Backup_Repos/pentoo-overlay
1
0
Fork 0
mirror of https://github.com/pentoo/pentoo-overlay synced 2026-01-20 07:05:38 +01:00
Code Issues Projects Releases Wiki Activity
pentoo-overlay/sys-fs/cryptsetup/files/cryptsetup-sha1-gcrypt.patch

1318 lines
43 KiB
Diff
Raw Blame History

Switch to SHA1 from libgcrypt and remove hardcoded SHA1 from source.
Signed-off-by: Milan Broz <mbroz@redhat.com>
---
luks/Makefile.am | 9 -
luks/af.c | 70 +++++-----
luks/keymanage.c | 18 +-
luks/pbkdf.c | 310 +++++++++++++++++++++++++++++++++-----------
luks/pbkdf.h | 6
luks/sha/hmac.c | 145 --------------------
luks/sha/hmac.h | 101 --------------
luks/sha/hmac_sha1.c | 2
luks/sha/hmac_sha1.h | 2
luks/sha/sha1.c | 355 ---------------------------------------------------
luks/sha/sha1.h | 85 ------------
11 files changed, 290 insertions(+), 813 deletions(-)
Index: cryptsetup.upstream/luks/af.c
===================================================================
--- cryptsetup.upstream.orig/luks/af.c 2008-09-16 17:11:28.000000000 +0200
+++ cryptsetup.upstream/luks/af.c 2009-02-11 13:57:00.000000000 +0100
@@ -1,6 +1,7 @@
/*
* AFsplitter - Anti forensic information splitter
* Copyright 2004, Clemens Fruhwirth <clemens@endorphin.org>
+ * Copyright (C) 2009 Red Hat, Inc. All rights reserved.
*
* AFsplitter diffuses information over a large stripe of data,
* therefor supporting secure data destruction.
@@ -28,43 +29,50 @@
#include <fcntl.h>
#include <netinet/in.h>
#include <errno.h>
-#include "sha1.h"
#include "XORblock.h"
#include "random.h"
+#include <gcrypt.h>
+
+#define SHA1_DIGEST_SIZE 20
+
+static void sha1_buf(char *src, char *dst,
+ uint32_t iv, int len)
+{
+ gcry_md_hd_t hd;
+ unsigned char *digest;
+
+ iv = htonl(iv);
+ gcry_md_open(&hd, GCRY_MD_SHA1, 0);
+ gcry_md_write(hd, (unsigned char *)&iv, sizeof(iv));
+ gcry_md_write(hd, src, len);
+ digest = gcry_md_read(hd, GCRY_MD_SHA1);
+ memcpy(dst, digest, len);
+ gcry_md_close(hd);
+}
/* diffuse: Information spreading over the whole dataset with
- * the help of sha512.
+ * the help of sha512.
*/
-static void diffuse(unsigned char *src, unsigned char *dst, size_t size)
+static void diffuse(char *src, char *dst, size_t size)
{
- sha1_ctx ctx;
- uint32_t i;
- uint32_t IV; /* host byte order independend hash IV */
-
- unsigned int fullblocks = size / SHA1_DIGEST_SIZE;
- unsigned int padding = size % SHA1_DIGEST_SIZE;
- unsigned char final[SHA1_DIGEST_SIZE];
-
- /* hash block the whole data set with different IVs to produce
- * more than just a single data block
- */
- for (i=0; i < fullblocks; i++) {
- sha1_begin(&ctx);
- IV = htonl(i);
- sha1_hash((const unsigned char *) &IV, sizeof(IV), &ctx);
- sha1_hash(src + SHA1_DIGEST_SIZE * i, SHA1_DIGEST_SIZE, &ctx);
- sha1_end(dst + SHA1_DIGEST_SIZE * i, &ctx);
- }
+ unsigned int i, blocks, padding;
- if(padding) {
- sha1_begin(&ctx);
- IV = htonl(i);
- sha1_hash((const unsigned char *) &IV, sizeof(IV), &ctx);
- sha1_hash(src + SHA1_DIGEST_SIZE * i, padding, &ctx);
- sha1_end(final, &ctx);
- memcpy(dst + SHA1_DIGEST_SIZE * i, final, padding);
- }
+ blocks = size / SHA1_DIGEST_SIZE;
+ padding = size % SHA1_DIGEST_SIZE;
+
+ if (gcry_md_get_algo_dlen (GCRY_MD_SHA1) != SHA1_DIGEST_SIZE)
+ return;
+
+ for (i = 0; i < blocks; i++)
+ sha1_buf(src + SHA1_DIGEST_SIZE * i,
+ dst + SHA1_DIGEST_SIZE * i,
+ i, SHA1_DIGEST_SIZE);
+
+ if(padding)
+ sha1_buf(src + SHA1_DIGEST_SIZE * i,
+ dst + SHA1_DIGEST_SIZE * i,
+ i, padding);
}
/*
@@ -87,7 +95,7 @@ int AF_split(char *src, char *dst, size_
if(r < 0) goto out;
XORblock(dst+(blocksize*i),bufblock,bufblock,blocksize);
- diffuse((unsigned char *) bufblock, (unsigned char *) bufblock, blocksize);
+ diffuse(bufblock, bufblock, blocksize);
}
/* the last block is computed */
XORblock(src,bufblock,dst+(i*blocksize),blocksize);
@@ -107,7 +115,7 @@ int AF_merge(char *src, char *dst, size_
memset(bufblock,0,blocksize);
for(i=0; i<blocknumbers-1; i++) {
XORblock(src+(blocksize*i),bufblock,bufblock,blocksize);
- diffuse((unsigned char *) bufblock, (unsigned char *) bufblock, blocksize);
+ diffuse(bufblock, bufblock, blocksize);
}
XORblock(src + blocksize * i, bufblock, dst, blocksize);
Index: cryptsetup.upstream/luks/keymanage.c
===================================================================
--- cryptsetup.upstream.orig/luks/keymanage.c 2008-12-28 19:59:03.000000000 +0100
+++ cryptsetup.upstream/luks/keymanage.c 2009-02-11 13:47:10.000000000 +0100
@@ -31,7 +31,6 @@
#include "luks.h"
#include "af.h"
#include "pbkdf.h"
-#include "sha1.h"
#include "random.h"
#include "XORblock.h"
#include <uuid/uuid.h>
@@ -184,10 +183,11 @@ int LUKS_generate_phdr(struct luks_phdr
/* Compute master key digest */
header->mkDigestIterations = LUKS_MKD_ITER;
- PBKDF2_HMAC_SHA1(mk->key,mk->keyLength,
+ r = PBKDF2_HMAC_SHA1(mk->key,mk->keyLength,
header->mkDigestSalt,LUKS_SALTSIZE,
header->mkDigestIterations,
header->mkDigest,LUKS_DIGESTSIZE);
+ if(r < 0) return r;
currentSector = round_up_modulo(LUKS_PHDR_SIZE, alignSectors);
for(i = 0; i < LUKS_NUMKEYS; ++i) {
@@ -230,10 +230,12 @@ int LUKS_set_key(const char *device, uns
// assert((mk->keyLength % TWOFISH_BLOCKSIZE) == 0); FIXME
- PBKDF2_HMAC_SHA1(password,passwordLen,
+ r = PBKDF2_HMAC_SHA1(password,passwordLen,
hdr->keyblock[keyIndex].passwordSalt,LUKS_SALTSIZE,
hdr->keyblock[keyIndex].passwordIterations,
derivedKey, hdr->keyBytes);
+ if(r < 0) return r;
+
/*
* AF splitting, the masterkey stored in mk->key is splitted to AfMK
*/
@@ -297,11 +299,12 @@ int LUKS_open_key(const char *device,
AFEKSize = hdr->keyblock[keyIndex].stripes*mk->keyLength;
AfKey = (char *)malloc(AFEKSize);
if(AfKey == NULL) return -ENOMEM;
-
- PBKDF2_HMAC_SHA1(password,passwordLen,
+
+ r = PBKDF2_HMAC_SHA1(password,passwordLen,
hdr->keyblock[keyIndex].passwordSalt,LUKS_SALTSIZE,
hdr->keyblock[keyIndex].passwordIterations,
derivedKey, hdr->keyBytes);
+ if(r < 0) return r;
r = LUKS_decrypt_from_storage(AfKey,
AFEKSize,
@@ -319,11 +322,12 @@ int LUKS_open_key(const char *device,
r = AF_merge(AfKey,mk->key,mk->keyLength,hdr->keyblock[keyIndex].stripes);
if(r < 0) goto out;
-
- PBKDF2_HMAC_SHA1(mk->key,mk->keyLength,
+
+ r = PBKDF2_HMAC_SHA1(mk->key,mk->keyLength,
hdr->mkDigestSalt,LUKS_SALTSIZE,
hdr->mkDigestIterations,
checkHashBuf,LUKS_DIGESTSIZE);
+ if(r < 0) goto out;
r = (memcmp(checkHashBuf,hdr->mkDigest, LUKS_DIGESTSIZE) == 0)?0:-EPERM;
out:
Index: cryptsetup.upstream/luks/Makefile.am
===================================================================
--- cryptsetup.upstream.orig/luks/Makefile.am 2008-09-16 17:11:28.000000000 +0200
+++ cryptsetup.upstream/luks/Makefile.am 2009-02-11 13:47:33.000000000 +0100
@@ -2,7 +2,7 @@ moduledir = $(libdir)/cryptsetup
noinst_LTLIBRARIES = libluks.la
-libluks_la_CFLAGS = -I $(top_srcdir)/luks/sha -Wall
+libluks_la_CFLAGS = -Wall
libluks_la_SOURCES = \
af.c \
@@ -11,11 +11,6 @@ libluks_la_SOURCES = \
keyencryption.c \
hexprint.c \
random.c \
- sha/sha1.c \
- sha/hmac_sha1.h \
- sha/hmac.h \
- sha/hmac_sha1.c \
- sha/sha1.h \
XORblock.h \
pbkdf.h \
random.h \
@@ -27,7 +22,7 @@ INCLUDES = -D_GNU_SOURCE \
-D_FILE_OFFSET_BITS=64 \
-I$(top_srcdir)/lib
-EXTRA_DIST = sha/hmac.c testing/fileDiffer.py testing/compatimage.bz2
+EXTRA_DIST = testing/fileDiffer.py testing/compatimage.bz2
ORIG_IMG = /tmp/luks-test-orig
IMG = /tmp/luks-test
Index: cryptsetup.upstream/luks/pbkdf.c
===================================================================
--- cryptsetup.upstream.orig/luks/pbkdf.c 2008-09-16 17:11:28.000000000 +0200
+++ cryptsetup.upstream/luks/pbkdf.c 2009-02-11 13:47:10.000000000 +0100
@@ -1,91 +1,250 @@
-/*
- * Copyright 2004 Clemens Fruhwirth <clemens@endorphin.org>
- * Implementation of PBKDF2-HMAC-SHA1 according to RFC 2898.
+/* Implementation of Password-Based Cryptography as per PKCS#5
+ * Copyright (C) 2002,2003 Simon Josefsson
+ * Copyright (C) 2004 Free Software Foundation
+ *
+ * LUKS code
+ * Copyright (C) 2004 Clemens Fruhwirth <clemens@endorphin.org>
+ * Copyright (C) 2009 Red Hat, Inc. All rights reserved.
*
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * version 2 as published by the Free Software Foundation.
+ * This file is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
*
- * This program is distributed in the hope that it will be useful,
+ * This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Library General Public License for more details.
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this file; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
-
+
#include <netinet/in.h>
#include <errno.h>
#include <signal.h>
+#include <alloca.h>
#include <sys/time.h>
+#include <gcrypt.h>
-#include "hmac_sha1.h"
-#include "XORblock.h"
-#include <assert.h>
+static volatile unsigned int __PBKDF2_global_j = 0;
+static volatile unsigned int __PBKDF2_performance = 0;
-static unsigned int *__PBKDF2_global_j;
-static unsigned int __PBKDF2_performance=0;
+static int init_crypto(void)
+{
+ if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) {
+ if (!gcry_check_version (GCRYPT_VERSION))
+ return -ENOSYS;
+ gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
+ gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
+ gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
+ gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
+ }
-void PBKDF2_HMAC_SHA1(const char *password, size_t passwordLen,
- const char *salt, size_t saltLen, unsigned int iterations,
- char *dKey, size_t dKeyLen)
+ return 0;
+}
+
+/*
+ * 5.2 PBKDF2
+ *
+ * PBKDF2 applies a pseudorandom function (see Appendix B.1 for an
+ * example) to derive keys. The length of the derived key is essentially
+ * unbounded. (However, the maximum effective search space for the
+ * derived key may be limited by the structure of the underlying
+ * pseudorandom function. See Appendix B.1 for further discussion.)
+ * PBKDF2 is recommended for new applications.
+ *
+ * PBKDF2 (P, S, c, dkLen)
+ *
+ * Options: PRF underlying pseudorandom function (hLen
+ * denotes the length in octets of the
+ * pseudorandom function output)
+ *
+ * Input: P password, an octet string (ASCII or UTF-8)
+ * S salt, an octet string
+ * c iteration count, a positive integer
+ * dkLen intended length in octets of the derived
+ * key, a positive integer, at most
+ * (2^32 - 1) * hLen
+ *
+ * Output: DK derived key, a dkLen-octet string
+ */
+
+#define MAX_PRF_BLOCK_LEN 80
+
+static int pkcs5_pbkdf2(int PRF,
+ const char *P,
+ size_t Plen,
+ const char *S,
+ size_t Slen, unsigned int c, unsigned int dkLen,
+ char *DK, int perfcheck)
{
- uint32_t i=1;
- unsigned int j;
- /* U_n is the buffer for U_n values */
- unsigned char U_n[SHA1_DIGEST_SIZE];
- /* F_buf is the XOR buffer for F function */
- char F_buf[SHA1_DIGEST_SIZE];
- hmac_ctx templateCtx;
-
- /* We need a global pointer for signal handlers */
- __PBKDF2_global_j = &j;
-
- /* Make a template context initialized with password as key */
- hmac_sha_begin(&templateCtx);
- hmac_sha_key((unsigned char *) password,passwordLen,&templateCtx);
-
-#define HMAC_REINIT(__ctx) memcpy(&__ctx,&templateCtx,sizeof(__ctx))
-
- /* The first hash iteration is done different, therefor
- we reduce iterations to conveniently use it as a loop
- counter */
- assert(iterations != 0);
- iterations--;
-
- while(dKeyLen > 0) {
- hmac_ctx ctx;
- uint32_t iNetworkOrdered;
- unsigned int blocksize = dKeyLen<SHA1_DIGEST_SIZE?dKeyLen:SHA1_DIGEST_SIZE;
-
- j=iterations;
- HMAC_REINIT(ctx);
- // U_1 hashing
- hmac_sha_data((unsigned char *) salt,saltLen,&ctx);
- iNetworkOrdered = htonl(i);
- hmac_sha_data((unsigned char *)&iNetworkOrdered, sizeof(uint32_t), &ctx);
- hmac_sha_end(U_n, SHA1_DIGEST_SIZE, &ctx);
- memcpy(F_buf, U_n, SHA1_DIGEST_SIZE);
-
- // U_n hashing
- while(j--) {
- HMAC_REINIT(ctx);
- hmac_sha_data(U_n,SHA1_DIGEST_SIZE, &ctx);
- hmac_sha_end(U_n,SHA1_DIGEST_SIZE, &ctx);
- XORblock(F_buf,(char*) U_n,F_buf,SHA1_DIGEST_SIZE);
+ gcry_md_hd_t prf;
+ gcry_error_t err;
+ char U[MAX_PRF_BLOCK_LEN];
+ char T[MAX_PRF_BLOCK_LEN];
+ unsigned int u;
+ unsigned int hLen = gcry_md_get_algo_dlen(PRF);
+ unsigned int l;
+ unsigned int r;
+ int rc;
+ unsigned char *p;
+ int i;
+ int k;
+
+ if (init_crypto())
+ return -ENOSYS;
+
+ if (hLen == 0 || hLen > MAX_PRF_BLOCK_LEN)
+ return -EINVAL;
+
+ if (c == 0)
+ return -EINVAL;
+
+ if (dkLen == 0)
+ return -EINVAL;
+
+ /*
+ *
+ * Steps:
+ *
+ * 1. If dkLen > (2^32 - 1) * hLen, output "derived key too long" and
+ * stop.
+ */
+
+ if (dkLen > 4294967295U)
+ return -EINVAL;
+
+ /*
+ * 2. Let l be the number of hLen-octet blocks in the derived key,
+ * rounding up, and let r be the number of octets in the last
+ * block:
+ *
+ * l = CEIL (dkLen / hLen) ,
+ * r = dkLen - (l - 1) * hLen .
+ *
+ * Here, CEIL (x) is the "ceiling" function, i.e. the smallest
+ * integer greater than, or equal to, x.
+ */
+
+ l = dkLen / hLen;
+ if (dkLen % hLen)
+ l++;
+ r = dkLen - (l - 1) * hLen;
+
+ /*
+ * 3. For each block of the derived key apply the function F defined
+ * below to the password P, the salt S, the iteration count c, and
+ * the block index to compute the block:
+ *
+ * T_1 = F (P, S, c, 1) ,
+ * T_2 = F (P, S, c, 2) ,
+ * ...
+ * T_l = F (P, S, c, l) ,
+ *
+ * where the function F is defined as the exclusive-or sum of the
+ * first c iterates of the underlying pseudorandom function PRF
+ * applied to the password P and the concatenation of the salt S
+ * and the block index i:
+ *
+ * F (P, S, c, i) = U_1 \xor U_2 \xor ... \xor U_c
+ *
+ * where
+ *
+ * U_1 = PRF (P, S || INT (i)) ,
+ * U_2 = PRF (P, U_1) ,
+ * ...
+ * U_c = PRF (P, U_{c-1}) .
+ *
+ * Here, INT (i) is a four-octet encoding of the integer i, most
+ * significant octet first.
+ *
+ * 4. Concatenate the blocks and extract the first dkLen octets to
+ * produce a derived key DK:
+ *
+ * DK = T_1 || T_2 || ... || T_l<0..r-1>
+ *
+ * 5. Output the derived key DK.
+ *
+ * Note. The construction of the function F follows a "belt-and-
+ * suspenders" approach. The iterates U_i are computed recursively to
+ * remove a degree of parallelism from an opponent; they are exclusive-
+ * ored together to reduce concerns about the recursion degenerating
+ * into a small set of values.
+ *
+ */
+
+ err = gcry_md_open(&prf, PRF, GCRY_MD_FLAG_HMAC);
+ if (err)
+ return -EINVAL;
+
+ for (i = 1; (uint) i <= l; i++) {
+ memset(T, 0, hLen);
+
+ for (u = 1; u <= c ; u++) {
+ gcry_md_reset(prf);
+
+ rc = gcry_md_setkey(prf, P, Plen);
+ if (rc)
+ return -EINVAL;
+
+ if (u == 1) {
+ char *tmp;
+ size_t tmplen = Slen + 4;
+
+ tmp = alloca(tmplen);
+ if (tmp == NULL)
+ return -ENOMEM;
+
+ memcpy(tmp, S, Slen);
+ tmp[Slen + 0] = (i & 0xff000000) >> 24;
+ tmp[Slen + 1] = (i & 0x00ff0000) >> 16;
+ tmp[Slen + 2] = (i & 0x0000ff00) >> 8;
+ tmp[Slen + 3] = (i & 0x000000ff) >> 0;
+
+ gcry_md_write(prf, tmp, tmplen);
+ } else {
+ gcry_md_write(prf, U, hLen);
+ }
+
+ p = gcry_md_read(prf, PRF);
+ if (p == NULL)
+ return -EINVAL;
+
+ memcpy(U, p, hLen);
+
+ for (k = 0; (uint) k < hLen; k++)
+ T[k] ^= U[k];
+
+ if (perfcheck && __PBKDF2_performance)
+ goto out;
+
+ if (perfcheck)
+ __PBKDF2_global_j--;
}
- memcpy(dKey,F_buf,blocksize);
- dKey+=blocksize; dKeyLen-=blocksize; i++;
+
+ memcpy(DK + (i - 1) * hLen, T, (uint) i == l ? r : hLen);
}
-#undef HMAC_REINIT
+out:
+ gcry_md_close(prf);
+
+ return 0;
+}
+
+int PBKDF2_HMAC_SHA1(const char *password, size_t passwordLen,
+ const char *salt, size_t saltLen, unsigned int iterations,
+ char *dKey, size_t dKeyLen)
+{
+ return pkcs5_pbkdf2(GCRY_MD_SHA1, password, passwordLen, salt, saltLen,
+ iterations, (unsigned int)dKeyLen, dKey, 0);
}
static void sigvtalarm(int foo)
{
- __PBKDF2_performance = ~(0U) - *__PBKDF2_global_j;
- *__PBKDF2_global_j = 0;
+ __PBKDF2_performance = ~(0U) - __PBKDF2_global_j;
+ __PBKDF2_global_j = 0;
}
unsigned int PBKDF2_performance_check()
@@ -96,7 +255,8 @@ unsigned int PBKDF2_performance_check()
char buf;
struct itimerval it;
- if(__PBKDF2_performance != 0) return __PBKDF2_performance;
+ if(__PBKDF2_performance != 0)
+ return __PBKDF2_performance;
signal(SIGVTALRM,sigvtalarm);
it.it_interval.tv_usec = 0;
@@ -104,11 +264,11 @@ unsigned int PBKDF2_performance_check()
it.it_value.tv_usec = 0;
it.it_value.tv_sec = 1;
if (setitimer (ITIMER_VIRTUAL, &it, NULL) < 0)
- return 0;
+ return 0;
+
+ pkcs5_pbkdf2(GCRY_MD_SHA1, "foo", 3, "bar", 3, ~(0U), 1, &buf, 1);
+
+ __PBKDF2_global_j = 0;
- PBKDF2_HMAC_SHA1("foo", 3,
- "bar", 3, ~(0U),
- &buf, 1);
-
return __PBKDF2_performance;
}
Index: cryptsetup.upstream/luks/sha/hmac.c
===================================================================
--- cryptsetup.upstream.orig/luks/sha/hmac.c 2008-09-16 17:11:27.000000000 +0200
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,145 +0,0 @@
-/*
- ---------------------------------------------------------------------------
- Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- ALTERNATIVELY, provided that this notice is retained in full, this product
- may be distributed under the terms of the GNU General Public License (GPL),
- in which case the provisions of the GPL apply INSTEAD OF those given above.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explicit or implied warranties
- in respect of its properties, including, but not limited to, correctness
- and/or fitness for purpose.
- ---------------------------------------------------------------------------
- Issue Date: 26/08/2003
-
- This is an implementation of HMAC, the FIPS standard keyed hash function
-*/
-
-#include <netinet/in.h>
-#include "hmac.h"
-
-#if defined(__cplusplus)
-extern "C"
-{
-#endif
-
-/* initialise the HMAC context to zero */
-void hmac_sha_begin(hmac_ctx cx[1])
-{
- memset(cx, 0, sizeof(hmac_ctx));
-}
-
-/* input the HMAC key (can be called multiple times) */
-int hmac_sha_key(const unsigned char key[], size_t key_len, hmac_ctx cx[1])
-{
- if(cx->klen == HMAC_IN_DATA) /* error if further key input */
- return HMAC_BAD_MODE; /* is attempted in data mode */
-
- if(cx->klen + key_len > HASH_INPUT_SIZE) /* if the key has to be hashed */
- {
- if(cx->klen <= HASH_INPUT_SIZE) /* if the hash has not yet been */
- { /* started, initialise it and */
- sha_begin(cx->ctx); /* hash stored key characters */
- sha_hash(cx->key, cx->klen, cx->ctx);
- }
-
- sha_hash(key, key_len, cx->ctx); /* hash long key data into hash */
- }
- else /* otherwise store key data */
- memcpy(cx->key + cx->klen, key, key_len);
-
- cx->klen += key_len; /* update the key length count */
- return HMAC_OK;
-}
-
-/* input the HMAC data (can be called multiple times) - */
-/* note that this call terminates the key input phase */
-void hmac_sha_data(const unsigned char data[], size_t data_len, hmac_ctx cx[1])
-{ unsigned int i;
-
- if(cx->klen != HMAC_IN_DATA) /* if not yet in data phase */
- {
- if(cx->klen > HASH_INPUT_SIZE) /* if key is being hashed */
- { /* complete the hash and */
- sha_end(cx->key, cx->ctx); /* store the result as the */
- cx->klen = HASH_OUTPUT_SIZE; /* key and set new length */
- }
-
- /* pad the key if necessary */
- memset(cx->key + cx->klen, 0, HASH_INPUT_SIZE - cx->klen);
-
- /* xor ipad into key value */
- for(i = 0; i < (HASH_INPUT_SIZE >> 2); ++i)
- ((uint32_t*)cx->key)[i] ^= 0x36363636;
-
- /* and start hash operation */
- sha_begin(cx->ctx);
- sha_hash(cx->key, HASH_INPUT_SIZE, cx->ctx);
-
- /* mark as now in data mode */
- cx->klen = HMAC_IN_DATA;
- }
-
- /* hash the data (if any) */
- if(data_len)
- sha_hash(data, data_len, cx->ctx);
-}
-
-/* compute and output the MAC value */
-void hmac_sha_end(unsigned char mac[], size_t mac_len, hmac_ctx cx[1])
-{ unsigned char dig[HASH_OUTPUT_SIZE];
- unsigned int i;
-
- /* if no data has been entered perform a null data phase */
- if(cx->klen != HMAC_IN_DATA)
- hmac_sha_data((const unsigned char*)0, 0, cx);
-
- sha_end(dig, cx->ctx); /* complete the inner hash */
-
- /* set outer key value using opad and removing ipad */
- for(i = 0; i < (HASH_INPUT_SIZE >> 2); ++i)
- ((uint32_t*)cx->key)[i] ^= 0x36363636 ^ 0x5c5c5c5c;
-
- /* perform the outer hash operation */
- sha_begin(cx->ctx);
- sha_hash(cx->key, HASH_INPUT_SIZE, cx->ctx);
- sha_hash(dig, HASH_OUTPUT_SIZE, cx->ctx);
- sha_end(dig, cx->ctx);
-
- /* output the hash value */
- for(i = 0; i < mac_len; ++i)
- mac[i] = dig[i];
-}
-
-/* 'do it all in one go' subroutine */
-void hmac_sha(const unsigned char key[], size_t key_len,
- const unsigned char data[], size_t data_len,
- unsigned char mac[], size_t mac_len)
-{ hmac_ctx cx[1];
-
- hmac_sha_begin(cx);
- hmac_sha_key(key, key_len, cx);
- hmac_sha_data(data, data_len, cx);
- hmac_sha_end(mac, mac_len, cx);
-}
-
-#if defined(__cplusplus)
-}
-#endif
Index: cryptsetup.upstream/luks/sha/hmac.h
===================================================================
--- cryptsetup.upstream.orig/luks/sha/hmac.h 2008-09-16 17:11:27.000000000 +0200
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,101 +0,0 @@
-/*
- ---------------------------------------------------------------------------
- Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- ALTERNATIVELY, provided that this notice is retained in full, this product
- may be distributed under the terms of the GNU General Public License (GPL),
- in which case the provisions of the GPL apply INSTEAD OF those given above.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explicit or implied warranties
- in respect of its properties, including, but not limited to, correctness
- and/or fitness for purpose.
- ---------------------------------------------------------------------------
- Issue Date: 26/08/2003
-
- This is an implementation of HMAC, the FIPS standard keyed hash function
-*/
-
-#ifndef _HMAC_H
-#define _HMAC_H
-
-#include <memory.h>
-
-#if defined(__cplusplus)
-extern "C"
-{
-#endif
-
-#if !defined(USE_SHA1) && !defined(USE_SHA256)
-#error define USE_SHA1 or USE_SHA256 to set the HMAC hash algorithm
-#endif
-
-#ifdef USE_SHA1
-
-#include "sha1.h"
-
-#define HASH_INPUT_SIZE SHA1_BLOCK_SIZE
-#define HASH_OUTPUT_SIZE SHA1_DIGEST_SIZE
-#define sha_ctx sha1_ctx
-#define sha_begin sha1_begin
-#define sha_hash sha1_hash
-#define sha_end sha1_end
-
-#endif
-
-#ifdef USE_SHA256
-
-#include "sha2.h"
-
-#define HASH_INPUT_SIZE SHA256_BLOCK_SIZE
-#define HASH_OUTPUT_SIZE SHA256_DIGEST_SIZE
-#define sha_ctx sha256_ctx
-#define sha_begin sha256_begin
-#define sha_hash sha256_hash
-#define sha_end sha256_end
-
-#endif
-
-#define HMAC_OK 0
-#define HMAC_BAD_MODE -1
-#define HMAC_IN_DATA 0xffffffff
-
-typedef struct
-{ unsigned char key[HASH_INPUT_SIZE];
- sha_ctx ctx[1];
- unsigned long klen;
-} hmac_ctx;
-
-void hmac_sha_begin(hmac_ctx cx[1]);
-
-int hmac_sha_key(const unsigned char key[], size_t key_len, hmac_ctx cx[1]);
-
-void hmac_sha_data(const unsigned char data[], size_t data_len, hmac_ctx cx[1]);
-
-void hmac_sha_end(unsigned char mac[], size_t mac_len, hmac_ctx cx[1]);
-
-void hmac_sha(const unsigned char key[], size_t key_len,
- const unsigned char data[], size_t data_len,
- unsigned char mac[], size_t mac_len);
-
-#if defined(__cplusplus)
-}
-#endif
-
-#endif
Index: cryptsetup.upstream/luks/sha/hmac_sha1.c
===================================================================
--- cryptsetup.upstream.orig/luks/sha/hmac_sha1.c 2008-09-16 17:11:27.000000000 +0200
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,2 +0,0 @@
-#define USE_SHA1
-#include "hmac.c"
Index: cryptsetup.upstream/luks/sha/hmac_sha1.h
===================================================================
--- cryptsetup.upstream.orig/luks/sha/hmac_sha1.h 2008-09-16 17:11:27.000000000 +0200
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,2 +0,0 @@
-#define USE_SHA1
-#include "hmac.h"
Index: cryptsetup.upstream/luks/sha/sha1.c
===================================================================
--- cryptsetup.upstream.orig/luks/sha/sha1.c 2008-09-16 17:11:27.000000000 +0200
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,355 +0,0 @@
-/*
- ---------------------------------------------------------------------------
- Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- ALTERNATIVELY, provided that this notice is retained in full, this product
- may be distributed under the terms of the GNU General Public License (GPL),
- in which case the provisions of the GPL apply INSTEAD OF those given above.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explicit or implied warranties
- in respect of its properties, including, but not limited to, correctness
- and/or fitness for purpose.
- ---------------------------------------------------------------------------
- Issue Date: 16/01/2004
-
- This is a byte oriented version of SHA1 that operates on arrays of bytes
- stored in memory. It runs at 22 cycles per byte on a Pentium P4 processor
-*/
-
-#include <string.h> /* for memcpy() etc. */
-#include <stdlib.h> /* for _lrotl with VC++ */
-
-#include "sha1.h"
-
-#if defined(__cplusplus)
-extern "C"
-{
-#endif
-
-/*
- To obtain the highest speed on processors with 32-bit words, this code
- needs to determine the order in which bytes are packed into such words.
- The following block of code is an attempt to capture the most obvious
- ways in which various environemnts specify their endian definitions.
- It may well fail, in which case the definitions will need to be set by
- editing at the points marked **** EDIT HERE IF NECESSARY **** below.
-*/
-
-/* PLATFORM SPECIFIC INCLUDES */
-
-#define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */
-#define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */
-
-#if defined(__GNUC__) || defined(__GNU_LIBRARY__)
-# if defined(__FreeBSD__) || defined(__OpenBSD__)
-# include <sys/endian.h>
-# elif defined( BSD ) && ( BSD >= 199103 )
-# include <machine/endian.h>
-# elif defined(__APPLE__)
-# if defined(__BIG_ENDIAN__) && !defined( BIG_ENDIAN )
-# define BIG_ENDIAN
-# elif defined(__LITTLE_ENDIAN__) && !defined( LITTLE_ENDIAN )
-# define LITTLE_ENDIAN
-# endif
-# else
-# include <endian.h>
-# if !defined(__BEOS__)
-# include <byteswap.h>
-# endif
-# endif
-#endif
-
-#if !defined(PLATFORM_BYTE_ORDER)
-# if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
-# if defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-# elif !defined(LITTLE_ENDIAN) && defined(BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-# elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-# elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-# endif
-# elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
-# if defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-# elif !defined(_LITTLE_ENDIAN) && defined(_BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-# elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-# elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-# endif
-# elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
-# if defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-# elif !defined(__LITTLE_ENDIAN__) && defined(__BIG_ENDIAN__)
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-# elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-# elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-# endif
-# endif
-#endif
-
-/* if the platform is still unknown, try to find its byte order */
-/* from commonly used machine defines */
-
-#if !defined(PLATFORM_BYTE_ORDER)
-
-#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \
- defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \
- defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \
- defined( vax ) || defined( vms ) || defined( VMS ) || \
- defined( __VMS )
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-
-#elif defined( AMIGA ) || defined( applec ) || defined( __AS400__ ) || \
- defined( _CRAY ) || defined( __hppa ) || defined( __hp9000 ) || \
- defined( ibm370 ) || defined( mc68000 ) || defined( m68k ) || \
- defined( __MRC__ ) || defined( __MVS__ ) || defined( __MWERKS__ ) || \
- defined( sparc ) || defined( __sparc) || defined( SYMANTEC_C ) || \
- defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-
-#elif 0 /* **** EDIT HERE IF NECESSARY **** */
-# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
-#elif 0 /* **** EDIT HERE IF NECESSARY **** */
-# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
-#else
-# error Please edit sha1.c (line 134 or 136) to set the platform byte order
-#endif
-
-#endif
-
-#ifdef _MSC_VER
-#pragma intrinsic(memcpy)
-#endif
-
-#if 0 && defined(_MSC_VER)
-#define rotl32 _lrotl
-#define rotr32 _lrotr
-#else
-#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
-#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
-#endif
-
-#if !defined(bswap_32)
-#define bswap_32(x) (rotr32((x), 24) & 0x00ff00ff | rotr32((x), 8) & 0xff00ff00)
-#endif
-
-#if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
-#define SWAP_BYTES
-#else
-#undef SWAP_BYTES
-#endif
-
-#if defined(SWAP_BYTES)
-#define bsw_32(p,n) \
- { int _i = (n); while(_i--) ((sha1_32t*)p)[_i] = bswap_32(((sha1_32t*)p)[_i]); }
-#else
-#define bsw_32(p,n)
-#endif
-
-#define SHA1_MASK (SHA1_BLOCK_SIZE - 1)
-
-#if 0
-
-#define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
-#define parity(x,y,z) ((x) ^ (y) ^ (z))
-#define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-
-#else /* Discovered by Rich Schroeppel and Colin Plumb */
-
-#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-#define parity(x,y,z) ((x) ^ (y) ^ (z))
-#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y))))
-
-#endif
-
-/* Compile 64 bytes of hash data into SHA1 context. Note */
-/* that this routine assumes that the byte order in the */
-/* ctx->wbuf[] at this point is in such an order that low */
-/* address bytes in the ORIGINAL byte stream in this buffer */
-/* will go to the high end of 32-bit words on BOTH big and */
-/* little endian systems */
-
-#ifdef ARRAY
-#define q(v,n) v[n]
-#else
-#define q(v,n) v##n
-#endif
-
-#define one_cycle(v,a,b,c,d,e,f,k,h) \
- q(v,e) += rotr32(q(v,a),27) + \
- f(q(v,b),q(v,c),q(v,d)) + k + h; \
- q(v,b) = rotr32(q(v,b), 2)
-
-#define five_cycle(v,f,k,i) \
- one_cycle(v, 0,1,2,3,4, f,k,hf(i )); \
- one_cycle(v, 4,0,1,2,3, f,k,hf(i+1)); \
- one_cycle(v, 3,4,0,1,2, f,k,hf(i+2)); \
- one_cycle(v, 2,3,4,0,1, f,k,hf(i+3)); \
- one_cycle(v, 1,2,3,4,0, f,k,hf(i+4))
-
-void sha1_compile(sha1_ctx ctx[1])
-{ sha1_32t *w = ctx->wbuf;
-
-#ifdef ARRAY
- sha1_32t v[5];
- memcpy(v, ctx->hash, 5 * sizeof(sha1_32t));
-#else
- sha1_32t v0, v1, v2, v3, v4;
- v0 = ctx->hash[0]; v1 = ctx->hash[1];
- v2 = ctx->hash[2]; v3 = ctx->hash[3];
- v4 = ctx->hash[4];
-#endif
-
-#define hf(i) w[i]
-
- five_cycle(v, ch, 0x5a827999, 0);
- five_cycle(v, ch, 0x5a827999, 5);
- five_cycle(v, ch, 0x5a827999, 10);
- one_cycle(v,0,1,2,3,4, ch, 0x5a827999, hf(15)); \
-
-#undef hf
-#define hf(i) (w[(i) & 15] = rotl32( \
- w[((i) + 13) & 15] ^ w[((i) + 8) & 15] \
- ^ w[((i) + 2) & 15] ^ w[(i) & 15], 1))
-
- one_cycle(v,4,0,1,2,3, ch, 0x5a827999, hf(16));
- one_cycle(v,3,4,0,1,2, ch, 0x5a827999, hf(17));
- one_cycle(v,2,3,4,0,1, ch, 0x5a827999, hf(18));
- one_cycle(v,1,2,3,4,0, ch, 0x5a827999, hf(19));
-
- five_cycle(v, parity, 0x6ed9eba1, 20);
- five_cycle(v, parity, 0x6ed9eba1, 25);
- five_cycle(v, parity, 0x6ed9eba1, 30);
- five_cycle(v, parity, 0x6ed9eba1, 35);
-
- five_cycle(v, maj, 0x8f1bbcdc, 40);
- five_cycle(v, maj, 0x8f1bbcdc, 45);
- five_cycle(v, maj, 0x8f1bbcdc, 50);
- five_cycle(v, maj, 0x8f1bbcdc, 55);
-
- five_cycle(v, parity, 0xca62c1d6, 60);
- five_cycle(v, parity, 0xca62c1d6, 65);
- five_cycle(v, parity, 0xca62c1d6, 70);
- five_cycle(v, parity, 0xca62c1d6, 75);
-
-#ifdef ARRAY
- ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
- ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
- ctx->hash[4] += v[4];
-#else
- ctx->hash[0] += v0; ctx->hash[1] += v1;
- ctx->hash[2] += v2; ctx->hash[3] += v3;
- ctx->hash[4] += v4;
-#endif
-}
-
-void sha1_begin(sha1_ctx ctx[1])
-{
- ctx->count[0] = ctx->count[1] = 0;
- ctx->hash[0] = 0x67452301;
- ctx->hash[1] = 0xefcdab89;
- ctx->hash[2] = 0x98badcfe;
- ctx->hash[3] = 0x10325476;
- ctx->hash[4] = 0xc3d2e1f0;
-}
-
-/* SHA1 hash data in an array of bytes into hash buffer and */
-/* call the hash_compile function as required. */
-
-void sha1_hash(const unsigned char data[], size_t len, sha1_ctx ctx[1])
-{ sha1_32t pos = (sha1_32t)(ctx->count[0] & SHA1_MASK),
- space = SHA1_BLOCK_SIZE - pos;
- const unsigned char *sp = data;
-
- if((ctx->count[0] += len) < len)
- ++(ctx->count[1]);
-
- while(len >= space) /* tranfer whole blocks if possible */
- {
- memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
- sp += space; len -= space; space = SHA1_BLOCK_SIZE; pos = 0;
- bsw_32(ctx->wbuf, SHA1_BLOCK_SIZE >> 2);
- sha1_compile(ctx);
- }
-
- memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
-}
-
-/* SHA1 final padding and digest calculation */
-
-void sha1_end(unsigned char hval[], sha1_ctx ctx[1])
-{ sha1_32t i = (sha1_32t)(ctx->count[0] & SHA1_MASK);
-
- /* put bytes in the buffer in an order in which references to */
- /* 32-bit words will put bytes with lower addresses into the */
- /* top of 32 bit words on BOTH big and little endian machines */
- bsw_32(ctx->wbuf, (i + 3) >> 2);
-
- /* we now need to mask valid bytes and add the padding which is */
- /* a single 1 bit and as many zero bits as necessary. Note that */
- /* we can always add the first padding byte here because the */
- /* buffer always has at least one empty slot */
- ctx->wbuf[i >> 2] &= 0xffffff80 << 8 * (~i & 3);
- ctx->wbuf[i >> 2] |= 0x00000080 << 8 * (~i & 3);
-
- /* we need 9 or more empty positions, one for the padding byte */
- /* (above) and eight for the length count. If there is not */
- /* enough space, pad and empty the buffer */
- if(i > SHA1_BLOCK_SIZE - 9)
- {
- if(i < 60) ctx->wbuf[15] = 0;
- sha1_compile(ctx);
- i = 0;
- }
- else /* compute a word index for the empty buffer positions */
- i = (i >> 2) + 1;
-
- while(i < 14) /* and zero pad all but last two positions */
- ctx->wbuf[i++] = 0;
-
- /* the following 32-bit length fields are assembled in the */
- /* wrong byte order on little endian machines but this is */
- /* corrected later since they are only ever used as 32-bit */
- /* word values. */
- ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29);
- ctx->wbuf[15] = ctx->count[0] << 3;
- sha1_compile(ctx);
-
- /* extract the hash value as bytes in case the hash buffer is */
- /* misaligned for 32-bit words */
- for(i = 0; i < SHA1_DIGEST_SIZE; ++i)
- hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3)));
-}
-
-void sha1(unsigned char hval[], const unsigned char data[], size_t len)
-{ sha1_ctx cx[1];
-
- sha1_begin(cx); sha1_hash(data, len, cx); sha1_end(hval, cx);
-}
-
-#if defined(__cplusplus)
-}
-#endif
Index: cryptsetup.upstream/luks/sha/sha1.h
===================================================================
--- cryptsetup.upstream.orig/luks/sha/sha1.h 2008-09-16 17:11:27.000000000 +0200
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,85 +0,0 @@
-/*
- ---------------------------------------------------------------------------
- Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- ALTERNATIVELY, provided that this notice is retained in full, this product
- may be distributed under the terms of the GNU General Public License (GPL),
- in which case the provisions of the GPL apply INSTEAD OF those given above.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explicit or implied warranties
- in respect of its properties, including, but not limited to, correctness
- and/or fitness for purpose.
- ---------------------------------------------------------------------------
- Issue Date: 26/08/2003
-*/
-
-#ifndef _SHA1_H
-#define _SHA1_H
-
-#include <stddef.h>
-#include <limits.h>
-
-#define SHA1_BLOCK_SIZE 64
-#define SHA1_DIGEST_SIZE 20
-
-#if defined(__cplusplus)
-extern "C"
-{
-#endif
-
-/* define an unsigned 32-bit type */
-
-#if defined(_MSC_VER)
- typedef unsigned long sha1_32t;
-#elif defined(ULONG_MAX) && ULONG_MAX == 0xfffffffful
- typedef unsigned long sha1_32t;
-#elif defined(UINT_MAX) && UINT_MAX == 0xffffffff
- typedef unsigned int sha1_32t;
-#else
-# error Please define sha1_32t as an unsigned 32 bit type in sha1.h
-#endif
-
-/* type to hold the SHA256 context */
-
-typedef struct
-{ sha1_32t count[2];
- sha1_32t hash[5];
- sha1_32t wbuf[16];
-} sha1_ctx;
-
-/* Note that these prototypes are the same for both bit and */
-/* byte oriented implementations. However the length fields */
-/* are in bytes or bits as appropriate for the version used */
-/* and bit sequences are input as arrays of bytes in which */
-/* bit sequences run from the most to the least significant */
-/* end of each byte */
-
-void sha1_compile(sha1_ctx ctx[1]);
-
-void sha1_begin(sha1_ctx ctx[1]);
-void sha1_hash(const unsigned char data[], size_t len, sha1_ctx ctx[1]);
-void sha1_end(unsigned char hval[], sha1_ctx ctx[1]);
-void sha1(unsigned char hval[], const unsigned char data[], size_t len);
-
-#if defined(__cplusplus)
-}
-#endif
-
-#endif
Index: cryptsetup.upstream/luks/pbkdf.h
===================================================================
--- cryptsetup.upstream.orig/luks/pbkdf.h 2008-09-16 17:11:28.000000000 +0200
+++ cryptsetup.upstream/luks/pbkdf.h 2009-02-11 13:47:10.000000000 +0100
@@ -5,9 +5,9 @@
/* */
-void PBKDF2_HMAC_SHA1(const char *password, size_t passwordLen,
- const char *salt, size_t saltLen, unsigned int iterations,
- char *dKey, size_t dKeyLen);
+int PBKDF2_HMAC_SHA1(const char *password, size_t passwordLen,
+ const char *salt, size_t saltLen, unsigned int iterations,
+ char *dKey, size_t dKeyLen);
unsigned int PBKDF2_performance_check();
Reference in a new issue View git blame Copy permalink