then
EXTRA_OBJECTS="$EXTRA_OBJECTS siv_gnutls.o"
add_def HAVE_SIV
+ if [ $try_aes_gcm_siv = "1" ] && test_code 'AES-GCM-SIV in gnutls' \
+ 'gnutls/crypto.h' "$test_cflags" "$test_link $LIBS" '
+ return gnutls_aead_cipher_init((void *)1, GNUTLS_CIPHER_AES_128_SIV_GCM,
+ (void *)2);'
+ then
+ add_def HAVE_GNUTLS_SIV_GCM
+ fi
if test_code 'gnutls_aead_cipher_set_key()' 'gnutls/crypto.h' \
"$test_cflags" "$test_link $LIBS" '
return gnutls_aead_cipher_set_key((void *)1, (void *)2);'
struct SIV_Instance_Record {
gnutls_cipher_algorithm_t algorithm;
gnutls_aead_cipher_hd_t cipher;
+ int min_nonce_length;
+ int max_nonce_length;
};
/* ================================================== */
switch (algorithm) {
case AEAD_AES_SIV_CMAC_256:
return GNUTLS_CIPHER_AES_128_SIV;
+#if HAVE_GNUTLS_SIV_GCM
+ case AEAD_AES_128_GCM_SIV:
+ return GNUTLS_CIPHER_AES_128_SIV_GCM;
+#endif
default:
return 0;
}
instance->algorithm = calgo;
instance->cipher = NULL;
+ switch (algorithm) {
+ case AEAD_AES_SIV_CMAC_256:
+ instance->min_nonce_length = 1;
+ instance->max_nonce_length = INT_MAX;
+ break;
+ case AEAD_AES_128_GCM_SIV:
+ instance->min_nonce_length = 12;
+ instance->max_nonce_length = 12;
+ break;
+ default:
+ assert(0);
+ }
+
instance_counter++;
return instance;
return 0;
len = gnutls_cipher_get_key_size(calgo);
+ if (len == 0)
+ return 0;
if (len < 1 || len > SIV_MAX_KEY_LENGTH)
LOG_FATAL("Invalid key length");
int
SIV_GetMinNonceLength(SIV_Instance instance)
{
- return 1;
+ return instance->min_nonce_length;
}
/* ================================================== */
int
SIV_GetMaxNonceLength(SIV_Instance instance)
{
- return INT_MAX;
+ return instance->max_nonce_length;
}
/* ================================================== */
if (!instance->cipher)
return 0;
- if (nonce_length < 1 || assoc_length < 0 ||
+ if (nonce_length < instance->min_nonce_length ||
+ nonce_length > instance->max_nonce_length || assoc_length < 0 ||
plaintext_length < 0 || ciphertext_length < 0)
return 0;
if (!instance->cipher)
return 0;
- if (nonce_length < 1 || assoc_length < 0 ||
+ if (nonce_length < instance->min_nonce_length ||
+ nonce_length > instance->max_nonce_length || assoc_length < 0 ||
plaintext_length < 0 || ciphertext_length < 0)
return 0;