lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Made support for the truncated_hmac extension configurable

Browse Source
This commit is contained in:
Paul Bakker
2013-08-15 13:45:55 +02:00
parent 05decb24c3
commit 1f2bc6238b
6 changed files with 45 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
library/ssl_tls.c
View File

@ -516,6 +516,7 @@ int ssl_derive_keys( ssl_context *ssl )
transform->maclen = md_get_size( md_info );
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
/*
* If HMAC is to be truncated, we shall keep the leftmost bytes,
* (rfc 6066 page 13 or rfc 2104 section 4),
@ -523,6 +524,7 @@ int ssl_derive_keys( ssl_context *ssl )
*/
if( session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED )
transform->maclen = SSL_TRUNCATED_HMAC_LEN;
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
}
transform->keylen = cipher_info->key_length;
@ -3255,6 +3257,7 @@ int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code )
}
#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
int ssl_set_truncated_hmac( ssl_context *ssl, int truncate )
{
if( ssl->endpoint != SSL_IS_CLIENT )
@ -3264,6 +3267,7 @@ int ssl_set_truncated_hmac( ssl_context *ssl, int truncate )
return( 0 );
}
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
void ssl_set_renegotiation( ssl_context *ssl, int renegotiation )
{