shithub: riscv

Download patch

ref: b749f36baa4800e116bea6fcd0abc23c28e7078f
parent: 4c52aedfe92da7efe85e3b855855acb94863e084
author: cinap_lenrek <[email protected]>
date: Wed Sep 2 07:28:11 EDT 2015

libsec: generalize pbkdf2_hmac_sha1() to pbkdf2_x() passing the hmac as an argument

--- a/sys/include/libsec.h
+++ b/sys/include/libsec.h
@@ -454,9 +454,6 @@
 /* calculate shared key: k = y**x % p */
 mpint* dh_finish(DHstate *dh, mpint *y);
 
-/* password-based key derivation function 2 (RFC 2898) */
-void pbkdf2_hmac_sha1(uchar *p, ulong plen, uchar *s, ulong slen, ulong rounds, uchar *d, ulong dlen);
-
 /* Curve25519 elliptic curve, public key function */
 void curve25519(uchar mypublic[32], uchar secret[32], uchar basepoint[32]);
 
@@ -463,3 +460,7 @@
 /* Curve25519 diffie hellman */
 void curve25519_dh_new(uchar x[32], uchar y[32]);
 void curve25519_dh_finish(uchar x[32], uchar y[32], uchar z[32]);
+
+/* password-based key derivation function 2 (rfc2898) */
+void pbkdf2_x(uchar *p, ulong plen, uchar *s, ulong slen, ulong rounds, uchar *d, ulong dlen,
+	DigestState* (*x)(uchar*, ulong, uchar*, ulong, uchar*, DigestState*), int xlen);
--- a/sys/src/cmd/auth/factotum/wpapsk.c
+++ b/sys/src/cmd/auth/factotum/wpapsk.c
@@ -63,7 +63,7 @@
 {
 	if(hextob(pass, nil, pmk, PMKlen) == PMKlen)
 		return;
-	pbkdf2_hmac_sha1((uchar*)pass, strlen(pass), (uchar*)ssid, strlen(ssid), 4096, pmk, PMKlen);
+	pbkdf2_x((uchar*)pass, strlen(pass), (uchar*)ssid, strlen(ssid), 4096, pmk, PMKlen, hmac_sha1, SHA1dlen);
 }
 
 static void
--- a/sys/src/libauthsrv/passtokey.c
+++ b/sys/src/libauthsrv/passtokey.c
@@ -36,7 +36,7 @@
 passtoaeskey(uchar *key, char *p)
 {
 	static char salt[] = "Plan 9 key derivation";
-	pbkdf2_hmac_sha1((uchar*)p, strlen(p), (uchar*)salt, sizeof(salt)-1, 9001, key, AESKEYLEN);
+	pbkdf2_x((uchar*)p, strlen(p), (uchar*)salt, sizeof(salt)-1, 9001, key, AESKEYLEN, hmac_sha1, SHA1dlen);
 }
 
 void
--- a/sys/src/libsec/port/pbkdf2.c
+++ b/sys/src/libsec/port/pbkdf2.c
@@ -2,28 +2,34 @@
 #include <mp.h>
 #include <libsec.h>
 
+/* rfc2898 */
 void
-pbkdf2_hmac_sha1(uchar *p, ulong plen, uchar *s, ulong slen, ulong rounds, uchar *d, ulong dlen)
+pbkdf2_x(p, plen, s, slen, rounds, d, dlen, x, xlen)
+	uchar *p, *s, *d;
+	ulong plen, slen, dlen, rounds;
+	DigestState* (*x)(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
+	int xlen;
 {
-	uchar block[SHA1dlen], tmp[SHA1dlen], tmp2[SHA1dlen];
+	uchar block[256], tmp[256];
 	ulong i, j, k, n;
 	DigestState *ds;
 
+	assert(xlen <= sizeof(tmp));
+
 	for(i = 1; dlen > 0; i++, d += n, dlen -= n){
 		tmp[3] = i;
 		tmp[2] = i >> 8;
 		tmp[1] = i >> 16;
 		tmp[0] = i >> 24;
-		ds = hmac_sha1(s, slen, p, plen, nil, nil);
-		hmac_sha1(tmp, 4, p, plen, block, ds);
-		memmove(tmp, block, sizeof(tmp));
+		ds = (*x)(s, slen, p, plen, nil, nil);
+		(*x)(tmp, 4, p, plen, block, ds);
+		memmove(tmp, block, xlen);
 		for(j = 1; j < rounds; j++){
-			hmac_sha1(tmp, sizeof(tmp), p, plen, tmp2, nil);
-			memmove(tmp, tmp2, sizeof(tmp));
-			for(k=0; k<sizeof(tmp); k++)
+			(*x)(tmp, xlen, p, plen, tmp, nil);
+			for(k=0; k<xlen; k++)
 				block[k] ^= tmp[k];
 		}
-		n = dlen > sizeof(block) ? sizeof(block) : dlen;
+		n = dlen > xlen ? xlen : dlen;
 		memmove(d, block, n); 
 	}
 }