diff options
Diffstat (limited to 'src/Common/Pkcs5.c')
-rw-r--r-- | src/Common/Pkcs5.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index 1da5e237..c33f1dab 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -327,6 +327,12 @@ void hmac_sha512 char* buf = hmac.k; int b; char key[SHA512_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined (_WIN64) + KFLOATING_SAVE floatingPointState; + NTSTATUS saveStatus = STATUS_SUCCESS; + if (HasSSE2() && HasMMX()) + saveStatus = KeSaveFloatingPointState (&floatingPointState); +#endif /* If the key is longer than the hash algorithm block size, let key = sha512(key), as per HMAC specifications. */ @@ -369,6 +375,11 @@ void hmac_sha512 hmac_sha512_internal (d, ld, &hmac); +#if defined (DEVICE_DRIVER) && !defined (_WIN64) + if (NT_SUCCESS (saveStatus) && (HasSSE2() && HasMMX())) + KeRestoreFloatingPointState (&floatingPointState); +#endif + /* Prevent leaks */ burn (&hmac, sizeof(hmac)); burn (key, sizeof(key)); @@ -408,6 +419,12 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 char* buf = hmac.k; int b, l, r; char key[SHA512_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined (_WIN64) + KFLOATING_SAVE floatingPointState; + NTSTATUS saveStatus = STATUS_SUCCESS; + if (HasSSE2() && HasMMX()) + saveStatus = KeSaveFloatingPointState (&floatingPointState); +#endif /* If the password is longer than the hash algorithm block size, let pwd = sha512(pwd), as per HMAC specifications. */ @@ -471,6 +488,10 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 derive_u_sha512 (salt, salt_len, iterations, b, &hmac); memcpy (dk, hmac.u, r); +#if defined (DEVICE_DRIVER) && !defined (_WIN64) + if (NT_SUCCESS (saveStatus) && (HasSSE2() && HasMMX())) + KeRestoreFloatingPointState (&floatingPointState); +#endif /* Prevent possible leaks. */ burn (&hmac, sizeof(hmac)); |