From 563423fb21d6d5dcbdd616af496038e2209c6f65 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 21 Nov 2017 17:20:17 +0000 Subject: [PATCH] Improve documentation of MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT option Explain more clearly when this option should be used and which versions of Mbed TLS build on the non-compliant implementation. --- include/mbedtls/config.h | 7 ++++--- library/ssl_tls.c | 3 ++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index de49d3af9..fa935c798 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1369,9 +1369,10 @@ * Fallback to old, non-conforming implementation of the truncated * HMAC extension which also truncates the HMAC key. * - * \warning This should only be enabled temporarily when the use - * of truncated HMAC is mandatory *and* the peer is an Mbed TLS - * stack that doesn't use the fixed implementation yet. + * \warning This should only be enabled temporarily when (1) the use of + * truncated HMAC is essential in order to save bandwidth, and + * (2) the peer is an Mbed TLS stack that doesn't use the fixed + * implementation yet (version number <= 2.6.0). * * Uncomment to fallback to old, non-compliant truncated HMAC implementation. * diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 62de5f274..3cd1d6299 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -718,7 +718,8 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) /* Fall back to old, non-compliant version of the truncated - * HMAC implementation which also truncates the key. */ + * HMAC implementation which also truncates the key + * (Mbed TLS versions from 1.3 to 2.6.0) */ mac_key_len = transform->maclen; #endif }