Update SM4 GCM IV sizes

2026-05-06 16:36:16 +08:00 · 2023-10-13 22:08:17 +08:00
parent 06017d23f5
commit 71fb469801
2 changed files with 14 additions and 6 deletions
--- a/include/gmssl/aead.h
+++ b/include/gmssl/aead.h
@@ -84,9 +84,6 @@ typedef struct {
 } SM4_GCM_CTX;

 #define SM4_GCM_KEY_SIZE 16
-#define SM4_GCM_MIN_IV_SIZE 1
-#define SM4_GCM_DEFAULT_IV_SIZE 12
-#define SM4_GCM_MAX_IV_SIZE 64
 #define SM4_GCM_DEFAULT_TAG_SIZE 16

 _gmssl_export int sm4_gcm_encrypt_init(SM4_GCM_CTX *ctx,
--- a/include/gmssl/sm4.h
+++ b/include/gmssl/sm4.h
@@ -73,17 +73,28 @@ void sm4_ctr_encrypt(const SM4_KEY *key, uint8_t ctr[SM4_BLOCK_SIZE],


 #define SM4_GCM_IV_MIN_SIZE		1
-#define SM4_GCM_IV_MAX_SIZE		((uint64_t)(1 << (64-3)))
+#define SM4_GCM_IV_MAX_SIZE		(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
+
 #define SM4_GCM_IV_DEFAULT_BITS		96
 #define SM4_GCM_IV_DEFAULT_SIZE		12

+//#define NIST_SP800_GCM_MAX_IV_SIZE	(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
+
+#define SM4_GCM_MAX_IV_SIZE		64
+#define SM4_GCM_MIN_IV_SIZE		1
+#define SM4_GCM_DEFAULT_IV_SIZE		12
+
 #define SM4_GCM_MIN_AAD_SIZE		0
-#define SM4_GCM_MAX_AAD_SIZE		((uint64_t)(1 << (64-3)))
+#define SM4_GCM_MAX_AAD_SIZE		(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951

 #define SM4_GCM_MIN_PLAINTEXT_SIZE	0
-#define SM4_GCM_MAX_PLAINTEXT_SIZE	((((uint64_t)1 << 39) - 256) >> 3)
+#define SM4_GCM_MAX_PLAINTEXT_SIZE	((((uint64_t)1 << 39) - 256) >> 3) // 68719476704

 #define SM4_GCM_MAX_TAG_SIZE		16
+#define SM4_GCM_MIN_TAG_SIZE		12
+// For certain applications (voice or video), tag may be 64 or 32 bits
+// see NIST Special Publication 800-38D, Appendix C for more details
+

 int sm4_gcm_encrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen,
 	const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,