openssl-cmac 2.0.2 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -3
- data/lib/openssl/cmac/version.rb +3 -1
- data/lib/openssl/cmac.rb +44 -35
- metadata +12 -124
- data/.rubocop.yml +0 -12
- data/.yardopts +0 -4
- data/Gemfile +0 -8
- data/Rakefile +0 -31
- data/test/test_cmac.rb +0 -167
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eeaa9487886f72ffd7c689661ccd9d8dd0686e96df697963658f2d262fd1faea
|
|
4
|
+
data.tar.gz: 330603ff0c555473cfa1506b0de06bde9b365c3ba0b2f78da6edf1b747fb6e6b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: daccd0c4ae792fce56c26ba8540e2d5c1afe530dd75f55982028b12cfe389fede43918202000caedef08bdd2f8d28e31551dde5dec5cc118dee424d1f454bfaf
|
|
7
|
+
data.tar.gz: 310141d8937441a8bd77c70d09542305a9bfe6cf8b04733a58f84cad27ee0bf2ff64fd726abf8a01f842142ad4764da724e5eae659bc2516b35e0f31143144aa
|
data/README.md
CHANGED
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
[](http://badge.fury.io/rb/openssl-cmac)
|
|
2
|
-
[](https://gemnasium.com/SmallLars/openssl-cmac)
|
|
3
|
-
[](https://travis-ci.org/SmallLars/openssl-cmac)
|
|
4
2
|
[](https://coveralls.io/r/SmallLars/openssl-cmac)
|
|
5
|
-
[](https://qlty.sh/gh/SmallLars/projects/openssl-cmac)
|
|
6
4
|
[](http://inch-ci.org/github/smalllars/openssl-cmac)
|
|
7
5
|
|
|
8
6
|
# openssl-cmac
|
data/lib/openssl/cmac/version.rb
CHANGED
data/lib/openssl/cmac.rb
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'openssl'
|
|
2
4
|
|
|
5
|
+
# Extends Ruby's standard OpenSSL module with the CCM (Counter with CBC-MAC) class.
|
|
6
|
+
#
|
|
7
|
+
# This module is part of Ruby's standard library and is only reopened here
|
|
8
|
+
# to provide support for the CCM authenticated encryption mode (as defined in RFC 3610).
|
|
3
9
|
module OpenSSL
|
|
4
10
|
# CMACError used for wrong parameter resonse.
|
|
5
11
|
class CMACError < StandardError
|
|
@@ -42,8 +48,6 @@ module OpenSSL
|
|
|
42
48
|
CMAC.new(cipher, key).update(data).digest(length)
|
|
43
49
|
end
|
|
44
50
|
|
|
45
|
-
public
|
|
46
|
-
|
|
47
51
|
# Returns an instance of OpenSSL::CMAC set with the cipher algorithm and
|
|
48
52
|
# key to be used. The instance represents the initial state of the message
|
|
49
53
|
# authentication code before any data has been processed. To process data
|
|
@@ -54,12 +58,10 @@ module OpenSSL
|
|
|
54
58
|
#
|
|
55
59
|
# @return [Object] the new CMAC object
|
|
56
60
|
def initialize(cipher, key = '')
|
|
57
|
-
unless CMAC.ciphers.include?(cipher.upcase)
|
|
58
|
-
fail CMACError, "unsupported cipher algorithm (#{cipher})"
|
|
59
|
-
end
|
|
61
|
+
raise CMACError, "unsupported cipher algorithm (#{cipher})" unless CMAC.ciphers.include?(cipher.upcase)
|
|
60
62
|
|
|
61
63
|
@keys = []
|
|
62
|
-
@buffer =
|
|
64
|
+
@buffer = String.new.force_encoding('ASCII-8BIT')
|
|
63
65
|
@cipher = OpenSSL::Cipher.new("#{cipher.upcase}-128-CBC")
|
|
64
66
|
|
|
65
67
|
self.key = key unless key == ''
|
|
@@ -69,27 +71,13 @@ module OpenSSL
|
|
|
69
71
|
# with all processed data cleared from it.
|
|
70
72
|
#
|
|
71
73
|
# @param key [String] binary key string
|
|
72
|
-
#
|
|
73
|
-
# @return [Object] self with initial state and new key
|
|
74
74
|
def key=(key)
|
|
75
75
|
reset
|
|
76
76
|
key = CMAC.digest('AES', "\x00" * 16, key, 16) unless key.b.length == 16
|
|
77
77
|
|
|
78
78
|
@keys[0] = key.dup
|
|
79
79
|
@cipher.key = @keys[0]
|
|
80
|
-
|
|
81
|
-
cipher = OpenSSL::Cipher.new(@cipher.name)
|
|
82
|
-
cipher.encrypt
|
|
83
|
-
cipher.key = @keys[0]
|
|
84
|
-
k = (cipher.update("\x00" * 16) + cipher.final).bytes[0...16]
|
|
85
|
-
1.upto(2) do |i|
|
|
86
|
-
k = k.pack('C*').unpack('B*')[0]
|
|
87
|
-
msb = k.slice!(0)
|
|
88
|
-
k = [k, '0'].pack('B*').bytes
|
|
89
|
-
k[15] ^= 0x87 if msb == '1'
|
|
90
|
-
@keys[i] = k.dup
|
|
91
|
-
end
|
|
92
|
-
self
|
|
80
|
+
generate_subkey
|
|
93
81
|
end
|
|
94
82
|
|
|
95
83
|
# Alias for: update
|
|
@@ -123,12 +111,7 @@ module OpenSSL
|
|
|
123
111
|
#
|
|
124
112
|
# @return [Object] self with initial state
|
|
125
113
|
def reset
|
|
126
|
-
|
|
127
|
-
@buffer.clear
|
|
128
|
-
@cipher.reset unless @keys[0].nil?
|
|
129
|
-
@cipher.iv = "\x00" * 16
|
|
130
|
-
@cipher.encrypt
|
|
131
|
-
self
|
|
114
|
+
reset_with_key
|
|
132
115
|
end
|
|
133
116
|
|
|
134
117
|
# Returns self updated with the message to be authenticated.
|
|
@@ -138,7 +121,7 @@ module OpenSSL
|
|
|
138
121
|
#
|
|
139
122
|
# @return [Object] self with new state
|
|
140
123
|
def update(data)
|
|
141
|
-
|
|
124
|
+
raise CMACError, 'no key is set' if @keys[0].nil?
|
|
142
125
|
|
|
143
126
|
@buffer += data
|
|
144
127
|
@cipher.update(@buffer.slice!(0...16)) while @buffer.length > 16
|
|
@@ -149,23 +132,49 @@ module OpenSSL
|
|
|
149
132
|
#
|
|
150
133
|
# @param length [Number] length of the authentication code
|
|
151
134
|
def digest(length = 16)
|
|
152
|
-
|
|
153
|
-
|
|
135
|
+
raise CMACError, 'no key is set' if @keys[0].nil?
|
|
136
|
+
raise CMACError, 'no key is set' unless length.between?(1, 16)
|
|
154
137
|
|
|
155
138
|
block = @buffer.bytes
|
|
156
|
-
@buffer.clear
|
|
157
139
|
k = @keys[block.length == 16 ? 1 : 2].dup
|
|
158
140
|
i = block.length.times { |t| k[t] ^= block[t] }
|
|
159
141
|
k[i] ^= 0x80 if i < 16
|
|
160
142
|
mac = @cipher.update(k.pack('C*')) + @cipher.final
|
|
161
|
-
@
|
|
162
|
-
@cipher.encrypt
|
|
163
|
-
@cipher.key = @keys[0]
|
|
164
|
-
@cipher.iv = "\x00" * 16
|
|
143
|
+
reset_with_key(@keys[0])
|
|
165
144
|
# Each block is 16-bytes and the last block will always be PKCS#7 padding
|
|
166
145
|
# which we want to discard. Take the last block prior to the padding for
|
|
167
146
|
# the MAC.
|
|
168
147
|
mac[-32...(-32 + length)]
|
|
169
148
|
end
|
|
149
|
+
|
|
150
|
+
private
|
|
151
|
+
|
|
152
|
+
def reset_with_key(key = '')
|
|
153
|
+
@buffer.clear
|
|
154
|
+
@cipher.reset
|
|
155
|
+
@cipher.encrypt
|
|
156
|
+
@cipher.iv = "\x00" * 16
|
|
157
|
+
|
|
158
|
+
if key.empty?
|
|
159
|
+
@keys.clear
|
|
160
|
+
else
|
|
161
|
+
@cipher.key = key
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
self
|
|
165
|
+
end
|
|
166
|
+
|
|
167
|
+
def generate_subkey
|
|
168
|
+
cipher = OpenSSL::Cipher.new(@cipher.name).encrypt
|
|
169
|
+
cipher.key = @keys[0]
|
|
170
|
+
k = (cipher.update("\x00" * 16) + cipher.final).bytes[0...16]
|
|
171
|
+
1.upto(2) do |i|
|
|
172
|
+
k = k.pack('C*').unpack('B*')[0]
|
|
173
|
+
msb = k.slice!(0)
|
|
174
|
+
k = [k, '0'].pack('B*').bytes
|
|
175
|
+
k[15] ^= 0x87 if msb == '1'
|
|
176
|
+
@keys[i] = k.dup
|
|
177
|
+
end
|
|
178
|
+
end
|
|
170
179
|
end
|
|
171
180
|
end
|
metadata
CHANGED
|
@@ -1,136 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openssl-cmac
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Maxim M. Chechel
|
|
8
8
|
- Lars Schmertmann
|
|
9
|
-
autorequire:
|
|
10
9
|
bindir: bin
|
|
11
10
|
cert_chain: []
|
|
12
|
-
date:
|
|
11
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
13
12
|
dependencies:
|
|
14
13
|
- !ruby/object:Gem::Dependency
|
|
15
|
-
name:
|
|
14
|
+
name: openssl
|
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
|
17
16
|
requirements:
|
|
18
17
|
- - "~>"
|
|
19
18
|
- !ruby/object:Gem::Version
|
|
20
|
-
version: '
|
|
21
|
-
|
|
22
|
-
- !ruby/object:Gem::Version
|
|
23
|
-
version: 12.3.2
|
|
24
|
-
type: :development
|
|
25
|
-
prerelease: false
|
|
26
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
27
|
-
requirements:
|
|
28
|
-
- - "~>"
|
|
29
|
-
- !ruby/object:Gem::Version
|
|
30
|
-
version: '12.3'
|
|
31
|
-
- - ">="
|
|
32
|
-
- !ruby/object:Gem::Version
|
|
33
|
-
version: 12.3.2
|
|
34
|
-
- !ruby/object:Gem::Dependency
|
|
35
|
-
name: rdoc
|
|
36
|
-
requirement: !ruby/object:Gem::Requirement
|
|
37
|
-
requirements:
|
|
38
|
-
- - "~>"
|
|
39
|
-
- !ruby/object:Gem::Version
|
|
40
|
-
version: '4.3'
|
|
41
|
-
- - ">="
|
|
42
|
-
- !ruby/object:Gem::Version
|
|
43
|
-
version: 4.3.0
|
|
44
|
-
type: :development
|
|
45
|
-
prerelease: false
|
|
46
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
47
|
-
requirements:
|
|
48
|
-
- - "~>"
|
|
49
|
-
- !ruby/object:Gem::Version
|
|
50
|
-
version: '4.3'
|
|
51
|
-
- - ">="
|
|
52
|
-
- !ruby/object:Gem::Version
|
|
53
|
-
version: 4.3.0
|
|
54
|
-
- !ruby/object:Gem::Dependency
|
|
55
|
-
name: yard
|
|
56
|
-
requirement: !ruby/object:Gem::Requirement
|
|
57
|
-
requirements:
|
|
58
|
-
- - "~>"
|
|
59
|
-
- !ruby/object:Gem::Version
|
|
60
|
-
version: '0.9'
|
|
61
|
-
- - ">="
|
|
62
|
-
- !ruby/object:Gem::Version
|
|
63
|
-
version: 0.9.16
|
|
64
|
-
type: :development
|
|
65
|
-
prerelease: false
|
|
66
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
67
|
-
requirements:
|
|
68
|
-
- - "~>"
|
|
69
|
-
- !ruby/object:Gem::Version
|
|
70
|
-
version: '0.9'
|
|
71
|
-
- - ">="
|
|
72
|
-
- !ruby/object:Gem::Version
|
|
73
|
-
version: 0.9.16
|
|
74
|
-
- !ruby/object:Gem::Dependency
|
|
75
|
-
name: rubocop
|
|
76
|
-
requirement: !ruby/object:Gem::Requirement
|
|
77
|
-
requirements:
|
|
78
|
-
- - "~>"
|
|
79
|
-
- !ruby/object:Gem::Version
|
|
80
|
-
version: '0.50'
|
|
81
|
-
- - ">="
|
|
82
|
-
- !ruby/object:Gem::Version
|
|
83
|
-
version: 0.50.0
|
|
84
|
-
type: :development
|
|
85
|
-
prerelease: false
|
|
86
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
87
|
-
requirements:
|
|
88
|
-
- - "~>"
|
|
89
|
-
- !ruby/object:Gem::Version
|
|
90
|
-
version: '0.50'
|
|
91
|
-
- - ">="
|
|
92
|
-
- !ruby/object:Gem::Version
|
|
93
|
-
version: 0.50.0
|
|
94
|
-
- !ruby/object:Gem::Dependency
|
|
95
|
-
name: test-unit
|
|
96
|
-
requirement: !ruby/object:Gem::Requirement
|
|
97
|
-
requirements:
|
|
98
|
-
- - "~>"
|
|
99
|
-
- !ruby/object:Gem::Version
|
|
100
|
-
version: '3.2'
|
|
101
|
-
- - ">="
|
|
102
|
-
- !ruby/object:Gem::Version
|
|
103
|
-
version: 3.2.9
|
|
104
|
-
type: :development
|
|
105
|
-
prerelease: false
|
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
-
requirements:
|
|
108
|
-
- - "~>"
|
|
109
|
-
- !ruby/object:Gem::Version
|
|
110
|
-
version: '3.2'
|
|
111
|
-
- - ">="
|
|
112
|
-
- !ruby/object:Gem::Version
|
|
113
|
-
version: 3.2.9
|
|
114
|
-
- !ruby/object:Gem::Dependency
|
|
115
|
-
name: coveralls
|
|
116
|
-
requirement: !ruby/object:Gem::Requirement
|
|
117
|
-
requirements:
|
|
118
|
-
- - "~>"
|
|
119
|
-
- !ruby/object:Gem::Version
|
|
120
|
-
version: '0.8'
|
|
121
|
-
- - ">="
|
|
122
|
-
- !ruby/object:Gem::Version
|
|
123
|
-
version: 0.8.22
|
|
124
|
-
type: :development
|
|
19
|
+
version: '3.0'
|
|
20
|
+
type: :runtime
|
|
125
21
|
prerelease: false
|
|
126
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
127
23
|
requirements:
|
|
128
24
|
- - "~>"
|
|
129
25
|
- !ruby/object:Gem::Version
|
|
130
|
-
version: '0
|
|
131
|
-
- - ">="
|
|
132
|
-
- !ruby/object:Gem::Version
|
|
133
|
-
version: 0.8.22
|
|
26
|
+
version: '3.0'
|
|
134
27
|
description: Ruby Gem for RFC 4493, 4494, 4615 - The AES-CMAC Algorithm
|
|
135
28
|
email:
|
|
136
29
|
- maximchick@gmail.com
|
|
@@ -138,22 +31,19 @@ email:
|
|
|
138
31
|
executables: []
|
|
139
32
|
extensions: []
|
|
140
33
|
extra_rdoc_files:
|
|
141
|
-
- README.md
|
|
142
34
|
- LICENSE
|
|
35
|
+
- README.md
|
|
143
36
|
files:
|
|
144
|
-
- ".rubocop.yml"
|
|
145
|
-
- ".yardopts"
|
|
146
|
-
- Gemfile
|
|
147
37
|
- LICENSE
|
|
148
38
|
- README.md
|
|
149
|
-
- Rakefile
|
|
150
39
|
- lib/openssl/cmac.rb
|
|
151
40
|
- lib/openssl/cmac/version.rb
|
|
152
|
-
- test/test_cmac.rb
|
|
153
41
|
homepage: https://github.com/smalllars/openssl-cmac
|
|
154
42
|
licenses:
|
|
155
43
|
- MIT
|
|
156
|
-
metadata:
|
|
44
|
+
metadata:
|
|
45
|
+
rubygems_mfa_required: 'true'
|
|
46
|
+
source_code_uri: https://github.com/smalllars/openssl-cmac
|
|
157
47
|
post_install_message: Thanks for installing!
|
|
158
48
|
rdoc_options:
|
|
159
49
|
- "-x"
|
|
@@ -171,9 +61,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
171
61
|
- !ruby/object:Gem::Version
|
|
172
62
|
version: '0'
|
|
173
63
|
requirements: []
|
|
174
|
-
rubygems_version: 3.
|
|
175
|
-
signing_key:
|
|
64
|
+
rubygems_version: 3.6.9
|
|
176
65
|
specification_version: 4
|
|
177
66
|
summary: RFC 4493, 4494, 4615 - CMAC
|
|
178
|
-
test_files:
|
|
179
|
-
- test/test_cmac.rb
|
|
67
|
+
test_files: []
|
data/.rubocop.yml
DELETED
data/.yardopts
DELETED
data/Gemfile
DELETED
data/Rakefile
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
require './lib/openssl/cmac/version'
|
|
2
|
-
require "bundler/gem_tasks"
|
|
3
|
-
require 'rake/testtask'
|
|
4
|
-
|
|
5
|
-
task :default => :build
|
|
6
|
-
|
|
7
|
-
desc "Run tests"
|
|
8
|
-
Rake::TestTask.new do |t|
|
|
9
|
-
t.libs << 'test'
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
desc "Create documentation"
|
|
13
|
-
task :doc do
|
|
14
|
-
sh "gem rdoc --rdoc openssl-cmac"
|
|
15
|
-
sh "yardoc"
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
desc "Uninstall and clean documentation"
|
|
19
|
-
task :clean do
|
|
20
|
-
sh "gem uninstall openssl-cmac"
|
|
21
|
-
begin; sh "rm -R ./coverage"; rescue; end
|
|
22
|
-
begin; sh "rm -R ./.yardoc"; rescue; end
|
|
23
|
-
begin; sh "rm -R ./doc"; rescue; end
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
desc "Development Dependencies"
|
|
27
|
-
task (:devinst) { sh "gem install --dev ./pkg/openssl-cmac-#{OpenSSL::CMAC::VERSION}.gem" }
|
|
28
|
-
|
|
29
|
-
desc "Bundle install"
|
|
30
|
-
task (:bundle) { sh "bundle install" }
|
|
31
|
-
|
data/test/test_cmac.rb
DELETED
|
@@ -1,167 +0,0 @@
|
|
|
1
|
-
require 'coveralls'
|
|
2
|
-
Coveralls.wear!
|
|
3
|
-
require 'test/unit'
|
|
4
|
-
require 'openssl/cmac'
|
|
5
|
-
|
|
6
|
-
# Testclass with Test Vectors from RFC's
|
|
7
|
-
class CMACTest < Test::Unit::TestCase
|
|
8
|
-
# http://tools.ietf.org/html/rfc4493#section-4
|
|
9
|
-
KEY = ['2b7e151628aed2a6abf7158809cf4f3c'].pack('H*')
|
|
10
|
-
DATA = [[''].pack('H*'),
|
|
11
|
-
['6bc1bee22e409f96e93d7e117393172a'].pack('H*'),
|
|
12
|
-
['6bc1bee22e409f96e93d7e117393172a'\
|
|
13
|
-
'ae2d8a571e03ac9c9eb76fac45af8e51'\
|
|
14
|
-
'30c81c46a35ce411'].pack('H*'),
|
|
15
|
-
['6bc1bee22e409f96e93d7e117393172a'\
|
|
16
|
-
'ae2d8a571e03ac9c9eb76fac45af8e51'\
|
|
17
|
-
'30c81c46a35ce411e5fbc1191a0a52ef'\
|
|
18
|
-
'f69f2445df4f9b17ad2b417be66c3710'].pack('H*')]
|
|
19
|
-
MAC = %w(bb1d6929e95937287fa37d129b756746
|
|
20
|
-
070a16b46b4d4144f79bdd9dd04a287c
|
|
21
|
-
dfa66747de9ae63030ca32611497c827
|
|
22
|
-
51f0bebf7e3b9d92fc49741779363cfe)
|
|
23
|
-
|
|
24
|
-
# http://tools.ietf.org/html/rfc4615#section-4
|
|
25
|
-
PRF_KEYS = [['000102030405060708090a0b0c0d0e0fedcb'].pack('H*'),
|
|
26
|
-
['000102030405060708090a0b0c0d0e0f'].pack('H*'),
|
|
27
|
-
['00010203040506070809'].pack('H*')]
|
|
28
|
-
PRF_DATA = ['000102030405060708090a0b0c0d0e0f10111213'].pack('H*')
|
|
29
|
-
PRF_OUTS = %w(84a348a4a45d235babfffc0d2b4da09a
|
|
30
|
-
980ae87b5f4c9c5214f5b6a8455e4c2d
|
|
31
|
-
290d9e112edb09ee141fcf64c0b72f3d)
|
|
32
|
-
|
|
33
|
-
def test_cmac_keys
|
|
34
|
-
cmac = OpenSSL::CMAC.new('AES')
|
|
35
|
-
cmac.key = KEY
|
|
36
|
-
check_keys(cmac)
|
|
37
|
-
|
|
38
|
-
cmac = OpenSSL::CMAC.new('AES', KEY)
|
|
39
|
-
check_keys(cmac)
|
|
40
|
-
|
|
41
|
-
assert(cmac.instance_variable_get(:@buffer).empty?, 'Wrong buffer')
|
|
42
|
-
cmac.update(DATA[2])
|
|
43
|
-
assert(cmac.instance_variable_get(:@buffer).length == 8, 'Wrong buffer')
|
|
44
|
-
cmac.update(DATA[2])
|
|
45
|
-
assert(cmac.instance_variable_get(:@buffer).length == 16, 'Wrong buffer')
|
|
46
|
-
|
|
47
|
-
cmac.reset
|
|
48
|
-
assert(cmac.instance_variable_get(:@keys)[0].nil?, 'Reset fail')
|
|
49
|
-
assert(cmac.instance_variable_get(:@keys)[1].nil?, 'Reset fail')
|
|
50
|
-
assert(cmac.instance_variable_get(:@keys)[2].nil?, 'Reset fail')
|
|
51
|
-
assert_equal('', cmac.instance_variable_get(:@buffer), 'Reset fail')
|
|
52
|
-
|
|
53
|
-
assert_raise(OpenSSL::CMACError) { cmac.update(DATA[2]) }
|
|
54
|
-
assert_raise(OpenSSL::CMACError) { cmac.digest }
|
|
55
|
-
|
|
56
|
-
cmac.key = KEY
|
|
57
|
-
check_keys(cmac)
|
|
58
|
-
|
|
59
|
-
m = cmac.update(DATA[2]).digest.unpack('H*')[0]
|
|
60
|
-
assert_equal(MAC[2], m)
|
|
61
|
-
end
|
|
62
|
-
|
|
63
|
-
def check_keys(cmac)
|
|
64
|
-
assert_equal(
|
|
65
|
-
'2b7e151628aed2a6abf7158809cf4f3c',
|
|
66
|
-
cmac.instance_variable_get(:@keys)[0].unpack('H*')[0],
|
|
67
|
-
'Key ERROR'
|
|
68
|
-
)
|
|
69
|
-
assert_equal(
|
|
70
|
-
'fbeed618357133667c85e08f7236a8de',
|
|
71
|
-
cmac.instance_variable_get(:@keys)[1].pack('C*').unpack('H*')[0],
|
|
72
|
-
'SubKey 1 ERROR'
|
|
73
|
-
)
|
|
74
|
-
|
|
75
|
-
assert_equal(
|
|
76
|
-
'f7ddac306ae266ccf90bc11ee46d513b',
|
|
77
|
-
cmac.instance_variable_get(:@keys)[2].pack('C*').unpack('H*')[0],
|
|
78
|
-
'SubKey 2 ERROR'
|
|
79
|
-
)
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
def test_cmac_vars
|
|
83
|
-
cmac = OpenSSL::CMAC.new('AES')
|
|
84
|
-
assert_equal(16, cmac.block_length)
|
|
85
|
-
assert_equal(16, cmac.digest_max_length)
|
|
86
|
-
assert_equal('CMAC with AES', cmac.name)
|
|
87
|
-
end
|
|
88
|
-
|
|
89
|
-
def test_cmac_update
|
|
90
|
-
for cipher in ['aes', 'AES']
|
|
91
|
-
# Test with 1 call of update and new CCM object for each test.
|
|
92
|
-
DATA.length.times do |i|
|
|
93
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
94
|
-
m = cmac.update(DATA[i]).digest.unpack('H*')[0]
|
|
95
|
-
assert_equal(MAC[i], m, "Test: 1, Vector: #{i + 1}")
|
|
96
|
-
end
|
|
97
|
-
|
|
98
|
-
# Test with 1 call of update and same CCM object for each test.
|
|
99
|
-
# There is no reset, because it should be possible to calculate
|
|
100
|
-
# a new mac after digest without reset.
|
|
101
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
102
|
-
DATA.length.times do |i|
|
|
103
|
-
m = cmac.update(DATA[i]).digest.unpack('H*')[0]
|
|
104
|
-
assert_equal(MAC[i], m, "Test: 2, Vector: #{i + 1}")
|
|
105
|
-
end
|
|
106
|
-
|
|
107
|
-
# Test with multiple calls of update and new CCM object for each test
|
|
108
|
-
1.upto(DATA.length - 1) do |i|
|
|
109
|
-
1.upto(17) do |c|
|
|
110
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
111
|
-
DATA[i].bytes.each_slice(c) { |w| cmac.update(w.pack('C*')) }
|
|
112
|
-
m = cmac.digest.unpack('H*')[0]
|
|
113
|
-
assert_equal(MAC[i], m, "Test: 3, Vector: #{i + 1}, Tokenlen: #{c}")
|
|
114
|
-
end
|
|
115
|
-
end
|
|
116
|
-
|
|
117
|
-
# Test with multiple calls of update and same CCM object for each test
|
|
118
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
119
|
-
1.upto(DATA.length - 1) do |i|
|
|
120
|
-
1.upto(17) do |c|
|
|
121
|
-
DATA[i].bytes.each_slice(c) { |w| cmac.update(w.pack('C*')) }
|
|
122
|
-
m = cmac.digest.unpack('H*')[0]
|
|
123
|
-
assert_equal(MAC[i], m, "Test: 4, Vector: #{i + 1}, Tokenlen: #{c}")
|
|
124
|
-
end
|
|
125
|
-
end
|
|
126
|
-
end
|
|
127
|
-
|
|
128
|
-
# Test for Operator <<
|
|
129
|
-
DATA[3].bytes.each_slice(5) { |w| cmac << w.pack('C*') }
|
|
130
|
-
m = cmac.digest.unpack('H*')[0]
|
|
131
|
-
assert_equal(MAC[3], m, 'Test: 5, Vector: 4, Tokenlen: 5')
|
|
132
|
-
end
|
|
133
|
-
|
|
134
|
-
def test_cmac_digest
|
|
135
|
-
for cipher in ['aes', 'AES']
|
|
136
|
-
cmac = OpenSSL::CMAC.new(cipher, KEY)
|
|
137
|
-
m = cmac.update(DATA[3]).digest.unpack('H*')[0]
|
|
138
|
-
assert_equal(MAC[3], m, 'Digest with no update')
|
|
139
|
-
|
|
140
|
-
cmac.update(DATA[3].b[0...20])
|
|
141
|
-
m = cmac.update(DATA[3].b[20...64]).digest.unpack('H*')[0]
|
|
142
|
-
assert_equal(MAC[3], m, 'Digest after update')
|
|
143
|
-
|
|
144
|
-
cmac.update(DATA[3])
|
|
145
|
-
m = cmac.update('').digest.unpack('H*')[0]
|
|
146
|
-
assert_equal(MAC[3], m, 'Empty digest')
|
|
147
|
-
|
|
148
|
-
DATA.length.times do |i|
|
|
149
|
-
m = OpenSSL::CMAC.digest(cipher, KEY, DATA[i]).unpack('H*')[0]
|
|
150
|
-
assert_equal(MAC[i], m, "Vector: #{i + 1}")
|
|
151
|
-
|
|
152
|
-
m = OpenSSL::CMAC.digest(cipher, KEY, DATA[i], 12).unpack('H*')[0]
|
|
153
|
-
assert_equal(24, m.length, "Vector: #{i + 1} - length")
|
|
154
|
-
assert_equal(MAC[i][0...24], m, "Vector: #{i + 1} - 12")
|
|
155
|
-
end
|
|
156
|
-
end
|
|
157
|
-
end
|
|
158
|
-
|
|
159
|
-
def test_cmac_prf
|
|
160
|
-
cmac = OpenSSL::CMAC.new('AES')
|
|
161
|
-
3.times do |i|
|
|
162
|
-
cmac.key = PRF_KEYS[i]
|
|
163
|
-
m = cmac.update(PRF_DATA).digest.unpack('H*')[0]
|
|
164
|
-
assert_equal(PRF_OUTS[i], m, "Vector: #{i + 1}")
|
|
165
|
-
end
|
|
166
|
-
end
|
|
167
|
-
end
|