Skip to content

Add AES CMAC support #394

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 5, 2025
Merged

Add AES CMAC support #394

merged 7 commits into from
Aug 5, 2025

Conversation

@Lukasa
Copy link
Contributor

@Lukasa Lukasa commented Aug 4, 2025

Motivation

AES CMAC is a standardised albeit somewhat uncommon MAC built on top of the AES block cipher. CMAC pops up in a few places, mostly where it is convenient to assume that you have access to AES, but not to a hash function. For example, AES-SIV is built on CMAC.

Modifications

Add CMAC support
Add tests and test vectors

Result

CMAC is supported

@Lukasa
Add AES CMAC support
414316f 
Motivation

AES CMAC is a standardised albeit somewhat uncommon MAC
built on top of the AES block cipher. CMAC pops up in a
few places, mostly where it is convenient to assume that
you have access to AES, but not to a hash function. For
example, AES-SIV is built on CMAC.

Modifications

Add CMAC support
Add tests and test vectors

Result

CMAC is supported
@Lukasa Lukasa added the 🆕 semver/minor Adds new public API. label Aug 4, 2025
glbrntt
glbrntt approved these changes Aug 5, 2025
View reviewed changes
Copy link
Contributor

@glbrntt glbrntt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two tiny things but LGTM otherwise

Sources/_CryptoExtras/AES/CMAC.swift

@available(iOS 13.0, macOS 10.15, watchOS 6.0, tvOS 13.0, *)
extension AES {
public struct CMAC: @unchecked Sendable {
Copy link
Contributor

@glbrntt glbrntt Aug 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a "why @unchecked is okay here" comment?

Sources/_CryptoExtras/AES/CMAC.swift Outdated
Comment on lines 57 to 58
/// - data: The data to be authenticated.
public mutating func update(bufferPointer: UnsafeRawBufferPointer) {
Copy link
Contributor

@glbrntt glbrntt Aug 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The labels don't line up here

@Lukasa Lukasa enabled auto-merge (squash) August 5, 2025 10:09
@Lukasa Lukasa merged commit 334e682 into apple:main Aug 5, 2025
43 checks passed
@Lukasa Lukasa deleted the cb-cmac branch August 5, 2025 10:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@glbrntt glbrntt glbrntt approved these changes

Assignees

No one assigned

Labels

🆕 semver/minor Adds new public API.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Lukasa @glbrntt