Drop pbkdf2 module (superseded by pkcs5)
This commit is contained in:
Родитель
f9c1387b9d
Коммит
b6b16bddc3
|
@ -6,6 +6,7 @@ Features
|
|||
* Support for DTLS 1.0 and 1.2 (RFC 6347).
|
||||
|
||||
API Changes
|
||||
* Remove the PBKDF2 module (use PKCS5).
|
||||
* Remove POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()).
|
||||
* Headers are now found in the 'mbedtls' directory (previously 'polarssl').
|
||||
* Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION
|
||||
|
|
|
@ -1814,20 +1814,6 @@
|
|||
*/
|
||||
#define POLARSSL_PADLOCK_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PBKDF2_C
|
||||
*
|
||||
* Enable PKCS#5 PBKDF2 key derivation function.
|
||||
* DEPRECATED: Use POLARSSL_PKCS5_C instead
|
||||
*
|
||||
* Module: library/pbkdf2.c
|
||||
*
|
||||
* Requires: POLARSSL_PKCS5_C
|
||||
*
|
||||
* This module adds support for the PKCS#5 PBKDF2 key derivation function.
|
||||
*/
|
||||
#define POLARSSL_PBKDF2_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PEM_PARSE_C
|
||||
*
|
||||
|
|
|
@ -1,79 +0,0 @@
|
|||
/**
|
||||
* \file pbkdf2.h
|
||||
*
|
||||
* \brief Password-Based Key Derivation Function 2 (from PKCS#5)
|
||||
* DEPRECATED: use pkcs5.h instead.
|
||||
*
|
||||
* \author Mathias Olsson <mathias@kompetensum.com>
|
||||
*
|
||||
* Copyright (C) 2006-2012, ARM Limited, All Rights Reserved
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_PBKDF2_H
|
||||
#define POLARSSL_PBKDF2_H
|
||||
|
||||
#include "md.h"
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA -0x007C /**< Bad input parameters to function. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief PKCS#5 PBKDF2 using HMAC
|
||||
* DEPRECATED: Use pkcs5_pbkdf2_hmac() instead!
|
||||
*
|
||||
* \param ctx Generic HMAC context
|
||||
* \param password Password to use when generating key
|
||||
* \param plen Length of password
|
||||
* \param salt Salt to use when generating key
|
||||
* \param slen Length of salt
|
||||
* \param iteration_count Iteration count
|
||||
* \param key_length Length of generated key
|
||||
* \param output Generated key. Must be at least as big as key_length
|
||||
*
|
||||
* \returns 0 on success, or a POLARSSL_ERR_xxx code if verification fails.
|
||||
*/
|
||||
int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
|
||||
size_t plen, const unsigned char *salt, size_t slen,
|
||||
unsigned int iteration_count,
|
||||
uint32_t key_length, unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
* DEPRECATED: Use pkcs5_self_test() instead!
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int pbkdf2_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* pbkdf2.h */
|
|
@ -39,7 +39,6 @@ set(src
|
|||
net.c
|
||||
oid.c
|
||||
padlock.c
|
||||
pbkdf2.c
|
||||
pem.c
|
||||
pkcs5.c
|
||||
pkcs11.c
|
||||
|
|
|
@ -56,8 +56,7 @@ OBJS= aes.o aesni.o arc4.o \
|
|||
md.o md_wrap.o md2.o \
|
||||
md4.o md5.o \
|
||||
memory_buffer_alloc.o net.o \
|
||||
oid.o \
|
||||
padlock.o pbkdf2.o pem.o \
|
||||
oid.o padlock.o pem.o \
|
||||
pkcs5.o pkcs11.o pkcs12.o \
|
||||
pk.o pk_wrap.o pkparse.o \
|
||||
pkwrite.o platform.o ripemd160.o \
|
||||
|
|
|
@ -125,10 +125,6 @@
|
|||
#include "mbedtls/padlock.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PBKDF2_C)
|
||||
#include "mbedtls/pbkdf2.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
|
||||
#include "mbedtls/pem.h"
|
||||
#endif
|
||||
|
@ -701,11 +697,6 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
|
|||
polarssl_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
|
||||
#endif /* POLARSSL_PADLOCK_C */
|
||||
|
||||
#if defined(POLARSSL_PBKDF2_C)
|
||||
if( use_ret == -(POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA) )
|
||||
polarssl_snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" );
|
||||
#endif /* POLARSSL_PBKDF2_C */
|
||||
|
||||
#if defined(POLARSSL_RIPEMD160_C)
|
||||
if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) )
|
||||
polarssl_snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" );
|
||||
|
|
|
@ -1,61 +0,0 @@
|
|||
/**
|
||||
* \file pbkdf2.c
|
||||
*
|
||||
* \brief Password-Based Key Derivation Function 2 (from PKCS#5)
|
||||
* DEPRECATED: Use pkcs5.c instead
|
||||
*
|
||||
* \author Mathias Olsson <mathias@kompetensum.com>
|
||||
*
|
||||
* Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* PBKDF2 is part of PKCS#5
|
||||
*
|
||||
* http://tools.ietf.org/html/rfc2898 (Specification)
|
||||
* http://tools.ietf.org/html/rfc6070 (Test vectors)
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PBKDF2_C)
|
||||
|
||||
#include "mbedtls/pbkdf2.h"
|
||||
#include "mbedtls/pkcs5.h"
|
||||
|
||||
int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen,
|
||||
const unsigned char *salt, size_t slen,
|
||||
unsigned int iteration_count,
|
||||
uint32_t key_length, unsigned char *output )
|
||||
{
|
||||
return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count,
|
||||
key_length, output );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
int pbkdf2_self_test( int verbose )
|
||||
{
|
||||
return pkcs5_self_test( verbose );
|
||||
}
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_PBKDF2_C */
|
|
@ -49,7 +49,6 @@
|
|||
#include "mbedtls/x509.h"
|
||||
#include "mbedtls/xtea.h"
|
||||
#include "mbedtls/pkcs5.h"
|
||||
#include "mbedtls/pbkdf2.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
#include "mbedtls/timing.h"
|
||||
|
||||
|
@ -203,17 +202,12 @@ int main( int argc, char *argv[] )
|
|||
return( ret );
|
||||
#endif
|
||||
|
||||
/* Slow tests last */
|
||||
|
||||
#if defined(POLARSSL_PBKDF2_C)
|
||||
if( ( ret = pbkdf2_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#else
|
||||
#if defined(POLARSSL_PKCS5_C)
|
||||
if( ( ret = pkcs5_self_test( v ) ) != 0 )
|
||||
return( ret );
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Slow tests last */
|
||||
|
||||
/* Not stable enough on Windows and FreeBSD yet */
|
||||
#if __linux__ && defined(POLARSSL_TIMING_C)
|
||||
|
|
|
@ -75,7 +75,6 @@ add_test_suite(md)
|
|||
add_test_suite(mdx)
|
||||
add_test_suite(memory_buffer_alloc)
|
||||
add_test_suite(mpi)
|
||||
add_test_suite(pbkdf2)
|
||||
add_test_suite(pem)
|
||||
add_test_suite(pkcs1_v21)
|
||||
add_test_suite(pkcs5)
|
||||
|
|
|
@ -74,7 +74,7 @@ APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \
|
|||
test_suite_hmac_drbg.pr$(EXEXT) \
|
||||
test_suite_md$(EXEXT) test_suite_mdx$(EXEXT) \
|
||||
test_suite_memory_buffer_alloc$(EXEXT) \
|
||||
test_suite_mpi$(EXEXT) test_suite_pbkdf2$(EXEXT) \
|
||||
test_suite_mpi$(EXEXT) \
|
||||
test_suite_pem$(EXEXT) \
|
||||
test_suite_pkcs1_v21$(EXEXT) test_suite_pkcs5$(EXEXT) \
|
||||
test_suite_pkparse$(EXEXT) test_suite_pkwrite$(EXEXT) \
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
PBKDF2 RFC 6070 Test Vector #1 (SHA1)
|
||||
depends_on:POLARSSL_SHA1_C
|
||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":1:20:"0c60c80f961f0e71f3a9b524af6012062fe037a6"
|
||||
|
||||
PBKDF2 RFC 6070 Test Vector #2 (SHA1)
|
||||
depends_on:POLARSSL_SHA1_C
|
||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":2:20:"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
|
||||
|
||||
PBKDF2 RFC 6070 Test Vector #3 (SHA1)
|
||||
depends_on:POLARSSL_SHA1_C
|
||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":4096:20:"4b007901b765489abead49d926f721d065a429c1"
|
||||
|
||||
PBKDF2 RFC 6070 Test Vector #5 (SHA1)
|
||||
depends_on:POLARSSL_SHA1_C
|
||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
|
||||
|
||||
PBKDF2 RFC 6070 Test Vector #6 (SHA1)
|
||||
depends_on:POLARSSL_SHA1_C
|
||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
|
|
@ -1,48 +0,0 @@
|
|||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/pbkdf2.h"
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
* depends_on:POLARSSL_PBKDF2_C
|
||||
* END_DEPENDENCIES
|
||||
*/
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void pbkdf2_hmac( int hash, char *hex_password_string, char *hex_salt_string,
|
||||
int it_cnt, int key_len, char *result_key_string )
|
||||
{
|
||||
unsigned char pw_str[100];
|
||||
unsigned char salt_str[100];
|
||||
unsigned char dst_str[100];
|
||||
|
||||
md_context_t ctx;
|
||||
const md_info_t *info;
|
||||
|
||||
int pw_len, salt_len;
|
||||
unsigned char key[100];
|
||||
|
||||
md_init( &ctx );
|
||||
|
||||
memset(pw_str, 0x00, 100);
|
||||
memset(salt_str, 0x00, 100);
|
||||
memset(dst_str, 0x00, 100);
|
||||
|
||||
pw_len = unhexify( pw_str, hex_password_string );
|
||||
salt_len = unhexify( salt_str, hex_salt_string );
|
||||
|
||||
|
||||
info = md_info_from_type( hash );
|
||||
TEST_ASSERT( info != NULL );
|
||||
if( info == NULL )
|
||||
return;
|
||||
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
|
||||
TEST_ASSERT( pbkdf2_hmac( &ctx, pw_str, pw_len, salt_str, salt_len,
|
||||
it_cnt, key_len, key ) == 0 );
|
||||
|
||||
hexify( dst_str, key, key_len );
|
||||
TEST_ASSERT( strcmp( (char *) dst_str, result_key_string ) == 0 );
|
||||
|
||||
exit:
|
||||
md_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
|
@ -180,7 +180,6 @@
|
|||
<ClInclude Include="..\..\include\mbedtls\net.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\oid.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\padlock.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\pbkdf2.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\pem.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\pk.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\pk_wrap.h" />
|
||||
|
@ -243,7 +242,6 @@
|
|||
<ClCompile Include="..\..\library\net.c" />
|
||||
<ClCompile Include="..\..\library\oid.c" />
|
||||
<ClCompile Include="..\..\library\padlock.c" />
|
||||
<ClCompile Include="..\..\library\pbkdf2.c" />
|
||||
<ClCompile Include="..\..\library\pem.c" />
|
||||
<ClCompile Include="..\..\library\pk.c" />
|
||||
<ClCompile Include="..\..\library\pk_wrap.c" />
|
||||
|
|
|
@ -229,10 +229,6 @@ SOURCE=..\..\library\padlock.c
|
|||
# End Source File
|
||||
# Begin Source File
|
||||
|
||||
SOURCE=..\..\library\pbkdf2.c
|
||||
# End Source File
|
||||
# Begin Source File
|
||||
|
||||
SOURCE=..\..\library\pem.c
|
||||
# End Source File
|
||||
# Begin Source File
|
||||
|
@ -517,10 +513,6 @@ SOURCE=..\..\include\mbedtls\padlock.h
|
|||
# End Source File
|
||||
# Begin Source File
|
||||
|
||||
SOURCE=..\..\include\mbedtls\pbkdf2.h
|
||||
# End Source File
|
||||
# Begin Source File
|
||||
|
||||
SOURCE=..\..\include\mbedtls\pem.h
|
||||
# End Source File
|
||||
# Begin Source File
|
||||
|
|
Загрузка…
Ссылка в новой задаче