1 files changed, 1 insertions, 152 deletions
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c
index 00cf7941..8f21bb80 100644
--- a/src/Common/Pkcs5.c
+++ b/src/Common/Pkcs5.c
@@ -14,7 +14,6 @@
 #include <memory.h>
 #include "Rmd160.h"
 #ifndef TC_WINDOWS_BOOT
-#include "Sha1.h"
 #include "Sha2.h"
 #include "Whirlpool.h"
 #endif
@@ -175,150 +174,6 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int it
        burn (u, sizeof(u));
 }
-/* Deprecated/legacy */
-void hmac_sha1
-(
-          char *k,              /* secret key */
-          int lk,               /* length of the key in bytes */
-          char *d,              /* data */
-          int ld,               /* length of data in bytes */
-          char *out,            /* output buffer, at least "t" bytes */
-          int t
-)
-{
-        sha1_ctx ictx, octx;
-        char isha[SHA1_DIGESTSIZE], osha[SHA1_DIGESTSIZE];
-        char key[SHA1_DIGESTSIZE];
-        char buf[SHA1_BLOCKSIZE];
-        int i;
-    /* If the key is longer than the hash algorithm block size,
-           let key = sha1(key), as per HMAC specifications. */
-        if (lk > SHA1_BLOCKSIZE)
-        {
-                sha1_ctx tctx;
-                sha1_begin (&tctx);
-                sha1_hash ((unsigned char *) k, lk, &tctx);
-                sha1_end ((unsigned char *) key, &tctx);
-                k = key;
-                lk = SHA1_DIGESTSIZE;
-                burn (&tctx, sizeof(tctx));             // Prevent leaks
-        }
-        /**** Inner Digest ****/
-        sha1_begin (&ictx);
-        /* Pad the key for inner digest */
-        for (i = 0; i < lk; ++i)
-                buf[i] = (char) (k[i] ^ 0x36);
-        for (i = lk; i < SHA1_BLOCKSIZE; ++i)
-                buf[i] = 0x36;
-        sha1_hash ((unsigned char *) buf, SHA1_BLOCKSIZE, &ictx);
-        sha1_hash ((unsigned char *) d, ld, &ictx);
-        sha1_end ((unsigned char *) isha, &ictx);
-        /**** Outer Digest ****/
-        sha1_begin (&octx);
-        for (i = 0; i < lk; ++i)
-                buf[i] = (char) (k[i] ^ 0x5C);
-        for (i = lk; i < SHA1_BLOCKSIZE; ++i)
-                buf[i] = 0x5C;
-        sha1_hash ((unsigned char *) buf, SHA1_BLOCKSIZE, &octx);
-        sha1_hash ((unsigned char *) isha, SHA1_DIGESTSIZE, &octx);
-        sha1_end ((unsigned char *) osha, &octx);
-        /* truncate and print the results */
-        t = t > SHA1_DIGESTSIZE ? SHA1_DIGESTSIZE : t;
-        hmac_truncate (osha, out, t);
-        /* Prevent leaks */
-        burn (&ictx, sizeof(ictx));
-        burn (&octx, sizeof(octx));
-        burn (isha, sizeof(isha));
-        burn (osha, sizeof(osha));
-        burn (buf, sizeof(buf));
-        burn (key, sizeof(key));
-}
-/* Deprecated/legacy */
-void derive_u_sha1 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b)
-{
-        char j[SHA1_DIGESTSIZE], k[SHA1_DIGESTSIZE];
-        char init[128];
-        char counter[4];
-        int c, i;
-        /* iteration 1 */
-        memset (counter, 0, 4);
-        counter[3] = (char) b;
-        memcpy (init, salt, salt_len);  /* salt */
-        memcpy (&init[salt_len], counter, 4);   /* big-endian block number */
-        hmac_sha1 (pwd, pwd_len, init, salt_len + 4, j, SHA1_DIGESTSIZE);
-        memcpy (u, j, SHA1_DIGESTSIZE);
-        /* remaining iterations */
-        for (c = 1; c < iterations; c++)
-        {
-                hmac_sha1 (pwd, pwd_len, j, SHA1_DIGESTSIZE, k, SHA1_DIGESTSIZE);
-                for (i = 0; i < SHA1_DIGESTSIZE; i++)
-                {
-                        u[i] ^= k[i];
-                        j[i] = k[i];
-                }
-        }
-        /* Prevent possible leaks. */
-        burn (j, sizeof(j));
-        burn (k, sizeof(k));
-}
-/* Deprecated/legacy */
-void derive_key_sha1 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
-{
-        char u[SHA1_DIGESTSIZE];
-        int b, l, r;
-        if (dklen % SHA1_DIGESTSIZE)
-        {
-                l = 1 + dklen / SHA1_DIGESTSIZE;
-        }
-        else
-        {
-                l = dklen / SHA1_DIGESTSIZE;
-        }
-        r = dklen - (l - 1) * SHA1_DIGESTSIZE;
-        /* first l - 1 blocks */
-        for (b = 1; b < l; b++)
-        {
-                derive_u_sha1 (pwd, pwd_len, salt, salt_len, iterations, u, b);
-                memcpy (dk, u, SHA1_DIGESTSIZE);
-                dk += SHA1_DIGESTSIZE;
-        }
-        /* last block */
-        derive_u_sha1 (pwd, pwd_len, salt, salt_len, iterations, u, b);
-        memcpy (dk, u, r);
-        /* Prevent possible leaks. */
-        burn (u, sizeof(u));
-}
 #endif // TC_WINDOWS_BOOT
 void hmac_ripemd160 (char *key, int keylen, char *input, int len, char *digest)
@@ -618,9 +473,6 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id)
        case SHA512:    
                return "HMAC-SHA-512";
-        case SHA1:      // Deprecated/legacy
-                return "HMAC-SHA-1";
        case RIPEMD160: 
                return "HMAC-RIPEMD-160";
@@ -646,10 +498,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot)
 #ifndef TC_WINDOWS_BOOT
        case SHA512:    
-                return 500000;                  
+                return 500000;
-        case SHA1:              // Deprecated/legacy            
-                return 1000000;                 
        case WHIRLPOOL: 
                return 500000;

diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index 00cf7941..8f21bb80 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c
@@ -14,7 +14,6 @@
14	#include <memory.h>	14	#include <memory.h>
15	#include "Rmd160.h"	15	#include "Rmd160.h"
16	#ifndef TC_WINDOWS_BOOT	16	#ifndef TC_WINDOWS_BOOT
17	#include "Sha1.h"
18	#include "Sha2.h"	17	#include "Sha2.h"
19	#include "Whirlpool.h"	18	#include "Whirlpool.h"
20	#endif	19	#endif
@@ -175,150 +174,6 @@ void derive_key_sha512 (char pwd, int pwd_len, char salt, int salt_len, int it
175	burn (u, sizeof(u));	174	burn (u, sizeof(u));
176	}	175	}
177		176
178
179	/* Deprecated/legacy */
180	void hmac_sha1
181	(
182	char k, / secret key */
183	int lk, /* length of the key in bytes */
184	char d, / data */
185	int ld, /* length of data in bytes */
186	char out, / output buffer, at least "t" bytes */
187	int t
188	)
189	{
190	sha1_ctx ictx, octx;
191	char isha[SHA1_DIGESTSIZE], osha[SHA1_DIGESTSIZE];
192	char key[SHA1_DIGESTSIZE];
193	char buf[SHA1_BLOCKSIZE];
194	int i;
195
196	/* If the key is longer than the hash algorithm block size,
197	let key = sha1(key), as per HMAC specifications. */
198	if (lk > SHA1_BLOCKSIZE)
199	{
200	sha1_ctx tctx;
201
202	sha1_begin (&tctx);
203	sha1_hash ((unsigned char *) k, lk, &tctx);
204	sha1_end ((unsigned char *) key, &tctx);
205
206	k = key;
207	lk = SHA1_DIGESTSIZE;
208
209	burn (&tctx, sizeof(tctx)); // Prevent leaks
210	}
211
212	/** Inner Digest **/
213
214	sha1_begin (&ictx);
215
216	/* Pad the key for inner digest */
217	for (i = 0; i < lk; ++i)
218	buf[i] = (char) (k[i] ^ 0x36);
219	for (i = lk; i < SHA1_BLOCKSIZE; ++i)
220	buf[i] = 0x36;
221
222	sha1_hash ((unsigned char *) buf, SHA1_BLOCKSIZE, &ictx);
223	sha1_hash ((unsigned char *) d, ld, &ictx);
224
225	sha1_end ((unsigned char *) isha, &ictx);
226
227	/** Outer Digest **/
228
229	sha1_begin (&octx);
230
231	for (i = 0; i < lk; ++i)
232	buf[i] = (char) (k[i] ^ 0x5C);
233	for (i = lk; i < SHA1_BLOCKSIZE; ++i)
234	buf[i] = 0x5C;
235
236	sha1_hash ((unsigned char *) buf, SHA1_BLOCKSIZE, &octx);
237	sha1_hash ((unsigned char *) isha, SHA1_DIGESTSIZE, &octx);
238
239	sha1_end ((unsigned char *) osha, &octx);
240
241	/* truncate and print the results */
242	t = t > SHA1_DIGESTSIZE ? SHA1_DIGESTSIZE : t;
243	hmac_truncate (osha, out, t);
244
245	/* Prevent leaks */
246	burn (&ictx, sizeof(ictx));
247	burn (&octx, sizeof(octx));
248	burn (isha, sizeof(isha));
249	burn (osha, sizeof(osha));
250	burn (buf, sizeof(buf));
251	burn (key, sizeof(key));
252	}
253
254
255	/* Deprecated/legacy */
256	void derive_u_sha1 (char pwd, int pwd_len, char salt, int salt_len, int iterations, char *u, int b)
257	{
258	char j[SHA1_DIGESTSIZE], k[SHA1_DIGESTSIZE];
259	char init[128];
260	char counter[4];
261	int c, i;
262
263	/* iteration 1 */
264	memset (counter, 0, 4);
265	counter[3] = (char) b;
266	memcpy (init, salt, salt_len); /* salt */
267	memcpy (&init[salt_len], counter, 4); /* big-endian block number */
268	hmac_sha1 (pwd, pwd_len, init, salt_len + 4, j, SHA1_DIGESTSIZE);
269	memcpy (u, j, SHA1_DIGESTSIZE);
270
271	/* remaining iterations */
272	for (c = 1; c < iterations; c++)
273	{
274	hmac_sha1 (pwd, pwd_len, j, SHA1_DIGESTSIZE, k, SHA1_DIGESTSIZE);
275	for (i = 0; i < SHA1_DIGESTSIZE; i++)
276	{
277	u[i] ^= k[i];
278	j[i] = k[i];
279	}
280	}
281
282	/* Prevent possible leaks. */
283	burn (j, sizeof(j));
284	burn (k, sizeof(k));
285	}
286
287
288	/* Deprecated/legacy */
289	void derive_key_sha1 (char pwd, int pwd_len, char salt, int salt_len, int iterations, char *dk, int dklen)
290	{
291	char u[SHA1_DIGESTSIZE];
292	int b, l, r;
293
294	if (dklen % SHA1_DIGESTSIZE)
295	{
296	l = 1 + dklen / SHA1_DIGESTSIZE;
297	}
298	else
299	{
300	l = dklen / SHA1_DIGESTSIZE;
301	}
302
303	r = dklen - (l - 1) * SHA1_DIGESTSIZE;
304
305	/* first l - 1 blocks */
306	for (b = 1; b < l; b++)
307	{
308	derive_u_sha1 (pwd, pwd_len, salt, salt_len, iterations, u, b);
309	memcpy (dk, u, SHA1_DIGESTSIZE);
310	dk += SHA1_DIGESTSIZE;
311	}
312
313	/* last block */
314	derive_u_sha1 (pwd, pwd_len, salt, salt_len, iterations, u, b);
315	memcpy (dk, u, r);
316
317
318	/* Prevent possible leaks. */
319	burn (u, sizeof(u));
320	}
321
322	#endif // TC_WINDOWS_BOOT	177	#endif // TC_WINDOWS_BOOT
323		178
324	void hmac_ripemd160 (char key, int keylen, char input, int len, char *digest)	179	void hmac_ripemd160 (char key, int keylen, char input, int len, char *digest)
@@ -618,9 +473,6 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id)
618	case SHA512:	473	case SHA512:
619	return "HMAC-SHA-512";	474	return "HMAC-SHA-512";
620		475
621	case SHA1: // Deprecated/legacy
622	return "HMAC-SHA-1";
623
624	case RIPEMD160:	476	case RIPEMD160:
625	return "HMAC-RIPEMD-160";	477	return "HMAC-RIPEMD-160";
626		478
@@ -646,10 +498,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot)
646	#ifndef TC_WINDOWS_BOOT	498	#ifndef TC_WINDOWS_BOOT
647		499
648	case SHA512:	500	case SHA512:
649	return 500000;	501	return 500000;
650
651	case SHA1: // Deprecated/legacy
652	return 1000000;
653		502
654	case WHIRLPOOL:	503	case WHIRLPOOL:
655	return 500000;	504	return 500000;