[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: value is always different
|
From: |
Ali Khalfan |
|
Subject: |
Re: value is always different |
|
Date: |
Tue, 27 Apr 2010 02:03:33 -0400 |
|
User-agent: |
Thunderbird 2.0.0.23 (X11/20090817) |
thanks...all of you ..it works now
-------- Original Message --------
Subject: Re: value is always different
From: Daniel Kahn Gillmor <address@hidden>
To: Ali Khalfan <address@hidden>
Cc: address@hidden
Date: Mon Apr 26 2010 15:05:11 GMT-0400 (EDT)
> On 04/26/2010 11:06 AM, Ali Khalfan wrote:
>
>> char plain_text[256];
>> strcpy(plain_text,"It was the best of times it was the worst of times it
>> was the happiest ");
>> err = gcry_md_open(&ctx,GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
>> gcry_md_setkey (ctx, key, 32);
>> gcry_md_write(ctx, &plain_text,sizeof plain_text);
>> unsigned char *digest = gcry_md_read (ctx, GCRY_MD_SHA256);
>>
>
> In addition to Nikos' observation about misuse of pointers, i note that
> a big chunk of the plain_text buffer is not initialized by your code.
>
> That is, everything after the null byte following "happiest " is in
> whatever state it was in when plain_text[256] was allocated on the stack.
>
> Since you're passing the entire plain_text buffer (all 256 bytes) to the
> digest function, you're potentially digesting some arbitrary noise,
> depending on how your compiler cleans/prepares (or doesn't) the stack
> for use, and what was in that memory position in the first place.
>
> You could memset() or bzero() the buffer before strcpy() to ensure that
> it is a predictable value.
>
> hope this helps,
>
> --dkg
>
> PS this question might be better asked on a gcrypt-specific list, since
> it has nothing to do with gnutls itself.
>
>