blob: 338fb21e2816e5e381700426cc075d3444eb55f5 [file] [log] [blame]
purpose: HMAC-SHA1 used for WPA-PSK
\ See license at end of file
\ ----------------------------------------------------------------------------
\ HMAC-SHA1 over data vector (RFC 2104)
d# 64 constant /keypad
/keypad buffer: keypad
: xor-keypad ( adr c -- )
swap /keypad bounds do i c@ over xor i c! loop drop
;
: xor-digest ( src dst -- )
/sha1-digest bounds do ( src )
dup c@ i c@ xor i c! 1+ ( src' )
loop drop
;
: key>keypad ( key$ -- )
keypad /keypad erase
keypad swap move
;
\ sha1-digest = SHA1 (K XOR opad, SHA1(K XOR ipad, text))
\ where K is an n byte key
\ ipad is 64 0x36
\ opad is 64 0x5c
\ text is the data being protected
\
/sha1-digest buffer: sha1-idigest \ sha1-idigest = SHA1(K XOR ipad, text))
/sha1-digest buffer: sha1-tkey
: ?sha1-reset-key ( passphrase$ -- key$ )
dup d# 64 > if \ if len>64, key = SHA1(key)
sha1
sha1-tkey swap move \ Save new key
sha1-tkey /sha1-digest ( key$ )
then
;
[ifndef] sha1-n
: sha1-n ( datan$..data1$ n -- digest$ )
sha1-init
0 ?do sha1-update loop
sha1-final
sha1-digest /sha1-digest ( digest$ )
;
[then]
: hmac-sha1 ( datan$..data1$ n key$ -- digest$ )
?sha1-reset-key 2>r ( datan$..data1$ n ) ( R: key$' )
\ sha1-idigest = SHA1(K XOR ipad, text)
2r@ key>keypad ( datan$..data1$ n ) ( R: key$ )
keypad h# 36 xor-keypad ( datan$..data1$ n )
keypad /keypad rot 1+ sha1-n ( digest$ ) ( R: key$ )
sha1-idigest swap move ( ) ( R: key$ )
2r> key>keypad ( )
keypad h# 5c xor-keypad
sha1-idigest /sha1-digest keypad /keypad 2 sha1-n ( digest$ )
;
\ ----------------------------------------------------------------------------
\ SHA1-based key derivation function (PBKDF2) for IEEE 802.11i.
\ This function is used to derive PSK for WPA-PSK, described in IEEE
\ Std 802.11-2004, clause H.4. The main contruction is from PKCS#5 v 2.0.
0 value pbkdf2-cnt
4 buffer: pbkdf2-cnt-buf
: pbkdf2-cnt++ ( -- )
pbkdf2-cnt 1+ dup to pbkdf2-cnt
pbkdf2-cnt-buf be-l!
;
/sha1-digest buffer: temp \ Last digest
/sha1-digest buffer: temp2 \ Current digest
: (pbkdf2-sha1) ( passphrase$ ssid$ -- )
2over 2>r ( passphrase$ ssid$ ) ( R: passphrase$ )
pbkdf2-cnt-buf 4 2swap 2 2r> hmac-sha1 ( passphrase$ digest$ )
temp2 swap move ( passphrase$ )
d# 4096 1 do
sha1-digest temp /sha1-digest move ( passphrase$ )
temp /sha1-digest 1 4 pick 4 pick hmac-sha1 ( passphrase$ digest$ )
drop temp2 xor-digest ( passphrase$ )
loop 2drop ( )
temp2 sha1-digest /sha1-digest move
;
: pbkdf2-sha1 ( passphrase$ ssid$ psk$ -- )
0 to pbkdf2-cnt
begin dup 0> while ( passphrase$ ssid$ psk$ )
pbkdf2-cnt++ ( passphrase$ ssid$ psk$ )
2>r 2over 2over (pbkdf2-sha1) ( passphrase$ ssid$ ) ( R: psk$ )
2r> 2dup /sha1-digest min sha1-digest -rot move ( passphrase$ ssid$ psk$ )
/sha1-digest /string ( passphrase$ ssid$ psk$' )
repeat 2drop 2drop 2drop ( )
;
create zero 0 c,
create prf-cnt 0 c,
: zero$ ( -- adr len ) zero 1 ;
: sha1-prf ( key$ label$ data$ result$ -- )
0 prf-cnt c!
begin dup 0> while ( key$ label$ data$ result$ )
2>r ( key$ label$ data$ ) ( R: result$ )
prf-cnt 1 2over zero$ ( key$ label$ data$ cnt$ data$ zero$ ) ( R: result$ )
9 pick 9 pick 4 ( key$ label$ data$ cnt$ data$ zero$ label$ n ) ( R: result$ )
d# 14 pick d# 14 pick hmac-sha1 ( key$ label$ data$ digest$ ) ( R: result$ )
2r> 2swap 2over rot min move ( key$ label$ data$ result$ )
/sha1-digest /string ( key$ label$ data$ result$' )
prf-cnt c@ 1+ prf-cnt c! ( key$ label$ data$ result$ )
repeat 2drop 2drop 2drop 2drop ( )
;
\ LICENSE_BEGIN
\ Copyright (c) 2007 FirmWorks
\
\ Permission is hereby granted, free of charge, to any person obtaining
\ a copy of this software and associated documentation files (the
\ "Software"), to deal in the Software without restriction, including
\ without limitation the rights to use, copy, modify, merge, publish,
\ distribute, sublicense, and/or sell copies of the Software, and to
\ permit persons to whom the Software is furnished to do so, subject to
\ the following conditions:
\
\ The above copyright notice and this permission notice shall be
\ included in all copies or substantial portions of the Software.
\
\ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
\ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
\ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
\ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
\ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
\ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
\ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
\
\ LICENSE_END