Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

HMAC fixed to start with the correct key now

Browse Source
This commit is contained in:
Simon Rozman 2016-08-10 11:18:20 +02:00
parent e92f47677d
commit fb0fa0de31
2 changed files with 24 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
lib/TLS/include/Method.h
View File

@ -565,27 +565,36 @@ namespace eap
_In_ size_t size); _In_ size_t size);
/// ///
/// HMAC symmetric key generation /// Creates HMAC key
/// ///
/// \param[in] alg Hashing algorithm to use (CALG_MD5 or CALG_SHA1) /// \param[in] secret Hashing secret
/// \param[in] secret Hashing secret key
/// \param[in] size_secret \p secret size /// \param[in] size_secret \p secret size
/// ///
/// \returns Key /// \returns Key
/// ///
inline HCRYPTKEY derive_hmac_key( inline HCRYPTKEY create_hmac_key(
_In_ ALG_ID alg,
_In_bytecount_(size_secret) const void *secret, _In_bytecount_(size_secret) const void *secret,
_In_ size_t size_secret) _In_ size_t size_secret)
{ {
winstd::crypt_hash hash; // Prepare exported key BLOB.
if (!hash.create(m_cp, alg, 0, 0)) static const PUBLICKEYSTRUC s_key_data_struct = {
throw winstd::win_runtime_error(__FUNCTION__ " Error creating key hash."); PLAINTEXTKEYBLOB,
if (!CryptHashData(hash, (const BYTE*)secret, (DWORD)size_secret, 0)) CUR_BLOB_VERSION,
throw winstd::win_runtime_error(__FUNCTION__ " Error hashing secret."); 0,
CALG_RC4,
};
std::vector<unsigned char> key_blob;
key_blob.reserve(sizeof(PUBLICKEYSTRUC) + sizeof(DWORD) + size_secret);
key_blob.assign((const unsigned char*)&s_key_data_struct, (const unsigned char*)(&s_key_data_struct + 1));
assert(size_secret <= 0xffffffff);
DWORD _size_secret = (DWORD)size_secret;
key_blob.insert(key_blob.end(), (const unsigned char*)&_size_secret, (const unsigned char*)(&_size_secret + 1));
key_blob.insert(key_blob.end(), (const unsigned char*)secret, (const unsigned char*)secret + _size_secret);
// Import the key.
winstd::crypt_key key; winstd::crypt_key key;
if (!key.derive(m_cp, CALG_RC4, hash, 0)) if (!key.import(m_cp, key_blob.data(), (DWORD)key_blob.size(), NULL, 0))
throw winstd::win_runtime_error(__FUNCTION__ " Error deriving key."); throw winstd::win_runtime_error(__FUNCTION__ " Error importing key.");
return key.detach(); return key.detach();
} }

6
lib/TLS/src/Method.cpp
View File

@ -809,7 +809,7 @@ void eap::method_tls::derive_keys()
vector<unsigned char> key; vector<unsigned char> key;
key.assign((const unsigned char*)&s_key_struct, (const unsigned char*)(&s_key_struct + 1)); key.assign((const unsigned char*)&s_key_struct, (const unsigned char*)(&s_key_struct + 1));
key.insert(key.end(), data, data + 20); key.insert(key.end(), data, data + 20);
if (!m_key_hmac.import(m_cp, key.data(), key.size(), NULL, 0)) if (!m_key_hmac.import(m_cp, key.data(), (DWORD)key.size(), NULL, 0))
throw win_runtime_error(__FUNCTION__ " Error importing client_write_MAC_secret key."); throw win_runtime_error(__FUNCTION__ " Error importing client_write_MAC_secret key.");
@ -1187,8 +1187,8 @@ vector<unsigned char> eap::method_tls::p_hash(
_In_ size_t size_seed, _In_ size_t size_seed,
_In_ size_t size) _In_ size_t size)
{ {
// HMAC symmetric key generation. // HMAC symmetric key creation.
crypt_key key_hmac(derive_hmac_key(alg, secret, size_secret)); crypt_key key_hmac(create_hmac_key(secret, size_secret));
vector<unsigned char> block; vector<unsigned char> block;
const HMAC_INFO hmac_info = { alg }; const HMAC_INFO hmac_info = { alg };