hmac: Reset the underlying hasher before doing set_key() with longer keys
authorMartin Willi <martin@revosec.ch>
Fri, 27 Mar 2015 14:48:29 +0000 (15:48 +0100)
committerMartin Willi <martin@revosec.ch>
Fri, 27 Mar 2015 14:53:50 +0000 (15:53 +0100)
The user might have done a non-complete append, having some state in the
hasher.

Fixes #909.

src/libstrongswan/plugins/hmac/hmac.c

index 44cb46b..96a14ae 100644 (file)
@@ -103,7 +103,8 @@ METHOD(mac_t, set_key, bool,
        if (key.len > this->b)
        {
                /* if key is too long, it will be hashed */
-               if (!this->h->get_hash(this->h, key, buffer))
+               if (!this->h->reset(this->h) ||
+                       !this->h->get_hash(this->h, key, buffer))
                {
                        return FALSE;
                }