c635af72396c2fd46d47542a6538f36c1ac7b4b6
[strongswan.git] / src / pluto / alg / ike_alg_aes.c
1 #include <stdio.h>
2 #include <string.h>
3 #include <stddef.h>
4 #include <sys/types.h>
5 #include <freeswan.h>
6
7 #include "constants.h"
8 #include "defs.h"
9 #include "log.h"
10 #include "libaes/aes_cbc.h"
11 #include "alg_info.h"
12 #include "ike_alg.h"
13
14 #define AES_CBC_BLOCK_SIZE (128/BITS_PER_BYTE)
15 #define AES_KEY_MIN_LEN 128
16 #define AES_KEY_DEF_LEN 128
17 #define AES_KEY_MAX_LEN 256
18
19 static void
20 do_aes(u_int8_t *buf, size_t buf_len, u_int8_t *key, size_t key_size, u_int8_t *iv, bool enc)
21 {
22 aes_context aes_ctx;
23 char iv_bak[AES_CBC_BLOCK_SIZE];
24 char *new_iv = NULL; /* logic will avoid copy to NULL */
25
26 aes_set_key(&aes_ctx, key, key_size, 0);
27
28 /*
29 * my AES cbc does not touch passed IV (optimization for
30 * ESP handling), so I must "emulate" des-like IV
31 * crunching
32 */
33 if (!enc)
34 memcpy(new_iv=iv_bak, (char*) buf + buf_len - AES_CBC_BLOCK_SIZE
35 , AES_CBC_BLOCK_SIZE);
36
37 SS_AES_cbc_encrypt(&aes_ctx, buf, buf, buf_len, iv, enc);
38
39 if (enc)
40 new_iv = (char*) buf + buf_len-AES_CBC_BLOCK_SIZE;
41
42 memcpy(iv, new_iv, AES_CBC_BLOCK_SIZE);
43 }
44
45 struct encrypt_desc algo_aes =
46 {
47 algo_type: IKE_ALG_ENCRYPT,
48 algo_id: OAKLEY_AES_CBC,
49 algo_next: NULL,
50 enc_ctxsize: sizeof(aes_context),
51 enc_blocksize: AES_CBC_BLOCK_SIZE,
52 keyminlen: AES_KEY_MIN_LEN,
53 keydeflen: AES_KEY_DEF_LEN,
54 keymaxlen: AES_KEY_MAX_LEN,
55 do_crypt: do_aes,
56 };
57
58 int ike_alg_aes_init(void);
59
60 int
61 ike_alg_aes_init(void)
62 {
63 int ret = ike_alg_register_enc(&algo_aes);
64 return ret;
65 }
66 /*
67 IKE_ALG_INIT_NAME: ike_alg_aes_init
68 */