encrypt_packet_tls13: reverted to original API

That allows more uniformity across encrypt/decrypt, and
across different protocol handling.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 23 insertions, 23 deletions

diff --git a/lib/cipher.c b/lib/cipher.c
index 8203ec8fc3..949e830e63 100644
--- a/lib/cipher.c
+++ b/lib/cipher.c
@@ -65,13 +65,12 @@ decrypt_packet_tls13(gnutls_session_t session,
 
 static int
 encrypt_packet_tls13(gnutls_session_t session,
-		     mbuffer_st *bufel,
+		     uint8_t *cipher_data, size_t cipher_size,
 		     gnutls_datum_t *plain,
 		     size_t min_pad,
 		     content_type_t type,
 		     record_parameters_st *params);
 
-
 /* returns ciphertext which contains the headers too. This also
  * calculates the size in the header field.
  * 
@@ -94,7 +93,9 @@ _gnutls_encrypt(gnutls_session_t session,
 		/* it fills the header, as it is included in the authenticated
 		 * data of the AEAD cipher. */
 		ret =
-		    encrypt_packet_tls13(session, bufel,
+		    encrypt_packet_tls13(session,
+					 _mbuffer_get_udata_ptr(bufel),
+					 _mbuffer_get_udata_size(bufel),
 					 &plaintext, min_pad, type,
 					 params);
 		if (ret < 0)
@@ -109,16 +110,17 @@ _gnutls_encrypt(gnutls_session_t session,
 		if (ret < 0)
 			return gnutls_assert_val(ret);
 
-		if (IS_DTLS(session))
-			_gnutls_write_uint16(ret,
-					     ((uint8_t *)
-					      _mbuffer_get_uhead_ptr(bufel)) + 11);
-		else
-			_gnutls_write_uint16(ret,
-					     ((uint8_t *)
-					      _mbuffer_get_uhead_ptr(bufel)) + 3);
 	}
 
+	if (IS_DTLS(session))
+		_gnutls_write_uint16(ret,
+				     ((uint8_t *)
+				      _mbuffer_get_uhead_ptr(bufel)) + 11);
+	else
+		_gnutls_write_uint16(ret,
+				     ((uint8_t *)
+				      _mbuffer_get_uhead_ptr(bufel)) + 3);
+
 	_mbuffer_set_udata_size(bufel, ret);
 	_mbuffer_set_uhead_size(bufel, 0);
 
@@ -417,7 +419,7 @@ encrypt_packet(gnutls_session_t session,
 
 static int
 encrypt_packet_tls13(gnutls_session_t session,
-		     mbuffer_st *bciphertext,
+		     uint8_t *cipher_data, size_t cipher_size,
 		     gnutls_datum_t *plain,
 		     size_t min_pad,
 		     content_type_t type,
@@ -430,10 +432,7 @@ encrypt_packet_tls13(gnutls_session_t session,
 	unsigned iv_size = 0;
 	uint8_t *fdata;
 	ssize_t fdata_size, max;
-	uint8_t *cipher_data = _mbuffer_get_udata_ptr(bciphertext);
-	size_t cipher_size = _mbuffer_get_udata_size(bciphertext);
-	uint8_t *header = _mbuffer_get_uhead_ptr(bciphertext);
-	size_t header_size = _mbuffer_get_uhead_size(bciphertext);
+	uint8_t aad[5];
 
 	if (unlikely(ver == NULL))
 		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
@@ -449,7 +448,6 @@ encrypt_packet_tls13(gnutls_session_t session,
 		if (cipher_size < plain->size+1)
 			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 		memcpy(cipher_data, plain->data, plain->size);
-		_gnutls_write_uint16(plain->size, header+3);
 		return plain->size;
 	}
 
@@ -479,13 +477,15 @@ encrypt_packet_tls13(gnutls_session_t session,
 	if (min_pad)
 		memset(&fdata[plain->size+1], 0, min_pad);
 
-	/* we need to write size to header prior to encryption, as
-	 * size is in authenticated data of AEAD cipher. */
-	_gnutls_write_uint16(fdata_size+tag_size, header+3);
+	/* create authenticated data header */
+	aad[0] = GNUTLS_APPLICATION_DATA;
+	aad[1] = 0x03;
+	aad[2] = 0x03;
+	_gnutls_write_uint16(fdata_size+tag_size, &aad[3]);
 
 	ret = gnutls_aead_cipher_encrypt(&params->write.ctx.aead,
 					 nonce, iv_size,
-					 header, header_size,
+					 aad, sizeof(aad),
 					 tag_size,
 					 fdata, fdata_size,
 					 cipher_data, &cipher_size);
@@ -934,14 +934,14 @@ decrypt_packet_tls13(gnutls_session_t session,
 		    gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
 	}
 
-	aad[0] = *type;
+	aad[0] = GNUTLS_APPLICATION_DATA;
 	aad[1] = 0x03;
 	aad[2] = 0x03;
 	_gnutls_write_uint16(ciphertext->size, &aad[3]);
 
 	ret = gnutls_aead_cipher_decrypt(&params->read.ctx.aead,
 					 nonce, iv_size,
-					 aad, 5,
+					 aad, sizeof(aad),
 					 tag_size,
 					 ciphertext->data, length_to_decrypt,
 					 plain->data, &length);