commit 20605684e802624bc8623815b3804d26cd8bda7b
author Brian Smith <brian@briansmith.org> Wed Sep 30 13:37:56 2015 -1000
committer Adam Langley <agl@google.com> Wed Sep 30 23:59:22 2015 +0000
tree 638a7003b835d4237d88980c3b7142e181a0ef01
parent d4ebc99122d3bc822f4829a9f4ffb889966d32b9

Fix |max_tag_len| for TLS CBC AEADs.

Change-Id: Iba21583a4de08039fab78e526c91003fbd327592
Reviewed-on: https://boringssl-review.googlesource.com/6058
Reviewed-by: Adam Langley <agl@google.com>

crypto/cipher/e_tls.c

diff --git a/crypto/cipher/e_tls.c b/crypto/cipher/e_tls.c
index 2778881..c3ddbde 100644
--- a/crypto/cipher/e_tls.c
+++ b/crypto/cipher/e_tls.c
@@ -494,7 +494,7 @@
     SHA256_DIGEST_LENGTH + 16, /* key len (SHA256 + AES128) */
     16,                        /* nonce len (IV) */
     16 + SHA256_DIGEST_LENGTH, /* overhead (padding + SHA256) */
-    SHA_DIGEST_LENGTH,         /* max tag length */
+    SHA256_DIGEST_LENGTH,      /* max tag length */
     NULL, /* init */
     aead_aes_128_cbc_sha256_tls_init,
     aead_tls_cleanup,
@@ -533,7 +533,7 @@
     SHA256_DIGEST_LENGTH + 32, /* key len (SHA256 + AES256) */
     16,                        /* nonce len (IV) */
     16 + SHA256_DIGEST_LENGTH, /* overhead (padding + SHA256) */
-    SHA_DIGEST_LENGTH,         /* max tag length */
+    SHA256_DIGEST_LENGTH,      /* max tag length */
     NULL, /* init */
     aead_aes_256_cbc_sha256_tls_init,
     aead_tls_cleanup,
@@ -546,7 +546,7 @@
     SHA384_DIGEST_LENGTH + 32, /* key len (SHA384 + AES256) */
     16,                        /* nonce len (IV) */
     16 + SHA384_DIGEST_LENGTH, /* overhead (padding + SHA384) */
-    SHA_DIGEST_LENGTH,         /* max tag length */
+    SHA384_DIGEST_LENGTH,      /* max tag length */
     NULL, /* init */
     aead_aes_256_cbc_sha384_tls_init,
     aead_tls_cleanup,