Minor CMAC fixes for merge
diff --git a/configs/config-thread.h b/configs/config-thread.h
index 3193a04..fdfa64a 100644
--- a/configs/config-thread.h
+++ b/configs/config-thread.h
@@ -39,6 +39,7 @@
/* mbed TLS feature support */
#define MBEDTLS_AES_ROM_TABLES
+#define MBEDTLS_CMAC_C
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
#define MBEDTLS_ECP_NIST_OPTIM
#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 75cdcbc..8ebe438 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -77,6 +77,11 @@
#error "MBEDTLS_DHM_C defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_CMAC_C) && \
+ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_DES_C)
+#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
+#endif
+
#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 5a09761..10c8633 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -3,7 +3,7 @@
*
* \brief The CMAC Mode for Authentication
*
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index f6f431b..2a49642 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1681,7 +1681,7 @@
* Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_DES_C
*
*/
-#define MBEDTLS_CMAC_C
+//#define MBEDTLS_CMAC_C
/**
* \def MBEDTLS_CTR_DRBG_C
diff --git a/library/cmac.c b/library/cmac.c
index d8c809b..e57e024 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -1,7 +1,8 @@
/*
- * NIST SP800-38B compliant CMAC implementation
+ * \file cmac.c
+ * \brief NIST SP800-38B compliant CMAC implementation
*
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -20,9 +21,10 @@
*/
/*
- * Definition of CMAC:
- * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
- * RFC 4493 "The AES-CMAC Algorithm"
+ * References:
+ * - CMAC: NIST SP 800-38B
+ * - CMAC PRF: RFC 4493
+ * - Additional test vectors: ISO/IEC 9797-1
*/
#if !defined(MBEDTLS_CONFIG_FILE)
@@ -72,7 +74,7 @@
*/
static int cmac_multiply_by_u( unsigned char *output,
const unsigned char *input,
- size_t blocksize )
+ size_t blocksize )
{
const unsigned char R_128 = 0x87;
const unsigned char R_64 = 0x1B;
@@ -151,7 +153,7 @@
exit:
if( L != NULL )
mbedtls_zeroize( L, sizeof( L ) );
- mbedtls_free( L );
+ mbedtls_free( L );
return( ret );
}
@@ -200,9 +202,8 @@
*/
void mbedtls_cmac_free( mbedtls_cmac_context *ctx )
{
- int block_size;
- block_size = ctx->cipher_ctx.cipher_info->block_size;
-
+ int block_size;
+ block_size = ctx->cipher_ctx.cipher_info->block_size;
mbedtls_cipher_free( &ctx->cipher_ctx );
if( ctx->K1 != NULL )
@@ -220,7 +221,7 @@
* CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
*/
static void cmac_pad( unsigned char padded_block[16],
- size_t padded_block_len,
+ size_t padded_block_len,
const unsigned char *last_block,
size_t last_block_len )
{
@@ -418,7 +419,7 @@
exit:
mbedtls_zeroize( int_key, sizeof( int_key ) );
mbedtls_cmac_free( &ctx );
- return( ret );
+ return( ret );
}
#endif /* MBEDTLS_AES_C */
