From 915fb4dfe26d52e8c98e0886fa029abf93db4ef2 Mon Sep 17 00:00:00 2001 From: jgujarathi Date: Tue, 30 Aug 2022 11:24:18 +0530 Subject: [PATCH] Removed some occurences of the RC4 cipher suite(deprecated now) --- .../mbedtls/port/include/mbedtls/esp_config.h | 13 ----- .../src/crypto/crypto_mbedtls.c | 48 ------------------- 2 files changed, 61 deletions(-) diff --git a/components/mbedtls/port/include/mbedtls/esp_config.h b/components/mbedtls/port/include/mbedtls/esp_config.h index 44f26cffaca..4a8387ba8b6 100644 --- a/components/mbedtls/port/include/mbedtls/esp_config.h +++ b/components/mbedtls/port/include/mbedtls/esp_config.h @@ -1705,19 +1705,6 @@ #undef MBEDTLS_DES_C #endif -/** - * \def MBEDTLS_ARC4_C - * - * NOTE: mbedTLS-3.x release has removed support for RC4 cipher-suite. - * TODO: IDF-4983 - * - * Following option is kept as there are a few places in the - * WPA supplicant component in ESP-IDF that relies on this config. - * This shall be removed once the RC4 cipher-suite support is cleanly - * removed from WPA supplicant component. - */ -#undef MBEDTLS_ARC4_C - /** * \def MBEDTLS_DHM_C * diff --git a/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c b/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c index f11103d99bc..881e7079f1d 100644 --- a/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c +++ b/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c @@ -36,10 +36,6 @@ #include "crypto.h" #include "mbedtls/esp_config.h" -#ifdef MBEDTLS_ARC4_C -#include "mbedtls/arc4.h" -#endif - static int digest_vector(mbedtls_md_type_t md_type, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { @@ -526,10 +522,6 @@ static mbedtls_cipher_type_t alg_to_mbedtls_cipher(enum crypto_cipher_alg alg, size_t key_len) { switch (alg) { -#ifdef MBEDTLS_ARC4_C - case CRYPTO_CIPHER_ALG_RC4: - return MBEDTLS_CIPHER_ARC4_128; -#endif case CRYPTO_CIPHER_ALG_AES: if (key_len == 16) { return MBEDTLS_CIPHER_AES_128_CBC; @@ -867,46 +859,6 @@ int aes_ccm_ad(const u8 *key, size_t key_len, const u8 *nonce, } #endif -#ifdef MBEDTLS_ARC4_C -int rc4_skip(const u8 *key, size_t keylen, size_t skip, - u8 *data, size_t data_len) -{ - int ret; - unsigned char skip_buf_in[16]; - unsigned char skip_buf_out[16]; - mbedtls_arc4_context ctx; - unsigned char *obuf = os_malloc(data_len); - - if (!obuf) { - wpa_printf(MSG_ERROR, "%s:memory allocation failed", __func__); - return -1; - } - mbedtls_arc4_init(&ctx); - mbedtls_arc4_setup(&ctx, key, keylen); - while (skip >= sizeof(skip_buf_in)) { - size_t len = skip; - if (len > sizeof(skip_buf_in)) { - len = sizeof(skip_buf_in); - } - if ((ret = mbedtls_arc4_crypt(&ctx, len, skip_buf_in, - skip_buf_out)) != 0) { - wpa_printf(MSG_ERROR, "rc4 encryption failed"); - os_free(obuf); - return -1; - } - os_memcpy(skip_buf_in, skip_buf_out, 16); - skip -= len; - } - - mbedtls_arc4_crypt(&ctx, data_len, data, obuf); - - memcpy(data, obuf, data_len); - os_free(obuf); - - return 0; -} -#endif - #ifdef MBEDTLS_CMAC_C int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)