SHA-1 HMAC signature is now computed over concatenation of TEXT and RODATA segments

2007-08-29 09:13:08 +00:00 · 2007-08-29 09:13:08 +00:00 · df29e8f745
parent fa50e4df48
commit df29e8f745
1 changed files with 2 additions and 2 deletions
--- a/src/libstrongswan/fips/fips.c
+++ b/src/libstrongswan/fips/fips.c
@ -74,8 +74,8 @@ bool fips_compute_hmac_signature(const char *key, char *signature)
 		chunk_t signature_chunk = chunk_empty;

 		signer->set_key(signer, hmac_key);
-		/* TODO include rodata_chunk in HMAC */
-		signer->allocate_signature(signer, text_chunk, &signature_chunk);
+		signer->allocate_signature(signer, text_chunk, NULL);
+		signer->allocate_signature(signer, rodata_chunk, &signature_chunk);
 		signer->destroy(signer);

 		sprintf(signature, "%#B", &signature_chunk);