aes-wrap.c
Go to the documentation of this file.
00001 /*
00002  * AES Key Wrap Algorithm (128-bit KEK) (RFC3394)
00003  *
00004  * Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
00005  *
00006  * This program is free software; you can redistribute it and/or modify
00007  * it under the terms of the GNU General Public License version 2 as
00008  * published by the Free Software Foundation.
00009  *
00010  * Alternatively, this software may be distributed under the terms of BSD
00011  * license.
00012  *
00013  * See README and COPYING for more details.
00014  */
00015 
00016 #include "includes.h"
00017 
00018 #include "common.h"
00019 #include "aes.h"
00020 #include "aes_wrap.h"
00021 
00031 int aes_wrap(const u8 *kek, int n, const u8 *plain, u8 *cipher)
00032 {
00033         u8 *a, *r, b[16];
00034         int i, j;
00035         void *ctx;
00036 
00037         a = cipher;
00038         r = cipher + 8;
00039 
00040         /* 1) Initialize variables. */
00041         os_memset(a, 0xa6, 8);
00042         os_memcpy(r, plain, 8 * n);
00043 
00044         ctx = aes_encrypt_init(kek, 16);
00045         if (ctx == NULL)
00046                 return -1;
00047 
00048         /* 2) Calculate intermediate values.
00049          * For j = 0 to 5
00050          *     For i=1 to n
00051          *         B = AES(K, A | R[i])
00052          *         A = MSB(64, B) ^ t where t = (n*j)+i
00053          *         R[i] = LSB(64, B)
00054          */
00055         for (j = 0; j <= 5; j++) {
00056                 r = cipher + 8;
00057                 for (i = 1; i <= n; i++) {
00058                         os_memcpy(b, a, 8);
00059                         os_memcpy(b + 8, r, 8);
00060                         aes_encrypt(ctx, b, b);
00061                         os_memcpy(a, b, 8);
00062                         a[7] ^= n * j + i;
00063                         os_memcpy(r, b + 8, 8);
00064                         r += 8;
00065                 }
00066         }
00067         aes_encrypt_deinit(ctx);
00068 
00069         /* 3) Output the results.
00070          *
00071          * These are already in @cipher due to the location of temporary
00072          * variables.
00073          */
00074 
00075         return 0;
00076 }


wpa_supplicant
Author(s): Package maintained by Blaise Gassend
autogenerated on Thu Apr 24 2014 15:34:33