From f8c206ed23e98a62c2b4d17237d6c0a2f6050843 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Wed, 15 May 2019 10:24:48 +0200
Subject: [PATCH] New SIV key size constants. Use in tests.
---
ChangeLog | 4 +++
siv-cmac.h | 4 +++
testsuite/siv-test.c | 64 ++++++++++++++++++--------------------------
3 files changed, 34 insertions(+), 38 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index d1336130..3f210b25 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
2019-05-15 Niels Möller <nisse@lysator.liu.se>
+ * siv-cmac.h (SIV_CMAC_AES128_KEY_SIZE, SIV_CMAC_AES256_KEY_SIZE):
+ New constants.
+ * testsuite/siv-test.c: Simplify tests a little.
+
* siv-cmac.h (SIV_MIN_NONCE_SIZE): New constant, 1.
* siv-cmac.c (_siv_s2v): Require non-empty nonce.
* nettle.texinfo (SIV-CMAC): Update documentation.
diff --git a/siv-cmac.h b/siv-cmac.h
index a56dfd79..881a59ba 100644
--- a/siv-cmac.h
+++ b/siv-cmac.h
@@ -88,6 +88,8 @@ siv_cmac_decrypt_message(struct cmac128_ctx *siv_cmac_ctx, const void *cmac_ciph
#define SIV_CMAC_CTX(type) { struct CMAC128_CTX(type) siv_cmac; type siv_cipher; }
/* SIV_CMAC_AES128 */
+#define SIV_CMAC_AES128_KEY_SIZE 32
+
struct siv_cmac_aes128_ctx SIV_CMAC_CTX(struct aes128_ctx);
void
@@ -106,6 +108,8 @@ siv_cmac_aes128_decrypt_message(struct siv_cmac_aes128_ctx *ctx,
size_t mlength, uint8_t *dst, const uint8_t *src);
/* SIV_CMAC_AES256 */
+#define SIV_CMAC_AES256_KEY_SIZE 64
+
struct siv_cmac_aes256_ctx SIV_CMAC_CTX(struct aes256_ctx);
void
diff --git a/testsuite/siv-test.c b/testsuite/siv-test.c
index b2d5ccb4..627e3844 100644
--- a/testsuite/siv-test.c
+++ b/testsuite/siv-test.c
@@ -112,8 +112,7 @@ test_cipher_siv(const char *name,
nettle_set_key_func *siv_set_key,
nettle_encrypt_message_func *siv_encrypt,
nettle_decrypt_message_func *siv_decrypt,
- unsigned context_size,
- const struct nettle_cipher *cipher,
+ size_t context_size, size_t key_size,
const struct tstring *key,
const struct tstring *nonce,
const struct tstring *authdata,
@@ -125,12 +124,11 @@ test_cipher_siv(const char *name,
uint8_t *de_data;
int ret;
- ASSERT (key->length == cipher->key_size*2);
+ ASSERT (key->length == key_size);
ASSERT (cleartext->length + SIV_DIGEST_SIZE == ciphertext->length);
de_data = xalloc(cleartext->length+SIV_DIGEST_SIZE);
en_data = xalloc(ciphertext->length);
- cipher->set_encrypt_key(ctx, key->data);
/* Ensure we get the same answers using the all-in-one API. */
memset(de_data, 0, cleartext->length);
@@ -175,17 +173,19 @@ test_cipher_siv(const char *name,
free(de_data);
}
-#define test_siv_aes128(name, ctx_size, cipher, key, nonce, authdata, cleartext, ciphertext) \
- test_cipher_siv(name, (nettle_set_key_func*)siv_cmac_aes128_set_key, \
- (nettle_encrypt_message_func*)siv_cmac_aes128_encrypt_message, \
- (nettle_decrypt_message_func*)siv_cmac_aes128_decrypt_message, ctx_size, cipher, \
- key, nonce, authdata, cleartext, ciphertext)
+#define test_siv_aes128(name, key, nonce, authdata, cleartext, ciphertext) \
+ test_cipher_siv(name, (nettle_set_key_func*)siv_cmac_aes128_set_key, \
+ (nettle_encrypt_message_func*)siv_cmac_aes128_encrypt_message, \
+ (nettle_decrypt_message_func*)siv_cmac_aes128_decrypt_message, \
+ sizeof(struct siv_cmac_aes128_ctx), SIV_CMAC_AES128_KEY_SIZE, \
+ key, nonce, authdata, cleartext, ciphertext)
-#define test_siv_aes256(name, ctx_size, cipher, key, nonce, authdata, cleartext, ciphertext) \
- test_cipher_siv(name, (nettle_set_key_func*)siv_cmac_aes256_set_key, \
- (nettle_encrypt_message_func*)siv_cmac_aes256_encrypt_message, \
- (nettle_decrypt_message_func*)siv_cmac_aes256_decrypt_message, ctx_size, cipher, \
- key, nonce, authdata, cleartext, ciphertext)
+#define test_siv_aes256(name, key, nonce, authdata, cleartext, ciphertext) \
+ test_cipher_siv(name, (nettle_set_key_func*)siv_cmac_aes256_set_key, \
+ (nettle_encrypt_message_func*)siv_cmac_aes256_encrypt_message, \
+ (nettle_decrypt_message_func*)siv_cmac_aes256_decrypt_message, \
+ sizeof(struct siv_cmac_aes256_ctx), SIV_CMAC_AES256_KEY_SIZE, \
+ key, nonce, authdata, cleartext, ciphertext)
void
test_main(void)
@@ -195,8 +195,7 @@ test_main(void)
/*
* Example with small nonce, no AD and no plaintext
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("fffefdfc fbfaf9f8 f7f6f5f4 f3f2f1f0"
"f0f1f2f3 f4f5f6f7 f8f9fafb fcfdfeff"),
SHEX("01"),
@@ -206,8 +205,7 @@ test_main(void)
/*
* Example with small nonce, no AD and plaintext
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("fffefdfc fbfaf9f8 f7f6f5f4 f3f2f1f0"
"f0f1f2f3 f4f5f6f7 f8f9fafb fcfdfeff"),
SHEX("02"),
@@ -219,8 +217,7 @@ test_main(void)
/*
* Example with length < 16
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("fffefdfc fbfaf9f8 f7f6f5f4 f3f2f1f0"
"f0f1f2f3 f4f5f6f7 f8f9fafb fcfdfeff"),
SHEX("02"),
@@ -233,8 +230,7 @@ test_main(void)
/*
* Example with length > 16
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("7f7e7d7c 7b7a7978 77767574 73727170"
"40414243 44454647 48494a4b 4c4d4e4f"),
SHEX("020304"),
@@ -252,8 +248,7 @@ test_main(void)
/*
* Example with single AAD, length > 16
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("7f7e7d7c 7b7a7978 77767574 73727170"
"40414243 44454647 48494a4b 4c4d4e4f"),
SHEX("09f91102 9d74e35b d84156c5 635688c0"),
@@ -271,8 +266,7 @@ test_main(void)
/*
* Example with single AAD, length < 16
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("7f7e7d7c 7b7a7978 77767574 73727170"
"40414243 44454647 48494a4b 4c4d4e4f"),
SHEX("09f91102 9d74e35b d84156c5 635688c0"),
@@ -285,8 +279,7 @@ test_main(void)
/* AES-SIV-CMAC-512 (AES-256) from dchest/siv repo
*/
- test_siv_aes256("AES_SIV_CMAC512", sizeof(struct siv_cmac_aes256_ctx),
- &nettle_aes256,
+ test_siv_aes256("SIV_CMAC_AES256",
SHEX("fffefdfc fbfaf9f8 f7f6f5f4 f3f2f1f0"
"6f6e6d6c 6b6a6968 67666564 63626160"
"f0f1f2f3 f4f5f6f7 f8f9fafb fcfdfeff"
@@ -301,8 +294,7 @@ test_main(void)
/* AES-SIV-CMAC-512 (AES-256)
*/
- test_siv_aes256("AES_SIV_CMAC512", sizeof(struct siv_cmac_aes256_ctx),
- &nettle_aes256,
+ test_siv_aes256("SIV_CMAC_AES256",
SHEX("c27df2fd aec35d4a 2a412a50 c3e8c47d"
"2d568e91 a38e5414 8abdc0b6 e86caf87"
"695c0a8a df4c5f8e b2c6c8b1 36529864"
@@ -317,8 +309,7 @@ test_main(void)
/*
* Example with length > 16
*/
- test_siv_aes256("AES_SIV_CMAC512", sizeof(struct siv_cmac_aes256_ctx),
- &nettle_aes256,
+ test_siv_aes256("SIV_CMAC_AES256",
SHEX("c27df2fd aec35d4a 2a412a50 c3e8c47d"
"2d568e91 a38e5414 8abdc0b6 e86caf87"
"695c0a8a df4c5f8e b2c6c8b1 36529864"
@@ -338,8 +329,7 @@ test_main(void)
/*
* Example with single AAD, length > 16
*/
- test_siv_aes256("AES_SIV_CMAC512", sizeof(struct siv_cmac_aes256_ctx),
- &nettle_aes256,
+ test_siv_aes256("SIV_CMAC_AES256",
SHEX("c27df2fd aec35d4a 2a412a50 c3e8c47d"
"2d568e91 a38e5414 8abdc0b6 e86caf87"
"695c0a8a df4c5f8e b2c6c8b1 36529864"
@@ -362,8 +352,7 @@ test_main(void)
* Example from miscreant.js with no AD
* https://github.com/miscreant/miscreant.js/blob/master/vectors/aes_siv_aead.tjson
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("fffefdfc fbfaf9f8 f7f6f5f4 f3f2f1f0"
"f0f1f2f3 f4f5f6f7 f8f9fafb fcfdfeff"),
SHEX("10111213 1415161718191a1b1 c1d1e1f2"
@@ -376,8 +365,7 @@ test_main(void)
/*
* Example from miscreant.js with AD
*/
- test_siv_aes128("AES_SIV_CMAC256", sizeof(struct siv_cmac_aes128_ctx),
- &nettle_aes128,
+ test_siv_aes128("SIV_CMAC_AES128",
SHEX("7f7e7d7c 7b7a7978 77767574 73727170"
"40414243 44454647 48494a4b 4c4d4e4f"),
SHEX("09f91102 9d74e35b d84156c5 635688c0"),
--
GitLab