* blocks = (data_length + digest_padding - 1)/block_len + 1
* Since we're only interested in differences in block counts the constant
* '1' can be ignored. For SHA1 and MD5 the digest_padding is 9 bytes and the
- * block length 64 bytes.
+ * block length 64 bytes. Giving:
+ * extra_blocks = (data_length + 8)/64
* For the SSL 3 MACs the variable part is:
* hash(MAC_write_secret + pad_1 + seq_num + SSLCompressed.type +
* SSLCompressed.length + SSLCompressed.fragment)
* Discarding 64 (one complete block) and plugging the values into the
* block calculation gives:
*
- * MD5_blocks_SSL3 = (payload_length + 10)/64
- * SHA1_blocks_SSL3 = (payload_length + 7)/64
+ * MD5_blocks_SSL3 = (payload_length + 19)/64
+ * SHA1_blocks_SSL3 = (payload_length + 15)/64
*
*/
/* Determine the algorithm in use */
alg_mac = s->s3->tmp.new_cipher->algorithm_mac;
if (alg_mac == SSL_MD5)
- total_pad = 10;
+ total_pad = 19;
else if (alg_mac == SSL_SHA1)
- total_pad = 7;
+ total_pad = 15;
else return 0;
/* Work out number of blocks in original and padding removed record */
blocks_orig = (rec->orig_len + total_pad) / 64;