mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:00:49 +02:00
SRTP-KDF: use two bytes of index
One byte of index creates up to 4096 bytes for a key. Increase output size to match specification.
This commit is contained in:
+3
-2
@@ -896,8 +896,7 @@ static void wc_srtp_kdf_first_block(const byte* salt, word32 saltSz, int kdrIdx,
|
||||
block[i] = 0;
|
||||
}
|
||||
XMEMCPY(block + WC_SRTP_MAX_SALT - saltSz, salt, saltSz);
|
||||
block[WC_SRTP_MAX_SALT] = 0;
|
||||
/* block[15] is counter. */
|
||||
/* block[14-15] are counter. */
|
||||
|
||||
/* When kdrIdx is -1, don't XOR in index. */
|
||||
if (kdrIdx >= 0) {
|
||||
@@ -947,6 +946,7 @@ static int wc_srtp_kdf_derive_key(byte* block, int idxSz, byte label,
|
||||
block[WC_SRTP_MAX_SALT - idxSz - 1] ^= label;
|
||||
for (i = 0; (ret == 0) && (i < blocks); i++) {
|
||||
/* Set counter. */
|
||||
block[14] = (byte)(i >> 8);
|
||||
block[15] = (byte)i;
|
||||
/* Encrypt block into key buffer. */
|
||||
ret = wc_AesEcbEncrypt(aes, key, block, WC_AES_BLOCK_SIZE);
|
||||
@@ -959,6 +959,7 @@ static int wc_srtp_kdf_derive_key(byte* block, int idxSz, byte label,
|
||||
if ((ret == 0) && (keySz > 0)) {
|
||||
byte enc[WC_AES_BLOCK_SIZE];
|
||||
/* Set counter. */
|
||||
block[14] = (byte)(i >> 8);
|
||||
block[15] = (byte)i;
|
||||
/* Encrypt block into temporary. */
|
||||
ret = wc_AesEcbEncrypt(aes, enc, block, WC_AES_BLOCK_SIZE);
|
||||
|
||||
@@ -31783,6 +31783,8 @@ typedef struct Srtp_Kdf_Tv {
|
||||
word32 ksSz;
|
||||
} Srtp_Kdf_Tv;
|
||||
|
||||
#define SRTP_KDF_LONG_KEY 5000
|
||||
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
{
|
||||
wc_test_ret_t ret = 0;
|
||||
@@ -32034,6 +32036,18 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
unsigned char keyE[32];
|
||||
unsigned char keyA[20];
|
||||
unsigned char keyS[14];
|
||||
#ifndef BENCH_EMBEDDED
|
||||
WC_DECLARE_VAR(keyELong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_DECLARE_VAR(keyALong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_DECLARE_VAR(keySLong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
#endif
|
||||
|
||||
#ifndef BENCH_EMBEDDED
|
||||
WC_ALLOC_VAR(keyELong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_ALLOC_VAR(keyALong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_ALLOC_VAR(keySLong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
#endif
|
||||
|
||||
WOLFSSL_ENTER("srtpkdf_test");
|
||||
|
||||
for (i = 0; (ret == 0) && (i < SRTP_TV_CNT); i++) {
|
||||
@@ -32284,6 +32298,30 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
}
|
||||
|
||||
#ifndef BENCH_EMBEDDED
|
||||
/* Check that long messages can be created. */
|
||||
ret = wc_SRTP_KDF(tv[0].key, tv[0].keySz, tv[0].salt, tv[0].saltSz,
|
||||
tv[0].kdfIdx, tv[0].index_c, keyELong, SRTP_KDF_LONG_KEY, keyALong,
|
||||
SRTP_KDF_LONG_KEY, keySLong, SRTP_KDF_LONG_KEY);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
/* Check that two bytes of counter are being used. */
|
||||
if (XMEMCMP(keyELong, keyELong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) {
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
}
|
||||
if (XMEMCMP(keyELong, keyALong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) {
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
}
|
||||
if (XMEMCMP(keyELong, keySLong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) {
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
}
|
||||
|
||||
WC_FREE_VAR(keyELong, HEAP_HINT);
|
||||
WC_FREE_VAR(keyALong, HEAP_HINT);
|
||||
WC_FREE_VAR(keySLong, HEAP_HINT);
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user