// We are doing CBC-MAC not CMAC at this time
bool AES_CMAC_Validate(COSE_MacMessage * pcose, int KeySize, int TagSize, const byte * pbAuthData, int cbAuthData, cose_errback * perr)
{
CMAC_CTX * pctx = NULL;
const EVP_CIPHER * pcipher = NULL;
byte * rgbOut = NULL;
size_t cbOut;
bool f = false;
unsigned int i;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context * context = &pcose->m_message.m_allocContext;
#endif
pctx = CMAC_CTX_new();
switch (KeySize) {
case 128: pcipher = EVP_aes_128_cbc(); break;
case 256: pcipher = EVP_aes_256_cbc(); break;
default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
}
rgbOut = COSE_CALLOC(128/8, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
CHECK_CONDITION(CMAC_Init(pctx, pcose->pbKey, pcose->cbKey, pcipher, NULL /*impl*/) == 1, COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(CMAC_Update(pctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(CMAC_Final(pctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);
cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);
for (i = 0; i < (unsigned int)TagSize / 8; i++) f |= (cn->v.bytes[i] != rgbOut[i]);
COSE_FREE(rgbOut, context);
CMAC_CTX_cleanup(pctx);
CMAC_CTX_free(pctx);
return !f;
errorReturn:
COSE_FREE(rgbOut, context);
CMAC_CTX_cleanup(pctx);
CMAC_CTX_free(pctx);
return false;
}
void
CMAC_CTX_free(CMAC_CTX *ctx)
{
if (ctx == NULL)
return;
CMAC_CTX_cleanup(ctx);
free(ctx);
}
int FIPS_selftest_cmac()
{
size_t n, outlen;
unsigned char out[32];
const EVP_CIPHER *cipher;
CMAC_CTX *ctx = CMAC_CTX_new();
const CMAC_KAT *t;
int rv = 1;
for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) {
cipher = FIPS_get_cipherbynid(t->nid);
if (!cipher) {
rv = -1;
goto err;
}
if (!CMAC_Init(ctx, t->key, t->keysize / 8, cipher, 0)) {
rv = -1;
goto err;
}
if (!CMAC_Update(ctx, t->msg, t->msgsize / 8)) {
rv = -1;
goto err;
}
if (!CMAC_Final(ctx, out, &outlen)) {
rv = -1;
goto err;
}
CMAC_CTX_cleanup(ctx);
if (outlen < t->macsize / 8 || memcmp(out, t->mac, t->macsize / 8)) {
rv = 0;
}
}
err:
CMAC_CTX_free(ctx);
if (rv == -1) {
rv = 0;
}
if (!rv)
FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC, FIPS_R_SELFTEST_FAILED);
return rv;
}
void CMAC_CTX_free(CMAC_CTX *ctx)
{
CMAC_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
int FIPS_selftest_cmac()
{
size_t n, outlen;
unsigned char out[32];
const EVP_CIPHER *cipher;
CMAC_CTX *ctx = CMAC_CTX_new();
const CMAC_KAT *t;
int subid = -1, rv = 1;
for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
{
cipher = FIPS_get_cipherbynid(t->nid);
if (!cipher)
{
rv = -1;
goto err;
}
subid = M_EVP_CIPHER_nid(cipher);
if (!fips_post_started(FIPS_TEST_CMAC, subid, 0))
continue;
if (!CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0))
{
rv = -1;
goto err;
}
if (!CMAC_Update(ctx, t->msg, t->msgsize/8))
{
rv = -1;
goto err;
}
if (!fips_post_corrupt(FIPS_TEST_CMAC, subid, NULL))
{
if (!CMAC_Update(ctx, t->msg, 1))
{
rv = -1;
goto err;
}
}
if (!CMAC_Final(ctx, out, &outlen))
{
rv = -1;
goto err;
}
CMAC_CTX_cleanup(ctx);
if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8))
{
fips_post_failed(FIPS_TEST_CMAC, subid, NULL);
rv = 0;
}
else if (!fips_post_success(FIPS_TEST_CMAC, subid, NULL))
{
rv = 0;
goto err;
}
}
err:
CMAC_CTX_free(ctx);
if (rv == -1)
{
fips_post_failed(FIPS_TEST_CMAC, subid, NULL);
rv = 0;
}
if (!rv)
FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);
return rv;
}
