cmac: improve argument order and naming
- always use the pattern "buffer, length" - avoid using unqualified "length" as a name when there are more than one
This commit is contained in:
Manuel Pégourié-Gonnard
Simon Butcher
parent
3d23b1d5ed
commit
690083c21d
@ -77,24 +77,24 @@ void mbedtls_cmac_free( mbedtls_cmac_context *ctx );
|
||||
* \brief CMAC generate
|
||||
*
|
||||
* \param ctx CMAC context
|
||||
* \param length length of the input data in bytes
|
||||
* \param input buffer holding the input data
|
||||
* \param in_len length of the input data in bytes
|
||||
* \param tag buffer for holding the generated tag
|
||||
* \param tag_len length of the tag to generate in bytes
|
||||
* must be between 4, 6, 8, 10, 14 or 16
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int mbedtls_cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
const unsigned char *input,
|
||||
int mbedtls_cmac_generate( mbedtls_cmac_context *ctx,
|
||||
const unsigned char *input, size_t in_len,
|
||||
unsigned char *tag, size_t tag_len );
|
||||
|
||||
/**
|
||||
* \brief CMAC verify
|
||||
*
|
||||
* \param ctx CMAC context
|
||||
* \param length length of the input data in bytes
|
||||
* \param input buffer holding the input data
|
||||
* \param in_len length of the input data in bytes
|
||||
* \param tag buffer holding the tag to verify
|
||||
* \param tag_len length of the tag to verify in bytes
|
||||
* must be 4, 6, 8, 10, 14 or 16
|
||||
@ -102,25 +102,25 @@ int mbedtls_cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
* \return 0 if successful and authenticated,
|
||||
* MBEDTLS_ERR_CMAC_VERIFY_FAILED if tag does not match
|
||||
*/
|
||||
int mbedtls_cmac_verify( mbedtls_cmac_context *ctx, size_t length,
|
||||
const unsigned char *input,
|
||||
int mbedtls_cmac_verify( mbedtls_cmac_context *ctx,
|
||||
const unsigned char *input, size_t in_len,
|
||||
const unsigned char *tag, size_t tag_len );
|
||||
|
||||
/**
|
||||
* \brief AES-CMAC-128-PRF
|
||||
*
|
||||
* \param ctx CMAC context
|
||||
* \param length length of the input data in bytes
|
||||
* \param key PRF key
|
||||
* \param key_len PRF key length
|
||||
* \param input buffer holding the input data
|
||||
* \param in_len length of the input data in bytes
|
||||
* \param tag buffer holding the tag to verify (16 bytes)
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx, size_t length,
|
||||
int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx,
|
||||
const unsigned char *key, size_t key_len,
|
||||
const unsigned char *input,
|
||||
const unsigned char *input, size_t in_len,
|
||||
unsigned char *tag );
|
||||
|
||||
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
|
||||
|
||||
@ -200,8 +200,8 @@ static void padding(const unsigned char *lastb, unsigned char *pad, const size_t
|
||||
/*
|
||||
* Generate tag on complete message
|
||||
*/
|
||||
static int cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
const unsigned char *input,
|
||||
static int cmac_generate( mbedtls_cmac_context *ctx,
|
||||
const unsigned char *input, size_t in_len,
|
||||
unsigned char *tag, size_t tag_len )
|
||||
{
|
||||
unsigned char Mn[16];
|
||||
@ -211,7 +211,7 @@ static int cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
size_t olen;
|
||||
|
||||
/*
|
||||
* Check length requirements: SP800-38B A
|
||||
* Check in_len requirements: SP800-38B A
|
||||
* 4 is a worst case bottom limit
|
||||
*/
|
||||
if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 )
|
||||
@ -220,7 +220,7 @@ static int cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
/* TODO: Use cipher padding function? */
|
||||
// mbedtls_cipher_set_padding_mode( ctx->cipher, MBEDTLS_PADDING_ONE_AND_ZEROS );
|
||||
|
||||
n = ( length + 15 ) / 16; /* n is number of rounds */
|
||||
n = ( in_len + 15 ) / 16; /* n is number of rounds */
|
||||
|
||||
if( n == 0 )
|
||||
{
|
||||
@ -229,7 +229,7 @@ static int cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
}
|
||||
else
|
||||
{
|
||||
flag = ( ( length % 16 ) == 0);
|
||||
flag = ( ( in_len % 16 ) == 0);
|
||||
}
|
||||
|
||||
/* Calculate last block */
|
||||
@ -241,7 +241,7 @@ static int cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
else
|
||||
{
|
||||
/* TODO: Use cipher padding function? */
|
||||
padding( &input[16 * (n - 1)], padded, length % 16 );
|
||||
padding( &input[16 * (n - 1)], padded, in_len % 16 );
|
||||
XOR_128( padded, ctx->K2, M_last );
|
||||
}
|
||||
|
||||
@ -259,18 +259,18 @@ static int cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
||||
const unsigned char *input,
|
||||
int mbedtls_cmac_generate( mbedtls_cmac_context *ctx,
|
||||
const unsigned char *input, size_t in_len,
|
||||
unsigned char *tag, size_t tag_len )
|
||||
{
|
||||
return( cmac_generate( ctx, length, input, tag, tag_len ) );
|
||||
return( cmac_generate( ctx, input, in_len, tag, tag_len ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Authenticated decryption
|
||||
*/
|
||||
int mbedtls_cmac_verify( mbedtls_cmac_context *ctx, size_t length,
|
||||
const unsigned char *input,
|
||||
int mbedtls_cmac_verify( mbedtls_cmac_context *ctx,
|
||||
const unsigned char *input, size_t in_len,
|
||||
const unsigned char *tag, size_t tag_len )
|
||||
{
|
||||
int ret;
|
||||
@ -278,7 +278,7 @@ int mbedtls_cmac_verify( mbedtls_cmac_context *ctx, size_t length,
|
||||
unsigned char i;
|
||||
int diff;
|
||||
|
||||
if( ( ret = cmac_generate( ctx, length, input, check_tag, tag_len) ) != 0 )
|
||||
if( ( ret = cmac_generate( ctx, input, in_len, check_tag, tag_len) ) != 0 )
|
||||
{
|
||||
return ret;
|
||||
}
|
||||
@ -297,9 +297,9 @@ int mbedtls_cmac_verify( mbedtls_cmac_context *ctx, size_t length,
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx, size_t length,
|
||||
int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx,
|
||||
const unsigned char *key, size_t key_length,
|
||||
const unsigned char *input,
|
||||
const unsigned char *input, size_t in_len,
|
||||
unsigned char *tag )
|
||||
{
|
||||
int ret;
|
||||
@ -323,7 +323,7 @@ int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx, size_t length,
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
ret = mbedtls_cmac_generate( &zero_ctx, key_length, key, int_key, 16 );
|
||||
ret = mbedtls_cmac_generate( &zero_ctx, key, key_length, int_key, 16 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
return( ret );
|
||||
@ -335,7 +335,7 @@ int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx, size_t length,
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
return( mbedtls_cmac_generate( ctx, length, input, tag, 16 ) );
|
||||
return( mbedtls_cmac_generate( ctx, input, in_len, tag, 16 ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
|
||||
@ -473,7 +473,7 @@ int mbedtls_cmac_self_test( int verbose )
|
||||
{
|
||||
mbedtls_printf( " AES-128-CMAC #%u: ", i );
|
||||
|
||||
ret = mbedtls_cmac_generate( &ctx, Mlen[i], M, tag, 16 );
|
||||
ret = mbedtls_cmac_generate( &ctx, M, Mlen[i], tag, 16 );
|
||||
if( ret != 0 ||
|
||||
memcmp( tag, T[i], 16 ) != 0 )
|
||||
{
|
||||
@ -482,7 +482,7 @@ int mbedtls_cmac_self_test( int verbose )
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
ret = mbedtls_cmac_verify( &ctx, Mlen[i], M, T[i], 16 );
|
||||
ret = mbedtls_cmac_verify( &ctx, M, Mlen[i], T[i], 16 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
@ -499,7 +499,7 @@ int mbedtls_cmac_self_test( int verbose )
|
||||
{
|
||||
mbedtls_printf( " AES-CMAC-128-PRF #%u: ", i );
|
||||
|
||||
mbedtls_aes_cmac_prf_128( &ctx, 20, PRFK, PRFKlen[i], PRFM, tag);
|
||||
mbedtls_aes_cmac_prf_128( &ctx, PRFK, PRFKlen[i], PRFM, 20, tag);
|
||||
|
||||
if( ret != 0 ||
|
||||
memcmp( tag, PRFT[i], 16 ) != 0 )
|
||||
|
||||
Loading…
Reference in New Issue
Block a user