summaryrefslogtreecommitdiff
path: root/sys/lib/libsa/pbkdf2.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/lib/libsa/pbkdf2.c')
-rw-r--r--sys/lib/libsa/pbkdf2.c75
1 files changed, 75 insertions, 0 deletions
diff --git a/sys/lib/libsa/pbkdf2.c b/sys/lib/libsa/pbkdf2.c
new file mode 100644
index 00000000000..df0b42897b8
--- /dev/null
+++ b/sys/lib/libsa/pbkdf2.c
@@ -0,0 +1,75 @@
+/* $OpenBSD: pbkdf2.c,v 1.1 2012/10/09 12:36:50 jsing Exp $ */
+
+/*-
+ * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/param.h>
+
+#include <lib/libsa/stand.h>
+
+#include "pbkdf2.h"
+#include "hmac_sha1.h"
+
+/*
+ * Password-Based Key Derivation Function 2 (PKCS #5 v2.0).
+ * Code based on IEEE Std 802.11-2007, Annex H.4.2.
+ */
+int
+pkcs5_pbkdf2(const char *pass, size_t pass_len, const char *salt,
+ size_t salt_len, u_int8_t *key, size_t key_len, u_int rounds)
+{
+ u_int8_t *asalt, obuf[SHA1_DIGEST_LENGTH];
+ u_int8_t d1[SHA1_DIGEST_LENGTH], d2[SHA1_DIGEST_LENGTH];
+ u_int i, j;
+ u_int count;
+ size_t r;
+
+ if (rounds < 1 || key_len == 0)
+ return -1;
+ if (salt_len == 0 || salt_len > SIZE_MAX - 1)
+ return -1;
+ if ((asalt = alloca(salt_len + 4)) == NULL)
+ return -1;
+
+ memcpy(asalt, salt, salt_len);
+
+ for (count = 1; key_len > 0; count++) {
+ asalt[salt_len + 0] = (count >> 24) & 0xff;
+ asalt[salt_len + 1] = (count >> 16) & 0xff;
+ asalt[salt_len + 2] = (count >> 8) & 0xff;
+ asalt[salt_len + 3] = count & 0xff;
+ hmac_sha1(asalt, salt_len + 4, pass, pass_len, d1);
+ memcpy(obuf, d1, sizeof(obuf));
+
+ for (i = 1; i < rounds; i++) {
+ hmac_sha1(d1, sizeof(d1), pass, pass_len, d2);
+ memcpy(d1, d2, sizeof(d1));
+ for (j = 0; j < sizeof(obuf); j++)
+ obuf[j] ^= d1[j];
+ }
+
+ r = MIN(key_len, SHA1_DIGEST_LENGTH);
+ memcpy(key, obuf, r);
+ key += r;
+ key_len -= r;
+ };
+ explicit_bzero(asalt, salt_len + 4);
+ explicit_bzero(d1, sizeof(d1));
+ explicit_bzero(d2, sizeof(d2));
+ explicit_bzero(obuf, sizeof(obuf));
+
+ return 0;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 03:45:01 +0000