SSLv3 s2n_hmac_test uses keys of the wrong lengths

[danielsn]

https://github.com/awslabs/s2n/blob/master/tests/unit/s2n_hmac_test.c#L32

In SSLv3, the size of the key is fixed to be the same as the output size of the hash function, so the keys should be 16 bytes for md5 and 20 for sha1.

In addition to fixing the test, might be a good idea to add a check in the init code to ensure that the sslv3 keys are the right length

[maddeleine]

This is still an issue. The problem code is:

EXPECT_SUCCESS(s2n_hmac_init(&hmac, S2N_HMAC_SSLv3_MD5, sekrit, strlen((char *) sekrit)));
...
EXPECT_SUCCESS(s2n_hmac_init(&hmac, S2N_HMAC_SSLv3_SHA1, sekrit, strlen((char *) sekrit)));

Those are incorrect key sizes for these two hmac algorithms. I'm pretty sure this requirement is coming from this line of the hmac rfc:

The key for HMAC can be of any length (keys longer than B bytes are first hashed using H). However, less than L bytes is strongly discouraged as it would decrease the security strength of the function.

But I don't understand why that would be specific to SSLv3. Might be good to look into that.

[maddeleine]

Nevermind I was slightly incorrect. SSLv3 does not use that hmac rfc, they actually use a different mac construction. I found this blog that explains the old mac function: https://randombit.net/bitbashing/posts/ssl3mac.html