Fix misuse of MD API in SSL constant-flow HMAC
The sequence of calls starts-update-starts-update-finish is not a guaranteed valid way to abort an operation and start a new one. Our software implementation just happens to support it, but alt implementations may very well not support it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
parent
5605911fd3
commit
5ca21db813
2 changed files with 8 additions and 0 deletions
|
|
@ -1164,6 +1164,9 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_cf_hmac(
|
|||
MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) );
|
||||
}
|
||||
|
||||
/* The context needs to finish() before it starts() again */
|
||||
MD_CHK( mbedtls_md_finish( ctx, aux_out ) );
|
||||
|
||||
/* Now compute HASH(okey + inner_hash) */
|
||||
MD_CHK( mbedtls_md_starts( ctx ) );
|
||||
MD_CHK( mbedtls_md_update( ctx, okey, block_size ) );
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue