Data Structures | Defines | Functions | Variables
sha1.h File Reference

SHA-1 algorithm. More...

#include <stdint.h>
#include <ipxe/crypto.h>

Go to the source code of this file.

Data Structures

struct  sha1_digest
 An SHA-1 digest. More...
union  sha1_block
 An SHA-1 data block. More...
struct  sha1_digest_data
 SHA-1 digest and data block. More...
union  sha1_digest_data_dwords
 SHA-1 digest and data block. More...
struct  sha1_context
 An SHA-1 context. More...


#define SHA1_CTX_SIZE   sizeof ( struct sha1_context )
 SHA-1 context size.
#define SHA1_DIGEST_SIZE   sizeof ( struct sha1_digest )
 SHA-1 digest size.


struct sha1_digest_data __attribute__ ((packed))
void prf_sha1 (const void *key, size_t key_len, const char *label, const void *data, size_t data_len, void *prf, size_t prf_len)
 SHA1 pseudorandom function for creating derived keys.
void pbkdf2_sha1 (const void *passphrase, size_t pass_len, const void *salt, size_t salt_len, int iterations, void *key, size_t key_len)
 PBKDF2 key derivation function using SHA1.


struct sha1_digest digest
 Digest of data already processed.
union sha1_block data
 Accumulated data.
union sha1_digest_data_dwords __attribute__
size_t len
 Amount of accumulated data.
union sha1_digest_data_dwords ddd
 Digest and accumulated data.
struct digest_algorithm sha1_algorithm
 SHA-1 algorithm.

Detailed Description

SHA-1 algorithm.

Definition in file sha1.h.

Define Documentation

#define SHA1_CTX_SIZE   sizeof ( struct sha1_context )

SHA-1 context size.

Definition at line 66 of file sha1.h.

Referenced by ccmp_kie_mic(), ocsp_compare_responder_key_hash(), pbkdf2_sha1_f(), and prf_sha1().

#define SHA1_DIGEST_SIZE   sizeof ( struct sha1_digest )

SHA-1 digest size.

Definition at line 69 of file sha1.h.

Function Documentation

struct sha1_digest_data __attribute__ ( (packed)  )
void prf_sha1 ( const void *  key,
size_t  key_len,
const char *  label,
const void *  data,
size_t  data_len,
void *  prf,
size_t  prf_len 

SHA1 pseudorandom function for creating derived keys.

keyMaster key with which this call is associated
key_lenLength of key
labelNUL-terminated ASCII string describing purpose of PRF data
dataFurther data that should be included in the PRF
data_lenLength of further PRF data
prf_lenBytes of PRF to generate
Return values:
prfPseudorandom function bytes

This is the PRF variant used by 802.11, defined in IEEE 802.11-2007 EAP-FAST uses a different SHA1-based PRF, and TLS uses an MD5-based PRF.

Definition at line 44 of file sha1extra.c.

References hmac_final(), hmac_init(), hmac_update(), in, memcpy(), out, sha1_algorithm, SHA1_CTX_SIZE, SHA1_DIGEST_SIZE, and strlen().

Referenced by wpa_derive_ptk().

        u32 blk;
        u8 keym[key_len];       /* modifiable copy of key */
        u8 in[strlen ( label ) + 1 + data_len + 1]; /* message to HMAC */
        u8 *in_blknr;           /* pointer to last byte of in, block number */
        u8 out[SHA1_DIGEST_SIZE]; /* HMAC-SHA1 result */
        u8 sha1_ctx[SHA1_CTX_SIZE]; /* SHA1 context */
        const size_t label_len = strlen ( label );

        /* The HMAC-SHA-1 is calculated using the given key on the
           message text `label', followed by a NUL, followed by one
           byte indicating the block number (0 for first). */

        memcpy ( keym, key, key_len );

        memcpy ( in, label, strlen ( label ) + 1 );
        memcpy ( in + label_len + 1, data, data_len );
        in_blknr = in + label_len + 1 + data_len;

        for ( blk = 0 ;; blk++ ) {
                *in_blknr = blk;

                hmac_init ( &sha1_algorithm, sha1_ctx, keym, &key_len );
                hmac_update ( &sha1_algorithm, sha1_ctx, in, sizeof ( in ) );
                hmac_final ( &sha1_algorithm, sha1_ctx, keym, &key_len, out );

                if ( prf_len <= sizeof ( out ) ) {
                        memcpy ( prf, out, prf_len );

                memcpy ( prf, out, sizeof ( out ) );
                prf_len -= sizeof ( out );
                prf += sizeof ( out );
void pbkdf2_sha1 ( const void *  passphrase,
size_t  pass_len,
const void *  salt,
size_t  salt_len,
int  iterations,
void *  key,
size_t  key_len 

PBKDF2 key derivation function using SHA1.

passphrasePassphrase from which to derive key
pass_lenLength of passphrase
saltSalt to include in key
salt_lenLength of salt
iterationsNumber of iterations of SHA1 to perform
key_lenLength of key to generate
Return values:
keyGenerated key bytes

This is used most notably in 802.11 WPA passphrase hashing, in which case the salt is the SSID, 4096 iterations are used, and a 32-byte key is generated that serves as the Pairwise Master Key for EAPOL authentication.

The operation of this function is further described in RFC 2898.

Definition at line 148 of file sha1extra.c.

References blocks, memcpy(), pbkdf2_sha1_f(), and SHA1_DIGEST_SIZE.

Referenced by wpa_psk_start().

        u32 blocks = ( key_len + SHA1_DIGEST_SIZE - 1 ) / SHA1_DIGEST_SIZE;
        u32 blk;
        u8 buf[SHA1_DIGEST_SIZE];

        for ( blk = 1; blk <= blocks; blk++ ) {
                pbkdf2_sha1_f ( passphrase, pass_len, salt, salt_len,
                                iterations, blk, buf );
                if ( key_len <= sizeof ( buf ) ) {
                        memcpy ( key, buf, key_len );

                memcpy ( key, buf, sizeof ( buf ) );
                key_len -= sizeof ( buf );
                key += sizeof ( buf );

Variable Documentation

Digest of data already processed.

Definition at line 48 of file sha1.h.

Accumulated data.

Definition at line 50 of file sha1.h.

Amount of accumulated data.

Definition at line 65 of file sha1.h.

Digest and accumulated data.

Definition at line 67 of file sha1.h.