From f38a321e64e700407554c2aa55f26d97b6f349d9 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Wed, 22 Nov 2017 06:53:52 +0900 Subject: [PATCH] HMAC_Init_ex with NULL key to recover Hmac initial state --- src/ssl.c | 14 ++++++++++---- wolfssl/openssl/hmac.h | 2 ++ 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index bd6c131ba..d713fb323 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -24645,7 +24645,7 @@ int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx) int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e) { - WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex()"); + WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex"); /* WOLFSSL_ENGINE not used, call wolfSSL_HMAC_Init */ (void)e; @@ -24805,10 +24805,16 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, wc_HmacFree(&ctx->hmac); return WOLFSSL_FAILURE; } + XMEMCPY((byte *)&ctx->save_key, (const byte*)key, (word32)keylen); + ctx->save_len = keylen; + } + /* OpenSSL compat, no error */ + } else if(ctx->type) { + WOLFSSL_MSG("recover hmac"); + if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) { + wc_HmacSetKey(&ctx->hmac, ctx->type, (byte *)&ctx->save_key, + (word32)ctx->save_len); } - } else { - WOLFSSL_MSG("no key or keylen"); - return WOLFSSL_FAILURE; } return WOLFSSL_SUCCESS; diff --git a/wolfssl/openssl/hmac.h b/wolfssl/openssl/hmac.h index d78cfda59..37a78d154 100644 --- a/wolfssl/openssl/hmac.h +++ b/wolfssl/openssl/hmac.h @@ -53,6 +53,8 @@ WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, typedef struct WOLFSSL_HMAC_CTX { Hmac hmac; int type; + byte save_key[HMAC_BLOCK_SIZE]; /* save initial hmac after wc_HmacSetKey */ + word32 save_len; } WOLFSSL_HMAC_CTX;