pkcs5_pbkdf2.c
changeset 54 3d70f17a68b8
parent 10 85496558f3a4
equal deleted inserted replaced
53:ea43dbad123b 54:3d70f17a68b8
    25 //#include <util.h>
    25 //#include <util.h>
    26 
    26 
    27 #include "sha1.h"
    27 #include "sha1.h"
    28 
    28 
    29 /*
    29 /*
    30  * HMAC-SHA-1 (from RFC 2202).
       
    31  */
       
    32 static void
       
    33 hmac_sha1(const u_int8_t *text, size_t text_len, const u_int8_t *key,
       
    34     size_t key_len, u_int8_t digest[SHA1_DIGEST_LENGTH])
       
    35 {
       
    36 	SHA1_CTX ctx;
       
    37 	u_int8_t k_pad[SHA1_BLOCK_LENGTH];
       
    38 	u_int8_t tk[SHA1_DIGEST_LENGTH];
       
    39 	int i;
       
    40 
       
    41 	if (key_len > SHA1_BLOCK_LENGTH) {
       
    42 		SHA1Init(&ctx);
       
    43 		SHA1Update(&ctx, key, key_len);
       
    44 		SHA1Final(tk, &ctx);
       
    45 
       
    46 		key = tk;
       
    47 		key_len = SHA1_DIGEST_LENGTH;
       
    48 	}
       
    49 
       
    50 	bzero(k_pad, sizeof k_pad);
       
    51 	bcopy(key, k_pad, key_len);
       
    52 	for (i = 0; i < SHA1_BLOCK_LENGTH; i++)
       
    53 		k_pad[i] ^= 0x36;
       
    54 
       
    55 	SHA1Init(&ctx);
       
    56 	SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
       
    57 	SHA1Update(&ctx, text, text_len);
       
    58 	SHA1Final(digest, &ctx);
       
    59 
       
    60 	bzero(k_pad, sizeof k_pad);
       
    61 	bcopy(key, k_pad, key_len);
       
    62 	for (i = 0; i < SHA1_BLOCK_LENGTH; i++)
       
    63 		k_pad[i] ^= 0x5c;
       
    64 
       
    65 	SHA1Init(&ctx);
       
    66 	SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
       
    67 	SHA1Update(&ctx, digest, SHA1_DIGEST_LENGTH);
       
    68 	SHA1Final(digest, &ctx);
       
    69 }
       
    70 
       
    71 /*
       
    72  * Password-Based Key Derivation Function 2 (PKCS #5 v2.0).
    30  * Password-Based Key Derivation Function 2 (PKCS #5 v2.0).
    73  * Code based on IEEE Std 802.11-2007, Annex H.4.2.
    31  * Code based on IEEE Std 802.11-2007, Annex H.4.2.
    74  */
    32  */
    75 int
    33 int
    76 pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt, size_t salt_len,
    34 pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt, size_t salt_len,
    94 	for (count = 1; key_len > 0; count++) {
    52 	for (count = 1; key_len > 0; count++) {
    95 		asalt[salt_len + 0] = (count >> 24) & 0xff;
    53 		asalt[salt_len + 0] = (count >> 24) & 0xff;
    96 		asalt[salt_len + 1] = (count >> 16) & 0xff;
    54 		asalt[salt_len + 1] = (count >> 16) & 0xff;
    97 		asalt[salt_len + 2] = (count >> 8) & 0xff;
    55 		asalt[salt_len + 2] = (count >> 8) & 0xff;
    98 		asalt[salt_len + 3] = count & 0xff;
    56 		asalt[salt_len + 3] = count & 0xff;
    99 		hmac_sha1(asalt, salt_len + 4, (const uint8_t *) pass, pass_len, d1);
    57 		SHA1Hmac((const uint8_t *) pass, pass_len, asalt, salt_len + 4, d1);
   100 		memcpy(obuf, d1, sizeof(obuf));
    58 		memcpy(obuf, d1, sizeof(obuf));
   101 
    59 
   102 		for (i = 1; i < rounds; i++) {
    60 		for (i = 1; i < rounds; i++) {
   103 			hmac_sha1(d1, sizeof(d1), (const uint8_t *) pass, pass_len, d2);
    61 			SHA1Hmac((const uint8_t *) pass, pass_len, d1, sizeof(d1), d2);
   104 			memcpy(d1, d2, sizeof(d1));
    62 			memcpy(d1, d2, sizeof(d1));
   105 			for (j = 0; j < sizeof(obuf); j++)
    63 			for (j = 0; j < sizeof(obuf); j++)
   106 				obuf[j] ^= d1[j];
    64 				obuf[j] ^= d1[j];
   107 		}
    65 		}
   108 
    66