From: Niels Möller Date: Wed, 12 Feb 2014 20:34:01 +0000 (+0100) Subject: Generalized nettle_aead abstraction, and moved to nettle-meta.h. X-Git-Tag: nettle_3.0_release_20140607~130 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=130683715e3e06a91f83ed088cd921b8a54c1e52;p=thirdparty%2Fnettle.git Generalized nettle_aead abstraction, and moved to nettle-meta.h. --- diff --git a/ChangeLog b/ChangeLog index 82f49a2a..22a26b2e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,30 @@ 2014-02-12 Niels Möller + * nettle-meta.h (struct nettle_aead): New generalized version + if this struct. + (nettle_gcm_aes128, nettle_gcm_aes192, nettle_gcm_aes256) + (nettle_eax_aes128): Declare, moved from nettle-internal.h. + * nettle-internal.h (struct nettle_aead): Deleted struct, moved to + nettle-meta.h. Deleted declarations of unused instances. + (_NETTLE_AEAD): Deleted macro. + * nettle-internal.c (nettle_eax_aes128): Updated for new + nettle_aead struct. + (nettle_gcm_aes128, nettle_gcm_aes192, nettle_gcm_aes256): + Deleted, moved to new files. + * gcm-aes128-meta.c (nettle_gcm_aes128): Moved to new file, + updated for new nettle_aead struct. + * gcm-aes192-meta.c (nettle_gcm_aes192): Likewise. + * gcm-aes256-meta.c (nettle_gcm_aes256): Likewise. + * testsuite/testutils.c (test_aead): Take alternative set_nonce + function as argument, and use it when nonce size differs from + aead->nonce_length. + * testsuite/testutils.h (test_aead): Updated prototype. + * testsuite/gcm-test.c (nettle_gcm_unified_aes128): Updated for + new nettle_aead struct. + (test_main): Pass additional argument to test_aead. + * testsuite/eax-test.c (test_main): Pass additional NULL argument + to test_aead. + * eax.h (EAX_DIGEST_SIZE): New constant. * gcm.h (GCM_DIGEST_SIZE): Likewise. diff --git a/Makefile.in b/Makefile.in index 5782a38f..f5319c1b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -90,9 +90,11 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \ chacha-crypt.c chacha-core-internal.c \ chacha-set-key.c chacha-set-nonce.c \ chacha128-set-key.c chacha256-set-key.c \ - ctr.c gcm.c \ - des.c des3.c des-compat.c eax.c \ - gcm-aes.c gcm-aes128.c gcm-aes192.c gcm-aes256.c \ + ctr.c des.c des3.c des-compat.c eax.c \ + gcm.c gcm-aes.c \ + gcm-aes128.c gcm-aes128-meta.c \ + gcm-aes192.c gcm-aes192-meta.c \ + gcm-aes256.c gcm-aes256-meta.c \ gosthash94.c gosthash94-meta.c \ hmac.c hmac-md5.c hmac-ripemd160.c hmac-sha1.c \ hmac-sha224.c hmac-sha256.c hmac-sha384.c hmac-sha512.c \ diff --git a/gcm-aes128-meta.c b/gcm-aes128-meta.c new file mode 100644 index 00000000..d6d75764 --- /dev/null +++ b/gcm-aes128-meta.c @@ -0,0 +1,51 @@ +/* gcm-aes128-meta.c */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2014 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02111-1301, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include + +#include "nettle-meta.h" + +#include "gcm.h" + +static nettle_set_key_func gcm_aes128_set_nonce_wrapper; +static void +gcm_aes128_set_nonce_wrapper (void *ctx, const uint8_t *nonce) +{ + gcm_aes128_set_iv (ctx, GCM_IV_SIZE, nonce); +} + +const struct nettle_aead nettle_gcm_aes128 = + { "gcm_aes128", sizeof(struct gcm_aes128_ctx), + GCM_BLOCK_SIZE, AES128_KEY_SIZE, + GCM_IV_SIZE, GCM_DIGEST_SIZE, + (nettle_set_key_func *) gcm_aes128_set_key, + (nettle_set_key_func *) gcm_aes128_set_key, + gcm_aes128_set_nonce_wrapper, + (nettle_hash_update_func *) gcm_aes128_update, + (nettle_crypt_func *) gcm_aes128_encrypt, + (nettle_crypt_func *) gcm_aes128_decrypt, + (nettle_hash_digest_func *) gcm_aes128_digest, + }; diff --git a/gcm-aes192-meta.c b/gcm-aes192-meta.c new file mode 100644 index 00000000..78cc4515 --- /dev/null +++ b/gcm-aes192-meta.c @@ -0,0 +1,51 @@ +/* gcm-aes192-meta.c */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2014 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02111-1301, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include + +#include "nettle-meta.h" + +#include "gcm.h" + +static nettle_set_key_func gcm_aes192_set_nonce_wrapper; +static void +gcm_aes192_set_nonce_wrapper (void *ctx, const uint8_t *nonce) +{ + gcm_aes192_set_iv (ctx, GCM_IV_SIZE, nonce); +} + +const struct nettle_aead nettle_gcm_aes192 = + { "gcm_aes192", sizeof(struct gcm_aes192_ctx), + GCM_BLOCK_SIZE, AES192_KEY_SIZE, + GCM_IV_SIZE, GCM_DIGEST_SIZE, + (nettle_set_key_func *) gcm_aes192_set_key, + (nettle_set_key_func *) gcm_aes192_set_key, + gcm_aes192_set_nonce_wrapper, + (nettle_hash_update_func *) gcm_aes192_update, + (nettle_crypt_func *) gcm_aes192_encrypt, + (nettle_crypt_func *) gcm_aes192_decrypt, + (nettle_hash_digest_func *) gcm_aes192_digest, + }; diff --git a/gcm-aes256-meta.c b/gcm-aes256-meta.c new file mode 100644 index 00000000..744b68bb --- /dev/null +++ b/gcm-aes256-meta.c @@ -0,0 +1,51 @@ +/* gcm-aes256-meta.c */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2014 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02111-1301, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include + +#include "nettle-meta.h" + +#include "gcm.h" + +static nettle_set_key_func gcm_aes256_set_nonce_wrapper; +static void +gcm_aes256_set_nonce_wrapper (void *ctx, const uint8_t *nonce) +{ + gcm_aes256_set_iv (ctx, GCM_IV_SIZE, nonce); +} + +const struct nettle_aead nettle_gcm_aes256 = + { "gcm_aes256", sizeof(struct gcm_aes256_ctx), + GCM_BLOCK_SIZE, AES256_KEY_SIZE, + GCM_IV_SIZE, GCM_DIGEST_SIZE, + (nettle_set_key_func *) gcm_aes256_set_key, + (nettle_set_key_func *) gcm_aes256_set_key, + gcm_aes256_set_nonce_wrapper, + (nettle_hash_update_func *) gcm_aes256_update, + (nettle_crypt_func *) gcm_aes256_encrypt, + (nettle_crypt_func *) gcm_aes256_decrypt, + (nettle_hash_digest_func *) gcm_aes256_digest, + }; diff --git a/nettle-internal.c b/nettle-internal.c index 92156982..3970685b 100644 --- a/nettle-internal.c +++ b/nettle-internal.c @@ -120,16 +120,6 @@ nettle_salsa20r12 = { (nettle_crypt_func *) salsa20r12_crypt }; -#define gcm_aes128_set_nonce gcm_aes128_set_iv -#define gcm_aes192_set_nonce gcm_aes192_set_iv -#define gcm_aes256_set_nonce gcm_aes256_set_iv -const struct nettle_aead -nettle_gcm_aes128 = _NETTLE_AEAD(gcm, GCM, aes128, 128); -const struct nettle_aead -nettle_gcm_aes192 = _NETTLE_AEAD(gcm, GCM, aes192, 192); -const struct nettle_aead -nettle_gcm_aes256 = _NETTLE_AEAD(gcm, GCM, aes256, 256); - /* eax-aes128 */ void @@ -174,5 +164,26 @@ eax_aes128_digest(struct eax_aes128_ctx *ctx, EAX_DIGEST(ctx, aes128_encrypt, length, digest); } +/* FIXME: Reasonable default? */ +#define EAX_IV_SIZE 16 + +static nettle_set_key_func eax_aes128_set_nonce_wrapper; +static void +eax_aes128_set_nonce_wrapper (void *ctx, const uint8_t *nonce) +{ + eax_aes128_set_nonce (ctx, EAX_IV_SIZE, nonce); +} + const struct nettle_aead -nettle_eax_aes128 = _NETTLE_AEAD(eax, EAX, aes128, 128); +nettle_eax_aes128 = + { "eax_aes128", sizeof(struct eax_aes128_ctx), + EAX_BLOCK_SIZE, AES128_KEY_SIZE, + EAX_IV_SIZE, EAX_DIGEST_SIZE, + (nettle_set_key_func *) eax_aes128_set_key, + (nettle_set_key_func *) eax_aes128_set_key, + eax_aes128_set_nonce_wrapper, + (nettle_hash_update_func *) eax_aes128_update, + (nettle_crypt_func *) eax_aes128_encrypt, + (nettle_crypt_func *) eax_aes128_decrypt, + (nettle_hash_digest_func *) eax_aes128_digest + }; diff --git a/nettle-internal.h b/nettle-internal.h index f82c1bac..22d2b9e1 100644 --- a/nettle-internal.h +++ b/nettle-internal.h @@ -82,55 +82,6 @@ extern const struct nettle_cipher nettle_openssl_cast128; extern const struct nettle_hash nettle_openssl_md5; extern const struct nettle_hash nettle_openssl_sha1; -/* Tentative interface for "authenticated encryption with associated - data" algorithms. Should be moved to nettle-meta.h when stable. */ -struct nettle_aead -{ - const char *name; - - size_t context_size; - /* Block size of the input, and the size of the output digest */ - size_t block_size; - - /* Suggested key size; other sizes are sometimes possible. */ - size_t key_size; - - nettle_set_key_func *set_key; - nettle_hash_update_func *set_iv; - nettle_hash_update_func *update; - nettle_crypt_func *encrypt; - nettle_crypt_func *decrypt; - nettle_hash_digest_func *digest; -}; - -#define _NETTLE_AEAD(type, TYPE, name, key_size) { \ - #type "-" #name, \ - sizeof(struct type##_##name##_ctx), \ - TYPE##_BLOCK_SIZE, \ - key_size / 8, \ - (nettle_set_key_func *) type##_##name##_set_key, \ - (nettle_hash_update_func *) type##_##name##_set_nonce,\ - (nettle_hash_update_func *) type##_##name##_update, \ - (nettle_crypt_func *) type##_##name##_encrypt, \ - (nettle_crypt_func *) type##_##name##_decrypt, \ - (nettle_hash_digest_func *) type##_##name##_digest, \ -} - -extern const struct nettle_aead nettle_gcm_aes128; -extern const struct nettle_aead nettle_gcm_aes192; -extern const struct nettle_aead nettle_gcm_aes256; - -extern const struct nettle_aead nettle_gcm_camellia128; -extern const struct nettle_aead nettle_gcm_camellia192; -extern const struct nettle_aead nettle_gcm_camellia256; - -extern const struct nettle_aead nettle_gcm_serpent128; -extern const struct nettle_aead nettle_gcm_serpent192; -extern const struct nettle_aead nettle_gcm_serpent256; - -extern const struct nettle_aead nettle_gcm_twofish128; -extern const struct nettle_aead nettle_gcm_twofish192; -extern const struct nettle_aead nettle_gcm_twofish256; /* Tentative interface. */ struct eax_aes128_ctx EAX_CTX(struct aes128_ctx); diff --git a/nettle-meta.h b/nettle-meta.h index c4c79159..67e75172 100644 --- a/nettle-meta.h +++ b/nettle-meta.h @@ -126,6 +126,31 @@ extern const struct nettle_hash nettle_sha3_256; extern const struct nettle_hash nettle_sha3_384; extern const struct nettle_hash nettle_sha3_512; +struct nettle_aead +{ + const char *name; + + unsigned context_size; + /* Block size for encrypt and decrypt. */ + unsigned block_size; + unsigned key_size; + unsigned nonce_size; + unsigned digest_size; + + nettle_set_key_func *set_encrypt_key; + nettle_set_key_func *set_decrypt_key; + nettle_set_key_func *set_nonce; + nettle_hash_update_func *update; + nettle_crypt_func *encrypt; + nettle_crypt_func *decrypt; + /* FIXME: Drop length argument? */ + nettle_hash_digest_func *digest; +}; + +extern const struct nettle_aead nettle_gcm_aes128; +extern const struct nettle_aead nettle_gcm_aes192; +extern const struct nettle_aead nettle_gcm_aes256; + struct nettle_armor { const char *name; diff --git a/testsuite/eax-test.c b/testsuite/eax-test.c index 72e588ea..f516df6d 100644 --- a/testsuite/eax-test.c +++ b/testsuite/eax-test.c @@ -6,7 +6,7 @@ test_main(void) { /* From the EAX specification, http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf */ - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("233952DEE4D5ED5F9B9C6D6FF80FF478"), /* key */ SHEX("6BFB914FD07EAE6B"), /* auth data */ SHEX(""), /* plaintext */ @@ -14,7 +14,7 @@ test_main(void) SHEX("62EC67F9C3A4A407FCB2A8C49031A8B3"), /* nonce */ SHEX("E037830E8389F27B025A2D6527E79D01")); /* tag */ - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("91945D3F4DCBEE0BF45EF52255F095A4"), SHEX("FA3BFD4806EB53FA"), SHEX("F7FB"), @@ -22,7 +22,7 @@ test_main(void) SHEX("BECAF043B0A23D843194BA972C66DEBD"), SHEX("5C4C9331049D0BDAB0277408F67967E5")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("01F74AD64077F2E704C0F60ADA3DD523"), SHEX("234A3463C1264AC6"), SHEX("1A47CB4933"), @@ -30,7 +30,7 @@ test_main(void) SHEX("70C3DB4F0D26368400A10ED05D2BFF5E"), SHEX("3A59F238A23E39199DC9266626C40F80")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("D07CF6CBB7F313BDDE66B727AFD3C5E8"), SHEX("33CCE2EABFF5A79D"), SHEX("481C9E39B1"), @@ -38,7 +38,7 @@ test_main(void) SHEX("8408DFFF3C1A2B1292DC199E46B7D617"), SHEX("D4C168A4225D8E1FF755939974A7BEDE")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("35B6D0580005BBC12B0587124557D2C2"), SHEX("AEB96EAEBE2970E9"), SHEX("40D0C07DA5E4"), @@ -46,7 +46,7 @@ test_main(void) SHEX("FDB6B06676EEDC5C61D74276E1F8E816"), SHEX("CB0677E536F73AFE6A14B74EE49844DD")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("BD8E6E11475E60B268784C38C62FEB22"), SHEX("D4482D1CA78DCE0F"), SHEX("4DE3B35C3FC039245BD1FB7D"), @@ -54,7 +54,7 @@ test_main(void) SHEX("6EAC5C93072D8E8513F750935E46DA1B"), SHEX("ABB8644FD6CCB86947C5E10590210A4F")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("7C77D6E813BED5AC98BAA417477A2E7D"), SHEX("65D2017990D62528"), SHEX("8B0A79306C9CE7ED99DAE4F87F8DD61636"), @@ -62,7 +62,7 @@ test_main(void) SHEX("1A8C98DCD73D38393B2BF1569DEEFC19"), SHEX("137327D10649B0AA6E1C181DB617D7F2")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("5FFF20CAFAB119CA2FC73549E20F5B0D"), SHEX("54B9F04E6A09189A"), SHEX("1BDA122BCE8A8DBAF1877D962B8592DD2D56"), @@ -70,7 +70,7 @@ test_main(void) SHEX("DDE59B97D722156D4D9AFF2BC7559826"), SHEX("3B60450599BD02C96382902AEF7F832A")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("A4A4782BCFFD3EC5E7EF6D8C34A56123"), SHEX("899A175897561D7E"), SHEX("6CF36720872B8513F6EAB1A8A44438D5EF11"), @@ -78,7 +78,7 @@ test_main(void) SHEX("B781FCF2F75FA5A8DE97A9CA48E522EC"), SHEX("E7F6D2231618102FDB7FE55FF1991700")); - test_aead(&nettle_eax_aes128, + test_aead(&nettle_eax_aes128, NULL, SHEX("8395FCF1E95BEBD697BD010BC766AAC3"), SHEX("126735FCC320D25A"), SHEX("CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7"), diff --git a/testsuite/gcm-test.c b/testsuite/gcm-test.c index 4c37516a..3ff2b3de 100644 --- a/testsuite/gcm-test.c +++ b/testsuite/gcm-test.c @@ -25,19 +25,27 @@ test_gcm_hash (const struct tstring *msg, const struct tstring *ref) } } +static nettle_set_key_func gcm_unified_aes128_set_key; +static nettle_set_key_func gcm_unified_aes128_set_iv; static void -gcm_unified_aes128_set_key (void *ctx, uint8_t *key) +gcm_unified_aes128_set_key (void *ctx, const uint8_t *key) { gcm_aes_set_key (ctx, AES128_KEY_SIZE, key); } +static void +gcm_unified_aes128_set_iv (void *ctx, const uint8_t *iv) +{ + gcm_aes_set_iv (ctx, GCM_IV_SIZE, iv); +} static const struct nettle_aead nettle_gcm_unified_aes128 = { "gcm-aes128", sizeof (struct gcm_aes_ctx), - GCM_BLOCK_SIZE, - AES128_KEY_SIZE, + GCM_BLOCK_SIZE, AES128_KEY_SIZE, + GCM_IV_SIZE, GCM_DIGEST_SIZE, + (nettle_set_key_func *) gcm_unified_aes128_set_key, (nettle_set_key_func *) gcm_unified_aes128_set_key, - (nettle_hash_update_func *) gcm_aes_set_iv, + (nettle_set_key_func *) gcm_unified_aes128_set_iv, (nettle_hash_update_func *) gcm_aes_update, (nettle_crypt_func *) gcm_aes_encrypt, (nettle_crypt_func *) gcm_aes_decrypt, @@ -54,7 +62,7 @@ test_main(void) */ /* Test case 1 */ - test_aead(&nettle_gcm_aes128, + test_aead(&nettle_gcm_aes128, NULL, SHEX("00000000000000000000000000000000"), /* key */ SHEX(""), /* auth data */ SHEX(""), /* plaintext */ @@ -63,7 +71,7 @@ test_main(void) SHEX("58e2fccefa7e3061367f1d57a4e7455a")); /* tag */ /* Test case 2 */ - test_aead(&nettle_gcm_aes128, + test_aead(&nettle_gcm_aes128, NULL, SHEX("00000000000000000000000000000000"), SHEX(""), SHEX("00000000000000000000000000000000"), @@ -72,7 +80,7 @@ test_main(void) SHEX("ab6e47d42cec13bdf53a67b21257bddf")); /* Test case 3 */ - test_aead(&nettle_gcm_aes128, + test_aead(&nettle_gcm_aes128, NULL, SHEX("feffe9928665731c6d6a8f9467308308"), SHEX(""), SHEX("d9313225f88406e5a55909c5aff5269a" @@ -87,7 +95,7 @@ test_main(void) SHEX("4d5c2af327cd64a62cf35abd2ba6fab4")); /* Test case 4 */ - test_aead(&nettle_gcm_aes128, + test_aead(&nettle_gcm_aes128, NULL, SHEX("feffe9928665731c6d6a8f9467308308"), SHEX("feedfacedeadbeeffeedfacedeadbeef" "abaddad2"), @@ -104,6 +112,7 @@ test_main(void) /* Test case 5 */ test_aead(&nettle_gcm_aes128, + (nettle_hash_update_func *) gcm_aes128_set_iv, SHEX("feffe9928665731c6d6a8f9467308308"), SHEX("feedfacedeadbeeffeedfacedeadbeef" "abaddad2"), @@ -120,6 +129,7 @@ test_main(void) /* Test case 6 */ test_aead(&nettle_gcm_aes128, + (nettle_hash_update_func *) gcm_aes128_set_iv, SHEX("feffe9928665731c6d6a8f9467308308"), SHEX("feedfacedeadbeeffeedfacedeadbeef" "abaddad2"), @@ -139,6 +149,7 @@ test_main(void) /* Same test, but with old gcm_aes interface */ test_aead(&nettle_gcm_unified_aes128, + (nettle_hash_update_func *) gcm_aes_set_iv, SHEX("feffe9928665731c6d6a8f9467308308"), SHEX("feedfacedeadbeeffeedfacedeadbeef" "abaddad2"), @@ -157,7 +168,7 @@ test_main(void) SHEX("619cc5aefffe0bfa462af43c1699d050")); /* Test case 7 */ - test_aead(&nettle_gcm_aes192, + test_aead(&nettle_gcm_aes192, NULL, SHEX("00000000000000000000000000000000" "0000000000000000"), SHEX(""), @@ -167,7 +178,7 @@ test_main(void) SHEX("cd33b28ac773f74ba00ed1f312572435")); /* Test case 8 */ - test_aead(&nettle_gcm_aes192, + test_aead(&nettle_gcm_aes192, NULL, SHEX("00000000000000000000000000000000" "0000000000000000"), SHEX(""), @@ -177,7 +188,7 @@ test_main(void) SHEX("2ff58d80033927ab8ef4d4587514f0fb")); /* Test case 9 */ - test_aead(&nettle_gcm_aes192, + test_aead(&nettle_gcm_aes192, NULL, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c"), SHEX(""), @@ -193,7 +204,7 @@ test_main(void) SHEX("9924a7c8587336bfb118024db8674a14")); /* Test case 10 */ - test_aead(&nettle_gcm_aes192, + test_aead(&nettle_gcm_aes192, NULL, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c"), SHEX("feedfacedeadbeeffeedfacedeadbeef" @@ -211,6 +222,7 @@ test_main(void) /* Test case 11 */ test_aead(&nettle_gcm_aes192, + (nettle_hash_update_func *) gcm_aes192_set_iv, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c"), SHEX("feedfacedeadbeeffeedfacedeadbeef" @@ -228,6 +240,7 @@ test_main(void) /* Test case 12 */ test_aead(&nettle_gcm_aes192, + (nettle_hash_update_func *) gcm_aes192_set_iv, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c"), SHEX("feedfacedeadbeeffeedfacedeadbeef" @@ -247,7 +260,7 @@ test_main(void) SHEX("dcf566ff291c25bbb8568fc3d376a6d9")); /* Test case 13 */ - test_aead(&nettle_gcm_aes256, + test_aead(&nettle_gcm_aes256, NULL, SHEX("00000000000000000000000000000000" "00000000000000000000000000000000"), SHEX(""), @@ -257,7 +270,7 @@ test_main(void) SHEX("530f8afbc74536b9a963b4f1c4cb738b")); /* Test case 14 */ - test_aead(&nettle_gcm_aes256, + test_aead(&nettle_gcm_aes256, NULL, SHEX("00000000000000000000000000000000" "00000000000000000000000000000000"), SHEX(""), @@ -267,7 +280,7 @@ test_main(void) SHEX("d0d1c8a799996bf0265b98b5d48ab919")); /* Test case 15 */ - test_aead(&nettle_gcm_aes256, + test_aead(&nettle_gcm_aes256, NULL, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c6d6a8f9467308308"), SHEX(""), @@ -283,7 +296,7 @@ test_main(void) SHEX("b094dac5d93471bdec1a502270e3cc6c")); /* Test case 16 */ - test_aead(&nettle_gcm_aes256, + test_aead(&nettle_gcm_aes256, NULL, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c6d6a8f9467308308"), SHEX("feedfacedeadbeeffeedfacedeadbeef" @@ -301,6 +314,7 @@ test_main(void) /* Test case 17 */ test_aead(&nettle_gcm_aes256, + (nettle_hash_update_func *) gcm_aes256_set_iv, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c6d6a8f9467308308"), SHEX("feedfacedeadbeeffeedfacedeadbeef" @@ -318,6 +332,7 @@ test_main(void) /* Test case 18 */ test_aead(&nettle_gcm_aes256, + (nettle_hash_update_func *) gcm_aes256_set_iv, SHEX("feffe9928665731c6d6a8f9467308308" "feffe9928665731c6d6a8f9467308308"), SHEX("feedfacedeadbeeffeedfacedeadbeef" diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 8289c246..9990cdee 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -468,11 +468,12 @@ test_cipher_stream(const struct nettle_cipher *cipher, void test_aead(const struct nettle_aead *aead, + nettle_hash_update_func *set_nonce, const struct tstring *key, const struct tstring *authtext, const struct tstring *cleartext, const struct tstring *ciphertext, - const struct tstring *iv, + const struct tstring *nonce, const struct tstring *digest) { void *ctx = xalloc(aead->context_size); @@ -490,9 +491,15 @@ test_aead(const struct nettle_aead *aead, /* encryption */ memset(buffer, 0, aead->block_size); - aead->set_key(ctx, key->data); + aead->set_encrypt_key(ctx, key->data); - aead->set_iv(ctx, iv->length, iv->data); + if (nonce->length != aead->nonce_size) + { + ASSERT (set_nonce); + set_nonce (ctx, nonce->length, nonce->data); + } + else + aead->set_nonce(ctx, nonce->data); if (authtext->length) aead->update(ctx, authtext->length, authtext->data); @@ -507,7 +514,16 @@ test_aead(const struct nettle_aead *aead, /* decryption */ memset(buffer, 0, aead->block_size); - aead->set_iv(ctx, iv->length, iv->data); + + aead->set_decrypt_key(ctx, key->data); + + if (nonce->length != aead->nonce_size) + { + ASSERT (set_nonce); + set_nonce (ctx, nonce->length, nonce->data); + } + else + aead->set_nonce(ctx, nonce->data); if (authtext->length) aead->update(ctx, authtext->length, authtext->data); diff --git a/testsuite/testutils.h b/testsuite/testutils.h index 39685017..6118b687 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -131,11 +131,12 @@ test_cipher_stream(const struct nettle_cipher *cipher, void test_aead(const struct nettle_aead *aead, + nettle_hash_update_func *set_nonce, const struct tstring *key, const struct tstring *authtext, const struct tstring *cleartext, const struct tstring *ciphertext, - const struct tstring *iv, + const struct tstring *nonce, const struct tstring *digest); void