From 016f701a9156d6f83fde860fa416d8614dd57182 Mon Sep 17 00:00:00 2001 From: Marcel Holtmann Date: Sun, 28 Dec 2014 06:33:44 +0100 Subject: [PATCH] core: Fix handling of digest size argument for all HMAC hash functions --- src/md5.c | 10 ++++++---- src/sha1.c | 16 +++++++++------- src/sha256.c | 10 ++++++---- 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/src/md5.c b/src/md5.c index 994818d7..bfb2e964 100644 --- a/src/md5.c +++ b/src/md5.c @@ -32,8 +32,9 @@ #define MD5_MAC_LEN 16 static void __hmac_md5(struct l_checksum *checksum, - const void *key, size_t key_len, - const void *data, size_t data_len, void *output) + const void *key, size_t key_len, + const void *data, size_t data_len, + void *output, size_t size) { unsigned char ipad[64]; unsigned char opad[64]; @@ -73,7 +74,8 @@ static void __hmac_md5(struct l_checksum *checksum, /* perform outer MD5 */ l_checksum_update(checksum, opad, sizeof(opad)); l_checksum_update(checksum, digest, MD5_MAC_LEN); - l_checksum_get_digest(checksum, output, MD5_MAC_LEN); + l_checksum_get_digest(checksum, output, + size > MD5_MAC_LEN ? MD5_MAC_LEN : size); l_checksum_reset(checksum); } @@ -85,7 +87,7 @@ bool hmac_md5(const void *key, size_t key_len, checksum = l_checksum_new(L_CHECKSUM_MD5); - __hmac_md5(checksum, key, key_len, data, data_len, output); + __hmac_md5(checksum, key, key_len, data, data_len, output, size); l_checksum_free(checksum); diff --git a/src/sha1.c b/src/sha1.c index 3db2f097..f3811274 100644 --- a/src/sha1.c +++ b/src/sha1.c @@ -32,8 +32,9 @@ #define SHA1_MAC_LEN 20 static void __hmac_sha1(struct l_checksum *checksum, - const void *key, size_t key_len, - const void *data, size_t data_len, void *output) + const void *key, size_t key_len, + const void *data, size_t data_len, + void *output, size_t size) { unsigned char ipad[64]; unsigned char opad[64]; @@ -73,7 +74,8 @@ static void __hmac_sha1(struct l_checksum *checksum, /* perform outer SHA1 */ l_checksum_update(checksum, opad, sizeof(opad)); l_checksum_update(checksum, digest, SHA1_MAC_LEN); - l_checksum_get_digest(checksum, output, SHA1_MAC_LEN); + l_checksum_get_digest(checksum, output, + size > SHA1_MAC_LEN ? SHA1_MAC_LEN : size); l_checksum_reset(checksum); } @@ -85,7 +87,7 @@ bool hmac_sha1(const void *key, size_t key_len, checksum = l_checksum_new(L_CHECKSUM_SHA1); - __hmac_sha1(checksum, key, key_len, data, data_len, output); + __hmac_sha1(checksum, key, key_len, data, data_len, output, size); l_checksum_free(checksum); @@ -110,12 +112,12 @@ static void F(struct l_checksum *checksum, buf[salt_len + 3] = count & 0xff; __hmac_sha1(checksum, password, password_len, - buf, salt_len + 4, tmp1); + buf, salt_len + 4, tmp1, SHA1_MAC_LEN); memcpy(digest, tmp1, SHA1_MAC_LEN); for (i = 1; i < iterations; i++) { __hmac_sha1(checksum, password, password_len, - tmp1, SHA1_MAC_LEN, tmp2); + tmp1, SHA1_MAC_LEN, tmp2, SHA1_MAC_LEN); memcpy(tmp1, tmp2, SHA1_MAC_LEN); for (j = 0; j < SHA1_MAC_LEN; j++) @@ -173,7 +175,7 @@ bool prf_sha1(const void *key, size_t key_len, for (i = 0; i < (size + 19) / 20; i++) { __hmac_sha1(checksum, key, key_len, input, input_len, - output + offset); + output + offset, SHA1_MAC_LEN); offset += 20; input[input_len - 1]++; diff --git a/src/sha256.c b/src/sha256.c index de1dffaf..7b849fd6 100644 --- a/src/sha256.c +++ b/src/sha256.c @@ -32,8 +32,9 @@ #define SHA256_MAC_LEN 32 static void __hmac_sha256(struct l_checksum *checksum, - const void *key, size_t key_len, - const void *data, size_t data_len, void *output) + const void *key, size_t key_len, + const void *data, size_t data_len, + void *output, size_t size) { unsigned char ipad[64]; unsigned char opad[64]; @@ -73,7 +74,8 @@ static void __hmac_sha256(struct l_checksum *checksum, /* perform outer SHA256 */ l_checksum_update(checksum, opad, sizeof(opad)); l_checksum_update(checksum, digest, SHA256_MAC_LEN); - l_checksum_get_digest(checksum, output, SHA256_MAC_LEN); + l_checksum_get_digest(checksum, output, + size > SHA256_MAC_LEN ? SHA256_MAC_LEN : size); l_checksum_reset(checksum); } @@ -85,7 +87,7 @@ bool hmac_sha256(const void *key, size_t key_len, checksum = l_checksum_new(L_CHECKSUM_SHA256); - __hmac_sha256(checksum, key, key_len, data, data_len, output); + __hmac_sha256(checksum, key, key_len, data, data_len, output, size); l_checksum_free(checksum);