From 93326b9ca26d5dc7f4a50c76b7a84cd685af9b33 Mon Sep 17 00:00:00 2001
From: David Barksdale <amatus.amongus@gmail.com>
Date: Mon, 18 Oct 2010 05:52:29 +0000
Subject: Fix logic error in HKDF and provide test case for regressions.

---
 src/util/crypto_hkdf.c      |  8 ++++++--
 src/util/test_crypto_hkdf.c | 29 +++++++++++++++++++++++++++++
 2 files changed, 35 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c
index eb91780cb..e27f31bb8 100644
--- a/src/util/crypto_hkdf.c
+++ b/src/util/crypto_hkdf.c
@@ -246,8 +246,12 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len,
   if (d > 0)
     {
       if (t > 0)
-        memcpy (plain, result - k, k);
-      memset (plain + k + ctx_len, i + 1, 1);
+        {
+          memcpy (plain, result - k, k);
+          memset (plain + k + ctx_len, i + 1, 1);
+        }
+      else
+        memset (plain + k + ctx_len, 1, 1);
       gcry_md_reset (prf);
 #if DEBUG_HKDF
       dump("K(t):d", plain, plain_len);
diff --git a/src/util/test_crypto_hkdf.c b/src/util/test_crypto_hkdf.c
index 3a00ce679..80523454e 100644
--- a/src/util/test_crypto_hkdf.c
+++ b/src/util/test_crypto_hkdf.c
@@ -242,6 +242,34 @@ tc7 ()
   GNUNET_assert (memcmp(result + l, "\0", 2) == 0);
 }
 
+void
+tc8 ()
+{
+  unsigned char ikm[32] = { 0xbf, 0x16, 0x6e, 0x46, 0x3a, 0x6c, 0xf3, 0x93, 0xa7, 0x72,
+      0x11, 0xa1, 0xdc, 0x0b, 0x07, 0xdb, 0x1a, 0x5e, 0xd9, 0xb9, 0x81, 0xbe,
+      0xea, 0xe4, 0x31, 0x5f, 0x24, 0xff, 0xfe, 0x50, 0x8a, 0xde };
+  unsigned char salt[4] = { 0xfc, 0x62, 0x76, 0x35 };
+  unsigned char info[86] = { 0x8c, 0x0d, 0xcf, 0xb3, 0x25, 0x6e, 0x88, 0x0d, 0xc1, 0x0b,
+      0x1d, 0x33, 0x15, 0x3e, 0x52, 0x0b, 0xb0, 0x77, 0xff, 0x7d, 0xc3, 0xc7,
+      0xef, 0xe5, 0x8e, 0x3c, 0xc4, 0x4e, 0x8b, 0x41, 0x46, 0x1f, 0x02, 0x94,
+      0x82, 0x35, 0xc5, 0xa6, 0x5e, 0x91, 0xd8, 0xa2, 0x90, 0xfd, 0x6f, 0xb4,
+      0x07, 0xc9, 0xed, 0x6b, 0x18, 0x90, 0x31, 0xab, 0x0f, 0xb5, 0x6b, 0xec,
+      0x9e, 0x45, 0xa2, 0x83, 0x65, 0x41, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61,
+      0x6c, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x76, 0x65, 0x63,
+      0x74, 0x6f, 0x72, 0x00 };
+  unsigned char okm[16] = { 0xd6, 0x90, 0xec, 0x9e, 0x62, 0xdf, 0xb9, 0x41, 0xff, 0x92,
+      0x4f, 0xd2, 0xf6, 0x1d, 0x67, 0xe0 };
+  char result[18];
+  int l = 16;
+
+  memset (result, 0, sizeof(result));
+  GNUNET_assert (GNUNET_CRYPTO_hkdf(result, l, GCRY_MD_SHA512, GCRY_MD_SHA256, salt,
+      sizeof(salt), ikm, sizeof(ikm), info, sizeof(info),
+      NULL) == GNUNET_YES);
+  GNUNET_assert (memcmp(result, okm, l) == 0);
+  GNUNET_assert (memcmp(result + l, "\0", 2) == 0);
+}
+
 int
 main ()
 {
@@ -257,6 +285,7 @@ main ()
 
   /* Additional tests */
   tc7();
+  tc8();
 
   return 0;
 }
-- 
cgit v1.2.3