From 5f4e6a0dab6a8dc3ae125a6ca776d210fb9a3b07 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Fri, 25 Apr 2008 15:51:10 +0200
Subject: Change PSK key derivation algorithm.

---
 NEWS                     | 2 ++
 lib/gnutls_psk_netconf.c | 8 ++++----
 tests/netconf-psk.c      | 4 ++--
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/NEWS b/NEWS
index 6fbd3179c8..3c9f79c331 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,8 @@ See the end for copying conditions.
 
 * Version 2.3.4.netconf.1 (unreleased)
 
+** Change PSK key derivation logic.
+
 ** API and ABI modifications:
 No changes since last version.
 
diff --git a/lib/gnutls_psk_netconf.c b/lib/gnutls_psk_netconf.c
index eeb6f5880d..37c39a6926 100644
--- a/lib/gnutls_psk_netconf.c
+++ b/lib/gnutls_psk_netconf.c
@@ -58,7 +58,7 @@ gnutls_psk_netconf_derive_key (const char *password,
   int rc;
 
   /*
-   * PSK = SHA-1(SHA-1(password + psk_identity + "Key Pad for Netconf") +
+   * PSK = SHA-1(SHA-1(psk_identity + "Key Pad for Netconf" + password) +
    *             psk_identity_hint)
    *
    */
@@ -70,7 +70,7 @@ gnutls_psk_netconf_derive_key (const char *password,
       return rc;
     }
 
-  rc = _gnutls_hash (&dig, password, strlen (password));
+  rc = _gnutls_hash (&dig, psk_identity, strlen (psk_identity));
   if (rc)
     {
       gnutls_assert ();
@@ -78,7 +78,7 @@ gnutls_psk_netconf_derive_key (const char *password,
       return rc;
     }
 
-  rc = _gnutls_hash (&dig, psk_identity, strlen (psk_identity));
+  rc = _gnutls_hash (&dig, netconf_key_pad, strlen (netconf_key_pad));
   if (rc)
     {
       gnutls_assert ();
@@ -86,7 +86,7 @@ gnutls_psk_netconf_derive_key (const char *password,
       return rc;
     }
 
-  rc = _gnutls_hash (&dig, netconf_key_pad, strlen (netconf_key_pad));
+  rc = _gnutls_hash (&dig, password, strlen (password));
   if (rc)
     {
       gnutls_assert ();
diff --git a/tests/netconf-psk.c b/tests/netconf-psk.c
index 5ac0c5ea18..4674283af4 100644
--- a/tests/netconf-psk.c
+++ b/tests/netconf-psk.c
@@ -38,8 +38,8 @@ void
 doit (void)
 {
   const char *known =
-    "\xd6\xa9\x41\x0e\x55\x17\x42\x69\x16\x09"
-    "\x1f\xe0\xdc\xab\x7d\x3e\x60\x1b\xf5\x0a";
+    "\x88\xf3\x82\x4b\x3e\x56\x59\xf5\x2d\x00"
+    "\xe9\x59\xba\xca\xb9\x54\xb6\x54\x03\x44";
   gnutls_datum_t key = { NULL, 0 };
 
   gnutls_global_init ();
-- 
cgit v1.2.1