Add fallback to non-compliant truncated HMAC for compatibiltiy In case truncated HMAC must be used but the Mbed TLS peer hasn't been updated yet, one can use the compile-time option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT to temporarily fall back to the old, non-compliant implementation of the truncated HMAC extension.

commit: e89353a6b4aaa91a9e7a89ae047174928699fa19 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Mon Nov 20 16:36:41 2017 +0000
committer: Hanno Becker <hanno.becker@arm.com> Mon Nov 20 16:50:43 2017 +0000
tree: 6365d2ac24dde19c997cd4ad8741de7e65dd1ded
parent: 8d19bcf37ff7fe26127d2a6c2f2e52c44137fe8d [diff] [blame]
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index fa72454..bc77b21 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -77,6 +77,10 @@
 #error "MBEDTLS_DHM_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) && !defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+#error "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_CMAC_C) && \
     !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C)
 #error "MBEDTLS_CMAC_C defined, but not all prerequisites"
commit	e89353a6b4aaa91a9e7a89ae047174928699fa19	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Mon Nov 20 16:36:41 2017 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Mon Nov 20 16:50:43 2017 +0000
tree	6365d2ac24dde19c997cd4ad8741de7e65dd1ded
parent	8d19bcf37ff7fe26127d2a6c2f2e52c44137fe8d [diff] [blame]