From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 25 Aug 2020 14:49:52 +0000 (+0200)
Subject: tls-crypto: Use internal PRF of tls-hkdf to generate finished message
X-Git-Tag: 5.9.2rc1~23^2~87
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f116a4823f620f77b498d9c1a07db08d9b7c39c3;p=thirdparty%2Fstrongswan.git

tls-crypto: Use internal PRF of tls-hkdf to generate finished message

Also adds additional checks.
---

diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index a2375b3f50..2fed6604d1 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -1808,35 +1808,31 @@ METHOD(tls_crypto_t, calculate_finished_tls13, bool,
 	private_tls_crypto_t *this, bool is_server, chunk_t *out)
 {
 	chunk_t finished_key, finished_hash;
-	prf_t *prf;
 
-	this->hkdf->derive_finished(this->hkdf, is_server, &finished_key);
-	if (!hash_data(this, this->handshake, &finished_hash))
+	if (!this->hkdf)
 	{
-		DBG1(DBG_TLS, "creating hash of handshake failed");
+		return FALSE;
 	}
-
-	if (this->suite == TLS_AES_256_GCM_SHA384)
+	if (!hash_data(this, this->handshake, &finished_hash))
 	{
-		prf = lib->crypto->create_prf(lib->crypto, PRF_HMAC_SHA2_384);
+		DBG1(DBG_TLS, "creating hash of handshake failed");
+		return FALSE;
 	}
-	else
+	if (!this->hkdf->derive_finished(this->hkdf, is_server, &finished_key))
 	{
-		prf = lib->crypto->create_prf(lib->crypto, PRF_HMAC_SHA2_256);
+		DBG1(DBG_TLS, "generating finished key failed");
+		chunk_clear(&finished_hash);
+		return FALSE;
 	}
-	if(!prf->set_key(prf, finished_key) ||
-	   !prf->allocate_bytes(prf, finished_hash, out))
+	if (!this->hkdf->allocate_bytes(this->hkdf, finished_key, finished_hash, out))
 	{
-		DBG1(DBG_TLS, "setting key or generating hash for HMAC failed");
+		DBG1(DBG_TLS, "generating finished HMAC failed");
 		chunk_clear(&finished_key);
 		chunk_clear(&finished_hash);
-		prf->destroy(prf);
 		return FALSE;
 	}
-
 	chunk_clear(&finished_key);
 	chunk_clear(&finished_hash);
-	prf->destroy(prf);
 	return TRUE;
 }