Merge pull request #35 from mped-oticon/issue30_vla

portabillity: Make unnecessary VLA into statically sized array
author: mczraf <[email protected]> 2018-11-21 10:57:23 -0800
committer: GitHub <[email protected]> 2018-11-21 10:57:23 -0800
commit: b7e31959c56c29054827831efc9a5a551eac3a46 (patch)
tree: 733550cae80161fed72efd36bd920cfdc34b95db
parent: 8a3b3f7ed8616feb9dbde9c1b36702461f3ea103 (diff)
parent: 7c4ab60172dfcc0912c32f68f5b86b8b6c79be0b (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/lib/source/hmac.c b/lib/source/hmac.c
index 89878ce..cef5bf3 100644
--- a/lib/source/hmac.c
+++ b/lib/source/hmac.c
@@ -52,20 +52,19 @@ static void rekey(uint8_t *key, const uint8_t *new_key, unsigned int key_size)
 int tc_hmac_set_key(TCHmacState_t ctx, const uint8_t *key,
 		    unsigned int key_size)
 {
-
-	/* input sanity check: */
+	/* Input sanity check */
 	if (ctx == (TCHmacState_t) 0 ||
 	    key == (const uint8_t *) 0 ||
 	    key_size == 0) {
 		return TC_CRYPTO_FAIL;
 	}
 
-	const uint8_t dummy_key[key_size];
+	const uint8_t dummy_key[TC_SHA256_BLOCK_SIZE];
 	struct tc_hmac_state_struct dummy_state;
 
 	if (key_size <= TC_SHA256_BLOCK_SIZE) {
 		/*
-		 * The next three lines consist of dummy calls just to avoid
+		 * The next three calls are dummy calls just to avoid
 		 * certain timing attacks. Without these dummy calls,
 		 * adversaries would be able to learn whether the key_size is
 		 * greater than TC_SHA256_BLOCK_SIZE by measuring the time
author	mczraf <[email protected]>	2018-11-21 10:57:23 -0800
committer	GitHub <[email protected]>	2018-11-21 10:57:23 -0800
commit	b7e31959c56c29054827831efc9a5a551eac3a46 (patch)
tree	733550cae80161fed72efd36bd920cfdc34b95db
parent	8a3b3f7ed8616feb9dbde9c1b36702461f3ea103 (diff)
parent	7c4ab60172dfcc0912c32f68f5b86b8b6c79be0b (diff)