Closed
Bug 160161
Opened 22 years ago
Closed 2 years ago
Our HMAC implementation does not work with MD2.
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
Future
People
(Reporter: wtc, Unassigned)
Details
Our HMAC implementation (in lib/softoken/alghmac.{h,c})
does not work with MD2. The code has the hardcoded
value of 64 (HMAC_PAD_SIZE) as the block size (in bytes)
of the input to the hash function, but MD2 processes
a message in 16-byte blocks (see RFC 1319).
We should either remove HMAC-MD2 from our mechanism list
or fix our HMAC implementation. Since I doubt anyone
uses HMAC-MD2, I suggest that we remove it from the
mechanism list.
It would be nice to add an assertion to assert that
the input block size of the hash function is 64, in
case we use our HMAC code with new hash functions in
the future. This would require adding a new field
'input_block_size' to the SECHashObject structure.
|
Reporter | |
Updated•22 years ago
|
Priority: -- → P2
Target Milestone: --- → Future
|
||
Updated•19 years ago
|
QA Contact: bishakhabanerjee → jason.m.reid
|
|
||
Updated•18 years ago
|
QA Contact: jason.m.reid → libraries
|
||
Updated•2 years ago
|
Severity: normal → S3
|
||
Comment 1•2 years ago
|
||
The bug assignee is inactive on Bugzilla, and this bug has priority 'P2'.
:beurdouche, could you have a look please?
For more information, please visit auto_nag documentation.
Assignee: wtc → nobody
Flags: needinfo?(bbeurdouche)
|
||
Comment 2•2 years ago
|
||
The algorithm HMAC-MD2 seems to be already removed.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
|
||
Updated•1 year ago
|
Flags: needinfo?(bbeurdouche)
You need to log in
before you can comment on or make changes to this bug.
Description
•