/** * cdk_keygen_start: kick off the key generation * @hd: the keygen object * **/ cdk_error_t cdk_keygen_start( cdk_keygen_ctx_t hd ) { gcry_sexp_t s_params = NULL, s_key = NULL; size_t n; int rc = 0; if( !hd || !hd->user_id ) return CDK_Inv_Value; if( is_ELG( hd->key[0].algo ) ) return CDK_Inv_Mode; if( !hd->key[0].len ) hd->key[0].len = 1024; n = hd->key[0].len; if( !hd->sym_prefs ) cdk_keygen_set_prefs( hd, CDK_PREFTYPE_SYM, NULL, 0 ); if( !hd->hash_prefs ) cdk_keygen_set_prefs( hd, CDK_PREFTYPE_HASH, NULL, 0 ); if( !hd->zip_prefs ) cdk_keygen_set_prefs( hd, CDK_PREFTYPE_ZIP, NULL, 0 ); if( is_DSA( hd->key[0].algo ) ) rc = gcry_sexp_build( &s_params, NULL, "(genkey(dsa(nbits %d)))", n ); else if( is_RSA( hd->key[0].algo ) ) rc = gcry_sexp_build( &s_params, NULL, "(genkey(rsa(nbits %d)))", n ); else rc = CDK_Inv_Algo; if( !rc ) rc = gcry_pk_genkey( &s_key, s_params ); gcry_sexp_release( s_params ); if( !rc ) { if( is_DSA( hd->key[0].algo ) ) rc = read_dsa_key( s_key, hd->key[0].resarr ); else if( is_RSA( hd->key[0].algo ) ) rc = read_rsa_key( s_key, hd->key[0].resarr ); hd->key[0].n = cdk_pk_get_npkey( hd->key[0].algo ); } gcry_sexp_release( s_key ); if( !rc ) { if( hd->key[1].algo && hd->key[1].len ) rc = generate_subkey( hd ); } return rc; }
void AES_CMAC(unsigned char *key, unsigned char *input, int length, unsigned char *mac) { unsigned char X[16], Y[16], M_last[16], padded[16]; unsigned char K1[16], K2[16]; int n, i, flag; generate_subkey(key, K1, K2); n = (length + 15) / 16; /* n is number of rounds */ if (n == 0) { n = 1; flag = 0; } else { if ((length % 16) == 0) { /* last block is a complete block */ flag = 1; } else { /* last block is not complete block */ flag = 0; } } if (flag) { /* last block is complete block */ xor_128(&input[16 * (n - 1)], K1, M_last); } else { padding(&input[16 * (n - 1)], padded, length % 16); xor_128(padded, K2, M_last); } for (i = 0; i<16; i++) X[i] = 0; for (i = 0; i<n - 1; i++) { xor_128(X, &input[16 * i], Y); /* Y := Mi (+) X */ AES_128(key, Y, X); /* X := AES-128(KEY, Y); */ } xor_128(X, M_last, Y); AES_128(key, Y, X); for (i = 0; i<16; i++) { mac[i] = X[i]; } }
void cmac_calc_mic(struct crypto_cipher *tfm, u8 *m, u16 length, u8 *mac) { u8 x[AES_BLOCK_SIZE], y[AES_BLOCK_SIZE]; u8 m_last[AES_BLOCK_SIZE], padded[AES_BLOCK_SIZE]; u8 k1[AES_KEYSIZE_128], k2[AES_KEYSIZE_128]; int cmpBlk; int i, nBlocks = (length + 15)/AES_BLOCK_SIZE; generate_subkey(tfm, k1, k2); if (nBlocks == 0) { nBlocks = 1; cmpBlk = 0; } else { cmpBlk = ((length % AES_BLOCK_SIZE) == 0) ? 1 : 0; } if (cmpBlk) { /* Last block is complete block */ xor_128(&m[AES_BLOCK_SIZE * (nBlocks - 1)], k1, m_last); } else { /* Last block is not complete block */ padding(&m[AES_BLOCK_SIZE * (nBlocks - 1)], padded, length % AES_BLOCK_SIZE); xor_128(padded, k2, m_last); } for (i = 0; i < AES_BLOCK_SIZE; i++) x[i] = 0; for (i = 0; i < (nBlocks - 1); i++) { xor_128(x, &m[AES_BLOCK_SIZE * i], y); /* y = Mi (+) x */ crypto_cipher_encrypt_one(tfm, x, y); /* x = AES-128(KEY, y) */ } xor_128(x, m_last, y); crypto_cipher_encrypt_one(tfm, x, y); vos_mem_copy(mac, x, CMAC_TLEN); }