Attachment 159924 Details for Bug 202365 – proposed patch

[patch] proposed patch

pbkdf2.patch (text/plain), 3.22 KB, created by jpixton on 2015-08-16 16:51:33 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: jpixton

Created: 2015-08-16 16:51:33 UTC

Size: 3.22 KB

patch

obsolete

>diff -u orig/g_eli_crypto.c patch/g_eli_crypto.c
>--- orig/g_eli_crypto.c	2014-09-04 16:01:02.000000000 +0100
>+++ patch/g_eli_crypto.c	2015-08-15 17:58:33.598500175 +0100
>@@ -240,7 +240,7 @@
> g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey,
>     size_t hkeylen)
> {
>-	u_char k_ipad[128], key[128];
>+	u_char k_ipad[128], k_opad[128], key[128];
> 	SHA512_CTX lctx;
> 	u_int i;
> 
>@@ -259,13 +259,17 @@
> 	/* XOR key with ipad and opad values. */
> 	for (i = 0; i < sizeof(key); i++) {
> 		k_ipad[i] = key[i] ^ 0x36;
>-		ctx->k_opad[i] = key[i] ^ 0x5c;
>+		k_opad[i] = key[i] ^ 0x5c;
> 	}
> 	bzero(key, sizeof(key));
>-	/* Perform inner SHA512. */
>-	SHA512_Init(&ctx->shactx);
>-	SHA512_Update(&ctx->shactx, k_ipad, sizeof(k_ipad));
>+	/* Start inner SHA512. */
>+	SHA512_Init(&ctx->innerctx);
>+	SHA512_Update(&ctx->innerctx, k_ipad, sizeof(k_ipad));
> 	bzero(k_ipad, sizeof(k_ipad));
>+	/* Start outer SHA512. */
>+	SHA512_Init(&ctx->outerctx);
>+	SHA512_Update(&ctx->outerctx, k_opad, sizeof(k_opad));
>+	bzero(k_opad, sizeof(k_opad));
> }
> 
> void
>@@ -280,16 +284,15 @@
> g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize)
> {
> 	u_char digest[SHA512_MDLEN];
>-	SHA512_CTX lctx;
> 
>-	SHA512_Final(digest, &ctx->shactx);
>-	/* Perform outer SHA512. */
>-	SHA512_Init(&lctx);
>-	SHA512_Update(&lctx, ctx->k_opad, sizeof(ctx->k_opad));
>+	/* Complete inner hash */
>+	SHA512_Final(digest, &ctx->innerctx);
>+	
>+	/* Complete outer hash */
>+	SHA512_Update(&ctx->outerctx, digest, sizeof(digest));
>+	SHA512_Final(digest, &ctx->outerctx);
>+	
> 	bzero(ctx, sizeof(*ctx));
>-	SHA512_Update(&lctx, digest, sizeof(digest));
>-	SHA512_Final(digest, &lctx);
>-	bzero(&lctx, sizeof(lctx));
> 	/* mdsize == 0 means "Give me the whole hash!" */
> 	if (mdsize == 0)
> 		mdsize = SHA512_MDLEN;
>diff -u orig/g_eli.h patch/g_eli.h
>--- orig/g_eli.h	2014-09-04 16:01:02.000000000 +0100
>+++ patch/g_eli.h	2015-08-15 17:54:16.266513048 +0100
>@@ -605,8 +605,8 @@
>     const u_char *key, size_t keysize);
> 
> struct hmac_ctx {
>-	SHA512_CTX	shactx;
>-	u_char		k_opad[128];
>+	SHA512_CTX	innerctx;
>+	SHA512_CTX	outerctx;
> };
> 
> void g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey,
>diff -u orig/pkcs5v2.c patch/pkcs5v2.c
>--- orig/pkcs5v2.c	2014-09-04 16:01:02.000000000 +0100
>+++ patch/pkcs5v2.c	2015-08-15 17:53:03.914516667 +0100
>@@ -56,6 +56,7 @@
> 	uint8_t *counter, *keyp;
> 	u_int i, bsize, passlen;
> 	uint32_t count;
>+	struct hmac_ctx startpoint, ctx;
> 
> 	passlen = strlen(passphrase);
> 	bzero(key, keylen);
>@@ -70,16 +71,22 @@
> 		counter[1] = (count >> 16) & 0xff;
> 		counter[2] = (count >> 8) & 0xff;
> 		counter[3] = count & 0xff;
>-		g_eli_crypto_hmac(passphrase, passlen, saltcount,
>-		    sizeof(saltcount), md, 0);
>+
>+		g_eli_crypto_hmac_init(&startpoint, passphrase, passlen);
>+		ctx = startpoint;
>+		g_eli_crypto_hmac_update(&ctx, saltcount, sizeof(saltcount));
>+		g_eli_crypto_hmac_final(&ctx, md, sizeof(md));
> 		xor(keyp, md, bsize);
> 
> 		for(i = 1; i < iterations; i++) {
>-			g_eli_crypto_hmac(passphrase, passlen, md, sizeof(md),
>-			    md, 0);
>+			ctx = startpoint;
>+			g_eli_crypto_hmac_update(&ctx, md, sizeof(md));
>+			g_eli_crypto_hmac_final(&ctx, md, sizeof(md));
> 			xor(keyp, md, bsize);
> 		}
> 	}
>+	bzero(&startpoint, sizeof(startpoint));
>+	bzero(&ctx, sizeof(ctx));
> }
> 
> #ifndef _KERNEL

Actions: View | Diff

Attachments on bug 202365: 159924