Update SM4 GCM IV sizes

guanzhi · Oct 13, 2023 · 71fb469 · 71fb469
1 parent 06017d2
commit 71fb469
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 6 deletions.
diff --git a/include/gmssl/aead.h b/include/gmssl/aead.h
@@ -84,9 +84,6 @@ typedef struct {
 } SM4_GCM_CTX;
 
 #define SM4_GCM_KEY_SIZE 16
-#define SM4_GCM_MIN_IV_SIZE 1
-#define SM4_GCM_DEFAULT_IV_SIZE 12
-#define SM4_GCM_MAX_IV_SIZE 64
 #define SM4_GCM_DEFAULT_TAG_SIZE 16
 
 _gmssl_export int sm4_gcm_encrypt_init(SM4_GCM_CTX *ctx,

diff --git a/include/gmssl/sm4.h b/include/gmssl/sm4.h
@@ -73,17 +73,28 @@ void sm4_ctr_encrypt(const SM4_KEY *key, uint8_t ctr[SM4_BLOCK_SIZE],
 
 
 #define SM4_GCM_IV_MIN_SIZE		1
-#define SM4_GCM_IV_MAX_SIZE		((uint64_t)(1 << (64-3)))
+#define SM4_GCM_IV_MAX_SIZE		(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
+
 #define SM4_GCM_IV_DEFAULT_BITS		96
 #define SM4_GCM_IV_DEFAULT_SIZE		12
 
+//#define NIST_SP800_GCM_MAX_IV_SIZE	(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
+
+#define SM4_GCM_MAX_IV_SIZE		64
+#define SM4_GCM_MIN_IV_SIZE		1
+#define SM4_GCM_DEFAULT_IV_SIZE		12
+
 #define SM4_GCM_MIN_AAD_SIZE		0
-#define SM4_GCM_MAX_AAD_SIZE		((uint64_t)(1 << (64-3)))
+#define SM4_GCM_MAX_AAD_SIZE		(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
 
 #define SM4_GCM_MIN_PLAINTEXT_SIZE	0
-#define SM4_GCM_MAX_PLAINTEXT_SIZE	((((uint64_t)1 << 39) - 256) >> 3)
+#define SM4_GCM_MAX_PLAINTEXT_SIZE	((((uint64_t)1 << 39) - 256) >> 3) // 68719476704
 
 #define SM4_GCM_MAX_TAG_SIZE		16
+#define SM4_GCM_MIN_TAG_SIZE		12
+// For certain applications (voice or video), tag may be 64 or 32 bits
+// see NIST Special Publication 800-38D, Appendix C for more details
+
 
 int sm4_gcm_encrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen,
 	const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,