1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-24 04:25:10 -07:00

Merge pull request #869 from angt/aegis256-mac-verification

aegis256: Support mac verification when m is NULL
This commit is contained in:
Frank Denis 2019-09-13 10:39:43 +02:00 committed by GitHub
commit cb4160b82c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 3 deletions

View File

@ -221,14 +221,22 @@ crypto_aead_aegis256_decrypt_detached(unsigned char *m, unsigned char *nsec, con
memcpy(src, ad + i, adlen & 0xf); memcpy(src, ad + i, adlen & 0xf);
crypto_aead_aegis256_enc(dst, src, state); crypto_aead_aegis256_enc(dst, src, state);
} }
for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) { if (m != NULL) {
crypto_aead_aegis256_dec(m + i, c + i, state); for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) {
crypto_aead_aegis256_dec(m + i, c + i, state);
}
} else {
for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) {
crypto_aead_aegis256_dec(dst, c + i, state);
}
} }
if (mlen & 0xf) { if (mlen & 0xf) {
memset(src, 0, 16); memset(src, 0, 16);
memcpy(src, c + i, mlen & 0xf); memcpy(src, c + i, mlen & 0xf);
crypto_aead_aegis256_dec(dst, src, state); crypto_aead_aegis256_dec(dst, src, state);
memcpy(m + i, dst, mlen & 0xf); if (m != NULL) {
memcpy(m + i, dst, mlen & 0xf);
}
memset(dst, 0, mlen & 0xf); memset(dst, 0, mlen & 0xf);
state[0] = _mm_xor_si128(state[0], _mm_loadu_si128((__m128i *) dst)); state[0] = _mm_xor_si128(state[0], _mm_loadu_si128((__m128i *) dst));
} }

View File

@ -2144,6 +2144,11 @@ tv(void)
printf("Verification of test vector #%u with a truncated tag failed\n", printf("Verification of test vector #%u with a truncated tag failed\n",
(unsigned int) i); (unsigned int) i);
} }
if (i == 0 && crypto_aead_aegis256_decrypt(NULL, NULL,
NULL, ciphertext, ciphertext_len,
ad, ad_len, nonce, key) != 0) {
printf("Verification of test vector #%u's tag failed\n", (unsigned int) i);
}
if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, NULL, ciphertext, if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, NULL, ciphertext,
ciphertext_len, ad, ad_len, nonce, key) != 0) { ciphertext_len, ad, ad_len, nonce, key) != 0) {
printf("Verification of test vector #%u failed\n", (unsigned int) i); printf("Verification of test vector #%u failed\n", (unsigned int) i);