summaryrefslogtreecommitdiff
path: root/cesar/cp/secu
diff options
context:
space:
mode:
authorlaranjeiro2009-01-29 14:24:05 +0000
committerlaranjeiro2009-01-29 14:24:05 +0000
commit1a962abfc9ed243c14ef54881d3f706b6c19f0e3 (patch)
tree70daa5b89afed6e1d4f5a76a458509c44bc2970e /cesar/cp/secu
parentc0efb228bff615f9de00dfa7e58b60ad46b292c7 (diff)
cp/secu: Added the TEK function generation. (Closes #64).
git-svn-id: svn+ssh://pessac/svn/cesar/trunk@3898 017c9cb6-072f-447c-8318-d5b54f68fe89
Diffstat (limited to 'cesar/cp/secu')
-rw-r--r--cesar/cp/secu/secu.h15
-rw-r--r--cesar/cp/secu/src/secu.c26
-rw-r--r--cesar/cp/secu/test/src/test-nmk.c67
3 files changed, 107 insertions, 1 deletions
diff --git a/cesar/cp/secu/secu.h b/cesar/cp/secu/secu.h
index eb216a0d04..0b28a04a4b 100644
--- a/cesar/cp/secu/secu.h
+++ b/cesar/cp/secu/secu.h
@@ -149,6 +149,19 @@ cp_secu_dak_gen (const u8 *buffer, uint length)
cp_nid_t
cp_secu_nmk2nid(cp_key_t nmk, u8 security_level);
+/**
+ * Generate the TEK.
+ * \param left the left hash key in the cm_get_key.req MME.
+ * \param left_len the length of the left buffer in bytes.
+ * \param right the right hash key in the cm_get_key.cnf MME.
+ * \param right_len the right length buffer in bytes.
+ * \param output the output buffer.
+ */
+void
+cp_secu_tek_gen (const u32 left[], const uint left_len,
+ const u32 right[], const uint right_len,
+ cp_key_t *output);
+
END_DECLS
-#endif
+#endif /* secu__h__ */
diff --git a/cesar/cp/secu/src/secu.c b/cesar/cp/secu/src/secu.c
index 3becf836d4..ae219872cd 100644
--- a/cesar/cp/secu/src/secu.c
+++ b/cesar/cp/secu/src/secu.c
@@ -18,6 +18,7 @@
#include "cp/secu/defs.h"
#include "cp/secu/secu.h"
#include "cp/secu/pbkdf1.h"
+#include "cp/secu/sha256.h"
#include "cp/secu/inc/pbkdf1.h"
@@ -147,3 +148,28 @@ cp_secu_nmk2nid(cp_key_t nmk, u8 security_level)
return nid;
}
+void
+cp_secu_tek_gen (const u32 left[], const uint left_len,
+ const u32 right[], const uint right_len,
+ cp_key_t *output)
+{
+ u8 sha_buff[left_len + right_len];
+ u8 output_buffer [CP_SECU_SHA256_SIZE];
+ dbg_assert (left);
+ dbg_assert (right);
+ dbg_assert (output);
+
+ /* Insert the left part in the left part of the sha_buf. */
+ memcpy (sha_buff + right_len, left, left_len);
+ memcpy (sha_buff, right, right_len);
+
+ /* Salt is NULL, no salt use for the tek
+ * the first 0 is for the salt length
+ * the second one is for the iteration number.
+ * see HPAV section 7.10.7.2. Paragraph 4 .*/
+ cp_secu_sha256 (sha_buff, left_len + right_len, output_buffer);
+
+ /* Copy the leftmost 16 bytes. */
+ memcpy (output->key, output_buffer, 16);
+}
+
diff --git a/cesar/cp/secu/test/src/test-nmk.c b/cesar/cp/secu/test/src/test-nmk.c
index 8a4ccff687..48d42eff58 100644
--- a/cesar/cp/secu/test/src/test-nmk.c
+++ b/cesar/cp/secu/test/src/test-nmk.c
@@ -21,11 +21,55 @@
#include "lib/test.h"
#include "cp/secu/secu.h"
+#include "cp/secu/defs.h"
#include "cp/secu/aes.h"
#include "cp/secu/sha256.h"
#include "cp/secu/inc/pbkdf1.h"
+uint req [] = {0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c,
+ 0x13121110, 0x17161514, 0x1b1a1918, 0x1f1e1d1c, 0x23222120,
+ 0x27262524, 0x2b2a2928, 0x2f2e2d2c, 0x33323130, 0x37363534,
+ 0x3b3a3938, 0x3f3e3d3c, 0x43424140, 0x47464544, 0x4b4a4948,
+ 0x4f4e4d4c, 0x53525150, 0x57565554, 0x5b5a5958, 0x5f5e5d5c,
+ 0x63626160, 0x67666564, 0x6b6a6968, 0x6f6e6d6c, 0x73727170,
+ 0x77767574, 0x7b7a7978, 0x7f7e7d7c, 0x83828180, 0x87868584,
+ 0x8b8a8988, 0x8f8e8d8c, 0x93929190, 0x97969594, 0x9b9a9998,
+ 0x9f9e9d9c, 0xa3a2a1a0, 0xa7a6a5a4, 0xabaaa9a8, 0xafaeadac,
+ 0xb3b2b1b0, 0xb7b6b5b4, 0xbbbab9b8, 0xbfbebdbc, 0xc3c2c1c0,
+ 0xc7c6c5c4, 0xcbcac9c8, 0xcfcecdcc, 0xd3d2d1d0, 0xd7d6d5d4,
+ 0xdbdad9d8, 0xdfdedddc, 0xe3e2e1e0, 0xe7e6e5e4, 0xebeae9e8,
+ 0xefeeedec, 0xf3f2f1f0, 0xf7f6f5f4, 0xfbfaf9f8, 0xfffefdfc,
+ 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c, 0x13121110,
+ 0x17161514, 0x1b1a1918, 0x1f1e1d1c, 0x23222120, 0x27262524,
+ 0x2b2a2928, 0x2f2e2d2c, 0x33323130, 0x37363534, 0x3b3a3938,
+ 0x3f3e3d3c, 0x43424140, 0x47464544, 0x4b4a4948, 0x4f4e4d4c,
+ 0x53525150, 0x57565554, 0x5b5a5958, 0x5f5e5d5c, 0x63626160,
+ 0x67666564, 0x6b6a6968, 0x6f6e6d6c, 0x73727170, 0x77767574,
+ 0x7b7a7978, 0x7f7e7d7c};
+
+uint cnf [] = {0xfcfdfeff, 0xf8f9fafb, 0xf4f5f6f7, 0xf0f1f2f3,
+ 0xecedeeef, 0xe8e9eaeb, 0xe4e5e6e7, 0xe0e1e2e3, 0xdcdddedf,
+ 0xd8d9dadb, 0xd4d5d6d7, 0xd0d1d2d3, 0xcccdcecf, 0xc8c9cacb,
+ 0xc4c5c6c7, 0xc0c1c2c3, 0xbcbdbebf, 0xb8b9babb, 0xb4b5b6b7,
+ 0xb0b1b2b3, 0xacadaeaf, 0xa8a9aaab, 0xa4a5a6a7, 0xa0a1a2a3,
+ 0x9c9d9e9f, 0x98999a9b, 0x94959697, 0x90919293, 0x8c8d8e8f,
+ 0x88898a8b, 0x84858687, 0x80818283, 0x7c7d7e7f, 0x78797a7b,
+ 0x74757677, 0x70717273, 0x6c6d6e6f, 0x68696a6b, 0x64656667,
+ 0x60616263, 0x5c5d5e5f, 0x58595a5b, 0x54555657, 0x50515253,
+ 0x4c4d4e4f, 0x48494a4b, 0x44454647, 0x40414243, 0x3c3d3e3f,
+ 0x38393a3b, 0x34353637, 0x30313233, 0x2c2d2e2f, 0x28292a2b,
+ 0x24252627, 0x20212223, 0x1c1d1e1f, 0x18191a1b, 0x14151617,
+ 0x10111213, 0x0c0d0e0f, 0x08090a0b, 0x04050607, 0x00010203,
+ 0xfcfdfeff, 0xf8f9fafb, 0xf4f5f6f7, 0xf0f1f2f3, 0xecedeeef,
+ 0xe8e9eaeb, 0xe4e5e6e7, 0xe0e1e2e3, 0xdcdddedf, 0xd8d9dadb,
+ 0xd4d5d6d7, 0xd0d1d2d3, 0xcccdcecf, 0xc8c9cacb, 0xc4c5c6c7,
+ 0xc0c1c2c3, 0xbcbdbebf, 0xb8b9babb, 0xb4b5b6b7, 0xb0b1b2b3,
+ 0xacadaeaf, 0xa8a9aaab, 0xa4a5a6a7, 0xa0a1a2a3, 0x9c9d9e9f,
+ 0x98999a9b, 0x94959697, 0x90919293, 0x8c8d8e8f, 0x88898a8b,
+ 0x84858687, 0x80818283};
+
+
void
test_case_nmk_generation (test_t test)
{
@@ -90,6 +134,28 @@ test_case_nid_generation (test_t test)
test_end;
}
+void
+test_case_tek_generation (test_t test)
+{
+ test_case_begin (test, "Tek generation");
+
+ /* Using example section 13.6.2. */
+ test_begin (test, "TEK")
+ {
+ uint i;
+ u32 res[4] = {0x2d3b6a36, 0xddc60f8a, 0x56c5e8ca, 0xeb4b7d36};
+ cp_key_t tek;
+
+ cp_secu_tek_gen (cnf, sizeof (cnf),
+ req, sizeof (req),
+ &tek);
+
+ for (i = 0; i < 4; i++)
+ test_fail_unless (tek.key[i] == res[i]);
+
+ }
+ test_end;
+}
int
main (void)
@@ -101,6 +167,7 @@ main (void)
test_case_nmk_generation (test);
test_case_dak_generation (test);
test_case_nid_generation (test);
+ test_case_tek_generation (test);
test_result (test);
return test_nb_failed (test) == 0 ? 0 : 1;