fix: GCM: Missing aad_add #36
Karel Miko
6 years ago
139 | 139 | } |
140 | 140 | |
141 | 141 | int |
142 | aad_add(Crypt::AuthEnc::EAX self, SV * adata) | |
142 | adata_add(Crypt::AuthEnc::EAX self, SV * adata) | |
143 | 143 | CODE: |
144 | 144 | { |
145 | 145 | STRLEN h_len; |
42 | 42 | RETVAL |
43 | 43 | |
44 | 44 | void |
45 | aad_add(Crypt::AuthEnc::OCB self, SV * data) | |
45 | adata_add(Crypt::AuthEnc::OCB self, SV * data) | |
46 | 46 | CODE: |
47 | 47 | { |
48 | 48 | int rv; |
53 | 53 | |
54 | 54 | # encrypt and authenticate |
55 | 55 | my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $iv); |
56 | $ae->aad_add('additional_authenticated_data1'); | |
57 | $ae->aad_add('additional_authenticated_data2'); | |
56 | $ae->adata_add('additional_authenticated_data1'); | |
57 | $ae->adata_add('additional_authenticated_data2'); | |
58 | 58 | $ct = $ae->encrypt_add('data1'); |
59 | 59 | $ct = $ae->encrypt_add('data2'); |
60 | 60 | $ct = $ae->encrypt_add('data3'); |
62 | 62 | |
63 | 63 | # decrypt and verify |
64 | 64 | my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $iv); |
65 | $ae->aad_add('additional_authenticated_data1'); | |
66 | $ae->aad_add('additional_authenticated_data2'); | |
65 | $ae->adata_add('additional_authenticated_data1'); | |
66 | $ae->adata_add('additional_authenticated_data2'); | |
67 | 67 | $pt = $ae->decrypt_add('ciphertext1'); |
68 | 68 | $pt = $ae->decrypt_add('ciphertext2'); |
69 | 69 | $pt = $ae->decrypt_add('ciphertext3'); |
116 | 116 | # $key ..... encryption key of proper length (128 or 256 bits / 16 or 32 bytes) |
117 | 117 | # $iv ...... initialization vector (64 or 96 bits / 8 or 12 bytes) |
118 | 118 | |
119 | =head2 aad_add | |
119 | =head2 adata_add | |
120 | 120 | |
121 | Add B<additional authenticated data>. | |
121 | 122 | Can be called before the first C<encrypt_add> or C<decrypt_add>; |
122 | 123 | |
123 | $ae->aad_add($aad_data); #can be called multiple times | |
124 | $ae->adata_add($aad_data); #can be called multiple times | |
124 | 125 | |
125 | 126 | =head2 encrypt_add |
126 | 127 |
19 | 19 | # - encrypt_done |
20 | 20 | # - decrypt_add |
21 | 21 | # - decrypt_done |
22 | # - aad_add | |
22 | # - adata_add | |
23 | 23 | |
24 | 24 | sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } |
25 | 25 | |
31 | 31 | my $plaintext = shift; |
32 | 32 | |
33 | 33 | my $m = Crypt::AuthEnc::EAX->new($cipher_name, $key, $iv); |
34 | $m->aad_add($adata) if defined $adata; | |
34 | $m->adata_add($adata) if defined $adata; | |
35 | 35 | my $ct = $m->encrypt_add($plaintext); |
36 | 36 | my $tag = $m->encrypt_done; |
37 | 37 | return ($ct, $tag); |
46 | 46 | my $tag = shift; |
47 | 47 | |
48 | 48 | my $m = Crypt::AuthEnc::EAX->new($cipher_name, $key, $iv); |
49 | $m->aad_add($adata) if defined $adata; | |
49 | $m->adata_add($adata) if defined $adata; | |
50 | 50 | my $ct = $m->decrypt_add($ciphertext); |
51 | 51 | return $m->decrypt_done($tag) ? $ct : undef; |
52 | 52 | } |
53 | 53 | |
54 | sub header_add { | |
55 | # obsolete, only for backwards compatibility | |
56 | shift->aad_add(@_); | |
57 | } | |
54 | # obsolete, only for backwards compatibility | |
55 | sub header_add { goto &adata_add } | |
56 | sub aad_add { goto &adata_add } | |
58 | 57 | |
59 | 58 | 1; |
60 | 59 | |
71 | 70 | |
72 | 71 | # encrypt and authenticate |
73 | 72 | my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $iv); |
74 | $ae->aad_add('additional_authenticated_data1'); | |
75 | $ae->aad_add('additional_authenticated_data2'); | |
73 | $ae->adata_add('additional_authenticated_data1'); | |
74 | $ae->adata_add('additional_authenticated_data2'); | |
76 | 75 | $ct = $ae->encrypt_add('data1'); |
77 | 76 | $ct = $ae->encrypt_add('data2'); |
78 | 77 | $ct = $ae->encrypt_add('data3'); |
80 | 79 | |
81 | 80 | # decrypt and verify |
82 | 81 | my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $iv); |
83 | $ae->aad_add('additional_authenticated_data1'); | |
84 | $ae->aad_add('additional_authenticated_data2'); | |
82 | $ae->adata_add('additional_authenticated_data1'); | |
83 | $ae->adata_add('additional_authenticated_data2'); | |
85 | 84 | $pt = $ae->decrypt_add('ciphertext1'); |
86 | 85 | $pt = $ae->decrypt_add('ciphertext2'); |
87 | 86 | $pt = $ae->decrypt_add('ciphertext3'); |
141 | 140 | # $iv ...... unique initialization vector (no need to keep it secret) |
142 | 141 | # $adata ... additional authenticated data (optional) |
143 | 142 | |
144 | =head2 aad_add | |
143 | =head2 adata_add | |
145 | 144 | |
146 | $ae->aad_add($adata); #can be called multiple times | |
145 | $ae->adata_add($adata); #can be called multiple times | |
147 | 146 | |
148 | 147 | =head2 encrypt_add |
149 | 148 |
64 | 64 | |
65 | 65 | # encrypt and authenticate |
66 | 66 | my $ae = Crypt::AuthEnc::GCM->new("AES", $key, $iv); |
67 | $ae->aad_add('additional_authenticated_data1'); | |
68 | $ae->aad_add('additional_authenticated_data2'); | |
67 | $ae->adata_add('additional_authenticated_data1'); | |
68 | $ae->adata_add('additional_authenticated_data2'); | |
69 | 69 | $ct = $ae->encrypt_add('data1'); |
70 | 70 | $ct = $ae->encrypt_add('data2'); |
71 | 71 | $ct = $ae->encrypt_add('data3'); |
73 | 73 | |
74 | 74 | # decrypt and verify |
75 | 75 | my $ae = Crypt::AuthEnc::GCM->new("AES", $key, $iv); |
76 | $ae->aad_add('additional_authenticated_data1'); | |
77 | $ae->aad_add('additional_authenticated_data2'); | |
76 | $ae->adata_add('additional_authenticated_data1'); | |
77 | $ae->adata_add('additional_authenticated_data2'); | |
78 | 78 | $pt = $ae->decrypt_add('ciphertext1'); |
79 | 79 | $pt = $ae->decrypt_add('ciphertext2'); |
80 | 80 | $pt = $ae->decrypt_add('ciphertext3'); |
133 | 133 | |
134 | 134 | =head2 iv_add |
135 | 135 | |
136 | $ae->iv_add($iv_data); #can be called multiple times | |
136 | Set initialization vector (IV). | |
137 | 137 | |
138 | =head2 aad_add | |
138 | $ae->iv_add($iv_data); #can be called multiple times | |
139 | 139 | |
140 | Can be called B<after> all C<iv_add> calls but before the first C<encrypt_add> or C<decrypt_add>; | |
140 | =head2 adata_add | |
141 | 141 | |
142 | $ae->aad_add($aad_data); #can be called multiple times | |
142 | Add B<additional authenticated data>. | |
143 | Can be called B<after> all C<iv_add> calls but before the first C<encrypt_add> or C<decrypt_add>. | |
144 | ||
145 | $ae->adata_add($aad_data); #can be called multiple times | |
143 | 146 | |
144 | 147 | =head2 encrypt_add |
145 | 148 |
21 | 21 | my $plaintext = shift; |
22 | 22 | |
23 | 23 | my $m = Crypt::AuthEnc::OCB->new($cipher_name, $key, $nonce); |
24 | $m->aad_add($adata) if defined $adata; | |
24 | $m->adata_add($adata) if defined $adata; | |
25 | 25 | my $ct = $m->encrypt_last($plaintext); |
26 | 26 | my $tag = $m->encrypt_done; |
27 | 27 | return ($ct, $tag); |
36 | 36 | my $tag = shift; |
37 | 37 | |
38 | 38 | my $m = Crypt::AuthEnc::OCB->new($cipher_name, $key, $nonce); |
39 | $m->aad_add($adata) if defined $adata; | |
39 | $m->adata_add($adata) if defined $adata; | |
40 | 40 | my $ct = $m->decrypt_last($ciphertext); |
41 | 41 | return $m->decrypt_done($tag) ? $ct : undef; |
42 | 42 | } |
43 | 43 | |
44 | sub adata_add { | |
45 | # obsolete, only for backwards compatibility | |
46 | shift->aad_add(@_); | |
47 | } | |
44 | # obsolete, only for backwards compatibility | |
45 | sub aad_add { goto &adata_add } | |
48 | 46 | |
49 | 47 | 1; |
50 | 48 | |
61 | 59 | |
62 | 60 | # encrypt and authenticate |
63 | 61 | my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce); |
64 | $ae->aad_add('additional_authenticated_data1'); | |
65 | $ae->aad_add('additional_authenticated_data2'); | |
62 | $ae->adata_add('additional_authenticated_data1'); | |
63 | $ae->adata_add('additional_authenticated_data2'); | |
66 | 64 | $ct = $ae->encrypt_add('data1'); |
67 | 65 | $ct = $ae->encrypt_add('data2'); |
68 | 66 | $ct = $ae->encrypt_add('data3'); |
71 | 69 | |
72 | 70 | # decrypt and verify |
73 | 71 | my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce); |
74 | $ae->aad_add('additional_authenticated_data1'); | |
75 | $ae->aad_add('additional_authenticated_data2'); | |
72 | $ae->adata_add('additional_authenticated_data1'); | |
73 | $ae->adata_add('additional_authenticated_data2'); | |
76 | 74 | $pt = $ae->decrypt_add('ciphertext1'); |
77 | 75 | $pt = $ae->decrypt_add('ciphertext2'); |
78 | 76 | $pt = $ae->decrypt_add('ciphertext3'); |
124 | 122 | # $key ..... AES key of proper length (128/192/256bits) |
125 | 123 | # $nonce ... unique nonce/salt (no need to keep it secret) |
126 | 124 | |
127 | =head2 aad_add | |
125 | =head2 adata_add | |
128 | 126 | |
129 | $ae->aad_add($adata); #can be called multiple times | |
127 | $ae->adata_add($adata); #can be called multiple times | |
130 | 128 | |
131 | 129 | =head2 encrypt_add |
132 | 130 |