mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
AES: Extend key wrap implementation to support longer data
This extends the "XOR t" operation in aes_wrap() and aes_unwrap() to handle up to four octets of the n*h+i value instead of just the least significant octet. This allows the plaintext be longer than 336 octets which was the previous limit. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
eefec1e40b
commit
a256506ddc
@ -29,6 +29,7 @@ int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher,
|
|||||||
u8 a[8], *r, b[AES_BLOCK_SIZE];
|
u8 a[8], *r, b[AES_BLOCK_SIZE];
|
||||||
int i, j;
|
int i, j;
|
||||||
void *ctx;
|
void *ctx;
|
||||||
|
unsigned int t;
|
||||||
|
|
||||||
/* 1) Initialize variables. */
|
/* 1) Initialize variables. */
|
||||||
os_memcpy(a, cipher, 8);
|
os_memcpy(a, cipher, 8);
|
||||||
@ -50,7 +51,11 @@ int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher,
|
|||||||
r = plain + (n - 1) * 8;
|
r = plain + (n - 1) * 8;
|
||||||
for (i = n; i >= 1; i--) {
|
for (i = n; i >= 1; i--) {
|
||||||
os_memcpy(b, a, 8);
|
os_memcpy(b, a, 8);
|
||||||
b[7] ^= n * j + i;
|
t = n * j + i;
|
||||||
|
b[7] ^= t;
|
||||||
|
b[6] ^= t >> 8;
|
||||||
|
b[5] ^= t >> 16;
|
||||||
|
b[4] ^= t >> 24;
|
||||||
|
|
||||||
os_memcpy(b + 8, r, 8);
|
os_memcpy(b + 8, r, 8);
|
||||||
aes_decrypt(ctx, b, b);
|
aes_decrypt(ctx, b, b);
|
||||||
|
@ -28,6 +28,7 @@ int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
|
|||||||
u8 *a, *r, b[AES_BLOCK_SIZE];
|
u8 *a, *r, b[AES_BLOCK_SIZE];
|
||||||
int i, j;
|
int i, j;
|
||||||
void *ctx;
|
void *ctx;
|
||||||
|
unsigned int t;
|
||||||
|
|
||||||
a = cipher;
|
a = cipher;
|
||||||
r = cipher + 8;
|
r = cipher + 8;
|
||||||
@ -54,7 +55,11 @@ int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
|
|||||||
os_memcpy(b + 8, r, 8);
|
os_memcpy(b + 8, r, 8);
|
||||||
aes_encrypt(ctx, b, b);
|
aes_encrypt(ctx, b, b);
|
||||||
os_memcpy(a, b, 8);
|
os_memcpy(a, b, 8);
|
||||||
a[7] ^= n * j + i;
|
t = n * j + i;
|
||||||
|
a[7] ^= t;
|
||||||
|
a[6] ^= t >> 8;
|
||||||
|
a[5] ^= t >> 16;
|
||||||
|
a[4] ^= t >> 24;
|
||||||
os_memcpy(r, b + 8, 8);
|
os_memcpy(r, b + 8, 8);
|
||||||
r += 8;
|
r += 8;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user