ср, 8 мая 2019 г. в 15:33, Dmitry Eremin-Solenikov dbaryshkov@gmail.com:
Any chances to get these 3 patches in?
Just as a word of justification: one of GOST-defined modes is CFB, which is used with 64-bit cipher (Magma, GOST 28147-89). Having this code in allows us to use it directly from Nettle instead of having a private copy (e.g. in GnuTLS). And while 3DES is obviously close to full deprecation, 3DES-CFB8 is a good way to define and test CFB8 support in Nettle library.
чт, 1 нояб. 2018 г. в 13:28, Dmitry Eremin-Solenikov dbaryshkov@gmail.com:
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com
testsuite/cmac-test.c | 100 +++++++++++------------------------------- testsuite/testutils.c | 64 +++++++++++++++++++++++++++ testsuite/testutils.h | 6 +++ 3 files changed, 96 insertions(+), 74 deletions(-)
diff --git a/testsuite/cmac-test.c b/testsuite/cmac-test.c index 31662d1b6c1b..b1d4aa30dfbe 100644 --- a/testsuite/cmac-test.c +++ b/testsuite/cmac-test.c @@ -2,83 +2,35 @@ #include "nettle-internal.h" #include "cmac.h"
+const struct nettle_mac nettle_cmac_aes128 = +{
- "CMAC-AES128",
- sizeof(struct cmac_aes128_ctx),
- CMAC128_DIGEST_SIZE,
- AES128_KEY_SIZE,
- (nettle_set_key_func*) cmac_aes128_set_key,
- (nettle_hash_update_func*) cmac_aes128_update,
- (nettle_hash_digest_func*) cmac_aes128_digest
+};
+const struct nettle_mac nettle_cmac_aes256 = +{
- "CMAC-AES256",
- sizeof(struct cmac_aes256_ctx),
- CMAC128_DIGEST_SIZE,
- AES256_KEY_SIZE,
- (nettle_set_key_func*) cmac_aes256_set_key,
- (nettle_hash_update_func*) cmac_aes256_update,
- (nettle_hash_digest_func*) cmac_aes256_digest
+};
#define test_cmac_aes128(key, msg, ref) \
- test_cmac_hash ((nettle_set_key_func*) cmac_aes128_set_key, \
(nettle_hash_update_func*) cmac_aes128_update, \(nettle_hash_digest_func*) cmac_aes128_digest, \sizeof(struct cmac_aes128_ctx), \key, msg, ref)
- test_mac(&nettle_cmac_aes128, key, msg, ref)
#define test_cmac_aes256(key, msg, ref) \
- test_cmac_hash ((nettle_set_key_func*) cmac_aes256_set_key, \
(nettle_hash_update_func*) cmac_aes256_update, \(nettle_hash_digest_func*) cmac_aes256_digest, \sizeof(struct cmac_aes256_ctx), \key, msg, ref)-static void -test_cmac_hash (nettle_set_key_func *set_key,
nettle_hash_update_func *update,nettle_hash_digest_func *digest, size_t ctx_size,const struct tstring *key, const struct tstring *msg,const struct tstring *ref)-{
- void *ctx;
- uint8_t hash[16];
- unsigned i;
- ctx = xalloc(ctx_size);
- ASSERT (ref->length == sizeof(hash));
- ASSERT (key->length == 16 || key->length == 32);
- set_key (ctx, key->data);
- update (ctx, msg->length, msg->data);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- /* attempt to re-use the structure */
- update (ctx, msg->length, msg->data);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed on re-use, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- /* attempt byte-by-byte hashing */
- set_key (ctx, key->data);
- for (i=0;i<msg->length;i++)
- update (ctx, 1, msg->data+i);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- free (ctx);
-}
- test_mac(&nettle_cmac_aes256, key, msg, ref)
void test_main(void) diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 1812ff4f52b0..ba0b41131925 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -924,6 +924,70 @@ test_hash_large(const struct nettle_hash *hash, free(data); }
+void +test_mac(const struct nettle_mac *mac,
const struct tstring *key,const struct tstring *msg,const struct tstring *digest)+{
- void *ctx = xalloc(mac->context_size);
- uint8_t *hash = xalloc(mac->digest_size);
- unsigned i;
- ASSERT (digest->length == mac->digest_size);
- ASSERT (key->length == mac->key_size);
- mac->set_key (ctx, key->data);
- mac->update (ctx, msg->length, msg->data);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "test_mac failed, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (mac->digest_size, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- /* attempt to re-use the structure */
- mac->update (ctx, msg->length, msg->data);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "test_mac: failed on re-use, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (mac->digest_size, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- /* attempt byte-by-byte hashing */
- mac->set_key (ctx, key->data);
- for (i=0;i<msg->length;i++)
- mac->update (ctx, 1, msg->data+i);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- free (ctx);
- free (hash);
+}
void test_armor(const struct nettle_armor *armor, size_t data_length, diff --git a/testsuite/testutils.h b/testsuite/testutils.h index ded57db6ab4f..f4ea38da9deb 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -170,6 +170,12 @@ test_hash_large(const struct nettle_hash *hash, uint8_t c, const struct tstring *digest);
+void +test_mac(const struct nettle_mac *mac,
const struct tstring *key,const struct tstring *msg,const struct tstring *digest);void test_armor(const struct nettle_armor *armor, size_t data_length, -- 2.19.1
-- With best wishes Dmitry