diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2020-05-24 16:14:02 +0200 |
|---|---|---|
| committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2021-10-11 16:25:17 +0200 |
| commit | 14fd5a0d55652a7539c66df18d1120baed42248e (patch) | |
| tree | 98e8d01e3cd12cab3a28cec7937692434868c39f /ssl/record | |
| parent | 549675c54686b8fb0527720abf760313a78a1ae7 (diff) | |
| download | openssl-14fd5a0d55652a7539c66df18d1120baed42248e.zip openssl-14fd5a0d55652a7539c66df18d1120baed42248e.tar.gz openssl-14fd5a0d55652a7539c66df18d1120baed42248e.tar.bz2 | |
Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c
This replaces the AES-128-CBC-HMAC-SHA1 cipher with a
non-encrypting version for use the test suite.
[extended tests]
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16693)
(cherry picked from commit 64da15c40d15aac58e211fd25d00e9ae84d0379b)
Diffstat (limited to 'ssl/record')
| -rw-r--r-- | ssl/record/ssl3_record.c | 23 | ||||
| -rw-r--r-- | ssl/record/tls_pad.c | 2 |
2 files changed, 6 insertions, 19 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index b6ac61e..c713f23 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1218,23 +1218,17 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, } if (!sending) { - /* Adjust the record to remove the explicit IV/MAC/Tag */ - if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + for (ctr = 0; ctr < n_recs; ctr++) { + /* Adjust the record to remove the explicit IV/MAC/Tag */ + if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { recs[ctr].data += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; - } - } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { recs[ctr].data += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_CCM_TLS_EXPLICIT_IV_LEN; - } - } - - for (ctr = 0; ctr < n_recs; ctr++) { - if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { + } else if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { if (recs[ctr].length < bs) return 0; recs[ctr].data += bs; @@ -1254,17 +1248,12 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, (macs != NULL) ? &macs[ctr].alloced : NULL, bs, - macsize, + pad ? (size_t)pad : macsize, (EVP_CIPHER_get_flags(enc) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0, s->ctx->libctx)) return 0; } - if (pad) { - for (ctr = 0; ctr < n_recs; ctr++) { - recs[ctr].length -= pad; - } - } } } } diff --git a/ssl/record/tls_pad.c b/ssl/record/tls_pad.c index 46614e1..528c605 100644 --- a/ssl/record/tls_pad.c +++ b/ssl/record/tls_pad.c @@ -138,8 +138,6 @@ int tls1_cbc_remove_padding_and_mac(size_t *reclen, if (aead) { /* padding is already verified and we don't need to check the MAC */ *reclen -= padding_length + 1 + mac_size; - *mac = NULL; - *alloced = 0; return 1; } |