feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for CCM - TLS v1.3 needs all nonce/IV bytes

Browse Source
This commit is contained in:
Sean Parkinson
2017-06-12 14:21:43 +10:00
parent 044417ba01
commit 8dbd9a88ee
2 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/keys.c
View File

@ -2640,7 +2640,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
return CcmRet;
}
XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
AESGCM_IMP_IV_SZ);
AEAD_MAX_IMP_SZ);
}
if (dec) {
CcmRet = wc_AesCcmSetKey(dec->aes, keys->server_write_key,
@ -2649,7 +2649,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
return CcmRet;
}
XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
AESGCM_IMP_IV_SZ);
AEAD_MAX_IMP_SZ);
}
}
else {
@ -2660,7 +2660,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
return CcmRet;
}
XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
AESGCM_IMP_IV_SZ);
AEAD_MAX_IMP_SZ);
}
if (dec) {
CcmRet = wc_AesCcmSetKey(dec->aes, keys->client_write_key,
@ -2669,7 +2669,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
return CcmRet;
}
XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
AESGCM_IMP_IV_SZ);
AEAD_MAX_IMP_SZ);
}
}
if (enc)

24
src/tls13.c
View File

@ -1616,6 +1616,10 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
switch (ssl->specs.bulk_cipher_algorithm) {
#ifdef BUILD_AESGCM
case wolfssl_aes_gcm:
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Nonce");
WOLFSSL_BUFFER(nonce, AESGCM_NONCE_SZ);
#endif
ret = wc_AesGcmEncrypt(ssl->encrypt.aes, output, input, dataSz,
nonce, AESGCM_NONCE_SZ, output + dataSz, macSz, NULL, 0);
break;
@ -1623,6 +1627,10 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
#ifdef HAVE_AESCCM
case wolfssl_aes_ccm:
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Nonce");
WOLFSSL_BUFFER(nonce, AESCCM_NONCE_SZ);
#endif
ret = wc_AesCcmEncrypt(ssl->encrypt.aes, output, input, dataSz,
nonce, AESCCM_NONCE_SZ, output + dataSz, macSz, NULL, 0);
break;
@ -1630,6 +1638,10 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
case wolfssl_chacha:
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Nonce");
WOLFSSL_BUFFER(nonce, CHACHA_IV_BYTES);
#endif
ret = ChaCha20Poly1305_Encrypt(ssl, output, input, dataSz, nonce,
output + dataSz);
break;
@ -1740,6 +1752,10 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz)
switch (ssl->specs.bulk_cipher_algorithm) {
#ifdef BUILD_AESGCM
case wolfssl_aes_gcm:
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Nonce");
WOLFSSL_BUFFER(nonce, AESGCM_NONCE_SZ);
#endif
ret = wc_AesGcmDecrypt(ssl->decrypt.aes, output, input, dataSz,
nonce, AESGCM_NONCE_SZ, input + dataSz, macSz, NULL, 0);
break;
@ -1747,6 +1763,10 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz)
#ifdef HAVE_AESCCM
case wolfssl_aes_ccm:
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Nonce");
WOLFSSL_BUFFER(nonce, AESCCM_NONCE_SZ);
#endif
ret = wc_AesCcmDecrypt(ssl->decrypt.aes, output, input, dataSz,
nonce, AESCCM_NONCE_SZ, input + dataSz, macSz, NULL, 0);
break;
@ -1754,6 +1774,10 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz)
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
case wolfssl_chacha:
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Nonce");
WOLFSSL_BUFFER(nonce, CHACHA_IV_BYTES);
#endif
ret = ChaCha20Poly1305_Decrypt(ssl, output, input, dataSz, nonce,
input + dataSz);
break;