@ -61,26 +61,33 @@ static void pad_block(u8 *pad, const u8 *addr, size_t len)
}
static int aes_s2v ( const u8 * key , size_t num_elem, const u8 * addr [ ] ,
size_t * len , u8 * mac )
static int aes_s2v ( const u8 * key , size_t key_len ,
size_t num_elem , const u8 * addr [ ] , size_t * len , u8 * mac )
{
u8 tmp [ AES_BLOCK_SIZE ] , tmp2 [ AES_BLOCK_SIZE ] ;
u8 * buf = NULL ;
int ret ;
size_t i ;
const u8 * data [ 1 ] ;
size_t data_len [ 1 ] ;
if ( ! num_elem ) {
os_memcpy ( tmp , zero , sizeof ( zero ) ) ;
tmp [ AES_BLOCK_SIZE - 1 ] = 1 ;
return omac1_aes_128 ( key , tmp , sizeof ( tmp ) , mac ) ;
data [ 0 ] = tmp ;
data_len [ 0 ] = sizeof ( tmp ) ;
return omac1_aes_vector ( key , key_len , 1 , data , data_len , mac ) ;
}
ret = omac1_aes_128 ( key , zero , sizeof ( zero ) , tmp ) ;
data [ 0 ] = zero ;
data_len [ 0 ] = sizeof ( zero ) ;
ret = omac1_aes_vector ( key , key_len , 1 , data , data_len , tmp ) ;
if ( ret )
return ret ;
for ( i = 0 ; i < num_elem - 1 ; i + + ) {
ret = omac1_aes_128 ( key , addr [ i ] , len [ i ] , tmp2 ) ;
ret = omac1_aes_vector ( key , key_len , 1 , & addr [ i ] , & len [ i ] ,
tmp2 ) ;
if ( ret )
return ret ;
@ -94,7 +101,8 @@ static int aes_s2v(const u8 *key, size_t num_elem, const u8 *addr[],
os_memcpy ( buf , addr [ i ] , len [ i ] ) ;
xorend ( buf , len [ i ] , tmp , AES_BLOCK_SIZE ) ;
ret = omac1_aes_128 ( key , buf , len [ i ] , mac ) ;
data [ 0 ] = buf ;
ret = omac1_aes_vector ( key , key_len , 1 , data , & len [ i ] , mac ) ;
bin_clear_free ( buf , len [ i ] ) ;
return ret ;
}
@ -103,24 +111,32 @@ static int aes_s2v(const u8 *key, size_t num_elem, const u8 *addr[],
pad_block ( tmp2 , addr [ i ] , len [ i ] ) ;
xor ( tmp , tmp2 ) ;
return omac1_aes_128 ( key , tmp , sizeof ( tmp ) , mac ) ;
data [ 0 ] = tmp ;
data_len [ 0 ] = sizeof ( tmp ) ;
return omac1_aes_vector ( key , key_len , 1 , data , data_len , mac ) ;
}
int aes_siv_encrypt ( const u8 * key , const u8 * pw ,
size_t pwlen , size_t num_elem ,
const u8 * addr [ ] , const size_t * len , u8 * out )
int aes_siv_encrypt ( const u8 * key , size_t key_len ,
const u8 * pw , size_t pwlen ,
size_t num_elem , const u8 * addr [ ] , const size_t * len ,
u8 * out )
{
const u8 * _addr [ 6 ] ;
size_t _len [ 6 ] ;
const u8 * k1 = key , * k2 = key + 16 ;
const u8 * k1 , * k2 ;
u8 v [ AES_BLOCK_SIZE ] ;
size_t i ;
u8 * iv , * crypt_pw ;
if ( num_elem > ARRAY_SIZE ( _addr ) - 1 )
if ( num_elem > ARRAY_SIZE ( _addr ) - 1 | |
( key_len ! = 32 & & key_len ! = 48 & & key_len ! = 64 ) )
return - 1 ;
key_len / = 2 ;
k1 = key ;
k2 = key + key_len ;
for ( i = 0 ; i < num_elem ; i + + ) {
_addr [ i ] = addr [ i ] ;
_len [ i ] = len [ i ] ;
@ -128,7 +144,7 @@ int aes_siv_encrypt(const u8 *key, const u8 *pw,
_addr [ num_elem ] = pw ;
_len [ num_elem ] = pwlen ;
if ( aes_s2v ( k1 , num_elem + 1 , _addr , _len , v ) )
if ( aes_s2v ( k1 , key_len, num_elem + 1 , _addr , _len , v ) )
return - 1 ;
iv = out ;
@ -140,26 +156,31 @@ int aes_siv_encrypt(const u8 *key, const u8 *pw,
/* zero out 63rd and 31st bits of ctr (from right) */
v [ 8 ] & = 0x7f ;
v [ 12 ] & = 0x7f ;
return aes_ 128_ ctr_encrypt( k2 , v , crypt_pw , pwlen ) ;
return aes_ ctr_encrypt( k2 , key_len , v , crypt_pw , pwlen ) ;
}
int aes_siv_decrypt ( const u8 * key , const u8 * iv_crypt , size_t iv_c_len ,
int aes_siv_decrypt ( const u8 * key , size_t key_len ,
const u8 * iv_crypt , size_t iv_c_len ,
size_t num_elem , const u8 * addr [ ] , const size_t * len ,
u8 * out )
{
const u8 * _addr [ 6 ] ;
size_t _len [ 6 ] ;
const u8 * k1 = key , * k2 = key + 16 ;
const u8 * k1 , * k2 ;
size_t crypt_len ;
size_t i ;
int ret ;
u8 iv [ AES_BLOCK_SIZE ] ;
u8 check [ AES_BLOCK_SIZE ] ;
if ( iv_c_len < AES_BLOCK_SIZE | | num_elem > ARRAY_SIZE ( _addr ) - 1 )
if ( iv_c_len < AES_BLOCK_SIZE | | num_elem > ARRAY_SIZE ( _addr ) - 1 | |
( key_len ! = 32 & & key_len ! = 48 & & key_len ! = 64 ) )
return - 1 ;
crypt_len = iv_c_len - AES_BLOCK_SIZE ;
key_len / = 2 ;
k1 = key ;
k2 = key + key_len ;
for ( i = 0 ; i < num_elem ; i + + ) {
_addr [ i ] = addr [ i ] ;
@ -174,11 +195,11 @@ int aes_siv_decrypt(const u8 *key, const u8 *iv_crypt, size_t iv_c_len,
iv [ 8 ] & = 0x7f ;
iv [ 12 ] & = 0x7f ;
ret = aes_ 128_ ctr_encrypt( k2 , iv , out , crypt_len ) ;
ret = aes_ ctr_encrypt( k2 , key_len , iv , out , crypt_len ) ;
if ( ret )
return ret ;
ret = aes_s2v ( k1 , num_elem + 1 , _addr , _len , check ) ;
ret = aes_s2v ( k1 , key_len, num_elem + 1 , _addr , _len , check ) ;
if ( ret )
return ret ;
if ( os_memcmp ( check , iv_crypt , AES_BLOCK_SIZE ) = = 0 )