From f6299a0b197888b1417ae929dd1bb8df16bf8db6 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 3 May 2013 18:32:54 +0300 Subject: Added umac-128 --- NEWS | 4 ++-- lib/algorithms/mac.c | 1 + lib/includes/gnutls/gnutls.h.in | 1 + lib/nettle/mac.c | 20 ++++++++++++++++++-- 4 files changed, 22 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 93fb2acfb0..db26d5515e 100644 --- a/NEWS +++ b/NEWS @@ -6,9 +6,9 @@ See the end for copying conditions. ** libgnutls: Use nettle's elliptic curve implementation. -** libgnutls: Added Salsa20 cipher (experimental) +** libgnutls: Added Salsa20 cipher -** libgnutls: Added UMAC-96 MAC (experimental) +** libgnutls: Added UMAC-96 and UMAC-128 ** libgnutls: Added support for DTLS 1.2. diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c index 81e038acdf..20529e9fb2 100644 --- a/lib/algorithms/mac.c +++ b/lib/algorithms/mac.c @@ -46,6 +46,7 @@ static const gnutls_hash_entry hash_algorithms[] = { {"SHA512", HASH_OID_SHA512, GNUTLS_MAC_SHA512, 64, 64, 0, 0, 1}, {"SHA224", HASH_OID_SHA224, GNUTLS_MAC_SHA224, 28, 28, 0, 0, 1}, {"UMAC-96", NULL, GNUTLS_MAC_UMAC_96, 12, 16, 8, 0, 1}, + {"UMAC-128", NULL, GNUTLS_MAC_UMAC_128, 16, 16, 8, 0, 1}, {"AEAD", NULL, GNUTLS_MAC_AEAD, 0, 0, 0, 1, 1}, {"MD2", HASH_OID_MD2, GNUTLS_MAC_MD2, 0, 0, 0, 0, 0}, /* not used as MAC */ {"RIPEMD160", HASH_OID_RMD160, GNUTLS_MAC_RMD160, 20, 20, 0, 0, 1}, diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index b2ae65cf77..185187de24 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -236,6 +236,7 @@ extern "C" gnutls_digest_algorithm_t. */ GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */ GNUTLS_MAC_UMAC_96 = 201, + GNUTLS_MAC_UMAC_128 = 202, } gnutls_mac_algorithm_t; /** diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c index 3dfa81dd51..c394e60d2f 100644 --- a/lib/nettle/mac.c +++ b/lib/nettle/mac.c @@ -68,7 +68,8 @@ struct nettle_mac_ctx struct hmac_sha384_ctx sha384; struct hmac_sha512_ctx sha512; struct hmac_sha1_ctx sha1; - struct umac96_ctx umac; + struct umac96_ctx umac96; + struct umac128_ctx umac128; } ctx; void *ctx_ptr; @@ -86,6 +87,12 @@ _wrap_umac96_set_key(void* ctx, unsigned len, const uint8_t* key) return umac96_set_key(ctx, key); } +static void +_wrap_umac128_set_key(void* ctx, unsigned len, const uint8_t* key) +{ + return umac128_set_key(ctx, key); +} + static int _mac_ctx_init(gnutls_mac_algorithm_t algo, struct nettle_mac_ctx *ctx) { ctx->set_nonce = NULL; @@ -138,9 +145,17 @@ static int _mac_ctx_init(gnutls_mac_algorithm_t algo, struct nettle_mac_ctx *ctx ctx->digest = (digest_func) umac96_digest; ctx->set_key = _wrap_umac96_set_key; ctx->set_nonce = (set_nonce_func) umac96_set_nonce; - ctx->ctx_ptr = &ctx->ctx.umac; + ctx->ctx_ptr = &ctx->ctx.umac96; ctx->length = 12; break; + case GNUTLS_MAC_UMAC_128: + ctx->update = (update_func) umac128_update; + ctx->digest = (digest_func) umac128_digest; + ctx->set_key = _wrap_umac128_set_key; + ctx->set_nonce = (set_nonce_func) umac128_set_nonce; + ctx->ctx_ptr = &ctx->ctx.umac128; + ctx->length = 16; + break; default: gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; @@ -182,6 +197,7 @@ static int wrap_nettle_mac_exists(gnutls_mac_algorithm_t algo) case GNUTLS_MAC_SHA384: case GNUTLS_MAC_SHA512: case GNUTLS_MAC_UMAC_96: + case GNUTLS_MAC_UMAC_128: return 1; default: return 0; -- cgit v1.2.1