cbcmac: CBCMAC enable provided padding method #319

cbcmac/cbcmac.go

@@ -37,10 +37,27 @@ type cbcmac struct {
 // The padding scheme is ISO/IEC 9797-1 method 2.
 // GB/T 15821.1-2020 MAC scheme 1
 func NewCBCMAC(b cipher.Block, size int) BockCipherMAC {
+	return NewCBCMACWithPadding(b, size, padding.NewISO9797M2Padding)
+}
+
+
+// NewCBCMACWithPadding creates a new CBC-MAC (Cipher Block Chaining Message Authentication Code) 
+// with the specified block cipher, MAC size, and padding function. The MAC size must be greater 
+// than 0 and less than or equal to the block size of the cipher. If the size is invalid, the 
+// function will panic. The padding function is used to pad the input to the block size of the cipher.
+//
+// Parameters:
+// - b: The block cipher to use for CBC-MAC.
+// - size: The size of the MAC in bytes. Must be greater than 0 and less than or equal to the block size of the cipher.
+// - paddingFunc: The padding function to use for padding the input to the block size of the cipher.
+//
+// Returns:
+// - A BockCipherMAC instance that can be used to compute the CBC-MAC.
+func NewCBCMACWithPadding(b cipher.Block, size int, paddingFunc padding.PaddingFunc) BockCipherMAC {
 	if size <= 0 || size > b.BlockSize() {
 		panic("cbcmac: invalid size")
 	}
-	return &cbcmac{b: b, pad: padding.NewISO9797M2Padding(uint(b.BlockSize())), size: size}
+	return &cbcmac{b: b, pad: paddingFunc(uint(b.BlockSize())), size: size}
 }
 
 func (c *cbcmac) Size() int {

cbcmac/cbcmac_test.go

@@ -8,6 +8,7 @@ import (
 	"testing"
 
 	"github.com/emmansun/gmsm/internal/cryptotest"
+	"github.com/emmansun/gmsm/padding"
 	"github.com/emmansun/gmsm/sm4"
 )
 
@@ -48,6 +49,59 @@ func TestCBCMAC(t *testing.T) {
 	}
 }
 
+func TestCBCMACWithPadding(t *testing.T) {
+	// Test vectors from GB/T 15821.1-2020 Appendix B.
+	cases := []struct {
+		key         []byte
+		src         []byte
+		tag         []byte
+		paddingFunc padding.PaddingFunc
+	}{
+		{
+			[]byte{0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10},
+			nil,
+			[]byte{0x8c, 0x33, 0x8e, 0x5a, 0x27, 0xe3, 0x49, 0xbe, 0xae, 0x39, 0x21, 0x4f, 0xed, 0xa9, 0x70, 0x99},
+			padding.NewISO9797M2Padding,
+		},
+		{
+			[]byte{0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10},
+			[]byte("This is the test message for mac"),
+			[]byte{0x4b, 0x65, 0x53, 0xaf, 0x3c, 0x4e, 0x27, 0x44, 0x84, 0x12, 0x31, 0x5a, 0xc7, 0x84, 0x95, 0x35},
+			padding.NewISO9797M2Padding,
+		},
+		{
+			[]byte{0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10},
+			[]byte("This is the test message "),
+			[]byte{0x42, 0x1a, 0xd1, 0x69, 0x0a, 0xa1, 0x52, 0xe2, 0x84, 0x6f, 0xa2, 0xa5, 0xd8, 0x34, 0x45, 0xa9},
+			padding.NewISO9797M2Padding,
+		},
+		{
+			[]byte{0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10},
+			[]byte("This is the test message for mac"),
+			[]byte{0x71, 0xaf, 0x7e, 0x45, 0x53, 0x40, 0x4c, 0xbc, 0xc4, 0xf2, 0x97, 0x3c, 0xdb, 0xd0, 0xf0, 0x63},
+			padding.NewISO9797M3Padding,
+		},
+		{
+			[]byte{0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10},
+			[]byte("This is the test message "),
+			[]byte{0x6a, 0x4a, 0x86, 0xf5, 0xb5, 0xe4, 0x68, 0xda, 0xd2, 0x7d, 0xf2, 0x5f, 0xb9, 0xd9, 0xbe, 0x16},
+			padding.NewISO9797M3Padding,
+		},
+	}
+
+	for i, c := range cases {
+		block, err := sm4.NewCipher(c.key)
+		if err != nil {
+			t.Errorf("#%d: failed to create cipher: %v", i, err)
+		}
+		mac := NewCBCMACWithPadding(block, len(c.tag), c.paddingFunc)
+		tag := mac.MAC(c.src)
+		if !bytes.Equal(tag, c.tag) {
+			t.Errorf("#%d: expect tag %x, got %x", i, c.tag, tag)
+		}
+	}
+}
+
 func TestEMAC(t *testing.T) {
 	// Test vectors from GB/T 15821.1-2020 Appendix B.
 	cases := []struct {