aboutsummaryrefslogtreecommitdiffstats
path: root/src/pae
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-10-07 10:48:45 (GMT)
committerJouni Malinen <j@w1.fi>2014-10-07 11:57:06 (GMT)
commiteefec1e40b8721b37aff8187741c824c7913d0f0 (patch)
treebcd9527c290b80feb96101186eb3e3317bf07805 /src/pae
parent98a1571d8890a43c9b5fe1cf21f3a1a0e3d02656 (diff)
downloadhostap-eefec1e40b8721b37aff8187741c824c7913d0f0.zip
hostap-eefec1e40b8721b37aff8187741c824c7913d0f0.tar.gz
hostap-eefec1e40b8721b37aff8187741c824c7913d0f0.tar.bz2
AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and allows AES to be initialized with 192 and 256 bit KEK in addition to the previously supported 128 bit KEK. The test vectors in test-aes.c are extended to cover all the test vectors from RFC 3394. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/pae')
-rw-r--r--src/pae/ieee802_1x_kay.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index 56c195a..b1cf32d 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1451,7 +1451,7 @@ ieee802_1x_mka_encode_dist_sak_body(
os_memcpy(body->sak, cipher_suite_tbl[cs_index].id, CS_ID_LEN);
sak_pos = CS_ID_LEN;
}
- if (aes_wrap(participant->kek.key,
+ if (aes_wrap(participant->kek.key, 16,
cipher_suite_tbl[cs_index].sak_len / 8,
sak->key, body->sak + sak_pos)) {
wpa_printf(MSG_ERROR, "KaY: AES wrap failed");
@@ -1611,7 +1611,7 @@ ieee802_1x_mka_decode_dist_sak_body(
wpa_printf(MSG_ERROR, "KaY-%s: Out of memory", __func__);
return -1;
}
- if (aes_unwrap(participant->kek.key, sak_len >> 3, wrap_sak,
+ if (aes_unwrap(participant->kek.key, 16, sak_len >> 3, wrap_sak,
unwrap_sak)) {
wpa_printf(MSG_ERROR, "KaY: AES unwrap failed");
os_free(unwrap_sak);