jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fixed tls_prf() to handle keys with odd length

Browse source 
The middle byte of the secret (key for PRF) is shared with key halfs in
case the key length is odd. This does not happen in any of the current
tls_prf() uses, but it's better to fix this function to avoid future issues
should someone end up defining a use that uses an odd length for the key.
This commit is contained in:
Jouni Malinen 2008-04-14 20:11:49 +03:00
parent 0d58229994
commit 1c156e783d
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/crypto/sha1.c
View file

@ -265,6 +265,10 @@ int tls_prf(const u8 *secret, size_t secret_len, const char *label,
L_S1 = L_S2 = (secret_len + 1) / 2;
S1 = secret;
S2 = secret + L_S1;
if (secret_len & 1) {
/* The last byte of S1 will be shared with S2 */
S2--;
}
hmac_md5_vector(S1, L_S1, 2, &MD5_addr[1], &MD5_len[1], A_MD5);
hmac_sha1_vector(S2, L_S2, 2, &SHA1_addr[1], &SHA1_len[1], A_SHA1);