And a couple of comments on the implementation. Simon Josefsson <si...@josefsson.org> writes:
> + for (i = 1; i <= l; i++) > + { > + memset (T, 0, hLen); > + > + for (u = 1; u <= c; u++) > + { > + hmac_set_key (outer, inner, state, hash, Plen, P); > + > + if (u == 1) > + { > + tmp[0] = (i & 0xff000000) >> 24; > + tmp[1] = (i & 0x00ff0000) >> 16; > + tmp[2] = (i & 0x0000ff00) >> 8; > + tmp[3] = (i & 0x000000ff) >> 0; > + > + hmac_update (state, hash, Slen, S); > + hmac_update (state, hash, 4, tmp); > + } > + else > + { > + hmac_set_key (outer, inner, state, hash, Plen, P); > + hmac_update (state, hash, hLen, U); > + } > + > + hmac_digest (outer, inner, state, hash, hLen, U); There's no need for all those hmac_set_key. You can set it once, and compute several macs usign the same key, each with a sequence of update, update, ..., update, digest. If documentation or implementation doesn't agree, patches are appreciated. > + for (k = 0; k < hLen; k++) > + T[k] ^= U[k]; > + } And that's what memxor is for ;-) Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs