mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-10 15:45:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix comments in PSA version of mbedtls_ct_hmac()

Browse Source 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-03-17 16:33:27 +01:00
parent 6828d8fdc4
commit 28d9c631b8
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
library/constant_time.c
View File

@ -449,8 +449,8 @@ int mbedtls_ct_hmac( mbedtls_svc_key_id_t key,
unsigned char *output )
{
/*
* This function breaks the HMAC abstraction and uses the psa_hash_clone()
* in order to get constant-flow behaviour.
* This function breaks the HMAC abstraction and uses psa_hash_clone()
* extension in order to get constant-flow behaviour.
*
* HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means
* concatenation, and okey/ikey are the XOR of the key with some fixed bit
@ -463,8 +463,6 @@ int mbedtls_ct_hmac( mbedtls_svc_key_id_t key,
*
* Then we only need to compute HASH(okey + inner_hash) and we're done.
*/
/* TLS 1.2 only supports SHA-384, SHA-256, SHA-1, MD-5,
* all of which have the same block size except SHA-384. */
psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( mac_alg );
const size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg );
unsigned char ikey[MBEDTLS_MD_MAX_BLOCK_SIZE];
@ -535,7 +533,7 @@ int mbedtls_ct_hmac( mbedtls_svc_key_id_t key,
PSA_CHK( psa_hash_update( &operation, data + offset, 1 ) );
}
/* The context needs to finish() before it starts() again */
/* Abort current operation to prepare for final operation */
PSA_CHK( psa_hash_abort( &operation ) );
/* Now compute HASH(okey + inner_hash) */