From: Guus Sliepen Date: Tue, 30 Dec 2014 10:16:08 +0000 (+0100) Subject: Add missing nolegacy/crypto.c and prf.c. X-Git-Tag: release-1.1pre12~249 X-Git-Url: https://git.tinc-vpn.org/git/browse?a=commitdiff_plain;h=4d50f9f3485503099f5cb6e8486e9b98b72cb9be;p=tinc Add missing nolegacy/crypto.c and prf.c. --- diff --git a/src/nolegacy/crypto.c b/src/nolegacy/crypto.c new file mode 100644 index 00000000..96e4dda2 --- /dev/null +++ b/src/nolegacy/crypto.c @@ -0,0 +1,91 @@ +/* + crypto.c -- Cryptographic miscellaneous functions and initialisation + Copyright (C) 2007-2014 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../system.h" + +#include +#include +#include + +#include "../crypto.h" + +#ifndef HAVE_MINGW + +static int random_fd = -1; + +static void random_init(void) { + random_fd = open("/dev/urandom", O_RDONLY); + if(random_fd < 0) + random_fd = open("/dev/random", O_RDONLY); + if(random_fd < 0) { + fprintf(stderr, "Could not open source of random numbers: %s\n", strerror(errno)); + abort(); + } +} + +static void random_exit(void) { + close(random_fd); +} + +void randomize(void *out, size_t outlen) { + while(outlen) { + size_t len = read(random_fd, out, outlen); + if(len <= 0) { + if(errno == EAGAIN || errno == EINTR) + continue; + fprintf(stderr, "Could not read random numbers: %s\n", strerror(errno)); + abort(); + } + out += len; + outlen -= len; + } +} + +#else + +#include +HCRYPTPROV prov; + +void random_init(void) { + if(!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { + fprintf(stderr, "CryptAcquireContext() failed!\n"); + abort(); + } +} + +void random_exit(void) { + CryptReleaseContext(prov, 0); +} + +void randomize(void *out, size_t outlen) { + if(!CryptGenRandom(prov, outlen, out)) { + fprintf(stderr, "CryptGenRandom() failed\n"); + abort(); + } +} + +#endif + +void crypto_init(void) { + random_init(); +} + +void crypto_exit(void) { + random_exit(); +} diff --git a/src/nolegacy/prf.c b/src/nolegacy/prf.c new file mode 100644 index 00000000..3c4c27ed --- /dev/null +++ b/src/nolegacy/prf.c @@ -0,0 +1,104 @@ +/* + prf.c -- Pseudo-Random Function for key material generation + Copyright (C) 2011-2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../system.h" + +#include "../prf.h" +#include "../ed25519/sha512.h" + +static void memxor(char *buf, char c, size_t len) { + for(size_t i = 0; i < len; i++) + buf[i] ^= c; +} + +static const size_t mdlen = 64; + +static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) { + char tmp[2 * mdlen]; + sha512_context md; + + if(keylen <= mdlen) { + memcpy(tmp, key, keylen); + memset(tmp + keylen, 0, mdlen - keylen); + } else { + if(sha512(key, keylen, tmp) != 0) + return false; + } + + if(sha512_init(&md) != 0) + return false; + + // ipad + memxor(tmp, 0x36, mdlen); + if(sha512_update(&md, tmp, mdlen) != 0) + return false; + + // message + if(sha512_update(&md, msg, msglen) != 0) + return false; + + if(sha512_final(&md, tmp + mdlen) != 0) + return false; + + // opad + memxor(tmp, 0x36 ^ 0x5c, mdlen); + if(sha512(tmp, sizeof tmp, out) != 0) + return false; + + return true; +} + + +/* Generate key material from a master secret and a seed, based on RFC 4346 section 5. + We use SHA512 instead of MD5 and SHA1. + */ + +bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) { + /* Data is what the "inner" HMAC function processes. + It consists of the previous HMAC result plus the seed. + */ + + char data[mdlen + seedlen]; + memset(data, 0, mdlen); + memcpy(data + mdlen, seed, seedlen); + + char hash[mdlen]; + + while(outlen > 0) { + /* Inner HMAC */ + if(!hmac_sha512(data, sizeof data, secret, secretlen, data)) + return false; + + /* Outer HMAC */ + if(outlen >= mdlen) { + if(!hmac_sha512(data, sizeof data, secret, secretlen, out)) + return false; + out += mdlen; + outlen -= mdlen; + } else { + if(!hmac_sha512(data, sizeof data, secret, secretlen, hash)) + return false; + memcpy(out, hash, outlen); + out += outlen; + outlen = 0; + } + } + + return true; +}