diff options
| author | Pauli <paul.dale@oracle.com> | 2018-08-16 08:54:35 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2018-09-04 08:09:12 +1000 |
| commit | e0810e3502bbf14ee274033e7eeabb551ce38510 (patch) | |
| tree | bda457dbc208227d39c25cd684f84925568cb304 /crypto/hmac | |
| parent | bdd58bd249f1b6d4c7ccdd9c54fd33db874e0084 (diff) | |
Fix HMAC SHA3-224 and HMAC SHA3-256.
Added NIST test cases for these two as well.
Additionally deprecate the public definiton of HMAC_MAX_MD_CBLOCK in 1.2.0.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6972)
Diffstat (limited to 'crypto/hmac')
| -rw-r--r-- | crypto/hmac/hmac.c | 12 | ||||
| -rw-r--r-- | crypto/hmac/hmac_lcl.h | 7 |
2 files changed, 11 insertions, 8 deletions
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index e0944b985a..e4031b44a5 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -20,7 +20,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, { int rv = 0; int i, j, reset = 0; - unsigned char pad[HMAC_MAX_MD_CBLOCK]; + unsigned char pad[HMAC_MAX_MD_CBLOCK_SIZE]; /* If we are changing MD then we must have a key */ if (md != NULL && md != ctx->md && (key == NULL || len < 0)) @@ -52,19 +52,19 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, memcpy(ctx->key, key, len); ctx->key_length = len; } - if (ctx->key_length != HMAC_MAX_MD_CBLOCK) + if (ctx->key_length != HMAC_MAX_MD_CBLOCK_SIZE) memset(&ctx->key[ctx->key_length], 0, - HMAC_MAX_MD_CBLOCK - ctx->key_length); + HMAC_MAX_MD_CBLOCK_SIZE - ctx->key_length); } if (reset) { - for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) + for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++) pad[i] = 0x36 ^ ctx->key[i]; if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl) || !EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md))) goto err; - for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) + for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++) pad[i] = 0x5c ^ ctx->key[i]; if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl) || !EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md))) @@ -194,7 +194,7 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) goto err; if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx)) goto err; - memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); + memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK_SIZE); dctx->key_length = sctx->key_length; dctx->md = sctx->md; return 1; diff --git a/crypto/hmac/hmac_lcl.h b/crypto/hmac/hmac_lcl.h index 7ba0aac483..8fd8345694 100644 --- a/crypto/hmac/hmac_lcl.h +++ b/crypto/hmac/hmac_lcl.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,13 +10,16 @@ #ifndef HEADER_HMAC_LCL_H # define HEADER_HMAC_LCL_H +/* The current largest case is for SHA3-224 */ +#define HMAC_MAX_MD_CBLOCK_SIZE 144 + struct hmac_ctx_st { const EVP_MD *md; EVP_MD_CTX *md_ctx; EVP_MD_CTX *i_ctx; EVP_MD_CTX *o_ctx; unsigned int key_length; - unsigned char key[HMAC_MAX_MD_CBLOCK]; + unsigned char key[HMAC_MAX_MD_CBLOCK_SIZE]; }; #endif |