From: Klas Lindfors Date: Thu, 25 Oct 2012 13:48:15 +0000 (+0200) Subject: change how we expose the prf method for the pbkdf2 X-Git-Tag: v1.9.0~12 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=34c4c6fdde4b69325d0447b5d0eea0e69cd8af8b;p=yubikey-personalization change how we expose the prf method for the pbkdf2 export the function in the library and remove the global variable. add ykpbkdf2.h to the distribution --- diff --git a/Makefile.am b/Makefile.am index ae52af4..c19931a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -38,10 +38,10 @@ AM_CFLAGS = $(WARN_CFLAGS) # The library. ykpers_includedir=$(includedir)/ykpers-1 -ykpers_include_HEADERS = ykpers.h ykcore/ykstatus.h ykcore/ykcore.h ykcore/ykdef.h +ykpers_include_HEADERS = ykpers.h ykcore/ykstatus.h ykcore/ykcore.h ykcore/ykdef.h ykpbkdf2.h lib_LTLIBRARIES = libykpers-1.la -libykpers_1_la_SOURCES = ykpers.c ykpbkdf2.h ykpbkdf2.c +libykpers_1_la_SOURCES = ykpers.c ykpbkdf2.c libykpers_1_la_SOURCES += rfc4634/hmac.c rfc4634/usha.c rfc4634/sha.h \ rfc4634/sha1.c rfc4634/sha224-256.c rfc4634/sha384-512.c \ rfc4634/sha-private.h diff --git a/configure.ac b/configure.ac index af53d2a..5270c60 100644 --- a/configure.ac +++ b/configure.ac @@ -26,7 +26,7 @@ # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -AC_INIT([yubikey-personalization], [1.8.3], +AC_INIT([yubikey-personalization], [1.9.0], [yubico-devel@googlegroups.com], [ykpers], [http://code.google.com/p/yubikey-personalization/]) AC_CONFIG_AUX_DIR([build-aux]) @@ -36,9 +36,9 @@ AC_CONFIG_MACRO_DIR([m4]) # Interfaces changed/added/removed: CURRENT++ REVISION=0 # Interfaces added: AGE++ # Interfaces removed: AGE=0 -AC_SUBST(LT_CURRENT, 9) -AC_SUBST(LT_REVISION, 3) -AC_SUBST(LT_AGE, 8) +AC_SUBST(LT_CURRENT, 10) +AC_SUBST(LT_REVISION, 0) +AC_SUBST(LT_AGE, 9) AM_INIT_AUTOMAKE([-Wall -Werror]) AM_SILENT_RULES([yes]) diff --git a/libykpers-1.map b/libykpers-1.map index 6f73987..741f85b 100644 --- a/libykpers-1.map +++ b/libykpers-1.map @@ -154,3 +154,10 @@ LIBYKPERS_1.8 { ykp_free_ndef; # Variables: } LIBYKPERS_1.7; + +LIBYKPERS_1.9 { + global: +# Functions: + yk_hmac_sha1; +# Variables: +} LIBYKPERS_1.8; diff --git a/ykpbkdf2.c b/ykpbkdf2.c index 119c971..10510e8 100644 --- a/ykpbkdf2.c +++ b/ykpbkdf2.c @@ -33,7 +33,7 @@ #include "rfc4634/sha.h" -static int hmac_sha1(const char *key, size_t key_len, +int yk_hmac_sha1(const char *key, size_t key_len, const char *text, size_t text_len, uint8_t *output, size_t output_size) { @@ -47,7 +47,6 @@ static int hmac_sha1(const char *key, size_t key_len, return 0; return 1; } -YK_PRF_METHOD yk_hmac_sha1 = { SHA1HashSize, hmac_sha1 }; int yk_pbkdf2(const char *passphrase, const unsigned char *salt, size_t salt_len, diff --git a/ykpbkdf2.h b/ykpbkdf2.h index f443dba..d8f9e56 100644 --- a/ykpbkdf2.h +++ b/ykpbkdf2.h @@ -41,7 +41,10 @@ struct yk_prf_method { const char *text, size_t text_len, uint8_t *output, size_t output_size); }; -extern YK_PRF_METHOD yk_hmac_sha1; + +int yk_hmac_sha1(const char *key, size_t key_len, + const char *text, size_t text_len, + uint8_t *output, size_t output_size); int yk_pbkdf2(const char *passphrase, const unsigned char *salt, size_t salt_len, diff --git a/ykpers.c b/ykpers.c index 14d291a..5d2a4e7 100644 --- a/ykpers.c +++ b/ykpers.c @@ -305,6 +305,7 @@ int ykp_AES_key_from_passphrase(YKP_CONFIG *cfg, const char *passphrase, unsigned char buf[sizeof(cfg->ykcore_config.key) + 4]; int rc; int key_bytes = _get_supported_key_length(cfg); + YK_PRF_METHOD prf_method = {20, yk_hmac_sha1}; assert (key_bytes <= sizeof(buf)); @@ -342,7 +343,7 @@ int ykp_AES_key_from_passphrase(YKP_CONFIG *cfg, const char *passphrase, time_t t = time(NULL); uint8_t output[256]; /* 2048 bits is a lot! */ - yk_hmac_sha1.prf_fn(passphrase, strlen(passphrase), + prf_method.prf_fn(passphrase, strlen(passphrase), (char *)&t, sizeof(t), output, sizeof(output)); memcpy(_salt, output, sizeof(_salt)); @@ -353,7 +354,7 @@ int ykp_AES_key_from_passphrase(YKP_CONFIG *cfg, const char *passphrase, _salt, _salt_len, 1024, buf, key_bytes, - &yk_hmac_sha1); + &prf_method); if (rc) { memcpy(cfg->ykcore_config.key, buf, sizeof(cfg->ykcore_config.key));