static void session_genkeys(void)
{
if (!session_state.havekeys)
{
session_state.havekeys = 1;
uint8_t key[64];
crypto_hkdf(key, "Control-Salt", 12, "Control-Read-Encryption-Key\001", 28, session_keys.shared, sizeof(session_keys.shared));
memcpy(session_keys.transport.read, key, 32);
crypto_hkdf(key, "Control-Salt", 12, "Control-Write-Encryption-Key\001", 29, session_keys.shared, sizeof(session_keys.shared));
memcpy(session_keys.transport.write, key, 32);
memset(session_keys.transport.read_nonce, 0, sizeof(session_keys.transport.read_nonce));
memset(session_keys.transport.write_nonce, 0, sizeof(session_keys.transport.write_nonce));
}
}
static void
aead_cipher_ctx_set_key(cipher_ctx_t *cipher_ctx, int enc)
{
const digest_type_t *md = mbedtls_md_info_from_string("SHA1");
if (md == NULL) {
FATAL("SHA1 Digest not found in crypto library");
}
int err = crypto_hkdf(md,
cipher_ctx->salt, cipher_ctx->cipher->key_len,
cipher_ctx->cipher->key, cipher_ctx->cipher->key_len,
(uint8_t *)SUBKEY_INFO, strlen(SUBKEY_INFO),
cipher_ctx->skey, cipher_ctx->cipher->key_len);
if (err) {
FATAL("Unable to generate subkey");
}
memset(cipher_ctx->nonce, 0, cipher_ctx->cipher->nonce_len);
/* cipher that don't use mbed TLS, just return */
if (cipher_ctx->cipher->method >= CHACHA20POLY1305IETF) {
return;
}
if (mbedtls_cipher_setkey(cipher_ctx->evp, cipher_ctx->skey,
cipher_ctx->cipher->key_len * 8, enc) != 0) {
FATAL("Cannot set mbed TLS cipher key");
}
if (mbedtls_cipher_reset(cipher_ctx->evp) != 0) {
FATAL("Cannot finish preparation of mbed TLS cipher context");
}
}
int crypto_srp_hkdf(
Srp *srp,
const byte *salt, size_t salt_size,
const byte *info, size_t info_size,
byte *output, size_t *output_size
) {
return crypto_hkdf(
srp->key, srp->keySz,
salt, salt_size,
info, info_size,
output, output_size
);
}