bcm.c revision 9254e681d446a8105bd66f08bae1252d4d89a139
1572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan/* Copyright (c) 2017, Google Inc. 2572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * 3572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * Permission to use, copy, modify, and/or distribute this software for any 4572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * purpose with or without fee is hereby granted, provided that the above 5572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * copyright notice and this permission notice appear in all copies. 6572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * 7572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 159254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#if !defined(_GNU_SOURCE) 169254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#define _GNU_SOURCE /* needed for syscall() on Linux. */ 179254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#endif 189254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 199254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/aead.h> 209254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/aes.h> 21572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include <openssl/base.h> 229254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/bn.h> 239254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/bytestring.h> 24572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include <openssl/crypto.h> 259254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/des.h> 269254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/ecdsa.h> 279254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/ec_key.h> 28572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include <openssl/hmac.h> 299254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include <openssl/rsa.h> 30572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 31572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "../internal.h" 329254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "rand/internal.h" 33572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 34572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "aes/aes.c" 35572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "aes/key_wrap.c" 36572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "aes/mode_wrappers.c" 37572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "digest/digest.c" 38572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "digest/digests.c" 39572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "hmac/hmac.c" 40572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "md4/md4.c" 41572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "md5/md5.c" 429254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "modes/cbc.c" 439254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "modes/cfb.c" 449254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "modes/ctr.c" 459254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "modes/gcm.c" 469254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "modes/ofb.c" 479254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "modes/polyval.c" 489254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "rand/ctrdrbg.c" 499254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "rand/rand.c" 509254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#include "rand/urandom.c" 51572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "sha/sha1-altivec.c" 52572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "sha/sha1.c" 53572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "sha/sha256.c" 54572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#include "sha/sha512.c" 55572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 56572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 57572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#if defined(BORINGSSL_FIPS) 58572a4e2e687520da9e518528d7371b794b1decc0Robert Sloanstatic void hexdump(const uint8_t *in, size_t len) { 59572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan for (size_t i = 0; i < len; i++) { 60572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan printf("%02x", in[i]); 61572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan } 62572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan} 63572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 649254e681d446a8105bd66f08bae1252d4d89a139Robert Sloanstatic int check_test(const void *expected, const void *actual, 659254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan size_t expected_len, const char *name) { 669254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (OPENSSL_memcmp(actual, expected, expected_len) != 0) { 679254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan printf("%s failed.\nExpected: ", name); 689254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan hexdump(expected, expected_len); 699254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan printf("\nCalculated: "); 709254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan hexdump(actual, expected_len); 719254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan printf("\n"); 729254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan return 0; 739254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 749254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan return 1; 759254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan} 76572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 77572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#if defined(__has_feature) 78572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#if __has_feature(address_sanitizer) 799254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan/* Integrity tests cannot run under ASAN because it involves reading the full 809254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan * .text section, which triggers the global-buffer overflow detection. */ 819254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#define OPENSSL_ASAN 82572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#endif 83572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#endif 84572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 859254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 869254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#ifndef OPENSSL_ASAN 879254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan/* These symbols are filled in by delocate.go. They point to the start and end 889254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan * of the module, and the location of the integrity hash, respectively. */ 899254e681d446a8105bd66f08bae1252d4d89a139Robert Sloanextern const uint8_t BORINGSSL_bcm_text_start[]; 909254e681d446a8105bd66f08bae1252d4d89a139Robert Sloanextern const uint8_t BORINGSSL_bcm_text_end[]; 919254e681d446a8105bd66f08bae1252d4d89a139Robert Sloanextern const uint8_t BORINGSSL_bcm_text_hash[]; 929254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#endif 939254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 949254e681d446a8105bd66f08bae1252d4d89a139Robert Sloanstatic void BORINGSSL_bcm_power_on_self_test(void) __attribute__((constructor)); 959254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 969254e681d446a8105bd66f08bae1252d4d89a139Robert Sloanstatic void BORINGSSL_bcm_power_on_self_test(void) { 979254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan CRYPTO_library_init(); 989254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 999254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#ifndef OPENSSL_ASAN 1009254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t *const start = BORINGSSL_bcm_text_start; 1019254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t *const end = BORINGSSL_bcm_text_end; 102572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 103572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan static const uint8_t kHMACKey[32] = {0}; 104572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan uint8_t result[SHA256_DIGEST_LENGTH]; 105572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 106572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan unsigned result_len; 107572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan if (!HMAC(EVP_sha256(), kHMACKey, sizeof(kHMACKey), start, end - start, 108572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan result, &result_len) || 109572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan result_len != sizeof(result)) { 110572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan goto err; 111572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan } 112572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 1139254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t *expected = BORINGSSL_bcm_text_hash; 114572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 1159254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(expected, result, sizeof(result), "FIPS integrity test")) { 116572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan goto err; 117572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan } 1189254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan#endif 1199254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 1209254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kAESKey[16] = "BoringCrypto Key"; 1219254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kAESIV[16] = {0}; 1229254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kPlaintext[64] = 1239254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "BoringCryptoModule FIPS KAT Encryption and Decryption Plaintext!"; 1249254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kAESCBCCiphertext[64] = { 1259254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x87, 0x2d, 0x98, 0xc2, 0xcc, 0x31, 0x5b, 0x41, 0xe0, 0xfa, 0x7b, 1269254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x0a, 0x71, 0xc0, 0x42, 0xbf, 0x4f, 0x61, 0xd0, 0x0d, 0x58, 0x8c, 1279254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf7, 0x05, 0xfb, 0x94, 0x89, 0xd3, 0xbc, 0xaa, 0x1a, 0x50, 0x45, 1289254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x1f, 0xc3, 0x8c, 0xb8, 0x98, 0x86, 0xa3, 0xe3, 0x6c, 0xfc, 0xad, 1299254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x3a, 0xb5, 0x59, 0x27, 0x7d, 0x21, 0x07, 0xca, 0x4c, 0x1d, 0x55, 1309254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x34, 0xdd, 0x5a, 0x2d, 0xc4, 0xb4, 0xf5, 0xa8, 0x35 1319254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 1329254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kAESGCMCiphertext[80] = { 1339254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x4a, 0xd8, 0xe7, 0x7d, 0x78, 0xd7, 0x7d, 0x5e, 0xb2, 0x11, 0xb6, 0xc9, 1349254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa4, 0xbc, 0xb2, 0xae, 0xbe, 0x93, 0xd1, 0xb7, 0xfe, 0x65, 0xc1, 0x82, 1359254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x2a, 0xb6, 0x71, 0x5f, 0x1a, 0x7c, 0xe0, 0x1b, 0x2b, 0xe2, 0x53, 0xfa, 1369254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa0, 0x47, 0xfa, 0xd7, 0x8f, 0xb1, 0x4a, 0xc4, 0xdc, 0x89, 0xf9, 0xb4, 1379254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x14, 0x4d, 0xde, 0x95, 0xea, 0x29, 0x69, 0x76, 0x81, 0xa3, 0x5c, 0x33, 1389254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd8, 0x37, 0xd8, 0xfa, 0x47, 0x19, 0x46, 0x2f, 0xf1, 0x90, 0xb7, 0x61, 1399254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x8f, 0x6f, 0xdd, 0x31, 0x3f, 0x6a, 0x64, 0x0d 1409254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 1419254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const DES_cblock kDESKey1 = {"BCMDESK1"}; 1429254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const DES_cblock kDESKey2 = {"BCMDESK2"}; 1439254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const DES_cblock kDESKey3 = {"BCMDESK3"}; 1449254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const DES_cblock kDESIV = {"BCMDESIV"}; 1459254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kDESCiphertext[64] = { 1469254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa4, 0x30, 0x7a, 0x4c, 0x1f, 0x60, 0x16, 0xd7, 0x4f, 0x41, 0xe1, 1479254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xbb, 0x27, 0xc4, 0x27, 0x37, 0xd4, 0x7f, 0xb9, 0x10, 0xf8, 0xbc, 1489254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xaf, 0x93, 0x91, 0xb8, 0x88, 0x24, 0xb1, 0xf6, 0xf8, 0xbd, 0x31, 1499254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x96, 0x06, 0x76, 0xde, 0x32, 0xcd, 0x29, 0x29, 0xba, 0x70, 0x5f, 1509254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xea, 0xc0, 0xcb, 0xde, 0xc7, 0x75, 0x90, 0xe0, 0x0f, 0x5e, 0x2c, 1519254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x0d, 0x49, 0x20, 0xd5, 0x30, 0x83, 0xf8, 0x08, 0x5a 1529254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 1539254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kPlaintextSHA1[20] = { 1549254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc6, 0xf8, 0xc9, 0x63, 0x1c, 0x14, 0x23, 0x62, 0x9b, 0xbd, 1559254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x55, 0x82, 0xf4, 0xd6, 0x1d, 0xf2, 0xab, 0x7d, 0xc8, 0x28 1569254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 1579254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kPlaintextSHA256[32] = { 1589254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x37, 0xbd, 0x70, 0x53, 0x72, 0xfc, 0xd4, 0x03, 0x79, 0x70, 0xfb, 1599254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x06, 0x95, 0xb1, 0x2a, 0x82, 0x48, 0xe1, 0x3e, 0xf2, 0x33, 0xfb, 1609254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xef, 0x29, 0x81, 0x22, 0x45, 0x40, 0x43, 0x70, 0xce, 0x0f 1619254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 1629254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kPlaintextSHA512[64] = { 1639254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x08, 0x6a, 0x1c, 0x84, 0x61, 0x9d, 0x8e, 0xb3, 0xc0, 0x97, 0x4e, 1649254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa1, 0x9f, 0x9c, 0xdc, 0xaf, 0x3b, 0x5c, 0x31, 0xf0, 0xf2, 0x74, 1659254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc3, 0xbd, 0x6e, 0xd6, 0x1e, 0xb2, 0xbb, 0x34, 0x74, 0x72, 0x5c, 1669254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x51, 0x29, 0x8b, 0x87, 0x3a, 0xa3, 0xf2, 0x25, 0x23, 0xd4, 0x1c, 1679254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x82, 0x1b, 0xfe, 0xd3, 0xc6, 0xee, 0xb5, 0xd6, 0xaf, 0x07, 0x7b, 1689254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x98, 0xca, 0xa7, 0x01, 0xf3, 0x94, 0xf3, 0x68, 0x14 1699254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 1709254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kRSA[] = { 1719254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 1729254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd3, 0x3a, 0x62, 0x9f, 0x07, 0x77, 0xb0, 0x18, 0xf3, 0xff, 0xfe, 0xcc, 1739254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc9, 0xa2, 0xc2, 0x3a, 0xa6, 0x1d, 0xd8, 0xf0, 0x26, 0x5b, 0x38, 0x90, 1749254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x17, 0x48, 0x15, 0xce, 0x21, 0xcd, 0xd6, 0x62, 0x99, 0xe2, 0xd7, 0xda, 1759254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x40, 0x80, 0x3c, 0xad, 0x18, 0xb7, 0x26, 0xe9, 0x30, 0x8a, 0x23, 0x3f, 1769254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x68, 0x9a, 0x9c, 0x31, 0x34, 0x91, 0x99, 0x06, 0x11, 0x36, 0xb2, 0x9e, 1779254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x3a, 0xd0, 0xbc, 0xb9, 0x93, 0x4e, 0xb8, 0x72, 0xa1, 0x9f, 0xb6, 0x8c, 1789254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd5, 0x17, 0x1f, 0x7e, 0xaa, 0x75, 0xbb, 0xdf, 0xa1, 0x70, 0x48, 0xc4, 1799254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xec, 0x9a, 0x51, 0xed, 0x41, 0xc9, 0x74, 0xc0, 0x3e, 0x1e, 0x85, 0x2f, 1809254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xbe, 0x34, 0xc7, 0x65, 0x34, 0x8b, 0x4d, 0x55, 0x4b, 0xe1, 0x45, 0x54, 1819254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x0d, 0x75, 0x7e, 0x89, 0x4d, 0x0c, 0xf6, 0x33, 0xe5, 0xfc, 0xfb, 0x56, 1829254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x1b, 0xf2, 0x39, 0x9d, 0xe0, 0xff, 0x55, 0xcf, 0x02, 0x05, 0xb9, 0x74, 1839254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd2, 0x91, 0xfc, 0x87, 0xe1, 0xbb, 0x97, 0x2a, 0xe4, 0xdd, 0x20, 0xc0, 1849254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x38, 0x47, 0xc0, 0x76, 0x3f, 0xa1, 0x9b, 0x5c, 0x20, 0xff, 0xff, 0xc7, 1859254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x49, 0x3b, 0x4c, 0xaf, 0x99, 0xa6, 0x3e, 0x82, 0x5c, 0x58, 0x27, 0xce, 1869254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x01, 0x03, 0xc3, 0x16, 0x35, 0x20, 0xe9, 0xf0, 0x15, 0x7a, 0x41, 0xd5, 1879254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x1f, 0x52, 0xea, 0xdf, 0xad, 0x4c, 0xbb, 0x0d, 0xcb, 0x04, 0x91, 0xb0, 1889254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x95, 0xa8, 0xce, 0x25, 0xfd, 0xd2, 0x62, 0x47, 0x77, 0xee, 0x13, 0xf1, 1899254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x48, 0x72, 0x9e, 0xd9, 0x2d, 0xe6, 0x5f, 0xa4, 0xc6, 0x9e, 0x5a, 0xb2, 1909254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc6, 0xa2, 0xf7, 0x0a, 0x16, 0x17, 0xae, 0x6b, 0x1c, 0x30, 0x7c, 0x63, 1919254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x08, 0x83, 0xe7, 0x43, 0xec, 0x54, 0x5e, 0x2c, 0x08, 0x0b, 0x5e, 0x46, 1929254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa7, 0x10, 0x93, 0x43, 0x53, 0x4e, 0xe3, 0x16, 0x73, 0x55, 0xce, 0xf2, 1939254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x94, 0xc0, 0xbe, 0xb3, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 1949254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x00, 0x2f, 0x2c, 0x1e, 0xd2, 0x3d, 0x2c, 0xb1, 0x9b, 0x21, 0x02, 0xce, 1959254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xb8, 0x95, 0x5f, 0x4f, 0xd9, 0x21, 0x38, 0x11, 0x36, 0xb0, 0x9a, 0x36, 1969254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xab, 0x97, 0x47, 0x75, 0xf7, 0x2e, 0xfd, 0x75, 0x1f, 0x58, 0x16, 0x9c, 1979254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf6, 0x14, 0xe9, 0x8e, 0xa3, 0x69, 0x9d, 0x9d, 0x86, 0xfe, 0x5c, 0x1b, 1989254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x3b, 0x11, 0xf5, 0x55, 0x64, 0x77, 0xc4, 0xfc, 0x53, 0xaa, 0x8c, 0x78, 1999254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x9f, 0x75, 0xab, 0x20, 0x3a, 0xa1, 0x77, 0x37, 0x22, 0x02, 0x8e, 0x54, 2009254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x8a, 0x67, 0x1c, 0x5e, 0xe0, 0x3e, 0xd9, 0x44, 0x37, 0xd1, 0x29, 0xee, 2019254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x56, 0x6c, 0x30, 0x9a, 0x93, 0x4d, 0xd9, 0xdb, 0xc5, 0x03, 0x1a, 0x75, 2029254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xcc, 0x0f, 0xc2, 0x61, 0xb5, 0x6c, 0x62, 0x9f, 0xc6, 0xa8, 0xc7, 0x8a, 2039254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x60, 0x17, 0x11, 0x62, 0x4c, 0xef, 0x74, 0x31, 0x97, 0xad, 0x89, 0x2d, 2049254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xe8, 0x31, 0x1d, 0x8b, 0x58, 0x82, 0xe3, 0x03, 0x1a, 0x6b, 0xdf, 0x3f, 2059254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x3e, 0xa4, 0x27, 0x19, 0xef, 0x46, 0x7a, 0x90, 0xdf, 0xa7, 0xe7, 0xc9, 2069254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x66, 0xab, 0x41, 0x1d, 0x65, 0x78, 0x1c, 0x18, 0x40, 0x5c, 0xd6, 0x87, 2079254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xb5, 0xea, 0x29, 0x44, 0xb3, 0xf5, 0xb3, 0xd2, 0x4f, 0xce, 0x88, 0x78, 2089254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x49, 0x27, 0x4e, 0x0b, 0x30, 0x85, 0xfb, 0x73, 0xfd, 0x8b, 0x32, 0x15, 2099254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xee, 0x1f, 0xc9, 0x0e, 0x89, 0xb9, 0x43, 0x2f, 0xe9, 0x60, 0x8d, 0xda, 2109254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xae, 0x2b, 0x30, 0x99, 0xee, 0x88, 0x81, 0x20, 0x7b, 0x4a, 0xc3, 0x18, 2119254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf2, 0x94, 0x02, 0x79, 0x94, 0xaa, 0x65, 0xd9, 0x1b, 0x45, 0x2a, 0xac, 2129254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x6e, 0x30, 0x48, 0x57, 0xea, 0xbe, 0x79, 0x7d, 0xfc, 0x67, 0xaa, 0x47, 2139254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc0, 0xf7, 0x52, 0xfd, 0x0b, 0x63, 0x4e, 0x3d, 0x2e, 0xcc, 0x36, 0xa0, 2149254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xdb, 0x92, 0x0b, 0xa9, 0x1b, 0xeb, 0xc2, 0xd5, 0x08, 0xd3, 0x85, 0x87, 2159254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf8, 0x5d, 0x1a, 0xf6, 0xc1, 0x02, 0x81, 0x81, 0x00, 0xf7, 0x06, 0xa3, 2169254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x98, 0x8a, 0x52, 0xf8, 0x63, 0x68, 0x27, 0x4f, 0x68, 0x7f, 0x34, 0xec, 2179254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x8e, 0x5d, 0xf8, 0x30, 0x92, 0xb3, 0x62, 0x4c, 0xeb, 0xdb, 0x19, 0x6b, 2189254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x09, 0xc5, 0xa3, 0xf0, 0xbb, 0xff, 0x0f, 0xc2, 0xd4, 0x9b, 0xc9, 0x54, 2199254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x4f, 0xb9, 0xf9, 0xe1, 0x4c, 0xf0, 0xe3, 0x4c, 0x90, 0xda, 0x7a, 0x01, 2209254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc2, 0x9f, 0xc4, 0xc8, 0x8e, 0xb1, 0x1e, 0x93, 0x75, 0x75, 0xc6, 0x13, 2219254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x25, 0xc3, 0xee, 0x3b, 0xcc, 0xb8, 0x72, 0x6c, 0x49, 0xb0, 0x09, 0xfb, 2229254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xab, 0x44, 0xeb, 0x4d, 0x40, 0xf0, 0x61, 0x6b, 0xe5, 0xe6, 0xfe, 0x3e, 2239254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x0a, 0x77, 0x26, 0x39, 0x76, 0x3d, 0x4c, 0x3e, 0x9b, 0x5b, 0xc0, 0xaf, 2249254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa2, 0x58, 0x76, 0xb0, 0xe9, 0xda, 0x7f, 0x0e, 0x78, 0xc9, 0x76, 0x49, 2259254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x5c, 0xfa, 0xb3, 0xb0, 0x15, 0x4b, 0x41, 0xc7, 0x27, 0xa4, 0x75, 0x28, 2269254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x5c, 0x30, 0x69, 0x50, 0x29, 0x02, 0x81, 0x81, 0x00, 0xda, 0xe6, 0xd2, 2279254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xbb, 0x44, 0xff, 0x4f, 0xdf, 0x57, 0xc1, 0x11, 0xa3, 0x51, 0xba, 0x17, 2289254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x89, 0x4c, 0x01, 0xc0, 0x0c, 0x97, 0x34, 0x50, 0xcf, 0x32, 0x1e, 0xc0, 2299254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xbd, 0x7b, 0x35, 0xb5, 0x6a, 0x26, 0xcc, 0xea, 0x4c, 0x8e, 0x87, 0x4a, 2309254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x67, 0x8b, 0xd3, 0xe5, 0x4f, 0x3a, 0x60, 0x48, 0x59, 0x04, 0x93, 0x39, 2319254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd7, 0x7c, 0xfb, 0x19, 0x1a, 0x34, 0xd5, 0xe8, 0xaf, 0xe7, 0x22, 0x2c, 2329254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x0d, 0xc2, 0x91, 0x69, 0xb6, 0xe9, 0x2a, 0xe9, 0x1c, 0x4c, 0x6e, 0x8f, 2339254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x40, 0xf5, 0xa8, 0x3e, 0x82, 0x69, 0x69, 0xbe, 0x9f, 0x7d, 0x5c, 0x7f, 2349254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x92, 0x78, 0x17, 0xa3, 0x6d, 0x41, 0x2d, 0x72, 0xed, 0x3f, 0x71, 0xfa, 2359254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x97, 0xb4, 0x63, 0xe4, 0x4f, 0xd9, 0x46, 0x03, 0xfb, 0x00, 0xeb, 0x30, 2369254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x70, 0xb9, 0x51, 0xd9, 0x0a, 0xd2, 0xf8, 0x50, 0xd4, 0xfb, 0x43, 0x84, 2379254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf8, 0xac, 0x58, 0xc3, 0x7b, 0x02, 0x81, 0x81, 0x00, 0xf5, 0x50, 0x8f, 2389254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x88, 0x7d, 0xdd, 0xb5, 0xb4, 0x2a, 0x8b, 0xd7, 0x4d, 0x23, 0xfe, 0xaf, 2399254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xe9, 0x16, 0x22, 0xd2, 0x41, 0xed, 0x88, 0xf2, 0x70, 0xcb, 0x4d, 0xeb, 2409254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc1, 0x71, 0x97, 0xc4, 0x0b, 0x3e, 0x5a, 0x2d, 0x96, 0xab, 0xfa, 0xfd, 2419254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x12, 0x8b, 0xd3, 0x3e, 0x4e, 0x05, 0x6f, 0x04, 0xeb, 0x59, 0x3c, 0x0e, 2429254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa1, 0x73, 0xbe, 0x9d, 0x99, 0x2f, 0x05, 0xf9, 0x54, 0x8d, 0x98, 0x1e, 2439254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x0d, 0xc4, 0x0c, 0xc3, 0x30, 0x23, 0xff, 0xe5, 0xd0, 0x2b, 0xd5, 0x4e, 2449254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x2b, 0xa0, 0xae, 0xb8, 0x32, 0x84, 0x45, 0x8b, 0x3c, 0x6d, 0xf0, 0x10, 2459254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x36, 0x9e, 0x6a, 0xc4, 0x67, 0xca, 0xa9, 0xfc, 0x06, 0x96, 0xd0, 0xbc, 2469254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xda, 0xd1, 0x55, 0x55, 0x8d, 0x77, 0x21, 0xf4, 0x82, 0x39, 0x37, 0x91, 2479254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd5, 0x97, 0x56, 0x78, 0xc8, 0x3c, 0xcb, 0x5e, 0xf6, 0xdc, 0x58, 0x48, 2489254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xb3, 0x7c, 0x94, 0x29, 0x39, 0x02, 0x81, 0x80, 0x64, 0x65, 0xbd, 0x7d, 2499254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x1a, 0x96, 0x26, 0xa1, 0xfe, 0xf3, 0x94, 0x0d, 0x5d, 0xec, 0x85, 0xe2, 2509254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf8, 0xb3, 0x4c, 0xcb, 0xf9, 0x85, 0x8b, 0x12, 0x9c, 0xa0, 0x32, 0x32, 2519254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x35, 0x92, 0x5a, 0x94, 0x47, 0x1b, 0x70, 0xd2, 0x90, 0x04, 0x49, 0x01, 2529254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd8, 0xc5, 0xe4, 0xc4, 0x43, 0xb7, 0xe9, 0x36, 0xba, 0xbc, 0x73, 0xa8, 2539254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xfb, 0xaf, 0x86, 0xc1, 0xd8, 0x3d, 0xcb, 0xac, 0xf1, 0xcb, 0x60, 0x7d, 2549254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x27, 0x21, 0xde, 0x64, 0x7f, 0xe8, 0xa8, 0x65, 0xcc, 0x40, 0x60, 0xff, 2559254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa0, 0x2b, 0xfc, 0x0f, 0x80, 0x1d, 0x79, 0xca, 0x58, 0x8a, 0xd6, 0x0f, 2569254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xed, 0x78, 0x9a, 0x02, 0x00, 0x04, 0xc2, 0x53, 0x41, 0xe8, 0x1a, 0xd0, 2579254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xfd, 0x71, 0x5b, 0x43, 0xac, 0x19, 0x4a, 0xb6, 0x12, 0xa3, 0xcb, 0xe1, 2589254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc7, 0x7d, 0x5c, 0x98, 0x74, 0x4e, 0x63, 0x74, 0x6b, 0x91, 0x7a, 0x29, 2599254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x3b, 0x92, 0xb2, 0x85, 0x02, 0x81, 0x81, 0x00, 0xd0, 0xde, 0x19, 0xda, 2609254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x1e, 0xa2, 0xd8, 0x8f, 0x1c, 0x92, 0x73, 0xb0, 0xc9, 0x90, 0xc7, 0xf5, 2619254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xec, 0xc5, 0x89, 0x01, 0x05, 0x78, 0x11, 0x2d, 0x74, 0x34, 0x44, 0xad, 2629254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd5, 0xf7, 0xa4, 0xfe, 0x9f, 0x25, 0x4d, 0x0b, 0x92, 0xe3, 0xb8, 0x7d, 2639254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd3, 0xfd, 0xa5, 0xca, 0x95, 0x60, 0xa3, 0xf9, 0x55, 0x42, 0x14, 0xb2, 2649254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x45, 0x51, 0x9f, 0x73, 0x88, 0x43, 0x8a, 0xd1, 0x65, 0x9e, 0xd1, 0xf7, 2659254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x82, 0x2a, 0x2a, 0x8d, 0x70, 0x56, 0xe3, 0xef, 0xc9, 0x0e, 0x2a, 0x2c, 2669254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x15, 0xaf, 0x7f, 0x97, 0x81, 0x66, 0xf3, 0xb5, 0x00, 0xa9, 0x26, 0xcc, 2679254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x1e, 0xc2, 0x98, 0xdd, 0xd3, 0x37, 0x06, 0x79, 0xb3, 0x60, 0x58, 0x79, 2689254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x99, 0x3f, 0xa3, 0x15, 0x1f, 0x31, 0xe3, 0x11, 0x88, 0x4c, 0x35, 0x57, 2699254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xfa, 0x79, 0xd7, 0xd8, 0x72, 0xee, 0x73, 0x95, 0x89, 0x29, 0xc7, 0x05, 2709254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x27, 0x68, 0x90, 0x15 2719254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 2729254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kRSASignature[256] = { 2739254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x20, 0xec, 0xc7, 0xcf, 0x10, 0x3f, 0x2d, 0x0e, 0x0c, 0x58, 0x54, 0xb8, 2749254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc2, 0x13, 0x6c, 0x9a, 0xf1, 0x23, 0xd8, 0x01, 0x8b, 0xf1, 0x5c, 0x6a, 2759254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x89, 0x3e, 0xf0, 0x01, 0xa7, 0x16, 0xd6, 0xbf, 0x4e, 0xae, 0x65, 0xca, 2769254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xb4, 0x45, 0x45, 0x22, 0x23, 0xb3, 0x85, 0xf0, 0x64, 0x06, 0x9b, 0x8f, 2779254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xe9, 0x83, 0x62, 0x7e, 0x4b, 0x72, 0xdd, 0x49, 0x58, 0xb2, 0xe1, 0xa8, 2789254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf7, 0x4f, 0x95, 0x43, 0x8c, 0x63, 0x0f, 0x4a, 0xdf, 0x87, 0x48, 0xad, 2799254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xec, 0x38, 0x65, 0x92, 0x2e, 0x20, 0x96, 0xfa, 0x01, 0x8a, 0xc8, 0xdc, 2809254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf0, 0xa0, 0x68, 0xf1, 0x2f, 0x24, 0x21, 0x79, 0x0f, 0xf4, 0x1a, 0x10, 2819254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x33, 0x93, 0x17, 0xd3, 0x62, 0x08, 0xd0, 0x5e, 0xef, 0x7e, 0x46, 0x4e, 2829254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xde, 0x80, 0x71, 0xba, 0xf3, 0x8e, 0xe9, 0xda, 0x35, 0x8e, 0x14, 0xbc, 2839254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xfa, 0x55, 0xe8, 0x94, 0xb3, 0xd7, 0x16, 0x41, 0x27, 0x06, 0x9b, 0x03, 2849254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xfa, 0x48, 0x2a, 0xcf, 0x44, 0x4b, 0xa1, 0xdb, 0x87, 0x05, 0xfd, 0xa2, 2859254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x3b, 0x8c, 0x02, 0xce, 0x8a, 0xc3, 0x0e, 0x8f, 0xc0, 0xb1, 0x67, 0x28, 2869254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x0d, 0x3a, 0x1d, 0x52, 0x76, 0xb9, 0x2a, 0x49, 0x9b, 0x3e, 0xdd, 0x13, 2879254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x8b, 0x66, 0x14, 0x98, 0xe0, 0x96, 0xfc, 0x5a, 0x84, 0xbb, 0xd7, 0x3a, 2889254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x5d, 0xc0, 0x39, 0x54, 0x63, 0x3e, 0x64, 0x13, 0x68, 0x3d, 0x55, 0x83, 2899254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x35, 0x67, 0x7c, 0x20, 0xfb, 0x42, 0x1f, 0xa6, 0xd3, 0xd6, 0x51, 0x6d, 2909254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa2, 0x61, 0x59, 0x49, 0xf3, 0x80, 0x0a, 0x6e, 0xf9, 0x22, 0xbd, 0xaf, 2919254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xcd, 0xaa, 0x35, 0x2f, 0xbc, 0xe2, 0x9c, 0x08, 0xb3, 0x4c, 0xf5, 0xba, 2929254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x88, 0xb9, 0x08, 0x4c, 0x4a, 0x0b, 0xcb, 0x8c, 0x10, 0x98, 0xc2, 0x70, 2939254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x44, 0xbe, 0xed, 0x4c, 0x95, 0x81, 0x49, 0x3c, 0xcb, 0x08, 0x0b, 0x57, 2949254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xff, 0x97, 0x3d, 0xac 2959254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 2969254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan static const uint8_t kEC[] = { 2979254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x30, 0x31, 0x02, 0x01, 0x01, 0x04, 0x20, 0xc6, 0xc1, 0xaa, 0xda, 2989254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x15, 0xb0, 0x76, 0x61, 0xf8, 0x14, 0x2c, 0x6c, 0xaf, 0x0f, 0xdb, 2999254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x24, 0x1a, 0xff, 0x2e, 0xfe, 0x46, 0xc0, 0x93, 0x8b, 0x74, 0xf2, 3009254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xbc, 0xc5, 0x30, 0x52, 0xb0, 0x77, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 3019254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 3029254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 3039254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t kDRBGEntropy[48] = 3049254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "BCM Known Answer Test DBRG Initial Entropy "; 3059254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t kDRBGPersonalization[18] = "BCMPersonalization"; 3069254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t kDRBGAD[16] = "BCM DRBG KAT AD "; 3079254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t kDRBGOutput[64] = { 3089254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x1d, 0x63, 0xdf, 0x05, 0x51, 0x49, 0x22, 0x46, 0xcd, 0x9b, 0xc5, 3099254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xbb, 0xf1, 0x5d, 0x44, 0xae, 0x13, 0x78, 0xb1, 0xe4, 0x7c, 0xf1, 3109254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x96, 0x33, 0x3d, 0x60, 0xb6, 0x29, 0xd4, 0xbb, 0x6b, 0x44, 0xf9, 3119254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xef, 0xd9, 0xf4, 0xa2, 0xba, 0x48, 0xea, 0x39, 0x75, 0x59, 0x32, 3129254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xf7, 0x31, 0x2c, 0x98, 0x14, 0x2b, 0x49, 0xdf, 0x02, 0xb6, 0x5d, 3139254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x71, 0x09, 0x50, 0xdb, 0x23, 0xdb, 0xe5, 0x22, 0x95, 3149254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 3159254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t kDRBGEntropy2[48] = 3169254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "BCM Known Answer Test DBRG Reseed Entropy "; 3179254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan const uint8_t kDRBGReseedOutput[64] = { 3189254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xa4, 0x77, 0x05, 0xdb, 0x14, 0x11, 0x76, 0x71, 0x42, 0x5b, 0xd8, 3199254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd7, 0xa5, 0x4f, 0x8b, 0x39, 0xf2, 0x10, 0x4a, 0x50, 0x5b, 0xa2, 3209254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xc8, 0xf0, 0xbb, 0x3e, 0xa1, 0xa5, 0x90, 0x7d, 0x54, 0xd9, 0xc6, 3219254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xb0, 0x96, 0xc0, 0x2b, 0x7e, 0x9b, 0xc9, 0xa1, 0xdd, 0x78, 0x2e, 3229254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0xd5, 0xa8, 0x66, 0x16, 0xbd, 0x18, 0x3c, 0xf2, 0xaa, 0x7a, 0x2b, 3239254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0x37, 0xf9, 0xab, 0x35, 0x64, 0x15, 0x01, 0x3f, 0xc4, 3249254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan }; 325572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 3269254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan AES_KEY aes_key; 3279254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan uint8_t aes_iv[16]; 3289254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan uint8_t output[256]; 3299254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3309254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* AES-CBC Encryption KAT */ 3319254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan memcpy(aes_iv, kAESIV, sizeof(kAESIV)); 3329254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (AES_set_encrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) { 3339254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3349254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3359254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan AES_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &aes_key, aes_iv, 3369254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan AES_ENCRYPT); 3379254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(kAESCBCCiphertext, output, sizeof(kAESCBCCiphertext), 3389254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "AES-CBC Encryption KAT")) { 3399254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3409254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3419254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3429254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* AES-CBC Decryption KAT */ 3439254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan memcpy(aes_iv, kAESIV, sizeof(kAESIV)); 3449254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (AES_set_decrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) { 3459254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3469254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3479254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan AES_cbc_encrypt(kAESCBCCiphertext, output, sizeof(kAESCBCCiphertext), 3489254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan &aes_key, aes_iv, AES_DECRYPT); 3499254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(kPlaintext, output, sizeof(kPlaintext), 3509254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "AES-CBC Decryption KAT")) { 3519254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3529254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3539254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3549254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan size_t out_len; 3559254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan uint8_t nonce[EVP_AEAD_MAX_NONCE_LENGTH]; 3569254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan OPENSSL_memset(nonce, 0, sizeof(nonce)); 3579254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan EVP_AEAD_CTX aead_ctx; 3589254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!EVP_AEAD_CTX_init(&aead_ctx, EVP_aead_aes_128_gcm(), kAESKey, 3599254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan sizeof(kAESKey), 0, NULL)) { 3609254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3619254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3629254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3639254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* AES-GCM Encryption KAT */ 3649254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!EVP_AEAD_CTX_seal(&aead_ctx, output, &out_len, sizeof(output), nonce, 3659254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()), 3669254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan kPlaintext, sizeof(kPlaintext), NULL, 0) || 3679254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !check_test(kAESGCMCiphertext, output, sizeof(kAESGCMCiphertext), 3689254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "AES-GCM Encryption KAT")) { 3699254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3709254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3719254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3729254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* AES-GCM Decryption KAT */ 3739254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!EVP_AEAD_CTX_open(&aead_ctx, output, &out_len, sizeof(output), nonce, 3749254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()), 3759254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan kAESGCMCiphertext, sizeof(kAESGCMCiphertext), NULL, 3769254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 0) || 3779254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !check_test(kPlaintext, output, sizeof(kPlaintext), 3789254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "AES-GCM Decryption KAT")) { 3799254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3809254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3819254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3829254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan EVP_AEAD_CTX_cleanup(&aead_ctx); 3839254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3849254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan DES_key_schedule des1, des2, des3; 3859254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan DES_cblock des_iv; 3869254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan DES_set_key(&kDESKey1, &des1); 3879254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan DES_set_key(&kDESKey2, &des2); 3889254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan DES_set_key(&kDESKey3, &des3); 3899254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3909254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* 3DES Encryption KAT */ 3919254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan memcpy(&des_iv, &kDESIV, sizeof(des_iv)); 3929254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan DES_ede3_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &des1, &des2, 3939254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan &des3, &des_iv, DES_ENCRYPT); 3949254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(kDESCiphertext, output, sizeof(kDESCiphertext), 3959254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "3DES Encryption KAT")) { 3969254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 3979254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 3989254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 3999254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* 3DES Decryption KAT */ 4009254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan memcpy(&des_iv, &kDESIV, sizeof(des_iv)); 4019254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan DES_ede3_cbc_encrypt(kDESCiphertext, output, sizeof(kDESCiphertext), &des1, 4029254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan &des2, &des3, &des_iv, DES_DECRYPT); 4039254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(kPlaintext, output, sizeof(kPlaintext), 4049254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "3DES Decryption KAT")) { 4059254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4069254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4079254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4089254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* SHA-1 KAT */ 4099254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan SHA1(kPlaintext, sizeof(kPlaintext), output); 4109254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(kPlaintextSHA1, output, sizeof(kPlaintextSHA1), 4119254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "SHA-1 KAT")) { 4129254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4139254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4149254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4159254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* SHA-256 KAT */ 4169254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan SHA256(kPlaintext, sizeof(kPlaintext), output); 4179254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(kPlaintextSHA256, output, sizeof(kPlaintextSHA256), 4189254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "SHA-256 KAT")) { 4199254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4209254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4219254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4229254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* SHA-512 KAT */ 4239254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan SHA512(kPlaintext, sizeof(kPlaintext), output); 4249254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(kPlaintextSHA512, output, sizeof(kPlaintextSHA512), 4259254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "SHA-512 KAT")) { 4269254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4279254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4289254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4299254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan RSA *rsa_key = RSA_private_key_from_bytes(kRSA, sizeof(kRSA)); 4309254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (rsa_key == NULL) { 4319254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4329254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4339254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4349254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* RSA Sign KAT */ 4359254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan unsigned sig_len; 4369254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!RSA_sign(NID_sha256, kPlaintext, sizeof(kPlaintext), output, 4379254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan &sig_len, rsa_key) || 4389254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !check_test(kRSASignature, output, sizeof(kRSASignature), 4399254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "RSA Sign KAT")) { 4409254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4419254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4429254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4439254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* RSA Verify KAT */ 4449254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!RSA_verify(NID_sha256, kPlaintext, sizeof(kPlaintext), kRSASignature, 4459254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan sizeof(kRSASignature), rsa_key)) { 4469254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan printf("RSA Verify KAT failed.\n"); 4479254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4489254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4499254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4509254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan RSA_free(rsa_key); 4519254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4529254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan CBS ec_cbs; 4539254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan CBS_init(&ec_cbs, kEC, sizeof(kEC)); 4549254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan EC_KEY *ec_key = EC_KEY_parse_private_key(&ec_cbs, NULL); 4559254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (ec_key == NULL) { 4569254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4579254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4589254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4599254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* EC Sign/Verify PWCT */ 4609254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!ECDSA_sign(0, kPlaintext, sizeof(kPlaintext), output, &sig_len, ec_key) || 4619254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !ECDSA_verify(0, kPlaintext, sizeof(kPlaintext), output, sig_len, ec_key)) { 4629254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan printf("ECDSA Sign/Verify PWCT failed.\n"); 4639254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4649254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4659254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4669254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan EC_KEY_free(ec_key); 4679254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4689254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan /* DBRG KAT */ 4699254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan CTR_DRBG_STATE drbg; 4709254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!CTR_DRBG_init(&drbg, kDRBGEntropy, kDRBGPersonalization, 4719254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan sizeof(kDRBGPersonalization)) || 4729254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !CTR_DRBG_generate(&drbg, output, sizeof(kDRBGOutput), kDRBGAD, 4739254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan sizeof(kDRBGAD)) || 4749254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !check_test(kDRBGOutput, output, sizeof(kDRBGOutput), 4759254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "DBRG Generate KAT") || 4769254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !CTR_DRBG_reseed(&drbg, kDRBGEntropy2, kDRBGAD, sizeof(kDRBGAD)) || 4779254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !CTR_DRBG_generate(&drbg, output, sizeof(kDRBGReseedOutput), kDRBGAD, 4789254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan sizeof(kDRBGAD)) || 4799254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan !check_test(kDRBGReseedOutput, output, sizeof(kDRBGReseedOutput), 4809254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan "DRBG Reseed KAT")) { 4819254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4829254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 4839254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan CTR_DRBG_clear(&drbg); 4849254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan 4859254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan CTR_DRBG_STATE kZeroDRBG; 4869254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan memset(&kZeroDRBG, 0, sizeof(kZeroDRBG)); 4879254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan if (!check_test(&kZeroDRBG, &drbg, sizeof(drbg), "DRBG Clear KAT")) { 4889254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan goto err; 4899254e681d446a8105bd66f08bae1252d4d89a139Robert Sloan } 490572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 491572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan return; 492572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan 493572a4e2e687520da9e518528d7371b794b1decc0Robert Sloanerr: 494572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan for (;;) { 495572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan exit(1); 496572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan abort(); 497572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan } 498572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan} 499572a4e2e687520da9e518528d7371b794b1decc0Robert Sloan#endif /* BORINGSSL_FIPS */ 500