Chiebot-Mirror
/
boringssl
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Mirror of BoringSSL (grpc依赖) https://boringssl.googlesource.com/boringssl
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
714 Commits
61 Branches
23 Tags
511 MiB
Tag: Branch: Tree: be04c566c9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'be04c566c9'
${ noResults }
boringssl/util/fipstools/acvp/acvptool/subprocess/hmac.go

126 lines
4.3 KiB
Raw Normal View History Unescape

acvp: add CMAC-AES support. Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>
5 years ago
// Copyright (c) 2019, Google Inc.
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
package subprocess
import (
"encoding/hex"
"encoding/json"
"fmt"
"strconv"
)
// The following structures reflect the JSON of ACVP HMAC tests. See
Update ACVP URLs. NIST breaks these URLs so often it's unclear if it's worth including them. If they do it again it might be a signal to remove them all. However, until then, this change updates many of them. Some were deleted because the format of the anchors has been switched and all the section numbers remove, and I don't think it's worth trying to unpick all that. Change-Id: I31457c225e68ee44d383a5a148fdcc80a3430864 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47464 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>
4 years ago
// https://pages.nist.gov/ACVP/draft-fussell-acvp-mac.html#name-test-vectors
acvp: add CMAC-AES support. Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>
5 years ago
type hmacTestVectorSet struct {
Groups []hmacTestGroup `json:"testGroups"`
}
type hmacTestGroup struct {
ID uint64 `json:"tgId"`
Type string `json:"testType"`
MsgBits int `json:"msgLen"`
KeyBits int `json:"keyLen"` // maximum possible value is 524288
MACBits int `json:"macLen"` // maximum possible value is 512
Tests []struct {
ID uint64 `json:"tcId"`
KeyHex string `json:"key"`
MsgHex string `json:"msg"`
} `json:"tests"`
}
type hmacTestGroupResponse struct {
ID uint64 `json:"tgId"`
Tests []hmacTestResponse `json:"tests"`
}
type hmacTestResponse struct {
ID uint64 `json:"tcId"`
MACHex string `json:"mac,omitempty"`
}
// hmacPrimitive implements an ACVP algorithm by making requests to the
// subprocess to HMAC strings with the given key.
type hmacPrimitive struct {
// algo is the ACVP name for this algorithm and also the command name
// given to the subprocess to HMAC with this hash function.
algo string
mdLen int // mdLen is the number of bytes of output that the underlying hash produces.
}
// hmac uses the subprocess to compute HMAC and returns the result.
func (h *hmacPrimitive) hmac(msg []byte, key []byte, outBits int, m Transactable) []byte {
if outBits%8 != 0 {
panic("fractional-byte output length requested: " + strconv.Itoa(outBits))
}
outBytes := outBits / 8
result, err := m.Transact(h.algo, 1, msg, key)
if err != nil {
panic("HMAC operation failed: " + err.Error())
}
if l := len(result[0]); l < outBytes {
panic(fmt.Sprintf("HMAC result too short: %d bytes but wanted %d", l, outBytes))
}
return result[0][:outBytes]
}
func (h *hmacPrimitive) Process(vectorSet []byte, m Transactable) (interface{}, error) {
var parsed hmacTestVectorSet
if err := json.Unmarshal(vectorSet, &parsed); err != nil {
return nil, err
}
var ret []hmacTestGroupResponse
// See
Update ACVP URLs. NIST breaks these URLs so often it's unclear if it's worth including them. If they do it again it might be a signal to remove them all. However, until then, this change updates many of them. Some were deleted because the format of the anchors has been switched and all the section numbers remove, and I don't think it's worth trying to unpick all that. Change-Id: I31457c225e68ee44d383a5a148fdcc80a3430864 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47464 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>
4 years ago
// https://pages.nist.gov/ACVP/draft-fussell-acvp-mac.html#name-test-vectors
acvp: add CMAC-AES support. Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>
5 years ago
// for details about the tests.
for _, group := range parsed.Groups {
response := hmacTestGroupResponse{
ID: group.ID,
}
if group.MACBits > h.mdLen*8 {
return nil, fmt.Errorf("test group %d specifies MAC length should be %d, but maximum possible length is %d", group.ID, group.MACBits, h.mdLen*8)
}
for _, test := range group.Tests {
if len(test.MsgHex)*4 != group.MsgBits {
return nil, fmt.Errorf("test case %d/%d contains hex message of length %d but specifies a bit length of %d", group.ID, test.ID, len(test.MsgHex), group.MsgBits)
}
msg, err := hex.DecodeString(test.MsgHex)
if err != nil {
return nil, fmt.Errorf("failed to decode hex in test case %d/%d: %s", group.ID, test.ID, err)
}
if len(test.KeyHex)*4 != group.KeyBits {
return nil, fmt.Errorf("test case %d/%d contains hex key of length %d but specifies a bit length of %d", group.ID, test.ID, len(test.KeyHex), group.KeyBits)
}
key, err := hex.DecodeString(test.KeyHex)
if err != nil {
return nil, fmt.Errorf("failed to decode key in test case %d/%d: %s", group.ID, test.ID, err)
}
Update ACVP URLs. NIST breaks these URLs so often it's unclear if it's worth including them. If they do it again it might be a signal to remove them all. However, until then, this change updates many of them. Some were deleted because the format of the anchors has been switched and all the section numbers remove, and I don't think it's worth trying to unpick all that. Change-Id: I31457c225e68ee44d383a5a148fdcc80a3430864 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47464 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>
4 years ago
// https://pages.nist.gov/ACVP/draft-fussell-acvp-mac.html#name-test-vectors
acvp: add CMAC-AES support. Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>
5 years ago
response.Tests = append(response.Tests, hmacTestResponse{
ID: test.ID,
MACHex: hex.EncodeToString(h.hmac(msg, key, group.MACBits, m)),
})
}
ret = append(ret, response)
}
return ret, nil
}