[Cryptech-Commits] [sw/libhal] 25/58: HMAC for truncated SHA-512 digests would probably work better if we used the right digest length constants. Doh.

git at cryptech.is git at cryptech.is
Tue Jul 7 18:25:09 UTC 2015


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch master
in repository sw/libhal.

commit f7a65af3e2505642e1006fa35138e87a8f69c37c
Author: Rob Austein <sra at hactrn.net>
Date:   Fri Jun 5 13:51:08 2015 -0400

    HMAC for truncated SHA-512 digests would probably work better if we
    used the right digest length constants.  Doh.
---
 hash.c            |  6 +++---
 tests/test-hash.c | 11 -----------
 2 files changed, 3 insertions(+), 14 deletions(-)

diff --git a/hash.c b/hash.c
index e0445f5..637eb7e 100644
--- a/hash.c
+++ b/hash.c
@@ -172,19 +172,19 @@ const hal_hash_descriptor_t hal_hash_sha256[1] = {{
 }};
 
 const hal_hash_descriptor_t hal_hash_sha512_224[1] = {{
-  SHA512_BLOCK_LEN, SHA512_DIGEST_LEN,
+  SHA512_BLOCK_LEN, SHA512_224_DIGEST_LEN,
   sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t),
   &sha512_224_driver
 }};
 
 const hal_hash_descriptor_t hal_hash_sha512_256[1] = {{
-  SHA512_BLOCK_LEN, SHA512_DIGEST_LEN,
+  SHA512_BLOCK_LEN, SHA512_256_DIGEST_LEN,
   sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t),
   &sha512_256_driver
 }};
 
 const hal_hash_descriptor_t hal_hash_sha384[1] = {{
-  SHA512_BLOCK_LEN, SHA512_DIGEST_LEN,
+  SHA512_BLOCK_LEN, SHA384_DIGEST_LEN,
   sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t),
   &sha384_driver
 }};
diff --git a/tests/test-hash.c b/tests/test-hash.c
index 5ae040b..d5a5a14 100644
--- a/tests/test-hash.c
+++ b/tests/test-hash.c
@@ -697,23 +697,12 @@ int main (int argc, char *argv[])
   ok &= test_hmac(hal_hash_sha256, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha256, "HMAC-SHA-256 test case 6");
   ok &= test_hmac(hal_hash_sha256, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha256, "HMAC-SHA-256 test case 7");
 
-#if 0
-  /*
-   * HMAC-SHA-384 doesn't work with the test vectors provided in RFC
-   * 4231.  I have yet to find an implementation of HMAC-SHA-384 that
-   * /does/ work with those test vectors.  Some day we should figure
-   * out what's going on here, but HMAC-SHA-384 is not currently on
-   * our critical path, and I have more urgent things to work on, so
-   * for now I'm just declaring HMAC-SHA-384 unsupported and disabling
-   * these tests until somebody has time to sort this out.
-   */
   ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha384, "HMAC-SHA-384 test case 1");
   ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha384, "HMAC-SHA-384 test case 2");
   ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_3_key, hmac_sha2_tc_3_data, hmac_sha2_tc_3_result_sha384, "HMAC-SHA-384 test case 3");
   ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_4_key, hmac_sha2_tc_4_data, hmac_sha2_tc_4_result_sha384, "HMAC-SHA-384 test case 4");
   ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha384, "HMAC-SHA-384 test case 6");
   ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha384, "HMAC-SHA-384 test case 7");
-#endif
 
   ok &= test_hmac(hal_hash_sha512, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha512, "HMAC-SHA-512 test case 1");
   ok &= test_hmac(hal_hash_sha512, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha512, "HMAC-SHA-512 test case 2");



More information about the Commits mailing list