mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-27 03:54:19 +01:00
Merge remote-tracking branch 'upstream-restricted/pr/434' into mbedtls-2.1-restricted
This commit is contained in:
commit
c83f57b4c6
@ -1194,9 +1194,12 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
|||||||
/*
|
/*
|
||||||
* SSLv3.0 MAC functions
|
* SSLv3.0 MAC functions
|
||||||
*/
|
*/
|
||||||
static void ssl_mac( mbedtls_md_context_t *md_ctx, unsigned char *secret,
|
#define SSL_MAC_MAX_BYTES 20 /* MD-5 or SHA-1 */
|
||||||
unsigned char *buf, size_t len,
|
static void ssl_mac( mbedtls_md_context_t *md_ctx,
|
||||||
unsigned char *ctr, int type )
|
const unsigned char *secret,
|
||||||
|
const unsigned char *buf, size_t len,
|
||||||
|
const unsigned char *ctr, int type,
|
||||||
|
unsigned char out[SSL_MAC_MAX_BYTES] )
|
||||||
{
|
{
|
||||||
unsigned char header[11];
|
unsigned char header[11];
|
||||||
unsigned char padding[48];
|
unsigned char padding[48];
|
||||||
@ -1221,14 +1224,14 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx, unsigned char *secret,
|
|||||||
mbedtls_md_update( md_ctx, padding, padlen );
|
mbedtls_md_update( md_ctx, padding, padlen );
|
||||||
mbedtls_md_update( md_ctx, header, 11 );
|
mbedtls_md_update( md_ctx, header, 11 );
|
||||||
mbedtls_md_update( md_ctx, buf, len );
|
mbedtls_md_update( md_ctx, buf, len );
|
||||||
mbedtls_md_finish( md_ctx, buf + len );
|
mbedtls_md_finish( md_ctx, out );
|
||||||
|
|
||||||
memset( padding, 0x5C, padlen );
|
memset( padding, 0x5C, padlen );
|
||||||
mbedtls_md_starts( md_ctx );
|
mbedtls_md_starts( md_ctx );
|
||||||
mbedtls_md_update( md_ctx, secret, md_size );
|
mbedtls_md_update( md_ctx, secret, md_size );
|
||||||
mbedtls_md_update( md_ctx, padding, padlen );
|
mbedtls_md_update( md_ctx, padding, padlen );
|
||||||
mbedtls_md_update( md_ctx, buf + len, md_size );
|
mbedtls_md_update( md_ctx, out, md_size );
|
||||||
mbedtls_md_finish( md_ctx, buf + len );
|
mbedtls_md_finish( md_ctx, out );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
||||||
|
|
||||||
@ -1281,10 +1284,15 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
|||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
||||||
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
|
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
|
||||||
{
|
{
|
||||||
|
unsigned char mac[SSL_MAC_MAX_BYTES];
|
||||||
|
|
||||||
ssl_mac( &ssl->transform_out->md_ctx_enc,
|
ssl_mac( &ssl->transform_out->md_ctx_enc,
|
||||||
ssl->transform_out->mac_enc,
|
ssl->transform_out->mac_enc,
|
||||||
ssl->out_msg, ssl->out_msglen,
|
ssl->out_msg, ssl->out_msglen,
|
||||||
ssl->out_ctr, ssl->out_msgtype );
|
ssl->out_ctr, ssl->out_msgtype,
|
||||||
|
mac );
|
||||||
|
|
||||||
|
memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
@ -1931,7 +1939,8 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
|
|||||||
ssl_mac( &ssl->transform_in->md_ctx_dec,
|
ssl_mac( &ssl->transform_in->md_ctx_dec,
|
||||||
ssl->transform_in->mac_dec,
|
ssl->transform_in->mac_dec,
|
||||||
ssl->in_msg, ssl->in_msglen,
|
ssl->in_msg, ssl->in_msglen,
|
||||||
ssl->in_ctr, ssl->in_msgtype );
|
ssl->in_ctr, ssl->in_msgtype,
|
||||||
|
mac_expect );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
||||||
|
Loading…
Reference in New Issue
Block a user