From 97ae35a8487cb696f4ca1bf6c51e8aebb805df1b Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 26 Jan 2015 00:37:18 +0200 Subject: [PATCH] Add HMAC-SHA384 For now, this is only implemented with OpenSSL. Signed-off-by: Jouni Malinen --- hostapd/Android.mk | 3 +++ hostapd/Makefile | 3 +++ src/crypto/crypto_openssl.c | 37 ++++++++++++++++++++++++++++++++++++- src/crypto/sha384.h | 19 +++++++++++++++++++ wpa_supplicant/Android.mk | 3 +++ wpa_supplicant/Makefile | 3 +++ 6 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 src/crypto/sha384.h diff --git a/hostapd/Android.mk b/hostapd/Android.mk index 4e6a36ee2..6767f3c8f 100644 --- a/hostapd/Android.mk +++ b/hostapd/Android.mk @@ -768,6 +768,9 @@ ifdef NEED_TLS_PRF_SHA256 OBJS += src/crypto/sha256-tlsprf.c endif endif +ifdef NEED_SHA384 +L_CFLAGS += -DCONFIG_SHA384 +endif ifdef NEED_DH_GROUPS OBJS += src/crypto/dh_groups.c diff --git a/hostapd/Makefile b/hostapd/Makefile index e231e744e..886cf2e02 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -764,6 +764,9 @@ ifdef NEED_HMAC_SHA256_KDF OBJS += ../src/crypto/sha256-kdf.o endif endif +ifdef NEED_SHA384 +CFLAGS += -DCONFIG_SHA384 +endif ifdef NEED_DH_GROUPS OBJS += ../src/crypto/dh_groups.o diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 8b2947236..f79055cfd 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -1,6 +1,6 @@ /* * Wrapper functions for OpenSSL libcrypto - * Copyright (c) 2004-2013, Jouni Malinen + * Copyright (c) 2004-2015, Jouni Malinen * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -28,6 +28,7 @@ #include "dh_group5.h" #include "sha1.h" #include "sha256.h" +#include "sha384.h" #include "crypto.h" #if OPENSSL_VERSION_NUMBER < 0x00907000 @@ -786,6 +787,40 @@ int hmac_sha256(const u8 *key, size_t key_len, const u8 *data, #endif /* CONFIG_SHA256 */ +#ifdef CONFIG_SHA384 + +int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) +{ + HMAC_CTX ctx; + size_t i; + unsigned int mdlen; + int res; + + HMAC_CTX_init(&ctx); + if (HMAC_Init_ex(&ctx, key, key_len, EVP_sha384(), NULL) != 1) + return -1; + + for (i = 0; i < num_elem; i++) + HMAC_Update(&ctx, addr[i], len[i]); + + mdlen = 32; + res = HMAC_Final(&ctx, mac, &mdlen); + HMAC_CTX_cleanup(&ctx); + + return res == 1 ? 0 : -1; +} + + +int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac) +{ + return hmac_sha384_vector(key, key_len, 1, &data, &data_len, mac); +} + +#endif /* CONFIG_SHA384 */ + + int crypto_get_random(void *buf, size_t len) { if (RAND_bytes(buf, len) != 1) diff --git a/src/crypto/sha384.h b/src/crypto/sha384.h new file mode 100644 index 000000000..e6a1fe41e --- /dev/null +++ b/src/crypto/sha384.h @@ -0,0 +1,19 @@ +/* + * SHA384 hash implementation and interface functions + * Copyright (c) 2015, Jouni Malinen + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef SHA384_H +#define SHA384_H + +#define SHA384_MAC_LEN 48 + +int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac); +int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, + size_t data_len, u8 *mac); + +#endif /* SHA384_H */ diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk index 512918ba8..ace198762 100644 --- a/wpa_supplicant/Android.mk +++ b/wpa_supplicant/Android.mk @@ -1237,6 +1237,9 @@ SHA256OBJS += src/crypto/sha256-kdf.c endif OBJS += $(SHA256OBJS) endif +ifdef NEED_SHA384 +L_CFLAGS += -DCONFIG_SHA384 +endif ifdef NEED_DH_GROUPS OBJS += src/crypto/dh_groups.c diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile index 9e1ffc890..81b4df047 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -1250,6 +1250,9 @@ OBJS += ../src/crypto/sha256-kdf.o endif OBJS += $(SHA256OBJS) endif +ifdef NEED_SHA384 +CFLAGS += -DCONFIG_SHA384 +endif ifdef NEED_DH_GROUPS OBJS += ../src/crypto/dh_groups.o