From: Tobias Brunner Date: Tue, 15 Feb 2022 13:20:07 +0000 (+0100) Subject: crypto: Remove unused prf_plus_t X-Git-Tag: 5.9.6rc1~2^2~11 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f535f1ed537f8c9564c22104e97fde4aea84e678;p=thirdparty%2Fstrongswan.git crypto: Remove unused prf_plus_t --- diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk index 515fd8f76b..2399d1a95c 100644 --- a/src/libstrongswan/Android.mk +++ b/src/libstrongswan/Android.mk @@ -13,7 +13,7 @@ crypto/hashers/hash_algorithm_set.c crypto/proposal/proposal.c \ crypto/proposal/proposal_keywords.c crypto/proposal/proposal_keywords_static.c \ crypto/prfs/prf.c crypto/prfs/mac_prf.c crypto/pkcs5.c \ crypto/rngs/rng.c crypto/rngs/rng_tester.c \ -crypto/prf_plus.c crypto/signers/signer.c \ +crypto/signers/signer.c \ crypto/signers/mac_signer.c crypto/crypto_factory.c crypto/crypto_tester.c \ crypto/diffie_hellman.c crypto/aead.c crypto/transform.c \ crypto/iv/iv_gen.c crypto/iv/iv_gen_rand.c crypto/iv/iv_gen_seq.c \ diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index 81e841381f..12d3b17d2a 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -11,7 +11,7 @@ crypto/hashers/hash_algorithm_set.c crypto/proposal/proposal.c \ crypto/proposal/proposal_keywords.c crypto/proposal/proposal_keywords_static.c \ crypto/prfs/prf.c crypto/prfs/mac_prf.c crypto/pkcs5.c \ crypto/rngs/rng.c crypto/rngs/rng_tester.c \ -crypto/prf_plus.c crypto/signers/signer.c \ +crypto/signers/signer.c \ crypto/signers/mac_signer.c crypto/crypto_factory.c crypto/crypto_tester.c \ crypto/diffie_hellman.c crypto/aead.c crypto/transform.c \ crypto/iv/iv_gen.c crypto/iv/iv_gen_rand.c crypto/iv/iv_gen_seq.c \ @@ -78,7 +78,7 @@ crypto/hashers/hash_algorithm_set.h crypto/mac.h crypto/proposal/proposal.h \ crypto/proposal/proposal_keywords.h crypto/proposal/proposal_keywords_static.h \ crypto/rngs/rng.h crypto/rngs/rng_tester.h \ crypto/prfs/prf.h crypto/prfs/mac_prf.h crypto/nonce_gen.h \ -crypto/prf_plus.h crypto/signers/signer.h crypto/signers/mac_signer.h \ +crypto/signers/signer.h crypto/signers/mac_signer.h \ crypto/crypto_factory.h crypto/crypto_tester.h crypto/diffie_hellman.h \ crypto/aead.h crypto/transform.h crypto/pkcs5.h crypto/iv/iv_gen.h \ crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h crypto/iv/iv_gen_null.h \ diff --git a/src/libstrongswan/crypto/prf_plus.c b/src/libstrongswan/crypto/prf_plus.c deleted file mode 100644 index 55da146427..0000000000 --- a/src/libstrongswan/crypto/prf_plus.c +++ /dev/null @@ -1,170 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include - -#include "prf_plus.h" - -typedef struct private_prf_plus_t private_prf_plus_t; - -typedef bool (*apply_prf_t)(private_prf_plus_t *this); - -/** - * Private data of an prf_plus_t object. - * - */ -struct private_prf_plus_t { - - /** - * Public interface of prf_plus_t. - */ - prf_plus_t public; - - /** - * PRF to use. - */ - prf_t *prf; - - /** - * Initial seed. - */ - chunk_t seed; - - /** - * Octet which will be appended to the seed if a counter is used. - */ - uint8_t counter; - - /** - * Already given out bytes in current buffer. - */ - size_t used; - - /** - * Buffer to store current PRF result. - */ - chunk_t buffer; - - /** - * The prf application method depending on whether a counter is used. - */ - apply_prf_t apply_prf; -}; - -/** - * Apply the PRF using the running counter - */ -static bool apply_prf_counter(private_prf_plus_t *this) -{ - if (!this->prf->get_bytes(this->prf, this->seed, NULL) || - !this->prf->get_bytes(this->prf, chunk_from_thing(this->counter), - this->buffer.ptr)) - { - return FALSE; - } - this->counter++; - if (!this->counter) - { /* according to RFC 7296, section 2.13, prf+ is undefined once the - * counter wrapped, so let's fail for future calls */ - this->apply_prf = (void*)return_false; - } - return TRUE; -} - -/** - * Apply the PRF using the running counter - */ -static bool apply_prf(private_prf_plus_t *this) -{ - return this->prf->get_bytes(this->prf, this->seed, this->buffer.ptr); -} - -METHOD(prf_plus_t, get_bytes, bool, - private_prf_plus_t *this, size_t length, uint8_t *buffer) -{ - size_t round, written = 0; - - while (length > 0) - { - if (this->buffer.len == this->used) - { /* buffer used, get next round */ - if (!this->prf->get_bytes(this->prf, this->buffer, NULL)) - { - return FALSE; - } - if (!this->apply_prf(this)) - { - return FALSE; - } - this->used = 0; - } - round = min(length, this->buffer.len - this->used); - memcpy(buffer + written, this->buffer.ptr + this->used, round); - - length -= round; - this->used += round; - written += round; - } - return TRUE; -} - -METHOD(prf_plus_t, allocate_bytes, bool, - private_prf_plus_t *this, size_t length, chunk_t *chunk) -{ - *chunk = chunk_alloc(length); - if (!get_bytes(this, length, chunk->ptr)) - { - chunk_free(chunk); - return FALSE; - } - return TRUE; -} - -METHOD(prf_plus_t, destroy, void, - private_prf_plus_t *this) -{ - chunk_clear(&this->buffer); - chunk_clear(&this->seed); - free(this); -} - -/* - * Description in header. - */ -prf_plus_t *prf_plus_create(prf_t *prf, bool counter, chunk_t seed) -{ - private_prf_plus_t *this; - - INIT(this, - .public = { - .get_bytes = _get_bytes, - .allocate_bytes = _allocate_bytes, - .destroy = _destroy, - }, - .prf = prf, - .seed = chunk_clone(seed), - .buffer = chunk_alloc(prf->get_block_size(prf)), - .apply_prf = counter ? apply_prf_counter : apply_prf, - .counter = 0x01, - ); - - if (!this->apply_prf(this)) - { - destroy(this); - return NULL; - } - return &this->public; -} diff --git a/src/libstrongswan/crypto/prf_plus.h b/src/libstrongswan/crypto/prf_plus.h deleted file mode 100644 index b72683df1a..0000000000 --- a/src/libstrongswan/crypto/prf_plus.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup prf_plus prf_plus - * @{ @ingroup crypto - */ - -#ifndef PRF_PLUS_H_ -#define PRF_PLUS_H_ - -typedef struct prf_plus_t prf_plus_t; - -#include - -/** - * Implementation of the prf+ function used in IKEv1/IKEv2 keymat extension. - */ -struct prf_plus_t { - - /** - * Get pseudo random bytes. - * - * @param length number of bytes to get - * @param buffer pointer where the generated bytes will be written - * @return TRUE if bytes generated successfully - */ - bool (*get_bytes)(prf_plus_t *this, size_t length, - uint8_t *buffer) __attribute__((warn_unused_result)); - - /** - * Allocate pseudo random bytes. - * - * @param length number of bytes to get - * @param chunk chunk which will hold generated bytes - * @return TRUE if bytes allocated successfully - */ - bool (*allocate_bytes)(prf_plus_t *this, size_t length, - chunk_t *chunk) __attribute__((warn_unused_result)); - - /** - * Destroys a prf_plus_t object. - */ - void (*destroy)(prf_plus_t *this); -}; - -/** - * Creates a new prf_plus_t object. - * - * @param prf prf object to use, must be destroyed after prf+. - * @param counter use an appending counter byte (for IKEv2 variant) - * @param seed input seed for prf - * @return prf_plus_t object, NULL on failure - */ -prf_plus_t *prf_plus_create(prf_t *prf, bool counter, chunk_t seed); - -#endif /** PRF_PLUS_H_ @}*/