Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1

[tinc] / src / openssl / prf.c

diff --git a/src/openssl/prf.c b/src/openssl/prf.c
index 2830d60..1c432c7 100644 (file)
--- a/src/openssl/prf.c
+++ b/src/openssl/prf.c
@@ -19,17 +19,19 @@
 
 #include "system.h"
 
+#include <openssl/obj_mac.h>
+
 #include "digest.h"
 #include "prf.h"
 
-/* Generate key material from a master secret and a seed, based on RFC 2246.
-   We use SHA512 and Whirlpool instead of MD5 and SHA1.
+/* Generate key material from a master secret and a seed, based on RFC 4346 section 5.
+   We use SHA512 instead of MD5 and SHA1.
  */
 
-static bool prf_xor(int nid, char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, ssize_t outlen) {
+static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, ssize_t outlen) {
        digest_t digest;
        
-       if(!digest_open_by_nid(&digest, nid, 0))
+       if(!digest_open_by_nid(&digest, nid, -1))
                return false;
 
        if(!digest_set_key(&digest, secret, secretlen))
@@ -65,12 +67,9 @@ static bool prf_xor(int nid, char *secret, size_t secretlen, char *seed, size_t
        return true;
 }
 
-bool prf(char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
-       /* Split secret in half, generate outlen bits with two different hash algorithms,
-          and XOR the results. */
-
+bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+       /* This construction allows us to easily switch back to a scheme where the PRF is calculated using two different digest algorithms. */
        memset(out, 0, outlen);
 
-       return prf_xor(NID_sha512, secret, secretlen / 2, seed, seedlen, out, outlen)
-               && prf_xor(NID_whirlpool, secret, secretlen / 2, seed, seedlen, out, outlen);
+       return prf_xor(NID_sha512, secret, secretlen, seed, seedlen, out, outlen);
 }