aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorTan Swee Heng <thesweeheng@gmail.com>2007-11-23 06:45:00 -0500
committerHerbert Xu <herbert@gondor.apana.org.au>2008-01-10 16:16:15 -0500
commit2407d60872dd2a95404c6048f775f3b64d438f4b (patch)
tree6a333c5eaae616736b2f184cee8e9f052cee966d /crypto
parent332f8840f7095d294f9bb066b175a100bcde214c (diff)
[CRYPTO] salsa20: Salsa20 stream cipher
This patch implements the Salsa20 stream cipher using the blkcipher interface. The core cipher code comes from Daniel Bernstein's submission to eSTREAM: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ref/ The test vectors comes from: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ It has been tested successfully with "modprobe tcrypt mode=34" on an UML instance. Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/Kconfig12
-rw-r--r--crypto/Makefile1
-rw-r--r--crypto/salsa20_generic.c243
-rw-r--r--crypto/tcrypt.c8
-rw-r--r--crypto/tcrypt.h161
5 files changed, 424 insertions, 1 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 7758454b9f17..8d6cac97021f 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -454,6 +454,18 @@ config CRYPTO_SEED
454 See also: 454 See also:
455 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 455 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
456 456
457config CRYPTO_SALSA20
458 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
459 depends on EXPERIMENTAL
460 select CRYPTO_BLKCIPHER
461 help
462 Salsa20 stream cipher algorithm.
463
464 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
465 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
466
467 The Salsa20 stream cipher algorithm is designed by Daniel J.
468 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
457 469
458config CRYPTO_DEFLATE 470config CRYPTO_DEFLATE
459 tristate "Deflate compression algorithm" 471 tristate "Deflate compression algorithm"
diff --git a/crypto/Makefile b/crypto/Makefile
index 1f87db2e45b9..9b1476e5f0da 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -49,6 +49,7 @@ obj-$(CONFIG_CRYPTO_TEA) += tea.o
49obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.o 49obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.o
50obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o 50obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o
51obj-$(CONFIG_CRYPTO_SEED) += seed.o 51obj-$(CONFIG_CRYPTO_SEED) += seed.o
52obj-$(CONFIG_CRYPTO_SALSA20) += salsa20_generic.o
52obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o 53obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o
53obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o 54obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o
54obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o 55obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o
diff --git a/crypto/salsa20_generic.c b/crypto/salsa20_generic.c
new file mode 100644
index 000000000000..b49328afcf0a
--- /dev/null
+++ b/crypto/salsa20_generic.c
@@ -0,0 +1,243 @@
1/*
2 * Salsa20: Salsa20 stream cipher algorithm
3 *
4 * Copyright (c) 2007 Tan Swee Heng <thesweeheng@gmail.com>
5 *
6 * Derived from:
7 * - salsa20.c: Public domain C code by Daniel J. Bernstein <djb@cr.yp.to>
8 *
9 * Salsa20 is a stream cipher candidate in eSTREAM, the ECRYPT Stream
10 * Cipher Project. It is designed by Daniel J. Bernstein <djb@cr.yp.to>.
11 * More information about eSTREAM and Salsa20 can be found here:
12 * http://www.ecrypt.eu.org/stream/
13 * http://cr.yp.to/snuffle.html
14 *
15 * This program is free software; you can redistribute it and/or modify it
16 * under the terms of the GNU General Public License as published by the Free
17 * Software Foundation; either version 2 of the License, or (at your option)
18 * any later version.
19 *
20 */
21
22#include <linux/init.h>
23#include <linux/module.h>
24#include <linux/errno.h>
25#include <linux/crypto.h>
26#include <linux/types.h>
27#include <crypto/algapi.h>
28#include <asm/byteorder.h>
29
30#define SALSA20_IV_SIZE 8U
31#define SALSA20_MIN_KEY_SIZE 16U
32#define SALSA20_MAX_KEY_SIZE 32U
33
34/*
35 * Start of code taken from D. J. Bernstein's reference implementation.
36 * With some modifications and optimizations made to suit our needs.
37 */
38
39/*
40salsa20-ref.c version 20051118
41D. J. Bernstein
42Public domain.
43*/
44
45#define ROTATE(v,n) (((v) << (n)) | ((v) >> (32 - (n))))
46#define XOR(v,w) ((v) ^ (w))
47#define PLUS(v,w) (((v) + (w)))
48#define PLUSONE(v) (PLUS((v),1))
49#define U32TO8_LITTLE(p, v) \
50 { (p)[0] = (v >> 0) & 0xff; (p)[1] = (v >> 8) & 0xff; \
51 (p)[2] = (v >> 16) & 0xff; (p)[3] = (v >> 24) & 0xff; }
52#define U8TO32_LITTLE(p) \
53 (((u32)((p)[0]) ) | ((u32)((p)[1]) << 8) | \
54 ((u32)((p)[2]) << 16) | ((u32)((p)[3]) << 24) )
55
56struct salsa20_ctx
57{
58 u32 input[16];
59};
60
61static void salsa20_wordtobyte(u8 output[64], const u32 input[16])
62{
63 u32 x[16];
64 int i;
65
66 memcpy(x, input, sizeof(x));
67 for (i = 20; i > 0; i -= 2) {
68 x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 0],x[12]), 7));
69 x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[ 4],x[ 0]), 9));
70 x[12] = XOR(x[12],ROTATE(PLUS(x[ 8],x[ 4]),13));
71 x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[12],x[ 8]),18));
72 x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 5],x[ 1]), 7));
73 x[13] = XOR(x[13],ROTATE(PLUS(x[ 9],x[ 5]), 9));
74 x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[13],x[ 9]),13));
75 x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 1],x[13]),18));
76 x[14] = XOR(x[14],ROTATE(PLUS(x[10],x[ 6]), 7));
77 x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[14],x[10]), 9));
78 x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 2],x[14]),13));
79 x[10] = XOR(x[10],ROTATE(PLUS(x[ 6],x[ 2]),18));
80 x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[15],x[11]), 7));
81 x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 3],x[15]), 9));
82 x[11] = XOR(x[11],ROTATE(PLUS(x[ 7],x[ 3]),13));
83 x[15] = XOR(x[15],ROTATE(PLUS(x[11],x[ 7]),18));
84 x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[ 0],x[ 3]), 7));
85 x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[ 1],x[ 0]), 9));
86 x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[ 2],x[ 1]),13));
87 x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[ 3],x[ 2]),18));
88 x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 5],x[ 4]), 7));
89 x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 6],x[ 5]), 9));
90 x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 7],x[ 6]),13));
91 x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 4],x[ 7]),18));
92 x[11] = XOR(x[11],ROTATE(PLUS(x[10],x[ 9]), 7));
93 x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[11],x[10]), 9));
94 x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 8],x[11]),13));
95 x[10] = XOR(x[10],ROTATE(PLUS(x[ 9],x[ 8]),18));
96 x[12] = XOR(x[12],ROTATE(PLUS(x[15],x[14]), 7));
97 x[13] = XOR(x[13],ROTATE(PLUS(x[12],x[15]), 9));
98 x[14] = XOR(x[14],ROTATE(PLUS(x[13],x[12]),13));
99 x[15] = XOR(x[15],ROTATE(PLUS(x[14],x[13]),18));
100 }
101 for (i = 0; i < 16; ++i)
102 x[i] = PLUS(x[i],input[i]);
103 for (i = 0; i < 16; ++i)
104 U32TO8_LITTLE(output + 4 * i,x[i]);
105}
106
107static const char sigma[16] = "expand 32-byte k";
108static const char tau[16] = "expand 16-byte k";
109
110static void salsa20_keysetup(struct salsa20_ctx *ctx, const u8 *k, u32 kbytes)
111{
112 const char *constants;
113
114 ctx->input[1] = U8TO32_LITTLE(k + 0);
115 ctx->input[2] = U8TO32_LITTLE(k + 4);
116 ctx->input[3] = U8TO32_LITTLE(k + 8);
117 ctx->input[4] = U8TO32_LITTLE(k + 12);
118 if (kbytes == 32) { /* recommended */
119 k += 16;
120 constants = sigma;
121 } else { /* kbytes == 16 */
122 constants = tau;
123 }
124 ctx->input[11] = U8TO32_LITTLE(k + 0);
125 ctx->input[12] = U8TO32_LITTLE(k + 4);
126 ctx->input[13] = U8TO32_LITTLE(k + 8);
127 ctx->input[14] = U8TO32_LITTLE(k + 12);
128 ctx->input[0] = U8TO32_LITTLE(constants + 0);
129 ctx->input[5] = U8TO32_LITTLE(constants + 4);
130 ctx->input[10] = U8TO32_LITTLE(constants + 8);
131 ctx->input[15] = U8TO32_LITTLE(constants + 12);
132}
133
134static void salsa20_ivsetup(struct salsa20_ctx *ctx, const u8 *iv)
135{
136 ctx->input[6] = U8TO32_LITTLE(iv + 0);
137 ctx->input[7] = U8TO32_LITTLE(iv + 4);
138 ctx->input[8] = 0;
139 ctx->input[9] = 0;
140}
141
142static void salsa20_encrypt_bytes(struct salsa20_ctx *ctx, u8 *dst,
143 const u8 *src, unsigned int bytes)
144{
145 u8 buf[64];
146 int i;
147
148 if (dst != src)
149 memcpy(dst, src, bytes);
150
151 while (bytes) {
152 salsa20_wordtobyte(buf, ctx->input);
153
154 ctx->input[8] = PLUSONE(ctx->input[8]);
155 if (!ctx->input[8])
156 ctx->input[9] = PLUSONE(ctx->input[9]);
157
158 if (bytes <= 64) {
159 for (i = 0; i < bytes/4; ++i)
160 ((u32*)dst)[i] ^= ((u32*)buf)[i];
161 for (i = bytes - bytes % 4; i < bytes; ++i)
162 dst[i] ^= buf[i];
163 return;
164 }
165
166 for (i = 0; i < 64/4; ++i)
167 ((u32*)dst)[i] ^= ((u32*)buf)[i];
168 bytes -= 64;
169 dst += 64;
170 }
171}
172
173/*
174 * End of code taken from D. J. Bernstein's reference implementation.
175 */
176
177static int setkey(struct crypto_tfm *tfm, const u8 *key,
178 unsigned int keysize)
179{
180 struct salsa20_ctx *ctx = crypto_tfm_ctx(tfm);
181 salsa20_keysetup(ctx, key, keysize);
182 return 0;
183}
184
185static int encrypt(struct blkcipher_desc *desc,
186 struct scatterlist *dst, struct scatterlist *src,
187 unsigned int nbytes)
188{
189 struct blkcipher_walk walk;
190 struct crypto_blkcipher *tfm = desc->tfm;
191 struct salsa20_ctx *ctx = crypto_blkcipher_ctx(tfm);
192 int err;
193
194 blkcipher_walk_init(&walk, dst, src, nbytes);
195 err = blkcipher_walk_virt(desc, &walk);
196
197 salsa20_ivsetup(ctx, walk.iv);
198 salsa20_encrypt_bytes(ctx, walk.dst.virt.addr,
199 walk.src.virt.addr, nbytes);
200
201 err = blkcipher_walk_done(desc, &walk, 0);
202 return err;
203}
204
205static struct crypto_alg alg = {
206 .cra_name = "salsa20",
207 .cra_driver_name = "salsa20-generic",
208 .cra_priority = 100,
209 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
210 .cra_type = &crypto_blkcipher_type,
211 .cra_blocksize = 1,
212 .cra_ctxsize = sizeof(struct salsa20_ctx),
213 .cra_alignmask = 3,
214 .cra_module = THIS_MODULE,
215 .cra_list = LIST_HEAD_INIT(alg.cra_list),
216 .cra_u = {
217 .blkcipher = {
218 .setkey = setkey,
219 .encrypt = encrypt,
220 .decrypt = encrypt,
221 .min_keysize = SALSA20_MIN_KEY_SIZE,
222 .max_keysize = SALSA20_MAX_KEY_SIZE,
223 .ivsize = SALSA20_IV_SIZE,
224 }
225 }
226};
227
228static int __init init(void)
229{
230 return crypto_register_alg(&alg);
231}
232
233static void __exit fini(void)
234{
235 crypto_unregister_alg(&alg);
236}
237
238module_init(init);
239module_exit(fini);
240
241MODULE_LICENSE("GPL");
242MODULE_DESCRIPTION ("Salsa20 stream cipher algorithm");
243MODULE_ALIAS("salsa20");
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 4d364ccacbb2..b8cb1d1420ae 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -80,7 +80,7 @@ static char *check[] = {
80 "cast6", "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", 80 "cast6", "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea",
81 "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", 81 "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea",
82 "khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", "fcrypt", 82 "khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", "fcrypt",
83 "camellia", "seed", NULL 83 "camellia", "seed", "salsa20", NULL
84}; 84};
85 85
86static void hexdump(unsigned char *buf, unsigned int len) 86static void hexdump(unsigned char *buf, unsigned int len)
@@ -1309,6 +1309,12 @@ static void do_test(void)
1309 test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS); 1309 test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS);
1310 break; 1310 break;
1311 1311
1312 case 34:
1313 test_cipher("salsa20", ENCRYPT,
1314 salsa20_stream_enc_tv_template,
1315 SALSA20_STREAM_ENC_TEST_VECTORS);
1316 break;
1317
1312 case 100: 1318 case 100:
1313 test_hash("hmac(md5)", hmac_md5_tv_template, 1319 test_hash("hmac(md5)", hmac_md5_tv_template,
1314 HMAC_MD5_TEST_VECTORS); 1320 HMAC_MD5_TEST_VECTORS);
diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h
index b91585ea1362..6ffc411bf464 100644
--- a/crypto/tcrypt.h
+++ b/crypto/tcrypt.h
@@ -4644,6 +4644,167 @@ static struct cipher_testvec seed_dec_tv_template[] = {
4644 } 4644 }
4645}; 4645};
4646 4646
4647#define SALSA20_STREAM_ENC_TEST_VECTORS 4
4648static struct cipher_testvec salsa20_stream_enc_tv_template[] = {
4649 /*
4650 * Testvectors from verified.test-vectors submitted to ECRYPT.
4651 * They are truncated to size 39, 64, 111, 129 to test a variety
4652 * of input length.
4653 */
4654 { /* Set 3, vector 0 */
4655 .key = {
4656 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
4657 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
4658 },
4659 .klen = 16,
4660 .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
4661 .input = {
4662 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4663 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4664 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4665 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4666 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4667 },
4668 .ilen = 39,
4669 .result = {
4670 0x2D, 0xD5, 0xC3, 0xF7, 0xBA, 0x2B, 0x20, 0xF7,
4671 0x68, 0x02, 0x41, 0x0C, 0x68, 0x86, 0x88, 0x89,
4672 0x5A, 0xD8, 0xC1, 0xBD, 0x4E, 0xA6, 0xC9, 0xB1,
4673 0x40, 0xFB, 0x9B, 0x90, 0xE2, 0x10, 0x49, 0xBF,
4674 0x58, 0x3F, 0x52, 0x79, 0x70, 0xEB, 0xC1,
4675 },
4676 .rlen = 39,
4677 }, { /* Set 5, vector 0 */
4678 .key = {
4679 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4680 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
4681 },
4682 .klen = 16,
4683 .iv = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
4684 .input = {
4685 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4686 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4687 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4688 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4689 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4690 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4691 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4692 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4693 },
4694 .ilen = 64,
4695 .result = {
4696 0xB6, 0x6C, 0x1E, 0x44, 0x46, 0xDD, 0x95, 0x57,
4697 0xE5, 0x78, 0xE2, 0x23, 0xB0, 0xB7, 0x68, 0x01,
4698 0x7B, 0x23, 0xB2, 0x67, 0xBB, 0x02, 0x34, 0xAE,
4699 0x46, 0x26, 0xBF, 0x44, 0x3F, 0x21, 0x97, 0x76,
4700 0x43, 0x6F, 0xB1, 0x9F, 0xD0, 0xE8, 0x86, 0x6F,
4701 0xCD, 0x0D, 0xE9, 0xA9, 0x53, 0x8F, 0x4A, 0x09,
4702 0xCA, 0x9A, 0xC0, 0x73, 0x2E, 0x30, 0xBC, 0xF9,
4703 0x8E, 0x4F, 0x13, 0xE4, 0xB9, 0xE2, 0x01, 0xD9,
4704 },
4705 .rlen = 64,
4706 }, { /* Set 3, vector 27 */
4707 .key = {
4708 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
4709 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A,
4710 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32,
4711 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A
4712 },
4713 .klen = 32,
4714 .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
4715 .input = {
4716 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4717 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4718 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4719 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4720 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4721 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4722 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4723 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4724
4725 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4726 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4727 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4728 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4729 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4730 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4731 },
4732 .ilen = 111,
4733 .result = {
4734 0xAE, 0x39, 0x50, 0x8E, 0xAC, 0x9A, 0xEC, 0xE7,
4735 0xBF, 0x97, 0xBB, 0x20, 0xB9, 0xDE, 0xE4, 0x1F,
4736 0x87, 0xD9, 0x47, 0xF8, 0x28, 0x91, 0x35, 0x98,
4737 0xDB, 0x72, 0xCC, 0x23, 0x29, 0x48, 0x56, 0x5E,
4738 0x83, 0x7E, 0x0B, 0xF3, 0x7D, 0x5D, 0x38, 0x7B,
4739 0x2D, 0x71, 0x02, 0xB4, 0x3B, 0xB5, 0xD8, 0x23,
4740 0xB0, 0x4A, 0xDF, 0x3C, 0xEC, 0xB6, 0xD9, 0x3B,
4741 0x9B, 0xA7, 0x52, 0xBE, 0xC5, 0xD4, 0x50, 0x59,
4742
4743 0x15, 0x14, 0xB4, 0x0E, 0x40, 0xE6, 0x53, 0xD1,
4744 0x83, 0x9C, 0x5B, 0xA0, 0x92, 0x29, 0x6B, 0x5E,
4745 0x96, 0x5B, 0x1E, 0x2F, 0xD3, 0xAC, 0xC1, 0x92,
4746 0xB1, 0x41, 0x3F, 0x19, 0x2F, 0xC4, 0x3B, 0xC6,
4747 0x95, 0x46, 0x45, 0x54, 0xE9, 0x75, 0x03, 0x08,
4748 0x44, 0xAF, 0xE5, 0x8A, 0x81, 0x12, 0x09,
4749 },
4750 .rlen = 111,
4751
4752 }, { /* Set 5, vector 27 */
4753 .key = {
4754 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4755 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4756 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4757 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
4758 },
4759 .klen = 32,
4760 .iv = { 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00 },
4761 .input = {
4762 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4763 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4764 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4765 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4766 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4767 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4768 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4769 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4770
4771 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4772 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4773 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4774 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4775 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4776 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4777 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4778 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
4779
4780 0x00,
4781 },
4782 .ilen = 129,
4783 .result = {
4784 0xD2, 0xDB, 0x1A, 0x5C, 0xF1, 0xC1, 0xAC, 0xDB,
4785 0xE8, 0x1A, 0x7A, 0x43, 0x40, 0xEF, 0x53, 0x43,
4786 0x5E, 0x7F, 0x4B, 0x1A, 0x50, 0x52, 0x3F, 0x8D,
4787 0x28, 0x3D, 0xCF, 0x85, 0x1D, 0x69, 0x6E, 0x60,
4788 0xF2, 0xDE, 0x74, 0x56, 0x18, 0x1B, 0x84, 0x10,
4789 0xD4, 0x62, 0xBA, 0x60, 0x50, 0xF0, 0x61, 0xF2,
4790 0x1C, 0x78, 0x7F, 0xC1, 0x24, 0x34, 0xAF, 0x58,
4791 0xBF, 0x2C, 0x59, 0xCA, 0x90, 0x77, 0xF3, 0xB0,
4792
4793 0x5B, 0x4A, 0xDF, 0x89, 0xCE, 0x2C, 0x2F, 0xFC,
4794 0x67, 0xF0, 0xE3, 0x45, 0xE8, 0xB3, 0xB3, 0x75,
4795 0xA0, 0x95, 0x71, 0xA1, 0x29, 0x39, 0x94, 0xCA,
4796 0x45, 0x2F, 0xBD, 0xCB, 0x10, 0xB6, 0xBE, 0x9F,
4797 0x8E, 0xF9, 0xB2, 0x01, 0x0A, 0x5A, 0x0A, 0xB7,
4798 0x6B, 0x9D, 0x70, 0x8E, 0x4B, 0xD6, 0x2F, 0xCD,
4799 0x2E, 0x40, 0x48, 0x75, 0xE9, 0xE2, 0x21, 0x45,
4800 0x0B, 0xC9, 0xB6, 0xB5, 0x66, 0xBC, 0x9A, 0x59,
4801
4802 0x5A,
4803 },
4804 .rlen = 129,
4805 }
4806};
4807
4647/* 4808/*
4648 * Compression stuff. 4809 * Compression stuff.
4649 */ 4810 */