From f9cca4269a124019f56980471d152b68177837f0 Mon Sep 17 00:00:00 2001
From: Vadim Sukhomlinov <sukhomlinov@google.com>
Date: Thu, 4 Jun 2020 18:43:14 -0700
Subject: dcrypto/hmac: another fix for HMAC SHA256 compute

For long HMAC keys we should also compare length with SHA256 block size
rather than size of opad. It updates previous patch.
https://crrev.com/c/1850535 introduced change in LITE_HMAC_CTX structure
which change size of opad field. HMAC computation was using sizeof(opad)
instead of SHA256_BLOCK_SIZE and that caused incorrect values.

BUG=b:158094716
TEST=make BOARD=cr50 CRYPTO_TEST=1 ; test/tpm_test/tpmtest.py

Change-Id: I9c7d63ad3f1751b09b6968379082e875b3558bef
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2231962
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
---
 chip/g/dcrypto/hmac.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/chip/g/dcrypto/hmac.c b/chip/g/dcrypto/hmac.c
index 427d924d5f..7cc45a03ba 100644
--- a/chip/g/dcrypto/hmac.c
+++ b/chip/g/dcrypto/hmac.c
@@ -21,7 +21,7 @@ static void hmac_sha256_init(LITE_HMAC_CTX *ctx, const void *key,
 
 	memset(&ctx->opad[0], 0, SHA256_BLOCK_SIZE);
 
-	if (len > sizeof(ctx->opad)) {
+	if (len > SHA256_BLOCK_SIZE) {
 		DCRYPTO_SHA256_init(&ctx->hash, 0);
 		HASH_update(&ctx->hash, key, len);
 		memcpy(&ctx->opad[0], HASH_final(&ctx->hash),
-- 
cgit v1.2.1