Correct processing of AES-SHA stitched ciphers

Fixes: #15706 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15740)
author: Dmitry Belyavskiy <beldmit@gmail.com> 2021-06-14 14:30:48 +0200
committer: Pauli <pauli@openssl.org> 2021-06-16 17:05:46 +1000
commit: f763e1351446da952c54e0ea85ec26a436cf4815 (patch)
tree: dcb44e181aaa0a54100204dc167685b1241a27b5
parent: 1941684daf54da9de8cf1d2a9b1df471ecdcb1a1 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
index 14fbf63b03..24349df159 100644
--- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
@@ -733,7 +733,7 @@ static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx,
             if (len < AES_BLOCK_SIZE)
                 return 0;
             len -= AES_BLOCK_SIZE;
-            p[aad_len] = len >> 8;
+            p[aad_len - 2] = len >> 8;
             p[aad_len - 1] = len;
         }
         sctx->md = sctx->head;
author	Dmitry Belyavskiy <beldmit@gmail.com>	2021-06-14 14:30:48 +0200
committer	Pauli <pauli@openssl.org>	2021-06-16 17:05:46 +1000
commit	f763e1351446da952c54e0ea85ec26a436cf4815 (patch)
tree	dcb44e181aaa0a54100204dc167685b1241a27b5
parent	1941684daf54da9de8cf1d2a9b1df471ecdcb1a1 (diff)