diff options
| author | Ted Unangst <tedu@cvs.openbsd.org> | 2012-09-06 19:42:00 +0000 |
|---|---|---|
| committer | Ted Unangst <tedu@cvs.openbsd.org> | 2012-09-06 19:42:00 +0000 |
| commit | 4fc57e5204a74f75e9d197c2c43cef54c8dfd5c2 (patch) | |
| tree | b1c6700fcaea19c5f0bf5211bc8c6203fc01faa1 | |
| parent | ea76ce83dd6d5c9adbd72293f2884e5618793790 (diff) | |
move pkcs5_pbkdf5 function to libutil so everybody can play with it
ok deraadt jsing matthew
| -rw-r--r-- | lib/libutil/Makefile | 7 | ||||
| -rw-r--r-- | lib/libutil/pkcs5_pbkdf2.3 | 55 | ||||
| -rw-r--r-- | lib/libutil/pkcs5_pbkdf2.c (renamed from sbin/bioctl/pbkdf2.c) | 4 | ||||
| -rw-r--r-- | lib/libutil/shlib_version | 2 | ||||
| -rw-r--r-- | lib/libutil/util.h | 5 | ||||
| -rw-r--r-- | sbin/bioctl/Makefile | 4 | ||||
| -rw-r--r-- | sbin/bioctl/bioctl.c | 4 | ||||
| -rw-r--r-- | sbin/bioctl/pbkdf2.h | 24 | ||||
| -rw-r--r-- | sbin/ifconfig/Makefile | 9 | ||||
| -rw-r--r-- | sbin/ifconfig/ifconfig.c | 3 | ||||
| -rw-r--r-- | sbin/mount_vnd/Makefile | 7 | ||||
| -rw-r--r-- | sbin/mount_vnd/mount_vnd.c | 4 |
12 files changed, 78 insertions, 50 deletions
diff --git a/lib/libutil/Makefile b/lib/libutil/Makefile index 2bc59392304..080671083f7 100644 --- a/lib/libutil/Makefile +++ b/lib/libutil/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.34 2012/08/02 13:38:39 okan Exp $ +# $OpenBSD: Makefile,v 1.35 2012/09/06 19:41:59 tedu Exp $ # $NetBSD: Makefile,v 1.8 1996/05/16 07:03:28 thorpej Exp $ LIB= util @@ -7,11 +7,12 @@ HDRS= util.h imsg.h SRCS= check_expire.c duid.c getmaxpartitions.c getrawpartition.c login.c \ login_tty.c logout.c logwtmp.c opendev.c passwd.c pty.c readlabel.c \ login_fbtab.c uucplock.c fparseln.c opendisk.c pidfile.c \ - fmt_scaled.c imsg.c imsg-buffer.c + fmt_scaled.c imsg.c imsg-buffer.c pkcs5_pbkdf2.c MAN= check_expire.3 getmaxpartitions.3 getrawpartition.3 isduid.3 login.3 \ opendev.3 openpty.3 pw_init.3 pw_lock.3 readlabelfs.3 uucplock.3 \ - fparseln.3 opendisk.3 login_fbtab.3 pidfile.3 fmt_scaled.3 imsg_init.3 + fparseln.3 opendisk.3 login_fbtab.3 pidfile.3 fmt_scaled.3 imsg_init.3 \ + pkcs5_pbkdf2.3 MLINKS+=imsg_init.3 imsg_read.3 MLINKS+=imsg_init.3 imsg_get.3 diff --git a/lib/libutil/pkcs5_pbkdf2.3 b/lib/libutil/pkcs5_pbkdf2.3 new file mode 100644 index 00000000000..7a40737561b --- /dev/null +++ b/lib/libutil/pkcs5_pbkdf2.3 @@ -0,0 +1,55 @@ +.\" $OpenBSD: pkcs5_pbkdf2.3,v 1.1 2012/09/06 19:41:59 tedu Exp $ +.\" +.\" Copyright (c) 2012 Ted Unangst <tedu@openbsd.org> +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.Dd $Mdocdate: September 6 2012 $ +.Dt pkcs5_pbkdf2 3 +.Os +.Sh NAME +.Nm pkcs5_pbkdf2 +.Nd password based key derivation function +.Sh SYNOPSIS +.Fd #include <util.h> +.Ft int +.Fn pkcs5_pbkdf2 "const char *pass" "size_t pass_len" "const char *salt" \ + "size_t salt_len" "u_int8_t *key" "size_t key_len" "u_int rounds" +.Sh DESCRIPTION +The +.Nm +function converts a password into a key suitable for encryption. +The password and salt values are combined and repeatedly hashed +.Ar rounds +times. +The repeated hashing is designed to thwart password guessing attacks from +discovering the key. +The higher the number of rounds, the slower each attempt will be. +A minumum value of at least 1000 is recommended. +.Sh RETURN VALUES +The +.Fn pkcs5_pbkdf2 +function returns 0 to indicate success and -1 for failure. +.\" .Sh EXAMPLES +.\" .Sh ERRORS +.Sh SEE ALSO +.Xr sha1 1 +.Sh STANDARDS +RFC 2898 +.\" .Sh HISTORY +.\" .Sh AUTHORS +.Sh CAVEATS +The standard allows for different hash functions to be used. +This implementation only uses +.Xr sha1 1 . +.\" .Sh BUGS diff --git a/sbin/bioctl/pbkdf2.c b/lib/libutil/pkcs5_pbkdf2.c index 9b7bc4fff45..75790a91d90 100644 --- a/sbin/bioctl/pbkdf2.c +++ b/lib/libutil/pkcs5_pbkdf2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pbkdf2.c,v 1.2 2012/06/28 20:42:22 mikeb Exp $ */ +/* $OpenBSD: pkcs5_pbkdf2.c,v 1.1 2012/09/06 19:41:59 tedu Exp $ */ /*- * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr> @@ -22,10 +22,10 @@ #include <string.h> #include <limits.h> #include <stdlib.h> +#include <util.h> #include <sha1.h> -#include "pbkdf2.h" /* #define PBKDF2_MAIN */ diff --git a/lib/libutil/shlib_version b/lib/libutil/shlib_version index 5e6c3dd51b1..f6b149e5862 100644 --- a/lib/libutil/shlib_version +++ b/lib/libutil/shlib_version @@ -1,2 +1,2 @@ major=11 -minor=3 +minor=4 diff --git a/lib/libutil/util.h b/lib/libutil/util.h index 26c87a8fb86..89f2ea783db 100644 --- a/lib/libutil/util.h +++ b/lib/libutil/util.h @@ -1,4 +1,4 @@ -/* $OpenBSD: util.h,v 1.30 2012/07/09 14:26:40 nicm Exp $ */ +/* $OpenBSD: util.h,v 1.31 2012/09/06 19:41:59 tedu Exp $ */ /* $NetBSD: util.h,v 1.2 1996/05/16 07:00:22 thorpej Exp $ */ /*- @@ -114,6 +114,9 @@ int uu_unlock(const char *); int fmt_scaled(long long, char *); int scan_scaled(char *, long long *); int isduid(const char *, int); +int pkcs5_pbkdf2(const char *, size_t, const char *, size_t, + u_int8_t *, size_t, u_int); + __END_DECLS #endif /* !_UTIL_H_ */ diff --git a/sbin/bioctl/Makefile b/sbin/bioctl/Makefile index c3aa07469ac..f3c74a11d32 100644 --- a/sbin/bioctl/Makefile +++ b/sbin/bioctl/Makefile @@ -1,7 +1,7 @@ -# $OpenBSD: Makefile,v 1.11 2012/01/29 12:08:41 jsing Exp $ +# $OpenBSD: Makefile,v 1.12 2012/09/06 19:41:59 tedu Exp $ PROG= bioctl -SRCS= bioctl.c pbkdf2.c +SRCS= bioctl.c LDADD= -lutil DPADD= ${LIBUTIL} diff --git a/sbin/bioctl/bioctl.c b/sbin/bioctl/bioctl.c index e9de29079bb..1869500d9b5 100644 --- a/sbin/bioctl/bioctl.c +++ b/sbin/bioctl/bioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bioctl.c,v 1.110 2012/04/19 19:13:51 deraadt Exp $ */ +/* $OpenBSD: bioctl.c,v 1.111 2012/09/06 19:41:59 tedu Exp $ */ /* * Copyright (c) 2004, 2005 Marco Peereboom @@ -47,8 +47,6 @@ #include <vis.h> #include <readpassphrase.h> -#include "pbkdf2.h" - struct locator { int channel; int target; diff --git a/sbin/bioctl/pbkdf2.h b/sbin/bioctl/pbkdf2.h deleted file mode 100644 index 2ee04c72e46..00000000000 --- a/sbin/bioctl/pbkdf2.h +++ /dev/null @@ -1,24 +0,0 @@ -/* $OpenBSD: pbkdf2.h,v 1.1 2008/06/14 06:28:27 djm Exp $ */ - -/*- - * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Password-Based Key Derivation Function 2 (PKCS #5 v2.0). - * Code based on IEEE Std 802.11-2007, Annex H.4.2. - */ -int pkcs5_pbkdf2(const char *, size_t, const char *, size_t, - u_int8_t *, size_t, u_int); diff --git a/sbin/ifconfig/Makefile b/sbin/ifconfig/Makefile index a3c3381d6eb..92e9464836d 100644 --- a/sbin/ifconfig/Makefile +++ b/sbin/ifconfig/Makefile @@ -1,11 +1,12 @@ -# $OpenBSD: Makefile,v 1.11 2010/10/18 04:10:56 deraadt Exp $ - -.PATH: ${.CURDIR}/../bioctl +# $OpenBSD: Makefile,v 1.12 2012/09/06 19:41:59 tedu Exp $ PROG= ifconfig -SRCS= ifconfig.c brconfig.c pbkdf2.c +SRCS= ifconfig.c brconfig.c MAN= ifconfig.8 +LDADD= -lutil +DPADD= ${LIBUTIL} + CPPFLAGS+=-DINET6 -I${.CURDIR}/../bioctl .include <bsd.prog.mk> diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c index 587f8a0ca9c..4fcba358fd5 100644 --- a/sbin/ifconfig/ifconfig.c +++ b/sbin/ifconfig/ifconfig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ifconfig.c,v 1.256 2012/08/21 19:50:39 bluhm Exp $ */ +/* $OpenBSD: ifconfig.c,v 1.257 2012/09/06 19:41:59 tedu Exp $ */ /* $NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $ */ /* @@ -103,7 +103,6 @@ #include <ifaddrs.h> #include "brconfig.h" -#include "pbkdf2.h" #define HWFEATURESBITS \ "\024\1CSUM_IPv4\2CSUM_TCPv4\3CSUM_UDPv4" \ diff --git a/sbin/mount_vnd/Makefile b/sbin/mount_vnd/Makefile index a5a81cd507e..478ed593966 100644 --- a/sbin/mount_vnd/Makefile +++ b/sbin/mount_vnd/Makefile @@ -1,10 +1,7 @@ -# $OpenBSD: Makefile,v 1.7 2010/04/12 01:44:08 tedu Exp $ - -.PATH: ${.CURDIR}/../bioctl -CFLAGS+=-I${.CURDIR}/../bioctl +# $OpenBSD: Makefile,v 1.8 2012/09/06 19:41:59 tedu Exp $ PROG= mount_vnd -SRCS= mount_vnd.c pbkdf2.c +SRCS= mount_vnd.c LDADD= -lutil DPADD= ${LIBUTIL} diff --git a/sbin/mount_vnd/mount_vnd.c b/sbin/mount_vnd/mount_vnd.c index d4ae9c3d790..37c1e579bb2 100644 --- a/sbin/mount_vnd/mount_vnd.c +++ b/sbin/mount_vnd/mount_vnd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mount_vnd.c,v 1.11 2011/04/18 16:52:11 thib Exp $ */ +/* $OpenBSD: mount_vnd.c,v 1.12 2012/09/06 19:41:59 tedu Exp $ */ /* * Copyright (c) 1993 University of Utah. * Copyright (c) 1990, 1993 @@ -56,8 +56,6 @@ #include <unistd.h> #include <util.h> -#include "pbkdf2.h" - #define DEFAULT_VND "vnd0" #define VND_CONFIG 1 |