From 11b86db9db2a38ea8ad8309838f4aa9c5cd43d67 Mon Sep 17 00:00:00 2001 From: Lucas Gabriel Vuotto Date: Thu, 6 Jun 2024 17:14:30 +0000 Subject: [PATCH] auth/hmac: 0-pad the hashed key in longer-than-blocksize case --- auth_hmac.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/auth_hmac.c b/auth_hmac.c index deb61fb..4c300bd 100644 --- a/auth_hmac.c +++ b/auth_hmac.c @@ -42,12 +42,13 @@ hmac_common_init(void *arg, const uint8_t *key, size_t keylen) !lc_hash_update(ctx->hctx, key, keylen) || !lc_hash_final(ctx->hctx, ctx->key, &olen)) return 0; - } else { + keylen = olen; + } else for (i = 0; i < keylen; i++) ctx->key[i] = key[i]; - for (; i < ctx->blocksz; i++) - ctx->key[i] = 0; - } + + for (i = keylen; i < ctx->blocksz; i++) + ctx->key[i] = 0; for (i = 0; i < ctx->blocksz; i++) ikeypad[i] = ctx->key[i] ^ HMAC_IPAD;