linux/net/mac80211/aes_cmac.c
<<
>>
Prefs
   1/*
   2 * AES-128-CMAC with TLen 16 for IEEE 802.11w BIP
   3 * Copyright 2008, Jouni Malinen <j@w1.fi>
   4 *
   5 * This program is free software; you can redistribute it and/or modify
   6 * it under the terms of the GNU General Public License version 2 as
   7 * published by the Free Software Foundation.
   8 */
   9
  10#include <linux/kernel.h>
  11#include <linux/types.h>
  12#include <linux/crypto.h>
  13#include <linux/err.h>
  14#include <crypto/aes.h>
  15
  16#include <net/mac80211.h>
  17#include "key.h"
  18#include "aes_cmac.h"
  19
  20#define AES_CMAC_KEY_LEN 16
  21#define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */
  22#define AAD_LEN 20
  23
  24
  25static void gf_mulx(u8 *pad)
  26{
  27        int i, carry;
  28
  29        carry = pad[0] & 0x80;
  30        for (i = 0; i < AES_BLOCK_SIZE - 1; i++)
  31                pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
  32        pad[AES_BLOCK_SIZE - 1] <<= 1;
  33        if (carry)
  34                pad[AES_BLOCK_SIZE - 1] ^= 0x87;
  35}
  36
  37
  38static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
  39                                const u8 *addr[], const size_t *len, u8 *mac)
  40{
  41        u8 scratch[2 * AES_BLOCK_SIZE];
  42        u8 *cbc, *pad;
  43        const u8 *pos, *end;
  44        size_t i, e, left, total_len;
  45
  46        cbc = scratch;
  47        pad = scratch + AES_BLOCK_SIZE;
  48
  49        memset(cbc, 0, AES_BLOCK_SIZE);
  50
  51        total_len = 0;
  52        for (e = 0; e < num_elem; e++)
  53                total_len += len[e];
  54        left = total_len;
  55
  56        e = 0;
  57        pos = addr[0];
  58        end = pos + len[0];
  59
  60        while (left >= AES_BLOCK_SIZE) {
  61                for (i = 0; i < AES_BLOCK_SIZE; i++) {
  62                        cbc[i] ^= *pos++;
  63                        if (pos >= end) {
  64                                e++;
  65                                pos = addr[e];
  66                                end = pos + len[e];
  67                        }
  68                }
  69                if (left > AES_BLOCK_SIZE)
  70                        crypto_cipher_encrypt_one(tfm, cbc, cbc);
  71                left -= AES_BLOCK_SIZE;
  72        }
  73
  74        memset(pad, 0, AES_BLOCK_SIZE);
  75        crypto_cipher_encrypt_one(tfm, pad, pad);
  76        gf_mulx(pad);
  77
  78        if (left || total_len == 0) {
  79                for (i = 0; i < left; i++) {
  80                        cbc[i] ^= *pos++;
  81                        if (pos >= end) {
  82                                e++;
  83                                pos = addr[e];
  84                                end = pos + len[e];
  85                        }
  86                }
  87                cbc[left] ^= 0x80;
  88                gf_mulx(pad);
  89        }
  90
  91        for (i = 0; i < AES_BLOCK_SIZE; i++)
  92                pad[i] ^= cbc[i];
  93        crypto_cipher_encrypt_one(tfm, pad, pad);
  94        memcpy(mac, pad, CMAC_TLEN);
  95}
  96
  97
  98void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
  99                        const u8 *data, size_t data_len, u8 *mic)
 100{
 101        const u8 *addr[3];
 102        size_t len[3];
 103        u8 zero[CMAC_TLEN];
 104
 105        memset(zero, 0, CMAC_TLEN);
 106        addr[0] = aad;
 107        len[0] = AAD_LEN;
 108        addr[1] = data;
 109        len[1] = data_len - CMAC_TLEN;
 110        addr[2] = zero;
 111        len[2] = CMAC_TLEN;
 112
 113        aes_128_cmac_vector(tfm, 3, addr, len, mic);
 114}
 115
 116
 117struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[])
 118{
 119        struct crypto_cipher *tfm;
 120
 121        tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
 122        if (!IS_ERR(tfm))
 123                crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
 124
 125        return tfm;
 126}
 127
 128
 129void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm)
 130{
 131        crypto_free_cipher(tfm);
 132}
 133
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.