summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVadim Sukhomlinov <sukhomlinov@google.com>2020-06-04 18:43:14 -0700
committerCommit Bot <commit-bot@chromium.org>2020-06-05 04:48:47 +0000
commitf9cca4269a124019f56980471d152b68177837f0 (patch)
treedf21bf983a614f205456dddcc4e18eddf5b89d5a
parentdd15f8676d55ef1c78f78016ce6c6175d3806174 (diff)
downloadchrome-ec-f9cca4269a124019f56980471d152b68177837f0.tar.gz
dcrypto/hmac: another fix for HMAC SHA256 compute
For long HMAC keys we should also compare length with SHA256 block size rather than size of opad. It updates previous patch. https://crrev.com/c/1850535 introduced change in LITE_HMAC_CTX structure which change size of opad field. HMAC computation was using sizeof(opad) instead of SHA256_BLOCK_SIZE and that caused incorrect values. BUG=b:158094716 TEST=make BOARD=cr50 CRYPTO_TEST=1 ; test/tpm_test/tpmtest.py Change-Id: I9c7d63ad3f1751b09b6968379082e875b3558bef Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2231962 Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org> Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org> Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
Diffstat
-rw-r--r--chip/g/dcrypto/hmac.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/chip/g/dcrypto/hmac.c b/chip/g/dcrypto/hmac.c
index 427d924d5f..7cc45a03ba 100644
--- a/chip/g/dcrypto/hmac.c
+++ b/chip/g/dcrypto/hmac.c
@@ -21,7 +21,7 @@ static void hmac_sha256_init(LITE_HMAC_CTX *ctx, const void *key,
memset(&ctx->opad[0], 0, SHA256_BLOCK_SIZE);
- if (len > sizeof(ctx->opad)) {
+ if (len > SHA256_BLOCK_SIZE) {
DCRYPTO_SHA256_init(&ctx->hash, 0);
HASH_update(&ctx->hash, key, len);
memcpy(&ctx->opad[0], HASH_final(&ctx->hash),
View Lorry Controller Status