
  85        32,
  86        { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
  87          0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
  88        { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
  89          0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
  90        0x123456789aLL,
  91        32,
  92        { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
  93          0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
  94          0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
  95          0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
  96        { 0xb0, 0x1f, 0x86, 0xf8, 0xed, 0xc1, 0x86, 0x37,
  97          0x06, 0xfa, 0x8a, 0x42, 0x53, 0xe3, 0x4f, 0x28,
  98          0xaf, 0x31, 0x9d, 0xe3, 0x83, 0x34, 0x87, 0x0f,
  99          0x4d, 0xd1, 0xf9, 0x4c, 0xbe, 0x98, 0x32, 0xf1 },
 100    },
 101
 102    /* #4, 32 byte key, 512 byte PTX  */
 103    {
 104        "/crypto/xts/t-4-key-32-ptx-512",
 105        32,
 106        { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45,
 107          0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26 },
 108        { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93,
 109          0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95 },
 110        0,
 111        512,
 112        {
 113            0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 114            0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 115            0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
 116            0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
 117            0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
 118            0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
 119            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
 120            0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
 121            0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
 122            0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
 123            0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
 124            0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
 125            0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
 126            0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
 127            0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
 128            0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
 129            0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
 130            0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
 131            0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
 132            0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
 133            0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
 134            0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
 135            0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
 136            0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
 137            0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
 138            0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
 139            0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
 140            0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
 141            0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
 142            0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
 143            0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
 144            0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
 145            0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 146            0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 147            0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
 148            0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
 149            0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
 150            0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
 151            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
 152            0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
 153            0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
 154            0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
 155            0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
 156            0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
 157            0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
 158            0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
 159            0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
 160            0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
 161            0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
 162            0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
 163            0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
 164            0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
 165            0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
 166            0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
 167            0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
 168            0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
 169            0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
 170            0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
 171            0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
 172            0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
 173            0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
 174            0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
 175            0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
 176            0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
 177        },
 178        {
 179            0x27, 0xa7, 0x47, 0x9b, 0xef, 0xa1, 0xd4, 0x76,
 180            0x48, 0x9f, 0x30, 0x8c, 0xd4, 0xcf, 0xa6, 0xe2,
 181            0xa9, 0x6e, 0x4b, 0xbe, 0x32, 0x08, 0xff, 0x25,
 182            0x28, 0x7d, 0xd3, 0x81, 0x96, 0x16, 0xe8, 0x9c,
 183            0xc7, 0x8c, 0xf7, 0xf5, 0xe5, 0x43, 0x44, 0x5f,
 184            0x83, 0x33, 0xd8, 0xfa, 0x7f, 0x56, 0x00, 0x00,
 185            0x05, 0x27, 0x9f, 0xa5, 0xd8, 0xb5, 0xe4, 0xad,
 186            0x40, 0xe7, 0x36, 0xdd, 0xb4, 0xd3, 0x54, 0x12,
 187            0x32, 0x80, 0x63, 0xfd, 0x2a, 0xab, 0x53, 0xe5,
 188            0xea, 0x1e, 0x0a, 0x9f, 0x33, 0x25, 0x00, 0xa5,
 189            0xdf, 0x94, 0x87, 0xd0, 0x7a, 0x5c, 0x92, 0xcc,
 190            0x51, 0x2c, 0x88, 0x66, 0xc7, 0xe8, 0x60, 0xce,
 191            0x93, 0xfd, 0xf1, 0x66, 0xa2, 0x49, 0x12, 0xb4,
 192            0x22, 0x97, 0x61, 0x46, 0xae, 0x20, 0xce, 0x84,
 193            0x6b, 0xb7, 0xdc, 0x9b, 0xa9, 0x4a, 0x76, 0x7a,
 194            0xae, 0xf2, 0x0c, 0x0d, 0x61, 0xad, 0x02, 0x65,
 195            0x5e, 0xa9, 0x2d, 0xc4, 0xc4, 0xe4, 0x1a, 0x89,
 196            0x52, 0xc6, 0x51, 0xd3, 0x31, 0x74, 0xbe, 0x51,
 197            0xa1, 0x0c, 0x42, 0x11, 0x10, 0xe6, 0xd8, 0x15,
 198            0x88, 0xed, 0xe8, 0x21, 0x03, 0xa2, 0x52, 0xd8,
 199            0xa7, 0x50, 0xe8, 0x76, 0x8d, 0xef, 0xff, 0xed,
 200            0x91, 0x22, 0x81, 0x0a, 0xae, 0xb9, 0x9f, 0x91,
 201            0x72, 0xaf, 0x82, 0xb6, 0x04, 0xdc, 0x4b, 0x8e,
 202            0x51, 0xbc, 0xb0, 0x82, 0x35, 0xa6, 0xf4, 0x34,
 203            0x13, 0x32, 0xe4, 0xca, 0x60, 0x48, 0x2a, 0x4b,
 204            0xa1, 0xa0, 0x3b, 0x3e, 0x65, 0x00, 0x8f, 0xc5,
 205            0xda, 0x76, 0xb7, 0x0b, 0xf1, 0x69, 0x0d, 0xb4,
 206            0xea, 0xe2, 0x9c, 0x5f, 0x1b, 0xad, 0xd0, 0x3c,
 207            0x5c, 0xcf, 0x2a, 0x55, 0xd7, 0x05, 0xdd, 0xcd,
 208            0x86, 0xd4, 0x49, 0x51, 0x1c, 0xeb, 0x7e, 0xc3,
 209            0x0b, 0xf1, 0x2b, 0x1f, 0xa3, 0x5b, 0x91, 0x3f,
 210            0x9f, 0x74, 0x7a, 0x8a, 0xfd, 0x1b, 0x13, 0x0e,
 211            0x94, 0xbf, 0xf9, 0x4e, 0xff, 0xd0, 0x1a, 0x91,
 212            0x73, 0x5c, 0xa1, 0x72, 0x6a, 0xcd, 0x0b, 0x19,
 213            0x7c, 0x4e, 0x5b, 0x03, 0x39, 0x36, 0x97, 0xe1,
 214            0x26, 0x82, 0x6f, 0xb6, 0xbb, 0xde, 0x8e, 0xcc,
 215            0x1e, 0x08, 0x29, 0x85, 0x16, 0xe2, 0xc9, 0xed,
 216            0x03, 0xff, 0x3c, 0x1b, 0x78, 0x60, 0xf6, 0xde,
 217            0x76, 0xd4, 0xce, 0xcd, 0x94, 0xc8, 0x11, 0x98,
 218            0x55, 0xef, 0x52, 0x97, 0xca, 0x67, 0xe9, 0xf3,
 219            0xe7, 0xff, 0x72, 0xb1, 0xe9, 0x97, 0x85, 0xca,
 220            0x0a, 0x7e, 0x77, 0x20, 0xc5, 0xb3, 0x6d, 0xc6,
 221            0xd7, 0x2c, 0xac, 0x95, 0x74, 0xc8, 0xcb, 0xbc,
 222            0x2f, 0x80, 0x1e, 0x23, 0xe5, 0x6f, 0xd3, 0x44,
 223            0xb0, 0x7f, 0x22, 0x15, 0x4b, 0xeb, 0xa0, 0xf0,
 224            0x8c, 0xe8, 0x89, 0x1e, 0x64, 0x3e, 0xd9, 0x95,
 225            0xc9, 0x4d, 0x9a, 0x69, 0xc9, 0xf1, 0xb5, 0xf4,
 226            0x99, 0x02, 0x7a, 0x78, 0x57, 0x2a, 0xee, 0xbd,
 227            0x74, 0xd2, 0x0c, 0xc3, 0x98, 0x81, 0xc2, 0x13,
 228            0xee, 0x77, 0x0b, 0x10, 0x10, 0xe4, 0xbe, 0xa7,
 229            0x18, 0x84, 0x69, 0x77, 0xae, 0x11, 0x9f, 0x7a,
 230            0x02, 0x3a, 0xb5, 0x8c, 0xca, 0x0a, 0xd7, 0x52,
 231            0xaf, 0xe6, 0x56, 0xbb, 0x3c, 0x17, 0x25, 0x6a,
 232            0x9f, 0x6e, 0x9b, 0xf1, 0x9f, 0xdd, 0x5a, 0x38,
 233            0xfc, 0x82, 0xbb, 0xe8, 0x72, 0xc5, 0x53, 0x9e,
 234            0xdb, 0x60, 0x9e, 0xf4, 0xf7, 0x9c, 0x20, 0x3e,
 235            0xbb, 0x14, 0x0f, 0x2e, 0x58, 0x3c, 0xb2, 0xad,
 236            0x15, 0xb4, 0xaa, 0x5b, 0x65, 0x50, 0x16, 0xa8,
 237            0x44, 0x92, 0x77, 0xdb, 0xd4, 0x77, 0xef, 0x2c,
 238            0x8d, 0x6c, 0x01, 0x7d, 0xb7, 0x38, 0xb1, 0x8d,
 239            0xeb, 0x4a, 0x42, 0x7d, 0x19, 0x23, 0xce, 0x3f,
 240            0xf2, 0x62, 0x73, 0x57, 0x79, 0xa4, 0x18, 0xf2,
 241            0x0a, 0x28, 0x2d, 0xf9, 0x20, 0x14, 0x7b, 0xea,
 242            0xbe, 0x42, 0x1e, 0xe5, 0x31, 0x9d, 0x05, 0x68,
 243        }
 244    },
 245
 246    /* #7, 32 byte key, 17 byte PTX */
 247    {
 248        "/crypto/xts/t-7-key-32-ptx-17",
 249        32,
 250        { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
 251          0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
 252        { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
 253          0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
 254        0x123456789aLL,
 255        17,
 256        { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 257          0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10 },
 258        { 0x6c, 0x16, 0x25, 0xdb, 0x46, 0x71, 0x52, 0x2d,
 259          0x3d, 0x75, 0x99, 0x60, 0x1d, 0xe7, 0xca, 0x09, 0xed },
 260    },
 261
 262    /* #15, 32 byte key, 25 byte PTX */
 263    {
 264        "/crypto/xts/t-15-key-32-ptx-25",
 265        32,
 266        { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
 267          0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
 268        { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
 269          0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
 270        0x123456789aLL,
 271        25,
 272        { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 273          0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 274          0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18 },
 275        { 0x8f, 0x4d, 0xcb, 0xad, 0x55, 0x55, 0x8d, 0x7b,
 276          0x4e, 0x01, 0xd9, 0x37, 0x9c, 0xd4, 0xea, 0x22,
 277          0xed, 0xbf, 0x9d, 0xac, 0xe4, 0x5d, 0x6f, 0x6a, 0x73 },
 278    },
 279
 280    /* #21, 32 byte key, 31 byte PTX */
 281    {
 282        "/crypto/xts/t-21-key-32-ptx-31",
 283        32,
 284        { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
 285          0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
 286        { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
 287          0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
 288        0x123456789aLL,
 289        31,
 290        { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 291          0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 292          0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
 293          0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e },
 294        { 0xd0, 0x5b, 0xc0, 0x90, 0xa8, 0xe0, 0x4f, 0x1b,
 295          0x3d, 0x3e, 0xcd, 0xd5, 0xba, 0xec, 0x0f, 0xd4,
 296          0xed, 0xbf, 0x9d, 0xac, 0xe4, 0x5d, 0x6f, 0x6a,
 297          0x73, 0x06, 0xe6, 0x4b, 0xe5, 0xdd, 0x82 },
 298    },
 299};
 300
 301#define STORE64L(x, y)                                                  \
 302    do {                                                                \
 303        (y)[7] = (unsigned char)(((x) >> 56) & 255);                    \
 304        (y)[6] = (unsigned char)(((x) >> 48) & 255);                    \
 305        (y)[5] = (unsigned char)(((x) >> 40) & 255);                    \
 306        (y)[4] = (unsigned char)(((x) >> 32) & 255);                    \
 307        (y)[3] = (unsigned char)(((x) >> 24) & 255);                    \
 308        (y)[2] = (unsigned char)(((x) >> 16) & 255);                    \
 309        (y)[1] = (unsigned char)(((x) >> 8) & 255);                     \
 310        (y)[0] = (unsigned char)((x) & 255);                            \
 311    } while (0)
 312
 313struct TestAES {
 314    AES_KEY enc;
 315    AES_KEY dec;
 316};
 317
 318static void test_xts_aes_encrypt(const void *ctx,
 319                                 size_t length,
 320                                 uint8_t *dst,
 321                                 const uint8_t *src)
 322{
 323    const struct TestAES *aesctx = ctx;
 324
 325    AES_encrypt(src, dst, &aesctx->enc);
 326}
 327
 328
 329static void test_xts_aes_decrypt(const void *ctx,
 330                                 size_t length,
 331                                 uint8_t *dst,
 332                                 const uint8_t *src)
 333{
 334    const struct TestAES *aesctx = ctx;
 335
 336    AES_decrypt(src, dst, &aesctx->dec);
 337}
 338
 339
 340static void test_xts(const void *opaque)
 341{
 342    const QCryptoXTSTestData *data = opaque;
 343    unsigned char OUT[512], Torg[16], T[16];
 344    uint64_t seq;
 345    int j;
 346    unsigned long len;
 347    struct TestAES aesdata;
 348    struct TestAES aestweak;
 349
 350    for (j = 0; j < 2; j++) {
 351        /* skip the cases where
 352         * the length is smaller than 2*blocklen
 353         * or the length is not a multiple of 32
 354         */
 355        if ((j == 1) && ((data->PTLEN < 32) || (data->PTLEN % 32))) {
 356            continue;
 357        }
 358        len = data->PTLEN / 2;
 359
 360        AES_set_encrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.enc);
 361        AES_set_decrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.dec);
 362        AES_set_encrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.enc);
 363        AES_set_decrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.dec);
 364
 365        seq = data->seqnum;
 366        STORE64L(seq, Torg);
 367        memset(Torg + 8, 0, 8);
 368
 369        memcpy(T, Torg, sizeof(T));
 370        if (j == 0) {
 371            xts_encrypt(&aesdata, &aestweak,
 372                        test_xts_aes_encrypt,
 373                        test_xts_aes_decrypt,
 374                        T, data->PTLEN, OUT, data->PTX);
 375        } else {
 376            xts_encrypt(&aesdata, &aestweak,
 377                        test_xts_aes_encrypt,
 378                        test_xts_aes_decrypt,
 379                        T, len, OUT, data->PTX);
 380            xts_encrypt(&aesdata, &aestweak,
 381                        test_xts_aes_encrypt,
 382                        test_xts_aes_decrypt,
 383                        T, len, &OUT[len], &data->PTX[len]);
 384        }
 385
 386        g_assert(memcmp(OUT, data->CTX, data->PTLEN) == 0);
 387
 388        memcpy(T, Torg, sizeof(T));
 389        if (j == 0) {
 390            xts_decrypt(&aesdata, &aestweak,
 391                        test_xts_aes_encrypt,
 392                        test_xts_aes_decrypt,
 393                        T, data->PTLEN, OUT, data->CTX);
 394        } else {
 395            xts_decrypt(&aesdata, &aestweak,
 396                        test_xts_aes_encrypt,
 397                        test_xts_aes_decrypt,
 398                        T, len, OUT, data->CTX);
 399            xts_decrypt(&aesdata, &aestweak,
 400                        test_xts_aes_encrypt,
 401                        test_xts_aes_decrypt,
 402                        T, len, &OUT[len], &data->CTX[len]);
 403        }
 404
 405        g_assert(memcmp(OUT, data->PTX, data->PTLEN) == 0);
 406    }
 407}
 408
 409
 410int main(int argc, char **argv)
 411{
 412    size_t i;
 413
 414    g_test_init(&argc, &argv, NULL);
 415
 416    g_assert(qcrypto_init(NULL) == 0);
 417
 418    for (i = 0; i < G_N_ELEMENTS(test_data); i++) {
 419        g_test_add_data_func(test_data[i].path, &test_data[i], test_xts);
 420    }
 421
 422    return g_test_run();
 423}
 424