From: Miroslav Lichvar Date: Mon, 10 Oct 2022 10:25:47 +0000 (+0200) Subject: siv: add functions to return min and max nonce length X-Git-Tag: 4.4-pre1~76 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5dd173c05014fc0b31bb4f407ac20bea2b0dc8cf;p=thirdparty%2Fchrony.git siv: add functions to return min and max nonce length While AES-SIV-CMAC allows nonces of any length, AES-GCM-SIV requires exactly 12 bytes, which is less than the unpadded minimum length of 16 used in the NTS authenticator field. These functions will be needed to support both ciphers in the NTS code. --- diff --git a/siv.h b/siv.h index e303d343..868edbd4 100644 --- a/siv.h +++ b/siv.h @@ -53,6 +53,10 @@ extern int SIV_GetKeyLength(SIV_Algorithm algorithm); extern int SIV_SetKey(SIV_Instance instance, const unsigned char *key, int length); +extern int SIV_GetMinNonceLength(SIV_Instance instance); + +extern int SIV_GetMaxNonceLength(SIV_Instance instance); + extern int SIV_GetTagLength(SIV_Instance instance); extern int SIV_Encrypt(SIV_Instance instance, diff --git a/siv_gnutls.c b/siv_gnutls.c index aba2babf..95387f0d 100644 --- a/siv_gnutls.c +++ b/siv_gnutls.c @@ -195,6 +195,22 @@ SIV_SetKey(SIV_Instance instance, const unsigned char *key, int length) /* ================================================== */ +int +SIV_GetMinNonceLength(SIV_Instance instance) +{ + return 1; +} + +/* ================================================== */ + +int +SIV_GetMaxNonceLength(SIV_Instance instance) +{ + return INT_MAX; +} + +/* ================================================== */ + int SIV_GetTagLength(SIV_Instance instance) { diff --git a/siv_nettle.c b/siv_nettle.c index 04bc9ad2..800beb71 100644 --- a/siv_nettle.c +++ b/siv_nettle.c @@ -144,6 +144,22 @@ SIV_SetKey(SIV_Instance instance, const unsigned char *key, int length) /* ================================================== */ +int +SIV_GetMinNonceLength(SIV_Instance instance) +{ + return instance->min_nonce_length; +} + +/* ================================================== */ + +int +SIV_GetMaxNonceLength(SIV_Instance instance) +{ + return instance->max_nonce_length; +} + +/* ================================================== */ + int SIV_GetTagLength(SIV_Instance instance) { diff --git a/test/unit/siv.c b/test/unit/siv.c index 2465c680..54f435d4 100644 --- a/test/unit/siv.c +++ b/test/unit/siv.c @@ -244,6 +244,12 @@ test_unit(void) } TEST_CHECK(SIV_GetKeyLength(tests[i].algorithm) == tests[i].key_length); + TEST_CHECK(SIV_GetMinNonceLength(siv) >= 1); + TEST_CHECK(SIV_GetMinNonceLength(siv) <= 12); + TEST_CHECK(SIV_GetMaxNonceLength(siv) >= 12); + TEST_CHECK(SIV_GetMinNonceLength(siv) <= SIV_GetMaxNonceLength(siv)); + if (fixed_nonce_length) + TEST_CHECK(SIV_GetMinNonceLength(siv) == SIV_GetMaxNonceLength(siv)); r = SIV_Encrypt(siv, tests[i].nonce, tests[i].nonce_length, tests[i].assoc, tests[i].assoc_length,