Re: [PATCH 2/3] shared/crypto: Add support to sign data with AES-CMAC

Marcel Holtmann <marcel@xxxxxxxxxxxx> · Wed, 14 May 2014 08:07:15 -0700

Hi Lukas,

> This patch adds support to generate hash using AES-CMAC algorithm
> ---
> src/shared/crypto.c | 37 +++++++++++++++++++++++++++++++++++++
> src/shared/crypto.h |  4 ++++
> 2 files changed, 41 insertions(+)
> 
> diff --git a/src/shared/crypto.c b/src/shared/crypto.c
> index f0b2979..a0bcc7b 100644
> --- a/src/shared/crypto.c
> +++ b/src/shared/crypto.c
> @@ -256,6 +256,43 @@ static inline void swap128(const uint8_t src[16], uint8_t dst[16])
> 		dst[15 - i] = src[i];
> }
> 
> +bool bt_crypto_cmac_aes_hash(struct bt_crypto *crypto,
> +					const uint8_t key[16],
> +					const uint8_t *m, uint16_t m_len,
> +					uint8_t hash[12])
> +{
> +	int fd;
> +	int len;
> +	uint8_t tmp[16], out[16];
> +
> +	if (!crypto)
> +		return false;
> +
> +	/* The most significant octet of key corresponds to key[0] */
> +	swap128(key, tmp);
> +
> +	fd = alg_new(crypto->cmac_aes, tmp, 16);
> +	if (fd < 0)
> +		return false;
> +
> +	len = send(fd, m, m_len, 0);
> +	if (len < 0)
> +		return false;
> +
> +	len = read(fd, out, 16);
> +	if (len < 0)
> +		return false;
> +
> +	/*
> +	 * The most significant octet of hash corresponds to out[0]  - swap it.
> +	 * Then truncate in most significant bit first order to a length of
> +	 * 12 octets
> +	 */
> +	swap128(out, tmp);
> +	memcpy(hash, tmp + 4, 12);
> +
> +	return true;
> +}
> /*
>  * Security function e
>  *
> diff --git a/src/shared/crypto.h b/src/shared/crypto.h
> index cae8daa..05888b9 100644
> --- a/src/shared/crypto.h
> +++ b/src/shared/crypto.h
> @@ -46,3 +46,7 @@ bool bt_crypto_c1(struct bt_crypto *crypto, const uint8_t k[16],
> bool bt_crypto_s1(struct bt_crypto *crypto, const uint8_t k[16],
> 			const uint8_t r1[16], const uint8_t r2[16],
> 			uint8_t res[16]);
> +bool bt_crypto_cmac_aes_hash(struct bt_crypto *crypto,
> +					const uint8_t key[16],
> +					const uint8_t *m, uint16_t m_len,
> +					uint8_t hash[12]);

we are using the cryptographic names from the Bluetooth specification cryptographic toolbox. I bet this one has a proper function name as well. So lets use that one.

Regards

Marcel

--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html