Fix dependencies: GCM != AEAD != CCM

This commit is contained in:
Manuel Pégourié-Gonnard 2014-06-24 15:26:28 +02:00
parent 5bfd968e01
commit 8f625632bb
3 changed files with 35 additions and 46 deletions

View file

@ -36,7 +36,7 @@
#include POLARSSL_CONFIG_FILE #include POLARSSL_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_GCM_C) #if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C)
#define POLARSSL_CIPHER_MODE_AEAD #define POLARSSL_CIPHER_MODE_AEAD
#endif #endif
@ -534,25 +534,21 @@ int cipher_set_iv( cipher_context_t *ctx,
*/ */
int cipher_reset( cipher_context_t *ctx ); int cipher_reset( cipher_context_t *ctx );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
/** /**
* \brief Add additional data (for AEAD ciphers). * \brief Add additional data (for AEAD ciphers).
* This function has no effect for non-AEAD ciphers. * Currently only supported with GCM.
* For AEAD ciphers, it may or may not be called * Must be called exactly once, after cipher_reset().
* repeatedly, and/or interleaved with calls to
* cipher_udpate(), depending on the cipher.
* E.g. for GCM is must be called exactly once, right
* after cipher_reset().
* *
* \param ctx generic cipher context * \param ctx generic cipher context
* \param ad Additional data to use. * \param ad Additional data to use.
* \param ad_len Length of ad. * \param ad_len Length of ad.
* *
* \returns 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int cipher_update_ad( cipher_context_t *ctx, int cipher_update_ad( cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len ); const unsigned char *ad, size_t ad_len );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif /* POLARSSL_GCM_C */
/** /**
* \brief Generic cipher update function. Encrypts/decrypts * \brief Generic cipher update function. Encrypts/decrypts
@ -606,10 +602,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
int cipher_finish( cipher_context_t *ctx, int cipher_finish( cipher_context_t *ctx,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
/** /**
* \brief Write tag for AEAD ciphers. * \brief Write tag for AEAD ciphers.
* No effect for other ciphers. * Currently only supported with GCM.
* Must be called after cipher_finish(). * Must be called after cipher_finish().
* *
* \param ctx Generic cipher context * \param ctx Generic cipher context
@ -623,9 +619,8 @@ int cipher_write_tag( cipher_context_t *ctx,
/** /**
* \brief Check tag for AEAD ciphers. * \brief Check tag for AEAD ciphers.
* No effect for other ciphers. * Currently only supported with GCM.
* Calling time depends on the cipher: * Must be called after cipher_finish().
* for GCM, must be called after cipher_finish().
* *
* \param ctx Generic cipher context * \param ctx Generic cipher context
* \param tag Buffer holding the tag * \param tag Buffer holding the tag
@ -635,7 +630,7 @@ int cipher_write_tag( cipher_context_t *ctx,
*/ */
int cipher_check_tag( cipher_context_t *ctx, int cipher_check_tag( cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif /* POLARSSL_GCM_C */
/** /**
* \brief Generic all-in-one encryption/decryption * \brief Generic all-in-one encryption/decryption

View file

@ -234,24 +234,22 @@ int cipher_reset( cipher_context_t *ctx )
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
int cipher_update_ad( cipher_context_t *ctx, int cipher_update_ad( cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len ) const unsigned char *ad, size_t ad_len )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{ {
return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation, return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation,
ctx->iv, ctx->iv_size, ad, ad_len ); ctx->iv, ctx->iv_size, ad, ad_len );
} }
#endif
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif /* POLARSSL_GCM_C */
int cipher_update( cipher_context_t *ctx, const unsigned char *input, int cipher_update( cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen ) size_t ilen, unsigned char *output, size_t *olen )
@ -724,7 +722,7 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode )
} }
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
int cipher_write_tag( cipher_context_t *ctx, int cipher_write_tag( cipher_context_t *ctx,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len )
{ {
@ -734,10 +732,8 @@ int cipher_write_tag( cipher_context_t *ctx,
if( POLARSSL_ENCRYPT != ctx->operation ) if( POLARSSL_ENCRYPT != ctx->operation )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len ); return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len );
#endif
return( 0 ); return( 0 );
} }
@ -753,7 +749,6 @@ int cipher_check_tag( cipher_context_t *ctx,
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
} }
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{ {
unsigned char check_tag[16]; unsigned char check_tag[16];
@ -778,11 +773,10 @@ int cipher_check_tag( cipher_context_t *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_GCM_C */
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif /* POLARSSL_GCM_C */
/* /*
* Packet-oriented wrapper for non-AEAD modes * Packet-oriented wrapper for non-AEAD modes

View file

@ -60,7 +60,7 @@ void cipher_null_args( )
TEST_ASSERT( cipher_reset( NULL ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( cipher_reset( NULL ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( cipher_reset( &ctx ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( cipher_reset( &ctx ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( cipher_update_ad( NULL, buf, 0 ) TEST_ASSERT( cipher_update_ad( NULL, buf, 0 )
== POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( cipher_update_ad( &ctx, buf, 0 ) TEST_ASSERT( cipher_update_ad( &ctx, buf, 0 )
@ -77,7 +77,7 @@ void cipher_null_args( )
TEST_ASSERT( cipher_finish( &ctx, buf, &olen ) TEST_ASSERT( cipher_finish( &ctx, buf, &olen )
== POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( cipher_write_tag( NULL, buf, olen ) TEST_ASSERT( cipher_write_tag( NULL, buf, olen )
== POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( cipher_write_tag( &ctx, buf, olen ) TEST_ASSERT( cipher_write_tag( &ctx, buf, olen )
@ -157,10 +157,10 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) ); TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
/* encode length number of bytes from inbuf */ /* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) ); TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
@ -174,9 +174,9 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) ); TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
total_len += outlen; total_len += outlen;
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) ); TEST_ASSERT( 0 == cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
TEST_ASSERT( total_len == length || TEST_ASSERT( total_len == length ||
( total_len % cipher_get_block_size( &ctx_enc ) == 0 && ( total_len % cipher_get_block_size( &ctx_enc ) == 0 &&
@ -195,9 +195,9 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
total_len += outlen; total_len += outlen;
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) ); TEST_ASSERT( 0 == cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
/* check result */ /* check result */
TEST_ASSERT( total_len == length ); TEST_ASSERT( total_len == length );
@ -250,9 +250,9 @@ void enc_fail( int cipher_id, int pad_mode, int key_len,
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, 16 ) ); TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, 16 ) );
TEST_ASSERT( 0 == cipher_reset( &ctx ) ); TEST_ASSERT( 0 == cipher_reset( &ctx ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx, NULL, 0 ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx, NULL, 0 ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
/* encode length number of bytes from inbuf */ /* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx, inbuf, length, encbuf, &outlen ) ); TEST_ASSERT( 0 == cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
@ -297,9 +297,9 @@ void dec_empty_buf()
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
/* decode 0-byte string */ /* decode 0-byte string */
TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
@ -359,10 +359,10 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) ); TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, NULL, 0 ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, NULL, 0 ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
/* encode length number of bytes from inbuf */ /* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) ); TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
@ -416,7 +416,7 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
unsigned char ad[200]; unsigned char ad[200];
unsigned char tag[20]; unsigned char tag[20];
size_t key_len, iv_len, cipher_len, clear_len; size_t key_len, iv_len, cipher_len, clear_len;
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
size_t ad_len, tag_len; size_t ad_len, tag_len;
#endif #endif
cipher_context_t ctx; cipher_context_t ctx;
@ -435,7 +435,7 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
iv_len = unhexify( iv, hex_iv ); iv_len = unhexify( iv, hex_iv );
cipher_len = unhexify( cipher, hex_cipher ); cipher_len = unhexify( cipher, hex_cipher );
clear_len = unhexify( clear, hex_clear ); clear_len = unhexify( clear, hex_clear );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
ad_len = unhexify( ad, hex_ad ); ad_len = unhexify( ad, hex_ad );
tag_len = unhexify( tag, hex_tag ); tag_len = unhexify( tag, hex_tag );
#else #else
@ -455,9 +455,9 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, iv_len ) ); TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, iv_len ) );
TEST_ASSERT( 0 == cipher_reset( &ctx ) ); TEST_ASSERT( 0 == cipher_reset( &ctx ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx, ad, ad_len ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx, ad, ad_len ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
/* decode buffer and check tag */ /* decode buffer and check tag */
total_len = 0; total_len = 0;
@ -466,9 +466,9 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen, TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen,
&outlen ) ); &outlen ) );
total_len += outlen; total_len += outlen;
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(POLARSSL_GCM_C)
TEST_ASSERT( tag_result == cipher_check_tag( &ctx, tag, tag_len ) ); TEST_ASSERT( tag_result == cipher_check_tag( &ctx, tag, tag_len ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif
/* check plaintext only if everything went fine */ /* check plaintext only if everything went fine */
if( 0 == finish_result && 0 == tag_result ) if( 0 == finish_result && 0 == tag_result )