diff options
author | Daiki Ueno <ueno@unixuser.org> | 2009-08-31 14:44:51 +0900 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2009-08-31 15:00:12 +0200 |
commit | bd77fdf5cc2cac89e1aab557db52669edfa5126d (patch) | |
tree | c1d82633feea4c9219cc45aa9f09a1ddc6057444 | |
parent | 56d2607e547ac4c4eba24fd8ccbd00ffd494d64d (diff) | |
download | gnutls-bd77fdf5cc2cac89e1aab557db52669edfa5126d.tar.gz |
Use SHA256 for PRF if TLS 1.2.
Use SHA256 for the basis of PRF, and for the hash over handshake messages.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
-rw-r--r-- | lib/gnutls_handshake.c | 12 | ||||
-rw-r--r-- | lib/gnutls_pk.c | 4 | ||||
-rw-r--r-- | lib/gnutls_state.c | 4 |
3 files changed, 14 insertions, 6 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 7c10fbbc67..83dc54e78c 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -236,7 +236,7 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) else { _gnutls_hash_deinit (&td_sha, concat); - len = 20; + len = _gnutls_hash_get_algo_len (td_sha.algorithm); } if (type == GNUTLS_SERVER) @@ -2170,6 +2170,8 @@ _gnutls_abort_handshake (gnutls_session_t session, int ret) inline static int _gnutls_handshake_hash_init (gnutls_session_t session) { + gnutls_protocol_t ver = gnutls_protocol_get_version (session); + gnutls_digest_algorithm_t hash_algo = GNUTLS_MAC_SHA1; if (session->internals.handshake_mac_handle_init == 0) { @@ -2183,9 +2185,15 @@ _gnutls_handshake_hash_init (gnutls_session_t session) return ret; } + /* The algorithm to compute hash over handshake messages must be + same as the one used as the basis for PRF. By now we use + SHA256. */ + if (_gnutls_version_has_selectable_prf (ver)) + hash_algo = GNUTLS_MAC_SHA256; + ret = _gnutls_hash_init (&session->internals.handshake_mac_handle_sha, - GNUTLS_MAC_SHA1); + hash_algo); if (ret < 0) { gnutls_assert (); diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index ff9fbf1887..ccd98a4a57 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -500,8 +500,8 @@ _gnutls_dsa_verify (const gnutls_datum_t * vdata, pk_params.params[i] = params[i]; pk_params.params_nr = params_len; - if (vdata->size != 20) - { /* sha-1 only */ + if (vdata->size > 20) + { /* SHA1 or better only */ gnutls_assert (); return GNUTLS_E_PK_SIG_VERIFY_FAILED; } diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index e1bfc66fec..fede2a0011 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -785,7 +785,7 @@ _gnutls_P_hash (gnutls_mac_algorithm_t algorithm, digest_hd_st td2; int i, times, how, blocksize, A_size; - opaque final[20], Atmp[MAX_SEED_SIZE]; + opaque final[MAX_HASH_SIZE], Atmp[MAX_SEED_SIZE]; int output_bytes, result; if (seed_size > MAX_SEED_SIZE || total_bytes <= 0) @@ -906,7 +906,7 @@ _gnutls_PRF (gnutls_session_t session, if (_gnutls_version_has_selectable_prf(ver)) { result = - _gnutls_P_hash (GNUTLS_MAC_SHA1, secret, secret_size, + _gnutls_P_hash (GNUTLS_MAC_SHA256, secret, secret_size, s_seed, s_seed_size, total_bytes, ret); if (result < 0) { |