crypto/mbedtls/source/cmac_alt.c - nuttx-apps - Git at Google

 /****************************************************************************
  * apps/crypto/mbedtls/source/cmac_alt.c
  *
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.  The
  * ASF licenses this file to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance with the
  * License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
  * License for the specific language governing permissions and limitations
  * under the License.
  ****************************************************************************/

 /****************************************************************************
  * Included Files
  ****************************************************************************/

 #include "mbedtls/cmac.h"
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 #include "mbedtls/platform.h"

 #include <string.h>

 /****************************************************************************
  * Public Functions
  ****************************************************************************/

 int mbedtls_cipher_cmac_starts(FAR mbedtls_cipher_context_t *ctx,
                                FAR const unsigned char *key,
                                size_t keybits)
 {
   FAR mbedtls_cmac_context_t *cmac_ctx;
   uint32_t cipher_type;
   uint32_t mac_type;
   int retval;

   if (ctx == NULL || ctx->cipher_info == NULL || key == NULL)
     {
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   switch (ctx->cipher_info->type)
     {
       case MBEDTLS_CIPHER_AES_128_ECB:
           cipher_type = CRYPTO_AES_CMAC;
           mac_type = CRYPTO_AES_128_CMAC;
           break;
       default:
           return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   cmac_ctx = mbedtls_calloc(1, sizeof(mbedtls_cmac_context_t));
   if (cmac_ctx == NULL)
     {
       return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
     }

   retval = cryptodev_init(&cmac_ctx->dev);
   if (retval != 0)
     {
       mbedtls_free(cmac_ctx);
       return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
     }

   cmac_ctx->cipher_type = cipher_type;
   cmac_ctx->mac_type = mac_type;
   cmac_ctx->keybits = keybits;
   memcpy(cmac_ctx->key, key, keybits / 8);
   cmac_ctx->dev.session.cipher = cipher_type;
   cmac_ctx->dev.session.key = (caddr_t)cmac_ctx->key;
   cmac_ctx->dev.session.keylen = keybits / 8;
   cmac_ctx->dev.session.mac = mac_type;
   cmac_ctx->dev.session.mackey = (caddr_t)cmac_ctx->key;
   cmac_ctx->dev.session.mackeylen = keybits / 8;

   retval = cryptodev_get_session(&cmac_ctx->dev);
   if (retval != 0)
     {
       cryptodev_free(&cmac_ctx->dev);
       mbedtls_free(cmac_ctx);
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   ctx->cmac_ctx = cmac_ctx;
   return retval;
 }

 int mbedtls_cipher_cmac_update(FAR mbedtls_cipher_context_t *ctx,
                                FAR const unsigned char *input,
                                size_t ilen)
 {
   if (ctx == NULL || ctx->cmac_ctx == NULL || input == NULL || ilen < 0)
     {
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   ctx->cmac_ctx->dev.crypt.op = COP_ENCRYPT;
   ctx->cmac_ctx->dev.crypt.flags |= COP_FLAG_UPDATE;
   ctx->cmac_ctx->dev.crypt.src = (caddr_t)input;
   ctx->cmac_ctx->dev.crypt.len = ilen;
   return cryptodev_crypt(&ctx->cmac_ctx->dev);
 }

 int mbedtls_cipher_cmac_finish(FAR mbedtls_cipher_context_t *ctx,
                                FAR unsigned char *output)
 {
   int ret;

   if (ctx == NULL || ctx->cmac_ctx == NULL || output == NULL)
     {
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   ctx->cmac_ctx->dev.crypt.flags = 0;
   ctx->cmac_ctx->dev.crypt.mac = (caddr_t)output;
   ret = cryptodev_crypt(&ctx->cmac_ctx->dev);
   cryptodev_free_session(&ctx->cmac_ctx->dev);
   cryptodev_free(&ctx->cmac_ctx->dev);
   return ret;
 }

 int mbedtls_cipher_cmac_reset(FAR mbedtls_cipher_context_t *ctx)
 {
   FAR mbedtls_cmac_context_t *cmac_ctx;
   int ret;

   if (ctx == NULL || ctx->cmac_ctx == NULL)
     {
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   cmac_ctx = ctx->cmac_ctx;
   ret = cryptodev_init(&cmac_ctx->dev);
   if (ret != 0)
     {
       return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
     }

   cmac_ctx->dev.session.cipher = cmac_ctx->cipher_type;
   cmac_ctx->dev.session.key = (caddr_t)cmac_ctx->key;
   cmac_ctx->dev.session.keylen = cmac_ctx->keybits / 8;
   cmac_ctx->dev.session.mac = cmac_ctx->mac_type;
   cmac_ctx->dev.session.mackey = (caddr_t)cmac_ctx->key;
   cmac_ctx->dev.session.mackeylen = cmac_ctx->keybits / 8;

   ret = cryptodev_get_session(&cmac_ctx->dev);
   if (ret != 0)
     {
       cryptodev_free(&cmac_ctx->dev);
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   return ret;
 }

 int mbedtls_cipher_cmac(FAR const mbedtls_cipher_info_t *cipher_info,
                         FAR const unsigned char *key, size_t keylen,
                         FAR const unsigned char *input, size_t ilen,
                         FAR unsigned char *output)
 {
   FAR mbedtls_cipher_context_t ctx;
   int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;

   if (cipher_info == NULL || key == NULL || input == NULL || output == NULL)
     {
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   mbedtls_cipher_init(&ctx);

   if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0)
     {
       goto exit;
     }

   ret = mbedtls_cipher_cmac_starts(&ctx, key, keylen);
   if (ret != 0)
     {
       goto exit;
     }

   ret = mbedtls_cipher_cmac_update(&ctx, input, ilen);
   if (ret != 0)
     {
       goto exit;
     }

   ret = mbedtls_cipher_cmac_finish(&ctx, output);

 exit:
   mbedtls_cipher_free(&ctx);
   return ret;
 }

 #if defined(MBEDTLS_AES_C)
 int mbedtls_aes_cmac_prf_128(FAR const unsigned char *key, size_t key_length,
                              FAR const unsigned char *input, size_t in_len,
                              unsigned char output[16])
 {
   int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
   FAR const mbedtls_cipher_info_t *cipher_info;
   unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
   unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];

   if (key == NULL || input == NULL || output == NULL)
     {
       return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }

   cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
   if (cipher_info == NULL)
     {
       ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
       goto exit;
     }

   if (key_length == MBEDTLS_AES_BLOCK_SIZE)
     {
       memcpy(int_key, key, MBEDTLS_AES_BLOCK_SIZE);
     }
   else
     {
       memset(zero_key, 0, MBEDTLS_AES_BLOCK_SIZE);

       ret = mbedtls_cipher_cmac(cipher_info, zero_key, 128, key,
                                 key_length, int_key);
       if (ret != 0)
         {
           goto exit;
         }
     }

   ret = mbedtls_cipher_cmac(cipher_info, int_key, 128, input, in_len,
                             output);

 exit:
   mbedtls_platform_zeroize(int_key, sizeof(int_key));
   return ret;
 }
 #endif /* MBEDTLS_AES_C */
	/****************************************************************************
	* apps/crypto/mbedtls/source/cmac_alt.c
	*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership. The
	* ASF licenses this file to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance with the
	* License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	* License for the specific language governing permissions and limitations
	* under the License.
	****************************************************************************/

	/****************************************************************************
	* Included Files
	****************************************************************************/

	#include "mbedtls/cmac.h"
	#include "mbedtls/platform_util.h"
	#include "mbedtls/error.h"
	#include "mbedtls/platform.h"

	#include <string.h>

	/****************************************************************************
	* Public Functions
	****************************************************************************/

	int mbedtls_cipher_cmac_starts(FAR mbedtls_cipher_context_t *ctx,
	FAR const unsigned char *key,
	size_t keybits)
	{
	FAR mbedtls_cmac_context_t *cmac_ctx;
	uint32_t cipher_type;
	uint32_t mac_type;
	int retval;

	if (ctx == NULL \|\| ctx->cipher_info == NULL \|\| key == NULL)
	{
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	switch (ctx->cipher_info->type)
	{
	case MBEDTLS_CIPHER_AES_128_ECB:
	cipher_type = CRYPTO_AES_CMAC;
	mac_type = CRYPTO_AES_128_CMAC;
	break;
	default:
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	cmac_ctx = mbedtls_calloc(1, sizeof(mbedtls_cmac_context_t));
	if (cmac_ctx == NULL)
	{
	return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
	}

	retval = cryptodev_init(&cmac_ctx->dev);
	if (retval != 0)
	{
	mbedtls_free(cmac_ctx);
	return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
	}

	cmac_ctx->cipher_type = cipher_type;
	cmac_ctx->mac_type = mac_type;
	cmac_ctx->keybits = keybits;
	memcpy(cmac_ctx->key, key, keybits / 8);
	cmac_ctx->dev.session.cipher = cipher_type;
	cmac_ctx->dev.session.key = (caddr_t)cmac_ctx->key;
	cmac_ctx->dev.session.keylen = keybits / 8;
	cmac_ctx->dev.session.mac = mac_type;
	cmac_ctx->dev.session.mackey = (caddr_t)cmac_ctx->key;
	cmac_ctx->dev.session.mackeylen = keybits / 8;

	retval = cryptodev_get_session(&cmac_ctx->dev);
	if (retval != 0)
	{
	cryptodev_free(&cmac_ctx->dev);
	mbedtls_free(cmac_ctx);
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	ctx->cmac_ctx = cmac_ctx;
	return retval;
	}

	int mbedtls_cipher_cmac_update(FAR mbedtls_cipher_context_t *ctx,
	FAR const unsigned char *input,
	size_t ilen)
	{
	if (ctx == NULL \|\| ctx->cmac_ctx == NULL \|\| input == NULL \|\| ilen < 0)
	{
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	ctx->cmac_ctx->dev.crypt.op = COP_ENCRYPT;
	ctx->cmac_ctx->dev.crypt.flags \|= COP_FLAG_UPDATE;
	ctx->cmac_ctx->dev.crypt.src = (caddr_t)input;
	ctx->cmac_ctx->dev.crypt.len = ilen;
	return cryptodev_crypt(&ctx->cmac_ctx->dev);
	}

	int mbedtls_cipher_cmac_finish(FAR mbedtls_cipher_context_t *ctx,
	FAR unsigned char *output)
	{
	int ret;

	if (ctx == NULL \|\| ctx->cmac_ctx == NULL \|\| output == NULL)
	{
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	ctx->cmac_ctx->dev.crypt.flags = 0;
	ctx->cmac_ctx->dev.crypt.mac = (caddr_t)output;
	ret = cryptodev_crypt(&ctx->cmac_ctx->dev);
	cryptodev_free_session(&ctx->cmac_ctx->dev);
	cryptodev_free(&ctx->cmac_ctx->dev);
	return ret;
	}

	int mbedtls_cipher_cmac_reset(FAR mbedtls_cipher_context_t *ctx)
	{
	FAR mbedtls_cmac_context_t *cmac_ctx;
	int ret;

	if (ctx == NULL \|\| ctx->cmac_ctx == NULL)
	{
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	cmac_ctx = ctx->cmac_ctx;
	ret = cryptodev_init(&cmac_ctx->dev);
	if (ret != 0)
	{
	return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
	}

	cmac_ctx->dev.session.cipher = cmac_ctx->cipher_type;
	cmac_ctx->dev.session.key = (caddr_t)cmac_ctx->key;
	cmac_ctx->dev.session.keylen = cmac_ctx->keybits / 8;
	cmac_ctx->dev.session.mac = cmac_ctx->mac_type;
	cmac_ctx->dev.session.mackey = (caddr_t)cmac_ctx->key;
	cmac_ctx->dev.session.mackeylen = cmac_ctx->keybits / 8;

	ret = cryptodev_get_session(&cmac_ctx->dev);
	if (ret != 0)
	{
	cryptodev_free(&cmac_ctx->dev);
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	return ret;
	}

	int mbedtls_cipher_cmac(FAR const mbedtls_cipher_info_t *cipher_info,
	FAR const unsigned char *key, size_t keylen,
	FAR const unsigned char *input, size_t ilen,
	FAR unsigned char *output)
	{
	FAR mbedtls_cipher_context_t ctx;
	int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;

	if (cipher_info == NULL \|\| key == NULL \|\| input == NULL \|\| output == NULL)
	{
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	mbedtls_cipher_init(&ctx);

	if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0)
	{
	goto exit;
	}

	ret = mbedtls_cipher_cmac_starts(&ctx, key, keylen);
	if (ret != 0)
	{
	goto exit;
	}

	ret = mbedtls_cipher_cmac_update(&ctx, input, ilen);
	if (ret != 0)
	{
	goto exit;
	}

	ret = mbedtls_cipher_cmac_finish(&ctx, output);

	exit:
	mbedtls_cipher_free(&ctx);
	return ret;
	}

	#if defined(MBEDTLS_AES_C)
	int mbedtls_aes_cmac_prf_128(FAR const unsigned char *key, size_t key_length,
	FAR const unsigned char *input, size_t in_len,
	unsigned char output[16])
	{
	int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
	FAR const mbedtls_cipher_info_t *cipher_info;
	unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
	unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];

	if (key == NULL \|\| input == NULL \|\| output == NULL)
	{
	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
	}

	cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
	if (cipher_info == NULL)
	{
	ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
	goto exit;
	}

	if (key_length == MBEDTLS_AES_BLOCK_SIZE)
	{
	memcpy(int_key, key, MBEDTLS_AES_BLOCK_SIZE);
	}
	else
	{
	memset(zero_key, 0, MBEDTLS_AES_BLOCK_SIZE);

	ret = mbedtls_cipher_cmac(cipher_info, zero_key, 128, key,
	key_length, int_key);
	if (ret != 0)
	{
	goto exit;
	}
	}

	ret = mbedtls_cipher_cmac(cipher_info, int_key, 128, input, in_len,
	output);

	exit:
	mbedtls_platform_zeroize(int_key, sizeof(int_key));
	return ret;
	}
	#endif /* MBEDTLS_AES_C */