From: Dr. Stephen Henson Date: Mon, 27 Mar 2000 00:53:27 +0000 (+0000) Subject: Fix for HMAC. X-Git-Tag: OpenSSL_0_9_5a~13 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=b475baffb27fdb8342c717bc89e1c1dec0e6c0f1;p=oweals%2Fopenssl.git Fix for HMAC. --- diff --git a/CHANGES b/CHANGES index 0073a5c84f..b98ea514a0 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.5 and 0.9.5a [XX XXX 2000] + *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length + was larger than the MD block size. + [Steve Henson, pointed out by Yost William ] + *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set() using the passed key: if the passed key was a private key the result diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index 23b7c98f8f..e1ec79e093 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -88,9 +88,11 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, else { memcpy(ctx->key,key,len); - memset(&(ctx->key[len]),0,sizeof(ctx->key)-len); ctx->key_length=len; } + if(ctx->key_length != HMAC_MAX_MD_CBLOCK) + memset(&ctx->key[ctx->key_length], 0, + HMAC_MAX_MD_CBLOCK - ctx->key_length); } if (reset)