aes-eax.c

Go to the documentation of this file.
00001 
00017 #include "includes.h"
00018 
00019 #include "common.h"
00020 #include "aes.h"
00021 #include "aes_wrap.h"
00022 
00036 int aes_128_eax_encrypt(const u8 *key, const u8 *nonce, size_t nonce_len,
00037                         const u8 *hdr, size_t hdr_len,
00038                         u8 *data, size_t data_len, u8 *tag)
00039 {
00040         u8 *buf;
00041         size_t buf_len;
00042         u8 nonce_mac[AES_BLOCK_SIZE], hdr_mac[AES_BLOCK_SIZE],
00043                 data_mac[AES_BLOCK_SIZE];
00044         int i, ret = -1;
00045 
00046         if (nonce_len > data_len)
00047                 buf_len = nonce_len;
00048         else
00049                 buf_len = data_len;
00050         if (hdr_len > buf_len)
00051                 buf_len = hdr_len;
00052         buf_len += 16;
00053 
00054         buf = os_malloc(buf_len);
00055         if (buf == NULL)
00056                 return -1;
00057 
00058         os_memset(buf, 0, 15);
00059 
00060         buf[15] = 0;
00061         os_memcpy(buf + 16, nonce, nonce_len);
00062         if (omac1_aes_128(key, buf, 16 + nonce_len, nonce_mac))
00063                 goto fail;
00064 
00065         buf[15] = 1;
00066         os_memcpy(buf + 16, hdr, hdr_len);
00067         if (omac1_aes_128(key, buf, 16 + hdr_len, hdr_mac))
00068                 goto fail;
00069 
00070         if (aes_128_ctr_encrypt(key, nonce_mac, data, data_len))
00071                 goto fail;
00072         buf[15] = 2;
00073         os_memcpy(buf + 16, data, data_len);
00074         if (omac1_aes_128(key, buf, 16 + data_len, data_mac))
00075                 goto fail;
00076 
00077         for (i = 0; i < AES_BLOCK_SIZE; i++)
00078                 tag[i] = nonce_mac[i] ^ data_mac[i] ^ hdr_mac[i];
00079 
00080         ret = 0;
00081 fail:
00082         os_free(buf);
00083 
00084         return ret;
00085 }
00086 
00087 
00101 int aes_128_eax_decrypt(const u8 *key, const u8 *nonce, size_t nonce_len,
00102                         const u8 *hdr, size_t hdr_len,
00103                         u8 *data, size_t data_len, const u8 *tag)
00104 {
00105         u8 *buf;
00106         size_t buf_len;
00107         u8 nonce_mac[AES_BLOCK_SIZE], hdr_mac[AES_BLOCK_SIZE],
00108                 data_mac[AES_BLOCK_SIZE];
00109         int i;
00110 
00111         if (nonce_len > data_len)
00112                 buf_len = nonce_len;
00113         else
00114                 buf_len = data_len;
00115         if (hdr_len > buf_len)
00116                 buf_len = hdr_len;
00117         buf_len += 16;
00118 
00119         buf = os_malloc(buf_len);
00120         if (buf == NULL)
00121                 return -1;
00122 
00123         os_memset(buf, 0, 15);
00124 
00125         buf[15] = 0;
00126         os_memcpy(buf + 16, nonce, nonce_len);
00127         if (omac1_aes_128(key, buf, 16 + nonce_len, nonce_mac)) {
00128                 os_free(buf);
00129                 return -1;
00130         }
00131 
00132         buf[15] = 1;
00133         os_memcpy(buf + 16, hdr, hdr_len);
00134         if (omac1_aes_128(key, buf, 16 + hdr_len, hdr_mac)) {
00135                 os_free(buf);
00136                 return -1;
00137         }
00138 
00139         buf[15] = 2;
00140         os_memcpy(buf + 16, data, data_len);
00141         if (omac1_aes_128(key, buf, 16 + data_len, data_mac)) {
00142                 os_free(buf);
00143                 return -1;
00144         }
00145 
00146         os_free(buf);
00147 
00148         for (i = 0; i < AES_BLOCK_SIZE; i++) {
00149                 if (tag[i] != (nonce_mac[i] ^ data_mac[i] ^ hdr_mac[i]))
00150                         return -2;
00151         }
00152 
00153         return aes_128_ctr_encrypt(key, nonce_mac, data, data_len);
00154 }
00155
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Defines
Generated on Sat Nov 21 23:16:49 2009 for hostapd by  doxygen 1.6.1