/src/gnutls/lib/nettle/prf.c
| Line | Count | Source (jump to first uncovered line) | 
| 1 |  | /* | 
| 2 |  |  * Copyright (C) 2017 Red Hat, Inc. | 
| 3 |  |  * | 
| 4 |  |  * Author: Nikos Mavrogiannopoulos | 
| 5 |  |  * | 
| 6 |  |  * This file is part of GNUTLS. | 
| 7 |  |  * | 
| 8 |  |  * The GNUTLS library is free software; you can redistribute it and/or | 
| 9 |  |  * modify it under the terms of the GNU Lesser General Public License | 
| 10 |  |  * as published by the Free Software Foundation; either version 2.1 of | 
| 11 |  |  * the License, or (at your option) any later version. | 
| 12 |  |  * | 
| 13 |  |  * This library is distributed in the hope that it will be useful, but | 
| 14 |  |  * WITHOUT ANY WARRANTY; without even the implied warranty of | 
| 15 |  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU | 
| 16 |  |  * Lesser General Public License for more details. | 
| 17 |  |  * | 
| 18 |  |  * You should have received a copy of the GNU Lesser General Public License | 
| 19 |  |  * along with this program.  If not, see <https://www.gnu.org/licenses/> | 
| 20 |  |  * | 
| 21 |  |  */ | 
| 22 |  |  | 
| 23 |  | #include <gnutls_int.h> | 
| 24 |  | #include "int/tls1-prf.h" | 
| 25 |  | #include <nettle/hmac.h> | 
| 26 |  | #if ENABLE_GOST | 
| 27 |  | # include "gost/hmac-gost.h" | 
| 28 |  | #endif | 
| 29 |  |  | 
| 30 |  | /*- | 
| 31 |  |  * _gnutls_prf_raw: | 
| 32 |  |  * @mac: the MAC algorithm to use, set to %GNUTLS_MAC_MD5_SHA1 for the TLS1.0 mac | 
| 33 |  |  * @master_size: length of the @master variable. | 
| 34 |  |  * @master: the master secret used in PRF computation | 
| 35 |  |  * @label_size: length of the @label variable. | 
| 36 |  |  * @label: label used in PRF computation, typically a short string. | 
| 37 |  |  * @seed_size: length of the @seed variable. | 
| 38 |  |  * @seed: optional extra data to seed the PRF with. | 
| 39 |  |  * @outsize: size of pre-allocated output buffer to hold the output. | 
| 40 |  |  * @out: pre-allocated buffer to hold the generated data. | 
| 41 |  |  * | 
| 42 |  |  * Apply the TLS Pseudo-Random-Function (PRF) on the master secret | 
| 43 |  |  * and the provided data. | 
| 44 |  |  * | 
| 45 |  |  * Returns: %GNUTLS_E_SUCCESS on success, or an error code. | 
| 46 |  |  -*/ | 
| 47 |  | int | 
| 48 |  | _gnutls_prf_raw(gnutls_mac_algorithm_t mac, | 
| 49 |  |     size_t master_size, const void *master, | 
| 50 |  |     size_t label_size, const char *label, | 
| 51 |  |     size_t seed_size, const uint8_t * seed, size_t outsize, | 
| 52 |  |     char *out) | 
| 53 | 0 | { | 
| 54 | 0 |   int ret; | 
| 55 |  | 
 | 
| 56 | 0 |   switch (mac) { | 
| 57 | 0 |   case GNUTLS_MAC_MD5_SHA1: | 
| 58 | 0 |     tls10_prf(master_size, (uint8_t *) master, label_size, label, | 
| 59 | 0 |         seed_size, seed, outsize, (uint8_t *) out); | 
| 60 | 0 |     return 0; | 
| 61 | 0 |   case GNUTLS_MAC_SHA256:{ | 
| 62 | 0 |       struct hmac_sha256_ctx ctx; | 
| 63 | 0 |       hmac_sha256_set_key(&ctx, master_size, | 
| 64 | 0 |               (uint8_t *) master); | 
| 65 |  | 
 | 
| 66 | 0 |       ret = tls12_prf(&ctx, (nettle_hash_update_func *) | 
| 67 | 0 |           hmac_sha256_update, | 
| 68 | 0 |           (nettle_hash_digest_func *) | 
| 69 | 0 |           hmac_sha256_digest, SHA256_DIGEST_SIZE, | 
| 70 | 0 |           label_size, label, seed_size, | 
| 71 | 0 |           seed, outsize, (uint8_t *) out); | 
| 72 |  | 
 | 
| 73 | 0 |       if (unlikely(ret != 1)) | 
| 74 | 0 |         return | 
| 75 | 0 |             gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); | 
| 76 | 0 |       break; | 
| 77 | 0 |     } | 
| 78 | 0 |   case GNUTLS_MAC_SHA384:{ | 
| 79 | 0 |       struct hmac_sha384_ctx ctx; | 
| 80 | 0 |       hmac_sha384_set_key(&ctx, master_size, master); | 
| 81 |  | 
 | 
| 82 | 0 |       ret = tls12_prf(&ctx, (nettle_hash_update_func *) | 
| 83 | 0 |           hmac_sha384_update, | 
| 84 | 0 |           (nettle_hash_digest_func *) | 
| 85 | 0 |           hmac_sha384_digest, SHA384_DIGEST_SIZE, | 
| 86 | 0 |           label_size, label, seed_size, | 
| 87 | 0 |           seed, outsize, (uint8_t *) out); | 
| 88 |  | 
 | 
| 89 | 0 |       if (unlikely(ret != 1)) | 
| 90 | 0 |         return | 
| 91 | 0 |             gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); | 
| 92 | 0 |       break; | 
| 93 | 0 |     } | 
| 94 | 0 | #if ENABLE_GOST | 
| 95 | 0 |   case GNUTLS_MAC_STREEBOG_256:{ | 
| 96 | 0 |       struct hmac_streebog256_ctx ctx; | 
| 97 | 0 |       hmac_streebog256_set_key(&ctx, master_size, master); | 
| 98 |  | 
 | 
| 99 | 0 |       ret = tls12_prf(&ctx, (nettle_hash_update_func *) | 
| 100 | 0 |           hmac_streebog256_update, | 
| 101 | 0 |           (nettle_hash_digest_func *) | 
| 102 | 0 |           hmac_streebog256_digest, | 
| 103 | 0 |           STREEBOG256_DIGEST_SIZE, label_size, | 
| 104 | 0 |           label, seed_size, seed, outsize, | 
| 105 | 0 |           (uint8_t *) out); | 
| 106 |  | 
 | 
| 107 | 0 |       if (unlikely(ret != 1)) | 
| 108 | 0 |         return | 
| 109 | 0 |             gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); | 
| 110 | 0 |       break; | 
| 111 | 0 |     } | 
| 112 | 0 |   case GNUTLS_MAC_STREEBOG_512:{ | 
| 113 | 0 |       struct hmac_streebog512_ctx ctx; | 
| 114 | 0 |       hmac_streebog512_set_key(&ctx, master_size, master); | 
| 115 |  | 
 | 
| 116 | 0 |       ret = tls12_prf(&ctx, (nettle_hash_update_func *) | 
| 117 | 0 |           hmac_streebog512_update, | 
| 118 | 0 |           (nettle_hash_digest_func *) | 
| 119 | 0 |           hmac_streebog512_digest, | 
| 120 | 0 |           STREEBOG512_DIGEST_SIZE, label_size, | 
| 121 | 0 |           label, seed_size, seed, outsize, | 
| 122 | 0 |           (uint8_t *) out); | 
| 123 |  | 
 | 
| 124 | 0 |       if (unlikely(ret != 1)) | 
| 125 | 0 |         return | 
| 126 | 0 |             gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); | 
| 127 | 0 |       break; | 
| 128 | 0 |     } | 
| 129 | 0 | #endif | 
| 130 | 0 |   default: | 
| 131 | 0 |     gnutls_assert(); | 
| 132 | 0 |     _gnutls_debug_log("unhandled PRF %s\n", | 
| 133 | 0 |           gnutls_mac_get_name(mac)); | 
| 134 | 0 |     return GNUTLS_E_INVALID_REQUEST; | 
| 135 |  | 
 | 
| 136 | 0 |   } | 
| 137 |  |  | 
| 138 | 0 |   return 0; | 
| 139 | 0 | } |