Minor CMAC fixes for merge

2024-11-22 11:45:42 +01:00 · 2016-09-13 14:00:15 -07:00 · 2016-09-13 14:00:15 -07:00 · 53e23b684f
commit 53e23b684f
parent 9ce2e091de
5 changed files with 21 additions and 14 deletions
--- a/configs/config-thread.h
+++ b/configs/config-thread.h
@ -39,6 +39,7 @@

 /* mbed TLS feature support */
 #define MBEDTLS_AES_ROM_TABLES
+#define MBEDTLS_CMAC_C
 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #define MBEDTLS_ECP_NIST_OPTIM
 #define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@ -77,6 +77,11 @@
 #error "MBEDTLS_DHM_C defined, but not all prerequisites"
 #endif

+#if defined(MBEDTLS_CMAC_C) && \
+    !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_DES_C)
+#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
 #error "MBEDTLS_ECDH_C defined, but not all prerequisites"
 #endif
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@ -3,7 +3,7 @@
 *
 * \brief The CMAC Mode for Authentication
 *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
 *  SPDX-License-Identifier: Apache-2.0
 *
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -1681,7 +1681,7 @@
 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_DES_C
 *
 */
-#define MBEDTLS_CMAC_C
+//#define MBEDTLS_CMAC_C

 /**
 * \def MBEDTLS_CTR_DRBG_C
--- a/library/cmac.c
+++ b/library/cmac.c
@ -1,7 +1,8 @@
 /*
- *  NIST SP800-38B compliant CMAC implementation
+ * \file cmac.c
+ * \brief NIST SP800-38B compliant CMAC implementation
 *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
 *  SPDX-License-Identifier: Apache-2.0
 *
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may
@ -20,9 +21,10 @@
 */

 /*
- * Definition of CMAC:
- * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
- * RFC 4493 "The AES-CMAC Algorithm"
+ * References:
+ * - CMAC:  NIST SP 800-38B
+ * - CMAC PRF: RFC 4493
+ * - Additional test vectors: ISO/IEC 9797-1
 */

 #if !defined(MBEDTLS_CONFIG_FILE)
@ -72,7 +74,7 @@ void mbedtls_cmac_init( mbedtls_cmac_context *ctx )
 */
 static int cmac_multiply_by_u( unsigned char *output,
                               const unsigned char *input,
-							   size_t blocksize )
+                               size_t blocksize )
 {
    const unsigned char R_128 = 0x87;
    const unsigned char R_64 = 0x1B;
@ -151,7 +153,7 @@ static int cmac_generate_subkeys( mbedtls_cmac_context *ctx )
    exit:
        if( L != NULL )
            mbedtls_zeroize( L, sizeof( L ) );
-		mbedtls_free( L );
+        mbedtls_free( L );
        return( ret );
 }

@ -200,9 +202,8 @@ int mbedtls_cmac_setkey( mbedtls_cmac_context *ctx,
 */
 void mbedtls_cmac_free( mbedtls_cmac_context *ctx )
 {
-	int block_size;
-	block_size = ctx->cipher_ctx.cipher_info->block_size;
-
+    int block_size;
+    block_size = ctx->cipher_ctx.cipher_info->block_size;
    mbedtls_cipher_free( &ctx->cipher_ctx );

    if(  ctx->K1 != NULL )
@ -220,7 +221,7 @@ void mbedtls_cmac_free( mbedtls_cmac_context *ctx )
 * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
 */
 static void cmac_pad( unsigned char padded_block[16],
-		              size_t padded_block_len,
+                      size_t padded_block_len,
                      const unsigned char *last_block,
                      size_t last_block_len )
 {
@ -418,7 +419,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
    exit:
        mbedtls_zeroize( int_key, sizeof( int_key ) );
        mbedtls_cmac_free( &ctx );
-	    return( ret );
+        return( ret );
 }
 #endif /* MBEDTLS_AES_C */