diff options
Diffstat (limited to 'networking/tls.c')
| -rw-r--r-- | networking/tls.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/networking/tls.c b/networking/tls.c index 1e0e0991c..1f8c21f8b 100644 --- a/networking/tls.c +++ b/networking/tls.c | |||
| @@ -343,6 +343,20 @@ void FAST_FUNC tls_get_random(void *buf, unsigned len) | |||
| 343 | xfunc_die(); | 343 | xfunc_die(); |
| 344 | } | 344 | } |
| 345 | 345 | ||
| 346 | static void xorbuf3(void *dst, const void *src1, const void *src2, unsigned count) | ||
| 347 | { | ||
| 348 | uint8_t *d = dst; | ||
| 349 | const uint8_t *s1 = src1; | ||
| 350 | const uint8_t* s2 = src2; | ||
| 351 | while (count--) | ||
| 352 | *d++ = *s1++ ^ *s2++; | ||
| 353 | } | ||
| 354 | |||
| 355 | void FAST_FUNC xorbuf(void *dst, const void *src, unsigned count) | ||
| 356 | { | ||
| 357 | xorbuf3(dst, dst, src, count); | ||
| 358 | } | ||
| 359 | |||
| 346 | /* Nondestructively see the current hash value */ | 360 | /* Nondestructively see the current hash value */ |
| 347 | static unsigned sha_peek(md5sha_ctx_t *ctx, void *buffer) | 361 | static unsigned sha_peek(md5sha_ctx_t *ctx, void *buffer) |
| 348 | { | 362 | { |
| @@ -941,7 +955,6 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size) | |||
| 941 | 955 | ||
| 942 | memcpy(nonce, tls->server_write_IV, 4); | 956 | memcpy(nonce, tls->server_write_IV, 4); |
| 943 | memcpy(nonce + 4, buf, 8); | 957 | memcpy(nonce + 4, buf, 8); |
| 944 | buf += 8; | ||
| 945 | 958 | ||
| 946 | cnt = 1; | 959 | cnt = 1; |
| 947 | remaining = size; | 960 | remaining = size; |
| @@ -952,12 +965,12 @@ static void tls_aesgcm_decrypt(tls_state_t *tls, uint8_t *buf, int size) | |||
| 952 | COUNTER(nonce) = htonl(cnt); /* yes, first cnt here is 2 (!) */ | 965 | COUNTER(nonce) = htonl(cnt); /* yes, first cnt here is 2 (!) */ |
| 953 | aes_encrypt_one_block(&tls->aes_decrypt, nonce, scratch); | 966 | aes_encrypt_one_block(&tls->aes_decrypt, nonce, scratch); |
| 954 | n = remaining > AES_BLOCK_SIZE ? AES_BLOCK_SIZE : remaining; | 967 | n = remaining > AES_BLOCK_SIZE ? AES_BLOCK_SIZE : remaining; |
| 955 | xorbuf(buf, scratch, n); | 968 | xorbuf3(buf, scratch, buf + 8, n); |
| 956 | buf += n; | 969 | buf += n; |
| 957 | remaining -= n; | 970 | remaining -= n; |
| 958 | } | 971 | } |
| 959 | 972 | ||
| 960 | //aesgcm_GHASH(tls->H, aad, tls->outbuf + OUTBUF_PFX, size, authtag); | 973 | //aesgcm_GHASH(tls->H, aad, tls->inbuf + RECHDR_LEN, size, authtag); |
| 961 | //COUNTER(nonce) = htonl(1); | 974 | //COUNTER(nonce) = htonl(1); |
| 962 | //aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch); | 975 | //aes_encrypt_one_block(&tls->aes_encrypt, nonce, scratch); |
| 963 | //xorbuf(authtag, scratch, sizeof(authtag)); | 976 | //xorbuf(authtag, scratch, sizeof(authtag)); |
| @@ -1046,7 +1059,6 @@ static int tls_xread_record(tls_state_t *tls, const char *expected) | |||
| 1046 | 1059 | ||
| 1047 | sz -= 8 + AES_BLOCK_SIZE; /* we will overwrite nonce, drop hash */ | 1060 | sz -= 8 + AES_BLOCK_SIZE; /* we will overwrite nonce, drop hash */ |
| 1048 | tls_aesgcm_decrypt(tls, p, sz); | 1061 | tls_aesgcm_decrypt(tls, p, sz); |
| 1049 | memmove(p, p + 8, sz); | ||
| 1050 | dbg("encrypted size:%u\n", sz); | 1062 | dbg("encrypted size:%u\n", sz); |
| 1051 | } else | 1063 | } else |
| 1052 | if (tls->min_encrypted_len_on_read > tls->MAC_size) { | 1064 | if (tls->min_encrypted_len_on_read > tls->MAC_size) { |