aes_cmac.c
Go to the documentation of this file.
00001 /*
00002  * AES-128-CMAC with TLen 16 for IEEE 802.11w BIP
00003  * Copyright 2008, Jouni Malinen <j@w1.fi>
00004  *
00005  * This program is free software; you can redistribute it and/or modify
00006  * it under the terms of the GNU General Public License version 2 as
00007  * published by the Free Software Foundation.
00008  */
00009 
00010 #include <linux/kernel.h>
00011 #include <linux/types.h>
00012 #include <linux/crypto.h>
00013 #include <linux/err.h>
00014 #include <crypto/aes.h>
00015 
00016 #include <net/mac80211.h>
00017 #include "key.h"
00018 #include "aes_cmac.h"
00019 
00020 #define AES_CMAC_KEY_LEN 16
00021 #define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */
00022 #define AAD_LEN 20
00023 
00024 
00025 static void gf_mulx(u8 *pad)
00026 {
00027         int i, carry;
00028 
00029         carry = pad[0] & 0x80;
00030         for (i = 0; i < AES_BLOCK_SIZE - 1; i++)
00031                 pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
00032         pad[AES_BLOCK_SIZE - 1] <<= 1;
00033         if (carry)
00034                 pad[AES_BLOCK_SIZE - 1] ^= 0x87;
00035 }
00036 
00037 
00038 static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
00039                                 const u8 *addr[], const size_t *len, u8 *mac)
00040 {
00041         u8 scratch[2 * AES_BLOCK_SIZE];
00042         u8 *cbc, *pad;
00043         const u8 *pos, *end;
00044         size_t i, e, left, total_len;
00045 
00046         cbc = scratch;
00047         pad = scratch + AES_BLOCK_SIZE;
00048 
00049         memset(cbc, 0, AES_BLOCK_SIZE);
00050 
00051         total_len = 0;
00052         for (e = 0; e < num_elem; e++)
00053                 total_len += len[e];
00054         left = total_len;
00055 
00056         e = 0;
00057         pos = addr[0];
00058         end = pos + len[0];
00059 
00060         while (left >= AES_BLOCK_SIZE) {
00061                 for (i = 0; i < AES_BLOCK_SIZE; i++) {
00062                         cbc[i] ^= *pos++;
00063                         if (pos >= end) {
00064                                 e++;
00065                                 pos = addr[e];
00066                                 end = pos + len[e];
00067                         }
00068                 }
00069                 if (left > AES_BLOCK_SIZE)
00070                         crypto_cipher_encrypt_one(tfm, cbc, cbc);
00071                 left -= AES_BLOCK_SIZE;
00072         }
00073 
00074         memset(pad, 0, AES_BLOCK_SIZE);
00075         crypto_cipher_encrypt_one(tfm, pad, pad);
00076         gf_mulx(pad);
00077 
00078         if (left || total_len == 0) {
00079                 for (i = 0; i < left; i++) {
00080                         cbc[i] ^= *pos++;
00081                         if (pos >= end) {
00082                                 e++;
00083                                 pos = addr[e];
00084                                 end = pos + len[e];
00085                         }
00086                 }
00087                 cbc[left] ^= 0x80;
00088                 gf_mulx(pad);
00089         }
00090 
00091         for (i = 0; i < AES_BLOCK_SIZE; i++)
00092                 pad[i] ^= cbc[i];
00093         crypto_cipher_encrypt_one(tfm, pad, pad);
00094         memcpy(mac, pad, CMAC_TLEN);
00095 }
00096 
00097 
00098 void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
00099                         const u8 *data, size_t data_len, u8 *mic)
00100 {
00101         const u8 *addr[3];
00102         size_t len[3];
00103         u8 zero[CMAC_TLEN];
00104 
00105         memset(zero, 0, CMAC_TLEN);
00106         addr[0] = aad;
00107         len[0] = AAD_LEN;
00108         addr[1] = data;
00109         len[1] = data_len - CMAC_TLEN;
00110         addr[2] = zero;
00111         len[2] = CMAC_TLEN;
00112 
00113         aes_128_cmac_vector(tfm, 3, addr, len, mic);
00114 }
00115 
00116 
00117 struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[])
00118 {
00119         struct crypto_cipher *tfm;
00120 
00121         tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
00122         if (!IS_ERR(tfm))
00123                 crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
00124 
00125         return tfm;
00126 }
00127 
00128 
00129 void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm)
00130 {
00131         crypto_free_cipher(tfm);
00132 }


ros_rt_wmp
Author(s): Danilo Tardioli, dantard@unizar.es
autogenerated on Fri Jan 3 2014 12:07:54