diff options
| author | Richard Barnes <rlb@ipv.sx> | 2018-05-18 10:03:58 -0400 |
|---|---|---|
| committer | Richard Barnes <rlb@ipv.sx> | 2018-07-27 15:10:58 -0400 |
| commit | 27234c5f92dd0a47963b444410a30f972ead495b (patch) | |
| tree | 8ee3c192a4efbf1d77a4a09cb7135a1987769b02 | |
| parent | 5935a2534140b2284b90dbc53be6f6e6a4c8006a (diff) | |
| download | libsrtp2-27234c5f92dd0a47963b444410a30f972ead495b.tar.gz | |
GCM passes crypto tests
| -rw-r--r-- | Makefile.in | 18 | ||||
| -rw-r--r-- | crypto/cipher/aes_gcm_nss.c | 26 | ||||
| -rw-r--r-- | crypto/cipher/cipher.c | 3 | ||||
| -rw-r--r-- | crypto/include/aes_gcm.h | 2 | ||||
| -rw-r--r-- | crypto/test/cipher_driver.c | 12 |
5 files changed, 37 insertions, 24 deletions
diff --git a/Makefile.in b/Makefile.in index 37665b0..48f7c09 100644 --- a/Makefile.in +++ b/Makefile.in @@ -28,16 +28,16 @@ runtest: test @echo "running libsrtp2 test applications..." # XXX(RLB): This is a hack $(FIND_LIBRARIES) crypto/test/cipher_driver$(EXE) -v >/dev/null - crypto/test/kernel_driver$(EXE) -v >/dev/null - test/test_srtp$(EXE) >/dev/null - test/rdbx_driver$(EXE) -v >/dev/null - test/srtp_driver$(EXE) -v >/dev/null - test/roc_driver$(EXE) -v >/dev/null - test/replay_driver$(EXE) -v >/dev/null - test/dtls_srtp_driver$(EXE) >/dev/null - cd test; $(abspath $(srcdir))/test/rtpw_test.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null + $(FIND_LIBRARIES) crypto/test/kernel_driver$(EXE) -v >/dev/null + $(FIND_LIBRARIES) test/test_srtp$(EXE) >/dev/null + $(FIND_LIBRARIES) test/rdbx_driver$(EXE) -v >/dev/null + $(FIND_LIBRARIES) test/srtp_driver$(EXE) -v >/dev/null + $(FIND_LIBRARIES) test/roc_driver$(EXE) -v >/dev/null + $(FIND_LIBRARIES) test/replay_driver$(EXE) -v >/dev/null + $(FIND_LIBRARIES) test/dtls_srtp_driver$(EXE) >/dev/null + $(FIND_LIBRARIES) cd test; $(abspath $(srcdir))/test/rtpw_test.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null ifeq (1, $(USE_EXTERNAL_CRYPTO)) - cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null + $(FIND_LIBRARIES) cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null endif @echo "libsrtp2 test applications passed." $(MAKE) -C crypto runtest diff --git a/crypto/cipher/aes_gcm_nss.c b/crypto/cipher/aes_gcm_nss.c index aef3870..a55fd4f 100644 --- a/crypto/cipher/aes_gcm_nss.c +++ b/crypto/cipher/aes_gcm_nss.c @@ -123,12 +123,14 @@ static srtp_err_status_t srtp_aes_gcm_nss_alloc(srtp_cipher_t **c, (*c)->type = &srtp_aes_gcm_128; (*c)->algorithm = SRTP_AES_GCM_128; gcm->key_size = SRTP_AES_128_KEY_LEN; + gcm->tag_size = tlen; gcm->params.ulTagBits = 8*tlen; break; case SRTP_AES_GCM_256_KEY_LEN_WSALT: (*c)->type = &srtp_aes_gcm_256; (*c)->algorithm = SRTP_AES_GCM_256; gcm->key_size = SRTP_AES_256_KEY_LEN; + gcm->tag_size = tlen; gcm->params.ulTagBits = 8*tlen; break; } @@ -254,7 +256,7 @@ static srtp_err_status_t srtp_aes_gcm_nss_do_crypto(void *cv, int encrypt, buf, enc_len, *enc_len + 16, buf, *enc_len); } else { - rv = PK11_Encrypt(key, CKM_AES_GCM, ¶m, + rv = PK11_Decrypt(key, CKM_AES_GCM, ¶m, buf, enc_len, *enc_len + 16, buf, *enc_len); } @@ -273,6 +275,11 @@ static srtp_err_status_t srtp_aes_gcm_nss_do_crypto(void *cv, int encrypt, /* * This function encrypts a buffer using AES GCM mode * + * XXX(rlb@ipv.sx): We're required to break off and cache the tag + * here, because the get_tag() method is separate and the tests expect + * encrypt() not to change the size of the plaintext. It might be + * good to update the calling API so that this is cleaner. + * * Parameters: * c Crypto context * buf data to encrypt @@ -282,7 +289,17 @@ static srtp_err_status_t srtp_aes_gcm_nss_encrypt(void *cv, unsigned char *buf, unsigned int *enc_len) { - return srtp_aes_gcm_nss_do_crypto(cv, 1, buf, enc_len); + srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; + int in_len = *enc_len; + + srtp_err_status_t status = srtp_aes_gcm_nss_do_crypto(cv, 1, buf, enc_len); + if (status != srtp_err_status_ok) { + return status; + } + + memcpy(c->tag, buf + in_len, c->tag_size); + *enc_len -= c->tag_size; + return srtp_err_status_ok; } /* @@ -300,8 +317,9 @@ static srtp_err_status_t srtp_aes_gcm_nss_get_tag(void *cv, uint8_t *buf, uint32_t *len) { - // This function is a noop for the NSS implementation of GCM, - // because the tag is added in the encrypt() call. + srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; + *len = c->tag_size; + memcpy(buf, c->tag, c->tag_size); return (srtp_err_status_ok); } diff --git a/crypto/cipher/cipher.c b/crypto/cipher/cipher.c index f230852..6ba4bba 100644 --- a/crypto/cipher/cipher.c +++ b/crypto/cipher/cipher.c @@ -271,9 +271,6 @@ srtp_err_status_t srtp_cipher_type_test( buffer, test_case->plaintext_length_octets)); /* set the initialization vector */ - //debug_print(srtp_mod_cipher, "IV: %s", - // srtp_octet_string_hex_string(test_case->idx, 12)); - status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx, srtp_direction_encrypt); if (status) { diff --git a/crypto/include/aes_gcm.h b/crypto/include/aes_gcm.h index 43a9fc6..dce1ac1 100644 --- a/crypto/include/aes_gcm.h +++ b/crypto/include/aes_gcm.h @@ -70,9 +70,11 @@ typedef struct { typedef struct { int key_size; + int tag_size; srtp_cipher_direction_t dir; uint8_t key[32]; CK_GCM_PARAMS params; + uint8_t tag[16]; } srtp_aes_gcm_ctx_t; #endif /* NSS */ diff --git a/crypto/test/cipher_driver.c b/crypto/test/cipher_driver.c index 1a08ead..bf716f1 100644 --- a/crypto/test/cipher_driver.c +++ b/crypto/test/cipher_driver.c @@ -291,10 +291,8 @@ int main(int argc, char *argv[]) cipher_driver_test_throughput(c); } - if (do_validation) { - status = cipher_driver_test_buffering(c); - check_status(status); - } + // GCM ciphers don't do buffering; they're "one shot" + status = srtp_cipher_dealloc(c); check_status(status); @@ -311,10 +309,8 @@ int main(int argc, char *argv[]) cipher_driver_test_throughput(c); } - if (do_validation) { - status = cipher_driver_test_buffering(c); - check_status(status); - } + // GCM ciphers don't do buffering; they're "one shot" + status = srtp_cipher_dealloc(c); check_status(status); #endif |