From 91d0c1b519a29bc29b6d71396e467fb975ad3bd7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Fri, 25 Apr 2014 20:44:58 +0200
Subject: [PATCH] ccm_decrypt_message: length argument is cleartext (dst)
length
Also updated related functions.
---
ChangeLog | 11 +++++++++++
ccm-aes128.c | 4 ++--
ccm-aes192.c | 4 ++--
ccm-aes256.c | 4 ++--
ccm.c | 9 ++++-----
ccm.h | 8 ++++----
testsuite/ccm-test.c | 12 ++++++++----
7 files changed, 33 insertions(+), 19 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 12ddbc70..2a43a3cb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2014-04-25 Niels Möller <nisse@lysator.liu.se>
+
+ * testsuite/ccm-test.c (test_cipher_ccm): And tests.
+
+ * ccm.c (ccm_decrypt_message): Change length argument, should now
+ be clear text (dst) length.
+ * ccm-aes128.c (ccm_aes128_decrypt_message): Likewise.
+ * ccm-aes192.c (ccm_aes192_decrypt_message): Likewise.
+ * ccm-aes256.c (ccm_aes256_decrypt_message): Likewise.
+ * ccm.h: Updated prototypes.
+
2014-04-22 Niels Möller <nisse@lysator.liu.se>
* nettle.texinfo (Recommended hash functions): Document additional
diff --git a/ccm-aes128.c b/ccm-aes128.c
index c47249ea..74ae51f4 100644
--- a/ccm-aes128.c
+++ b/ccm-aes128.c
@@ -105,10 +105,10 @@ ccm_aes128_decrypt_message(struct ccm_aes128_ctx *ctx,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src)
+ size_t mlength, uint8_t *dst, const uint8_t *src)
{
return ccm_decrypt_message(&ctx->cipher,
(nettle_cipher_func *) aes128_encrypt,
nlength, nonce, alength, adata,
- tlength, clength, dst, src);
+ tlength, mlength, dst, src);
}
diff --git a/ccm-aes192.c b/ccm-aes192.c
index 01d406a0..6b6ebed9 100644
--- a/ccm-aes192.c
+++ b/ccm-aes192.c
@@ -105,10 +105,10 @@ ccm_aes192_decrypt_message(struct ccm_aes192_ctx *ctx,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src)
+ size_t mlength, uint8_t *dst, const uint8_t *src)
{
return ccm_decrypt_message(&ctx->cipher,
(nettle_cipher_func *) aes192_encrypt,
nlength, nonce, alength, adata,
- tlength, clength, dst, src);
+ tlength, mlength, dst, src);
}
diff --git a/ccm-aes256.c b/ccm-aes256.c
index 9a58ceab..211c411b 100644
--- a/ccm-aes256.c
+++ b/ccm-aes256.c
@@ -106,9 +106,9 @@ ccm_aes256_decrypt_message(struct ccm_aes256_ctx *ctx,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src)
+ size_t mlength, uint8_t *dst, const uint8_t *src)
{
return ccm_decrypt_message(&ctx->cipher, (nettle_cipher_func *) aes256_encrypt,
nlength, nonce, alength, adata,
- tlength, clength, dst, src);
+ tlength, mlength, dst, src);
}
diff --git a/ccm.c b/ccm.c
index 49655914..00f3f26e 100644
--- a/ccm.c
+++ b/ccm.c
@@ -250,14 +250,13 @@ int
ccm_decrypt_message(const void *cipher, nettle_cipher_func *f,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata, size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src)
+ size_t mlength, uint8_t *dst, const uint8_t *src)
{
struct ccm_ctx ctx;
uint8_t tag[CCM_BLOCK_SIZE];
- assert(clength >= tlength);
- ccm_set_nonce(&ctx, cipher, f, nlength, nonce, alength, clength-tlength, tlength);
+ ccm_set_nonce(&ctx, cipher, f, nlength, nonce, alength, mlength, tlength);
ccm_update(&ctx, cipher, f, alength, adata);
- ccm_decrypt(&ctx, cipher, f, clength-tlength, dst, src);
+ ccm_decrypt(&ctx, cipher, f, mlength, dst, src);
ccm_digest(&ctx, cipher, f, tlength, tag);
- return (memcmp(tag, src + (clength-tlength), tlength) == 0);
+ return (memcmp(tag, src + mlength, tlength) == 0);
}
diff --git a/ccm.h b/ccm.h
index b215360d..9827e45d 100644
--- a/ccm.h
+++ b/ccm.h
@@ -150,7 +150,7 @@ ccm_decrypt_message(const void *cipher, nettle_cipher_func *f,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src);
+ size_t mlength, uint8_t *dst, const uint8_t *src);
/* CCM Mode with AES-128 */
struct ccm_aes128_ctx {
@@ -194,7 +194,7 @@ ccm_aes128_decrypt_message(struct ccm_aes128_ctx *ctx,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src);
+ size_t mlength, uint8_t *dst, const uint8_t *src);
struct ccm_aes192_ctx {
struct ccm_ctx ccm;
@@ -238,7 +238,7 @@ ccm_aes192_decrypt_message(struct ccm_aes192_ctx *ctx,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src);
+ size_t mlength, uint8_t *dst, const uint8_t *src);
/* CCM Mode with AES-256 */
struct ccm_aes256_ctx {
@@ -282,7 +282,7 @@ ccm_aes256_decrypt_message(struct ccm_aes256_ctx *ctx,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src);
+ size_t mlength, uint8_t *dst, const uint8_t *src);
#ifdef __cplusplus
}
diff --git a/testsuite/ccm-test.c b/testsuite/ccm-test.c
index 9a7161b9..4176cc7f 100644
--- a/testsuite/ccm-test.c
+++ b/testsuite/ccm-test.c
@@ -156,10 +156,12 @@ test_cipher_ccm(const struct nettle_cipher *cipher,
memset(de_digest, 0, sizeof(de_digest));
ccm_encrypt_message(ctx, cipher->encrypt, nonce->length, nonce->data,
- authdata->length, authdata->data, tlength, ciphertext->length, en_data, cleartext->data);
+ authdata->length, authdata->data, tlength,
+ ciphertext->length, en_data, cleartext->data);
ret = ccm_decrypt_message(ctx, cipher->encrypt, nonce->length, nonce->data,
- authdata->length, authdata->data, tlength, ciphertext->length, de_data, ciphertext->data);
+ authdata->length, authdata->data, tlength,
+ cleartext->length, de_data, ciphertext->data);
if (ret != 1) fprintf(stderr, "ccm_decrypt_message failed to validate message\n");
test_compare_results("CCM_MSG", authdata,
@@ -169,13 +171,15 @@ test_cipher_ccm(const struct nettle_cipher *cipher,
if (tlength) {
en_data[0] ^= 1;
ret = ccm_decrypt_message(ctx, cipher->encrypt, nonce->length, nonce->data,
- authdata->length, authdata->data, tlength, ciphertext->length, de_data, en_data);
+ authdata->length, authdata->data, tlength,
+ cleartext->length, de_data, en_data);
if (ret != 0) fprintf(stderr, "ccm_decrypt_message failed to detect corrupted message\n");
}
/* Ensure we can detect corrupted adata. */
if (tlength && authdata->length) {
ret = ccm_decrypt_message(ctx, cipher->encrypt, nonce->length, nonce->data,
- authdata->length-1, authdata->data, tlength, ciphertext->length, de_data, ciphertext->data);
+ authdata->length-1, authdata->data, tlength,
+ cleartext->length, de_data, ciphertext->data);
if (ret != 0) fprintf(stderr, "ccm_decrypt_message failed to detect corrupted message\n");
}
}
--
GitLab