projects
/
BearSSL
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Made client stricter in cipher suite selection (better consistency with server behavi...
[BearSSL]
/
src
/
ssl
/
prf.c
diff --git
a/src/ssl/prf.c
b/src/ssl/prf.c
index
43a74c3
..
f04a5fb
100644
(file)
--- a/
src/ssl/prf.c
+++ b/
src/ssl/prf.c
@@
-28,14
+28,14
@@
void
br_tls_phash(void *dst, size_t len,
const br_hash_class *dig,
void
br_tls_phash(void *dst, size_t len,
const br_hash_class *dig,
- const void *secret, size_t secret_len,
-
const char *label, const void *seed, size_t seed_len
)
+ const void *secret, size_t secret_len,
const char *label,
+
size_t seed_num, const br_tls_prf_seed_chunk *seed
)
{
unsigned char *buf;
unsigned char tmp[64], a[64];
br_hmac_key_context kc;
br_hmac_context hc;
{
unsigned char *buf;
unsigned char tmp[64], a[64];
br_hmac_key_context kc;
br_hmac_context hc;
- size_t label_len, hlen;
+ size_t label_len, hlen
, u
;
if (len == 0) {
return;
if (len == 0) {
return;
@@
-46,15
+46,17
@@
br_tls_phash(void *dst, size_t len,
br_hmac_key_init(&kc, dig, secret, secret_len);
br_hmac_init(&hc, &kc, 0);
br_hmac_update(&hc, label, label_len);
br_hmac_key_init(&kc, dig, secret, secret_len);
br_hmac_init(&hc, &kc, 0);
br_hmac_update(&hc, label, label_len);
- br_hmac_update(&hc, seed, seed_len);
+ for (u = 0; u < seed_num; u ++) {
+ br_hmac_update(&hc, seed[u].data, seed[u].len);
+ }
br_hmac_out(&hc, a);
for (;;) {
br_hmac_out(&hc, a);
for (;;) {
- size_t u;
-
br_hmac_init(&hc, &kc, 0);
br_hmac_update(&hc, a, hlen);
br_hmac_update(&hc, label, label_len);
br_hmac_init(&hc, &kc, 0);
br_hmac_update(&hc, a, hlen);
br_hmac_update(&hc, label, label_len);
- br_hmac_update(&hc, seed, seed_len);
+ for (u = 0; u < seed_num; u ++) {
+ br_hmac_update(&hc, seed[u].data, seed[u].len);
+ }
br_hmac_out(&hc, tmp);
for (u = 0; u < hlen && u < len; u ++) {
buf[u] ^= tmp[u];
br_hmac_out(&hc, tmp);
for (u = 0; u < hlen && u < len; u ++) {
buf[u] ^= tmp[u];