boot: encrypted: fix HKDF input size macro Use correct macro for the size of a DH shared secret. The previously used macro had the same size (SHA-256 digest length) but incorrect semantics. Signed-off-by: Fabio Utzig <utzig@apache.org>

commit: 23e99b0d7eb037ac8e824e1f395f200eda1a48e0 [log] [tgz]
author: Fabio Utzig <utzig@apache.org> Thu Nov 07 11:55:20 2019 -0300
committer: Fabio Utzig <utzig@utzig.org> Fri Nov 22 13:56:18 2019 -0300
tree: de3de6769175cfd147f9cb4fb120b8ee7f818d0a
parent: 005e7a0ff36262dff7a1a8776606b6092c8fb876 [diff] [blame]
diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
index 6c7ed5e..012256e 100644
--- a/boot/bootutil/src/encrypted.c
+++ b/boot/bootutil/src/encrypted.c

@@ -531,7 +531,7 @@
      */
 
     len = TC_AES_KEY_SIZE + TC_SHA256_DIGEST_SIZE;
-    rc = hkdf(shared, TC_SHA256_DIGEST_SIZE, (uint8_t *)"MCUBoot_ECIES_v1", 16,
+    rc = hkdf(shared, NUM_ECC_BYTES, (uint8_t *)"MCUBoot_ECIES_v1", 16,
             derived_key, &len);
     if (rc != 0 || len != (TC_AES_KEY_SIZE + TC_SHA256_DIGEST_SIZE)) {
         return -1;
commit	23e99b0d7eb037ac8e824e1f395f200eda1a48e0	[log] [tgz]
author	Fabio Utzig <utzig@apache.org>	Thu Nov 07 11:55:20 2019 -0300
committer	Fabio Utzig <utzig@utzig.org>	Fri Nov 22 13:56:18 2019 -0300
tree	de3de6769175cfd147f9cb4fb120b8ee7f818d0a
parent	005e7a0ff36262dff7a1a8776606b6092c8fb876 [diff] [blame]