forked from wolfSSL/wolfssl
Update so TLSv1.3 will work. Needed to make the implicit IVs full sized
when copying. Added a flag to SetKeys() to skip the IV set (used for TLSv1.3).
This commit is contained in:
John Safranek
45
src/keys.c
45
src/keys.c
@ -2212,9 +2212,10 @@ static int SetPrefix(byte* sha_input, int idx)
|
|||||||
|
|
||||||
|
|
||||||
static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
||||||
int side, void* heap, int devId, WC_RNG* rng)
|
int side, void* heap, int devId, WC_RNG* rng, int skipIv)
|
||||||
{
|
{
|
||||||
(void)rng;
|
(void)rng;
|
||||||
|
(void)skipIv;
|
||||||
|
|
||||||
#ifdef BUILD_ARC4
|
#ifdef BUILD_ARC4
|
||||||
if (specs->bulk_cipher_algorithm == wolfssl_rc4) {
|
if (specs->bulk_cipher_algorithm == wolfssl_rc4) {
|
||||||
@ -2609,12 +2610,14 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
|||||||
specs->key_size);
|
specs->key_size);
|
||||||
if (gcmRet != 0) return gcmRet;
|
if (gcmRet != 0) return gcmRet;
|
||||||
XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
|
XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
|
||||||
AESGCM_IMP_IV_SZ);
|
AEAD_MAX_IMP_SZ);
|
||||||
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
||||||
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
||||||
gcmRet = wc_AesGcmSetIV(enc->aes, AESGCM_NONCE_SZ,
|
if (!skipIv) {
|
||||||
keys->client_write_IV, AESGCM_IMP_IV_SZ, rng);
|
gcmRet = wc_AesGcmSetIV(enc->aes, AESGCM_NONCE_SZ,
|
||||||
if (gcmRet != 0) return gcmRet;
|
keys->client_write_IV, AESGCM_IMP_IV_SZ, rng);
|
||||||
|
if (gcmRet != 0) return gcmRet;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (dec) {
|
if (dec) {
|
||||||
@ -2622,7 +2625,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
|||||||
specs->key_size);
|
specs->key_size);
|
||||||
if (gcmRet != 0) return gcmRet;
|
if (gcmRet != 0) return gcmRet;
|
||||||
XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
|
XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
|
||||||
AESGCM_IMP_IV_SZ);
|
AEAD_MAX_IMP_SZ);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -2631,12 +2634,14 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
|||||||
specs->key_size);
|
specs->key_size);
|
||||||
if (gcmRet != 0) return gcmRet;
|
if (gcmRet != 0) return gcmRet;
|
||||||
XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
|
XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
|
||||||
AESGCM_IMP_IV_SZ);
|
AEAD_MAX_IMP_SZ);
|
||||||
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
||||||
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
||||||
gcmRet = wc_AesGcmSetIV(enc->aes, AESGCM_NONCE_SZ,
|
if (!skipIv) {
|
||||||
keys->server_write_IV, AESGCM_IMP_IV_SZ, rng);
|
gcmRet = wc_AesGcmSetIV(enc->aes, AESGCM_NONCE_SZ,
|
||||||
if (gcmRet != 0) return gcmRet;
|
keys->server_write_IV, AESGCM_IMP_IV_SZ, rng);
|
||||||
|
if (gcmRet != 0) return gcmRet;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (dec) {
|
if (dec) {
|
||||||
@ -2644,7 +2649,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
|||||||
specs->key_size);
|
specs->key_size);
|
||||||
if (gcmRet != 0) return gcmRet;
|
if (gcmRet != 0) return gcmRet;
|
||||||
XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
|
XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
|
||||||
AESGCM_IMP_IV_SZ);
|
AEAD_MAX_IMP_SZ);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (enc)
|
if (enc)
|
||||||
@ -2708,10 +2713,10 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
|||||||
AEAD_MAX_IMP_SZ);
|
AEAD_MAX_IMP_SZ);
|
||||||
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
||||||
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
||||||
CcmRet = wc_AesCcmSetNonce(enc->aes, keys->client_write_IV,
|
if (!skipIv) {
|
||||||
AEAD_MAX_IMP_SZ);
|
CcmRet = wc_AesCcmSetNonce(enc->aes, keys->client_write_IV,
|
||||||
if (CcmRet != 0) {
|
AEAD_MAX_IMP_SZ);
|
||||||
return CcmRet;
|
if (CcmRet != 0) return CcmRet;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@ -2736,10 +2741,10 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
|||||||
AEAD_MAX_IMP_SZ);
|
AEAD_MAX_IMP_SZ);
|
||||||
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
|
||||||
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
|
||||||
CcmRet = wc_AesCcmSetNonce(enc->aes, keys->server_write_IV,
|
if (!skipIv) {
|
||||||
AEAD_MAX_IMP_SZ);
|
CcmRet = wc_AesCcmSetNonce(enc->aes, keys->server_write_IV,
|
||||||
if (CcmRet != 0) {
|
AEAD_MAX_IMP_SZ);
|
||||||
return CcmRet;
|
if (CcmRet != 0) return CcmRet;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@ -3036,7 +3041,7 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
ret = SetKeys(wc_encrypt, wc_decrypt, keys, &ssl->specs, ssl->options.side,
|
ret = SetKeys(wc_encrypt, wc_decrypt, keys, &ssl->specs, ssl->options.side,
|
||||||
ssl->heap, ssl->devId, ssl->rng);
|
ssl->heap, ssl->devId, ssl->rng, ssl->options.tls1_3);
|
||||||
|
|
||||||
#ifdef HAVE_SECURE_RENEGOTIATION
|
#ifdef HAVE_SECURE_RENEGOTIATION
|
||||||
if (copy) {
|
if (copy) {
|
||||||
|
|||||||
Reference in New Issue
Block a user