openssl-cmac 2.0.1 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -3
- data/lib/openssl/cmac/version.rb +3 -1
- data/lib/openssl/cmac.rb +44 -33
- metadata +12 -124
- data/.rubocop.yml +0 -12
- data/.yardopts +0 -4
- data/Gemfile +0 -8
- data/Rakefile +0 -31
- data/test/test_cmac.rb +0 -167
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eeaa9487886f72ffd7c689661ccd9d8dd0686e96df697963658f2d262fd1faea
|
|
4
|
+
data.tar.gz: 330603ff0c555473cfa1506b0de06bde9b365c3ba0b2f78da6edf1b747fb6e6b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: daccd0c4ae792fce56c26ba8540e2d5c1afe530dd75f55982028b12cfe389fede43918202000caedef08bdd2f8d28e31551dde5dec5cc118dee424d1f454bfaf
|
|
7
|
+
data.tar.gz: 310141d8937441a8bd77c70d09542305a9bfe6cf8b04733a58f84cad27ee0bf2ff64fd726abf8a01f842142ad4764da724e5eae659bc2516b35e0f31143144aa
|
data/README.md
CHANGED
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
[](http://badge.fury.io/rb/openssl-cmac)
|
|
2
|
-
[](https://gemnasium.com/SmallLars/openssl-cmac)
|
|
3
|
-
[](https://travis-ci.org/SmallLars/openssl-cmac)
|
|
4
2
|
[](https://coveralls.io/r/SmallLars/openssl-cmac)
|
|
5
|
-
[](https://qlty.sh/gh/SmallLars/projects/openssl-cmac)
|
|
6
4
|
[](http://inch-ci.org/github/smalllars/openssl-cmac)
|
|
7
5
|
|
|
8
6
|
# openssl-cmac
|
data/lib/openssl/cmac/version.rb
CHANGED
data/lib/openssl/cmac.rb
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'openssl'
|
|
2
4
|
|
|
5
|
+
# Extends Ruby's standard OpenSSL module with the CCM (Counter with CBC-MAC) class.
|
|
6
|
+
#
|
|
7
|
+
# This module is part of Ruby's standard library and is only reopened here
|
|
8
|
+
# to provide support for the CCM authenticated encryption mode (as defined in RFC 3610).
|
|
3
9
|
module OpenSSL
|
|
4
10
|
# CMACError used for wrong parameter resonse.
|
|
5
11
|
class CMACError < StandardError
|
|
@@ -42,8 +48,6 @@ module OpenSSL
|
|
|
42
48
|
CMAC.new(cipher, key).update(data).digest(length)
|
|
43
49
|
end
|
|
44
50
|
|
|
45
|
-
public
|
|
46
|
-
|
|
47
51
|
# Returns an instance of OpenSSL::CMAC set with the cipher algorithm and
|
|
48
52
|
# key to be used. The instance represents the initial state of the message
|
|
49
53
|
# authentication code before any data has been processed. To process data
|
|
@@ -54,12 +58,10 @@ module OpenSSL
|
|
|
54
58
|
#
|
|
55
59
|
# @return [Object] the new CMAC object
|
|
56
60
|
def initialize(cipher, key = '')
|
|
57
|
-
unless CMAC.ciphers.include?(cipher.upcase)
|
|
58
|
-
fail CMACError, "unsupported cipher algorithm (#{cipher})"
|
|
59
|
-
end
|
|
61
|
+
raise CMACError, "unsupported cipher algorithm (#{cipher})" unless CMAC.ciphers.include?(cipher.upcase)
|
|
60
62
|
|
|
61
63
|
@keys = []
|
|
62
|
-
@buffer =
|
|
64
|
+
@buffer = String.new.force_encoding('ASCII-8BIT')
|
|
63
65
|
@cipher = OpenSSL::Cipher.new("#{cipher.upcase}-128-CBC")
|
|
64
66
|
|
|
65
67
|
self.key = key unless key == ''
|
|
@@ -69,27 +71,13 @@ module OpenSSL
|
|
|
69
71
|
# with all processed data cleared from it.
|
|
70
72
|
#
|
|
71
73
|
# @param key [String] binary key string
|
|
72
|
-
#
|
|
73
|
-
# @return [Object] self with initial state and new key
|
|
74
74
|
def key=(key)
|
|
75
75
|
reset
|
|
76
76
|
key = CMAC.digest('AES', "\x00" * 16, key, 16) unless key.b.length == 16
|
|
77
77
|
|
|
78
78
|
@keys[0] = key.dup
|
|
79
79
|
@cipher.key = @keys[0]
|
|
80
|
-
|
|
81
|
-
cipher = OpenSSL::Cipher.new(@cipher.name)
|
|
82
|
-
cipher.encrypt
|
|
83
|
-
cipher.key = @keys[0]
|
|
84
|
-
k = (cipher.update("\x00" * 16) + cipher.final).bytes[0...16]
|
|
85
|
-
1.upto(2) do |i|
|
|
86
|
-
k = k.pack('C*').unpack('B*')[0]
|
|
87
|
-
msb = k.slice!(0)
|
|
88
|
-
k = [k, '0'].pack('B*').bytes
|
|
89
|
-
k[15] ^= 0x87 if msb == '1'
|
|
90
|
-
@keys[i] = k.dup
|
|
91
|
-
end
|
|
92
|
-
self
|
|
80
|
+
generate_subkey
|
|
93
81
|
end
|
|
94
82
|
|
|
95
83
|
# Alias for: update
|
|
@@ -123,11 +111,7 @@ module OpenSSL
|
|
|
123
111
|
#
|
|
124
112
|
# @return [Object] self with initial state
|
|
125
113
|
def reset
|
|
126
|
-
|
|
127
|
-
@buffer.clear
|
|
128
|
-
@cipher.reset unless @keys[0].nil?
|
|
129
|
-
@cipher.encrypt
|
|
130
|
-
self
|
|
114
|
+
reset_with_key
|
|
131
115
|
end
|
|
132
116
|
|
|
133
117
|
# Returns self updated with the message to be authenticated.
|
|
@@ -137,7 +121,7 @@ module OpenSSL
|
|
|
137
121
|
#
|
|
138
122
|
# @return [Object] self with new state
|
|
139
123
|
def update(data)
|
|
140
|
-
|
|
124
|
+
raise CMACError, 'no key is set' if @keys[0].nil?
|
|
141
125
|
|
|
142
126
|
@buffer += data
|
|
143
127
|
@cipher.update(@buffer.slice!(0...16)) while @buffer.length > 16
|
|
@@ -148,22 +132,49 @@ module OpenSSL
|
|
|
148
132
|
#
|
|
149
133
|
# @param length [Number] length of the authentication code
|
|
150
134
|
def digest(length = 16)
|
|
151
|
-
|
|
152
|
-
|
|
135
|
+
raise CMACError, 'no key is set' if @keys[0].nil?
|
|
136
|
+
raise CMACError, 'no key is set' unless length.between?(1, 16)
|
|
153
137
|
|
|
154
138
|
block = @buffer.bytes
|
|
155
|
-
@buffer.clear
|
|
156
139
|
k = @keys[block.length == 16 ? 1 : 2].dup
|
|
157
140
|
i = block.length.times { |t| k[t] ^= block[t] }
|
|
158
141
|
k[i] ^= 0x80 if i < 16
|
|
159
142
|
mac = @cipher.update(k.pack('C*')) + @cipher.final
|
|
160
|
-
@
|
|
161
|
-
@cipher.encrypt
|
|
162
|
-
@cipher.key = @keys[0]
|
|
143
|
+
reset_with_key(@keys[0])
|
|
163
144
|
# Each block is 16-bytes and the last block will always be PKCS#7 padding
|
|
164
145
|
# which we want to discard. Take the last block prior to the padding for
|
|
165
146
|
# the MAC.
|
|
166
147
|
mac[-32...(-32 + length)]
|
|
167
148
|
end
|
|
149
|
+
|
|
150
|
+
private
|
|
151
|
+
|
|
152
|
+
def reset_with_key(key = '')
|
|
153
|
+
@buffer.clear
|
|
154
|
+
@cipher.reset
|
|
155
|
+
@cipher.encrypt
|
|
156
|
+
@cipher.iv = "\x00" * 16
|
|
157
|
+
|
|
158
|
+
if key.empty?
|
|
159
|
+
@keys.clear
|
|
160
|
+
else
|
|
161
|
+
@cipher.key = key
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
self
|
|
165
|
+
end
|
|
166
|
+
|
|
167
|
+
def generate_subkey
|
|
168
|
+
cipher = OpenSSL::Cipher.new(@cipher.name).encrypt
|
|
169
|
+
cipher.key = @keys[0]
|
|
170
|
+
k = (cipher.update("\x00" * 16) + cipher.final).bytes[0...16]
|
|
171
|
+
1.upto(2) do |i|
|
|
172
|
+
k = k.pack('C*').unpack('B*')[0]
|
|
173
|
+
msb = k.slice!(0)
|
|
174
|
+
k = [k, '0'].pack('B*').bytes
|
|
175
|
+
k[15] ^= 0x87 if msb == '1'
|
|
176
|
+
@keys[i] = k.dup
|
|
177
|
+
end
|
|
178
|
+
end
|
|
168
179
|
end
|
|
169
180
|
end
|
metadata
CHANGED
|
@@ -1,136 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openssl-cmac
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Maxim M. Chechel
|
|
8
8
|
- Lars Schmertmann
|
|
9
|
-
autorequire:
|
|
10
9
|
bindir: bin
|
|
11
10
|
cert_chain: []
|
|
12
|
-
date:
|
|
11
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
13
12
|
dependencies:
|
|
14
13
|
- !ruby/object:Gem::Dependency
|
|
15
|
-
name:
|
|
14
|
+
name: openssl
|
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
|
17
16
|
requirements:
|
|
18
17
|
- - "~>"
|
|
19
18
|
- !ruby/object:Gem::Version
|
|
20
|
-
version: '
|
|
21
|
-
|
|
22
|
-
- !ruby/object:Gem::Version
|
|
23
|
-
version: 12.3.2
|
|
24
|
-
type: :development
|
|
25
|
-
prerelease: false
|
|
26
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
27
|
-
requirements:
|
|
28
|
-
- - "~>"
|
|
29
|
-
- !ruby/object:Gem::Version
|
|
30
|
-
version: '12.3'
|
|
31
|
-
- - ">="
|
|
32
|
-
- !ruby/object:Gem::Version
|
|
33
|
-
version: 12.3.2
|
|
34
|
-
- !ruby/object:Gem::Dependency
|
|
35
|
-
name: rdoc
|
|
36
|
-
requirement: !ruby/object:Gem::Requirement
|
|
37
|
-
requirements:
|
|
38
|
-
- - ">="
|
|
39
|
-
- !ruby/object:Gem::Version
|
|
40
|
-
version: 4.3.0
|
|
41
|
-
- - "~>"
|
|
42
|
-
- !ruby/object:Gem::Version
|
|
43
|
-
version: '4.3'
|
|
44
|
-
type: :development
|
|
45
|
-
prerelease: false
|
|
46
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
47
|
-
requirements:
|
|
48
|
-
- - ">="
|
|
49
|
-
- !ruby/object:Gem::Version
|
|
50
|
-
version: 4.3.0
|
|
51
|
-
- - "~>"
|
|
52
|
-
- !ruby/object:Gem::Version
|
|
53
|
-
version: '4.3'
|
|
54
|
-
- !ruby/object:Gem::Dependency
|
|
55
|
-
name: yard
|
|
56
|
-
requirement: !ruby/object:Gem::Requirement
|
|
57
|
-
requirements:
|
|
58
|
-
- - "~>"
|
|
59
|
-
- !ruby/object:Gem::Version
|
|
60
|
-
version: '0.9'
|
|
61
|
-
- - ">="
|
|
62
|
-
- !ruby/object:Gem::Version
|
|
63
|
-
version: 0.9.16
|
|
64
|
-
type: :development
|
|
65
|
-
prerelease: false
|
|
66
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
67
|
-
requirements:
|
|
68
|
-
- - "~>"
|
|
69
|
-
- !ruby/object:Gem::Version
|
|
70
|
-
version: '0.9'
|
|
71
|
-
- - ">="
|
|
72
|
-
- !ruby/object:Gem::Version
|
|
73
|
-
version: 0.9.16
|
|
74
|
-
- !ruby/object:Gem::Dependency
|
|
75
|
-
name: rubocop
|
|
76
|
-
requirement: !ruby/object:Gem::Requirement
|
|
77
|
-
requirements:
|
|
78
|
-
- - ">="
|
|
79
|
-
- !ruby/object:Gem::Version
|
|
80
|
-
version: 0.50.0
|
|
81
|
-
- - "~>"
|
|
82
|
-
- !ruby/object:Gem::Version
|
|
83
|
-
version: '0.50'
|
|
84
|
-
type: :development
|
|
85
|
-
prerelease: false
|
|
86
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
87
|
-
requirements:
|
|
88
|
-
- - ">="
|
|
89
|
-
- !ruby/object:Gem::Version
|
|
90
|
-
version: 0.50.0
|
|
91
|
-
- - "~>"
|
|
92
|
-
- !ruby/object:Gem::Version
|
|
93
|
-
version: '0.50'
|
|
94
|
-
- !ruby/object:Gem::Dependency
|
|
95
|
-
name: test-unit
|
|
96
|
-
requirement: !ruby/object:Gem::Requirement
|
|
97
|
-
requirements:
|
|
98
|
-
- - "~>"
|
|
99
|
-
- !ruby/object:Gem::Version
|
|
100
|
-
version: '3.2'
|
|
101
|
-
- - ">="
|
|
102
|
-
- !ruby/object:Gem::Version
|
|
103
|
-
version: 3.2.9
|
|
104
|
-
type: :development
|
|
105
|
-
prerelease: false
|
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
-
requirements:
|
|
108
|
-
- - "~>"
|
|
109
|
-
- !ruby/object:Gem::Version
|
|
110
|
-
version: '3.2'
|
|
111
|
-
- - ">="
|
|
112
|
-
- !ruby/object:Gem::Version
|
|
113
|
-
version: 3.2.9
|
|
114
|
-
- !ruby/object:Gem::Dependency
|
|
115
|
-
name: coveralls
|
|
116
|
-
requirement: !ruby/object:Gem::Requirement
|
|
117
|
-
requirements:
|
|
118
|
-
- - "~>"
|
|
119
|
-
- !ruby/object:Gem::Version
|
|
120
|
-
version: '0.8'
|
|
121
|
-
- - ">="
|
|
122
|
-
- !ruby/object:Gem::Version
|
|
123
|
-
version: 0.8.22
|
|
124
|
-
type: :development
|
|
19
|
+
version: '3.0'
|
|
20
|
+
type: :runtime
|
|
125
21
|
prerelease: false
|
|
126
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
127
23
|
requirements:
|
|
128
24
|
- - "~>"
|
|
129
25
|
- !ruby/object:Gem::Version
|
|
130
|
-
version: '0
|
|
131
|
-
- - ">="
|
|
132
|
-
- !ruby/object:Gem::Version
|
|
133
|
-
version: 0.8.22
|
|
26
|
+
version: '3.0'
|
|
134
27
|
description: Ruby Gem for RFC 4493, 4494, 4615 - The AES-CMAC Algorithm
|
|
135
28
|
email:
|
|
136
29
|
- maximchick@gmail.com
|
|
@@ -138,22 +31,19 @@ email:
|
|
|
138
31
|
executables: []
|
|
139
32
|
extensions: []
|
|
140
33
|
extra_rdoc_files:
|
|
141
|
-
- README.md
|
|
142
34
|
- LICENSE
|
|
35
|
+
- README.md
|
|
143
36
|
files:
|
|
144
|
-
- ".rubocop.yml"
|
|
145
|
-
- ".yardopts"
|
|
146
|
-
- Gemfile
|
|
147
37
|
- LICENSE
|
|
148
38
|
- README.md
|
|
149
|
-
- Rakefile
|
|
150
39
|
- lib/openssl/cmac.rb
|
|
151
40
|
- lib/openssl/cmac/version.rb
|
|
152
|
-
- test/test_cmac.rb
|
|
153
41
|
homepage: https://github.com/smalllars/openssl-cmac
|
|
154
42
|
licenses:
|
|
155
43
|
- MIT
|
|
156
|
-
metadata:
|
|
44
|
+
metadata:
|
|
45
|
+
rubygems_mfa_required: 'true'
|
|
46
|
+
source_code_uri: https://github.com/smalllars/openssl-cmac
|
|
157
47
|
post_install_message: Thanks for installing!
|
|
158
48
|
rdoc_options:
|
|
159
49
|
- "-x"
|
|
@@ -171,9 +61,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
171
61
|
- !ruby/object:Gem::Version
|
|
172
62
|
version: '0'
|
|
173
63
|
requirements: []
|
|
174
|
-
rubygems_version: 3.
|
|
175
|
-
signing_key:
|
|
64
|
+
rubygems_version: 3.6.9
|
|
176
65
|
specification_version: 4
|
|
177
66
|
summary: RFC 4493, 4494, 4615 - CMAC
|
|
178
|
-
test_files:
|
|
179
|
-
- test/test_cmac.rb
|
|
67
|
+
test_files: []
|
data/.rubocop.yml
DELETED
data/.yardopts
DELETED
data/Gemfile
DELETED
data/Rakefile
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
require './lib/openssl/cmac/version'
|
|
2
|
-
require "bundler/gem_tasks"
|
|
3
|
-
require 'rake/testtask'
|
|
4
|
-
|
|
5
|
-
task :default => :build
|
|
6
|
-
|
|
7
|
-
desc "Run tests"
|
|
8
|
-
Rake::TestTask.new do |t|
|
|
9
|
-
t.libs << 'test'
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
desc "Create documentation"
|
|
13
|
-
task :doc do
|
|
14
|
-
sh "gem rdoc --rdoc openssl-cmac"
|
|
15
|
-
sh "yardoc"
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
desc "Uninstall and clean documentation"
|
|
19
|
-
task :clean do
|
|
20
|
-
sh "gem uninstall openssl-cmac"
|
|
21
|
-
begin; sh "rm -R ./coverage"; rescue; end
|
|
22
|
-
begin; sh "rm -R ./.yardoc"; rescue; end
|
|
23
|
-
begin; sh "rm -R ./doc"; rescue; end
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
desc "Development Dependencies"
|
|
27
|
-
task (:devinst) { sh "gem install --dev ./pkg/openssl-cmac-#{OpenSSL::CMAC::VERSION}.gem" }
|
|
28
|
-
|
|
29
|
-
desc "Bundle install"
|
|
30
|
-
task (:bundle) { sh "bundle install" }
|
|
31
|
-
|
data/test/test_cmac.rb
DELETED
|
@@ -1,167 +0,0 @@
|
|
|
1
|
-
require 'coveralls'
|
|
2
|
-
Coveralls.wear!
|
|
3
|
-
require 'test/unit'
|
|
4
|
-
require 'openssl/cmac'
|
|
5
|
-
|
|
6
|
-
# Testclass with Test Vectors from RFC's
|
|
7
|
-
class CMACTest < Test::Unit::TestCase
|
|
8
|
-
# http://tools.ietf.org/html/rfc4493#section-4
|
|
9
|
-
KEY = ['2b7e151628aed2a6abf7158809cf4f3c'].pack('H*')
|
|
10
|
-
DATA = [[''].pack('H*'),
|
|
11
|
-
['6bc1bee22e409f96e93d7e117393172a'].pack('H*'),
|
|
12
|
-
['6bc1bee22e409f96e93d7e117393172a'\
|
|
13
|
-
'ae2d8a571e03ac9c9eb76fac45af8e51'\
|
|
14
|
-
'30c81c46a35ce411'].pack('H*'),
|
|
15
|
-
['6bc1bee22e409f96e93d7e117393172a'\
|
|
16
|
-
'ae2d8a571e03ac9c9eb76fac45af8e51'\
|
|
17
|
-
'30c81c46a35ce411e5fbc1191a0a52ef'\
|
|
18
|
-
'f69f2445df4f9b17ad2b417be66c3710'].pack('H*')]
|
|
19
|
-
MAC = %w(bb1d6929e95937287fa37d129b756746
|
|
20
|
-
070a16b46b4d4144f79bdd9dd04a287c
|
|
21
|
-
dfa66747de9ae63030ca32611497c827
|
|
22
|
-
51f0bebf7e3b9d92fc49741779363cfe)
|
|
23
|
-
|
|
24
|
-
# http://tools.ietf.org/html/rfc4615#section-4
|
|
25
|
-
PRF_KEYS = [['000102030405060708090a0b0c0d0e0fedcb'].pack('H*'),
|
|
26
|
-
['000102030405060708090a0b0c0d0e0f'].pack('H*'),
|
|
27
|
-
['00010203040506070809'].pack('H*')]
|
|
28
|
-
PRF_DATA = ['000102030405060708090a0b0c0d0e0f10111213'].pack('H*')
|
|
29
|
-
PRF_OUTS = %w(84a348a4a45d235babfffc0d2b4da09a
|
|
30
|
-
980ae87b5f4c9c5214f5b6a8455e4c2d
|
|
31
|
-
290d9e112edb09ee141fcf64c0b72f3d)
|
|
32
|
-
|
|
33
|
-
def test_cmac_keys
|
|
34
|
-
cmac = OpenSSL::CMAC.new('AES')
|
|
35
|
-
cmac.key = KEY
|
|
36
|
-
check_keys(cmac)
|
|
37
|
-
|
|
38
|
-
cmac = OpenSSL::CMAC.new('AES', KEY)
|
|
39
|
-
check_keys(cmac)
|
|
40
|
-
|
|
41
|
-
assert(cmac.instance_variable_get(:@buffer).empty?, 'Wrong buffer')
|
|
42
|
-
cmac.update(DATA[2])
|
|
43
|
-
assert(cmac.instance_variable_get(:@buffer).length == 8, 'Wrong buffer')
|
|
44
|
-
cmac.update(DATA[2])
|
|
45
|
-
assert(cmac.instance_variable_get(:@buffer).length == 16, 'Wrong buffer')
|
|
46
|
-
|
|
47
|
-
cmac.reset
|
|
48
|
-
assert(cmac.instance_variable_get(:@keys)[0].nil?, 'Reset fail')
|
|
49
|
-
assert(cmac.instance_variable_get(:@keys)[1].nil?, 'Reset fail')
|
|
50
|
-
assert(cmac.instance_variable_get(:@keys)[2].nil?, 'Reset fail')
|
|
51
|
-
assert_equal('', cmac.instance_variable_get(:@buffer), 'Reset fail')
|
|
52
|
-
|
|
53
|
-
assert_raise(OpenSSL::CMACError) { cmac.update(DATA[2]) }
|
|
54
|
-
assert_raise(OpenSSL::CMACError) { cmac.digest }
|
|
55
|
-
|
|
56
|
-
cmac.key = KEY
|
|
57
|
-
check_keys(cmac)
|
|
58
|
-
|
|
59
|
-
m = cmac.update(DATA[2]).digest.unpack('H*')[0]
|
|
60
|
-
assert_equal(MAC[2], m)
|
|
61
|
-
end
|
|
62
|
-
|
|
63
|
-
def check_keys(cmac)
|
|
64
|
-
assert_equal(
|
|
65
|
-
'2b7e151628aed2a6abf7158809cf4f3c',
|
|
66
|
-
cmac.instance_variable_get(:@keys)[0].unpack('H*')[0],
|
|
67
|
-
'Key ERROR'
|
|
68
|
-
)
|
|
69
|
-
assert_equal(
|
|
70
|
-
'fbeed618357133667c85e08f7236a8de',
|
|
71
|
-
cmac.instance_variable_get(:@keys)[1].pack('C*').unpack('H*')[0],
|
|
72
|
-
'SubKey 1 ERROR'
|
|
73
|
-
)
|
|
74
|
-
|
|
75
|
-
assert_equal(
|
|
76
|
-
'f7ddac306ae266ccf90bc11ee46d513b',
|
|
77
|
-
cmac.instance_variable_get(:@keys)[2].pack('C*').unpack('H*')[0],
|
|
78
|
-
'SubKey 2 ERROR'
|
|
79
|
-
)
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
def test_cmac_vars
|
|
83
|
-
cmac = OpenSSL::CMAC.new('AES')
|
|
84
|
-
assert_equal(16, cmac.block_length)
|
|
85
|
-
assert_equal(16, cmac.digest_max_length)
|
|
86
|
-
assert_equal('CMAC with AES', cmac.name)
|
|
87
|
-
end
|
|
88
|
-
|
|
89
|
-
def test_cmac_update
|
|
90
|
-
for cipher in ['aes', 'AES']
|
|
91
|
-
# Test with 1 call of update and new CCM object for each test.
|
|
92
|
-
DATA.length.times do |i|
|
|
93
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
94
|
-
m = cmac.update(DATA[i]).digest.unpack('H*')[0]
|
|
95
|
-
assert_equal(MAC[i], m, "Test: 1, Vector: #{i + 1}")
|
|
96
|
-
end
|
|
97
|
-
|
|
98
|
-
# Test with 1 call of update and same CCM object for each test.
|
|
99
|
-
# There is no reset, because it should be possible to calculate
|
|
100
|
-
# a new mac after digest without reset.
|
|
101
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
102
|
-
DATA.length.times do |i|
|
|
103
|
-
m = cmac.update(DATA[i]).digest.unpack('H*')[0]
|
|
104
|
-
assert_equal(MAC[i], m, "Test: 2, Vector: #{i + 1}")
|
|
105
|
-
end
|
|
106
|
-
|
|
107
|
-
# Test with multiple calls of update and new CCM object for each test
|
|
108
|
-
1.upto(DATA.length - 1) do |i|
|
|
109
|
-
1.upto(17) do |c|
|
|
110
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
111
|
-
DATA[i].bytes.each_slice(c) { |w| cmac.update(w.pack('C*')) }
|
|
112
|
-
m = cmac.digest.unpack('H*')[0]
|
|
113
|
-
assert_equal(MAC[i], m, "Test: 3, Vector: #{i + 1}, Tokenlen: #{c}")
|
|
114
|
-
end
|
|
115
|
-
end
|
|
116
|
-
|
|
117
|
-
# Test with multiple calls of update and same CCM object for each test
|
|
118
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
119
|
-
1.upto(DATA.length - 1) do |i|
|
|
120
|
-
1.upto(17) do |c|
|
|
121
|
-
DATA[i].bytes.each_slice(c) { |w| cmac.update(w.pack('C*')) }
|
|
122
|
-
m = cmac.digest.unpack('H*')[0]
|
|
123
|
-
assert_equal(MAC[i], m, "Test: 4, Vector: #{i + 1}, Tokenlen: #{c}")
|
|
124
|
-
end
|
|
125
|
-
end
|
|
126
|
-
end
|
|
127
|
-
|
|
128
|
-
# Test for Operator <<
|
|
129
|
-
DATA[3].bytes.each_slice(5) { |w| cmac << w.pack('C*') }
|
|
130
|
-
m = cmac.digest.unpack('H*')[0]
|
|
131
|
-
assert_equal(MAC[3], m, 'Test: 5, Vector: 4, Tokenlen: 5')
|
|
132
|
-
end
|
|
133
|
-
|
|
134
|
-
def test_cmac_digest
|
|
135
|
-
for cipher in ['aes', 'AES']
|
|
136
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
137
|
-
m = cmac.update(DATA[3]).digest.unpack('H*')[0]
|
|
138
|
-
assert_equal(MAC[3], m, 'Digest with no update')
|
|
139
|
-
|
|
140
|
-
cmac.update(DATA[3].b[0...20])
|
|
141
|
-
m = cmac.update(DATA[3].b[20...64]).digest.unpack('H*')[0]
|
|
142
|
-
assert_equal(MAC[3], m, 'Digest after update')
|
|
143
|
-
|
|
144
|
-
cmac.update(DATA[3])
|
|
145
|
-
m = cmac.update('').digest.unpack('H*')[0]
|
|
146
|
-
assert_equal(MAC[3], m, 'Empty digest')
|
|
147
|
-
|
|
148
|
-
DATA.length.times do |i|
|
|
149
|
-
m = OpenSSL::CMAC.digest(cipher, KEY, DATA[i]).unpack('H*')[0]
|
|
150
|
-
assert_equal(MAC[i], m, "Vector: #{i + 1}")
|
|
151
|
-
|
|
152
|
-
m = OpenSSL::CMAC.digest(cipher, KEY, DATA[i], 12).unpack('H*')[0]
|
|
153
|
-
assert_equal(24, m.length, "Vector: #{i + 1} - length")
|
|
154
|
-
assert_equal(MAC[i][0...24], m, "Vector: #{i + 1} - 12")
|
|
155
|
-
end
|
|
156
|
-
end
|
|
157
|
-
end
|
|
158
|
-
|
|
159
|
-
def test_cmac_prf
|
|
160
|
-
cmac = OpenSSL::CMAC.new('AES')
|
|
161
|
-
3.times do |i|
|
|
162
|
-
cmac.key = PRF_KEYS[i]
|
|
163
|
-
m = cmac.update(PRF_DATA).digest.unpack('H*')[0]
|
|
164
|
-
assert_equal(PRF_OUTS[i], m, "Vector: #{i + 1}")
|
|
165
|
-
end
|
|
166
|
-
end
|
|
167
|
-
end
|