From ac73690c06e8c05a9e36483b104a431c26171512 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 16 Aug 2009 20:13:14 +0300 Subject: [PATCH] Move RC4 into crypto.h as a replaceable crypto function This allows crypto library wrappers to override the internal RC4 implementation in the same way as can already be done for other crypto algorithms. --- hostapd/Makefile | 9 ++++++++- hostapd/ieee802_11.c | 2 +- hostapd/ieee802_1x.c | 2 +- hostapd/wpa.c | 1 - src/crypto/crypto.h | 16 ++++++++++++++++ src/crypto/crypto_internal.c | 1 - src/crypto/crypto_libtomcrypt.c | 1 - src/crypto/ms_funcs.c | 1 - src/crypto/rc4.c | 20 +++++--------------- src/crypto/rc4.h | 21 --------------------- src/eapol_supp/eapol_supp_sm.c | 2 +- src/rsn_supp/wpa.c | 2 +- wpa_supplicant/Makefile | 13 ++++++++++++- 13 files changed, 45 insertions(+), 46 deletions(-) delete mode 100644 src/crypto/rc4.h diff --git a/hostapd/Makefile b/hostapd/Makefile index b09d3c327..226f0fccb 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -89,7 +89,6 @@ OBJS += ctrl_iface.o endif OBJS += ../src/crypto/md5.o -OBJS += ../src/crypto/rc4.o AESOBJS = # none so far @@ -437,6 +436,7 @@ ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_openssl.o OBJS_p += ../src/crypto/fips_prf_openssl.o endif +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_TLS), gnutls) OBJS += ../src/crypto/crypto_gnutls.o @@ -447,12 +447,14 @@ OBJS += ../src/crypto/fips_prf_gnutls.o OBJS_p += ../src/crypto/fips_prf_gnutls.o endif CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_TLS), internal) ifeq ($(CONFIG_CRYPTO), libtomcrypt) OBJS += ../src/crypto/crypto_libtomcrypt.o OBJS_p += ../src/crypto/crypto_libtomcrypt.o CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_CRYPTO), internal) OBJS += ../src/crypto/crypto_internal.o ../src/tls/rsa.o ../src/tls/bignum.o @@ -473,6 +475,7 @@ CONFIG_INTERNAL_SHA1=y CONFIG_INTERNAL_MD4=y CONFIG_INTERNAL_MD5=y CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif endif else @@ -480,6 +483,7 @@ CONFIG_INTERNAL_AES=y CONFIG_INTERNAL_SHA1=y CONFIG_INTERNAL_MD5=y CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifdef CONFIG_INTERNAL_AES @@ -500,6 +504,9 @@ endif ifdef CONFIG_INTERNAL_DES OBJS += ../src/crypto/des-internal.o endif +ifdef CONFIG_INTERNAL_RC4 +OBJS += ../src/crypto/rc4.o +endif ifdef NEED_SHA256 OBJS += ../src/crypto/sha256.o diff --git a/hostapd/ieee802_11.c b/hostapd/ieee802_11.c index 42e1e99b8..801048b22 100644 --- a/hostapd/ieee802_11.c +++ b/hostapd/ieee802_11.c @@ -28,7 +28,7 @@ #include "radius/radius_client.h" #include "ieee802_11_auth.h" #include "sta_info.h" -#include "rc4.h" +#include "crypto.h" #include "ieee802_1x.h" #include "wpa.h" #include "wme.h" diff --git a/hostapd/ieee802_1x.c b/hostapd/ieee802_1x.c index 9e26521df..0037f62a5 100644 --- a/hostapd/ieee802_1x.c +++ b/hostapd/ieee802_1x.c @@ -21,7 +21,7 @@ #include "radius/radius_client.h" #include "eapol_sm.h" #include "md5.h" -#include "rc4.h" +#include "crypto.h" #include "eloop.h" #include "sta_info.h" #include "wpa.h" diff --git a/hostapd/wpa.c b/hostapd/wpa.c index 5ec7211fe..e7a179df0 100644 --- a/hostapd/wpa.c +++ b/hostapd/wpa.c @@ -22,7 +22,6 @@ #include "wpa.h" #include "sha1.h" #include "sha256.h" -#include "rc4.h" #include "aes_wrap.h" #include "crypto.h" #include "eloop.h" diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index be3609e34..44d0fb8f4 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -448,4 +448,20 @@ int __must_check crypto_mod_exp(const u8 *base, size_t base_len, const u8 *modulus, size_t modulus_len, u8 *result, size_t *result_len); +/** + * rc4_skip - XOR RC4 stream to given data with skip-stream-start + * @key: RC4 key + * @keylen: RC4 key length + * @skip: number of bytes to skip from the beginning of the RC4 stream + * @data: data to be XOR'ed with RC4 stream + * @data_len: buf length + * Returns: 0 on success, -1 on failure + * + * Generate RC4 pseudo random stream for the given key, skip beginning of the + * stream, and XOR the end result with the data buffer to perform RC4 + * encryption/decryption. + */ +int rc4_skip(const u8 *key, size_t keylen, size_t skip, + u8 *data, size_t data_len); + #endif /* CRYPTO_H */ diff --git a/src/crypto/crypto_internal.c b/src/crypto/crypto_internal.c index 98a1ddcb5..9501dfd62 100644 --- a/src/crypto/crypto_internal.c +++ b/src/crypto/crypto_internal.c @@ -18,7 +18,6 @@ #include "crypto.h" #include "md5.h" #include "sha1.h" -#include "rc4.h" #include "aes.h" #include "tls/rsa.h" #include "tls/bignum.h" diff --git a/src/crypto/crypto_libtomcrypt.c b/src/crypto/crypto_libtomcrypt.c index 2ccf46d81..c701f5581 100644 --- a/src/crypto/crypto_libtomcrypt.c +++ b/src/crypto/crypto_libtomcrypt.c @@ -16,7 +16,6 @@ #include #include "common.h" -#include "rc4.h" #include "crypto.h" #ifndef mp_init_multi diff --git a/src/crypto/ms_funcs.c b/src/crypto/ms_funcs.c index 9839a7dd1..dae15ab91 100644 --- a/src/crypto/ms_funcs.c +++ b/src/crypto/ms_funcs.c @@ -18,7 +18,6 @@ #include "sha1.h" #include "ms_funcs.h" #include "crypto.h" -#include "rc4.h" /** diff --git a/src/crypto/rc4.c b/src/crypto/rc4.c index 70c790e36..5ab1be191 100644 --- a/src/crypto/rc4.c +++ b/src/crypto/rc4.c @@ -15,24 +15,12 @@ #include "includes.h" #include "common.h" -#include "rc4.h" +#include "crypto.h" #define S_SWAP(a,b) do { u8 t = S[a]; S[a] = S[b]; S[b] = t; } while(0) -/** - * rc4 - XOR RC4 stream to given data with skip-stream-start - * @key: RC4 key - * @keylen: RC4 key length - * @skip: number of bytes to skip from the beginning of the RC4 stream - * @data: data to be XOR'ed with RC4 stream - * @data_len: buf length - * - * Generate RC4 pseudo random stream for the given key, skip beginning of the - * stream, and XOR the end result with the data buffer to perform RC4 - * encryption/decryption. - */ -void rc4_skip(const u8 *key, size_t keylen, size_t skip, - u8 *data, size_t data_len) +int rc4_skip(const u8 *key, size_t keylen, size_t skip, + u8 *data, size_t data_len) { u32 i, j, k; u8 S[256], *pos; @@ -67,4 +55,6 @@ void rc4_skip(const u8 *key, size_t keylen, size_t skip, S_SWAP(i, j); *pos++ ^= S[(S[i] + S[j]) & 0xff]; } + + return 0; } diff --git a/src/crypto/rc4.h b/src/crypto/rc4.h deleted file mode 100644 index 35c7e41fb..000000000 --- a/src/crypto/rc4.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * RC4 stream cipher - * Copyright (c) 2002-2005, Jouni Malinen - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - * - * Alternatively, this software may be distributed under the terms of BSD - * license. - * - * See README and COPYING for more details. - */ - -#ifndef RC4_H -#define RC4_H - -void rc4_skip(const u8 *key, size_t keylen, size_t skip, - u8 *data, size_t data_len); - -#endif /* RC4_H */ diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c index 58e62211a..19d57b9c4 100644 --- a/src/eapol_supp/eapol_supp_sm.c +++ b/src/eapol_supp/eapol_supp_sm.c @@ -20,7 +20,7 @@ #include "eloop.h" #include "eapol_common.h" #include "md5.h" -#include "rc4.h" +#include "crypto.h" #include "state_machine.h" #include "wpabuf.h" diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 16b641afe..7003db340 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -15,7 +15,7 @@ #include "includes.h" #include "common.h" -#include "rc4.h" +#include "crypto.h" #include "aes_wrap.h" #include "wpa.h" #include "eloop.h" diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile index 219c5c404..ac200d268 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -52,7 +52,6 @@ OBJS = config.o OBJS += ../src/utils/common.o OBJS += ../src/utils/wpa_debug.o OBJS += ../src/utils/wpabuf.o -OBJS += ../src/crypto/rc4.o OBJS_p = wpa_passphrase.o OBJS_p += ../src/utils/common.o OBJS_p += ../src/utils/wpa_debug.o @@ -677,6 +676,7 @@ CONFIG_INTERNAL_AES=y CONFIG_INTERNAL_SHA1=y CONFIG_INTERNAL_MD5=y CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifdef CONFIG_SMARTCARD ifndef CONFIG_NATIVE_WINDOWS @@ -732,6 +732,7 @@ OBJS_p += ../src/crypto/crypto_openssl.o ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_openssl.o endif +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_TLS), gnutls) OBJS += ../src/crypto/crypto_gnutls.o @@ -740,17 +741,20 @@ ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_gnutls.o endif CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_TLS), schannel) OBJS += ../src/crypto/crypto_cryptoapi.o OBJS_p += ../src/crypto/crypto_cryptoapi.o CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_TLS), internal) ifeq ($(CONFIG_CRYPTO), libtomcrypt) OBJS += ../src/crypto/crypto_libtomcrypt.o OBJS_p += ../src/crypto/crypto_libtomcrypt.o CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_CRYPTO), internal) OBJS += ../src/crypto/crypto_internal.o ../src/tls/bignum.o @@ -771,18 +775,21 @@ CONFIG_INTERNAL_SHA1=y CONFIG_INTERNAL_MD4=y CONFIG_INTERNAL_MD5=y CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_CRYPTO), cryptoapi) OBJS += ../src/crypto/crypto_cryptoapi.o OBJS_p += ../src/crypto/crypto_cryptoapi.o CFLAGS += -DCONFIG_CRYPTO_CRYPTOAPI CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif endif ifeq ($(CONFIG_TLS), none) OBJS += ../src/crypto/crypto_none.o OBJS_p += ../src/crypto/crypto_none.o CONFIG_INTERNAL_SHA256=y +CONFIG_INTERNAL_RC4=y endif else CONFIG_INTERNAL_AES=y @@ -812,6 +819,10 @@ ifdef CONFIG_INTERNAL_DES DESOBJS += ../src/crypto/des-internal.o endif +ifdef CONFIG_INTERNAL_RC4 +OBJS += ../src/crypto/rc4.o +endif + ifdef CONFIG_IEEE80211R NEED_SHA256=y endif