eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add option for large IV to storage wrapper.

Browse Source 
Also implement some test vectors and use the same limits
as in dm-crypt (IV offset alignnment).
This commit is contained in:
Milan Broz
2020-05-28 08:41:09 +02:00
committed by Ondrej Kozina
parent e43a22abcf
commit f5910d83c4
7 changed files with 153 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/crypto_backend/crypto_backend.h
View File

@@ -109,7 +109,7 @@ int crypt_cipher_check_kernel(const char *name, const char *mode,
/* Storage encryption wrappers */ /* Storage encryption wrappers */
int crypt_storage_init(struct crypt_storage **ctx, size_t sector_size, int crypt_storage_init(struct crypt_storage **ctx, size_t sector_size,
const char *cipher, const char *cipher_mode, const char *cipher, const char *cipher_mode,
const void *key, size_t key_length); const void *key, size_t key_length, bool large_iv);
void crypt_storage_destroy(struct crypt_storage *ctx); void crypt_storage_destroy(struct crypt_storage *ctx);
int crypt_storage_decrypt(struct crypt_storage *ctx, uint64_t iv_offset, int crypt_storage_decrypt(struct crypt_storage *ctx, uint64_t iv_offset,
uint64_t length, char *buffer); uint64_t length, char *buffer);

42
lib/crypto_backend/crypto_storage.c
View File

@@ -40,7 +40,7 @@ struct crypt_sector_iv {
/* Block encryption storage context */ /* Block encryption storage context */
struct crypt_storage { struct crypt_storage {
unsigned sector_shift; size_t sector_size;
unsigned iv_shift; unsigned iv_shift;
struct crypt_cipher *cipher; struct crypt_cipher *cipher;
struct crypt_sector_iv cipher_iv; struct crypt_sector_iv cipher_iv;
@@ -56,7 +56,8 @@ static int int_log2(unsigned int x)
static int crypt_sector_iv_init(struct crypt_sector_iv *ctx, static int crypt_sector_iv_init(struct crypt_sector_iv *ctx,
const char *cipher_name, const char *mode_name, const char *cipher_name, const char *mode_name,
const char *iv_name, const void *key, size_t key_length, size_t sector_size) const char *iv_name, const void *key, size_t key_length,
size_t sector_size)
{ {
int r; int r;
@@ -212,7 +213,8 @@ int crypt_storage_init(struct crypt_storage **ctx,
size_t sector_size, size_t sector_size,
const char *cipher, const char *cipher,
const char *cipher_mode, const char *cipher_mode,
const void *key, size_t key_length) const void *key, size_t key_length,
bool large_iv)
{ {
struct crypt_storage *s; struct crypt_storage *s;
char mode_name[64]; char mode_name[64];
@@ -250,8 +252,8 @@ int crypt_storage_init(struct crypt_storage **ctx,
return r; return r;
} }
s->sector_shift = int_log2(sector_size); s->sector_size = sector_size;
s->iv_shift = s->sector_shift - SECTOR_SHIFT; s->iv_shift = large_iv ? int_log2(sector_size) - SECTOR_SHIFT : 0;
*ctx = s; *ctx = s;
return 0; return 0;
@@ -264,19 +266,20 @@ int crypt_storage_decrypt(struct crypt_storage *ctx,
uint64_t i; uint64_t i;
int r = 0; int r = 0;
if (length & ((1 << ctx->sector_shift) - 1)) if (length & (ctx->sector_size - 1))
return -EINVAL; return -EINVAL;
length >>= ctx->sector_shift; if (iv_offset & ((ctx->sector_size >> SECTOR_SHIFT) - 1))
return -EINVAL;
for (i = 0; i < length; i++) { for (i = 0; i < length; i += ctx->sector_size) {
r = crypt_sector_iv_generate(&ctx->cipher_iv, iv_offset + (uint64_t)(i << ctx->iv_shift)); r = crypt_sector_iv_generate(&ctx->cipher_iv, (iv_offset + (i >> SECTOR_SHIFT)) >> ctx->iv_shift);
if (r) if (r)
break; break;
r = crypt_cipher_decrypt(ctx->cipher, r = crypt_cipher_decrypt(ctx->cipher,
&buffer[i << ctx->sector_shift], &buffer[i],
&buffer[i << ctx->sector_shift], &buffer[i],
1 << ctx->sector_shift, ctx->sector_size,
ctx->cipher_iv.iv, ctx->cipher_iv.iv,
ctx->cipher_iv.iv_size); ctx->cipher_iv.iv_size);
if (r) if (r)
@@ -293,19 +296,20 @@ int crypt_storage_encrypt(struct crypt_storage *ctx,
uint64_t i; uint64_t i;
int r = 0; int r = 0;
if (length & ((1 << ctx->sector_shift) - 1)) if (length & (ctx->sector_size - 1))
return -EINVAL; return -EINVAL;
length >>= ctx->sector_shift; if (iv_offset & ((ctx->sector_size >> SECTOR_SHIFT) - 1))
return -EINVAL;
for (i = 0; i < length; i++) { for (i = 0; i < length; i += ctx->sector_size) {
r = crypt_sector_iv_generate(&ctx->cipher_iv, iv_offset + (i << ctx->iv_shift)); r = crypt_sector_iv_generate(&ctx->cipher_iv, (iv_offset + (i >> SECTOR_SHIFT)) >> ctx->iv_shift);
if (r) if (r)
break; break;
r = crypt_cipher_encrypt(ctx->cipher, r = crypt_cipher_encrypt(ctx->cipher,
&buffer[i << ctx->sector_shift], &buffer[i],
&buffer[i << ctx->sector_shift], &buffer[i],
1 << ctx->sector_shift, ctx->sector_size,
ctx->cipher_iv.iv, ctx->cipher_iv.iv,
ctx->cipher_iv.iv_size); ctx->cipher_iv.iv_size);
if (r) if (r)

4
lib/luks1/keyencryption.c
View File

@@ -153,7 +153,7 @@ int LUKS_encrypt_to_storage(char *src, size_t srcLength,
return -EINVAL; return -EINVAL;
/* Encrypt buffer */ /* Encrypt buffer */
r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength); r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength, false);
if (r) if (r)
log_dbg(ctx, "Userspace crypto wrapper cannot use %s-%s (%d).", log_dbg(ctx, "Userspace crypto wrapper cannot use %s-%s (%d).",
@@ -218,7 +218,7 @@ int LUKS_decrypt_from_storage(char *dst, size_t dstLength,
if (MISALIGNED_512(dstLength)) if (MISALIGNED_512(dstLength))
return -EINVAL; return -EINVAL;
r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength); r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength, false);
if (r) if (r)
log_dbg(ctx, "Userspace crypto wrapper cannot use %s-%s (%d).", log_dbg(ctx, "Userspace crypto wrapper cannot use %s-%s (%d).",

4
lib/luks2/luks2_keyslot_luks2.c
View File

@@ -48,7 +48,7 @@ static int luks2_encrypt_to_storage(char *src, size_t srcLength,
return -EINVAL; return -EINVAL;
/* Encrypt buffer */ /* Encrypt buffer */
r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength); r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength, false);
if (r) { if (r) {
log_err(cd, _("Cannot use %s-%s cipher for keyslot encryption."), cipher, cipher_mode); log_err(cd, _("Cannot use %s-%s cipher for keyslot encryption."), cipher, cipher_mode);
return r; return r;
@@ -103,7 +103,7 @@ static int luks2_decrypt_from_storage(char *dst, size_t dstLength,
if (MISALIGNED_512(dstLength)) if (MISALIGNED_512(dstLength))
return -EINVAL; return -EINVAL;
r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength); r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength, false);
if (r) { if (r) {
log_err(cd, _("Cannot use %s-%s cipher for keyslot encryption."), cipher, cipher_mode); log_err(cd, _("Cannot use %s-%s cipher for keyslot encryption."), cipher, cipher_mode);
return r; return r;

2
lib/utils_storage_wrappers.c
View File

@@ -62,7 +62,7 @@ static int crypt_storage_backend_init(struct crypt_device *cd,
struct crypt_storage *s; struct crypt_storage *s;
/* iv_start, sector_size */ /* iv_start, sector_size */
r = crypt_storage_init(&s, sector_size, cipher, cipher_mode, vk->key, vk->keylength); r = crypt_storage_init(&s, sector_size, cipher, cipher_mode, vk->key, vk->keylength, flags & LARGE_IV);
if (r) if (r)
return r; return r;

1
lib/utils_storage_wrappers.h
View File

@@ -31,6 +31,7 @@ struct crypt_device;
#define DISABLE_KCAPI (1 << 1) #define DISABLE_KCAPI (1 << 1)
#define DISABLE_DMCRYPT (1 << 2) #define DISABLE_DMCRYPT (1 << 2)
#define OPEN_READONLY (1 << 3) #define OPEN_READONLY (1 << 3)
#define LARGE_IV (1 << 4)
typedef enum { typedef enum {
NONE = 0, NONE = 0,

210
tests/crypto-vectors.c
View File

@@ -660,31 +660,37 @@ struct cipher_iv_test_vector {
const char in_sha256[32]; const char in_sha256[32];
struct { struct {
size_t sector_size; size_t sector_size;
bool large_iv;
const char out_sha256[32]; const char out_sha256[32];
} out[4]; } out[7];
}; };
static struct cipher_iv_test_vector cipher_iv_test_vectors[] = { static struct cipher_iv_test_vector cipher_iv_test_vectors[] = {
{ {
"aes", "cbc", "aes", "cbc",
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16, "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
"null", 0, 8192, "null", UINT32_MAX-7, 8192,
"\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b" "\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b"
"\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", { "\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", {
{ { 512, false,
512,
"\xfd\x05\xd0\x4d\x51\xb9\xd4\x87\xa4\x57\x9a\x62\x07\x39\xc9\x4a" "\xfd\x05\xd0\x4d\x51\xb9\xd4\x87\xa4\x57\x9a\x62\x07\x39\xc9\x4a"
"\x00\x90\x3e\xaf\xe8\xb2\xac\x12\xca\xeb\x58\xf9\x48\xf6\xef\x08" "\x00\x90\x3e\xaf\xe8\xb2\xac\x12\xca\xeb\x58\xf9\x48\xf6\xef\x08"
},{ },{ 1024, false,
1024,
"\x55\x87\x5c\xde\x86\x6a\x8b\xab\x08\xbe\x5b\x38\x17\x53\xdf\xe5" "\x55\x87\x5c\xde\x86\x6a\x8b\xab\x08\xbe\x5b\x38\x17\x53\xdf\xe5"
"\x7e\xb9\x5f\x59\xaf\x07\xa4\xca\x6a\x24\xd1\x12\xa9\x15\x25\xf4" "\x7e\xb9\x5f\x59\xaf\x07\xa4\xca\x6a\x24\xd1\x12\xa9\x15\x25\xf4"
},{ },{ 1024, true,
2048, "\x55\x87\x5c\xde\x86\x6a\x8b\xab\x08\xbe\x5b\x38\x17\x53\xdf\xe5"
"\x7e\xb9\x5f\x59\xaf\x07\xa4\xca\x6a\x24\xd1\x12\xa9\x15\x25\xf4"
},{ 2048, false,
"\x55\x5b\x8e\x74\x90\x9d\x0d\x4b\x74\x8c\x16\x7e\x29\xcf\xa9\xa3" "\x55\x5b\x8e\x74\x90\x9d\x0d\x4b\x74\x8c\x16\x7e\x29\xcf\xa9\xa3"
"\xf3\x42\x8b\x62\xda\x2d\x8c\xda\xc9\x32\xc8\x78\xe2\x7e\xd2\x70" "\xf3\x42\x8b\x62\xda\x2d\x8c\xda\xc9\x32\xc8\x78\xe2\x7e\xd2\x70"
},{ },{ 2048, true,
4096, "\x55\x5b\x8e\x74\x90\x9d\x0d\x4b\x74\x8c\x16\x7e\x29\xcf\xa9\xa3"
"\xf3\x42\x8b\x62\xda\x2d\x8c\xda\xc9\x32\xc8\x78\xe2\x7e\xd2\x70"
},{ 4096, false,
"\xc6\x45\xba\xe0\x40\x3a\x96\x09\x5e\x46\x0d\x19\x9d\x58\x4b\x93"
"\x78\xc5\x3f\xa4\x2e\x9e\xb0\x19\x04\x4b\x73\x26\xf4\xa6\xb5\xc3"
},{ 4096, true,
"\xc6\x45\xba\xe0\x40\x3a\x96\x09\x5e\x46\x0d\x19\x9d\x58\x4b\x93" "\xc6\x45\xba\xe0\x40\x3a\x96\x09\x5e\x46\x0d\x19\x9d\x58\x4b\x93"
"\x78\xc5\x3f\xa4\x2e\x9e\xb0\x19\x04\x4b\x73\x26\xf4\xa6\xb5\xc3" "\x78\xc5\x3f\xa4\x2e\x9e\xb0\x19\x04\x4b\x73\x26\xf4\xa6\xb5\xc3"
}, },
@@ -692,73 +698,88 @@ static struct cipher_iv_test_vector cipher_iv_test_vectors[] = {
{ {
"aes", "cbc", "aes", "cbc",
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16, "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
"plain", UINT32_MAX-1, 8192, "plain", UINT32_MAX-7, 8192,
"\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b" "\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b"
"\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", { "\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", {
{ { 512, false,
512, "\x43\xfd\x6e\x25\x80\xb2\x13\xf5\xca\x71\x79\x18\xe4\x12\x91\xe0"
"\x4e\xa0\x9e\x5b\xf2\x27\x88\xdb\xe9\x05\xfb\x34\xa1\x88\x3b\xa3" "\x6e\x37\x24\x32\xfd\x40\x4b\x42\xcb\xc1\x72\x1a\xc7\x5a\x19\xc8"
"\xda\x3e\x98\x50\x5d\x52\x68\x72\xc8\xac\x21\x88\x77\x35\x67\xad" },{ 1024, false,
},{ "\x18\x79\x8d\xad\xf2\x7b\x38\x03\x27\xa5\x76\x19\x07\xcd\x12\x62"
1024, "\x03\x36\x57\x85\x88\x50\xd0\x6c\xf6\xdf\xf1\xcf\xb8\xcf\x01\x77"
"\x0e\x4d\xba\x93\xef\x44\x06\x3b\xac\x92\x29\x97\xde\x75\xe7\x18" },{ 1024, true,
"\x26\x06\x5c\x8f\x23\xf2\xf8\xe5\xee\xfe\xf7\x9a\xdf\xc7\xd4\x2d" "\xd0\x21\xcf\xb2\x7a\x01\xa8\x94\xb2\x87\x49\xc4\x9f\x9c\xb2\x3a"
},{ "\x7c\xc4\x0d\x50\x08\xea\x4d\xfb\x87\xe4\x49\x8c\x1a\xd6\xec\x16"
2048, },{ 2048, false,
"\x6f\xd7\x56\x23\x51\x65\x20\x8f\xd2\x11\x35\xe1\xd2\x05\x40\xc3" "\xa4\x89\x72\xb9\xcf\x78\x0c\x2a\xc8\x20\x4f\xd5\x13\xcb\x75\x30"
"\xd3\x18\xc1\xed\xf0\x1c\xbe\x0e\xdd\xd5\xca\x39\x21\xe0\xe4\x68" "\x90\xd2\x4a\xfd\xd3\xb2\xe8\xf0\xd2\xb7\x9d\x07\xbd\xa9\x70\x97"
},{ },{ 2048, true,
4096, "\x2a\xcf\x07\x57\xc8\xea\x64\xc7\xd0\xd5\x28\xe6\xd1\x9a\xb5\x7d"
"\x80\xaa\x75\x69\x39\x29\x8f\x93\xbd\x09\x51\x96\x9b\x7d\x0f\xd0" "\xe4\xb9\x63\xa2\x66\x5a\x3d\x14\xbd\x27\xc7\x09\xc0\x3c\xd9\x00"
"\xf5\xb5\xdf\xf4\x48\x8c\x21\x26\x2e\xa7\x5c\x52\x75\xaa\xfc\xe3" },{ 4096, false,
"\x12\x1b\x00\x54\x6e\x2d\x08\xc1\x15\x8b\x15\x57\xc5\x11\x30\x8b"
"\x63\x33\x64\xa0\xd1\x45\xd6\xcb\xdd\x49\x91\x04\x29\xe6\x93\x08"
},{ 4096, true,
"\x44\xaa\xf1\x23\x0c\x34\x32\x2a\xfa\xe3\xf7\x95\x7a\x7c\xa8\x8b"
"\x34\x78\xbd\x12\x5c\xae\x4a\x65\x23\x8a\x6f\x3a\x96\x05\xfa\xae"
}, },
}}, }},
{ {
"aes", "cbc", "aes", "cbc",
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16, "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
"plain64", UINT32_MAX-1, 8192, "plain64", UINT32_MAX-7, 8192,
"\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b" "\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b"
"\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", { "\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", {
{ { 512, false,
512, "\xb3\x65\x7e\x6c\xba\xe0\x39\xcd\x1e\x1d\xaf\x65\xae\xb7\xda\x20"
"\x60\xe5\xc9\xf8\xcd\x48\x06\x3c\x96\x11\xc8\xbf\x1e\x67\x60\x21" "\x25\x17\x6a\x38\x75\x79\x68\x4c\x9a\x75\xc7\xfb\x2b\xa2\x17\xd2"
"\x0c\x1f\x1a\x8b\x03\x00\x0d\xc1\x39\xc9\x27\xb8\xa8\x73\x17\x69" },{ 1024, false,
},{ "\x0a\xa3\x23\x72\x80\xd3\x76\x33\x8b\x2b\xae\x01\x03\x99\xa5\xca"
1024, "\xcd\x95\x27\x40\x27\xec\x14\x90\xfd\x58\xb0\x08\x9b\x99\x27\xe2"
"\x25\xc1\x6b\x78\x8a\x22\x72\xb5\x5c\xfb\x3f\xe9\x16\x8b\x89\x96" },{ 1024, true,
"\xfa\x80\xed\xf4\x83\xab\x1c\x79\xd2\xc7\x44\x27\x89\x99\xbb\x83" "\xd0\x21\xcf\xb2\x7a\x01\xa8\x94\xb2\x87\x49\xc4\x9f\x9c\xb2\x3a"
},{ "\x7c\xc4\x0d\x50\x08\xea\x4d\xfb\x87\xe4\x49\x8c\x1a\xd6\xec\x16"
2048, },{ 2048, false,
"\xb3\x42\x15\xd7\x86\xf6\xdf\x45\x49\x78\x18\x73\xa8\x7f\x3e\xb3" "\x67\x87\xeb\xed\xe1\x16\x85\x0a\x3f\xb2\x5c\xbc\x27\x61\x99\x52"
"\x0b\xb8\x64\x91\x7c\xf1\x5a\x5b\x6d\x20\xbc\x0b\xe2\xab\x9b\xe6" "\xfe\x64\xb9\xab\x24\xdd\x2c\x1a\x2c\xff\xcd\x7e\x2e\x74\xb5\xd4"
},{ },{ 2048, true,
4096, "\x2a\xcf\x07\x57\xc8\xea\x64\xc7\xd0\xd5\x28\xe6\xd1\x9a\xb5\x7d"
"\x6b\x45\x5c\x24\x97\xb4\x87\x49\x99\x16\x69\x59\x72\x6b\xd7\xc9" "\xe4\xb9\x63\xa2\x66\x5a\x3d\x14\xbd\x27\xc7\x09\xc0\x3c\xd9\x00"
"\xc9\x90\xec\x7f\x3b\xfb\xe9\xea\x9d\xb4\x39\x62\x4d\x22\xe5\x43" },{ 4096, false,
"\xb2\xf1\x0e\x66\xd4\x58\x4e\x93\xe7\x98\xae\x9c\x3e\xa7\xad\xf2"
"\x93\x1a\xaa\x3c\xc4\x90\x12\x05\x00\x58\x25\x8f\x1f\x5d\xc6\x67"
},{ 4096, true,
"\x44\xaa\xf1\x23\x0c\x34\x32\x2a\xfa\xe3\xf7\x95\x7a\x7c\xa8\x8b"
"\x34\x78\xbd\x12\x5c\xae\x4a\x65\x23\x8a\x6f\x3a\x96\x05\xfa\xae"
}, },
}}, }},
{ {
"aes", "cbc", "aes", "cbc",
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16, "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
"plain64be", UINT32_MAX-1, 8192, "plain64be", UINT32_MAX-7, 8192,
"\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b" "\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b"
"\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", { "\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", {
{ { 512, false,
512, "\x28\xbf\x09\xe1\x68\xcc\x05\x1b\x20\xaf\x8d\x01\x36\x21\x8a\x8d"
"\x7f\xf9\xdb\xe1\xf6\x8c\x4d\xb4\x33\x9d\x61\x7b\x67\x5c\xef\x69" "\x7a\x94\x98\xa8\x99\xe9\xf4\x66\xd8\xb7\x99\xca\x04\x58\x83\x90"
"\xea\x94\x32\x3d\xa7\x70\x01\xe0\x06\x4c\xf8\x56\x64\xd0\xb7\xdf" },{ 1024, false,
},{ "\x9b\x74\xf7\xd5\x5a\x6b\xb2\x3a\xd2\x09\xdd\x80\x59\x28\x70\x8f"
1024, "\x3a\x61\xf2\x14\xc3\x0d\xa8\xd7\xd9\xcb\x57\x26\x73\x88\x93\xd2"
"\x8e\x33\x0b\xa2\x45\x78\x5a\x3d\x5e\xf7\x74\xf9\x75\xb5\xbd\x06" },{ 1024, true,
"\x38\x78\x74\x4f\xd8\xec\x11\x96\xf7\x92\x2b\xb1\x9a\xc2\xc3\xef" "\x36\xb5\x68\x08\x29\x55\xb9\xe9\x01\xc1\xa8\xcf\x3e\x5b\x00\x28"
},{ "\xb6\xd1\x35\xc5\xf7\x0c\xf6\x59\xb5\x8f\xb9\xa2\x00\x43\x29\x48"
2048, },{ 2048, false,
"\xad\x94\xcb\x8d\x96\x47\x10\x5c\x54\xce\x74\xca\xc8\xa3\xbd\x3e" "\x94\x4f\xc8\xb4\xfe\xad\xdc\x56\xf0\x62\x00\x8d\x52\x0b\x2d\x58"
"\xdf\xa7\xf5\x14\x2a\x77\x4c\x50\xb8\x01\x46\xc3\x89\x50\xa7\x46" "\xc0\x05\xd6\x1d\x47\x35\xc6\x6a\x42\xec\x98\xee\x21\x74\x7b\xe5"
},{ },{ 2048, true,
4096, "\x14\x6b\xaa\x2f\xf4\xa8\x24\x3f\x4e\x92\x97\x1a\xca\x1c\xbb\x46"
"\x3b\xdb\xbe\x01\x09\xd9\xda\xf7\x77\x85\xe2\x30\xaf\x21\xe7\x70" "\xa7\x08\xbb\xc5\x95\xac\x73\x81\x25\x34\x33\x41\x95\x71\xd9\xe7"
"\x51\x2c\x6b\xcc\x75\x40\x7e\x8d\xdc\x90\xab\xaf\x6d\x2e\x0b\x49" },{ 4096, false,
"\xa8\x17\x5d\x84\xc8\x16\x06\x7f\xa2\x68\xdd\x1e\x7d\x63\x34\x93"
"\x7b\x45\x2d\xf4\x10\x0b\x90\xfa\x14\x8b\x73\x86\xbc\x09\x4a\xe3"
},{ 4096, true,
"\xe2\xc3\x30\xd8\xa1\xb3\xa8\xeb\xde\xdc\xfe\x9b\xe0\x0b\x62\x4e"
"\x38\x2f\xa1\x45\x0e\x8f\x6c\xf0\x4e\x88\x58\x17\x13\xb5\x10\x98"
}, },
}}, }},
{ {
@@ -767,22 +788,27 @@ static struct cipher_iv_test_vector cipher_iv_test_vectors[] = {
"essiv:sha256", 0, 8192, "essiv:sha256", 0, 8192,
"\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b" "\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b"
"\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", { "\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", {
{ { 512, false,
512,
"\xa5\x3e\x74\xc4\x1a\x5c\xf3\x6b\x63\x49\xd5\xd9\xbb\x7a\x89\x5a" "\xa5\x3e\x74\xc4\x1a\x5c\xf3\x6b\x63\x49\xd5\xd9\xbb\x7a\x89\x5a"
"\xd5\x3e\x76\x6f\x4c\x2d\x0b\xd3\x8b\x5e\x0e\x91\xa3\x8c\x2a\xde" "\xd5\x3e\x76\x6f\x4c\x2d\x0b\xd3\x8b\x5e\x0e\x91\xa3\x8c\x2a\xde"
},{ },{ 1024, false,
1024,
"\x41\x6b\xc6\x75\x2e\x99\x76\xa1\x83\xea\xd5\x97\x64\x0e\x24\x8c" "\x41\x6b\xc6\x75\x2e\x99\x76\xa1\x83\xea\xd5\x97\x64\x0e\x24\x8c"
"\x91\x17\x03\x38\xe7\xd8\x66\x64\xaa\xd7\x27\x50\x2a\xd3\x0b\xe6" "\x91\x17\x03\x38\xe7\xd8\x66\x64\xaa\xd7\x27\x50\x2a\xd3\x0b\xe6"
},{ },{ 1024, true,
2048, "\x02\x3c\xbe\xe6\x1e\x9a\xf3\x14\xab\x16\xff\x6f\xb6\xa2\x3e\x03"
"\xa1\xbd\xe9\xe4\xfa\x44\x5b\x22\xc6\x53\xe8\x60\x58\x15\x99\xea"
},{ 2048, false,
"\x84\xdc\x45\xd3\x61\x03\xa8\x51\x85\x5b\xef\xf8\x92\x6b\x12\x06" "\x84\xdc\x45\xd3\x61\x03\xa8\x51\x85\x5b\xef\xf8\x92\x6b\x12\x06"
"\x2c\xfe\x75\x3e\xcf\x28\xd1\x8b\x4d\xcb\x88\x9e\x31\xb0\x0b\x92" "\x2c\xfe\x75\x3e\xcf\x28\xd1\x8b\x4d\xcb\x88\x9e\x31\xb0\x0b\x92"
},{ },{ 2048, true,
4096, "\x4b\x9d\xe4\x3c\xe2\x4e\x7a\x13\x72\x02\x48\xf8\x7a\x7e\x15\xe8"
"\x3a\xc3\x92\x0b\xe8\x30\xac\xb7\x9a\xe0\xcf\xf9\xb1\xf5\x61\x5b"
},{ 4096, false,
"\xbb\x1b\xa3\xa9\x41\xbf\x17\xd8\x76\x19\x08\x8e\x3f\x50\xed\xfd" "\xbb\x1b\xa3\xa9\x41\xbf\x17\xd8\x76\x19\x08\x8e\x3f\x50\xed\xfd"
"\x57\x1d\xd2\xc2\x8a\x32\x01\xb9\xd9\x8a\xcc\x0d\xa0\x65\x8b\x6d" "\x57\x1d\xd2\xc2\x8a\x32\x01\xb9\xd9\x8a\xcc\x0d\xa0\x65\x8b\x6d"
},{ 4096, true,
"\xa6\xdc\x7d\xc8\xc4\x9b\x78\x81\x72\xe9\xdd\x35\x6c\x07\xeb\x7b"
"\xd6\x56\x9e\xe4\xdf\xf5\xdd\x2e\x2c\x19\x8f\x63\x58\xdb\xa7\xd0"
}, },
}}, }},
{ {
@@ -791,22 +817,27 @@ static struct cipher_iv_test_vector cipher_iv_test_vectors[] = {
"benbi", 0, 8192, "benbi", 0, 8192,
"\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b" "\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b"
"\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", { "\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", {
{ { 512, false,
512,
"\x3c\xe3\x94\xe3\x6d\x68\x5b\xdb\x5a\x8d\x71\xbf\xd3\xa6\x68\xb9" "\x3c\xe3\x94\xe3\x6d\x68\x5b\xdb\x5a\x8d\x71\xbf\xd3\xa6\x68\xb9"
"\x1f\x33\x0f\x97\xe2\xd6\xe8\xe2\xe1\xfc\x7e\x80\x28\xf1\x73\xbd" "\x1f\x33\x0f\x97\xe2\xd6\xe8\xe2\xe1\xfc\x7e\x80\x28\xf1\x73\xbd"
},{ },{ 1024, false,
1024,
"\x0f\x27\xa7\xae\x31\x9e\x71\x02\x12\x16\x44\x5f\xbb\xc6\xcb\x78" "\x0f\x27\xa7\xae\x31\x9e\x71\x02\x12\x16\x44\x5f\xbb\xc6\xcb\x78"
"\xd4\x84\x49\xe0\x88\x85\x04\xbf\x6d\xea\x60\x76\x98\x34\x0a\x7e" "\xd4\x84\x49\xe0\x88\x85\x04\xbf\x6d\xea\x60\x76\x98\x34\x0a\x7e"
},{ },{ 1024, true,
2048, "\x3e\xf3\x08\x8d\x3b\x20\x4b\x51\x54\xde\x7f\x77\x5b\xcf\x02\x8b"
"\x0e\xb0\x74\x2e\x8e\x29\xfa\x5e\x86\xb4\xab\x65\x18\x59\x48\xb1"
},{ 2048, false,
"\xb0\x9a\xe5\x31\x5f\x2e\x9d\x13\x04\x08\x2a\x02\x71\x3d\xdb\x5d" "\xb0\x9a\xe5\x31\x5f\x2e\x9d\x13\x04\x08\x2a\x02\x71\x3d\xdb\x5d"
"\xb2\xc9\x68\x5b\xdc\xd1\x38\xc2\x96\xb3\x3b\x72\xda\x9d\xcb\xe6" "\xb2\xc9\x68\x5b\xdc\xd1\x38\xc2\x96\xb3\x3b\x72\xda\x9d\xcb\xe6"
},{ },{ 2048, true,
4096, "\x6f\x34\xf0\xc1\xea\x72\xe4\xdc\x91\x91\x78\xb3\x7c\xb0\x9d\x41"
"\x94\xf6\xb8\xad\x05\xc4\x0e\x49\x05\x31\x90\xf0\x56\xfe\x21\x3f"
},{ 4096, false,
"\xaa\x74\x7d\xd6\x73\xa7\x77\xe1\x7f\xb9\x76\xf7\x5c\xcf\xc0\xb7" "\xaa\x74\x7d\xd6\x73\xa7\x77\xe1\x7f\xb9\x76\xf7\x5c\xcf\xc0\xb7"
"\xfa\x7b\xed\x15\xc2\x32\x7c\x27\xbb\x35\xfc\xfe\x12\xee\x14\x2d" "\xfa\x7b\xed\x15\xc2\x32\x7c\x27\xbb\x35\xfc\xfe\x12\xee\x14\x2d"
},{ 4096, true,
"\x71\x1b\x3d\x26\xf4\x44\x82\x72\x1b\x7a\x65\x0b\x37\x8c\x94\x5b"
"\x1c\xd3\x30\x2f\xf6\xce\xa4\x24\x25\xeb\x9b\xb9\x83\xe5\x71\xbb"
}, },
}}, }},
{ {
@@ -815,22 +846,27 @@ static struct cipher_iv_test_vector cipher_iv_test_vectors[] = {
"eboiv", 0, 8192, "eboiv", 0, 8192,
"\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b" "\x9f\x1d\xcb\xc3\x5c\x35\x0d\x60\x27\xf9\x8b\xe0\xf5\xc8\xb4\x3b"
"\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", { "\x42\xca\x52\xb7\x60\x44\x59\xc0\xc4\x2b\xe3\xaa\x88\x91\x3d\x47", {
{ { 512, false,
512,
"\x04\x4e\x92\x9f\x79\x66\xfe\x93\x1b\xa5\xb8\x02\xfe\x7e\xf9\x26" "\x04\x4e\x92\x9f\x79\x66\xfe\x93\x1b\xa5\xb8\x02\xfe\x7e\xf9\x26"
"\x7b\x64\x39\xe7\xb3\xca\xc4\x6e\xca\x27\xa0\x2f\xe2\xea\x91\x16" "\x7b\x64\x39\xe7\xb3\xca\xc4\x6e\xca\x27\xa0\x2f\xe2\xea\x91\x16"
},{ },{ 1024, false,
1024,
"\xb0\x4a\xa4\xb5\xd6\x45\x7a\x86\xe9\x43\x3d\xd6\x01\xf7\x68\x8e" "\xb0\x4a\xa4\xb5\xd6\x45\x7a\x86\xe9\x43\x3d\xd6\x01\xf7\x68\x8e"
"\xe6\x81\x8d\x50\x55\x18\x8e\x4b\xb6\xa7\x89\xdf\xe2\x4b\x94\xe2" "\xe6\x81\x8d\x50\x55\x18\x8e\x4b\xb6\xa7\x89\xdf\xe2\x4b\x94\xe2"
},{ },{ 1024, true,
2048, "\x95\x08\x4d\x4e\x89\xab\x91\x4e\xae\x56\x5d\xec\xf2\x78\x13\xb1"
"\x82\xf7\xc8\xb5\x03\xd6\xfa\xb0\xe3\xf9\xc1\x01\xc0\x0c\x35\xa4"
},{ 2048, false,
"\xd4\x00\x1f\x26\x18\xd1\x6d\xd5\xc4\xbf\x4a\x13\x30\xae\xd7\x4b" "\xd4\x00\x1f\x26\x18\xd1\x6d\xd5\xc4\xbf\x4a\x13\x30\xae\xd7\x4b"
"\x33\x1e\xd5\xe8\x43\x2d\x95\x84\x67\x39\x04\x51\x5f\x1f\x49\xe4" "\x33\x1e\xd5\xe8\x43\x2d\x95\x84\x67\x39\x04\x51\x5f\x1f\x49\xe4"
},{ },{ 2048, true,
4096, "\x89\x8d\xa2\xec\x45\x7f\xf0\xac\xfc\x70\xb6\x36\xf0\x89\xca\x86"
"\x6b\xbf\x09\xd2\x54\xa0\x7c\xbc\x17\xd3\x4e\xb8\x10\x8a\x3f\x5d"
},{ 4096, false,
"\xd1\xd7\x4f\x70\x9a\xa0\x22\x27\x60\xdb\x40\x5a\x84\xce\x89\x2c" "\xd1\xd7\x4f\x70\x9a\xa0\x22\x27\x60\xdb\x40\x5a\x84\xce\x89\x2c"
"\x4f\x98\x55\xd2\x2d\xd1\xea\x9e\x47\xae\x8a\x83\xb5\x90\xbb\x49" "\x4f\x98\x55\xd2\x2d\xd1\xea\x9e\x47\xae\x8a\x83\xb5\x90\xbb\x49"
},{ 4096, true,
"\xdb\xe7\xd2\x25\xb0\x4f\x5d\x36\x20\xc4\xc2\xb4\xe8\x7e\xae\xe9"
"\x95\x10\x45\x5d\xdd\xc4\xcd\x33\xad\xbd\x39\x49\xf2\x85\x82\x4c"
}, },
}}}; }}};
@@ -1106,12 +1142,12 @@ static int cipher_iv_test(void)
snprintf(mode_iv, sizeof(mode_iv)-2, "%s-%s", vector->cipher_mode, vector->iv_name); snprintf(mode_iv, sizeof(mode_iv)-2, "%s-%s", vector->cipher_mode, vector->iv_name);
r = crypt_storage_init(&storage, vector->out[j].sector_size, vector->cipher_name, mode_iv, r = crypt_storage_init(&storage, vector->out[j].sector_size, vector->cipher_name, mode_iv,
vector->key, vector->key_length); vector->key, vector->key_length, vector->out[j].large_iv);
if (r == -ENOENT || r == -ENOTSUP) { if (r == -ENOENT || r == -ENOTSUP) {
printf("[N/A]"); printf("[N/A]");
continue; continue;
} else { } else {
printf("[%i]", (int)vector->out[j].sector_size); printf("[%i%s]", (int)vector->out[j].sector_size, vector->out[j].large_iv ? "L" : "");
if (r) if (r)
return EXIT_FAILURE; return EXIT_FAILURE;
} }