Browse Source

Use hmac.Write instead of hmac.Sum when verifying tokens

hmac_size_fix
Sarah Jamie Lewis 2 years ago
parent
commit
c0b675b011
  1. 3
      primitives/privacypass/token.go
  2. 3
      primitives/privacypass/tokenserver.go

3
primitives/privacypass/token.go

@ -72,7 +72,8 @@ func (t *Token) unblindSignedToken(token SignedToken) {
func (t *Token) SpendToken(data []byte) SpentToken {
key := sha3.Sum256(append(t.t, t.W.Encode(nil)...))
mac := hmac.New(sha3.New512, key[:])
return SpentToken{t.t, mac.Sum(data)}
mac.Write(data)
return SpentToken{t.t, mac.Sum(nil)}
}
// GenerateBlindedTokenBatch generates a batch of blinded tokens (and their unblinded equivalents)

3
primitives/privacypass/tokenserver.go

@ -136,7 +136,8 @@ func (ts *TokenServer) SpendToken(token SpentToken, data []byte) error {
W := new(ristretto.Element).ScalarMult(ts.k, T)
key := sha3.Sum256(append(token.T, W.Encode(nil)...))
mac := hmac.New(sha3.New512, key[:])
computedMAC := mac.Sum(data)
mac.Write(data)
computedMAC := mac.Sum(nil)
result := hmac.Equal(token.MAC, computedMAC)
if result == true {
if ts.persistanceService == nil {

Loading…
Cancel
Save