From f302fb52e1035f1ae8b52ec9122942357250bfdc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 18 Feb 2014 09:43:50 +0100
Subject: [PATCH] Fix hmac computation for DTLS

---
 library/ssl_tls.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 0b325616ff..69e9a29a23 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1067,7 +1067,9 @@ static int ssl_encrypt_buf( ssl_context *ssl )
         defined(POLARSSL_SSL_PROTO_TLS1_2)
         if( ssl->minor_ver >= SSL_MINOR_VERSION_1 )
         {
-            md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_buf, 13 );
+            md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 8 );
+            md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_hdr, 3 );
+            md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_len, 2 );
             md_hmac_update( &ssl->transform_out->md_ctx_enc,
                              ssl->out_msg, ssl->out_msglen );
             md_hmac_finish( &ssl->transform_out->md_ctx_enc,
@@ -1643,7 +1645,9 @@ static int ssl_decrypt_buf( ssl_context *ssl )
 
             extra_run &= correct * 0xFF;
 
-            md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_buf, 13 );
+            md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_ctr, 8 );
+            md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_hdr, 3 );
+            md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_len, 2 );
             md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_msg,
                              ssl->in_msglen );
             md_hmac_finish( &ssl->transform_in->md_ctx_dec,