WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #8007 from billphipps/fix_cmac_cryptocb 

Update to separate CMAC and AES conditional compiles.  Correct update.
pull/8021/head
Brett Nicholas 2024-09-25 08:43:27 -06:00 committed by GitHub
parent 72711b4e15 60dbe38226
commit 7592241a46
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 174 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

199
wolfcrypt/src/cmac.c
View File

@ -32,7 +32,7 @@
#include <wolfssl/wolfcrypt/hash.h>
#endif
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
#if defined(WOLFSSL_CMAC)
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
@ -80,7 +80,7 @@ int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz)
}
#endif /* WOLFSSL_HASH_KEEP */
#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
/* Used by AES-SIV. See aes.c. */
void ShiftAndXorRb(byte* out, byte* in)
{
@ -100,6 +100,7 @@ void ShiftAndXorRb(byte* out, byte* in)
}
}
}
#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
/* returns 0 on success */
int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
@ -146,30 +147,40 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
return BAD_FUNC_ARG;
}
ret = wc_AesInit(&cmac->aes, heap, devId);
switch (type) {
#if !defined (NO_AES) && defined(WOLFSSL_AES_DIRECT)
case WC_CMAC_AES:
cmac->type = WC_CMAC_AES;
ret = wc_AesInit(&cmac->aes, heap, devId);
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
cmac->useSWCrypt = useSW;
if (cmac->useSWCrypt == 1) {
cmac->aes.useSWCrypt = 1;
}
#endif
if (ret == 0) {
ret = wc_AesSetKey(&cmac->aes, key, keySz, NULL, AES_ENCRYPTION);
}
if (ret == 0) {
byte l[AES_BLOCK_SIZE];
XMEMSET(l, 0, AES_BLOCK_SIZE);
ret = wc_AesEncryptDirect(&cmac->aes, l, l);
if (ret == 0) {
ShiftAndXorRb(cmac->k1, l);
ShiftAndXorRb(cmac->k2, cmac->k1);
ForceZero(l, AES_BLOCK_SIZE);
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
cmac->useSWCrypt = useSW;
if (cmac->useSWCrypt == 1) {
cmac->aes.useSWCrypt = 1;
}
#endif
if (ret == 0) {
ret = wc_AesSetKey(&cmac->aes, key, keySz, NULL, AES_ENCRYPTION);
}
if (ret == 0) {
byte l[AES_BLOCK_SIZE];
XMEMSET(l, 0, AES_BLOCK_SIZE);
ret = wc_AesEncryptDirect(&cmac->aes, l, l);
if (ret == 0) {
ShiftAndXorRb(cmac->k1, l);
ShiftAndXorRb(cmac->k2, cmac->k1);
ForceZero(l, AES_BLOCK_SIZE);
}
}
break;
#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
default:
return BAD_FUNC_ARG;
}
return ret;
}
@ -201,7 +212,7 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
#endif
{
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz,
NULL, NULL, 0, NULL);
NULL, NULL, cmac->type, NULL);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
@ -211,26 +222,35 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
/* Clear CRYPTOCB_UNAVAILABLE return code */
ret = 0;
while ((ret == 0) && (inSz != 0)) {
word32 add = min(inSz, AES_BLOCK_SIZE - cmac->bufferSz);
XMEMCPY(&cmac->buffer[cmac->bufferSz], in, add);
switch (cmac->type) {
#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
case WC_CMAC_AES:
{
while ((ret == 0) && (inSz != 0)) {
word32 add = min(inSz, AES_BLOCK_SIZE - cmac->bufferSz);
XMEMCPY(&cmac->buffer[cmac->bufferSz], in, add);
cmac->bufferSz += add;
in += add;
inSz -= add;
cmac->bufferSz += add;
in += add;
inSz -= add;
if (cmac->bufferSz == AES_BLOCK_SIZE && inSz != 0) {
if (cmac->totalSz != 0) {
xorbuf(cmac->buffer, cmac->digest, AES_BLOCK_SIZE);
}
ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
if (ret == 0) {
cmac->totalSz += AES_BLOCK_SIZE;
cmac->bufferSz = 0;
if (cmac->bufferSz == AES_BLOCK_SIZE && inSz != 0) {
if (cmac->totalSz != 0) {
xorbuf(cmac->buffer, cmac->digest, AES_BLOCK_SIZE);
}
ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest,
cmac->buffer);
if (ret == 0) {
cmac->totalSz += AES_BLOCK_SIZE;
cmac->bufferSz = 0;
}
}
}
}; break;
#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
default:
ret = BAD_FUNC_ARG;
}
return ret;
}
@ -244,7 +264,16 @@ int wc_CmacFree(Cmac* cmac)
* wc_CmacFinal() not called. */
XFREE(cmac->msg, cmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
wc_AesFree(&cmac->aes);
switch (cmac->type) {
#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
case WC_CMAC_AES:
wc_AesFree(&cmac->aes);
break;
#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
default:
/* Nothing to do */
(void)cmac;
}
ForceZero(cmac, sizeof(Cmac));
return 0;
}
@ -252,8 +281,6 @@ int wc_CmacFree(Cmac* cmac)
int wc_CmacFinalNoFree(Cmac* cmac, byte* out, word32* outSz)
{
int ret = 0;
const byte* subKey;
word32 remainder;
if (cmac == NULL || out == NULL || outSz == NULL) {
return BAD_FUNC_ARG;
@ -267,44 +294,64 @@ int wc_CmacFinalNoFree(Cmac* cmac, byte* out, word32* outSz)
if (cmac->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, 0, NULL);
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, cmac->type,
NULL);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* Clear CRYPTOCB_UNAVAILABLE return code */
ret = 0;
/* fall-through when unavailable */
}
#endif
if (cmac->bufferSz == AES_BLOCK_SIZE) {
subKey = cmac->k1;
}
else {
/* ensure we will have a valid remainder value */
if (cmac->bufferSz > AES_BLOCK_SIZE) {
return BAD_STATE_E;
}
remainder = AES_BLOCK_SIZE - cmac->bufferSz;
if (remainder == 0) {
remainder = AES_BLOCK_SIZE;
}
if (remainder > 1) {
XMEMSET(cmac->buffer + AES_BLOCK_SIZE - remainder, 0, remainder);
}
cmac->buffer[AES_BLOCK_SIZE - remainder] = 0x80;
subKey = cmac->k2;
}
xorbuf(cmac->buffer, cmac->digest, AES_BLOCK_SIZE);
xorbuf(cmac->buffer, subKey, AES_BLOCK_SIZE);
ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
if (ret == 0) {
XMEMCPY(out, cmac->digest, *outSz);
}
switch (cmac->type) {
#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
case WC_CMAC_AES:
{
const byte* subKey;
word32 remainder;
return 0;
if (cmac->bufferSz == AES_BLOCK_SIZE) {
subKey = cmac->k1;
}
else {
/* ensure we will have a valid remainder value */
if (cmac->bufferSz > AES_BLOCK_SIZE) {
ret = BAD_STATE_E;
break;
}
remainder = AES_BLOCK_SIZE - cmac->bufferSz;
if (remainder == 0) {
remainder = AES_BLOCK_SIZE;
}
if (remainder > 1) {
XMEMSET(cmac->buffer + AES_BLOCK_SIZE - remainder, 0,
remainder);
}
cmac->buffer[AES_BLOCK_SIZE - remainder] = 0x80;
subKey = cmac->k2;
}
xorbuf(cmac->buffer, cmac->digest, AES_BLOCK_SIZE);
xorbuf(cmac->buffer, subKey, AES_BLOCK_SIZE);
ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
if (ret == 0) {
XMEMCPY(out, cmac->digest, *outSz);
}
}; break;
#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
default:
ret = BAD_FUNC_ARG;
}
}
return ret;
}
int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz) {
int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
{
int ret = 0;
if (cmac == NULL)
@ -314,7 +361,7 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz) {
return ret;
}
#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
int wc_AesCmacGenerate_ex(Cmac* cmac,
byte* out, word32* outSz,
const byte* in, word32 inSz,
@ -334,8 +381,6 @@ int wc_AesCmacGenerate_ex(Cmac* cmac,
if (devId != INVALID_DEVID)
#endif
{
cmac->devCtx = NULL;
ret = wc_CryptoCb_Cmac(cmac, key, keySz, in, inSz, out, outSz,
WC_CMAC_AES, NULL);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
@ -432,7 +477,8 @@ int wc_AesCmacVerify_ex(Cmac* cmac,
word32 aSz = sizeof(a);
int compareRet;
if (cmac == NULL || check == NULL || checkSz == 0 || (in == NULL && inSz != 0)) {
if (cmac == NULL || check == NULL || checkSz == 0 ||
(in == NULL && inSz != 0)) {
return BAD_FUNC_ARG;
}
@ -498,5 +544,6 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz,
return ret;
}
#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
#endif /* WOLFSSL_CMAC && NO_AES && WOLFSSL_AES_DIRECT */
#endif /* WOLFSSL_CMAC */

32
wolfcrypt/src/cryptocb.c
View File

@ -84,6 +84,7 @@ static const char* GetAlgoTypeStr(int algo)
case WC_ALGO_TYPE_RNG: return "RNG";
case WC_ALGO_TYPE_SEED: return "Seed";
case WC_ALGO_TYPE_HMAC: return "HMAC";
case WC_ALGO_TYPE_CMAC: return "CMAC";
}
return NULL;
}
@ -103,6 +104,7 @@ static const char* GetPkTypeStr(int pk)
}
return NULL;
}
#if !defined(NO_AES) || !defined(NO_DES3)
static const char* GetCipherTypeStr(int cipher)
{
switch (cipher) {
@ -118,6 +120,7 @@ static const char* GetCipherTypeStr(int cipher)
}
return NULL;
}
#endif /* !NO_AES || !NO_DES3 */
static const char* GetHashTypeStr(int hash)
{
switch (hash) {
@ -140,6 +143,16 @@ static const char* GetHashTypeStr(int hash)
return NULL;
}
#ifdef WOLFSSL_CMAC
static const char* GetCmacTypeStr(int type)
{
switch (type) {
case WC_CMAC_AES: return "AES";
}
return NULL;
}
#endif /* WOLFSSL_CMAC */
#ifndef NO_RSA
static const char* GetRsaType(int type)
{
@ -185,12 +198,14 @@ WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
GetPkTypeStr(info->pk.type), info->pk.type);
}
}
#if !defined(NO_AES) || !defined(NO_DES3)
else if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
printf("Crypto CB: %s %s (%d) (%p ctx)\n",
GetAlgoTypeStr(info->algo_type),
GetCipherTypeStr(info->cipher.type),
info->cipher.type, info->cipher.ctx);
}
#endif /* !NO_AES || !NO_DES3 */
else if (info->algo_type == WC_ALGO_TYPE_HASH) {
printf("Crypto CB: %s %s (%d) (%p ctx) %s\n",
GetAlgoTypeStr(info->algo_type),
@ -205,6 +220,17 @@ WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
info->hmac.macType, info->hmac.hmac,
(info->hmac.in != NULL) ? "Update" : "Final");
}
#ifdef WOLFSSL_CMAC
else if (info->algo_type == WC_ALGO_TYPE_CMAC) {
printf("Crypto CB: %s %s (%d) (%p ctx) %s %s %s\n",
GetAlgoTypeStr(info->algo_type),
GetCmacTypeStr(info->cmac.type),
info->cmac.type, info->cmac.cmac,
(info->cmac.key != NULL) ? "Init " : "",
(info->cmac.in != NULL) ? "Update " : "",
(info->cmac.out != NULL) ? "Final" : "");
}
#endif
#ifdef WOLF_CRYPTO_CB_CMD
else if (info->algo_type == WC_ALGO_TYPE_NONE) {
printf("Crypto CB: %s %s (%d)\n",
@ -1774,7 +1800,8 @@ int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz)
return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif /* !WC_NO_RNG */
#ifdef WOLFSSL_CMAC
#if defined(WOLFSSL_CMAC)
int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz,
const byte* in, word32 inSz, byte* out, word32* outSz, int type,
void* ctx)
@ -1790,7 +1817,6 @@ int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz,
/* locate first callback and try using it */
dev = wc_CryptoCb_FindDeviceByIndex(0);
}
if (dev && dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
@ -1811,7 +1837,7 @@ int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz,
return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif
#endif /* WOLFSSL_CMAC */
/* returns the default dev id for the current build */
int wc_CryptoCb_DefaultDevID(void)

29
wolfssl/wolfcrypt/cmac.h
View File

@ -24,9 +24,12 @@
#define WOLF_CRYPT_CMAC_H
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/aes.h>
#if !defined(NO_AES) && defined(WOLFSSL_CMAC)
#ifdef WOLFSSL_CMAC
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
#endif
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
@ -40,16 +43,22 @@
/* avoid redefinition of structs */
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(2,0,0)
typedef enum CmacType {
WC_CMAC_AES = 1
} CmacType;
#ifndef WC_CMAC_TYPE_DEFINED
typedef struct Cmac Cmac;
#define WC_CMAC_TYPE_DEFINED
#endif
struct Cmac {
#ifndef NO_AES
Aes aes;
byte buffer[AES_BLOCK_SIZE]; /* partially stored block */
byte digest[AES_BLOCK_SIZE]; /* running digest */
byte k1[AES_BLOCK_SIZE];
byte k2[AES_BLOCK_SIZE];
#endif
word32 bufferSz;
word32 totalSz;
#ifdef WOLF_CRYPTO_CB
@ -70,16 +79,20 @@ struct Cmac {
#ifdef WOLFSSL_SE050
byte useSWCrypt; /* Use SW crypt instead of SE050, before SCP03 auth */
#endif
CmacType type;
};
typedef enum CmacType {
WC_CMAC_AES = 1
} CmacType;
#ifndef NO_AES
#define WC_CMAC_TAG_MAX_SZ AES_BLOCK_SIZE
#define WC_CMAC_TAG_MIN_SZ (AES_BLOCK_SIZE/4)
#else
/* Reasonable defaults */
#define WC_CMAC_TAG_MAX_SZ 16
#define WC_CMAC_TAG_MIN_SZ 4
#endif
#if FIPS_VERSION3_GE(6,0,0)
extern const unsigned int wolfCrypt_FIPS_cmac_ro_sanity[2];
@ -111,6 +124,7 @@ int wc_CmacFinal(Cmac* cmac,
WOLFSSL_API
int wc_CmacFree(Cmac* cmac);
#ifndef NO_AES
WOLFSSL_API
int wc_AesCmacGenerate(byte* out, word32* outSz,
const byte* in, word32 inSz,
@ -134,10 +148,11 @@ int wc_AesCmacVerify_ex(Cmac* cmac,
const byte* key, word32 keySz,
void* heap,
int devId);
WOLFSSL_LOCAL
void ShiftAndXorRb(byte* out, byte* in);
#endif /* !NO_AES */
#ifdef WOLFSSL_HASH_KEEP
WOLFSSL_API
int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz);
@ -148,6 +163,6 @@ int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz);
#endif
#endif /* NO_AES && WOLFSSL_CMAC */
#endif /* WOLFSSL_CMAC */
#endif /* WOLF_CRYPT_CMAC_H */