dear all
i need some help to make sure that the GCM is working well so can any one
help me to make this test unfortunately i failed to do this test code. i
attached the code that i have can any one tell me how to modify it. also i
don't have enough documentation on how to reuse the library
K = feffe9928665731c6d6a8f9467308308
P =
d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255
IV = cafebabefacedbaddecaf888
H = b83b533708bf535d0aa6e52980d53b78
Y0 = cafebabefacedbaddecaf88800000001
E(K, Y0 ) = 3247184b3c4f69a44dbcd22887bbb418
Y1 = cafebabefacedbaddecaf88800000002
E(K, Y1 ) = 9bb22ce7d9f372c1ee2b28722b25f206
Y2 = cafebabefacedbaddecaf88800000003
E(K, Y2 ) = 650d887c3936533a1b8d4e1ea39d2b5c
Y3 = cafebabefacedbaddecaf88800000004
E(K, Y3 ) = 3de91827c10e9a4f5240647ee5221f20
Y4 = cafebabefacedbaddecaf88800000005
E(K, Y4 ) = aac9e6ccc0074ac0873b9ba85d908bd0
X1 = 59ed3f2bb1a0aaa07c9f56c6a504647b
X2 = b714c9048389afd9f9bc5c1d4378e052
X3 = 47400c6577b1ee8d8f40b2721e86ff10
X4 = 4796cf49464704b5dd91f159bb1b7f95
len(A)||len(C) = 00000000000000000000000000000200
GHASH(H, A, C) = 7f1b32b81b820d02614f8895ac1d4eac
C =
42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985
T = 4d5c2af327cd64a62cf35abd2ba6fab4
thanks allot for your help
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
#include <iostream>
#include <string>
#include "cryptopp/hex.h"
#include "cryptopp/aes.h"
using CryptoPP::HexEncoder;
using CryptoPP::HexDecoder;
#include "cryptopp/cryptlib.h"
using CryptoPP::BufferedTransformation;
using CryptoPP::AuthenticatedSymmetricCipher;
#include "cryptopp/filters.h"
using CryptoPP::StringSink;
using CryptoPP::StringSource;
using CryptoPP::AuthenticatedEncryptionFilter;
using CryptoPP::AuthenticatedDecryptionFilter;
using CryptoPP::AES;
#include "cryptopp/gcm.h"
using CryptoPP::GCM;
using CryptoPP::GCM_TablesOption;
#include "assert.h"
using namespace std;
int main(int argc, char* argv[])
{
//KEY 0000000000000000000000000000000000000000000000000000000000000000
//IV 000000000000000000000000
//HDR 00000000000000000000000000000000
//PTX 00000000000000000000000000000000
//CTX cea7403d4d606b6e074ec5d3baf39d18
//TAG ae9b1771dba9cf62b39be017940330b4
// Test Vector 003
byte key[16];
memset( key, 0, sizeof(key) );
byte iv[12];
memset( iv, 0, sizeof(iv) );
string adata( 16, (char)0x00 );
string pdata( 16, (char)0x00 );
const int TAG_SIZE = 16;
// Encrypted, with Tag
string cipher, encoded;
// Recovered
string radata, rpdata;
/*********************************\
\*********************************/
try
{
GCM< AES >::Encryption e;
e.SetKeyWithIV( key, sizeof(key), iv, sizeof(iv) );
// Not required for GCM mode (but required for CCM mode)
// e.SpecifyDataLengths( adata.size(), pdata.size(), 0 );
AuthenticatedEncryptionFilter ef( e,
new StringSink( cipher ), false, TAG_SIZE
); // AuthenticatedEncryptionFilter
// AuthenticatedEncryptionFilter::ChannelPut
// defines two channels: "" (empty) and "AAD"
// channel "" is encrypted and authenticated
// channel "AAD" is authenticated
ef.ChannelPut( "AAD", (const byte*)adata.data(), adata.size() );
ef.ChannelMessageEnd("AAD");
// Authenticated data *must* be pushed before
// Confidential/Authenticated data. Otherwise
// we must catch the BadState exception
ef.ChannelPut( "", (const byte*)pdata.data(), pdata.size() );
ef.ChannelMessageEnd("");
// Pretty print
StringSource( cipher, true,
new HexEncoder( new StringSink( encoded ), true, 16, " " ) );
}
catch( CryptoPP::BufferedTransformation::NoChannelSupport& e )
{
// The tag must go in to the default channel:
// "unknown: this object doesn't support multiple channels"
cerr << "Caught NoChannelSupport..." << endl;
cerr << e.what() << endl;
cerr << endl;
}
catch( CryptoPP::AuthenticatedSymmetricCipher::BadState& e )
{
// Pushing PDATA before ADATA results in:
// "GMC/AES: Update was called before State_IVSet"
cerr << "Caught BadState..." << endl;
cerr << e.what() << endl;
cerr << endl;
}
catch( CryptoPP::InvalidArgument& e )
{
cerr << "Caught InvalidArgument..." << endl;
cerr << e.what() << endl;
cerr << endl;
}
/*********************************\
\*********************************/
// Attack the first and last byte
//if( cipher.size() > 1 )
//{
// cipher[ 0 ] |= 0x0F;
// cipher[ cipher.size()-1 ] |= 0x0F;
//}
/*********************************\
\*********************************/
try
{
GCM< AES >::Decryption d;
d.SetKeyWithIV( key, sizeof(key), iv, sizeof(iv) );
// Break the cipher text out into it's
// components: Encrypted Data and MAC Value
string enc = cipher.substr( 0, cipher.length()-TAG_SIZE );
string mac = cipher.substr( cipher.length()-TAG_SIZE );
// Sanity checks
assert( cipher.size() == enc.size() + mac.size() );
assert( enc.size() == pdata.size() );
assert( TAG_SIZE == mac.size() );
// Not recovered - sent via clear channel
radata = adata;
// Object will not throw an exception
// during decryption\verification _if_
// verification fails.
//AuthenticatedDecryptionFilter df( d, NULL,
// AuthenticatedDecryptionFilter::MAC_AT_BEGIN );
AuthenticatedDecryptionFilter df( d, NULL,
AuthenticatedDecryptionFilter::MAC_AT_BEGIN |
AuthenticatedDecryptionFilter::THROW_EXCEPTION, TAG_SIZE );
// The order of the following calls are important
df.ChannelPut( "", (const byte*)mac.data(), mac.size() );
df.ChannelPut( "AAD", (const byte*)adata.data(), adata.size() );
df.ChannelPut( "", (const byte*)enc.data(), enc.size() );
// If the object throws, it will most likely occur
// during ChannelMessageEnd()
df.ChannelMessageEnd( "AAD" );
df.ChannelMessageEnd( "" );
// If the object does not throw, here's the only
// opportunity to check the data's integrity
bool b = false;
b = df.GetLastResult();
assert( true == b );
// Remove data from channel
string retrieved;
size_t n = (size_t)-1;
// Plain text recovered from enc.data()
df.SetRetrievalChannel( "" );
n = (size_t)df.MaxRetrievable();
retrieved.resize( n );
if( n > 0 ) { df.Get( (byte*)retrieved.data(), n ); }
rpdata = retrieved;
assert( rpdata == pdata );
// Hmmm... No way to get the calculated MAC
// mac out of the Decryptor/Verifier. At
// least it is purported to be good.
//df.SetRetrievalChannel( "AAD" );
//n = (size_t)df.MaxRetrievable();
//retrieved.resize( n );
//if( n > 0 ) { df.Get( (byte*)retrieved.data(), n ); }
//assert( retrieved == mac );
// All is well - work with data
cout << "Decrypted and Verified data. Ready for use." << endl;
cout << endl;
cout << "adata length: " << adata.size() << endl;
cout << "pdata length: " << pdata.size() << endl;
cout << endl;
cout << "adata: " << adata << endl;
cout << "pdata: " << pdata << endl;
cout << endl;
cout << "cipher text: " << endl << " " << encoded << endl;
cout << endl;
cout << "recovered adata length: " << radata.size() << endl;
cout << "recovered pdata length: " << rpdata.size() << endl;
cout << endl;
cout << "recovered adata: " << radata << endl;
cout << "recovered pdata: " << rpdata << endl;
cout << endl;
}
catch( CryptoPP::InvalidArgument& e )
{
cerr << "Caught InvalidArgument..." << endl;
cerr << e.what() << endl;
cerr << endl;
}
catch( CryptoPP::AuthenticatedSymmetricCipher::BadState& e )
{
// Pushing PDATA before ADATA results in:
// "GMC/AES: Update was called before State_IVSet"
cerr << "Caught BadState..." << endl;
cerr << e.what() << endl;
cerr << endl;
}
catch( CryptoPP::HashVerificationFilter::HashVerificationFailed& e )
{
cerr << "Caught HashVerificationFailed..." << endl;
cerr << e.what() << endl;
cerr << endl;
}
/*********************************\
\*********************************/
return 0;
}
