From 93d596ace2cfd078ee72afdce32f6084fc7a9d5e Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Sun, 24 Feb 2019 17:55:43 +0100 Subject: [PATCH] Introduce internal backend header. And remove commented-out test vectors (moved to tests). --- lib/crypto_backend/Makemodule.am | 1 + lib/crypto_backend/argon2_generic.c | 116 +---------- lib/crypto_backend/crc32.c | 2 - lib/crypto_backend/crypto_backend.h | 21 +- lib/crypto_backend/crypto_backend_internal.h | 42 ++++ lib/crypto_backend/crypto_gcrypt.c | 2 +- lib/crypto_backend/crypto_kernel.c | 2 +- lib/crypto_backend/crypto_nettle.c | 2 +- lib/crypto_backend/crypto_nss.c | 2 +- lib/crypto_backend/crypto_openssl.c | 2 +- lib/crypto_backend/pbkdf2_generic.c | 196 +------------------ 11 files changed, 53 insertions(+), 335 deletions(-) create mode 100644 lib/crypto_backend/crypto_backend_internal.h diff --git a/lib/crypto_backend/Makemodule.am b/lib/crypto_backend/Makemodule.am index 980eca5a..0d0ab0c3 100644 --- a/lib/crypto_backend/Makemodule.am +++ b/lib/crypto_backend/Makemodule.am @@ -4,6 +4,7 @@ libcrypto_backend_la_CFLAGS = $(AM_CFLAGS) @CRYPTO_CFLAGS@ libcrypto_backend_la_SOURCES = \ lib/crypto_backend/crypto_backend.h \ + lib/crypto_backend/crypto_backend_internal.h \ lib/crypto_backend/crypto_cipher_kernel.c \ lib/crypto_backend/crypto_storage.c \ lib/crypto_backend/pbkdf_check.c \ diff --git a/lib/crypto_backend/argon2_generic.c b/lib/crypto_backend/argon2_generic.c index f7358d0b..d82e820a 100644 --- a/lib/crypto_backend/argon2_generic.c +++ b/lib/crypto_backend/argon2_generic.c @@ -20,7 +20,7 @@ */ #include -#include "crypto_backend.h" +#include "crypto_backend_internal.h" #if HAVE_ARGON2_H #include #else @@ -77,117 +77,3 @@ int argon2(const char *type, const char *password, size_t password_length, return r; #endif } - -#if 0 -#include - -struct test_vector { - argon2_type type; - unsigned int memory; - unsigned int iterations; - unsigned int parallelism; - const char *password; - unsigned int password_length; - const char *salt; - unsigned int salt_length; - const char *key; - unsigned int key_length; - const char *ad; - unsigned int ad_length; - const char *output; - unsigned int output_length; -}; - -struct test_vector test_vectors[] = { - /* Argon2 RFC */ - { - Argon2_i, 32, 3, 4, - "\x01\x01\x01\x01\x01\x01\x01\x01" - "\x01\x01\x01\x01\x01\x01\x01\x01" - "\x01\x01\x01\x01\x01\x01\x01\x01" - "\x01\x01\x01\x01\x01\x01\x01\x01", 32, - "\x02\x02\x02\x02\x02\x02\x02\x02" - "\x02\x02\x02\x02\x02\x02\x02\x02", 16, - "\x03\x03\x03\x03\x03\x03\x03\x03", 8, - "\x04\x04\x04\x04\x04\x04\x04\x04" - "\x04\x04\x04\x04", 12, - "\xc8\x14\xd9\xd1\xdc\x7f\x37\xaa" - "\x13\xf0\xd7\x7f\x24\x94\xbd\xa1" - "\xc8\xde\x6b\x01\x6d\xd3\x88\xd2" - "\x99\x52\xa4\xc4\x67\x2b\x6c\xe8", 32 - }, - { - Argon2_id, 32, 3, 4, - "\x01\x01\x01\x01\x01\x01\x01\x01" - "\x01\x01\x01\x01\x01\x01\x01\x01" - "\x01\x01\x01\x01\x01\x01\x01\x01" - "\x01\x01\x01\x01\x01\x01\x01\x01", 32, - "\x02\x02\x02\x02\x02\x02\x02\x02" - "\x02\x02\x02\x02\x02\x02\x02\x02", 16, - "\x03\x03\x03\x03\x03\x03\x03\x03", 8, - "\x04\x04\x04\x04\x04\x04\x04\x04" - "\x04\x04\x04\x04", 12, - "\x0d\x64\x0d\xf5\x8d\x78\x76\x6c" - "\x08\xc0\x37\xa3\x4a\x8b\x53\xc9" - "\xd0\x1e\xf0\x45\x2d\x75\xb6\x5e" - "\xb5\x25\x20\xe9\x6b\x01\xe6\x59", 32 - } -}; - -static void printhex(const char *s, const char *buf, size_t len) -{ - size_t i; - - printf("%s: ", s); - for (i = 0; i < len; i++) - printf("\\x%02x", (unsigned char)buf[i]); - printf("\n"); - fflush(stdout); -} - -static int argon2_test_vectors(void) -{ - char result[64]; - int i, r; - struct test_vector *vec; - argon2_context context; - - printf("Argon2 running test vectors\n"); - - for (i = 0; i < (sizeof(test_vectors) / sizeof(*test_vectors)); i++) { - vec = &test_vectors[i]; - memset(result, 0, sizeof(result)); - memset(&context, 0, sizeof(context)); - - context.flags = ARGON2_DEFAULT_FLAGS; - context.version = ARGON2_VERSION_NUMBER; - context.out = (uint8_t *)result; - context.outlen = (uint32_t)vec->output_length; - context.pwd = (uint8_t *)vec->password; - context.pwdlen = (uint32_t)vec->password_length; - context.salt = (uint8_t *)vec->salt; - context.saltlen = (uint32_t)vec->salt_length; - context.secret = (uint8_t *)vec->key; - context.secretlen = (uint32_t)vec->key_length;; - context.ad = (uint8_t *)vec->ad; - context.adlen = (uint32_t)vec->ad_length; - context.t_cost = vec->iterations; - context.m_cost = vec->memory; - context.lanes = vec->parallelism; - context.threads = vec->parallelism; - - r = argon2_ctx(&context, vec->type); - if (r != ARGON2_OK) { - printf("Argon2 failed %i, vector %d\n", r, i); - return -EINVAL; - } - if (memcmp(result, vec->output, vec->output_length) != 0) { - printf("vector %u\n", i); - printhex(" got", result, vec->output_length); - printhex("want", vec->output, vec->output_length); - return -EINVAL; - } - } - return 0; -} -#endif diff --git a/lib/crypto_backend/crc32.c b/lib/crypto_backend/crc32.c index 332f3838..25a4440c 100644 --- a/lib/crypto_backend/crc32.c +++ b/lib/crypto_backend/crc32.c @@ -42,7 +42,6 @@ #include "crypto_backend.h" - static const uint32_t crc32_tab[] = { 0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L, 0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L, @@ -113,4 +112,3 @@ uint32_t crypt_crc32(uint32_t seed, const unsigned char *buf, size_t len) return crc; } - diff --git a/lib/crypto_backend/crypto_backend.h b/lib/crypto_backend/crypto_backend.h index f7f16d8c..f9e31403 100644 --- a/lib/crypto_backend/crypto_backend.h +++ b/lib/crypto_backend/crypto_backend.h @@ -58,14 +58,15 @@ void crypt_hmac_destroy(struct crypt_hmac *ctx); enum { CRYPT_RND_NORMAL = 0, CRYPT_RND_KEY = 1, CRYPT_RND_SALT = 2 }; int crypt_backend_rng(char *buffer, size_t length, int quality, int fips); + +/* PBKDF*/ struct crypt_pbkdf_limits { uint32_t min_iterations, max_iterations; uint32_t min_memory, max_memory; uint32_t min_parallel, max_parallel; }; -int crypt_pbkdf_get_limits(const char *kdf, struct crypt_pbkdf_limits *l); -/* PBKDF*/ +int crypt_pbkdf_get_limits(const char *kdf, struct crypt_pbkdf_limits *l); int crypt_pbkdf(const char *kdf, const char *hash, const char *password, size_t password_length, const char *salt, size_t salt_length, @@ -79,22 +80,6 @@ int crypt_pbkdf_perf(const char *kdf, const char *hash, uint32_t *iterations_out, uint32_t *memory_out, int (*progress)(uint32_t time_ms, void *usrptr), void *usrptr); -#if USE_INTERNAL_PBKDF2 -/* internal PBKDF2 implementation */ -int pkcs5_pbkdf2(const char *hash, - const char *P, size_t Plen, - const char *S, size_t Slen, - unsigned int c, - unsigned int dkLen, char *DK, - unsigned int hash_block_size); -#endif - -/* Argon2 implementation wrapper */ -int argon2(const char *type, const char *password, size_t password_length, - const char *salt, size_t salt_length, - char *key, size_t key_length, - uint32_t iterations, uint32_t memory, uint32_t parallel); - /* CRC32 */ uint32_t crypt_crc32(uint32_t seed, const unsigned char *buf, size_t len); diff --git a/lib/crypto_backend/crypto_backend_internal.h b/lib/crypto_backend/crypto_backend_internal.h new file mode 100644 index 00000000..5da780c8 --- /dev/null +++ b/lib/crypto_backend/crypto_backend_internal.h @@ -0,0 +1,42 @@ +/* + * crypto backend implementation + * + * Copyright (C) 2010-2019 Red Hat, Inc. All rights reserved. + * Copyright (C) 2010-2019 Milan Broz + * + * This file is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this file; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef _CRYPTO_BACKEND_INTERNAL_H +#define _CRYPTO_BACKEND_INTERNAL_H + +#include "crypto_backend.h" + +#if USE_INTERNAL_PBKDF2 +/* internal PBKDF2 implementation */ +int pkcs5_pbkdf2(const char *hash, + const char *P, size_t Plen, + const char *S, size_t Slen, + unsigned int c, + unsigned int dkLen, char *DK, + unsigned int hash_block_size); +#endif + +/* Argon2 implementation wrapper */ +int argon2(const char *type, const char *password, size_t password_length, + const char *salt, size_t salt_length, + char *key, size_t key_length, + uint32_t iterations, uint32_t memory, uint32_t parallel); + +#endif /* _CRYPTO_BACKEND_INTERNAL_H */ diff --git a/lib/crypto_backend/crypto_gcrypt.c b/lib/crypto_backend/crypto_gcrypt.c index c6ca5c41..613807cd 100644 --- a/lib/crypto_backend/crypto_gcrypt.c +++ b/lib/crypto_backend/crypto_gcrypt.c @@ -24,7 +24,7 @@ #include #include #include -#include "crypto_backend.h" +#include "crypto_backend_internal.h" static int crypto_backend_initialised = 0; static int crypto_backend_secmem = 1; diff --git a/lib/crypto_backend/crypto_kernel.c b/lib/crypto_backend/crypto_kernel.c index 00c8a32f..e2f9280a 100644 --- a/lib/crypto_backend/crypto_kernel.c +++ b/lib/crypto_backend/crypto_kernel.c @@ -27,7 +27,7 @@ #include #include #include -#include "crypto_backend.h" +#include "crypto_backend_internal.h" /* FIXME: remove later */ #ifndef AF_ALG diff --git a/lib/crypto_backend/crypto_nettle.c b/lib/crypto_backend/crypto_nettle.c index 6ad99d57..4599b56c 100644 --- a/lib/crypto_backend/crypto_nettle.c +++ b/lib/crypto_backend/crypto_nettle.c @@ -26,7 +26,7 @@ #include #include #include -#include "crypto_backend.h" +#include "crypto_backend_internal.h" #if HAVE_NETTLE_VERSION_H #include diff --git a/lib/crypto_backend/crypto_nss.c b/lib/crypto_backend/crypto_nss.c index 62df2b54..1676e55a 100644 --- a/lib/crypto_backend/crypto_nss.c +++ b/lib/crypto_backend/crypto_nss.c @@ -23,7 +23,7 @@ #include #include #include -#include "crypto_backend.h" +#include "crypto_backend_internal.h" #define CONST_CAST(x) (x)(uintptr_t) diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c index 38d7d72d..23fbcae3 100644 --- a/lib/crypto_backend/crypto_openssl.c +++ b/lib/crypto_backend/crypto_openssl.c @@ -33,7 +33,7 @@ #include #include #include -#include "crypto_backend.h" +#include "crypto_backend_internal.h" static int crypto_backend_initialised = 0; diff --git a/lib/crypto_backend/pbkdf2_generic.c b/lib/crypto_backend/pbkdf2_generic.c index cc3f95db..b897b2c2 100644 --- a/lib/crypto_backend/pbkdf2_generic.c +++ b/lib/crypto_backend/pbkdf2_generic.c @@ -25,7 +25,7 @@ #include #include -#include "crypto_backend.h" +#include "crypto_backend_internal.h" static int hash_buf(const char *src, size_t src_len, char *dst, size_t dst_len, @@ -230,197 +230,3 @@ out: return rc; } - -#if 0 -#include - -struct test_vector { - const char *hash; - unsigned int hash_block_length; - unsigned int iterations; - const char *password; - unsigned int password_length; - const char *salt; - unsigned int salt_length; - const char *output; - unsigned int output_length; -}; - -struct test_vector test_vectors[] = { - /* RFC 3962 */ - { - "sha1", 64, 1, - "password", 8, - "ATHENA.MIT.EDUraeburn", 21, - "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01" - "\x56\x5a\x11\x22\xb2\x56\x35\x15" - "\x0a\xd1\xf7\xa0\x4b\xb9\xf3\xa3" - "\x33\xec\xc0\xe2\xe1\xf7\x08\x37", 32 - }, { - "sha1", 64, 2, - "password", 8, - "ATHENA.MIT.EDUraeburn", 21, - "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e" - "\x98\x8b\x62\xc7\x3c\xda\x93\x5d" - "\xa0\x53\x78\xb9\x32\x44\xec\x8f" - "\x48\xa9\x9e\x61\xad\x79\x9d\x86", 32 - }, { - "sha1", 64, 1200, - "password", 8, - "ATHENA.MIT.EDUraeburn", 21, - "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e" - "\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b" - "\xa7\xe5\x2d\xdb\xc5\xe5\x14\x2f" - "\x70\x8a\x31\xe2\xe6\x2b\x1e\x13", 32 - }, { - "sha1", 64, 5, - "password", 8, - "\0224VxxV4\022", 8, // "\x1234567878563412 - "\xd1\xda\xa7\x86\x15\xf2\x87\xe6" - "\xa1\xc8\xb1\x20\xd7\x06\x2a\x49" - "\x3f\x98\xd2\x03\xe6\xbe\x49\xa6" - "\xad\xf4\xfa\x57\x4b\x6e\x64\xee", 32 - }, { - "sha1", 64, 1200, - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 64, - "pass phrase equals block size", 29, - "\x13\x9c\x30\xc0\x96\x6b\xc3\x2b" - "\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9" - "\xc5\xec\x59\xf1\xa4\x52\xf5\xcc" - "\x9a\xd9\x40\xfe\xa0\x59\x8e\xd1", 32 - }, { - "sha1", 64, 1200, - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 65, - "pass phrase exceeds block size", 30, - "\x9c\xca\xd6\xd4\x68\x77\x0c\xd5" - "\x1b\x10\xe6\xa6\x87\x21\xbe\x61" - "\x1a\x8b\x4d\x28\x26\x01\xdb\x3b" - "\x36\xbe\x92\x46\x91\x5e\xc8\x2a", 32 - }, { - "sha1", 64, 50, - "\360\235\204\236", 4, // g-clef ("\xf09d849e) - "EXAMPLE.COMpianist", 18, - "\x6b\x9c\xf2\x6d\x45\x45\x5a\x43" - "\xa5\xb8\xbb\x27\x6a\x40\x3b\x39" - "\xe7\xfe\x37\xa0\xc4\x1e\x02\xc2" - "\x81\xff\x30\x69\xe1\xe9\x4f\x52", 32 - }, { - /* RFC-6070 */ - "sha1", 64, 1, - "password", 8, - "salt", 4, - "\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9" - "\xb5\x24\xaf\x60\x12\x06\x2f\xe0\x37\xa6", 20 - }, { - "sha1", 64, 2, - "password", 8, - "salt", 4, - "\xea\x6c\x01\x4d\xc7\x2d\x6f\x8c\xcd\x1e" - "\xd9\x2a\xce\x1d\x41\xf0\xd8\xde\x89\x57", 20 - }, { - "sha1", 64, 4096, - "password", 8, - "salt", 4, - "\x4b\x00\x79\x01\xb7\x65\x48\x9a\xbe\xad" - "\x49\xd9\x26\xf7\x21\xd0\x65\xa4\x29\xc1", 20 - }, { - "sha1", 64, 16777216, - "password", 8, - "salt", 4, - "\xee\xfe\x3d\x61\xcd\x4d\xa4\xe4\xe9\x94" - "\x5b\x3d\x6b\xa2\x15\x8c\x26\x34\xe9\x84", 20 - }, { - "sha1", 64, 4096, - "passwordPASSWORDpassword", 24, - "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36, - "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8" - "\xd8\x36\x62\xc0\xe4\x4a\x8b\x29\x1a\x96" - "\x4c\xf2\xf0\x70\x38", 25 - }, { - "sha1", 64, 4096, - "pass\0word", 9, - "sa\0lt", 5, - "\x56\xfa\x6a\xa7\x55\x48\x09\x9d\xcc\x37" - "\xd7\xf0\x34\x25\xe0\xc3", 16 - }, { - /* empty password test */ - "sha1", 64, 2, - "", 0, - "salt", 4, - "\x13\x3a\x4c\xe8\x37\xb4\xd2\x52\x1e\xe2" - "\xbf\x03\xe1\x1c\x71\xca\x79\x4e\x07\x97", 20 - }, { - /* Password exceeds block size test */ - "sha256", 64, 1200, - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 65, - "pass phrase exceeds block size", 30, - "\x22\x34\x4b\xc4\xb6\xe3\x26\x75" - "\xa8\x09\x0f\x3e\xa8\x0b\xe0\x1d" - "\x5f\x95\x12\x6a\x2c\xdd\xc3\xfa" - "\xcc\x4a\x5e\x6d\xca\x04\xec\x58", 32 - }, { - "sha512", 128, 1200, - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 129, - "pass phrase exceeds block size", 30, - "\x0f\xb2\xed\x2c\x0e\x6e\xfb\x7d" - "\x7d\x8e\xdd\x58\x01\xb4\x59\x72" - "\x99\x92\x16\x30\x5e\xa4\x36\x8d" - "\x76\x14\x80\xf3\xe3\x7a\x22\xb9", 32 - }, { - "whirlpool", 64, 1200, - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 65, - "pass phrase exceeds block size", 30, - "\x9c\x1c\x74\xf5\x88\x26\xe7\x6a" - "\x53\x58\xf4\x0c\x39\xe7\x80\x89" - "\x07\xc0\x31\x19\x9a\x50\xa2\x48" - "\xf1\xd9\xfe\x78\x64\xe5\x84\x50", 32 - } -}; - -static void printhex(const char *s, const char *buf, size_t len) -{ - size_t i; - - printf("%s: ", s); - for (i = 0; i < len; i++) - printf("\\x%02x", (unsigned char)buf[i]); - printf("\n"); - fflush(stdout); -} - -static int pkcs5_pbkdf2_test_vectors(void) -{ - char result[64]; - unsigned int i, j; - struct test_vector *vec; - - for (i = 0; i < (sizeof(test_vectors) / sizeof(*test_vectors)); i++) { - vec = &test_vectors[i]; - for (j = 1; j <= vec->output_length; j++) { - if (pkcs5_pbkdf2(vec->hash, - vec->password, vec->password_length, - vec->salt, vec->salt_length, - vec->iterations, - j, result, vec->hash_block_length)) { - printf("pbkdf2 failed, vector %d\n", i); - return -EINVAL; - } - if (memcmp(result, vec->output, j) != 0) { - printf("vector %u\n", i); - printhex(" got", result, j); - printhex("want", vec->output, j); - return -EINVAL; - } - memset(result, 0, sizeof(result)); - } - } - return 0; -} -#endif