Correct processing of AES-SHA stitched ciphers

author Dmitry Belyavskiy <beldmit@gmail.com>

Mon, 14 Jun 2021 12:30:48 +0000 (14:30 +0200)

committer Pauli <pauli@openssl.org>

Wed, 16 Jun 2021 07:05:46 +0000 (17:05 +1000)
author Dmitry Belyavskiy <beldmit@gmail.com>
Mon, 14 Jun 2021 12:30:48 +0000 (14:30 +0200)
committer Pauli <pauli@openssl.org>
Wed, 16 Jun 2021 07:05:46 +0000 (17:05 +1000)
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c

index 14fbf63b0336c6b29dbb784b86c26e06957dd96c..24349df1596842484888b50fec23de7bd4f711e2 100644 (file)
--- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
@@ -733,7 +733,7 @@ static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx,
              if (len < AES_BLOCK_SIZE)
                  return 0;
              len -= AES_BLOCK_SIZE;
-            p[aad_len] = len >> 8;
+            p[aad_len - 2] = len >> 8;
              p[aad_len - 1] = len;
          }
          sctx->md = sctx->head;
author	Dmitry Belyavskiy <beldmit@gmail.com>
	Mon, 14 Jun 2021 12:30:48 +0000 (14:30 +0200)
committer	Pauli <pauli@openssl.org>
	Wed, 16 Jun 2021 07:05:46 +0000 (17:05 +1000)