Skip to content

Commit

Permalink
Merge pull request #335 from raycoll/libre_composite
Browse files Browse the repository at this point in the history
Use S2N_TLS12_AAD_LEN for composite ciphers
  • Loading branch information
colmmacc authored Nov 25, 2016
2 parents 0d5925b + 2200053 commit d1b672a
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 5 deletions.
6 changes: 3 additions & 3 deletions crypto/s2n_composite_cipher_aes_sha.c
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,8 @@ static uint8_t s2n_composite_cipher_aes256_sha_available(void)
static int s2n_composite_cipher_aes_sha_initial_hmac(struct s2n_session_key *key, uint8_t *sequence_number, uint8_t content_type,
uint16_t protocol_version, uint16_t payload_and_eiv_len, int *extra)
{
uint8_t ctrl_buf[EVP_AEAD_TLS1_AAD_LEN];
struct s2n_blob ctrl_blob = { .data = ctrl_buf, .size = EVP_AEAD_TLS1_AAD_LEN };
uint8_t ctrl_buf[S2N_TLS12_AAD_LEN];
struct s2n_blob ctrl_blob = { .data = ctrl_buf, .size = S2N_TLS12_AAD_LEN };
struct s2n_stuffer ctrl_stuffer;
GUARD(s2n_stuffer_init(&ctrl_stuffer, &ctrl_blob));

Expand All @@ -81,7 +81,7 @@ static int s2n_composite_cipher_aes_sha_initial_hmac(struct s2n_session_key *key
* See https://github.com/openssl/openssl/blob/master/crypto/evp/e_aes_cbc_hmac_sha1.c#L814
* and https://github.com/openssl/openssl/blob/4f0c475719defd7c051964ef9964cc6e5b3a63bf/ssl/record/ssl3_record.c#L743
*/
int ctrl_ret = EVP_CIPHER_CTX_ctrl(key->evp_cipher_ctx, EVP_CTRL_AEAD_TLS1_AAD, EVP_AEAD_TLS1_AAD_LEN, ctrl_buf);
int ctrl_ret = EVP_CIPHER_CTX_ctrl(key->evp_cipher_ctx, EVP_CTRL_AEAD_TLS1_AAD, S2N_TLS12_AAD_LEN, ctrl_buf);

if (ctrl_ret < 0) {
S2N_ERROR(S2N_ERR_INITIAL_HMAC);
Expand Down
5 changes: 3 additions & 2 deletions tls/s2n_crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,9 @@
#define S2N_SSL_FINISHED_LEN 36
#define S2N_TLS_MAX_IV_LEN 16

#define S2N_TLS_GCM_AAD_LEN 13
#define S2N_TLS_MAX_AAD_LEN S2N_TLS_GCM_AAD_LEN
/* From RFC 5246 6.2.3.3 */
#define S2N_TLS12_AAD_LEN 13
#define S2N_TLS_MAX_AAD_LEN S2N_TLS12_AAD_LEN
#define S2N_TLS_GCM_FIXED_IV_LEN 4
#define S2N_TLS_GCM_EXPLICIT_IV_LEN 8
#define S2N_TLS_GCM_IV_LEN (S2N_TLS_GCM_FIXED_IV_LEN + S2N_TLS_GCM_EXPLICIT_IV_LEN)
Expand Down

0 comments on commit d1b672a

Please sign in to comment.