AuthISO(0x1A) works tentatively (a little slowly) with the LibNFC tes…

…t code
gcammisa · Jan 31, 2022 · 6ee1958 · 6ee1958
1 parent d20cac4
commit 6ee1958
Show file tree

Hide file tree

Showing 12 changed files with 167 additions and 54 deletions.
diff --git a/Firmware/Chameleon-Mini/Application/CryptoTDEA.c b/Firmware/Chameleon-Mini/Application/CryptoTDEA.c
@@ -79,7 +79,7 @@ void Decrypt3DESBuffer(uint16_t Count, void *Plaintext, const void *Ciphertext,
 #include <string.h>
 #include "CryptoAES128.h"
 
-void Encrypt3DESBuffer(uint16_t Count, const void *Plaintext, void *Ciphertext, const uint8_t *Keys) {
+void Encrypt3DESBuffer(uint16_t Count, const void *Plaintext, void *Ciphertext, const uint8_t *IVIn, const uint8_t *Keys) {
     CryptoTDEA_CBCSpec CryptoSpec = {
         .cryptFunc   = &CryptoEncrypt3KTDEA,
         .blockSize   = CRYPTO_3KTDEA_BLOCK_SIZE
@@ -89,7 +89,11 @@ void Encrypt3DESBuffer(uint16_t Count, const void *Plaintext, void *Ciphertext,
     uint16_t blockIndex = 0;
     uint8_t inputBlock[CRYPTO_3KTDEA_BLOCK_SIZE];
     uint8_t IV[CRYPTO_3KTDEA_BLOCK_SIZE];
-    memset(IV, 0x00, CRYPTO_3KTDEA_BLOCK_SIZE);
+    if (IVIn == NULL) {
+        memset(IV, 0x00, CRYPTO_3KTDEA_BLOCK_SIZE);
+    } else {
+	memcpy(IV, IVIn, CRYPTO_3KTDEA_BLOCK_SIZE);
+    }
     while (blockIndex < numBlocks) {
         if (blockIndex == 0) {
             memcpy(inputBlock, &Plaintext[0], CRYPTO_3KTDEA_BLOCK_SIZE);
@@ -104,7 +108,7 @@ void Encrypt3DESBuffer(uint16_t Count, const void *Plaintext, void *Ciphertext,
     }
 }
 
-void Decrypt3DESBuffer(uint16_t Count, void *Plaintext, const void *Ciphertext, const uint8_t *Keys) {
+void Decrypt3DESBuffer(uint16_t Count, void *Plaintext, const void *Ciphertext, const uint8_t *IVIn, const uint8_t *Keys) {
     CryptoTDEA_CBCSpec CryptoSpec = {
         .cryptFunc   = &CryptoDecrypt3KTDEA,
         .blockSize   = CRYPTO_3KTDEA_BLOCK_SIZE
@@ -113,9 +117,13 @@ void Decrypt3DESBuffer(uint16_t Count, void *Plaintext, const void *Ciphertext,
     uint16_t blockIndex = 0;
     uint8_t inputBlock[CRYPTO_3KTDEA_BLOCK_SIZE];
     uint8_t IV[CRYPTO_3KTDEA_BLOCK_SIZE];
-    memset(IV, 0x00, CRYPTO_3KTDEA_BLOCK_SIZE);
+    if (IVIn == NULL) {
+        memset(IV, 0x00, CRYPTO_3KTDEA_BLOCK_SIZE);
+    } else {
+	memcpy(IV, IVIn, CRYPTO_3KTDEA_BLOCK_SIZE);
+    }
     while (blockIndex < numBlocks) {
-	CryptoSpec.cryptFunc(inputBlock, Ciphertext + blockIndex, Keys);
+	CryptoSpec.cryptFunc(inputBlock, Ciphertext + blockIndex * CRYPTO_3KTDEA_BLOCK_SIZE, Keys);
         if (blockIndex == 0) {
             memcpy(Plaintext, inputBlock, CRYPTO_3KTDEA_BLOCK_SIZE);
 	    CryptoMemoryXOR(IV, Plaintext, CRYPTO_3KTDEA_BLOCK_SIZE);

diff --git a/Firmware/Chameleon-Mini/Application/CryptoTDEA.h b/Firmware/Chameleon-Mini/Application/CryptoTDEA.h
@@ -60,8 +60,8 @@ void CryptoDecrypt2KTDEA(const void *Plaintext, void *Ciphertext, const uint8_t
 void CryptoEncrypt3KTDEA(void *Plaintext, void *Ciphertext, const uint8_t *Keys);
 void CryptoDecrypt3KTDEA(void *Plaintext, void *Ciphertext, const uint8_t *Keys);
 
-void Encrypt3DESBuffer(uint16_t Count, const void *Plaintext, void *Ciphertext, const uint8_t *Keys);
-void Decrypt3DESBuffer(uint16_t Count, void *Plaintext, const void *Ciphertext, const uint8_t *Keys);
+void Encrypt3DESBuffer(uint16_t Count, const void *Plaintext, void *Ciphertext, const uint8_t *IV, const uint8_t *Keys);
+void Decrypt3DESBuffer(uint16_t Count, void *Plaintext, const void *Ciphertext, const uint8_t *IV, const uint8_t *Keys);
 
 
 /** Performs the 2-key Triple DES en/deciphering in the CBC "send" mode (xor-then-crypt)

diff --git a/Firmware/Chameleon-Mini/Application/DESFire/DESFireInstructions.c b/Firmware/Chameleon-Mini/Application/DESFire/DESFireInstructions.c
@@ -452,7 +452,7 @@ uint16_t EV0CmdAuthenticateLegacy1(uint8_t *Buffer, uint16_t ByteCount) {
     LogEntry(LOG_APP_AUTH_KEY, (const void *) *Key, keySize);
 
     /* Generate the nonce B (RndB / Challenge response) */
-    if (LocalTestingMode != 0) {
+    if (LocalTestingMode == 0) {
         RandomGetBuffer(DesfireCommandState.RndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
     } else {
         /* Fixed nonce for testing */
@@ -1709,7 +1709,7 @@ uint16_t DesfireCmdAuthenticate3KTDEA1(uint8_t *Buffer, uint16_t ByteCount) {
     LogEntry(LOG_APP_AUTH_KEY, (const void *) *Key, keySize);
 
     /* Generate the nonce B (RndB / Challenge response) */
-    if (LocalTestingMode != 0) {
+    if (LocalTestingMode == 0) {
         RandomGetBuffer(DesfireCommandState.RndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
     } else {
         /* Fixed nonce for testing */
@@ -1729,7 +1729,7 @@ uint16_t DesfireCmdAuthenticate3KTDEA1(uint8_t *Buffer, uint16_t ByteCount) {
     memset(rndBPadded, 0x00, CRYPTO_CHALLENGE_RESPONSE_BYTES);
     memcpy(rndBPadded, DesfireCommandState.RndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
     Encrypt3DESBuffer(CRYPTO_CHALLENGE_RESPONSE_BYTES, rndBPadded,
-                      &Buffer[1], *Key);
+                      &Buffer[1], NULL, *Key);
 
     /* Scrub the key */
     memset(*Key, 0, keySize);
@@ -1766,7 +1766,7 @@ uint16_t DesfireCmdAuthenticate3KTDEA2(uint8_t *Buffer, uint16_t ByteCount) {
     BYTE challengeRndA[CRYPTO_CHALLENGE_RESPONSE_BYTES];
     BYTE challengeRndB[CRYPTO_CHALLENGE_RESPONSE_BYTES];
     Decrypt3DESBuffer(2 * CRYPTO_CHALLENGE_RESPONSE_BYTES, challengeRndAB,
-                      &Buffer[1], *Key);
+                      &Buffer[1], NULL, *Key);
     RotateArrayRight(challengeRndAB + CRYPTO_CHALLENGE_RESPONSE_BYTES, challengeRndB,
                      CRYPTO_CHALLENGE_RESPONSE_BYTES);
     memcpy(challengeRndA, challengeRndAB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
@@ -1787,7 +1787,7 @@ uint16_t DesfireCmdAuthenticate3KTDEA2(uint8_t *Buffer, uint16_t ByteCount) {
     /* Encrypt and send back the once rotated RndA buffer to the PCD */
     RotateArrayLeft(challengeRndA, challengeRndAB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
     Encrypt3DESBuffer(CRYPTO_CHALLENGE_RESPONSE_BYTES, challengeRndAB,
-                      &Buffer[1], *Key);
+                      &Buffer[1], NULL, *Key);
 
     /* Scrub the key */
     memset(*Key, 0, keySize);
@@ -1843,7 +1843,7 @@ uint16_t DesfireCmdAuthenticateAES1(uint8_t *Buffer, uint16_t ByteCount) {
     CryptoAESInitContext(&AESCryptoContext);
 
     /* Generate the nonce B (RndB / Challenge response) */
-    if (LocalTestingMode != 0) {
+    if (LocalTestingMode == 0) {
         RandomGetBuffer(&(DesfireCommandState.RndB[0]), CRYPTO_CHALLENGE_RESPONSE_BYTES);
     } else {
         /* Fixed nonce for testing */

diff --git a/Firmware/Chameleon-Mini/Makefile b/Firmware/Chameleon-Mini/Makefile
@@ -81,6 +81,9 @@ SETTINGS	+= -DENABLE_EEPROM_SETTINGS
 
 #Enable tests for DES/2KTDEA/3DES/AES128 crypto schemes:
 #SETTINGS  += -DENABLE_CRYPTO_TESTS
+#SETTINGS  += -DENABLE_CRYPTO_TDEA_TESTS
+#SETTINGS  += -DENABLE_CRYPTO_3DES_TESTS
+#SETTINGS  += -DENABLE_CRYPTO_AES_TESTS
 
 #Enable a command to run any tests added by developers, e.g., the
 #crypto scheme tests that can be enabled above:
@@ -97,8 +100,8 @@ SETTINGS  += -DDESFIRE_DEFAULT_LOGGING_MODE=DEBUGGING
 #SETTINGS += -DDESFIRE_DEFAULT_LOGGING_MODE=OFF
 
 #Set a default testing mode setting (0 = OFF, non-NULL = ON):
-SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=0
-#SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=1
+#SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=0
+SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=1
 
 #Feature: Use randomized UIDs that mask the actual secret UID until
 #the tag has been issued a successful authentication sequence:

diff --git a/Firmware/Chameleon-Mini/Tests/ChameleonTerminal.c b/Firmware/Chameleon-Mini/Tests/ChameleonTerminal.c
@@ -8,10 +8,17 @@
 CommandStatusIdType CommandRunTests(char *OutParam) {
     const ChameleonTestType testCases[] = {
 #ifdef ENABLE_CRYPTO_TESTS
-        &CryptoTDEATestCase1,
+#ifdef ENABLE_CRYPTO_TDEA_TESTS
+	&CryptoTDEATestCase1,
         &CryptoTDEATestCase2,
-        &CryptoAESTestCase1,
+#endif
+#ifdef ENABLE_CRYPTO_3DES_TESTS
+        &Crypto3DESTestCase1,
+#endif
+#ifdef ENABLE_CRYPTO_AES_TESTS
+	&CryptoAESTestCase1,
         &CryptoAESTestCase2,
+#endif
 #endif
     };
     uint32_t t;

diff --git a/Firmware/Chameleon-Mini/Tests/CryptoTests.c b/Firmware/Chameleon-Mini/Tests/CryptoTests.c
@@ -4,6 +4,7 @@
 
 #include "CryptoTests.h"
 
+#ifdef ENABLE_CRYPTO_TDEA_TESTS
 bool CryptoTDEATestCase1(char *OutParam, uint16_t MaxOutputLength) {
     const uint8_t ZeroBlock[CRYPTO_DES_BLOCK_SIZE] = {
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -53,7 +54,55 @@ bool CryptoTDEATestCase2(char *OutParam, uint16_t MaxOutputLength) {
     }
     return true;
 }
+#endif
 
+#ifdef ENABLE_CRYPTO_3DES_TESTS
+// Data from: 
+// https://boringssl.googlesource.com/boringssl/+/2490/crypto/cipher/test/cipher_test.txt#33
+bool Crypto3DESTestCase1(char *OutParam, uint16_t MaxOutputLength) {
+    const uint8_t KeyData[3 * CRYPTO_DES_BLOCK_SIZE] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 
+	0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86, 
+	0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    const uint8_t PlainText[4 * CRYPTO_DES_BLOCK_SIZE] = {
+        0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, 
+	0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, 
+	0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20, 
+	0x66, 0x6F, 0x72, 0x20, 0x00, 0x00, 0x00, 0x00
+    };
+    const uint8_t CipherText[4 * CRYPTO_DES_BLOCK_SIZE] = {
+        0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0, 
+	0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC, 
+	0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4, 
+	0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75
+    };
+    const uint8_t IV[CRYPTO_DES_BLOCK_SIZE] = {
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    uint8_t tempBuffer[4 * CRYPTO_DES_BLOCK_SIZE];
+    uint16_t dataBytes = 4 * CRYPTO_DES_BLOCK_SIZE;
+    Encrypt3DESBuffer(dataBytes, PlainText, tempBuffer, IV, KeyData);
+    if (memcmp(tempBuffer, CipherText, dataBytes)) {
+        strcat_P(OutParam, PSTR("> ENC: "));
+	OutParam += 7;
+        BufferToHexString(OutParam, MaxOutputLength - 7, tempBuffer, dataBytes);
+        strcat_P(OutParam, PSTR("\r\n"));
+        return false;
+    }
+    Decrypt3DESBuffer(dataBytes, tempBuffer, CipherText, IV, KeyData);
+    if (memcmp(tempBuffer, PlainText, dataBytes)) {
+        strcat_P(OutParam, PSTR("> DEC: "));
+	OutParam += 7;
+        BufferToHexString(OutParam, MaxOutputLength - 7, tempBuffer, dataBytes);
+        strcat_P(OutParam, PSTR("\r\n"));
+        return false;
+    }
+    return true;
+}
+#endif
+
+#ifdef ENABLE_CRYPTO_AES_TESTS
 bool CryptoAESTestCase1(char *OutParam, uint16_t MaxOutputLength) {
     // Key from FIPS-197: 00010203 04050607 08090A0B 0C0D0E0
     const uint8_t KeyData[CRYPTO_AES_KEY_SIZE] = {
@@ -136,5 +185,6 @@ bool CryptoAESTestCase2(char *OutParam, uint16_t MaxOutputLength) {
     }
     return true;
 }
+#endif
 
 #endif /* ENABLE_CRYPTO_TESTS */
diff --git a/Firmware/Chameleon-Mini/Tests/CryptoTests.h b/Firmware/Chameleon-Mini/Tests/CryptoTests.h
@@ -17,21 +17,30 @@
 
 /* DES crypto test cases: */
 
+#ifdef ENABLE_CRYPTO_TDEA_TESTS
 /* Test 2KTDEA encryption, ECB mode: */
 bool CryptoTDEATestCase1(char *OutParam, uint16_t MaxOutputLength);
 
 /* Test 2KTDEA encryption, CBC receive mode: */
 bool CryptoTDEATestCase2(char *OutParam, uint16_t MaxOutputLength);
+#endif
+
+#ifdef ENABLE_CRYPTO_3DES_TESTS
+/* Test 3DES encryption, CBC for DESFire AuthISO (0x1a): */
+bool Crypto3DESTestCase1(char *OutParam, uint16_t MaxOutputLength);
+#endif
 
 /* AES-128 crypto test cases: */
 
+#ifdef ENABLE_CRYPTO_AES_TESTS
 /* Test AES-128 encrypt/decrypt for a single block (ECB mode): */
 bool CryptoAESTestCase1(char *OutParam, uint16_t MaxOutputLength);
 
 /* Test AES-128 encrypt/decrypt for a single-block buffer (CBC mode, with an IV) -- Version 1:
  * Adapted from: https://github.com/eewiki/asf/blob/master/xmega/drivers/aes/example2/aes_example2.c
  */
 bool CryptoAESTestCase2(char *OutParam, uint16_t MaxOutputLength);
+#endif
 
 #endif /* __CRYPTO_TESTS_H__ */
 

diff --git a/Software/DESFireLibNFCTesting/LocalInclude/CryptoUtils.h b/Software/DESFireLibNFCTesting/LocalInclude/CryptoUtils.h
@@ -126,25 +126,35 @@ static inline size_t DecryptAES128(const uint8_t *encSrcBuf, size_t bufSize,
 }
 
 static inline size_t Encrypt3DES(const uint8_t *plainSrcBuf, size_t bufSize, 
-                                 uint8_t *encDestBuf, CryptoData_t cdata) {
+                                 uint8_t *encDestBuf, const uint8_t *IVIn, CryptoData_t cdata) {
      DES_key_schedule keySched1, keySched2, keySched3;
      uint8_t IV[CRYPTO_DES_BLOCK_SIZE]; 
-     DES_set_key(cdata.keyData, &keySched1);
-     DES_set_key(&cdata.keyData[8], &keySched2);
-     DES_set_key(&cdata.keyData[16], &keySched3);
-     memset(IV, 0x00, CRYPTO_DES_BLOCK_SIZE);
+     uint8_t *kd1 = cdata.keyData, *kd2 = &(cdata.keyData[8]), *kd3 = &(cdata.keyData[16]);
+     DES_set_key(kd1, &keySched1);
+     DES_set_key(kd2, &keySched2);
+     DES_set_key(kd3, &keySched3);
+     if (IVIn == NULL) {
+         memset(IV, 0x00, CRYPTO_DES_BLOCK_SIZE);
+     } else {
+         memcpy(IV, IVIn, CRYPTO_DES_BLOCK_SIZE);
+     }
      DES_ede3_cbc_encrypt(plainSrcBuf, encDestBuf, bufSize, &keySched1, &keySched2, &keySched3, &IV, DES_ENCRYPT);
      return bufSize;
 }
 
 static inline size_t Decrypt3DES(const uint8_t *encSrcBuf, size_t bufSize, 
-                                 uint8_t *plainDestBuf, CryptoData_t cdata) {
+                                 uint8_t *plainDestBuf, const uint8_t *IVIn, CryptoData_t cdata) {
      DES_key_schedule keySched1, keySched2, keySched3;
      uint8_t IV[CRYPTO_DES_BLOCK_SIZE];
-     DES_set_key(cdata.keyData, &keySched1);
-     DES_set_key(&cdata.keyData[8], &keySched2);
-     DES_set_key(&cdata.keyData[16], &keySched3);
-     memset(IV, 0x00, CRYPTO_DES_BLOCK_SIZE);
+     uint8_t *kd1 = cdata.keyData, *kd2 = &(cdata.keyData[8]), *kd3 = &(cdata.keyData[16]);
+     DES_set_key(kd1, &keySched1);
+     DES_set_key(kd2, &keySched2);
+     DES_set_key(kd3, &keySched3);
+     if (IVIn == NULL) {
+         memset(IV, 0x00, CRYPTO_DES_BLOCK_SIZE);
+     } else {
+         memcpy(IV, IVIn, CRYPTO_DES_BLOCK_SIZE);
+     }
      DES_ede3_cbc_encrypt(encSrcBuf, plainDestBuf, bufSize, &keySched1, &keySched2, &keySched3, &IV, DES_DECRYPT);
      return bufSize;
 }
@@ -194,38 +204,59 @@ static inline bool TestAESEncyptionRoutines(void) {
 
 static inline bool Test3DESEncyptionRoutines(void) {
     fprintf(stdout, ">>> TestAESEncryptionRoutines [non-DESFire command]:\n");
-    const uint8_t keyData[] = { 
-        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    //const uint8_t keyData[] = { 
+    //    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    //    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    //    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    //};
+    //const uint8_t ptData[] = {
+    //    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+    //    0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF
+    //};
+    //const uint8_t ctData[] = {
+    //    0x3e, 0xf0, 0xa8, 0x91, 0xcf, 0x8e, 0xd9, 0x90, 
+    //	0xc4, 0x77, 0xeb, 0x09, 0x02, 0xf0, 0xc5, 0x4a 
+    //};
+    const uint8_t keyData[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 
+	0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86, 
+	0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
     };
     const uint8_t ptData[] = {
-        0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
-        0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF
+        0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, 
+	0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, 
+	0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20, 
+	0x66, 0x6F, 0x72, 0x20, 0x00, 0x00, 0x00, 0x00
     };
     const uint8_t ctData[] = {
-        0x3e, 0xf0, 0xa8, 0x91, 0xcf, 0x8e, 0xd9, 0x90, 
-	0xc4, 0x77, 0xeb, 0x09, 0x02, 0xf0, 0xc5, 0x4a 
+        0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0, 
+	0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC, 
+	0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4, 
+	0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75
+    };
+    const uint8_t IV[] = {
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
     };
     CryptoData_t cdata;
     cdata.keyData = keyData;
     cdata.keySize = 3 * 8;
-    uint8_t pt[16], pt2[16], ct[16];
-    Encrypt3DES(ptData, 16, ct, cdata);
-    Decrypt3DES(ct, 16, pt2, cdata);
-    fprintf(stdout, "    -- : PT = "); print_hex(ptData, 16);
-    fprintf(stdout, "    -- : CT = "); print_hex(ctData, 16);
-    fprintf(stdout, "    -- : CT = "); print_hex(ct, 16);
-    fprintf(stdout, "    -- : PT = "); print_hex(pt2, 16);
+    const uint16_t testDataSize = 4 * 8;
+    uint8_t pt[testDataSize], ct[testDataSize];
+    Encrypt3DES(ptData, testDataSize, ct, IV, cdata);
+    Decrypt3DES(ctData, testDataSize, pt, IV, cdata);
+    fprintf(stdout, "    -- : PT [FIXED] = "); print_hex(ptData, testDataSize);
+    fprintf(stdout, "    -- : CT [FIXED] = "); print_hex(ctData, testDataSize);
+    fprintf(stdout, "    -- : CT [ENC]   = "); print_hex(ct, testDataSize);
+    fprintf(stdout, "    -- : PT [DEC]   = "); print_hex(pt, testDataSize);
     bool status = true;
-    if(memcmp(ct, ctData, 16)) {
+    if(memcmp(ct, ctData, testDataSize)) {
         fprintf(stdout, "    -- CT does NOT match !!\n");
         status = false;
     }
     else {
         fprintf(stdout, "    -- CT matches.\n");
     }
-    if(memcmp(pt2, ptData, 16)) {
+    if(memcmp(pt, ptData, testDataSize)) {
         fprintf(stdout, "    -- Decrypted PT from CT does NOT match !!\n");
         status = false;
     }