Fix for AES GCM and CCM ex to NOT increment counter or update IV if failure or async response code. Resolves TLS v1.3 with async simulator.

2019-03-13 23:32:53 -07:00
parent 397c2a4f8a
commit 6361ec2f10
2 changed files with 6 additions and 4 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -20931,7 +20931,6 @@ int SendCertificateVerify(WOLFSSL* ssl)
                    NULL
            #endif
                );
-                ssl->buffers.sig.length = (unsigned int)args->sigSz;
            }
        #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */
        #ifndef NO_RSA
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@ -6061,6 +6061,7 @@ int wc_AesGcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz,
                               (byte*)aes->reg, ivOutSz,
                               authTag, authTagSz,
                               authIn, authInSz);
+        if (ret == 0)
            IncCtr((byte*)aes->reg, ivOutSz);
    }

@ -6534,9 +6535,11 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz,
                               (byte*)aes->reg, aes->nonceSz,
                               authTag, authTagSz,
                               authIn, authInSz);
+        if (ret == 0) {
            XMEMCPY(ivOut, aes->reg, aes->nonceSz);
            IncCtr((byte*)aes->reg, aes->nonceSz);
        }
+    }

    return ret;
 }