summaryrefslogtreecommitdiff
path: root/sbin/wpa-psk
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2008-07-22 07:37:26 +0000
committerDamien Miller <djm@cvs.openbsd.org>2008-07-22 07:37:26 +0000
commit705a5e1a47395e42920e097b520984b7b0484d4b (patch)
tree43b69b46a53b3e5cec14b5724abb3000f9eac89e /sbin/wpa-psk
parente759ef8a7e4083346d0b9944f871eebb67fbf106 (diff)
use generalised PBKDF#2 from bioctl; ok damien@
Diffstat (limited to 'sbin/wpa-psk')
-rw-r--r--sbin/wpa-psk/Makefile7
-rw-r--r--sbin/wpa-psk/wpa-psk.c82
2 files changed, 8 insertions, 81 deletions
diff --git a/sbin/wpa-psk/Makefile b/sbin/wpa-psk/Makefile
index 4c3ff934124..ce41ada6bfb 100644
--- a/sbin/wpa-psk/Makefile
+++ b/sbin/wpa-psk/Makefile
@@ -1,7 +1,10 @@
-# $OpenBSD: Makefile,v 1.1 2008/04/15 16:29:05 damien Exp $
+# $OpenBSD: Makefile,v 1.2 2008/07/22 07:37:25 djm Exp $
+
+.PATH: ${.CURDIR}/../bioctl
+CFLAGS+=-Wall -I${.CURDIR}/../bioctl
PROG= wpa-psk
MAN= wpa-psk.8
-SRCS= wpa-psk.c
+SRCS= wpa-psk.c pbkdf2.c
.include <bsd.prog.mk>
diff --git a/sbin/wpa-psk/wpa-psk.c b/sbin/wpa-psk/wpa-psk.c
index 889f90f8cf7..060324ec8e9 100644
--- a/sbin/wpa-psk/wpa-psk.c
+++ b/sbin/wpa-psk/wpa-psk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: wpa-psk.c,v 1.2 2008/05/08 18:04:34 chl Exp $ */
+/* $OpenBSD: wpa-psk.c,v 1.3 2008/07/22 07:37:25 djm Exp $ */
/*-
* Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -25,83 +25,7 @@
#include <stdlib.h>
#include <err.h>
-/*
- * HMAC-SHA-1 (from RFC 2202).
- */
-static void
-hmac_sha1(const u_int8_t *text, size_t text_len, const u_int8_t *key,
- size_t key_len, u_int8_t digest[SHA1_DIGEST_LENGTH])
-{
- SHA1_CTX ctx;
- u_int8_t k_pad[SHA1_BLOCK_LENGTH];
- u_int8_t tk[SHA1_DIGEST_LENGTH];
- int i;
-
- if (key_len > SHA1_BLOCK_LENGTH) {
- SHA1Init(&ctx);
- SHA1Update(&ctx, key, key_len);
- SHA1Final(tk, &ctx);
-
- key = tk;
- key_len = SHA1_DIGEST_LENGTH;
- }
-
- bzero(k_pad, sizeof k_pad);
- bcopy(key, k_pad, key_len);
- for (i = 0; i < SHA1_BLOCK_LENGTH; i++)
- k_pad[i] ^= 0x36;
-
- SHA1Init(&ctx);
- SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
- SHA1Update(&ctx, text, text_len);
- SHA1Final(digest, &ctx);
-
- bzero(k_pad, sizeof k_pad);
- bcopy(key, k_pad, key_len);
- for (i = 0; i < SHA1_BLOCK_LENGTH; i++)
- k_pad[i] ^= 0x5c;
-
- SHA1Init(&ctx);
- SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
- SHA1Update(&ctx, digest, SHA1_DIGEST_LENGTH);
- SHA1Final(digest, &ctx);
-}
-
-/*
- * Password-Based Key Derivation Function 2 (PKCS #5 v2.0).
- * Code based on IEEE Std 802.11-2007, Annex H.4.2.
- */
-static void
-pbkdf2(const char *password, u_int len, const char *ssid, u_int ssid_len,
- u_int8_t key[32])
-{
- u_int8_t keybuf[2 * SHA1_DIGEST_LENGTH];
- u_int8_t digest[IEEE80211_NWID_LEN + 4], digest1[SHA1_DIGEST_LENGTH];
- u_int8_t *output, count;
- int i, j;
-
- output = keybuf;
- for (count = 1; count <= 2; count++) {
- memcpy(digest, ssid, ssid_len);
- digest[ssid_len + 0] = 0;
- digest[ssid_len + 1] = 0;
- digest[ssid_len + 2] = 0;
- digest[ssid_len + 3] = count;
- hmac_sha1(digest, ssid_len + 4, password, len, digest1);
- memcpy(output, digest1, SHA1_DIGEST_LENGTH);
-
- for (i = 1; i < 4096; i++) {
- hmac_sha1(digest1, SHA1_DIGEST_LENGTH, password,
- len, digest);
- memcpy(digest1, digest, SHA1_DIGEST_LENGTH);
- for (j = 0; j < SHA1_DIGEST_LENGTH; j++)
- output[j] ^= digest[j];
- }
- output += SHA1_DIGEST_LENGTH;
- }
- /* truncate output to its 256MSBs */
- memcpy(key, keybuf, 32);
-}
+#include "pbkdf2.h"
int
main(int argc, char **argv)
@@ -134,7 +58,7 @@ main(int argc, char **argv)
warnx("truncating SSID to its first %d characters", ssid_len);
}
- pbkdf2(pass, len, ssid, ssid_len, keybuf);
+ pkcs5_pbkdf2(pass, len, ssid, ssid_len, keybuf, sizeof(keybuf), 4096);
printf("0x");
for (i = 0; i < 32; i++)