Add CMAC (Cipher-based MAC) to MAC API
authorJussi Kivilinna <jussi.kivilinna@iki.fi>
Thu, 14 Nov 2013 12:10:27 +0000 (14:10 +0200)
committerJussi Kivilinna <jussi.kivilinna@iki.fi>
Tue, 19 Nov 2013 17:18:56 +0000 (19:18 +0200)
commitb49cd64aaaff2e5488a84665362ef7150683226c
tree08a9aa2bd510d0231fa63ca481b03c5f42457aee
parentfcd6da37d55f248d3558ee0ff385b41b866e7ded
Add CMAC (Cipher-based MAC) to MAC API

* cipher/Makefile.am: Add 'cipher-cmac.c' and 'mac-cmac.c'.
* cipher/cipher-cmac.c: New.
* cipher/cipher-internal.h (gcry_cipher_handle.u_mode): Add 'cmac'.
* cipher/cipher.c (gcry_cipher_open): Rename to...
(_gcry_cipher_open_internal): ...this and add CMAC.
(gcry_cipher_open): New wrapper that disallows use of internal
modes (CMAC) from outside.
(cipher_setkey, cipher_encrypt, cipher_decrypt)
(_gcry_cipher_authenticate, _gcry_cipher_gettag)
(_gcry_cipher_checktag): Add handling for CMAC mode.
(cipher_reset): Do not reset 'marks.key' and do not clear subkeys in
'u_mode' in CMAC mode.
* cipher/mac-cmac.c: New.
* cipher/mac-internal.h: Add CMAC support and algorithms.
* cipher/mac.c: Add CMAC algorithms.
* doc/gcrypt.texi: Add documentation for CMAC.
* src/cipher.h (gcry_cipher_internal_modes): New.
(_gcry_cipher_open_internal, _gcry_cipher_cmac_authenticate)
(_gcry_cipher_cmac_get_tag, _gcry_cipher_cmac_check_tag)
(_gcry_cipher_cmac_set_subkeys): New prototypes.
* src/gcrypt.h.in (gcry_mac_algos): Add CMAC algorithms.
* tests/basic.c (check_mac): Add CMAC test vectors.
--

Patch adds CMAC (Cipher-based MAC) as defined in RFC 4493 and NIST
Special Publication 800-38B.

Internally CMAC is added to cipher module, but is available to outside
only through MAC API.

[v2]:
 - Add documentation.
[v3]:
 - CMAC algorithm ids start from 201.
 - Coding style fixes.

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
cipher/Makefile.am
cipher/cipher-cmac.c [new file with mode: 0644]
cipher/cipher-internal.h
cipher/cipher.c
cipher/mac-cmac.c [new file with mode: 0644]
cipher/mac-internal.h
cipher/mac.c
doc/gcrypt.texi
src/cipher.h
src/gcrypt.h.in
tests/basic.c