Bugzilla Bug 313196: HMAC code should not use a fixed hash input block size
authorwtchang%redhat.com
Tue, 19 Jun 2012 05:46:55 +0000
changeset 10386 7e88434192fc25122b709522b9cc8c4c8428f822
parent 10385 288c5c2c0a87531bb30593efe17640b887a6a202
child 10387 e6cb1cb44ca620a58319d33ede94f7d65844b38d
push idunknown
push userunknown
push dateunknown
bugs313196
Bugzilla Bug 313196: HMAC code should not use a fixed hash input block size of 64 bytes, which is wrong for SHA-384 and SHA-512. This requires adding the hash input block size to the SECHashObject structure. r=relyea,nelsonb Modified Files: cryptohi/hasht.h cryptohi/sechash.c freebl/alghmac.c freebl/blapit.h freebl/rawhash.c
security/nss/lib/util/hasht.h
--- a/security/nss/lib/util/hasht.h
+++ b/security/nss/lib/util/hasht.h
@@ -67,23 +67,25 @@ typedef enum {
 #define SHA384_LENGTH 	48
 #define SHA512_LENGTH 	64
 #define HASH_LENGTH_MAX SHA512_LENGTH
 
 /*
  * Structure to hold hash computation info and routines
  */
 struct SECHashObjectStr {
-    unsigned int length;
+    unsigned int length;  /* hash output length (in bytes) */
     void * (*create)(void);
     void * (*clone)(void *);
     void (*destroy)(void *, PRBool);
     void (*begin)(void *);
     void (*update)(void *, const unsigned char *, unsigned int);
     void (*end)(void *, unsigned char *, unsigned int *, unsigned int);
+    unsigned int blocklength;  /* hash input block size (in bytes) */
+    HASH_HashType type;
 };
 
 struct HASHContextStr {
     const struct SECHashObjectStr *hashobj;
     void *hash_context;
 };
 
 /* This symbol is NOT exported from the NSS DLL.  Code that needs a