/src/libgcrypt/cipher/mac-cmac.c

Source (jump to first uncovered line)
/* mac-cmac.c  -  CMAC glue for MAC API
 * Copyright (C) 2013 Jussi Kivilinna <jussi.kivilinna@iki.fi>
 * Copyright (C) 2008 Free Software Foundation, Inc.
 *
 * This file is part of Libgcrypt.
 *
 * Libgcrypt is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * Libgcrypt is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this program; if not, see <http://www.gnu.org/licenses/>.
 */

#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>

#include "g10lib.h"
#include "cipher.h"
#include "./mac-internal.h"


static int
map_mac_algo_to_cipher (int mac_algo)
{
  switch (mac_algo)
    {
    default:
      return GCRY_CIPHER_NONE;
    case GCRY_MAC_CMAC_AES:
      return GCRY_CIPHER_AES;
    case GCRY_MAC_CMAC_3DES:
      return GCRY_CIPHER_3DES;
    case GCRY_MAC_CMAC_CAMELLIA:
      return GCRY_CIPHER_CAMELLIA128;
    case GCRY_MAC_CMAC_IDEA:
      return GCRY_CIPHER_IDEA;
    case GCRY_MAC_CMAC_CAST5:
      return GCRY_CIPHER_CAST5;
    case GCRY_MAC_CMAC_BLOWFISH:
      return GCRY_CIPHER_BLOWFISH;
    case GCRY_MAC_CMAC_TWOFISH:
      return GCRY_CIPHER_TWOFISH;
    case GCRY_MAC_CMAC_SERPENT:
      return GCRY_CIPHER_SERPENT128;
    case GCRY_MAC_CMAC_SEED:
      return GCRY_CIPHER_SEED;
    case GCRY_MAC_CMAC_RFC2268:
      return GCRY_CIPHER_RFC2268_128;
    case GCRY_MAC_CMAC_GOST28147:
      return GCRY_CIPHER_GOST28147;
    case GCRY_MAC_CMAC_SM4:
      return GCRY_CIPHER_SM4;
    case GCRY_MAC_CMAC_ARIA:
      return GCRY_CIPHER_ARIA128;
    }
}


static gcry_err_code_t
cmac_open (gcry_mac_hd_t h)
{
  gcry_err_code_t err;
  gcry_cipher_hd_t hd;
  int secure = (h->magic == CTX_MAC_MAGIC_SECURE);
  int cipher_algo;
  unsigned int flags;

  cipher_algo = map_mac_algo_to_cipher (h->spec->algo);
  flags = (secure ? GCRY_CIPHER_SECURE : 0);

  err = _gcry_cipher_open_internal (&hd, cipher_algo, GCRY_CIPHER_MODE_CMAC,
                                    flags);
  if (err)
    return err;

  h->u.cmac.cipher_algo = cipher_algo;
  h->u.cmac.ctx = hd;
  h->u.cmac.blklen = _gcry_cipher_get_algo_blklen (cipher_algo);
  return 0;
}


static void
cmac_close (gcry_mac_hd_t h)
{
  _gcry_cipher_close (h->u.cmac.ctx);
  h->u.cmac.ctx = NULL;
}


static gcry_err_code_t
cmac_setkey (gcry_mac_hd_t h, const unsigned char *key, size_t keylen)
{
  return _gcry_cipher_setkey (h->u.cmac.ctx, key, keylen);
}


static gcry_err_code_t
cmac_reset (gcry_mac_hd_t h)
{
  return _gcry_cipher_reset (h->u.cmac.ctx);
}


static gcry_err_code_t
cmac_write (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen)
{
  return _gcry_cipher_cmac_authenticate (h->u.cmac.ctx, buf, buflen);
}


static gcry_err_code_t
cmac_read (gcry_mac_hd_t h, unsigned char *outbuf, size_t * outlen)
{
  if (*outlen > h->u.cmac.blklen)
    *outlen = h->u.cmac.blklen;
  return _gcry_cipher_cmac_get_tag (h->u.cmac.ctx, outbuf, *outlen);
}


static gcry_err_code_t
cmac_verify (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen)
{
  return _gcry_cipher_cmac_check_tag (h->u.cmac.ctx, buf, buflen);
}


static unsigned int
cmac_get_maclen (int algo)
{
  return _gcry_cipher_get_algo_blklen (map_mac_algo_to_cipher (algo));
}


static unsigned int
cmac_get_keylen (int algo)
{
  return _gcry_cipher_get_algo_keylen (map_mac_algo_to_cipher (algo));
}


/* Check one CMAC with MAC ALGO using the regular MAC
 * API. (DATA,DATALEN) is the data to be MACed, (KEY,KEYLEN) the key
 * and (EXPECT,EXPECTLEN) the expected result.  Returns NULL on
 * success or a string describing the failure.  */
static const char *
check_one (int algo, const char *data, size_t datalen,
           const char *key, size_t keylen,
           const char *expect, size_t expectlen)
{
  gcry_mac_hd_t hd;
  unsigned char mac[512]; /* hardcoded to avoid allocation */
  unsigned int maclen;
  size_t macoutlen;
  int i;
  gcry_error_t err = 0;

  err = _gcry_mac_open (&hd, algo, 0, NULL);
  if (err)
    return "gcry_mac_open failed";

  i = _gcry_mac_get_algo (hd);
  if (i != algo)
    return "gcry_mac_get_algo failed";

  maclen = _gcry_mac_get_algo_maclen (algo);
  if (maclen < 1 || maclen > 500)
    return "gcry_mac_get_algo_maclen failed";

  if (maclen != expectlen)
    return "invalid tests data";

  err = _gcry_mac_setkey (hd, key, keylen);
  if (err)
    {
      _gcry_mac_close (hd);
      return "gcry_mac_setkey failed";
    }

  err = _gcry_mac_write (hd, data, datalen);
  if (err)
    {
      _gcry_mac_close (hd);
      return "gcry_mac_write failed";
    }

  err = _gcry_mac_verify (hd, expect, maclen);
  if (err)
    {
      _gcry_mac_close (hd);
      return "gcry_mac_verify failed";
    }

  macoutlen = maclen;
  err = _gcry_mac_read (hd, mac, &macoutlen);
  _gcry_mac_close (hd);
  if (err)
    return "gcry_mac_read failed";

  if (memcmp (mac, expect, maclen))
    return "does not match";

  return NULL;
}


/*
 * CMAC AES and DES test vectors are from
 * http://web.archive.org/web/20130930212819/http://csrc.nist.gov/publica \
 * tions/nistpubs/800-38B/Updated_CMAC_Examples.pdf
 */

static gpg_err_code_t
selftests_cmac_3des (int extended, selftest_report_func_t report)
{
  static const struct
  {
    const char *desc;
    const char *data;
    const char *key;
    const char *expect;
  } tv[] =
    {
      { "Basic 3DES",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57",
        "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
        "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
        "\x74\x3d\xdb\xe0\xce\x2d\xc2\xed" },
      { "Extended 3DES #1",
        "",
        "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
        "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
        "\xb7\xa6\x88\xe1\x22\xff\xaf\x95" },
      { "Extended 3DES #2",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96",
        "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
        "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
        "\x8e\x8f\x29\x31\x36\x28\x37\x97" },
      { "Extended 3DES #3",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
        "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
        "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
        "\x33\xe6\xb1\x09\x24\x00\xea\xe5" },
      { "Extended 3DES #4",
        "",
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
        "\xbd\x2e\xbf\x9a\x3b\xa0\x03\x61" },
      { "Extended 3DES #5",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96",
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
        "\x4f\xf2\xab\x81\x3c\x53\xce\x83" },
      { "Extended 3DES #6",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57",
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
        "\x62\xdd\x1b\x47\x19\x02\xbd\x4e" },
      { "Extended 3DES #7",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
        "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
        "\x31\xb1\xe4\x31\xda\xbc\x4e\xb8" },
      { NULL }
    };
  const char *what;
  const char *errtxt;
  int tvidx;

  for (tvidx=0; tv[tvidx].desc; tvidx++)
    {
      what = tv[tvidx].desc;
      errtxt = check_one (GCRY_MAC_CMAC_3DES,
                          tv[tvidx].data, strlen (tv[tvidx].data),
                          tv[tvidx].key, strlen (tv[tvidx].key),
                          tv[tvidx].expect, 8);
      if (errtxt)
        goto failed;
      if (!extended)
        break;
    }

  return 0; /* Succeeded. */

 failed:
  if (report)
    report ("cmac", GCRY_MAC_CMAC_3DES, what, errtxt);
  return GPG_ERR_SELFTEST_FAILED;
}



static gpg_err_code_t
selftests_cmac_aes (int extended, selftest_report_func_t report)
{
  static const struct
  {
    const char *desc;
    const char *data;
    const char *key;
    const char *expect;
  } tv[] =
    {
      { "Basic AES128",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
        "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
        "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
        "\xdf\xa6\x67\x47\xde\x9a\xe6\x30\x30\xca\x32\x61\x14\x97\xc8\x27" },
      { "Basic AES192",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
        "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
        "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
        "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
        "\x8a\x1d\xe5\xbe\x2e\xb3\x1a\xad\x08\x9a\x82\xe6\xee\x90\x8b\x0e" },
      { "Basic AES256",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
        "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
        "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
        "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
        "\xaa\xf3\xd8\xf1\xde\x56\x40\xc2\x32\xf5\xb1\x69\xb9\xc9\x11\xe6" },
      { "Extended AES #1",
        "",
        "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
        "\xbb\x1d\x69\x29\xe9\x59\x37\x28\x7f\xa3\x7d\x12\x9b\x75\x67\x46" },
      { "Extended AES #2",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
        "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
        "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
        "\x9e\x99\xa7\xbf\x31\xe7\x10\x90\x06\x62\xf6\x5e\x61\x7c\x51\x84" },
      { "Extended AES #3",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
        "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
        "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
        "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
        "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
        "\xe1\x99\x21\x90\x54\x9f\x6e\xd5\x69\x6a\x2c\x05\x6c\x31\x54\x10" },
      { "Extended AES #4",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
        "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
        "\x07\x0a\x16\xb4\x6b\x4d\x41\x44\xf7\x9b\xdd\x9d\xd0\x4a\x28\x7c" },
      { "Extended AES #5",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
        "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
        "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
        "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
        "\x51\xf0\xbe\xbf\x7e\x3b\x9d\x92\xfc\x49\x74\x17\x79\x36\x3c\xfe" },
      { "Extended AES #6",
        "",
        "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
        "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
        "\xd1\x7d\xdf\x46\xad\xaa\xcd\xe5\x31\xca\xc4\x83\xde\x7a\x93\x67" },
      { "Extended AES #7",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
        "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
        "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
        "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
        "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
        "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
        "\xa1\xd5\xdf\x0e\xed\x79\x0f\x79\x4d\x77\x58\x96\x59\xf3\x9a\x11" },
      { "Extended AES #8",
        "",
        "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
        "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
        "\x02\x89\x62\xf6\x1b\x7b\xf8\x9e\xfc\x6b\x55\x1f\x46\x67\xd9\x83" },
      { "Extended AES #9",
        "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
        "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
        "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
        "\x28\xa7\x02\x3f\x45\x2e\x8f\x82\xbd\x4b\xf2\x8d\x8c\x37\xc3\x5c" },
      { NULL }
    };
  const char *what;
  const char *errtxt;
  int tvidx;

  for (tvidx=0; tv[tvidx].desc; tvidx++)
    {
      what = tv[tvidx].desc;
      errtxt = check_one (GCRY_MAC_CMAC_AES,
                          tv[tvidx].data, strlen (tv[tvidx].data),
                          tv[tvidx].key, strlen (tv[tvidx].key),
                          tv[tvidx].expect, strlen (tv[tvidx].expect));
      if (errtxt)
        goto failed;
      if (tvidx >= 2 && !extended)
        break;
    }

  return 0; /* Succeeded. */

 failed:
  if (report)
    report ("cmac", GCRY_MAC_CMAC_AES, what, errtxt);
  return GPG_ERR_SELFTEST_FAILED;
}

static gpg_err_code_t
cmac_selftest (int algo, int extended, selftest_report_func_t report)
{
  gpg_err_code_t ec;

  switch (algo)
    {
    case GCRY_MAC_CMAC_3DES:
      ec = selftests_cmac_3des (extended, report);
      break;
    case GCRY_MAC_CMAC_AES:
      ec = selftests_cmac_aes (extended, report);
      break;

    default:
      ec = GPG_ERR_MAC_ALGO;
      break;
    }

  return ec;
}


static gcry_mac_spec_ops_t cmac_ops = {
  cmac_open,
  cmac_close,
  cmac_setkey,
  NULL,
  cmac_reset,
  cmac_write,
  cmac_read,
  cmac_verify,
  cmac_get_maclen,
  cmac_get_keylen,
  NULL,
  cmac_selftest
};


#if USE_BLOWFISH
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_blowfish = {
  GCRY_MAC_CMAC_BLOWFISH, {0, 0}, "CMAC_BLOWFISH",
  &cmac_ops
};
#endif
#if USE_DES
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_tripledes = {
  GCRY_MAC_CMAC_3DES, {0, 0}, "CMAC_3DES",
  &cmac_ops
};
#endif
#if USE_CAST5
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_cast5 = {
  GCRY_MAC_CMAC_CAST5, {0, 0}, "CMAC_CAST5",
  &cmac_ops
};
#endif
#if USE_AES
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_aes = {
  GCRY_MAC_CMAC_AES, {0, 1}, "CMAC_AES",
  &cmac_ops
};
#endif
#if USE_TWOFISH
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_twofish = {
  GCRY_MAC_CMAC_TWOFISH, {0, 0}, "CMAC_TWOFISH",
  &cmac_ops
};
#endif
#if USE_SERPENT
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_serpent = {
  GCRY_MAC_CMAC_SERPENT, {0, 0}, "CMAC_SERPENT",
  &cmac_ops
};
#endif
#if USE_RFC2268
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_rfc2268 = {
  GCRY_MAC_CMAC_RFC2268, {0, 0}, "CMAC_RFC2268",
  &cmac_ops
};
#endif
#if USE_SEED
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_seed = {
  GCRY_MAC_CMAC_SEED, {0, 0}, "CMAC_SEED",
  &cmac_ops
};
#endif
#if USE_CAMELLIA
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_camellia = {
  GCRY_MAC_CMAC_CAMELLIA, {0, 0}, "CMAC_CAMELLIA",
  &cmac_ops
};
#endif
#if USE_IDEA
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_idea = {
  GCRY_MAC_CMAC_IDEA, {0, 0}, "CMAC_IDEA",
  &cmac_ops
};
#endif
#if USE_GOST28147
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_gost28147 = {
  GCRY_MAC_CMAC_GOST28147, {0, 0}, "CMAC_GOST28147",
  &cmac_ops
};
#endif
#if USE_SM4
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_sm4 = {
  GCRY_MAC_CMAC_SM4, {0, 0}, "CMAC_SM4",
  &cmac_ops
};
#endif
#if USE_ARIA
const gcry_mac_spec_t _gcry_mac_type_spec_cmac_aria = {
  GCRY_MAC_CMAC_ARIA, {0, 0}, "CMAC_ARIA",
  &cmac_ops
};
#endif

Coverage Report

Created: 2024-11-21 07:03

Line	Count	Source (jump to first uncovered line)
1		/* mac-cmac.c - CMAC glue for MAC API
2		* Copyright (C) 2013 Jussi Kivilinna <jussi.kivilinna@iki.fi>
3		* Copyright (C) 2008 Free Software Foundation, Inc.
4		*
5		* This file is part of Libgcrypt.
6		*
7		* Libgcrypt is free software; you can redistribute it and/or modify
8		* it under the terms of the GNU Lesser General Public License as
9		* published by the Free Software Foundation; either version 2.1 of
10		* the License, or (at your option) any later version.
11		*
12		* Libgcrypt is distributed in the hope that it will be useful,
13		* but WITHOUT ANY WARRANTY; without even the implied warranty of
14		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15		* GNU Lesser General Public License for more details.
16		*
17		* You should have received a copy of the GNU Lesser General Public
18		* License along with this program; if not, see <http://www.gnu.org/licenses/>.
19		*/
20
21		#include <config.h>
22		#include <stdio.h>
23		#include <stdlib.h>
24		#include <string.h>
25		#include <errno.h>
26
27		#include "g10lib.h"
28		#include "cipher.h"
29		#include "./mac-internal.h"
30
31
32		static int
33		map_mac_algo_to_cipher (int mac_algo)
34	555	{
35	555	switch (mac_algo)
36	555	{
37	0	default:
38	0	return GCRY_CIPHER_NONE;
39	63	case GCRY_MAC_CMAC_AES:
40	63	return GCRY_CIPHER_AES;
41	0	case GCRY_MAC_CMAC_3DES:
42	0	return GCRY_CIPHER_3DES;
43	80	case GCRY_MAC_CMAC_CAMELLIA:
44	80	return GCRY_CIPHER_CAMELLIA128;
45	40	case GCRY_MAC_CMAC_IDEA:
46	40	return GCRY_CIPHER_IDEA;
47	15	case GCRY_MAC_CMAC_CAST5:
48	15	return GCRY_CIPHER_CAST5;
49	71	case GCRY_MAC_CMAC_BLOWFISH:
50	71	return GCRY_CIPHER_BLOWFISH;
51	27	case GCRY_MAC_CMAC_TWOFISH:
52	27	return GCRY_CIPHER_TWOFISH;
53	48	case GCRY_MAC_CMAC_SERPENT:
54	48	return GCRY_CIPHER_SERPENT128;
55	10	case GCRY_MAC_CMAC_SEED:
56	10	return GCRY_CIPHER_SEED;
57	85	case GCRY_MAC_CMAC_RFC2268:
58	85	return GCRY_CIPHER_RFC2268_128;
59	12	case GCRY_MAC_CMAC_GOST28147:
60	12	return GCRY_CIPHER_GOST28147;
61	24	case GCRY_MAC_CMAC_SM4:
62	24	return GCRY_CIPHER_SM4;
63	80	case GCRY_MAC_CMAC_ARIA:
64	80	return GCRY_CIPHER_ARIA128;
65	555	}
66	555	}
67
68
69		static gcry_err_code_t
70		cmac_open (gcry_mac_hd_t h)
71	355	{
72	355	gcry_err_code_t err;
73	355	gcry_cipher_hd_t hd;
74	355	int secure = (h->magic == CTX_MAC_MAGIC_SECURE);
75	355	int cipher_algo;
76	355	unsigned int flags;
77
78	355	cipher_algo = map_mac_algo_to_cipher (h->spec->algo);
79	355	flags = (secure ? GCRY_CIPHER_SECURE : 0);
80
81	355	err = _gcry_cipher_open_internal (&hd, cipher_algo, GCRY_CIPHER_MODE_CMAC,
82	355	flags);
83	355	if (err)
84	0	return err;
85
86	355	h->u.cmac.cipher_algo = cipher_algo;
87	355	h->u.cmac.ctx = hd;
88	355	h->u.cmac.blklen = _gcry_cipher_get_algo_blklen (cipher_algo);
89	355	return 0;
90	355	}
91
92
93		static void
94		cmac_close (gcry_mac_hd_t h)
95	355	{
96	355	_gcry_cipher_close (h->u.cmac.ctx);
97	355	h->u.cmac.ctx = NULL;
98	355	}
99
100
101		static gcry_err_code_t
102		cmac_setkey (gcry_mac_hd_t h, const unsigned char *key, size_t keylen)
103	355	{
104	355	return _gcry_cipher_setkey (h->u.cmac.ctx, key, keylen);
105	355	}
106
107
108		static gcry_err_code_t
109		cmac_reset (gcry_mac_hd_t h)
110	0	{
111	0	return _gcry_cipher_reset (h->u.cmac.ctx);
112	0	}
113
114
115		static gcry_err_code_t
116		cmac_write (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen)
117	24.6k	{
118	24.6k	return _gcry_cipher_cmac_authenticate (h->u.cmac.ctx, buf, buflen);
119	24.6k	}
120
121
122		static gcry_err_code_t
123		cmac_read (gcry_mac_hd_t h, unsigned char outbuf, size_t outlen)
124	200	{
125	200	if (*outlen > h->u.cmac.blklen)
126	0	*outlen = h->u.cmac.blklen;
127	200	return _gcry_cipher_cmac_get_tag (h->u.cmac.ctx, outbuf, *outlen);
128	200	}
129
130
131		static gcry_err_code_t
132		cmac_verify (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen)
133	0	{
134	0	return _gcry_cipher_cmac_check_tag (h->u.cmac.ctx, buf, buflen);
135	0	}
136
137
138		static unsigned int
139		cmac_get_maclen (int algo)
140	200	{
141	200	return _gcry_cipher_get_algo_blklen (map_mac_algo_to_cipher (algo));
142	200	}
143
144
145		static unsigned int
146		cmac_get_keylen (int algo)
147	0	{
148	0	return _gcry_cipher_get_algo_keylen (map_mac_algo_to_cipher (algo));
149	0	}
150
151
152		/* Check one CMAC with MAC ALGO using the regular MAC
153		* API. (DATA,DATALEN) is the data to be MACed, (KEY,KEYLEN) the key
154		* and (EXPECT,EXPECTLEN) the expected result. Returns NULL on
155		* success or a string describing the failure. */
156		static const char *
157		check_one (int algo, const char *data, size_t datalen,
158		const char *key, size_t keylen,
159		const char *expect, size_t expectlen)
160	0	{
161	0	gcry_mac_hd_t hd;
162	0	unsigned char mac[512]; /* hardcoded to avoid allocation */
163	0	unsigned int maclen;
164	0	size_t macoutlen;
165	0	int i;
166	0	gcry_error_t err = 0;
167
168	0	err = _gcry_mac_open (&hd, algo, 0, NULL);
169	0	if (err)
170	0	return "gcry_mac_open failed";
171
172	0	i = _gcry_mac_get_algo (hd);
173	0	if (i != algo)
174	0	return "gcry_mac_get_algo failed";
175
176	0	maclen = _gcry_mac_get_algo_maclen (algo);
177	0	if (maclen < 1 \|\| maclen > 500)
178	0	return "gcry_mac_get_algo_maclen failed";
179
180	0	if (maclen != expectlen)
181	0	return "invalid tests data";
182
183	0	err = _gcry_mac_setkey (hd, key, keylen);
184	0	if (err)
185	0	{
186	0	_gcry_mac_close (hd);
187	0	return "gcry_mac_setkey failed";
188	0	}
189
190	0	err = _gcry_mac_write (hd, data, datalen);
191	0	if (err)
192	0	{
193	0	_gcry_mac_close (hd);
194	0	return "gcry_mac_write failed";
195	0	}
196
197	0	err = _gcry_mac_verify (hd, expect, maclen);
198	0	if (err)
199	0	{
200	0	_gcry_mac_close (hd);
201	0	return "gcry_mac_verify failed";
202	0	}
203
204	0	macoutlen = maclen;
205	0	err = _gcry_mac_read (hd, mac, &macoutlen);
206	0	_gcry_mac_close (hd);
207	0	if (err)
208	0	return "gcry_mac_read failed";
209
210	0	if (memcmp (mac, expect, maclen))
211	0	return "does not match";
212
213	0	return NULL;
214	0	}
215
216
217		/*
218		* CMAC AES and DES test vectors are from
219		* http://web.archive.org/web/20130930212819/http://csrc.nist.gov/publica \
220		* tions/nistpubs/800-38B/Updated_CMAC_Examples.pdf
221		*/
222
223		static gpg_err_code_t
224		selftests_cmac_3des (int extended, selftest_report_func_t report)
225	0	{
226	0	static const struct
227	0	{
228	0	const char *desc;
229	0	const char *data;
230	0	const char *key;
231	0	const char *expect;
232	0	} tv[] =
233	0	{
234	0	{ "Basic 3DES",
235	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
236	0	"\xae\x2d\x8a\x57",
237	0	"\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
238	0	"\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
239	0	"\x74\x3d\xdb\xe0\xce\x2d\xc2\xed" },
240	0	{ "Extended 3DES #1",
241	0	"",
242	0	"\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
243	0	"\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
244	0	"\xb7\xa6\x88\xe1\x22\xff\xaf\x95" },
245	0	{ "Extended 3DES #2",
246	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96",
247	0	"\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
248	0	"\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
249	0	"\x8e\x8f\x29\x31\x36\x28\x37\x97" },
250	0	{ "Extended 3DES #3",
251	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
252	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
253	0	"\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
254	0	"\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5",
255	0	"\x33\xe6\xb1\x09\x24\x00\xea\xe5" },
256	0	{ "Extended 3DES #4",
257	0	"",
258	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
259	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
260	0	"\xbd\x2e\xbf\x9a\x3b\xa0\x03\x61" },
261	0	{ "Extended 3DES #5",
262	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96",
263	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
264	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
265	0	"\x4f\xf2\xab\x81\x3c\x53\xce\x83" },
266	0	{ "Extended 3DES #6",
267	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
268	0	"\xae\x2d\x8a\x57",
269	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
270	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
271	0	"\x62\xdd\x1b\x47\x19\x02\xbd\x4e" },
272	0	{ "Extended 3DES #7",
273	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
274	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
275	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38"
276	0	"\x4c\xf1\x51\x34\xa2\x85\x0d\xd5",
277	0	"\x31\xb1\xe4\x31\xda\xbc\x4e\xb8" },
278	0	{ NULL }
279	0	};
280	0	const char *what;
281	0	const char *errtxt;
282	0	int tvidx;
283
284	0	for (tvidx=0; tv[tvidx].desc; tvidx++)
285	0	{
286	0	what = tv[tvidx].desc;
287	0	errtxt = check_one (GCRY_MAC_CMAC_3DES,
288	0	tv[tvidx].data, strlen (tv[tvidx].data),
289	0	tv[tvidx].key, strlen (tv[tvidx].key),
290	0	tv[tvidx].expect, 8);
291	0	if (errtxt)
292	0	goto failed;
293	0	if (!extended)
294	0	break;
295	0	}
296
297	0	return 0; /* Succeeded. */
298
299	0	failed:
300	0	if (report)
301	0	report ("cmac", GCRY_MAC_CMAC_3DES, what, errtxt);
302	0	return GPG_ERR_SELFTEST_FAILED;
303	0	}
304
305
306
307		static gpg_err_code_t
308		selftests_cmac_aes (int extended, selftest_report_func_t report)
309	0	{
310	0	static const struct
311	0	{
312	0	const char *desc;
313	0	const char *data;
314	0	const char *key;
315	0	const char *expect;
316	0	} tv[] =
317	0	{
318	0	{ "Basic AES128",
319	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
320	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
321	0	"\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
322	0	"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
323	0	"\xdf\xa6\x67\x47\xde\x9a\xe6\x30\x30\xca\x32\x61\x14\x97\xc8\x27" },
324	0	{ "Basic AES192",
325	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
326	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
327	0	"\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
328	0	"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
329	0	"\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
330	0	"\x8a\x1d\xe5\xbe\x2e\xb3\x1a\xad\x08\x9a\x82\xe6\xee\x90\x8b\x0e" },
331	0	{ "Basic AES256",
332	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
333	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
334	0	"\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
335	0	"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
336	0	"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
337	0	"\xaa\xf3\xd8\xf1\xde\x56\x40\xc2\x32\xf5\xb1\x69\xb9\xc9\x11\xe6" },
338	0	{ "Extended AES #1",
339	0	"",
340	0	"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
341	0	"\xbb\x1d\x69\x29\xe9\x59\x37\x28\x7f\xa3\x7d\x12\x9b\x75\x67\x46" },
342	0	{ "Extended AES #2",
343	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
344	0	"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
345	0	"\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
346	0	"\x9e\x99\xa7\xbf\x31\xe7\x10\x90\x06\x62\xf6\x5e\x61\x7c\x51\x84" },
347	0	{ "Extended AES #3",
348	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
349	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
350	0	"\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
351	0	"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
352	0	"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
353	0	"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
354	0	"\xe1\x99\x21\x90\x54\x9f\x6e\xd5\x69\x6a\x2c\x05\x6c\x31\x54\x10" },
355	0	{ "Extended AES #4",
356	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
357	0	"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
358	0	"\x07\x0a\x16\xb4\x6b\x4d\x41\x44\xf7\x9b\xdd\x9d\xd0\x4a\x28\x7c" },
359	0	{ "Extended AES #5",
360	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
361	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
362	0	"\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
363	0	"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
364	0	"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
365	0	"\x51\xf0\xbe\xbf\x7e\x3b\x9d\x92\xfc\x49\x74\x17\x79\x36\x3c\xfe" },
366	0	{ "Extended AES #6",
367	0	"",
368	0	"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
369	0	"\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
370	0	"\xd1\x7d\xdf\x46\xad\xaa\xcd\xe5\x31\xca\xc4\x83\xde\x7a\x93\x67" },
371	0	{ "Extended AES #7",
372	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
373	0	"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
374	0	"\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
375	0	"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
376	0	"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
377	0	"\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
378	0	"\xa1\xd5\xdf\x0e\xed\x79\x0f\x79\x4d\x77\x58\x96\x59\xf3\x9a\x11" },
379	0	{ "Extended AES #8",
380	0	"",
381	0	"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
382	0	"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
383	0	"\x02\x89\x62\xf6\x1b\x7b\xf8\x9e\xfc\x6b\x55\x1f\x46\x67\xd9\x83" },
384	0	{ "Extended AES #9",
385	0	"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
386	0	"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
387	0	"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
388	0	"\x28\xa7\x02\x3f\x45\x2e\x8f\x82\xbd\x4b\xf2\x8d\x8c\x37\xc3\x5c" },
389	0	{ NULL }
390	0	};
391	0	const char *what;
392	0	const char *errtxt;
393	0	int tvidx;
394
395	0	for (tvidx=0; tv[tvidx].desc; tvidx++)
396	0	{
397	0	what = tv[tvidx].desc;
398	0	errtxt = check_one (GCRY_MAC_CMAC_AES,
399	0	tv[tvidx].data, strlen (tv[tvidx].data),
400	0	tv[tvidx].key, strlen (tv[tvidx].key),
401	0	tv[tvidx].expect, strlen (tv[tvidx].expect));
402	0	if (errtxt)
403	0	goto failed;
404	0	if (tvidx >= 2 && !extended)
405	0	break;
406	0	}
407
408	0	return 0; /* Succeeded. */
409
410	0	failed:
411	0	if (report)
412	0	report ("cmac", GCRY_MAC_CMAC_AES, what, errtxt);
413	0	return GPG_ERR_SELFTEST_FAILED;
414	0	}
415
416		static gpg_err_code_t
417		cmac_selftest (int algo, int extended, selftest_report_func_t report)
418	0	{
419	0	gpg_err_code_t ec;
420
421	0	switch (algo)
422	0	{
423	0	case GCRY_MAC_CMAC_3DES:
424	0	ec = selftests_cmac_3des (extended, report);
425	0	break;
426	0	case GCRY_MAC_CMAC_AES:
427	0	ec = selftests_cmac_aes (extended, report);
428	0	break;
429
430	0	default:
431	0	ec = GPG_ERR_MAC_ALGO;
432	0	break;
433	0	}
434
435	0	return ec;
436	0	}
437
438
439		static gcry_mac_spec_ops_t cmac_ops = {
440		cmac_open,
441		cmac_close,
442		cmac_setkey,
443		NULL,
444		cmac_reset,
445		cmac_write,
446		cmac_read,
447		cmac_verify,
448		cmac_get_maclen,
449		cmac_get_keylen,
450		NULL,
451		cmac_selftest
452		};
453
454
455		#if USE_BLOWFISH
456		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_blowfish = {
457		GCRY_MAC_CMAC_BLOWFISH, {0, 0}, "CMAC_BLOWFISH",
458		&cmac_ops
459		};
460		#endif
461		#if USE_DES
462		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_tripledes = {
463		GCRY_MAC_CMAC_3DES, {0, 0}, "CMAC_3DES",
464		&cmac_ops
465		};
466		#endif
467		#if USE_CAST5
468		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_cast5 = {
469		GCRY_MAC_CMAC_CAST5, {0, 0}, "CMAC_CAST5",
470		&cmac_ops
471		};
472		#endif
473		#if USE_AES
474		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_aes = {
475		GCRY_MAC_CMAC_AES, {0, 1}, "CMAC_AES",
476		&cmac_ops
477		};
478		#endif
479		#if USE_TWOFISH
480		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_twofish = {
481		GCRY_MAC_CMAC_TWOFISH, {0, 0}, "CMAC_TWOFISH",
482		&cmac_ops
483		};
484		#endif
485		#if USE_SERPENT
486		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_serpent = {
487		GCRY_MAC_CMAC_SERPENT, {0, 0}, "CMAC_SERPENT",
488		&cmac_ops
489		};
490		#endif
491		#if USE_RFC2268
492		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_rfc2268 = {
493		GCRY_MAC_CMAC_RFC2268, {0, 0}, "CMAC_RFC2268",
494		&cmac_ops
495		};
496		#endif
497		#if USE_SEED
498		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_seed = {
499		GCRY_MAC_CMAC_SEED, {0, 0}, "CMAC_SEED",
500		&cmac_ops
501		};
502		#endif
503		#if USE_CAMELLIA
504		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_camellia = {
505		GCRY_MAC_CMAC_CAMELLIA, {0, 0}, "CMAC_CAMELLIA",
506		&cmac_ops
507		};
508		#endif
509		#if USE_IDEA
510		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_idea = {
511		GCRY_MAC_CMAC_IDEA, {0, 0}, "CMAC_IDEA",
512		&cmac_ops
513		};
514		#endif
515		#if USE_GOST28147
516		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_gost28147 = {
517		GCRY_MAC_CMAC_GOST28147, {0, 0}, "CMAC_GOST28147",
518		&cmac_ops
519		};
520		#endif
521		#if USE_SM4
522		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_sm4 = {
523		GCRY_MAC_CMAC_SM4, {0, 0}, "CMAC_SM4",
524		&cmac_ops
525		};
526		#endif
527		#if USE_ARIA
528		const gcry_mac_spec_t _gcry_mac_type_spec_cmac_aria = {
529		GCRY_MAC_CMAC_ARIA, {0, 0}, "CMAC_ARIA",
530		&cmac_ops
531		};
532		#endif