{"id":2218809,"url":"http://patchwork.ozlabs.org/api/1.0/patches/2218809/?format=json","project":{"id":22,"url":"http://patchwork.ozlabs.org/api/1.0/projects/22/?format=json","name":"HostAP Development","link_name":"hostap","list_id":"hostap.lists.infradead.org","list_email":"hostap@lists.infradead.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20260401220220.4418-21-andrei.otcheretianski@intel.com>","date":"2026-04-01T22:01:29","name":"[20/71] crypto: Add pbkdf2_sha256() and pbkdf2_sha384() functions","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"84fa722a13729740d2616aece20e6606d75ba6b3","submitter":{"id":62065,"url":"http://patchwork.ozlabs.org/api/1.0/people/62065/?format=json","name":"Andrei Otcheretianski","email":"andrei.otcheretianski@intel.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/hostap/patch/20260401220220.4418-21-andrei.otcheretianski@intel.com/mbox/","series":[{"id":498402,"url":"http://patchwork.ozlabs.org/api/1.0/series/498402/?format=json","date":"2026-04-01T22:01:09","name":"NAN Data Path and Bootstrapping support","version":1,"mbox":"http://patchwork.ozlabs.org/series/498402/mbox/"}],"check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2218809/checks/","tags":{},"headers":{"Return-Path":"\n <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n secure) header.d=lists.infradead.org header.i=@lists.infradead.org\n header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Um2juAic;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256\n header.s=Intel header.b=LyTYcFSP;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=none (no SPF record) smtp.mailfrom=lists.infradead.org\n (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;\n envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from bombadil.infradead.org (bombadil.infradead.org\n [IPv6:2607:7c80:54:3::133])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fmJwk1HGvz1yFv\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 02 Apr 2026 09:06:30 +1100 (AEDT)","from localhost ([::1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1w83hF-0000000GAUG-17zo;\n\tWed, 01 Apr 2026 22:05:57 +0000","from mgamail.intel.com ([198.175.65.20])\n\tby bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1w83gt-0000000G9xK-3itB\n\tfor hostap@lists.infradead.org;\n\tWed, 01 Apr 2026 22:05:37 +0000","from fmviesa003.fm.intel.com ([10.60.135.143])\n  by orvoesa112.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 01 Apr 2026 15:05:35 -0700","from iapp347.iil.intel.com (HELO 87c02287900a.iil.intel.com)\n ([10.167.28.6])\n  by fmviesa003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 01 Apr 2026 15:05:34 -0700"],"DKIM-Signature":["v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20210309; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:\n\tList-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:\n\tMessage-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description:\n\tResent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:\n\tList-Owner; bh=9LUM1N0HS7/4vGovDeO9fb5VqSMTAG6/NboDa8vXwQA=; b=Um2juAic4elsOM\n\t5wBSkWbWhfHwZN+tRYesxfy/N8j0XnfEVmY6AWR0JMirNAzgSYtHn6yLzLHAx+1gg2wjXjT+7dk6i\n\tnXeCD7d510JJNGt2g5IWv7IrUshtQJAiWhtagksdlMu2/aqknfQr1lZoi06f1QVKpTfS/+8nMhx0f\n\tR3pc7a0N8xt1fWsF8+BaMvFaf8nq9H1HTjDFpGzKBbTkMzgH8tgJJf2gJ55koXH066AzUxAmC20Pi\n\tW901ABgbKnVg/TcVPBwJvOdMWVNDWA0THxGkygxmzFc1cdApbu+wCuThkvt7wPHqt8uoKcuHMHWun\n\tZKqZc0WVYj7P1aFUMCgg==;","v=1; a=rsa-sha256; c=relaxed/simple;\n  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n  t=1775081136; x=1806617136;\n  h=from:to:subject:date:message-id:in-reply-to:references:\n   mime-version:content-transfer-encoding;\n  bh=5R6OZtxFhPpMd7fQ5VpSfPbikMXIZuZWgaaa9KbMwx8=;\n  b=LyTYcFSPhhEruKmrn0ZzORbzrNqrTLGS3ndFCmlYIxJtdCkfpOE/x4xn\n   aHNPVyLBNW3aetsS53yk/hxARy/Ad7x1RY/SuEZ4MUN0PvQeZZSaAmeCL\n   7tAf2ik3B7A/8r2ujgbFjskRsTTRtKSfwe7stOwQCMyWGD5RNRUAs8Kv5\n   Ic8AWyGrFsxVw1xQukBZ1jpgr+aooRD11z8NXVMgtBRs5Ot9CpX4dvID0\n   +GfWr2/ZNXKlW5FnupfrvWB/Cdn0T2Mr+cCh2+wmvrlsj5uUFlQ3VNLZu\n   qXDwSqSdn5B44oPiOntpuVapxJuWSoG5TeMY+YQF9Zw0v8GhCQbqy9zfm\n   Q==;"],"X-CSE-ConnectionGUID":["iXQwUJLfQemM1gCzkcOF1g==","V0jDmaspRw6nnhWdMAVU+g=="],"X-CSE-MsgGUID":["XsbHxlK5SSOF6LvfG0/WkQ==","b5ezcCAHTPONH++Yg+tN4w=="],"X-IronPort-AV":["E=McAfee;i=\"6800,10657,11746\"; a=\"75851595\"","E=Sophos;i=\"6.23,153,1770624000\";\n   d=\"scan'208\";a=\"75851595\""],"X-ExtLoop1":"1","From":"Andrei Otcheretianski <andrei.otcheretianski@intel.com>","To":"hostap@lists.infradead.org","Subject":"[PATCH 20/71] crypto: Add pbkdf2_sha256() and pbkdf2_sha384()\n functions","Date":"Thu,  2 Apr 2026 01:01:29 +0300","Message-ID":"<20260401220220.4418-21-andrei.otcheretianski@intel.com>","X-Mailer":"git-send-email 2.53.0","In-Reply-To":"<20260401220220.4418-1-andrei.otcheretianski@intel.com>","References":"<20260401220220.4418-1-andrei.otcheretianski@intel.com>","MIME-Version":"1.0","X-CRM114-Version":"20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ","X-CRM114-CacheID":"sfid-20260401_150535_995137_FB2C0D58 ","X-CRM114-Status":"GOOD (  10.56  )","X-Spam-Score":"-1.9 (-)","X-Spam-Report":"Spam detection software,\n running on the system \"bombadil.infradead.org\",\n has NOT identified this incoming email as spam.  The original\n message has been attached to this so you can view it or label\n similar future email.  If you have any questions, see\n the administrator of that system for details.\n Content preview:  These functions are required for ND-PMK derivation for NAN\n    as defined in Annex M and chapter 7.1.2 of Wi-Fi Aware Specification v4.0.\n    Implement these functions for openssl. Signed-off-by: Andrei\n Otcheretianski\n    <andrei.otcheretianski@intel.com> --- src/crypto/crypto_openssl.c | 30\n ++++++++++++++++++++++++++++++\n    src/crypto/sha256.h | 3 ++- src/crypto/sha384.h | 2 ++ 3 file [...]\n Content analysis details:   (-1.9 points, 5.0 required)\n  pts rule name              description\n ---- ----------------------\n --------------------------------------------------\n -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,\n                             medium trust\n                             [198.175.65.20 listed in list.dnswl.org]\n  1.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to\n                              Validity was blocked.  See\n                             https://knowledge.validity.com/hc/en-us/articles/20961730681243\n                              for more information.\n                             [198.175.65.20 listed in\n bl.score.senderscore.com]\n  1.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The\n                             query to Validity was blocked.  See\n                             https://knowledge.validity.com/hc/en-us/articles/20961730681243\n                              for more information.\n                          [198.175.65.20 listed in\n sa-trusted.bondedsender.org]\n  1.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to\n                              Validity was blocked.  See\n                             https://knowledge.validity.com/hc/en-us/articles/20961730681243\n                              for more information.\n                             [198.175.65.20 listed in sa-accredit.habeas.com]\n  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record\n -0.0 SPF_PASS               SPF: sender matches SPF record\n  0.1 DKIM_SIGNED            Message has a DKIM or DK signature,\n not necessarily valid\n -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from\n                             envelope-from domain\n -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from\n author's\n                             domain\n -0.1 DKIM_VALID             Message has at least one valid DKIM or DK\n signature\n -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%\n                             [score: 0.0000]\n -0.5 DKIMWL_WL_HIGH         DKIMwl.org - High trust sender","X-BeenThere":"hostap@lists.infradead.org","X-Mailman-Version":"2.1.34","Precedence":"list","List-Id":"<hostap.lists.infradead.org>","List-Unsubscribe":"<http://lists.infradead.org/mailman/options/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=unsubscribe>","List-Archive":"<http://lists.infradead.org/pipermail/hostap/>","List-Post":"<mailto:hostap@lists.infradead.org>","List-Help":"<mailto:hostap-request@lists.infradead.org?subject=help>","List-Subscribe":"<http://lists.infradead.org/mailman/listinfo/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=subscribe>","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Sender":"\"Hostap\" <hostap-bounces@lists.infradead.org>","Errors-To":"hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org"},"content":"These functions are required for ND-PMK derivation for NAN as defined in\nAnnex M and chapter 7.1.2 of Wi-Fi Aware Specification v4.0.\nImplement these functions for openssl.\n\nSigned-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>\n---\n src/crypto/crypto_openssl.c | 30 ++++++++++++++++++++++++++++++\n src/crypto/sha256.h         |  3 ++-\n src/crypto/sha384.h         |  2 ++\n 3 files changed, 34 insertions(+), 1 deletion(-)","diff":"diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c\nindex dad48e0461..b38d472706 100644\n--- a/src/crypto/crypto_openssl.c\n+++ b/src/crypto/crypto_openssl.c\n@@ -1881,6 +1881,36 @@ int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len,\n }\n \n \n+#ifdef CONFIG_SHA256\n+\n+int pbkdf2_sha256(const char *passphrase, const u8 *salt, size_t salt_len,\n+\t\t  int iterations, u8 *buf, size_t buflen)\n+{\n+\tif (PKCS5_PBKDF2_HMAC(passphrase, os_strlen(passphrase), salt,\n+\t\t\t      salt_len, iterations, EVP_sha256(), buflen,\n+\t\t\t      buf) != 1)\n+\t\treturn -1;\n+\treturn 0;\n+}\n+\n+#endif /* CONFIG_SHA256 */\n+\n+\n+#ifdef CONFIG_SHA384\n+\n+int pbkdf2_sha384(const char *passphrase, const u8 *salt, size_t salt_len,\n+\t\t  int iterations, u8 *buf, size_t buflen)\n+{\n+\tif (PKCS5_PBKDF2_HMAC(passphrase, os_strlen(passphrase), salt,\n+\t\t\t      salt_len, iterations, EVP_sha384(), buflen,\n+\t\t\t      buf) != 1)\n+\t\treturn -1;\n+\treturn 0;\n+}\n+\n+#endif /* CONFIG_SHA384 */\n+\n+\n int crypto_get_random(void *buf, size_t len)\n {\n \tif (RAND_bytes(buf, len) != 1)\ndiff --git a/src/crypto/sha256.h b/src/crypto/sha256.h\nindex 8054bbe5c5..d1e84e3528 100644\n--- a/src/crypto/sha256.h\n+++ b/src/crypto/sha256.h\n@@ -26,5 +26,6 @@ int tls_prf_sha256(const u8 *secret, size_t secret_len,\n int hmac_sha256_kdf(const u8 *secret, size_t secret_len,\n \t\t    const char *label, const u8 *seed, size_t seed_len,\n \t\t    u8 *out, size_t outlen);\n-\n+int pbkdf2_sha256(const char *passphrase, const u8 *salt, size_t salt_len,\n+\t\t  int iterations, u8 *buf, size_t buflen);\n #endif /* SHA256_H */\ndiff --git a/src/crypto/sha384.h b/src/crypto/sha384.h\nindex d946907c67..276cdd3770 100644\n--- a/src/crypto/sha384.h\n+++ b/src/crypto/sha384.h\n@@ -26,5 +26,7 @@ int tls_prf_sha384(const u8 *secret, size_t secret_len,\n int hmac_sha384_kdf(const u8 *secret, size_t secret_len,\n \t\t    const char *label, const u8 *seed, size_t seed_len,\n \t\t    u8 *out, size_t outlen);\n+int pbkdf2_sha384(const char *passphrase, const u8 *salt, size_t salt_len,\n+\t\t  int iterations, u8 *buf, size_t buflen);\n \n #endif /* SHA384_H */\n","prefixes":["20/71"]}