Use HKDF-derived key instead of shared secret Change-Id: I0a96f1469e5bf28fe2ea299e835a77217ba361e0

commit: 65e5998b44751df2f128749ffe4ff783b0864b02 [log] [tgz]
author: Zhiyi Zhang <zhiyi@cs.ucla.edu> Sun Sep 08 12:07:30 2019 -0700
committer: Zhiyi Zhang <zhiyi@cs.ucla.edu> Sun Sep 08 12:07:30 2019 -0700
tree: 965f3c19c476b4cf60dcca7a644e68f419032883
parent: 151906039cc6bc2a6f5ba8ce5f25ab98ee519ca5 [diff] [blame]
diff --git a/src/client-module.cpp b/src/client-module.cpp
index f8d73f6..a94b176 100644
--- a/src/client-module.cpp
+++ b/src/client-module.cpp

@@ -228,7 +228,7 @@
   std::stringstream ss;
   boost::property_tree::write_json(ss, paramJson);
   auto payload = ss.str();
-  auto paramBlock = genEncBlock(tlv::ApplicationParameters, m_ecdh.context->sharedSecret, m_ecdh.context->sharedSecretLen,
+  auto paramBlock = genEncBlock(tlv::ApplicationParameters, m_aesKey, 32,
                                 (const uint8_t*)payload.c_str(), payload.size());
   interest->setApplicationParameters(paramBlock);
 
@@ -243,7 +243,7 @@
     _LOG_ERROR("Cannot verify data signature from " << m_ca.m_caName.toUri());
     return;
   }
-  auto result = parseEncBlock(m_ecdh.context->sharedSecret, m_ecdh.context->sharedSecretLen, reply.getContent());
+  auto result = parseEncBlock(m_aesKey, 32, reply.getContent());
   std::string payload((const char*)result.data(), result.size());
   std::istringstream ss(payload);
   JsonSection contentJson;
commit	65e5998b44751df2f128749ffe4ff783b0864b02	[log] [tgz]
author	Zhiyi Zhang <zhiyi@cs.ucla.edu>	Sun Sep 08 12:07:30 2019 -0700
committer	Zhiyi Zhang <zhiyi@cs.ucla.edu>	Sun Sep 08 12:07:30 2019 -0700
tree	965f3c19c476b4cf60dcca7a644e68f419032883
parent	151906039cc6bc2a6f5ba8ce5f25ab98ee519ca5 [diff] [blame]