Changeset 2809


Ignore:
Timestamp:
Jun 25, 2009 12:46:00 PM (15 years ago)
Author:
bennylp
Message:

Ticket #837: SHA1 encryption may corrupt STUN packets with MESSAGE-INTEGRITY

  • backported changes from #836
Location:
pjproject/branches/1.0/pjlib-util/src
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • pjproject/branches/1.0/pjlib-util/src/pjlib-util-test/encryption.c

    r2394 r2809  
    6565static int sha1_test1(void) 
    6666{ 
     67    enum { MILLION = 1000000 }; 
    6768    int k; 
    6869    pj_sha1_context context; 
    6970    pj_uint8_t digest[20]; 
    7071    char output[80]; 
     72    pj_pool_t *pool; 
     73    pj_uint8_t *block; 
    7174 
    7275    PJ_LOG(3, (THIS_FILE, "  SHA1 test vector 1 from sha1.c..")); 
     
    8790    /* million 'a' vector we feed separately */ 
    8891    pj_sha1_init(&context); 
    89     for (k = 0; k < 1000000; k++) 
     92    for (k = 0; k < MILLION; k++) 
    9093        pj_sha1_update(&context, (pj_uint8_t*)"a", 1); 
    9194    pj_sha1_final(&context, digest); 
     
    9598        return -20; 
    9699    } 
     100 
     101    /* million 'a' test, using block */ 
     102    pool = pj_pool_create(mem, "sha1test", 256, 512, NULL); 
     103    block = (pj_uint8_t*)pj_pool_alloc(pool, MILLION); 
     104    pj_memset(block, 'a', MILLION); 
     105 
     106    pj_sha1_init(&context); 
     107    pj_sha1_update(&context, block, MILLION); 
     108    pj_sha1_final(&context, digest); 
     109    digest_to_hex(digest, output); 
     110    if (strcmp(output, sha1_test_results[2])) { 
     111        pj_pool_release(pool); 
     112        PJ_LOG(3, (THIS_FILE, "    incorrect hash result for block update!")); 
     113        return -21; 
     114    } 
     115 
     116    /* verify that original buffer was not modified */ 
     117    for (k=0; k<MILLION; ++k) { 
     118        if (block[k] != 'a') { 
     119            pj_pool_release(pool); 
     120            PJ_LOG(3, (THIS_FILE, "    block was modified!")); 
     121            return -22; 
     122        } 
     123    } 
     124 
     125    pj_pool_release(pool); 
    97126 
    98127    /* success */ 
  • pjproject/branches/1.0/pjlib-util/src/pjlib-util/sha1.c

    r1001 r2809  
    106106 
    107107 
    108 static void SHA1_Transform(pj_uint32_t state[5], const pj_uint8_t buffer[64]); 
     108static void SHA1_Transform(pj_uint32_t state[5], pj_uint8_t buffer[64]); 
    109109 
    110110#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) 
     
    132132 
    133133/* Hash a single 512-bit block. This is the core of the algorithm. */ 
    134 static void SHA1_Transform(pj_uint32_t state[5], const pj_uint8_t buffer[64]) 
     134static void SHA1_Transform(pj_uint32_t state[5], pj_uint8_t buffer[64]) 
    135135{ 
    136136    pj_uint32_t a, b, c, d, e; 
     
    216216        SHA1_Transform(context->state, context->buffer); 
    217217        for ( ; i + 63 < len; i += 64) { 
    218             SHA1_Transform(context->state, data + i); 
     218            pj_uint8_t tmp[64]; 
     219            pj_memcpy(tmp, data + i, 64); 
     220            SHA1_Transform(context->state, tmp); 
    219221        } 
    220222        j = 0; 
Note: See TracChangeset for help on using the changeset viewer.