mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

go straight to p_hash in TLS 1.2 to remove PRF stack use

Browse Source
This commit is contained in:
toddouska 2012-09-04 16:34:26 -07:00
parent 0ee22d8f94
commit 982526ed13
1 changed files with 27 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/tls.c
View File

@ -120,9 +120,9 @@ static void p_hash(byte* result, word32 resLen, const byte* secret,
/* compute TLSv1 PRF (pseudo random function using HMAC) */ /* compute TLSv1 PRF (pseudo random function using HMAC) */
static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, static void doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
const byte* label, word32 labLen, const byte* seed, word32 seedLen, const byte* label, word32 labLen, const byte* seed, word32 seedLen,
int useAtLeastSha256, int hash_type) int hash_type)
{ {
word32 half = (secLen + 1) / 2; word32 half = (secLen + 1) / 2;
@ -145,21 +145,39 @@ static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
XMEMCPY(labelSeed, label, labLen); XMEMCPY(labelSeed, label, labLen);
XMEMCPY(labelSeed + labLen, seed, seedLen); XMEMCPY(labelSeed + labLen, seed, seedLen);
p_hash(md5_result, digLen, md5_half, half, labelSeed, labLen + seedLen,
md5_mac);
p_hash(sha_result, digLen, sha_half, half, labelSeed, labLen + seedLen,
sha_mac);
get_xor(digest, digLen, md5_result, sha_result);
}
/* Wrapper to call straight thru to p_hash in TSL 1.2 cases to remove stack
use */
static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
const byte* label, word32 labLen, const byte* seed, word32 seedLen,
int useAtLeastSha256, int hash_type)
{
if (useAtLeastSha256) { if (useAtLeastSha256) {
byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */
if (labLen + seedLen > MAX_PRF_LABSEED)
return;
XMEMCPY(labelSeed, label, labLen);
XMEMCPY(labelSeed + labLen, seed, seedLen);
/* If a cipher suite wants an algorithm better than sha256, it /* If a cipher suite wants an algorithm better than sha256, it
* should use better. */ * should use better. */
if (hash_type < sha256_mac) if (hash_type < sha256_mac)
hash_type = sha256_mac; hash_type = sha256_mac;
p_hash(digest, digLen, secret, secLen, labelSeed, labLen + seedLen, p_hash(digest, digLen, secret, secLen, labelSeed, labLen + seedLen,
hash_type); hash_type);
return;
} }
else
p_hash(md5_result, digLen, md5_half, half, labelSeed, labLen + seedLen, doPRF(digest, digLen, secret, secLen, label, labLen, seed, seedLen,
md5_mac); hash_type);
p_hash(sha_result, digLen, sha_half, half, labelSeed, labLen + seedLen,
sha_mac);
get_xor(digest, digLen, md5_result, sha_result);
} }