change how we expose the prf method for the pbkdf2

export the function in the library and remove the global variable.
add ykpbkdf2.h to the distribution

diff --git a/Makefile.am b/Makefile.am
index ae52af483432f97e15b91f3ee235e1a4d4f39119..c19931afa0fa3f8567f6f4ae0e516355e3c7696c 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -38,10 +38,10 @@ AM_CFLAGS = $(WARN_CFLAGS)
 # The library.
 
 ykpers_includedir=$(includedir)/ykpers-1
-ykpers_include_HEADERS = ykpers.h ykcore/ykstatus.h ykcore/ykcore.h ykcore/ykdef.h
+ykpers_include_HEADERS = ykpers.h ykcore/ykstatus.h ykcore/ykcore.h ykcore/ykdef.h ykpbkdf2.h
 
 lib_LTLIBRARIES = libykpers-1.la
-libykpers_1_la_SOURCES = ykpers.c ykpbkdf2.h ykpbkdf2.c
+libykpers_1_la_SOURCES = ykpers.c ykpbkdf2.c
 libykpers_1_la_SOURCES += rfc4634/hmac.c rfc4634/usha.c rfc4634/sha.h  \
        rfc4634/sha1.c rfc4634/sha224-256.c rfc4634/sha384-512.c        \
        rfc4634/sha-private.h

diff --git a/configure.ac b/configure.ac
index af53d2af4cdde7cebc53030dab8435565398947b..5270c601ad1e63f98c829b9358810f18bf758763 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -26,7 +26,7 @@
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-AC_INIT([yubikey-personalization], [1.8.3],
+AC_INIT([yubikey-personalization], [1.9.0],
   [yubico-devel@googlegroups.com], [ykpers],
   [http://code.google.com/p/yubikey-personalization/])
 AC_CONFIG_AUX_DIR([build-aux])
@@ -36,9 +36,9 @@ AC_CONFIG_MACRO_DIR([m4])
 # Interfaces changed/added/removed:   CURRENT++       REVISION=0
 # Interfaces added:                             AGE++
 # Interfaces removed:                           AGE=0
-AC_SUBST(LT_CURRENT, 9)
-AC_SUBST(LT_REVISION, 3)
-AC_SUBST(LT_AGE, 8)
+AC_SUBST(LT_CURRENT, 10)
+AC_SUBST(LT_REVISION, 0)
+AC_SUBST(LT_AGE, 9)
 
 AM_INIT_AUTOMAKE([-Wall -Werror])
 AM_SILENT_RULES([yes])

diff --git a/libykpers-1.map b/libykpers-1.map
index 6f73987d495c28566c4ec0f06c9af02a760960a7..741f85b491472c7b1b494859c6c98ecde746e629 100644 (file)
--- a/libykpers-1.map
+++ b/libykpers-1.map
@@ -154,3 +154,10 @@ LIBYKPERS_1.8 {
   ykp_free_ndef;
 # Variables:
 } LIBYKPERS_1.7;
+
+LIBYKPERS_1.9 {
+  global:
+# Functions:
+  yk_hmac_sha1;
+# Variables:
+} LIBYKPERS_1.8;

diff --git a/ykpbkdf2.c b/ykpbkdf2.c
index 119c9713d8806aa709f25b927a7b47a61768bb1c..10510e8fe337fbd9c64531d96d8dd0a7a0dbbcf1 100644 (file)
--- a/ykpbkdf2.c
+++ b/ykpbkdf2.c
@@ -33,7 +33,7 @@
 
 #include "rfc4634/sha.h"
 
-static int hmac_sha1(const char *key, size_t key_len,
+int yk_hmac_sha1(const char *key, size_t key_len,
                     const char *text, size_t text_len,
                     uint8_t *output, size_t output_size)
 {
@@ -47,7 +47,6 @@ static int hmac_sha1(const char *key, size_t key_len,
                return 0;
        return 1;
 }
-YK_PRF_METHOD yk_hmac_sha1 = { SHA1HashSize, hmac_sha1 };
 
 int yk_pbkdf2(const char *passphrase,
              const unsigned char *salt, size_t salt_len,

diff --git a/ykpbkdf2.h b/ykpbkdf2.h
index f443dba406ac90c3c6d2df3e10f4762b60efbeb9..d8f9e5640ad9f90081bb3c1f78a5eb50592a28e6 100644 (file)
--- a/ykpbkdf2.h
+++ b/ykpbkdf2.h
@@ -41,7 +41,10 @@ struct yk_prf_method {
                      const char *text, size_t text_len,
                      uint8_t *output, size_t output_size);
 };
-extern YK_PRF_METHOD yk_hmac_sha1;
+
+int yk_hmac_sha1(const char *key, size_t key_len,
+               const char *text, size_t text_len,
+               uint8_t *output, size_t output_size);
 
 int yk_pbkdf2(const char *passphrase,
              const unsigned char *salt, size_t salt_len,

diff --git a/ykpers.c b/ykpers.c
index 14d291a6e29c6aa28fbfbef305f6aae85c38f6c7..5d2a4e7aac5ef627de62454bf8a64d0bf9db7cda 100644 (file)
--- a/ykpers.c
+++ b/ykpers.c
@@ -305,6 +305,7 @@ int ykp_AES_key_from_passphrase(YKP_CONFIG *cfg, const char *passphrase,
                unsigned char buf[sizeof(cfg->ykcore_config.key) + 4];
                int rc;
                int key_bytes = _get_supported_key_length(cfg);
+               YK_PRF_METHOD prf_method = {20, yk_hmac_sha1};
 
                assert (key_bytes <= sizeof(buf));
 
@@ -342,7 +343,7 @@ int ykp_AES_key_from_passphrase(YKP_CONFIG *cfg, const char *passphrase,
                        time_t t = time(NULL);
                        uint8_t output[256]; /* 2048 bits is a lot! */
 
-                       yk_hmac_sha1.prf_fn(passphrase, strlen(passphrase),
+                       prf_method.prf_fn(passphrase, strlen(passphrase),
                                            (char *)&t, sizeof(t),
                                            output, sizeof(output));
                        memcpy(_salt, output, sizeof(_salt));
@@ -353,7 +354,7 @@ int ykp_AES_key_from_passphrase(YKP_CONFIG *cfg, const char *passphrase,
                               _salt, _salt_len,
                               1024,
                               buf, key_bytes,
-                              &yk_hmac_sha1);
+                              &prf_method);
 
                if (rc) {
                        memcpy(cfg->ykcore_config.key, buf, sizeof(cfg->ykcore_config.key));