Add 3DES CMAC for ARM #3054
Add 3DES CMAC for ARM #3054
Conversation
| You are welcome to add an entry to the CHANGELOG.md as well |
aaronjamt force-pushed the patch-3des-cmac branch from 87200ab to 63fc2b4 Compare | Just realized I somehow managed to commit the files in the wrong folder, fixed now. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
armsrc/cmac_3des.c Dismissed
| uint8_t L[8] = {0}; | ||
| | ||
| // Step 1: L = 3DES-ENC(0^64) | ||
| mbedtls_des3_crypt_ecb(ctx, L, L); |
Check failure
Code scanning / CodeQL
Use of a broken or risky cryptographic algorithm High
There was a problem hiding this comment.
Thanks 😆
This is intentional
There was a problem hiding this comment.
It looks like there's no way for me to suppress this error from my end, it has to be dismissed by a repository admin: https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/resolving-code-scanning-alerts#dismissing-alerts
There was a problem hiding this comment.
just ignore it. We all know this project uses legacy crypto and broken crypto.
There was a problem hiding this comment.
Haha, ok then. This won't cause the CI/CD to break after it's merged? I was only concerned because that test failed and I'm not sure if that'll cause other future PRs to also fail there.
| pad[len] = 0x80; | ||
| for (size_t i = len + 1; i < 16; i++) { | ||
| pad[i] = 0x00; | ||
| } |
There was a problem hiding this comment.
you can remove the loop with a simple call to memset before the memcpy call.
memset(pad, 0x00, len); memcpy(pad, lastb, len); pad[len] = 0x80; There was a problem hiding this comment.
Might it be better to move this out into some more general utils.c or similar? This ISO7816 style padding is quite common at least in Seos, but I'm sure across the Proxmark codebase.
| hm, hm, is the only different of this function the des_cmac() ? Might just merge it all into cmac_calc.c then. |
No, |
| nay, if it's that much difference then we use this style. I will merge and you can simplify the padding loop in both places with a new PR |
2 participants
I copied the existing AES CMAC (
cmac_calc.c/cmac_calc.h) and modified them to support 3DES. This will be used in a future PR for Seos emulation support, but I figured I'd open this PR now to reduce the amount of code added in that one.