Index: doc/cryptography.html
==================================================================
--- doc/cryptography.html
+++ doc/cryptography.html
@@ -157,13 +157,13 @@
</dl>
<dl>
<dt><a name="-iv"><strong>-iv</strong> <em>string</em></a></dt>
<dd>Initialization vector (IV) to use. Required for some ciphers and GMAC.
- Other MACs use a fixed IV.
- Cipher modes CBC, CFB, and OFB all need an IV, while ECB and CTR modes do not.
- A new, random IV should be created for each use. Think of the IV as a nonce
+ Other MACs use a fixed IV. Cipher modes CBC, CFB, and OFB all need an IV,
+ while ECB and CTR modes do not. A new, random IV should (must for OFB) be
+ created for each use. Think of the IV as a nonce
(number used once), it's public but random and unpredictable. See the
<a href="#tls::cipher"><b>tls::cipher</b></a> for iv_length and when
required (length > 0). Max is 16 bytes. If not set, it will default to \x00
fill data.</dd>
</dl>
@@ -171,20 +171,28 @@
<dl>
<dt><a name="-key"><strong>-key</strong> <em>string</em></a></dt>
<dd>Encryption key to use for cryptography function. Can be a binary or
text string. Longer keys provide better protection. Used by ciphers, HMAC,
some CMAC, and some KDF implementations. If the length of the key is <
- <b>key_length</b> it will be padded. Max is 64 bytes. If > key_length, it will be rejected.
+ <b>key_length</b> it will be padded. Max is 64 bytes. If > key_length,
+ it will be rejected.
See the <a href="#tls::cipher"><b>tls::cipher</b></a> for key_length.</dd>
</dl>
<dl>
<dt><a name="-mac"><strong>-mac</strong> <em>name</em></a></dt>
<dd>Name of Message Authentication Code (MAC) to use.
See <a href="#tls::mac"><b>tls::macs</b></a> command for the valid values.</dd>
</dl>
+<dl>
+ <dt><a name="-padding"><strong>-padding</strong> <em>boolean</em></a></dt>
+ <dd>Specifies whether to use PKCS#7 padding or not for block ciphers. If
+ true, 1 to block size number of pad bytes will be added to the output to
+ pad to the next block size. Default is true.</dd>
+</dl>
+
<dl>
<dt><a name="-password"><strong>-password</strong> <em>string</em></a></dt>
<dd>Password to use for some KDF functions. If not specified, the default
value is used. Can be a binary or text string. For KDF commands, this is
the same as the <b>-key</b> option.</dd>
@@ -607,19 +615,26 @@
<h3><a name="GLOSSARY">GLOSSARY</a></h3>
<p>The following is a list of the terminology used in this package along with
brief definitions. For more details, please consult with the OpenSSL documentation.</p>
<table>
-<tr><td>AAD</td><td>Additional Authenticated Data<td></tr>
-<tr><td>AEAD</td><td>Authenticated Encryption with Associated Data<td></tr>
-<tr><td>IV</td><td>Initialization vector<td></tr>
-<tr><td>KDF</td><td>Key Derivation Function<td></tr>
-<tr><td>MAC</td><td>Message Authenticated Code<td></tr>
-<tr><td>MD</td><td>Message Digest<td></tr>
-<tr><td>SHA</td><td>Secure Hash Algorithm<td></tr>
-<tr><td>TLS</td><td>Transport Layer Security<td></tr>
-<tr><td>XOF</td><td>Extendable-Output Function (aka variable length)<td></tr>
+<tr><td>AAD</td><td>Additional Authenticated Data</td></tr>
+<tr><td>AEAD</td><td>Authenticated Encryption with Associated Data</td></tr>
+<tr><td>AES</td><td>Advanced Encryption Standard</td></tr>
+<tr><td>CBC</td><td>AES Cipher Block Chaining mode</td></tr>
+<tr><td>CFB</td><td>AES Cipher Feedback mode</td></tr>
+<tr><td>CTR</td><td>AES Counter mode</td></tr>
+<tr><td>ECB</td><td>AES Electronic Codebook mode</td></tr>
+<tr><td>IV</td><td>Initialization vector</td></tr>
+<tr><td>KDF</td><td>Key Derivation Function</td></tr>
+<tr><td>MAC</td><td>Message Authenticated Code</td></tr>
+<tr><td>MD</td><td>Message Digest</td></tr>
+<tr><td>OFB</td><td>AES Output Feedback mode</td></tr>
+<tr><td>SHA</td><td>Secure Hash Algorithm</td></tr>
+<tr><td>SSL</td><td>Secure Sockets Layer</td></tr>
+<tr><td>TLS</td><td>Transport Layer Security</td></tr>
+<tr><td>XOF</td><td>Extendable-Output Function (aka variable length)</td></tr>
</table>
<br>
<h3><a name="EXAMPLES">EXAMPLES</a></h3>
Index: generic/tlsEncrypt.c
==================================================================
--- generic/tlsEncrypt.c
+++ generic/tlsEncrypt.c
@@ -134,11 +134,11 @@
* No result or error message
*
*-------------------------------------------------------------------
*/
int EncryptInitialize(Tcl_Interp *interp, int type, EVP_CIPHER_CTX **ctx,
- Tcl_Obj *cipherObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+ Tcl_Obj *cipherObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
const EVP_CIPHER *cipher;
void *keyString = NULL, *ivString = NULL;
Tcl_Size key_len = 0, iv_len = 0;
int res, max;
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
@@ -178,21 +178,38 @@
if((*ctx = EVP_CIPHER_CTX_new()) == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
return TCL_ERROR;
}
- /* Initialize the operation. Need appropriate key and iv size. */
+ /* Initialize the operation */
if (type == TYPE_ENCRYPT) {
- res = EVP_EncryptInit_ex(*ctx, cipher, NULL, key, iv);
+ res = EVP_EncryptInit_ex(*ctx, cipher, NULL, NULL, NULL);
} else {
- res = EVP_DecryptInit_ex(*ctx, cipher, NULL, key, iv);
+ res = EVP_DecryptInit_ex(*ctx, cipher, NULL, NULL, NULL);
}
if(!res) {
Tcl_AppendResult(interp, "Initialize failed: ", GET_ERR_REASON(), (char *) NULL);
return TCL_ERROR;
}
+
+ /* Turn off PKCS#7 padding */
+ if (!padding) {
+ EVP_CIPHER_CTX_set_padding(*ctx, padding);
+ }
+
+ /* Set key and IV */
+ if (type == TYPE_ENCRYPT) {
+ res = EVP_EncryptInit_ex(*ctx, NULL, NULL, key, iv);
+ } else {
+ res = EVP_DecryptInit_ex(*ctx, NULL, NULL, key, iv);
+ }
+
+ if(!res) {
+ Tcl_AppendResult(interp, "Set key and IV failed: ", GET_ERR_REASON(), (char *) NULL);
+ return TCL_ERROR;
+ }
/* Erase buffers */
memset(key, 0, EVP_MAX_KEY_LENGTH);
memset(iv, 0, EVP_MAX_IV_LENGTH);
return TCL_OK;
@@ -738,11 +755,11 @@
* Adds transform to channel and sets result to channel id or error message.
*
*----------------------------------------------------------------------
*/
static int EncryptChannelHandler(Tcl_Interp *interp, int type, const char *channel,
- Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+ Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
int mode; /* OR-ed combination of TCL_READABLE and TCL_WRITABLE */
Tcl_Channel chan;
EncryptState *statePtr;
dprintf("Called");
@@ -772,11 +789,11 @@
}
statePtr->self = chan;
statePtr->mode = mode;
/* Initialize function */
- if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj) != TCL_OK) {
+ if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj, padding) != TCL_OK) {
EncryptStateFree(statePtr);
return TCL_ERROR;
}
/* Stack channel */
@@ -961,12 +978,12 @@
* Side effects:
* Creates command or error message
*
*-------------------------------------------------------------------
*/
-int EncryptCommandHandler(Tcl_Interp *interp, int type, Tcl_Obj *cmdObj,
- Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+int EncryptCommandHandler(Tcl_Interp *interp, int type, Tcl_Obj *cmdObj, Tcl_Obj *cipherObj,
+ Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
EncryptState *statePtr;
char *cmdName = Tcl_GetString(cmdObj);
dprintf("Called");
@@ -974,11 +991,11 @@
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
return TCL_ERROR;
}
/* Initialize function */
- if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj) != TCL_OK) {
+ if (EncryptInitialize(interp, type, &statePtr->ctx, cipherObj, keyObj, ivObj, padding) != TCL_OK) {
EncryptStateFree(statePtr);
return TCL_ERROR;
}
/* Create instance command */
@@ -1006,11 +1023,11 @@
* Sets result or error message
*
*-------------------------------------------------------------------
*/
int EncryptDataHandler(Tcl_Interp *interp, int type, Tcl_Obj *dataObj, Tcl_Obj *cipherObj,
- Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+ Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
EVP_CIPHER_CTX *ctx = NULL;
int out_len = 0, len = 0, res = TCL_OK;
Tcl_Size data_len = 0;
unsigned char *data, *out_buf;
Tcl_Obj *resultObj;
@@ -1032,11 +1049,11 @@
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
return TCL_ERROR;
}
/* Perform operation */
- if (EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj) != TCL_OK ||
+ if (EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj, padding) != TCL_OK ||
EncryptUpdate(interp, type, ctx, out_buf, &out_len, data, data_len) != TCL_OK ||
EncryptFinalize(interp, type, ctx, out_buf+out_len, &len) != TCL_OK) {
res = TCL_ERROR;
goto done;
}
@@ -1076,11 +1093,11 @@
* size of outFile, or an error message.
*
*-------------------------------------------------------------------
*/
int EncryptFileHandler(Tcl_Interp *interp, int type, Tcl_Obj *inFileObj, Tcl_Obj *outFileObj,
- Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
+ Tcl_Obj *cipherObj, Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj, int padding) {
EVP_CIPHER_CTX *ctx = NULL;
int total = 0, res, out_len = 0, len;
Tcl_Channel in = NULL, out = NULL;
unsigned char in_buf[BUFFER_SIZE];
unsigned char out_buf[BUFFER_SIZE+EVP_MAX_BLOCK_LENGTH];
@@ -1097,11 +1114,11 @@
Tcl_Close(interp, in);
return TCL_ERROR;
}
/* Initialize operation */
- if ((res = EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj)) != TCL_OK) {
+ if ((res = EncryptInitialize(interp, type, &ctx, cipherObj, keyObj, ivObj, padding)) != TCL_OK) {
goto done;
}
/* Read file data from inFile, encrypt/decrypt it, then output to outFile */
while (!Tcl_Eof(in)) {
@@ -1161,15 +1178,15 @@
/*******************************************************************/
static const char *command_opts [] = {
"-chan", "-channel", "-cipher", "-command", "-data", "-digest", "-infile", "-filename",
- "-outfile", "-hash", "-iv", "-key", "-mac", NULL};
+ "-outfile", "-hash", "-iv", "-key", "-mac", "-padding", NULL};
enum _command_opts {
_opt_chan, _opt_channel, _opt_cipher, _opt_command, _opt_data, _opt_digest, _opt_infile,
- _opt_filename, _opt_outfile, _opt_hash, _opt_iv, _opt_key, _opt_mac
+ _opt_filename, _opt_outfile, _opt_hash, _opt_iv, _opt_key, _opt_mac, _opt_padding
};
/*
*-------------------------------------------------------------------
*
@@ -1187,21 +1204,21 @@
*/
static int EncryptMain(int type, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
Tcl_Obj *cipherObj = NULL, *cmdObj = NULL, *dataObj = NULL, *digestObj = NULL;
Tcl_Obj *inFileObj = NULL, *outFileObj = NULL, *keyObj = NULL, *ivObj = NULL, *macObj = NULL;
const char *channel = NULL, *opt;
- int res, start = 1;
+ int res, start = 1, padding = 1;
Tcl_Size fn;
dprintf("Called");
/* Clear interp result */
Tcl_ResetResult(interp);
/* Validate arg count */
if (objc < 3 || objc > 12) {
- Tcl_WrongNumArgs(interp, 1, objv, "?-cipher? name ?-digest name? -key key ?-iv string? ?-mac name? [-channel chan | -command cmdName | -infile filename -outfile filename | ?-data? data]");
+ Tcl_WrongNumArgs(interp, 1, objv, "?-cipher? name ?-digest name? -key key ?-iv string? ?-mac name? ?-padding boolean? [-channel chan | -command cmdName | -infile filename -outfile filename | ?-data? data]");
return TCL_ERROR;
}
/* Special case of first arg is cipher */
opt = Tcl_GetString(objv[start]);
@@ -1268,10 +1285,13 @@
keyObj = objv[idx];
break;
case _opt_mac:
macObj = objv[idx];
break;
+ case _opt_padding:
+ GET_OPT_BOOL(objv[idx], &padding);
+ break;
}
}
/* Check for required options */
if (cipherObj == NULL) {
@@ -1281,17 +1301,17 @@
return TCL_ERROR;
}
/* Perform encryption function on file, stacked channel, using instance command, or data blob */
if (inFileObj != NULL && outFileObj != NULL) {
- res = EncryptFileHandler(interp, type, inFileObj, outFileObj, cipherObj, digestObj, keyObj, ivObj);
+ res = EncryptFileHandler(interp, type, inFileObj, outFileObj, cipherObj, digestObj, keyObj, ivObj, padding);
} else if (channel != NULL) {
- res = EncryptChannelHandler(interp, type, channel, cipherObj, digestObj, keyObj, ivObj);
+ res = EncryptChannelHandler(interp, type, channel, cipherObj, digestObj, keyObj, ivObj, padding);
} else if (cmdObj != NULL) {
- res = EncryptCommandHandler(interp, type, cmdObj, cipherObj, digestObj, keyObj, ivObj);
+ res = EncryptCommandHandler(interp, type, cmdObj, cipherObj, digestObj, keyObj, ivObj, padding);
} else if (dataObj != NULL) {
- res = EncryptDataHandler(interp, type, dataObj, cipherObj, digestObj, keyObj, ivObj);
+ res = EncryptDataHandler(interp, type, dataObj, cipherObj, digestObj, keyObj, ivObj, padding);
} else {
Tcl_AppendResult(interp, "No operation specified: Use -channel, -command, -data, or -infile option", (char *) NULL);
res = TCL_ERROR;
}
return res;
ADDED tests/test_vectors/Symetric_Block/AES-128-CBC.test
Index: tests/test_vectors/Symetric_Block/AES-128-CBC.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CBC.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CBC.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CBC [expr {[lsearch -nocase [tls::ciphers] AES-128-CBC] > -1}]
+
+tcltest::test Block_AES-128-CBC-1.1 {Encrypt AES-128-CBC} \
+ -constraints AES_128_CBC \
+ -body {binary encode hex [tls::encrypt -cipher AES-128-CBC -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7
+
+tcltest::test Block_AES-128-CBC-1.2 {Decrypt AES-128-CBC} \
+ -constraints AES_128_CBC \
+ -body {binary encode hex [tls::decrypt -cipher AES-128-CBC -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-128-CFB.test
Index: tests/test_vectors/Symetric_Block/AES-128-CFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CFB [expr {[lsearch -nocase [tls::ciphers] AES-128-CFB] > -1}]
+
+tcltest::test Block_AES-128-CFB-1.1 {Encrypt AES-128-CFB} \
+ -constraints AES_128_CFB \
+ -body {binary encode hex [tls::encrypt -cipher AES-128-CFB -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6
+
+tcltest::test Block_AES-128-CFB-1.2 {Decrypt AES-128-CFB} \
+ -constraints AES_128_CFB \
+ -body {binary encode hex [tls::decrypt -cipher AES-128-CFB -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-128-CFB1.test
Index: tests/test_vectors/Symetric_Block/AES-128-CFB1.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CFB1.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CFB1.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CFB1 [expr {[lsearch -nocase [tls::ciphers] AES-128-CFB1] > -1}]
+
+tcltest::test Block_AES-128-CFB1-1.1 {Encrypt AES-128-CFB1} \
+ -constraints AES_128_CFB1 \
+ -body {binary encode hex [tls::encrypt -cipher AES-128-CFB1 -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1]]} \
+ -match exact -result 68b3
+
+tcltest::test Block_AES-128-CFB1-1.2 {Decrypt AES-128-CFB1} \
+ -constraints AES_128_CFB1 \
+ -body {binary encode hex [tls::decrypt -cipher AES-128-CFB1 -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 68b3]]} \
+ -match exact -result 6bc1
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-128-CFB8.test
Index: tests/test_vectors/Symetric_Block/AES-128-CFB8.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CFB8.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CFB8.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CFB8 [expr {[lsearch -nocase [tls::ciphers] AES-128-CFB8] > -1}]
+
+tcltest::test Block_AES-128-CFB8-1.1 {Encrypt AES-128-CFB8} \
+ -constraints AES_128_CFB8 \
+ -body {binary encode hex [tls::encrypt -cipher AES-128-CFB8 -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d]]} \
+ -match exact -result 3b79424c9c0dd436bace9e0ed4586a4f32b9
+
+tcltest::test Block_AES-128-CFB8-1.2 {Decrypt AES-128-CFB8} \
+ -constraints AES_128_CFB8 \
+ -body {binary encode hex [tls::decrypt -cipher AES-128-CFB8 -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 3b79424c9c0dd436bace9e0ed4586a4f32b9]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-128-CTR.test
Index: tests/test_vectors/Symetric_Block/AES-128-CTR.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-CTR.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-CTR.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_CTR [expr {[lsearch -nocase [tls::ciphers] AES-128-CTR] > -1}]
+
+tcltest::test Block_AES-128-CTR-1.1 {Encrypt AES-128-CTR} \
+ -constraints AES_128_CTR \
+ -body {binary encode hex [tls::encrypt -cipher AES-128-CTR -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee
+
+tcltest::test Block_AES-128-CTR-1.2 {Decrypt AES-128-CTR} \
+ -constraints AES_128_CTR \
+ -body {binary encode hex [tls::decrypt -cipher AES-128-CTR -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+ -data [binary decode hex 874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-128-ECB.test
Index: tests/test_vectors/Symetric_Block/AES-128-ECB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-ECB.test
@@ -0,0 +1,25 @@
+# Auto generated from "AES-128-ECB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_ECB [expr {[lsearch -nocase [tls::ciphers] AES-128-ECB] > -1}]
+
+tcltest::test Block_AES-128-ECB-1.1 {Encrypt AES-128-ECB} \
+ -constraints AES_128_ECB \
+ -body {binary encode hex [tls::encrypt -cipher AES-128-ECB -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4
+
+tcltest::test Block_AES-128-ECB-1.2 {Decrypt AES-128-ECB} \
+ -constraints AES_128_ECB \
+ -body {binary encode hex [tls::decrypt -cipher AES-128-ECB -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -data [binary decode hex 3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-128-OFB.test
Index: tests/test_vectors/Symetric_Block/AES-128-OFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-128-OFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-128-OFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_128_OFB [expr {[lsearch -nocase [tls::ciphers] AES-128-OFB] > -1}]
+
+tcltest::test Block_AES-128-OFB-1.1 {Encrypt AES-128-OFB} \
+ -constraints AES_128_OFB \
+ -body {binary encode hex [tls::encrypt -cipher AES-128-OFB -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e
+
+tcltest::test Block_AES-128-OFB-1.2 {Decrypt AES-128-OFB} \
+ -constraints AES_128_OFB \
+ -body {binary encode hex [tls::decrypt -cipher AES-128-OFB -padding 0 \
+ -key [binary decode hex 2b7e151628aed2a6abf7158809cf4f3c] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-192-CBC.test
Index: tests/test_vectors/Symetric_Block/AES-192-CBC.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CBC.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CBC.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CBC [expr {[lsearch -nocase [tls::ciphers] AES-192-CBC] > -1}]
+
+tcltest::test Block_AES-192-CBC-1.1 {Encrypt AES-192-CBC} \
+ -constraints AES_192_CBC \
+ -body {binary encode hex [tls::encrypt -cipher AES-192-CBC -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 4f021db243bc633d7178183a9fa071e8b4d9ada9ad7dedf4e5e738763f69145a571b242012fb7ae07fa9baac3df102e008b0e27988598881d920a9e64f5615cd
+
+tcltest::test Block_AES-192-CBC-1.2 {Decrypt AES-192-CBC} \
+ -constraints AES_192_CBC \
+ -body {binary encode hex [tls::decrypt -cipher AES-192-CBC -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 4f021db243bc633d7178183a9fa071e8b4d9ada9ad7dedf4e5e738763f69145a571b242012fb7ae07fa9baac3df102e008b0e27988598881d920a9e64f5615cd]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-192-CFB.test
Index: tests/test_vectors/Symetric_Block/AES-192-CFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CFB [expr {[lsearch -nocase [tls::ciphers] AES-192-CFB] > -1}]
+
+tcltest::test Block_AES-192-CFB-1.1 {Encrypt AES-192-CFB} \
+ -constraints AES_192_CFB \
+ -body {binary encode hex [tls::encrypt -cipher AES-192-CFB -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result cdc80d6fddf18cab34c25909c99a417467ce7f7f81173621961a2b70171d3d7a2e1e8a1dd59b88b1c8e60fed1efac4c9c05f9f9ca9834fa042ae8fba584b09ff
+
+tcltest::test Block_AES-192-CFB-1.2 {Decrypt AES-192-CFB} \
+ -constraints AES_192_CFB \
+ -body {binary encode hex [tls::decrypt -cipher AES-192-CFB -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex cdc80d6fddf18cab34c25909c99a417467ce7f7f81173621961a2b70171d3d7a2e1e8a1dd59b88b1c8e60fed1efac4c9c05f9f9ca9834fa042ae8fba584b09ff]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-192-CFB1.test
Index: tests/test_vectors/Symetric_Block/AES-192-CFB1.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CFB1.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CFB1.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CFB1 [expr {[lsearch -nocase [tls::ciphers] AES-192-CFB1] > -1}]
+
+tcltest::test Block_AES-192-CFB1-1.1 {Encrypt AES-192-CFB1} \
+ -constraints AES_192_CFB1 \
+ -body {binary encode hex [tls::encrypt -cipher AES-192-CFB1 -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1]]} \
+ -match exact -result 9359
+
+tcltest::test Block_AES-192-CFB1-1.2 {Decrypt AES-192-CFB1} \
+ -constraints AES_192_CFB1 \
+ -body {binary encode hex [tls::decrypt -cipher AES-192-CFB1 -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 9359]]} \
+ -match exact -result 6bc1
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-192-CFB8.test
Index: tests/test_vectors/Symetric_Block/AES-192-CFB8.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CFB8.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CFB8.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CFB8 [expr {[lsearch -nocase [tls::ciphers] AES-192-CFB8] > -1}]
+
+tcltest::test Block_AES-192-CFB8-1.1 {Encrypt AES-192-CFB8} \
+ -constraints AES_192_CFB8 \
+ -body {binary encode hex [tls::encrypt -cipher AES-192-CFB8 -padding 0 \
+ -key [binary decode hex 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d]]} \
+ -match exact -result cda2521ef0a905ca44cd057cbf0d47a0678a
+
+tcltest::test Block_AES-192-CFB8-1.2 {Decrypt AES-192-CFB8} \
+ -constraints AES_192_CFB8 \
+ -body {binary encode hex [tls::decrypt -cipher AES-192-CFB8 -padding 0 \
+ -key [binary decode hex 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex cda2521ef0a905ca44cd057cbf0d47a0678a]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-192-CTR.test
Index: tests/test_vectors/Symetric_Block/AES-192-CTR.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-CTR.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-CTR.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_CTR [expr {[lsearch -nocase [tls::ciphers] AES-192-CTR] > -1}]
+
+tcltest::test Block_AES-192-CTR-1.1 {Encrypt AES-192-CTR} \
+ -constraints AES_192_CTR \
+ -body {binary encode hex [tls::encrypt -cipher AES-192-CTR -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 1abc932417521ca24f2b0459fe7e6e0b090339ec0aa6faefd5ccc2c6f4ce8e941e36b26bd1ebc670d1bd1d665620abf74f78a7f6d29809585a97daec58c6b050
+
+tcltest::test Block_AES-192-CTR-1.2 {Decrypt AES-192-CTR} \
+ -constraints AES_192_CTR \
+ -body {binary encode hex [tls::decrypt -cipher AES-192-CTR -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+ -data [binary decode hex 1abc932417521ca24f2b0459fe7e6e0b090339ec0aa6faefd5ccc2c6f4ce8e941e36b26bd1ebc670d1bd1d665620abf74f78a7f6d29809585a97daec58c6b050]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-192-ECB.test
Index: tests/test_vectors/Symetric_Block/AES-192-ECB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-ECB.test
@@ -0,0 +1,25 @@
+# Auto generated from "AES-192-ECB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_ECB [expr {[lsearch -nocase [tls::ciphers] AES-192-ECB] > -1}]
+
+tcltest::test Block_AES-192-ECB-1.1 {Encrypt AES-192-ECB} \
+ -constraints AES_192_ECB \
+ -body {binary encode hex [tls::encrypt -cipher AES-192-ECB -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result bd334f1d6e45f25ff712a214571fa5cc974104846d0ad3ad7734ecb3ecee4eefef7afd2270e2e60adce0ba2face6444e9a4b41ba738d6c72fb16691603c18e0e
+
+tcltest::test Block_AES-192-ECB-1.2 {Decrypt AES-192-ECB} \
+ -constraints AES_192_ECB \
+ -body {binary encode hex [tls::decrypt -cipher AES-192-ECB -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -data [binary decode hex bd334f1d6e45f25ff712a214571fa5cc974104846d0ad3ad7734ecb3ecee4eefef7afd2270e2e60adce0ba2face6444e9a4b41ba738d6c72fb16691603c18e0e]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-192-OFB.test
Index: tests/test_vectors/Symetric_Block/AES-192-OFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-192-OFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-192-OFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_192_OFB [expr {[lsearch -nocase [tls::ciphers] AES-192-OFB] > -1}]
+
+tcltest::test Block_AES-192-OFB-1.1 {Encrypt AES-192-OFB} \
+ -constraints AES_192_OFB \
+ -body {binary encode hex [tls::encrypt -cipher AES-192-OFB -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a
+
+tcltest::test Block_AES-192-OFB-1.2 {Decrypt AES-192-OFB} \
+ -constraints AES_192_OFB \
+ -body {binary encode hex [tls::decrypt -cipher AES-192-OFB -padding 0 \
+ -key [binary decode hex 8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-256-CBC.test
Index: tests/test_vectors/Symetric_Block/AES-256-CBC.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CBC.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CBC.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CBC [expr {[lsearch -nocase [tls::ciphers] AES-256-CBC] > -1}]
+
+tcltest::test Block_AES-256-CBC-1.1 {Encrypt AES-256-CBC} \
+ -constraints AES_256_CBC \
+ -body {binary encode hex [tls::encrypt -cipher AES-256-CBC -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result f58c4c04d6e5f1ba779eabfb5f7bfbd69cfc4e967edb808d679f777bc6702c7d39f23369a9d9bacfa530e26304231461b2eb05e2c39be9fcda6c19078c6a9d1b
+
+tcltest::test Block_AES-256-CBC-1.2 {Decrypt AES-256-CBC} \
+ -constraints AES_256_CBC \
+ -body {binary encode hex [tls::decrypt -cipher AES-256-CBC -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex f58c4c04d6e5f1ba779eabfb5f7bfbd69cfc4e967edb808d679f777bc6702c7d39f23369a9d9bacfa530e26304231461b2eb05e2c39be9fcda6c19078c6a9d1b]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-256-CFB.test
Index: tests/test_vectors/Symetric_Block/AES-256-CFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CFB [expr {[lsearch -nocase [tls::ciphers] AES-256-CFB] > -1}]
+
+tcltest::test Block_AES-256-CFB-1.1 {Encrypt AES-256-CFB} \
+ -constraints AES_256_CFB \
+ -body {binary encode hex [tls::encrypt -cipher AES-256-CFB -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result dc7e84bfda79164b7ecd8486985d386039ffed143b28b1c832113c6331e5407bdf10132415e54b92a13ed0a8267ae2f975a385741ab9cef82031623d55b1e471
+
+tcltest::test Block_AES-256-CFB-1.2 {Decrypt AES-256-CFB} \
+ -constraints AES_256_CFB \
+ -body {binary encode hex [tls::decrypt -cipher AES-256-CFB -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex dc7e84bfda79164b7ecd8486985d386039ffed143b28b1c832113c6331e5407bdf10132415e54b92a13ed0a8267ae2f975a385741ab9cef82031623d55b1e471]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-256-CFB1.test
Index: tests/test_vectors/Symetric_Block/AES-256-CFB1.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CFB1.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CFB1.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CFB1 [expr {[lsearch -nocase [tls::ciphers] AES-256-CFB1] > -1}]
+
+tcltest::test Block_AES-256-CFB1-1.1 {Encrypt AES-256-CFB1} \
+ -constraints AES_256_CFB1 \
+ -body {binary encode hex [tls::encrypt -cipher AES-256-CFB1 -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1]]} \
+ -match exact -result 9029
+
+tcltest::test Block_AES-256-CFB1-1.2 {Decrypt AES-256-CFB1} \
+ -constraints AES_256_CFB1 \
+ -body {binary encode hex [tls::decrypt -cipher AES-256-CFB1 -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 9029]]} \
+ -match exact -result 6bc1
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-256-CFB8.test
Index: tests/test_vectors/Symetric_Block/AES-256-CFB8.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CFB8.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CFB8.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CFB8 [expr {[lsearch -nocase [tls::ciphers] AES-256-CFB8] > -1}]
+
+tcltest::test Block_AES-256-CFB8-1.1 {Encrypt AES-256-CFB8} \
+ -constraints AES_256_CFB8 \
+ -body {binary encode hex [tls::encrypt -cipher AES-256-CFB8 -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d]]} \
+ -match exact -result dc1f1a8520a64db55fcc8ac554844e889700
+
+tcltest::test Block_AES-256-CFB8-1.2 {Decrypt AES-256-CFB8} \
+ -constraints AES_256_CFB8 \
+ -body {binary encode hex [tls::decrypt -cipher AES-256-CFB8 -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex dc1f1a8520a64db55fcc8ac554844e889700]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-256-CTR.test
Index: tests/test_vectors/Symetric_Block/AES-256-CTR.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-CTR.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-CTR.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_CTR [expr {[lsearch -nocase [tls::ciphers] AES-256-CTR] > -1}]
+
+tcltest::test Block_AES-256-CTR-1.1 {Encrypt AES-256-CTR} \
+ -constraints AES_256_CTR \
+ -body {binary encode hex [tls::encrypt -cipher AES-256-CTR -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result 601ec313775789a5b7a7f504bbf3d228f443e3ca4d62b59aca84e990cacaf5c52b0930daa23de94ce87017ba2d84988ddfc9c58db67aada613c2dd08457941a6
+
+tcltest::test Block_AES-256-CTR-1.2 {Decrypt AES-256-CTR} \
+ -constraints AES_256_CTR \
+ -body {binary encode hex [tls::decrypt -cipher AES-256-CTR -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff] \
+ -data [binary decode hex 601ec313775789a5b7a7f504bbf3d228f443e3ca4d62b59aca84e990cacaf5c52b0930daa23de94ce87017ba2d84988ddfc9c58db67aada613c2dd08457941a6]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-256-ECB.test
Index: tests/test_vectors/Symetric_Block/AES-256-ECB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-ECB.test
@@ -0,0 +1,25 @@
+# Auto generated from "AES-256-ECB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_ECB [expr {[lsearch -nocase [tls::ciphers] AES-256-ECB] > -1}]
+
+tcltest::test Block_AES-256-ECB-1.1 {Encrypt AES-256-ECB} \
+ -constraints AES_256_ECB \
+ -body {binary encode hex [tls::encrypt -cipher AES-256-ECB -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result f3eed1bdb5d2a03c064b5a7e3db181f8591ccb10d410ed26dc5ba74a31362870b6ed21b99ca6f4f9f153e7b1beafed1d23304b7a39f9f3ff067d8d8f9e24ecc7
+
+tcltest::test Block_AES-256-ECB-1.2 {Decrypt AES-256-ECB} \
+ -constraints AES_256_ECB \
+ -body {binary encode hex [tls::decrypt -cipher AES-256-ECB -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -data [binary decode hex f3eed1bdb5d2a03c064b5a7e3db181f8591ccb10d410ed26dc5ba74a31362870b6ed21b99ca6f4f9f153e7b1beafed1d23304b7a39f9f3ff067d8d8f9e24ecc7]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/AES-256-OFB.test
Index: tests/test_vectors/Symetric_Block/AES-256-OFB.test
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/AES-256-OFB.test
@@ -0,0 +1,27 @@
+# Auto generated from "AES-256-OFB.txt"
+lappend auto_path [file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]
+package require tls
+package require tcltest
+
+catch {tls::provider legacy}
+tcltest::testConstraint AES_256_OFB [expr {[lsearch -nocase [tls::ciphers] AES-256-OFB] > -1}]
+
+tcltest::test Block_AES-256-OFB-1.1 {Encrypt AES-256-OFB} \
+ -constraints AES_256_OFB \
+ -body {binary encode hex [tls::encrypt -cipher AES-256-OFB -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710]]} \
+ -match exact -result dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484
+
+tcltest::test Block_AES-256-OFB-1.2 {Decrypt AES-256-OFB} \
+ -constraints AES_256_OFB \
+ -body {binary encode hex [tls::decrypt -cipher AES-256-OFB -padding 0 \
+ -key [binary decode hex 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4] \
+ -iv [binary decode hex 000102030405060708090a0b0c0d0e0f] \
+ -data [binary decode hex dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484]]} \
+ -match exact -result 6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710
+
+# Cleanup
+::tcltest::cleanupTests
+return
ADDED tests/test_vectors/Symetric_Block/make_test.tcl
Index: tests/test_vectors/Symetric_Block/make_test.tcl
==================================================================
--- /dev/null
+++ tests/test_vectors/Symetric_Block/make_test.tcl
@@ -0,0 +1,158 @@
+#
+# Test Vectors
+#
+
+#
+# Create test case and output to test file
+#
+proc do_test {group cipher file_num tc params fn} {
+ array set config [list Key "" IV "" Msg "" Repeat 1 Length ""]
+ array set config $params
+
+ # Test info
+ set line [format "tcltest::test %s-%d.%d {%s %s} \\\n\t" $group $file_num $tc [string totitle $fn] $cipher]
+
+ # Test constraints
+ append line [format "-constraints %s \\\n\t" [string map [list "-" "_"] $cipher]]
+
+ # Test body
+ set cmd [format "tls::%s -cipher %s -padding 0 \\\n\t\t" $fn $cipher]
+
+ if {$fn eq "encrypt"} {
+ set list1 [list Msg Data Plaintext PLAINTEXT]
+ set list2 [list Output Ciphertext CIPHERTEXT]
+ } else {
+ set list1 [list Output Ciphertext CIPHERTEXT]
+ set list2 [list Msg Data Plaintext PLAINTEXT]
+ }
+
+ # Add test parameters
+ foreach {param names type} [list -key [list Key key KEY] s -iv [list IV iv] s -data $list1 s] {
+ foreach name $names {
+ if {[info exists config($name)]} {
+ set data $config($name)
+ # Handle hex string
+ if {$type eq "s" && [string length $data] > 0 && [string index $data 0] ne "\""} {
+ set data [format {[binary decode hex %s]} $data]
+ }
+ if {[string length $data] > 0} {
+ append cmd " " $param " " $data " \\\n\t\t"
+ }
+ }
+ }
+ }
+ append line [format {-body {binary encode hex [%s]}} [string trimright $cmd " \\\n\t"]]
+ append line " \\\n\t"
+
+ # Test cleanup
+
+ # Test result
+ set result ""
+ foreach key $list2 {
+ if {[info exists config($key)]} {
+ set result $config($key)
+ }
+ }
+
+ append line [format {-match exact -result %s} $result]
+
+ # Return codes
+ #append line { -returnCodes 0}
+ return $line
+}
+
+#
+# Parse test vector file and get test cases config info
+#
+proc parse {group filename file_num cipher} {
+ set tc 0
+ set params [list]
+
+ # Open input file
+ if {[catch {open $filename r} ch]} {
+ return -code error $ch
+ }
+
+ # Open output file
+ if {[catch {open [format "%s.test" [file rootname $filename]] w} out]} {
+ return -code error $ch
+ }
+
+ # Add config info
+ puts $out [format "# Auto generated from \"%s\"" [file tail $filename]]
+ puts $out [format "lappend auto_path %s" {[file dirname [file dirname [file dirname [file dirname [file join [pwd] [info script]]]]]]}]
+ puts $out "package require tls"
+ puts $out "package require tcltest\n"
+ puts $out "catch {tls::provider legacy}"
+ puts $out [format "tcltest::testConstraint %s %s" [string map [list "-" "_"] $cipher] \
+ [format {[expr {[lsearch -nocase [tls::ciphers] %s] > -1}]} $cipher]]
+ puts $out ""
+
+ # Process file
+ while {![eof $ch]} {
+ gets $ch line
+ set line [string trim $line]
+ set len [string length $line]
+
+ if {[string index $line 0] in [list "#" "\["]} {
+ # Skip comments and info lines
+ continue
+
+ } elseif {$len == 0} {
+ if {[llength $params] > 0} {
+ # Do test if end of params
+ puts $out [do_test $group $cipher $file_num [incr tc] $params encrypt]
+ puts $out ""
+ puts $out [do_test $group $cipher $file_num [incr tc] $params decrypt]
+ puts $out ""
+ set params [list]
+ } else {
+ # Empty line
+ }
+
+ } else {
+ # Append args to params
+ set index [string first "=" $line]
+ if {$index > -1} {
+ set key [string trim [string range $line 0 [expr {$index - 1}]]]
+ set value [string trim [string range $line [expr {$index + 1}] end]]
+ lappend params $key $value
+ }
+ }
+ }
+
+ # Handle last test case
+ if {[llength $params] > 0} {
+ puts $out [do_test $group $cipher $file_num [incr tc] $params]
+ puts $out ""
+ }
+
+ # Cleanup
+ puts $out "# Cleanup\n::tcltest::cleanupTests\nreturn"
+ close $ch
+ close $out
+}
+
+#
+# Read all config files in directory
+#
+proc main {path} {
+ set file_num 0
+ set group [file rootname [file tail $path]]
+
+ foreach filename [glob -directory $path *.txt] {
+ puts [format "Processing %s" $filename]
+ set tail [file tail $filename]
+ if {[string match -nocase "Readme.txt" $tail]} {
+ continue
+ }
+
+ set cipher [file rootname [file tail $filename]]
+ set id [format "%s_%s" $group $cipher]
+ set test_num [incr test_ids($id)]
+ parse $id $filename $test_num $cipher
+ }
+}
+
+main [pwd]
+exit