Annotation of sys/crypto/michael.c, Revision 1.1.1.1
1.1 nbrk 1: /* $OpenBSD: michael.c,v 1.1 2006/03/21 18:40:54 reyk Exp $ */
2:
3: /*
4: * Copyright (c) 2005, 2006 Reyk Floeter <reyk@openbsd.org>
5: *
6: * Permission to use, copy, modify, and distribute this software for any
7: * purpose with or without fee is hereby granted, provided that the above
8: * copyright notice and this permission notice appear in all copies.
9: *
10: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17: */
18:
19: /*
20: * Implementation of the Michael MIC as defined in IEEE 802.11i for TKIP.
21: * The MIC generates a 64bit digest, which shouldn't be used for any other
22: * applications except TKIP.
23: */
24:
25: #include <sys/param.h>
26: #include <sys/systm.h>
27:
28: #include <crypto/michael.h>
29:
30: #define ROL(n, x) (((x) << (n)) | ((x) >> (32 - (n))))
31: #define ROR(n, x) (((x) >> (n)) | ((x) << (32 - (n))))
32: #define VAL32(x) (*((u_int32_t *)(x)))
33: #define XSWAP(x) (((x) & 0xff00ff00UL) >> 8) | ((((x) & 0x00ff00ffUL) << 8))
34:
35: #define MICHAEL_BLOCK(l, r) do { \
36: r ^= ROL(17, l); \
37: l += r; \
38: r ^= XSWAP(l); \
39: l += r; \
40: r ^= ROL(3, l); \
41: l += r; \
42: r ^= ROR(2, l); \
43: l += r; \
44: } while (0)
45:
46: void
47: michael_init(MICHAEL_CTX *ctx)
48: {
49: bzero(ctx, sizeof(MICHAEL_CTX));
50: }
51:
52: void
53: michael_update(MICHAEL_CTX *ctx, const u_int8_t *data, u_int len)
54: {
55: int i;
56:
57: for (i = 0; i < len; i++) {
58: ctx->michael_state |= data[i] << (ctx->michael_count << 3);
59: ctx->michael_count++;
60:
61: if (ctx->michael_count >= MICHAEL_RAW_BLOCK_LENGTH) {
62: ctx->michael_l ^= ctx->michael_state;
63: MICHAEL_BLOCK(ctx->michael_l, ctx->michael_r);
64: ctx->michael_state = ctx->michael_count = 0;
65: }
66: }
67: }
68:
69: void
70: michael_final(u_int8_t digest[MICHAEL_DIGEST_LENGTH], MICHAEL_CTX *ctx)
71: {
72: u_int8_t pad[] = { 0x5a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
73:
74: michael_update(ctx, pad, sizeof(pad));
75:
76: VAL32(digest) = letoh32(ctx->michael_l);
77: VAL32(digest + MICHAEL_RAW_BLOCK_LENGTH) = letoh32(ctx->michael_r);
78: }
79:
80: void
81: michael_key(const u_int8_t *key, MICHAEL_CTX *ctx)
82: {
83: ctx->michael_l = ctx->michael_key[0] =
84: htole32(VAL32(key));
85: ctx->michael_r = ctx->michael_key[1] =
86: htole32(VAL32(key + MICHAEL_RAW_BLOCK_LENGTH));
87: }
CVSweb