@@ -54,6 +54,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth)
return "ODP_AUTH_ALG_AES_GMAC";
case ODP_AUTH_ALG_AES_CCM:
return "ODP_AUTH_ALG_AES_CCM";
+ case ODP_AUTH_ALG_AES_CMAC:
+ return "ODP_AUTH_ALG_AES_CMAC";
case ODP_AUTH_ALG_CHACHA20_POLY1305:
return "ODP_AUTH_ALG_CHACHA20_POLY1305";
default:
@@ -503,6 +505,9 @@ static void check_alg(odp_crypto_op_t op,
if (auth_alg == ODP_AUTH_ALG_AES_GMAC &&
!(capa.auths.bit.aes_gmac))
rc = -1;
+ if (auth_alg == ODP_AUTH_ALG_AES_CMAC &&
+ !(capa.auths.bit.aes_cmac))
+ rc = -1;
if (auth_alg == ODP_AUTH_ALG_AES_CCM &&
!(capa.auths.bit.aes_ccm))
rc = -1;
@@ -721,6 +726,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth)
if (!capability.auths.bit.aes_ccm)
return ODP_TEST_INACTIVE;
break;
+ case ODP_AUTH_ALG_AES_CMAC:
+ if (!capability.auths.bit.aes_cmac)
+ return ODP_TEST_INACTIVE;
+ break;
case ODP_AUTH_ALG_CHACHA20_POLY1305:
if (!capability.auths.bit.chacha20_poly1305)
return ODP_TEST_INACTIVE;
@@ -1285,6 +1294,36 @@ static void crypto_test_check_alg_aes_gmac_ovr_iv(void)
true);
}
+static int check_alg_aes_cmac(void)
+{
+ return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_CMAC);
+}
+
+static void crypto_test_gen_alg_aes_cmac(void)
+{
+ unsigned int test_vec_num = (sizeof(aes_cmac_reference) /
+ sizeof(aes_cmac_reference[0]));
+ unsigned int i;
+
+ for (i = 0; i < test_vec_num; i++)
+ check_alg(ODP_CRYPTO_OP_ENCODE,
+ ODP_CIPHER_ALG_NULL,
+ ODP_AUTH_ALG_AES_CMAC,
+ aes_cmac_reference,
+ ARRAY_SIZE(aes_cmac_reference),
+ false);
+}
+
+static void crypto_test_check_alg_aes_cmac(void)
+{
+ check_alg(ODP_CRYPTO_OP_DECODE,
+ ODP_CIPHER_ALG_NULL,
+ ODP_AUTH_ALG_AES_CMAC,
+ aes_cmac_reference,
+ ARRAY_SIZE(aes_cmac_reference),
+ false);
+}
+
int crypto_suite_sync_init(void)
{
suite_context.pool = odp_pool_lookup("packet_pool");
@@ -1414,6 +1453,10 @@ odp_testinfo_t crypto_suite[] = {
check_alg_aes_gmac),
ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv,
check_alg_aes_gmac),
+ ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_cmac,
+ check_alg_aes_cmac),
+ ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_cmac,
+ check_alg_aes_cmac),
ODP_TEST_INFO_NULL,
};
@@ -605,6 +605,103 @@ static crypto_test_reference_t aes_gmac_reference[] = {
},
};
+/*
+ * Test vectors from SP800-38B / CSRC examples
+ * 12-byte vectors are just truncated 16-byte vectors
+ */
+static crypto_test_reference_t aes_cmac_reference[] = {
+ {
+ .auth_key_length = AES128_KEY_LEN,
+ .auth_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+ 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
+ .length = 16,
+ .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
+ .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ },
+ .digest_length = 16,
+ .digest = { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
+ 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c },
+ },
+ {
+ .auth_key_length = AES192_KEY_LEN,
+ .auth_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
+ 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
+ 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b },
+ .length = 16,
+ .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
+ .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ },
+ .digest_length = 16,
+ .digest = { 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
+ 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84 },
+ },
+ {
+ .auth_key_length = AES256_KEY_LEN,
+ .auth_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+ 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+ 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+ 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 },
+ .length = 16,
+ .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
+ .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ },
+ .digest_length = 16,
+ .digest = { 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
+ 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c },
+ },
+ {
+ .auth_key_length = AES128_KEY_LEN,
+ .auth_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+ 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
+ .length = 16,
+ .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
+ .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ },
+ .digest_length = 12,
+ .digest = { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
+ 0xf7, 0x9b, 0xdd, 0x9d },
+ },
+ {
+ .auth_key_length = AES192_KEY_LEN,
+ .auth_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
+ 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
+ 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b },
+ .length = 16,
+ .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
+ .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ },
+ .digest_length = 12,
+ .digest = { 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
+ 0x06, 0x62, 0xf6, 0x5e },
+ },
+ {
+ .auth_key_length = AES256_KEY_LEN,
+ .auth_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+ 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+ 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+ 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 },
+ .length = 16,
+ .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
+ .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ },
+ .digest_length = 12,
+ .digest = { 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
+ 0xbd, 0x4b, 0xf2, 0x8d },
+ }
+};
+
/*
* Test vector from RFC 7539, sections 2.8.2, A.5
*/