What steps will reproduce the problem?
1. Test util.hashes.hmac_sha512 using test vectors found inRFC 4231
What is the expected output?
Tests passes.
What do you see instead?
Tests fail.
Please provide any additional information below.
The implementation in util-src/hashes.c uses a macro to implement all HMAC variants.
Notably the inner hmac() function uses a fixed block size, which is the one used for HMAC-SHA-256, while HMAC-SHA-512 uses a larger block size.
Thanks to darkrain42 for finding out about HMAC-SHA-512 block size.
Zash
on
I have found no code that relies on hmac-sha-512.
Fixing the C code has turned out to be tricky, so it seems easiest to change it to use the HMAC function provided by OpenSSL.
What steps will reproduce the problem? 1. Test util.hashes.hmac_sha512 using test vectors found inRFC 4231 What is the expected output? Tests passes. What do you see instead? Tests fail. Please provide any additional information below. The implementation in util-src/hashes.c uses a macro to implement all HMAC variants. Notably the inner hmac() function uses a fixed block size, which is the one used for HMAC-SHA-256, while HMAC-SHA-512 uses a larger block size. Thanks to darkrain42 for finding out about HMAC-SHA-512 block size.
I have found no code that relies on hmac-sha-512. Fixing the C code has turned out to be tricky, so it seems easiest to change it to use the HMAC function provided by OpenSSL.
ChangesFixed in https://hg.prosody.im/trunk/rev/29bc3dff3419
Changes