Crypto build cleanup: remove CONFIG_NO_T_PRF

Instead of using a define and conditional building of sha1.c parts,
move the T-PRF implementation into a separate file.
This commit is contained in:
Johannes Berg 2009-08-11 20:19:37 +03:00 committed by Jouni Malinen
parent 05edfe2994
commit 6f693b5d0b
4 changed files with 83 additions and 67 deletions

View file

@ -38,6 +38,8 @@ CFLAGS += -DCONFIG_NATIVE_WINDOWS
LIBS += -lws2_32
endif
SHA1OBJS = ../src/crypto/sha1.o
OBJS = hostapd.o main.o ieee802_1x.o eapol_sm.o \
config.o ieee802_11_auth.o \
sta_info.o wpa.o \
@ -88,7 +90,6 @@ endif
OBJS += ../src/crypto/md5.o
OBJS += ../src/crypto/rc4.o
OBJS += ../src/crypto/sha1.o
AESOBJS = ../src/crypto/aes_wrap.o
@ -541,9 +542,9 @@ ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal.o
endif
ifdef CONFIG_INTERNAL_SHA1
OBJS += ../src/crypto/sha1-internal.o
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_internal.o
SHA1OBJS += ../src/crypto/fips_prf_internal.o
endif
endif
ifdef CONFIG_INTERNAL_MD5
@ -567,8 +568,8 @@ ifdef NEED_DH_GROUPS
OBJS += ../src/crypto/dh_groups.o
endif
ifndef NEED_T_PRF
CFLAGS += -DCONFIG_NO_T_PRF
ifdef NEED_T_PRF
SHA1OBJS += ../src/crypto/sha1-tprf.o
endif
ifndef NEED_TLS_PRF
@ -616,6 +617,8 @@ CFLAGS += -DCONFIG_NO_AES_DECRYPT
CFLAGS += -DCONFIG_NO_AES_ENCRYPT_BLOCK
endif
OBJS += $(SHA1OBJS)
ALL=hostapd hostapd_cli
all: verify_config $(ALL)
@ -650,10 +653,7 @@ OBJS_c = hostapd_cli.o ../src/common/wpa_ctrl.o ../src/utils/os_$(CONFIG_OS).o
hostapd_cli: $(OBJS_c)
$(CC) -o hostapd_cli $(OBJS_c)
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o ../src/crypto/sha1.o ../src/crypto/rc4.o ../src/crypto/md5.o
ifdef CONFIG_INTERNAL_SHA1
NOBJS += ../src/crypto/sha1-internal.o
endif
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) ../src/crypto/rc4.o ../src/crypto/md5.o
ifdef CONFIG_INTERNAL_MD5
NOBJS += ../src/crypto/md5-internal.o
endif

72
src/crypto/sha1-tprf.c Normal file
View file

@ -0,0 +1,72 @@
/*
* SHA1 T-PRF for EAP-FAST
* Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#include "includes.h"
#include "common.h"
#include "sha1.h"
#include "crypto.h"
/**
* sha1_t_prf - EAP-FAST Pseudo-Random Function (T-PRF)
* @key: Key for PRF
* @key_len: Length of the key in bytes
* @label: A unique label for each purpose of the PRF
* @seed: Seed value to bind into the key
* @seed_len: Length of the seed
* @buf: Buffer for the generated pseudo-random key
* @buf_len: Number of bytes of key to generate
*
* This function is used to derive new, cryptographically separate keys from a
* given key for EAP-FAST. T-PRF is defined in RFC 4851, Section 5.5.
*/
void sha1_t_prf(const u8 *key, size_t key_len, const char *label,
const u8 *seed, size_t seed_len, u8 *buf, size_t buf_len)
{
unsigned char counter = 0;
size_t pos, plen;
u8 hash[SHA1_MAC_LEN];
size_t label_len = os_strlen(label);
u8 output_len[2];
const unsigned char *addr[5];
size_t len[5];
addr[0] = hash;
len[0] = 0;
addr[1] = (unsigned char *) label;
len[1] = label_len + 1;
addr[2] = seed;
len[2] = seed_len;
addr[3] = output_len;
len[3] = 2;
addr[4] = &counter;
len[4] = 1;
output_len[0] = (buf_len >> 8) & 0xff;
output_len[1] = buf_len & 0xff;
pos = 0;
while (pos < buf_len) {
counter++;
plen = buf_len - pos;
hmac_sha1_vector(key, key_len, 5, addr, len, hash);
if (plen >= SHA1_MAC_LEN) {
os_memcpy(&buf[pos], hash, SHA1_MAC_LEN);
pos += SHA1_MAC_LEN;
} else {
os_memcpy(&buf[pos], hash, plen);
break;
}
len[0] = SHA1_MAC_LEN;
}
}

View file

@ -155,62 +155,6 @@ void sha1_prf(const u8 *key, size_t key_len, const char *label,
}
#ifndef CONFIG_NO_T_PRF
/**
* sha1_t_prf - EAP-FAST Pseudo-Random Function (T-PRF)
* @key: Key for PRF
* @key_len: Length of the key in bytes
* @label: A unique label for each purpose of the PRF
* @seed: Seed value to bind into the key
* @seed_len: Length of the seed
* @buf: Buffer for the generated pseudo-random key
* @buf_len: Number of bytes of key to generate
*
* This function is used to derive new, cryptographically separate keys from a
* given key for EAP-FAST. T-PRF is defined in RFC 4851, Section 5.5.
*/
void sha1_t_prf(const u8 *key, size_t key_len, const char *label,
const u8 *seed, size_t seed_len, u8 *buf, size_t buf_len)
{
unsigned char counter = 0;
size_t pos, plen;
u8 hash[SHA1_MAC_LEN];
size_t label_len = os_strlen(label);
u8 output_len[2];
const unsigned char *addr[5];
size_t len[5];
addr[0] = hash;
len[0] = 0;
addr[1] = (unsigned char *) label;
len[1] = label_len + 1;
addr[2] = seed;
len[2] = seed_len;
addr[3] = output_len;
len[3] = 2;
addr[4] = &counter;
len[4] = 1;
output_len[0] = (buf_len >> 8) & 0xff;
output_len[1] = buf_len & 0xff;
pos = 0;
while (pos < buf_len) {
counter++;
plen = buf_len - pos;
hmac_sha1_vector(key, key_len, 5, addr, len, hash);
if (plen >= SHA1_MAC_LEN) {
os_memcpy(&buf[pos], hash, SHA1_MAC_LEN);
pos += SHA1_MAC_LEN;
} else {
os_memcpy(&buf[pos], hash, plen);
break;
}
len[0] = SHA1_MAC_LEN;
}
}
#endif /* CONFIG_NO_T_PRF */
#ifndef CONFIG_NO_TLS_PRF
/**
* tls_prf - Pseudo-Random Function for TLS (TLS-PRF, RFC 2246)

View file

@ -1086,8 +1086,8 @@ ifdef NEED_DH_GROUPS
OBJS += ../src/crypto/dh_groups.o
endif
ifndef NEED_T_PRF
CFLAGS += -DCONFIG_NO_T_PRF
ifdef NEED_T_PRF
SHA1OBJS += ../src/crypto/sha1-tprf.o
endif
ifndef NEED_TLS_PRF