Cumulative patch from commit 989e784601887734e696b3fac0ad6d101badd7ea

989e784 P2P: Optimize scan frequencies list when re-joining a persistent group
154a1d5 hostapd: Fix some compilation errors
ce18c10 Add support for CONFIG_NO_ROAMING to Makefile
65a7b21 OpenSSL: Implement AES-128 CBC using EVP API
22ba05c Explicitly clear temporary stack buffers in tls_prf_sha1_md5()
940a4db Explicitly clear temporary stack buffer in sha1_t_prf()
eccca10 Explicitly clear temporary stack buffer in hmac_sha256_kdf()
e8e365d wext: Add support for renamed Host AP driver ifname
fc48d33 Improve error messages related to EAP DB
c469d62 Error out if user configures SQLite DB without CONFIG_SQLITE
270427e HS 2.0R2: Add more logging for hs20-osu-client icon matching
8e31cd2 OSU server: Improve logging for SPP schema validation failures
23dd15a http-curl: Improve log messages
e7d285c OSU server: Print out signup ID if there is some problem with it
1b45006 HS 2.0R2: Remove unused argument identifier from hs20-osu-client
2e7a228 HS 2.0R2: Allow custom libcurl linkage for hs20-osu-client
a52410c Allow PSK/passphrase to be set only when needed
3e808b8 EAP-pwd peer: Add support for hashed password
e4840b3 EAP-pwd server: Add support for hashed password
2bd2ed2 EAP-pwd: Mark helper function arguments const when appropriate
9ccc10f wpa_cli: Use tab as only word separator for networks
5a997b2 wpa_cli: Completion routine for dup_network command
1ca6c0f wpa_cli: Completion for remove, select, disable, enable network
7e6cc90 wpa_cli: Implement completion routine for get_network/set_network
32a097f wpa_cli: Keep track of available networks
94dc0e9 wpa_cli: Allow tab as alternative separator for cli_txt_list words
efa232f Add support for virtual interface creation/deletion
ba87329 wpa_cli: Use .wpa_cli_history under Android
0f8385e Show OSEN key management properly in scan results
e7b4cd0 wpa_gui: Add tray icon based signal strength meter
54d3dc9 AP: Unset HT capabilities for an HT association request without WMM

Change-Id: I71425b8e20fe1dfdb777592257dc4e4063da8d85
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index f158ef4..9834b25 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -324,6 +324,56 @@
 }
 
 
+int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
+{
+	EVP_CIPHER_CTX ctx;
+	int clen, len;
+	u8 buf[16];
+
+	EVP_CIPHER_CTX_init(&ctx);
+	if (EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv) != 1)
+		return -1;
+	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+
+	clen = data_len;
+	if (EVP_EncryptUpdate(&ctx, data, &clen, data, data_len) != 1 ||
+	    clen != (int) data_len)
+		return -1;
+
+	len = sizeof(buf);
+	if (EVP_EncryptFinal_ex(&ctx, buf, &len) != 1 || len != 0)
+		return -1;
+	EVP_CIPHER_CTX_cleanup(&ctx);
+
+	return 0;
+}
+
+
+int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
+{
+	EVP_CIPHER_CTX ctx;
+	int plen, len;
+	u8 buf[16];
+
+	EVP_CIPHER_CTX_init(&ctx);
+	if (EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv) != 1)
+		return -1;
+	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+
+	plen = data_len;
+	if (EVP_DecryptUpdate(&ctx, data, &plen, data, data_len) != 1 ||
+	    plen != (int) data_len)
+		return -1;
+
+	len = sizeof(buf);
+	if (EVP_DecryptFinal_ex(&ctx, buf, &len) != 1 || len != 0)
+		return -1;
+	EVP_CIPHER_CTX_cleanup(&ctx);
+
+	return 0;
+}
+
+
 int crypto_mod_exp(const u8 *base, size_t base_len,
 		   const u8 *power, size_t power_len,
 		   const u8 *modulus, size_t modulus_len,