Update comments for HMAC to give a more accurate bound than EVP_MD_MAX_SIZE
BUG=59
Change-Id: If3a788ec1328226d69293996845fa1d14690bf40
Reviewed-on: https://boringssl-review.googlesource.com/9068
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/hmac/hmac_test.cc b/crypto/hmac/hmac_test.cc
index da390ef..2bcb162 100644
--- a/crypto/hmac/hmac_test.cc
+++ b/crypto/hmac/hmac_test.cc
@@ -104,11 +104,13 @@
}
// Test using the one-shot API.
- uint8_t mac[EVP_MAX_MD_SIZE];
+ unsigned expected_mac_len = EVP_MD_size(digest);
+ std::unique_ptr<uint8_t[]> mac(new uint8_t[expected_mac_len]);
unsigned mac_len;
if (nullptr == HMAC(digest, key.data(), key.size(), input.data(),
- input.size(), mac, &mac_len) ||
- !t->ExpectBytesEqual(output.data(), output.size(), mac, mac_len)) {
+ input.size(), mac.get(), &mac_len) ||
+ mac_len != expected_mac_len ||
+ !t->ExpectBytesEqual(output.data(), output.size(), mac.get(), mac_len)) {
t->PrintLine("One-shot API failed.");
return false;
}
@@ -117,8 +119,9 @@
ScopedHMAC_CTX ctx;
if (!HMAC_Init_ex(ctx.get(), key.data(), key.size(), digest, nullptr) ||
!HMAC_Update(ctx.get(), input.data(), input.size()) ||
- !HMAC_Final(ctx.get(), mac, &mac_len) ||
- !t->ExpectBytesEqual(output.data(), output.size(), mac, mac_len)) {
+ !HMAC_Final(ctx.get(), mac.get(), &mac_len) ||
+ mac_len != expected_mac_len ||
+ !t->ExpectBytesEqual(output.data(), output.size(), mac.get(), mac_len)) {
t->PrintLine("HMAC_CTX failed.");
return false;
}
@@ -126,8 +129,9 @@
// Test that an HMAC_CTX may be reset with the same key.
if (!HMAC_Init_ex(ctx.get(), nullptr, 0, digest, nullptr) ||
!HMAC_Update(ctx.get(), input.data(), input.size()) ||
- !HMAC_Final(ctx.get(), mac, &mac_len) ||
- !t->ExpectBytesEqual(output.data(), output.size(), mac, mac_len)) {
+ !HMAC_Final(ctx.get(), mac.get(), &mac_len) ||
+ mac_len != expected_mac_len ||
+ !t->ExpectBytesEqual(output.data(), output.size(), mac.get(), mac_len)) {
t->PrintLine("HMAC_CTX with reset failed.");
return false;
}
@@ -143,8 +147,9 @@
return false;
}
}
- if (!HMAC_Final(ctx.get(), mac, &mac_len) ||
- !t->ExpectBytesEqual(output.data(), output.size(), mac, mac_len)) {
+ if (!HMAC_Final(ctx.get(), mac.get(), &mac_len) ||
+ mac_len != expected_mac_len ||
+ !t->ExpectBytesEqual(output.data(), output.size(), mac.get(), mac_len)) {
t->PrintLine("HMAC_CTX streaming failed.");
return false;
}
diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 5a4e9c7..35c7f58 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -74,8 +74,9 @@
/* HMAC calculates the HMAC of |data_len| bytes of |data|, using the given key
* and hash function, and writes the result to |out|. On entry, |out| must
- * contain |EVP_MAX_MD_SIZE| bytes of space. The actual length of the result is
- * written to |*out_len|. It returns |out| or NULL on error. */
+ * contain at least |EVP_MD_size| bytes of space. The actual length of the
+ * result is written to |*out_len|. An output size of |EVP_MAX_MD_SIZE| will
+ * always be large enough. It returns |out| or NULL on error. */
OPENSSL_EXPORT uint8_t *HMAC(const EVP_MD *evp_md, const void *key,
size_t key_len, const uint8_t *data,
size_t data_len, uint8_t *out,
@@ -112,8 +113,9 @@
/* HMAC_Final completes the HMAC operation in |ctx| and writes the result to
* |out| and the sets |*out_len| to the length of the result. On entry, |out|
- * must contain at least |EVP_MAX_MD_SIZE| bytes of space. It returns one on
- * success or zero on error. */
+ * must contain at least |HMAC_size| bytes of space. An output size of
+ * |EVP_MAX_MD_SIZE| will always be large enough. It returns one on success or
+ * zero on error. */
OPENSSL_EXPORT int HMAC_Final(HMAC_CTX *ctx, uint8_t *out,
unsigned int *out_len);
