Uttam Bhat
Test Fork
Dependencies: LoRaWAN-lib SX1272Lib lib_gps lib_mma8451q lib_mpl3115a2 mbed
Fork of
LoRaWAN-NAMote72-Application-Demo
by 
Semtech
system/crypto/cmac.cpp@12:504203733f11, 2016-08-05 (annotated)
- Committer:
- ubhat
- Date:
- Fri Aug 05 20:45:12 2016 +0000
- Revision:
- 12:504203733f11
- Parent:
- 2:d119a85c793c
Revert to Revision 9
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| ubhat | 2:d119a85c793c | 1 | /************************************************************************** |
| ubhat | 2:d119a85c793c | 2 | Copyright (C) 2009 Lander Casado, Philippas Tsigas |
| ubhat | 2:d119a85c793c | 3 | |
| ubhat | 2:d119a85c793c | 4 | All rights reserved. |
| ubhat | 2:d119a85c793c | 5 | |
| ubhat | 2:d119a85c793c | 6 | Permission is hereby granted, free of charge, to any person obtaining |
| ubhat | 2:d119a85c793c | 7 | a copy of this software and associated documentation files |
| ubhat | 2:d119a85c793c | 8 | (the "Software"), to deal with the Software without restriction, including |
| ubhat | 2:d119a85c793c | 9 | without limitation the rights to use, copy, modify, merge, publish, |
| ubhat | 2:d119a85c793c | 10 | distribute, sublicense, and/or sell copies of the Software, and to |
| ubhat | 2:d119a85c793c | 11 | permit persons to whom the Software is furnished to do so, subject to |
| ubhat | 2:d119a85c793c | 12 | the following conditions: |
| ubhat | 2:d119a85c793c | 13 | |
| ubhat | 2:d119a85c793c | 14 | Redistributions of source code must retain the above copyright notice, |
| ubhat | 2:d119a85c793c | 15 | this list of conditions and the following disclaimers. Redistributions in |
| ubhat | 2:d119a85c793c | 16 | binary form must reproduce the above copyright notice, this list of |
| ubhat | 2:d119a85c793c | 17 | conditions and the following disclaimers in the documentation and/or |
| ubhat | 2:d119a85c793c | 18 | other materials provided with the distribution. |
| ubhat | 2:d119a85c793c | 19 | |
| ubhat | 2:d119a85c793c | 20 | In no event shall the authors or copyright holders be liable for any special, |
| ubhat | 2:d119a85c793c | 21 | incidental, indirect or consequential damages of any kind, or any damages |
| ubhat | 2:d119a85c793c | 22 | whatsoever resulting from loss of use, data or profits, whether or not |
| ubhat | 2:d119a85c793c | 23 | advised of the possibility of damage, and on any theory of liability, |
| ubhat | 2:d119a85c793c | 24 | arising out of or in connection with the use or performance of this software. |
| ubhat | 2:d119a85c793c | 25 | |
| ubhat | 2:d119a85c793c | 26 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
| ubhat | 2:d119a85c793c | 27 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| ubhat | 2:d119a85c793c | 28 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| ubhat | 2:d119a85c793c | 29 | CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| ubhat | 2:d119a85c793c | 30 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
| ubhat | 2:d119a85c793c | 31 | FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
| ubhat | 2:d119a85c793c | 32 | DEALINGS WITH THE SOFTWARE |
| ubhat | 2:d119a85c793c | 33 | |
| ubhat | 2:d119a85c793c | 34 | *****************************************************************************/ |
| ubhat | 2:d119a85c793c | 35 | //#include <sys/param.h> |
| ubhat | 2:d119a85c793c | 36 | //#include <sys/systm.h> |
| ubhat | 2:d119a85c793c | 37 | #include <stdint.h> |
| ubhat | 2:d119a85c793c | 38 | #include "aes.h" |
| ubhat | 2:d119a85c793c | 39 | #include "cmac.h" |
| ubhat | 2:d119a85c793c | 40 | #include "utilities.h" |
| ubhat | 2:d119a85c793c | 41 | |
| ubhat | 2:d119a85c793c | 42 | #define LSHIFT(v, r) do { \ |
| ubhat | 2:d119a85c793c | 43 | int32_t i; \ |
| ubhat | 2:d119a85c793c | 44 | for (i = 0; i < 15; i++) \ |
| ubhat | 2:d119a85c793c | 45 | (r)[i] = (v)[i] << 1 | (v)[i + 1] >> 7; \ |
| ubhat | 2:d119a85c793c | 46 | (r)[15] = (v)[15] << 1; \ |
| ubhat | 2:d119a85c793c | 47 | } while (0) |
| ubhat | 2:d119a85c793c | 48 | |
| ubhat | 2:d119a85c793c | 49 | #define XOR(v, r) do { \ |
| ubhat | 2:d119a85c793c | 50 | int32_t i; \ |
| ubhat | 2:d119a85c793c | 51 | for (i = 0; i < 16; i++) \ |
| ubhat | 2:d119a85c793c | 52 | { \ |
| ubhat | 2:d119a85c793c | 53 | (r)[i] = (r)[i] ^ (v)[i]; \ |
| ubhat | 2:d119a85c793c | 54 | } \ |
| ubhat | 2:d119a85c793c | 55 | } while (0) \ |
| ubhat | 2:d119a85c793c | 56 | |
| ubhat | 2:d119a85c793c | 57 | |
| ubhat | 2:d119a85c793c | 58 | void AES_CMAC_Init(AES_CMAC_CTX *ctx) |
| ubhat | 2:d119a85c793c | 59 | { |
| ubhat | 2:d119a85c793c | 60 | memset1(ctx->X, 0, sizeof ctx->X); |
| ubhat | 2:d119a85c793c | 61 | ctx->M_n = 0; |
| ubhat | 2:d119a85c793c | 62 | memset1(ctx->rijndael.ksch, '\0', 240); |
| ubhat | 2:d119a85c793c | 63 | } |
| ubhat | 2:d119a85c793c | 64 | |
| ubhat | 2:d119a85c793c | 65 | void AES_CMAC_SetKey(AES_CMAC_CTX *ctx, const uint8_t key[AES_CMAC_KEY_LENGTH]) |
| ubhat | 2:d119a85c793c | 66 | { |
| ubhat | 2:d119a85c793c | 67 | //rijndael_set_key_enc_only(&ctx->rijndael, key, 128); |
| ubhat | 2:d119a85c793c | 68 | aes_set_key( key, AES_CMAC_KEY_LENGTH, &ctx->rijndael); |
| ubhat | 2:d119a85c793c | 69 | } |
| ubhat | 2:d119a85c793c | 70 | |
| ubhat | 2:d119a85c793c | 71 | void AES_CMAC_Update(AES_CMAC_CTX *ctx, const uint8_t *data, uint32_t len) |
| ubhat | 2:d119a85c793c | 72 | { |
| ubhat | 2:d119a85c793c | 73 | uint32_t mlen; |
| ubhat | 2:d119a85c793c | 74 | uint8_t in[16]; |
| ubhat | 2:d119a85c793c | 75 | |
| ubhat | 2:d119a85c793c | 76 | if (ctx->M_n > 0) { |
| ubhat | 2:d119a85c793c | 77 | mlen = MIN(16 - ctx->M_n, len); |
| ubhat | 2:d119a85c793c | 78 | memcpy1(ctx->M_last + ctx->M_n, data, mlen); |
| ubhat | 2:d119a85c793c | 79 | ctx->M_n += mlen; |
| ubhat | 2:d119a85c793c | 80 | if (ctx->M_n < 16 || len == mlen) |
| ubhat | 2:d119a85c793c | 81 | return; |
| ubhat | 2:d119a85c793c | 82 | XOR(ctx->M_last, ctx->X); |
| ubhat | 2:d119a85c793c | 83 | //rijndael_encrypt(&ctx->rijndael, ctx->X, ctx->X); |
| ubhat | 2:d119a85c793c | 84 | aes_encrypt( ctx->X, ctx->X, &ctx->rijndael); |
| ubhat | 2:d119a85c793c | 85 | data += mlen; |
| ubhat | 2:d119a85c793c | 86 | len -= mlen; |
| ubhat | 2:d119a85c793c | 87 | } |
| ubhat | 2:d119a85c793c | 88 | while (len > 16) { /* not last block */ |
| ubhat | 2:d119a85c793c | 89 | |
| ubhat | 2:d119a85c793c | 90 | XOR(data, ctx->X); |
| ubhat | 2:d119a85c793c | 91 | //rijndael_encrypt(&ctx->rijndael, ctx->X, ctx->X); |
| ubhat | 2:d119a85c793c | 92 | |
| ubhat | 2:d119a85c793c | 93 | memcpy1(in, &ctx->X[0], 16); //Bestela ez du ondo iten |
| ubhat | 2:d119a85c793c | 94 | aes_encrypt( in, in, &ctx->rijndael); |
| ubhat | 2:d119a85c793c | 95 | memcpy1(&ctx->X[0], in, 16); |
| ubhat | 2:d119a85c793c | 96 | |
| ubhat | 2:d119a85c793c | 97 | data += 16; |
| ubhat | 2:d119a85c793c | 98 | len -= 16; |
| ubhat | 2:d119a85c793c | 99 | } |
| ubhat | 2:d119a85c793c | 100 | /* potential last block, save it */ |
| ubhat | 2:d119a85c793c | 101 | memcpy1(ctx->M_last, data, len); |
| ubhat | 2:d119a85c793c | 102 | ctx->M_n = len; |
| ubhat | 2:d119a85c793c | 103 | } |
| ubhat | 2:d119a85c793c | 104 | |
| ubhat | 2:d119a85c793c | 105 | void AES_CMAC_Final(uint8_t digest[AES_CMAC_DIGEST_LENGTH], AES_CMAC_CTX *ctx) |
| ubhat | 2:d119a85c793c | 106 | { |
| ubhat | 2:d119a85c793c | 107 | uint8_t K[16]; |
| ubhat | 2:d119a85c793c | 108 | uint8_t in[16]; |
| ubhat | 2:d119a85c793c | 109 | /* generate subkey K1 */ |
| ubhat | 2:d119a85c793c | 110 | memset1(K, '\0', 16); |
| ubhat | 2:d119a85c793c | 111 | |
| ubhat | 2:d119a85c793c | 112 | //rijndael_encrypt(&ctx->rijndael, K, K); |
| ubhat | 2:d119a85c793c | 113 | |
| ubhat | 2:d119a85c793c | 114 | aes_encrypt( K, K, &ctx->rijndael); |
| ubhat | 2:d119a85c793c | 115 | |
| ubhat | 2:d119a85c793c | 116 | if (K[0] & 0x80) { |
| ubhat | 2:d119a85c793c | 117 | LSHIFT(K, K); |
| ubhat | 2:d119a85c793c | 118 | K[15] ^= 0x87; |
| ubhat | 2:d119a85c793c | 119 | } else |
| ubhat | 2:d119a85c793c | 120 | LSHIFT(K, K); |
| ubhat | 2:d119a85c793c | 121 | |
| ubhat | 2:d119a85c793c | 122 | |
| ubhat | 2:d119a85c793c | 123 | if (ctx->M_n == 16) { |
| ubhat | 2:d119a85c793c | 124 | /* last block was a complete block */ |
| ubhat | 2:d119a85c793c | 125 | XOR(K, ctx->M_last); |
| ubhat | 2:d119a85c793c | 126 | |
| ubhat | 2:d119a85c793c | 127 | } else { |
| ubhat | 2:d119a85c793c | 128 | /* generate subkey K2 */ |
| ubhat | 2:d119a85c793c | 129 | if (K[0] & 0x80) { |
| ubhat | 2:d119a85c793c | 130 | LSHIFT(K, K); |
| ubhat | 2:d119a85c793c | 131 | K[15] ^= 0x87; |
| ubhat | 2:d119a85c793c | 132 | } else |
| ubhat | 2:d119a85c793c | 133 | LSHIFT(K, K); |
| ubhat | 2:d119a85c793c | 134 | |
| ubhat | 2:d119a85c793c | 135 | /* padding(M_last) */ |
| ubhat | 2:d119a85c793c | 136 | ctx->M_last[ctx->M_n] = 0x80; |
| ubhat | 2:d119a85c793c | 137 | while (++ctx->M_n < 16) |
| ubhat | 2:d119a85c793c | 138 | ctx->M_last[ctx->M_n] = 0; |
| ubhat | 2:d119a85c793c | 139 | |
| ubhat | 2:d119a85c793c | 140 | XOR(K, ctx->M_last); |
| ubhat | 2:d119a85c793c | 141 | |
| ubhat | 2:d119a85c793c | 142 | |
| ubhat | 2:d119a85c793c | 143 | } |
| ubhat | 2:d119a85c793c | 144 | XOR(ctx->M_last, ctx->X); |
| ubhat | 2:d119a85c793c | 145 | |
| ubhat | 2:d119a85c793c | 146 | //rijndael_encrypt(&ctx->rijndael, ctx->X, digest); |
| ubhat | 2:d119a85c793c | 147 | |
| ubhat | 2:d119a85c793c | 148 | memcpy1(in, &ctx->X[0], 16); //Bestela ez du ondo iten |
| ubhat | 2:d119a85c793c | 149 | aes_encrypt(in, digest, &ctx->rijndael); |
| ubhat | 2:d119a85c793c | 150 | memset1(K, 0, sizeof K); |
| ubhat | 2:d119a85c793c | 151 | |
| ubhat | 2:d119a85c793c | 152 | } |
| ubhat | 2:d119a85c793c | 153 |