Merge pull request #1330 from reaperhulk/fix-commoncrypto-gcm

Fix two bugs with CommonCrypto GCM that can result in invalid output.
author: Alex Gaynor <alex.gaynor@gmail.com> 2014-09-17 10:14:48 -0700
committer: Alex Gaynor <alex.gaynor@gmail.com> 2014-09-17 10:14:48 -0700
commit: 506f65b47f52377b0144669cfb41835762b25bb4 (patch)
tree: ffbb102fefa0297a145bb12d378d414fe8d1b0ad /tests/hazmat/primitives/test_aes.py
parent: 7a5629a718c787c671e0ed9573d0b8805758f660 (diff)
parent: 9a11c00b464225f4aa3e761e103930c6b8b9115b (diff)
download: cryptography-506f65b47f52377b0144669cfb41835762b25bb4.tar.gz
cryptography-506f65b47f52377b0144669cfb41835762b25bb4.tar.bz2
cryptography-506f65b47f52377b0144669cfb41835762b25bb4.zip
1 files changed, 34 insertions, 1 deletions
diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py
index 5bde7d3c..e8e0eee4 100644
--- a/tests/hazmat/primitives/test_aes.py
+++ b/tests/hazmat/primitives/test_aes.py
@@ -18,7 +18,7 @@ import os
 
 import pytest
 
-from cryptography.hazmat.primitives.ciphers import algorithms, modes
+from cryptography.hazmat.primitives.ciphers import algorithms, base, modes
 
 from .utils import generate_aead_test, generate_encrypt_test
 from ...utils import load_nist_vectors
@@ -228,3 +228,36 @@ class TestAESModeGCM(object):
         algorithms.AES,
         modes.GCM,
     )
+
+    def test_gcm_tag_with_only_aad(self, backend):
+        key = binascii.unhexlify(b"5211242698bed4774a090620a6ca56f3")
+        iv = binascii.unhexlify(b"b1e1349120b6e832ef976f5d")
+        aad = binascii.unhexlify(b"b6d729aab8e6416d7002b9faa794c410d8d2f193")
+        tag = binascii.unhexlify(b"0f247e7f9c2505de374006738018493b")
+
+        cipher = base.Cipher(
+            algorithms.AES(key),
+            modes.GCM(iv),
+            backend=backend
+        )
+        encryptor = cipher.encryptor()
+        encryptor.authenticate_additional_data(aad)
+        encryptor.finalize()
+        assert encryptor.tag == tag
+
+    def test_gcm_ciphertext_with_no_aad(self, backend):
+        key = binascii.unhexlify(b"e98b72a9881a84ca6b76e0f43e68647a")
+        iv = binascii.unhexlify(b"8b23299fde174053f3d652ba")
+        ct = binascii.unhexlify(b"5a3c1cf1985dbb8bed818036fdd5ab42")
+        tag = binascii.unhexlify(b"23c7ab0f952b7091cd324835043b5eb5")
+        pt = binascii.unhexlify(b"28286a321293253c3e0aa2704a278032")
+
+        cipher = base.Cipher(
+            algorithms.AES(key),
+            modes.GCM(iv),
+            backend=backend
+        )
+        encryptor = cipher.encryptor()
+        computed_ct = encryptor.update(pt) + encryptor.finalize()
+        assert computed_ct == ct
+        assert encryptor.tag == tag
author	Alex Gaynor <alex.gaynor@gmail.com>	2014-09-17 10:14:48 -0700
committer	Alex Gaynor <alex.gaynor@gmail.com>	2014-09-17 10:14:48 -0700
commit	506f65b47f52377b0144669cfb41835762b25bb4 (patch)
tree	ffbb102fefa0297a145bb12d378d414fe8d1b0ad /tests/hazmat/primitives/test_aes.py
parent	7a5629a718c787c671e0ed9573d0b8805758f660 (diff)
parent	9a11c00b464225f4aa3e761e103930c6b8b9115b (diff)
download	cryptography-506f65b47f52377b0144669cfb41835762b25bb4.tar.gz cryptography-506f65b47f52377b0144669cfb41835762b25bb4.tar.bz2 cryptography-506f65b47f52377b0144669cfb41835762b25bb4.zip