diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2008-07-22 07:37:26 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2008-07-22 07:37:26 +0000 |
commit | 705a5e1a47395e42920e097b520984b7b0484d4b (patch) | |
tree | 43b69b46a53b3e5cec14b5724abb3000f9eac89e /sbin/wpa-psk | |
parent | e759ef8a7e4083346d0b9944f871eebb67fbf106 (diff) |
use generalised PBKDF#2 from bioctl; ok damien@
Diffstat (limited to 'sbin/wpa-psk')
-rw-r--r-- | sbin/wpa-psk/Makefile | 7 | ||||
-rw-r--r-- | sbin/wpa-psk/wpa-psk.c | 82 |
2 files changed, 8 insertions, 81 deletions
diff --git a/sbin/wpa-psk/Makefile b/sbin/wpa-psk/Makefile index 4c3ff934124..ce41ada6bfb 100644 --- a/sbin/wpa-psk/Makefile +++ b/sbin/wpa-psk/Makefile @@ -1,7 +1,10 @@ -# $OpenBSD: Makefile,v 1.1 2008/04/15 16:29:05 damien Exp $ +# $OpenBSD: Makefile,v 1.2 2008/07/22 07:37:25 djm Exp $ + +.PATH: ${.CURDIR}/../bioctl +CFLAGS+=-Wall -I${.CURDIR}/../bioctl PROG= wpa-psk MAN= wpa-psk.8 -SRCS= wpa-psk.c +SRCS= wpa-psk.c pbkdf2.c .include <bsd.prog.mk> diff --git a/sbin/wpa-psk/wpa-psk.c b/sbin/wpa-psk/wpa-psk.c index 889f90f8cf7..060324ec8e9 100644 --- a/sbin/wpa-psk/wpa-psk.c +++ b/sbin/wpa-psk/wpa-psk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: wpa-psk.c,v 1.2 2008/05/08 18:04:34 chl Exp $ */ +/* $OpenBSD: wpa-psk.c,v 1.3 2008/07/22 07:37:25 djm Exp $ */ /*- * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr> @@ -25,83 +25,7 @@ #include <stdlib.h> #include <err.h> -/* - * HMAC-SHA-1 (from RFC 2202). - */ -static void -hmac_sha1(const u_int8_t *text, size_t text_len, const u_int8_t *key, - size_t key_len, u_int8_t digest[SHA1_DIGEST_LENGTH]) -{ - SHA1_CTX ctx; - u_int8_t k_pad[SHA1_BLOCK_LENGTH]; - u_int8_t tk[SHA1_DIGEST_LENGTH]; - int i; - - if (key_len > SHA1_BLOCK_LENGTH) { - SHA1Init(&ctx); - SHA1Update(&ctx, key, key_len); - SHA1Final(tk, &ctx); - - key = tk; - key_len = SHA1_DIGEST_LENGTH; - } - - bzero(k_pad, sizeof k_pad); - bcopy(key, k_pad, key_len); - for (i = 0; i < SHA1_BLOCK_LENGTH; i++) - k_pad[i] ^= 0x36; - - SHA1Init(&ctx); - SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH); - SHA1Update(&ctx, text, text_len); - SHA1Final(digest, &ctx); - - bzero(k_pad, sizeof k_pad); - bcopy(key, k_pad, key_len); - for (i = 0; i < SHA1_BLOCK_LENGTH; i++) - k_pad[i] ^= 0x5c; - - SHA1Init(&ctx); - SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH); - SHA1Update(&ctx, digest, SHA1_DIGEST_LENGTH); - SHA1Final(digest, &ctx); -} - -/* - * Password-Based Key Derivation Function 2 (PKCS #5 v2.0). - * Code based on IEEE Std 802.11-2007, Annex H.4.2. - */ -static void -pbkdf2(const char *password, u_int len, const char *ssid, u_int ssid_len, - u_int8_t key[32]) -{ - u_int8_t keybuf[2 * SHA1_DIGEST_LENGTH]; - u_int8_t digest[IEEE80211_NWID_LEN + 4], digest1[SHA1_DIGEST_LENGTH]; - u_int8_t *output, count; - int i, j; - - output = keybuf; - for (count = 1; count <= 2; count++) { - memcpy(digest, ssid, ssid_len); - digest[ssid_len + 0] = 0; - digest[ssid_len + 1] = 0; - digest[ssid_len + 2] = 0; - digest[ssid_len + 3] = count; - hmac_sha1(digest, ssid_len + 4, password, len, digest1); - memcpy(output, digest1, SHA1_DIGEST_LENGTH); - - for (i = 1; i < 4096; i++) { - hmac_sha1(digest1, SHA1_DIGEST_LENGTH, password, - len, digest); - memcpy(digest1, digest, SHA1_DIGEST_LENGTH); - for (j = 0; j < SHA1_DIGEST_LENGTH; j++) - output[j] ^= digest[j]; - } - output += SHA1_DIGEST_LENGTH; - } - /* truncate output to its 256MSBs */ - memcpy(key, keybuf, 32); -} +#include "pbkdf2.h" int main(int argc, char **argv) @@ -134,7 +58,7 @@ main(int argc, char **argv) warnx("truncating SSID to its first %d characters", ssid_len); } - pbkdf2(pass, len, ssid, ssid_len, keybuf); + pkcs5_pbkdf2(pass, len, ssid, ssid_len, keybuf, sizeof(keybuf), 4096); printf("0x"); for (i = 0; i < 32; i++) |