SHA384_DIGEST_LENGTH in sha2_mac_atomic(), but not ..._verify_atomic()

Dan McDonald danmcd at sun.com
Wed Feb 13 15:06:58 PST 2008 

On Wed, Feb 13, 2008 at 05:52:46PM -0500, Dan McDonald wrote:
> This would probably explain why my test vectors work - they just call, then
> print.
> 
> I'll check with code later, but in sha2_mac_verify_atomic(), the same code
> has this:
> 
> 	/*
> 	 * Do an SHA2 update on the outer context, feeding the inner
> 	 * digest as data.
> 	 */
> 	SHA2Update(&sha2_hmac_ctx.hc_ocontext, digest, sha_digest_len);
> 
> 
> without any SHA384 exception.  Is this a bug?

If it *is* a bug, the fix is just like the other one.  Here's a udiff.

Dan

===================== (Cut up to and including here.) =====================


------- usr/src/uts/common/crypto/io/sha2_mod.c -------

Index: usr/src/uts/common/crypto/io/sha2_mod.c
--- /net/zhadum.east/export/clones/onnv-clone/usr/src/uts/common/crypto/io/sha2_mod.c	Tue Sep 18 03:06:06 2007
+++ /net/zhadum.east/export/ws/danmcd/sha2/usr/src/uts/common/crypto/io/sha2_mod.c	Wed Feb 13 17:57:08 2008
@@ -24,7 +24,7 @@
  * Use is subject to license terms.
  */
 
-#pragma ident	"@(#)sha2_mod.c	1.3	07/09/12 SMI"
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
 
 #include <sys/modctl.h>
 #include <sys/cmn_err.h>
@@ -1266,7 +1266,8 @@
 	 * digest as data.
 	 *
 	 * Make sure that SHA384 is handled special because
-	 * it cannot feed a 60-byte inner hash to the outer
+	 * it cannot feed a 64-byte inner hash to the outer hash, it needs
+	 * to feed a 48-byte one.
 	 */
 	if (mechanism->cm_type == SHA384_HMAC_MECH_INFO_TYPE ||
 	    mechanism->cm_type == SHA384_HMAC_GEN_MECH_INFO_TYPE)
@@ -1408,8 +1409,17 @@
 	/*
 	 * Do an SHA2 update on the outer context, feeding the inner
 	 * digest as data.
+	 *
+	 * Make sure that SHA384 is handled special because
+	 * it cannot feed a 64-byte inner hash to the outer hash, it needs
+	 * to feed a 48-byte one.
 	 */
-	SHA2Update(&sha2_hmac_ctx.hc_ocontext, digest, sha_digest_len);
+	if (mechanism->cm_type == SHA384_HMAC_MECH_INFO_TYPE ||
+	    mechanism->cm_type == SHA384_HMAC_GEN_MECH_INFO_TYPE)
+		SHA2Update(&sha2_hmac_ctx.hc_ocontext, digest,
+		    SHA384_DIGEST_LENGTH);
+	else
+		SHA2Update(&sha2_hmac_ctx.hc_ocontext, digest, sha_digest_len);
 
 	/*
 	 * Do a SHA2 final on the outer context, storing the computed

More information about the crypto-discuss mailing list