DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-06 08:55:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

siv: add support for AES-128-GCM-SIV in Nettle

Browse Source 
This is a newer nonce misuse-resistant cipher specified in RFC 8452,
which is now supported in the development code of the Nettle library.

The advantages over AES-SIV-CMAC-256 are shorter keys and better
performance.
This commit is contained in:
Miroslav Lichvar
2022-10-03 17:28:39 +02:00
parent 17d2291a84
commit 5caf0ad187
3 changed files with 210 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
test/unit/siv.c
View File

@@ -125,15 +125,94 @@ test_unit(void)
"\x8d\x49\x2f\x14\x62\xa4\x7c\x2a\x57\x38\x87\xce\xc6\x72\xd3\x5c"
"\xa1", 97
},
{ AEAD_AES_128_GCM_SIV,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xf0\x12\x34\x56\x78\x9a\xbc\xde", 16,
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b", 12,
"", 0,
"", 0,
"\xba\x05\x1c\x40\xeb\x7e\x5f\xa2\x3f\x6c\xe5\xbe\xfe\x5b\x04\xad", 16
},
{ AEAD_AES_128_GCM_SIV,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xf0\x12\x34\x56\x78\x9a\xbc\xde", 16,
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b", 12,
"\x4c\x9d\x4f\xca\xed\x8a\xe2\xba\xad\x3f\x3e\xa6\xe9\x3c\x8c\x8b", 16,
"", 0,
"\x8f\x47\xfe\x1f\x26\x4e\xe2\x99\x5f\x35\x3d\x26\x74\x14\xd4\x3b", 16
},
{ AEAD_AES_128_GCM_SIV,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xf0\x12\x34\x56\x78\x9a\xbc\xde", 16,
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b", 12,
"", 0,
"\xba\x05\x1c\x40\xeb\x7e\x5f\xa2\x3f\x6c\xe5\xbe\xfe\x5b\x04\xad", 16,
"\xa1\xc6\x1b\xf7\x32\x39\x93\x0e\x10\xf8\xa6\x21\x6c\x6e\x26\x83"
"\x5c\xa9\xb0\xdd\x91\x0f\x81\xa6\xf0\x3b\x45\xda\xa6\x9a\x2b\x24", 32,
},
{ AEAD_AES_128_GCM_SIV,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xf0\x12\x34\x56\x78\x9a\xbc\xde", 16,
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b", 12,
"\x4c\x9d\x4f\xca\xed\x8a\xe2\xba\xad\x3f\x3e\xa6\xe9\x3c\x8c", 15,
"\xba\x99\x79\x31\x23\x7e\x3c\x53\x58\x7e\xd4\x93\x02\xab\xe4", 15,
"\x7a\x23\xa7\x35\x8d\x34\x5b\xf6\x0d\xa7\x6d\x3b\x58\x8c\x4c\x65"
"\xd9\x85\x4e\x17\xb7\x52\x48\xf7\x91\xb4\xdd\xd6\x8b\xec\x02", 31
},
{ AEAD_AES_128_GCM_SIV,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xf0\x12\x34\x56\x78\x9a\xbc\xde", 16,
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b", 12,
"\x4c\x9d\x4f\xca\xed\x8a\xe2\xba\xad\x3f\x3e\xa6\xe9\x3c\x8c\x8b", 16,
"\xba\x99\x79\x31\x23\x7e\x3c\x53\x58\x7e\xd4\x93\x02\xab\xe4\xa7", 16,
"\xa3\x10\xae\x5f\x26\xd9\x90\xfa\xab\x30\x29\x80\x7f\x93\x62\x23"
"\x83\x8f\xc9\x57\x90\xbb\x05\x87\x02\x11\x57\xd6\x13\x9b\x82\x4d", 32
},
{ AEAD_AES_128_GCM_SIV,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xf0\x12\x34\x56\x78\x9a\xbc\xde", 16,
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b", 12,
"\x4c\x9d\x4f\xca\xed\x8a\xe2\xba\xad\x3f\x3e\xa6\xe9\x3c\x8c\x8b"
"\xa0", 17,
"\xba\x99\x79\x31\x23\x7e\x3c\x53\x58\x7e\xd4\x93\x02\xab\xe4\xa7"
"\x08", 17,
"\x4c\x48\x67\x48\xce\x8b\x14\x7b\x70\xac\x71\xe8\x7b\x4e\x4a\x6a"
"\xb4\x3d\xb5\x8e\x58\x81\xfc\x3e\x97\xcd\xdf\xef\x67\x1e\xf4\x4f"
"\x0d", 33
},
{ AEAD_AES_128_GCM_SIV,
"\x01\x23\x45\x67\x89\xab\xcd\xef\xf0\x12\x34\x56\x78\x9a\xbc\xde", 16,
"\xb0\x5a\x1b\xc7\x56\xe7\xb6\x2c\xb4\x85\xe5\x56", 12,
"\xe5\x8b\xd2\x6a\x30\xc5\xc5\x61\xcc\xbd\x7c\x27\xbf\xfe\xf9\x06"
"\x00\x5b\xd7\xfc\x11\x0b\xcf\x16\x61\xef\xac\x05\xa7\xaf\xec\x27"
"\x41\xc8\x5e\x9e\x0d\xf9\x2f\xaf\x20\x79\x17\xe5\x17\x91\x2a\x27"
"\x34\x1c\xbc\xaf\xeb\xef\x7f\x52\xe7\x1e\x4c\x2a\xca\xbd\x2b\xbe"
"\x34\xd6\xfb\x69\xd3\x3e\x49\x59\x60\xb4\x26\xc9\xb8\xce\xba", 79,
"\x6c\xe7\xcf\x7e\xab\x7b\xa0\xe1\xa7\x22\xcb\x88\xde\x5e\x42\xd2"
"\xec\x79\xe0\xa2\xcf\x5f\x0f\x6f\x6b\x89\x57\xcd\xae\x17\xd4\xc2"
"\xf3\x1b\xa2\xa8\x13\x78\x23\x2f\x83\xa8\xd4\x0c\xc0\xd2\xf3\x99"
"\xae\x81\xa1\xca\x5b\x5f\x45\xa6\x6f\x0c\x8a\xf3\xd4\x67\x40\x81"
"\x26\xe2\x01\x86\xe8\x5a\xd5\xf8\x58\x80\x9f\x56\xaa\x76\x96\xbf"
"\x31", 81,
"\xf6\xa0\x1a\xf3\x4f\xe9\x36\xde\x5c\xbd\xb6\x0a\x26\x9d\x60\x1d"
"\xe6\xc9\x6d\xb8\xf2\x5f\xcd\xce\x26\xf4\x0d\x86\xec\xdd\x84\x25"
"\xaf\xec\x72\x10\x2d\x74\x2d\xde\x95\x84\xac\xce\xbf\x8a\x52\x9f"
"\x10\x6f\xc2\xa8\x1f\xed\x47\xff\xeb\x28\x57\x54\xb3\x45\x45\x56"
"\xbb\xcf\x7d\x9b\x99\x68\xbd\x36\x75\xe3\xf7\x8c\x09\x25\x01\xbe"
"\xe1\xe2\x3d\x19\x4f\x15\x64\x12\x6e\xea\x67\x6c\x42\x2f\xc1\x91"
"\xff", 97
},
{ 0, "", 0 }
};
unsigned char plaintext[sizeof (((struct siv_test *)NULL)->plaintext)];
unsigned char ciphertext[sizeof (((struct siv_test *)NULL)->ciphertext)];
SIV_Instance siv;
int i, j, r;
int i, j, r, fixed_nonce_length;
TEST_CHECK(SIV_CreateInstance(0) == NULL);
for (i = 0; i < AEAD_AES_256_GCM_SIV + 10; i++) {
switch (i) {
case AEAD_AES_SIV_CMAC_256:
case AEAD_AES_128_GCM_SIV:
continue;
}
TEST_CHECK(SIV_GetKeyLength(i) == 0);
TEST_CHECK(SIV_CreateInstance(i) == NULL);
}
for (i = 0; tests[i].algorithm != 0; i++) {
DEBUG_LOG("testing %d (%d)", (int)tests[i].algorithm, i);
@@ -145,7 +224,24 @@ test_unit(void)
assert(tests[i].ciphertext_length <= sizeof (tests[i].ciphertext));
siv = SIV_CreateInstance(tests[i].algorithm);
TEST_CHECK(siv != NULL);
switch (tests[i].algorithm) {
case AEAD_AES_SIV_CMAC_256:
TEST_CHECK(siv != NULL);
fixed_nonce_length = 0;
break;
case AEAD_AES_128_GCM_SIV:
fixed_nonce_length = 1;
break;
default:
assert(0);
}
if (!siv) {
DEBUG_LOG("missing %d support", (int)tests[i].algorithm);
TEST_CHECK(SIV_GetKeyLength(tests[i].algorithm) == 0);
continue;
}
TEST_CHECK(SIV_GetKeyLength(tests[i].algorithm) == tests[i].key_length);
@@ -188,7 +284,7 @@ test_unit(void)
tests[i].assoc, tests[i].assoc_length,
tests[i].plaintext, tests[i].plaintext_length,
ciphertext, tests[i].ciphertext_length);
if (j > 0) {
if (j > 0 && (j == tests[i].nonce_length || !fixed_nonce_length)) {
TEST_CHECK(r);
TEST_CHECK(memcmp(ciphertext, tests[i].ciphertext, tests[i].ciphertext_length) != 0);
} else {