diff --git a/src/crypto/aes-cbc.c b/src/crypto/aes-cbc.c index 9601dd880..4e4cd7f91 100644 --- a/src/crypto/aes-cbc.c +++ b/src/crypto/aes-cbc.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_128_cbc_encrypt - AES-128 CBC encryption @@ -29,22 +29,22 @@ int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) { void *ctx; - u8 cbc[BLOCK_SIZE]; + u8 cbc[AES_BLOCK_SIZE]; u8 *pos = data; int i, j, blocks; ctx = aes_encrypt_init(key, 16); if (ctx == NULL) return -1; - os_memcpy(cbc, iv, BLOCK_SIZE); + os_memcpy(cbc, iv, AES_BLOCK_SIZE); - blocks = data_len / BLOCK_SIZE; + blocks = data_len / AES_BLOCK_SIZE; for (i = 0; i < blocks; i++) { - for (j = 0; j < BLOCK_SIZE; j++) + for (j = 0; j < AES_BLOCK_SIZE; j++) cbc[j] ^= pos[j]; aes_encrypt(ctx, cbc, cbc); - os_memcpy(pos, cbc, BLOCK_SIZE); - pos += BLOCK_SIZE; + os_memcpy(pos, cbc, AES_BLOCK_SIZE); + pos += AES_BLOCK_SIZE; } aes_encrypt_deinit(ctx); return 0; @@ -62,23 +62,23 @@ int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) { void *ctx; - u8 cbc[BLOCK_SIZE], tmp[BLOCK_SIZE]; + u8 cbc[AES_BLOCK_SIZE], tmp[AES_BLOCK_SIZE]; u8 *pos = data; int i, j, blocks; ctx = aes_decrypt_init(key, 16); if (ctx == NULL) return -1; - os_memcpy(cbc, iv, BLOCK_SIZE); + os_memcpy(cbc, iv, AES_BLOCK_SIZE); - blocks = data_len / BLOCK_SIZE; + blocks = data_len / AES_BLOCK_SIZE; for (i = 0; i < blocks; i++) { - os_memcpy(tmp, pos, BLOCK_SIZE); + os_memcpy(tmp, pos, AES_BLOCK_SIZE); aes_decrypt(ctx, pos, pos); - for (j = 0; j < BLOCK_SIZE; j++) + for (j = 0; j < AES_BLOCK_SIZE; j++) pos[j] ^= cbc[j]; - os_memcpy(cbc, tmp, BLOCK_SIZE); - pos += BLOCK_SIZE; + os_memcpy(cbc, tmp, AES_BLOCK_SIZE); + pos += AES_BLOCK_SIZE; } aes_decrypt_deinit(ctx); return 0; diff --git a/src/crypto/aes-ctr.c b/src/crypto/aes-ctr.c index 7722b8c63..997f4282b 100644 --- a/src/crypto/aes-ctr.c +++ b/src/crypto/aes-ctr.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_128_ctr_encrypt - AES-128 CTR mode encryption @@ -33,23 +33,23 @@ int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, size_t j, len, left = data_len; int i; u8 *pos = data; - u8 counter[BLOCK_SIZE], buf[BLOCK_SIZE]; + u8 counter[AES_BLOCK_SIZE], buf[AES_BLOCK_SIZE]; ctx = aes_encrypt_init(key, 16); if (ctx == NULL) return -1; - os_memcpy(counter, nonce, BLOCK_SIZE); + os_memcpy(counter, nonce, AES_BLOCK_SIZE); while (left > 0) { aes_encrypt(ctx, counter, buf); - len = (left < BLOCK_SIZE) ? left : BLOCK_SIZE; + len = (left < AES_BLOCK_SIZE) ? left : AES_BLOCK_SIZE; for (j = 0; j < len; j++) pos[j] ^= buf[j]; pos += len; left -= len; - for (i = BLOCK_SIZE - 1; i >= 0; i--) { + for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) { counter[i]++; if (counter[i]) break; diff --git a/src/crypto/aes-eax.c b/src/crypto/aes-eax.c index 3fd622005..d5c397151 100644 --- a/src/crypto/aes-eax.c +++ b/src/crypto/aes-eax.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" #include "aes_wrap.h" /** @@ -37,7 +37,8 @@ int aes_128_eax_encrypt(const u8 *key, const u8 *nonce, size_t nonce_len, { u8 *buf; size_t buf_len; - u8 nonce_mac[BLOCK_SIZE], hdr_mac[BLOCK_SIZE], data_mac[BLOCK_SIZE]; + u8 nonce_mac[AES_BLOCK_SIZE], hdr_mac[AES_BLOCK_SIZE], + data_mac[AES_BLOCK_SIZE]; int i, ret = -1; if (nonce_len > data_len) @@ -71,7 +72,7 @@ int aes_128_eax_encrypt(const u8 *key, const u8 *nonce, size_t nonce_len, if (omac1_aes_128(key, buf, 16 + data_len, data_mac)) goto fail; - for (i = 0; i < BLOCK_SIZE; i++) + for (i = 0; i < AES_BLOCK_SIZE; i++) tag[i] = nonce_mac[i] ^ data_mac[i] ^ hdr_mac[i]; ret = 0; @@ -100,7 +101,8 @@ int aes_128_eax_decrypt(const u8 *key, const u8 *nonce, size_t nonce_len, { u8 *buf; size_t buf_len; - u8 nonce_mac[BLOCK_SIZE], hdr_mac[BLOCK_SIZE], data_mac[BLOCK_SIZE]; + u8 nonce_mac[AES_BLOCK_SIZE], hdr_mac[AES_BLOCK_SIZE], + data_mac[AES_BLOCK_SIZE]; int i; if (nonce_len > data_len) @@ -140,7 +142,7 @@ int aes_128_eax_decrypt(const u8 *key, const u8 *nonce, size_t nonce_len, os_free(buf); - for (i = 0; i < BLOCK_SIZE; i++) { + for (i = 0; i < AES_BLOCK_SIZE; i++) { if (tag[i] != (nonce_mac[i] ^ data_mac[i] ^ hdr_mac[i])) return -2; } diff --git a/src/crypto/aes-encblock.c b/src/crypto/aes-encblock.c index 4cbe09329..a1d56f54f 100644 --- a/src/crypto/aes-encblock.c +++ b/src/crypto/aes-encblock.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_128_encrypt_block - Perform one AES 128-bit block operation diff --git a/src/crypto/aes-omac1.c b/src/crypto/aes-omac1.c index fdcec8314..d9712b520 100644 --- a/src/crypto/aes-omac1.c +++ b/src/crypto/aes-omac1.c @@ -16,18 +16,18 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" static void gf_mulx(u8 *pad) { int i, carry; carry = pad[0] & 0x80; - for (i = 0; i < BLOCK_SIZE - 1; i++) + for (i = 0; i < AES_BLOCK_SIZE - 1; i++) pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7); - pad[BLOCK_SIZE - 1] <<= 1; + pad[AES_BLOCK_SIZE - 1] <<= 1; if (carry) - pad[BLOCK_SIZE - 1] ^= 0x87; + pad[AES_BLOCK_SIZE - 1] ^= 0x87; } @@ -48,14 +48,14 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { void *ctx; - u8 cbc[BLOCK_SIZE], pad[BLOCK_SIZE]; + u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE]; const u8 *pos, *end; size_t i, e, left, total_len; ctx = aes_encrypt_init(key, 16); if (ctx == NULL) return -1; - os_memset(cbc, 0, BLOCK_SIZE); + os_memset(cbc, 0, AES_BLOCK_SIZE); total_len = 0; for (e = 0; e < num_elem; e++) @@ -66,8 +66,8 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, pos = addr[0]; end = pos + len[0]; - while (left >= BLOCK_SIZE) { - for (i = 0; i < BLOCK_SIZE; i++) { + while (left >= AES_BLOCK_SIZE) { + for (i = 0; i < AES_BLOCK_SIZE; i++) { cbc[i] ^= *pos++; if (pos >= end) { e++; @@ -75,12 +75,12 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, end = pos + len[e]; } } - if (left > BLOCK_SIZE) + if (left > AES_BLOCK_SIZE) aes_encrypt(ctx, cbc, cbc); - left -= BLOCK_SIZE; + left -= AES_BLOCK_SIZE; } - os_memset(pad, 0, BLOCK_SIZE); + os_memset(pad, 0, AES_BLOCK_SIZE); aes_encrypt(ctx, pad, pad); gf_mulx(pad); @@ -97,7 +97,7 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, gf_mulx(pad); } - for (i = 0; i < BLOCK_SIZE; i++) + for (i = 0; i < AES_BLOCK_SIZE; i++) pad[i] ^= cbc[i]; aes_encrypt(ctx, pad, mac); aes_encrypt_deinit(ctx); diff --git a/src/crypto/aes-unwrap.c b/src/crypto/aes-unwrap.c index 87797ea73..afaa47a28 100644 --- a/src/crypto/aes-unwrap.c +++ b/src/crypto/aes-unwrap.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_unwrap - Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) diff --git a/src/crypto/aes-wrap.c b/src/crypto/aes-wrap.c index 7ded1170e..1f9cd45ba 100644 --- a/src/crypto/aes-wrap.c +++ b/src/crypto/aes-wrap.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) diff --git a/src/crypto/aes.h b/src/crypto/aes.h index 6b9f4147a..ba384a9da 100644 --- a/src/crypto/aes.h +++ b/src/crypto/aes.h @@ -15,6 +15,8 @@ #ifndef AES_H #define AES_H +#define AES_BLOCK_SIZE 16 + void * aes_encrypt_init(const u8 *key, size_t len); void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); void aes_encrypt_deinit(void *ctx); diff --git a/src/crypto/aes_i.h b/src/crypto/aes_i.h index 49ad421cf..6b40bc781 100644 --- a/src/crypto/aes_i.h +++ b/src/crypto/aes_i.h @@ -17,8 +17,6 @@ #include "aes.h" -#define BLOCK_SIZE 16 - /* #define FULL_UNROLL */ #define AES_SMALL_TABLES