gsasl/doxygen/crypto_8c_source.html

 /* crypto.c --- Simple crypto wrappers for applications.

  * Copyright (C) 2002-2024 Simon Josefsson

  *

  * This file is part of GNU SASL Library.

  *

  * GNU SASL Library is free software; you can redistribute it and/or

  * modify it under the terms of the GNU Lesser General Public License

  * as published by the Free Software Foundation; either version 2.1 of

  * the License, or (at your option) any later version.

  *

  * GNU SASL Library is distributed in the hope that it will be useful,

  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  * Lesser General Public License for more details.

  *

  * You should have received a copy of the GNU Lesser General Public

  * License License along with GNU SASL Library; if not, write to the

  * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,

  * Boston, MA 02110-1301, USA.

  *

  */


 #include <config.h>

 #include "internal.h"

 #include "mechtools.h"


 #include "gc.h"


 int

 gsasl_nonce (char *data, size_t datalen)

 {

   return gc_nonce (data, datalen);

 }


 int

 gsasl_random (char *data, size_t datalen)

 {

   return gc_random (data, datalen);

 }


 size_t

 gsasl_hash_length (Gsasl_hash hash)

 {

   switch (hash)

     {

     case GSASL_HASH_SHA1:

       return GSASL_HASH_SHA1_SIZE;

     case GSASL_HASH_SHA256:

       return GSASL_HASH_SHA256_SIZE;

     }


   return 0;

 }


 int

 gsasl_scram_secrets_from_salted_password (Gsasl_hash hash,

                                           const char *salted_password,

                                           char *client_key,

                                           char *server_key, char *stored_key)

 {

   int res;

   size_t hashlen = gsasl_hash_length (hash);


   /* ClientKey */

 #define CLIENT_KEY "Client Key"

   res = _gsasl_hmac (hash, salted_password, hashlen,

                      CLIENT_KEY, strlen (CLIENT_KEY), client_key);

   if (res != GSASL_OK)

     return res;


   /* StoredKey */

   res = _gsasl_hash (hash, client_key, hashlen, stored_key);

   if (res != GSASL_OK)

     return res;


   /* ServerKey */

 #define SERVER_KEY "Server Key"

   res = _gsasl_hmac (hash, salted_password, hashlen,

                      SERVER_KEY, strlen (SERVER_KEY), server_key);

   if (res != GSASL_OK)

     return res;


   return GSASL_OK;

 }


 int

 gsasl_scram_secrets_from_password (Gsasl_hash hash,

                                    const char *password,

                                    unsigned int iteration_count,

                                    const char *salt,

                                    size_t saltlen,

                                    char *salted_password,

                                    char *client_key,

                                    char *server_key, char *stored_key)

 {

   int res;

   char *preppass;


   res = gsasl_saslprep (password, GSASL_ALLOW_UNASSIGNED, &preppass, NULL);

   if (res != GSASL_OK)

     return res;


   res = _gsasl_pbkdf2 (hash, preppass, strlen (preppass),

                        salt, saltlen, iteration_count, salted_password, 0);

   free (preppass);

   if (res != GSASL_OK)

     return res;


   return gsasl_scram_secrets_from_salted_password (hash, salted_password,

                                                    client_key, server_key,

                                                    stored_key);

 }

gsasl_random
int gsasl_random(char *data, size_t datalen)
Definition: crypto.c:55

gsasl_hash_length
size_t gsasl_hash_length(Gsasl_hash hash)
Definition: crypto.c:73

SERVER_KEY
#define SERVER_KEY

gsasl_scram_secrets_from_salted_password
int gsasl_scram_secrets_from_salted_password(Gsasl_hash hash, const char *salted_password, char *client_key, char *server_key, char *stored_key)
Definition: crypto.c:104

gsasl_nonce
int gsasl_nonce(char *data, size_t datalen)
Definition: crypto.c:39

gsasl_scram_secrets_from_password
int gsasl_scram_secrets_from_password(Gsasl_hash hash, const char *password, unsigned int iteration_count, const char *salt, size_t saltlen, char *salted_password, char *client_key, char *server_key, char *stored_key)
Definition: crypto.c:156

CLIENT_KEY
#define CLIENT_KEY

GSASL_ALLOW_UNASSIGNED
@ GSASL_ALLOW_UNASSIGNED
Definition: gsasl.h:332

Gsasl_hash
Gsasl_hash
Definition: gsasl.h:428

GSASL_HASH_SHA1
@ GSASL_HASH_SHA1
Definition: gsasl.h:430

GSASL_HASH_SHA256
@ GSASL_HASH_SHA256
Definition: gsasl.h:431

GSASL_OK
@ GSASL_OK
Definition: gsasl.h:129

GSASL_HASH_SHA1_SIZE
@ GSASL_HASH_SHA1_SIZE
Definition: gsasl.h:450

GSASL_HASH_SHA256_SIZE
@ GSASL_HASH_SHA256_SIZE
Definition: gsasl.h:451

gsasl_saslprep
_GSASL_API int gsasl_saslprep(const char *in, Gsasl_saslprep_flags flags, char **out, int *stringpreprc)

internal.h

_gsasl_hmac
int _gsasl_hmac(Gsasl_hash hash, const char *key, size_t keylen, const char *in, size_t inlen, char *outhash)
Definition: mechtools.c:329

_gsasl_pbkdf2
int _gsasl_pbkdf2(Gsasl_hash hash, const char *password, size_t passwordlen, const char *salt, size_t saltlen, unsigned int c, char *dk, size_t dklen)
Definition: mechtools.c:368

_gsasl_hash
int _gsasl_hash(Gsasl_hash hash, const char *in, size_t inlen, char *outhash)
Definition: mechtools.c:296

mechtools.h