On 04/26/2010 11:06 AM, Ali Khalfan wrote: > char plain_text[256]; > strcpy(plain_text,"It was the best of times it was the worst of times it > was the happiest "); > err = gcry_md_open(&ctx,GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC); > gcry_md_setkey (ctx, key, 32); > gcry_md_write(ctx, &plain_text,sizeof plain_text); > unsigned char *digest = gcry_md_read (ctx, GCRY_MD_SHA256);
In addition to Nikos' observation about misuse of pointers, i note that
a big chunk of the plain_text buffer is not initialized by your code.
That is, everything after the null byte following "happiest " is in
whatever state it was in when plain_text[256] was allocated on the stack.
Since you're passing the entire plain_text buffer (all 256 bytes) to the
digest function, you're potentially digesting some arbitrary noise,
depending on how your compiler cleans/prepares (or doesn't) the stack
for use, and what was in that memory position in the first place.
You could memset() or bzero() the buffer before strcpy() to ensure that
it is a predictable value.
hope this helps,
--dkg
PS this question might be better asked on a gcrypt-specific list, since
it has nothing to do with gnutls itself.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
