mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 04:15:35 +00:00
Drop pbkdf2 module (superseded by pkcs5)
This commit is contained in:
parent
f9c1387b9d
commit
b6b16bddc3
|
@ -6,6 +6,7 @@ Features
|
||||||
* Support for DTLS 1.0 and 1.2 (RFC 6347).
|
* Support for DTLS 1.0 and 1.2 (RFC 6347).
|
||||||
|
|
||||||
API Changes
|
API Changes
|
||||||
|
* Remove the PBKDF2 module (use PKCS5).
|
||||||
* Remove POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()).
|
* Remove POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()).
|
||||||
* Headers are now found in the 'mbedtls' directory (previously 'polarssl').
|
* Headers are now found in the 'mbedtls' directory (previously 'polarssl').
|
||||||
* Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION
|
* Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION
|
||||||
|
|
|
@ -1814,20 +1814,6 @@
|
||||||
*/
|
*/
|
||||||
#define POLARSSL_PADLOCK_C
|
#define POLARSSL_PADLOCK_C
|
||||||
|
|
||||||
/**
|
|
||||||
* \def POLARSSL_PBKDF2_C
|
|
||||||
*
|
|
||||||
* Enable PKCS#5 PBKDF2 key derivation function.
|
|
||||||
* DEPRECATED: Use POLARSSL_PKCS5_C instead
|
|
||||||
*
|
|
||||||
* Module: library/pbkdf2.c
|
|
||||||
*
|
|
||||||
* Requires: POLARSSL_PKCS5_C
|
|
||||||
*
|
|
||||||
* This module adds support for the PKCS#5 PBKDF2 key derivation function.
|
|
||||||
*/
|
|
||||||
#define POLARSSL_PBKDF2_C
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def POLARSSL_PEM_PARSE_C
|
* \def POLARSSL_PEM_PARSE_C
|
||||||
*
|
*
|
||||||
|
|
|
@ -1,79 +0,0 @@
|
||||||
/**
|
|
||||||
* \file pbkdf2.h
|
|
||||||
*
|
|
||||||
* \brief Password-Based Key Derivation Function 2 (from PKCS#5)
|
|
||||||
* DEPRECATED: use pkcs5.h instead.
|
|
||||||
*
|
|
||||||
* \author Mathias Olsson <mathias@kompetensum.com>
|
|
||||||
*
|
|
||||||
* Copyright (C) 2006-2012, ARM Limited, All Rights Reserved
|
|
||||||
*
|
|
||||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify
|
|
||||||
* it under the terms of the GNU General Public License as published by
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or
|
|
||||||
* (at your option) any later version.
|
|
||||||
*
|
|
||||||
* This program is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
* GNU General Public License for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU General Public License along
|
|
||||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
||||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
*/
|
|
||||||
#ifndef POLARSSL_PBKDF2_H
|
|
||||||
#define POLARSSL_PBKDF2_H
|
|
||||||
|
|
||||||
#include "md.h"
|
|
||||||
|
|
||||||
#include <stddef.h>
|
|
||||||
|
|
||||||
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
|
|
||||||
#include <basetsd.h>
|
|
||||||
typedef UINT32 uint32_t;
|
|
||||||
#else
|
|
||||||
#include <inttypes.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA -0x007C /**< Bad input parameters to function. */
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/**
|
|
||||||
* \brief PKCS#5 PBKDF2 using HMAC
|
|
||||||
* DEPRECATED: Use pkcs5_pbkdf2_hmac() instead!
|
|
||||||
*
|
|
||||||
* \param ctx Generic HMAC context
|
|
||||||
* \param password Password to use when generating key
|
|
||||||
* \param plen Length of password
|
|
||||||
* \param salt Salt to use when generating key
|
|
||||||
* \param slen Length of salt
|
|
||||||
* \param iteration_count Iteration count
|
|
||||||
* \param key_length Length of generated key
|
|
||||||
* \param output Generated key. Must be at least as big as key_length
|
|
||||||
*
|
|
||||||
* \returns 0 on success, or a POLARSSL_ERR_xxx code if verification fails.
|
|
||||||
*/
|
|
||||||
int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
|
|
||||||
size_t plen, const unsigned char *salt, size_t slen,
|
|
||||||
unsigned int iteration_count,
|
|
||||||
uint32_t key_length, unsigned char *output );
|
|
||||||
|
|
||||||
/**
|
|
||||||
* \brief Checkup routine
|
|
||||||
* DEPRECATED: Use pkcs5_self_test() instead!
|
|
||||||
*
|
|
||||||
* \return 0 if successful, or 1 if the test failed
|
|
||||||
*/
|
|
||||||
int pbkdf2_self_test( int verbose );
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* pbkdf2.h */
|
|
|
@ -39,7 +39,6 @@ set(src
|
||||||
net.c
|
net.c
|
||||||
oid.c
|
oid.c
|
||||||
padlock.c
|
padlock.c
|
||||||
pbkdf2.c
|
|
||||||
pem.c
|
pem.c
|
||||||
pkcs5.c
|
pkcs5.c
|
||||||
pkcs11.c
|
pkcs11.c
|
||||||
|
|
|
@ -56,8 +56,7 @@ OBJS= aes.o aesni.o arc4.o \
|
||||||
md.o md_wrap.o md2.o \
|
md.o md_wrap.o md2.o \
|
||||||
md4.o md5.o \
|
md4.o md5.o \
|
||||||
memory_buffer_alloc.o net.o \
|
memory_buffer_alloc.o net.o \
|
||||||
oid.o \
|
oid.o padlock.o pem.o \
|
||||||
padlock.o pbkdf2.o pem.o \
|
|
||||||
pkcs5.o pkcs11.o pkcs12.o \
|
pkcs5.o pkcs11.o pkcs12.o \
|
||||||
pk.o pk_wrap.o pkparse.o \
|
pk.o pk_wrap.o pkparse.o \
|
||||||
pkwrite.o platform.o ripemd160.o \
|
pkwrite.o platform.o ripemd160.o \
|
||||||
|
|
|
@ -125,10 +125,6 @@
|
||||||
#include "mbedtls/padlock.h"
|
#include "mbedtls/padlock.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_PBKDF2_C)
|
|
||||||
#include "mbedtls/pbkdf2.h"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
|
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
|
||||||
#include "mbedtls/pem.h"
|
#include "mbedtls/pem.h"
|
||||||
#endif
|
#endif
|
||||||
|
@ -701,11 +697,6 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
|
||||||
polarssl_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
|
polarssl_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
|
||||||
#endif /* POLARSSL_PADLOCK_C */
|
#endif /* POLARSSL_PADLOCK_C */
|
||||||
|
|
||||||
#if defined(POLARSSL_PBKDF2_C)
|
|
||||||
if( use_ret == -(POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA) )
|
|
||||||
polarssl_snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" );
|
|
||||||
#endif /* POLARSSL_PBKDF2_C */
|
|
||||||
|
|
||||||
#if defined(POLARSSL_RIPEMD160_C)
|
#if defined(POLARSSL_RIPEMD160_C)
|
||||||
if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) )
|
if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) )
|
||||||
polarssl_snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" );
|
polarssl_snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" );
|
||||||
|
|
|
@ -1,61 +0,0 @@
|
||||||
/**
|
|
||||||
* \file pbkdf2.c
|
|
||||||
*
|
|
||||||
* \brief Password-Based Key Derivation Function 2 (from PKCS#5)
|
|
||||||
* DEPRECATED: Use pkcs5.c instead
|
|
||||||
*
|
|
||||||
* \author Mathias Olsson <mathias@kompetensum.com>
|
|
||||||
*
|
|
||||||
* Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
|
|
||||||
*
|
|
||||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify
|
|
||||||
* it under the terms of the GNU General Public License as published by
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or
|
|
||||||
* (at your option) any later version.
|
|
||||||
*
|
|
||||||
* This program is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
* GNU General Public License for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU General Public License along
|
|
||||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
||||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
*/
|
|
||||||
/*
|
|
||||||
* PBKDF2 is part of PKCS#5
|
|
||||||
*
|
|
||||||
* http://tools.ietf.org/html/rfc2898 (Specification)
|
|
||||||
* http://tools.ietf.org/html/rfc6070 (Test vectors)
|
|
||||||
*/
|
|
||||||
|
|
||||||
#if !defined(POLARSSL_CONFIG_FILE)
|
|
||||||
#include "mbedtls/config.h"
|
|
||||||
#else
|
|
||||||
#include POLARSSL_CONFIG_FILE
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(POLARSSL_PBKDF2_C)
|
|
||||||
|
|
||||||
#include "mbedtls/pbkdf2.h"
|
|
||||||
#include "mbedtls/pkcs5.h"
|
|
||||||
|
|
||||||
int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen,
|
|
||||||
const unsigned char *salt, size_t slen,
|
|
||||||
unsigned int iteration_count,
|
|
||||||
uint32_t key_length, unsigned char *output )
|
|
||||||
{
|
|
||||||
return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count,
|
|
||||||
key_length, output );
|
|
||||||
}
|
|
||||||
|
|
||||||
#if defined(POLARSSL_SELF_TEST)
|
|
||||||
int pbkdf2_self_test( int verbose )
|
|
||||||
{
|
|
||||||
return pkcs5_self_test( verbose );
|
|
||||||
}
|
|
||||||
#endif /* POLARSSL_SELF_TEST */
|
|
||||||
|
|
||||||
#endif /* POLARSSL_PBKDF2_C */
|
|
|
@ -49,7 +49,6 @@
|
||||||
#include "mbedtls/x509.h"
|
#include "mbedtls/x509.h"
|
||||||
#include "mbedtls/xtea.h"
|
#include "mbedtls/xtea.h"
|
||||||
#include "mbedtls/pkcs5.h"
|
#include "mbedtls/pkcs5.h"
|
||||||
#include "mbedtls/pbkdf2.h"
|
|
||||||
#include "mbedtls/ecp.h"
|
#include "mbedtls/ecp.h"
|
||||||
#include "mbedtls/timing.h"
|
#include "mbedtls/timing.h"
|
||||||
|
|
||||||
|
@ -203,17 +202,12 @@ int main( int argc, char *argv[] )
|
||||||
return( ret );
|
return( ret );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Slow tests last */
|
|
||||||
|
|
||||||
#if defined(POLARSSL_PBKDF2_C)
|
|
||||||
if( ( ret = pbkdf2_self_test( v ) ) != 0 )
|
|
||||||
return( ret );
|
|
||||||
#else
|
|
||||||
#if defined(POLARSSL_PKCS5_C)
|
#if defined(POLARSSL_PKCS5_C)
|
||||||
if( ( ret = pkcs5_self_test( v ) ) != 0 )
|
if( ( ret = pkcs5_self_test( v ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
#endif
|
#endif
|
||||||
#endif
|
|
||||||
|
/* Slow tests last */
|
||||||
|
|
||||||
/* Not stable enough on Windows and FreeBSD yet */
|
/* Not stable enough on Windows and FreeBSD yet */
|
||||||
#if __linux__ && defined(POLARSSL_TIMING_C)
|
#if __linux__ && defined(POLARSSL_TIMING_C)
|
||||||
|
|
|
@ -75,7 +75,6 @@ add_test_suite(md)
|
||||||
add_test_suite(mdx)
|
add_test_suite(mdx)
|
||||||
add_test_suite(memory_buffer_alloc)
|
add_test_suite(memory_buffer_alloc)
|
||||||
add_test_suite(mpi)
|
add_test_suite(mpi)
|
||||||
add_test_suite(pbkdf2)
|
|
||||||
add_test_suite(pem)
|
add_test_suite(pem)
|
||||||
add_test_suite(pkcs1_v21)
|
add_test_suite(pkcs1_v21)
|
||||||
add_test_suite(pkcs5)
|
add_test_suite(pkcs5)
|
||||||
|
|
|
@ -74,7 +74,7 @@ APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \
|
||||||
test_suite_hmac_drbg.pr$(EXEXT) \
|
test_suite_hmac_drbg.pr$(EXEXT) \
|
||||||
test_suite_md$(EXEXT) test_suite_mdx$(EXEXT) \
|
test_suite_md$(EXEXT) test_suite_mdx$(EXEXT) \
|
||||||
test_suite_memory_buffer_alloc$(EXEXT) \
|
test_suite_memory_buffer_alloc$(EXEXT) \
|
||||||
test_suite_mpi$(EXEXT) test_suite_pbkdf2$(EXEXT) \
|
test_suite_mpi$(EXEXT) \
|
||||||
test_suite_pem$(EXEXT) \
|
test_suite_pem$(EXEXT) \
|
||||||
test_suite_pkcs1_v21$(EXEXT) test_suite_pkcs5$(EXEXT) \
|
test_suite_pkcs1_v21$(EXEXT) test_suite_pkcs5$(EXEXT) \
|
||||||
test_suite_pkparse$(EXEXT) test_suite_pkwrite$(EXEXT) \
|
test_suite_pkparse$(EXEXT) test_suite_pkwrite$(EXEXT) \
|
||||||
|
|
|
@ -1,19 +0,0 @@
|
||||||
PBKDF2 RFC 6070 Test Vector #1 (SHA1)
|
|
||||||
depends_on:POLARSSL_SHA1_C
|
|
||||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":1:20:"0c60c80f961f0e71f3a9b524af6012062fe037a6"
|
|
||||||
|
|
||||||
PBKDF2 RFC 6070 Test Vector #2 (SHA1)
|
|
||||||
depends_on:POLARSSL_SHA1_C
|
|
||||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":2:20:"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
|
|
||||||
|
|
||||||
PBKDF2 RFC 6070 Test Vector #3 (SHA1)
|
|
||||||
depends_on:POLARSSL_SHA1_C
|
|
||||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":4096:20:"4b007901b765489abead49d926f721d065a429c1"
|
|
||||||
|
|
||||||
PBKDF2 RFC 6070 Test Vector #5 (SHA1)
|
|
||||||
depends_on:POLARSSL_SHA1_C
|
|
||||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
|
|
||||||
|
|
||||||
PBKDF2 RFC 6070 Test Vector #6 (SHA1)
|
|
||||||
depends_on:POLARSSL_SHA1_C
|
|
||||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
|
|
|
@ -1,48 +0,0 @@
|
||||||
/* BEGIN_HEADER */
|
|
||||||
#include "mbedtls/pbkdf2.h"
|
|
||||||
/* END_HEADER */
|
|
||||||
|
|
||||||
/* BEGIN_DEPENDENCIES
|
|
||||||
* depends_on:POLARSSL_PBKDF2_C
|
|
||||||
* END_DEPENDENCIES
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* BEGIN_CASE */
|
|
||||||
void pbkdf2_hmac( int hash, char *hex_password_string, char *hex_salt_string,
|
|
||||||
int it_cnt, int key_len, char *result_key_string )
|
|
||||||
{
|
|
||||||
unsigned char pw_str[100];
|
|
||||||
unsigned char salt_str[100];
|
|
||||||
unsigned char dst_str[100];
|
|
||||||
|
|
||||||
md_context_t ctx;
|
|
||||||
const md_info_t *info;
|
|
||||||
|
|
||||||
int pw_len, salt_len;
|
|
||||||
unsigned char key[100];
|
|
||||||
|
|
||||||
md_init( &ctx );
|
|
||||||
|
|
||||||
memset(pw_str, 0x00, 100);
|
|
||||||
memset(salt_str, 0x00, 100);
|
|
||||||
memset(dst_str, 0x00, 100);
|
|
||||||
|
|
||||||
pw_len = unhexify( pw_str, hex_password_string );
|
|
||||||
salt_len = unhexify( salt_str, hex_salt_string );
|
|
||||||
|
|
||||||
|
|
||||||
info = md_info_from_type( hash );
|
|
||||||
TEST_ASSERT( info != NULL );
|
|
||||||
if( info == NULL )
|
|
||||||
return;
|
|
||||||
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
|
|
||||||
TEST_ASSERT( pbkdf2_hmac( &ctx, pw_str, pw_len, salt_str, salt_len,
|
|
||||||
it_cnt, key_len, key ) == 0 );
|
|
||||||
|
|
||||||
hexify( dst_str, key, key_len );
|
|
||||||
TEST_ASSERT( strcmp( (char *) dst_str, result_key_string ) == 0 );
|
|
||||||
|
|
||||||
exit:
|
|
||||||
md_free( &ctx );
|
|
||||||
}
|
|
||||||
/* END_CASE */
|
|
|
@ -180,7 +180,6 @@
|
||||||
<ClInclude Include="..\..\include\mbedtls\net.h" />
|
<ClInclude Include="..\..\include\mbedtls\net.h" />
|
||||||
<ClInclude Include="..\..\include\mbedtls\oid.h" />
|
<ClInclude Include="..\..\include\mbedtls\oid.h" />
|
||||||
<ClInclude Include="..\..\include\mbedtls\padlock.h" />
|
<ClInclude Include="..\..\include\mbedtls\padlock.h" />
|
||||||
<ClInclude Include="..\..\include\mbedtls\pbkdf2.h" />
|
|
||||||
<ClInclude Include="..\..\include\mbedtls\pem.h" />
|
<ClInclude Include="..\..\include\mbedtls\pem.h" />
|
||||||
<ClInclude Include="..\..\include\mbedtls\pk.h" />
|
<ClInclude Include="..\..\include\mbedtls\pk.h" />
|
||||||
<ClInclude Include="..\..\include\mbedtls\pk_wrap.h" />
|
<ClInclude Include="..\..\include\mbedtls\pk_wrap.h" />
|
||||||
|
@ -243,7 +242,6 @@
|
||||||
<ClCompile Include="..\..\library\net.c" />
|
<ClCompile Include="..\..\library\net.c" />
|
||||||
<ClCompile Include="..\..\library\oid.c" />
|
<ClCompile Include="..\..\library\oid.c" />
|
||||||
<ClCompile Include="..\..\library\padlock.c" />
|
<ClCompile Include="..\..\library\padlock.c" />
|
||||||
<ClCompile Include="..\..\library\pbkdf2.c" />
|
|
||||||
<ClCompile Include="..\..\library\pem.c" />
|
<ClCompile Include="..\..\library\pem.c" />
|
||||||
<ClCompile Include="..\..\library\pk.c" />
|
<ClCompile Include="..\..\library\pk.c" />
|
||||||
<ClCompile Include="..\..\library\pk_wrap.c" />
|
<ClCompile Include="..\..\library\pk_wrap.c" />
|
||||||
|
|
|
@ -229,10 +229,6 @@ SOURCE=..\..\library\padlock.c
|
||||||
# End Source File
|
# End Source File
|
||||||
# Begin Source File
|
# Begin Source File
|
||||||
|
|
||||||
SOURCE=..\..\library\pbkdf2.c
|
|
||||||
# End Source File
|
|
||||||
# Begin Source File
|
|
||||||
|
|
||||||
SOURCE=..\..\library\pem.c
|
SOURCE=..\..\library\pem.c
|
||||||
# End Source File
|
# End Source File
|
||||||
# Begin Source File
|
# Begin Source File
|
||||||
|
@ -517,10 +513,6 @@ SOURCE=..\..\include\mbedtls\padlock.h
|
||||||
# End Source File
|
# End Source File
|
||||||
# Begin Source File
|
# Begin Source File
|
||||||
|
|
||||||
SOURCE=..\..\include\mbedtls\pbkdf2.h
|
|
||||||
# End Source File
|
|
||||||
# Begin Source File
|
|
||||||
|
|
||||||
SOURCE=..\..\include\mbedtls\pem.h
|
SOURCE=..\..\include\mbedtls\pem.h
|
||||||
# End Source File
|
# End Source File
|
||||||
# Begin Source File
|
# Begin Source File
|
||||||
|
|
Loading…
Reference in a new issue