* @brief Generate pseudo-random key
* @param mac gcrypt HMAC handle
* @param xts salt
- * @param xts_len length of the salt
+ * @param xts_len length of the @a xts salt
* @param skm source key material
- * @param skm_len length of skm
+ * @param skm_len length of @a skm
* @param prk result buffer (allocated by caller; at least gcry_md_dlen() bytes)
- * @return GNUNET_YES on success
+ * @return #GNUNET_YES on success
*/
static int
getPRK (gcry_md_hd_t mac, const void *xts, size_t xts_len, const void *skm,
* @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_...
* @param prf_algo hash algorithm for the expansion phase, GCRY_MD_...
* @param xts salt
- * @param xts_len length of xts
+ * @param xts_len length of @a xts
* @param skm source key material
- * @param skm_len length of skm
+ * @param skm_len length of @a skm
* @param argp va_list of void * & size_t pairs for context chunks
* @return #GNUNET_YES on success
*/
const void *xts, size_t xts_len, const void *skm,
size_t skm_len, va_list argp)
{
- static int once;
- static gcry_md_hd_t xtr;
- static gcry_md_hd_t prf;
+ gcry_md_hd_t xtr;
+ gcry_md_hd_t prf;
const void *hc;
unsigned long i;
unsigned long t;
if (0 == k)
return GNUNET_SYSERR;
- if (! once)
- {
- if (GPG_ERR_NO_ERROR !=
- gcry_md_open (&xtr, xtr_algo, GCRY_MD_FLAG_HMAC))
- return GNUNET_SYSERR;
-
- if (GPG_ERR_NO_ERROR !=
- gcry_md_open (&prf, prf_algo, GCRY_MD_FLAG_HMAC))
- {
- gcry_md_close (xtr);
- return GNUNET_SYSERR;
- }
- once = 1;
- }
- else
+ if (GPG_ERR_NO_ERROR !=
+ gcry_md_open (&xtr, xtr_algo, GCRY_MD_FLAG_HMAC))
+ return GNUNET_SYSERR;
+ if (GPG_ERR_NO_ERROR !=
+ gcry_md_open (&prf, prf_algo, GCRY_MD_FLAG_HMAC))
{
- gcry_md_reset (xtr);
- gcry_md_reset (prf);
+ gcry_md_close (xtr);
+ return GNUNET_SYSERR;
}
-
va_copy (args, argp);
ctx_len = 0;
hkdf_error:
ret = GNUNET_SYSERR;
hkdf_ok:
+ gcry_md_close (xtr);
+ gcry_md_close (prf);
return ret;
}