From 1ba787b954233c785f572c7d010b3049e5297ece Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 17 Aug 2009 20:27:25 +0300 Subject: [PATCH] Remove unneeded aes_i.h inclusion from number of places The BLOCK_SIZE define can be made more specific by using AES_ prefix and by moving it to aes.h. After this, most aes-*.c do not really need to include anything from the internal aes_i.h header file. In other words, aes_i.h can now be used only for the code that uses the internal AES block operation implementation and none of the code that can use AES implementation from an external library do not need to include this header file. --- src/crypto/aes-cbc.c | 28 ++++++++++++++-------------- src/crypto/aes-ctr.c | 10 +++++----- src/crypto/aes-eax.c | 12 +++++++----- src/crypto/aes-encblock.c | 2 +- src/crypto/aes-omac1.c | 24 ++++++++++++------------ src/crypto/aes-unwrap.c | 2 +- src/crypto/aes-wrap.c | 2 +- src/crypto/aes.h | 2 ++ src/crypto/aes_i.h | 2 -- 9 files changed, 43 insertions(+), 41 deletions(-) diff --git a/src/crypto/aes-cbc.c b/src/crypto/aes-cbc.c index 9601dd880..4e4cd7f91 100644 --- a/src/crypto/aes-cbc.c +++ b/src/crypto/aes-cbc.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_128_cbc_encrypt - AES-128 CBC encryption @@ -29,22 +29,22 @@ int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) { void *ctx; - u8 cbc[BLOCK_SIZE]; + u8 cbc[AES_BLOCK_SIZE]; u8 *pos = data; int i, j, blocks; ctx = aes_encrypt_init(key, 16); if (ctx == NULL) return -1; - os_memcpy(cbc, iv, BLOCK_SIZE); + os_memcpy(cbc, iv, AES_BLOCK_SIZE); - blocks = data_len / BLOCK_SIZE; + blocks = data_len / AES_BLOCK_SIZE; for (i = 0; i < blocks; i++) { - for (j = 0; j < BLOCK_SIZE; j++) + for (j = 0; j < AES_BLOCK_SIZE; j++) cbc[j] ^= pos[j]; aes_encrypt(ctx, cbc, cbc); - os_memcpy(pos, cbc, BLOCK_SIZE); - pos += BLOCK_SIZE; + os_memcpy(pos, cbc, AES_BLOCK_SIZE); + pos += AES_BLOCK_SIZE; } aes_encrypt_deinit(ctx); return 0; @@ -62,23 +62,23 @@ int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) { void *ctx; - u8 cbc[BLOCK_SIZE], tmp[BLOCK_SIZE]; + u8 cbc[AES_BLOCK_SIZE], tmp[AES_BLOCK_SIZE]; u8 *pos = data; int i, j, blocks; ctx = aes_decrypt_init(key, 16); if (ctx == NULL) return -1; - os_memcpy(cbc, iv, BLOCK_SIZE); + os_memcpy(cbc, iv, AES_BLOCK_SIZE); - blocks = data_len / BLOCK_SIZE; + blocks = data_len / AES_BLOCK_SIZE; for (i = 0; i < blocks; i++) { - os_memcpy(tmp, pos, BLOCK_SIZE); + os_memcpy(tmp, pos, AES_BLOCK_SIZE); aes_decrypt(ctx, pos, pos); - for (j = 0; j < BLOCK_SIZE; j++) + for (j = 0; j < AES_BLOCK_SIZE; j++) pos[j] ^= cbc[j]; - os_memcpy(cbc, tmp, BLOCK_SIZE); - pos += BLOCK_SIZE; + os_memcpy(cbc, tmp, AES_BLOCK_SIZE); + pos += AES_BLOCK_SIZE; } aes_decrypt_deinit(ctx); return 0; diff --git a/src/crypto/aes-ctr.c b/src/crypto/aes-ctr.c index 7722b8c63..997f4282b 100644 --- a/src/crypto/aes-ctr.c +++ b/src/crypto/aes-ctr.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_128_ctr_encrypt - AES-128 CTR mode encryption @@ -33,23 +33,23 @@ int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, size_t j, len, left = data_len; int i; u8 *pos = data; - u8 counter[BLOCK_SIZE], buf[BLOCK_SIZE]; + u8 counter[AES_BLOCK_SIZE], buf[AES_BLOCK_SIZE]; ctx = aes_encrypt_init(key, 16); if (ctx == NULL) return -1; - os_memcpy(counter, nonce, BLOCK_SIZE); + os_memcpy(counter, nonce, AES_BLOCK_SIZE); while (left > 0) { aes_encrypt(ctx, counter, buf); - len = (left < BLOCK_SIZE) ? left : BLOCK_SIZE; + len = (left < AES_BLOCK_SIZE) ? left : AES_BLOCK_SIZE; for (j = 0; j < len; j++) pos[j] ^= buf[j]; pos += len; left -= len; - for (i = BLOCK_SIZE - 1; i >= 0; i--) { + for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) { counter[i]++; if (counter[i]) break; diff --git a/src/crypto/aes-eax.c b/src/crypto/aes-eax.c index 3fd622005..d5c397151 100644 --- a/src/crypto/aes-eax.c +++ b/src/crypto/aes-eax.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" #include "aes_wrap.h" /** @@ -37,7 +37,8 @@ int aes_128_eax_encrypt(const u8 *key, const u8 *nonce, size_t nonce_len, { u8 *buf; size_t buf_len; - u8 nonce_mac[BLOCK_SIZE], hdr_mac[BLOCK_SIZE], data_mac[BLOCK_SIZE]; + u8 nonce_mac[AES_BLOCK_SIZE], hdr_mac[AES_BLOCK_SIZE], + data_mac[AES_BLOCK_SIZE]; int i, ret = -1; if (nonce_len > data_len) @@ -71,7 +72,7 @@ int aes_128_eax_encrypt(const u8 *key, const u8 *nonce, size_t nonce_len, if (omac1_aes_128(key, buf, 16 + data_len, data_mac)) goto fail; - for (i = 0; i < BLOCK_SIZE; i++) + for (i = 0; i < AES_BLOCK_SIZE; i++) tag[i] = nonce_mac[i] ^ data_mac[i] ^ hdr_mac[i]; ret = 0; @@ -100,7 +101,8 @@ int aes_128_eax_decrypt(const u8 *key, const u8 *nonce, size_t nonce_len, { u8 *buf; size_t buf_len; - u8 nonce_mac[BLOCK_SIZE], hdr_mac[BLOCK_SIZE], data_mac[BLOCK_SIZE]; + u8 nonce_mac[AES_BLOCK_SIZE], hdr_mac[AES_BLOCK_SIZE], + data_mac[AES_BLOCK_SIZE]; int i; if (nonce_len > data_len) @@ -140,7 +142,7 @@ int aes_128_eax_decrypt(const u8 *key, const u8 *nonce, size_t nonce_len, os_free(buf); - for (i = 0; i < BLOCK_SIZE; i++) { + for (i = 0; i < AES_BLOCK_SIZE; i++) { if (tag[i] != (nonce_mac[i] ^ data_mac[i] ^ hdr_mac[i])) return -2; } diff --git a/src/crypto/aes-encblock.c b/src/crypto/aes-encblock.c index 4cbe09329..a1d56f54f 100644 --- a/src/crypto/aes-encblock.c +++ b/src/crypto/aes-encblock.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_128_encrypt_block - Perform one AES 128-bit block operation diff --git a/src/crypto/aes-omac1.c b/src/crypto/aes-omac1.c index fdcec8314..d9712b520 100644 --- a/src/crypto/aes-omac1.c +++ b/src/crypto/aes-omac1.c @@ -16,18 +16,18 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" static void gf_mulx(u8 *pad) { int i, carry; carry = pad[0] & 0x80; - for (i = 0; i < BLOCK_SIZE - 1; i++) + for (i = 0; i < AES_BLOCK_SIZE - 1; i++) pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7); - pad[BLOCK_SIZE - 1] <<= 1; + pad[AES_BLOCK_SIZE - 1] <<= 1; if (carry) - pad[BLOCK_SIZE - 1] ^= 0x87; + pad[AES_BLOCK_SIZE - 1] ^= 0x87; } @@ -48,14 +48,14 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { void *ctx; - u8 cbc[BLOCK_SIZE], pad[BLOCK_SIZE]; + u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE]; const u8 *pos, *end; size_t i, e, left, total_len; ctx = aes_encrypt_init(key, 16); if (ctx == NULL) return -1; - os_memset(cbc, 0, BLOCK_SIZE); + os_memset(cbc, 0, AES_BLOCK_SIZE); total_len = 0; for (e = 0; e < num_elem; e++) @@ -66,8 +66,8 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, pos = addr[0]; end = pos + len[0]; - while (left >= BLOCK_SIZE) { - for (i = 0; i < BLOCK_SIZE; i++) { + while (left >= AES_BLOCK_SIZE) { + for (i = 0; i < AES_BLOCK_SIZE; i++) { cbc[i] ^= *pos++; if (pos >= end) { e++; @@ -75,12 +75,12 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, end = pos + len[e]; } } - if (left > BLOCK_SIZE) + if (left > AES_BLOCK_SIZE) aes_encrypt(ctx, cbc, cbc); - left -= BLOCK_SIZE; + left -= AES_BLOCK_SIZE; } - os_memset(pad, 0, BLOCK_SIZE); + os_memset(pad, 0, AES_BLOCK_SIZE); aes_encrypt(ctx, pad, pad); gf_mulx(pad); @@ -97,7 +97,7 @@ int omac1_aes_128_vector(const u8 *key, size_t num_elem, gf_mulx(pad); } - for (i = 0; i < BLOCK_SIZE; i++) + for (i = 0; i < AES_BLOCK_SIZE; i++) pad[i] ^= cbc[i]; aes_encrypt(ctx, pad, mac); aes_encrypt_deinit(ctx); diff --git a/src/crypto/aes-unwrap.c b/src/crypto/aes-unwrap.c index 87797ea73..afaa47a28 100644 --- a/src/crypto/aes-unwrap.c +++ b/src/crypto/aes-unwrap.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_unwrap - Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) diff --git a/src/crypto/aes-wrap.c b/src/crypto/aes-wrap.c index 7ded1170e..1f9cd45ba 100644 --- a/src/crypto/aes-wrap.c +++ b/src/crypto/aes-wrap.c @@ -16,7 +16,7 @@ #include "includes.h" #include "common.h" -#include "aes_i.h" +#include "aes.h" /** * aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) diff --git a/src/crypto/aes.h b/src/crypto/aes.h index 6b9f4147a..ba384a9da 100644 --- a/src/crypto/aes.h +++ b/src/crypto/aes.h @@ -15,6 +15,8 @@ #ifndef AES_H #define AES_H +#define AES_BLOCK_SIZE 16 + void * aes_encrypt_init(const u8 *key, size_t len); void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); void aes_encrypt_deinit(void *ctx); diff --git a/src/crypto/aes_i.h b/src/crypto/aes_i.h index 49ad421cf..6b40bc781 100644 --- a/src/crypto/aes_i.h +++ b/src/crypto/aes_i.h @@ -17,8 +17,6 @@ #include "aes.h" -#define BLOCK_SIZE 16 - /* #define FULL_UNROLL */ #define AES_SMALL_TABLES