wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2956 from tmael/hkdf

Browse Source 
Check HKDF-Expand length of output <= 255*HashLen
This commit is contained in:
JacobBarthelmeh
2020-05-08 16:36:40 -06:00
committed by GitHub
parent 51b5f84d00 b39e384cfd
commit 81dc0ac56f
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/hmac.c
View File

@ -1216,10 +1216,17 @@ int wolfSSL_GetHmacMaxSize(void)
word32 hashSz = wc_HmacSizeByType(type); word32 hashSz = wc_HmacSizeByType(type);
byte n = 0x1; byte n = 0x1;
/* RFC 5869 states that the length of output keying material in
octets must be L <= 255*HashLen or N = ceil(L/HashLen) */
if (out == NULL || ((outSz/hashSz) + ((outSz % hashSz) != 0)) > 255)
return BAD_FUNC_ARG;
ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID); ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID);
if (ret != 0) if (ret != 0)
return ret; return ret;
while (outIdx < outSz) { while (outIdx < outSz) {
int tmpSz = (n == 1) ? 0 : hashSz; int tmpSz = (n == 1) ? 0 : hashSz;
word32 left = outSz - outIdx; word32 left = outSz - outIdx;