Fix for HMAC.

author Dr. Stephen Henson <steve@openssl.org>

Mon, 27 Mar 2000 00:53:27 +0000 (00:53 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Mon, 27 Mar 2000 00:53:27 +0000 (00:53 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Mon, 27 Mar 2000 00:53:27 +0000 (00:53 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Mon, 27 Mar 2000 00:53:27 +0000 (00:53 +0000)
diff --git a/CHANGES b/CHANGES

index 0073a5c84f87efc44afdf81a60f7e5c59bf82640..b98ea514a0166964b0be2f2d9e19031940c1f753 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
  
   Changes between 0.9.5 and 0.9.5a  [XX XXX 2000]
  
  
   Changes between 0.9.5 and 0.9.5a  [XX XXX 2000]
  
+  *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length
+     was larger than the MD block size.      
+     [Steve Henson, pointed out by Yost William <YostW@tce.com>]
+
    *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
       fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
       using the passed key: if the passed key was a private key the result
    *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
       fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
       using the passed key: if the passed key was a private key the result
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c

index 23b7c98f8fa1f00d4acf34c10dfeccc237df7973..e1ec79e09337c1ecbcb9aa9e0760d0139011588e 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -88,9 +88,11 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
                 else
                         {
                         memcpy(ctx->key,key,len);
                 else
                         {
                         memcpy(ctx->key,key,len);
-                       memset(&(ctx->key[len]),0,sizeof(ctx->key)-len);
                         ctx->key_length=len;
                         }
                         ctx->key_length=len;
                         }
+               if(ctx->key_length != HMAC_MAX_MD_CBLOCK)
+                       memset(&ctx->key[ctx->key_length], 0,
+                               HMAC_MAX_MD_CBLOCK - ctx->key_length);
                 }
  
         if (reset)      
                 }
  
         if (reset)
author	Dr. Stephen Henson <steve@openssl.org>
	Mon, 27 Mar 2000 00:53:27 +0000 (00:53 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Mon, 27 Mar 2000 00:53:27 +0000 (00:53 +0000)
CHANGES		patch \| blob \| history
crypto/hmac/hmac.c		patch \| blob \| history