mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-01-18 12:52:44 +01:00
96 lines
3.1 KiB
Diff
96 lines
3.1 KiB
Diff
From 49de0a5763e5ced05f62b2539a63e90b9a439c18 Mon Sep 17 00:00:00 2001
|
|
From: "Martine S. Lenders" <m.lenders@fu-berlin.de>
|
|
Date: Tue, 29 Mar 2022 12:06:00 +0200
|
|
Subject: [PATCH] crypto: only one HMAC context is required
|
|
|
|
Signed-off-by: Martine Lenders <m.lenders@fu-berlin.de>
|
|
---
|
|
crypto.c | 45 ++++++++++++++++++++++-----------------------
|
|
1 file changed, 22 insertions(+), 23 deletions(-)
|
|
|
|
diff --git a/crypto.c b/crypto.c
|
|
index 6475eb8..b3845ae 100644
|
|
--- a/crypto.c
|
|
+++ b/crypto.c
|
|
@@ -207,7 +207,7 @@ dtls_p_hash(dtls_hashfunc_t h,
|
|
const unsigned char *random1, size_t random1len,
|
|
const unsigned char *random2, size_t random2len,
|
|
unsigned char *buf, size_t buflen) {
|
|
- dtls_hmac_context_t hmac_a, hmac_p;
|
|
+ dtls_hmac_context_t hmac;
|
|
|
|
unsigned char A[DTLS_HMAC_DIGEST_SIZE];
|
|
unsigned char tmp[DTLS_HMAC_DIGEST_SIZE];
|
|
@@ -215,47 +215,46 @@ dtls_p_hash(dtls_hashfunc_t h,
|
|
size_t len = 0; /* result length */
|
|
(void)h;
|
|
|
|
- dtls_hmac_init(&hmac_a, key, keylen);
|
|
+ dtls_hmac_init(&hmac, key, keylen);
|
|
|
|
/* calculate A(1) from A(0) == seed */
|
|
- HMAC_UPDATE_SEED(&hmac_a, label, labellen);
|
|
- HMAC_UPDATE_SEED(&hmac_a, random1, random1len);
|
|
- HMAC_UPDATE_SEED(&hmac_a, random2, random2len);
|
|
+ HMAC_UPDATE_SEED(&hmac, label, labellen);
|
|
+ HMAC_UPDATE_SEED(&hmac, random1, random1len);
|
|
+ HMAC_UPDATE_SEED(&hmac, random2, random2len);
|
|
|
|
- dlen = dtls_hmac_finalize(&hmac_a, A);
|
|
+ dlen = dtls_hmac_finalize(&hmac, A);
|
|
|
|
while (len + dlen < buflen) {
|
|
|
|
- dtls_hmac_init(&hmac_p, key, keylen);
|
|
- dtls_hmac_update(&hmac_p, A, dlen);
|
|
+ dtls_hmac_init(&hmac, key, keylen);
|
|
+ dtls_hmac_update(&hmac, A, dlen);
|
|
|
|
- HMAC_UPDATE_SEED(&hmac_p, label, labellen);
|
|
- HMAC_UPDATE_SEED(&hmac_p, random1, random1len);
|
|
- HMAC_UPDATE_SEED(&hmac_p, random2, random2len);
|
|
+ HMAC_UPDATE_SEED(&hmac, label, labellen);
|
|
+ HMAC_UPDATE_SEED(&hmac, random1, random1len);
|
|
+ HMAC_UPDATE_SEED(&hmac, random2, random2len);
|
|
|
|
- len += dtls_hmac_finalize(&hmac_p, tmp);
|
|
+ len += dtls_hmac_finalize(&hmac, tmp);
|
|
memcpy(buf, tmp, dlen);
|
|
buf += dlen;
|
|
|
|
/* calculate A(i+1) */
|
|
- dtls_hmac_init(&hmac_a, key, keylen);
|
|
- dtls_hmac_update(&hmac_a, A, dlen);
|
|
- dtls_hmac_finalize(&hmac_a, A);
|
|
+ dtls_hmac_init(&hmac, key, keylen);
|
|
+ dtls_hmac_update(&hmac, A, dlen);
|
|
+ dtls_hmac_finalize(&hmac, A);
|
|
}
|
|
|
|
- dtls_hmac_init(&hmac_p, key, keylen);
|
|
- dtls_hmac_update(&hmac_p, A, dlen);
|
|
+ dtls_hmac_init(&hmac, key, keylen);
|
|
+ dtls_hmac_update(&hmac, A, dlen);
|
|
|
|
- HMAC_UPDATE_SEED(&hmac_p, label, labellen);
|
|
- HMAC_UPDATE_SEED(&hmac_p, random1, random1len);
|
|
- HMAC_UPDATE_SEED(&hmac_p, random2, random2len);
|
|
+ HMAC_UPDATE_SEED(&hmac, label, labellen);
|
|
+ HMAC_UPDATE_SEED(&hmac, random1, random1len);
|
|
+ HMAC_UPDATE_SEED(&hmac, random2, random2len);
|
|
|
|
- dtls_hmac_finalize(&hmac_p, tmp);
|
|
+ dtls_hmac_finalize(&hmac, tmp);
|
|
memcpy(buf, tmp, buflen - len);
|
|
|
|
/* prevent exposure of sensible data */
|
|
- memset(&hmac_a, 0, sizeof(hmac_a));
|
|
- memset(&hmac_p, 0, sizeof(hmac_p));
|
|
+ memset(&hmac, 0, sizeof(hmac));
|
|
memset(tmp, 0, sizeof(tmp));
|
|
memset(A, 0, sizeof(A));
|
|
|
|
--
|
|
2.35.1
|
|
|