diff options
Diffstat (limited to 'ssl/s3_enc.c')
| -rw-r--r-- | ssl/s3_enc.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 63b9f0b48a..b4a1456781 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -737,13 +737,14 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) * are hashing because that gives an attacker a timing-oracle. */ - /*- - * npad is, at most, 48 bytes and that's with MD5: - * 16 + 48 + 8 (sequence bytes) + 1 + 2 = 75. - * - * With SHA-1 (the largest hash speced for SSLv3) the hash size - * goes up 4, but npad goes down by 8, resulting in a smaller - * total size. */ + /*- + * npad is, at most, 48 bytes and that's with MD5: + * 16 + 48 + 8 (sequence bytes) + 1 + 2 = 75. + * + * With SHA-1 (the largest hash speced for SSLv3) the hash size + * goes up 4, but npad goes down by 8, resulting in a smaller + * total size. + */ unsigned char header[75]; unsigned j = 0; memcpy(header + j, mac_sec, md_size); |