From 3f2e20e33941c51b3956adc4e653c2ec7457238e Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sun, 26 Oct 2014 00:57:44 +0200 Subject: Simplify code handling iterations count: in boot mode, we'll set the correct iterations count inside derive_u_sha256 and derive_u_ripemd160 depending in the value of the iterations parameter. On normal mode, we use normal values of iterations count. Removes the special test parameter from RIPEMD160 functions. --- src/Common/Pkcs5.c | 47 ++++++++++++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 21 deletions(-) (limited to 'src/Common/Pkcs5.c') diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index ba1054e0..e3f8031b 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -122,10 +122,17 @@ void derive_u_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, int iter uint32 c; int i; - if (iterations == 2000) +#ifdef TC_WINDOWS_BOOT + /* In bootloader, iterations is a boolean : TRUE for boot derivation mode, FALSE otherwise + * This enables us to save code space needed for implementing other features. + */ + if (iterations) c = 200000; else c = 500000; +#else + c = iterations; +#endif /* iteration 1 */ memset (counter, 0, 4); @@ -410,7 +417,7 @@ void hmac_ripemd160 (char *key, int keylen, char *input, int len, char *digest) burn (&context, sizeof(context)); } -void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b) +void derive_u_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b) { char j[RIPEMD160_DIGESTSIZE], k[RIPEMD160_DIGESTSIZE]; char init[128]; @@ -418,17 +425,17 @@ void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int uint32 c; int i; - if (bNotTest) - { - if (iterations == 32767) - c = 655331; - else - c = 327661; - } +#ifdef TC_WINDOWS_BOOT + /* In bootloader, iterations is a boolean : TRUE for boot derivation mode, FALSE otherwise + * This enables us to save code space needed for implementing other features. + */ + if (iterations) + c = 327661; else - { - c = iterations; - } + c = 655331; +#else + c = iterations; +#endif /* iteration 1 */ memset (counter, 0, 4); @@ -455,7 +462,7 @@ void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int burn (k, sizeof(k)); } -void derive_key_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen) +void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen) { char u[RIPEMD160_DIGESTSIZE]; int b, l, r; @@ -474,13 +481,13 @@ void derive_key_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, in /* first l - 1 blocks */ for (b = 1; b < l; b++) { - derive_u_ripemd160 (bNotTest, pwd, pwd_len, salt, salt_len, iterations, u, b); + derive_u_ripemd160 (pwd, pwd_len, salt, salt_len, iterations, u, b); memcpy (dk, u, RIPEMD160_DIGESTSIZE); dk += RIPEMD160_DIGESTSIZE; } /* last block */ - derive_u_ripemd160 (bNotTest, pwd, pwd_len, salt, salt_len, iterations, u, b); + derive_u_ripemd160 (pwd, pwd_len, salt, salt_len, iterations, u, b); memcpy (dk, u, r); @@ -656,7 +663,6 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id) } } -#endif //!TC_WINDOWS_BOOT int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot) @@ -665,22 +671,21 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot) { case RIPEMD160: - return bBoot? 16384 : 32767; /* it will be changed to 327661 and 655331 respectively inside derive_u_ripemd160 */ - -#ifndef TC_WINDOWS_BOOT + return bBoot? 327661 : 655331; case SHA512: return 500000; case WHIRLPOOL: return 500000; -#endif case SHA256: - return bBoot? 2000 : 5000; /* it will be changed to 200000 and 500000 respectively inside derive_u_sha256 */ + return bBoot? 200000 : 500000; default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID } return 0; } + +#endif //!TC_WINDOWS_BOOT \ No newline at end of file -- cgit v1.2.3