From 7cba52d8523869237c0f7708cfac39a98558490d Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 16 Aug 2009 22:26:13 +0300 Subject: [PATCH] Use OpenSSL for RC4 instead of internal implementation --- hostapd/Makefile | 1 - src/crypto/crypto_openssl.c | 37 +++++++++++++++++++++++++++++++++++++ wpa_supplicant/Makefile | 1 - 3 files changed, 37 insertions(+), 2 deletions(-) diff --git a/hostapd/Makefile b/hostapd/Makefile index 226f0fccb..9f8ec81fe 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -436,7 +436,6 @@ ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_openssl.o OBJS_p += ../src/crypto/fips_prf_openssl.o endif -CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_TLS), gnutls) OBJS += ../src/crypto/crypto_gnutls.o diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 2c865f0de..e8ea89584 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -96,6 +96,43 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) } +int rc4_skip(const u8 *key, size_t keylen, size_t skip, + u8 *data, size_t data_len) +{ +#ifdef OPENSSL_NO_RC4 + return -1; +#else /* OPENSSL_NO_RC4 */ + EVP_CIPHER_CTX ctx; + int outl; + int res = -1; + unsigned char skip_buf[16]; + + EVP_CIPHER_CTX_init(&ctx); + if (!EVP_CIPHER_CTX_set_padding(&ctx, 0) || + !EVP_CipherInit_ex(&ctx, EVP_rc4(), NULL, NULL, NULL, 1) || + !EVP_CIPHER_CTX_set_key_length(&ctx, keylen) || + !EVP_CipherInit_ex(&ctx, NULL, NULL, key, NULL, 1)) + goto out; + + while (skip >= sizeof(skip_buf)) { + size_t len = skip; + if (len > sizeof(skip_buf)) + len = sizeof(skip_buf); + if (!EVP_CipherUpdate(&ctx, skip_buf, &outl, skip_buf, len)) + goto out; + skip -= len; + } + + if (EVP_CipherUpdate(&ctx, data, &outl, data, data_len)) + res = 0; + +out: + EVP_CIPHER_CTX_cleanup(&ctx); + return res; +#endif /* OPENSSL_NO_RC4 */ +} + + int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { return openssl_digest_vector(EVP_md5(), 0, num_elem, addr, len, mac); diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile index ac200d268..e4bef9680 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -732,7 +732,6 @@ OBJS_p += ../src/crypto/crypto_openssl.o ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_openssl.o endif -CONFIG_INTERNAL_RC4=y endif ifeq ($(CONFIG_TLS), gnutls) OBJS += ../src/crypto/crypto_gnutls.o