Index: doc/cryptography.html
==================================================================
--- doc/cryptography.html
+++ doc/cryptography.html
@@ -157,13 +157,13 @@
 </dl>
 
 <dl>
     <dt><a name="-iv"><strong>-iv</strong> <em>string</em></a></dt>
     <dd>Initialization vector (IV) to use. Required for some ciphers and GMAC.
-    Other MACs use a fixed IV.
-    Cipher modes CBC, CFB, and OFB all need an IV, while ECB and CTR modes do not.
-    A new, random IV should be created for each use. Think of the IV as a nonce
+    Other MACs use a fixed IV. Cipher modes CBC, CFB, and OFB all need an IV,
+    while ECB and CTR modes do not. A new, random IV should (must for OFB) be
+    created for each use. Think of the IV as a nonce
     (number used once), it's public but random and unpredictable. See the
    <a href="#tls::cipher"><b>tls::cipher</b></a> for iv_length and when
    required (length > 0). Max is 16 bytes. If not set, it will default to \x00
    fill data.</dd>
 </dl>
@@ -171,20 +171,28 @@
 <dl>
     <dt><a name="-key"><strong>-key</strong> <em>string</em></a></dt>
     <dd>Encryption key to use for cryptography function. Can be a binary or
     text string. Longer keys provide better protection. Used by ciphers, HMAC,
     some CMAC, and some KDF implementations. If the length of the key is &lt;
-    <b>key_length</b> it will be padded. Max is 64 bytes. If &gt; key_length, it will be rejected.
+    <b>key_length</b> it will be padded. Max is 64 bytes. If &gt; key_length,
+    it will be rejected.
     See the <a href="#tls::cipher"><b>tls::cipher</b></a> for key_length.</dd>
 </dl>
 
 <dl>
     <dt><a name="-mac"><strong>-mac</strong> <em>name</em></a></dt>
     <dd>Name of Message Authentication Code (MAC) to use.
     See <a href="#tls::mac"><b>tls::macs</b></a> command for the valid values.</dd>
 </dl>
 
+<dl>
+    <dt><a name="-padding"><strong>-padding</strong> <em>boolean</em></a></dt>
+    <dd>Specifies whether to use PKCS#7 padding or not for block ciphers. If
+    true, 1 to block size number of pad bytes will be added to the output to
+    pad to the next block size. Default is true.</dd>
+</dl>
+
 <dl>
     <dt><a name="-password"><strong>-password</strong> <em>string</em></a></dt>
     <dd>Password to use for some KDF functions. If not specified, the default
     value is used. Can be a binary or text string. For KDF commands, this is
     the same as the <b>-key</b> option.</dd>
@@ -607,19 +615,26 @@
 <h3><a name="GLOSSARY">GLOSSARY</a></h3>
 
 <p>The following is a list of the terminology used in this package along with
 brief definitions. For more details, please consult with the OpenSSL documentation.</p>
 <table>
-<tr><td>AAD</td><td>Additional Authenticated Data<td></tr>
-<tr><td>AEAD</td><td>Authenticated Encryption with Associated Data<td></tr>
-<tr><td>IV</td><td>Initialization vector<td></tr>
-<tr><td>KDF</td><td>Key Derivation Function<td></tr>
-<tr><td>MAC</td><td>Message Authenticated Code<td></tr>
-<tr><td>MD</td><td>Message Digest<td></tr>
-<tr><td>SHA</td><td>Secure Hash Algorithm<td></tr>
-<tr><td>TLS</td><td>Transport Layer Security<td></tr>
-<tr><td>XOF</td><td>Extendable-Output Function (aka variable length)<td></tr>
+<tr><td>AAD</td><td>Additional Authenticated Data</td></tr>
+<tr><td>AEAD</td><td>Authenticated Encryption with Associated Data</td></tr>
+<tr><td>AES</td><td>Advanced Encryption Standard</td></tr>
+<tr><td>CBC</td><td>AES Cipher Block Chaining mode</td></tr>
+<tr><td>CFB</td><td>AES Cipher Feedback mode</td></tr>
+<tr><td>CTR</td><td>AES Counter mode</td></tr>
+<tr><td>ECB</td><td>AES Electronic Codebook mode</td></tr>
+<tr><td>IV</td><td>Initialization vector</td></tr>
+<tr><td>KDF</td><td>Key Derivation Function</td></tr>
+<tr><td>MAC</td><td>Message Authenticated Code</td></tr>
+<tr><td>MD</td><td>Message Digest</td></tr>
+<tr><td>OFB</td><td>AES Output Feedback mode</td></tr>
+<tr><td>SHA</td><td>Secure Hash Algorithm</td></tr>
+<tr><td>SSL</td><td>Secure Sockets Layer</td></tr>
+<tr><td>TLS</td><td>Transport Layer Security</td></tr>
+<tr><td>XOF</td><td>Extendable-Output Function (aka variable length)</td></tr>
 </table>
 
 <br>
 <h3><a name="EXAMPLES">EXAMPLES</a></h3>
 

Index: generic/tlsEncrypt.c
==================================================================
--- generic/tlsEncrypt.c
+++ generic/tlsEncrypt.c
@@ -134,11 +134,11 @@
  *	No result or error message
  *
  *-------------------------------------------------------------------
  */
 int EncryptInitialize(Tcl_Interp *interp, int type, EVP_CIPHER_CTX **ctx,
-	Tcl_Obj *cipherObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+	Tcl_Obj *cipherObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
     const EVP_CIPHER *cipher;
     void *keyString = NULL, *ivString = NULL;
     Tcl_Size key_len = 0, iv_len = 0;
     int res, max;
     unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
@@ -178,21 +178,38 @@
     if((*ctx = EVP_CIPHER_CTX_new()) == NULL) {
 	Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
 	return TCL_ERROR;
     }
 
-    /* Initialize the operation. Need appropriate key and iv size. */
+    /* Initialize the operation */
     if (type == TYPE_ENCRYPT) {
-	res = EVP_EncryptInit_ex(*ctx, cipher, NULL, key, iv);
+	res = EVP_EncryptInit_ex(*ctx, cipher, NULL, NULL, NULL);
     } else {
-	res = EVP_DecryptInit_ex(*ctx, cipher, NULL, key, iv);
+	res = EVP_DecryptInit_ex(*ctx, cipher, NULL, NULL, NULL);
     }
 
     if(!res) {
 	Tcl_AppendResult(interp, "Initialize failed: ", GET_ERR_REASON(), (char *) NULL);
 	return TCL_ERROR;
     }
+
+    /* Turn off PKCS#7 padding */
+    if (!padding) {
+	EVP_CIPHER_CTX_set_padding(*ctx, padding);
+    }
+
+    /* Set key and IV */
+    if (type == TYPE_ENCRYPT) {
+	res = EVP_EncryptInit_ex(*ctx, NULL, NULL, key, iv);
+    } else {
+	res = EVP_DecryptInit_ex(*ctx, NULL, NULL, key, iv);
+    }
+
+    if(!res) {
+	Tcl_AppendResult(interp, "Set key and IV failed: ", GET_ERR_REASON(), (char *) NULL);
+	return TCL_ERROR;
+    }
 
     /* Erase buffers */
     memset(key, 0, EVP_MAX_KEY_LENGTH);
     memset(iv, 0, EVP_MAX_IV_LENGTH);
     return TCL_OK;
@@ -738,11 +755,11 @@
  *	Adds transform to channel and sets result to channel id or error message.
  *
  *----------------------------------------------------------------------
  */
 static int EncryptChannelHandler(Tcl_Interp *interp, int type, const char *channel,
-	Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+	Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
     int mode; /* OR-ed combination of TCL_READABLE and TCL_WRITABLE */
     Tcl_Channel chan;
     EncryptState *statePtr;
 
     dprintf("Called");
@@ -772,11 +789,11 @@
     }
     statePtr->self = chan;
     statePtr->mode = mode;
 
     /* Initialize function */
-    if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj) != TCL_OK) {
+    if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj, padding) != TCL_OK) {
 	EncryptStateFree(statePtr);
 	return TCL_ERROR;
     }
 
     /* Stack channel */
@@ -961,12 +978,12 @@
  * Side effects:
  *	Creates command or error message
  *
  *-------------------------------------------------------------------
  */
-int EncryptCommandHandler(Tcl_Interp *interp, int type, Tcl_Obj *cmdObj,
-	Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+int EncryptCommandHandler(Tcl_Interp *interp, int type, Tcl_Obj *cmdObj, Tcl_Obj *cipherObj,
+	Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
     EncryptState *statePtr;
     char *cmdName = Tcl_GetString(cmdObj);
 
     dprintf("Called");
 
@@ -974,11 +991,11 @@
 	Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
 	return TCL_ERROR;
     }
 
     /* Initialize function */
-    if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj) != TCL_OK) {
+    if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj, padding) != TCL_OK) {
 	EncryptStateFree(statePtr);
 	return TCL_ERROR;
     }
 
     /* Create instance command */
@@ -1006,11 +1023,11 @@
  *	Sets result or error message
  *
  *-------------------------------------------------------------------
  */
 int EncryptDataHandler(Tcl_Interp *interp, int type, Tcl_Obj *dataObj, Tcl_Obj *cipherObj,
-	Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+	Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
     EVP_CIPHER_CTX *ctx = NULL;
     int out_len = 0, len = 0, res = TCL_OK;
     Tcl_Size data_len = 0;
     unsigned char *data, *out_buf;
     Tcl_Obj *resultObj;
@@ -1032,11 +1049,11 @@
 	Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
 	return TCL_ERROR;
     }
 
     /* Perform operation */
-    if (EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj) != TCL_OK ||
+    if (EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj, padding) != TCL_OK ||
 	EncryptUpdate(interp, type, ctx, out_buf, &out_len, data, data_len) != TCL_OK ||
 	EncryptFinalize(interp, type, ctx, out_buf+out_len, &len) != TCL_OK) {
 	res = TCL_ERROR;
 	goto done;
     }
@@ -1076,11 +1093,11 @@
  *	size of outFile, or an error message.
  *
  *-------------------------------------------------------------------
  */
 int EncryptFileHandler(Tcl_Interp *interp, int type, Tcl_Obj *inFileObj, Tcl_Obj *outFileObj,
-	Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+	Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
     EVP_CIPHER_CTX *ctx = NULL;
     int total = 0, res, out_len = 0, len;
     Tcl_Channel in = NULL, out = NULL;
     unsigned char in_buf[BUFFER_SIZE];
     unsigned char out_buf[BUFFER_SIZE+EVP_MAX_BLOCK_LENGTH];
@@ -1097,11 +1114,11 @@
 	Tcl_Close(interp, in);
 	return TCL_ERROR;
     }
 
     /* Initialize operation */
-    if ((res = EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj)) != TCL_OK) {
+    if ((res = EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj, padding)) != TCL_OK) {
 	goto done;
     }
 
     /* Read file data from inFile, encrypt/decrypt it, then output to outFile */
     while (!Tcl_Eof(in)) {
@@ -1161,15 +1178,15 @@
 
 /*******************************************************************/
 
 static const char *command_opts [] = {
     "-chan", "-channel", "-cipher", "-command", "-data", "-digest", "-infile", "-filename",
-    "-outfile", "-hash", "-iv", "-key", "-mac", NULL};
+    "-outfile", "-hash", "-iv", "-key", "-mac", "-padding", NULL};
 
 enum _command_opts {
     _opt_chan, _opt_channel, _opt_cipher, _opt_command, _opt_data, _opt_digest, _opt_infile,
-    _opt_filename, _opt_outfile, _opt_hash, _opt_iv, _opt_key, _opt_mac
+    _opt_filename, _opt_outfile, _opt_hash, _opt_iv, _opt_key, _opt_mac, _opt_padding
 };
 
 /*
  *-------------------------------------------------------------------
  *
@@ -1187,21 +1204,21 @@
  */
 static int EncryptMain(int type, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
     Tcl_Obj *cipherObj = NULL, *cmdObj = NULL, *dataObj = NULL, *digestObj = NULL;
     Tcl_Obj *inFileObj = NULL, *outFileObj = NULL, *keyObj = NULL, *ivObj = NULL, *macObj = NULL;
     const char *channel = NULL, *opt;
-    int res, start = 1;
+    int res, start = 1, padding = 1;
     Tcl_Size fn;
 
     dprintf("Called");
 
     /* Clear interp result */
     Tcl_ResetResult(interp);
 
     /* Validate arg count */
     if (objc < 3 || objc > 12) {
-	Tcl_WrongNumArgs(interp, 1, objv, "?-cipher? name ?-digest name? -key key ?-iv string? ?-mac name? [-channel chan | -command cmdName | -infile filename -outfile filename | ?-data? data]");
+	Tcl_WrongNumArgs(interp, 1, objv, "?-cipher? name ?-digest name? -key key ?-iv string? ?-mac name? ?-padding boolean? [-channel chan | -command cmdName | -infile filename -outfile filename | ?-data? data]");
 	return TCL_ERROR;
     }
 
     /* Special case of first arg is cipher */
     opt = Tcl_GetString(objv[start]);
@@ -1268,10 +1285,13 @@
 	    keyObj = objv[idx];
 	    break;
 	case _opt_mac:
 	    macObj = objv[idx];
 	    break;
+	case _opt_padding:
+    	    GET_OPT_BOOL(objv[idx], &padding);
+	    break;
 	}
     }
 
     /* Check for required options */
     if (cipherObj == NULL) {
@@ -1281,17 +1301,17 @@
 	return TCL_ERROR;
     }
 
     /* Perform encryption function on file, stacked channel, using instance command, or data blob */
     if (inFileObj != NULL && outFileObj != NULL) {
-	res = EncryptFileHandler(interp, type, inFileObj, outFileObj, cipherObj, digestObj, keyObj, ivObj);
+	res = EncryptFileHandler(interp, type, inFileObj, outFileObj, cipherObj, digestObj, keyObj, ivObj, padding);
     } else if (channel != NULL) {
-	res = EncryptChannelHandler(interp, type, channel, cipherObj, digestObj, keyObj, ivObj);
+	res = EncryptChannelHandler(interp, type, channel, cipherObj, digestObj, keyObj, ivObj, padding);
     } else if (cmdObj != NULL) {
-	res = EncryptCommandHandler(interp, type, cmdObj, cipherObj, digestObj, keyObj, ivObj);
+	res = EncryptCommandHandler(interp, type, cmdObj, cipherObj, digestObj, keyObj, ivObj, padding);
     } else if (dataObj != NULL) {
-	res = EncryptDataHandler(interp, type, dataObj, cipherObj, digestObj, keyObj, ivObj);
+	res = EncryptDataHandler(interp, type, dataObj, cipherObj, digestObj, keyObj, ivObj, padding);
     } else {
 	Tcl_AppendResult(interp, "No operation specified: Use -channel, -command, -data, or -infile option", (char *) NULL);
 	res = TCL_ERROR;
     }
     return res;

ADDED   tests/test_vectors/Symetric_Block/AES-128-CBC.test
Index: tests/test_vectors/Symetric_Block/AES-128-CBC.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CBC.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CBC.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CBC [expr {[lsearch -nocase [tls::ciphers] AES-128-CBC] > -1}]
+
+tcltest::test Block_AES-128-CBC-1.1 {Encrypt AES-128-CBC} \
+	-constraints AES_128_CBC \
+	-body {binary encode hex [tls::encrypt -cipher AES-128-CBC -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7
+
+tcltest::test Block_AES-128-CBC-1.2 {Decrypt AES-128-CBC} \
+	-constraints AES_128_CBC \
+	-body {binary encode hex [tls::decrypt -cipher AES-128-CBC -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-128-CFB.test
Index: tests/test_vectors/Symetric_Block/AES-128-CFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CFB [expr {[lsearch -nocase [tls::ciphers] AES-128-CFB] > -1}]
+
+tcltest::test Block_AES-128-CFB-1.1 {Encrypt AES-128-CFB} \
+	-constraints AES_128_CFB \
+	-body {binary encode hex [tls::encrypt -cipher AES-128-CFB -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6
+
+tcltest::test Block_AES-128-CFB-1.2 {Decrypt AES-128-CFB} \
+	-constraints AES_128_CFB \
+	-body {binary encode hex [tls::decrypt -cipher AES-128-CFB -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-128-CFB1.test
Index: tests/test_vectors/Symetric_Block/AES-128-CFB1.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CFB1.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CFB1.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CFB1 [expr {[lsearch -nocase [tls::ciphers] AES-128-CFB1] > -1}]
+
+tcltest::test Block_AES-128-CFB1-1.1 {Encrypt AES-128-CFB1} \
+	-constraints AES_128_CFB1 \
+	-body {binary encode hex [tls::encrypt -cipher AES-128-CFB1 -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1]]} \
+	-match exact -result 68b3
+
+tcltest::test Block_AES-128-CFB1-1.2 {Decrypt AES-128-CFB1} \
+	-constraints AES_128_CFB1 \
+	-body {binary encode hex [tls::decrypt -cipher AES-128-CFB1 -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 68b3]]} \
+	-match exact -result 6bc1
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-128-CFB8.test
Index: tests/test_vectors/Symetric_Block/AES-128-CFB8.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CFB8.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CFB8.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CFB8 [expr {[lsearch -nocase [tls::ciphers] AES-128-CFB8] > -1}]
+
+tcltest::test Block_AES-128-CFB8-1.1 {Encrypt AES-128-CFB8} \
+	-constraints AES_128_CFB8 \
+	-body {binary encode hex [tls::encrypt -cipher AES-128-CFB8 -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d]]} \
+	-match exact -result 3b79424c9c0dd436bace9e0ed4586a4f32b9
+
+tcltest::test Block_AES-128-CFB8-1.2 {Decrypt AES-128-CFB8} \
+	-constraints AES_128_CFB8 \
+	-body {binary encode hex [tls::decrypt -cipher AES-128-CFB8 -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 3b79424c9c0dd436bace9e0ed4586a4f32b9]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-128-CTR.test
Index: tests/test_vectors/Symetric_Block/AES-128-CTR.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CTR.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CTR.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CTR [expr {[lsearch -nocase [tls::ciphers] AES-128-CTR] > -1}]
+
+tcltest::test Block_AES-128-CTR-1.1 {Encrypt AES-128-CTR} \
+	-constraints AES_128_CTR \
+	-body {binary encode hex [tls::encrypt -cipher AES-128-CTR -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee
+
+tcltest::test Block_AES-128-CTR-1.2 {Decrypt AES-128-CTR} \
+	-constraints AES_128_CTR \
+	-body {binary encode hex [tls::decrypt -cipher AES-128-CTR -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+		 -data [binary decode hex 874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-128-ECB.test
Index: tests/test_vectors/Symetric_Block/AES-128-ECB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-ECB.test
@@ -0,0 +1,25 @@
+# Auto generated from "AES-128-ECB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_ECB [expr {[lsearch -nocase [tls::ciphers] AES-128-ECB] > -1}]
+
+tcltest::test Block_AES-128-ECB-1.1 {Encrypt AES-128-ECB} \
+	-constraints AES_128_ECB \
+	-body {binary encode hex [tls::encrypt -cipher AES-128-ECB -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4
+
+tcltest::test Block_AES-128-ECB-1.2 {Decrypt AES-128-ECB} \
+	-constraints AES_128_ECB \
+	-body {binary encode hex [tls::decrypt -cipher AES-128-ECB -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -data [binary decode hex 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-128-OFB.test
Index: tests/test_vectors/Symetric_Block/AES-128-OFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-OFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-OFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_OFB [expr {[lsearch -nocase [tls::ciphers] AES-128-OFB] > -1}]
+
+tcltest::test Block_AES-128-OFB-1.1 {Encrypt AES-128-OFB} \
+	-constraints AES_128_OFB \
+	-body {binary encode hex [tls::encrypt -cipher AES-128-OFB -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e
+
+tcltest::test Block_AES-128-OFB-1.2 {Decrypt AES-128-OFB} \
+	-constraints AES_128_OFB \
+	-body {binary encode hex [tls::decrypt -cipher AES-128-OFB -padding 0 \
+		 -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-192-CBC.test
Index: tests/test_vectors/Symetric_Block/AES-192-CBC.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CBC.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CBC.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CBC [expr {[lsearch -nocase [tls::ciphers] AES-192-CBC] > -1}]
+
+tcltest::test Block_AES-192-CBC-1.1 {Encrypt AES-192-CBC} \
+	-constraints AES_192_CBC \
+	-body {binary encode hex [tls::encrypt -cipher AES-192-CBC -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 4f021db243bc633d7178183a9fa071e8b4d9ada9ad7dedf4e5e738763f69145a571b242012fb7ae07fa9baac3df102e008b0e27988598881d920a9e64f5615cd
+
+tcltest::test Block_AES-192-CBC-1.2 {Decrypt AES-192-CBC} \
+	-constraints AES_192_CBC \
+	-body {binary encode hex [tls::decrypt -cipher AES-192-CBC -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 4f021db243bc633d7178183a9fa071e8b4d9ada9ad7dedf4e5e738763f69145a571b242012fb7ae07fa9baac3df102e008b0e27988598881d920a9e64f5615cd]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-192-CFB.test
Index: tests/test_vectors/Symetric_Block/AES-192-CFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CFB [expr {[lsearch -nocase [tls::ciphers] AES-192-CFB] > -1}]
+
+tcltest::test Block_AES-192-CFB-1.1 {Encrypt AES-192-CFB} \
+	-constraints AES_192_CFB \
+	-body {binary encode hex [tls::encrypt -cipher AES-192-CFB -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result cdc80d6fddf18cab34c25909c99a417467ce7f7f81173621961a2b70171d3d7a2e1e8a1dd59b88b1c8e60fed1efac4c9c05f9f9ca9834fa042ae8fba584b09ff
+
+tcltest::test Block_AES-192-CFB-1.2 {Decrypt AES-192-CFB} \
+	-constraints AES_192_CFB \
+	-body {binary encode hex [tls::decrypt -cipher AES-192-CFB -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex cdc80d6fddf18cab34c25909c99a417467ce7f7f81173621961a2b70171d3d7a2e1e8a1dd59b88b1c8e60fed1efac4c9c05f9f9ca9834fa042ae8fba584b09ff]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-192-CFB1.test
Index: tests/test_vectors/Symetric_Block/AES-192-CFB1.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CFB1.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CFB1.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CFB1 [expr {[lsearch -nocase [tls::ciphers] AES-192-CFB1] > -1}]
+
+tcltest::test Block_AES-192-CFB1-1.1 {Encrypt AES-192-CFB1} \
+	-constraints AES_192_CFB1 \
+	-body {binary encode hex [tls::encrypt -cipher AES-192-CFB1 -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1]]} \
+	-match exact -result 9359
+
+tcltest::test Block_AES-192-CFB1-1.2 {Decrypt AES-192-CFB1} \
+	-constraints AES_192_CFB1 \
+	-body {binary encode hex [tls::decrypt -cipher AES-192-CFB1 -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 9359]]} \
+	-match exact -result 6bc1
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-192-CFB8.test
Index: tests/test_vectors/Symetric_Block/AES-192-CFB8.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CFB8.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CFB8.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CFB8 [expr {[lsearch -nocase [tls::ciphers] AES-192-CFB8] > -1}]
+
+tcltest::test Block_AES-192-CFB8-1.1 {Encrypt AES-192-CFB8} \
+	-constraints AES_192_CFB8 \
+	-body {binary encode hex [tls::encrypt -cipher AES-192-CFB8 -padding 0 \
+		 -key [binary decode hex 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d]]} \
+	-match exact -result cda2521ef0a905ca44cd057cbf0d47a0678a
+
+tcltest::test Block_AES-192-CFB8-1.2 {Decrypt AES-192-CFB8} \
+	-constraints AES_192_CFB8 \
+	-body {binary encode hex [tls::decrypt -cipher AES-192-CFB8 -padding 0 \
+		 -key [binary decode hex 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex cda2521ef0a905ca44cd057cbf0d47a0678a]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-192-CTR.test
Index: tests/test_vectors/Symetric_Block/AES-192-CTR.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CTR.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CTR.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CTR [expr {[lsearch -nocase [tls::ciphers] AES-192-CTR] > -1}]
+
+tcltest::test Block_AES-192-CTR-1.1 {Encrypt AES-192-CTR} \
+	-constraints AES_192_CTR \
+	-body {binary encode hex [tls::encrypt -cipher AES-192-CTR -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 1abc932417521ca24f2b0459fe7e6e0b090339ec0aa6faefd5ccc2c6f4ce8e941e36b26bd1ebc670d1bd1d665620abf74f78a7f6d29809585a97daec58c6b050
+
+tcltest::test Block_AES-192-CTR-1.2 {Decrypt AES-192-CTR} \
+	-constraints AES_192_CTR \
+	-body {binary encode hex [tls::decrypt -cipher AES-192-CTR -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+		 -data [binary decode hex 1abc932417521ca24f2b0459fe7e6e0b090339ec0aa6faefd5ccc2c6f4ce8e941e36b26bd1ebc670d1bd1d665620abf74f78a7f6d29809585a97daec58c6b050]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-192-ECB.test
Index: tests/test_vectors/Symetric_Block/AES-192-ECB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-ECB.test
@@ -0,0 +1,25 @@
+# Auto generated from "AES-192-ECB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_ECB [expr {[lsearch -nocase [tls::ciphers] AES-192-ECB] > -1}]
+
+tcltest::test Block_AES-192-ECB-1.1 {Encrypt AES-192-ECB} \
+	-constraints AES_192_ECB \
+	-body {binary encode hex [tls::encrypt -cipher AES-192-ECB -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result bd334f1d6e45f25ff712a214571fa5cc974104846d0ad3ad7734ecb3ecee4eefef7afd2270e2e60adce0ba2face6444e9a4b41ba738d6c72fb16691603c18e0e
+
+tcltest::test Block_AES-192-ECB-1.2 {Decrypt AES-192-ECB} \
+	-constraints AES_192_ECB \
+	-body {binary encode hex [tls::decrypt -cipher AES-192-ECB -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -data [binary decode hex bd334f1d6e45f25ff712a214571fa5cc974104846d0ad3ad7734ecb3ecee4eefef7afd2270e2e60adce0ba2face6444e9a4b41ba738d6c72fb16691603c18e0e]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-192-OFB.test
Index: tests/test_vectors/Symetric_Block/AES-192-OFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-OFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-OFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_OFB [expr {[lsearch -nocase [tls::ciphers] AES-192-OFB] > -1}]
+
+tcltest::test Block_AES-192-OFB-1.1 {Encrypt AES-192-OFB} \
+	-constraints AES_192_OFB \
+	-body {binary encode hex [tls::encrypt -cipher AES-192-OFB -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a
+
+tcltest::test Block_AES-192-OFB-1.2 {Decrypt AES-192-OFB} \
+	-constraints AES_192_OFB \
+	-body {binary encode hex [tls::decrypt -cipher AES-192-OFB -padding 0 \
+		 -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-256-CBC.test
Index: tests/test_vectors/Symetric_Block/AES-256-CBC.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CBC.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CBC.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CBC [expr {[lsearch -nocase [tls::ciphers] AES-256-CBC] > -1}]
+
+tcltest::test Block_AES-256-CBC-1.1 {Encrypt AES-256-CBC} \
+	-constraints AES_256_CBC \
+	-body {binary encode hex [tls::encrypt -cipher AES-256-CBC -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result f58c4c04d6e5f1ba779eabfb5f7bfbd69cfc4e967edb808d679f777bc6702c7d39f23369a9d9bacfa530e26304231461b2eb05e2c39be9fcda6c19078c6a9d1b
+
+tcltest::test Block_AES-256-CBC-1.2 {Decrypt AES-256-CBC} \
+	-constraints AES_256_CBC \
+	-body {binary encode hex [tls::decrypt -cipher AES-256-CBC -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex f58c4c04d6e5f1ba779eabfb5f7bfbd69cfc4e967edb808d679f777bc6702c7d39f23369a9d9bacfa530e26304231461b2eb05e2c39be9fcda6c19078c6a9d1b]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-256-CFB.test
Index: tests/test_vectors/Symetric_Block/AES-256-CFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CFB [expr {[lsearch -nocase [tls::ciphers] AES-256-CFB] > -1}]
+
+tcltest::test Block_AES-256-CFB-1.1 {Encrypt AES-256-CFB} \
+	-constraints AES_256_CFB \
+	-body {binary encode hex [tls::encrypt -cipher AES-256-CFB -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result dc7e84bfda79164b7ecd8486985d386039ffed143b28b1c832113c6331e5407bdf10132415e54b92a13ed0a8267ae2f975a385741ab9cef82031623d55b1e471
+
+tcltest::test Block_AES-256-CFB-1.2 {Decrypt AES-256-CFB} \
+	-constraints AES_256_CFB \
+	-body {binary encode hex [tls::decrypt -cipher AES-256-CFB -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex dc7e84bfda79164b7ecd8486985d386039ffed143b28b1c832113c6331e5407bdf10132415e54b92a13ed0a8267ae2f975a385741ab9cef82031623d55b1e471]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-256-CFB1.test
Index: tests/test_vectors/Symetric_Block/AES-256-CFB1.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CFB1.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CFB1.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CFB1 [expr {[lsearch -nocase [tls::ciphers] AES-256-CFB1] > -1}]
+
+tcltest::test Block_AES-256-CFB1-1.1 {Encrypt AES-256-CFB1} \
+	-constraints AES_256_CFB1 \
+	-body {binary encode hex [tls::encrypt -cipher AES-256-CFB1 -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1]]} \
+	-match exact -result 9029
+
+tcltest::test Block_AES-256-CFB1-1.2 {Decrypt AES-256-CFB1} \
+	-constraints AES_256_CFB1 \
+	-body {binary encode hex [tls::decrypt -cipher AES-256-CFB1 -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 9029]]} \
+	-match exact -result 6bc1
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-256-CFB8.test
Index: tests/test_vectors/Symetric_Block/AES-256-CFB8.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CFB8.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CFB8.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CFB8 [expr {[lsearch -nocase [tls::ciphers] AES-256-CFB8] > -1}]
+
+tcltest::test Block_AES-256-CFB8-1.1 {Encrypt AES-256-CFB8} \
+	-constraints AES_256_CFB8 \
+	-body {binary encode hex [tls::encrypt -cipher AES-256-CFB8 -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d]]} \
+	-match exact -result dc1f1a8520a64db55fcc8ac554844e889700
+
+tcltest::test Block_AES-256-CFB8-1.2 {Decrypt AES-256-CFB8} \
+	-constraints AES_256_CFB8 \
+	-body {binary encode hex [tls::decrypt -cipher AES-256-CFB8 -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex dc1f1a8520a64db55fcc8ac554844e889700]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-256-CTR.test
Index: tests/test_vectors/Symetric_Block/AES-256-CTR.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CTR.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CTR.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CTR [expr {[lsearch -nocase [tls::ciphers] AES-256-CTR] > -1}]
+
+tcltest::test Block_AES-256-CTR-1.1 {Encrypt AES-256-CTR} \
+	-constraints AES_256_CTR \
+	-body {binary encode hex [tls::encrypt -cipher AES-256-CTR -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result 601ec313775789a5b7a7f504bbf3d228f443e3ca4d62b59aca84e990cacaf5c52b0930daa23de94ce87017ba2d84988ddfc9c58db67aada613c2dd08457941a6
+
+tcltest::test Block_AES-256-CTR-1.2 {Decrypt AES-256-CTR} \
+	-constraints AES_256_CTR \
+	-body {binary encode hex [tls::decrypt -cipher AES-256-CTR -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+		 -data [binary decode hex 601ec313775789a5b7a7f504bbf3d228f443e3ca4d62b59aca84e990cacaf5c52b0930daa23de94ce87017ba2d84988ddfc9c58db67aada613c2dd08457941a6]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-256-ECB.test
Index: tests/test_vectors/Symetric_Block/AES-256-ECB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-ECB.test
@@ -0,0 +1,25 @@
+# Auto generated from "AES-256-ECB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_ECB [expr {[lsearch -nocase [tls::ciphers] AES-256-ECB] > -1}]
+
+tcltest::test Block_AES-256-ECB-1.1 {Encrypt AES-256-ECB} \
+	-constraints AES_256_ECB \
+	-body {binary encode hex [tls::encrypt -cipher AES-256-ECB -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result f3eed1bdb5d2a03c064b5a7e3db181f8591ccb10d410ed26dc5ba74a31362870b6ed21b99ca6f4f9f153e7b1beafed1d23304b7a39f9f3ff067d8d8f9e24ecc7
+
+tcltest::test Block_AES-256-ECB-1.2 {Decrypt AES-256-ECB} \
+	-constraints AES_256_ECB \
+	-body {binary encode hex [tls::decrypt -cipher AES-256-ECB -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -data [binary decode hex f3eed1bdb5d2a03c064b5a7e3db181f8591ccb10d410ed26dc5ba74a31362870b6ed21b99ca6f4f9f153e7b1beafed1d23304b7a39f9f3ff067d8d8f9e24ecc7]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/AES-256-OFB.test
Index: tests/test_vectors/Symetric_Block/AES-256-OFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-OFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-OFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_OFB [expr {[lsearch -nocase [tls::ciphers] AES-256-OFB] > -1}]
+
+tcltest::test Block_AES-256-OFB-1.1 {Encrypt AES-256-OFB} \
+	-constraints AES_256_OFB \
+	-body {binary encode hex [tls::encrypt -cipher AES-256-OFB -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+	-match exact -result dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484
+
+tcltest::test Block_AES-256-OFB-1.2 {Decrypt AES-256-OFB} \
+	-constraints AES_256_OFB \
+	-body {binary encode hex [tls::decrypt -cipher AES-256-OFB -padding 0 \
+		 -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+		 -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+		 -data [binary decode hex dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484]]} \
+	-match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return

ADDED   tests/test_vectors/Symetric_Block/make_test.tcl
Index: tests/test_vectors/Symetric_Block/make_test.tcl
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/make_test.tcl
@@ -0,0 +1,158 @@
+#
+# Test Vectors
+#
+
+#
+# Create test case and output to test file
+#
+proc do_test {group cipher file_num tc params fn} {
+    array set config [list Key "" IV "" Msg "" Repeat 1 Length ""]
+    array set config $params
+
+    # Test info
+    set line [format "tcltest::test %s-%d.%d {%s %s} \\\n\t" $group $file_num $tc [string totitle $fn] $cipher]
+
+    # Test constraints
+    append line [format "-constraints %s \\\n\t" [string map [list "-" "_"] $cipher]]
+
+    # Test body
+    set cmd [format "tls::%s -cipher %s -padding 0 \\\n\t\t" $fn $cipher]
+
+    if {$fn eq "encrypt"} {
+	set list1 [list Msg Data Plaintext PLAINTEXT]
+	set list2 [list Output Ciphertext CIPHERTEXT]
+    } else {
+	set list1 [list Output Ciphertext CIPHERTEXT]
+	set list2 [list Msg Data Plaintext PLAINTEXT]
+    }
+
+    # Add test parameters
+    foreach {param names type} [list -key [list Key key KEY] s -iv [list IV iv] s -data $list1 s] {
+	foreach name $names {
+	    if {[info exists config($name)]} {
+		set data $config($name)
+		# Handle hex string
+		if {$type eq "s" && [string length $data] > 0 && [string index $data 0] ne "\""} {
+		    set data [format {[binary decode hex %s]} $data]
+		}
+		if {[string length $data] > 0} {
+		    append cmd " " $param " " $data " \\\n\t\t"
+		}
+	    }
+	}
+    }
+    append line [format {-body {binary encode hex [%s]}} [string trimright $cmd " \\\n\t"]]
+    append line " \\\n\t"
+
+    # Test cleanup
+
+    # Test result
+    set result ""
+    foreach key $list2 {
+	if {[info exists config($key)]} {
+	    set result $config($key)
+	}
+    }
+    
+    append line [format {-match exact -result %s} $result]
+
+    # Return codes
+    #append line { -returnCodes 0}
+    return $line
+}
+
+#
+# Parse test vector file and get test cases config info
+#
+proc parse {group filename file_num cipher} {
+    set tc 0
+    set params [list]
+
+    # Open input file
+    if {[catch {open $filename r} ch]} {
+	return -code error $ch
+    }
+
+    # Open output file
+    if {[catch {open [format "%s.test" [file rootname $filename]] w} out]} {
+	return -code error $ch
+    }
+
+    # Add config info
+    puts $out [format "# Auto generated from \"%s\"" [file tail $filename]]
+    puts $out [format "lappend auto_path %s" {[file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]}]
+    puts $out "package require tls"
+    puts $out "package require tcltest\n"
+    puts $out "catch {tls::provider legacy}"
+    puts $out [format "tcltest::testConstraint %s %s" [string map [list "-" "_"] $cipher] \
+	[format {[expr {[lsearch -nocase [tls::ciphers] %s] > -1}]} $cipher]]
+    puts $out ""
+
+    # Process file
+    while {![eof $ch]} {
+	gets $ch line
+	set line [string trim $line]
+	set len [string length $line]
+
+	if {[string index $line 0] in [list "#" "\["]} {
+	    # Skip comments and info lines
+	    continue
+
+	} elseif {$len == 0} {
+	    if {[llength $params] > 0} {
+		# Do test if end of params
+		puts $out [do_test $group $cipher $file_num [incr tc] $params encrypt]
+		puts $out ""
+		puts $out [do_test $group $cipher $file_num [incr tc] $params decrypt]
+		puts $out ""
+		set params [list]
+	    } else {
+		# Empty line
+	    }
+
+	} else {
+	    # Append args to params
+	    set index [string first "=" $line]
+	    if {$index > -1} {
+		set key [string trim [string range $line 0 [expr {$index - 1}]]]
+		set value [string trim [string range $line [expr {$index + 1}] end]]
+		lappend params $key $value
+	    }
+	}
+    }
+
+    # Handle last test case
+    if {[llength $params] > 0} {
+	puts $out [do_test $group $cipher $file_num [incr tc] $params]
+	puts $out ""
+    }
+    
+    # Cleanup
+    puts $out "# Cleanup\n::tcltest::cleanupTests\nreturn"
+    close $ch
+    close $out
+}
+
+#
+# Read all config files in directory
+#
+proc main {path} {
+    set file_num 0
+    set group [file rootname [file tail $path]]
+
+    foreach filename [glob -directory $path *.txt] {
+	puts [format "Processing %s" $filename]
+	set tail [file tail $filename]
+	if {[string match -nocase "Readme.txt" $tail]} {
+	    continue
+	}
+
+	set cipher [file rootname [file tail $filename]]
+	set id [format "%s_%s" $group $cipher]
+	set test_num [incr test_ids($id)]
+	parse $id $filename $test_num $cipher
+    }
+}
+
+main [pwd]
+exit