Mercurial > gnulib

changeset 39874:96d0c10a7473

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hmac-sha512: fix hash for keys > blocksize (128 bytes) * lib/hmac-sha512.c (hmac_sha512): Set the computed/shortened key length to that output by sha512, not the blocksize. Otherwise uninitialized data from the stack is used when computing the hash. * tests/test-hmac-sha512.c: Add a shortened key test case. Reported at https://github.com/coreutils/gnulib/pull/5
author Zhang Qing <zhangqingl@126.com>
date Sat, 29 Sep 2018 19:57:56 -0700
parents 6b0218435966
children 67e1644a2382
files ChangeLog lib/hmac-sha512.c tests/test-hmac-sha512.c
diffstat 3 files changed, 41 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Sun Sep 30 23:16:45 2018 +0200
+++ b/ChangeLog	Sat Sep 29 19:57:56 2018 -0700
@@ -1,3 +1,13 @@
+2018-09-30  Zhang Qing  <zhangqingl@126.com>
+
+	hmac-sha512: fix hash for keys > blocksize (128 bytes)
+	* lib/hmac-sha512.c (hmac_sha512): Set the computed/shortened
+	key length to that output by sha512, not the blocksize.
+	Otherwise uninitialized data from the stack
+	is used when computing the hash.
+	* tests/test-hmac-sha512.c: Add a shortened key test case.
+	Reported at https://github.com/coreutils/gnulib/pull/5
+
 2018-09-30  Bruno Haible  <bruno@clisp.org>
 
 	vasnprintf: Avoid warnings from GCC's -Wsign-compare.
--- a/lib/hmac-sha512.c	Sun Sep 30 23:16:45 2018 +0200
+++ b/lib/hmac-sha512.c	Sat Sep 29 19:57:56 2018 -0700
@@ -49,7 +49,7 @@
       sha512_finish_ctx (&keyhash, optkeybuf);
 
       key = optkeybuf;
-      keylen = 128;
+      keylen = 64;
     }
 
   /* Compute INNERHASH from KEY and IN.  */
--- a/tests/test-hmac-sha512.c	Sun Sep 30 23:16:45 2018 +0200
+++ b/tests/test-hmac-sha512.c	Sat Sep 29 19:57:56 2018 -0700
@@ -118,5 +118,35 @@
       }
   }
 
+  {
+    char key[129];
+    size_t key_len = sizeof key;
+    memset (key, '\x0b', sizeof key);
+    char *data = "Hi There";
+    size_t data_len = 8;
+    char *digest =
+      "\xaa\x1c\x23\xfe\x04\x0c\x4f\x3e\x65\x45\xa9\x15\x4e\x33\x9d\x17\xff\xb5\x27\x2e\x0a\x54\x5b\x84\xd3\x8b\x9b\xf8\xe2\xc7\x46\x4d\xf2\xd6\x2b\xb5\x00\x05\x57\x68\x6f\x85\x10\xeb\x43\x02\xa0\xca\xe6\xb5\xdd\x1f\x37\x00\xbe\xae\xde\x75\x5f\x86\xfd\xbe\xb4\x8f";
+    char out[64];
+
+    if (hmac_sha512 (key, key_len, data, data_len, out) != 0)
+      {
+        printf ("call failure\n");
+        return 1;
+      }
+
+    if (memcmp (digest, out, 64) != 0)
+      {
+        size_t i;
+        printf ("hash 1 mismatch. expected:\n");
+        for (i = 0; i < 64; i++)
+          printf ("%02x ", digest[i] & 0xFF);
+        printf ("\ncomputed:\n");
+        for (i = 0; i < 64; i++)
+          printf ("%02x ", out[i] & 0xFF);
+        printf ("\n");
+        return 1;
+      }
+  }
+
   return 0;
 }