feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Improved HMAC_Init error logging and code comment for FIPS failure on wc_HmacSetKey call.

Browse Source
This commit is contained in:
David Garske
2022-01-27 11:08:08 -08:00
parent 80ae237852
commit 6615f019f5
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/ssl.c
View File

@@ -36194,6 +36194,9 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
hmac_error = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key,
(word32)keylen);
if (hmac_error < 0){
/* in FIPS mode a key < 14 characters will fail here */
WOLFSSL_MSG("hmac set key error");
WOLFSSL_ERROR(hmac_error);
wc_HmacFree(&ctx->hmac);
return WOLFSSL_FAILURE;
}
@@ -36218,7 +36221,9 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
WC_HMAC_BLOCK_SIZE);
if ((hmac_error = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap))
!=0) {
return hmac_error;
WOLFSSL_MSG("hmac init error");
WOLFSSL_ERROR(hmac_error);
return WOLFSSL_FAILURE;
}
}
}