aboutsummaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2008-04-14 20:11:49 +0300
committerJouni Malinen <j@w1.fi>2008-04-14 20:11:49 +0300
commit1c156e783d3510e07d59bfc34f860061e5552a30 (patch)
treeab7b110ad177d3263883faaeed0013dc6b16901a /src/crypto
parent0d5822999428e7257b7b41e720342bd334c3a90d (diff)
downloadexternal_wpa_supplicant_8_ti-1c156e783d3510e07d59bfc34f860061e5552a30.zip
external_wpa_supplicant_8_ti-1c156e783d3510e07d59bfc34f860061e5552a30.tar.gz
external_wpa_supplicant_8_ti-1c156e783d3510e07d59bfc34f860061e5552a30.tar.bz2
Fixed tls_prf() to handle keys with odd length
The middle byte of the secret (key for PRF) is shared with key halfs in case the key length is odd. This does not happen in any of the current tls_prf() uses, but it's better to fix this function to avoid future issues should someone end up defining a use that uses an odd length for the key.
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/sha1.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/crypto/sha1.c b/src/crypto/sha1.c
index 39c5ce0..0d79719 100644
--- a/src/crypto/sha1.c
+++ b/src/crypto/sha1.c
@@ -265,6 +265,10 @@ int tls_prf(const u8 *secret, size_t secret_len, const char *label,
L_S1 = L_S2 = (secret_len + 1) / 2;
S1 = secret;
S2 = secret + L_S1;
+ if (secret_len & 1) {
+ /* The last byte of S1 will be shared with S2 */
+ S2--;
+ }
hmac_md5_vector(S1, L_S1, 2, &MD5_addr[1], &MD5_len[1], A_MD5);
hmac_sha1_vector(S2, L_S2, 2, &SHA1_addr[1], &SHA1_len[1], A_SHA1);