Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
Wim Lewis
nettle
Commits
91d0c1b5
Commit
91d0c1b5
authored
Apr 25, 2014
by
Niels Möller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ccm_decrypt_message: length argument is cleartext (dst) length
Also updated related functions.
parent
c8e472cb
Changes
7
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
33 additions
and
19 deletions
+33
-19
ChangeLog
ChangeLog
+11
-0
ccm-aes128.c
ccm-aes128.c
+2
-2
ccm-aes192.c
ccm-aes192.c
+2
-2
ccm-aes256.c
ccm-aes256.c
+2
-2
ccm.c
ccm.c
+4
-5
ccm.h
ccm.h
+4
-4
testsuite/ccm-test.c
testsuite/ccm-test.c
+8
-4
No files found.
ChangeLog
View file @
91d0c1b5
2014-04-25 Niels Möller <nisse@lysator.liu.se>
* testsuite/ccm-test.c (test_cipher_ccm): And tests.
* ccm.c (ccm_decrypt_message): Change length argument, should now
be clear text (dst) length.
* ccm-aes128.c (ccm_aes128_decrypt_message): Likewise.
* ccm-aes192.c (ccm_aes192_decrypt_message): Likewise.
* ccm-aes256.c (ccm_aes256_decrypt_message): Likewise.
* ccm.h: Updated prototypes.
2014-04-22 Niels Möller <nisse@lysator.liu.se>
* nettle.texinfo (Recommended hash functions): Document additional
...
...
ccm-aes128.c
View file @
91d0c1b5
...
...
@@ -105,10 +105,10 @@ ccm_aes128_decrypt_message(struct ccm_aes128_ctx *ctx,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
{
return
ccm_decrypt_message
(
&
ctx
->
cipher
,
(
nettle_cipher_func
*
)
aes128_encrypt
,
nlength
,
nonce
,
alength
,
adata
,
tlength
,
c
length
,
dst
,
src
);
tlength
,
m
length
,
dst
,
src
);
}
ccm-aes192.c
View file @
91d0c1b5
...
...
@@ -105,10 +105,10 @@ ccm_aes192_decrypt_message(struct ccm_aes192_ctx *ctx,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
{
return
ccm_decrypt_message
(
&
ctx
->
cipher
,
(
nettle_cipher_func
*
)
aes192_encrypt
,
nlength
,
nonce
,
alength
,
adata
,
tlength
,
c
length
,
dst
,
src
);
tlength
,
m
length
,
dst
,
src
);
}
ccm-aes256.c
View file @
91d0c1b5
...
...
@@ -106,9 +106,9 @@ ccm_aes256_decrypt_message(struct ccm_aes256_ctx *ctx,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
{
return
ccm_decrypt_message
(
&
ctx
->
cipher
,
(
nettle_cipher_func
*
)
aes256_encrypt
,
nlength
,
nonce
,
alength
,
adata
,
tlength
,
c
length
,
dst
,
src
);
tlength
,
m
length
,
dst
,
src
);
}
ccm.c
View file @
91d0c1b5
...
...
@@ -250,14 +250,13 @@ int
ccm_decrypt_message
(
const
void
*
cipher
,
nettle_cipher_func
*
f
,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
{
struct
ccm_ctx
ctx
;
uint8_t
tag
[
CCM_BLOCK_SIZE
];
assert
(
clength
>=
tlength
);
ccm_set_nonce
(
&
ctx
,
cipher
,
f
,
nlength
,
nonce
,
alength
,
clength
-
tlength
,
tlength
);
ccm_set_nonce
(
&
ctx
,
cipher
,
f
,
nlength
,
nonce
,
alength
,
mlength
,
tlength
);
ccm_update
(
&
ctx
,
cipher
,
f
,
alength
,
adata
);
ccm_decrypt
(
&
ctx
,
cipher
,
f
,
clength
-
t
length
,
dst
,
src
);
ccm_decrypt
(
&
ctx
,
cipher
,
f
,
m
length
,
dst
,
src
);
ccm_digest
(
&
ctx
,
cipher
,
f
,
tlength
,
tag
);
return
(
memcmp
(
tag
,
src
+
(
clength
-
t
length
)
,
tlength
)
==
0
);
return
(
memcmp
(
tag
,
src
+
m
length
,
tlength
)
==
0
);
}
ccm.h
View file @
91d0c1b5
...
...
@@ -150,7 +150,7 @@ ccm_decrypt_message(const void *cipher, nettle_cipher_func *f,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
/* CCM Mode with AES-128 */
struct
ccm_aes128_ctx
{
...
...
@@ -194,7 +194,7 @@ ccm_aes128_decrypt_message(struct ccm_aes128_ctx *ctx,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
struct
ccm_aes192_ctx
{
struct
ccm_ctx
ccm
;
...
...
@@ -238,7 +238,7 @@ ccm_aes192_decrypt_message(struct ccm_aes192_ctx *ctx,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
/* CCM Mode with AES-256 */
struct
ccm_aes256_ctx
{
...
...
@@ -282,7 +282,7 @@ ccm_aes256_decrypt_message(struct ccm_aes256_ctx *ctx,
size_t
nlength
,
const
uint8_t
*
nonce
,
size_t
alength
,
const
uint8_t
*
adata
,
size_t
tlength
,
size_t
c
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
size_t
m
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
);
#ifdef __cplusplus
}
...
...
testsuite/ccm-test.c
View file @
91d0c1b5
...
...
@@ -156,10 +156,12 @@ test_cipher_ccm(const struct nettle_cipher *cipher,
memset
(
de_digest
,
0
,
sizeof
(
de_digest
));
ccm_encrypt_message
(
ctx
,
cipher
->
encrypt
,
nonce
->
length
,
nonce
->
data
,
authdata
->
length
,
authdata
->
data
,
tlength
,
ciphertext
->
length
,
en_data
,
cleartext
->
data
);
authdata
->
length
,
authdata
->
data
,
tlength
,
ciphertext
->
length
,
en_data
,
cleartext
->
data
);
ret
=
ccm_decrypt_message
(
ctx
,
cipher
->
encrypt
,
nonce
->
length
,
nonce
->
data
,
authdata
->
length
,
authdata
->
data
,
tlength
,
ciphertext
->
length
,
de_data
,
ciphertext
->
data
);
authdata
->
length
,
authdata
->
data
,
tlength
,
cleartext
->
length
,
de_data
,
ciphertext
->
data
);
if
(
ret
!=
1
)
fprintf
(
stderr
,
"ccm_decrypt_message failed to validate message
\n
"
);
test_compare_results
(
"CCM_MSG"
,
authdata
,
...
...
@@ -169,13 +171,15 @@ test_cipher_ccm(const struct nettle_cipher *cipher,
if
(
tlength
)
{
en_data
[
0
]
^=
1
;
ret
=
ccm_decrypt_message
(
ctx
,
cipher
->
encrypt
,
nonce
->
length
,
nonce
->
data
,
authdata
->
length
,
authdata
->
data
,
tlength
,
ciphertext
->
length
,
de_data
,
en_data
);
authdata
->
length
,
authdata
->
data
,
tlength
,
cleartext
->
length
,
de_data
,
en_data
);
if
(
ret
!=
0
)
fprintf
(
stderr
,
"ccm_decrypt_message failed to detect corrupted message
\n
"
);
}
/* Ensure we can detect corrupted adata. */
if
(
tlength
&&
authdata
->
length
)
{
ret
=
ccm_decrypt_message
(
ctx
,
cipher
->
encrypt
,
nonce
->
length
,
nonce
->
data
,
authdata
->
length
-
1
,
authdata
->
data
,
tlength
,
ciphertext
->
length
,
de_data
,
ciphertext
->
data
);
authdata
->
length
-
1
,
authdata
->
data
,
tlength
,
cleartext
->
length
,
de_data
,
ciphertext
->
data
);
if
(
ret
!=
0
)
fprintf
(
stderr
,
"ccm_decrypt_message failed to detect corrupted message
\n
"
);
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment