arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix UBsan finding in HKDF 

This was introduced when HKDF was reworked for the new KeyDerivationFunction interface
pull/640/head
Jeffrey Walton 2018-04-08 03:20:14 -04:00
parent 71e9fece87
commit 9a991ac1eb
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hkdf.h
View File

@ -15,8 +15,10 @@ NAMESPACE_BEGIN(CryptoPP)
/// \brief Extract-and-Expand Key Derivation Function (HKDF)
/// \tparam T HashTransformation class
/// \sa <A HREF="http://eprint.iacr.org/2010/264">Cryptographic Extraction and Key Derivation: The HKDF Scheme</A>
/// and <A HREF="http://tools.ietf.org/html/rfc5869">HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</A>
/// \sa <A HREF="http://eprint.iacr.org/2010/264">Cryptographic Extraction and Key
/// Derivation: The HKDF Scheme</A> and
/// <A HREF="http://tools.ietf.org/html/rfc5869">HMAC-based Extract-and-Expand Key
/// Derivation Function (HKDF)</A>
/// \since Crypto++ 5.6.3
template <class T>
class HKDF : public KeyDerivationFunction
@ -128,6 +130,13 @@ size_t HKDF<T>::DeriveKey(byte *derived, size_t derivedLen, const byte *secret,
ThrowIfInvalidDerivedLength(derivedLen);
// HKDF business logic. NULL is different than empty.
if (salt == NULLPTR)
{
salt = GetNullVector();
saltLen = T::DIGESTSIZE;
}
// key is PRK from the RFC, salt is IKM from the RFC
HMAC<T> hmac;
SecByteBlock key(T::DIGESTSIZE), buffer(T::DIGESTSIZE);