projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Don't search in local directories for include files.
[tinc]
/
src
/
openssl
/
prf.c
diff --git
a/src/openssl/prf.c
b/src/openssl/prf.c
index
2830d60
..
4f5a52b
100644
(file)
--- a/
src/openssl/prf.c
+++ b/
src/openssl/prf.c
@@
-1,6
+1,6
@@
/*
prf.c -- Pseudo-Random Function for key material generation
/*
prf.c -- Pseudo-Random Function for key material generation
- Copyright (C) 2011 Guus Sliepen <guus@tinc-vpn.org>
+ Copyright (C) 2011
-2013
Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@
-17,25
+17,30
@@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#include "system.h"
+#include "../system.h"
+
+#include <openssl/obj_mac.h>
#include "digest.h"
#include "digest.h"
-#include "prf.h"
+#include "../digest.h"
+#include "../prf.h"
-/* Generate key material from a master secret and a seed, based on RFC
2246
.
- We use SHA512
and Whirlpool
instead of MD5 and SHA1.
+/* Generate key material from a master secret and a seed, based on RFC
4346 section 5
.
+ We use SHA512 instead of MD5 and SHA1.
*/
*/
-static bool prf_xor(int nid, char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, ssize_t outlen) {
- digest_t
digest
;
-
- if(!digest
_open_by_nid(&digest, nid, 0)
)
+static bool prf_xor(int nid, c
onst c
har *secret, size_t secretlen, char *seed, size_t seedlen, char *out, ssize_t outlen) {
+ digest_t
*digest = digest_open_by_nid(nid, -1)
;
+
+ if(!digest)
return false;
return false;
- if(!digest_set_key(&digest, secret, secretlen))
+ if(!digest_set_key(digest, secret, secretlen)) {
+ digest_close(digest);
return false;
return false;
+ }
- size_t len = digest_length(
&
digest);
+ size_t len = digest_length(digest);
/* Data is what the "inner" HMAC function processes.
It consists of the previous HMAC result plus the seed.
/* Data is what the "inner" HMAC function processes.
It consists of the previous HMAC result plus the seed.
@@
-49,10
+54,16
@@
static bool prf_xor(int nid, char *secret, size_t secretlen, char *seed, size_t
while(outlen > 0) {
/* Inner HMAC */
while(outlen > 0) {
/* Inner HMAC */
- digest_create(&digest, data, len + seedlen, data);
+ if(!digest_create(digest, data, len + seedlen, data)) {
+ digest_close(digest);
+ return false;
+ }
/* Outer HMAC */
/* Outer HMAC */
- digest_create(&digest, data, len + seedlen, hash);
+ if(!digest_create(digest, data, len + seedlen, hash)) {
+ digest_close(digest);
+ return false;
+ }
/* XOR the results of the outer HMAC into the out buffer */
for(int i = 0; i < len && i < outlen; i++)
/* XOR the results of the outer HMAC into the out buffer */
for(int i = 0; i < len && i < outlen; i++)
@@
-61,16
+72,13
@@
static bool prf_xor(int nid, char *secret, size_t secretlen, char *seed, size_t
outlen -= len;
}
outlen -= len;
}
- digest_close(
&
digest);
+ digest_close(digest);
return true;
}
return true;
}
-bool prf(char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
- /* Split secret in half, generate outlen bits with two different hash algorithms,
- and XOR the results. */
-
+bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+ /* This construction allows us to easily switch back to a scheme where the PRF is calculated using two different digest algorithms. */
memset(out, 0, outlen);
memset(out, 0, outlen);
- return prf_xor(NID_sha512, secret, secretlen / 2, seed, seedlen, out, outlen)
- && prf_xor(NID_whirlpool, secret, secretlen / 2, seed, seedlen, out, outlen);
+ return prf_xor(NID_sha512, secret, secretlen, seed, seedlen, out, outlen);
}
}