diff --git a/doc/dox_comments/header_files/hmac.h b/doc/dox_comments/header_files/hmac.h index 5deade4272..713b2f2260 100644 --- a/doc/dox_comments/header_files/hmac.h +++ b/doc/dox_comments/header_files/hmac.h @@ -254,7 +254,8 @@ int wc_HKDF_Extract( \param saltSz length of the salt. Use 0 if not using a salt \param inKey pointer to the buffer containing the key to use for KDF \param inKeySz length of the input key - \param out pointer to the buffer in which to store the derived key + \param out pointer to the buffer in which to store the derived key. Must be + digest length per hash 'type'. See wc_HmacSizeByType() \param heap heap hint to use for memory. Can be NULL \param devId ID to use with crypto callbacks or async hardware. Set to INVALID_DEVID (-2) if not used @@ -275,6 +276,7 @@ int wc_HKDF_Extract( \sa wc_HKDF_Extract \sa wc_HKDF_Expand \sa wc_HKDF_Expand_ex + \sa wc_HmacSizeByType */ int wc_HKDF_Extract_ex( int type, diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 197a435649..9c3692b5f3 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -2532,6 +2532,7 @@ int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz, return wc_CryptoCb_TranslateErrorCode(ret); } +/* NOTE: size of 'out' must be the digest size per hashType */ int wc_CryptoCb_Hkdf_Extract(int hashType, const byte* salt, word32 saltSz, const byte* inKey, word32 inKeySz, byte* out, int devId) { diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 48d84c60f7..a970b46fcf 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -1754,8 +1754,9 @@ int wolfSSL_GetHmacMaxSize(void) const byte* localSalt; /* either points to user input or tmp */ word32 hashSz; - if (out == NULL || (inKey == NULL && inKeySz > 0)) + if (out == NULL || (inKey == NULL && inKeySz > 0)) { return BAD_FUNC_ARG; + } #ifdef WOLF_CRYPTO_CB /* Try crypto callback first */ @@ -1768,8 +1769,9 @@ int wolfSSL_GetHmacMaxSize(void) #endif ret = wc_HmacSizeByType(type); - if (ret < 0) + if (ret < 0) { return ret; + } hashSz = (word32)ret; WC_ALLOC_VAR_EX(myHmac, Hmac, 1, NULL, DYNAMIC_TYPE_HMAC, @@ -1830,12 +1832,14 @@ int wolfSSL_GetHmacMaxSize(void) word32 hashSz; byte n = 0x1; - if (out == NULL || (inKey == NULL && inKeySz > 0)) + if (out == NULL || (inKey == NULL && inKeySz > 0)) { return BAD_FUNC_ARG; + } ret = wc_HmacSizeByType(type); - if (ret < 0) + if (ret < 0) { return ret; + } hashSz = (word32)ret; /* RFC 5869 states that the length of output keying material in diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index 04ec375ca7..7a24e8f743 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -638,20 +638,20 @@ typedef struct wc_CryptoInfo { int hashType; /* WC_SHA256, etc. */ const byte* inKey; /* Input keying material */ word32 inKeySz; - const byte* salt; /* Optional salt */ + const byte* salt; /* Optional salt */ word32 saltSz; - const byte* info; /* Optional info */ + const byte* info; /* Optional info */ word32 infoSz; - byte* out; /* Output key material */ + byte* out; /* Output key material */ word32 outSz; } hkdf; struct { /* HKDF extract */ int hashType; /* WC_SHA256, etc. */ - const byte* salt; /* Optional salt */ - word32 saltSz; + const byte* salt; /* Optional salt */ + word32 saltSz; /* must be 0 if salt==NULL */ const byte* inKey; /* Input keying material */ word32 inKeySz; - byte* out; /* Output key material */ + byte* out; /* out must be size of the hashType digest */ } hkdf_extract; struct { /* HKDF expand */ int hashType; /* WC_SHA256, etc. */ @@ -905,7 +905,7 @@ WOLFSSL_LOCAL int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz, byte* digest); #endif /* !NO_HMAC */ -#ifdef HAVE_HKDF +#if defined(HAVE_HKDF) && !defined(NO_HMAC) WOLFSSL_LOCAL int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz, const byte* salt, word32 saltSz, const byte* info, @@ -916,7 +916,7 @@ WOLFSSL_LOCAL int wc_CryptoCb_Hkdf_Extract(int hashType, const byte* salt, WOLFSSL_LOCAL int wc_CryptoCb_Hkdf_Expand(int hashType, const byte* inKey, word32 inKeySz, const byte* info, word32 infoSz, byte* out, word32 outSz, int devId); -#endif +#endif /* HAVE_HKDF && !NO_HMAC */ #if defined(HAVE_CMAC_KDF) WOLFSSL_LOCAL int wc_CryptoCb_Kdf_TwostepCmac(const byte * salt, word32 saltSz,