unsigned char aad[13];
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
size_t packlen;
+ int packleni;
/* minimize address aliasing conflicts */
if ((max_send_fragment & 0xfff) == 0)
mb_param.inp = aad;
mb_param.len = nw;
- /* TODO: CHECK ME - CAN THIS EVER BE NEGATIVE???? */
- packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
+ packleni = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
sizeof(mb_param), &mb_param);
-
- if (packlen <= 0 || packlen > wb->len) { /* never happens */
+ packlen = (size_t)packleni;
+ if (packleni <= 0 || packlen > wb->len) { /* never happens */
/* free jumbo buffer */
ssl3_release_write_buffer(s);
break;
ssl_minor = *(p++);
version = (ssl_major << 8) | ssl_minor;
rr[num_recs].rec_version = version;
- /* TODO(size_t): CHECK ME */
n2s(p, rr[num_recs].length);
/* Lets check version */
* 1: if the padding was valid
* -1: otherwise.
*/
- /* TODO(size_t): Convert me */
int ssl3_cbc_remove_padding(SSL3_RECORD *rec,
size_t block_size, size_t mac_size)
{
return 0;
padding_length = rec->data[rec->length - 1];
- /* TODO(size_t): size_t constant_time ? */
good = constant_time_ge(rec->length, padding_length + overhead);
/* SSLv3 requires that the padding is minimal. */
good &= constant_time_ge(block_size, padding_length + 1);
return 1;
}
- /* TODO(size_t): size_t constant_time?? */
good = constant_time_ge(rec->length, overhead + padding_length);
/*
* The padding consists of a length byte at the end of the record and
memset(rotated_mac, 0, md_size);
for (i = scan_start, j = 0; i < rec->orig_len; i++) {
- /* TODO(size_t): should we have constant_time variants for size_t? */
unsigned char mac_started = constant_time_ge_8(i, mac_start);
unsigned char mac_ended = constant_time_ge_8(i, mac_end);
unsigned char b = rec->data[i];
memcpy(&(RECORD_LAYER_get_read_sequence(&s->rlayer)[2]), p, 6);
p += 6;
- /* TODO(size_t): CHECK ME */
n2s(p, rr->length);
/* Lets check version */
projects / openssl.git / commitdiff