diff options
author | Matt Caswell <matt@openssl.org> | 2020-04-18 11:54:23 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-04-20 11:29:31 +0100 |
commit | 73d391ad139b6744fa16fb8be1813b2f7ec8f6c0 (patch) | |
tree | 62106895832e485b9d556d460757c6f12f7acc52 /ssl/record | |
parent | 682bc861a92d09fb5155cd1aceee7b1ce298ddb9 (diff) | |
download | openssl-new-73d391ad139b6744fa16fb8be1813b2f7ec8f6c0.tar.gz |
Use a fetched MD if appropriate in ssl3_cbc_digest_record
HMACs used via the legacy EVP_DigestSign interface are strange in
that they use legacy codepath's which eventually (under the covers)
transform the operation into a new style EVP_MAC. This can mean the
digest in use can be a legacy one, so we need to be careful with any
digest we extract from the ctx.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11511)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/ssl3_record.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index a5ef78dec9..23bbc952ee 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1270,7 +1270,7 @@ int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) header[j++] = (unsigned char)(rec->length & 0xff); /* Final param == is SSLv3 */ - if (ssl3_cbc_digest_record(hash, + if (ssl3_cbc_digest_record(ssl, hash, md, &md_size, header, rec->input, rec->length + md_size, rec->orig_len, @@ -1374,7 +1374,7 @@ int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) * are hashing because that gives an attacker a timing-oracle. */ /* Final param == not SSLv3 */ - if (ssl3_cbc_digest_record(mac_ctx, + if (ssl3_cbc_digest_record(ssl, mac_ctx, md, &md_size, header, rec->input, rec->length + md_size, rec->orig_len, |