From da5b042d218c43f788782b0109fdccf0fa4a9466 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 16 May 2014 15:47:22 -0700 Subject: [PATCH] AEAD additional data for encrypt and decrypt should be AEAD_AUTH_DATA_SZ --- src/internal.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/src/internal.c b/src/internal.c index 4eab1ae8a..3deec6712 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4189,11 +4189,11 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) #ifdef BUILD_AESGCM case cyassl_aes_gcm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; const byte* additionalSrc = input - 5; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 0), @@ -4222,8 +4222,8 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, nonce, AEAD_NONCE_SZ, out + sz - ssl->specs.aead_mac_size, - ssl->specs.aead_mac_size, additional, - AEAD_AUTH_DATA_SZ); + ssl->specs.aead_mac_size, + additional, AEAD_AUTH_DATA_SZ); AeadIncrementExpIV(ssl); XMEMSET(nonce, 0, AEAD_NONCE_SZ); } @@ -4233,11 +4233,11 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) #ifdef HAVE_AESCCM case cyassl_aes_ccm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; const byte* additionalSrc = input - 5; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 0), @@ -4270,9 +4270,8 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) additional, AEAD_AUTH_DATA_SZ); AeadIncrementExpIV(ssl); XMEMSET(nonce, 0, AEAD_NONCE_SZ); - - break; } + break; #endif #ifdef HAVE_CAMELLIA @@ -4341,10 +4340,10 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, #ifdef BUILD_AESGCM case cyassl_aes_gcm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET); @@ -4375,17 +4374,17 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, return VERIFY_MAC_ERROR; } XMEMSET(nonce, 0, AEAD_NONCE_SZ); - break; } + break; #endif #ifdef HAVE_AESCCM case cyassl_aes_ccm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET); @@ -4416,8 +4415,8 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, return VERIFY_MAC_ERROR; } XMEMSET(nonce, 0, AEAD_NONCE_SZ); - break; } + break; #endif #ifdef HAVE_CAMELLIA