diff options
Diffstat (limited to 'networking/tls.c')
-rw-r--r-- | networking/tls.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/networking/tls.c b/networking/tls.c index 38a965ad6..23622d76e 100644 --- a/networking/tls.c +++ b/networking/tls.c | |||
@@ -758,7 +758,7 @@ static void xwrite_encrypted_and_hmac_signed(tls_state_t *tls, unsigned size, un | |||
758 | /* Encrypt content+MAC+padding in place */ | 758 | /* Encrypt content+MAC+padding in place */ |
759 | //optimize key setup | 759 | //optimize key setup |
760 | aes_cbc_encrypt( | 760 | aes_cbc_encrypt( |
761 | tls->client_write_key, tls->key_size, /* selects 128/256 */ | 761 | &tls->aes_decrypt, /* selects 128/256 */ |
762 | buf - AES_BLOCK_SIZE, /* IV */ | 762 | buf - AES_BLOCK_SIZE, /* IV */ |
763 | buf, size, /* plaintext */ | 763 | buf, size, /* plaintext */ |
764 | buf /* ciphertext */ | 764 | buf /* ciphertext */ |
@@ -1061,7 +1061,7 @@ static int tls_xread_record(tls_state_t *tls, const char *expected) | |||
1061 | /* Decrypt content+MAC+padding, moving it over IV in the process */ | 1061 | /* Decrypt content+MAC+padding, moving it over IV in the process */ |
1062 | sz -= AES_BLOCK_SIZE; /* we will overwrite IV now */ | 1062 | sz -= AES_BLOCK_SIZE; /* we will overwrite IV now */ |
1063 | aes_cbc_decrypt( | 1063 | aes_cbc_decrypt( |
1064 | tls->server_write_key, tls->key_size, /* selects 128/256 */ | 1064 | &tls->aes_decrypt, /* selects 128/256 */ |
1065 | p, /* IV */ | 1065 | p, /* IV */ |
1066 | p + AES_BLOCK_SIZE, sz, /* ciphertext */ | 1066 | p + AES_BLOCK_SIZE, sz, /* ciphertext */ |
1067 | p /* plaintext */ | 1067 | p /* plaintext */ |
@@ -1934,8 +1934,14 @@ static void send_client_key_exchange(tls_state_t *tls) | |||
1934 | dump_hex("client_write_IV:%s\n", | 1934 | dump_hex("client_write_IV:%s\n", |
1935 | tls->client_write_IV, tls->IV_size | 1935 | tls->client_write_IV, tls->IV_size |
1936 | ); | 1936 | ); |
1937 | aesgcm_setkey(tls->H, &tls->aes_encrypt, tls->client_write_key, tls->key_size); | 1937 | |
1938 | aes_setkey(&tls->aes_decrypt, tls->server_write_key, tls->key_size); | 1938 | aes_setkey(&tls->aes_decrypt, tls->server_write_key, tls->key_size); |
1939 | aes_setkey(&tls->aes_encrypt, tls->client_write_key, tls->key_size); | ||
1940 | { | ||
1941 | uint8_t iv[AES_BLOCK_SIZE]; | ||
1942 | memset(iv, 0, AES_BLOCK_SIZE); | ||
1943 | aes_encrypt_one_block(&tls->aes_encrypt, iv, tls->H); | ||
1944 | } | ||
1939 | } | 1945 | } |
1940 | } | 1946 | } |
1941 | 1947 | ||