Refactoring: create mbedtls_test_ssl_prepare_record_mac()
No semantic change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index 2fea014..6fbbe35 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -1195,6 +1195,39 @@
return ret;
}
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record,
+ mbedtls_ssl_transform *transform_out)
+{
+ /* Serialized version of record header for MAC purposes */
+ unsigned char add_data[13];
+ memcpy(add_data, record->ctr, 8);
+ add_data[8] = record->type;
+ add_data[9] = record->ver[0];
+ add_data[10] = record->ver[1];
+ add_data[11] = (record->data_len >> 8) & 0xff;
+ add_data[12] = (record->data_len >> 0) & 0xff;
+
+ /* MAC with additional data */
+ TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13));
+ TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc,
+ record->buf + record->data_offset,
+ record->data_len));
+ /* Use a temporary buffer for the MAC, because with the truncated HMAC
+ * extension, there might not be enough room in the record for the
+ * full-length MAC. */
+ unsigned char mac[MBEDTLS_MD_MAX_SIZE];
+ TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac));
+ memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen);
+ record->data_len += transform_out->maclen;
+
+ return 0;
+
+exit:
+ return -1;
+}
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
int mbedtls_test_ssl_populate_session(mbedtls_ssl_session *session,
int ticket_len,
const char *crt_file)