diff options
Diffstat (limited to 'src/util/crypto_hkdf.c')
-rw-r--r-- | src/util/crypto_hkdf.c | 37 |
1 files changed, 24 insertions, 13 deletions
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c index 2b9387357..1fc13ceaa 100644 --- a/src/util/crypto_hkdf.c +++ b/src/util/crypto_hkdf.c | |||
@@ -135,33 +135,47 @@ dump (const char *src, const void *p, unsigned int l) | |||
135 | * @param skm source key material | 135 | * @param skm source key material |
136 | * @param skm_len length of skm | 136 | * @param skm_len length of skm |
137 | * @param argp va_list of void * & size_t pairs for context chunks | 137 | * @param argp va_list of void * & size_t pairs for context chunks |
138 | * @return GNUNET_YES on success | 138 | * @return #GNUNET_YES on success |
139 | */ | 139 | */ |
140 | int | 140 | int |
141 | GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, | 141 | GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, |
142 | const void *xts, size_t xts_len, const void *skm, | 142 | const void *xts, size_t xts_len, const void *skm, |
143 | size_t skm_len, va_list argp) | 143 | size_t skm_len, va_list argp) |
144 | { | 144 | { |
145 | static int once; | ||
146 | static gcry_md_hd_t xtr; | ||
147 | static gcry_md_hd_t prf; | ||
145 | const void *hc; | 148 | const void *hc; |
146 | unsigned long i, t, d; | 149 | unsigned long i; |
150 | unsigned long t; | ||
151 | unsigned long d; | ||
147 | unsigned int k = gcry_md_get_algo_dlen (prf_algo); | 152 | unsigned int k = gcry_md_get_algo_dlen (prf_algo); |
148 | unsigned int xtr_len = gcry_md_get_algo_dlen (xtr_algo); | 153 | unsigned int xtr_len = gcry_md_get_algo_dlen (xtr_algo); |
149 | char prk[xtr_len]; | 154 | char prk[xtr_len]; |
150 | int ret; | 155 | int ret; |
151 | gcry_md_hd_t xtr, prf; | ||
152 | size_t ctx_len; | 156 | size_t ctx_len; |
153 | va_list args; | 157 | va_list args; |
154 | 158 | ||
155 | if (k == 0) | 159 | if (0 == k) |
156 | return GNUNET_SYSERR; | ||
157 | |||
158 | if (gcry_md_open (&xtr, xtr_algo, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR) | ||
159 | return GNUNET_SYSERR; | 160 | return GNUNET_SYSERR; |
161 | if (! once) | ||
162 | { | ||
163 | if (GPG_ERR_NO_ERROR != | ||
164 | gcry_md_open (&xtr, xtr_algo, GCRY_MD_FLAG_HMAC)) | ||
165 | return GNUNET_SYSERR; | ||
160 | 166 | ||
161 | if (gcry_md_open (&prf, prf_algo, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR) | 167 | if (GPG_ERR_NO_ERROR != |
168 | gcry_md_open (&prf, prf_algo, GCRY_MD_FLAG_HMAC)) | ||
169 | { | ||
170 | gcry_md_close (xtr); | ||
171 | return GNUNET_SYSERR; | ||
172 | } | ||
173 | once = 1; | ||
174 | } | ||
175 | else | ||
162 | { | 176 | { |
163 | gcry_md_close (xtr); | 177 | gcry_md_reset (xtr); |
164 | return GNUNET_SYSERR; | 178 | gcry_md_reset (prf); |
165 | } | 179 | } |
166 | 180 | ||
167 | va_copy (args, argp); | 181 | va_copy (args, argp); |
@@ -261,9 +275,6 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, | |||
261 | hkdf_error: | 275 | hkdf_error: |
262 | ret = GNUNET_SYSERR; | 276 | ret = GNUNET_SYSERR; |
263 | hkdf_ok: | 277 | hkdf_ok: |
264 | gcry_md_close (prf); | ||
265 | gcry_md_close (xtr); | ||
266 | |||
267 | return ret; | 278 | return ret; |
268 | } | 279 | } |
269 | 280 | ||