int main (int argc, char *argv[]) { uint8_t buffer[2532]; unsigned int buf_len = 2500; int i, j; extern cipher_type_t aes_icm; #ifdef OPENSSL extern cipher_type_t aes_gcm_128_openssl; extern cipher_type_t aes_gcm_256_openssl; #endif cipher_t *c; uint8_t key[46] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 }; v128_t nonce; int num_trials = 500; int num_fail; printf("statistical tests driver\n"); v128_set_to_zero(&nonce); for (i=0; i < 2500; i++) buffer[i] = 0; /* run tests */ printf("running stat_tests on all-null buffer, expecting failure\n"); printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); for (i=0; i < 2500; i++) buffer[i] = rand(); printf("running stat_tests on rand(), expecting success\n"); printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); printf("running stat_tests on AES-128-ICM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) buffer[i] = 0; err_check(cipher_type_alloc(&aes_icm, &c, 30, 0)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); printf("runs test (please be patient): "); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) buffer[i] = 0; nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); if (stat_test_runs(buffer)) { num_fail++; } } printf("%d failures in %d tests\n", num_fail, num_trials); printf("(nota bene: a small fraction of stat_test failures does not \n" "indicate that the random source is invalid)\n"); err_check(cipher_dealloc(c)); printf("running stat_tests on AES-256-ICM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) buffer[i] = 0; err_check(cipher_type_alloc(&aes_icm, &c, 46, 0)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); printf("runs test (please be patient): "); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) buffer[i] = 0; nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); if (stat_test_runs(buffer)) { num_fail++; } } #ifdef OPENSSL { printf("running stat_tests on AES-128-GCM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) { buffer[i] = 0; } err_check(cipher_type_alloc(&aes_gcm_128_openssl, &c, AES_128_GCM_KEYSIZE_WSALT, 8)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) { buffer[i] = 0; } nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); buf_len = 2500; if (stat_test_runs(buffer)) { num_fail++; } } printf("running stat_tests on AES-256-GCM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) { buffer[i] = 0; } err_check(cipher_type_alloc(&aes_gcm_256_openssl, &c, AES_256_GCM_KEYSIZE_WSALT, 16)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) { buffer[i] = 0; } nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); buf_len = 2500; if (stat_test_runs(buffer)) { num_fail++; } } } #endif printf("%d failures in %d tests\n", num_fail, num_trials); printf("(nota bene: a small fraction of stat_test failures does not \n" "indicate that the random source is invalid)\n"); err_check(cipher_dealloc(c)); return 0; }
err_status_t cipher_driver_test_buffering (cipher_t *c) { int i, j, num_trials = 1000; unsigned len, buflen = 1024; uint8_t buffer0[buflen], buffer1[buflen], *current, *end; uint8_t idx[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 }; err_status_t status; printf("testing output buffering for cipher %s...", c->type->description); for (i = 0; i < num_trials; i++) { /* set buffers to zero */ for (j = 0; j < buflen; j++) { buffer0[j] = buffer1[j] = 0; } /* initialize cipher */ status = cipher_set_iv(c, idx, direction_encrypt); if (status) { return status; } /* generate 'reference' value by encrypting all at once */ status = cipher_encrypt(c, buffer0, &buflen); if (status) { return status; } /* re-initialize cipher */ status = cipher_set_iv(c, idx, direction_encrypt); if (status) { return status; } /* now loop over short lengths until buffer1 is encrypted */ current = buffer1; end = buffer1 + buflen; while (current < end) { /* choose a short length */ len = rand() & 0x01f; /* make sure that len doesn't cause us to overreach the buffer */ if (current + len > end) { len = end - current; } status = cipher_encrypt(c, current, &len); if (status) { return status; } /* advance pointer into buffer1 to reflect encryption */ current += len; /* if buffer1 is all encrypted, break out of loop */ if (current == end) { break; } } /* compare buffers */ for (j = 0; j < buflen; j++) { if (buffer0[j] != buffer1[j]) { #if PRINT_DEBUG printf("test case %d failed at byte %d\n", i, j); printf("computed: %s\n", octet_string_hex_string(buffer1, buflen)); printf("expected: %s\n", octet_string_hex_string(buffer0, buflen)); #endif return err_status_algo_fail; } } } printf("passed\n"); return err_status_ok; }
int main(int argc, char **argv) { int c; SshCryptoStatus cs; SshCipher cipher; Boolean all_ciphers = FALSE, speed_test = FALSE, quiet = FALSE; unsigned char *iv = NULL, *key = NULL; size_t iv_len = 0, key_len = 0; char *cipher_name = NULL, *cipher_names, *hlp, *passphrase = NULL; Boolean encrypt_mode = TRUE; char *input_file = NULL, *output_file = NULL; FILE *fin, *fout; Boolean r = TRUE; if (strchr(argv[0], '/')) av0 = strrchr(argv[0], '/') + 1; else av0 = argv[0]; if (strcasecmp(av0, "ssh-encrypt") == 0) encrypt_mode = TRUE; else if (strcasecmp(av0, "ssh-decrypt") == 0) encrypt_mode = FALSE; if (ssh_crypto_library_initialize() != SSH_CRYPTO_OK) { fprintf(stderr, "Can't initialize the cryptographic provider.\n"); exit(1); } while ((c = ssh_getopt(argc, argv, "thd:ac:i:k:EDp:", NULL)) != -1) { switch (c) { case 'd': ssh_debug_set_level_string(ssh_optarg); break; case 't': speed_test = TRUE; break; case 'a': all_ciphers = TRUE; break; case 'c': cipher_name = ssh_xstrdup(ssh_optarg); break; case 'q': quiet = TRUE; break; case 'i': if (iv) { fprintf(stderr, "%s: No multiple initialization vectors allowed.\n", av0); usage(); exit(-1); } if (! hex_string_to_data(ssh_optarg, &iv, &iv_len)) { fprintf(stderr, "%s: Bad IV string.\n", av0); exit(-1); } break; case 'k': if (key) { fprintf(stderr, "%s: No multiple keys allowed.\n", av0); usage(); exit(-1); } if (! hex_string_to_data(ssh_optarg, &key, &key_len)) { fprintf(stderr, "%s: Bad KEY string.\n", av0); exit(-1); } break; case 'p': if (passphrase) { fprintf(stderr, "%s: No multiple passphrases allowed.\n", av0); usage(); exit(-1); } passphrase = ssh_optarg; break; case 'E': encrypt_mode = TRUE; break; case 'D': encrypt_mode = FALSE; break; case 'h': help_info(); usage(); exit(0); /*NOTREACHED*/ default: usage(); exit(-1); /*NOTREACHED*/ } } argc -= ssh_optind; argv += ssh_optind; if (speed_test && (argc > 0)) { fprintf(stderr, "%s: Extra parameters.\n", av0); usage(); exit(-1); /*NOTREACHED*/ } if (argc > 2) { fprintf(stderr, "%s: Extra parameters.\n", av0); usage(); exit(-1); /*NOTREACHED*/ } if (argc > 1) output_file = ssh_xstrdup(argv[1]); if (argc > 0) input_file = ssh_xstrdup(argv[0]); if ((cipher_name != NULL) && all_ciphers) { fprintf(stderr, "%s: -c and -a can't be used together.\n", av0); usage(); exit(-1); /*NOTREACHED*/ } if (all_ciphers && !speed_test) { fprintf(stderr, "%s: -a can only be used with -t.\n", av0); usage(); exit(-1); /*NOTREACHED*/ } if ((cipher_name != NULL) && strchr(cipher_name, ',') && !speed_test) { fprintf(stderr, "%s: Multiple ciphers only be used with -t.\n", av0); usage(); exit(-1); /*NOTREACHED*/ } if (cipher_name == NULL) { if (speed_test) { all_ciphers = TRUE; /* Assume `all' if test mode with no ciphers. */ } else { fprintf(stderr, "Missing -c flag.\n"); usage(); exit(-1); /*NOTREACHED*/ } } if (passphrase && key) { fprintf(stderr, "%s: Can't use both passphrase and hex key.\n", av0); usage(); exit(-1); /*NOTREACHED*/ } if (!key && !passphrase && !speed_test) { ssh_warning("%s: No key! Empty passphrase assumed.", av0); passphrase = ""; /*NOTREACHED*/ } if (speed_test) { fprintf(stderr, "Performing speed tests\n"); if (all_ciphers) { cipher_names = ssh_cipher_get_supported(); } else { /* Steal allocated cipher_name */ cipher_names = cipher_name; cipher_name = NULL; } hlp = cipher_names; while ((cipher_name = ssh_name_list_get_name(hlp)) != NULL) { hlp += strlen(cipher_name); if (*hlp == ',') hlp++; cipher_speed_test(cipher_name, passphrase, key, key_len, iv, iv_len, encrypt_mode); ssh_xfree(cipher_name); if (strlen(hlp) == 0) break; } ssh_xfree(cipher_names); } else { if (passphrase) cs = ssh_cipher_allocate_with_passphrase(cipher_name, passphrase, encrypt_mode, &cipher); else cs = ssh_cipher_allocate(cipher_name, key, key_len, encrypt_mode, &cipher); if (cs != SSH_CRYPTO_OK) { switch (cs) { case SSH_CRYPTO_UNSUPPORTED: fprintf(stderr, "%s: Unsupported cipher \"%s\".\n", av0, cipher_name); usage(); exit(-1); case SSH_CRYPTO_KEY_TOO_SHORT: fprintf(stderr, "%s: Key too short for \"%s\".\n", av0, cipher_name); usage(); exit(-1); default: fprintf(stderr, "%s: Cipher allocate failed.\n", av0); exit(-1); } /*NOTREACHED*/ } if (iv != NULL) { if (ssh_cipher_get_iv_length(ssh_cipher_name(cipher)) == iv_len) ssh_cipher_set_iv(cipher, iv); else { fprintf(stderr, "%s: Weird IV length.\n", av0); exit(-1); } } if (input_file != NULL) { fin = fopen(input_file, "r"); if (fin == NULL) { fprintf(stderr, "%s: Cannot open input file \"%s\".\n", av0, input_file); exit(-1); } } else { fin = stdin; } if (output_file != NULL) { struct stat st; if (stat(output_file, &st) >= 0) { fprintf(stderr, "%s: Output file \"%s\" exists.\n", av0, output_file); exit(-1); } fout = fopen(output_file, "w"); if (fout == NULL) { fprintf(stderr, "%s: Cannot open output file \"%s\".\n", av0, output_file); exit(-1); } } else { fout = stdout; } if (encrypt_mode) r = cipher_encrypt(cipher, fin, fout); else r = cipher_decrypt(cipher, fin, fout); if (input_file) fclose(fin); if (output_file) { fclose(fout); if (! r) (void)unlink(output_file); } ssh_cipher_free(cipher); ssh_xfree(cipher_name); } ssh_xfree(input_file); ssh_xfree(output_file); ssh_xfree(key); ssh_xfree(iv); ssh_crypto_library_uninitialize(); ssh_util_uninit(); return((r == TRUE) ? 0 : -1); }
static int auto_test(char * algo_name) { u8 plain[TEXT_LENGTH] = {0}; u8 cipher[TEXT_LENGTH] = {0}; u8 temp[TEXT_LENGTH] = {0}; u32 key_len = sizeof(default_key); u32 text_bytes = sizeof(plain); u8 in[]="The quick brown fox jumps over the lazy dog"; u8 correctsha[]={0x2f,0xd4,0xe1,0xc6,0x7a,0x2d,0x28,0xfc,0xed,0x84,0x9e,0xe1,0xbb,0x76,0xe7,0x39,0x1b,0x93,0xeb,0x12,'\0'}; u8 correctmd5[]={0x9e,0x10,0x7d,0x9d,0x37,0x2b,0xb6,0x82,0x6b,0xd8,0x1d,0x35,0x42,0xa4,0x19,0xd6,'\0'}; u8 out[21]; if (prepare_cipher_algo(algo_name) < 0) { printf("prepare_cipher_algo failed !\n"); return -1; } if (prepare_cipher_key(default_key, key_len) < 0) { printf("prepare_cipher_key failed !\n"); return -1; } set_plain_text(plain, sizeof(plain) - 4); memcpy(cipher, plain, sizeof(plain)); printf("== Before encryption =="); print_u8_array("Plain Text", plain, sizeof(plain)); print_u8_array("Cipher Text", cipher, sizeof(cipher)); if (cipher_encrypt(plain, text_bytes) < 0) { printf("cipher_encrypt failed !\n"); return -1; } printf("\n== After encrytion =="); memcpy(temp, cipher, sizeof(temp)); memcpy(cipher, plain, sizeof(cipher)); memcpy(plain, temp, sizeof(plain)); print_u8_array("Plain Text", plain, sizeof(plain)); print_u8_array("Cipher Text", cipher, sizeof(cipher)); printf("\n== Before decryption =="); print_u8_array("Plain Text", plain, sizeof(plain)); print_u8_array("Cipher Text", cipher, sizeof(cipher)); if (cipher_decrypt(cipher, text_bytes) < 0) { printf("cipher_decrypt failed !\n"); return -1; } printf("\n== After decrytion =="); print_u8_array("Plain Text", plain, sizeof(plain)); print_u8_array("Cipher Text", cipher, sizeof(cipher)); printf("\n== TEST SHA1&MD5 ==\n"); printf("in= %s\n",in); if(auto_sha(in,out) != 0){ printf("SHA1 driver failed!\n"); } out[20]='\0'; if(strcmp((const char*)out,(const char*)correctsha) == 0){ printf("SHA1 CORRECT!\n"); }else{ printf("SHA1 ERROR; The correct should be 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12\n"); } if(auto_md5(in,out) != 0){ printf("MD5 driver failed!\n"); } out[16]='\0'; if(strcmp((const char*)out,(const char*)correctmd5) == 0){ printf("MD5 CORRECT!\n"); }else{ printf("MD5 ERROR; The correct should be 9e107d9d372bb6826bd81d3542a419d6\n"); } return 0; }
err_status_t cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data) { const cipher_test_case_t *test_case = test_data; cipher_t *c; err_status_t status; uint8_t buffer[SELF_TEST_BUF_OCTETS]; uint8_t buffer2[SELF_TEST_BUF_OCTETS]; unsigned int len; int i, j, case_num = 0; debug_print(mod_cipher, "running self-test for cipher %s", ct->description); /* * check to make sure that we have at least one test case, and * return an error if we don't - we need to be paranoid here */ if (test_case == NULL) return err_status_cant_check; /* * loop over all test cases, perform known-answer tests of both the * encryption and decryption functions */ while (test_case != NULL) { /* allocate cipher */ status = cipher_type_alloc(ct, &c, test_case->key_length_octets); if (status) return status; /* * test the encrypt function */ debug_print(mod_cipher, "testing encryption", NULL); /* initialize cipher */ status = cipher_init(c, test_case->key, direction_encrypt); if (status) { cipher_dealloc(c); return status; } /* copy plaintext into test buffer */ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) { cipher_dealloc(c); return err_status_bad_param; } for (i=0; i < test_case->plaintext_length_octets; i++) buffer[i] = test_case->plaintext[i]; debug_print(mod_cipher, "plaintext: %s", octet_string_hex_string(buffer, test_case->plaintext_length_octets)); /* set the initialization vector */ status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } /* encrypt */ len = test_case->plaintext_length_octets; status = cipher_encrypt(c, buffer, &len); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "ciphertext: %s", octet_string_hex_string(buffer, test_case->ciphertext_length_octets)); /* compare the resulting ciphertext with that in the test case */ if (len != (unsigned int)test_case->ciphertext_length_octets) return err_status_algo_fail; status = err_status_ok; for (i=0; i < test_case->ciphertext_length_octets; i++) if (buffer[i] != test_case->ciphertext[i]) { status = err_status_algo_fail; debug_print(mod_cipher, "test case %d failed", case_num); debug_print(mod_cipher, "(failure at byte %d)", i); break; } if (status) { debug_print(mod_cipher, "c computed: %s", octet_string_hex_string(buffer, 2*test_case->plaintext_length_octets)); debug_print(mod_cipher, "c expected: %s", octet_string_hex_string(test_case->ciphertext, 2*test_case->plaintext_length_octets)); cipher_dealloc(c); return err_status_algo_fail; } /* * test the decrypt function */ debug_print(mod_cipher, "testing decryption", NULL); /* re-initialize cipher for decryption */ status = cipher_init(c, test_case->key, direction_decrypt); if (status) { cipher_dealloc(c); return status; } /* copy ciphertext into test buffer */ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) { cipher_dealloc(c); return err_status_bad_param; } for (i=0; i < test_case->ciphertext_length_octets; i++) buffer[i] = test_case->ciphertext[i]; debug_print(mod_cipher, "ciphertext: %s", octet_string_hex_string(buffer, test_case->plaintext_length_octets)); /* set the initialization vector */ status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } /* decrypt */ len = test_case->ciphertext_length_octets; status = cipher_decrypt(c, buffer, &len); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "plaintext: %s", octet_string_hex_string(buffer, test_case->plaintext_length_octets)); /* compare the resulting plaintext with that in the test case */ if (len != (unsigned int)test_case->plaintext_length_octets) return err_status_algo_fail; status = err_status_ok; for (i=0; i < test_case->plaintext_length_octets; i++) if (buffer[i] != test_case->plaintext[i]) { status = err_status_algo_fail; debug_print(mod_cipher, "test case %d failed", case_num); debug_print(mod_cipher, "(failure at byte %d)", i); } if (status) { debug_print(mod_cipher, "p computed: %s", octet_string_hex_string(buffer, 2*test_case->plaintext_length_octets)); debug_print(mod_cipher, "p expected: %s", octet_string_hex_string(test_case->plaintext, 2*test_case->plaintext_length_octets)); cipher_dealloc(c); return err_status_algo_fail; } /* deallocate the cipher */ status = cipher_dealloc(c); if (status) return status; /* * the cipher passed the test case, so move on to the next test * case in the list; if NULL, we'l proceed to the next test */ test_case = test_case->next_test_case; ++case_num; } /* now run some random invertibility tests */ /* allocate cipher, using paramaters from the first test case */ test_case = test_data; status = cipher_type_alloc(ct, &c, test_case->key_length_octets); if (status) return status; rand_source_init(); for (j=0; j < NUM_RAND_TESTS; j++) { unsigned length; int plaintext_len; uint8_t key[MAX_KEY_LEN]; uint8_t iv[MAX_KEY_LEN]; /* choose a length at random (leaving room for IV and padding) */ length = rand() % (SELF_TEST_BUF_OCTETS - 64); debug_print(mod_cipher, "random plaintext length %d\n", length); status = rand_source_get_octet_string(buffer, length); if (status) return status; debug_print(mod_cipher, "plaintext: %s", octet_string_hex_string(buffer, length)); /* copy plaintext into second buffer */ for (i=0; (unsigned int)i < length; i++) buffer2[i] = buffer[i]; /* choose a key at random */ if (test_case->key_length_octets > MAX_KEY_LEN) return err_status_cant_check; status = rand_source_get_octet_string(key, test_case->key_length_octets); if (status) return status; /* chose a random initialization vector */ status = rand_source_get_octet_string(iv, MAX_KEY_LEN); if (status) return status; /* initialize cipher */ status = cipher_init(c, key, direction_encrypt); if (status) { cipher_dealloc(c); return status; } /* set initialization vector */ status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } /* encrypt buffer with cipher */ plaintext_len = length; status = cipher_encrypt(c, buffer, &length); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "ciphertext: %s", octet_string_hex_string(buffer, length)); /* * re-initialize cipher for decryption, re-set the iv, then * decrypt the ciphertext */ status = cipher_init(c, key, direction_decrypt); if (status) { cipher_dealloc(c); return status; } status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } status = cipher_decrypt(c, buffer, &length); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "plaintext[2]: %s", octet_string_hex_string(buffer, length)); /* compare the resulting plaintext with the original one */ if (length != (unsigned int)plaintext_len) return err_status_algo_fail; status = err_status_ok; for (i=0; i < plaintext_len; i++) if (buffer[i] != buffer2[i]) { status = err_status_algo_fail; debug_print(mod_cipher, "random test case %d failed", case_num); debug_print(mod_cipher, "(failure at byte %d)", i); } if (status) { cipher_dealloc(c); return err_status_algo_fail; } } status = cipher_dealloc(c); if (status) return status; return err_status_ok; }