Skip to content

Commit 9b93e72

Browse files
committed
Fix wolfssl_tls13_init_secret to use wc_Tls13_HKDF_Extract
HMAC with a 0 length key not permitted in FIPS.
1 parent 4227df1 commit 9b93e72

1 file changed

Lines changed: 20 additions & 6 deletions

File tree

wolfssl-gnutls-wrapper/src/wolfssl.c

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11203,20 +11203,34 @@ static int wolfssl_tls13_init_secret(gnutls_mac_algorithm_t mac,
1120311203
const unsigned char *psk, size_t psk_size, void *out, size_t output_size)
1120411204
{
1120511205
int ret;
11206+
int hash_type;
1120611207
unsigned char tmp[WC_MAX_DIGEST_SIZE];
1120711208

1120811209
WGW_FUNC_ENTER();
1120911210

11210-
/* When no key supplied, use an all zero key. */
11211-
if (psk == NULL) {
11212-
psk_size = output_size;
11213-
XMEMSET(tmp, 0, psk_size);
11211+
(void)output_size;
11212+
11213+
/* Get hash algorithm. */
11214+
hash_type = get_hash_type(mac);
11215+
if (hash_type < 0) {
11216+
WGW_ERROR("HMAC algorithm not supported");
11217+
return GNUTLS_E_INVALID_REQUEST;
11218+
}
11219+
11220+
if (psk == NULL && psk_size == 0) {
1121411221
psk = tmp;
1121511222
}
1121611223

11217-
ret = wolfssl_hmac_fast(mac, NULL, 0, "", 0, psk, psk_size, out);
11224+
PRIVATE_KEY_UNLOCK();
11225+
11226+
ret = wc_Tls13_HKDF_Extract(out, NULL, 0, (byte*)psk, psk_size,
11227+
hash_type);
11228+
11229+
PRIVATE_KEY_LOCK();
11230+
1121811231
if (ret != 0) {
11219-
return ret;
11232+
WGW_WOLFSSL_ERROR("wc_Tls13_HKDF_Extract_ex", ret);
11233+
return GNUTLS_E_INTERNAL_ERROR;
1122011234
}
1122111235

1122211236
return 0;

0 commit comments

Comments
 (0)