Add HMAC-SHA384

For now, this is only implemented with OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/hostapd/Android.mk b/hostapd/Android.mk
index 4e6a36e..6767f3c 100644 (file)
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
@@ -768,6 +768,9 @@ ifdef NEED_TLS_PRF_SHA256
 OBJS += src/crypto/sha256-tlsprf.c
 endif
 endif
+ifdef NEED_SHA384
+L_CFLAGS += -DCONFIG_SHA384
+endif
 
 ifdef NEED_DH_GROUPS
 OBJS += src/crypto/dh_groups.c

diff --git a/hostapd/Makefile b/hostapd/Makefile
index e231e74..886cf2e 100644 (file)
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -764,6 +764,9 @@ ifdef NEED_HMAC_SHA256_KDF
 OBJS += ../src/crypto/sha256-kdf.o
 endif
 endif
+ifdef NEED_SHA384
+CFLAGS += -DCONFIG_SHA384
+endif
 
 ifdef NEED_DH_GROUPS
 OBJS += ../src/crypto/dh_groups.o

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 8b29472..f79055c 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -1,6 +1,6 @@
 /*
  * Wrapper functions for OpenSSL libcrypto
- * Copyright (c) 2004-2013, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -28,6 +28,7 @@
 #include "dh_group5.h"
 #include "sha1.h"
 #include "sha256.h"
+#include "sha384.h"
 #include "crypto.h"
 
 #if OPENSSL_VERSION_NUMBER < 0x00907000
@@ -786,6 +787,40 @@ int hmac_sha256(const u8 *key, size_t key_len, const u8 *data,
 #endif /* CONFIG_SHA256 */
 
 
+#ifdef CONFIG_SHA384
+
+int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem,
+                      const u8 *addr[], const size_t *len, u8 *mac)
+{
+       HMAC_CTX ctx;
+       size_t i;
+       unsigned int mdlen;
+       int res;
+
+       HMAC_CTX_init(&ctx);
+       if (HMAC_Init_ex(&ctx, key, key_len, EVP_sha384(), NULL) != 1)
+               return -1;
+
+       for (i = 0; i < num_elem; i++)
+               HMAC_Update(&ctx, addr[i], len[i]);
+
+       mdlen = 32;
+       res = HMAC_Final(&ctx, mac, &mdlen);
+       HMAC_CTX_cleanup(&ctx);
+
+       return res == 1 ? 0 : -1;
+}
+
+
+int hmac_sha384(const u8 *key, size_t key_len, const u8 *data,
+               size_t data_len, u8 *mac)
+{
+       return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac);
+}
+
+#endif /* CONFIG_SHA384 */
+
+
 int crypto_get_random(void *buf, size_t len)
 {
        if (RAND_bytes(buf, len) != 1)

diff --git a/src/crypto/sha384.h b/src/crypto/sha384.h
new file mode 100644 (file)
index 0000000..e6a1fe4
--- /dev/null
+++ b/src/crypto/sha384.h
@@ -0,0 +1,19 @@
+/*
+ * SHA384 hash implementation and interface functions
+ * Copyright (c) 2015, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#ifndef SHA384_H
+#define SHA384_H
+
+#define SHA384_MAC_LEN 48
+
+int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem,
+                      const u8 *addr[], const size_t *len, u8 *mac);
+int hmac_sha384(const u8 *key, size_t key_len, const u8 *data,
+               size_t data_len, u8 *mac);
+
+#endif /* SHA384_H */

diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 512918b..ace1987 100644 (file)
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -1237,6 +1237,9 @@ SHA256OBJS += src/crypto/sha256-kdf.c
 endif
 OBJS += $(SHA256OBJS)
 endif
+ifdef NEED_SHA384
+L_CFLAGS += -DCONFIG_SHA384
+endif
 
 ifdef NEED_DH_GROUPS
 OBJS += src/crypto/dh_groups.c

diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index 9e1ffc8..81b4df0 100644 (file)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1250,6 +1250,9 @@ OBJS += ../src/crypto/sha256-kdf.o
 endif
 OBJS += $(SHA256OBJS)
 endif
+ifdef NEED_SHA384
+CFLAGS += -DCONFIG_SHA384
+endif
 
 ifdef NEED_DH_GROUPS
 OBJS += ../src/crypto/dh_groups.o