sha256.c
Go to the documentation of this file.
00001 /*
00002  * SHA-256 hash implementation and interface functions
00003  * Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
00004  *
00005  * This program is free software; you can redistribute it and/or modify
00006  * it under the terms of the GNU General Public License version 2 as
00007  * published by the Free Software Foundation.
00008  *
00009  * Alternatively, this software may be distributed under the terms of BSD
00010  * license.
00011  *
00012  * See README and COPYING for more details.
00013  */
00014 
00015 #include "includes.h"
00016 
00017 #include "common.h"
00018 #include "sha256.h"
00019 #include "crypto.h"
00020 
00021 
00031 void hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem,
00032                         const u8 *addr[], const size_t *len, u8 *mac)
00033 {
00034         unsigned char k_pad[64]; /* padding - key XORd with ipad/opad */
00035         unsigned char tk[32];
00036         const u8 *_addr[6];
00037         size_t _len[6], i;
00038 
00039         if (num_elem > 5) {
00040                 /*
00041                  * Fixed limit on the number of fragments to avoid having to
00042                  * allocate memory (which could fail).
00043                  */
00044                 return;
00045         }
00046 
00047         /* if key is longer than 64 bytes reset it to key = SHA256(key) */
00048         if (key_len > 64) {
00049                 sha256_vector(1, &key, &key_len, tk);
00050                 key = tk;
00051                 key_len = 32;
00052         }
00053 
00054         /* the HMAC_SHA256 transform looks like:
00055          *
00056          * SHA256(K XOR opad, SHA256(K XOR ipad, text))
00057          *
00058          * where K is an n byte key
00059          * ipad is the byte 0x36 repeated 64 times
00060          * opad is the byte 0x5c repeated 64 times
00061          * and text is the data being protected */
00062 
00063         /* start out by storing key in ipad */
00064         os_memset(k_pad, 0, sizeof(k_pad));
00065         os_memcpy(k_pad, key, key_len);
00066         /* XOR key with ipad values */
00067         for (i = 0; i < 64; i++)
00068                 k_pad[i] ^= 0x36;
00069 
00070         /* perform inner SHA256 */
00071         _addr[0] = k_pad;
00072         _len[0] = 64;
00073         for (i = 0; i < num_elem; i++) {
00074                 _addr[i + 1] = addr[i];
00075                 _len[i + 1] = len[i];
00076         }
00077         sha256_vector(1 + num_elem, _addr, _len, mac);
00078 
00079         os_memset(k_pad, 0, sizeof(k_pad));
00080         os_memcpy(k_pad, key, key_len);
00081         /* XOR key with opad values */
00082         for (i = 0; i < 64; i++)
00083                 k_pad[i] ^= 0x5c;
00084 
00085         /* perform outer SHA256 */
00086         _addr[0] = k_pad;
00087         _len[0] = 64;
00088         _addr[1] = mac;
00089         _len[1] = SHA256_MAC_LEN;
00090         sha256_vector(2, _addr, _len, mac);
00091 }
00092 
00093 
00102 void hmac_sha256(const u8 *key, size_t key_len, const u8 *data,
00103                  size_t data_len, u8 *mac)
00104 {
00105         hmac_sha256_vector(key, key_len, 1, &data, &data_len, mac);
00106 }
00107 
00108 
00122 void sha256_prf(const u8 *key, size_t key_len, const char *label,
00123                 const u8 *data, size_t data_len, u8 *buf, size_t buf_len)
00124 {
00125         u16 counter = 1;
00126         size_t pos, plen;
00127         u8 hash[SHA256_MAC_LEN];
00128         const u8 *addr[4];
00129         size_t len[4];
00130         u8 counter_le[2], length_le[2];
00131 
00132         addr[0] = counter_le;
00133         len[0] = 2;
00134         addr[1] = (u8 *) label;
00135         len[1] = os_strlen(label);
00136         addr[2] = data;
00137         len[2] = data_len;
00138         addr[3] = length_le;
00139         len[3] = sizeof(length_le);
00140 
00141         WPA_PUT_LE16(length_le, buf_len * 8);
00142         pos = 0;
00143         while (pos < buf_len) {
00144                 plen = buf_len - pos;
00145                 WPA_PUT_LE16(counter_le, counter);
00146                 if (plen >= SHA256_MAC_LEN) {
00147                         hmac_sha256_vector(key, key_len, 4, addr, len,
00148                                            &buf[pos]);
00149                         pos += SHA256_MAC_LEN;
00150                 } else {
00151                         hmac_sha256_vector(key, key_len, 4, addr, len, hash);
00152                         os_memcpy(&buf[pos], hash, plen);
00153                         break;
00154                 }
00155                 counter++;
00156         }
00157 }


wpa_supplicant
Author(s): Package maintained by Blaise Gassend
autogenerated on Thu Apr 24 2014 15:34:36