From e0810e3502bbf14ee274033e7eeabb551ce38510 Mon Sep 17 00:00:00 2001 From: Pauli Date: Thu, 16 Aug 2018 08:54:35 +1000 Subject: [PATCH] Fix HMAC SHA3-224 and HMAC SHA3-256. Added NIST test cases for these two as well. Additionally deprecate the public definiton of HMAC_MAX_MD_CBLOCK in 1.2.0. Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/6972) --- crypto/hmac/hmac.c | 12 ++++---- crypto/hmac/hmac_lcl.h | 7 +++-- include/openssl/hmac.h | 6 ++-- test/recipes/30-test_evp_data/evpmac.txt | 36 ++++++++++++++++++++++++ 4 files changed, 51 insertions(+), 10 deletions(-) diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index e0944b985a..e4031b44a5 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -20,7 +20,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, { int rv = 0; int i, j, reset = 0; - unsigned char pad[HMAC_MAX_MD_CBLOCK]; + unsigned char pad[HMAC_MAX_MD_CBLOCK_SIZE]; /* If we are changing MD then we must have a key */ if (md != NULL && md != ctx->md && (key == NULL || len < 0)) @@ -52,19 +52,19 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, memcpy(ctx->key, key, len); ctx->key_length = len; } - if (ctx->key_length != HMAC_MAX_MD_CBLOCK) + if (ctx->key_length != HMAC_MAX_MD_CBLOCK_SIZE) memset(&ctx->key[ctx->key_length], 0, - HMAC_MAX_MD_CBLOCK - ctx->key_length); + HMAC_MAX_MD_CBLOCK_SIZE - ctx->key_length); } if (reset) { - for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) + for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++) pad[i] = 0x36 ^ ctx->key[i]; if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl) || !EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md))) goto err; - for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) + for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++) pad[i] = 0x5c ^ ctx->key[i]; if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl) || !EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md))) @@ -194,7 +194,7 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) goto err; if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx)) goto err; - memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); + memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK_SIZE); dctx->key_length = sctx->key_length; dctx->md = sctx->md; return 1; diff --git a/crypto/hmac/hmac_lcl.h b/crypto/hmac/hmac_lcl.h index 7ba0aac483..8fd8345694 100644 --- a/crypto/hmac/hmac_lcl.h +++ b/crypto/hmac/hmac_lcl.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,13 +10,16 @@ #ifndef HEADER_HMAC_LCL_H # define HEADER_HMAC_LCL_H +/* The current largest case is for SHA3-224 */ +#define HMAC_MAX_MD_CBLOCK_SIZE 144 + struct hmac_ctx_st { const EVP_MD *md; EVP_MD_CTX *md_ctx; EVP_MD_CTX *i_ctx; EVP_MD_CTX *o_ctx; unsigned int key_length; - unsigned char key[HMAC_MAX_MD_CBLOCK]; + unsigned char key[HMAC_MAX_MD_CBLOCK_SIZE]; }; #endif diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h index 9f06896059..458efc1d51 100644 --- a/include/openssl/hmac.h +++ b/include/openssl/hmac.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -14,7 +14,9 @@ # include -# define HMAC_MAX_MD_CBLOCK 128/* largest known is SHA512 */ +# if OPENSSL_API_COMPAT < 0x10200000L +# define HMAC_MAX_MD_CBLOCK 128 /* Deprecated */ +# endif #ifdef __cplusplus extern "C" { diff --git a/test/recipes/30-test_evp_data/evpmac.txt b/test/recipes/30-test_evp_data/evpmac.txt index ef7ba940cc..9de8be1ab4 100644 --- a/test/recipes/30-test_evp_data/evpmac.txt +++ b/test/recipes/30-test_evp_data/evpmac.txt @@ -248,6 +248,42 @@ Title = SHA3 # NIST's test vectors +MAC = HMAC +Algorithm = SHA3-224 +Input = "Sample message for keylen