From 6199960b520e46ce48da02ef2041722fbc87af29 Mon Sep 17 00:00:00 2001 From: Denis Kenzior Date: Wed, 10 Feb 2016 14:16:32 -0600 Subject: [PATCH] crypto: Move + rework prf_sha1 into crypto.c --- Makefile.am | 5 +++-- src/crypto.c | 39 +++++++++++++++++++++++++++++++++++++++ src/crypto.h | 4 ++++ src/sha1.c | 40 ---------------------------------------- src/sha1.h | 4 ---- 5 files changed, 46 insertions(+), 46 deletions(-) diff --git a/Makefile.am b/Makefile.am index e59b891d..63786894 100644 --- a/Makefile.am +++ b/Makefile.am @@ -135,8 +135,8 @@ unit_test_hmac_sha1_SOURCES = unit/test-hmac-sha1.c \ unit_test_hmac_sha1_LDADD = ell/libell-internal.la unit_test_hmac_sha256_SOURCES = unit/test-hmac-sha256.c \ - src/sha1.h src/sha1.c \ - src/crypto.h src/crypto.c + src/crypto.h src/crypto.c \ + src/sha1.h src/sha1.c unit_test_hmac_sha256_LDADD = ell/libell-internal.la unit_test_pbkdf2_sha1_SOURCES = unit/test-pbkdf2-sha1.c \ @@ -144,6 +144,7 @@ unit_test_pbkdf2_sha1_SOURCES = unit/test-pbkdf2-sha1.c \ unit_test_pbkdf2_sha1_LDADD = ell/libell-internal.la unit_test_prf_sha1_SOURCES = unit/test-prf-sha1.c \ + src/crypto.h src/crypto.c \ src/sha1.h src/sha1.c unit_test_prf_sha1_LDADD = ell/libell-internal.la diff --git a/src/crypto.c b/src/crypto.c index 0e839072..5291e7a1 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -241,6 +241,45 @@ int crypto_psk_from_passphrase(const char *passphrase, return 0; } +bool prf_sha1(const void *key, size_t key_len, + const void *prefix, size_t prefix_len, + const void *data, size_t data_len, void *output, size_t size) +{ + struct l_checksum *hmac; + unsigned int i, offset = 0; + unsigned char empty = '\0'; + unsigned char counter; + struct iovec iov[4] = { + [0] = { .iov_base = (void *) prefix, .iov_len = prefix_len }, + [1] = { .iov_base = &empty, .iov_len = 1 }, + [2] = { .iov_base = (void *) data, .iov_len = data_len }, + [3] = { .iov_base = &counter, .iov_len = 1 }, + }; + + hmac = l_checksum_new_hmac(L_CHECKSUM_SHA1, key, key_len); + if (!hmac) + return false; + + /* PRF processes in 160-bit chunks (20 bytes) */ + for (i = 0, counter = 0; i < (size + 19) / 20; i++, counter++) { + size_t len; + + if (size - offset > 20) + len = 20; + else + len = size - offset; + + l_checksum_updatev(hmac, iov, 4); + l_checksum_get_digest(hmac, output + offset, len); + + offset += len; + } + + l_checksum_free(hmac); + + return true; +} + /* * 802.11, Section 11.6.6.7: * PTK = PRF-X(PMK, "Pairwise key expansion", Min(AA, SA) || Max(AA, SA) || diff --git a/src/crypto.h b/src/crypto.h index 306c8d6b..8110203d 100644 --- a/src/crypto.h +++ b/src/crypto.h @@ -58,6 +58,10 @@ int crypto_psk_from_passphrase(const char *passphrase, const unsigned char *ssid, size_t ssid_len, unsigned char *out_psk); +bool prf_sha1(const void *key, size_t key_len, + const void *prefix, size_t prefix_len, + const void *data, size_t data_len, void *output, size_t size); + bool crypto_derive_ptk(const uint8_t *pmk, size_t pmk_len, const char *label, const uint8_t *addr1, const uint8_t *addr2, const uint8_t *nonce1, const uint8_t *nonce2, diff --git a/src/sha1.c b/src/sha1.c index e4f6582b..f04c10b8 100644 --- a/src/sha1.c +++ b/src/sha1.c @@ -136,43 +136,3 @@ bool pbkdf2_sha1(const void *password, size_t password_len, return true; } -bool prf_sha1(const void *key, size_t key_len, - const void *prefix, size_t prefix_len, - const void *data, size_t data_len, void *output, size_t size) -{ - struct l_checksum *checksum; - unsigned char input[1024]; - size_t input_len; - unsigned int i, offset = 0; - - checksum = l_checksum_new(L_CHECKSUM_SHA1); - if (!checksum) - return false; - - memcpy(input, prefix, prefix_len); - input[prefix_len] = 0; - - memcpy(input + prefix_len + 1, data, data_len); - input[prefix_len + 1 + data_len] = 0; - - input_len = prefix_len + 1 + data_len + 1; - - for (i = 0; i < (size + 19) / 20; i++) { - size_t len; - - if (size - offset > SHA1_MAC_LEN) - len = SHA1_MAC_LEN; - else - len = size - offset; - - __hmac_sha1(checksum, key, key_len, input, input_len, - output + offset, len); - - offset += len; - input[input_len - 1]++; - } - - l_checksum_free(checksum); - - return true; -} diff --git a/src/sha1.h b/src/sha1.h index 765e034f..9da3b6ba 100644 --- a/src/sha1.h +++ b/src/sha1.h @@ -25,7 +25,3 @@ bool pbkdf2_sha1(const void *password, size_t password_len, const void *salt, size_t salt_len, unsigned int iterations, void *output, size_t size); - -bool prf_sha1(const void *key, size_t key_len, - const void *prefix, size_t prefix_len, - const void *data, size_t data_len, void *output, size_t size);