diff options
author | Matt Caswell <matt@openssl.org> | 2020-07-30 13:16:39 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-09-03 09:40:52 +0100 |
commit | 2e2084dac34170fe1f9e93975e5b3cdc30360a9c (patch) | |
tree | ddffa939a515c01ffc521099766f76b5bdb8e831 /providers | |
parent | 3fddbb264e87a8cef2903cbd7b02b8e1a39a2a99 (diff) | |
download | openssl-2e2084dac34170fe1f9e93975e5b3cdc30360a9c.tar.gz |
Start using the provider side TLS HMAC implementation
This commit just moves the TLS1 and above implementation to use the TLS
HMAC implementation in the providers.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12732)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/macs/hmac_prov.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index f32841152a..3376395a17 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -51,7 +51,7 @@ struct hmac_data_st { PROV_DIGEST digest; unsigned char *key; size_t keylen; - /* Length of TLS data including the MAC but excluding padding */ + /* Length of full TLS record including the MAC and any padding */ size_t tls_data_size; unsigned char tls_header[13]; int tls_header_set; @@ -166,8 +166,8 @@ static int hmac_update(void *vmacctx, const unsigned char *data, macctx->tls_header_set = 1; return 1; } - /* datalen is macctx->tls_data_size plus the padding length */ - if (datalen < macctx->tls_data_size) + /* macctx->tls_data_size is datalen plus the padding length */ + if (macctx->tls_data_size < datalen) return 0; return ssl3_cbc_digest_record(ossl_prov_digest_md(&macctx->digest), @@ -175,8 +175,8 @@ static int hmac_update(void *vmacctx, const unsigned char *data, &macctx->tls_mac_out_size, macctx->tls_header, data, - macctx->tls_data_size, datalen, + macctx->tls_data_size, macctx->key, macctx->keylen, 0); |