CVS shishi/lib

shishi-commit
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS shishi/lib

From:	shishi-commit
Subject:	CVS shishi/lib
Date:	Sat, 22 Oct 2005 19:01:51 +0200
Update of /home/cvs/shishi/lib
In directory dopio:/tmp/cvs-serv17627

Modified Files:
        low-crypto.c crypto.c 
Log Message:
Use pbkdf2-sha1 from gc.


--- /home/cvs/shishi/lib/low-crypto.c   2005/10/22 16:54:18     1.2
+++ /home/cvs/shishi/lib/low-crypto.c   2005/10/22 17:01:51     1.3
@@ -482,3 +482,50 @@
                             GCRY_CIPHER_MODE_CBC, decryptp,
                             key, keylen, iv, ivout, in, inlen, out);
 }
+
+/**
+ * shishi_pbkdf2_sha1:
+ * @handle: shishi handle as allocated by shishi_init().
+ * @P: input password, an octet string
+ * @Plen: length of password, an octet string
+ * @S: input salt, an octet string
+ * @Slen: length of salt, an octet string
+ * @c: iteration count, a positive integer
+ * @dkLen: intended length in octets of the derived key, a positive integer,
+ *   at most (2^32 - 1) * hLen.  The DK array must have room for this many
+ *   characters.
+ * @DK: output derived key, a dkLen-octet string
+ *
+ * Derive key using the PBKDF2 defined in PKCS5.  PBKDF2 applies a
+ * pseudorandom function to derive keys. The length of the derived key
+ * is essentially unbounded. (However, the maximum effective search
+ * space for the derived key may be limited by the structure of the
+ * underlying pseudorandom function, which is this function is always
+ * SHA1.)
+ *
+ * Return value: Returns SHISHI_OK iff successful.
+ **/
+int
+shishi_pbkdf2_sha1 (Shishi * handle,
+                   const char *P, size_t Plen,
+                   const char *S, size_t Slen,
+                   unsigned int c, unsigned int dkLen, char *DK)
+{
+  Gc_rc rc;
+
+  rc = gc_pbkdf2_sha1 (P, Plen, S, Slen, c, DK, dkLen);
+
+  if (rc == GC_PKCS5_INVALID_ITERATION_COUNT)
+    return SHISHI_PKCS5_INVALID_ITERATION_COUNT;
+
+  if (rc == GC_PKCS5_INVALID_DERIVED_KEY_LENGTH)
+    return SHISHI_PKCS5_INVALID_DERIVED_KEY_LENGTH;
+
+  if (rc == GC_PKCS5_DERIVED_KEY_TOO_LONG)
+    return SHISHI_PKCS5_DERIVED_KEY_TOO_LONG;
+
+  if (rc != GC_OK)
+    return SHISHI_CRYPTO_INTERNAL_ERROR;
+
+  return SHISHI_OK;
+}
--- /home/cvs/shishi/lib/crypto.c       2005/05/26 15:12:34     1.106
+++ /home/cvs/shishi/lib/crypto.c       2005/10/22 17:01:51     1.107
@@ -1,5 +1,5 @@
 /* crypto.c --- Crypto functions.
- * Copyright (C) 2002, 2003, 2004  Simon Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005  Simon Josefsson
  *
  * This file is part of Shishi.
  *
@@ -2023,163 +2023,3 @@
 
   return SHISHI_OK;
 }
-
-/**
- * shishi_pbkdf2_sha1:
- * @handle: shishi handle as allocated by shishi_init().
- * @P: input password, an octet string
- * @Plen: length of password, an octet string
- * @S: input salt, an octet string
- * @Slen: length of salt, an octet string
- * @c: iteration count, a positive integer
- * @dkLen: intended length in octets of the derived key, a positive integer,
- *   at most (2^32 - 1) * hLen.  The DK array must have room for this many
- *   characters.
- * @DK: output derived key, a dkLen-octet string
- *
- * Derive key using the PBKDF2 defined in PKCS5.  PBKDF2 applies a
- * pseudorandom function to derive keys. The length of the derived key
- * is essentially unbounded. (However, the maximum effective search
- * space for the derived key may be limited by the structure of the
- * underlying pseudorandom function, which is this function is always
- * SHA1.)
- *
- * Return value: Returns SHISHI_OK iff successful.
- **/
-int
-shishi_pbkdf2_sha1 (Shishi * handle,
-                   const char *P, size_t Plen,
-                   const char *S, size_t Slen,
-                   unsigned int c, unsigned int dkLen, char *DK)
-{
-  unsigned int hLen = 20;
-  char U[20];
-  char T[20];
-  unsigned int u;
-  unsigned int l;
-  unsigned int r;
-  unsigned int i;
-  unsigned int k;
-  char *p;
-  int rc;
-
-  if (c == 0)
-    return SHISHI_PKCS5_INVALID_ITERATION_COUNT;
-
-  if (dkLen == 0)
-    return SHISHI_PKCS5_INVALID_DERIVED_KEY_LENGTH;
-
-  /*
-   *
-   *  Steps:
-   *
-   *     1. If dkLen > (2^32 - 1) * hLen, output "derived key too long" and
-   *        stop.
-   */
-
-  if (dkLen > 4294967295U)
-    return SHISHI_PKCS5_DERIVED_KEY_TOO_LONG;
-
-  /*
-   *     2. Let l be the number of hLen-octet blocks in the derived key,
-   *        rounding up, and let r be the number of octets in the last
-   *        block:
-   *
-   *                  l = CEIL (dkLen / hLen) ,
-   *                  r = dkLen - (l - 1) * hLen .
-   *
-   *        Here, CEIL (x) is the "ceiling" function, i.e. the smallest
-   *        integer greater than, or equal to, x.
-   */
-
-  l = dkLen / hLen;
-  if (dkLen % hLen)
-    l++;
-  r = dkLen - (l - 1) * hLen;
-
-  /*
-   *     3. For each block of the derived key apply the function F defined
-   *        below to the password P, the salt S, the iteration count c, and
-   *        the block index to compute the block:
-   *
-   *                  T_1 = F (P, S, c, 1) ,
-   *                  T_2 = F (P, S, c, 2) ,
-   *                  ...
-   *                  T_l = F (P, S, c, l) ,
-   *
-   *        where the function F is defined as the exclusive-or sum of the
-   *        first c iterates of the underlying pseudorandom function PRF
-   *        applied to the password P and the concatenation of the salt S
-   *        and the block index i:
-   *
-   *                  F (P, S, c, i) = U_1 \xor U_2 \xor ... \xor U_c
-   *
-   *        where
-   *
-   *                  U_1 = PRF (P, S || INT (i)) ,
-   *                  U_2 = PRF (P, U_1) ,
-   *                  ...
-   *                  U_c = PRF (P, U_{c-1}) .
-   *
-   *        Here, INT (i) is a four-octet encoding of the integer i, most
-   *        significant octet first.
-   *
-   *     4. Concatenate the blocks and extract the first dkLen octets to
-   *        produce a derived key DK:
-   *
-   *                  DK = T_1 || T_2 ||  ...  || T_l<0..r-1>
-   *
-   *     5. Output the derived key DK.
-   *
-   *  Note. The construction of the function F follows a "belt-and-
-   *  suspenders" approach. The iterates U_i are computed recursively to
-   *  remove a degree of parallelism from an opponent; they are exclusive-
-   *  ored together to reduce concerns about the recursion degenerating
-   *  into a small set of values.
-   *
-   */
-
-  for (i = 1; i <= l; i++)
-    {
-      memset (T, 0, hLen);
-
-      for (u = 1; u <= c; u++)
-       {
-         if (u == 1)
-           {
-             char *tmp;
-             size_t tmplen = Slen + 4;
-
-             tmp = xmalloc (tmplen);
-
-             memcpy (tmp, S, Slen);
-             tmp[Slen + 0] = (i & 0xff000000) >> 24;
-             tmp[Slen + 1] = (i & 0x00ff0000) >> 16;
-             tmp[Slen + 2] = (i & 0x0000ff00) >> 8;
-             tmp[Slen + 3] = (i & 0x000000ff) >> 0;
-
-             rc = shishi_hmac_sha1 (handle, P, Plen, tmp, tmplen, &p);
-
-             free (tmp);
-           }
-         else
-           {
-             rc = shishi_hmac_sha1 (handle, P, Plen, U, hLen, &p);
-           }
-
-         if (rc != SHISHI_OK)
-           return rc;
-
-         memcpy (U, p, hLen);
-
-         free (p);
-
-         for (k = 0; k < hLen; k++)
-           T[k] ^= U[k];
-       }
-
-      memcpy (DK + (i - 1) * hLen, T, i == l ? r : hLen);
-    }
-
-  return SHISHI_OK;
-}
[Prev in Thread]
Current Thread
[Next in Thread]
CVS shishi/lib, shishi-commit, 2005/10/22
- CVS shishi/lib, shishi-commit, 2005/10/22
- CVS shishi/lib, shishi-commit, 2005/10/22
- CVS shishi/lib, shishi-commit, 2005/10/22
- CVS shishi/lib, shishi-commit <=
- CVS shishi/lib, shishi-commit, 2005/10/23
Prev by Date: CVS shishi/lib
Next by Date: CVS shishi/gl
Previous by thread: CVS shishi/lib
Next by thread: CVS shishi/lib
Index(es):
- Date
- Thread