style fixes, minor bugfixes

author: Nils Durner <durner@gnunet.org> 2010-10-08 11:16:17 +0000
committer: Nils Durner <durner@gnunet.org> 2010-10-08 11:16:17 +0000
commit: 5695665772107f5c5b088f957a277efc9e3d089e (patch)
tree: dafca3c500625f3eccbca496af737ae925400a93 /src/util/crypto_hkdf.c
parent: f312e6df17cc5fe5848b53827546312eac899529 (diff)
download: gnunet-5695665772107f5c5b088f957a277efc9e3d089e.tar.gz
gnunet-5695665772107f5c5b088f957a277efc9e3d089e.zip
1 files changed, 40 insertions, 47 deletions
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c
index c436e9962..96ff3804b 100644
--- a/src/util/crypto_hkdf.c
+++ b/src/util/crypto_hkdf.c
@@ -24,6 +24,7 @@
 * @file src/util/crypto_hkdf.c
 * @brief Hash-based KDF as defined in RFC 5869
 * @see http://www.rfc-editor.org/rfc/rfc5869.txt
+ * @todo remove GNUNET references
 * @author Nils Durner
 */
@@ -36,6 +37,7 @@
 /**
 * @brief Compute the HMAC
+ * @todo use chunked buffers
 * @param mac gcrypt MAC handle
 * @param key HMAC key
 * @param key_len length of key
@@ -66,8 +68,8 @@ doHMAC (gcry_md_hd_t mac,
 */
 static int
 getPRK (gcry_md_hd_t mac, 
-        const void *xts, unsigned long long xts_len, /* FIXME: size_t? */
+        const void *xts, size_t xts_len,
-        const void *skm, unsigned long long skm_len, 
+        const void *skm, size_t skm_len,
        void *prk)
 {
  const void *ret;
@@ -115,40 +117,46 @@ dump(const char *src,
 * @return GNUNET_YES on success
 */
 int
-GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
+GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len,
                      int xtr_algo, int prf_algo, 
                      const void *xts, size_t xts_len,
                      const void *skm, size_t skm_len,
                      va_list argp)
 {
-  void *prk, *plain;
  const void *hc;
-  unsigned long long plain_len;
  unsigned long i, t, d;
-  unsigned int k, xtr_len;
+  unsigned int k = gcry_md_get_algo_dlen (prf_algo);
+  unsigned int xtr_len = gcry_md_get_algo_dlen (xtr_algo);
+  char prk[xtr_len];
  int ret;
  gcry_md_hd_t xtr, prf;
  size_t ctx_len;
  va_list args;
-  prk = plain = NULL;
+  if (k == 0)
-  xtr_len = gcry_md_get_algo_dlen (xtr_algo);
+    return GNUNET_SYSERR;
-  k = gcry_md_get_algo_dlen (prf_algo);
-  gcry_md_open(&xtr, xtr_algo, GCRY_MD_FLAG_HMAC);
+  // FIXME: what is the check for?
-  gcry_md_open(&prf, prf_algo, GCRY_MD_FLAG_HMAC);
+  if (out_len > (2 ^ 32 * k))
+    return GNUNET_SYSERR;
+  if (gcry_md_open(&xtr, xtr_algo, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR)
+    return GNUNET_SYSERR;
-  if (out_len > (2 ^ 32 * k) || !xtr_algo || !prf_algo)
+  if (gcry_md_open(&prf, prf_algo, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR)
+  {
+    gcry_md_close (xtr);
    return GNUNET_SYSERR;
+  }
  va_copy (args, argp);
-  for (ctx_len = 0; va_arg (args, void *);)
+  ctx_len = 0;
+  while (NULL != va_arg (args, void *))
    ctx_len += va_arg (args, size_t);
  va_end(args);
-  prk = GNUNET_malloc (xtr_len);
  memset (result, 0, out_len);
-  gcry_md_reset (xtr);
  if (getPRK (xtr, xts, xts_len, skm, skm_len, prk)
      != GNUNET_YES)
    goto hkdf_error;
@@ -160,13 +168,13 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
  d = out_len % k;
  /* K(1) */
-  plain_len = k + ctx_len + 1;
+  {
-  plain = GNUNET_malloc (plain_len);
+  size_t plain_len = k + ctx_len + 1;
-  if (t > 0)
+  char plain[plain_len];
-    {
+      const void *ctx;
-      void *ctx, *dst;
+      char *dst;
-      dst = plain;
+      dst = plain + k;
      va_copy (args, argp);
      while ((ctx = va_arg (args, void *)))
        {
@@ -178,37 +186,21 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
        }
      va_end (args);
-      memset (dst, 1, 1);
+  if (t > 0)
-      gcry_md_reset (prf);
+    {
+      memset (plain + k + ctx_len, 1, 1);
 #if DEBUG_HKDF
      dump("K(1)", plain, plain_len);
 #endif
      hc = doHMAC (prf, 
                   prk,
-                   xtr_len, plain, ctx_len + 1);
+                   xtr_len, &plain[k], ctx_len + 1);
      if (hc == NULL)
        goto hkdf_error;
      memcpy (result, hc, k);
      result += k;
    }
-  if (t > 1 || d > 0)
-    {
-      void *ctx, *dst;
-      dst = plain + k;
-      va_copy (args, argp);
-      while ((ctx = va_arg (args, void *)))
-        {
-          size_t len;
-          len = va_arg (args, size_t);
-          memcpy (dst, ctx, len);
-          dst += len;
-        }
-      va_end (args);
-    }
  /* K(i+1) */
  for (i = 1; i < t; i++)
    {
@@ -235,7 +227,10 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
 #if DEBUG_HKDF
      dump("K(t):d", plain, plain_len);
 #endif
-      hc = doHMAC (prf, prk, xtr_len, plain, plain_len);
+      if (t > 0)
+        hc = doHMAC (prf, prk, xtr_len, plain, plain_len);
+      else
+        hc = doHMAC (prf, prk, xtr_len, plain + k, plain_len - k);
      if (hc == NULL)
        goto hkdf_error;
      memcpy (result, hc, d);
@@ -246,12 +241,10 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
  ret = GNUNET_YES;
  goto hkdf_ok;
+  }
 hkdf_error:
  ret = GNUNET_SYSERR;
 hkdf_ok:
-  GNUNET_free (prk);
-  GNUNET_free_non_null (plain);
  gcry_md_close (prf);
  gcry_md_close (xtr);
@@ -274,7 +267,7 @@ hkdf_ok:
 * @return GNUNET_YES on success
 */
 int
-GNUNET_CRYPTO_hkdf (void *result, unsigned long long out_len,
+GNUNET_CRYPTO_hkdf (void *result, size_t out_len,
                    int xtr_algo, int prf_algo, 
                    const void *xts, size_t xts_len,
                    const void *skm, size_t skm_len,
author	Nils Durner <durner@gnunet.org>	2010-10-08 11:16:17 +0000
committer	Nils Durner <durner@gnunet.org>	2010-10-08 11:16:17 +0000
commit	5695665772107f5c5b088f957a277efc9e3d089e (patch)
tree	dafca3c500625f3eccbca496af737ae925400a93 /src/util/crypto_hkdf.c
parent	f312e6df17cc5fe5848b53827546312eac899529 (diff)
download	gnunet-5695665772107f5c5b088f957a277efc9e3d089e.tar.gz gnunet-5695665772107f5c5b088f957a277efc9e3d089e.zip

diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c index c436e9962..96ff3804b 100644 --- a/src/util/crypto_hkdf.c +++ b/src/util/crypto_hkdf.c
@@ -24,6 +24,7 @@
24	* @file src/util/crypto_hkdf.c	24	* @file src/util/crypto_hkdf.c
25	* @brief Hash-based KDF as defined in RFC 5869	25	* @brief Hash-based KDF as defined in RFC 5869
26	* @see http://www.rfc-editor.org/rfc/rfc5869.txt	26	* @see http://www.rfc-editor.org/rfc/rfc5869.txt
		27	* @todo remove GNUNET references
27	* @author Nils Durner	28	* @author Nils Durner
28	*/	29	*/
29		30
@@ -36,6 +37,7 @@
36		37
37	/**	38	/**
38	* @brief Compute the HMAC	39	* @brief Compute the HMAC
		40	* @todo use chunked buffers
39	* @param mac gcrypt MAC handle	41	* @param mac gcrypt MAC handle
40	* @param key HMAC key	42	* @param key HMAC key
41	* @param key_len length of key	43	* @param key_len length of key
@@ -66,8 +68,8 @@ doHMAC (gcry_md_hd_t mac,
66	*/	68	*/
67	static int	69	static int
68	getPRK (gcry_md_hd_t mac,	70	getPRK (gcry_md_hd_t mac,
69	const void xts, unsigned long long xts_len, / FIXME: size_t? */	71	const void *xts, size_t xts_len,
70	const void *skm, unsigned long long skm_len,	72	const void *skm, size_t skm_len,
71	void *prk)	73	void *prk)
72	{	74	{
73	const void *ret;	75	const void *ret;
@@ -115,40 +117,46 @@ dump(const char *src,
115	* @return GNUNET_YES on success	117	* @return GNUNET_YES on success
116	*/	118	*/
117	int	119	int
118	GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,	120	GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len,
119	int xtr_algo, int prf_algo,	121	int xtr_algo, int prf_algo,
120	const void *xts, size_t xts_len,	122	const void *xts, size_t xts_len,
121	const void *skm, size_t skm_len,	123	const void *skm, size_t skm_len,
122	va_list argp)	124	va_list argp)
123	{	125	{
124	void prk, plain;
125	const void *hc;	126	const void *hc;
126	unsigned long long plain_len;
127	unsigned long i, t, d;	127	unsigned long i, t, d;
128	unsigned int k, xtr_len;	128	unsigned int k = gcry_md_get_algo_dlen (prf_algo);
		129	unsigned int xtr_len = gcry_md_get_algo_dlen (xtr_algo);
		130	char prk[xtr_len];
129	int ret;	131	int ret;
130	gcry_md_hd_t xtr, prf;	132	gcry_md_hd_t xtr, prf;
131	size_t ctx_len;	133	size_t ctx_len;
132	va_list args;	134	va_list args;
133		135
134	prk = plain = NULL;	136	if (k == 0)
135	xtr_len = gcry_md_get_algo_dlen (xtr_algo);	137	return GNUNET_SYSERR;
136	k = gcry_md_get_algo_dlen (prf_algo);	138
137	gcry_md_open(&xtr, xtr_algo, GCRY_MD_FLAG_HMAC);	139	// FIXME: what is the check for?
138	gcry_md_open(&prf, prf_algo, GCRY_MD_FLAG_HMAC);	140	if (out_len > (2 ^ 32 * k))
		141	return GNUNET_SYSERR;
		142
		143	if (gcry_md_open(&xtr, xtr_algo, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR)
		144	return GNUNET_SYSERR;
139		145
140	if (out_len > (2 ^ 32 * k) \|\| !xtr_algo \|\| !prf_algo)	146	if (gcry_md_open(&prf, prf_algo, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR)
		147	{
		148	gcry_md_close (xtr);
141	return GNUNET_SYSERR;	149	return GNUNET_SYSERR;
		150	}
142		151
143	va_copy (args, argp);	152	va_copy (args, argp);
144	for (ctx_len = 0; va_arg (args, void *);)	153
		154	ctx_len = 0;
		155	while (NULL != va_arg (args, void *))
145	ctx_len += va_arg (args, size_t);	156	ctx_len += va_arg (args, size_t);
146	va_end(args);	157	va_end(args);
147		158
148	prk = GNUNET_malloc (xtr_len);
149
150	memset (result, 0, out_len);	159	memset (result, 0, out_len);
151	gcry_md_reset (xtr);
152	if (getPRK (xtr, xts, xts_len, skm, skm_len, prk)	160	if (getPRK (xtr, xts, xts_len, skm, skm_len, prk)
153	!= GNUNET_YES)	161	!= GNUNET_YES)
154	goto hkdf_error;	162	goto hkdf_error;
@@ -160,13 +168,13 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
160	d = out_len % k;	168	d = out_len % k;
161		169
162	/* K(1) */	170	/* K(1) */
163	plain_len = k + ctx_len + 1;	171	{
164	plain = GNUNET_malloc (plain_len);	172	size_t plain_len = k + ctx_len + 1;
165	if (t > 0)	173	char plain[plain_len];
166	{	174	const void *ctx;
167	void ctx, dst;	175	char *dst;
168		176
169	dst = plain;	177	dst = plain + k;
170	va_copy (args, argp);	178	va_copy (args, argp);
171	while ((ctx = va_arg (args, void *)))	179	while ((ctx = va_arg (args, void *)))
172	{	180	{
@@ -178,37 +186,21 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
178	}	186	}
179	va_end (args);	187	va_end (args);
180		188
181	memset (dst, 1, 1);	189	if (t > 0)
182	gcry_md_reset (prf);	190	{
		191	memset (plain + k + ctx_len, 1, 1);
183	#if DEBUG_HKDF	192	#if DEBUG_HKDF
184	dump("K(1)", plain, plain_len);	193	dump("K(1)", plain, plain_len);
185	#endif	194	#endif
186	hc = doHMAC (prf,	195	hc = doHMAC (prf,
187	prk,	196	prk,
188	xtr_len, plain, ctx_len + 1);	197	xtr_len, &plain[k], ctx_len + 1);
189	if (hc == NULL)	198	if (hc == NULL)
190	goto hkdf_error;	199	goto hkdf_error;
191	memcpy (result, hc, k);	200	memcpy (result, hc, k);
192	result += k;	201	result += k;
193	}	202	}
194		203
195	if (t > 1 \|\| d > 0)
196	{
197	void ctx, dst;
198
199	dst = plain + k;
200	va_copy (args, argp);
201	while ((ctx = va_arg (args, void *)))
202	{
203	size_t len;
204
205	len = va_arg (args, size_t);
206	memcpy (dst, ctx, len);
207	dst += len;
208	}
209	va_end (args);
210	}
211
212	/* K(i+1) */	204	/* K(i+1) */
213	for (i = 1; i < t; i++)	205	for (i = 1; i < t; i++)
214	{	206	{
@@ -235,7 +227,10 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
235	#if DEBUG_HKDF	227	#if DEBUG_HKDF
236	dump("K(t):d", plain, plain_len);	228	dump("K(t):d", plain, plain_len);
237	#endif	229	#endif
238	hc = doHMAC (prf, prk, xtr_len, plain, plain_len);	230	if (t > 0)
		231	hc = doHMAC (prf, prk, xtr_len, plain, plain_len);
		232	else
		233	hc = doHMAC (prf, prk, xtr_len, plain + k, plain_len - k);
239	if (hc == NULL)	234	if (hc == NULL)
240	goto hkdf_error;	235	goto hkdf_error;
241	memcpy (result, hc, d);	236	memcpy (result, hc, d);
@@ -246,12 +241,10 @@ GNUNET_CRYPTO_hkdf_v (void *result, unsigned long long out_len,
246		241
247	ret = GNUNET_YES;	242	ret = GNUNET_YES;
248	goto hkdf_ok;	243	goto hkdf_ok;
249		244	}
250	hkdf_error:	245	hkdf_error:
251	ret = GNUNET_SYSERR;	246	ret = GNUNET_SYSERR;
252	hkdf_ok:	247	hkdf_ok:
253	GNUNET_free (prk);
254	GNUNET_free_non_null (plain);
255	gcry_md_close (prf);	248	gcry_md_close (prf);
256	gcry_md_close (xtr);	249	gcry_md_close (xtr);
257		250
@@ -274,7 +267,7 @@ hkdf_ok:
274	* @return GNUNET_YES on success	267	* @return GNUNET_YES on success
275	*/	268	*/
276	int	269	int
277	GNUNET_CRYPTO_hkdf (void *result, unsigned long long out_len,	270	GNUNET_CRYPTO_hkdf (void *result, size_t out_len,
278	int xtr_algo, int prf_algo,	271	int xtr_algo, int prf_algo,
279	const void *xts, size_t xts_len,	272	const void *xts, size_t xts_len,
280	const void *skm, size_t skm_len,	273	const void *skm, size_t skm_len,