oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Use EVP HMAC() function for HMAC-SHA1

Browse Source 
Use the EVP HMAC() function that we use for SHA2 HMACs for SHA1 as
well.
This commit is contained in:
Simon Wilkinson
2018-05-14 14:16:31 +01:00
committed by Jeffrey Altman
parent 9a66752926
commit c2271cfbfb
2 changed files with 30 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/krb5/crypto.c
View File

@@ -315,18 +315,17 @@ _krb5_SP_HMAC_SHA1_checksum(krb5_context context,
int niov,
Checksum *result)
{
struct _krb5_checksum_type *c = _krb5_find_checksum(CKSUMTYPE_SHA1);
Checksum res;
char sha1_data[20];
krb5_error_code ret;
unsigned char hmac[EVP_MAX_MD_SIZE];
unsigned int hmaclen = sizeof(hmac);
res.checksum.data = sha1_data;
res.checksum.length = sizeof(sha1_data);
ret = _krb5_evp_hmac_iov(context, key, iov, niov, hmac, &hmaclen,
EVP_sha1(), NULL);
heim_assert(result->checksum.length <= hmaclen,
"SHA1 checksum too short");
memcpy(result->checksum.data, hmac, result->checksum.length);
ret = _krb5_internal_hmac_iov(context, c, usage, iov, niov, key, &res);
if (ret)
krb5_abortx(context, "hmac failed");
memcpy(result->checksum.data, res.checksum.data, result->checksum.length);
return 0;
}