PR comments

2025-08-01 03:34:39 +02:00 · 2023-07-10 15:49:59 -04:00
parent 27a95e7e82
commit a317ac280c
5 changed files with 26 additions and 22 deletions
--- a/examples/server/server.c
+++ b/examples/server/server.c
@@ -2824,11 +2824,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #ifdef WOLFSSL_SNIFFER
    if (cipherList == NULL && version < 4) {
        /* static RSA or static ECC cipher suites */
-        const char* staticCipherList = "AES128-SHA:ECDH-ECDSA-AES128-SHA"
-        #if defined(HAVE_ARIA)
-            ":ECDHE-ECDSA-ARIA128-GCM-SHA256:ECDHE-ECDSA-ARIA256-GCM-SHA384"
-        #endif
-        ;
+        const char* staticCipherList = "AES128-SHA:ECDH-ECDSA-AES128-SHA";
        if (SSL_CTX_set_cipher_list(ctx, staticCipherList) != WOLFSSL_SUCCESS) {
            err_sys_ex(runWithErrors, "server can't set cipher list 3");
        }
--- a/src/internal.c
+++ b/src/internal.c
@@ -17891,7 +17891,7 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
    #ifdef HAVE_ARIA
        case wolfssl_aria_gcm:
        {
-            const byte* additionalSrc = input - 5;
+            const byte* additionalSrc = input - RECORD_HEADER_SZ;
            byte *outBuf = NULL;
            XMEMSET(ssl->encrypt.additional, 0, AEAD_AUTH_DATA_SZ);

@@ -17923,13 +17923,13 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
                break;
            }
            ret = wc_AriaEncrypt(ssl->encrypt.aria, outBuf,
-                        (byte*) input + AESGCM_EXP_IV_SZ,
-                        sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
-                        ssl->encrypt.nonce, AESGCM_NONCE_SZ,
-                        ssl->encrypt.additional, AEAD_AUTH_DATA_SZ,
-                        out + sz - ssl->specs.aead_mac_size,
-                        ssl->specs.aead_mac_size
-                        );
+                    (byte*) input + AESGCM_EXP_IV_SZ,
+                    sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                    ssl->encrypt.nonce, AESGCM_NONCE_SZ,
+                    ssl->encrypt.additional, AEAD_AUTH_DATA_SZ,
+                    out + sz - ssl->specs.aead_mac_size,
+                    ssl->specs.aead_mac_size
+                    );
            if (ret != 0)
                break;
            XMEMCPY(out,
@@ -18409,6 +18409,8 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
                                (byte *)input + sz - ssl->specs.aead_mac_size,
                                ssl->specs.aead_mac_size
                                );
+            if (ret != 0)
+                break;
            XMEMCPY(plain + AESGCM_EXP_IV_SZ,
                    outBuf,
                    sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size);
--- a/tests/api.c
+++ b/tests/api.c
@@ -51354,7 +51354,7 @@ static int test_wolfssl_EVP_aria_gcm(void)
    byte *iv = (byte*)"0123456789012345";
    int ivSz = ARIA_BLOCK_SIZE;
    /* Message to be encrypted */
-    int plaintxtSz = 40;
+    const int plaintxtSz = 40;
    byte plaintxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)];
    XMEMCPY(plaintxt,"for things to change you have to change",plaintxtSz);
    /* Additional non-confidential data */
--- a/wolfcrypt/src/port/aria/aria-crypt.c
+++ b/wolfcrypt/src/port/aria/aria-crypt.c
@@ -32,12 +32,13 @@ size and a key size of 128, 192, or 256 bits.
 #endif

 #include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ARIA
+
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/ssl.h>
 #include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>

-#ifdef HAVE_ARIA
-
 /* return 0 on success or WC_INIT_E on failure */
 int wc_AriaInitCrypt(wc_Aria* aria, MC_ALGID algo)
 {
--- a/wolfcrypt/src/port/aria/aria-cryptocb.c
+++ b/wolfcrypt/src/port/aria/aria-cryptocb.c
@@ -32,13 +32,14 @@ size and a key size of 128, 192, or 256 bits.
 #endif

 #include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ARIA
+
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/ssl.h>
 #include <wolfssl/wolfcrypt/asn_public.h>
 #include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>

-#ifdef HAVE_ARIA
-
 int wc_AriaInit(void)
 {
    MC_RV rv = MC_OK;
@@ -247,7 +248,8 @@ int wc_AriaSign(byte* in, word32 inSz, byte* out, word32* outSz, ecc_key* key)
    return 0;
 }

-int wc_AriaVerify(byte* sig, word32 sigSz, byte* hash, word32 hashSz, int* res, ecc_key* key)
+int wc_AriaVerify(byte* sig, word32 sigSz, byte* hash, word32 hashSz,
+        int* res, ecc_key* key)
 {
    MC_HOBJECT hPubkey = 0;
    MC_HSESSION hSession = 0;
@@ -324,7 +326,8 @@ int wc_AriaVerify(byte* sig, word32 sigSz, byte* hash, word32 hashSz, int* res,
    return 0;
 }

-int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key, byte* out, word32* outSz)
+int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key,
+        byte* out, word32* outSz)
 {
    MC_HOBJECT hPrikey = 0;
    MC_HSESSION hSession = 0;
@@ -341,7 +344,8 @@ int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key, byte* out, word32*

    WOLFSSL_ENTER("AriaDerive");

-    if (private_key == NULL || public_key == NULL || out == NULL || outSz == NULL) {
+    if (private_key == NULL || public_key == NULL ||
+            out == NULL || outSz == NULL) {
        return BAD_FUNC_ARG;
    }

@@ -412,7 +416,8 @@ int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key, byte* out, word32*
 }

 #ifdef WOLF_CRYPTO_CB
-    static void printOutput(const char* strName, unsigned char* data, unsigned int dataSz)
+    static void printOutput(const char* strName, unsigned char* data,
+            unsigned int dataSz)
    {
        #ifdef DEBUG_WOLFSSL
        WOLFSSL_MSG_EX("%s (%d):", strName,dataSz);