wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 20:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Enc-Then-MAC: when message size is less than digest size return error

Browse Source
This commit is contained in:
Sean Parkinson
2019-09-17 11:23:43 +10:00
parent 9d69f17f17
commit 2c2907c2a5
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.c
View File

@@ -13581,6 +13581,10 @@ static WC_INLINE int VerifyMacEnc(WOLFSSL* ssl, const byte* input, word32 msgSz,
WOLFSSL_MSG("Verify MAC of Encrypted Data"); WOLFSSL_MSG("Verify MAC of Encrypted Data");
if (msgSz < digestSz) {
return VERIFY_MAC_ERROR;
}
ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1); ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1);
ret |= ConstantCompare(verify, input + msgSz - digestSz, digestSz); ret |= ConstantCompare(verify, input + msgSz - digestSz, digestSz);
if (ret != 0) { if (ret != 0) {