From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 14 Feb 2022 16:09:15 +0000 (+0100)
Subject: tls-hkdf: Use plugin-provided prf+
X-Git-Tag: 5.9.6rc1~2^2~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=df16d7902ad2436aae6b1ab38089de79a1564bb3;p=thirdparty%2Fstrongswan.git

tls-hkdf: Use plugin-provided prf+
---

diff --git a/src/libtls/tls_hkdf.c b/src/libtls/tls_hkdf.c
index 84358d3ff3..7539f114d7 100644
--- a/src/libtls/tls_hkdf.c
+++ b/src/libtls/tls_hkdf.c
@@ -18,7 +18,6 @@
 #include "tls_hkdf.h"
 
 #include <bio/bio_writer.h>
-#include <crypto/prf_plus.h>
 
 typedef struct private_tls_hkdf_t private_tls_hkdf_t;
 
@@ -51,6 +50,11 @@ struct private_tls_hkdf_t {
 	 */
 	prf_t *prf;
 
+	/**
+	 * prf+ implementation.
+	 */
+	kdf_t *prf_plus;
+
 	/**
 	 * Hasher used.
 	 */
@@ -115,7 +119,6 @@ static bool extract(private_tls_hkdf_t *this, chunk_t salt, chunk_t ikm,
 	}
 
 	DBG4(DBG_TLS, "PRK: %B", prk);
-
 	return TRUE;
 }
 
@@ -126,24 +129,15 @@ static bool extract(private_tls_hkdf_t *this, chunk_t salt, chunk_t ikm,
 static bool expand(private_tls_hkdf_t *this, chunk_t prk, chunk_t info,
 				   size_t length, chunk_t *okm)
 {
-	prf_plus_t *prf_plus;
-
-	if (!this->prf->set_key(this->prf, prk))
-	{
-		DBG1(DBG_TLS, "unable to set PRF secret to PRK");
-		return FALSE;
-	}
-	prf_plus = prf_plus_create(this->prf, TRUE, info);
-	if (!prf_plus || !prf_plus->allocate_bytes(prf_plus, length, okm))
+	if (!this->prf_plus->set_param(this->prf_plus, KDF_PARAM_KEY, prk) ||
+		!this->prf_plus->set_param(this->prf_plus, KDF_PARAM_SALT, info) ||
+		!this->prf_plus->allocate_bytes(this->prf_plus, length, okm))
 	{
 		DBG1(DBG_TLS, "unable to allocate PRF+ result");
-		DESTROY_IF(prf_plus);
 		return FALSE;
 	}
-	prf_plus->destroy(prf_plus);
 
 	DBG4(DBG_TLS, "OKM: %B", okm);
-
 	return TRUE;
 }
 
@@ -681,6 +675,7 @@ METHOD(tls_hkdf_t, destroy, void,
 	destroy_secrets(&this->handshake_traffic_secrets);
 	destroy_secrets(&this->traffic_secrets);
 	DESTROY_IF(this->prf);
+	DESTROY_IF(this->prf_plus);
 	DESTROY_IF(this->hasher);
 	free(this);
 }
@@ -720,16 +715,23 @@ tls_hkdf_t *tls_hkdf_create(hash_algorithm_t hash_algorithm, chunk_t psk)
 		.phase = HKDF_PHASE_0,
 		.psk = psk.ptr ? chunk_clone(psk) : chunk_empty,
 		.prf = lib->crypto->create_prf(lib->crypto, prf_algorithm),
+		.prf_plus = lib->crypto->create_kdf(lib->crypto, KDF_PRF_PLUS,
+											prf_algorithm),
 		.hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm),
 	);
 
-	if (!this->prf || !this->hasher)
+	if (!this->prf || !this->prf_plus || !this->hasher)
 	{
 		if (!this->prf)
 		{
 			DBG1(DBG_TLS, "%N not supported", pseudo_random_function_names,
 				 prf_algorithm);
 		}
+		if (!this->prf_plus)
+		{
+			DBG1(DBG_TLS, "%N (%N) not supported", key_derivation_function_names,
+				 KDF_PRF_PLUS, pseudo_random_function_names, prf_algorithm);
+		}
 		if (!this->hasher)
 		{
 			DBG1(DBG_TLS, "%N not supported", hash_algorithm_names,