aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Berg <johannes@sipsolutions.net>2009-08-11 17:24:06 (GMT)
committerJouni Malinen <j@w1.fi>2009-08-11 17:24:06 (GMT)
commitd9feab18fc50218afd1a351965945bec21e4ba7c (patch)
tree6fe951c890a49471b8f924cde3df2652918b0a21
parent6f693b5d0b6b9a15eaa8323abc8a68bf40844d08 (diff)
downloadhostap-d9feab18fc50218afd1a351965945bec21e4ba7c.zip
hostap-d9feab18fc50218afd1a351965945bec21e4ba7c.tar.gz
hostap-d9feab18fc50218afd1a351965945bec21e4ba7c.tar.bz2
Crypto build cleanup: remove CONFIG_NO_TLS_PRF
Instead of using a define and conditional building of sha1.c parts, move the TLS PRF implementation into a separate file.
-rw-r--r--hostapd/Makefile4
-rw-r--r--src/crypto/sha1-tlsprf.c106
-rw-r--r--src/crypto/sha1.c89
-rw-r--r--wpa_supplicant/Makefile4
4 files changed, 110 insertions, 93 deletions
diff --git a/hostapd/Makefile b/hostapd/Makefile
index 6d5564c..8bca37d 100644
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -572,8 +572,8 @@ ifdef NEED_T_PRF
SHA1OBJS += ../src/crypto/sha1-tprf.o
endif
-ifndef NEED_TLS_PRF
-CFLAGS += -DCONFIG_NO_TLS_PRF
+ifdef NEED_TLS_PRF
+SHA1OBJS += ../src/crypto/sha1-tlsprf.o
endif
ifdef CONFIG_RADIUS_SERVER
diff --git a/src/crypto/sha1-tlsprf.c b/src/crypto/sha1-tlsprf.c
new file mode 100644
index 0000000..3e2ae49
--- /dev/null
+++ b/src/crypto/sha1-tlsprf.c
@@ -0,0 +1,106 @@
+/*
+ * TLS PRF (SHA1 + MD5)
+ * Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * Alternatively, this software may be distributed under the terms of BSD
+ * license.
+ *
+ * See README and COPYING for more details.
+ */
+
+#include "includes.h"
+
+#include "common.h"
+#include "sha1.h"
+#include "md5.h"
+#include "crypto.h"
+
+
+/**
+ * tls_prf - Pseudo-Random Function for TLS (TLS-PRF, RFC 2246)
+ * @secret: Key for PRF
+ * @secret_len: Length of the key in bytes
+ * @label: A unique label for each purpose of the PRF
+ * @seed: Seed value to bind into the key
+ * @seed_len: Length of the seed
+ * @out: Buffer for the generated pseudo-random key
+ * @outlen: Number of bytes of key to generate
+ * Returns: 0 on success, -1 on failure.
+ *
+ * This function is used to derive new, cryptographically separate keys from a
+ * given key in TLS. This PRF is defined in RFC 2246, Chapter 5.
+ */
+int tls_prf(const u8 *secret, size_t secret_len, const char *label,
+ const u8 *seed, size_t seed_len, u8 *out, size_t outlen)
+{
+ size_t L_S1, L_S2, i;
+ const u8 *S1, *S2;
+ u8 A_MD5[MD5_MAC_LEN], A_SHA1[SHA1_MAC_LEN];
+ u8 P_MD5[MD5_MAC_LEN], P_SHA1[SHA1_MAC_LEN];
+ int MD5_pos, SHA1_pos;
+ const u8 *MD5_addr[3];
+ size_t MD5_len[3];
+ const unsigned char *SHA1_addr[3];
+ size_t SHA1_len[3];
+
+ if (secret_len & 1)
+ return -1;
+
+ MD5_addr[0] = A_MD5;
+ MD5_len[0] = MD5_MAC_LEN;
+ MD5_addr[1] = (unsigned char *) label;
+ MD5_len[1] = os_strlen(label);
+ MD5_addr[2] = seed;
+ MD5_len[2] = seed_len;
+
+ SHA1_addr[0] = A_SHA1;
+ SHA1_len[0] = SHA1_MAC_LEN;
+ SHA1_addr[1] = (unsigned char *) label;
+ SHA1_len[1] = os_strlen(label);
+ SHA1_addr[2] = seed;
+ SHA1_len[2] = seed_len;
+
+ /* RFC 2246, Chapter 5
+ * A(0) = seed, A(i) = HMAC(secret, A(i-1))
+ * P_hash = HMAC(secret, A(1) + seed) + HMAC(secret, A(2) + seed) + ..
+ * PRF = P_MD5(S1, label + seed) XOR P_SHA-1(S2, label + seed)
+ */
+
+ L_S1 = L_S2 = (secret_len + 1) / 2;
+ S1 = secret;
+ S2 = secret + L_S1;
+ if (secret_len & 1) {
+ /* The last byte of S1 will be shared with S2 */
+ S2--;
+ }
+
+ hmac_md5_vector(S1, L_S1, 2, &MD5_addr[1], &MD5_len[1], A_MD5);
+ hmac_sha1_vector(S2, L_S2, 2, &SHA1_addr[1], &SHA1_len[1], A_SHA1);
+
+ MD5_pos = MD5_MAC_LEN;
+ SHA1_pos = SHA1_MAC_LEN;
+ for (i = 0; i < outlen; i++) {
+ if (MD5_pos == MD5_MAC_LEN) {
+ hmac_md5_vector(S1, L_S1, 3, MD5_addr, MD5_len, P_MD5);
+ MD5_pos = 0;
+ hmac_md5(S1, L_S1, A_MD5, MD5_MAC_LEN, A_MD5);
+ }
+ if (SHA1_pos == SHA1_MAC_LEN) {
+ hmac_sha1_vector(S2, L_S2, 3, SHA1_addr, SHA1_len,
+ P_SHA1);
+ SHA1_pos = 0;
+ hmac_sha1(S2, L_S2, A_SHA1, SHA1_MAC_LEN, A_SHA1);
+ }
+
+ out[i] = P_MD5[MD5_pos] ^ P_SHA1[SHA1_pos];
+
+ MD5_pos++;
+ SHA1_pos++;
+ }
+
+ return 0;
+}
diff --git a/src/crypto/sha1.c b/src/crypto/sha1.c
index 27caf15..17e6e76 100644
--- a/src/crypto/sha1.c
+++ b/src/crypto/sha1.c
@@ -16,7 +16,6 @@
#include "common.h"
#include "sha1.h"
-#include "md5.h"
#include "crypto.h"
@@ -155,94 +154,6 @@ void sha1_prf(const u8 *key, size_t key_len, const char *label,
}
-#ifndef CONFIG_NO_TLS_PRF
-/**
- * tls_prf - Pseudo-Random Function for TLS (TLS-PRF, RFC 2246)
- * @secret: Key for PRF
- * @secret_len: Length of the key in bytes
- * @label: A unique label for each purpose of the PRF
- * @seed: Seed value to bind into the key
- * @seed_len: Length of the seed
- * @out: Buffer for the generated pseudo-random key
- * @outlen: Number of bytes of key to generate
- * Returns: 0 on success, -1 on failure.
- *
- * This function is used to derive new, cryptographically separate keys from a
- * given key in TLS. This PRF is defined in RFC 2246, Chapter 5.
- */
-int tls_prf(const u8 *secret, size_t secret_len, const char *label,
- const u8 *seed, size_t seed_len, u8 *out, size_t outlen)
-{
- size_t L_S1, L_S2, i;
- const u8 *S1, *S2;
- u8 A_MD5[MD5_MAC_LEN], A_SHA1[SHA1_MAC_LEN];
- u8 P_MD5[MD5_MAC_LEN], P_SHA1[SHA1_MAC_LEN];
- int MD5_pos, SHA1_pos;
- const u8 *MD5_addr[3];
- size_t MD5_len[3];
- const unsigned char *SHA1_addr[3];
- size_t SHA1_len[3];
-
- if (secret_len & 1)
- return -1;
-
- MD5_addr[0] = A_MD5;
- MD5_len[0] = MD5_MAC_LEN;
- MD5_addr[1] = (unsigned char *) label;
- MD5_len[1] = os_strlen(label);
- MD5_addr[2] = seed;
- MD5_len[2] = seed_len;
-
- SHA1_addr[0] = A_SHA1;
- SHA1_len[0] = SHA1_MAC_LEN;
- SHA1_addr[1] = (unsigned char *) label;
- SHA1_len[1] = os_strlen(label);
- SHA1_addr[2] = seed;
- SHA1_len[2] = seed_len;
-
- /* RFC 2246, Chapter 5
- * A(0) = seed, A(i) = HMAC(secret, A(i-1))
- * P_hash = HMAC(secret, A(1) + seed) + HMAC(secret, A(2) + seed) + ..
- * PRF = P_MD5(S1, label + seed) XOR P_SHA-1(S2, label + seed)
- */
-
- L_S1 = L_S2 = (secret_len + 1) / 2;
- S1 = secret;
- S2 = secret + L_S1;
- if (secret_len & 1) {
- /* The last byte of S1 will be shared with S2 */
- S2--;
- }
-
- hmac_md5_vector(S1, L_S1, 2, &MD5_addr[1], &MD5_len[1], A_MD5);
- hmac_sha1_vector(S2, L_S2, 2, &SHA1_addr[1], &SHA1_len[1], A_SHA1);
-
- MD5_pos = MD5_MAC_LEN;
- SHA1_pos = SHA1_MAC_LEN;
- for (i = 0; i < outlen; i++) {
- if (MD5_pos == MD5_MAC_LEN) {
- hmac_md5_vector(S1, L_S1, 3, MD5_addr, MD5_len, P_MD5);
- MD5_pos = 0;
- hmac_md5(S1, L_S1, A_MD5, MD5_MAC_LEN, A_MD5);
- }
- if (SHA1_pos == SHA1_MAC_LEN) {
- hmac_sha1_vector(S2, L_S2, 3, SHA1_addr, SHA1_len,
- P_SHA1);
- SHA1_pos = 0;
- hmac_sha1(S2, L_S2, A_SHA1, SHA1_MAC_LEN, A_SHA1);
- }
-
- out[i] = P_MD5[MD5_pos] ^ P_SHA1[SHA1_pos];
-
- MD5_pos++;
- SHA1_pos++;
- }
-
- return 0;
-}
-#endif /* CONFIG_NO_TLS_PRF */
-
-
#ifndef CONFIG_NO_PBKDF2
static void pbkdf2_sha1_f(const char *passphrase, const char *ssid,
diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index 4c2266f..58f4b41 100644
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1090,8 +1090,8 @@ ifdef NEED_T_PRF
SHA1OBJS += ../src/crypto/sha1-tprf.o
endif
-ifndef NEED_TLS_PRF
-CFLAGS += -DCONFIG_NO_TLS_PRF
+ifdef NEED_TLS_PRF
+SHA1OBJS += ../src/crypto/sha1-tlsprf.o
endif
ifdef NEED_BASE64