From: Jouni Malinen Date: Thu, 16 Aug 2012 17:23:12 +0000 (+0300) Subject: Move SHA1-based PRF function into a separate C file X-Git-Tag: hostap_2_0~402 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.git;a=commitdiff_plain;h=d6150094e0586a437f4a6747d665a2e47ad79b1e Move SHA1-based PRF function into a separate C file This makes it easier to conditionally build in SHA1 functions based on which TLS/crypto library is used. Signed-hostap: Jouni Malinen --- diff --git a/hostapd/Android.mk b/hostapd/Android.mk index 73caa88..bc6d689 100644 --- a/hostapd/Android.mk +++ b/hostapd/Android.mk @@ -670,6 +670,7 @@ endif SHA1OBJS = ifdef NEED_SHA1 SHA1OBJS += src/crypto/sha1.c +SHA1OBJS += src/crypto/sha1-prf.c ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += src/crypto/sha1-internal.c ifdef NEED_FIPS186_2_PRF diff --git a/hostapd/Makefile b/hostapd/Makefile index c58cc79..da1517d 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -661,6 +661,7 @@ endif ifdef NEED_SHA1 SHA1OBJS += ../src/crypto/sha1.o +SHA1OBJS += ../src/crypto/sha1-prf.o ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += ../src/crypto/sha1-internal.o ifdef NEED_FIPS186_2_PRF diff --git a/src/crypto/Makefile b/src/crypto/Makefile index b221dd4..33d0c34 100644 --- a/src/crypto/Makefile +++ b/src/crypto/Makefile @@ -38,6 +38,7 @@ LIB_OBJS= \ sha1.o \ sha1-internal.o \ sha1-pbkdf2.o \ + sha1-prf.o \ sha1-tlsprf.o \ sha1-tprf.o \ sha256.o \ diff --git a/src/crypto/sha1-prf.c b/src/crypto/sha1-prf.c new file mode 100644 index 0000000..90b9e74 --- /dev/null +++ b/src/crypto/sha1-prf.c @@ -0,0 +1,66 @@ +/* + * SHA1-based PRF + * Copyright (c) 2003-2005, Jouni Malinen + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "sha1.h" +#include "crypto.h" + + +/** + * sha1_prf - SHA1-based Pseudo-Random Function (PRF) (IEEE 802.11i, 8.5.1.1) + * @key: Key for PRF + * @key_len: Length of the key in bytes + * @label: A unique label for each purpose of the PRF + * @data: Extra data to bind into the key + * @data_len: Length of the data + * @buf: Buffer for the generated pseudo-random key + * @buf_len: Number of bytes of key to generate + * Returns: 0 on success, -1 of failure + * + * This function is used to derive new, cryptographically separate keys from a + * given key (e.g., PMK in IEEE 802.11i). + */ +int sha1_prf(const u8 *key, size_t key_len, const char *label, + const u8 *data, size_t data_len, u8 *buf, size_t buf_len) +{ + u8 counter = 0; + size_t pos, plen; + u8 hash[SHA1_MAC_LEN]; + size_t label_len = os_strlen(label) + 1; + const unsigned char *addr[3]; + size_t len[3]; + + addr[0] = (u8 *) label; + len[0] = label_len; + addr[1] = data; + len[1] = data_len; + addr[2] = &counter; + len[2] = 1; + + pos = 0; + while (pos < buf_len) { + plen = buf_len - pos; + if (plen >= SHA1_MAC_LEN) { + if (hmac_sha1_vector(key, key_len, 3, addr, len, + &buf[pos])) + return -1; + pos += SHA1_MAC_LEN; + } else { + if (hmac_sha1_vector(key, key_len, 3, addr, len, + hash)) + return -1; + os_memcpy(&buf[pos], hash, plen); + break; + } + counter++; + } + + return 0; +} diff --git a/src/crypto/sha1.c b/src/crypto/sha1.c index 274d81f..d48c77d 100644 --- a/src/crypto/sha1.c +++ b/src/crypto/sha1.c @@ -102,56 +102,3 @@ int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, { return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac); } - - -/** - * sha1_prf - SHA1-based Pseudo-Random Function (PRF) (IEEE 802.11i, 8.5.1.1) - * @key: Key for PRF - * @key_len: Length of the key in bytes - * @label: A unique label for each purpose of the PRF - * @data: Extra data to bind into the key - * @data_len: Length of the data - * @buf: Buffer for the generated pseudo-random key - * @buf_len: Number of bytes of key to generate - * Returns: 0 on success, -1 of failure - * - * This function is used to derive new, cryptographically separate keys from a - * given key (e.g., PMK in IEEE 802.11i). - */ -int sha1_prf(const u8 *key, size_t key_len, const char *label, - const u8 *data, size_t data_len, u8 *buf, size_t buf_len) -{ - u8 counter = 0; - size_t pos, plen; - u8 hash[SHA1_MAC_LEN]; - size_t label_len = os_strlen(label) + 1; - const unsigned char *addr[3]; - size_t len[3]; - - addr[0] = (u8 *) label; - len[0] = label_len; - addr[1] = data; - len[1] = data_len; - addr[2] = &counter; - len[2] = 1; - - pos = 0; - while (pos < buf_len) { - plen = buf_len - pos; - if (plen >= SHA1_MAC_LEN) { - if (hmac_sha1_vector(key, key_len, 3, addr, len, - &buf[pos])) - return -1; - pos += SHA1_MAC_LEN; - } else { - if (hmac_sha1_vector(key, key_len, 3, addr, len, - hash)) - return -1; - os_memcpy(&buf[pos], hash, plen); - break; - } - counter++; - } - - return 0; -} diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk index 94a3d96..5ad2d67 100644 --- a/wpa_supplicant/Android.mk +++ b/wpa_supplicant/Android.mk @@ -1055,6 +1055,7 @@ endif SHA1OBJS = ifdef NEED_SHA1 SHA1OBJS += src/crypto/sha1.c +SHA1OBJS += src/crypto/sha1-prf.c ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += src/crypto/sha1-internal.c ifdef NEED_FIPS186_2_PRF diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile index 7a6d8a3..63cff71 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -1082,6 +1082,7 @@ endif ifdef NEED_SHA1 SHA1OBJS += ../src/crypto/sha1.o +SHA1OBJS += ../src/crypto/sha1-prf.o ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += ../src/crypto/sha1-internal.o ifdef NEED_FIPS186_2_PRF diff --git a/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj b/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj index 38b29c4..af7b3fe 100755 --- a/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj +++ b/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj @@ -411,6 +411,10 @@ > + + diff --git a/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj b/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj index b107842..97aa2c5 100755 --- a/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj +++ b/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj @@ -206,6 +206,10 @@ > + + diff --git a/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj b/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj index e3886b7..51acab9 100755 --- a/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj +++ b/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj @@ -399,6 +399,10 @@ > + + diff --git a/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj b/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj index 1034891..6fd8af8 100755 --- a/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj +++ b/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj @@ -399,6 +399,10 @@ > + +