mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-11 06:35:32 +00:00
Compute outgoing MAC in temporary buffer for MAC-then-Encrypt
A previous commit changed the record encryption function `ssl_encrypt_buf` to compute the MAC in a temporary buffer and copying the relevant part of it (which is strictly smaller if the truncated HMAC extension is used) to the outgoing message buffer. However, the change was only made in case Encrypt-Then-MAC was enabled, but not in case of MAC-Then-Encrypt. While this doesn't constitute a problem, for the sake of uniformity this commit changes `ssl_encrypt_buf` to compute the MAC in a temporary buffer in this case, too.
This commit is contained in:
parent
07d1078cdc
commit
3d8c90711b
|
@ -1530,6 +1530,8 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
if( auth_done == 0 )
|
||||
{
|
||||
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
|
||||
|
||||
/*
|
||||
* MAC(MAC_write_key, seq_num +
|
||||
* TLSCipherText.type +
|
||||
|
@ -1552,10 +1554,12 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
|||
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 );
|
||||
mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc,
|
||||
ssl->out_iv, ssl->out_msglen );
|
||||
mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc,
|
||||
ssl->out_iv + ssl->out_msglen );
|
||||
mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac );
|
||||
mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc );
|
||||
|
||||
memcpy( ssl->out_iv + ssl->out_msglen, mac,
|
||||
ssl->transform_out->maclen );
|
||||
|
||||
ssl->out_msglen += ssl->transform_out->maclen;
|
||||
auth_done++;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue