src/crypto/sha1-tprf.c - LeafOS-Project/android_external_wpa_supplicant_8 - Gitiles

 /*
  * SHA1 T-PRF for EAP-FAST
  * Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
  */

 #include "includes.h"

 #include "common.h"
 #include "sha1.h"
 #include "crypto.h"

 /**
  * sha1_t_prf - EAP-FAST Pseudo-Random Function (T-PRF)
  * @key: Key for PRF
  * @key_len: Length of the key in bytes
  * @label: A unique label for each purpose of the PRF
  * @seed: Seed value to bind into the key
  * @seed_len: Length of the seed
  * @buf: Buffer for the generated pseudo-random key
  * @buf_len: Number of bytes of key to generate
  * Returns: 0 on success, -1 of failure
  *
  * This function is used to derive new, cryptographically separate keys from a
  * given key for EAP-FAST. T-PRF is defined in RFC 4851, Section 5.5.
  */
 int sha1_t_prf(const u8 *key, size_t key_len, const char *label,
 	       const u8 *seed, size_t seed_len, u8 *buf, size_t buf_len)
 {
 	unsigned char counter = 0;
 	size_t pos, plen;
 	u8 hash[SHA1_MAC_LEN];
 	size_t label_len = os_strlen(label);
 	u8 output_len[2];
 	const unsigned char *addr[5];
 	size_t len[5];

 	addr[0] = hash;
 	len[0] = 0;
 	addr[1] = (unsigned char *) label;
 	len[1] = label_len + 1;
 	addr[2] = seed;
 	len[2] = seed_len;
 	addr[3] = output_len;
 	len[3] = 2;
 	addr[4] = &counter;
 	len[4] = 1;

 	output_len[0] = (buf_len >> 8) & 0xff;
 	output_len[1] = buf_len & 0xff;
 	pos = 0;
 	while (pos < buf_len) {
 		counter++;
 		plen = buf_len - pos;
 		if (hmac_sha1_vector(key, key_len, 5, addr, len, hash))
 			return -1;
 		if (plen >= SHA1_MAC_LEN) {
 			os_memcpy(&buf[pos], hash, SHA1_MAC_LEN);
 			pos += SHA1_MAC_LEN;
 		} else {
 			os_memcpy(&buf[pos], hash, plen);
 			break;
 		}
 		len[0] = SHA1_MAC_LEN;
 	}

 	forced_memzero(hash, SHA1_MAC_LEN);

 	return 0;
 }
	/*
	* SHA1 T-PRF for EAP-FAST
	* Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
	*
	* This software may be distributed under the terms of the BSD license.
	* See README for more details.
	*/

	#include "includes.h"

	#include "common.h"
	#include "sha1.h"
	#include "crypto.h"

	/**
	* sha1_t_prf - EAP-FAST Pseudo-Random Function (T-PRF)
	* @key: Key for PRF
	* @key_len: Length of the key in bytes
	* @label: A unique label for each purpose of the PRF
	* @seed: Seed value to bind into the key
	* @seed_len: Length of the seed
	* @buf: Buffer for the generated pseudo-random key
	* @buf_len: Number of bytes of key to generate
	* Returns: 0 on success, -1 of failure
	*
	* This function is used to derive new, cryptographically separate keys from a
	* given key for EAP-FAST. T-PRF is defined in RFC 4851, Section 5.5.
	*/
	int sha1_t_prf(const u8 key, size_t key_len, const char label,
	const u8 seed, size_t seed_len, u8 buf, size_t buf_len)
	{
	unsigned char counter = 0;
	size_t pos, plen;
	u8 hash[SHA1_MAC_LEN];
	size_t label_len = os_strlen(label);
	u8 output_len[2];
	const unsigned char *addr[5];
	size_t len[5];

	addr[0] = hash;
	len[0] = 0;
	addr[1] = (unsigned char *) label;
	len[1] = label_len + 1;
	addr[2] = seed;
	len[2] = seed_len;
	addr[3] = output_len;
	len[3] = 2;
	addr[4] = &counter;
	len[4] = 1;

	output_len[0] = (buf_len >> 8) & 0xff;
	output_len[1] = buf_len & 0xff;
	pos = 0;
	while (pos < buf_len) {
	counter++;
	plen = buf_len - pos;
	if (hmac_sha1_vector(key, key_len, 5, addr, len, hash))
	return -1;
	if (plen >= SHA1_MAC_LEN) {
	os_memcpy(&buf[pos], hash, SHA1_MAC_LEN);
	pos += SHA1_MAC_LEN;
	} else {
	os_memcpy(&buf[pos], hash, plen);
	break;
	}
	len[0] = SHA1_MAC_LEN;
	}

	forced_memzero(hash, SHA1_MAC_LEN);

	return 0;
	}