Added GMAC wrapper functions around AES-GCM

2013-09-10 16:47:39 -07:00 · 2013-09-10 16:47:39 -07:00 · d3db1a42de
parent 0ae966b350
commit d3db1a42de
3 changed files with 72 additions and 0 deletions
--- a/ctaocrypt/src/aes.c
+++ b/ctaocrypt/src/aes.c
@ -2636,6 +2636,21 @@ int  AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
    return 0;
 }

+
+CYASSL_API void GmacSetKey(Gmac* gmac, const byte* key, word32 len)
+{
+    AesGcmSetKey(&gmac->aes, key, len);
+}
+
+
+CYASSL_API void GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
+                              const byte* authIn, word32 authInSz,
+                              byte* authTag, word32 authTagSz)
+{
+    AesGcmEncrypt(&gmac->aes, NULL, NULL, 0, iv, ivSz,
+                                         authTag, authTagSz, authIn, authInSz);
+}
+
 #endif /* HAVE_AESGCM */

 #ifdef HAVE_AESCCM
--- a/ctaocrypt/test/test.c
+++ b/ctaocrypt/test/test.c
@ -140,6 +140,7 @@ int  des_test(void);
 int  des3_test(void);
 int  aes_test(void);
 int  aesgcm_test(void);
+int  gmac_test(void);
 int  aesccm_test(void);
 int  camellia_test(void);
 int  rsa_test(void);
@ -301,6 +302,13 @@ void ctaocrypt_test(void* args)

 #endif

+#ifdef HAVE_AESGCM
+    if ( (ret = gmac_test()) != 0)
+        err_sys("GMAC     test passed!\n", ret);
+    else
+        printf( "GMAC     test passed!\n");
+#endif
+
 #ifndef NO_RC4
    if ( (ret = arc4_test()) != 0)
        err_sys("ARC4     test failed!\n", ret);
@ -1928,6 +1936,47 @@ int aesgcm_test(void)

    return 0;
 }
+
+int gmac_test(void)
+{
+    Gmac gmac;
+
+    const byte k[] =
+    {
+        0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
+        0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
+    };
+
+    const byte iv[] =
+    {
+        0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
+        0xe2, 0x8c, 0x8f, 0x16
+    };
+
+    const byte a[] =
+    {
+       0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
+       0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
+    };
+
+    const byte t[] =
+    {
+        0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
+        0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
+    };
+
+    byte t2[sizeof(t)];
+
+    memset(t2, 0, sizeof(t2));
+
+    GmacSetKey(&gmac, k, sizeof(k));
+    GmacUpdate(&gmac, iv, sizeof(iv), a, sizeof(a), t2, sizeof(t2));
+
+    if (memcmp(t, t2, sizeof(t2)) != 0)
+        return -126;
+
+    return 0;
+}
 #endif /* HAVE_AESGCM */

 #ifdef HAVE_AESCCM
--- a/cyassl/ctaocrypt/aes.h
+++ b/cyassl/ctaocrypt/aes.h
@ -115,6 +115,14 @@ CYASSL_API int  AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
                              const byte* iv, word32 ivSz,
                              const byte* authTag, word32 authTagSz,
                              const byte* authIn, word32 authInSz);
+
+typedef struct Gmac {
+    Aes aes;
+} Gmac;
+CYASSL_API void GmacSetKey(Gmac* gmac, const byte* key, word32 len);
+CYASSL_API void GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
+                              const byte* authIn, word32 authInSz,
+                              byte* authTag, word32 authTagSz);
 #endif /* HAVE_AESGCM */
 #ifdef HAVE_AESCCM
 CYASSL_API void AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);