Andrew Boyson / crypto

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   oldheating gps motorhome heating

Diff: tls/tls-prf.c

Revision:
9:f354b4859b0b
Child:
13:0a80b49a5e78
diff -r 5e66a6b4b38c -r f354b4859b0b tls/tls-prf.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tls/tls-prf.c	Wed Sep 11 07:24:21 2019 +0000
@@ -0,0 +1,53 @@
+#include <stdint.h>
+#include "prf.h"
+
+void TlsPrfMasterSecret(uint8_t * preMasterSecret, uint8_t* clientRandom, uint8_t* serverRandom, uint8_t* output48)
+{
+    uint8_t* seed = alloca(13 + 32 + 32);
+    for (int i = 0; i < 13; i++) seed[i          ] = "master secret"[i];
+    for (int i = 0; i < 32; i++) seed[i + 13     ] = clientRandom[i];
+    for (int i = 0; i < 32; i++) seed[i + 13 + 32] = serverRandom[i];
+    
+    uint8_t* hash = alloca(64);
+    PrfHmacSha256(preMasterSecret, 48, seed, 13 + 32 + 32, 2, hash); //2 iterations will generate 64 bytes
+    for (int i = 0; i < 48; i++) output48[i] = hash[i];              //just take the first 48 bytes
+}
+
+void TlsPrfKeys(uint8_t * masterSecret, uint8_t* clientRandom, uint8_t* serverRandom, uint8_t* client_MAC_key_20,
+                                                                                      uint8_t* server_MAC_key_20,
+                                                                                      uint8_t* client_key_16,
+                                                                                      uint8_t* server_key_16)
+{
+    uint8_t* seed = alloca(13 + 32 + 32);
+    for (int i = 0; i < 13; i++) seed[i          ] = "key expansion"[i];
+    for (int i = 0; i < 32; i++) seed[i + 13     ] = serverRandom[i]; //Notice the order relative to the master secret algorithm
+    for (int i = 0; i < 32; i++) seed[i + 13 + 32] = clientRandom[i];
+    
+    uint8_t* hash = alloca(128);                                  //4 iterations of 32 bytes
+    PrfHmacSha256(masterSecret, 48, seed, 13 + 32 + 32, 4, hash); //4 iteration will generate the keys required
+    for (int i = 0; i < 20; i++) client_MAC_key_20[i] = hash[i     ];
+    for (int i = 0; i < 20; i++) server_MAC_key_20[i] = hash[i + 20];
+    for (int i = 0; i < 16; i++) client_key_16[i]     = hash[i + 40];
+    for (int i = 0; i < 16; i++) server_key_16[i]     = hash[i + 56];
+}
+
+void TlsPrfServerFinished(uint8_t * masterSecret, uint8_t* handshakeHash, uint8_t* output12)
+{
+    uint8_t* seed = alloca(15 + 32);
+    for (int i = 0; i < 15; i++) seed[i     ] = "server finished"[i];
+    for (int i = 0; i < 32; i++) seed[i + 15] = handshakeHash[i];
+    
+    uint8_t* hash = alloca(32);
+    PrfHmacSha256(masterSecret, 48, seed, 15 + 32, 1, hash);
+    for (int i = 0; i < 12; i++) output12[i] = hash[i];
+}
+void TlsPrfClientFinished(uint8_t * masterSecret, uint8_t* handshakeHash, uint8_t* output12)
+{
+    uint8_t* seed = alloca(15 + 32);
+    for (int i = 0; i < 15; i++) seed[i     ] = "client finished"[i];
+    for (int i = 0; i < 32; i++) seed[i + 15] = handshakeHash[i];
+    
+    uint8_t* hash = alloca(32);
+    PrfHmacSha256(masterSecret, 48, seed, 15 + 32, 1, hash);
+    for (int i = 0; i < 12; i++) output12[i] = hash[i];
+}