1:40 a.m.
---
ell/cipher.c | 23 ++++-------------------
1 file changed, 4 insertions(+), 19 deletions(-)
diff --git a/ell/cipher.c b/ell/cipher.c
index 139331e..ac5248a 100644
--- a/ell/cipher.c
+++ b/ell/cipher.c
@@ -77,17 +77,6 @@ struct af_alg_iv {
#define SOL_ALG 279
#endif
-#ifndef ALG_OP_SIGN
-#define ALG_OP_SIGN 2
-#endif
-#ifndef ALG_OP_VERIFY
-#define ALG_OP_VERIFY 3
-#endif
-
-#ifndef ALG_SET_PUBKEY
-#define ALG_SET_PUBKEY 6
-#endif
-
#define is_valid_type(type) ((type) <= L_CIPHER_DES3_EDE_CBC)
struct l_cipher {
@@ -97,11 +86,10 @@ struct l_cipher {
};
static int create_alg(const char *alg_type, const char *alg_name,
- const void *key, size_t key_length, bool public)
+ const void *key, size_t key_length)
{
struct sockaddr_alg salg;
int sk;
- int keyopt;
int ret;
sk = socket(PF_ALG, SOCK_SEQPACKET | SOCK_CLOEXEC, 0);
@@ -118,8 +106,7 @@ static int create_alg(const char *alg_type, const char *alg_name,
return -1;
}
- keyopt = public ? ALG_SET_PUBKEY : ALG_SET_KEY;
- if (setsockopt(sk, SOL_ALG, keyopt, key, key_length) < 0) {
+ if (setsockopt(sk, SOL_ALG, ALG_SET_KEY, key, key_length) < 0) {
close(sk);
return -1;
}
@@ -164,13 +151,11 @@ LIB_EXPORT struct l_cipher *l_cipher_new(enum l_cipher_type type,
break;
}
- cipher->encrypt_sk = create_alg("skcipher", alg_name, key, key_length,
- false);
+ cipher->encrypt_sk = create_alg("skcipher", alg_name, key, key_length);
if (cipher->encrypt_sk < 0)
goto error_free;
- cipher->decrypt_sk = create_alg("skcipher", alg_name, key, key_length,
- false);
+ cipher->decrypt_sk = create_alg("skcipher", alg_name, key, key_length);
if (cipher->decrypt_sk < 0)
goto error_close;
--
2.11.0
1:40 a.m.
New subject: [PATCH 2/3] cipher: Add AEAD API with AES-CCM
Add new function calls to handle encryption and decryption for
authenticated encryption with associated data (AEAD).
The only AEAD cipher supported so far is AES-CCM.
Requires kernel v4.10 or later for l_cipher_encrypt_aead() and
l_cipher_decrypt_aead() to return the correct length. Earlier kernels have a
bug in AF_ALG aead sockets.
---
ell/cipher.c | 198 +++++++++++++++++++++++++++++++++++++++++++++++++++++------
ell/cipher.h | 15 +++++
2 files changed, 193 insertions(+), 20 deletions(-)
diff --git a/ell/cipher.c b/ell/cipher.c
index ac5248a..7142319 100644
--- a/ell/cipher.c
+++ b/ell/cipher.c
@@ -28,6 +28,7 @@
#include <unistd.h>
#include <errno.h>
#include <sys/socket.h>
+#include <alloca.h>
#include "util.h"
#include "cipher.h"
@@ -86,7 +87,7 @@ struct l_cipher {
};
static int create_alg(const char *alg_type, const char *alg_name,
- const void *key, size_t key_length)
+ const void *key, size_t key_length, size_t tag_length)
{
struct sockaddr_alg salg;
int sk;
@@ -111,18 +112,26 @@ static int create_alg(const char *alg_type, const char *alg_name,
return -1;
}
+ if (tag_length && setsockopt(sk, SOL_ALG, ALG_SET_AEAD_AUTHSIZE, NULL,
+ tag_length)) {
+ close(sk);
+ return -1;
+ }
+
ret = accept4(sk, NULL, 0, SOCK_CLOEXEC);
close(sk);
return ret;
}
-LIB_EXPORT struct l_cipher *l_cipher_new(enum l_cipher_type type,
+LIB_EXPORT struct l_cipher *l_cipher_new_aead(enum l_cipher_type type,
const void *key,
- size_t key_length)
+ size_t key_length,
+ size_t tag_length)
{
struct l_cipher *cipher;
const char *alg_name;
+ const char *type_name;
if (unlikely(!key))
return NULL;
@@ -136,26 +145,37 @@ LIB_EXPORT struct l_cipher *l_cipher_new(enum l_cipher_type type,
switch (type) {
case L_CIPHER_AES:
alg_name = "ecb(aes)";
+ type_name = "skcipher";
break;
case L_CIPHER_AES_CBC:
alg_name = "cbc(aes)";
+ type_name = "skcipher";
+ break;
+ case L_CIPHER_AES_CCM:
+ alg_name = "ccm(aes)";
+ type_name = "aead";
break;
case L_CIPHER_ARC4:
alg_name = "ecb(arc4)";
+ type_name = "skcipher";
break;
case L_CIPHER_DES:
alg_name = "ecb(des)";
+ type_name = "skcipher";
break;
case L_CIPHER_DES3_EDE_CBC:
alg_name = "cbc(des3_ede)";
+ type_name = "skcipher";
break;
}
- cipher->encrypt_sk = create_alg("skcipher", alg_name, key, key_length);
+ cipher->encrypt_sk = create_alg(type_name, alg_name, key, key_length,
+ tag_length);
if (cipher->encrypt_sk < 0)
goto error_free;
- cipher->decrypt_sk = create_alg("skcipher", alg_name, key, key_length);
+ cipher->decrypt_sk = create_alg(type_name, alg_name, key, key_length,
+ tag_length);
if (cipher->decrypt_sk < 0)
goto error_close;
@@ -168,6 +188,13 @@ error_free:
return NULL;
}
+LIB_EXPORT struct l_cipher *l_cipher_new(enum l_cipher_type type,
+ const void *key,
+ size_t key_length)
+{
+ return l_cipher_new_aead(type, key, key_length, 0);
+}
+
LIB_EXPORT void l_cipher_free(struct l_cipher *cipher)
{
if (unlikely(!cipher))
@@ -179,21 +206,50 @@ LIB_EXPORT void l_cipher_free(struct l_cipher *cipher)
l_free(cipher);
}
+static ssize_t build_iv(const void *nonce, uint8_t nonce_len, uint8_t *iv,
+ uint8_t iv_len)
+{
+ const size_t iv_overhead = 2;
+
+ if (nonce_len + iv_overhead > iv_len)
+ return -EINVAL;
+
+ iv[0] = iv_len - iv_overhead - nonce_len;
+ memcpy(iv + 1, nonce, nonce_len);
+
+ /* Assumes that remaining bytes in iv were already zeroed out */
+
+ return iv_len;
+}
+
static ssize_t operate_cipher(int sk, __u32 operation,
- const void *in, void *out, size_t len_in,
- size_t len_out)
+ const void *in, size_t in_len,
+ const void *ad, size_t ad_len,
+ const void *nonce, size_t nonce_len,
+ void *out, size_t out_len,
+ size_t iv_len)
{
- char c_msg_buf[CMSG_SPACE(sizeof(operation))];
+ char *c_msg_buf;
+ size_t c_msg_size;
struct msghdr msg;
struct cmsghdr *c_msg;
- struct iovec iov;
+ struct iovec iov[2];
ssize_t result;
- memset(&c_msg_buf, 0, sizeof(c_msg_buf));
+ c_msg_size = CMSG_SPACE(sizeof(operation));
+ c_msg_size += ad_len ? CMSG_SPACE(sizeof(uint32_t)) : 0;
+ c_msg_size += (nonce && iv_len) ?
+ CMSG_SPACE(sizeof(struct af_alg_iv) + iv_len) : 0;
+
+ c_msg_buf = alloca(c_msg_size);
+
+ memset(c_msg_buf, 0, c_msg_size);
memset(&msg, 0, sizeof(msg));
+ msg.msg_iov = iov;
+
msg.msg_control = c_msg_buf;
- msg.msg_controllen = sizeof(c_msg_buf);
+ msg.msg_controllen = c_msg_size;
c_msg = CMSG_FIRSTHDR(&msg);
c_msg->cmsg_level = SOL_ALG;
@@ -201,17 +257,75 @@ static ssize_t operate_cipher(int sk, __u32 operation,
c_msg->cmsg_len = CMSG_LEN(sizeof(operation));
memcpy(CMSG_DATA(c_msg), &operation, sizeof(operation));
- iov.iov_base = (void *) in;
- iov.iov_len = len_in;
+ if (ad_len) {
+ uint32_t *ad_data;
+
+ c_msg = CMSG_NXTHDR(&msg, c_msg);
+ c_msg->cmsg_level = SOL_ALG;
+ c_msg->cmsg_type = ALG_SET_AEAD_ASSOCLEN;
+ c_msg->cmsg_len = CMSG_LEN(sizeof(*ad_data));
+ ad_data = (void *) CMSG_DATA(c_msg);
+ *ad_data = ad_len;
+
+ iov[0].iov_base = (void *) ad;
+ iov[0].iov_len = ad_len;
+ iov[1].iov_base = (void *) in;
+ iov[1].iov_len = in_len;
+ msg.msg_iovlen = 2;
+ } else {
+ iov[0].iov_base = (void *) in;
+ iov[0].iov_len = in_len;
+ msg.msg_iovlen = 1;
+ }
+
+ if (nonce && iv_len) {
+ struct af_alg_iv *algiv;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
+ c_msg = CMSG_NXTHDR(&msg, c_msg);
+ c_msg->cmsg_level = SOL_ALG;
+ c_msg->cmsg_type = ALG_SET_IV;
+ c_msg->cmsg_len = CMSG_LEN(sizeof(*algiv) + iv_len);
+
+ algiv = (void *)CMSG_DATA(c_msg);
+ algiv->ivlen = iv_len;
+ result = build_iv(nonce, nonce_len, &algiv->iv[0], iv_len);
+ if (result < 0)
+ return result;
+ }
result = sendmsg(sk, &msg, 0);
if (result < 0)
return -errno;
- result = read(sk, out, len_out);
+ if (ad) {
+ /*
+ * When AEAD additional data is passed to sendmsg() for
+ * use in computing the tag, those bytes also appear at
+ * the beginning of the encrypt or decrypt results. Rather
+ * than force the caller to pad their result buffer with
+ * the correct number of bytes for the additional data,
+ * the necessary space is allocated here and then the
+ * duplicate AAD is discarded.
+ */
+ iov[0].iov_base = l_malloc(ad_len);
+ iov[0].iov_len = ad_len;
+ iov[1].iov_base = (void *) out;
+ iov[1].iov_len = out_len;
+ msg.msg_iovlen = 2;
+
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+
+ result = recvmsg(sk, &msg, 0);
+
+ if (result > (ssize_t) ad_len)
+ result -= ad_len;
+
+ l_free(iov[0].iov_base);
+ } else {
+ result = read(sk, out, out_len);
+ }
+
if (result < 0)
return -errno;
@@ -227,8 +341,8 @@ LIB_EXPORT bool l_cipher_encrypt(struct l_cipher *cipher,
if (unlikely(!in) || unlikely(!out))
return false;
- return operate_cipher(cipher->encrypt_sk, ALG_OP_ENCRYPT, in, out, len,
- len) >= 0;
+ return operate_cipher(cipher->encrypt_sk, ALG_OP_ENCRYPT, in, len,
+ NULL, 0, NULL, 0, out, len, 0) >= 0;
}
LIB_EXPORT bool l_cipher_decrypt(struct l_cipher *cipher,
@@ -240,8 +354,8 @@ LIB_EXPORT bool l_cipher_decrypt(struct l_cipher *cipher,
if (unlikely(!in) || unlikely(!out))
return false;
- return operate_cipher(cipher->decrypt_sk, ALG_OP_DECRYPT, in, out, len,
- len) >= 0;
+ return operate_cipher(cipher->decrypt_sk, ALG_OP_DECRYPT, in, len,
+ NULL, 0, NULL, 0, out, len, 0) >= 0;
}
LIB_EXPORT bool l_cipher_set_iv(struct l_cipher *cipher, const uint8_t *iv,
@@ -279,3 +393,47 @@ LIB_EXPORT bool l_cipher_set_iv(struct l_cipher *cipher, const
uint8_t *iv,
return true;
}
+
+static size_t l_cipher_get_ivlen(struct l_cipher *cipher)
+{
+ switch (cipher->type) {
+ case L_CIPHER_AES_CCM:
+ return 16;
+ default:
+ return 0;
+ }
+}
+
+LIB_EXPORT bool l_cipher_encrypt_aead(struct l_cipher *cipher,
+ const void *in, size_t in_len,
+ const void *ad, size_t ad_len,
+ const void *nonce, size_t nonce_len,
+ void *out, size_t out_len)
+{
+ if (unlikely(!cipher))
+ return false;
+
+ if (unlikely(!in) || unlikely(!out))
+ return false;
+
+ return operate_cipher(cipher->encrypt_sk, ALG_OP_ENCRYPT, in, in_len,
+ ad, ad_len, nonce, nonce_len, out, out_len,
+ l_cipher_get_ivlen(cipher)) >= 0;
+}
+
+LIB_EXPORT bool l_cipher_decrypt_aead(struct l_cipher *cipher,
+ const void *in, size_t in_len,
+ const void *ad, size_t ad_len,
+ const void *nonce, size_t nonce_len,
+ void *out, size_t out_len)
+{
+ if (unlikely(!cipher))
+ return false;
+
+ if (unlikely(!in) || unlikely(!out))
+ return false;
+
+ return operate_cipher(cipher->decrypt_sk, ALG_OP_DECRYPT, in, in_len,
+ ad, ad_len, nonce, nonce_len, out, out_len,
+ l_cipher_get_ivlen(cipher)) >= 0;
+}
diff --git a/ell/cipher.h b/ell/cipher.h
index f9ff42f..3aaf05d 100644
--- a/ell/cipher.h
+++ b/ell/cipher.h
@@ -32,6 +32,7 @@ struct l_cipher;
enum l_cipher_type {
L_CIPHER_AES = 0,
L_CIPHER_AES_CBC,
+ L_CIPHER_AES_CCM,
L_CIPHER_ARC4,
L_CIPHER_DES,
L_CIPHER_DES3_EDE_CBC,
@@ -39,14 +40,28 @@ enum l_cipher_type {
struct l_cipher *l_cipher_new(enum l_cipher_type type,
const void *key, size_t key_length);
+struct l_cipher *l_cipher_new_aead(enum l_cipher_type type,
+ const void *key, size_t key_length,
+ size_t tag_length);
void l_cipher_free(struct l_cipher *cipher);
bool l_cipher_encrypt(struct l_cipher *cipher,
const void *in, void *out, size_t len);
+bool l_cipher_encrypt_aead(struct l_cipher *cipher,
+ const void *in, size_t in_len,
+ const void *ad, size_t ad_len,
+ const void *nonce, size_t nonce_len,
+ void *out, size_t out_len);
+
bool l_cipher_decrypt(struct l_cipher *cipher,
const void *in, void *out, size_t len);
+bool l_cipher_decrypt_aead(struct l_cipher *cipher,
+ const void *in, size_t in_len,
+ const void *ad, size_t ad_len,
+ const void *nonce, size_t nonce_len,
+ void *out, size_t out_len);
bool l_cipher_set_iv(struct l_cipher *cipher, const uint8_t *iv,
size_t iv_length);
--
2.11.0
7:32 p.m.
New subject: [PATCH 2/3] cipher: Add AEAD API with AES-CCM
Hi Mat,
<snip>
diff --git a/ell/cipher.h b/ell/cipher.h
index f9ff42f..3aaf05d 100644
--- a/ell/cipher.h
+++ b/ell/cipher.h
@@ -32,6 +32,7 @@ struct l_cipher;
enum l_cipher_type {
L_CIPHER_AES = 0,
L_CIPHER_AES_CBC,
+ L_CIPHER_AES_CCM,
L_CIPHER_ARC4,
L_CIPHER_DES,
L_CIPHER_DES3_EDE_CBC,
@@ -39,14 +40,28 @@ enum l_cipher_type {
struct l_cipher *l_cipher_new(enum l_cipher_type type,
const void *key, size_t key_length);
+struct l_cipher *l_cipher_new_aead(enum l_cipher_type type,
+ const void *key, size_t key_length,
+ size_t tag_length);
I wonder if we should make this a whole new type, similar to how we did
the asymmetric ciphers before keys took that over?
void l_cipher_free(struct l_cipher *cipher);
bool l_cipher_encrypt(struct l_cipher *cipher,
const void *in, void *out, size_t len);
+bool l_cipher_encrypt_aead(struct l_cipher *cipher,
+ const void *in, size_t in_len,
+ const void *ad, size_t ad_len,
+ const void *nonce, size_t nonce_len,
+ void *out, size_t out_len);
Otherwise we get into a situation that encrypt_aead can be called on a
regular cipher or encrypt gets called on an aead cipher...
+
bool l_cipher_decrypt(struct l_cipher *cipher,
const void *in, void *out, size_t len);
+bool l_cipher_decrypt_aead(struct l_cipher *cipher,
+ const void *in, size_t in_len,
+ const void *ad, size_t ad_len,
+ const void *nonce, size_t nonce_len,
+ void *out, size_t out_len);
bool l_cipher_set_iv(struct l_cipher *cipher, const uint8_t *iv,
size_t iv_length);
Regards,
-Denis
7:35 p.m.
New subject: [PATCH 2/3] cipher: Add AEAD API with AES-CCM
On Wed, 21 Dec 2016, Denis Kenzior wrote:
Hi Mat,
<snip>
> diff --git a/ell/cipher.h b/ell/cipher.h
> index f9ff42f..3aaf05d 100644
> --- a/ell/cipher.h
> +++ b/ell/cipher.h
> @@ -32,6 +32,7 @@ struct l_cipher;
> enum l_cipher_type {
> L_CIPHER_AES = 0,
> L_CIPHER_AES_CBC,
> + L_CIPHER_AES_CCM,
> L_CIPHER_ARC4,
> L_CIPHER_DES,
> L_CIPHER_DES3_EDE_CBC,
> @@ -39,14 +40,28 @@ enum l_cipher_type {
>
> struct l_cipher *l_cipher_new(enum l_cipher_type type,
> const void *key, size_t key_length);
> +struct l_cipher *l_cipher_new_aead(enum l_cipher_type type,
> + const void *key, size_t key_length,
> + size_t tag_length);
I wonder if we should make this a whole new type, similar to how we did the
asymmetric ciphers before keys took that over?
Sure, I can change that.
>
> void l_cipher_free(struct l_cipher *cipher);
>
> bool l_cipher_encrypt(struct l_cipher *cipher,
> const void *in, void *out, size_t len);
>
> +bool l_cipher_encrypt_aead(struct l_cipher *cipher,
> + const void *in, size_t in_len,
> + const void *ad, size_t ad_len,
> + const void *nonce, size_t nonce_len,
> + void *out, size_t out_len);
Otherwise we get into a situation that encrypt_aead can be called on a
regular cipher or encrypt gets called on an aead cipher...
> +
> bool l_cipher_decrypt(struct l_cipher *cipher,
> const void *in, void *out, size_t len);
> +bool l_cipher_decrypt_aead(struct l_cipher *cipher,
> + const void *in, size_t in_len,
> + const void *ad, size_t ad_len,
> + const void *nonce, size_t nonce_len,
> + void *out, size_t out_len);
>
> bool l_cipher_set_iv(struct l_cipher *cipher, const uint8_t *iv,
> size_t iv_length);
>
Regards,
--
Mat Martineau
Intel OTC
1:40 a.m.
New subject: [PATCH 3/3] unit: Add AEAD cipher tests
---
unit/test-cipher.c | 105 +++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 105 insertions(+)
diff --git a/unit/test-cipher.c b/unit/test-cipher.c
index eaf97a0..17fa299 100644
--- a/unit/test-cipher.c
+++ b/unit/test-cipher.c
@@ -25,6 +25,7 @@
#endif
#include <assert.h>
+#include <alloca.h>
#include <ell/ell.h>
@@ -122,6 +123,106 @@ static void test_arc4(const void *data)
l_cipher_free(cipher);
}
+struct ccm_test_vector {
+ char *aad;
+ char *plaintext;
+ char *key;
+ char *nonce;
+ char *ciphertext;
+ char *tag;
+};
+
+static const struct ccm_test_vector ccm_long_nonce = {
+ .aad =
+ "333b6b8fda49c6e671bad05c7e2cafa88bd47f9b0aef1a358bc87d04f26f6c82",
+ .plaintext =
+ "1293201eb30ddd693b2eb23c1e6c20d5add2202afc71679ca2eba14f73b77bcd",
+ .key = "fa536cf6c309d45c1baaa658f674758d",
+ .nonce = "e0c5241bf0014ca88511d73a30",
+ .ciphertext =
+ "2e54ebaa38da9a2b03a1147495565c31d07e793b01fd28b2adeacac6f76ae84e",
+ .tag = "e0a03b982c5afc8a937373d7d2b0e7a3"
+};
+
+static const struct ccm_test_vector ccm_short_nonce = {
+ .plaintext =
+ "a3b3fdf26d213f83c5f656b00f77253b68959c188767d584914887602c787595",
+ .aad =
+ "fcc20524894b4603fefb8029eff485a513ce4753d0d3a27c3a2c69088fa7fab7",
+ .key = "7d84efac51291e868c7b7702181a3936",
+ .nonce = "1bb3e62620462a",
+ .ciphertext =
+ "3222192ee773cef4a87175b73b3875320f18b7e016d17d52fb01f0f6ca10bb5f",
+ .tag = "ee007aafe91135c39855ebf3db96d7ff"
+};
+
+static const struct ccm_test_vector ccm_no_aad = {
+ .plaintext =
+ "90795fffab99cffdeee5cadafe448ea4df74c480f9d7e1e481ee49adeee2732a",
+ .aad = "",
+ .key = "7b3da7d5ef41b5eef19cf8fb4ca19519",
+ .nonce = "96722de7516afb",
+ .ciphertext =
+ "9160dd0e0a8ddd13bf4acb0c6f3cf4794c5459d36a378cfb4a31e6b00840d78a",
+ .tag = "efd1dc938802cd845a16f32a60eabd0f"
+};
+
+static void test_aes_ccm(const void *data)
+{
+ struct l_cipher *cipher;
+ char *encbuf;
+ size_t encbuflen;
+ char *decbuf;
+ size_t decbuflen;
+ int r;
+ const struct ccm_test_vector *tv = data;
+
+ size_t ptlen;
+ uint8_t *pt = l_util_from_hexstring(tv->plaintext, &ptlen);
+ size_t aadlen;
+ uint8_t *aad = l_util_from_hexstring(tv->aad, &aadlen);
+ size_t keylen;
+ uint8_t *key = l_util_from_hexstring(tv->key, &keylen);
+ size_t noncelen;
+ uint8_t *nonce = l_util_from_hexstring(tv->nonce, &noncelen);
+ size_t ctlen;
+ uint8_t *ct = l_util_from_hexstring(tv->ciphertext, &ctlen);
+ size_t taglen;
+ uint8_t *tag = l_util_from_hexstring(tv->tag, &taglen);
+
+ encbuflen = ctlen + taglen;
+ encbuf = alloca(encbuflen);
+ memset(encbuf, 0, encbuflen);
+ decbuflen = ptlen;
+ decbuf = alloca(decbuflen);
+ memset(decbuf, 0, decbuflen);
+
+ cipher = l_cipher_new_aead(L_CIPHER_AES_CCM, key, keylen, taglen);
+ assert(cipher);
+
+ l_cipher_encrypt_aead(cipher, pt, ptlen, aad, aadlen,
+ nonce, noncelen, encbuf, encbuflen);
+
+ r = memcmp(encbuf, ct, ctlen);
+ assert(!r);
+ r = memcmp(encbuf + ctlen, tag, taglen);
+ assert(!r);
+
+ l_cipher_decrypt_aead(cipher, encbuf, encbuflen, aad, aadlen, nonce,
+ noncelen, decbuf, decbuflen);
+
+ r = memcmp(decbuf, pt, ptlen);
+ assert(!r);
+
+ l_cipher_free(cipher);
+ l_free(pt);
+ l_free(key);
+ l_free(aad);
+ l_free(nonce);
+ l_free(ct);
+ l_free(tag);
+}
+
int main(int argc, char *argv[])
{
l_test_init(&argc, &argv);
@@ -132,5 +233,9 @@ int main(int argc, char *argv[])
l_test_add("arc4", test_arc4, NULL);
+ l_test_add("aes_ccm long nonce", test_aes_ccm, &ccm_long_nonce);
+ l_test_add("aes_ccm short nonce", test_aes_ccm, &ccm_short_nonce);
+ l_test_add("aes_ccm no AAD", test_aes_ccm, &ccm_no_aad);
+
return l_test_run();
}
--
2.11.0
1531
days inactive
1531
days old
5 comments
2 participants
participants (2)
-
Denis Kenzior -
Mat Martineau