X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=bertos%2Fsec%2Fkdf%2Fpbkdf2.c;fp=bertos%2Fsec%2Fkdf%2Fpbkdf2.c;h=e3d1f5f823aa7596d2120eefd74324845066d124;hb=5b8a5d2a4459f7f1a500e56a12fd39acb2bb04fc;hp=0000000000000000000000000000000000000000;hpb=4ec9559a050632e54a74bb9179c2efe56e926070;p=bertos.git

diff --git a/bertos/sec/kdf/pbkdf2.c b/bertos/sec/kdf/pbkdf2.c
new file mode 100644
index 00000000..e3d1f5f8
--- /dev/null
+++ b/bertos/sec/kdf/pbkdf2.c
@@ -0,0 +1,113 @@
+/**
+ * \file
+ * <!--
+ * This file is part of BeRTOS.
+ *
+ * Bertos is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * As a special exception, you may use this file as part of a free software
+ * library without restriction.  Specifically, if other files instantiate
+ * templates or use macros or inline functions from this file, or you compile
+ * this file and link it with other files to produce an executable, this
+ * file does not by itself cause the resulting executable to be covered by
+ * the GNU General Public License.  This exception does not however
+ * invalidate any other reasons why the executable file might be covered by
+ * the GNU General Public License.
+ *
+ * Copyright 2010 Develer S.r.l. (http://www.develer.com/)
+ *
+ * -->
+ *
+ * \brief PBKDF2 implementation
+ * \author Giovanni Bajo <rasky@develer.com>
+ * 
+ */
+
+#include "pbkdf2.h"
+#include <cpu/byteorder.h>
+#include <sec/util.h>
+#include <cfg/debug.h>
+
+static void PBKDF2_begin(Kdf *ctx_, const char *pwd, size_t pwd_len,
+					     const uint8_t *salt, size_t salt_len)
+{
+	PBKDF2_Context *ctx = (PBKDF2_Context*)ctx_;
+	
+	ASSERT(sizeof(ctx->salt) >= salt_len);
+	
+	mac_set_key(ctx->mac, (const uint8_t*)pwd, pwd_len);
+	ctx->salt_len = salt_len;
+	memcpy(ctx->salt, salt, salt_len);
+	ctx->c = 0;
+	ctx->kdf.to_read = 0;
+	ctx->kdf.block = NULL;
+}
+
+static void PBKDF2_next(Kdf *ctx_)
+{
+	PBKDF2_Context *ctx = (PBKDF2_Context*)ctx_;
+	int dlen = mac_digest_len(ctx->mac);
+	uint8_t last[dlen];
+	
+	++ctx->c;
+	uint32_t bec = cpu_to_be32(ctx->c);
+	
+	mac_begin(ctx->mac);
+	mac_update(ctx->mac, ctx->salt, ctx->salt_len);
+	mac_update(ctx->mac, &bec, 4);
+	memcpy(last, mac_final(ctx->mac), dlen);
+	memcpy(ctx->block, last, dlen);
+	
+	for (uint32_t i=0; i<ctx->iterations-1; ++i)
+	{
+		mac_begin(ctx->mac);
+		mac_update(ctx->mac, last, dlen);
+		memcpy(last, mac_final(ctx->mac), dlen);
+		xor_block(ctx->block, ctx->block, last, dlen);
+	}
+
+	ctx->kdf.to_read = dlen;
+	ctx->kdf.block = ctx->block;
+	
+	PURGE(last);
+}
+
+
+/**********************************************************************/
+
+// Default iteration count. The RFC does not specify a "good" default
+// value; it just says that this should be a high value to slow down
+// computations. Since slowing down is not much of a concern for an
+// embedded system, we settle for a value which is not too big.
+#define PBKDF2_DEFAULT_ITERATIONS      100
+
+
+void PBKDF2_init(PBKDF2_Context *ctx, Mac *mac)
+{
+	ctx->salt_len = 0;
+	ctx->mac = mac;
+	ctx->iterations = PBKDF2_DEFAULT_ITERATIONS;
+	ctx->kdf.begin = PBKDF2_begin;
+	ctx->kdf.next = PBKDF2_next;
+	ctx->kdf.block_len = mac_digest_len(mac);
+	ASSERT(ctx->kdf.block_len <= sizeof(ctx->block));
+}
+
+void PBKDF2_set_iterations(Kdf *ctx_, uint32_t iterations)
+{
+	PBKDF2_Context *ctx = (PBKDF2_Context*)ctx_;
+	ctx->iterations = iterations;
+}
+