update size to be used with fuzzing

src/internal.c

@@ -11991,7 +11991,7 @@ int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz,
     int  ret = 0;
 
     good = MaskPadding(input, pLen, macSz);
-    /* 4th argument has potential to underflow, all ssl->hmac functions need to
+    /* 4th argument has potential to underflow, ssl->hmac function should
      * either increment the size by (macSz + padLen + 1) before use or check on
      * the size to make sure is valid. */
     ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen,
@@ -13032,7 +13032,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
     (void)padLen;
 
 #ifdef HAVE_FUZZER
-    if (ssl->fuzzerCb && (int)sz > 0)
+    if (ssl->fuzzerCb)
         ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx);
 #endif
 

src/tls.c

@@ -1300,11 +1300,16 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz,
         return BAD_FUNC_ARG;
 
 #ifdef HAVE_FUZZER
-    /* sz argument has potential to underflow, all ssl->hmac functions need to
-     * either increment the size by (macSz + padLen + 1) before use or check on
-     * the size to make sure is valid when sz is effected by IO */
-    if (ssl->fuzzerCb && (int)sz > 0)
-        ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx);
+    /* Fuzz "in" buffer with sz to be used in HMAC algorithm */
+    if (ssl->fuzzerCb) {
+        if (verify && padSz >= 0) {
+            ssl->fuzzerCb(ssl, in, sz + ssl->specs.hash_size + padSz + 1,
+                FUZZ_HMAC, ssl->fuzzerCtx);
+        }
+        else {
+            ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx);
+        }
+    }
 #endif
 
     wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);