wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Generate correct GCM tag

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2021-01-27 18:02:37 +01:00
parent 921fd34876
commit 8a669615f8
1 changed files with 18 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
wolfcrypt/src/evp.c
View File

@ -772,39 +772,16 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
case AES_256_GCM_TYPE:
if ((ctx->gcmBuffer && ctx->gcmBufferLen > 0)
|| (ctx->gcmBufferLen == 0)) {
ret = 0;
if (ctx->gcmAuthIn) {
/* authenticated, non-confidential data*/
if (ctx->enc) {
XMEMSET(ctx->authTag, 0, ctx->authTagSz);
ret = wc_AesGcmEncrypt(&ctx->cipher.aes, NULL, NULL, 0,
ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
ctx->gcmAuthIn, ctx->gcmAuthInSz);
}
else {
ret = wc_AesGcmDecrypt(&ctx->cipher.aes, NULL, NULL, 0,
ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
ctx->gcmAuthIn, ctx->gcmAuthInSz);
/* Reset partial authTag error for AAD*/
if (ret == AES_GCM_AUTH_E)
ret = 0;
}
}
if (ret == 0) {
if (ctx->enc)
/* encrypt confidential data*/
ret = wc_AesGcmEncrypt(&ctx->cipher.aes, out,
ctx->gcmBuffer, ctx->gcmBufferLen,
ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
NULL, 0);
else
/* decrypt confidential data*/
ret = wc_AesGcmDecrypt(&ctx->cipher.aes, out,
ctx->gcmBuffer, ctx->gcmBufferLen,
ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
NULL, 0);
}
if (ctx->enc)
ret = wc_AesGcmEncrypt(&ctx->cipher.aes, out,
ctx->gcmBuffer, ctx->gcmBufferLen,
ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
ctx->gcmAuthIn, ctx->gcmAuthInSz);
else
ret = wc_AesGcmDecrypt(&ctx->cipher.aes, out,
ctx->gcmBuffer, ctx->gcmBufferLen,
ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
ctx->gcmAuthIn, ctx->gcmAuthInSz);
if (ret == 0) {
ret = WOLFSSL_SUCCESS;
@ -5289,39 +5266,14 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, src, len);
}
else {
ret = 0;
if (ctx->gcmAuthIn) {
/* authenticated, non-confidential data*/
if (ctx->enc) {
XMEMSET(ctx->authTag, 0, ctx->authTagSz);
ret = wc_AesGcmEncrypt(&ctx->cipher.aes, NULL,
NULL, 0, ctx->iv, ctx->ivSz, ctx->authTag,
ctx->authTagSz, ctx->gcmAuthIn,
ctx->gcmAuthInSz);
}
else {
ret = wc_AesGcmDecrypt(&ctx->cipher.aes, NULL,
NULL, 0, ctx->iv, ctx->ivSz, ctx->authTag,
ctx->authTagSz, ctx->gcmAuthIn,
ctx->gcmAuthInSz);
/* Reset partial authTag error for AAD*/
if (ret == AES_GCM_AUTH_E)
ret = 0;
}
}
if (ret == 0) {
if (ctx->enc)
/* encrypt confidential data*/
ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src,
len, ctx->iv, ctx->ivSz, ctx->authTag,
ctx->authTagSz, NULL, 0);
else
/* decrypt confidential data*/
ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src,
len, ctx->iv, ctx->ivSz, ctx->authTag,
ctx->authTagSz, NULL, 0);
}
if (ctx->enc)
ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src,
len, ctx->iv, ctx->ivSz, ctx->authTag,
ctx->authTagSz, ctx->gcmAuthIn, ctx->gcmAuthInSz);
else
ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src,
len, ctx->iv, ctx->ivSz, ctx->authTag,
ctx->authTagSz, ctx->gcmAuthIn, ctx->gcmAuthInSz);
}
if (ret == 0)
ret = len;