iPXE
aes_wrap.c
Go to the documentation of this file.
00001 /*
00002  * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>.
00003  *
00004  * This program is free software; you can redistribute it and/or
00005  * modify it under the terms of the GNU General Public License as
00006  * published by the Free Software Foundation; either version 2 of the
00007  * License, or any later version.
00008  *
00009  * This program is distributed in the hope that it will be useful, but
00010  * WITHOUT ANY WARRANTY; without even the implied warranty of
00011  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00012  * General Public License for more details.
00013  *
00014  * You should have received a copy of the GNU General Public License
00015  * along with this program; if not, write to the Free Software
00016  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
00017  * 02110-1301, USA.
00018  */
00019 
00020 FILE_LICENCE ( GPL2_OR_LATER );
00021 
00022 #include <stdlib.h>
00023 #include <string.h>
00024 #include <ipxe/crypto.h>
00025 #include <ipxe/aes.h>
00026 
00027 /**
00028  * Wrap a key or other data using AES Key Wrap (RFC 3394)
00029  *
00030  * @v kek       Key Encryption Key, 16 bytes
00031  * @v src       Data to encrypt
00032  * @v nblk      Number of 8-byte blocks in @a data
00033  * @ret dest    Encrypted data (8 bytes longer than input)
00034  *
00035  * The algorithm is implemented such that @a src and @a dest may point
00036  * to the same buffer.
00037  */
00038 int aes_wrap ( const void *kek, const void *src, void *dest, int nblk )
00039 {
00040         u8 *A = dest;
00041         u8 B[16];
00042         u8 *R;
00043         int i, j;
00044         void *aes_ctx = malloc ( AES_CTX_SIZE );
00045 
00046         if ( ! aes_ctx )
00047                 return -1;
00048 
00049         cipher_setkey ( &aes_algorithm, aes_ctx, kek, 16 );
00050 
00051         /* Set up */
00052         memset ( A, 0xA6, 8 );
00053         memmove ( dest + 8, src, nblk * 8 );
00054 
00055         /* Wrap */
00056         for ( j = 0; j < 6; j++ ) {
00057                 R = dest + 8;
00058                 for ( i = 1; i <= nblk; i++ ) {
00059                         memcpy ( B, A, 8 );
00060                         memcpy ( B + 8, R, 8 );
00061                         cipher_encrypt ( &aes_algorithm, aes_ctx, B, B, 16 );
00062                         memcpy ( A, B, 8 );
00063                         A[7] ^= ( nblk * j ) + i;
00064                         memcpy ( R, B + 8, 8 );
00065                         R += 8;
00066                 }
00067         }
00068 
00069         free ( aes_ctx );
00070         return 0;
00071 }
00072 
00073 /**
00074  * Unwrap a key or other data using AES Key Wrap (RFC 3394)
00075  *
00076  * @v kek       Key Encryption Key, 16 bytes
00077  * @v src       Data to decrypt
00078  * @v nblk      Number of 8-byte blocks in @e plaintext key
00079  * @ret dest    Decrypted data (8 bytes shorter than input)
00080  * @ret rc      Zero on success, nonzero on IV mismatch
00081  *
00082  * The algorithm is implemented such that @a src and @a dest may point
00083  * to the same buffer.
00084  */
00085 int aes_unwrap ( const void *kek, const void *src, void *dest, int nblk )
00086 {
00087         u8 A[8], B[16];
00088         u8 *R;
00089         int i, j;
00090         void *aes_ctx = malloc ( AES_CTX_SIZE );
00091 
00092         if ( ! aes_ctx )
00093                 return -1;
00094 
00095         cipher_setkey ( &aes_algorithm, aes_ctx, kek, 16 );
00096 
00097         /* Set up */
00098         memcpy ( A, src, 8 );
00099         memmove ( dest, src + 8, nblk * 8 );
00100 
00101         /* Unwrap */
00102         for ( j = 5; j >= 0; j-- ) {
00103                 R = dest + ( nblk - 1 ) * 8;
00104                 for ( i = nblk; i >= 1; i-- ) {
00105                         memcpy ( B, A, 8 );
00106                         memcpy ( B + 8, R, 8 );
00107                         B[7] ^= ( nblk * j ) + i;
00108                         cipher_decrypt ( &aes_algorithm, aes_ctx, B, B, 16 );
00109                         memcpy ( A, B, 8 );
00110                         memcpy ( R, B + 8, 8 );
00111                         R -= 8;
00112                 }
00113         }
00114 
00115         free ( aes_ctx );
00116 
00117         /* Check IV */
00118         for ( i = 0; i < 8; i++ ) {
00119                 if ( A[i] != 0xA6 )
00120                         return -1;
00121         }
00122 
00123         return 0;
00124 }