mirror of
https://github.com/openssl/openssl.git
synced 2024-12-21 06:09:35 +08:00
33219939c7
A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS AAD data as the MAC key. CVE-2022-1434 Fixes #18112 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org>
127 lines
15 KiB
Plaintext
127 lines
15 KiB
Plaintext
Title = AES-128-CBC-HMAC-SHA1 test vectors
|
|
|
|
Cipher = AES-128-CBC-HMAC-SHA1
|
|
Key = feffe9928665731c6d6a8f9467308308
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010050
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
|
|
Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be147d3f2b4f8d4d1e35487059ddc688544a04dbacd1405a7b3871c3a2ab7c71c663d
|
|
NextIV = 4dbacd1405a7b3871c3a2ab7c71c663d
|
|
|
|
Cipher = AES-128-CBC-HMAC-SHA1
|
|
Key = feffe9928665731c6d6a8f9467308308
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010100
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
|
|
Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1474bcdf0b104a89ca6d419254e8f602334158d188f748c5cf4b7473c7475b4cf6c099ac13859eb2c154cd9e82e18fa12ca302ce04e466ff983cde5e06235ec89ff3bd1ac175379dee12297331e242d4272d1f177a9430e4f440bedf011552ad8a9b056c21399116a0a588f4ee1f9ed6276c413062aa140f338546f6c095de3d0b76d4711d30e3938d2d55e6e15f8d2ad6cc451f6f0f7378591d1003e664d9a2eb424039091eb69a1430de10dacd919a054214f355d9e3c25e5fc77be1a10bdbf936a8396e50f3584396d2651e8080247ac
|
|
NextIV = 6a8396e50f3584396d2651e8080247ac
|
|
|
|
Cipher = AES-128-CBC-HMAC-SHA1
|
|
Key = feffe9928665731c6d6a8f9467308308
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 000102030405060708090a0b0c0d0e0f
|
|
TLSAAD = 90a1b2c3e4f50617280302010a
|
|
TLSVersion = 0x0302
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
|
|
Ciphertext = b83b533708bf535d0aa6e52980d53b78c3fbd8571251316bd3f79d6f08ffd302a264a758bcb00d1ee17b879a4db9ba04893e639a12df518fe1e6cad76fd368fc915e8d6c440a9b19d6296fa209152eab87943a51c2d3b3ce10df2731a0d0979c69795325841bfc1d1e0ae3f2eb736d35fa349a86bc14edfd82e3c2911440b1e9f8ebfc586cf1bfc9102b8964d1a3cc96b7845f087773e0792eae277cb4a779270a02568461e96c84aba8d836dc576ac06bc5a33f9b5d9b4df9abdd038b08a3c2ec09a36b6ea56a85fb40def07cacd154380517f479bb1c3fda3579fd30d8f64ab585edc9127b79c815c69c1fc4707a8d48bf8a1a4ed190596d9991692eb1b2e00d438c309fc883a89c71b10658b29c7bf23292fbd3f1c4e655b9dd81cf58d5ee
|
|
NextIV = f23292fbd3f1c4e655b9dd81cf58d5ee
|
|
|
|
Title = AES-256-CBC-HMAC-SHA1 test vectors
|
|
|
|
Cipher = AES-256-CBC-HMAC-SHA1
|
|
Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010050
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
|
|
Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a127c4b68b8b6f66251e17b22362aeb2b8f10d5fa36b8728c1ba5cf83b80a42ec
|
|
NextIV = 8f10d5fa36b8728c1ba5cf83b80a42ec
|
|
|
|
Cipher = AES-256-CBC-HMAC-SHA1
|
|
Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010100
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
|
|
Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4ddcc015035678b9bc16bd2ac368e2aa93c192991cf31f8d41ff6e9dbcb2617958a
|
|
NextIV = 192991cf31f8d41ff6e9dbcb2617958a
|
|
|
|
Cipher = AES-256-CBC-HMAC-SHA1
|
|
Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803020100
|
|
TLSVersion = 0x0302
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
|
|
Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4ddefa990f60fa2643df18624c374ab1123c6eb20cfb4fd466af6dc8b7158bfbffa
|
|
NextIV = c6eb20cfb4fd466af6dc8b7158bfbffa
|
|
Title = AES-128-CBC-HMAC-SHA256 test vectors
|
|
|
|
Cipher = AES-128-CBC-HMAC-SHA256
|
|
Key = feffe9928665731c6d6a8f9467308308
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010050
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
|
|
Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1475fa532f91d366b01aab2cd80bcdb36c3b9221886fb45c6b4a5d10c5f85b9ccabc8a394b1a360e99e37602fea04bef8a7
|
|
NextIV = c8a394b1a360e99e37602fea04bef8a7
|
|
|
|
Cipher = AES-128-CBC-HMAC-SHA256
|
|
Key = feffe9928665731c6d6a8f9467308308
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010100
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
|
|
Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1474bcdf0b104a89ca6d419254e8f602334158d188f748c5cf4b7473c7475b4cf6c099ac13859eb2c154cd9e82e18fa12ca302ce04e466ff983cde5e06235ec89ff3bd1ac175379dee12297331e242d4272d1f177a9430e4f440bedf011552ad8a9b056c21399116a0a588f4ee1f9ed6276c413062aa140f338546f6c095de3d0b76d4711d30e3938d2d55e6e15f8d2ad6cc451f6f0f7378591d1003e664d9a2eb424039091eb69a1430de10dacd919a0543c1aad8f7044cce703801c6f5a0e05e59b19527484eb48c80fac1ebdf242e0ad0a5d8c46731f434ff05d289367b03294
|
|
NextIV = 0a5d8c46731f434ff05d289367b03294
|
|
|
|
Cipher = AES-128-CBC-HMAC-SHA256
|
|
Key = feffe9928665731c6d6a8f9467308308
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803020100
|
|
TLSVersion = 0x0302
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
|
|
Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1474bcdf0b104a89ca6d419254e8f602334158d188f748c5cf4b7473c7475b4cf6c099ac13859eb2c154cd9e82e18fa12ca302ce04e466ff983cde5e06235ec89ff3bd1ac175379dee12297331e242d4272d1f177a9430e4f440bedf011552ad8a9b056c21399116a0a588f4ee1f9ed6276c413062aa140f338546f6c095de3d0b76d4711d30e3938d2d55e6e15f8d2ad6cc451f6f0f7378591d1003e664d9a2eb424039091eb69a1430de10dacd919a054c64e1c36b6c8a44e6464f6ee1eb074b04f5e0ddc25a4233734a46aa23fbbc282b3be457445a9f860b9a81ec1e183bf9d
|
|
NextIV = b3be457445a9f860b9a81ec1e183bf9d
|
|
|
|
Title = AES-256-CBC-HMAC-SHA256 test vectors
|
|
|
|
Cipher = AES-256-CBC-HMAC-SHA256
|
|
Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010050
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
|
|
Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1ab3870c36b5d6df802b6d1c233493b7ed073099db882aeba1f0e89c5b99760569e5e6a5da9de89a419611fbdf0fe66c73
|
|
NextIV = e5e6a5da9de89a419611fbdf0fe66c73
|
|
|
|
Cipher = AES-256-CBC-HMAC-SHA256
|
|
Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803010100
|
|
TLSVersion = 0x0301
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
|
|
Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4ddce4fd18473b999ffa2a8ad5e5856d2969d4f21fa16899b7af7d449a202651df30f56fd035ef961d046cd211ecf78e873
|
|
NextIV = 0f56fd035ef961d046cd211ecf78e873
|
|
|
|
Cipher = AES-256-CBC-HMAC-SHA256
|
|
Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
|
|
MACKey = cafebabefacedbaddecaf88801020304
|
|
IV = 101112131415161718191a1b1c1d1e1f
|
|
TLSAAD = 90a1b2c3e4f506172803020100
|
|
TLSVersion = 0x0302
|
|
Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
|
|
Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4dd251087e4c03d2e28c85a9b4a835ef166b48e5b7690f332a1d8db7bd9380221891f31ee82f4b8dd9ebf540cab583a0f33
|
|
NextIV = 1f31ee82f4b8dd9ebf540cab583a0f33
|