X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=resource%2Fcsdk%2Fsecurity%2Fsrc%2Fpbkdf2.c;h=0f3da998050aa7e6d2a87930ef6cf513ad9fe37e;hb=7f00f942c39b7bc27c7eeecf213a239c3fe4173c;hp=ca614ec0030a35ccf9209c016a3cec910d06418f;hpb=bb93e3a07afd2126aa7665c4c56de50e2a1c9bfa;p=platform%2Fupstream%2Fiotivity.git diff --git a/resource/csdk/security/src/pbkdf2.c b/resource/csdk/security/src/pbkdf2.c index ca614ec..0f3da99 100644 --- a/resource/csdk/security/src/pbkdf2.c +++ b/resource/csdk/security/src/pbkdf2.c @@ -1,149 +1,61 @@ -/* ***************************************************************** - * - * Copyright 2015 Samsung Electronics All Rights Reserved. - * - * - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * *****************************************************************/ -#include -#include -#include "pbkdf2.h" -#include "hmac.h" -#include "debug.h" -#include "logger.h" - -#define TAG "PBDKF2" -#define XOR_BUF(in, out, bufSize)\ -do{\ - size_t i=0;\ - for(i=0; i< (bufSize); i++)\ - {\ - (out)[i] = (in)[i] ^ (out)[i];\ - }\ -}while(0)\ - +/****************************************************************** +* +* Copyright 2016 Microsoft Corporation +* +* +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +* +******************************************************************/ -static int isLittle() -{ - static int a = 1; - static int flag = -1; - if (flag == -1) - { - if ( ((uint8_t *)&a)[0] == 0x1) // little - flag = 1; - else - flag = 0; - } - return flag; -} +#include "logger.h" +#include "mbedtls/pkcs5.h" +#include "mbedtls/md.h" -static void GetBigEndianBuf(uint8_t *buf, int num) -{ - uint8_t *nBuf = (uint8_t *)# - if ( isLittle() == 1 ) - { - size_t i = 0; - for (i = 0; i < sizeof(int); i++) - { - buf[i] = nBuf[ sizeof(int) - i - 1]; - } - } - else - { - memcpy(buf, nBuf, sizeof(int)); - } -} +#define TAG "OIC_SEC_PBDKF2" -// TODO: Add comments to explain implementation. int DeriveCryptoKeyFromPassword(const unsigned char *passwd, size_t pLen, - const uint8_t *salt, const size_t saltLen, - const size_t iterations, - const size_t keyLen, uint8_t *derivedKey) + const uint8_t *salt, const size_t saltLen, + const size_t iterations, + const size_t keyLen, uint8_t *derivedKey) { - int res = 0; - uint8_t buf[DTLS_HMAC_DIGEST_SIZE]; - uint8_t uBuf[DTLS_HMAC_DIGEST_SIZE]; - - size_t nBlocks = 0; - size_t nOctetInLastBlock = 0; + mbedtls_md_context_t sha_ctx; + const mbedtls_md_info_t *info_sha; + int ret = -1; - nBlocks = (size_t)ceil ((double)keyLen / (double)DTLS_HMAC_DIGEST_SIZE); - nOctetInLastBlock = keyLen - (nBlocks - 1) * DTLS_HMAC_DIGEST_SIZE; + /* Setup the hash/HMAC function, for the PBKDF2 function. */ + mbedtls_md_init(&sha_ctx); - dtls_hmac_context_t *ctx = NULL; - ctx = dtls_hmac_new( (const unsigned char *)passwd, pLen); - if (NULL == ctx) + info_sha = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); + if (info_sha == NULL) { - OIC_LOG(ERROR, TAG, "DTLS HMAC Context is NULL"); - goto bail; + OIC_LOG(ERROR, TAG, "Failed to get hash information"); + return ret; } - size_t i = 1; - size_t idx = 0; //index for buffer - size_t counter = 0; - while (i != nBlocks + 1) + ret = mbedtls_md_setup(&sha_ctx, info_sha, 1); + if (ret != 0) { - counter = 0 ; - dtls_hmac_init(ctx, (const unsigned char *)passwd, pLen); - while (counter != iterations) - { - if (counter == 0) - { - uint8_t intBuf[4] = {0x00, 0x00, 0x00, 0x00}; - dtls_hmac_update(ctx, salt, saltLen); - GetBigEndianBuf(intBuf, i); - dtls_hmac_update(ctx, intBuf, 4); - - int len = dtls_hmac_finalize(ctx, buf); - if (DTLS_HMAC_DIGEST_SIZE != len) - { - OIC_LOG(ERROR, TAG, "DTLS HMAC is failed"); - res = -1; - } - memcpy(uBuf, buf, DTLS_HMAC_DIGEST_SIZE); - } - else - { - dtls_hmac_init(ctx, (const unsigned char *)passwd, pLen); - dtls_hmac_update(ctx, buf, DTLS_HMAC_DIGEST_SIZE); - int len = dtls_hmac_finalize(ctx, buf); - if (DTLS_HMAC_DIGEST_SIZE != len) - { - OIC_LOG(ERROR, TAG, "DTLS HMAC is failed"); - res = -1; - } - XOR_BUF(buf, uBuf, DTLS_HMAC_DIGEST_SIZE); - } - counter++; - } - + OIC_LOG(ERROR, TAG, "Failed to setup hash function"); + return ret; + } - if (i == nBlocks) - { - memcpy(derivedKey + idx, uBuf, nOctetInLastBlock); - } - else - { - memcpy(derivedKey + idx, uBuf, DTLS_HMAC_DIGEST_SIZE); - idx += DTLS_HMAC_DIGEST_SIZE; - } - i++; + ret = mbedtls_pkcs5_pbkdf2_hmac(&sha_ctx, passwd, pLen, salt, saltLen, iterations, keyLen, derivedKey); + if (ret != 0) + { + OIC_LOG(ERROR, TAG, "Call to mbedtls PBKDF2 function failed"); } -bail: - dtls_hmac_free(ctx); - return res; + mbedtls_md_free(&sha_ctx); + return ret; } -