/src/SymCrypt/lib/fips_selftest.c
Line | Count | Source (jump to first uncovered line) |
1 | | // |
2 | | // fips_selftest.c - Algorithm selftests for FIPS 140 compliance |
3 | | // |
4 | | // Copyright (c) Microsoft Corporation. Licensed under the MIT license. |
5 | | // |
6 | | |
7 | | #include "precomp.h" |
8 | | |
9 | | // Takes values which are some bitwise OR combination of SYMCRYPT_SELFTEST_ALGORITHM values |
10 | | UINT32 g_SymCryptFipsSelftestsPerformed = SYMCRYPT_SELFTEST_ALGORITHM_NONE; |
11 | | |
12 | | // Simple accessor function so callers can inspect which selftests have run |
13 | | UINT32 |
14 | | SYMCRYPT_CALL |
15 | | SymCryptFipsGetSelftestsPerformed(void) |
16 | 0 | { |
17 | 0 | return g_SymCryptFipsSelftestsPerformed; |
18 | 0 | } |
19 | | |
20 | | // |
21 | | // Convenience structs for selftest data |
22 | | // |
23 | | |
24 | | typedef struct _SYMCRYPT_SELFTEST_DLKEY_2048 |
25 | | { |
26 | | BYTE public[256]; |
27 | | BYTE private[32]; |
28 | | } SYMCRYPT_SELFTEST_DLKEY_2048; |
29 | | |
30 | | typedef struct _SYMCRYPT_SELFTEST_DLGROUP_2048 |
31 | | { |
32 | | BYTE primeP[256]; |
33 | | BYTE primeQ[32]; |
34 | | BYTE generator[256]; |
35 | | BYTE seed[32]; |
36 | | UINT32 counter; |
37 | | } SYMCRYPT_SELFTEST_DLGROUP_2048; |
38 | | |
39 | | typedef struct _SYMCRYPT_SELFTEST_ECKEY_P256 |
40 | | { |
41 | | BYTE Qxy[64]; // 32B of Qx followed by 32B of Qy |
42 | | BYTE d[32]; |
43 | | } SYMCRYPT_SELFTEST_ECKEY_P256; |
44 | | |
45 | | typedef struct _SYMCRYPT_SELFTEST_RSAKEY_2048 |
46 | | { |
47 | | UINT64 publicExp; |
48 | | BYTE modulus[256]; |
49 | | BYTE prime1[128]; |
50 | | BYTE prime2[128]; |
51 | | } SYMCRYPT_SELFTEST_RSAKEY_2048; |
52 | | |
53 | | typedef struct _SYMCRYPT_SELFTEST_MLKEMKEY_DECAPS_512 |
54 | | { |
55 | | BYTE dkpke[768]; |
56 | | BYTE ekpke[800]; |
57 | | BYTE Hekpke[32]; |
58 | | BYTE z[32]; |
59 | | } SYMCRYPT_SELFTEST_MLKEMKEY_DECAPS_512; |
60 | | |
61 | | // |
62 | | // DL groups and keys for DH secret agreement selftest |
63 | | // |
64 | | |
65 | | // Keys generated from Oakley group 14 (IKE group mod p2048 from RFC 3526) |
66 | | // aka SymCryptDlgroupDhSafePrimeParamsModp2048 |
67 | | const SYMCRYPT_SELFTEST_DLKEY_2048 dhKey1 = |
68 | | { |
69 | | // Public key |
70 | | { |
71 | | 0x7d, 0xca, 0xed, 0x67, 0x30, 0x4a, 0x28, 0xcb, |
72 | | 0x6b, 0x18, 0x21, 0xb9, 0xdc, 0x82, 0xf5, 0xef, |
73 | | 0xfe, 0x77, 0x35, 0xf2, 0xed, 0x91, 0x95, 0x9e, |
74 | | 0x1f, 0xb6, 0xf9, 0x60, 0x84, 0x4f, 0x9f, 0xba, |
75 | | 0x20, 0xc3, 0x1a, 0x66, 0xa2, 0x34, 0x42, 0x19, |
76 | | 0x82, 0x52, 0xea, 0x53, 0x4f, 0x24, 0x93, 0x24, |
77 | | 0xef, 0x4d, 0xba, 0x65, 0x49, 0x7f, 0x8d, 0x56, |
78 | | 0x1c, 0x2f, 0xa6, 0x24, 0x26, 0x8c, 0xca, 0xad, |
79 | | 0x28, 0x9d, 0x50, 0x2a, 0x41, 0xa0, 0x64, 0xfa, |
80 | | 0xe6, 0x55, 0x43, 0xed, 0xdd, 0x6c, 0x3e, 0x45, |
81 | | 0xad, 0xa4, 0x07, 0x8d, 0x71, 0x76, 0xc0, 0x99, |
82 | | 0x85, 0x72, 0x33, 0x04, 0xdc, 0xee, 0x4e, 0xac, |
83 | | 0x39, 0x8e, 0x49, 0x45, 0xbb, 0x50, 0xcb, 0x3e, |
84 | | 0x03, 0xbc, 0x23, 0x6f, 0x63, 0x6f, 0xef, 0x9f, |
85 | | 0xd8, 0xe4, 0x7f, 0xe7, 0x0f, 0x7d, 0x34, 0x0f, |
86 | | 0x6a, 0xc3, 0x45, 0x3a, 0x5b, 0xa7, 0x07, 0x23, |
87 | | 0xd5, 0x32, 0x28, 0xe4, 0x69, 0xa4, 0xd2, 0xdd, |
88 | | 0x4a, 0x9e, 0x0f, 0xfa, 0x38, 0xeb, 0x8d, 0xbe, |
89 | | 0xa9, 0x31, 0x39, 0x70, 0xdc, 0x1d, 0xf6, 0x0b, |
90 | | 0x51, 0x0c, 0x6c, 0x27, 0x6c, 0x4a, 0x52, 0x6b, |
91 | | 0x84, 0xc4, 0x57, 0xb8, 0x47, 0x0c, 0x4c, 0x80, |
92 | | 0xb0, 0x2b, 0x2e, 0x83, 0x78, 0x83, 0x55, 0xe6, |
93 | | 0x12, 0x94, 0x79, 0x9b, 0x13, 0x7d, 0xd1, 0x93, |
94 | | 0x6a, 0xec, 0x76, 0x73, 0xba, 0x92, 0x44, 0xab, |
95 | | 0x2b, 0xec, 0xc2, 0xbc, 0x77, 0xce, 0x20, 0xa3, |
96 | | 0x21, 0x33, 0x06, 0x80, 0xf6, 0x1b, 0x2b, 0xe0, |
97 | | 0x90, 0x23, 0xde, 0x74, 0x57, 0x04, 0xcc, 0x27, |
98 | | 0xed, 0x4e, 0x3e, 0x7f, 0x0d, 0x7b, 0x48, 0xfa, |
99 | | 0x45, 0x2f, 0x84, 0x67, 0xe8, 0x1c, 0x89, 0xaa, |
100 | | 0xbd, 0x85, 0x53, 0x7f, 0xe6, 0xdf, 0x27, 0x75, |
101 | | 0x92, 0x84, 0x0b, 0x6f, 0x9c, 0xfd, 0x95, 0x0d, |
102 | | 0xb5, 0xdb, 0x17, 0x38, 0xc9, 0x78, 0xde, 0xa5 |
103 | | }, |
104 | | |
105 | | // Private key |
106 | | { |
107 | | 0x17, 0xcd, 0x0e, 0x82, 0xa3, 0x2f, 0x0e, 0x38, |
108 | | 0x4c, 0xec, 0x69, 0xb2, 0xec, 0x46, 0xc9, 0xaa, |
109 | | 0xa3, 0xca, 0x41, 0x33, 0xcc, 0xb4, 0x1a, 0xac, |
110 | | 0x3d, 0x66, 0x0c, 0xa5, 0xb7, 0x79, 0xa6, 0x6e |
111 | | } |
112 | | }; |
113 | | |
114 | | const SYMCRYPT_SELFTEST_DLKEY_2048 dhKey2 = |
115 | | { |
116 | | // Public key |
117 | | { |
118 | | 0x51, 0x7f, 0x01, 0xa6, 0xe7, 0x95, 0x2c, 0xb7, |
119 | | 0x0e, 0x3c, 0x09, 0x6e, 0x31, 0xfb, 0x14, 0x87, |
120 | | 0xaa, 0x27, 0x7f, 0xe0, 0x61, 0xed, 0xd7, 0x09, |
121 | | 0x07, 0xb4, 0x40, 0xb8, 0xdf, 0xff, 0x05, 0x64, |
122 | | 0x36, 0xc6, 0x0e, 0x50, 0x11, 0xd6, 0xac, 0x3f, |
123 | | 0xc2, 0x5d, 0x52, 0x39, 0x44, 0xec, 0xdf, 0x86, |
124 | | 0xde, 0x32, 0x9c, 0xde, 0x4e, 0x43, 0x30, 0x46, |
125 | | 0x32, 0x68, 0x5b, 0xb6, 0x2c, 0xda, 0x04, 0x13, |
126 | | 0x75, 0xa9, 0x80, 0x7a, 0x30, 0xf0, 0x83, 0xc4, |
127 | | 0x94, 0xf7, 0x59, 0x3e, 0x91, 0xd1, 0x53, 0x74, |
128 | | 0xde, 0xa6, 0x9a, 0xdf, 0x1d, 0x0a, 0xc7, 0x20, |
129 | | 0x9e, 0xef, 0x38, 0x0b, 0xd6, 0x20, 0x50, 0x6e, |
130 | | 0x5b, 0x5e, 0x66, 0x3d, 0xda, 0xd8, 0xbe, 0xea, |
131 | | 0x50, 0xee, 0x18, 0x54, 0xa9, 0x87, 0x3c, 0x1f, |
132 | | 0x38, 0x95, 0x27, 0xfd, 0xe2, 0xb6, 0x98, 0x9f, |
133 | | 0x50, 0x44, 0x7f, 0x66, 0x79, 0x17, 0x3f, 0x20, |
134 | | 0x45, 0xba, 0x9c, 0x43, 0x74, 0x0c, 0xda, 0x89, |
135 | | 0x80, 0x4b, 0x93, 0x02, 0x1b, 0x10, 0x1c, 0x3c, |
136 | | 0x20, 0x80, 0x1e, 0xa2, 0xc4, 0x08, 0x10, 0xd3, |
137 | | 0xda, 0xf3, 0x78, 0xc0, 0x06, 0x47, 0xed, 0x0d, |
138 | | 0xa4, 0xf8, 0x14, 0xeb, 0xd2, 0xbc, 0xf5, 0xe2, |
139 | | 0x56, 0x41, 0x48, 0x6a, 0xd5, 0x90, 0xb6, 0x15, |
140 | | 0x5d, 0x47, 0xc0, 0xb8, 0x10, 0x8b, 0xd5, 0x56, |
141 | | 0x8f, 0x95, 0xc2, 0xde, 0x8c, 0x9e, 0xc8, 0xa9, |
142 | | 0x9f, 0xfd, 0x6b, 0xff, 0x3e, 0xe8, 0x71, 0xf1, |
143 | | 0xb8, 0x01, 0xf0, 0x36, 0x07, 0x5b, 0xe5, 0x0a, |
144 | | 0xfc, 0xe4, 0x42, 0xab, 0x11, 0xd3, 0x91, 0x68, |
145 | | 0x5f, 0xba, 0x61, 0xa9, 0x2f, 0x69, 0x55, 0x15, |
146 | | 0x1d, 0xde, 0x7c, 0x2c, 0xc1, 0x05, 0x34, 0x13, |
147 | | 0x84, 0x48, 0xe0, 0xce, 0xfd, 0xa9, 0xfe, 0xd9, |
148 | | 0x76, 0x94, 0x07, 0xde, 0x0f, 0xe4, 0x98, 0x46, |
149 | | 0xbc, 0x32, 0x3b, 0xd7, 0xce, 0x16, 0xae, 0x71 |
150 | | }, |
151 | | |
152 | | // Private key |
153 | | { |
154 | | 0xad, 0xcb, 0x1d, 0xab, 0xa7, 0xc3, 0x78, 0xdb, |
155 | | 0x37, 0x0f, 0x0b, 0x9c, 0xcd, 0x4f, 0x05, 0x5f, |
156 | | 0x0e, 0x2b, 0xc3, 0xee, 0xa9, 0xb4, 0xd3, 0xb9, |
157 | | 0x77, 0xd8, 0x89, 0xbd, 0xf6, 0x0e, 0xd7, 0x18 |
158 | | } |
159 | | }; |
160 | | |
161 | | // Shared secret generated from the two above keys |
162 | | const BYTE rgbDhKnownSecret[] = |
163 | | { |
164 | | 0xa8, 0xf4, 0x48, 0xa2, 0x9f, 0xe0, 0xae, 0x75, |
165 | | 0xf1, 0xec, 0x1f, 0x65, 0x93, 0x72, 0x25, 0xf2, |
166 | | 0x3d, 0x9f, 0x8b, 0x74, 0xee, 0x9c, 0x60, 0x1c, |
167 | | 0xae, 0x8c, 0x8f, 0x61, 0x62, 0xa7, 0xa9, 0xa0, |
168 | | 0xaa, 0xe3, 0x85, 0x11, 0xcc, 0xe4, 0x97, 0x3d, |
169 | | 0xbc, 0x59, 0x74, 0x57, 0x70, 0x45, 0xe9, 0x1f, |
170 | | 0x82, 0x14, 0x8f, 0xb1, 0x51, 0x3c, 0x79, 0x51, |
171 | | 0x06, 0xe8, 0xed, 0xc0, 0xe9, 0xd0, 0xde, 0xb0, |
172 | | 0xd2, 0x06, 0xf1, 0x15, 0x81, 0x7a, 0x26, 0x80, |
173 | | 0x89, 0x26, 0x77, 0xda, 0x50, 0xdd, 0x86, 0x90, |
174 | | 0x82, 0x06, 0x35, 0x81, 0x82, 0xfd, 0x19, 0x25, |
175 | | 0xdf, 0x7f, 0xa2, 0xde, 0xd0, 0x40, 0x2c, 0x5c, |
176 | | 0x74, 0x5e, 0x0c, 0xbc, 0xea, 0x65, 0x7a, 0x7e, |
177 | | 0xbc, 0x93, 0xf3, 0xdd, 0x62, 0x10, 0x68, 0x0b, |
178 | | 0xb3, 0x7e, 0x5c, 0xd0, 0xd0, 0x74, 0x7e, 0xa5, |
179 | | 0xfc, 0xd4, 0xc8, 0xdc, 0x00, 0xde, 0x10, 0x53, |
180 | | 0x9b, 0xa0, 0x26, 0x6b, 0x57, 0xe6, 0x50, 0x69, |
181 | | 0x03, 0x18, 0xef, 0xe9, 0x3d, 0xc1, 0x08, 0x74, |
182 | | 0xdb, 0x1e, 0x02, 0x9d, 0x6c, 0x03, 0x04, 0xdc, |
183 | | 0x0c, 0xad, 0x68, 0x23, 0x08, 0x6e, 0x9c, 0x8a, |
184 | | 0x2b, 0xb8, 0xa3, 0xca, 0xf1, 0x3e, 0x16, 0x17, |
185 | | 0x43, 0xa4, 0x64, 0xf3, 0x64, 0x75, 0x54, 0xdd, |
186 | | 0x25, 0x19, 0x37, 0xf4, 0x7b, 0x14, 0x12, 0xa7, |
187 | | 0x62, 0xa7, 0xc5, 0x27, 0x46, 0xd6, 0xda, 0xe8, |
188 | | 0x4e, 0xcb, 0xf4, 0x80, 0x7e, 0x8c, 0xa6, 0xb4, |
189 | | 0x52, 0x0a, 0x1d, 0xf6, 0x24, 0xf2, 0x13, 0xe3, |
190 | | 0x4a, 0xcc, 0x86, 0x27, 0x26, 0x57, 0x06, 0xfa, |
191 | | 0xfa, 0x9d, 0xb2, 0x4c, 0x0c, 0xa4, 0xad, 0x07, |
192 | | 0x47, 0x13, 0xbb, 0x80, 0x63, 0x37, 0x37, 0x6c, |
193 | | 0xa4, 0x2e, 0xb7, 0xd5, 0x74, 0x37, 0xb7, 0x95, |
194 | | 0xe1, 0xc4, 0xbe, 0x25, 0x33, 0xcc, 0x0e, 0xdf, |
195 | | 0x53, 0xa6, 0xf9, 0x6f, 0xbc, 0x7b, 0xa6, 0x5c |
196 | | }; |
197 | | |
198 | | // |
199 | | // DL group and keys for DSA selftest |
200 | | // |
201 | | |
202 | | const SYMCRYPT_SELFTEST_DLGROUP_2048 dsaDlgroup = |
203 | | { |
204 | | // Prime P |
205 | | { |
206 | | 0x8a, 0x09, 0xf1, 0x3b, 0xb4, 0xce, 0xc7, 0xb9, |
207 | | 0x73, 0x36, 0xae, 0xb2, 0x45, 0xee, 0x9d, 0x7d, |
208 | | 0x3b, 0xef, 0xaf, 0x78, 0xb7, 0x8c, 0x62, 0xdb, |
209 | | 0xd1, 0x86, 0x60, 0xac, 0xef, 0xa6, 0x3f, 0x14, |
210 | | 0x19, 0xa8, 0x02, 0xf4, 0xf3, 0xaa, 0x44, 0x91, |
211 | | 0x4a, 0xc9, 0xa8, 0xf8, 0x70, 0xb0, 0x95, 0x96, |
212 | | 0xbc, 0x52, 0x6c, 0x0c, 0x46, 0x42, 0x2c, 0x4a, |
213 | | 0x12, 0xce, 0xfb, 0x28, 0x3d, 0x3a, 0x0c, 0x53, |
214 | | 0x48, 0x8b, 0x6c, 0x2a, 0x43, 0x55, 0x64, 0xb2, |
215 | | 0x60, 0x5e, 0x54, 0xdc, 0x72, 0x35, 0x33, 0xec, |
216 | | 0x1b, 0xd6, 0x6d, 0x8f, 0xd5, 0xaf, 0x6d, 0x12, |
217 | | 0xf0, 0x26, 0xef, 0x1d, 0xd7, 0x49, 0xf5, 0x5c, |
218 | | 0xf6, 0xd8, 0xc8, 0x39, 0xcd, 0xb3, 0xc8, 0xa6, |
219 | | 0xb1, 0x9c, 0xac, 0x52, 0x89, 0xce, 0xe4, 0x54, |
220 | | 0xf7, 0x0e, 0xe8, 0xdc, 0xbc, 0x32, 0x75, 0x53, |
221 | | 0xcf, 0xe8, 0xe3, 0x29, 0x03, 0xbf, 0xa1, 0x56, |
222 | | 0x0d, 0xce, 0xfa, 0xd1, 0x8b, 0x55, 0x0c, 0xdd, |
223 | | 0x94, 0xe2, 0xfa, 0xf0, 0x52, 0xaf, 0x4b, 0xcb, |
224 | | 0x38, 0xb3, 0x6a, 0xb9, 0x5a, 0x75, 0x6f, 0xf2, |
225 | | 0xbb, 0x5d, 0xcb, 0x47, 0x8a, 0xb0, 0x86, 0x85, |
226 | | 0xdd, 0x49, 0x47, 0xbc, 0xa9, 0xa5, 0x7b, 0xd2, |
227 | | 0xba, 0x0e, 0x23, 0x41, 0xea, 0x12, 0xb6, 0x0f, |
228 | | 0x5e, 0x0b, 0xb0, 0x07, 0x63, 0x34, 0x65, 0x66, |
229 | | 0x07, 0x98, 0xa1, 0x9a, 0x12, 0x75, 0x25, 0x2f, |
230 | | 0xd2, 0x3b, 0x1e, 0x89, 0xb8, 0x70, 0xfd, 0x89, |
231 | | 0xfd, 0x95, 0x17, 0x9a, 0xe3, 0xb8, 0xbb, 0x1c, |
232 | | 0x93, 0x87, 0x4a, 0x3b, 0x5f, 0xdf, 0xca, 0x09, |
233 | | 0xd7, 0xc6, 0xca, 0xaf, 0x7b, 0xcf, 0x03, 0x58, |
234 | | 0x89, 0xb1, 0x1e, 0x4d, 0x5d, 0x89, 0x10, 0xa8, |
235 | | 0x53, 0xf4, 0x12, 0x56, 0x8b, 0x85, 0xe2, 0xcc, |
236 | | 0x02, 0x86, 0x82, 0x77, 0x2e, 0x0f, 0x30, 0x86, |
237 | | 0x1b, 0x6e, 0xd1, 0xda, 0x15, 0x05, 0x5f, 0x93 |
238 | | }, |
239 | | |
240 | | // Prime Q |
241 | | { |
242 | | 0xb8, 0x0e, 0xd4, 0x3a, 0xe1, 0x2a, 0x6a, 0xb7, |
243 | | 0xd5, 0x6d, 0x3f, 0x8c, 0x86, 0xb9, 0xb9, 0x9d, |
244 | | 0xb4, 0x28, 0xa3, 0x96, 0x61, 0xab, 0x19, 0x8a, |
245 | | 0x92, 0xe1, 0xc2, 0xaa, 0x7e, 0x10, 0x03, 0x13 |
246 | | }, |
247 | | |
248 | | // Generator |
249 | | { |
250 | | 0x1a, 0xe8, 0x38, 0xbe, 0xe7, 0xd0, 0xc5, 0x52, |
251 | | 0x89, 0x0d, 0x7a, 0x45, 0x31, 0x83, 0x9a, 0xed, |
252 | | 0xa5, 0x4e, 0x13, 0x15, 0xba, 0xb7, 0x01, 0xa1, |
253 | | 0xf5, 0x86, 0x6a, 0x43, 0x88, 0x75, 0xdb, 0xed, |
254 | | 0xe9, 0xa3, 0xa3, 0x43, 0x78, 0x4c, 0x01, 0x18, |
255 | | 0x4d, 0x56, 0x3a, 0x49, 0x3c, 0xa7, 0x10, 0xba, |
256 | | 0x0b, 0x1b, 0x11, 0x11, 0xef, 0x2d, 0xee, 0x12, |
257 | | 0x76, 0x8c, 0xc2, 0xa8, 0xe2, 0x9d, 0xc6, 0x3f, |
258 | | 0xb5, 0xe5, 0x91, 0x76, 0x0f, 0xd8, 0xf6, 0xff, |
259 | | 0x59, 0x06, 0xb7, 0x4e, 0xcc, 0xb3, 0x75, 0x50, |
260 | | 0x47, 0x6c, 0x61, 0xf6, 0x3f, 0xe7, 0x9f, 0x80, |
261 | | 0x4c, 0x04, 0x84, 0xac, 0xfd, 0xab, 0x63, 0xa3, |
262 | | 0x99, 0x61, 0x62, 0x26, 0x5d, 0x1c, 0xc3, 0x11, |
263 | | 0x31, 0x2e, 0x4c, 0xf1, 0x81, 0xc6, 0x45, 0xd4, |
264 | | 0x3a, 0x3d, 0x17, 0x48, 0x8e, 0x84, 0x38, 0xde, |
265 | | 0xc1, 0x55, 0x42, 0xca, 0xf8, 0xb0, 0x76, 0x54, |
266 | | 0x90, 0xac, 0xf8, 0x0f, 0x38, 0xdd, 0x81, 0x70, |
267 | | 0xa9, 0xb8, 0x6f, 0xcb, 0x3e, 0xba, 0xf7, 0x1e, |
268 | | 0x5d, 0xaa, 0xa0, 0xcb, 0x7c, 0x37, 0xa1, 0x87, |
269 | | 0xb0, 0x34, 0x6e, 0x78, 0x62, 0x7e, 0x17, 0xe6, |
270 | | 0xae, 0xc3, 0x4e, 0x0c, 0xeb, 0x4f, 0x25, 0x76, |
271 | | 0x4a, 0xb6, 0xe5, 0xc6, 0x23, 0x77, 0xfb, 0xa8, |
272 | | 0xb2, 0x0c, 0xa1, 0xc0, 0x56, 0xe9, 0x22, 0x2d, |
273 | | 0x3f, 0x44, 0x43, 0x31, 0xdf, 0x2f, 0x5f, 0x57, |
274 | | 0x22, 0x6e, 0x8a, 0xf1, 0x64, 0xb1, 0x3c, 0xd3, |
275 | | 0x22, 0x78, 0x8a, 0xe3, 0x12, 0xbd, 0x47, 0x20, |
276 | | 0xd3, 0x19, 0x22, 0xb7, 0xc7, 0xc7, 0x6a, 0xb8, |
277 | | 0x7e, 0x13, 0x34, 0x13, 0x41, 0x47, 0x56, 0xd4, |
278 | | 0xff, 0x4f, 0x37, 0xd2, 0x8d, 0x58, 0x8f, 0xe3, |
279 | | 0xea, 0x04, 0x0a, 0x13, 0x3f, 0x3b, 0x8f, 0x71, |
280 | | 0x5a, 0xbe, 0xf8, 0x90, 0x8d, 0x3b, 0xd5, 0xeb, |
281 | | 0x97, 0x6f, 0xeb, 0xb1, 0xe1, 0xed, 0x1c, 0x6f |
282 | | }, |
283 | | |
284 | | // Seed |
285 | | { |
286 | | 0xe7, 0x53, 0x59, 0xd5, 0xca, 0x3a, 0x7c, 0xe1, |
287 | | 0x83, 0x68, 0x7a, 0x79, 0xff, 0x65, 0xad, 0x40, |
288 | | 0x38, 0x69, 0x59, 0x10, 0x5a, 0x18, 0x4d, 0xc5, |
289 | | 0x3a, 0xd2, 0x7e, 0x95, 0x23, 0xa3, 0x7b, 0x3d |
290 | | }, |
291 | | |
292 | | // Counter |
293 | | 3394 |
294 | | }; |
295 | | |
296 | | const SYMCRYPT_SELFTEST_DLKEY_2048 dsaKey = |
297 | | { |
298 | | // Public key |
299 | | { |
300 | | 0x24, 0xaa, 0x5c, 0x6a, 0x72, 0x54, 0x3a, 0x40, |
301 | | 0x8a, 0xd7, 0xa4, 0xd2, 0x59, 0x7d, 0xfc, 0x9d, |
302 | | 0x93, 0xc3, 0x9f, 0x84, 0x50, 0x4e, 0x03, 0x17, |
303 | | 0x87, 0x19, 0x35, 0xf0, 0x17, 0x17, 0x22, 0xb8, |
304 | | 0x08, 0xca, 0xe4, 0x22, 0xd3, 0xb5, 0x52, 0x92, |
305 | | 0xf0, 0xa9, 0x83, 0x45, 0xe4, 0x2c, 0x1f, 0xa7, |
306 | | 0xb1, 0x9f, 0x8e, 0x35, 0xfe, 0x26, 0x1f, 0xe0, |
307 | | 0xda, 0x74, 0xe4, 0xa4, 0xa0, 0xf6, 0x17, 0x0b, |
308 | | 0x04, 0x86, 0xc7, 0x5e, 0x2e, 0xc0, 0x52, 0xfe, |
309 | | 0x29, 0x12, 0x48, 0x3a, 0x16, 0x12, 0xfb, 0xbe, |
310 | | 0xd9, 0x71, 0xf2, 0x65, 0x44, 0xef, 0x41, 0xf4, |
311 | | 0x67, 0x7c, 0x8b, 0xeb, 0xb8, 0xb6, 0x58, 0x5d, |
312 | | 0xd0, 0xbb, 0x42, 0xf9, 0xc7, 0x32, 0xcc, 0x44, |
313 | | 0x46, 0x93, 0x8f, 0x2e, 0xe2, 0xd7, 0x6c, 0xa6, |
314 | | 0x53, 0x4d, 0xc9, 0x12, 0xbb, 0xc9, 0xee, 0xb2, |
315 | | 0xba, 0xc0, 0x0e, 0xc2, 0x7e, 0x61, 0x61, 0x29, |
316 | | 0x2d, 0x70, 0x70, 0x86, 0x10, 0xd8, 0x24, 0x6d, |
317 | | 0x6e, 0x4c, 0x7d, 0xb2, 0xc9, 0x10, 0x0a, 0x3c, |
318 | | 0xf8, 0x46, 0x91, 0xeb, 0xb7, 0xc2, 0x31, 0x32, |
319 | | 0xf9, 0x5b, 0x29, 0x53, 0x38, 0x75, 0x27, 0x88, |
320 | | 0x53, 0x2a, 0xe2, 0xae, 0x61, 0x7d, 0xe0, 0xd1, |
321 | | 0xb1, 0x9a, 0x43, 0xcf, 0xf1, 0x91, 0x19, 0x11, |
322 | | 0x4d, 0x7c, 0xf8, 0x5a, 0x37, 0x9c, 0x2b, 0x0c, |
323 | | 0x40, 0x74, 0x40, 0xee, 0xef, 0x5b, 0x1f, 0x3b, |
324 | | 0xa1, 0xb8, 0x06, 0x2e, 0x5d, 0x1d, 0x23, 0xd8, |
325 | | 0x05, 0x08, 0xc4, 0x1a, 0x70, 0x96, 0x96, 0x29, |
326 | | 0x6a, 0x12, 0x3a, 0x96, 0x68, 0x94, 0x8e, 0x3a, |
327 | | 0xfe, 0x2d, 0x71, 0x0c, 0x54, 0x28, 0x67, 0xbf, |
328 | | 0x95, 0x69, 0x68, 0x73, 0xee, 0xe6, 0x5d, 0x65, |
329 | | 0x79, 0x57, 0xe5, 0x45, 0x08, 0xbd, 0xf1, 0x8c, |
330 | | 0x59, 0x45, 0x97, 0xa9, 0x43, 0xd6, 0xbd, 0xb5, |
331 | | 0x34, 0xf0, 0x6a, 0x0a, 0x52, 0x6e, 0x47, 0xa6 |
332 | | }, |
333 | | |
334 | | // Private key |
335 | | { |
336 | | 0x0f, 0x3f, 0xab, 0x80, 0xf1, 0x29, 0x5d, 0x41, |
337 | | 0xf7, 0xbb, 0xff, 0xa6, 0x0a, 0x28, 0x9d, 0x46, |
338 | | 0x56, 0x28, 0x7c, 0x9b, 0x3e, 0x4a, 0x06, 0x95, |
339 | | 0x7d, 0xea, 0x04, 0x1e, 0xab, 0x9a, 0x78, 0x17 |
340 | | } |
341 | | }; |
342 | | |
343 | | // |
344 | | // ECDH/ECDSA keys |
345 | | // |
346 | | |
347 | | const SYMCRYPT_SELFTEST_ECKEY_P256 eckey1 = |
348 | | { |
349 | | // Qxy |
350 | | { |
351 | | //Qx |
352 | | 0xdd, 0xd5, 0x15, 0x20, 0x43, 0x8d, 0x41, 0xa9, |
353 | | 0x18, 0xcf, 0x62, 0xc2, 0x13, 0xf7, 0xed, 0xb2, |
354 | | 0xf9, 0x8f, 0x02, 0xa3, 0x78, 0x30, 0x7e, 0x22, |
355 | | 0x8f, 0xc1, 0x44, 0xbe, 0xde, 0xc6, 0x65, 0x91, |
356 | | //Qy |
357 | | 0x72, 0xad, 0x17, 0xad, 0x51, 0x8c, 0xd3, 0x60, |
358 | | 0x0f, 0x54, 0xc0, 0xf4, 0xc3, 0x22, 0x5b, 0x44, |
359 | | 0xab, 0xad, 0x28, 0xb5, 0x56, 0x8e, 0x78, 0x0a, |
360 | | 0x6a, 0x09, 0x6b, 0x65, 0x81, 0x6d, 0x6f, 0x99 |
361 | | }, |
362 | | //d |
363 | | { |
364 | | 0x07, 0x36, 0x9f, 0xb2, 0x35, 0xce, 0xe2, 0xd4, |
365 | | 0x7e, 0x13, 0x35, 0x31, 0xae, 0xa5, 0x6e, 0x6c, |
366 | | 0x96, 0xd3, 0x9f, 0x3b, 0xa7, 0x74, 0xae, 0xf9, |
367 | | 0x7a, 0x56, 0x6e, 0xfe, 0x32, 0x3f, 0x43, 0xaa |
368 | | }, |
369 | | }; |
370 | | |
371 | | const SYMCRYPT_SELFTEST_ECKEY_P256 eckey2 = |
372 | | { |
373 | | // Qxy |
374 | | { |
375 | | //Qx |
376 | | 0x21, 0xf2, 0xf7, 0x08, 0x8c, 0x71, 0x59, 0xa7, |
377 | | 0x0c, 0xe1, 0xb9, 0x1a, 0xe0, 0xed, 0x69, 0xbe, |
378 | | 0x44, 0xeb, 0xa3, 0x51, 0xfd, 0x32, 0x4a, 0x90, |
379 | | 0xdc, 0xde, 0xa4, 0x10, 0xe4, 0x44, 0x69, 0x29, |
380 | | //Qy |
381 | | 0x74, 0xd0, 0xc6, 0xbd, 0xe5, 0x13, 0x68, 0x07, |
382 | | 0x9f, 0x40, 0x5e, 0xbf, 0x9e, 0x61, 0x7c, 0x3f, |
383 | | 0xc8, 0x16, 0xe2, 0xd5, 0x0e, 0xf8, 0x09, 0x15, |
384 | | 0xf3, 0x30, 0xba, 0x45, 0x25, 0xab, 0x9a, 0xae |
385 | | }, |
386 | | //d |
387 | | { |
388 | | 0xd0, 0x93, 0xf2, 0x34, 0x82, 0x39, 0xa6, 0x5c, |
389 | | 0xd7, 0xe5, 0x10, 0x27, 0x0f, 0xfc, 0x0a, 0x0d, |
390 | | 0x89, 0x97, 0x10, 0xa7, 0x50, 0x5a, 0xc4, 0x1b, |
391 | | 0x5d, 0x18, 0x03, 0x2f, 0x7d, 0x46, 0x58, 0x4d |
392 | | } |
393 | | }; |
394 | | |
395 | | // Shared secret generated from the two keys above |
396 | | const BYTE rgbEcdhKnownSecret[] = |
397 | | { |
398 | | 0x16, 0x94, 0xc8, 0xb3, 0xe9, 0xbe, 0x65, 0x41, |
399 | | 0x75, 0xba, 0x71, 0x5d, 0x0a, 0xab, 0x6f, 0x6d, |
400 | | 0xeb, 0xdb, 0x70, 0x75, 0xd1, 0x9e, 0x90, 0x7f, |
401 | | 0xb6, 0x08, 0x32, 0x29, 0x34, 0x40, 0x1e, 0xd4 |
402 | | }; |
403 | | |
404 | | // |
405 | | // Key from http://csrc.nist.gov/cryptval/dss/RSAExample.zip. |
406 | | // |
407 | | const SYMCRYPT_SELFTEST_RSAKEY_2048 rsakey = |
408 | | { |
409 | | // publicExp |
410 | | 0x3, |
411 | | // modulus |
412 | | { |
413 | | 0x8f, 0xf3, 0x13, 0xb3, 0xad, 0xd8, 0x83, 0xd8, |
414 | | 0x82, 0x2f, 0x46, 0xe1, 0x5e, 0x43, 0x6e, 0x38, |
415 | | 0x7d, 0xa7, 0x84, 0xd3, 0x5e, 0xb4, 0x91, 0x2b, |
416 | | 0x87, 0x89, 0x95, 0x30, 0x0b, 0x04, 0xdd, 0xe7, |
417 | | 0x21, 0x6d, 0x24, 0xaf, 0xbe, 0x57, 0x0a, 0x0d, |
418 | | 0x6a, 0x10, 0xd9, 0xa1, 0xf6, 0x02, 0x03, 0xd1, |
419 | | 0x7e, 0x4d, 0xdb, 0xda, 0xa4, 0x96, 0x4c, 0x61, |
420 | | 0x41, 0xfb, 0xbd, 0xc7, 0x2c, 0xd9, 0x30, 0xdb, |
421 | | 0x0a, 0x43, 0x6d, 0x41, 0xce, 0x28, 0xad, 0xaf, |
422 | | 0xbe, 0x94, 0x55, 0x39, 0x95, 0x94, 0xfc, 0x9a, |
423 | | 0x8b, 0x80, 0x25, 0x4b, 0xf7, 0xdc, 0x8c, 0xfb, |
424 | | 0xce, 0x92, 0xcf, 0x7a, 0xd7, 0x5e, 0x0f, 0x12, |
425 | | 0x5d, 0xca, 0x5a, 0xaf, 0x94, 0xcf, 0x13, 0x99, |
426 | | 0x7c, 0xb2, 0x71, 0x81, 0x73, 0x4c, 0xbd, 0x56, |
427 | | 0x7c, 0x55, 0xc3, 0x73, 0xa4, 0x74, 0xac, 0xb8, |
428 | | 0xb5, 0x6f, 0xdd, 0x54, 0x3b, 0x97, 0x8a, 0x3a, |
429 | | 0x72, 0xe0, 0xb3, 0x8d, 0x5a, 0xb4, 0xd8, 0x54, |
430 | | 0x3d, 0xc1, 0x9f, 0x69, 0x7f, 0xc0, 0x30, 0x1e, |
431 | | 0xd6, 0xb5, 0x4f, 0xcd, 0xe5, 0xdd, 0x68, 0x08, |
432 | | 0x93, 0x92, 0x1f, 0x9f, 0xe3, 0x23, 0x84, 0x12, |
433 | | 0xc9, 0xbb, 0xa5, 0xb8, 0x53, 0x14, 0x8b, 0xe0, |
434 | | 0xa4, 0x93, 0x97, 0x89, 0x05, 0x16, 0xb2, 0xc8, |
435 | | 0x70, 0x2a, 0xc8, 0x46, 0xcd, 0x92, 0x43, 0xad, |
436 | | 0x6a, 0x35, 0x3e, 0x84, 0xcc, 0xbf, 0xa7, 0xfe, |
437 | | 0x79, 0x9e, 0xf4, 0xc3, 0x7d, 0xde, 0x97, 0xa0, |
438 | | 0x25, 0x7f, 0x93, 0x9c, 0xbc, 0x14, 0xce, 0xd6, |
439 | | 0xd8, 0x6c, 0x47, 0x0f, 0xc9, 0x88, 0xd4, 0x35, |
440 | | 0x05, 0x87, 0x83, 0xf8, 0xcb, 0xd8, 0xa6, 0x7e, |
441 | | 0xd2, 0xd8, 0xcd, 0xe7, 0x1c, 0x6e, 0x74, 0xdd, |
442 | | 0xc6, 0x49, 0xe5, 0x6f, 0x51, 0xc6, 0x29, 0x2a, |
443 | | 0x15, 0xc1, 0xff, 0xbd, 0x85, 0x6e, 0xe1, 0x5f, |
444 | | 0x49, 0xda, 0xcc, 0xbb, 0x74, 0x2a, 0x8a, 0xb9 |
445 | | }, |
446 | | // prime1 |
447 | | { |
448 | | 0xc8, 0x23, 0xbd, 0x5e, 0x64, 0x04, 0xba, 0xc4, |
449 | | 0x51, 0x1d, 0x15, 0x05, 0xdc, 0xd1, 0x33, 0x3c, |
450 | | 0xc3, 0xbe, 0xca, 0x9a, 0x7f, 0x43, 0x50, 0x0b, |
451 | | 0x61, 0x3f, 0xb4, 0x16, 0xe0, 0x1c, 0x4b, 0x05, |
452 | | 0x32, 0x0d, 0x0d, 0x47, 0x19, 0x93, 0x01, 0x12, |
453 | | 0x00, 0x46, 0xf6, 0x4d, 0x46, 0xd2, 0x74, 0xac, |
454 | | 0xda, 0x40, 0xf2, 0x1d, 0x08, 0x77, 0x49, 0x63, |
455 | | 0x92, 0x02, 0x69, 0x00, 0x03, 0x13, 0x4b, 0x59, |
456 | | 0x40, 0xc8, 0x27, 0x15, 0x60, 0xae, 0xe6, 0xc6, |
457 | | 0xbd, 0x84, 0xda, 0xcb, 0x4b, 0x41, 0xad, 0x75, |
458 | | 0x29, 0x58, 0x97, 0x68, 0x76, 0x3a, 0xd4, 0x44, |
459 | | 0x66, 0x1c, 0x56, 0x85, 0x95, 0xfb, 0xb7, 0xa8, |
460 | | 0x9b, 0xde, 0x71, 0x90, 0xe0, 0x63, 0x64, 0xdf, |
461 | | 0xff, 0xc6, 0xe5, 0x2d, 0x5d, 0x87, 0x73, 0x94, |
462 | | 0x61, 0x89, 0x23, 0x3b, 0x8f, 0x38, 0xdf, 0x67, |
463 | | 0x14, 0x2b, 0x0a, 0x79, 0x61, 0x2d, 0xed, 0x0f |
464 | | }, |
465 | | // prime2 |
466 | | { |
467 | | 0xb8, 0x20, 0x79, 0xad, 0x07, 0x09, 0x04, 0x80, |
468 | | 0x78, 0x39, 0x24, 0x4a, 0xd8, 0x1f, 0xa3, 0x82, |
469 | | 0x51, 0x8c, 0x18, 0x31, 0x5e, 0x5c, 0x00, 0xae, |
470 | | 0x82, 0x58, 0x10, 0xac, 0x3a, 0x5b, 0xca, 0x77, |
471 | | 0x30, 0xb4, 0x4f, 0x7b, 0xb1, 0xcc, 0x74, 0x06, |
472 | | 0x61, 0x09, 0x17, 0x4f, 0x2e, 0xf1, 0xb4, 0xb6, |
473 | | 0x82, 0x93, 0x33, 0x4d, 0xbd, 0x22, 0x04, 0x98, |
474 | | 0xe2, 0xe4, 0x6e, 0x91, 0x90, 0x4a, 0x24, 0xef, |
475 | | 0x35, 0x61, 0x1a, 0xa8, 0x7e, 0x69, 0x96, 0xb5, |
476 | | 0x12, 0xc2, 0x8a, 0x15, 0x7f, 0x10, 0x21, 0x14, |
477 | | 0x74, 0x97, 0x98, 0xcd, 0x32, 0xe7, 0x4f, 0xee, |
478 | | 0x3d, 0xbe, 0x20, 0xbb, 0x57, 0x2a, 0xef, 0x56, |
479 | | 0xae, 0xee, 0x82, 0x3d, 0x55, 0x35, 0xb3, 0x87, |
480 | | 0x46, 0x96, 0x01, 0xd7, 0x83, 0x40, 0xfd, 0x94, |
481 | | 0x0d, 0x2f, 0xe3, 0xe0, 0x92, 0x42, 0x02, 0xe7, |
482 | | 0xbf, 0x02, 0xc1, 0x0f, 0xd1, 0x52, 0x9b, 0xb7 |
483 | | } |
484 | | }; |
485 | | |
486 | | // RSA-2048 PKCS1 signature on rgbSha256Hash generated with rsakey |
487 | | const BYTE rgbRsaPkcs1Sig[] = { |
488 | | 0x8c, 0x01, 0x48, 0x38, 0x1a, 0x8f, 0xa9, 0xae, 0x55, 0xa6, 0xad, 0x04, 0x5f, 0x78, 0x1a, 0xf5, |
489 | | 0xae, 0xf4, 0x09, 0x5d, 0x9c, 0x3a, 0xe2, 0x13, 0xf2, 0x04, 0xd8, 0x8a, 0xf7, 0x58, 0x4f, 0xe5, |
490 | | 0xb0, 0xcc, 0xea, 0xd8, 0xd0, 0xc4, 0x57, 0xd1, 0x9e, 0x61, 0xa8, 0x62, 0xb3, 0x39, 0x03, 0xf6, |
491 | | 0x13, 0x45, 0x6f, 0x88, 0x1a, 0x14, 0x33, 0x07, 0x20, 0x17, 0xab, 0xe1, 0x00, 0x93, 0x69, 0x03, |
492 | | 0x37, 0x69, 0xbb, 0x0e, 0x0f, 0x63, 0x57, 0xed, 0xb7, 0x56, 0x3a, 0x5d, 0xf1, 0x93, 0xd3, 0x76, |
493 | | 0x90, 0xf3, 0xed, 0x25, 0x6f, 0xc5, 0xc8, 0xcb, 0x1a, 0xd7, 0xce, 0x02, 0x80, 0x28, 0xa3, 0x5f, |
494 | | 0x02, 0x6b, 0xf1, 0xfa, 0x94, 0x08, 0xbb, 0x79, 0xfd, 0x51, 0x37, 0xf1, 0x48, 0xe9, 0x55, 0xaa, |
495 | | 0x0f, 0xb0, 0xaf, 0x5d, 0x5f, 0xe9, 0x28, 0x7f, 0xb2, 0x67, 0x96, 0x6d, 0x91, 0x7c, 0x98, 0x0d, |
496 | | 0x60, 0x27, 0xea, 0x62, 0xf5, 0x22, 0x60, 0x0a, 0xbd, 0xfe, 0x9d, 0xd5, 0x96, 0xa6, 0x02, 0xbb, |
497 | | 0x6c, 0x51, 0x36, 0x74, 0x92, 0x23, 0xb9, 0x4b, 0x87, 0xf4, 0xef, 0x2b, 0x00, 0x34, 0xe3, 0xfb, |
498 | | 0x10, 0x1b, 0xcc, 0xab, 0xc4, 0xe5, 0xda, 0x27, 0xf5, 0xf2, 0x55, 0x18, 0x65, 0x59, 0x8b, 0xed, |
499 | | 0x8e, 0x52, 0x78, 0x5a, 0xc7, 0x4b, 0x6b, 0x1b, 0x66, 0x67, 0xe6, 0xc0, 0xd7, 0x5a, 0x2a, 0xab, |
500 | | 0xce, 0x1d, 0xf2, 0xdf, 0x92, 0xe0, 0xdb, 0xf7, 0x34, 0xe3, 0x05, 0x10, 0xe4, 0x13, 0x7b, 0x29, |
501 | | 0x14, 0xa5, 0x41, 0xcb, 0x6e, 0x81, 0x33, 0xd0, 0xf9, 0x93, 0xa8, 0x85, 0xd1, 0xf4, 0xea, 0xfc, |
502 | | 0xaf, 0x5d, 0x7b, 0xc7, 0xf4, 0xff, 0x6c, 0x1e, 0x76, 0x18, 0xc6, 0x09, 0xe9, 0x8a, 0xa4, 0x57, |
503 | | 0xe6, 0x6b, 0x3e, 0x32, 0x36, 0xb4, 0xfd, 0x6a, 0xea, 0x87, 0xe0, 0xe6, 0x42, 0x3e, 0xdc, 0x58 |
504 | | }; |
505 | | |
506 | | // SHA256 hash for DSA, ECDSA, RSA sign/verify tests |
507 | | // Hashed from: { 0x61, 0x62, 0x63 } |
508 | | const BYTE rgbSha256Hash[] = |
509 | | { |
510 | | 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, |
511 | | 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, |
512 | | 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, |
513 | | 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad |
514 | | }; |
515 | | |
516 | | |
517 | | // XMSS-SHA2_10_192 public-key and signature for message "abc" |
518 | | const BYTE rgbXmssSha2_10_192Pubkey[] = |
519 | | { |
520 | | // Algorithm ID |
521 | | 0x00, 0x00, 0x00, 0x0d, |
522 | | |
523 | | // Root |
524 | | 0x7e, 0x63, 0xd5, 0x1d, 0xdf, 0x92, 0x0f, 0x10, |
525 | | 0x63, 0x52, 0x82, 0x38, 0xdf, 0x15, 0x0e, 0x83, |
526 | | 0x5c, 0x74, 0x0a, 0x25, 0x10, 0xc8, 0x3b, 0xdc, |
527 | | |
528 | | // Seed |
529 | | 0x75, 0x78, 0x08, 0x77, 0xb0, 0x90, 0x02, 0x63, |
530 | | 0x45, 0x4b, 0xf9, 0xad, 0xee, 0x52, 0x04, 0x75, |
531 | | 0x45, 0x13, 0x99, 0xdd, 0x9f, 0xbb, 0xc7, 0x43, |
532 | | }; |
533 | | |
534 | | const BYTE rgbXmssSha2_10_192Signature[] = |
535 | | { |
536 | | // Idx |
537 | | 0x00, 0x00, 0x00, 0x03, |
538 | | |
539 | | // Randomness |
540 | | 0xf8, 0xbe, 0x24, 0x0e, 0x21, 0x1f, 0x9b, 0x7f, 0x3a, 0x81, 0x82, 0x32, 0x79, 0xe2, 0x2f, 0x42, |
541 | | 0xa5, 0x5a, 0xea, 0x32, 0x75, 0x58, 0x47, 0x8a, |
542 | | |
543 | | // WOTSP signature |
544 | | 0x2d, 0xaa, 0x55, 0xc6, 0xdb, 0xa4, 0x46, 0x83, 0xda, 0x62, 0xba, 0x67, 0x1a, 0xa2, 0x53, 0x4a, |
545 | | 0xbf, 0xf4, 0x0c, 0x4e, 0x8d, 0xa6, 0x3b, 0xdf, 0x92, 0x1c, 0x80, 0xb7, 0xe6, 0x58, 0x66, 0xf3, |
546 | | 0x5d, 0x01, 0xd7, 0x31, 0x70, 0x7e, 0x22, 0x04, 0x73, 0xb0, 0xaa, 0x7a, 0x64, 0xf9, 0xba, 0xf5, |
547 | | 0x37, 0x58, 0x98, 0x7e, 0x9c, 0x81, 0xd4, 0xa5, 0xe0, 0x2e, 0xed, 0x6b, 0x61, 0x57, 0xe5, 0x73, |
548 | | 0x80, 0x42, 0x79, 0xe2, 0x30, 0x9d, 0xa8, 0x9c, 0x0c, 0x10, 0x1f, 0xb9, 0xf5, 0xa0, 0x17, 0x0e, |
549 | | 0xa0, 0x99, 0xa4, 0xd8, 0x42, 0xea, 0x90, 0xa3, 0xb0, 0x20, 0x89, 0x02, 0x35, 0xfe, 0x86, 0x2e, |
550 | | 0x9a, 0x72, 0x41, 0x72, 0x77, 0xb6, 0xbd, 0x30, 0x05, 0xb0, 0xfa, 0xb4, 0x43, 0xc9, 0xfe, 0x54, |
551 | | 0x3f, 0x78, 0x83, 0x87, 0x1a, 0x10, 0xeb, 0x8a, 0xf3, 0xbe, 0x59, 0x67, 0x86, 0x26, 0x6e, 0xa2, |
552 | | 0xff, 0xaa, 0xb1, 0xa4, 0xb3, 0xcb, 0xfd, 0xe5, 0x31, 0xb3, 0xd4, 0x2a, 0x02, 0x5e, 0xea, 0xfb, |
553 | | 0xea, 0x95, 0x70, 0xa2, 0x56, 0xe9, 0x9e, 0xd1, 0x84, 0x0b, 0xd4, 0xc8, 0xa3, 0xee, 0x46, 0x48, |
554 | | 0x96, 0x1f, 0x30, 0x7d, 0x86, 0x63, 0x47, 0x18, 0xb2, 0xe2, 0x3b, 0xe3, 0x89, 0x28, 0x5b, 0x6f, |
555 | | 0x5d, 0x2a, 0xe4, 0xe5, 0x3e, 0xb2, 0x2a, 0x97, 0x00, 0x04, 0xe7, 0xe3, 0x87, 0xa3, 0x6b, 0x73, |
556 | | 0xe3, 0xcd, 0x99, 0x5a, 0x8b, 0x93, 0x6a, 0x28, 0x53, 0x66, 0x5b, 0x21, 0x0b, 0x88, 0x2f, 0x01, |
557 | | 0x31, 0x37, 0x03, 0x21, 0xf9, 0xd6, 0x47, 0x99, 0x75, 0x81, 0x27, 0x7b, 0x24, 0xa4, 0x23, 0x32, |
558 | | 0x33, 0x6b, 0x3b, 0x8f, 0xe3, 0x5b, 0x38, 0xcc, 0xa5, 0x53, 0xb0, 0x15, 0xd3, 0xc8, 0x42, 0x75, |
559 | | 0x2d, 0x73, 0x5a, 0x80, 0x01, 0x10, 0x66, 0x48, 0xf6, 0x3e, 0x36, 0x84, 0xc8, 0xc0, 0x7a, 0xf6, |
560 | | 0xfb, 0xe1, 0xe8, 0x15, 0x3e, 0x9e, 0x0c, 0xd0, 0x0c, 0x45, 0x82, 0xa3, 0xfa, 0x8a, 0x0b, 0x6f, |
561 | | 0x84, 0x0b, 0x98, 0xf9, 0x58, 0x88, 0xb8, 0x13, 0xc7, 0xd7, 0x4e, 0x91, 0x89, 0x2f, 0xc0, 0x6f, |
562 | | 0x00, 0xf1, 0x6d, 0x67, 0xea, 0xb8, 0xae, 0xbb, 0xa9, 0x12, 0xcb, 0xe6, 0x69, 0xd6, 0x0e, 0xb3, |
563 | | 0xfb, 0xa8, 0xb0, 0x42, 0x06, 0x64, 0x25, 0x07, 0xcc, 0xb7, 0xa8, 0x05, 0x51, 0xc2, 0x9f, 0xe9, |
564 | | 0xed, 0x59, 0xb9, 0xb0, 0x9d, 0x4c, 0x56, 0x8e, 0xc2, 0x48, 0xf6, 0x4a, 0x8b, 0x71, 0x90, 0xa1, |
565 | | 0x3c, 0xd2, 0xf5, 0xab, 0x74, 0xca, 0xaf, 0x1c, 0x31, 0xa6, 0x45, 0x30, 0x89, 0xb4, 0xe1, 0x4a, |
566 | | 0x82, 0x08, 0x75, 0x46, 0x16, 0xd8, 0x1e, 0x8a, 0x42, 0x6c, 0xa0, 0x63, 0x71, 0x41, 0x4f, 0x50, |
567 | | 0xa8, 0xa2, 0x61, 0xcf, 0xb7, 0xd7, 0x4d, 0x91, 0x55, 0xf2, 0xf2, 0xdf, 0xf6, 0xe2, 0xac, 0xb3, |
568 | | 0x6f, 0x54, 0x32, 0xb9, 0xf0, 0x3d, 0x8e, 0xf3, 0x04, 0xae, 0xdd, 0x8f, 0x53, 0xb9, 0x8b, 0xe3, |
569 | | 0xcc, 0x3d, 0xbc, 0x54, 0xe4, 0xc4, 0x7c, 0x6d, 0x10, 0xfe, 0xd6, 0xeb, 0x12, 0xeb, 0xd1, 0xb1, |
570 | | 0x0a, 0x74, 0x56, 0x81, 0x3a, 0x05, 0x45, 0x65, 0x37, 0x0e, 0x8c, 0x0c, 0x0d, 0xad, 0x3e, 0x91, |
571 | | 0xc7, 0x9a, 0x3c, 0xe6, 0xd7, 0x3a, 0xfb, 0x9f, 0x54, 0x66, 0x03, 0x0d, 0x9e, 0x18, 0xe5, 0xa2, |
572 | | 0x19, 0xca, 0x3a, 0xaa, 0x99, 0x6f, 0xe8, 0x15, 0xe3, 0x47, 0x4b, 0x90, 0x93, 0x17, 0x89, 0xda, |
573 | | 0x13, 0xff, 0xe5, 0xad, 0x8b, 0xd5, 0xe8, 0xeb, 0x25, 0x3e, 0x10, 0x66, 0x8e, 0x13, 0x01, 0x4d, |
574 | | 0xc1, 0xc9, 0x17, 0x56, 0x4e, 0x23, 0xef, 0x34, 0x22, 0xed, 0x8d, 0x84, 0x7c, 0xd8, 0x42, 0x7b, |
575 | | 0x72, 0x3d, 0x45, 0x1f, 0x23, 0x60, 0x46, 0x1d, 0x60, 0xb4, 0xaf, 0x6d, 0xb9, 0xc3, 0xe3, 0xd4, |
576 | | 0x05, 0xee, 0x24, 0xb7, 0x1e, 0xbe, 0x37, 0x3d, 0x62, 0xc5, 0xe1, 0x6c, 0xd7, 0xc3, 0x43, 0xf4, |
577 | | 0x1c, 0x8b, 0x95, 0xb8, 0x31, 0x0d, 0x6f, 0x51, 0x0b, 0xb8, 0xf0, 0x87, 0xf2, 0x94, 0x5c, 0x25, |
578 | | 0x2d, 0x84, 0x9a, 0x3b, 0x6b, 0x13, 0x61, 0xd6, 0x94, 0xa9, 0x53, 0x30, 0xd1, 0x00, 0x82, 0xb1, |
579 | | 0x04, 0x29, 0x78, 0x43, 0x60, 0x92, 0x39, 0xf0, 0x9a, 0xfe, 0xfb, 0x5c, 0x7c, 0x5e, 0x5e, 0x54, |
580 | | 0xcc, 0x9e, 0xf7, 0x67, 0x1c, 0x15, 0x6b, 0xa4, 0x5d, 0x90, 0xdd, 0x5c, 0x82, 0xef, 0x12, 0xca, |
581 | | 0x0f, 0x42, 0xc7, 0x54, 0x0b, 0xfb, 0x8a, 0xc5, 0xfe, 0x6f, 0xdc, 0x95, 0x09, 0xd9, 0x7c, 0x19, |
582 | | 0xc6, 0x66, 0x8a, 0xff, 0x45, 0x2d, 0x59, 0xd1, 0x82, 0xdd, 0x56, 0xaa, 0x65, 0xf7, 0x37, 0x76, |
583 | | 0x66, 0xc4, 0x4d, 0x70, 0x4b, 0xc8, 0x3f, 0x47, 0xc2, 0xe8, 0xd3, 0xb6, 0xe4, 0x4e, 0xa7, 0xc3, |
584 | | 0x0a, 0x29, 0x69, 0x57, 0xba, 0x64, 0x23, 0xd4, 0x75, 0x74, 0x12, 0x85, 0xf8, 0x42, 0x1d, 0xc9, |
585 | | 0xd0, 0x65, 0x5a, 0x8f, 0xed, 0x49, 0xbb, 0x3d, 0x2e, 0xe5, 0xee, 0x14, 0x95, 0xc1, 0x92, 0xf6, |
586 | | 0xf7, 0xac, 0xe1, 0x07, 0x00, 0x6c, 0x9b, 0xd9, 0xa8, 0x41, 0x96, 0xdc, 0x8b, 0x07, 0x05, 0xb8, |
587 | | 0x16, 0x54, 0x34, 0x29, 0xf9, 0x3e, 0x5a, 0x86, 0x82, 0x93, 0xa2, 0x5f, 0xf8, 0x4b, 0x3c, 0x52, |
588 | | 0xf8, 0x5a, 0x62, 0x0e, 0x01, 0xe0, 0x26, 0xcd, 0x3b, 0x04, 0xa8, 0xe1, 0x00, 0xc9, 0x06, 0x16, |
589 | | 0x51, 0x79, 0xaa, 0xb4, 0x56, 0x44, 0x08, 0x20, 0x17, 0xc1, 0x2f, 0x17, 0xc5, 0x8c, 0xbb, 0xad, |
590 | | 0x8c, 0x28, 0x53, 0x29, 0x1c, 0xde, 0xf1, 0xa3, 0xa1, 0x04, 0x1d, 0x01, 0x7f, 0xe5, 0xa8, 0xb2, |
591 | | 0xea, 0xb6, 0x4b, 0x7b, 0x3e, 0x3b, 0x50, 0x6b, 0x2a, 0x72, 0x5a, 0x5e, 0xd7, 0x9b, 0xf4, 0x16, |
592 | | 0x1f, 0xec, 0x18, 0x2f, 0xc7, 0xa0, 0xb2, 0xb5, 0x25, 0xd0, 0x34, 0x64, 0x89, 0x00, 0x00, 0x85, |
593 | | 0xab, 0x6e, 0x90, 0x31, 0x3f, 0x91, 0x59, 0x35, 0x5c, 0x88, 0x25, 0xe6, 0xc3, 0x79, 0xde, 0x27, |
594 | | 0x8a, 0xab, 0x40, 0x4f, 0x17, 0xba, 0x04, 0xc7, 0x1a, 0xd9, 0x36, 0x92, 0x9c, 0x6a, 0x3c, 0xc8, |
595 | | 0x28, 0x6b, 0x2d, 0x15, 0x86, 0x6c, 0xe4, 0x4d, 0x48, 0x70, 0xbb, 0x09, 0xeb, 0xa9, 0x69, 0xef, |
596 | | 0xff, 0xee, 0xed, 0xbf, 0x82, 0x61, 0xb3, 0x3d, 0x63, 0x70, 0xfb, 0x4c, 0x8c, 0x1d, 0xca, 0xf4, |
597 | | 0x6f, 0x10, 0x36, 0x3b, 0x00, 0x65, 0x0c, 0x40, 0x47, 0x4c, 0xbb, 0x9f, 0x7a, 0x53, 0x72, 0x91, |
598 | | 0x6d, 0x4a, 0xe0, 0xf4, 0x89, 0xeb, 0x53, 0x99, 0x1a, 0x1a, 0xf3, 0xee, 0xc3, 0x93, 0xc7, 0x30, |
599 | | 0x3f, 0x61, 0xb6, 0xab, 0x6f, 0x0a, 0xab, 0xa8, 0xbf, 0x33, 0x69, 0x82, 0xda, 0x12, 0xc8, 0xab, |
600 | | 0x8f, 0x01, 0x84, 0x30, 0x51, 0xf3, 0x12, 0xc5, 0xe2, 0x1c, 0xb7, 0x63, 0xb8, 0x14, 0x33, 0x5f, |
601 | | 0x7b, 0x9a, 0x68, 0x4f, 0x27, 0xf9, 0x40, 0xa0, 0xad, 0x23, 0xf5, 0xf2, 0xf4, 0x78, 0xc4, 0x93, |
602 | | 0x2d, 0xfc, 0xe8, 0xea, 0x5c, 0x00, 0x2a, 0x13, 0x4f, 0x2b, 0x5b, 0x26, 0x39, 0x50, 0xaf, 0x52, |
603 | | 0x33, 0xdd, 0xcd, 0xf3, 0x86, 0x53, 0x8f, 0xc6, 0xfe, 0x87, 0x2e, 0x73, 0xab, 0x34, 0xcb, 0xd4, |
604 | | 0xc8, 0x76, 0x9d, 0x00, 0xd7, 0x98, 0x5b, 0x85, 0x95, 0x75, 0xcd, 0xb0, 0x07, 0xa6, 0xaf, 0xa8, |
605 | | 0xf5, 0x58, 0x2e, 0xc8, 0xd0, 0x50, 0x7c, 0xc2, 0x1e, 0x71, 0x86, 0x86, 0xdb, 0x72, 0xcc, 0x68, |
606 | | 0x78, 0x51, 0x6d, 0xe1, 0x13, 0xdc, 0x6c, 0x89, 0xa6, 0x4a, 0xf5, 0x43, 0xf3, 0x29, 0x31, 0xbe, |
607 | | 0x16, 0xab, 0x8b, 0xdf, 0x52, 0x0a, 0xc1, 0x7d, 0x04, 0x57, 0x39, 0xbb, 0x9a, 0x8d, 0x64, 0x7f, |
608 | | 0xf1, 0x64, 0x9e, 0xfc, 0x12, 0x8b, 0x84, 0x85, 0x5e, 0x93, 0x35, 0xa6, 0x18, 0xcb, 0xbb, 0x1f, |
609 | | 0x37, 0xda, 0xc2, 0x19, 0xa3, 0x6e, 0x31, 0x8a, 0xa5, 0x50, 0xea, 0x70, 0xe1, 0x72, 0x20, 0x35, |
610 | | 0x09, 0x47, 0xa3, 0xc8, 0xbc, 0x23, 0xdf, 0x9c, 0x26, 0x36, 0x1b, 0x5a, 0x1f, 0x5f, 0x33, 0x81, |
611 | | 0xd6, 0xbd, 0x94, 0x84, 0x06, 0x81, 0x80, 0x1a, 0xbd, 0x01, 0x9f, 0x4c, 0x66, 0x79, 0xc1, 0x2f, |
612 | | 0x84, 0x3a, 0xbb, 0x30, 0x68, 0xce, 0xd3, 0x94, 0xec, 0x92, 0xee, 0xd2, 0xe5, 0x28, 0x3f, 0xdd, |
613 | | 0x3f, 0xf1, 0x8d, 0x71, 0x5a, 0x56, 0xe3, 0x88, 0x2c, 0x6e, 0x6f, 0xd7, 0x41, 0x41, 0xa4, 0xa6, |
614 | | 0xcb, 0x38, 0xfd, 0x8e, 0x18, 0xde, 0x7c, 0xd2, 0x9d, 0xec, 0xae, 0xac, 0xce, 0x5b, 0x20, 0x6f, |
615 | | 0x43, 0x06, 0x70, 0x1b, 0x1a, 0x10, 0xfd, 0x1c, 0x24, 0x8a, 0x99, 0xa2, 0x6e, 0xde, 0x2c, 0xfe, |
616 | | 0xd2, 0x49, 0xe7, 0xa3, 0x4b, 0x76, 0x1a, 0xf1, 0xee, 0xee, 0xd3, 0xb5, 0x1c, 0xb1, 0xdc, 0x20, |
617 | | 0xe5, 0x5c, 0x8d, 0x83, 0xa6, 0xf8, 0x12, 0x2e, 0x6c, 0x6a, 0x2e, 0x16, 0x23, 0xed, 0x3c, 0x96, |
618 | | 0x52, 0x9c, 0x51, 0x0f, 0x2d, 0xbe, 0x1b, 0x3d, 0x6a, 0xd2, 0xf5, 0x43, 0xde, 0x7a, 0x5c, 0x07, |
619 | | 0x85, 0x42, 0x89, 0x49, 0xa6, 0x08, 0x82, 0x13, 0xcd, 0xa1, 0xd5, 0x7d, 0x86, 0x51, 0x9b, 0x20, |
620 | | 0x44, 0x59, 0x71, 0x24, 0x72, 0xcc, 0xf0, 0x69, |
621 | | |
622 | | // Authentication nodes |
623 | | 0x51, 0x4f, 0x87, 0x42, 0xee, 0x41, 0x95, 0x4d, 0x7c, 0x77, 0x36, 0x33, 0x58, 0x8c, 0xaa, 0x8e, |
624 | | 0x24, 0x53, 0xaf, 0x69, 0xdc, 0x0a, 0xd9, 0x62, 0x5b, 0x42, 0xf1, 0x46, 0xcd, 0x85, 0x59, 0x18, |
625 | | 0x85, 0x48, 0xd3, 0x4c, 0xbe, 0xd6, 0xb3, 0x36, 0x3f, 0x1f, 0x2b, 0x30, 0x13, 0x87, 0x2b, 0xd5, |
626 | | 0xcd, 0xb7, 0x6b, 0x19, 0x68, 0x16, 0x91, 0x25, 0xc2, 0x0e, 0xbe, 0xb6, 0xbb, 0x6d, 0xe1, 0x37, |
627 | | 0x4d, 0x4c, 0x0a, 0x80, 0x02, 0x01, 0xdd, 0xfb, 0x0e, 0xb3, 0xaa, 0xf9, 0x83, 0x0d, 0x44, 0x72, |
628 | | 0x64, 0x5b, 0xec, 0xbf, 0xe0, 0x98, 0xd7, 0x4f, 0x09, 0x85, 0xf9, 0x99, 0x88, 0x78, 0xa7, 0xad, |
629 | | 0x6b, 0xce, 0xa3, 0xa0, 0x74, 0x72, 0xe1, 0x3a, 0x39, 0x29, 0x3f, 0x1b, 0xcd, 0xfe, 0x60, 0x54, |
630 | | 0xf5, 0xdb, 0xa3, 0xd6, 0x21, 0xde, 0x8c, 0x6f, 0x33, 0x52, 0x0c, 0xfb, 0x61, 0x60, 0x88, 0xb3, |
631 | | 0x17, 0x8a, 0xe5, 0x4a, 0xaa, 0x5b, 0x64, 0x01, 0x33, 0x57, 0x46, 0x91, 0x61, 0x95, 0x93, 0x08, |
632 | | 0xe8, 0x0d, 0xba, 0xda, 0x0c, 0xeb, 0x96, 0x7b, 0x73, 0xa5, 0x79, 0xe4, 0x0b, 0x93, 0x51, 0x28, |
633 | | 0xa3, 0x44, 0x76, 0x62, 0xe6, 0xbe, 0xca, 0x0e, 0x37, 0x7b, 0xf6, 0xfb, 0xbd, 0x6c, 0xd7, 0x8f, |
634 | | 0xba, 0x75, 0xd5, 0x6b, 0xc1, 0xc2, 0x04, 0xfa, 0xf8, 0xe3, 0x07, 0x10, 0x6f, 0xb4, 0x97, 0xf1, |
635 | | 0xd7, 0xa8, 0x83, 0xa9, 0x9f, 0x20, 0x9c, 0xfc, 0xa7, 0x45, 0x71, 0x36, 0xeb, 0x26, 0xc7, 0x1d, |
636 | | 0x8a, 0x3c, 0x66, 0x78, 0x02, 0xc5, 0x76, 0xa1, 0xd5, 0xc2, 0x15, 0x86, 0x2e, 0x8a, 0x46, 0xde, |
637 | | 0x45, 0xcf, 0xaf, 0xdd, 0xe3, 0xbe, 0xb6, 0x5e, 0x88, 0x1f, 0x9e, 0x63, 0xa6, 0xca, 0x89, 0x8b, |
638 | | }; |
639 | | |
640 | | const BYTE rgbDsaKnownAnswerTestSignature[64] = { |
641 | | 0x93, 0xa5, 0xe2, 0x73, 0xd0, 0x00, 0xd4, 0x9a, 0x12, 0x24, 0x2f, 0x0f, 0xcf, 0x03, 0xe2, 0x10, |
642 | | 0x05, 0x47, 0xd8, 0x84, 0x09, 0x8c, 0xc4, 0xde, 0xed, 0x83, 0xac, 0x10, 0xa8, 0x46, 0x57, 0x31, |
643 | | 0x64, 0x65, 0xe3, 0x18, 0xa3, 0xbe, 0x99, 0x1d, 0x88, 0x06, 0x19, 0x7f, 0x76, 0xd3, 0x0b, 0x3f, |
644 | | 0xf4, 0xb0, 0x19, 0xbe, 0x3c, 0x26, 0xd1, 0xd6, 0x98, 0xa1, 0x1d, 0xf4, 0x0b, 0x67, 0xc6, 0xc5 |
645 | | }; |
646 | | |
647 | | const BYTE rgbEcDsaKnownAnswerTestK[32] = { |
648 | | 0x0a, 0xdc, 0xe3, 0x27, 0xd4, 0x62, 0x95, 0x3b, 0x3a, 0x4e, 0xfd, 0xa5, 0x07, 0x32, 0x6f, 0x3b, |
649 | | 0xda, 0xaa, 0x52, 0x4c, 0xad, 0x2d, 0xf6, 0x23, 0x8a, 0x93, 0x87, 0xdd, 0xd0, 0x25, 0x91, 0x00 |
650 | | }; |
651 | | |
652 | | const BYTE rgbEcDsaKnownAnswerTestSignature[64] = { |
653 | | 0x95, 0xc5, 0xd8, 0xce, 0xe6, 0xcf, 0x79, 0xd3, 0x13, 0x03, 0xf3, 0x96, 0x86, 0x0c, 0x4b, 0x0c, |
654 | | 0xe4, 0xdd, 0x61, 0x3d, 0x78, 0x24, 0x7a, 0x05, 0x56, 0x7e, 0x02, 0xaf, 0xdd, 0x57, 0x40, 0xd4, |
655 | | 0x7b, 0xeb, 0xae, 0xf3, 0x8a, 0x12, 0x16, 0xf6, 0x2b, 0x15, 0x6e, 0x98, 0x74, 0x32, 0xbd, 0x6b, |
656 | | 0x07, 0x09, 0xe2, 0x55, 0xeb, 0xfb, 0x0c, 0x18, 0xaf, 0xc3, 0xc2, 0x39, 0x78, 0x4e, 0x59, 0x40 |
657 | | }; |
658 | | |
659 | | const BYTE rgbMlKemKeyPrivateSeed[64] = { 0 }; |
660 | | const BYTE rgbMlKemSelfTestEncapsRandomness[32] = { 0 }; |
661 | | |
662 | | const BYTE rgbMlKemSelfTestAgreedSecret[32] = |
663 | | { |
664 | | 0x4A, 0xD5, 0x3A, 0x06, 0xB2, 0x9F, 0x12, 0x56, |
665 | | 0x84, 0x21, 0xA5, 0x52, 0xC0, 0x81, 0x95, 0xB5, |
666 | | 0x86, 0x73, 0xC8, 0x2F, 0x87, 0x0C, 0xC1, 0xCC, |
667 | | 0xD6, 0x5A, 0x08, 0xE4, 0x32, 0x5F, 0xEB, 0x27, |
668 | | }; |
669 | | |
670 | | const BYTE rgbMlKemSelfTestImplicitRejectionSecret[32] = |
671 | | { |
672 | | 0x94, 0x96, 0x60, 0xA2, 0x4D, 0xA1, 0xE9, 0x8E, |
673 | | 0x71, 0xB5, 0x72, 0x66, 0x07, 0x0A, 0x0C, 0x51, |
674 | | 0xB3, 0x24, 0x29, 0xD1, 0x70, 0xA3, 0x16, 0x4E, |
675 | | 0x4B, 0x41, 0xE0, 0xDE, 0x13, 0x49, 0xCD, 0x75, |
676 | | }; |
677 | | |
678 | | const SYMCRYPT_SELFTEST_MLKEMKEY_DECAPS_512 mlKemDecapsKey = |
679 | | { |
680 | | { |
681 | | 0x87, 0xCA, 0x19, 0x93, 0xB6, 0x4D, 0x89, 0x32, |
682 | | 0xAE, 0x3B, 0x22, 0x52, 0x82, 0xA1, 0xB3, 0xC1, |
683 | | 0x37, 0x65, 0xDC, 0xC1, 0x22, 0x4C, 0x43, 0x77, |
684 | | 0x33, 0x0A, 0x04, 0xEC, 0xEC, 0x0B, 0x25, 0x05, |
685 | | 0x40, 0x07, 0x53, 0x82, 0xBE, 0x37, 0x52, 0x53, |
686 | | 0x12, 0x87, 0x7D, 0x77, 0x69, 0xFD, 0x59, 0x4F, |
687 | | 0xBD, 0x16, 0x42, 0x82, 0x58, 0x9D, 0xEE, 0x5C, |
688 | | 0x0F, 0x2C, 0x14, 0x7F, 0xC6, 0x2A, 0x95, 0x42, |
689 | | 0x10, 0x3C, 0x08, 0xBC, 0xCC, 0xA0, 0x05, 0x82, |
690 | | 0xE9, 0xC5, 0x26, 0x81, 0xFA, 0xB8, 0x79, 0x78, |
691 | | 0x5B, 0x3E, 0x79, 0x49, 0x68, 0x44, 0xB3, 0x7B, |
692 | | 0xF5, 0x26, 0x62, 0x7A, 0x8A, 0x3C, 0xD8, 0x82, |
693 | | 0x1F, 0x16, 0x1D, 0x92, 0x99, 0xAC, 0xC4, 0xA9, |
694 | | 0xB9, 0x30, 0x32, 0x6B, 0x6B, 0x67, 0x3D, 0x16, |
695 | | 0x13, 0x1D, 0xF0, 0x98, 0x94, 0x42, 0x90, 0x68, |
696 | | 0xFC, 0x65, 0xA3, 0xE5, 0x16, 0x22, 0x09, 0x64, |
697 | | 0xC0, 0x7D, 0x54, 0x03, 0x47, 0x89, 0xBE, 0xAE, |
698 | | 0x61, 0x4B, 0x13, 0xA1, 0xCD, 0xAD, 0xBC, 0x20, |
699 | | 0x5E, 0x36, 0x36, 0x34, 0x41, 0x1D, 0x5B, 0x3A, |
700 | | 0x26, 0x91, 0x80, 0x75, 0xE0, 0x63, 0x9D, 0xD6, |
701 | | 0x35, 0xC9, 0x28, 0x81, 0xA4, 0x6E, 0xFB, 0x95, |
702 | | 0x01, 0x11, 0x8F, 0xCC, 0x18, 0xB3, 0x9A, 0x91, |
703 | | 0x66, 0xA6, 0x37, 0x6C, 0xEB, 0x71, 0x42, 0x29, |
704 | | 0xEC, 0x71, 0xA4, 0x99, 0x6D, 0x92, 0x97, 0x9D, |
705 | | 0x94, 0x64, 0x6E, 0xC3, 0xF0, 0x5D, 0xA5, 0x49, |
706 | | 0x8F, 0x66, 0xA5, 0x0A, 0x9A, 0xB9, 0xCF, 0x85, |
707 | | 0x20, 0xA7, 0x28, 0xE1, 0xC2, 0x10, 0x08, 0x72, |
708 | | 0x58, 0x71, 0x56, 0x3E, 0x7B, 0x47, 0x46, 0x81, |
709 | | 0x7D, 0x74, 0xFA, 0xB2, 0xB6, 0xF2, 0xA0, 0xE3, |
710 | | 0x4A, 0x0A, 0x5E, 0x95, 0x2B, 0x32, 0xF1, 0x07, |
711 | | 0x2C, 0x30, 0x5E, 0x81, 0x84, 0x58, 0xF3, 0x42, |
712 | | 0x34, 0xDB, 0xAA, 0xC4, 0x06, 0xCB, 0x63, 0x72, |
713 | | 0xFA, 0x01, 0x86, 0xE8, 0xCA, 0xD7, 0x73, 0x1D, |
714 | | 0xAC, 0xD8, 0x64, 0x60, 0x66, 0xB1, 0x19, 0xB1, |
715 | | 0x59, 0xAC, 0x78, 0x21, 0xAB, 0x9A, 0x62, 0xBF, |
716 | | 0xE8, 0x1B, 0xD1, 0xDC, 0x75, 0x08, 0xA4, 0x9E, |
717 | | 0x22, 0x54, 0xA8, 0x36, 0x68, 0x4B, 0xB7, 0x22, |
718 | | 0xA3, 0xBC, 0x04, 0x09, 0xE2, 0xE9, 0x4D, 0xCE, |
719 | | 0xF5, 0x46, 0x69, 0x1A, 0x47, 0x80, 0xB2, 0xA5, |
720 | | 0xA0, 0x24, 0xCF, 0x0D, 0x60, 0x95, 0x99, 0x33, |
721 | | 0xAD, 0x6A, 0x58, 0x7A, 0x56, 0x53, 0x86, 0x44, |
722 | | 0xA8, 0x3C, 0x1F, 0x92, 0x55, 0x3F, 0x3A, 0x3B, |
723 | | 0x5F, 0x81, 0xAA, 0x0C, 0xC4, 0x4B, 0x1A, 0xE3, |
724 | | 0x61, 0x8A, 0xD0, 0x5D, 0x29, 0x87, 0xB6, 0x7D, |
725 | | 0x1C, 0x85, 0xA5, 0x14, 0xB0, 0xDE, 0x1C, 0x8D, |
726 | | 0x5C, 0xC1, 0x5C, 0x04, 0xFC, 0x77, 0xAD, 0x03, |
727 | | 0x55, 0x96, 0xE0, 0xA7, 0x43, 0xB5, 0x95, 0x9A, |
728 | | 0xD5, 0x22, 0xEF, 0x13, 0x5F, 0x14, 0x9C, 0x0E, |
729 | | 0x7E, 0x56, 0x89, 0x37, 0x33, 0xC9, 0x00, 0x54, |
730 | | 0x7E, 0xEA, 0x32, 0x4F, 0x02, 0x85, 0xCD, 0xE5, |
731 | | 0x9C, 0x25, 0x00, 0x3B, 0xAD, 0xC2, 0x72, 0x3A, |
732 | | 0x38, 0x66, 0x95, 0xF9, 0xF4, 0x22, 0x1F, 0x50, |
733 | | 0x19, 0x20, 0x6A, 0x31, 0x03, 0xF8, 0x97, 0x91, |
734 | | 0xF0, 0x42, 0xBB, 0xC0, 0x86, 0xDE, 0x56, 0x93, |
735 | | 0xF2, 0x78, 0x9B, 0xC9, 0x98, 0x16, 0x47, 0x83, |
736 | | 0x67, 0x55, 0x92, 0x4E, 0x5A, 0xFA, 0x5D, 0x88, |
737 | | 0xF9, 0xC8, 0xEF, 0xA8, 0x21, 0x34, 0x58, 0x5F, |
738 | | 0xCA, 0xBB, 0x52, 0x98, 0xBC, 0x5C, 0xF5, 0xA7, |
739 | | 0xAE, 0xC5, 0xFC, 0x78, 0xF9, 0xA5, 0x30, 0x16, |
740 | | 0x68, 0x9D, 0x62, 0x17, 0x41, 0x7A, 0x95, 0xCF, |
741 | | 0x27, 0xB6, 0x6D, 0xAE, 0x58, 0xA7, 0x28, 0x8C, |
742 | | 0x8F, 0xC3, 0x28, 0xAC, 0x06, 0x79, 0x9D, 0x94, |
743 | | 0xC4, 0x9D, 0xED, 0xB2, 0x61, 0xF4, 0x44, 0x86, |
744 | | 0xEC, 0x12, 0xC3, 0x13, 0x97, 0xA7, 0x8B, 0x9A, |
745 | | 0x63, 0x2E, 0xF1, 0x66, 0x08, 0x84, 0x32, 0xF6, |
746 | | 0x15, 0x3B, 0x91, 0xCA, 0xCE, 0xF7, 0x40, 0x53, |
747 | | 0xA9, 0x28, 0x11, 0x63, 0xA0, 0x23, 0x2E, 0xC4, |
748 | | 0x44, 0x28, 0x05, 0x01, 0x02, 0x74, 0xCF, 0x9C, |
749 | | 0x3A, 0x1A, 0xBC, 0x93, 0x8A, 0x2C, 0xE8, 0x9A, |
750 | | 0xCA, 0xE1, 0x74, 0x62, 0x03, 0x88, 0xC7, 0x12, |
751 | | 0x20, 0x96, 0x3C, 0x4D, 0x10, 0x79, 0x28, 0x6F, |
752 | | 0x7B, 0xA8, 0x1B, 0xFB, 0x5E, 0x57, 0x17, 0xCC, |
753 | | 0x6D, 0xD0, 0x72, 0x8A, 0xB2, 0x70, 0xA3, 0x0A, |
754 | | 0x88, 0x03, 0x5B, 0x88, 0x5D, 0x35, 0x12, 0x8E, |
755 | | 0xAC, 0xC1, 0x81, 0xCA, 0xB7, 0x2B, 0xB1, 0x96, |
756 | | 0xF6, 0x35, 0xCE, 0xBB, 0x75, 0xAD, 0x0D, 0xD0, |
757 | | 0xBA, 0x4E, 0x43, 0x5B, 0x31, 0x08, 0x93, 0x32, |
758 | | 0x72, 0x63, 0x58, 0xC5, 0xA2, 0x70, 0x95, 0x12, |
759 | | 0x8F, 0xF2, 0xC1, 0x61, 0xEB, 0x22, 0xE9, 0x4A, |
760 | | 0x65, 0xA5, 0x48, 0x5D, 0x4C, 0x11, 0x78, 0x69, |
761 | | 0x0B, 0x1F, 0x39, 0x2B, 0x7F, 0x63, 0x77, 0xAD, |
762 | | 0x96, 0x6B, 0x67, 0x80, 0x90, 0x70, 0x57, 0x2B, |
763 | | 0xBC, 0x68, 0x9C, 0xAA, 0xB2, 0xD8, 0x3C, 0xBF, |
764 | | 0xD6, 0x4F, 0xC4, 0x28, 0x65, 0x74, 0x54, 0x84, |
765 | | 0x43, 0x9A, 0x1C, 0x96, 0x50, 0x02, 0x97, 0xC6, |
766 | | 0xCF, 0xB0, 0xB1, 0x1D, 0x98, 0x9A, 0x32, 0x94, |
767 | | 0x73, 0x88, 0x94, 0x78, 0x2D, 0x5F, 0x25, 0x05, |
768 | | 0x5F, 0xA6, 0x96, 0x7A, 0xC8, 0x3A, 0xDF, 0xA8, |
769 | | 0x19, 0xB2, 0x53, 0x53, 0x05, 0xF9, 0x31, 0xDC, |
770 | | 0x58, 0x6C, 0xD1, 0x3A, 0x9B, 0x47, 0x3B, 0x7D, |
771 | | 0x87, 0xE5, 0xB4, 0xB2, 0xD9, 0x96, 0x2A, 0x59, |
772 | | 0x90, 0x3C, 0xCC, 0xAD, 0xDC, 0xA2, 0x57, 0x87, |
773 | | 0x71, 0xC6, 0x7E, 0x5A, 0x49, 0x98, 0xC8, 0x94, |
774 | | 0x29, 0x30, 0x7B, 0x0E, 0x01, 0x97, 0x53, 0x18, |
775 | | 0x32, 0x50, 0x73, 0x9E, 0x14, 0x47, 0x97, 0xBD, |
776 | | 0xCC, 0x22, 0xAB, 0x02, 0x95, 0xD7, 0xC5, 0x32, |
777 | | }, |
778 | | { |
779 | | 0xDF, 0x17, 0x84, 0x86, 0x77, 0x41, 0x6E, 0x95, |
780 | | 0x4D, 0x66, 0xF9, 0xB0, 0x9E, 0x12, 0x81, 0x53, |
781 | | 0x2A, 0x2E, 0x8F, 0x0C, 0x6A, 0xBE, 0x00, 0x37, |
782 | | 0xE7, 0xE8, 0x11, 0x90, 0x97, 0xC9, 0xEC, 0x84, |
783 | | 0x5A, 0xA0, 0x69, 0x85, 0xC0, 0x88, 0x55, 0x2C, |
784 | | 0x41, 0xB6, 0x15, 0x17, 0x36, 0x42, 0xC1, 0x02, |
785 | | 0x51, 0xC0, 0x6E, 0x91, 0xA2, 0x5C, 0x24, 0x3C, |
786 | | 0x02, 0x63, 0xB6, 0x75, 0xC7, 0x20, 0x7D, 0x58, |
787 | | 0x70, 0x1D, 0x13, 0xA5, 0x2E, 0xAB, 0x92, 0x56, |
788 | | 0x5E, 0xF1, 0xA1, 0xDE, 0xFB, 0xAE, 0xFE, 0x4C, |
789 | | 0x0B, 0x03, 0xF5, 0x04, 0x44, 0xA3, 0xBE, 0x20, |
790 | | 0xB1, 0x71, 0x31, 0x0B, 0xA3, 0xF2, 0x08, 0x52, |
791 | | 0xF3, 0xA2, 0xA1, 0x8E, 0x72, 0x29, 0x40, 0x70, |
792 | | 0x15, 0x64, 0x60, 0x52, 0xD2, 0xE7, 0x3A, 0xBE, |
793 | | 0xE3, 0x18, 0xD7, 0x55, 0x89, 0x9C, 0x78, 0x4A, |
794 | | 0x6F, 0xB5, 0xAA, 0xB1, 0x7C, 0x90, 0x2C, 0xB6, |
795 | | 0x8A, 0xFA, 0x36, 0x57, 0xB9, 0x01, 0x2E, 0x1B, |
796 | | 0xB8, 0xB6, 0xAA, 0xC2, 0x68, 0x9A, 0xA4, 0x8C, |
797 | | 0x2D, 0x42, 0x62, 0xBB, 0x29, 0x63, 0xB0, 0x6A, |
798 | | 0x24, 0x22, 0x82, 0x54, 0x1C, 0xF6, 0x14, 0x19, |
799 | | 0xD9, 0x0E, 0x2B, 0xD3, 0x66, 0xBE, 0xE7, 0xA4, |
800 | | 0x36, 0x9B, 0x72, 0x41, 0xA6, 0x6B, 0xF2, 0x64, |
801 | | 0x5D, 0x8E, 0x90, 0x4C, 0x3F, 0x7B, 0x30, 0x0C, |
802 | | 0x04, 0x1D, 0x56, 0x87, 0x39, 0x3D, 0x2C, 0xA9, |
803 | | 0x29, 0x75, 0xCB, 0xFD, 0xC0, 0x18, 0xDD, 0xC6, |
804 | | 0x0A, 0xF5, 0x62, 0x00, 0x9E, 0xB0, 0x88, 0x8E, |
805 | | 0x5A, 0x05, 0x76, 0x24, 0x6A, 0xCE, 0x74, 0x5B, |
806 | | 0xB1, 0x63, 0x40, 0x8B, 0x5A, 0x9A, 0xE3, 0xC1, |
807 | | 0x94, 0xA8, 0x5C, 0x21, 0x90, 0x7B, 0x37, 0xB1, |
808 | | 0x62, 0x8E, 0xCD, 0x9A, 0x15, 0xEC, 0x20, 0x24, |
809 | | 0x87, 0x30, 0x27, 0x34, 0x44, 0xB0, 0xA2, 0xF4, |
810 | | 0x54, 0xF9, 0xB4, 0x73, 0x0F, 0x33, 0x91, 0x50, |
811 | | 0x47, 0x6E, 0xE0, 0x70, 0x98, 0xF6, 0xBC, 0x1B, |
812 | | 0x97, 0xCC, 0x1B, 0xD3, 0xB8, 0xC1, 0xA2, 0xEB, |
813 | | 0x0E, 0x50, 0xA7, 0x82, 0xF2, 0x11, 0x5D, 0xF6, |
814 | | 0x17, 0x49, 0x6F, 0x6C, 0x6F, 0x8C, 0x09, 0xB0, |
815 | | 0x5F, 0x88, 0x8D, 0x9E, 0x93, 0x3D, 0x28, 0x77, |
816 | | 0x46, 0xC6, 0x31, 0xB3, 0x10, 0x87, 0x26, 0xB0, |
817 | | 0xC4, 0xA7, 0xC8, 0x8B, 0x09, 0xC8, 0x60, 0xAC, |
818 | | 0xD7, 0x52, 0x35, 0x70, 0xC8, 0x02, 0xBD, 0x38, |
819 | | 0x72, 0x43, 0x16, 0x2D, 0x12, 0x8C, 0xA2, 0x29, |
820 | | 0x4C, 0x83, 0x43, 0x18, 0xCC, 0x21, 0xFB, 0x14, |
821 | | 0xD2, 0xAB, 0x37, 0x3F, 0x22, 0x4E, 0x3F, 0xD4, |
822 | | 0x98, 0x43, 0x85, 0x95, 0x09, 0xF4, 0xCA, 0x1A, |
823 | | 0x1A, 0x56, 0x6C, 0x05, 0x67, 0x88, 0xA3, 0xAA, |
824 | | 0x48, 0x4A, 0xAA, 0xBD, 0xF1, 0xA0, 0x8F, 0x1B, |
825 | | 0x44, 0xC7, 0x56, 0xAB, 0x2A, 0x0C, 0x8B, 0xC5, |
826 | | 0x85, 0x1E, 0xE2, 0xEB, 0x23, 0x03, 0x4C, 0x2E, |
827 | | 0xAA, 0x5A, 0xC1, 0x5F, 0x89, 0x75, 0x1B, 0xD5, |
828 | | 0xCA, 0xE1, 0xD5, 0x90, 0x89, 0xD5, 0x00, 0x2B, |
829 | | 0xB1, 0xB3, 0xBF, 0xCA, 0x4A, 0xDE, 0x09, 0x82, |
830 | | 0xAD, 0x67, 0x83, 0xE9, 0xD3, 0x7F, 0xB3, 0xE3, |
831 | | 0x20, 0xAC, 0x98, 0x55, 0xDF, 0x66, 0x6B, 0xFD, |
832 | | 0x7C, 0x6B, 0x87, 0xA9, 0xA4, 0x6E, 0x25, 0x97, |
833 | | 0x12, 0x56, 0x11, 0x61, 0x50, 0x7E, 0x17, 0x35, |
834 | | 0x98, 0xF9, 0x88, 0xAC, 0xB6, 0xF9, 0xAB, 0x3A, |
835 | | 0x10, 0x92, 0x63, 0x24, 0x46, 0x88, 0xC7, 0x08, |
836 | | 0x78, 0x75, 0x8F, 0xF4, 0xD4, 0x31, 0x3B, 0x76, |
837 | | 0x64, 0xF0, 0xF5, 0x10, 0xE9, 0x13, 0xCA, 0x01, |
838 | | 0xC5, 0x2B, 0x3A, 0x1B, 0x46, 0x53, 0x51, 0x44, |
839 | | 0xE2, 0xDB, 0x0C, 0xAC, 0xE8, 0xA6, 0x46, 0x66, |
840 | | 0x00, 0xCF, 0x2A, 0x87, 0x83, 0x50, 0x07, 0xE1, |
841 | | 0x6A, 0xA5, 0x07, 0x80, 0x1D, 0x86, 0xB7, 0x38, |
842 | | 0x5E, 0x66, 0x9B, 0xFA, 0xF6, 0xBA, 0x1D, 0xF5, |
843 | | 0x68, 0x31, 0x63, 0xC2, 0xD5, 0x70, 0x53, 0x2F, |
844 | | 0xD7, 0x43, 0x90, 0x54, 0x64, 0x0F, 0x24, 0x4C, |
845 | | 0x52, 0x87, 0x13, 0x59, 0xD2, 0x84, 0x2F, 0xC3, |
846 | | 0x37, 0xA0, 0x60, 0x03, 0x3A, 0xF0, 0x5E, 0xAA, |
847 | | 0x00, 0x1C, 0x34, 0xFC, 0x7B, 0xD8, 0xF9, 0x10, |
848 | | 0x29, 0xE4, 0x6C, 0x29, 0x43, 0x36, 0x27, 0x64, |
849 | | 0x5D, 0x67, 0x86, 0x64, 0x21, 0xD6, 0x61, 0xAF, |
850 | | 0x25, 0x74, 0x80, 0x53, 0x2B, 0x88, 0x78, 0x50, |
851 | | 0xDC, 0x49, 0x9F, 0xFE, 0xD5, 0xB1, 0x40, 0x98, |
852 | | 0xA0, 0x33, 0x72, 0x5E, 0x82, 0x0A, 0x5B, 0xE1, |
853 | | 0x40, 0x0A, 0x0C, 0xB7, 0x03, 0x74, 0x1C, 0xA7, |
854 | | 0x4B, 0x47, 0x86, 0x73, 0xAA, 0xCF, 0x85, 0x16, |
855 | | 0x6E, 0xE8, 0xA1, 0x84, 0xDB, 0x2C, 0x58, 0x54, |
856 | | 0x9C, 0x22, 0x40, 0xB8, 0x30, 0x8C, 0x27, 0xBE, |
857 | | 0xBA, 0x40, 0xC3, 0xB9, 0xD7, 0x29, 0xED, 0xB1, |
858 | | 0x8C, 0xC2, 0x06, 0x8E, 0xCD, 0xB2, 0x7D, 0xA2, |
859 | | 0x2B, 0x2C, 0xD3, 0xE7, 0xA0, 0xBA, 0xA5, 0x30, |
860 | | 0xC5, 0x19, 0x3C, 0xD3, 0xC8, 0x6B, 0xF8, 0x6A, |
861 | | 0x44, 0xF0, 0x79, 0x9E, 0x51, 0x55, 0xB0, 0x9B, |
862 | | 0xE2, 0x50, 0x98, 0x85, 0x23, 0xB3, 0xA7, 0x31, |
863 | | 0xDD, 0x89, 0x1B, 0xC2, 0x00, 0x60, 0x11, 0xA0, |
864 | | 0x65, 0xC0, 0xAB, 0x57, 0xF1, 0xA6, 0xC1, 0x78, |
865 | | 0x89, 0x55, 0xE0, 0x13, 0x5F, 0xA5, 0xCA, 0x8F, |
866 | | 0x3E, 0x52, 0xC7, 0x5D, 0x37, 0x16, 0x97, 0x3A, |
867 | | 0x2F, 0xB2, 0x2C, 0x0E, 0xB1, 0x7C, 0x1B, 0x32, |
868 | | 0x85, 0x29, 0xD9, 0xFA, 0x76, 0x56, 0xD7, 0x4D, |
869 | | 0xEA, 0x74, 0x0D, 0x9F, 0x07, 0x97, 0x77, 0xC3, |
870 | | 0x6C, 0x17, 0xA1, 0x9C, 0x19, 0x58, 0x9E, 0x84, |
871 | | 0xD2, 0xB8, 0xE4, 0xD1, 0xBC, 0x31, 0x07, 0xCB, |
872 | | 0xD2, 0x78, 0x14, 0x22, 0x48, 0x35, 0x48, 0x44, |
873 | | 0x6C, 0x89, 0x93, 0x14, 0x77, 0x44, 0xAA, 0x9E, |
874 | | 0xC1, 0xC5, 0x93, 0xEC, 0x2D, 0x5B, 0xAA, 0xC8, |
875 | | 0x6A, 0x0A, 0xF6, 0x4A, 0x85, 0xE9, 0x09, 0xDF, |
876 | | 0x8E, 0x28, 0x16, 0x60, 0x5D, 0x20, 0xB4, 0xE3, |
877 | | 0x82, 0xB3, 0x0B, 0xBB, 0x61, 0xBF, 0x3A, 0x5F, |
878 | | 0x82, 0x1A, 0x0B, 0x5D, 0xBA, 0x9A, 0xD3, 0xE7, |
879 | | }, |
880 | | { |
881 | | 0xE5, 0xBD, 0x1B, 0x37, 0xA7, 0x5E, 0x0F, 0x09, |
882 | | 0x29, 0x74, 0xE8, 0x46, 0xE8, 0xC3, 0x7C, 0x45, |
883 | | 0x48, 0x7D, 0x60, 0x73, 0x9F, 0x99, 0x35, 0x17, |
884 | | 0x19, 0xA5, 0x39, 0x47, 0x23, 0x26, 0x2B, 0x3B, |
885 | | }, |
886 | | { |
887 | | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
888 | | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
889 | | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
890 | | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
891 | | }, |
892 | | }; |
893 | | |
894 | | const BYTE rgbMlKemSelfTestCiphertext[768] = |
895 | | { |
896 | | 0x6B, 0xC5, 0x04, 0x00, 0x27, 0x7A, 0xBB, 0x7E, |
897 | | 0x6B, 0xF9, 0xFB, 0x56, 0x82, 0x01, 0x75, 0xEB, |
898 | | 0xB7, 0xB9, 0xF4, 0xF2, 0x82, 0x2C, 0x6D, 0x0A, |
899 | | 0xE0, 0x80, 0xA3, 0x49, 0x92, 0x0F, 0x6D, 0x00, |
900 | | 0x8E, 0xBA, 0x35, 0xB5, 0x42, 0xB9, 0xD7, 0xED, |
901 | | 0x89, 0xCB, 0xFD, 0x38, 0xD7, 0x9F, 0x55, 0x3B, |
902 | | 0xF0, 0x8E, 0x63, 0x80, 0x95, 0xCF, 0x0D, 0x4F, |
903 | | 0x50, 0x40, 0xAC, 0x1D, 0x1B, 0xDC, 0x24, 0x84, |
904 | | 0x3B, 0x18, 0xC2, 0x77, 0x9F, 0x24, 0x11, 0x81, |
905 | | 0xA6, 0xCC, 0xD8, 0xF4, 0xE8, 0x00, 0xDC, 0x26, |
906 | | 0x61, 0x36, 0xD1, 0xB6, 0x5D, 0x9C, 0x12, 0x6D, |
907 | | 0xF5, 0xE7, 0x93, 0xC8, 0x6D, 0xAC, 0xAF, 0x3C, |
908 | | 0x78, 0x3F, 0xA9, 0xC1, 0x00, 0x6F, 0x08, 0x29, |
909 | | 0x4F, 0x1A, 0x4D, 0x3B, 0xB4, 0x4B, 0x6F, 0xC2, |
910 | | 0x09, 0x00, 0x4B, 0xC1, 0xF0, 0xE6, 0x7F, 0x48, |
911 | | 0x48, 0x09, 0x40, 0xF2, 0x0A, 0x86, 0x18, 0xBF, |
912 | | 0xC6, 0x4E, 0xB2, 0xB0, 0xAB, 0xFE, 0x1B, 0xEA, |
913 | | 0x91, 0x58, 0x8C, 0x18, 0x6E, 0x30, 0xE8, 0x33, |
914 | | 0x87, 0x29, 0x26, 0xEF, 0xE9, 0x0C, 0x3B, 0x8B, |
915 | | 0x0C, 0x99, 0x40, 0x53, 0xB9, 0x30, 0xBA, 0x17, |
916 | | 0xB3, 0x8A, 0x74, 0x59, 0x5D, 0x4C, 0x76, 0x1A, |
917 | | 0xD3, 0x3F, 0xE4, 0xF7, 0xA3, 0x0F, 0x3A, 0x2C, |
918 | | 0x85, 0xC1, 0x46, 0xF0, 0xA4, 0x91, 0xA3, 0x12, |
919 | | 0xB2, 0xA4, 0x4B, 0x88, 0x8D, 0x1C, 0x85, 0xB1, |
920 | | 0xE4, 0x41, 0x1F, 0x9D, 0xB7, 0x91, 0x2F, 0x60, |
921 | | 0x98, 0xFD, 0xFC, 0x29, 0x89, 0x11, 0x7D, 0x16, |
922 | | 0x09, 0x9E, 0x76, 0xF1, 0x9C, 0xB3, 0x50, 0xB9, |
923 | | 0xD0, 0x02, 0xD2, 0xA2, 0x0D, 0xDD, 0xEE, 0x90, |
924 | | 0x47, 0x0D, 0xB9, 0x4A, 0x53, 0x11, 0xA2, 0x4F, |
925 | | 0x13, 0x5A, 0x40, 0xDC, 0xC6, 0xFE, 0xD7, 0x28, |
926 | | 0x36, 0xEC, 0xA0, 0x5E, 0xAB, 0xC1, 0x7D, 0x19, |
927 | | 0x33, 0x59, 0xE2, 0xE4, 0xEA, 0x26, 0x67, 0x2F, |
928 | | 0xE5, 0x05, 0xD8, 0x34, 0x6E, 0x3C, 0xAB, 0x63, |
929 | | 0x8B, 0x24, 0x16, 0xC7, 0x1B, 0x2A, 0x9B, 0xE5, |
930 | | 0x04, 0x78, 0x98, 0x6C, 0x6C, 0x1E, 0x94, 0xE3, |
931 | | 0x7F, 0x86, 0x52, 0xC0, 0x17, 0x56, 0x8D, 0x01, |
932 | | 0x7A, 0x28, 0x81, 0x07, 0x3D, 0x61, 0x2A, 0xCD, |
933 | | 0xC8, 0xB6, 0x7E, 0x5B, 0xAD, 0xA8, 0x90, 0xBD, |
934 | | 0x0C, 0x95, 0xB5, 0x09, 0x9D, 0x7C, 0x34, 0x8C, |
935 | | 0x74, 0x8F, 0x8E, 0x7C, 0x28, 0x6C, 0xE2, 0x2F, |
936 | | 0xA2, 0x87, 0x7F, 0x80, 0x43, 0x46, 0x1C, 0xB2, |
937 | | 0x1C, 0x5A, 0xD2, 0xEC, 0xAD, 0xF9, 0x55, 0xE3, |
938 | | 0x6B, 0x19, 0x54, 0x08, 0x84, 0x1A, 0x34, 0x82, |
939 | | 0xF4, 0x9C, 0xEC, 0x3D, 0x65, 0xF9, 0x78, 0x7F, |
940 | | 0x37, 0x47, 0xCF, 0xF1, 0xCB, 0x15, 0xF2, 0xAC, |
941 | | 0xFF, 0x3B, 0x8F, 0xA0, 0x8C, 0x25, 0x88, 0x5C, |
942 | | 0x38, 0x23, 0x9A, 0x27, 0x16, 0x6A, 0xDF, 0xA3, |
943 | | 0x98, 0x1D, 0x16, 0x33, 0x4B, 0x4F, 0xFB, 0x83, |
944 | | 0x85, 0x66, 0x76, 0x03, 0xB9, 0xB5, 0x46, 0x21, |
945 | | 0xB9, 0xF3, 0xF4, 0xF1, 0x3A, 0x85, 0xEC, 0x9E, |
946 | | 0x56, 0x6A, 0xB6, 0x1D, 0xCC, 0xCA, 0xFB, 0x11, |
947 | | 0xAE, 0x47, 0x7D, 0x93, 0xA5, 0xBC, 0x90, 0x32, |
948 | | 0xDE, 0xA1, 0xA5, 0x1E, 0x5D, 0x52, 0x17, 0x98, |
949 | | 0x0A, 0x8B, 0xC4, 0x1A, 0x28, 0x7C, 0x9C, 0x22, |
950 | | 0x3E, 0x33, 0x06, 0x40, 0x77, 0xE5, 0x22, 0x49, |
951 | | 0x86, 0xF9, 0x3C, 0xC5, 0xC1, 0xB9, 0x77, 0x25, |
952 | | 0x53, 0x66, 0x5A, 0x18, 0x83, 0x5A, 0x2B, 0xBF, |
953 | | 0xAC, 0x04, 0x70, 0x26, 0xE8, 0x2B, 0xB6, 0x0C, |
954 | | 0xE8, 0x00, 0x95, 0xBB, 0x08, 0x75, 0xF3, 0x37, |
955 | | 0x31, 0x2E, 0xEF, 0x28, 0x8D, 0x58, 0x92, 0xD4, |
956 | | 0xFD, 0xD7, 0x02, 0xCE, 0x8F, 0x11, 0x83, 0x17, |
957 | | 0x53, 0x19, 0x44, 0xD7, 0xD5, 0x6D, 0x44, 0x04, |
958 | | 0x3A, 0x0A, 0x01, 0x46, 0xF2, 0xD2, 0xA5, 0x05, |
959 | | 0x88, 0xA0, 0xD9, 0x0D, 0xE1, 0xA0, 0x7A, 0xF2, |
960 | | 0x20, 0x2E, 0x5B, 0x05, 0xE4, 0x2B, 0x11, 0x3D, |
961 | | 0xB3, 0x82, 0x64, 0x3B, 0xEF, 0xC1, 0x53, 0xBA, |
962 | | 0x9F, 0x7F, 0x29, 0x59, 0x87, 0x39, 0x52, 0xDA, |
963 | | 0x7B, 0xFF, 0xD7, 0xDD, 0xA1, 0xA9, 0x9F, 0xA1, |
964 | | 0xE2, 0x38, 0x74, 0xB0, 0x94, 0xDC, 0xC5, 0xB5, |
965 | | 0xF3, 0x61, 0xDF, 0x92, 0x62, 0xE1, 0x96, 0x87, |
966 | | 0x6D, 0xB4, 0x2C, 0xC7, 0xF0, 0x38, 0xE9, 0x5E, |
967 | | 0xFC, 0xFF, 0x4C, 0x01, 0xC7, 0x59, 0x39, 0xE5, |
968 | | 0x9B, 0xFB, 0xF5, 0x2B, 0x1B, 0xE5, 0xF8, 0x25, |
969 | | 0x06, 0x07, 0xC7, 0x82, 0x46, 0x2A, 0x99, 0xD0, |
970 | | 0xA9, 0x67, 0x81, 0xD7, 0xA2, 0x29, 0x96, 0x1A, |
971 | | 0x94, 0x8E, 0x7D, 0x51, 0x76, 0x99, 0xAD, 0x61, |
972 | | 0xEC, 0xB6, 0xC0, 0x58, 0x8E, 0xD0, 0x9D, 0xFF, |
973 | | 0x58, 0x57, 0x1B, 0x2E, 0xAD, 0x65, 0xD8, 0xDE, |
974 | | 0xA5, 0xFA, 0x81, 0x4B, 0x2C, 0x06, 0x1B, 0xFE, |
975 | | 0x49, 0x20, 0x4D, 0x5E, 0x1B, 0xB7, 0x40, 0x96, |
976 | | 0xAA, 0x81, 0x25, 0xEB, 0x84, 0xDB, 0xEA, 0x5D, |
977 | | 0x0B, 0xAF, 0xF9, 0x8E, 0x41, 0xA6, 0xDD, 0x91, |
978 | | 0x3A, 0x68, 0x54, 0xB7, 0x2E, 0xB1, 0x74, 0xFF, |
979 | | 0xF5, 0x0D, 0xA7, 0x3C, 0xC7, 0x30, 0x5B, 0x55, |
980 | | 0xC6, 0x2D, 0xC8, 0x4C, 0xB4, 0xAD, 0xCC, 0xD0, |
981 | | 0xA1, 0x1B, 0x41, 0xC7, 0x23, 0xE8, 0xDA, 0xFF, |
982 | | 0xB7, 0x3A, 0x12, 0xC2, 0xDC, 0x39, 0x7C, 0xF4, |
983 | | 0xB9, 0x50, 0x00, 0x53, 0x88, 0xC8, 0x77, 0x49, |
984 | | 0xFD, 0x70, 0x3D, 0xE0, 0xAA, 0x0C, 0x28, 0xD4, |
985 | | 0xA2, 0xEC, 0x82, 0x5D, 0xDA, 0xE8, 0x05, 0x2F, |
986 | | 0xE8, 0x9C, 0x21, 0x39, 0x3A, 0x22, 0x2F, 0x0A, |
987 | | 0x5C, 0x6D, 0x01, 0xDF, 0xC8, 0x9F, 0x46, 0xF7, |
988 | | 0x15, 0x02, 0xAD, 0x19, 0x35, 0x63, 0x55, 0x58, |
989 | | 0xF5, 0x7A, 0x46, 0xC9, 0x7A, 0xE6, 0x33, 0x84, |
990 | | 0x48, 0x2B, 0xF0, 0xE7, 0xC5, 0x72, 0x98, 0x43, |
991 | | 0x6A, 0x99, 0xBA, 0x00, 0x57, 0x4F, 0xAA, 0x0A, |
992 | | }; |
993 | | |
994 | | VOID |
995 | | SYMCRYPT_CALL |
996 | | SymCryptDhSecretAgreementSelftest(void) |
997 | 0 | { |
998 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
999 | |
|
1000 | 0 | PSYMCRYPT_DLGROUP pDlgroup = NULL; |
1001 | 0 | PSYMCRYPT_DLKEY pkKey1 = NULL; |
1002 | 0 | PSYMCRYPT_DLKEY pkKey2 = NULL; |
1003 | |
|
1004 | 0 | BYTE rgbSecret[ sizeof(rgbDhKnownSecret) ]; |
1005 | |
|
1006 | 0 | pDlgroup = SymCryptDlgroupAllocate( |
1007 | 0 | SymCryptDlgroupDhSafePrimeParamsModp2048->nBitsOfP, |
1008 | 0 | 0 ); |
1009 | 0 | SYMCRYPT_FIPS_ASSERT( pDlgroup != NULL ); |
1010 | |
|
1011 | 0 | scError = SymCryptDlgroupSetValueSafePrime( |
1012 | 0 | SYMCRYPT_DLGROUP_DH_SAFEPRIMETYPE_IKE_3526, |
1013 | 0 | pDlgroup ); |
1014 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1015 | |
|
1016 | 0 | pkKey1 = SymCryptDlkeyAllocate( pDlgroup ); |
1017 | 0 | SYMCRYPT_FIPS_ASSERT( pkKey1 != NULL ); |
1018 | |
|
1019 | 0 | scError = SymCryptDlkeySetValue( |
1020 | 0 | dhKey1.private, |
1021 | 0 | sizeof(dhKey1.private), |
1022 | 0 | dhKey1.public, |
1023 | 0 | sizeof(dhKey1.public), |
1024 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1025 | 0 | SYMCRYPT_FLAG_DLKEY_DH | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1026 | 0 | pkKey1 ); |
1027 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1028 | |
|
1029 | 0 | pkKey2 = SymCryptDlkeyAllocate( pDlgroup ); |
1030 | 0 | SYMCRYPT_FIPS_ASSERT( pkKey2 != NULL ); |
1031 | |
|
1032 | 0 | scError = SymCryptDlkeySetValue( |
1033 | 0 | dhKey2.private, |
1034 | 0 | sizeof(dhKey2.private), |
1035 | 0 | dhKey2.public, |
1036 | 0 | sizeof(dhKey2.public), |
1037 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1038 | 0 | SYMCRYPT_FLAG_DLKEY_DH | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1039 | 0 | pkKey2 ); |
1040 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1041 | | |
1042 | | // Calculate secret using private key 1 and public key 2 |
1043 | 0 | scError = SymCryptDhSecretAgreement( |
1044 | 0 | pkKey1, |
1045 | 0 | pkKey2, |
1046 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1047 | 0 | 0, // flags |
1048 | 0 | rgbSecret, |
1049 | 0 | sizeof(rgbSecret) ); |
1050 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1051 | |
|
1052 | 0 | SymCryptInjectError( rgbSecret, sizeof(rgbSecret) ); |
1053 | |
|
1054 | 0 | SYMCRYPT_FIPS_ASSERT( memcmp( rgbSecret, rgbDhKnownSecret, sizeof(rgbDhKnownSecret) ) == 0 ); |
1055 | |
|
1056 | 0 | SymCryptDlkeyFree( pkKey2 ); |
1057 | 0 | SymCryptDlkeyFree( pkKey1 ); |
1058 | 0 | SymCryptDlgroupFree( pDlgroup ); |
1059 | 0 | } |
1060 | | |
1061 | | VOID |
1062 | | SYMCRYPT_CALL |
1063 | | SymCryptEcDhSecretAgreementSelftest(void) |
1064 | 0 | { |
1065 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1066 | |
|
1067 | 0 | PSYMCRYPT_ECURVE pCurve = NULL; |
1068 | 0 | PSYMCRYPT_ECKEY pkKey1 = NULL; |
1069 | 0 | PSYMCRYPT_ECKEY pkKey2 = NULL; |
1070 | |
|
1071 | 0 | BYTE rgbSecret[ sizeof(rgbEcdhKnownSecret) ]; |
1072 | |
|
1073 | 0 | pCurve = SymCryptEcurveAllocate( SymCryptEcurveParamsNistP256, 0 ); |
1074 | 0 | SYMCRYPT_FIPS_ASSERT( pCurve != NULL ); |
1075 | |
|
1076 | 0 | pkKey1 = SymCryptEckeyAllocate( pCurve ); |
1077 | 0 | SYMCRYPT_FIPS_ASSERT( pkKey1 != NULL ); |
1078 | |
|
1079 | 0 | scError = SymCryptEckeySetValue( |
1080 | 0 | eckey1.d, |
1081 | 0 | sizeof(eckey1.d), |
1082 | 0 | eckey1.Qxy, |
1083 | 0 | sizeof(eckey1.Qxy), |
1084 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1085 | 0 | SYMCRYPT_ECPOINT_FORMAT_XY, |
1086 | 0 | SYMCRYPT_FLAG_ECKEY_ECDH | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1087 | 0 | pkKey1); |
1088 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1089 | |
|
1090 | 0 | pkKey2 = SymCryptEckeyAllocate( pCurve ); |
1091 | 0 | SYMCRYPT_FIPS_ASSERT( pkKey2 != NULL ); |
1092 | |
|
1093 | 0 | scError = SymCryptEckeySetValue( |
1094 | 0 | eckey2.d, |
1095 | 0 | sizeof(eckey2.d), |
1096 | 0 | eckey2.Qxy, |
1097 | 0 | sizeof(eckey2.Qxy), |
1098 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1099 | 0 | SYMCRYPT_ECPOINT_FORMAT_XY, |
1100 | 0 | SYMCRYPT_FLAG_ECKEY_ECDH | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1101 | 0 | pkKey2); |
1102 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1103 | | |
1104 | | // Calculate secret using private key 1 and public key 2 |
1105 | 0 | scError = SymCryptEcDhSecretAgreement( |
1106 | 0 | pkKey1, |
1107 | 0 | pkKey2, |
1108 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1109 | 0 | 0, |
1110 | 0 | rgbSecret, |
1111 | 0 | sizeof(rgbSecret)); |
1112 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1113 | |
|
1114 | 0 | SymCryptInjectError( rgbSecret, sizeof(rgbSecret) ); |
1115 | |
|
1116 | 0 | SYMCRYPT_FIPS_ASSERT( memcmp(rgbSecret, rgbEcdhKnownSecret, sizeof(rgbSecret)) == 0 ); |
1117 | |
|
1118 | 0 | SymCryptEckeyFree( pkKey2 ); |
1119 | 0 | SymCryptEckeyFree( pkKey1 ); |
1120 | 0 | SymCryptEcurveFree( pCurve ); |
1121 | 0 | } |
1122 | | |
1123 | | VOID |
1124 | | SYMCRYPT_CALL |
1125 | | SymCryptDsaPct( PCSYMCRYPT_DLKEY pkDlkey ) |
1126 | 0 | { |
1127 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1128 | |
|
1129 | 0 | SIZE_T cbSignature = 2 * SYMCRYPT_BYTES_FROM_BITS(pkDlkey->nBitsPriv); |
1130 | 0 | PBYTE pbSignature = SymCryptCallbackAlloc( cbSignature ); |
1131 | 0 | SYMCRYPT_FIPS_ASSERT( pbSignature != NULL ); |
1132 | |
|
1133 | 0 | scError = SymCryptDsaSign( |
1134 | 0 | pkDlkey, |
1135 | 0 | rgbSha256Hash, |
1136 | 0 | sizeof(rgbSha256Hash), |
1137 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1138 | 0 | 0, |
1139 | 0 | pbSignature, |
1140 | 0 | cbSignature ); |
1141 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1142 | |
|
1143 | 0 | SymCryptInjectError( pbSignature, cbSignature ); |
1144 | |
|
1145 | 0 | scError = SymCryptDsaVerify( |
1146 | 0 | pkDlkey, |
1147 | 0 | rgbSha256Hash, |
1148 | 0 | sizeof(rgbSha256Hash), |
1149 | 0 | pbSignature, |
1150 | 0 | cbSignature, |
1151 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1152 | 0 | 0 ); |
1153 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1154 | |
|
1155 | 0 | SymCryptWipe( pbSignature, cbSignature ); |
1156 | 0 | SymCryptCallbackFree( pbSignature ); |
1157 | 0 | } |
1158 | | |
1159 | | VOID |
1160 | | SYMCRYPT_CALL |
1161 | | SymCryptDsaSelftest(void) |
1162 | 0 | { |
1163 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1164 | |
|
1165 | 0 | PSYMCRYPT_DLGROUP pDlgroup = NULL; |
1166 | 0 | PSYMCRYPT_DLKEY pkDlkey = NULL; |
1167 | |
|
1168 | 0 | BYTE rgbSignature[64]; |
1169 | |
|
1170 | 0 | pDlgroup = SymCryptDlgroupAllocate( |
1171 | 0 | sizeof(dsaDlgroup.primeP) * 8, |
1172 | 0 | sizeof(dsaDlgroup.primeQ) * 8 ); |
1173 | 0 | SYMCRYPT_FIPS_ASSERT( pDlgroup != NULL ); |
1174 | |
|
1175 | 0 | scError = SymCryptDlgroupSetValue( |
1176 | 0 | dsaDlgroup.primeP, |
1177 | 0 | sizeof(dsaDlgroup.primeP), |
1178 | 0 | dsaDlgroup.primeQ, |
1179 | 0 | sizeof(dsaDlgroup.primeQ), |
1180 | 0 | dsaDlgroup.generator, |
1181 | 0 | sizeof(dsaDlgroup.generator), |
1182 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1183 | 0 | SymCryptSha256Algorithm, |
1184 | 0 | dsaDlgroup.seed, |
1185 | 0 | sizeof(dsaDlgroup.seed), |
1186 | 0 | dsaDlgroup.counter, |
1187 | 0 | SYMCRYPT_DLGROUP_FIPS_NONE, |
1188 | 0 | pDlgroup ); |
1189 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1190 | |
|
1191 | 0 | pkDlkey = SymCryptDlkeyAllocate( pDlgroup ); |
1192 | 0 | SYMCRYPT_FIPS_ASSERT( pkDlkey != NULL ); |
1193 | |
|
1194 | 0 | scError = SymCryptDlkeySetValue( |
1195 | 0 | dsaKey.private, |
1196 | 0 | sizeof(dsaKey.private), |
1197 | 0 | dsaKey.public, |
1198 | 0 | sizeof(dsaKey.public), |
1199 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1200 | 0 | SYMCRYPT_FLAG_DLKEY_DSA | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1201 | 0 | pkDlkey ); |
1202 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1203 | | |
1204 | | // DSA is no longer an approved signing algorithm, so we don't need to perform a signature in |
1205 | | // the CAST. We can just verify the precalculated signature. But for the unit test |
1206 | | // infrastructure to exercise these self-tests, we also need to to inject errors and ensure |
1207 | | // that the verification fails when the signature is corrupted. |
1208 | 0 | C_ASSERT( sizeof(rgbDsaKnownAnswerTestSignature) == sizeof(rgbSignature) ); |
1209 | 0 | memcpy( rgbSignature, rgbDsaKnownAnswerTestSignature, sizeof(rgbDsaKnownAnswerTestSignature) ); |
1210 | 0 | SymCryptInjectError( rgbSignature, sizeof(rgbSignature) ); |
1211 | |
|
1212 | 0 | scError = SymCryptDsaVerify( |
1213 | 0 | pkDlkey, |
1214 | 0 | rgbSha256Hash, |
1215 | 0 | sizeof(rgbSha256Hash), |
1216 | 0 | rgbSignature, |
1217 | 0 | sizeof(rgbSignature), |
1218 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1219 | 0 | 0 ); |
1220 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1221 | |
|
1222 | 0 | SymCryptDlkeyFree( pkDlkey ); |
1223 | 0 | SymCryptDlgroupFree( pDlgroup ); |
1224 | 0 | } |
1225 | | |
1226 | | VOID |
1227 | | SYMCRYPT_CALL |
1228 | | SymCryptEcDsaPct( PCSYMCRYPT_ECKEY pkEckey ) |
1229 | 0 | { |
1230 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1231 | |
|
1232 | 0 | SIZE_T cbSignature = 2 * SymCryptEckeySizeofPrivateKey(pkEckey); |
1233 | 0 | PBYTE pbSignature = SymCryptCallbackAlloc( cbSignature ); |
1234 | 0 | SYMCRYPT_FIPS_ASSERT( pbSignature != NULL ); |
1235 | | |
1236 | | // Use SymCryptEcDsaSignEx to avoid infinite recursion in the PCT |
1237 | 0 | scError = SymCryptEcDsaSignEx( |
1238 | 0 | pkEckey, |
1239 | 0 | rgbSha256Hash, |
1240 | 0 | sizeof(rgbSha256Hash), |
1241 | 0 | NULL, |
1242 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1243 | 0 | 0, |
1244 | 0 | pbSignature, |
1245 | 0 | cbSignature ); |
1246 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1247 | |
|
1248 | 0 | SymCryptInjectError( pbSignature, cbSignature ); |
1249 | |
|
1250 | 0 | scError = SymCryptEcDsaVerify( |
1251 | 0 | pkEckey, |
1252 | 0 | rgbSha256Hash, |
1253 | 0 | sizeof(rgbSha256Hash), |
1254 | 0 | pbSignature, |
1255 | 0 | cbSignature, |
1256 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1257 | 0 | 0 ); |
1258 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1259 | |
|
1260 | 0 | SymCryptWipe( pbSignature, cbSignature ); |
1261 | 0 | SymCryptCallbackFree( pbSignature ); |
1262 | 0 | } |
1263 | | |
1264 | | VOID |
1265 | | SYMCRYPT_CALL |
1266 | | SymCryptEcDsaSelftest(void) |
1267 | 5 | { |
1268 | 5 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1269 | | |
1270 | 5 | PSYMCRYPT_ECURVE pCurve = NULL; |
1271 | 5 | PSYMCRYPT_ECKEY pkEckey = NULL; |
1272 | 5 | PSYMCRYPT_INT piK = NULL; |
1273 | | |
1274 | 5 | BYTE rgbSignature[64]; |
1275 | | |
1276 | 5 | pCurve = SymCryptEcurveAllocate( SymCryptEcurveParamsNistP256, 0 ); |
1277 | 5 | SYMCRYPT_FIPS_ASSERT( pCurve != NULL ); |
1278 | | |
1279 | 5 | pkEckey = SymCryptEckeyAllocate( pCurve ); |
1280 | 5 | SYMCRYPT_FIPS_ASSERT( pkEckey != NULL ); |
1281 | | |
1282 | 5 | piK = SymCryptIntAllocate( |
1283 | 5 | SYMCRYPT_FDEF_DIGITS_FROM_BITS( sizeof(rgbEcDsaKnownAnswerTestK) * 8 ) ); |
1284 | 5 | SYMCRYPT_FIPS_ASSERT( piK != NULL ); |
1285 | | |
1286 | 5 | scError = SymCryptIntSetValue( |
1287 | 5 | rgbEcDsaKnownAnswerTestK, |
1288 | 5 | sizeof(rgbEcDsaKnownAnswerTestK), |
1289 | 5 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1290 | 5 | piK ); |
1291 | 5 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1292 | | |
1293 | 5 | scError = SymCryptEckeySetValue( |
1294 | 5 | eckey1.d, |
1295 | 5 | sizeof(eckey1.d), |
1296 | 5 | eckey1.Qxy, |
1297 | 5 | sizeof(eckey1.Qxy), |
1298 | 5 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1299 | 5 | SYMCRYPT_ECPOINT_FORMAT_XY, |
1300 | 5 | SYMCRYPT_FLAG_ECKEY_ECDSA | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1301 | 5 | pkEckey); |
1302 | 5 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1303 | | |
1304 | 5 | scError = SymCryptEcDsaSignEx( |
1305 | 5 | pkEckey, |
1306 | 5 | rgbSha256Hash, |
1307 | 5 | sizeof(rgbSha256Hash), |
1308 | 5 | piK, |
1309 | 5 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1310 | 5 | 0, |
1311 | 5 | rgbSignature, |
1312 | 5 | sizeof(rgbSignature) ); |
1313 | 5 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1314 | | |
1315 | 5 | SYMCRYPT_FIPS_ASSERT( |
1316 | 5 | memcmp( rgbSignature, rgbEcDsaKnownAnswerTestSignature, sizeof(rgbSignature) ) == 0 ); |
1317 | | |
1318 | 5 | SymCryptInjectError( rgbSignature, sizeof(rgbSignature) ); |
1319 | | |
1320 | 5 | scError = SymCryptEcDsaVerify( |
1321 | 5 | pkEckey, |
1322 | 5 | rgbSha256Hash, |
1323 | 5 | sizeof(rgbSha256Hash), |
1324 | 5 | rgbSignature, |
1325 | 5 | sizeof(rgbSignature), |
1326 | 5 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1327 | 5 | 0 ); |
1328 | 5 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1329 | | |
1330 | 5 | SymCryptIntFree( piK ); |
1331 | 5 | SymCryptEckeyFree( pkEckey ); |
1332 | 5 | SymCryptEcurveFree( pCurve ); |
1333 | 5 | } |
1334 | | |
1335 | | VOID |
1336 | | SYMCRYPT_CALL |
1337 | | SymCryptRsaSignVerifyPct( PCSYMCRYPT_RSAKEY pkRsakey ) |
1338 | 0 | { |
1339 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1340 | |
|
1341 | 0 | SIZE_T cbSignature = SYMCRYPT_BYTES_FROM_BITS(pkRsakey->nBitsOfModulus); |
1342 | 0 | PBYTE pbSignature = SymCryptCallbackAlloc( cbSignature ); |
1343 | 0 | SYMCRYPT_FIPS_ASSERT( pbSignature != NULL ); |
1344 | |
|
1345 | 0 | scError = SymCryptRsaPkcs1Sign( |
1346 | 0 | pkRsakey, |
1347 | 0 | rgbSha256Hash, |
1348 | 0 | sizeof(rgbSha256Hash), |
1349 | 0 | SymCryptSha256OidList, |
1350 | 0 | SYMCRYPT_SHA256_OID_COUNT, |
1351 | 0 | 0, |
1352 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1353 | 0 | pbSignature, |
1354 | 0 | cbSignature, |
1355 | 0 | &cbSignature ); |
1356 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1357 | |
|
1358 | 0 | SymCryptInjectError( pbSignature, cbSignature ); |
1359 | |
|
1360 | 0 | scError = SymCryptRsaPkcs1Verify( |
1361 | 0 | pkRsakey, |
1362 | 0 | rgbSha256Hash, |
1363 | 0 | sizeof(rgbSha256Hash), |
1364 | 0 | pbSignature, |
1365 | 0 | cbSignature, |
1366 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1367 | 0 | SymCryptSha256OidList, |
1368 | 0 | SYMCRYPT_SHA256_OID_COUNT, |
1369 | 0 | 0 ); |
1370 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1371 | |
|
1372 | 0 | SymCryptWipe( pbSignature, cbSignature ); |
1373 | 0 | SymCryptCallbackFree( pbSignature ); |
1374 | 0 | } |
1375 | | |
1376 | | VOID |
1377 | | SYMCRYPT_CALL |
1378 | | SymCryptRsaSelftest(void) |
1379 | 0 | { |
1380 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1381 | |
|
1382 | 0 | PSYMCRYPT_RSAKEY pkRsakey = NULL; |
1383 | 0 | SYMCRYPT_RSA_PARAMS rsaParams = { 0 }; |
1384 | |
|
1385 | 0 | SIZE_T cbSignature = sizeof(rgbRsaPkcs1Sig); |
1386 | 0 | PBYTE pbSignature = SymCryptCallbackAlloc(cbSignature); |
1387 | 0 | SYMCRYPT_FIPS_ASSERT(pbSignature != NULL); |
1388 | |
|
1389 | 0 | rsaParams.version = 1; |
1390 | 0 | rsaParams.nBitsOfModulus = sizeof(rsakey.modulus) * 8; |
1391 | 0 | rsaParams.nPrimes = 2; |
1392 | 0 | rsaParams.nPubExp = 1; |
1393 | |
|
1394 | 0 | PCBYTE pbPrimes[] = { rsakey.prime1, rsakey.prime2 }; |
1395 | 0 | SIZE_T cbPrimes[] = { sizeof(rsakey.prime1), sizeof(rsakey.prime2) }; |
1396 | |
|
1397 | 0 | pkRsakey = SymCryptRsakeyAllocate(&rsaParams, 0); |
1398 | 0 | SYMCRYPT_FIPS_ASSERT(pkRsakey != NULL); |
1399 | |
|
1400 | 0 | scError = SymCryptRsakeySetValue( |
1401 | 0 | rsakey.modulus, |
1402 | 0 | sizeof(rsakey.modulus), |
1403 | 0 | &rsakey.publicExp, |
1404 | 0 | 1, |
1405 | 0 | pbPrimes, |
1406 | 0 | cbPrimes, |
1407 | 0 | sizeof(cbPrimes) / sizeof(cbPrimes[0]), |
1408 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1409 | 0 | SYMCRYPT_FLAG_RSAKEY_SIGN | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1410 | 0 | pkRsakey); |
1411 | 0 | SYMCRYPT_FIPS_ASSERT(scError == SYMCRYPT_NO_ERROR); |
1412 | |
|
1413 | 0 | scError = SymCryptRsaPkcs1Sign( |
1414 | 0 | pkRsakey, |
1415 | 0 | rgbSha256Hash, |
1416 | 0 | sizeof(rgbSha256Hash), |
1417 | 0 | SymCryptSha256OidList, |
1418 | 0 | SYMCRYPT_SHA256_OID_COUNT, |
1419 | 0 | 0, |
1420 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1421 | 0 | pbSignature, |
1422 | 0 | cbSignature, |
1423 | 0 | &cbSignature); |
1424 | 0 | SYMCRYPT_FIPS_ASSERT(scError == SYMCRYPT_NO_ERROR); |
1425 | |
|
1426 | 0 | SYMCRYPT_FIPS_ASSERT(memcmp(pbSignature, rgbRsaPkcs1Sig, sizeof(rgbRsaPkcs1Sig)) == 0); |
1427 | |
|
1428 | 0 | SymCryptInjectError(pbSignature, cbSignature); |
1429 | |
|
1430 | 0 | scError = SymCryptRsaPkcs1Verify( |
1431 | 0 | pkRsakey, |
1432 | 0 | rgbSha256Hash, |
1433 | 0 | sizeof(rgbSha256Hash), |
1434 | 0 | pbSignature, |
1435 | 0 | cbSignature, |
1436 | 0 | SYMCRYPT_NUMBER_FORMAT_MSB_FIRST, |
1437 | 0 | SymCryptSha256OidList, |
1438 | 0 | SYMCRYPT_SHA256_OID_COUNT, |
1439 | 0 | 0); |
1440 | 0 | SYMCRYPT_FIPS_ASSERT(scError == SYMCRYPT_NO_ERROR); |
1441 | |
|
1442 | 0 | SymCryptRsakeyFree(pkRsakey); |
1443 | |
|
1444 | 0 | SymCryptWipe(pbSignature, cbSignature); |
1445 | 0 | SymCryptCallbackFree(pbSignature); |
1446 | 0 | } |
1447 | | |
1448 | | VOID |
1449 | | SYMCRYPT_CALL |
1450 | | SymCryptXmssVerifySelftest(void) |
1451 | 0 | { |
1452 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1453 | 0 | PSYMCRYPT_XMSS_KEY pKey = NULL; |
1454 | 0 | SYMCRYPT_XMSS_PARAMS params; |
1455 | 0 | PBYTE pbSignature; |
1456 | 0 | SIZE_T cbSignature = sizeof(rgbXmssSha2_10_192Signature); |
1457 | |
|
1458 | 0 | scError = SymCryptXmssParamsFromAlgId(SYMCRYPT_XMSS_SHA2_10_192, ¶ms); |
1459 | 0 | SYMCRYPT_FIPS_ASSERT(scError == SYMCRYPT_NO_ERROR); |
1460 | |
|
1461 | 0 | pKey = SymCryptXmsskeyAllocate(¶ms, 0); |
1462 | 0 | SYMCRYPT_FIPS_ASSERT(pKey != NULL); |
1463 | |
|
1464 | 0 | scError = SymCryptXmsskeySetValue( |
1465 | 0 | rgbXmssSha2_10_192Pubkey, |
1466 | 0 | sizeof(rgbXmssSha2_10_192Pubkey), |
1467 | 0 | SYMCRYPT_XMSSKEY_TYPE_PUBLIC, |
1468 | 0 | 0, |
1469 | 0 | pKey); |
1470 | | |
1471 | | // Make a copy of the signature so that we can inject errors in it |
1472 | 0 | pbSignature = SymCryptCallbackAlloc(cbSignature); |
1473 | 0 | SYMCRYPT_FIPS_ASSERT(pbSignature != NULL); |
1474 | 0 | memcpy(pbSignature, rgbXmssSha2_10_192Signature, cbSignature); |
1475 | |
|
1476 | 0 | SymCryptInjectError(pbSignature, cbSignature); |
1477 | |
|
1478 | 0 | scError = SymCryptXmssVerify( |
1479 | 0 | pKey, |
1480 | 0 | SymCryptTestMsg3, |
1481 | 0 | sizeof(SymCryptTestMsg3), |
1482 | 0 | 0, |
1483 | 0 | pbSignature, |
1484 | 0 | cbSignature); |
1485 | 0 | SYMCRYPT_FIPS_ASSERT(scError == SYMCRYPT_NO_ERROR); |
1486 | |
|
1487 | 0 | SymCryptWipe(pbSignature, cbSignature); |
1488 | 0 | SymCryptCallbackFree(pbSignature); |
1489 | |
|
1490 | 0 | SymCryptXmsskeyFree(pKey); |
1491 | 0 | } |
1492 | | |
1493 | | VOID |
1494 | | SYMCRYPT_CALL |
1495 | | SymCryptXmssSelftest(void) |
1496 | 0 | { |
1497 | | // Perform only signature verification self-test |
1498 | 0 | SymCryptXmssVerifySelftest(); |
1499 | 0 | } |
1500 | | |
1501 | | VOID |
1502 | | SYMCRYPT_CALL |
1503 | | SymCryptMlKemSelftest(void) |
1504 | 0 | { |
1505 | 0 | SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; |
1506 | |
|
1507 | 0 | const SIZE_T cbCiphertext = sizeof(rgbMlKemSelfTestCiphertext); |
1508 | 0 | const SIZE_T cbDecapsKeyBlob = sizeof(mlKemDecapsKey); |
1509 | 0 | const SIZE_T cbAlloc = cbCiphertext + cbDecapsKeyBlob; |
1510 | 0 | BYTE rgbComputedSecret[sizeof(rgbMlKemSelfTestAgreedSecret)]; |
1511 | 0 | PSYMCRYPT_MLKEMKEY pkMlKemkey = NULL; |
1512 | |
|
1513 | 0 | PBYTE pbAlloc = SymCryptCallbackAlloc( cbAlloc ); |
1514 | 0 | PBYTE pbCiphertext = pbAlloc; |
1515 | 0 | PBYTE pbDecapsKeyBlob = pbAlloc + cbCiphertext; |
1516 | 0 | SYMCRYPT_FIPS_ASSERT( pbAlloc != NULL ); |
1517 | |
|
1518 | 0 | pkMlKemkey = SymCryptMlKemkeyAllocate( SYMCRYPT_MLKEM_PARAMS_MLKEM512 ); |
1519 | 0 | SYMCRYPT_FIPS_ASSERT( pkMlKemkey != NULL ); |
1520 | | |
1521 | | // ML-KEM KeyGen KAT |
1522 | 0 | scError = SymCryptMlKemkeySetValue( |
1523 | 0 | (PCBYTE) &rgbMlKemKeyPrivateSeed, sizeof(rgbMlKemKeyPrivateSeed), |
1524 | 0 | SYMCRYPT_MLKEMKEY_FORMAT_PRIVATE_SEED, |
1525 | 0 | SYMCRYPT_FLAG_KEY_NO_FIPS, |
1526 | 0 | pkMlKemkey ); |
1527 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1528 | |
|
1529 | 0 | scError = SymCryptMlKemkeyGetValue( |
1530 | 0 | pkMlKemkey, |
1531 | 0 | pbDecapsKeyBlob, cbDecapsKeyBlob, |
1532 | 0 | SYMCRYPT_MLKEMKEY_FORMAT_DECAPSULATION_KEY, |
1533 | 0 | SYMCRYPT_FLAG_KEY_NO_FIPS ); |
1534 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1535 | |
|
1536 | 0 | SymCryptInjectError( pbDecapsKeyBlob, cbDecapsKeyBlob ); |
1537 | |
|
1538 | 0 | SYMCRYPT_FIPS_ASSERT( memcmp(pbDecapsKeyBlob, (PCBYTE) &mlKemDecapsKey, cbDecapsKeyBlob) == 0 ); |
1539 | | |
1540 | | // ML-KEM Encaps KAT |
1541 | 0 | scError = SymCryptMlKemEncapsulateEx( |
1542 | 0 | pkMlKemkey, |
1543 | 0 | rgbMlKemSelfTestEncapsRandomness, sizeof(rgbMlKemSelfTestEncapsRandomness), |
1544 | 0 | rgbComputedSecret, sizeof(rgbComputedSecret), |
1545 | 0 | pbCiphertext, cbCiphertext ); |
1546 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1547 | |
|
1548 | 0 | SymCryptInjectError( rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1549 | 0 | SymCryptInjectError( pbCiphertext, sizeof(rgbMlKemSelfTestCiphertext) ); |
1550 | |
|
1551 | 0 | SYMCRYPT_FIPS_ASSERT( memcmp(rgbComputedSecret, rgbMlKemSelfTestAgreedSecret, sizeof(rgbComputedSecret)) == 0 ); |
1552 | 0 | SYMCRYPT_FIPS_ASSERT( memcmp(pbCiphertext, rgbMlKemSelfTestCiphertext, sizeof(rgbMlKemSelfTestCiphertext)) == 0 ); |
1553 | |
|
1554 | 0 | SymCryptWipeKnownSize( rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1555 | | |
1556 | | // ML-KEM Successful Decaps KAT |
1557 | 0 | scError = SymCryptMlKemDecapsulate( |
1558 | 0 | pkMlKemkey, |
1559 | 0 | pbCiphertext, cbCiphertext, |
1560 | 0 | rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1561 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1562 | |
|
1563 | 0 | SymCryptInjectError( rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1564 | |
|
1565 | 0 | SYMCRYPT_FIPS_ASSERT( memcmp(rgbComputedSecret, rgbMlKemSelfTestAgreedSecret, sizeof(rgbComputedSecret)) == 0 ); |
1566 | |
|
1567 | 0 | SymCryptWipeKnownSize( rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1568 | | |
1569 | | // ML-KEM Implicit Rejection Decaps KAT |
1570 | 0 | pbCiphertext[0] ^= 1; |
1571 | |
|
1572 | 0 | scError = SymCryptMlKemDecapsulate( |
1573 | 0 | pkMlKemkey, |
1574 | 0 | pbCiphertext, cbCiphertext, |
1575 | 0 | rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1576 | 0 | SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR ); |
1577 | |
|
1578 | 0 | SymCryptInjectError( rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1579 | |
|
1580 | 0 | SYMCRYPT_FIPS_ASSERT( memcmp(rgbComputedSecret, rgbMlKemSelfTestImplicitRejectionSecret, sizeof(rgbComputedSecret)) == 0 ); |
1581 | | |
1582 | 0 | SymCryptWipeKnownSize( rgbComputedSecret, sizeof(rgbComputedSecret) ); |
1583 | |
|
1584 | 0 | SymCryptMlKemkeyFree( pkMlKemkey ); |
1585 | 0 | SymCryptWipe( pbAlloc, cbAlloc ); |
1586 | 0 | SymCryptCallbackFree( pbAlloc ); |
1587 | 0 | } |