takashi kadono
/
Nucleo_446
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
tls_ccm_crypt.c
00001 /* 00002 * Copyright (c) 2017-2018, Arm Limited and affiliates. 00003 * SPDX-License-Identifier: Apache-2.0 00004 * 00005 * Licensed under the Apache License, Version 2.0 (the "License"); 00006 * you may not use this file except in compliance with the License. 00007 * You may obtain a copy of the License at 00008 * 00009 * http://www.apache.org/licenses/LICENSE-2.0 00010 * 00011 * Unless required by applicable law or agreed to in writing, software 00012 * distributed under the License is distributed on an "AS IS" BASIS, 00013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00014 * See the License for the specific language governing permissions and 00015 * limitations under the License. 00016 */ 00017 #include "nsconfig.h" 00018 #include "ns_types.h" 00019 #ifdef PANA 00020 #include "ns_trace.h" 00021 #include "string.h" 00022 #include "ccmLIB.h" 00023 #include "ns_trace.h" 00024 #include "common_functions.h" 00025 00026 #define CLIENT_WRITE_KEY 0 00027 #define SERVER_WRITE_KEY 16 00028 #define CLIENT_IV 32 00029 #define SERVER_IV 36 00030 #define TRACE_GROUP "cryp" 00031 #define TLS_1_2_VER 0x0303 00032 00033 static bool tls_ccm_init(ccm_globals_t *ccm_ptr, const uint8_t *key_expansion, const uint8_t *nonce, bool server, uint8_t crypt_process) 00034 { 00035 const uint8_t *key, *iv_ptr; 00036 if (server) { 00037 key = key_expansion + SERVER_WRITE_KEY; 00038 iv_ptr = key_expansion + SERVER_IV; 00039 } else { 00040 key = key_expansion + CLIENT_WRITE_KEY; 00041 iv_ptr = key_expansion + CLIENT_IV; 00042 } 00043 00044 if (!ccm_sec_init(ccm_ptr, AES_SECURITY_LEVEL_ENC_MIC64, key, crypt_process , 3) ) { 00045 return false; 00046 } 00047 00048 memcpy(ccm_ptr->exp_nonce, iv_ptr, 4); 00049 memcpy(&ccm_ptr->exp_nonce[4], nonce, 8); 00050 return true; 00051 } 00052 00053 00054 static void tls_set_adata(ccm_globals_t *ccm_ptr, uint8_t *a_data, const uint8_t *nonce, uint8_t type) 00055 { 00056 ccm_ptr->adata_len = 13; 00057 ccm_ptr->adata_ptr = a_data; 00058 memcpy(a_data, nonce, 8); 00059 a_data += 8; 00060 *a_data++ = type; 00061 a_data = common_write_16_bit(TLS_1_2_VER, a_data); 00062 common_write_16_bit(ccm_ptr->data_len, a_data); 00063 } 00064 00065 00066 int8_t tls_ccm_data_encrypt(uint8_t *data_ptr, uint16_t data_length, const uint8_t *key_expansion, const uint8_t *nonce, uint8_t type, bool server) 00067 { 00068 ccm_globals_t ccm_ptr; 00069 if (!tls_ccm_init(&ccm_ptr, key_expansion, nonce, server, AES_CCM_ENCRYPT)) { 00070 return -1; 00071 } 00072 uint8_t adata[13]; 00073 ccm_ptr.data_len = data_length; 00074 ccm_ptr.data_ptr = data_ptr; 00075 ccm_ptr.mic = (ccm_ptr.data_ptr + ccm_ptr.data_len); 00076 tls_set_adata(&ccm_ptr,adata, nonce, type); 00077 return ccm_process_run(&ccm_ptr); 00078 } 00079 00080 int8_t tls_ccm_data_decrypt(uint8_t *data_ptr, uint16_t data_length, const uint8_t *key_expansion, uint8_t type, bool server) 00081 { 00082 00083 if (data_length <= 16) { 00084 return -1; 00085 } 00086 ccm_globals_t ccm_ptr; 00087 00088 if (!tls_ccm_init(&ccm_ptr, key_expansion, data_ptr, server, AES_CCM_DECRYPT)) { 00089 return -1; 00090 } 00091 00092 uint8_t adata[13]; 00093 ccm_ptr.data_len = data_length - 16; 00094 00095 tls_set_adata(&ccm_ptr, adata, data_ptr, type); 00096 ccm_ptr.data_ptr = data_ptr + 8; 00097 ccm_ptr.mic = (ccm_ptr.data_ptr + ccm_ptr.data_len); 00098 00099 return ccm_process_run(&ccm_ptr); 00100 } 00101 #endif
Generated on Tue Aug 9 2022 00:37:23 by
1.7.2