d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

While OpenBSD's crypto/ framework has sha1 and md5 implementations that

Browse Source 
can cope with a result buffer of NULL in the "Final" function, we cannot.
Thus pass in a temporary buffer long enough for either md5 or sha1 results
so that we do not panic.

PR:		bin/126468
MFC after:	1 week
This commit is contained in:
bz 2009-01-28 15:31:16 +00:00
parent 21c0a98c4f
commit f33b8c1e8d
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/opencrypto/cryptosoft.c
View File

@ -433,12 +433,17 @@ swcr_authprepare(struct auth_hash *axf, struct swcr_data *sw, u_char *key,
break;
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
{
/* We need a buffer that can hold an md5 and a sha1 result. */
u_char buf[SHA1_RESULTLEN];
sw->sw_klen = klen;
bcopy(key, sw->sw_octx, klen);
axf->Init(sw->sw_ictx);
axf->Update(sw->sw_ictx, key, klen);
axf->Final(NULL, sw->sw_ictx);
axf->Final(buf, sw->sw_ictx);
break;
}
default:
printf("%s: CRD_F_KEY_EXPLICIT flag given, but algorithm %d "
"doesn't use keys.\n", __func__, axf->type);