adds dav_pw2key commoncrypto implementation

Sat, 20 Oct 2018 13:46:32 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sat, 20 Oct 2018 13:46:32 +0200
changeset 488
29b979ca8750
parent 487
a2fc5b1cd476
child 489
fb69eae42ef0

adds dav_pw2key commoncrypto implementation

dav/main.c file | annotate | diff | comparison | revisions
dav/pwd.c file | annotate | diff | comparison | revisions
libidav/crypto.c file | annotate | diff | comparison | revisions
test/crypto.c file | annotate | diff | comparison | revisions
--- a/dav/main.c	Sat Oct 20 13:33:46 2018 +0200
+++ b/dav/main.c	Sat Oct 20 13:46:32 2018 +0200
@@ -2397,6 +2397,7 @@
         fprintf(stderr, "Repository %s does not exist.\n", reponame.ptr);
         return -1;
     }
+    return 0;
 }
 
 int cmd_add_user(CmdArgs *args) {
--- a/dav/pwd.c	Sat Oct 20 13:33:46 2018 +0200
+++ b/dav/pwd.c	Sat Oct 20 13:46:32 2018 +0200
@@ -82,7 +82,7 @@
     PWDS_VERSION(p) = 1;
     PWDS_ENC(p) = DAV_KEY_AES256;
     PWDS_PWFUNC(p) = DAV_PWFUNC_PBKDF2_SHA256;
-    dav_rand_bytes(p->content->space+4, 16);
+    dav_rand_bytes((unsigned char*)p->content->space+4, 16);
     p->isdecrypted = 1;
     p->encoffset = PWDS_HEADER_SIZE;
     return p;
--- a/libidav/crypto.c	Sat Oct 20 13:33:46 2018 +0200
+++ b/libidav/crypto.c	Sat Oct 20 13:46:32 2018 +0200
@@ -612,7 +612,7 @@
         size_t avail = outlen;
         status = CCCryptorUpdate(enc->ctx, in, in_len, out + ivl, avail, &outlen);
         if(in_len != len) {
-            int newoutlen = 16;
+            size_t newoutlen = 16;
             status = CCCryptorFinal(enc->ctx, out + ivl + outlen, 16, &newoutlen);
             outlen += newoutlen;
             enc->end = 1;
@@ -779,6 +779,71 @@
     return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
 }
 
+DavKey* dav_pw2key(const char *password, const char *salt, int saltlen, int pwfunc, int enc) {
+    if(!password) {
+        return NULL;
+    }
+    size_t len = strlen(password);
+    if(len == 0) {
+        return NULL;
+    }
+    
+    // setup key data and length
+    unsigned char keydata[32];
+    int keylen = 32;
+    switch(enc) {
+        case DAV_KEY_AES128: keylen = 16; break;
+        case DAV_KEY_AES256: keylen = 32; break;
+        default: return NULL;
+    }
+    
+    // generate key
+    switch(pwfunc) {
+        case DAV_PWFUNC_PBKDF2_SHA256: {
+            int result = CCKeyDerivationPBKDF(
+                    kCCPBKDF2,
+                    password,
+                    len,
+                    (uint8_t*)salt,
+                    saltlen,
+                    kCCPRFHmacAlgSHA256,
+                    DAV_CRYPTO_ITERATION_COUNT,
+                    keydata,
+                    keylen);
+            if(result) {
+                return NULL;
+            }
+            break;
+        }
+        case DAV_PWFUNC_PBKDF2_SHA512: {
+            int result = CCKeyDerivationPBKDF(
+                    kCCPBKDF2,
+                    password,
+                    len,
+                    (uint8_t*)salt,
+                    saltlen,
+                    kCCPRFHmacAlgSHA512,
+                    DAV_CRYPTO_ITERATION_COUNT,
+                    keydata,
+                    keylen);
+            if(result) {
+                return NULL;
+            }
+            break;
+        }
+        default: return NULL;
+    }
+    
+    // create DavKey with generated data
+    DavKey *key = malloc(sizeof(DavKey));
+    key->data = malloc(keylen);
+    key->length = keylen;
+    key->name = NULL;
+    key->type = enc;
+    memcpy(key->data, keydata, keylen);
+    return key;
+}
+
 #endif
 
 UcxBuffer* aes_encrypt_buffer(UcxBuffer *in, DavKey *key) {
--- a/test/crypto.c	Sat Oct 20 13:33:46 2018 +0200
+++ b/test/crypto.c	Sat Oct 20 13:46:32 2018 +0200
@@ -418,25 +418,25 @@
             DavKey *keys[4];
             keys[0] =  dav_pw2key(
                     pws[p],
-                    salt[s],
+                    (char*)salt[s],
                     saltlen[s],
                     DAV_PWFUNC_PBKDF2_SHA256,
                     DAV_KEY_AES128);
             keys[1] = dav_pw2key(
                     pws[p],
-                    salt[s],
+                    (char*)salt[s],
                     saltlen[s],
                     DAV_PWFUNC_PBKDF2_SHA256,
                     DAV_KEY_AES256);
             keys[2] = dav_pw2key(
                     pws[p],
-                    salt[s],
+                    (char*)salt[s],
                     saltlen[s],
                     DAV_PWFUNC_PBKDF2_SHA512,
                     DAV_KEY_AES128);
             keys[3] = dav_pw2key(
                     pws[p],
-                    salt[s],
+                    (char*)salt[s],
                     saltlen[s],
                     DAV_PWFUNC_PBKDF2_SHA512,
                     DAV_KEY_AES256);
@@ -447,9 +447,6 @@
                 int index = 16*p + 4*s + i;
                 int keylen = index % 2 == 0 ? 16 : 32;
                 
-                char *s1 = pwgenkeys[index];
-                char *s2 = key->data;
-                
                 UCX_TEST_ASSERT(keylen == key->length, "wrong key length");
                 UCX_TEST_ASSERT(!memcmp(key->data, pwgenkeys[index], keylen), "wrong key data");
             }

mercurial