aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--hostapd/Android.mk4
-rw-r--r--hostapd/Makefile4
-rw-r--r--src/crypto/crypto_openssl.c27
-rw-r--r--wpa_supplicant/Android.mk4
-rw-r--r--wpa_supplicant/Makefile4
5 files changed, 43 insertions, 0 deletions
diff --git a/hostapd/Android.mk b/hostapd/Android.mk
index 17674f7..6fcefdd 100644
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
@@ -675,7 +675,9 @@ ifdef CONFIG_INTERNAL_AES
AESOBJS += src/crypto/aes-internal.c src/crypto/aes-internal-enc.c
endif
+ifneq ($(CONFIG_TLS), openssl)
AESOBJS += src/crypto/aes-wrap.c
+endif
ifdef NEED_AES_EAX
AESOBJS += src/crypto/aes-eax.c
NEED_AES_CTR=y
@@ -690,9 +692,11 @@ ifdef NEED_AES_OMAC1
AESOBJS += src/crypto/aes-omac1.c
endif
ifdef NEED_AES_UNWRAP
+ifneq ($(CONFIG_TLS), openssl)
NEED_AES_DEC=y
AESOBJS += src/crypto/aes-unwrap.c
endif
+endif
ifdef NEED_AES_CBC
NEED_AES_DEC=y
AESOBJS += src/crypto/aes-cbc.c
diff --git a/hostapd/Makefile b/hostapd/Makefile
index 513eb95..f30a35d 100644
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -669,7 +669,9 @@ ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal.o ../src/crypto/aes-internal-enc.o
endif
+ifneq ($(CONFIG_TLS), openssl)
AESOBJS += ../src/crypto/aes-wrap.o
+endif
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
@@ -684,9 +686,11 @@ ifdef NEED_AES_OMAC1
AESOBJS += ../src/crypto/aes-omac1.o
endif
ifdef NEED_AES_UNWRAP
+ifneq ($(CONFIG_TLS), openssl)
NEED_AES_DEC=y
AESOBJS += ../src/crypto/aes-unwrap.o
endif
+endif
ifdef NEED_AES_CBC
NEED_AES_DEC=y
AESOBJS += ../src/crypto/aes-cbc.o
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index ca44386..f158ef4 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -297,6 +297,33 @@ void aes_decrypt_deinit(void *ctx)
}
+int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
+{
+ AES_KEY actx;
+ int res;
+
+ if (AES_set_encrypt_key(kek, kek_len << 3, &actx))
+ return -1;
+ res = AES_wrap_key(&actx, NULL, cipher, plain, n * 8);
+ OPENSSL_cleanse(&actx, sizeof(actx));
+ return res <= 0 ? -1 : 0;
+}
+
+
+int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher,
+ u8 *plain)
+{
+ AES_KEY actx;
+ int res;
+
+ if (AES_set_decrypt_key(kek, kek_len << 3, &actx))
+ return -1;
+ res = AES_unwrap_key(&actx, NULL, plain, cipher, (n + 1) * 8);
+ OPENSSL_cleanse(&actx, sizeof(actx));
+ return res <= 0 ? -1 : 0;
+}
+
+
int crypto_mod_exp(const u8 *base, size_t base_len,
const u8 *power, size_t power_len,
const u8 *modulus, size_t modulus_len,
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 38041b6..579582b 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -1127,7 +1127,9 @@ ifdef CONFIG_INTERNAL_AES
AESOBJS += src/crypto/aes-internal.c src/crypto/aes-internal-dec.c
endif
+ifneq ($(CONFIG_TLS), openssl)
AESOBJS += src/crypto/aes-unwrap.c
+endif
ifdef NEED_AES_EAX
AESOBJS += src/crypto/aes-eax.c
NEED_AES_CTR=y
@@ -1148,8 +1150,10 @@ endif
endif
ifdef NEED_AES_WRAP
NEED_AES_ENC=y
+ifneq ($(CONFIG_TLS), openssl)
AESOBJS += src/crypto/aes-wrap.c
endif
+endif
ifdef NEED_AES_CBC
NEED_AES_ENC=y
AESOBJS += src/crypto/aes-cbc.c
diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index 2ffb00d..35e5d73 100644
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1142,7 +1142,9 @@ ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal.o ../src/crypto/aes-internal-dec.o
endif
+ifneq ($(CONFIG_TLS), openssl)
AESOBJS += ../src/crypto/aes-unwrap.o
+endif
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
@@ -1166,8 +1168,10 @@ AESOBJS += ../src/crypto/aes-siv.o
endif
ifdef NEED_AES_WRAP
NEED_AES_ENC=y
+ifneq ($(CONFIG_TLS), openssl)
AESOBJS += ../src/crypto/aes-wrap.o
endif
+endif
ifdef NEED_AES_CBC
NEED_AES_ENC=y
AESOBJS += ../src/crypto/aes-cbc.o