| -rw-r--r-- | lib/basic_rp.cc | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index 763a391..2da8416 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc @@ -15,3 +15,4 @@ namespace opkele { util::dh_t& dh, - size_t d_len, unsigned char *(*d_fun)(const unsigned char*,size_t,unsigned char*) ) try { + size_t d_len, unsigned char *(*d_fun)(const unsigned char*,size_t,unsigned char*), + size_t exp_s_len) try { if(om.get_field("assoc_type")!=exp_assoc || om.get_field("session_type")!=exp_sess) @@ -28,2 +29,4 @@ namespace opkele { secret.enxor_from_base64((*d_fun)(ckptr,cklen,key_digest),om.get_field("enc_mac_key")); + if(secret.size()!=exp_s_len) + throw bad_input(OPKELE_CP_ "Secret length isn't consistent with association type"); }catch(opkele::failed_lookup& ofl) { @@ -75,3 +78,3 @@ namespace opkele { "HMAC-SHA256", "DH-SHA256", - dh, SHA256_DIGEST_LENGTH, SHA256 ); + dh, SHA256_DIGEST_LENGTH, SHA256, SHA256_DIGEST_LENGTH ); expires_in = util::string_to_long(res.get_field("expires_in")); @@ -84,3 +87,3 @@ namespace opkele { "HMAC-SHA1", "DH-SHA1", - dh, SHA_DIGEST_LENGTH, SHA1 ); + dh, SHA_DIGEST_LENGTH, SHA1, SHA_DIGEST_LENGTH ); expires_in = util::string_to_long(res.get_field("expires_in")); |