wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 04:04:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2472 from SparkiDev/enc_then_mac_fix

Browse Source 
Enc-Then-MAC: when message size is less than digest size return error
This commit is contained in:
toddouska
2019-09-17 08:57:26 -07:00
committed by GitHub
parent f0e774d1e1 2c2907c2a5
commit 946a0f593f
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.c
View File

@@ -13611,6 +13611,10 @@ static WC_INLINE int VerifyMacEnc(WOLFSSL* ssl, const byte* input, word32 msgSz,
WOLFSSL_MSG("Verify MAC of Encrypted Data"); WOLFSSL_MSG("Verify MAC of Encrypted Data");
if (msgSz < digestSz) {
return VERIFY_MAC_ERROR;
}
ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1); ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1);
ret |= ConstantCompare(verify, input + msgSz - digestSz, digestSz); ret |= ConstantCompare(verify, input + msgSz - digestSz, digestSz);
if (ret != 0) { if (ret != 0) {