From 61512a15ec44b9863ea3e4e1cef5231f1d591177 Mon Sep 17 00:00:00 2001 From: wangyu- Date: Fri, 22 Jun 2018 22:20:48 -0500 Subject: [PATCH] changed kdf --- encrypt.cpp | 19 ++++++++++++------- makefile | 2 +- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/encrypt.cpp b/encrypt.cpp index 3950fdb..afa32cd 100755 --- a/encrypt.cpp +++ b/encrypt.cpp @@ -1,6 +1,7 @@ #include "lib/aes.h" #include "lib/md5.h" #include "lib/pbkdf2-sha1.h" +#include "lib/pbkdf2-sha256.h" #include #include #include @@ -45,16 +46,20 @@ int my_init_keys(const char * user_passwd) md5((uint8_t*)tmp,strlen(tmp),(uint8_t*)normal_key); - PKCS5_PBKDF2_HMAC((uint8_t*)user_passwd,len,(uint8_t*)"hmac_key",strlen("hmac_key"),1000, hmac_key_len,hmac_key); - - PKCS5_PBKDF2_HMAC((uint8_t*)user_passwd,len,(uint8_t*)"cipher_key",strlen("cipher_key"),1000,cipher_key_len,cipher_key); - if(auth_mode==auth_hmac_sha1) + { is_hmac_used=1; + unsigned char salt[1000]=""; + md5((uint8_t*)("udp2raw_salt1"),strlen("udp2raw_salt1"),salt); //TODO different salt per session + unsigned char pbkdf2_output[1000]=""; + PKCS5_PBKDF2_HMAC_SHA256((uint8_t*)user_passwd,len,salt,16,10000, hmac_key_len+cipher_key_len,pbkdf2_output); //TODO HKDF, argon2 ? + memcpy(hmac_key,pbkdf2_output,hmac_key_len); + memcpy(cipher_key,pbkdf2_output+hmac_key_len,cipher_key_len); + } - //print_binary_chars(normal_key,16); - //print_binary_chars((char *)hmac_key,16); - //print_binary_chars((char *)cipher_key,16); + print_binary_chars(normal_key,16); + print_binary_chars((char *)hmac_key,16); + print_binary_chars((char *)cipher_key,16); return 0; } diff --git a/makefile b/makefile index 61578b7..53b13a8 100755 --- a/makefile +++ b/makefile @@ -10,7 +10,7 @@ cc_arm= /toolchains/arm-2014.05/bin/arm-none-linux-gnueabi-g++ #cc_bcm2708=/home/wangyu/raspberry/tools/arm-bcm2708/gcc-linaro-arm-linux-gnueabihf-raspbian/bin/arm-linux-gnueabihf-g++ FLAGS= -std=c++11 -Wall -Wextra -Wno-unused-variable -Wno-unused-parameter -Wno-missing-field-initializers ${OPT} -COMMON=main.cpp lib/md5.c lib/pbkdf2-sha1.c encrypt.cpp log.cpp network.cpp common.cpp connection.cpp misc.cpp fd_manager.cpp -lpthread +COMMON=main.cpp lib/md5.c lib/pbkdf2-sha1.c lib/pbkdf2-sha256.c encrypt.cpp log.cpp network.cpp common.cpp connection.cpp misc.cpp fd_manager.cpp -lpthread SOURCES= $(COMMON) lib/aes_faster_c/aes.c lib/aes_faster_c/wrapper.c SOURCES_TINY_AES= $(COMMON) lib/aes.c SOURCES_AES_ACC=$(COMMON) $(wildcard lib/aes_acc/aes*.c)