lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge pull request #4541 from mpg/fix-ssl-cf-hmac-alt-2.x

Browse Source 
[Backport 2.x] Fix misuse of MD API in SSL constant-flow HMAC
This commit is contained in:
Gilles Peskine
2021-06-07 20:53:48 +02:00
committed by GitHub
parent 62da8ac37a 21bfbdd703
commit 7a4c7589c8
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
library/ssl_msg.c
View File

@ -1241,6 +1241,9 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_cf_hmac(
MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) );
}
/* The context needs to finish() before it starts() again */
MD_CHK( mbedtls_md_finish( ctx, aux_out ) );
/* Now compute HASH(okey + inner_hash) */
MD_CHK( mbedtls_md_starts( ctx ) );
MD_CHK( mbedtls_md_update( ctx, okey, block_size ) );