wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 04:04:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improved HMAC_Init error logging and code comment for FIPS failure on wc_HmacSetKey call.

Browse Source
This commit is contained in:
David Garske
2022-01-27 11:08:08 -08:00
parent 80ae237852
commit 6615f019f5
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/ssl.c
View File

@@ -36194,6 +36194,9 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
hmac_error = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key, hmac_error = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key,
(word32)keylen); (word32)keylen);
if (hmac_error < 0){ if (hmac_error < 0){
/* in FIPS mode a key < 14 characters will fail here */
WOLFSSL_MSG("hmac set key error");
WOLFSSL_ERROR(hmac_error);
wc_HmacFree(&ctx->hmac); wc_HmacFree(&ctx->hmac);
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
@@ -36218,7 +36221,9 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
WC_HMAC_BLOCK_SIZE); WC_HMAC_BLOCK_SIZE);
if ((hmac_error = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap)) if ((hmac_error = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap))
!=0) { !=0) {
return hmac_error; WOLFSSL_MSG("hmac init error");
WOLFSSL_ERROR(hmac_error);
return WOLFSSL_FAILURE;
} }
} }
} }