changeset
adds dav_pw2key commoncrypto implementation
Sat, 20 Oct 2018 13:46:32 +0200
- author
- Olaf Wintermann <olaf.wintermann@gmail.com>
- date
- Sat, 20 Oct 2018 13:46:32 +0200
- changeset 488
- 29b979ca8750
- parent 487
- a2fc5b1cd476
- child 489
- fb69eae42ef0
adds dav_pw2key commoncrypto implementation
| dav/main.c | file | annotate | diff | comparison | revisions | |
| dav/pwd.c | file | annotate | diff | comparison | revisions | |
| libidav/crypto.c | file | annotate | diff | comparison | revisions | |
| test/crypto.c | file | annotate | diff | comparison | revisions |
--- a/dav/main.c Sat Oct 20 13:33:46 2018 +0200 +++ b/dav/main.c Sat Oct 20 13:46:32 2018 +0200 @@ -2397,6 +2397,7 @@ fprintf(stderr, "Repository %s does not exist.\n", reponame.ptr); return -1; } + return 0; } int cmd_add_user(CmdArgs *args) {
--- a/dav/pwd.c Sat Oct 20 13:33:46 2018 +0200 +++ b/dav/pwd.c Sat Oct 20 13:46:32 2018 +0200 @@ -82,7 +82,7 @@ PWDS_VERSION(p) = 1; PWDS_ENC(p) = DAV_KEY_AES256; PWDS_PWFUNC(p) = DAV_PWFUNC_PBKDF2_SHA256; - dav_rand_bytes(p->content->space+4, 16); + dav_rand_bytes((unsigned char*)p->content->space+4, 16); p->isdecrypted = 1; p->encoffset = PWDS_HEADER_SIZE; return p;
--- a/libidav/crypto.c Sat Oct 20 13:33:46 2018 +0200 +++ b/libidav/crypto.c Sat Oct 20 13:46:32 2018 +0200 @@ -612,7 +612,7 @@ size_t avail = outlen; status = CCCryptorUpdate(enc->ctx, in, in_len, out + ivl, avail, &outlen); if(in_len != len) { - int newoutlen = 16; + size_t newoutlen = 16; status = CCCryptorFinal(enc->ctx, out + ivl + outlen, 16, &newoutlen); outlen += newoutlen; enc->end = 1; @@ -779,6 +779,71 @@ return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH); } +DavKey* dav_pw2key(const char *password, const char *salt, int saltlen, int pwfunc, int enc) { + if(!password) { + return NULL; + } + size_t len = strlen(password); + if(len == 0) { + return NULL; + } + + // setup key data and length + unsigned char keydata[32]; + int keylen = 32; + switch(enc) { + case DAV_KEY_AES128: keylen = 16; break; + case DAV_KEY_AES256: keylen = 32; break; + default: return NULL; + } + + // generate key + switch(pwfunc) { + case DAV_PWFUNC_PBKDF2_SHA256: { + int result = CCKeyDerivationPBKDF( + kCCPBKDF2, + password, + len, + (uint8_t*)salt, + saltlen, + kCCPRFHmacAlgSHA256, + DAV_CRYPTO_ITERATION_COUNT, + keydata, + keylen); + if(result) { + return NULL; + } + break; + } + case DAV_PWFUNC_PBKDF2_SHA512: { + int result = CCKeyDerivationPBKDF( + kCCPBKDF2, + password, + len, + (uint8_t*)salt, + saltlen, + kCCPRFHmacAlgSHA512, + DAV_CRYPTO_ITERATION_COUNT, + keydata, + keylen); + if(result) { + return NULL; + } + break; + } + default: return NULL; + } + + // create DavKey with generated data + DavKey *key = malloc(sizeof(DavKey)); + key->data = malloc(keylen); + key->length = keylen; + key->name = NULL; + key->type = enc; + memcpy(key->data, keydata, keylen); + return key; +} + #endif UcxBuffer* aes_encrypt_buffer(UcxBuffer *in, DavKey *key) {
--- a/test/crypto.c Sat Oct 20 13:33:46 2018 +0200 +++ b/test/crypto.c Sat Oct 20 13:46:32 2018 +0200 @@ -418,25 +418,25 @@ DavKey *keys[4]; keys[0] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA256, DAV_KEY_AES128); keys[1] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA256, DAV_KEY_AES256); keys[2] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA512, DAV_KEY_AES128); keys[3] = dav_pw2key( pws[p], - salt[s], + (char*)salt[s], saltlen[s], DAV_PWFUNC_PBKDF2_SHA512, DAV_KEY_AES256); @@ -447,9 +447,6 @@ int index = 16*p + 4*s + i; int keylen = index % 2 == 0 ? 16 : 32; - char *s1 = pwgenkeys[index]; - char *s2 = key->data; - UCX_TEST_ASSERT(keylen == key->length, "wrong key length"); UCX_TEST_ASSERT(!memcmp(key->data, pwgenkeys[index], keylen), "wrong key data"); }
