commit 3819d0382a8016c55f467305555f7f88b1bda1f1
parent c1c6714bb8d83d446fe10c8ad22c4d5a63a6a27a
Author: Nihal Jere <nihal@nihaljere.xyz>
Date: Mon, 15 Mar 2021 19:41:22 -0500
make everything happy
replace OpenBSDisms, define SHA1_BLOCK_LENGTH, and replace sha1 calls
with those in our implementation
Diffstat:
3 files changed, 18 insertions(+), 16 deletions(-)
diff --git a/pkcs5_pbkdf2.c b/pkcs5_pbkdf2.c
@@ -14,6 +14,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include <sys/random.h>
#include <sys/types.h>
#include <string.h>
@@ -32,15 +33,15 @@ static void
hmac_sha1(const u_int8_t *text, size_t text_len, const u_int8_t *key,
size_t key_len, u_int8_t digest[SHA1_DIGEST_LENGTH])
{
- SHA1_CTX ctx;
+ struct sha1 ctx;
u_int8_t k_pad[SHA1_BLOCK_LENGTH];
u_int8_t tk[SHA1_DIGEST_LENGTH];
int i;
if (key_len > SHA1_BLOCK_LENGTH) {
- SHA1Init(&ctx);
- SHA1Update(&ctx, key, key_len);
- SHA1Final(tk, &ctx);
+ sha1_init(&ctx);
+ sha1_update(&ctx, key, key_len);
+ sha1_sum(&ctx, tk);
key = tk;
key_len = SHA1_DIGEST_LENGTH;
@@ -51,20 +52,20 @@ hmac_sha1(const u_int8_t *text, size_t text_len, const u_int8_t *key,
for (i = 0; i < SHA1_BLOCK_LENGTH; i++)
k_pad[i] ^= 0x36;
- SHA1Init(&ctx);
- SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
- SHA1Update(&ctx, text, text_len);
- SHA1Final(digest, &ctx);
+ sha1_init(&ctx);
+ sha1_update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
+ sha1_update(&ctx, text, text_len);
+ sha1_sum(&ctx, digest);
bzero(k_pad, sizeof k_pad);
bcopy(key, k_pad, key_len);
for (i = 0; i < SHA1_BLOCK_LENGTH; i++)
k_pad[i] ^= 0x5c;
- SHA1Init(&ctx);
- SHA1Update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
- SHA1Update(&ctx, digest, SHA1_DIGEST_LENGTH);
- SHA1Final(digest, &ctx);
+ sha1_init(&ctx);
+ sha1_update(&ctx, k_pad, SHA1_BLOCK_LENGTH);
+ sha1_update(&ctx, digest, SHA1_DIGEST_LENGTH);
+ sha1_sum(&ctx, digest);
}
/*
@@ -110,7 +111,8 @@ pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
key += r;
key_len -= r;
};
- freezero(asalt, salt_len + 4);
+ explicit_bzero(asalt, salt_len + 4);
+ free(asalt);
explicit_bzero(d1, sizeof(d1));
explicit_bzero(d2, sizeof(d2));
explicit_bzero(obuf, sizeof(obuf));
@@ -119,6 +121,6 @@ pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
bad:
/* overwrite with random in case caller doesn't check return code */
- arc4random_buf(key, key_len);
+ getrandom(key, key_len, 0);
return -1;
}
diff --git a/sha1.c b/sha1.c
@@ -2,7 +2,7 @@
#include <stdint.h>
#include <string.h>
-#include "../sha1.h"
+#include "sha1.h"
static uint32_t rol(uint32_t n, int k) { return (n << k) | (n >> (32-k)); }
#define F0(b,c,d) (d ^ (b & (c ^ d)))
diff --git a/sha1.h b/sha1.h
@@ -6,7 +6,7 @@ struct sha1 {
uint8_t buf[64]; /* message block buffer */
};
-enum { SHA1_DIGEST_LENGTH = 20 };
+enum { SHA1_DIGEST_LENGTH = 20, SHA1_BLOCK_LENGTH = 64 };
/* reset state */
void sha1_init(void *ctx);
