[PATCH] crypto: Fix unreachable code in tls_prf_sha1_md5()

Andrei Otcheretianski andrei.otcheretianski at intel.com
Wed Apr 3 05:16:14 PDT 2019

From: Ilan Peer <ilan.peer at intel.com>

While commit 1c156e783d35 ("Fixed tls_prf() to handle keys with
odd length") added support for keys with odd length, the function
never reached this code as the function would return earlier in
case the key length was odd. Fix this by removing the first check
for the key length.

Signed-off-by: Ilan Peer <ilan.peer at intel.com>
 src/crypto/sha1-tlsprf.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/crypto/sha1-tlsprf.c b/src/crypto/sha1-tlsprf.c
index f9bc0ebf6e..a11649a933 100644
--- a/src/crypto/sha1-tlsprf.c
+++ b/src/crypto/sha1-tlsprf.c
@@ -40,9 +40,6 @@ int tls_prf_sha1_md5(const u8 *secret, size_t secret_len, const char *label,
 	const unsigned char *SHA1_addr[3];
 	size_t SHA1_len[3];
-	if (secret_len & 1)
-		return -1;
 	MD5_addr[0] = A_MD5;
 	MD5_len[0] = MD5_MAC_LEN;
 	MD5_addr[1] = (unsigned char *) label;

More information about the Hostap mailing list