[gnutls-devel] GnuTLS | Add support for AES CMAC mac (!786)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Oct 26 23:06:51 CEST 2018


This is a merge request analogous to the one just merged for CFB8.

The only doubt I have here is that in theory CMAC can return an arbitrary digest length between 1 and 16 bytes, however GnuTLS hmac (misnamed) API does not allow for variable length digest as far a sI can see, nor the self tests.

In practice this is not a big deal because internally the mac simply truncates the output to return anything shorter than 16 bytes, so users can do the same. The only issue is that I couldn't use SP800-38 CAV vectors because they give outputs for 4 or 15 bytes length, so I had to use a couple of vectors lifted from nettle's own tests.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/786#note_112231352
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181026/5ee5564c/attachment.html>


More information about the Gnutls-devel mailing list