diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2020-06-04 18:43:14 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-06-05 04:48:47 +0000 |
commit | f9cca4269a124019f56980471d152b68177837f0 (patch) | |
tree | df21bf983a614f205456dddcc4e18eddf5b89d5a | |
parent | dd15f8676d55ef1c78f78016ce6c6175d3806174 (diff) | |
download | chrome-ec-f9cca4269a124019f56980471d152b68177837f0.tar.gz |
dcrypto/hmac: another fix for HMAC SHA256 compute
For long HMAC keys we should also compare length with SHA256 block size
rather than size of opad. It updates previous patch.
https://crrev.com/c/1850535 introduced change in LITE_HMAC_CTX structure
which change size of opad field. HMAC computation was using sizeof(opad)
instead of SHA256_BLOCK_SIZE and that caused incorrect values.
BUG=b:158094716
TEST=make BOARD=cr50 CRYPTO_TEST=1 ; test/tpm_test/tpmtest.py
Change-Id: I9c7d63ad3f1751b09b6968379082e875b3558bef
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2231962
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
-rw-r--r-- | chip/g/dcrypto/hmac.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/chip/g/dcrypto/hmac.c b/chip/g/dcrypto/hmac.c index 427d924d5f..7cc45a03ba 100644 --- a/chip/g/dcrypto/hmac.c +++ b/chip/g/dcrypto/hmac.c @@ -21,7 +21,7 @@ static void hmac_sha256_init(LITE_HMAC_CTX *ctx, const void *key, memset(&ctx->opad[0], 0, SHA256_BLOCK_SIZE); - if (len > sizeof(ctx->opad)) { + if (len > SHA256_BLOCK_SIZE) { DCRYPTO_SHA256_init(&ctx->hash, 0); HASH_update(&ctx->hash, key, len); memcpy(&ctx->opad[0], HASH_final(&ctx->hash), |