# HG changeset patch # User Olaf Wintermann # Date 1540035992 -7200 # Node ID 29b979ca8750ab722c1f5afbb61d806f46f036d6 # Parent a2fc5b1cd476f5fbe05b7f3f0e1c7f36847e11d5 adds dav_pw2key commoncrypto implementation diff -r a2fc5b1cd476 -r 29b979ca8750 dav/main.c --- a/dav/main.c Sat Oct 20 13:33:46 2018 +0200 +++ b/dav/main.c Sat Oct 20 13:46:32 2018 +0200 @@ -2397,6 +2397,7 @@ fprintf(stderr, "Repository %s does not exist.\n", reponame.ptr); return -1; } + return 0; } int cmd_add_user(CmdArgs *args) { diff -r a2fc5b1cd476 -r 29b979ca8750 dav/pwd.c --- a/dav/pwd.c Sat Oct 20 13:33:46 2018 +0200 +++ b/dav/pwd.c Sat Oct 20 13:46:32 2018 +0200 @@ -82,7 +82,7 @@ PWDS_VERSION(p) = 1; PWDS_ENC(p) = DAV_KEY_AES256; PWDS_PWFUNC(p) = DAV_PWFUNC_PBKDF2_SHA256; - dav_rand_bytes(p->content->space+4, 16); + dav_rand_bytes((unsigned char*)p->content->space+4, 16); p->isdecrypted = 1; p->encoffset = PWDS_HEADER_SIZE; return p; diff -r a2fc5b1cd476 -r 29b979ca8750 libidav/crypto.c --- a/libidav/crypto.c Sat Oct 20 13:33:46 2018 +0200 +++ b/libidav/crypto.c Sat Oct 20 13:46:32 2018 +0200 @@ -612,7 +612,7 @@ size_t avail = outlen; status = CCCryptorUpdate(enc->ctx, in, in_len, out + ivl, avail, &outlen); if(in_len != len) { - int newoutlen = 16; + size_t newoutlen = 16; status = CCCryptorFinal(enc->ctx, out + ivl + outlen, 16, &newoutlen); outlen += newoutlen; enc->end = 1; @@ -779,6 +779,71 @@ return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH); } +DavKey* dav_pw2key(const char *password, const char *salt, int saltlen, int pwfunc, int enc) { + if(!password) { + return NULL; + } + size_t len = strlen(password); + if(len == 0) { + return NULL; + } + + // setup key data and length + unsigned char keydata[32]; + int keylen = 32; + switch(enc) { + case DAV_KEY_AES128: keylen = 16; break; + case DAV_KEY_AES256: keylen = 32; break; + default: return NULL; + } + + // generate key + switch(pwfunc) { + case DAV_PWFUNC_PBKDF2_SHA256: { + int result = CCKeyDerivationPBKDF( + kCCPBKDF2, + password, + len, + (uint8_t*)salt, + saltlen, + kCCPRFHmacAlgSHA256, + DAV_CRYPTO_ITERATION_COUNT, + keydata, + keylen); + if(result) { + return NULL; + } + break; + } + case DAV_PWFUNC_PBKDF2_SHA512: { + int result = CCKeyDerivationPBKDF( + kCCPBKDF2, + password, + len, + (uint8_t*)salt, + saltlen, + kCCPRFHmacAlgSHA512, + DAV_CRYPTO_ITERATION_COUNT, + keydata, + keylen); + if(result) { + return NULL; + } + break; + } + default: return NULL; + } + + // create DavKey with generated data + DavKey *key = malloc(sizeof(DavKey)); + key->data = malloc(keylen); + key->length = keylen; + key->name = NULL; + key->type = enc; + memcpy(key->data, keydata, keylen); + return key; +} + #endif UcxBuffer* aes_encrypt_buffer(UcxBuffer *in, DavKey *key) { diff -r a2fc5b1cd476 -r 29b979ca8750 test/crypto.c --- a/test/crypto.c Sat Oct 20 13:33:46 2018 +0200 +++ b/test/crypto.c Sat Oct 20 13:46:32 2018 +0200 @@ -418,25 +418,25 @@ DavKey *keys[4]; keys[0] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA256, DAV_KEY_AES128); keys[1] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA256, DAV_KEY_AES256); keys[2] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA512, DAV_KEY_AES128); keys[3] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA512, DAV_KEY_AES256); @@ -447,9 +447,6 @@ int index = 16*p + 4*s + i; int keylen = index % 2 == 0 ? 16 : 32; - char *s1 = pwgenkeys[index]; - char *s2 = key->data; - UCX_TEST_ASSERT(keylen == key->length, "wrong key length"); UCX_TEST_ASSERT(!memcmp(key->data, pwgenkeys[index], keylen), "wrong key data"); }