X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnolegacy%2Fprf.c;h=5db6430b74d2ad1a9d0045351ae90838fe7e4537;hb=cfc9fee931c70554353ce6c4acc3407baac08745;hp=3c4c27ed498fd8bb2735375aec28890fe1432cc3;hpb=04fc19112da5e7fcefefcf6e490987cdcfb6f620;p=tinc

diff --git a/src/nolegacy/prf.c b/src/nolegacy/prf.c
index 3c4c27ed..5db6430b 100644
--- a/src/nolegacy/prf.c
+++ b/src/nolegacy/prf.c
@@ -22,44 +22,57 @@
 #include "../prf.h"
 #include "../ed25519/sha512.h"
 
-static void memxor(char *buf, char c, size_t len) {
-	for(size_t i = 0; i < len; i++)
+static void memxor(uint8_t *buf, uint8_t c, size_t len) {
+	for(size_t i = 0; i < len; i++) {
 		buf[i] ^= c;
+	}
 }
 
 static const size_t mdlen = 64;
+static const size_t blklen = 128;
 
-static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) {
-	char tmp[2 * mdlen];
+static bool hmac_sha512(const uint8_t *key, size_t keylen, const uint8_t *msg, size_t msglen, uint8_t *out) {
+	const size_t tmplen = blklen + mdlen;
+	uint8_t *tmp = alloca(tmplen);
 	sha512_context md;
 
-	if(keylen <= mdlen) {
+	if(keylen <= blklen) {
 		memcpy(tmp, key, keylen);
-		memset(tmp + keylen, 0, mdlen - keylen);
+		memset(tmp + keylen, 0, blklen - keylen);
 	} else {
-		if(sha512(key, keylen, tmp) != 0)
+		if(sha512(key, keylen, tmp) != 0) {
 			return false;
+		}
+
+		memset(tmp + mdlen, 0, blklen - mdlen);
 	}
 
-	if(sha512_init(&md) != 0)
+	if(sha512_init(&md) != 0) {
 		return false;
+	}
 
 	// ipad
-	memxor(tmp, 0x36, mdlen);
-	if(sha512_update(&md, tmp, mdlen) != 0)
+	memxor(tmp, 0x36, blklen);
+
+	if(sha512_update(&md, tmp, blklen) != 0) {
 		return false;
+	}
 
 	// message
-	if(sha512_update(&md, msg, msglen) != 0)
+	if(sha512_update(&md, msg, msglen) != 0) {
 		return false;
+	}
 
-	if(sha512_final(&md, tmp + mdlen) != 0)
+	if(sha512_final(&md, tmp + blklen) != 0) {
 		return false;
+	}
 
 	// opad
-	memxor(tmp, 0x36 ^ 0x5c, mdlen);
-	if(sha512(tmp, sizeof tmp, out) != 0)
+	memxor(tmp, 0x36 ^ 0x5c, blklen);
+
+	if(sha512(tmp, tmplen, out) != 0) {
 		return false;
+	}
 
 	return true;
 }
@@ -69,31 +82,37 @@ static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t
    We use SHA512 instead of MD5 and SHA1.
  */
 
-bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
 	/* Data is what the "inner" HMAC function processes.
 	   It consists of the previous HMAC result plus the seed.
 	 */
 
-	char data[mdlen + seedlen];
+	const size_t datalen = mdlen + seedlen;
+	uint8_t *data = alloca(datalen);
 	memset(data, 0, mdlen);
 	memcpy(data + mdlen, seed, seedlen);
 
-	char hash[mdlen];
+	uint8_t *hash = alloca(mdlen);
 
 	while(outlen > 0) {
 		/* Inner HMAC */
-		if(!hmac_sha512(data, sizeof data, secret, secretlen, data))
+		if(!hmac_sha512(secret, secretlen, data, datalen, data)) {
 			return false;
+		}
 
 		/* Outer HMAC */
 		if(outlen >= mdlen) {
-			if(!hmac_sha512(data, sizeof data, secret, secretlen, out))
+			if(!hmac_sha512(secret, secretlen, data, datalen, out)) {
 				return false;
+			}
+
 			out += mdlen;
 			outlen -= mdlen;
 		} else {
-			if(!hmac_sha512(data, sizeof data, secret, secretlen, hash))
+			if(!hmac_sha512(secret, secretlen, data, datalen, hash)) {
 				return false;
+			}
+
 			memcpy(out, hash, outlen);
 			out += outlen;
 			outlen = 0;