Haakon Sporsheim / Mbed 2 deprecated LoRa

lora experiments

Dependencies:   BLE_API LoRaWAN-lib SX1276Lib mbed nRF51822 HCSR04Lib

Fork of LoRa by Olav Nymoen

system/crypto/cmac.cpp@0:4c1fcbfcc7bf, 2016-05-09 (annotated)

Committer:
olav
Date:
Mon May 09 08:06:21 2016 +0000
Revision:
0:4c1fcbfcc7bf
initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
olav 0:4c1fcbfcc7bf 1 /**************************************************************************
olav 0:4c1fcbfcc7bf 2 Copyright (C) 2009 Lander Casado, Philippas Tsigas
olav 0:4c1fcbfcc7bf 3
olav 0:4c1fcbfcc7bf 4 All rights reserved.
olav 0:4c1fcbfcc7bf 5
olav 0:4c1fcbfcc7bf 6 Permission is hereby granted, free of charge, to any person obtaining
olav 0:4c1fcbfcc7bf 7 a copy of this software and associated documentation files
olav 0:4c1fcbfcc7bf 8 (the "Software"), to deal with the Software without restriction, including
olav 0:4c1fcbfcc7bf 9 without limitation the rights to use, copy, modify, merge, publish,
olav 0:4c1fcbfcc7bf 10 distribute, sublicense, and/or sell copies of the Software, and to
olav 0:4c1fcbfcc7bf 11 permit persons to whom the Software is furnished to do so, subject to
olav 0:4c1fcbfcc7bf 12 the following conditions:
olav 0:4c1fcbfcc7bf 13
olav 0:4c1fcbfcc7bf 14 Redistributions of source code must retain the above copyright notice,
olav 0:4c1fcbfcc7bf 15 this list of conditions and the following disclaimers. Redistributions in
olav 0:4c1fcbfcc7bf 16 binary form must reproduce the above copyright notice, this list of
olav 0:4c1fcbfcc7bf 17 conditions and the following disclaimers in the documentation and/or
olav 0:4c1fcbfcc7bf 18 other materials provided with the distribution.
olav 0:4c1fcbfcc7bf 19
olav 0:4c1fcbfcc7bf 20 In no event shall the authors or copyright holders be liable for any special,
olav 0:4c1fcbfcc7bf 21 incidental, indirect or consequential damages of any kind, or any damages
olav 0:4c1fcbfcc7bf 22 whatsoever resulting from loss of use, data or profits, whether or not
olav 0:4c1fcbfcc7bf 23 advised of the possibility of damage, and on any theory of liability,
olav 0:4c1fcbfcc7bf 24 arising out of or in connection with the use or performance of this software.
olav 0:4c1fcbfcc7bf 25
olav 0:4c1fcbfcc7bf 26 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
olav 0:4c1fcbfcc7bf 27 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
olav 0:4c1fcbfcc7bf 28 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
olav 0:4c1fcbfcc7bf 29 CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
olav 0:4c1fcbfcc7bf 30 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
olav 0:4c1fcbfcc7bf 31 FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
olav 0:4c1fcbfcc7bf 32 DEALINGS WITH THE SOFTWARE
olav 0:4c1fcbfcc7bf 33
olav 0:4c1fcbfcc7bf 34 *****************************************************************************/
olav 0:4c1fcbfcc7bf 35 //#include <sys/param.h>
olav 0:4c1fcbfcc7bf 36 //#include <sys/systm.h>
olav 0:4c1fcbfcc7bf 37 #include <stdint.h>
olav 0:4c1fcbfcc7bf 38 #include <stdio.h>
olav 0:4c1fcbfcc7bf 39 #include "aes.h"
olav 0:4c1fcbfcc7bf 40 #include "cmac.h"
olav 0:4c1fcbfcc7bf 41 #include "utilities.h"
olav 0:4c1fcbfcc7bf 42
olav 0:4c1fcbfcc7bf 43 #define LSHIFT(v, r) do { \
olav 0:4c1fcbfcc7bf 44 int32_t i; \
olav 0:4c1fcbfcc7bf 45 for (i = 0; i < 15; i++) \
olav 0:4c1fcbfcc7bf 46 (r)[i] = (v)[i] << 1 | (v)[i + 1] >> 7; \
olav 0:4c1fcbfcc7bf 47 (r)[15] = (v)[15] << 1; \
olav 0:4c1fcbfcc7bf 48 } while (0)
olav 0:4c1fcbfcc7bf 49
olav 0:4c1fcbfcc7bf 50 #define XOR(v, r) do { \
olav 0:4c1fcbfcc7bf 51 int32_t i; \
olav 0:4c1fcbfcc7bf 52 for (i = 0; i < 16; i++) \
olav 0:4c1fcbfcc7bf 53 { \
olav 0:4c1fcbfcc7bf 54 (r)[i] = (r)[i] ^ (v)[i]; \
olav 0:4c1fcbfcc7bf 55 } \
olav 0:4c1fcbfcc7bf 56 } while (0) \
olav 0:4c1fcbfcc7bf 57
olav 0:4c1fcbfcc7bf 58
olav 0:4c1fcbfcc7bf 59 void AES_CMAC_Init(AES_CMAC_CTX *ctx)
olav 0:4c1fcbfcc7bf 60 {
olav 0:4c1fcbfcc7bf 61 memset1(ctx->X, 0, sizeof ctx->X);
olav 0:4c1fcbfcc7bf 62 ctx->M_n = 0;
olav 0:4c1fcbfcc7bf 63 memset1(ctx->rijndael.ksch, '\0', 240);
olav 0:4c1fcbfcc7bf 64 }
olav 0:4c1fcbfcc7bf 65
olav 0:4c1fcbfcc7bf 66 void AES_CMAC_SetKey(AES_CMAC_CTX *ctx, const uint8_t key[AES_CMAC_KEY_LENGTH])
olav 0:4c1fcbfcc7bf 67 {
olav 0:4c1fcbfcc7bf 68 //rijndael_set_key_enc_only(&ctx->rijndael, key, 128);
olav 0:4c1fcbfcc7bf 69 aes_set_key( key, AES_CMAC_KEY_LENGTH, &ctx->rijndael);
olav 0:4c1fcbfcc7bf 70 }
olav 0:4c1fcbfcc7bf 71
olav 0:4c1fcbfcc7bf 72 void AES_CMAC_Update(AES_CMAC_CTX *ctx, const uint8_t *data, uint32_t len)
olav 0:4c1fcbfcc7bf 73 {
olav 0:4c1fcbfcc7bf 74 uint32_t mlen;
olav 0:4c1fcbfcc7bf 75 uint8_t in[16];
olav 0:4c1fcbfcc7bf 76
olav 0:4c1fcbfcc7bf 77 if (ctx->M_n > 0) {
olav 0:4c1fcbfcc7bf 78 mlen = MIN(16 - ctx->M_n, len);
olav 0:4c1fcbfcc7bf 79 memcpy1(ctx->M_last + ctx->M_n, data, mlen);
olav 0:4c1fcbfcc7bf 80 ctx->M_n += mlen;
olav 0:4c1fcbfcc7bf 81 if (ctx->M_n < 16 || len == mlen)
olav 0:4c1fcbfcc7bf 82 return;
olav 0:4c1fcbfcc7bf 83 XOR(ctx->M_last, ctx->X);
olav 0:4c1fcbfcc7bf 84 //rijndael_encrypt(&ctx->rijndael, ctx->X, ctx->X);
olav 0:4c1fcbfcc7bf 85 aes_encrypt( ctx->X, ctx->X, &ctx->rijndael);
olav 0:4c1fcbfcc7bf 86 data += mlen;
olav 0:4c1fcbfcc7bf 87 len -= mlen;
olav 0:4c1fcbfcc7bf 88 }
olav 0:4c1fcbfcc7bf 89 while (len > 16) { /* not last block */
olav 0:4c1fcbfcc7bf 90
olav 0:4c1fcbfcc7bf 91 XOR(data, ctx->X);
olav 0:4c1fcbfcc7bf 92 //rijndael_encrypt(&ctx->rijndael, ctx->X, ctx->X);
olav 0:4c1fcbfcc7bf 93
olav 0:4c1fcbfcc7bf 94 memcpy1(in, &ctx->X[0], 16); //Bestela ez du ondo iten
olav 0:4c1fcbfcc7bf 95 aes_encrypt( in, in, &ctx->rijndael);
olav 0:4c1fcbfcc7bf 96 memcpy1(&ctx->X[0], in, 16);
olav 0:4c1fcbfcc7bf 97
olav 0:4c1fcbfcc7bf 98 data += 16;
olav 0:4c1fcbfcc7bf 99 len -= 16;
olav 0:4c1fcbfcc7bf 100 }
olav 0:4c1fcbfcc7bf 101 /* potential last block, save it */
olav 0:4c1fcbfcc7bf 102 memcpy1(ctx->M_last, data, len);
olav 0:4c1fcbfcc7bf 103 ctx->M_n = len;
olav 0:4c1fcbfcc7bf 104 }
olav 0:4c1fcbfcc7bf 105
olav 0:4c1fcbfcc7bf 106 void AES_CMAC_Final(uint8_t digest[AES_CMAC_DIGEST_LENGTH], AES_CMAC_CTX *ctx)
olav 0:4c1fcbfcc7bf 107 {
olav 0:4c1fcbfcc7bf 108 uint8_t K[16];
olav 0:4c1fcbfcc7bf 109 uint8_t in[16];
olav 0:4c1fcbfcc7bf 110 /* generate subkey K1 */
olav 0:4c1fcbfcc7bf 111 memset1(K, '\0', 16);
olav 0:4c1fcbfcc7bf 112
olav 0:4c1fcbfcc7bf 113 //rijndael_encrypt(&ctx->rijndael, K, K);
olav 0:4c1fcbfcc7bf 114
olav 0:4c1fcbfcc7bf 115 aes_encrypt( K, K, &ctx->rijndael);
olav 0:4c1fcbfcc7bf 116
olav 0:4c1fcbfcc7bf 117 if (K[0] & 0x80) {
olav 0:4c1fcbfcc7bf 118 LSHIFT(K, K);
olav 0:4c1fcbfcc7bf 119 K[15] ^= 0x87;
olav 0:4c1fcbfcc7bf 120 } else
olav 0:4c1fcbfcc7bf 121 LSHIFT(K, K);
olav 0:4c1fcbfcc7bf 122
olav 0:4c1fcbfcc7bf 123
olav 0:4c1fcbfcc7bf 124 if (ctx->M_n == 16) {
olav 0:4c1fcbfcc7bf 125 /* last block was a complete block */
olav 0:4c1fcbfcc7bf 126 XOR(K, ctx->M_last);
olav 0:4c1fcbfcc7bf 127
olav 0:4c1fcbfcc7bf 128 } else {
olav 0:4c1fcbfcc7bf 129 /* generate subkey K2 */
olav 0:4c1fcbfcc7bf 130 if (K[0] & 0x80) {
olav 0:4c1fcbfcc7bf 131 LSHIFT(K, K);
olav 0:4c1fcbfcc7bf 132 K[15] ^= 0x87;
olav 0:4c1fcbfcc7bf 133 } else
olav 0:4c1fcbfcc7bf 134 LSHIFT(K, K);
olav 0:4c1fcbfcc7bf 135
olav 0:4c1fcbfcc7bf 136 /* padding(M_last) */
olav 0:4c1fcbfcc7bf 137 ctx->M_last[ctx->M_n] = 0x80;
olav 0:4c1fcbfcc7bf 138 while (++ctx->M_n < 16)
olav 0:4c1fcbfcc7bf 139 ctx->M_last[ctx->M_n] = 0;
olav 0:4c1fcbfcc7bf 140
olav 0:4c1fcbfcc7bf 141 XOR(K, ctx->M_last);
olav 0:4c1fcbfcc7bf 142
olav 0:4c1fcbfcc7bf 143
olav 0:4c1fcbfcc7bf 144 }
olav 0:4c1fcbfcc7bf 145 XOR(ctx->M_last, ctx->X);
olav 0:4c1fcbfcc7bf 146
olav 0:4c1fcbfcc7bf 147 //rijndael_encrypt(&ctx->rijndael, ctx->X, digest);
olav 0:4c1fcbfcc7bf 148
olav 0:4c1fcbfcc7bf 149 memcpy1(in, &ctx->X[0], 16); //Bestela ez du ondo iten
olav 0:4c1fcbfcc7bf 150 aes_encrypt(in, digest, &ctx->rijndael);
olav 0:4c1fcbfcc7bf 151 memset1(K, 0, sizeof K);
olav 0:4c1fcbfcc7bf 152
olav 0:4c1fcbfcc7bf 153 }
olav 0:4c1fcbfcc7bf 154