cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-30 19:20:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Remove calls to xxx_hmac() from SSL modules

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-03-24 18:08:19 +01:00
parent 0a8896ad6f
commit 7da726bb53
2 changed files with 39 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
library/ssl_srv.c
View File

@ -236,7 +236,12 @@ static int ssl_write_ticket( ssl_context *ssl, size_t *tlen )
p = state + enc_len; p = state + enc_len;
/* Compute and write MAC( key_name + iv + enc_state_len + enc_state ) */ /* Compute and write MAC( key_name + iv + enc_state_len + enc_state ) */
sha256_hmac( ssl->ticket_keys->mac_key, 16, start, p - start, p, 0 ); if( ( ret = md_hmac( md_info_from_type( POLARSSL_MD_SHA256 ),
ssl->ticket_keys->mac_key, 16,
start, p - start, p ) ) != 0 )
{
return( ret );
}
p += 32; p += 32;
*tlen = p - start; *tlen = p - start;
@ -282,8 +287,12 @@ static int ssl_parse_ticket( ssl_context *ssl,
/* don't return yet, check the MAC anyway */ /* don't return yet, check the MAC anyway */
/* Check mac, with constant-time buffer comparison */ /* Check mac, with constant-time buffer comparison */
sha256_hmac( ssl->ticket_keys->mac_key, 16, buf, len - 32, if( ( ret = md_hmac( md_info_from_type( POLARSSL_MD_SHA256 ),
computed_mac, 0 ); ssl->ticket_keys->mac_key, 16,
buf, len - 32, computed_mac ) ) != 0 )
{
return( ret );
}
for( i = 0; i < 32; i++ ) for( i = 0; i < 32; i++ )
diff |= mac[i] ^ computed_mac[i]; diff |= mac[i] ^ computed_mac[i];

39
library/ssl_tls.c
View File

@ -276,6 +276,7 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
const unsigned char *S1, *S2; const unsigned char *S1, *S2;
unsigned char tmp[128]; unsigned char tmp[128];
unsigned char h_i[20]; unsigned char h_i[20];
const md_info_t *md_info;
if( sizeof( tmp ) < 20 + strlen( label ) + rlen ) if( sizeof( tmp ) < 20 + strlen( label ) + rlen )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
@ -292,12 +293,15 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
/* /*
* First compute P_md5(secret,label+random)[0..dlen] * First compute P_md5(secret,label+random)[0..dlen]
*/ */
md5_hmac( S1, hs, tmp + 20, nb, 4 + tmp ); if( ( md_info = md_info_from_type( POLARSSL_MD_MD5 ) ) == NULL )
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
md_hmac( md_info, S1, hs, tmp + 20, nb, 4 + tmp );
for( i = 0; i < dlen; i += 16 ) for( i = 0; i < dlen; i += 16 )
{ {
md5_hmac( S1, hs, 4 + tmp, 16 + nb, h_i ); md_hmac( md_info, S1, hs, 4 + tmp, 16 + nb, h_i );
md5_hmac( S1, hs, 4 + tmp, 16, 4 + tmp ); md_hmac( md_info, S1, hs, 4 + tmp, 16, 4 + tmp );
k = ( i + 16 > dlen ) ? dlen % 16 : 16; k = ( i + 16 > dlen ) ? dlen % 16 : 16;
@ -308,12 +312,15 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
/* /*
* XOR out with P_sha1(secret,label+random)[0..dlen] * XOR out with P_sha1(secret,label+random)[0..dlen]
*/ */
sha1_hmac( S2, hs, tmp + 20, nb, tmp ); if( ( md_info = md_info_from_type( POLARSSL_MD_SHA1 ) ) == NULL )
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
md_hmac( md_info, S2, hs, tmp + 20, nb, tmp );
for( i = 0; i < dlen; i += 20 ) for( i = 0; i < dlen; i += 20 )
{ {
sha1_hmac( S2, hs, tmp, 20 + nb, h_i ); md_hmac( md_info, S2, hs, tmp, 20 + nb, h_i );
sha1_hmac( S2, hs, tmp, 20, tmp ); md_hmac( md_info, S2, hs, tmp, 20, tmp );
k = ( i + 20 > dlen ) ? dlen % 20 : 20; k = ( i + 20 > dlen ) ? dlen % 20 : 20;
@ -339,6 +346,7 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen,
size_t i, j, k; size_t i, j, k;
unsigned char tmp[128]; unsigned char tmp[128];
unsigned char h_i[32]; unsigned char h_i[32];
const md_info_t *md_info;
if( sizeof( tmp ) < 32 + strlen( label ) + rlen ) if( sizeof( tmp ) < 32 + strlen( label ) + rlen )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
@ -351,12 +359,15 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen,
/* /*
* Compute P_<hash>(secret, label + random)[0..dlen] * Compute P_<hash>(secret, label + random)[0..dlen]
*/ */
sha256_hmac( secret, slen, tmp + 32, nb, tmp, 0 ); if( ( md_info = md_info_from_type( POLARSSL_MD_SHA256 ) ) == NULL )
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
md_hmac( md_info, secret, slen, tmp + 32, nb, tmp );
for( i = 0; i < dlen; i += 32 ) for( i = 0; i < dlen; i += 32 )
{ {
sha256_hmac( secret, slen, tmp, 32 + nb, h_i, 0 ); md_hmac( md_info, secret, slen, tmp, 32 + nb, h_i );
sha256_hmac( secret, slen, tmp, 32, tmp, 0 ); md_hmac( md_info, secret, slen, tmp, 32, tmp );
k = ( i + 32 > dlen ) ? dlen % 32 : 32; k = ( i + 32 > dlen ) ? dlen % 32 : 32;
@ -381,6 +392,7 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen,
size_t i, j, k; size_t i, j, k;
unsigned char tmp[128]; unsigned char tmp[128];
unsigned char h_i[48]; unsigned char h_i[48];
const md_info_t *md_info;
if( sizeof( tmp ) < 48 + strlen( label ) + rlen ) if( sizeof( tmp ) < 48 + strlen( label ) + rlen )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
@ -393,12 +405,15 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen,
/* /*
* Compute P_<hash>(secret, label + random)[0..dlen] * Compute P_<hash>(secret, label + random)[0..dlen]
*/ */
sha512_hmac( secret, slen, tmp + 48, nb, tmp, 1 ); if( ( md_info = md_info_from_type( POLARSSL_MD_SHA384 ) ) == NULL )
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
md_hmac( md_info, secret, slen, tmp + 48, nb, tmp );
for( i = 0; i < dlen; i += 48 ) for( i = 0; i < dlen; i += 48 )
{ {
sha512_hmac( secret, slen, tmp, 48 + nb, h_i, 1 ); md_hmac( md_info, secret, slen, tmp, 48 + nb, h_i );
sha512_hmac( secret, slen, tmp, 48, tmp, 1 ); md_hmac( md_info, secret, slen, tmp, 48, tmp );
k = ( i + 48 > dlen ) ? dlen % 48 : 48; k = ( i + 48 > dlen ) ? dlen % 48 : 48;