aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tlsv1_common.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-03-09 14:26:27 (GMT)
committerJouni Malinen <j@w1.fi>2014-03-09 14:26:27 (GMT)
commit6531963584758971dfcebd663ea601d43adf9dbe (patch)
tree665e3d0dd613a58dc963c954a832dbabf381cb89 /src/tls/tlsv1_common.c
parent65074a2a7ca5c9d0d1fc8a72da2176ac0e81a246 (diff)
downloadhostap-6531963584758971dfcebd663ea601d43adf9dbe.zip
hostap-6531963584758971dfcebd663ea601d43adf9dbe.tar.gz
hostap-6531963584758971dfcebd663ea601d43adf9dbe.tar.bz2
TLS: Use a helper function for calculating ServerKeyExchange hash
Instead of separate server and client side implementations, use a common set of helper functions for calculating the ServerParams hash for ServerKeyExchange. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/tls/tlsv1_common.c')
-rw-r--r--src/tls/tlsv1_common.c65
1 files changed, 65 insertions, 0 deletions
diff --git a/src/tls/tlsv1_common.c b/src/tls/tlsv1_common.c
index d05df85..dd67d28 100644
--- a/src/tls/tlsv1_common.c
+++ b/src/tls/tlsv1_common.c
@@ -9,6 +9,7 @@
#include "includes.h"
#include "common.h"
+#include "crypto/md5.h"
#include "crypto/sha1.h"
#include "crypto/sha256.h"
#include "x509v3.h"
@@ -331,3 +332,67 @@ int tls_prf(u16 ver, const u8 *secret, size_t secret_len, const char *label,
return tls_prf_sha1_md5(secret, secret_len, label, seed, seed_len, out,
outlen);
}
+
+
+#ifdef CONFIG_TLSV12
+int tlsv12_key_x_server_params_hash(u16 tls_version,
+ const u8 *client_random,
+ const u8 *server_random,
+ const u8 *server_params,
+ size_t server_params_len, u8 *hash)
+{
+ size_t hlen;
+ struct crypto_hash *ctx;
+
+ ctx = crypto_hash_init(CRYPTO_HASH_ALG_SHA256, NULL, 0);
+ if (ctx == NULL)
+ return -1;
+ crypto_hash_update(ctx, client_random, TLS_RANDOM_LEN);
+ crypto_hash_update(ctx, server_random, TLS_RANDOM_LEN);
+ crypto_hash_update(ctx, server_params, server_params_len);
+ hlen = SHA256_MAC_LEN;
+ if (crypto_hash_finish(ctx, hash, &hlen) < 0)
+ return -1;
+
+ return hlen;
+}
+#endif /* CONFIG_TLSV12 */
+
+
+int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
+ const u8 *server_random,
+ const u8 *server_params,
+ size_t server_params_len, u8 *hash)
+{
+ u8 *hpos;
+ size_t hlen;
+ enum { SIGN_ALG_RSA, SIGN_ALG_DSA } alg = SIGN_ALG_RSA;
+ struct crypto_hash *ctx;
+
+ hpos = hash;
+
+ if (alg == SIGN_ALG_RSA) {
+ ctx = crypto_hash_init(CRYPTO_HASH_ALG_MD5, NULL, 0);
+ if (ctx == NULL)
+ return -1;
+ crypto_hash_update(ctx, client_random, TLS_RANDOM_LEN);
+ crypto_hash_update(ctx, server_random, TLS_RANDOM_LEN);
+ crypto_hash_update(ctx, server_params, server_params_len);
+ hlen = MD5_MAC_LEN;
+ if (crypto_hash_finish(ctx, hash, &hlen) < 0)
+ return -1;
+ hpos += hlen;
+ }
+
+ ctx = crypto_hash_init(CRYPTO_HASH_ALG_SHA1, NULL, 0);
+ if (ctx == NULL)
+ return -1;
+ crypto_hash_update(ctx, client_random, TLS_RANDOM_LEN);
+ crypto_hash_update(ctx, server_random, TLS_RANDOM_LEN);
+ crypto_hash_update(ctx, server_params, server_params_len);
+ hlen = hash + sizeof(hash) - hpos;
+ if (crypto_hash_finish(ctx, hpos, &hlen) < 0)
+ return -1;
+ hpos += hlen;
+ return hpos - hash;
+}