Fix GRND_NONBLOCK flag when calling getrandom.

I screwed up in 56b6c714c9 and got the direction of this condition
backwards. This doesn't cause a security problem because:
  a) wait_for_entropy will ensure that the pool is initialised.
  b) if GRNG_NONBLOCK is set when not expected, any EAGAIN will
     cause an abort anyway.

However, when coupled with opportunistic entropy collection on platforms
with RDRAND, this could cause an unexpected blocking getrandom call.

This this change, `strace -e getrandom bssl rand 1` shows two getrandom
calls with GRNG_NONBLOCK set, as expected. (The first being the probe to
check whether the kernel supports getrandom, and the second being the
opportunistic entropy gathering to augment RDRAND.)

Bug: chromium:1016811
Change-Id: I98ed1cef90df510f24cf2df1fba9b886fcbf3355
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/38204
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
(cherry picked from commit f3bd757ee5)
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/38504

.gitignore

@@ -1,12 +1,15 @@
 build/
+build32/
+build64/
 ssl/test/runner/runner
+*.pyc
 *.swp
 *.swo
 doc/*.html
 doc/doc.css
 
 util/bot/android_ndk
-util/bot/android_tools
+util/bot/android_sdk/public
 util/bot/cmake-linux64
 util/bot/cmake-linux64.tar.gz
 util/bot/cmake-mac
@@ -17,12 +20,13 @@ util/bot/golang
 util/bot/gyp
 util/bot/libcxx
 util/bot/libcxxabi
-util/bot/libFuzzer
 util/bot/llvm-build
 util/bot/nasm-win32.exe
 util/bot/perl-win32
 util/bot/perl-win32.zip
 util/bot/sde-linux64
 util/bot/sde-linux64.tar.bz2
+util/bot/sde-win32
+util/bot/sde-win32.tar.bz2
 util/bot/win_toolchain.json
 util/bot/yasm-win32.exe

API-CONVENTIONS.md

@@ -98,7 +98,10 @@ objects. `bssl::UniquePtr<T>`, like other types, is forward-declared in
 `openssl/base.h`. Code that needs access to the free functions, such as code
 which destroys a `bssl::UniquePtr`, must include the corresponding module's
 header. (This matches `std::unique_ptr`'s relationship with forward
-declarations.)
+declarations.) Note, despite the name, `bssl::UniquePtr` is also used with
+reference-counted types. It owns a single reference to the object. To take an
+additional reference, use the `bssl::UpRef` function, which will return a
+separate `bssl::UniquePtr`.
 
 
 ### Stack-allocated types
@@ -175,6 +178,67 @@ These are usually for low-level cryptographic operations. These types may be
 used freely without special cleanup conventions.
 
 
+### Ownership and lifetime
+
+When working with allocated objects, it is important to think about *ownership*
+of each object, or what code is responsible for releasing it. This matches the
+corresponding notion in higher-level languages like C++ and Rust.
+
+Ownership applies to both uniquely-owned types and reference-counted types. For
+the latter, ownership means the code is responsible for releasing one
+reference. Note a *reference* in BoringSSL refers to an increment (and eventual
+decrement) of an object's reference count, not `T&` in C++. Thus, to "take a
+reference" means to increment the reference count and take ownership of
+decrementing it.
+
+As BoringSSL's APIs are primarily in C, ownership and lifetime obligations are
+not rigorously annotated in the type signatures or checked at compile-time.
+Instead, they are described in
+[API documentation](https://commondatastorage.googleapis.com/chromium-boringssl-docs/headers.html).
+This section describes some conventions.
+
+Unless otherwise documented, functions do not take ownership of pointer
+arguments. The pointer typically must remain valid for the duration of the
+function call. The function may internally copy information from the argument or
+take a reference, but the caller is free to release its copy or reference at any
+point after the call completes.
+
+A function may instead be documented to *take* or *transfer* ownership of a
+pointer. The caller must own the object before the function call and, after
+transfer, no longer owns it. As a corollary, the caller may no longer reference
+the object without a separate guarantee on the lifetime. The function may even
+release the object before returning. Callers that wish to independently retain a
+transfered object must therefore take a reference or make a copy before
+transferring. Callers should also take note of whether the function is
+documented to transfer pointers unconditionally or only on success. Unlike C++
+and Rust, functions in BoringSSL typically only transfer on success.
+
+Likewise, output pointers may be owning or non-owning. Unless otherwise
+documented, functions output non-owning pointers. The caller is not responsible
+for releasing the output pointer, but it must not use the pointer beyond its
+lifetime. The pointer may be released when the parent object is released or even
+sooner on state change in the parent object.
+
+If documented to output a *newly-allocated* object or a *reference* or *copy* of
+one, the caller is responsible for releasing the object when it is done.
+
+By convention, functions named `get0` return non-owning pointers. Functions
+named `new` or `get1` return owning pointers. Functions named `set0` take
+ownership of arguments. Functions named `set1` do not. They typically take a
+reference or make a copy internally. These names originally referred to the
+effect on a reference count, but the convention applies equally to
+non-reference-counted types.
+
+API documentation may also describe more complex obligations. For instance, an
+object may borrow a pointer for longer than the duration of a single function
+call, in which case the caller must ensure the lifetime extends accordingly.
+
+Memory errors are one of the most common and dangerous bugs in C and C++, so
+callers are encouraged to make use of tools such as
+[AddressSanitizer](https://clang.llvm.org/docs/AddressSanitizer.html) and
+higher-level languages.
+
+
 ## Thread safety
 
 BoringSSL is internally aware of the platform threading library and calls into

BUILDING.md

@@ -2,9 +2,17 @@
 
 ## Build Prerequisites
 
-  * [CMake](https://cmake.org/download/) 2.8.11 or later is required.
+The standalone CMake build is primarily intended for developers. If embedding
+BoringSSL into another project with a pre-existing build system, see
+[INCORPORATING.md](/INCORPORATING.md).
 
-  * Perl 5.6.1 or later is required. On Windows,
+Unless otherwise noted, build tools must at most five years old, matching
+[Abseil guidelines](https://abseil.io/about/compatibility). If in doubt, use the
+most recent stable version of each tool.
+
+  * [CMake](https://cmake.org/download/) 3.0 or later is required.
+
+  * A recent version of Perl is required. On Windows,
     [Active State Perl](http://www.activestate.com/activeperl/) has been
     reported to work, as has MSYS Perl.
     [Strawberry Perl](http://strawberryperl.com/) also works but it adds GCC
@@ -13,27 +21,27 @@
     If Perl is not found by CMake, it may be configured explicitly by setting
     `PERL_EXECUTABLE`.
 
-  * On Windows you currently must use [Ninja](https://ninja-build.org/)
-    to build; on other platforms, it is not required, but recommended, because
-    it makes builds faster.
+  * Building with [Ninja](https://ninja-build.org/) instead of Make is
+    recommended, because it makes builds faster. On Windows, CMake's Visual
+    Studio generator may also work, but it not tested regularly and requires
+    recent versions of CMake for assembly support.
 
-  * If you need to build Ninja from source, then a recent version of
-    [Python](https://www.python.org/downloads/) is required (Python 2.7.5 works).
-
-  * On Windows only, [Yasm](http://yasm.tortall.net/) is required. If not found
+  * On Windows only, [NASM](https://www.nasm.us/) is required. If not found
     by CMake, it may be configured explicitly by setting
     `CMAKE_ASM_NASM_COMPILER`.
 
-  * A C compiler is required. On Windows, MSVC 14 (Visual Studio 2015) or later
-    with Platform SDK 8.1 or later are supported. Recent versions of GCC (4.8+)
-    and Clang should work on non-Windows platforms, and maybe on Windows too.
-    To build the tests, you also need a C++ compiler with C++11 support.
+  * C and C++ compilers with C++11 support are required. On Windows, MSVC 14
+    (Visual Studio 2015) or later with Platform SDK 8.1 or later are supported.
+    Recent versions of GCC (4.8+) and Clang should work on non-Windows
+    platforms, and maybe on Windows too.
 
-  * [Go](https://golang.org/dl/) is required. If not found by CMake, the go
-    executable may be configured explicitly by setting `GO_EXECUTABLE`.
+  * The most recent stable version of [Go](https://golang.org/dl/) is required.
+    Note Go is exempt from the five year support window. If not found by CMake,
+    the go executable may be configured explicitly by setting `GO_EXECUTABLE`.
 
-  * To build the x86 and x86\_64 assembly, your assembler must support AVX2
-    instructions and MOVBE. If using GNU binutils, you must have 2.22 or later
+  * On x86_64 Linux, the tests have an optional
+    [libunwind](https://www.nongnu.org/libunwind/) dependency to test the
+    assembly more thoroughly.
 
 ## Building
 
@@ -95,12 +103,23 @@ Once you've run that, Ninja should produce Android-compatible binaries.  You
 can replace `armeabi-v7a` in the above with `arm64-v8a` and use API level 21 or
 higher to build aarch64 binaries.
 
-For older NDK versions, BoringSSL ships a third-party CMake toolchain file. Use
-`../third_party/android-cmake/android.toolchain.cmake` for
-`CMAKE_TOOLCHAIN_FILE` instead.
-
 For other options, see the documentation in the toolchain file.
 
+To debug the resulting binaries on an Android device with `gdb`, run the
+commands below. Replace `ARCH` with the architecture of the target device, e.g.
+`arm` or `arm64`.
+
+    adb push ${ANDROID_NDK}/prebuilt/android-ARCH/gdbserver/gdbserver \
+        /data/local/tmp
+    adb forward tcp:5039 tcp:5039
+    adb shell /data/local/tmp/gdbserver :5039 /path/on/device/to/binary
+
+Then run the following in a separate shell. Replace `HOST` with the OS and
+architecture of the host machine, e.g. `linux-x86_64`.
+
+    ${ANDROID_NDK}/prebuilt/HOST/bin/gdb
+    target remote :5039  # in gdb
+
 ### Building for iOS
 
 To build for iOS, pass `-DCMAKE_OSX_SYSROOT=iphoneos` and
@@ -110,6 +129,32 @@ architecture, matching values used in the `-arch` flag in Apple's toolchain.
 Passing multiple architectures for a multiple-architecture build is not
 supported.
 
+### Building with Prefixed Symbols
+
+BoringSSL's build system has experimental support for adding a custom prefix to
+all symbols. This can be useful when linking multiple versions of BoringSSL in
+the same project to avoid symbol conflicts.
+
+In order to build with prefixed symbols, the `BORINGSSL_PREFIX` CMake variable
+should specify the prefix to add to all symbols, and the
+`BORINGSSL_PREFIX_SYMBOLS` CMake variable should specify the path to a file
+which contains a list of symbols which should be prefixed (one per line;
+comments are supported with `#`). In other words, `cmake ..
+-DBORINGSSL_PREFIX=MY_CUSTOM_PREFIX
+-DBORINGSSL_PREFIX_SYMBOLS=/path/to/symbols.txt` will configure the build to add
+the prefix `MY_CUSTOM_PREFIX` to all of the symbols listed in
+`/path/to/symbols.txt`.
+
+It is currently the caller's responsibility to create and maintain the list of
+symbols to be prefixed. Alternatively, `util/read_symbols.go` reads the list of
+exported symbols from a `.a` file, and can be used in a build script to generate
+the symbol list on the fly (by building without prefixing, using
+`read_symbols.go` to construct a symbol list, and then building again with
+prefixing).
+
+This mechanism is under development and may change over time. Please contact the
+BoringSSL maintainers if making use of it.
+
 ## Known Limitations on Windows
 
   * Versions of CMake since 3.0.2 have a bug in its Ninja generator that causes

CMakeLists.txt

@@ -1,10 +1,4 @@
-cmake_minimum_required(VERSION 2.8.11)
-
-# Report AppleClang separately from Clang. Their version numbers are different.
-# https://cmake.org/cmake/help/v3.0/policy/CMP0025.html
-if(POLICY CMP0025)
-  cmake_policy(SET CMP0025 NEW)
-endif()
+cmake_minimum_required(VERSION 3.0)
 
 # Defer enabling C and CXX languages.
 project(BoringSSL NONE)
@@ -20,6 +14,11 @@ include(sources.cmake)
 enable_language(C)
 enable_language(CXX)
 
+# This is a dummy target which all other targets depend on (manually - see other
+# CMakeLists.txt files). This gives us a hook to add any targets which need to
+# run before all other targets.
+add_custom_target(global_target)
+
 if(ANDROID)
   # Android-NDK CMake files reconfigure the path and so Go and Perl won't be
   # found. However, ninja will still find them in $PATH if we just name them.
@@ -34,6 +33,20 @@ else()
   find_program(GO_EXECUTABLE go)
 endif()
 
+if(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND NOT CMAKE_CROSSCOMPILING)
+  find_package(PkgConfig QUIET)
+  if (PkgConfig_FOUND)
+    pkg_check_modules(LIBUNWIND libunwind-generic)
+    if(LIBUNWIND_FOUND)
+      add_definitions(-DBORINGSSL_HAVE_LIBUNWIND)
+    else()
+      message("libunwind not found. Disabling unwind tests.")
+    endif()
+  else()
+    message("pkgconfig not found. Disabling unwind tests.")
+  endif()
+endif()
+
 if(NOT GO_EXECUTABLE)
   message(FATAL_ERROR "Could not find Go")
 endif()
@@ -41,18 +54,70 @@ endif()
 if(USE_CUSTOM_LIBCXX)
   set(BORINGSSL_ALLOW_CXX_RUNTIME 1)
 endif()
+
 if(BORINGSSL_ALLOW_CXX_RUNTIME)
   add_definitions(-DBORINGSSL_ALLOW_CXX_RUNTIME)
 endif()
 
+string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE_LOWER)
+if(NOT FIPS)
+  if(CMAKE_BUILD_TYPE_LOWER STREQUAL "relwithassert" OR
+     NOT CMAKE_BUILD_TYPE_LOWER MATCHES "rel")
+    add_definitions(-DBORINGSSL_DISPATCH_TEST)
+    # CMake automatically connects include_directories to the NASM
+    # command-line, but not add_definitions.
+    set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_DISPATCH_TEST")
+  endif()
+endif()
+
+# Add a RelWithAsserts build configuration. It is the same as Release, except it
+# does not define NDEBUG, so asserts run.
+foreach(VAR CMAKE_C_FLAGS CMAKE_CXX_FLAGS CMAKE_ASM_FLAGS)
+  string(REGEX REPLACE "(^| )[/-]DNDEBUG( |$)" " " "${VAR}_RELWITHASSERTS"
+         "${${VAR}_RELEASE}")
+endforeach()
+
+if(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS)
+  add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX})
+  # CMake automatically connects include_directories to the NASM command-line,
+  # but not add_definitions.
+  set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}")
+
+  # Use "symbol_prefix_include" to store generated header files
+  include_directories(${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include)
+  add_custom_command(
+    OUTPUT symbol_prefix_include/boringssl_prefix_symbols.h
+           symbol_prefix_include/boringssl_prefix_symbols_asm.h
+           symbol_prefix_include/boringssl_prefix_symbols_nasm.inc
+    COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include
+    COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/util/make_prefix_headers.go -out ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include ${BORINGSSL_PREFIX_SYMBOLS}
+    DEPENDS util/make_prefix_headers.go
+            ${CMAKE_BINARY_DIR}/${BORINGSSL_PREFIX_SYMBOLS})
+
+  # add_dependencies needs a target, not a file, so we add an intermediate
+  # target.
+  add_custom_target(
+    boringssl_prefix_symbols
+    DEPENDS symbol_prefix_include/boringssl_prefix_symbols.h
+            symbol_prefix_include/boringssl_prefix_symbols_asm.h
+            symbol_prefix_include/boringssl_prefix_symbols_nasm.inc)
+  add_dependencies(global_target boringssl_prefix_symbols)
+elseif(BORINGSSL_PREFIX OR BORINGSSL_PREFIX_SYMBOLS)
+  message(FATAL_ERROR "Must specify both or neither of BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS")
+endif()
+
 if(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
   set(CLANG 1)
 endif()
 
+if(CMAKE_SYSTEM_NAME STREQUAL "Emscripten")
+  set(EMSCRIPTEN 1)
+endif()
+
 if(CMAKE_COMPILER_IS_GNUCXX OR CLANG)
   # Note clang-cl is odd and sets both CLANG and MSVC. We base our configuration
   # primarily on our normal Clang one.
-  set(C_CXX_FLAGS "-Werror -Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings")
+  set(C_CXX_FLAGS "-Werror -Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings -Wvla")
   if(MSVC)
     # clang-cl sets different default warnings than clang. It also treats -Wall
     # as -Weverything, to match MSVC. Instead -W3 is the alias for -Wall.
@@ -62,7 +127,14 @@ if(CMAKE_COMPILER_IS_GNUCXX OR CLANG)
     # honor it. Suppress it here to compensate. See https://crbug.com/772117.
     set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-deprecated-declarations")
   else()
-    set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wall -ggdb -fvisibility=hidden -fno-common")
+    if(EMSCRIPTEN)
+      # emscripten's emcc/clang does not accept the "-ggdb" flag.
+      set(C_CXX_FLAGS "${C_CXX_FLAGS} -g")
+    else()
+      set(C_CXX_FLAGS "${C_CXX_FLAGS} -ggdb")
+    endif()
+
+    set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wall -fvisibility=hidden -fno-common")
   endif()
 
   if(CLANG)
@@ -143,6 +215,7 @@ elseif(MSVC)
               # copy constructor is inaccessible or deleted
       "C4626" # assignment operator could not be generated because a base class
               # assignment operator is inaccessible or deleted
+      "C4628" # digraphs not supported with -Ze
       "C4668" # 'symbol' is not defined as a preprocessor macro, replacing with
               # '0' for 'directives'
               # Disable this because GTest uses it everywhere.
@@ -175,11 +248,10 @@ if(WIN32)
   add_definitions(-DNOMINMAX)
   # Allow use of fopen.
   add_definitions(-D_CRT_SECURE_NO_WARNINGS)
-  # VS 2017 and higher supports STL-only warning suppressions. Manually add to
-  # C++ only to work around a CMake quoting bug when using NASM with the Visual
-  # Studio generator. This will be fixed in CMake 3.13.0. See
-  # https://gitlab.kitware.com/cmake/cmake/merge_requests/2179
-  add_compile_options($<$<COMPILE_LANGUAGE:CXX>:-D_STL_EXTRA_DISABLED_WARNINGS=4774\ 4987>)
+  # VS 2017 and higher supports STL-only warning suppressions.
+  # A bug in CMake < 3.13.0 may cause the space in this value to
+  # cause issues when building with NASM. In that case, update CMake.
+  add_definitions("-D_STL_EXTRA_DISABLED_WARNINGS=4774 4987")
 endif()
 
 if((CMAKE_COMPILER_IS_GNUCXX AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.7.99") OR
@@ -206,6 +278,10 @@ if(FUZZ)
     message(FATAL_ERROR "You need to build with Clang for fuzzing to work")
   endif()
 
+  if(CMAKE_C_COMPILER_VERSION VERSION_LESS "6.0.0")
+    message(FATAL_ERROR "You need Clang ≥ 6.0.0")
+  endif()
+
   add_definitions(-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE)
   set(RUNNER_ARGS "-deterministic")
 
@@ -214,10 +290,8 @@ if(FUZZ)
     set(RUNNER_ARGS ${RUNNER_ARGS} "-fuzzer" "-shim-config" "fuzzer_mode.json")
   endif()
 
-  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fsanitize-coverage=edge,indirect-calls,trace-pc-guard")
-  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fsanitize-coverage=edge,indirect-calls,trace-pc-guard")
-  set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address")
-  link_directories(.)
+  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
 endif()
 
 add_definitions(-DBORINGSSL_IMPLEMENTATION)
@@ -240,7 +314,7 @@ if(MSAN)
 
   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
-  set(OPENSSL_NO_ASM "1")
+  set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
 endif()
 
 if(ASAN)
@@ -250,7 +324,6 @@ if(ASAN)
 
   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer")
-  set(OPENSSL_NO_ASM "1")
 endif()
 
 if(CFI)
@@ -258,9 +331,8 @@ if(CFI)
     message(FATAL_ERROR "Cannot enable CFI unless using Clang")
   endif()
 
-  # TODO(crbug.com/785442): Remove -fsanitize-cfi-icall-generalize-pointers.
-  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -fsanitize-cfi-icall-generalize-pointers -flto=thin")
-  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -fsanitize-cfi-icall-generalize-pointers -flto=thin")
+  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -flto=thin")
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=cfi -fno-sanitize-trap=cfi -flto=thin")
   # We use Chromium's copy of clang, which requires -fuse-ld=lld if building
   # with -flto. That, in turn, can't handle -ggdb.
   set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fuse-ld=lld")
@@ -281,6 +353,22 @@ if(TSAN)
   set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=thread")
 endif()
 
+if(UBSAN)
+  if(NOT CLANG)
+    message(FATAL_ERROR "Cannot enable UBSAN unless using Clang")
+  endif()
+
+  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=undefined")
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=undefined")
+  set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=undefined")
+
+  if(NOT UBSAN_RECOVER)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-sanitize-recover=undefined")
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-sanitize-recover=undefined")
+    set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fno-sanitize-recover=undefined")
+  endif()
+endif()
+
 if(GCOV)
   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage")
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fprofile-arcs -ftest-coverage")
@@ -291,9 +379,13 @@ if(FIPS)
   if(FIPS_BREAK_TEST)
     add_definitions("-DBORINGSSL_FIPS_BREAK_${FIPS_BREAK_TEST}=1")
   endif()
-  # Delocate does not work for ASan and MSan builds.
+  # The FIPS integrity check does not work for ASan and MSan builds.
   if(NOT ASAN AND NOT MSAN)
-    set(FIPS_DELOCATE "1")
+    if(BUILD_SHARED_LIBS)
+      set(FIPS_SHARED "1")
+    else()
+      set(FIPS_DELOCATE "1")
+    endif()
   endif()
 endif()
 
@@ -301,6 +393,49 @@ if(OPENSSL_SMALL)
   add_definitions(-DOPENSSL_SMALL)
 endif()
 
+if(CONSTANT_TIME_VALIDATION)
+  add_definitions(-DBORINGSSL_CONSTANT_TIME_VALIDATION)
+  # Asserts will often test secret data.
+  add_definitions(-DNDEBUG)
+endif()
+
+function(go_executable dest package)
+  set(godeps "${CMAKE_SOURCE_DIR}/util/godeps.go")
+  if(${CMAKE_VERSION} VERSION_LESS "3.7" OR
+     NOT ${CMAKE_GENERATOR} STREQUAL "Ninja")
+    # The DEPFILE parameter to add_custom_command is new as of CMake 3.7 and
+    # only works with Ninja. Query the sources at configure time. Additionally,
+    # everything depends on go.mod. That affects what external packages to use.
+    execute_process(COMMAND ${GO_EXECUTABLE} run ${godeps} -format cmake
+                            -pkg ${package}
+                    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+                    OUTPUT_VARIABLE sources
+                    RESULT_VARIABLE godeps_result)
+    add_custom_command(OUTPUT ${dest}
+                       COMMAND ${GO_EXECUTABLE} build
+                               -o ${CMAKE_CURRENT_BINARY_DIR}/${dest} ${package}
+                       WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+                       DEPENDS ${sources} ${CMAKE_SOURCE_DIR}/go.mod)
+  else()
+    # Ninja expects the target in the depfile to match the output. This is a
+    # relative path from the build directory.
+    string(LENGTH "${CMAKE_BINARY_DIR}" root_dir_length)
+    math(EXPR root_dir_length "${root_dir_length} + 1")
+    string(SUBSTRING "${CMAKE_CURRENT_BINARY_DIR}" ${root_dir_length} -1 target)
+    set(target "${target}/${dest}")
+
+    set(depfile "${CMAKE_CURRENT_BINARY_DIR}/${dest}.d")
+    add_custom_command(OUTPUT ${dest}
+                       COMMAND ${GO_EXECUTABLE} build
+                               -o ${CMAKE_CURRENT_BINARY_DIR}/${dest} ${package}
+                       COMMAND ${GO_EXECUTABLE} run ${godeps} -format depfile
+                               -target ${target} -pkg ${package} -out ${depfile}
+                       WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+                       DEPENDS ${godeps} ${CMAKE_SOURCE_DIR}/go.mod
+                       DEPFILE ${depfile})
+  endif()
+endfunction()
+
 # CMake's iOS support uses Apple's multiple-architecture toolchain. It takes an
 # architecture list from CMAKE_OSX_ARCHITECTURES, leaves CMAKE_SYSTEM_PROCESSOR
 # alone, and expects all architecture-specific logic to be conditioned within
@@ -339,6 +474,9 @@ elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "aarch64")
   set(ARCH "aarch64")
 elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64")
   set(ARCH "aarch64")
+# Apple A12 Bionic chipset which is added in iPhone XS/XS Max/XR uses arm64e architecture.
+elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "arm64e")
+  set(ARCH "aarch64")
 elseif(${CMAKE_SYSTEM_PROCESSOR} MATCHES "^arm*")
   set(ARCH "arm")
 elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "mips")
@@ -357,13 +495,6 @@ if(ANDROID AND NOT ANDROID_NDK_REVISION AND ${ARCH} STREQUAL "arm")
   set(CMAKE_ASM_FLAGS "-march=${CMAKE_SYSTEM_PROCESSOR} ${CMAKE_ASM_FLAGS}")
 endif()
 
-if(${ARCH} STREQUAL "x86" AND APPLE AND ${CMAKE_VERSION} VERSION_LESS "3.0")
-  # With CMake 2.8.x, ${CMAKE_SYSTEM_PROCESSOR} evalutes to i386 on OS X,
-  # but clang defaults to 64-bit builds on OS X unless otherwise told.
-  # Set ARCH to x86_64 so clang and CMake agree. This is fixed in CMake 3.
-  set(ARCH "x86_64")
-endif()
-
 if(USE_CUSTOM_LIBCXX)
   if(NOT CLANG)
     message(FATAL_ERROR "USE_CUSTOM_LIBCXX only supported with Clang")
@@ -440,11 +571,11 @@ add_custom_command(
 add_library(crypto_test_data OBJECT crypto_test_data.cc)
 
 add_subdirectory(crypto)
-add_subdirectory(third_party/fiat)
 add_subdirectory(ssl)
 add_subdirectory(ssl/test)
-add_subdirectory(fipstools)
 add_subdirectory(tool)
+add_subdirectory(util/fipstools/cavp)
+add_subdirectory(util/fipstools/acvp/modulewrapper)
 add_subdirectory(decrepit)
 
 if(FUZZ)

FUZZING.md

@@ -2,23 +2,17 @@
 
 Modern fuzz testers are very effective and we wish to use them to ensure that no silly bugs creep into BoringSSL.
 
-We primarily use Clang's [libFuzzer](http://llvm.org/docs/LibFuzzer.html) for fuzz testing and there are a number of fuzz testing functions in `fuzz/`. They are not built by default because they require libFuzzer at build time.
+We use Clang's [libFuzzer](http://llvm.org/docs/LibFuzzer.html) for fuzz testing and there are a number of fuzz testing functions in `fuzz/`. They are not built by default because they require that the rest of BoringSSL be built with some changes that make fuzzing much more effective, but are completely unsafe for real use.
 
-In order to build the fuzz tests you will need at least Clang 3.7. Pass `-DFUZZ=1` on the CMake command line to enable building BoringSSL with coverage and AddressSanitizer, and to build the fuzz test binaries. You'll probably need to set the `CC` and `CXX` environment variables too, like this:
+In order to build the fuzz tests you will need at least Clang 6.0. Pass `-DFUZZ=1` on the CMake command line to enable building BoringSSL with coverage and AddressSanitizer, and to build the fuzz test binaries. You'll probably need to set the `CC` and `CXX` environment variables too, like this:
 
 ```
+mkdir build
+cd build
 CC=clang CXX=clang++ cmake -GNinja -DFUZZ=1 ..
+ninja
 ```
 
-In order for the fuzz tests to link, the linker needs to find libFuzzer. This is not commonly provided and you may need to download the [Clang source code](http://llvm.org/releases/download.html) and do the following:
-
-```
-svn co http://llvm.org/svn/llvm-project/llvm/trunk/lib/Fuzzer
-clang++ -c -g -O2 -std=c++11 Fuzzer/*.cpp -IFuzzer
-ar ruv libFuzzer.a Fuzzer*.o
-```
-
-Then copy `libFuzzer.a` to the top-level of your BoringSSL source directory.
 
 From the `build/` directory, you can then run the fuzzers. For example:
 
@@ -32,6 +26,7 @@ The recommended values of `max_len` for each test are:
 
 | Test          | `max_len` value |
 |---------------|-----------------|
+| `bn_mod_exp`  | 4096            |
 | `cert`        | 10000           |
 | `client`      | 20000           |
 | `pkcs8`       | 2048            |

LICENSE

@@ -181,6 +181,29 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 
 
+The code in third_party/sike also carries the MIT license:
+
+Copyright (c) Microsoft Corporation. All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE
+
+
 Licenses for support code
 -------------------------
 

README.md

@@ -21,6 +21,13 @@ these patches in multiple places was growing steadily.
 Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's
 not part of the NDK) and a number of other apps/programs.
 
+Project links:
+
+  * [API documentation](https://commondatastorage.googleapis.com/chromium-boringssl-docs/headers.html)
+  * [Bug tracker](https://bugs.chromium.org/p/boringssl/issues/list)
+  * [CI](https://ci.chromium.org/p/boringssl/g/main/console)
+  * [Code review](https://boringssl-review.googlesource.com)
+
 There are other files in this directory which might be helpful:
 
   * [PORTING.md](/PORTING.md): how to port OpenSSL-using code to BoringSSL.

crypto/CMakeLists.txt

@@ -53,7 +53,7 @@ if(NOT OPENSSL_NO_ASM)
       set(PERLASM_STYLE win32n)
       set(PERLASM_FLAGS "-DOPENSSL_IA32_SSE2")
     endif()
-    set(CMAKE_ASM_NASM_FLAGS "-gcv8")
+    set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -gcv8")
 
     # On Windows, we use the NASM output, specifically built with Yasm.
     set(ASM_EXT asm)
@@ -62,8 +62,14 @@ if(NOT OPENSSL_NO_ASM)
 endif()
 
 function(perlasm dest src)
+  get_filename_component(dir ${dest} DIRECTORY)
+  if ("${dir}" STREQUAL "")
+    set(dir ".")
+  endif()
+
   add_custom_command(
     OUTPUT ${dest}
+    COMMAND ${CMAKE_COMMAND} -E make_directory ${dir}
     COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/${src} ${PERLASM_STYLE} ${PERLASM_FLAGS} ${ARGN} ${dest}
     DEPENDS
     ${src}
@@ -78,80 +84,10 @@ function(perlasm dest src)
   )
 endfunction()
 
-# Level 0.1 - depends on nothing outside this set.
-add_subdirectory(stack)
-add_subdirectory(lhash)
-add_subdirectory(err)
-add_subdirectory(buf)
-add_subdirectory(base64)
-add_subdirectory(bytestring)
-add_subdirectory(pool)
-
-# Level 0.2 - depends on nothing but itself
-add_subdirectory(rc4)
-add_subdirectory(conf)
-add_subdirectory(chacha)
-add_subdirectory(poly1305)
-add_subdirectory(curve25519)
-
-# Level 1, depends only on 0.*
-add_subdirectory(digest_extra)
-add_subdirectory(cipher_extra)
-add_subdirectory(rand_extra)
-add_subdirectory(bio)
-add_subdirectory(bn_extra)
-add_subdirectory(obj)
-add_subdirectory(asn1)
-
-# Level 2
-add_subdirectory(engine)
-add_subdirectory(dh)
-add_subdirectory(dsa)
-add_subdirectory(rsa_extra)
-add_subdirectory(ec_extra)
-add_subdirectory(ecdh_extra)
-add_subdirectory(ecdsa_extra)
-
-# Level 3
-add_subdirectory(cmac)
-add_subdirectory(evp)
-add_subdirectory(hkdf)
-add_subdirectory(pem)
-add_subdirectory(x509)
-add_subdirectory(x509v3)
-
-# Level 4
-add_subdirectory(pkcs7)
-add_subdirectory(pkcs8)
-
-# Test support code
+add_subdirectory(fipsmodule)
 add_subdirectory(test)
 
-add_subdirectory(fipsmodule)
-
-add_library(
-  crypto_base
-
-  OBJECT
-
-  cpu-aarch64-fuchsia.c
-  cpu-aarch64-linux.c
-  cpu-arm.c
-  cpu-arm-linux.c
-  cpu-intel.c
-  cpu-ppc64le.c
-  crypto.c
-  ex_data.c
-  mem.c
-  refcount_c11.c
-  refcount_lock.c
-  thread.c
-  thread_none.c
-  thread_pthread.c
-  thread_win.c
-)
-
-if(FIPS_DELOCATE)
+if(FIPS_DELOCATE OR FIPS_SHARED)
   SET_SOURCE_FILES_PROPERTIES(fipsmodule/bcm.o PROPERTIES EXTERNAL_OBJECT true)
   SET_SOURCE_FILES_PROPERTIES(fipsmodule/bcm.o PROPERTIES GENERATED true)
 
@@ -162,51 +98,355 @@ if(FIPS_DELOCATE)
   )
 endif()
 
+if(${ARCH} STREQUAL "arm")
+  set(
+    CRYPTO_ARCH_SOURCES
+
+    chacha/chacha-armv4.${ASM_EXT}
+    curve25519/asm/x25519-asm-arm.S
+    poly1305/poly1305_arm_asm.S
+    test/trampoline-armv4.${ASM_EXT}
+  )
+endif()
+
+if(${ARCH} STREQUAL "aarch64")
+  set(
+    CRYPTO_ARCH_SOURCES
+
+    chacha/chacha-armv8.${ASM_EXT}
+    test/trampoline-armv8.${ASM_EXT}
+    third_party/sike/asm/fp-armv8.${ASM_EXT}
+  )
+endif()
+
+if(${ARCH} STREQUAL "x86")
+  set(
+    CRYPTO_ARCH_SOURCES
+
+    chacha/chacha-x86.${ASM_EXT}
+    test/trampoline-x86.${ASM_EXT}
+  )
+endif()
+
+if(${ARCH} STREQUAL "x86_64")
+  set(
+    CRYPTO_ARCH_SOURCES
+
+    chacha/chacha-x86_64.${ASM_EXT}
+    cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT}
+    cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT}
+    hrss/asm/poly_rq_mul.S
+    test/trampoline-x86_64.${ASM_EXT}
+    third_party/sike/asm/fp-x86_64.${ASM_EXT}
+  )
+endif()
+
+perlasm(chacha/chacha-armv4.${ASM_EXT} chacha/asm/chacha-armv4.pl)
+perlasm(chacha/chacha-armv8.${ASM_EXT} chacha/asm/chacha-armv8.pl)
+perlasm(chacha/chacha-x86.${ASM_EXT} chacha/asm/chacha-x86.pl)
+perlasm(chacha/chacha-x86_64.${ASM_EXT} chacha/asm/chacha-x86_64.pl)
+perlasm(cipher_extra/aes128gcmsiv-x86_64.${ASM_EXT} cipher_extra/asm/aes128gcmsiv-x86_64.pl)
+perlasm(cipher_extra/chacha20_poly1305_x86_64.${ASM_EXT} cipher_extra/asm/chacha20_poly1305_x86_64.pl)
+perlasm(third_party/sike/asm/fp-x86_64.${ASM_EXT} ../third_party/sike/asm/fp-x86_64.pl)
+perlasm(third_party/sike/asm/fp-armv8.${ASM_EXT} ../third_party/sike/asm/fp-armv8.pl)
+perlasm(test/trampoline-armv4.${ASM_EXT} test/asm/trampoline-armv4.pl)
+perlasm(test/trampoline-armv8.${ASM_EXT} test/asm/trampoline-armv8.pl)
+perlasm(test/trampoline-x86.${ASM_EXT} test/asm/trampoline-x86.pl)
+perlasm(test/trampoline-x86_64.${ASM_EXT} test/asm/trampoline-x86_64.pl)
+
+add_custom_command(
+  OUTPUT err_data.c
+  COMMAND ${GO_EXECUTABLE} run err_data_generate.go > ${CMAKE_CURRENT_BINARY_DIR}/err_data.c
+  DEPENDS
+  err/err_data_generate.go
+  err/asn1.errordata
+  err/bio.errordata
+  err/bn.errordata
+  err/cipher.errordata
+  err/conf.errordata
+  err/dh.errordata
+  err/digest.errordata
+  err/dsa.errordata
+  err/ecdh.errordata
+  err/ecdsa.errordata
+  err/ec.errordata
+  err/engine.errordata
+  err/evp.errordata
+  err/hkdf.errordata
+  err/obj.errordata
+  err/pem.errordata
+  err/pkcs7.errordata
+  err/pkcs8.errordata
+  err/rsa.errordata
+  err/ssl.errordata
+  err/x509.errordata
+  err/x509v3.errordata
+  WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/err
+)
+
 add_library(
   crypto
 
-  $<TARGET_OBJECTS:crypto_base>
-  $<TARGET_OBJECTS:stack>
-  $<TARGET_OBJECTS:lhash>
-  $<TARGET_OBJECTS:err>
-  $<TARGET_OBJECTS:base64>
-  $<TARGET_OBJECTS:bytestring>
-  $<TARGET_OBJECTS:pool>
-  $<TARGET_OBJECTS:fipsmodule>
-  $<TARGET_OBJECTS:digest_extra>
-  $<TARGET_OBJECTS:cipher_extra>
-  $<TARGET_OBJECTS:rc4>
-  $<TARGET_OBJECTS:conf>
-  $<TARGET_OBJECTS:chacha>
-  $<TARGET_OBJECTS:poly1305>
-  $<TARGET_OBJECTS:curve25519>
-  $<TARGET_OBJECTS:fiat>
-  $<TARGET_OBJECTS:buf>
-  $<TARGET_OBJECTS:bn_extra>
-  $<TARGET_OBJECTS:bio>
-  $<TARGET_OBJECTS:rand_extra>
-  $<TARGET_OBJECTS:obj>
-  $<TARGET_OBJECTS:asn1>
-  $<TARGET_OBJECTS:engine>
-  $<TARGET_OBJECTS:dh>
-  $<TARGET_OBJECTS:dsa>
-  $<TARGET_OBJECTS:rsa_extra>
-  $<TARGET_OBJECTS:ec_extra>
-  $<TARGET_OBJECTS:ecdh_extra>
-  $<TARGET_OBJECTS:ecdsa_extra>
-  $<TARGET_OBJECTS:cmac>
-  $<TARGET_OBJECTS:evp>
-  $<TARGET_OBJECTS:hkdf>
-  $<TARGET_OBJECTS:pem>
-  $<TARGET_OBJECTS:x509>
-  $<TARGET_OBJECTS:x509v3>
-  $<TARGET_OBJECTS:pkcs7>
-  $<TARGET_OBJECTS:pkcs8_lib>
+  asn1/a_bitstr.c
+  asn1/a_bool.c
+  asn1/a_d2i_fp.c
+  asn1/a_dup.c
+  asn1/a_enum.c
+  asn1/a_gentm.c
+  asn1/a_i2d_fp.c
+  asn1/a_int.c
+  asn1/a_mbstr.c
+  asn1/a_object.c
+  asn1/a_octet.c
+  asn1/a_print.c
+  asn1/a_strnid.c
+  asn1/a_time.c
+  asn1/a_type.c
+  asn1/a_utctm.c
+  asn1/a_utf8.c
+  asn1/asn1_lib.c
+  asn1/asn1_par.c
+  asn1/asn_pack.c
+  asn1/f_enum.c
+  asn1/f_int.c
+  asn1/f_string.c
+  asn1/tasn_dec.c
+  asn1/tasn_enc.c
+  asn1/tasn_fre.c
+  asn1/tasn_new.c
+  asn1/tasn_typ.c
+  asn1/tasn_utl.c
+  asn1/time_support.c
+  base64/base64.c
+  bio/bio.c
+  bio/bio_mem.c
+  bio/connect.c
+  bio/fd.c
+  bio/file.c
+  bio/hexdump.c
+  bio/pair.c
+  bio/printf.c
+  bio/socket.c
+  bio/socket_helper.c
+  bn_extra/bn_asn1.c
+  bn_extra/convert.c
+  buf/buf.c
+  bytestring/asn1_compat.c
+  bytestring/ber.c
+  bytestring/cbb.c
+  bytestring/cbs.c
+  bytestring/unicode.c
+  chacha/chacha.c
+  cipher_extra/cipher_extra.c
+  cipher_extra/derive_key.c
+  cipher_extra/e_aesccm.c
+  cipher_extra/e_aesctrhmac.c
+  cipher_extra/e_aesgcmsiv.c
+  cipher_extra/e_chacha20poly1305.c
+  cipher_extra/e_null.c
+  cipher_extra/e_rc2.c
+  cipher_extra/e_rc4.c
+  cipher_extra/e_tls.c
+  cipher_extra/tls_cbc.c
+  cmac/cmac.c
+  conf/conf.c
+  cpu-aarch64-fuchsia.c
+  cpu-aarch64-linux.c
+  cpu-arm-linux.c
+  cpu-arm.c
+  cpu-intel.c
+  cpu-ppc64le.c
+  crypto.c
+  curve25519/spake25519.c
+  dh/dh.c
+  dh/params.c
+  dh/check.c
+  dh/dh_asn1.c
+  digest_extra/digest_extra.c
+  dsa/dsa.c
+  dsa/dsa_asn1.c
+  ecdh_extra/ecdh_extra.c
+  ecdsa_extra/ecdsa_asn1.c
+  ec_extra/ec_asn1.c
+  ec_extra/ec_derive.c
+  err/err.c
+  err_data.c
+  engine/engine.c
+  evp/digestsign.c
+  evp/evp.c
+  evp/evp_asn1.c
+  evp/evp_ctx.c
+  evp/p_dsa_asn1.c
+  evp/p_ec.c
+  evp/p_ec_asn1.c
+  evp/p_ed25519.c
+  evp/p_ed25519_asn1.c
+  evp/p_rsa.c
+  evp/p_rsa_asn1.c
+  evp/p_x25519.c
+  evp/p_x25519_asn1.c
+  evp/pbkdf.c
+  evp/print.c
+  evp/scrypt.c
+  evp/sign.c
+  ex_data.c
+  hkdf/hkdf.c
+  hrss/hrss.c
+  lhash/lhash.c
+  mem.c
+  obj/obj.c
+  obj/obj_xref.c
+  pem/pem_all.c
+  pem/pem_info.c
+  pem/pem_lib.c
+  pem/pem_oth.c
+  pem/pem_pk8.c
+  pem/pem_pkey.c
+  pem/pem_x509.c
+  pem/pem_xaux.c
+  pkcs7/pkcs7.c
+  pkcs7/pkcs7_x509.c
+  pkcs8/pkcs8.c
+  pkcs8/pkcs8_x509.c
+  pkcs8/p5_pbev2.c
+  poly1305/poly1305.c
+  poly1305/poly1305_arm.c
+  poly1305/poly1305_vec.c
+  pool/pool.c
+  rand_extra/deterministic.c
+  rand_extra/forkunsafe.c
+  rand_extra/fuchsia.c
+  rand_extra/rand_extra.c
+  rand_extra/windows.c
+  rc4/rc4.c
+  refcount_c11.c
+  refcount_lock.c
+  rsa_extra/rsa_asn1.c
+  rsa_extra/rsa_print.c
+  stack/stack.c
+  siphash/siphash.c
+  thread.c
+  thread_none.c
+  thread_pthread.c
+  thread_win.c
+  x509/a_digest.c
+  x509/a_sign.c
+  x509/a_strex.c
+  x509/a_verify.c
+  x509/algorithm.c
+  x509/asn1_gen.c
+  x509/by_dir.c
+  x509/by_file.c
+  x509/i2d_pr.c
+  x509/rsa_pss.c
+  x509/t_crl.c
+  x509/t_req.c
+  x509/t_x509.c
+  x509/t_x509a.c
+  x509/x509.c
+  x509/x509_att.c
+  x509/x509_cmp.c
+  x509/x509_d2.c
+  x509/x509_def.c
+  x509/x509_ext.c
+  x509/x509_lu.c
+  x509/x509_obj.c
+  x509/x509_r2x.c
+  x509/x509_req.c
+  x509/x509_set.c
+  x509/x509_trs.c
+  x509/x509_txt.c
+  x509/x509_v3.c
+  x509/x509_vfy.c
+  x509/x509_vpm.c
+  x509/x509cset.c
+  x509/x509name.c
+  x509/x509rset.c
+  x509/x509spki.c
+  x509/x_algor.c
+  x509/x_all.c
+  x509/x_attrib.c
+  x509/x_crl.c
+  x509/x_exten.c
+  x509/x_info.c
+  x509/x_name.c
+  x509/x_pkey.c
+  x509/x_pubkey.c
+  x509/x_req.c
+  x509/x_sig.c
+  x509/x_spki.c
+  x509/x_val.c
+  x509/x_x509.c
+  x509/x_x509a.c
+  x509v3/pcy_cache.c
+  x509v3/pcy_data.c
+  x509v3/pcy_lib.c
+  x509v3/pcy_map.c
+  x509v3/pcy_node.c
+  x509v3/pcy_tree.c
+  x509v3/v3_akey.c
+  x509v3/v3_akeya.c
+  x509v3/v3_alt.c
+  x509v3/v3_bcons.c
+  x509v3/v3_bitst.c
+  x509v3/v3_conf.c
+  x509v3/v3_cpols.c
+  x509v3/v3_crld.c
+  x509v3/v3_enum.c
+  x509v3/v3_extku.c
+  x509v3/v3_genn.c
+  x509v3/v3_ia5.c
+  x509v3/v3_info.c
+  x509v3/v3_int.c
+  x509v3/v3_lib.c
+  x509v3/v3_ncons.c
+  x509v3/v3_ocsp.c
+  x509v3/v3_pci.c
+  x509v3/v3_pcia.c
+  x509v3/v3_pcons.c
+  x509v3/v3_pku.c
+  x509v3/v3_pmaps.c
+  x509v3/v3_prn.c
+  x509v3/v3_purp.c
+  x509v3/v3_skey.c
+  x509v3/v3_sxnet.c
+  x509v3/v3_utl.c
+  ../third_party/fiat/curve25519.c
+  ../third_party/sike/fpx.c
+  ../third_party/sike/isogeny.c
+  ../third_party/sike/curve_params.c
+  ../third_party/sike/sike.c
+  ../third_party/sike/asm/fp_generic.c
 
+  $<TARGET_OBJECTS:fipsmodule>
+
+  ${CRYPTO_ARCH_SOURCES}
   ${CRYPTO_FIPS_OBJECTS}
 )
 
-if(FIPS_DELOCATE)
+if(FIPS_SHARED)
+  set(EXTRA_INJECT_HASH_ARGS)
+  if(ANDROID)
+    set(EXTRA_INJECT_HASH_ARGS "-sha256")
+  endif()
+  # Rewrite libcrypto.so to inject the correct module hash value. This assumes
+  # UNIX-style library naming, but we only support FIPS mode on Linux anyway.
+  add_custom_command(
+    TARGET crypto POST_BUILD
+    COMMAND ${GO_EXECUTABLE} run
+    ${CMAKE_CURRENT_SOURCE_DIR}/../util/fipstools/inject_hash/inject_hash.go
+    -o libcrypto.so -in-object libcrypto.so ${EXTRA_INJECT_HASH_ARGS}
+    # The DEPENDS argument to a POST_BUILD rule appears to be ignored. Thus
+    # go_executable isn't used (as it doesn't get built), but we list this
+    # dependency anyway in case it starts working in some CMake version.
+    DEPENDS ../util/fipstools/inject_hash/inject_hash.go
+    WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
+  )
+endif()
+
+add_dependencies(crypto global_target)
+
+if(FIPS_DELOCATE OR FIPS_SHARED)
   add_dependencies(crypto bcm_o_target)
 endif()
 
@@ -222,10 +462,10 @@ if(USE_CUSTOM_LIBCXX)
   target_link_libraries(crypto libcxx)
 endif()
 
-# TODO(davidben): Convert the remaining tests to GTest.
 add_executable(
   crypto_test
 
+  abi_self_test.cc
   asn1/asn1_test.cc
   base64/base64_test.cc
   buf/buf_test.cc
@@ -237,6 +477,7 @@ add_executable(
   cmac/cmac_test.cc
   compiler_test.cc
   constant_time_test.cc
+  cpu-arm-linux_test.cc
   curve25519/ed25519_test.cc
   curve25519/spake25519_test.cc
   curve25519/x25519_test.cc
@@ -254,10 +495,14 @@ add_executable(
   fipsmodule/ec/ec_test.cc
   fipsmodule/ec/p256-x86_64_test.cc
   fipsmodule/ecdsa/ecdsa_test.cc
+  fipsmodule/md5/md5_test.cc
   fipsmodule/modes/gcm_test.cc
   fipsmodule/rand/ctrdrbg_test.cc
+  fipsmodule/sha/sha_test.cc
   hkdf/hkdf_test.cc
   hmac_extra/hmac_test.cc
+  hrss/hrss_test.cc
+  impl_dispatch_test.cc
   lhash/lhash_test.cc
   obj/obj_test.cc
   pem/pem_test.cc
@@ -266,22 +511,27 @@ add_executable(
   pkcs8/pkcs12_test.cc
   poly1305/poly1305_test.cc
   pool/pool_test.cc
+  rand_extra/rand_test.cc
   refcount_test.cc
   rsa_extra/rsa_test.cc
   self_test.cc
+  stack/stack_test.cc
+  siphash/siphash_test.cc
   test/file_test_gtest.cc
   thread_test.cc
   x509/x509_test.cc
   x509/x509_time_test.cc
   x509v3/tab_test.cc
   x509v3/v3name_test.cc
+  ../third_party/sike/sike_test.cc
 
   $<TARGET_OBJECTS:crypto_test_data>
   $<TARGET_OBJECTS:boringssl_gtest_main>
-  $<TARGET_OBJECTS:test_support>
 )
 
-target_link_libraries(crypto_test crypto boringssl_gtest)
+add_dependencies(crypto_test global_target)
+
+target_link_libraries(crypto_test test_support_lib boringssl_gtest crypto)
 if(WIN32)
   target_link_libraries(crypto_test ws2_32)
 endif()

crypto/abi_self_test.cc

@@ -0,0 +1,523 @@
+/* Copyright (c) 2018, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include <gtest/gtest.h>
+#include <gtest/gtest-spi.h>
+
+#include <openssl/rand.h>
+
+#include "test/abi_test.h"
+
+
+static bool test_function_ok;
+static int TestFunction(int a1, int a2, int a3, int a4, int a5, int a6, int a7,
+                        int a8) {
+  test_function_ok = a1 == 1 || a2 == 2 || a3 == 3 || a4 == 4 || a5 == 5 ||
+                     a6 == 6 || a7 == 7 || a8 == 8;
+  return 42;
+}
+
+TEST(ABITest, SanityCheck) {
+  EXPECT_NE(0, CHECK_ABI_NO_UNWIND(strcmp, "hello", "world"));
+
+  test_function_ok = false;
+  EXPECT_EQ(42, CHECK_ABI_SEH(TestFunction, 1, 2, 3, 4, 5, 6, 7, 8));
+  EXPECT_TRUE(test_function_ok);
+
+#if defined(SUPPORTS_ABI_TEST)
+  abi_test::internal::CallerState state;
+  RAND_bytes(reinterpret_cast<uint8_t *>(&state), sizeof(state));
+  crypto_word_t argv[] = {
+      1, 2, 3, 4, 5, 6, 7, 8,
+  };
+  CHECK_ABI_SEH(abi_test_trampoline,
+                reinterpret_cast<crypto_word_t>(TestFunction), &state, argv, 8,
+                0 /* no breakpoint */);
+
+#if defined(OPENSSL_X86_64)
+  if (abi_test::UnwindTestsEnabled()) {
+    EXPECT_NONFATAL_FAILURE(CHECK_ABI_SEH(abi_test_bad_unwind_wrong_register),
+                            "was not recovered");
+    EXPECT_NONFATAL_FAILURE(CHECK_ABI_SEH(abi_test_bad_unwind_temporary),
+                            "was not recovered");
+
+    CHECK_ABI_NO_UNWIND(abi_test_bad_unwind_wrong_register);
+    CHECK_ABI_NO_UNWIND(abi_test_bad_unwind_temporary);
+
+#if defined(OPENSSL_WINDOWS)
+    // The invalid epilog makes Windows believe the epilog starts later than it
+    // actually does. As a result, immediately after the popq, it does not
+    // realize the stack has been unwound and repeats the work.
+    EXPECT_NONFATAL_FAILURE(CHECK_ABI_SEH(abi_test_bad_unwind_epilog),
+                            "unwound past starting frame");
+    CHECK_ABI_NO_UNWIND(abi_test_bad_unwind_epilog);
+#endif  // OPENSSL_WINDOWS
+  }
+#endif  // OPENSSL_X86_64
+#endif  // SUPPORTS_ABI_TEST
+}
+
+#if defined(OPENSSL_X86_64) && defined(SUPPORTS_ABI_TEST)
+extern "C" {
+void abi_test_clobber_rax(void);
+void abi_test_clobber_rbx(void);
+void abi_test_clobber_rcx(void);
+void abi_test_clobber_rdx(void);
+void abi_test_clobber_rsi(void);
+void abi_test_clobber_rdi(void);
+void abi_test_clobber_rbp(void);
+void abi_test_clobber_r8(void);
+void abi_test_clobber_r9(void);
+void abi_test_clobber_r10(void);
+void abi_test_clobber_r11(void);
+void abi_test_clobber_r12(void);
+void abi_test_clobber_r13(void);
+void abi_test_clobber_r14(void);
+void abi_test_clobber_r15(void);
+void abi_test_clobber_xmm0(void);
+void abi_test_clobber_xmm1(void);
+void abi_test_clobber_xmm2(void);
+void abi_test_clobber_xmm3(void);
+void abi_test_clobber_xmm4(void);
+void abi_test_clobber_xmm5(void);
+void abi_test_clobber_xmm6(void);
+void abi_test_clobber_xmm7(void);
+void abi_test_clobber_xmm8(void);
+void abi_test_clobber_xmm9(void);
+void abi_test_clobber_xmm10(void);
+void abi_test_clobber_xmm11(void);
+void abi_test_clobber_xmm12(void);
+void abi_test_clobber_xmm13(void);
+void abi_test_clobber_xmm14(void);
+void abi_test_clobber_xmm15(void);
+}  // extern "C"
+
+TEST(ABITest, X86_64) {
+  // abi_test_trampoline hides unsaved registers from the caller, so we can
+  // safely call the abi_test_clobber_* functions below.
+  abi_test::internal::CallerState state;
+  RAND_bytes(reinterpret_cast<uint8_t *>(&state), sizeof(state));
+  CHECK_ABI_NO_UNWIND(abi_test_trampoline,
+                      reinterpret_cast<crypto_word_t>(abi_test_clobber_rbx),
+                      &state, nullptr, 0, 0 /* no breakpoint */);
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_rax);
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_rbx),
+                          "rbx was not restored after return");
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_rcx);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_rdx);
+#if defined(OPENSSL_WINDOWS)
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_rdi),
+                          "rdi was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_rsi),
+                          "rsi was not restored after return");
+#else
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_rdi);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_rsi);
+#endif
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_rbp),
+                          "rbp was not restored after return");
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r8);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r9);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r10);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r11);
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r12),
+                          "r12 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r13),
+                          "r13 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r14),
+                          "r14 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r15),
+                          "r15 was not restored after return");
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm0);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm1);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm2);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm3);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm4);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm5);
+#if defined(OPENSSL_WINDOWS)
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm6),
+                          "xmm6 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm7),
+                          "xmm7 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm8),
+                          "xmm8 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm9),
+                          "xmm9 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm10),
+                          "xmm10 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm11),
+                          "xmm11 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm12),
+                          "xmm12 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm13),
+                          "xmm13 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm14),
+                          "xmm14 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm15),
+                          "xmm15 was not restored after return");
+#else
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm6);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm7);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm8);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm9);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm10);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm11);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm12);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm13);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm14);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm15);
+#endif
+
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_set_direction_flag),
+                          "Direction flag set after return");
+  EXPECT_EQ(0, abi_test_get_and_clear_direction_flag())
+      << "CHECK_ABI did not insulate the caller from direction flag errors";
+}
+#endif   // OPENSSL_X86_64 && SUPPORTS_ABI_TEST
+
+#if defined(OPENSSL_X86) && defined(SUPPORTS_ABI_TEST)
+extern "C" {
+void abi_test_clobber_eax(void);
+void abi_test_clobber_ebx(void);
+void abi_test_clobber_ecx(void);
+void abi_test_clobber_edx(void);
+void abi_test_clobber_esi(void);
+void abi_test_clobber_edi(void);
+void abi_test_clobber_ebp(void);
+void abi_test_clobber_xmm0(void);
+void abi_test_clobber_xmm1(void);
+void abi_test_clobber_xmm2(void);
+void abi_test_clobber_xmm3(void);
+void abi_test_clobber_xmm4(void);
+void abi_test_clobber_xmm5(void);
+void abi_test_clobber_xmm6(void);
+void abi_test_clobber_xmm7(void);
+}  // extern "C"
+
+TEST(ABITest, X86) {
+  // abi_test_trampoline hides unsaved registers from the caller, so we can
+  // safely call the abi_test_clobber_* functions below.
+  abi_test::internal::CallerState state;
+  RAND_bytes(reinterpret_cast<uint8_t *>(&state), sizeof(state));
+  CHECK_ABI_NO_UNWIND(abi_test_trampoline,
+                      reinterpret_cast<crypto_word_t>(abi_test_clobber_ebx),
+                      &state, nullptr, 0, 0 /* no breakpoint */);
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_eax);
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_ebx),
+                          "ebx was not restored after return");
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_ecx);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_edx);
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_edi),
+                          "edi was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_esi),
+                          "esi was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_ebp),
+                          "ebp was not restored after return");
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm0);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm1);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm2);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm3);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm4);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm5);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm6);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_xmm7);
+
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_set_direction_flag),
+                          "Direction flag set after return");
+  EXPECT_EQ(0, abi_test_get_and_clear_direction_flag())
+      << "CHECK_ABI did not insulate the caller from direction flag errors";
+}
+#endif   // OPENSSL_X86 && SUPPORTS_ABI_TEST
+
+#if defined(OPENSSL_ARM) && defined(SUPPORTS_ABI_TEST)
+extern "C" {
+void abi_test_clobber_r0(void);
+void abi_test_clobber_r1(void);
+void abi_test_clobber_r2(void);
+void abi_test_clobber_r3(void);
+void abi_test_clobber_r4(void);
+void abi_test_clobber_r5(void);
+void abi_test_clobber_r6(void);
+void abi_test_clobber_r7(void);
+void abi_test_clobber_r8(void);
+void abi_test_clobber_r9(void);
+void abi_test_clobber_r10(void);
+void abi_test_clobber_r11(void);
+void abi_test_clobber_r12(void);
+// r13, r14, and r15, are sp, lr, and pc, respectively.
+
+void abi_test_clobber_d0(void);
+void abi_test_clobber_d1(void);
+void abi_test_clobber_d2(void);
+void abi_test_clobber_d3(void);
+void abi_test_clobber_d4(void);
+void abi_test_clobber_d5(void);
+void abi_test_clobber_d6(void);
+void abi_test_clobber_d7(void);
+void abi_test_clobber_d8(void);
+void abi_test_clobber_d9(void);
+void abi_test_clobber_d10(void);
+void abi_test_clobber_d11(void);
+void abi_test_clobber_d12(void);
+void abi_test_clobber_d13(void);
+void abi_test_clobber_d14(void);
+void abi_test_clobber_d15(void);
+}  // extern "C"
+
+TEST(ABITest, ARM) {
+  // abi_test_trampoline hides unsaved registers from the caller, so we can
+  // safely call the abi_test_clobber_* functions below.
+  abi_test::internal::CallerState state;
+  RAND_bytes(reinterpret_cast<uint8_t *>(&state), sizeof(state));
+  CHECK_ABI_NO_UNWIND(abi_test_trampoline,
+                      reinterpret_cast<crypto_word_t>(abi_test_clobber_r4),
+                      &state, nullptr, 0, 0 /* no breakpoint */);
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r0);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r1);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r2);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r3);
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r4),
+                          "r4 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r5),
+                          "r5 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r6),
+                          "r6 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r7),
+                          "r7 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r8),
+                          "r8 was not restored after return");
+#if defined(OPENSSL_APPLE)
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r9);
+#else
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r9),
+                          "r9 was not restored after return");
+#endif
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r10),
+                          "r10 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_r11),
+                          "r11 was not restored after return");
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_r12);
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d0);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d1);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d2);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d3);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d4);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d5);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d6);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d7);
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d8),
+                          "d8 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d9),
+                          "d9 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d10),
+                          "d10 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d11),
+                          "d11 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d12),
+                          "d12 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d13),
+                          "d13 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d14),
+                          "d14 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d15),
+                          "d15 was not restored after return");
+}
+#endif   // OPENSSL_ARM && SUPPORTS_ABI_TEST
+
+
+#if defined(OPENSSL_AARCH64) && defined(SUPPORTS_ABI_TEST)
+extern "C" {
+void abi_test_clobber_x0(void);
+void abi_test_clobber_x1(void);
+void abi_test_clobber_x2(void);
+void abi_test_clobber_x3(void);
+void abi_test_clobber_x4(void);
+void abi_test_clobber_x5(void);
+void abi_test_clobber_x6(void);
+void abi_test_clobber_x7(void);
+void abi_test_clobber_x8(void);
+void abi_test_clobber_x9(void);
+void abi_test_clobber_x10(void);
+void abi_test_clobber_x11(void);
+void abi_test_clobber_x12(void);
+void abi_test_clobber_x13(void);
+void abi_test_clobber_x14(void);
+void abi_test_clobber_x15(void);
+void abi_test_clobber_x16(void);
+void abi_test_clobber_x17(void);
+// x18 is the platform register and off limits.
+void abi_test_clobber_x19(void);
+void abi_test_clobber_x20(void);
+void abi_test_clobber_x21(void);
+void abi_test_clobber_x22(void);
+void abi_test_clobber_x23(void);
+void abi_test_clobber_x24(void);
+void abi_test_clobber_x25(void);
+void abi_test_clobber_x26(void);
+void abi_test_clobber_x27(void);
+void abi_test_clobber_x28(void);
+void abi_test_clobber_x29(void);
+
+void abi_test_clobber_d0(void);
+void abi_test_clobber_d1(void);
+void abi_test_clobber_d2(void);
+void abi_test_clobber_d3(void);
+void abi_test_clobber_d4(void);
+void abi_test_clobber_d5(void);
+void abi_test_clobber_d6(void);
+void abi_test_clobber_d7(void);
+void abi_test_clobber_d8(void);
+void abi_test_clobber_d9(void);
+void abi_test_clobber_d10(void);
+void abi_test_clobber_d11(void);
+void abi_test_clobber_d12(void);
+void abi_test_clobber_d13(void);
+void abi_test_clobber_d14(void);
+void abi_test_clobber_d15(void);
+void abi_test_clobber_d16(void);
+void abi_test_clobber_d17(void);
+void abi_test_clobber_d18(void);
+void abi_test_clobber_d19(void);
+void abi_test_clobber_d20(void);
+void abi_test_clobber_d21(void);
+void abi_test_clobber_d22(void);
+void abi_test_clobber_d23(void);
+void abi_test_clobber_d24(void);
+void abi_test_clobber_d25(void);
+void abi_test_clobber_d26(void);
+void abi_test_clobber_d27(void);
+void abi_test_clobber_d28(void);
+void abi_test_clobber_d29(void);
+void abi_test_clobber_d30(void);
+void abi_test_clobber_d31(void);
+
+void abi_test_clobber_v8_upper(void);
+void abi_test_clobber_v9_upper(void);
+void abi_test_clobber_v10_upper(void);
+void abi_test_clobber_v11_upper(void);
+void abi_test_clobber_v12_upper(void);
+void abi_test_clobber_v13_upper(void);
+void abi_test_clobber_v14_upper(void);
+void abi_test_clobber_v15_upper(void);
+}  // extern "C"
+
+TEST(ABITest, AArch64) {
+  // abi_test_trampoline hides unsaved registers from the caller, so we can
+  // safely call the abi_test_clobber_* functions below.
+  abi_test::internal::CallerState state;
+  RAND_bytes(reinterpret_cast<uint8_t *>(&state), sizeof(state));
+  CHECK_ABI_NO_UNWIND(abi_test_trampoline,
+                      reinterpret_cast<crypto_word_t>(abi_test_clobber_x19),
+                      &state, nullptr, 0, 0 /* no breakpoint */);
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x0);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x1);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x2);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x3);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x4);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x5);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x6);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x7);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x8);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x9);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x10);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x11);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x12);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x13);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x14);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x15);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x16);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_x17);
+
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x19),
+                          "x19 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x20),
+                          "x20 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x21),
+                          "x21 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x22),
+                          "x22 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x23),
+                          "x23 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x24),
+                          "x24 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x25),
+                          "x25 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x26),
+                          "x26 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x27),
+                          "x27 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x28),
+                          "x28 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_x29),
+                          "x29 was not restored after return");
+
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d0);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d1);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d2);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d3);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d4);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d5);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d6);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d7);
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d8),
+                          "d8 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d9),
+                          "d9 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d10),
+                          "d10 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d11),
+                          "d11 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d12),
+                          "d12 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d13),
+                          "d13 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d14),
+                          "d14 was not restored after return");
+  EXPECT_NONFATAL_FAILURE(CHECK_ABI_NO_UNWIND(abi_test_clobber_d15),
+                          "d15 was not restored after return");
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d16);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d18);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d19);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d20);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d21);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d22);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d23);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d24);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d25);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d26);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d27);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d28);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d29);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d30);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_d31);
+
+  // The lower halves of v8-v15 (accessed as d8-d15) must be preserved, but not
+  // the upper halves.
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v8_upper);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v9_upper);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v10_upper);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v11_upper);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v12_upper);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v13_upper);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v14_upper);
+  CHECK_ABI_NO_UNWIND(abi_test_clobber_v15_upper);
+}
+#endif   // OPENSSL_AARCH64 && SUPPORTS_ABI_TEST

crypto/asn1/CMakeLists.txt

@@ -1,38 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  asn1
-
-  OBJECT
-
-  a_bitstr.c
-  a_bool.c
-  a_d2i_fp.c
-  a_dup.c
-  a_enum.c
-  a_gentm.c
-  a_i2d_fp.c
-  a_int.c
-  a_mbstr.c
-  a_object.c
-  a_octet.c
-  a_print.c
-  a_strnid.c
-  a_time.c
-  a_type.c
-  a_utctm.c
-  a_utf8.c
-  asn1_lib.c
-  asn1_par.c
-  asn_pack.c
-  f_enum.c
-  f_int.c
-  f_string.c
-  tasn_dec.c
-  tasn_enc.c
-  tasn_fre.c
-  tasn_new.c
-  tasn_typ.c
-  tasn_utl.c
-  time_support.c
-)

crypto/asn1/a_d2i_fp.c

@@ -58,240 +58,36 @@
 
 #include <limits.h>
 
-#include <openssl/buf.h>
+#include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
 
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
-
-#ifndef NO_OLD_ASN1
-# ifndef OPENSSL_NO_FP_API
-
-void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x)
-{
-    BIO *b;
-    void *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB);
-        return (NULL);
-    }
-    BIO_set_fp(b, in, BIO_NOCLOSE);
-    ret = ASN1_d2i_bio(xnew, d2i, b, x);
-    BIO_free(b);
-    return (ret);
-}
-# endif
-
-void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
-{
-    BUF_MEM *b = NULL;
-    const unsigned char *p;
-    void *ret = NULL;
-    int len;
-
-    len = asn1_d2i_read_bio(in, &b);
-    if (len < 0)
-        goto err;
-
-    p = (unsigned char *)b->data;
-    ret = d2i(x, &p, len);
- err:
-    if (b != NULL)
-        BUF_MEM_free(b);
-    return (ret);
-}
-
-#endif
 
 void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
 {
-    BUF_MEM *b = NULL;
-    const unsigned char *p;
-    void *ret = NULL;
-    int len;
-
-    len = asn1_d2i_read_bio(in, &b);
-    if (len < 0)
-        goto err;
-
-    p = (const unsigned char *)b->data;
-    ret = ASN1_item_d2i(x, &p, len, it);
- err:
-    if (b != NULL)
-        BUF_MEM_free(b);
-    return (ret);
+    uint8_t *data;
+    size_t len;
+    // Historically, this function did not impose a limit in OpenSSL and is used
+    // to read CRLs, so we leave this without an external bound.
+    if (!BIO_read_asn1(in, &data, &len, INT_MAX)) {
+        return NULL;
+    }
+    const uint8_t *ptr = data;
+    void *ret = ASN1_item_d2i(x, &ptr, len, it);
+    OPENSSL_free(data);
+    return ret;
 }
 
 #ifndef OPENSSL_NO_FP_API
 void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
 {
-    BIO *b;
-    char *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
+    BIO *b = BIO_new_fp(in, BIO_NOCLOSE);
+    if (b == NULL) {
         OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB);
-        return (NULL);
+        return NULL;
     }
-    BIO_set_fp(b, in, BIO_NOCLOSE);
-    ret = ASN1_item_d2i_bio(it, b, x);
+    void *ret = ASN1_item_d2i_bio(it, b, x);
     BIO_free(b);
-    return (ret);
+    return ret;
 }
 #endif
-
-typedef struct asn1_const_ctx_st
-    {
-    const unsigned char *p;/* work char pointer */
-    int eos;    /* end of sequence read for indefinite encoding */
-    int error;  /* error code to use when returning an error */
-    int inf;    /* constructed if 0x20, indefinite is 0x21 */
-    int tag;    /* tag from last 'get object' */
-    int xclass; /* class from last 'get object' */
-    long slen;  /* length of last 'get object' */
-    const unsigned char *max; /* largest value of p allowed */
-    const unsigned char *q;/* temporary variable */
-    const unsigned char **pp;/* variable */
-    int line;   /* used in error processing */
-    } ASN1_const_CTX;
-
-#define HEADER_SIZE   8
-#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
-{
-    BUF_MEM *b;
-    unsigned char *p;
-    int i;
-    ASN1_const_CTX c;
-    size_t want = HEADER_SIZE;
-    int eos = 0;
-    size_t off = 0;
-    size_t len = 0;
-
-    b = BUF_MEM_new();
-    if (b == NULL) {
-        OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
-        return -1;
-    }
-
-    ERR_clear_error();
-    for (;;) {
-        if (want >= (len - off)) {
-            want -= (len - off);
-
-            if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
-                OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            i = BIO_read(in, &(b->data[len]), want);
-            if ((i < 0) && ((len - off) == 0)) {
-                OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
-                goto err;
-            }
-            if (i > 0) {
-                if (len + i < len) {
-                    OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
-                    goto err;
-                }
-                len += i;
-            }
-        }
-        /* else data already loaded */
-
-        p = (unsigned char *)&(b->data[off]);
-        c.p = p;
-        c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag), &(c.xclass),
-                                len - off);
-        if (c.inf & 0x80) {
-            uint32_t e;
-
-            e = ERR_GET_REASON(ERR_peek_error());
-            if (e != ASN1_R_TOO_LONG)
-                goto err;
-            else
-                ERR_clear_error(); /* clear error */
-        }
-        i = c.p - p;            /* header length */
-        off += i;               /* end of data */
-
-        if (c.inf & 1) {
-            /* no data body so go round again */
-            eos++;
-            if (eos < 0) {
-                OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG);
-                goto err;
-            }
-            want = HEADER_SIZE;
-        } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
-            /* eos value, so go back and read another header */
-            eos--;
-            if (eos <= 0)
-                break;
-            else
-                want = HEADER_SIZE;
-        } else {
-            /* suck in c.slen bytes of data */
-            want = c.slen;
-            if (want > (len - off)) {
-                size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
-                want -= (len - off);
-                if (want > INT_MAX /* BIO_read takes an int length */  ||
-                    len + want < len) {
-                    OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
-                    goto err;
-                }
-                while (want > 0) {
-                    /*
-                     * Read content in chunks of increasing size
-                     * so we can return an error for EOF without
-                     * having to allocate the entire content length
-                     * in one go.
-                     */
-                    size_t chunk = want > chunk_max ? chunk_max : want;
-
-                    if (!BUF_MEM_grow_clean(b, len + chunk)) {
-                        OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
-                        goto err;
-                    }
-                    want -= chunk;
-                    while (chunk > 0) {
-                        i = BIO_read(in, &(b->data[len]), chunk);
-                        if (i <= 0) {
-                            OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
-                            goto err;
-                        }
-                        /*
-                         * This can't overflow because |len+want| didn't
-                         * overflow.
-                         */
-                        len += i;
-                        chunk -= i;
-                    }
-                    if (chunk_max < INT_MAX/2)
-                        chunk_max *= 2;
-                }
-            }
-            if (off + c.slen < off) {
-                OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
-                goto err;
-            }
-            off += c.slen;
-            if (eos <= 0) {
-                break;
-            } else
-                want = HEADER_SIZE;
-        }
-    }
-
-    if (off > INT_MAX) {
-        OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
-        goto err;
-    }
-
-    *pb = b;
-    return off;
- err:
-    if (b != NULL)
-        BUF_MEM_free(b);
-    return -1;
-}

crypto/asn1/a_dup.c

@@ -59,30 +59,6 @@
 #include <openssl/err.h>
 #include <openssl/mem.h>
 
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
-{
-    unsigned char *b, *p;
-    const unsigned char *p2;
-    int i;
-    char *ret;
-
-    if (x == NULL)
-        return (NULL);
-
-    i = i2d(x, NULL);
-    b = OPENSSL_malloc(i + 10);
-    if (b == NULL) {
-        OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    p = b;
-    i = i2d(x, &p);
-    p2 = b;
-    ret = d2i(NULL, &p2, i);
-    OPENSSL_free(b);
-    return (ret);
-}
-
 /*
  * ASN1_ITEM version of dup: this follows the model above except we don't
  * need to allocate the buffer. At some point this could be rewritten to

crypto/asn1/a_enum.c

@@ -120,8 +120,8 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
     else if (i != V_ASN1_ENUMERATED)
         return -1;
 
-    OPENSSL_COMPILE_ASSERT(sizeof(uint64_t) >= sizeof(long),
-                           long_larger_than_uint64_t);
+    OPENSSL_STATIC_ASSERT(sizeof(uint64_t) >= sizeof(long),
+                          "long larger than uint64_t");
 
     if (a->length > (int)sizeof(uint64_t)) {
         /* hmm... a bit ugly */

crypto/asn1/a_i2d_fp.c

@@ -56,95 +56,33 @@
 
 #include <openssl/asn1.h>
 
+#include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
 
-int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, out, BIO_NOCLOSE);
-    ret = ASN1_i2d_bio(i2d, b, x);
-    BIO_free(b);
-    return (ret);
-}
-
-int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, void *x)
-{
-    char *b;
-    unsigned char *p;
-    int i, j = 0, n, ret = 1;
-
-    n = i2d(x, NULL);
-    if (n <= 0)
-        return 0;
-
-    b = (char *)OPENSSL_malloc(n);
-    if (b == NULL) {
-        OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-
-    p = (unsigned char *)b;
-    i2d(x, &p);
-
-    for (;;) {
-        i = BIO_write(out, &(b[j]), n);
-        if (i == n)
-            break;
-        if (i <= 0) {
-            ret = 0;
-            break;
-        }
-        j += i;
-        n -= i;
-    }
-    OPENSSL_free(b);
-    return (ret);
-}
 
 int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
 {
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
+    BIO *b = BIO_new_fp(out, BIO_NOCLOSE);
+    if (b == NULL) {
         OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB);
-        return (0);
+        return 0;
     }
-    BIO_set_fp(b, out, BIO_NOCLOSE);
-    ret = ASN1_item_i2d_bio(it, b, x);
+    int ret = ASN1_item_i2d_bio(it, b, x);
     BIO_free(b);
-    return (ret);
+    return ret;
 }
 
 int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
 {
     unsigned char *b = NULL;
-    int i, j = 0, n, ret = 1;
-
-    n = ASN1_item_i2d(x, &b, it);
+    int n = ASN1_item_i2d(x, &b, it);
     if (b == NULL) {
         OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
-        return (0);
+        return 0;
     }
 
-    for (;;) {
-        i = BIO_write(out, &(b[j]), n);
-        if (i == n)
-            break;
-        if (i <= 0) {
-            ret = 0;
-            break;
-        }
-        j += i;
-        n -= i;
-    }
+    int ret = BIO_write_all(out, b, n);
     OPENSSL_free(b);
-    return (ret);
+    return ret;
 }

crypto/asn1/a_int.c

@@ -195,6 +195,16 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
     unsigned char *to, *s;
     int i;
 
+    /*
+     * This function can handle lengths up to INT_MAX - 1, but the rest of the
+     * legacy ASN.1 code mixes integer types, so avoid exposing it to
+     * ASN1_INTEGERS with larger lengths.
+     */
+    if (len < 0 || len > INT_MAX / 2) {
+        OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
+        return NULL;
+    }
+
     if ((a == NULL) || ((*a) == NULL)) {
         if ((ret = M_ASN1_INTEGER_new()) == NULL)
             return (NULL);
@@ -276,75 +286,6 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
     return (NULL);
 }
 
-/*
- * This is a version of d2i_ASN1_INTEGER that ignores the sign bit of ASN1
- * integers: some broken software can encode a positive INTEGER with its MSB
- * set as negative (it doesn't add a padding zero).
- */
-
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-                                long length)
-{
-    ASN1_INTEGER *ret = NULL;
-    const unsigned char *p;
-    unsigned char *s;
-    long len;
-    int inf, tag, xclass;
-    int i;
-
-    if ((a == NULL) || ((*a) == NULL)) {
-        if ((ret = M_ASN1_INTEGER_new()) == NULL)
-            return (NULL);
-        ret->type = V_ASN1_INTEGER;
-    } else
-        ret = (*a);
-
-    p = *pp;
-    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-    if (inf & 0x80) {
-        i = ASN1_R_BAD_OBJECT_HEADER;
-        goto err;
-    }
-
-    if (tag != V_ASN1_INTEGER) {
-        i = ASN1_R_EXPECTING_AN_INTEGER;
-        goto err;
-    }
-
-    /*
-     * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
-     * a missing NULL parameter.
-     */
-    s = (unsigned char *)OPENSSL_malloc((int)len + 1);
-    if (s == NULL) {
-        i = ERR_R_MALLOC_FAILURE;
-        goto err;
-    }
-    ret->type = V_ASN1_INTEGER;
-    if (len) {
-        if ((*p == 0) && (len != 1)) {
-            p++;
-            len--;
-        }
-        OPENSSL_memcpy(s, p, (int)len);
-        p += len;
-    }
-
-    if (ret->data != NULL)
-        OPENSSL_free(ret->data);
-    ret->data = s;
-    ret->length = (int)len;
-    if (a != NULL)
-        (*a) = ret;
-    *pp = p;
-    return (ret);
- err:
-    OPENSSL_PUT_ERROR(ASN1, i);
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        M_ASN1_INTEGER_free(ret);
-    return (NULL);
-}
-
 int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
 {
     if (v >= 0) {
@@ -400,8 +341,8 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a)
     else if (i != V_ASN1_INTEGER)
         return -1;
 
-    OPENSSL_COMPILE_ASSERT(sizeof(uint64_t) >= sizeof(long),
-                           long_larger_than_uint64_t);
+    OPENSSL_STATIC_ASSERT(sizeof(uint64_t) >= sizeof(long),
+                          "long larger than uint64_t");
 
     if (a->length > (int)sizeof(uint64_t)) {
         /* hmm... a bit ugly, return all ones */

crypto/asn1/asn1_lib.c

@@ -205,7 +205,11 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
         } else
             ret = i;
     }
-    if (ret > LONG_MAX)
+    /*
+     * Bound the length to comfortably fit in an int. Lengths in this module
+     * often switch between int and long without overflow checks.
+     */
+    if (ret > INT_MAX / 2)
         return 0;
     *pp = p;
     *rl = (long)ret;

crypto/asn1/tasn_enc.c

@@ -192,7 +192,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
         /* Use indefinite length constructed if requested */
         if (aclass & ASN1_TFLG_NDEF)
             ndef = 2;
-        /* fall through */
+        OPENSSL_FALLTHROUGH;
 
     case ASN1_ITYPE_SEQUENCE:
         i = asn1_enc_restore(&seqcontlen, out, pval, it);

crypto/base64/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  base64
-
-  OBJECT
-
-  base64.c
-)

crypto/base64/base64.c

@@ -98,8 +98,8 @@ static uint8_t conv_bin2ascii(uint8_t a) {
   return ret;
 }
 
-OPENSSL_COMPILE_ASSERT(sizeof(((EVP_ENCODE_CTX *)(NULL))->data) % 3 == 0,
-                       data_length_must_be_multiple_of_base64_chunk_size);
+OPENSSL_STATIC_ASSERT(sizeof(((EVP_ENCODE_CTX *)(NULL))->data) % 3 == 0,
+                      "data length must be a multiple of base64 chunk size");
 
 int EVP_EncodedLength(size_t *out_len, size_t len) {
   if (len + 2 < len) {

crypto/base64/base64_test.cc

@@ -39,14 +39,14 @@ enum encoding_relation {
   invalid,
 };
 
-struct TestVector {
+struct Base64TestVector {
   enum encoding_relation relation;
   const char *decoded;
   const char *encoded;
 };
 
 // Test vectors from RFC 4648.
-static const TestVector kTestVectors[] = {
+static const Base64TestVector kTestVectors[] = {
     {canonical, "", ""},
     {canonical, "f", "Zg==\n"},
     {canonical, "fo", "Zm8=\n"},
@@ -103,9 +103,9 @@ static const TestVector kTestVectors[] = {
      "=======\n"},
 };
 
-class Base64Test : public testing::TestWithParam<TestVector> {};
+class Base64Test : public testing::TestWithParam<Base64TestVector> {};
 
-INSTANTIATE_TEST_CASE_P(, Base64Test, testing::ValuesIn(kTestVectors));
+INSTANTIATE_TEST_SUITE_P(All, Base64Test, testing::ValuesIn(kTestVectors));
 
 // RemoveNewlines returns a copy of |in| with all '\n' characters removed.
 static std::string RemoveNewlines(const char *in) {
@@ -122,7 +122,7 @@ static std::string RemoveNewlines(const char *in) {
 }
 
 TEST_P(Base64Test, EncodeBlock) {
-  const TestVector &t = GetParam();
+  const Base64TestVector &t = GetParam();
   if (t.relation != canonical) {
     return;
   }
@@ -140,7 +140,7 @@ TEST_P(Base64Test, EncodeBlock) {
 }
 
 TEST_P(Base64Test, DecodeBase64) {
-  const TestVector &t = GetParam();
+  const Base64TestVector &t = GetParam();
   if (t.relation == valid) {
     // The non-canonical encodings will generally have odd whitespace etc
     // that |EVP_DecodeBase64| will reject.
@@ -164,7 +164,7 @@ TEST_P(Base64Test, DecodeBase64) {
 }
 
 TEST_P(Base64Test, DecodeBlock) {
-  const TestVector &t = GetParam();
+  const Base64TestVector &t = GetParam();
   if (t.relation != canonical) {
     return;
   }
@@ -188,7 +188,7 @@ TEST_P(Base64Test, DecodeBlock) {
 }
 
 TEST_P(Base64Test, EncodeDecode) {
-  const TestVector &t = GetParam();
+  const Base64TestVector &t = GetParam();
 
   EVP_ENCODE_CTX ctx;
   const size_t decoded_len = strlen(t.decoded);
@@ -246,7 +246,7 @@ TEST_P(Base64Test, EncodeDecode) {
 }
 
 TEST_P(Base64Test, DecodeUpdateStreaming) {
-  const TestVector &t = GetParam();
+  const Base64TestVector &t = GetParam();
   if (t.relation == invalid) {
     return;
   }

crypto/bio/CMakeLists.txt

@@ -1,18 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  bio
-
-  OBJECT
-
-  bio.c
-  bio_mem.c
-  connect.c
-  fd.c
-  file.c
-  hexdump.c
-  pair.c
-  printf.c
-  socket.c
-  socket_helper.c
-)

crypto/bio/bio.c

@@ -61,6 +61,7 @@
 #include <limits.h>
 #include <string.h>
 
+#include <openssl/asn1.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
 #include <openssl/thread.h>
@@ -177,6 +178,19 @@ int BIO_write(BIO *bio, const void *in, int inl) {
   return ret;
 }
 
+int BIO_write_all(BIO *bio, const void *data, size_t len) {
+  const uint8_t *data_u8 = data;
+  while (len > 0) {
+    int ret = BIO_write(bio, data_u8, len > INT_MAX ? INT_MAX : (int)len);
+    if (ret <= 0) {
+      return 0;
+    }
+    data_u8 += ret;
+    len -= ret;
+  }
+  return 1;
+}
+
 int BIO_puts(BIO *bio, const char *in) {
   return BIO_write(bio, in, strlen(in));
 }
@@ -468,11 +482,52 @@ static int bio_read_all(BIO *bio, uint8_t **out, size_t *out_len,
   }
 }
 
+// bio_read_full reads |len| bytes |bio| and writes them into |out|. It
+// tolerates partial reads from |bio| and returns one on success or zero if a
+// read fails before |len| bytes are read. On failure, it additionally sets
+// |*out_eof_on_first_read| to whether the error was due to |bio| returning zero
+// on the first read. |out_eof_on_first_read| may be NULL to discard the value.
+static int bio_read_full(BIO *bio, uint8_t *out, int *out_eof_on_first_read,
+                         size_t len) {
+  int first_read = 1;
+  while (len > 0) {
+    int todo = len <= INT_MAX ? (int)len : INT_MAX;
+    int ret = BIO_read(bio, out, todo);
+    if (ret <= 0) {
+      if (out_eof_on_first_read != NULL) {
+        *out_eof_on_first_read = first_read && ret == 0;
+      }
+      return 0;
+    }
+    out += ret;
+    len -= (size_t)ret;
+    first_read = 0;
+  }
+
+  return 1;
+}
+
+// For compatibility with existing |d2i_*_bio| callers, |BIO_read_asn1| uses
+// |ERR_LIB_ASN1| errors.
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_DECODE_ERROR)
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_HEADER_TOO_LONG)
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_NOT_ENOUGH_DATA)
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_TOO_LONG)
+
 int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, size_t max_len) {
   uint8_t header[6];
 
   static const size_t kInitialHeaderLen = 2;
-  if (BIO_read(bio, header, kInitialHeaderLen) != (int) kInitialHeaderLen) {
+  int eof_on_first_read;
+  if (!bio_read_full(bio, header, &eof_on_first_read, kInitialHeaderLen)) {
+    if (eof_on_first_read) {
+      // Historically, OpenSSL returned |ASN1_R_HEADER_TOO_LONG| when
+      // |d2i_*_bio| could not read anything. CPython conditions on this to
+      // determine if |bio| was empty.
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG);
+    } else {
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
+    }
     return 0;
   }
 
@@ -481,6 +536,7 @@ int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, size_t max_len) {
 
   if ((tag & 0x1f) == 0x1f) {
     // Long form tags are not supported.
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
     return 0;
   }
 
@@ -494,34 +550,40 @@ int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, size_t max_len) {
 
     if ((tag & 0x20 /* constructed */) != 0 && num_bytes == 0) {
       // indefinite length.
-      return bio_read_all(bio, out, out_len, header, kInitialHeaderLen,
-                          max_len);
+      if (!bio_read_all(bio, out, out_len, header, kInitialHeaderLen,
+                        max_len)) {
+        OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
+        return 0;
+      }
+      return 1;
     }
 
     if (num_bytes == 0 || num_bytes > 4) {
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
       return 0;
     }
 
-    if (BIO_read(bio, header + kInitialHeaderLen, num_bytes) !=
-        (int)num_bytes) {
+    if (!bio_read_full(bio, header + kInitialHeaderLen, NULL, num_bytes)) {
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
       return 0;
     }
     header_len = kInitialHeaderLen + num_bytes;
 
     uint32_t len32 = 0;
-    unsigned i;
-    for (i = 0; i < num_bytes; i++) {
+    for (unsigned i = 0; i < num_bytes; i++) {
       len32 <<= 8;
       len32 |= header[kInitialHeaderLen + i];
     }
 
     if (len32 < 128) {
       // Length should have used short-form encoding.
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
       return 0;
     }
 
     if ((len32 >> ((num_bytes-1)*8)) == 0) {
       // Length should have been at least one byte shorter.
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
       return 0;
     }
 
@@ -531,6 +593,7 @@ int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, size_t max_len) {
   if (len + header_len < len ||
       len + header_len > max_len ||
       len > INT_MAX) {
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
     return 0;
   }
   len += header_len;
@@ -538,11 +601,12 @@ int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, size_t max_len) {
 
   *out = OPENSSL_malloc(len);
   if (*out == NULL) {
+    OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
     return 0;
   }
   OPENSSL_memcpy(*out, header, header_len);
-  if (BIO_read(bio, (*out) + header_len, len - header_len) !=
-      (int) (len - header_len)) {
+  if (!bio_read_full(bio, (*out) + header_len, NULL, len - header_len)) {
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
     OPENSSL_free(*out);
     return 0;
   }

crypto/bio/bio_test.cc

@@ -220,7 +220,7 @@ TEST_P(BIOASN1Test, ReadASN1) {
   }
 }
 
-INSTANTIATE_TEST_CASE_P(, BIOASN1Test, testing::ValuesIn(kASN1TestParams));
+INSTANTIATE_TEST_SUITE_P(All, BIOASN1Test, testing::ValuesIn(kASN1TestParams));
 
 // Run through the tests twice, swapping |bio1| and |bio2|, for symmetry.
 class BIOPairTest : public testing::TestWithParam<bool> {};
@@ -322,4 +322,4 @@ TEST_P(BIOPairTest, TestPair) {
   EXPECT_EQ(Bytes("12345"), Bytes(buf, 5));
 }
 
-INSTANTIATE_TEST_CASE_P(, BIOPairTest, testing::Values(false, true));
+INSTANTIATE_TEST_SUITE_P(All, BIOPairTest, testing::Values(false, true));

crypto/bio/file.c

@@ -107,13 +107,12 @@ BIO *BIO_new_file(const char *filename, const char *mode) {
     return NULL;
   }
 
-  ret = BIO_new(BIO_s_file());
+  ret = BIO_new_fp(file, BIO_CLOSE);
   if (ret == NULL) {
     fclose(file);
     return NULL;
   }
 
-  BIO_set_fp(ret, file, BIO_CLOSE);
   return ret;
 }
 

crypto/bn_extra/CMakeLists.txt

@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  bn_extra
-
-  OBJECT
-
-  bn_asn1.c
-  convert.c
-)

crypto/bn_extra/convert.c

@@ -367,17 +367,13 @@ end:
 }
 
 int BN_print_fp(FILE *fp, const BIGNUM *a) {
-  BIO *b;
-  int ret;
-
-  b = BIO_new(BIO_s_file());
+  BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
   if (b == NULL) {
     return 0;
   }
-  BIO_set_fp(b, fp, BIO_NOCLOSE);
-  ret = BN_print(b, a);
-  BIO_free(b);
 
+  int ret = BN_print(b, a);
+  BIO_free(b);
   return ret;
 }
 
@@ -464,3 +460,11 @@ BIGNUM *BN_mpi2bn(const uint8_t *in, size_t len, BIGNUM *out) {
   }
   return out;
 }
+
+int BN_bn2binpad(const BIGNUM *in, uint8_t *out, int len) {
+  if (len < 0 ||
+      !BN_bn2bin_padded(out, (size_t)len, in)) {
+    return -1;
+  }
+  return len;
+}

crypto/buf/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  buf
-
-  OBJECT
-
-  buf.c
-)

crypto/bytestring/CMakeLists.txt

@@ -1,13 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  bytestring
-
-  OBJECT
-
-  asn1_compat.c
-  ber.c
-  cbs.c
-  cbb.c
-  unicode.c
-)

crypto/bytestring/bytestring_test.cc

@@ -12,10 +12,6 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#if !defined(__STDC_CONSTANT_MACROS)
-#define __STDC_CONSTANT_MACROS
-#endif
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -46,10 +42,12 @@ TEST(CBSTest, Skip) {
 }
 
 TEST(CBSTest, GetUint) {
-  static const uint8_t kData[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12};
+  static const uint8_t kData[] = {1,  2,  3,  4,  5,  6,  7,  8,  9,  10,
+                                  11, 12, 13, 14, 15, 16, 17, 18, 19, 20};
   uint8_t u8;
   uint16_t u16;
   uint32_t u32;
+  uint64_t u64;
   CBS data;
 
   CBS_init(&data, kData, sizeof(kData));
@@ -61,10 +59,12 @@ TEST(CBSTest, GetUint) {
   EXPECT_EQ(0x40506u, u32);
   ASSERT_TRUE(CBS_get_u32(&data, &u32));
   EXPECT_EQ(0x708090au, u32);
+  ASSERT_TRUE(CBS_get_u64(&data, &u64));
+  EXPECT_EQ(0xb0c0d0e0f101112u, u64);
   ASSERT_TRUE(CBS_get_last_u8(&data, &u8));
-  EXPECT_EQ(0xcu, u8);
+  EXPECT_EQ(0x14u, u8);
   ASSERT_TRUE(CBS_get_last_u8(&data, &u8));
-  EXPECT_EQ(0xbu, u8);
+  EXPECT_EQ(0x13u, u8);
   EXPECT_FALSE(CBS_get_u8(&data, &u8));
   EXPECT_FALSE(CBS_get_last_u8(&data, &u8));
 }
@@ -314,7 +314,9 @@ TEST(CBBTest, InitUninitialized) {
 }
 
 TEST(CBBTest, Basic) {
-  static const uint8_t kExpected[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0xa, 0xb, 0xc};
+  static const uint8_t kExpected[] = {1,   2,    3,    4,    5,    6,   7,
+                                      8,   9,    0xa,  0xb,  0xc,  0xd, 0xe,
+                                      0xf, 0x10, 0x11, 0x12, 0x13, 0x14};
   uint8_t *buf;
   size_t buf_len;
 
@@ -327,7 +329,8 @@ TEST(CBBTest, Basic) {
   ASSERT_TRUE(CBB_add_u16(cbb.get(), 0x203));
   ASSERT_TRUE(CBB_add_u24(cbb.get(), 0x40506));
   ASSERT_TRUE(CBB_add_u32(cbb.get(), 0x708090a));
-  ASSERT_TRUE(CBB_add_bytes(cbb.get(), (const uint8_t *)"\x0b\x0c", 2));
+  ASSERT_TRUE(CBB_add_u64(cbb.get(), 0xb0c0d0e0f101112));
+  ASSERT_TRUE(CBB_add_bytes(cbb.get(), (const uint8_t *)"\x13\x14", 2));
   ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
 
   bssl::UniquePtr<uint8_t> scoper(buf);

crypto/bytestring/cbb.c

@@ -44,7 +44,7 @@ static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) {
   base->error = 0;
 
   cbb->base = base;
-  cbb->is_top_level = 1;
+  cbb->is_child = 0;
   return 1;
 }
 
@@ -76,11 +76,14 @@ int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len) {
 }
 
 void CBB_cleanup(CBB *cbb) {
-  if (cbb->base) {
-    // Only top-level |CBB|s are cleaned up. Child |CBB|s are non-owning. They
-    // are implicitly discarded when the parent is flushed or cleaned up.
-    assert(cbb->is_top_level);
+  // Child |CBB|s are non-owning. They are implicitly discarded and should not
+  // be used with |CBB_cleanup| or |ScopedCBB|.
+  assert(!cbb->is_child);
+  if (cbb->is_child) {
+    return;
+  }
 
+  if (cbb->base) {
     if (cbb->base->can_resize) {
       OPENSSL_free(cbb->base->buf);
     }
@@ -144,7 +147,7 @@ static int cbb_buffer_add(struct cbb_buffer_st *base, uint8_t **out,
   return 1;
 }
 
-static int cbb_buffer_add_u(struct cbb_buffer_st *base, uint32_t v,
+static int cbb_buffer_add_u(struct cbb_buffer_st *base, uint64_t v,
                             size_t len_len) {
   if (len_len == 0) {
     return 1;
@@ -169,7 +172,7 @@ static int cbb_buffer_add_u(struct cbb_buffer_st *base, uint32_t v,
 }
 
 int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len) {
-  if (!cbb->is_top_level) {
+  if (cbb->is_child) {
     return 0;
   }
 
@@ -310,6 +313,7 @@ static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents,
   OPENSSL_memset(prefix_bytes, 0, len_len);
   OPENSSL_memset(out_contents, 0, sizeof(CBB));
   out_contents->base = cbb->base;
+  out_contents->is_child = 1;
   cbb->child = out_contents;
   cbb->child->offset = offset;
   cbb->child->pending_len_len = len_len;
@@ -381,6 +385,7 @@ int CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned tag) {
 
   OPENSSL_memset(out_contents, 0, sizeof(CBB));
   out_contents->base = cbb->base;
+  out_contents->is_child = 1;
   cbb->child = out_contents;
   cbb->child->offset = offset;
   cbb->child->pending_len_len = 1;
@@ -459,6 +464,13 @@ int CBB_add_u32(CBB *cbb, uint32_t value) {
   return cbb_buffer_add_u(cbb->base, value, 4);
 }
 
+int CBB_add_u64(CBB *cbb, uint64_t value) {
+  if (!CBB_flush(cbb)) {
+    return 0;
+  }
+  return cbb_buffer_add_u(cbb->base, value, 8);
+}
+
 void CBB_discard_child(CBB *cbb) {
   if (cbb->child == NULL) {
     return;

crypto/bytestring/cbs.c

@@ -12,10 +12,6 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#if !defined(__STDC_FORMAT_MACROS)
-#define __STDC_FORMAT_MACROS
-#endif
-
 #include <openssl/buf.h>
 #include <openssl/mem.h>
 #include <openssl/bytestring.h>
@@ -92,8 +88,8 @@ int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {
   return CRYPTO_memcmp(cbs->data, data, len) == 0;
 }
 
-static int cbs_get_u(CBS *cbs, uint32_t *out, size_t len) {
-  uint32_t result = 0;
+static int cbs_get_u(CBS *cbs, uint64_t *out, size_t len) {
+  uint64_t result = 0;
   const uint8_t *data;
 
   if (!cbs_get(cbs, &data, len)) {
@@ -117,7 +113,7 @@ int CBS_get_u8(CBS *cbs, uint8_t *out) {
 }
 
 int CBS_get_u16(CBS *cbs, uint16_t *out) {
-  uint32_t v;
+  uint64_t v;
   if (!cbs_get_u(cbs, &v, 2)) {
     return 0;
   }
@@ -126,11 +122,25 @@ int CBS_get_u16(CBS *cbs, uint16_t *out) {
 }
 
 int CBS_get_u24(CBS *cbs, uint32_t *out) {
-  return cbs_get_u(cbs, out, 3);
+  uint64_t v;
+  if (!cbs_get_u(cbs, &v, 3)) {
+    return 0;
+  }
+  *out = v;
+  return 1;
 }
 
 int CBS_get_u32(CBS *cbs, uint32_t *out) {
-  return cbs_get_u(cbs, out, 4);
+  uint64_t v;
+  if (!cbs_get_u(cbs, &v, 4)) {
+    return 0;
+  }
+  *out = v;
+  return 1;
+}
+
+int CBS_get_u64(CBS *cbs, uint64_t *out) {
+  return cbs_get_u(cbs, out, 8);
 }
 
 int CBS_get_last_u8(CBS *cbs, uint8_t *out) {
@@ -161,10 +171,13 @@ int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len) {
 }
 
 static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) {
-  uint32_t len;
+  uint64_t len;
   if (!cbs_get_u(cbs, &len, len_len)) {
     return 0;
   }
+  // If |len_len| <= 3 then we know that |len| will fit into a |size_t|, even on
+  // 32-bit systems.
+  assert(len_len <= 3);
   return CBS_get_bytes(cbs, out, len);
 }
 
@@ -278,7 +291,7 @@ static int cbs_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag,
     // encode the number of subsequent octets used to encode the length (ITU-T
     // X.690 clause 8.1.3.5.b).
     const size_t num_bytes = length_byte & 0x7f;
-    uint32_t len32;
+    uint64_t len64;
 
     if (ber_ok && (tag & CBS_ASN1_CONSTRUCTED) != 0 && num_bytes == 0) {
       // indefinite length
@@ -294,20 +307,20 @@ static int cbs_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag,
     if (num_bytes == 0 || num_bytes > 4) {
       return 0;
     }
-    if (!cbs_get_u(&header, &len32, num_bytes)) {
+    if (!cbs_get_u(&header, &len64, num_bytes)) {
       return 0;
     }
     // ITU-T X.690 section 10.1 (DER length forms) requires encoding the length
     // with the minimum number of octets.
-    if (len32 < 128) {
+    if (len64 < 128) {
       // Length should have used short-form encoding.
       return 0;
     }
-    if ((len32 >> ((num_bytes-1)*8)) == 0) {
+    if ((len64 >> ((num_bytes-1)*8)) == 0) {
       // Length should have been at least one byte shorter.
       return 0;
     }
-    len = len32;
+    len = len64;
     if (len + header_len + num_bytes < len) {
       // Overflow.
       return 0;

crypto/chacha/CMakeLists.txt

@@ -1,48 +0,0 @@
-include_directories(../../include)
-
-if(${ARCH} STREQUAL "arm")
-  set(
-    CHACHA_ARCH_SOURCES
-
-    chacha-armv4.${ASM_EXT}
-  )
-endif()
-
-if(${ARCH} STREQUAL "aarch64")
-  set(
-    CHACHA_ARCH_SOURCES
-
-    chacha-armv8.${ASM_EXT}
-  )
-endif()
-
-if(${ARCH} STREQUAL "x86")
-  set(
-    CHACHA_ARCH_SOURCES
-
-    chacha-x86.${ASM_EXT}
-  )
-endif()
-
-if(${ARCH} STREQUAL "x86_64")
-  set(
-    CHACHA_ARCH_SOURCES
-
-    chacha-x86_64.${ASM_EXT}
-  )
-endif()
-
-add_library(
-  chacha
-
-  OBJECT
-
-  chacha.c
-
-  ${CHACHA_ARCH_SOURCES}
-)
-
-perlasm(chacha-armv4.${ASM_EXT} asm/chacha-armv4.pl)
-perlasm(chacha-armv8.${ASM_EXT} asm/chacha-armv8.pl)
-perlasm(chacha-x86.${ASM_EXT} asm/chacha-x86.pl)
-perlasm(chacha-x86_64.${ASM_EXT} asm/chacha-x86_64.pl)

crypto/chacha/asm/chacha-armv4.pl

@@ -44,9 +44,11 @@ if ($flavour && $flavour ne "void") {
     ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or
     die "can't locate arm-xlate.pl";
 
-    open STDOUT,"| \"$^X\" $xlate $flavour $output";
+    open OUT,"| \"$^X\" $xlate $flavour $output";
+    *STDOUT=*OUT;
 } else {
-    open STDOUT,">$output";
+    open OUT,">$output";
+    *STDOUT=*OUT;
 }
 
 sub AUTOLOAD()		# thunk [simplified] x86-style perlasm
@@ -1161,4 +1163,4 @@ foreach (split("\n",$code)) {
 
 	print $_,"\n";
 }
-close STDOUT;
+close STDOUT or die "error closing STDOUT";

crypto/chacha/asm/chacha-armv8.pl

@@ -122,37 +122,32 @@ my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2));
 $code.=<<___;
 #include <openssl/arm_arch.h>
 
-.text
-
 .extern	OPENSSL_armcap_P
 
+.section .rodata
+
 .align	5
 .Lsigma:
 .quad	0x3320646e61707865,0x6b20657479622d32		// endian-neutral
 .Lone:
 .long	1,0,0,0
-.LOPENSSL_armcap_P:
-#ifdef	__ILP32__
-.long	OPENSSL_armcap_P-.
-#else
-.quad	OPENSSL_armcap_P-.
-#endif
 .asciz	"ChaCha20 for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
 
+.text
+
 .globl	ChaCha20_ctr32
 .type	ChaCha20_ctr32,%function
 .align	5
 ChaCha20_ctr32:
 	cbz	$len,.Labort
-	adr	@x[0],.LOPENSSL_armcap_P
+#if __has_feature(hwaddress_sanitizer) && __clang_major__ >= 10
+	adrp	@x[0],:pg_hi21_nc:OPENSSL_armcap_P
+#else
+	adrp	@x[0],:pg_hi21:OPENSSL_armcap_P
+#endif
 	cmp	$len,#192
 	b.lo	.Lshort
-#ifdef	__ILP32__
-	ldrsw	@x[1],[@x[0]]
-#else
-	ldr	@x[1],[@x[0]]
-#endif
-	ldr	w17,[@x[1],@x[0]]
+	ldr	w17,[@x[0],:lo12:OPENSSL_armcap_P]
 	tst	w17,#ARMV7_NEON
 	b.ne	ChaCha20_neon
 
@@ -160,7 +155,8 @@ ChaCha20_ctr32:
 	stp	x29,x30,[sp,#-96]!
 	add	x29,sp,#0
 
-	adr	@x[0],.Lsigma
+	adrp	@x[0],:pg_hi21:.Lsigma
+	add	@x[0],@x[0],:lo12:.Lsigma
 	stp	x19,x20,[sp,#16]
 	stp	x21,x22,[sp,#32]
 	stp	x23,x24,[sp,#48]
@@ -380,7 +376,8 @@ ChaCha20_neon:
 	stp	x29,x30,[sp,#-96]!
 	add	x29,sp,#0
 
-	adr	@x[0],.Lsigma
+	adrp	@x[0],:pg_hi21:.Lsigma
+	add	@x[0],@x[0],:lo12:.Lsigma
 	stp	x19,x20,[sp,#16]
 	stp	x21,x22,[sp,#32]
 	stp	x23,x24,[sp,#48]
@@ -699,7 +696,8 @@ ChaCha20_512_neon:
 	stp	x29,x30,[sp,#-96]!
 	add	x29,sp,#0
 
-	adr	@x[0],.Lsigma
+	adrp	@x[0],:pg_hi21:.Lsigma
+	add	@x[0],@x[0],:lo12:.Lsigma
 	stp	x19,x20,[sp,#16]
 	stp	x21,x22,[sp,#32]
 	stp	x23,x24,[sp,#48]
@@ -1133,4 +1131,4 @@ foreach (split("\n",$code)) {
 
 	print $_,"\n";
 }
-close STDOUT;	# flush
+close STDOUT or die "error closing STDOUT";	# flush

crypto/chacha/asm/chacha-x86.pl

@@ -769,4 +769,4 @@ sub SSSE3ROUND {	# critical path is 20 "SIMD ticks" per round
 
 &asm_finish();
 
-close STDOUT;
+close STDOUT or die "error closing STDOUT";

crypto/chacha/asm/chacha-x86_64.pl

@@ -228,6 +228,7 @@ $code.=<<___;
 .type	ChaCha20_ctr32,\@function,5
 .align	64
 ChaCha20_ctr32:
+.cfi_startproc
 	cmp	\$0,$len
 	je	.Lno_data
 	mov	OPENSSL_ia32cap_P+4(%rip),%r10
@@ -241,12 +242,19 @@ $code.=<<___;
 	jnz	.LChaCha20_ssse3
 
 	push	%rbx
+.cfi_push	rbx
 	push	%rbp
+.cfi_push	rbp
 	push	%r12
+.cfi_push	r12
 	push	%r13
+.cfi_push	r13
 	push	%r14
+.cfi_push	r14
 	push	%r15
+.cfi_push	r15
 	sub	\$64+24,%rsp
+.cfi_adjust_cfa_offset	`64+24`
 .Lctr32_body:
 
 	#movdqa	.Lsigma(%rip),%xmm0
@@ -388,14 +396,22 @@ $code.=<<___;
 .Ldone:
 	lea	64+24+48(%rsp),%rsi
 	mov	-48(%rsi),%r15
+.cfi_restore	r15
 	mov	-40(%rsi),%r14
+.cfi_restore	r14
 	mov	-32(%rsi),%r13
+.cfi_restore	r13
 	mov	-24(%rsi),%r12
+.cfi_restore	r12
 	mov	-16(%rsi),%rbp
+.cfi_restore	rbp
 	mov	-8(%rsi),%rbx
+.cfi_restore	rbx
 	lea	(%rsi),%rsp
+.cfi_adjust_cfa_offset	`-64-24-48`
 .Lno_data:
 	ret
+.cfi_endproc
 .size	ChaCha20_ctr32,.-ChaCha20_ctr32
 ___
 
@@ -435,7 +451,9 @@ $code.=<<___;
 .align	32
 ChaCha20_ssse3:
 .LChaCha20_ssse3:
+.cfi_startproc
 	mov	%rsp,%r9		# frame pointer
+.cfi_def_cfa_register	r9
 ___
 $code.=<<___;
 	cmp	\$128,$len		# we might throw away some data,
@@ -547,8 +565,10 @@ $code.=<<___	if ($win64);
 ___
 $code.=<<___;
 	lea	(%r9),%rsp
+.cfi_def_cfa_register	rsp
 .Lssse3_epilogue:
 	ret
+.cfi_endproc
 .size	ChaCha20_ssse3,.-ChaCha20_ssse3
 ___
 }
@@ -691,7 +711,9 @@ $code.=<<___;
 .align	32
 ChaCha20_4x:
 .LChaCha20_4x:
+.cfi_startproc
 	mov		%rsp,%r9		# frame pointer
+.cfi_def_cfa_register	r9
 	mov		%r10,%r11
 ___
 $code.=<<___	if ($avx>1);
@@ -1131,8 +1153,10 @@ $code.=<<___	if ($win64);
 ___
 $code.=<<___;
 	lea		(%r9),%rsp
+.cfi_def_cfa_register	rsp
 .L4x_epilogue:
 	ret
+.cfi_endproc
 .size	ChaCha20_4x,.-ChaCha20_4x
 ___
 }
@@ -1266,7 +1290,9 @@ $code.=<<___;
 .align	32
 ChaCha20_8x:
 .LChaCha20_8x:
+.cfi_startproc
 	mov		%rsp,%r9		# frame register
+.cfi_def_cfa_register	r9
 	sub		\$0x280+$xframe,%rsp
 	and		\$-32,%rsp
 ___
@@ -1772,8 +1798,10 @@ $code.=<<___	if ($win64);
 ___
 $code.=<<___;
 	lea		(%r9),%rsp
+.cfi_def_cfa_register	rsp
 .L8x_epilogue:
 	ret
+.cfi_endproc
 .size	ChaCha20_8x,.-ChaCha20_8x
 ___
 }
@@ -1811,7 +1839,9 @@ $code.=<<___;
 .align	32
 ChaCha20_avx512:
 .LChaCha20_avx512:
+.cfi_startproc
 	mov	%rsp,%r9		# frame pointer
+.cfi_def_cfa_register	r9
 	cmp	\$512,$len
 	ja	.LChaCha20_16x
 
@@ -1991,8 +2021,10 @@ $code.=<<___	if ($win64);
 ___
 $code.=<<___;
 	lea	(%r9),%rsp
+.cfi_def_cfa_register	rsp
 .Lavx512_epilogue:
 	ret
+.cfi_endproc
 .size	ChaCha20_avx512,.-ChaCha20_avx512
 ___
 }
@@ -2075,7 +2107,9 @@ $code.=<<___;
 .align	32
 ChaCha20_16x:
 .LChaCha20_16x:
+.cfi_startproc
 	mov		%rsp,%r9		# frame register
+.cfi_def_cfa_register	r9
 	sub		\$64+$xframe,%rsp
 	and		\$-64,%rsp
 ___
@@ -2493,8 +2527,10 @@ $code.=<<___	if ($win64);
 ___
 $code.=<<___;
 	lea		(%r9),%rsp
+.cfi_def_cfa_register	rsp
 .L16x_epilogue:
 	ret
+.cfi_endproc
 .size	ChaCha20_16x,.-ChaCha20_16x
 ___
 }
@@ -2746,4 +2782,4 @@ foreach (split("\n",$code)) {
 	print $_,"\n";
 }
 
-close STDOUT;
+close STDOUT or die "error closing STDOUT";

crypto/chacha/chacha.c

@@ -64,13 +64,7 @@ void CRYPTO_hchacha20(uint8_t out[32], const uint8_t key[32],
   OPENSSL_memcpy(&out[16], &x[12], sizeof(uint32_t) * 4);
 }
 
-#if !defined(OPENSSL_NO_ASM) &&                         \
-    (defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
-     defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64))
-
-// ChaCha20_ctr32 is defined in asm/chacha-*.pl.
-void ChaCha20_ctr32(uint8_t *out, const uint8_t *in, size_t in_len,
-                    const uint32_t key[8], const uint32_t counter[4]);
+#if defined(CHACHA20_ASM)
 
 void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, size_t in_len,
                       const uint8_t key[32], const uint8_t nonce[12],

crypto/chacha/chacha_test.cc

@@ -23,7 +23,9 @@
 #include <openssl/crypto.h>
 #include <openssl/chacha.h>
 
+#include "internal.h"
 #include "../internal.h"
+#include "../test/abi_test.h"
 #include "../test/test_util.h"
 
 
@@ -234,3 +236,25 @@ TEST(ChaChaTest, TestVector) {
     EXPECT_EQ(Bytes(kOutput, len), Bytes(buf.get(), len));
   }
 }
+
+#if defined(CHACHA20_ASM) && defined(SUPPORTS_ABI_TEST)
+TEST(ChaChaTest, ABI) {
+  uint32_t key[8];
+  OPENSSL_memcpy(key, kKey, sizeof(key));
+
+  static const uint32_t kCounterNonce[4] = {0};
+
+  std::unique_ptr<uint8_t[]> buf(new uint8_t[sizeof(kInput)]);
+  for (size_t len = 0; len <= 32; len++) {
+    SCOPED_TRACE(len);
+    CHECK_ABI(ChaCha20_ctr32, buf.get(), kInput, len, key, kCounterNonce);
+  }
+
+  for (size_t len : {32 * 2, 32 * 4, 32 * 8, 32 * 16, 32 * 24}) {
+    SCOPED_TRACE(len);
+    CHECK_ABI(ChaCha20_ctr32, buf.get(), kInput, len, key, kCounterNonce);
+    // Cover the partial block paths.
+    CHECK_ABI(ChaCha20_ctr32, buf.get(), kInput, len + 15, key, kCounterNonce);
+  }
+}
+#endif  // CHACHA20_ASM && SUPPORTS_ABI_TEST

crypto/chacha/internal.h

@@ -27,6 +27,16 @@ extern "C" {
 void CRYPTO_hchacha20(uint8_t out[32], const uint8_t key[32],
                       const uint8_t nonce[16]);
 
+#if !defined(OPENSSL_NO_ASM) &&                         \
+    (defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
+     defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64))
+#define CHACHA20_ASM
+
+// ChaCha20_ctr32 is defined in asm/chacha-*.pl.
+void ChaCha20_ctr32(uint8_t *out, const uint8_t *in, size_t in_len,
+                    const uint32_t key[8], const uint32_t counter[4]);
+#endif
+
 
 #if defined(__cplusplus)
 }  // extern C

crypto/cipher_extra/CMakeLists.txt

@@ -1,35 +0,0 @@
-include_directories(../../include)
-
-if(${ARCH} STREQUAL "x86_64")
-  set(
-    CIPHER_ARCH_SOURCES
-
-    aes128gcmsiv-x86_64.${ASM_EXT}
-    chacha20_poly1305_x86_64.${ASM_EXT}
-  )
-endif()
-
-add_library(
-  cipher_extra
-
-  OBJECT
-
-  cipher_extra.c
-  derive_key.c
-
-  e_null.c
-  e_rc2.c
-  e_rc4.c
-  e_aesgcmsiv.c
-  e_aesctrhmac.c
-  e_aesccm.c
-  e_chacha20poly1305.c
-
-  tls_cbc.c
-  e_tls.c
-
-  ${CIPHER_ARCH_SOURCES}
-)
-
-perlasm(aes128gcmsiv-x86_64.${ASM_EXT} asm/aes128gcmsiv-x86_64.pl)
-perlasm(chacha20_poly1305_x86_64.${ASM_EXT} asm/chacha20_poly1305_x86_64.pl)

crypto/cipher_extra/aead_test.cc

@@ -42,58 +42,60 @@ struct KnownAEAD {
   // truncated_tags is true if the AEAD supports truncating tags to arbitrary
   // lengths.
   bool truncated_tags;
+  // variable_nonce is true if the AEAD supports a variable nonce length.
+  bool variable_nonce;
   // ad_len, if non-zero, is the required length of the AD.
   size_t ad_len;
 };
 
 static const struct KnownAEAD kAEADs[] = {
     {"AES_128_GCM", EVP_aead_aes_128_gcm, "aes_128_gcm_tests.txt", false, true,
-     0},
+     true, 0},
     {"AES_128_GCM_NIST", EVP_aead_aes_128_gcm, "nist_cavp/aes_128_gcm.txt",
-     false, true, 0},
+     false, true, true, 0},
+    {"AES_192_GCM", EVP_aead_aes_192_gcm, "aes_192_gcm_tests.txt", false, true,
+     true, 0},
     {"AES_256_GCM", EVP_aead_aes_256_gcm, "aes_256_gcm_tests.txt", false, true,
-     0},
+     true, 0},
     {"AES_256_GCM_NIST", EVP_aead_aes_256_gcm, "nist_cavp/aes_256_gcm.txt",
-     false, true, 0},
-#if !defined(OPENSSL_SMALL)
+     false, true, true, 0},
     {"AES_128_GCM_SIV", EVP_aead_aes_128_gcm_siv, "aes_128_gcm_siv_tests.txt",
-     false, false, 0},
+     false, false, false, 0},
     {"AES_256_GCM_SIV", EVP_aead_aes_256_gcm_siv, "aes_256_gcm_siv_tests.txt",
-     false, false, 0},
-#endif
+     false, false, false, 0},
     {"ChaCha20Poly1305", EVP_aead_chacha20_poly1305,
-     "chacha20_poly1305_tests.txt", false, true, 0},
+     "chacha20_poly1305_tests.txt", false, true, false, 0},
     {"XChaCha20Poly1305", EVP_aead_xchacha20_poly1305,
-     "xchacha20_poly1305_tests.txt", false, true, 0},
+     "xchacha20_poly1305_tests.txt", false, true, false, 0},
     {"AES_128_CBC_SHA1_TLS", EVP_aead_aes_128_cbc_sha1_tls,
-     "aes_128_cbc_sha1_tls_tests.txt", true, false, 11},
+     "aes_128_cbc_sha1_tls_tests.txt", true, false, false, 11},
     {"AES_128_CBC_SHA1_TLSImplicitIV",
      EVP_aead_aes_128_cbc_sha1_tls_implicit_iv,
-     "aes_128_cbc_sha1_tls_implicit_iv_tests.txt", true, false, 11},
+     "aes_128_cbc_sha1_tls_implicit_iv_tests.txt", true, false, false, 11},
     {"AES_128_CBC_SHA256_TLS", EVP_aead_aes_128_cbc_sha256_tls,
-     "aes_128_cbc_sha256_tls_tests.txt", true, false, 11},
+     "aes_128_cbc_sha256_tls_tests.txt", true, false, false, 11},
     {"AES_256_CBC_SHA1_TLS", EVP_aead_aes_256_cbc_sha1_tls,
-     "aes_256_cbc_sha1_tls_tests.txt", true, false, 11},
+     "aes_256_cbc_sha1_tls_tests.txt", true, false, false, 11},
     {"AES_256_CBC_SHA1_TLSImplicitIV",
      EVP_aead_aes_256_cbc_sha1_tls_implicit_iv,
-     "aes_256_cbc_sha1_tls_implicit_iv_tests.txt", true, false, 11},
+     "aes_256_cbc_sha1_tls_implicit_iv_tests.txt", true, false, false, 11},
     {"AES_256_CBC_SHA256_TLS", EVP_aead_aes_256_cbc_sha256_tls,
-     "aes_256_cbc_sha256_tls_tests.txt", true, false, 11},
+     "aes_256_cbc_sha256_tls_tests.txt", true, false, false, 11},
     {"AES_256_CBC_SHA384_TLS", EVP_aead_aes_256_cbc_sha384_tls,
-     "aes_256_cbc_sha384_tls_tests.txt", true, false, 11},
+     "aes_256_cbc_sha384_tls_tests.txt", true, false, false, 11},
     {"DES_EDE3_CBC_SHA1_TLS", EVP_aead_des_ede3_cbc_sha1_tls,
-     "des_ede3_cbc_sha1_tls_tests.txt", true, false, 11},
+     "des_ede3_cbc_sha1_tls_tests.txt", true, false, false, 11},
     {"DES_EDE3_CBC_SHA1_TLSImplicitIV",
      EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv,
-     "des_ede3_cbc_sha1_tls_implicit_iv_tests.txt", true, false, 11},
+     "des_ede3_cbc_sha1_tls_implicit_iv_tests.txt", true, false, false, 11},
     {"AES_128_CTR_HMAC_SHA256", EVP_aead_aes_128_ctr_hmac_sha256,
-     "aes_128_ctr_hmac_sha256.txt", false, true, 0},
+     "aes_128_ctr_hmac_sha256.txt", false, true, false, 0},
     {"AES_256_CTR_HMAC_SHA256", EVP_aead_aes_256_ctr_hmac_sha256,
-     "aes_256_ctr_hmac_sha256.txt", false, true, 0},
+     "aes_256_ctr_hmac_sha256.txt", false, true, false, 0},
     {"AES_128_CCM_BLUETOOTH", EVP_aead_aes_128_ccm_bluetooth,
-     "aes_128_ccm_bluetooth_tests.txt", false, false, 0},
+     "aes_128_ccm_bluetooth_tests.txt", false, false, false, 0},
     {"AES_128_CCM_BLUETOOTH_8", EVP_aead_aes_128_ccm_bluetooth_8,
-     "aes_128_ccm_bluetooth_8_tests.txt", false, false, 0},
+     "aes_128_ccm_bluetooth_8_tests.txt", false, false, false, 0},
 };
 
 class PerAEADTest : public testing::TestWithParam<KnownAEAD> {
@@ -101,9 +103,9 @@ class PerAEADTest : public testing::TestWithParam<KnownAEAD> {
   const EVP_AEAD *aead() { return GetParam().func(); }
 };
 
-INSTANTIATE_TEST_CASE_P(, PerAEADTest, testing::ValuesIn(kAEADs),
-                        [](const testing::TestParamInfo<KnownAEAD> &params)
-                            -> std::string { return params.param.name; });
+INSTANTIATE_TEST_SUITE_P(All, PerAEADTest, testing::ValuesIn(kAEADs),
+                         [](const testing::TestParamInfo<KnownAEAD> &params)
+                             -> std::string { return params.param.name; });
 
 // Tests an AEAD against a series of test vectors from a file, using the
 // FileTest format. As an example, here's a valid test case:
@@ -607,50 +609,59 @@ TEST_P(PerAEADTest, Overflow) {
   // as the input.)
 }
 
-// Test that EVP_aead_aes_128_gcm and EVP_aead_aes_256_gcm reject empty nonces.
-// AES-GCM is not defined for those.
-TEST(AEADTest, AESGCMEmptyNonce) {
-  static const uint8_t kZeros[32] = {0};
+TEST_P(PerAEADTest, InvalidNonceLength) {
+  size_t valid_nonce_len = EVP_AEAD_nonce_length(aead());
+  std::vector<size_t> nonce_lens;
+  if (valid_nonce_len != 0) {
+    // Other than the implicit IV TLS "AEAD"s, none of our AEADs allow empty
+    // nonces. In particular, although AES-GCM was incorrectly specified with
+    // variable-length nonces, it does not allow the empty nonce.
+    nonce_lens.push_back(0);
+  }
+  if (!GetParam().variable_nonce) {
+    nonce_lens.push_back(valid_nonce_len + 1);
+    if (valid_nonce_len != 0) {
+      nonce_lens.push_back(valid_nonce_len - 1);
+    }
+  }
 
-  // Test AES-128-GCM.
-  uint8_t buf[16];
-  size_t len;
-  bssl::ScopedEVP_AEAD_CTX ctx;
-  ASSERT_TRUE(EVP_AEAD_CTX_init(ctx.get(), EVP_aead_aes_128_gcm(), kZeros, 16,
-                                EVP_AEAD_DEFAULT_TAG_LENGTH, nullptr));
+  static const uint8_t kZeros[EVP_AEAD_MAX_KEY_LENGTH] = {0};
+  const size_t ad_len = GetParam().ad_len != 0 ? GetParam().ad_len : 16;
+  ASSERT_LE(ad_len, sizeof(kZeros));
 
-  EXPECT_FALSE(EVP_AEAD_CTX_seal(ctx.get(), buf, &len, sizeof(buf),
-                                 nullptr /* nonce */, 0, nullptr /* in */, 0,
-                                 nullptr /* ad */, 0));
-  uint32_t err = ERR_get_error();
-  EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
-  EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
+  for (size_t nonce_len : nonce_lens) {
+    SCOPED_TRACE(nonce_len);
+    uint8_t buf[256];
+    size_t len;
+    std::vector<uint8_t> nonce(nonce_len);
+    bssl::ScopedEVP_AEAD_CTX ctx;
+    ASSERT_TRUE(EVP_AEAD_CTX_init_with_direction(
+        ctx.get(), aead(), kZeros, EVP_AEAD_key_length(aead()),
+        EVP_AEAD_DEFAULT_TAG_LENGTH, evp_aead_seal));
 
-  EXPECT_FALSE(EVP_AEAD_CTX_open(ctx.get(), buf, &len, sizeof(buf),
-                                 nullptr /* nonce */, 0, kZeros /* in */,
-                                 sizeof(kZeros), nullptr /* ad */, 0));
-  err = ERR_get_error();
-  EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
-  EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
+    EXPECT_FALSE(EVP_AEAD_CTX_seal(ctx.get(), buf, &len, sizeof(buf),
+                                   nonce.data(), nonce.size(), nullptr /* in */,
+                                   0, kZeros /* ad */, ad_len));
+    uint32_t err = ERR_get_error();
+    EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
+    // TODO(davidben): Merge these errors. https://crbug.com/boringssl/129.
+    if (ERR_GET_REASON(err) != CIPHER_R_UNSUPPORTED_NONCE_SIZE) {
+      EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
+    }
 
-  // Test AES-256-GCM.
-  ctx.Reset();
-  ASSERT_TRUE(EVP_AEAD_CTX_init(ctx.get(), EVP_aead_aes_256_gcm(), kZeros, 32,
-                                EVP_AEAD_DEFAULT_TAG_LENGTH, nullptr));
-
-  EXPECT_FALSE(EVP_AEAD_CTX_seal(ctx.get(), buf, &len, sizeof(buf),
-                                 nullptr /* nonce */, 0, nullptr /* in */, 0,
-                                 nullptr /* ad */, 0));
-  err = ERR_get_error();
-  EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
-  EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
-
-  EXPECT_FALSE(EVP_AEAD_CTX_open(ctx.get(), buf, &len, sizeof(buf),
-                                 nullptr /* nonce */, 0, kZeros /* in */,
-                                 sizeof(kZeros), nullptr /* ad */, 0));
-  err = ERR_get_error();
-  EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
-  EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
+    ctx.Reset();
+    ASSERT_TRUE(EVP_AEAD_CTX_init_with_direction(
+        ctx.get(), aead(), kZeros, EVP_AEAD_key_length(aead()),
+        EVP_AEAD_DEFAULT_TAG_LENGTH, evp_aead_open));
+    EXPECT_FALSE(EVP_AEAD_CTX_open(ctx.get(), buf, &len, sizeof(buf),
+                                   nonce.data(), nonce.size(), kZeros /* in */,
+                                   sizeof(kZeros), kZeros /* ad */, ad_len));
+    err = ERR_get_error();
+    EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
+    if (ERR_GET_REASON(err) != CIPHER_R_UNSUPPORTED_NONCE_SIZE) {
+      EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
+    }
+  }
 }
 
 TEST(AEADTest, AESCCMLargeAD) {
@@ -792,9 +803,8 @@ TEST(AEADTest, WycheproofAESGCM) {
         aead = EVP_aead_aes_128_gcm();
         break;
       case 192:
-        // Skip AES-192-GCM tests.
-        t->SkipCurrent();
-        return;
+        aead = EVP_aead_aes_192_gcm();
+        break;
       case 256:
         aead = EVP_aead_aes_256_gcm();
         break;

crypto/cipher_extra/asm/aes128gcmsiv-x86_64.pl

@@ -2253,4 +2253,4 @@ aes256gcmsiv_kdf();
 
 print $code;
 
-close STDOUT;
+close STDOUT or die "error closing STDOUT";

crypto/cipher_extra/asm/chacha20_poly1305_x86_64.pl

@@ -2478,6 +2478,7 @@ if (!$win64) {
   print $code;
 } else {
   print <<___;
+.text
 .globl dummy_chacha20_poly1305_asm
 .type dummy_chacha20_poly1305_asm,\@abi-omnipotent
 dummy_chacha20_poly1305_asm:
@@ -2485,4 +2486,4 @@ dummy_chacha20_poly1305_asm:
 ___
 }
 
-close STDOUT;
+close STDOUT or die "error closing STDOUT";

crypto/cipher_extra/cipher_extra.c

@@ -129,6 +129,14 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) {
     return EVP_aes_192_ofb();
   } else if (OPENSSL_strcasecmp(name, "aes-256-ofb") == 0) {
     return EVP_aes_256_ofb();
+  } else if (OPENSSL_strcasecmp(name, "des-ecb") == 0) {
+    return EVP_des_ecb();
+  } else if (OPENSSL_strcasecmp(name, "des-ede") == 0) {
+    return EVP_des_ede();
+  } else if (OPENSSL_strcasecmp(name, "des-ede-cbc") == 0) {
+    return EVP_des_ede_cbc();
+  } else if (OPENSSL_strcasecmp(name, "rc2-cbc") == 0) {
+    return EVP_rc2_cbc();
   }
 
   return NULL;

crypto/cipher_extra/cipher_test.cc

@@ -150,7 +150,8 @@ static bool DoCipher(EVP_CIPHER_CTX *ctx, std::vector<uint8_t> *out,
 }
 
 static void TestOperation(FileTest *t, const EVP_CIPHER *cipher, bool encrypt,
-                          size_t chunk_size, const std::vector<uint8_t> &key,
+                          bool copy, size_t chunk_size,
+                          const std::vector<uint8_t> &key,
                           const std::vector<uint8_t> &iv,
                           const std::vector<uint8_t> &plaintext,
                           const std::vector<uint8_t> &ciphertext,
@@ -167,45 +168,52 @@ static void TestOperation(FileTest *t, const EVP_CIPHER *cipher, bool encrypt,
 
   bool is_aead = EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE;
 
-  bssl::ScopedEVP_CIPHER_CTX ctx;
-  ASSERT_TRUE(EVP_CipherInit_ex(ctx.get(), cipher, nullptr, nullptr, nullptr,
-                         encrypt ? 1 : 0));
+  bssl::ScopedEVP_CIPHER_CTX ctx1;
+  ASSERT_TRUE(EVP_CipherInit_ex(ctx1.get(), cipher, nullptr, nullptr, nullptr,
+                                encrypt ? 1 : 0));
   if (t->HasAttribute("IV")) {
     if (is_aead) {
-      ASSERT_TRUE(EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_AEAD_SET_IVLEN,
+      ASSERT_TRUE(EVP_CIPHER_CTX_ctrl(ctx1.get(), EVP_CTRL_AEAD_SET_IVLEN,
                                       iv.size(), 0));
     } else {
-      ASSERT_EQ(iv.size(), EVP_CIPHER_CTX_iv_length(ctx.get()));
+      ASSERT_EQ(iv.size(), EVP_CIPHER_CTX_iv_length(ctx1.get()));
     }
   }
+
+  bssl::ScopedEVP_CIPHER_CTX ctx2;
+  EVP_CIPHER_CTX *ctx = ctx1.get();
+  if (copy) {
+    ASSERT_TRUE(EVP_CIPHER_CTX_copy(ctx2.get(), ctx1.get()));
+    ctx = ctx2.get();
+  }
+
   if (is_aead && !encrypt) {
-    ASSERT_TRUE(EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_AEAD_SET_TAG,
-                                    tag.size(),
+    ASSERT_TRUE(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag.size(),
                                     const_cast<uint8_t *>(tag.data())));
   }
   // The ciphers are run with no padding. For each of the ciphers we test, the
   // output size matches the input size.
   ASSERT_EQ(in->size(), out->size());
-  ASSERT_TRUE(EVP_CIPHER_CTX_set_key_length(ctx.get(), key.size()));
-  ASSERT_TRUE(EVP_CipherInit_ex(ctx.get(), nullptr, nullptr, key.data(),
-                                iv.data(), -1));
+  ASSERT_TRUE(EVP_CIPHER_CTX_set_key_length(ctx, key.size()));
+  ASSERT_TRUE(
+      EVP_CipherInit_ex(ctx, nullptr, nullptr, key.data(), iv.data(), -1));
   // Note: the deprecated |EVP_CIPHER|-based AEAD API is sensitive to whether
   // parameters are NULL, so it is important to skip the |in| and |aad|
   // |EVP_CipherUpdate| calls when empty.
   if (!aad.empty()) {
     int unused;
     ASSERT_TRUE(
-        EVP_CipherUpdate(ctx.get(), nullptr, &unused, aad.data(), aad.size()));
+        EVP_CipherUpdate(ctx, nullptr, &unused, aad.data(), aad.size()));
   }
-  ASSERT_TRUE(EVP_CIPHER_CTX_set_padding(ctx.get(), 0));
+  ASSERT_TRUE(EVP_CIPHER_CTX_set_padding(ctx, 0));
   std::vector<uint8_t> result;
-  ASSERT_TRUE(DoCipher(ctx.get(), &result, *in, chunk_size));
+  ASSERT_TRUE(DoCipher(ctx, &result, *in, chunk_size));
   EXPECT_EQ(Bytes(*out), Bytes(result));
   if (encrypt && is_aead) {
     uint8_t rtag[16];
     ASSERT_LE(tag.size(), sizeof(rtag));
-    ASSERT_TRUE(EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_AEAD_GET_TAG,
-                                    tag.size(), rtag));
+    ASSERT_TRUE(
+        EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tag.size(), rtag));
     EXPECT_EQ(Bytes(tag), Bytes(rtag, tag.size()));
   }
 }
@@ -252,14 +260,18 @@ static void TestCipher(FileTest *t) {
     // By default, both directions are run, unless overridden by the operation.
     if (operation != kDecrypt) {
       SCOPED_TRACE("encrypt");
-      TestOperation(t, cipher, true /* encrypt */, chunk_size, key, iv,
-                    plaintext, ciphertext, aad, tag);
+      TestOperation(t, cipher, true /* encrypt */, false /* no copy */,
+                    chunk_size, key, iv, plaintext, ciphertext, aad, tag);
+      TestOperation(t, cipher, true /* encrypt */, true /* copy */, chunk_size,
+                    key, iv, plaintext, ciphertext, aad, tag);
     }
 
     if (operation != kEncrypt) {
       SCOPED_TRACE("decrypt");
-      TestOperation(t, cipher, false /* decrypt */, chunk_size, key, iv,
-                    plaintext, ciphertext, aad, tag);
+      TestOperation(t, cipher, false /* decrypt */, false /* no copy */,
+                    chunk_size, key, iv, plaintext, ciphertext, aad, tag);
+      TestOperation(t, cipher, false /* decrypt */, true /* copy */, chunk_size,
+                    key, iv, plaintext, ciphertext, aad, tag);
     }
   }
 }

crypto/cipher_extra/e_aesccm.c

@@ -1,21 +1,56 @@
-/* Copyright (c) 2018, Google Inc.
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
  *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
  *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ==================================================================== */
 
 #include <openssl/aead.h>
 
 #include <assert.h>
 
+#include <openssl/cpu.h>
 #include <openssl/cipher.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
@@ -23,6 +58,213 @@
 #include "../fipsmodule/cipher/internal.h"
 
 
+struct ccm128_context {
+  block128_f block;
+  ctr128_f ctr;
+  unsigned M, L;
+};
+
+struct ccm128_state {
+  union {
+    uint64_t u[2];
+    uint8_t c[16];
+  } nonce, cmac;
+};
+
+static int CRYPTO_ccm128_init(struct ccm128_context *ctx, const AES_KEY *key,
+                              block128_f block, ctr128_f ctr, unsigned M,
+                              unsigned L) {
+  if (M < 4 || M > 16 || (M & 1) != 0 || L < 2 || L > 8) {
+    return 0;
+  }
+  ctx->block = block;
+  ctx->ctr = ctr;
+  ctx->M = M;
+  ctx->L = L;
+  return 1;
+}
+
+static size_t CRYPTO_ccm128_max_input(const struct ccm128_context *ctx) {
+  return ctx->L >= sizeof(size_t) ? (size_t)-1
+                                  : (((size_t)1) << (ctx->L * 8)) - 1;
+}
+
+static int ccm128_init_state(const struct ccm128_context *ctx,
+                             struct ccm128_state *state, const AES_KEY *key,
+                             const uint8_t *nonce, size_t nonce_len,
+                             const uint8_t *aad, size_t aad_len,
+                             size_t plaintext_len) {
+  const block128_f block = ctx->block;
+  const unsigned M = ctx->M;
+  const unsigned L = ctx->L;
+
+  // |L| determines the expected |nonce_len| and the limit for |plaintext_len|.
+  if (plaintext_len > CRYPTO_ccm128_max_input(ctx) ||
+      nonce_len != 15 - L) {
+    return 0;
+  }
+
+  // Assemble the first block for computing the MAC.
+  OPENSSL_memset(state, 0, sizeof(*state));
+  state->nonce.c[0] = (uint8_t)((L - 1) | ((M - 2) / 2) << 3);
+  if (aad_len != 0) {
+    state->nonce.c[0] |= 0x40;  // Set AAD Flag
+  }
+  OPENSSL_memcpy(&state->nonce.c[1], nonce, nonce_len);
+  for (unsigned i = 0; i < L; i++) {
+    state->nonce.c[15 - i] = (uint8_t)(plaintext_len >> (8 * i));
+  }
+
+  (*block)(state->nonce.c, state->cmac.c, key);
+  size_t blocks = 1;
+
+  if (aad_len != 0) {
+    unsigned i;
+    // Cast to u64 to avoid the compiler complaining about invalid shifts.
+    uint64_t aad_len_u64 = aad_len;
+    if (aad_len_u64 < 0x10000 - 0x100) {
+      state->cmac.c[0] ^= (uint8_t)(aad_len_u64 >> 8);
+      state->cmac.c[1] ^= (uint8_t)aad_len_u64;
+      i = 2;
+    } else if (aad_len_u64 <= 0xffffffff) {
+      state->cmac.c[0] ^= 0xff;
+      state->cmac.c[1] ^= 0xfe;
+      state->cmac.c[2] ^= (uint8_t)(aad_len_u64 >> 24);
+      state->cmac.c[3] ^= (uint8_t)(aad_len_u64 >> 16);
+      state->cmac.c[4] ^= (uint8_t)(aad_len_u64 >> 8);
+      state->cmac.c[5] ^= (uint8_t)aad_len_u64;
+      i = 6;
+    } else {
+      state->cmac.c[0] ^= 0xff;
+      state->cmac.c[1] ^= 0xff;
+      state->cmac.c[2] ^= (uint8_t)(aad_len_u64 >> 56);
+      state->cmac.c[3] ^= (uint8_t)(aad_len_u64 >> 48);
+      state->cmac.c[4] ^= (uint8_t)(aad_len_u64 >> 40);
+      state->cmac.c[5] ^= (uint8_t)(aad_len_u64 >> 32);
+      state->cmac.c[6] ^= (uint8_t)(aad_len_u64 >> 24);
+      state->cmac.c[7] ^= (uint8_t)(aad_len_u64 >> 16);
+      state->cmac.c[8] ^= (uint8_t)(aad_len_u64 >> 8);
+      state->cmac.c[9] ^= (uint8_t)aad_len_u64;
+      i = 10;
+    }
+
+    do {
+      for (; i < 16 && aad_len != 0; i++) {
+        state->cmac.c[i] ^= *aad;
+        aad++;
+        aad_len--;
+      }
+      (*block)(state->cmac.c, state->cmac.c, key);
+      blocks++;
+      i = 0;
+    } while (aad_len != 0);
+  }
+
+  // Per RFC 3610, section 2.6, the total number of block cipher operations done
+  // must not exceed 2^61. There are two block cipher operations remaining per
+  // message block, plus one block at the end to encrypt the MAC.
+  size_t remaining_blocks = 2 * ((plaintext_len + 15) / 16) + 1;
+  if (plaintext_len + 15 < plaintext_len ||
+      remaining_blocks + blocks < blocks ||
+      (uint64_t) remaining_blocks + blocks > UINT64_C(1) << 61) {
+    return 0;
+  }
+
+  // Assemble the first block for encrypting and decrypting. The bottom |L|
+  // bytes are replaced with a counter and all bit the encoding of |L| is
+  // cleared in the first byte.
+  state->nonce.c[0] &= 7;
+  return 1;
+}
+
+static int ccm128_encrypt(const struct ccm128_context *ctx,
+                          struct ccm128_state *state, const AES_KEY *key,
+                          uint8_t *out, const uint8_t *in, size_t len) {
+  // The counter for encryption begins at one.
+  for (unsigned i = 0; i < ctx->L; i++) {
+    state->nonce.c[15 - i] = 0;
+  }
+  state->nonce.c[15] = 1;
+
+  uint8_t partial_buf[16];
+  unsigned num = 0;
+  if (ctx->ctr != NULL) {
+    CRYPTO_ctr128_encrypt_ctr32(in, out, len, key, state->nonce.c, partial_buf,
+                                &num, ctx->ctr);
+  } else {
+    CRYPTO_ctr128_encrypt(in, out, len, key, state->nonce.c, partial_buf, &num,
+                          ctx->block);
+  }
+  return 1;
+}
+
+static int ccm128_compute_mac(const struct ccm128_context *ctx,
+                              struct ccm128_state *state, const AES_KEY *key,
+                              uint8_t *out_tag, size_t tag_len,
+                              const uint8_t *in, size_t len) {
+  block128_f block = ctx->block;
+  if (tag_len != ctx->M) {
+    return 0;
+  }
+
+  // Incorporate |in| into the MAC.
+  union {
+    uint64_t u[2];
+    uint8_t c[16];
+  } tmp;
+  while (len >= 16) {
+    OPENSSL_memcpy(tmp.c, in, 16);
+    state->cmac.u[0] ^= tmp.u[0];
+    state->cmac.u[1] ^= tmp.u[1];
+    (*block)(state->cmac.c, state->cmac.c, key);
+    in += 16;
+    len -= 16;
+  }
+  if (len > 0) {
+    for (size_t i = 0; i < len; i++) {
+      state->cmac.c[i] ^= in[i];
+    }
+    (*block)(state->cmac.c, state->cmac.c, key);
+  }
+
+  // Encrypt the MAC with counter zero.
+  for (unsigned i = 0; i < ctx->L; i++) {
+    state->nonce.c[15 - i] = 0;
+  }
+  (*block)(state->nonce.c, tmp.c, key);
+  state->cmac.u[0] ^= tmp.u[0];
+  state->cmac.u[1] ^= tmp.u[1];
+
+  OPENSSL_memcpy(out_tag, state->cmac.c, tag_len);
+  return 1;
+}
+
+static int CRYPTO_ccm128_encrypt(const struct ccm128_context *ctx,
+                                 const AES_KEY *key, uint8_t *out,
+                                 uint8_t *out_tag, size_t tag_len,
+                                 const uint8_t *nonce, size_t nonce_len,
+                                 const uint8_t *in, size_t len,
+                                 const uint8_t *aad, size_t aad_len) {
+  struct ccm128_state state;
+  return ccm128_init_state(ctx, &state, key, nonce, nonce_len, aad, aad_len,
+                           len) &&
+         ccm128_compute_mac(ctx, &state, key, out_tag, tag_len, in, len) &&
+         ccm128_encrypt(ctx, &state, key, out, in, len);
+}
+
+static int CRYPTO_ccm128_decrypt(const struct ccm128_context *ctx,
+                                 const AES_KEY *key, uint8_t *out,
+                                 uint8_t *out_tag, size_t tag_len,
+                                 const uint8_t *nonce, size_t nonce_len,
+                                 const uint8_t *in, size_t len,
+                                 const uint8_t *aad, size_t aad_len) {
+  struct ccm128_state state;
+  return ccm128_init_state(ctx, &state, key, nonce, nonce_len, aad, aad_len,
+                           len) &&
+         ccm128_encrypt(ctx, &state, key, out, in, len) &&
+         ccm128_compute_mac(ctx, &state, key, out_tag, tag_len, out, len);
+}
+
 #define EVP_AEAD_AES_CCM_MAX_TAG_LEN 16
 
 struct aead_aes_ccm_ctx {
@@ -30,9 +272,18 @@ struct aead_aes_ccm_ctx {
     double align;
     AES_KEY ks;
   } ks;
-  CCM128_CONTEXT ccm;
+  struct ccm128_context ccm;
 };
 
+OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+                          sizeof(struct aead_aes_ccm_ctx),
+                      "AEAD state is too small");
+#if defined(__GNUC__) || defined(__clang__)
+OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
+                          alignof(struct aead_aes_ccm_ctx),
+                      "AEAD state has insufficient alignment");
+#endif
+
 static int aead_aes_ccm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
                              size_t key_len, size_t tag_len, unsigned M,
                              unsigned L) {
@@ -54,36 +305,28 @@ static int aead_aes_ccm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
     return 0;
   }
 
-  struct aead_aes_ccm_ctx *ccm_ctx =
-      OPENSSL_malloc(sizeof(struct aead_aes_ccm_ctx));
-  if (ccm_ctx == NULL) {
-    OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
-    return 0;
-  }
+  struct aead_aes_ccm_ctx *ccm_ctx = (struct aead_aes_ccm_ctx *)&ctx->state;
 
   block128_f block;
   ctr128_f ctr = aes_ctr_set_key(&ccm_ctx->ks.ks, NULL, &block, key, key_len);
   ctx->tag_len = tag_len;
   if (!CRYPTO_ccm128_init(&ccm_ctx->ccm, &ccm_ctx->ks.ks, block, ctr, M, L)) {
     OPENSSL_PUT_ERROR(CIPHER, ERR_R_INTERNAL_ERROR);
-    OPENSSL_free(ccm_ctx);
     return 0;
   }
 
-  ctx->aead_state = ccm_ctx;
   return 1;
 }
 
-static void aead_aes_ccm_cleanup(EVP_AEAD_CTX *ctx) {
-  OPENSSL_free(ctx->aead_state);
-}
+static void aead_aes_ccm_cleanup(EVP_AEAD_CTX *ctx) {}
 
 static int aead_aes_ccm_seal_scatter(
     const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag,
     size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
     size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_aes_ccm_ctx *ccm_ctx = ctx->aead_state;
+  const struct aead_aes_ccm_ctx *ccm_ctx =
+      (struct aead_aes_ccm_ctx *)&ctx->state;
 
   if (in_len > CRYPTO_ccm128_max_input(&ccm_ctx->ccm)) {
     OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
@@ -116,7 +359,8 @@ static int aead_aes_ccm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
                                     const uint8_t *in, size_t in_len,
                                     const uint8_t *in_tag, size_t in_tag_len,
                                     const uint8_t *ad, size_t ad_len) {
-  const struct aead_aes_ccm_ctx *ccm_ctx = ctx->aead_state;
+  const struct aead_aes_ccm_ctx *ccm_ctx =
+      (struct aead_aes_ccm_ctx *)&ctx->state;
 
   if (in_len > CRYPTO_ccm128_max_input(&ccm_ctx->ccm)) {
     OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);

crypto/cipher_extra/e_aesctrhmac.c

@@ -35,6 +35,15 @@ struct aead_aes_ctr_hmac_sha256_ctx {
   SHA256_CTX outer_init_state;
 };
 
+OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+                          sizeof(struct aead_aes_ctr_hmac_sha256_ctx),
+                      "AEAD state is too small");
+#if defined(__GNUC__) || defined(__clang__)
+OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
+                          alignof(struct aead_aes_ctr_hmac_sha256_ctx),
+                      "AEAD state has insufficient alignment");
+#endif
+
 static void hmac_init(SHA256_CTX *out_inner, SHA256_CTX *out_outer,
                       const uint8_t hmac_key[32]) {
   static const size_t hmac_key_len = 32;
@@ -61,7 +70,8 @@ static void hmac_init(SHA256_CTX *out_inner, SHA256_CTX *out_outer,
 
 static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
                                          size_t key_len, size_t tag_len) {
-  struct aead_aes_ctr_hmac_sha256_ctx *aes_ctx;
+  struct aead_aes_ctr_hmac_sha256_ctx *aes_ctx =
+      (struct aead_aes_ctr_hmac_sha256_ctx *)&ctx->state;
   static const size_t hmac_key_len = 32;
 
   if (key_len < hmac_key_len) {
@@ -84,26 +94,16 @@ static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
     return 0;
   }
 
-  aes_ctx = OPENSSL_malloc(sizeof(struct aead_aes_ctr_hmac_sha256_ctx));
-  if (aes_ctx == NULL) {
-    OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
-    return 0;
-  }
-
   aes_ctx->ctr =
       aes_ctr_set_key(&aes_ctx->ks.ks, NULL, &aes_ctx->block, key, aes_key_len);
   ctx->tag_len = tag_len;
   hmac_init(&aes_ctx->inner_init_state, &aes_ctx->outer_init_state,
             key + aes_key_len);
 
-  ctx->aead_state = aes_ctx;
-
   return 1;
 }
 
-static void aead_aes_ctr_hmac_sha256_cleanup(EVP_AEAD_CTX *ctx) {
-  OPENSSL_free(ctx->aead_state);
-}
+static void aead_aes_ctr_hmac_sha256_cleanup(EVP_AEAD_CTX *ctx) {}
 
 static void hmac_update_uint64(SHA256_CTX *sha256, uint64_t value) {
   unsigned i;
@@ -178,7 +178,8 @@ static int aead_aes_ctr_hmac_sha256_seal_scatter(
     size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
     size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_aes_ctr_hmac_sha256_ctx *aes_ctx = ctx->aead_state;
+  const struct aead_aes_ctr_hmac_sha256_ctx *aes_ctx =
+      (struct aead_aes_ctr_hmac_sha256_ctx *) &ctx->state;
   const uint64_t in_len_64 = in_len;
 
   if (in_len_64 >= (UINT64_C(1) << 32) * AES_BLOCK_SIZE) {
@@ -212,7 +213,8 @@ static int aead_aes_ctr_hmac_sha256_open_gather(
     const EVP_AEAD_CTX *ctx, uint8_t *out, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *in_tag,
     size_t in_tag_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_aes_ctr_hmac_sha256_ctx *aes_ctx = ctx->aead_state;
+  const struct aead_aes_ctr_hmac_sha256_ctx *aes_ctx =
+      (struct aead_aes_ctr_hmac_sha256_ctx *) &ctx->state;
 
   if (in_tag_len != ctx->tag_len) {
     OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);

crypto/cipher_extra/e_aesgcmsiv.c

@@ -27,28 +27,47 @@
 #define EVP_AEAD_AES_GCM_SIV_NONCE_LEN 12
 #define EVP_AEAD_AES_GCM_SIV_TAG_LEN 16
 
-#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM)
+// TODO(davidben): AES-GCM-SIV assembly is not correct for Windows. It must save
+// and restore xmm6 through xmm15.
+#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) && \
+    !defined(OPENSSL_WINDOWS)
+#define AES_GCM_SIV_ASM
 
 // Optimised AES-GCM-SIV
 
 struct aead_aes_gcm_siv_asm_ctx {
   alignas(16) uint8_t key[16*15];
   int is_128_bit;
-  // ptr contains the original pointer from |OPENSSL_malloc|, which may only be
-  // 8-byte aligned. When freeing this structure, actually call |OPENSSL_free|
-  // on this pointer.
-  void *ptr;
 };
 
+// The assembly code assumes 8-byte alignment of the EVP_AEAD_CTX's state, and
+// aligns to 16 bytes itself.
+OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) + 8 >=
+                          sizeof(struct aead_aes_gcm_siv_asm_ctx),
+                      "AEAD state is too small");
+#if defined(__GNUC__) || defined(__clang__)
+OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= 8,
+                      "AEAD state has insufficient alignment");
+#endif
+
+// asm_ctx_from_ctx returns a 16-byte aligned context pointer from |ctx|.
+static struct aead_aes_gcm_siv_asm_ctx *asm_ctx_from_ctx(
+    const EVP_AEAD_CTX *ctx) {
+  // ctx->state must already be 8-byte aligned. Thus, at most, we may need to
+  // add eight to align it to 16 bytes.
+  const uintptr_t offset = ((uintptr_t)&ctx->state) & 8;
+  return (struct aead_aes_gcm_siv_asm_ctx *)(&ctx->state.opaque[offset]);
+}
+
 // aes128gcmsiv_aes_ks writes an AES-128 key schedule for |key| to
 // |out_expanded_key|.
 extern void aes128gcmsiv_aes_ks(
     const uint8_t key[16], uint8_t out_expanded_key[16*15]);
 
-// aes128gcmsiv_aes_ks writes an AES-128 key schedule for |key| to
+// aes256gcmsiv_aes_ks writes an AES-256 key schedule for |key| to
 // |out_expanded_key|.
 extern void aes256gcmsiv_aes_ks(
-    const uint8_t key[16], uint8_t out_expanded_key[16*15]);
+    const uint8_t key[32], uint8_t out_expanded_key[16*15]);
 
 static int aead_aes_gcm_siv_asm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
                                      size_t key_len, size_t tag_len) {
@@ -68,18 +87,8 @@ static int aead_aes_gcm_siv_asm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
     return 0;
   }
 
-  char *ptr = OPENSSL_malloc(sizeof(struct aead_aes_gcm_siv_asm_ctx) + 8);
-  if (ptr == NULL) {
-    return 0;
-  }
-  assert((((uintptr_t)ptr) & 7) == 0);
-
-  // gcm_siv_ctx needs to be 16-byte aligned in a cross-platform way.
-  struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx =
-      (struct aead_aes_gcm_siv_asm_ctx *)(ptr + (((uintptr_t)ptr) & 8));
-
+  struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = asm_ctx_from_ctx(ctx);
   assert((((uintptr_t)gcm_siv_ctx) & 15) == 0);
-  gcm_siv_ctx->ptr = ptr;
 
   if (key_bits == 128) {
     aes128gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
@@ -88,16 +97,13 @@ static int aead_aes_gcm_siv_asm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
     aes256gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
     gcm_siv_ctx->is_128_bit = 0;
   }
-  ctx->aead_state = gcm_siv_ctx;
+
   ctx->tag_len = tag_len;
 
   return 1;
 }
 
-static void aead_aes_gcm_siv_asm_cleanup(EVP_AEAD_CTX *ctx) {
-  const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = ctx->aead_state;
-  OPENSSL_free(gcm_siv_ctx->ptr);
-}
+static void aead_aes_gcm_siv_asm_cleanup(EVP_AEAD_CTX *ctx) {}
 
 // aesgcmsiv_polyval_horner updates the POLYVAL value in |in_out_poly| to
 // include a number (|in_blocks|) of 16-byte blocks of data from |in|, given
@@ -337,7 +343,7 @@ static int aead_aes_gcm_siv_asm_seal_scatter(
     size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
     size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = ctx->aead_state;
+  const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = asm_ctx_from_ctx(ctx);
   const uint64_t in_len_64 = in_len;
   const uint64_t ad_len_64 = ad_len;
 
@@ -420,7 +426,12 @@ static int aead_aes_gcm_siv_asm_open(const EVP_AEAD_CTX *ctx, uint8_t *out,
     return 0;
   }
 
-  const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = ctx->aead_state;
+  if (nonce_len != EVP_AEAD_AES_GCM_SIV_NONCE_LEN) {
+    OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
+    return 0;
+  }
+
+  const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = asm_ctx_from_ctx(ctx);
   const size_t plaintext_len = in_len - EVP_AEAD_AES_GCM_SIV_TAG_LEN;
   const uint8_t *const given_tag = in + plaintext_len;
 
@@ -547,7 +558,7 @@ static const EVP_AEAD aead_aes_256_gcm_siv_asm = {
     NULL /* tag_len */,
 };
 
-#endif  // X86_64 && !NO_ASM
+#endif  // X86_64 && !NO_ASM && !WINDOWS
 
 struct aead_aes_gcm_siv_ctx {
   union {
@@ -558,6 +569,15 @@ struct aead_aes_gcm_siv_ctx {
   unsigned is_256:1;
 };
 
+OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+                          sizeof(struct aead_aes_gcm_siv_ctx),
+                      "AEAD state is too small");
+#if defined(__GNUC__) || defined(__clang__)
+OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
+                          alignof(struct aead_aes_gcm_siv_ctx),
+                      "AEAD state has insufficient alignment");
+#endif
+
 static int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
                                  size_t key_len, size_t tag_len) {
   const size_t key_bits = key_len * 8;
@@ -576,24 +596,18 @@ static int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
   }
 
   struct aead_aes_gcm_siv_ctx *gcm_siv_ctx =
-      OPENSSL_malloc(sizeof(struct aead_aes_gcm_siv_ctx));
-  if (gcm_siv_ctx == NULL) {
-    return 0;
-  }
+      (struct aead_aes_gcm_siv_ctx *)&ctx->state;
   OPENSSL_memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx));
 
   aes_ctr_set_key(&gcm_siv_ctx->ks.ks, NULL, &gcm_siv_ctx->kgk_block, key,
                   key_len);
   gcm_siv_ctx->is_256 = (key_len == 32);
-  ctx->aead_state = gcm_siv_ctx;
   ctx->tag_len = tag_len;
 
   return 1;
 }
 
-static void aead_aes_gcm_siv_cleanup(EVP_AEAD_CTX *ctx) {
-  OPENSSL_free(ctx->aead_state);
-}
+static void aead_aes_gcm_siv_cleanup(EVP_AEAD_CTX *ctx) {}
 
 // gcm_siv_crypt encrypts (or decrypts—it's the same thing) |in_len| bytes from
 // |in| to |out|, using the block function |enc_block| with |key| in counter
@@ -718,7 +732,8 @@ static int aead_aes_gcm_siv_seal_scatter(
     size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
     size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx = ctx->aead_state;
+  const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx =
+      (struct aead_aes_gcm_siv_ctx *)&ctx->state;
   const uint64_t in_len_64 = in_len;
   const uint64_t ad_len_64 = ad_len;
 
@@ -778,7 +793,8 @@ static int aead_aes_gcm_siv_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
     return 0;
   }
 
-  const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx = ctx->aead_state;
+  const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx =
+      (struct aead_aes_gcm_siv_ctx *)&ctx->state;
 
   struct gcm_siv_record_keys keys;
   gcm_siv_keys(gcm_siv_ctx, &keys, nonce);
@@ -831,7 +847,7 @@ static const EVP_AEAD aead_aes_256_gcm_siv = {
     NULL /* tag_len */,
 };
 
-#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM)
+#if defined(AES_GCM_SIV_ASM)
 
 static char avx_aesni_capable(void) {
   const uint32_t ecx = OPENSSL_ia32cap_P[1];
@@ -864,4 +880,4 @@ const EVP_AEAD *EVP_aead_aes_256_gcm_siv(void) {
   return &aead_aes_256_gcm_siv;
 }
 
-#endif  // X86_64 && !NO_ASM
+#endif  // AES_GCM_SIV_ASM

crypto/cipher_extra/e_chacha20poly1305.c

@@ -35,6 +35,15 @@ struct aead_chacha20_poly1305_ctx {
   uint8_t key[32];
 };
 
+OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+                          sizeof(struct aead_chacha20_poly1305_ctx),
+                      "AEAD state is too small");
+#if defined(__GNUC__) || defined(__clang__)
+OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
+                          alignof(struct aead_chacha20_poly1305_ctx),
+                      "AEAD state has insufficient alignment");
+#endif
+
 // For convenience (the x86_64 calling convention allows only six parameters in
 // registers), the final parameter for the assembly functions is both an input
 // and output parameter.
@@ -69,9 +78,9 @@ static int asm_capable(void) {
   return sse41_capable;
 }
 
-OPENSSL_COMPILE_ASSERT(sizeof(union open_data) == 48, wrong_open_data_size);
-OPENSSL_COMPILE_ASSERT(sizeof(union seal_data) == 48 + 8 + 8,
-                       wrong_seal_data_size);
+OPENSSL_STATIC_ASSERT(sizeof(union open_data) == 48, "wrong open_data size");
+OPENSSL_STATIC_ASSERT(sizeof(union seal_data) == 48 + 8 + 8,
+                      "wrong seal_data size");
 
 // chacha20_poly1305_open is defined in chacha20_poly1305_x86_64.pl. It decrypts
 // |plaintext_len| bytes from |ciphertext| and writes them to |out_plaintext|.
@@ -109,7 +118,8 @@ static void chacha20_poly1305_seal(uint8_t *out_ciphertext,
 
 static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
                                        size_t key_len, size_t tag_len) {
-  struct aead_chacha20_poly1305_ctx *c20_ctx;
+  struct aead_chacha20_poly1305_ctx *c20_ctx =
+      (struct aead_chacha20_poly1305_ctx *)&ctx->state;
 
   if (tag_len == 0) {
     tag_len = POLY1305_TAG_LEN;
@@ -124,21 +134,13 @@ static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
     return 0;  // internal error - EVP_AEAD_CTX_init should catch this.
   }
 
-  c20_ctx = OPENSSL_malloc(sizeof(struct aead_chacha20_poly1305_ctx));
-  if (c20_ctx == NULL) {
-    return 0;
-  }
-
   OPENSSL_memcpy(c20_ctx->key, key, key_len);
-  ctx->aead_state = c20_ctx;
   ctx->tag_len = tag_len;
 
   return 1;
 }
 
-static void aead_chacha20_poly1305_cleanup(EVP_AEAD_CTX *ctx) {
-  OPENSSL_free(ctx->aead_state);
-}
+static void aead_chacha20_poly1305_cleanup(EVP_AEAD_CTX *ctx) {}
 
 static void poly1305_update_length(poly1305_state *poly1305, size_t data_len) {
   uint8_t length_bytes[8];
@@ -260,7 +262,8 @@ static int aead_chacha20_poly1305_seal_scatter(
     size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
     size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
+  const struct aead_chacha20_poly1305_ctx *c20_ctx =
+      (struct aead_chacha20_poly1305_ctx *)&ctx->state;
 
   return chacha20_poly1305_seal_scatter(
       c20_ctx->key, out, out_tag, out_tag_len, max_out_tag_len, nonce,
@@ -272,7 +275,8 @@ static int aead_xchacha20_poly1305_seal_scatter(
     size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
     size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
+  const struct aead_chacha20_poly1305_ctx *c20_ctx =
+      (struct aead_chacha20_poly1305_ctx *)&ctx->state;
 
   if (nonce_len != 24) {
     OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
@@ -340,7 +344,8 @@ static int aead_chacha20_poly1305_open_gather(
     const EVP_AEAD_CTX *ctx, uint8_t *out, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *in_tag,
     size_t in_tag_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
+  const struct aead_chacha20_poly1305_ctx *c20_ctx =
+      (struct aead_chacha20_poly1305_ctx *)&ctx->state;
 
   return chacha20_poly1305_open_gather(c20_ctx->key, out, nonce, nonce_len, in,
                                        in_len, in_tag, in_tag_len, ad, ad_len,
@@ -351,7 +356,8 @@ static int aead_xchacha20_poly1305_open_gather(
     const EVP_AEAD_CTX *ctx, uint8_t *out, const uint8_t *nonce,
     size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *in_tag,
     size_t in_tag_len, const uint8_t *ad, size_t ad_len) {
-  const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
+  const struct aead_chacha20_poly1305_ctx *c20_ctx =
+      (struct aead_chacha20_poly1305_ctx *)&ctx->state;
 
   if (nonce_len != 24) {
     OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);

crypto/cipher_extra/e_tls.c

@@ -42,14 +42,22 @@ typedef struct {
   char implicit_iv;
 } AEAD_TLS_CTX;
 
-OPENSSL_COMPILE_ASSERT(EVP_MAX_MD_SIZE < 256, mac_key_len_fits_in_uint8_t);
+OPENSSL_STATIC_ASSERT(EVP_MAX_MD_SIZE < 256,
+                      "mac_key_len does not fit in uint8_t");
+
+OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+                          sizeof(AEAD_TLS_CTX),
+                      "AEAD state is too small");
+#if defined(__GNUC__) || defined(__clang__)
+OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
+                          alignof(AEAD_TLS_CTX),
+                      "AEAD state has insufficient alignment");
+#endif
 
 static void aead_tls_cleanup(EVP_AEAD_CTX *ctx) {
-  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)ctx->aead_state;
+  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;
   EVP_CIPHER_CTX_cleanup(&tls_ctx->cipher_ctx);
   HMAC_CTX_cleanup(&tls_ctx->hmac_ctx);
-  OPENSSL_free(tls_ctx);
-  ctx->aead_state = NULL;
 }
 
 static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len,
@@ -72,11 +80,7 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len,
   assert(mac_key_len + enc_key_len +
          (implicit_iv ? EVP_CIPHER_iv_length(cipher) : 0) == key_len);
 
-  AEAD_TLS_CTX *tls_ctx = OPENSSL_malloc(sizeof(AEAD_TLS_CTX));
-  if (tls_ctx == NULL) {
-    OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
-    return 0;
-  }
+  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;
   EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx);
   HMAC_CTX_init(&tls_ctx->hmac_ctx);
   assert(mac_key_len <= EVP_MAX_MD_SIZE);
@@ -84,13 +88,11 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len,
   tls_ctx->mac_key_len = (uint8_t)mac_key_len;
   tls_ctx->implicit_iv = implicit_iv;
 
-  ctx->aead_state = tls_ctx;
   if (!EVP_CipherInit_ex(&tls_ctx->cipher_ctx, cipher, NULL, &key[mac_key_len],
                          implicit_iv ? &key[mac_key_len + enc_key_len] : NULL,
                          dir == evp_aead_seal) ||
       !HMAC_Init_ex(&tls_ctx->hmac_ctx, key, mac_key_len, md, NULL)) {
     aead_tls_cleanup(ctx);
-    ctx->aead_state = NULL;
     return 0;
   }
   EVP_CIPHER_CTX_set_padding(&tls_ctx->cipher_ctx, 0);
@@ -101,7 +103,7 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len,
 static size_t aead_tls_tag_len(const EVP_AEAD_CTX *ctx, const size_t in_len,
                                const size_t extra_in_len) {
   assert(extra_in_len == 0);
-  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)ctx->aead_state;
+  const AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;
 
   const size_t hmac_len = HMAC_size(&tls_ctx->hmac_ctx);
   if (EVP_CIPHER_CTX_mode(&tls_ctx->cipher_ctx) != EVP_CIPH_CBC_MODE) {
@@ -125,7 +127,7 @@ static int aead_tls_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
                                  const uint8_t *extra_in,
                                  const size_t extra_in_len, const uint8_t *ad,
                                  const size_t ad_len) {
-  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)ctx->aead_state;
+  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;
 
   if (!tls_ctx->cipher_ctx.encrypt) {
     // Unlike a normal AEAD, a TLS AEAD may only be used in one direction.
@@ -241,7 +243,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len,
                          size_t max_out_len, const uint8_t *nonce,
                          size_t nonce_len, const uint8_t *in, size_t in_len,
                          const uint8_t *ad, size_t ad_len) {
-  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)ctx->aead_state;
+  AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;
 
   if (tls_ctx->cipher_ctx.encrypt) {
     // Unlike a normal AEAD, a TLS AEAD may only be used in one direction.
@@ -297,6 +299,8 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len,
   total += len;
   assert(total == in_len);
 
+  CONSTTIME_SECRET(out, total);
+
   // Remove CBC padding. Code from here on is timing-sensitive with respect to
   // |padding_ok| and |data_plus_mac_len| for CBC ciphers.
   size_t data_plus_mac_len;
@@ -373,11 +377,15 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len,
   crypto_word_t good =
       constant_time_eq_int(CRYPTO_memcmp(record_mac, mac, mac_len), 0);
   good &= padding_ok;
+  CONSTTIME_DECLASSIFY(&good, sizeof(good));
   if (!good) {
     OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
     return 0;
   }
 
+  CONSTTIME_DECLASSIFY(&data_len, sizeof(data_len));
+  CONSTTIME_DECLASSIFY(out, data_len);
+
   // End of timing-sensitive code.
 
   *out_len = data_len;
@@ -453,7 +461,7 @@ static int aead_des_ede3_cbc_sha1_tls_implicit_iv_init(
 
 static int aead_tls_get_iv(const EVP_AEAD_CTX *ctx, const uint8_t **out_iv,
                            size_t *out_iv_len) {
-  const AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX*) ctx->aead_state;
+  const AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;
   const size_t iv_len = EVP_CIPHER_CTX_iv_length(&tls_ctx->cipher_ctx);
   if (iv_len <= 1) {
     return 0;

crypto/cipher_extra/test/aes_128_cbc_sha1_tls_implicit_iv_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 20
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: c6105cc86e18eb8376c16ea37693db5c07b77137
-KEY: 8503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+# Test with maximal padding (0 mod 64).
+# DIGEST: ceb2d295bd0efd37c6c34dab1854c80e986174fc
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
 NONCE: 
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c748
-AD: 1df3f4183aa23fd8d7efd8
-CT: 7265eea4b391d880c6bc72d3282f663e5551c0a71ca35898047362694ee8f2710974350a2a38a13b0434d312
-TAG: ead153f0c9488b88357e81187178465d2416ca97dbf7460c9519ed9957d9e74e62950447e49dd233e9c504876a90fa79273e597ed751da4f32a2c60cecbfb6641ca2e8938774cbc324affa9bb027d219730d57ca1981e87d0dcd0551618493f79ff8c0366383e0698a009bd976c63f089a8b901b5a08fabf0d3f798c349743634d5dd35a2195cf0b74b67d36d65be1aa920831906acbc57cd880964ec948e9c11614104721efb62a47600ee968418b1d197c3ce6ba6246d5ac1f07819f67c2cb3ca5162aedd354e2314d65d5e863964db421846da7603b9f11c503966834ed501885763da3e89a59f89f1e31f78111324b79637dd3b6aeeb71ccf2557f9725b86dd13088ce257cd6ea71706ff8ec9036f56d76c4
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: 2840fb36bc8e03c59de49315bd8a6e091f41fb020cdb174ed0ab84fab8f94c14e840fd37fc13f48490c2d2ffd4efeb4da8d98840f6ee5af812bcbbeeb7f2992b
+TAG: a767b9c80eb4ab9270c0c08d6adc1bf56245929a79a4511a8a4ccd2c996611a0154c8101217b46b049331d3109a42093f223a8224e11fcecee906b2ef52e5650da0498e3f832101b7ef66fdbcef302f362e570e5e42d5dbc33d0d662913c78a8caf3a9e2e22949cf6d212efee4d9dc8d03fd6a00d41f3073c4b73149e8bf05d23b2dd88aab1c87ac948a3f96be79c52efe9488ceb9a1c5511b441a6ba4204beaf339539ff9b4443000b5b7c00261c663be3087c395ee448e724d1cfcbe10e15ccddcf50378fef972fa3aca38fdb1d131f1bc7ce166f4476a008883292f8422cc668e1c8e0cd53cb25a64324d187b14143563d8d1af9371602a068da959c587cd6a383d1ffc74190c0499b2d71390cdcf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: a07054c760cc66fc704edf950201005031f3faac
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be1
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: 2e7e6cd84e03e35d8977c9e1d4ce6784c4db3a87fa1b82e6f781e284e0d3914eb56acdde0374eed6283cc10e1f329821fefbf888dfc8fb42fa574cb64df6d88d2d
+TAG: 80503493bfa3c2cd3817bb145fc579ebe050bf0e6310a29c9e1a7e98371833a25bea5c82bb6128cba6e27e7e796b49b49cd55ad123f90aade4d76a636104e5a4f6fc9c92997c0706d709145b208523c0c890394fcec38507fa0bad3d24fdc921416501e5c9b6964db81572bb933b67c4b5bb2070ad5068069592d35902ab93bad8d5121fe15bbb2bd27ad946a21f2ecd7e95c7f4c63ddd00589ac304d638307e798d9a55bfde231f5bd8a8f89cfae591b0234662647c3b42278f4157c4fb44fcc51862bbb2f03273f680d6dccee49b51bb4b881e5a1768dbc537e67073b796047fbce6f90eb54776d9f0237978f129af7efd4a3f380547e883d9976b38819acf9e0411769fc6898eaeca53f5def25f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: d059c266cf6233af730b7a229b19356a4c6fcf06
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: be77b79780ae8ccda54d5f995f7c1beee8ac61735285e34d9dd137058555e723daeafe392773f428ec528a14c2f52a86365c4929d98d4504c669db1d984e2f84f7bf
+TAG: 24836360777dbacbbcea10d08e3d975a0bd32669871000178d167a1e40a6723b7c47ebd32e5df52cc4e0ee5459b355f285a0a93bd9fd016642221a335a2f09a4635f71d8575bdd081caa14b083aed01444df63e5cb01377b8a3ac31006c92621a894b71d50c85964234a5aae094a931e5456416236001f46d771767aee47f6b7c3493fc10b9f392dd629852623c1ff6f1e7dd3346d1aabd132301fa16ce88017fe3ca394d1c685942f1ed7b37f84a25682142b02ce138ae9b21c85db410cc3c266f6a490ffdaa0ce95e8b1f2da7f6e6ddda2d4570dc5619605fca903e47eb62d7419dfe49f354ac18762abbdfe5431a863b6f7371731ebb09ab41aba79e41be8603060fe921e4dc8b7f422392640
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 8aac0687e33041fcc18da154b41f20a6af2bfb28
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a7
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: 82aba2e22933737ef55346865375b574f24066eabe39fb800ec790df3ad05f85a760332e8a1d45e7b0c2d969ac5689505510fe035db4ac1c5a8a01a6f6ac00ad3d8344
+TAG: 090114b0a31c301edc2bed8e25298d4f913558ce3f6f607b0fce5f9e7b1c953601ce9890f0d8e8d6a71c5ccc4e0aab08942628d21f467bfbfc4996863e8fd296b7ce153568999980ac2980ca68b16c0b2edfe5efcfff121a7e4dfc8dd9387442c4847f7c572f668aa990334dc50a54480f673c338f1ea9c81cfb9d482f6e4ae163e412108ad5775aefe89173229efd58a0f56b411008f87e3aa307413779538057f5d846a1586920b1448b4fda27b65647b946bd5b7950a5e3e37ccca55b359b4726e26fc3d168a9e8bef56c1a61fcb2b55cca61bac0123190572c939584ffae1e913b82bbd8057f302a900d2a1a7ed1ab4a1b7c8c5cd56fc472d69d013bb897ea3d72d299da0df5fcc7a745dc
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 53658226c112b86438dd27b58a71f9e36fc73c1e
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a729
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: 3eceac2e338b4dfd9f4840d77db69ed23ee286b522cd4a324b04b1865cc772914c8d84abbf0db1a3a2d15401759b18d6fb3b7020cca1e31d136fb97b26bc772baf5a363c
+TAG: 1b6a98c7f9b8c5c560add0eb46d2d7559ebce0894b876f0de8ec37031df30667cc3ea54a4e71d8bcfe575d6044d9f70852fcf9a1a6756643e28944b59856ed1ce9958045eae0aa64bba55b64aac0cacded741293262550b085b4cb143d8bb8f7061eda2911c86e1afce94a8afb4db1060c2da1e9bb0ca8747d71b706134e44bb7e4b73518ca9201d610860961a53438d6efb51031a1ba0fa9b437b8a3aebc0479bace7843b319c02b4987490bed351be2eced028a2d0c97a1e30ccbd820f4b3f669e33b74c1b550a8d9782b9ec7fa45b24dcd5b6788895d6246a4cdfb015c605741047c1d2323e207a8a622e55b6a19401bb67de62154392edb28ab3cdfbb2ae2f21c3181ee8033130e95e05
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 6b7d5268b0b5037afb5be5af6a0ceb34e7656ac4
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 5cfcf9e4dbe1a74e748665bf393c6fe93807ea36556590a1f2814c2b445988c1f6c2815f6b1f0fecae452d1bb89a055bc6f85bea11d99d0b0c62db8a81e3f0f3a557c208cd
+TAG: 8e73adba964c6868bb3da63b0d528a22eea8bfb4be0b1030070436f5c442649857c9c4a32759c5071d7d741692368497a978b5668b912cdfb0c404e514411ff111ea9f1224cb4a9256dc57a8a4677fe576b554cf6e4f975ac3a81eefcaa0bb68ac5bb26b1bf54bf034a50a1b3265e0baa8a900f048246c7ea825234732c3f5b34c4ddc0adc46178d0adbd9a524502061ad4c6df62dcd8f8851f270dc452be39021d5f054b7aa35f5235739894c659bc06333d0e564c38521d820dd7cb0dbb8a018543ebe7799cbd674a14821a6f92d776aed736fb4ce19ffe6ad5b456c09cc597443ae1bb41be9ea0213edfc1339636facbfdf56a8944cc548fd35fd5fa4a7b8cfbce736c6c96465326a49
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 63efe7af502231420ed5aecce9a28446b257828d
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: b2e315ef97a1b89b4625715c61946446fe1bf27aa60e65d0ad9849f71ec53ccbee951d3628efe2795949f88795b354df0ec68b21cd699cdd0f92f31f3d6013a4c1116165b4f5
+TAG: 4e9eb0387d9121ea239b27016805f35c09c90904d9becd9ce23d77233e8b68c86e17f92ac31794be17386e5fe2f40e83147a7dea38bee4b9776fb4a4da85408b80ea7718d542a47e7e5d7db38c18560dbc37d49f4fae2e013c4b89ab59f2a529b389e2ce5b2c9f0883df472fb9ac58bc5e27dc21938344195de25f1e3c015b68e6c6f6111e037010a075e78e852f9b0b8e568359ba22eddd71714403309987ed20e381b8ff67f5fd5d9e8ce77b1517da2cd4c2909f83fe70b65af0ba8dfff1e0860ccd217a19a96d94ef3cfbe1214e204d4eab8045f97aaeae0946b455e01099513c5a763596c7495de135bd2ea2b9c01e7fcc5daa0e88bcb45ce5bd044dc300a281b2bfd18f6090f7eb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: 1a555c300a1d1bd5b03cdd6bf2a678621624eb05
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b5
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: 8221477092da15c94ec15f34ef2d540c87ab24236ee4d97ed3543f49f2daec059be7c0f157f2d869bae0bd4b9d214bd40ed01484c28019d6349cac27db29050831e5974b5426a9
+TAG: 9f10a7816f0b558aaed826c53d63677dc443bd48fe1faf9d8e8542db0b3959d6754d0771ce1a23d67561626c7c521401c0a8882656ded33ace7965f5978bfa1c960ed9eb3831f45d28a4fb0ea44cbd9118f39eddbe3c56886bb4bd6593e13f2bf641e88adccaf76ab0356cb77654a1b27597b1b5fbbbf15b6c7673d92aa7073745721a299797b77c5b205ee44da405d634f971abf26bd7cffb21cd6f952eec7bc214d6ee0a31622c78259ba14072536751b87b968cc5e6ecb21d1b64c53f7ac24dd9344c2a03dbea3c5704bd283a8d28eb2ba5e4dc1b16a0edd6f4cb76aaf746b1a987d58ed73eb2b266a148ddbc033bd45712a3101f7b536d2d902b7e124e199442b149e3b603f199
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: de9156349b578f2f44945ec6a676a67a829daea1
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 8a9f0d731d72929136ed9e6993cbb28013b336540f602c7203e6a38391dc07c8c3ce5b4ca62df582dea366c4b0b5aaabcf1959a7f0bc92047023c72225f5c071a588d95774f2e2c1
+TAG: 84d60af507164a4f4958b6aed0525028918bba60b4affc1afea92c0ef485679506ffdf649b0d9bcefcfb8f1503b2e48937a3e732785d85b11a524363a55fc994e756148a3b7b2772881aaceee2ffeb0f18bd85feb215fc8352dc76d8ab5255d56db5e9f10c42b4a3447321d459ed20e536062a33e6cc598a61b905bcd579e6d68cbdfb94c3b100e05bc0009b9841fca15d909de6897276f9177cce5b049c45954b7cddb7610127c9dd40a61bd8e47b7a165940ef3084a0b523955741414a12d34aed68db231db939b1417069516333b2c0c57e843f098a55e375639ebd2acf658de1f385a1e29c5eb9efe14c16e29488a32bbfd127592c7c45807f2b3e8f57144b9cf60130592b62
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: 12812df3aa7f3bbc899f6f248f5590e02570c292
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: e3af374fb6f33c64fc2e4cc1e1b635bbe890f02359b6adb2a747beda433e003e30e1803f2169ff6abc81ff8095601cdff7aebae5fd8fc012387a70dd7db18e7eb79f87fcc1821ffdf6
+TAG: 4f9730c5eeb9cb32e005afc571d2ed5b2de38670704f854c838d00584becf8583ee7e79d9609bb73abb70bd01ab228bcf6070ee1c1c97d4f6003f6a3ccb4b8af43dfb37bbeb707e1efa51b0447e6b31e82a3fecaacad99014a8d502c3db8a36665f85d62938de6ffe30c4749535bb124129caa1fa465d04c1005e64f7f4397607b4e6fc31b9c34961b7276185fc3211eda045c06a28aec0a1e0a0e2f1f6829a1ab372d0bedd711158696b062b9dcfbff4925dca71d4ad7f7c610d40bfc6e7d04f4990d6efdd059679c7137b5f5d28c9784fca307e2e1df33dfec10a242379ff30984c62c201738edd60007c9d56557692e8f73e5d0c83059d568312b3504de9691ad3d9b30a4a2
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: f3c89f21c327fca4aa400fabea9e39780378e901
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fa
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: 98b22a9119610480bdfc5cb6e2a950ccac8741690574730b87fbeb113d5daac699c333ff21efd0e73d2252e95f64dd2699b940b490259cb5fd698756713c0e53ff69a733ea13587cbcb6
+TAG: 63600a3d7fe8a782af7af230da63bc84dd993bcffaa5f76e5f63ef56407d0412b831dab138d117fbc081139cc49946a7631f488c11946c10530806ce7a781baa3bd072300a5cdf8aaa3b2657ea3732c1e24271c447e6d7f6a2afa0bef27aada30585c33479debc10cb72febb181c7f5f77490b339285bfbb0bf07c545ed5a0f3f183fefdc7138e330095636956328ab85a201e3cd6a2edc573d75327bdf615ffc8e6fd5e133558b831e24b67751098320e9afdfe7c7ef4598c29563113052c568263612fdc3c48d8e9a8a407bc2918ede467636dc0185d9423e9eaefef4126247012d5f1930c56dd9dd7c34d397f388e4f741953d76bb1eec911079936a8dfc584fb5b7c84e4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: e8e41988fad6c8b44c56544964cfe0a347b35b1e
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: 8795d6c225aa78fccaaff86101641081f4a440969633ca8d7830ffb14f629fa34dc4c15e8ff20a8940c7a484ee94503372e658615eb3fc07c2d2c399ae9ad7a77d684512d0ca273f77fcfe
+TAG: 534574a93db9658b653cd395e981cd4a8992e817ba058f692c5f0c1682745097ed441781afe30827bcaa29d061e2d1554a949cf7b62077b768bc1ca8679618a5d2b32c0b7e735db6a27fd762a60aa19e60a60a9edb02f20e3e99fd4653732525a0c8d8042bd3ba5387f93a7e0da483173b3abcd3ff876badd75b81741abfe2baf21be1006d1cb85bc543ddc7493f8faf4e27619686ba324cf651a16e7ffc23ae7786eb8823300a5c65982228aecde99f53d43f86d9ec0d326eb3ece9f6cf1c6bf92d1599c5f9c391e9ba189195665d3018c38207717502bb60e020773618df614bb4e0309fa0809ab215f68f0d9d46c28950d3edad6c4f71dd5af9d03dfa39ae62482601ff
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: d1c7b2c04dc25fe7b742a1d659aec20e1475ee4f
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: 694868cf990a1b8ef42fcb2b45cabf1bd78eee4b429c11b27a827762b9c319bc54a2b2c8eb2ac85063ef8ac7da8bc35b16c0a98822981dc9b246381780da7833eb718bc8518e2b176656ff5c
+TAG: ca1dc8a003fd389a1eb1cfa4bf9746cdf45c548f8e52e0bb0dd456c1369686e0975fada75cd8fb261a01828fa1375941dcd8c718f82d6b64222dfbf7143ce980f3936b78e525c961b7d72d5d68127d0f98de541853ae36408ac489c5629c82f00a44dbdc89d665f94fb391c4a0618f31df9bcf39a07325b600265daaf53c2762396f9f6e83fb4f545aefaaeb447d4162ad401e1da2ec090d78d7b354d80fa975dcea9b897fc0f16681cd9a1aedc78cdcbf26249e18132e518b75849af55de38562ac32c50819a35156706510688f3a81e13e3bd5f61a0c2a8655c251f4732258c3cf34694be21caad599996c9a13303be173f916e90f606dfe1640bcf35e892eab6ca70f59ca019d27c58cb69b4cb3bcd484198d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 116e20ff1e79e0af464d473b1e7c187f4dd66007
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be90
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: f2e78e183884c99ad7f199a02d87a1026c832b9a953919a98c2487bd0d724be407994fcce9e19b5a69f15ceef5d3b95c79d5fffede18a143cdfade5c0f80254cb38e47cc9c82488116640aebe9
+TAG: 11f4ab3470df6f43596f9275964c3ecc22543daebbdb99004eb6c1e001b2119ef9b247f30481117102a179a7ca72c556a029b77d0ee2167190923012aef527b8a432576f8948a7dc77ebb79fc7a9dd1d981a4bab9c00e498c09902ffb9362113f6ad3ac6c1f792fe27d3a71aa19b9f769f2417ada3d303e3fd2600484c9f6b43e4ad834e60ce4d4885088087a96eb52ad989a9e9a43aa53a78e513743a8f08cb472a144af5a6abc17f217715e074aa470ba71d2b1b75e4ff3f597c4d1993412d37f94989c1df016f72b26c8d58d78a8a3295108e9bc061facdbc4c708a1d7e7c95bb8e365d4e933c0e519d08abef948abb67c5a3ebe938b91613ae9bcb6079436af3acbbdfacf77e8b935686d4ef7ed47b5b10
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c081d0d09b2c9eb39a372ef4a7b0246a0956b0f9
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: c7de96bb45663dfe6da2a64ffc9ddfa7c3dc63077079bd4bc2ce52fea89924a75664782a5026fb5a099ec460eb9c6d7c3d5ea383092c8f4c67a70fc499a7689bfc27df4da7c185d573e6f8d70cc6
+TAG: 1d6cf11ee4afa8efb4e025dc32e0c73a6fcda2aa5c892031c7fde0d0d69e38e9e64e88a714184fbe73ca0f1dfd35ba3b0378a474cb4aaeb942a529cd199e20b7dd62654b97d92dc317975d5e26ca1378d41799a127c44a157982dc3677a4dd391e22b6906d303c2c60cde6052ffbdbe5f8bce22bc2ee42975f9892b68f228cb1f584b1a3fb2f15cb7bcf3d9650e72e796c46f7738986be7f7c30dc56c179299c9c368090f68b96735673f2279366122e5cd94d8d4ca2cbeddc3502d833bb365756cd511577a7499c199f403ce114ae47aabd351bd27e4595e3955e1d1c617a3d0ca2d6e4a2bc3275f5ef706fc4e02e48719958d37d172ad1473878686fca9420dafc83e0baaa9aefb1e50c98d6006ead6bd7
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 6f7bb1f9e2772eb909c315e653e4737cfed78a18
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: 3a77c0f70f9044fb3817d57be4f4e5ee4b27ffa586327f77c18346f9fef2608a552b551ac549f9e8d47c4959196162862fe2a35e44581971c2974d4a65a47ae719a7f5f070ad902b8a9e022abcf303
+TAG: 825fc7dd84de7f3bcc941d0234090a9409e47dda077e0f3fd000965bde1d4ff30e15b23affe14d94515629f8c018d085f41aa3ebfd0498f621593d57aaec4bdd0e22df21668451b098429967c8eb8789f92a5578d177e5d2e326fc14fff272eb90368d56a777849cc5a1d54c6a458d32c26f4cf99e0f80c91e6df29aa53edb03df176b9873f5827686faf26dbb038813a8170f59e3ad85ad698308748d112b7fbca45156a4410cf32fb34fbbf27b66dddc0680f2bcd7cac6b8cefa83945fad84f77a396630029e6bfe9f15cbf5a884332de5ea7f558d783858c18761983080c13f9c06be367ad856cf159656ad140e84d6af4b4c3517b90f5ec0a8e6fe18d42ce3d194f695f9b7440d4118b8170705b766
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 172f4992e692a88f49628e5d3937959be01aed2e
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: f2f3a3d985eb38c406bb0db0d141188c680656db8a4484abad2c8973267e14458e2be7cb52f06ee2a0f68eaced13db714296319b2b3557454f5e9cb47e8943ea3e66f7bd25c5757375be7bdd65fef53b
+TAG: 2c441fd3259628cab417df36374ededb37b9775c0ddff861a5b957a9237265000be0857b3b8482ccc5a348dbb9f4529da4baca8a8820468b1219fe4680221bad9a527d93ca499a988411021e0f9cbfbacc7851c63cc1886e934238d9b7f9cb6b330ad00da830b34c7e4398d148af7599a87770102622e7a68828dece16d4255bb319c75ab0046defe72269fe67780b34324eb3d57effa216411caea5661e64d8151707ffa86752c876590ec46926b7e963ced6a7fa95b1bd958e618bdf1775a9b3ff18c91ed490f39cffe0ab03bb5006cd321d8e6bbdb19597ad7692eb7a7685e075de1d383089f46c8a4bf1aa948bf08b89fde28696147c767f5fdf2aee8b8d4af2903452fc5876aa226d490140a55e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: 00133da1f7c63fd5f0eec364e9a359be02c1d3da
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: 02fd26e7b51a1bc6ab6735045d2e42fdd1f31adba98ed5f8b3e89450853104633abf6cbb70ecfba2f5b39dc06f419746abae4a51d33829bb04140275021d183ba079d58c37d4147e8114bc2e3d1542b0be
+TAG: 4bc0c3d3487bb74931c27253f0f0931d15a627ad88ac1ba563d97bcec53524870d8fefd1300feae23772902058f5f4a0c1c67eb5e4ca9d4f98692398a9019c3263d2191361b73038e3c9252502ca72070f1155952b3a0c787508d7c0c96e02036b2a26513fc69b19f1c51629fd7bdf015c0c45da5de1d6899f3cc3bdaea7a3d7bf1d0e8a8430fdd7ec70f93d7bb62fab821c1f0e9ad564d04081a3fb70b43b5ffd990e53938cd34084411c0c11db13bf2e28c6fa299c720f3f68ad751c20f6d12ce79382a1d0c4bf3a6bd3a695b3040193eab3c73aa4ee751447a5a46845c86e22909cebcbfc8b653f352072aad19b725dae4cf4d1c8bfe55605f0eec27682a6a365cf2e3e94ff769c2aeb328fbe6f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 60a6821269be6c5b985576b245f106128eb0b325
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: b2fe392acc286bdc73cac1aee34ecb3a3e3ae2ccdb065618e3c4a17f2b2668a2c11108b0bf8a8ffe20800a698e73c9b6ed4b0da61bf6fc22c33c75439445061e198f018f271a8698d87185b7df77daf9e757
+TAG: 7a3dcda8c73da41cca4a85a9bb5226d8a94f2a39abaad492ee978b6051961be1f0023b673348fa17eb29430a340b3597c6aca9304be30abc5129bd65073aec837e55fe06c7787f4272e75c32b3f1777451e17853f4a4696cedbeabb57170f77efe9db657572035af08cbde5432478dc339147d433457d3a15f8820515a6f267dcd14cd9489352e1561414e3e1e0a85129976c24dd016d4621af0058ef4e19fe4bdfdbbec370fed7ef641434eb629fbb16fbcdd117e9b84ccf7ada8324f9815e4aa42c12d4f0609060545997afd4e6786a0457b0b2fc73ff7856adb51223d2408ce4c414ef2afe52a3bb67be43997898ba846045e96a27acf3f1bec0b755e424f57c69774cc13ada5227c7642f563
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: e2593f3b6741a9ed9fa188fc06efd057556ee624
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 8780167385b8856be346b71b042332368067d5d9420b3793fe94bc1ba92991756523c7a8e0114af8fa7296ffef8fae01796b47edea43bdcaa8832a08e823c45c1ccfaf1190cc7fc73a67decbdf407c72740a7d
+TAG: 974451fd4d9d6d1f88be4404869b435b4b687a1150b31a0671c93f52f76f2e4dd71bf4a3583f68ea5fa4a0dbf8c779f83e8dca1882e9bfca3e914e77ccbf40ac94769c44f9a8bcbc35a4f9920c6860078d369f57b407d353e8022263061bc974df29fa7c862f3d06213b1190cdd3e2091b2e26532356560efc3b21a499f4841869c993272b70f153985d45756a0b3250a1b91ee3f25a6afbc202f3ef81dc607068fc7214e69255342e662c64ffd8acbe86992ad20ce376d92ee0bfbee6a72a1f83f470d0bbf6ec22b364e842b84736d3923de92c488c102344fef6f78624989460a2c45fadec2a7bf722e2e6a34162363cc04720a50f0d309f64f9322a11b642b97f023cb82a521af6b1759d37
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: 17450a437efe239e1858ac4062f34024305372be
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: 2cd2031084f8742da110ab5d8f7290828857c867b38427c3f53be0dbe2cc94527d2f0aee90a38dee77c0ce115ef650b2ae65094e99ac9bf6da89e5440c1bb4f8ccd163427bb95b3ccd629e6881107d6c9a80cc37
+TAG: 026560a6675920dfb199359bea1a03ef0d7d67d359bb6b94074eef54047e92a0940f8eb5d08aea137b7caa73904b66a8c99775e0d859e4c91d68dfab271a9401fb650a9afb83ec4b42b97a74db1908fdca0a06603cde524524ecb3bfa15a96b6e250edb83e7c59385357c075bf077ada33489dae99c2e5d5f17cdab9d23dfae4171e564bb91e3e78d61dc7f1712c2a4431e9451cc1f58df004d04ec50f77a2681969ed91e07df4ec90fd185ede409a5387538b115107a1fe22bb999082d4341ff5a6ae7af33cb27a64eff64492a08eae3c18e5914971e514f55e65ca93a8a19d7d4c2f3df76232cbac674c480e9f4316a8df7ed9d62f8144338249732dc1c3dfcc8647804c13a03a59eab926
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: a35fc7d25f90dd9cbd35910d5532aca8aba88b29
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: cea9c7528706d506d75cf085c8475c081ee8c6145ca11610b73eb3e103a706faa66062f8edc10abaa7c3edb3fcaf43c202c4812e768fececaa04564414f45816fa5c0df5b7518ea3859be75c4567565358293e9232
+TAG: 32de5af09080604ec6b6fc5a0a542837a54131fc87b1825666e5d56f09e15b76d47fd8086dab709567aacc3e59d395656ffadab861ba9a0e1c1b30321ce334b68724877ec6806245bdab9bc0f8e5af6582fe91a2ad95f7a6bd0ad1df9f9c2d2c20f78f2fb0bd2653fc8e8fefc9255541d789a0059820b30902c3e4344b68d4603b3fb8f5001df91fc9383dcfe76f219933078c602fe2813b9e59e8f996f8943c96c10f27d02f5bae69789870a61abb6c3b118f6cc348188495798b07424a750556a8d1e444b47283b096b9cd8b98b790445ba8ad8245a040a3cc96c2d72aba1474f949dc607c386c7cbbda952651f6d3260c82e5a06c517a89c5dfbefa069136e3c094ee1af26fc4c77e21
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: 73eff0f03358879f900b6ebd515f0f4e5a6929e4
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: e967973079db00d2257d84817ff4c5faaf98024ac7eb71d22af3cbb92a001a558f5cce2e8c293d6dc2a968f69cb2731bf65954affbfdef4085123aa06baf0d80edd8d04ad4b1d48120f0db0df02ca13708f66a567ed0
+TAG: b8f6b6618dc8b59b07566c1aecf97a9933b6546fd8882d14cf75b2065f17518722b5fd77f9449cdf4feb87e7943f9d48b56ab891514f608767f1711314974b020804b7227326185bcdd338e3a9df31f6c3a0190b25d02dab04ce23fab918d6176814877ffba65e410bab2ae256d4f5f937458d24a144f3c45f6fb27e9f95490e95eac4575d49d7dec6f72ebdf3efd9dc6c83ead51652223b18963651b8d957b7aa050b022e4beac68f928de0d1094dc756d8e1d2b89a1bcac0d3d40f0f71e67b166a6a56d8ea91df5c930566640be524f187be2065127cd15b2417f7d80b6a8cf781e0e90c6ef61cbc902e935ffd2dc9e84c4170fadb6f76b15d77c72b49b8aa30ad1efabef37d55b4bb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: dd6cea270655225cb4f4231f54c19eaaa146eac5
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: df01c1a140da0e422919c0d34b231fa3cd767766fb35f8d78d715c44b9003e42cca112fa1543d74ac05e00da9b5740c03b5c4d1e558ceb8629adf3adb1771e6edd5b986094f724e675682e65af15bb3c0feeed8cb3407a
+TAG: 25a40fa2eda366cc951e8965249500a657316c33538f874f861753eb038dc5cce0425824f138abde55bade8b0500af1f61b8ea69d4bd68de3fc403021c2224635535bc83dcbb429a8ea6c0ca2687a34e02d1dc45e7bebafd26b4814c0766e7fce5238767280ce0424a3f16a30b943622b8c1abe4eb6c279333e9d8f7bc32afb915bc5b0328147b57d02d68584afd85107302e3c84983cff39256313c4462b693c256edbbedadc50a52cd2a3c8255c1c34ba87a70cb652d74d8375ede59a57514bf5bc50532acc8be4b438daaa2d7d2caae6c291ea2c78e27766b6e2afa2551f3287a6a2a4bf747a1706cd66fd724fbe0e7e81197b1ac612c05cde5a62fa0d5c43d01e6300c7066057e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: 34dd9bf0ce19eff890ecad474388779f63b0af70
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: 889ed4c7bd5455821c5b95a67a277a197140816784e820ad8e126b3d3f0ddaca73e3eede78c1c1d3ff5c2a98c0cadd644393b7e3c2273aea2be1c6fd20374b71edbed5658237d819b5e4e206698c8cc8c12e017196776bbd
+TAG: 57da1b6d2a9717b7f6f37f21dd9c686414ecd07bc24619b9d35c62c3548586bf726bdd33fcbbf64686556d1ece930f37c6f4c8bc1931a10c50269cc1dcd95bed9d9edb0463a266e6e51d2d90fa9c1a1a4dec6d21663df4f4b99060b37441cdc09386eb785b7cb0183df692d7846483998269e36d06bc7e3a010ebc798c83a5de0c4d6201f2b5b7187a7d99d109741a19e267cbe458063aa1ee66c7c2e0449549d03a9cac20d356c393de63d466ac3e04d63b88c26768f0b3fb18564acb1515ce4be0829aa99cb293adb9a0d3dde529827abeae270611c35277a4b373fb099cfc86a99483063014ec189429a243438447c9cd47a333b22e2c1c84845b79e23a661d411570c510f42c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 7db8cfbd3b29f96d752346eeda3c2bb0bd070099
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: 13833f78c9383bb4455972d6e7d8f22597e65de7dd01afa28fd99f9734366c522bcaef59c41487d84b3f84c1e0b7e5ff6de84206f54d5ae80ce80fe3cb68ea4edcd15897fd6fabe2a19904010538005668f2b05245e28bc0eb
+TAG: a76458445b8ba4572e8aed335eeb6ef8126ccaebe8b4be3f799e1def09f8a81fddc2ddde86e2d011c4b61eb16bb74cc5a2c7e1b6d0107f6b749b93fe9f6589bf4ea2444cb63f5bdd3b65827fff3adf32044621aa164160ac4662506b42b0b13ac148e09abc016102ccc988362f5cf64b969fc056e3f302a830f9a0b7f3789bac1c940d5cd7e2dd61aa3c6b970c3d066504093d658fb5f9ac7fb22ce306f5a9d495ca7e29d02bb39123b5387c43ed9fa1b8a061a339ced5a9393b7dc6401921d0fe424c1f168451286961f8ac199c3f8f8d4b154c89d290a27cc53695e082bbec8a338ee09826555a3fba8fa4bdb663ba932db800df0a1b570450f33f936cb71622854b84b260c9
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 4abaa8453e8cfdefd918571a961d8351754ad5b4
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: 03065bb245ba12ab90903bc081198fdfe45d7d3c6fa3b1f76bde831917376ec2a5b2ac2cf629de6bd3f23025b678ea9cc3bd7801f5510b58432a8bc17999304fec4de7ab9ac22d75897cac67ed57e30d4745588b36695dd005c5
+TAG: 92877bfb09987df366759a1776b758dd9943472b933d5720e4d199002d4f3ffdd527c2cdb16993da7aec2ee53a24f6681c22fdb9f9f69a89704b6356441c6e87930b2ddc47bdc1fa0df00f7490c16e18a095b53288042525f60f0f37be0036f9a7dfa37ed3977456b3d8c4c4b2c47879a4495bbfd6a512fb59a40b20bce316ecc559aa825b4be8dbbc5dbe06fdd074c1f2132e954fb74fc97075e9c5052a0f86bb431f7fd99d62080140e0457f8b5deadb9b2528e61731488f25f0574283a1b30c80b2bfafcf0e4343ceb83dd20d2179a38866780025516e5f8216ab70c158ddfd0ad7a446969cc9f6eaf5c984ce8e9c38fd3b8a007a1c154bb4330fbee4329b8335f4ec4b23
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 0fb9d7ffcc7c9b84f34661d472ae2d4fa25d3d99
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: 04c76011b9c4cc8ff18038d36a8c8b91debc8d0929ec173cfa5450f434308234e6a368f17a04ec0556dcf5ace0efb5ab51956d0daec5c530129aaa78309c3d0a04af17d02b0f91f70a82b2ea03522659f76d1919731ca52747da3d
+TAG: bb70d9741043c7d3d9a3c5f7d2dc1517a91729b54dc8f49291e2201331a24fb24ad212398617237c77de3d6266fd32341893a9c8bb42e60123bf3bd4fd70a065d6f3d0ae98434d8cda789be46a5e5ad05033d18cdadb36e33fca58181909dbd3cc1733dfb4b6dba689a66f19bbadd35f830d6af1edcbedca45b2810cc82ce83d39ef9d6d17aefec9b7199575e8d08df3ecb9a407b41a9c1d851e923072c96c5ffc60d3987ad10f27aab7792a198a17c8bf88c586ab11cee5008ee7ea769c56ff8d644b51059b9b2ddcfaa92d3b3055a4b3921bf95c5c131c2485d869f642cd14cd4eb9b73740534f6c48c63f76c6f1e4dfcdd9dc3c07593ee6032a98aa10e1b7f095c505d2
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: c68fec315401703e49722fe4b39cf28b14e9f50c
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: 5d9af50991ea21f041a766d8d9036073eeb0ac083b8069619ee50c64c661bad73a9e2ca7f8b49ad9df79e47b49ca3c8ea9dc254854f116a49959c91481ba96463521bfdb74902a4b454d2c6af72d130175c33e8764b64bc93955f9f3
+TAG: c3ccb45d8e69eccdb1f058a490d8de92f255953c16f27e21b49e4f29639452ff846aa45394972d895a0fcde901fee45211e835f6e4152de7475075e1e7ed832d45e0407eac1c6a0c88de4a9fb44d961b3be197e45af38a88d1070416c419046f6e43496e6fc1750de734c7773bba9b402dc96683d624117249f3d3f3d87f83a140018afde34dd5980e86e157d632acb7fa5400dd272fe74abe46652eab999b9ac1cb65a4a609f3bf9cf3c8434f9eca0bd440d665e772629c0cc76e0d9009e47f5667c0a0846ebbb1c1b23523262d3225bc23e3513ebed8f67c721cc0886efb251b374ee4e79f60c6fc7bfb81ad9ac88c0a782d3c4bb918cd21ca1f3b8e311f5e48b9e6d738ade59dafd07ca721aed0f6f7f98f1b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 15e1aa5285beab679aaedbf51a86b4aebbe3d7df
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: 182dc2f9f412f305a8fa4813e8c8eb7a41f9708efb516fe3feaa6ae94c89b4437cbdba7c738fb97ef9739ed94d988bd60af5359194d2b5f8a48e3f5482c3be294ae65ce803e21acdee157d436188980be8e58c95a7a5a33e427473d4ba
+TAG: 2751722d2433b908076080c82895c633135bed9c7486d2fec286ea11b279b5029784972d39c8732cb1631841a60e86ad8b17c41e9c0b54ea3dba7b15121532b7d7a7fe8f92e2280481c73590cc38bbec7888932be3d10ab251157ed0335ea1b06a379c4d19d7d860bba5164da684c9d0eeb20e65c0c63a60bf94f65fa4e0f61bb94786271d5ca588093446fd563a6d513d81d590244807ce399f4bbee2f09cd8145634c1ebf06bb408489fa362b06af21a934b1114dd8233c8cb629df7fc5ac619fe2701de7daf7d7295049e1909fda9864fd7cd088316be8dc7770237748de45c3dde6d476d233983392e1a3a96f9c6550d5a7df61e3818492806db44121c277df71b9e1e176e335a68f2811637a9ce17919d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: 8cc0b1164fc844e958e055b7ae43f2f95c29e8c3
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 0990f57d9a7e9b64bcee741e158eb5749e9d7b34d43c6429754689d87fc45daaa618fc62d3dc111e5a1a7a06b2b14c5b0f3e2e463085e80da6ce4a6f7815cbf871376c8c87a36555b8a74e0a14421e1e4d74f7531546369ca81e4585f86b
+TAG: 4e2e000dd4c6c0eac8aeb581fd352c8c8d4033ea944594afdaa87f05ae6be756e46cf27b7ee6eb01e9f4eb50918d2b438fc0d1eaaf7c6add8078a6a9d45be1e813c18b20eef740c85df67de7765974544f5482f9a0012192f3d84b2cf6c01141f6a8040158cf9ba03c5a1b580cfddf0a682955713a4cac6e0d3b6e273db3a91a1b8096f85fbc3c7a67e893885bae3b4c65d03d111da7e199780de379c6ee07a3657ecee397ce0c9d34ee5d39e8fc4a64c86a0d68182ea48b91c76f63011d0f0cdeaba4e1ff6a19686c5223a25a10af0fce79437322c0cab4786fdb4b93e687a1c7154bd294d784169b1bc7cc5c9f3b8bc3e1d8b808b448f926ce8731ab30a33cef85f57053ef081a8948178030a50c247e53
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: b51001b6ff9d27bccf3103a4961280e0a1406257
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: 8d7999ec7a80e528bd6a8d2a9724930c93ee5cbb0c888d9b7c79d2449e638c03f3143f1927a1b261d66ff55bdeb7ff6616da99a2155f465d7c91f54963e7cbda7b61529381204ba43c9681260799ce66fec9b0e9882fc0ab474fd9134adb66
+TAG: e9012cda52183ec3e658c42f819dd986216e84e14eb38a462e3db010070a3056db6b148863afa9af5849e3ae963730f02bcc2b419f9cb37659609dc730008a43c41e87312b546d3b67e1f092001bd8a1b81ea304126801f149b0a37d826e0fac21045be4087f76e3c44a796bb55b6e4565d44cba7a8a48d4ffad797982256e87b95f6599b53f2ad34299d90204acc139d115b66c78a2072c741c43c81bab9dace2c0088b2a5dacd917e75ff0de07ab5febad79eb5e0d03012503110bc0f62e2aedda35c9bed4b7c2131f96a4d0c9ca4d133ee032a787e499c92cd46b33e5bfb7f1d3de52db0c7e2a15232a7c3c064c90bcd23366bf982bfbd9694e92b709a86afa4c4a6eb8d5e9b48a20ef409acec78a8c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: aceed075f31ab159f6610f43ff0a6ed3a359bee1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: c3e61ff897b490847e6539236d2e3b208baca2e83347b7ea2ac714f65a409638e59a5dce5c3a4109e6d6cdb8a232f5f8a2577101f9fb53aa50918f924c1a5361ef98d6672258b4adb37ca5f30d22893dbde262fa9cf72d2913c1901d70a0b7c1
+TAG: a49c692364eda34c22ad3745a4339244b687f596bda16d4ff61c6697996214bffc78fe54bb30321d37f17a7ee146dd33771b9b922b475ed41e55de39f1573683e4c8147a9bc370d6f75882c991073181d3f5eaf31a9cfe0dd205540cf6a2b6c0898b3d1ebe351c7e036e136088fe88a07e2c512fd488dd5dfbaebe10e6627bebb2cccf1e9c985ec9f1924abd91d29f0862403c24496ba6c0535358de379a60adb764fe00f5e09f3487b075713a85452ebc21205279815653b39af6c7d84cb1a10178006c1b4ee3e53028c09ef59817abc2335fa2ee7a56ea18e2cbe533b7d30c80609151b58b3c711314b35d3be3df1cb6d5cddffc316a940cc78ba1734da1c09d1d05c2650ce3a0fbd60bedfef7a83f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 976ca4c9819e25a204a024d05fbe7420f717bc58
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: 1944f256989b6acd7dc7c334d10ce71d9f2980cdb6adb03784061096955a3e10efe7cbf1c0aa1caab97cdeee4d08a8ff34d68e1b53a0df58e79a4c1d5d9b7eadb2430c0b8049b6c43a848fbc5e5feaf16c5ae08da38f973b18e33fde747702b882
+TAG: 6e0c7a079e170b669fd211bd54c2cd2c51bdd5dc84c84e0da6104dd1d5f6e8b27847a4def48c030c515b680a5db67439f300d184d2c8fe18681c7fa25840b80f53ff494fab5e1694a604c1c12b3b113aeff88bc2c5bd31e84cf5474d6429b4cd08241e94a7f4276054fed2f2a0d863eac2671c9af96045447d6422b8789c4674feb8fb27098b5ef613f08573184271899f735af845e6b7ed9dafd4524247178415479fd60da081ae076331df7ea141df29a086b76bbe35dfd4f983e45b2f1316cc27d88c48b87d2934833eeb5bde5df0866e4a9d8894fc275d6677eda6ac6b41a0475aeb9a55ce7d7a04820b581e8565c9d9919685bdf0f163d77ac45a15e4717e2e716e49ddd079f18295bc7a05e7
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: ad8cfe7556704bb1974e94f70d8743d147c5c3b4
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: a850ddac6117f7b13e15c17621fc7c99f2276ed7337cde87ada287814150f8b3f3e8ba7108a1237fa6a9ddcebb07c234660ec93b8279bb4614be85c5973603568e885f5f8ea102d0621b5ba77fc58af4285c15996d6868c520f3e09ec5b6a468cc82
+TAG: bce897e6a5dfbd940ec2c477af3411901f0f2fa9436ff3b4da7354189f097d231b95741788b45e9a56e7ca7a41b265489578bfe8667b1cd64a2ddd765144e770ae13fc2e9ad24575bfb97e0e012869ebfb52a9c7e181e79bc260442d166550435dd5c08b131ed3850f78a2e1df8a1ed026d9310a83f0b8449cf2baec42d7d7e31c4ec56d9d25246b34a479ecf8ab850c65fe8b2a6361fd185c25d6f253f556aa46825c535a4a54b855148e032d3e1ecb8d501802db1eac194a4bf7f3c70f8b8c33cd88d3362476e2080cbb4482fd9453ead6dc62a0dbc0649e41a699c53427ea8ff93fc9f2353356f695642ce7db49fffca401e9c275365dd0a339e3970d5810c5667c234986a65e1ce01e827e27
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: 1dfd9608adabb5a55e12949f1c4bfcd5a77cb703
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: 0cc80c78b73b1bd898c6af38846d32837ed0712ab7cc48b01c6dd831f37237ca7634c90aba35b35da59b60aff8e6b9a622f5a481c98c03fc76c1375e4602e96c08a465f3085ec86b0a8e1ce8757df761400be6510f1cdff60b05bd46271650b9e5d5e4
+TAG: 34a24675223b1e1d363b941da5d1566dc42a61c7c239a6684a497e7ef90a78d29c1aba0a9be91a8cc8a7cd578c77e62db1234da2b913e9500cf81df22cf481ee43f0818be959ec7fe49aeb7be270d227f633f65a003b19060ffe8bdfaaacd2c20ac65b43254252fb2fa8d2264f5664f3fdfaaefe7216c3f8bc6957656d218d5f98f5b377fd675a21d16769c499b82d4fa54be52ef8c96222b83fbe5bd3b456c9d181cfb5ce23639749e9e22dbc3979f07910b83c200c82a3dd449e5ae47486bd7f2cdc26c3beea2d3c490a801bf587e323725be1a76c32396e5c5ea24a9933706260d5aa16c847e00bdc5d96b0b96652a2c73e6141367debc228af6f944bcfd65a9269a7fb8c912c25ae2a6e8c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: ad2b43eee27e6267d8c5c1c3d558a07dcd6b1f5f
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: ad918e7428ca106cf043d6626772cd45ce998f32fea28c3253fd58f0fcc191bb4cd250b5dc6a7b352bb2aaa66601e280576fa60ad8c3aa58742462955fd7f33ddbbb5036128617c1fc3bfdf83100dfdd069042ad1887c2821afbcf822756226c69779d88
+TAG: edae83839ae4bcbcf7da661a302815b024d7576e65ecb70c183411003b1d6c769a13de3444f82c7783ff5593d9983b369833cab8dfc80120e35bc86d3b00c307338163bd5de5863a1f2daee49b4f535ce455b131eba334b7c995dc25640833c6c0a7bac710ce37ae2b85e58179b57218e801c4a7e5dc19cb3c841c11c299a72efd9cdf249e9c4423cfff588895e38e5b2d166344ba53b083da555ae4a1e0278f5b7a557e9aec08ac70da44858306df69ad968c017f8b4c24a0b562be19e1f6416841387ee3cd9c8f7c8b3dd1fecff0609fc77c4d86fb1e387cd1932775e58b928f4022821c0b9dfc43912fe0d0755b2bc2f88682f6b11eaffb6caaab1e295755d1256810ce16d70b306ffd6e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: 3dcddb1e4f49633e7b7bd36f4056d16c53be7f5e
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: 8ef4db8a8444ddd056428a25b718aec0258fe05b5fe8d6d972ca6762875c030fa2b4822cf03e797a53046749e39646c8c6b373a1d77287f4124c19ef758eef75db8e4e03309b3d14e918bfd9499ae5c9e2f3079ab7da8ca7f00ab69d14ad96fdba1c58b813
+TAG: b78d95ae68ef1121b27bf93eb67605bbcbfce1e0293fa37e0de4a959cc0a1a47a374f6727edfa9aa5a330e5c3df90a30d371304258624e8015a2fe7583e362f045087ac9ff6bfdb5371d9fc9d55f7dd91bf0310450c36d33538ad5f6057d0c8a0896217643c4f95ed6c93ec95dc6df838cd43d6f60dc3d48d489922dcb1fadc586dbbef4200a6b1d67d2024493fb4dfdaae7563edb5ae93fa2065d750a10919484fbb1389f93d2f28b62c8c6708122e0abe0ed22ddba815da8bd80393fe274f545e463dfc5f26bdc207f3f056263e799b3c89f9c740748a37b7f28cdfdbd9bc89155e466e9a1830dd6d0a206d27a588c56c3b6dc92d5202dd30ec0a2e1e31a0da1a5ddd9d905204f47cc25
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: 25b982a242f669c013cab1c18da425330090e3cd
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: c107710a85a49250f3a4401fdf07a44f96560ca5e71d6021075b7b6e3ff8fd6f36c652f186dc82c8a21a8a743dcc007e6710214320cb5c5e788f8c5b020e4d0d89ec2fb780c9ea915966b9f9b1e2cb0f26fb6bf1aba6e6501f2571ef1299918d4d2e6b367e22
+TAG: 3e7739cc9f98881f03a99d95250d460497e445cb24b4f8783c0010070484f8f379d74903d9a99f6a621791763af4e8e94ea305642643103b2dc0a0c1342f66154a0b4c4cac63e79d7121a2a44991273a9e1111208b3d9a5b6d11a6a28c83d16c9099d0a0247bf4670717ef0e8e6bd4e48c893ae189cab4f916862a8ebdfc0cb26cc545a9a08f01f8b4ce545914a35924f728c4e914b8cea6588116e9ebf592d4709e0c4efc8f0f8379fb30e35e36bfd68946ada030e35af5ed510a6061471659dd6780c1356c3dee7f69ab449a402456b63abd7e7763b4020db5216f099ef78a2125b42fe508cf94976b8e4e9ed65b38c254818e6aed084c037efabad7bd348e4e16099c7709cfd9116b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: 9d7958e23777ff2472f5a24dea5fc19c151dd921
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: f90604401a507574dcfe5d7c5e0c36c5fa65d9a8f0a25daaa9fe5c50ffb3758f52c9c883c2f85d879f26845a130044d395b58497979cf24a9e18ee1f27d1eac4d0cd994a6338c5755c74419111b2bebed645c3d8b8071a7b5304eab2c33777eda01ce489f4a6d2
+TAG: 8a94c9c05afa552672247d156dfc8d60e9e3e1e9eaee6e58c8fd6c1f9d41bff32571526cf035ef595cb5c5b2d64b2a98bfcadebe5ff66a6a2299af8e00fa27e621217c5ee1542a86ddaf93e293d01f20ba5f9093c1fb7a1b911e659027beceb9518f59d20cc54f958945dd44ec38f73fd475647a008de974e50facab9e6e878e3968249a91b4f71f4f86486d5e3bc2abd6dcc67989f58521ee78214dbd29bb7aca0f601842b1d36833748069e409c58de54f7f6e6f17b9e05127568a1566e70254589675f2802c153bd5106afa59e00ac753fb9c3f67508deb5bcb4e25d47e52852acceabb8e5e955e16c0b4448cd313c73ee2195f185f8869165de7f30a68efcfba1adab85e2eb975
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: 09e9eab51bcb9faaa3bc3e473ff66b06e39653fa
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: ff258ef9f318036586c5ec9e956c10c9423ad3a8a5468527c02bda6878c45398b0c78f3fba4eba3785282b3aa4586d31b238fb941546bdd6e3d918444d45f79b2a5ce3df0e8769a952243cce1f17f736d21e44d8d49449e017e9aa5ea20863a2f6b2f7025de029e1
+TAG: c113b619c1829f799e045047dc1587c35eea2e9b5735e9acffb8d5250acb5340d7e48f261c58f6e1dfa213980d35df3f14938a5d6c20908290444308c31cfc08d07cc3258a5221e3c8d72031ab52ed92cca76a189eef780048623f82af821d521b0489068af4ff2954bd73dbccc6d6d4124760a5c71fbf88435af2ef8eb24197c8d7b23358baa411d87dd4439249fa80b6f00c4a4c500b0b7113151bc4f385233318ccb3bdaf779d41c433b2424bb3651db990f9fa72649d657bb823f0e73fbdf08e6f81aae0552aaf37370f139e85da70fa52422fabd155d567988d1d2b930f89f72725d97c1b1aaa67217c552ba1b6a51cd97bf2ac7017a2a97298c6d86bab809b9b4a7e1776a8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: 7b17b7cb19107af8fc4671420e461060e2ef3e61
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: 5e654ee6344f96fa117a2e1f9cdc08bfaca9c83b1c4d61891e49077c8ae7a8aa604e1b19995b32872087e04a59ed367e42f0ad3998cc2112035b33104164403a948ecf73c516f74adaa57688cee9417456f996847e0c637120478f7d88288b5403f0697c4834e4ea7f
+TAG: 363ea1d1325e86bb389f4c97a844b76e43d76fd4750954352aa52f5cd174c3d902a71a8265fba870b1b0e3a1add011914df362dfbc8f075cb45d2cca5498b48c49f0872f8371bf37e334c33dba4170d101dfebf14a519d37647748d92ccbb24774caf56204c1e7efb4b765b63d5ccedc308ccf06bf614e7695bfbf9e416df526ad21c4fda82cdce18ea647b6f99fd2bfebeafa94e8b9e83fb2d85fcd5f8456ed2e374ac383230dd39c528408e3b53a92a3950883f6eed412c1a5875a5db61b98c089daf3419522fbabcaa33479d4f0140963f1bb788a2471aa0384b44c0c69a4fc46a892f9ec8cca4cf0d048e30eefb1a74f8fecf77a4d61f97e4835a85594d1df3a345f720fca
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 48586ad2eac603c136911b28e2c69f101a8ef371
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: 59201549a3446dcbdf5c3fa8db930606f6e9bd374d8405e15d55493a82035491811f784fd4f0e3bdb6bdd2e01558783a00b32c53d7be31525343a5a2d72921222e32891149f8dd38303ffb584485df15dd4c6917d4d8ce80e1dd5192f30770873895a0219cafbe8dfaaf
+TAG: 30b74b701e2777b537a16fa9b2d3bc9a86d718a4440ac3a0475eb675b352f215a847a286f042285b50764d14ddd3b3088189d7e26b96cdc33856347f3173c7cf4c9696ad560773e65878c4f8db001bf66a9e27e7f42593e9dc3f206e64502b4a11a235d5ff29cfeba3fcff20afac264c691a847a0b6c599bd9f7e4a57179f46b3880fac1b6cdc10444ee5875470d25c8a7bc20196aec1f028aea628092b5ecc973a058f083f4157dd9202d1f6b09c72374ea668041ab18045a383242b5e96ac127f6ff263c15d0a4999f61153ffc5d53bb77ed11b5b8bb3f2071b8ab14d92d161f7e39470913043b316ed3bf9baee35f8594785ff0f99a39b72e918bab81c49ec6c4c4ca459c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: c37456cfc543ba6e5848b9b8f4ac5a58a104b521
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: 54a2f87f11c6597b3013a0de46b61a8fcc28ab021465178138cdd76ef01c2701b3a48ca4d3cc885173bdeb33b7b27f9064d2f09ec187d0c9c482522fb29bb421595589aa69ec2ca4155f503bdb8f0f8d4d2f08531c0deaa386b9adad07e8aaa351e76ab938e435c7eee05b
+TAG: 2b4f8a42097dfe879397a6fdd13c8e2611399c3c53d5cb5c0e41a4a49b99522b127dff5bbcdf4a5c6fa79440e8fecfbe1df30d34df7c3a399cd79164cd39ca50a3bb6ce2b95a46a3f50e47c9041dbf8f39aba1e807f66984619c62499bb5f0bed727c5214efe67ae9863b99daad6b2814484f9e96c3f6aa5a31417624052c69252de37d7f913e5a2715459f945958adef369e59fc7f704ba9d9646870561efd3c1bea0ba785a8a39698d7ccca3e0b6a6dc3b2570650ebaee1e133488b3a227fa97a8580737cb4852ae3e04c11df82816ec4d6bba8f9e63c9c48383466d9d145d27d18358e822af696a8d7c7aa65e2bc7ac32204a8271684e3803347423608666e23e90345c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: fc113d192686652653a15887974eb1f9b8e32248
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: 0f0483dd1e9ef91f215f7f9817b7f82e0b96c0d3b2996b2a1d878d0be3a70c07a4bbbba3721e646405a8a7f44347557d482d7899044af37f6df054070eb4debf7471072af1e4c98dfb3c192e956b2931967d7fdf200b464be1ff1955a658bf86faa659db9fea5c63d26c13af
+TAG: 176eae7a290cdf30272c219178d7a011400870bfb2ff611142d4e16fff9278cc5778770605f8914f09c3509fb6ec23bf5cdca390cf8dc0390502b3ac3026c47c167079f12302b6ea7eae668b6dac95a5541124aba8ecb8de4cac6c21ba17a2423ed4aac69e3292f3f4f031e9f54702c432d514726cf02ed646e0f60ed672b5f212e62aec4e51c8b8fbad3f1689f1b7dd775111695a342a279f7725da6ffa0e5a2ff5550159208bd30d28267c600e6b183dc1f72fbb4fd8013c5b4ec93f19dee5864bd854df3cabd5c813d4e3ec083d55ccdad4a0178e5d6cd262843d6309059033b987e366e66c67a3fcbba86730b5fcb4786989f86ff9b8a7318302123e0d53152a2a82a7cae76a81b017fc0b883ef6f8cca921
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: bb6e5b5be84ee383caac0378cb6f541726ecf61f
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: 978a10e04037ba7f0dec2576efaff6e5e4de5ab80b4b0c0b8a6209e22da05b8be0f832883e371c61c23b5bef969c004bf2a0f0fc8fbf1313078e12af2b3569a98ae5ee76a9bbb6da6806be3356c02dfa607c26094fd876d8f9dcc0395f3fe356b0a51d1f59582a7bdc7da9971e
+TAG: 9b37a729911834f666621a052c9d776f126e500cab45ddae7ad020874d77976af6ec581efd91dbf46ccf346a9dbb3a42d08d23de1cc074788f6887c0b15d98610b19fd2c00752136af3faa32e933518093d667617ae1dfa4e4527779bef7ccc9a1b82d8ddc0eb1d7d9247d0382c6d98ab29f60bc897d28483f1c69fe9b0d37113d237f7b3c3509411058e1c0f36fac6014b6c5937ef005a7fc2e3352da4866384d63c6aac2fdf74cdd16acf782022e4c5f1fa528cd6c977425ab19d800664577b5e5cf0a82e7ba75716c75bdf87eb8c7bdf7346c89d453bcff89ed0b93d9eb1452b72390a799498e31ae691460e5daa8ae3506aab4877cb82e3378874c6c97064b33f969786ed84e81cd1c2e2925b56266ca72
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: a27799fc2e00e7abec4c5939451a834c4606cf7a
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: eded0eef58434338153caefd914cb98ff516157445bfbd25c3c5cbcc0ad68ed1bf049ac292da027acab0310ef08d66040341721524982165cfe7f6dc495f7f5f36cc410470e3b42045b718f580713dac8074b0e76a0345d11c94a9800bb5e5eef1cb8d9ba5818799cd1ef69c4ed1
+TAG: d7459df78edeb89e01ea8d685b5780b94ac339c36750f2d5bc09009c12a22893348bb74f8c38f96451e5204e0d940b9b84c6a89eea61d6a78eff111b806ad4a50c8456d13f79288cd3f3bdde755083dd64d13e1c887d8df5102deb5a23055a02b6cab1021efe6add18d00be8c3afd6f8e80bc539c76003caad47c1cf95085bf48bf9ab6d487ff4cbf5bbbe0f2a2972e6a165a2e5ad230f58fff76fb8ed563b810684daf4b5902ec8cdf2442c323e7c7630129a89432a1795380a949f1113facd9ee148e2d38d4457b508155dba0d8d4812aec13d67050e70e2ff98a1fc1dffa01dcc7eca4349a0b14f2507687314c49b3fe7cdbde2ac840bd8ff7fb7c36a037e7b7de485183fdcfda49a2281645ec1b153ba
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: f30eaff92a640a397f98e6803623e8d1f0c1fea6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: 7c433fc5255dd1e11f67c499c6a89c16b4b09355818cf304f11167bef253dc60c95486a840c3a8f77440f63a5c6a855931a90eea66a281d51d4198679e1420c824ae5c8bc0231444b65b69832b84c7b5ee2fb8484ac08727eb0cba0c14e7e0a9071cb0cdcf73d5d83ce53bba361ee4
+TAG: 2e73871e9d71defb381e4e7d49d5d45880fa3effcb0cfe673ab52805e6273723cdf99557ed9ca838aa2229fe8eeadf7c6d94c91e867ca023fbb2d2835e420a3b026fb5e3915e38a7ac02d43a8c6ba8a149e99abec42967106bff6c80adf9be5c76503c95053c21472b9a338ed4c9c11b161ce83e2d6190f87e4dcf169e945335cc5acd699b983629d0bdc452f678232be0d31b9f231aaf4c3c3df79b1b8b2fd8802df0b71cc5e26b2a5c5c5ff0616bdff6cc7b1f09aff68d5e15dc9d61c1cb6a2c9602eab7794eb77af8bed198fadd854e8f8a47bf6bc11a8f75eec584f1901fbf012d1fafc03604ae49f9585272845677a1cbc27261d5d7fbe9bf1f1c9ea42c61b110cde99a3a602fc9eb6c825656d804
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 7227537c0113a9f46f7d332a0b37ee5303483d00
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: bcdda7eecf3331f4e7605cfd33789ab585318bbd35047755402372403a4df125e7f5bdf857e49a3f74cb8e824576a226c1942fa86de07bbf564cfb384d8420a367963020613dd2f6bd4f371ca1b53532a7015dfdabd07497367aea8db92981418eff6b51eaafe2b6d5b3b4d1b8b95659
+TAG: bea683141d42033e86b38d5e0614716ed53b7db5df93b0aa48b15e0111a46ee93c2971df88fa885f8f32e81222d9bb4b605640395e37e1ba474a17f0df48c488dd5a6051be2323f462cd94f81261289f076d60cf5907cac601e2709dc191a9ac5ef784733140ba8d45edded7e58d7316f92a9bd5aa86d6f8441604261a38359a8cbe57bd95522db7029db058a8b175eddaf8f258f2f479b348451b0786f15336e18077ba23eac377ea367d7e1afc08607ff63be2e613fea2e6097192ab41e40342e36688bad628ec273897c86e75e0b83d0d85fd13e850f29cfbe171a8d1b33b72a344a9e2bf292f0dad2ca754d45651a2067d9fb18c7a1845a9c145d4273ee2197dd0b4da66e88a7425a72fd541a78b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: d76570385cb65d30c3d636ff25c5efeb8d1ea08e
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d03
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: ccecdb03830e84c5267a5b6f68dc909cafe94a1c872602961e8467b4b2723af537d79d723fc4e8f0397fe169186c23f50cf9e78af3156f507bfd38181dffcc05695583863d8a167df062cd16aeec0cc548a7b5e16b148ced8bc2a60a33a583779fef6d7160e0f6c31a03b8a0f1ed8e18e9
+TAG: 5175c37f295f196bcfcaffb35c4cfecd88d1b9c773d3162c96eb74a23722e599ac728ad68e2ac70369e0c6d212826afe93cbbc61abfc309d3f4a6f0d22421e02d711a6c97b6592b561b49ef5f6516367cbd966414d9842eb963c79bd4a8e1550199fc9cbd58b5fa5b898db2244769a950ee62bf915a074d5196732ae69cdaff05266bbc049903f5d7c702633741471bc3f8e44a426d201c5ad5987db33687db05a42778617c253576361fcbeee62707d9119cc76fa0627fcd65df7bdfd26469bd4e0265355cf885e2e515d56307adb91be258befc45ce8b238f6177d24f38ec56f0d64a46124161992a30f8a64355823397012af08f1df378effd1f67fb30796956fcf28b0ff35f618060a955b6311
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 170369666d1f2337b29b5f14af68d47910388e7b
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: 2828ec3db18423dc583c7ac7dc5231da07af1756d7c032a866c64155626be3b3a686a93699023f6e421da24596baf99b45244d07d86a8973450afdb87ff2e9dbab6fcef52cd476f1f25f27f6bb3abf9b406704a14ce9682613125139b238d985ab8f68c17f7b824f279c01d820fb70502dab
+TAG: 6af6f94f0ef92665d286e08fad2845c4c43f985b0cd0f09c6c6b4899c350a1a342f024c3ced7e54bb00b96d0e04c6d484e95b585a687258f4bdd1c00eb1d3f44e959b2dbb1444a292c81c92e3b1a01622fa377a583117bc2e170ea8c033864fe7dc09b7a9b1b5826ac8e38fd5849ac9024bcfb1c587be93b3da485adf297a77ecbec2a88fcd82e7eb952b6d012ec439310f624fd07de7bad33a5a59b72d88cb454d5da32d52012258c8754cc61dae82b26f8d6df7a4ca384ea88a30e12d4b07bc413791cded177d325c03a5a6c532641ca46ba2560cb3072733282305266985bc4afac41b171b28aae50266a00afb5a778e1c481a7799f29ba588ed3ebc65183517a31944921ae3a040731666daf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 7c52593d1d37b0dc380297231c6cb7b64e04c493
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb9
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: b463f7f24871b617a1001d2f73f9eb8fe39b5fe0b382d420af876defd68a893add2eb6cac45e56d669f4ac67a943a3b32daf0932072bd701f9291b5020bfa9133d2875d8f6ee78ce8c49d45b80329831799f1eee8c712683300e49c57dc8c1ad0b07465184483d669b04c183976289e3ad6070
+TAG: 2e8b0999a7792a9cfe5148a8730e28ef92557e1b5d9c318d27d12fb1356fa0dff3467e865c530d4f20fdb765f7ec7e56b7ba28fb49309bdddb413182b07670cba711d6e5e3c086b4e4211f0f19666590bdc9a121e1430f6b0c64c07eff2d81e47a02d375fa46bf8d6fb8708f3a247287b595be7aa19414e3d2d39785a0bc8ef46b547bd4805a8460fdab65d81866dbc496581ec548c51f601e13289fcf3e45f1bb4a7777f9a9243282681aa1c746fac4a8433e1f477950eea76c24d318e95f0586eb5d21a16f8b2b58a14c4780eea922b97de4b1ea292f842c662534bea84213924e837cb546c26f3bc9951eca7593f4f01e3e6360cb14248d127a08d5e0b77f438479035769e0e12c856bf3bb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 09a1659100052d13bebb4defd7f54f975a58ae2b
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: adfffd8a654da994aa8adb618cf69b25ad5dff201cd3a84314796e0228ae3e01be77cd8052e950fd74e3d8fb0066705874a7319dda8bee7bf7748ad844a70b1ee0d774a6156fef109dba8346a68b48458728ebde458e5bd777a26291f98cafb175864fee2d335fe5a38f1738df9a5aeb13f25442
+TAG: 0562ed87899d06eef5f3a7680c110360e5338af0b78416497e18291d4e8a75a219942acedc7d1493a15f6d35d1d8cd27b2bb26bcfd58dab2c747b4498ce1e56568226987124448509a7852588acf2dae587f0d13ca2ba54c50ea37c10e6c525b04caf0aa519662f258dee7fdbf17568ecb924c0f26701dad0952d3a57a8188d046439d7e35d73adbb39559adef95017029a9f6392d7282a1c84eae663d840184da4bbcbcf9c262d69ed2a7743aee175150e03bd3e6c38a8a1a762614ba2fbbb631ef56ffe3746dc95d9a15eae1f4f88e3180569e73b25b8eeb8474ec8dee041cdfcca5219514c5125395d83de633bf5bb05e4771e7a583f4e6a6d20af36235090454f8acab43984fda3f5740
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 230c3353ccbd95e4f0acbbb0073053a0186f833d
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: 985481677ae867b2427182edf3de86d7b9956a4970b107ca7e01e90ee7cb02c6b9a46212e1b8ce67e7aca5e2d96272c2f412b5f16a7c1d00fe597f1390c3a686724c4846c78ae66b26ded18adb40f0d74c33a68032b97d440104cb7acc755ad7383c16013ec7fc519b293e4c624b132f91c44202c7
+TAG: 62eaabaa53e386ce7d064c718e4761d14092263af3027efcf5c343ab46e1133d3131dc3cd7dd6b8b8d9ae6ca172fc10f5887dafb169aab9f0e7eda4a5b3436750ccf47f2e3e9965b46f3dfedcf38d61dff3cea927bb3ee8509d6a4288f2879d04095eab6b9e154d0e22da31cb51638ae978a0c5cfdac346ab551d359fdbe9aa34e9ceb15051d7e04e9788240a030c0ab7c19d00f32da1df539f08d158f34a1e3fa6ee8d10ec0d99675a3465c889fe2b6631ff2765a6b83f594315768fdb30c27d2747a6e9d4c5724a5e93704a1851d606dfe97150667309b27503b09c85d86ecd83caf1ec456ac19b7fa273af74714611b3e9a3359354c7b983d700775930bd90a629d88a3cf7cf17f5058
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 701e141608e71005d32dd1e29cd068aea736c9dd
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: a06030a844e38f9e049bcf318b10e1cd2db6b60a2611cf9788f0c1fb31a366d2038b3a1692865b926196594850807895523a851a993b77e49c911f840f28aaa42b4f427eead4e2a578d57b101bb4795aedcffc58212e0eaecadf503e3b208eeb72d53072caa44677d6667a0d22639db7aebc2f70ebb6
+TAG: fabbfe986fa42c58408b2f008c7fed482ae568cb39c938aa531e49a85ee71fced2cdd2ebe97a35295977ccef50433b41c511d424a47274599f3f2a28678a4936c1382d6a9f5d41b4266ded97a2fb11ce4e4df03f9e976675b9b35eafbbb399eb86a79a8023de822f8c0d83da5516766f141f83d8075a77e7c55e987cd181f02d8d6f7c90775bace579d25fa1a969e4dec07a5ddbef63c67b6d76bff54dbc7fb87f8af639c392a8a32bee35255e24cc63cea90445ddbbb75e4c594d6d1441e198720c2fb7674822e52d0298fe24c6e1602fec34038e62a55cdfb5d3fe6479fe6b02b5fe648792636e03213e402f02e2a3cad928996e4b1d2fecbd97ec5ebac5ea2f9c4989599648b0577a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 9aaf96b472ea76fd9ff4adf56dab5fe0400d18d6
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: d934f61f94d2b0aef2b63668352d2af2db2e225d0c8dd86b8d7c901de7425dca2a0d2f3bae9dbaef4946d18ebc2d9f4cff5c268cfc80b89c35f7b1a3de12173f9377a7ad9b33751fc89390cea9b44e80423702a9848c6d2562d24838e3b0511b81a737a4b65fac394da45f62f1f3b2bfaf0b4f3f0c5ca5
+TAG: da6ed936480fd159c32347d94a17ae7bf9344d4bdb1bc0921d85456e9b48a2e2c24769bdda1cd6bed0b44e980873ec3c79b4346849366ca6d6a77e8b1091c6657a009691733da37706c0f480244ec0c7839648cd0eb63a28eaacdc8b60b1ab59f7d83bd142419a5a548df23f019e560c0c9a307b4c2498f69386eb13d4dcc64ca77c8f5f7c4b6e0c18a058eac72426ed4d541477e3a036b9a450af234670c94a4ceb7cd19c9ae113477431fc2ea30738a95c5753a4b8de9e0e4e1a0f7d52f67b2957a39ff1c6eef88bac3b927ab004d64f3522e0db7e80d27309b864996aa2bafe615139732cd492608cc128295132a4f40a70f8bfbb5b18b2fa45c55c87db39872bc5c1e3300f446f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: ac6871d354eac507556770d8b6bf10b5240273ed
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: 413d2c3fbc77845409ad66cc13432824ae4ae109379a9617e8b93d4f9b17fe0d0450476c3f98c229bf35e86fa792dceb4b3864761dd442c294e43b1cafe1fe086cd1ca5e1572fe2b3753c20a74b663b536f6e686d9765bafb10566f2b5cf02ee24e3dc69cb2be9392c991848b840418835603bdd83b2cf0f
+TAG: 5df250368694b1d3b11119d8c787df534fe4526eb31af32c9289b0eaa4e9455b5cd4a44c13a335857f67fd2662317e086c1a299d794830ca08ca99df1aa79c8f49589dab551cc6269129b731e4d560c7e330fea2aeb5f06eab87738bccaae53b9661a78f3f08986f454519097a6c43837931a56caafd581ae52343dcb71b98ee0b36cb7037a1eac81f308f292eca92ff2c13c3b807aadaffc832f43ed98c0cab6174639b1ec48f3e8e3736f7a20069aaddc2414f1edffba78bbbc04babfe6d6f1a5ae8f77931f78974edb257d2ea6d5440bd7c8f8283ac0e362e1959bc35bca6f257da511f456466be60ff7451887e5ff221f30547e586cc76e7bf76dade793565d733e5705bfcf5
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 050258d6ad6bec54f8bc48c7ba2d669d6416c11e
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: fca448fd13c6877aa9fc299953dc631df8024cebe774bb14839821b05485c4a8f1345697b072342343f6a5479d99d5ba0ab29db7760b1e21b37969333473e6fd16bcc5b52e1d6472fee31034d515f66439f092341036a48d637ec84d22af8d1848843aa33e3b2059f7f90a0db47dc41d8af3b5cd76f4b36ec3
+TAG: 3071b853c877cc72cbec5c249fe76736e87793118f0890200b64cc9b91e26448b327dd87eb314c4c074af49091051b69122a2d13b8a7fc0b15a87e7e26b791ab3a74e399d429ef4e6ed69f2036e91909b11075ef19c6554f21b5b9b90fe20c9c633f71c666519774baaa12d8f819ddddbb592a99689ba34c44e59792da3d7750f4cfbfdad6e295a73ada8957eb9a7f7bbb4e8f82d4647bd41d5ca2a51cee58be3fcaf307382efec054d880b5866a38aa0dcc72911c9e9ff902ca3743873618b2b35c45cb32e496ac7c8c69c1818583ea5016a57f6e912859b1b1a22bd701113e6cbaac2a935a94cc3fa0b9d4c23ee573b0054eebaa3414c936aee6bd9782385d690c1eb570c5ed
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 70060f86c76e53512933c09deb5872eb23efad67
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d617
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: 8c5849a917c328d68cdf4fc279b29efb0c3c1921621276ca19206c9941a5789b0aba7283e743f94a6e4142f7febc9ad35df30daffeaa5cd0cffe0fa2e4cd5ceb687def585b2634774a01a3f00ce2ca9951fb910b4386bd0d61d1e292b2b225ac55000fdce10131ba163c97f810a2b350fc8a59348253549e0cbd
+TAG: 5beab8f1449d50a6e4a1a747fc2b9864cad962480673db6451ef7aa42b42e7f0edc3748a71df8ddb33d6f9bcc9024c7170bd7a5b81577f9594a87d90fe96a50a62d31c01368173aadd7dda6f7d4c413773649fa7e5aa0c3cbd0fc760666ce5d5ec5e4209c4eda0a8ba0d66e83ed3337067d8ecfb81d3d1c1bed7eceea2582f276c43fc15d5c2bf9d2558d3c3f4d8cdb8953d28b0221c70330c346640f1ea1acccba27466cc0ec3c14729a78f62c7537b1ca5e9f9bc74c4571be9b67f04533b1f8fa2f9232c216ecd81bd120197b558b2733d3d9bab706f67670327465722b2be2c6e3f2ee507620dce326f28400857cc28c697c9b10df0d093965c21ebc42f34d71963ca85db
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 58286fe273bf572a76a2725933dd969777c303c1
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: d0076d9cc2f829a33a0b1972f6c0d8c67718a7593975798e0667135db3ce31b4d9bea98710909313a4a2af88bae720963ee738f26bde44b54dd5820992569e5d2eea000baf5de9e0f76dc8e0b93244a8474beb7e922a5f30a5b5977611594af25ed35aab12a61de68f215d73173fd38f586b8c509459a5f7587d43
+TAG: d8ffaeef22eb2181a48da72bbf57ba4562e3a1ebf9cd2a872f155fbadeb78c47e64ac6419fa1a9b1ce5a8e78e60ed1f8dcf02535613b959448f754b70d7159d2dd4814122b35418d4e554992b4789e04f018234c91de44b9de80f7ab406fb6fda6f086fc6b91ace53dffe012d703e71861d0b3ecab86a287a76857781254de544985ac5b11bedf29138500598f757ae295d8577ae7e597e9cd915d15124c7f1d9786f9666bc4b69eaa18e28227d87bdc8935e537d12360b53746ad0d7834ad830aa5307f69c3e4ff6e37ee6ba8937f75723ae4f64c2a04949b0db60c979fec6f485dd0cf14cacf5e8d0e624d9a8578e4028b8076a9cee1e5a0ba5b96e9f0f6e6ef98ae84a0
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: ae701e5c8672dfaf728bf0f43f5e5247ea9ac13a
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e78
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: 298f670117678bd139c60399dcab68bb0414829b458c747b0dda5dbd67f95fa393bfd2719f815a12a2b7c6b3e769b61ddb4651970b30451cee6166545d8e4c4554c8217898186dc02684c5025ee692e12130ab41ce75d79a4ba1a4dd02e0af581a645979c1a3c8c12f5b13e9c1113316eb31b8096b4eff1bf3f7ca10
+TAG: ee9c1cae63b819ff804cc5a34d59d17a76539b7850d5164ae8ab252633acc10145c2c71b1a10b0a87cf2db361c6aeeae533201457c5952feb347f739b3c236845a887fd0974b052a4e71cffaaddd1f00c64c47251ae446a5875e1e1854ca2c032b4e01dc995f35d901b60d042aabcaad3c08cbfd12567cc789408b6710d81b6b7c6067e02f263763d74bc039e0430bc1f3b4c01f95f54492a9c5b81b8d279266b378bccc9073bf1f1db1ddd964f9b6b7ac8771ffbb55d1ff9d973cff3d4eeffa277427e0cc41a4457ad6c2f035b1c0f93880aca55888cadabcccfc9dcf53dc3924a4c03a5a7bf8416bba76d8a362893193811ddcb02b0a9ccf2ffb6902d7e0c434cc489d720487f4664d60f210433b8f71d98666
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 4f498d0aa9205160827626ef80c163275eca1f78
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: f72c519566632f89513f3f278407845ff8096a5b63929f0ea6009c3cae0dbd853662c4017ee5729eab92f2c475f0a45533de67d4b941d4b16c1964986d8f4a16cc12f02c28442ddf5790f321b3942cb65964587f3fe55ab28064c52ce3d3598d3431788ed2c26fe1b196abfd35afa0f7c8206a6bc71d61cc4e1a086c4c
+TAG: f8c75274342950e4893ca3b0e9fe95fa51343c628e1f04d9dd19ed928ef7af0a106b6bc6b70d0ebf552c0acc51b5af94dbb9f4fca444ed4eefff63e4746af9852d727d4465695b1113eda1becabbc56e2860b55b986d6122b93bb822865ab8bbf1409aef68cbe720befe0ebc6dbb639b3be391a161c2d9ed65a2898b3ea7cd993827aa8f2c60dd0d9e926cbffd8bbf6ac43fdbb61ff0024cdb9e668bd9980a39530a526c3c9cbbe1e4f46ae3e8229bc5e7c8b91855eae7a2aaa1b827d8b99ed19843aafb76cd361259c29dba7a02dfb40d9bd2d580aa12a6951f0f53ad5b283443c5bb8b4c9fcf569b30830d1844860256c18d753a8d80d1d0e8656623b1a06700fc513a7099590aa566d48eb6c078c4472d4f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 8c043825b2a3764e8a0cc35a011696fb3ed03c2b
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: bc6acdf0943ba34efbf9eb27fe9e968f23bc1d4f1eff7f86e836621422e7ad8e1adc03249475b6be8ec5d3e96e167af7e6b85ac87b5da2364b1e0d87d5c49d43ddea8e9b796580fc4fea7774f8210e4ec424aa029717937bf76b148e8af72e8badcc3f12dd259fd4dd9a325d81cfc7a193fb756b5d140fb703aaa6d71496
+TAG: cdbcd83191a554bf922180902fd060fcc63a8dc39a90ccbca9fbfeefe9a09a9da72c8782f6d3ccd9e2b5a80816eb5bb6919580a8ec186b8b1e388a561b6c931b22dfe62544456f7344f4c18c4823f167b2ebb8a93e3edb8181f358e66db5a3966eae5e893e76b16e8bd5da922720f754bdb6edf3496b62d79b14f00f24c1b30ec6ea16d88cac2b336f2bd057e68d6075907de3c9e7434da017d8bc5348ad79ec14182e07fc70f4e33ca2aaa2216d29aaf4dffb583c1b5159eedd66a2515127c3db358c1ccd89da4cefaf75a6eb5a8a80396ffcef783973f552645885e20b91dc0cf4485e94d943ea4bff3704a4bd2e23388090fb7ff707cf80b0c71f6d4560b3be71edab2e0b8d5ded1998f3b1df51225495
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: f3a432271c9be858725fd024071c4f479ca9a971
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b7
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: 0e87c57c18fdc439c968a9dab086c88271be6dd00843879ae1563e4ed03d69f9fa09a29c1bf99b1c859323eb8452acb2f808f051669bb5e097e23b947369b5a0577157995d729a75ae7a65e293acace3124a8aec53328439e5f2103fc3a236728682fc129a5b0e203bd730303fdd23962d6ea7a35aae3691f6721dafdf18fa
+TAG: d7453e8aea805b4c95ed51f1033b386cfd74fef1c205d51fe351ec3b1a3bb2e2b7debd8b20c688f4c516a61fbaa690eb635fe2974a71f45d1b4e2fdf3be4724c3eacadbc6d295ea9b6f53c249783f35898ee4818a67ce5b002f17a48199c779b17482ddf5448b6186cd979dea3d9c7b0ae3f106c4b90c960dd8899a67e9f18767b49497519c86c0b391098192299e4f85862d150bb3e439f05fc9f937c888c4f40684c25018fae0c6fedee92fc0035d073f3704f61d93e7e321a19512561676a216127e6a716d1f5ea43b67dcfaa1ffde7380c066efdc8acba10f2e790d4839419dbed3d89634ae785f7aa3ace1fa1720757066f4b75b883c0ed592b8cba79a400d5e442e23716a7a13c252a7ce156e219
 TAG_LEN: 20
 NO_SEAL: 01
 

crypto/cipher_extra/test/aes_128_cbc_sha1_tls_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 20
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: c6105cc86e18eb8376c16ea37693db5c07b77137
-KEY: 8503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
-NONCE: c55b436965aabe477e0cdd46be99371e
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c748
-AD: 1df3f4183aa23fd8d7efd8
-CT: 7265eea4b391d880c6bc72d3282f663e5551c0a71ca35898047362694ee8f2710974350a2a38a13b0434d312
-TAG: ead153f0c9488b88357e81187178465d2416ca97dbf7460c9519ed9957d9e74e62950447e49dd233e9c504876a90fa79273e597ed751da4f32a2c60cecbfb6641ca2e8938774cbc324affa9bb027d219730d57ca1981e87d0dcd0551618493f79ff8c0366383e0698a009bd976c63f089a8b901b5a08fabf0d3f798c349743634d5dd35a2195cf0b74b67d36d65be1aa920831906acbc57cd880964ec948e9c11614104721efb62a47600ee968418b1d197c3ce6ba6246d5ac1f07819f67c2cb3ca5162aedd354e2314d65d5e863964db421846da7603b9f11c503966834ed501885763da3e89a59f89f1e31f78111324b79637dd3b6aeeb71ccf2557f9725b86dd13088ce257cd6ea71706ff8ec9036f56d76c4
+# Test with maximal padding (0 mod 64).
+# DIGEST: ceb2d295bd0efd37c6c34dab1854c80e986174fc
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+NONCE: 997deafd64b1fc65de39f4f03541a11b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: 2840fb36bc8e03c59de49315bd8a6e091f41fb020cdb174ed0ab84fab8f94c14e840fd37fc13f48490c2d2ffd4efeb4da8d98840f6ee5af812bcbbeeb7f2992b
+TAG: a767b9c80eb4ab9270c0c08d6adc1bf56245929a79a4511a8a4ccd2c996611a0154c8101217b46b049331d3109a42093f223a8224e11fcecee906b2ef52e5650da0498e3f832101b7ef66fdbcef302f362e570e5e42d5dbc33d0d662913c78a8caf3a9e2e22949cf6d212efee4d9dc8d03fd6a00d41f3073c4b73149e8bf05d23b2dd88aab1c87ac948a3f96be79c52efe9488ceb9a1c5511b441a6ba4204beaf339539ff9b4443000b5b7c00261c663be3087c395ee448e724d1cfcbe10e15ccddcf50378fef972fa3aca38fdb1d131f1bc7ce166f4476a008883292f8422cc668e1c8e0cd53cb25a64324d187b14143563d8d1af9371602a068da959c587cd6a383d1ffc74190c0499b2d71390cdcf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: a07054c760cc66fc704edf950201005031f3faac
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+NONCE: 7deafd64b1fc65de39f4f03541a11be1
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: 2e7e6cd84e03e35d8977c9e1d4ce6784c4db3a87fa1b82e6f781e284e0d3914eb56acdde0374eed6283cc10e1f329821fefbf888dfc8fb42fa574cb64df6d88d2d
+TAG: 80503493bfa3c2cd3817bb145fc579ebe050bf0e6310a29c9e1a7e98371833a25bea5c82bb6128cba6e27e7e796b49b49cd55ad123f90aade4d76a636104e5a4f6fc9c92997c0706d709145b208523c0c890394fcec38507fa0bad3d24fdc921416501e5c9b6964db81572bb933b67c4b5bb2070ad5068069592d35902ab93bad8d5121fe15bbb2bd27ad946a21f2ecd7e95c7f4c63ddd00589ac304d638307e798d9a55bfde231f5bd8a8f89cfae591b0234662647c3b42278f4157c4fb44fcc51862bbb2f03273f680d6dccee49b51bb4b881e5a1768dbc537e67073b796047fbce6f90eb54776d9f0237978f129af7efd4a3f380547e883d9976b38819acf9e0411769fc6898eaeca53f5def25f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: d059c266cf6233af730b7a229b19356a4c6fcf06
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+NONCE: eafd64b1fc65de39f4f03541a11be112
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: be77b79780ae8ccda54d5f995f7c1beee8ac61735285e34d9dd137058555e723daeafe392773f428ec528a14c2f52a86365c4929d98d4504c669db1d984e2f84f7bf
+TAG: 24836360777dbacbbcea10d08e3d975a0bd32669871000178d167a1e40a6723b7c47ebd32e5df52cc4e0ee5459b355f285a0a93bd9fd016642221a335a2f09a4635f71d8575bdd081caa14b083aed01444df63e5cb01377b8a3ac31006c92621a894b71d50c85964234a5aae094a931e5456416236001f46d771767aee47f6b7c3493fc10b9f392dd629852623c1ff6f1e7dd3346d1aabd132301fa16ce88017fe3ca394d1c685942f1ed7b37f84a25682142b02ce138ae9b21c85db410cc3c266f6a490ffdaa0ce95e8b1f2da7f6e6ddda2d4570dc5619605fca903e47eb62d7419dfe49f354ac18762abbdfe5431a863b6f7371731ebb09ab41aba79e41be8603060fe921e4dc8b7f422392640
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 8aac0687e33041fcc18da154b41f20a6af2bfb28
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+NONCE: fd64b1fc65de39f4f03541a11be112a7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: 82aba2e22933737ef55346865375b574f24066eabe39fb800ec790df3ad05f85a760332e8a1d45e7b0c2d969ac5689505510fe035db4ac1c5a8a01a6f6ac00ad3d8344
+TAG: 090114b0a31c301edc2bed8e25298d4f913558ce3f6f607b0fce5f9e7b1c953601ce9890f0d8e8d6a71c5ccc4e0aab08942628d21f467bfbfc4996863e8fd296b7ce153568999980ac2980ca68b16c0b2edfe5efcfff121a7e4dfc8dd9387442c4847f7c572f668aa990334dc50a54480f673c338f1ea9c81cfb9d482f6e4ae163e412108ad5775aefe89173229efd58a0f56b411008f87e3aa307413779538057f5d846a1586920b1448b4fda27b65647b946bd5b7950a5e3e37ccca55b359b4726e26fc3d168a9e8bef56c1a61fcb2b55cca61bac0123190572c939584ffae1e913b82bbd8057f302a900d2a1a7ed1ab4a1b7c8c5cd56fc472d69d013bb897ea3d72d299da0df5fcc7a745dc
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 53658226c112b86438dd27b58a71f9e36fc73c1e
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+NONCE: 64b1fc65de39f4f03541a11be112a729
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: 3eceac2e338b4dfd9f4840d77db69ed23ee286b522cd4a324b04b1865cc772914c8d84abbf0db1a3a2d15401759b18d6fb3b7020cca1e31d136fb97b26bc772baf5a363c
+TAG: 1b6a98c7f9b8c5c560add0eb46d2d7559ebce0894b876f0de8ec37031df30667cc3ea54a4e71d8bcfe575d6044d9f70852fcf9a1a6756643e28944b59856ed1ce9958045eae0aa64bba55b64aac0cacded741293262550b085b4cb143d8bb8f7061eda2911c86e1afce94a8afb4db1060c2da1e9bb0ca8747d71b706134e44bb7e4b73518ca9201d610860961a53438d6efb51031a1ba0fa9b437b8a3aebc0479bace7843b319c02b4987490bed351be2eced028a2d0c97a1e30ccbd820f4b3f669e33b74c1b550a8d9782b9ec7fa45b24dcd5b6788895d6246a4cdfb015c605741047c1d2323e207a8a622e55b6a19401bb67de62154392edb28ab3cdfbb2ae2f21c3181ee8033130e95e05
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 6b7d5268b0b5037afb5be5af6a0ceb34e7656ac4
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+NONCE: b1fc65de39f4f03541a11be112a72933
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 5cfcf9e4dbe1a74e748665bf393c6fe93807ea36556590a1f2814c2b445988c1f6c2815f6b1f0fecae452d1bb89a055bc6f85bea11d99d0b0c62db8a81e3f0f3a557c208cd
+TAG: 8e73adba964c6868bb3da63b0d528a22eea8bfb4be0b1030070436f5c442649857c9c4a32759c5071d7d741692368497a978b5668b912cdfb0c404e514411ff111ea9f1224cb4a9256dc57a8a4677fe576b554cf6e4f975ac3a81eefcaa0bb68ac5bb26b1bf54bf034a50a1b3265e0baa8a900f048246c7ea825234732c3f5b34c4ddc0adc46178d0adbd9a524502061ad4c6df62dcd8f8851f270dc452be39021d5f054b7aa35f5235739894c659bc06333d0e564c38521d820dd7cb0dbb8a018543ebe7799cbd674a14821a6f92d776aed736fb4ce19ffe6ad5b456c09cc597443ae1bb41be9ea0213edfc1339636facbfdf56a8944cc548fd35fd5fa4a7b8cfbce736c6c96465326a49
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 63efe7af502231420ed5aecce9a28446b257828d
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+NONCE: fc65de39f4f03541a11be112a72933c7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: b2e315ef97a1b89b4625715c61946446fe1bf27aa60e65d0ad9849f71ec53ccbee951d3628efe2795949f88795b354df0ec68b21cd699cdd0f92f31f3d6013a4c1116165b4f5
+TAG: 4e9eb0387d9121ea239b27016805f35c09c90904d9becd9ce23d77233e8b68c86e17f92ac31794be17386e5fe2f40e83147a7dea38bee4b9776fb4a4da85408b80ea7718d542a47e7e5d7db38c18560dbc37d49f4fae2e013c4b89ab59f2a529b389e2ce5b2c9f0883df472fb9ac58bc5e27dc21938344195de25f1e3c015b68e6c6f6111e037010a075e78e852f9b0b8e568359ba22eddd71714403309987ed20e381b8ff67f5fd5d9e8ce77b1517da2cd4c2909f83fe70b65af0ba8dfff1e0860ccd217a19a96d94ef3cfbe1214e204d4eab8045f97aaeae0946b455e01099513c5a763596c7495de135bd2ea2b9c01e7fcc5daa0e88bcb45ce5bd044dc300a281b2bfd18f6090f7eb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: 1a555c300a1d1bd5b03cdd6bf2a678621624eb05
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+NONCE: 65de39f4f03541a11be112a72933c7b5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: 8221477092da15c94ec15f34ef2d540c87ab24236ee4d97ed3543f49f2daec059be7c0f157f2d869bae0bd4b9d214bd40ed01484c28019d6349cac27db29050831e5974b5426a9
+TAG: 9f10a7816f0b558aaed826c53d63677dc443bd48fe1faf9d8e8542db0b3959d6754d0771ce1a23d67561626c7c521401c0a8882656ded33ace7965f5978bfa1c960ed9eb3831f45d28a4fb0ea44cbd9118f39eddbe3c56886bb4bd6593e13f2bf641e88adccaf76ab0356cb77654a1b27597b1b5fbbbf15b6c7673d92aa7073745721a299797b77c5b205ee44da405d634f971abf26bd7cffb21cd6f952eec7bc214d6ee0a31622c78259ba14072536751b87b968cc5e6ecb21d1b64c53f7ac24dd9344c2a03dbea3c5704bd283a8d28eb2ba5e4dc1b16a0edd6f4cb76aaf746b1a987d58ed73eb2b266a148ddbc033bd45712a3101f7b536d2d902b7e124e199442b149e3b603f199
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: de9156349b578f2f44945ec6a676a67a829daea1
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+NONCE: de39f4f03541a11be112a72933c7b54e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 8a9f0d731d72929136ed9e6993cbb28013b336540f602c7203e6a38391dc07c8c3ce5b4ca62df582dea366c4b0b5aaabcf1959a7f0bc92047023c72225f5c071a588d95774f2e2c1
+TAG: 84d60af507164a4f4958b6aed0525028918bba60b4affc1afea92c0ef485679506ffdf649b0d9bcefcfb8f1503b2e48937a3e732785d85b11a524363a55fc994e756148a3b7b2772881aaceee2ffeb0f18bd85feb215fc8352dc76d8ab5255d56db5e9f10c42b4a3447321d459ed20e536062a33e6cc598a61b905bcd579e6d68cbdfb94c3b100e05bc0009b9841fca15d909de6897276f9177cce5b049c45954b7cddb7610127c9dd40a61bd8e47b7a165940ef3084a0b523955741414a12d34aed68db231db939b1417069516333b2c0c57e843f098a55e375639ebd2acf658de1f385a1e29c5eb9efe14c16e29488a32bbfd127592c7c45807f2b3e8f57144b9cf60130592b62
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: 12812df3aa7f3bbc899f6f248f5590e02570c292
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+NONCE: 39f4f03541a11be112a72933c7b54ed4
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: e3af374fb6f33c64fc2e4cc1e1b635bbe890f02359b6adb2a747beda433e003e30e1803f2169ff6abc81ff8095601cdff7aebae5fd8fc012387a70dd7db18e7eb79f87fcc1821ffdf6
+TAG: 4f9730c5eeb9cb32e005afc571d2ed5b2de38670704f854c838d00584becf8583ee7e79d9609bb73abb70bd01ab228bcf6070ee1c1c97d4f6003f6a3ccb4b8af43dfb37bbeb707e1efa51b0447e6b31e82a3fecaacad99014a8d502c3db8a36665f85d62938de6ffe30c4749535bb124129caa1fa465d04c1005e64f7f4397607b4e6fc31b9c34961b7276185fc3211eda045c06a28aec0a1e0a0e2f1f6829a1ab372d0bedd711158696b062b9dcfbff4925dca71d4ad7f7c610d40bfc6e7d04f4990d6efdd059679c7137b5f5d28c9784fca307e2e1df33dfec10a242379ff30984c62c201738edd60007c9d56557692e8f73e5d0c83059d568312b3504de9691ad3d9b30a4a2
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: f3c89f21c327fca4aa400fabea9e39780378e901
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+NONCE: f4f03541a11be112a72933c7b54ed4fa
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: 98b22a9119610480bdfc5cb6e2a950ccac8741690574730b87fbeb113d5daac699c333ff21efd0e73d2252e95f64dd2699b940b490259cb5fd698756713c0e53ff69a733ea13587cbcb6
+TAG: 63600a3d7fe8a782af7af230da63bc84dd993bcffaa5f76e5f63ef56407d0412b831dab138d117fbc081139cc49946a7631f488c11946c10530806ce7a781baa3bd072300a5cdf8aaa3b2657ea3732c1e24271c447e6d7f6a2afa0bef27aada30585c33479debc10cb72febb181c7f5f77490b339285bfbb0bf07c545ed5a0f3f183fefdc7138e330095636956328ab85a201e3cd6a2edc573d75327bdf615ffc8e6fd5e133558b831e24b67751098320e9afdfe7c7ef4598c29563113052c568263612fdc3c48d8e9a8a407bc2918ede467636dc0185d9423e9eaefef4126247012d5f1930c56dd9dd7c34d397f388e4f741953d76bb1eec911079936a8dfc584fb5b7c84e4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: e8e41988fad6c8b44c56544964cfe0a347b35b1e
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+NONCE: f03541a11be112a72933c7b54ed4fad0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: 8795d6c225aa78fccaaff86101641081f4a440969633ca8d7830ffb14f629fa34dc4c15e8ff20a8940c7a484ee94503372e658615eb3fc07c2d2c399ae9ad7a77d684512d0ca273f77fcfe
+TAG: 534574a93db9658b653cd395e981cd4a8992e817ba058f692c5f0c1682745097ed441781afe30827bcaa29d061e2d1554a949cf7b62077b768bc1ca8679618a5d2b32c0b7e735db6a27fd762a60aa19e60a60a9edb02f20e3e99fd4653732525a0c8d8042bd3ba5387f93a7e0da483173b3abcd3ff876badd75b81741abfe2baf21be1006d1cb85bc543ddc7493f8faf4e27619686ba324cf651a16e7ffc23ae7786eb8823300a5c65982228aecde99f53d43f86d9ec0d326eb3ece9f6cf1c6bf92d1599c5f9c391e9ba189195665d3018c38207717502bb60e020773618df614bb4e0309fa0809ab215f68f0d9d46c28950d3edad6c4f71dd5af9d03dfa39ae62482601ff
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: d1c7b2c04dc25fe7b742a1d659aec20e1475ee4f
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+NONCE: 3541a11be112a72933c7b54ed4fad0be
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: 694868cf990a1b8ef42fcb2b45cabf1bd78eee4b429c11b27a827762b9c319bc54a2b2c8eb2ac85063ef8ac7da8bc35b16c0a98822981dc9b246381780da7833eb718bc8518e2b176656ff5c
+TAG: ca1dc8a003fd389a1eb1cfa4bf9746cdf45c548f8e52e0bb0dd456c1369686e0975fada75cd8fb261a01828fa1375941dcd8c718f82d6b64222dfbf7143ce980f3936b78e525c961b7d72d5d68127d0f98de541853ae36408ac489c5629c82f00a44dbdc89d665f94fb391c4a0618f31df9bcf39a07325b600265daaf53c2762396f9f6e83fb4f545aefaaeb447d4162ad401e1da2ec090d78d7b354d80fa975dcea9b897fc0f16681cd9a1aedc78cdcbf26249e18132e518b75849af55de38562ac32c50819a35156706510688f3a81e13e3bd5f61a0c2a8655c251f4732258c3cf34694be21caad599996c9a13303be173f916e90f606dfe1640bcf35e892eab6ca70f59ca019d27c58cb69b4cb3bcd484198d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 116e20ff1e79e0af464d473b1e7c187f4dd66007
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+NONCE: 41a11be112a72933c7b54ed4fad0be90
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: f2e78e183884c99ad7f199a02d87a1026c832b9a953919a98c2487bd0d724be407994fcce9e19b5a69f15ceef5d3b95c79d5fffede18a143cdfade5c0f80254cb38e47cc9c82488116640aebe9
+TAG: 11f4ab3470df6f43596f9275964c3ecc22543daebbdb99004eb6c1e001b2119ef9b247f30481117102a179a7ca72c556a029b77d0ee2167190923012aef527b8a432576f8948a7dc77ebb79fc7a9dd1d981a4bab9c00e498c09902ffb9362113f6ad3ac6c1f792fe27d3a71aa19b9f769f2417ada3d303e3fd2600484c9f6b43e4ad834e60ce4d4885088087a96eb52ad989a9e9a43aa53a78e513743a8f08cb472a144af5a6abc17f217715e074aa470ba71d2b1b75e4ff3f597c4d1993412d37f94989c1df016f72b26c8d58d78a8a3295108e9bc061facdbc4c708a1d7e7c95bb8e365d4e933c0e519d08abef948abb67c5a3ebe938b91613ae9bcb6079436af3acbbdfacf77e8b935686d4ef7ed47b5b10
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c081d0d09b2c9eb39a372ef4a7b0246a0956b0f9
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+NONCE: a11be112a72933c7b54ed4fad0be905d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: c7de96bb45663dfe6da2a64ffc9ddfa7c3dc63077079bd4bc2ce52fea89924a75664782a5026fb5a099ec460eb9c6d7c3d5ea383092c8f4c67a70fc499a7689bfc27df4da7c185d573e6f8d70cc6
+TAG: 1d6cf11ee4afa8efb4e025dc32e0c73a6fcda2aa5c892031c7fde0d0d69e38e9e64e88a714184fbe73ca0f1dfd35ba3b0378a474cb4aaeb942a529cd199e20b7dd62654b97d92dc317975d5e26ca1378d41799a127c44a157982dc3677a4dd391e22b6906d303c2c60cde6052ffbdbe5f8bce22bc2ee42975f9892b68f228cb1f584b1a3fb2f15cb7bcf3d9650e72e796c46f7738986be7f7c30dc56c179299c9c368090f68b96735673f2279366122e5cd94d8d4ca2cbeddc3502d833bb365756cd511577a7499c199f403ce114ae47aabd351bd27e4595e3955e1d1c617a3d0ca2d6e4a2bc3275f5ef706fc4e02e48719958d37d172ad1473878686fca9420dafc83e0baaa9aefb1e50c98d6006ead6bd7
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 6f7bb1f9e2772eb909c315e653e4737cfed78a18
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+NONCE: 1be112a72933c7b54ed4fad0be905d41
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: 3a77c0f70f9044fb3817d57be4f4e5ee4b27ffa586327f77c18346f9fef2608a552b551ac549f9e8d47c4959196162862fe2a35e44581971c2974d4a65a47ae719a7f5f070ad902b8a9e022abcf303
+TAG: 825fc7dd84de7f3bcc941d0234090a9409e47dda077e0f3fd000965bde1d4ff30e15b23affe14d94515629f8c018d085f41aa3ebfd0498f621593d57aaec4bdd0e22df21668451b098429967c8eb8789f92a5578d177e5d2e326fc14fff272eb90368d56a777849cc5a1d54c6a458d32c26f4cf99e0f80c91e6df29aa53edb03df176b9873f5827686faf26dbb038813a8170f59e3ad85ad698308748d112b7fbca45156a4410cf32fb34fbbf27b66dddc0680f2bcd7cac6b8cefa83945fad84f77a396630029e6bfe9f15cbf5a884332de5ea7f558d783858c18761983080c13f9c06be367ad856cf159656ad140e84d6af4b4c3517b90f5ec0a8e6fe18d42ce3d194f695f9b7440d4118b8170705b766
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 172f4992e692a88f49628e5d3937959be01aed2e
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+NONCE: e112a72933c7b54ed4fad0be905d4120
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: f2f3a3d985eb38c406bb0db0d141188c680656db8a4484abad2c8973267e14458e2be7cb52f06ee2a0f68eaced13db714296319b2b3557454f5e9cb47e8943ea3e66f7bd25c5757375be7bdd65fef53b
+TAG: 2c441fd3259628cab417df36374ededb37b9775c0ddff861a5b957a9237265000be0857b3b8482ccc5a348dbb9f4529da4baca8a8820468b1219fe4680221bad9a527d93ca499a988411021e0f9cbfbacc7851c63cc1886e934238d9b7f9cb6b330ad00da830b34c7e4398d148af7599a87770102622e7a68828dece16d4255bb319c75ab0046defe72269fe67780b34324eb3d57effa216411caea5661e64d8151707ffa86752c876590ec46926b7e963ced6a7fa95b1bd958e618bdf1775a9b3ff18c91ed490f39cffe0ab03bb5006cd321d8e6bbdb19597ad7692eb7a7685e075de1d383089f46c8a4bf1aa948bf08b89fde28696147c767f5fdf2aee8b8d4af2903452fc5876aa226d490140a55e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: 00133da1f7c63fd5f0eec364e9a359be02c1d3da
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be1
+NONCE: 12a72933c7b54ed4fad0be905d41203f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: 02fd26e7b51a1bc6ab6735045d2e42fdd1f31adba98ed5f8b3e89450853104633abf6cbb70ecfba2f5b39dc06f419746abae4a51d33829bb04140275021d183ba079d58c37d4147e8114bc2e3d1542b0be
+TAG: 4bc0c3d3487bb74931c27253f0f0931d15a627ad88ac1ba563d97bcec53524870d8fefd1300feae23772902058f5f4a0c1c67eb5e4ca9d4f98692398a9019c3263d2191361b73038e3c9252502ca72070f1155952b3a0c787508d7c0c96e02036b2a26513fc69b19f1c51629fd7bdf015c0c45da5de1d6899f3cc3bdaea7a3d7bf1d0e8a8430fdd7ec70f93d7bb62fab821c1f0e9ad564d04081a3fb70b43b5ffd990e53938cd34084411c0c11db13bf2e28c6fa299c720f3f68ad751c20f6d12ce79382a1d0c4bf3a6bd3a695b3040193eab3c73aa4ee751447a5a46845c86e22909cebcbfc8b653f352072aad19b725dae4cf4d1c8bfe55605f0eec27682a6a365cf2e3e94ff769c2aeb328fbe6f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 60a6821269be6c5b985576b245f106128eb0b325
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112
+NONCE: a72933c7b54ed4fad0be905d41203f5d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: b2fe392acc286bdc73cac1aee34ecb3a3e3ae2ccdb065618e3c4a17f2b2668a2c11108b0bf8a8ffe20800a698e73c9b6ed4b0da61bf6fc22c33c75439445061e198f018f271a8698d87185b7df77daf9e757
+TAG: 7a3dcda8c73da41cca4a85a9bb5226d8a94f2a39abaad492ee978b6051961be1f0023b673348fa17eb29430a340b3597c6aca9304be30abc5129bd65073aec837e55fe06c7787f4272e75c32b3f1777451e17853f4a4696cedbeabb57170f77efe9db657572035af08cbde5432478dc339147d433457d3a15f8820515a6f267dcd14cd9489352e1561414e3e1e0a85129976c24dd016d4621af0058ef4e19fe4bdfdbbec370fed7ef641434eb629fbb16fbcdd117e9b84ccf7ada8324f9815e4aa42c12d4f0609060545997afd4e6786a0457b0b2fc73ff7856adb51223d2408ce4c414ef2afe52a3bb67be43997898ba846045e96a27acf3f1bec0b755e424f57c69774cc13ada5227c7642f563
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: e2593f3b6741a9ed9fa188fc06efd057556ee624
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a7
+NONCE: 2933c7b54ed4fad0be905d41203f5dce
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 8780167385b8856be346b71b042332368067d5d9420b3793fe94bc1ba92991756523c7a8e0114af8fa7296ffef8fae01796b47edea43bdcaa8832a08e823c45c1ccfaf1190cc7fc73a67decbdf407c72740a7d
+TAG: 974451fd4d9d6d1f88be4404869b435b4b687a1150b31a0671c93f52f76f2e4dd71bf4a3583f68ea5fa4a0dbf8c779f83e8dca1882e9bfca3e914e77ccbf40ac94769c44f9a8bcbc35a4f9920c6860078d369f57b407d353e8022263061bc974df29fa7c862f3d06213b1190cdd3e2091b2e26532356560efc3b21a499f4841869c993272b70f153985d45756a0b3250a1b91ee3f25a6afbc202f3ef81dc607068fc7214e69255342e662c64ffd8acbe86992ad20ce376d92ee0bfbee6a72a1f83f470d0bbf6ec22b364e842b84736d3923de92c488c102344fef6f78624989460a2c45fadec2a7bf722e2e6a34162363cc04720a50f0d309f64f9322a11b642b97f023cb82a521af6b1759d37
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: 17450a437efe239e1858ac4062f34024305372be
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a729
+NONCE: 33c7b54ed4fad0be905d41203f5dce99
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: 2cd2031084f8742da110ab5d8f7290828857c867b38427c3f53be0dbe2cc94527d2f0aee90a38dee77c0ce115ef650b2ae65094e99ac9bf6da89e5440c1bb4f8ccd163427bb95b3ccd629e6881107d6c9a80cc37
+TAG: 026560a6675920dfb199359bea1a03ef0d7d67d359bb6b94074eef54047e92a0940f8eb5d08aea137b7caa73904b66a8c99775e0d859e4c91d68dfab271a9401fb650a9afb83ec4b42b97a74db1908fdca0a06603cde524524ecb3bfa15a96b6e250edb83e7c59385357c075bf077ada33489dae99c2e5d5f17cdab9d23dfae4171e564bb91e3e78d61dc7f1712c2a4431e9451cc1f58df004d04ec50f77a2681969ed91e07df4ec90fd185ede409a5387538b115107a1fe22bb999082d4341ff5a6ae7af33cb27a64eff64492a08eae3c18e5914971e514f55e65ca93a8a19d7d4c2f3df76232cbac674c480e9f4316a8df7ed9d62f8144338249732dc1c3dfcc8647804c13a03a59eab926
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: a35fc7d25f90dd9cbd35910d5532aca8aba88b29
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933
+NONCE: c7b54ed4fad0be905d41203f5dce998f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: cea9c7528706d506d75cf085c8475c081ee8c6145ca11610b73eb3e103a706faa66062f8edc10abaa7c3edb3fcaf43c202c4812e768fececaa04564414f45816fa5c0df5b7518ea3859be75c4567565358293e9232
+TAG: 32de5af09080604ec6b6fc5a0a542837a54131fc87b1825666e5d56f09e15b76d47fd8086dab709567aacc3e59d395656ffadab861ba9a0e1c1b30321ce334b68724877ec6806245bdab9bc0f8e5af6582fe91a2ad95f7a6bd0ad1df9f9c2d2c20f78f2fb0bd2653fc8e8fefc9255541d789a0059820b30902c3e4344b68d4603b3fb8f5001df91fc9383dcfe76f219933078c602fe2813b9e59e8f996f8943c96c10f27d02f5bae69789870a61abb6c3b118f6cc348188495798b07424a750556a8d1e444b47283b096b9cd8b98b790445ba8ad8245a040a3cc96c2d72aba1474f949dc607c386c7cbbda952651f6d3260c82e5a06c517a89c5dfbefa069136e3c094ee1af26fc4c77e21
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: 73eff0f03358879f900b6ebd515f0f4e5a6929e4
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7
+NONCE: b54ed4fad0be905d41203f5dce998f8f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: e967973079db00d2257d84817ff4c5faaf98024ac7eb71d22af3cbb92a001a558f5cce2e8c293d6dc2a968f69cb2731bf65954affbfdef4085123aa06baf0d80edd8d04ad4b1d48120f0db0df02ca13708f66a567ed0
+TAG: b8f6b6618dc8b59b07566c1aecf97a9933b6546fd8882d14cf75b2065f17518722b5fd77f9449cdf4feb87e7943f9d48b56ab891514f608767f1711314974b020804b7227326185bcdd338e3a9df31f6c3a0190b25d02dab04ce23fab918d6176814877ffba65e410bab2ae256d4f5f937458d24a144f3c45f6fb27e9f95490e95eac4575d49d7dec6f72ebdf3efd9dc6c83ead51652223b18963651b8d957b7aa050b022e4beac68f928de0d1094dc756d8e1d2b89a1bcac0d3d40f0f71e67b166a6a56d8ea91df5c930566640be524f187be2065127cd15b2417f7d80b6a8cf781e0e90c6ef61cbc902e935ffd2dc9e84c4170fadb6f76b15d77c72b49b8aa30ad1efabef37d55b4bb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: dd6cea270655225cb4f4231f54c19eaaa146eac5
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b5
+NONCE: 4ed4fad0be905d41203f5dce998f8fb2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: df01c1a140da0e422919c0d34b231fa3cd767766fb35f8d78d715c44b9003e42cca112fa1543d74ac05e00da9b5740c03b5c4d1e558ceb8629adf3adb1771e6edd5b986094f724e675682e65af15bb3c0feeed8cb3407a
+TAG: 25a40fa2eda366cc951e8965249500a657316c33538f874f861753eb038dc5cce0425824f138abde55bade8b0500af1f61b8ea69d4bd68de3fc403021c2224635535bc83dcbb429a8ea6c0ca2687a34e02d1dc45e7bebafd26b4814c0766e7fce5238767280ce0424a3f16a30b943622b8c1abe4eb6c279333e9d8f7bc32afb915bc5b0328147b57d02d68584afd85107302e3c84983cff39256313c4462b693c256edbbedadc50a52cd2a3c8255c1c34ba87a70cb652d74d8375ede59a57514bf5bc50532acc8be4b438daaa2d7d2caae6c291ea2c78e27766b6e2afa2551f3287a6a2a4bf747a1706cd66fd724fbe0e7e81197b1ac612c05cde5a62fa0d5c43d01e6300c7066057e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: 34dd9bf0ce19eff890ecad474388779f63b0af70
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54e
+NONCE: d4fad0be905d41203f5dce998f8fb2ea
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: 889ed4c7bd5455821c5b95a67a277a197140816784e820ad8e126b3d3f0ddaca73e3eede78c1c1d3ff5c2a98c0cadd644393b7e3c2273aea2be1c6fd20374b71edbed5658237d819b5e4e206698c8cc8c12e017196776bbd
+TAG: 57da1b6d2a9717b7f6f37f21dd9c686414ecd07bc24619b9d35c62c3548586bf726bdd33fcbbf64686556d1ece930f37c6f4c8bc1931a10c50269cc1dcd95bed9d9edb0463a266e6e51d2d90fa9c1a1a4dec6d21663df4f4b99060b37441cdc09386eb785b7cb0183df692d7846483998269e36d06bc7e3a010ebc798c83a5de0c4d6201f2b5b7187a7d99d109741a19e267cbe458063aa1ee66c7c2e0449549d03a9cac20d356c393de63d466ac3e04d63b88c26768f0b3fb18564acb1515ce4be0829aa99cb293adb9a0d3dde529827abeae270611c35277a4b373fb099cfc86a99483063014ec189429a243438447c9cd47a333b22e2c1c84845b79e23a661d411570c510f42c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 7db8cfbd3b29f96d752346eeda3c2bb0bd070099
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4
+NONCE: fad0be905d41203f5dce998f8fb2eaad
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: 13833f78c9383bb4455972d6e7d8f22597e65de7dd01afa28fd99f9734366c522bcaef59c41487d84b3f84c1e0b7e5ff6de84206f54d5ae80ce80fe3cb68ea4edcd15897fd6fabe2a19904010538005668f2b05245e28bc0eb
+TAG: a76458445b8ba4572e8aed335eeb6ef8126ccaebe8b4be3f799e1def09f8a81fddc2ddde86e2d011c4b61eb16bb74cc5a2c7e1b6d0107f6b749b93fe9f6589bf4ea2444cb63f5bdd3b65827fff3adf32044621aa164160ac4662506b42b0b13ac148e09abc016102ccc988362f5cf64b969fc056e3f302a830f9a0b7f3789bac1c940d5cd7e2dd61aa3c6b970c3d066504093d658fb5f9ac7fb22ce306f5a9d495ca7e29d02bb39123b5387c43ed9fa1b8a061a339ced5a9393b7dc6401921d0fe424c1f168451286961f8ac199c3f8f8d4b154c89d290a27cc53695e082bbec8a338ee09826555a3fba8fa4bdb663ba932db800df0a1b570450f33f936cb71622854b84b260c9
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 4abaa8453e8cfdefd918571a961d8351754ad5b4
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fa
+NONCE: d0be905d41203f5dce998f8fb2eaad40
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: 03065bb245ba12ab90903bc081198fdfe45d7d3c6fa3b1f76bde831917376ec2a5b2ac2cf629de6bd3f23025b678ea9cc3bd7801f5510b58432a8bc17999304fec4de7ab9ac22d75897cac67ed57e30d4745588b36695dd005c5
+TAG: 92877bfb09987df366759a1776b758dd9943472b933d5720e4d199002d4f3ffdd527c2cdb16993da7aec2ee53a24f6681c22fdb9f9f69a89704b6356441c6e87930b2ddc47bdc1fa0df00f7490c16e18a095b53288042525f60f0f37be0036f9a7dfa37ed3977456b3d8c4c4b2c47879a4495bbfd6a512fb59a40b20bce316ecc559aa825b4be8dbbc5dbe06fdd074c1f2132e954fb74fc97075e9c5052a0f86bb431f7fd99d62080140e0457f8b5deadb9b2528e61731488f25f0574283a1b30c80b2bfafcf0e4343ceb83dd20d2179a38866780025516e5f8216ab70c158ddfd0ad7a446969cc9f6eaf5c984ce8e9c38fd3b8a007a1c154bb4330fbee4329b8335f4ec4b23
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 0fb9d7ffcc7c9b84f34661d472ae2d4fa25d3d99
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0
+NONCE: be905d41203f5dce998f8fb2eaad409a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: 04c76011b9c4cc8ff18038d36a8c8b91debc8d0929ec173cfa5450f434308234e6a368f17a04ec0556dcf5ace0efb5ab51956d0daec5c530129aaa78309c3d0a04af17d02b0f91f70a82b2ea03522659f76d1919731ca52747da3d
+TAG: bb70d9741043c7d3d9a3c5f7d2dc1517a91729b54dc8f49291e2201331a24fb24ad212398617237c77de3d6266fd32341893a9c8bb42e60123bf3bd4fd70a065d6f3d0ae98434d8cda789be46a5e5ad05033d18cdadb36e33fca58181909dbd3cc1733dfb4b6dba689a66f19bbadd35f830d6af1edcbedca45b2810cc82ce83d39ef9d6d17aefec9b7199575e8d08df3ecb9a407b41a9c1d851e923072c96c5ffc60d3987ad10f27aab7792a198a17c8bf88c586ab11cee5008ee7ea769c56ff8d644b51059b9b2ddcfaa92d3b3055a4b3921bf95c5c131c2485d869f642cd14cd4eb9b73740534f6c48c63f76c6f1e4dfcdd9dc3c07593ee6032a98aa10e1b7f095c505d2
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: c68fec315401703e49722fe4b39cf28b14e9f50c
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be
+NONCE: 905d41203f5dce998f8fb2eaad409ae0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: 5d9af50991ea21f041a766d8d9036073eeb0ac083b8069619ee50c64c661bad73a9e2ca7f8b49ad9df79e47b49ca3c8ea9dc254854f116a49959c91481ba96463521bfdb74902a4b454d2c6af72d130175c33e8764b64bc93955f9f3
+TAG: c3ccb45d8e69eccdb1f058a490d8de92f255953c16f27e21b49e4f29639452ff846aa45394972d895a0fcde901fee45211e835f6e4152de7475075e1e7ed832d45e0407eac1c6a0c88de4a9fb44d961b3be197e45af38a88d1070416c419046f6e43496e6fc1750de734c7773bba9b402dc96683d624117249f3d3f3d87f83a140018afde34dd5980e86e157d632acb7fa5400dd272fe74abe46652eab999b9ac1cb65a4a609f3bf9cf3c8434f9eca0bd440d665e772629c0cc76e0d9009e47f5667c0a0846ebbb1c1b23523262d3225bc23e3513ebed8f67c721cc0886efb251b374ee4e79f60c6fc7bfb81ad9ac88c0a782d3c4bb918cd21ca1f3b8e311f5e48b9e6d738ade59dafd07ca721aed0f6f7f98f1b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 15e1aa5285beab679aaedbf51a86b4aebbe3d7df
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be90
+NONCE: 5d41203f5dce998f8fb2eaad409ae021
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: 182dc2f9f412f305a8fa4813e8c8eb7a41f9708efb516fe3feaa6ae94c89b4437cbdba7c738fb97ef9739ed94d988bd60af5359194d2b5f8a48e3f5482c3be294ae65ce803e21acdee157d436188980be8e58c95a7a5a33e427473d4ba
+TAG: 2751722d2433b908076080c82895c633135bed9c7486d2fec286ea11b279b5029784972d39c8732cb1631841a60e86ad8b17c41e9c0b54ea3dba7b15121532b7d7a7fe8f92e2280481c73590cc38bbec7888932be3d10ab251157ed0335ea1b06a379c4d19d7d860bba5164da684c9d0eeb20e65c0c63a60bf94f65fa4e0f61bb94786271d5ca588093446fd563a6d513d81d590244807ce399f4bbee2f09cd8145634c1ebf06bb408489fa362b06af21a934b1114dd8233c8cb629df7fc5ac619fe2701de7daf7d7295049e1909fda9864fd7cd088316be8dc7770237748de45c3dde6d476d233983392e1a3a96f9c6550d5a7df61e3818492806db44121c277df71b9e1e176e335a68f2811637a9ce17919d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: 8cc0b1164fc844e958e055b7ae43f2f95c29e8c3
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d
+NONCE: 41203f5dce998f8fb2eaad409ae02116
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 0990f57d9a7e9b64bcee741e158eb5749e9d7b34d43c6429754689d87fc45daaa618fc62d3dc111e5a1a7a06b2b14c5b0f3e2e463085e80da6ce4a6f7815cbf871376c8c87a36555b8a74e0a14421e1e4d74f7531546369ca81e4585f86b
+TAG: 4e2e000dd4c6c0eac8aeb581fd352c8c8d4033ea944594afdaa87f05ae6be756e46cf27b7ee6eb01e9f4eb50918d2b438fc0d1eaaf7c6add8078a6a9d45be1e813c18b20eef740c85df67de7765974544f5482f9a0012192f3d84b2cf6c01141f6a8040158cf9ba03c5a1b580cfddf0a682955713a4cac6e0d3b6e273db3a91a1b8096f85fbc3c7a67e893885bae3b4c65d03d111da7e199780de379c6ee07a3657ecee397ce0c9d34ee5d39e8fc4a64c86a0d68182ea48b91c76f63011d0f0cdeaba4e1ff6a19686c5223a25a10af0fce79437322c0cab4786fdb4b93e687a1c7154bd294d784169b1bc7cc5c9f3b8bc3e1d8b808b448f926ce8731ab30a33cef85f57053ef081a8948178030a50c247e53
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: b51001b6ff9d27bccf3103a4961280e0a1406257
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41
+NONCE: 203f5dce998f8fb2eaad409ae0211641
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: 8d7999ec7a80e528bd6a8d2a9724930c93ee5cbb0c888d9b7c79d2449e638c03f3143f1927a1b261d66ff55bdeb7ff6616da99a2155f465d7c91f54963e7cbda7b61529381204ba43c9681260799ce66fec9b0e9882fc0ab474fd9134adb66
+TAG: e9012cda52183ec3e658c42f819dd986216e84e14eb38a462e3db010070a3056db6b148863afa9af5849e3ae963730f02bcc2b419f9cb37659609dc730008a43c41e87312b546d3b67e1f092001bd8a1b81ea304126801f149b0a37d826e0fac21045be4087f76e3c44a796bb55b6e4565d44cba7a8a48d4ffad797982256e87b95f6599b53f2ad34299d90204acc139d115b66c78a2072c741c43c81bab9dace2c0088b2a5dacd917e75ff0de07ab5febad79eb5e0d03012503110bc0f62e2aedda35c9bed4b7c2131f96a4d0c9ca4d133ee032a787e499c92cd46b33e5bfb7f1d3de52db0c7e2a15232a7c3c064c90bcd23366bf982bfbd9694e92b709a86afa4c4a6eb8d5e9b48a20ef409acec78a8c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: aceed075f31ab159f6610f43ff0a6ed3a359bee1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
+NONCE: 3f5dce998f8fb2eaad409ae02116417d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: c3e61ff897b490847e6539236d2e3b208baca2e83347b7ea2ac714f65a409638e59a5dce5c3a4109e6d6cdb8a232f5f8a2577101f9fb53aa50918f924c1a5361ef98d6672258b4adb37ca5f30d22893dbde262fa9cf72d2913c1901d70a0b7c1
+TAG: a49c692364eda34c22ad3745a4339244b687f596bda16d4ff61c6697996214bffc78fe54bb30321d37f17a7ee146dd33771b9b922b475ed41e55de39f1573683e4c8147a9bc370d6f75882c991073181d3f5eaf31a9cfe0dd205540cf6a2b6c0898b3d1ebe351c7e036e136088fe88a07e2c512fd488dd5dfbaebe10e6627bebb2cccf1e9c985ec9f1924abd91d29f0862403c24496ba6c0535358de379a60adb764fe00f5e09f3487b075713a85452ebc21205279815653b39af6c7d84cb1a10178006c1b4ee3e53028c09ef59817abc2335fa2ee7a56ea18e2cbe533b7d30c80609151b58b3c711314b35d3be3df1cb6d5cddffc316a940cc78ba1734da1c09d1d05c2650ce3a0fbd60bedfef7a83f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 976ca4c9819e25a204a024d05fbe7420f717bc58
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 5dce998f8fb2eaad409ae02116417dae
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: 1944f256989b6acd7dc7c334d10ce71d9f2980cdb6adb03784061096955a3e10efe7cbf1c0aa1caab97cdeee4d08a8ff34d68e1b53a0df58e79a4c1d5d9b7eadb2430c0b8049b6c43a848fbc5e5feaf16c5ae08da38f973b18e33fde747702b882
+TAG: 6e0c7a079e170b669fd211bd54c2cd2c51bdd5dc84c84e0da6104dd1d5f6e8b27847a4def48c030c515b680a5db67439f300d184d2c8fe18681c7fa25840b80f53ff494fab5e1694a604c1c12b3b113aeff88bc2c5bd31e84cf5474d6429b4cd08241e94a7f4276054fed2f2a0d863eac2671c9af96045447d6422b8789c4674feb8fb27098b5ef613f08573184271899f735af845e6b7ed9dafd4524247178415479fd60da081ae076331df7ea141df29a086b76bbe35dfd4f983e45b2f1316cc27d88c48b87d2934833eeb5bde5df0866e4a9d8894fc275d6677eda6ac6b41a0475aeb9a55ce7d7a04820b581e8565c9d9919685bdf0f163d77ac45a15e4717e2e716e49ddd079f18295bc7a05e7
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: ad8cfe7556704bb1974e94f70d8743d147c5c3b4
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: ce998f8fb2eaad409ae02116417dae0c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: a850ddac6117f7b13e15c17621fc7c99f2276ed7337cde87ada287814150f8b3f3e8ba7108a1237fa6a9ddcebb07c234660ec93b8279bb4614be85c5973603568e885f5f8ea102d0621b5ba77fc58af4285c15996d6868c520f3e09ec5b6a468cc82
+TAG: bce897e6a5dfbd940ec2c477af3411901f0f2fa9436ff3b4da7354189f097d231b95741788b45e9a56e7ca7a41b265489578bfe8667b1cd64a2ddd765144e770ae13fc2e9ad24575bfb97e0e012869ebfb52a9c7e181e79bc260442d166550435dd5c08b131ed3850f78a2e1df8a1ed026d9310a83f0b8449cf2baec42d7d7e31c4ec56d9d25246b34a479ecf8ab850c65fe8b2a6361fd185c25d6f253f556aa46825c535a4a54b855148e032d3e1ecb8d501802db1eac194a4bf7f3c70f8b8c33cd88d3362476e2080cbb4482fd9453ead6dc62a0dbc0649e41a699c53427ea8ff93fc9f2353356f695642ce7db49fffca401e9c275365dd0a339e3970d5810c5667c234986a65e1ce01e827e27
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: 1dfd9608adabb5a55e12949f1c4bfcd5a77cb703
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 998f8fb2eaad409ae02116417dae0cef
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: 0cc80c78b73b1bd898c6af38846d32837ed0712ab7cc48b01c6dd831f37237ca7634c90aba35b35da59b60aff8e6b9a622f5a481c98c03fc76c1375e4602e96c08a465f3085ec86b0a8e1ce8757df761400be6510f1cdff60b05bd46271650b9e5d5e4
+TAG: 34a24675223b1e1d363b941da5d1566dc42a61c7c239a6684a497e7ef90a78d29c1aba0a9be91a8cc8a7cd578c77e62db1234da2b913e9500cf81df22cf481ee43f0818be959ec7fe49aeb7be270d227f633f65a003b19060ffe8bdfaaacd2c20ac65b43254252fb2fa8d2264f5664f3fdfaaefe7216c3f8bc6957656d218d5f98f5b377fd675a21d16769c499b82d4fa54be52ef8c96222b83fbe5bd3b456c9d181cfb5ce23639749e9e22dbc3979f07910b83c200c82a3dd449e5ae47486bd7f2cdc26c3beea2d3c490a801bf587e323725be1a76c32396e5c5ea24a9933706260d5aa16c847e00bdc5d96b0b96652a2c73e6141367debc228af6f944bcfd65a9269a7fb8c912c25ae2a6e8c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: ad2b43eee27e6267d8c5c1c3d558a07dcd6b1f5f
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 8f8fb2eaad409ae02116417dae0cef45
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: ad918e7428ca106cf043d6626772cd45ce998f32fea28c3253fd58f0fcc191bb4cd250b5dc6a7b352bb2aaa66601e280576fa60ad8c3aa58742462955fd7f33ddbbb5036128617c1fc3bfdf83100dfdd069042ad1887c2821afbcf822756226c69779d88
+TAG: edae83839ae4bcbcf7da661a302815b024d7576e65ecb70c183411003b1d6c769a13de3444f82c7783ff5593d9983b369833cab8dfc80120e35bc86d3b00c307338163bd5de5863a1f2daee49b4f535ce455b131eba334b7c995dc25640833c6c0a7bac710ce37ae2b85e58179b57218e801c4a7e5dc19cb3c841c11c299a72efd9cdf249e9c4423cfff588895e38e5b2d166344ba53b083da555ae4a1e0278f5b7a557e9aec08ac70da44858306df69ad968c017f8b4c24a0b562be19e1f6416841387ee3cd9c8f7c8b3dd1fecff0609fc77c4d86fb1e387cd1932775e58b928f4022821c0b9dfc43912fe0d0755b2bc2f88682f6b11eaffb6caaab1e295755d1256810ce16d70b306ffd6e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: 3dcddb1e4f49633e7b7bd36f4056d16c53be7f5e
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 8fb2eaad409ae02116417dae0cef457b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: 8ef4db8a8444ddd056428a25b718aec0258fe05b5fe8d6d972ca6762875c030fa2b4822cf03e797a53046749e39646c8c6b373a1d77287f4124c19ef758eef75db8e4e03309b3d14e918bfd9499ae5c9e2f3079ab7da8ca7f00ab69d14ad96fdba1c58b813
+TAG: b78d95ae68ef1121b27bf93eb67605bbcbfce1e0293fa37e0de4a959cc0a1a47a374f6727edfa9aa5a330e5c3df90a30d371304258624e8015a2fe7583e362f045087ac9ff6bfdb5371d9fc9d55f7dd91bf0310450c36d33538ad5f6057d0c8a0896217643c4f95ed6c93ec95dc6df838cd43d6f60dc3d48d489922dcb1fadc586dbbef4200a6b1d67d2024493fb4dfdaae7563edb5ae93fa2065d750a10919484fbb1389f93d2f28b62c8c6708122e0abe0ed22ddba815da8bd80393fe274f545e463dfc5f26bdc207f3f056263e799b3c89f9c740748a37b7f28cdfdbd9bc89155e466e9a1830dd6d0a206d27a588c56c3b6dc92d5202dd30ec0a2e1e31a0da1a5ddd9d905204f47cc25
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: 25b982a242f669c013cab1c18da425330090e3cd
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: b2eaad409ae02116417dae0cef457b9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: c107710a85a49250f3a4401fdf07a44f96560ca5e71d6021075b7b6e3ff8fd6f36c652f186dc82c8a21a8a743dcc007e6710214320cb5c5e788f8c5b020e4d0d89ec2fb780c9ea915966b9f9b1e2cb0f26fb6bf1aba6e6501f2571ef1299918d4d2e6b367e22
+TAG: 3e7739cc9f98881f03a99d95250d460497e445cb24b4f8783c0010070484f8f379d74903d9a99f6a621791763af4e8e94ea305642643103b2dc0a0c1342f66154a0b4c4cac63e79d7121a2a44991273a9e1111208b3d9a5b6d11a6a28c83d16c9099d0a0247bf4670717ef0e8e6bd4e48c893ae189cab4f916862a8ebdfc0cb26cc545a9a08f01f8b4ce545914a35924f728c4e914b8cea6588116e9ebf592d4709e0c4efc8f0f8379fb30e35e36bfd68946ada030e35af5ed510a6061471659dd6780c1356c3dee7f69ab449a402456b63abd7e7763b4020db5216f099ef78a2125b42fe508cf94976b8e4e9ed65b38c254818e6aed084c037efabad7bd348e4e16099c7709cfd9116b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: 9d7958e23777ff2472f5a24dea5fc19c151dd921
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: eaad409ae02116417dae0cef457b9e5e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: f90604401a507574dcfe5d7c5e0c36c5fa65d9a8f0a25daaa9fe5c50ffb3758f52c9c883c2f85d879f26845a130044d395b58497979cf24a9e18ee1f27d1eac4d0cd994a6338c5755c74419111b2bebed645c3d8b8071a7b5304eab2c33777eda01ce489f4a6d2
+TAG: 8a94c9c05afa552672247d156dfc8d60e9e3e1e9eaee6e58c8fd6c1f9d41bff32571526cf035ef595cb5c5b2d64b2a98bfcadebe5ff66a6a2299af8e00fa27e621217c5ee1542a86ddaf93e293d01f20ba5f9093c1fb7a1b911e659027beceb9518f59d20cc54f958945dd44ec38f73fd475647a008de974e50facab9e6e878e3968249a91b4f71f4f86486d5e3bc2abd6dcc67989f58521ee78214dbd29bb7aca0f601842b1d36833748069e409c58de54f7f6e6f17b9e05127568a1566e70254589675f2802c153bd5106afa59e00ac753fb9c3f67508deb5bcb4e25d47e52852acceabb8e5e955e16c0b4448cd313c73ee2195f185f8869165de7f30a68efcfba1adab85e2eb975
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: 09e9eab51bcb9faaa3bc3e473ff66b06e39653fa
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: ad409ae02116417dae0cef457b9e5e16
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: ff258ef9f318036586c5ec9e956c10c9423ad3a8a5468527c02bda6878c45398b0c78f3fba4eba3785282b3aa4586d31b238fb941546bdd6e3d918444d45f79b2a5ce3df0e8769a952243cce1f17f736d21e44d8d49449e017e9aa5ea20863a2f6b2f7025de029e1
+TAG: c113b619c1829f799e045047dc1587c35eea2e9b5735e9acffb8d5250acb5340d7e48f261c58f6e1dfa213980d35df3f14938a5d6c20908290444308c31cfc08d07cc3258a5221e3c8d72031ab52ed92cca76a189eef780048623f82af821d521b0489068af4ff2954bd73dbccc6d6d4124760a5c71fbf88435af2ef8eb24197c8d7b23358baa411d87dd4439249fa80b6f00c4a4c500b0b7113151bc4f385233318ccb3bdaf779d41c433b2424bb3651db990f9fa72649d657bb823f0e73fbdf08e6f81aae0552aaf37370f139e85da70fa52422fabd155d567988d1d2b930f89f72725d97c1b1aaa67217c552ba1b6a51cd97bf2ac7017a2a97298c6d86bab809b9b4a7e1776a8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: 7b17b7cb19107af8fc4671420e461060e2ef3e61
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 409ae02116417dae0cef457b9e5e16dc
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: 5e654ee6344f96fa117a2e1f9cdc08bfaca9c83b1c4d61891e49077c8ae7a8aa604e1b19995b32872087e04a59ed367e42f0ad3998cc2112035b33104164403a948ecf73c516f74adaa57688cee9417456f996847e0c637120478f7d88288b5403f0697c4834e4ea7f
+TAG: 363ea1d1325e86bb389f4c97a844b76e43d76fd4750954352aa52f5cd174c3d902a71a8265fba870b1b0e3a1add011914df362dfbc8f075cb45d2cca5498b48c49f0872f8371bf37e334c33dba4170d101dfebf14a519d37647748d92ccbb24774caf56204c1e7efb4b765b63d5ccedc308ccf06bf614e7695bfbf9e416df526ad21c4fda82cdce18ea647b6f99fd2bfebeafa94e8b9e83fb2d85fcd5f8456ed2e374ac383230dd39c528408e3b53a92a3950883f6eed412c1a5875a5db61b98c089daf3419522fbabcaa33479d4f0140963f1bb788a2471aa0384b44c0c69a4fc46a892f9ec8cca4cf0d048e30eefb1a74f8fecf77a4d61f97e4835a85594d1df3a345f720fca
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 48586ad2eac603c136911b28e2c69f101a8ef371
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 9ae02116417dae0cef457b9e5e16dcc5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: 59201549a3446dcbdf5c3fa8db930606f6e9bd374d8405e15d55493a82035491811f784fd4f0e3bdb6bdd2e01558783a00b32c53d7be31525343a5a2d72921222e32891149f8dd38303ffb584485df15dd4c6917d4d8ce80e1dd5192f30770873895a0219cafbe8dfaaf
+TAG: 30b74b701e2777b537a16fa9b2d3bc9a86d718a4440ac3a0475eb675b352f215a847a286f042285b50764d14ddd3b3088189d7e26b96cdc33856347f3173c7cf4c9696ad560773e65878c4f8db001bf66a9e27e7f42593e9dc3f206e64502b4a11a235d5ff29cfeba3fcff20afac264c691a847a0b6c599bd9f7e4a57179f46b3880fac1b6cdc10444ee5875470d25c8a7bc20196aec1f028aea628092b5ecc973a058f083f4157dd9202d1f6b09c72374ea668041ab18045a383242b5e96ac127f6ff263c15d0a4999f61153ffc5d53bb77ed11b5b8bb3f2071b8ab14d92d161f7e39470913043b316ed3bf9baee35f8594785ff0f99a39b72e918bab81c49ec6c4c4ca459c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: c37456cfc543ba6e5848b9b8f4ac5a58a104b521
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: e02116417dae0cef457b9e5e16dcc5b6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: 54a2f87f11c6597b3013a0de46b61a8fcc28ab021465178138cdd76ef01c2701b3a48ca4d3cc885173bdeb33b7b27f9064d2f09ec187d0c9c482522fb29bb421595589aa69ec2ca4155f503bdb8f0f8d4d2f08531c0deaa386b9adad07e8aaa351e76ab938e435c7eee05b
+TAG: 2b4f8a42097dfe879397a6fdd13c8e2611399c3c53d5cb5c0e41a4a49b99522b127dff5bbcdf4a5c6fa79440e8fecfbe1df30d34df7c3a399cd79164cd39ca50a3bb6ce2b95a46a3f50e47c9041dbf8f39aba1e807f66984619c62499bb5f0bed727c5214efe67ae9863b99daad6b2814484f9e96c3f6aa5a31417624052c69252de37d7f913e5a2715459f945958adef369e59fc7f704ba9d9646870561efd3c1bea0ba785a8a39698d7ccca3e0b6a6dc3b2570650ebaee1e133488b3a227fa97a8580737cb4852ae3e04c11df82816ec4d6bba8f9e63c9c48383466d9d145d27d18358e822af696a8d7c7aa65e2bc7ac32204a8271684e3803347423608666e23e90345c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: fc113d192686652653a15887974eb1f9b8e32248
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 2116417dae0cef457b9e5e16dcc5b6f2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: 0f0483dd1e9ef91f215f7f9817b7f82e0b96c0d3b2996b2a1d878d0be3a70c07a4bbbba3721e646405a8a7f44347557d482d7899044af37f6df054070eb4debf7471072af1e4c98dfb3c192e956b2931967d7fdf200b464be1ff1955a658bf86faa659db9fea5c63d26c13af
+TAG: 176eae7a290cdf30272c219178d7a011400870bfb2ff611142d4e16fff9278cc5778770605f8914f09c3509fb6ec23bf5cdca390cf8dc0390502b3ac3026c47c167079f12302b6ea7eae668b6dac95a5541124aba8ecb8de4cac6c21ba17a2423ed4aac69e3292f3f4f031e9f54702c432d514726cf02ed646e0f60ed672b5f212e62aec4e51c8b8fbad3f1689f1b7dd775111695a342a279f7725da6ffa0e5a2ff5550159208bd30d28267c600e6b183dc1f72fbb4fd8013c5b4ec93f19dee5864bd854df3cabd5c813d4e3ec083d55ccdad4a0178e5d6cd262843d6309059033b987e366e66c67a3fcbba86730b5fcb4786989f86ff9b8a7318302123e0d53152a2a82a7cae76a81b017fc0b883ef6f8cca921
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: bb6e5b5be84ee383caac0378cb6f541726ecf61f
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 16417dae0cef457b9e5e16dcc5b6f256
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: 978a10e04037ba7f0dec2576efaff6e5e4de5ab80b4b0c0b8a6209e22da05b8be0f832883e371c61c23b5bef969c004bf2a0f0fc8fbf1313078e12af2b3569a98ae5ee76a9bbb6da6806be3356c02dfa607c26094fd876d8f9dcc0395f3fe356b0a51d1f59582a7bdc7da9971e
+TAG: 9b37a729911834f666621a052c9d776f126e500cab45ddae7ad020874d77976af6ec581efd91dbf46ccf346a9dbb3a42d08d23de1cc074788f6887c0b15d98610b19fd2c00752136af3faa32e933518093d667617ae1dfa4e4527779bef7ccc9a1b82d8ddc0eb1d7d9247d0382c6d98ab29f60bc897d28483f1c69fe9b0d37113d237f7b3c3509411058e1c0f36fac6014b6c5937ef005a7fc2e3352da4866384d63c6aac2fdf74cdd16acf782022e4c5f1fa528cd6c977425ab19d800664577b5e5cf0a82e7ba75716c75bdf87eb8c7bdf7346c89d453bcff89ed0b93d9eb1452b72390a799498e31ae691460e5daa8ae3506aab4877cb82e3378874c6c97064b33f969786ed84e81cd1c2e2925b56266ca72
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: a27799fc2e00e7abec4c5939451a834c4606cf7a
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 417dae0cef457b9e5e16dcc5b6f25607
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: eded0eef58434338153caefd914cb98ff516157445bfbd25c3c5cbcc0ad68ed1bf049ac292da027acab0310ef08d66040341721524982165cfe7f6dc495f7f5f36cc410470e3b42045b718f580713dac8074b0e76a0345d11c94a9800bb5e5eef1cb8d9ba5818799cd1ef69c4ed1
+TAG: d7459df78edeb89e01ea8d685b5780b94ac339c36750f2d5bc09009c12a22893348bb74f8c38f96451e5204e0d940b9b84c6a89eea61d6a78eff111b806ad4a50c8456d13f79288cd3f3bdde755083dd64d13e1c887d8df5102deb5a23055a02b6cab1021efe6add18d00be8c3afd6f8e80bc539c76003caad47c1cf95085bf48bf9ab6d487ff4cbf5bbbe0f2a2972e6a165a2e5ad230f58fff76fb8ed563b810684daf4b5902ec8cdf2442c323e7c7630129a89432a1795380a949f1113facd9ee148e2d38d4457b508155dba0d8d4812aec13d67050e70e2ff98a1fc1dffa01dcc7eca4349a0b14f2507687314c49b3fe7cdbde2ac840bd8ff7fb7c36a037e7b7de485183fdcfda49a2281645ec1b153ba
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: f30eaff92a640a397f98e6803623e8d1f0c1fea6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 7dae0cef457b9e5e16dcc5b6f25607f0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: 7c433fc5255dd1e11f67c499c6a89c16b4b09355818cf304f11167bef253dc60c95486a840c3a8f77440f63a5c6a855931a90eea66a281d51d4198679e1420c824ae5c8bc0231444b65b69832b84c7b5ee2fb8484ac08727eb0cba0c14e7e0a9071cb0cdcf73d5d83ce53bba361ee4
+TAG: 2e73871e9d71defb381e4e7d49d5d45880fa3effcb0cfe673ab52805e6273723cdf99557ed9ca838aa2229fe8eeadf7c6d94c91e867ca023fbb2d2835e420a3b026fb5e3915e38a7ac02d43a8c6ba8a149e99abec42967106bff6c80adf9be5c76503c95053c21472b9a338ed4c9c11b161ce83e2d6190f87e4dcf169e945335cc5acd699b983629d0bdc452f678232be0d31b9f231aaf4c3c3df79b1b8b2fd8802df0b71cc5e26b2a5c5c5ff0616bdff6cc7b1f09aff68d5e15dc9d61c1cb6a2c9602eab7794eb77af8bed198fadd854e8f8a47bf6bc11a8f75eec584f1901fbf012d1fafc03604ae49f9585272845677a1cbc27261d5d7fbe9bf1f1c9ea42c61b110cde99a3a602fc9eb6c825656d804
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 7227537c0113a9f46f7d332a0b37ee5303483d00
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: ae0cef457b9e5e16dcc5b6f25607f00d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: bcdda7eecf3331f4e7605cfd33789ab585318bbd35047755402372403a4df125e7f5bdf857e49a3f74cb8e824576a226c1942fa86de07bbf564cfb384d8420a367963020613dd2f6bd4f371ca1b53532a7015dfdabd07497367aea8db92981418eff6b51eaafe2b6d5b3b4d1b8b95659
+TAG: bea683141d42033e86b38d5e0614716ed53b7db5df93b0aa48b15e0111a46ee93c2971df88fa885f8f32e81222d9bb4b605640395e37e1ba474a17f0df48c488dd5a6051be2323f462cd94f81261289f076d60cf5907cac601e2709dc191a9ac5ef784733140ba8d45edded7e58d7316f92a9bd5aa86d6f8441604261a38359a8cbe57bd95522db7029db058a8b175eddaf8f258f2f479b348451b0786f15336e18077ba23eac377ea367d7e1afc08607ff63be2e613fea2e6097192ab41e40342e36688bad628ec273897c86e75e0b83d0d85fd13e850f29cfbe171a8d1b33b72a344a9e2bf292f0dad2ca754d45651a2067d9fb18c7a1845a9c145d4273ee2197dd0b4da66e88a7425a72fd541a78b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: d76570385cb65d30c3d636ff25c5efeb8d1ea08e
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 0cef457b9e5e16dcc5b6f25607f00d03
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: ccecdb03830e84c5267a5b6f68dc909cafe94a1c872602961e8467b4b2723af537d79d723fc4e8f0397fe169186c23f50cf9e78af3156f507bfd38181dffcc05695583863d8a167df062cd16aeec0cc548a7b5e16b148ced8bc2a60a33a583779fef6d7160e0f6c31a03b8a0f1ed8e18e9
+TAG: 5175c37f295f196bcfcaffb35c4cfecd88d1b9c773d3162c96eb74a23722e599ac728ad68e2ac70369e0c6d212826afe93cbbc61abfc309d3f4a6f0d22421e02d711a6c97b6592b561b49ef5f6516367cbd966414d9842eb963c79bd4a8e1550199fc9cbd58b5fa5b898db2244769a950ee62bf915a074d5196732ae69cdaff05266bbc049903f5d7c702633741471bc3f8e44a426d201c5ad5987db33687db05a42778617c253576361fcbeee62707d9119cc76fa0627fcd65df7bdfd26469bd4e0265355cf885e2e515d56307adb91be258befc45ce8b238f6177d24f38ec56f0d64a46124161992a30f8a64355823397012af08f1df378effd1f67fb30796956fcf28b0ff35f618060a955b6311
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 170369666d1f2337b29b5f14af68d47910388e7b
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: ef457b9e5e16dcc5b6f25607f00d033f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: 2828ec3db18423dc583c7ac7dc5231da07af1756d7c032a866c64155626be3b3a686a93699023f6e421da24596baf99b45244d07d86a8973450afdb87ff2e9dbab6fcef52cd476f1f25f27f6bb3abf9b406704a14ce9682613125139b238d985ab8f68c17f7b824f279c01d820fb70502dab
+TAG: 6af6f94f0ef92665d286e08fad2845c4c43f985b0cd0f09c6c6b4899c350a1a342f024c3ced7e54bb00b96d0e04c6d484e95b585a687258f4bdd1c00eb1d3f44e959b2dbb1444a292c81c92e3b1a01622fa377a583117bc2e170ea8c033864fe7dc09b7a9b1b5826ac8e38fd5849ac9024bcfb1c587be93b3da485adf297a77ecbec2a88fcd82e7eb952b6d012ec439310f624fd07de7bad33a5a59b72d88cb454d5da32d52012258c8754cc61dae82b26f8d6df7a4ca384ea88a30e12d4b07bc413791cded177d325c03a5a6c532641ca46ba2560cb3072733282305266985bc4afac41b171b28aae50266a00afb5a778e1c481a7799f29ba588ed3ebc65183517a31944921ae3a040731666daf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 7c52593d1d37b0dc380297231c6cb7b64e04c493
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 457b9e5e16dcc5b6f25607f00d033fb9
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: b463f7f24871b617a1001d2f73f9eb8fe39b5fe0b382d420af876defd68a893add2eb6cac45e56d669f4ac67a943a3b32daf0932072bd701f9291b5020bfa9133d2875d8f6ee78ce8c49d45b80329831799f1eee8c712683300e49c57dc8c1ad0b07465184483d669b04c183976289e3ad6070
+TAG: 2e8b0999a7792a9cfe5148a8730e28ef92557e1b5d9c318d27d12fb1356fa0dff3467e865c530d4f20fdb765f7ec7e56b7ba28fb49309bdddb413182b07670cba711d6e5e3c086b4e4211f0f19666590bdc9a121e1430f6b0c64c07eff2d81e47a02d375fa46bf8d6fb8708f3a247287b595be7aa19414e3d2d39785a0bc8ef46b547bd4805a8460fdab65d81866dbc496581ec548c51f601e13289fcf3e45f1bb4a7777f9a9243282681aa1c746fac4a8433e1f477950eea76c24d318e95f0586eb5d21a16f8b2b58a14c4780eea922b97de4b1ea292f842c662534bea84213924e837cb546c26f3bc9951eca7593f4f01e3e6360cb14248d127a08d5e0b77f438479035769e0e12c856bf3bb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 09a1659100052d13bebb4defd7f54f975a58ae2b
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 7b9e5e16dcc5b6f25607f00d033fb95f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: adfffd8a654da994aa8adb618cf69b25ad5dff201cd3a84314796e0228ae3e01be77cd8052e950fd74e3d8fb0066705874a7319dda8bee7bf7748ad844a70b1ee0d774a6156fef109dba8346a68b48458728ebde458e5bd777a26291f98cafb175864fee2d335fe5a38f1738df9a5aeb13f25442
+TAG: 0562ed87899d06eef5f3a7680c110360e5338af0b78416497e18291d4e8a75a219942acedc7d1493a15f6d35d1d8cd27b2bb26bcfd58dab2c747b4498ce1e56568226987124448509a7852588acf2dae587f0d13ca2ba54c50ea37c10e6c525b04caf0aa519662f258dee7fdbf17568ecb924c0f26701dad0952d3a57a8188d046439d7e35d73adbb39559adef95017029a9f6392d7282a1c84eae663d840184da4bbcbcf9c262d69ed2a7743aee175150e03bd3e6c38a8a1a762614ba2fbbb631ef56ffe3746dc95d9a15eae1f4f88e3180569e73b25b8eeb8474ec8dee041cdfcca5219514c5125395d83de633bf5bb05e4771e7a583f4e6a6d20af36235090454f8acab43984fda3f5740
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 230c3353ccbd95e4f0acbbb0073053a0186f833d
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 9e5e16dcc5b6f25607f00d033fb95fb0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: 985481677ae867b2427182edf3de86d7b9956a4970b107ca7e01e90ee7cb02c6b9a46212e1b8ce67e7aca5e2d96272c2f412b5f16a7c1d00fe597f1390c3a686724c4846c78ae66b26ded18adb40f0d74c33a68032b97d440104cb7acc755ad7383c16013ec7fc519b293e4c624b132f91c44202c7
+TAG: 62eaabaa53e386ce7d064c718e4761d14092263af3027efcf5c343ab46e1133d3131dc3cd7dd6b8b8d9ae6ca172fc10f5887dafb169aab9f0e7eda4a5b3436750ccf47f2e3e9965b46f3dfedcf38d61dff3cea927bb3ee8509d6a4288f2879d04095eab6b9e154d0e22da31cb51638ae978a0c5cfdac346ab551d359fdbe9aa34e9ceb15051d7e04e9788240a030c0ab7c19d00f32da1df539f08d158f34a1e3fa6ee8d10ec0d99675a3465c889fe2b6631ff2765a6b83f594315768fdb30c27d2747a6e9d4c5724a5e93704a1851d606dfe97150667309b27503b09c85d86ecd83caf1ec456ac19b7fa273af74714611b3e9a3359354c7b983d700775930bd90a629d88a3cf7cf17f5058
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 701e141608e71005d32dd1e29cd068aea736c9dd
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 5e16dcc5b6f25607f00d033fb95fb09e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: a06030a844e38f9e049bcf318b10e1cd2db6b60a2611cf9788f0c1fb31a366d2038b3a1692865b926196594850807895523a851a993b77e49c911f840f28aaa42b4f427eead4e2a578d57b101bb4795aedcffc58212e0eaecadf503e3b208eeb72d53072caa44677d6667a0d22639db7aebc2f70ebb6
+TAG: fabbfe986fa42c58408b2f008c7fed482ae568cb39c938aa531e49a85ee71fced2cdd2ebe97a35295977ccef50433b41c511d424a47274599f3f2a28678a4936c1382d6a9f5d41b4266ded97a2fb11ce4e4df03f9e976675b9b35eafbbb399eb86a79a8023de822f8c0d83da5516766f141f83d8075a77e7c55e987cd181f02d8d6f7c90775bace579d25fa1a969e4dec07a5ddbef63c67b6d76bff54dbc7fb87f8af639c392a8a32bee35255e24cc63cea90445ddbbb75e4c594d6d1441e198720c2fb7674822e52d0298fe24c6e1602fec34038e62a55cdfb5d3fe6479fe6b02b5fe648792636e03213e402f02e2a3cad928996e4b1d2fecbd97ec5ebac5ea2f9c4989599648b0577a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 9aaf96b472ea76fd9ff4adf56dab5fe0400d18d6
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 16dcc5b6f25607f00d033fb95fb09e4d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: d934f61f94d2b0aef2b63668352d2af2db2e225d0c8dd86b8d7c901de7425dca2a0d2f3bae9dbaef4946d18ebc2d9f4cff5c268cfc80b89c35f7b1a3de12173f9377a7ad9b33751fc89390cea9b44e80423702a9848c6d2562d24838e3b0511b81a737a4b65fac394da45f62f1f3b2bfaf0b4f3f0c5ca5
+TAG: da6ed936480fd159c32347d94a17ae7bf9344d4bdb1bc0921d85456e9b48a2e2c24769bdda1cd6bed0b44e980873ec3c79b4346849366ca6d6a77e8b1091c6657a009691733da37706c0f480244ec0c7839648cd0eb63a28eaacdc8b60b1ab59f7d83bd142419a5a548df23f019e560c0c9a307b4c2498f69386eb13d4dcc64ca77c8f5f7c4b6e0c18a058eac72426ed4d541477e3a036b9a450af234670c94a4ceb7cd19c9ae113477431fc2ea30738a95c5753a4b8de9e0e4e1a0f7d52f67b2957a39ff1c6eef88bac3b927ab004d64f3522e0db7e80d27309b864996aa2bafe615139732cd492608cc128295132a4f40a70f8bfbb5b18b2fa45c55c87db39872bc5c1e3300f446f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: ac6871d354eac507556770d8b6bf10b5240273ed
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: dcc5b6f25607f00d033fb95fb09e4d00
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: 413d2c3fbc77845409ad66cc13432824ae4ae109379a9617e8b93d4f9b17fe0d0450476c3f98c229bf35e86fa792dceb4b3864761dd442c294e43b1cafe1fe086cd1ca5e1572fe2b3753c20a74b663b536f6e686d9765bafb10566f2b5cf02ee24e3dc69cb2be9392c991848b840418835603bdd83b2cf0f
+TAG: 5df250368694b1d3b11119d8c787df534fe4526eb31af32c9289b0eaa4e9455b5cd4a44c13a335857f67fd2662317e086c1a299d794830ca08ca99df1aa79c8f49589dab551cc6269129b731e4d560c7e330fea2aeb5f06eab87738bccaae53b9661a78f3f08986f454519097a6c43837931a56caafd581ae52343dcb71b98ee0b36cb7037a1eac81f308f292eca92ff2c13c3b807aadaffc832f43ed98c0cab6174639b1ec48f3e8e3736f7a20069aaddc2414f1edffba78bbbc04babfe6d6f1a5ae8f77931f78974edb257d2ea6d5440bd7c8f8283ac0e362e1959bc35bca6f257da511f456466be60ff7451887e5ff221f30547e586cc76e7bf76dade793565d733e5705bfcf5
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 050258d6ad6bec54f8bc48c7ba2d669d6416c11e
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: c5b6f25607f00d033fb95fb09e4d00d6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: fca448fd13c6877aa9fc299953dc631df8024cebe774bb14839821b05485c4a8f1345697b072342343f6a5479d99d5ba0ab29db7760b1e21b37969333473e6fd16bcc5b52e1d6472fee31034d515f66439f092341036a48d637ec84d22af8d1848843aa33e3b2059f7f90a0db47dc41d8af3b5cd76f4b36ec3
+TAG: 3071b853c877cc72cbec5c249fe76736e87793118f0890200b64cc9b91e26448b327dd87eb314c4c074af49091051b69122a2d13b8a7fc0b15a87e7e26b791ab3a74e399d429ef4e6ed69f2036e91909b11075ef19c6554f21b5b9b90fe20c9c633f71c666519774baaa12d8f819ddddbb592a99689ba34c44e59792da3d7750f4cfbfdad6e295a73ada8957eb9a7f7bbb4e8f82d4647bd41d5ca2a51cee58be3fcaf307382efec054d880b5866a38aa0dcc72911c9e9ff902ca3743873618b2b35c45cb32e496ac7c8c69c1818583ea5016a57f6e912859b1b1a22bd701113e6cbaac2a935a94cc3fa0b9d4c23ee573b0054eebaa3414c936aee6bd9782385d690c1eb570c5ed
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 70060f86c76e53512933c09deb5872eb23efad67
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: b6f25607f00d033fb95fb09e4d00d617
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: 8c5849a917c328d68cdf4fc279b29efb0c3c1921621276ca19206c9941a5789b0aba7283e743f94a6e4142f7febc9ad35df30daffeaa5cd0cffe0fa2e4cd5ceb687def585b2634774a01a3f00ce2ca9951fb910b4386bd0d61d1e292b2b225ac55000fdce10131ba163c97f810a2b350fc8a59348253549e0cbd
+TAG: 5beab8f1449d50a6e4a1a747fc2b9864cad962480673db6451ef7aa42b42e7f0edc3748a71df8ddb33d6f9bcc9024c7170bd7a5b81577f9594a87d90fe96a50a62d31c01368173aadd7dda6f7d4c413773649fa7e5aa0c3cbd0fc760666ce5d5ec5e4209c4eda0a8ba0d66e83ed3337067d8ecfb81d3d1c1bed7eceea2582f276c43fc15d5c2bf9d2558d3c3f4d8cdb8953d28b0221c70330c346640f1ea1acccba27466cc0ec3c14729a78f62c7537b1ca5e9f9bc74c4571be9b67f04533b1f8fa2f9232c216ecd81bd120197b558b2733d3d9bab706f67670327465722b2be2c6e3f2ee507620dce326f28400857cc28c697c9b10df0d093965c21ebc42f34d71963ca85db
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 58286fe273bf572a76a2725933dd969777c303c1
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: f25607f00d033fb95fb09e4d00d6172e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: d0076d9cc2f829a33a0b1972f6c0d8c67718a7593975798e0667135db3ce31b4d9bea98710909313a4a2af88bae720963ee738f26bde44b54dd5820992569e5d2eea000baf5de9e0f76dc8e0b93244a8474beb7e922a5f30a5b5977611594af25ed35aab12a61de68f215d73173fd38f586b8c509459a5f7587d43
+TAG: d8ffaeef22eb2181a48da72bbf57ba4562e3a1ebf9cd2a872f155fbadeb78c47e64ac6419fa1a9b1ce5a8e78e60ed1f8dcf02535613b959448f754b70d7159d2dd4814122b35418d4e554992b4789e04f018234c91de44b9de80f7ab406fb6fda6f086fc6b91ace53dffe012d703e71861d0b3ecab86a287a76857781254de544985ac5b11bedf29138500598f757ae295d8577ae7e597e9cd915d15124c7f1d9786f9666bc4b69eaa18e28227d87bdc8935e537d12360b53746ad0d7834ad830aa5307f69c3e4ff6e37ee6ba8937f75723ae4f64c2a04949b0db60c979fec6f485dd0cf14cacf5e8d0e624d9a8578e4028b8076a9cee1e5a0ba5b96e9f0f6e6ef98ae84a0
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: ae701e5c8672dfaf728bf0f43f5e5247ea9ac13a
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 5607f00d033fb95fb09e4d00d6172e78
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: 298f670117678bd139c60399dcab68bb0414829b458c747b0dda5dbd67f95fa393bfd2719f815a12a2b7c6b3e769b61ddb4651970b30451cee6166545d8e4c4554c8217898186dc02684c5025ee692e12130ab41ce75d79a4ba1a4dd02e0af581a645979c1a3c8c12f5b13e9c1113316eb31b8096b4eff1bf3f7ca10
+TAG: ee9c1cae63b819ff804cc5a34d59d17a76539b7850d5164ae8ab252633acc10145c2c71b1a10b0a87cf2db361c6aeeae533201457c5952feb347f739b3c236845a887fd0974b052a4e71cffaaddd1f00c64c47251ae446a5875e1e1854ca2c032b4e01dc995f35d901b60d042aabcaad3c08cbfd12567cc789408b6710d81b6b7c6067e02f263763d74bc039e0430bc1f3b4c01f95f54492a9c5b81b8d279266b378bccc9073bf1f1db1ddd964f9b6b7ac8771ffbb55d1ff9d973cff3d4eeffa277427e0cc41a4457ad6c2f035b1c0f93880aca55888cadabcccfc9dcf53dc3924a4c03a5a7bf8416bba76d8a362893193811ddcb02b0a9ccf2ffb6902d7e0c434cc489d720487f4664d60f210433b8f71d98666
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 4f498d0aa9205160827626ef80c163275eca1f78
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 07f00d033fb95fb09e4d00d6172e780a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: f72c519566632f89513f3f278407845ff8096a5b63929f0ea6009c3cae0dbd853662c4017ee5729eab92f2c475f0a45533de67d4b941d4b16c1964986d8f4a16cc12f02c28442ddf5790f321b3942cb65964587f3fe55ab28064c52ce3d3598d3431788ed2c26fe1b196abfd35afa0f7c8206a6bc71d61cc4e1a086c4c
+TAG: f8c75274342950e4893ca3b0e9fe95fa51343c628e1f04d9dd19ed928ef7af0a106b6bc6b70d0ebf552c0acc51b5af94dbb9f4fca444ed4eefff63e4746af9852d727d4465695b1113eda1becabbc56e2860b55b986d6122b93bb822865ab8bbf1409aef68cbe720befe0ebc6dbb639b3be391a161c2d9ed65a2898b3ea7cd993827aa8f2c60dd0d9e926cbffd8bbf6ac43fdbb61ff0024cdb9e668bd9980a39530a526c3c9cbbe1e4f46ae3e8229bc5e7c8b91855eae7a2aaa1b827d8b99ed19843aafb76cd361259c29dba7a02dfb40d9bd2d580aa12a6951f0f53ad5b283443c5bb8b4c9fcf569b30830d1844860256c18d753a8d80d1d0e8656623b1a06700fc513a7099590aa566d48eb6c078c4472d4f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 8c043825b2a3764e8a0cc35a011696fb3ed03c2b
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: f00d033fb95fb09e4d00d6172e780ab8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: bc6acdf0943ba34efbf9eb27fe9e968f23bc1d4f1eff7f86e836621422e7ad8e1adc03249475b6be8ec5d3e96e167af7e6b85ac87b5da2364b1e0d87d5c49d43ddea8e9b796580fc4fea7774f8210e4ec424aa029717937bf76b148e8af72e8badcc3f12dd259fd4dd9a325d81cfc7a193fb756b5d140fb703aaa6d71496
+TAG: cdbcd83191a554bf922180902fd060fcc63a8dc39a90ccbca9fbfeefe9a09a9da72c8782f6d3ccd9e2b5a80816eb5bb6919580a8ec186b8b1e388a561b6c931b22dfe62544456f7344f4c18c4823f167b2ebb8a93e3edb8181f358e66db5a3966eae5e893e76b16e8bd5da922720f754bdb6edf3496b62d79b14f00f24c1b30ec6ea16d88cac2b336f2bd057e68d6075907de3c9e7434da017d8bc5348ad79ec14182e07fc70f4e33ca2aaa2216d29aaf4dffb583c1b5159eedd66a2515127c3db358c1ccd89da4cefaf75a6eb5a8a80396ffcef783973f552645885e20b91dc0cf4485e94d943ea4bff3704a4bd2e23388090fb7ff707cf80b0c71f6d4560b3be71edab2e0b8d5ded1998f3b1df51225495
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: f3a432271c9be858725fd024071c4f479ca9a971
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 0d033fb95fb09e4d00d6172e780ab8b7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: 0e87c57c18fdc439c968a9dab086c88271be6dd00843879ae1563e4ed03d69f9fa09a29c1bf99b1c859323eb8452acb2f808f051669bb5e097e23b947369b5a0577157995d729a75ae7a65e293acace3124a8aec53328439e5f2103fc3a236728682fc129a5b0e203bd730303fdd23962d6ea7a35aae3691f6721dafdf18fa
+TAG: d7453e8aea805b4c95ed51f1033b386cfd74fef1c205d51fe351ec3b1a3bb2e2b7debd8b20c688f4c516a61fbaa690eb635fe2974a71f45d1b4e2fdf3be4724c3eacadbc6d295ea9b6f53c249783f35898ee4818a67ce5b002f17a48199c779b17482ddf5448b6186cd979dea3d9c7b0ae3f106c4b90c960dd8899a67e9f18767b49497519c86c0b391098192299e4f85862d150bb3e439f05fc9f937c888c4f40684c25018fae0c6fedee92fc0035d073f3704f61d93e7e321a19512561676a216127e6a716d1f5ea43b67dcfaa1ffde7380c066efdc8acba10f2e790d4839419dbed3d89634ae785f7aa3ace1fa1720757066f4b75b883c0ed592b8cba79a400d5e442e23716a7a13c252a7ce156e219
 TAG_LEN: 20
 NO_SEAL: 01
 

crypto/cipher_extra/test/aes_128_cbc_sha256_tls_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 32
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: 3519ab2b2943d2a50996628f6c26bea29f84c95af4c128cc3af012bb358ee9f7
-KEY: 481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
-NONCE: c55b436965aabe477e0cdd46be99371e
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8
-AD: afa22993a340b9b3c589c7
-CT: 7265eea4b391d880c6bc72d3282f663e5551c0a71ca35898047362694ee8f271
-TAG: 713c1f8817ca022f454f0c6c7d6efea46b86d79baaa4341843404a416f301640d175a628c7a80fdf1b37d1958b76888c69e42404a406005a31f52a59c308729063c6512864cf59608e45639630c5711ced56adf09840c4aa1d1c195b5f9fca08e6631ee9817a4792012dde00b4fb3bed7bfdd6dbdf6bfe82fab5f8406f783874b2a56607bffa361d773c9a7e5c0dc945e7a2dbfaaa5797551685a4700f6ab397c906630ac018704ad0e8697498fb9c1d5b843d808a5cf3c28015e5021dbea15f548745ed8c38ac250632efc66d0fe0f619b942fa90a41fefc779c8710c83ba586ed6ecbdb5b281003c93846299c86d09c7cf88bcfe76c5ffb1512ae5db71c1cc42bfbc03e6f3dd17b160e4b5696b2741786d5ae3f934e9d6ce0a4c372bf876cb
+# Test with maximal padding (0 mod 64).
+# DIGEST: 6d9cc64eaa0b3c7482d8431bff6d24c9bec634ef6459d873af4ff97756c9fe46
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+NONCE: 3541a11be112a72933c7b54ed4fad0be
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: 694868cf990a1b8ef42fcb2b45cabf1bd78eee4b429c11b27a827762b9c319bc54a2b2c8eb2ac85063ef8ac7da8bc35b16c0a98822981dc9b246381780da7833
+TAG: 47a2e2e74bed25960a83686013e0e10c057acc81e21d44bbc7abdb4e4dce746127f3e700bf3dc7183e6e9c2ab3a205b00ddbb0404fde852f7c0525e17c036dc56c7646344100e379a765bdf5bf776b957982befdfbf21276841df2c4dff60858e495f63b7760166c9a6da21092b58eb9eefdcae0332e291003a5d21b4ea897d0fc61d4e4eb6d2182a05a0d6aaf1ac924dff58d9618cf3dec05283788796c5126850db94de1625c6081da29969720a9fddb7186e6e1dc7ab1ad0e684118847762c25f820585720138651e08468229533a3ff3f1ddfd15fdc301318c603f49946548eed95d29d38c82fffd73f0c9df69116c056d959ce9198788ceba78cf4ee0fd890f6d72b59b9702c0ffbcab82674b688afe0348d58d700a83ad10704d004bc7
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: bb57bd76fe5f29b96ee3f2d62d8f3c4d1c8c986c0991382834046dc907fe1ea7
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+NONCE: 41a11be112a72933c7b54ed4fad0be90
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: f2e78e183884c99ad7f199a02d87a1026c832b9a953919a98c2487bd0d724be407994fcce9e19b5a69f15ceef5d3b95c79d5fffede18a143cdfade5c0f80254c99
+TAG: 24e9ae181761a00bf1d1af920bdde00d9e1ef046fd7f5b8af753a3c9da8fc14b00a5fe6bed0baa8e378f49d1874619e01567d914656397ac8c4e3c098211e08c6551183515a2c2c08d485a9387737568a22d5209de3084020da27f64abdac4451536baf006228325093a5d92210f9134bf2600bd6349b152504a2b2fa69a2ce1dd25852e4f57d0c7319862f5c4b663503aa3465c4b8696dbf853178f64b1f8f348e7fb7c423c05038a49bd0ca5363a5db1ae7dcc144a13edfba63a6ebe2a7df15eb313bc7e8b5372bd1a309ec41cdb78023c383a98c903ec28816cbe95b1a0696897b9d4afc9d4f22eece3094e473c94aad55f7041a499dcb0f7d99dfc101c313dd5c651ae01968899f152e77f8aead394faad8c545dc77ff89bcfe11bf32e
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: b09802c727f0f85cb590791372c52bfdc2e69de36b9695daaf7a93d2fcf56fda
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+NONCE: a11be112a72933c7b54ed4fad0be905d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: c7de96bb45663dfe6da2a64ffc9ddfa7c3dc63077079bd4bc2ce52fea89924a75664782a5026fb5a099ec460eb9c6d7c3d5ea383092c8f4c67a70fc499a7689bf10f
+TAG: 8ce29a56849f32a829c3e62c81f74a4e2c37206dca2fa9f736f65a2fb378849d181c06874de6db0158e629661ff7ec5b157cf8bcaf5dfe015c0c4168f9b3acb55388eb2a5d5bb7503ce5b8a03320f4799522669bfdfea3d97b9c960dbe3bff25d58b660785eb0ac73f5b2a18b7fba4b7369824ec18f7c79482a5ae6ee52f563dbe1637664a3081dc7e682408f473413c87d58cf384bf569fb41b6172b7d85f43ac06709d77f270659267561a0f15f7486dd61ee840195132997846c4614d0c2a9a03ef0f4a8de1d7ab6417180f184510452539270ebbfd4b13627734a183d8f5480db12077f6044066d4cb321d67caf4da996704b2ca40411222b541c84241ad7bc0c5835345e29c70b881ff77a8a20c3cfedc30df1b913c9fb722665de4
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 13588ebf114df38b7b59f890dffab8b1a4c85f090c3f4a0e508603ecd34f78f4
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+NONCE: 1be112a72933c7b54ed4fad0be905d41
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: 3a77c0f70f9044fb3817d57be4f4e5ee4b27ffa586327f77c18346f9fef2608a552b551ac549f9e8d47c4959196162862fe2a35e44581971c2974d4a65a47ae7b8900e
+TAG: 3f71cd59844c0498f849d2c2bda9945a2b33db723ea572de20a8e6df9b2721f4c065f00d66a6c69621cf6131a4fd5d712f14bdb226e66e494c97e096aa7d5f4c9e8e83f87a7a5f997b33cc3b6527d9a441375c859fb3ef82ddc78f86eb28cc883c528698ef592919e702b3a290d1137d995a91d0eb1e1da9688eb168ff7dfcb443d655b8336de2286b9fecd446d05398f1e25834968ed5d00cb3f3e3bb8612a17bbf958d516cd18b637f9b8b3082acdd32e87950539f08565e7db8321d6d84ac2d990cd183210a2c6309b30e944bcdbe9b17002b60c4fefb6047cceb6d89a1ed947c549addb0e528c3d525f85d3ef43f0abdb2d5d2043b7ff2457392460f28c1cad181b76c9ec6f4aa9c5843e792f4e9597ea0cdda36da0ff3e2090b8d
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 25c98c13e308408c882677b48f3a49a53b500146eadf5bbc0f5a240ab6ccbfb8
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+NONCE: e112a72933c7b54ed4fad0be905d4120
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: f2f3a3d985eb38c406bb0db0d141188c680656db8a4484abad2c8973267e14458e2be7cb52f06ee2a0f68eaced13db714296319b2b3557454f5e9cb47e8943ea91e0de64
+TAG: d54b96ed058f5c69779994d8e841d4fd61470531e8fb5e7a6a85eb99d4676a8b2be1c11b27657f4fb0555b32c96c34d7f76212d8304029616998b4aba7b56dc29630a8e7602580c078966a56ad0dc188e347e37d819eab39cdbb2c44edec032eda568e87eb8851f6a6bb3275527430fd6b56ae80ee20be664cb8e11a7ac66365c48a06c2cbc7524f39f3e5931af206e412a39fe9acd7e6a938c26d71916b0f5d9c9c4ed3179eeb581a8ccedc626b60cf04b7e04d4ed61c009b29c839c66bf3edf7becf8403bf032190644030b93f559ef11316747d0ba898473977e377789a161c9b0682aba91120065d250bec31113f21cab32b0e4b0d1ad4295fe650728322453e4279eec0c7830b8e4acc92f3fb1916e069c69d37794ea3017235
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 3fb8ba4df90f52332bc7a20df805fe903351279e0424c232365cfc4e62982296
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be1
+NONCE: 12a72933c7b54ed4fad0be905d41203f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 02fd26e7b51a1bc6ab6735045d2e42fdd1f31adba98ed5f8b3e89450853104633abf6cbb70ecfba2f5b39dc06f419746abae4a51d33829bb04140275021d183bfc990d727c
+TAG: 6e129a3a1de6045a9ffe8faed80494aed9d21635c29cd38c7d410a8ee0b690be4d7ece4de27862281e26b7a7f2660ddc18b33bdbbaeedcf68e068cae4a4cc9be126c66dfa14059adfcf4215e9316bba088ebee16a1532277b90dba74eb853c5ff5e844ffded2fd2f8b243496172cd1247618239fceb1432e6e2a8188145753b4e66275bc00d418d6782167b943b78a40816365ac7d49b5d8833046f032732e0a134202c5555f5b43434aced634b6e7fd0dc3b3bef955800822be1802392a424e8ec250dc1a223cb58393b49270f1b97f3021f9aa9d9f4980c3512e1fc297fb963d41d242000867c2873792b0211750688d6047e599ce1a390bf039a6061740d735fbdfa0e3b5905e1b24e9e4336a3f91433c0ee3dedade34c05285
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 23f13497afad98ac65bd2a1642935ff7185a839a672fd94b18279ff92202a3b7
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112
+NONCE: a72933c7b54ed4fad0be905d41203f5d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: b2fe392acc286bdc73cac1aee34ecb3a3e3ae2ccdb065618e3c4a17f2b2668a2c11108b0bf8a8ffe20800a698e73c9b6ed4b0da61bf6fc22c33c75439445061ebc8b6fccb4ec
+TAG: 738a07f02a376df628555d3755a9a76ca66cb12c6899bd77f49af1cc8b266b8a19ebf74d4b31c73ddcaab06e43eddbc931e35fece138f112e3c1eaf94d0eb568988fddb8b0c34f067d72bf6748b5f929cfb06b793df87a5fe17924df4841f98024e9b0ec1563244265a13896cd60cd1ca8c6818098d06470db3d9f7c873f33e3ca913a9238b7344a6eaaaf4c152ced9f5c9d20de930aeea453381ce7bda0f89804799e439dab022934742d0f36a61538973e98006d5f576900e0429a7ca68c0388895e05672949e5e4d1978381a9486002b7c3bcc39c4b07a8a4c6bcc502ff2afdaf29a77099c520a1a8517824dc724683e3866841de80030af402ab282cf27c1c749256ed40451bc91bd2be4d768df1718fc1ec481761000a4b
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: fc71e48cdc62c15988a84f32ad60aa760b5766c892e559fa1ebd882a587ce590
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a7
+NONCE: 2933c7b54ed4fad0be905d41203f5dce
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: 8780167385b8856be346b71b042332368067d5d9420b3793fe94bc1ba92991756523c7a8e0114af8fa7296ffef8fae01796b47edea43bdcaa8832a08e823c45c3608580249eb9d
+TAG: 049a09e2d5e6ba8673f1963aa2d64759b4cc8d4b3583b103dfbb7595289478f13762fbcb464bc64b1b7704e3f72390ec2c9644496616c4b119b880e4a04a47b15a9c490df71c27c4dd47b3f2f46cd1cdbd2afdb87c33ec9af66a50f4757c0b9d0ed4776af0acae1951393c1ef95597f32057ceb35fb61ab2f34ccda4cf9fe81c7aa8ee4b5b01609460b2fe156478d1585d2a118acfae5f401761310f7d8b48973b5b8f3abd0b2b512aafc8e5251133054d8e0a197ba95f5900307a7f9c23e1a859e0e11091499030d7b51b410f4602239a278bd363185e6c7a1a31bf6aac78e2687a5aa4151a636bf7ac6bd89c668ef466d1cc4aae653736d296e4b6d9fc4c9f9e5f9ab51699317af018a009fa5718fa288c3618fec1e0fa63
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: ff4f42d72ae561abda38963a2713bb743038589bc2d7efa0f3fab298630b9c02
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a729
+NONCE: 33c7b54ed4fad0be905d41203f5dce99
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 2cd2031084f8742da110ab5d8f7290828857c867b38427c3f53be0dbe2cc94527d2f0aee90a38dee77c0ce115ef650b2ae65094e99ac9bf6da89e5440c1bb4f8021520429171362a
+TAG: f3966d82808723b2398186d45098794ab366631d753a69f949c63dfec5c8d5222dc8765088fd387fea234286771a2228c05dbbfb73ce4a403c5e90a790e34fc677d685c9a7dcb6d8173956865e6c48394e4d95284d2e02c162de3ba4cd09516a321be8e07c8836408a76abf8edcbe767053488d6b07974b92d84934ec5b82856a65e6938620f4a6f346d654e3bd5255f3ca3fc5ee91dcc851b62d7dbe4f050e1fd65c6350ddb07314b7b05c00416f4a4787c82bc1dc6c7b25b4407c5bb67f32f5fb39c77c47782694e7c6086bfe6a6e873d7ba9c4c93a9e192b3e9c9ab47a91ef652021434ec1dafe189d5b427602c5694698d64549b7f734bcb0482c25267c2dbb985110e40834d536feb2491828b748feca9907d687ec9
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: f4f7f147b43ea50a1f5a4f19c093ef917d3b92b46e5798e18b5294b0a0fef814
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933
+NONCE: c7b54ed4fad0be905d41203f5dce998f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: cea9c7528706d506d75cf085c8475c081ee8c6145ca11610b73eb3e103a706faa66062f8edc10abaa7c3edb3fcaf43c202c4812e768fececaa04564414f45816a4138e4d35d7768b07
+TAG: a61a67eb499525e4456b9853222c9612b7663dc3cd83aa9d78e680963fe2e1e23e69cacfba013e03c50b477b20df9ade41621e48c7ced451b4acc5d002f325bc19a237c327dd5d0f0af14e8cc60dcb8001d6d40c9b49d760e6135bd7a3a8ff9e313814ffadc6a5e6c285ee470fd05599465950c5887f9d7b4a1d1a7e80f8c5c76b41f51f403fa10b5140bbb68b2d7f3d2e19035357118ab72f327927ab75b369db9b426c176b937fc3fc92cb02f383aa069e07a223522fb7118a8440aef9ffa44da7a7c880b8513135e4b54f8fcd53ea1e6be7fdc2e7924ce529c846e67ad9460acb86ddfa938cd482d4216315806d45f658586006aca019fe6e2dd3453df00ae296beeb96a751dd29ef350e6da085059a8d70a5793abc
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: c48f43e4386dbf727ca93d57b5b2a4ccd8e1f27b201db03000660078b773faf7
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7
+NONCE: b54ed4fad0be905d41203f5dce998f8f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: e967973079db00d2257d84817ff4c5faaf98024ac7eb71d22af3cbb92a001a558f5cce2e8c293d6dc2a968f69cb2731bf65954affbfdef4085123aa06baf0d80d7c80645d2d0f528a374
+TAG: 00a4282530b0993737f2b1b3464cd5545fe2ada974f00d11f5737f9a165229c23b8f5cd13a9bb1d7d909b78b8101ba0d7903a427c076282f9fab0ad68598779d22bb0f9001c2a108d43bc4fef5e75147f7195cf4ad831d27d6e54adad6031985af12a41de780a1661764d87aacac5a94489c6639a655dc9682646e32d93dd2c0a8bf0a525908760a715cbc3aa5596bb641bc6cd8cb16b4195f66046ae3f19dfebd1a3e2bda23e00ac4055b0176be89ae987badb83291c4acf781855946c1b445efa542ec97fd4c9aea02a474e3d8eae50893fc827e4c44b4f5f18e773013b37e66dd7f4874b399f765f6f41a81e0407169ee1fb93b15a43a5d3b9538a9acbed534628bb961f2d02a2b55570bfa4fa98bc69298acafee
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: 4fb8d7ccd762998c343aef821e49cf91783d15669105b725eb1123ddc16ea445
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b5
+NONCE: 4ed4fad0be905d41203f5dce998f8fb2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: df01c1a140da0e422919c0d34b231fa3cd767766fb35f8d78d715c44b9003e42cca112fa1543d74ac05e00da9b5740c03b5c4d1e558ceb8629adf3adb1771e6e8cfde8edcdcd8de584ef28
+TAG: 520d6becaa190f3c1fbf6165ff2c4e7b62b8281cc4e77c542a88354baaf8d75b6d1f15ee26340a58c9e2fdbbc5864c307d35f7866a67b3db37998fc20eebb5c83270f7eb7d53c9352ab4c6f59cecb74d53e5751c6da3dc2a09dd90e3c55a0651ce4bf433da143527cb751a6c5fd97c7cd8dc4eb7d90f2f1919e975933468573924c9d1f0cb36d5da802cbb3916aa6f7264a22883792bbdd24e480e8d9adf44486efbde47afb91dc1131bbf2b0568ae91c92022f72185244b9fcf545449e5c197cc77a8dc4485e46daf3d9f84d3dd3facd793f0a2a9cb0f03395b8a23537efc0f922e51e5a43ecd0d3d4256851271f77c235718e4b444e12cf7bfb10a7a4354de62d1c62a2e3dcc687d40ab4ee6f0dd7a20fb32ebd7
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: 756ef874fe4546df371e012dc34660cebd6321b67dac201988cc72e48917d7b0
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54e
+NONCE: d4fad0be905d41203f5dce998f8fb2ea
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: 889ed4c7bd5455821c5b95a67a277a197140816784e820ad8e126b3d3f0ddaca73e3eede78c1c1d3ff5c2a98c0cadd644393b7e3c2273aea2be1c6fd20374b710b88bf2700f8b4c556698aea
+TAG: 7dc1a08e3e948acb236f2dd5644ba6d8646ce8bbfb98b658807f6fdfd4e406be67b7a0ff9fe9868e013b7e3eee72aeef4ed6954047521046354c5e665fbaaad517d35fd7e633c1fae894aa36033dd2825506a3be826172b79ba6c1adc63533edd7e8b21ea9178e7ae9e191dd597ebf83a760862718200d4a23235c7460e48d415faa2426f0ec7edcbb0cbbb9ad15ce8580aad6d1934cf1549876d2bfd10710bf367796473fcd5b36189a32950a5fdbe582975860f289ad1da75c3bf72ff8e7627a736b7e0e123009dc47ca15dfa4eabb590825b2e584fc78262822758246549e3f7d436a2df974f0ec5a00eae4d9a5bdda4a9f815ae980d70befe63962b14870d1e72088fb410edb5f2b2dbe137e03702be94233
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 01fbec0db232a15b4f3e02a14f412e296a0f2c7bbc539ea1e5e835206e197929
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4
+NONCE: fad0be905d41203f5dce998f8fb2eaad
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: 13833f78c9383bb4455972d6e7d8f22597e65de7dd01afa28fd99f9734366c522bcaef59c41487d84b3f84c1e0b7e5ff6de84206f54d5ae80ce80fe3cb68ea4eb40914e915f36730b911427c6b
+TAG: da212acc6ab53e49e8e5d773c0f7911de1d9ff05c2cce077c77690af36bdb44c936d3ebaca584f7b4e08c43be26bc0adb9765fa984e8da7ba51a4b88a3da3fd8077ed5adba4b12da076d97c3016c05441baa10e28120aa1f023e52c558d6f4197be54313706f890d036b6dd3837c86a70ec9a8f035a0d339df73a50374c3530740b4d158efa875b57295366f21c81a3d8403d278cd04d0c74df93f01655d1e223f0151f098dd30f72a8b8cfe1fca085d482232633e23a813a796ddff3c314c706ccfc6ca9aae43d83cbbbd8fab795e98475fd2c818e74a1bb8436d190d45307d2e7909ce8fc2d94a6cb91fd13cff020e561e89661416c19ec958de8f8db7a32a5117c37af975b3023562a5d7e768aa7aa306e3
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c49af18a935082656e153daa62270e736e336727424bf48be78da0b7dced9de0
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fa
+NONCE: d0be905d41203f5dce998f8fb2eaad40
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: 03065bb245ba12ab90903bc081198fdfe45d7d3c6fa3b1f76bde831917376ec2a5b2ac2cf629de6bd3f23025b678ea9cc3bd7801f5510b58432a8bc17999304f7b183e9404a235f1e0db578d53e4
+TAG: 5f62471a66673b5967f2ee748d4f8c0e50c1a7bae064fabfaae832a53d4b18eebeb1eaa8cdaed0967900f46ba0f66ae9e8492a4cdc4feedc7d6c1176404d4d9eebb4d0c474ae07d008ef2e8e4dce39dddac3f4b759a34ce37d8908ff16825e3ccbcc84b6fd6276fd72ca4d4479f6c586253e4f8997cb76c66bc3e5b3151be6914454f176c3386a029b2e254dc73b9d5237f5a9abd1aea0cae50fb9c87f6493f5fb8e02d12bdbbd2709690ee6bc8466ae98fec44d8f39082a1d2187647ece97fc95816121e0152677cde571f678a594c18de4dd8b4bbf0dbf4faf5da7c00b81451d728e87bf4607866b342808bf0130a3e516e87cca43a6f4737da23261d5382fde1b2c2e011380177c47ba4101a8503dfcf8
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 8d6f1fdc3d60175573775cc289d7436b88d10dfa029e90e10e513c8e739666c4
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0
+NONCE: be905d41203f5dce998f8fb2eaad409a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: 04c76011b9c4cc8ff18038d36a8c8b91debc8d0929ec173cfa5450f434308234e6a368f17a04ec0556dcf5ace0efb5ab51956d0daec5c530129aaa78309c3d0a2a48687f6dd146c94ef9bd1b755db8
+TAG: bf249369d0e07ecf93c9d4bbf7564d81140741bc564ace2852b680e2504bacaf181e1379810b5283a7aa4f24e2c70f956658d0e02e4199e78da1dccf480e3f8095ce3e273985c31de6f14f57b5a934a1a9eeb443164d176ca4fc0e9eaf09fad485a380a6d654073d08c17f26883b1d5e02fdca8406dca07a97cda68b400e5c0fce90ebd82ad9fe285769da0492ef30dfb13110c5c9146cd530ef0d757bc2b14e97ff983c931fb1cf2d64bbe5f9feceb7baf68bd13f8de5b4dda756acf7c9922809927df5ddf53f46288387d38afdb803a86fdf86e0f0f431cbeaa626aca0b942ed46fca72d7710cf7e0b466f88c913d04cd140037767cd7d1fb0a8dcc943ac5eb10c8d65d1bf00c6ccdd5db219db74f3bf
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 11a40304bc276c51e2e7d8e3fa16f905bf050f3861586be68ca4257b1e6cc566
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be
+NONCE: 905d41203f5dce998f8fb2eaad409ae0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: 5d9af50991ea21f041a766d8d9036073eeb0ac083b8069619ee50c64c661bad73a9e2ca7f8b49ad9df79e47b49ca3c8ea9dc254854f116a49959c91481ba96463521bfdb74902a4b454d2c6af72d1301
+TAG: 19c6ef896aa751a22b3504609e8f4497a4987ec3469fa6578e271d77e8d15a2eda3e8db8b6b00b40def47a16dfcd41c95ef6e2a650aac71031b4b2733ffef47d1d68c79b2f6962874727ef36613f0461f4b1a4db9f30121d7656b53c2e31285b0e4049b5ec8db3d813e9c1b66c7143813a65ad18618dbb0dbab39e12fbafc6b26a0f034311fdfdb1181117ecdd42cc2964f759b224c455fb5b69ccc25ec0831ee24a84c51985bebe23c238b48ab7cde07b3fc79f70fce2e514ccd2a5c91227824a58ff0e9f15226ef30b55510f870e6f75de34ac0deabbde13536075cf72c5c09d51264f29145f47163069edc421c9b818ce727283a09d7bd415bdc6201e632781b58eb8a9a519520b9ad994cc6524b464a6d719917a6691f6b1537a6b363aca
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: da3fd1aaca630fe609395b45a44384c57f779505188c8b12391b9f34de17dbf5
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be90
+NONCE: 5d41203f5dce998f8fb2eaad409ae021
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: 182dc2f9f412f305a8fa4813e8c8eb7a41f9708efb516fe3feaa6ae94c89b4437cbdba7c738fb97ef9739ed94d988bd60af5359194d2b5f8a48e3f5482c3be294ae65ce803e21acdee157d436188980bcc
+TAG: 35fa57f8dc3b68320462a41feb88654d838d684efa009c9cf0e68c79991045ab69baa6d662824d50fb589690b54edd144466b8d7332430da1bb53ccc0d3a640ff8eef6cb0d46c6faaaf81e9479fc2199ef1bb2256754c392aad96a5d702a269ab2e07cab5a2ec93d4c29cc64aa269c4d68dd7c54b1bb20aa4fb0475193e97a7ba0acfa719eb00a8651b64f57924e24af34cd9b369d062ec327dcaaf1cedddf11c3bfa578215cf8e9f958e63f0ae8e59ee783cd11d0c3637b91bcfa083a60551987fd6b225dbb502a700a94e01888b871b274e1b73f2b9db05a504cf420f47c51e5b235aa4d9a2c180db3687b021d506c96f4697b4ab510f3fe54d5c07f0b30f5eeda6dc542114f2d16be454b1a186ee6ee6aed6f8a07043527475b7df6cf5d
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 2ea803a4525d24849aeda1b0adb81676b32d99c42bcd0011932085424a0a8078
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d
+NONCE: 41203f5dce998f8fb2eaad409ae02116
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: 0990f57d9a7e9b64bcee741e158eb5749e9d7b34d43c6429754689d87fc45daaa618fc62d3dc111e5a1a7a06b2b14c5b0f3e2e463085e80da6ce4a6f7815cbf871376c8c87a36555b8a74e0a14421e1eed77
+TAG: 52730d53e2849fa94025fecd80e64e2a9a0a5f88a6a88890754dccbaa84c2b4ae10825a15f389490cc8f87de08cf0f4f82ae824b4fbd9f016dee50b5d586b7e03cef258754a6a82550cb26177a83f9e7bbe0b3b17d60a7a89929b2451a79032f6a200f645c6c53838a2debb81f756a2a37ced064c673291591e29ea62bea505cd612e3ec55f0db630a2e7ac545b68e64cac59b639e1b80df1d3cd98a0e00865958b64a9bc1dbd0897fc5d6187989ceb766e71cdaa0de7df0ca36100b2541b5faf97092d6309ff4dbcc896dd5e08102fabb76042b8329a0691e571ced8da3cff1a6aeea3faf00197c4e0bfc57bebb1e2f8896fe71dfefff6032bb7459686e2d4828c19b8105ad6622328c5bbe8da11cf0087aca05686e53b432fec4d4c065
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: 6802d4c044d85fe270b3761ec10ae5cb4b912a565e00cafc8eab935935523126
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41
+NONCE: 203f5dce998f8fb2eaad409ae0211641
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 8d7999ec7a80e528bd6a8d2a9724930c93ee5cbb0c888d9b7c79d2449e638c03f3143f1927a1b261d66ff55bdeb7ff6616da99a2155f465d7c91f54963e7cbda7b61529381204ba43c9681260799ce66f7b8e9
+TAG: e3d5c0e2427d0f24ce9199efae32408cf0a22b62e59aee3bae992b397aeff675d4e723c7ca2f0671f95cec68a21be86389508910ceceb13f6b6004e965656783fd2ffa6881a96bce6e3cdd80adfd6eaf7c57c836743a1b486979046c9c7d8ece2b871ad5c9c4c3401a467d7c0ea30fc90bb8be5cc35a1566120ac14eaad9a5c99f944be06eca9d473ce82125dbf4f7e3b0add283ae31098e26c94a6daa6f406c273ce3d91b801cbbe09731a8eac4ba38c6bb571f103a3557094a2a3b3477c4c3538e04957fc3afdb3cf7cb649bd6b6134c138da9e33c4677236244951898daa22fbd07f94b9b7091672ac0f6dca513de86186e102a51f59d6b96c80d64844e160b34c4f98248196130ec0965e6fa02d988f83f016b35e8681b4f8dfe39
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: d159516557052899ecffe8072d2cdb753939d812db2f8861e3ba7a837f0fe29e
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
+NONCE: 3f5dce998f8fb2eaad409ae02116417d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: c3e61ff897b490847e6539236d2e3b208baca2e83347b7ea2ac714f65a409638e59a5dce5c3a4109e6d6cdb8a232f5f8a2577101f9fb53aa50918f924c1a5361ef98d6672258b4adb37ca5f30d22893dcf6d0349
+TAG: d81126eaf7e4e4d12f66810696ea8a7b26806b688ad1f8863427879fc31407a2d8ddaccd00bf3351c267e14263d0c138716277e47eb31d93204bf1020db38af84802b1f17110073ed04748b367d06fee5336a98866d3e1bfbd259bbedea78129beb3e446e9c451ae9b905eb1f19517c4d15e9ba3e9fade980131899178a0b29e6c35a81ce9701a59880b3cd925738302bb1495c0ddda69ee1aba582ed158df2ea84b75abf60d389050a25e7eed1b3cf36e0b04756f67819d21776c33ccd802ce04aeb57881f92ce940303971a2d02a800b8557b08805f055a299c2870789f5a2a1f38f9187be63d7e3e3a7af804d334319a79d9fea40684d9b03059800502c5e92dd0cce30de11d89e8d2c816589d440fa1fdb0e4cccc57c1511ef60
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: 8b4c76888085f1030618cca2b0ef708b79b68fbe879c266adab2211c35baebae
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 5dce998f8fb2eaad409ae02116417dae
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: 1944f256989b6acd7dc7c334d10ce71d9f2980cdb6adb03784061096955a3e10efe7cbf1c0aa1caab97cdeee4d08a8ff34d68e1b53a0df58e79a4c1d5d9b7eadb2430c0b8049b6c43a848fbc5e5feaf18e45691b7c
+TAG: 7d89642640d19b0427d5d948adada9000755d3703a092201740a80074c1c4489d2edc363654e721de3c3d5a5ec5ae16bbc8534c23dd037989fa7d816e3c0030adeb88f4a36b8257732f33f2d58391b88a06e2d50055ccd71080922524c02c371713a755cf0636f7c6d5a9fa2edb366773e519125a3ae46ec1369416c028fc00570d5bb80882fba31792d42d3247d669c8b704f765125246f38d1dc1504b22d361055bc79a3195ce4cdff14a16008c1c6e7a5ee1a67f95dbe7ca08fded965ede2a0367eb13670c877685aefcbd7d7a9162b3c69f5d59ce3ff9dea4db78a0abc6eafa1c45666564d8fe1648b20b3a5ca8c19acae4ca514b79554c4c3eab74fb18ed41e061e6b4e83395f54eeb0863db3ed0b6509f7c9920d110d23aa
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: c93f922285c3abf65fd70f22abd7ef859a392a9db0a979acbc99563829e3fd77
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: ce998f8fb2eaad409ae02116417dae0c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: a850ddac6117f7b13e15c17621fc7c99f2276ed7337cde87ada287814150f8b3f3e8ba7108a1237fa6a9ddcebb07c234660ec93b8279bb4614be85c5973603568e885f5f8ea102d0621b5ba77fc58af4d6df034ac59f
+TAG: ca216ce4ab900dc62f66dd21c314cbfb3a6512cc74ae3f46f3e8209bb2753d7559ea3ebb553eb57215fdeabe9fd10b001893ba2c92d3a9f7171c0b86427a416d137b239bb2d8ecfda6d6ce01bd8862079c32eef3c932bdb49fcb1b9940a9d4399630865834050f1d81635f894547420421d606729105123c49d6d34e267a7e8e9e27c85b048a1f83b5c0257cc4c111851457b431c5cbfc5302fb1c459f7f7e339f9e11a91c36df1ae2faa0d5528b80eb38adcf7de3bc1cb5e0cd066a67d2184950531a36331117f94166ead4c630425d22fdfd94abe4e7170f17c7247aa8d2f4872d7fc74cecd40ad4d5f3ae8895874d15cc7bf203196c6e9e8a515d8e4c70073eadeff727e57514d85e1b914c12229afbfd69f450aec61247f5
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: fecc2d68e7e0874de9d063a889b18ca83d3d5908aae064db20d723a8da1b3978
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 998f8fb2eaad409ae02116417dae0cef
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: 0cc80c78b73b1bd898c6af38846d32837ed0712ab7cc48b01c6dd831f37237ca7634c90aba35b35da59b60aff8e6b9a622f5a481c98c03fc76c1375e4602e96c08a465f3085ec86b0a8e1ce8757df76193de2a06ccbc63
+TAG: 9e4eb28cbb60fefd301f975e22d687098d06727b3b730599f3824abb3965911cd2ad9bd4fc70be6b62147b968aec7f591646066edde324140591632130cd71d7555c0fe87dded42808a41460cc45b27012d0d8e16ef8704102be8d788db90e1cf260a7a774192a850979a25ebdbc723a3af5c13aa7c5c86ff91412307e0755240f82fadefc1f23dc57c5f703346b5d8bb2d2811eb07dbaac1abd456b2864ab652059c54a5bc74643509ba0dc0778a946f5e40e5fb955468ad4f30365bc2ba0e42f6af17bb562fef2ce63a881077762c722c840bc7ac7faac11984c0a77283bb2b2984042456873e6e368f9139b5c50b424c97cb8b6dee50881be33b96decad3c2b5aa9298f334b85c0de683c037447a5036dc282f8b42aa214
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: a182bceec087418714d31fdad208a5d5c578fa8917a754e0b0527364378afa81
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 8f8fb2eaad409ae02116417dae0cef45
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: ad918e7428ca106cf043d6626772cd45ce998f32fea28c3253fd58f0fcc191bb4cd250b5dc6a7b352bb2aaa66601e280576fa60ad8c3aa58742462955fd7f33ddbbb5036128617c1fc3bfdf83100dfddcbde1814d15ffe81
+TAG: 946a6de726a9f45f40fae17258b38b3f16fb8d288b876bd59255ed61091e270f16d6cb7f140fdd72fa1c45991180c1be805db33e7ddf3db5f928d533d182e49a178ffcd6f119bdc6400343697c2e6da7221fe849ef9ba1e2b68343965526c889377be4e60d3c46b6a997497c85c9cdf2931babc76b0da50fcc7e49bab9fc1dc42eb27ff4d09cd7c5d2ef558b5e5d2a0c0ba8a31bc7b25f32f08aa27542c59c1d7593f6db75dd12c7d3e12e45d76345337af9168ef03d8eb86581b651e61889fe3fcbaac6e925a99b17e4d414bd2401695c562b0229d168c65f52c3f11fbc6d817a3b691217090dd9f1bddc6017c87bb41f683de94d0ec564d2440c19e42797ee6deaa13479afc7872a0c7edf4c3b988806f7d2cf0811f946
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 81dd23016c18f838fcfdaa8afa9c52009af9d93092e250bde67ac11e8588a238
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 8fb2eaad409ae02116417dae0cef457b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: 8ef4db8a8444ddd056428a25b718aec0258fe05b5fe8d6d972ca6762875c030fa2b4822cf03e797a53046749e39646c8c6b373a1d77287f4124c19ef758eef75db8e4e03309b3d14e918bfd9499ae5c96bf10b513ae9b38511
+TAG: 50c96ccda0e56e203860ee8bf4d6e7092ff1bfc02470e291b1e6debdd71353745cad7887d47ecdfeec6996bc1f44754515a82c4aba9ca7758b609d7bb6e0be19170428afd8017478233f2582cb0ea1c52d1396395b6c83b0694786f4bea423167293e479fde3fb906a213411684d65e889a3dc9ece6a188b86421eedf6f2ef14da596800a8eefbae2461395f960d9ee05c3f1b1d05fb94a4b14d214d1aa8fc3612a7b7267e7272fd7330d85e66969c0a1202cd2843da7c01981e7565bd98f3e8fb5a55d17454d7d1c43d9faf130022d85428213251c20700e1bc069243fb408f69e39a11dda7ef2647cc78d040b1ed4c7b95c965fbec6b32fa0c7d51cd192f12f93a02df3e03afae0fc5a517d2b6f1a807718f8a31b8d5
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 20f01a20150588ee1067e30a2ab84904a34ac56cb9e327756a700b1af24c6200
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: b2eaad409ae02116417dae0cef457b9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: c107710a85a49250f3a4401fdf07a44f96560ca5e71d6021075b7b6e3ff8fd6f36c652f186dc82c8a21a8a743dcc007e6710214320cb5c5e788f8c5b020e4d0d89ec2fb780c9ea915966b9f9b1e2cb0f48800ab75f986e8d2c52
+TAG: 4e7360dc7f6630f04c8f1d2f7839ea3f2389d40b2a0b50ac5e54be15b451b0c17e1f48e0d642dede861bf6ad751de565ff0d56d5595941fb6978084d5fd92ec0b26d1357ff33ad08811825acfc0f4370f3845af494d9851c202a5a3af65c1f96b6252a8c850c8ff4e14ed9ebbdaec69322ac90d060f0d1cd9591f0a8eaf9009c3d1835343d0fc1bf53616831ddad08c4852110333b31b733d5f8c30df3de0cc5b6201cc4fb086d3a4cbd6f5b09b7d2bafd20ca24af45e066c86d417481c984ab5c2aef71d11d1c1ebf714e96dfb4c0eea9510086d457529238cccb946e17f0e378725c230e15a0403f05f48df45ca3a1b5f7848bc49faa52aca2c5cffab9b59a0d91a192f89e3a50fb7b5a22dbe88c63daf4a5e4eb72
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 83a45f4fafff7e1ec40a34e75a49a431478bbe8c9234da4c1b3129aeaf453d5a
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: eaad409ae02116417dae0cef457b9e5e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: f90604401a507574dcfe5d7c5e0c36c5fa65d9a8f0a25daaa9fe5c50ffb3758f52c9c883c2f85d879f26845a130044d395b58497979cf24a9e18ee1f27d1eac4d0cd994a6338c5755c74419111b2bebec0dc90e28faccdb1a000e4
+TAG: f4b3d162e2284dec1a2dd88163b4f319604d87a6d4eb576a021119146a8f0dd74773f3c2c82ac1413c1a66683743c413c68dd3368dd7d855b6ba54a45705b9cca49e920427b0917d2efb2df8f05705d7a4fc02e019c56da52bd3e9de2f10b150d06c70c7d365b7bb0241db500879dc2a441e003d3b534f13153eed94c2b822ca12fd728f04131e96b21770d1455c01ed9e5da2662f4b270b47c2ea8d7d0bd82533dd42a94ddba06f076d01d0a2003a38db14ac31d01dacc0b28254cfc451a5479f569a68ca21c5babc4b47a6f8d3fc33b9ca8a91d6b49523c2d1fb490030b0bf2dcd3f621c2934af7f9e920573fd8ea86380c15785c1699eb93737b5e9748e07ae3579fa73283e5c0aa1294e53fb5b71224634aa63
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: ec9b1b48a2e7600c92e69277c9e55d1cf7a9135ec73cb736fd26718c5531fb7b
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: ad409ae02116417dae0cef457b9e5e16
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: ff258ef9f318036586c5ec9e956c10c9423ad3a8a5468527c02bda6878c45398b0c78f3fba4eba3785282b3aa4586d31b238fb941546bdd6e3d918444d45f79b2a5ce3df0e8769a952243cce1f17f736bf39c070d9eaf57633315791
+TAG: 87eb4bcb34d8d52975e556030cd976f4a63b074e466a55996d09bba1441279f4784279e587c30548d4584dbaf30291b01df4a212aa83cb217b9423841f39e9806c5e9e32bcd9a6cf65771b47264b9c41544645c020cf132cde08ed38eb335fa01f54e6b43b646b30b34fe2fb14e38a916fb328d7c82de7961d38a88377454bd9b89d1be1563f8edf9d0779a3733b59ac1218c4d94d1dad1373c242114f20c359c37ab2786e7525ed4bd96312de1078f0343fb18b6f703273febe9c6a3be7ebfc4d9eb82b796f3fa86fbb3bed56d31cf0613fb03bdf4cd6b24fb5e8678d6c817998fa71ee8a839418faf9ac578d7f360e30cb5b592634b86e064b78641445bfe29883b444ee32ab3a2d25ba6249560c2b56f57ed2
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 7b0d19af32e867b61fe57398a3ed863a56666fbb67100e6a5ff01971ab693fc8
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 409ae02116417dae0cef457b9e5e16dc
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: 5e654ee6344f96fa117a2e1f9cdc08bfaca9c83b1c4d61891e49077c8ae7a8aa604e1b19995b32872087e04a59ed367e42f0ad3998cc2112035b33104164403a948ecf73c516f74adaa57688cee94174ccd5f9c7a9dfe10dd843d763c6
+TAG: 1463adfb0bb32cd1573ce92e65dbef1c6fa62943172705d5df92b654d50fef6ca92786a55c3e5d28b70739cc3be99980c67f646cbcb840f69aa8bab199aed6d77d070dfa605aa81df92d211c31af752ce517bea945c95fe5953e14c129eeb3e51f9f58fa56808c247f0154624724bc98f0fad295963906b4a186b6b759f3129ca39a5658bdd5dad91f73befdc71e8c21d9cf1517a9bbc69c065a1574f4d84997e4e1a21d69f2822afa3109482a6e0049aa34a1a0aa1778adec7f58ccea95678667743f30a15fb4875ad3195b6fb0b9d9cad0eb36a6e736280c7e3ecdbefa69c41cf5f97bd27c3b6ff11df050c51d90df67e12c03afeac273099dffaf0870176232df3965df87be3f53d41dc53f56120a31e74c
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: e3b7a347d9bdc63bb1c689eb823076d5ab24c3f502c328f70d71a1b3f00111d2
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 9ae02116417dae0cef457b9e5e16dcc5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 59201549a3446dcbdf5c3fa8db930606f6e9bd374d8405e15d55493a82035491811f784fd4f0e3bdb6bdd2e01558783a00b32c53d7be31525343a5a2d72921222e32891149f8dd38303ffb584485df1578e10a3aa048972303c2e7a2b630
+TAG: df451bc64666a07ff2647e41aea895a4794217cf995b36a5e71b0df002f0aa44dcddfa01dccf8eacc1aa729262c1e70e91181e2f2ab353a856dd8157ba12e300f20be0d828b91b04f67e7a3e54f4443e9f43d32dc64985b73a9b687c3acf82e495d9ed0565f63c355045e991c9af8e93e2b912519022487009632adb94e42be70c1268ca3abd10e1acc02a7283c938133b68b58c063c2da00dbea6407e5751ea03c5899a615a18a26ea95be5b82818acf11f51ef8fb49e5a0e742bc7da8e2669cb2833143d7b8fc990010a5885808ecb294246301be69479d21106982bf906b020441a88899cd6096e1afbca056bf66339a02bb22993c10cd0c6320419bd8f61d5dfca05d543076eab65af5ceda36c2872f7
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: 9ee27167f084f493a4e6e5b80c1cd07babdac057ed98dc28cea1f107ebc68787
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: e02116417dae0cef457b9e5e16dcc5b6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: 54a2f87f11c6597b3013a0de46b61a8fcc28ab021465178138cdd76ef01c2701b3a48ca4d3cc885173bdeb33b7b27f9064d2f09ec187d0c9c482522fb29bb421595589aa69ec2ca4155f503bdb8f0f8d79a5870e0d0be26ac239c56803ea81
+TAG: 7975b116a955bd24273dd59c90130d59dd7d4344c2480064fd8947609ad90b6fdf2ece45a4c9bca094922af9c092336ecbb14e54737dc911218af7d385490a7ebf8e5e742924b332246d1c65ffa36a4d5d92f8549e1d67a7f7ee09d7a782cb8cc10c0d90222144aafa82b40e5347f42e937779515683062b6ce1841ea3eed2bc0af7b02567c2cec30d34ff6c7001a94c4e8cc28d4ae4f208b4e5cbd630909435e49edef7a63d036aaecd7a4e3aad81d8a9738bb627092e925ccb75440a05e0ae8773f7ebc11d61a49f4eecd74bc7d5512ddc3fd930a40637fc9f444634b09a9de52e35fd950c064dd7858d8ec0ec6cfdd62366aaefe6789e1b70e596e821352cdfef5942e280a3a02c7346f51d0f3f63f5
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: f6b15333af80c49e8ea591c2272618074822d453d85ed3a96c29f249873acfc1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 2116417dae0cef457b9e5e16dcc5b6f2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: 0f0483dd1e9ef91f215f7f9817b7f82e0b96c0d3b2996b2a1d878d0be3a70c07a4bbbba3721e646405a8a7f44347557d482d7899044af37f6df054070eb4debf7471072af1e4c98dfb3c192e956b2931967d7fdf200b464be1ff1955a658bf86
+TAG: 180e408dc7f0eba0dfd78cfabb6268c9f22c3d01895476a0b5e6b4f49af416fdfc2c6b5fa770db01bf14911c3287fc63279d67670966851d61488416a7cf636b0c4379cd07d0af5ac12a5fa73deb5f5b917307137761a2dc419c78519c207b66e04e018e650f202ed21751acd5ae72b42a66de3e93055b3bb4f69d57cbd18db29d6dedd2275c87e303725c8d7472dd3196aaba3d4182f72e48f3b46d2179e401a4dba81b87ee95c013da967901c0ffdc244f2b4c1645cce4731ef62a68ff1c5bda808d18331d64694801b6d668f6cc4be147ecf4c260f2ac53b6dcf65683ae430ce6ac77be9f9892af33d02eb928b4bf14c98088988b5dd2f2a9d21bfc4b745b4b701eed508b7f0352c84d8bb6ea5262717cffccbc4b8ad5f52c20c8dd122107
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 02dd1eae128cbeb47dbbbf90e2f5cd63293bb0091815c93bc1153d46f176374f
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 16417dae0cef457b9e5e16dcc5b6f256
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: 978a10e04037ba7f0dec2576efaff6e5e4de5ab80b4b0c0b8a6209e22da05b8be0f832883e371c61c23b5bef969c004bf2a0f0fc8fbf1313078e12af2b3569a98ae5ee76a9bbb6da6806be3356c02dfa607c26094fd876d8f9dcc0395f3fe35630
+TAG: 963465dcde83c1f5833ec41c413660923c5ff60805f640a727f551d8349bbe0a90f41d97cdc07883aa06de8237b96a6d6118753745e4955855e056280106775ced9a7fe692e85aa99e5c7af4d0d619fec553ce1cc4f121b42bb7343968059b8ac5d95ef3c28fb672294dfb2cd58fba75aea06dfe70a90e40971551ad11929359d720f4c7da32373f57d85bd31b6cb95e2f0182c244c589ad4f9121cb717c1fd9298bdb4ae240dc9d144c2279924b2aa956a9a62c19b1816a88cdf83d169ba06849a012c83285daaac7560d1d59e2d24dea97a5b5e84fb1372dcbdafb746c4ba8b6ec786b9c21699bfd6cfe05c8be97731162b8eb62cd305ee5e275bc0371fe1a1ad0e74c0e518386270096dca101eb77ea0f9d23cb55d9bdfa3dc8352786f5
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: 137fc408ae1b3684a802229d78368f9fc2202311cd6f5da091b2eb998ceb048e
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 417dae0cef457b9e5e16dcc5b6f25607
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: eded0eef58434338153caefd914cb98ff516157445bfbd25c3c5cbcc0ad68ed1bf049ac292da027acab0310ef08d66040341721524982165cfe7f6dc495f7f5f36cc410470e3b42045b718f580713dac8074b0e76a0345d11c94a9800bb5e5eeeaa1
+TAG: 96f23023f81e6df33fbd6bb66f5d902bea2e91725f5ee0eda35fdc528d9adfc180a9faf9d5b49e015aa88384fa9fe9c22607292577079bb11bf074d5dbe0bcd683137449c15cce948e8faf560fe8e24fa764c03a8b5a8629e9c650cbe57c8e01da88659b6836ec59f362175df032a80ac4fa0a6d6f2110faec6067ad26b1182bf871982ce077b79736f29760cdf91c13939d8bca21b6c85cc1fbaa18ebb98dc350f1bb0ab4275f4a0325208a29b5f90895ea1552cdd9a1e05342b5be18bc5971252a1ae75cfce449c7b5d2eb0bbde05886a68e772e24689828c86c6f6d2717b8a9e035afbaab6c93789b015118ae6418b4e8388ee6692ee34c2baf02e45440088c67248c8e1803ddd0f94834bb3820fab5ed1a05336e99081290168c3fcd
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: ac9d4fe33627d4e9868c57a42aab21659ccc7efe18df8b57819b7d25e665454c
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 7dae0cef457b9e5e16dcc5b6f25607f0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: 7c433fc5255dd1e11f67c499c6a89c16b4b09355818cf304f11167bef253dc60c95486a840c3a8f77440f63a5c6a855931a90eea66a281d51d4198679e1420c824ae5c8bc0231444b65b69832b84c7b5ee2fb8484ac08727eb0cba0c14e7e0a93c4eb0
+TAG: ca78160fd3dac00b2bd95406775dd73b99866fe209f372768f80c7c4f72ca9ae6f78808ac65fedfd62ea880f451ccad75dab2c692c0e0f4656bbccb89dfaac23cfd967a5a7fce24f7b872b417122cee869ce593c6025354abea20d5fbcb86d0d81af4314347b25e2d6f4cafb33f192fe1095b24285700c879403aa90e9096dfcc7060661fb32376c8674c68bd2b6bd801794b3e9a9c66818e2c6ea41db10f4b890bac070d29a08a199efd6c0c40ac555b419588ac084818aa194f014afc4de9d447ce09c02eeadbf6e706fa9eb46ad6934af479e51be512dfe6af009c855f822afa11c4c3689dadf989d662101404b8eec479e191df14604ff1b1346747078280fb41998bcd901842090b3ee068da1097f908fbceffcca6f81554142de
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: e59c699ea2887f6c829b7a0e895c45710aef6911fa3c930de3da61fc988e955b
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: ae0cef457b9e5e16dcc5b6f25607f00d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: bcdda7eecf3331f4e7605cfd33789ab585318bbd35047755402372403a4df125e7f5bdf857e49a3f74cb8e824576a226c1942fa86de07bbf564cfb384d8420a367963020613dd2f6bd4f371ca1b53532a7015dfdabd07497367aea8db9298141229325ef
+TAG: 13440914c85b7e154828290e09ac244fe4cae2f9f3019ce37d2b34c8b04ef7be063990524798b64646f5bce918de25b19ca5ce8826fcbc26dce412f97d1a78dc121e0cccc20821a153b65b8d40d8ad8a5aafe9537521fffd26de9380feca57cff1151b2519a2b72468ae1c85e66cc567b5c828488e35f45cc95defbcb7b08cd440484d110a6cc8afe2de4a77cd19df6aef85547a082de228a8d4ac8a0862078e07ce324cbddd2fc233dc11c4e6e076ac1e5b4a7c85dee0e0a0250b8ce4be19604623e8346d5e0da8a95e85d12c8e911b1d8a0f93a2ebb68bcd5465d1c4798ac2e76fa65d7063d6bea3b32881c8523d127eb6fe74450cca213c9d29d7f6dbf80ffbb5395b20fed6ae0608a159a853745e4f842d3c4c3bbdd8762d2810
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: b0ffb7b78f23593d738e845daeb3ed175ee48ed5ed2d827565030b047dd0ed17
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 0cef457b9e5e16dcc5b6f25607f00d03
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: ccecdb03830e84c5267a5b6f68dc909cafe94a1c872602961e8467b4b2723af537d79d723fc4e8f0397fe169186c23f50cf9e78af3156f507bfd38181dffcc05695583863d8a167df062cd16aeec0cc548a7b5e16b148ced8bc2a60a33a58377b987a53b95
+TAG: e27f5bb5d85a43237ff065bdf963bd8ccfcb59793dc01c52f8a839d7e018222cba303b6a02f05004e8216496e36415efa80025b00e0be713698f95fda502ebefa8369f5d99c080dc851dd7f1967f1977136e8698ce304dfebc2e023ebb61313d1b0b2b169c0e6e3f1d6fbff3b5aeeda703c16af90bdde0783b2776d94ffed024296a0c8f4141af04e5ba5dcbffe8680b4f5af848306e4e6974acd173556f735c954397a4871de74a12a88f3bda3fb590fbbcf3d14e1201d401ee658fa80b3a2e81f55783582fc1022aeee5f7e7bb8af36ed63c82fec6ffd875a01c9626d52cf91c6b7ceab2e195e2dc248769cf829250b4300cc23cdbbad6a8146314838ede7b7e1ef9ca802d110414f6e5664b91b801060b6a16329c4b8d9b555e
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: e8928848fef7e0556377fbf3ed36b4105f334fa17bd5c5fbe2117ef82051903f
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: ef457b9e5e16dcc5b6f25607f00d033f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: 2828ec3db18423dc583c7ac7dc5231da07af1756d7c032a866c64155626be3b3a686a93699023f6e421da24596baf99b45244d07d86a8973450afdb87ff2e9dbab6fcef52cd476f1f25f27f6bb3abf9b406704a14ce9682613125139b238d9853c3fe5e948d2
+TAG: 7305f0e1fb25d024bc5d6d9026d1149ac535629c76f3c230a06398af0a1e1477aa6128eccd4714ad23b0008a32569a8fa3ed76a00c05abd5d4be887f97d8808eb9a25471e8328a1641bbc30e7aaf110b7e7aa2c81ec733c7be97be03140376ed808f00a710943ec9a5eed3bb62404d2267688dcc5570a21e56885338f12503edb7d1817586963fac14d4fd0b44336656e68b6bc1af82cb6211b9cd2ed0b5c2fc7832e759bfafd123f7812ebca13e000e80c0761d63807ee04f5a866a507ec2fa95b4ac5bd15502f8b3aa3cc906e41ee2268342a824850d17507405e7029c2ce61a3331bd0168f40ed99bb09d05b9bf8d906630e6b17426e83699ce9ea48ec0e0567fea02b62f83e14976444bdb80de1559df6c7b16c1f4639b58
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: cfc1420c24eff01a9e6acebe2a96090e25738c3e1c14da2c6f36f9e20a857165
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 457b9e5e16dcc5b6f25607f00d033fb9
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: b463f7f24871b617a1001d2f73f9eb8fe39b5fe0b382d420af876defd68a893add2eb6cac45e56d669f4ac67a943a3b32daf0932072bd701f9291b5020bfa9133d2875d8f6ee78ce8c49d45b80329831799f1eee8c712683300e49c57dc8c1ad83f7716753e7a5
+TAG: 5f037d241e016785b18877a82a891ff34b22caf1ce927a47a694a72d2ebb927b23ba264dd2bfc0b5929ffc66a18d1efec9dd91fb7b103e7f734269ba07382f320beb19bab4c6669bcc99c1306b1bd5f26ca8c98a520bb0c12bfdd4bf1b4336c550cbc6a3586f51702aec5c3c2d1923960a589ced9069b2a8aec7879ad627541e611842c8e6ef09e9f6ca61067a1fcc1947c1a3cb437a347206e9cccf6817e01f958e6de776d7e60100e6b8d7d350e59918522f96adf211430b32e8692688445c99204ef9d59c6d35e15834be6ec1623fe89c048251e8f38436197c21c65edeb0ee1334a4ac262bed07236c5b46b09e9c2dbf91772c4a9619b98b054037af1e0a5c1354c9f0f704521e310617b806f317ccb3809ee58d91d049
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: bdb122b808f40da0ae98fe9ace91fef7f2b39bc734f4f735f7cbccb2c00e4666
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 7b9e5e16dcc5b6f25607f00d033fb95f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: adfffd8a654da994aa8adb618cf69b25ad5dff201cd3a84314796e0228ae3e01be77cd8052e950fd74e3d8fb0066705874a7319dda8bee7bf7748ad844a70b1ee0d774a6156fef109dba8346a68b48458728ebde458e5bd777a26291f98cafb1684b200f84b13743
+TAG: afd3d8b88f6846623af7588123e57743a37939244e723b69a20568123485645d1c714c937aa5974666470fb040ae1106d6fc2b48f5a58e44aaa6ef8cd4b7704c9a424558a25dbd6986fc695001680505e03603f4237cef08ccc81e6319f4586cef9e3accdc88f297d1913418bfc75ce2bfc102cfe85d71c422c951ec83bb041a0e740f220badafb9ec3742f4752d45f0e949eb2e63b2d6409eca3b4ce438381fe551545684ebd78cf066262963564275a3486d6f48dda57656c2132f3ee874d11ce5dedb90ee58ce23da7ef7c126957736735a8c8762c1d5aa03542454f7ae6db0f13408f01950961680d7ca85b4d3f7f02d5f0e8f85ec613afacf90910d0bcb550b321b3ebc47170fe082e5e41675a4cd33bb5b11a5a4b4
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: a1c40dc7a17b3ef6c9170eeaa9500014ef9ada833615b6d40af3fb2e14d7ddb7
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 9e5e16dcc5b6f25607f00d033fb95fb0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: 985481677ae867b2427182edf3de86d7b9956a4970b107ca7e01e90ee7cb02c6b9a46212e1b8ce67e7aca5e2d96272c2f412b5f16a7c1d00fe597f1390c3a686724c4846c78ae66b26ded18adb40f0d74c33a68032b97d440104cb7acc755ad759ef9b371d04e4394a
+TAG: 02dc6b8ba61937d3e551c3207759d54de21b85ecd47c2c22160c6b7af023ede884eb7962d1238780e64fceba414ab543cb0177fd3223a7ad67f6bc74932de90aa195078805925df61081a72b96fbd7f68d2f26996f787ba7226528d2c26cc512347c1a639f01d361b5e1b41c359ea8b832408ccb0adee18f8ce9cf1dbc939029de54ff7748c9cf5a0c6c3b37c5fb0f39c8b73c3d2fbe5e20b393e00ff38b7d8ea4f5dfd8e276c2172b113cfc6cda46b930ea99c2c9716475368b69e0af8b2976c585bfa1cffb301f8b321abd1f2363227a9f2d195bdd772354e2355e9b027043d299f2a96721d9c0657f4e4f0820953173af30b832a8a90ca2f1bc0365207da62e857dab5abe31be5c6ed4d1bc01db223cdbca7c1c4d68
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 677f053b9f421414ba91c060ec7ed66d27982e992da0372e5264898c9edd2bab
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 5e16dcc5b6f25607f00d033fb95fb09e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: a06030a844e38f9e049bcf318b10e1cd2db6b60a2611cf9788f0c1fb31a366d2038b3a1692865b926196594850807895523a851a993b77e49c911f840f28aaa42b4f427eead4e2a578d57b101bb4795aedcffc58212e0eaecadf503e3b208eeb36c6511dbf87f8fcd695
+TAG: 3c5dab36f4690dbdcdb16d6cbe1ebaad64f8ba09bc9b7b112ff64fb7a21ba22706d8fd26318ccbfdf0ad944a8e67caeb3a939bc5384ae29524ba853ada968303db3f56d3c482a37bd8f1bb4d78235c1eb7e9eab833953def9bbe913767b871b626677f0b9420204a7d62b6825a647bec84c0da4c406e1a891586681e1699d4e5c348b6582746178ed5e1d8985bf265d2bf55cb553d76f68d2b3ad81dd9ad1fe409a604c3bcff45746b8c426e73d424d6bf3d6075db622c7a5866892805e4d4d653bf98a8f512766ad5a27aeb8f6badc00c49901c13d8eaa01628c667c4b48fa437c7bcc088036b44e0a195d1da95fb9952c0aeeb1060fe8a21c8eb911247e65a48802e9e6a55a3a4c8ba9ef90fbfd4bbf22afa803673
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: 9c1c2b1853244d015dde7f4068220d7640501b1aca325b82c1be8c015b61e59d
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 16dcc5b6f25607f00d033fb95fb09e4d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: d934f61f94d2b0aef2b63668352d2af2db2e225d0c8dd86b8d7c901de7425dca2a0d2f3bae9dbaef4946d18ebc2d9f4cff5c268cfc80b89c35f7b1a3de12173f9377a7ad9b33751fc89390cea9b44e80423702a9848c6d2562d24838e3b0511bad71f4015da53ec8c435dd
+TAG: 1ebd06a10660cef77361e20c5ffc08b077df3b79a4bf3333573469e4a42585771daf5a85eebd7753c8a305b81c32ffebef51a9827419c7b0f1d1ba5bf5aa3c947ba2db788747256a5e8e8644a66ba7c04a54884670aa7ac30f14ede3f38686e0b482b248dbc3ab8e3e39b939b22c21db990c59ed728a2f11eff3508330f29dee7d314df8304af2609739419eacce7d06c9e3073581e91a811b2f96710f791baece65a19fad9f94999158dd1261f1ccf7881c0752488a6817a373a7d25d83e9a13c2241ee0ce9355a2fa908974dd552514de09fcde23a5f744437f38d740ea8d950e061c6e19d6cf58a8f032b24a9ab7b496478fece8e273f1aac381af28679996eae33b01daa3393890d93e27d7c6cfbb9c7e25ea3
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: 6bfc1f2aeae329867e5d7f268979743cf267d0dd73b7882abc0240ea586b21fd
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: dcc5b6f25607f00d033fb95fb09e4d00
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: 413d2c3fbc77845409ad66cc13432824ae4ae109379a9617e8b93d4f9b17fe0d0450476c3f98c229bf35e86fa792dceb4b3864761dd442c294e43b1cafe1fe086cd1ca5e1572fe2b3753c20a74b663b536f6e686d9765bafb10566f2b5cf02ee77bcb753c13186c4d091927f
+TAG: 40f0ab390d64582df98890aa0edc3e6b920bf856ebbe65c87539980aa95518ae9feb5353a6881454f86ce986a8d5a8dd2c65c9baf91b9f0adc103983ca7346574d909399e4a3ea228211e06fa4ff8c716351482199c71a53d08c908ad0443d39d6c57c86efc1cefab52e701ba474b370e60f694ed871ecc06ed6f6f931fa277d00f94bc0b19fa2dac026126f745547c28e5eccc60557087d6ca78e83def0d27594c82ee365859fdd50261aa2d8f93f8a3925cb689bcd051bf45f001cbae68f91f294628cd8ddcf54d72570e15238336ba002c0595580410562d428a00ff88a80686ea256a3510bf70cf5028cb43d84c363bd3d463fd6231e708b9c13e01aedba7b703899bdfc5696616f8f3f0a85ca2e092b3458
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: c1702d4f70a18932e2f4d3951603ed904588a990123e0a02d29d7259afeedf69
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: c5b6f25607f00d033fb95fb09e4d00d6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: fca448fd13c6877aa9fc299953dc631df8024cebe774bb14839821b05485c4a8f1345697b072342343f6a5479d99d5ba0ab29db7760b1e21b37969333473e6fd16bcc5b52e1d6472fee31034d515f66439f092341036a48d637ec84d22af8d182850bfd4140616471d3b5b41da
+TAG: 8dab3658a601045d948222390159aef603aa6dd7a44ee2c0c5a688a6d87ae21cdc7e3a16521c41e1a4c4b46465484d32306b9cd01f92058e837bc0abbe328604bd46608ff38e225bcc898f5e4478d04f9a671a7993076a8ba39112f34d110c699a524fa4e7b1d6202641dbd0b401c17569bb207f61613064bee24c1dae9c3a67e7774682eaf2846c11bd849e33fb6c6fc2ea4ada8d115208914cbd6523a74ebf1364d38bec9dd913f01cd15c7e1e96001942cedd7f756194d0df3b095140d1d85bcbbb8c6810446b96c18c6ab728073bc89a0f6e13befec438f008ed5e13d4c4468436045773b173aff7096387d25bf6bd2a6d3555881f1b69b99750974b332c187583d0751720d554219124e6ba8944a33a35
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: 09ec84331099e1d602d0998d99c199a6037255a5a4d96bb3af54cfba357bbbf1
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: b6f25607f00d033fb95fb09e4d00d617
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: 8c5849a917c328d68cdf4fc279b29efb0c3c1921621276ca19206c9941a5789b0aba7283e743f94a6e4142f7febc9ad35df30daffeaa5cd0cffe0fa2e4cd5ceb687def585b2634774a01a3f00ce2ca9951fb910b4386bd0d61d1e292b2b225ac68617962b28bee0d40f195ff45a5
+TAG: 7efa8ddd692c0285de19d483dc17b89babd2143390b72e06375d88fa3f37ae611638c82ba20627ff311e8d29d2b4bf850e01fad1fc2150cba93d9fb52a21a1ca6c434783b66d5858eada584e4c8227dbfd329ef24eb1fc75de04aeaf811b09d67e5675ba0649fb784ed92c0a8893b77ba894d6799c4c2ec60a02dba67958927a22f5094c5620f89aa78544270d65213411c2382b4586e197ea45ba5d3425c2f4975a15e073370b358511155d222250148ceeab807684818324e48fe989eb12234d8023370de80a6fd942872d176f93f576514b1382a7ec12108d654bf0029196abcffb70c703df2157dc1c5f74f191bbf5892a5a6192bb0f1f1903ed08ac36a5060563405d150d0082ba646fca777e765f33
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: 7d506a5c0299a82f5f93dd69526156e0de9aa5cf94f9fcaa12064ef920a1c5b6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: f25607f00d033fb95fb09e4d00d6172e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: d0076d9cc2f829a33a0b1972f6c0d8c67718a7593975798e0667135db3ce31b4d9bea98710909313a4a2af88bae720963ee738f26bde44b54dd5820992569e5d2eea000baf5de9e0f76dc8e0b93244a8474beb7e922a5f30a5b5977611594af258e26fdfe001e0e3573eaf8f8cbbb3
+TAG: 3443426c166f9329de723222f80fab5c2c36855a9fb63ebefe6c7675f247328b84078869593bdae8b217859332817d88ed6227bb64e338a4ad03e881399702ed04b00aa223e57a620cc2330b19eb36bb7798083964e169f8593c8bcd076fb6ab923d443af0656e43ec069e12994f49b955e5fa42b800541233099d54b9b06b061145cfdfb6c67870b6ad5c6d5c7098753d063fe238a8a72184654087fe21133899a13dd3606ad7d61bbfd380284af41604ad9fb7486115170b9dbda77cd289374fa79d3e3811d87de3b645b55d976fdde37e93bee6e4552d55ff5ff85775e0682df3c108565639592228f722c9543df2951463377928f04ed65ecfa0c56262d19684ce2766e160f45b2b43cc2a70e88e5b
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 5e9c0270955ffa14e3383a79a1cfef00baec4e8be496c867cc14dbcaf609b61a
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 5607f00d033fb95fb09e4d00d6172e78
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: 298f670117678bd139c60399dcab68bb0414829b458c747b0dda5dbd67f95fa393bfd2719f815a12a2b7c6b3e769b61ddb4651970b30451cee6166545d8e4c4554c8217898186dc02684c5025ee692e12130ab41ce75d79a4ba1a4dd02e0af581a645979c1a3c8c12f5b13e9c1113316
+TAG: d0c431153a8757861b003602fd6d3ebb9e6724db6cfde4708b4838cc18c51b9bd17c2c84a66643b31768a745a221d8b4e7d2c8a8245b4c405ba37a8010e0517521b46458a49648b4bca3eea1f01b15e6c65c6434b6601dbff307111d2e77e440365272390524d527e043c5252471ae604b9637423cc9a4a0ee7a99859aadc26aff9676896d77bb8fd15d6834bee492ed85779b94f76c0c6aec2e10bedca5bc0a648fccc3bac478285fb85bbf0d9d43c03f7bba002bd0762ecbac2b10d42ab2ae9d3003a775628b329a282c55a27a17c9ecfd083c70c2633f2803e3ce7b7312186e50e48f1c48f42b8a3cffb4d94c14b86733fe374e12d0b68ffe864d04acb9295cc96d557b0634f44182c925f431e2168bceb72cae8ac3002434bc7951eb58cd
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: 57739c0c5b8e1f0255bb93eb53822ce8688a4078d971c0a51e757a0269760bde
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 07f00d033fb95fb09e4d00d6172e780a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: f72c519566632f89513f3f278407845ff8096a5b63929f0ea6009c3cae0dbd853662c4017ee5729eab92f2c475f0a45533de67d4b941d4b16c1964986d8f4a16cc12f02c28442ddf5790f321b3942cb65964587f3fe55ab28064c52ce3d3598d3431788ed2c26fe1b196abfd35afa0f7a0
+TAG: 272fe10ff7aa3a6e1e708647b30ea468b7676df14b88642bf6a45dfb07196147fcce3ec70cadf1a3c6e8308df7d1bcabfae38cc53e356d7a5a9205c3c4a4ba93330f234ea5d83163f4e0673f1b03414d7c4d56444b5772e574224229eae3b06c787d61931a5b67e148f57203739e16d4ed47a8a838179d2f2de404940d28dc348cfeacac92dfc099a809167422fc462ad433f1a7bd5d4f3398b1199492531c48975e4d8769f872393cfa05a821ab4cec2a173d187d59c8f5c26a3ff5b180bd6c02af9de6ff03639092fbf1eee9eedf505456eccc68327824898ac70d5f098ab8dde38511549e9520f41b578f715057b0ee505ef11ab177ed6c8bdd67627c8ddd5aba89fc9ab84fb748b02137f28f1aa59072929f067b8ca0fac0759d2c2317
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 0ec4072fc3c850d4ee958a0af170d5aabd223b024c617df36f4ad245d0304c0a
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: f00d033fb95fb09e4d00d6172e780ab8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: bc6acdf0943ba34efbf9eb27fe9e968f23bc1d4f1eff7f86e836621422e7ad8e1adc03249475b6be8ec5d3e96e167af7e6b85ac87b5da2364b1e0d87d5c49d43ddea8e9b796580fc4fea7774f8210e4ec424aa029717937bf76b148e8af72e8badcc3f12dd259fd4dd9a325d81cfc7a188b3
+TAG: a5343f428a33670552af3bbdb5b97ac5b52539ac60112fb6973224088e3089712b64f411d0288827180373d3989bf682c95a303700bb476887da936131fce26835b3a413bb24ffb6508d6b229b273954bda18670a04c65b2a30e4159f84bea5e60fb8df734c792bddfaee0599f19f62f54a37abd2a456aee65dac5f9bd946a244ade11308bcdcb14b4ca37fc1c7565077fea06465ddbc03b459fd19e69da017d1d45bcd427babfe31778ebe3629adce4c72264bb472762b6c4c9eacdc09584a05d375775e37be64bfdc5e0a4a3b63959188c1068afa05bdc12dba42311160c17c11e930855fcd0a7541b728f456866f577c57a979b4b9722658d237caf44b9fdd5ac55239b4e1328fbade275cb41a72cc4e08674c5f05223d8a5cd377d2b
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 640ba3888e6cc260a6022fb69dbe5c5267dc8604aa92216e11888394fe59d292
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 0d033fb95fb09e4d00d6172e780ab8b7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: 0e87c57c18fdc439c968a9dab086c88271be6dd00843879ae1563e4ed03d69f9fa09a29c1bf99b1c859323eb8452acb2f808f051669bb5e097e23b947369b5a0577157995d729a75ae7a65e293acace3124a8aec53328439e5f2103fc3a236728682fc129a5b0e203bd730303fdd2396270e00
+TAG: 0f83d6bddf9d40d259dbaa002acac91b5e7623fdde5257b305581f67322abc2bd2c78f06196f106867c67eb23973e26df8abb47c47500eaccbe39292cd854a9c2376f928f53d124f6489b959f7a3b70c52cd5c01ee29a77698dfb3706ef2d600caee9707e8c18fcb9622ef34fa396ef4851498f9bfc7fd0160199607db896162cd7d9bcad5c47ddd8ecd4fee7c9028dc546094e7386ae9fe751ed5ebb5bcce4ba084922e5358b2e1e5a3e0ec2ab08fb33e6c2eb50d8bf8b106937a948ca0ca6ce538b08974647d305e2489ceebd8d77e8541fd1831a0f7203c420741f3bb8f2d894f890c04c6838e82a8aaa14b5f22314402890852b61a3e95b1811c9bebcdf65a9f358c0b607362a855c70715bc3cc38bc97c01064a843cbb9f9e1578
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 7c10e4553a91588e2c39060e9b438736721926cb7bf53858293ad763e9b70fe2
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d
+NONCE: 033fb95fb09e4d00d6172e780ab8b700
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: 688cd509094cd4bbc4084ae78885afbd16845ca8cd47077450408a85c8f3da0025623f3365a65f04d281ba5397fa74b6f90e01cf138e01ee22280fb3a7d4da5c1a3b0e0507bd46636984a0b91e11492ea47136b32c2f364cdfff19625878ba42a4fa736bb277740e58e4aef156616715f9ba2d84
+TAG: fd1520aec4df666b38a77b5e8921addeec555fb803e5f56edd2d5822cfa8e422f5cf988860969cf7c9dd58bc80cdf8f5964b91182f6f45789d029c844e406c4fc4fdf313bee180947df1fa9f51e20706d746723baf917e23f110c7fbbfaa15b7bd8539b4c399d4212eab074e439249c30647085d305760dffa861786ec18e4d8b1b94c0338723fa2757d33ab9b2e8b3e26f94a5779270216c9801f7c330bdfe7de294cea505f4cbf9dfa4dca7638b4bfc31e6fc582aeb10f606e77c095ab7ff434e104a8a68f43408b1ba055a7d2fbf80e1dc84e0c1fc6ef754c6af823027c9cd63514b962e31b6932c1d9420fd0b510f845546700a048dc1549ae7877b25266d838b0a848349b3ac1fc3e64503e0a2c79eff9e16940681629b2a156
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 0e88468ae741a9ac1114e212499c092ba60869973f2cdaf456ceb336ad40cee9
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d03
+NONCE: 3fb95fb09e4d00d6172e780ab8b70043
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: 21be2dfd45845471a4356b8729da67d713a6aec1b72119e38626317384c349b06b04901a789f95bca41ca42e89549be13e29dfc322d3e88f9fc8c0129626c19ef5bd49c2ba8838c0fc3e04d48e3f5d69d99a07a9b69722f89cc896b1631f5e14458fdedbb6220da18328ab02ef8c72330c077b89c0
+TAG: 0e832bdd33e00ebd16c9c3f6aebb3d9a89838462eb293bf94f83ea9d5e7b694330a143ccbf189e2a6acc6be8b4195d4a4c29c311e89c0f61e4e18ffdcf6100c69d837213c64f3b902314465231aeacebd86d3b8a1186e23abfacfb50819792020555ed206029ce5f18dc0aff8a8f7872f6a28c6a07999a485a706a670cfe3ee5dc307610c0e29656935ac41faae3b8f344cda2e06f46599ec4a338d23adf76b4dbb15963707cce130a6c35cc42ead1715dbd55eb26bb9e54203a9635afda43f2269a518b83041dd6f519f33d521f221d60cdc86be9c5d188afe2e80ff43051544cbafa9dd958e41a0b26df06698535ae3aa826241045bb980e0009132f972a291564eddb45bffe5d133c8cfbf013c1cfdb05ae13aca462c8c4eb1d
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 4bc1f00622d792e473151668845b2ffb30c43027972bf59ff86ce53a380f2aea
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033f
+NONCE: b95fb09e4d00d6172e780ab8b700433a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: 71fd9ada130acec7deffa6a53eab506bb5fc80ed7e98e656a5282cd88cdf9c253a87832ac42dae0e8a476011b11cd5c075c74b0f29c1c966983f3fa69e00df1ea93fad4942bde475e7ee08ea2c5f6676145c3dfb8d07521133468ce6e573b789a71e59d622587f8fb76e93af95b0c47e347764302bf5
+TAG: 10e23776607c4b3980eb7ea6a3398defd2aad76439f34c2e360f60aefc52f030f969c761fde94aba35f80867065deb51773479233d91b1b11b52f84237dd3a20ebd8668f685d372ad884dd074cfb46e115aeb1e0d6de5001ac136bf7a0fd0bacf214c6f71a19709998fd23f9ecd1ef2cc4cd6cb8f91f03daf7d89098f47a2f29833fbabaf5b72b2ec17c5bf052ba3be3e6567431cd02be7b310b1c3fdd0c69cb0acf10660bfebde43ef5dfcb1717a878e024b027c07bbc6a809290ecfb99b8e2165ca10eac2d15846b6512cd1ad4065de5805dcaf8747dce9759c5e2b46b7e77b096f4da1601e0744a2c13d73b6c0962372628aac01c787be37605ee9910d4dbaf9259dbc28889fa5d405916ec57ac3a9c1e3d56257e4cefaaf1
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 7ddb9526ac0b917c3d63a2c0a4cd720d4814a25e29c34a5b203d8aa4d4e0eb00
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb9
+NONCE: 5fb09e4d00d6172e780ab8b700433a95
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: 0efe6e536bd68a04db4c3d6a2d09bb7de3bd8422ac918573e9e769e5fe8496e4630763085ea5fb939ec972a16b0b01f4e39623d35eb2c514b653a4a716a2837964eaf232d5bdffac9111c4fa0136226b396928bf3df92ab7f04638f3f3cf090c05b14b086cb2883ba64c7680d3ea3e1a020451d259bf8e
+TAG: d75d4338d0c73371bbc214d8f21d0a8ed40d3212ac4f91569f51b41cd2c5b9e1cfb67d4052a70a4d702538f58247be89d04038b27d7366fd5adb189764c1f54b6c2bcce81b0012d367a3efdd90ec9eb895432f1a95abc04669f93aad3283e4e56fffe95e0a8016514663d6e6f37df9c26c063bc7bcf23c2e9af26ad984c4769e994e6798dae965b0f288094ae179601d14a2b263db71993a0a6c81918aa38fd1302a82a7d830e1c36ddf40bea1817995c1520d493c874f54e7d441d288caed8434b6a790984ae81895c5088939f2428de79e3076abcc35d483f2601659e87e6d622d5e37104c9ced7012ec7122c849bfbf43354e7a559f01d526ef416748f366ae82c3c8b60f5364095e0382ae6c4e573b3fa119d49d2d7433
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: cf85268a8412f6a450d7c8d48a2e744b508b00017da678e76cac09902ca6b0ad
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95f
+NONCE: b09e4d00d6172e780ab8b700433a957a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: d9832e63c2bc9936f33f10fbdb262711e715fb09ca209b46106c77e03b1bf7b062eebbb99185c684e9bfbceb083b5e459bceea895ce3fb7ec4eee3a5375c15066196b3cf24fc7b89a756184abb59ac80bc73116cd277e7ad4d9d02a9a9541cb4c71a644973b959b9405c9b109dc367c96ccf4c49a8cb942c
+TAG: 9945a3c66ab56d5ba42914d0da1221752f381bb8929cdcfcc5df9a025c888273762ab6aeddb17b7e359923b1a4146a45692749b6751ab0f91df4678ea172de23a1b62a40921854513099a362c94cfe3be87bac38711b30df6748a21def3bf65e654d545b49ae975625975b27e789580a01c73c67f97fbff56d81d21f5d46cf32010090e2faa957e739902149511dec88a65d4dfd7e997db77879c7a3e53e5fd93a914300477ac5381ec213c8050dbbcc85273db55a5f3590b435669d956c5c54cc3bb95cde05791f8986c79138ca73883a65f22f58a8f6fd99b7ac8b81e6d8a7ca8cad64534e1d2a85641b3ca1c5b55e3fe41335f49b05b0a7cff05d1e788d37686cc5cbf97001fc0b5e509e7d99306a8e81e38bd94f54e8
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 0ecc677bf17604e63d1e4ac4a1d56702dfb16e205af1da5d105d553e87d14680
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb0
+NONCE: 9e4d00d6172e780ab8b700433a957a74
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: 90c83b333d6aa133026223c4966a43fb67f666db06d95f45cff479a626698bc2a73c64066e904ef04800aa8151adec851a51293b7bab1ce22d3e86cd3ba3924d8c0a1253f9714b7c1add9fba2be58b243e6f7ff4f0cf9ae6d4ccd2d4edbbc54d09abb8b9e3f0b269a2cf424a213f0dde799319e633b0fe1dc6
+TAG: c2bd8abd58134322fdc45b2bc3bb19b1a7d1e374fb50ec18bd8b0a005e4fcd8a8fb89471e00b1c7c7d579582ffcd151a412b64f7eed5e2cef7ea6ebd5a8326c0723978f81dacd50cf79e363d0716a08512c051706d20b76f7752d9595629dfb99d53b3eb7b3c590aa05d061e35156aa5fc6552ab7858d78b875a120e14e5eafc06d336c683a6874f1759f8adb2159ad91c8240206f0f5093eed17532568c5262d4228d3285e7ffa17d38de7f50ee25ef25485e9692888b80f5ea64976fab5829920e6c9436b1f95e78de7b181fbcb6bde0ba50c18339cb59f942caca5647d8e40c58c0c17d9f4876e275bdaafbd1c73298fa0f79512e896ddb86d7f8234e9612dc624919aaa744ac5a3caa67cb8b809303854cf369fec2
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 75073f11e219dda101a54987959be5353c48af4af654fa6dd23e32639ca2ea1a
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e
+NONCE: 4d00d6172e780ab8b700433a957a741c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: 7c9990e7f62cf12afa4e5a4eb3cce88da630a30c3a86a53ed009545de30a08f277e2b8202e138ddd380bb343b606fe7f9d8f53e924c74a21826b1240a76b8ca99ca1a73c8fe87c469793bcc03e84cbf98154b85123332327e0e8218cea0b9fefa3b92835ab96a369b90c7383667f0ba5e62e275c5f4870bcf1ad
+TAG: 4b0023b660c25aee68d10550fb50140eb0c70dd881dfc8c9c99b7033eee7c72f6464368013845e2cd98fe6585ca56fcd8b09cce7ef29e88d97d719d5678189dcccf411a3a717b3985837f57641e74cda0bcc104f0058ff69c4b75a43a71e09e1ff6c9f26aaf940b34c7a4d29b645abeebe615e7b4c645b1622b866733f64cb2ceceb89183ea0bdb7b9fd13fc0fdc8c1379cbff97ea47828d265f73a140ffd454a68dbc03b0f43aa97bc3dbf326319004654d3f9085dacc461a45c0d334aa52eec9ede99435a8e4d6818c2c3ac263d6cd482f0b753ac2906827baa452360b120855f7f1ebdd35e30c104bcbf0dd76ea98584f15082b2418d18d9ea8fdd0cae0e6204a4421d3eaab6ed1eca6c49f411bd236b1fcb7629d
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 7390da1949a9ec86934b6f6c7af07d60fc37be21edd0ba9d937e888402731c54
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d
+NONCE: 00d6172e780ab8b700433a957a741c9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: da1b99574d59c3998b39dc057d093134c9bb4d0f9a38758e95273694e405b55d8047bf119dbf29c346ea5318a13c8eac769230c085cc2b67e57800279fd47aee9f2ba8e572bebb9f231e954430bfa53bd193ed74b4dc59d6c6e3687451c95d996c86283f10bccde027b90be52f6e2003c061446ad646ef6794073e
+TAG: c47a0239314493854571f92f50efbe318131d94c773d811848f642d29ee7ce1706c1ce3f55b7be4b57f4ef893fa9816b0cb3c1d74559f7f3d6119f7c7460eea64bdf660f13ca59723eca7401dc93c687172842b88e446b0aadecea68b924917d06e234098295b1345ae215c33474fbd1b010255fd233229998c21ec87024b1331288f6fc6ddbfc5cf0ef2587f216617d041df338e4ca14bd12c7e6c7d1625f46057755b2f9f18f5bf5cdba9eb0132f84b954fd6e0aa30d26c0a5937b2ffe982456326bd16c002ee0bdcf4a2a38000b1164b143b52fd69adc4855a7a5bad09a97fadc5b1d9b7bdbdb1d6cfc63ae44931019b61ed2573aa8912ebfc436e7e92a636d337bb0e2054ce2dbf30180ee7bac0bdc687e63cd
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: 174d05b7079b80d455325eda1a010ec9bfec7110a14120c6cfe365d270099069
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00
+NONCE: d6172e780ab8b700433a957a741c9eb8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: 003e3e54c1df8c46595d812418ee8157054b3191a3f73ec99a047f8c8d25499dcbd028b90caf67af13f72b1632a2e605047c784cfd47b533a947238bed948ab395f83dbc1e5e63e05d50f085aca5dc7ac958e0138e9dddb0883bf8214eb3c43474bc7476deec216841d5648e1db04a898d5dbcdf3d8a832063739aea
+TAG: df1cacab73190492bfb49c18745fb0ebb0e2826941621d2ad4a7556a677e71865a25556d15f6c243ad98d65d7d48bf0926e86417256f6eddaf648b23e0bc877b1f4a144f5cb8025d68831f6440b6524fa61d701337764e887fe08073a0bf0a0a279c50ec8f799bf9fc6e9709a376fb1b1d52a1fb60d50657e56cc283fd36c0b07e7612a025d5fb17d407a85b8b0b7f70dced03d39f0958d0364df204b92cfc5b04189a741395d9bc288cad4bf12b6d7c590200f295598209c133ed9cef848b0f716db41f29db4d5ca48cc2b0cf536d89f6a8201738497bb1f04dd9df01e9623d09ebcea9f1587c93c44c5d1bd99ac021fd98142d9f02f8b4e52470b23588e3229c0f769f43abef626bfc91f32894cb406882d055
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 338800a96a5cf6db2ec5d06de2a53d0fb1b94918f1f8d5c0f222640d4c1bb96d
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6
+NONCE: 172e780ab8b700433a957a741c9eb80f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: 088728abe87e0abc8f5991ed5b43811f4134b159111b0fe9a173122864baf70c5a904e46404399ad705084830860d7e78bf85bb166576117af665dd709ed380aa5de72a9d5819177fff5ca3b536f40f6518a21ccc50dc1cdd1a3d4dc89128de2ec6a6c64cdb50df0e11b55769dbc1e3cc18c9e57c06f5ee705590654bd
+TAG: 092370b96f4351ecdf553259224c8b6e90e656c00886aee0bc6a8c2e54ead2e35b7c68cf9ec40e01a2fdbd796a1fd018c92b8872eb56b9a4ca371d72b56f3e57feb77187510200b154fedc6b139a36a49bb2060d1567c167935c31941dd80fbef0d296a8256f144ef3cab87983c9e4e2bbcd3fb339217021c93c6662feb87821efcddebe9e2a106c5b724bfdc9b00cfe533615b8c97bd90c7c825709ad1619dec1d4f914a1b4c7b2776d69e4d51b905806a6edb67d4b926ba299af119a520227f5c409bf247c35b4b2b8fbeb2a4ee2f2192455883db9bf2dce2bb62506a6eb1f00e6223502aa1af04eb6d1250e3aa9aa193e9468b96a5788f88ee2524b55064d94c7d5b9227c9d988e1b19474342932d3f8e4c
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 6dc3a2d32318422ad20e9c7b09a9a73d8608a326eb14efd6eb52b87ffe4bad09
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d617
+NONCE: 2e780ab8b700433a957a741c9eb80f2b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: 2e844cc46c1eb905c90fa857be56d4bf947ffe31238ecd92f62c3fdbb1df4c65b14acce9aedbcf6e0d6b0099023fb89084d0658af9d148c00798ba511cfe93ca2604109939a2ed5c8be6a6557f270c14ec9dcf1953014c5324bddbd19c5de88cdfd90c17b06161dc3faac0b551ea15fb1ef49b20d5ba92ff185e0f2a1342
+TAG: fdc906b90e526f25e414d44f8ef584c232bc97634e4b4af65ebf6ab6c3adcee9a7b6cc010e33f9181a83e6c8482e28b299f7495631df8068b454e952ea2467093ded7c93da6ea3a7faa91fb507789fccfcd8c0cbb115602c269e94900fe34daf36862b068376f1aa0d11a175ea2a47166891fc08d86d99b0cdc36134f2cb0c48a1dc5e7009348c9788ef122c92e82028de1e2ab27596cf9ce5bcc18115859084db6cd598341c60aa6189080e1d27014f442dc98d6ad3074bf357134209337eafd57c9e71b9fb505f7f442729f16cc2ebcadf3b1b521d22731a417c0ac06f7dcc3719ad8612ff1dfd9fdaea8b626b172be78a8fef4dd5e681282c108c925adafa5bb03b372b623d0e1aff82038cf70c72f481
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: e2c5b8d5e6f07c136223bdb8a1c0197cd99132dd8320a3f1dd1a393a90e575ad
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e
+NONCE: 780ab8b700433a957a741c9eb80f2b02
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: c0d206171605ceaa8cf507e9c5b785162dc985f8e6d02c9b78d1ee7a50ffe0f2f9eaa80444445da0f42f08cfec019f2aec8b0dc7e9e49eb63180811b092cd737191d8a4b9b2a4f802f484f5b3e7144899b29878c9e7173f24b732eecdcb6bfc88b3a87cbda306c296176d18d794c1f1382c7df66b9c97666ebde165ed92869
+TAG: f33071d221e0e38375c6e17bfe1edfcc9628e765995441ec3f3535501ef80c66b03f7c9127e59464aae5a9c62a6cc80e5b9ba164ca644171e309aa408757e5a4ac5956ac9f47a9d2c1b01a5e4fba3870422803efb2ce809954f1dda2a64a5ed16b98bf911ed1a505d6c5837d16e79587219cf47211de415de99fcee110f11a3bac9b2a234cac4172afbc404ecdc471dd5a756ff8936fc481b0bdd876501dab51174710b920f75ae0d2ab1605b11cdac009aeb26fac1ec2ed4627f05e5f8507e38765cb9bc886bf15b37278ac25b9230838900e17e31ce1d4f15fe7767db19e6405f6cb85db43cbb6b764a9506eff8efb80a706cabcd4beb646aa7bd5f62e2edfd6191bab4ecc948527902307ccc4479b67
 TAG_LEN: 32
 NO_SEAL: 01
 

crypto/cipher_extra/test/aes_192_gcm_tests.txt

@@ -0,0 +1,43 @@
+# Test vectors from NIST: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
+
+KEY: 000000000000000000000000000000000000000000000000
+NONCE: 000000000000000000000000
+AD:
+TAG: cd33b28ac773f74ba00ed1f312572435
+IN:
+CT:
+
+KEY: 000000000000000000000000000000000000000000000000
+NONCE: 000000000000000000000000
+AD:
+TAG: 2ff58d80033927ab8ef4d4587514f0fb
+IN: 00000000000000000000000000000000
+CT: 98e7247c07f0fe411c267e4384b0f600
+
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c
+NONCE: cafebabefacedbaddecaf888
+AD:
+TAG: 9924a7c8587336bfb118024db8674a14
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
+CT: 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256
+
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c
+NONCE: cafebabefacedbaddecaf888
+AD:  feedfacedeadbeeffeedfacedeadbeefabaddad2
+TAG: 2519498e80f1478f37ba55bd6d27618c
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+CT: 3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710
+
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c
+NONCE: cafebabefacedbad
+AD:  feedfacedeadbeeffeedfacedeadbeefabaddad2
+TAG: 65dcc57fcf623a24094fcca40d3533f8
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+CT: 0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7
+
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c
+NONCE: 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b
+AD:  feedfacedeadbeeffeedfacedeadbeefabaddad2
+TAG: dcf566ff291c25bbb8568fc3d376a6d9
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39
+CT: d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b

crypto/cipher_extra/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 20
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: c6105cc86e18eb8376c16ea37693db5c07b77137
-KEY: 8503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+# Test with maximal padding (0 mod 64).
+# DIGEST: ceb2d295bd0efd37c6c34dab1854c80e986174fc
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
 NONCE: 
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c748
-AD: 1df3f4183aa23fd8d7efd8
-CT: c90e0c2567341ea7e9d968dbde46ecb46ad78dc8be7d47672068de66d6e7eae14b500b94927f24ff6a4f7b07
-TAG: ec90d128ef465f4a3645fd0b2601fbe2b0bceae2f890f0700c7a15c82fcbee6ab492908ba5f2df0f04dd0635c047cbe52069d85fcfabe53ceb43dc71c46e51c0e3a9ff435840d62bdcb93341a1624b69397fa1bbd9229814a2788b91a107534b41ed488f4ce95fd2ab46963e4f1a3096c74acc8466d034eeaa7c0f1fe46a4eee7abb740367266cd36fba96dc74e520f64b9605c067bef516f517f99ec73c1104b43bf3e94eadd7dd6b9b7db847d6ff4c03dc454d8edbf8f694f09754f249fd1dc0bb4b130b2e43ddc1d24a0cc14edc8e7328515cc8498ae89beec66127508676fb04db92055abf2be22e0c2a7a3d9664e17d919f655ffaaaa7246a0ea29f9c42f72b6edd0dfb4867802d6992ce25efd8fe0dd0cb
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: 000893d3434c5be7cbf9daffd81f03545f735cb70d1bd16eab26e07da7ee29b4c607d9a57077d74437e5b01a89c808c7ceca0d3838e5c6ee9947f1d4ee1d5e5e
+TAG: 6d8dc4edeeea81cb503d7389da209ae335876393fdab048965c7eb1a1403d05f8ef059788d08c2e906444388fd416a87bf8706f78d35797453b242618f4a99f47c3756116ec0318d96435032225ff82b902b9b6985189ca438e466154ded91676676c645926e2cf8a5d6f3bfafbb713d646cfd35b091f68e5ac2e7ec10badf1fd80767e6953abeecdc89beb2180dc92be21631164ef801147917e0c8d7841bdcdb52ea03344ab5f2bf3d5157794f5be79f51eb1efdacc0b77b27b72e2ce03d05473203522e3c2c196390d77dc28a35951f3aebd72ee58021d55e521dd029719a7660408ed0da5ab41830102bceb514b0b172d0ee10937111edba82b47e719c3beb3ce49a665accdc1c5bf028d465b5e1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: a07054c760cc66fc704edf950201005031f3faac
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: a1e92776d0ffcfed03d1be956169f606733755d5a7011620c7ced6a825d8e59627e75692a41a1f2a86e62fc6052873b5458616414584e36bad698cf4c44909e0a2
+TAG: 6e0b32528feac2d7f69abb480efc7aae6cd1c5f8a654bcd10ec5be08b58f5a2198bddd83439d69ba9f55408cdf087e8a7f33fca6859638c5a4e8bc6961afee7534d8ffd95249d554b02e5beb81100be5e10abf679300f4ba514c03f4fbbba3cc62bd13dc8c8b9a726a9f217446c6e3b89cadb40488b177926c88c9d22a6c4ad9deca67f0d976fe62cd24c3cbb2e51dd16ee2e7bfe91d867b77c77a9a65c387e2682d946e617d0128034f5fe436eb7fa88aca82526d71dfefbdeeeb5a2c15d57fce0cf12e6ce0b101ef92d9ca540447e0bb65bc04b6a02e4e6d9378c6eebcd6d530c4ae14243beebb18403e8bcd434c2d88cc121e2df182edc3e1f52b060b1aecc48490c6cf3260299449945c803891
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: d059c266cf6233af730b7a229b19356a4c6fcf06
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: f414f0321370af1490839677747893befa438051fef5f02fef488d7b84dc03140b3a5dc3a57041be4c8b688633110fc07251d877de0d6242928e4d937e3cc58ed611
+TAG: 4ee98ac6f10e179314a251a9db190037c47b9fdfc66321d83a995f6dccc5259801b18c3f466f7f4939b7d2d7196e0b161aaa013721e81bb9707b974b904f670e4aa495357b562a254908417b65fa69e86c42b3efdd423838575db08465a7f4889c85201629f6350c0865b5b0cfbac4f51ea1eacc8f9768014975d780438c3bd77f7f18612080abdeac9331e1a068c8f3a345d0026c5723bdbc48643c1a733a5b7ca9078424522db9491bc38d2644dab2d75499715707cd83ed655343ca73672d480f1420754fbbfeae0fba05be3b5235a5fa48bda9f39df0b298351d8f4da3fb8a2feab8b1aca9335eb31ab03f40ab19f668bb864c798ae08de37bf848fe2e898172d26fa23f383787d7199a6990
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 8aac0687e33041fcc18da154b41f20a6af2bfb28
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: b51ab2f8c4ba3e8638d454ea72da5e3cb15336c347c442b8e1ade85c5cbd0dde790dc707d60d452d5b88d72e718f13cd0e0f4c9149b72e8d6be869d817a3232513c958
+TAG: dc8feba112517f6a820ca12de43c5d64c51cca713d3702a2b4a5cdbe86a90946a7369ec26ea8b5b35df329bfc6e29ef50c2774649134bd6e3f3fb38ef13d9c7fbe066e9cac4fb88dd0c02b677472ebbb2d0679dffedcaf13fccef6a25aed3a272ec01e7680becf80a624518e1333d28c97487b06e0581cc80c94989db4e93489f3dece9eab6dbbee73aeab572d1ee7705d18b899d9c62d7a370311e64131a801400b580d3c8f7af88be485b84fbdd89f7f7dacb29afeb56658f3d8e49f27adc542e412b0fd652b9f60575bf61622d7306c54bed50b43d89cdaecf1981ede09f9ea36fd174118ac178ade5f26ba04fcbd2eb035f030e2139506456ff8d342a4e59bd55dfafebda23a66cacfe6d1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 53658226c112b86438dd27b58a71f9e36fc73c1e
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: 87bf1af7e4987cdab35bfe32adc6b1be286751426cf926217f2c699bc095bde7b6ff3d6cc96b79328ab776547c2cb756d9de8c1245d21619a51dba8364ef6914590f15f8
+TAG: 55b9a1ee198080846389dd088016acab73622b1e2f902b0776846c74d99c27e67c7bbb55b2ac0efff91af0f6cb2ddcc0b5b8bab768048bb1662bb343d2f3a164bd4ca4850fbf8111b29e9be7bb836e2a8ac50ec2cb0b1c4529e50904007372284ec9187ea27d8faa03fc9535ba744155d06c06a0a97d96c03de71c13c95f185f426615f1368be346aa5ebf80049ac6771763235f2ee44dc910a01035c53caf8f9fa6f51fe3ad094513a8db177b6a66e24d21e1e40a23aa3629fffad45f84a58a29ef9237fac5eb6f5deb3825de6f399e46b2b2b91faf64ce45d164155e4dc757f6005c7c3e7fb3d8829623fd7c6ca48b923be90c38f5209c6d94696d2b2b7ebc5dfbf2cfa1a37e8ed038e830
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 6b7d5268b0b5037afb5be5af6a0ceb34e7656ac4
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 44237c388c3d017300db0fc9827f9b575e59bd971a0fd89cde4aeb1763912b49d50e92ba19d7594ef6da27320ac2bd1db3bcfe56b68a9ea8e2347d69890fa1fdc8bed782ad
+TAG: c1068d84aa962e7b89090993378806194ffbf677e7a66524d2ebfa7bdc52d76d09b914168eec4a5fde0953d4567affd3a4e0e48190e7a84471efe8ad1ce577c21df93b9d641c865d90ea1e6069bd703c4ee372379a4ec94f7e99867179561d41e9053977cc985b98f7a9fbc675d77052809b89b8f23f993e191ed1a07f97b89d05de948107f94245f216c413288eb4e40f3cee9c00c15926657d9ef9187ab405ee8000b4bd84d5771464401d59156a97eea7b23b4a6e9f1587cd3b75826a621b699515829dfc57740ad5719c43e88d835e13ebf703a0966779d31dc26866e0e9d27e3376137c92c97af49a876eed425d3980f1904f013143faeccb4fc920185ec2325361e5b318434487f9
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 63efe7af502231420ed5aecce9a28446b257828d
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: 2f25b5a3b01af5411466c8aa5d8ece037434d5e12b62306f2732cb063d0dcdfc2725e67118a242a5576d470fcaf9be6d811bf2789cc66f5561d0542438b5432fe713187a879f
+TAG: d80e1f4edc2137f430d36a5ac93680c973fd7c64a03f7c2ce1b7e33085fe94da70ee26f47998947310508448cc70daa595687eaa540e48f048132de108a045da6d71170e39bb45160a344a2fdb5cb56ab020b9c0842ef2a1a5c83b4d63359fb8d71506d1e611fafa29e77d0669474d135e37bd8aefc3e17f024093186ff80fef73889e887b8d6672256dd592946ea84becc08c29445c8d978e896b1dad5e2608e347e54a97f3f757d7362f95f4cedebed07ab45b05713f7119c38d15a0f22d4259893f5e2401267543b3f78b52d54dd2d608173119e2dc7fe01f66589628e95fd7528958e993b21e4db664b8cba2f776d5cc305c42553da936d580c17d6f5090ff04e106c6488b5b18dd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: 1a555c300a1d1bd5b03cdd6bf2a678621624eb05
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: bbf934979c5d9da5c8b27d0341a164d640f12956a392303b0f1665935b5c39de458f53e0a6f824cc56081db1615fc67ffff0d300d1564666b81bb37da59e4da30de9d6a19df74e
+TAG: 9c18b0f9ee6a167a23566325eb330660997193385214abaf945dc18fb8252fbab8330b9809a6f1b300ae5a0c9d841fdd6f77e8d65f1cd0b221fb9b94b5e5d7215e6f501f490a7fa0a754efa7f2d9f5b927a5da2bea736e73af067e5d988901032d503ef3ab89894d03e48a096e7c31fe64bbc2c13f02d878590659ee7606d9212898d4d246e52b03c5646b1c3fbd43baaeda6548156987fc8f490f5763da18198bf0754d20f16dcf7df6bd35ca4bd95cd5c95a60427fc541aaf1f6923ff150de825cff9900ac9492350770bdd13fc4d0ac858ccdf36efbaeeb572aa45ca5470a04a7fa1ce5954d58771730b7202def47b303e560e81ebba2080d044a0851043c5af1a05c30a5a448eb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: de9156349b578f2f44945ec6a676a67a829daea1
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 9b9bb61ca4d5aab8d0342d2b174e8f39b8e21db0fb7146025fb298016df3bab4363bb47f5b1fa038587df98851d09d473a68c959ead8062c52b9d6de86bd6a0fc9a2daab4667c621
+TAG: 897472da6d837ec173c2ae738721306e8d3c9e5353b65d1ecb3be3d0039739de379c9b06f42af8e952aa9acb4780a6de888dc8c54fe9a2eec19ae4a864b3b9696d712153bb66c49825ec5c891e30915c4b7b66b190525195429426ad694467dab09e8c2f9f21ffae4d54b74c0c5ed9a05963651dfcb9560677693429c63f3024043385ab0a31066243d42b80d2aa9854005504d6c8b9b7f736a8731c5dea0f3fc9007aae0c6edcd0a91dd1bbc5750de12ee13d4a77379cd3b2c2bbac885fa17338011b7b81cec6711fd5d65178f20a06f5475e09c202deef57939161ca8ed3e4aa9b010277acddc4478d1afb64138b276e265182ef2dea321b4f136c5c439ef6d099621813209a43
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: 12812df3aa7f3bbc899f6f248f5590e02570c292
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: 33ac574b7962d03b7816c0199a7f661a485832b9023867a749fc4bfe8ff0485571744f801139afd8215863b23e2d68ee7a254c60d8029e0f1ee10a1b947a4984f37f98a6767f52661e
+TAG: 3ee493d8cc764880f4ae7fc3c189b95bfe11d89640e3c9ddb55b230ba0d142d53fe18be8b955cf0d0d237c3b295459fc4c723b27ba8a29ed8dd5c80fb9839e30bc92e6afbf28ef6f72d1c28e5452460f986444678e7ea982d8bae63b69788012bd43aa66e5a521840c79831ae74426fb16f0917c5d2747b9c31fe43ecee604f26afddb093a9f1f1205a4451d50080ed0a9208a88ed6dbde37a674932bca837c46dd8725982c2ef6ac54511151c4cd59e511ca3835ea9bdbbd2e0842dc9674a854b8d4b063d0685086cdf917a7b7983dcc28af2addf3bc302034e365da1a87334a68477aa34a3a878d926d4c17f50316749d917e172e47597d060403a0279ee68dcd864652f37c6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: f3c89f21c327fca4aa400fabea9e39780378e901
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: 8517e13ca00214ebfc748efd3a233e8b64801dcce99f9fee3d271357220dff7b1678c1cd6392a6ade62146c0e783248918a7cb69dd26dea525bd9060f380dba75e502bdc19581ebc3295
+TAG: d1f1280699f5514e4a56b08a5c3146142ef8e44c18ccac74577ec0feffbc29884da82212cba95b31d8464954498340f35e9a3d84256e8628368edd166d4b429fcb76e0072d2f5276ed8dc7bd5f34e754f6577ba00ee7ad74e9c89c4f82af0a7716d6ac77c39643909dedcc9356ba42f07874031878229a076da9ac7b0e49b2d170239089ceaf84392e889e7bceb3e383d0f744e229c53e8654ef0099a11773885efc456883e4a973557852f70c0e35668f3f212260e131962087416e668c9f995f226152251f5873fb89047a9dfa65b9fd0116486092b1092c4ee33e7625772944c06a2969b162986cd46d2b4185af2658c25c69a7a599d17f37be0fe1c8250cd7df5e6cf304
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: e8e41988fad6c8b44c56544964cfe0a347b35b1e
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: b1cf0005c93547664e09031d923c4ef9ad663a808189cd8aaa68fbada340d8bb13330499131ef3788cd91e9527702a2388802fdd2e91998a53ffbb466bb7e362d06677edd673cae71418a6
+TAG: 7cad97328236aee512598d1a4c7d51b2154218fddf0ef21724921c1afe61fed1b7a1d1b56b8099dafff77362c4154e4bd7089fb0908ab1de49244a053997a0d04229250e52bc1ecf4550da5753a35108b6752f907ddf7a77fefbdb5d7290b02ae231d019d04ad9a5295336639e7e6c81ea46863d2bc3c4fca7d0f3b05237306759b156ac1fd10b044730987d04a943f0f598704f2191f6c627299b92a2c01a4004111c21f650376c3f28fc9793eddaefd74a2bb3cc5dea73685c954c63b71f2924ebcf9853ff084117cc84a0785d96d8d55d02723a2082ecd8c4b49b8d4068071593aff50c2e08fe7c49f6de1d7586e299b42ec723063f2341fd9b3445cf40893cf8c2bfa5
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: d1c7b2c04dc25fe7b742a1d659aec20e1475ee4f
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: 7195b9643e0f7a4293c865db36442d4fe2cf3ea2c648dc88cd5636fe5e6bcea3d1197966e800da8c78bcb8830f3fa97671aebce98549e62827adf612e70f946673b07e2f953c8fe5e0b97aa1
+TAG: 3a909a9fa57e720bea6251ebbc1a71bbae1fd894f6bbd16e11abe51bbd1293abc0ad4c152a08b4acfac7a65b723fc6bd6923db66bbf202e184e8dbba150e6021ad1310ab4752cd4ae874409688996fdf88636084db7762b9578bb0c98d77c5156a82a97a3f6989db2359d252ff7c6405bd4834708c88d4481b35eabe2f7069bf8bac374fa382f4225659b41dd2a8006c0ff8d7c77c8d157e0373f45fcc0abc804a9f8a6b816f2b729befd606dc61e7f763f18121f56255662e36d120b27adfc8e1b528bd8ced5386cdb62cc73e58cc7918d27253297e9cbb9c740c7765cb014cf7bf160cbf09e00d32d31d462f356791bcf1286bb9023254afa6c41fe3d165f1bf7e6c002ef64ecdf3b5e073fb569028032e6713
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 116e20ff1e79e0af464d473b1e7c187f4dd66007
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: 1d50f3eb1cd76d8e08a9f386db0cdc3eddfc694e8502ccae47ab431c2935fc461254b80386c87690b01c22f38ea9bd118d2e0ed316ac249437a3e9c30f6c1f767c150216ec90e6c8913ff3d469
+TAG: e44bfe162cbba654362d1c86088564b14120815f181932e9f111d6da5efb5f4caad61f1161d1d148cc429ad34fcad9128bab101c7cc004fb8f0b516216a809a6599b5144b4c5828cf159fcecac46a86ba0698a6e5267610bad10cd7ce9079b6c691c2ecd522dbe3563074f2ac85712e58cca41761aa94449199a8b440016e68eb8bc9db3ff2c2bd9c64d9d3c71566bfb5d234af1a144859431f16ce6d65b4cc604e9cbf4e5539c192f07a2981b55582376bedc07aa20f5a841c9f500915fef353c37446511da3affd743fc551d5c22454797b3eb957770f1ca16da138c71bf5c00ab7893ae83b3f499a2c42f55551a986555925337e0604227ebf1c65312f0b1a8cdf2d06b5daf3e5ea97ceeb2f33421d0b44b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c081d0d09b2c9eb39a372ef4a7b0246a0956b0f9
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: 4d754c684658bcc89208bcd75f24dc8e18b70a28b8a2201535e60ab755fb20e1ddfa98742d257eadd02d96c6a65f880d058312311efdf67f9a106beff9f5ace0ac6af586aefbb5e8b4850e584bb7
+TAG: a9bc9bdf2c16ace8cd471c2bcfbc2cf933fc1886faeec62d4809ed5cc4dd4fcb6ca6c42f31bab300264b278dc0b10fe8a54005b590160b410dcdfa3db413dd04a72c897b262ed0fe4ad6683fc5229010f1d2bc939e61a2c9e0480ef3e03e90f74a3edd8bb523271adc45d097b197ca9034bff48677efa763e1ae7528d3f775f827b9c56ba7f042d7f9413b4c5d01972e86976ab3a398afae27faf3cd19ef1b24b5342f9d067e7702bf1ae9679540a72f7a12cdbfbac234d596856b3bfdc2190dff0b50f45b4355cfa25ebf8d1d16528fe6c4baf9b0e5a50f95c4091704e939c8ffe69183c2695ecb1f12f24fdf288a8e8bdf3fe510bae70c46d0214303d5503d21366c4eec24cc2808542a203d81789efbb6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 6f7bb1f9e2772eb909c315e653e4737cfed78a18
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: 25bc47e58e7d4f3a417c95768699c92240a2be0e86232a41fe02d64f66716023996772e1118be48e685042f989dcd9cdc574614c9c3989f1885b4b71dfd5b1c32c1321ca41ca1e6ff1828e677e30fe
+TAG: c96a78b9ca68054bc1ed2a150dff9f9585174f343d3df80350982002b4c95106b72813a90028f2855faef235909686607f39655ec48f4024e170c9f9574b0c81b63c8df7af6b4d0f0633853a09c334379952bbaead7415125f541a01e320c5f5d9806b71c3ba71890e3229e751f25ac82c245596b5fa688f1b13844d91169354bf0cc03cccf576c2216aeb9eeab33e2a9f8bad2145d36cf0e7585a02296a7a3b434f4efeeaa4d7ed65befda32b287d9d0946e25dbc0edc22de871184ae8c76777528b917585be784d5e0674b1e5693d0b8cbe8253f8db67c879e1d2b7ddd5df4777a15509f813eb4d0f5a935aa011daaf0cc1ba2ebba9a20a74847e9c53b648f6fce4c08b6e7babc1919e6de22210a6f05
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 172f4992e692a88f49628e5d3937959be01aed2e
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: f1ab85a35a17541efb4f906e7fc85e64efec6ab40d59d3da920c4ec09797c3ad47820e9d934e51e3f4d097c4a555575939bfaeb8cfea062b64816a160d6e4d1ff02a5fded435ab9aa2daf22fa7d676fa
+TAG: 14684ce099f4f0e11e785320debb89c79c03e8bb8751860d3779b4b553f6dedabdb23119d2866ad63fc974a6c6442b734394cb6705309a4d3889e90c4a222bbd14624cd89a9c3f904367c418140375dd592107f839ca94d43d09495a8dc8273201bd8f5a447bdf57506421a975ff4db3aab7878ff18e5b73c8f072a8d092461257d0182710ee9df9f86ac5ad321eac7ee96dddb27ecf561db222ed1c7c183c2ecdf4c7f57cf295638de3c4176ea244100d51c006282e98af1a8fd540daf0ca6f2fc0b88c550b4ab638760d95f2f9d09612da198616cd13fbfa1ad12a3fd30ac9956491cb11539a1be43175fb1452393f13f8d03501c89cf5962730125a7e185dc089b41124fc1e7f69b1fad46bd661c1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: 00133da1f7c63fd5f0eec364e9a359be02c1d3da
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: 5d6bfe91cd2273a9b986397a38e81be5fbbcd0403ef51873c2c467a9fbadc7bf540e83c538a43dc0e0ab780a4c4b1f5b77ced74f65b61f8b8b58b26fa3e8cba568bb717dc7071bf82dd8c68b068e739706
+TAG: 2ab9e654859c35e065f763d949d43c65dc85dc5d918850809ad8efaed6569d4b3ad064bef3427ae4c3be571fb914cefe2362169bed5b4c0cb17d2106fd6993d20ab8a8b70edb5f5d59b3357c8499c36e2b0b67edf7f334ff02d599031f43252b8d30d39affbd2093a6687c771b672329e14901ad9128f063267d3ab332ea31a79d37cb24ad0fd2d07f23b13d4643d1d9c529e1dd0490c851b0009fc1192f2438a48aba5a39be2ee925b1a38647197ead5cdea3499daa5abf9f4503d3581115a6847363348d5e7933948dce867752cde69ecc401012674ad75e12245dee86d775989275a5fc635c66d42c01b7646e180d28798905a3beb210c049be35b522ad580e1ca29f81b9469448749fce961ba6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 60a6821269be6c5b985576b245f106128eb0b325
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: 16e3c681ba1ece3bdbfb1da491f877e806ddac5f1ae96bc406bd195c9d48bcd4a9b700a8ced21d824bfb99eb057e401c3529818725b51e96c576e8009bfe4866e98f550a23ef4748ff761a4d1c44ccb5eba0
+TAG: a30286b3d06306818a268db0e5116abc2c7361c5a32d334d8ce5f4007aaeab750980018b435c79391151fdd33df2a97dc2cf62c4426ce45be43f7e4949be735bcd33f0e81cc6b5a3c2255fbac9ff5a8fd7e7b57554d7ef00640d92b605c9afb0c19dd5ca4c79c409d85c197e8f21d79e91df01a817bf68e8718bc771028c945471ae003c0a210c572b79d772560031b5d3e5495aa8d9bd6fa3f8ae9976ed7e7f8d7275030d2f12ed5ab05276ebebafcac7d0ca41f9d860583f800e4f1b9658b12fab31fd63f6a5e4b80463918f8295ae11d7b97f9b5f89b8166861aec8f1b1417163a6a8adce23ce66c9a4306acae7ca75435cbaece814d6010a3e335bd7db9783812052179d5337d1c353be6e0b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: e2593f3b6741a9ed9fa188fc06efd057556ee624
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 9b51ba0eebf72bbcd7a1b8452a49f30bf2d96bf0cde4d9e5efe7f1903eb4e09f53aec649c5a8ad7e7fc6c28a0dcf4bd3556f4377bbf8b3f9c79dffa5978692559f732c109a7a02390746f5975d5a0aac4d04ce
+TAG: 636f7bcc9b0b5320643f4b6acbecd60a0a89d2511621ab47fa4c9af610fa1ff9c6cc5cb8fb64493d6a4dca0e94a90794f31698cb1c5bb5658e8b6a63a2cc9b2f1f297240d3d6c62087e32f5d5e9f9d608eccf4b41253933c7391983db1138012a5f5caa5abde25c8a16fc33cccb0604421d985f198c48552650f5dd299bf9163c136c042c9a35cdf7120a702bf460d739ab264fe1f58453ff4990f7315379ff074e01730e7cace8d45a5d0355c0acc409db8fbc759516ad56818b37700548aca769719937103787311b6dbc8488d9e68ee439cec3075bafb725f44734326df9b10d6a4f7133ba84489a9985febc96200276a1fb513f8a3c062466cbe63e7ad668cade7ea70c3b8cd040a6162be
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: 17450a437efe239e1858ac4062f34024305372be
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: 5e4df84379f9736d784d9166047003e3ce3375a8e7add80c8687e94f68595aaa52e3bd39a45a7f67d35b4df0c5d62abc81680ebea78d1ec02153833b4dc4bc51b4d1725f5a830a064e33cd5052e90735477c069d
+TAG: ddefe8bc965ff097f22b8978296cb5eac25732862def3ce5a7d2ee9f7b7d6a6cfe5778b9d6901e7540d8c62f3d97f68b43224e00f8536bd7df50f3ccd1e0917eeff5c32d196cc2b594d23347f4bc1db22ede4f2ffa7f0774c1a073b5e91fbec2b634d0d60458f215309be0c2d1b553f22a87cdd75cb64cfaaa0a15ce876bad26f48b2d6464488f97e35899c7aa80957491823239173843dd88a617839e5bbcf78d51dee3418defcea0a72e5ba7a1e8d652139955570510a9c8e6b6902a5c74133c641fe3950db1b7123406eb4cd86e17bf4efda4128e83172ae78e8c2b632c0cef066ef311f38fa1a210a7802a39b95cb699962daf41e5d436d474753997ac3c826ad39980aacc954adbb12c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: a35fc7d25f90dd9cbd35910d5532aca8aba88b29
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: 1ddce9b3f674dfc1b94a6cb34418e6b75c93f14941a6dbe028ed59667404b93afead95ec50b9393a8e0e5f469fc1cbc5136f4dc54f3a005af6c88cf70ff39487cdc730dc131538279704a67492f5241faf00aa8c46
+TAG: d43074349115775a6db0a999c8b492d65bf1c10f046b7c7fa6335d54854a202748ed412c82088bac5d07db529fd2358c66e48a1a40083d9911834522091a61d25013bee70e3d9bed1c1a63ff50c2f0c1ec80bbba5bbb25fd8b2c787e9e6c90fe73a8e476743050c06c8f72344842507a75e6514fdb760f1c733242fd447a8c0658e3045324da0dd132841d0ca758429c6fc0355434a6ae86cc1c798cc9a558e767730437f66f08bc8fd0301d3447f5f5f5ae483ddbbf61f1c8de15bb2421f500ab10ed643d4bb54367946206d5d5cfa6a4a2bd16527a7cfc619d1d7df22fecabdb0541201825e2af362adb3033ccc4eac11db0b563d5bfd65ef1a95a28d5798a33230a78af0b38bed6d429
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: 73eff0f03358879f900b6ebd515f0f4e5a6929e4
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: 6736ca287cf31ea3ec92c68697bfd1f88642e67d9dcab11c5dc8ecfc61611ecffc54a04119f53f9e5476196f220486ab53e2b21e1135bc6745731f0bd32eee9777a1b3d208c21d86048a4cc945389d60ec8954aaec13
+TAG: 53f11651de2a737a0117aef6790d2683681561ca2b26586c5564d5fe06565e17200115d2a473aab781b9f8d4002fb4060f1eb43e77e31f270c143ae08a1cb5a2887c2ba393e050473894f62c6a7ec438eaa575d631b0736c3fcce58b9e81c28701a6d4c1dfd19a5d2de366d7b1c2433997dc826b48222fccf919ae872e42332b74d24027dbdd487014adae3813d52bd20271ab8da425e641701f78312026f117423f90145181d9af2696cfa08059a2f3b1f7f63e48c7ca8f63396620b4046210cc431a1b1311834659338f957141da2cba2d499ce121223f45078668652c9b699209bd1a33832e8a53c7bcd5fad62acbedbcfc1cf839b6d1444a991c573e8c2ecafbe33a23701291a8cb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: dd6cea270655225cb4f4231f54c19eaaa146eac5
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: 95b9375058667abde693e7e3a598dd4c326ae4db29f54667c54453e6191c52f86d2fb4fe324e9a02b94f094f1dc272b1e6ad85529206a511468879d31ab9e74f7666691dcd7365ce52fd6df951c20e7a71ba740901f797
+TAG: 533eaf7ba2c963ee7357a118f8306660f786ef35206612b3bb8a87748c76c6bd67c15aca895927b6a92c1fda33dc4c330e8fca65d6b82343247d070a5bc0d0d632f7ec3060546cf2fa4f3bb7f144356bb2371cd19100e7d7066f2c304039836d62a647300bba5b7501241b8126a8f39bf8ac2946aee674d0a64644b8aa0e261f4049c9ab56b16e717d162d9a43936852047d4adeb17bda109d3aea0a46acb70e7fc9351978b4bfea20cfa0f437fe8c1308e45a390e40ca17739c4edc6a0bf6e0c14d84ea315e36ad0e80d22011b02675ae09e814c08ce607d4e3fe18a4bb9380966c174ca8a1c397966dccddbbaf85f47bbd97c5d99936c26917df99b6356de065ac0ddee7dfede113
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: 34dd9bf0ce19eff890ecad474388779f63b0af70
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: eded2db8c302b3b5b5b0c0d556f8d34408fdb2af75d38231049b5f91e02a4086e6ffcfabcba5e3ec68173dfde382a41523d3c8ea1f7944351baad1588516c548125b1005d3375b03a4ff4bb19937068e0efea0abbeac4f8f
+TAG: 379af744a549ee2fc70f6fd955d68da610b9e28178af1e7d6034c5e583f838a84882937060dee0838a6d0e008c51d312956cbc233af4e94ee992a3a9fc427f98283ffa000fe22e62e6181754cd434b066e685a514bc6ec82444c3d722fd37b305e1c514541208c4cc8298acfbc9f41762f50c87a9b95ca7a4d47ef412f0079cff9affdad66dec43d8fa706ef5bfa7deb9826c28ba66a7395e6491bd45ce3750864e3b0d466d236d1d5a5a6dfa8f531c2ae985515d367eca43505de759ad476ca08a6ad5265e8550a4d1fcdb0f8c3ef1a4567ae3262d5d5a78e7ef6c8097ca22815e35ac82ff78fb39b029edf5521311d0904b2e10822ffdf3f93118412181f8679363766430beedf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 7db8cfbd3b29f96d752346eeda3c2bb0bd070099
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: a56c9d8579b78c9ef40c4a230e8bd42750510340fbd0cf55393bd13d93b105fd2cd1d701b6882bacc661e8da81b7c9eed6b5dd4da12353298150819c748f464f5c60b86f92a9e89e483055b8dd3f42605a3065f08189f74021
+TAG: 2704ec8335c00380797ebe4100b3ce3fceb38704eeb5db223e4256f4b2a5353ec0a89676e0542ccbcf3ccf131832f2d4af2fa86de6fb456ccc6add9e453c16e303755dc4e841344efb5251cd266a88f4f0efa3155db9bb475e9e97904a2efaabd8b2e836d54babc9fe4a5a0805d113ad28843994e83694fef3172ef45abfb037b3c78205fe9e6042fe4c2db156b78fcc52b0f43eb3b2ca0f40ddd0077be8880c29c9cf5d3a5b68eac071874a7c96fc531cac7c0245dfd87febabc641b081a7de6693cc85d7851238f239914d96e8281e6c44b1576d0e2a3ea02079762e05923cd53134db1524c28c02474bd539d0ffd8bea24cc743a35267ccfd405a834bbbeb3819a3060ae254
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 4abaa8453e8cfdefd918571a961d8351754ad5b4
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: bf13550fa32201ffc699cbf22de17ca268652f8ba2693dde72b626d01855eea7c21f0afae3fa03dc757491e8efb9091a4c100f8dccfd15a9b4dd94e4fe1f5e90cec62768d0a91e132acb1fbec1052878706359cab3445d38b1a7
+TAG: 87370bba8adc7957b9f4b468f584e1483306cbfa87738a2a047d9e5b0af76efafe46dd1028aba3d3677967124f2adfa8d88922bbad39c82f9272e4734a12c9a82201024147b14c50f110371ca57d3cadba332d46efd5a936feea2f74609ee8b39e22d4e49f608229b9963417661e47610547970d017d1afba6c5d653eeb9d6b596ee2560f1879437c81dd7b7ff64737f68e295cb558c3833fb481b582817bad184290f7b731b611aa09c63272a14f4471ec654e460fe7e2061de628bca07cb52682d4d46a3e29abd90faa42e9cda1118c92ba698ea985bfa4dae1e5a5edc2eff590d609b37786d1d577b55b0cc671d237e338cf46269451be059e44a2e6b40664d060919e7bd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 0fb9d7ffcc7c9b84f34661d472ae2d4fa25d3d99
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: 9f9a3ab733e50c1584c4f0c2a2dc0ff71bb3a9b32dbe92da2fcff8fe46a4bf16d4f30ec8efb1319891b7d2586839fffe5012a6dc3d5f0ad21e1572a1ffb48fbb59ee4b8e0234e543786e775dd4c54cb1ed006b4e8f5195610e267f
+TAG: e3e1b44b7aa92166a01da7ba9c7dd6ed9245dfe296ee16fc20addd7a6c15462ca1c0bf1b90a136dba0749837bcf133377d6ff21fd3cb7c1f7fc50df8ada45e671e1bfdd4f711462c9655c8159f2dda37bcc96df425ef3fcba2056973d39378fd2189375bcb96ca84d023f45f880166ba262c3f089e58888b8a67ce85048c5628061e04a7f09d8a6eda422d424482dc4dd4d361fde54b3c659b273ee9a04faa389befbe2816e164d9bcd9fb6ec7aecf51e9288cbeca4d3e0dd776a3c122eb4524196dd7e4b8420a08a3276173c282dc1463ce6e6b17fb419c1bdb47882e6685c877119fb6348bd0f80b867d60fc8ffc4e89768eb33ada5f32a81eca38965b28bac74f5dcaa1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: c68fec315401703e49722fe4b39cf28b14e9f50c
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: b4d33c5131701c960eda4c50fc0a918acbe28cd47fbcaa328c6a9eb08e3c36b697928c6981992ab155c30984c6b8e9340cb00decef7086f589ed2d730cfafd5ccfb95373b8c55044fa1c95927d02278a48f986a6b8301426bbdd504e
+TAG: c327263a3dc33abbbb6985406703ecee6ddb0d9b236ff2366c65effb2c936e5961d99de3bab4eb9c5aba4f65a55bf768a369181b191545f4421be3bc5bd2155257374ba8ac8e70823421da77aa1e2001a4e2f4942a40dc586e1c9e3d0e8dba136bcd823eb644d8d152182fb0c88ba540ba3a71ff1b147e4e072298023ae0c8d37cff859108b02d586d5357076e6e649e2a8ad3d4a9de1ffdea88b4dacb2d2c7fe12c8739e0d50d91e3fb57d54e22e6c4ca3c8e47b2b9c7de9220a1588c631dd6ac85d04f58559b796b8adf5559365f8009181a75e1f7f1a3c1097d81065be9b30bdcd0c5572db64f633561e426f1a6023fd7b7e1c4f66919e9ee67c5ac4026cb11aac92e445d90ba020153333c8db152113c5cbe
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 15e1aa5285beab679aaedbf51a86b4aebbe3d7df
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: fe6540372ad1c40ec1dd644e935c480b9e34aed05a7f21e2e37dd46db52ebc5352cbc3be2aa289cc2e9712aa7d393f4454c9fa3a4acc30db41ada1257693d3469b0a1d5680dc8dbfea8cbb4768161f829a4f853c1c48d08825aa2b44f1
+TAG: 53f79cf7b8f4380a1d1f1def457d4ad78c5819e0654d4052186213880228c482e2a54bbffb71483d32a8eb97ea8e9057a99a52fc3381820bd5c8fa43b846257380c07075592d6a445075a0df4e48f20dac7e2df8967a1cda41bbd4b0411a54b3ab9e79354a59aef5291599176599db82c0f6ee8a05e012067e2961b147a7baa73a818c64b52dbefd767b285fad111972528e3865b78c3c8aed658b1e84ecfd6ba292bca83ef66968e1bbdc05f616ae79d1d7932a0e8d5fdd7f98159b199bf933ada7670bfd4992bc2ec95daac00f10b7cf2bb68755edeb646395efccbfe322c9f381d39ec36d92c914fabb74d4df8dd506d9a8e233c591a503e92943e9437b10268bc9fd1a512b31a3aa62034ebb2dfc2ee3ae
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: 8cc0b1164fc844e958e055b7ae43f2f95c29e8c3
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 22e6c691ae1ba796667ceeaba4dcf85582e398e529d938da63c8221a58c2fbe242f6da82eae8c896dd31b45b3e8b72ff3dd7906130954f7b68d4c8729d3ff66ffad72104047209a56f1d6cdd927b57e8f29108140f903d03da3f4d210219
+TAG: 6c22c87e07027df3721970ac8ebb881edad4c00566f7b53dff9189ba9844543d4c5894ff1579a353db455a1597370c9d8f2c16a191d6e0eacf6c0cb3bc30b979ba40244a12dcdbf806e609fee1cb9531813ab90854c5eef9527b0e546193df1d3b2e52c5c01cb67db0f4fae9e1557e89b130fde7ae3f7b493d1b0296ef965538ddb7519ec972ddd1926ca29e3a9ff5c9f55414f07a1c1785908975ed43b16bb7c96b2820fa3c317582dacaec45c71b3ed841a41358c87340f5fbac68dcd4590d9aa4cdae3374d7c332c6ace45644a8805ac792c4ae5bbd09ca06581fcb46e71381031d5ad54b117005c2924a538501c944c416e19480d48e792a741e863043be0cf0cc12c700c3238a77ca4dbd168da1618a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: b51001b6ff9d27bccf3103a4961280e0a1406257
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: 4772e647d03817c0f9deb39ff4f4f27fb0fed33e0630eb453883c707336f0e74ef206e92e31fb2935a466105dbdfd42c180ef63cf5cdd3c281337895e399df6078c22762eba5d84b8845ea00bd88bf5e4f0da518cae42502e8531b14d979bd
+TAG: a6a89cb7f4f54501b3fc90129f28198a9c3ebebcd6fbf6513ae3b136ab79b5cdf4df4563910a498137864bf3a63b6dc731a29e2ce7768a8216ee39bb67f73b16f73fcf6bfb934ef67dbd964d016d876ed884e5c3357a5238dd7ad6f979e81952d9e2c2c6c5bbcb1ef860c67aa977b8b0e0288bb37c94b48ca7f8f5df733e1bc522c9b06292ae4340710d15079b8d4e9e7dc95b653844a7a5f795d71bd7611900698a21335e0736418cc31a6c29409f501e0d88be63b54d6ab8ab5c7f07f7375860f949168f9555ee49f7fcc41900bbe1b769a65ec344e172e0de68d74c94d261fd9785b6516ff425c6669adeb426c2deef874dd6b510791baa8778601c134dc5e05e0b414836303f21bcc7c300958a0200
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: aceed075f31ab159f6610f43ff0a6ed3a359bee1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: 6dadacb58a7b88e2daba277f66e5757042c142115871c9813d1a72a79e5a71366801a757a5f9982e99c355fe7d742fe3f047b711dbe340bf2ffd00cea6dc6ed7a4a416c17138404854ab8a5420960d60cd1b86424b2668740910a922865e4c13
+TAG: 98e4dbc80aff1a2c04156dec77deab9850b5b951f501d58f265f2c75344f7e6d0aba191b077877ed269e75ec40c84d8644070e68e18583be6e13788ff2c7f9a923f84eec8642ffb6eb40ca773a45c003df69c80de0ba199354f231f9091d1b4078ac218835e2df3e76e77d657099bef5a6a1367e6c39b23a0b7cd345bb8f5a97b9dc86300132e95853fc3635da842ed214fd00bac3b46f002f3c26cfd36c575a56af06e74032cec9451837db3542aa717aebf6e3ab3037dfab7cf0aa0177eba2dc3a56c3e3011d4c940b124b565c4450b08ce2f900d400e01a9b469d327cd9bda24af77f60e8ec6f5da196ad850c38d5cec0fba6bbab584c8b486bbac87a7f559be463e5929985ce710243260fb9258e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 976ca4c9819e25a204a024d05fbe7420f717bc58
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d03
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: 4307f039e09bbc51fa0477941e321dec14e5f562d3a5ba25d71c3c8afa23f44e1ca619d130890b7476e5227442c27995cd292ed9d0a649773b752b3bc7abf171244624bc55784adc9282f1776789fdbcca048313a1e6c8a23119db185ea4ec1925
+TAG: 87187cd5d301d869cd1b4bb721475f6dd5b64be330781e20a24c1784dcd74cbec221914ad4ae88d4c9a1a9eaae7b13052d2c6ded662507a07594feae4de66b72c7fc1143c4e7100293f842ac0022d8a916a687e436ab7bbb56b2a4fc18677a813b38ab1e1d48a474322d44f581a8d007ffc6f7f4a132212e7bef5d5c9b13889dd2009c6398fa2dba18eecfcc5f41c5ed56be7f451f9b7b7a908f0838d3d8e2696512c6ec159a6dd94a1628be9911a3d827105d8cee209b6ec4cee3a488ef5eae355826d9a474f55bc736605c6c24444330fe5eff18a735736b66ea5d0c5b3278e373b57d86dc7815603993814ecb0dbdbd330c69dc46d7e6fc8555a18cc0ba5b5da89e5075c7ad835fef0fa46ea426
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: ad8cfe7556704bb1974e94f70d8743d147c5c3b4
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: ee9fa11a7d6f965e7d65d8f48810754770b9d237ba0111978b97e24f223817d0c6ce4dbde85c4e0979bea607a36c66f908c25384184fc334d8d985b78c2e9872d82c4cb1aad49d7dc21d6484b80f9192bd724ca57cdced2fdf142283126721c1c2f2
+TAG: ba76fb9c71f51c92d4602572883846812cc94a83e86dd16136d65c3ab932f89b28ecf49ce22335f0c643e3d979401bad3ca97673f062cf69855b23b6a1b14927594d92f689b4204ddb32d95d577ef4379890d804ce26e0e4565dfce891c992a29b9b1fa57f633b0c231e4e9c4939679bd52205988cffc989e34ae744e49a7ada77c6fda5537c5b031208acca0628913fd8a2ecd9f2b5d50254da5f7f00189dfa6d553300d805807141ef0b75557a693f1f90698a8ac912931b7a1a3a889295046219394a0884f823d204d0a3bc4cd4e3fa6adbddab80d123368d2f29ce5e8a992ab9c1c5d2c8cbc99e99647410abb5c73d8e00a0482834f97a576e99311d747088e9e65b8546265f71a237c1f74b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: 1dfd9608adabb5a55e12949f1c4bfcd5a77cb703
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb9
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: 1a95f47f7bdb2d91358f683b7bf803254d88b59e2d3c1d873a09794e1c18f1c924d480727599a1a6890bb664335e690e4e52c385b634bed45e08410448ffda3ea2593a02a11a03d994617b9f7ac85317bf09c41b08b416863cd90f0244d22c795a34b0
+TAG: 4537e27f1bd4b1b873ef4b3eb83cfc860c44921195a0250a96e553280b15e9ed379d4eac959a2809ce808e40dda881cf8a08cd50302f7dd5e67659613932ffdc086db4de634000cdda80fc576294c265f49a48c79ece6d42423a4f86c25c0a168d5eca502e87c419ec09134c27e4db1f2255de7e10f0102b44f30c67c8e07aa23aecd3f62ac8a24f9e8f82be61b539e288d22f8e05e914c191877c5ad1a546415df68427f97576adcb8d428ce7ce2c96acc98fe0d6dcb42049206ee1679f037955cbc12be9ae020774bea675b7c17d0033a60927f75e87d9c7ca263a5e0ed38450af657a81434afc9b4f4a14f02f82e33e17e7f61c276cc1e630dd773547b6cd78231de0895e447235cbac4b3a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: ad2b43eee27e6267d8c5c1c3d558a07dcd6b1f5f
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: 67466a0bda0815f726cd09d159e06088b2530b73775a8c18eab2d09ed7bd12b743b0a10345cb3126dc14d8f5c503b65a45467ef9b56ec7c5b24e5548e734d3f0fc90fd9c8019fc782882ea6e72f4df5fc6e8105e79d12fc588c9137c758995666f480dcf
+TAG: 24b828c3e60182873556d7aa85480180d7cc42ba81732058a109b5ecf21f66f1ab580d18f70604ff31dab5a1bbee007d213d2fc7070e3377aed31399291cfad53a334bad7c1c61ddac5015d19cca020dec137fb76472b1a595e0fd5dbdd127b3267521aee32fd12c1f54493d23c27671750776f8937032b9164ed78bee6b8234972634fc7cb32cc0b7f6fdae850110d1979e380b4578b8747de6f3d89bb66d546949ac94e49b0a460c192f98373e2359fdea2cf2a6ad4d09199cc145fc537459d73f48d265a1cdd458f306e3596b2088f233630ee0a37a5c2c21a76bcd47871a7954cd9bf911ab942ff7221623cc7539344e23dba7b0aea370a7d2e2383a4ec9db06a8123016d73b4323d19a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: 3dcddb1e4f49633e7b7bd36f4056d16c53be7f5e
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: 34f8a83c831f374e77c5601317b658e47091d811285791eac2fc59fb06658c115dc875c80b1089a62fc7d072534617dc81dc3adffbbba4b9db2e7272eb0b8aea73eb9de6480c43190e239fc300377f186e4659b1f239906614865f10444ee64ae77ccf8e3f
+TAG: 4c975e14b038359ddc06d23ea5a5119eeef3708347d7de47875cc88138b79d5c644507363c0a951623f3c26f8dffd51a2a282641d96ff107fc69684add9e93c56a7d29c8e097dbeac0a56d7afc522b7f5c921cff17c6ae4c7bd456bdbf95c052b18751e1c3ad9a26517c29071361aadf06740e43afb13762b4bc2a80aeb5e042259a36cf03a208b8f6162515fdd3623343b127655de069d5eb8c7b6c00fabec02186cd39bac62768303dbfed24cb20105c7d8b2a6b2c34d5f4472c6f372a841672c1f7b405d70d05c632f7a53997e3e4e0aedbb05813a8712dfcd3c8df4fcd83971cdb81538d2516a3a4a9372dbca6bdee43a2ed77309076fdb367fec85e5db2f01e59d3cc188b67f5edcf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: 25b982a242f669c013cab1c18da425330090e3cd
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: 2ec0aab31fbb036bd2af5ce39025ee2d5591fd525a199f2233384f52a8746f4fb547843c92d1e4c9fa92bc268174d4a59134142f14e8e1e277f1f1844c64f76dcd20f3b73dfec8e9fc59a639616fe4075a4732dcd3e1de806086239d2e09deca0ffc081f2ef2
+TAG: 3049393a7f477630782378966f7ed4d33451da6b00ba751aee542cfe5aba67748a46953b578d0fad0e37b5627b4295a4f44b0c28d16e300888c0c8db965c14c23310279cdc9834d2ff9ec85932b7e341393fa3b6661bb8d3ab0cff6c6b646d927626b8710d3243ad7a971efbe3f6ede39d8b9f77585e4565a8b07917a712d85b846469807e94f3073097a69c30dfc5f92fd88cc36d3a5f670155aa98ebc80112db1fd1db0685261c1e7711d9c82a73dece8629a4025d7837852749fb8ee1489bacfb0bd8fada1389fc31ece84558d5732c9b559db32d8a498aafdc0aad020240e00f3fe22c2932924305fc1b3d648c53b9fcad835189b41a150ccf234988f26eda2655054c395924fe50
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: 9d7958e23777ff2472f5a24dea5fc19c151dd921
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: 90712d5e3edeed5000c62ce80212d41773a393792a3a8fc62a1cfbff38b3555aadd88f0e36f93c8a12897d7779972b3e42978cdf85da7a3ba2e4b261f0a0cf4e1edaf259849e87133a9c057e5d3e693a2a181eff1f5d6f84e0679c625ad9a0f72c47d607ffa453
+TAG: 90b31128a2f6673d25ec56c9431584416b2e8c62fdadf580db2d5dd2ef8fcff5da4edfc09685b16db527abf1258b82c13761e41e41646479c833c8606b438a53fbc3718bb5e2ab3d9e25ee8862ff2d088aa5b37877ce5bcedf184713b2d5acb8408bf2f50b3041a0e582230a1f4034b6eee294808ca78e605b0461c1fa383b8194a30b3e66ed58c1b30331a97b3b87e12d2239f8f34e632caee944450e99165b9a317029c9f658c7182cfaadbb6f52da0f8c4f3fd73959c58559404ff80ea3af53c4430ebf2e41197ddde0e3d380668b4e72f72022e3b1ead76284506cfb3a20b9bf6e8425eeb89fc5582f4f1c6736e1185452e87133cb1e8ec045d2e40315fcdceb02da252a5cbd3a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: 09e9eab51bcb9faaa3bc3e473ff66b06e39653fa
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: ea1b542c224788ae66ded1b3ed9f9e35708252a1cd1d4725b0a187b669c51d282776471be5a07f256faa9ff16fa4248c629a4bcd31a9dfb7f260d9b1cb62dbae424624fd816bd81f781b93ca9dab437b5e0cb64a37874b0117cf7b96adba2cb7d75b834adf572d99
+TAG: 1e6a782f455ebe54ce2dbac88683437494c4433ddef95e45bae93bfbf4b1d5d0d2a459e9db88be408428c47c256f73d42778e42b936dad9ed773a02d0e7298c22b60280cf1b7191eb7c8fa307076f5129720bad5961206dea4ea1a05645827b30ff3bfb6066db13a2f9f1bde975c80ea902e9e51e64086ea4641150c531df51b328de057d850502fdbf50b4a1295d170c0dada86a0209d2026501f111247b75826953366ecfee0e4c3479040cf27370de1711a73d0ccde18e218b9f6f6aa20e0a8cb0fa4aa75ee585e96a0a0968423c86b35c899b5409e577e093c36d18149199b59caf99f19d1163c31a0d3da31b8c5cd372372e2bacdb2b03ed28605e346cf794872e096ae048b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: 7b17b7cb19107af8fc4671420e461060e2ef3e61
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: b1025c9eb02f72e5526ef641778aebe786c2f85961997f1eaa090a33caae3a9df34da7088352a2df7a61eaaa026dadbcd604f5baa3a0de4fcbb3812816408d61384984141d9c78f47e725e99cea9d52f73cdd5e2c3961b035589db1d2283476006a1e10a992d499762
+TAG: 3f441554acad8b8f9565a0a69a17d231684a6293aa032e140eb41ea302b45d0e2e36e62ca23e981f98721a97ec02ea946282e23fd4838dd07b9a8cfbc069d913226cf543235541dc1a8881394e9cc0999c63b543e5ab74c35436637578148ff48bca333734d768b15a6e9535a69705248f28961e50facf4e8bc0825b7d2152cb2b85ac2e767b6650376a677f4c7e76521c790d59d9588e54deb9cda034551544ba80cf9d11a9f589b7e8980e6ab95ab77848e2bba36ed85afd9774f32bc9ab9173db20fb97a53d23091add97f16d8ced6bac6399aa089718d8bcc94c13b6e0d08e805b7fa252e787958d4780d24d812e0ea0df1652c04ac325355be7b21aaa97c2749f274a31c6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 48586ad2eac603c136911b28e2c69f101a8ef371
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d617
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: 10623f3b3c8888a31cbf51eae0989eb3caad5f5b786c13b41c04e0b6cb2641f850df4ebea610a4d521557c8f987ded40e9702503fc4ae62d1830a0f04d168888062f5b147e858a134a4022bf2790d81a89133aee08a34a704f152cc3cc763c21207d2231109e0b71a801
+TAG: dab4bcc473354bdea1e31b926a19fb97ce2c8b47e76082bcc93a1db2707b67e4f72b18cfb728232ca334bfe9a4a55c347777a25b1a13ada600adfdc4fd57275414b3bfdc9613f300b4b29fefa8820b5c8989bc79db1bcafb69b0d89f7624a510d3a1597f953564a29367aefdaf36d238b957460f50b71adb5f85e9275aa511b7118d2310f5e3cc2bf0c21b0be6e6adcbbb24064a760b74679de7fc146a00014f36d39f59df902925710de6397bf32f5d108902159755feea57fb58a7bcce680babfb90e05a8d15c1b42a3b7d779af99e3cab04eb59e5ef45128195ca17bdc25dcaefee874e919bc8edbc8e28e3997aa396768ccfcd25e59dfe27e46de35dd101c38f7e48bd8d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: c37456cfc543ba6e5848b9b8f4ac5a58a104b521
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: 60d4a0ba2caff08ac046349b511017a7c5f5537eff0bda94bf838d50c14d59426424e4a8f531103773aa0eb9d242a9e6f2ba5002ef04aef8144c8a88f05788fa5fa1ab1cb5cad84da0d31b280ff8a55c2e8f32f39549736bb055169ad5ae93c02561006a3f13e65094f7d4
+TAG: 140431d7b2bcf5139b7c9436fdfb3b44834ca810fb478eb0aaf7b0e2c68ce434f05c1f825b245d9fb4af48056925a50315b9f1b7d340e5f797dde4f460ad3c526853049976c0f680b691b28fb79d61cc9f7d8a4b28ddab1f610ac6cc44b91d64275ff1d26aa2b5ef314b1f280181cf72cd8b8fbc939a8751538d85f7fe03617a9cabd79dea5e64832d0b4aeb4893ac35c0d9f1475d928e3ed40292687926ccf5f9f76f78e00f217c013a12e38686423dcee930366e79950955c07399183d775c7030a50addaa42c7aabe5d8ebb95611f3c2f68be067e179e3de60d45b828d54bd6be07948508ff8a9b68abd944da07a484a8b9bfd4be1a22ff006e578b0c43c2bb1359d012
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: fc113d192686652653a15887974eb1f9b8e32248
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e78
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: e59fdb3d1413cd6a1098b5daf1662c698076996e2581e11a286e5acd6f29d41ff9d04da8308ce7f5defc52be0b4d1ee96d8e5f4eddbdd5fa9894e7d1b0a1bed483b7e7549e1c10cf5b8ebd1e7f1177972ff061cdecdad8d97bb0308b19bbc2c84d32a41f4c2b7e58721349e9
+TAG: 6cfe1e101e9b8fd2b209a30c0c1127e1bc8a51b8826c64258b573711f4af7c7e4ede036de4a94d70e17695481424907475180c7899a982d7eb94536a30a57be43d5c6b5e9c34972e61b9356a9338af6e8dbf27c920edc9bd02ed5535018d3b3e3df45664f4c0bc01f1876f36338e85b4a127181b42f7cdfa7a4da5a6c249f1bcee2959e25d0fe17717b0181c026ca814cf21d6af3b548435df052ffa0a0e8f74b8c3f7bb37a6b5bcd2b3f2c0e4b24daad586f7b59996072f82c123aa0ae66d3f6bd9980e8ea0312ab9fe0052e1fb3911e35d880f1df50612799033c384f4899f69714efe5df2727528f7b3af6d69e525a04375391643febed777fe3fa3807a73aae666c137dff28eb3b2ccc1d07bc665094d33c4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: bb6e5b5be84ee383caac0378cb6f541726ecf61f
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: 9764272fe16e12bb42a8f2a6620e44d4f202c21d51692e2948e2f4e4a18acf58a12d399310f15e78bac1f5f2a48416e5f4262ab9a8480d9f1429e5e9d15d81df0719f8db8d7ac08da696048e8a048255071ba8926be1dfbbcf53e7430862f64c891edaf772a830fd525aa8796c
+TAG: 2cdb47ae25d087c752c007dc8b83cc050b53376aa92e9bc2c46d05ac7137dce0f70ac601b76fe40efd84be464015b5397031ec3e394f880713ad10727d270730e469ca30ea5897a84fd204bb14a920c4c1bba0d27fb154cd1f8277fa6aab1f4c743b52b51d09657b80398aac269f57196fdfb219d745f53a72ca08cfaebd736e7d016806d68e5deba428b484d958335bf03c0ab713b9a54b9a5bb4f3b82b76c45d04b5b6141aeb7271d0a71ebf90ba74b27dff1ece371f6353b8ce8615475a1b82c3276569b99de52b7ae5f27cb1cf9ceca291c1922382ad5260ebbb32cf995772eab6d6213d2e4c438909f691a81825c2adad290839c08566e5cfb3c13de4ebb016529de5549a9ac57d2e76086db82a3ad881
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: a27799fc2e00e7abec4c5939451a834c4606cf7a
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: 9b6a8359acfc5d15067e2e6d812727d768f44b3edf4272f57fb54db41d95153fb03d7a7b3371e91c4be80326f4d70a8f2ac1e867ad3772901c513895e694214d6c0fa1f431aeb016ccc93faacb4950082f0cf00d3a5879c9a4f3fdb281e911b40d6d0a84b05f4ce32f85b1657d75
+TAG: a3c72b69369cbf0d435790c97438a38109f36b147943b0629b1c2e4926e831d27155f5617f1f884af2799774b69bf0e092d29158fa51495e132b206cf51156c2116b23848ea51d684808d5a291b68f57250626d2190a7c0779512bca6ed44e619d0f7f8bc28e1c9b729514e12e7cc08e8e8d72bd1ae30229e56fa7e3246dab29e75bfc866a2b83c48036ea0296dfad04357ed990aecf6b28a0a3fe7eaed48f5fa59202f109ad0cfe6aa5cbedfcd62eeeb15df7be0645e161ee6f7f9dd811c98158de6534739268757a1813e1aa6c331586867acc75ae410c371a81cab835fcd928519d9468ed61fb5d7c191807e613d40fe174c8b33a400baea2e96d9d7f1734dd11092481e71d0b0c0c86419d5c50cf6e18
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: f30eaff92a640a397f98e6803623e8d1f0c1fea6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b7
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: 5818d2a656fce95d7a24bcb216f4d6b91d45d58d6ca2df5c9d6412d917951a9f61ff07fcb6b078fad69862aace436194f86f309373452e813c461fdb36a95f575fdf0f784ffa0914f0c0ee0c57ed1e604ca7a7a4b3d20c272b3b7f2e65b18c1abdf8c88e1e7e7dbbe9569eddfb226a
+TAG: f6bfe8a461cc83a7bc7c5a39b6c521ed3e0ff050a6b01999b2710e0997e1a36a72c11363307aab1e4d921e9364ce826419d15b3a14e251e82bca615281c19bd243a294365492b11567341f13f14764e2b30ebc8ac4d313047694a884598daae76a45797f583a8279529e9352c8c13a06510ece3057c0936de84e6c292e3266424eb9aa4b7e5891fe7180f0a31580a700a4e24d7f1e53e1b69bf36a7c0db63473566920565cb9a22a47aad6afc8910a6b6019a67a092ae814c0260f2fada1a6dc44c5447217b6831457f66d7a2ecdc9187986edbdc1c68e573da33daee7fa2ef3adf4b6179b9a02d31c36e4505d5829ef30058ce5d09ae42fadfe4f66e894c36d7db467ec5ef508e26cf0724b261235579c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 7227537c0113a9f46f7d332a0b37ee5303483d00
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: ad0dff8adc54b5f02f428915bfa9f7277e4743e72e1789dcf552b91cda03bf52c757a9cca0655550c944fd264d287bc97d15dab3b986ed34637f45ffc1eb71b764cf5d5c1444033975829f1e59cb65ce40d787adc630e1f3155b2dc32733a75452efc755b6acd2160fddb9a26e0c4587
+TAG: bb5273d6920ea95b43efeffc99da0dd48a556e357726fe34dad94f0257276f3ac759c16d9b34dd86f09a37bf48227d67765efb83d001eb8dd87636ec32860226db118427a7c7367d53cf085ff86d05a8f35f893a044e99ae5ef14fe490eb03aaf0b97581184956211bd19ad09c9aa9a064e305abff0c654006b8db861c7956ad6cbf46aeac4e5f5d54539a9dede2ac61d8f133c1a9fd2b8e23ef5d2d3068b42baff87faccfd8499cafa30bce2f30e2c1fb203acf1378d0c776f9476ca83e4973ffdd66f2fa86105ed83701fdce6ad64a824d2317f51443c9dd3c520327c7f3bd99413d832bb1b6b70655d31c90b7bb23a1957a146f6e0dd1a272a04e833e0b1c84ba2b09b0c1963ac17350292646566f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: d76570385cb65d30c3d636ff25c5efeb8d1ea08e
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b70043
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: 8a1448acbd769e42bfdf00ddd801153db3202daf5ba7997890f5f42a183d3a66faf66d899c7099fa99bbcf5b62b6adcb6ee87fafdd0275a8f625f3f959b0ea9acca88070aa9c61141787435cd60f63e262a80b6aaf931ba554ade7e0fb46b03a318347f1ca84e9fa1786d721b6c222b1b3
+TAG: 7bb49e9f481b45b543195956ddfe975cb63203f4b68b50a05c855d128d311c339676c1b6b38ae280d0731f613f9ae4cfd1945e302451f26eeb379a1b610773750e3e841d50e16da759a603897de6e84aa6733252cb0b6f6539e1a5258751ee7c0a45aa9296c32322d6a465a42e4017f44814fc58402cf561deaffa43d61396d53077cf089cfcd42b182694d286a97f99b65e5c43ecf69898c036381c6dd9657f2cc08144b28e9ad9a00ff10fb0ad3b26e92d8d65cd6879b11ae50f592407188e46a3342308ff9316c898b09648f71513e09367aa2ad5d93f87e4b2430ccc8fba9825c0407135fbf65a0db46d491059f71a989629dbfb1adb10e98d02935fa846628e8b0f8dd01991761945c5e84f9b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 170369666d1f2337b29b5f14af68d47910388e7b
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: 0fca069ff1b260179dd5ff1124e557e97a4cc41e069d124cded05275d37913efa220e1ed4768bd04d8e65797040856b686cfcd5b772278bcf5fa64cd8183ba8b7724359804d609b31fc31514a4ed43d84de929d99e63f12306bb497e8ee77648be578ee74f1cb2a09ab32b3ecb913c7b36ae
+TAG: 19b492f83b9458b356020d7c6343b6967f1ab0328801042379e7d8e98dc3f3cf646a96d7842c83bbd210dd8dbc38cfe5fda9d879285aeabe19dec677fcd389651cd284ac650287f13a461ec23f7dc1cb5511dc529e99a078c2c80ebaf0fdc6704bdc35a2c89c728a061095448e6dbee102f4793932a580a826382a244a9f11c665015675322d514be8b1453ed6be846613312a1bf9e4f2c126d2b15dd8e6ae759f5151528361d10d657543767b05e8c1b79df65aac381738e2f43f95cdc77383f22e36e3b26d0c65f695c75f7ab422864e63c230df313fd8e41b265b5a704b7e5f7c96306bffc1a95cd09584519e2726edf93a9d2871b9fddfd7983c81812653152c3775df228a542f06f359bf26
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 7c52593d1d37b0dc380297231c6cb7b64e04c493
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a95
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: 8cacbae377d038fe27b37fdb253f3b136aa38660743dc6b4778ab16940a9710c8f08970164316e26c3b603140f2f43f62a88d021426b841baec29fb11a3d8735d0b8c14d133a825e1044be5523932ebd65b34433c083c2d77af313a240b1eeb52391728dcd04852fdcbf9b6f89502dddc317c4
+TAG: 85c893ad99aff613e6f95cf9c6e9045cc22fc8fe421716bb135269202ac57803e67682d09f88ae5970fb4f52e97a28efcdfe0a359df79a0576179a04830becb0551d93d862842c4b5f33c23fc0988f96d6deb37288f96507e432190853aca788d55114946833b6c7c7c10c34a5d5852d6fdb287b9dd97fa6b7991efef4ce66b0dd9f0ed6d112713c314aee9c172675d86c8f52097362f3ed4356ef4309da510a6708f32f24549dd80c9ef72018d7fd90134fa2d1ac1b9858ceb9b382b263cd3dbf697aa40f875eb502d4f128845bdaa9a8b4fd07a31b687bf4a1a1bb4843e205a9ab2b33a3ace650f96935b5f6de6d7577deb9ab68c4295cee108b2f4aed1f2d2fd167085d2173e2e854559222
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 09a1659100052d13bebb4defd7f54f975a58ae2b
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: 06b44584c9ddd267bf03aa311730fd0c4d3461678d94b4a794eb3e90b9cf3113ecf0ce0da8789d59bec50a1fd1e08ceea4cf9e00b2e0423706c126af7a3031df6cd82a7bcef877b413662e731b5a74ebf68f781eeeb79cf760cebda2c5070dfb992007716993b0213e822829e23f448a7a5ed880
+TAG: fd65c8c7f6b7795ab5792332f6329c1d606b305f3de89d9e154ff7232947d8581b6666faa823b9ff8bbab2cea14c2526b0fceb5ebaabb79ab4cea0bce96e9d1a3f556d7d2d83b4ce2c1ebdaeceedac3fae6fb8f9869f7c136d47a1ac93c7b5b5ef01f8e56602d808a39b40f069403eab03498959b53b8ac0bfb72f0c5b5063c063183b43d60a616325439b0491e2f3be59f9948c939f533c3fc0923028babbaaee977cbb05fc44f8cf8ea37016141d464716a875ce4ad096e247ee9081a1ae3448183f5412d84a6223daf432dedd679bc3f167ca5dade21fb2cd9057189049e730df47b409a07a8b2c727e2ce04da8e3f02ebc6c2bd528b7726ab803c5fc5dd602496f78b28474ac87911bd4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 230c3353ccbd95e4f0acbbb0073053a0186f833d
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a74
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: 85da88e13f3ca14fc4440ffca7bc837818daf1dc52a4c505583edd070c7cbcdb4642d8ee1ca687037b08e1737a2f49039621823222f9f02deef2c340289af5184a86af8429747ef2f7d98d6aec2af060fc8e6895c2182bd1c479fc6a2e7ecc0390995bafad5b3356e2a795131b0aa7d4ded344e50b
+TAG: f1a1b3f3fcb4cb89587bea4284449bcdb16785c277835bff9083a65ae77ff7543492a1d2710a79b720060ee37954c9719f8dc0f6fb4a75a27bc2a761017ebdc0c81f9e8ea5809a816ee67e731871c476f1ccd6b690b054984a4e74c060fbcdf5dbae743ebe2f72fd865dc1eb96e4e62fca3561a245be1749ace472b312cb1b28a0b2c2d38d089eab44f51ceb88af097627638a3556005952e28212d5c9bbe85c86f89879e55358ed06f28402f40285b97a8046b5479202f28218c71f98a4020ca5d53e16e91ff8387b16cfe6bc4e81c96c44e7691c10ebb0d37686e608773cbda993b816ee3b15c4ccca2a22468b186f8d29d853b945bd27ca0fe3e9ec55bdb9bb4e5477e6f89914e3084c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 701e141608e71005d32dd1e29cd068aea736c9dd
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: 10ee64784345c076e3f9aaeacc87cd51d6ee0b0facc9f40b4e6a1b4bec669ac3c5252c948b0c0a4d8e798248e6b10ee247e51c81793c2be91aa8c9666e0d8774439ea159e4745014bdd2e9f379ba461a7e638cab9ba2aba1498397044edd3f271e2b4dbb5990c383167c9191ceeaa8239aa6391c4b27
+TAG: ac2d199535c4d2eba150702b88740058f1e834f89031c3851571dd9122291dc3e35b764eddc5856850c8c59b3caa211feb1ac256b749127bbf4ef56ffab65e3d9eaf438b778e5342a67ee4d876fd3e53aa29a532fab39d0c57e24593374e2adfb22cdf0def5d9cbc8701c9d6a2cf23d835cf75236069ab2874b7264e0e0ea9dd785b463ed8a6cc3cefc3a4c076e5f0d047c7d60be677b7716bd123bbf3daddc0cd5eed4d5c4f0f6d1c19c66e0b5bee5d58d295c2fbe6a164d464b173cda057094b983b2ff974783084a6cc4ebd9644f3b4426a3c157352b70ee37a2f1ddcb85936b0c38be4eadb33bb9cda7108c192597421bce5e36cc2bce7b65868f28adde738fd3bfbeb15608b4dca
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 9aaf96b472ea76fd9ff4adf56dab5fe0400d18d6
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: b90220b919dd02b216aa2eb7863372a645b09df88645dcaf138fb73d8896e39aac5a1c2f0535385e15cb850a6febd5d6ea9f3fb573944cdd5b30cb80aff6b73a173ffd7c85673248fab94e3b9544930cff59f52515dcc8ba39b6f51dfd0487bcc9d28773e91c718afe8399d652acb97552b1909335dad8
+TAG: 4db032df3ebf850528a308017477a21da23178403432b4714c1da01a253a635cd2caa77467597e9b8c589ef3e9c6f5b991329b97bcd1bf1332e03638fe1b157763bc41e4f6e78c05a5ec5f83306e3b5e8bd96c9a04aa83291ca90355a3b96a8688cb93ed9bba3b8688834538d1e8bb95a0cf431eb7b849d87199657a402a0e1e5ef79da8c1895cd454c440c57cd424977f6bf9e2fa133d916c8772e447e066ec2cbe3d0de2a7e19f06c74ad5794e5eaf9119fdb70665c07ab81e7d72371d23a4c96290d2da60bc7819af4d60ff4ba832daf3369c6198c45f0ca4c974dd9b4a81c0249706a25b23fcc0fa13271d0f00c6672a06898b2b833ba3b8cbd519e53939f0da6c09f288bff969
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: ac6871d354eac507556770d8b6bf10b5240273ed
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb8
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: 9807d89925c67a45c8ba18cfdb817f5bbc21e58c10f7dc8c15b70acd97e8b97e0393d5948d51a65f6f092590b38c845164e6d2b49288bd0f73c4f4b551b362470638f51422dcfdaaff5e8aaf80ff715f3f597fb9385ca18355b8e98d1de17a303d019f7d4b9a3acd07d257c049fc16134c53e1350cfb8c28
+TAG: 7cd3491b8e157876b8091d2742f673196a25077410036ed62855b5440eabb10a01362a8e7c06658ab767be26c43a6eea3e354ec867de2b7b6ce96a4a951696051fe1a76a694d330eb56c1752bb2f866dbf6c1e85b3361316631c7a4a277023fe1d793ec4e4416c8db3b7e8a157e33438eba857e2b54db84e06006f83d93284714dc76cdf33da3d5adee64de2ee9feb689b9d64ecb857588c60c6e8b2eaa3999dd2f1cc2a6727cc5a50fc3902124055705eb726f0e57830732c85bd598519ace6cc86105cd36cdc7ad7f6868babe314b69d33021cf9931720aaf765d5f61e41155c7572ba298d52f3d61b28e3b5080c124821e1a97d1ec78eb5decd34a69d054fecb1209d86ee7779
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 050258d6ad6bec54f8bc48c7ba2d669d6416c11e
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: 8d69a3691570f0d175aad5fb77a0e9abd3f882b10355a08f0160c113096acfecdbc4ac32f037d16c2c4dda4bd3325c8690bade6bf39b14435cc11ff575a3d7e9f7b09b5b40f9645d9a5dfb44f42304d82298cdd866e957d4ab64374ffb86879a9339ea892986ac706bd2310927aa2bf27dce3bd6012591cfce
+TAG: d754d4d2dcae21dc4a69c8e56ba3925f9f3ccc53278cc621a0ec4d4ea7b099a289eff5599f8bb1555aa9fddae50f04b5567ca7ae4498e1716f4243932934e2cec1434d4780184f0af1d0d194cf848671e5b0d6982a07b5679826f124c8f69f26cfa37a0105cdf15585697c75504bf8c9c04d583db189cf2dc2dd345aa926d440997a8d76f6ed12a19f2d95a2727fc4c0f8786ac3c50896a6cad6d948712e4d72a44cfb2fc9dc753dbed91f4fe412db6fa5e6b548eb1abed87e3b4e5d808ab4ce11f265efbd4af8e0516bc412fb9ecc3d69ee68bff6b12f3987a585670439ced09a038c526bf226299b0628f6db003a21eb5d943ef84e90f133dbb4c8468f555721c76da689e8d6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 70060f86c76e53512933c09deb5872eb23efad67
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: 26d675c591f287b26eb35f87231624e454c4aca1f25491b74a252e971c48ca523b353b4f6c0106c1b3b40182eddbaf7ba47263790c3b22d23b09458d48868bb18b2fb01bdfa965f7c1b211fe02f9b78959b71e872ee05ff3baf548a85797270fd43c9db1f9f97d3b60c62c06bccca0ece2b7249f3c0dc6b04aa7
+TAG: 864b50299da796a664edb8e1d0bd0120ad31405c47919c288884dfba933326b03eb399c634fa77d611e613e958369aa3d9a563f421cce3ea87d5bf2e179c20e5218378cca347fc18b87248a66810ea08806f571f1e86bfde99d089b06c3156cb6f2427503cf03e39bf3a60b1d9542a3789b657956ad925754ca4a369b05d269d481d4cacd35ede8684623ec9fde9ee860ab12975bb1386470e1221d2b2d1091c7a41754b8440740b4878fb19c65ffeb2a120d84661179e07672953243a09085f0d21265a5476c8574bc49e30ba364fd9d7f2035ba1222ef9c6bab7d1e68211c1a9425a13473f692b700c242fb56fe77fded75312bfdbb7fd44a88ab37d85d640e883ed1936ef
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 58286fe273bf572a76a2725933dd969777c303c1
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b02
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: 9c61bfbbd3e8395be166b30a56b3e192748ba3bbbdc334dc3720206ac10c90dd777aa4957695bddaea0b7e554951c94f2f74a2bb7547ac20a7e357fe249614204401144fef61394c140553d5566c18ded15e0fa50fd5836cb725d277fa46210eb588a96d7baec9e2c947fee1b85cbe6556cf23655132ea72dfe4a2
+TAG: e66769c0cd9a2448afe99faea0b64137f4a902158d6b11a58f4bff98df8545e0ea23a7f7127b6dd76e3a3ed43490b44bbcd6a7321e5edb819e6b2e163318ead19f5a306c7b0b137f3b9aca44c4ea070ffa5712102b3f1dcec5c660b494e8f3d809b3722fee1e7dd29cf771613b68e45733a9e66ebda992930d32829d31e61f2217e41620ea4e621840f0fa7f7b8762e0ca509f0eeeded7fd55727462b045e4adff507f3dc4389d9397f0429bd17c2408ed60e0d94efad4936fb55c359052a6a88c056e7ec1e4085f4a48b125bf9340e57be98b5cfddc3f9d07cd036b0b78aa205fdbdc8e9c511ce32b6e4c9dcfe5722fa13f9d8b59821c61ca6f8ef75eb367f4a37453642c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: ae701e5c8672dfaf728bf0f43f5e5247ea9ac13a
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b021b
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: 174bb28ef8ee033bf0f39cf6a5d3c2157ec773078860232827fdb1c875e9622e198a00a50fcc03b2cbf1e4a747efcdecda8b612ec3ebac650a7401b4b204185e4b42306d544e3f6512b87bf36b5f55ec0bb4da01c36aad92a16865cb852e1a5d1a86d3d57e6336d4376e8988f00162de8b238cfe36916d5545fa9460
+TAG: 726c9d0511e81f69edf9bbd0397f4c3c49365418afadcca36de0aef99afbacad6dcf042fa62d405c9672e5409a7d28baefb467b7c153a3ed97bfd2b8be9b96e42b33703951bcbf04dec12d9bee63f5f30d2e57ecdcb3818479a163bd2a1caff3a327a911bcbb50bf213b77cdff340c858472223a71d4f15e029fbb800b81ff375d84d4c30ceda7a2c42267e1cf43dfd565c8a4a842556d577633857204af99ca35ca3c28bb02a7dd9ab224ae58938461af1e2bf64492fa2a18b4224ac3ef671c7abd9b6e266a0469cf3b0283b3ad6934240994f1b2d43b35d77e0055e0377c43922527d93426be34191dfd4b0a4296a078d128ea416be209b15c557f5da675c705ef8d1a30ebe78535434d2ff8bd29346abb9bfa
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 4f498d0aa9205160827626ef80c163275eca1f78
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b021b14
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: 9b01cfa97c72b5ae8befd0d357283a52f6b8c5d9292d28f61373334280f815d6b69f878936738cebaf6fc84d20baf51868eb4d2ae08d64e724beea1887a76316acc955a00b5d1230fb120bf7d51f74fdc5f332521c59406bbd3161987c6ec49ad946a6a51755796de19830631daf69c78a847d2e515d409a7b77ffe75e
+TAG: e785184106419b8c7f38061f49cfe3a265e9d4557b9b2d91ecb8f21ef3f52e387643b8ac35aae45594e70e4ad4457b852834718a1456136c5690aa164a152b0cacf020e33bfb33e2f1b79dd23d2fba5adcf22d4288308bc1d055be378eb77b67dad654658906aa3cebca8eadce6127ffe972803bed110a5e301bca0f2c06dfcb7af44275628831bff33807048996115d496f4f13b479f4fc1e8f2ff0991ad73293e789cd909fc0471a484ca11be8383fbb4d9590570c275354cc89a872306f4d285561dbc068c98d2989dc4453b97cea004a73fe238924c321d3a77063c1f20890324ae59860bdd3f7a70a7c21f1c51a790f37305719527a20b879e56b65d38799b899cd9fdd7edafbf456618452eb4fa37cfb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 8c043825b2a3764e8a0cc35a011696fb3ed03c2b
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b021b1444
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: 0b0133ac614de667eafb516e1fb33b016a8b49e558f335eed239d50ddd13a4152f1570269615a243502fe1c6db0667a2de7975120ef65186f5af83821598ff45494e943acae24a6095ad46a498971f7b185d7784d451b1260ea478c03babf0e582a8a777cec20905821267eb85aec1a20c0e3b94d78d425a12f2efc4d60c
+TAG: 1d832d65c91d458bf343260419ad0ab95c1ffc09b137d1ad1805cdd648c8ecdaeeaa0ea27075d4e6753538d831577642c92317aeb5525724023beb923c2626bd9536757ab73d1739ed0a850afbaa5914fe94ed606e245274d4d3071201a3d73ea1fbbfb4032e8404c12dd02e0b6cdc38324f4684049e2707f249c9dce0e6df9386b787154ecc3974d041cd6bc5e6d031851247703347bf8324f077ce63ce0393fcbafb4396bbfc9260628f4f82244b77b8ea0ff14e26c2058e0d8b662fcb9d9ef747cacc42ece4777114cd2062e20b8c6d198fd5628b198511274f54964c40f1052d41f68b5d90256e894da5e5ff3dee493f5eb2a7d2a9a88e32b774afe2e0e643d606185c34796b40716a46fb8ba911552a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: f3a432271c9be858725fd024071c4f479ca9a971
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b021b144476
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: 8d5b92c78a48ca6049da6a036735ca23b99f9c3cfb97122312e5bf0279d094cfca0b976e24f6b65d81f85eff669da35486809cbfdfd1fd615a5347947156148e6b71a11f7bec611e7c29e19f6f62f94bd7f8b89e54b6945dcc1a7e380e51456a31f1d511bb92443deab5987c3bba266329b3f27e24d155ce685f67c34dd18f
+TAG: 295c8072940df20a1ce3a27f32622fd6cdec5f5aaebee91e6654ce96f013cefc348f1425a6fbd6f42cb4e1e866c0fa602afdb503eda59801d8a791fa7de63d22c080369c6a3389034ff92ffd347ebfccb0dc9cc972f6654eb102f5b12baf864b3514f22d55f28df8d51955a1d338b4e5ee9145a4a85ec87655ce41255a6e91435a1d9e4af613d35bc6b4554c2594baca964d2a58c75deccd36d3efb50986f844ca6cf79dae24edbe75ca6008457ec23e69db9e19c6c039feceda6e1672bdcccf0a8c864e957b7efb1b468b4976a97600e3d03ba9341876e6439117d2ec364d479e0743ea9ddfce7effc0a64b73fa55fb1f57c18ea97dbd03b6391963734dfc459d4efe2e0f609bd51ee0a09faa81065ec8
 TAG_LEN: 20
 NO_SEAL: 01
 

crypto/cipher_extra/test/aes_256_cbc_sha1_tls_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 20
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: c6105cc86e18eb8376c16ea37693db5c07b77137
-KEY: 8503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
-NONCE: b8da7dac997deafd64b1fc65de39f4f0
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c748
-AD: 1df3f4183aa23fd8d7efd8
-CT: c90e0c2567341ea7e9d968dbde46ecb46ad78dc8be7d47672068de66d6e7eae14b500b94927f24ff6a4f7b07
-TAG: ec90d128ef465f4a3645fd0b2601fbe2b0bceae2f890f0700c7a15c82fcbee6ab492908ba5f2df0f04dd0635c047cbe52069d85fcfabe53ceb43dc71c46e51c0e3a9ff435840d62bdcb93341a1624b69397fa1bbd9229814a2788b91a107534b41ed488f4ce95fd2ab46963e4f1a3096c74acc8466d034eeaa7c0f1fe46a4eee7abb740367266cd36fba96dc74e520f64b9605c067bef516f517f99ec73c1104b43bf3e94eadd7dd6b9b7db847d6ff4c03dc454d8edbf8f694f09754f249fd1dc0bb4b130b2e43ddc1d24a0cc14edc8e7328515cc8498ae89beec66127508676fb04db92055abf2be22e0c2a7a3d9664e17d919f655ffaaaa7246a0ea29f9c42f72b6edd0dfb4867802d6992ce25efd8fe0dd0cb
+# Test with maximal padding (0 mod 64).
+# DIGEST: ceb2d295bd0efd37c6c34dab1854c80e986174fc
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+NONCE: e112a72933c7b54ed4fad0be905d4120
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: 000893d3434c5be7cbf9daffd81f03545f735cb70d1bd16eab26e07da7ee29b4c607d9a57077d74437e5b01a89c808c7ceca0d3838e5c6ee9947f1d4ee1d5e5e
+TAG: 6d8dc4edeeea81cb503d7389da209ae335876393fdab048965c7eb1a1403d05f8ef059788d08c2e906444388fd416a87bf8706f78d35797453b242618f4a99f47c3756116ec0318d96435032225ff82b902b9b6985189ca438e466154ded91676676c645926e2cf8a5d6f3bfafbb713d646cfd35b091f68e5ac2e7ec10badf1fd80767e6953abeecdc89beb2180dc92be21631164ef801147917e0c8d7841bdcdb52ea03344ab5f2bf3d5157794f5be79f51eb1efdacc0b77b27b72e2ce03d05473203522e3c2c196390d77dc28a35951f3aebd72ee58021d55e521dd029719a7660408ed0da5ab41830102bceb514b0b172d0ee10937111edba82b47e719c3beb3ce49a665accdc1c5bf028d465b5e1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: a07054c760cc66fc704edf950201005031f3faac
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be1
+NONCE: 12a72933c7b54ed4fad0be905d41203f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: a1e92776d0ffcfed03d1be956169f606733755d5a7011620c7ced6a825d8e59627e75692a41a1f2a86e62fc6052873b5458616414584e36bad698cf4c44909e0a2
+TAG: 6e0b32528feac2d7f69abb480efc7aae6cd1c5f8a654bcd10ec5be08b58f5a2198bddd83439d69ba9f55408cdf087e8a7f33fca6859638c5a4e8bc6961afee7534d8ffd95249d554b02e5beb81100be5e10abf679300f4ba514c03f4fbbba3cc62bd13dc8c8b9a726a9f217446c6e3b89cadb40488b177926c88c9d22a6c4ad9deca67f0d976fe62cd24c3cbb2e51dd16ee2e7bfe91d867b77c77a9a65c387e2682d946e617d0128034f5fe436eb7fa88aca82526d71dfefbdeeeb5a2c15d57fce0cf12e6ce0b101ef92d9ca540447e0bb65bc04b6a02e4e6d9378c6eebcd6d530c4ae14243beebb18403e8bcd434c2d88cc121e2df182edc3e1f52b060b1aecc48490c6cf3260299449945c803891
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: d059c266cf6233af730b7a229b19356a4c6fcf06
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112
+NONCE: a72933c7b54ed4fad0be905d41203f5d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: f414f0321370af1490839677747893befa438051fef5f02fef488d7b84dc03140b3a5dc3a57041be4c8b688633110fc07251d877de0d6242928e4d937e3cc58ed611
+TAG: 4ee98ac6f10e179314a251a9db190037c47b9fdfc66321d83a995f6dccc5259801b18c3f466f7f4939b7d2d7196e0b161aaa013721e81bb9707b974b904f670e4aa495357b562a254908417b65fa69e86c42b3efdd423838575db08465a7f4889c85201629f6350c0865b5b0cfbac4f51ea1eacc8f9768014975d780438c3bd77f7f18612080abdeac9331e1a068c8f3a345d0026c5723bdbc48643c1a733a5b7ca9078424522db9491bc38d2644dab2d75499715707cd83ed655343ca73672d480f1420754fbbfeae0fba05be3b5235a5fa48bda9f39df0b298351d8f4da3fb8a2feab8b1aca9335eb31ab03f40ab19f668bb864c798ae08de37bf848fe2e898172d26fa23f383787d7199a6990
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 8aac0687e33041fcc18da154b41f20a6af2bfb28
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a7
+NONCE: 2933c7b54ed4fad0be905d41203f5dce
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: b51ab2f8c4ba3e8638d454ea72da5e3cb15336c347c442b8e1ade85c5cbd0dde790dc707d60d452d5b88d72e718f13cd0e0f4c9149b72e8d6be869d817a3232513c958
+TAG: dc8feba112517f6a820ca12de43c5d64c51cca713d3702a2b4a5cdbe86a90946a7369ec26ea8b5b35df329bfc6e29ef50c2774649134bd6e3f3fb38ef13d9c7fbe066e9cac4fb88dd0c02b677472ebbb2d0679dffedcaf13fccef6a25aed3a272ec01e7680becf80a624518e1333d28c97487b06e0581cc80c94989db4e93489f3dece9eab6dbbee73aeab572d1ee7705d18b899d9c62d7a370311e64131a801400b580d3c8f7af88be485b84fbdd89f7f7dacb29afeb56658f3d8e49f27adc542e412b0fd652b9f60575bf61622d7306c54bed50b43d89cdaecf1981ede09f9ea36fd174118ac178ade5f26ba04fcbd2eb035f030e2139506456ff8d342a4e59bd55dfafebda23a66cacfe6d1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 53658226c112b86438dd27b58a71f9e36fc73c1e
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a729
+NONCE: 33c7b54ed4fad0be905d41203f5dce99
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: 87bf1af7e4987cdab35bfe32adc6b1be286751426cf926217f2c699bc095bde7b6ff3d6cc96b79328ab776547c2cb756d9de8c1245d21619a51dba8364ef6914590f15f8
+TAG: 55b9a1ee198080846389dd088016acab73622b1e2f902b0776846c74d99c27e67c7bbb55b2ac0efff91af0f6cb2ddcc0b5b8bab768048bb1662bb343d2f3a164bd4ca4850fbf8111b29e9be7bb836e2a8ac50ec2cb0b1c4529e50904007372284ec9187ea27d8faa03fc9535ba744155d06c06a0a97d96c03de71c13c95f185f426615f1368be346aa5ebf80049ac6771763235f2ee44dc910a01035c53caf8f9fa6f51fe3ad094513a8db177b6a66e24d21e1e40a23aa3629fffad45f84a58a29ef9237fac5eb6f5deb3825de6f399e46b2b2b91faf64ce45d164155e4dc757f6005c7c3e7fb3d8829623fd7c6ca48b923be90c38f5209c6d94696d2b2b7ebc5dfbf2cfa1a37e8ed038e830
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 6b7d5268b0b5037afb5be5af6a0ceb34e7656ac4
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933
+NONCE: c7b54ed4fad0be905d41203f5dce998f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 44237c388c3d017300db0fc9827f9b575e59bd971a0fd89cde4aeb1763912b49d50e92ba19d7594ef6da27320ac2bd1db3bcfe56b68a9ea8e2347d69890fa1fdc8bed782ad
+TAG: c1068d84aa962e7b89090993378806194ffbf677e7a66524d2ebfa7bdc52d76d09b914168eec4a5fde0953d4567affd3a4e0e48190e7a84471efe8ad1ce577c21df93b9d641c865d90ea1e6069bd703c4ee372379a4ec94f7e99867179561d41e9053977cc985b98f7a9fbc675d77052809b89b8f23f993e191ed1a07f97b89d05de948107f94245f216c413288eb4e40f3cee9c00c15926657d9ef9187ab405ee8000b4bd84d5771464401d59156a97eea7b23b4a6e9f1587cd3b75826a621b699515829dfc57740ad5719c43e88d835e13ebf703a0966779d31dc26866e0e9d27e3376137c92c97af49a876eed425d3980f1904f013143faeccb4fc920185ec2325361e5b318434487f9
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 63efe7af502231420ed5aecce9a28446b257828d
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7
+NONCE: b54ed4fad0be905d41203f5dce998f8f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: 2f25b5a3b01af5411466c8aa5d8ece037434d5e12b62306f2732cb063d0dcdfc2725e67118a242a5576d470fcaf9be6d811bf2789cc66f5561d0542438b5432fe713187a879f
+TAG: d80e1f4edc2137f430d36a5ac93680c973fd7c64a03f7c2ce1b7e33085fe94da70ee26f47998947310508448cc70daa595687eaa540e48f048132de108a045da6d71170e39bb45160a344a2fdb5cb56ab020b9c0842ef2a1a5c83b4d63359fb8d71506d1e611fafa29e77d0669474d135e37bd8aefc3e17f024093186ff80fef73889e887b8d6672256dd592946ea84becc08c29445c8d978e896b1dad5e2608e347e54a97f3f757d7362f95f4cedebed07ab45b05713f7119c38d15a0f22d4259893f5e2401267543b3f78b52d54dd2d608173119e2dc7fe01f66589628e95fd7528958e993b21e4db664b8cba2f776d5cc305c42553da936d580c17d6f5090ff04e106c6488b5b18dd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: 1a555c300a1d1bd5b03cdd6bf2a678621624eb05
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b5
+NONCE: 4ed4fad0be905d41203f5dce998f8fb2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: bbf934979c5d9da5c8b27d0341a164d640f12956a392303b0f1665935b5c39de458f53e0a6f824cc56081db1615fc67ffff0d300d1564666b81bb37da59e4da30de9d6a19df74e
+TAG: 9c18b0f9ee6a167a23566325eb330660997193385214abaf945dc18fb8252fbab8330b9809a6f1b300ae5a0c9d841fdd6f77e8d65f1cd0b221fb9b94b5e5d7215e6f501f490a7fa0a754efa7f2d9f5b927a5da2bea736e73af067e5d988901032d503ef3ab89894d03e48a096e7c31fe64bbc2c13f02d878590659ee7606d9212898d4d246e52b03c5646b1c3fbd43baaeda6548156987fc8f490f5763da18198bf0754d20f16dcf7df6bd35ca4bd95cd5c95a60427fc541aaf1f6923ff150de825cff9900ac9492350770bdd13fc4d0ac858ccdf36efbaeeb572aa45ca5470a04a7fa1ce5954d58771730b7202def47b303e560e81ebba2080d044a0851043c5af1a05c30a5a448eb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: de9156349b578f2f44945ec6a676a67a829daea1
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54e
+NONCE: d4fad0be905d41203f5dce998f8fb2ea
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 9b9bb61ca4d5aab8d0342d2b174e8f39b8e21db0fb7146025fb298016df3bab4363bb47f5b1fa038587df98851d09d473a68c959ead8062c52b9d6de86bd6a0fc9a2daab4667c621
+TAG: 897472da6d837ec173c2ae738721306e8d3c9e5353b65d1ecb3be3d0039739de379c9b06f42af8e952aa9acb4780a6de888dc8c54fe9a2eec19ae4a864b3b9696d712153bb66c49825ec5c891e30915c4b7b66b190525195429426ad694467dab09e8c2f9f21ffae4d54b74c0c5ed9a05963651dfcb9560677693429c63f3024043385ab0a31066243d42b80d2aa9854005504d6c8b9b7f736a8731c5dea0f3fc9007aae0c6edcd0a91dd1bbc5750de12ee13d4a77379cd3b2c2bbac885fa17338011b7b81cec6711fd5d65178f20a06f5475e09c202deef57939161ca8ed3e4aa9b010277acddc4478d1afb64138b276e265182ef2dea321b4f136c5c439ef6d099621813209a43
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: 12812df3aa7f3bbc899f6f248f5590e02570c292
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4
+NONCE: fad0be905d41203f5dce998f8fb2eaad
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: 33ac574b7962d03b7816c0199a7f661a485832b9023867a749fc4bfe8ff0485571744f801139afd8215863b23e2d68ee7a254c60d8029e0f1ee10a1b947a4984f37f98a6767f52661e
+TAG: 3ee493d8cc764880f4ae7fc3c189b95bfe11d89640e3c9ddb55b230ba0d142d53fe18be8b955cf0d0d237c3b295459fc4c723b27ba8a29ed8dd5c80fb9839e30bc92e6afbf28ef6f72d1c28e5452460f986444678e7ea982d8bae63b69788012bd43aa66e5a521840c79831ae74426fb16f0917c5d2747b9c31fe43ecee604f26afddb093a9f1f1205a4451d50080ed0a9208a88ed6dbde37a674932bca837c46dd8725982c2ef6ac54511151c4cd59e511ca3835ea9bdbbd2e0842dc9674a854b8d4b063d0685086cdf917a7b7983dcc28af2addf3bc302034e365da1a87334a68477aa34a3a878d926d4c17f50316749d917e172e47597d060403a0279ee68dcd864652f37c6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: f3c89f21c327fca4aa400fabea9e39780378e901
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fa
+NONCE: d0be905d41203f5dce998f8fb2eaad40
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: 8517e13ca00214ebfc748efd3a233e8b64801dcce99f9fee3d271357220dff7b1678c1cd6392a6ade62146c0e783248918a7cb69dd26dea525bd9060f380dba75e502bdc19581ebc3295
+TAG: d1f1280699f5514e4a56b08a5c3146142ef8e44c18ccac74577ec0feffbc29884da82212cba95b31d8464954498340f35e9a3d84256e8628368edd166d4b429fcb76e0072d2f5276ed8dc7bd5f34e754f6577ba00ee7ad74e9c89c4f82af0a7716d6ac77c39643909dedcc9356ba42f07874031878229a076da9ac7b0e49b2d170239089ceaf84392e889e7bceb3e383d0f744e229c53e8654ef0099a11773885efc456883e4a973557852f70c0e35668f3f212260e131962087416e668c9f995f226152251f5873fb89047a9dfa65b9fd0116486092b1092c4ee33e7625772944c06a2969b162986cd46d2b4185af2658c25c69a7a599d17f37be0fe1c8250cd7df5e6cf304
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: e8e41988fad6c8b44c56544964cfe0a347b35b1e
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0
+NONCE: be905d41203f5dce998f8fb2eaad409a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: b1cf0005c93547664e09031d923c4ef9ad663a808189cd8aaa68fbada340d8bb13330499131ef3788cd91e9527702a2388802fdd2e91998a53ffbb466bb7e362d06677edd673cae71418a6
+TAG: 7cad97328236aee512598d1a4c7d51b2154218fddf0ef21724921c1afe61fed1b7a1d1b56b8099dafff77362c4154e4bd7089fb0908ab1de49244a053997a0d04229250e52bc1ecf4550da5753a35108b6752f907ddf7a77fefbdb5d7290b02ae231d019d04ad9a5295336639e7e6c81ea46863d2bc3c4fca7d0f3b05237306759b156ac1fd10b044730987d04a943f0f598704f2191f6c627299b92a2c01a4004111c21f650376c3f28fc9793eddaefd74a2bb3cc5dea73685c954c63b71f2924ebcf9853ff084117cc84a0785d96d8d55d02723a2082ecd8c4b49b8d4068071593aff50c2e08fe7c49f6de1d7586e299b42ec723063f2341fd9b3445cf40893cf8c2bfa5
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: d1c7b2c04dc25fe7b742a1d659aec20e1475ee4f
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be
+NONCE: 905d41203f5dce998f8fb2eaad409ae0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: 7195b9643e0f7a4293c865db36442d4fe2cf3ea2c648dc88cd5636fe5e6bcea3d1197966e800da8c78bcb8830f3fa97671aebce98549e62827adf612e70f946673b07e2f953c8fe5e0b97aa1
+TAG: 3a909a9fa57e720bea6251ebbc1a71bbae1fd894f6bbd16e11abe51bbd1293abc0ad4c152a08b4acfac7a65b723fc6bd6923db66bbf202e184e8dbba150e6021ad1310ab4752cd4ae874409688996fdf88636084db7762b9578bb0c98d77c5156a82a97a3f6989db2359d252ff7c6405bd4834708c88d4481b35eabe2f7069bf8bac374fa382f4225659b41dd2a8006c0ff8d7c77c8d157e0373f45fcc0abc804a9f8a6b816f2b729befd606dc61e7f763f18121f56255662e36d120b27adfc8e1b528bd8ced5386cdb62cc73e58cc7918d27253297e9cbb9c740c7765cb014cf7bf160cbf09e00d32d31d462f356791bcf1286bb9023254afa6c41fe3d165f1bf7e6c002ef64ecdf3b5e073fb569028032e6713
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 116e20ff1e79e0af464d473b1e7c187f4dd66007
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be90
+NONCE: 5d41203f5dce998f8fb2eaad409ae021
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: 1d50f3eb1cd76d8e08a9f386db0cdc3eddfc694e8502ccae47ab431c2935fc461254b80386c87690b01c22f38ea9bd118d2e0ed316ac249437a3e9c30f6c1f767c150216ec90e6c8913ff3d469
+TAG: e44bfe162cbba654362d1c86088564b14120815f181932e9f111d6da5efb5f4caad61f1161d1d148cc429ad34fcad9128bab101c7cc004fb8f0b516216a809a6599b5144b4c5828cf159fcecac46a86ba0698a6e5267610bad10cd7ce9079b6c691c2ecd522dbe3563074f2ac85712e58cca41761aa94449199a8b440016e68eb8bc9db3ff2c2bd9c64d9d3c71566bfb5d234af1a144859431f16ce6d65b4cc604e9cbf4e5539c192f07a2981b55582376bedc07aa20f5a841c9f500915fef353c37446511da3affd743fc551d5c22454797b3eb957770f1ca16da138c71bf5c00ab7893ae83b3f499a2c42f55551a986555925337e0604227ebf1c65312f0b1a8cdf2d06b5daf3e5ea97ceeb2f33421d0b44b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c081d0d09b2c9eb39a372ef4a7b0246a0956b0f9
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d
+NONCE: 41203f5dce998f8fb2eaad409ae02116
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: 4d754c684658bcc89208bcd75f24dc8e18b70a28b8a2201535e60ab755fb20e1ddfa98742d257eadd02d96c6a65f880d058312311efdf67f9a106beff9f5ace0ac6af586aefbb5e8b4850e584bb7
+TAG: a9bc9bdf2c16ace8cd471c2bcfbc2cf933fc1886faeec62d4809ed5cc4dd4fcb6ca6c42f31bab300264b278dc0b10fe8a54005b590160b410dcdfa3db413dd04a72c897b262ed0fe4ad6683fc5229010f1d2bc939e61a2c9e0480ef3e03e90f74a3edd8bb523271adc45d097b197ca9034bff48677efa763e1ae7528d3f775f827b9c56ba7f042d7f9413b4c5d01972e86976ab3a398afae27faf3cd19ef1b24b5342f9d067e7702bf1ae9679540a72f7a12cdbfbac234d596856b3bfdc2190dff0b50f45b4355cfa25ebf8d1d16528fe6c4baf9b0e5a50f95c4091704e939c8ffe69183c2695ecb1f12f24fdf288a8e8bdf3fe510bae70c46d0214303d5503d21366c4eec24cc2808542a203d81789efbb6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 6f7bb1f9e2772eb909c315e653e4737cfed78a18
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41
+NONCE: 203f5dce998f8fb2eaad409ae0211641
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: 25bc47e58e7d4f3a417c95768699c92240a2be0e86232a41fe02d64f66716023996772e1118be48e685042f989dcd9cdc574614c9c3989f1885b4b71dfd5b1c32c1321ca41ca1e6ff1828e677e30fe
+TAG: c96a78b9ca68054bc1ed2a150dff9f9585174f343d3df80350982002b4c95106b72813a90028f2855faef235909686607f39655ec48f4024e170c9f9574b0c81b63c8df7af6b4d0f0633853a09c334379952bbaead7415125f541a01e320c5f5d9806b71c3ba71890e3229e751f25ac82c245596b5fa688f1b13844d91169354bf0cc03cccf576c2216aeb9eeab33e2a9f8bad2145d36cf0e7585a02296a7a3b434f4efeeaa4d7ed65befda32b287d9d0946e25dbc0edc22de871184ae8c76777528b917585be784d5e0674b1e5693d0b8cbe8253f8db67c879e1d2b7ddd5df4777a15509f813eb4d0f5a935aa011daaf0cc1ba2ebba9a20a74847e9c53b648f6fce4c08b6e7babc1919e6de22210a6f05
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 172f4992e692a88f49628e5d3937959be01aed2e
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
+NONCE: 3f5dce998f8fb2eaad409ae02116417d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: f1ab85a35a17541efb4f906e7fc85e64efec6ab40d59d3da920c4ec09797c3ad47820e9d934e51e3f4d097c4a555575939bfaeb8cfea062b64816a160d6e4d1ff02a5fded435ab9aa2daf22fa7d676fa
+TAG: 14684ce099f4f0e11e785320debb89c79c03e8bb8751860d3779b4b553f6dedabdb23119d2866ad63fc974a6c6442b734394cb6705309a4d3889e90c4a222bbd14624cd89a9c3f904367c418140375dd592107f839ca94d43d09495a8dc8273201bd8f5a447bdf57506421a975ff4db3aab7878ff18e5b73c8f072a8d092461257d0182710ee9df9f86ac5ad321eac7ee96dddb27ecf561db222ed1c7c183c2ecdf4c7f57cf295638de3c4176ea244100d51c006282e98af1a8fd540daf0ca6f2fc0b88c550b4ab638760d95f2f9d09612da198616cd13fbfa1ad12a3fd30ac9956491cb11539a1be43175fb1452393f13f8d03501c89cf5962730125a7e185dc089b41124fc1e7f69b1fad46bd661c1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: 00133da1f7c63fd5f0eec364e9a359be02c1d3da
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 5dce998f8fb2eaad409ae02116417dae
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: 5d6bfe91cd2273a9b986397a38e81be5fbbcd0403ef51873c2c467a9fbadc7bf540e83c538a43dc0e0ab780a4c4b1f5b77ced74f65b61f8b8b58b26fa3e8cba568bb717dc7071bf82dd8c68b068e739706
+TAG: 2ab9e654859c35e065f763d949d43c65dc85dc5d918850809ad8efaed6569d4b3ad064bef3427ae4c3be571fb914cefe2362169bed5b4c0cb17d2106fd6993d20ab8a8b70edb5f5d59b3357c8499c36e2b0b67edf7f334ff02d599031f43252b8d30d39affbd2093a6687c771b672329e14901ad9128f063267d3ab332ea31a79d37cb24ad0fd2d07f23b13d4643d1d9c529e1dd0490c851b0009fc1192f2438a48aba5a39be2ee925b1a38647197ead5cdea3499daa5abf9f4503d3581115a6847363348d5e7933948dce867752cde69ecc401012674ad75e12245dee86d775989275a5fc635c66d42c01b7646e180d28798905a3beb210c049be35b522ad580e1ca29f81b9469448749fce961ba6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 60a6821269be6c5b985576b245f106128eb0b325
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: ce998f8fb2eaad409ae02116417dae0c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: 16e3c681ba1ece3bdbfb1da491f877e806ddac5f1ae96bc406bd195c9d48bcd4a9b700a8ced21d824bfb99eb057e401c3529818725b51e96c576e8009bfe4866e98f550a23ef4748ff761a4d1c44ccb5eba0
+TAG: a30286b3d06306818a268db0e5116abc2c7361c5a32d334d8ce5f4007aaeab750980018b435c79391151fdd33df2a97dc2cf62c4426ce45be43f7e4949be735bcd33f0e81cc6b5a3c2255fbac9ff5a8fd7e7b57554d7ef00640d92b605c9afb0c19dd5ca4c79c409d85c197e8f21d79e91df01a817bf68e8718bc771028c945471ae003c0a210c572b79d772560031b5d3e5495aa8d9bd6fa3f8ae9976ed7e7f8d7275030d2f12ed5ab05276ebebafcac7d0ca41f9d860583f800e4f1b9658b12fab31fd63f6a5e4b80463918f8295ae11d7b97f9b5f89b8166861aec8f1b1417163a6a8adce23ce66c9a4306acae7ca75435cbaece814d6010a3e335bd7db9783812052179d5337d1c353be6e0b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: e2593f3b6741a9ed9fa188fc06efd057556ee624
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 998f8fb2eaad409ae02116417dae0cef
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 9b51ba0eebf72bbcd7a1b8452a49f30bf2d96bf0cde4d9e5efe7f1903eb4e09f53aec649c5a8ad7e7fc6c28a0dcf4bd3556f4377bbf8b3f9c79dffa5978692559f732c109a7a02390746f5975d5a0aac4d04ce
+TAG: 636f7bcc9b0b5320643f4b6acbecd60a0a89d2511621ab47fa4c9af610fa1ff9c6cc5cb8fb64493d6a4dca0e94a90794f31698cb1c5bb5658e8b6a63a2cc9b2f1f297240d3d6c62087e32f5d5e9f9d608eccf4b41253933c7391983db1138012a5f5caa5abde25c8a16fc33cccb0604421d985f198c48552650f5dd299bf9163c136c042c9a35cdf7120a702bf460d739ab264fe1f58453ff4990f7315379ff074e01730e7cace8d45a5d0355c0acc409db8fbc759516ad56818b37700548aca769719937103787311b6dbc8488d9e68ee439cec3075bafb725f44734326df9b10d6a4f7133ba84489a9985febc96200276a1fb513f8a3c062466cbe63e7ad668cade7ea70c3b8cd040a6162be
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: 17450a437efe239e1858ac4062f34024305372be
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 8f8fb2eaad409ae02116417dae0cef45
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: 5e4df84379f9736d784d9166047003e3ce3375a8e7add80c8687e94f68595aaa52e3bd39a45a7f67d35b4df0c5d62abc81680ebea78d1ec02153833b4dc4bc51b4d1725f5a830a064e33cd5052e90735477c069d
+TAG: ddefe8bc965ff097f22b8978296cb5eac25732862def3ce5a7d2ee9f7b7d6a6cfe5778b9d6901e7540d8c62f3d97f68b43224e00f8536bd7df50f3ccd1e0917eeff5c32d196cc2b594d23347f4bc1db22ede4f2ffa7f0774c1a073b5e91fbec2b634d0d60458f215309be0c2d1b553f22a87cdd75cb64cfaaa0a15ce876bad26f48b2d6464488f97e35899c7aa80957491823239173843dd88a617839e5bbcf78d51dee3418defcea0a72e5ba7a1e8d652139955570510a9c8e6b6902a5c74133c641fe3950db1b7123406eb4cd86e17bf4efda4128e83172ae78e8c2b632c0cef066ef311f38fa1a210a7802a39b95cb699962daf41e5d436d474753997ac3c826ad39980aacc954adbb12c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: a35fc7d25f90dd9cbd35910d5532aca8aba88b29
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 8fb2eaad409ae02116417dae0cef457b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: 1ddce9b3f674dfc1b94a6cb34418e6b75c93f14941a6dbe028ed59667404b93afead95ec50b9393a8e0e5f469fc1cbc5136f4dc54f3a005af6c88cf70ff39487cdc730dc131538279704a67492f5241faf00aa8c46
+TAG: d43074349115775a6db0a999c8b492d65bf1c10f046b7c7fa6335d54854a202748ed412c82088bac5d07db529fd2358c66e48a1a40083d9911834522091a61d25013bee70e3d9bed1c1a63ff50c2f0c1ec80bbba5bbb25fd8b2c787e9e6c90fe73a8e476743050c06c8f72344842507a75e6514fdb760f1c733242fd447a8c0658e3045324da0dd132841d0ca758429c6fc0355434a6ae86cc1c798cc9a558e767730437f66f08bc8fd0301d3447f5f5f5ae483ddbbf61f1c8de15bb2421f500ab10ed643d4bb54367946206d5d5cfa6a4a2bd16527a7cfc619d1d7df22fecabdb0541201825e2af362adb3033ccc4eac11db0b563d5bfd65ef1a95a28d5798a33230a78af0b38bed6d429
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: 73eff0f03358879f900b6ebd515f0f4e5a6929e4
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: b2eaad409ae02116417dae0cef457b9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: 6736ca287cf31ea3ec92c68697bfd1f88642e67d9dcab11c5dc8ecfc61611ecffc54a04119f53f9e5476196f220486ab53e2b21e1135bc6745731f0bd32eee9777a1b3d208c21d86048a4cc945389d60ec8954aaec13
+TAG: 53f11651de2a737a0117aef6790d2683681561ca2b26586c5564d5fe06565e17200115d2a473aab781b9f8d4002fb4060f1eb43e77e31f270c143ae08a1cb5a2887c2ba393e050473894f62c6a7ec438eaa575d631b0736c3fcce58b9e81c28701a6d4c1dfd19a5d2de366d7b1c2433997dc826b48222fccf919ae872e42332b74d24027dbdd487014adae3813d52bd20271ab8da425e641701f78312026f117423f90145181d9af2696cfa08059a2f3b1f7f63e48c7ca8f63396620b4046210cc431a1b1311834659338f957141da2cba2d499ce121223f45078668652c9b699209bd1a33832e8a53c7bcd5fad62acbedbcfc1cf839b6d1444a991c573e8c2ecafbe33a23701291a8cb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: dd6cea270655225cb4f4231f54c19eaaa146eac5
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: eaad409ae02116417dae0cef457b9e5e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: 95b9375058667abde693e7e3a598dd4c326ae4db29f54667c54453e6191c52f86d2fb4fe324e9a02b94f094f1dc272b1e6ad85529206a511468879d31ab9e74f7666691dcd7365ce52fd6df951c20e7a71ba740901f797
+TAG: 533eaf7ba2c963ee7357a118f8306660f786ef35206612b3bb8a87748c76c6bd67c15aca895927b6a92c1fda33dc4c330e8fca65d6b82343247d070a5bc0d0d632f7ec3060546cf2fa4f3bb7f144356bb2371cd19100e7d7066f2c304039836d62a647300bba5b7501241b8126a8f39bf8ac2946aee674d0a64644b8aa0e261f4049c9ab56b16e717d162d9a43936852047d4adeb17bda109d3aea0a46acb70e7fc9351978b4bfea20cfa0f437fe8c1308e45a390e40ca17739c4edc6a0bf6e0c14d84ea315e36ad0e80d22011b02675ae09e814c08ce607d4e3fe18a4bb9380966c174ca8a1c397966dccddbbaf85f47bbd97c5d99936c26917df99b6356de065ac0ddee7dfede113
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: 34dd9bf0ce19eff890ecad474388779f63b0af70
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: ad409ae02116417dae0cef457b9e5e16
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: eded2db8c302b3b5b5b0c0d556f8d34408fdb2af75d38231049b5f91e02a4086e6ffcfabcba5e3ec68173dfde382a41523d3c8ea1f7944351baad1588516c548125b1005d3375b03a4ff4bb19937068e0efea0abbeac4f8f
+TAG: 379af744a549ee2fc70f6fd955d68da610b9e28178af1e7d6034c5e583f838a84882937060dee0838a6d0e008c51d312956cbc233af4e94ee992a3a9fc427f98283ffa000fe22e62e6181754cd434b066e685a514bc6ec82444c3d722fd37b305e1c514541208c4cc8298acfbc9f41762f50c87a9b95ca7a4d47ef412f0079cff9affdad66dec43d8fa706ef5bfa7deb9826c28ba66a7395e6491bd45ce3750864e3b0d466d236d1d5a5a6dfa8f531c2ae985515d367eca43505de759ad476ca08a6ad5265e8550a4d1fcdb0f8c3ef1a4567ae3262d5d5a78e7ef6c8097ca22815e35ac82ff78fb39b029edf5521311d0904b2e10822ffdf3f93118412181f8679363766430beedf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 7db8cfbd3b29f96d752346eeda3c2bb0bd070099
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 409ae02116417dae0cef457b9e5e16dc
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: a56c9d8579b78c9ef40c4a230e8bd42750510340fbd0cf55393bd13d93b105fd2cd1d701b6882bacc661e8da81b7c9eed6b5dd4da12353298150819c748f464f5c60b86f92a9e89e483055b8dd3f42605a3065f08189f74021
+TAG: 2704ec8335c00380797ebe4100b3ce3fceb38704eeb5db223e4256f4b2a5353ec0a89676e0542ccbcf3ccf131832f2d4af2fa86de6fb456ccc6add9e453c16e303755dc4e841344efb5251cd266a88f4f0efa3155db9bb475e9e97904a2efaabd8b2e836d54babc9fe4a5a0805d113ad28843994e83694fef3172ef45abfb037b3c78205fe9e6042fe4c2db156b78fcc52b0f43eb3b2ca0f40ddd0077be8880c29c9cf5d3a5b68eac071874a7c96fc531cac7c0245dfd87febabc641b081a7de6693cc85d7851238f239914d96e8281e6c44b1576d0e2a3ea02079762e05923cd53134db1524c28c02474bd539d0ffd8bea24cc743a35267ccfd405a834bbbeb3819a3060ae254
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 4abaa8453e8cfdefd918571a961d8351754ad5b4
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 9ae02116417dae0cef457b9e5e16dcc5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: bf13550fa32201ffc699cbf22de17ca268652f8ba2693dde72b626d01855eea7c21f0afae3fa03dc757491e8efb9091a4c100f8dccfd15a9b4dd94e4fe1f5e90cec62768d0a91e132acb1fbec1052878706359cab3445d38b1a7
+TAG: 87370bba8adc7957b9f4b468f584e1483306cbfa87738a2a047d9e5b0af76efafe46dd1028aba3d3677967124f2adfa8d88922bbad39c82f9272e4734a12c9a82201024147b14c50f110371ca57d3cadba332d46efd5a936feea2f74609ee8b39e22d4e49f608229b9963417661e47610547970d017d1afba6c5d653eeb9d6b596ee2560f1879437c81dd7b7ff64737f68e295cb558c3833fb481b582817bad184290f7b731b611aa09c63272a14f4471ec654e460fe7e2061de628bca07cb52682d4d46a3e29abd90faa42e9cda1118c92ba698ea985bfa4dae1e5a5edc2eff590d609b37786d1d577b55b0cc671d237e338cf46269451be059e44a2e6b40664d060919e7bd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 0fb9d7ffcc7c9b84f34661d472ae2d4fa25d3d99
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: e02116417dae0cef457b9e5e16dcc5b6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: 9f9a3ab733e50c1584c4f0c2a2dc0ff71bb3a9b32dbe92da2fcff8fe46a4bf16d4f30ec8efb1319891b7d2586839fffe5012a6dc3d5f0ad21e1572a1ffb48fbb59ee4b8e0234e543786e775dd4c54cb1ed006b4e8f5195610e267f
+TAG: e3e1b44b7aa92166a01da7ba9c7dd6ed9245dfe296ee16fc20addd7a6c15462ca1c0bf1b90a136dba0749837bcf133377d6ff21fd3cb7c1f7fc50df8ada45e671e1bfdd4f711462c9655c8159f2dda37bcc96df425ef3fcba2056973d39378fd2189375bcb96ca84d023f45f880166ba262c3f089e58888b8a67ce85048c5628061e04a7f09d8a6eda422d424482dc4dd4d361fde54b3c659b273ee9a04faa389befbe2816e164d9bcd9fb6ec7aecf51e9288cbeca4d3e0dd776a3c122eb4524196dd7e4b8420a08a3276173c282dc1463ce6e6b17fb419c1bdb47882e6685c877119fb6348bd0f80b867d60fc8ffc4e89768eb33ada5f32a81eca38965b28bac74f5dcaa1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: c68fec315401703e49722fe4b39cf28b14e9f50c
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 2116417dae0cef457b9e5e16dcc5b6f2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: b4d33c5131701c960eda4c50fc0a918acbe28cd47fbcaa328c6a9eb08e3c36b697928c6981992ab155c30984c6b8e9340cb00decef7086f589ed2d730cfafd5ccfb95373b8c55044fa1c95927d02278a48f986a6b8301426bbdd504e
+TAG: c327263a3dc33abbbb6985406703ecee6ddb0d9b236ff2366c65effb2c936e5961d99de3bab4eb9c5aba4f65a55bf768a369181b191545f4421be3bc5bd2155257374ba8ac8e70823421da77aa1e2001a4e2f4942a40dc586e1c9e3d0e8dba136bcd823eb644d8d152182fb0c88ba540ba3a71ff1b147e4e072298023ae0c8d37cff859108b02d586d5357076e6e649e2a8ad3d4a9de1ffdea88b4dacb2d2c7fe12c8739e0d50d91e3fb57d54e22e6c4ca3c8e47b2b9c7de9220a1588c631dd6ac85d04f58559b796b8adf5559365f8009181a75e1f7f1a3c1097d81065be9b30bdcd0c5572db64f633561e426f1a6023fd7b7e1c4f66919e9ee67c5ac4026cb11aac92e445d90ba020153333c8db152113c5cbe
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 15e1aa5285beab679aaedbf51a86b4aebbe3d7df
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 16417dae0cef457b9e5e16dcc5b6f256
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: fe6540372ad1c40ec1dd644e935c480b9e34aed05a7f21e2e37dd46db52ebc5352cbc3be2aa289cc2e9712aa7d393f4454c9fa3a4acc30db41ada1257693d3469b0a1d5680dc8dbfea8cbb4768161f829a4f853c1c48d08825aa2b44f1
+TAG: 53f79cf7b8f4380a1d1f1def457d4ad78c5819e0654d4052186213880228c482e2a54bbffb71483d32a8eb97ea8e9057a99a52fc3381820bd5c8fa43b846257380c07075592d6a445075a0df4e48f20dac7e2df8967a1cda41bbd4b0411a54b3ab9e79354a59aef5291599176599db82c0f6ee8a05e012067e2961b147a7baa73a818c64b52dbefd767b285fad111972528e3865b78c3c8aed658b1e84ecfd6ba292bca83ef66968e1bbdc05f616ae79d1d7932a0e8d5fdd7f98159b199bf933ada7670bfd4992bc2ec95daac00f10b7cf2bb68755edeb646395efccbfe322c9f381d39ec36d92c914fabb74d4df8dd506d9a8e233c591a503e92943e9437b10268bc9fd1a512b31a3aa62034ebb2dfc2ee3ae
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: 8cc0b1164fc844e958e055b7ae43f2f95c29e8c3
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 417dae0cef457b9e5e16dcc5b6f25607
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 22e6c691ae1ba796667ceeaba4dcf85582e398e529d938da63c8221a58c2fbe242f6da82eae8c896dd31b45b3e8b72ff3dd7906130954f7b68d4c8729d3ff66ffad72104047209a56f1d6cdd927b57e8f29108140f903d03da3f4d210219
+TAG: 6c22c87e07027df3721970ac8ebb881edad4c00566f7b53dff9189ba9844543d4c5894ff1579a353db455a1597370c9d8f2c16a191d6e0eacf6c0cb3bc30b979ba40244a12dcdbf806e609fee1cb9531813ab90854c5eef9527b0e546193df1d3b2e52c5c01cb67db0f4fae9e1557e89b130fde7ae3f7b493d1b0296ef965538ddb7519ec972ddd1926ca29e3a9ff5c9f55414f07a1c1785908975ed43b16bb7c96b2820fa3c317582dacaec45c71b3ed841a41358c87340f5fbac68dcd4590d9aa4cdae3374d7c332c6ace45644a8805ac792c4ae5bbd09ca06581fcb46e71381031d5ad54b117005c2924a538501c944c416e19480d48e792a741e863043be0cf0cc12c700c3238a77ca4dbd168da1618a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: b51001b6ff9d27bccf3103a4961280e0a1406257
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 7dae0cef457b9e5e16dcc5b6f25607f0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: 4772e647d03817c0f9deb39ff4f4f27fb0fed33e0630eb453883c707336f0e74ef206e92e31fb2935a466105dbdfd42c180ef63cf5cdd3c281337895e399df6078c22762eba5d84b8845ea00bd88bf5e4f0da518cae42502e8531b14d979bd
+TAG: a6a89cb7f4f54501b3fc90129f28198a9c3ebebcd6fbf6513ae3b136ab79b5cdf4df4563910a498137864bf3a63b6dc731a29e2ce7768a8216ee39bb67f73b16f73fcf6bfb934ef67dbd964d016d876ed884e5c3357a5238dd7ad6f979e81952d9e2c2c6c5bbcb1ef860c67aa977b8b0e0288bb37c94b48ca7f8f5df733e1bc522c9b06292ae4340710d15079b8d4e9e7dc95b653844a7a5f795d71bd7611900698a21335e0736418cc31a6c29409f501e0d88be63b54d6ab8ab5c7f07f7375860f949168f9555ee49f7fcc41900bbe1b769a65ec344e172e0de68d74c94d261fd9785b6516ff425c6669adeb426c2deef874dd6b510791baa8778601c134dc5e05e0b414836303f21bcc7c300958a0200
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: aceed075f31ab159f6610f43ff0a6ed3a359bee1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: ae0cef457b9e5e16dcc5b6f25607f00d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: 6dadacb58a7b88e2daba277f66e5757042c142115871c9813d1a72a79e5a71366801a757a5f9982e99c355fe7d742fe3f047b711dbe340bf2ffd00cea6dc6ed7a4a416c17138404854ab8a5420960d60cd1b86424b2668740910a922865e4c13
+TAG: 98e4dbc80aff1a2c04156dec77deab9850b5b951f501d58f265f2c75344f7e6d0aba191b077877ed269e75ec40c84d8644070e68e18583be6e13788ff2c7f9a923f84eec8642ffb6eb40ca773a45c003df69c80de0ba199354f231f9091d1b4078ac218835e2df3e76e77d657099bef5a6a1367e6c39b23a0b7cd345bb8f5a97b9dc86300132e95853fc3635da842ed214fd00bac3b46f002f3c26cfd36c575a56af06e74032cec9451837db3542aa717aebf6e3ab3037dfab7cf0aa0177eba2dc3a56c3e3011d4c940b124b565c4450b08ce2f900d400e01a9b469d327cd9bda24af77f60e8ec6f5da196ad850c38d5cec0fba6bbab584c8b486bbac87a7f559be463e5929985ce710243260fb9258e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 976ca4c9819e25a204a024d05fbe7420f717bc58
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 0cef457b9e5e16dcc5b6f25607f00d03
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: 4307f039e09bbc51fa0477941e321dec14e5f562d3a5ba25d71c3c8afa23f44e1ca619d130890b7476e5227442c27995cd292ed9d0a649773b752b3bc7abf171244624bc55784adc9282f1776789fdbcca048313a1e6c8a23119db185ea4ec1925
+TAG: 87187cd5d301d869cd1b4bb721475f6dd5b64be330781e20a24c1784dcd74cbec221914ad4ae88d4c9a1a9eaae7b13052d2c6ded662507a07594feae4de66b72c7fc1143c4e7100293f842ac0022d8a916a687e436ab7bbb56b2a4fc18677a813b38ab1e1d48a474322d44f581a8d007ffc6f7f4a132212e7bef5d5c9b13889dd2009c6398fa2dba18eecfcc5f41c5ed56be7f451f9b7b7a908f0838d3d8e2696512c6ec159a6dd94a1628be9911a3d827105d8cee209b6ec4cee3a488ef5eae355826d9a474f55bc736605c6c24444330fe5eff18a735736b66ea5d0c5b3278e373b57d86dc7815603993814ecb0dbdbd330c69dc46d7e6fc8555a18cc0ba5b5da89e5075c7ad835fef0fa46ea426
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: ad8cfe7556704bb1974e94f70d8743d147c5c3b4
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: ef457b9e5e16dcc5b6f25607f00d033f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: ee9fa11a7d6f965e7d65d8f48810754770b9d237ba0111978b97e24f223817d0c6ce4dbde85c4e0979bea607a36c66f908c25384184fc334d8d985b78c2e9872d82c4cb1aad49d7dc21d6484b80f9192bd724ca57cdced2fdf142283126721c1c2f2
+TAG: ba76fb9c71f51c92d4602572883846812cc94a83e86dd16136d65c3ab932f89b28ecf49ce22335f0c643e3d979401bad3ca97673f062cf69855b23b6a1b14927594d92f689b4204ddb32d95d577ef4379890d804ce26e0e4565dfce891c992a29b9b1fa57f633b0c231e4e9c4939679bd52205988cffc989e34ae744e49a7ada77c6fda5537c5b031208acca0628913fd8a2ecd9f2b5d50254da5f7f00189dfa6d553300d805807141ef0b75557a693f1f90698a8ac912931b7a1a3a889295046219394a0884f823d204d0a3bc4cd4e3fa6adbddab80d123368d2f29ce5e8a992ab9c1c5d2c8cbc99e99647410abb5c73d8e00a0482834f97a576e99311d747088e9e65b8546265f71a237c1f74b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: 1dfd9608adabb5a55e12949f1c4bfcd5a77cb703
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 457b9e5e16dcc5b6f25607f00d033fb9
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: 1a95f47f7bdb2d91358f683b7bf803254d88b59e2d3c1d873a09794e1c18f1c924d480727599a1a6890bb664335e690e4e52c385b634bed45e08410448ffda3ea2593a02a11a03d994617b9f7ac85317bf09c41b08b416863cd90f0244d22c795a34b0
+TAG: 4537e27f1bd4b1b873ef4b3eb83cfc860c44921195a0250a96e553280b15e9ed379d4eac959a2809ce808e40dda881cf8a08cd50302f7dd5e67659613932ffdc086db4de634000cdda80fc576294c265f49a48c79ece6d42423a4f86c25c0a168d5eca502e87c419ec09134c27e4db1f2255de7e10f0102b44f30c67c8e07aa23aecd3f62ac8a24f9e8f82be61b539e288d22f8e05e914c191877c5ad1a546415df68427f97576adcb8d428ce7ce2c96acc98fe0d6dcb42049206ee1679f037955cbc12be9ae020774bea675b7c17d0033a60927f75e87d9c7ca263a5e0ed38450af657a81434afc9b4f4a14f02f82e33e17e7f61c276cc1e630dd773547b6cd78231de0895e447235cbac4b3a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: ad2b43eee27e6267d8c5c1c3d558a07dcd6b1f5f
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 7b9e5e16dcc5b6f25607f00d033fb95f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: 67466a0bda0815f726cd09d159e06088b2530b73775a8c18eab2d09ed7bd12b743b0a10345cb3126dc14d8f5c503b65a45467ef9b56ec7c5b24e5548e734d3f0fc90fd9c8019fc782882ea6e72f4df5fc6e8105e79d12fc588c9137c758995666f480dcf
+TAG: 24b828c3e60182873556d7aa85480180d7cc42ba81732058a109b5ecf21f66f1ab580d18f70604ff31dab5a1bbee007d213d2fc7070e3377aed31399291cfad53a334bad7c1c61ddac5015d19cca020dec137fb76472b1a595e0fd5dbdd127b3267521aee32fd12c1f54493d23c27671750776f8937032b9164ed78bee6b8234972634fc7cb32cc0b7f6fdae850110d1979e380b4578b8747de6f3d89bb66d546949ac94e49b0a460c192f98373e2359fdea2cf2a6ad4d09199cc145fc537459d73f48d265a1cdd458f306e3596b2088f233630ee0a37a5c2c21a76bcd47871a7954cd9bf911ab942ff7221623cc7539344e23dba7b0aea370a7d2e2383a4ec9db06a8123016d73b4323d19a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: 3dcddb1e4f49633e7b7bd36f4056d16c53be7f5e
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 9e5e16dcc5b6f25607f00d033fb95fb0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: 34f8a83c831f374e77c5601317b658e47091d811285791eac2fc59fb06658c115dc875c80b1089a62fc7d072534617dc81dc3adffbbba4b9db2e7272eb0b8aea73eb9de6480c43190e239fc300377f186e4659b1f239906614865f10444ee64ae77ccf8e3f
+TAG: 4c975e14b038359ddc06d23ea5a5119eeef3708347d7de47875cc88138b79d5c644507363c0a951623f3c26f8dffd51a2a282641d96ff107fc69684add9e93c56a7d29c8e097dbeac0a56d7afc522b7f5c921cff17c6ae4c7bd456bdbf95c052b18751e1c3ad9a26517c29071361aadf06740e43afb13762b4bc2a80aeb5e042259a36cf03a208b8f6162515fdd3623343b127655de069d5eb8c7b6c00fabec02186cd39bac62768303dbfed24cb20105c7d8b2a6b2c34d5f4472c6f372a841672c1f7b405d70d05c632f7a53997e3e4e0aedbb05813a8712dfcd3c8df4fcd83971cdb81538d2516a3a4a9372dbca6bdee43a2ed77309076fdb367fec85e5db2f01e59d3cc188b67f5edcf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: 25b982a242f669c013cab1c18da425330090e3cd
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 5e16dcc5b6f25607f00d033fb95fb09e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: 2ec0aab31fbb036bd2af5ce39025ee2d5591fd525a199f2233384f52a8746f4fb547843c92d1e4c9fa92bc268174d4a59134142f14e8e1e277f1f1844c64f76dcd20f3b73dfec8e9fc59a639616fe4075a4732dcd3e1de806086239d2e09deca0ffc081f2ef2
+TAG: 3049393a7f477630782378966f7ed4d33451da6b00ba751aee542cfe5aba67748a46953b578d0fad0e37b5627b4295a4f44b0c28d16e300888c0c8db965c14c23310279cdc9834d2ff9ec85932b7e341393fa3b6661bb8d3ab0cff6c6b646d927626b8710d3243ad7a971efbe3f6ede39d8b9f77585e4565a8b07917a712d85b846469807e94f3073097a69c30dfc5f92fd88cc36d3a5f670155aa98ebc80112db1fd1db0685261c1e7711d9c82a73dece8629a4025d7837852749fb8ee1489bacfb0bd8fada1389fc31ece84558d5732c9b559db32d8a498aafdc0aad020240e00f3fe22c2932924305fc1b3d648c53b9fcad835189b41a150ccf234988f26eda2655054c395924fe50
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: 9d7958e23777ff2472f5a24dea5fc19c151dd921
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 16dcc5b6f25607f00d033fb95fb09e4d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: 90712d5e3edeed5000c62ce80212d41773a393792a3a8fc62a1cfbff38b3555aadd88f0e36f93c8a12897d7779972b3e42978cdf85da7a3ba2e4b261f0a0cf4e1edaf259849e87133a9c057e5d3e693a2a181eff1f5d6f84e0679c625ad9a0f72c47d607ffa453
+TAG: 90b31128a2f6673d25ec56c9431584416b2e8c62fdadf580db2d5dd2ef8fcff5da4edfc09685b16db527abf1258b82c13761e41e41646479c833c8606b438a53fbc3718bb5e2ab3d9e25ee8862ff2d088aa5b37877ce5bcedf184713b2d5acb8408bf2f50b3041a0e582230a1f4034b6eee294808ca78e605b0461c1fa383b8194a30b3e66ed58c1b30331a97b3b87e12d2239f8f34e632caee944450e99165b9a317029c9f658c7182cfaadbb6f52da0f8c4f3fd73959c58559404ff80ea3af53c4430ebf2e41197ddde0e3d380668b4e72f72022e3b1ead76284506cfb3a20b9bf6e8425eeb89fc5582f4f1c6736e1185452e87133cb1e8ec045d2e40315fcdceb02da252a5cbd3a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: 09e9eab51bcb9faaa3bc3e473ff66b06e39653fa
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: dcc5b6f25607f00d033fb95fb09e4d00
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: ea1b542c224788ae66ded1b3ed9f9e35708252a1cd1d4725b0a187b669c51d282776471be5a07f256faa9ff16fa4248c629a4bcd31a9dfb7f260d9b1cb62dbae424624fd816bd81f781b93ca9dab437b5e0cb64a37874b0117cf7b96adba2cb7d75b834adf572d99
+TAG: 1e6a782f455ebe54ce2dbac88683437494c4433ddef95e45bae93bfbf4b1d5d0d2a459e9db88be408428c47c256f73d42778e42b936dad9ed773a02d0e7298c22b60280cf1b7191eb7c8fa307076f5129720bad5961206dea4ea1a05645827b30ff3bfb6066db13a2f9f1bde975c80ea902e9e51e64086ea4641150c531df51b328de057d850502fdbf50b4a1295d170c0dada86a0209d2026501f111247b75826953366ecfee0e4c3479040cf27370de1711a73d0ccde18e218b9f6f6aa20e0a8cb0fa4aa75ee585e96a0a0968423c86b35c899b5409e577e093c36d18149199b59caf99f19d1163c31a0d3da31b8c5cd372372e2bacdb2b03ed28605e346cf794872e096ae048b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: 7b17b7cb19107af8fc4671420e461060e2ef3e61
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: c5b6f25607f00d033fb95fb09e4d00d6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: b1025c9eb02f72e5526ef641778aebe786c2f85961997f1eaa090a33caae3a9df34da7088352a2df7a61eaaa026dadbcd604f5baa3a0de4fcbb3812816408d61384984141d9c78f47e725e99cea9d52f73cdd5e2c3961b035589db1d2283476006a1e10a992d499762
+TAG: 3f441554acad8b8f9565a0a69a17d231684a6293aa032e140eb41ea302b45d0e2e36e62ca23e981f98721a97ec02ea946282e23fd4838dd07b9a8cfbc069d913226cf543235541dc1a8881394e9cc0999c63b543e5ab74c35436637578148ff48bca333734d768b15a6e9535a69705248f28961e50facf4e8bc0825b7d2152cb2b85ac2e767b6650376a677f4c7e76521c790d59d9588e54deb9cda034551544ba80cf9d11a9f589b7e8980e6ab95ab77848e2bba36ed85afd9774f32bc9ab9173db20fb97a53d23091add97f16d8ced6bac6399aa089718d8bcc94c13b6e0d08e805b7fa252e787958d4780d24d812e0ea0df1652c04ac325355be7b21aaa97c2749f274a31c6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 48586ad2eac603c136911b28e2c69f101a8ef371
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: b6f25607f00d033fb95fb09e4d00d617
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: 10623f3b3c8888a31cbf51eae0989eb3caad5f5b786c13b41c04e0b6cb2641f850df4ebea610a4d521557c8f987ded40e9702503fc4ae62d1830a0f04d168888062f5b147e858a134a4022bf2790d81a89133aee08a34a704f152cc3cc763c21207d2231109e0b71a801
+TAG: dab4bcc473354bdea1e31b926a19fb97ce2c8b47e76082bcc93a1db2707b67e4f72b18cfb728232ca334bfe9a4a55c347777a25b1a13ada600adfdc4fd57275414b3bfdc9613f300b4b29fefa8820b5c8989bc79db1bcafb69b0d89f7624a510d3a1597f953564a29367aefdaf36d238b957460f50b71adb5f85e9275aa511b7118d2310f5e3cc2bf0c21b0be6e6adcbbb24064a760b74679de7fc146a00014f36d39f59df902925710de6397bf32f5d108902159755feea57fb58a7bcce680babfb90e05a8d15c1b42a3b7d779af99e3cab04eb59e5ef45128195ca17bdc25dcaefee874e919bc8edbc8e28e3997aa396768ccfcd25e59dfe27e46de35dd101c38f7e48bd8d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: c37456cfc543ba6e5848b9b8f4ac5a58a104b521
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: f25607f00d033fb95fb09e4d00d6172e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: 60d4a0ba2caff08ac046349b511017a7c5f5537eff0bda94bf838d50c14d59426424e4a8f531103773aa0eb9d242a9e6f2ba5002ef04aef8144c8a88f05788fa5fa1ab1cb5cad84da0d31b280ff8a55c2e8f32f39549736bb055169ad5ae93c02561006a3f13e65094f7d4
+TAG: 140431d7b2bcf5139b7c9436fdfb3b44834ca810fb478eb0aaf7b0e2c68ce434f05c1f825b245d9fb4af48056925a50315b9f1b7d340e5f797dde4f460ad3c526853049976c0f680b691b28fb79d61cc9f7d8a4b28ddab1f610ac6cc44b91d64275ff1d26aa2b5ef314b1f280181cf72cd8b8fbc939a8751538d85f7fe03617a9cabd79dea5e64832d0b4aeb4893ac35c0d9f1475d928e3ed40292687926ccf5f9f76f78e00f217c013a12e38686423dcee930366e79950955c07399183d775c7030a50addaa42c7aabe5d8ebb95611f3c2f68be067e179e3de60d45b828d54bd6be07948508ff8a9b68abd944da07a484a8b9bfd4be1a22ff006e578b0c43c2bb1359d012
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: fc113d192686652653a15887974eb1f9b8e32248
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 5607f00d033fb95fb09e4d00d6172e78
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: e59fdb3d1413cd6a1098b5daf1662c698076996e2581e11a286e5acd6f29d41ff9d04da8308ce7f5defc52be0b4d1ee96d8e5f4eddbdd5fa9894e7d1b0a1bed483b7e7549e1c10cf5b8ebd1e7f1177972ff061cdecdad8d97bb0308b19bbc2c84d32a41f4c2b7e58721349e9
+TAG: 6cfe1e101e9b8fd2b209a30c0c1127e1bc8a51b8826c64258b573711f4af7c7e4ede036de4a94d70e17695481424907475180c7899a982d7eb94536a30a57be43d5c6b5e9c34972e61b9356a9338af6e8dbf27c920edc9bd02ed5535018d3b3e3df45664f4c0bc01f1876f36338e85b4a127181b42f7cdfa7a4da5a6c249f1bcee2959e25d0fe17717b0181c026ca814cf21d6af3b548435df052ffa0a0e8f74b8c3f7bb37a6b5bcd2b3f2c0e4b24daad586f7b59996072f82c123aa0ae66d3f6bd9980e8ea0312ab9fe0052e1fb3911e35d880f1df50612799033c384f4899f69714efe5df2727528f7b3af6d69e525a04375391643febed777fe3fa3807a73aae666c137dff28eb3b2ccc1d07bc665094d33c4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: bb6e5b5be84ee383caac0378cb6f541726ecf61f
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 07f00d033fb95fb09e4d00d6172e780a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: 9764272fe16e12bb42a8f2a6620e44d4f202c21d51692e2948e2f4e4a18acf58a12d399310f15e78bac1f5f2a48416e5f4262ab9a8480d9f1429e5e9d15d81df0719f8db8d7ac08da696048e8a048255071ba8926be1dfbbcf53e7430862f64c891edaf772a830fd525aa8796c
+TAG: 2cdb47ae25d087c752c007dc8b83cc050b53376aa92e9bc2c46d05ac7137dce0f70ac601b76fe40efd84be464015b5397031ec3e394f880713ad10727d270730e469ca30ea5897a84fd204bb14a920c4c1bba0d27fb154cd1f8277fa6aab1f4c743b52b51d09657b80398aac269f57196fdfb219d745f53a72ca08cfaebd736e7d016806d68e5deba428b484d958335bf03c0ab713b9a54b9a5bb4f3b82b76c45d04b5b6141aeb7271d0a71ebf90ba74b27dff1ece371f6353b8ce8615475a1b82c3276569b99de52b7ae5f27cb1cf9ceca291c1922382ad5260ebbb32cf995772eab6d6213d2e4c438909f691a81825c2adad290839c08566e5cfb3c13de4ebb016529de5549a9ac57d2e76086db82a3ad881
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: a27799fc2e00e7abec4c5939451a834c4606cf7a
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: f00d033fb95fb09e4d00d6172e780ab8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: 9b6a8359acfc5d15067e2e6d812727d768f44b3edf4272f57fb54db41d95153fb03d7a7b3371e91c4be80326f4d70a8f2ac1e867ad3772901c513895e694214d6c0fa1f431aeb016ccc93faacb4950082f0cf00d3a5879c9a4f3fdb281e911b40d6d0a84b05f4ce32f85b1657d75
+TAG: a3c72b69369cbf0d435790c97438a38109f36b147943b0629b1c2e4926e831d27155f5617f1f884af2799774b69bf0e092d29158fa51495e132b206cf51156c2116b23848ea51d684808d5a291b68f57250626d2190a7c0779512bca6ed44e619d0f7f8bc28e1c9b729514e12e7cc08e8e8d72bd1ae30229e56fa7e3246dab29e75bfc866a2b83c48036ea0296dfad04357ed990aecf6b28a0a3fe7eaed48f5fa59202f109ad0cfe6aa5cbedfcd62eeeb15df7be0645e161ee6f7f9dd811c98158de6534739268757a1813e1aa6c331586867acc75ae410c371a81cab835fcd928519d9468ed61fb5d7c191807e613d40fe174c8b33a400baea2e96d9d7f1734dd11092481e71d0b0c0c86419d5c50cf6e18
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: f30eaff92a640a397f98e6803623e8d1f0c1fea6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 0d033fb95fb09e4d00d6172e780ab8b7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: 5818d2a656fce95d7a24bcb216f4d6b91d45d58d6ca2df5c9d6412d917951a9f61ff07fcb6b078fad69862aace436194f86f309373452e813c461fdb36a95f575fdf0f784ffa0914f0c0ee0c57ed1e604ca7a7a4b3d20c272b3b7f2e65b18c1abdf8c88e1e7e7dbbe9569eddfb226a
+TAG: f6bfe8a461cc83a7bc7c5a39b6c521ed3e0ff050a6b01999b2710e0997e1a36a72c11363307aab1e4d921e9364ce826419d15b3a14e251e82bca615281c19bd243a294365492b11567341f13f14764e2b30ebc8ac4d313047694a884598daae76a45797f583a8279529e9352c8c13a06510ece3057c0936de84e6c292e3266424eb9aa4b7e5891fe7180f0a31580a700a4e24d7f1e53e1b69bf36a7c0db63473566920565cb9a22a47aad6afc8910a6b6019a67a092ae814c0260f2fada1a6dc44c5447217b6831457f66d7a2ecdc9187986edbdc1c68e573da33daee7fa2ef3adf4b6179b9a02d31c36e4505d5829ef30058ce5d09ae42fadfe4f66e894c36d7db467ec5ef508e26cf0724b261235579c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 7227537c0113a9f46f7d332a0b37ee5303483d00
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d
+NONCE: 033fb95fb09e4d00d6172e780ab8b700
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: ad0dff8adc54b5f02f428915bfa9f7277e4743e72e1789dcf552b91cda03bf52c757a9cca0655550c944fd264d287bc97d15dab3b986ed34637f45ffc1eb71b764cf5d5c1444033975829f1e59cb65ce40d787adc630e1f3155b2dc32733a75452efc755b6acd2160fddb9a26e0c4587
+TAG: bb5273d6920ea95b43efeffc99da0dd48a556e357726fe34dad94f0257276f3ac759c16d9b34dd86f09a37bf48227d67765efb83d001eb8dd87636ec32860226db118427a7c7367d53cf085ff86d05a8f35f893a044e99ae5ef14fe490eb03aaf0b97581184956211bd19ad09c9aa9a064e305abff0c654006b8db861c7956ad6cbf46aeac4e5f5d54539a9dede2ac61d8f133c1a9fd2b8e23ef5d2d3068b42baff87faccfd8499cafa30bce2f30e2c1fb203acf1378d0c776f9476ca83e4973ffdd66f2fa86105ed83701fdce6ad64a824d2317f51443c9dd3c520327c7f3bd99413d832bb1b6b70655d31c90b7bb23a1957a146f6e0dd1a272a04e833e0b1c84ba2b09b0c1963ac17350292646566f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: d76570385cb65d30c3d636ff25c5efeb8d1ea08e
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d03
+NONCE: 3fb95fb09e4d00d6172e780ab8b70043
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: 8a1448acbd769e42bfdf00ddd801153db3202daf5ba7997890f5f42a183d3a66faf66d899c7099fa99bbcf5b62b6adcb6ee87fafdd0275a8f625f3f959b0ea9acca88070aa9c61141787435cd60f63e262a80b6aaf931ba554ade7e0fb46b03a318347f1ca84e9fa1786d721b6c222b1b3
+TAG: 7bb49e9f481b45b543195956ddfe975cb63203f4b68b50a05c855d128d311c339676c1b6b38ae280d0731f613f9ae4cfd1945e302451f26eeb379a1b610773750e3e841d50e16da759a603897de6e84aa6733252cb0b6f6539e1a5258751ee7c0a45aa9296c32322d6a465a42e4017f44814fc58402cf561deaffa43d61396d53077cf089cfcd42b182694d286a97f99b65e5c43ecf69898c036381c6dd9657f2cc08144b28e9ad9a00ff10fb0ad3b26e92d8d65cd6879b11ae50f592407188e46a3342308ff9316c898b09648f71513e09367aa2ad5d93f87e4b2430ccc8fba9825c0407135fbf65a0db46d491059f71a989629dbfb1adb10e98d02935fa846628e8b0f8dd01991761945c5e84f9b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 170369666d1f2337b29b5f14af68d47910388e7b
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033f
+NONCE: b95fb09e4d00d6172e780ab8b700433a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: 0fca069ff1b260179dd5ff1124e557e97a4cc41e069d124cded05275d37913efa220e1ed4768bd04d8e65797040856b686cfcd5b772278bcf5fa64cd8183ba8b7724359804d609b31fc31514a4ed43d84de929d99e63f12306bb497e8ee77648be578ee74f1cb2a09ab32b3ecb913c7b36ae
+TAG: 19b492f83b9458b356020d7c6343b6967f1ab0328801042379e7d8e98dc3f3cf646a96d7842c83bbd210dd8dbc38cfe5fda9d879285aeabe19dec677fcd389651cd284ac650287f13a461ec23f7dc1cb5511dc529e99a078c2c80ebaf0fdc6704bdc35a2c89c728a061095448e6dbee102f4793932a580a826382a244a9f11c665015675322d514be8b1453ed6be846613312a1bf9e4f2c126d2b15dd8e6ae759f5151528361d10d657543767b05e8c1b79df65aac381738e2f43f95cdc77383f22e36e3b26d0c65f695c75f7ab422864e63c230df313fd8e41b265b5a704b7e5f7c96306bffc1a95cd09584519e2726edf93a9d2871b9fddfd7983c81812653152c3775df228a542f06f359bf26
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 7c52593d1d37b0dc380297231c6cb7b64e04c493
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb9
+NONCE: 5fb09e4d00d6172e780ab8b700433a95
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: 8cacbae377d038fe27b37fdb253f3b136aa38660743dc6b4778ab16940a9710c8f08970164316e26c3b603140f2f43f62a88d021426b841baec29fb11a3d8735d0b8c14d133a825e1044be5523932ebd65b34433c083c2d77af313a240b1eeb52391728dcd04852fdcbf9b6f89502dddc317c4
+TAG: 85c893ad99aff613e6f95cf9c6e9045cc22fc8fe421716bb135269202ac57803e67682d09f88ae5970fb4f52e97a28efcdfe0a359df79a0576179a04830becb0551d93d862842c4b5f33c23fc0988f96d6deb37288f96507e432190853aca788d55114946833b6c7c7c10c34a5d5852d6fdb287b9dd97fa6b7991efef4ce66b0dd9f0ed6d112713c314aee9c172675d86c8f52097362f3ed4356ef4309da510a6708f32f24549dd80c9ef72018d7fd90134fa2d1ac1b9858ceb9b382b263cd3dbf697aa40f875eb502d4f128845bdaa9a8b4fd07a31b687bf4a1a1bb4843e205a9ab2b33a3ace650f96935b5f6de6d7577deb9ab68c4295cee108b2f4aed1f2d2fd167085d2173e2e854559222
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 09a1659100052d13bebb4defd7f54f975a58ae2b
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95f
+NONCE: b09e4d00d6172e780ab8b700433a957a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: 06b44584c9ddd267bf03aa311730fd0c4d3461678d94b4a794eb3e90b9cf3113ecf0ce0da8789d59bec50a1fd1e08ceea4cf9e00b2e0423706c126af7a3031df6cd82a7bcef877b413662e731b5a74ebf68f781eeeb79cf760cebda2c5070dfb992007716993b0213e822829e23f448a7a5ed880
+TAG: fd65c8c7f6b7795ab5792332f6329c1d606b305f3de89d9e154ff7232947d8581b6666faa823b9ff8bbab2cea14c2526b0fceb5ebaabb79ab4cea0bce96e9d1a3f556d7d2d83b4ce2c1ebdaeceedac3fae6fb8f9869f7c136d47a1ac93c7b5b5ef01f8e56602d808a39b40f069403eab03498959b53b8ac0bfb72f0c5b5063c063183b43d60a616325439b0491e2f3be59f9948c939f533c3fc0923028babbaaee977cbb05fc44f8cf8ea37016141d464716a875ce4ad096e247ee9081a1ae3448183f5412d84a6223daf432dedd679bc3f167ca5dade21fb2cd9057189049e730df47b409a07a8b2c727e2ce04da8e3f02ebc6c2bd528b7726ab803c5fc5dd602496f78b28474ac87911bd4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 230c3353ccbd95e4f0acbbb0073053a0186f833d
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb0
+NONCE: 9e4d00d6172e780ab8b700433a957a74
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: 85da88e13f3ca14fc4440ffca7bc837818daf1dc52a4c505583edd070c7cbcdb4642d8ee1ca687037b08e1737a2f49039621823222f9f02deef2c340289af5184a86af8429747ef2f7d98d6aec2af060fc8e6895c2182bd1c479fc6a2e7ecc0390995bafad5b3356e2a795131b0aa7d4ded344e50b
+TAG: f1a1b3f3fcb4cb89587bea4284449bcdb16785c277835bff9083a65ae77ff7543492a1d2710a79b720060ee37954c9719f8dc0f6fb4a75a27bc2a761017ebdc0c81f9e8ea5809a816ee67e731871c476f1ccd6b690b054984a4e74c060fbcdf5dbae743ebe2f72fd865dc1eb96e4e62fca3561a245be1749ace472b312cb1b28a0b2c2d38d089eab44f51ceb88af097627638a3556005952e28212d5c9bbe85c86f89879e55358ed06f28402f40285b97a8046b5479202f28218c71f98a4020ca5d53e16e91ff8387b16cfe6bc4e81c96c44e7691c10ebb0d37686e608773cbda993b816ee3b15c4ccca2a22468b186f8d29d853b945bd27ca0fe3e9ec55bdb9bb4e5477e6f89914e3084c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 701e141608e71005d32dd1e29cd068aea736c9dd
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e
+NONCE: 4d00d6172e780ab8b700433a957a741c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: 10ee64784345c076e3f9aaeacc87cd51d6ee0b0facc9f40b4e6a1b4bec669ac3c5252c948b0c0a4d8e798248e6b10ee247e51c81793c2be91aa8c9666e0d8774439ea159e4745014bdd2e9f379ba461a7e638cab9ba2aba1498397044edd3f271e2b4dbb5990c383167c9191ceeaa8239aa6391c4b27
+TAG: ac2d199535c4d2eba150702b88740058f1e834f89031c3851571dd9122291dc3e35b764eddc5856850c8c59b3caa211feb1ac256b749127bbf4ef56ffab65e3d9eaf438b778e5342a67ee4d876fd3e53aa29a532fab39d0c57e24593374e2adfb22cdf0def5d9cbc8701c9d6a2cf23d835cf75236069ab2874b7264e0e0ea9dd785b463ed8a6cc3cefc3a4c076e5f0d047c7d60be677b7716bd123bbf3daddc0cd5eed4d5c4f0f6d1c19c66e0b5bee5d58d295c2fbe6a164d464b173cda057094b983b2ff974783084a6cc4ebd9644f3b4426a3c157352b70ee37a2f1ddcb85936b0c38be4eadb33bb9cda7108c192597421bce5e36cc2bce7b65868f28adde738fd3bfbeb15608b4dca
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 9aaf96b472ea76fd9ff4adf56dab5fe0400d18d6
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d
+NONCE: 00d6172e780ab8b700433a957a741c9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: b90220b919dd02b216aa2eb7863372a645b09df88645dcaf138fb73d8896e39aac5a1c2f0535385e15cb850a6febd5d6ea9f3fb573944cdd5b30cb80aff6b73a173ffd7c85673248fab94e3b9544930cff59f52515dcc8ba39b6f51dfd0487bcc9d28773e91c718afe8399d652acb97552b1909335dad8
+TAG: 4db032df3ebf850528a308017477a21da23178403432b4714c1da01a253a635cd2caa77467597e9b8c589ef3e9c6f5b991329b97bcd1bf1332e03638fe1b157763bc41e4f6e78c05a5ec5f83306e3b5e8bd96c9a04aa83291ca90355a3b96a8688cb93ed9bba3b8688834538d1e8bb95a0cf431eb7b849d87199657a402a0e1e5ef79da8c1895cd454c440c57cd424977f6bf9e2fa133d916c8772e447e066ec2cbe3d0de2a7e19f06c74ad5794e5eaf9119fdb70665c07ab81e7d72371d23a4c96290d2da60bc7819af4d60ff4ba832daf3369c6198c45f0ca4c974dd9b4a81c0249706a25b23fcc0fa13271d0f00c6672a06898b2b833ba3b8cbd519e53939f0da6c09f288bff969
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: ac6871d354eac507556770d8b6bf10b5240273ed
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00
+NONCE: d6172e780ab8b700433a957a741c9eb8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: 9807d89925c67a45c8ba18cfdb817f5bbc21e58c10f7dc8c15b70acd97e8b97e0393d5948d51a65f6f092590b38c845164e6d2b49288bd0f73c4f4b551b362470638f51422dcfdaaff5e8aaf80ff715f3f597fb9385ca18355b8e98d1de17a303d019f7d4b9a3acd07d257c049fc16134c53e1350cfb8c28
+TAG: 7cd3491b8e157876b8091d2742f673196a25077410036ed62855b5440eabb10a01362a8e7c06658ab767be26c43a6eea3e354ec867de2b7b6ce96a4a951696051fe1a76a694d330eb56c1752bb2f866dbf6c1e85b3361316631c7a4a277023fe1d793ec4e4416c8db3b7e8a157e33438eba857e2b54db84e06006f83d93284714dc76cdf33da3d5adee64de2ee9feb689b9d64ecb857588c60c6e8b2eaa3999dd2f1cc2a6727cc5a50fc3902124055705eb726f0e57830732c85bd598519ace6cc86105cd36cdc7ad7f6868babe314b69d33021cf9931720aaf765d5f61e41155c7572ba298d52f3d61b28e3b5080c124821e1a97d1ec78eb5decd34a69d054fecb1209d86ee7779
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 050258d6ad6bec54f8bc48c7ba2d669d6416c11e
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6
+NONCE: 172e780ab8b700433a957a741c9eb80f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: 8d69a3691570f0d175aad5fb77a0e9abd3f882b10355a08f0160c113096acfecdbc4ac32f037d16c2c4dda4bd3325c8690bade6bf39b14435cc11ff575a3d7e9f7b09b5b40f9645d9a5dfb44f42304d82298cdd866e957d4ab64374ffb86879a9339ea892986ac706bd2310927aa2bf27dce3bd6012591cfce
+TAG: d754d4d2dcae21dc4a69c8e56ba3925f9f3ccc53278cc621a0ec4d4ea7b099a289eff5599f8bb1555aa9fddae50f04b5567ca7ae4498e1716f4243932934e2cec1434d4780184f0af1d0d194cf848671e5b0d6982a07b5679826f124c8f69f26cfa37a0105cdf15585697c75504bf8c9c04d583db189cf2dc2dd345aa926d440997a8d76f6ed12a19f2d95a2727fc4c0f8786ac3c50896a6cad6d948712e4d72a44cfb2fc9dc753dbed91f4fe412db6fa5e6b548eb1abed87e3b4e5d808ab4ce11f265efbd4af8e0516bc412fb9ecc3d69ee68bff6b12f3987a585670439ced09a038c526bf226299b0628f6db003a21eb5d943ef84e90f133dbb4c8468f555721c76da689e8d6
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 70060f86c76e53512933c09deb5872eb23efad67
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d617
+NONCE: 2e780ab8b700433a957a741c9eb80f2b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: 26d675c591f287b26eb35f87231624e454c4aca1f25491b74a252e971c48ca523b353b4f6c0106c1b3b40182eddbaf7ba47263790c3b22d23b09458d48868bb18b2fb01bdfa965f7c1b211fe02f9b78959b71e872ee05ff3baf548a85797270fd43c9db1f9f97d3b60c62c06bccca0ece2b7249f3c0dc6b04aa7
+TAG: 864b50299da796a664edb8e1d0bd0120ad31405c47919c288884dfba933326b03eb399c634fa77d611e613e958369aa3d9a563f421cce3ea87d5bf2e179c20e5218378cca347fc18b87248a66810ea08806f571f1e86bfde99d089b06c3156cb6f2427503cf03e39bf3a60b1d9542a3789b657956ad925754ca4a369b05d269d481d4cacd35ede8684623ec9fde9ee860ab12975bb1386470e1221d2b2d1091c7a41754b8440740b4878fb19c65ffeb2a120d84661179e07672953243a09085f0d21265a5476c8574bc49e30ba364fd9d7f2035ba1222ef9c6bab7d1e68211c1a9425a13473f692b700c242fb56fe77fded75312bfdbb7fd44a88ab37d85d640e883ed1936ef
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 58286fe273bf572a76a2725933dd969777c303c1
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e
+NONCE: 780ab8b700433a957a741c9eb80f2b02
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: 9c61bfbbd3e8395be166b30a56b3e192748ba3bbbdc334dc3720206ac10c90dd777aa4957695bddaea0b7e554951c94f2f74a2bb7547ac20a7e357fe249614204401144fef61394c140553d5566c18ded15e0fa50fd5836cb725d277fa46210eb588a96d7baec9e2c947fee1b85cbe6556cf23655132ea72dfe4a2
+TAG: e66769c0cd9a2448afe99faea0b64137f4a902158d6b11a58f4bff98df8545e0ea23a7f7127b6dd76e3a3ed43490b44bbcd6a7321e5edb819e6b2e163318ead19f5a306c7b0b137f3b9aca44c4ea070ffa5712102b3f1dcec5c660b494e8f3d809b3722fee1e7dd29cf771613b68e45733a9e66ebda992930d32829d31e61f2217e41620ea4e621840f0fa7f7b8762e0ca509f0eeeded7fd55727462b045e4adff507f3dc4389d9397f0429bd17c2408ed60e0d94efad4936fb55c359052a6a88c056e7ec1e4085f4a48b125bf9340e57be98b5cfddc3f9d07cd036b0b78aa205fdbdc8e9c511ce32b6e4c9dcfe5722fa13f9d8b59821c61ca6f8ef75eb367f4a37453642c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: ae701e5c8672dfaf728bf0f43f5e5247ea9ac13a
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e78
+NONCE: 0ab8b700433a957a741c9eb80f2b021b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: 174bb28ef8ee033bf0f39cf6a5d3c2157ec773078860232827fdb1c875e9622e198a00a50fcc03b2cbf1e4a747efcdecda8b612ec3ebac650a7401b4b204185e4b42306d544e3f6512b87bf36b5f55ec0bb4da01c36aad92a16865cb852e1a5d1a86d3d57e6336d4376e8988f00162de8b238cfe36916d5545fa9460
+TAG: 726c9d0511e81f69edf9bbd0397f4c3c49365418afadcca36de0aef99afbacad6dcf042fa62d405c9672e5409a7d28baefb467b7c153a3ed97bfd2b8be9b96e42b33703951bcbf04dec12d9bee63f5f30d2e57ecdcb3818479a163bd2a1caff3a327a911bcbb50bf213b77cdff340c858472223a71d4f15e029fbb800b81ff375d84d4c30ceda7a2c42267e1cf43dfd565c8a4a842556d577633857204af99ca35ca3c28bb02a7dd9ab224ae58938461af1e2bf64492fa2a18b4224ac3ef671c7abd9b6e266a0469cf3b0283b3ad6934240994f1b2d43b35d77e0055e0377c43922527d93426be34191dfd4b0a4296a078d128ea416be209b15c557f5da675c705ef8d1a30ebe78535434d2ff8bd29346abb9bfa
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 4f498d0aa9205160827626ef80c163275eca1f78
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780a
+NONCE: b8b700433a957a741c9eb80f2b021b14
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: 9b01cfa97c72b5ae8befd0d357283a52f6b8c5d9292d28f61373334280f815d6b69f878936738cebaf6fc84d20baf51868eb4d2ae08d64e724beea1887a76316acc955a00b5d1230fb120bf7d51f74fdc5f332521c59406bbd3161987c6ec49ad946a6a51755796de19830631daf69c78a847d2e515d409a7b77ffe75e
+TAG: e785184106419b8c7f38061f49cfe3a265e9d4557b9b2d91ecb8f21ef3f52e387643b8ac35aae45594e70e4ad4457b852834718a1456136c5690aa164a152b0cacf020e33bfb33e2f1b79dd23d2fba5adcf22d4288308bc1d055be378eb77b67dad654658906aa3cebca8eadce6127ffe972803bed110a5e301bca0f2c06dfcb7af44275628831bff33807048996115d496f4f13b479f4fc1e8f2ff0991ad73293e789cd909fc0471a484ca11be8383fbb4d9590570c275354cc89a872306f4d285561dbc068c98d2989dc4453b97cea004a73fe238924c321d3a77063c1f20890324ae59860bdd3f7a70a7c21f1c51a790f37305719527a20b879e56b65d38799b899cd9fdd7edafbf456618452eb4fa37cfb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 8c043825b2a3764e8a0cc35a011696fb3ed03c2b
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8
+NONCE: b700433a957a741c9eb80f2b021b1444
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: 0b0133ac614de667eafb516e1fb33b016a8b49e558f335eed239d50ddd13a4152f1570269615a243502fe1c6db0667a2de7975120ef65186f5af83821598ff45494e943acae24a6095ad46a498971f7b185d7784d451b1260ea478c03babf0e582a8a777cec20905821267eb85aec1a20c0e3b94d78d425a12f2efc4d60c
+TAG: 1d832d65c91d458bf343260419ad0ab95c1ffc09b137d1ad1805cdd648c8ecdaeeaa0ea27075d4e6753538d831577642c92317aeb5525724023beb923c2626bd9536757ab73d1739ed0a850afbaa5914fe94ed606e245274d4d3071201a3d73ea1fbbfb4032e8404c12dd02e0b6cdc38324f4684049e2707f249c9dce0e6df9386b787154ecc3974d041cd6bc5e6d031851247703347bf8324f077ce63ce0393fcbafb4396bbfc9260628f4f82244b77b8ea0ff14e26c2058e0d8b662fcb9d9ef747cacc42ece4777114cd2062e20b8c6d198fd5628b198511274f54964c40f1052d41f68b5d90256e894da5e5ff3dee493f5eb2a7d2a9a88e32b774afe2e0e643d606185c34796b40716a46fb8ba911552a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: f3a432271c9be858725fd024071c4f479ca9a971
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b7
+NONCE: 00433a957a741c9eb80f2b021b144476
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: 8d5b92c78a48ca6049da6a036735ca23b99f9c3cfb97122312e5bf0279d094cfca0b976e24f6b65d81f85eff669da35486809cbfdfd1fd615a5347947156148e6b71a11f7bec611e7c29e19f6f62f94bd7f8b89e54b6945dcc1a7e380e51456a31f1d511bb92443deab5987c3bba266329b3f27e24d155ce685f67c34dd18f
+TAG: 295c8072940df20a1ce3a27f32622fd6cdec5f5aaebee91e6654ce96f013cefc348f1425a6fbd6f42cb4e1e866c0fa602afdb503eda59801d8a791fa7de63d22c080369c6a3389034ff92ffd347ebfccb0dc9cc972f6654eb102f5b12baf864b3514f22d55f28df8d51955a1d338b4e5ee9145a4a85ec87655ce41255a6e91435a1d9e4af613d35bc6b4554c2594baca964d2a58c75deccd36d3efb50986f844ca6cf79dae24edbe75ca6008457ec23e69db9e19c6c039feceda6e1672bdcccf0a8c864e957b7efb1b468b4976a97600e3d03ba9341876e6439117d2ec364d479e0743ea9ddfce7effc0a64b73fa55fb1f57c18ea97dbd03b6391963734dfc459d4efe2e0f609bd51ee0a09faa81065ec8
 TAG_LEN: 20
 NO_SEAL: 01
 

crypto/cipher_extra/test/aes_256_cbc_sha256_tls_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 32
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: 3519ab2b2943d2a50996628f6c26bea29f84c95af4c128cc3af012bb358ee9f7
-KEY: 481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
-NONCE: b8da7dac997deafd64b1fc65de39f4f0
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8
-AD: afa22993a340b9b3c589c7
-CT: c90e0c2567341ea7e9d968dbde46ecb46ad78dc8be7d47672068de66d6e7eae1
-TAG: bc33ca235ae35aad13e540cc9f0714dab00678652cc476d57c543967c39dddc9eb9045fddd9fab64fd564959daf731fd95181a79f4e1d5e98ad446d8a625b68a1185d14f4d17a90a23e9f63e3470c37a367efe6765da9174fcdef198cc90d4acfe1ea34b2a38776fba7dfaca92b99ec5be216e7c196f1a615c787f8a11dac7259b3b6982d1415fe53c5e37c428099f6aef8a13b20d77e482c0900528b10b0a008e5ecd673762de36b1ad38fc33fc5ec70cfb963c62a8f3d8e471e2cc863fc65ce54dccdd3d95fa449378784f4e39a24c3cdfbe74fd352b74fccfde6dc777fafd3dca970e63f5b07e8c53d7ea0f77c26f80c9a62b7d1ab8a5f2b6707ea4efbefd2bd04e535587a7e13ae0005e1e3401935f424c2eb7e27e4137135997e26957d6
+# Test with maximal padding (0 mod 64).
+# DIGEST: 6d9cc64eaa0b3c7482d8431bff6d24c9bec634ef6459d873af4ff97756c9fe46
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be
+NONCE: 905d41203f5dce998f8fb2eaad409ae0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: 7195b9643e0f7a4293c865db36442d4fe2cf3ea2c648dc88cd5636fe5e6bcea3d1197966e800da8c78bcb8830f3fa97671aebce98549e62827adf612e70f9466
+TAG: aecfefa9e983ae857f033408f04a2f4dc9069ce275e00f9c35649716c3c65e9bebbcbf75ea3445ffde4dea79bf5c3d1dc4cd15a351972492445d1fdca03f7834b18e556e7e37e1ee1fe9a3c9d99010fee3a7506677e3ac5cbd5448549ee3a5e7bdd5a7b584767e76f1964a864ad2dad467e35702a5771d960b47f0cc4654a09a5cb4b7336fd43cd4fe5290b15ff50ca286f654b215c3bdbf3b918ae042fc17626ebdae135302ab9553416224cfee1203f804d99804d9653ec2a99a7fbf5d2a54bccbac2ef38e6d58b22ed53804cd5851e07f7cefc52df184a3c9acce574ec14c99a3abfda4f21ad119dec4a7743b384490136e77b1216d0df8b58607cc1cb4dcdbf25682dcdee237b773fe9714d24f2b3531037614585df4f56c855fda9949cd
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: bb57bd76fe5f29b96ee3f2d62d8f3c4d1c8c986c0991382834046dc907fe1ea7
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be90
+NONCE: 5d41203f5dce998f8fb2eaad409ae021
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: 1d50f3eb1cd76d8e08a9f386db0cdc3eddfc694e8502ccae47ab431c2935fc461254b80386c87690b01c22f38ea9bd118d2e0ed316ac249437a3e9c30f6c1f7636
+TAG: 4b376f558ddf76137f0690dd8eb88720c506760c182e4cbb2fddb2f64e269bbf9e4bd20d1f2e1b8203f10df5a92a5950a7394525c2c36006716d741e686473de9895bbbf47849ad3a340dd262c095263be3d7678734ca7edeebd4eee8d3375c8f552436e3a90c7305aa0bafed0bd42f8f651a38666e28455e335ed58d86ed265da1e9cb77c780d4be9a5674e3bf7b624ec862aa9f5201793cc1cfbad7d0f700ce44d3894ed8e19884277bb1e58fe2ff4d4439163c6642f11f13be03c62d5a13182edc3e62bb72cdd7d0e157fb20fe4815a6803425781c1701d0601153811ef79ecf6ed3852eb87f886abee0e4ff13622b32dd040691810a80f3e21cb1d24fd2dd2b74cdeca38c49a7a1d68d72aad5484c6907a4e6440743a56cb8b6394d2a9
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: b09802c727f0f85cb590791372c52bfdc2e69de36b9695daaf7a93d2fcf56fda
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d
+NONCE: 41203f5dce998f8fb2eaad409ae02116
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: 4d754c684658bcc89208bcd75f24dc8e18b70a28b8a2201535e60ab755fb20e1ddfa98742d257eadd02d96c6a65f880d058312311efdf67f9a106beff9f5ace06577
+TAG: 261eb376dbb9e82baf29687e823a93bd63961414b1bc396d5fd21e70afa47aafee1103248a9be160a0cc35a7cf05e6a07984ccfc354d37903f9a199698485d5e136648b1fe6adee40b0dfb589979df3b158fd8b3d35c8ab4c387f61782242e23e5698e5f7ebb4e733a63f3282ecd0c565f9c9535df36f6156aabd988e06e754fb3082afa90800af3e564a8d275d9afe184a72d538bd26ca1b4b8c12dc0ed449e643c1a1aeb8b943bd74abda7dc19b2e303a778d348fbbfe221df38d538c921030ce6485ea2bf899284e5bc8329432b16e4562d1609af0fdc616d3bd91688c2655dc0d5b436c0db8e0b434d897687e91a60f749a7e5a6e88e43a16b5f7a4c68d5c8325c260915139d901988ab924f7e9b72bb16020f0cc0c6b3f97ce4380f
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 13588ebf114df38b7b59f890dffab8b1a4c85f090c3f4a0e508603ecd34f78f4
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41
+NONCE: 203f5dce998f8fb2eaad409ae0211641
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: 25bc47e58e7d4f3a417c95768699c92240a2be0e86232a41fe02d64f66716023996772e1118be48e685042f989dcd9cdc574614c9c3989f1885b4b71dfd5b1c323db52
+TAG: 9e72a44693493371870022657655991223f9a9570caa8d43b20b7e567cacc129dcbf03e2a7583b5b494bd6c52cc66ff1d1b3ecb7c39e26efb5fe025ea5bbef7dc579c58c9cc8f272d36b3b596910477d4af7e7105055f7769ee01dbdfc684956d44d583748085de4d2d4f5a9aea177e1f59f4b851c2794e1ee26ef2462b77f1ffb6d41fa793cac4aaac3aa88bcafc60066cbfba2af3a006bf929621350aa66aeffcd8fd7928e50df5dd27ca0831119107aeb0a2e7af5531da7b4033a049180a477ba24b8bd8042c4d30385ca098f9a8f16be6c286811bc036b827576da12beabf69c481a2633f6bcc7cc9255d5c2ffbaf5fc5813c6350f45b8cc664ad18304cf895907ac6c1c1fa5f9485f8d87e0a61f702334db886fa0aedc353fe50f
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 25c98c13e308408c882677b48f3a49a53b500146eadf5bbc0f5a240ab6ccbfb8
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
+NONCE: 3f5dce998f8fb2eaad409ae02116417d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: f1ab85a35a17541efb4f906e7fc85e64efec6ab40d59d3da920c4ec09797c3ad47820e9d934e51e3f4d097c4a555575939bfaeb8cfea062b64816a160d6e4d1f282dbe90
+TAG: 2e3eea7d54f2a95572c0dc382ef826f9fa138637df323adf2f64e42a4be6d493ee3d087704d9a1ddadfa34b0cc2c35f4d7802a87fe3e14be035b269c8135e822771faf57a21ee9f892f26e2231a0e4e03b32f2a809d560ce72c7e910ba4c1b524b171bd50a7a150ed327e791e2f76551d4eaac1e53091f5d701caa50edb892c6e1e2c2f8ac0413b864847fc10875d6f702c03fe366ee4971ee4602d078ce648f54b8e71bcd383bc4c3a14342ebfae042fa52f59bc5ad73a51cd1c561ae615fbfe24eda7301794349431ae59fa6a791dbd0691a83dfe1f8cb0fbe9e385708a9dc9449186cd6026f962552903753372934e220c7d5eadc2ea75356a73cd086f850f40a9b83f1e9331009d23785bb5468feee97f6e9e21d2a17a9eb2b5d
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 3fb8ba4df90f52332bc7a20df805fe903351279e0424c232365cfc4e62982296
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 5dce998f8fb2eaad409ae02116417dae
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 5d6bfe91cd2273a9b986397a38e81be5fbbcd0403ef51873c2c467a9fbadc7bf540e83c538a43dc0e0ab780a4c4b1f5b77ced74f65b61f8b8b58b26fa3e8cba574bb9527e4
+TAG: 8f360ea3d348aa4a950019f720333de020f23bb86eb11ab2bad10665f2294b914eace65dd890642fe33979f0ab04de5fd00b98757e734cc1becc43830eaabd48d415ca58dedad92d4c71f0b7744b74326b9d1dcc7b9afa134c097fd563bb001d8e91dd71a41d5f906080097d811355c268581ddc1c7698d9a65179526eb8c96bfc03aca614f84aa2c871958e71fcef12efe601309efdd7084c7c02aec5a6649dd7fde231de46b4b0b4c52676edc19edb740b33f8c90885147137011c921336b52b3597a30334319d69d71498b11feb841c09577c2167b58430784a056310d1b264e52af8ae737d7f8dc6431b305afe2ad43640cb90c2eb6fb4d5cb8540ebeed729416c04d2260a6b923ad698541a3315f938ed6a1b1626b1e73ea0
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 23f13497afad98ac65bd2a1642935ff7185a839a672fd94b18279ff92202a3b7
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: ce998f8fb2eaad409ae02116417dae0c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: 16e3c681ba1ece3bdbfb1da491f877e806ddac5f1ae96bc406bd195c9d48bcd4a9b700a8ced21d824bfb99eb057e401c3529818725b51e96c576e8009bfe486610501aa3068c
+TAG: 52e952e88946079d0e7e443f24f113c0c13ee17438fb7c302d82abec8e24524ddb4121bd1f2f1ba18389ea5aaa2ff43b9978425f1795cf3b2b5245f13d74afbce0e6f4107c9478c9e76a803be141320ed0ebd81ad6133d0ba901cfc4ef9802c29dafb2fa0d4b6ec49bde0ad8e359265b9fcdb9caed5c2c3772f2777c8dc59190d554a76d6ddeb67f12a3cb382015a36a93ea747a808feee5cf9abb7dd413acadd6519125a68071f7f490209f2de8049724a87dedfe208322cc01ebafac59d1d7bcc8c2896074908b40c23094a878a0b33592ecb8d407a9c68016a112ff1b5226a0ca7ffc9fcebc4f674b4f13711ee64dafd5bfa757f3820366a26b12f74fc30297a1209c16ea6299841713d46b72d03a12a51c5309317939d556
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: fc71e48cdc62c15988a84f32ad60aa760b5766c892e559fa1ebd882a587ce590
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 998f8fb2eaad409ae02116417dae0cef
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: 9b51ba0eebf72bbcd7a1b8452a49f30bf2d96bf0cde4d9e5efe7f1903eb4e09f53aec649c5a8ad7e7fc6c28a0dcf4bd3556f4377bbf8b3f9c79dffa597869255f783cf0c89206f
+TAG: d94d45b132507172de566b7fafe7ff2f6b50387ba1cb27c2f2d566eeb644490a01e89745aeec464c3aae3fcb240dacea5c13f8fab5e3db55a415052a01e0ea77d0ce06a75cdcbe0b7c83433b33022de91034a18188f7ddb699c55957611f0d1f2fccbf1e8e325d33e50ffde6b62cb153c43547f7faa3934eadc45b5bb18a88dc25470dbe6456ccc99ad306e664226630a761e9673f673262690af6e2922f2376ee9dd486872314d2afa8be11db1baa876a9c0c8d4f2050d65bcebf39a11656760142d0d4d505e2a80a0ae3533608c161cf6f9ed4de850a9fe77a0212bbab0c82b9fec6fd151bf391bc794229736b1a51bdb2b012393ee405f8ac64db7471aa63077d9aca9ab11da3d078947dbb7e8c3935c0dbce060df66655
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: ff4f42d72ae561abda38963a2713bb743038589bc2d7efa0f3fab298630b9c02
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 8f8fb2eaad409ae02116417dae0cef45
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 5e4df84379f9736d784d9166047003e3ce3375a8e7add80c8687e94f68595aaa52e3bd39a45a7f67d35b4df0c5d62abc81680ebea78d1ec02153833b4dc4bc5112f4dc2b3f14deeb
+TAG: 9772a910db4e6582b98dbcd4ddcf7833fd0e20fb8044161467d80288acdc76685c62394023653d4942a5d1d27e63c12b44dcca72217d43555728199bf2e751a1e17bfddbc0ff8c6b618715fbcd27990a7f94fa7009466dcf570508fcce46e0a807c6892e805aed7141fb4cd151642dffce62f8d9e677a6a5b3f3506c4aab3cf3cac29bf4bc04d8a2379b8ae4d55a3f7b1414cfa7f576f8345457a87f257a75cbe7862829a5b0f9f779aa50bdeaf36ac6411a1fa7ddbba9519fa933a0729f02a404eaeb2c35ba4ee424bab056ee3a8ad0cc5b5199e6eafa0795dab533d062410f775277907f36375ec1cda175ab1b8f8032899298557bab8f3eb67190175b710854f0338418cd46da7e1d4d0ef8fb8881df16f781df7f47b7
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: f4f7f147b43ea50a1f5a4f19c093ef917d3b92b46e5798e18b5294b0a0fef814
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 8fb2eaad409ae02116417dae0cef457b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: 1ddce9b3f674dfc1b94a6cb34418e6b75c93f14941a6dbe028ed59667404b93afead95ec50b9393a8e0e5f469fc1cbc5136f4dc54f3a005af6c88cf70ff39487dec8dec0a9e6ad33c0
+TAG: 6875fe08d6aec1a18c56b4f446562a523b95c8434fcea5942abbc10f6e10ff7c455db0e80f945f81462a0e689df450630a34a8c9c3379c4494821e762c16a73b029df8e3e5775e78ac2a4106d539a5aa2522dd0a586a974b84bc09e86ffb21f3fc6a0d1c9e1d75179bada55085a3d9f9779c2461f2ccc990765da2450815da4cff73913b224bb946204ba50acf5884f71da7a487b743bfa20a09175a4dc11e9ee6a0b12bba1a7330fb482f925f36532c52a3ead78a8924cd30a1e3053faa174d5acf16fc3e02e0867b921d382c842afe2b69556bb89c853338f6f32434e2b9da81bcf7a237e709fd55ede388b51b2ae62e10b1ca69b4fcbdfa3ac73114713c66eb51fb36678137aa4516530a92e03b9454ca6b8ef35263
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: c48f43e4386dbf727ca93d57b5b2a4ccd8e1f27b201db03000660078b773faf7
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: b2eaad409ae02116417dae0cef457b9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: 6736ca287cf31ea3ec92c68697bfd1f88642e67d9dcab11c5dc8ecfc61611ecffc54a04119f53f9e5476196f220486ab53e2b21e1135bc6745731f0bd32eee9752fe18aa410159805977
+TAG: 5e40a60a3661940d928cc1818e0f0277390296d5a20f1d020452845b5ecf83dabb95153285213d50438bfd32980c294aefd1d302517cf2aad8bdefc63d87d2995523db2f2380cbec94cf5f5a7af4f605d7c9cb2c2c5fc67b567c5c219de53c39e92ce4e597ff10c929d7e66f7a156f3bb8fcf5c05df504924dc282bb94fbc7045e5c758239b70c3f171bc9c34e95f8821738b02b1049c8e1b21d66e8ce2ad606c8492749b78592ddb0df4a51de74514a1f25fc4278b22dfd5aa0761e1afc5e4d622e9088879df40964ba02503e876ebc70ab5e75c33d7ba0d3879e32255ac7a884a723a673fcf7007c8105e7dedcfa91832ebecf6a929033da1069839a1ad5ea9f659e2f2d295b06d5d6c5e685732f8d9c4b95eca515
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: 4fb8d7ccd762998c343aef821e49cf91783d15669105b725eb1123ddc16ea445
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: eaad409ae02116417dae0cef457b9e5e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: 95b9375058667abde693e7e3a598dd4c326ae4db29f54667c54453e6191c52f86d2fb4fe324e9a02b94f094f1dc272b1e6ad85529206a511468879d31ab9e74f44d9f388b72cd2461fb67f
+TAG: 7d5b0073be50f1aa588d60ff430da154c9793c30646b9d98ff8581febbf8541698a3a14e8dcd317d3f5102a828923b4a060843e4f813cc0198d19bc7b8c7c3fb00bbeadde45d84393bcbf90e4caa0b4fb7e8ce97584d639aaedca28b685083417c996ea73686a504e58ce170d5e59dd1e75cc2527c9a9976ab552533fd3e9c22603c5b4b25456d833182821116d7f80fbfeb9b0a840c127a755b4ac4121cd82f12508b0eabcf1255d5ed866b11366f9a2a59becf0aa3944ed0b1531c92342cb89dc819fa342d19db29556a98a6f1d7f166406257c4fc2019f5cfb8e1a2f02a161e2e6e91bd717c3c0b7429e9eb9d50f873ccdf0b487ee1996e38b248b0bc29ff17d713b810907bacca6f4dcc0633757d84bc065497
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: 756ef874fe4546df371e012dc34660cebd6321b67dac201988cc72e48917d7b0
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: ad409ae02116417dae0cef457b9e5e16
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: eded2db8c302b3b5b5b0c0d556f8d34408fdb2af75d38231049b5f91e02a4086e6ffcfabcba5e3ec68173dfde382a41523d3c8ea1f7944351baad1588516c548942da82684d52639453ffdca
+TAG: 518bf4d7ce510d2d8b41b8948c72f652efcc6973337da9e53d8daafd49a8fadebd391c0867ffe253dc07d26c12985933288fc617b9f1e0b74ba51b4a85e11d14de331f9af1c3ec66f4c85e0db13e2669a0429b3be48cb3e8a59f3fae779aba1ae3cf8a9c7d3c7c3d7046b3e7592c67da2779af921b2fe68801d739ebc0fe61ff52724a034f8d6ab916cfac58e9530a541148da1bcd17957a9fd9481571d054e6e38f6f13460fc1bfcc51052a7ae75f514a4d6525dd85d067698197322e61212d58c3fdd3f08e0a06189d8773f87f18c0156eda94657acf5659c6bd687188fe8e3f09b7cceb63d6c78e0198cfb985bfea1e6ef70f2e1727b50c45b123d189607c3dbe0e06f1b359ac5f8dfe1766580afe966c8f68
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 01fbec0db232a15b4f3e02a14f412e296a0f2c7bbc539ea1e5e835206e197929
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 409ae02116417dae0cef457b9e5e16dc
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: a56c9d8579b78c9ef40c4a230e8bd42750510340fbd0cf55393bd13d93b105fd2cd1d701b6882bacc661e8da81b7c9eed6b5dd4da12353298150819c748f464fa35936dbdb39149ed790f58777
+TAG: ec23664bb72e227a2d60f8e04aa12b33b78d59f1237f2305c1041793344510993f4dee5081f28a969c122c414a4218d4a73e4e8ba26ad8f6a8c3f73bfde7b0412f8fd6941f26ab73eca7110a4873cceccd43a917d5ea6418c85788512fbd262c72e594d2defd5a0a136ee74e9d1e76f335965a7679b3a059fdd6b72eab855763e4af5e028e9239418197e00088c7e2f661142d63babe769de4df2bb36f2fbb39b3723516d0c85b1214e82f12367582e9c707097cbd91650f2b0ae6f13a006cdaf65f9384496055bed36622b4b495335850b10fc6376112b99c4ca121228814539a2024bd4e839bb020efb32f858322b4474bf5317fced4ba64817e022bd53eb839793c59e673d4a50aea352db65143bc0a1d14
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c49af18a935082656e153daa62270e736e336727424bf48be78da0b7dced9de0
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 9ae02116417dae0cef457b9e5e16dcc5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: bf13550fa32201ffc699cbf22de17ca268652f8ba2693dde72b626d01855eea7c21f0afae3fa03dc757491e8efb9091a4c100f8dccfd15a9b4dd94e4fe1f5e90a96a8ee973df3f67b1b87adde382
+TAG: 45c6bd5afe30cb502e43d1b3b2440faaa2908d171c8e7f53480efb6d74fecc454a6dbe10ca0ea6368b4afc200632c1b078250369c85a463c63c8c79a95a8d5c3b2ed6ea220b8f624e381022f78cb94d401bc384c5c6be68e8f56f353524d93b68dbb590ca9afefe04e642fb8d8650c8e94a873985c14c1fc7f7e114b2dadf9c9cd89e504636329f476fce6fec894337704b6406c634aed0330cc20030543261a628efd49bbd4c52e7d70fe4b32415359135e2328027b388e3dd4edc43977e8eeecc04919087ec0935f3b7482defceac851adad46db682cb19d407a2615164e2930278c26f942572b64ff9ade93d2debb185309fc2c526a80aa57ce225ca7cfbddd4ae17cea86afaf38b1544a8efcef6df761
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 8d6f1fdc3d60175573775cc289d7436b88d10dfa029e90e10e513c8e739666c4
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: e02116417dae0cef457b9e5e16dcc5b6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: 9f9a3ab733e50c1584c4f0c2a2dc0ff71bb3a9b32dbe92da2fcff8fe46a4bf16d4f30ec8efb1319891b7d2586839fffe5012a6dc3d5f0ad21e1572a1ffb48fbb82daa5c2de27d8d64515d8b50556ac
+TAG: d59e25e24c745028ce4239294565972873c4debbf863e3a3b5d69c5a32127916516037aff509bacc58b89e041ef8d2c56b7a3898aad9426f6c26c7d61adf61790362e299c73eda72314b6429d9f64985d91820bcfa806cf4b99d45d60369f52c369970c8162499f6c39948bea9a7ccb7ded6b4f69f13a98cb1665a9be4ad2f8e3e584157a7cf74009f504622b4529e55d36e92cc45df30bfea3d3687437ade9ae87e16f64da2960d30d6660faea9c890d4110e18c20576b729bf0157c151397aec86b563c1234f2deedfea18b2ed2a780b3fba34ddf21edef8bacc5155834e2ad144b39eacde01196a70e309122eeada9c1c589ecb7cd22a954a8025edd31383b2e36f453f9bc1fd8779e7a23653cfbea7
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 11a40304bc276c51e2e7d8e3fa16f905bf050f3861586be68ca4257b1e6cc566
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 2116417dae0cef457b9e5e16dcc5b6f2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: b4d33c5131701c960eda4c50fc0a918acbe28cd47fbcaa328c6a9eb08e3c36b697928c6981992ab155c30984c6b8e9340cb00decef7086f589ed2d730cfafd5ccfb95373b8c55044fa1c95927d02278a
+TAG: 713f2e3e88f54fa870bb429940553f8a55526f219f062dadacd69284718a21914f86d905517eb301bb5693610d69a32becab289041fb962d940eb0a37da57724b4d07c3b968700dec4d019f6672cfc45be30e4ea80a33dfa7d88abc6733a1cc7a788c6dd12f2e18f001a9d8f0deea3411c00e9234d9484fd030375bb6c3519e8068694019cd8e7eda59760cbb775a01d68626f88ccb026604fb260c0e3eeecd3482619d1108c3ed9ee2f992c0d221f8a0b3964a6ac23bdab18f2a825a2bd8893551686224eaab405e027bcf3cf6cfd840479be33ebd22479b72d61e1d26c0d62ec8e378982a61e85da137019fdb017338fb245ed0f82c531be137dcd56af636c69197228ed2be7ae7dfb0097c4f7e5144577a2cb0cff362c52e28bb1d2b284c0
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: da3fd1aaca630fe609395b45a44384c57f779505188c8b12391b9f34de17dbf5
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 16417dae0cef457b9e5e16dcc5b6f256
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: fe6540372ad1c40ec1dd644e935c480b9e34aed05a7f21e2e37dd46db52ebc5352cbc3be2aa289cc2e9712aa7d393f4454c9fa3a4acc30db41ada1257693d3469b0a1d5680dc8dbfea8cbb4768161f8291
+TAG: fb0e5d817e59ba33aad224a3d75b490058e8d743e6db43e920b30fff5e931aa17ebdd9f33ffd1eb9d73a2b9301fec0981bd29d85edd9804def4edcc9d25c04e7bb4f092b71322dbfb1c54fb71de189c88b0c63a4fc615a389b7d67758732f2356924813539ba0248d47fe0a536d141210b4e01d3a3cd1a846933c45abf7441eba3de98bf42c217ba29eab4dd52bdb44bc8ba97c7cdf10106f0e5ed04df11835e1ed86290c2b4b79e5b9a3597dfce92a71958957ceed5bab67ca5b00eb19c0897ea081929a9fa4c45db9dceb70875cf9773cb5dc543885f62bede29135a5e637c078029b09b290347f1e39b6ce35c43294fbee0cf3d9359c25d2a55083eb7d3d13486e851b1b60e1f51ef7fc48d16fa427d7440aa890d300d7a2876ab371686
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 2ea803a4525d24849aeda1b0adb81676b32d99c42bcd0011932085424a0a8078
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 417dae0cef457b9e5e16dcc5b6f25607
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: 22e6c691ae1ba796667ceeaba4dcf85582e398e529d938da63c8221a58c2fbe242f6da82eae8c896dd31b45b3e8b72ff3dd7906130954f7b68d4c8729d3ff66ffad72104047209a56f1d6cdd927b57e8d08e
+TAG: 0325aa247e8c830cb0fbe906d495777fb41894e5721f07b1aadd8b0a2419dd28c973681d131ad8866e938ceb84e65762930d3961ec13c2ca461e927a8aa79cab8508709520b1dee01e81ab4c6f5ee93eb610d6185469d88b32f8acd04f6e8e138aab41456c9ecbe0ebc1d6f9edbcf8e4d543515f9cde2610b1a1454072d5d66b7948ababc0c99cf55e2ae3e9a1f0b141bdd8df4a1647f98becceb6229d190341072594cc3c2c61070c88b0513045aabd07d2261df9dfceee46c5f353dccd3c1b2fe4a2ebbaf8ab7b2939761aa86f88a19b84e611a957ba9fbae9009ab565279de6f972f82b42f324fbf7e9668b4f17415bfd796e4886566ee0febeb27397bf971795a7f49d8d302e13d7e8cc4b20fe89999665d03f83245b807fbdeb43cb
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: 6802d4c044d85fe270b3761ec10ae5cb4b912a565e00cafc8eab935935523126
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 7dae0cef457b9e5e16dcc5b6f25607f0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 4772e647d03817c0f9deb39ff4f4f27fb0fed33e0630eb453883c707336f0e74ef206e92e31fb2935a466105dbdfd42c180ef63cf5cdd3c281337895e399df6078c22762eba5d84b8845ea00bd88bf5e1439a8
+TAG: 294f0bd94a45371cd6205187e9f8357817072cbb1940abd8c54418f1835616f05a75c38117165c43c0bbeaee69f8e20875121564bc383cd435e1e2fe4a36a6db906918c606edd336dd2dd7617c19a3d701756682d46e04609bc2e983b557cab0c8e3facf110be1f18baf31a69d09ff01fb8f51842e38fe3c38e42990c1bf68838cba82a82c4d77d796a59ba70abad4e0d6bb2f989e52622328458d5809ecbec33764dc77df403cc574c9535512c10446147077f8f05aa63fbc0f73195692ae69fcacc30253054064241ea28263b52feaae58d0b07c990308809a86327ff6b031f010c05720779ba1332ac1f93ef398491a438f4f823e45a4f2c5420c91447815e88fcb5f80717141516d8a1974db7a21fba576d77f929f52c84af22ad6
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: d159516557052899ecffe8072d2cdb753939d812db2f8861e3ba7a837f0fe29e
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: ae0cef457b9e5e16dcc5b6f25607f00d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: 6dadacb58a7b88e2daba277f66e5757042c142115871c9813d1a72a79e5a71366801a757a5f9982e99c355fe7d742fe3f047b711dbe340bf2ffd00cea6dc6ed7a4a416c17138404854ab8a5420960d6021e2deb4
+TAG: aedd593c686dc75c7bee2e9e90c2ee010801d48e40d62b6d64cf8371d478a9319dc95d959937396c8e2a887865478cecb1d3e9dff34adb0aa0642ddb5b29693c2d9a3e78a7d71f60d6150f53dac8ec04b3832b7af35ae5244f5e49a97308d5dc1dad0254af32fa1848249e00d4dd547eaf98ec112db7d519c338d698e9633c64f47f9471843c2482e647878c5fc32b5bcc092f4580a39489d7ab61bd211fe4af348fcc18ed48389d670eb903313c79a5bd2bcc250f1ea5cf639e965c30c3b3aad31972c4cb451829d05448d5e12b76b03dd22ad2b7e906ed80d72bb13e6f60cbac269c605a47aa8b676fca372b7969fbb608c04b8d105b5e8323ab9b1e442248fd894e263d2cdad5e3a34fadeaf478c5512206980d0f4113c6bc3898
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: 8b4c76888085f1030618cca2b0ef708b79b68fbe879c266adab2211c35baebae
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 0cef457b9e5e16dcc5b6f25607f00d03
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: 4307f039e09bbc51fa0477941e321dec14e5f562d3a5ba25d71c3c8afa23f44e1ca619d130890b7476e5227442c27995cd292ed9d0a649773b752b3bc7abf171244624bc55784adc9282f1776789fdbcc5c043dadf
+TAG: 10d9216fcf6eb71ad30348d591c025c364715c73d46bdd26f04cece2b14ba8f5183b7250750c75017bccf9b394579be5fd2c83e77a30eb11c9b2fba8355390a3bc19c98d0cd5f65144701f3f08fadebc29150ce3ecaf4bff75e9db3043228d037861656c2c462668e25a2a6b9d1da7929a44dccbfe3758501ff0952c064508025ca73687ecc1a89f825eb09a762c1d7a63edbbded5ac0ed6baea7ed19677c8844a063254a9a0f464da61ea782ff5ce62462009c64d9ebe9597c467e1d2f5a2ff39c18eeac0ab03cd771dc0c75bb826167703855b96a9ea6acf8f5a1c95f59582a56addbbb8ddefa5c73405b212c8945a60920dd18e3dd4c3571003f227f1a1cab2b41b67d133d0d20708ff44598440f8c5b2f438a6c0c14113d075
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: c93f922285c3abf65fd70f22abd7ef859a392a9db0a979acbc99563829e3fd77
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: ef457b9e5e16dcc5b6f25607f00d033f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: ee9fa11a7d6f965e7d65d8f48810754770b9d237ba0111978b97e24f223817d0c6ce4dbde85c4e0979bea607a36c66f908c25384184fc334d8d985b78c2e9872d82c4cb1aad49d7dc21d6484b80f9192092da38282bb
+TAG: 4ba52b012bc5146d24c5cd7101ffc935c90fddb5c25d4939422b08a9f36afb92a71ed5cf86418748b8268e236cde7ea7bf8e757079d3b5e74044939d104f48d8df2cf17880f08f9eb7da709132fa7fe6bc1ca3cf9308625e15595a56ba4b2bd12eb3a4fcb06cac3a7f8d5e046e464d5eab6f502e5a9a7542938e95a8e6e0f4106b5b77f100c1b39db7de14e6f777a0cfd8bf205a6d70a76c1820b48bf8e2f1d473f82b71dd5440251473e5878ee858d60a60afe9b9f07f201d208d0e60660cf6ba2440cd0cb2ce4ca1ff0b6085a864fdc8a70fb760747208a72f9108c7d3234ccd69c1218be9d3d59351827500244d0e1eb39d08c82be77ed837d29b8650fda3abf8e8e922f754119433bb1c27769cf7e042c49a6e87f75de521
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: fecc2d68e7e0874de9d063a889b18ca83d3d5908aae064db20d723a8da1b3978
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 457b9e5e16dcc5b6f25607f00d033fb9
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: 1a95f47f7bdb2d91358f683b7bf803254d88b59e2d3c1d873a09794e1c18f1c924d480727599a1a6890bb664335e690e4e52c385b634bed45e08410448ffda3ea2593a02a11a03d994617b9f7ac85317689cff682990c7
+TAG: cf55f1531360cf0dba29ca8baeba795e3ae57ae1c8d233e5d771be0a7b5e483b1871057aeb254958d0353264bd6c61834295431d1e624f194559d3e476216b295f81ba3a7ce67edad2c998d4d5f2cb4ebf6a83d3d40bf36eb0cfe75652752a4f8aa295663fc4577270c2b49ccb411c0f6e3a2978d77df2bad8db2e7252472562a6622a0c21570beff15ab6d21df869bb7b1f351035b7462753c36bbb0ac6e3b750591cb02c7ecd9b03819fdc47ca0106ba37c21cfd5123479629b57839cfaa4ec72382ac3fd6f1a8f24809921cef7e0474a6372cd4beaf7481b554da8cab83dd4de5767c3c7d0194ce7117100c07161889b01f4deb05ab1fd9de79f7b634009c5e40f2ba9ae916ea70e622ae14c915efd902758953ed3c63f9
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: a182bceec087418714d31fdad208a5d5c578fa8917a754e0b0527364378afa81
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 7b9e5e16dcc5b6f25607f00d033fb95f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: 67466a0bda0815f726cd09d159e06088b2530b73775a8c18eab2d09ed7bd12b743b0a10345cb3126dc14d8f5c503b65a45467ef9b56ec7c5b24e5548e734d3f0fc90fd9c8019fc782882ea6e72f4df5f5f827d6e8c60c86a
+TAG: f6c2c4b7de380be8cbfcd90f06ba067ae2e3e23286dc1079ceee60c2cb7384c229639917d38d6d50c24224981c7ad657c0b4672b2e3e0cb75a2745801195902c4ecaf772ab99592ab86682aa2f0b46607f5e0422b159a8d06bbf243728d0711dd3e68277b9a6f29a66a6cee41dee43a7121ac2d8e9c0d02d2cfa397515fde2161e5484679200c7be71015f0f73b88724adcb6ba772997119a6e17446c9872df0b8b50c571d5ea5ad71a14e9f4a81ad6437c1eccff6a93d1385115f55b7131225b5b49550cf9dad67fe8c9992f8482de6380b64abd01357fe46f98fd28dd2a3dc11f43b9c2306b5dd6f6fa02ec5bf3d9d495f0ec432c9f527f55680d64916bdb2a4088a72985c1ec03f418ef2a49870e1d8f77da41c227ac8
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 81dd23016c18f838fcfdaa8afa9c52009af9d93092e250bde67ac11e8588a238
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 9e5e16dcc5b6f25607f00d033fb95fb0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: 34f8a83c831f374e77c5601317b658e47091d811285791eac2fc59fb06658c115dc875c80b1089a62fc7d072534617dc81dc3adffbbba4b9db2e7272eb0b8aea73eb9de6480c43190e239fc300377f1839a750fb5a915c63f4
+TAG: f201dd303f2be93385e189f963a1b038564f9648cc09ee82bebd9d471564156e14933ed0ceb36f768064a038f1c86e936d05bd32fe132c068f635a41f5e6c0c9c1bc579b9e218e5b1e0e95e2f95a05171a4670ce0028aa7aeb78229f6b3ddca48e35c5948443bfb0234b083fef65ccd11d3d8894918289dcf13586868c3cfb535dd9d4d79cdc391a59c8a7d5917e47202108fc8ab98f8be0cdacf80582843ddbbf7f158841bc02f01d402b5b8c004b33a1d20d85590d37ca0704e58c3071b0da1f64ecc52532e76736cef4967641ede072cdd0b61a02b5078c310a7091beb07c1184ff74a65db5e71f42fd9ff622040c331687f72f6daa6f7752e21d0d844d4f646202eb18677308ad8747823c524d516398531c356f3b
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 20f01a20150588ee1067e30a2ab84904a34ac56cb9e327756a700b1af24c6200
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 5e16dcc5b6f25607f00d033fb95fb09e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: 2ec0aab31fbb036bd2af5ce39025ee2d5591fd525a199f2233384f52a8746f4fb547843c92d1e4c9fa92bc268174d4a59134142f14e8e1e277f1f1844c64f76dcd20f3b73dfec8e9fc59a639616fe4076fabc5d3fc116a8db5b2
+TAG: 58aa84e06a34424ee932af39466c3309363d93e3af6a37473f54788f7c1564549660ff8e96cbd74ea459c318d52566475062f7b6ef434a4bff703f831c4c5ef574d7cbfab0eb130bff93f7b7121f3bbfd56574f6bb89fc227257ced565ad4d73ae3c72b25f36be22ef5bd0cb5750cb23c52743bcc1306d63acb3f7ef73117a352a95418e8fc12696e99ca1f44c055c227eaf0a116c0847d49a32d1ea611e88f6d2500dc0d2c4cfc84978a31c43f30e2d5028602d7cfa4a48efe16b18d46f078502c5976a63ae91a63266bd068175bf842646264da36df63c134df8171f160fcaa144b78fdb81534ef248ed1c7bc234d045aee646aa6eac6d770f4487e1bb4bfe9e103bf83b1f8fb3a12bd56ecf0c8eb1c5a0d0f35cd7
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 83a45f4fafff7e1ec40a34e75a49a431478bbe8c9234da4c1b3129aeaf453d5a
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 16dcc5b6f25607f00d033fb95fb09e4d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: 90712d5e3edeed5000c62ce80212d41773a393792a3a8fc62a1cfbff38b3555aadd88f0e36f93c8a12897d7779972b3e42978cdf85da7a3ba2e4b261f0a0cf4e1edaf259849e87133a9c057e5d3e693a420b7861b96e3f10b34f7b
+TAG: ea3b1f0a196af1f2df325a7a1f4fe1799ff35df267da4a912cf0cac8ad6472428fd08ecf4356cacd67de7eaa0e92498afa1f8d01c9230d6dff346752970758ab979e62d3012356e83924e2f9cff28e485cb96c5d87c1882ab472a4dc6dbd79b68ec3e64990a389e864a4a2fe9e8fb4fc66ea5b1f07893864e1d6c38e73fa60ed109bf75d6b96d8512574e0afa2f6114d1acffcfa23433eacc0f021e05b6c4eb3148836449c72485e69635243a8aeae09fea475b361271acc9dba14ab957ecbb4b0a03edc3460d63eae1aaef92341456b395011321fcb7a85be0fdb812259397f8b52ff8653aa27040c17ea4fad7c6f6c9c941d1c83ae08d52c1719bd2c66fcb79c0179e3c1827785cc7880607de862e8c2bc8b4ddf
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: ec9b1b48a2e7600c92e69277c9e55d1cf7a9135ec73cb736fd26718c5531fb7b
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: dcc5b6f25607f00d033fb95fb09e4d00
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: ea1b542c224788ae66ded1b3ed9f9e35708252a1cd1d4725b0a187b669c51d282776471be5a07f256faa9ff16fa4248c629a4bcd31a9dfb7f260d9b1cb62dbae424624fd816bd81f781b93ca9dab437bee7e80bb7baeac902deeecff
+TAG: 650eb292cbefb80b7401e38e9803fd2b8dbb13ff21f0f0986eb42280ddf019458c06aca80c4784da1930a92427f96531e97f89e62ee5b945f07a8c7fd2b1dc6710f0a97096036d22493c2ea2592fea8e4b2cc93111959d33838e4919068385645f898736a0bcb391a30124694d7421f6cfe486047a95f55546c80a75fb7473ecb4a751db0c1dfab931081167e80a5116977c296d0b9e818dcd72d3404546589038d51f08ae71db0721c64e9ce9449aaec77fd362c41b6b9822c91f267e3cf0ceebffcfd55c7e16abca6ece0de8fd0b58919359aea7062af61e48a6185bb186db113a39be60fbf00d7f3664d3cc64e9f9eed70e01240e4d7f51587b846787c82723195a307c6144b3a1db94a10743df47c86386a7
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 7b0d19af32e867b61fe57398a3ed863a56666fbb67100e6a5ff01971ab693fc8
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: c5b6f25607f00d033fb95fb09e4d00d6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: b1025c9eb02f72e5526ef641778aebe786c2f85961997f1eaa090a33caae3a9df34da7088352a2df7a61eaaa026dadbcd604f5baa3a0de4fcbb3812816408d61384984141d9c78f47e725e99cea9d52fc16797a3ee4dcd80b6e5ac836c
+TAG: b1a3af10a3a38373bb7043194d9f0acc257f231ae324faa30c0457ed219deef787c85dce075c04e448ad2039d84718b9dbe23965df0b253986123e8f4427b833ef7679b4c6951d555c98ac8e151c3bcac077b8ffab30b8e6623809c39b7ffbf6c247f8be4993e91841a204b9af2ed9104749d573b01259646e8711d9a8b0959d4e9ba5ced78ccaf37a83035a096dbdca802070baf44c9d97b009c9c6eeefae4f1348ffe11bd512070636627d0defccb8dd737d6aac08116654cad9b36d3f183b3392a020d25f8e03142302415d3d0575ae203caa7581c754c36343bfbc37627320e9e7c0e66cf277e738346bff15b8277c5675827a25e0ee68482849df97d135df15e544159ded6d7eba4fe11c74f01051bd9f
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: e3b7a347d9bdc63bb1c689eb823076d5ab24c3f502c328f70d71a1b3f00111d2
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: b6f25607f00d033fb95fb09e4d00d617
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 10623f3b3c8888a31cbf51eae0989eb3caad5f5b786c13b41c04e0b6cb2641f850df4ebea610a4d521557c8f987ded40e9702503fc4ae62d1830a0f04d168888062f5b147e858a134a4022bf2790d81a20976e2b98e407e7cb7ee4355bc5
+TAG: d1ffa2b9b4db22b1de1eb8d9926e651ce34a85560c2e75605d9448c508e3030ce78f3a5973bd87d99be66603310d19d4e4a94a2cfc4ca9fd480dbf4315a814702d507d8699ed17e89dfa8c3b7c0491e4c22d63daf87bdf3e1ea54b759e2969ef392a659d9a8237bf4545b78d268cced5d4c6ee177ae96f77e555b27cfd6ccac215aef995c383e84419293d32401aa7d98634e99fd5124334aeb505f1b389d6b80b78eb57fd85f8c020c17789696078178dbc1e328ce213a623b6650a4d914037e4bec86ec6e1cf12881b4c71a204058970a1e607846421b8ca0fb346c19ea40a2b6be17fc0cdaff9d3c30868889b4e8664f2b586620ea74960c04e5dc3f9304dd78e8cd2fdc5c10d5b9cb640ff911e4ab323
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: 9ee27167f084f493a4e6e5b80c1cd07babdac057ed98dc28cea1f107ebc68787
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: f25607f00d033fb95fb09e4d00d6172e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: 60d4a0ba2caff08ac046349b511017a7c5f5537eff0bda94bf838d50c14d59426424e4a8f531103773aa0eb9d242a9e6f2ba5002ef04aef8144c8a88f05788fa5fa1ab1cb5cad84da0d31b280ff8a55cbd75f2327f726d6dcbcebbbf490012
+TAG: 26ce951279729891effbc740a3e38a8eec1d8fd4bfcce6180a117931b1f3ac5a423772156307853624240be289aa9bd4868d9c8b3b93d332a2bdb679bd14eb8f91034468fb1771d679321b067ff9dedb04cafae3cf43c046350c23b97bc3791821d3b4fe50a5ca66057432994e75d53365fbabef04a3b6c4af9f2429dc478145c6e67f3dc1990d0c21fc5d816b25ffe4be41a7b465d8485b2e4c22d597a1419b021714faec3c2d2ce1546b73145a2bfe44ce6a4d6ff162c6904977388cb01e8495aa05a448a157cb986b59d74e3abaac98c024d4658ad842e9e10195b69a244aa42cdc5c073f08313cc9b2036f830a1aed7e70117c91a8fabbabc556d9fe8aed1ea047a83963f985c1914d524e058ef04a
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: f6b15333af80c49e8ea591c2272618074822d453d85ed3a96c29f249873acfc1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 5607f00d033fb95fb09e4d00d6172e78
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: e59fdb3d1413cd6a1098b5daf1662c698076996e2581e11a286e5acd6f29d41ff9d04da8308ce7f5defc52be0b4d1ee96d8e5f4eddbdd5fa9894e7d1b0a1bed483b7e7549e1c10cf5b8ebd1e7f1177972ff061cdecdad8d97bb0308b19bbc2c8
+TAG: 511574a8be372a8f1f9d856e674d266dffbee195e3f7e710f3ea76bc1c83e449fea70886b5cf0917543e45f8cc968502e873e362f1bb376a529cd4301b8e5427342869118fc7d2346aa78a4b3071024c5ae51a73af441ed02bbba31d0c106b720da7d9dd3cb9902048bdfe1e7ab6df1c2cbc78bec0c37333abc14b0725fca3278d54cd188140e35afbc743eaff515db5b740f97ce8062a20ac53b2a5cf527999529726f79cbf4220e0fcfe51863c2251f23a2a139182250e1ba6a9e889d998cc429dc503d5c3c4604346e2ca0adca12699b4ee8f0694609c3816ad161612c9710f6333e5c48e3c07f5a644714554869417dc31dbb5ddbc2de6518b683e6a7bc9355c0332ae155be0b126234b7c7a53c1852e7bcbedcd86e8bca69986dc5512f3
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 02dd1eae128cbeb47dbbbf90e2f5cd63293bb0091815c93bc1153d46f176374f
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 07f00d033fb95fb09e4d00d6172e780a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: 9764272fe16e12bb42a8f2a6620e44d4f202c21d51692e2948e2f4e4a18acf58a12d399310f15e78bac1f5f2a48416e5f4262ab9a8480d9f1429e5e9d15d81df0719f8db8d7ac08da696048e8a048255071ba8926be1dfbbcf53e7430862f64c04
+TAG: 3859f6154fee0d5bb25811575cf137d0005e997ceaaf7def4d374e778bb2cc0b956159543f797667c24c28a2a0bbc352356054e532c663947e8a0b6e949ed9c93fc2897682142c43a60f8927bf2d37cb25c4faf709066465cb2df7765d97d7ceca95391b28e37dfa87e66d8e9dc1715524d22ac9cf618b2427e3099e2574990760c7f729c7859399965abd3cf7dba2c0ad3962bac36b443d318babd6107a11285c79bd897d5145ae0cf3f6aefa7f36e5d28f386c9ed1606d6e61808e79417a38d9a79b03e42c3fa9de1adda9d592a1c1314721c9d24b73d437a94a03668fb9fe43c15d48c0096254a95194928a78843b03d341df7d547d60dc1c93472c31c521f6433595231dbf6cadd58ecfb51df0245b4ffb4c022a86ae2ad502d851eaea
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: 137fc408ae1b3684a802229d78368f9fc2202311cd6f5da091b2eb998ceb048e
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: f00d033fb95fb09e4d00d6172e780ab8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: 9b6a8359acfc5d15067e2e6d812727d768f44b3edf4272f57fb54db41d95153fb03d7a7b3371e91c4be80326f4d70a8f2ac1e867ad3772901c513895e694214d6c0fa1f431aeb016ccc93faacb4950082f0cf00d3a5879c9a4f3fdb281e911b4e46d
+TAG: 60872631a4f0e7e07e7ababf7c02aec42c1696e836bb12ee942e3cc5833f3b48366bc15e90cbedb280b01aad3239bdfd49faddc5d1b580995e53b6ed934a57252f498c199149307d63d0785de5cdd501c864cce15cb7b04b0187ef35b3495a164121f6c6773052990733f62842a6a011586182487394bc36abeed63663d0acd8a9c5b3dfd9ad1e944d179723800c1a04566b804b38b4e2dfe81d04d1f4ccc262a65033d83cf299e8e39184576c60c410285ffb46930812f6d4fa4e2f5043d3eee385dd473277300d1feb6e29f81f051f5fb6c28de99bb8445f2a389aa71c1fbeb3d91aa66596fcfd46b3ca0e74c71694a5eb7da4b5abc8cb115a1bc65b8faeee4e96392a9bf2a15914405cf563e35428b69b15afbc9878b47f803b8b479a
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: ac9d4fe33627d4e9868c57a42aab21659ccc7efe18df8b57819b7d25e665454c
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 0d033fb95fb09e4d00d6172e780ab8b7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: 5818d2a656fce95d7a24bcb216f4d6b91d45d58d6ca2df5c9d6412d917951a9f61ff07fcb6b078fad69862aace436194f86f309373452e813c461fdb36a95f575fdf0f784ffa0914f0c0ee0c57ed1e604ca7a7a4b3d20c272b3b7f2e65b18c1a3fd191
+TAG: 93435a8da7fbb8fc3baae118d82bea0df990cf1018ca14993d2ab594117bdf1a6b9ee715af7d64353d1afe398734f5d88d97fc9cec550e6bda06c31ef12f21ba6e891cf9c24accb264a771570f3773129a5fa2d78e5a4a1299bf7eb6e0fc4fcc9d4ea7f4bef1ff089cbb840a04e4fd81775a72278cfdb757c2b041c190a830206a45ab4b5e261bd65bb206f60c7290b6c15c3f04b5fb0bdc64f775d7b88ad77617da94228b649ad948eb84915970fce864f776541d740fb6491843e27088de5e7ad51b9e80c4f55760ca996631be10cd005146356b7754ec34b62a2e19ff2ccd8e4526664f4bbb6c84ae5595515a5c8ed312a63b983d241eee86511736edee964c12d8f5b2eb775fecbcca740c7c3b2024fd5a6652990b5e1a3f3cd7ab
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: e59c699ea2887f6c829b7a0e895c45710aef6911fa3c930de3da61fc988e955b
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d
+NONCE: 033fb95fb09e4d00d6172e780ab8b700
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: ad0dff8adc54b5f02f428915bfa9f7277e4743e72e1789dcf552b91cda03bf52c757a9cca0655550c944fd264d287bc97d15dab3b986ed34637f45ffc1eb71b764cf5d5c1444033975829f1e59cb65ce40d787adc630e1f3155b2dc32733a754360ec1e1
+TAG: 6a74ea2b3f209b6f81b27fc58b28585c7b378a9b11b346aa0f155a495e1bca762cc9c73a00796ef7fb398aa1229119d7cbba739c3daffb0f460c0c6bbfe4c6e99164d0b88d262a1ac5c050533db32f61c2e06da092e1e019e1e01dd79a92b9433b2938f89917846f7b04bfd7ee42bdab140e1854db8312f28af64c979360d89b1583896c0c592508106adee7144867c8300d36ddd7bb87482a990141cc0a793dd2e490305feb1b1c7eb9cd3e76bf7b8c767cf17a614d9c816abc8b6c8ddcab95f1dc0f78404704d77403a97f4547742c33bbadd1944e34b20f2e3293418cfd8faf2ac19f0800f6aef3ec0babe1d2a5b721bf3da4c23d80f74c0e157689320d8c1b517f3dc9619874e8b3ecafdad75250e631cff0d5be6e553120cec5
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: b0ffb7b78f23593d738e845daeb3ed175ee48ed5ed2d827565030b047dd0ed17
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d03
+NONCE: 3fb95fb09e4d00d6172e780ab8b70043
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: 8a1448acbd769e42bfdf00ddd801153db3202daf5ba7997890f5f42a183d3a66faf66d899c7099fa99bbcf5b62b6adcb6ee87fafdd0275a8f625f3f959b0ea9acca88070aa9c61141787435cd60f63e262a80b6aaf931ba554ade7e0fb46b03a06a57db627
+TAG: 3fd3782dfec59549a1f357785c8056274d24d4a9fe64a7fd66f48dc76f831901ae3b39825c1bf24b1990cdb264db072005f5c55c5543a65467ced4291297af0607420f4254947fcc514ed2512e0c678e4d51721b5d6c3536a3f7b57327440c94cd24ad71cdd2d7209a24a8e9402c7c07de667d72854b232f6ab97a44b736322fc9512ae432f5e55d4d1176b985ea0e6204ab2b9f94cdd63db5b0e3e0e7b79f2c1687a055e9345813c718da09a233ab50e054812aca10cf18de8023fd6f28d029b4f38a5c3122e539748c60b12075c0faee5209b346055dc8c5ccca9093fcf4d87a7a9917a34e39fbea94a8f8456c6ec2a1b4a733b562563c79f4bf944068188e099ccffd60c75b87ddf211d55e182f8821b5918654afea2fb66090
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: e8928848fef7e0556377fbf3ed36b4105f334fa17bd5c5fbe2117ef82051903f
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033f
+NONCE: b95fb09e4d00d6172e780ab8b700433a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: 0fca069ff1b260179dd5ff1124e557e97a4cc41e069d124cded05275d37913efa220e1ed4768bd04d8e65797040856b686cfcd5b772278bcf5fa64cd8183ba8b7724359804d609b31fc31514a4ed43d84de929d99e63f12306bb497e8ee776485dc822c1ea53
+TAG: 447babe3275b7d8f53437e527fecbb6106e50e8831b2f5df5ee8067d4e3e3f9b320ca4b72a7ed1785a94f24d4c92916fd6ca8fb1f4322abe0152b377a5161ac5c3d2c0bb5912378184c1b19582d979d6ab88681eebef4ce6836137f03195b0b19e3d632009ed05cde65f6996686820632ef4c0845d282b504974ca5eb3232ad95fdbfff4229b8385184fc87d7190d17f68c274f4aeb3d07745f52d4a92a02c776a0b256546104a827cf92047138e641ad188e65649ea1c4bec3c61411d5f931831bd5b5ac45982baacece549255d1c102c80dcca28878b789cf76146ec44f68d8fecc7e5c4b7780ffd5b93bddd40185f63977299381833957757f837a297c207d93d84ca9c0776b1dd87c952bee715acfb350c3f435700caf824
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: cfc1420c24eff01a9e6acebe2a96090e25738c3e1c14da2c6f36f9e20a857165
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb9
+NONCE: 5fb09e4d00d6172e780ab8b700433a95
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: 8cacbae377d038fe27b37fdb253f3b136aa38660743dc6b4778ab16940a9710c8f08970164316e26c3b603140f2f43f62a88d021426b841baec29fb11a3d8735d0b8c14d133a825e1044be5523932ebd65b34433c083c2d77af313a240b1eeb59a73a2b7e05a56
+TAG: a497c1ca95443d00804466d23f2e960a3ca86bc9688581f6f78734a7f90376fbd81d074b5618b6e4e19b091549f91d7acc16147d9ee30a7e51d528d8aac4f3f49d0afc542d2c652727fe8ead274c3178a83795aedcb8019a4fb9726c3f53718338bd279368e6bafbb4ff9bc5ff57662f16bfd03875770ca633f66c6def6cdff3070ea34e77ca487d68b4a5443e1ed81a80dd0a58c1c7f1313f6dd976c9fca2d378e894ccfc233eb99c0dfba33d95a3c29742038067089ed97c737e3137f28b06847e4147b0c2eb01320feba305c39f3d55747a74d76fb300c11bab7d216729be4f2b1a3a4afce0b3d2475ac26a2ea086a1b681cf1b6444239bd991aee39cb5e45fad5395ab17ad95c37f590dd49d8dfe19768aa86ef271fb81
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: bdb122b808f40da0ae98fe9ace91fef7f2b39bc734f4f735f7cbccb2c00e4666
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95f
+NONCE: b09e4d00d6172e780ab8b700433a957a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: 06b44584c9ddd267bf03aa311730fd0c4d3461678d94b4a794eb3e90b9cf3113ecf0ce0da8789d59bec50a1fd1e08ceea4cf9e00b2e0423706c126af7a3031df6cd82a7bcef877b413662e731b5a74ebf68f781eeeb79cf760cebda2c5070dfbb7c6d1ae6fa2a177
+TAG: c897a50e7bb28f06a5d1848ef4ad3688639503d7a832199155e61da6784097c06d178711af2bf868096d23772256707fd05d4c43963f885e5037dff18172b0a89fd04392ef01504ac2a664b6a74c120ed6e50e1309ae47171b6eb9912e85e3f812cecd79b55d2ad7759043c5995acdbac92b0090c9503508febbfa8116cfcbff92a80618cfb0223819548b04acca6da9dbd690da34368faa4cc9058c177f16fdacef52183ccabc3139509620243baedc601758240f26fe58b1632cb21440d905cd3f6ce3c17efc82e2e167132100dc18eb4c92b62810aa8651288c0ab882815b18f75175d61ef47393913f125e37b9126d5d8dcbdfa6221a28683f6c4aa7628ee28d95e0a3815ef3e601ed44bea3be0bee95a0ca5fd15f28
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: a1c40dc7a17b3ef6c9170eeaa9500014ef9ada833615b6d40af3fb2e14d7ddb7
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb0
+NONCE: 9e4d00d6172e780ab8b700433a957a74
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: 85da88e13f3ca14fc4440ffca7bc837818daf1dc52a4c505583edd070c7cbcdb4642d8ee1ca687037b08e1737a2f49039621823222f9f02deef2c340289af5184a86af8429747ef2f7d98d6aec2af060fc8e6895c2182bd1c479fc6a2e7ecc03eb4b03204db79e18b5
+TAG: bfb333acf9be1bb3abd081f67f54bb1a198e007b1152a081c13cd0279770cd9314999ae438b54d9b5e516ac648fc0c83f3788a4a4f396a4a65517bf8499e74528ec72fc640f26dba748606e16f566017ccb911caa94a814235c1f08c080934dcaace98ec6220ddf784c2c281776bf1aa758608466561cb62867a1d165f3d46de65d7d3a8bbb36e3ba645b5049ec1760e80d114374a0a6c1628c99f5352cfcf397df3dbdab10a44379ad1ef93727191d076bbaf70de831e14721162e8173531efe43a2a739bc3c76359bbead3d5032006efff46ac2c7fcd48a8071c3211496a61f2a6de0d690de8338c628fb0e3983bfef09738c1bc2bbd6dd9c51613d15fe0c85c02f2f9560809894974ff005b083d5abdc56f5106ef04
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 677f053b9f421414ba91c060ec7ed66d27982e992da0372e5264898c9edd2bab
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e
+NONCE: 4d00d6172e780ab8b700433a957a741c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: 10ee64784345c076e3f9aaeacc87cd51d6ee0b0facc9f40b4e6a1b4bec669ac3c5252c948b0c0a4d8e798248e6b10ee247e51c81793c2be91aa8c9666e0d8774439ea159e4745014bdd2e9f379ba461a7e638cab9ba2aba1498397044edd3f2759dfa56f488a0118e6c5
+TAG: 3db7a5fdcdc460c6454407a23ea3d0a8b10439d34f66016049a07d33d7598f5debab758abfd5140243a129c0de5dcd36172bcff878216959047099c4675effc9f8faec3c5749afef3624adaf4aaeac2bf6b8c39119d10689de6b734e8fde8461da3f3e71030ac2dc83c662b646169cd492f7fc426088025f5812b73ce182fa9bd7f024c056a7ba3778b5b369c2ef437c9cfc8b25e9ee868ff17d64a814a8cbaacf9079ad75dc055bd3afc491331bfffb8a61c058012879be54680e44d01cef9a35c796dfa3cc450a6f69d239d1b4609917abec22d969b7e3da0a400f359b93c78ca4134effbef8c3fc63e94264aa67b4e98548d14c5cb3817f59de84dd54d8120b317f07a96115fb0d75ac600491ef781475e2adb6ee
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: 9c1c2b1853244d015dde7f4068220d7640501b1aca325b82c1be8c015b61e59d
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d
+NONCE: 00d6172e780ab8b700433a957a741c9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: b90220b919dd02b216aa2eb7863372a645b09df88645dcaf138fb73d8896e39aac5a1c2f0535385e15cb850a6febd5d6ea9f3fb573944cdd5b30cb80aff6b73a173ffd7c85673248fab94e3b9544930cff59f52515dcc8ba39b6f51dfd0487bc9f8eb23b031c3f6d70b763
+TAG: c9d421b4b147c4392238c3c6e3bb6421e47773160722749bb244efc4a9ffe3a55b2952aafce9bf5e46d29f9d916c582e9ab426f60258bcd75c96fb4493fe0923356d7647382e103ea4ef363ca1a063ac89ec2e1ed9c45e84aa8d4e279af1bf40ecc0e5aa8a4af86b7e7390ec15852515e28bd8ee956709bd90172d8d03624c5a81dcfce21b573e1063d416ed59afb316a4a7fd1d22dfab206473567ac0b94aab64b2c201b84f8e89a575c5d1510cde801dc4a24b7537e062d1caf08f6008f2f14424edf16bfbe3960a857a2784ea033fad0ecedc84a917405458dccb12a107fc7f603565eeacc7573571d05483ea8dda7519bf10903b9ef9feef4ac6682956b193e2201dea4150b5aeb6c122cf4e0a854673736837
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: 6bfc1f2aeae329867e5d7f268979743cf267d0dd73b7882abc0240ea586b21fd
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00
+NONCE: d6172e780ab8b700433a957a741c9eb8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: 9807d89925c67a45c8ba18cfdb817f5bbc21e58c10f7dc8c15b70acd97e8b97e0393d5948d51a65f6f092590b38c845164e6d2b49288bd0f73c4f4b551b362470638f51422dcfdaaff5e8aaf80ff715f3f597fb9385ca18355b8e98d1de17a302b81470c8e64a2443883cb88
+TAG: b90eda5e4260d45f777533784bb41a3f580fecdd1c088958d001c2a34b3f19ff6edb5176fc369816ce5a3dc30bebcf6c727a64acad6e390588789aee7ec9371fa86589d89306ecd74b90ff8811b6c79a9319bda6fac4317e10a756044e97b68c47a63af7b20984d58d9e982ba135b620eea8b84fa0e4837f935e847a85b81167766f9bcba496f54d47652076e48c96aa2c723f52f1efe6b8188bec0c53c71c4a27a39a25d13b7fc94f44babaca1676d8140509f65983911a2aa09547b5db116d77c734ba30e766101b5efea44b1b425b6af818c1583c5e3d24d517b4693d819a1eb7f85c890b1cc560722faa2170ca6f7d426ead202e9c3186864bb4fd21db770a972bade06e4968caf0f06348dd00608d074646
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: c1702d4f70a18932e2f4d3951603ed904588a990123e0a02d29d7259afeedf69
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6
+NONCE: 172e780ab8b700433a957a741c9eb80f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: 8d69a3691570f0d175aad5fb77a0e9abd3f882b10355a08f0160c113096acfecdbc4ac32f037d16c2c4dda4bd3325c8690bade6bf39b14435cc11ff575a3d7e9f7b09b5b40f9645d9a5dfb44f42304d82298cdd866e957d4ab64374ffb86879ada9fc8d6a17a7ff1b06cf33529
+TAG: 1355e78bcb4dab39264351b32e7007598508d90f012029967337855deed8787fb8907de3958efefe76d5373c1834d53e506d18ed9a60578955c019a04fbbbb9ef011e6c284734f28e4d228f5901c163145257073d12dcbbad11055192c4d4781e7385f892e4d712e5e265e846d19712159bbd7c7bbee86f2a5201569018c7a4bee87a9f12e78472183f748f72c53046529394b5793598ca555d00efe86f582c6baea187cd47216cb02c6452429dc70f0926dbff7d6cfc830134da8073f2a4fe97ea612cbfaff430d64f7e111291c6abc02f6443230b492c7acc794c22376be011b1a71b9665657632e1354f49faa097e381a3fff3b1c355aff053dc7c2fdbdfd8279b300b1e06d6f6cb6170429f25090c78ac1
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: 09ec84331099e1d602d0998d99c199a6037255a5a4d96bb3af54cfba357bbbf1
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d617
+NONCE: 2e780ab8b700433a957a741c9eb80f2b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: 26d675c591f287b26eb35f87231624e454c4aca1f25491b74a252e971c48ca523b353b4f6c0106c1b3b40182eddbaf7ba47263790c3b22d23b09458d48868bb18b2fb01bdfa965f7c1b211fe02f9b78959b71e872ee05ff3baf548a85797270f456c24459e019d00f06b8a73aaf1
+TAG: 11cb33f42c68fed775b06e02f9dcb709d62614f7f3b74d8b6c429b10d0f3763d2036a18e502fcf000e9f831d01588656c5be6298f8d6b757818edde84acbcedd0608a6a36c1d827f750d7a4ef5f6df6193a620ea2f101d2b9aac4ce02a4bdde76d195cc3641bf1c0a3242e95ce5fe82c653696cb753e0cbc22bed985a860615b036ddb30a4c8c0f0ec22cb94ce3b792c9126d283eccc7d42a92c57ac389eef5020b1c1f0ca880137d21fbbe99ff07ce2317bf608ea29df9ee4179fd84dec1f9285a1e601186af282030a68a4477b59c9153d8a91c08d6e94c0746d641f9b108cec371c32d9c6068fb3f05131089787a0cc113c32403cb196dc4f98bda7460403a7f6ab6d8162ac4679b531dc266297c7a132
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: 7d506a5c0299a82f5f93dd69526156e0de9aa5cf94f9fcaa12064ef920a1c5b6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e
+NONCE: 780ab8b700433a957a741c9eb80f2b02
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: 9c61bfbbd3e8395be166b30a56b3e192748ba3bbbdc334dc3720206ac10c90dd777aa4957695bddaea0b7e554951c94f2f74a2bb7547ac20a7e357fe249614204401144fef61394c140553d5566c18ded15e0fa50fd5836cb725d277fa46210e57fe3c24d3641fef78c33a009fcfe0
+TAG: e39c89ecfffe2aab2a48fbd01a8b58895abf2bd66029bd5ce1b539c46e5878cca37f1c8031c8a820cf0e2500aa2a2c65a4974bc260c949d91180d660d21c918415c5cad09f1c5561bfb21f9f765c5c7f60e2c4352c0d90cf1266fca704562d003132e3b1690ae9bd9ba969c469f8d43c821f92e3a622f25d03967127a9ac4c3b2a62956216d525216ab6082fac62c80eeb993eeea3f966952065cd2b1ad1e9bbf4d27d07a377d363d1955ff2e8bad69db97c1fe49e1dcf405b73eedffb9c5992015b56073530d68503aae7b6b4ed8df988253429e900ad63f7e925e415174b24f724c9df43e95ff5b96a365beeecf08fded61eb6c2219bf4102351111231ec0c4fdbae472892eca04c91646521bd2ada50
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 5e9c0270955ffa14e3383a79a1cfef00baec4e8be496c867cc14dbcaf609b61a
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e78
+NONCE: 0ab8b700433a957a741c9eb80f2b021b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: 174bb28ef8ee033bf0f39cf6a5d3c2157ec773078860232827fdb1c875e9622e198a00a50fcc03b2cbf1e4a747efcdecda8b612ec3ebac650a7401b4b204185e4b42306d544e3f6512b87bf36b5f55ec0bb4da01c36aad92a16865cb852e1a5d1a86d3d57e6336d4376e8988f00162de
+TAG: 0e7f9138058d2a9141ce79d896edb6f752349a730e9b9de2edbe431d9e3cca2b617e3611e84edf9c87917806ec955ee0bacc7474224d8bb364164127bbdb1b1560130ff08004ccafab3af0902d937dab57a572f08179771b00b214ad684b9b939d959b9b1e980c5164cbc56a4432c9837b154d2ca86b0c7882cf1c631602e8054bb07665230f10259ea41f812454eb01ae06f5f923a01764f29fb130e93ac4156317659d07e5fdade989a8e1d86dbc7033c7898d34932d6165e12ee01110aa86031812df4d79e6abd101709c42aed2b8eb722507f0d282469e6bb1db4dcd23ae4c9fdc96fa8c3382150a4798cfa9900f4a515d858f82ce1471723b4a289904143e34b892f4c8d761de9c0c0ed11f276ba964a734f60a1cf0a5415a0318473d2c
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: 57739c0c5b8e1f0255bb93eb53822ce8688a4078d971c0a51e757a0269760bde
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780a
+NONCE: b8b700433a957a741c9eb80f2b021b14
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: 9b01cfa97c72b5ae8befd0d357283a52f6b8c5d9292d28f61373334280f815d6b69f878936738cebaf6fc84d20baf51868eb4d2ae08d64e724beea1887a76316acc955a00b5d1230fb120bf7d51f74fdc5f332521c59406bbd3161987c6ec49ad946a6a51755796de19830631daf69c7d9
+TAG: 37cbf6f77fc5e964017bfc5582ba07d6b111668bd2db6aa7273b6cb35e6c440397401307fb7f979b6cb39cffdc26c3ef3ca83a11c0fcad66423677bc0c459c4448d87130c23e949561dfbc097b947832104e38dca519416e9ab9d98922188eb9fafb20a771f05e0713a56e47dfe1fab667c2bdc23c6287ef14c9ca985082ebf601bd18128702c54b5fe221040306a40314c9be88b86fce8887e465e9d2e062a5236bfe6ca2914a9f0aa5c43a88a7353761e10516c27dea9cd619a69b05e6287c0e8e28e2f5572c1a48884e9f8a890e11f4bae1be67beea5efd34cd69ca5e17ab7eee5ee4bc3af28a6e49bb47a0bf4a9a967bdf14054e54e9e8788e3ecaf5c4e8d5ee3e3844e560f5056503788810ba1aa91f51d47fea9ba1b276d83b0ad78c
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 0ec4072fc3c850d4ee958a0af170d5aabd223b024c617df36f4ad245d0304c0a
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8
+NONCE: b700433a957a741c9eb80f2b021b1444
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: 0b0133ac614de667eafb516e1fb33b016a8b49e558f335eed239d50ddd13a4152f1570269615a243502fe1c6db0667a2de7975120ef65186f5af83821598ff45494e943acae24a6095ad46a498971f7b185d7784d451b1260ea478c03babf0e582a8a777cec20905821267eb85aec1a2ff29
+TAG: e275096ae20d00bc4a15e380c877226c0b2ca24ffe959b13bac702c8eb499c2668abac60eb58c7a87c3f8d6af3e659784b87ab549ea4a1b069dfd5307a46aca1617019e262967c9e92affb78af2dbf7e8734a736263def3b210e3cc1cbafe1f652d427aca9220fecd8cbd5be52c711bf5a8cc9434ac1ff4b9c54965e477af9366830dac8b6573f969d21d989ba454b3a1439ba7186e4793473df702bcb9f191de383cc4447c07204d680649712502d1122b4fa4c7f980c453dd3b7478695a8cc555db1f8c7cdf1e41c9ad40a67c35f753a0318127e9be4225e957d3b34c625f5e5bd475d0d8dbb9bdd8c22336b5a70509ee2383e4142eba73748e1d9cbc1d361ba8e27e2cc33bbf6f455b876813aeea97ccc8c2d51ba96f3fb2c6b77fc4d
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 640ba3888e6cc260a6022fb69dbe5c5267dc8604aa92216e11888394fe59d292
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b7
+NONCE: 00433a957a741c9eb80f2b021b144476
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: 8d5b92c78a48ca6049da6a036735ca23b99f9c3cfb97122312e5bf0279d094cfca0b976e24f6b65d81f85eff669da35486809cbfdfd1fd615a5347947156148e6b71a11f7bec611e7c29e19f6f62f94bd7f8b89e54b6945dcc1a7e380e51456a31f1d511bb92443deab5987c3bba2663e44640
+TAG: 7acf0a75baf749f03853423ce40ae4561a255e37361b6c1d7112ece841573d869f21625490196ee94935af6cc3cf789cae11eb8d4e4919796eb984510bace170f192626127324a5defe85e0a226c8376f952528151bc78f33d093453fda77dfda1e6364cbcce001c22b3018689cdf769580642616eaeebd22345191c0c30b6e7a07a83d333aed065b0fab2c9c40e2cc08537afbf8682d434f5f9538292d7094519bfad7842b0c708af475b43770067b5b86a9178ab148e5d8c0815cf4403f6336d66079763f4923b12a53ec020967df5f1a416bcbe2f851af26f7eb79a26946fed4fb3586f6f5219e1a995a5e11ea22dcd9b78867c373d04d17241f19cf705df9cf57bd58e38952d8dc30d262948dfbf00f8b4b4ff9f7d7dd3f5fde29f
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 7c10e4553a91588e2c39060e9b438736721926cb7bf53858293ad763e9b70fe2
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700
+NONCE: 433a957a741c9eb80f2b021b1444769d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: 997bd62c118718ee23b9d75f5ad15bea914cace8858ccf9534ffc79a626768802f7e86930243b3dae80d38782a6a61429cf0278d37bdb60a0ce3ea74163ab77eb299285efafa2895fac6d7f2ea65b35e579e07a7a6395e2488db288c415b402a913d727cbf3df623ae4a205d9867c59658d48c7a
+TAG: 6cea3ef5940f79c341e22ca98771e1f4a27dea38724916ed5027d2747056a192e72ed7bf35cd1e3d9a724935bd778866a7454ee24a7d9ae6781aaf221ea99ee6e61d72a8918caf36d30d5a190494f0ba02ec3d96b4e9b12ff747e0f1c98ee1483ca32cdb68fe1312ff5f0f49f2e8e89eba814807cc8e44abae69cdab9d7ea9ca0b1a785b743f9fa4444c23e29fb77fa5c329941ac842b47c8b052a26e59eff599d1007f9c2a037c035c475134d272abff2a4fdff42e561afc2a589686be3eced7ab14ec72400dde1bca8738605794cdd80688b8caf366f08c0be0f200fc6fca9bdbc8e5ca54d75c1d02832d8eda711e4a4db319b622cb1af0ee8ef22d88d16e4552fd6a38d4f8517db6cd9ea6420c6d89b99ef60f87e43a0f6b3c63a
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 0e88468ae741a9ac1114e212499c092ba60869973f2cdaf456ceb336ad40cee9
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b70043
+NONCE: 3a957a741c9eb80f2b021b1444769da0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: 6ddfb308153a27c84009486ba4794d3ae0367fe3f75e289a28e2bd79af4ac294827e034a8957cf3727463c10ebb82542a1a84d89214905da11bbf882b702168e670725717f360b255b6b1c4035c0192b743e62c20545f6f8706010fe2fc8ff25c7ecbb2184460d0944c1e29f66484c450b2b06fec4
+TAG: d15b520c601564fce30151843ef4a8bce43516f2ff8acc27920dadccaf244a659d6ae5fe5568439d8af51273fac3982e690127a424b82ea2c5accc995c3002d70b6ccf3d46d86e4a231092b0c2a2b3fd2e9d199f8fbff1c4a2cdaa03ad6be6def2378c8991edaaee10c27347cce20ad1576f664b8cdcb3815416c89b62a3bb8477041bf3d070f2b862295c6fcfa2066894bc573858ea750607e0cdbd2a41771664b0d35c7b7cf9144e5802252b26cc2090e46887c2836f2d1a8bd4d82cf00915be9af229081d9766b95215c275271b2ee52b16fc6dba1ce627556d4749d058de8bb849021579c462f918cae2f4eed68ee4447100dbf246287022fdeacfc9599296b9ea3adee378f0743a78650abf652a78fbdf1ac7c64c844e115c
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 4bc1f00622d792e473151668845b2ffb30c43027972bf59ff86ce53a380f2aea
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a
+NONCE: 957a741c9eb80f2b021b1444769da00f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: 452c39f1ed638a315dd21cfbfa383115d3345ae07f9968f2c30e47a05891ceacdc0f3b4669c929765f51f69c0db940b6ed5d0266894292e57d04c2fbb3b1fe2bc3acb98f87974341ed985a151f82673c237d101161ec73bdfa6144198a83a6e7ce8866b5fbb7bfdaa908dfc2fb15b9175ae8d6cb87f7
+TAG: f7a43f52963dcf384be1ab05d5c76c82b0c56ad9cc7b75e28f08422429f128acc6768d744d05668eae006037f8f7e868a3489d746f5c756c130c910b48cb2572e351b38f89b9ef2d2b4b2a8890b5e3084cc630519519f3e767f284f060e04445562d201b94b5c07938ced76cb43ea1f6497fb86751f3cf76d58af9d9b32e367e012202f94c0bacdacf632c28c3f5d1623031e3695b7e4d82799ba9378415713cf3837e6dc815895ecfb6712207042ab4ad7afab51677b4132e5ec548346b062ae85eb0fb0e1a181022cf06edf4181aed1c28e3c615a11c825f70c182689dd401eeba16f021efb28505d570cf461237710533e101991196db42b2c82d4063377c3013cc2e2be6d8e544d44678eb80a137c7ff63377027f71d1a20
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 7ddb9526ac0b917c3d63a2c0a4cd720d4814a25e29c34a5b203d8aa4d4e0eb00
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a95
+NONCE: 7a741c9eb80f2b021b1444769da00fcf
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: 8aacfaa8f3562d65f4ef8490db090ba2c6a4e80b99fdf707317a66b871dbfdc3a99d04229410d3e7e69325c62aab79ee16e898c32f56d3fe6edcd636291f195f60deaa0deb05b233f25530dce9ffc8e7a75de992afc6929e90e53093758b94038584acc9f235cc463722a18d0de99069c086062de66b39
+TAG: 6031ef2bc636aa219307178d4e56307079c664416b5abf00149aa8040229322a006f6c621628e371d85d733037069df7356b8800a694d5c964f8321f250088f1d10d8a967b8290c9495c75c26d81ebde01469f46bb4b39934200b3da55f26847ed74dd5c26f641b9f48331dcedaaba9216bf4a9329022294e2c79b770ae73ef355b98ce6fc755c38e24d1782a74764e3720c01342cc07283d8925789c42a7f29704437476c1d510fb04c16e9e5f89d824fa861b05c9a18e52a8435e8b6aa8abb22a9a8ef48ab8cdee50636130a63a05dbab01908d12f30ec71d8475f54af9936c00d1ed3d69be870f6dfd10542473b472fae1171e8dc2f66643ac3720b8931a06b6f460b76f63fb12bc2d82acd6180d8f7a3340ab84c125b9f
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: cf85268a8412f6a450d7c8d48a2e744b508b00017da678e76cac09902ca6b0ad
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a
+NONCE: 741c9eb80f2b021b1444769da00fcfab
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: 1425f735d28f545c7ab1627588b21089cfd0641b2746bae57d36f0286c43e9f9476f47da0ed156600455ac14c65c5f2999e8aac4d99f69a0deaf7ea1653dde591fe26139e30f64ba29d0b11c7853938d86d801e721ce7ec81be6fa8b5f281d31b14fe3388a028319f0fb12ab50438a3ecc32ee959cb5d393
+TAG: 03ba0e494d4f1f602f3554bf4888706d6f686c9e04a1189d755a8b43f41abad6f5abac893019a9c3fc38f17a34b5b257107206d04a7a3d2afbd3cb03e5f10f2c79c5e2b18ba925a2eb112eea5477d9b862bd7323d0275a24b63675ffa375692b4a9237bca54478ee86981acd437ed1e4e2d71508b39c35b3ad3633ec617ef2d35ee174d52946a3018674eacc4dd64e705df60203cbfadc3b1f21c80a562cf2f6c42287e5df030da4553fc450b89e908ba0a6beca9c228729055d875f65c1313f5356b63a986233d10b5a00308ccfd8b7e1524e1b96a07afb980e8607d9586bfd0c50098a399fa12ee706b26eb1df88181103c2828710990c311ab321ccdabe2406c6acce5ebde7c10c612fbf6397a3da38ae1b016208eb9d
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 0ecc677bf17604e63d1e4ac4a1d56702dfb16e205af1da5d105d553e87d14680
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a74
+NONCE: 1c9eb80f2b021b1444769da00fcfab0f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: 368ce97b3b9c28678363cbcee49ac8474b6a12ff63d783060a8cb33ad951edd059260c4927d5bc2ce252b4deabfd902ec1025a8847bd6fa57324d1d8cdad0f23aacd338c8162f77024291f106dd73b1dba3746e7a8dc3c3132c6edf1367aa576046a7d537df7827059b25e469dbb6aec50f33836bd166761fa
+TAG: b69fa0f760a7bd618bfd2225597444ba67a29e91a8bf110dd8cba1cbe05d335b40a51b1626c389046bdd3cd6f4211e127c58fd8b2fcdfc8d137652a8e3bbb7e3fc6ffab78b6b3b95ed52cc9884a5362339928db7e8d85a83dcc6634d92ed8df610885a3ba813ce831eebf22358d1c46b24cb89ccddf41ae4a4166eb9d48a62a6e3da218fc992a87154280093c178c3fb86133cd0427e8a23338536a7c6fe2614002e5a7765c49ea08ef1cb816d74dd7f6460a674f82e779ecc4d1346e6367b8e06586a1219cabb6e73de95c6546f7472bda8f17a2fa3462e1356d64affde34dd51c2fde2877ec1479030f38418c23c429189c16d38b2be3726a46f96d0013378b7a6418c9a29ce256fb50f991f3e32810c69e34fd73d9b
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 75073f11e219dda101a54987959be5353c48af4af654fa6dd23e32639ca2ea1a
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c
+NONCE: 9eb80f2b021b1444769da00fcfab0f5f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: f48fa6c6c0ba5d8904335d29ba3c5ec00b90041b67806c726a4f3b88c105db3b373499eb79f0ab9e348da562828ffd75369c90fb026cbd76cec6666bbd61b74548fdbf7f44c45c127e82dbb690641bdc7e9271fe154f6e148c0831d08ad7fbd38a4e3a9cf47e0d4803b4bb045e6808b228d1a8605661c54ed964
+TAG: b4e59c14bf8f6fef19c49bc43295dcac4a43bafbb931ea101cb4a5fd7b3d14ff22ca54c5e0c3ef3317314f7676e327452bc5e46216f1337fca84e93de5afbf3d50fc3466e5aa3a23772fe9fc05da1fdb3c5520740b372733ad60dd874f592fb48aa9a2583ac61ad50bfa680f029b0b31cab014791e9374076e015995dc64b403d0307999cac380237e2063730356767323bbd11e8363876bef0c390091cd2c5a4102f08d15f4aea5761a8576b059ba59f6403b5f286d370f987a54db50b464af74df3c53a9e90f1503313cddada7719c2e5a43db5b94ac79f51bdd0747bb38db9dc38261b1212128b7acbafdf4172402b64fa9cb9fad382dbe28d14d0b40957c045565cacfdbbaaf0b0332ce1f67ee60aae09e29832c
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 7390da1949a9ec86934b6f6c7af07d60fc37be21edd0ba9d937e888402731c54
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9e
+NONCE: b80f2b021b1444769da00fcfab0f5f93
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: e4879e4b80eac7bf4b235ee71db7af4a9b68cd4151d92ec1d33476595c714d4c6d97810f5c88c7ce2f45b181cb0a20b1969c88039248f7fce86f7f9458f51b726faf05610b76cef8afd0855a658feea188abdd705a3de0a655ce2e9a54617d8b646853210dc47dcb094c1db4c198cb1bc55147837b1c0bba9822ba
+TAG: b82121c2929f5c4caf4220dd99bf0836b91dd5db0c753d8c6c88dd63a4964b60896712d926229acd3ebfd86d40aac7b8045739a6800284a57e4cfdb9f1d58782aa709b89f529a4b148e2ef9f4772bd57567a0b6f331b800e8fa71052eb99aa64efacf5f7060dd42b7cc653df1d3b784befcb1069bd2450f6b683c91ed7bb892a3f637587140aeece58cbc1500a8b93e86292062545308af906ede1f999bf1ac3f99ba5384fcef40967cb2a50270171cbf45cb5aa3b04fcb33ec022d82254a8852bde63db56730a64c163a017c9cac043ecbe2847ff740d768c72894311c210c0959a737abe70c1e20353c0db83dad2c4bd2d407fb389351381381c3bb3ccabb5d571f550c148ce940c0c401dd21230467dcc06fe44
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: 174d05b7079b80d455325eda1a010ec9bfec7110a14120c6cfe365d270099069
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb8
+NONCE: 0f2b021b1444769da00fcfab0f5f93b5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: e067519b3b6b3271ec55bfd3b68ee9c762887b3eb80cd4f65d3267fe3c6baf3b83620aefab953b7406b7b8cc6fd5e8f8180af789d3c57c55d580b00ea780cff26f5758edba93b7a08b2292104ff11e4743e404f04055e136bac3300170b0731c35bee9de79de13da8e24635b882b9f7c85fcd6f94e310fad8d27cef5
+TAG: ecd6d54ea9ef0297664a6f0c3ee972e2752233d0fe4381474bd846d99174f15e7312bd2f58547a9e8f301c8ba706d7bd0bb8b8a3bf16821d72895af7787acdb345c9d0f58171564995e53783343e782eefc468858321350c6c8f0ab1918eed7b01eb0265749226a19221f57818af356a3909ff17daf229510acf26b07273e21713d0ecb8f8f19c6c1679377409c4dbe2bd04de8c6546a6e6b00bdb72613b210412fe79998955e0de4e04a6a113243051b1e2d3ecb0a8beecb32f0374f78c804b0818410a12a12db227d49fd7107c02ccbd6dee62856cdcb49354e96cc434cab526b0cc4f215dc4c8e2262bc44e3c1a7fdef268d03803d1766c039d576c5799c4ebb148ee655daf7fd8e9632f90dd88b5cb6f4145
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 338800a96a5cf6db2ec5d06de2a53d0fb1b94918f1f8d5c0f222640d4c1bb96d
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f
+NONCE: 2b021b1444769da00fcfab0f5f93b511
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: 9b5f06ef7caa30028667c9d88efe9069c214d2244ab9b30443691c7298ba292241099693d831c5bc50dcf8a7eb983df8bd7d91497d8e6892e3c6ed49aae987bc5f047ea53b3a44960b469142662b1d0aa726b99170cf0c0edbbd2223efa7fd3c97afeeb9c50ca0a8074d2d339e8b4ebc0def814188cd87dee400b23ba1
+TAG: c512d19b8c661985b1bddf12672f3ce85664c911566da59c3d0f4f8f044fa5fe6200371b1bbcdef5a5771cc7ee919e36c6b0d035e9a8b518be4aa8464ed8eecaf4e49d3270080d0b29589309fabc79fb533efdd869e42b2f3fea9d78756c266b245b4a37310eb1cbc24a878441b7701a813cdf7692a1fd2172001a90346c7a80b80ee21249e45e1eee7b19472987efcf4335f8b0c59c2ec21fa6d52624e7ebdf5a2a5d595a098eb56a6ec24636b021b5a899c27868f6ea549cce01a64af21e36525ae16e54700e9b9f57fa61caf0fd49a2c948b0059b315592cf52d5976d2022e6425ba227c9d9cf1d477517b5d25fdf33f6f719c2a6f91a032c5745477f53072c373f5507757417f26126b156ca91500325ae
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 6dc3a2d32318422ad20e9c7b09a9a73d8608a326eb14efd6eb52b87ffe4bad09
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b
+NONCE: 021b1444769da00fcfab0f5f93b51106
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: a7a27ff44599a6263753294a057c527552f4659590b97b9135c74da778a88607d0781df713f4e0d72d044f0c2c7daab6fdcbf162cd700d236999e29c25be1c599b5b5941c774432494b848f6d862da9f95d28d132c7333a4ab436d5488466ff8304415494bac0a922c8aadf885ac23dbdfc19a0311857d4d58d69f714939
+TAG: f18f948248b93ce700f586b0d146f3156b4135696992754f1b8d15fb1066b23b63006e15e5545e7072a8d7701b259692e6651dbf00692201d981bc0bcfbd7896ae69fc0219f089ec44cb737d07c25dea40c029a1146c062496765b002128a8b0fc1d11795e908aa0cfd095e96dd84c3a205db31bc1547aee7b31fe35eb388e15f8742e9c6aba30f7fab80fbb794e31f8801ed5aeb125826b545ece1440c33b3cd5f7fb4a422f456ed501248844da374ca8a033b541904c430ec09f0f72a53d458519eb55142156c823425ed89a64a5b0e5d20a1bec8d7146e62877daa08d4164fdedc5c85d93c4b1cd914055c6a80ba366f8f8739fe377be0afe56d198e96970d952d694cff07c9d83d9ef13e0e135d4ae86
+TAG_LEN: 32
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: e2c5b8d5e6f07c136223bdb8a1c0197cd99132dd8320a3f1dd1a393a90e575ad
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b700433a957a741c9eb80f2b02
+NONCE: 1b1444769da00fcfab0f5f93b511060c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: bef9d1b0ca29860a27227b7d32af256a09503a9febf9c1124054533c15117d846447e74f8963fe6eece8507f168adcce0664448a4c499b1db6d0d0a57eb9b4f86f797f2defefc7d9f3b5883758ffe189b6f9fd921eaf4a4d6b7f445e5c871c7fad06031e5a5efe9ad995b5e0887765a8966f27680ac925884d4850192214e5
+TAG: e23947c16b562a55cf3b68611ca4d729dfd0b33405313299329e4eeacb6a8edbc64ddb87711bcbcf11c72fe70121557f1a0ef0512f606ce8e3221afa9fdd6b23b8f7bcbd9c296bb48821104f2701c6cbde78615c1a90adb1653f9f559d4291a339c385f9c26a29d37d923987226522cc939053fe951ab61cccb61846f89f0a4791f30166d5d9a04821b453917614a36766fd78fa099ae22ce788c44c0980df3a73d6ea2306dee86866143f8203357db580c00d4e4dbdbe9b53c37f08fad9736fca2819b52728849d9e36a0e7d75dbc48a7347b70cdadfcf8a81bf5734faaf01c795adbcc0340201402950b072359db8fcc5d7b68d84d59ad34bd20c3a9b529e397937700fbe5817a8f1c997cb0fb7c1d02
 TAG_LEN: 32
 NO_SEAL: 01
 

crypto/cipher_extra/test/des_ede3_cbc_sha1_tls_implicit_iv_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 20
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: c6105cc86e18eb8376c16ea37693db5c07b77137
-KEY: 8503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+# Test with maximal padding (0 mod 64).
+# DIGEST: ceb2d295bd0efd37c6c34dab1854c80e986174fc
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
 NONCE: 
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c748
-AD: 1df3f4183aa23fd8d7efd8
-CT: 17944422f667bf1356c234189f9c6cf7af52b2832b2fbaa990ccef4e7f9bc3841e59e25c00e3686d5bd5c29f
-TAG: 3ebd1b0bee840e8a6e992421c62de5a8fda3a82f0af0de2c6be5f12937267befe9b421efafca4455b5af6174cb0e6f929031086aa7b85a073705fa3718a2a9b595e32a725ccb0b3328ea913edf6a42dad4c44585fbbb9a500b0c938c78d4fa17b2e52b479aba6921b376bec72ff6d66a5854180afedb8edb06c919016d19f252ab39d05c3c4f297038badb09ad7f23c88d5cdba7e793f1e4f2d107571eb9807efb3009187e1415e5d0d3c6110ff77f26da9605955843b9cc60875e60c3181ed0da4e5ad390e1d3c0fb942b618d1015716c4606030a40f0a554c4929764da415d773d386b3bb018a4ce72e85f28cfa3e08f0659464c0e0cf3215996c6a769894023e4fbd5377f387bd914c1d64db1ee5f88627b59
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: f2ab16ba87c52d066c0637d387b89d700a66828ef231b480f39aa08ac2447c8ddd205d1a95da37f267c06a1338532de890904f9f19c930adfb684e81cc06bdf2
+TAG: 3ff610fb9e208ff6ad58b78c5b2cf54b997eb3f24ac0171229ff7ee9cd5070de5a604f78b35b6cd25b3f2ab487847ca1e3928bf7f19bd19c9c9a1015dabd2de426fe57d342009ae4a2e67fdea378f24ec8dec1e87b62b6f70626bfd71f8d8d5e5c5b935a76527ee8a9a3094d635dc2b01a31dc4df336aa023517d7c35e142ccd6a79bc689e335f187a5358a00a7d4eb168cca3f9c6523ad4d74609a5b5c9e36db6bdf8464c4c8497c501084afa17557d070a7671c9144c86b4de9d57f033bc6b59a7f1f4e947b6a2d69c85877de731f6eb3db71d9f4c2dc086a3303bcbcd2f5b71643058b7ce08ef5879e0578ec81ced96ce907d4f32e67fd4cd269de9b60e09ff74bad6c86356ee297475ea7fe75d75
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: a07054c760cc66fc704edf950201005031f3faac
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be1
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: d7059edbabb5cfc2cd5c459abd74e136790aad50d988c6c9271428597617db171b89ab171a68b14f9d417bb81f9f7d2e2045aa47c0b5d166c8b2622bd914c4e752
+TAG: e3d17e303776640b3ab712f6068c44e0e3b5d375203a8b01ad47e6f4681011eff04a41d03ff073e61c630b5faacb744447226a35e7496204911ddd660792be62c5f34c918a0d8514872100c4637ca12bc9c13b1580aed10a68c9187377441bcdf213bf3aa72831f3498d990a7a5960e1e6795bb11e4c7910a881d76ac81320ae61b151b8dbde093bc9e56b8204463d8ec31dc32b3cad5cd8cb48b5f20e54c17469ce97c069051c8e4b2ae5dffc0c2651d868a9909187c2732056213e41e315e94d14a84a24a676155ba86ef0b96efee3e4765dfc750953dc9a7ed739422c7d988f290432320313848a2eb7723c7c85ca3590eb35e3058d0462ddaab0cd48730107d4031a216c6c2595d1ca0b3f1815
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: d059c266cf6233af730b7a229b19356a4c6fcf06
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: 8864e31c8b2ce1bcd1745671da5bd66e1e366b0af66b91f605574c841084a5df358483c7839e4456ae5a442930f21d4bde67578186a91c0a603468339ffbe3bfc607
+TAG: d8a0bcddd40964405ef006e0083e67a607b9f926e6508880d7784248a626d56a0673ff990920960fb307ed9cf40c2a1cc3b632b1f94aeb30efa02123e66165b77aa4be5e2aaba4c4a52372b403cae2f78a3bffc1cae8dc6f53839de7f16b8984304abc4a81ffe1ffb42799b54dc43ca0b963be6299a404fd4b3acf65939ac319966aae0a941c74135705092567e1237044c88f79b02b68ef622f9c776bbc04dbc2f58338c129f25afcd8cad7a0e91f30339457075b68df4960c003ef574e3aaae870787ae9ddab96495861388b341aa63ab2721abb176c4f2e6d5704cae123c20f1394d6a12d51fd5782dcb59d075775dfeb72df846995b87b1d374c0d0b8a003ba60f713ad777b8d6ad42c5e373
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 8aac0687e33041fcc18da154b41f20a6af2bfb28
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a7
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: 1d239b3880e2261806ee770e7296d573d308d9850c8bd90a0764822faf5f65770f98f18ce4738538f03ad9b289bd5fa1367258f00d3ed91e32885bc45c30a240cad8c2
+TAG: dbeb6d1a1165a902128a27d7f55f4d928b56a3b83fa430d47bc4f935219fcc6005487f1ab14df0a07a270645d1c2fc23efc9866ec7e4427fe0382b75215c0f994f09c4ac54bf360f8ec938b02c17c4104127d2cb1eb51a11455180931b8e473838e5b1e61cf5cd05947a5b154be5df49905e6e7c049d00f065f680b0e5f3f4a7e9dad37d493f13c7ba318ca2bae086136d67b17a6ebf28b45cebcbfe115a45dfa32786a8b8354d51acf58bc126a13146e0ca509a26cc32c3e8ecf5b9d6ce76a9f76d674316c42f3140d5139304479376db2a167c65da7250e6fefc9d3b37a2072180ab3202f1fc7dd7f4598d1d976b15945fa73e1be07a91186ce7c16c4249d9f7287baafc572673925e95caba
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 53658226c112b86438dd27b58a71f9e36fc73c1e
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a729
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: 719d9de3bc86d08510354817d0fb94340ab1ddeefdb95a1cf460f7c9b185837b5320dd862b4c319619a0b18dc75f1762cf7c9bed63713c31e39a6f7069563441b9e6f106
+TAG: 8b61062c9480ffa62f7b96e9f50249426d05bf237d25e2b676e0041d40ba97101843d9ebc978949eb7ba53b8989ed0e93e5b91f13365345baefa1d7f59b694f6ef0bef0adc1d6763978e12fe354e57b90127533f3f991ce611e31e88a97962f859ebbc0e50d130c323aff35581f1f45cb5c650299025a03d99026d6f6a844ed9d5fe66e15a9fca79726afdaa54c077d148d561ca9e77e427b8f8074714aaf8b011697524e4d91bbab69bc01c8346e9055d7269cf124b503f7ad38c384abfd91ca36159d8a41e6389212167278b830ea464f7dffc3e01c9807368d3457ad5f21b33bcb1afd41ab7d805c9ed2f2c32da9bd4b510366b362dd02f50666ab8e5a72486b3c0d6b9bafb38c9375dda42daef635a0007ef
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 6b7d5268b0b5037afb5be5af6a0ceb34e7656ac4
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 9adce31c760d09ff911ed98eeb7146e82017261c8017d9a5fae1127479f6fb54d081cacc1ab7150f05d13547b992c1fe36a6e8e55ef1fa3bcc45bca495a981000a0c0b4f62
+TAG: 51d033e8003b06bf819a4f7978d75abec450c6b11a00bdf27f549f6060390ff99e0feb9509c6ac882777da699f5d5332d1b838a0436101574789ba485769ea6f4d73a10db775f06331140b218fa2ddad7fecf381fb9e3d26b06b3577bdf57e2a8435ba0e5b1e305ddf28070d1749d11ec5504cd9aa51ffe9133152ff35de21e4bbc3b109a318075d924bbaf0e267a1abd3d7afd2d3d8f4d951d4e96fa63741087a975eee8156b01fe566f7f6a309257c17a0bd9faae4c2781aae72eeab1903602b09b69026540a84b4786b8dce2a3e5ca26c65eb7b220dfad400cd236a4435d7fb1be60b9074f2f226e810d54abe7ec0cf10e7c465059720baf93915dda8a56d5a012a990d72408d2c9ab9b8dc813eb2f1caec
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 63efe7af502231420ed5aecce9a28446b257828d
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: b81f6e678c5a08244a5f578970d64f96f50ad5b5724a9287ee7b293308db34e03456f1745f79c594ecc480fb2a9412bd685e6c0df028eda06aaa15c90afa4ec01736450e3eb8
+TAG: 63b849636c212d353918c6e3044d298da268ccf1042987617860b58eb7ec8314ccd7762ebc39b62c0f0f1c346c8f4bbcbf3bd0134c0a7374de1868b08ba013398d8e4b578bb8d7359f2cff1629ede34da00138efa4a724d892fe4ed2b28613e66e0bb4830f66c14dccbf8656e615d66f267182662fee8a3e1fcde0941793f0bf2b00d6ab6e9fcb30553b620cf8e9e0a15f122808d739e698f88aa157baba12428541e928ed556517978f6c9f29c6ae8fe5b4e9ed6f0ce49351ac2a63e74bda9288a874a7fd5327c6856596a3271039dcf54affbaf29a5556f1fe1062279d2600b920f4e26c96e9e8fa696c521f60e9418975befa58ad564e730d1de312ca1b999a5e89b813743b1512659d809078243170ab
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: 1a555c300a1d1bd5b03cdd6bf2a678621624eb05
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b5
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: 6b6f94bc2326760d257d8156de961acac0b32d7f4d0e20363532e76ce76641ba66a1aa7945b9ee58527039cf83fcb01d8ef85254566947347463e161ec8cdec74a839637288d09
+TAG: 77b18bca8ed1d056d9c974054598216bc15bae5b7d70f3bbe32b3deb92398b0ce25a1efc5eb6782fa5fbcdbb415ef43eca090fcad4d34d53b1fd89cdd760e6424715c7703c51e08b72cb3e3b8a30bff159d5126f1473f216d5c931ae03703d3baf311a59d7ef3d6db123f3e8c0ca26fd3f8809ca63265d2fac935bec32631af43626ed1ee9785c81d7bd0cbc0c5178e1ca7de5d12c3592a7880be6590072c4728b2afa1eaaeecdf7cadd8304c2d4b614af7af14efa00dda595be92de09c74b39df05d7d023db721f86992c57061a264dead21e24fa47816f43b77b8ccccde44bfc32a015134a2cfaf04c582fb839202b08b81543ea9358d5735e7c197762a6a39936e26de58690a02dfc273e6779e77708
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: de9156349b578f2f44945ec6a676a67a829daea1
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 8f211be563f98f493745cca0e385e5b0113027efe3b0a880805427e363014323c4f6c7e6b30d2466c70ed56d63157f2c4f6dabe14d5a22c6c708ab3fb667a6c64ce5c8de22f5261b
+TAG: e5807ffa59e0005c9dd7eef0b854ee1b2cfccef9977f8a963167cc563d844f795c4ce4f9d03da95e4cfd2fc80c9efb6424df8cd3b7875a6ca129da8f509ab09d1f0eec0211e0ffe5492913fb688796a29a8eac54f374e8948991059f6e73a68eba75a892b3e2ed5ab9680eb0b308b07337e75ad5b406c260af5d27955aa820bd0435549700e960e66c211000885e19b804579acfa8c526603f8d743491d916fd4d0e250159e485a4db2fea39a8eb9443516518e6612aae97b1d9b7ac48066d5fbe2c1be3b2e20233a2fb4d39052ef4ca3bfc47e561aaac9c57a7dbff922d6d997821f6b09bf3b4c91bc6162b150e17bfa2544f93f2bebcb4d20322bf0357fdffeec8f75679e6627b4ffbf8e0bfee63c8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: 12812df3aa7f3bbc899f6f248f5590e02570c292
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: eeb6afcfd2626da1230067ed9938f7df35e99d2ba1c91d0e91c3db53034a3dd2ce3352b06e3d1b9e8415ef4ced9b2257eb05bc86db8204a8bd943bde51423a09459fecd528faccb646
+TAG: a69c7d8db2c021284e73b3c07620022eb6f199509e34611ed671c3558ae7c103c78024d96c00c791f3450d1e0338598a246855811af4cc9ae1a6522487a4a77b57b58ce29038ab0a2036404eae59133512b9ea40e2d7176e1b36965a27ee2c898d6514872bec952a029d9d85bfb0c99d8b348db6a3bbfedb6d1a3128664c454b9ef29f075fecc469f233e18567fe16759b378600a1d71504231e6caee5688e9858e14fe6fe850d95d7c010865781f0457a22f53add7ef57071c7153d312ca303e4884b83c9acfe86686517d80ce271c148cf3ab6464a9751b66ac7682a5f885ad9301a5602c099e89977f06b41badd1c2ea1f7027a38b749e2ca1a3ff4e4889e6dbd3674a52c8e24d2c76f64a6bc77
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: f3c89f21c327fca4aa400fabea9e39780378e901
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fa
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: e1eb2175bfee27951357b7536e2c3a4c607bf511d1922f6cce462fdf98de9dfbbea66d38884c270e29d08c5ace1d6bb7bcd2b46eaffc67a99e225927421a9894238cefa73bdb48694abf
+TAG: fc1d8ef98aa65ba8a288ca04990bfb373071633eb1e8f30847d3c19ebef66962cce12d015b045e10c9e0aa7f275137e00cb2c9a0508c0187827a74faca4bcd015620f1cdd8f72161bebbb8231ad4b705d1982db6f9fa1d2303c429469737a3141adf729729144f55223df1fb45705fb15adb5cd03c2936674a47d7f6aa5d2a4d9a017e57a4f5dd954504abb588866457730304878ca322f776e3c8e7becb8437002bc757d5b34b16d04ae4710553a624a3fca8866fb3d20672d6f4a2f937edecd58e68b7b0a8c39819ab48788956c1f3f5f4a15e7d13350090a20c61620c9181f03b4d68d7e4f336cb7e4a1a277df5101511150dd39fb43a84cfc480fd548035c8e9ec26602dd66d250fce39dfd8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: e8e41988fad6c8b44c56544964cfe0a347b35b1e
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: a799c4a6590a4c48735d1da9746e5441cb11b664daada5d4d68d3a0110c4ad8d5e96d7331d5f7a0d1df9af5da4208065b6bf31affdfcd4944e8ed55b0ba7b7911be1a9052fbd93d5fbe292
+TAG: 6a6e5ced88748f87682759b554d9685280e094e083d297dc5fd474c4a2605612b2f8b1c31dea24d58c25bcacfbf03b8b09dc662d6e1120868ae9a0f1dbd2799756136c2a26a22e3a61a0216e76e94393534586e1a59c570d8bdb37d5ee6d0762e60c7171fc7953e59d74b0f2ff4a061d27a7baa8ed138c51264b356d9a42b0768bca1c1c458acdc82bd621031e2ae7790596594d2f6eda2c8d58d4b53cf6990434da8aa9e9eafec648d52233e9b92994ca5cbc071dceeed57b02e36f93f8d22551660cc4c1e425aa77dcda3bf6c98bff7905becc075e1707e37453de8f300be5aabc96c1051fa46c796a2c8367a00af3c4dccc58bb7dc8aa2e21e0886eceb898080bbc7259648f2be9da0f1b56
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: d1c7b2c04dc25fe7b742a1d659aec20e1475ee4f
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: 2b8ac97f05a67490bf16bc64381e9c49e7f348212d0645056ca5405e9e0a248b6918568481ceca70e20ae4b7c1f62700a2954188793b34504fa86decc73f667e5fae944211059dfa94ef072e
+TAG: 5f91838f37198290b43fc04a186db6a05261ea9916a1dd6450604ed8a7d0bb59751f6637f593ef1a7e3aab6421b7a0cc6b5b47477d36bf439806dd8156e2bc2e229bcbaed9a3beedfa383d674d3b91922e6248d1aa8ad62361a4bdcfd3d86daeb6d775a521916ecefa2244aefbb0cfc0ede1b1c0e0059a4d69850160d2f4f662ea2b77fb074a6de69feab87bb56f27edc3a42037a041007f0a08d204cbad0a9047f7798dad51e5c04126519b53772ad4f3017f9d9fe91920aa7585a5f2d95e7a8fe5c7b22fc696be10e308f939c34e52b7bc2e71b06a56e3ffa5a0ed529eaf5a8c4b6857b1f144f51fc8bbc858c88ede7ca325d231b34e4ae0e7ac8fec3e8f6a9bbc6f8975fec1e877f0d05046c3fd7a0e15ebb3
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 116e20ff1e79e0af464d473b1e7c187f4dd66007
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be90
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: 783a362232c871213daa72d58658aee2ceb4de66198df21e227326010be056d5c4d2481ffead6c80733603b132b256d1c52d64eb8b700d614dca0adeacc0c7a05d1a64ee7b5c8163d1eae17fdd
+TAG: ba611208a3cc40e2cc638c335fd508441aaa15c612a5100c960543d2ceef9709bbb3e70904f3f2efac3112fc61bdfe7accfb5f0e9d640812a4f5b0676d95b1d5298eddc97ce3aa16ee761491e9f424af39119c9f56322b10e8575697bc93d1f6a63007ae085bd20c83fc32a5d4e59ce8840f75b8c52f6aeda4fc34f11301d64e058b39ff765e1ec9997ec51aeb43b35cba9ad4b020e7dcee79ad532b897faee018dae1231ceafa1a5fca1ff1a01f863580c9c07b13354e31b0067a2fb16477150ab6d027fe88276767ebb46b1029c7d6dcacbf418f10d932dea2ea161ff8a4f6d79e0bdbf0a67227d5c9100a45fde25e2d4e360c0c0942e9ce13b570b5ea149dfe422fea36251e226b3f7eb709ed7c7339aaff
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c081d0d09b2c9eb39a372ef4a7b0246a0956b0f9
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: 894d8fc70288c7b8a5d12e63ed6e6e8c74b8d9837720762ccc519a42e024ee05e8f770180e5213a7c7ceac56cab05834d49847aa1432fcfad8286e092feddd421b33212e41716b3db5358903c11e
+TAG: c00612f3ee6619c87aa5c7958da77fdac74ea2ad1af9115fd003edc7bdb36f639dc2d89668f6c2440827a1e7bdb65acd172be229f8852d4b81d1d2ee1e167ff127fed768d0a6eb822c2fd88e733a0884f06e47d5f3a7e84e7f20d8b630c8e748a03f2eb807f3d6bf67d3f93ec97f22a3bfc477143f9e34049fd9143ad5e480bf538464fa847a5302e6d9ec3710122fe6c295191906d98d69e01e81a79de0538442a76a17fea214c74bec28c01370a0aed01e1a32a629857f5d48c3275b79a25d3fe549829e5d72d9d26c2e07fe133e214e40dfba4cd19ddccb01a6887bfba26db80b40eaee435a7619415af7be271739dc339fbe4a500db56613498b34c2b1f9dfbea13aff30c84fd1380ecd821b57cb3775
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 6f7bb1f9e2772eb909c315e653e4737cfed78a18
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: e5d56aea96fb40312e288074a21691ed29f17a547529d2427e8bcd5024e617411c08999a8a514adc83a14fe27c51b0f7d44f684fc60274c009274ff9af14d4b1277cc03453e02c0ceb26c796432f0d
+TAG: 07cea5df6c6594985f9af65319e2fcb1882f6d1d66fae0ab595ee72dc4a1118a7ef8ea450209809349b41664ee21afcb053e8edfa53bb1e66d9aefde4c48c6ff5b5e411c1228cbf5c1021d605311a20bd6708aa004d7da8bf72ddce1cbc9a12100969131d596cca0fe61c82208d0848ae0d098036a07600cc4b443e344b06d3162c8ebe14850239f77d178152fee009b1bd81a68bbf632082f9a62dbe60a1ba579077842c713ab4d5619b7abb15eb8fd3b1ee1506fe8df31bc90a63eeeefc0f23ab5ec83f4a1e9fa8833f15c90d6b68615ce297b466d5d67a87ac9fb10a2ffba5a91d31d1b18aaee8c00ff1a8b8df9584a33e946e85d8c6a6c8719421b75a8a56f964725abb4a4be790acbd60efde68671
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 172f4992e692a88f49628e5d3937959be01aed2e
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: 7923c66ac88a9d3a2c9d9e714d491372caea0658b4e5692a7df8da934dce8525d0974848545ce89a44a735eedb22f18b5b8f1455c0aeedea9cb8f5c0bb51addd065a83c4e825ff3993ff58cf0af7577b
+TAG: 06b8d51726fe8d46fce9a59b084c3924c4aa9575d3b3f9b9e31a098c2c0475e460a89639863652164b724927ef13d2c52faeba797d38ddcb9274dfc6478c06626ec55954ce17df075f0b089ef155daf416980039458b7979afeefe9fa3e365ca19637b05cd17987e25f20e62031c32d441a102c22efb3660e4e3c13800acbfba0e7dc99175e35338b87ebb56d09a3b4bca72774d87e9cf92ce8e66917835c765129c8946c7f42ad8acd9afc22acc44a89dbebf6f4b2a55c139312559e2aaf6115aa617ce07cb2a63c66cbaeeeb5c95ce617928f93031f6dcbd3ee30a6fcd4cd9606695b690d95fb8d126c4962f49f11910a6e9daa2227f46a249819074a06cb5ffd449bd5744f9d9c70dc14475fd4b9a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: 00133da1f7c63fd5f0eec364e9a359be02c1d3da
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: e0b671d572a26f0553cdeca68a4d023615570ed0e9414e5783691fb6d1c2bc30bb4a7590d3138972345f3a55f2f90fdc8ad46555d41968a00a6462c2bc0931a18df5480e48cfcfcc00078314cabe0e44ce
+TAG: d01f174c6f726b83162a8a0734e1b1e9e9498fa067454e3a488cee1a04703987d5ce9a219b4ba168a809a181d6a291eae84f91705fc0701166400f24775bf5816a67ea6f011829ca07ef1aec6ac3b7ba0576c26b557b00fb76e84b6e633c48b8c425678ae12c922a7af7ce0484861efccf958ed418e2658b03b5c978fe624b16428c41a2a7ee1cc07c9d730b689cf92f2041b5e68908fc93d8221821106d73363e2d53df824a82841be5bdc0668c5b8759a1e79e193dac2e55e4cc083569fa727b952a45e71840fc330977e072457de678d3f3694e429131e25efd339421094512755604e1ec84efdb52259f6e8284bb7ebdf229cd3e4f1abfd6498e3b493b21184f8a42ba31f4f22dbeacbb1d977d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 60a6821269be6c5b985576b245f106128eb0b325
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: aa02a8b8deeb507cd2b2ee187af85b5afa85583c258df91df9cf5307316d03b5d8aad0441bacc27c4cb26c56239423f8e46746978c0edd3c21018f6b9a1c39278f71b462c6da999a6f4d9513a47cd7986c88
+TAG: 5cea96fc3da1457f7e66f324a3c634829a6382fb75efc614bf944cafda4c9cde5bf3118838487401497849d59f895d761b8b0da9f339123aeab5b237edd48d6c1ab4120da7769a7f8510bfca3d7313f0f38dc6c34fea81f60dd3e421afef2d9a61e6b0d7be96b357f1a293fe5c21d4ee858725a4c088f49a24930d846d2c0fad98002fa66a618367425cbae16fe570f3058fcfa2544f1d085ddbc6226e35c4355c916660f7f8fef4f5ab705c93b5182269adb8a4eeff4e62ee278c0588b96043f1ad24ca39a7ad458f541101e1d6cef99d742e2e4a124e4f3a57986d0192537d956231f4e49f5a87f5b7f5a4cdae6cc647b90177dc4d81232c62bad3d99036812f84b3208ed2edb8058f4973abd7
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: e2593f3b6741a9ed9fa188fc06efd057556ee624
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 8b397fb4fa218359120058dbd145f4bd99def7e5e0a88249783128801b3828909ea19d9f5fb0f3e15ebd624fc32525796ccf9ec01b1da3acc6dec2a9306c57db4eeeeef4830575fd8166c13c23664d4df4cbac
+TAG: fe141cebcd20919976fe53fa1a9e186db43122704ac5dcfd23abc2da394907a9da4011bf32a3948b0ae848d6d010024c6f37191f6fe5cdc46430b915a9c5cc80329ab5d32797fc97bf3ca270d8b35c14e3091c99ca3947492613d183845ea5b80619d20c38434261dab80d4068449a0880eadc55f0b43cc344a875adfd23020b6e63c3015c887ef52c72750c09f60c7bc0dc29ac7a6494bf9771c4aa931aa440ad400c1cdff8f3d1bc4173977128d1eb57731e4b69d3e6d4715dc5d2a9cfdc2afeabf3513b3e3c107a83ac48f511750f887f59b10f40e8f2d197832dbb1febb82c29627232e3793c8a72d7033c86cf99fb54dd2e3ce099d4fdb50a63b06d5f595d5bf59474cb190245a36095bd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: 17450a437efe239e1858ac4062f34024305372be
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: 24e568a27d8bce547f628bfa545c4b7ccffce40f73b5abd6e1b60d5efca7cd6d5feda872e172f64d9193d3d2d3381efb52c05f98d3e1fb689fb05d7017654eb57346f1b3dee23b0f166e50531626582115af7cf0
+TAG: 4dae8797b02d7f1d8dc42b10f18973c094880a10207d9479aa8252df66e855a7a4f6e7286ffda82820f510e8fcae2e08349b9ab46da4d31a7b537484589ec70077fa9a68311eafbc03e3538dcc66ac967e1b992ff38afd452ecc033ad86503a0c7bcd9327d4b4e9dfb90600725cb82c4bc2363aa88d436b161003fa42ccd464456fc057a72281ae050315ebbcf8555be995dd37737da005998569caa83c0af4819df86195e6ea95a343d9f91329bd059d393827f8c1a6c9ac173e3cda42c1bc85114aa750f9d3af3a889b736c9c608c85201fed8f31a9596110c452119ed1780dd610d8d8ab30725aeb07e168016a9508a31a35de30ee16508a481f00b9342847e4793a44831d92d92ac504d5dee049440506bfb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: a35fc7d25f90dd9cbd35910d5532aca8aba88b29
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: 5e91bdcdc26c9100265ed7c6f029a1aa46ea6807340a161cdd07d21bf6bf7181eee02d939fd95aaf343eac9f629e01a665dbb40392e95da6d00839e3f9b412229bc48d9b289b8e91fb2705a0d3ab85aafb130e3e8d
+TAG: 6c57ffa542b745e2313b7c92ca3350ded6fbc529715a5a43615f0cd8922ce27560c2e28222b37b0cad173572ae81a0af45502b7b7194691dead0aa46643bfe9f0b3538f76ae07b540e1bcf43f781c72df95d89512a6024598e734e16cdd8f246b810d5043c34d400c77db515cda8a3c9be9012b21bf2ca6be2de9aac8ddd11fb026e7e3b4a96af04fea4407599db8e37676eed4831eb66c1a6177b70c3e14295d623ede8b119a43f4c25cab2f203788e7a64a07c59ed205080e256d28b40249adb08d116c86bd1c325aefc73e1b6197f8d5cdf71730bc83d1c1edfb92492e8452cbe98fb873d5ee5779bff94ee9531f70a62f01e96d8069ca5f7345f7e6f67235dab750addf54df5e71302e4423dec5d0d5340
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: 73eff0f03358879f900b6ebd515f0f4e5a6929e4
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: 140efb950a30f6be51a219c49b6601b035efddd7a3cd304d3bd79e13515a4fbc7a2bcb086e82fb035c7ffc2358982c6dfe6b266304e51a6212635ae6f4d498293c276b53e42f62ddc2fe50272e6120ca41c001f443dc
+TAG: a397170ad51432a18accf22c04b831ac81c72d8eaea23682cf8ce6e201f454bc99cecec1a220b7fc24087d040d43d1313022f890e55e3bdd37b67f4b7d50e73df88a862ce10b8fd4383ae560e1d04da0d9505570ab151219ba8ba46e1d5ccd35b3ef4eb621be54598debb136df86307a0bdcafa1d3f6219fdd60feb80709a2b4cee6e0a642bc6a0ac6eccc95405e9c55e0782eb07e2717d784982f81555d49eeb81ba1a3e03bb98df0e79e62acf23c06945e85188dd61b270dbc1d146bfe4368dbbf33db9597837fbb9cfe9f17efe470a6a14f304e616fecd358cfdb5af11b4db71d94986fb322f692c18721d68298367fa840a0bf29643b0d48f74ced1d9958e7fd1542d17bc645b707c6cee2b8e7a00d13
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: dd6cea270655225cb4f4231f54c19eaaa146eac5
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: c06d04e3216e4752d83464251209990997de6c38136a51eeff0a1a109744f99f9664ddb5a230099e8af3d6ed85e1e45d7c4f955cb4a7cc3f24997b3427581de167c2c3cd7c4664d988cf6c6abca2f6b3899434398694b5
+TAG: 26290ea8be2aceb775fc57dda96b423a9cc6b141e4d48f530ad42eb0efd03305256b52540e2b7fe82d0bd0d614d84ff97d56a3d74b87a075aef3f2887577ed2d8b09273ab21ee8244f56ac0e404d5c8e84aeb43a97dbc1c4aacd35836e049e65c9c1c8763d773649e21ba91a72434e94355a7f33c0638adb178037c1305c8b66c28424217c5f8712985e0918212b69478f1c64f2e15fd1150ee02fe508e6b4500b8a1ef796b4514b43eb8ac575b0e393469cd79648ef568b42a253f518da6b40667d65fdbfa5742854eae18127eaecc690c4f0a5aa861e02a761625dd42bfff6fa034b012837f38f75ec685a887fd36c0cf9b183b1b47a22cb7313b9441fbb2f03d4ef74073838801a465d2046fcb8da31
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: 34dd9bf0ce19eff890ecad474388779f63b0af70
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: f64f633af5421e2b8d343b52642ee5448527831821d39220eace1ee48eef879efe49679f13a9c7594f16511427d3b5eacc8ccdc597d72ad37f5ae1a9bda42cd690ded3eba9a6fe3bf1f36f480805351df8daf2d92fb90d18
+TAG: 6c1c5ee308c4a212efc9fbda5ce9da172fc75acf889b34506111272b1e9cac72722d0f6d6c7d04282ed902ad23e77c6f5f43e65e51fbfe45887fef73035287119f57a813d4d1bb0fa785ce394c3517dbb3ea88118c1b7947e5e211dbea161388d78acb0d089a44989d566181554e0122db86acdb36b128b30effc405fd65e685b66d322bce2edb08d92f7eef94e849bb6c43c882a912528a49e59a39056c0aee7fbbf3687218e84e9d6094582dde5c67138da65b3d821cf959e88bba7823fbb26e8e5fd95cb64cc868dbb5dad55bf21c09192cde9176cbfd08d782efa5fe6b9c683f4051a93ee345fb31260e26d14f9046abca30f2a40c7d690dc49d07cbe5381eede0421b57edf0d313c27442ba572c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 7db8cfbd3b29f96d752346eeda3c2bb0bd070099
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: b4f47d4cfd61b38f87abb714da89e4e23d37f155110311947ab5977c77cdd5f6605a2950374cca97219686684dbb0610a750c04f2c208572d55c72f1fc90a6e194b387744f94bae4a24e7323c0109141c2a4b3550a6c00f227
+TAG: 345e27a55a67cd68c3f26b7d7ece71ceee4523c763f8576a6763143013cee6a643306e2c35dd3d0743e9bfac035152a9a70ff7fe87b9b08e2708dac277deb2508115a9bc89a989a4f4b1f81d301154b4e243d032258c683459a7bf4358987c0b8a305e3bb2a16fee9d9eab8e4fec270734d76384319f7ea05d6f2263b43b0e65dc372bbebae760441ecd7395b0683ca08c7062faaae20cc598bdd055530f51e27029b0fddf4540e6d66008f76215fc39ca3a70a48de734c227b4e4d9ed31926125ede1d74f7d6122332666a937448895ed74e5d3949103d61dfb81e8d1b814b8051796eb8498d13f16c8a0e0818fe24e396f8b815163fd0b422f97a696458b8c9b603e714ed08742c38a0a6af3a565
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 4abaa8453e8cfdefd918571a961d8351754ad5b4
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: 2de7b7a26fa9d1b0d301f9bfcc0772b0a683ad5a1392bc38f495fd88a44a648cb4136d63ccbfc994f5147cdd88a40d813ad4cf7c95db148871433d23f296f2c0edf698329c760b76f4c5eaf2a5b620c482494de0128c9e5d2237
+TAG: efe95b7e557cc8c83b35c5df397497e25369e5063d674610696c9b0f083f44ddb22497522a3968da01a4bb3f8e626931643c0a98027be8f3e64d1f876aea2dd346936dc53eff94a1eac45719ca038cc1b83bef54585aadb335dc415c7a28c4918b21a21a32ec5fb16ed7fa7ba160f52c7ce2b323239293c2728046db15cdfc67cb666267b8471da3bf7e78794e5c77b5d49d711355b4f465b7c06f44c8597c34bf8fc5d837964775074f6dbbbd4c3addb7e7d2fd78dc531a8e8e62fa649923d8f96e4a759862b1df59f63c1a448ebdcc3c36d7fed786b777674ae77e112a623020299a8d2e40adf3fe5cb34cf9ad3717f072d637c2cca32cc49a9cd0baab294091650e334b74ed29b3d325c0d1bc
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 0fb9d7ffcc7c9b84f34661d472ae2d4fa25d3d99
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: e4255961e18652cf9fc499e5758eb2b446c55acda29e4715ca8350afe1b52bff24f91c290f488f6c0d89a7a0e67beba1970193b764bf4fc80ea42ec5086da2b113d739c06708d32cf568aefc9af83a8e78b25a9f8e0356e8444732
+TAG: 040155216fca12e96d110f56f859e5d181fb78bb992aa72b550ae51488e905d4a7af7b37401db261c2cb25ef493b358d26d6bef6706b6886c9c720a501c260cb7472d03769a214972f830ec5020757831a00e844dd8316f447886823c3c5307c048d63a4140744e6afa135c24ef1884f08f2c4534d8d0696219dfcc771bd856b3520b832fa619dae97e043ea4b17e520de4b357f77e572644609590be328d3dbb8454531b82694404b628ecb3206f32e2ead2a0a424203c332eece440f9831ac2979b6c86e2c49b2fb308c334bd34f016f4a6be174f86a2577d0a463688808dd42b1c867a1d73046b4e94b6686502a94348492b722698b7326da175af4962898739c6fdbb16acfd1eee2bd7f9c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: c68fec315401703e49722fe4b39cf28b14e9f50c
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: 3ead3affa3e6e553cb4998d3f8aba6e02349ab0a588647f3518037145860a949160aa182ebe41358a57b3617effb1acf2525db768f042ef5221d32c861962b70a11c27c536a57d369a5d24e8efa23cb2018932ef77b567df36cd81ce
+TAG: ffa39d6befec6b597bff8a23c4fe8791c8309b2a694cb8400f32d8408cb8981f1e4277579e3c28c906a077e115f0eb134257bcaf7cf8e4327d7e4800ffe21bbb7c7ff9107d4f292448892802186f2b7320ba98c2b2da95cc5368f68d5bf723d7f1392ce9e212a9de44aa0d556936f707f45dd25a1abf6aff829a0ca82b67ae51a0aae206e940bc84dbbab8b3a0c62a755e9b59418202eab6806afa5b00e887e45dc95fb9ad82ffecbd5701d118429a39116bb4990cd45668785c252321a0d98e97c28916c8b4d9938d542102faade1852450b9ea8160f786182a6d9ad77b515764b16554f57b06f3e22bd1dd9bb125862db72ea46344649efd0612807f6b5c3c59638fe45a0cee01af60478f36c2ec146ba7df63
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 15e1aa5285beab679aaedbf51a86b4aebbe3d7df
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: 7c5e36678f3fc8465f7770d619712f4fdf45922b20db9aa521e721ca35a02446f1f06ce15971afecb695e3e780f4972821f9fa044564fd8675f1626c5b5f8a24da4493917526ad72b631acd16b13ec9aae03ee7b5034919200ca8881ac
+TAG: 7be23184481a76434648417fa7e7afe0066c7f614cb0f5519e15170216db443ac5d840afe41ef010888b5ec1d708cc3a7948f393a3eda3974f6a542482d29c5c0c25fc6375e62dc88cf1334bd81636b0d3efbd4a724273e587c921addf86cbe0d698bcaa2f8acfb8aacae535526c28af0d332e83e7d0b77c32a82d62d5ae67235c827441bffd2efa05b6436cf20092a5332ea695104a0c5f83a8c68322e00ffe42718b9015765525d7af77602be97bc5b91d58034b1f4bcd6b8141ae6a73841a0bb99d8e81a634a42744d2256a44c1bf6a17991fc12d9a6520978656d82d03c18c73abb7587843e503ceecd7d3e2d9a2100ee513b2fc9ee78fea7f235dd9c0ae96ea15045e7749d5b5b819d1779c83463a574e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: 8cc0b1164fc844e958e055b7ae43f2f95c29e8c3
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 82892eecc52065f09b6c740654823993495b8ade7b0626a666ad6294d35b906b9e106b92fae1e767a37eb5088869cb9d01ae6b77631419357e0d966c841185b389cf76b680499e4c44f87624960e5eea44d9df0afda08ed29ba41936250a
+TAG: 44542585005f3619496ed8fb0d4a784ba3ea52cd0a9ff38e8630cc354e47dfcb7a8cd0a03d195a385e8cee049fc2de3529e7fe7e0067eb0c5f65e257141c9fc73b9f23e965ce24ea845134082827ec1028f0a64a1f6a2e31faa8030a0c0ca63b6d4cbf8d8937a40ecff26996e9e409255956dcf889108aaa23456023c5de3e8efceefb1bb40500fd7b08c760a083c596793ce63de2958ced2766005544811ee2beea90d42b6f4b05148148cece4b9b089d0b7dc0b948d385f17205135391259c697de5bfa726a135a2d32d2516d4c72c81b171ea9078cf68dbb758177e04953a1c3c669fa682fea1a1c5d23d9173e4db7d02e957144dd149f4ba2784c9acde563d54a7e4cc164eeb014461d0535c7d094ddd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: b51001b6ff9d27bccf3103a4961280e0a1406257
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: bc181d050d6e79cd5d66a1410338e4031378d60a217bfbdaed1404453cf8a680b9200f746ddb6106a8a407aad8204a7e3b5ce8b8f34d1bc69b84fa538745bf599674c6ab008435897a765e5072449a7c79c4fbd11f0883548a88244f5b1dd7
+TAG: aaf4ba13e0df9d9f0ea057ac04f64b48a97ce398674d0503053beac9044920191d6d619f2136341cc19f47a800e803e0b696166d306c8cf969206956c0e198157c3d6f114c7217592e358c27f064c5d940deb2631a232570975fea1011e07b85539a86cf83fce7a1f4ca35635ab86b901aea3bec5595129b6a8ec633fe08ce1214c39ada3da5e6012525c740a23e1babc5ad9dcdb6cb837d78567a59bf52d8044655863e1143e5b367916a154f7dfa98fbc7545813ed2e90da0b365733090f264aa5b004ca22adaad01ab98c3de62ffa15095a20967a2c07cd3792831027839d91a8048e1c927198644be2407f0543b0259d649c15aa6d1374e95dedd203a9ea03f3104aa2fd27963b199c669a4ef9735b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: aceed075f31ab159f6610f43ff0a6ed3a359bee1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: 630021a2b51b2f47aeb76833fe4f3a6471d208bd943d7ebe9e97ef72004de998b82a7270ad9ece3738b1322ad5de184ef9eb67ed7d0a7f76990cceb64eff3bdac11ddef22000ec6e476de4d13b841b8bbb941ba4622e35334ff293014408c1a6
+TAG: decedbd573c17d487e3fe140a08cb446bfd23c5fa71a62009e24f83f5acdb3d8263ba693c43a0c1dac94c700926bc51bd4056944dc5187452bf927a4dfdfc04be4eba66b25d6dcf4e7e5a64b935c835a8a4fda3d43fd2f3fbbb1498a45495c1d73c6ef8463d1d22cd46d874214a806bab520ea7400ac83f009525017c9ade73d9ead4d3b52613cfc91c60acb38cf2e1c05e2c18aac0c2728135648087e7e24bc54d55f622577c34417fd6dcb9fb1be14740ea5a452e314414b86fda4a3225ddcf4e9d686a483e25f66d218ad252441013c36b69031cb7ce6589eb0f63fa694ba4984831d863135463e152c4c536361384c07782932f6601d909f548c5afc0daa3c80e8ed6a2e615a792fced1b452df67
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 976ca4c9819e25a204a024d05fbe7420f717bc58
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: fba7b6a3f55486dda6db0c08da51010c3c1158424f4ccf5bbd356d401309dbbcdbaa89ad46e5aeb5df48fbe000a728d5ac5ea57bfd1ff96327b57a4c2baf5cce0f31dc5266ff97b875f15c5d0a4c2d85b81b69ae42f6209111d4742ededd8ce84d
+TAG: 3083dbc3588403b9c01492e8d8b7cfd2b5070ef097f57d4fbbf1325a4f1e28ab44b0eea3818403b063e86345c1cc0f242bcfe1b854aaf6d9158d316d768380c35e4f191f318d16af31ed6c8b7578411ec57999238b7fd2d69ad2459e0090de55abd96c0a40b4a0e909427ea3f2c626c054570929f7aee33fb45e97daa90661f455b4f38297fef238fc5d715d7d5a846399b8cfe78d64186b1b0d884a6b89c358a4743f3271df09b52c741f83e364c8f836b4f41ccb1145dab7be582301bcac6cbbabd7c4c4311b0e21ddfc152018695be7b9d58e95b8f74fcfe98ba8298d931878dd1318280221a5b0c5df31fef128f672b89815aba99ffbd41df840ccdef16a3e8750830ec84c2f50f3374e550ad1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: ad8cfe7556704bb1974e94f70d8743d147c5c3b4
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: a6e967aa8bfe23d4237d593e6cb2e279174b57acd9037fd150cb3a00a5524256756602c8541f6eae44e2b97245f0f63894afc812ebbf87f77be763320d0effe9974df583519582f72b57845bf20bb2f82ad5dc59b7d695a424001d0b9a1194b9ed7e
+TAG: fa2419a17ee52bf8e0671e1a7197f96134c63110c557f7b6f0a0ee57de8c64b3390e56a4c4f2c75a7d4e4222507b2790e31043a6ab18a2d71786b3334eaa37b2ac7de20610a4f4af3c6598483450383199e1256e05e2bb20df5d3b7c24156273716a122de04b6bce230ccb8fa7876d191152d82206cab40e1cff6a87d906de2660876b4abe90491ad6a10399f3c4a351d86dc9319ea803dc2df41b5a33c4e17c8654cf06eaac402a8b45f252714fd8fe060d33f05fa195fbb091e2076fe87ebedf239ce36783af321e21146ed150f06083e9578b2e022553ce43dd05e25033698219a5172d6a020bc9db1f5f2a954c994bdfe0e7ef7f48c243dce77c2274357c6bbe8c8267f8f98a384c4fc177ab
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: 1dfd9608adabb5a55e12949f1c4bfcd5a77cb703
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: a547715740d6cc64021b5e70bdc0aa8299369a2b45931a539e146aee243338dfacbe531274dd5daa12efee9e2ea90d4d963386d57804c01767abac3ab329a08ee974d9d8723f5695bec5101e6ce1d727ed919eb53bdab44db1e5f789729cdf91010292
+TAG: 107dfa1b7e55565fed6fe7ac9ce44fcf6c5038a586f9d02b2603cb02936c0b965da944a945d5b21ce2a234e6431fd442b428e118058ecae90f09778e2b914035eb700ca75cf4d6d1589c7c7e1b7e12f49a4fd3422e064c417156cf6f0782d52b71915bf697fbbfabba723e39a770e89f0d7c46399edf424c735bef679001da5a789ed6a3d253dc4f332a80aa14d745d88e015eb246cf3c5782f0ab4a3bbadb9dee73f2dbba55bdbd9e0bf3f009a3ab434156aaa02aad0422110d45a647ab90021ca7a10541363198e70521f96c2da7f85ad56de15b4c90f01aebbb76910a2a1240cb6424aef8db7ad185686cd63f5d1a419a5e4a55be8a6a5feb7a977b0bd25a23f540205a1cd98eb7cf40fd10
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: ad2b43eee27e6267d8c5c1c3d558a07dcd6b1f5f
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: 7ed8d60c67875030c8a20cbb5f71e22d1e5c3f93852a5bf953ae67cbb3a4d3c0b69bd9b43cf807b32dac4833e502fb377d67d2575a62e9f6dcc12c4df05c71802cfa5b6b3104d9526941bf1b48bd5e65710e15862b6c0dacc1decf5aa1980fce6cf99e0a
+TAG: 82dfffccefd195e0b64ed804149472b11158cc39b4f01f6cdc2b4b3ca53bbdbc2f2b1fc3a75bbfab6f349c809c5c775261bf88188db280c9611f9ce8aabd6d5517e56408ed5d6fde3a0d10b20af0cf684fd7b904535d124bbc3fd9a8fdd3a08c6fd7a8161bd0d1105d9da9002db95dd7eef295102cc45458b9af01dfc90d480ed40f425e657d1fd915e92b3598cee8d815b4358ceb1a7f79749071895730200ee3da95a40a2aa951478fa101aae1619bc8019dbe0059cfdd4968a719f960a11f73e76a9dba8c81017ae31d70301c24671191f13e9a84c6ba169e4609b750833a9eaf6b87312077f83e62dd6d79e1f2e7c18d3c603506875f2e6b1fbe540fe896e84ae227efe2f0193b4b9ed0c101c6dff09491f4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: 3dcddb1e4f49633e7b7bd36f4056d16c53be7f5e
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: 0bf6e04e00d7389a3f9bed220be14691df815190dc4038b802981bc5464ca4e98b94617b8ef1f05f3646d3731766e0b58f65df6c255128114c3ab1c2037da671bc995991ac70acb0045b4607e6f8ca51dc21692c22f3da6b326a248b2e0d9266b42e47b6cd
+TAG: 2cfcc48fa50220c001f814b46fcf19aa0465e49cf9935c61f3d52f1d6cce66c1a7d9a775deeff52b999a895f29ad25f2d1b7d881e7a4ce9a73b19a10a782d320ac0aaa84937fbfa74d95e0d9615cf1718a77cf8bf2e59716c65ee1667abdb850ec5a96f3144d2e35ce7e67ddd0388e90e70450b362ba5575bbe0b36b66bb889b59ee6eca1da0bf48297e32d4fcd3be55ae58c5909c1686ef666f29fe76eef53885e9e2bb6746da291569af7d2fbe1780faf03321e816980a10e89fd11eda9f8f3730a4f34890531890194610cce83a89caef779e83673538efa753f3d558b24469427daf7f1395031c998efb55a36a1a13d7c35995652e471ca22eef80221b923d39b93abeb5193f3e98683d3748167670b20e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: 25b982a242f669c013cab1c18da425330090e3cd
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: bb14650012537fd52f03bc6ec909cccf84694ff8109e802ca28b9caa2c992a65b9d11aaa29f24d45a0f0f38249675b1d036ca598c7e7bf77aa6e841800149f16453bac19b3d40bd494ac0113a5209a8f831e4b2ea8e99c32a52496c5c61988cabd4c5396c760
+TAG: dd942f26ea4e6fe44450ce4931bf947085253ac61a85a1434386770be82c57951e8f778b5beaba709d94b0c6d71cd29b12a8f173435617c72d9d50719ffe85f81475d7e54d05e8e882e9ad174c25c532c8c17c1c20985340957bda87fb0f99bd5107267d26a7d2f9f16b3de38761645395717224f96ce23a657420d164149862903cb91bbd887f8250a4a9b7eaad088c7a094a7c1d313b7561448a1ca223516433d0e7d9d0a3d28c26e1833e6baa5c309092803a8a1a034510b5833264d4e59a7d2cef2e4c19f9a90f3f02304fd202e54a246d02dc81d90f5ec7966758423a82a53350e8d5ae767eb5de1b73bad4bc55fba1d79efaffcd2ffd2471ba8dd85da35ebc2879cc07b200e8095da4b87d1f7d9e8f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: 9d7958e23777ff2472f5a24dea5fc19c151dd921
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: e21464474404e9d0d653d2e5214e332ee7691e12bed8f91627208c67da34033887369def4de497f2b7d39c0b0c9101bf25e7aa405a165ce0ad00f7bf311e19f6a45fdf5e13f6ea9b6007a5ebc584e0e68dba642f1d6427a6cf6f84147dfb3f3d589759a44247ef
+TAG: fa083f65f3b87f4ae6601498a4640410ab34ed18ff329ac22e14dbd511480063bee2d2fc2aa2b5d710aa22f8e2982b863f14fb815f85f8fc70da961695d2c39177d5833a07e26577708df2a984d504d139541636d87ac0aa773b8140bd90e9373b87ef9337e80fcca9afd4b533e49d8f878c41ea9a51105beac814c2b16a2cb7a47ebe228a509ed65a08392983f42aaeee6a1b4a9d0b498faf8580c4f4f681403b758692f4c32099080193b2e6aaf18590343b20fc84baedc245b8f0f9c90016738603c1fa2feda4482093d895825e1751fa4e1f767d8de6e192a155ec3e66ab85033c4b2e18387c72f58e21eccdd2fb05c4eec7d10234c6cdbb309a4f325b451ca3ac6e9303fa3339f4aecd94f8ec8d5c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: 09e9eab51bcb9faaa3bc3e473ff66b06e39653fa
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: 2d2b0233e9dba69ba134610eb54a852978727d62c1b219b8b2efb9342d675f0548847e340004db6ff5342941fa2169ba06a6e197a8abc7ee7a4e1470f0041e6b1aa25ed35c3a19c84493669557b56431089110ef4ec66b1fe45654c965f4bfc7cb834bbad485bcef
+TAG: 3626aa475924187edb74cb97a36fba693e52b980825e58c0a1509bfa40cef0b41a8e660404a00d738191d10ceea7cb761e3a75734ab226693f56d68ff405ae2fc2c2aac8988d954eb65dd0e86ac7fdbb208a4e99d4b3b17f6d1e8f347c540bc00132b6c3e9e2ad17b8afd7b1fb28bb1d120167713233132db4bed535c751de37d657178f6a5ff8968b9ae74410c0ff8015313eb3af8ffb57d771a6a03984a8509eab4d1c9dd39fc675192b47e46d22fe347d2e25dac07c1f7c26b17f3ffeecef8fb301a66c71fd582f5a6cbf045a107481cabf0298184704a52bcb4ff08fb351bb699e656b1a479de60591b0bee7c875e06f55ebd010b450e1b074c9d74795bafed4b7ebd5934281ad392875d0061e68
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: 7b17b7cb19107af8fc4671420e461060e2ef3e61
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: 245180810407934bb7ef6fbda3f64abd712a3959d0fa2502464c159ed70fab64a10f360f22dbaaeaf44d4bc926c1028675cd1c3a94ea951b1561c8cc449f0940c6766b67ec21f8c039f826afa423e7960bb4e2f7e71f8f660ab2bb24e2f3bdda5c070a3529d78b1cb7
+TAG: 502ba1aa764ed0da7a939f1aee2b6fddf982f99fa22b6f45cc755c8c283d91cadf163e9f22a69ebc2d4a3c61bd8f3c570f7e79068bf5e95c0e89a0644b6221d1e999ac49b95988fa9d060681950c032c48145be411149b6a5b3c3bde1b0908b63c8c8e52d1e36c50041bc59548e227f39185368b565e8aae6034c2aae006ccae61a6702d137618c0b41a8a4e5240008ca488074284c4cdf7ba323215b32bfe4ec726af4d15bf0a0ce9b474e41506824f3ed60db19aef83d83e612200532ac173f00398c8f2a5ed6e72c8d30e4cda5c05248d6fd2e5fcd095a5d1d7abc63027849c92ea911d4d5b788ff7edabd3a95fd6c1cb78eec290505ec9a1144c14963f700e28eb9da0e0c5d1eee0225bfdeeef
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 48586ad2eac603c136911b28e2c69f101a8ef371
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: 05fde16dc64641e35c07c0026eadb56dcfd233c5dda80544e58789fcd41539edaac9d47de790b3193d881e79fd79c117502e7cfd1a48e9a35d8fa3aeeca41457c46e5d9efd1950c1a756b5fd65c18b961d33a6d1256b92a6c6f339fe3522f2d4d9c44453f5ba66d2d0b3
+TAG: fee333cd5c24b3e53d6f4022c387c560eb4ec4574c520631d6473e8d184dc0828663211c464f65694144c62dd91037e9e303e6997273e17f1d364089ce48cdb0a01c7a19c0c10c83dc41c6954b60d5d21ca71b91667e40c0022ad66d2e095b3601b71aa08d5818728c088927dbc3da13c3c2a58d36e71943a3ed59e3f0141b02fdda4d20a9bbb8f8f6b9b9dfbab00f510dbe942e1defd78704be7f00460476189dc0c2522bd70c5d399da0ddb64891284060741bfdfd576facfe51119b8b9522b20ada5421f6c64413be1e812aade8c034d5ca0ce2e8b5abd30917b7213d5c04b4bf5e235590eae64870c001ef0312d45a9217c9dcc8ce6c69484c00df028df2a62c9e0d5b341250bdb6db585c33
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: c37456cfc543ba6e5848b9b8f4ac5a58a104b521
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: 8618242fa24c47146327575ab228f8fcd546c71db9d1183caacb5f5fb93deecbb242e8bd6faf60a39783dea659f95e5b201a0ed49abc556954fa373d1b839b4f01574c5b3505baa0f8846826aac8c12f40874761422570dd0ac01acc7d1cd3039940076d00d405ffe57913
+TAG: 271bddbbff5333b22cc39ae0b9ea9900e34e9005d6858ee9dd3bfa7a073fa7de3ecb28e6bd4abbac684a25afb2e19c488429c397711886c30a9657060ecd395da79ea077314e5b22bf7448b70f7c3a5132b75e46ce0711da9c38ebc9760a3facedcc469f7f227b0bc8674433d0d81d71d9a20f4d1a453afe62d6a0b37f324fb58d8a70cbaa7808ee4eb6ad5039e51c51698f94287cc7f476e30ba54043d7ceadc720ec13f15755eacc50f3dfdcc67b23a7135173ac1c726c7b65e939e9656871a5d30e9d2091cc8b102bd0c800332da884ed4ed7ea7ddc2d2f471e4a8389c0043214b99e8af524716bcb37cf82a8707ae13fa5fcb855bb003c99bc388f238b3bd0b51db5f1fe8e6b43a7ea299a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: fc113d192686652653a15887974eb1f9b8e32248
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: 3de7bd95f32d7bd6e263993e48d69eb4cd90f2995e437f1112707f96ece932b1aa317ac0b4abf88a8a90581b9118ceddb576c74c960d5e734eb157b90abdc61b90d485314ffe145a5603bc661bd9a09f4dde518b762ab6de54187baed5f23d6d27f528f66d080a1be66fa811
+TAG: 3c2759a67021bffbab4583101629b11486ce26bf8e5081371e2fc36a0a73a43968373874ffbeb4684f0ba4bbcaf4d27a344e77d898cfea20a4790f453fe15cf44586269fcb3c3101358c01ba604c29afd7cab72fbab16ddd134f986f8ce58bb9e8c282ba7603c8591cf223000230073698b40b28622cdafea8964f61e6710cded9530795ada08afcf1bba283f26b3ab408445429ff79b49a5e8bbc60e293074fe8bb5662e83c1d6a534af9604a4fc86481bd2ddb66606fc51da69e41f419fe99c2382a486fe941a684d36358ceed40e827545f9cf55cb854c02407eb04d7c9e9ea0b11c0fabc01551817e7e003f8e3b3d3db5b0b168dbfcbc98de8ad34a5a1431ee0132f95262695535ec6816cdd2a6440fb33c3
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: bb6e5b5be84ee383caac0378cb6f541726ecf61f
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: c48489e9166fd23fab715b3e4885b6af25fb48ca99baa15e767c8064256fb9b2259688377d7be9148fc471a89c66b848ff95f492b1670075e98a0547867293094d89a2d5d73b8d54da8fa465fdcf122caddd66311bddd54d645991a4f02708eddc30c51b5b22eab8645e2119fb
+TAG: d3e3d002bb6dcf09c63e08e7c80741796d19fcf9b7350b88c5bd7f785b0c69f5cd6d78becebbc53b0b89cefcf8debc61945bd6e34c8ec5b5759314f8128169cefcff220e80f8847eb8852348e5aca843ee4088371c411bc2cacd4b1bd73e3a9855047ab87551f79097ced9341935b262939e7dc5d7a835c4a6aead77a52471a669a0b6a4c99dd5672da39ceec57d01e33365c5f9d9db6ec97f5b4e0545ed294284cfdb41b81b8449cc181caf2ff5a1749d1acc2c3f435e5d8b698186ab6a6e23126a7a880898ce3cb7ad75ab4fd4ba40c05e77304972fbbff3cbb1412b0b7ecdbc495ae719aa5e1c4d17fb057b27eb51d1a50c1a61857ef88efb5c754a945614f6d9dc3259d5932fe1bfd30eea69150d613623
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: a27799fc2e00e7abec4c5939451a834c4606cf7a
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: 4fc30349e938933fbe87c1b071bb54ea2837c2bbc4ad4a59291fe5e190d25aeba4a14adf7a8968f87be1d68d3251259bf66b5413b4b4354e2f2e0574a3055b4c70e736ea139159599ba7f7c9028671c1bc4af858bf7a691429571743ec154f0a7cced1f23b748cc93cbefc234dd8
+TAG: dcb51409755c687cfe32d594a0351affd831a978b22d1ee70468ca3c034ef15e92b06edd903f128c6a1aa34a0b0a9d799063473c8a53075854b48af38f834ddd538cdc2f15038db8bb8ed175aa5889532fdc8e6e61a4dd2a67f9912f3f8995439c7f500214d038e6e167a566963dcd4e56f51b12929d494f9f520dac3e8bc0a0b7a6c5be098881a7d9365307a45e5bb7a8cab8a3971b3f8181bed642c9c0d10cd88146978d82d86024c719ddd9868497010abe14ef8c339cc49e4e743d6f454993e71d551cba457f172b27d9406ea9fbc0413606b02ab86e2e8654e55f5e9509067632a5c07cd30f5373554cbcb2ba552f98f5c0e6a5d588ded804885e7939b964252112b28143191f068fb1a466a1f13226
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: f30eaff92a640a397f98e6803623e8d1f0c1fea6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: 94579bb637b0368834f699b42ab802904e1d026cfb7e487b2568c482b849c1a7a1cb0707ac02ad9425fd9743553c69d2ddf543264e8d0220e98410e85c9b70a0b85143f01cdb0e0f53cadf34c5c00e7e8da23f1c1302ad8bcf17b765c19b9f9b9e0f67804cb92b4d6104985caa3656
+TAG: 9e3da50eca9da0692ce30210517e1bdfc10ff6f5230421148943fabfabdb5c8c0d3670e3caa4e109a6f07dd1fd7be37814b1a1a8af65c6ded32b3023fd5b422eb4d1b421e87552b38559fbbd3a511516e4c94c6f717e8895329d98a6b7ad0057177ee64ef837f3b41cf3cedf2537659d8d9f3d6515787ede245a6cdddee4c6cb793b88c298e8a5957c18cc509f76892825e9d48915da0d9baa82e2b1f804a40a6ad9d576c8c8790ef2cbb800405adfddd8fe3f646a5c19cfdadb399538173051fe361ec536397600f847f779039086635e52f9d7f8d9396d480ceeb8f62bfea1115aae28540fed0b1954ecadd6c16ac5258b25139564dd86e3c966566043c6d871e3859151b267256c02a5ca8530473ea3
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 7227537c0113a9f46f7d332a0b37ee5303483d00
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: d31d0051cc45826e4e89876c67af6b7e52e71aeed5e2c3254f81e26091ba702063718458cb798c268cb850bdf6f09581c685b496b2462649132e19d621311afbf5a6e88dd471566d937bbb2669b36f5ac015212ceef7ba61b8ace55f5860a1bc48c12709c5b08d5420f416a4ca3fbbad
+TAG: 7a5bf3d74ea3fde41ba65d954b164e675ec40200f2ff02d6b2cd26ecfbc51a31e8e7b2d681defdbf3928ade27ec4e87345c3a2955f20e7d96955a7653fbe0486d489307a75cd23ecac79133a781aed1644a69cf35ee51c0a3bb936a3cc49be699bc4d71fa8f6556412f73db40aa759ee10d2817156b7275934a7e4a8340ae578f175d7e96b068a0762a6c96ded4fce216290672f0fac667e75cc9556ee6463277085828354b9affb2a588e3129d54b35efba0616efaed3007b7e320fd8c7cb260ab9848c89c03e4332d47ecd10730cb3ebd6822aff3693b1a2095f8e364081b0c88a1591bf3785883e9cb85583dd3b05db81a9f468fd513cffb1c893c33539864c01b771a0ca8d5c7ed684bc9a555b8c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: d76570385cb65d30c3d636ff25c5efeb8d1ea08e
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d03
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: 29cd7e2276dc4170c3f73666ab4e87527758ec7324c9956629128cc2291d73e1894eddbdc234f9fdc70cd31cb4d76438e9e0f9f43c1788fada093c829aae078fbfb287609ee81e2e3b6e607245228842e001345c1624c4e40ee09042c7074cec076e2efe2dc58932dee704728ce57dda1d
+TAG: a56278ca93f23453e7705ff96cffb901b008e0a85064f6747eb0f179bc37f006f3b19ef0bc20ae87d41d87f23f83e9b942994112bc9deb76afe7634f0959f60218909eb9f87d89c5a4a465b9f71c2a79e2bd97ef266099f9f703749a828ad8c8c6792543de8b080d2ccf2ea4a44237181ce6d111ce2f1dd7658a5f32e8233d2083af5c6f77a0d865ab2f09eb8e5087abc3fcd6dabadf1951b7fc1715d64dd1791e4b2b98c45b645b15dbcefd2b556d9db387b082acbd0b1fc1cd91ba6fc672734172f620b9e5472c38c0f2f636416231253a401d76e908ced1a9a08d0cf0c154e6ea33ac7bd8b1db626dad3547e59c05a705e88a66a8c39b2313c6ff10ee4a1a4e491610d571aff4bd6ead07fcc43d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 170369666d1f2337b29b5f14af68d47910388e7b
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: f5f144041bd31817211edd73cae8b44c3a4b1d5be0b58c1e8e2d31cf0b2591de5b114eb4b7131e130c81c9dd7bcaf5d9dc62a0db2649bb62ac34c297d0bb2188511552d37fc90cdfd266ed262b5e1912c113c145ef0387852701b7f4d80b9ff970586243fc3440db58c06f2dbbc39b4d1568
+TAG: 7002ef6185526811fe8876682e2a02ae686d4a5ae9de7a4170688167a20145d4babbb6b442cb0653465550f0e01561ce93aa941c3f078a783a286b4596579deab08af3fa2e5f41b9e7f1daeb17184c4082f244bee7a73966ab7eec2c8e6d37bd03a477224422d44e56333e36bb8a407aa13dbfbb7b996eeb468ff4cd62de406e370499c9c880598503b8b996cfc24b368228f890295f919a1106cb0e32e282995744f171b8a00f1aef904ccf320d06b0d9a26d76343da893f506c9c6189165d26a439310144603af15713e485bf8292544239161069a236567630148b900946375e38fb9b37542767096136680ce3e926c862279087a89d511659f90f1683e1512487e90311ef04c83a6a0c46eab
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 7c52593d1d37b0dc380297231c6cb7b64e04c493
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb9
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: 4b735990123f86b6d35d5c64faf77b21b07ccd281649d3f70353b0515698c843c2fbc2ba7ea0700112990ca0c7c638be7f1f0e6f4a531ddfff6db4638c2f38df750ffd5ef23976fd56d79f1d882f6a5db8c107e6a76c2f74c3b72b14127504befe98541418987222f4620738e7ae67feba4480
+TAG: f15e0eebab83ce6db242365b526cc6556c3d3de2a6aa8fce72de3ec3931c2defd8da2400ad84cb489078cde12012ff2cbcd579572d9a4d05e839c14622b81a894d03c80de8c983ab7b1c28a49661d201a2b4b2f126d864e4f4d8b34305bc8b0bbf24494087b9f66e1a161d415729cf6e5894b0c2a1cef86443525d952a8ea369b61845b8db6afedd656f42c2e8213d83e37625b501c0470515390bb152ae81849b2a5fc91967b95240c65be58567bfcbdfbab19581181044ffd5c54aeaba46617dda655e8754f77efbdee94cd056b0bc9148bb40a67957a9b9e6ab46a54ba2afd488c2c52aabbf457b218bcffb119f3040a711eadc712aa5b5d194df0d32d1fcd58bebc808fb4f0113ce003f03
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 09a1659100052d13bebb4defd7f54f975a58ae2b
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95f
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: e405c8e15d95c848b303d4ecd4cb639414b88bb8fc0eaaf852b8ba40e0606371b0d7dab91e2421ef13a30d2fc692de8be33097724813b3a1c4506e7bfb763b829be71348921cf9e3bcba87c353ce81bb084a1c2f42725c2a87d26df143e18ae23189e10e2a6e60551f1d09e30042f63bef6b6e0c
+TAG: 4b4b1760eca2bce482c294c5862412b47f1b88e2320f68778adb653a35e17f5641bacfebfc604cb3487d9ce6a9b5061814ee2e4892b3bf51e6f5484c07a4f5175713fd214774192ebbb9224ee02d6ac2992922e4fb4543a6595ea80a9618d7a112aa2e4ab44a494b593a19deb25e49b32fa46b175abea83f6531c3c74b278ad4665c6e7b7a6f6fa7637072257d13d4bb051be67d61f37c62beec329848d3c5a716a385d3a22cac950ba3327d64b70ab95cc89791f37f4cf480e9ffe3297b7c42282f98f0df3faa971cecdffe549fdbd998cd6f0144180b6479336b4c6c1f52cef17c9b0a10bea8a03659f3b19333e731456cf50f9162254912d82e495c28c763c985dddf7d64d9597516497fb43622971d6b3f04
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 230c3353ccbd95e4f0acbbb0073053a0186f833d
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb0
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: de0509be5c03f3a780141456aa62bdda440a9caa1bb485cacf56a26b0706640235cd57e6f0875bd528860b6b6217d01def0eb0fa530448032aa42ee4f853301b85515931cf0829afca22494c87c90cdf76bf520db1e425f7366c45689c520bbd0d3ae022212ccddbcbdacdaacaa2512c5d5c3448fe
+TAG: aacec8473ebff95d9907cf57d2a3f95019bd670dd90cb238b8eebeb05d5d5564f1ab927b37123e53f9a0df3a5897b021fa45ea80d1fa3ac366fde6c533bd14e49f4e979d1901bc611a8599c7dbe9630eff1dd9a6eca68a4b0d76c8a9c4ed7f1a56cf8ee1dce0f171c6c7ebb6399a5bf64c6c82b42b26b7dc27a838fc5924df1dc95b8e7e8199e5381bb3624287880c92e24340a5140ec42bbea9b824568896316c78a1e0f568e430eea0577b798246d2a096962949d62536ce9c27daf62529c10495095c7dcfc4530b8d7c4769810203a7f743ff41629dece1a8315ff5da9656a1894a1a49ea0a7a559761459875792de2dccf7baaeb69697e1bc83e3537149024e09ec4eddd2523cbb3d13d8a042d75f95ee8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 701e141608e71005d32dd1e29cd068aea736c9dd
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: 3e94752703e605b1e18ade7f560525381b41b75c871add14d3190286f19267b75f44135e3c1cac10fd59c29c136b9f105dc503721e831f10bba87ac8ed1844892e1b0e4895a778b7f1be7f5cb76a04358ee28471c1b55f28e571e297d6b6eeb4634fd3c7593dceb363211a890fb44f61279ea663e1de
+TAG: 800badb3dd87e39ca3c17e9f2de759fab456bc6588dd96a440b59651b316be2083c46bdd670ddefeefde4fbb32028cc9210c67cc0435138b8e0148947012bd5815a06b8367f6967bc9ae319b0cfeca8cfc9e3906a12c25f55d279a127f95106bd435d63f6bab294479760bec3cf53202086b9888e2545604b1a2ace8b7840b59e3748c21e6baa48377287afb8e7221bcf0c85908dcde760fd8c289383141901abad9f61f69f38560096accef2d838e3c8277cb7895a323a6e28ff4e81175a2f0661c1b2ababe0ff21e0d03650557dd4e70b2c54c7b73f74e5c4b03f7e2e44fcf0014677c8024272529c2ba028cec909c14e80cd5d9e87ba5aeb73019c84954a1d056cfc59190aed89d741c9351dacc3a698c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 9aaf96b472ea76fd9ff4adf56dab5fe0400d18d6
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: 0d7cbbb8753fd2843d599d72bb2c05103eb7deb39a5407b711392fa1a4c45802eadf5fc25a746286ca9aa180134b1ca402e3d5199abbb46374748513bb6746efb19edce3ec5462d1519e8b1c9fc912df4ee7e94bb0b40061090db6ccb9280561f86d52566d7172b23e1571ed1bc2d648e6d5ce5eccc91b
+TAG: e1f9d58d0d0b915727a4c6c978f36a0b45c5bf9aa092bd84a855b09637fde207142d6c6427df3341d96e4e089677d1df815249c623e836eb3d64532e8a6861f06fe0c9a12f9b62b4f249076bc1e72712c6eb5c3386cc13eca38ab8af540e210d3ae3282eb8eaec0396397845d53a44f6ad352fbcea9688039c85c4e16d5ec2d85d5a3e11194258d4d819df6f02a1067155d79348a3e8f6ff0bae991fd012b9b07a7ff34474b4c22af7b4663b9b629919b1819e9fca96b805b5f1ebe11fc955c298e9b1ff91d883dceda10133752db7b72414ca7b38ecbebbe30189c5a2fb29eb84ae42f5162a90c7c45b82a26283cd5dd4051588019c14f946b62f892558439a758fe0e5ad41b929f06565ed4c038fa2eb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: ac6871d354eac507556770d8b6bf10b5240273ed
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: d93d6d42642cb56dd5a1e3b8d5913ef595a8d71fe4683afab5f8f6e3f1f87d08af1efa5257e2427a9e34041dde5deaaf6f0f808debb26b0f4f32860669879324369aadc41982a2abaea1c1c04146144d028b40be77e4f07ab6d5903f6d88aa7716748c3b158e5b2b387b0116a8a8ab1fa852c210b5cef20d
+TAG: 5ec2d60d0ace1a7de20afd27c436d478a1ab8f00e1ea78278742b1e3c1f44587070c5b3254ae7638322398f2562344e11efdc8ff68bcd5baf89e44189d8e8d5492819c3791e7be2d460b09ef92dbd696edb298b70d9acc8fea33ac85ee339e0c58c8ee78a5721c3fca9b6fc7696654f93fe64780a5b5aa7ad2fe4f4a715a6d09e8e46870056edc41641ec1fd8638308c0dac426cf5555281418179d3347d79cbcfd507bcced4e9ec25e27c191ad4e82f0e3386104ee5517ed7c8950e9a290f9c1705856edfc37786ff076e83d4eabc42299ed776c2a9319a2ecb94d8aea3a7195d354d7fa8b72a22a044f2150e6fcc7d4ac5adb23bf909e79773de782186b55374c2a8e39c3f38a7ac423812ff6cc138
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 050258d6ad6bec54f8bc48c7ba2d669d6416c11e
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: f6c220150aa1ab97883bcf382dbf137dfe3475efdcae422f889e095d386dcd0128a8079e245cc320b8d37bc2441bf1d65677f615d6e1b057537e14d000cad962b0ee4b89fa24a9ee064bcf49eb04bdfc5992f314bb700112c88a8b286d29e9978a0639ede9a54bb3600bc0bd999ee5e06bb34308b079d670c1
+TAG: f432253e6b7f7bcd0d6e57d9f550e90d5438ec1ba7976e324de42bc8134a31d46ba731af045f9c51dfb54357d9b711a7df76ecd0c14c8eb6a4013d1be08f13f3fafd69c9e8070eeaa4f5bc32d99609c9ff031f380ea82426021f14996c8869e2f507536be48809a69ee8406ba74af4278f0a26d11a874d38f2034ee8862a30aa68355bd3eda7ee0b641397528e33b473a36d93dd8b921bcf4b6a3a831af782f56bf1ad1be1d75492a45a83cf0d7795de267e3d6b7ebbc69a852ef64239db4c50f6523a8ada2a6698a1f7e3ee4693d16c2ffa36a19b8b7437242d43ae9196f03d8f1e97ec950648f4ff35922b371be5bdefa5c035a3516f556883195db970d4dd30959a1cf694be1dd0bce2c773dc88
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 70060f86c76e53512933c09deb5872eb23efad67
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d617
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: 421320a96a896967e82ce4e44ae903e234918bebe6e20176513c90983efb1eaf6768b44c49ce8f1f34210b7ac7d7874f37ab4f7f67bdeb6b46f1261f661f5dde53617f9cbba64c86e9ae14da95fb7466b06545e233417d0bd3caa448ac63a433140c939e4752410fd073dfde195d11d17861623834b64a3dda55
+TAG: b3d1c7a40a6efa20814d40b4ad3be4475cb1e33d773f28761dc92abb8fa071206c242b1d8708883c7b0dd380f5d850efe9c5c09577581492c123252b65a9c05c9cb474b2572ae77a619171a9c683c5ad919ae5f640382bfde9db318c4bb1ccdad251775472f8a380a6ff2769dbaa7af4134f964c3983d0ed222f2773bd34ea243a97e713efde86ee4cb9b7539ac8a648c61e1f553a74dc23903a9b47e2c2d82b484134c58fbeefc57f2fb0da54b8ef6cce1c8a5b4e878003e3a45ac1215ec30d9d6be6af230dda4ba55f1d2033af5f97f910af7997f4f8af16ccedf12707c00a1559d12845399fa06ec8dcd7f9e43eacdef1a8383e2e8b6b1cf57db924a6f109507033ba2c860ebf2dbdc47d71fe
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 58286fe273bf572a76a2725933dd969777c303c1
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: d426f1f4e5e9f77c9ce41b9e3078d1138d28428a0c81cace18a5c10c83ec1d9e6ded56404f7cebab2aec5f8c0849246c28c08ecc495202ba4e640117be1489c0c4e8c9b1dfd014e801423c3142c567e06d41378b18741b0e1f73c1663297da3a2391cdae02640328d528b03d536b8ab97d019e8e68fdc59903f98b
+TAG: 5dd4e5ca278c5b63d9fc7046f0e3f30742cbdce371d5dadb24dbe8b4237e7d1fc32ecc160415fe1a9e8654e2c8df0085bb8a8a761614218aa9c5987a6dac2d6bca48f26412173ff1b9687beb988242b622494b7ef8ab70b3922f7cd9b40628a7a6f42a494232bd90ab26862a2e89b49cfea034b26a9763e9f34c463175b6f838a4acaae95cef8af2edab85aeccf7a6c625166751d4219f44ae7112222f53ae89d87ed696c84c73c0001c6f0a377320b675a5a203623359a559ad7774ed9cea77c9ff706bce4f6ea9c837ccfc7c15138c563e019909e68088bbf6fb5344e955bfb99eeac2ab58d1a8581e0788699af2a77c7c7f8cda6141c2b844d9396e75eb810cd2cb014035eea7eae9c54751
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: ae701e5c8672dfaf728bf0f43f5e5247ea9ac13a
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e78
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: 7349da70e2f5ae86dd50aa94b568004abd84586d29d2ad5bd94f79ad4b63e402212a762ef5ff90e8cdbe1bf152b2162e6ae565e6737ef744a1d67bea09361a92fd29c1eb9eb802dd71279e0269042bf048c791628bba25c15650324ecce12c8a39b31885b915c3417c7612b9549dab0b0db7c99a4767e5add635e0fa
+TAG: 69c6ef3f04b8f79ef911e9636f6b01ce97ca3c71d31d9bb732f01f502102490ed003c7639c631bec7dfe5e69ade48eb82769b3ffd8feb85066849733716784f25a2dad8c2bcd8c1fef23055b090cad74d4794a2346adfe00c64997a940d08954daf7737daf17d71ea4f0eb09069e712ed70aeed0af037aee6fb494115abc548527bc695e2547811cc5e9a5618960994a86e4ce2b55f68eb1b85bdd35675f22911473b9c713b4c4ff3c021fee2d4ed0a305481161fcde8bfb3c69a083e33201d630d1b2c32692f43e3f1abd6d573211314028891fc842a00ba11f87c02d6f0c36b948f2f1519ea8c3d78ac97338f418e50a85d7af21114b099cd42cc09114f48371a6342913dc617253c43780da57ca95ceb5c1dc
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 4f498d0aa9205160827626ef80c163275eca1f78
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780a
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: ed719f396a0c720c91486127e58916f010692f6018646fda04b0321e70f3d5736ee3827743f541857fc2bb3c41497f03563540655a7ac43f69e62d876a31ebc3c14e24a432814aa4a448c44ac4b02624494f703bb171f6878236bbdf27be2f9fb651cd855564976b0e875e4ccfb42930422db234008ef6a25723c944f8
+TAG: e17447e2588894570bcd7913bb8141042b7dbccff24195f1e50c8795f7f3a03b1b1ed26b49f8f5cbfb0c2e493790d816fa33530265c256ef4675c2f0c5f1feedf3b384fa0f4419c33c60d840eeaa561745bd4bfbfeaebaf0218ae5f02bef51f5aecef98dd46f2d4c75ded4dac17ecdb0e6c615cd6758ed728f9f8bf3ff601c26091e83310b670f3d21495afe55b440f8aa2ed8a9a717b9f0191b173728443c2635bb4761158cc3d8691540ad7413213e7ba9bfc088ba9271e292e716041a2b6b05505519f4dafa07216204a037059048401ba3c7e7e0187ad0ce4c53b60547daa7623a9d4e61d62c4c8474ce13042f0ded541de3aafedba24fd579f78a328586f254643b6cdd1fa448d41a94f3d918a99559cf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 8c043825b2a3764e8a0cc35a011696fb3ed03c2b
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: d988f45c0ab83dc3674eeefdceeb7eb10b18efa791a39599404ea479d7c84579268013592599cf7f9e099d2283b841199d823529507fe8c30b7a66ed2c3e46e21116bfe53af3dbc978a1b556ee3dc464af5529ed974a8199cf7a4e4674aece3ffb8209d17d72ca7f7d25898d462b1436fe63fb0cce18794defe53dff51e4
+TAG: bec26441d062334a5454cc9f5a4f7c9afc1b333261ef7e731fdea9fbf53b100ef548ec9f17569310252ef812f416c44f70bcf50b0e79ae04030a16647db49c4df74f5b7a48f643d52eea0a3e6300d97aab984fd084f989c14f7a0a014c0bc6938a85dd29c6f71e2670141fe7426e12c06c09d5c86429a763965354a822872a3e08e89be61e6b033ecc514210316affa8fdeed9909d2c4e91810c2ddb9504dd9e17a5f26afab33a089884616c9955cf287f68ae43b8bc1f28e60bc910c117535a1ad845d1151e5e06507ea30d98f36037d8c0c497f3263a0ab503baac0b6d2a944271f4a07c76d51361b80c11a4d83bebaca1ac2920d6467202207e530f3380ad44c329288bed2aed8784e452b16f16d8b00a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: f3a432271c9be858725fd024071c4f479ca9a971
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d00d6172e780ab8b7
+NONCE: 
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: 7e8981283025150c549a20da52e5f63f59c885d13777f072714e47c01f15b3ec9125a7253e487f6a368b9c1e92005f4ae90140545c3c92d7be4cfa5e68b49f848f58664a7ea39c11c277f9b69bd0f70336def9668bcaa507d517cb2e390fa003917c4a35f303511a6eb79ca64c8059fa50d9ce9581fd1efd0c48b3bb39e282
+TAG: 17a8e2521babf39bc5896910696c7bb8f9bdd9435020f07a934b4889d7aad15224dd9ddd8b1c0281a54febea957d5e40186e91f41c207d6ee0267f8283adb7e4770930cd3b4f2fd81094fa1f8149e652b36176b72d34abd507af31b3ce8d28d652dd42555fba0b8126ab23649e6a247be5411fa5bdf27fd84427eca7e26babac3e9503f14f328445ec83f50e2ada2b4da59e347460e8513bad65e1762d8e9aaade5db0f7bf44e76334d2e15d6a7354f4478b504f05c4db1af8d33af589cc9e97f14032aa7e9d92101bc37f54e6adaa564111c9179984f286afdee74c90cb3d44ef4409fca335f10fa7642b9d90dc07447525e83a0fda15985ef904cac53e1101ad5043533f3d2c8a656de9b6b81931e286
 TAG_LEN: 20
 NO_SEAL: 01
 

crypto/cipher_extra/test/des_ede3_cbc_sha1_tls_tests.txt

@@ -42,14 +42,707 @@ TAG_LEN: 20
 NO_SEAL: 01
 FAILS: 01
 
-# Test with maximal padding.
-# DIGEST: c6105cc86e18eb8376c16ea37693db5c07b77137
-KEY: 8503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
-NONCE: 7e0cdd46be99371e
-IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c748
-AD: 1df3f4183aa23fd8d7efd8
-CT: 17944422f667bf1356c234189f9c6cf7af52b2832b2fbaa990ccef4e7f9bc3841e59e25c00e3686d5bd5c29f
-TAG: 3ebd1b0bee840e8a6e992421c62de5a8fda3a82f0af0de2c6be5f12937267befe9b421efafca4455b5af6174cb0e6f929031086aa7b85a073705fa3718a2a9b595e32a725ccb0b3328ea913edf6a42dad4c44585fbbb9a500b0c938c78d4fa17b2e52b479aba6921b376bec72ff6d66a5854180afedb8edb06c919016d19f252ab39d05c3c4f297038badb09ad7f23c88d5cdba7e793f1e4f2d107571eb9807efb3009187e1415e5d0d3c6110ff77f26da9605955843b9cc60875e60c3181ed0da4e5ad390e1d3c0fb942b618d1015716c4606030a40f0a554c4929764da415d773d386b3bb018a4ce72e85f28cfa3e08f0659464c0e0cf3215996c6a769894023e4fbd5377f387bd914c1d64db1ee5f88627b59
+# Test with maximal padding (0 mod 64).
+# DIGEST: ceb2d295bd0efd37c6c34dab1854c80e986174fc
+KEY: 37446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+NONCE: de39f4f03541a11b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba
+AD: 2fd6773e0d0c302a5f47e0
+CT: f2ab16ba87c52d066c0637d387b89d700a66828ef231b480f39aa08ac2447c8ddd205d1a95da37f267c06a1338532de890904f9f19c930adfb684e81cc06bdf2
+TAG: 3ff610fb9e208ff6ad58b78c5b2cf54b997eb3f24ac0171229ff7ee9cd5070de5a604f78b35b6cd25b3f2ab487847ca1e3928bf7f19bd19c9c9a1015dabd2de426fe57d342009ae4a2e67fdea378f24ec8dec1e87b62b6f70626bfd71f8d8d5e5c5b935a76527ee8a9a3094d635dc2b01a31dc4df336aa023517d7c35e142ccd6a79bc689e335f187a5358a00a7d4eb168cca3f9c6523ad4d74609a5b5c9e36db6bdf8464c4c8497c501084afa17557d070a7671c9144c86b4de9d57f033bc6b59a7f1f4e947b6a2d69c85877de731f6eb3db71d9f4c2dc086a3303bcbcd2f5b71643058b7ce08ef5879e0578ec81ced96ce907d4f32e67fd4cd269de9b60e09ff74bad6c86356ee297475ea7fe75d75
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (1 mod 64).
+# DIGEST: a07054c760cc66fc704edf950201005031f3faac
+KEY: 446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+NONCE: 39f4f03541a11be1
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2f
+AD: d6773e0d0c302a5f47e037
+CT: d7059edbabb5cfc2cd5c459abd74e136790aad50d988c6c9271428597617db171b89ab171a68b14f9d417bb81f9f7d2e2045aa47c0b5d166c8b2622bd914c4e752
+TAG: e3d17e303776640b3ab712f6068c44e0e3b5d375203a8b01ad47e6f4681011eff04a41d03ff073e61c630b5faacb744447226a35e7496204911ddd660792be62c5f34c918a0d8514872100c4637ca12bc9c13b1580aed10a68c9187377441bcdf213bf3aa72831f3498d990a7a5960e1e6795bb11e4c7910a881d76ac81320ae61b151b8dbde093bc9e56b8204463d8ec31dc32b3cad5cd8cb48b5f20e54c17469ce97c069051c8e4b2ae5dffc0c2651d868a9909187c2732056213e41e315e94d14a84a24a676155ba86ef0b96efee3e4765dfc750953dc9a7ed739422c7d988f290432320313848a2eb7723c7c85ca3590eb35e3058d0462ddaab0cd48730107d4031a216c6c2595d1ca0b3f1815
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (2 mod 64).
+# DIGEST: d059c266cf6233af730b7a229b19356a4c6fcf06
+KEY: 6f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+NONCE: f4f03541a11be112
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6
+AD: 773e0d0c302a5f47e03744
+CT: 8864e31c8b2ce1bcd1745671da5bd66e1e366b0af66b91f605574c841084a5df358483c7839e4456ae5a442930f21d4bde67578186a91c0a603468339ffbe3bfc607
+TAG: d8a0bcddd40964405ef006e0083e67a607b9f926e6508880d7784248a626d56a0673ff990920960fb307ed9cf40c2a1cc3b632b1f94aeb30efa02123e66165b77aa4be5e2aaba4c4a52372b403cae2f78a3bffc1cae8dc6f53839de7f16b8984304abc4a81ffe1ffb42799b54dc43ca0b963be6299a404fd4b3acf65939ac319966aae0a941c74135705092567e1237044c88f79b02b68ef622f9c776bbc04dbc2f58338c129f25afcd8cad7a0e91f30339457075b68df4960c003ef574e3aaae870787ae9ddab96495861388b341aa63ab2721abb176c4f2e6d5704cae123c20f1394d6a12d51fd5782dcb59d075775dfeb72df846995b87b1d374c0d0b8a003ba60f713ad777b8d6ad42c5e373
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (3 mod 64).
+# DIGEST: 8aac0687e33041fcc18da154b41f20a6af2bfb28
+KEY: 5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+NONCE: f03541a11be112a7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd677
+AD: 3e0d0c302a5f47e037446f
+CT: 1d239b3880e2261806ee770e7296d573d308d9850c8bd90a0764822faf5f65770f98f18ce4738538f03ad9b289bd5fa1367258f00d3ed91e32885bc45c30a240cad8c2
+TAG: dbeb6d1a1165a902128a27d7f55f4d928b56a3b83fa430d47bc4f935219fcc6005487f1ab14df0a07a270645d1c2fc23efc9866ec7e4427fe0382b75215c0f994f09c4ac54bf360f8ec938b02c17c4104127d2cb1eb51a11455180931b8e473838e5b1e61cf5cd05947a5b154be5df49905e6e7c049d00f065f680b0e5f3f4a7e9dad37d493f13c7ba318ca2bae086136d67b17a6ebf28b45cebcbfe115a45dfa32786a8b8354d51acf58bc126a13146e0ca509a26cc32c3e8ecf5b9d6ce76a9f76d674316c42f3140d5139304479376db2a167c65da7250e6fefc9d3b37a2072180ab3202f1fc7dd7f4598d1d976b15945fa73e1be07a91186ce7c16c4249d9f7287baafc572673925e95caba
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (4 mod 64).
+# DIGEST: 53658226c112b86438dd27b58a71f9e36fc73c1e
+KEY: 91d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+NONCE: 3541a11be112a729
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e
+AD: 0d0c302a5f47e037446f58
+CT: 719d9de3bc86d08510354817d0fb94340ab1ddeefdb95a1cf460f7c9b185837b5320dd862b4c319619a0b18dc75f1762cf7c9bed63713c31e39a6f7069563441b9e6f106
+TAG: 8b61062c9480ffa62f7b96e9f50249426d05bf237d25e2b676e0041d40ba97101843d9ebc978949eb7ba53b8989ed0e93e5b91f13365345baefa1d7f59b694f6ef0bef0adc1d6763978e12fe354e57b90127533f3f991ce611e31e88a97962f859ebbc0e50d130c323aff35581f1f45cb5c650299025a03d99026d6f6a844ed9d5fe66e15a9fca79726afdaa54c077d148d561ca9e77e427b8f8074714aaf8b011697524e4d91bbab69bc01c8346e9055d7269cf124b503f7ad38c384abfd91ca36159d8a41e6389212167278b830ea464f7dffc3e01c9807368d3457ad5f21b33bcb1afd41ab7d805c9ed2f2c32da9bd4b510366b362dd02f50666ab8e5a72486b3c0d6b9bafb38c9375dda42daef635a0007ef
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (5 mod 64).
+# DIGEST: 6b7d5268b0b5037afb5be5af6a0ceb34e7656ac4
+KEY: d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+NONCE: 41a11be112a72933
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d
+AD: 0c302a5f47e037446f5891
+CT: 9adce31c760d09ff911ed98eeb7146e82017261c8017d9a5fae1127479f6fb54d081cacc1ab7150f05d13547b992c1fe36a6e8e55ef1fa3bcc45bca495a981000a0c0b4f62
+TAG: 51d033e8003b06bf819a4f7978d75abec450c6b11a00bdf27f549f6060390ff99e0feb9509c6ac882777da699f5d5332d1b838a0436101574789ba485769ea6f4d73a10db775f06331140b218fa2ddad7fecf381fb9e3d26b06b3577bdf57e2a8435ba0e5b1e305ddf28070d1749d11ec5504cd9aa51ffe9133152ff35de21e4bbc3b109a318075d924bbaf0e267a1abd3d7afd2d3d8f4d951d4e96fa63741087a975eee8156b01fe566f7f6a309257c17a0bd9faae4c2781aae72eeab1903602b09b69026540a84b4786b8dce2a3e5ca26c65eb7b220dfad400cd236a4435d7fb1be60b9074f2f226e810d54abe7ec0cf10e7c465059720baf93915dda8a56d5a012a990d72408d2c9ab9b8dc813eb2f1caec
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (6 mod 64).
+# DIGEST: 63efe7af502231420ed5aecce9a28446b257828d
+KEY: 7df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+NONCE: a11be112a72933c7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c
+AD: 302a5f47e037446f5891d7
+CT: b81f6e678c5a08244a5f578970d64f96f50ad5b5724a9287ee7b293308db34e03456f1745f79c594ecc480fb2a9412bd685e6c0df028eda06aaa15c90afa4ec01736450e3eb8
+TAG: 63b849636c212d353918c6e3044d298da268ccf1042987617860b58eb7ec8314ccd7762ebc39b62c0f0f1c346c8f4bbcbf3bd0134c0a7374de1868b08ba013398d8e4b578bb8d7359f2cff1629ede34da00138efa4a724d892fe4ed2b28613e66e0bb4830f66c14dccbf8656e615d66f267182662fee8a3e1fcde0941793f0bf2b00d6ab6e9fcb30553b620cf8e9e0a15f122808d739e698f88aa157baba12428541e928ed556517978f6c9f29c6ae8fe5b4e9ed6f0ce49351ac2a63e74bda9288a874a7fd5327c6856596a3271039dcf54affbaf29a5556f1fe1062279d2600b920f4e26c96e9e8fa696c521f60e9418975befa58ad564e730d1de312ca1b999a5e89b813743b1512659d809078243170ab
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (7 mod 64).
+# DIGEST: 1a555c300a1d1bd5b03cdd6bf2a678621624eb05
+KEY: f660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+NONCE: 1be112a72933c7b5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c30
+AD: 2a5f47e037446f5891d77d
+CT: 6b6f94bc2326760d257d8156de961acac0b32d7f4d0e20363532e76ce76641ba66a1aa7945b9ee58527039cf83fcb01d8ef85254566947347463e161ec8cdec74a839637288d09
+TAG: 77b18bca8ed1d056d9c974054598216bc15bae5b7d70f3bbe32b3deb92398b0ce25a1efc5eb6782fa5fbcdbb415ef43eca090fcad4d34d53b1fd89cdd760e6424715c7703c51e08b72cb3e3b8a30bff159d5126f1473f216d5c931ae03703d3baf311a59d7ef3d6db123f3e8c0ca26fd3f8809ca63265d2fac935bec32631af43626ed1ee9785c81d7bd0cbc0c5178e1ca7de5d12c3592a7880be6590072c4728b2afa1eaaeecdf7cadd8304c2d4b614af7af14efa00dda595be92de09c74b39df05d7d023db721f86992c57061a264dead21e24fa47816f43b77b8ccccde44bfc32a015134a2cfaf04c582fb839202b08b81543ea9358d5735e7c197762a6a39936e26de58690a02dfc273e6779e77708
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (8 mod 64).
+# DIGEST: de9156349b578f2f44945ec6a676a67a829daea1
+KEY: 60ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+NONCE: e112a72933c7b54e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a
+AD: 5f47e037446f5891d77df6
+CT: 8f211be563f98f493745cca0e385e5b0113027efe3b0a880805427e363014323c4f6c7e6b30d2466c70ed56d63157f2c4f6dabe14d5a22c6c708ab3fb667a6c64ce5c8de22f5261b
+TAG: e5807ffa59e0005c9dd7eef0b854ee1b2cfccef9977f8a963167cc563d844f795c4ce4f9d03da95e4cfd2fc80c9efb6424df8cd3b7875a6ca129da8f509ab09d1f0eec0211e0ffe5492913fb688796a29a8eac54f374e8948991059f6e73a68eba75a892b3e2ed5ab9680eb0b308b07337e75ad5b406c260af5d27955aa820bd0435549700e960e66c211000885e19b804579acfa8c526603f8d743491d916fd4d0e250159e485a4db2fea39a8eb9443516518e6612aae97b1d9b7ac48066d5fbe2c1be3b2e20233a2fb4d39052ef4ca3bfc47e561aaac9c57a7dbff922d6d997821f6b09bf3b4c91bc6162b150e17bfa2544f93f2bebcb4d20322bf0357fdffeec8f75679e6627b4ffbf8e0bfee63c8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (9 mod 64).
+# DIGEST: 12812df3aa7f3bbc899f6f248f5590e02570c292
+KEY: ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be1
+NONCE: 12a72933c7b54ed4
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f
+AD: 47e037446f5891d77df660
+CT: eeb6afcfd2626da1230067ed9938f7df35e99d2ba1c91d0e91c3db53034a3dd2ce3352b06e3d1b9e8415ef4ced9b2257eb05bc86db8204a8bd943bde51423a09459fecd528faccb646
+TAG: a69c7d8db2c021284e73b3c07620022eb6f199509e34611ed671c3558ae7c103c78024d96c00c791f3450d1e0338598a246855811af4cc9ae1a6522487a4a77b57b58ce29038ab0a2036404eae59133512b9ea40e2d7176e1b36965a27ee2c898d6514872bec952a029d9d85bfb0c99d8b348db6a3bbfedb6d1a3128664c454b9ef29f075fecc469f233e18567fe16759b378600a1d71504231e6caee5688e9858e14fe6fe850d95d7c010865781f0457a22f53add7ef57071c7153d312ca303e4884b83c9acfe86686517d80ce271c148cf3ab6464a9751b66ac7682a5f885ad9301a5602c099e89977f06b41badd1c2ea1f7027a38b749e2ca1a3ff4e4889e6dbd3674a52c8e24d2c76f64a6bc77
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (10 mod 64).
+# DIGEST: f3c89f21c327fca4aa400fabea9e39780378e901
+KEY: 82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112
+NONCE: a72933c7b54ed4fa
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47
+AD: e037446f5891d77df660ed
+CT: e1eb2175bfee27951357b7536e2c3a4c607bf511d1922f6cce462fdf98de9dfbbea66d38884c270e29d08c5ace1d6bb7bcd2b46eaffc67a99e225927421a9894238cefa73bdb48694abf
+TAG: fc1d8ef98aa65ba8a288ca04990bfb373071633eb1e8f30847d3c19ebef66962cce12d015b045e10c9e0aa7f275137e00cb2c9a0508c0187827a74faca4bcd015620f1cdd8f72161bebbb8231ad4b705d1982db6f9fa1d2303c429469737a3141adf729729144f55223df1fb45705fb15adb5cd03c2936674a47d7f6aa5d2a4d9a017e57a4f5dd954504abb588866457730304878ca322f776e3c8e7becb8437002bc757d5b34b16d04ae4710553a624a3fca8866fb3d20672d6f4a2f937edecd58e68b7b0a8c39819ab48788956c1f3f5f4a15e7d13350090a20c61620c9181f03b4d68d7e4f336cb7e4a1a277df5101511150dd39fb43a84cfc480fd548035c8e9ec26602dd66d250fce39dfd8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (11 mod 64).
+# DIGEST: e8e41988fad6c8b44c56544964cfe0a347b35b1e
+KEY: 933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a7
+NONCE: 2933c7b54ed4fad0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e0
+AD: 37446f5891d77df660ed82
+CT: a799c4a6590a4c48735d1da9746e5441cb11b664daada5d4d68d3a0110c4ad8d5e96d7331d5f7a0d1df9af5da4208065b6bf31affdfcd4944e8ed55b0ba7b7911be1a9052fbd93d5fbe292
+TAG: 6a6e5ced88748f87682759b554d9685280e094e083d297dc5fd474c4a2605612b2f8b1c31dea24d58c25bcacfbf03b8b09dc662d6e1120868ae9a0f1dbd2799756136c2a26a22e3a61a0216e76e94393534586e1a59c570d8bdb37d5ee6d0762e60c7171fc7953e59d74b0f2ff4a061d27a7baa8ed138c51264b356d9a42b0768bca1c1c458acdc82bd621031e2ae7790596594d2f6eda2c8d58d4b53cf6990434da8aa9e9eafec648d52233e9b92994ca5cbc071dceeed57b02e36f93f8d22551660cc4c1e425aa77dcda3bf6c98bff7905becc075e1707e37453de8f300be5aabc96c1051fa46c796a2c8367a00af3c4dccc58bb7dc8aa2e21e0886eceb898080bbc7259648f2be9da0f1b56
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (12 mod 64).
+# DIGEST: d1c7b2c04dc25fe7b742a1d659aec20e1475ee4f
+KEY: 3f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a729
+NONCE: 33c7b54ed4fad0be
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037
+AD: 446f5891d77df660ed8293
+CT: 2b8ac97f05a67490bf16bc64381e9c49e7f348212d0645056ca5405e9e0a248b6918568481ceca70e20ae4b7c1f62700a2954188793b34504fa86decc73f667e5fae944211059dfa94ef072e
+TAG: 5f91838f37198290b43fc04a186db6a05261ea9916a1dd6450604ed8a7d0bb59751f6637f593ef1a7e3aab6421b7a0cc6b5b47477d36bf439806dd8156e2bc2e229bcbaed9a3beedfa383d674d3b91922e6248d1aa8ad62361a4bdcfd3d86daeb6d775a521916ecefa2244aefbb0cfc0ede1b1c0e0059a4d69850160d2f4f662ea2b77fb074a6de69feab87bb56f27edc3a42037a041007f0a08d204cbad0a9047f7798dad51e5c04126519b53772ad4f3017f9d9fe91920aa7585a5f2d95e7a8fe5c7b22fc696be10e308f939c34e52b7bc2e71b06a56e3ffa5a0ed529eaf5a8c4b6857b1f144f51fc8bbc858c88ede7ca325d231b34e4ae0e7ac8fec3e8f6a9bbc6f8975fec1e877f0d05046c3fd7a0e15ebb3
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (13 mod 64).
+# DIGEST: 116e20ff1e79e0af464d473b1e7c187f4dd66007
+KEY: 62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933
+NONCE: c7b54ed4fad0be90
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e03744
+AD: 6f5891d77df660ed82933f
+CT: 783a362232c871213daa72d58658aee2ceb4de66198df21e227326010be056d5c4d2481ffead6c80733603b132b256d1c52d64eb8b700d614dca0adeacc0c7a05d1a64ee7b5c8163d1eae17fdd
+TAG: ba611208a3cc40e2cc638c335fd508441aaa15c612a5100c960543d2ceef9709bbb3e70904f3f2efac3112fc61bdfe7accfb5f0e9d640812a4f5b0676d95b1d5298eddc97ce3aa16ee761491e9f424af39119c9f56322b10e8575697bc93d1f6a63007ae085bd20c83fc32a5d4e59ce8840f75b8c52f6aeda4fc34f11301d64e058b39ff765e1ec9997ec51aeb43b35cba9ad4b020e7dcee79ad532b897faee018dae1231ceafa1a5fca1ff1a01f863580c9c07b13354e31b0067a2fb16477150ab6d027fe88276767ebb46b1029c7d6dcacbf418f10d932dea2ea161ff8a4f6d79e0bdbf0a67227d5c9100a45fde25e2d4e360c0c0942e9ce13b570b5ea149dfe422fea36251e226b3f7eb709ed7c7339aaff
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (14 mod 64).
+# DIGEST: c081d0d09b2c9eb39a372ef4a7b0246a0956b0f9
+KEY: be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7
+NONCE: b54ed4fad0be905d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f
+AD: 5891d77df660ed82933f62
+CT: 894d8fc70288c7b8a5d12e63ed6e6e8c74b8d9837720762ccc519a42e024ee05e8f770180e5213a7c7ceac56cab05834d49847aa1432fcfad8286e092feddd421b33212e41716b3db5358903c11e
+TAG: c00612f3ee6619c87aa5c7958da77fdac74ea2ad1af9115fd003edc7bdb36f639dc2d89668f6c2440827a1e7bdb65acd172be229f8852d4b81d1d2ee1e167ff127fed768d0a6eb822c2fd88e733a0884f06e47d5f3a7e84e7f20d8b630c8e748a03f2eb807f3d6bf67d3f93ec97f22a3bfc477143f9e34049fd9143ad5e480bf538464fa847a5302e6d9ec3710122fe6c295191906d98d69e01e81a79de0538442a76a17fea214c74bec28c01370a0aed01e1a32a629857f5d48c3275b79a25d3fe549829e5d72d9d26c2e07fe133e214e40dfba4cd19ddccb01a6887bfba26db80b40eaee435a7619415af7be271739dc339fbe4a500db56613498b34c2b1f9dfbea13aff30c84fd1380ecd821b57cb3775
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (15 mod 64).
+# DIGEST: 6f7bb1f9e2772eb909c315e653e4737cfed78a18
+KEY: 8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b5
+NONCE: 4ed4fad0be905d41
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f58
+AD: 91d77df660ed82933f62be
+CT: e5d56aea96fb40312e288074a21691ed29f17a547529d2427e8bcd5024e617411c08999a8a514adc83a14fe27c51b0f7d44f684fc60274c009274ff9af14d4b1277cc03453e02c0ceb26c796432f0d
+TAG: 07cea5df6c6594985f9af65319e2fcb1882f6d1d66fae0ab595ee72dc4a1118a7ef8ea450209809349b41664ee21afcb053e8edfa53bb1e66d9aefde4c48c6ff5b5e411c1228cbf5c1021d605311a20bd6708aa004d7da8bf72ddce1cbc9a12100969131d596cca0fe61c82208d0848ae0d098036a07600cc4b443e344b06d3162c8ebe14850239f77d178152fee009b1bd81a68bbf632082f9a62dbe60a1ba579077842c713ab4d5619b7abb15eb8fd3b1ee1506fe8df31bc90a63eeeefc0f23ab5ec83f4a1e9fa8833f15c90d6b68615ce297b466d5d67a87ac9fb10a2ffba5a91d31d1b18aaee8c00ff1a8b8df9584a33e946e85d8c6a6c8719421b75a8a56f964725abb4a4be790acbd60efde68671
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (16 mod 64).
+# DIGEST: 172f4992e692a88f49628e5d3937959be01aed2e
+KEY: c55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54e
+NONCE: d4fad0be905d4120
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891
+AD: d77df660ed82933f62be8d
+CT: 7923c66ac88a9d3a2c9d9e714d491372caea0658b4e5692a7df8da934dce8525d0974848545ce89a44a735eedb22f18b5b8f1455c0aeedea9cb8f5c0bb51addd065a83c4e825ff3993ff58cf0af7577b
+TAG: 06b8d51726fe8d46fce9a59b084c3924c4aa9575d3b3f9b9e31a098c2c0475e460a89639863652164b724927ef13d2c52faeba797d38ddcb9274dfc6478c06626ec55954ce17df075f0b089ef155daf416980039458b7979afeefe9fa3e365ca19637b05cd17987e25f20e62031c32d441a102c22efb3660e4e3c13800acbfba0e7dc99175e35338b87ebb56d09a3b4bca72774d87e9cf92ce8e66917835c765129c8946c7f42ad8acd9afc22acc44a89dbebf6f4b2a55c139312559e2aaf6115aa617ce07cb2a63c66cbaeeeb5c95ce617928f93031f6dcbd3ee30a6fcd4cd9606695b690d95fb8d126c4962f49f11910a6e9daa2227f46a249819074a06cb5ffd449bd5744f9d9c70dc14475fd4b9a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (17 mod 64).
+# DIGEST: 00133da1f7c63fd5f0eec364e9a359be02c1d3da
+KEY: 5b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4
+NONCE: fad0be905d41203f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d7
+AD: 7df660ed82933f62be8dc5
+CT: e0b671d572a26f0553cdeca68a4d023615570ed0e9414e5783691fb6d1c2bc30bb4a7590d3138972345f3a55f2f90fdc8ad46555d41968a00a6462c2bc0931a18df5480e48cfcfcc00078314cabe0e44ce
+TAG: d01f174c6f726b83162a8a0734e1b1e9e9498fa067454e3a488cee1a04703987d5ce9a219b4ba168a809a181d6a291eae84f91705fc0701166400f24775bf5816a67ea6f011829ca07ef1aec6ac3b7ba0576c26b557b00fb76e84b6e633c48b8c425678ae12c922a7af7ce0484861efccf958ed418e2658b03b5c978fe624b16428c41a2a7ee1cc07c9d730b689cf92f2041b5e68908fc93d8221821106d73363e2d53df824a82841be5bdc0668c5b8759a1e79e193dac2e55e4cc083569fa727b952a45e71840fc330977e072457de678d3f3694e429131e25efd339421094512755604e1ec84efdb52259f6e8284bb7ebdf229cd3e4f1abfd6498e3b493b21184f8a42ba31f4f22dbeacbb1d977d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (18 mod 64).
+# DIGEST: 60a6821269be6c5b985576b245f106128eb0b325
+KEY: 436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fa
+NONCE: d0be905d41203f5d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77d
+AD: f660ed82933f62be8dc55b
+CT: aa02a8b8deeb507cd2b2ee187af85b5afa85583c258df91df9cf5307316d03b5d8aad0441bacc27c4cb26c56239423f8e46746978c0edd3c21018f6b9a1c39278f71b462c6da999a6f4d9513a47cd7986c88
+TAG: 5cea96fc3da1457f7e66f324a3c634829a6382fb75efc614bf944cafda4c9cde5bf3118838487401497849d59f895d761b8b0da9f339123aeab5b237edd48d6c1ab4120da7769a7f8510bfca3d7313f0f38dc6c34fea81f60dd3e421afef2d9a61e6b0d7be96b357f1a293fe5c21d4ee858725a4c088f49a24930d846d2c0fad98002fa66a618367425cbae16fe570f3058fcfa2544f1d085ddbc6226e35c4355c916660f7f8fef4f5ab705c93b5182269adb8a4eeff4e62ee278c0588b96043f1ad24ca39a7ad458f541101e1d6cef99d742e2e4a124e4f3a57986d0192537d956231f4e49f5a87f5b7f5a4cdae6cc647b90177dc4d81232c62bad3d99036812f84b3208ed2edb8058f4973abd7
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (19 mod 64).
+# DIGEST: e2593f3b6741a9ed9fa188fc06efd057556ee624
+KEY: 6965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0
+NONCE: be905d41203f5dce
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df6
+AD: 60ed82933f62be8dc55b43
+CT: 8b397fb4fa218359120058dbd145f4bd99def7e5e0a88249783128801b3828909ea19d9f5fb0f3e15ebd624fc32525796ccf9ec01b1da3acc6dec2a9306c57db4eeeeef4830575fd8166c13c23664d4df4cbac
+TAG: fe141cebcd20919976fe53fa1a9e186db43122704ac5dcfd23abc2da394907a9da4011bf32a3948b0ae848d6d010024c6f37191f6fe5cdc46430b915a9c5cc80329ab5d32797fc97bf3ca270d8b35c14e3091c99ca3947492613d183845ea5b80619d20c38434261dab80d4068449a0880eadc55f0b43cc344a875adfd23020b6e63c3015c887ef52c72750c09f60c7bc0dc29ac7a6494bf9771c4aa931aa440ad400c1cdff8f3d1bc4173977128d1eb57731e4b69d3e6d4715dc5d2a9cfdc2afeabf3513b3e3c107a83ac48f511750f887f59b10f40e8f2d197832dbb1febb82c29627232e3793c8a72d7033c86cf99fb54dd2e3ce099d4fdb50a63b06d5f595d5bf59474cb190245a36095bd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (20 mod 64).
+# DIGEST: 17450a437efe239e1858ac4062f34024305372be
+KEY: 65aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be
+NONCE: 905d41203f5dce99
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660
+AD: ed82933f62be8dc55b4369
+CT: 24e568a27d8bce547f628bfa545c4b7ccffce40f73b5abd6e1b60d5efca7cd6d5feda872e172f64d9193d3d2d3381efb52c05f98d3e1fb689fb05d7017654eb57346f1b3dee23b0f166e50531626582115af7cf0
+TAG: 4dae8797b02d7f1d8dc42b10f18973c094880a10207d9479aa8252df66e855a7a4f6e7286ffda82820f510e8fcae2e08349b9ab46da4d31a7b537484589ec70077fa9a68311eafbc03e3538dcc66ac967e1b992ff38afd452ecc033ad86503a0c7bcd9327d4b4e9dfb90600725cb82c4bc2363aa88d436b161003fa42ccd464456fc057a72281ae050315ebbcf8555be995dd37737da005998569caa83c0af4819df86195e6ea95a343d9f91329bd059d393827f8c1a6c9ac173e3cda42c1bc85114aa750f9d3af3a889b736c9c608c85201fed8f31a9596110c452119ed1780dd610d8d8ab30725aeb07e168016a9508a31a35de30ee16508a481f00b9342847e4793a44831d92d92ac504d5dee049440506bfb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (21 mod 64).
+# DIGEST: a35fc7d25f90dd9cbd35910d5532aca8aba88b29
+KEY: aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be90
+NONCE: 5d41203f5dce998f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed
+AD: 82933f62be8dc55b436965
+CT: 5e91bdcdc26c9100265ed7c6f029a1aa46ea6807340a161cdd07d21bf6bf7181eee02d939fd95aaf343eac9f629e01a665dbb40392e95da6d00839e3f9b412229bc48d9b289b8e91fb2705a0d3ab85aafb130e3e8d
+TAG: 6c57ffa542b745e2313b7c92ca3350ded6fbc529715a5a43615f0cd8922ce27560c2e28222b37b0cad173572ae81a0af45502b7b7194691dead0aa46643bfe9f0b3538f76ae07b540e1bcf43f781c72df95d89512a6024598e734e16cdd8f246b810d5043c34d400c77db515cda8a3c9be9012b21bf2ca6be2de9aac8ddd11fb026e7e3b4a96af04fea4407599db8e37676eed4831eb66c1a6177b70c3e14295d623ede8b119a43f4c25cab2f203788e7a64a07c59ed205080e256d28b40249adb08d116c86bd1c325aefc73e1b6197f8d5cdf71730bc83d1c1edfb92492e8452cbe98fb873d5ee5779bff94ee9531f70a62f01e96d8069ca5f7345f7e6f67235dab750addf54df5e71302e4423dec5d0d5340
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (22 mod 64).
+# DIGEST: 73eff0f03358879f900b6ebd515f0f4e5a6929e4
+KEY: be477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d
+NONCE: 41203f5dce998f8f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82
+AD: 933f62be8dc55b436965aa
+CT: 140efb950a30f6be51a219c49b6601b035efddd7a3cd304d3bd79e13515a4fbc7a2bcb086e82fb035c7ffc2358982c6dfe6b266304e51a6212635ae6f4d498293c276b53e42f62ddc2fe50272e6120ca41c001f443dc
+TAG: a397170ad51432a18accf22c04b831ac81c72d8eaea23682cf8ce6e201f454bc99cecec1a220b7fc24087d040d43d1313022f890e55e3bdd37b67f4b7d50e73df88a862ce10b8fd4383ae560e1d04da0d9505570ab151219ba8ba46e1d5ccd35b3ef4eb621be54598debb136df86307a0bdcafa1d3f6219fdd60feb80709a2b4cee6e0a642bc6a0ac6eccc95405e9c55e0782eb07e2717d784982f81555d49eeb81ba1a3e03bb98df0e79e62acf23c06945e85188dd61b270dbc1d146bfe4368dbbf33db9597837fbb9cfe9f17efe470a6a14f304e616fecd358cfdb5af11b4db71d94986fb322f692c18721d68298367fa840a0bf29643b0d48f74ced1d9958e7fd1542d17bc645b707c6cee2b8e7a00d13
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (23 mod 64).
+# DIGEST: dd6cea270655225cb4f4231f54c19eaaa146eac5
+KEY: 477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41
+NONCE: 203f5dce998f8fb2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed8293
+AD: 3f62be8dc55b436965aabe
+CT: c06d04e3216e4752d83464251209990997de6c38136a51eeff0a1a109744f99f9664ddb5a230099e8af3d6ed85e1e45d7c4f955cb4a7cc3f24997b3427581de167c2c3cd7c4664d988cf6c6abca2f6b3899434398694b5
+TAG: 26290ea8be2aceb775fc57dda96b423a9cc6b141e4d48f530ad42eb0efd03305256b52540e2b7fe82d0bd0d614d84ff97d56a3d74b87a075aef3f2887577ed2d8b09273ab21ee8244f56ac0e404d5c8e84aeb43a97dbc1c4aacd35836e049e65c9c1c8763d773649e21ba91a72434e94355a7f33c0638adb178037c1305c8b66c28424217c5f8712985e0918212b69478f1c64f2e15fd1150ee02fe508e6b4500b8a1ef796b4514b43eb8ac575b0e393469cd79648ef568b42a253f518da6b40667d65fdbfa5742854eae18127eaecc690c4f0a5aa861e02a761625dd42bfff6fa034b012837f38f75ec685a887fd36c0cf9b183b1b47a22cb7313b9441fbb2f03d4ef74073838801a465d2046fcb8da31
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (24 mod 64).
+# DIGEST: 34dd9bf0ce19eff890ecad474388779f63b0af70
+KEY: 7e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d4120
+NONCE: 3f5dce998f8fb2ea
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f
+AD: 62be8dc55b436965aabe47
+CT: f64f633af5421e2b8d343b52642ee5448527831821d39220eace1ee48eef879efe49679f13a9c7594f16511427d3b5eacc8ccdc597d72ad37f5ae1a9bda42cd690ded3eba9a6fe3bf1f36f480805351df8daf2d92fb90d18
+TAG: 6c1c5ee308c4a212efc9fbda5ce9da172fc75acf889b34506111272b1e9cac72722d0f6d6c7d04282ed902ad23e77c6f5f43e65e51fbfe45887fef73035287119f57a813d4d1bb0fa785ce394c3517dbb3ea88118c1b7947e5e211dbea161388d78acb0d089a44989d566181554e0122db86acdb36b128b30effc405fd65e685b66d322bce2edb08d92f7eef94e849bb6c43c882a912528a49e59a39056c0aee7fbbf3687218e84e9d6094582dde5c67138da65b3d821cf959e88bba7823fbb26e8e5fd95cb64cc868dbb5dad55bf21c09192cde9176cbfd08d782efa5fe6b9c683f4051a93ee345fb31260e26d14f9046abca30f2a40c7d690dc49d07cbe5381eede0421b57edf0d313c27442ba572c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (25 mod 64).
+# DIGEST: 7db8cfbd3b29f96d752346eeda3c2bb0bd070099
+KEY: 0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f
+NONCE: 5dce998f8fb2eaad
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62
+AD: be8dc55b436965aabe477e
+CT: b4f47d4cfd61b38f87abb714da89e4e23d37f155110311947ab5977c77cdd5f6605a2950374cca97219686684dbb0610a750c04f2c208572d55c72f1fc90a6e194b387744f94bae4a24e7323c0109141c2a4b3550a6c00f227
+TAG: 345e27a55a67cd68c3f26b7d7ece71ceee4523c763f8576a6763143013cee6a643306e2c35dd3d0743e9bfac035152a9a70ff7fe87b9b08e2708dac277deb2508115a9bc89a989a4f4b1f81d301154b4e243d032258c683459a7bf4358987c0b8a305e3bb2a16fee9d9eab8e4fec270734d76384319f7ea05d6f2263b43b0e65dc372bbebae760441ecd7395b0683ca08c7062faaae20cc598bdd055530f51e27029b0fddf4540e6d66008f76215fc39ca3a70a48de734c227b4e4d9ed31926125ede1d74f7d6122332666a937448895ed74e5d3949103d61dfb81e8d1b814b8051796eb8498d13f16c8a0e0818fe24e396f8b815163fd0b422f97a696458b8c9b603e714ed08742c38a0a6af3a565
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (26 mod 64).
+# DIGEST: 4abaa8453e8cfdefd918571a961d8351754ad5b4
+KEY: dd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5d
+NONCE: ce998f8fb2eaad40
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be
+AD: 8dc55b436965aabe477e0c
+CT: 2de7b7a26fa9d1b0d301f9bfcc0772b0a683ad5a1392bc38f495fd88a44a648cb4136d63ccbfc994f5147cdd88a40d813ad4cf7c95db148871433d23f296f2c0edf698329c760b76f4c5eaf2a5b620c482494de0128c9e5d2237
+TAG: efe95b7e557cc8c83b35c5df397497e25369e5063d674610696c9b0f083f44ddb22497522a3968da01a4bb3f8e626931643c0a98027be8f3e64d1f876aea2dd346936dc53eff94a1eac45719ca038cc1b83bef54585aadb335dc415c7a28c4918b21a21a32ec5fb16ed7fa7ba160f52c7ce2b323239293c2728046db15cdfc67cb666267b8471da3bf7e78794e5c77b5d49d711355b4f465b7c06f44c8597c34bf8fc5d837964775074f6dbbbd4c3addb7e7d2fd78dc531a8e8e62fa649923d8f96e4a759862b1df59f63c1a448ebdcc3c36d7fed786b777674ae77e112a623020299a8d2e40adf3fe5cb34cf9ad3717f072d637c2cca32cc49a9cd0baab294091650e334b74ed29b3d325c0d1bc
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (27 mod 64).
+# DIGEST: 0fb9d7ffcc7c9b84f34661d472ae2d4fa25d3d99
+KEY: 46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce
+NONCE: 998f8fb2eaad409a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8d
+AD: c55b436965aabe477e0cdd
+CT: e4255961e18652cf9fc499e5758eb2b446c55acda29e4715ca8350afe1b52bff24f91c290f488f6c0d89a7a0e67beba1970193b764bf4fc80ea42ec5086da2b113d739c06708d32cf568aefc9af83a8e78b25a9f8e0356e8444732
+TAG: 040155216fca12e96d110f56f859e5d181fb78bb992aa72b550ae51488e905d4a7af7b37401db261c2cb25ef493b358d26d6bef6706b6886c9c720a501c260cb7472d03769a214972f830ec5020757831a00e844dd8316f447886823c3c5307c048d63a4140744e6afa135c24ef1884f08f2c4534d8d0696219dfcc771bd856b3520b832fa619dae97e043ea4b17e520de4b357f77e572644609590be328d3dbb8454531b82694404b628ecb3206f32e2ead2a0a424203c332eece440f9831ac2979b6c86e2c49b2fb308c334bd34f016f4a6be174f86a2577d0a463688808dd42b1c867a1d73046b4e94b6686502a94348492b722698b7326da175af4962898739c6fdbb16acfd1eee2bd7f9c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (28 mod 64).
+# DIGEST: c68fec315401703e49722fe4b39cf28b14e9f50c
+KEY: be99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce99
+NONCE: 8f8fb2eaad409ae0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc5
+AD: 5b436965aabe477e0cdd46
+CT: 3ead3affa3e6e553cb4998d3f8aba6e02349ab0a588647f3518037145860a949160aa182ebe41358a57b3617effb1acf2525db768f042ef5221d32c861962b70a11c27c536a57d369a5d24e8efa23cb2018932ef77b567df36cd81ce
+TAG: ffa39d6befec6b597bff8a23c4fe8791c8309b2a694cb8400f32d8408cb8981f1e4277579e3c28c906a077e115f0eb134257bcaf7cf8e4327d7e4800ffe21bbb7c7ff9107d4f292448892802186f2b7320ba98c2b2da95cc5368f68d5bf723d7f1392ce9e212a9de44aa0d556936f707f45dd25a1abf6aff829a0ca82b67ae51a0aae206e940bc84dbbab8b3a0c62a755e9b59418202eab6806afa5b00e887e45dc95fb9ad82ffecbd5701d118429a39116bb4990cd45668785c252321a0d98e97c28916c8b4d9938d542102faade1852450b9ea8160f786182a6d9ad77b515764b16554f57b06f3e22bd1dd9bb125862db72ea46344649efd0612807f6b5c3c59638fe45a0cee01af60478f36c2ec146ba7df63
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (29 mod 64).
+# DIGEST: 15e1aa5285beab679aaedbf51a86b4aebbe3d7df
+KEY: 99371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f
+NONCE: 8fb2eaad409ae021
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b
+AD: 436965aabe477e0cdd46be
+CT: 7c5e36678f3fc8465f7770d619712f4fdf45922b20db9aa521e721ca35a02446f1f06ce15971afecb695e3e780f4972821f9fa044564fd8675f1626c5b5f8a24da4493917526ad72b631acd16b13ec9aae03ee7b5034919200ca8881ac
+TAG: 7be23184481a76434648417fa7e7afe0066c7f614cb0f5519e15170216db443ac5d840afe41ef010888b5ec1d708cc3a7948f393a3eda3974f6a542482d29c5c0c25fc6375e62dc88cf1334bd81636b0d3efbd4a724273e587c921addf86cbe0d698bcaa2f8acfb8aacae535526c28af0d332e83e7d0b77c32a82d62d5ae67235c827441bffd2efa05b6436cf20092a5332ea695104a0c5f83a8c68322e00ffe42718b9015765525d7af77602be97bc5b91d58034b1f4bcd6b8141ae6a73841a0bb99d8e81a634a42744d2256a44c1bf6a17991fc12d9a6520978656d82d03c18c73abb7587843e503ceecd7d3e2d9a2100ee513b2fc9ee78fea7f235dd9c0ae96ea15045e7749d5b5b819d1779c83463a574e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (30 mod 64).
+# DIGEST: 8cc0b1164fc844e958e055b7ae43f2f95c29e8c3
+KEY: 371eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8f
+NONCE: b2eaad409ae02116
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b43
+AD: 6965aabe477e0cdd46be99
+CT: 82892eecc52065f09b6c740654823993495b8ade7b0626a666ad6294d35b906b9e106b92fae1e767a37eb5088869cb9d01ae6b77631419357e0d966c841185b389cf76b680499e4c44f87624960e5eea44d9df0afda08ed29ba41936250a
+TAG: 44542585005f3619496ed8fb0d4a784ba3ea52cd0a9ff38e8630cc354e47dfcb7a8cd0a03d195a385e8cee049fc2de3529e7fe7e0067eb0c5f65e257141c9fc73b9f23e965ce24ea845134082827ec1028f0a64a1f6a2e31faa8030a0c0ca63b6d4cbf8d8937a40ecff26996e9e409255956dcf889108aaa23456023c5de3e8efceefb1bb40500fd7b08c760a083c596793ce63de2958ced2766005544811ee2beea90d42b6f4b05148148cece4b9b089d0b7dc0b948d385f17205135391259c697de5bfa726a135a2d32d2516d4c72c81b171ea9078cf68dbb758177e04953a1c3c669fa682fea1a1c5d23d9173e4db7d02e957144dd149f4ba2784c9acde563d54a7e4cc164eeb014461d0535c7d094ddd
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (31 mod 64).
+# DIGEST: b51001b6ff9d27bccf3103a4961280e0a1406257
+KEY: 1eb8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2
+NONCE: eaad409ae0211641
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b4369
+AD: 65aabe477e0cdd46be9937
+CT: bc181d050d6e79cd5d66a1410338e4031378d60a217bfbdaed1404453cf8a680b9200f746ddb6106a8a407aad8204a7e3b5ce8b8f34d1bc69b84fa538745bf599674c6ab008435897a765e5072449a7c79c4fbd11f0883548a88244f5b1dd7
+TAG: aaf4ba13e0df9d9f0ea057ac04f64b48a97ce398674d0503053beac9044920191d6d619f2136341cc19f47a800e803e0b696166d306c8cf969206956c0e198157c3d6f114c7217592e358c27f064c5d940deb2631a232570975fea1011e07b85539a86cf83fce7a1f4ca35635ab86b901aea3bec5595129b6a8ec633fe08ce1214c39ada3da5e6012525c740a23e1babc5ad9dcdb6cb837d78567a59bf52d8044655863e1143e5b367916a154f7dfa98fbc7545813ed2e90da0b365733090f264aa5b004ca22adaad01ab98c3de62ffa15095a20967a2c07cd3792831027839d91a8048e1c927198644be2407f0543b0259d649c15aa6d1374e95dedd203a9ea03f3104aa2fd27963b199c669a4ef9735b
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (32 mod 64).
+# DIGEST: aceed075f31ab159f6610f43ff0a6ed3a359bee1
+KEY: b8da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2ea
+NONCE: ad409ae02116417d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965
+AD: aabe477e0cdd46be99371e
+CT: 630021a2b51b2f47aeb76833fe4f3a6471d208bd943d7ebe9e97ef72004de998b82a7270ad9ece3738b1322ad5de184ef9eb67ed7d0a7f76990cceb64eff3bdac11ddef22000ec6e476de4d13b841b8bbb941ba4622e35334ff293014408c1a6
+TAG: decedbd573c17d487e3fe140a08cb446bfd23c5fa71a62009e24f83f5acdb3d8263ba693c43a0c1dac94c700926bc51bd4056944dc5187452bf927a4dfdfc04be4eba66b25d6dcf4e7e5a64b935c835a8a4fda3d43fd2f3fbbb1498a45495c1d73c6ef8463d1d22cd46d874214a806bab520ea7400ac83f009525017c9ade73d9ead4d3b52613cfc91c60acb38cf2e1c05e2c18aac0c2728135648087e7e24bc54d55f622577c34417fd6dcb9fb1be14740ea5a452e314414b86fda4a3225ddcf4e9d686a483e25f66d218ad252441013c36b69031cb7ce6589eb0f63fa694ba4984831d863135463e152c4c536361384c07782932f6601d909f548c5afc0daa3c80e8ed6a2e615a792fced1b452df67
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (33 mod 64).
+# DIGEST: 976ca4c9819e25a204a024d05fbe7420f717bc58
+KEY: da7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad
+NONCE: 409ae02116417dae
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aa
+AD: be477e0cdd46be99371eb8
+CT: fba7b6a3f55486dda6db0c08da51010c3c1158424f4ccf5bbd356d401309dbbcdbaa89ad46e5aeb5df48fbe000a728d5ac5ea57bfd1ff96327b57a4c2baf5cce0f31dc5266ff97b875f15c5d0a4c2d85b81b69ae42f6209111d4742ededd8ce84d
+TAG: 3083dbc3588403b9c01492e8d8b7cfd2b5070ef097f57d4fbbf1325a4f1e28ab44b0eea3818403b063e86345c1cc0f242bcfe1b854aaf6d9158d316d768380c35e4f191f318d16af31ed6c8b7578411ec57999238b7fd2d69ad2459e0090de55abd96c0a40b4a0e909427ea3f2c626c054570929f7aee33fb45e97daa90661f455b4f38297fef238fc5d715d7d5a846399b8cfe78d64186b1b0d884a6b89c358a4743f3271df09b52c741f83e364c8f836b4f41ccb1145dab7be582301bcac6cbbabd7c4c4311b0e21ddfc152018695be7b9d58e95b8f74fcfe98ba8298d931878dd1318280221a5b0c5df31fef128f672b89815aba99ffbd41df840ccdef16a3e8750830ec84c2f50f3374e550ad1
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (34 mod 64).
+# DIGEST: ad8cfe7556704bb1974e94f70d8743d147c5c3b4
+KEY: 7dac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad40
+NONCE: 9ae02116417dae0c
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe
+AD: 477e0cdd46be99371eb8da
+CT: a6e967aa8bfe23d4237d593e6cb2e279174b57acd9037fd150cb3a00a5524256756602c8541f6eae44e2b97245f0f63894afc812ebbf87f77be763320d0effe9974df583519582f72b57845bf20bb2f82ad5dc59b7d695a424001d0b9a1194b9ed7e
+TAG: fa2419a17ee52bf8e0671e1a7197f96134c63110c557f7b6f0a0ee57de8c64b3390e56a4c4f2c75a7d4e4222507b2790e31043a6ab18a2d71786b3334eaa37b2ac7de20610a4f4af3c6598483450383199e1256e05e2bb20df5d3b7c24156273716a122de04b6bce230ccb8fa7876d191152d82206cab40e1cff6a87d906de2660876b4abe90491ad6a10399f3c4a351d86dc9319ea803dc2df41b5a33c4e17c8654cf06eaac402a8b45f252714fd8fe060d33f05fa195fbb091e2076fe87ebedf239ce36783af321e21146ed150f06083e9578b2e022553ce43dd05e25033698219a5172d6a020bc9db1f5f2a954c994bdfe0e7ef7f48c243dce77c2274357c6bbe8c8267f8f98a384c4fc177ab
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (35 mod 64).
+# DIGEST: 1dfd9608adabb5a55e12949f1c4bfcd5a77cb703
+KEY: ac997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409a
+NONCE: e02116417dae0cef
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe47
+AD: 7e0cdd46be99371eb8da7d
+CT: a547715740d6cc64021b5e70bdc0aa8299369a2b45931a539e146aee243338dfacbe531274dd5daa12efee9e2ea90d4d963386d57804c01767abac3ab329a08ee974d9d8723f5695bec5101e6ce1d727ed919eb53bdab44db1e5f789729cdf91010292
+TAG: 107dfa1b7e55565fed6fe7ac9ce44fcf6c5038a586f9d02b2603cb02936c0b965da944a945d5b21ce2a234e6431fd442b428e118058ecae90f09778e2b914035eb700ca75cf4d6d1589c7c7e1b7e12f49a4fd3422e064c417156cf6f0782d52b71915bf697fbbfabba723e39a770e89f0d7c46399edf424c735bef679001da5a789ed6a3d253dc4f332a80aa14d745d88e015eb246cf3c5782f0ab4a3bbadb9dee73f2dbba55bdbd9e0bf3f009a3ab434156aaa02aad0422110d45a647ab90021ca7a10541363198e70521f96c2da7f85ad56de15b4c90f01aebbb76910a2a1240cb6424aef8db7ad185686cd63f5d1a419a5e4a55be8a6a5feb7a977b0bd25a23f540205a1cd98eb7cf40fd10
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (36 mod 64).
+# DIGEST: ad2b43eee27e6267d8c5c1c3d558a07dcd6b1f5f
+KEY: 997deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0
+NONCE: 2116417dae0cef45
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e
+AD: 0cdd46be99371eb8da7dac
+CT: 7ed8d60c67875030c8a20cbb5f71e22d1e5c3f93852a5bf953ae67cbb3a4d3c0b69bd9b43cf807b32dac4833e502fb377d67d2575a62e9f6dcc12c4df05c71802cfa5b6b3104d9526941bf1b48bd5e65710e15862b6c0dacc1decf5aa1980fce6cf99e0a
+TAG: 82dfffccefd195e0b64ed804149472b11158cc39b4f01f6cdc2b4b3ca53bbdbc2f2b1fc3a75bbfab6f349c809c5c775261bf88188db280c9611f9ce8aabd6d5517e56408ed5d6fde3a0d10b20af0cf684fd7b904535d124bbc3fd9a8fdd3a08c6fd7a8161bd0d1105d9da9002db95dd7eef295102cc45458b9af01dfc90d480ed40f425e657d1fd915e92b3598cee8d815b4358ceb1a7f79749071895730200ee3da95a40a2aa951478fa101aae1619bc8019dbe0059cfdd4968a719f960a11f73e76a9dba8c81017ae31d70301c24671191f13e9a84c6ba169e4609b750833a9eaf6b87312077f83e62dd6d79e1f2e7c18d3c603506875f2e6b1fbe540fe896e84ae227efe2f0193b4b9ed0c101c6dff09491f4
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (37 mod 64).
+# DIGEST: 3dcddb1e4f49633e7b7bd36f4056d16c53be7f5e
+KEY: 7deafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae021
+NONCE: 16417dae0cef457b
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0c
+AD: dd46be99371eb8da7dac99
+CT: 0bf6e04e00d7389a3f9bed220be14691df815190dc4038b802981bc5464ca4e98b94617b8ef1f05f3646d3731766e0b58f65df6c255128114c3ab1c2037da671bc995991ac70acb0045b4607e6f8ca51dc21692c22f3da6b326a248b2e0d9266b42e47b6cd
+TAG: 2cfcc48fa50220c001f814b46fcf19aa0465e49cf9935c61f3d52f1d6cce66c1a7d9a775deeff52b999a895f29ad25f2d1b7d881e7a4ce9a73b19a10a782d320ac0aaa84937fbfa74d95e0d9615cf1718a77cf8bf2e59716c65ee1667abdb850ec5a96f3144d2e35ce7e67ddd0388e90e70450b362ba5575bbe0b36b66bb889b59ee6eca1da0bf48297e32d4fcd3be55ae58c5909c1686ef666f29fe76eef53885e9e2bb6746da291569af7d2fbe1780faf03321e816980a10e89fd11eda9f8f3730a4f34890531890194610cce83a89caef779e83673538efa753f3d558b24469427daf7f1395031c998efb55a36a1a13d7c35995652e471ca22eef80221b923d39b93abeb5193f3e98683d3748167670b20e
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (38 mod 64).
+# DIGEST: 25b982a242f669c013cab1c18da425330090e3cd
+KEY: eafd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116
+NONCE: 417dae0cef457b9e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd
+AD: 46be99371eb8da7dac997d
+CT: bb14650012537fd52f03bc6ec909cccf84694ff8109e802ca28b9caa2c992a65b9d11aaa29f24d45a0f0f38249675b1d036ca598c7e7bf77aa6e841800149f16453bac19b3d40bd494ac0113a5209a8f831e4b2ea8e99c32a52496c5c61988cabd4c5396c760
+TAG: dd942f26ea4e6fe44450ce4931bf947085253ac61a85a1434386770be82c57951e8f778b5beaba709d94b0c6d71cd29b12a8f173435617c72d9d50719ffe85f81475d7e54d05e8e882e9ad174c25c532c8c17c1c20985340957bda87fb0f99bd5107267d26a7d2f9f16b3de38761645395717224f96ce23a657420d164149862903cb91bbd887f8250a4a9b7eaad088c7a094a7c1d313b7561448a1ca223516433d0e7d9d0a3d28c26e1833e6baa5c309092803a8a1a034510b5833264d4e59a7d2cef2e4c19f9a90f3f02304fd202e54a246d02dc81d90f5ec7966758423a82a53350e8d5ae767eb5de1b73bad4bc55fba1d79efaffcd2ffd2471ba8dd85da35ebc2879cc07b200e8095da4b87d1f7d9e8f
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (39 mod 64).
+# DIGEST: 9d7958e23777ff2472f5a24dea5fc19c151dd921
+KEY: fd64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae0211641
+NONCE: 7dae0cef457b9e5e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46
+AD: be99371eb8da7dac997dea
+CT: e21464474404e9d0d653d2e5214e332ee7691e12bed8f91627208c67da34033887369def4de497f2b7d39c0b0c9101bf25e7aa405a165ce0ad00f7bf311e19f6a45fdf5e13f6ea9b6007a5ebc584e0e68dba642f1d6427a6cf6f84147dfb3f3d589759a44247ef
+TAG: fa083f65f3b87f4ae6601498a4640410ab34ed18ff329ac22e14dbd511480063bee2d2fc2aa2b5d710aa22f8e2982b863f14fb815f85f8fc70da961695d2c39177d5833a07e26577708df2a984d504d139541636d87ac0aa773b8140bd90e9373b87ef9337e80fcca9afd4b533e49d8f878c41ea9a51105beac814c2b16a2cb7a47ebe228a509ed65a08392983f42aaeee6a1b4a9d0b498faf8580c4f4f681403b758692f4c32099080193b2e6aaf18590343b20fc84baedc245b8f0f9c90016738603c1fa2feda4482093d895825e1751fa4e1f767d8de6e192a155ec3e66ab85033c4b2e18387c72f58e21eccdd2fb05c4eec7d10234c6cdbb309a4f325b451ca3ac6e9303fa3339f4aecd94f8ec8d5c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (40 mod 64).
+# DIGEST: 09e9eab51bcb9faaa3bc3e473ff66b06e39653fa
+KEY: 64b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417d
+NONCE: ae0cef457b9e5e16
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be
+AD: 99371eb8da7dac997deafd
+CT: 2d2b0233e9dba69ba134610eb54a852978727d62c1b219b8b2efb9342d675f0548847e340004db6ff5342941fa2169ba06a6e197a8abc7ee7a4e1470f0041e6b1aa25ed35c3a19c84493669557b56431089110ef4ec66b1fe45654c965f4bfc7cb834bbad485bcef
+TAG: 3626aa475924187edb74cb97a36fba693e52b980825e58c0a1509bfa40cef0b41a8e660404a00d738191d10ceea7cb761e3a75734ab226693f56d68ff405ae2fc2c2aac8988d954eb65dd0e86ac7fdbb208a4e99d4b3b17f6d1e8f347c540bc00132b6c3e9e2ad17b8afd7b1fb28bb1d120167713233132db4bed535c751de37d657178f6a5ff8968b9ae74410c0ff8015313eb3af8ffb57d771a6a03984a8509eab4d1c9dd39fc675192b47e46d22fe347d2e25dac07c1f7c26b17f3ffeecef8fb301a66c71fd582f5a6cbf045a107481cabf0298184704a52bcb4ff08fb351bb699e656b1a479de60591b0bee7c875e06f55ebd010b450e1b074c9d74795bafed4b7ebd5934281ad392875d0061e68
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (41 mod 64).
+# DIGEST: 7b17b7cb19107af8fc4671420e461060e2ef3e61
+KEY: b1fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae
+NONCE: 0cef457b9e5e16dc
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99
+AD: 371eb8da7dac997deafd64
+CT: 245180810407934bb7ef6fbda3f64abd712a3959d0fa2502464c159ed70fab64a10f360f22dbaaeaf44d4bc926c1028675cd1c3a94ea951b1561c8cc449f0940c6766b67ec21f8c039f826afa423e7960bb4e2f7e71f8f660ab2bb24e2f3bdda5c070a3529d78b1cb7
+TAG: 502ba1aa764ed0da7a939f1aee2b6fddf982f99fa22b6f45cc755c8c283d91cadf163e9f22a69ebc2d4a3c61bd8f3c570f7e79068bf5e95c0e89a0644b6221d1e999ac49b95988fa9d060681950c032c48145be411149b6a5b3c3bde1b0908b63c8c8e52d1e36c50041bc59548e227f39185368b565e8aae6034c2aae006ccae61a6702d137618c0b41a8a4e5240008ca488074284c4cdf7ba323215b32bfe4ec726af4d15bf0a0ce9b474e41506824f3ed60db19aef83d83e612200532ac173f00398c8f2a5ed6e72c8d30e4cda5c05248d6fd2e5fcd095a5d1d7abc63027849c92ea911d4d5b788ff7edabd3a95fd6c1cb78eec290505ec9a1144c14963f700e28eb9da0e0c5d1eee0225bfdeeef
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (42 mod 64).
+# DIGEST: 48586ad2eac603c136911b28e2c69f101a8ef371
+KEY: fc65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0c
+NONCE: ef457b9e5e16dcc5
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be9937
+AD: 1eb8da7dac997deafd64b1
+CT: 05fde16dc64641e35c07c0026eadb56dcfd233c5dda80544e58789fcd41539edaac9d47de790b3193d881e79fd79c117502e7cfd1a48e9a35d8fa3aeeca41457c46e5d9efd1950c1a756b5fd65c18b961d33a6d1256b92a6c6f339fe3522f2d4d9c44453f5ba66d2d0b3
+TAG: fee333cd5c24b3e53d6f4022c387c560eb4ec4574c520631d6473e8d184dc0828663211c464f65694144c62dd91037e9e303e6997273e17f1d364089ce48cdb0a01c7a19c0c10c83dc41c6954b60d5d21ca71b91667e40c0022ad66d2e095b3601b71aa08d5818728c088927dbc3da13c3c2a58d36e71943a3ed59e3f0141b02fdda4d20a9bbb8f8f6b9b9dfbab00f510dbe942e1defd78704be7f00460476189dc0c2522bd70c5d399da0ddb64891284060741bfdfd576facfe51119b8b9522b20ada5421f6c64413be1e812aade8c034d5ca0ce2e8b5abd30917b7213d5c04b4bf5e235590eae64870c001ef0312d45a9217c9dcc8ce6c69484c00df028df2a62c9e0d5b341250bdb6db585c33
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (43 mod 64).
+# DIGEST: c37456cfc543ba6e5848b9b8f4ac5a58a104b521
+KEY: 65de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef
+NONCE: 457b9e5e16dcc5b6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371e
+AD: b8da7dac997deafd64b1fc
+CT: 8618242fa24c47146327575ab228f8fcd546c71db9d1183caacb5f5fb93deecbb242e8bd6faf60a39783dea659f95e5b201a0ed49abc556954fa373d1b839b4f01574c5b3505baa0f8846826aac8c12f40874761422570dd0ac01acc7d1cd3039940076d00d405ffe57913
+TAG: 271bddbbff5333b22cc39ae0b9ea9900e34e9005d6858ee9dd3bfa7a073fa7de3ecb28e6bd4abbac684a25afb2e19c488429c397711886c30a9657060ecd395da79ea077314e5b22bf7448b70f7c3a5132b75e46ce0711da9c38ebc9760a3facedcc469f7f227b0bc8674433d0d81d71d9a20f4d1a453afe62d6a0b37f324fb58d8a70cbaa7808ee4eb6ad5039e51c51698f94287cc7f476e30ba54043d7ceadc720ec13f15755eacc50f3dfdcc67b23a7135173ac1c726c7b65e939e9656871a5d30e9d2091cc8b102bd0c800332da884ed4ed7ea7ddc2d2f471e4a8389c0043214b99e8af524716bcb37cf82a8707ae13fa5fcb855bb003c99bc388f238b3bd0b51db5f1fe8e6b43a7ea299a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (44 mod 64).
+# DIGEST: fc113d192686652653a15887974eb1f9b8e32248
+KEY: de39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef45
+NONCE: 7b9e5e16dcc5b6f2
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8
+AD: da7dac997deafd64b1fc65
+CT: 3de7bd95f32d7bd6e263993e48d69eb4cd90f2995e437f1112707f96ece932b1aa317ac0b4abf88a8a90581b9118ceddb576c74c960d5e734eb157b90abdc61b90d485314ffe145a5603bc661bd9a09f4dde518b762ab6de54187baed5f23d6d27f528f66d080a1be66fa811
+TAG: 3c2759a67021bffbab4583101629b11486ce26bf8e5081371e2fc36a0a73a43968373874ffbeb4684f0ba4bbcaf4d27a344e77d898cfea20a4790f453fe15cf44586269fcb3c3101358c01ba604c29afd7cab72fbab16ddd134f986f8ce58bb9e8c282ba7603c8591cf223000230073698b40b28622cdafea8964f61e6710cded9530795ada08afcf1bba283f26b3ab408445429ff79b49a5e8bbc60e293074fe8bb5662e83c1d6a534af9604a4fc86481bd2ddb66606fc51da69e41f419fe99c2382a486fe941a684d36358ceed40e827545f9cf55cb854c02407eb04d7c9e9ea0b11c0fabc01551817e7e003f8e3b3d3db5b0b168dbfcbc98de8ad34a5a1431ee0132f95262695535ec6816cdd2a6440fb33c3
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (45 mod 64).
+# DIGEST: bb6e5b5be84ee383caac0378cb6f541726ecf61f
+KEY: 39f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b
+NONCE: 9e5e16dcc5b6f256
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da
+AD: 7dac997deafd64b1fc65de
+CT: c48489e9166fd23fab715b3e4885b6af25fb48ca99baa15e767c8064256fb9b2259688377d7be9148fc471a89c66b848ff95f492b1670075e98a0547867293094d89a2d5d73b8d54da8fa465fdcf122caddd66311bddd54d645991a4f02708eddc30c51b5b22eab8645e2119fb
+TAG: d3e3d002bb6dcf09c63e08e7c80741796d19fcf9b7350b88c5bd7f785b0c69f5cd6d78becebbc53b0b89cefcf8debc61945bd6e34c8ec5b5759314f8128169cefcff220e80f8847eb8852348e5aca843ee4088371c411bc2cacd4b1bd73e3a9855047ab87551f79097ced9341935b262939e7dc5d7a835c4a6aead77a52471a669a0b6a4c99dd5672da39ceec57d01e33365c5f9d9db6ec97f5b4e0545ed294284cfdb41b81b8449cc181caf2ff5a1749d1acc2c3f435e5d8b698186ab6a6e23126a7a880898ce3cb7ad75ab4fd4ba40c05e77304972fbbff3cbb1412b0b7ecdbc495ae719aa5e1c4d17fb057b27eb51d1a50c1a61857ef88efb5c754a945614f6d9dc3259d5932fe1bfd30eea69150d613623
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (46 mod 64).
+# DIGEST: a27799fc2e00e7abec4c5939451a834c4606cf7a
+KEY: f4f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e
+NONCE: 5e16dcc5b6f25607
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7d
+AD: ac997deafd64b1fc65de39
+CT: 4fc30349e938933fbe87c1b071bb54ea2837c2bbc4ad4a59291fe5e190d25aeba4a14adf7a8968f87be1d68d3251259bf66b5413b4b4354e2f2e0574a3055b4c70e736ea139159599ba7f7c9028671c1bc4af858bf7a691429571743ec154f0a7cced1f23b748cc93cbefc234dd8
+TAG: dcb51409755c687cfe32d594a0351affd831a978b22d1ee70468ca3c034ef15e92b06edd903f128c6a1aa34a0b0a9d799063473c8a53075854b48af38f834ddd538cdc2f15038db8bb8ed175aa5889532fdc8e6e61a4dd2a67f9912f3f8995439c7f500214d038e6e167a566963dcd4e56f51b12929d494f9f520dac3e8bc0a0b7a6c5be098881a7d9365307a45e5bb7a8cab8a3971b3f8181bed642c9c0d10cd88146978d82d86024c719ddd9868497010abe14ef8c339cc49e4e743d6f454993e71d551cba457f172b27d9406ea9fbc0413606b02ab86e2e8654e55f5e9509067632a5c07cd30f5373554cbcb2ba552f98f5c0e6a5d588ded804885e7939b964252112b28143191f068fb1a466a1f13226
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (47 mod 64).
+# DIGEST: f30eaff92a640a397f98e6803623e8d1f0c1fea6
+KEY: f03541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e
+NONCE: 16dcc5b6f25607f0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac
+AD: 997deafd64b1fc65de39f4
+CT: 94579bb637b0368834f699b42ab802904e1d026cfb7e487b2568c482b849c1a7a1cb0707ac02ad9425fd9743553c69d2ddf543264e8d0220e98410e85c9b70a0b85143f01cdb0e0f53cadf34c5c00e7e8da23f1c1302ad8bcf17b765c19b9f9b9e0f67804cb92b4d6104985caa3656
+TAG: 9e3da50eca9da0692ce30210517e1bdfc10ff6f5230421148943fabfabdb5c8c0d3670e3caa4e109a6f07dd1fd7be37814b1a1a8af65c6ded32b3023fd5b422eb4d1b421e87552b38559fbbd3a511516e4c94c6f717e8895329d98a6b7ad0057177ee64ef837f3b41cf3cedf2537659d8d9f3d6515787ede245a6cdddee4c6cb793b88c298e8a5957c18cc509f76892825e9d48915da0d9baa82e2b1f804a40a6ad9d576c8c8790ef2cbb800405adfddd8fe3f646a5c19cfdadb399538173051fe361ec536397600f847f779039086635e52f9d7f8d9396d480ceeb8f62bfea1115aae28540fed0b1954ecadd6c16ac5258b25139564dd86e3c966566043c6d871e3859151b267256c02a5ca8530473ea3
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (48 mod 64).
+# DIGEST: 7227537c0113a9f46f7d332a0b37ee5303483d00
+KEY: 3541a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16
+NONCE: dcc5b6f25607f00d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac99
+AD: 7deafd64b1fc65de39f4f0
+CT: d31d0051cc45826e4e89876c67af6b7e52e71aeed5e2c3254f81e26091ba702063718458cb798c268cb850bdf6f09581c685b496b2462649132e19d621311afbf5a6e88dd471566d937bbb2669b36f5ac015212ceef7ba61b8ace55f5860a1bc48c12709c5b08d5420f416a4ca3fbbad
+TAG: 7a5bf3d74ea3fde41ba65d954b164e675ec40200f2ff02d6b2cd26ecfbc51a31e8e7b2d681defdbf3928ade27ec4e87345c3a2955f20e7d96955a7653fbe0486d489307a75cd23ecac79133a781aed1644a69cf35ee51c0a3bb936a3cc49be699bc4d71fa8f6556412f73db40aa759ee10d2817156b7275934a7e4a8340ae578f175d7e96b068a0762a6c96ded4fce216290672f0fac667e75cc9556ee6463277085828354b9affb2a588e3129d54b35efba0616efaed3007b7e320fd8c7cb260ab9848c89c03e4332d47ecd10730cb3ebd6822aff3693b1a2095f8e364081b0c88a1591bf3785883e9cb85583dd3b05db81a9f468fd513cffb1c893c33539864c01b771a0ca8d5c7ed684bc9a555b8c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (49 mod 64).
+# DIGEST: d76570385cb65d30c3d636ff25c5efeb8d1ea08e
+KEY: 41a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dc
+NONCE: c5b6f25607f00d03
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997d
+AD: eafd64b1fc65de39f4f035
+CT: 29cd7e2276dc4170c3f73666ab4e87527758ec7324c9956629128cc2291d73e1894eddbdc234f9fdc70cd31cb4d76438e9e0f9f43c1788fada093c829aae078fbfb287609ee81e2e3b6e607245228842e001345c1624c4e40ee09042c7074cec076e2efe2dc58932dee704728ce57dda1d
+TAG: a56278ca93f23453e7705ff96cffb901b008e0a85064f6747eb0f179bc37f006f3b19ef0bc20ae87d41d87f23f83e9b942994112bc9deb76afe7634f0959f60218909eb9f87d89c5a4a465b9f71c2a79e2bd97ef266099f9f703749a828ad8c8c6792543de8b080d2ccf2ea4a44237181ce6d111ce2f1dd7658a5f32e8233d2083af5c6f77a0d865ab2f09eb8e5087abc3fcd6dabadf1951b7fc1715d64dd1791e4b2b98c45b645b15dbcefd2b556d9db387b082acbd0b1fc1cd91ba6fc672734172f620b9e5472c38c0f2f636416231253a401d76e908ced1a9a08d0cf0c154e6ea33ac7bd8b1db626dad3547e59c05a705e88a66a8c39b2313c6ff10ee4a1a4e491610d571aff4bd6ead07fcc43d
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (50 mod 64).
+# DIGEST: 170369666d1f2337b29b5f14af68d47910388e7b
+KEY: a11be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5
+NONCE: b6f25607f00d033f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997dea
+AD: fd64b1fc65de39f4f03541
+CT: f5f144041bd31817211edd73cae8b44c3a4b1d5be0b58c1e8e2d31cf0b2591de5b114eb4b7131e130c81c9dd7bcaf5d9dc62a0db2649bb62ac34c297d0bb2188511552d37fc90cdfd266ed262b5e1912c113c145ef0387852701b7f4d80b9ff970586243fc3440db58c06f2dbbc39b4d1568
+TAG: 7002ef6185526811fe8876682e2a02ae686d4a5ae9de7a4170688167a20145d4babbb6b442cb0653465550f0e01561ce93aa941c3f078a783a286b4596579deab08af3fa2e5f41b9e7f1daeb17184c4082f244bee7a73966ab7eec2c8e6d37bd03a477224422d44e56333e36bb8a407aa13dbfbb7b996eeb468ff4cd62de406e370499c9c880598503b8b996cfc24b368228f890295f919a1106cb0e32e282995744f171b8a00f1aef904ccf320d06b0d9a26d76343da893f506c9c6189165d26a439310144603af15713e485bf8292544239161069a236567630148b900946375e38fb9b37542767096136680ce3e926c862279087a89d511659f90f1683e1512487e90311ef04c83a6a0c46eab
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (51 mod 64).
+# DIGEST: 7c52593d1d37b0dc380297231c6cb7b64e04c493
+KEY: 1be112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6
+NONCE: f25607f00d033fb9
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd
+AD: 64b1fc65de39f4f03541a1
+CT: 4b735990123f86b6d35d5c64faf77b21b07ccd281649d3f70353b0515698c843c2fbc2ba7ea0700112990ca0c7c638be7f1f0e6f4a531ddfff6db4638c2f38df750ffd5ef23976fd56d79f1d882f6a5db8c107e6a76c2f74c3b72b14127504befe98541418987222f4620738e7ae67feba4480
+TAG: f15e0eebab83ce6db242365b526cc6556c3d3de2a6aa8fce72de3ec3931c2defd8da2400ad84cb489078cde12012ff2cbcd579572d9a4d05e839c14622b81a894d03c80de8c983ab7b1c28a49661d201a2b4b2f126d864e4f4d8b34305bc8b0bbf24494087b9f66e1a161d415729cf6e5894b0c2a1cef86443525d952a8ea369b61845b8db6afedd656f42c2e8213d83e37625b501c0470515390bb152ae81849b2a5fc91967b95240c65be58567bfcbdfbab19581181044ffd5c54aeaba46617dda655e8754f77efbdee94cd056b0bc9148bb40a67957a9b9e6ab46a54ba2afd488c2c52aabbf457b218bcffb119f3040a711eadc712aa5b5d194df0d32d1fcd58bebc808fb4f0113ce003f03
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (52 mod 64).
+# DIGEST: 09a1659100052d13bebb4defd7f54f975a58ae2b
+KEY: e112a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f2
+NONCE: 5607f00d033fb95f
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64
+AD: b1fc65de39f4f03541a11b
+CT: e405c8e15d95c848b303d4ecd4cb639414b88bb8fc0eaaf852b8ba40e0606371b0d7dab91e2421ef13a30d2fc692de8be33097724813b3a1c4506e7bfb763b829be71348921cf9e3bcba87c353ce81bb084a1c2f42725c2a87d26df143e18ae23189e10e2a6e60551f1d09e30042f63bef6b6e0c
+TAG: 4b4b1760eca2bce482c294c5862412b47f1b88e2320f68778adb653a35e17f5641bacfebfc604cb3487d9ce6a9b5061814ee2e4892b3bf51e6f5484c07a4f5175713fd214774192ebbb9224ee02d6ac2992922e4fb4543a6595ea80a9618d7a112aa2e4ab44a494b593a19deb25e49b32fa46b175abea83f6531c3c74b278ad4665c6e7b7a6f6fa7637072257d13d4bb051be67d61f37c62beec329848d3c5a716a385d3a22cac950ba3327d64b70ab95cc89791f37f4cf480e9ffe3297b7c42282f98f0df3faa971cecdffe549fdbd998cd6f0144180b6479336b4c6c1f52cef17c9b0a10bea8a03659f3b19333e731456cf50f9162254912d82e495c28c763c985dddf7d64d9597516497fb43622971d6b3f04
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (53 mod 64).
+# DIGEST: 230c3353ccbd95e4f0acbbb0073053a0186f833d
+KEY: 12a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f256
+NONCE: 07f00d033fb95fb0
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1
+AD: fc65de39f4f03541a11be1
+CT: de0509be5c03f3a780141456aa62bdda440a9caa1bb485cacf56a26b0706640235cd57e6f0875bd528860b6b6217d01def0eb0fa530448032aa42ee4f853301b85515931cf0829afca22494c87c90cdf76bf520db1e425f7366c45689c520bbd0d3ae022212ccddbcbdacdaacaa2512c5d5c3448fe
+TAG: aacec8473ebff95d9907cf57d2a3f95019bd670dd90cb238b8eebeb05d5d5564f1ab927b37123e53f9a0df3a5897b021fa45ea80d1fa3ac366fde6c533bd14e49f4e979d1901bc611a8599c7dbe9630eff1dd9a6eca68a4b0d76c8a9c4ed7f1a56cf8ee1dce0f171c6c7ebb6399a5bf64c6c82b42b26b7dc27a838fc5924df1dc95b8e7e8199e5381bb3624287880c92e24340a5140ec42bbea9b824568896316c78a1e0f568e430eea0577b798246d2a096962949d62536ce9c27daf62529c10495095c7dcfc4530b8d7c4769810203a7f743ff41629dece1a8315ff5da9656a1894a1a49ea0a7a559761459875792de2dccf7baaeb69697e1bc83e3537149024e09ec4eddd2523cbb3d13d8a042d75f95ee8
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (54 mod 64).
+# DIGEST: 701e141608e71005d32dd1e29cd068aea736c9dd
+KEY: a72933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607
+NONCE: f00d033fb95fb09e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc
+AD: 65de39f4f03541a11be112
+CT: 3e94752703e605b1e18ade7f560525381b41b75c871add14d3190286f19267b75f44135e3c1cac10fd59c29c136b9f105dc503721e831f10bba87ac8ed1844892e1b0e4895a778b7f1be7f5cb76a04358ee28471c1b55f28e571e297d6b6eeb4634fd3c7593dceb363211a890fb44f61279ea663e1de
+TAG: 800badb3dd87e39ca3c17e9f2de759fab456bc6588dd96a440b59651b316be2083c46bdd670ddefeefde4fbb32028cc9210c67cc0435138b8e0148947012bd5815a06b8367f6967bc9ae319b0cfeca8cfc9e3906a12c25f55d279a127f95106bd435d63f6bab294479760bec3cf53202086b9888e2545604b1a2ace8b7840b59e3748c21e6baa48377287afb8e7221bcf0c85908dcde760fd8c289383141901abad9f61f69f38560096accef2d838e3c8277cb7895a323a6e28ff4e81175a2f0661c1b2ababe0ff21e0d03650557dd4e70b2c54c7b73f74e5c4b03f7e2e44fcf0014677c8024272529c2ba028cec909c14e80cd5d9e87ba5aeb73019c84954a1d056cfc59190aed89d741c9351dacc3a698c
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (55 mod 64).
+# DIGEST: 9aaf96b472ea76fd9ff4adf56dab5fe0400d18d6
+KEY: 2933c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f0
+NONCE: 0d033fb95fb09e4d
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65
+AD: de39f4f03541a11be112a7
+CT: 0d7cbbb8753fd2843d599d72bb2c05103eb7deb39a5407b711392fa1a4c45802eadf5fc25a746286ca9aa180134b1ca402e3d5199abbb46374748513bb6746efb19edce3ec5462d1519e8b1c9fc912df4ee7e94bb0b40061090db6ccb9280561f86d52566d7172b23e1571ed1bc2d648e6d5ce5eccc91b
+TAG: e1f9d58d0d0b915727a4c6c978f36a0b45c5bf9aa092bd84a855b09637fde207142d6c6427df3341d96e4e089677d1df815249c623e836eb3d64532e8a6861f06fe0c9a12f9b62b4f249076bc1e72712c6eb5c3386cc13eca38ab8af540e210d3ae3282eb8eaec0396397845d53a44f6ad352fbcea9688039c85c4e16d5ec2d85d5a3e11194258d4d819df6f02a1067155d79348a3e8f6ff0bae991fd012b9b07a7ff34474b4c22af7b4663b9b629919b1819e9fca96b805b5f1ebe11fc955c298e9b1ff91d883dceda10133752db7b72414ca7b38ecbebbe30189c5a2fb29eb84ae42f5162a90c7c45b82a26283cd5dd4051588019c14f946b62f892558439a758fe0e5ad41b929f06565ed4c038fa2eb
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (56 mod 64).
+# DIGEST: ac6871d354eac507556770d8b6bf10b5240273ed
+KEY: 33c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d
+NONCE: 033fb95fb09e4d00
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de
+AD: 39f4f03541a11be112a729
+CT: d93d6d42642cb56dd5a1e3b8d5913ef595a8d71fe4683afab5f8f6e3f1f87d08af1efa5257e2427a9e34041dde5deaaf6f0f808debb26b0f4f32860669879324369aadc41982a2abaea1c1c04146144d028b40be77e4f07ab6d5903f6d88aa7716748c3b158e5b2b387b0116a8a8ab1fa852c210b5cef20d
+TAG: 5ec2d60d0ace1a7de20afd27c436d478a1ab8f00e1ea78278742b1e3c1f44587070c5b3254ae7638322398f2562344e11efdc8ff68bcd5baf89e44189d8e8d5492819c3791e7be2d460b09ef92dbd696edb298b70d9acc8fea33ac85ee339e0c58c8ee78a5721c3fca9b6fc7696654f93fe64780a5b5aa7ad2fe4f4a715a6d09e8e46870056edc41641ec1fd8638308c0dac426cf5555281418179d3347d79cbcfd507bcced4e9ec25e27c191ad4e82f0e3386104ee5517ed7c8950e9a290f9c1705856edfc37786ff076e83d4eabc42299ed776c2a9319a2ecb94d8aea3a7195d354d7fa8b72a22a044f2150e6fcc7d4ac5adb23bf909e79773de782186b55374c2a8e39c3f38a7ac423812ff6cc138
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (57 mod 64).
+# DIGEST: 050258d6ad6bec54f8bc48c7ba2d669d6416c11e
+KEY: c7b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d03
+NONCE: 3fb95fb09e4d00d6
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39
+AD: f4f03541a11be112a72933
+CT: f6c220150aa1ab97883bcf382dbf137dfe3475efdcae422f889e095d386dcd0128a8079e245cc320b8d37bc2441bf1d65677f615d6e1b057537e14d000cad962b0ee4b89fa24a9ee064bcf49eb04bdfc5992f314bb700112c88a8b286d29e9978a0639ede9a54bb3600bc0bd999ee5e06bb34308b079d670c1
+TAG: f432253e6b7f7bcd0d6e57d9f550e90d5438ec1ba7976e324de42bc8134a31d46ba731af045f9c51dfb54357d9b711a7df76ecd0c14c8eb6a4013d1be08f13f3fafd69c9e8070eeaa4f5bc32d99609c9ff031f380ea82426021f14996c8869e2f507536be48809a69ee8406ba74af4278f0a26d11a874d38f2034ee8862a30aa68355bd3eda7ee0b641397528e33b473a36d93dd8b921bcf4b6a3a831af782f56bf1ad1be1d75492a45a83cf0d7795de267e3d6b7ebbc69a852ef64239db4c50f6523a8ada2a6698a1f7e3ee4693d16c2ffa36a19b8b7437242d43ae9196f03d8f1e97ec950648f4ff35922b371be5bdefa5c035a3516f556883195db970d4dd30959a1cf694be1dd0bce2c773dc88
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (58 mod 64).
+# DIGEST: 70060f86c76e53512933c09deb5872eb23efad67
+KEY: b54ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033f
+NONCE: b95fb09e4d00d617
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4
+AD: f03541a11be112a72933c7
+CT: 421320a96a896967e82ce4e44ae903e234918bebe6e20176513c90983efb1eaf6768b44c49ce8f1f34210b7ac7d7874f37ab4f7f67bdeb6b46f1261f661f5dde53617f9cbba64c86e9ae14da95fb7466b06545e233417d0bd3caa448ac63a433140c939e4752410fd073dfde195d11d17861623834b64a3dda55
+TAG: b3d1c7a40a6efa20814d40b4ad3be4475cb1e33d773f28761dc92abb8fa071206c242b1d8708883c7b0dd380f5d850efe9c5c09577581492c123252b65a9c05c9cb474b2572ae77a619171a9c683c5ad919ae5f640382bfde9db318c4bb1ccdad251775472f8a380a6ff2769dbaa7af4134f964c3983d0ed222f2773bd34ea243a97e713efde86ee4cb9b7539ac8a648c61e1f553a74dc23903a9b47e2c2d82b484134c58fbeefc57f2fb0da54b8ef6cce1c8a5b4e878003e3a45ac1215ec30d9d6be6af230dda4ba55f1d2033af5f97f910af7997f4f8af16ccedf12707c00a1559d12845399fa06ec8dcd7f9e43eacdef1a8383e2e8b6b1cf57db924a6f109507033ba2c860ebf2dbdc47d71fe
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (59 mod 64).
+# DIGEST: 58286fe273bf572a76a2725933dd969777c303c1
+KEY: 4ed4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb9
+NONCE: 5fb09e4d00d6172e
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f0
+AD: 3541a11be112a72933c7b5
+CT: d426f1f4e5e9f77c9ce41b9e3078d1138d28428a0c81cace18a5c10c83ec1d9e6ded56404f7cebab2aec5f8c0849246c28c08ecc495202ba4e640117be1489c0c4e8c9b1dfd014e801423c3142c567e06d41378b18741b0e1f73c1663297da3a2391cdae02640328d528b03d536b8ab97d019e8e68fdc59903f98b
+TAG: 5dd4e5ca278c5b63d9fc7046f0e3f30742cbdce371d5dadb24dbe8b4237e7d1fc32ecc160415fe1a9e8654e2c8df0085bb8a8a761614218aa9c5987a6dac2d6bca48f26412173ff1b9687beb988242b622494b7ef8ab70b3922f7cd9b40628a7a6f42a494232bd90ab26862a2e89b49cfea034b26a9763e9f34c463175b6f838a4acaae95cef8af2edab85aeccf7a6c625166751d4219f44ae7112222f53ae89d87ed696c84c73c0001c6f0a377320b675a5a203623359a559ad7774ed9cea77c9ff706bce4f6ea9c837ccfc7c15138c563e019909e68088bbf6fb5344e955bfb99eeac2ab58d1a8581e0788699af2a77c7c7f8cda6141c2b844d9396e75eb810cd2cb014035eea7eae9c54751
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (60 mod 64).
+# DIGEST: ae701e5c8672dfaf728bf0f43f5e5247ea9ac13a
+KEY: d4fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95f
+NONCE: b09e4d00d6172e78
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f035
+AD: 41a11be112a72933c7b54e
+CT: 7349da70e2f5ae86dd50aa94b568004abd84586d29d2ad5bd94f79ad4b63e402212a762ef5ff90e8cdbe1bf152b2162e6ae565e6737ef744a1d67bea09361a92fd29c1eb9eb802dd71279e0269042bf048c791628bba25c15650324ecce12c8a39b31885b915c3417c7612b9549dab0b0db7c99a4767e5add635e0fa
+TAG: 69c6ef3f04b8f79ef911e9636f6b01ce97ca3c71d31d9bb732f01f502102490ed003c7639c631bec7dfe5e69ade48eb82769b3ffd8feb85066849733716784f25a2dad8c2bcd8c1fef23055b090cad74d4794a2346adfe00c64997a940d08954daf7737daf17d71ea4f0eb09069e712ed70aeed0af037aee6fb494115abc548527bc695e2547811cc5e9a5618960994a86e4ce2b55f68eb1b85bdd35675f22911473b9c713b4c4ff3c021fee2d4ed0a305481161fcde8bfb3c69a083e33201d630d1b2c32692f43e3f1abd6d573211314028891fc842a00ba11f87c02d6f0c36b948f2f1519ea8c3d78ac97338f418e50a85d7af21114b099cd42cc09114f48371a6342913dc617253c43780da57ca95ceb5c1dc
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (61 mod 64).
+# DIGEST: 4f498d0aa9205160827626ef80c163275eca1f78
+KEY: fad0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb0
+NONCE: 9e4d00d6172e780a
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541
+AD: a11be112a72933c7b54ed4
+CT: ed719f396a0c720c91486127e58916f010692f6018646fda04b0321e70f3d5736ee3827743f541857fc2bb3c41497f03563540655a7ac43f69e62d876a31ebc3c14e24a432814aa4a448c44ac4b02624494f703bb171f6878236bbdf27be2f9fb651cd855564976b0e875e4ccfb42930422db234008ef6a25723c944f8
+TAG: e17447e2588894570bcd7913bb8141042b7dbccff24195f1e50c8795f7f3a03b1b1ed26b49f8f5cbfb0c2e493790d816fa33530265c256ef4675c2f0c5f1feedf3b384fa0f4419c33c60d840eeaa561745bd4bfbfeaebaf0218ae5f02bef51f5aecef98dd46f2d4c75ded4dac17ecdb0e6c615cd6758ed728f9f8bf3ff601c26091e83310b670f3d21495afe55b440f8aa2ed8a9a717b9f0191b173728443c2635bb4761158cc3d8691540ad7413213e7ba9bfc088ba9271e292e716041a2b6b05505519f4dafa07216204a037059048401ba3c7e7e0187ad0ce4c53b60547daa7623a9d4e61d62c4c8474ce13042f0ded541de3aafedba24fd579f78a328586f254643b6cdd1fa448d41a94f3d918a99559cf
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (62 mod 64).
+# DIGEST: 8c043825b2a3764e8a0cc35a011696fb3ed03c2b
+KEY: d0be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e
+NONCE: 4d00d6172e780ab8
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a1
+AD: 1be112a72933c7b54ed4fa
+CT: d988f45c0ab83dc3674eeefdceeb7eb10b18efa791a39599404ea479d7c84579268013592599cf7f9e099d2283b841199d823529507fe8c30b7a66ed2c3e46e21116bfe53af3dbc978a1b556ee3dc464af5529ed974a8199cf7a4e4674aece3ffb8209d17d72ca7f7d25898d462b1436fe63fb0cce18794defe53dff51e4
+TAG: bec26441d062334a5454cc9f5a4f7c9afc1b333261ef7e731fdea9fbf53b100ef548ec9f17569310252ef812f416c44f70bcf50b0e79ae04030a16647db49c4df74f5b7a48f643d52eea0a3e6300d97aab984fd084f989c14f7a0a014c0bc6938a85dd29c6f71e2670141fe7426e12c06c09d5c86429a763965354a822872a3e08e89be61e6b033ecc514210316affa8fdeed9909d2c4e91810c2ddb9504dd9e17a5f26afab33a089884616c9955cf287f68ae43b8bc1f28e60bc910c117535a1ad845d1151e5e06507ea30d98f36037d8c0c497f3263a0ab503baac0b6d2a944271f4a07c76d51361b80c11a4d83bebaca1ac2920d6467202207e530f3380ad44c329288bed2aed8784e452b16f16d8b00a
+TAG_LEN: 20
+NO_SEAL: 01
+
+# Test with maximal padding (63 mod 64).
+# DIGEST: f3a432271c9be858725fd024071c4f479ca9a971
+KEY: be905d41203f5dce998f8fb2eaad409ae02116417dae0cef457b9e5e16dcc5b6f25607f00d033fb95fb09e4d
+NONCE: 00d6172e780ab8b7
+IN: 936a91d0b5d2c0267218cb7090c6171386d641b87797b684e0fb56f97c3961d8afa22993a340b9b3c589c7481df3f4183aa23fd8d7efd88503f78b8ed1c8e9ba2fd6773e0d0c302a5f47e037446f5891d77df660ed82933f62be8dc55b436965aabe477e0cdd46be99371eb8da7dac997deafd64b1fc65de39f4f03541a11b
+AD: e112a72933c7b54ed4fad0
+CT: 7e8981283025150c549a20da52e5f63f59c885d13777f072714e47c01f15b3ec9125a7253e487f6a368b9c1e92005f4ae90140545c3c92d7be4cfa5e68b49f848f58664a7ea39c11c277f9b69bd0f70336def9668bcaa507d517cb2e390fa003917c4a35f303511a6eb79ca64c8059fa50d9ce9581fd1efd0c48b3bb39e282
+TAG: 17a8e2521babf39bc5896910696c7bb8f9bdd9435020f07a934b4889d7aad15224dd9ddd8b1c0281a54febea957d5e40186e91f41c207d6ee0267f8283adb7e4770930cd3b4f2fd81094fa1f8149e652b36176b72d34abd507af31b3ce8d28d652dd42555fba0b8126ab23649e6a247be5411fa5bdf27fd84427eca7e26babac3e9503f14f328445ec83f50e2ada2b4da59e347460e8513bad65e1762d8e9aaade5db0f7bf44e76334d2e15d6a7354f4478b504f05c4db1af8d33af589cc9e97f14032aa7e9d92101bc37f54e6adaa564111c9179984f286afdee74c90cb3d44ef4409fca335f10fa7642b9d90dc07447525e83a0fda15985ef904cac53e1101ad5043533f3d2c8a656de9b6b81931e286
 TAG_LEN: 20
 NO_SEAL: 01
 

crypto/cipher_extra/test/make_legacy_aead_tests.go

@@ -100,7 +100,7 @@ type testCase struct {
 type options struct {
 	// extraPadding causes an extra block of padding to be added.
 	extraPadding bool
-	// maximalPadding causes 256 bytes of padding to be added.
+	// maximalPadding causes the maximum allowed amount of padding to be added.
 	maximalPadding bool
 	// wrongPadding causes one of the padding bytes to be wrong.
 	wrongPadding bool
@@ -176,7 +176,7 @@ func makeTestCase(length int, options options) (*testCase, error) {
 	} else {
 		sealed = append(sealed, digest...)
 	}
-	paddingLen := cbc.BlockSize() - (len(sealed) % cbc.BlockSize())
+	paddingLen := cbc.BlockSize() - len(sealed)%cbc.BlockSize()
 	if options.noPadding {
 		if paddingLen != cbc.BlockSize() {
 			return nil, fmt.Errorf("invalid length for noPadding")
@@ -188,10 +188,10 @@ func makeTestCase(length int, options options) (*testCase, error) {
 			if options.extraPadding {
 				paddingLen += cbc.BlockSize()
 			} else {
-				if paddingLen != cbc.BlockSize() {
-					return nil, fmt.Errorf("invalid length for maximalPadding")
+				if 256%cbc.BlockSize() != 0 {
+					panic("256 is not a whole number of blocks")
 				}
-				paddingLen = 256
+				paddingLen = 256 - len(sealed)%cbc.BlockSize()
 			}
 			noSeal = true
 		}
@@ -290,8 +290,16 @@ func main() {
 	fmt.Printf("# Test with no padding.\n")
 	addTestCase(64-hash.Size(), options{noPadding: true})
 
-	fmt.Printf("# Test with maximal padding.\n")
-	addTestCase(64-hash.Size(), options{maximalPadding: true})
+	// Test with maximal padding at all rotations modulo the hash's block
+	// size. Our smallest hash (SHA-1 at 64-byte blocks) exceeds our largest
+	// block cipher (AES at 16-byte blocks), so this is also covers all
+	// block cipher rotations. This is to ensure full coverage of the
+	// kVarianceBlocks value in the constant-time logic.
+	hashBlockSize := hash.New().BlockSize()
+	for i := 0; i < hashBlockSize; i++ {
+		fmt.Printf("# Test with maximal padding (%d mod %d).\n", i, hashBlockSize)
+		addTestCase(hashBlockSize+i, options{maximalPadding: true})
+	}
 
 	fmt.Printf("# Test if the unpadded input is too short for a MAC, but not publicly so.\n")
 	addTestCase(0, options{omitMAC: true, maximalPadding: true})

crypto/cipher_extra/tls_cbc.c

@@ -329,9 +329,18 @@ int EVP_tls_cbc_digest_record(const EVP_MD *md, uint8_t *md_out,
   // padding value.
   //
   // TLSv1 has MACs up to 48 bytes long (SHA-384) and the padding is not
-  // required to be minimal. Therefore we say that the final six blocks
-  // can vary based on the padding.
-  static const size_t kVarianceBlocks = 6;
+  // required to be minimal. Therefore we say that the final |kVarianceBlocks|
+  // blocks can vary based on the padding and on the hash used. This value
+  // must be derived from public information.
+  const size_t kVarianceBlocks =
+     ( 255 + 1 + // maximum padding bytes + padding length
+       md_size + // length of hash's output
+       md_block_size - 1 // ceiling
+     ) / md_block_size
+     + 1; // the 0x80 marker and the encoded message length could or not
+          // require an extra block; since the exact value depends on the
+          // message length; thus, one extra block is always added to run
+          // in constant time.
 
   // From now on we're dealing with the MAC, which conceptually has 13
   // bytes of `header' before the start of the data.

crypto/cmac/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  cmac
-
-  OBJECT
-
-  cmac.c
-)

crypto/conf/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  conf
-
-  OBJECT
-
-  conf.c
-)

crypto/conf/conf.c

@@ -62,6 +62,7 @@
 #include <openssl/bio.h>
 #include <openssl/buf.h>
 #include <openssl/err.h>
+#include <openssl/lhash.h>
 #include <openssl/mem.h>
 
 #include "conf_def.h"
@@ -69,6 +70,12 @@
 #include "../internal.h"
 
 
+DEFINE_LHASH_OF(CONF_VALUE)
+
+struct conf_st {
+  LHASH_OF(CONF_VALUE) *data;
+};
+
 // The maximum length we can grow a value to after variable expansion. 64k
 // should be more than enough for all reasonable uses.
 #define MAX_CONF_VALUE_LENGTH 65536

crypto/constant_time_test.cc

@@ -153,3 +153,19 @@ TEST(ConstantTimeTest, MemCmp) {
     }
   }
 }
+
+TEST(ConstantTimeTest, ValueBarrier) {
+  for (int i = 0; i < 10; i++) {
+    crypto_word_t word;
+    RAND_bytes(reinterpret_cast<uint8_t *>(&word), sizeof(word));
+    EXPECT_EQ(word, value_barrier_w(word));
+
+    uint32_t u32;
+    RAND_bytes(reinterpret_cast<uint8_t *>(&u32), sizeof(u32));
+    EXPECT_EQ(u32, value_barrier_u32(u32));
+
+    uint64_t u64;
+    RAND_bytes(reinterpret_cast<uint8_t *>(&u64), sizeof(u64));
+    EXPECT_EQ(u64, value_barrier_u64(u64));
+  }
+}

crypto/cpu-arm-linux.c

@@ -15,10 +15,8 @@
 #include <openssl/cpu.h>
 
 #if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
-
 #include <errno.h>
 #include <fcntl.h>
-#include <string.h>
 #include <sys/types.h>
 #include <unistd.h>
 
@@ -26,21 +24,11 @@
 #include <openssl/buf.h>
 #include <openssl/mem.h>
 
-#include "internal.h"
-
+#include "cpu-arm-linux.h"
 
 #define AT_HWCAP 16
 #define AT_HWCAP2 26
 
-#define HWCAP_NEON (1 << 12)
-
-// See /usr/include/asm/hwcap.h on an ARM installation for the source of
-// these values.
-#define HWCAP2_AES (1 << 0)
-#define HWCAP2_PMULL (1 << 1)
-#define HWCAP2_SHA1 (1 << 2)
-#define HWCAP2_SHA2 (1 << 3)
-
 // |getauxval| is not available on Android until API level 20. Link it as a weak
 // symbol and use other methods as fallback.
 unsigned long getauxval(unsigned long type) __attribute__((weak));
@@ -154,138 +142,6 @@ static unsigned long getauxval_proc(unsigned long type) {
   return 0;
 }
 
-typedef struct {
-  const char *data;
-  size_t len;
-} STRING_PIECE;
-
-static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
-  size_t b_len = strlen(b);
-  return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
-}
-
-// STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
-// sets |*out_left| and |*out_right| to |in| split before and after it. It
-// returns one if |sep| was found and zero otherwise.
-static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
-                              const STRING_PIECE *in, char sep) {
-  const char *p = OPENSSL_memchr(in->data, sep, in->len);
-  if (p == NULL) {
-    return 0;
-  }
-  // |out_left| or |out_right| may alias |in|, so make a copy.
-  STRING_PIECE in_copy = *in;
-  out_left->data = in_copy.data;
-  out_left->len = p - in_copy.data;
-  out_right->data = in_copy.data + out_left->len + 1;
-  out_right->len = in_copy.len - out_left->len - 1;
-  return 1;
-}
-
-// STRING_PIECE_trim removes leading and trailing whitespace from |s|.
-static void STRING_PIECE_trim(STRING_PIECE *s) {
-  while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) {
-    s->data++;
-    s->len--;
-  }
-  while (s->len != 0 &&
-         (s->data[s->len - 1] == ' ' || s->data[s->len - 1] == '\t')) {
-    s->len--;
-  }
-}
-
-// extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from
-// |in|.  If found, it sets |*out| to the value and returns one. Otherwise, it
-// returns zero.
-static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in,
-                                 const char *field) {
-  // Process |in| one line at a time.
-  STRING_PIECE remaining = *in, line;
-  while (STRING_PIECE_split(&line, &remaining, &remaining, '\n')) {
-    STRING_PIECE key, value;
-    if (!STRING_PIECE_split(&key, &value, &line, ':')) {
-      continue;
-    }
-    STRING_PIECE_trim(&key);
-    if (STRING_PIECE_equals(&key, field)) {
-      STRING_PIECE_trim(&value);
-      *out = value;
-      return 1;
-    }
-  }
-
-  return 0;
-}
-
-static int cpuinfo_field_equals(const STRING_PIECE *cpuinfo, const char *field,
-                                const char *value) {
-  STRING_PIECE extracted;
-  return extract_cpuinfo_field(&extracted, cpuinfo, field) &&
-         STRING_PIECE_equals(&extracted, value);
-}
-
-// has_list_item treats |list| as a space-separated list of items and returns
-// one if |item| is contained in |list| and zero otherwise.
-static int has_list_item(const STRING_PIECE *list, const char *item) {
-  STRING_PIECE remaining = *list, feature;
-  while (STRING_PIECE_split(&feature, &remaining, &remaining, ' ')) {
-    if (STRING_PIECE_equals(&feature, item)) {
-      return 1;
-    }
-  }
-  return 0;
-}
-
-static unsigned long get_hwcap_cpuinfo(const STRING_PIECE *cpuinfo) {
-  if (cpuinfo_field_equals(cpuinfo, "CPU architecture", "8")) {
-    // This is a 32-bit ARM binary running on a 64-bit kernel. NEON is always
-    // available on ARMv8. Linux omits required features, so reading the
-    // "Features" line does not work. (For simplicity, use strict equality. We
-    // assume everything running on future ARM architectures will have a
-    // working |getauxval|.)
-    return HWCAP_NEON;
-  }
-
-  STRING_PIECE features;
-  if (extract_cpuinfo_field(&features, cpuinfo, "Features") &&
-      has_list_item(&features, "neon")) {
-    return HWCAP_NEON;
-  }
-  return 0;
-}
-
-static unsigned long get_hwcap2_cpuinfo(const STRING_PIECE *cpuinfo) {
-  STRING_PIECE features;
-  if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) {
-    return 0;
-  }
-
-  unsigned long ret = 0;
-  if (has_list_item(&features, "aes")) {
-    ret |= HWCAP2_AES;
-  }
-  if (has_list_item(&features, "pmull")) {
-    ret |= HWCAP2_PMULL;
-  }
-  if (has_list_item(&features, "sha1")) {
-    ret |= HWCAP2_SHA1;
-  }
-  if (has_list_item(&features, "sha2")) {
-    ret |= HWCAP2_SHA2;
-  }
-  return ret;
-}
-
-// has_broken_neon returns one if |in| matches a CPU known to have a broken
-// NEON unit. See https://crbug.com/341598.
-static int has_broken_neon(const STRING_PIECE *cpuinfo) {
-  return cpuinfo_field_equals(cpuinfo, "CPU implementer", "0x51") &&
-         cpuinfo_field_equals(cpuinfo, "CPU architecture", "7") &&
-         cpuinfo_field_equals(cpuinfo, "CPU variant", "0x1") &&
-         cpuinfo_field_equals(cpuinfo, "CPU part", "0x04d") &&
-         cpuinfo_field_equals(cpuinfo, "CPU revision", "0");
-}
-
 extern uint32_t OPENSSL_armcap_P;
 
 static int g_has_broken_neon, g_needs_hwcap2_workaround;
@@ -315,11 +171,11 @@ void OPENSSL_cpuid_setup(void) {
     hwcap = getauxval_proc(AT_HWCAP);
   }
   if (hwcap == 0) {
-    hwcap = get_hwcap_cpuinfo(&cpuinfo);
+    hwcap = crypto_get_arm_hwcap_from_cpuinfo(&cpuinfo);
   }
 
   // Clear NEON support if known broken.
-  g_has_broken_neon = has_broken_neon(&cpuinfo);
+  g_has_broken_neon = crypto_cpuinfo_has_broken_neon(&cpuinfo);
   if (g_has_broken_neon) {
     hwcap &= ~HWCAP_NEON;
   }
@@ -335,7 +191,7 @@ void OPENSSL_cpuid_setup(void) {
       hwcap2 = getauxval(AT_HWCAP2);
     }
     if (hwcap2 == 0) {
-      hwcap2 = get_hwcap2_cpuinfo(&cpuinfo);
+      hwcap2 = crypto_get_arm_hwcap2_from_cpuinfo(&cpuinfo);
       g_needs_hwcap2_workaround = hwcap2 != 0;
     }
 

crypto/cpu-arm-linux.h

@@ -0,0 +1,201 @@
+/* Copyright (c) 2018, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
+#define OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
+
+#include <openssl/base.h>
+
+#include <string.h>
+
+#include "internal.h"
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// The cpuinfo parser lives in a header file so it may be accessible from
+// cross-platform fuzzers without adding code to those platforms normally.
+
+#define HWCAP_NEON (1 << 12)
+
+// See /usr/include/asm/hwcap.h on an ARM installation for the source of
+// these values.
+#define HWCAP2_AES (1 << 0)
+#define HWCAP2_PMULL (1 << 1)
+#define HWCAP2_SHA1 (1 << 2)
+#define HWCAP2_SHA2 (1 << 3)
+
+typedef struct {
+  const char *data;
+  size_t len;
+} STRING_PIECE;
+
+static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
+  size_t b_len = strlen(b);
+  return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
+}
+
+// STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
+// sets |*out_left| and |*out_right| to |in| split before and after it. It
+// returns one if |sep| was found and zero otherwise.
+static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
+                              const STRING_PIECE *in, char sep) {
+  const char *p = (const char *)OPENSSL_memchr(in->data, sep, in->len);
+  if (p == NULL) {
+    return 0;
+  }
+  // |out_left| or |out_right| may alias |in|, so make a copy.
+  STRING_PIECE in_copy = *in;
+  out_left->data = in_copy.data;
+  out_left->len = p - in_copy.data;
+  out_right->data = in_copy.data + out_left->len + 1;
+  out_right->len = in_copy.len - out_left->len - 1;
+  return 1;
+}
+
+// STRING_PIECE_get_delimited reads a |sep|-delimited entry from |s|, writing it
+// to |out| and updating |s| to point beyond it. It returns one on success and
+// zero if |s| is empty. If |s| is has no copies of |sep| and is non-empty, it
+// reads the entire string to |out|.
+static int STRING_PIECE_get_delimited(STRING_PIECE *s, STRING_PIECE *out, char sep) {
+  if (s->len == 0) {
+    return 0;
+  }
+  if (!STRING_PIECE_split(out, s, s, sep)) {
+    // |s| had no instances of |sep|. Return the entire string.
+    *out = *s;
+    s->data += s->len;
+    s->len = 0;
+  }
+  return 1;
+}
+
+// STRING_PIECE_trim removes leading and trailing whitespace from |s|.
+static void STRING_PIECE_trim(STRING_PIECE *s) {
+  while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) {
+    s->data++;
+    s->len--;
+  }
+  while (s->len != 0 &&
+         (s->data[s->len - 1] == ' ' || s->data[s->len - 1] == '\t')) {
+    s->len--;
+  }
+}
+
+// extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from
+// |in|. If found, it sets |*out| to the value and returns one. Otherwise, it
+// returns zero.
+static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in,
+                                 const char *field) {
+  // Process |in| one line at a time.
+  STRING_PIECE remaining = *in, line;
+  while (STRING_PIECE_get_delimited(&remaining, &line, '\n')) {
+    STRING_PIECE key, value;
+    if (!STRING_PIECE_split(&key, &value, &line, ':')) {
+      continue;
+    }
+    STRING_PIECE_trim(&key);
+    if (STRING_PIECE_equals(&key, field)) {
+      STRING_PIECE_trim(&value);
+      *out = value;
+      return 1;
+    }
+  }
+
+  return 0;
+}
+
+static int cpuinfo_field_equals(const STRING_PIECE *cpuinfo, const char *field,
+                                const char *value) {
+  STRING_PIECE extracted;
+  return extract_cpuinfo_field(&extracted, cpuinfo, field) &&
+         STRING_PIECE_equals(&extracted, value);
+}
+
+// has_list_item treats |list| as a space-separated list of items and returns
+// one if |item| is contained in |list| and zero otherwise.
+static int has_list_item(const STRING_PIECE *list, const char *item) {
+  STRING_PIECE remaining = *list, feature;
+  while (STRING_PIECE_get_delimited(&remaining, &feature, ' ')) {
+    if (STRING_PIECE_equals(&feature, item)) {
+      return 1;
+    }
+  }
+  return 0;
+}
+
+// crypto_get_arm_hwcap_from_cpuinfo returns an equivalent ARM |AT_HWCAP| value
+// from |cpuinfo|.
+static unsigned long crypto_get_arm_hwcap_from_cpuinfo(
+    const STRING_PIECE *cpuinfo) {
+  if (cpuinfo_field_equals(cpuinfo, "CPU architecture", "8")) {
+    // This is a 32-bit ARM binary running on a 64-bit kernel. NEON is always
+    // available on ARMv8. Linux omits required features, so reading the
+    // "Features" line does not work. (For simplicity, use strict equality. We
+    // assume everything running on future ARM architectures will have a
+    // working |getauxval|.)
+    return HWCAP_NEON;
+  }
+
+  STRING_PIECE features;
+  if (extract_cpuinfo_field(&features, cpuinfo, "Features") &&
+      has_list_item(&features, "neon")) {
+    return HWCAP_NEON;
+  }
+  return 0;
+}
+
+// crypto_get_arm_hwcap2_from_cpuinfo returns an equivalent ARM |AT_HWCAP2|
+// value from |cpuinfo|.
+static unsigned long crypto_get_arm_hwcap2_from_cpuinfo(
+    const STRING_PIECE *cpuinfo) {
+  STRING_PIECE features;
+  if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) {
+    return 0;
+  }
+
+  unsigned long ret = 0;
+  if (has_list_item(&features, "aes")) {
+    ret |= HWCAP2_AES;
+  }
+  if (has_list_item(&features, "pmull")) {
+    ret |= HWCAP2_PMULL;
+  }
+  if (has_list_item(&features, "sha1")) {
+    ret |= HWCAP2_SHA1;
+  }
+  if (has_list_item(&features, "sha2")) {
+    ret |= HWCAP2_SHA2;
+  }
+  return ret;
+}
+
+// crypto_cpuinfo_has_broken_neon returns one if |cpuinfo| matches a CPU known
+// to have broken NEON unit and zero otherwise. See https://crbug.com/341598.
+static int crypto_cpuinfo_has_broken_neon(const STRING_PIECE *cpuinfo) {
+  return cpuinfo_field_equals(cpuinfo, "CPU implementer", "0x51") &&
+         cpuinfo_field_equals(cpuinfo, "CPU architecture", "7") &&
+         cpuinfo_field_equals(cpuinfo, "CPU variant", "0x1") &&
+         cpuinfo_field_equals(cpuinfo, "CPU part", "0x04d") &&
+         cpuinfo_field_equals(cpuinfo, "CPU revision", "0");
+}
+
+
+#if defined(__cplusplus)
+}  // extern C
+#endif
+
+#endif  // OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H

crypto/cpu-arm-linux_test.cc

@@ -0,0 +1,232 @@
+/* Copyright (c) 2018, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include "cpu-arm-linux.h"
+
+#include <string.h>
+
+#include <gtest/gtest.h>
+
+
+TEST(ARMLinuxTest, CPUInfo) {
+  struct CPUInfoTest {
+    const char *cpuinfo;
+    unsigned long hwcap;
+    unsigned long hwcap2;
+    bool broken_neon;
+  } kTests[] = {
+      // https://crbug.com/341598#c33
+      {
+          "Processor: ARMv7 Processory rev 0 (v71)\n"
+          "processor: 0\n"
+          "BogoMIPS: 13.50\n"
+          "\n"
+          "Processor: 1\n"
+          "BogoMIPS: 13.50\n"
+          "\n"
+          "Features: swp half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 "
+          "idiva idivt\n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 7\n"
+          "CPU variant: 0x1\n"
+          "CPU part: 0x04d\n"
+          "CPU revision: 0\n"
+          "\n"
+          "Hardware: SAMSUNG M2\n"
+          "Revision: 0010\n"
+          "Serial: 00001e030000354e\n",
+          HWCAP_NEON,
+          0,
+          true,
+      },
+      // https://crbug.com/341598#c39
+      {
+          "Processor       : ARMv7 Processor rev 0 (v7l)\n"
+          "processor       : 0\n"
+          "BogoMIPS        : 13.53\n"
+          "\n"
+          "Features        : swp half thumb fastmult vfp edsp neon vfpv3 tls "
+          "vfpv4\n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 7\n"
+          "CPU variant     : 0x1\n"
+          "CPU part        : 0x04d\n"
+          "CPU revision    : 0\n"
+          "\n"
+          "Hardware        : SAMSUNG M2_ATT\n"
+          "Revision        : 0010\n"
+          "Serial          : 0000df0c00004d4c\n",
+          HWCAP_NEON,
+          0,
+          true,
+      },
+      // Nexus 4 from https://crbug.com/341598#c43
+      {
+          "Processor       : ARMv7 Processor rev 2 (v7l)\n"
+          "processor       : 0\n"
+          "BogoMIPS        : 13.53\n"
+          "\n"
+          "processor       : 1\n"
+          "BogoMIPS        : 13.53\n"
+          "\n"
+          "processor       : 2\n"
+          "BogoMIPS        : 13.53\n"
+          "\n"
+          "processor       : 3\n"
+          "BogoMIPS        : 13.53\n"
+          "\n"
+          "Features        : swp half thumb fastmult vfp edsp neon vfpv3 tls "
+          "vfpv4 \n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 7\n"
+          "CPU variant     : 0x0\n"
+          "CPU part        : 0x06f\n"
+          "CPU revision    : 2\n"
+          "\n"
+          "Hardware        : QCT APQ8064 MAKO\n"
+          "Revision        : 000b\n"
+          "Serial          : 0000000000000000\n",
+          HWCAP_NEON,
+          0,
+          false,
+      },
+      // Razr M from https://crbug.com/341598#c43
+      {
+          "Processor       : ARMv7 Processor rev 4 (v7l)\n"
+          "processor       : 0\n"
+          "BogoMIPS        : 13.53\n"
+          "\n"
+          "Features        : swp half thumb fastmult vfp edsp neon vfpv3 tls "
+          "vfpv4\n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 7\n"
+          "CPU variant     : 0x1\n"
+          "CPU part        : 0x04d\n"
+          "CPU revision    : 4\n"
+          "\n"
+          "Hardware        : msm8960dt\n"
+          "Revision        : 82a0\n"
+          "Serial          : 0001000201fe37a5\n",
+          HWCAP_NEON,
+          0,
+          false,
+      },
+      // Pixel 2 (truncated slightly)
+      {
+          "Processor       : AArch64 Processor rev 1 (aarch64)\n"
+          "processor       : 0\n"
+          "BogoMIPS        : 38.00\n"
+          "Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 8\n"
+          "CPU variant     : 0xa\n"
+          "CPU part        : 0x801\n"
+          "CPU revision    : 4\n"
+          "\n"
+          "processor       : 1\n"
+          "BogoMIPS        : 38.00\n"
+          "Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 8\n"
+          "CPU variant     : 0xa\n"
+          "CPU part        : 0x801\n"
+          "CPU revision    : 4\n"
+          "\n"
+          "processor       : 2\n"
+          "BogoMIPS        : 38.00\n"
+          "Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 8\n"
+          "CPU variant     : 0xa\n"
+          "CPU part        : 0x801\n"
+          "CPU revision    : 4\n"
+          "\n"
+          "processor       : 3\n"
+          "BogoMIPS        : 38.00\n"
+          "Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32\n"
+          "CPU implementer : 0x51\n"
+          "CPU architecture: 8\n"
+          "CPU variant     : 0xa\n"
+          "CPU part        : 0x801\n"
+          "CPU revision    : 4\n"
+          // (Extra processors omitted.)
+          "\n"
+          "Hardware        : Qualcomm Technologies, Inc MSM8998\n",
+          HWCAP_NEON,  // CPU architecture 8 implies NEON.
+          HWCAP2_AES | HWCAP2_PMULL | HWCAP2_SHA1 | HWCAP2_SHA2,
+          false,
+      },
+      // Nexus 4 from
+      // Garbage should be tolerated.
+      {
+          "Blah blah blah this is definitely an ARM CPU",
+          0,
+          0,
+          false,
+      },
+      // A hypothetical ARMv8 CPU without crc32 (and thus no trailing space
+      // after the last crypto entry).
+      {
+          "Features        : aes pmull sha1 sha2\n"
+          "CPU architecture: 8\n",
+          HWCAP_NEON,
+          HWCAP2_AES | HWCAP2_PMULL | HWCAP2_SHA1 | HWCAP2_SHA2,
+          false,
+      },
+      // Various combinations of ARMv8 flags.
+      {
+          "Features        : aes sha1 sha2\n"
+          "CPU architecture: 8\n",
+          HWCAP_NEON,
+          HWCAP2_AES | HWCAP2_SHA1 | HWCAP2_SHA2,
+          false,
+      },
+      {
+          "Features        : pmull sha2\n"
+          "CPU architecture: 8\n",
+          HWCAP_NEON,
+          HWCAP2_PMULL | HWCAP2_SHA2,
+          false,
+      },
+      {
+          "Features        : aes aes   aes not_aes aes aes \n"
+          "CPU architecture: 8\n",
+          HWCAP_NEON,
+          HWCAP2_AES,
+          false,
+      },
+      {
+          "Features        : \n"
+          "CPU architecture: 8\n",
+          HWCAP_NEON,
+          0,
+          false,
+      },
+      {
+          "Features        : nothing\n"
+          "CPU architecture: 8\n",
+          HWCAP_NEON,
+          0,
+          false,
+      },
+  };
+
+  for (const auto &t : kTests) {
+    SCOPED_TRACE(t.cpuinfo);
+    STRING_PIECE sp = {t.cpuinfo, strlen(t.cpuinfo)};
+    EXPECT_EQ(t.hwcap, crypto_get_arm_hwcap_from_cpuinfo(&sp));
+    EXPECT_EQ(t.hwcap2, crypto_get_arm_hwcap2_from_cpuinfo(&sp));
+    EXPECT_EQ(t.broken_neon ? 1 : 0, crypto_cpuinfo_has_broken_neon(&sp));
+  }
+}

crypto/cpu-intel.c

@@ -54,10 +54,6 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.] */
 
-#if !defined(__STDC_FORMAT_MACROS)
-#define __STDC_FORMAT_MACROS
-#endif
-
 #include <openssl/cpu.h>
 
 
@@ -156,20 +152,6 @@ void OPENSSL_cpuid_setup(void) {
                edx == 0x69746e65 /* enti */ &&
                ecx == 0x444d4163 /* cAMD */;
 
-  int has_amd_xop = 0;
-  if (is_amd) {
-    // AMD-specific logic.
-    // See http://developer.amd.com/wordpress/media/2012/10/254811.pdf
-    OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000000);
-    uint32_t num_extended_ids = eax;
-    if (num_extended_ids >= 0x80000001) {
-      OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000001);
-      if (ecx & (1u << 11)) {
-        has_amd_xop = 1;
-      }
-    }
-  }
-
   uint32_t extended_features[2] = {0};
   if (num_ids >= 7) {
     OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 7);
@@ -177,30 +159,36 @@ void OPENSSL_cpuid_setup(void) {
     extended_features[1] = ecx;
   }
 
-  // Determine the number of cores sharing an L1 data cache to adjust the
-  // hyper-threading bit.
-  uint32_t cores_per_cache = 0;
-  if (is_amd) {
-    // AMD CPUs never share an L1 data cache between threads but do set the HTT
-    // bit on multi-core CPUs.
-    cores_per_cache = 1;
-  } else if (num_ids >= 4) {
-    // TODO(davidben): The Intel manual says this CPUID leaf enumerates all
-    // caches using ECX and doesn't say which is first. Does this matter?
-    OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 4);
-    cores_per_cache = 1 + ((eax >> 14) & 0xfff);
-  }
-
   OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 1);
 
-  // Adjust the hyper-threading bit.
-  if (edx & (1u << 28)) {
-    uint32_t num_logical_cores = (ebx >> 16) & 0xff;
-    if (cores_per_cache == 1 || num_logical_cores <= 1) {
-      edx &= ~(1u << 28);
+  if (is_amd) {
+    // See https://www.amd.com/system/files/TechDocs/25481.pdf, page 10.
+    const uint32_t base_family = (eax >> 8) & 15;
+    const uint32_t base_model = (eax >> 4) & 15;
+
+    uint32_t family = base_family;
+    uint32_t model = base_model;
+    if (base_family == 0xf) {
+      const uint32_t ext_family = (eax >> 20) & 255;
+      family += ext_family;
+      const uint32_t ext_model = (eax >> 16) & 15;
+      model |= ext_model << 4;
+    }
+
+    if (family < 0x17 || (family == 0x17 && 0x70 <= model && model <= 0x7f)) {
+      // Disable RDRAND on AMD families before 0x17 (Zen) due to reported
+      // failures after suspend.
+      // https://bugzilla.redhat.com/show_bug.cgi?id=1150286
+      // Also disable for family 0x17, models 0x70–0x7f, due to possible RDRAND
+      // failures there too.
+      ecx &= ~(1u << 30);
     }
   }
 
+  // Force the hyper-threading bit so that the more conservative path is always
+  // chosen.
+  edx |= 1u << 28;
+
   // Reserved bit #20 was historically repurposed to control the in-memory
   // representation of RC4 state. Always set it to zero.
   edx &= ~(1u << 20);
@@ -220,12 +208,9 @@ void OPENSSL_cpuid_setup(void) {
     edx &= ~(1u << 30);
   }
 
-  // The SDBG bit is repurposed to denote AMD XOP support.
-  if (has_amd_xop) {
-    ecx |= (1u << 11);
-  } else {
-    ecx &= ~(1u << 11);
-  }
+  // The SDBG bit is repurposed to denote AMD XOP support. Don't ever use AMD
+  // XOP code paths.
+  ecx &= ~(1u << 11);
 
   uint64_t xcr0 = 0;
   if (ecx & (1u << 27)) {

crypto/crypto.c

@@ -19,19 +19,6 @@
 #include "internal.h"
 
 
-#if defined(OPENSSL_MSAN) && !defined(OPENSSL_NO_ASM)
-// MSan works by instrumenting memory accesses in the compiler. Accesses from
-// uninstrumented code, such as assembly, are invisible to it. MSan will
-// incorrectly report reads from assembly-initialized memory as uninitialized.
-// If building BoringSSL with MSan, exclude assembly files from the build and
-// define OPENSSL_NO_ASM.
-//
-// This is checked here rather than in a header because the consumer might not
-// define OPENSSL_NO_ASM. It is only necessary for BoringSSL source files to be
-// built with it.
-#error "BoringSSL must be built with assembly disabled to use MSan."
-#endif
-
 #if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_STATIC_ARMCAP) && \
     (defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
      defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) || \
@@ -49,8 +36,8 @@
 #define BORINGSSL_NO_STATIC_INITIALIZER
 #endif
 
-#endif  /* !OPENSSL_NO_ASM && (OPENSSL_X86 || OPENSSL_X86_64 ||
-                               OPENSSL_ARM || OPENSSL_AARCH64) */
+#endif  // !NO_ASM && !STATIC_ARMCAP &&
+        // (X86 || X86_64 || ARM || AARCH64 || PPC64LE)
 
 
 // Our assembly does not use the GOT to reference symbols, which means
@@ -73,8 +60,7 @@
 // that tests the capability values will still skip the constructor but, so
 // far, the init constructor function only sets the capability variables.
 
-#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
-
+#if defined(BORINGSSL_DISPATCH_TEST)
 // This value must be explicitly initialised to zero in order to work around a
 // bug in libtool or the linker on OS X.
 //
@@ -82,6 +68,12 @@
 // archive, linking on OS X will fail to resolve common symbols. By
 // initialising it to zero, it becomes a "data symbol", which isn't so
 // affected.
+HIDDEN uint8_t BORINGSSL_function_hit[7] = {0};
+#endif
+
+#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
+
+// This value must be explicitly initialized to zero. See similar comment above.
 HIDDEN uint32_t OPENSSL_ia32cap_P[4] = {0};
 
 #elif defined(OPENSSL_PPC64LE)
@@ -95,7 +87,8 @@ HIDDEN unsigned long OPENSSL_ppc64le_hwcap2 = 0;
 #if defined(OPENSSL_STATIC_ARMCAP)
 
 HIDDEN uint32_t OPENSSL_armcap_P =
-#if defined(OPENSSL_STATIC_ARMCAP_NEON) || defined(__ARM_NEON__)
+#if defined(OPENSSL_STATIC_ARMCAP_NEON) || \
+    (defined(__ARM_NEON__) || defined(__ARM_NEON))
     ARMV7_NEON |
 #endif
 #if defined(OPENSSL_STATIC_ARMCAP_AES) || defined(__ARM_FEATURE_CRYPTO)
@@ -114,6 +107,10 @@ HIDDEN uint32_t OPENSSL_armcap_P =
 
 #else
 HIDDEN uint32_t OPENSSL_armcap_P = 0;
+
+uint32_t *OPENSSL_get_armcap_pointer_for_test(void) {
+  return &OPENSSL_armcap_P;
+}
 #endif
 
 #endif

crypto/curve25519/CMakeLists.txt

@@ -1,19 +0,0 @@
-include_directories(../../include)
-
-if(${ARCH} STREQUAL "arm")
-  set(
-    CURVE25519_ARCH_SOURCES
-
-    asm/x25519-asm-arm.S
-  )
-endif()
-
-add_library(
-  curve25519
-
-  OBJECT
-
-  spake25519.c
-
-  ${CURVE25519_ARCH_SOURCES}
-)

crypto/curve25519/asm/x25519-asm-arm.S

@@ -17,8 +17,18 @@
  * domain licensed but the standard ISC license is included above to keep
  * licensing simple. */
 
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
+#define OPENSSL_NO_ASM
+#endif
+#endif
+
 #if !defined(OPENSSL_NO_ASM) && defined(__arm__) && !defined(__APPLE__)
 
+#if defined(BORINGSSL_PREFIX)
+#include <boringssl_prefix_symbols_asm.h>
+#endif
+
 .fpu neon
 .text
 .align 4
@@ -2120,3 +2130,7 @@ vpop {q4,q5,q6,q7}
 bx lr
 
 #endif  /* !OPENSSL_NO_ASM && __arm__ && !__APPLE__ */
+
+#if defined(__ELF__)
+.section	.note.GNU-stack,"",%progbits
+#endif

crypto/dh/CMakeLists.txt

@@ -1,12 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  dh
-
-  OBJECT
-
-  dh.c
-  params.c
-  check.c
-  dh_asn1.c
-)

crypto/digest_extra/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  digest_extra
-
-  OBJECT
-
-  digest_extra.c
-)

crypto/digest_extra/digest_test.cc

@@ -17,6 +17,7 @@
 #include <string.h>
 
 #include <memory>
+#include <vector>
 
 #include <gtest/gtest.h>
 
@@ -54,7 +55,7 @@ static const MD sha384 = { "SHA384", &EVP_sha384, &SHA384 };
 static const MD sha512 = { "SHA512", &EVP_sha512, &SHA512 };
 static const MD md5_sha1 = { "MD5-SHA1", &EVP_md5_sha1, nullptr };
 
-struct TestVector {
+struct DigestTestVector {
   // md is the digest to test.
   const MD &md;
   // input is a NUL-terminated string to hash.
@@ -65,7 +66,7 @@ struct TestVector {
   const char *expected_hex;
 };
 
-static const TestVector kTestVectors[] = {
+static const DigestTestVector kTestVectors[] = {
     // MD4 tests, from RFC 1320. (crypto/md4 does not provide a
     // one-shot MD4 function.)
     { md4, "", 1, "31d6cfe0d16ae931b73c59d7e0c089c0" },
@@ -143,7 +144,7 @@ static const TestVector kTestVectors[] = {
       "900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d" },
 };
 
-static void CompareDigest(const TestVector *test,
+static void CompareDigest(const DigestTestVector *test,
                           const uint8_t *digest,
                           size_t digest_len) {
   static const char kHexTable[] = "0123456789abcdef";
@@ -158,7 +159,7 @@ static void CompareDigest(const TestVector *test,
   EXPECT_STREQ(test->expected_hex, digest_hex);
 }
 
-static void TestDigest(const TestVector *test) {
+static void TestDigest(const DigestTestVector *test) {
   bssl::ScopedEVP_MD_CTX ctx;
 
   // Test the input provided.
@@ -183,6 +184,42 @@ static void TestDigest(const TestVector *test) {
   EXPECT_EQ(EVP_MD_size(test->md.func()), digest_len);
   CompareDigest(test, digest.get(), digest_len);
 
+  // Test with unaligned input.
+  ASSERT_TRUE(EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL));
+  std::vector<char> unaligned(strlen(test->input) + 1);
+  char *ptr = unaligned.data();
+  if ((reinterpret_cast<uintptr_t>(ptr) & 1) == 0) {
+    ptr++;
+  }
+  OPENSSL_memcpy(ptr, test->input, strlen(test->input));
+  for (size_t i = 0; i < test->repeat; i++) {
+    ASSERT_TRUE(EVP_DigestUpdate(ctx.get(), ptr, strlen(test->input)));
+  }
+  ASSERT_TRUE(EVP_DigestFinal_ex(ctx.get(), digest.get(), &digest_len));
+  CompareDigest(test, digest.get(), digest_len);
+
+  // Make a copy of the digest in the initial state.
+  ASSERT_TRUE(EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL));
+  bssl::ScopedEVP_MD_CTX copy;
+  ASSERT_TRUE(EVP_MD_CTX_copy_ex(copy.get(), ctx.get()));
+  for (size_t i = 0; i < test->repeat; i++) {
+    ASSERT_TRUE(EVP_DigestUpdate(copy.get(), test->input, strlen(test->input)));
+  }
+  ASSERT_TRUE(EVP_DigestFinal_ex(copy.get(), digest.get(), &digest_len));
+  CompareDigest(test, digest.get(), digest_len);
+
+  // Make a copy of the digest with half the input provided.
+  size_t half = strlen(test->input) / 2;
+  ASSERT_TRUE(EVP_DigestUpdate(ctx.get(), test->input, half));
+  ASSERT_TRUE(EVP_MD_CTX_copy_ex(copy.get(), ctx.get()));
+  ASSERT_TRUE(EVP_DigestUpdate(copy.get(), test->input + half,
+                               strlen(test->input) - half));
+  for (size_t i = 1; i < test->repeat; i++) {
+    ASSERT_TRUE(EVP_DigestUpdate(copy.get(), test->input, strlen(test->input)));
+  }
+  ASSERT_TRUE(EVP_DigestFinal_ex(copy.get(), digest.get(), &digest_len));
+  CompareDigest(test, digest.get(), digest_len);
+
   // Test the one-shot function.
   if (test->md.one_shot_func && test->repeat == 1) {
     uint8_t *out = test->md.one_shot_func((const uint8_t *)test->input,

crypto/dsa/CMakeLists.txt

@@ -1,10 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  dsa
-
-  OBJECT
-
-  dsa.c
-  dsa_asn1.c
-)

crypto/dsa/dsa.c

@@ -79,7 +79,7 @@
 #define OPENSSL_DSA_MAX_MODULUS_BITS 10000
 
 // Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
-// Rabin-Miller
+// Miller-Rabin.
 #define DSS_prime_checks 50
 
 static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **out_kinv,
@@ -558,29 +558,34 @@ static int mod_mul_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
 }
 
 DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, const DSA *dsa) {
-  BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
-  BIGNUM m;
-  BIGNUM xr;
-  BN_CTX *ctx = NULL;
-  int reason = ERR_R_BN_LIB;
-  DSA_SIG *ret = NULL;
-
-  BN_init(&m);
-  BN_init(&xr);
-
   if (!dsa->p || !dsa->q || !dsa->g) {
-    reason = DSA_R_MISSING_PARAMETERS;
-    goto err;
+    OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
+    return NULL;
+  }
+
+  // Reject invalid parameters. In particular, the algorithm will infinite loop
+  // if |g| is zero.
+  if (BN_is_zero(dsa->p) || BN_is_zero(dsa->q) || BN_is_zero(dsa->g)) {
+    OPENSSL_PUT_ERROR(DSA, DSA_R_INVALID_PARAMETERS);
+    return NULL;
   }
 
   // We only support DSA keys that are a multiple of 8 bits. (This is a weaker
   // check than the one in |DSA_do_check_signature|, which only allows 160-,
   // 224-, and 256-bit keys.
   if (BN_num_bits(dsa->q) % 8 != 0) {
-    reason = DSA_R_BAD_Q_VALUE;
-    goto err;
+    OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
+    return NULL;
   }
 
+  BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
+  BIGNUM m;
+  BIGNUM xr;
+  BN_CTX *ctx = NULL;
+  DSA_SIG *ret = NULL;
+
+  BN_init(&m);
+  BN_init(&xr);
   s = BN_new();
   if (s == NULL) {
     goto err;
@@ -640,7 +645,7 @@ redo:
 
 err:
   if (ret == NULL) {
-    OPENSSL_PUT_ERROR(DSA, reason);
+    OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB);
     BN_free(r);
     BN_free(s);
   }
@@ -860,29 +865,18 @@ int DSA_size(const DSA *dsa) {
   return ret;
 }
 
-static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **out_kinv,
+static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx, BIGNUM **out_kinv,
                           BIGNUM **out_r) {
-  BN_CTX *ctx;
-  BIGNUM k, *kinv = NULL, *r = NULL;
-  int ret = 0;
-
   if (!dsa->p || !dsa->q || !dsa->g) {
     OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
     return 0;
   }
 
+  int ret = 0;
+  BIGNUM k;
   BN_init(&k);
-
-  ctx = ctx_in;
-  if (ctx == NULL) {
-    ctx = BN_CTX_new();
-    if (ctx == NULL) {
-      goto err;
-    }
-  }
-
-  r = BN_new();
-  kinv = BN_new();
+  BIGNUM *r = BN_new();
+  BIGNUM *kinv = BN_new();
   if (r == NULL || kinv == NULL ||
       // Get random k
       !BN_rand_range_ex(&k, 1, dsa->q) ||
@@ -906,28 +900,23 @@ static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **out_kinv,
       // Compute part of 's = inv(k) (m + xr) mod q' using Fermat's Little
       // Theorem.
       !bn_mod_inverse_prime(kinv, &k, dsa->q, ctx, dsa->method_mont_q)) {
+    OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB);
     goto err;
   }
 
   BN_clear_free(*out_kinv);
   *out_kinv = kinv;
   kinv = NULL;
+
   BN_clear_free(*out_r);
   *out_r = r;
+  r = NULL;
+
   ret = 1;
 
 err:
-  if (!ret) {
-    OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB);
-    if (r != NULL) {
-      BN_clear_free(r);
-    }
-  }
-
-  if (ctx_in == NULL) {
-    BN_CTX_free(ctx);
-  }
   BN_clear_free(&k);
+  BN_clear_free(r);
   BN_clear_free(kinv);
   return ret;
 }

crypto/dsa/dsa_test.cc

@@ -62,6 +62,8 @@
 #include <stdio.h>
 #include <string.h>
 
+#include <vector>
+
 #include <gtest/gtest.h>
 
 #include <openssl/bn.h>
@@ -315,3 +317,18 @@ TEST(DSATest, AllTests) {
     ADD_FAILURE() << "Tests failed";
   }
 }
+
+TEST(DSATest, InvalidGroup) {
+  bssl::UniquePtr<DSA> dsa = GetFIPSDSA();
+  ASSERT_TRUE(dsa);
+  BN_zero(dsa->g);
+
+  std::vector<uint8_t> sig(DSA_size(dsa.get()));
+  unsigned sig_len;
+  static const uint8_t kDigest[32] = {0};
+  EXPECT_FALSE(
+      DSA_sign(0, kDigest, sizeof(kDigest), sig.data(), &sig_len, dsa.get()));
+  uint32_t err = ERR_get_error();
+  EXPECT_EQ(ERR_LIB_DSA, ERR_GET_LIB(err));
+  EXPECT_EQ(DSA_R_INVALID_PARAMETERS, ERR_GET_REASON(err));
+}

crypto/ec_extra/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  ec_extra
-
-  OBJECT
-
-  ec_asn1.c
-)

crypto/ec_extra/ec_asn1.c

@@ -159,8 +159,8 @@ EC_KEY *EC_KEY_parse_private_key(CBS *cbs, const EC_GROUP *group) {
         (point_conversion_form_t)(CBS_data(&public_key)[0] & ~0x01);
   } else {
     // Compute the public key instead.
-    if (!ec_point_mul_scalar(group, ret->pub_key, &ret->priv_key->scalar, NULL,
-                             NULL, NULL)) {
+    if (!ec_point_mul_scalar_base(group, &ret->pub_key->raw,
+                                  &ret->priv_key->scalar)) {
       goto err;
     }
     // Remember the original private-key-only encoding.
@@ -264,7 +264,8 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
                                       CBS *out_base_y, CBS *out_order) {
   // See RFC 3279, section 2.3.5. Note that RFC 3279 calls this structure an
   // ECParameters while RFC 5480 calls it a SpecifiedECDomain.
-  CBS params, field_id, field_type, curve, base;
+  CBS params, field_id, field_type, curve, base, cofactor;
+  int has_cofactor;
   uint64_t version;
   if (!CBS_get_asn1(in, &params, CBS_ASN1_SEQUENCE) ||
       !CBS_get_asn1_uint64(&params, &version) ||
@@ -272,7 +273,8 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
       !CBS_get_asn1(&params, &field_id, CBS_ASN1_SEQUENCE) ||
       !CBS_get_asn1(&field_id, &field_type, CBS_ASN1_OBJECT) ||
       CBS_len(&field_type) != sizeof(kPrimeField) ||
-      OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 ||
+      OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) !=
+          0 ||
       !CBS_get_asn1(&field_id, out_prime, CBS_ASN1_INTEGER) ||
       !is_unsigned_integer(out_prime) ||
       CBS_len(&field_id) != 0 ||
@@ -280,16 +282,26 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
       !CBS_get_asn1(&curve, out_a, CBS_ASN1_OCTETSTRING) ||
       !CBS_get_asn1(&curve, out_b, CBS_ASN1_OCTETSTRING) ||
       // |curve| has an optional BIT STRING seed which we ignore.
+      !CBS_get_optional_asn1(&curve, NULL, NULL, CBS_ASN1_BITSTRING) ||
+      CBS_len(&curve) != 0 ||
       !CBS_get_asn1(&params, &base, CBS_ASN1_OCTETSTRING) ||
       !CBS_get_asn1(&params, out_order, CBS_ASN1_INTEGER) ||
-      !is_unsigned_integer(out_order)) {
+      !is_unsigned_integer(out_order) ||
+      !CBS_get_optional_asn1(&params, &cofactor, &has_cofactor,
+                             CBS_ASN1_INTEGER) ||
+      CBS_len(&params) != 0) {
     OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
     return 0;
   }
 
-  // |params| has an optional cofactor which we ignore. With the optional seed
-  // in |curve|, a group already has arbitrarily many encodings. Parse enough to
-  // uniquely determine the curve.
+  if (has_cofactor) {
+    // We only support prime-order curves so the cofactor must be one.
+    if (CBS_len(&cofactor) != 1 ||
+        CBS_data(&cofactor)[0] != 1) {
+      OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP);
+      return 0;
+    }
+  }
 
   // Require that the base point use uncompressed form.
   uint8_t form;

crypto/ec_extra/ec_derive.c

@@ -0,0 +1,96 @@
+/* Copyright (c) 2019, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include <openssl/ec_key.h>
+
+#include <string.h>
+
+#include <openssl/buf.h>
+#include <openssl/ec.h>
+#include <openssl/err.h>
+#include <openssl/digest.h>
+#include <openssl/hkdf.h>
+#include <openssl/mem.h>
+
+#include "../fipsmodule/ec/internal.h"
+
+
+EC_KEY *EC_KEY_derive_from_secret(const EC_GROUP *group, const uint8_t *secret,
+                                  size_t secret_len) {
+#define EC_KEY_DERIVE_MAX_NAME_LEN 16
+  const char *name = EC_curve_nid2nist(EC_GROUP_get_curve_name(group));
+  if (name == NULL || strlen(name) > EC_KEY_DERIVE_MAX_NAME_LEN) {
+    OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP);
+    return NULL;
+  }
+
+  // Assemble a label string to provide some key separation in case |secret| is
+  // misused, but ultimately it's on the caller to ensure |secret| is suitably
+  // separated.
+  static const char kLabel[] = "derive EC key ";
+  char info[sizeof(kLabel) + EC_KEY_DERIVE_MAX_NAME_LEN];
+  BUF_strlcpy(info, kLabel, sizeof(info));
+  BUF_strlcat(info, name, sizeof(info));
+
+  // Generate 128 bits beyond the group order so the bias is at most 2^-128.
+#define EC_KEY_DERIVE_EXTRA_BITS 128
+#define EC_KEY_DERIVE_EXTRA_BYTES (EC_KEY_DERIVE_EXTRA_BITS / 8)
+
+  if (EC_GROUP_order_bits(group) <= EC_KEY_DERIVE_EXTRA_BITS + 8) {
+    // The reduction strategy below requires the group order be large enough.
+    // (The actual bound is a bit tighter, but our curves are much larger than
+    // 128-bit.)
+    OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR);
+    return NULL;
+  }
+
+  uint8_t derived[EC_KEY_DERIVE_EXTRA_BYTES + EC_MAX_BYTES];
+  size_t derived_len = BN_num_bytes(&group->order) + EC_KEY_DERIVE_EXTRA_BYTES;
+  assert(derived_len <= sizeof(derived));
+  if (!HKDF(derived, derived_len, EVP_sha256(), secret, secret_len,
+            /*salt=*/NULL, /*salt_len=*/0, (const uint8_t *)info,
+            strlen(info))) {
+    return NULL;
+  }
+
+  EC_KEY *key = EC_KEY_new();
+  BN_CTX *ctx = BN_CTX_new();
+  BIGNUM *priv = BN_bin2bn(derived, derived_len, NULL);
+  EC_POINT *pub = EC_POINT_new(group);
+  if (key == NULL || ctx == NULL || priv == NULL || pub == NULL ||
+      // Reduce |priv| with Montgomery reduction. First, convert "from"
+      // Montgomery form to compute |priv| * R^-1 mod |order|. This requires
+      // |priv| be under order * R, which is true if the group order is large
+      // enough. 2^(num_bytes(order)) < 2^8 * order, so:
+      //
+      //    priv < 2^8 * order * 2^128 < order * order < order * R
+      !BN_from_montgomery(priv, priv, group->order_mont, ctx) ||
+      // Multiply by R^2 and do another Montgomery reduction to compute
+      // priv * R^-1 * R^2 * R^-1 = priv mod order.
+      !BN_to_montgomery(priv, priv, group->order_mont, ctx) ||
+      !EC_POINT_mul(group, pub, priv, NULL, NULL, ctx) ||
+      !EC_KEY_set_group(key, group) || !EC_KEY_set_public_key(key, pub) ||
+      !EC_KEY_set_private_key(key, priv)) {
+    EC_KEY_free(key);
+    key = NULL;
+    goto err;
+  }
+
+err:
+  OPENSSL_cleanse(derived, sizeof(derived));
+  BN_CTX_free(ctx);
+  BN_free(priv);
+  EC_POINT_free(pub);
+  return key;
+}

crypto/ecdh_extra/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  ecdh_extra
-
-  OBJECT
-
-  ecdh_extra.c
-)

crypto/ecdh_extra/ecdh_extra.c

@@ -69,7 +69,6 @@
 #include <limits.h>
 #include <string.h>
 
-#include <openssl/bn.h>
 #include <openssl/digest.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
@@ -78,85 +77,48 @@
 #include "../internal.h"
 
 
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+int ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key,
                      const EC_KEY *priv_key,
                      void *(*kdf)(const void *in, size_t inlen, void *out,
-                                  size_t *outlen)) {
+                                  size_t *out_len)) {
   if (priv_key->priv_key == NULL) {
     OPENSSL_PUT_ERROR(ECDH, ECDH_R_NO_PRIVATE_VALUE);
     return -1;
   }
   const EC_SCALAR *const priv = &priv_key->priv_key->scalar;
-
-  BN_CTX *ctx = BN_CTX_new();
-  if (ctx == NULL) {
+  const EC_GROUP *const group = EC_KEY_get0_group(priv_key);
+  if (EC_GROUP_cmp(group, pub_key->group, NULL) != 0) {
+    OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS);
     return -1;
   }
-  BN_CTX_start(ctx);
 
-  int ret = -1;
-  size_t buflen = 0;
-  uint8_t *buf = NULL;
-
-  const EC_GROUP *const group = EC_KEY_get0_group(priv_key);
-  EC_POINT *tmp = EC_POINT_new(group);
-  if (tmp == NULL) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE);
-    goto err;
-  }
-
-  if (!ec_point_mul_scalar(group, tmp, NULL, pub_key, priv, ctx)) {
+  EC_RAW_POINT shared_point;
+  uint8_t buf[EC_MAX_BYTES];
+  size_t buf_len;
+  if (!ec_point_mul_scalar(group, &shared_point, &pub_key->raw, priv) ||
+      !ec_point_get_affine_coordinate_bytes(group, buf, NULL, &buf_len,
+                                            sizeof(buf), &shared_point)) {
     OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE);
-    goto err;
-  }
-
-  BIGNUM *x = BN_CTX_get(ctx);
-  if (!x) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE);
-    goto err;
-  }
-
-  if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, NULL, ctx)) {
-    OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE);
-    goto err;
-  }
-
-  buflen = (EC_GROUP_get_degree(group) + 7) / 8;
-  buf = OPENSSL_malloc(buflen);
-  if (buf == NULL) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE);
-    goto err;
-  }
-
-  if (!BN_bn2bin_padded(buf, buflen, x)) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_INTERNAL_ERROR);
-    goto err;
+    return -1;
   }
 
   if (kdf != NULL) {
-    if (kdf(buf, buflen, out, &outlen) == NULL) {
+    if (kdf(buf, buf_len, out, &out_len) == NULL) {
       OPENSSL_PUT_ERROR(ECDH, ECDH_R_KDF_FAILED);
-      goto err;
+      return -1;
     }
   } else {
     // no KDF, just copy as much as we can
-    if (buflen < outlen) {
-      outlen = buflen;
+    if (buf_len < out_len) {
+      out_len = buf_len;
     }
-    OPENSSL_memcpy(out, buf, outlen);
+    OPENSSL_memcpy(out, buf, out_len);
   }
 
-  if (outlen > INT_MAX) {
+  if (out_len > INT_MAX) {
     OPENSSL_PUT_ERROR(ECDH, ERR_R_OVERFLOW);
-    goto err;
+    return -1;
   }
 
-  ret = (int)outlen;
-
-err:
-  OPENSSL_free(buf);
-  EC_POINT_free(tmp);
-  BN_CTX_end(ctx);
-  BN_CTX_free(ctx);
-  return ret;
+  return (int)out_len;
 }

crypto/ecdsa_extra/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  ecdsa_extra
-
-  OBJECT
-
-  ecdsa_asn1.c
-)

crypto/ecdsa_extra/ecdsa_asn1.c

@@ -74,15 +74,7 @@ int ECDSA_sign(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig,
   }
 
   int ret = 0;
-  ECDSA_SIG *s = NULL;
-
-  if (eckey->ecdsa_meth && eckey->ecdsa_meth->sign) {
-    OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED);
-    *sig_len = 0;
-    goto err;
-  }
-
-  s = ECDSA_do_sign(digest, digest_len, eckey);
+  ECDSA_SIG *s = ECDSA_do_sign(digest, digest_len, eckey);
   if (s == NULL) {
     *sig_len = 0;
     goto err;

crypto/engine/CMakeLists.txt

@@ -1,9 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  engine
-
-  OBJECT
-
-  engine.c
-)

crypto/engine/engine.c

@@ -41,9 +41,10 @@ ENGINE *ENGINE_new(void) {
   return engine;
 }
 
-void ENGINE_free(ENGINE *engine) {
+int ENGINE_free(ENGINE *engine) {
   // Methods are currently required to be static so are not unref'ed.
   OPENSSL_free(engine);
+  return 1;
 }
 
 // set_method takes a pointer to a method and its given size and sets

crypto/err/CMakeLists.txt

@@ -1,40 +0,0 @@
-include_directories(../../include)
-
-add_custom_command(
-  OUTPUT err_data.c
-  COMMAND ${GO_EXECUTABLE} run err_data_generate.go > ${CMAKE_CURRENT_BINARY_DIR}/err_data.c
-  DEPENDS
-  err_data_generate.go
-  asn1.errordata
-  bio.errordata
-  bn.errordata
-  cipher.errordata
-  conf.errordata
-  dh.errordata
-  digest.errordata
-  dsa.errordata
-  ecdh.errordata
-  ecdsa.errordata
-  ec.errordata
-  engine.errordata
-  evp.errordata
-  hkdf.errordata
-  obj.errordata
-  pem.errordata
-  pkcs7.errordata
-  pkcs8.errordata
-  rsa.errordata
-  ssl.errordata
-  x509.errordata
-  x509v3.errordata
-  WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-)
-
-add_library(
-  err
-
-  OBJECT
-
-  err.c
-  err_data.c
-)

crypto/err/dsa.errordata

@@ -2,6 +2,7 @@ DSA,100,BAD_Q_VALUE
 DSA,104,BAD_VERSION
 DSA,105,DECODE_ERROR
 DSA,106,ENCODE_ERROR
+DSA,107,INVALID_PARAMETERS
 DSA,101,MISSING_PARAMETERS
 DSA,102,MODULUS_TOO_LARGE
 DSA,103,NEED_NEW_SETUP_VALUES

crypto/err/err_data_generate.go

@@ -275,9 +275,9 @@ func main() {
 `)
 
 	for i, name := range libraryNames {
-		fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_LIB_%s == %d, library_values_changed_%d);\n", name, i+1, i+1)
+		fmt.Fprintf(out, "OPENSSL_STATIC_ASSERT(ERR_LIB_%s == %d, \"library value changed\");\n", name, i+1)
 	}
-	fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == %d, library_values_changed_num);\n", len(libraryNames)+1)
+	fmt.Fprintf(out, "OPENSSL_STATIC_ASSERT(ERR_NUM_LIBS == %d, \"number of libraries changed\");\n", len(libraryNames)+1)
 	out.WriteString("\n")
 
 	e.reasons.WriteTo(out, "Reason")

crypto/err/evp.errordata

@@ -15,12 +15,14 @@ EVP,113,INVALID_MGF1_MD
 EVP,114,INVALID_OPERATION
 EVP,115,INVALID_PADDING_MODE
 EVP,133,INVALID_PARAMETERS
+EVP,134,INVALID_PEER_KEY
 EVP,116,INVALID_PSS_SALTLEN
 EVP,131,INVALID_SIGNATURE
 EVP,117,KEYS_NOT_SET
 EVP,132,MEMORY_LIMIT_EXCEEDED
 EVP,118,MISSING_PARAMETERS
 EVP,130,NOT_A_PRIVATE_KEY
+EVP,135,NOT_XOF_OR_INVALID_LENGTH
 EVP,119,NO_DEFAULT_DIGEST
 EVP,120,NO_KEY_SET
 EVP,121,NO_MDC2_SUPPORT

crypto/err/internal.h

@@ -46,11 +46,11 @@ OPENSSL_EXPORT void ERR_restore_state(const ERR_SAVE_STATE *state);
 
 extern "C++" {
 
-namespace bssl {
+BSSL_NAMESPACE_BEGIN
 
 BORINGSSL_MAKE_DELETER(ERR_SAVE_STATE, ERR_SAVE_STATE_free)
 
-}  // namespace bssl
+BSSL_NAMESPACE_END
 
 }  // extern C++
 #endif

crypto/err/ssl.errordata

@@ -72,15 +72,18 @@ SSL,284,HANDSHAKE_NOT_COMPLETE
 SSL,155,HTTPS_PROXY_REQUEST
 SSL,156,HTTP_REQUEST
 SSL,157,INAPPROPRIATE_FALLBACK
+SSL,303,INCONSISTENT_CLIENT_HELLO
 SSL,259,INVALID_ALPN_PROTOCOL
 SSL,158,INVALID_COMMAND
 SSL,256,INVALID_COMPRESSION_LIST
+SSL,301,INVALID_DELEGATED_CREDENTIAL
 SSL,159,INVALID_MESSAGE
 SSL,251,INVALID_OUTER_RECORD_TYPE
 SSL,269,INVALID_SCT_LIST
 SSL,295,INVALID_SIGNATURE_ALGORITHM
 SSL,160,INVALID_SSL_SESSION
 SSL,161,INVALID_TICKET_KEYS_LENGTH
+SSL,302,KEY_USAGE_BIT_INCORRECT
 SSL,162,LENGTH_MISMATCH
 SSL,164,MISSING_EXTENSION
 SSL,258,MISSING_KEY_SHARE
@@ -128,6 +131,7 @@ SSL,271,PSK_IDENTITY_BINDER_COUNT_MISMATCH
 SSL,195,PSK_IDENTITY_NOT_FOUND
 SSL,196,PSK_NO_CLIENT_CB
 SSL,197,PSK_NO_SERVER_CB
+SSL,298,QUIC_INTERNAL_ERROR
 SSL,198,READ_TIMEOUT_EXPIRED
 SSL,199,RECORD_LENGTH_MISMATCH
 SSL,200,RECORD_TOO_LARGE
@@ -192,7 +196,7 @@ SSL,218,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG
 SSL,219,TOO_MANY_EMPTY_FRAGMENTS
 SSL,260,TOO_MANY_KEY_UPDATES
 SSL,220,TOO_MANY_WARNING_ALERTS
-SSL,1117,TOO_MUCH_READ_EARLY_DATA
+SSL,300,TOO_MUCH_READ_EARLY_DATA
 SSL,270,TOO_MUCH_SKIPPED_EARLY_DATA
 SSL,221,UNABLE_TO_FIND_ECDH_PARAMETERS
 SSL,293,UNCOMPRESSED_CERT_TOO_LARGE
@@ -221,6 +225,7 @@ SSL,252,UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY
 SSL,241,WRONG_CERTIFICATE_TYPE
 SSL,242,WRONG_CIPHER_RETURNED
 SSL,243,WRONG_CURVE
+SSL,299,WRONG_ENCRYPTION_LEVEL_RECEIVED
 SSL,244,WRONG_MESSAGE_TYPE
 SSL,245,WRONG_SIGNATURE_TYPE
 SSL,246,WRONG_SSL_VERSION

crypto/err/x509.errordata

@@ -28,6 +28,7 @@ X509,124,NO_CRL_NUMBER
 X509,125,PUBLIC_KEY_DECODE_ERROR
 X509,126,PUBLIC_KEY_ENCODE_ERROR
 X509,127,SHOULD_RETRY
+X509,137,SIGNATURE_ALGORITHM_MISMATCH
 X509,128,UNKNOWN_KEY_TYPE
 X509,129,UNKNOWN_NID
 X509,130,UNKNOWN_PURPOSE_ID

crypto/evp/CMakeLists.txt

@@ -1,23 +0,0 @@
-include_directories(../../include)
-
-add_library(
-  evp
-
-  OBJECT
-
-  digestsign.c
-  evp.c
-  evp_asn1.c
-  evp_ctx.c
-  p_dsa_asn1.c
-  p_ec.c
-  p_ec_asn1.c
-  p_ed25519.c
-  p_ed25519_asn1.c
-  p_rsa.c
-  p_rsa_asn1.c
-  pbkdf.c
-  print.c
-  scrypt.c
-  sign.c
-)

crypto/evp/evp.c

@@ -71,6 +71,11 @@
 #include "../internal.h"
 
 
+// Node depends on |EVP_R_NOT_XOF_OR_INVALID_LENGTH|.
+//
+// TODO(davidben): Fix Node to not touch the error queue itself and remove this.
+OPENSSL_DECLARE_ERROR_REASON(EVP, NOT_XOF_OR_INVALID_LENGTH)
+
 EVP_PKEY *EVP_PKEY_new(void) {
   EVP_PKEY *ret;
 
@@ -176,7 +181,7 @@ int EVP_PKEY_size(const EVP_PKEY *pkey) {
   return 0;
 }
 
-int EVP_PKEY_bits(EVP_PKEY *pkey) {
+int EVP_PKEY_bits(const EVP_PKEY *pkey) {
   if (pkey && pkey->ameth && pkey->ameth->pkey_bits) {
     return pkey->ameth->pkey_bits(pkey);
   }
@@ -200,6 +205,8 @@ static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) {
       return &dsa_asn1_meth;
     case EVP_PKEY_ED25519:
       return &ed25519_asn1_meth;
+    case EVP_PKEY_X25519:
+      return &x25519_asn1_meth;
     default:
       return NULL;
   }
@@ -225,7 +232,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) {
   return EVP_PKEY_assign(pkey, EVP_PKEY_RSA, key);
 }
 
-RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) {
+RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) {
   if (pkey->type != EVP_PKEY_RSA) {
     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY);
     return NULL;
@@ -233,7 +240,7 @@ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) {
   return pkey->pkey.rsa;
 }
 
-RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) {
+RSA *EVP_PKEY_get1_RSA(const EVP_PKEY *pkey) {
   RSA *rsa = EVP_PKEY_get0_RSA(pkey);
   if (rsa != NULL) {
     RSA_up_ref(rsa);
@@ -253,7 +260,7 @@ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) {
   return EVP_PKEY_assign(pkey, EVP_PKEY_DSA, key);
 }
 
-DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey) {
+DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) {
   if (pkey->type != EVP_PKEY_DSA) {
     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY);
     return NULL;
@@ -261,7 +268,7 @@ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey) {
   return pkey->pkey.dsa;
 }
 
-DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) {
+DSA *EVP_PKEY_get1_DSA(const EVP_PKEY *pkey) {
   DSA *dsa = EVP_PKEY_get0_DSA(pkey);
   if (dsa != NULL) {
     DSA_up_ref(dsa);
@@ -281,7 +288,7 @@ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
   return EVP_PKEY_assign(pkey, EVP_PKEY_EC, key);
 }
 
-EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) {
+EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) {
   if (pkey->type != EVP_PKEY_EC) {
     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY);
     return NULL;
@@ -289,7 +296,7 @@ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) {
   return pkey->pkey.ec;
 }
 
-EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) {
+EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey) {
   EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey);
   if (ec_key != NULL) {
     EC_KEY_up_ref(ec_key);
@@ -297,8 +304,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) {
   return ec_key;
 }
 
-DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey) { return NULL; }
-DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) { return NULL; }
+DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) { return NULL; }
+DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey) { return NULL; }
 
 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
   if (!EVP_PKEY_set_type(pkey, type)) {
@@ -330,7 +337,73 @@ int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) {
   return 1;
 }
 
+EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *unused,
+                                       const uint8_t *in, size_t len) {
+  EVP_PKEY *ret = EVP_PKEY_new();
+  if (ret == NULL ||
+      !EVP_PKEY_set_type(ret, type)) {
+    goto err;
+  }
 
+  if (ret->ameth->set_priv_raw == NULL) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+    goto err;
+  }
+
+  if (!ret->ameth->set_priv_raw(ret, in, len)) {
+    goto err;
+  }
+
+  return ret;
+
+err:
+  EVP_PKEY_free(ret);
+  return NULL;
+}
+
+EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *unused,
+                                      const uint8_t *in, size_t len) {
+  EVP_PKEY *ret = EVP_PKEY_new();
+  if (ret == NULL ||
+      !EVP_PKEY_set_type(ret, type)) {
+    goto err;
+  }
+
+  if (ret->ameth->set_pub_raw == NULL) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+    goto err;
+  }
+
+  if (!ret->ameth->set_pub_raw(ret, in, len)) {
+    goto err;
+  }
+
+  return ret;
+
+err:
+  EVP_PKEY_free(ret);
+  return NULL;
+}
+
+int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, uint8_t *out,
+                                 size_t *out_len) {
+  if (pkey->ameth->get_priv_raw == NULL) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+    return 0;
+  }
+
+  return pkey->ameth->get_priv_raw(pkey, out, out_len);
+}
+
+int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, uint8_t *out,
+                                size_t *out_len) {
+  if (pkey->ameth->get_pub_raw == NULL) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+    return 0;
+  }
+
+  return pkey->ameth->get_pub_raw(pkey, out, out_len);
+}
 
 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) {
   if (a->type != b->type) {
@@ -361,3 +434,10 @@ void OpenSSL_add_all_ciphers(void) {}
 void OpenSSL_add_all_digests(void) {}
 
 void EVP_cleanup(void) {}
+
+int EVP_PKEY_base_id(const EVP_PKEY *pkey) {
+  // OpenSSL has two notions of key type because it supports multiple OIDs for
+  // the same algorithm: NID_rsa vs NID_rsaEncryption and five distinct spelling
+  // of DSA. We do not support these, so the base ID is simply the ID.
+  return EVP_PKEY_id(pkey);
+}

crypto/evp/evp_asn1.c

@@ -73,6 +73,7 @@ static const EVP_PKEY_ASN1_METHOD *const kASN1Methods[] = {
     &ec_asn1_meth,
     &dsa_asn1_meth,
     &ed25519_asn1_meth,
+    &x25519_asn1_meth,
 };
 
 static int parse_key_type(CBS *cbs, int *out_type) {
@@ -331,7 +332,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) {
   }
 }
 
-int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) {
+int i2d_PublicKey(const EVP_PKEY *key, uint8_t **outp) {
   switch (key->type) {
     case EVP_PKEY_RSA:
       return i2d_RSAPublicKey(key->pkey.rsa, outp);
@@ -344,3 +345,44 @@ int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) {
       return -1;
   }
 }
+
+EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **out, const uint8_t **inp,
+                        long len) {
+  EVP_PKEY *ret = EVP_PKEY_new();
+  if (ret == NULL) {
+    return NULL;
+  }
+
+  CBS cbs;
+  CBS_init(&cbs, *inp, len < 0 ? 0 : (size_t)len);
+  switch (type) {
+    case EVP_PKEY_RSA: {
+      RSA *rsa = RSA_parse_public_key(&cbs);
+      if (rsa == NULL || !EVP_PKEY_assign_RSA(ret, rsa)) {
+        RSA_free(rsa);
+        goto err;
+      }
+      break;
+    }
+
+    // Unlike OpenSSL, we do not support EC keys with this API. The raw EC
+    // public key serialization requires knowing the group. In OpenSSL, calling
+    // this function with |EVP_PKEY_EC| and setting |out| to NULL does not work.
+    // It requires |*out| to include a partially-initiazed |EVP_PKEY| to extract
+    // the group.
+    default:
+      OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+      goto err;
+  }
+
+  *inp = CBS_data(&cbs);
+  if (out != NULL) {
+    EVP_PKEY_free(*out);
+    *out = ret;
+  }
+  return ret;
+
+err:
+  EVP_PKEY_free(ret);
+  return NULL;
+}

crypto/evp/evp_ctx.c

@@ -67,15 +67,14 @@
 
 
 static const EVP_PKEY_METHOD *const evp_methods[] = {
-  &rsa_pkey_meth,
-  &ec_pkey_meth,
-  &ed25519_pkey_meth,
+    &rsa_pkey_meth,
+    &ec_pkey_meth,
+    &ed25519_pkey_meth,
+    &x25519_pkey_meth,
 };
 
 static const EVP_PKEY_METHOD *evp_pkey_meth_find(int type) {
-  unsigned i;
-
-  for (i = 0; i < sizeof(evp_methods)/sizeof(EVP_PKEY_METHOD*); i++) {
+  for (size_t i = 0; i < sizeof(evp_methods)/sizeof(EVP_PKEY_METHOD*); i++) {
     if (evp_methods[i]->pkey_id == type) {
       return evp_methods[i];
     }
@@ -415,7 +414,7 @@ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) {
   return 1;
 }
 
-int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) {
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **out_pkey) {
   if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
     return 0;
@@ -425,21 +424,60 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) {
     return 0;
   }
 
-  if (!ppkey) {
+  if (!out_pkey) {
     return 0;
   }
 
-  if (!*ppkey) {
-    *ppkey = EVP_PKEY_new();
-    if (!*ppkey) {
+  if (!*out_pkey) {
+    *out_pkey = EVP_PKEY_new();
+    if (!*out_pkey) {
       OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);
       return 0;
     }
   }
 
-  if (!ctx->pmeth->keygen(ctx, *ppkey)) {
-    EVP_PKEY_free(*ppkey);
-    *ppkey = NULL;
+  if (!ctx->pmeth->keygen(ctx, *out_pkey)) {
+    EVP_PKEY_free(*out_pkey);
+    *out_pkey = NULL;
+    return 0;
+  }
+  return 1;
+}
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) {
+  if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+    return 0;
+  }
+  ctx->operation = EVP_PKEY_OP_PARAMGEN;
+  return 1;
+}
+
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **out_pkey) {
+  if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+    return 0;
+  }
+  if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
+    return 0;
+  }
+
+  if (!out_pkey) {
+    return 0;
+  }
+
+  if (!*out_pkey) {
+    *out_pkey = EVP_PKEY_new();
+    if (!*out_pkey) {
+      OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);
+      return 0;
+    }
+  }
+
+  if (!ctx->pmeth->paramgen(ctx, *out_pkey)) {
+    EVP_PKEY_free(*out_pkey);
+    *out_pkey = NULL;
     return 0;
   }
   return 1;

crypto/evp/evp_extra_test.cc

@@ -555,13 +555,10 @@ TEST(EVPExtraTest, Ed25519) {
       0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07, 0x51, 0x1a,
   };
 
-  static const uint8_t kPrivateKey[64] = {
+  static const uint8_t kPrivateKeySeed[32] = {
       0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84, 0x4a,
       0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69, 0x7b, 0x32,
-      0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae, 0x7f, 0x60, 0xd7,
-      0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b, 0xfe, 0xd3,
-      0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3, 0xda, 0xa6, 0x23,
-      0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07, 0x51, 0x1a,
+      0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae, 0x7f, 0x60,
   };
 
   static const uint8_t kPrivateKeyPKCS8[] = {
@@ -572,10 +569,38 @@ TEST(EVPExtraTest, Ed25519) {
   };
 
   // Create a public key.
-  bssl::UniquePtr<EVP_PKEY> pubkey(EVP_PKEY_new_ed25519_public(kPublicKey));
+  bssl::UniquePtr<EVP_PKEY> pubkey(EVP_PKEY_new_raw_public_key(
+      EVP_PKEY_ED25519, nullptr, kPublicKey, sizeof(kPublicKey)));
   ASSERT_TRUE(pubkey);
   EXPECT_EQ(EVP_PKEY_ED25519, EVP_PKEY_id(pubkey.get()));
 
+  // The public key must be extractable.
+  uint8_t buf[32];
+  size_t len;
+  ASSERT_TRUE(EVP_PKEY_get_raw_public_key(pubkey.get(), nullptr, &len));
+  EXPECT_EQ(len, 32u);
+  ASSERT_TRUE(EVP_PKEY_get_raw_public_key(pubkey.get(), buf, &len));
+  EXPECT_EQ(Bytes(buf, len), Bytes(kPublicKey));
+  // Passing too large of a buffer is okay. The function will still only read
+  // 32 bytes.
+  len = 64;
+  ASSERT_TRUE(EVP_PKEY_get_raw_public_key(pubkey.get(), buf, &len));
+  EXPECT_EQ(Bytes(buf, len), Bytes(kPublicKey));
+  // Passing too small of a buffer is noticed.
+  len = 31;
+  EXPECT_FALSE(EVP_PKEY_get_raw_public_key(pubkey.get(), buf, &len));
+  uint32_t err = ERR_get_error();
+  EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
+  EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err));
+  ERR_clear_error();
+
+  // There is no private key.
+  EXPECT_FALSE(EVP_PKEY_get_raw_private_key(pubkey.get(), nullptr, &len));
+  err = ERR_get_error();
+  EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
+  EXPECT_EQ(EVP_R_NOT_A_PRIVATE_KEY, ERR_GET_REASON(err));
+  ERR_clear_error();
+
   // The public key must encode properly.
   bssl::ScopedCBB cbb;
   uint8_t *der;
@@ -589,16 +614,40 @@ TEST(EVPExtraTest, Ed25519) {
   // The public key must gracefully fail to encode as a private key.
   ASSERT_TRUE(CBB_init(cbb.get(), 0));
   EXPECT_FALSE(EVP_marshal_private_key(cbb.get(), pubkey.get()));
-  uint32_t err = ERR_get_error();
+  err = ERR_get_error();
   EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
   EXPECT_EQ(EVP_R_NOT_A_PRIVATE_KEY, ERR_GET_REASON(err));
+  ERR_clear_error();
   cbb.Reset();
 
   // Create a private key.
-  bssl::UniquePtr<EVP_PKEY> privkey(EVP_PKEY_new_ed25519_private(kPrivateKey));
+  bssl::UniquePtr<EVP_PKEY> privkey(EVP_PKEY_new_raw_private_key(
+      EVP_PKEY_ED25519, NULL, kPrivateKeySeed, sizeof(kPrivateKeySeed)));
   ASSERT_TRUE(privkey);
   EXPECT_EQ(EVP_PKEY_ED25519, EVP_PKEY_id(privkey.get()));
 
+  // The private key must be extractable.
+  ASSERT_TRUE(EVP_PKEY_get_raw_private_key(privkey.get(), nullptr, &len));
+  EXPECT_EQ(len, 32u);
+  ASSERT_TRUE(EVP_PKEY_get_raw_private_key(privkey.get(), buf, &len));
+  EXPECT_EQ(Bytes(buf, len), Bytes(kPrivateKeySeed));
+  // Passing too large of a buffer is okay. The function will still only read
+  // 32 bytes.
+  len = 64;
+  ASSERT_TRUE(EVP_PKEY_get_raw_private_key(privkey.get(), buf, &len));
+  EXPECT_EQ(Bytes(buf, len), Bytes(kPrivateKeySeed));
+  // Passing too small of a buffer is noticed.
+  len = 31;
+  EXPECT_FALSE(EVP_PKEY_get_raw_private_key(privkey.get(), buf, &len));
+  err = ERR_get_error();
+  EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
+  EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err));
+  ERR_clear_error();
+  // The public key must be extractable.
+  len = 32;
+  ASSERT_TRUE(EVP_PKEY_get_raw_public_key(privkey.get(), buf, &len));
+  EXPECT_EQ(Bytes(buf, len), Bytes(kPublicKey));
+
   // The public key must encode from the private key.
   ASSERT_TRUE(CBB_init(cbb.get(), 0));
   ASSERT_TRUE(EVP_marshal_public_key(cbb.get(), privkey.get()));
@@ -617,7 +666,8 @@ TEST(EVPExtraTest, Ed25519) {
   EXPECT_EQ(1, EVP_PKEY_cmp(pubkey.get(), privkey.get()));
 
   static const uint8_t kZeros[32] = {0};
-  bssl::UniquePtr<EVP_PKEY> pubkey2(EVP_PKEY_new_ed25519_public(kZeros));
+  bssl::UniquePtr<EVP_PKEY> pubkey2(EVP_PKEY_new_raw_public_key(
+      EVP_PKEY_ED25519, nullptr, kZeros, sizeof(kZeros)));
   ASSERT_TRUE(pubkey2);
   EXPECT_EQ(0, EVP_PKEY_cmp(pubkey.get(), pubkey2.get()));
   EXPECT_EQ(0, EVP_PKEY_cmp(privkey.get(), pubkey2.get()));
@@ -627,7 +677,6 @@ TEST(EVPExtraTest, Ed25519) {
   ASSERT_TRUE(
       EVP_DigestSignInit(ctx.get(), nullptr, nullptr, nullptr, privkey.get()));
   EXPECT_FALSE(EVP_DigestSignUpdate(ctx.get(), nullptr, 0));
-  size_t len;
   EXPECT_FALSE(EVP_DigestSignFinal(ctx.get(), nullptr, &len));
   ERR_clear_error();
 
@@ -637,4 +686,99 @@ TEST(EVPExtraTest, Ed25519) {
   EXPECT_FALSE(EVP_DigestVerifyUpdate(ctx.get(), nullptr, 0));
   EXPECT_FALSE(EVP_DigestVerifyFinal(ctx.get(), nullptr, 0));
   ERR_clear_error();
+
+  // The buffer length to |EVP_DigestSign| is an input/output parameter and
+  // should be checked before signing.
+  ctx.Reset();
+  ASSERT_TRUE(
+      EVP_DigestSignInit(ctx.get(), nullptr, nullptr, nullptr, privkey.get()));
+  len = 31;
+  EXPECT_FALSE(EVP_DigestSign(ctx.get(), buf, &len, nullptr /* msg */, 0));
+  err = ERR_get_error();
+  EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
+  EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err));
+  ERR_clear_error();
+}
+
+static void ExpectECGroupOnly(const EVP_PKEY *pkey, int nid) {
+  EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
+  ASSERT_TRUE(ec);
+  const EC_GROUP *group = EC_KEY_get0_group(ec);
+  ASSERT_TRUE(group);
+  EXPECT_EQ(nid, EC_GROUP_get_curve_name(group));
+  EXPECT_FALSE(EC_KEY_get0_public_key(ec));
+  EXPECT_FALSE(EC_KEY_get0_private_key(ec));
+}
+
+static void ExpectECGroupAndKey(const EVP_PKEY *pkey, int nid) {
+  EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
+  ASSERT_TRUE(ec);
+  const EC_GROUP *group = EC_KEY_get0_group(ec);
+  ASSERT_TRUE(group);
+  EXPECT_EQ(nid, EC_GROUP_get_curve_name(group));
+  EXPECT_TRUE(EC_KEY_get0_public_key(ec));
+  EXPECT_TRUE(EC_KEY_get0_private_key(ec));
+}
+
+TEST(EVPExtraTest, ECKeygen) {
+  // |EVP_PKEY_paramgen| may be used as an extremely roundabout way to get an
+  // |EC_GROUP|.
+  bssl::UniquePtr<EVP_PKEY_CTX> ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr));
+  ASSERT_TRUE(ctx);
+  ASSERT_TRUE(EVP_PKEY_paramgen_init(ctx.get()));
+  ASSERT_TRUE(
+      EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx.get(), NID_X9_62_prime256v1));
+  EVP_PKEY *raw = nullptr;
+  ASSERT_TRUE(EVP_PKEY_paramgen(ctx.get(), &raw));
+  bssl::UniquePtr<EVP_PKEY> pkey(raw);
+  raw = nullptr;
+  ExpectECGroupOnly(pkey.get(), NID_X9_62_prime256v1);
+
+  // That resulting |EVP_PKEY| may be used as a template for key generation.
+  ctx.reset(EVP_PKEY_CTX_new(pkey.get(), nullptr));
+  ASSERT_TRUE(ctx);
+  ASSERT_TRUE(EVP_PKEY_keygen_init(ctx.get()));
+  raw = nullptr;
+  ASSERT_TRUE(EVP_PKEY_keygen(ctx.get(), &raw));
+  pkey.reset(raw);
+  raw = nullptr;
+  ExpectECGroupAndKey(pkey.get(), NID_X9_62_prime256v1);
+
+  // |EVP_PKEY_paramgen| may also be skipped.
+  ctx.reset(EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr));
+  ASSERT_TRUE(ctx);
+  ASSERT_TRUE(EVP_PKEY_keygen_init(ctx.get()));
+  ASSERT_TRUE(
+      EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx.get(), NID_X9_62_prime256v1));
+  raw = nullptr;
+  ASSERT_TRUE(EVP_PKEY_keygen(ctx.get(), &raw));
+  pkey.reset(raw);
+  raw = nullptr;
+  ExpectECGroupAndKey(pkey.get(), NID_X9_62_prime256v1);
+}
+
+// Test that |EVP_PKEY_keygen| works for Ed25519.
+TEST(EVPExtraTest, Ed25519Keygen) {
+  bssl::UniquePtr<EVP_PKEY_CTX> pctx(
+      EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, nullptr));
+  ASSERT_TRUE(pctx);
+  ASSERT_TRUE(EVP_PKEY_keygen_init(pctx.get()));
+  EVP_PKEY *raw = nullptr;
+  ASSERT_TRUE(EVP_PKEY_keygen(pctx.get(), &raw));
+  bssl::UniquePtr<EVP_PKEY> pkey(raw);
+
+  // Round-trip a signature to sanity-check the key is good.
+  bssl::ScopedEVP_MD_CTX ctx;
+  ASSERT_TRUE(
+      EVP_DigestSignInit(ctx.get(), nullptr, nullptr, nullptr, pkey.get()));
+  uint8_t sig[64];
+  size_t len = sizeof(sig);
+  ASSERT_TRUE(EVP_DigestSign(ctx.get(), sig, &len,
+                             reinterpret_cast<const uint8_t *>("hello"), 5));
+
+  ctx.Reset();
+  ASSERT_TRUE(
+      EVP_DigestVerifyInit(ctx.get(), nullptr, nullptr, nullptr, pkey.get()));
+  ASSERT_TRUE(EVP_DigestVerify(ctx.get(), sig, len,
+                               reinterpret_cast<const uint8_t *>("hello"), 5));
 }