diff options
Diffstat (limited to 'lib/lanplus/lanplus_crypt_impl.c')
-rw-r--r-- | lib/lanplus/lanplus_crypt_impl.c | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/lib/lanplus/lanplus_crypt_impl.c b/lib/lanplus/lanplus_crypt_impl.c index 389a436..821ae0a 100644 --- a/lib/lanplus/lanplus_crypt_impl.c +++ b/lib/lanplus/lanplus_crypt_impl.c @@ -168,6 +168,9 @@ lanplus_HMAC(uint8_t mac, uint8_t *pnew; *md_len = 0; /*if return NULL, also return zero length*/ + if (verbose > 2) { + printf("lanplus_HMAC start mac=%x\n",mac); + } if ((mac == IPMI_AUTH_RAKP_HMAC_SHA1) || (mac == IPMI_INTEGRITY_HMAC_SHA1_96)) evp_md = EVP_sha1(); @@ -179,15 +182,20 @@ lanplus_HMAC(uint8_t mac, #ifdef HAVE_SHA256 evp_md = EVP_sha256(); #else + printf("lanplus_HMAC: Invalid EVP_sha256 in lanplus_HMAC\n"); lprintf(LOG_ERR, "Invalid EVP_sha256 in lanplus_HMAC"); return NULL; // assert(0); #endif } else { + printf("lanplus_HMAC: Invalid mac type 0x%x in lanplus_HMAC\n",mac); lprintf(LOG_ERR,"Invalid mac type 0x%x in lanplus_HMAC",mac); return NULL; // assert(0); } - mlen = 20; /* *md_len is usually not initialized */ + mlen = 20; /* md_len is usually not initialized, default IPMI_AUTHCODE_BUFFER_SIZE=20 */ pnew = HMAC(evp_md, key, key_len, d, n, md, &mlen); + if (verbose > 2) { + printf("lanplus_HMAC mac=%x, pnew=%p, mlen=%d",mac,pnew,mlen); + } *md_len = (uint32_t)mlen; return(pnew); } @@ -244,7 +252,10 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv, * data is perfectly aligned. We would like to keep that from happening. * We have made a point to have our input perfectly padded. */ - assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + // assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + if ((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) != 0) { + os_assert("lanplus_encrypt_aes_cbc_128"); /**/ + } inlen = input_length; if(!EVP_EncryptUpdate(pctx, output, &nwritten, input, inlen)) @@ -324,7 +335,10 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, * data is perfectly aligned. We would like to keep that from happening. * We have made a point to have our input perfectly padded. */ - assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + // assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + if ((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) != 0) { + os_assert("lanplus_decrypt_aes_cbc_128"); /**/ + } inlen = input_length; if (!EVP_DecryptUpdate(pctx, output, &nwritten, input, inlen)) |