mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-16 08:42:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #4522 from mpg/fix-ssl-cf-hmac-alt-dev

Browse Source 
Fix misuse of MD API in SSL constant-flow HMAC
This commit is contained in:
Gilles Peskine 2021-06-07 20:53:33 +02:00 committed by GitHub
commit 8d4e32b888
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog.d/fix-ssl-cf-hmac-alt.txt Normal file
View File

@ -0,0 +1,5 @@
Bugfix
* Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites
(when the encrypt-then-MAC extension is not in use) with some ALT
implementations of the underlying hash (SHA-1, SHA-256, SHA-384), causing
the affected side to wrongly reject valid messages. Fixes #4118.

3
library/ssl_msg.c
View File

@ -1148,6 +1148,9 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_cf_hmac(
MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) ); MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) );
} }
/* The context needs to finish() before it starts() again */
MD_CHK( mbedtls_md_finish( ctx, aux_out ) );
/* Now compute HASH(okey + inner_hash) */ /* Now compute HASH(okey + inner_hash) */
MD_CHK( mbedtls_md_starts( ctx ) ); MD_CHK( mbedtls_md_starts( ctx ) );
MD_CHK( mbedtls_md_update( ctx, okey, block_size ) ); MD_CHK( mbedtls_md_update( ctx, okey, block_size ) );