#![cfg(all(cmac, feature = "mac"))] use digest::{KeyInit, Mac}; use wolfssl_wolfcrypt::cmac_mac::CmacAes128; #[test] fn test_cmac_aes128_mac_trait() { let key = [ 0x2bu8, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c ]; let message = [ 0x6bu8, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, ]; let expected = [ 0x07u8, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c ]; let mut mac = CmacAes128::new_from_slice(&key) .expect("CMAC init failed"); mac.update(&message); mac.verify_slice(&expected).expect("CMAC verification failed"); } #[test] fn test_cmac_aes128_mac_finalize() { let key = [ 0x2bu8, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c ]; let message = [ 0x6bu8, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, ]; let expected: &[u8] = &[ 0x07u8, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c ]; let mac = CmacAes128::new_from_slice(&key) .expect("CMAC init failed") .chain_update(&message); let result = mac.finalize(); assert_eq!(result.as_bytes().as_slice(), expected); } #[test] fn test_cmac_aes128_mac_verify_fail() { let key = [ 0x2bu8, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c ]; let message = [ 0x6bu8, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, ]; let wrong_tag = [0u8; 16]; let mut mac = CmacAes128::new_from_slice(&key) .expect("CMAC init failed"); mac.update(&message); assert!(mac.verify_slice(&wrong_tag).is_err()); } #[test] fn test_cmac_aes128_wrong_key_size() { let bad_key = [0u8; 15]; // wrong size for AES-128 assert!(CmacAes128::new_from_slice(&bad_key).is_err()); }