libsec: generalize pbkdf2_hmac_sha1() to pbkdf2_x() passing the hmac as an argument

sys/include/libsec.h

@@ -454,12 +454,13 @@ mpint* dh_new(DHstate *dh, mpint *p, mpint *q, mpint *g);
 /* calculate shared key: k = y**x % p */
 mpint* dh_finish(DHstate *dh, mpint *y);
 
-/* password-based key derivation function 2 (RFC 2898) */
-void pbkdf2_hmac_sha1(uchar *p, ulong plen, uchar *s, ulong slen, ulong rounds, uchar *d, ulong dlen);
-
 /* Curve25519 elliptic curve, public key function */
 void curve25519(uchar mypublic[32], uchar secret[32], uchar basepoint[32]);
 
 /* Curve25519 diffie hellman */
 void curve25519_dh_new(uchar x[32], uchar y[32]);
 void curve25519_dh_finish(uchar x[32], uchar y[32], uchar z[32]);
+
+/* password-based key derivation function 2 (rfc2898) */
+void pbkdf2_x(uchar *p, ulong plen, uchar *s, ulong slen, ulong rounds, uchar *d, ulong dlen,
+	DigestState* (*x)(uchar*, ulong, uchar*, ulong, uchar*, DigestState*), int xlen);

sys/src/cmd/auth/factotum/wpapsk.c

@@ -63,7 +63,7 @@ pass2pmk(char *pass, char *ssid, uchar pmk[PMKlen])
 {
 	if(hextob(pass, nil, pmk, PMKlen) == PMKlen)
 		return;
-	pbkdf2_hmac_sha1((uchar*)pass, strlen(pass), (uchar*)ssid, strlen(ssid), 4096, pmk, PMKlen);
+	pbkdf2_x((uchar*)pass, strlen(pass), (uchar*)ssid, strlen(ssid), 4096, pmk, PMKlen, hmac_sha1, SHA1dlen);
 }
 
 static void

sys/src/libauthsrv/passtokey.c

@@ -36,7 +36,7 @@ static void
 passtoaeskey(uchar *key, char *p)
 {
 	static char salt[] = "Plan 9 key derivation";
-	pbkdf2_hmac_sha1((uchar*)p, strlen(p), (uchar*)salt, sizeof(salt)-1, 9001, key, AESKEYLEN);
+	pbkdf2_x((uchar*)p, strlen(p), (uchar*)salt, sizeof(salt)-1, 9001, key, AESKEYLEN, hmac_sha1, SHA1dlen);
 }
 
 void

sys/src/libsec/port/pbkdf2.c

@@ -2,28 +2,34 @@
 #include <mp.h>
 #include <libsec.h>
 
+/* rfc2898 */
 void
-pbkdf2_hmac_sha1(uchar *p, ulong plen, uchar *s, ulong slen, ulong rounds, uchar *d, ulong dlen)
+pbkdf2_x(p, plen, s, slen, rounds, d, dlen, x, xlen)
+	uchar *p, *s, *d;
+	ulong plen, slen, dlen, rounds;
+	DigestState* (*x)(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
+	int xlen;
 {
-	uchar block[SHA1dlen], tmp[SHA1dlen], tmp2[SHA1dlen];
+	uchar block[256], tmp[256];
 	ulong i, j, k, n;
 	DigestState *ds;
 
+	assert(xlen <= sizeof(tmp));
+
 	for(i = 1; dlen > 0; i++, d += n, dlen -= n){
 		tmp[3] = i;
 		tmp[2] = i >> 8;
 		tmp[1] = i >> 16;
 		tmp[0] = i >> 24;
-		ds = hmac_sha1(s, slen, p, plen, nil, nil);
+		ds = (*x)(s, slen, p, plen, nil, nil);
-		hmac_sha1(tmp, 4, p, plen, block, ds);
+		(*x)(tmp, 4, p, plen, block, ds);
-		memmove(tmp, block, sizeof(tmp));
+		memmove(tmp, block, xlen);
 		for(j = 1; j < rounds; j++){
-			hmac_sha1(tmp, sizeof(tmp), p, plen, tmp2, nil);
+			(*x)(tmp, xlen, p, plen, tmp, nil);
-			memmove(tmp, tmp2, sizeof(tmp));
+			for(k=0; k<xlen; k++)
-			for(k=0; k<sizeof(tmp); k++)
 				block[k] ^= tmp[k];
 		}
-		n = dlen > sizeof(block) ? sizeof(block) : dlen;
+		n = dlen > xlen ? xlen : dlen;
 		memmove(d, block, n); 
 	}
 }