From 9776cb63ad0fa93cdf579105cc7423b4bbb5316c Mon Sep 17 00:00:00 2001 From: Xin LI Date: Fri, 10 Aug 2012 04:48:58 +0000 Subject: [PATCH] RFC 2289 requires all hashes be stored in little endian format before folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32 is required before using the value. Without this change, the implementation does not conform to test vector found in RFC 2289. PR: bin/170519 Submitted by: Arthur Mesh (with changes) MFC after: 1 week --- contrib/opie/libopie/hash.c | 9 +++++++++ contrib/opie/libopie/hashlen.c | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/contrib/opie/libopie/hash.c b/contrib/opie/libopie/hash.c index babcbfae3aa9..8a59f4162c60 100644 --- a/contrib/opie/libopie/hash.c +++ b/contrib/opie/libopie/hash.c @@ -17,6 +17,8 @@ you didn't get a copy, you may request one from . $FreeBSD$ */ +#include + #include "opie_cfg.h" #include "opie.h" @@ -39,6 +41,13 @@ unsigned algorithm) SHA1_Final((unsigned char *)digest, &sha); results[0] = digest[0] ^ digest[2] ^ digest[4]; results[1] = digest[1] ^ digest[3]; + + /* + * RFC2289 mandates that we convert SHA1 digest from big-endian to little + * see Appendix A. + */ + results[0] = bswap32(results[0]); + results[1] = bswap32(results[1]); }; break; case 4: diff --git a/contrib/opie/libopie/hashlen.c b/contrib/opie/libopie/hashlen.c index 29d855deaa3b..0d5808c12450 100644 --- a/contrib/opie/libopie/hashlen.c +++ b/contrib/opie/libopie/hashlen.c @@ -14,6 +14,8 @@ you didn't get a copy, you may request one from . $FreeBSD$ */ +#include + #include "opie_cfg.h" #include "opie.h" @@ -36,6 +38,13 @@ VOIDPTR in AND struct opie_otpkey *out AND int n) SHA1_Final((unsigned char *)digest, &sha); results[0] = digest[0] ^ digest[2] ^ digest[4]; results[1] = digest[1] ^ digest[3]; + + /* + * RFC2289 mandates that we convert SHA1 digest from big-endian to little + * see Appendix A. + */ + results[0] = bswap32(results[0]); + results[1] = bswap32(results[1]); break; } case 4: {