Espotel
/
LoRaWAN_Semtech_stack_v41
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
LoRaWAN_Semtech_stack_v4.1
by 
Michal Leksinski
crypto/cmac.cpp@0:c58229885f95, 2015-12-16 (annotated)
- Committer:
- mleksio
- Date:
- Wed Dec 16 14:25:16 2015 +0000
- Revision:
- 0:c58229885f95
first commit
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| mleksio | 0:c58229885f95 | 1 | /************************************************************************** |
| mleksio | 0:c58229885f95 | 2 | Copyright (C) 2009 Lander Casado, Philippas Tsigas |
| mleksio | 0:c58229885f95 | 3 | All rights reserved. |
| mleksio | 0:c58229885f95 | 4 | Permission is hereby granted, free of charge, to any person obtaining |
| mleksio | 0:c58229885f95 | 5 | a copy of this software and associated documentation files |
| mleksio | 0:c58229885f95 | 6 | (the "Software"), to deal with the Software without restriction, including |
| mleksio | 0:c58229885f95 | 7 | without limitation the rights to use, copy, modify, merge, publish, |
| mleksio | 0:c58229885f95 | 8 | distribute, sublicense, and/or sell copies of the Software, and to |
| mleksio | 0:c58229885f95 | 9 | permit persons to whom the Software is furnished to do so, subject to |
| mleksio | 0:c58229885f95 | 10 | the following conditions: |
| mleksio | 0:c58229885f95 | 11 | Redistributions of source code must retain the above copyright notice, |
| mleksio | 0:c58229885f95 | 12 | this list of conditions and the following disclaimers. Redistributions in |
| mleksio | 0:c58229885f95 | 13 | binary form must reproduce the above copyright notice, this list of |
| mleksio | 0:c58229885f95 | 14 | conditions and the following disclaimers in the documentation and/or |
| mleksio | 0:c58229885f95 | 15 | other materials provided with the distribution. |
| mleksio | 0:c58229885f95 | 16 | In no event shall the authors or copyright holders be liable for any special, |
| mleksio | 0:c58229885f95 | 17 | incidental, indirect or consequential damages of any kind, or any damages |
| mleksio | 0:c58229885f95 | 18 | whatsoever resulting from loss of use, data or profits, whether or not |
| mleksio | 0:c58229885f95 | 19 | advised of the possibility of damage, and on any theory of liability, |
| mleksio | 0:c58229885f95 | 20 | arising out of or in connection with the use or performance of this software. |
| mleksio | 0:c58229885f95 | 21 | |
| mleksio | 0:c58229885f95 | 22 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
| mleksio | 0:c58229885f95 | 23 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| mleksio | 0:c58229885f95 | 24 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| mleksio | 0:c58229885f95 | 25 | CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| mleksio | 0:c58229885f95 | 26 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
| mleksio | 0:c58229885f95 | 27 | FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
| mleksio | 0:c58229885f95 | 28 | DEALINGS WITH THE SOFTWARE |
| mleksio | 0:c58229885f95 | 29 | *****************************************************************************/ |
| mleksio | 0:c58229885f95 | 30 | //#include <sys/param.h> |
| mleksio | 0:c58229885f95 | 31 | //#include <sys/systm.h> |
| mleksio | 0:c58229885f95 | 32 | #include <stdint.h> |
| mleksio | 0:c58229885f95 | 33 | #include "aes.h" |
| mleksio | 0:c58229885f95 | 34 | #include "cmac.h" |
| mleksio | 0:c58229885f95 | 35 | #include "utilities.h" |
| mleksio | 0:c58229885f95 | 36 | |
| mleksio | 0:c58229885f95 | 37 | #define LSHIFT(v, r) do { \ |
| mleksio | 0:c58229885f95 | 38 | int32_t i; \ |
| mleksio | 0:c58229885f95 | 39 | for (i = 0; i < 15; i++) \ |
| mleksio | 0:c58229885f95 | 40 | (r)[i] = (v)[i] << 1 | (v)[i + 1] >> 7; \ |
| mleksio | 0:c58229885f95 | 41 | (r)[15] = (v)[15] << 1; \ |
| mleksio | 0:c58229885f95 | 42 | } while (0) |
| mleksio | 0:c58229885f95 | 43 | |
| mleksio | 0:c58229885f95 | 44 | #define XOR(v, r) do { \ |
| mleksio | 0:c58229885f95 | 45 | int32_t i; \ |
| mleksio | 0:c58229885f95 | 46 | for (i = 0; i < 16; i++) \ |
| mleksio | 0:c58229885f95 | 47 | { \ |
| mleksio | 0:c58229885f95 | 48 | (r)[i] = (r)[i] ^ (v)[i]; \ |
| mleksio | 0:c58229885f95 | 49 | } \ |
| mleksio | 0:c58229885f95 | 50 | } while (0) \ |
| mleksio | 0:c58229885f95 | 51 | |
| mleksio | 0:c58229885f95 | 52 | |
| mleksio | 0:c58229885f95 | 53 | void AES_CMAC_Init(AES_CMAC_CTX *ctx) |
| mleksio | 0:c58229885f95 | 54 | { |
| mleksio | 0:c58229885f95 | 55 | memset1(ctx->X, 0, sizeof ctx->X); |
| mleksio | 0:c58229885f95 | 56 | ctx->M_n = 0; |
| mleksio | 0:c58229885f95 | 57 | memset1(ctx->rijndael.ksch, '\0', 240); |
| mleksio | 0:c58229885f95 | 58 | } |
| mleksio | 0:c58229885f95 | 59 | |
| mleksio | 0:c58229885f95 | 60 | void AES_CMAC_SetKey(AES_CMAC_CTX *ctx, const uint8_t key[AES_CMAC_KEY_LENGTH]) |
| mleksio | 0:c58229885f95 | 61 | { |
| mleksio | 0:c58229885f95 | 62 | //rijndael_set_key_enc_only(&ctx->rijndael, key, 128); |
| mleksio | 0:c58229885f95 | 63 | aes_set_key( key, AES_CMAC_KEY_LENGTH, &ctx->rijndael); |
| mleksio | 0:c58229885f95 | 64 | } |
| mleksio | 0:c58229885f95 | 65 | |
| mleksio | 0:c58229885f95 | 66 | void AES_CMAC_Update(AES_CMAC_CTX *ctx, const uint8_t *data, uint32_t len) |
| mleksio | 0:c58229885f95 | 67 | { |
| mleksio | 0:c58229885f95 | 68 | uint32_t mlen; |
| mleksio | 0:c58229885f95 | 69 | uint8_t in[16]; |
| mleksio | 0:c58229885f95 | 70 | |
| mleksio | 0:c58229885f95 | 71 | if (ctx->M_n > 0) { |
| mleksio | 0:c58229885f95 | 72 | mlen = MIN(16 - ctx->M_n, len); |
| mleksio | 0:c58229885f95 | 73 | memcpy1(ctx->M_last + ctx->M_n, data, mlen); |
| mleksio | 0:c58229885f95 | 74 | ctx->M_n += mlen; |
| mleksio | 0:c58229885f95 | 75 | if (ctx->M_n < 16 || len == mlen) |
| mleksio | 0:c58229885f95 | 76 | return; |
| mleksio | 0:c58229885f95 | 77 | XOR(ctx->M_last, ctx->X); |
| mleksio | 0:c58229885f95 | 78 | //rijndael_encrypt(&ctx->rijndael, ctx->X, ctx->X); |
| mleksio | 0:c58229885f95 | 79 | aes_encrypt( ctx->X, ctx->X, &ctx->rijndael); |
| mleksio | 0:c58229885f95 | 80 | data += mlen; |
| mleksio | 0:c58229885f95 | 81 | len -= mlen; |
| mleksio | 0:c58229885f95 | 82 | } |
| mleksio | 0:c58229885f95 | 83 | while (len > 16) { /* not last block */ |
| mleksio | 0:c58229885f95 | 84 | |
| mleksio | 0:c58229885f95 | 85 | XOR(data, ctx->X); |
| mleksio | 0:c58229885f95 | 86 | //rijndael_encrypt(&ctx->rijndael, ctx->X, ctx->X); |
| mleksio | 0:c58229885f95 | 87 | |
| mleksio | 0:c58229885f95 | 88 | memcpy1(in, &ctx->X[0], 16); //Bestela ez du ondo iten |
| mleksio | 0:c58229885f95 | 89 | aes_encrypt( in, in, &ctx->rijndael); |
| mleksio | 0:c58229885f95 | 90 | memcpy1(&ctx->X[0], in, 16); |
| mleksio | 0:c58229885f95 | 91 | |
| mleksio | 0:c58229885f95 | 92 | data += 16; |
| mleksio | 0:c58229885f95 | 93 | len -= 16; |
| mleksio | 0:c58229885f95 | 94 | } |
| mleksio | 0:c58229885f95 | 95 | /* potential last block, save it */ |
| mleksio | 0:c58229885f95 | 96 | memcpy1(ctx->M_last, data, len); |
| mleksio | 0:c58229885f95 | 97 | ctx->M_n = len; |
| mleksio | 0:c58229885f95 | 98 | } |
| mleksio | 0:c58229885f95 | 99 | |
| mleksio | 0:c58229885f95 | 100 | void AES_CMAC_Final(uint8_t digest[AES_CMAC_DIGEST_LENGTH], AES_CMAC_CTX *ctx) |
| mleksio | 0:c58229885f95 | 101 | { |
| mleksio | 0:c58229885f95 | 102 | uint8_t K[16]; |
| mleksio | 0:c58229885f95 | 103 | uint8_t in[16]; |
| mleksio | 0:c58229885f95 | 104 | /* generate subkey K1 */ |
| mleksio | 0:c58229885f95 | 105 | memset1(K, '\0', 16); |
| mleksio | 0:c58229885f95 | 106 | |
| mleksio | 0:c58229885f95 | 107 | //rijndael_encrypt(&ctx->rijndael, K, K); |
| mleksio | 0:c58229885f95 | 108 | |
| mleksio | 0:c58229885f95 | 109 | aes_encrypt( K, K, &ctx->rijndael); |
| mleksio | 0:c58229885f95 | 110 | |
| mleksio | 0:c58229885f95 | 111 | if (K[0] & 0x80) { |
| mleksio | 0:c58229885f95 | 112 | LSHIFT(K, K); |
| mleksio | 0:c58229885f95 | 113 | K[15] ^= 0x87; |
| mleksio | 0:c58229885f95 | 114 | } else |
| mleksio | 0:c58229885f95 | 115 | LSHIFT(K, K); |
| mleksio | 0:c58229885f95 | 116 | |
| mleksio | 0:c58229885f95 | 117 | |
| mleksio | 0:c58229885f95 | 118 | if (ctx->M_n == 16) { |
| mleksio | 0:c58229885f95 | 119 | /* last block was a complete block */ |
| mleksio | 0:c58229885f95 | 120 | XOR(K, ctx->M_last); |
| mleksio | 0:c58229885f95 | 121 | |
| mleksio | 0:c58229885f95 | 122 | } else { |
| mleksio | 0:c58229885f95 | 123 | /* generate subkey K2 */ |
| mleksio | 0:c58229885f95 | 124 | if (K[0] & 0x80) { |
| mleksio | 0:c58229885f95 | 125 | LSHIFT(K, K); |
| mleksio | 0:c58229885f95 | 126 | K[15] ^= 0x87; |
| mleksio | 0:c58229885f95 | 127 | } else |
| mleksio | 0:c58229885f95 | 128 | LSHIFT(K, K); |
| mleksio | 0:c58229885f95 | 129 | |
| mleksio | 0:c58229885f95 | 130 | /* padding(M_last) */ |
| mleksio | 0:c58229885f95 | 131 | ctx->M_last[ctx->M_n] = 0x80; |
| mleksio | 0:c58229885f95 | 132 | while (++ctx->M_n < 16) |
| mleksio | 0:c58229885f95 | 133 | ctx->M_last[ctx->M_n] = 0; |
| mleksio | 0:c58229885f95 | 134 | |
| mleksio | 0:c58229885f95 | 135 | XOR(K, ctx->M_last); |
| mleksio | 0:c58229885f95 | 136 | |
| mleksio | 0:c58229885f95 | 137 | |
| mleksio | 0:c58229885f95 | 138 | } |
| mleksio | 0:c58229885f95 | 139 | XOR(ctx->M_last, ctx->X); |
| mleksio | 0:c58229885f95 | 140 | |
| mleksio | 0:c58229885f95 | 141 | //rijndael_encrypt(&ctx->rijndael, ctx->X, digest); |
| mleksio | 0:c58229885f95 | 142 | |
| mleksio | 0:c58229885f95 | 143 | memcpy1(in, &ctx->X[0], 16); //Bestela ez du ondo iten |
| mleksio | 0:c58229885f95 | 144 | aes_encrypt(in, digest, &ctx->rijndael); |
| mleksio | 0:c58229885f95 | 145 | memset1(K, 0, sizeof K); |
| mleksio | 0:c58229885f95 | 146 | |
| mleksio | 0:c58229885f95 | 147 | } |