/**
* cdk_keygen_start: kick off the key generation
* @hd: the keygen object
*
**/
cdk_error_t
cdk_keygen_start( cdk_keygen_ctx_t hd )
{
gcry_sexp_t s_params = NULL, s_key = NULL;
size_t n;
int rc = 0;
if( !hd || !hd->user_id )
return CDK_Inv_Value;
if( is_ELG( hd->key[0].algo ) )
return CDK_Inv_Mode;
if( !hd->key[0].len )
hd->key[0].len = 1024;
n = hd->key[0].len;
if( !hd->sym_prefs )
cdk_keygen_set_prefs( hd, CDK_PREFTYPE_SYM, NULL, 0 );
if( !hd->hash_prefs )
cdk_keygen_set_prefs( hd, CDK_PREFTYPE_HASH, NULL, 0 );
if( !hd->zip_prefs )
cdk_keygen_set_prefs( hd, CDK_PREFTYPE_ZIP, NULL, 0 );
if( is_DSA( hd->key[0].algo ) )
rc = gcry_sexp_build( &s_params, NULL, "(genkey(dsa(nbits %d)))", n );
else if( is_RSA( hd->key[0].algo ) )
rc = gcry_sexp_build( &s_params, NULL, "(genkey(rsa(nbits %d)))", n );
else
rc = CDK_Inv_Algo;
if( !rc )
rc = gcry_pk_genkey( &s_key, s_params );
gcry_sexp_release( s_params );
if( !rc ) {
if( is_DSA( hd->key[0].algo ) )
rc = read_dsa_key( s_key, hd->key[0].resarr );
else if( is_RSA( hd->key[0].algo ) )
rc = read_rsa_key( s_key, hd->key[0].resarr );
hd->key[0].n = cdk_pk_get_npkey( hd->key[0].algo );
}
gcry_sexp_release( s_key );
if( !rc ) {
if( hd->key[1].algo && hd->key[1].len )
rc = generate_subkey( hd );
}
return rc;
}
void AES_CMAC(unsigned char *key, unsigned char *input, int length,
unsigned char *mac)
{
unsigned char X[16], Y[16], M_last[16], padded[16];
unsigned char K1[16], K2[16];
int n, i, flag;
generate_subkey(key, K1, K2);
n = (length + 15) / 16; /* n is number of rounds */
if (n == 0) {
n = 1;
flag = 0;
}
else {
if ((length % 16) == 0) { /* last block is a complete block */
flag = 1;
}
else { /* last block is not complete block */
flag = 0;
}
}
if (flag) { /* last block is complete block */
xor_128(&input[16 * (n - 1)], K1, M_last);
}
else {
padding(&input[16 * (n - 1)], padded, length % 16);
xor_128(padded, K2, M_last);
}
for (i = 0; i<16; i++) X[i] = 0;
for (i = 0; i<n - 1; i++) {
xor_128(X, &input[16 * i], Y); /* Y := Mi (+) X */
AES_128(key, Y, X); /* X := AES-128(KEY, Y); */
}
xor_128(X, M_last, Y);
AES_128(key, Y, X);
for (i = 0; i<16; i++) {
mac[i] = X[i];
}
}
void cmac_calc_mic(struct crypto_cipher *tfm, u8 *m,
u16 length, u8 *mac)
{
u8 x[AES_BLOCK_SIZE], y[AES_BLOCK_SIZE];
u8 m_last[AES_BLOCK_SIZE], padded[AES_BLOCK_SIZE];
u8 k1[AES_KEYSIZE_128], k2[AES_KEYSIZE_128];
int cmpBlk;
int i, nBlocks = (length + 15)/AES_BLOCK_SIZE;
generate_subkey(tfm, k1, k2);
if (nBlocks == 0) {
nBlocks = 1;
cmpBlk = 0;
} else {
cmpBlk = ((length % AES_BLOCK_SIZE) == 0) ? 1 : 0;
}
if (cmpBlk) { /* Last block is complete block */
xor_128(&m[AES_BLOCK_SIZE * (nBlocks - 1)], k1, m_last);
} else { /* Last block is not complete block */
padding(&m[AES_BLOCK_SIZE * (nBlocks - 1)], padded,
length % AES_BLOCK_SIZE);
xor_128(padded, k2, m_last);
}
for (i = 0; i < AES_BLOCK_SIZE; i++)
x[i] = 0;
for (i = 0; i < (nBlocks - 1); i++) {
xor_128(x, &m[AES_BLOCK_SIZE * i], y); /* y = Mi (+) x */
crypto_cipher_encrypt_one(tfm, x, y); /* x = AES-128(KEY, y) */
}
xor_128(x, m_last, y);
crypto_cipher_encrypt_one(tfm, x, y);
vos_mem_copy(mac, x, CMAC_TLEN);
}
