Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com --- testsuite/cmac-test.c | 100 +++++++++++------------------------------- testsuite/testutils.c | 64 +++++++++++++++++++++++++++ testsuite/testutils.h | 6 +++ 3 files changed, 96 insertions(+), 74 deletions(-)
diff --git a/testsuite/cmac-test.c b/testsuite/cmac-test.c index 31662d1b6c1b..b1d4aa30dfbe 100644 --- a/testsuite/cmac-test.c +++ b/testsuite/cmac-test.c @@ -2,83 +2,35 @@ #include "nettle-internal.h" #include "cmac.h"
+const struct nettle_mac nettle_cmac_aes128 = +{ + "CMAC-AES128", + sizeof(struct cmac_aes128_ctx), + CMAC128_DIGEST_SIZE, + AES128_KEY_SIZE, + + (nettle_set_key_func*) cmac_aes128_set_key, + (nettle_hash_update_func*) cmac_aes128_update, + (nettle_hash_digest_func*) cmac_aes128_digest +}; + +const struct nettle_mac nettle_cmac_aes256 = +{ + "CMAC-AES256", + sizeof(struct cmac_aes256_ctx), + CMAC128_DIGEST_SIZE, + AES256_KEY_SIZE, + + (nettle_set_key_func*) cmac_aes256_set_key, + (nettle_hash_update_func*) cmac_aes256_update, + (nettle_hash_digest_func*) cmac_aes256_digest +}; + #define test_cmac_aes128(key, msg, ref) \ - test_cmac_hash ((nettle_set_key_func*) cmac_aes128_set_key, \ - (nettle_hash_update_func*) cmac_aes128_update, \ - (nettle_hash_digest_func*) cmac_aes128_digest, \ - sizeof(struct cmac_aes128_ctx), \ - key, msg, ref) + test_mac(&nettle_cmac_aes128, key, msg, ref)
#define test_cmac_aes256(key, msg, ref) \ - test_cmac_hash ((nettle_set_key_func*) cmac_aes256_set_key, \ - (nettle_hash_update_func*) cmac_aes256_update, \ - (nettle_hash_digest_func*) cmac_aes256_digest, \ - sizeof(struct cmac_aes256_ctx), \ - key, msg, ref) - -static void -test_cmac_hash (nettle_set_key_func *set_key, - nettle_hash_update_func *update, - nettle_hash_digest_func *digest, size_t ctx_size, - const struct tstring *key, const struct tstring *msg, - const struct tstring *ref) -{ - void *ctx; - uint8_t hash[16]; - unsigned i; - - ctx = xalloc(ctx_size); - - ASSERT (ref->length == sizeof(hash)); - ASSERT (key->length == 16 || key->length == 32); - set_key (ctx, key->data); - update (ctx, msg->length, msg->data); - digest (ctx, sizeof(hash), hash); - if (!MEMEQ (ref->length, ref->data, hash)) - { - fprintf (stderr, "cmac_hash failed, msg: "); - print_hex (msg->length, msg->data); - fprintf(stderr, "Output:"); - print_hex (16, hash); - fprintf(stderr, "Expected:"); - tstring_print_hex(ref); - fprintf(stderr, "\n"); - FAIL(); - } - - /* attempt to re-use the structure */ - update (ctx, msg->length, msg->data); - digest (ctx, sizeof(hash), hash); - if (!MEMEQ (ref->length, ref->data, hash)) - { - fprintf (stderr, "cmac_hash failed on re-use, msg: "); - print_hex (msg->length, msg->data); - fprintf(stderr, "Output:"); - print_hex (16, hash); - fprintf(stderr, "Expected:"); - tstring_print_hex(ref); - fprintf(stderr, "\n"); - FAIL(); - } - - /* attempt byte-by-byte hashing */ - set_key (ctx, key->data); - for (i=0;i<msg->length;i++) - update (ctx, 1, msg->data+i); - digest (ctx, sizeof(hash), hash); - if (!MEMEQ (ref->length, ref->data, hash)) - { - fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: "); - print_hex (msg->length, msg->data); - fprintf(stderr, "Output:"); - print_hex (16, hash); - fprintf(stderr, "Expected:"); - tstring_print_hex(ref); - fprintf(stderr, "\n"); - FAIL(); - } - free (ctx); -} + test_mac(&nettle_cmac_aes256, key, msg, ref)
void test_main(void) diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 1812ff4f52b0..ba0b41131925 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -924,6 +924,70 @@ test_hash_large(const struct nettle_hash *hash, free(data); }
+void +test_mac(const struct nettle_mac *mac, + const struct tstring *key, + const struct tstring *msg, + const struct tstring *digest) +{ + void *ctx = xalloc(mac->context_size); + uint8_t *hash = xalloc(mac->digest_size); + unsigned i; + + + ASSERT (digest->length == mac->digest_size); + ASSERT (key->length == mac->key_size); + mac->set_key (ctx, key->data); + mac->update (ctx, msg->length, msg->data); + mac->digest (ctx, digest->length, hash); + + if (!MEMEQ (digest->length, digest->data, hash)) + { + fprintf (stderr, "test_mac failed, msg: "); + print_hex (msg->length, msg->data); + fprintf(stderr, "Output:"); + print_hex (mac->digest_size, hash); + fprintf(stderr, "Expected:"); + tstring_print_hex(digest); + fprintf(stderr, "\n"); + FAIL(); + } + + /* attempt to re-use the structure */ + mac->update (ctx, msg->length, msg->data); + mac->digest (ctx, digest->length, hash); + if (!MEMEQ (digest->length, digest->data, hash)) + { + fprintf (stderr, "test_mac: failed on re-use, msg: "); + print_hex (msg->length, msg->data); + fprintf(stderr, "Output:"); + print_hex (mac->digest_size, hash); + fprintf(stderr, "Expected:"); + tstring_print_hex(digest); + fprintf(stderr, "\n"); + FAIL(); + } + + /* attempt byte-by-byte hashing */ + mac->set_key (ctx, key->data); + for (i=0;i<msg->length;i++) + mac->update (ctx, 1, msg->data+i); + mac->digest (ctx, digest->length, hash); + if (!MEMEQ (digest->length, digest->data, hash)) + { + fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: "); + print_hex (msg->length, msg->data); + fprintf(stderr, "Output:"); + print_hex (16, hash); + fprintf(stderr, "Expected:"); + tstring_print_hex(digest); + fprintf(stderr, "\n"); + FAIL(); + } + free (ctx); + free (hash); +} + void test_armor(const struct nettle_armor *armor, size_t data_length, diff --git a/testsuite/testutils.h b/testsuite/testutils.h index ded57db6ab4f..f4ea38da9deb 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -170,6 +170,12 @@ test_hash_large(const struct nettle_hash *hash, uint8_t c, const struct tstring *digest);
+void +test_mac(const struct nettle_mac *mac, + const struct tstring *key, + const struct tstring *msg, + const struct tstring *digest); + void test_armor(const struct nettle_armor *armor, size_t data_length,
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com --- cmac.c | 115 +++++++++++++++++++++++++++++++++++++++++++++++++ cmac.h | 58 +++++++++++++++++++++++++ nettle-types.h | 7 +++ 3 files changed, 180 insertions(+)
diff --git a/cmac.c b/cmac.c index d08bd8325b16..8a70f595b14b 100644 --- a/cmac.c +++ b/cmac.c @@ -64,6 +64,20 @@ block_mulx(union nettle_block16 *dst, WRITE_UINT64(dst->b+8, b2); }
+static void +block_mulx8(union nettle_block8 *dst, + const union nettle_block8 *src) +{ + uint64_t b1 = READ_UINT64(src->b); + + b1 <<= 1; + + if (src->b[0] & 0x80) + b1 ^= 0x1b; + + WRITE_UINT64(dst->b, b1); +} + void cmac128_set_key(struct cmac128_ctx *ctx, const void *cipher, nettle_cipher_func *encrypt) @@ -167,3 +181,104 @@ cmac128_digest(struct cmac128_ctx *ctx, const void *cipher, memset(&ctx->X, 0, sizeof(ctx->X)); ctx->index = 0; } + +void +cmac64_set_key(struct cmac64_ctx *ctx, const void *cipher, + nettle_cipher_func *encrypt) +{ + static const uint8_t const_zero[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }; + union nettle_block8 *L = &ctx->block; + memset(ctx, 0, sizeof(*ctx)); + + /* step 1 - generate subkeys k1 and k2 */ + encrypt(cipher, 8, L->b, const_zero); + + block_mulx8(&ctx->K1, L); + block_mulx8(&ctx->K2, &ctx->K1); +} + +void +cmac64_update(struct cmac64_ctx *ctx, const void *cipher, + nettle_cipher_func *encrypt, + size_t msg_len, const uint8_t *msg) +{ + union nettle_block16 Y; + /* + * check if we expand the block + */ + if (ctx->index < 8) + { + size_t len = MIN(8 - ctx->index, msg_len); + memcpy(&ctx->block.b[ctx->index], msg, len); + msg += len; + msg_len -= len; + ctx->index += len; + } + + if (msg_len == 0) { + /* if it is still the last block, we are done */ + return; + } + + /* + * now checksum everything but the last block + */ + memxor3(Y.b, ctx->X.b, ctx->block.b, 8); + encrypt(cipher, 8, ctx->X.b, Y.b); + + while (msg_len > 8) + { + memxor3(Y.b, ctx->X.b, msg, 8); + encrypt(cipher, 8, ctx->X.b, Y.b); + msg += 8; + msg_len -= 8; + } + + /* + * copy the last block, it will be processed in + * cmac64_digest(). + */ + memcpy(ctx->block.b, msg, msg_len); + ctx->index = msg_len; +} + +void +cmac64_digest(struct cmac64_ctx *ctx, const void *cipher, + nettle_cipher_func *encrypt, + unsigned length, + uint8_t *dst) +{ + union nettle_block16 Y; + + memset(ctx->block.b+ctx->index, 0, sizeof(ctx->block.b)-ctx->index); + + /* re-use ctx->block for memxor output */ + if (ctx->index < 8) + { + ctx->block.b[ctx->index] = 0x80; + memxor(ctx->block.b, ctx->K2.b, 8); + } + else + { + memxor(ctx->block.b, ctx->K1.b, 8); + } + + memxor3(Y.b, ctx->block.b, ctx->X.b, 8); + + assert(length <= 8); + if (length == 8) + { + encrypt(cipher, 8, dst, Y.b); + } + else + { + encrypt(cipher, 8, ctx->block.b, Y.b); + memcpy(dst, ctx->block.b, length); + } + + /* reset state for re-use */ + memset(&ctx->X, 0, sizeof(ctx->X)); + ctx->index = 0; +} diff --git a/cmac.h b/cmac.h index 6d107982273e..ddd0248e5e4f 100644 --- a/cmac.h +++ b/cmac.h @@ -44,6 +44,7 @@ extern "C" { #endif
#define CMAC128_DIGEST_SIZE 16 +#define CMAC64_DIGEST_SIZE 8
#define cmac128_set_key nettle_cmac128_set_key #define cmac128_update nettle_cmac128_update @@ -55,6 +56,10 @@ extern "C" { #define cmac_aes256_update nettle_cmac_aes256_update #define cmac_aes256_digest nettle_cmac_aes256_digest
+#define cmac64_set_key nettle_cmac64_set_key +#define cmac64_update nettle_cmac64_update +#define cmac64_digest nettle_cmac64_digest + struct cmac128_ctx { /* Key */ @@ -69,6 +74,21 @@ struct cmac128_ctx size_t index; };
+struct cmac64_ctx +{ + /* Key */ + union nettle_block8 K1; + union nettle_block8 K2; + + /* MAC state */ + union nettle_block8 X; + + /* Block buffer */ + union nettle_block8 block; + size_t index; +}; + + void cmac128_set_key(struct cmac128_ctx *ctx, const void *cipher, nettle_cipher_func *encrypt); @@ -107,6 +127,44 @@ cmac128_digest(struct cmac128_ctx *ctx, const void *cipher, (nettle_cipher_func *) (encrypt), \ (length), (digest)))
+void +cmac64_set_key(struct cmac64_ctx *ctx, const void *cipher, + nettle_cipher_func *encrypt); +void +cmac64_update(struct cmac64_ctx *ctx, const void *cipher, + nettle_cipher_func *encrypt, + size_t msg_len, const uint8_t *msg); +void +cmac64_digest(struct cmac64_ctx *ctx, const void *cipher, + nettle_cipher_func *encrypt, + unsigned length, + uint8_t *digest); + + +#define CMAC64_CTX(type) \ + { struct cmac64_ctx ctx; type cipher; } + +/* NOTE: Avoid using NULL, as we don't include anything defining it. */ +#define CMAC64_SET_KEY(self, set_key, encrypt, cmac_key) \ + do { \ + (set_key)(&(self)->cipher, (cmac_key)); \ + if (0) (encrypt)(&(self)->cipher, ~(size_t) 0, \ + (uint8_t *) 0, (const uint8_t *) 0); \ + cmac64_set_key(&(self)->ctx, &(self)->cipher, \ + (nettle_cipher_func *) (encrypt)); \ + } while (0) + +#define CMAC64_UPDATE(self, encrypt, length, src) \ + cmac64_update(&(self)->ctx, &(self)->cipher, \ + (nettle_cipher_func *)encrypt, (length), (src)) + +#define CMAC64_DIGEST(self, encrypt, length, digest) \ + (0 ? (encrypt)(&(self)->cipher, ~(size_t) 0, \ + (uint8_t *) 0, (const uint8_t *) 0) \ + : cmac64_digest(&(self)->ctx, &(self)->cipher, \ + (nettle_cipher_func *) (encrypt), \ + (length), (digest))) + struct cmac_aes128_ctx CMAC128_CTX(struct aes128_ctx);
void diff --git a/nettle-types.h b/nettle-types.h index 4576b7c7b5b3..84e9706d8364 100644 --- a/nettle-types.h +++ b/nettle-types.h @@ -68,6 +68,13 @@ union nettle_block16 uint64_t u64[2]; };
+union nettle_block8 +{ + uint8_t b[8]; + unsigned long w[8 / sizeof(unsigned long)]; + uint64_t u64; +}; + /* Randomness. Used by key generation and dsa signature creation. */ typedef void nettle_random_func(void *ctx, size_t length, uint8_t *dst);
Implement CMAC using TrippleDES as underlying cipher.
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com --- Makefile.in | 2 +- cmac-des3.c | 61 +++++++++++++++++++++++++++++++++++++++++++ cmac.h | 17 ++++++++++++ testsuite/cmac-test.c | 32 +++++++++++++++++++++++ 4 files changed, 111 insertions(+), 1 deletion(-) create mode 100644 cmac-des3.c
diff --git a/Makefile.in b/Makefile.in index d4fa628a4490..2651109b0807 100644 --- a/Makefile.in +++ b/Makefile.in @@ -100,7 +100,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \ gcm-aes256.c gcm-aes256-meta.c \ gcm-camellia128.c gcm-camellia128-meta.c \ gcm-camellia256.c gcm-camellia256-meta.c \ - cmac.c cmac-aes128.c cmac-aes256.c \ + cmac.c cmac-aes128.c cmac-aes256.c cmac-des3.c \ gosthash94.c gosthash94-meta.c \ hmac.c hmac-md5.c hmac-ripemd160.c hmac-sha1.c \ hmac-sha224.c hmac-sha256.c hmac-sha384.c hmac-sha512.c \ diff --git a/cmac-des3.c b/cmac-des3.c new file mode 100644 index 000000000000..271021e275b3 --- /dev/null +++ b/cmac-des3.c @@ -0,0 +1,61 @@ +/* cmac-des3.c + + CMAC using TrippleDES as the underlying cipher. + + Copyright (C) 2018 Dmitry Eremin-Solenikov + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include <assert.h> + +#include "cmac.h" + +void +cmac_des3_set_key(struct cmac_des3_ctx *ctx, const uint8_t *key) +{ + CMAC64_SET_KEY(ctx, des3_set_key, des3_encrypt, key); +} + +void +cmac_des3_update (struct cmac_des3_ctx *ctx, + size_t length, const uint8_t *data) +{ + CMAC64_UPDATE (ctx, des3_encrypt, length, data); +} + +void +cmac_des3_digest(struct cmac_des3_ctx *ctx, + size_t length, uint8_t *digest) +{ + CMAC64_DIGEST(ctx, des3_encrypt, length, digest); +} + diff --git a/cmac.h b/cmac.h index ddd0248e5e4f..7a6caf175076 100644 --- a/cmac.h +++ b/cmac.h @@ -37,6 +37,7 @@ #define NETTLE_CMAC_H_INCLUDED
#include "aes.h" +#include "des.h" #include "nettle-types.h"
#ifdef __cplusplus @@ -59,6 +60,9 @@ extern "C" { #define cmac64_set_key nettle_cmac64_set_key #define cmac64_update nettle_cmac64_update #define cmac64_digest nettle_cmac64_digest +#define cmac_des3_set_key nettle_cmac_des3_set_key +#define cmac_des3_update nettle_cmac_des3_update +#define cmac_des3_digest nettle_cmac_des3_digest
struct cmac128_ctx { @@ -191,6 +195,19 @@ void cmac_aes256_digest(struct cmac_aes256_ctx *ctx, size_t length, uint8_t *digest);
+struct cmac_des3_ctx CMAC64_CTX(struct des3_ctx); + +void +cmac_des3_set_key(struct cmac_des3_ctx *ctx, const uint8_t *key); + +void +cmac_des3_update(struct cmac_des3_ctx *ctx, + size_t length, const uint8_t *data); + +void +cmac_des3_digest(struct cmac_des3_ctx *ctx, + size_t length, uint8_t *digest); + #ifdef __cplusplus } #endif diff --git a/testsuite/cmac-test.c b/testsuite/cmac-test.c index b1d4aa30dfbe..9d6682777dcf 100644 --- a/testsuite/cmac-test.c +++ b/testsuite/cmac-test.c @@ -26,12 +26,27 @@ const struct nettle_mac nettle_cmac_aes256 = (nettle_hash_digest_func*) cmac_aes256_digest };
+const struct nettle_mac nettle_cmac_des3 = +{ + "CMAC-3DES", + sizeof(struct cmac_des3_ctx), + CMAC64_DIGEST_SIZE, + DES3_KEY_SIZE, + + (nettle_set_key_func*) cmac_des3_set_key, + (nettle_hash_update_func*) cmac_des3_update, + (nettle_hash_digest_func*) cmac_des3_digest +}; + #define test_cmac_aes128(key, msg, ref) \ test_mac(&nettle_cmac_aes128, key, msg, ref)
#define test_cmac_aes256(key, msg, ref) \ test_mac(&nettle_cmac_aes256, key, msg, ref)
+#define test_cmac_des3(key, msg, ref) \ + test_mac(&nettle_cmac_des3, key, msg, ref) + void test_main(void) { @@ -96,4 +111,21 @@ test_main(void) SHEX("6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710"), SHEX("e1992190549f6ed5696a2c056c315410"));
+ /* CMAC-3DES vectors from NIST SP800-38B examples */ + test_cmac_des3 (SHEX("0123456789abcdef23456789abcdef01456789abcdef0123"), + SDATA(""), + SHEX("7db0d37df936c550")); + + test_cmac_des3 (SHEX("0123456789abcdef23456789abcdef01456789abcdef0123"), + SHEX("6bc1bee22e409f96e93d7e117393172a"), + SHEX("30239cf1f52e6609")); + + test_cmac_des3 (SHEX("0123456789abcdef23456789abcdef01456789abcdef0123"), + SHEX("6bc1bee22e409f96e93d7e117393172aae2d8a57"), + SHEX("6c9f3ee4923f6be2")); + + + test_cmac_des3 (SHEX("0123456789abcdef23456789abcdef01456789abcdef0123"), + SHEX("6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51"), + SHEX("99429bd0bf7904e5")); }
Hello,
Any chances to get these 3 patches in?
чт, 1 нояб. 2018 г. в 13:28, Dmitry Eremin-Solenikov dbaryshkov@gmail.com:
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com
testsuite/cmac-test.c | 100 +++++++++++------------------------------- testsuite/testutils.c | 64 +++++++++++++++++++++++++++ testsuite/testutils.h | 6 +++ 3 files changed, 96 insertions(+), 74 deletions(-)
diff --git a/testsuite/cmac-test.c b/testsuite/cmac-test.c index 31662d1b6c1b..b1d4aa30dfbe 100644 --- a/testsuite/cmac-test.c +++ b/testsuite/cmac-test.c @@ -2,83 +2,35 @@ #include "nettle-internal.h" #include "cmac.h"
+const struct nettle_mac nettle_cmac_aes128 = +{
- "CMAC-AES128",
- sizeof(struct cmac_aes128_ctx),
- CMAC128_DIGEST_SIZE,
- AES128_KEY_SIZE,
- (nettle_set_key_func*) cmac_aes128_set_key,
- (nettle_hash_update_func*) cmac_aes128_update,
- (nettle_hash_digest_func*) cmac_aes128_digest
+};
+const struct nettle_mac nettle_cmac_aes256 = +{
- "CMAC-AES256",
- sizeof(struct cmac_aes256_ctx),
- CMAC128_DIGEST_SIZE,
- AES256_KEY_SIZE,
- (nettle_set_key_func*) cmac_aes256_set_key,
- (nettle_hash_update_func*) cmac_aes256_update,
- (nettle_hash_digest_func*) cmac_aes256_digest
+};
#define test_cmac_aes128(key, msg, ref) \
- test_cmac_hash ((nettle_set_key_func*) cmac_aes128_set_key, \
(nettle_hash_update_func*) cmac_aes128_update, \(nettle_hash_digest_func*) cmac_aes128_digest, \sizeof(struct cmac_aes128_ctx), \key, msg, ref)
- test_mac(&nettle_cmac_aes128, key, msg, ref)
#define test_cmac_aes256(key, msg, ref) \
- test_cmac_hash ((nettle_set_key_func*) cmac_aes256_set_key, \
(nettle_hash_update_func*) cmac_aes256_update, \(nettle_hash_digest_func*) cmac_aes256_digest, \sizeof(struct cmac_aes256_ctx), \key, msg, ref)-static void -test_cmac_hash (nettle_set_key_func *set_key,
nettle_hash_update_func *update,nettle_hash_digest_func *digest, size_t ctx_size,const struct tstring *key, const struct tstring *msg,const struct tstring *ref)-{
- void *ctx;
- uint8_t hash[16];
- unsigned i;
- ctx = xalloc(ctx_size);
- ASSERT (ref->length == sizeof(hash));
- ASSERT (key->length == 16 || key->length == 32);
- set_key (ctx, key->data);
- update (ctx, msg->length, msg->data);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- /* attempt to re-use the structure */
- update (ctx, msg->length, msg->data);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed on re-use, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- /* attempt byte-by-byte hashing */
- set_key (ctx, key->data);
- for (i=0;i<msg->length;i++)
- update (ctx, 1, msg->data+i);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- free (ctx);
-}
- test_mac(&nettle_cmac_aes256, key, msg, ref)
void test_main(void) diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 1812ff4f52b0..ba0b41131925 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -924,6 +924,70 @@ test_hash_large(const struct nettle_hash *hash, free(data); }
+void +test_mac(const struct nettle_mac *mac,
const struct tstring *key,const struct tstring *msg,const struct tstring *digest)+{
- void *ctx = xalloc(mac->context_size);
- uint8_t *hash = xalloc(mac->digest_size);
- unsigned i;
- ASSERT (digest->length == mac->digest_size);
- ASSERT (key->length == mac->key_size);
- mac->set_key (ctx, key->data);
- mac->update (ctx, msg->length, msg->data);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "test_mac failed, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (mac->digest_size, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- /* attempt to re-use the structure */
- mac->update (ctx, msg->length, msg->data);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "test_mac: failed on re-use, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (mac->digest_size, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- /* attempt byte-by-byte hashing */
- mac->set_key (ctx, key->data);
- for (i=0;i<msg->length;i++)
- mac->update (ctx, 1, msg->data+i);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- free (ctx);
- free (hash);
+}
void test_armor(const struct nettle_armor *armor, size_t data_length, diff --git a/testsuite/testutils.h b/testsuite/testutils.h index ded57db6ab4f..f4ea38da9deb 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -170,6 +170,12 @@ test_hash_large(const struct nettle_hash *hash, uint8_t c, const struct tstring *digest);
+void +test_mac(const struct nettle_mac *mac,
const struct tstring *key,const struct tstring *msg,const struct tstring *digest);void test_armor(const struct nettle_armor *armor, size_t data_length, -- 2.19.1
ср, 8 мая 2019 г. в 15:33, Dmitry Eremin-Solenikov dbaryshkov@gmail.com:
Any chances to get these 3 patches in?
Just as a word of justification: one of GOST-defined modes is CFB, which is used with 64-bit cipher (Magma, GOST 28147-89). Having this code in allows us to use it directly from Nettle instead of having a private copy (e.g. in GnuTLS). And while 3DES is obviously close to full deprecation, 3DES-CFB8 is a good way to define and test CFB8 support in Nettle library.
чт, 1 нояб. 2018 г. в 13:28, Dmitry Eremin-Solenikov dbaryshkov@gmail.com:
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com
testsuite/cmac-test.c | 100 +++++++++++------------------------------- testsuite/testutils.c | 64 +++++++++++++++++++++++++++ testsuite/testutils.h | 6 +++ 3 files changed, 96 insertions(+), 74 deletions(-)
diff --git a/testsuite/cmac-test.c b/testsuite/cmac-test.c index 31662d1b6c1b..b1d4aa30dfbe 100644 --- a/testsuite/cmac-test.c +++ b/testsuite/cmac-test.c @@ -2,83 +2,35 @@ #include "nettle-internal.h" #include "cmac.h"
+const struct nettle_mac nettle_cmac_aes128 = +{
- "CMAC-AES128",
- sizeof(struct cmac_aes128_ctx),
- CMAC128_DIGEST_SIZE,
- AES128_KEY_SIZE,
- (nettle_set_key_func*) cmac_aes128_set_key,
- (nettle_hash_update_func*) cmac_aes128_update,
- (nettle_hash_digest_func*) cmac_aes128_digest
+};
+const struct nettle_mac nettle_cmac_aes256 = +{
- "CMAC-AES256",
- sizeof(struct cmac_aes256_ctx),
- CMAC128_DIGEST_SIZE,
- AES256_KEY_SIZE,
- (nettle_set_key_func*) cmac_aes256_set_key,
- (nettle_hash_update_func*) cmac_aes256_update,
- (nettle_hash_digest_func*) cmac_aes256_digest
+};
#define test_cmac_aes128(key, msg, ref) \
- test_cmac_hash ((nettle_set_key_func*) cmac_aes128_set_key, \
(nettle_hash_update_func*) cmac_aes128_update, \(nettle_hash_digest_func*) cmac_aes128_digest, \sizeof(struct cmac_aes128_ctx), \key, msg, ref)
- test_mac(&nettle_cmac_aes128, key, msg, ref)
#define test_cmac_aes256(key, msg, ref) \
- test_cmac_hash ((nettle_set_key_func*) cmac_aes256_set_key, \
(nettle_hash_update_func*) cmac_aes256_update, \(nettle_hash_digest_func*) cmac_aes256_digest, \sizeof(struct cmac_aes256_ctx), \key, msg, ref)-static void -test_cmac_hash (nettle_set_key_func *set_key,
nettle_hash_update_func *update,nettle_hash_digest_func *digest, size_t ctx_size,const struct tstring *key, const struct tstring *msg,const struct tstring *ref)-{
- void *ctx;
- uint8_t hash[16];
- unsigned i;
- ctx = xalloc(ctx_size);
- ASSERT (ref->length == sizeof(hash));
- ASSERT (key->length == 16 || key->length == 32);
- set_key (ctx, key->data);
- update (ctx, msg->length, msg->data);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- /* attempt to re-use the structure */
- update (ctx, msg->length, msg->data);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed on re-use, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- /* attempt byte-by-byte hashing */
- set_key (ctx, key->data);
- for (i=0;i<msg->length;i++)
- update (ctx, 1, msg->data+i);
- digest (ctx, sizeof(hash), hash);
- if (!MEMEQ (ref->length, ref->data, hash))
- {
fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(ref);fprintf(stderr, "\n");FAIL();- }
- free (ctx);
-}
- test_mac(&nettle_cmac_aes256, key, msg, ref)
void test_main(void) diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 1812ff4f52b0..ba0b41131925 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -924,6 +924,70 @@ test_hash_large(const struct nettle_hash *hash, free(data); }
+void +test_mac(const struct nettle_mac *mac,
const struct tstring *key,const struct tstring *msg,const struct tstring *digest)+{
- void *ctx = xalloc(mac->context_size);
- uint8_t *hash = xalloc(mac->digest_size);
- unsigned i;
- ASSERT (digest->length == mac->digest_size);
- ASSERT (key->length == mac->key_size);
- mac->set_key (ctx, key->data);
- mac->update (ctx, msg->length, msg->data);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "test_mac failed, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (mac->digest_size, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- /* attempt to re-use the structure */
- mac->update (ctx, msg->length, msg->data);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "test_mac: failed on re-use, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (mac->digest_size, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- /* attempt byte-by-byte hashing */
- mac->set_key (ctx, key->data);
- for (i=0;i<msg->length;i++)
- mac->update (ctx, 1, msg->data+i);
- mac->digest (ctx, digest->length, hash);
- if (!MEMEQ (digest->length, digest->data, hash))
- {
fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: ");print_hex (msg->length, msg->data);fprintf(stderr, "Output:");print_hex (16, hash);fprintf(stderr, "Expected:");tstring_print_hex(digest);fprintf(stderr, "\n");FAIL();- }
- free (ctx);
- free (hash);
+}
void test_armor(const struct nettle_armor *armor, size_t data_length, diff --git a/testsuite/testutils.h b/testsuite/testutils.h index ded57db6ab4f..f4ea38da9deb 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -170,6 +170,12 @@ test_hash_large(const struct nettle_hash *hash, uint8_t c, const struct tstring *digest);
+void +test_mac(const struct nettle_mac *mac,
const struct tstring *key,const struct tstring *msg,const struct tstring *digest);void test_armor(const struct nettle_armor *armor, size_t data_length, -- 2.19.1
-- With best wishes Dmitry
nettle-bugs@lists.lysator.liu.se
-
Dmitry Eremin-Solenikov