yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-25 17:25:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

Re-arrange some code in ssl_derive_keys()

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-06-18 15:34:40 +02:00 committed by Paul Bakker
parent ee415031e5
commit e800cd81d7
1 changed files with 28 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
library/ssl_tls.c
View File

@ -511,51 +511,47 @@ int ssl_derive_keys( ssl_context *ssl )
* Determine the appropriate key, IV and MAC length. * Determine the appropriate key, IV and MAC length.
*/ */
transform->keylen = cipher_info->key_length / 8;
if( cipher_info->mode == POLARSSL_MODE_GCM || if( cipher_info->mode == POLARSSL_MODE_GCM ||
cipher_info->mode == POLARSSL_MODE_CCM ) cipher_info->mode == POLARSSL_MODE_CCM )
{ {
transform->keylen = cipher_info->key_length; transform->maclen = 0;
transform->keylen /= 8;
transform->minlen = 1;
transform->ivlen = 12; transform->ivlen = 12;
transform->fixed_ivlen = 4; transform->fixed_ivlen = 4;
transform->maclen = 0;
transform->minlen = 1; // FIXME
} }
else else
{ {
if( md_info->type != POLARSSL_MD_NONE ) int ret;
/* Initialize HMAC contexts */
if( ( ret = md_init_ctx( &transform->md_ctx_enc, md_info ) ) != 0 ||
( ret = md_init_ctx( &transform->md_ctx_dec, md_info ) ) != 0 )
{ {
int ret; SSL_DEBUG_RET( 1, "md_init_ctx", ret );
return( ret );
if( ( ret = md_init_ctx( &transform->md_ctx_enc, md_info ) ) != 0 )
{
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
return( ret );
}
if( ( ret = md_init_ctx( &transform->md_ctx_dec, md_info ) ) != 0 )
{
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
return( ret );
}
transform->maclen = md_get_size( md_info );
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
/*
* If HMAC is to be truncated, we shall keep the leftmost bytes,
* (rfc 6066 page 13 or rfc 2104 section 4),
* so we only need to adjust the length here.
*/
if( session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED )
transform->maclen = SSL_TRUNCATED_HMAC_LEN;
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
} }
transform->keylen = cipher_info->key_length; /* Get MAC length */
transform->keylen /= 8; transform->maclen = md_get_size( md_info );
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
/*
* If HMAC is to be truncated, we shall keep the leftmost bytes,
* (rfc 6066 page 13 or rfc 2104 section 4),
* so we only need to adjust the length here.
*/
if( session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED )
transform->maclen = SSL_TRUNCATED_HMAC_LEN;
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
/* IV length */
transform->ivlen = cipher_info->iv_size; transform->ivlen = cipher_info->iv_size;
/* Minimum length: FIXME */
transform->minlen = transform->keylen; transform->minlen = transform->keylen;
if( transform->minlen < transform->maclen ) if( transform->minlen < transform->maclen )
{ {