Commit Graph

17 Commits

Author SHA1 Message Date
Brian Murray
9044b0295c More cleanup of CMAC self tests 2016-10-05 14:19:16 +01:00
Brian Murray
b439d4556d Only compile AES CMAC PRF support if MBEDTLS_AES_C is defined and other cleanups 2016-10-05 14:19:16 +01:00
Brian Murray
0f6af73599 More cleanup of CMAC selftests 2016-10-05 14:19:15 +01:00
Brian Murray
00dc5f0fc8 Fixed CMAC tag length 2016-10-05 14:19:15 +01:00
Brian Murray
b0c3c43dec CMAC support for cipher with 64bit blocks (DES/3DES) 2016-10-05 14:19:15 +01:00
Manuel Pégourié-Gonnard
7b555f2928 cmac: more cosmetic changes 2016-10-05 14:19:15 +01:00
Manuel Pégourié-Gonnard
ab9c5fd9b3 cmac: avoid useless wrapping of function
probably a leftover from an earlier stage
2016-10-05 14:19:15 +01:00
Manuel Pégourié-Gonnard
d18c70708e cmac: reduce visibility of macros
The #undef is usefull for people who want to to amalgamated releases
2016-10-05 14:19:15 +01:00
Manuel Pégourié-Gonnard
2c06306364 cmac: some more padding-related tune-ups
- use one less temporary buffer
- pedantic: in_len + 15 was a potential overflow
- use a more explicit name instead of 'flag'
- Mn was a bit misleading
2016-10-05 14:19:14 +01:00
Manuel Pégourié-Gonnard
d2c3d3eddb cmac: clean up padding function and comments 2016-10-05 14:19:14 +01:00
Manuel Pégourié-Gonnard
475f06f609 cmac: make subkey gen more constant-time
The previous version had secret-dependent memory accesses. While it was
probably not an issue in practice cause the two bytes of the array are
probably on the same cache line anyway, as a matter of principle this should
be avoided.
2016-10-05 14:19:14 +01:00
Manuel Pégourié-Gonnard
d6cf75474b cmac: zeroize sensitive intermediate values 2016-10-05 14:19:14 +01:00
Manuel Pégourié-Gonnard
a610b4c04b cmac: factor multiply by u to its own function
We're doing exactly the same operation for K1 and K2.
2016-10-05 14:19:14 +01:00
Manuel Pégourié-Gonnard
3da5402a89 cmac: fix whitespace/codingstyle issues 2016-10-05 14:19:14 +01:00
Manuel Pégourié-Gonnard
690083c21d cmac: improve argument order and naming
- always use the pattern "buffer, length"
- avoid using unqualified "length" as a name when there are more than one
2016-10-05 14:19:14 +01:00
Robert Cragie
3d23b1d5ed Line endings wrong 2016-10-05 14:19:14 +01:00
Robert Cragie
dc5c7b98ac Add support for AES-128-CMAC and AES-CMAC-PRF-128 2016-10-05 14:19:13 +01:00