1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2025-01-18 12:52:44 +01:00
RIOT/pkg/tinydtls/patches/0006-crypto-only-one-HMAC-context-is-required.patch
2022-04-01 09:10:35 +02:00

96 lines
3.1 KiB
Diff

From 49de0a5763e5ced05f62b2539a63e90b9a439c18 Mon Sep 17 00:00:00 2001
From: "Martine S. Lenders" <m.lenders@fu-berlin.de>
Date: Tue, 29 Mar 2022 12:06:00 +0200
Subject: [PATCH] crypto: only one HMAC context is required
Signed-off-by: Martine Lenders <m.lenders@fu-berlin.de>
---
crypto.c | 45 ++++++++++++++++++++++-----------------------
1 file changed, 22 insertions(+), 23 deletions(-)
diff --git a/crypto.c b/crypto.c
index 6475eb8..b3845ae 100644
--- a/crypto.c
+++ b/crypto.c
@@ -207,7 +207,7 @@ dtls_p_hash(dtls_hashfunc_t h,
const unsigned char *random1, size_t random1len,
const unsigned char *random2, size_t random2len,
unsigned char *buf, size_t buflen) {
- dtls_hmac_context_t hmac_a, hmac_p;
+ dtls_hmac_context_t hmac;
unsigned char A[DTLS_HMAC_DIGEST_SIZE];
unsigned char tmp[DTLS_HMAC_DIGEST_SIZE];
@@ -215,47 +215,46 @@ dtls_p_hash(dtls_hashfunc_t h,
size_t len = 0; /* result length */
(void)h;
- dtls_hmac_init(&hmac_a, key, keylen);
+ dtls_hmac_init(&hmac, key, keylen);
/* calculate A(1) from A(0) == seed */
- HMAC_UPDATE_SEED(&hmac_a, label, labellen);
- HMAC_UPDATE_SEED(&hmac_a, random1, random1len);
- HMAC_UPDATE_SEED(&hmac_a, random2, random2len);
+ HMAC_UPDATE_SEED(&hmac, label, labellen);
+ HMAC_UPDATE_SEED(&hmac, random1, random1len);
+ HMAC_UPDATE_SEED(&hmac, random2, random2len);
- dlen = dtls_hmac_finalize(&hmac_a, A);
+ dlen = dtls_hmac_finalize(&hmac, A);
while (len + dlen < buflen) {
- dtls_hmac_init(&hmac_p, key, keylen);
- dtls_hmac_update(&hmac_p, A, dlen);
+ dtls_hmac_init(&hmac, key, keylen);
+ dtls_hmac_update(&hmac, A, dlen);
- HMAC_UPDATE_SEED(&hmac_p, label, labellen);
- HMAC_UPDATE_SEED(&hmac_p, random1, random1len);
- HMAC_UPDATE_SEED(&hmac_p, random2, random2len);
+ HMAC_UPDATE_SEED(&hmac, label, labellen);
+ HMAC_UPDATE_SEED(&hmac, random1, random1len);
+ HMAC_UPDATE_SEED(&hmac, random2, random2len);
- len += dtls_hmac_finalize(&hmac_p, tmp);
+ len += dtls_hmac_finalize(&hmac, tmp);
memcpy(buf, tmp, dlen);
buf += dlen;
/* calculate A(i+1) */
- dtls_hmac_init(&hmac_a, key, keylen);
- dtls_hmac_update(&hmac_a, A, dlen);
- dtls_hmac_finalize(&hmac_a, A);
+ dtls_hmac_init(&hmac, key, keylen);
+ dtls_hmac_update(&hmac, A, dlen);
+ dtls_hmac_finalize(&hmac, A);
}
- dtls_hmac_init(&hmac_p, key, keylen);
- dtls_hmac_update(&hmac_p, A, dlen);
+ dtls_hmac_init(&hmac, key, keylen);
+ dtls_hmac_update(&hmac, A, dlen);
- HMAC_UPDATE_SEED(&hmac_p, label, labellen);
- HMAC_UPDATE_SEED(&hmac_p, random1, random1len);
- HMAC_UPDATE_SEED(&hmac_p, random2, random2len);
+ HMAC_UPDATE_SEED(&hmac, label, labellen);
+ HMAC_UPDATE_SEED(&hmac, random1, random1len);
+ HMAC_UPDATE_SEED(&hmac, random2, random2len);
- dtls_hmac_finalize(&hmac_p, tmp);
+ dtls_hmac_finalize(&hmac, tmp);
memcpy(buf, tmp, buflen - len);
/* prevent exposure of sensible data */
- memset(&hmac_a, 0, sizeof(hmac_a));
- memset(&hmac_p, 0, sizeof(hmac_p));
+ memset(&hmac, 0, sizeof(hmac));
memset(tmp, 0, sizeof(tmp));
memset(A, 0, sizeof(A));
--
2.35.1