--- /dev/null
+/**
+ * \file
+ * <!--
+ * This file is part of BeRTOS.
+ *
+ * Bertos is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * As a special exception, you may use this file as part of a free software
+ * library without restriction. Specifically, if other files instantiate
+ * templates or use macros or inline functions from this file, or you compile
+ * this file and link it with other files to produce an executable, this
+ * file does not by itself cause the resulting executable to be covered by
+ * the GNU General Public License. This exception does not however
+ * invalidate any other reasons why the executable file might be covered by
+ * the GNU General Public License.
+ *
+ * Copyright 2006 Develer S.r.l. (http://www.develer.com/)
+ *
+ * -->
+ *
+ * \brief OMAC implementation
+ * \author Giovanni Bajo <rasky@develer.com>
+ */
+
+#include "omac.h"
+#include <cfg/macros.h>
+#include <sec/util.h>
+
+static void omac_set_key(Mac *ctx_, const void* key, size_t len)
+{
+ OmacContext *ctx = (OmacContext *)ctx_;
+ cipher_set_vkey(ctx->c, key, len);
+}
+
+static void omac_begin(Mac *ctx_)
+{
+ OmacContext *ctx = (OmacContext *)ctx_;
+
+ ctx->acc = 0;
+
+ memset(ctx->Y, 0, cipher_block_len(ctx->c));
+ cipher_cbc_begin(ctx->c, ctx->Y);
+}
+
+static void omac_update(Mac *ctx_, const void *data_, size_t len)
+{
+ OmacContext *ctx = (OmacContext *)ctx_;
+ size_t blen = cipher_block_len(ctx->c);
+ const uint8_t *data = (const uint8_t *)data_;
+
+ while (len)
+ {
+ ASSERT(ctx->acc <= blen);
+ if (ctx->acc == blen)
+ {
+ cipher_cbc_encrypt(ctx->c, ctx->accum);
+ ctx->acc = 0;
+ }
+
+ size_t L = MIN(len, blen - ctx->acc);
+ memcpy(ctx->accum + ctx->acc, data, L);
+ data += L;
+ len -= L;
+ ctx->acc += L;
+ }
+}
+
+static void omac_shift_left(uint8_t *L, size_t len)
+{
+ int firstbit = L[0] >> 7;
+ size_t i;
+
+ for (i=0; i<len-1; ++i)
+ L[i] = (L[i] << 1) | (L[i+1] >> 7);
+ L[i] <<= 1;
+
+ if (firstbit)
+ {
+ if (len == 16)
+ L[i] ^= 0x87;
+ else if (len == 8)
+ L[i] ^= 0x1B;
+ else
+ ASSERT(0);
+ }
+}
+
+static void omac_shift_right(uint8_t *L, size_t len)
+{
+ int firstbit = L[len-1] & 1;
+ size_t i;
+
+ for (i=len-1; i>0; --i)
+ L[i] = (L[i] >> 1) | (L[i-1] << 7);
+ L[i] >>= 1;
+
+ if (firstbit)
+ {
+ L[i] |= 0x80;
+ if (len == 16)
+ L[len-1] ^= 0x43;
+ else if (len == 8)
+ L[len-1] ^= 0x0D;
+ else
+ ASSERT(0);
+ }
+}
+
+static uint8_t *omac1_final(Mac *ctx_)
+{
+ OmacContext *ctx = (OmacContext *)ctx_;
+ size_t blen = cipher_block_len(ctx->c);
+
+ uint8_t L[blen];
+ memset(L, 0, blen);
+ cipher_ecb_encrypt(ctx->c, L);
+
+ omac_shift_left(L, blen);
+ if (ctx->acc < blen)
+ {
+ ctx->accum[ctx->acc++] = 0x80;
+ memset(ctx->accum + ctx->acc, 0, blen - ctx->acc);
+ omac_shift_left(L, blen);
+ }
+
+ xor_block(ctx->accum, ctx->accum, L, blen);
+ cipher_cbc_encrypt(ctx->c, ctx->accum);
+ return ctx->accum;
+}
+
+static uint8_t *omac2_final(Mac *ctx_)
+{
+ OmacContext *ctx = (OmacContext *)ctx_;
+ size_t blen = cipher_block_len(ctx->c);
+
+ uint8_t L[blen];
+ memset(L, 0, blen);
+ cipher_ecb_encrypt(ctx->c, L);
+
+ if (ctx->acc < blen)
+ {
+ ctx->accum[ctx->acc++] = 0x80;
+ memset(ctx->accum + ctx->acc, 0, blen - ctx->acc);
+ omac_shift_right(L, blen);
+ }
+ else
+ omac_shift_left(L, blen);
+
+ xor_block(ctx->accum, ctx->accum, L, blen);
+ cipher_cbc_encrypt(ctx->c, ctx->accum);
+ return ctx->accum;
+}
+
+
+/****************************************************************************/
+
+static void omac_init(OmacContext *ctx, BlockCipher *c)
+{
+ ctx->mac.set_key = omac_set_key;
+ ctx->mac.begin = omac_begin;
+ ctx->mac.update = omac_update;
+ ctx->mac.key_len = cipher_key_len(c);
+ ctx->mac.digest_len = cipher_block_len(c);
+ ctx->c = c;
+
+ ASSERT(cipher_block_len(c) == 8 || cipher_block_len(c) == 16);
+ ASSERT(sizeof(ctx->Y) >= cipher_block_len(c));
+ ASSERT(sizeof(ctx->accum) >= cipher_block_len(c));
+}
+
+void omac1_init(OmacContext *ctx, BlockCipher *c)
+{
+ omac_init(ctx, c);
+ ctx->mac.final = omac1_final;
+}
+
+void omac2_init(OmacContext *ctx, BlockCipher *c)
+{
+ omac_init(ctx, c);
+ ctx->mac.final = omac2_final;
+}
--- /dev/null
+/**
+ * \file
+ * <!--
+ * This file is part of BeRTOS.
+ *
+ * Bertos is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * As a special exception, you may use this file as part of a free software
+ * library without restriction. Specifically, if other files instantiate
+ * templates or use macros or inline functions from this file, or you compile
+ * this file and link it with other files to produce an executable, this
+ * file does not by itself cause the resulting executable to be covered by
+ * the GNU General Public License. This exception does not however
+ * invalidate any other reasons why the executable file might be covered by
+ * the GNU General Public License.
+ *
+ * Copyright 2006 Develer S.r.l. (http://www.develer.com/)
+ *
+ * -->
+ *
+ * \brief OMAC implementation
+ * \author Giovanni Bajo <rasky@develer.com>
+ */
+
+#ifndef SEC_MAC_OMAC_H
+#define SEC_MAC_OMAC_H
+
+#include <sec/mac.h>
+#include <sec/cipher.h>
+
+typedef struct OmacContext
+{
+ Mac mac;
+ BlockCipher *c;
+ uint8_t Y[16];
+ uint8_t accum[16];
+ uint8_t acc;
+} OmacContext;
+
+void omac1_init(OmacContext *ctx, BlockCipher *c);
+void omac2_init(OmacContext *ctx, BlockCipher *c);
+
+#define omac1_stackinit(...) \
+ ({ OmacContext *ctx = alloca(sizeof(OmacContext)); omac1_init(ctx, ##__VA_ARGS__); &ctx->mac; })
+#define omac2_stackinit(...) \
+ ({ OmacContext *ctx = alloca(sizeof(OmacContext)); omac2_init(ctx, ##__VA_ARGS__); &ctx->mac; })
+
+int omac_testSetup(void);
+int omac_testTearDown(void);
+int omac_testRun(void);
+
+#endif /* SEC_MAC_OMAC_H */
--- /dev/null
+
+#include <sec/mac/omac.h>
+#include <sec/cipher/aes.h>
+#include <cfg/test.h>
+#include <cfg/debug.h>
+#include <string.h>
+
+int omac_testSetup(void)
+{
+ kdbg_init();
+ return 0;
+}
+
+int omac_testTearDown(void)
+{
+ return 0;
+}
+
+struct OmacTest
+{
+ void *key;
+ size_t klen;
+ uint8_t *msg;
+ size_t mlen;
+ uint8_t digest[16*2];
+};
+
+static const struct OmacTest tests1_aes128[] =
+{
+ {
+ "2b7e151628aed2a6abf7158809cf4f3c", 16,
+ "", 0,
+ "bb1d6929e95937287fa37d129b756746",
+ },
+ {
+ "2b7e151628aed2a6abf7158809cf4f3c", 16,
+ "6bc1bee22e409f96e93d7e117393172a", 16,
+ "070a16b46b4d4144f79bdd9dd04a287c",
+ },
+ {
+ "2b7e151628aed2a6abf7158809cf4f3c", 16,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710", 64,
+ "51f0bebf7e3b9d92fc49741779363cfe",
+ },
+};
+
+static const struct OmacTest tests1_aes192[] =
+{
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "", 0,
+ "d17ddf46adaacde531cac483de7a9367",
+ },
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "6bc1bee22e409f96e93d7e117393172a", 16,
+ "9e99a7bf31e710900662f65e617c5184",
+ },
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411", 40,
+ "8a1de5be2eb31aad089a82e6ee908b0e",
+ },
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710", 64,
+ "a1d5df0eed790f794d77589659f39a11",
+ },
+};
+
+static const struct OmacTest tests1_aes256[] =
+{
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "", 0,
+ "028962f61b7bf89efc6b551f4667d983",
+ },
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "6bc1bee22e409f96e93d7e117393172a", 16,
+ "28a7023f452e8f82bd4bf28d8c37c35c",
+ },
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411", 40,
+ "aaf3d8f1de5640c232f5b169b9c911e6",
+ },
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710", 64,
+ "e1992190549f6ed5696a2c056c315410",
+ },
+};
+
+static const struct OmacTest tests2_aes128[] =
+{
+ {
+ "2b7e151628aed2a6abf7158809cf4f3c", 16,
+ "", 0,
+ "f6bc6a41f4f84593809e59b719299cfe",
+ },
+ {
+ "2b7e151628aed2a6abf7158809cf4f3c", 16,
+ "6bc1bee22e409f96e93d7e117393172a", 16,
+ "070a16b46b4d4144f79bdd9dd04a287c",
+ },
+ {
+ "2b7e151628aed2a6abf7158809cf4f3c", 16,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411", 40,
+ "23fdaa0831cd314491ce4b25acb6023b",
+ },
+ {
+ "2b7e151628aed2a6abf7158809cf4f3c", 16,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710", 64,
+ "51f0bebf7e3b9d92fc49741779363cfe",
+ },
+};
+
+static const struct OmacTest tests2_aes192[] =
+{
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "", 0,
+ "149f579df2129d45a69266898f55aeb2",
+ },
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "6bc1bee22e409f96e93d7e117393172a", 16,
+ "9e99a7bf31e710900662f65e617c5184",
+ },
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411", 40,
+ "b35e2d1b73aed49b78bdbdfe61f646df",
+ },
+ {
+ "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b", 24,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710", 64,
+ "a1d5df0eed790f794d77589659f39a11",
+ },
+};
+
+static const struct OmacTest tests2_aes256[] =
+{
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "", 0,
+ "47fbde71866eae6080355b5fc7ff704c",
+ },
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "6bc1bee22e409f96e93d7e117393172a", 16,
+ "28a7023f452e8f82bd4bf28d8c37c35c",
+ },
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411", 40,
+ "f018e6053611b34bc872d6b7ff24749f",
+ },
+ {
+ "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", 32,
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710", 64,
+ "e1992190549f6ed5696a2c056c315410",
+ },
+};
+
+static void hexunlify(uint8_t *out, const uint8_t *in, size_t len)
+{
+ #define TO_DEC(x) ((x >= '0' && x <= '9') ? x-'0' : \
+ (x >= 'a' && x <= 'f') ? x-'a'+10 : \
+ (x >= 'A' && x <= 'F') ? x-'A'+10 : 0)
+ while (len--)
+ {
+ *out++ = TO_DEC(in[0])*16 + TO_DEC(in[1]);
+ in += 2;
+ }
+}
+
+static void runTest(Mac *m, const struct OmacTest *t, size_t num)
+{
+ for (size_t i=0; i<num; ++i, ++t)
+ {
+ uint8_t key[t->klen];
+ hexunlify(key, t->key, t->klen);
+
+ uint8_t msg[t->mlen];
+ hexunlify(msg, t->msg, t->mlen);
+
+ uint8_t digest[16];
+ hexunlify(digest, t->digest, 16);
+
+ mac_set_key(m, key, t->klen);
+ mac_begin(m);
+ mac_update(m, msg, t->mlen);
+ uint8_t *result = mac_final(m);
+
+ ASSERT(memcmp(result, digest, 16) == 0);
+ }
+}
+
+int omac_testRun(void)
+{
+ if (1)
+ {
+ Mac *m = omac1_stackinit(AES128_stackinit());
+ runTest(m, tests1_aes128, countof(tests1_aes128));
+ }
+
+ if (1)
+ {
+ Mac *m = omac1_stackinit(AES192_stackinit());
+ runTest(m, tests1_aes192, countof(tests1_aes192));
+ }
+
+ if (1)
+ {
+ Mac *m = omac1_stackinit(AES256_stackinit());
+ runTest(m, tests1_aes256, countof(tests1_aes256));
+ }
+
+ if (1)
+ {
+ Mac *m = omac2_stackinit(AES128_stackinit());
+ runTest(m, tests2_aes128, countof(tests2_aes128));
+ }
+
+ if (1)
+ {
+ Mac *m = omac2_stackinit(AES192_stackinit());
+ runTest(m, tests2_aes192, countof(tests2_aes192));
+ }
+
+ if (1)
+ {
+ Mac *m = omac2_stackinit(AES256_stackinit());
+ runTest(m, tests2_aes256, countof(tests2_aes256));
+ }
+
+ return 0;
+}
+
+TEST_MAIN(omac);
projects / bertos.git / commitdiff