7Ara
How to get a 12 bytes authentication tag in AES-GCM
i want to generate a 12 bytes authentication in AES-GCM. my code only give me an output tag of 16 bytes. i have tried to use the min_tag_length but it rises an error. can i get your guidance, thank in advance.
import os
from cryptography.hazmat.primitives.ciphers import (
Cipher, algorithms, modes
)
#f(StoC)= SC || IC || GMAC( SC || AK || StoC)
#associated data , AAD= SC || AK || StoC
SC=bytes.fromhex("10")
StoC=bytes.fromhex("39373635313934303931363137383231")
key = bytes.fromhex("000102030405060708090A0B0C0D0E0F") #EK
A_key = bytes.fromhex("000102030405060708090A0B0C0D0E0F") #AK
#AAD
associated_data=SC+A_key+StoC
#print (associated_data.hex(),type(associated_data))
def encrypt(key, plaintext, associated_data):
#global associated_data
#global key
# Generate a random 96-bit IV.
part1 = bytes.fromhex("485845033225519F") #Syst_title
part2 = bytes.fromhex("00000002") # IC
# Concatenate the parts
iv = part1 + part2
#iv = bytes.fromhex(sum)
#print (type(iv))
# Construct an AES-GCM Cipher object with the given key and a
encryptor = Cipher(
algorithms.AES(key),
modes.GCM(iv, tag_length=12),
).encryptor()
# associated_data will be authenticated but not encrypted,
# it must also be passed in on decryption.
encryptor.authenticate_additional_data(associated_data)
# Encrypt the plaintext and get the associated ciphertext.
# GCM does not require padding.
ciphertext = encryptor.update(plaintext) + encryptor.finalize()
iv_hex=iv.hex()
ciphertext_hex = ciphertext.hex()
encryptor.tag_hex= encryptor.tag.hex()
print(f"{iv_hex=}")
#print(f"{ciphertext_hex=}")
print(f"{encryptor.tag_hex=}")
challenge =SC+part2+encryptor.tag
challenge_hex=challenge.hex()
print(f"{challenge_hex=}")
#return (iv, ciphertext, encryptor.tag)
return challenge_hex
encrypt(key, StoC, associated_data)