A simple library to support serving https.
Dependents: oldheating gps motorhome heating
prf/prf.c
- Committer:
- andrewboyson
- Date:
- 2019-09-11
- Revision:
- 9:f354b4859b0b
- Child:
- 13:0a80b49a5e78
File content as of revision 9:f354b4859b0b:
#include "hmac-sha256.h" #include "log.h" /* master_secret = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random)[0..47]; key_block = PRF(master_secret, "key expansion", server_random + client_random); PRF(secret, label, seed) = P_<hash>(secret, label + seed) P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) + HMAC_hash(secret, A(2) + seed) + HMAC_hash(secret, A(3) + seed) + ... A(0) = seed A(i) = HMAC_hash(secret, A(i-1)) */ void PrfHmacSha256(uint8_t* secret, int secretLength, uint8_t* seed, int seedLength, int number, uint8_t* output) //output needs to hold number * 32 bytes { uint8_t prevA[SHA256_HASH_SIZE]; uint8_t thisA[SHA256_HASH_SIZE]; uint8_t hash [SHA256_HASH_SIZE]; for (int j = 0; j < number; j++) { //Calculate the hash A(i) if (j) HmacSha256(secret, secretLength, prevA, SHA256_HASH_SIZE, thisA); else HmacSha256(secret, secretLength, seed, seedLength, thisA); for (int i = 0; i < SHA256_HASH_SIZE; i++) prevA[i] = thisA[i]; //Concatanate A(i) + seed uint8_t* aPlusSeed = alloca(SHA256_HASH_SIZE + seedLength); for (int i = 0; i < SHA256_HASH_SIZE; i++) aPlusSeed[i ] = thisA[i]; for (int i = 0; i < seedLength; i++) aPlusSeed[i + SHA256_HASH_SIZE] = seed[i]; //Calculate the hash HmacSha256(secret, secretLength, aPlusSeed, SHA256_HASH_SIZE + seedLength, hash); //Concatanate the hash onto the output for (int i = 0; i < SHA256_HASH_SIZE; i++) output[j * SHA256_HASH_SIZE + i] = hash[i]; } } void PrfHmacSha256Test() { uint8_t Secret[] = { 0x9b, 0xbe, 0x43, 0x6b, 0xa9, 0x40, 0xf0, 0x17, 0xb1, 0x76, 0x52, 0x84, 0x9a, 0x71, 0xdb, 0x35 }; uint8_t Seed[] = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0xa0, 0xba, 0x9f, 0x93, 0x6c, 0xda, 0x31, 0x18, 0x27, 0xa6, 0xf7, 0x96, 0xff, 0xd5, 0x19, 0x8c }; uint8_t* hash = alloca(128); PrfHmacSha256(Secret, 16, Seed, 26, 4, hash); //4 iteration will generate the keys required Log("TLS PRF test\r\n"); LogBytesAsHex(hash, 128); Log("\r\n\r\n"); /* Output (100 bytes): 0000 e3 f2 29 ba 72 7b e1 7b ....r... 0008 8d 12 26 20 55 7c d4 53 ... U..S 0010 c2 aa b2 1d 07 c3 d4 95 ........ 0018 32 9b 52 d4 e6 1e db 5a 2.R....Z 0020 6b 30 17 91 e9 0d 35 c9 k0....5. 0028 c9 a4 6b 4e 14 ba f9 af ..kN.... 0030 0f a0 22 f7 07 7d ef 17 ........ 0038 ab fd 37 97 c0 56 4b ab ..7..VK. 0040 4f bc 91 66 6e 9d ef 9b O..fn... 0048 97 fc e3 4f 79 67 89 ba ...Oyg.. 0050 a4 80 82 d1 22 ee 42 c5 ......B. 0058 a7 2e 5a 51 10 ff f7 01 ..ZQ.... 0060 87 34 7b 66 .4.f */ }