in source/portable/mbedtls/core_pkcs11_mbedtls.c [3900:3961]
static CK_RV prvInitAESCMAC( P11Session_t * pxSession,
CK_OBJECT_HANDLE hKey,
CK_BYTE_PTR pucKeyData,
CK_ULONG ulKeyDataLength )
{
CK_RV xResult = CKR_OK;
int32_t lMbedTLSResult = -1;
const mbedtls_cipher_info_t * pxCipherInfo = NULL;
size_t ulKeyDataBitLength = 8UL * ulKeyDataLength;
mbedtls_cipher_init( &pxSession->xCMACSecretContext );
pxCipherInfo = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
if( pxCipherInfo == NULL )
{
LogError( ( "Failed to initialize AES-CMAC operation. "
"mbedtls_cipher_info_from_type failed. Consider "
"double checking the mbedtls_md_type_t object "
"that was used." ) );
xResult = CKR_FUNCTION_FAILED;
prvCMACCleanUp( pxSession );
}
if( xResult == CKR_OK )
{
lMbedTLSResult = mbedtls_cipher_setup( &pxSession->xCMACSecretContext,
pxCipherInfo );
if( lMbedTLSResult != 0 )
{
LogError( ( "Failed to initialize AES-CMAC operation. "
"mbedtls_cipher_setup failed: mbed TLS error = %s : %s.",
mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ),
mbedtlsLowLevelCodeOrDefault( lMbedTLSResult ) ) );
prvCMACCleanUp( pxSession );
xResult = CKR_KEY_HANDLE_INVALID;
}
}
if( xResult == CKR_OK )
{
lMbedTLSResult = mbedtls_cipher_cmac_starts( &pxSession->xCMACSecretContext,
pucKeyData, ulKeyDataBitLength );
if( lMbedTLSResult != 0 )
{
LogError( ( "Failed to initialize AES-CMAC operation. "
"mbedtls_md_setup failed: mbed TLS error = %s : %s.",
mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ),
mbedtlsLowLevelCodeOrDefault( lMbedTLSResult ) ) );
prvCMACCleanUp( pxSession );
xResult = CKR_KEY_HANDLE_INVALID;
}
}
if( xResult == CKR_OK )
{
pxSession->xCMACKeyHandle = hKey;
}
return xResult;
}