summaryrefslogtreecommitdiff
path: root/cesar/cp/secu/src
diff options
context:
space:
mode:
authorlaranjeiro2009-06-11 14:33:35 +0000
committerlaranjeiro2009-06-11 14:33:35 +0000
commitbf8096050b8a195359c3ce4c7f3c4844ad89fda0 (patch)
tree25e419a75d5d5e793306a5f7c9c59748403b438e /cesar/cp/secu/src
parentfbe44175543510339064a303e4c5a88eeab449bf (diff)
*cp/secu: (Closes #396)
* Added checkpoint's sta core call in the pbkdf1 function. git-svn-id: svn+ssh://pessac/svn/cesar/trunk@4783 017c9cb6-072f-447c-8318-d5b54f68fe89
Diffstat (limited to 'cesar/cp/secu/src')
-rw-r--r--cesar/cp/secu/src/pbkdf1.c14
-rw-r--r--cesar/cp/secu/src/secu.c21
2 files changed, 17 insertions, 18 deletions
diff --git a/cesar/cp/secu/src/pbkdf1.c b/cesar/cp/secu/src/pbkdf1.c
index 1f24d6243c..d20472a64c 100644
--- a/cesar/cp/secu/src/pbkdf1.c
+++ b/cesar/cp/secu/src/pbkdf1.c
@@ -18,12 +18,11 @@
#include "cp/secu/sha256.h"
#include "cp/types.h"
#include "cp/secu/pbkdf1.h"
-
#include "cp/secu/inc/pbkdf1.h"
-
+#include "cp/sta/core/core.h"
void
-secu_pbkdf1 (const u8 input[], const uint input_length,
+secu_pbkdf1 (cp_t *ctx, const u8 input[], const uint input_length,
const u8 salt[CP_SECU_SALT_SIZE], const uint it_count,
u8 output[], uint output_length)
{
@@ -39,6 +38,8 @@ secu_pbkdf1 (const u8 input[], const uint input_length,
u8 sha_output[CP_SECU_SHA256_SIZE]
__attribute__((aligned(128)));
+ cp_sta_core_checkpoint (ctx);
+
memset (dk, 0, sizeof (dk));
memset (sha_output, 0, sizeof (sha_output));
@@ -56,6 +57,8 @@ secu_pbkdf1 (const u8 input[], const uint input_length,
uint i;
for (i = 1; i < it_count; i++)
{
+ if ((i % 10) == 0)
+ cp_sta_core_checkpoint (ctx);
cp_secu_sha256 (sha_output, CP_SECU_SHA256_SIZE, sha_output);
}
/* Copy only CP_SECU_OUTPUT_KEY_SIZE as result. */
@@ -64,13 +67,14 @@ secu_pbkdf1 (const u8 input[], const uint input_length,
}
void
-cp_secu_pbkdf1 (const u8 input[], const uint input_length,
+cp_secu_pbkdf1 (cp_t *ctx, const u8 input[], const uint input_length,
u8 *output, uint output_length,
cp_secu_salt_kind_t salt_index,
uint iteration)
{
u8 *pbkdf1;
/* Check parameters. */
+ dbg_assert (ctx);
dbg_assert (input);
dbg_assert (input_length);
dbg_assert (output);
@@ -103,7 +107,7 @@ cp_secu_pbkdf1 (const u8 input[], const uint input_length,
dbg_assert_default ();
}
- secu_pbkdf1 (input, input_length,
+ secu_pbkdf1 (ctx, input, input_length,
pbkdf1, iteration,
output, output_length);
}
diff --git a/cesar/cp/secu/src/secu.c b/cesar/cp/secu/src/secu.c
index 0a04a96a3f..e8257692a7 100644
--- a/cesar/cp/secu/src/secu.c
+++ b/cesar/cp/secu/src/secu.c
@@ -100,7 +100,7 @@ cp_secu_protocol_next (cp_secu_protocol_run_t *prun, bool last)
}
void
-cp_secu_generate_nek (const uint num, cp_key_t *output)
+cp_secu_generate_nek (cp_t *ctx, const uint num, cp_key_t *output)
{
u8 input[4];
u8 buffer[sizeof(cp_key_t)];
@@ -110,7 +110,7 @@ cp_secu_generate_nek (const uint num, cp_key_t *output)
PUT_UINT32(num, input, 0);
/* Call the real function to generate an AES key. */
- cp_secu_pbkdf1 (input, sizeof (input),
+ cp_secu_pbkdf1 (ctx, input, sizeof (input),
buffer , sizeof(buffer),
CP_SECU_SALT_SPIDCOM,
CP_SECU_PBKDF1_ITERATION_NEK);
@@ -121,14 +121,8 @@ cp_secu_generate_nek (const uint num, cp_key_t *output)
GET_UINT32 (output->key[3], buffer, 12);
}
-/**
- * Generate the NID from the NMK and the security level.
- * \param buffer the buffer containing the NMK.
- * \param the Security level.
- * \return the NID computed.
- */
cp_nid_t
-cp_secu_nmk2nid(const cp_key_t nmk, const u8 security_level)
+cp_secu_nmk2nid(cp_t *ctx, const cp_key_t nmk, const u8 security_level)
{
cp_nid_t nid = 0;
u8 input [sizeof(cp_key_t)];
@@ -141,7 +135,7 @@ cp_secu_nmk2nid(const cp_key_t nmk, const u8 security_level)
PUT_UINT32(nmk.key[2], input, 8);
PUT_UINT32(nmk.key[3], input, 12);
- cp_secu_pbkdf1 (input, sizeof (cp_key_t), output, CP_NID_SIZE,
+ cp_secu_pbkdf1 (ctx, input, sizeof (cp_key_t), output, CP_NID_SIZE,
CP_SECU_SALT_NONE, CP_SECU_PBKDF1_ITERATION_NID);
output[CP_NID_SIZE-1] = output[CP_NID_SIZE-1] >> 4;
@@ -186,7 +180,8 @@ cp_secu_tek_gen (const u32 left[], const u32 right[], cp_key_t *output)
}
void
-cp_secu_generate_hash (const u32 seed, u8 *hash, const uint hash_length)
+cp_secu_generate_hash (cp_t *ctx, const u32 seed, u8 *hash,
+ const uint hash_length)
{
uint compt = 0;
@@ -195,7 +190,7 @@ cp_secu_generate_hash (const u32 seed, u8 *hash, const uint hash_length)
for (compt = 0; compt < iteration; compt++)
{
/* Generate hash. */
- cp_secu_pbkdf1 ((u8 *) &seed, sizeof (seed),
+ cp_secu_pbkdf1 (ctx, (u8 *) &seed, sizeof (seed),
&hash[compt * CP_SECU_OUTPUT_KEY_SIZE],
CP_SECU_OUTPUT_KEY_SIZE,
CP_SECU_SALT_SPIDCOM, CP_SECU_PBKDF1_ITERATION);
@@ -204,7 +199,7 @@ cp_secu_generate_hash (const u32 seed, u8 *hash, const uint hash_length)
uint modulo = hash_length % CP_SECU_OUTPUT_KEY_SIZE;
if (modulo)
{
- cp_secu_pbkdf1 ((u8 *) &seed, sizeof (seed),
+ cp_secu_pbkdf1 (ctx, (u8 *) &seed, sizeof (seed),
&hash[iteration * CP_SECU_OUTPUT_KEY_SIZE],
modulo,
CP_SECU_SALT_SPIDCOM, CP_SECU_PBKDF1_ITERATION);