Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: oldheating gps motorhome heating
Diff: tls/tls-prf.c
- Revision:
- 9:f354b4859b0b
- Child:
- 13:0a80b49a5e78
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tls/tls-prf.c Wed Sep 11 07:24:21 2019 +0000 @@ -0,0 +1,53 @@ +#include <stdint.h> +#include "prf.h" + +void TlsPrfMasterSecret(uint8_t * preMasterSecret, uint8_t* clientRandom, uint8_t* serverRandom, uint8_t* output48) +{ + uint8_t* seed = alloca(13 + 32 + 32); + for (int i = 0; i < 13; i++) seed[i ] = "master secret"[i]; + for (int i = 0; i < 32; i++) seed[i + 13 ] = clientRandom[i]; + for (int i = 0; i < 32; i++) seed[i + 13 + 32] = serverRandom[i]; + + uint8_t* hash = alloca(64); + PrfHmacSha256(preMasterSecret, 48, seed, 13 + 32 + 32, 2, hash); //2 iterations will generate 64 bytes + for (int i = 0; i < 48; i++) output48[i] = hash[i]; //just take the first 48 bytes +} + +void TlsPrfKeys(uint8_t * masterSecret, uint8_t* clientRandom, uint8_t* serverRandom, uint8_t* client_MAC_key_20, + uint8_t* server_MAC_key_20, + uint8_t* client_key_16, + uint8_t* server_key_16) +{ + uint8_t* seed = alloca(13 + 32 + 32); + for (int i = 0; i < 13; i++) seed[i ] = "key expansion"[i]; + for (int i = 0; i < 32; i++) seed[i + 13 ] = serverRandom[i]; //Notice the order relative to the master secret algorithm + for (int i = 0; i < 32; i++) seed[i + 13 + 32] = clientRandom[i]; + + uint8_t* hash = alloca(128); //4 iterations of 32 bytes + PrfHmacSha256(masterSecret, 48, seed, 13 + 32 + 32, 4, hash); //4 iteration will generate the keys required + for (int i = 0; i < 20; i++) client_MAC_key_20[i] = hash[i ]; + for (int i = 0; i < 20; i++) server_MAC_key_20[i] = hash[i + 20]; + for (int i = 0; i < 16; i++) client_key_16[i] = hash[i + 40]; + for (int i = 0; i < 16; i++) server_key_16[i] = hash[i + 56]; +} + +void TlsPrfServerFinished(uint8_t * masterSecret, uint8_t* handshakeHash, uint8_t* output12) +{ + uint8_t* seed = alloca(15 + 32); + for (int i = 0; i < 15; i++) seed[i ] = "server finished"[i]; + for (int i = 0; i < 32; i++) seed[i + 15] = handshakeHash[i]; + + uint8_t* hash = alloca(32); + PrfHmacSha256(masterSecret, 48, seed, 15 + 32, 1, hash); + for (int i = 0; i < 12; i++) output12[i] = hash[i]; +} +void TlsPrfClientFinished(uint8_t * masterSecret, uint8_t* handshakeHash, uint8_t* output12) +{ + uint8_t* seed = alloca(15 + 32); + for (int i = 0; i < 15; i++) seed[i ] = "client finished"[i]; + for (int i = 0; i < 32; i++) seed[i + 15] = handshakeHash[i]; + + uint8_t* hash = alloca(32); + PrfHmacSha256(masterSecret, 48, seed, 15 + 32, 1, hash); + for (int i = 0; i < 12; i++) output12[i] = hash[i]; +}