diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..9815669 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,69 @@ +script: ./ci.sh + +branches: + only: + - master + +matrix: + fast_finish: true + allow_failures: + - rust: nightly + include: + - language: csharp + mono: none + dotnet: 2.0.0 + before_script: cd dotnet + - language: go + go: 1.9 + before_script: cd go + - language: node_js + node_js: 9 + before_script: cd js + - language: python + python: 2.7 + before_script: cd python + - language: python + python: 3.6 + before_script: cd python + - language: ruby + rvm: 2.5.0 + before_install: + - gem update --system + - gem --version + before_script: cd ruby + - language: ruby + rvm: 2.2 + before_script: cd ruby + - language: rust + rust: stable + before_script: cd rust + env: + - CARGO_FEATURES=--features="aes-soft" + - RUSTFLAGS=-Ctarget-feature=+aes + - language: rust + rust: stable + before_script: cd rust + env: + - RUSTFLAGS=-Ctarget-feature=+aes + - language: rust + rust: nightly + before_script: cd rust + env: + - CARGO_FEATURES=--features="aes-soft,nightly" + - RUSTFLAGS=-Ctarget-feature=+aes + - language: rust + rust: nightly + before_script: cd rust + env: + - CARGO_FEATURES=--features="aes-soft,nightly" + - RUSTFLAGS=-Ctarget-feature=+aes + - language: rust + rust: nightly + before_script: cd rust/tests/ffi + env: + - CC=clang + - LDFLAGS=-rtlib=compiler-rt + - RUSTFLAGS=-Ctarget-feature=+aes + script: + - make + - ./ffi_test diff --git a/AUTHORS.md b/AUTHORS.md new file mode 100644 index 0000000..0b24616 --- /dev/null +++ b/AUTHORS.md @@ -0,0 +1,10 @@ +# Miscreant contributors + +The following people hold copyright over portions of the Miscreant project codebases +and have granted the right to use their contributions under the terms of the +[MIT license](https://github.com/miscreant/miscreant/blob/master/LICENSE.txt). + +* [Tony Arcieri (@tarcieri)](https://github.com/tarcieri) +* [Dmitry Chestnykh (@dchest)](https://github.com/dchest) +* [John Downey (@jtdowney)](https://github.com/jtdowney) +* [Nemanja Mijailovic (@metalnem)](https://github.com/metalnem) diff --git a/CHANGES.md b/CHANGES.md new file mode 100644 index 0000000..3a1bab7 --- /dev/null +++ b/CHANGES.md @@ -0,0 +1,51 @@ +## [0.3.0] (2017-12-25) + +[0.3.0]: https://github.com/miscreant/miscreant/compare/v0.2.0...v0.3.0 + +* STREAM support (all languages) +* AEAD APIs: TypeScript, Rust +* Rust internals based on RustCrypto project providing ~10% faster performance + +### Notable Pull Requests + +* [#100](https://github.com/miscreant/miscreant/pull/100) + rust: Use AES-CTR implementation from the `aesni` crate +* [#102](https://github.com/miscreant/miscreant/pull/102) + rust: Use cmac and pmac crates from RustCrypto +* [#103](https://github.com/miscreant/miscreant/pull/103) + rust: DRY out and abstract SIV+CTR implementations across key sizes +* [#104](https://github.com/miscreant/miscreant/pull/104) + rust: Deny unsafe_code +* [#105](https://github.com/miscreant/miscreant/pull/105) + rust: AEAD API +* [#112](https://github.com/miscreant/miscreant/pull/112) + rust: STREAM implementation +* [#117](https://github.com/miscreant/miscreant/pull/117) + rust: "std" feature and allocating APIs +* [#120](https://github.com/miscreant/miscreant/pull/120) + rust: Dual license under MIT/Apache 2.0 +* [#122](https://github.com/miscreant/miscreant/pull/122) + ruby: STREAM implementation +* [#124](https://github.com/miscreant/miscreant/pull/124) + python: STREAM implementation +* [#126](https://github.com/miscreant/miscreant/pull/126) + go: Switch to using math.TrailingZeros in PMAC (requires Go 1.9+) +* [#127](https://github.com/miscreant/miscreant/pull/127) + js: AEAD API +* [#131](https://github.com/miscreant/miscreant/pull/131) + js: STREAM implementation +* [#132](https://github.com/miscreant/miscreant/pull/132) + go: STREAM implementation + +## [0.2.0] (2017-10-01) + +[0.2.0]: https://github.com/miscreant/miscreant/compare/v0.1.0...v0.2.0 + +* AES-PMAC-SIV support (all languages) +* AEAD APIs with test vectors: Go, Ruby, Python +* Various breaking API changes from 0.1.0, but hopefully no one was using a v0.1 + crypto library anyway. + +# 0.1.0 (2017-07-31) + +* Initial release diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..7a9a276 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,76 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of experience, +nationality, personal appearance, race, religion, or sexual identity and +orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or +advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem inappropriate, +threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at [bascule@gmail.com]. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +[bascule@gmail.com]: mailto:bascule@gmail.com + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at [http://contributor-covenant.org/version/1/4][version] + +[homepage]: http://contributor-covenant.org +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..90ea836 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,25 @@ +Copyright (c) 2017-2018 The Miscreant Developers. The canonical list of project +contributors who hold copyright over the project can be found at: + +https://github.com/miscreant/miscreant/blob/master/AUTHORS.md + +MIT License + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/appveyor.yml b/appveyor.yml new file mode 100644 index 0000000..af5db83 --- /dev/null +++ b/appveyor.yml @@ -0,0 +1,17 @@ +branches: + only: + - master + +environment: + PATH: C:\Ruby%RUBY_VERSION%\DevKit\mingw\bin;C:\Ruby%RUBY_VERSION%\bin;C:\Ruby%RUBY_VERSION%\DevKit\bin;%PATH% + matrix: + - LANG: "ruby" + RUBY_VERSION: "24-x64" + - LANG: "ruby" + RUBY_VERSION: "22" + +build: off + +test_script: + - cd %LANG% + - call ci.bat diff --git a/vectors/aes.tjson b/vectors/aes.tjson new file mode 100644 index 0000000..f6d2288 --- /dev/null +++ b/vectors/aes.tjson @@ -0,0 +1,19 @@ +{ + "examples:A":[ + { + "key:d16": "2b7e151628aed2a6abf7158809cf4f3c", + "src:d16": "3243f6a8885a308d313198a2e0370734", + "dst:d16": "3925841d02dc09fbdc118597196a0b32" + }, + { + "key:d16": "000102030405060708090a0b0c0d0e0f", + "src:d16": "00112233445566778899aabbccddeeff", + "dst:d16": "69c4e0d86a7b0430d8cdb78070b4c55a" + }, + { + "key:d16": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "src:d16": "00112233445566778899aabbccddeeff", + "dst:d16": "8ea2b7ca516745bfeafc49904b496089" + } + ] +} diff --git a/vectors/aes_cmac.tjson b/vectors/aes_cmac.tjson new file mode 100644 index 0000000..53447ba --- /dev/null +++ b/vectors/aes_cmac.tjson @@ -0,0 +1,44 @@ +{ + "examples:A":[ + { + "key:d16":"2b7e151628aed2a6abf7158809cf4f3c", + "message:d16":"", + "tag:d16":"bb1d6929e95937287fa37d129b756746" + }, + { + "key:d16":"2b7e151628aed2a6abf7158809cf4f3c", + "message:d16":"6bc1bee22e409f96e93d7e117393172a", + "tag:d16":"070a16b46b4d4144f79bdd9dd04a287c" + }, + { + "key:d16":"2b7e151628aed2a6abf7158809cf4f3c", + "message:d16":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411", + "tag:d16":"dfa66747de9ae63030ca32611497c827" + }, + { + "key:d16":"2b7e151628aed2a6abf7158809cf4f3c", + "message:d16":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", + "tag:d16":"51f0bebf7e3b9d92fc49741779363cfe" + }, + { + "key:d16":"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "message:d16":"", + "tag:d16":"028962f61b7bf89efc6b551f4667d983" + }, + { + "key:d16":"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "message:d16":"6bc1bee22e409f96e93d7e117393172a", + "tag:d16":"28a7023f452e8f82bd4bf28d8c37c35c" + }, + { + "key:d16":"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "message:d16":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411", + "tag:d16":"aaf3d8f1de5640c232f5b169b9c911e6" + }, + { + "key:d16":"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", + "message:d16":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", + "tag:d16":"e1992190549f6ed5696a2c056c315410" + } + ] +} diff --git a/vectors/aes_ctr.tjson b/vectors/aes_ctr.tjson new file mode 100644 index 0000000..22fe8b1 --- /dev/null +++ b/vectors/aes_ctr.tjson @@ -0,0 +1,16 @@ +{ + "examples:A":[ + { + "key:d16":"2b7e151628aed2a6abf7158809cf4f3c", + "iv:d16":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "plaintext:d16":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51", + "ciphertext:d16":"874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff" + }, + { + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "iv:d16":"202122232425262728292a2b2c2d2e2f", + "plaintext:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122", + "ciphertext:d16":"61a7916d4a8a161b14c8f398b94faedba3a3e29ad93f55451ed31fe92d3abf841c7c81" + } + ] +} diff --git a/vectors/aes_pmac.tjson b/vectors/aes_pmac.tjson new file mode 100644 index 0000000..29fe4b5 --- /dev/null +++ b/vectors/aes_pmac.tjson @@ -0,0 +1,88 @@ +{ + "examples:A":[ + { + "name:s":"PMAC-AES-128-0B", + "key:d16":"000102030405060708090a0b0c0d0e0f", + "message:d16":"", + "tag:d16":"4399572cd6ea5341b8d35876a7098af7" + }, + { + "name:s":"PMAC-AES-128-3B", + "key:d16":"000102030405060708090a0b0c0d0e0f", + "message:d16":"000102", + "tag:d16":"256ba5193c1b991b4df0c51f388a9e27" + }, + { + "name:s":"PMAC-AES-128-16B", + "key:d16":"000102030405060708090a0b0c0d0e0f", + "message:d16":"000102030405060708090a0b0c0d0e0f", + "tag:d16":"ebbd822fa458daf6dfdad7c27da76338" + }, + { + "name:s":"PMAC-AES-128-20B", + "key:d16":"000102030405060708090a0b0c0d0e0f", + "message:d16":"000102030405060708090a0b0c0d0e0f10111213", + "tag:d16":"0412ca150bbf79058d8c75a58c993f55" + }, + { + "name:s":"PMAC-AES-128-32B", + "key:d16":"000102030405060708090a0b0c0d0e0f", + "message:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "tag:d16":"e97ac04e9e5e3399ce5355cd7407bc75" + }, + { + "name:s":"PMAC-AES-128-34B", + "key:d16":"000102030405060708090a0b0c0d0e0f", + "message:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021", + "tag:d16":"5cba7d5eb24f7c86ccc54604e53d5512" + }, + { + "name:s":"PMAC-AES-128-1000B", + "key:d16":"000102030405060708090a0b0c0d0e0f", + "message:d16":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "tag:d16":"c2c9fa1d9985f6f0d2aff915a0e8d910" + }, + { + "name:s":"PMAC-AES-256-0B", + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "message:d16":"", + "tag:d16":"e620f52fe75bbe87ab758c0624943d8b" + }, + { + "name:s":"PMAC-AES-256-3B", + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "message:d16":"000102", + "tag:d16":"ffe124cc152cfb2bf1ef5409333c1c9a" + }, + { + "name:s":"PMAC-AES-256-16B", + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "message:d16":"000102030405060708090a0b0c0d0e0f", + "tag:d16":"853fdbf3f91dcd36380d698a64770bab" + }, + { + "name:s":"PMAC-AES-256-20B", + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "message:d16":"000102030405060708090a0b0c0d0e0f10111213", + "tag:d16":"7711395fbe9dec19861aeb96e052cd1b" + }, + { + "name:s":"PMAC-AES-256-32B", + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "message:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "tag:d16":"08fa25c28678c84d383130653e77f4c0" + }, + { + "name:s":"PMAC-AES-256-34B", + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "message:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021", + "tag:d16":"edd8a05f4b66761f9eee4feb4ed0c3a1" + }, + { + "name:s":"PMAC-AES-256-1000B", + "key:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "message:d16":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "tag:d16":"69aa77f231eb0cdff960f5561d29a96e" + } + ] +} diff --git a/vectors/aes_pmac_siv.tjson b/vectors/aes_pmac_siv.tjson new file mode 100644 index 0000000..7b2b2b3 --- /dev/null +++ b/vectors/aes_pmac_siv.tjson @@ -0,0 +1,69 @@ +{ + "examples:A":[ + { + "name:s":"AES-PMAC-SIV-128-TV1: Deterministic Authenticated Encryption Example", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:A":[ + "101112131415161718191a1b1c1d1e1f2021222324252627" + ], + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"8c4b814216140fc9b34a41716aa61633ea66abe16b2f6e4bceeda6e9077f" + }, + { + "name:s":"AES-PMAC-SIV-128-TV2: Nonce-Based Authenticated Encryption Example", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "ad:A":[ + "00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "102030405060708090a0", + "09f911029d74e35bd84156c5635688c0" + ], + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"acb9cbc95dbed8e766d25ad59deb65bcda7aff9214153273f88e89ebe580c77defc15d28448f420e0a17d42722e6d42776849aa3bec375c5a05e54f519e9fd" + }, + { + "name:s":"AES-PMAC-SIV-128-TV3: Empty Authenticated Data And Plaintext Example", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:A":[], + "plaintext:d16":"", + "ciphertext:d16":"19f25e5ea8a96ef27067d4626fdd3677" + }, + { + "name:s":"AES-PMAC-SIV-128-TV4: Nonce-Based Authenticated Encryption With Large Message Example", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:A":[ + "101112131415161718191a1b1c1d1e1f2021222324252627" + ], + "plaintext:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f70", + "ciphertext:d16":"34cbb315120924e6ad05240a1582018b3dc965941308e0535680344cf9cf40cb5aa00b449548f9a4d9718fd22057d19f5ea89450d2d3bf905e858aaec4fc594aa27948ea205ca90102fc463f5c1cbbfb171d296d727ec77f892fb192a4eb9897b7d48d50e474a1238f02a82b122a7b16aa5cc1c04b10b839e478662ff1cec7cabc" + }, + { + "name:s":"AES-PMAC-SIV-256-TV1: 256-bit key with one associated data field", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "ad:A":[ + "101112131415161718191a1b1c1d1e1f2021222324252627" + ], + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"77097bb3e160988e8b262c1942f983885f826d0d7e047e975e2fc4ea6776" + }, + { + "name:s":"AES-PMAC-SIV-256-TV2: 256-bit key with three associated data fields", + "key:d16":"7f7e7d7c7b7a797877767574737271706f6e6d6c6b6a69686766656463626160404142434445464748494a4b4c4d4e4f505152535455565758595a5b5b5d5e5f", + "ad:A":[ + "00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "102030405060708090a0", + "09f911029d74e35bd84156c5635688c0" + ], + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"cd07d56dca0fe1569b8ecb3cf2346604290726e12529fc5948546b6be39fed9cd8652256c594c8f56208c7496789de8dfb4f161627c91482f9ecf809652a9e" + }, + { + "name:s":"AES-PMAC-SIV-256-TV3: Nonce-Based Authenticated Encryption With Large Message Example", + "key:d16":"7f7e7d7c7b7a797877767574737271706f6e6d6c6b6a69686766656463626160404142434445464748494a4b4c4d4e4f505152535455565758595a5b5b5d5e5f", + "ad:A":[ + "101112131415161718191a1b1c1d1e1f2021222324252627" + ], + "plaintext:d16":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f70", + "ciphertext:d16":"045ba64522c5c980835674d1c5a9264eca3e9f7aceafe9b5485b33f7d2c9114fe5c4b24f9c814d88e78b6150028d630289d023015b8569af338de0af8534827732b365ace1ac99d278431b22eafe31b94297b1c6a2de41383ed8b39f17e748aea128a8bd7d0ee80ec899f1b940c9c0463f22fc2b5a145cb6e90a32801dd1950f92" + } + ] +} diff --git a/vectors/aes_siv.tjson b/vectors/aes_siv.tjson new file mode 100644 index 0000000..216bda0 --- /dev/null +++ b/vectors/aes_siv.tjson @@ -0,0 +1,58 @@ +{ + "examples:A":[ + { + "name:s":"Deterministic Authenticated Encryption Example", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:A":[ + "101112131415161718191a1b1c1d1e1f2021222324252627" + ], + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"85632d07c6e8f37f950acd320a2ecc9340c02b9690c4dc04daef7f6afe5c" + }, + { + "name:s":"Nonce-Based Authenticated Encryption Example", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "ad:A":[ + "00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "102030405060708090a0", + "09f911029d74e35bd84156c5635688c0" + ], + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"7bdb6e3b432667eb06f4d14bff2fbd0fcb900f2fddbe404326601965c889bf17dba77ceb094fa663b7a3f748ba8af829ea64ad544a272e9c485b62a3fd5c0d" + }, + { + "name:s":"Empty Authenticated Data And Plaintext Example", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:A":[], + "plaintext:d16":"", + "ciphertext:d16":"f2007a5beb2b8900c588a7adf599f172" + }, + { + "name:s":"NIST SIV test vectors (256-bit subkeys #1)", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "ad:A":[ + "101112131415161718191a1b1c1d1e1f2021222324252627" + ], + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"f125274c598065cfc26b0e71575029088b035217e380cac8919ee800c126" + }, + { + "name:s":"NIST SIV test vectors (256-bit subkeys #2)", + "key:d16":"7f7e7d7c7b7a797877767574737271706f6e6d6c6b6a69686766656463626160404142434445464748494a4b4c4d4e4f505152535455565758595a5b5b5d5e5f", + "ad:A":[ + "00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "102030405060708090a0", + "09f911029d74e35bd84156c5635688c0" + ], + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"85b8167310038db7dc4692c0281ca35868181b2762f3c24f2efa5fb80cb143516ce6c434b898a6fd8eb98a418842f51f66fc67de43ac185a66dd72475bbb08" + }, + { + "name:s":"Empty Authenticated Data And Block-Size Plaintext Example", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:A":[], + "plaintext:d16":"00112233445566778899aabbccddeeff", + "ciphertext:d16":"f304f912863e303d5b540e5057c7010c942ffaf45b0e5ca5fb9a56a5263bb065" + } + ] +} diff --git a/vectors/aes_siv_aead.tjson b/vectors/aes_siv_aead.tjson new file mode 100644 index 0000000..b92ce60 --- /dev/null +++ b/vectors/aes_siv_aead.tjson @@ -0,0 +1,58 @@ +{ + "examples:A":[ + { + "name:s":"AES-SIV Nonce-based Authenticated Encryption Example #1", + "alg:s":"AES-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:d16":"", + "nonce:d16":"101112131415161718191a1b1c1d1e1f2021222324252627", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"4b3d0f15ae9ffa9e65b949421582ef70e410910d6446c7759ebff9b5385a" + }, + { + "name:s":"AES-SIV Nonce-based Authenticated Encryption Example #2", + "alg:s":"AES-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "ad:d16":"", + "nonce:d16":"101112131415161718191a1b1c1d1e1f2021222324252627", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"e618d2d6a86b50a8d7df82ab34aa950ab319d7fc15f7cd1ea99b1a033f20" + }, + { + "name:s":"AES-SIV Authenticted Encryption with Associated Data Example", + "alg:s":"AES-SIV", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "ad:d16":"00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "nonce:d16":"09f911029d74e35bd84156c5635688c0", + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"85825e22e90cf2ddda2c548dc7c1b6310dcdaca0cebf9dc6cb90583f5bf1506e02cd48832b00e4e598b2b22a53e6199d4df0c1666a35a0433b250dc134d776" + }, + { + "name:s":"AES-PMAC-SIV Nonce-based Authenticated Encryption Example #1", + "alg:s":"AES-PMAC-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "ad:d16":"", + "nonce:d16":"101112131415161718191a1b1c1d1e1f2021222324252627", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"3e6acab1cc2f4a847f8fa605e7e1ce55d9200b444571f8b8956eb3df5498" + }, + { + "name:s":"AES-PMAC-SIV Nonce-based Authenticated Encryption Example #2", + "alg:s":"AES-PMAC-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "ad:d16":"", + "nonce:d16":"101112131415161718191a1b1c1d1e1f2021222324252627", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"0623a7275afd5082035e43b0dcafe3a891c2b8eed2b1a07f0dd25180e072" + }, + { + "name:s":"AES-PMAC-SIV Authenticted Encryption with Associated Data Example", + "alg:s":"AES-PMAC-SIV", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "ad:d16":"00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "nonce:d16":"09f911029d74e35bd84156c5635688c0", + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"1463d1119b2a2797241bb1674633dff13b9de11e5e2f526048b36c40c7722667b2957018023bf0e52792b703a01e88aacd49898cecfce943d7f61a2337a097" + } + ] +} diff --git a/vectors/aes_siv_stream.tjson b/vectors/aes_siv_stream.tjson new file mode 100644 index 0000000..7573ad4 --- /dev/null +++ b/vectors/aes_siv_stream.tjson @@ -0,0 +1,174 @@ +{ + "examples:A":[ + { + "name:s":"AES-SIV STREAM 1-Block Example (256-bit key)", + "alg:s":"AES-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "nonce:d16":"1011121314151617", + "blocks:A":[ + { + "ad:d16":"", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"9df7f25c0f05311f598ab04930f3f07ee7209a2c7aeb4a0f9d191bd05854" + } + ] + }, + { + "name:s":"AES-SIV STREAM 2-Block Example (512-bit key)", + "alg:s":"AES-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "nonce:d16":"1011121314151617", + "blocks:A":[ + { + "ad:d16":"", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"7690761b80e4984fc61f4edc7a57e81b50d976f58c5539c82a4277388a28" + }, + { + "ad:d16":"", + "plaintext:d16":"ff00", + "ciphertext:d16":"a7d44953340d00344dcf8de3422eb0ad471d" + } + ] + }, + { + "name:s":"AES-SIV STREAM 3-Block Example (512-bit key)", + "alg:s":"AES-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "nonce:d16":"1011121314151617", + "blocks:A":[ + { + "ad:d16":"", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"7690761b80e4984fc61f4edc7a57e81b50d976f58c5539c82a4277388a28" + }, + { + "ad:d16":"", + "plaintext:d16":"ff00112233445566778899aa", + "ciphertext:d16":"09b7e610d0b92c37a6a0fac3dde23a773202798ffa82b2c8c1fa8065" + }, + { + "ad:d16":"", + "plaintext:d16":"bbccddeeff00", + "ciphertext:d16":"d8b11e877fa11cd67315f26cc9ddebd7aa2fefc1a88d" + } + ] + }, + { + "name:s":"AES-SIV STREAM 1-Block Example with Associated Data (256-bit key)", + "alg:s":"AES-SIV", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "nonce:d16":"09f911029d74e35b", + "blocks:A":[ + { + "ad:d16":"00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"4f31ed187786dfd0586bdce37c739eb054e7f84d901244cacea78a99afcec603bfc2e39f3cf0f66c50e7bec15b232b45ab5f81356a5ef309e3afe5abfaa6b4" + } + ] + }, + { + "name:s":"AES-SIV STREAM 2-Block Example with Associated Data (256-bit key)", + "alg:s":"AES-SIV", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "nonce:d16":"09f911029d74e35b", + "blocks:A":[ + { + "ad:d16":"00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"87ea507ce654490d4db475b06de29ccf8f618a8cfa81af97cfe3a05e69b70373493cae08d9236d358dad18db097a610208712253140730fa3d6e538d00c9f7" + }, + { + "ad:d16":"112233445566778899aabbccddeeff", + "plaintext:d16":"d6520706c61696e7465787420746f20656e6372797", + "ciphertext:d16":"acc5b50be1d9e231c2989b5d9e1dbc7d03a66d3c826d4a29c7b097463fa26706306381f937" + } + ] + }, + { + "name:s":"AES-PMAC-SIV STREAM 1-Block Example (256-bit key)", + "alg:s":"AES-PMAC-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "nonce:d16":"1011121314151617", + "blocks:A":[ + { + "ad:d16":"", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"5cf16b750b037f484ec59355a9e769d9be6cfb06ed6aa9a02ff689e8f808" + } + ] + }, + { + "name:s":"AES-PMAC-SIV STREAM 2-Block Example (512-bit key)", + "alg:s":"AES-PMAC-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "nonce:d16":"1011121314151617", + "blocks:A":[ + { + "ad:d16":"", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"b6201f96017e8d3653bf1c7c01a1478b377bba019f7389dfcd59c506fb04" + }, + { + "ad:d16":"", + "plaintext:d16":"ff00", + "ciphertext:d16":"c8df1c36aeddc26bba9f7e83f8708aa8bf6c" + } + ] + }, + { + "name:s":"AES-PMAC-SIV STREAM 3-Block Example (512-bit key)", + "alg:s":"AES-PMAC-SIV", + "key:d16":"fffefdfcfbfaf9f8f7f6f5f4f3f2f1f06f6e6d6c6b6a69686766656463626160f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f", + "nonce:d16":"1011121314151617", + "blocks:A":[ + { + "ad:d16":"", + "plaintext:d16":"112233445566778899aabbccddee", + "ciphertext:d16":"b6201f96017e8d3653bf1c7c01a1478b377bba019f7389dfcd59c506fb04" + }, + { + "ad:d16":"", + "plaintext:d16":"ff00112233445566778899aa", + "ciphertext:d16":"819f2a2ba293ec5622a0938c3c0b913b0cf874247aa1c101882c3ecd" + }, + { + "ad:d16":"", + "plaintext:d16":"bbccddeeff00", + "ciphertext:d16":"e797619830ddf7e42de8d2a8346d06523e8182b2dc92" + } + ] + }, + { + "name:s":"AES-PMAC-SIV STREAM 1-Block Example with Associated Data (256-bit key)", + "alg:s":"AES-PMAC-SIV", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "nonce:d16":"09f911029d74e35b", + "blocks:A":[ + { + "ad:d16":"00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"e887f8f1c833b167cf8184428ba92ae68c42279bb9d9b83edf8f052c23c22725596db469df0f49f4c5919655f2cbeefa7559c9f0246285e6c6c0c37f74788f" + } + ] + }, + { + "name:s":"AES-PMAC-SIV STREAM 2-Block Example with Associated Data (256-bit key)", + "alg:s":"AES-PMAC-SIV", + "key:d16":"7f7e7d7c7b7a79787776757473727170404142434445464748494a4b4c4d4e4f", + "nonce:d16":"09f911029d74e35b", + "blocks:A":[ + { + "ad:d16":"00112233445566778899aabbccddeeffdeaddadadeaddadaffeeddccbbaa99887766554433221100", + "plaintext:d16":"7468697320697320736f6d6520706c61696e7465787420746f20656e6372797074207573696e67205349562d414553", + "ciphertext:d16":"f10245a692a22fa66bbaded9bd8dd691818c140d3215da02fb419832d40bb7e5bb97bb981a7bf1c53227051446f0054b4492c5fc0e013a3cbbc6ad3c38027c" + }, + { + "ad:d16":"112233445566778899aabbccddeeff", + "plaintext:d16":"d6520706c61696e7465787420746f20656e6372797", + "ciphertext:d16":"ebb847fa2b5ffcae9ae906b9562d838ce9b171130075f0ff372f84c25017177617c1828595" + } + ] + } + ] +} diff --git a/vectors/dbl.tjson b/vectors/dbl.tjson new file mode 100644 index 0000000..9d98ad1 --- /dev/null +++ b/vectors/dbl.tjson @@ -0,0 +1,32 @@ +{ + "examples:A":[ + { + "input:d16":"00000000000000000000000000000000", + "output:d16":"00000000000000000000000000000000" + }, + { + "input:d16":"00000000000000000000000000000001", + "output:d16":"00000000000000000000000000000002" + }, + { + "input:d16":"ffffffffffffffffffffffffffffffff", + "output:d16":"ffffffffffffffffffffffffffffff79" + }, + { + "input:d16":"52a2d82a687330bd45d4edb9f3b06527", + "output:d16":"a545b054d0e6617a8ba9db73e760ca4e" + }, + { + "input:d16":"6e56610687fe93be1ef69690067b4b7b", + "output:d16":"dcacc20d0ffd277c3ded2d200cf696f6" + }, + { + "input:d16":"d2535bfca5898b81124613fdf94e3d7b", + "output:d16":"a4a6b7f94b131702248c27fbf29c7a71" + }, + { + "input:d16":"e84b7dda057e100628860a3cdac155c0", + "output:d16":"d096fbb40afc200c510c1479b582ab07" + } + ] +}