Google Git
Sign in
boringssl/boringssl.git/7a1986c463548627b83ed58d9f9db65bddbce6a5^!/.
commit
7a1986c463548627b83ed58d9f9db65bddbce6a5
[log]
author
Adam Langley <alangley@gmail.com>
Wed Apr 14 16:11:54 2021 -0700
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Thu Apr 15 15:08:29 2021 +0000
tree
e6247ba9fa7b1b9afad43fb357328697359c31e0
parent
94b477cea5057d9372984a311aba9276f737f748 [diff]
acvp: support GMAC as an algorithm.

It's defined as GCM without a plaintext input, so this is trivial.

Change-Id: Id430e998447e489c2bf2dd5c6541877870104ade
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46844
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/util/fipstools/acvp/acvptool/subprocess/subprocess.go b/util/fipstools/acvp/acvptool/subprocess/subprocess.go
index e7a6de9..5256b1e 100644
--- a/util/fipstools/acvp/acvptool/subprocess/subprocess.go
+++ b/util/fipstools/acvp/acvptool/subprocess/subprocess.go

@@ -84,6 +84,7 @@
 		"ACVP-TDES-ECB":  &blockCipher{"3DES-ECB", 8, 3, true, false, iterate3DES},
 		"ACVP-TDES-CBC":  &blockCipher{"3DES-CBC", 8, 3, true, true, iterate3DESCBC},
 		"ACVP-AES-GCM":   &aead{"AES-GCM", false},
+		"ACVP-AES-GMAC":  &aead{"AES-GCM", false},
 		"ACVP-AES-CCM":   &aead{"AES-CCM", true},
 		"ACVP-AES-KW":    &aead{"AES-KW", false},
 		"ACVP-AES-KWP":   &aead{"AES-KWP", false},

diff --git a/util/fipstools/acvp/acvptool/test/expected/ACVP-AES-GMAC.bz2 b/util/fipstools/acvp/acvptool/test/expected/ACVP-AES-GMAC.bz2
new file mode 100644
index 0000000..0ca163b
--- /dev/null
+++ b/util/fipstools/acvp/acvptool/test/expected/ACVP-AES-GMAC.bz2
Binary files differ

diff --git a/util/fipstools/acvp/acvptool/test/tests.json b/util/fipstools/acvp/acvptool/test/tests.json
index 1291adf..6cf549d 100644
--- a/util/fipstools/acvp/acvptool/test/tests.json
+++ b/util/fipstools/acvp/acvptool/test/tests.json

@@ -4,6 +4,7 @@
 {"Wrapper": "modulewrapper", "In": "vectors/ACVP-AES-CTR.bz2", "Out": "expected/ACVP-AES-CTR.bz2"},
 {"Wrapper": "modulewrapper", "In": "vectors/ACVP-AES-ECB.bz2", "Out": "expected/ACVP-AES-ECB.bz2"},
 {"Wrapper": "modulewrapper", "In": "vectors/ACVP-AES-GCM.bz2", "Out": "expected/ACVP-AES-GCM.bz2"},
+{"Wrapper": "modulewrapper", "In": "vectors/ACVP-AES-GMAC.bz2", "Out": "expected/ACVP-AES-GMAC.bz2"},
 {"Wrapper": "modulewrapper", "In": "vectors/ACVP-AES-KW.bz2", "Out": "expected/ACVP-AES-KW.bz2"},
 {"Wrapper": "modulewrapper", "In": "vectors/ACVP-AES-KWP.bz2", "Out": "expected/ACVP-AES-KWP.bz2"},
 {"Wrapper": "testmodulewrapper", "In": "vectors/ACVP-AES-XTS.bz2", "Out": "expected/ACVP-AES-XTS.bz2"},

diff --git a/util/fipstools/acvp/acvptool/test/vectors/ACVP-AES-GMAC.bz2 b/util/fipstools/acvp/acvptool/test/vectors/ACVP-AES-GMAC.bz2
new file mode 100644
index 0000000..8dc01a8
--- /dev/null
+++ b/util/fipstools/acvp/acvptool/test/vectors/ACVP-AES-GMAC.bz2
Binary files differ

diff --git a/util/fipstools/acvp/modulewrapper/modulewrapper.cc b/util/fipstools/acvp/modulewrapper/modulewrapper.cc
index 01e4113..44aa202 100644
--- a/util/fipstools/acvp/modulewrapper/modulewrapper.cc
+++ b/util/fipstools/acvp/modulewrapper/modulewrapper.cc

@@ -306,6 +306,21 @@
         "ivGen": "external"
       },
       {
+        "algorithm": "ACVP-AES-GMAC",
+        "revision": "1.0",
+        "direction": ["encrypt", "decrypt"],
+        "keyLen": [128, 192, 256],
+        "payloadLen": [{
+          "min": 0, "max": 256, "increment": 8
+        }],
+        "aadLen": [{
+          "min": 0, "max": 320, "increment": 8
+        }],
+        "tagLen": [32, 64, 96, 104, 112, 120, 128],
+        "ivLen": [96],
+        "ivGen": "external"
+      },
+      {
         "algorithm": "ACVP-AES-KW",
         "revision": "1.0",
         "direction": [