mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-27 10:14:25 +01:00
Compute outgoing MAC in temporary buffer for MAC-then-Encrypt
A previous commit changed the record encryption function `ssl_encrypt_buf` to compute the MAC in a temporary buffer and copying the relevant part of it (which is strictly smaller if the truncated HMAC extension is used) to the outgoing message buffer. However, the change was only made in case Encrypt-Then-MAC was enabled, but not in case of MAC-Then-Encrypt. While this doesn't constitute a problem, for the sake of uniformity this commit changes `ssl_encrypt_buf` to compute the MAC in a temporary buffer in this case, too.
This commit is contained in:
parent
47331a72e2
commit
394767c184
@ -1521,6 +1521,8 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
if( auth_done == 0 )
|
||||
{
|
||||
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
|
||||
|
||||
/*
|
||||
* MAC(MAC_write_key, seq_num +
|
||||
* TLSCipherText.type +
|
||||
@ -1543,10 +1545,12 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
||||
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 );
|
||||
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc,
|
||||
ssl->out_iv, ssl->out_msglen );
|
||||
mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc,
|
||||
ssl->out_iv + ssl->out_msglen );
|
||||
mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac );
|
||||
mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc );
|
||||
|
||||
memcpy( ssl->out_iv + ssl->out_msglen, mac,
|
||||
ssl->transform_out->maclen );
|
||||
|
||||
ssl->out_msglen += ssl->transform_out->maclen;
|
||||
auth_done++;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user