void bench_aes(int show) { Aes enc; double start, total, persec; int i; #ifdef HAVE_CAVIUM if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) printf("aes init cavium failed\n"); #endif AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); start = current_time(1); for(i = 0; i < numBlocks; i++) AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); total = current_time(0) - start; persec = 1 / total * numBlocks; #ifdef BENCH_EMBEDDED /* since using kB, convert to MB/s */ persec = persec / 1024; #endif if (show) printf("AES %d %s took %5.3f seconds, %6.2f MB/s\n", numBlocks, blockType, total, persec); #ifdef HAVE_CAVIUM AesFreeCavium(&enc); #endif }
/* AES CBC Encrypt */ int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out, const unsigned char* in, unsigned int inSz) { if (aes == NULL || out == NULL || in == NULL) return BAD_FUNC_ARG; return AesCbcEncrypt((Aes*)aes, out, in, inSz); }
void bench_aes() { Aes enc; double start, total, persec; int i; AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); start = current_time(); for(i = 0; i < megs; i++) AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); total = current_time() - start; persec = 1 / total * megs; printf("AES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, persec); }
int aes_test() { Aes enc; Aes dec; const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb }; byte key[] = "0123456789abcdef "; /* align */ byte iv[] = "1234567890abcdef "; /* align */ byte cipher[AES_BLOCK_SIZE]; byte plain [AES_BLOCK_SIZE]; AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); if (memcmp(plain, msg, AES_BLOCK_SIZE)) return -60; if (memcmp(cipher, verify, AES_BLOCK_SIZE)) return -61; return 0; }
/* check mcapi aes cbc */ static int check_aescbc(void) { CRYPT_AES_CTX mcAes; Aes defAes; int ret; byte out1[AES_TEST_SIZE]; byte out2[AES_TEST_SIZE]; strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); strncpy((char*)iv, "1234567890abcdef", 16); /* 128 cbc encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-128 cbc encrypt failed\n"); return -1; } AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 cbc encrypt cmp failed\n"); return -1; } /* 128 cbc decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-128 cbc decrypt failed\n"); return -1; } AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 cbc decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 cbc decrypt orig cmp failed\n"); return -1; } /* 192 cbc encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-192 cbc encrypt failed\n"); return -1; } AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 cbc encrypt cmp failed\n"); return -1; } /* 192 cbc decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-192 cbc decrypt failed\n"); return -1; } AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 cbc decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 cbc decrypt orig cmp failed\n"); return -1; } /* 256 cbc encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-256 cbc encrypt failed\n"); return -1; } AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 cbc encrypt cmp failed\n"); return -1; } /* 256 cbc decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-256 cbc decrypt failed\n"); return -1; } AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 cbc decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 cbc decrypt orig cmp failed\n"); return -1; } printf("aes-cbc mcapi test passed\n"); return 0; }
/** Validate UEFI-OpenSSL Block Ciphers (Symmetric Crypto) Interfaces. @retval EFI_SUCCESS Validation succeeded. @retval EFI_ABORTED Validation failed. **/ EFI_STATUS ValidateCryptBlockCipher ( VOID ) { UINTN CtxSize; VOID *CipherCtx; UINT8 Encrypt[256]; UINT8 Decrypt[256]; BOOLEAN Status; Print (L"\nUEFI-OpenSSL Block Cipher Engine Testing: "); CtxSize = TdesGetContextSize (); CipherCtx = AllocatePool (CtxSize); Print (L"\n- TDES Validation: "); Print (L"ECB... "); // // TDES ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = TdesInit (CipherCtx, TdesEcbKey, 64); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, TdesEcbCipher, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, TdesEcbData, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"EDE2 ECB... "); // // TDES EDE2 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = TdesInit (CipherCtx, TdesEcbKey, 128); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, TdesEcb2Cipher, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, TdesEcbData, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"EDE3 CBC... "); // // TDES EDE3 CBC Validation // ZeroMem (Encrypt, 256); ZeroMem (Decrypt, 256); Status = TdesInit (CipherCtx, TdesCbcKey, 192); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesCbcEncrypt (CipherCtx, TdesCbcData, sizeof (TdesCbcData), TdesCbcIvec, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesCbcDecrypt (CipherCtx, Encrypt, sizeof (TdesCbcData), TdesCbcIvec, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, TdesCbc3Cipher, sizeof (TdesCbc3Cipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, TdesCbcData, sizeof (TdesCbcData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"[Pass]"); FreePool (CipherCtx); CtxSize = AesGetContextSize (); CipherCtx = AllocatePool (CtxSize); Print (L"\n- AES Validation: "); Print (L"ECB-128... "); // // AES-128 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes128EcbKey, 128); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbEncrypt (CipherCtx, Aes128EcbData, sizeof (Aes128EcbData), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes128EcbData), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes128EcbCipher, sizeof (Aes128EcbCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes128EcbData, sizeof (Aes128EcbData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"ECB-192... "); // // AES-192 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes192EcbKey, 192); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbEncrypt (CipherCtx, Aes192EcbData, sizeof (Aes192EcbData), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes192EcbData), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes192EcbCipher, sizeof (Aes192EcbCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes192EcbData, sizeof (Aes192EcbData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"ECB-256... "); // // AES-256 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes256EcbKey, 256); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbEncrypt (CipherCtx, Aes256EcbData, sizeof (Aes256EcbData), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes256EcbData), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes256EcbCipher, sizeof (Aes256EcbCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes256EcbData, sizeof (Aes256EcbData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"CBC-128... "); // // AES-128 CBC Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes128CbcKey, 128); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesCbcEncrypt (CipherCtx, Aes128CbcData, sizeof (Aes128CbcData), Aes128CbcIvec, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesCbcDecrypt (CipherCtx, Encrypt, sizeof (Aes128CbcData), Aes128CbcIvec, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes128CbcCipher, sizeof (Aes128CbcCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes128CbcData, sizeof (Aes128CbcData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"[Pass]"); Print (L"\n- ARC4 Validation: "); // // ARC4 Validation // CtxSize = Arc4GetContextSize (); CipherCtx = AllocatePool (CtxSize); ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = Arc4Init (CipherCtx, Arc4Key, sizeof (Arc4Key)); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = Arc4Encrypt (CipherCtx, Arc4Data, sizeof (Arc4Data), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = Arc4Reset (CipherCtx); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = Arc4Decrypt (CipherCtx, Encrypt, sizeof (Arc4Data), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Arc4Cipher, sizeof (Arc4Cipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Arc4Data, sizeof (Arc4Data)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"[Pass]"); Print (L"\n"); return EFI_SUCCESS; }
// TODO(bwd): Some asserts can move to lower level functions internal MIN_UNIT_TEST_FUNC(TestPaddingOracleDecrypt) { u32 InputStringIndex = rand() % ARRAY_LENGTH(InputStringArray); u32 InputStringLength = InputStringLengths[InputStringIndex]; u8 InputString[MAX_INPUT_PADDED_SIZE]; memcpy(InputString, InputStringArray[InputStringIndex], InputStringLength); u32 Key[AES_128_BLOCK_LENGTH_WORDS]; GenRandUnchecked(Key, ARRAY_LENGTH(Key)); u32 Iv[AES_128_BLOCK_LENGTH_WORDS]; GenRandUnchecked(Iv, ARRAY_LENGTH(Iv)); u8 Ciphertext[MAX_INPUT_PADDED_SIZE]; Stopif(sizeof(Ciphertext) < InputStringLength, "String too long for Ciphertext TestPaddingOracleDecrypt"); u32 PaddedLength = AesCbcEncrypt(Ciphertext, InputString, InputStringLength, (u8 *)Key, (u8 *)Iv); u32 InputStringLengthMod16 = (InputStringLength % AES_128_BLOCK_LENGTH_BYTES); Stopif((PaddedLength < InputStringLength) || ((InputStringLengthMod16 == 0) && (PaddedLength != (InputStringLength + AES_128_BLOCK_LENGTH_BYTES))) || ((InputStringLengthMod16 != 0) && (PaddedLength <= InputStringLength)) || ((PaddedLength % AES_128_BLOCK_LENGTH_BYTES) != 0), "Invalid PaddedLength from AesCbcEncrypt in TestPaddingOracleDecrypt"); u8 Plaintext[MAX_INPUT_PADDED_SIZE]; u8 DecryptScratchBuffer[AES_128_BLOCK_LENGTH_BYTES]; u8 GuessPrevCipherBlock[AES_128_BLOCK_LENGTH_BYTES]; for (u32 PaddedBlocksIndex = 0; PaddedBlocksIndex < (PaddedLength/AES_128_BLOCK_LENGTH_BYTES); ++PaddedBlocksIndex) { u32 BlockOffsetInBytes = AES_128_BLOCK_LENGTH_BYTES*PaddedBlocksIndex; for (i32 CurrentGuessIndex = (AES_128_BLOCK_LENGTH_BYTES - 1); CurrentGuessIndex >= 0; --CurrentGuessIndex) { if (PaddedBlocksIndex == 0) { memcpy(GuessPrevCipherBlock, Iv, AES_128_BLOCK_LENGTH_BYTES); } else { memcpy(GuessPrevCipherBlock, Ciphertext + AES_128_BLOCK_LENGTH_BYTES*(PaddedBlocksIndex - 1), AES_128_BLOCK_LENGTH_BYTES); } u32 CurrentPaddingByteCount = AES_128_BLOCK_LENGTH_BYTES - CurrentGuessIndex; for (u32 GuessPaddingByteIndex = CurrentGuessIndex + 1; GuessPaddingByteIndex < AES_128_BLOCK_LENGTH_BYTES; ++GuessPaddingByteIndex) { GuessPrevCipherBlock[GuessPaddingByteIndex] ^= ((Plaintext[BlockOffsetInBytes + GuessPaddingByteIndex]) ^ CurrentPaddingByteCount); } b32 ByteGuessed = false; u32 GuessByte; for (GuessByte = 0; GuessByte <= 0xFF; ++GuessByte) { u8 CurrentPaddingByte = LowByte(AES_128_BLOCK_LENGTH_BYTES - CurrentGuessIndex); u8 CurrentXorValue = LowByte(GuessByte) ^ CurrentPaddingByte; u8 *CurrentXorByte = ((u8 *)GuessPrevCipherBlock + CurrentGuessIndex); *CurrentXorByte ^= CurrentXorValue; // NOTE(bwd): server padding check AesCbcDecrypt(DecryptScratchBuffer, Ciphertext + BlockOffsetInBytes, sizeof(DecryptScratchBuffer), (u8 *)Key, (u8 *)GuessPrevCipherBlock); *CurrentXorByte ^= CurrentXorValue; u32 StrippedStringLength; u8 *StrippedString = StripPkcs7GetStrippedLength(DecryptScratchBuffer, &StrippedStringLength, AES_128_BLOCK_LENGTH_BYTES); if (StrippedString && (StrippedStringLength == (u32)CurrentGuessIndex)) { ByteGuessed = true; Plaintext[BlockOffsetInBytes + CurrentGuessIndex] = LowByte(GuessByte); break; } } Stopif(!ByteGuessed, "No guess byte found in TestPaddingOracleDecrypt"); } Stopif(memcmp(Plaintext + BlockOffsetInBytes, InputString + BlockOffsetInBytes, AES_128_BLOCK_LENGTH_BYTES) != 0, "Block %d not decrypted correctly", PaddedBlocksIndex); } MinUnitAssert(memcmp(Plaintext, InputString, InputStringLength) == 0, "Plaintext not recovered in TestPaddingOracleDecrypt"); }
/********************* Defination of aes_test() ***************************/ int aes_test(void) { Aes enc; Aes dec; /* Defination of input string to be used AES Enryption */ const byte msg[] = { /*length must be a multiple of 128 bits £¨16 bytes£©*/ 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, }; const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb, }; byte key[] = "0123456789abcdef"; /* align Must be 128 bits */ byte iv[] = "1234567890abcdef"; /* align Must be 128 bits */ byte cipher[AES_BLOCK_SIZE * 8]; byte plain [AES_BLOCK_SIZE * 8]; AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); /* Encryption process */ AesCbcEncrypt(&enc, cipher, msg, sizeof(msg)); /* Printf cipher text */ printf("The Cipher Text is: "); for(int i=0;i<sizeof(msg);i++) { printf("-%x",cipher[i]); /* Print Cipher Text after encryption */ } printf("\r\n"); printf("\r\n"); /* Decryption process */ AesCbcDecrypt(&dec, plain, cipher, sizeof(cipher)); /* Print plain text */ printf("The Plain Text is: "); for(int i=0;i<sizeof(msg);i++) { printf("-%x",plain[i]); /* Print Plain Text after decryption */ } printf("\r\n"); printf("\r\n"); /* Compare cipher text, generated from encryption, with verify[] predefined */ if (memcmp(cipher, verify, sizeof(msg))) return -1; /* Compare plain text£¬generated from decryption, with msg[] defined */ if (memcmp(plain, msg, sizeof(msg))) return 1; return 0; }