ср, 8 мая 2019 г. в 15:33, Dmitry Eremin-Solenikov <[email protected]>: > Any chances to get these 3 patches in?
Just as a word of justification: one of GOST-defined modes is CFB, which is used with 64-bit cipher (Magma, GOST 28147-89). Having this code in allows us to use it directly from Nettle instead of having a private copy (e.g. in GnuTLS). And while 3DES is obviously close to full deprecation, 3DES-CFB8 is a good way to define and test CFB8 support in Nettle library. > > чт, 1 нояб. 2018 г. в 13:28, Dmitry Eremin-Solenikov <[email protected]>: > > > > Signed-off-by: Dmitry Eremin-Solenikov <[email protected]> > > --- > > testsuite/cmac-test.c | 100 +++++++++++------------------------------- > > testsuite/testutils.c | 64 +++++++++++++++++++++++++++ > > testsuite/testutils.h | 6 +++ > > 3 files changed, 96 insertions(+), 74 deletions(-) > > > > diff --git a/testsuite/cmac-test.c b/testsuite/cmac-test.c > > index 31662d1b6c1b..b1d4aa30dfbe 100644 > > --- a/testsuite/cmac-test.c > > +++ b/testsuite/cmac-test.c > > @@ -2,83 +2,35 @@ > > #include "nettle-internal.h" > > #include "cmac.h" > > > > +const struct nettle_mac nettle_cmac_aes128 = > > +{ > > + "CMAC-AES128", > > + sizeof(struct cmac_aes128_ctx), > > + CMAC128_DIGEST_SIZE, > > + AES128_KEY_SIZE, > > + > > + (nettle_set_key_func*) cmac_aes128_set_key, > > + (nettle_hash_update_func*) cmac_aes128_update, > > + (nettle_hash_digest_func*) cmac_aes128_digest > > +}; > > + > > +const struct nettle_mac nettle_cmac_aes256 = > > +{ > > + "CMAC-AES256", > > + sizeof(struct cmac_aes256_ctx), > > + CMAC128_DIGEST_SIZE, > > + AES256_KEY_SIZE, > > + > > + (nettle_set_key_func*) cmac_aes256_set_key, > > + (nettle_hash_update_func*) cmac_aes256_update, > > + (nettle_hash_digest_func*) cmac_aes256_digest > > +}; > > + > > #define test_cmac_aes128(key, msg, ref) > > \ > > - test_cmac_hash ((nettle_set_key_func*) cmac_aes128_set_key, \ > > - (nettle_hash_update_func*) cmac_aes128_update, \ > > - (nettle_hash_digest_func*) cmac_aes128_digest, \ > > - sizeof(struct cmac_aes128_ctx), \ > > - key, msg, ref) > > + test_mac(&nettle_cmac_aes128, key, msg, ref) > > > > #define test_cmac_aes256(key, msg, ref) > > \ > > - test_cmac_hash ((nettle_set_key_func*) cmac_aes256_set_key, \ > > - (nettle_hash_update_func*) cmac_aes256_update, \ > > - (nettle_hash_digest_func*) cmac_aes256_digest, \ > > - sizeof(struct cmac_aes256_ctx), \ > > - key, msg, ref) > > - > > -static void > > -test_cmac_hash (nettle_set_key_func *set_key, > > - nettle_hash_update_func *update, > > - nettle_hash_digest_func *digest, size_t ctx_size, > > - const struct tstring *key, const struct tstring *msg, > > - const struct tstring *ref) > > -{ > > - void *ctx; > > - uint8_t hash[16]; > > - unsigned i; > > - > > - ctx = xalloc(ctx_size); > > - > > - ASSERT (ref->length == sizeof(hash)); > > - ASSERT (key->length == 16 || key->length == 32); > > - set_key (ctx, key->data); > > - update (ctx, msg->length, msg->data); > > - digest (ctx, sizeof(hash), hash); > > - if (!MEMEQ (ref->length, ref->data, hash)) > > - { > > - fprintf (stderr, "cmac_hash failed, msg: "); > > - print_hex (msg->length, msg->data); > > - fprintf(stderr, "Output:"); > > - print_hex (16, hash); > > - fprintf(stderr, "Expected:"); > > - tstring_print_hex(ref); > > - fprintf(stderr, "\n"); > > - FAIL(); > > - } > > - > > - /* attempt to re-use the structure */ > > - update (ctx, msg->length, msg->data); > > - digest (ctx, sizeof(hash), hash); > > - if (!MEMEQ (ref->length, ref->data, hash)) > > - { > > - fprintf (stderr, "cmac_hash failed on re-use, msg: "); > > - print_hex (msg->length, msg->data); > > - fprintf(stderr, "Output:"); > > - print_hex (16, hash); > > - fprintf(stderr, "Expected:"); > > - tstring_print_hex(ref); > > - fprintf(stderr, "\n"); > > - FAIL(); > > - } > > - > > - /* attempt byte-by-byte hashing */ > > - set_key (ctx, key->data); > > - for (i=0;i<msg->length;i++) > > - update (ctx, 1, msg->data+i); > > - digest (ctx, sizeof(hash), hash); > > - if (!MEMEQ (ref->length, ref->data, hash)) > > - { > > - fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: "); > > - print_hex (msg->length, msg->data); > > - fprintf(stderr, "Output:"); > > - print_hex (16, hash); > > - fprintf(stderr, "Expected:"); > > - tstring_print_hex(ref); > > - fprintf(stderr, "\n"); > > - FAIL(); > > - } > > - free (ctx); > > -} > > + test_mac(&nettle_cmac_aes256, key, msg, ref) > > > > void > > test_main(void) > > diff --git a/testsuite/testutils.c b/testsuite/testutils.c > > index 1812ff4f52b0..ba0b41131925 100644 > > --- a/testsuite/testutils.c > > +++ b/testsuite/testutils.c > > @@ -924,6 +924,70 @@ test_hash_large(const struct nettle_hash *hash, > > free(data); > > } > > > > +void > > +test_mac(const struct nettle_mac *mac, > > + const struct tstring *key, > > + const struct tstring *msg, > > + const struct tstring *digest) > > +{ > > + void *ctx = xalloc(mac->context_size); > > + uint8_t *hash = xalloc(mac->digest_size); > > + unsigned i; > > + > > + > > + ASSERT (digest->length == mac->digest_size); > > + ASSERT (key->length == mac->key_size); > > + mac->set_key (ctx, key->data); > > + mac->update (ctx, msg->length, msg->data); > > + mac->digest (ctx, digest->length, hash); > > + > > + if (!MEMEQ (digest->length, digest->data, hash)) > > + { > > + fprintf (stderr, "test_mac failed, msg: "); > > + print_hex (msg->length, msg->data); > > + fprintf(stderr, "Output:"); > > + print_hex (mac->digest_size, hash); > > + fprintf(stderr, "Expected:"); > > + tstring_print_hex(digest); > > + fprintf(stderr, "\n"); > > + FAIL(); > > + } > > + > > + /* attempt to re-use the structure */ > > + mac->update (ctx, msg->length, msg->data); > > + mac->digest (ctx, digest->length, hash); > > + if (!MEMEQ (digest->length, digest->data, hash)) > > + { > > + fprintf (stderr, "test_mac: failed on re-use, msg: "); > > + print_hex (msg->length, msg->data); > > + fprintf(stderr, "Output:"); > > + print_hex (mac->digest_size, hash); > > + fprintf(stderr, "Expected:"); > > + tstring_print_hex(digest); > > + fprintf(stderr, "\n"); > > + FAIL(); > > + } > > + > > + /* attempt byte-by-byte hashing */ > > + mac->set_key (ctx, key->data); > > + for (i=0;i<msg->length;i++) > > + mac->update (ctx, 1, msg->data+i); > > + mac->digest (ctx, digest->length, hash); > > + if (!MEMEQ (digest->length, digest->data, hash)) > > + { > > + fprintf (stderr, "cmac_hash failed on byte-by-byte, msg: "); > > + print_hex (msg->length, msg->data); > > + fprintf(stderr, "Output:"); > > + print_hex (16, hash); > > + fprintf(stderr, "Expected:"); > > + tstring_print_hex(digest); > > + fprintf(stderr, "\n"); > > + FAIL(); > > + } > > + free (ctx); > > + free (hash); > > +} > > + > > void > > test_armor(const struct nettle_armor *armor, > > size_t data_length, > > diff --git a/testsuite/testutils.h b/testsuite/testutils.h > > index ded57db6ab4f..f4ea38da9deb 100644 > > --- a/testsuite/testutils.h > > +++ b/testsuite/testutils.h > > @@ -170,6 +170,12 @@ test_hash_large(const struct nettle_hash *hash, > > uint8_t c, > > const struct tstring *digest); > > > > +void > > +test_mac(const struct nettle_mac *mac, > > + const struct tstring *key, > > + const struct tstring *msg, > > + const struct tstring *digest); > > + > > void > > test_armor(const struct nettle_armor *armor, > > size_t data_length, > > -- > > 2.19.1 > > > > > -- > With best wishes > Dmitry -- With best wishes Dmitry _______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
