From 49de0a5763e5ced05f62b2539a63e90b9a439c18 Mon Sep 17 00:00:00 2001
From: "Martine S. Lenders" <m.lenders@fu-berlin.de>
Date: Tue, 29 Mar 2022 12:06:00 +0200
Subject: [PATCH] crypto: only one HMAC context is required

Signed-off-by: Martine Lenders <m.lenders@fu-berlin.de>
---
 crypto.c | 45 ++++++++++++++++++++++-----------------------
 1 file changed, 22 insertions(+), 23 deletions(-)

diff --git a/crypto.c b/crypto.c
index 6475eb8..b3845ae 100644
--- a/crypto.c
+++ b/crypto.c
@@ -207,7 +207,7 @@ dtls_p_hash(dtls_hashfunc_t h,
 	    const unsigned char *random1, size_t random1len,
 	    const unsigned char *random2, size_t random2len,
 	    unsigned char *buf, size_t buflen) {
-  dtls_hmac_context_t hmac_a, hmac_p;
+  dtls_hmac_context_t hmac;
 
   unsigned char A[DTLS_HMAC_DIGEST_SIZE];
   unsigned char tmp[DTLS_HMAC_DIGEST_SIZE];
@@ -215,47 +215,46 @@ dtls_p_hash(dtls_hashfunc_t h,
   size_t len = 0;			/* result length */
   (void)h;
 
-  dtls_hmac_init(&hmac_a, key, keylen);
+  dtls_hmac_init(&hmac, key, keylen);
 
   /* calculate A(1) from A(0) == seed */
-  HMAC_UPDATE_SEED(&hmac_a, label, labellen);
-  HMAC_UPDATE_SEED(&hmac_a, random1, random1len);
-  HMAC_UPDATE_SEED(&hmac_a, random2, random2len);
+  HMAC_UPDATE_SEED(&hmac, label, labellen);
+  HMAC_UPDATE_SEED(&hmac, random1, random1len);
+  HMAC_UPDATE_SEED(&hmac, random2, random2len);
 
-  dlen = dtls_hmac_finalize(&hmac_a, A);
+  dlen = dtls_hmac_finalize(&hmac, A);
 
   while (len + dlen < buflen) {
 
-    dtls_hmac_init(&hmac_p, key, keylen);
-    dtls_hmac_update(&hmac_p, A, dlen);
+    dtls_hmac_init(&hmac, key, keylen);
+    dtls_hmac_update(&hmac, A, dlen);
 
-    HMAC_UPDATE_SEED(&hmac_p, label, labellen);
-    HMAC_UPDATE_SEED(&hmac_p, random1, random1len);
-    HMAC_UPDATE_SEED(&hmac_p, random2, random2len);
+    HMAC_UPDATE_SEED(&hmac, label, labellen);
+    HMAC_UPDATE_SEED(&hmac, random1, random1len);
+    HMAC_UPDATE_SEED(&hmac, random2, random2len);
 
-    len += dtls_hmac_finalize(&hmac_p, tmp);
+    len += dtls_hmac_finalize(&hmac, tmp);
     memcpy(buf, tmp, dlen);
     buf += dlen;
 
     /* calculate A(i+1) */
-    dtls_hmac_init(&hmac_a, key, keylen);
-    dtls_hmac_update(&hmac_a, A, dlen);
-    dtls_hmac_finalize(&hmac_a, A);
+    dtls_hmac_init(&hmac, key, keylen);
+    dtls_hmac_update(&hmac, A, dlen);
+    dtls_hmac_finalize(&hmac, A);
   }
 
-  dtls_hmac_init(&hmac_p, key, keylen);
-  dtls_hmac_update(&hmac_p, A, dlen);
+  dtls_hmac_init(&hmac, key, keylen);
+  dtls_hmac_update(&hmac, A, dlen);
   
-  HMAC_UPDATE_SEED(&hmac_p, label, labellen);
-  HMAC_UPDATE_SEED(&hmac_p, random1, random1len);
-  HMAC_UPDATE_SEED(&hmac_p, random2, random2len);
+  HMAC_UPDATE_SEED(&hmac, label, labellen);
+  HMAC_UPDATE_SEED(&hmac, random1, random1len);
+  HMAC_UPDATE_SEED(&hmac, random2, random2len);
   
-  dtls_hmac_finalize(&hmac_p, tmp);
+  dtls_hmac_finalize(&hmac, tmp);
   memcpy(buf, tmp, buflen - len);
 
   /* prevent exposure of sensible data */
-  memset(&hmac_a, 0, sizeof(hmac_a));
-  memset(&hmac_p, 0, sizeof(hmac_p));
+  memset(&hmac, 0, sizeof(hmac));
   memset(tmp, 0, sizeof(tmp));
   memset(A, 0, sizeof(A));
 
-- 
2.35.1