github/wangyu-udp2raw
1
0
Fork 0
mirror of https://github.com/wangyu-/udp2raw.git synced 2025-10-31 18:25:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

implement hkdf

Browse Source
This commit is contained in:
wangyu-
2018-06-24 07:58:19 -05:00
parent e51c236c20
commit d3cbbe8085
9 changed files with 293 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
lib/aes.c → lib/aes.cpp
View File

0
lib/aes_faster_c/aes.c → lib/aes_faster_c/aes.cpp
View File

0
lib/aes_faster_c/wrapper.c → lib/aes_faster_c/wrapper.cpp
View File

0
lib/md5.c → lib/md5.cpp
View File

0
lib/pbkdf2-sha1.c → lib/pbkdf2-sha1.cpp
View File

253
lib/pbkdf2-sha256.c → lib/pbkdf2-sha256.cpp
View File

@@ -1,5 +1,5 @@
/*
this file is from https://github.com/kholia/PKCS5_PBKDF2
this file is from https://github.com/kholia/PKCS5_PBKDF2, with additional code of hkdf_sha256
* FIPS-180-2 compliant SHA-256 implementation
*
@@ -34,12 +34,14 @@
#include <stdio.h>
#include <stdlib.h>
#if defined(TEST) ||defined(DEBUG)
#undef TEST
#undef DEBUG
#warning "undefined TEST/DEBUG"
#endif
typedef struct {
unsigned long total[2]; /*!< number of bytes processed */
unsigned long state[8]; /*!< intermediate digest state */
@@ -50,6 +52,7 @@ typedef struct {
int is224; /*!< 0 => SHA-256, else SHA-224 */
} sha2_context;
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -869,3 +872,251 @@ int main()
}
#endif
const int sha256_len=32;
#define MBEDTLS_MD_MAX_SIZE 64
#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80
static void * (* const volatile memset_func)( void *, int, size_t ) = memset;
void mbedtls_platform_zeroize( void *buf, size_t len )
{
memset_func( buf, 0, len );
}
int hkdf_sha256_extract(
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk )
{
unsigned char null_salt[MBEDTLS_MD_MAX_SIZE] = { '\0' };
if( salt == NULL )
{
size_t hash_len;
hash_len = sha256_len;
if( hash_len == 0 )
{
return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
}
salt = null_salt;
salt_len = hash_len;
}
sha2_hmac (salt, salt_len, ikm, ikm_len, prk ,0);
return 0;
}
int hkdf_sha256_expand( const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len )
{
size_t hash_len;
size_t where = 0;
size_t n;
size_t t_len = 0;
size_t i;
int ret = 0;
sha2_context ctx;
unsigned char t[MBEDTLS_MD_MAX_SIZE];
if( okm == NULL )
{
return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
}
hash_len = sha256_len;
if( prk_len < hash_len || hash_len == 0 )
{
return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
}
if( info == NULL )
{
info = (const unsigned char *) "";
info_len = 0;
}
n = okm_len / hash_len;
if( (okm_len % hash_len) != 0 )
{
n++;
}
if( n > 255 )
{
return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
}
/*
mbedtls_md_init( &ctx );
if( (ret = mbedtls_md_setup( &ctx, md, 1) ) != 0 )
{
goto exit;
}*/
/* RFC 5869 Section 2.3. */
for( i = 1; i <= n; i++ )
{
size_t num_to_copy;
unsigned char c = i & 0xff;
sha2_hmac_starts( &ctx, prk, prk_len,0 );
sha2_hmac_update( &ctx, t, t_len );
sha2_hmac_update( &ctx, info, info_len );
/* The constant concatenated to the end of each t(n) is a single octet.
* */
sha2_hmac_update( &ctx, &c, 1 );
sha2_hmac_finish( &ctx, t );
num_to_copy = i != n ? hash_len : okm_len - where;
memcpy( okm + where, t, num_to_copy );
where += hash_len;
t_len = hash_len;
}
//exit:
//mbedtls_md_free( &ctx );
mbedtls_platform_zeroize( &ctx, sizeof( ctx ) );
mbedtls_platform_zeroize( t, sizeof( t ) );
return( ret );
}
int hkdf_sha256( const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len )
{
int ret;
unsigned char prk[MBEDTLS_MD_MAX_SIZE];
ret = hkdf_sha256_extract( salt, salt_len, ikm, ikm_len, prk );
if( ret == 0 )
{
ret = hkdf_sha256_expand( prk, sha256_len,
info, info_len, okm, okm_len );
}
mbedtls_platform_zeroize( prk, sizeof( prk ) );
return( ret );
}
#ifdef HKDF_SHA256_TEST
#include <assert.h>
int hex_to_number(char a)
{
if(a>='0' &&a<='9')
return a-'0';
if(a>='a'&& a<='f') return a- 'a' +10;
assert(0==1);
return -1;
}
int base16_decode(const char *a,unsigned char *buf)
{
int len=strlen(a);
assert(len%2==0);
for(int i=0,j=0;i<len;i+=2,j++)
{
unsigned char c= hex_to_number(a[i])*16+hex_to_number(a[i+1]);
buf[j]=c;
}
return len/2;
}
int main()
{
const struct {
const char *ikm16, *salt16, *info16;
int L;
const char *okm16;
} vecs[] = {
{ /* from A.1 */
"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
"000102030405060708090a0b0c",
"f0f1f2f3f4f5f6f7f8f9",
42,
"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf"
"34007208d5b887185865"
},
{ /* from A.2 */
"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"
"202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f"
"404142434445464748494a4b4c4d4e4f",
"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f"
"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f"
"a0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecf"
"d0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeef"
"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
82,
"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c"
"59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71"
"cc30c58179ec3e87c14c01d5c1f3434f1d87"
},
{ /* from A.3 */
"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
"",
"",
42,
"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d"
"9d201395faa4b61a96c8",
},
{ NULL, NULL, NULL, -1, NULL }
};
for(int i=0;i<3;i++)
{
unsigned char ikm[200]; int ikm_len;
unsigned char salt[200];int salt_len;
unsigned char info[200]; int info_len;
unsigned char okm[200];
ikm_len=base16_decode(vecs[i].ikm16,ikm);
salt_len=base16_decode(vecs[i].salt16,salt);
info_len=base16_decode(vecs[i].info16,info);
base16_decode(vecs[i].okm16,okm);
int outlen=vecs[i].L;
unsigned char output[200];
int ret=hkdf_sha256(salt,
salt_len,ikm, ikm_len,
info, info_len,
output, outlen );
assert(ret==0);
for(int j=0;j<ikm_len;j++)
printf("<%02x>",(int)(ikm[j]));
printf("\n---------------------------\n");
for(int j=0;j<outlen;j++)
printf("<%02x>",(int)(output[j]));
printf("\n---------------------------\n");
for(int j=0;j<outlen;j++)
printf("<%02x>",(int)(okm[j]));
printf("\n===========================\n");
}
}
#endif

19
lib/pbkdf2-sha256.h
View File

@@ -9,5 +9,20 @@ void PKCS5_PBKDF2_HMAC_SHA256(unsigned char *password, size_t plen,
const unsigned long iteration_count, const unsigned long key_length,
unsigned char *output);
void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
//void sha2( const unsigned char *input, size_t ilen,unsigned char output[32], int is224 );
int hkdf_sha256_extract(
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk );
int hkdf_sha256_expand( const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len );
int hkdf_sha256( const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len );