feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

NetBSD Selftest, TLSv1.3, and wolfCrypt v4

Browse Source 
When building for TLSv1.3 and the NetBSD Selftest, need to use the old
pre-wolfCrypt v4 APIs for AES-GCM and AES-CCM.
This commit is contained in:
John Safranek
2019-06-03 09:40:00 -07:00
parent 7624d90590
commit 978928be83
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/tls13.c
View File

@@ -1696,6 +1696,12 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
#endif
nonceSz = AESGCM_NONCE_SZ;
#if ((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)))
ret = wc_AesGcmEncrypt(ssl->encrypt.aes, output, input,
dataSz, ssl->encrypt.nonce, nonceSz,
output + dataSz, macSz, aad, aadSz);
#else
ret = wc_AesGcmSetExtIV(ssl->encrypt.aes,
ssl->encrypt.nonce, nonceSz);
if (ret == 0) {
@@ -1703,6 +1709,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
input, dataSz, ssl->encrypt.nonce, nonceSz,
output + dataSz, macSz, aad, aadSz);
}
#endif
break;
#endif
@@ -1717,6 +1724,12 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
#endif
nonceSz = AESCCM_NONCE_SZ;
#if ((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)))
ret = wc_AesCcmEncrypt(ssl->encrypt.aes, output, input,
dataSz, ssl->encrypt.nonce, nonceSz,
output + dataSz, macSz, aad, aadSz);
#else
ret = wc_AesCcmSetNonce(ssl->encrypt.aes,
ssl->encrypt.nonce, nonceSz);
if (ret == 0) {
@@ -1724,6 +1737,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
input, dataSz, ssl->encrypt.nonce, nonceSz,
output + dataSz, macSz, aad, aadSz);
}
#endif
break;
#endif