Implement hmac truncation

commit: 277f7f23e270a66ca6058d7538977e3ce9ed0bb7 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Jul 19 12:19:21 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Fri Jul 19 14:51:47 2013 +0200
tree: 9e872e5d72ad3efe46f15c287198b0fd5abb8d1a
parent: 57c285280710f81b8530608dd5877e8dcfa3ac36 [diff]
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index c7d7b12..184e2e1 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h

@@ -150,6 +150,7 @@
 
 #define SSL_TRUNC_HMAC_DISABLED         0
 #define SSL_TRUNC_HMAC_ENABLED          1
+#define SSL_TRUNCATED_HMAC_LEN          10  /* 80 bits, rfc 6066 section 7 */
 
 /*
  * Size of the input / output buffer.

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4e7cac7..3da7c0b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -475,6 +475,14 @@
             }
 
             transform->maclen = md_get_size( md_info );
+
+            /*
+             * If HMAC is to be truncated, we shall keep the leftmost bytes,
+             * (rfc 6066 page 13 or rfc 2104 section 4),
+             * so we only need to adjust the length here.
+             */
+            if( session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED )
+                transform->maclen = SSL_TRUNCATED_HMAC_LEN;
         }
 
         transform->keylen = cipher_info->key_length;
commit	277f7f23e270a66ca6058d7538977e3ce9ed0bb7	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Fri Jul 19 12:19:21 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Fri Jul 19 14:51:47 2013 +0200
tree	9e872e5d72ad3efe46f15c287198b0fd5abb8d1a
parent	57c285280710f81b8530608dd5877e8dcfa3ac36 [diff]