TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b0c19a4b3d965bd89b5ee840eb2c0a4ae12199c6^! / . / include / polarssl
commitb0c19a4b3d965bd89b5ee840eb2c0a4ae12199c6[log] [tgz]
authorPaul Bakker <p.j.bakker@polarssl.org>Mon Jun 24 19:26:38 2013 +0200
committerPaul Bakker <p.j.bakker@polarssl.org>Tue Jun 25 15:06:52 2013 +0200
treecf80b3799176ac4438bc2f8e00cf80ea92f93544
parentfc4f46fa9a04cab01aab75c4c44bf79fe6a5fc26 [diff]
PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module.
(cherry picked from commit 19bd297dc896410e0d859729f9e8d4b1e107e6c8)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl

diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index cb51718..d83437e 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h

@@ -916,10 +916,11 @@
  * \def POLARSSL_PBKDF2_C
  *
  * Enable PKCS#5 PBKDF2 key derivation function
+ * DEPRECATED: Use POLARSSL_PKCS5_C instead
  *
  * Module:  library/pbkdf2.c
  *
- * Requires: POLARSSL_MD_C
+ * Requires: POLARSSL_PKCS5_C
  *
  * This module adds support for the PKCS#5 PBKDF2 key derivation function.
  */
@@ -940,6 +941,19 @@
 #define POLARSSL_PEM_C
 
 /**
+ * \def POLARSSL_PKCS5_C
+ *
+ * Enable PKCS#5 functions
+ *
+ * Module:  library/pkcs5.c
+ *
+ * Requires: POLARSSL_MD_C
+ *
+ * This module adds support for the PKCS#5 functions.
+ */
+#define POLARSSL_PKCS5_C
+
+/**
  * \def POLARSSL_PKCS11_C
  *
  * Enable wrapper for PKCS#11 smartcard support.

diff --git a/include/polarssl/error.h b/include/polarssl/error.h
index 9a3de00..4e5f69e 100644
--- a/include/polarssl/error.h
+++ b/include/polarssl/error.h

@@ -72,6 +72,7 @@
  * SHA4      1  0x007A-0x007A
  * PBKDF2    1  0x007C-0x007C
  * ECP       1  0x007E-0x007E
+ * PKCS5     1  0x007C-0x007C
  *
  * High-level module nr (3 bits - 0x1...-0x8...)
  * Name     ID  Nr of Errors

diff --git a/include/polarssl/pbkdf2.h b/include/polarssl/pbkdf2.h
index af84c13..e2e61b5 100644
--- a/include/polarssl/pbkdf2.h
+++ b/include/polarssl/pbkdf2.h

@@ -2,6 +2,7 @@
  * \file pbkdf2.h
  *
  * \brief Password-Based Key Derivation Function 2 (from PKCS#5)
+ *        DEPRECATED: use pkcs5.h instead.
  *
  * \author Mathias Olsson <mathias@kompetensum.com>
  *
@@ -48,6 +49,7 @@
 
 /**
  * \brief          PKCS#5 PBKDF2 using HMAC
+ *                 DEPRECATED: Use pkcs5_pbkdf2_hmac() instead!
  *
  * \param ctx      Generic HMAC context
  * \param password Password to use when generating key
@@ -65,9 +67,9 @@
                  unsigned int iteration_count,
                  uint32_t key_length, unsigned char *output );
 
-
 /**
  * \brief          Checkup routine
+ *                 DEPRECATED: Use pkcs5_self_test() instead!
  *
  * \return         0 if successful, or 1 if the test failed
  */

diff --git a/include/polarssl/pkcs5.h b/include/polarssl/pkcs5.h
new file mode 100644
index 0000000..5530b58
--- /dev/null
+++ b/include/polarssl/pkcs5.h

@@ -0,0 +1,79 @@
+/**
+ * \file pkcs#5.h
+ *
+ * \brief PKCS#5 functions
+ *
+ * \author Mathias Olsson <mathias@kompetensum.com>
+ *
+ *  Copyright (C) 2006-2013, Brainspark B.V.
+ *
+ *  This file is part of PolarSSL (http://www.polarssl.org)
+ *  Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ *  All rights reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License along
+ *  with this program; if not, write to the Free Software Foundation, Inc.,
+ *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+#ifndef POLARSSL_PKCS5_H
+#define POLARSSL_PKCS5_H
+
+#include <string.h>
+
+#include "md.h"
+
+#ifdef _MSC_VER
+#include <basetsd.h>
+typedef UINT32 uint32_t;
+#else
+#include <inttypes.h>
+#endif
+
+#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA                -0x007C  /**< Bad input parameters to function. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          PKCS#5 PBKDF2 using HMAC
+ *
+ * \param ctx      Generic HMAC context
+ * \param password Password to use when generating key
+ * \param plen     Length of password
+ * \param salt     Salt to use when generating key
+ * \param slen     Length of salt
+ * \param iteration_count       Iteration count
+ * \param key_length            Length of generated key
+ * \param output   Generated key. Must be at least as big as key_length
+ *
+ * \returns        0 on success, or a PolarSSL error code if verification fails.
+ */
+int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
+                       size_t plen, const unsigned char *salt, size_t slen,
+                       unsigned int iteration_count,
+                       uint32_t key_length, unsigned char *output );
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int pkcs5_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* pkcs5.h */