uint64_t cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials) { int i; v128_t nonce; clock_t timer; unsigned char *enc_buf; unsigned int len = octets_in_buffer; enc_buf = (unsigned char*) crypto_alloc(octets_in_buffer); if (enc_buf == NULL) return 0; /* indicate bad parameters by returning null */ /* time repeated trials */ v128_set_to_zero(&nonce); timer = clock(); for(i=0; i < num_trials; i++, nonce.v32[3] = i) { cipher_set_iv(c, &nonce); cipher_encrypt(c, enc_buf, &len); } timer = clock() - timer; crypto_free(enc_buf); if (timer == 0) { /* Too fast! */ return 0; } return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; }
void Cipher::reset() { memset(&m_ctx, 0, sizeof(m_ctx)); cipher_init_ctx(&m_ctx, m_info); if (m_iv.length()) cipher_set_iv(&m_ctx, (unsigned char *)m_iv.c_str(), m_iv.length()); }
int cipher_ctx_reset (cipher_context_t *ctx, uint8_t *iv_buf) { int retval = cipher_reset(ctx); if (0 == retval) retval = cipher_set_iv(ctx, iv_buf, ctx->cipher_info->iv_size); return 0 == retval; }
int cipher_ctx_reset (cipher_context_t *ctx, uint8_t *iv_buf) { if (!polar_ok(cipher_reset(ctx))) return 0; if (!polar_ok(cipher_set_iv(ctx, iv_buf, ctx->cipher_info->iv_size))) return 0; return 1; }
result_t Cipher::init(std::string &key, std::string &iv) { m_key = key; m_iv = iv; if (m_iv.length() && cipher_set_iv(&m_ctx, (unsigned char *)m_iv.c_str(), m_iv.length())) { m_iv.resize(0); return Runtime::setError("Invalid iv size"); } return 0; }
uint64_t cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher, unsigned octets_in_buffer, int num_trials) { int i; v128_t nonce; clock_t timer; unsigned char *enc_buf; int cipher_index = rand() % num_cipher; /* Over-alloc, for NIST CBC padding */ enc_buf = crypto_alloc(octets_in_buffer+17); if (enc_buf == NULL) return 0; /* indicate bad parameters by returning null */ memset(enc_buf, 0, octets_in_buffer); /* time repeated trials */ v128_set_to_zero(&nonce); timer = clock(); for(i=0; i < num_trials; i++, nonce.v32[3] = i) { /* length parameter to cipher_encrypt is in/out -- out is total, padded * length -- so reset it each time. */ unsigned octets_to_encrypt = octets_in_buffer; /* encrypt buffer with cipher */ cipher_set_iv(cipher_array[cipher_index], &nonce, direction_encrypt); cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt); /* choose a cipher at random from the array*/ cipher_index = (*((uint32_t *)enc_buf)) % num_cipher; } timer = clock() - timer; free(enc_buf); if (timer == 0) { /* Too fast! */ return 0; } return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; }
uint64_t cipher_array_bits_per_second (cipher_t *cipher_array[], int num_cipher, unsigned octets_in_buffer, int num_trials) { int i; v128_t nonce; clock_t timer; unsigned char *enc_buf; int cipher_index = 0; enc_buf = crypto_alloc(octets_in_buffer); if (enc_buf == NULL) { return 0; /* indicate bad parameters by returning null */ } /* time repeated trials */ v128_set_to_zero(&nonce); timer = clock(); for (i = 0; i < num_trials; i++, nonce.v32[3] = i) { /* choose a cipher at random from the array*/ cipher_index = (*((uint32_t*)enc_buf)) % num_cipher; /* encrypt buffer with cipher */ cipher_set_iv(cipher_array[cipher_index], &nonce, direction_encrypt); cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_in_buffer); } timer = clock() - timer; free(enc_buf); if (timer == 0) { /* Too fast! */ return 0; } return CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; }
void cipher_context_set_iv(cipher_ctx_t *evp, uint8_t *iv, size_t iv_len, int enc) { if (evp == NULL || iv == NULL) { LOGE("cipher_context_set_keyiv(): Cipher context or IV is null"); return; } if (enc) { rand_bytes(iv, iv_len); } #if defined(USE_CRYPTO_OPENSSL) if (!EVP_CipherInit_ex(evp, NULL, NULL, enc_key, iv, enc)) { EVP_CIPHER_CTX_cleanup(evp); FATAL("Cannot set key and IV"); } #elif defined(USE_CRYPTO_POLARSSL) if (cipher_setkey(evp, enc_key, enc_key_len * 8, enc) != 0) { cipher_free_ctx(evp); FATAL("Cannot set PolarSSL cipher key"); } #if POLARSSL_VERSION_NUMBER >= 0x01030000 if (cipher_set_iv(evp, iv, iv_len) != 0) { cipher_free_ctx(evp); FATAL("Cannot set PolarSSL cipher IV"); } if(cipher_reset(evp) != 0) { cipher_free_ctx(evp); FATAL("Cannot finalize PolarSSL cipher context"); } #else if(cipher_reset(evp, iv) != 0) { cipher_free_ctx(evp); FATAL("Cannot set PolarSSL cipher IV"); } #endif #endif #ifdef DEBUG dump("IV", iv); #endif }
/* * Packet-oriented wrapper for non-AEAD modes */ int cipher_crypt( cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) { int ret; size_t finish_olen; if( ( ret = cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) return( ret ); if( ( ret = cipher_reset( ctx ) ) != 0 ) return( ret ); if( ( ret = cipher_update( ctx, input, ilen, output, olen ) ) != 0 ) return( ret ); if( ( ret = cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 ) return( ret ); *olen += finish_olen; return( 0 ); }
void cipher_context_set_iv(cipher_ctx_t *ctx, uint8_t *iv, size_t iv_len, int enc) { const unsigned char *true_key; if (iv == NULL) { LOGE("cipher_context_set_iv(): IV is null"); return; } if (!enc) { memcpy(ctx->iv, iv, iv_len); } if (enc_method >= SALSA20) { return; } if (enc_method == RC4_MD5) { unsigned char key_iv[32]; memcpy(key_iv, enc_key, 16); memcpy(key_iv + 16, iv, 16); true_key = enc_md5(key_iv, 32, NULL); iv_len = 0; } else { true_key = enc_key; } #ifdef USE_CRYPTO_APPLECC cipher_cc_t *cc = &ctx->cc; if (cc->valid == kCCContextValid) { memcpy(cc->iv, iv, iv_len); memcpy(cc->key, true_key, enc_key_len); cc->iv_len = iv_len; cc->key_len = enc_key_len; cc->encrypt = enc ? kCCEncrypt : kCCDecrypt; if (cc->cryptor != NULL) { CCCryptorRelease(cc->cryptor); cc->cryptor = NULL; } CCCryptorStatus ret; ret = CCCryptorCreateWithMode( cc->encrypt, cc->mode, cc->cipher, cc->padding, cc->iv, cc->key, cc->key_len, NULL, 0, 0, 0, &cc->cryptor); if (ret != kCCSuccess) { if (cc->cryptor != NULL) { CCCryptorRelease(cc->cryptor); cc->cryptor = NULL; } FATAL("Cannot set CommonCrypto key and IV"); } return; } #endif cipher_evp_t *evp = &ctx->evp; if (evp == NULL) { LOGE("cipher_context_set_iv(): Cipher context is null"); return; } #if defined(USE_CRYPTO_OPENSSL) if (!EVP_CipherInit_ex(evp, NULL, NULL, true_key, iv, enc)) { EVP_CIPHER_CTX_cleanup(evp); FATAL("Cannot set key and IV"); } #elif defined(USE_CRYPTO_POLARSSL) // XXX: PolarSSL 1.3.11: cipher_free_ctx deprecated, Use cipher_free() instead. if (cipher_setkey(evp, true_key, enc_key_len * 8, enc) != 0) { cipher_free_ctx(evp); FATAL("Cannot set PolarSSL cipher key"); } #if POLARSSL_VERSION_NUMBER >= 0x01030000 if (cipher_set_iv(evp, iv, iv_len) != 0) { cipher_free_ctx(evp); FATAL("Cannot set PolarSSL cipher IV"); } if (cipher_reset(evp) != 0) { cipher_free_ctx(evp); FATAL("Cannot finalize PolarSSL cipher context"); } #else if (cipher_reset(evp, iv) != 0) { cipher_free_ctx(evp); FATAL("Cannot set PolarSSL cipher IV"); } #endif #elif defined(USE_CRYPTO_MBEDTLS) if (mbedtls_cipher_setkey(evp, true_key, enc_key_len * 8, enc) != 0) { mbedtls_cipher_free(evp); FATAL("Cannot set mbed TLS cipher key"); } if (mbedtls_cipher_set_iv(evp, iv, iv_len) != 0) { mbedtls_cipher_free(evp); FATAL("Cannot set mbed TLS cipher IV"); } if (mbedtls_cipher_reset(evp) != 0) { mbedtls_cipher_free(evp); FATAL("Cannot finalize mbed TLS cipher context"); } #endif #ifdef DEBUG dump("IV", (char *)iv, iv_len); #endif }
int main (int argc, char *argv[]) { uint8_t buffer[2532]; unsigned int buf_len = 2500; int i, j; extern cipher_type_t aes_icm; #ifdef OPENSSL extern cipher_type_t aes_gcm_128_openssl; extern cipher_type_t aes_gcm_256_openssl; #endif cipher_t *c; uint8_t key[46] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 }; v128_t nonce; int num_trials = 500; int num_fail; printf("statistical tests driver\n"); v128_set_to_zero(&nonce); for (i=0; i < 2500; i++) buffer[i] = 0; /* run tests */ printf("running stat_tests on all-null buffer, expecting failure\n"); printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); for (i=0; i < 2500; i++) buffer[i] = rand(); printf("running stat_tests on rand(), expecting success\n"); printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); printf("running stat_tests on AES-128-ICM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) buffer[i] = 0; err_check(cipher_type_alloc(&aes_icm, &c, 30, 0)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); printf("runs test (please be patient): "); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) buffer[i] = 0; nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); if (stat_test_runs(buffer)) { num_fail++; } } printf("%d failures in %d tests\n", num_fail, num_trials); printf("(nota bene: a small fraction of stat_test failures does not \n" "indicate that the random source is invalid)\n"); err_check(cipher_dealloc(c)); printf("running stat_tests on AES-256-ICM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) buffer[i] = 0; err_check(cipher_type_alloc(&aes_icm, &c, 46, 0)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); printf("runs test (please be patient): "); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) buffer[i] = 0; nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); if (stat_test_runs(buffer)) { num_fail++; } } #ifdef OPENSSL { printf("running stat_tests on AES-128-GCM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) { buffer[i] = 0; } err_check(cipher_type_alloc(&aes_gcm_128_openssl, &c, AES_128_GCM_KEYSIZE_WSALT, 8)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) { buffer[i] = 0; } nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); buf_len = 2500; if (stat_test_runs(buffer)) { num_fail++; } } printf("running stat_tests on AES-256-GCM, expecting success\n"); /* set buffer to cipher output */ for (i=0; i < 2500; i++) { buffer[i] = 0; } err_check(cipher_type_alloc(&aes_gcm_256_openssl, &c, AES_256_GCM_KEYSIZE_WSALT, 16)); err_check(cipher_init(c, key)); err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); for(j=0; j < num_trials; j++) { for (i=0; i < 2500; i++) { buffer[i] = 0; } nonce.v32[3] = i; err_check(cipher_set_iv(c, &nonce, direction_encrypt)); err_check(cipher_encrypt(c, buffer, &buf_len)); buf_len = 2500; if (stat_test_runs(buffer)) { num_fail++; } } } #endif printf("%d failures in %d tests\n", num_fail, num_trials); printf("(nota bene: a small fraction of stat_test failures does not \n" "indicate that the random source is invalid)\n"); err_check(cipher_dealloc(c)); return 0; }
err_status_t cipher_driver_test_buffering (cipher_t *c) { int i, j, num_trials = 1000; unsigned len, buflen = 1024; uint8_t buffer0[buflen], buffer1[buflen], *current, *end; uint8_t idx[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 }; err_status_t status; printf("testing output buffering for cipher %s...", c->type->description); for (i = 0; i < num_trials; i++) { /* set buffers to zero */ for (j = 0; j < buflen; j++) { buffer0[j] = buffer1[j] = 0; } /* initialize cipher */ status = cipher_set_iv(c, idx, direction_encrypt); if (status) { return status; } /* generate 'reference' value by encrypting all at once */ status = cipher_encrypt(c, buffer0, &buflen); if (status) { return status; } /* re-initialize cipher */ status = cipher_set_iv(c, idx, direction_encrypt); if (status) { return status; } /* now loop over short lengths until buffer1 is encrypted */ current = buffer1; end = buffer1 + buflen; while (current < end) { /* choose a short length */ len = rand() & 0x01f; /* make sure that len doesn't cause us to overreach the buffer */ if (current + len > end) { len = end - current; } status = cipher_encrypt(c, current, &len); if (status) { return status; } /* advance pointer into buffer1 to reflect encryption */ current += len; /* if buffer1 is all encrypted, break out of loop */ if (current == end) { break; } } /* compare buffers */ for (j = 0; j < buflen; j++) { if (buffer0[j] != buffer1[j]) { #if PRINT_DEBUG printf("test case %d failed at byte %d\n", i, j); printf("computed: %s\n", octet_string_hex_string(buffer1, buflen)); printf("expected: %s\n", octet_string_hex_string(buffer0, buflen)); #endif return err_status_algo_fail; } } } printf("passed\n"); return err_status_ok; }
err_status_t cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data) { const cipher_test_case_t *test_case = test_data; cipher_t *c; err_status_t status; uint8_t buffer[SELF_TEST_BUF_OCTETS]; uint8_t buffer2[SELF_TEST_BUF_OCTETS]; unsigned int len; int i, j, case_num = 0; debug_print(mod_cipher, "running self-test for cipher %s", ct->description); /* * check to make sure that we have at least one test case, and * return an error if we don't - we need to be paranoid here */ if (test_case == NULL) return err_status_cant_check; /* * loop over all test cases, perform known-answer tests of both the * encryption and decryption functions */ while (test_case != NULL) { /* allocate cipher */ status = cipher_type_alloc(ct, &c, test_case->key_length_octets); if (status) return status; /* * test the encrypt function */ debug_print(mod_cipher, "testing encryption", NULL); /* initialize cipher */ status = cipher_init(c, test_case->key, direction_encrypt); if (status) { cipher_dealloc(c); return status; } /* copy plaintext into test buffer */ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) { cipher_dealloc(c); return err_status_bad_param; } for (i=0; i < test_case->plaintext_length_octets; i++) buffer[i] = test_case->plaintext[i]; debug_print(mod_cipher, "plaintext: %s", octet_string_hex_string(buffer, test_case->plaintext_length_octets)); /* set the initialization vector */ status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } /* encrypt */ len = test_case->plaintext_length_octets; status = cipher_encrypt(c, buffer, &len); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "ciphertext: %s", octet_string_hex_string(buffer, test_case->ciphertext_length_octets)); /* compare the resulting ciphertext with that in the test case */ if (len != (unsigned int)test_case->ciphertext_length_octets) return err_status_algo_fail; status = err_status_ok; for (i=0; i < test_case->ciphertext_length_octets; i++) if (buffer[i] != test_case->ciphertext[i]) { status = err_status_algo_fail; debug_print(mod_cipher, "test case %d failed", case_num); debug_print(mod_cipher, "(failure at byte %d)", i); break; } if (status) { debug_print(mod_cipher, "c computed: %s", octet_string_hex_string(buffer, 2*test_case->plaintext_length_octets)); debug_print(mod_cipher, "c expected: %s", octet_string_hex_string(test_case->ciphertext, 2*test_case->plaintext_length_octets)); cipher_dealloc(c); return err_status_algo_fail; } /* * test the decrypt function */ debug_print(mod_cipher, "testing decryption", NULL); /* re-initialize cipher for decryption */ status = cipher_init(c, test_case->key, direction_decrypt); if (status) { cipher_dealloc(c); return status; } /* copy ciphertext into test buffer */ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) { cipher_dealloc(c); return err_status_bad_param; } for (i=0; i < test_case->ciphertext_length_octets; i++) buffer[i] = test_case->ciphertext[i]; debug_print(mod_cipher, "ciphertext: %s", octet_string_hex_string(buffer, test_case->plaintext_length_octets)); /* set the initialization vector */ status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } /* decrypt */ len = test_case->ciphertext_length_octets; status = cipher_decrypt(c, buffer, &len); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "plaintext: %s", octet_string_hex_string(buffer, test_case->plaintext_length_octets)); /* compare the resulting plaintext with that in the test case */ if (len != (unsigned int)test_case->plaintext_length_octets) return err_status_algo_fail; status = err_status_ok; for (i=0; i < test_case->plaintext_length_octets; i++) if (buffer[i] != test_case->plaintext[i]) { status = err_status_algo_fail; debug_print(mod_cipher, "test case %d failed", case_num); debug_print(mod_cipher, "(failure at byte %d)", i); } if (status) { debug_print(mod_cipher, "p computed: %s", octet_string_hex_string(buffer, 2*test_case->plaintext_length_octets)); debug_print(mod_cipher, "p expected: %s", octet_string_hex_string(test_case->plaintext, 2*test_case->plaintext_length_octets)); cipher_dealloc(c); return err_status_algo_fail; } /* deallocate the cipher */ status = cipher_dealloc(c); if (status) return status; /* * the cipher passed the test case, so move on to the next test * case in the list; if NULL, we'l proceed to the next test */ test_case = test_case->next_test_case; ++case_num; } /* now run some random invertibility tests */ /* allocate cipher, using paramaters from the first test case */ test_case = test_data; status = cipher_type_alloc(ct, &c, test_case->key_length_octets); if (status) return status; rand_source_init(); for (j=0; j < NUM_RAND_TESTS; j++) { unsigned length; int plaintext_len; uint8_t key[MAX_KEY_LEN]; uint8_t iv[MAX_KEY_LEN]; /* choose a length at random (leaving room for IV and padding) */ length = rand() % (SELF_TEST_BUF_OCTETS - 64); debug_print(mod_cipher, "random plaintext length %d\n", length); status = rand_source_get_octet_string(buffer, length); if (status) return status; debug_print(mod_cipher, "plaintext: %s", octet_string_hex_string(buffer, length)); /* copy plaintext into second buffer */ for (i=0; (unsigned int)i < length; i++) buffer2[i] = buffer[i]; /* choose a key at random */ if (test_case->key_length_octets > MAX_KEY_LEN) return err_status_cant_check; status = rand_source_get_octet_string(key, test_case->key_length_octets); if (status) return status; /* chose a random initialization vector */ status = rand_source_get_octet_string(iv, MAX_KEY_LEN); if (status) return status; /* initialize cipher */ status = cipher_init(c, key, direction_encrypt); if (status) { cipher_dealloc(c); return status; } /* set initialization vector */ status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } /* encrypt buffer with cipher */ plaintext_len = length; status = cipher_encrypt(c, buffer, &length); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "ciphertext: %s", octet_string_hex_string(buffer, length)); /* * re-initialize cipher for decryption, re-set the iv, then * decrypt the ciphertext */ status = cipher_init(c, key, direction_decrypt); if (status) { cipher_dealloc(c); return status; } status = cipher_set_iv(c, test_case->idx); if (status) { cipher_dealloc(c); return status; } status = cipher_decrypt(c, buffer, &length); if (status) { cipher_dealloc(c); return status; } debug_print(mod_cipher, "plaintext[2]: %s", octet_string_hex_string(buffer, length)); /* compare the resulting plaintext with the original one */ if (length != (unsigned int)plaintext_len) return err_status_algo_fail; status = err_status_ok; for (i=0; i < plaintext_len; i++) if (buffer[i] != buffer2[i]) { status = err_status_algo_fail; debug_print(mod_cipher, "random test case %d failed", case_num); debug_print(mod_cipher, "(failure at byte %d)", i); } if (status) { cipher_dealloc(c); return err_status_algo_fail; } } status = cipher_dealloc(c); if (status) return status; return err_status_ok; }