mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-12 19:25:32 +00:00
Improve some comments and internal documentation
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
41df0f2bca
commit
ec956b1861
|
@ -757,9 +757,11 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
||||||
* max_data_len bytes from \p data.
|
* max_data_len bytes from \p data.
|
||||||
*
|
*
|
||||||
* \param ctx The HMAC context. It must have keys configured
|
* \param ctx The HMAC context. It must have keys configured
|
||||||
* with mbedtls_md_hmac_starts(). It is reset using
|
* with mbedtls_md_hmac_starts() and use one of the
|
||||||
* mbedtls_md_hmac_reset() after the computation is
|
* following hashes: SHA-384, SHA-256, SHA-1 or MD-5.
|
||||||
* complete to prepare for the next computation.
|
* It is reset using mbedtls_md_hmac_reset() after
|
||||||
|
* the computation is complete to prepare for the
|
||||||
|
* next computation.
|
||||||
* \param add_data The additional data prepended to \p data. This
|
* \param add_data The additional data prepended to \p data. This
|
||||||
* must point to a readable buffer of \p add_data_len
|
* must point to a readable buffer of \p add_data_len
|
||||||
* bytes.
|
* bytes.
|
||||||
|
|
|
@ -1717,7 +1717,7 @@ int mbedtls_ssl_cf_hmac(
|
||||||
* extension to the MD API in order to get constant-flow behaviour.
|
* extension to the MD API in order to get constant-flow behaviour.
|
||||||
*
|
*
|
||||||
* HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means
|
* HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means
|
||||||
* concatenation, and okey/ikey is the XOR of the key with some fix bit
|
* concatenation, and okey/ikey are the XOR of the key with some fixed bit
|
||||||
* patterns (see RFC 2104, sec. 2), which are stored in ctx->hmac_ctx.
|
* patterns (see RFC 2104, sec. 2), which are stored in ctx->hmac_ctx.
|
||||||
*
|
*
|
||||||
* We'll first compute inner_hash = HASH(ikey + msg) by hashing up to
|
* We'll first compute inner_hash = HASH(ikey + msg) by hashing up to
|
||||||
|
@ -1727,6 +1727,8 @@ int mbedtls_ssl_cf_hmac(
|
||||||
* Then we only need to compute HASH(okey + inner_hash) and we're done.
|
* Then we only need to compute HASH(okey + inner_hash) and we're done.
|
||||||
*/
|
*/
|
||||||
const mbedtls_md_type_t md_alg = mbedtls_md_get_type( ctx->md_info );
|
const mbedtls_md_type_t md_alg = mbedtls_md_get_type( ctx->md_info );
|
||||||
|
/* TLS 1.0-1.2 only support SHA-384, SHA-256, SHA-1, MD-5,
|
||||||
|
* all of which have the same block size except SHA-384. */
|
||||||
const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64;
|
const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64;
|
||||||
const unsigned char * const ikey = (unsigned char *) ctx->hmac_ctx;
|
const unsigned char * const ikey = (unsigned char *) ctx->hmac_ctx;
|
||||||
const unsigned char * const okey = ikey + block_size;
|
const unsigned char * const okey = ikey + block_size;
|
||||||
|
|
Loading…
Reference in a new issue