ARG_DISBL_SET([dnskey], [disable DNS RR key decoding plugin.])
ARG_DISBL_SET([pem], [disable PEM decoding plugin.])
ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.])
+ARG_DISBL_SET([cmac], [disable CMAC crypto implementation plugin.])
ARG_DISBL_SET([xcbc], [disable xcbc crypto implementation plugin.])
ARG_ENABL_SET([af-alg], [enable AF_ALG crypto interface to Linux Crypto API.])
ARG_ENABL_SET([test-vectors], [enable plugin providing crypto test vectors.])
ADD_PLUGIN([gmp], [s libcharon pluto openac scepclient pki scripts manager medsrv attest])
ADD_PLUGIN([agent], [s libcharon])
ADD_PLUGIN([xcbc], [s libcharon])
+ADD_PLUGIN([cmac], [s libcharon])
ADD_PLUGIN([hmac], [s libcharon pluto scripts])
ADD_PLUGIN([ctr], [s libcharon scripts])
ADD_PLUGIN([ccm], [s libcharon scripts])
AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
+AM_CONDITIONAL(USE_CMAC, test x$cmac = xtrue)
AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
src/include/Makefile
src/libstrongswan/Makefile
src/libstrongswan/plugins/aes/Makefile
+ src/libstrongswan/plugins/cmac/Makefile
src/libstrongswan/plugins/des/Makefile
src/libstrongswan/plugins/blowfish/Makefile
src/libstrongswan/plugins/md4/Makefile
endif
endif
+if USE_CMAC
+ SUBDIRS += plugins/cmac
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/cmac/libstrongswan-cmac.la
+endif
+endif
+
if USE_XCBC
SUBDIRS += plugins/xcbc
if MONOLITHIC
--- /dev/null
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = -rdynamic
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-cmac.la
+else
+plugin_LTLIBRARIES = libstrongswan-cmac.la
+endif
+
+libstrongswan_cmac_la_SOURCES = \
+ cmac_plugin.h cmac_plugin.c cmac.h cmac.c \
+ cmac_prf.h cmac_prf.c cmac_signer.h cmac_signer.c
+
+libstrongswan_cmac_la_LDFLAGS = -module -avoid-version
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "cmac.h"
+
+#include <debug.h>
+
+typedef struct private_cmac_t private_cmac_t;
+
+/**
+ * Private data of a cmac_t object.
+ *
+ * The variable names are the same as in the RFC.
+ */
+struct private_cmac_t {
+
+ /**
+ * Public interface.
+ */
+ cmac_t public;
+
+ /**
+ * Block size, in bytes
+ */
+ u_int8_t b;
+
+ /**
+ * Crypter with key K
+ */
+ crypter_t *k;
+
+ /**
+ * K1
+ */
+ u_int8_t *k1;
+
+ /**
+ * K2
+ */
+ u_int8_t *k2;
+
+ /**
+ * T
+ */
+ u_int8_t *t;
+
+ /**
+ * remaining, unprocessed bytes in append mode
+ */
+ u_int8_t *remaining;
+
+ /**
+ * number of bytes in remaining
+ */
+ int remaining_bytes;
+};
+
+/**
+ * process supplied data, but do not run final operation
+ */
+static void update(private_cmac_t *this, chunk_t data)
+{
+ chunk_t iv;
+
+ if (this->remaining_bytes + data.len <= this->b)
+ { /* no complete block (or last block), just copy into remaining */
+ memcpy(this->remaining + this->remaining_bytes, data.ptr, data.len);
+ this->remaining_bytes += data.len;
+ return;
+ }
+
+ iv = chunk_alloca(this->b);
+ memset(iv.ptr, 0, iv.len);
+
+ /* T := 0x00000000000000000000000000000000 (initially)
+ * for each block M_i (except the last)
+ * X := T XOR M_i;
+ * T := AES-128(K, X);
+ */
+
+ /* append data to remaining bytes, process block M_1 */
+ memcpy(this->remaining + this->remaining_bytes, data.ptr,
+ this->b - this->remaining_bytes);
+ data = chunk_skip(data, this->b - this->remaining_bytes);
+ memxor(this->t, this->remaining, this->b);
+ this->k->encrypt(this->k, chunk_create(this->t, this->b), iv, NULL);
+
+ /* process blocks M_2 ... M_n-1 */
+ while (data.len > this->b)
+ {
+ memcpy(this->remaining, data.ptr, this->b);
+ data = chunk_skip(data, this->b);
+ memxor(this->t, this->remaining, this->b);
+ this->k->encrypt(this->k, chunk_create(this->t, this->b), iv, NULL);
+ }
+
+ /* store remaining bytes of block M_n */
+ memcpy(this->remaining, data.ptr, data.len);
+ this->remaining_bytes = data.len;
+}
+
+/**
+ * process last block M_last
+ */
+static void final(private_cmac_t *this, u_int8_t *out)
+{
+ chunk_t iv;
+
+ iv = chunk_alloca(this->b);
+ memset(iv.ptr, 0, iv.len);
+
+ /* if last block is complete
+ * M_last := M_n XOR K1;
+ * else
+ * M_last := padding(M_n) XOR K2;
+ */
+ if (this->remaining_bytes == this->b)
+ {
+ memxor(this->remaining, this->k1, this->b);
+ }
+ else
+ {
+ /* padding(x) = x || 10^i where i is 128-8*r-1
+ * That is, padding(x) is the concatenation of x and a single '1',
+ * followed by the minimum number of '0's, so that the total length is
+ * equal to 128 bits.
+ */
+ if (this->remaining_bytes < this->b)
+ {
+ this->remaining[this->remaining_bytes] = 0x80;
+ while (++this->remaining_bytes < this->b)
+ {
+ this->remaining[this->remaining_bytes] = 0x00;
+ }
+ }
+ memxor(this->remaining, this->k2, this->b);
+ }
+ /* T := M_last XOR T;
+ * T := AES-128(K,T);
+ */
+ memxor(this->t, this->remaining, this->b);
+ this->k->encrypt(this->k, chunk_create(this->t, this->b), iv, NULL);
+
+ memcpy(out, this->t, this->b);
+
+ /* reset state */
+ memset(this->t, 0, this->b);
+ this->remaining_bytes = 0;
+}
+
+METHOD(cmac_t, get_mac, void,
+ private_cmac_t *this, chunk_t data, u_int8_t *out)
+{
+ /* update T, do not process last block */
+ update(this, data);
+
+ if (out)
+ { /* if not in append mode, process last block and output result */
+ final(this, out);
+ }
+}
+
+METHOD(cmac_t, get_block_size, size_t,
+ private_cmac_t *this)
+{
+ return this->b;
+}
+
+/**
+ * Left-shift the given chunk by one bit.
+ */
+static void bit_shift(chunk_t chunk)
+{
+ size_t i;
+
+ for (i = 0; i < chunk.len; i++)
+ {
+ chunk.ptr[i] <<= 1;
+ if (i < chunk.len - 1 && chunk.ptr[i + 1] & 0x80)
+ {
+ chunk.ptr[i] |= 0x01;
+ }
+ }
+}
+
+/**
+ * Apply the following key derivation (in-place):
+ * if MSB(C) == 0
+ * C := C << 1
+ * else
+ * C := (C << 1) XOR 0x00000000000000000000000000000087
+ */
+static void derive_key(chunk_t chunk)
+{
+ if (chunk.ptr[0] & 0x80)
+ {
+ chunk_t rb;
+
+ rb = chunk_alloca(chunk.len);
+ memset(rb.ptr, 0, rb.len);
+ rb.ptr[rb.len - 1] = 0x87;
+ bit_shift(chunk);
+ memxor(chunk.ptr, rb.ptr, chunk.len);
+ }
+ else
+ {
+ bit_shift(chunk);
+ }
+}
+
+METHOD(cmac_t, set_key, void,
+ private_cmac_t *this, chunk_t key)
+{
+ chunk_t resized, iv, l;
+
+ /* we support variable keys as defined in RFC 4615 */
+ if (key.len == this->b)
+ {
+ resized = key;
+ }
+ else
+ { /* use cmac recursively to resize longer or shorter keys */
+ resized = chunk_alloca(this->b);
+ memset(resized.ptr, 0, resized.len);
+ set_key(this, resized);
+ get_mac(this, key, resized.ptr);
+ }
+
+ /*
+ * Rb = 0x00000000000000000000000000000087
+ * L = 0x00000000000000000000000000000000 encrypted with K
+ * if MSB(L) == 0
+ * K1 = L << 1
+ * else
+ * K1 = (L << 1) XOR Rb
+ * if MSB(K1) == 0
+ * K2 = K1 << 1
+ * else
+ * K2 = (K1 << 1) XOR Rb
+ */
+ iv = chunk_alloca(this->b);
+ memset(iv.ptr, 0, iv.len);
+ l = chunk_alloca(this->b);
+ memset(l.ptr, 0, l.len);
+ this->k->set_key(this->k, resized);
+ this->k->encrypt(this->k, l, iv, NULL);
+ derive_key(l);
+ memcpy(this->k1, l.ptr, l.len);
+ derive_key(l);
+ memcpy(this->k2, l.ptr, l.len);
+ memwipe(l.ptr, l.len);
+}
+
+METHOD(cmac_t, destroy, void,
+ private_cmac_t *this)
+{
+ this->k->destroy(this->k);
+ memwipe(this->k1, this->b);
+ free(this->k1);
+ memwipe(this->k2, this->b);
+ free(this->k2);
+ free(this->t);
+ free(this->remaining);
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+cmac_t *cmac_create(encryption_algorithm_t algo, size_t key_size)
+{
+ private_cmac_t *this;
+ crypter_t *crypter;
+ u_int8_t b;
+
+ crypter = lib->crypto->create_crypter(lib->crypto, algo, key_size);
+ if (!crypter)
+ {
+ return NULL;
+ }
+ b = crypter->get_block_size(crypter);
+ /* input and output of crypter must be equal for cmac */
+ if (b != key_size)
+ {
+ crypter->destroy(crypter);
+ return NULL;
+ }
+
+ INIT(this,
+ .public = {
+ .get_mac = _get_mac,
+ .get_block_size = _get_block_size,
+ .set_key = _set_key,
+ .destroy = _destroy,
+ },
+ .b = b,
+ .k = crypter,
+ .k1 = malloc(b),
+ .k2 = malloc(b),
+ .t = malloc(b),
+ .remaining = malloc(b),
+ );
+ memset(this->t, 0, b);
+
+ return &this->public;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup cmac cmac
+ * @{ @ingroup cmac_p
+ */
+
+#ifndef CMAC_H_
+#define CMAC_H_
+
+#include <crypto/crypters/crypter.h>
+
+typedef struct cmac_t cmac_t;
+
+/**
+ * Cipher-based Message Authentication Code (CMAC).
+ *
+ * This class implements the message authentication algorithm
+ * described in RFC 4493.
+ */
+struct cmac_t {
+
+ /**
+ * Generate message authentication code.
+ *
+ * If buffer is NULL, no result is given back. A next call will
+ * append the data to already supplied data. If buffer is not NULL,
+ * the mac of all apended data is calculated, returned and the internal
+ * state is reset.
+ *
+ * @param data chunk of data to authenticate
+ * @param buffer pointer where the generated bytes will be written
+ */
+ void (*get_mac) (cmac_t *this, chunk_t data, u_int8_t *buffer);
+
+ /**
+ * Get the block size of this cmac_t object.
+ *
+ * @return block size in bytes
+ */
+ size_t (*get_block_size) (cmac_t *this);
+
+ /**
+ * Set the key for this cmac_t object.
+ *
+ * @param key key to set
+ */
+ void (*set_key) (cmac_t *this, chunk_t key);
+
+ /**
+ * Destroys a cmac_t object.
+ */
+ void (*destroy) (cmac_t *this);
+};
+
+/**
+ * Creates a new cmac_t object.
+ *
+ * @param algo underlying crypto algorithm
+ * @param key_size key size to use, if required for algorithm
+ * @return cmac_t object, NULL if not supported
+ */
+cmac_t *cmac_create(encryption_algorithm_t algo, size_t key_size);
+
+#endif /** CMAC_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "cmac_plugin.h"
+
+#include <library.h>
+#include "cmac_prf.h"
+#include "cmac_signer.h"
+
+typedef struct private_cmac_plugin_t private_cmac_plugin_t;
+
+/**
+ * private data of cmac_plugin
+ */
+struct private_cmac_plugin_t {
+
+ /**
+ * public functions
+ */
+ cmac_plugin_t public;
+};
+
+METHOD(plugin_t, get_name, char*,
+ private_cmac_plugin_t *this)
+{
+ return "cmac";
+}
+
+METHOD(plugin_t, get_features, int,
+ private_cmac_plugin_t *this, plugin_feature_t *features[])
+{
+ static plugin_feature_t f[] = {
+ PLUGIN_REGISTER(PRF, cmac_prf_create),
+ PLUGIN_PROVIDE(PRF, PRF_AES128_CMAC),
+ PLUGIN_DEPENDS(CRYPTER, ENCR_AES_CBC, 16),
+ PLUGIN_REGISTER(SIGNER, cmac_signer_create),
+ PLUGIN_PROVIDE(SIGNER, AUTH_AES_CMAC_96),
+ PLUGIN_DEPENDS(CRYPTER, ENCR_AES_CBC, 16),
+ };
+ *features = f;
+ return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+ private_cmac_plugin_t *this)
+{
+ free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *cmac_plugin_create()
+{
+ private_cmac_plugin_t *this;
+
+ INIT(this,
+ .public = {
+ .plugin = {
+ .get_name = _get_name,
+ .get_features = _get_features,
+ .destroy = _destroy,
+ },
+ },
+ );
+
+ return &this->public.plugin;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup cmac_p cmac
+ * @ingroup plugins
+ *
+ * @defgroup cmac_plugin cmac_plugin
+ * @{ @ingroup cmac_p
+ */
+
+#ifndef CMAC_PLUGIN_H_
+#define CMAC_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct cmac_plugin_t cmac_plugin_t;
+
+/**
+ * Plugin implementing CMAC algorithm to provide crypter based PRF and signer.
+ */
+struct cmac_plugin_t {
+
+ /**
+ * implements plugin interface
+ */
+ plugin_t plugin;
+};
+
+#endif /** CMAC_PLUGIN_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "cmac_prf.h"
+
+#include "cmac.h"
+
+typedef struct private_cmac_prf_t private_cmac_prf_t;
+
+/**
+ * Private data of a cmac_prf_t object.
+ */
+struct private_cmac_prf_t {
+
+ /**
+ * Public cmac_prf_t interface.
+ */
+ cmac_prf_t public;
+
+ /**
+ * cmac to use for generation.
+ */
+ cmac_t *cmac;
+};
+
+METHOD(prf_t, get_bytes, void,
+ private_cmac_prf_t *this, chunk_t seed, u_int8_t *buffer)
+{
+ this->cmac->get_mac(this->cmac, seed, buffer);
+}
+
+METHOD(prf_t, allocate_bytes, void,
+ private_cmac_prf_t *this, chunk_t seed, chunk_t *chunk)
+{
+ if (chunk)
+ {
+ *chunk = chunk_alloc(this->cmac->get_block_size(this->cmac));
+ get_bytes(this, seed, chunk->ptr);
+ }
+ else
+ {
+ get_bytes(this, seed, NULL);
+ }
+}
+
+METHOD(prf_t, get_block_size, size_t,
+ private_cmac_prf_t *this)
+{
+ return this->cmac->get_block_size(this->cmac);
+}
+
+METHOD(prf_t, get_key_size, size_t,
+ private_cmac_prf_t *this)
+{
+ /* in cmac, block and key size are always equal */
+ return this->cmac->get_block_size(this->cmac);
+}
+
+METHOD(prf_t, set_key, void,
+ private_cmac_prf_t *this, chunk_t key)
+{
+ this->cmac->set_key(this->cmac, key);
+}
+
+METHOD(prf_t, destroy, void,
+ private_cmac_prf_t *this)
+{
+ this->cmac->destroy(this->cmac);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+cmac_prf_t *cmac_prf_create(pseudo_random_function_t algo)
+{
+ private_cmac_prf_t *this;
+ cmac_t *cmac;
+
+ switch (algo)
+ {
+ case PRF_AES128_CMAC:
+ cmac = cmac_create(ENCR_AES_CBC, 16);
+ break;
+ default:
+ return NULL;
+ }
+ if (!cmac)
+ {
+ return NULL;
+ }
+
+ INIT(this,
+ .public = {
+ .prf = {
+ .get_bytes = _get_bytes,
+ .allocate_bytes = _allocate_bytes,
+ .get_block_size = _get_block_size,
+ .get_key_size = _get_key_size,
+ .set_key = _set_key,
+ .destroy = _destroy,
+ },
+ },
+ .cmac = cmac,
+ );
+
+ return &this->public;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup cmac_prf cmac_prf
+ * @{ @ingroup cmac_p
+ */
+
+#ifndef PRF_CMAC_H_
+#define PRF_CMAC_H_
+
+typedef struct cmac_prf_t cmac_prf_t;
+
+#include <crypto/prfs/prf.h>
+
+/**
+ * Implementation of prf_t on CBC block cipher using CMAC, RFC 4493 / RFC 4615.
+ *
+ * This simply wraps a cmac_t in a prf_t. More a question of
+ * interface matching.
+ */
+struct cmac_prf_t {
+
+ /**
+ * Implements prf_t interface.
+ */
+ prf_t prf;
+};
+
+/**
+ * Creates a new cmac_prf_t object.
+ *
+ * @param algo algorithm to implement
+ * @return cmac_prf_t object, NULL if hash not supported
+ */
+cmac_prf_t *cmac_prf_create(pseudo_random_function_t algo);
+
+#endif /** PRF_CMAC_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "cmac_signer.h"
+#include "cmac.h"
+
+typedef struct private_cmac_signer_t private_cmac_signer_t;
+
+/**
+ * Private data structure with signing context.
+ */
+struct private_cmac_signer_t {
+
+ /**
+ * Public interface.
+ */
+ cmac_signer_t public;
+
+ /**
+ * Assigned cmac function.
+ */
+ cmac_t *cmac;
+
+ /**
+ * Block size (truncation of CMAC MAC)
+ */
+ size_t block_size;
+};
+
+METHOD(signer_t, get_signature, void,
+ private_cmac_signer_t *this, chunk_t data, u_int8_t *buffer)
+{
+ if (buffer == NULL)
+ { /* append mode */
+ this->cmac->get_mac(this->cmac, data, NULL);
+ }
+ else
+ {
+ u_int8_t mac[this->cmac->get_block_size(this->cmac)];
+
+ this->cmac->get_mac(this->cmac, data, mac);
+ memcpy(buffer, mac, this->block_size);
+ }
+}
+
+METHOD(signer_t, allocate_signature, void,
+ private_cmac_signer_t *this, chunk_t data, chunk_t *chunk)
+{
+ if (chunk == NULL)
+ { /* append mode */
+ this->cmac->get_mac(this->cmac, data, NULL);
+ }
+ else
+ {
+ u_int8_t mac[this->cmac->get_block_size(this->cmac)];
+
+ this->cmac->get_mac(this->cmac, data, mac);
+
+ chunk->ptr = malloc(this->block_size);
+ chunk->len = this->block_size;
+
+ memcpy(chunk->ptr, mac, this->block_size);
+ }
+}
+
+METHOD(signer_t, verify_signature, bool,
+ private_cmac_signer_t *this, chunk_t data, chunk_t signature)
+{
+ u_int8_t mac[this->cmac->get_block_size(this->cmac)];
+
+ if (signature.len != this->block_size)
+ {
+ return FALSE;
+ }
+
+ this->cmac->get_mac(this->cmac, data, mac);
+ return memeq(signature.ptr, mac, this->block_size);
+}
+
+METHOD(signer_t, get_key_size, size_t,
+ private_cmac_signer_t *this)
+{
+ return this->cmac->get_block_size(this->cmac);
+}
+
+METHOD(signer_t, get_block_size, size_t,
+ private_cmac_signer_t *this)
+{
+ return this->block_size;
+}
+
+METHOD(signer_t, set_key, void,
+ private_cmac_signer_t *this, chunk_t key)
+{
+ this->cmac->set_key(this->cmac, key);
+}
+
+METHOD(signer_t, destroy, void,
+ private_cmac_signer_t *this)
+{
+ this->cmac->destroy(this->cmac);
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+cmac_signer_t *cmac_signer_create(integrity_algorithm_t algo)
+{
+ private_cmac_signer_t *this;
+ size_t truncation;
+ cmac_t *cmac;
+
+ switch (algo)
+ {
+ case AUTH_AES_CMAC_96:
+ cmac = cmac_create(ENCR_AES_CBC, 16);
+ truncation = 12;
+ break;
+ default:
+ return NULL;
+ }
+ if (cmac == NULL)
+ {
+ return NULL;
+ }
+
+ INIT(this,
+ .public = {
+ .signer = {
+ .get_signature = _get_signature,
+ .allocate_signature = _allocate_signature,
+ .verify_signature = _verify_signature,
+ .get_key_size = _get_key_size,
+ .get_block_size = _get_block_size,
+ .set_key = _set_key,
+ .destroy = _destroy,
+ },
+ },
+ .cmac = cmac,
+ .block_size = min(truncation, cmac->get_block_size(cmac)),
+ );
+
+ return &this->public;
+}
--- /dev/null
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup cmac_signer cmac_signer
+ * @{ @ingroup cmac_p
+ */
+
+#ifndef CMAC_SIGNER_H_
+#define CMAC_SIGNER_H_
+
+typedef struct cmac_signer_t cmac_signer_t;
+
+#include <crypto/signers/signer.h>
+
+/**
+ * Implementation of signer_t on CBC symmetric cipher using CMAC, RFC 4494.
+ */
+struct cmac_signer_t {
+
+ /**
+ * Implements signer_t interface.
+ */
+ signer_t signer;
+};
+
+/**
+ * Creates a new cmac_signer_t.
+ *
+ * @param algo algorithm to implement
+ * @return cmac_signer_t, NULL if not supported
+ */
+cmac_signer_t *cmac_signer_create(integrity_algorithm_t algo);
+
+#endif /** CMAC_SIGNER_H_ @}*/
projects / strongswan.git / commitdiff