/src/libgcrypt/cipher/mac-cmac.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* mac-cmac.c - CMAC glue for MAC API |
2 | | * Copyright (C) 2013 Jussi Kivilinna <jussi.kivilinna@iki.fi> |
3 | | * Copyright (C) 2008 Free Software Foundation, Inc. |
4 | | * |
5 | | * This file is part of Libgcrypt. |
6 | | * |
7 | | * Libgcrypt is free software; you can redistribute it and/or modify |
8 | | * it under the terms of the GNU Lesser General Public License as |
9 | | * published by the Free Software Foundation; either version 2.1 of |
10 | | * the License, or (at your option) any later version. |
11 | | * |
12 | | * Libgcrypt is distributed in the hope that it will be useful, |
13 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 | | * GNU Lesser General Public License for more details. |
16 | | * |
17 | | * You should have received a copy of the GNU Lesser General Public |
18 | | * License along with this program; if not, see <http://www.gnu.org/licenses/>. |
19 | | */ |
20 | | |
21 | | #include <config.h> |
22 | | #include <stdio.h> |
23 | | #include <stdlib.h> |
24 | | #include <string.h> |
25 | | #include <errno.h> |
26 | | |
27 | | #include "g10lib.h" |
28 | | #include "cipher.h" |
29 | | #include "./mac-internal.h" |
30 | | |
31 | | |
32 | | static int |
33 | | map_mac_algo_to_cipher (int mac_algo) |
34 | 555 | { |
35 | 555 | switch (mac_algo) |
36 | 555 | { |
37 | 0 | default: |
38 | 0 | return GCRY_CIPHER_NONE; |
39 | 63 | case GCRY_MAC_CMAC_AES: |
40 | 63 | return GCRY_CIPHER_AES; |
41 | 0 | case GCRY_MAC_CMAC_3DES: |
42 | 0 | return GCRY_CIPHER_3DES; |
43 | 80 | case GCRY_MAC_CMAC_CAMELLIA: |
44 | 80 | return GCRY_CIPHER_CAMELLIA128; |
45 | 40 | case GCRY_MAC_CMAC_IDEA: |
46 | 40 | return GCRY_CIPHER_IDEA; |
47 | 15 | case GCRY_MAC_CMAC_CAST5: |
48 | 15 | return GCRY_CIPHER_CAST5; |
49 | 71 | case GCRY_MAC_CMAC_BLOWFISH: |
50 | 71 | return GCRY_CIPHER_BLOWFISH; |
51 | 27 | case GCRY_MAC_CMAC_TWOFISH: |
52 | 27 | return GCRY_CIPHER_TWOFISH; |
53 | 48 | case GCRY_MAC_CMAC_SERPENT: |
54 | 48 | return GCRY_CIPHER_SERPENT128; |
55 | 10 | case GCRY_MAC_CMAC_SEED: |
56 | 10 | return GCRY_CIPHER_SEED; |
57 | 85 | case GCRY_MAC_CMAC_RFC2268: |
58 | 85 | return GCRY_CIPHER_RFC2268_128; |
59 | 12 | case GCRY_MAC_CMAC_GOST28147: |
60 | 12 | return GCRY_CIPHER_GOST28147; |
61 | 24 | case GCRY_MAC_CMAC_SM4: |
62 | 24 | return GCRY_CIPHER_SM4; |
63 | 80 | case GCRY_MAC_CMAC_ARIA: |
64 | 80 | return GCRY_CIPHER_ARIA128; |
65 | 555 | } |
66 | 555 | } |
67 | | |
68 | | |
69 | | static gcry_err_code_t |
70 | | cmac_open (gcry_mac_hd_t h) |
71 | 355 | { |
72 | 355 | gcry_err_code_t err; |
73 | 355 | gcry_cipher_hd_t hd; |
74 | 355 | int secure = (h->magic == CTX_MAC_MAGIC_SECURE); |
75 | 355 | int cipher_algo; |
76 | 355 | unsigned int flags; |
77 | | |
78 | 355 | cipher_algo = map_mac_algo_to_cipher (h->spec->algo); |
79 | 355 | flags = (secure ? GCRY_CIPHER_SECURE : 0); |
80 | | |
81 | 355 | err = _gcry_cipher_open_internal (&hd, cipher_algo, GCRY_CIPHER_MODE_CMAC, |
82 | 355 | flags); |
83 | 355 | if (err) |
84 | 0 | return err; |
85 | | |
86 | 355 | h->u.cmac.cipher_algo = cipher_algo; |
87 | 355 | h->u.cmac.ctx = hd; |
88 | 355 | h->u.cmac.blklen = _gcry_cipher_get_algo_blklen (cipher_algo); |
89 | 355 | return 0; |
90 | 355 | } |
91 | | |
92 | | |
93 | | static void |
94 | | cmac_close (gcry_mac_hd_t h) |
95 | 355 | { |
96 | 355 | _gcry_cipher_close (h->u.cmac.ctx); |
97 | 355 | h->u.cmac.ctx = NULL; |
98 | 355 | } |
99 | | |
100 | | |
101 | | static gcry_err_code_t |
102 | | cmac_setkey (gcry_mac_hd_t h, const unsigned char *key, size_t keylen) |
103 | 355 | { |
104 | 355 | return _gcry_cipher_setkey (h->u.cmac.ctx, key, keylen); |
105 | 355 | } |
106 | | |
107 | | |
108 | | static gcry_err_code_t |
109 | | cmac_reset (gcry_mac_hd_t h) |
110 | 0 | { |
111 | 0 | return _gcry_cipher_reset (h->u.cmac.ctx); |
112 | 0 | } |
113 | | |
114 | | |
115 | | static gcry_err_code_t |
116 | | cmac_write (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen) |
117 | 24.6k | { |
118 | 24.6k | return _gcry_cipher_cmac_authenticate (h->u.cmac.ctx, buf, buflen); |
119 | 24.6k | } |
120 | | |
121 | | |
122 | | static gcry_err_code_t |
123 | | cmac_read (gcry_mac_hd_t h, unsigned char *outbuf, size_t * outlen) |
124 | 200 | { |
125 | 200 | if (*outlen > h->u.cmac.blklen) |
126 | 0 | *outlen = h->u.cmac.blklen; |
127 | 200 | return _gcry_cipher_cmac_get_tag (h->u.cmac.ctx, outbuf, *outlen); |
128 | 200 | } |
129 | | |
130 | | |
131 | | static gcry_err_code_t |
132 | | cmac_verify (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen) |
133 | 0 | { |
134 | 0 | return _gcry_cipher_cmac_check_tag (h->u.cmac.ctx, buf, buflen); |
135 | 0 | } |
136 | | |
137 | | |
138 | | static unsigned int |
139 | | cmac_get_maclen (int algo) |
140 | 200 | { |
141 | 200 | return _gcry_cipher_get_algo_blklen (map_mac_algo_to_cipher (algo)); |
142 | 200 | } |
143 | | |
144 | | |
145 | | static unsigned int |
146 | | cmac_get_keylen (int algo) |
147 | 0 | { |
148 | 0 | return _gcry_cipher_get_algo_keylen (map_mac_algo_to_cipher (algo)); |
149 | 0 | } |
150 | | |
151 | | |
152 | | /* Check one CMAC with MAC ALGO using the regular MAC |
153 | | * API. (DATA,DATALEN) is the data to be MACed, (KEY,KEYLEN) the key |
154 | | * and (EXPECT,EXPECTLEN) the expected result. Returns NULL on |
155 | | * success or a string describing the failure. */ |
156 | | static const char * |
157 | | check_one (int algo, const char *data, size_t datalen, |
158 | | const char *key, size_t keylen, |
159 | | const char *expect, size_t expectlen) |
160 | 0 | { |
161 | 0 | gcry_mac_hd_t hd; |
162 | 0 | unsigned char mac[512]; /* hardcoded to avoid allocation */ |
163 | 0 | unsigned int maclen; |
164 | 0 | size_t macoutlen; |
165 | 0 | int i; |
166 | 0 | gcry_error_t err = 0; |
167 | |
|
168 | 0 | err = _gcry_mac_open (&hd, algo, 0, NULL); |
169 | 0 | if (err) |
170 | 0 | return "gcry_mac_open failed"; |
171 | | |
172 | 0 | i = _gcry_mac_get_algo (hd); |
173 | 0 | if (i != algo) |
174 | 0 | return "gcry_mac_get_algo failed"; |
175 | | |
176 | 0 | maclen = _gcry_mac_get_algo_maclen (algo); |
177 | 0 | if (maclen < 1 || maclen > 500) |
178 | 0 | return "gcry_mac_get_algo_maclen failed"; |
179 | | |
180 | 0 | if (maclen != expectlen) |
181 | 0 | return "invalid tests data"; |
182 | | |
183 | 0 | err = _gcry_mac_setkey (hd, key, keylen); |
184 | 0 | if (err) |
185 | 0 | { |
186 | 0 | _gcry_mac_close (hd); |
187 | 0 | return "gcry_mac_setkey failed"; |
188 | 0 | } |
189 | | |
190 | 0 | err = _gcry_mac_write (hd, data, datalen); |
191 | 0 | if (err) |
192 | 0 | { |
193 | 0 | _gcry_mac_close (hd); |
194 | 0 | return "gcry_mac_write failed"; |
195 | 0 | } |
196 | | |
197 | 0 | err = _gcry_mac_verify (hd, expect, maclen); |
198 | 0 | if (err) |
199 | 0 | { |
200 | 0 | _gcry_mac_close (hd); |
201 | 0 | return "gcry_mac_verify failed"; |
202 | 0 | } |
203 | | |
204 | 0 | macoutlen = maclen; |
205 | 0 | err = _gcry_mac_read (hd, mac, &macoutlen); |
206 | 0 | _gcry_mac_close (hd); |
207 | 0 | if (err) |
208 | 0 | return "gcry_mac_read failed"; |
209 | | |
210 | 0 | if (memcmp (mac, expect, maclen)) |
211 | 0 | return "does not match"; |
212 | | |
213 | 0 | return NULL; |
214 | 0 | } |
215 | | |
216 | | |
217 | | /* |
218 | | * CMAC AES and DES test vectors are from |
219 | | * http://web.archive.org/web/20130930212819/http://csrc.nist.gov/publica \ |
220 | | * tions/nistpubs/800-38B/Updated_CMAC_Examples.pdf |
221 | | */ |
222 | | |
223 | | static gpg_err_code_t |
224 | | selftests_cmac_3des (int extended, selftest_report_func_t report) |
225 | 0 | { |
226 | 0 | static const struct |
227 | 0 | { |
228 | 0 | const char *desc; |
229 | 0 | const char *data; |
230 | 0 | const char *key; |
231 | 0 | const char *expect; |
232 | 0 | } tv[] = |
233 | 0 | { |
234 | 0 | { "Basic 3DES", |
235 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
236 | 0 | "\xae\x2d\x8a\x57", |
237 | 0 | "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58" |
238 | 0 | "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", |
239 | 0 | "\x74\x3d\xdb\xe0\xce\x2d\xc2\xed" }, |
240 | 0 | { "Extended 3DES #1", |
241 | 0 | "", |
242 | 0 | "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58" |
243 | 0 | "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", |
244 | 0 | "\xb7\xa6\x88\xe1\x22\xff\xaf\x95" }, |
245 | 0 | { "Extended 3DES #2", |
246 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96", |
247 | 0 | "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58" |
248 | 0 | "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", |
249 | 0 | "\x8e\x8f\x29\x31\x36\x28\x37\x97" }, |
250 | 0 | { "Extended 3DES #3", |
251 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
252 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51", |
253 | 0 | "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58" |
254 | 0 | "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", |
255 | 0 | "\x33\xe6\xb1\x09\x24\x00\xea\xe5" }, |
256 | 0 | { "Extended 3DES #4", |
257 | 0 | "", |
258 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38" |
259 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5", |
260 | 0 | "\xbd\x2e\xbf\x9a\x3b\xa0\x03\x61" }, |
261 | 0 | { "Extended 3DES #5", |
262 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96", |
263 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38" |
264 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5", |
265 | 0 | "\x4f\xf2\xab\x81\x3c\x53\xce\x83" }, |
266 | 0 | { "Extended 3DES #6", |
267 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
268 | 0 | "\xae\x2d\x8a\x57", |
269 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38" |
270 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5", |
271 | 0 | "\x62\xdd\x1b\x47\x19\x02\xbd\x4e" }, |
272 | 0 | { "Extended 3DES #7", |
273 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
274 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51", |
275 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5\x8a\x3d\x10\xba\x80\x57\x0d\x38" |
276 | 0 | "\x4c\xf1\x51\x34\xa2\x85\x0d\xd5", |
277 | 0 | "\x31\xb1\xe4\x31\xda\xbc\x4e\xb8" }, |
278 | 0 | { NULL } |
279 | 0 | }; |
280 | 0 | const char *what; |
281 | 0 | const char *errtxt; |
282 | 0 | int tvidx; |
283 | |
|
284 | 0 | for (tvidx=0; tv[tvidx].desc; tvidx++) |
285 | 0 | { |
286 | 0 | what = tv[tvidx].desc; |
287 | 0 | errtxt = check_one (GCRY_MAC_CMAC_3DES, |
288 | 0 | tv[tvidx].data, strlen (tv[tvidx].data), |
289 | 0 | tv[tvidx].key, strlen (tv[tvidx].key), |
290 | 0 | tv[tvidx].expect, 8); |
291 | 0 | if (errtxt) |
292 | 0 | goto failed; |
293 | 0 | if (!extended) |
294 | 0 | break; |
295 | 0 | } |
296 | | |
297 | 0 | return 0; /* Succeeded. */ |
298 | | |
299 | 0 | failed: |
300 | 0 | if (report) |
301 | 0 | report ("cmac", GCRY_MAC_CMAC_3DES, what, errtxt); |
302 | 0 | return GPG_ERR_SELFTEST_FAILED; |
303 | 0 | } |
304 | | |
305 | | |
306 | | |
307 | | static gpg_err_code_t |
308 | | selftests_cmac_aes (int extended, selftest_report_func_t report) |
309 | 0 | { |
310 | 0 | static const struct |
311 | 0 | { |
312 | 0 | const char *desc; |
313 | 0 | const char *data; |
314 | 0 | const char *key; |
315 | 0 | const char *expect; |
316 | 0 | } tv[] = |
317 | 0 | { |
318 | 0 | { "Basic AES128", |
319 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
320 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" |
321 | 0 | "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11", |
322 | 0 | "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", |
323 | 0 | "\xdf\xa6\x67\x47\xde\x9a\xe6\x30\x30\xca\x32\x61\x14\x97\xc8\x27" }, |
324 | 0 | { "Basic AES192", |
325 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
326 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" |
327 | 0 | "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11", |
328 | 0 | "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5" |
329 | 0 | "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", |
330 | 0 | "\x8a\x1d\xe5\xbe\x2e\xb3\x1a\xad\x08\x9a\x82\xe6\xee\x90\x8b\x0e" }, |
331 | 0 | { "Basic AES256", |
332 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
333 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" |
334 | 0 | "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11", |
335 | 0 | "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" |
336 | 0 | "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", |
337 | 0 | "\xaa\xf3\xd8\xf1\xde\x56\x40\xc2\x32\xf5\xb1\x69\xb9\xc9\x11\xe6" }, |
338 | 0 | { "Extended AES #1", |
339 | 0 | "", |
340 | 0 | "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", |
341 | 0 | "\xbb\x1d\x69\x29\xe9\x59\x37\x28\x7f\xa3\x7d\x12\x9b\x75\x67\x46" }, |
342 | 0 | { "Extended AES #2", |
343 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a", |
344 | 0 | "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5" |
345 | 0 | "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", |
346 | 0 | "\x9e\x99\xa7\xbf\x31\xe7\x10\x90\x06\x62\xf6\x5e\x61\x7c\x51\x84" }, |
347 | 0 | { "Extended AES #3", |
348 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
349 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" |
350 | 0 | "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" |
351 | 0 | "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", |
352 | 0 | "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" |
353 | 0 | "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", |
354 | 0 | "\xe1\x99\x21\x90\x54\x9f\x6e\xd5\x69\x6a\x2c\x05\x6c\x31\x54\x10" }, |
355 | 0 | { "Extended AES #4", |
356 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a", |
357 | 0 | "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", |
358 | 0 | "\x07\x0a\x16\xb4\x6b\x4d\x41\x44\xf7\x9b\xdd\x9d\xd0\x4a\x28\x7c" }, |
359 | 0 | { "Extended AES #5", |
360 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
361 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" |
362 | 0 | "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" |
363 | 0 | "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", |
364 | 0 | "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", |
365 | 0 | "\x51\xf0\xbe\xbf\x7e\x3b\x9d\x92\xfc\x49\x74\x17\x79\x36\x3c\xfe" }, |
366 | 0 | { "Extended AES #6", |
367 | 0 | "", |
368 | 0 | "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5" |
369 | 0 | "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", |
370 | 0 | "\xd1\x7d\xdf\x46\xad\xaa\xcd\xe5\x31\xca\xc4\x83\xde\x7a\x93\x67" }, |
371 | 0 | { "Extended AES #7", |
372 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" |
373 | 0 | "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" |
374 | 0 | "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" |
375 | 0 | "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", |
376 | 0 | "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5" |
377 | 0 | "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", |
378 | 0 | "\xa1\xd5\xdf\x0e\xed\x79\x0f\x79\x4d\x77\x58\x96\x59\xf3\x9a\x11" }, |
379 | 0 | { "Extended AES #8", |
380 | 0 | "", |
381 | 0 | "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" |
382 | 0 | "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", |
383 | 0 | "\x02\x89\x62\xf6\x1b\x7b\xf8\x9e\xfc\x6b\x55\x1f\x46\x67\xd9\x83" }, |
384 | 0 | { "Extended AES #9", |
385 | 0 | "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a", |
386 | 0 | "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" |
387 | 0 | "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", |
388 | 0 | "\x28\xa7\x02\x3f\x45\x2e\x8f\x82\xbd\x4b\xf2\x8d\x8c\x37\xc3\x5c" }, |
389 | 0 | { NULL } |
390 | 0 | }; |
391 | 0 | const char *what; |
392 | 0 | const char *errtxt; |
393 | 0 | int tvidx; |
394 | |
|
395 | 0 | for (tvidx=0; tv[tvidx].desc; tvidx++) |
396 | 0 | { |
397 | 0 | what = tv[tvidx].desc; |
398 | 0 | errtxt = check_one (GCRY_MAC_CMAC_AES, |
399 | 0 | tv[tvidx].data, strlen (tv[tvidx].data), |
400 | 0 | tv[tvidx].key, strlen (tv[tvidx].key), |
401 | 0 | tv[tvidx].expect, strlen (tv[tvidx].expect)); |
402 | 0 | if (errtxt) |
403 | 0 | goto failed; |
404 | 0 | if (tvidx >= 2 && !extended) |
405 | 0 | break; |
406 | 0 | } |
407 | | |
408 | 0 | return 0; /* Succeeded. */ |
409 | | |
410 | 0 | failed: |
411 | 0 | if (report) |
412 | 0 | report ("cmac", GCRY_MAC_CMAC_AES, what, errtxt); |
413 | 0 | return GPG_ERR_SELFTEST_FAILED; |
414 | 0 | } |
415 | | |
416 | | static gpg_err_code_t |
417 | | cmac_selftest (int algo, int extended, selftest_report_func_t report) |
418 | 0 | { |
419 | 0 | gpg_err_code_t ec; |
420 | |
|
421 | 0 | switch (algo) |
422 | 0 | { |
423 | 0 | case GCRY_MAC_CMAC_3DES: |
424 | 0 | ec = selftests_cmac_3des (extended, report); |
425 | 0 | break; |
426 | 0 | case GCRY_MAC_CMAC_AES: |
427 | 0 | ec = selftests_cmac_aes (extended, report); |
428 | 0 | break; |
429 | | |
430 | 0 | default: |
431 | 0 | ec = GPG_ERR_MAC_ALGO; |
432 | 0 | break; |
433 | 0 | } |
434 | | |
435 | 0 | return ec; |
436 | 0 | } |
437 | | |
438 | | |
439 | | static gcry_mac_spec_ops_t cmac_ops = { |
440 | | cmac_open, |
441 | | cmac_close, |
442 | | cmac_setkey, |
443 | | NULL, |
444 | | cmac_reset, |
445 | | cmac_write, |
446 | | cmac_read, |
447 | | cmac_verify, |
448 | | cmac_get_maclen, |
449 | | cmac_get_keylen, |
450 | | NULL, |
451 | | cmac_selftest |
452 | | }; |
453 | | |
454 | | |
455 | | #if USE_BLOWFISH |
456 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_blowfish = { |
457 | | GCRY_MAC_CMAC_BLOWFISH, {0, 0}, "CMAC_BLOWFISH", |
458 | | &cmac_ops |
459 | | }; |
460 | | #endif |
461 | | #if USE_DES |
462 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_tripledes = { |
463 | | GCRY_MAC_CMAC_3DES, {0, 0}, "CMAC_3DES", |
464 | | &cmac_ops |
465 | | }; |
466 | | #endif |
467 | | #if USE_CAST5 |
468 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_cast5 = { |
469 | | GCRY_MAC_CMAC_CAST5, {0, 0}, "CMAC_CAST5", |
470 | | &cmac_ops |
471 | | }; |
472 | | #endif |
473 | | #if USE_AES |
474 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_aes = { |
475 | | GCRY_MAC_CMAC_AES, {0, 1}, "CMAC_AES", |
476 | | &cmac_ops |
477 | | }; |
478 | | #endif |
479 | | #if USE_TWOFISH |
480 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_twofish = { |
481 | | GCRY_MAC_CMAC_TWOFISH, {0, 0}, "CMAC_TWOFISH", |
482 | | &cmac_ops |
483 | | }; |
484 | | #endif |
485 | | #if USE_SERPENT |
486 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_serpent = { |
487 | | GCRY_MAC_CMAC_SERPENT, {0, 0}, "CMAC_SERPENT", |
488 | | &cmac_ops |
489 | | }; |
490 | | #endif |
491 | | #if USE_RFC2268 |
492 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_rfc2268 = { |
493 | | GCRY_MAC_CMAC_RFC2268, {0, 0}, "CMAC_RFC2268", |
494 | | &cmac_ops |
495 | | }; |
496 | | #endif |
497 | | #if USE_SEED |
498 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_seed = { |
499 | | GCRY_MAC_CMAC_SEED, {0, 0}, "CMAC_SEED", |
500 | | &cmac_ops |
501 | | }; |
502 | | #endif |
503 | | #if USE_CAMELLIA |
504 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_camellia = { |
505 | | GCRY_MAC_CMAC_CAMELLIA, {0, 0}, "CMAC_CAMELLIA", |
506 | | &cmac_ops |
507 | | }; |
508 | | #endif |
509 | | #if USE_IDEA |
510 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_idea = { |
511 | | GCRY_MAC_CMAC_IDEA, {0, 0}, "CMAC_IDEA", |
512 | | &cmac_ops |
513 | | }; |
514 | | #endif |
515 | | #if USE_GOST28147 |
516 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_gost28147 = { |
517 | | GCRY_MAC_CMAC_GOST28147, {0, 0}, "CMAC_GOST28147", |
518 | | &cmac_ops |
519 | | }; |
520 | | #endif |
521 | | #if USE_SM4 |
522 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_sm4 = { |
523 | | GCRY_MAC_CMAC_SM4, {0, 0}, "CMAC_SM4", |
524 | | &cmac_ops |
525 | | }; |
526 | | #endif |
527 | | #if USE_ARIA |
528 | | const gcry_mac_spec_t _gcry_mac_type_spec_cmac_aria = { |
529 | | GCRY_MAC_CMAC_ARIA, {0, 0}, "CMAC_ARIA", |
530 | | &cmac_ops |
531 | | }; |
532 | | #endif |