#![cfg(all(cmac, feature = "mac"))]
use digest::{KeyInit, Mac};
use wolfssl_wolfcrypt::cmac_mac::CmacAes128;
#[test]
fn test_cmac_aes128_mac_trait() {
let key = [
0x2bu8, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
];
let message = [
0x6bu8, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
];
let expected = [
0x07u8, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
];
let mut mac = CmacAes128::new_from_slice(&key)
.expect("CMAC init failed");
mac.update(&message);
mac.verify_slice(&expected).expect("CMAC verification failed");
}
#[test]
fn test_cmac_aes128_mac_finalize() {
let key = [
0x2bu8, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
];
let message = [
0x6bu8, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
];
let expected: &[u8] = &[
0x07u8, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
];
let mac = CmacAes128::new_from_slice(&key)
.expect("CMAC init failed")
.chain_update(&message);
let result = mac.finalize();
assert_eq!(result.as_bytes().as_slice(), expected);
}
#[test]
fn test_cmac_aes128_mac_verify_fail() {
let key = [
0x2bu8, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
];
let message = [
0x6bu8, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
];
let wrong_tag = [0u8; 16];
let mut mac = CmacAes128::new_from_slice(&key)
.expect("CMAC init failed");
mac.update(&message);
assert!(mac.verify_slice(&wrong_tag).is_err());
}
#[test]
fn test_cmac_aes128_wrong_key_size() {
let bad_key = [0u8; 15]; assert!(CmacAes128::new_from_slice(&bad_key).is_err());
}