X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fgcrypt%2Fprf.c;h=1e5bb9f9f5d223f242bc8e80aa1612c56da4aff7;hb=2c6b2d70e6640f39563ad7bb0aa0ba87f883848c;hp=1937f67554892d76b999890be47061d3de16868f;hpb=3a316823b971396a428f020f401b9fe41252d98d;p=tinc

diff --git a/src/gcrypt/prf.c b/src/gcrypt/prf.c
index 1937f675..1e5bb9f9 100644
--- a/src/gcrypt/prf.c
+++ b/src/gcrypt/prf.c
@@ -22,46 +22,56 @@
 #include "../prf.h"
 #include "../ed25519/sha512.h"
 
-static void memxor(char *buf, char c, size_t len) {
-	for(size_t i = 0; i < len; i++)
+static void memxor(uint8_t *buf, uint8_t c, size_t len) {
+	for(size_t i = 0; i < len; i++) {
 		buf[i] ^= c;
+	}
 }
 
 static const size_t mdlen = 64;
 static const size_t blklen = 128;
 
-static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) {
-	char tmp[blklen + mdlen];
+static bool hmac_sha512(const uint8_t *key, size_t keylen, const uint8_t *msg, size_t msglen, uint8_t *out) {
+	uint8_t tmp[blklen + mdlen];
 	sha512_context md;
 
 	if(keylen <= blklen) {
 		memcpy(tmp, key, keylen);
 		memset(tmp + keylen, 0, blklen - keylen);
 	} else {
-		if(sha512(key, keylen, tmp) != 0)
+		if(sha512(key, keylen, tmp) != 0) {
 			return false;
+		}
+
 		memset(tmp + mdlen, 0, blklen - mdlen);
 	}
 
-	if(sha512_init(&md) != 0)
+	if(sha512_init(&md) != 0) {
 		return false;
+	}
 
 	// ipad
 	memxor(tmp, 0x36, blklen);
-	if(sha512_update(&md, tmp, blklen) != 0)
+
+	if(sha512_update(&md, tmp, blklen) != 0) {
 		return false;
+	}
 
 	// message
-	if(sha512_update(&md, msg, msglen) != 0)
+	if(sha512_update(&md, msg, msglen) != 0) {
 		return false;
+	}
 
-	if(sha512_final(&md, tmp + blklen) != 0)
+	if(sha512_final(&md, tmp + blklen) != 0) {
 		return false;
+	}
 
 	// opad
 	memxor(tmp, 0x36 ^ 0x5c, blklen);
-	if(sha512(tmp, sizeof(tmp), out) != 0)
+
+	if(sha512(tmp, sizeof(tmp), out) != 0) {
 		return false;
+	}
 
 	return true;
 }
@@ -71,31 +81,36 @@ static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t
    We use SHA512 instead of MD5 and SHA1.
  */
 
-bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
 	/* Data is what the "inner" HMAC function processes.
 	   It consists of the previous HMAC result plus the seed.
 	 */
 
-	char data[mdlen + seedlen];
+	uint8_t data[mdlen + seedlen];
 	memset(data, 0, mdlen);
 	memcpy(data + mdlen, seed, seedlen);
 
-	char hash[mdlen];
+	uint8_t hash[mdlen];
 
 	while(outlen > 0) {
 		/* Inner HMAC */
-		if(!hmac_sha512(secret, secretlen, data, sizeof(data), data))
+		if(!hmac_sha512(secret, secretlen, data, sizeof(data), data)) {
 			return false;
+		}
 
 		/* Outer HMAC */
 		if(outlen >= mdlen) {
-			if(!hmac_sha512(secret, secretlen, data, sizeof(data), out))
+			if(!hmac_sha512(secret, secretlen, data, sizeof(data), out)) {
 				return false;
+			}
+
 			out += mdlen;
 			outlen -= mdlen;
 		} else {
-			if(!hmac_sha512(secret, secretlen, data, sizeof(data), hash))
+			if(!hmac_sha512(secret, secretlen, data, sizeof(data), hash)) {
 				return false;
+			}
+
 			memcpy(out, hash, outlen);
 			out += outlen;
 			outlen = 0;