[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] branch master updated: make KDF conform to RFC 5869
|
From: |
gnunet |
|
Subject: |
[gnunet] branch master updated: make KDF conform to RFC 5869 |
|
Date: |
Tue, 19 Oct 2021 13:56:02 +0200 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 2e2abc61d make KDF conform to RFC 5869
2e2abc61d is described below
commit 2e2abc61db54f3a25fcb261e2d93277673770d70
Author: Florian Dold <florian@dold.me>
AuthorDate: Tue Oct 19 13:55:28 2021 +0200
make KDF conform to RFC 5869
---
src/util/crypto_hkdf.c | 22 ++++++++++++++++++++--
1 file changed, 20 insertions(+), 2 deletions(-)
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c
index 7270b87b6..ba3626e1a 100644
--- a/src/util/crypto_hkdf.c
+++ b/src/util/crypto_hkdf.c
@@ -103,11 +103,29 @@ getPRK (gcry_md_hd_t mac, const void *xts, size_t
xts_len, const void *skm,
size_t skm_len, void *prk)
{
const void *ret;
+ size_t dlen;
- ret = doHMAC (mac, xts, xts_len, skm, skm_len);
+ dlen = gcry_md_get_algo_dlen (gcry_md_get_algo (mac));
+
+ /* sanity check to bound stack allocation */
+ GNUNET_assert (dlen <= 512);
+
+ /* From RFC 5869:
+ * salt - optional salt value (a non-secret random value);
+ * if not provided, it is set to a string of HashLen zeros. */
+
+ if (xts_len == 0)
+ {
+ char zero_salt[dlen] = { 0 };
+ ret = doHMAC (mac, zero_salt, dlen, skm, skm_len);
+ }
+ else
+ {
+ ret = doHMAC (mac, xts, xts_len, skm, skm_len);
+ }
if (ret == NULL)
return GNUNET_SYSERR;
- GNUNET_memcpy (prk, ret, gcry_md_get_algo_dlen (gcry_md_get_algo (mac)));
+ GNUNET_memcpy (prk, ret, dlen);
return GNUNET_YES;
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gnunet] branch master updated: make KDF conform to RFC 5869,
gnunet <=