diff options
author | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-11-29 06:18:26 +0100 |
---|---|---|
committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-11-29 06:18:26 +0100 |
commit | 3cd025bb177388556ddaf20e45c0e0ae6b7f7e22 (patch) | |
tree | 5b8db87b757db7de5cf34e5433bdebe72fd004d3 | |
parent | f04696e7451f787112e35ac184ff5057f45269eb (diff) | |
download | fastd-3cd025bb177388556ddaf20e45c0e0ae6b7f7e22.tar fastd-3cd025bb177388556ddaf20e45c0e0ae6b7f7e22.zip |
generic-gmac: use HKDF expansion instead of the stream cipher to generate H
-rw-r--r-- | src/methods/generic_gmac/generic_gmac.c | 12 |
1 files changed, 2 insertions, 10 deletions
diff --git a/src/methods/generic_gmac/generic_gmac.c b/src/methods/generic_gmac/generic_gmac.c index d42b2c4..5501076 100644 --- a/src/methods/generic_gmac/generic_gmac.c +++ b/src/methods/generic_gmac/generic_gmac.c @@ -94,7 +94,7 @@ static size_t method_key_length(fastd_context_t *ctx, const char *name) { if (!cipher_get(NULL, name, &cipher_info, NULL, NULL)) exit_bug(ctx, "generic-gmac: can't get cipher key length"); - return cipher_info->key_length; + return cipher_info->key_length + sizeof(fastd_block128_t); } static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, const char *name, const uint8_t *secret, bool initiator) { @@ -107,22 +107,14 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret); - static const fastd_block128_t zeroblock = {}; - fastd_block128_t H; - if (session->cipher_info->iv_length <= COMMON_NONCEBYTES) exit_bug(ctx, "generic-gmac: iv_length to small"); - uint8_t zeroiv[session->cipher_info->iv_length]; - memset(zeroiv, 0, session->cipher_info->iv_length); - - session->cipher->crypt(ctx, session->cipher_state, &H, &zeroblock, sizeof(fastd_block128_t), zeroiv); - session->ghash = fastd_mac_get_by_name(ctx, "ghash", &session->ghash_info, &session->ghash_ctx); if (!session->ghash) exit_bug(ctx, "generic-gmac: can't instanciate ghash mac"); - session->ghash_state = session->ghash->init_state(ctx, session->ghash_ctx, H.b); + session->ghash_state = session->ghash->init_state(ctx, session->ghash_ctx, secret + session->cipher_info->key_length); return session; } |