Finish of ext sup data (aad) for MAC

inc/t_cose/t_cose_mac_compute.h

@@ -163,6 +163,7 @@ t_cose_mac_encode_parameters(struct t_cose_mac_calculate_ctx *context,
  */
 enum t_cose_err_t
 t_cose_mac_encode_tag(struct t_cose_mac_calculate_ctx *context,
+                      struct q_useful_buf_c            ext_sup_data,
                       struct q_useful_buf_c            payload,
                       QCBOREncodeContext              *cbor_encode_ctx);
 

src/t_cose_mac_compute.c

@@ -81,6 +81,7 @@ t_cose_mac_encode_parameters(struct t_cose_mac_calculate_ctx *me,
  */
 enum t_cose_err_t
 t_cose_mac_encode_tag(struct t_cose_mac_calculate_ctx *me,
+                      struct q_useful_buf_c            ext_sup_data,
                       struct q_useful_buf_c            payload,
                       QCBOREncodeContext              *cbor_encode_ctx)
 {
@@ -127,8 +128,8 @@ t_cose_mac_encode_tag(struct t_cose_mac_calculate_ctx *me,
      * MAC are the protected parameters, the payload that is
      * getting MACed.
      */
-    mac_input.ext_sup_data = NULL_Q_USEFUL_BUF_C; // TODO: this won't be NULL when AAD is supported
-    mac_input.payload = payload;
+    mac_input.ext_sup_data   = ext_sup_data;
+    mac_input.payload        = payload;
     mac_input.body_protected = me->protected_parameters;
     mac_input.sign_protected = NULL_Q_USEFUL_BUF_C; /* Never sign-protected for MAC */
     return_value = create_tbm(&mac_input,
@@ -191,12 +192,11 @@ t_cose_mac_encode_tag(struct t_cose_mac_calculate_ctx *me,
 enum t_cose_err_t
 t_cose_mac_compute_private(struct t_cose_mac_calculate_ctx *me,
                            bool                             payload_is_detached,
-                           struct q_useful_buf_c            aad,
+                           struct q_useful_buf_c            ext_sup_data,
                            struct q_useful_buf_c            payload,
                            struct q_useful_buf              out_buf,
                            struct q_useful_buf_c           *result)
 {
-    (void)aad;
     QCBOREncodeContext  encode_ctx;
     enum t_cose_err_t   return_value;
 
@@ -217,7 +217,7 @@ t_cose_mac_compute_private(struct t_cose_mac_calculate_ctx *me,
         QCBOREncode_AddBytes(&encode_ctx, payload);
     }
 
-    return_value = t_cose_mac_encode_tag(me, payload, &encode_ctx);
+    return_value = t_cose_mac_encode_tag(me, ext_sup_data, payload, &encode_ctx);
     if(return_value) {
         goto Done;
     }

src/t_cose_mac_validate.c

@@ -29,7 +29,7 @@
 enum t_cose_err_t
 t_cose_mac_validate_private(struct t_cose_mac_validate_ctx *me,
                             struct q_useful_buf_c           cose_mac,
-                            struct q_useful_buf_c           aad,
+                            struct q_useful_buf_c           ext_sup_data,
                             bool                            payload_is_detached,
                             struct q_useful_buf_c          *payload,
                             struct t_cose_parameter       **return_params)
@@ -129,8 +129,8 @@ t_cose_mac_validate_private(struct t_cose_mac_validate_ctx *me,
     }
 
     /* -- Compute the ToBeMaced -- */
-    mac_input.ext_sup_data = aad;
-    mac_input.payload = *payload;
+    mac_input.ext_sup_data   = ext_sup_data;
+    mac_input.payload        = *payload;
     mac_input.body_protected = protected_parameters;
     mac_input.sign_protected = NULL_Q_USEFUL_BUF_C; /* Never sign-protected for MAC */
     return_value = create_tbm(&mac_input,

src/t_cose_util.c

@@ -296,10 +296,10 @@ create_tbm(const struct t_cose_sign_inputs *mac_inputs,
     /* body_protected */
     QCBOREncode_AddBytes(&cbor_encode_ctx, mac_inputs->body_protected);
 
-    /* external_aad. There is none so an empty bstr */
-    QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_Q_USEFUL_BUF_C);
+    /* ext_sup_data  */
+    QCBOREncode_AddBytes(&cbor_encode_ctx, mac_inputs->ext_sup_data);
 
-    /* The short fake payload, add only the byte string type and length */
+    /* The short fake payload, ext_sup_data only the byte string type and length */
     QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, mac_inputs->payload);
 
     /* Close of the array */

test/t_cose_compute_validate_mac_test.c

@@ -78,6 +78,7 @@ static int32_t compute_validate_basic_test_alg_mac(int32_t cose_alg)
     struct q_useful_buf_c        maced_cose;
     struct t_cose_key            key;
     struct q_useful_buf_c        in_payload = Q_USEFUL_BUF_FROM_SZ_LITERAL("payload");
+    struct q_useful_buf_c        in_exp_sup_data = Q_USEFUL_BUF_FROM_SZ_LITERAL("sup data");
     struct q_useful_buf_c        out_payload;
 
     /* -- Get started with context initialization, selecting the alg -- */
@@ -93,7 +94,7 @@ static int32_t compute_validate_basic_test_alg_mac(int32_t cose_alg)
     t_cose_mac_set_computing_key(&mac_ctx, key, NULL_Q_USEFUL_BUF_C);
 
     cose_res = t_cose_mac_compute(&mac_ctx,
-                                   NULL_Q_USEFUL_BUF_C,
+                                   in_exp_sup_data,
                                    in_payload,
                                    maced_cose_buffer,
                                   &maced_cose);
@@ -109,7 +110,7 @@ static int32_t compute_validate_basic_test_alg_mac(int32_t cose_alg)
 
     cose_res = t_cose_mac_validate(&validate_ctx,
                                     maced_cose,  /* COSE to validate */
-                                    NULL_Q_USEFUL_BUF_C,
+                                    in_exp_sup_data,
                                    &out_payload, /* Payload from maced_cose */
                                     NULL);
     if(cose_res != T_COSE_SUCCESS) {
@@ -212,7 +213,7 @@ int32_t compute_validate_mac_fail_test(void)
     QCBOREncode_AddSZString(&cbor_encode, "payload");
     QCBOREncode_CloseBstrWrap2(&cbor_encode, false, &payload);
 
-    result = t_cose_mac_encode_tag(&mac_ctx, payload, &cbor_encode);
+    result = t_cose_mac_encode_tag(&mac_ctx, NULL_Q_USEFUL_BUF_C, payload, &cbor_encode);
     if(result) {
         return_value = 3000 + (int32_t)result;
         goto Done;
@@ -288,7 +289,7 @@ static int size_test(int32_t               cose_algorithm_id,
 
     QCBOREncode_AddBytes(&cbor_encode, payload);
 
-    return_value = t_cose_mac_encode_tag(&mac_ctx, payload, &cbor_encode);
+    return_value = t_cose_mac_encode_tag(&mac_ctx, NULL_Q_USEFUL_BUF_C, payload, &cbor_encode);
     if(return_value) {
         return 3000 + (int32_t)return_value;
     }
@@ -311,7 +312,7 @@ static int size_test(int32_t               cose_algorithm_id,
 
     QCBOREncode_AddBytes(&cbor_encode, payload);
 
-    return_value = t_cose_mac_encode_tag(&mac_ctx, payload, &cbor_encode);
+    return_value = t_cose_mac_encode_tag(&mac_ctx, NULL_Q_USEFUL_BUF_C, payload, &cbor_encode);
     if(return_value) {
         return 3000 + (int32_t)return_value;
     }
@@ -547,6 +548,7 @@ int32_t compute_validate_detached_content_mac_fail_test(void)
     QCBOREncode_AddNULL(&cbor_encode);
 
     result = t_cose_mac_encode_tag(&mac_ctx,
+                                   NULL_Q_USEFUL_BUF_C,
                                    Q_USEFUL_BUF_FROM_SZ_LITERAL("payload"),
                                    &cbor_encode);
     if(result) {
@@ -617,7 +619,7 @@ static int detached_content_size_test(int32_t               cose_algorithm_id,
 
     QCBOREncode_AddNULL(&cbor_encode);
 
-    return_value = t_cose_mac_encode_tag(&mac_ctx, payload, &cbor_encode);
+    return_value = t_cose_mac_encode_tag(&mac_ctx, NULL_Q_USEFUL_BUF_C, payload, &cbor_encode);
     if(return_value) {
         return 3000 + (int32_t)return_value;
     }
@@ -640,7 +642,7 @@ static int detached_content_size_test(int32_t               cose_algorithm_id,
 
     QCBOREncode_AddNULL(&cbor_encode);
 
-    return_value = t_cose_mac_encode_tag(&mac_ctx, payload, &cbor_encode);
+    return_value = t_cose_mac_encode_tag(&mac_ctx, NULL_Q_USEFUL_BUF_C, payload, &cbor_encode);
     if(return_value) {
         return 3000 + (int32_t)return_value;
     }