diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/modes/aead/ccm/ccm.cpp | 11 | ||||
-rw-r--r-- | src/lib/modes/aead/ccm/ccm.h | 2 | ||||
-rw-r--r-- | src/tests/data/aead/ccm.vec | 124 |
3 files changed, 131 insertions, 6 deletions
diff --git a/src/lib/modes/aead/ccm/ccm.cpp b/src/lib/modes/aead/ccm/ccm.cpp index 410bd6910..b5a68a72e 100644 --- a/src/lib/modes/aead/ccm/ccm.cpp +++ b/src/lib/modes/aead/ccm/ccm.cpp @@ -1,6 +1,6 @@ /* * CCM Mode Encryption -* (C) 2013 Jack Lloyd +* (C) 2013,2018 Jack Lloyd * (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity * * Botan is released under the Simplified BSD License (see license.txt) @@ -113,16 +113,17 @@ size_t CCM_Mode::process(uint8_t buf[], size_t sz) return 0; // no output until finished } -void CCM_Mode::encode_length(size_t len, uint8_t out[]) +void CCM_Mode::encode_length(uint64_t len, uint8_t out[]) { const size_t len_bytes = L(); - BOTAN_ASSERT(len_bytes < sizeof(size_t), "Length field fits"); + BOTAN_ASSERT_NOMSG(len_bytes >= 1 && len_bytes <= 8); for(size_t i = 0; i != len_bytes; ++i) - out[len_bytes-1-i] = get_byte(sizeof(size_t)-1-i, len); + out[len_bytes-1-i] = get_byte(sizeof(uint64_t)-1-i, len); - BOTAN_ASSERT((len >> (len_bytes*8)) == 0, "Message length fits in field"); + if(len_bytes < 8 && (len >> (len_bytes*8)) > 0) + throw Encoding_Error("CCM message length too long to encode in L field"); } void CCM_Mode::inc(secure_vector<uint8_t>& C) diff --git a/src/lib/modes/aead/ccm/ccm.h b/src/lib/modes/aead/ccm/ccm.h index 4d4fe73e2..b819ac76e 100644 --- a/src/lib/modes/aead/ccm/ccm.h +++ b/src/lib/modes/aead/ccm/ccm.h @@ -48,7 +48,7 @@ class BOTAN_PUBLIC_API(2,0) CCM_Mode : public AEAD_Mode const BlockCipher& cipher() const { return *m_cipher; } - void encode_length(size_t len, uint8_t out[]); + void encode_length(uint64_t len, uint8_t out[]); void inc(secure_vector<uint8_t>& C); diff --git a/src/tests/data/aead/ccm.vec b/src/tests/data/aead/ccm.vec index 23a74aec2..83aca12a2 100644 --- a/src/tests/data/aead/ccm.vec +++ b/src/tests/data/aead/ccm.vec @@ -48,3 +48,127 @@ Nonce = 0EC3AC452B547B9062AAC8FA In = B6F345204526439DAF84998F380DCFB4B4167C959C04FF65 AD = 2F1821AA57E5278FFD33C17D46615B77363149DBC98470413F6543A6B749F2CA Out = 9575E16F35DA3C88A19C26A7B762044F4D7BBBAFEFF05D754829E2A7752FA3A14890972884B511D8 + +[AES-128/CCM(4,8)] +# SP 800-38C Example 1 +Key = 404142434445464748494a4b4c4d4e4f +Nonce = 10111213141516 +AD = 0001020304050607 +In = 20212223 +Out = 7162015b4dac255d + +[AES-128/CCM(6,7)] +# SP 800-38C Example 2 +Key = 404142434445464748494a4b4c4d4e4f +Nonce = 1011121314151617 +AD = 000102030405060708090a0b0c0d0e0f +In = 202122232425262728292a2b2c2d2e2f +Out = d2a1f0e051ea5f62081a7792073d593d1fc64fbfaccd + +[AES-128/CCM(8,3)] +# SP 800-38C Example 3 +Key = 404142434445464748494a4b4c4d4e4f +Nonce = 101112131415161718191a1b +AD = 000102030405060708090a0b0c0d0e0f10111213 +In = 202122232425262728292a2b2c2d2e2f3031323334353637 +Out = e3b201a9f5b71a7a9b1ceaeccd97e70b6176aad9a4428aa5484392fbc1b09951 + +# From CVMC CAVS data Tue Mar 15 08:09:25 2011 + +[AES-128/CCM(16,8)] +Key = c0425ed20cd28fda67a2bcc0ab342a49 +Nonce = 37667f334dce90 +AD = 0b3e8d9785c74c8f41ea257d4d87495ffbbb335542b12e0d62bb177ec7a164d9 +In = 4f065a23eeca6b18d118e1de4d7e5ca1a7c0e556d786d407 +Out = 768fccdf4898bca099e33c3d40565497dec22dd6e33dcf4384d71be8565c21a455db45816da8158c + +[AES-128/CCM(16,7)] + +Key = 0b6256bd328a4cda2510d527c0f73ed4 +Nonce = 21fd9011d6d9484a +AD = 66ff35c4f86ad7755b149e14e299034763023e7384f4af8c35277d2c7e1a7de2 +In = 78a292662b8e05abc2d44fbefd0840795e7493028015d9f2 +Out = 5a0be834c57b59d47a4590d8d19a1206d3c06e937a9b57f74034d9fdb43c3f48932aa72177b23bf6 + +[AES-128/CCM(16,6)] + +Key = afdccc84f257cb768b7ad735edbd1990 +Nonce = b7776aa998f4d1189b +AD = 9f9ac464de508b98e789243fdb32db458538f8a291ed93ddf8aeaacfbfc371aa +In = 56d0942490e546798f30d3c60ad4e3e110fc04f5b1c1fa83 +Out = 96f124c74fd737819008ddef440320f4a3733d0062c83c893e259aecf12ba08f2a2e966a3341d6d4 + +[AES-128/CCM(16,5)] + +Key = 6ccb68d3838d4ddf660b9cd904cad40f +Nonce = c4fb7519a19f13d9d1fc +AD = 092e64fef08b5655a86cdb8de63ffaa7772e8730844e9016141af8bad2216246 +In = 5ea35c082e2b190e9d98e6b2daad8672f587b4f2968072fc +Out = cda5fe3d15d00150b99120c7f206b88a4c2c4a39ca9143425603ab284a73a38cc916f8b653c92ab4 + +[AES-128/CCM(16,4)] + +Key = e6ab9e70a4fb51b01c2e262233e64c0d +Nonce = 74e689eb5af9441dd690a6 +AD = 42f6518ee0fbe42f28e13b4bb2eb60517b37c9744394d9143393a879c3e107c7 +In = ba15916733550d7aa82b2f6b117cd3f54c83ddc16cd0288a +Out = dcc151443288f35d39ed8fae6f0ce1d1eb656f4f7fd65c0b16f322ce85d7c54e71ac560fd4da9651 + +[AES-128/CCM(16,3)] +Key = 005e8f4d8e0cbf4e1ceeb5d87a275848 +Nonce = 0ec3ac452b547b9062aac8fa +AD = 2f1821aa57e5278ffd33c17d46615b77363149dbc98470413f6543a6b749f2ca +In = b6f345204526439daf84998f380dcfb4b4167c959c04ff65 +Out = 9575e16f35da3c88a19c26a7b762044f4d7bbbafeff05d754829e2a7752fa3a14890972884b511d8 + +[AES-128/CCM(16,2)] +Key = ac87fef3b76e725d66d905625a387e82 +Nonce = 61bf06b9fa5a450d094f3ddcb5 +AD = 0245484bcd987787fe97fda6c8ffb6e7058d7b8f7064f27514afaac4048767fd +In = 959403e0771c21a416bd03f3898390e90d0a0899f69f9552 +Out = cabf8aa613d5357aa3e70173d43f1f202b628a61d18e8b572eb66bb8213a515aa61e5f0945cd57f4 + +[AES-128/CCM(4,2)] + +Key = 43b1a6bc8d0d22d6d1ca95c18593cca5 +Nonce = 9882578e750b9682c6ca7f8f86 +AD = 2084f3861c9ad0ccee7c63a7e05aece5db8b34bd8724cc06b4ca99a7f9c4914f +In = a2b381c7d1545c408fe29817a21dc435a154c87256346b05 +Out = cc69ed76985e0ed4c8365a72775e5a19bfccc71aeb116c85a8c74677 + +[AES-128/CCM(6,2)] + +Key = 44e89189b815b4649c4e9b38c4275a5a +Nonce = 374c83e94384061ac01963f88d +AD = cd149d17dba7ec50000b8c5390d114697fafb61025301f4e3eaa9f4535718a08 +In = 8db6ae1eb959963931d1c5224f29ef50019d2b0db7f5f76f +Out = df952dce0f843374d33da94c969eff07b7bc2418ca9ee01e32bc2ffa8600 + +[AES-128/CCM(8,2)] +Key = 368f35a1f80eaaacd6bb136609389727 +Nonce = 842a8445847502ea77363a16b6 +AD = 34396dfcfa6f742aea7040976bd596497a7a6fa4fb85ee8e4ca394d02095b7bf +In = 1cccd55825316a94c5979e049310d1d717cdfb7624289dac +Out = 1a58094f0e8c6035a5584bfa8d1009c5f78fd2ca487ff222f6d1d897d6051618 + +[AES-128/CCM(10,2)] + +Key = 996a09a652fa6c82eae8be7886d7e75e +Nonce = a8b3eb68f205a46d8f632c3367 +AD = c71620d0477c8137b77ec5c72ced4df3a1e987fd9af6b5b10853f0526d876cd5 +In = 84cdd7380f47524b86168ed95386faa402831f22045183d0 +Out = a7fbf9dd1b099ed3acf6bcbd0b6f7cae57bee99f9d084f826d86e69c07f053d1a607 + +[AES-128/CCM(12,2)] +Key = 3ee186594f110fb788a8bf8aa8be5d4a +Nonce = 44f705d52acf27b7f17196aa9b +AD = 2c16724296ff85e079627be3053ea95adf35722c21886baba343bd6c79b5cb57 +In = d71864877f2578db092daba2d6a1f9f4698a9c356c7830a1 +Out = b4dd74e7a0cc51aea45dfb401a41d5822c96901a83247ea0d6965f5aa6e31302a9cc2b36 + +[AES-128/CCM(14,2)] +Key = 7b2d52a5186d912cf6b83ace7740ceda +Nonce = f47be3a2b019d1beededf5b80c +AD = 76cf3522aff97a44b4edd0eef3b81e3ab3cd1ccc93a767a133afd508315f05ed +In = ea384b081f60bb450808e0c20dc2914ae14a320612c3e1e8 +Out = 79070f33114a980dfd48215051e224dfd01471ac293242afddb36e37da1ee8a88a77d7f12cc6 |