Crypto build cleanup: remove NEED_FIPS186_2_PRF

Instead of using a define and conditional building of crypto wrapper
parts, move the FIPS 186-2 PRF implementation into separate files.
This commit is contained in:
Johannes Berg 2009-08-11 20:06:23 +03:00 committed by Jouni Malinen
parent ad01a5315e
commit 05edfe2994
8 changed files with 210 additions and 142 deletions

View file

@ -485,12 +485,22 @@ ifeq ($(CONFIG_TLS), openssl)
OBJS += ../src/crypto/crypto_openssl.o OBJS += ../src/crypto/crypto_openssl.o
OBJS_p += ../src/crypto/crypto_openssl.o OBJS_p += ../src/crypto/crypto_openssl.o
HOBJS += ../src/crypto/crypto_openssl.o HOBJS += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o
OBJS_p += ../src/crypto/fips_prf_openssl.o
HOBJS += ../src/crypto/fips_prf_openssl.o
endif
CONFIG_INTERNAL_SHA256=y CONFIG_INTERNAL_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), gnutls) ifeq ($(CONFIG_TLS), gnutls)
OBJS += ../src/crypto/crypto_gnutls.o OBJS += ../src/crypto/crypto_gnutls.o
OBJS_p += ../src/crypto/crypto_gnutls.o OBJS_p += ../src/crypto/crypto_gnutls.o
HOBJS += ../src/crypto/crypto_gnutls.o HOBJS += ../src/crypto/crypto_gnutls.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_gnutls.o
OBJS_p += ../src/crypto/fips_prf_gnutls.o
HOBJS += ../src/crypto/fips_prf_gnutls.o
endif
CONFIG_INTERNAL_SHA256=y CONFIG_INTERNAL_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), internal) ifeq ($(CONFIG_TLS), internal)
@ -532,6 +542,9 @@ AESOBJS += ../src/crypto/aes-internal.o
endif endif
ifdef CONFIG_INTERNAL_SHA1 ifdef CONFIG_INTERNAL_SHA1
OBJS += ../src/crypto/sha1-internal.o OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_internal.o
endif
endif endif
ifdef CONFIG_INTERNAL_MD5 ifdef CONFIG_INTERNAL_MD5
OBJS += ../src/crypto/md5-internal.o OBJS += ../src/crypto/md5-internal.o
@ -554,10 +567,6 @@ ifdef NEED_DH_GROUPS
OBJS += ../src/crypto/dh_groups.o OBJS += ../src/crypto/dh_groups.o
endif endif
ifndef NEED_FIPS186_2_PRF
CFLAGS += -DCONFIG_NO_FIPS186_2_PRF
endif
ifndef NEED_T_PRF ifndef NEED_T_PRF
CFLAGS += -DCONFIG_NO_T_PRF CFLAGS += -DCONFIG_NO_T_PRF
endif endif

View file

@ -91,15 +91,6 @@ void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
} }
#ifndef CONFIG_NO_FIPS186_2_PRF
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
{
/* FIX: how to do this with libgcrypt? */
return -1;
}
#endif /* CONFIG_NO_FIPS186_2_PRF */
void * aes_encrypt_init(const u8 *key, size_t len) void * aes_encrypt_init(const u8 *key, size_t len)
{ {
gcry_cipher_hd_t hd; gcry_cipher_hd_t hd;

View file

@ -90,73 +90,6 @@ void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
SHA1_Final(mac, &ctx); SHA1_Final(mac, &ctx);
} }
#ifndef CONFIG_NO_FIPS186_2_PRF
static void sha1_transform(u8 *state, const u8 data[64])
{
SHA_CTX context;
os_memset(&context, 0, sizeof(context));
os_memcpy(&context.h0, state, 5 * 4);
SHA1_Transform(&context, data);
os_memcpy(state, &context.h0, 5 * 4);
}
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
{
u8 xkey[64];
u32 t[5], _t[5];
int i, j, m, k;
u8 *xpos = x;
u32 carry;
if (seed_len > sizeof(xkey))
seed_len = sizeof(xkey);
/* FIPS 186-2 + change notice 1 */
os_memcpy(xkey, seed, seed_len);
os_memset(xkey + seed_len, 0, 64 - seed_len);
t[0] = 0x67452301;
t[1] = 0xEFCDAB89;
t[2] = 0x98BADCFE;
t[3] = 0x10325476;
t[4] = 0xC3D2E1F0;
m = xlen / 40;
for (j = 0; j < m; j++) {
/* XSEED_j = 0 */
for (i = 0; i < 2; i++) {
/* XVAL = (XKEY + XSEED_j) mod 2^b */
/* w_i = G(t, XVAL) */
os_memcpy(_t, t, 20);
sha1_transform((u8 *) _t, xkey);
_t[0] = host_to_be32(_t[0]);
_t[1] = host_to_be32(_t[1]);
_t[2] = host_to_be32(_t[2]);
_t[3] = host_to_be32(_t[3]);
_t[4] = host_to_be32(_t[4]);
os_memcpy(xpos, _t, 20);
/* XKEY = (1 + XKEY + w_i) mod 2^b */
carry = 1;
for (k = 19; k >= 0; k--) {
carry += xkey[k] + xpos[k];
xkey[k] = carry & 0xff;
carry >>= 8;
}
xpos += 20;
}
/* x_j = w_0|w_1 */
}
return 0;
}
#endif /* CONFIG_NO_FIPS186_2_PRF */
void * aes_encrypt_init(const u8 *key, size_t len) void * aes_encrypt_init(const u8 *key, size_t len)
{ {
AES_KEY *ak; AES_KEY *ak;

View file

@ -0,0 +1,26 @@
/*
* FIPS 186-2 PRF for libgcrypt
* Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#include "includes.h"
#include <gcrypt.h>
#include "common.h"
#include "crypto.h"
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
{
/* FIX: how to do this with libgcrypt? */
return -1;
}

View file

@ -0,0 +1,75 @@
/*
* FIPS 186-2 PRF for internal crypto implementation
* Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#include "includes.h"
#include "common.h"
#include "sha1.h"
#include "crypto.h"
void SHA1Transform(u32 state[5], const unsigned char buffer[64]);
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
{
u8 xkey[64];
u32 t[5], _t[5];
int i, j, m, k;
u8 *xpos = x;
u32 carry;
if (seed_len > sizeof(xkey))
seed_len = sizeof(xkey);
/* FIPS 186-2 + change notice 1 */
os_memcpy(xkey, seed, seed_len);
os_memset(xkey + seed_len, 0, 64 - seed_len);
t[0] = 0x67452301;
t[1] = 0xEFCDAB89;
t[2] = 0x98BADCFE;
t[3] = 0x10325476;
t[4] = 0xC3D2E1F0;
m = xlen / 40;
for (j = 0; j < m; j++) {
/* XSEED_j = 0 */
for (i = 0; i < 2; i++) {
/* XVAL = (XKEY + XSEED_j) mod 2^b */
/* w_i = G(t, XVAL) */
os_memcpy(_t, t, 20);
SHA1Transform(_t, xkey);
_t[0] = host_to_be32(_t[0]);
_t[1] = host_to_be32(_t[1]);
_t[2] = host_to_be32(_t[2]);
_t[3] = host_to_be32(_t[3]);
_t[4] = host_to_be32(_t[4]);
os_memcpy(xpos, _t, 20);
/* XKEY = (1 + XKEY + w_i) mod 2^b */
carry = 1;
for (k = 19; k >= 0; k--) {
carry += xkey[k] + xpos[k];
xkey[k] = carry & 0xff;
carry >>= 8;
}
xpos += SHA1_MAC_LEN;
}
/* x_j = w_0|w_1 */
}
return 0;
}

View file

@ -0,0 +1,83 @@
/*
* FIPS 186-2 PRF for libcrypto
* Copyright (c) 2004-2005, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#include "includes.h"
#include <openssl/sha.h>
#include "common.h"
#include "crypto.h"
static void sha1_transform(u8 *state, const u8 data[64])
{
SHA_CTX context;
os_memset(&context, 0, sizeof(context));
os_memcpy(&context.h0, state, 5 * 4);
SHA1_Transform(&context, data);
os_memcpy(state, &context.h0, 5 * 4);
}
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
{
u8 xkey[64];
u32 t[5], _t[5];
int i, j, m, k;
u8 *xpos = x;
u32 carry;
if (seed_len > sizeof(xkey))
seed_len = sizeof(xkey);
/* FIPS 186-2 + change notice 1 */
os_memcpy(xkey, seed, seed_len);
os_memset(xkey + seed_len, 0, 64 - seed_len);
t[0] = 0x67452301;
t[1] = 0xEFCDAB89;
t[2] = 0x98BADCFE;
t[3] = 0x10325476;
t[4] = 0xC3D2E1F0;
m = xlen / 40;
for (j = 0; j < m; j++) {
/* XSEED_j = 0 */
for (i = 0; i < 2; i++) {
/* XVAL = (XKEY + XSEED_j) mod 2^b */
/* w_i = G(t, XVAL) */
os_memcpy(_t, t, 20);
sha1_transform((u8 *) _t, xkey);
_t[0] = host_to_be32(_t[0]);
_t[1] = host_to_be32(_t[1]);
_t[2] = host_to_be32(_t[2]);
_t[3] = host_to_be32(_t[3]);
_t[4] = host_to_be32(_t[4]);
os_memcpy(xpos, _t, 20);
/* XKEY = (1 + XKEY + w_i) mod 2^b */
carry = 1;
for (k = 19; k >= 0; k--) {
carry += xkey[k] + xpos[k];
xkey[k] = carry & 0xff;
carry >>= 8;
}
xpos += 20;
}
/* x_j = w_0|w_1 */
}
return 0;
}

View file

@ -32,7 +32,7 @@ static void SHA1Init(struct SHA1Context *context);
static void SHA1Update(struct SHA1Context *context, const void *data, u32 len); static void SHA1Update(struct SHA1Context *context, const void *data, u32 len);
static void SHA1Final(unsigned char digest[20], struct SHA1Context *context); static void SHA1Final(unsigned char digest[20], struct SHA1Context *context);
#endif /* CONFIG_CRYPTO_INTERNAL */ #endif /* CONFIG_CRYPTO_INTERNAL */
static void SHA1Transform(u32 state[5], const unsigned char buffer[64]); void SHA1Transform(u32 state[5], const unsigned char buffer[64]);
/** /**
@ -55,62 +55,6 @@ void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len,
} }
#ifndef CONFIG_NO_FIPS186_2_PRF
int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
{
u8 xkey[64];
u32 t[5], _t[5];
int i, j, m, k;
u8 *xpos = x;
u32 carry;
if (seed_len > sizeof(xkey))
seed_len = sizeof(xkey);
/* FIPS 186-2 + change notice 1 */
os_memcpy(xkey, seed, seed_len);
os_memset(xkey + seed_len, 0, 64 - seed_len);
t[0] = 0x67452301;
t[1] = 0xEFCDAB89;
t[2] = 0x98BADCFE;
t[3] = 0x10325476;
t[4] = 0xC3D2E1F0;
m = xlen / 40;
for (j = 0; j < m; j++) {
/* XSEED_j = 0 */
for (i = 0; i < 2; i++) {
/* XVAL = (XKEY + XSEED_j) mod 2^b */
/* w_i = G(t, XVAL) */
os_memcpy(_t, t, 20);
SHA1Transform(_t, xkey);
_t[0] = host_to_be32(_t[0]);
_t[1] = host_to_be32(_t[1]);
_t[2] = host_to_be32(_t[2]);
_t[3] = host_to_be32(_t[3]);
_t[4] = host_to_be32(_t[4]);
os_memcpy(xpos, _t, 20);
/* XKEY = (1 + XKEY + w_i) mod 2^b */
carry = 1;
for (k = 19; k >= 0; k--) {
carry += xkey[k] + xpos[k];
xkey[k] = carry & 0xff;
carry >>= 8;
}
xpos += SHA1_MAC_LEN;
}
/* x_j = w_0|w_1 */
}
return 0;
}
#endif /* CONFIG_NO_FIPS186_2_PRF */
/* ===== start - public domain SHA1 implementation ===== */ /* ===== start - public domain SHA1 implementation ===== */
/* /*
@ -239,7 +183,7 @@ void SHAPrintContext(SHA1_CTX *context, char *msg)
/* Hash a single 512-bit block. This is the core of the algorithm. */ /* Hash a single 512-bit block. This is the core of the algorithm. */
static void SHA1Transform(u32 state[5], const unsigned char buffer[64]) void SHA1Transform(u32 state[5], const unsigned char buffer[64])
{ {
u32 a, b, c, d, e; u32 a, b, c, d, e;
typedef union { typedef union {

View file

@ -845,11 +845,19 @@ endif
ifeq ($(CONFIG_TLS), openssl) ifeq ($(CONFIG_TLS), openssl)
OBJS += ../src/crypto/crypto_openssl.o OBJS += ../src/crypto/crypto_openssl.o
OBJS_p += ../src/crypto/crypto_openssl.o OBJS_p += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o
OBJS_p += ../src/crypto/fips_prf_openssl.o
endif
CONFIG_INTERNAL_SHA256=y CONFIG_INTERNAL_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), gnutls) ifeq ($(CONFIG_TLS), gnutls)
OBJS += ../src/crypto/crypto_gnutls.o OBJS += ../src/crypto/crypto_gnutls.o
OBJS_p += ../src/crypto/crypto_gnutls.o OBJS_p += ../src/crypto/crypto_gnutls.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_gnutls.o
OBJS_p += ../src/crypto/fips_prf_gnutls.o
endif
CONFIG_INTERNAL_SHA256=y CONFIG_INTERNAL_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), schannel) ifeq ($(CONFIG_TLS), schannel)
@ -906,6 +914,9 @@ AESOBJS += ../src/crypto/aes-internal.o
endif endif
ifdef CONFIG_INTERNAL_SHA1 ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
SHA1OBJS += ../src/crypto/fips_prf_internal.o
endif
endif endif
ifdef CONFIG_INTERNAL_MD5 ifdef CONFIG_INTERNAL_MD5
MD5OBJS += ../src/crypto/md5-internal.o MD5OBJS += ../src/crypto/md5-internal.o
@ -1075,10 +1086,6 @@ ifdef NEED_DH_GROUPS
OBJS += ../src/crypto/dh_groups.o OBJS += ../src/crypto/dh_groups.o
endif endif
ifndef NEED_FIPS186_2_PRF
CFLAGS += -DCONFIG_NO_FIPS186_2_PRF
endif
ifndef NEED_T_PRF ifndef NEED_T_PRF
CFLAGS += -DCONFIG_NO_T_PRF CFLAGS += -DCONFIG_NO_T_PRF
endif endif