wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

TLS hmac: handle truncated mac in Hmac_UpdateFinal_CT()

Browse Source
This commit is contained in:
Sean Parkinson
2021-06-23 09:54:41 +10:00
parent 4b3bd3e384
commit 5cf7e17820
3 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/internal.c
View File

@ -15421,7 +15421,7 @@ int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz,
* either increment the size by (macSz + padLen + 1) before use or check on * either increment the size by (macSz + padLen + 1) before use or check on
* the size to make sure is valid. */ * the size to make sure is valid. */
ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen, ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen,
content, 1, PEER_ORDER); content, 1, PEER_ORDER);
good |= MaskMac(input, pLen, ssl->specs.hash_size, verify); good |= MaskMac(input, pLen, ssl->specs.hash_size, verify);
/* Non-zero on failure. */ /* Non-zero on failure. */

10
src/tls.c
View File

@ -870,13 +870,13 @@ static int Hmac_OuterHash(Hmac* hmac, unsigned char* mac)
* returns 0 on success, otherwise failure. * returns 0 on success, otherwise failure.
*/ */
static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in, static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
word32 sz, byte* header) word32 sz, int macLen, byte* header)
{ {
byte lenBytes[8]; byte lenBytes[8];
int i, j; int i, j;
unsigned int k; unsigned int k;
int blockBits, blockMask; int blockBits, blockMask;
int lastBlockLen, macLen, extraLen, eocIndex; int lastBlockLen, extraLen, eocIndex;
int blocks, safeBlocks, lenBlock, eocBlock; int blocks, safeBlocks, lenBlock, eocBlock;
unsigned int maxLen; unsigned int maxLen;
int blockSz, padSz; int blockSz, padSz;
@ -889,7 +889,6 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
case WC_SHA: case WC_SHA:
blockSz = WC_SHA_BLOCK_SIZE; blockSz = WC_SHA_BLOCK_SIZE;
blockBits = 6; blockBits = 6;
macLen = WC_SHA_DIGEST_SIZE;
padSz = WC_SHA_BLOCK_SIZE - WC_SHA_PAD_SIZE + 1; padSz = WC_SHA_BLOCK_SIZE - WC_SHA_PAD_SIZE + 1;
break; break;
#endif /* !NO_SHA */ #endif /* !NO_SHA */
@ -898,7 +897,6 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
case WC_SHA256: case WC_SHA256:
blockSz = WC_SHA256_BLOCK_SIZE; blockSz = WC_SHA256_BLOCK_SIZE;
blockBits = 6; blockBits = 6;
macLen = WC_SHA256_DIGEST_SIZE;
padSz = WC_SHA256_BLOCK_SIZE - WC_SHA256_PAD_SIZE + 1; padSz = WC_SHA256_BLOCK_SIZE - WC_SHA256_PAD_SIZE + 1;
break; break;
#endif /* !NO_SHA256 */ #endif /* !NO_SHA256 */
@ -907,7 +905,6 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
case WC_SHA384: case WC_SHA384:
blockSz = WC_SHA384_BLOCK_SIZE; blockSz = WC_SHA384_BLOCK_SIZE;
blockBits = 7; blockBits = 7;
macLen = WC_SHA384_DIGEST_SIZE;
padSz = WC_SHA384_BLOCK_SIZE - WC_SHA384_PAD_SIZE + 1; padSz = WC_SHA384_BLOCK_SIZE - WC_SHA384_PAD_SIZE + 1;
break; break;
#endif /* WOLFSSL_SHA384 */ #endif /* WOLFSSL_SHA384 */
@ -916,7 +913,6 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
case WC_SHA512: case WC_SHA512:
blockSz = WC_SHA512_BLOCK_SIZE; blockSz = WC_SHA512_BLOCK_SIZE;
blockBits = 7; blockBits = 7;
macLen = WC_SHA512_DIGEST_SIZE;
padSz = WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE + 1; padSz = WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE + 1;
break; break;
#endif /* WOLFSSL_SHA512 */ #endif /* WOLFSSL_SHA512 */
@ -1225,7 +1221,7 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz,
#endif #endif
{ {
ret = Hmac_UpdateFinal_CT(&hmac, digest, in, ret = Hmac_UpdateFinal_CT(&hmac, digest, in,
sz + hashSz + padSz + 1, myInner); sz + hashSz + padSz + 1, hashSz, myInner);
} }
#else #else
ret = Hmac_UpdateFinal(&hmac, digest, in, sz + hashSz + padSz + 1, ret = Hmac_UpdateFinal(&hmac, digest, in, sz + hashSz + padSz + 1,

3
wolfssl/test.h
View File

@ -2043,7 +2043,7 @@ static WC_INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identit
} }
} }
#ifdef WOLFSSL_TLS13
static WC_INLINE unsigned int my_psk_client_tls13_cb(WOLFSSL* ssl, static WC_INLINE unsigned int my_psk_client_tls13_cb(WOLFSSL* ssl,
const char* hint, char* identity, unsigned int id_max_len, const char* hint, char* identity, unsigned int id_max_len,
unsigned char* key, unsigned int key_max_len, const char** ciphersuite) unsigned char* key, unsigned int key_max_len, const char** ciphersuite)
@ -2100,6 +2100,7 @@ static WC_INLINE unsigned int my_psk_server_tls13_cb(WOLFSSL* ssl,
return 32; /* length of key in octets or 0 for error */ return 32; /* length of key in octets or 0 for error */
} }
#endif
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) !defined(NO_FILESYSTEM)