Xuyi Wang
/
wolfSSL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
wolfcrypt/src/pwdbased.c@4:1b0d80432c79, 2016-04-28 (annotated)
- Committer:
- wolfSSL
- Date:
- Thu Apr 28 00:57:21 2016 +0000
- Revision:
- 4:1b0d80432c79
wolfSSL 3.9.0
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 4:1b0d80432c79 | 1 | /* pwdbased.c |
| wolfSSL | 4:1b0d80432c79 | 2 | * |
| wolfSSL | 4:1b0d80432c79 | 3 | * Copyright (C) 2006-2016 wolfSSL Inc. |
| wolfSSL | 4:1b0d80432c79 | 4 | * |
| wolfSSL | 4:1b0d80432c79 | 5 | * This file is part of wolfSSL. |
| wolfSSL | 4:1b0d80432c79 | 6 | * |
| wolfSSL | 4:1b0d80432c79 | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 4:1b0d80432c79 | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 4:1b0d80432c79 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 4:1b0d80432c79 | 10 | * (at your option) any later version. |
| wolfSSL | 4:1b0d80432c79 | 11 | * |
| wolfSSL | 4:1b0d80432c79 | 12 | * wolfSSL is distributed in the hope that it will be useful, |
| wolfSSL | 4:1b0d80432c79 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 4:1b0d80432c79 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 4:1b0d80432c79 | 15 | * GNU General Public License for more details. |
| wolfSSL | 4:1b0d80432c79 | 16 | * |
| wolfSSL | 4:1b0d80432c79 | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 4:1b0d80432c79 | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 4:1b0d80432c79 | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
| wolfSSL | 4:1b0d80432c79 | 20 | */ |
| wolfSSL | 4:1b0d80432c79 | 21 | |
| wolfSSL | 4:1b0d80432c79 | 22 | |
| wolfSSL | 4:1b0d80432c79 | 23 | #ifdef HAVE_CONFIG_H |
| wolfSSL | 4:1b0d80432c79 | 24 | #include <config.h> |
| wolfSSL | 4:1b0d80432c79 | 25 | #endif |
| wolfSSL | 4:1b0d80432c79 | 26 | |
| wolfSSL | 4:1b0d80432c79 | 27 | #include <wolfssl/wolfcrypt/settings.h> |
| wolfSSL | 4:1b0d80432c79 | 28 | |
| wolfSSL | 4:1b0d80432c79 | 29 | #ifndef NO_PWDBASED |
| wolfSSL | 4:1b0d80432c79 | 30 | |
| wolfSSL | 4:1b0d80432c79 | 31 | #ifdef WOLFSSL_PIC32MZ_HASH |
| wolfSSL | 4:1b0d80432c79 | 32 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 33 | #define wc_InitMd5 wc_InitMd5_sw |
| wolfSSL | 4:1b0d80432c79 | 34 | #define wc_Md5Update wc_Md5Update_sw |
| wolfSSL | 4:1b0d80432c79 | 35 | #define wc_Md5Final wc_Md5Final_sw |
| wolfSSL | 4:1b0d80432c79 | 36 | #endif /* NO_MD5 */ |
| wolfSSL | 4:1b0d80432c79 | 37 | |
| wolfSSL | 4:1b0d80432c79 | 38 | #define wc_InitSha wc_InitSha_sw |
| wolfSSL | 4:1b0d80432c79 | 39 | #define wc_ShaUpdate wc_ShaUpdate_sw |
| wolfSSL | 4:1b0d80432c79 | 40 | #define wc_ShaFinal wc_ShaFinal_sw |
| wolfSSL | 4:1b0d80432c79 | 41 | |
| wolfSSL | 4:1b0d80432c79 | 42 | #define wc_InitSha256 wc_InitSha256_sw |
| wolfSSL | 4:1b0d80432c79 | 43 | #define wc_Sha256Update wc_Sha256Update_sw |
| wolfSSL | 4:1b0d80432c79 | 44 | #define wc_Sha256Final wc_Sha256Final_sw |
| wolfSSL | 4:1b0d80432c79 | 45 | #endif |
| wolfSSL | 4:1b0d80432c79 | 46 | |
| wolfSSL | 4:1b0d80432c79 | 47 | #include <wolfssl/wolfcrypt/pwdbased.h> |
| wolfSSL | 4:1b0d80432c79 | 48 | #include <wolfssl/wolfcrypt/hmac.h> |
| wolfSSL | 4:1b0d80432c79 | 49 | #include <wolfssl/wolfcrypt/integer.h> |
| wolfSSL | 4:1b0d80432c79 | 50 | #include <wolfssl/wolfcrypt/error-crypt.h> |
| wolfSSL | 4:1b0d80432c79 | 51 | #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) |
| wolfSSL | 4:1b0d80432c79 | 52 | #include <wolfssl/wolfcrypt/sha512.h> |
| wolfSSL | 4:1b0d80432c79 | 53 | #endif |
| wolfSSL | 4:1b0d80432c79 | 54 | |
| wolfSSL | 4:1b0d80432c79 | 55 | #ifdef NO_INLINE |
| wolfSSL | 4:1b0d80432c79 | 56 | #include <wolfssl/wolfcrypt/misc.h> |
| wolfSSL | 4:1b0d80432c79 | 57 | #else |
| wolfSSL | 4:1b0d80432c79 | 58 | #include <wolfcrypt/src/misc.c> |
| wolfSSL | 4:1b0d80432c79 | 59 | #endif |
| wolfSSL | 4:1b0d80432c79 | 60 | |
| wolfSSL | 4:1b0d80432c79 | 61 | #ifndef WOLFSSL_HAVE_MIN |
| wolfSSL | 4:1b0d80432c79 | 62 | #define WOLFSSL_HAVE_MIN |
| wolfSSL | 4:1b0d80432c79 | 63 | |
| wolfSSL | 4:1b0d80432c79 | 64 | static INLINE word32 min(word32 a, word32 b) |
| wolfSSL | 4:1b0d80432c79 | 65 | { |
| wolfSSL | 4:1b0d80432c79 | 66 | return a > b ? b : a; |
| wolfSSL | 4:1b0d80432c79 | 67 | } |
| wolfSSL | 4:1b0d80432c79 | 68 | |
| wolfSSL | 4:1b0d80432c79 | 69 | #endif /* WOLFSSL_HAVE_MIN */ |
| wolfSSL | 4:1b0d80432c79 | 70 | |
| wolfSSL | 4:1b0d80432c79 | 71 | |
| wolfSSL | 4:1b0d80432c79 | 72 | #ifndef NO_SHA |
| wolfSSL | 4:1b0d80432c79 | 73 | /* PBKDF1 needs at least SHA available */ |
| wolfSSL | 4:1b0d80432c79 | 74 | int wc_PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt, |
| wolfSSL | 4:1b0d80432c79 | 75 | int sLen, int iterations, int kLen, int hashType) |
| wolfSSL | 4:1b0d80432c79 | 76 | { |
| wolfSSL | 4:1b0d80432c79 | 77 | Sha sha; |
| wolfSSL | 4:1b0d80432c79 | 78 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 79 | Md5 md5; |
| wolfSSL | 4:1b0d80432c79 | 80 | #endif |
| wolfSSL | 4:1b0d80432c79 | 81 | int hLen = (int)SHA_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 82 | int i, ret = 0; |
| wolfSSL | 4:1b0d80432c79 | 83 | byte buffer[SHA_DIGEST_SIZE]; /* max size */ |
| wolfSSL | 4:1b0d80432c79 | 84 | |
| wolfSSL | 4:1b0d80432c79 | 85 | if (hashType != MD5 && hashType != SHA) |
| wolfSSL | 4:1b0d80432c79 | 86 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 87 | |
| wolfSSL | 4:1b0d80432c79 | 88 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 89 | if (hashType == MD5) |
| wolfSSL | 4:1b0d80432c79 | 90 | hLen = (int)MD5_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 91 | #endif |
| wolfSSL | 4:1b0d80432c79 | 92 | |
| wolfSSL | 4:1b0d80432c79 | 93 | if (kLen > hLen) |
| wolfSSL | 4:1b0d80432c79 | 94 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 95 | |
| wolfSSL | 4:1b0d80432c79 | 96 | if (iterations < 1) |
| wolfSSL | 4:1b0d80432c79 | 97 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 98 | |
| wolfSSL | 4:1b0d80432c79 | 99 | switch (hashType) { |
| wolfSSL | 4:1b0d80432c79 | 100 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 101 | case MD5: |
| wolfSSL | 4:1b0d80432c79 | 102 | wc_InitMd5(&md5); |
| wolfSSL | 4:1b0d80432c79 | 103 | wc_Md5Update(&md5, passwd, pLen); |
| wolfSSL | 4:1b0d80432c79 | 104 | wc_Md5Update(&md5, salt, sLen); |
| wolfSSL | 4:1b0d80432c79 | 105 | wc_Md5Final(&md5, buffer); |
| wolfSSL | 4:1b0d80432c79 | 106 | break; |
| wolfSSL | 4:1b0d80432c79 | 107 | #endif /* NO_MD5 */ |
| wolfSSL | 4:1b0d80432c79 | 108 | case SHA: |
| wolfSSL | 4:1b0d80432c79 | 109 | default: |
| wolfSSL | 4:1b0d80432c79 | 110 | ret = wc_InitSha(&sha); |
| wolfSSL | 4:1b0d80432c79 | 111 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 112 | return ret; |
| wolfSSL | 4:1b0d80432c79 | 113 | wc_ShaUpdate(&sha, passwd, pLen); |
| wolfSSL | 4:1b0d80432c79 | 114 | wc_ShaUpdate(&sha, salt, sLen); |
| wolfSSL | 4:1b0d80432c79 | 115 | wc_ShaFinal(&sha, buffer); |
| wolfSSL | 4:1b0d80432c79 | 116 | break; |
| wolfSSL | 4:1b0d80432c79 | 117 | } |
| wolfSSL | 4:1b0d80432c79 | 118 | |
| wolfSSL | 4:1b0d80432c79 | 119 | for (i = 1; i < iterations; i++) { |
| wolfSSL | 4:1b0d80432c79 | 120 | if (hashType == SHA) { |
| wolfSSL | 4:1b0d80432c79 | 121 | wc_ShaUpdate(&sha, buffer, hLen); |
| wolfSSL | 4:1b0d80432c79 | 122 | wc_ShaFinal(&sha, buffer); |
| wolfSSL | 4:1b0d80432c79 | 123 | } |
| wolfSSL | 4:1b0d80432c79 | 124 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 125 | else { |
| wolfSSL | 4:1b0d80432c79 | 126 | wc_Md5Update(&md5, buffer, hLen); |
| wolfSSL | 4:1b0d80432c79 | 127 | wc_Md5Final(&md5, buffer); |
| wolfSSL | 4:1b0d80432c79 | 128 | } |
| wolfSSL | 4:1b0d80432c79 | 129 | #endif |
| wolfSSL | 4:1b0d80432c79 | 130 | } |
| wolfSSL | 4:1b0d80432c79 | 131 | XMEMCPY(output, buffer, kLen); |
| wolfSSL | 4:1b0d80432c79 | 132 | |
| wolfSSL | 4:1b0d80432c79 | 133 | return 0; |
| wolfSSL | 4:1b0d80432c79 | 134 | } |
| wolfSSL | 4:1b0d80432c79 | 135 | #endif /* NO_SHA */ |
| wolfSSL | 4:1b0d80432c79 | 136 | |
| wolfSSL | 4:1b0d80432c79 | 137 | |
| wolfSSL | 4:1b0d80432c79 | 138 | int GetDigestSize(int hashType) |
| wolfSSL | 4:1b0d80432c79 | 139 | { |
| wolfSSL | 4:1b0d80432c79 | 140 | int hLen; |
| wolfSSL | 4:1b0d80432c79 | 141 | |
| wolfSSL | 4:1b0d80432c79 | 142 | switch (hashType) { |
| wolfSSL | 4:1b0d80432c79 | 143 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 144 | case MD5: |
| wolfSSL | 4:1b0d80432c79 | 145 | hLen = MD5_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 146 | break; |
| wolfSSL | 4:1b0d80432c79 | 147 | #endif |
| wolfSSL | 4:1b0d80432c79 | 148 | #ifndef NO_SHA |
| wolfSSL | 4:1b0d80432c79 | 149 | case SHA: |
| wolfSSL | 4:1b0d80432c79 | 150 | hLen = SHA_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 151 | break; |
| wolfSSL | 4:1b0d80432c79 | 152 | #endif |
| wolfSSL | 4:1b0d80432c79 | 153 | #ifndef NO_SHA256 |
| wolfSSL | 4:1b0d80432c79 | 154 | case SHA256: |
| wolfSSL | 4:1b0d80432c79 | 155 | hLen = SHA256_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 156 | break; |
| wolfSSL | 4:1b0d80432c79 | 157 | #endif |
| wolfSSL | 4:1b0d80432c79 | 158 | #ifdef WOLFSSL_SHA512 |
| wolfSSL | 4:1b0d80432c79 | 159 | case SHA512: |
| wolfSSL | 4:1b0d80432c79 | 160 | hLen = SHA512_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 161 | break; |
| wolfSSL | 4:1b0d80432c79 | 162 | #endif |
| wolfSSL | 4:1b0d80432c79 | 163 | default: |
| wolfSSL | 4:1b0d80432c79 | 164 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 165 | } |
| wolfSSL | 4:1b0d80432c79 | 166 | |
| wolfSSL | 4:1b0d80432c79 | 167 | return hLen; |
| wolfSSL | 4:1b0d80432c79 | 168 | } |
| wolfSSL | 4:1b0d80432c79 | 169 | |
| wolfSSL | 4:1b0d80432c79 | 170 | |
| wolfSSL | 4:1b0d80432c79 | 171 | int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt, |
| wolfSSL | 4:1b0d80432c79 | 172 | int sLen, int iterations, int kLen, int hashType) |
| wolfSSL | 4:1b0d80432c79 | 173 | { |
| wolfSSL | 4:1b0d80432c79 | 174 | word32 i = 1; |
| wolfSSL | 4:1b0d80432c79 | 175 | int hLen; |
| wolfSSL | 4:1b0d80432c79 | 176 | int j, ret; |
| wolfSSL | 4:1b0d80432c79 | 177 | Hmac hmac; |
| wolfSSL | 4:1b0d80432c79 | 178 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 179 | byte* buffer; |
| wolfSSL | 4:1b0d80432c79 | 180 | #else |
| wolfSSL | 4:1b0d80432c79 | 181 | byte buffer[MAX_DIGEST_SIZE]; |
| wolfSSL | 4:1b0d80432c79 | 182 | #endif |
| wolfSSL | 4:1b0d80432c79 | 183 | |
| wolfSSL | 4:1b0d80432c79 | 184 | hLen = GetDigestSize(hashType); |
| wolfSSL | 4:1b0d80432c79 | 185 | if (hLen < 0) |
| wolfSSL | 4:1b0d80432c79 | 186 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 187 | |
| wolfSSL | 4:1b0d80432c79 | 188 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 189 | buffer = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 190 | if (buffer == NULL) |
| wolfSSL | 4:1b0d80432c79 | 191 | return MEMORY_E; |
| wolfSSL | 4:1b0d80432c79 | 192 | #endif |
| wolfSSL | 4:1b0d80432c79 | 193 | |
| wolfSSL | 4:1b0d80432c79 | 194 | ret = wc_HmacSetKey(&hmac, hashType, passwd, pLen); |
| wolfSSL | 4:1b0d80432c79 | 195 | |
| wolfSSL | 4:1b0d80432c79 | 196 | if (ret == 0) { |
| wolfSSL | 4:1b0d80432c79 | 197 | while (kLen) { |
| wolfSSL | 4:1b0d80432c79 | 198 | int currentLen; |
| wolfSSL | 4:1b0d80432c79 | 199 | |
| wolfSSL | 4:1b0d80432c79 | 200 | ret = wc_HmacUpdate(&hmac, salt, sLen); |
| wolfSSL | 4:1b0d80432c79 | 201 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 202 | break; |
| wolfSSL | 4:1b0d80432c79 | 203 | |
| wolfSSL | 4:1b0d80432c79 | 204 | /* encode i */ |
| wolfSSL | 4:1b0d80432c79 | 205 | for (j = 0; j < 4; j++) { |
| wolfSSL | 4:1b0d80432c79 | 206 | byte b = (byte)(i >> ((3-j) * 8)); |
| wolfSSL | 4:1b0d80432c79 | 207 | |
| wolfSSL | 4:1b0d80432c79 | 208 | ret = wc_HmacUpdate(&hmac, &b, 1); |
| wolfSSL | 4:1b0d80432c79 | 209 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 210 | break; |
| wolfSSL | 4:1b0d80432c79 | 211 | } |
| wolfSSL | 4:1b0d80432c79 | 212 | |
| wolfSSL | 4:1b0d80432c79 | 213 | /* check ret from inside for loop */ |
| wolfSSL | 4:1b0d80432c79 | 214 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 215 | break; |
| wolfSSL | 4:1b0d80432c79 | 216 | |
| wolfSSL | 4:1b0d80432c79 | 217 | ret = wc_HmacFinal(&hmac, buffer); |
| wolfSSL | 4:1b0d80432c79 | 218 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 219 | break; |
| wolfSSL | 4:1b0d80432c79 | 220 | |
| wolfSSL | 4:1b0d80432c79 | 221 | currentLen = min(kLen, hLen); |
| wolfSSL | 4:1b0d80432c79 | 222 | XMEMCPY(output, buffer, currentLen); |
| wolfSSL | 4:1b0d80432c79 | 223 | |
| wolfSSL | 4:1b0d80432c79 | 224 | for (j = 1; j < iterations; j++) { |
| wolfSSL | 4:1b0d80432c79 | 225 | ret = wc_HmacUpdate(&hmac, buffer, hLen); |
| wolfSSL | 4:1b0d80432c79 | 226 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 227 | break; |
| wolfSSL | 4:1b0d80432c79 | 228 | ret = wc_HmacFinal(&hmac, buffer); |
| wolfSSL | 4:1b0d80432c79 | 229 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 230 | break; |
| wolfSSL | 4:1b0d80432c79 | 231 | xorbuf(output, buffer, currentLen); |
| wolfSSL | 4:1b0d80432c79 | 232 | } |
| wolfSSL | 4:1b0d80432c79 | 233 | |
| wolfSSL | 4:1b0d80432c79 | 234 | /* check ret from inside for loop */ |
| wolfSSL | 4:1b0d80432c79 | 235 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 236 | break; |
| wolfSSL | 4:1b0d80432c79 | 237 | |
| wolfSSL | 4:1b0d80432c79 | 238 | output += currentLen; |
| wolfSSL | 4:1b0d80432c79 | 239 | kLen -= currentLen; |
| wolfSSL | 4:1b0d80432c79 | 240 | i++; |
| wolfSSL | 4:1b0d80432c79 | 241 | } |
| wolfSSL | 4:1b0d80432c79 | 242 | } |
| wolfSSL | 4:1b0d80432c79 | 243 | |
| wolfSSL | 4:1b0d80432c79 | 244 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 245 | XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 246 | #endif |
| wolfSSL | 4:1b0d80432c79 | 247 | |
| wolfSSL | 4:1b0d80432c79 | 248 | return ret; |
| wolfSSL | 4:1b0d80432c79 | 249 | } |
| wolfSSL | 4:1b0d80432c79 | 250 | |
| wolfSSL | 4:1b0d80432c79 | 251 | #ifdef WOLFSSL_SHA512 |
| wolfSSL | 4:1b0d80432c79 | 252 | #define PBKDF_DIGEST_SIZE SHA512_BLOCK_SIZE |
| wolfSSL | 4:1b0d80432c79 | 253 | #elif !defined(NO_SHA256) |
| wolfSSL | 4:1b0d80432c79 | 254 | #define PBKDF_DIGEST_SIZE SHA256_BLOCK_SIZE |
| wolfSSL | 4:1b0d80432c79 | 255 | #else |
| wolfSSL | 4:1b0d80432c79 | 256 | #define PBKDF_DIGEST_SIZE SHA_DIGEST_SIZE |
| wolfSSL | 4:1b0d80432c79 | 257 | #endif |
| wolfSSL | 4:1b0d80432c79 | 258 | |
| wolfSSL | 4:1b0d80432c79 | 259 | /* helper for wc_PKCS12_PBKDF(), sets block and digest sizes */ |
| wolfSSL | 4:1b0d80432c79 | 260 | int GetPKCS12HashSizes(int hashType, word32* v, word32* u) |
| wolfSSL | 4:1b0d80432c79 | 261 | { |
| wolfSSL | 4:1b0d80432c79 | 262 | if (!v || !u) |
| wolfSSL | 4:1b0d80432c79 | 263 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 264 | |
| wolfSSL | 4:1b0d80432c79 | 265 | switch (hashType) { |
| wolfSSL | 4:1b0d80432c79 | 266 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 267 | case MD5: |
| wolfSSL | 4:1b0d80432c79 | 268 | *v = MD5_BLOCK_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 269 | *u = MD5_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 270 | break; |
| wolfSSL | 4:1b0d80432c79 | 271 | #endif |
| wolfSSL | 4:1b0d80432c79 | 272 | #ifndef NO_SHA |
| wolfSSL | 4:1b0d80432c79 | 273 | case SHA: |
| wolfSSL | 4:1b0d80432c79 | 274 | *v = SHA_BLOCK_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 275 | *u = SHA_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 276 | break; |
| wolfSSL | 4:1b0d80432c79 | 277 | #endif |
| wolfSSL | 4:1b0d80432c79 | 278 | #ifndef NO_SHA256 |
| wolfSSL | 4:1b0d80432c79 | 279 | case SHA256: |
| wolfSSL | 4:1b0d80432c79 | 280 | *v = SHA256_BLOCK_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 281 | *u = SHA256_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 282 | break; |
| wolfSSL | 4:1b0d80432c79 | 283 | #endif |
| wolfSSL | 4:1b0d80432c79 | 284 | #ifdef WOLFSSL_SHA512 |
| wolfSSL | 4:1b0d80432c79 | 285 | case SHA512: |
| wolfSSL | 4:1b0d80432c79 | 286 | *v = SHA512_BLOCK_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 287 | *u = SHA512_DIGEST_SIZE; |
| wolfSSL | 4:1b0d80432c79 | 288 | break; |
| wolfSSL | 4:1b0d80432c79 | 289 | #endif |
| wolfSSL | 4:1b0d80432c79 | 290 | default: |
| wolfSSL | 4:1b0d80432c79 | 291 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 292 | } |
| wolfSSL | 4:1b0d80432c79 | 293 | |
| wolfSSL | 4:1b0d80432c79 | 294 | return 0; |
| wolfSSL | 4:1b0d80432c79 | 295 | } |
| wolfSSL | 4:1b0d80432c79 | 296 | |
| wolfSSL | 4:1b0d80432c79 | 297 | /* helper for PKCS12_PBKDF(), does hash operation */ |
| wolfSSL | 4:1b0d80432c79 | 298 | int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen, |
| wolfSSL | 4:1b0d80432c79 | 299 | byte* Ai, word32 u, int iterations) |
| wolfSSL | 4:1b0d80432c79 | 300 | { |
| wolfSSL | 4:1b0d80432c79 | 301 | int i; |
| wolfSSL | 4:1b0d80432c79 | 302 | int ret = 0; |
| wolfSSL | 4:1b0d80432c79 | 303 | |
| wolfSSL | 4:1b0d80432c79 | 304 | if (buffer == NULL || Ai == NULL) |
| wolfSSL | 4:1b0d80432c79 | 305 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 306 | |
| wolfSSL | 4:1b0d80432c79 | 307 | switch (hashType) { |
| wolfSSL | 4:1b0d80432c79 | 308 | #ifndef NO_MD5 |
| wolfSSL | 4:1b0d80432c79 | 309 | case MD5: |
| wolfSSL | 4:1b0d80432c79 | 310 | { |
| wolfSSL | 4:1b0d80432c79 | 311 | Md5 md5; |
| wolfSSL | 4:1b0d80432c79 | 312 | wc_InitMd5(&md5); |
| wolfSSL | 4:1b0d80432c79 | 313 | wc_Md5Update(&md5, buffer, totalLen); |
| wolfSSL | 4:1b0d80432c79 | 314 | wc_Md5Final(&md5, Ai); |
| wolfSSL | 4:1b0d80432c79 | 315 | |
| wolfSSL | 4:1b0d80432c79 | 316 | for (i = 1; i < iterations; i++) { |
| wolfSSL | 4:1b0d80432c79 | 317 | wc_Md5Update(&md5, Ai, u); |
| wolfSSL | 4:1b0d80432c79 | 318 | wc_Md5Final(&md5, Ai); |
| wolfSSL | 4:1b0d80432c79 | 319 | } |
| wolfSSL | 4:1b0d80432c79 | 320 | } |
| wolfSSL | 4:1b0d80432c79 | 321 | break; |
| wolfSSL | 4:1b0d80432c79 | 322 | #endif /* NO_MD5 */ |
| wolfSSL | 4:1b0d80432c79 | 323 | #ifndef NO_SHA |
| wolfSSL | 4:1b0d80432c79 | 324 | case SHA: |
| wolfSSL | 4:1b0d80432c79 | 325 | { |
| wolfSSL | 4:1b0d80432c79 | 326 | Sha sha; |
| wolfSSL | 4:1b0d80432c79 | 327 | ret = wc_InitSha(&sha); |
| wolfSSL | 4:1b0d80432c79 | 328 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 329 | break; |
| wolfSSL | 4:1b0d80432c79 | 330 | wc_ShaUpdate(&sha, buffer, totalLen); |
| wolfSSL | 4:1b0d80432c79 | 331 | wc_ShaFinal(&sha, Ai); |
| wolfSSL | 4:1b0d80432c79 | 332 | |
| wolfSSL | 4:1b0d80432c79 | 333 | for (i = 1; i < iterations; i++) { |
| wolfSSL | 4:1b0d80432c79 | 334 | wc_ShaUpdate(&sha, Ai, u); |
| wolfSSL | 4:1b0d80432c79 | 335 | wc_ShaFinal(&sha, Ai); |
| wolfSSL | 4:1b0d80432c79 | 336 | } |
| wolfSSL | 4:1b0d80432c79 | 337 | } |
| wolfSSL | 4:1b0d80432c79 | 338 | break; |
| wolfSSL | 4:1b0d80432c79 | 339 | #endif /* NO_SHA */ |
| wolfSSL | 4:1b0d80432c79 | 340 | #ifndef NO_SHA256 |
| wolfSSL | 4:1b0d80432c79 | 341 | case SHA256: |
| wolfSSL | 4:1b0d80432c79 | 342 | { |
| wolfSSL | 4:1b0d80432c79 | 343 | Sha256 sha256; |
| wolfSSL | 4:1b0d80432c79 | 344 | ret = wc_InitSha256(&sha256); |
| wolfSSL | 4:1b0d80432c79 | 345 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 346 | break; |
| wolfSSL | 4:1b0d80432c79 | 347 | |
| wolfSSL | 4:1b0d80432c79 | 348 | ret = wc_Sha256Update(&sha256, buffer, totalLen); |
| wolfSSL | 4:1b0d80432c79 | 349 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 350 | break; |
| wolfSSL | 4:1b0d80432c79 | 351 | |
| wolfSSL | 4:1b0d80432c79 | 352 | ret = wc_Sha256Final(&sha256, Ai); |
| wolfSSL | 4:1b0d80432c79 | 353 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 354 | break; |
| wolfSSL | 4:1b0d80432c79 | 355 | |
| wolfSSL | 4:1b0d80432c79 | 356 | for (i = 1; i < iterations; i++) { |
| wolfSSL | 4:1b0d80432c79 | 357 | ret = wc_Sha256Update(&sha256, Ai, u); |
| wolfSSL | 4:1b0d80432c79 | 358 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 359 | break; |
| wolfSSL | 4:1b0d80432c79 | 360 | |
| wolfSSL | 4:1b0d80432c79 | 361 | ret = wc_Sha256Final(&sha256, Ai); |
| wolfSSL | 4:1b0d80432c79 | 362 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 363 | break; |
| wolfSSL | 4:1b0d80432c79 | 364 | } |
| wolfSSL | 4:1b0d80432c79 | 365 | } |
| wolfSSL | 4:1b0d80432c79 | 366 | break; |
| wolfSSL | 4:1b0d80432c79 | 367 | #endif /* NO_SHA256 */ |
| wolfSSL | 4:1b0d80432c79 | 368 | #ifdef WOLFSSL_SHA512 |
| wolfSSL | 4:1b0d80432c79 | 369 | case SHA512: |
| wolfSSL | 4:1b0d80432c79 | 370 | { |
| wolfSSL | 4:1b0d80432c79 | 371 | Sha512 sha512; |
| wolfSSL | 4:1b0d80432c79 | 372 | ret = wc_InitSha512(&sha512); |
| wolfSSL | 4:1b0d80432c79 | 373 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 374 | break; |
| wolfSSL | 4:1b0d80432c79 | 375 | |
| wolfSSL | 4:1b0d80432c79 | 376 | ret = wc_Sha512Update(&sha512, buffer, totalLen); |
| wolfSSL | 4:1b0d80432c79 | 377 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 378 | break; |
| wolfSSL | 4:1b0d80432c79 | 379 | |
| wolfSSL | 4:1b0d80432c79 | 380 | ret = wc_Sha512Final(&sha512, Ai); |
| wolfSSL | 4:1b0d80432c79 | 381 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 382 | break; |
| wolfSSL | 4:1b0d80432c79 | 383 | |
| wolfSSL | 4:1b0d80432c79 | 384 | for (i = 1; i < iterations; i++) { |
| wolfSSL | 4:1b0d80432c79 | 385 | ret = wc_Sha512Update(&sha512, Ai, u); |
| wolfSSL | 4:1b0d80432c79 | 386 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 387 | break; |
| wolfSSL | 4:1b0d80432c79 | 388 | |
| wolfSSL | 4:1b0d80432c79 | 389 | ret = wc_Sha512Final(&sha512, Ai); |
| wolfSSL | 4:1b0d80432c79 | 390 | if (ret != 0) |
| wolfSSL | 4:1b0d80432c79 | 391 | break; |
| wolfSSL | 4:1b0d80432c79 | 392 | } |
| wolfSSL | 4:1b0d80432c79 | 393 | } |
| wolfSSL | 4:1b0d80432c79 | 394 | break; |
| wolfSSL | 4:1b0d80432c79 | 395 | #endif /* WOLFSSL_SHA512 */ |
| wolfSSL | 4:1b0d80432c79 | 396 | |
| wolfSSL | 4:1b0d80432c79 | 397 | default: |
| wolfSSL | 4:1b0d80432c79 | 398 | ret = BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 399 | break; |
| wolfSSL | 4:1b0d80432c79 | 400 | } |
| wolfSSL | 4:1b0d80432c79 | 401 | |
| wolfSSL | 4:1b0d80432c79 | 402 | return ret; |
| wolfSSL | 4:1b0d80432c79 | 403 | } |
| wolfSSL | 4:1b0d80432c79 | 404 | |
| wolfSSL | 4:1b0d80432c79 | 405 | int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, |
| wolfSSL | 4:1b0d80432c79 | 406 | int saltLen, int iterations, int kLen, int hashType, int id) |
| wolfSSL | 4:1b0d80432c79 | 407 | { |
| wolfSSL | 4:1b0d80432c79 | 408 | /* all in bytes instead of bits */ |
| wolfSSL | 4:1b0d80432c79 | 409 | word32 u, v, dLen, pLen, iLen, sLen, totalLen; |
| wolfSSL | 4:1b0d80432c79 | 410 | int dynamic = 0; |
| wolfSSL | 4:1b0d80432c79 | 411 | int ret = 0; |
| wolfSSL | 4:1b0d80432c79 | 412 | int i; |
| wolfSSL | 4:1b0d80432c79 | 413 | byte *D, *S, *P, *I; |
| wolfSSL | 4:1b0d80432c79 | 414 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 415 | byte staticBuffer[1]; /* force dynamic usage */ |
| wolfSSL | 4:1b0d80432c79 | 416 | #else |
| wolfSSL | 4:1b0d80432c79 | 417 | byte staticBuffer[1024]; |
| wolfSSL | 4:1b0d80432c79 | 418 | #endif |
| wolfSSL | 4:1b0d80432c79 | 419 | byte* buffer = staticBuffer; |
| wolfSSL | 4:1b0d80432c79 | 420 | |
| wolfSSL | 4:1b0d80432c79 | 421 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 422 | byte* Ai; |
| wolfSSL | 4:1b0d80432c79 | 423 | byte* B; |
| wolfSSL | 4:1b0d80432c79 | 424 | #else |
| wolfSSL | 4:1b0d80432c79 | 425 | byte Ai[PBKDF_DIGEST_SIZE]; |
| wolfSSL | 4:1b0d80432c79 | 426 | byte B[PBKDF_DIGEST_SIZE]; |
| wolfSSL | 4:1b0d80432c79 | 427 | #endif |
| wolfSSL | 4:1b0d80432c79 | 428 | |
| wolfSSL | 4:1b0d80432c79 | 429 | if (!iterations) |
| wolfSSL | 4:1b0d80432c79 | 430 | iterations = 1; |
| wolfSSL | 4:1b0d80432c79 | 431 | |
| wolfSSL | 4:1b0d80432c79 | 432 | ret = GetPKCS12HashSizes(hashType, &v, &u); |
| wolfSSL | 4:1b0d80432c79 | 433 | if (ret < 0) |
| wolfSSL | 4:1b0d80432c79 | 434 | return BAD_FUNC_ARG; |
| wolfSSL | 4:1b0d80432c79 | 435 | |
| wolfSSL | 4:1b0d80432c79 | 436 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 437 | Ai = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 438 | if (Ai == NULL) |
| wolfSSL | 4:1b0d80432c79 | 439 | return MEMORY_E; |
| wolfSSL | 4:1b0d80432c79 | 440 | |
| wolfSSL | 4:1b0d80432c79 | 441 | B = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 442 | if (B == NULL) { |
| wolfSSL | 4:1b0d80432c79 | 443 | XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 444 | return MEMORY_E; |
| wolfSSL | 4:1b0d80432c79 | 445 | } |
| wolfSSL | 4:1b0d80432c79 | 446 | #endif |
| wolfSSL | 4:1b0d80432c79 | 447 | |
| wolfSSL | 4:1b0d80432c79 | 448 | XMEMSET(Ai, 0, PBKDF_DIGEST_SIZE); |
| wolfSSL | 4:1b0d80432c79 | 449 | XMEMSET(B, 0, PBKDF_DIGEST_SIZE); |
| wolfSSL | 4:1b0d80432c79 | 450 | |
| wolfSSL | 4:1b0d80432c79 | 451 | dLen = v; |
| wolfSSL | 4:1b0d80432c79 | 452 | sLen = v * ((saltLen + v - 1) / v); |
| wolfSSL | 4:1b0d80432c79 | 453 | if (passLen) |
| wolfSSL | 4:1b0d80432c79 | 454 | pLen = v * ((passLen + v - 1) / v); |
| wolfSSL | 4:1b0d80432c79 | 455 | else |
| wolfSSL | 4:1b0d80432c79 | 456 | pLen = 0; |
| wolfSSL | 4:1b0d80432c79 | 457 | iLen = sLen + pLen; |
| wolfSSL | 4:1b0d80432c79 | 458 | |
| wolfSSL | 4:1b0d80432c79 | 459 | totalLen = dLen + sLen + pLen; |
| wolfSSL | 4:1b0d80432c79 | 460 | |
| wolfSSL | 4:1b0d80432c79 | 461 | if (totalLen > sizeof(staticBuffer)) { |
| wolfSSL | 4:1b0d80432c79 | 462 | buffer = (byte*)XMALLOC(totalLen, 0, DYNAMIC_TYPE_KEY); |
| wolfSSL | 4:1b0d80432c79 | 463 | if (buffer == NULL) { |
| wolfSSL | 4:1b0d80432c79 | 464 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 465 | XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 466 | XFREE(B, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 467 | #endif |
| wolfSSL | 4:1b0d80432c79 | 468 | return MEMORY_E; |
| wolfSSL | 4:1b0d80432c79 | 469 | } |
| wolfSSL | 4:1b0d80432c79 | 470 | dynamic = 1; |
| wolfSSL | 4:1b0d80432c79 | 471 | } |
| wolfSSL | 4:1b0d80432c79 | 472 | |
| wolfSSL | 4:1b0d80432c79 | 473 | D = buffer; |
| wolfSSL | 4:1b0d80432c79 | 474 | S = D + dLen; |
| wolfSSL | 4:1b0d80432c79 | 475 | P = S + sLen; |
| wolfSSL | 4:1b0d80432c79 | 476 | I = S; |
| wolfSSL | 4:1b0d80432c79 | 477 | |
| wolfSSL | 4:1b0d80432c79 | 478 | XMEMSET(D, id, dLen); |
| wolfSSL | 4:1b0d80432c79 | 479 | |
| wolfSSL | 4:1b0d80432c79 | 480 | for (i = 0; i < (int)sLen; i++) |
| wolfSSL | 4:1b0d80432c79 | 481 | S[i] = salt[i % saltLen]; |
| wolfSSL | 4:1b0d80432c79 | 482 | for (i = 0; i < (int)pLen; i++) |
| wolfSSL | 4:1b0d80432c79 | 483 | P[i] = passwd[i % passLen]; |
| wolfSSL | 4:1b0d80432c79 | 484 | |
| wolfSSL | 4:1b0d80432c79 | 485 | while (kLen > 0) { |
| wolfSSL | 4:1b0d80432c79 | 486 | word32 currentLen; |
| wolfSSL | 4:1b0d80432c79 | 487 | mp_int B1; |
| wolfSSL | 4:1b0d80432c79 | 488 | |
| wolfSSL | 4:1b0d80432c79 | 489 | ret = DoPKCS12Hash(hashType, buffer, totalLen, Ai, u, iterations); |
| wolfSSL | 4:1b0d80432c79 | 490 | if (ret < 0) |
| wolfSSL | 4:1b0d80432c79 | 491 | break; |
| wolfSSL | 4:1b0d80432c79 | 492 | |
| wolfSSL | 4:1b0d80432c79 | 493 | for (i = 0; i < (int)v; i++) |
| wolfSSL | 4:1b0d80432c79 | 494 | B[i] = Ai[i % u]; |
| wolfSSL | 4:1b0d80432c79 | 495 | |
| wolfSSL | 4:1b0d80432c79 | 496 | if (mp_init(&B1) != MP_OKAY) |
| wolfSSL | 4:1b0d80432c79 | 497 | ret = MP_INIT_E; |
| wolfSSL | 4:1b0d80432c79 | 498 | else if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY) |
| wolfSSL | 4:1b0d80432c79 | 499 | ret = MP_READ_E; |
| wolfSSL | 4:1b0d80432c79 | 500 | else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY) |
| wolfSSL | 4:1b0d80432c79 | 501 | ret = MP_ADD_E; |
| wolfSSL | 4:1b0d80432c79 | 502 | |
| wolfSSL | 4:1b0d80432c79 | 503 | if (ret != 0) { |
| wolfSSL | 4:1b0d80432c79 | 504 | mp_clear(&B1); |
| wolfSSL | 4:1b0d80432c79 | 505 | break; |
| wolfSSL | 4:1b0d80432c79 | 506 | } |
| wolfSSL | 4:1b0d80432c79 | 507 | |
| wolfSSL | 4:1b0d80432c79 | 508 | for (i = 0; i < (int)iLen; i += v) { |
| wolfSSL | 4:1b0d80432c79 | 509 | int outSz; |
| wolfSSL | 4:1b0d80432c79 | 510 | mp_int i1; |
| wolfSSL | 4:1b0d80432c79 | 511 | mp_int res; |
| wolfSSL | 4:1b0d80432c79 | 512 | |
| wolfSSL | 4:1b0d80432c79 | 513 | if (mp_init_multi(&i1, &res, NULL, NULL, NULL, NULL) != MP_OKAY) { |
| wolfSSL | 4:1b0d80432c79 | 514 | ret = MP_INIT_E; |
| wolfSSL | 4:1b0d80432c79 | 515 | break; |
| wolfSSL | 4:1b0d80432c79 | 516 | } |
| wolfSSL | 4:1b0d80432c79 | 517 | if (mp_read_unsigned_bin(&i1, I + i, v) != MP_OKAY) |
| wolfSSL | 4:1b0d80432c79 | 518 | ret = MP_READ_E; |
| wolfSSL | 4:1b0d80432c79 | 519 | else if (mp_add(&i1, &B1, &res) != MP_OKAY) |
| wolfSSL | 4:1b0d80432c79 | 520 | ret = MP_ADD_E; |
| wolfSSL | 4:1b0d80432c79 | 521 | else if ( (outSz = mp_unsigned_bin_size(&res)) < 0) |
| wolfSSL | 4:1b0d80432c79 | 522 | ret = MP_TO_E; |
| wolfSSL | 4:1b0d80432c79 | 523 | else { |
| wolfSSL | 4:1b0d80432c79 | 524 | if (outSz > (int)v) { |
| wolfSSL | 4:1b0d80432c79 | 525 | /* take off MSB */ |
| wolfSSL | 4:1b0d80432c79 | 526 | byte tmp[129]; |
| wolfSSL | 4:1b0d80432c79 | 527 | ret = mp_to_unsigned_bin(&res, tmp); |
| wolfSSL | 4:1b0d80432c79 | 528 | XMEMCPY(I + i, tmp + 1, v); |
| wolfSSL | 4:1b0d80432c79 | 529 | } |
| wolfSSL | 4:1b0d80432c79 | 530 | else if (outSz < (int)v) { |
| wolfSSL | 4:1b0d80432c79 | 531 | XMEMSET(I + i, 0, v - outSz); |
| wolfSSL | 4:1b0d80432c79 | 532 | ret = mp_to_unsigned_bin(&res, I + i + v - outSz); |
| wolfSSL | 4:1b0d80432c79 | 533 | } |
| wolfSSL | 4:1b0d80432c79 | 534 | else |
| wolfSSL | 4:1b0d80432c79 | 535 | ret = mp_to_unsigned_bin(&res, I + i); |
| wolfSSL | 4:1b0d80432c79 | 536 | } |
| wolfSSL | 4:1b0d80432c79 | 537 | |
| wolfSSL | 4:1b0d80432c79 | 538 | mp_clear(&i1); |
| wolfSSL | 4:1b0d80432c79 | 539 | mp_clear(&res); |
| wolfSSL | 4:1b0d80432c79 | 540 | if (ret < 0) break; |
| wolfSSL | 4:1b0d80432c79 | 541 | } |
| wolfSSL | 4:1b0d80432c79 | 542 | |
| wolfSSL | 4:1b0d80432c79 | 543 | currentLen = min(kLen, (int)u); |
| wolfSSL | 4:1b0d80432c79 | 544 | XMEMCPY(output, Ai, currentLen); |
| wolfSSL | 4:1b0d80432c79 | 545 | output += currentLen; |
| wolfSSL | 4:1b0d80432c79 | 546 | kLen -= currentLen; |
| wolfSSL | 4:1b0d80432c79 | 547 | mp_clear(&B1); |
| wolfSSL | 4:1b0d80432c79 | 548 | } |
| wolfSSL | 4:1b0d80432c79 | 549 | |
| wolfSSL | 4:1b0d80432c79 | 550 | if (dynamic) XFREE(buffer, 0, DYNAMIC_TYPE_KEY); |
| wolfSSL | 4:1b0d80432c79 | 551 | |
| wolfSSL | 4:1b0d80432c79 | 552 | #ifdef WOLFSSL_SMALL_STACK |
| wolfSSL | 4:1b0d80432c79 | 553 | XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 554 | XFREE(B, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 4:1b0d80432c79 | 555 | #endif |
| wolfSSL | 4:1b0d80432c79 | 556 | |
| wolfSSL | 4:1b0d80432c79 | 557 | return ret; |
| wolfSSL | 4:1b0d80432c79 | 558 | } |
| wolfSSL | 4:1b0d80432c79 | 559 | |
| wolfSSL | 4:1b0d80432c79 | 560 | #undef PBKDF_DIGEST_SIZE |
| wolfSSL | 4:1b0d80432c79 | 561 | |
| wolfSSL | 4:1b0d80432c79 | 562 | #endif /* NO_PWDBASED */ |
| wolfSSL | 4:1b0d80432c79 | 563 | |
| wolfSSL | 4:1b0d80432c79 | 564 |