mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-02 12:14:38 +02:00
AES-GCM: fixed the encryption/decryption bug
This commit is contained in:
John Safranek
@@ -2245,8 +2245,9 @@ static INLINE void Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz)
|
|||||||
XMEMSET(additional, 0, 16);
|
XMEMSET(additional, 0, 16);
|
||||||
c32toa(GetSEQIncrement(ssl, 0), additional + 4);
|
c32toa(GetSEQIncrement(ssl, 0), additional + 4);
|
||||||
XMEMCPY(additional+8, input - 5, 5);
|
XMEMCPY(additional+8, input - 5, 5);
|
||||||
|
c16toa(sz - 24, additional+11);
|
||||||
AesGcmEncrypt(&ssl->encrypt.aes, out+8, input+8, sz-24,
|
AesGcmEncrypt(&ssl->encrypt.aes, out+8, input+8, sz-24,
|
||||||
out + 8 + (sz - 24), 16, additional, 13);
|
out + sz - 16, 16, additional, 13);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
@@ -2316,7 +2317,7 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input,
|
|||||||
additional[8] = ssl->curRL.type;
|
additional[8] = ssl->curRL.type;
|
||||||
additional[9] = ssl->curRL.version.major;
|
additional[9] = ssl->curRL.version.major;
|
||||||
additional[10] = ssl->curRL.version.minor;
|
additional[10] = ssl->curRL.version.minor;
|
||||||
c16toa(sz, additional + 11);
|
c16toa(sz-24, additional + 11);
|
||||||
if (AesGcmDecrypt(&ssl->decrypt.aes, plain+8, input+8, sz-24,
|
if (AesGcmDecrypt(&ssl->decrypt.aes, plain+8, input+8, sz-24,
|
||||||
input + 8 + (sz - 24), 16, additional, 13) < 0) {
|
input + 8 + (sz - 24), 16, additional, 13) < 0) {
|
||||||
SendAlert(ssl, alert_fatal, bad_record_mac);
|
SendAlert(ssl, alert_fatal, bad_record_mac);
|
||||||
|
|||||||
10
src/keys.c
10
src/keys.c
@@ -1002,17 +1002,15 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
|||||||
/* TLS can call too */
|
/* TLS can call too */
|
||||||
int StoreKeys(CYASSL* ssl, const byte* keyData)
|
int StoreKeys(CYASSL* ssl, const byte* keyData)
|
||||||
{
|
{
|
||||||
int sz = ssl->specs.hash_size, i;
|
int sz, i = 0;
|
||||||
|
|
||||||
if (ssl->specs.cipher_type != aead) {
|
if (ssl->specs.cipher_type != aead) {
|
||||||
XMEMCPY(ssl->keys.client_write_MAC_secret, keyData, sz);
|
sz = ssl->specs.hash_size;
|
||||||
i = sz;
|
XMEMCPY(ssl->keys.client_write_MAC_secret,&keyData[i], sz);
|
||||||
|
i += sz;
|
||||||
XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz);
|
XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz);
|
||||||
i += sz;
|
i += sz;
|
||||||
}
|
}
|
||||||
else {
|
|
||||||
sz = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
sz = ssl->specs.key_size;
|
sz = ssl->specs.key_size;
|
||||||
XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz);
|
XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz);
|
||||||
|
|||||||
Reference in New Issue
Block a user