Merge pull request #10 from JacobBarthelmeh/master

SparkiDev · web-flow · commit 0ed7fe741c81 · 2023-09-22T15:48:26.000+10:00
changes for tls 1.3 with FIPS ready
diff --git a/src/wp_hkdf.c b/src/wp_hkdf.c
@@ -519,8 +519,10 @@ static int wp_tls13_hkdf_expand(wp_HkdfCtx* ctx, unsigned char* inKey,
     }
     ctx->infoSz = idx;
 
+    PRIVATE_KEY_UNLOCK();
     rc = wc_HKDF_Expand(ctx->mdType, inKey, (word32)inKeyLen, ctx->info,
         (word32)ctx->infoSz, key, (word32)keyLen);
+    PRIVATE_KEY_LOCK();
     if (rc != 0) {
         ok = 0;
     }
@@ -578,8 +580,16 @@ static int wp_tls13_hkdf_extract(wp_HkdfCtx* ctx, unsigned char* key,
 
     if (ok) {
         (void)keyLen;
-        rc = wc_HKDF_Extract(ctx->mdType, salt, (word32)saltLen, inKey,
-            (word32)inKeyLen, key);
+        PRIVATE_KEY_UNLOCK();
+        if (saltLen == 0) {
+            rc = wc_HKDF_Extract(ctx->mdType, NULL, 0, inKey,
+                (word32)inKeyLen, key);
+        }
+        else {
+            rc = wc_HKDF_Extract(ctx->mdType, salt, (word32)saltLen, inKey,
+                (word32)inKeyLen, key);
+        }
+        PRIVATE_KEY_LOCK();
         if (rc != 0) {
             ok = 0;
         }
