Return-Path: <cyrus@holtmann.org>
From: Lukasz Rymanowski <lukasz.rymanowski@tieto.com>
To: linux-bluetooth@vger.kernel.org
Cc: Lukasz Rymanowski <lukasz.rymanowski@tieto.com>
Subject: [PATCH 2/3] shared/crypto: Add support to sign data with AES-CMAC
Date: Wed, 14 May 2014 11:04:25 +0200
Message-Id: <1400058266-31790-2-git-send-email-lukasz.rymanowski@tieto.com>
In-Reply-To: <1400058266-31790-1-git-send-email-lukasz.rymanowski@tieto.com>
References: <1400058266-31790-1-git-send-email-lukasz.rymanowski@tieto.com>
Sender: linux-bluetooth-owner@vger.kernel.org
List-ID: <linux-bluetooth.vger.kernel.org>

This patch adds support to generate hash using AES-CMAC algorithm
---
 src/shared/crypto.c | 37 +++++++++++++++++++++++++++++++++++++
 src/shared/crypto.h |  4 ++++
 2 files changed, 41 insertions(+)

diff --git a/src/shared/crypto.c b/src/shared/crypto.c
index f0b2979..a0bcc7b 100644
--- a/src/shared/crypto.c
+++ b/src/shared/crypto.c
@@ -256,6 +256,43 @@ static inline void swap128(const uint8_t src[16], uint8_t dst[16])
 		dst[15 - i] = src[i];
 }
 
+bool bt_crypto_cmac_aes_hash(struct bt_crypto *crypto,
+					const uint8_t key[16],
+					const uint8_t *m, uint16_t m_len,
+					uint8_t hash[12])
+{
+	int fd;
+	int len;
+	uint8_t tmp[16], out[16];
+
+	if (!crypto)
+		return false;
+
+	/* The most significant octet of key corresponds to key[0] */
+	swap128(key, tmp);
+
+	fd = alg_new(crypto->cmac_aes, tmp, 16);
+	if (fd < 0)
+		return false;
+
+	len = send(fd, m, m_len, 0);
+	if (len < 0)
+		return false;
+
+	len = read(fd, out, 16);
+	if (len < 0)
+		return false;
+
+	/*
+	 * The most significant octet of hash corresponds to out[0]  - swap it.
+	 * Then truncate in most significant bit first order to a length of
+	 * 12 octets
+	 */
+	swap128(out, tmp);
+	memcpy(hash, tmp + 4, 12);
+
+	return true;
+}
 /*
  * Security function e
  *
diff --git a/src/shared/crypto.h b/src/shared/crypto.h
index cae8daa..05888b9 100644
--- a/src/shared/crypto.h
+++ b/src/shared/crypto.h
@@ -46,3 +46,7 @@ bool bt_crypto_c1(struct bt_crypto *crypto, const uint8_t k[16],
 bool bt_crypto_s1(struct bt_crypto *crypto, const uint8_t k[16],
 			const uint8_t r1[16], const uint8_t r2[16],
 			uint8_t res[16]);
+bool bt_crypto_cmac_aes_hash(struct bt_crypto *crypto,
+					const uint8_t key[16],
+					const uint8_t *m, uint16_t m_len,
+					uint8_t hash[12]);
-- 
1.8.4