add standalone AES-CMAC generate and verify functions

2016-05-25 09:22:39 -07:00
parent 9bf4598772
commit ae093ded8f
3 changed files with 55 additions and 0 deletions
--- a/wolfcrypt/src/cmac.c
+++ b/wolfcrypt/src/cmac.c
@ -160,4 +160,38 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
 }


+int wc_AesCmacGenerate(byte* out, word32* outSz,
+                       const byte* in, word32 inSz,
+                       const byte* key, word32 keySz)
+{
+    Cmac cmac;
+
+    wc_InitCmac(&cmac, key, keySz, WC_CMAC_AES, NULL);
+    wc_CmacUpdate(&cmac, in, inSz);
+    wc_CmacFinal(&cmac, out, outSz);
+
+    return 0;
+}
+
+
+int wc_AesCmacVerify(const byte* check, word32 checkSz,
+                     const byte* in, word32 inSz,
+                     const byte* key, word32 keySz)
+{
+    byte a[AES_BLOCK_SIZE];
+    word32 aSz = sizeof(a);
+    int result;
+    int compareRet;
+
+    XMEMSET(a, 0, aSz);
+    result = wc_AesCmacGenerate(a, &aSz, in, inSz, key, keySz);
+    compareRet = ConstantCompare(check, a, min(checkSz, aSz));
+
+    if (result == 0)
+        result = compareRet ? 1 : 0;
+
+    return result;
+}
+
+
 #endif /* WOLFSSL_CMAC && NO_AES && WOLFSSL_AES_DIRECT */
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -7791,6 +7791,17 @@ int cmac_test(void)
            return -4036;
        if (XMEMCMP(tag, tc->t, AES_BLOCK_SIZE) != 0)
            return -4037;
+
+        XMEMSET(tag, 0, sizeof(tag));
+        tagSz = sizeof(tag);
+        if (wc_AesCmacGenerate(tag, &tagSz, tc->m, tc->mSz,
+                               tc->k, tc->kSz) != 0)
+            return -4038;
+        if (XMEMCMP(tag, tc->t, AES_BLOCK_SIZE) != 0)
+            return -4039;
+        if (wc_AesCmacVerify(tc->t, tc->tSz, tc->m, tc->mSz,
+                             tc->k, tc->kSz) != 0)
+            return -4040;
    }

    return 0;
--- a/wolfssl/wolfcrypt/cmac.h
+++ b/wolfssl/wolfcrypt/cmac.h
@ -59,6 +59,16 @@ WOLFSSL_API
 int wc_CmacFinal(Cmac* cmac,
                 byte* out, word32* outSz);

+WOLFSSL_API
+int wc_AesCmacGenerate(byte* out, word32* outSz,
+                       const byte* in, word32 inSz,
+                       const byte* key, word32 keySz);
+
+WOLFSSL_API
+int wc_AesCmacVerify(const byte* check, word32 checkSz,
+                     const byte* in, word32 inSz,
+                     const byte* key, word32 keySz);
+
 #ifdef __cplusplus
    } /* extern "C" */
 #endif