Pages: 1

#1 2015-12-22 09:33:03

EvaF
Member
Registered: 2014-07-19
Posts: 40

Crypto HMAC_SHA256 procedure

Hi,
I am not expert for Crypto, but imho in HMAC_SHA256 procedure  is a small inaccuracy, that causes the problems for key longer than 64 chars.

I think, that it should be:

procedure HMAC_SHA256(key,msg: pointer; keylen,msglen: integer; out result: TSHA256Digest);
var i: integer;
    sha: TSHA256;
    k0,k0xorIpad,step7data: array[0..15] of cardinal;
begin
  FillcharFast(k0,sizeof(k0),0);
  if keylen>64 then
    sha.Full(key,keylen,PSHA256Digest(@k0)^) else        // < --- originally   sha.Full(key,64,PSHA256Digest(@k0)^) else
    MoveFast(key^,k0,keylen);
  for i := 0 to 15 do
    k0xorIpad[i] := k0[i] xor $36363636;
   ...

Offline

#2 2015-12-22 20:09:56

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,225
Website

Re: Crypto HMAC_SHA256 procedure

Indeed.

Should be fixed by http://synopse.info/fossil/info/b6201d3ab2

Offline

Pages: 1

Board footer

Powered by FluxBB