2 files changed, 35 insertions, 2 deletions
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c
index eb91780cb..e27f31bb8 100644
--- a/src/util/crypto_hkdf.c
+++ b/src/util/crypto_hkdf.c
@@ -246,8 +246,12 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len,
  if (d > 0)
    {
      if (t > 0)
-        memcpy (plain, result - k, k);
+        {
-      memset (plain + k + ctx_len, i + 1, 1);
+          memcpy (plain, result - k, k);
+          memset (plain + k + ctx_len, i + 1, 1);
+        }
+      else
+        memset (plain + k + ctx_len, 1, 1);
      gcry_md_reset (prf);
 #if DEBUG_HKDF
      dump("K(t):d", plain, plain_len);
diff --git a/src/util/test_crypto_hkdf.c b/src/util/test_crypto_hkdf.c
index 3a00ce679..80523454e 100644
--- a/src/util/test_crypto_hkdf.c
+++ b/src/util/test_crypto_hkdf.c
@@ -242,6 +242,34 @@ tc7 ()
  GNUNET_assert (memcmp(result + l, "\0", 2) == 0);
 }
+void
+tc8 ()
+{
+  unsigned char ikm[32] = { 0xbf, 0x16, 0x6e, 0x46, 0x3a, 0x6c, 0xf3, 0x93, 0xa7, 0x72,
+      0x11, 0xa1, 0xdc, 0x0b, 0x07, 0xdb, 0x1a, 0x5e, 0xd9, 0xb9, 0x81, 0xbe,
+      0xea, 0xe4, 0x31, 0x5f, 0x24, 0xff, 0xfe, 0x50, 0x8a, 0xde };
+  unsigned char salt[4] = { 0xfc, 0x62, 0x76, 0x35 };
+  unsigned char info[86] = { 0x8c, 0x0d, 0xcf, 0xb3, 0x25, 0x6e, 0x88, 0x0d, 0xc1, 0x0b,
+      0x1d, 0x33, 0x15, 0x3e, 0x52, 0x0b, 0xb0, 0x77, 0xff, 0x7d, 0xc3, 0xc7,
+      0xef, 0xe5, 0x8e, 0x3c, 0xc4, 0x4e, 0x8b, 0x41, 0x46, 0x1f, 0x02, 0x94,
+      0x82, 0x35, 0xc5, 0xa6, 0x5e, 0x91, 0xd8, 0xa2, 0x90, 0xfd, 0x6f, 0xb4,
+      0x07, 0xc9, 0xed, 0x6b, 0x18, 0x90, 0x31, 0xab, 0x0f, 0xb5, 0x6b, 0xec,
+      0x9e, 0x45, 0xa2, 0x83, 0x65, 0x41, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61,
+      0x6c, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x76, 0x65, 0x63,
+      0x74, 0x6f, 0x72, 0x00 };
+  unsigned char okm[16] = { 0xd6, 0x90, 0xec, 0x9e, 0x62, 0xdf, 0xb9, 0x41, 0xff, 0x92,
+      0x4f, 0xd2, 0xf6, 0x1d, 0x67, 0xe0 };
+  char result[18];
+  int l = 16;
+  memset (result, 0, sizeof(result));
+  GNUNET_assert (GNUNET_CRYPTO_hkdf(result, l, GCRY_MD_SHA512, GCRY_MD_SHA256, salt,
+      sizeof(salt), ikm, sizeof(ikm), info, sizeof(info),
+      NULL) == GNUNET_YES);
+  GNUNET_assert (memcmp(result, okm, l) == 0);
+  GNUNET_assert (memcmp(result + l, "\0", 2) == 0);
+}
 int
 main ()
 {
@@ -257,6 +285,7 @@ main ()
  /* Additional tests */
  tc7();
+  tc8();
  return 0;
 }

diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c index eb91780cb..e27f31bb8 100644 --- a/src/util/crypto_hkdf.c +++ b/src/util/crypto_hkdf.c
@@ -246,8 +246,12 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len,
246	if (d > 0)	246	if (d > 0)
247	{	247	{
248	if (t > 0)	248	if (t > 0)
249	memcpy (plain, result - k, k);	249	{
250	memset (plain + k + ctx_len, i + 1, 1);	250	memcpy (plain, result - k, k);
		251	memset (plain + k + ctx_len, i + 1, 1);
		252	}
		253	else
		254	memset (plain + k + ctx_len, 1, 1);
251	gcry_md_reset (prf);	255	gcry_md_reset (prf);
252	#if DEBUG_HKDF	256	#if DEBUG_HKDF
253	dump("K(t):d", plain, plain_len);	257	dump("K(t):d", plain, plain_len);


diff --git a/src/util/test_crypto_hkdf.c b/src/util/test_crypto_hkdf.c index 3a00ce679..80523454e 100644 --- a/src/util/test_crypto_hkdf.c +++ b/src/util/test_crypto_hkdf.c
@@ -242,6 +242,34 @@ tc7 ()
242	GNUNET_assert (memcmp(result + l, "\0", 2) == 0);	242	GNUNET_assert (memcmp(result + l, "\0", 2) == 0);
243	}	243	}
244		244
		245	void
		246	tc8 ()
		247	{
		248	unsigned char ikm[32] = { 0xbf, 0x16, 0x6e, 0x46, 0x3a, 0x6c, 0xf3, 0x93, 0xa7, 0x72,
		249	0x11, 0xa1, 0xdc, 0x0b, 0x07, 0xdb, 0x1a, 0x5e, 0xd9, 0xb9, 0x81, 0xbe,
		250	0xea, 0xe4, 0x31, 0x5f, 0x24, 0xff, 0xfe, 0x50, 0x8a, 0xde };
		251	unsigned char salt[4] = { 0xfc, 0x62, 0x76, 0x35 };
		252	unsigned char info[86] = { 0x8c, 0x0d, 0xcf, 0xb3, 0x25, 0x6e, 0x88, 0x0d, 0xc1, 0x0b,
		253	0x1d, 0x33, 0x15, 0x3e, 0x52, 0x0b, 0xb0, 0x77, 0xff, 0x7d, 0xc3, 0xc7,
		254	0xef, 0xe5, 0x8e, 0x3c, 0xc4, 0x4e, 0x8b, 0x41, 0x46, 0x1f, 0x02, 0x94,
		255	0x82, 0x35, 0xc5, 0xa6, 0x5e, 0x91, 0xd8, 0xa2, 0x90, 0xfd, 0x6f, 0xb4,
		256	0x07, 0xc9, 0xed, 0x6b, 0x18, 0x90, 0x31, 0xab, 0x0f, 0xb5, 0x6b, 0xec,
		257	0x9e, 0x45, 0xa2, 0x83, 0x65, 0x41, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61,
		258	0x6c, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x76, 0x65, 0x63,
		259	0x74, 0x6f, 0x72, 0x00 };
		260	unsigned char okm[16] = { 0xd6, 0x90, 0xec, 0x9e, 0x62, 0xdf, 0xb9, 0x41, 0xff, 0x92,
		261	0x4f, 0xd2, 0xf6, 0x1d, 0x67, 0xe0 };
		262	char result[18];
		263	int l = 16;
		264
		265	memset (result, 0, sizeof(result));
		266	GNUNET_assert (GNUNET_CRYPTO_hkdf(result, l, GCRY_MD_SHA512, GCRY_MD_SHA256, salt,
		267	sizeof(salt), ikm, sizeof(ikm), info, sizeof(info),
		268	NULL) == GNUNET_YES);
		269	GNUNET_assert (memcmp(result, okm, l) == 0);
		270	GNUNET_assert (memcmp(result + l, "\0", 2) == 0);
		271	}
		272
245	int	273	int
246	main ()	274	main ()
247	{	275	{
@@ -257,6 +285,7 @@ main ()
257		285
258	/* Additional tests */	286	/* Additional tests */
259	tc7();	287	tc7();
		288	tc8();
260		289
261	return 0;	290	return 0;
262	}	291	}