[svn] gcry - r1355 - in trunk: . cipher tests

svn author wk cvs at cvs.gnupg.org
Wed Nov 5 20:13:23 CET 2008 

Author: wk
Date: 2008-11-05 20:13:22 +0100 (Wed, 05 Nov 2008)
New Revision: 1355

Modified:
   trunk/NEWS
   trunk/cipher/ChangeLog
   trunk/cipher/md.c
   trunk/tests/basic.c
Log:
Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.


Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog	2008-11-05 17:21:57 UTC (rev 1354)
+++ trunk/cipher/ChangeLog	2008-11-05 19:13:22 UTC (rev 1355)
@@ -1,5 +1,8 @@
 2008-11-05  Werner Koch  <wk at g10code.com>
 
+	* md.c (md_open): Use a switch to set the Bsize.
+	(prepare_macpads): Fix long key case for SHA384 and SHA512.
+
 	* cipher.c (gcry_cipher_handle): Add field EXTRASPEC.
 	(gcry_cipher_open): Set it.
 	(gcry_cipher_ctl): Add private control code to disable weak key
@@ -22,7 +25,6 @@
 
 2008-09-18  Werner Koch  <wk at g10code.com>
 
-
 	* pubkey.c (gcry_pk_genkey): Parse domain parameter.
 	(pubkey_generate): Add new arg DOMAIN and remove special case for
 	DSA with qbits.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2008-11-05 17:21:57 UTC (rev 1354)
+++ trunk/NEWS	2008-11-05 19:13:22 UTC (rev 1355)
@@ -6,7 +6,9 @@
 
  * MD5 may now be used in non-enforced fips mode.
 
+ * Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.
 
+
 Noteworthy changes in version 1.4.3 (2008-09-18)
 ------------------------------------------------
 

Modified: trunk/cipher/md.c
===================================================================
--- trunk/cipher/md.c	2008-11-05 17:21:57 UTC (rev 1354)
+++ trunk/cipher/md.c	2008-11-05 19:13:22 UTC (rev 1355)
@@ -474,14 +474,18 @@
 
       if (hmac)
 	{
-	  if ( (GCRY_MD_SHA384 == algo) || (GCRY_MD_SHA512 == algo) ) {
-	    ctx->macpads_Bsize = 128;
-	    ctx->macpads = gcry_malloc_secure (2*(ctx->macpads_Bsize));
-	  } else {
-	    ctx->macpads_Bsize = 64;
-	    ctx->macpads = gcry_malloc_secure (2*(ctx->macpads_Bsize));
-	  }
-	  if (! ctx->macpads)
+	  switch (algo)
+            {
+              case GCRY_MD_SHA384:
+              case GCRY_MD_SHA512:
+                ctx->macpads_Bsize = 128;
+                break;
+              default:
+                ctx->macpads_Bsize = 64;
+                break;
+            }
+          ctx->macpads = gcry_malloc_secure (2*(ctx->macpads_Bsize));
+	  if (!ctx->macpads)
 	    {
 	      err = gpg_err_code_from_errno (errno);
 	      md_close (hd);
@@ -842,25 +846,25 @@
 }
 
 static gcry_err_code_t
-prepare_macpads( gcry_md_hd_t hd, const byte *key, size_t keylen)
+prepare_macpads (gcry_md_hd_t hd, const unsigned char *key, size_t keylen)
 {
   int i;
-  int algo = md_get_algo( hd );
-  byte *helpkey = NULL;
-  byte *ipad, *opad;
+  int algo = md_get_algo (hd);
+  unsigned char *helpkey = NULL;
+  unsigned char *ipad, *opad;
 
-  if ( !algo )
-    return GPG_ERR_DIGEST_ALGO; /* i.e. no algo enabled */
+  if (!algo)
+    return GPG_ERR_DIGEST_ALGO; /* Might happen if no algo is enabled.  */
 
-  if ( keylen > 64 ) 
+  if ( keylen > hd->ctx->macpads_Bsize ) 
     {
-      helpkey = gcry_malloc_secure ( md_digest_length( algo ) );
-      if ( !helpkey )
+      helpkey = gcry_malloc_secure (md_digest_length (algo));
+      if (!helpkey)
         return gpg_err_code_from_errno (errno);
-      gcry_md_hash_buffer ( algo, helpkey, key, keylen );
+      gcry_md_hash_buffer (algo, helpkey, key, keylen);
       key = helpkey;
-      keylen = md_digest_length( algo );
-      gcry_assert ( keylen <= 64 );
+      keylen = md_digest_length (algo);
+      gcry_assert ( keylen <= hd->ctx->macpads_Bsize );
     }
 
   memset ( hd->ctx->macpads, 0, 2*(hd->ctx->macpads_Bsize) );
@@ -868,12 +872,12 @@
   opad = (hd->ctx->macpads)+(hd->ctx->macpads_Bsize);
   memcpy ( ipad, key, keylen );
   memcpy ( opad, key, keylen );
-  for (i=0; i < (hd->ctx->macpads_Bsize); i++ ) 
+  for (i=0; i < hd->ctx->macpads_Bsize; i++ ) 
     {
       ipad[i] ^= 0x36;
       opad[i] ^= 0x5c;
     }
-  gcry_free( helpkey );
+  gcry_free (helpkey);
 
   return GPG_ERR_NO_ERROR;
 }

Modified: trunk/tests/basic.c
===================================================================
--- trunk/tests/basic.c	2008-11-05 17:21:57 UTC (rev 1354)
+++ trunk/tests/basic.c	2008-11-05 19:13:22 UTC (rev 1355)
@@ -1695,10 +1695,11 @@
           continue;
         }
       if (verbose)
-	fprintf (stderr, "  checking %s [%i] for length %zi\n", 
+	fprintf (stderr, 
+                 "  checking %s [%i] for %zi byte key and %zi byte data\n", 
 		 gcry_md_algo_name (algos[i].md),
 		 algos[i].md,
-		 strlen(algos[i].data));
+		 strlen(algos[i].key), strlen(algos[i].data));
 
       check_one_hmac (algos[i].md, algos[i].data, strlen (algos[i].data),
 		      algos[i].key, strlen(algos[i].key),

More information about the Gnupg-commits mailing list