diff --git a/src/crypto/sha1-tlsprf.c b/src/crypto/sha1-tlsprf.c index 04f614ced..f98fd651a 100644 --- a/src/crypto/sha1-tlsprf.c +++ b/src/crypto/sha1-tlsprf.c @@ -20,7 +20,7 @@ /** - * tls_prf - Pseudo-Random Function for TLS (TLS-PRF, RFC 2246) + * tls_prf_sha1_md5 - Pseudo-Random Function for TLS (TLS-PRF, RFC 2246) * @secret: Key for PRF * @secret_len: Length of the key in bytes * @label: A unique label for each purpose of the PRF @@ -33,8 +33,8 @@ * This function is used to derive new, cryptographically separate keys from a * given key in TLS. This PRF is defined in RFC 2246, Chapter 5. */ -int tls_prf(const u8 *secret, size_t secret_len, const char *label, - const u8 *seed, size_t seed_len, u8 *out, size_t outlen) +int tls_prf_sha1_md5(const u8 *secret, size_t secret_len, const char *label, + const u8 *seed, size_t seed_len, u8 *out, size_t outlen) { size_t L_S1, L_S2, i; const u8 *S1, *S2; diff --git a/src/crypto/sha1.h b/src/crypto/sha1.h index c1a6233bb..f0c1a5f91 100644 --- a/src/crypto/sha1.h +++ b/src/crypto/sha1.h @@ -25,9 +25,9 @@ int sha1_prf(const u8 *key, size_t key_len, const char *label, const u8 *data, size_t data_len, u8 *buf, size_t buf_len); int sha1_t_prf(const u8 *key, size_t key_len, const char *label, const u8 *seed, size_t seed_len, u8 *buf, size_t buf_len); -int __must_check tls_prf(const u8 *secret, size_t secret_len, - const char *label, const u8 *seed, size_t seed_len, - u8 *out, size_t outlen); +int __must_check tls_prf_sha1_md5(const u8 *secret, size_t secret_len, + const char *label, const u8 *seed, + size_t seed_len, u8 *out, size_t outlen); int pbkdf2_sha1(const char *passphrase, const char *ssid, size_t ssid_len, int iterations, u8 *buf, size_t buflen); #endif /* SHA1_H */ diff --git a/src/crypto/tls.h b/src/crypto/tls.h index 0761266f0..d9d88cb49 100644 --- a/src/crypto/tls.h +++ b/src/crypto/tls.h @@ -305,7 +305,7 @@ int __must_check tls_connection_get_keys(void *tls_ctx, * not exported from the TLS library, tls_connection_prf() is required so that * further keying material can be derived from the master secret. If not * implemented, the function will still need to be defined, but it can just - * return -1. Example implementation of this function is in tls_prf() function + * return -1. Example implementation of this function is in tls_prf_sha1_md5() * when it is called with seed set to client_random|server_random (or * server_random|client_random). */ diff --git a/src/eap_common/eap_fast_common.c b/src/eap_common/eap_fast_common.c index 4de34a87b..d3406f319 100644 --- a/src/eap_common/eap_fast_common.c +++ b/src/eap_common/eap_fast_common.c @@ -133,9 +133,9 @@ u8 * eap_fast_derive_key(void *ssl_ctx, struct tls_connection *conn, wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: master_secret for key " "expansion", keys.master_key, keys.master_key_len); - if (tls_prf(keys.master_key, keys.master_key_len, - label, rnd, keys.client_random_len + - keys.server_random_len, out, block_size + len)) + if (tls_prf_sha1_md5(keys.master_key, keys.master_key_len, + label, rnd, keys.client_random_len + + keys.server_random_len, out, block_size + len)) goto fail; os_free(rnd); os_memmove(out, out + block_size, len); diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c index 93df75692..2934ba44e 100644 --- a/src/eap_peer/eap_tls_common.c +++ b/src/eap_peer/eap_tls_common.c @@ -294,9 +294,9 @@ u8 * eap_peer_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data, os_memcpy(rnd + keys.client_random_len, keys.server_random, keys.server_random_len); - if (tls_prf(keys.master_key, keys.master_key_len, - label, rnd, keys.client_random_len + - keys.server_random_len, out, len)) + if (tls_prf_sha1_md5(keys.master_key, keys.master_key_len, + label, rnd, keys.client_random_len + + keys.server_random_len, out, len)) goto fail; os_free(rnd); diff --git a/src/eap_server/eap_server_tls_common.c b/src/eap_server/eap_server_tls_common.c index e149ee3e4..0bb9d14ee 100644 --- a/src/eap_server/eap_server_tls_common.c +++ b/src/eap_server/eap_server_tls_common.c @@ -94,9 +94,9 @@ u8 * eap_server_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data, os_memcpy(rnd + keys.client_random_len, keys.server_random, keys.server_random_len); - if (tls_prf(keys.master_key, keys.master_key_len, - label, rnd, keys.client_random_len + - keys.server_random_len, out, len)) + if (tls_prf_sha1_md5(keys.master_key, keys.master_key_len, + label, rnd, keys.client_random_len + + keys.server_random_len, out, len)) goto fail; os_free(rnd); diff --git a/src/tls/tlsv1_common.c b/src/tls/tlsv1_common.c index 67b56df24..326ff7002 100644 --- a/src/tls/tlsv1_common.c +++ b/src/tls/tlsv1_common.c @@ -15,6 +15,7 @@ #include "includes.h" #include "common.h" +#include "crypto/sha1.h" #include "x509v3.h" #include "tlsv1_common.h" @@ -265,3 +266,11 @@ const char * tls_version_str(u16 ver) return "?"; } + + +int tls_prf(const u8 *secret, size_t secret_len, const char *label, + const u8 *seed, size_t seed_len, u8 *out, size_t outlen) +{ + return tls_prf_sha1_md5(secret, secret_len, label, seed, seed_len, out, + outlen); +} diff --git a/src/tls/tlsv1_common.h b/src/tls/tlsv1_common.h index 0c4f7df0d..d13dacdbf 100644 --- a/src/tls/tlsv1_common.h +++ b/src/tls/tlsv1_common.h @@ -220,5 +220,7 @@ void tls_verify_hash_add(struct tls_verify_hash *verify, const u8 *buf, void tls_verify_hash_free(struct tls_verify_hash *verify); int tls_version_ok(u16 ver); const char * tls_version_str(u16 ver); +int tls_prf(const u8 *secret, size_t secret_len, const char *label, + const u8 *seed, size_t seed_len, u8 *out, size_t outlen); #endif /* TLSV1_COMMON_H */ diff --git a/tests/test-sha1.c b/tests/test-sha1.c index 6c48f2b44..1b390f1db 100644 --- a/tests/test-sha1.c +++ b/tests/test-sha1.c @@ -137,8 +137,9 @@ static int test_eap_fast(void) } printf("- PRF (TLS, SHA1/MD5) test case / key_block\n"); - if (tls_prf(master_secret, sizeof(master_secret), "key expansion", - seed, sizeof(seed), buf, sizeof(key_block)) || + if (tls_prf_sha1_md5(master_secret, sizeof(master_secret), + "key expansion", seed, sizeof(seed), + buf, sizeof(key_block)) || memcmp(key_block, buf, sizeof(key_block)) != 0) { printf("PRF test - FAILED!\n"); errors++;