RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 2104, "HMAC: Keyed-Hashing for Message Authentication", February 1997

Source of RFC: ipsec (sec)

Errata ID: 4459
Status: Rejected
Type: Technical

Reported By: Bozhi ZHENG
Date Reported: 2015-08-27
Rejected by: Stephen Farrell
Date Rejected: 2015-08-27

Section Appendix says:

        /* start out by storing key in pads */
        bzero( k_ipad, sizeof k_ipad);
        bzero( k_opad, sizeof k_opad);
        bcopy( key, k_ipad, key_len);
        bcopy( key, k_opad, key_len);

        /* XOR key with ipad and opad values */
        for (i=0; i<64; i++) {
                k_ipad[i] ^= 0x36;
                k_opad[i] ^= 0x5c;
        }

It should say:

        /* start out by storing key in pads */
        bzero( k_ipad, sizeof k_ipad);
        bzero( k_opad, sizeof k_opad);
        bcopy( k_ipad, key, key_len);
        bcopy( k_opad, key, key_len);

        /* XOR key with ipad and opad values */
        for (i=0; i<64; i++) {
                k_ipad[i] ^= 0x36;
                k_opad[i] ^= 0x5c;
        }

Notes:

The ipad = the byte 0x36 repeated 64 times, opad = the type 0x5C repeated B times and then ipad and opad XOR K after it appended to 64 byptes.
--VERIFIER NOTES--

The net effect of the suggested change would be to zero the key
and make HMAC useless.

Report New Errata