diff options
author | lloyd <[email protected]> | 2015-01-10 23:18:04 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2015-01-10 23:18:04 +0000 |
commit | 74522169a907715d4d41b3680f20b6f866733de7 (patch) | |
tree | 621fbac07477c4a70d9e86c0f349c83647e9759b | |
parent | 49a83930fdc013d21318917a34e1ab940889ecd3 (diff) |
Support any key length for TLS session encryption by hashing with HMAC
-rw-r--r-- | src/lib/tls/tls_session.cpp | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/src/lib/tls/tls_session.cpp b/src/lib/tls/tls_session.cpp index 6ce25349c..28cb8b420 100644 --- a/src/lib/tls/tls_session.cpp +++ b/src/lib/tls/tls_session.cpp @@ -11,6 +11,8 @@ #include <botan/asn1_str.h> #include <botan/pem.h> #include <botan/aead.h> +#include <botan/sha2_32.h> +#include <botan/hmac.h> namespace Botan { @@ -155,12 +157,18 @@ Session::encrypt(const SymmetricKey& key, RandomNumberGenerator& rng) const { std::unique_ptr<AEAD_Mode> aead(get_aead("AES-256/GCM", ENCRYPTION)); const size_t nonce_len = aead->default_nonce_length(); - aead->set_key(key); const secure_vector<byte> nonce = rng.random_vec(nonce_len); + const secure_vector<byte> bits = this->DER_encode(); - secure_vector<byte> buf = rng.random_vec(nonce_len); - buf += this->DER_encode(); + // Support any length key for input + HMAC hmac(new SHA_256); + hmac.set_key(key); + hmac.update(nonce); + aead->set_key(hmac.final()); + + secure_vector<byte> buf = nonce; + buf += bits; aead->start(&buf[0], nonce_len); aead->finish(buf, nonce_len); return unlock(buf); @@ -176,7 +184,11 @@ Session Session::decrypt(const byte in[], size_t in_len, const SymmetricKey& key if(in_len < nonce_len + aead->tag_size()) throw Decoding_Error("Encrypted session too short to be valid"); - aead->set_key(key); + // Support any length key for input + HMAC hmac(new SHA_256); + hmac.set_key(key); + hmac.update(in, nonce_len); // nonce bytes + aead->set_key(hmac.final()); aead->start(in, nonce_len); secure_vector<byte> buf(in + nonce_len, in + in_len); |