Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)
ctx->payload_length = NO_PAYLOAD_LENGTH;
ctx->payload_length = NO_PAYLOAD_LENGTH;
+ vctx->removetlspad = SHA_DIGEST_LENGTH + AES_BLOCK_SIZE;
+
return ret < 0 ? 0 : 1;
}
return ret < 0 ? 0 : 1;
}
ctx->payload_length = NO_PAYLOAD_LENGTH;
ctx->payload_length = NO_PAYLOAD_LENGTH;
+ vctx->removetlspad = SHA256_DIGEST_LENGTH + AES_BLOCK_SIZE;
+
return ret < 0 ? 0 : 1;
}
return ret < 0 ? 0 : 1;
}
+ /*
+ * Remove any TLS padding. Only used by cipher_aes_cbc_hmac_sha1_hw.c and
+ * cipher_aes_cbc_hmac_sha256_hw.c
+ */
+ if (!ctx->enc && ctx->removetlspad > 0) {
+ /* The actual padding length */
+ *outl -= out[inl - 1] + 1;
+
+ /* MAC and explicit IV */
+ *outl -= ctx->removetlspad;
+ }
+
return 1;
}
int cipher_generic_stream_final(void *vctx, unsigned char *out, size_t *outl,
return 1;
}
int cipher_generic_stream_final(void *vctx, unsigned char *out, size_t *outl,
* points into the user buffer.
*/
size_t tlsmacsize; /* Size of the TLS MAC */
* points into the user buffer.
*/
size_t tlsmacsize; /* Size of the TLS MAC */
+ size_t removetlspad; /*
+ * Length of the fixed size data to remove when
+ * removing TLS padding (equals mac size plus
+ * IV size if applicable)
+ */
/*
* num contains the number of bytes of |iv| which are valid for modes that
/*
* num contains the number of bytes of |iv| which are valid for modes that