--- /dev/null
+/**
+ * \file
+ * <!--
+ * This file is part of BeRTOS.
+ *
+ * Bertos is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * As a special exception, you may use this file as part of a free software
+ * library without restriction. Specifically, if other files instantiate
+ * templates or use macros or inline functions from this file, or you compile
+ * this file and link it with other files to produce an executable, this
+ * file does not by itself cause the resulting executable to be covered by
+ * the GNU General Public License. This exception does not however
+ * invalidate any other reasons why the executable file might be covered by
+ * the GNU General Public License.
+ *
+ * Copyright 2010 Develer S.r.l. (http://www.develer.com/)
+ *
+ * -->
+ *
+ * \brief PBKDF1 implementation
+ * \author Giovanni Bajo <rasky@develer.com>
+ *
+ */
+
+#include "pbkdf1.h"
+#include <sec/hash.h>
+#include <sec/util.h>
+
+
+static void PBKDF1_begin(Kdf *ctx_, const char *pwd, size_t pwd_len,
+ const uint8_t *salt, size_t salt_len)
+{
+ PBKDF1_Context *ctx = (PBKDF1_Context *)ctx_;
+
+ hash_begin(ctx->hash);
+ hash_update(ctx->hash, pwd, pwd_len);
+ hash_update(ctx->hash, salt, salt_len);
+
+ ctx->kdf.to_read = 0;
+ ctx->kdf.block = NULL;
+}
+
+static void PBKDF1_next(Kdf *ctx_)
+{
+ PBKDF1_Context *ctx = (PBKDF1_Context *)ctx_;
+
+ // PBKDF1 will generate only one block of data (whose len depends
+ // on the underlying hash function). After that, the generation stops
+ // with an ASSERT. If you use PKBDF1, you are supposed to be aware
+ // of this limit while designing your algorithm.
+ ASSERT(ctx->kdf.block == NULL);
+
+ int hlen = hash_digest_len(ctx->hash);
+ uint8_t temp[hlen];
+ uint8_t *final = hash_final(ctx->hash);
+
+ for (uint32_t i=0; i<ctx->iterations-1; i++)
+ {
+ memcpy(temp, final, hlen);
+ hash_begin(ctx->hash);
+ hash_update(ctx->hash, temp, hlen);
+ final = hash_final(ctx->hash);
+ }
+
+ PURGE(temp);
+
+ ctx->kdf.to_read = ctx->kdf.block_len;
+ ctx->kdf.block = final;
+}
+
+/**********************************************************************/
+
+// Default iteration count. The RFC does not specify a "good" default
+// value; it just says that this should be a high value to slow down
+// computations. Since slowing down is not much of a concern for an
+// embedded system, we settle for a value which is not too big.
+#define PBKDF1_DEFAULT_ITERATIONS 100
+
+
+void PBKDF1_init(PBKDF1_Context *ctx, Hash *h)
+{
+ ctx->hash = h;
+ ctx->iterations = PBKDF1_DEFAULT_ITERATIONS;
+ ctx->kdf.begin = PBKDF1_begin;
+ ctx->kdf.next = PBKDF1_next;
+ ctx->kdf.block_len = hash_digest_len(h);
+}
+
+void PBKDF1_set_iterations(Kdf *ctx_, uint32_t iterations)
+{
+ PBKDF1_Context *ctx = (PBKDF1_Context *)ctx_;
+ ctx->iterations = iterations;
+}
--- /dev/null
+/**
+ * \file
+ * <!--
+ * This file is part of BeRTOS.
+ *
+ * Bertos is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * As a special exception, you may use this file as part of a free software
+ * library without restriction. Specifically, if other files instantiate
+ * templates or use macros or inline functions from this file, or you compile
+ * this file and link it with other files to produce an executable, this
+ * file does not by itself cause the resulting executable to be covered by
+ * the GNU General Public License. This exception does not however
+ * invalidate any other reasons why the executable file might be covered by
+ * the GNU General Public License.
+ *
+ * Copyright 2010 Develer S.r.l. (http://www.develer.com/)
+ *
+ * -->
+ *
+ * \brief PBKDF1 implementation
+ * \author Giovanni Bajo <rasky@develer.com>
+ *
+ */
+
+#ifndef SEC_KDF_PBKDF1_H
+#define SEC_KDF_PBKDF1_H
+
+#include <sec/kdf.h>
+#include <sec/hash.h>
+
+typedef struct
+{
+ Kdf kdf;
+ Hash *hash;
+ uint32_t iterations;
+} PBKDF1_Context;
+
+void PBKDF1_init(PBKDF1_Context *ctx, Hash *h);
+void PBKDF1_set_iterations(Kdf *kdf, uint32_t iterations);
+
+#define PBKDF1_stackinit(...) \
+ ({ PBKDF1_Context *ctx = alloca(sizeof(PBKDF1_Context)); PBKDF1_init(ctx , ##__VA_ARGS__); &ctx->kdf; })
+
+int PBKDF1_testSetup(void);
+int PBKDF1_testRun(void);
+int PBKDF1_testTearDown(void);
+
+#endif /* SEC_KDF_PBKDF1_H */
--- /dev/null
+#include <string.h>
+#include <cpu/detect.h>
+#include <cfg/test.h>
+#include <cfg/debug.h>
+#include <sec/mac/hmac.h>
+#include <sec/hash/sha1.h>
+#include <sec/kdf/PBKDF1.h>
+
+int PBKDF1_testSetup(void)
+{
+ kdbg_init();
+ return 0;
+}
+
+int PBKDF1_testTearDown(void)
+{
+ return 0;
+}
+
+int PBKDF1_testRun(void)
+{
+ Kdf *kdf = PBKDF1_stackinit(SHA1_stackinit());
+
+ uint8_t res[16];
+
+ PBKDF1_set_iterations(kdf, 1000);
+ kdf_begin(kdf, "password", 8, (const uint8_t*)"\x78\x57\x8E\x5A\x5D\x63\xCB\x06", 8);
+ kdf_read(kdf, res, 16);
+ ASSERT(memcmp(res, "\xDC\x19\x84\x7E\x05\xC6\x4D\x2F\xAF\x10\xEB\xFB\x4A\x3D\x2A\x20", 16) == 0);
+
+ return 0;
+}
+
+TEST_MAIN(PBKDF1);
--- /dev/null
+/**
+ * \file
+ * <!--
+ * This file is part of BeRTOS.
+ *
+ * Bertos is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * As a special exception, you may use this file as part of a free software
+ * library without restriction. Specifically, if other files instantiate
+ * templates or use macros or inline functions from this file, or you compile
+ * this file and link it with other files to produce an executable, this
+ * file does not by itself cause the resulting executable to be covered by
+ * the GNU General Public License. This exception does not however
+ * invalidate any other reasons why the executable file might be covered by
+ * the GNU General Public License.
+ *
+ * Copyright 2010 Develer S.r.l. (http://www.develer.com/)
+ *
+ * -->
+ *
+ * \brief PBKDF2 implementation
+ * \author Giovanni Bajo <rasky@develer.com>
+ *
+ */
+
+#include "pbkdf2.h"
+#include <cpu/byteorder.h>
+#include <sec/util.h>
+#include <cfg/debug.h>
+
+static void PBKDF2_begin(Kdf *ctx_, const char *pwd, size_t pwd_len,
+ const uint8_t *salt, size_t salt_len)
+{
+ PBKDF2_Context *ctx = (PBKDF2_Context*)ctx_;
+
+ ASSERT(sizeof(ctx->salt) >= salt_len);
+
+ mac_set_key(ctx->mac, (const uint8_t*)pwd, pwd_len);
+ ctx->salt_len = salt_len;
+ memcpy(ctx->salt, salt, salt_len);
+ ctx->c = 0;
+ ctx->kdf.to_read = 0;
+ ctx->kdf.block = NULL;
+}
+
+static void PBKDF2_next(Kdf *ctx_)
+{
+ PBKDF2_Context *ctx = (PBKDF2_Context*)ctx_;
+ int dlen = mac_digest_len(ctx->mac);
+ uint8_t last[dlen];
+
+ ++ctx->c;
+ uint32_t bec = cpu_to_be32(ctx->c);
+
+ mac_begin(ctx->mac);
+ mac_update(ctx->mac, ctx->salt, ctx->salt_len);
+ mac_update(ctx->mac, &bec, 4);
+ memcpy(last, mac_final(ctx->mac), dlen);
+ memcpy(ctx->block, last, dlen);
+
+ for (uint32_t i=0; i<ctx->iterations-1; ++i)
+ {
+ mac_begin(ctx->mac);
+ mac_update(ctx->mac, last, dlen);
+ memcpy(last, mac_final(ctx->mac), dlen);
+ xor_block(ctx->block, ctx->block, last, dlen);
+ }
+
+ ctx->kdf.to_read = dlen;
+ ctx->kdf.block = ctx->block;
+
+ PURGE(last);
+}
+
+
+/**********************************************************************/
+
+// Default iteration count. The RFC does not specify a "good" default
+// value; it just says that this should be a high value to slow down
+// computations. Since slowing down is not much of a concern for an
+// embedded system, we settle for a value which is not too big.
+#define PBKDF2_DEFAULT_ITERATIONS 100
+
+
+void PBKDF2_init(PBKDF2_Context *ctx, Mac *mac)
+{
+ ctx->salt_len = 0;
+ ctx->mac = mac;
+ ctx->iterations = PBKDF2_DEFAULT_ITERATIONS;
+ ctx->kdf.begin = PBKDF2_begin;
+ ctx->kdf.next = PBKDF2_next;
+ ctx->kdf.block_len = mac_digest_len(mac);
+ ASSERT(ctx->kdf.block_len <= sizeof(ctx->block));
+}
+
+void PBKDF2_set_iterations(Kdf *ctx_, uint32_t iterations)
+{
+ PBKDF2_Context *ctx = (PBKDF2_Context*)ctx_;
+ ctx->iterations = iterations;
+}
+
--- /dev/null
+/**
+ * \file
+ * <!--
+ * This file is part of BeRTOS.
+ *
+ * Bertos is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * As a special exception, you may use this file as part of a free software
+ * library without restriction. Specifically, if other files instantiate
+ * templates or use macros or inline functions from this file, or you compile
+ * this file and link it with other files to produce an executable, this
+ * file does not by itself cause the resulting executable to be covered by
+ * the GNU General Public License. This exception does not however
+ * invalidate any other reasons why the executable file might be covered by
+ * the GNU General Public License.
+ *
+ * Copyright 2010 Develer S.r.l. (http://www.develer.com/)
+ *
+ * -->
+ *
+ * \brief PBKDF2 implementation
+ * \author Giovanni Bajo <rasky@develer.com>
+ *
+ */
+
+#ifndef SEC_KDF_PBKDF2_H
+#define SEC_KDF_PBKDF2_H
+
+#include <sec/kdf.h>
+#include <sec/mac.h>
+
+typedef struct
+{
+ Kdf kdf;
+ Mac *mac;
+ uint8_t block[20];
+ uint32_t c;
+ uint32_t iterations;
+ uint8_t salt_len;
+ uint8_t salt[48];
+} PBKDF2_Context;
+
+void PBKDF2_init(PBKDF2_Context *ctx, Mac *mac);
+void PBKDF2_set_iterations(Kdf *kdf, uint32_t iterations);
+
+#define PBKDF2_stackinit(...) \
+ ({ PBKDF2_Context *ctx = alloca(sizeof(PBKDF2_Context)); PBKDF2_init(ctx , ##__VA_ARGS__); &ctx->kdf; })
+
+int PBKDF2_testSetup(void);
+int PBKDF2_testRun(void);
+int PBKDF2_testTearDown(void);
+
+#endif /* SEC_KDF_PBKDF2_H */
--- /dev/null
+#include <string.h>
+#include <cpu/detect.h>
+#include <cfg/test.h>
+#include <cfg/debug.h>
+#include <sec/mac/hmac.h>
+#include <sec/hash/sha1.h>
+#include <sec/kdf/pbkdf2.h>
+
+int PBKDF2_testSetup(void)
+{
+ kdbg_init();
+ return 0;
+}
+
+int PBKDF2_testTearDown(void)
+{
+ return 0;
+}
+
+int PBKDF2_testRun(void)
+{
+ Kdf *kdf = PBKDF2_stackinit(HMAC_stackinit(SHA1_stackinit()));
+
+ uint8_t res[32];
+
+ PBKDF2_set_iterations(kdf, 1);
+ kdf_begin(kdf, "password", 8, (const uint8_t*)"salt", 4);
+ kdf_read(kdf, res, 20);
+ ASSERT(memcmp(res, "\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9\xb5\x24\xaf\x60\x12\x06\x2f\xe0\x37\xa6", 20) == 0);
+
+ PBKDF2_set_iterations(kdf, 2);
+ kdf_begin(kdf, "password", 8, (const uint8_t*)"salt", 4);
+ kdf_read(kdf, res, 20);
+ ASSERT(memcmp(res, "\xea\x6c\x01\x4d\xc7\x2d\x6f\x8c\xcd\x1e\xd9\x2a\xce\x1d\x41\xf0\xd8\xde\x89\x57", 20) == 0);
+
+ PBKDF2_set_iterations(kdf, 4096);
+ kdf_begin(kdf, "password", 8, (const uint8_t*)"salt", 4);
+ kdf_read(kdf, res, 20);
+ ASSERT(memcmp(res, "\x4b\x00\x79\x01\xb7\x65\x48\x9a\xbe\xad\x49\xd9\x26\xf7\x21\xd0\x65\xa4\x29\xc1", 20) == 0);
+
+#if CPU_X86
+ // Too slow for an embedded system...
+ PBKDF2_set_iterations(kdf, 16777216);
+ kdf_begin(kdf, "password", 8, (const uint8_t*)"salt", 4);
+ kdf_read(kdf, res, 20);
+ ASSERT(memcmp(res, "\xee\xfe\x3d\x61\xcd\x4d\xa4\xe4\xe9\x94\x5b\x3d\x6b\xa2\x15\x8c\x26\x34\xe9\x84", 20) == 0);
+#endif
+
+ PBKDF2_set_iterations(kdf, 4096);
+ kdf_begin(kdf, "pass\0word", 9, (const uint8_t*)"sa\0lt", 5);
+ kdf_read(kdf, res, 16);
+ ASSERT(memcmp(res, "\x56\xfa\x6a\xa7\x55\x48\x09\x9d\xcc\x37\xd7\xf0\x34\x25\xe0\xc3", 16) == 0);
+
+ PBKDF2_set_iterations(kdf, 4096);
+ kdf_begin(kdf, "passwordPASSWORDpassword", 24, (const uint8_t*)"saltSALTsaltSALTsaltSALTsaltSALTsalt", 36);
+ kdf_read(kdf, res, 25);
+ ASSERT(memcmp(res, "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8\xd8\x36\x62\xc0\xe4\x4a\x8b\x29\x1a\x96\x4c\xf2\xf0\x70\x38", 25) == 0);
+
+ return 0;
+}
+
+TEST_MAIN(PBKDF2);
projects / bertos.git / commitdiff