- Fixed faulty HMAC-MD2 implementation (Fixes ticket #37)

This commit is contained in:
Paul Bakker 2011-10-06 14:18:49 +00:00
parent d246ed30bd
commit fa1c592860
5 changed files with 33 additions and 17 deletions

View File

@ -14,6 +14,10 @@ Changes
* Fixed rsa_encrypt and rsa_decrypt examples to use public key for * Fixed rsa_encrypt and rsa_decrypt examples to use public key for
encryption and private key for decryption. (Closes ticket #34) encryption and private key for decryption. (Closes ticket #34)
Bugfix
* Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes
ticket #37)
= Version 1.0.0 released on 2011-07-27 = Version 1.0.0 released on 2011-07-27
Features Features
* Expanded cipher layer with support for CFB128 and CTR mode * Expanded cipher layer with support for CFB128 and CTR mode

View File

@ -38,8 +38,8 @@ typedef struct
unsigned char state[48]; /*!< intermediate digest state */ unsigned char state[48]; /*!< intermediate digest state */
unsigned char buffer[16]; /*!< data block being processed */ unsigned char buffer[16]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */ unsigned char ipad[16]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */ unsigned char opad[16]; /*!< HMAC: outer padding */
size_t left; /*!< amount of data in buffer */ size_t left; /*!< amount of data in buffer */
} }
md2_context; md2_context;

View File

@ -219,15 +219,15 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen
size_t i; size_t i;
unsigned char sum[16]; unsigned char sum[16];
if( keylen > 64 ) if( keylen > 16 )
{ {
md2( key, keylen, sum ); md2( key, keylen, sum );
keylen = 16; keylen = 16;
key = sum; key = sum;
} }
memset( ctx->ipad, 0x36, 64 ); memset( ctx->ipad, 0x36, 16 );
memset( ctx->opad, 0x5C, 64 ); memset( ctx->opad, 0x5C, 16 );
for( i = 0; i < keylen; i++ ) for( i = 0; i < keylen; i++ )
{ {
@ -236,7 +236,7 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen
} }
md2_starts( ctx ); md2_starts( ctx );
md2_update( ctx, ctx->ipad, 64 ); md2_update( ctx, ctx->ipad, 16 );
memset( sum, 0, sizeof( sum ) ); memset( sum, 0, sizeof( sum ) );
} }
@ -258,7 +258,7 @@ void md2_hmac_finish( md2_context *ctx, unsigned char output[16] )
md2_finish( ctx, tmpbuf ); md2_finish( ctx, tmpbuf );
md2_starts( ctx ); md2_starts( ctx );
md2_update( ctx, ctx->opad, 64 ); md2_update( ctx, ctx->opad, 16 );
md2_update( ctx, tmpbuf, 16 ); md2_update( ctx, tmpbuf, 16 );
md2_finish( ctx, output ); md2_finish( ctx, output );
@ -271,7 +271,7 @@ void md2_hmac_finish( md2_context *ctx, unsigned char output[16] )
void md2_hmac_reset( md2_context *ctx ) void md2_hmac_reset( md2_context *ctx )
{ {
md2_starts( ctx ); md2_starts( ctx );
md2_update( ctx, ctx->ipad, 64 ); md2_update( ctx, ctx->ipad, 16 );
} }
/* /*

View File

@ -84,15 +84,15 @@ md_text:"md5":"12345678901234567890123456789012345678901234567890123456789012345
generic HMAC-MD2 Hash File OpenSSL test #1 generic HMAC-MD2 Hash File OpenSSL test #1
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md_hmac:"md2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"65046fb54ae83e4f52ec102e3a139a84" md_hmac:"md2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
generic HMAC-MD2 Hash File OpenSSL test #2 generic HMAC-MD2 Hash File OpenSSL test #2
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md_hmac:"md2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"545addf6466d11b94782312d42f55817" md_hmac:"md2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
generic HMAC-MD2 Hash File OpenSSL test #3 generic HMAC-MD2 Hash File OpenSSL test #3
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md_hmac:"md2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"cefddfc3ffbcb83136e78c75fe0860ce" md_hmac:"md2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
generic HMAC-MD4 Hash File OpenSSL test #1 generic HMAC-MD4 Hash File OpenSSL test #1
depends_on:POLARSSL_MD4_C depends_on:POLARSSL_MD4_C
@ -232,15 +232,15 @@ md_text_multi:"md5":"12345678901234567890123456789012345678901234567890123456789
generic multi step HMAC-MD2 Hash File OpenSSL test #1 generic multi step HMAC-MD2 Hash File OpenSSL test #1
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md_hmac_multi:"md2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"65046fb54ae83e4f52ec102e3a139a84" md_hmac_multi:"md2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
generic multi step HMAC-MD2 Hash File OpenSSL test #2 generic multi step HMAC-MD2 Hash File OpenSSL test #2
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md_hmac_multi:"md2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"545addf6466d11b94782312d42f55817" md_hmac_multi:"md2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
generic multi step HMAC-MD2 Hash File OpenSSL test #3 generic multi step HMAC-MD2 Hash File OpenSSL test #3
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md_hmac_multi:"md2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"cefddfc3ffbcb83136e78c75fe0860ce" md_hmac_multi:"md2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
generic multi step HMAC-MD4 Hash File OpenSSL test #1 generic multi step HMAC-MD4 Hash File OpenSSL test #1
depends_on:POLARSSL_MD4_C depends_on:POLARSSL_MD4_C

View File

@ -84,15 +84,15 @@ md5_text:"1234567890123456789012345678901234567890123456789012345678901234567890
HMAC-MD2 Hash File OpenSSL test #1 HMAC-MD2 Hash File OpenSSL test #1
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md2_hmac:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"65046fb54ae83e4f52ec102e3a139a84" md2_hmac:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
HMAC-MD2 Hash File OpenSSL test #2 HMAC-MD2 Hash File OpenSSL test #2
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md2_hmac:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"545addf6466d11b94782312d42f55817" md2_hmac:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
HMAC-MD2 Hash File OpenSSL test #3 HMAC-MD2 Hash File OpenSSL test #3
depends_on:POLARSSL_MD2_C depends_on:POLARSSL_MD2_C
md2_hmac:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"cefddfc3ffbcb83136e78c75fe0860ce" md2_hmac:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
HMAC-MD4 Hash File OpenSSL test #1 HMAC-MD4 Hash File OpenSSL test #1
depends_on:POLARSSL_MD4_C depends_on:POLARSSL_MD4_C
@ -146,6 +146,18 @@ HMAC-MD5 Test Vector RFC2202 #7
depends_on:POLARSSL_MD5_C depends_on:POLARSSL_MD5_C
md5_hmac:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" md5_hmac:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e"
HMAC-MD2 Bouncy Castle test #1
depends_on:POLARSSL_MD2_C
md2_hmac:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808"
HMAC-MD4 Bouncy Castle test #1
depends_on:POLARSSL_MD4_C
md4_hmac:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a"
HMAC-MD5 Bouncy Castle test #1
depends_on:POLARSSL_MD5_C
md5_hmac:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc"
MD2 Hash file #1 MD2 Hash file #1
depends_on:POLARSSL_MD2_C:POLARSSL_FS_IO depends_on:POLARSSL_MD2_C:POLARSSL_FS_IO
md2_file:"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8" md2_file:"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8"