diff options
author | Jouni Malinen <j@w1.fi> | 2008-04-14 20:11:49 +0300 |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2008-04-14 20:11:49 +0300 |
commit | 1c156e783d3510e07d59bfc34f860061e5552a30 (patch) | |
tree | ab7b110ad177d3263883faaeed0013dc6b16901a /src/crypto | |
parent | 0d5822999428e7257b7b41e720342bd334c3a90d (diff) | |
download | external_wpa_supplicant_8_ti-1c156e783d3510e07d59bfc34f860061e5552a30.zip external_wpa_supplicant_8_ti-1c156e783d3510e07d59bfc34f860061e5552a30.tar.gz external_wpa_supplicant_8_ti-1c156e783d3510e07d59bfc34f860061e5552a30.tar.bz2 |
Fixed tls_prf() to handle keys with odd length
The middle byte of the secret (key for PRF) is shared with key halfs in
case the key length is odd. This does not happen in any of the current
tls_prf() uses, but it's better to fix this function to avoid future issues
should someone end up defining a use that uses an odd length for the key.
Diffstat (limited to 'src/crypto')
-rw-r--r-- | src/crypto/sha1.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/crypto/sha1.c b/src/crypto/sha1.c index 39c5ce0..0d79719 100644 --- a/src/crypto/sha1.c +++ b/src/crypto/sha1.c @@ -265,6 +265,10 @@ int tls_prf(const u8 *secret, size_t secret_len, const char *label, L_S1 = L_S2 = (secret_len + 1) / 2; S1 = secret; S2 = secret + L_S1; + if (secret_len & 1) { + /* The last byte of S1 will be shared with S2 */ + S2--; + } hmac_md5_vector(S1, L_S1, 2, &MD5_addr[1], &MD5_len[1], A_MD5); hmac_sha1_vector(S2, L_S2, 2, &SHA1_addr[1], &SHA1_len[1], A_SHA1); |