From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 01/21] crypto: remove label from prf_plus, instead use va_args
Date: Thu, 12 Oct 2023 13:01:30 -0700 [thread overview]
Message-ID: <20231012200150.338401-2-prestwoj@gmail.com> (raw)
In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com>
The prf_plus API was a bit restrictive because it only took a
string label which isn't compatible with some specs (e.g. DPP
inputs to HKDF-Expand). In addition it took additional label
aruments which were appended to the HMAC call (and the
non-intuitive '\0' if there were extra arguments).
Instead the label argument has been removed and callers can pass
it in through va_args. This also lets the caller decided the length
and can include the '\0' or not, dependent on the spec the caller
is following.
---
src/crypto.c | 24 +++++++++---------------
src/crypto.h | 2 +-
src/erp.c | 19 +++++++++++--------
3 files changed, 21 insertions(+), 24 deletions(-)
diff --git a/src/crypto.c b/src/crypto.c
index 710641ed..3128b2a5 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -624,10 +624,10 @@ bool prf_sha1(const void *key, size_t key_len,
/* PRF+ from RFC 5295 Section 3.1.2 (also RFC 4306 Section 2.13) */
bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len,
- const char *label, void *out, size_t out_len,
+ void *out, size_t out_len,
size_t n_extra, ...)
{
- struct iovec iov[n_extra + 3];
+ struct iovec iov[n_extra + 2];
uint8_t *t = out;
size_t t_len = 0;
uint8_t count = 1;
@@ -637,24 +637,17 @@ bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len,
ssize_t ret;
size_t i;
- iov[1].iov_base = (void *) label;
- iov[1].iov_len = strlen(label);
-
- /* Include the '\0' from the label in S if extra arguments provided */
- if (n_extra)
- iov[1].iov_len += 1;
-
va_start(va, n_extra);
for (i = 0; i < n_extra; i++) {
- iov[i + 2].iov_base = va_arg(va, void *);
- iov[i + 2].iov_len = va_arg(va, size_t);
+ iov[i + 1].iov_base = va_arg(va, void *);
+ iov[i + 1].iov_len = va_arg(va, size_t);
}
va_end(va);
- iov[n_extra + 2].iov_base = &count;
- iov[n_extra + 2].iov_len = 1;
+ iov[n_extra + 1].iov_base = &count;
+ iov[n_extra + 1].iov_len = 1;
hmac = l_checksum_new_hmac(type, key, key_len);
if (!hmac)
@@ -664,7 +657,7 @@ bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len,
iov[0].iov_base = t;
iov[0].iov_len = t_len;
- if (!l_checksum_updatev(hmac, iov, n_extra + 3)) {
+ if (!l_checksum_updatev(hmac, iov, n_extra + 2)) {
l_checksum_free(hmac);
return false;
}
@@ -874,7 +867,8 @@ bool hkdf_extract(enum l_checksum_type type, const void *key,
bool hkdf_expand(enum l_checksum_type type, const void *key, size_t key_len,
const char *info, void *out, size_t out_len)
{
- return prf_plus(type, key, key_len, info, out, out_len, 0);
+ return prf_plus(type, key, key_len, out, out_len, 1,
+ info, strlen(info));
}
/*
diff --git a/src/crypto.h b/src/crypto.h
index d2a96655..1f48a52b 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -122,7 +122,7 @@ bool prf_plus_sha1(const void *key, size_t key_len,
const void *data, size_t data_len, void *output, size_t size);
bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len,
- const char *label, void *out, size_t out_len,
+ void *out, size_t out_len,
size_t n_extra, ...);
bool hkdf_extract(enum l_checksum_type type, const void *key, size_t key_len,
diff --git a/src/erp.c b/src/erp.c
index 5af18fda..2729cfc8 100644
--- a/src/erp.c
+++ b/src/erp.c
@@ -281,8 +281,9 @@ static bool erp_derive_emsk_name(const uint8_t *session_id, size_t session_len,
uint16_t eight = L_CPU_TO_BE16(8);
char *ascii;
- if (!prf_plus(L_CHECKSUM_SHA256, session_id, session_len, "EMSK",
- hex, 8, 1, &eight, sizeof(eight)))
+ if (!prf_plus(L_CHECKSUM_SHA256, session_id, session_len,
+ hex, 8, 2, "EMSK", strlen("EMSK") + 1,
+ &eight, sizeof(eight)))
return false;
ascii = l_util_hexstring(hex, 8);
@@ -309,13 +310,15 @@ static bool erp_derive_reauth_keys(const uint8_t *emsk, size_t emsk_len,
uint16_t len = L_CPU_TO_BE16(emsk_len);
uint8_t cryptosuite = ERP_CRYPTOSUITE_SHA256_128;
- if (!prf_plus(L_CHECKSUM_SHA256, emsk, emsk_len, ERP_RRK_LABEL,
- r_rk, emsk_len, 1,
+ if (!prf_plus(L_CHECKSUM_SHA256, emsk, emsk_len,
+ r_rk, emsk_len, 2, ERP_RRK_LABEL,
+ strlen(ERP_RRK_LABEL) + 1,
&len, sizeof(len)))
return false;
- if (!prf_plus(L_CHECKSUM_SHA256, r_rk, emsk_len, ERP_RIK_LABEL,
- r_ik, emsk_len, 2,
+ if (!prf_plus(L_CHECKSUM_SHA256, r_rk, emsk_len,
+ r_ik, emsk_len, 3, ERP_RIK_LABEL,
+ strlen(ERP_RIK_LABEL) + 1,
&cryptosuite, 1, &len, sizeof(len)))
return false;
@@ -496,8 +499,8 @@ int erp_rx_packet(struct erp_state *erp, const uint8_t *pkt, size_t len)
length = L_CPU_TO_BE16(64);
if (!prf_plus(L_CHECKSUM_SHA256, erp->r_rk, erp->cache->emsk_len,
- ERP_RMSK_LABEL,
- erp->rmsk, erp->cache->emsk_len, 2,
+ erp->rmsk, erp->cache->emsk_len, 3,
+ ERP_RMSK_LABEL, strlen(ERP_RMSK_LABEL) + 1,
&seq, sizeof(seq),
&length, sizeof(length)))
goto eap_failed;
--
2.25.1
next prev parent reply other threads:[~2023-10-12 20:02 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-12 20:01 [PATCH 00/21] DPP PKEX Changes James Prestwood
2023-10-12 20:01 ` James Prestwood [this message]
2023-10-17 15:18 ` [PATCH 01/21] crypto: remove label from prf_plus, instead use va_args Denis Kenzior
2023-10-12 20:01 ` [PATCH 02/21] dpp-util: fix typo "COMMIT_REVEAP_RESPONSE" James Prestwood
2023-10-17 15:19 ` Denis Kenzior
2023-10-12 20:01 ` [PATCH 03/21] dpp: rename auth_addr to peer_addr James Prestwood
2023-10-17 15:21 ` Denis Kenzior
2023-10-12 20:01 ` [PATCH 04/21] dpp: rename dpp_presence_timeout to be generic James Prestwood
2023-10-17 15:31 ` Denis Kenzior
2023-10-12 20:01 ` [PATCH 05/21] dpp: move/store max_roc setting into dpp_create James Prestwood
2023-10-17 15:32 ` Denis Kenzior
2023-10-12 20:01 ` [PATCH 06/21] dpp: fix retransmits if on operating channel James Prestwood
2023-10-17 15:36 ` Denis Kenzior
2023-10-12 20:01 ` [PATCH 07/21] dpp-util: allow for mutual authentication in i/r_auth James Prestwood
2023-10-19 14:34 ` Denis Kenzior
2023-10-12 20:01 ` [PATCH 08/21] dpp-util: allow mutual auth in dpp_derive_ke James Prestwood
2023-10-12 20:01 ` [PATCH 09/21] unit: update test-dpp with API changes James Prestwood
2023-10-12 20:01 ` [PATCH 10/21] offchannel: add support to issue multiple offchannel requests James Prestwood
2023-10-19 14:51 ` Denis Kenzior
2023-10-19 19:35 ` James Prestwood
2023-10-19 19:55 ` Denis Kenzior
2023-10-19 20:05 ` James Prestwood
2023-10-19 21:42 ` Denis Kenzior
2023-10-19 21:47 ` James Prestwood
2023-10-20 19:10 ` James Prestwood
2023-10-12 20:01 ` [PATCH 11/21] doc: PKEX support for DPP James Prestwood
2023-10-19 14:59 ` Denis Kenzior
2023-10-19 15:23 ` James Prestwood
2023-10-19 15:36 ` Denis Kenzior
2023-10-19 15:45 ` James Prestwood
2023-10-19 16:17 ` Denis Kenzior
2023-10-19 16:42 ` James Prestwood
2023-10-19 18:56 ` Denis Kenzior
2023-10-19 20:00 ` James Prestwood
2023-10-19 21:47 ` Denis Kenzior
2023-10-19 22:22 ` James Prestwood
2023-10-19 23:12 ` Denis Kenzior
2023-10-23 13:49 ` James Prestwood
2023-10-24 14:40 ` Denis Kenzior
2023-10-24 12:05 ` James Prestwood
2023-10-24 15:03 ` Denis Kenzior
2023-10-24 15:19 ` James Prestwood
2023-10-25 2:46 ` Denis Kenzior
2023-10-12 20:01 ` [PATCH 12/21] dpp-util: add crypto for PKEX James Prestwood
2023-10-19 15:13 ` Denis Kenzior
2023-10-19 15:27 ` James Prestwood
2023-10-12 20:01 ` [PATCH 13/21] dpp-util: add __DPP_STATUS_MAX James Prestwood
2023-10-19 15:16 ` Denis Kenzior
2023-10-23 12:35 ` James Prestwood
2023-10-12 20:01 ` [PATCH 14/21] dpp: support mutual authentication James Prestwood
2023-10-12 20:01 ` [PATCH 15/21] dpp: allow enrollee to be authentication initiator James Prestwood
2023-10-12 20:01 ` [PATCH 16/21] dbus: add SharedCodeDeviceProvisioning interface definition James Prestwood
2023-10-12 20:01 ` [PATCH 17/21] dpp: initial version of PKEX enrollee support James Prestwood
2023-10-12 20:01 ` [PATCH 18/21] dpp: initial version of PKEX configurator support James Prestwood
2023-10-12 20:01 ` [PATCH 19/21] auto-t: add utils for wpa_supplicant PKEX James Prestwood
2023-10-12 20:01 ` [PATCH 20/21] auto-t: add APIs for PKEX James Prestwood
2023-10-12 20:01 ` [PATCH 21/21] auto-t: add DPP PKEX tests James Prestwood
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231012200150.338401-2-prestwoj@gmail.com \
--to=prestwoj@gmail.com \
--cc=iwd@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox