Andrew Boyson
/
crypto
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: oldheating gps motorhome heating
tls/tls-prf.c@13:0a80b49a5e78, 2019-09-27 (annotated)
- Committer:
- andrewboyson
- Date:
- Fri Sep 27 11:31:18 2019 +0000
- Revision:
- 13:0a80b49a5e78
- Parent:
- 9:f354b4859b0b
- Child:
- 17:93feb2a51d58
Removed bug with TLS session. Unable to test as compiler has moved to v6 again (I think)
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| andrewboyson | 9:f354b4859b0b | 1 | #include <stdint.h> |
| andrewboyson | 13:0a80b49a5e78 | 2 | #include <alloca.h> |
| andrewboyson | 13:0a80b49a5e78 | 3 | |
| andrewboyson | 9:f354b4859b0b | 4 | #include "prf.h" |
| andrewboyson | 9:f354b4859b0b | 5 | |
| andrewboyson | 9:f354b4859b0b | 6 | void TlsPrfMasterSecret(uint8_t * preMasterSecret, uint8_t* clientRandom, uint8_t* serverRandom, uint8_t* output48) |
| andrewboyson | 9:f354b4859b0b | 7 | { |
| andrewboyson | 9:f354b4859b0b | 8 | uint8_t* seed = alloca(13 + 32 + 32); |
| andrewboyson | 9:f354b4859b0b | 9 | for (int i = 0; i < 13; i++) seed[i ] = "master secret"[i]; |
| andrewboyson | 9:f354b4859b0b | 10 | for (int i = 0; i < 32; i++) seed[i + 13 ] = clientRandom[i]; |
| andrewboyson | 9:f354b4859b0b | 11 | for (int i = 0; i < 32; i++) seed[i + 13 + 32] = serverRandom[i]; |
| andrewboyson | 9:f354b4859b0b | 12 | |
| andrewboyson | 9:f354b4859b0b | 13 | uint8_t* hash = alloca(64); |
| andrewboyson | 9:f354b4859b0b | 14 | PrfHmacSha256(preMasterSecret, 48, seed, 13 + 32 + 32, 2, hash); //2 iterations will generate 64 bytes |
| andrewboyson | 9:f354b4859b0b | 15 | for (int i = 0; i < 48; i++) output48[i] = hash[i]; //just take the first 48 bytes |
| andrewboyson | 9:f354b4859b0b | 16 | } |
| andrewboyson | 9:f354b4859b0b | 17 | |
| andrewboyson | 9:f354b4859b0b | 18 | void TlsPrfKeys(uint8_t * masterSecret, uint8_t* clientRandom, uint8_t* serverRandom, uint8_t* client_MAC_key_20, |
| andrewboyson | 9:f354b4859b0b | 19 | uint8_t* server_MAC_key_20, |
| andrewboyson | 9:f354b4859b0b | 20 | uint8_t* client_key_16, |
| andrewboyson | 9:f354b4859b0b | 21 | uint8_t* server_key_16) |
| andrewboyson | 9:f354b4859b0b | 22 | { |
| andrewboyson | 9:f354b4859b0b | 23 | uint8_t* seed = alloca(13 + 32 + 32); |
| andrewboyson | 9:f354b4859b0b | 24 | for (int i = 0; i < 13; i++) seed[i ] = "key expansion"[i]; |
| andrewboyson | 9:f354b4859b0b | 25 | for (int i = 0; i < 32; i++) seed[i + 13 ] = serverRandom[i]; //Notice the order relative to the master secret algorithm |
| andrewboyson | 9:f354b4859b0b | 26 | for (int i = 0; i < 32; i++) seed[i + 13 + 32] = clientRandom[i]; |
| andrewboyson | 9:f354b4859b0b | 27 | |
| andrewboyson | 9:f354b4859b0b | 28 | uint8_t* hash = alloca(128); //4 iterations of 32 bytes |
| andrewboyson | 9:f354b4859b0b | 29 | PrfHmacSha256(masterSecret, 48, seed, 13 + 32 + 32, 4, hash); //4 iteration will generate the keys required |
| andrewboyson | 9:f354b4859b0b | 30 | for (int i = 0; i < 20; i++) client_MAC_key_20[i] = hash[i ]; |
| andrewboyson | 9:f354b4859b0b | 31 | for (int i = 0; i < 20; i++) server_MAC_key_20[i] = hash[i + 20]; |
| andrewboyson | 9:f354b4859b0b | 32 | for (int i = 0; i < 16; i++) client_key_16[i] = hash[i + 40]; |
| andrewboyson | 9:f354b4859b0b | 33 | for (int i = 0; i < 16; i++) server_key_16[i] = hash[i + 56]; |
| andrewboyson | 9:f354b4859b0b | 34 | } |
| andrewboyson | 9:f354b4859b0b | 35 | |
| andrewboyson | 9:f354b4859b0b | 36 | void TlsPrfServerFinished(uint8_t * masterSecret, uint8_t* handshakeHash, uint8_t* output12) |
| andrewboyson | 9:f354b4859b0b | 37 | { |
| andrewboyson | 9:f354b4859b0b | 38 | uint8_t* seed = alloca(15 + 32); |
| andrewboyson | 9:f354b4859b0b | 39 | for (int i = 0; i < 15; i++) seed[i ] = "server finished"[i]; |
| andrewboyson | 9:f354b4859b0b | 40 | for (int i = 0; i < 32; i++) seed[i + 15] = handshakeHash[i]; |
| andrewboyson | 9:f354b4859b0b | 41 | |
| andrewboyson | 9:f354b4859b0b | 42 | uint8_t* hash = alloca(32); |
| andrewboyson | 9:f354b4859b0b | 43 | PrfHmacSha256(masterSecret, 48, seed, 15 + 32, 1, hash); |
| andrewboyson | 9:f354b4859b0b | 44 | for (int i = 0; i < 12; i++) output12[i] = hash[i]; |
| andrewboyson | 9:f354b4859b0b | 45 | } |
| andrewboyson | 9:f354b4859b0b | 46 | void TlsPrfClientFinished(uint8_t * masterSecret, uint8_t* handshakeHash, uint8_t* output12) |
| andrewboyson | 9:f354b4859b0b | 47 | { |
| andrewboyson | 9:f354b4859b0b | 48 | uint8_t* seed = alloca(15 + 32); |
| andrewboyson | 9:f354b4859b0b | 49 | for (int i = 0; i < 15; i++) seed[i ] = "client finished"[i]; |
| andrewboyson | 9:f354b4859b0b | 50 | for (int i = 0; i < 32; i++) seed[i + 15] = handshakeHash[i]; |
| andrewboyson | 9:f354b4859b0b | 51 | |
| andrewboyson | 9:f354b4859b0b | 52 | uint8_t* hash = alloca(32); |
| andrewboyson | 9:f354b4859b0b | 53 | PrfHmacSha256(masterSecret, 48, seed, 15 + 32, 1, hash); |
| andrewboyson | 9:f354b4859b0b | 54 | for (int i = 0; i < 12; i++) output12[i] = hash[i]; |
| andrewboyson | 9:f354b4859b0b | 55 | } |