Add AES-CMAC encryption support

-Add AES-CMAC encryption need to check MIC when deriving TDLS keys (802.11)
-Tested against NIST test vector for AES128-CMAC

Bug: 11312
Change-Id: Id4fd839bdedd3aa135823334e59d98271aea7c2b
Reviewed-on: https://code.wireshark.org/review/13663
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

1 files changed, 41 insertions, 0 deletions

diff --git a/wsutil/aes.h b/wsutil/aes.h
index e384667900..df319c69af 100644
--- a/wsutil/aes.h
+++ b/wsutil/aes.h
@@ -62,5 +62,46 @@ void rijndael_decrypt(
 	const guchar *src,
 	guchar *dst);
 
+typedef struct s_aes_cmac_ctx {
+	rijndael_ctx aes;
+	guint key_len;
+	guint input_used;
+	guint8 state[RIJNDAEL_MAXKB];
+	guint8 input[RIJNDAEL_MAXKB];
+} aes_cmac_ctx;
+
+/**
+ * Initialize AES-CMAC calculation with the provided key.
+ * @param [OUT] ctx Context to initialize
+ * @param [IN]  key Key to used
+ * @param [IN]  key_len Key length in bytes
+ */
+WS_DLL_PUBLIC
+void aes_cmac_encrypt_starts(
+	aes_cmac_ctx *ctx,
+	const guint8 *key,
+	guint key_len);
+
+/**
+ * Add a new buffer for AES-CMAC calculation
+ * @param [IN] ctx Context (initialize with @ref AES_CMAC_encrypt_starts)
+ * @param [IN] input Buffer to add in AES-CMAC calculation
+ * @param [IN] length Length of input buffer (in bytes)
+ */
+WS_DLL_PUBLIC
+void aes_cmac_encrypt_update(
+	aes_cmac_ctx *ctx,
+	const guint8 *input,
+	guint length);
+
+/**
+ * Ends AES-CMAC calculation
+ * @param [IN] ctx Context (initialize with @ref AES_CMAC_encrypt_starts)
+ * @param [OUT] output Buffer to store MAC (must be at least key_len long)
+ */
+WS_DLL_PUBLIC
+void aes_cmac_encrypt_finish(
+	aes_cmac_ctx *ctx,
+	guint8 *output);
 
 #endif