Support for gcm-camellia128.

5c1a14a4 · Niels Möller · c6ce389e · 5c1a14a4 · 5c1a14a4 · 5c1a14a4
Commit 5c1a14a4 authored Feb 16, 2014 by Niels Möller
--- a/ChangeLog
+++ b/ChangeLog
+2014-02-16  Niels Möller  <nisse@lysator.liu.se>
+
+	* gcm.h: Include camellia.h. Declarations for gcm-camellia128.
+	* gcm-camellia128.c: New file.
+	* gcm-camellia128-meta.c: New file.
+	* nettle-meta.h (nettle_gcm_camellia128): Declare.
+	* Makefile.in (nettle_SOURCES): Added gcm-camellia128.c and
+	gcm-camellia128-meta.c.
+	* testsuite/gcm-test.c (test_main): Test cases for
+	nettle_gcm_camellia128. From Nikos Mavrogiannopoulos.
+
 2014-02-13  Niels Möller  <nisse@lysator.liu.se>

 	* Makefile.in (nettle_SOURCES): Added eax-aes128.c

--- a/Makefile.in
+++ b/Makefile.in
@@ -97,6 +97,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
 		 gcm-aes128.c gcm-aes128-meta.c \
 		 gcm-aes192.c gcm-aes192-meta.c \
 		 gcm-aes256.c gcm-aes256-meta.c \
+		 gcm-camellia128.c gcm-camellia128-meta.c \
 		 gosthash94.c gosthash94-meta.c \
 		 hmac.c hmac-md5.c hmac-ripemd160.c hmac-sha1.c \
 		 hmac-sha224.c hmac-sha256.c hmac-sha384.c hmac-sha512.c \

--- a/gcm-camellia128-meta.c
+++ b/gcm-camellia128-meta.c
+/* gcm-camellia128-meta.c */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2014 Niels Möller
+ *  
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+
+#include "nettle-meta.h"
+
+#include "gcm.h"
+
+static nettle_set_key_func gcm_camellia128_set_nonce_wrapper;
+static void
+gcm_camellia128_set_nonce_wrapper (void *ctx, const uint8_t *nonce)
+{
+  gcm_camellia128_set_iv (ctx, GCM_IV_SIZE, nonce);
+}
+
+const struct nettle_aead nettle_gcm_camellia128 =
+  { "gcm_camellia128", sizeof(struct gcm_camellia128_ctx),
+    GCM_BLOCK_SIZE, CAMELLIA128_KEY_SIZE,
+    GCM_IV_SIZE, GCM_DIGEST_SIZE,
+    (nettle_set_key_func *) gcm_camellia128_set_key,
+    (nettle_set_key_func *) gcm_camellia128_set_key,
+    gcm_camellia128_set_nonce_wrapper,
+    (nettle_hash_update_func *) gcm_camellia128_update,
+    (nettle_crypt_func *) gcm_camellia128_encrypt,
+    (nettle_crypt_func *) gcm_camellia128_decrypt,
+    (nettle_hash_digest_func *) gcm_camellia128_digest,
+  };
--- a/gcm-camellia128.c
+++ b/gcm-camellia128.c
+/* gcm-camellia128.c
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2011, 2014 Niels Möller
+ *
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+
+#include "gcm.h"
+
+void
+gcm_camellia128_set_key(struct gcm_camellia128_ctx *ctx, const uint8_t *key)
+{
+  GCM_SET_KEY(ctx, camellia128_set_encrypt_key, camellia128_crypt, key);
+}
+
+void
+gcm_camellia128_set_iv (struct gcm_camellia128_ctx *ctx,
+			size_t length, const uint8_t *iv)
+{
+  GCM_SET_IV (ctx, length, iv);
+}
+
+void
+gcm_camellia128_update (struct gcm_camellia128_ctx *ctx,
+			size_t length, const uint8_t *data)
+{
+  GCM_UPDATE (ctx, length, data);
+}
+
+void
+gcm_camellia128_encrypt(struct gcm_camellia128_ctx *ctx,
+			size_t length, uint8_t *dst, const uint8_t *src)
+{
+  GCM_ENCRYPT(ctx, camellia128_crypt, length, dst, src);
+}
+
+void
+gcm_camellia128_decrypt(struct gcm_camellia128_ctx *ctx,
+			size_t length, uint8_t *dst, const uint8_t *src)
+{
+  GCM_DECRYPT(ctx, camellia128_crypt, length, dst, src);
+}
+
+void
+gcm_camellia128_digest(struct gcm_camellia128_ctx *ctx,
+		       size_t length, uint8_t *digest)
+{
+  GCM_DIGEST(ctx, camellia128_crypt, length, digest);
+}
--- a/gcm.h
+++ b/gcm.h
@@ -32,6 +32,7 @@
 #define NETTLE_GCM_H_INCLUDED

 #include "aes.h"
+#include "camellia.h"

 #ifdef __cplusplus
 extern "C" {
@@ -73,6 +74,13 @@ extern "C" {
 #define gcm_aes_decrypt nettle_gcm_aes_decrypt
 #define gcm_aes_digest nettle_gcm_aes_digest

+#define gcm_camellia128_set_key nettle_gcm_camellia128_set_key
+#define gcm_camellia128_set_iv nettle_gcm_camellia128_set_iv
+#define gcm_camellia128_update nettle_gcm_camellia128_update
+#define gcm_camellia128_encrypt nettle_gcm_camellia128_encrypt
+#define gcm_camellia128_decrypt nettle_gcm_camellia128_decrypt
+#define gcm_camellia128_digest nettle_gcm_camellia128_digest
+
 #define GCM_BLOCK_SIZE 16
 #define GCM_IV_SIZE (GCM_BLOCK_SIZE - 4)
 #define GCM_DIGEST_SIZE 16
@@ -264,6 +272,23 @@ gcm_aes_decrypt(struct gcm_aes_ctx *ctx,
 void
 gcm_aes_digest(struct gcm_aes_ctx *ctx, size_t length, uint8_t *digest);

+
+struct gcm_camellia128_ctx GCM_CTX(struct camellia128_ctx);
+
+void gcm_camellia128_set_key(struct gcm_camellia128_ctx *ctx,
+			     const uint8_t *key);
+void gcm_camellia128_set_iv(struct gcm_camellia128_ctx *ctx,
+			    size_t length, const uint8_t *iv);
+void gcm_camellia128_update(struct gcm_camellia128_ctx *ctx,
+			    size_t length, const uint8_t *data);
+void gcm_camellia128_encrypt(struct gcm_camellia128_ctx *ctx,
+			     size_t length, uint8_t *dst, const uint8_t *src);
+void gcm_camellia128_decrypt(struct gcm_camellia128_ctx *ctx,
+			     size_t length, uint8_t *dst, const uint8_t *src);
+void gcm_camellia128_digest(struct gcm_camellia128_ctx *ctx,
+			    size_t length, uint8_t *digest);
+
+  
 #ifdef __cplusplus
 }
 #endif

--- a/nettle-meta.h
+++ b/nettle-meta.h
@@ -150,8 +150,9 @@ struct nettle_aead
 extern const struct nettle_aead nettle_gcm_aes128;
 extern const struct nettle_aead nettle_gcm_aes192;
 extern const struct nettle_aead nettle_gcm_aes256;
-extern const struct nettle_aead nettle_chacha_poly1305;
+extern const struct nettle_aead nettle_gcm_camellia128;
 extern const struct nettle_aead nettle_eax_aes128;
+extern const struct nettle_aead nettle_chacha_poly1305;

 struct nettle_armor
 {

--- a/testsuite/gcm-test.c
+++ b/testsuite/gcm-test.c
@@ -351,6 +351,71 @@ test_main(void)
 		 "16aedbf5a0de6a57a637b39b"),
 	    SHEX("a44a8266ee1c8eb0c8b5d4cf5ae9f19a"));

+
+
+  /* 
+   * GCM-Camellia Test Vectors obtained from the authors
+   */
+
+  /* Test case 1 */
+  test_aead(&nettle_gcm_camellia128,
+	    (nettle_hash_update_func *) gcm_camellia128_set_iv,
+	    SHEX("00000000000000000000000000000000"),	/* key */
+	    SHEX(""),					/* auth data */ 
+	    SHEX(""),					/* plaintext */
+	    SHEX(""),					/* ciphertext*/
+	    SHEX("000000000000000000000000"),		/* IV */
+	    SHEX("f5574acc3148dfcb9015200631024df9"));	/* tag */
+
+  /* Test case 3 */
+  test_aead(&nettle_gcm_camellia128,
+	    (nettle_hash_update_func *) gcm_camellia128_set_iv,
+	    SHEX("feffe9928665731c6d6a8f9467308308"),	/* key */
+	    SHEX(""),					/* auth data */ 
+	    SHEX("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a72"
+	         "1c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255"),					/* plaintext */
+	    SHEX("d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6"
+	         "cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815"),					/* ciphertext*/
+	    SHEX("cafebabefacedbaddecaf888"),		/* IV */
+	    SHEX("86e318012dd8329dc9dae6a170f61b24"));	/* tag */
+
+  /* Test case 4 */
+  test_aead(&nettle_gcm_camellia128,
+	    (nettle_hash_update_func *) gcm_camellia128_set_iv,
+	    SHEX("feffe9928665731c6d6a8f9467308308"),	/* key */
+	    SHEX("feedfacedeadbeeffeedfacedeadbeefabaddad2"),					/* auth data */ 
+	    SHEX("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a72"
+	         "1c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"),					/* plaintext */
+	    SHEX("d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6"
+	         "cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606"),					/* ciphertext*/
+	    SHEX("cafebabefacedbaddecaf888"),		/* IV */
+	    SHEX("9f458869431576ea6a095456ec6b8101"));	/* tag */
+
+  /* Test case 5 */
+  test_aead(&nettle_gcm_camellia128,
+	    (nettle_hash_update_func *) gcm_camellia128_set_iv,
+	    SHEX("feffe9928665731c6d6a8f9467308308"),	/* key */
+	    SHEX("feedfacedeadbeeffeedfacedeadbeefabaddad2"),					/* auth data */ 
+	    SHEX("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a72"
+	         "1c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"),					/* plaintext */
+	    SHEX("28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a"
+	         "52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd"),					/* ciphertext*/
+	    SHEX("cafebabefacedbad"),		/* IV */
+	    SHEX("e86f8f2e730c49d536f00fb5225d28b1"));	/* tag */
+
+  /* Test case 6 */
+  test_aead(&nettle_gcm_camellia128,
+	    (nettle_hash_update_func *) gcm_camellia128_set_iv,
+	    SHEX("feffe9928665731c6d6a8f9467308308"),	/* key */
+	    SHEX("feedfacedeadbeeffeedfacedeadbeefabaddad2"),					/* auth data */ 
+	    SHEX("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a72"
+	         "1c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"),					/* plaintext */
+	    SHEX("2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e"
+	         "402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647"),					/* ciphertext*/
+	    SHEX("9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728"
+	         "c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b"),		/* IV */
+	    SHEX("ceae5569b2af8641572622731aed3e53"));	/* tag */
+
  /* Test gcm_hash, with varying message size, keys and iv all zero.
     Not compared to any other implementation. */
  test_gcm_hash (SDATA("a"),