diff options
author | Benjamin Barenblat <bbaren@google.com> | 2018-08-23 12:23:39 -0400 |
---|---|---|
committer | Benjamin Barenblat <bbaren@google.com> | 2018-08-23 12:23:39 -0400 |
commit | 9bbbf151b5bdde3f0bead1886996f17764e85521 (patch) | |
tree | 9cb2f7e814d99626bc7f4d99dacce6b03fdb9b96 /src/Codec/Crypto | |
parent | f7277a0fa46d97de4fa871d3744af948d258a334 (diff) |
Factor out common allocate-modify-read pattern
Many functions in BoringSSL accept a buffer and a pointer to size, write
data into the buffer, and mutate the size. Create a function
representing this pattern that also loads the result into a ByteString
for convenience.
Diffstat (limited to 'src/Codec/Crypto')
-rw-r--r-- | src/Codec/Crypto/HKDF.hs | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/src/Codec/Crypto/HKDF.hs b/src/Codec/Crypto/HKDF.hs index 2b1dc1f..bd2d7a5 100644 --- a/src/Codec/Crypto/HKDF.hs +++ b/src/Codec/Crypto/HKDF.hs @@ -19,11 +19,12 @@ module Codec.Crypto.HKDF import qualified Data.ByteString as ByteString import qualified Data.ByteString.Unsafe as ByteString -import Foreign (Storable(peek), alloca, allocaArray) +import Foreign (allocaArray) import Foreign.Marshal.Unsafe (unsafeLocalState) import BTLS.BoringSSL.Digest (evpMaxMDSize) import BTLS.BoringSSL.HKDF +import BTLS.BoringSSLPatterns (onBufferOfMaxSize) import BTLS.Cast (asCUCharBuf) import BTLS.Types ( Algorithm(Algorithm), AssociatedData(AssociatedData), Salt(Salt) @@ -33,9 +34,9 @@ import BTLS.Types -- | Computes an HKDF pseudorandom key (PRK) as specified by RFC 5869. extract :: Algorithm -> Salt -> SecretKey -> SecretKey extract (Algorithm md) (Salt salt) (SecretKey secret) = - unsafeLocalState $ - allocaArray evpMaxMDSize $ \pOutKey -> - alloca $ \pOutLen -> do + SecretKey $ + unsafeLocalState $ + onBufferOfMaxSize evpMaxMDSize $ \pOutKey pOutLen -> do -- @HKDF_extract@ won't mutate @secret@ or @salt@, so the sharing inherent -- in 'ByteString.unsafeUseAsCStringLen' is fine. ByteString.unsafeUseAsCStringLen secret $ \(pSecret, secretLen) -> @@ -45,21 +46,20 @@ extract (Algorithm md) (Salt salt) (SecretKey secret) = md (asCUCharBuf pSecret) (fromIntegral secretLen) (asCUCharBuf pSalt) (fromIntegral saltLen) - outLen <- fromIntegral <$> peek pOutLen - SecretKey <$> ByteString.packCStringLen (pOutKey, outLen) -- | Computes HKDF output key material (OKM) as specified by RFC 5869. expand :: Algorithm -> AssociatedData -> Int -> SecretKey -> SecretKey expand (Algorithm md) (AssociatedData info) outLen (SecretKey secret) = - unsafeLocalState $ - allocaArray outLen $ \pOutKey -> do - -- @HKDF_expand@ won't mutate @secret@ or @info@, so the sharing inherent - -- in 'ByteString.unsafeUseAsCStringLen' is fine. - ByteString.unsafeUseAsCStringLen secret $ \(pSecret, secretLen) -> - ByteString.unsafeUseAsCStringLen info $ \(pInfo, infoLen) -> - hkdfExpand - (asCUCharBuf pOutKey) (fromIntegral outLen) - md - (asCUCharBuf pSecret) (fromIntegral secretLen) - (asCUCharBuf pInfo) (fromIntegral infoLen) - SecretKey <$> ByteString.packCStringLen (pOutKey, outLen) + SecretKey $ + unsafeLocalState $ + allocaArray outLen $ \pOutKey -> do + -- @HKDF_expand@ won't mutate @secret@ or @info@, so the sharing inherent + -- in 'ByteString.unsafeUseAsCStringLen' is fine. + ByteString.unsafeUseAsCStringLen secret $ \(pSecret, secretLen) -> + ByteString.unsafeUseAsCStringLen info $ \(pInfo, infoLen) -> + hkdfExpand + (asCUCharBuf pOutKey) (fromIntegral outLen) + md + (asCUCharBuf pSecret) (fromIntegral secretLen) + (asCUCharBuf pInfo) (fromIntegral infoLen) + ByteString.packCStringLen (pOutKey, outLen) |