recipes-wifi/wpa-supplicant/files/patches-2.10.3/120-mbedtls-fips186_2_prf.patch - filogic/rdk-b/meta-filogic - Gitiles

 From c8dba4bd750269bcc80fed3d546e2077cb4cdf0e Mon Sep 17 00:00:00 2001
 From: Glenn Strauss <gstrauss@gluelogic.com>
 Date: Tue, 19 Jul 2022 20:02:21 -0400
 Subject: [PATCH 2/7] mbedtls: fips186_2_prf()

 Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ---
  hostapd/Makefile            |  4 ---
  src/crypto/crypto_mbedtls.c | 60 +++++++++++++++++++++++++++++++++++++
  wpa_supplicant/Makefile     |  4 ---
  3 files changed, 60 insertions(+), 8 deletions(-)

 --- a/hostapd/Makefile
 +++ b/hostapd/Makefile
 @@ -759,10 +759,6 @@ endif
  OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
  HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
  SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
 -ifdef NEED_FIPS186_2_PRF
 -OBJS += ../src/crypto/fips_prf_internal.o
 -SHA1OBJS += ../src/crypto/sha1-internal.o
 -endif
  ifeq ($(CONFIG_CRYPTO), mbedtls)
  ifdef CONFIG_DPP
  LIBS += -lmbedx509
 --- a/src/crypto/crypto_mbedtls.c
 +++ b/src/crypto/crypto_mbedtls.c
 @@ -132,6 +132,12 @@
  #define CRYPTO_MBEDTLS_HMAC_KDF_SHA512
  #endif

 +#if defined(EAP_SIM) || defined(EAP_SIM_DYNAMIC) || defined(EAP_SERVER_SIM) \
 + || defined(EAP_AKA) || defined(EAP_AKA_DYNAMIC) || defined(EAP_SERVER_AKA)
 +/* EAP_SIM=y EAP_AKA=y */
 +#define CRYPTO_MBEDTLS_FIPS186_2_PRF
 +#endif
 +
  #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) \
   || defined(EAP_TEAP) || defined(EAP_TEAP_DYNAMIC) || defined(EAP_SERVER_FAST)
  #define CRYPTO_MBEDTLS_SHA1_T_PRF
 @@ -813,6 +819,60 @@ int sha1_t_prf(const u8 *key, size_t key

  #endif /* CRYPTO_MBEDTLS_SHA1_T_PRF */

 +#ifdef CRYPTO_MBEDTLS_FIPS186_2_PRF
 +
 +/* fips_prf_internal.c sha1-internal.c */
 +
 +/* used only by src/eap_common/eap_sim_common.c:eap_sim_prf()
 + * for eap_sim_derive_keys() and eap_sim_derive_keys_reauth()
 + * where xlen is 160 */
 +
 +int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
 +{
 +	/* FIPS 186-2 + change notice 1 */
 +
 +	mbedtls_sha1_context ctx;
 +	u8 * const xkey = ctx.MBEDTLS_PRIVATE(buffer);
 +	u32 * const xstate = ctx.MBEDTLS_PRIVATE(state);
 +	const u32 xstate_init[] =
 +	  { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 };
 +
 +	mbedtls_sha1_init(&ctx);
 +	os_memcpy(xkey, seed, seed_len < 64 ? seed_len : 64);
 +
 +	/* note: does not fill extra bytes if (xlen % 20) (SHA1_MAC_LEN) */
 +	for (; xlen >= 20; xlen -= 20) {
 +		/* XSEED_j = 0 */
 +		/* XVAL = (XKEY + XSEED_j) mod 2^b */
 +
 +		/* w_i = G(t, XVAL) */
 +		os_memcpy(xstate, xstate_init, sizeof(xstate_init));
 +		mbedtls_internal_sha1_process(&ctx, xkey);
 +
 +	  #if __BYTE_ORDER == __LITTLE_ENDIAN
 +		xstate[0] = host_to_be32(xstate[0]);
 +		xstate[1] = host_to_be32(xstate[1]);
 +		xstate[2] = host_to_be32(xstate[2]);
 +		xstate[3] = host_to_be32(xstate[3]);
 +		xstate[4] = host_to_be32(xstate[4]);
 +	  #endif
 +		os_memcpy(x, xstate, 20);
 +		if (xlen == 20) /*(done; skip prep for next loop)*/
 +			break;
 +
 +		/* XKEY = (1 + XKEY + w_i) mod 2^b */
 +		for (u32 carry = 1, k = 20; k-- > 0; carry >>= 8)
 +			xkey[k] = (carry += xkey[k] + x[k]) & 0xff;
 +		x += 20;
 +		/* x_j = w_0|w_1 (each pair of iterations through loop)*/
 +	}
 +
 +	mbedtls_sha1_free(&ctx);
 +	return 0;
 +}
 +
 +#endif /* CRYPTO_MBEDTLS_FIPS186_2_PRF */
 +
  #endif /* MBEDTLS_SHA1_C */


 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
 @@ -1174,10 +1174,6 @@ endif
  OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
  OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
  OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
 -ifdef NEED_FIPS186_2_PRF
 -OBJS += ../src/crypto/fips_prf_internal.o
 -SHA1OBJS += ../src/crypto/sha1-internal.o
 -endif
  ifeq ($(CONFIG_CRYPTO), mbedtls)
  LIBS += -lmbedcrypto
  LIBS_p += -lmbedcrypto
	From c8dba4bd750269bcc80fed3d546e2077cb4cdf0e Mon Sep 17 00:00:00 2001
	From: Glenn Strauss <gstrauss@gluelogic.com>
	Date: Tue, 19 Jul 2022 20:02:21 -0400
	Subject: [PATCH 2/7] mbedtls: fips186_2_prf()

	Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
	---
	hostapd/Makefile \| 4 ---
	src/crypto/crypto_mbedtls.c \| 60 +++++++++++++++++++++++++++++++++++++
	wpa_supplicant/Makefile \| 4 ---
	3 files changed, 60 insertions(+), 8 deletions(-)

	--- a/hostapd/Makefile
	+++ b/hostapd/Makefile
	@@ -759,10 +759,6 @@ endif
	OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
	HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
	SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
	-ifdef NEED_FIPS186_2_PRF
	-OBJS += ../src/crypto/fips_prf_internal.o
	-SHA1OBJS += ../src/crypto/sha1-internal.o
	-endif
	ifeq ($(CONFIG_CRYPTO), mbedtls)
	ifdef CONFIG_DPP
	LIBS += -lmbedx509
	--- a/src/crypto/crypto_mbedtls.c
	+++ b/src/crypto/crypto_mbedtls.c
	@@ -132,6 +132,12 @@
	#define CRYPTO_MBEDTLS_HMAC_KDF_SHA512
	#endif

	+#if defined(EAP_SIM) \|\| defined(EAP_SIM_DYNAMIC) \|\| defined(EAP_SERVER_SIM) \
	+ \|\| defined(EAP_AKA) \|\| defined(EAP_AKA_DYNAMIC) \|\| defined(EAP_SERVER_AKA)
	+/* EAP_SIM=y EAP_AKA=y */
	+#define CRYPTO_MBEDTLS_FIPS186_2_PRF
	+#endif
	+
	#if defined(EAP_FAST) \|\| defined(EAP_FAST_DYNAMIC) \|\| defined(EAP_SERVER_FAST) \
	\|\| defined(EAP_TEAP) \|\| defined(EAP_TEAP_DYNAMIC) \|\| defined(EAP_SERVER_FAST)
	#define CRYPTO_MBEDTLS_SHA1_T_PRF
	@@ -813,6 +819,60 @@ int sha1_t_prf(const u8 *key, size_t key

	#endif /* CRYPTO_MBEDTLS_SHA1_T_PRF */

	+#ifdef CRYPTO_MBEDTLS_FIPS186_2_PRF
	+
	+/* fips_prf_internal.c sha1-internal.c */
	+
	+/* used only by src/eap_common/eap_sim_common.c:eap_sim_prf()
	+ * for eap_sim_derive_keys() and eap_sim_derive_keys_reauth()
	+ * where xlen is 160 */
	+
	+int fips186_2_prf(const u8 seed, size_t seed_len, u8 x, size_t xlen)
	+{
	+ /* FIPS 186-2 + change notice 1 */
	+
	+ mbedtls_sha1_context ctx;
	+ u8 * const xkey = ctx.MBEDTLS_PRIVATE(buffer);
	+ u32 * const xstate = ctx.MBEDTLS_PRIVATE(state);
	+ const u32 xstate_init[] =
	+ { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 };
	+
	+ mbedtls_sha1_init(&ctx);
	+ os_memcpy(xkey, seed, seed_len < 64 ? seed_len : 64);
	+
	+ /* note: does not fill extra bytes if (xlen % 20) (SHA1_MAC_LEN) */
	+ for (; xlen >= 20; xlen -= 20) {
	+ /* XSEED_j = 0 */
	+ /* XVAL = (XKEY + XSEED_j) mod 2^b */
	+
	+ /* w_i = G(t, XVAL) */
	+ os_memcpy(xstate, xstate_init, sizeof(xstate_init));
	+ mbedtls_internal_sha1_process(&ctx, xkey);
	+
	+ #if __BYTE_ORDER == __LITTLE_ENDIAN
	+ xstate[0] = host_to_be32(xstate[0]);
	+ xstate[1] = host_to_be32(xstate[1]);
	+ xstate[2] = host_to_be32(xstate[2]);
	+ xstate[3] = host_to_be32(xstate[3]);
	+ xstate[4] = host_to_be32(xstate[4]);
	+ #endif
	+ os_memcpy(x, xstate, 20);
	+ if (xlen == 20) /(done; skip prep for next loop)/
	+ break;
	+
	+ /* XKEY = (1 + XKEY + w_i) mod 2^b */
	+ for (u32 carry = 1, k = 20; k-- > 0; carry >>= 8)
	+ xkey[k] = (carry += xkey[k] + x[k]) & 0xff;
	+ x += 20;
	+ /* x_j = w_0\|w_1 (each pair of iterations through loop)*/
	+ }
	+
	+ mbedtls_sha1_free(&ctx);
	+ return 0;
	+}
	+
	+#endif /* CRYPTO_MBEDTLS_FIPS186_2_PRF */
	+
	#endif /* MBEDTLS_SHA1_C */


	--- a/wpa_supplicant/Makefile
	+++ b/wpa_supplicant/Makefile
	@@ -1174,10 +1174,6 @@ endif
	OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
	OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
	OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
	-ifdef NEED_FIPS186_2_PRF
	-OBJS += ../src/crypto/fips_prf_internal.o
	-SHA1OBJS += ../src/crypto/sha1-internal.o
	-endif
	ifeq ($(CONFIG_CRYPTO), mbedtls)
	LIBS += -lmbedcrypto
	LIBS_p += -lmbedcrypto