mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-28 00:21:48 +03:00
Add dummy constant-flow HMAC function with tests
The dummy implementation is not constant-flow at all for now, it's just here as a starting point and a support for developing the tests and putting the infrastructure in place. Depending on the implementation strategy, there might be various corner cases depending on where the lengths fall relative to block boundaries. So it seems safer to just test all possible lengths in a given range than to use only a few randomly-chosen values. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
@ -47,6 +47,8 @@
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/version.h"
|
||||
|
||||
#include "ssl_invasive.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
@ -1064,6 +1066,32 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
|
||||
( defined(MBEDTLS_SSL_PROTO_TLS1) || \
|
||||
defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
||||
defined(MBEDTLS_SSL_PROTO_TLS1_2) )
|
||||
/*
|
||||
* Compute HMAC of variable-length data with constant flow.
|
||||
*/
|
||||
int mbedtls_ssl_cf_hmac(
|
||||
mbedtls_md_context_t *ctx,
|
||||
const unsigned char *add_data, size_t add_data_len,
|
||||
const unsigned char *data, size_t data_len_secret,
|
||||
size_t min_data_len, size_t max_data_len,
|
||||
unsigned char *output )
|
||||
{
|
||||
/* WORK IN PROGRESS - THIS IS NOT CONSTANT FLOW AT ALL */
|
||||
(void) min_data_len;
|
||||
(void) max_data_len;
|
||||
mbedtls_md_hmac_update( ctx, add_data, add_data_len );
|
||||
mbedtls_md_hmac_update( ctx, data, data_len_secret );
|
||||
mbedtls_md_hmac_finish( ctx, output );
|
||||
mbedtls_md_hmac_reset( ctx );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC && TLS 1.0-1.2 */
|
||||
|
||||
int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
||||
mbedtls_ssl_transform *transform,
|
||||
mbedtls_record *rec )
|
||||
|
Reference in New Issue
Block a user