From 41936957b39c2f3cf7ef2eba182608a242c9c611 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 13 May 2014 13:18:17 +0200
Subject: [PATCH] Add AES-CCM and CAMELLIA-CCM to the cipher layer

---
 include/polarssl/cipher.h |   7 ++
 library/cipher.c          |  33 ++++++++-
 library/cipher_wrap.c     | 138 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 176 insertions(+), 2 deletions(-)

diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 59015929b..4325f9fa1 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -120,6 +120,12 @@ typedef enum {
     POLARSSL_CIPHER_BLOWFISH_CFB64,
     POLARSSL_CIPHER_BLOWFISH_CTR,
     POLARSSL_CIPHER_ARC4_128,
+    POLARSSL_CIPHER_AES_128_CCM,
+    POLARSSL_CIPHER_AES_192_CCM,
+    POLARSSL_CIPHER_AES_256_CCM,
+    POLARSSL_CIPHER_CAMELLIA_128_CCM,
+    POLARSSL_CIPHER_CAMELLIA_192_CCM,
+    POLARSSL_CIPHER_CAMELLIA_256_CCM,
 } cipher_type_t;
 
 typedef enum {
@@ -131,6 +137,7 @@ typedef enum {
     POLARSSL_MODE_CTR,
     POLARSSL_MODE_GCM,
     POLARSSL_MODE_STREAM,
+    POLARSSL_MODE_CCM,
 } cipher_mode_t;
 
 typedef enum {
diff --git a/library/cipher.c b/library/cipher.c
index d8b416ad7..4f76b487a 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -42,6 +42,10 @@
 #include "polarssl/gcm.h"
 #endif
 
+#if defined(POLARSSL_CCM_C)
+#include "polarssl/ccm.h"
+#endif
+
 #include <stdlib.h>
 
 #if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
@@ -818,7 +822,16 @@ int cipher_auth_encrypt( cipher_context_t *ctx,
                                    iv, iv_len, ad, ad_len, input, output,
                                    tag_len, tag ) );
     }
-#endif
+#endif /* POLARSSL_GCM_C */
+#if defined(POLARSSL_CCM_C)
+    if( POLARSSL_MODE_CCM == ctx->cipher_info->mode )
+    {
+        *olen = ilen;
+        return( ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
+                                     iv, iv_len, ad, ad_len, input, output,
+                                     tag, tag_len ) );
+    }
+#endif /* POLARSSL_CCM_C */
 
     return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
 }
@@ -848,7 +861,23 @@ int cipher_auth_decrypt( cipher_context_t *ctx,
 
         return( ret );
     }
-#endif
+#endif /* POLARSSL_GCM_C */
+#if defined(POLARSSL_CCM_C)
+    if( POLARSSL_MODE_CCM == ctx->cipher_info->mode )
+    {
+        int ret;
+
+        *olen = ilen;
+        ret = ccm_auth_decrypt( ctx->cipher_ctx, ilen,
+                                iv, iv_len, ad, ad_len,
+                                input, output, tag, tag_len );
+
+        if( ret == POLARSSL_ERR_CCM_AUTH_FAILED )
+            ret = POLARSSL_ERR_CIPHER_AUTH_FAILED;
+
+        return( ret );
+    }
+#endif /* POLARSSL_CCM_C */
 
     return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
 }
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index a8bf4abef..e80a3655a 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -61,6 +61,10 @@
 #include "polarssl/gcm.h"
 #endif
 
+#if defined(POLARSSL_CCM_C)
+#include "polarssl/ccm.h"
+#endif
+
 #if defined(POLARSSL_PLATFORM_C)
 #include "polarssl/platform.h"
 #else
@@ -84,6 +88,20 @@ static void gcm_ctx_free( void *ctx )
 }
 #endif /* POLARSSL_GCM_C */
 
+#if defined(POLARSSL_CCM_C)
+/* shared by all CCM ciphers */
+static void *ccm_ctx_alloc( void )
+{
+    return polarssl_malloc( sizeof( ccm_context ) );
+}
+
+static void ccm_ctx_free( void *ctx )
+{
+    ccm_free( ctx );
+    polarssl_free( ctx );
+}
+#endif /* POLARSSL_CCM_C */
+
 #if defined(POLARSSL_AES_C)
 
 static int aes_crypt_ecb_wrap( void *ctx, operation_t operation,
@@ -378,6 +396,61 @@ const cipher_info_t aes_256_gcm_info = {
 };
 #endif /* POLARSSL_GCM_C */
 
+#if defined(POLARSSL_CCM_C)
+static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key,
+                                unsigned int key_length )
+{
+    return ccm_init( (ccm_context *) ctx, POLARSSL_CIPHER_ID_AES,
+                     key, key_length );
+}
+
+const cipher_base_t ccm_aes_info = {
+    POLARSSL_CIPHER_ID_AES,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    ccm_aes_setkey_wrap,
+    ccm_aes_setkey_wrap,
+    ccm_ctx_alloc,
+    ccm_ctx_free,
+};
+
+const cipher_info_t aes_128_ccm_info = {
+    POLARSSL_CIPHER_AES_128_CCM,
+    POLARSSL_MODE_CCM,
+    128,
+    "AES-128-CCM",
+    12,
+    1,
+    16,
+    &ccm_aes_info
+};
+
+const cipher_info_t aes_192_ccm_info = {
+    POLARSSL_CIPHER_AES_192_CCM,
+    POLARSSL_MODE_CCM,
+    192,
+    "AES-192-CCM",
+    12,
+    1,
+    16,
+    &ccm_aes_info
+};
+
+const cipher_info_t aes_256_ccm_info = {
+    POLARSSL_CIPHER_AES_256_CCM,
+    POLARSSL_MODE_CCM,
+    256,
+    "AES-256-CCM",
+    12,
+    1,
+    16,
+    &ccm_aes_info
+};
+#endif /* POLARSSL_CCM_C */
+
 #endif /* POLARSSL_AES_C */
 
 #if defined(POLARSSL_CAMELLIA_C)
@@ -676,6 +749,61 @@ const cipher_info_t camellia_256_gcm_info = {
 };
 #endif /* POLARSSL_GCM_C */
 
+#if defined(POLARSSL_CCM_C)
+static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
+                                     unsigned int key_length )
+{
+    return ccm_init( (ccm_context *) ctx, POLARSSL_CIPHER_ID_CAMELLIA,
+                     key, key_length );
+}
+
+const cipher_base_t ccm_camellia_info = {
+    POLARSSL_CIPHER_ID_CAMELLIA,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    ccm_camellia_setkey_wrap,
+    ccm_camellia_setkey_wrap,
+    ccm_ctx_alloc,
+    ccm_ctx_free,
+};
+
+const cipher_info_t camellia_128_ccm_info = {
+    POLARSSL_CIPHER_CAMELLIA_128_CCM,
+    POLARSSL_MODE_CCM,
+    128,
+    "CAMELLIA-128-CCM",
+    12,
+    1,
+    16,
+    &ccm_camellia_info
+};
+
+const cipher_info_t camellia_192_ccm_info = {
+    POLARSSL_CIPHER_CAMELLIA_192_CCM,
+    POLARSSL_MODE_CCM,
+    192,
+    "CAMELLIA-192-CCM",
+    12,
+    1,
+    16,
+    &ccm_camellia_info
+};
+
+const cipher_info_t camellia_256_ccm_info = {
+    POLARSSL_CIPHER_CAMELLIA_256_CCM,
+    POLARSSL_MODE_CCM,
+    256,
+    "CAMELLIA-256-CCM",
+    12,
+    1,
+    16,
+    &ccm_camellia_info
+};
+#endif /* POLARSSL_CCM_C */
+
 #endif /* POLARSSL_CAMELLIA_C */
 
 #if defined(POLARSSL_DES_C)
@@ -1217,6 +1345,11 @@ const cipher_definition_t cipher_definitions[] =
     { POLARSSL_CIPHER_AES_192_GCM,          &aes_192_gcm_info },
     { POLARSSL_CIPHER_AES_256_GCM,          &aes_256_gcm_info },
 #endif
+#if defined(POLARSSL_CCM_C)
+    { POLARSSL_CIPHER_AES_128_CCM,          &aes_128_ccm_info },
+    { POLARSSL_CIPHER_AES_192_CCM,          &aes_192_ccm_info },
+    { POLARSSL_CIPHER_AES_256_CCM,          &aes_256_ccm_info },
+#endif
 #endif /* POLARSSL_AES_C */
 
 #if defined(POLARSSL_ARC4_C)
@@ -1260,6 +1393,11 @@ const cipher_definition_t cipher_definitions[] =
     { POLARSSL_CIPHER_CAMELLIA_192_GCM,     &camellia_192_gcm_info },
     { POLARSSL_CIPHER_CAMELLIA_256_GCM,     &camellia_256_gcm_info },
 #endif
+#if defined(POLARSSL_CCM_C)
+    { POLARSSL_CIPHER_CAMELLIA_128_CCM,     &camellia_128_ccm_info },
+    { POLARSSL_CIPHER_CAMELLIA_192_CCM,     &camellia_192_ccm_info },
+    { POLARSSL_CIPHER_CAMELLIA_256_CCM,     &camellia_256_ccm_info },
+#endif
 #endif /* POLARSSL_CAMELLIA_C */
 
 #if defined(POLARSSL_DES_C)