Add CCM cipher suites

2026-06-19 11:23:38 +08:00 · 2026-06-14 00:12:10 +08:00
parent 5d12858d41
commit 545e6a56f0
13 changed files with 869 additions and 36 deletions
--- a/tests/aestest.c
+++ b/tests/aestest.c
@@ -387,6 +387,57 @@ int test_aes_gcm(void)
 	return 1;
 }

+#ifdef ENABLE_AES_CCM
+int test_aes_ccm(void)
+{
+	AES_KEY aes_key;
+	uint8_t key[16] = {
+		0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+		0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
+	};
+	uint8_t iv[12] = {
+		0x10, 0x11, 0x12, 0x13, 0x14, 0x15,
+		0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
+	};
+	uint8_t aad[20] = {
+		0x00, 0x01, 0x02, 0x03, 0x04,
+		0x05, 0x06, 0x07, 0x08, 0x09,
+		0x0a, 0x0b, 0x0c, 0x0d, 0x0e,
+		0x0f, 0x10, 0x11, 0x12, 0x13,
+	};
+	uint8_t in[23] = {
+		0x20, 0x21, 0x22, 0x23, 0x24, 0x25,
+		0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b,
+		0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31,
+		0x32, 0x33, 0x34, 0x35, 0x36,
+	};
+	uint8_t out[sizeof(in)];
+	uint8_t buf[sizeof(in)];
+	uint8_t tag[16];
+
+	aes_set_encrypt_key(&aes_key, key, sizeof(key));
+	if (aes_ccm_encrypt(&aes_key, iv, sizeof(iv), aad, sizeof(aad), in, sizeof(in),
+		out, sizeof(tag), tag) != 1) {
+		error_print();
+		return -1;
+	}
+	if (aes_ccm_decrypt(&aes_key, iv, sizeof(iv), aad, sizeof(aad), out, sizeof(out),
+		tag, sizeof(tag), buf) != 1 || memcmp(buf, in, sizeof(in)) != 0) {
+		error_print();
+		return -1;
+	}
+	tag[0] ^= 0x01;
+	if (aes_ccm_decrypt(&aes_key, iv, sizeof(iv), aad, sizeof(aad), out, sizeof(out),
+		tag, sizeof(tag), buf) != -1) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+#endif
+
 int test_aes_cbc_pkcs5_wycheproof(void)
 {
 	size_t i;
@@ -465,6 +516,9 @@ int main(void)
 	if (test_aes() != 1) goto err;
 	if (test_aes_ctr() != 1) goto err;
 	if (test_aes_gcm() != 1) goto err;
+#ifdef ENABLE_AES_CCM
+	if (test_aes_ccm() != 1) goto err;
+#endif
 	if (test_aes_cbc_pkcs5_wycheproof() != 1) goto err;
 	printf("%s all tests passed!\n", __FILE__);
 	return 0;
--- a/tests/tls13test.c
+++ b/tests/tls13test.c
@@ -97,6 +97,56 @@ static int test_tls13_gcm(void)
 	return 1;
 }

+#ifdef ENABLE_AES_CCM
+static int test_tls13_ccm(void)
+{
+	BLOCK_CIPHER_KEY block_key;
+	uint8_t key[16];
+	uint8_t iv[12];
+	uint8_t seq_num[8] = {0,0,0,0,0,0,0,1};
+	uint8_t record[5 + 40];
+	size_t recordlen;
+	size_t padding_len = 8;
+	uint8_t enced_record[256];
+	size_t enced_recordlen;
+	uint8_t buf[256];
+	size_t buflen;
+
+	rand_bytes(key, sizeof(key));
+	rand_bytes(iv, sizeof(iv));
+	rand_bytes(record + 5, 40);
+
+	record[0] = TLS_record_handshake;
+	record[1] = TLS_protocol_tls12 >> 8;
+	record[2] = TLS_protocol_tls12 & 0xff;
+	record[3] = 0;
+	record[4] = 40;
+	recordlen = 5 + 40;
+
+	if (block_cipher_set_encrypt_key(&block_key, BLOCK_CIPHER_aes128(), key) != 1) {
+		error_print();
+		return -1;
+	}
+	if (tls13_record_encrypt(TLS_cipher_aes_128_ccm_sha256, &block_key, iv,
+		seq_num, record, recordlen, padding_len, enced_record, &enced_recordlen) != 1) {
+		error_print();
+		return -1;
+	}
+	if (tls13_record_decrypt(TLS_cipher_aes_128_ccm_sha256, &block_key, iv,
+		seq_num, enced_record, enced_recordlen, buf, &buflen) != 1) {
+		error_print();
+		return -1;
+	}
+	if (buflen != recordlen || memcmp(buf, record, recordlen) != 0) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+#endif
+
 static int test_tls13_supported_versions_ext(void)
 {
 	const int client_versions[] = { TLS_protocol_tls13, TLS_protocol_tls12, TLS_protocol_tlcp };
@@ -661,6 +711,9 @@ int main(void)
 {
 	if (test_tls_ext() != 1) goto err;
 	if (test_tls13_gcm() != 1) goto err;
+#ifdef ENABLE_AES_CCM
+	if (test_tls13_ccm() != 1) goto err;
+#endif
 	if (test_tls13_supported_versions_ext() != 1) goto err;
 	if (test_tls13_key_share_ext() != 1) goto err;
 	if (test_tls_supported_groups_ext() != 1) goto err;
--- a/tests/tlstest.c
+++ b/tests/tlstest.c
@@ -111,6 +111,54 @@ static int test_tls_cbc(void)
 	return 1;
 }

+#ifdef ENABLE_AES_CCM
+static int test_tls_ccm(void)
+{
+	uint8_t key[16] = {0};
+	BLOCK_CIPHER_KEY aes_key;
+	uint8_t fixed_iv[4] = {0x10, 0x11, 0x12, 0x13};
+	uint8_t seq_num[8] = {0,0,0,0,0,0,0,1};
+	uint8_t record[5 + 32];
+	uint8_t enced_record[256];
+	uint8_t buf[256];
+	size_t recordlen;
+	size_t enced_recordlen;
+	size_t buflen;
+
+	record[0] = TLS_record_handshake;
+	record[1] = TLS_protocol_tls12 >> 8;
+	record[2] = TLS_protocol_tls12 & 0xff;
+	record[3] = 0;
+	record[4] = 12;
+	memcpy(record + 5, "hello world", 12);
+	recordlen = 5 + 12;
+
+	block_cipher_set_encrypt_key(&aes_key, BLOCK_CIPHER_aes128(), key);
+	if (tls_ccm_encrypt(&aes_key, fixed_iv, seq_num, record,
+		record + 5, 12, enced_record + 5, &enced_recordlen) != 1) {
+		error_print();
+		return -1;
+	}
+	enced_record[0] = record[0];
+	enced_record[1] = record[1];
+	enced_record[2] = record[2];
+	enced_record[3] = (uint8_t)(enced_recordlen >> 8);
+	enced_record[4] = (uint8_t)enced_recordlen;
+	enced_recordlen += 5;
+
+	if (tls12_record_decrypt(TLS_cipher_aes_128_ccm_sha256, NULL, &aes_key, fixed_iv, seq_num,
+		enced_record, enced_recordlen, buf, &buflen) != 1
+		|| buflen != recordlen
+		|| memcmp(buf, record, recordlen) != 0) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+#endif
+
 static int test_tls_random(void)
 {
 	uint8_t random[32];
@@ -439,6 +487,9 @@ static int test_tls_trusted_ca_keys_ext(void)
 int main(void)
 {
 	if (test_tls_null_to_bytes() != 1) goto err;
+#ifdef ENABLE_AES_CCM
+	if (test_tls_ccm() != 1) goto err;
+#endif
 	/*
 	if (test_tls_encode() != 1) goto err;
 	if (test_tls_cbc() != 1) goto err;