diff options
| author | Matt Caswell <matt@openssl.org> | 2015-06-12 13:08:04 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-06-12 14:43:23 +0100 |
| commit | fffcf87a550f76f83e4a17dd190c9c74833046e8 (patch) | |
| tree | 76b458d74355bda0b080c9fa5dc1125f16ffc7db | |
| parent | 3adca975dc1175e76bc079306896a09692ed4c15 (diff) | |
Fix ABI break with HMAC
Recent HMAC changes broke ABI compatibility due to a new field in HMAC_CTX.
This backs that change out, and does it a different way.
Thanks to Timo Teras for the concept.
Conflicts:
crypto/hmac/hmac.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
| -rw-r--r-- | crypto/hmac/hmac.c | 19 | ||||
| -rw-r--r-- | crypto/hmac/hmac.h | 1 | ||||
| -rw-r--r-- | crypto/hmac/hmactest.c | 7 |
3 files changed, 13 insertions, 14 deletions
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index 5925467818..33d88be117 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -87,6 +87,9 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, return FIPS_hmac_init_ex(ctx, key, len, md, NULL); } #endif + /* If we are changing MD then we must have a key */ + if (md != NULL && md != ctx->md && (key == NULL || len < 0)) + return 0; if (md != NULL) { reset = 1; @@ -97,9 +100,6 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, return 0; } - if (!ctx->key_init && key == NULL) - return 0; - if (key != NULL) { reset = 1; j = EVP_MD_block_size(md); @@ -121,7 +121,6 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, if (ctx->key_length != HMAC_MAX_MD_CBLOCK) memset(&ctx->key[ctx->key_length], 0, HMAC_MAX_MD_CBLOCK - ctx->key_length); - ctx->key_init = 1; } if (reset) { @@ -159,7 +158,7 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) if (FIPS_mode() && !ctx->i_ctx.engine) return FIPS_hmac_update(ctx, data, len); #endif - if (!ctx->key_init) + if (!ctx->md) return 0; return EVP_DigestUpdate(&ctx->md_ctx, data, len); @@ -174,7 +173,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) return FIPS_hmac_final(ctx, md, len); #endif - if (!ctx->key_init) + if (!ctx->md) goto err; if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i)) @@ -195,7 +194,6 @@ void HMAC_CTX_init(HMAC_CTX *ctx) EVP_MD_CTX_init(&ctx->i_ctx); EVP_MD_CTX_init(&ctx->o_ctx); EVP_MD_CTX_init(&ctx->md_ctx); - ctx->key_init = 0; ctx->md = NULL; } @@ -207,11 +205,8 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) goto err; if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx)) goto err; - dctx->key_init = sctx->key_init; - if (sctx->key_init) { - memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); - dctx->key_length = sctx->key_length; - } + memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); + dctx->key_length = sctx->key_length; dctx->md = sctx->md; return 1; err: diff --git a/crypto/hmac/hmac.h b/crypto/hmac/hmac.h index f8e9f5e4f3..b8b55cda7d 100644 --- a/crypto/hmac/hmac.h +++ b/crypto/hmac/hmac.h @@ -79,7 +79,6 @@ typedef struct hmac_ctx_st { EVP_MD_CTX o_ctx; unsigned int key_length; unsigned char key[HMAC_MAX_MD_CBLOCK]; - int key_init; } HMAC_CTX; # define HMAC_size(e) (EVP_MD_size((e)->md)) diff --git a/crypto/hmac/hmactest.c b/crypto/hmac/hmactest.c index 86b6c2529f..271d0ebf26 100644 --- a/crypto/hmac/hmactest.c +++ b/crypto/hmac/hmactest.c @@ -233,7 +233,12 @@ test5: err++; goto test6; } - if (!HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) { + if (HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) { + printf("Should disallow changing MD without a new key (test 5)\n"); + err++; + goto test6; + } + if (!HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, EVP_sha256(), NULL)) { printf("Failed to reinitialise HMAC (test 5)\n"); err++; goto test6; |