diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-03-17 12:16:28 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-03-17 12:16:28 +0100 |
commit | 32806fd74c926b5886d405d7875d18b9700905fc (patch) | |
tree | d182657f35906ba5d3d05a794d03c0e19cd88e39 /lib/gnutls_cipher.c | |
parent | 9ff1a5fc7a35266550f78020b6bbe721c5cfe5c1 (diff) | |
download | gnutls-32806fd74c926b5886d405d7875d18b9700905fc.tar.gz |
Added salsa20 cipher, and ciphersuites.
Diffstat (limited to 'lib/gnutls_cipher.c')
-rw-r--r-- | lib/gnutls_cipher.c | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index 1a70a10023..8531a4c7b0 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -323,7 +323,9 @@ compressed_to_ciphertext (gnutls_session_t session, int explicit_iv = _gnutls_version_has_explicit_iv (session->security_parameters.version); int auth_cipher = _gnutls_auth_cipher_is_aead(¶ms->write.cipher_state); uint8_t nonce[MAX_CIPHER_BLOCK_SIZE]; + unsigned iv_size; + iv_size = gnutls_cipher_get_iv_size(params->cipher_algorithm); _gnutls_hard_log("ENC[%p]: cipher: %s, MAC: %s, Epoch: %u\n", session, gnutls_cipher_get_name(params->cipher_algorithm), gnutls_mac_get_name(params->mac_algorithm), @@ -349,9 +351,12 @@ compressed_to_ciphertext (gnutls_session_t session, auth_cipher, blocksize); } else - length_to_encrypt = length = - calc_enc_length_stream (session, compressed->size, tag_size, - auth_cipher); + { + length_to_encrypt = length = + calc_enc_length_stream (session, compressed->size, tag_size, + auth_cipher); + } + if (length < 0) { return gnutls_assert_val(length); @@ -403,12 +408,17 @@ compressed_to_ciphertext (gnutls_session_t session, */ length_to_encrypt -= AEAD_EXPLICIT_DATA_SIZE + tag_size; } + else if (iv_size > 0) + _gnutls_auth_cipher_setiv(¶ms->write.cipher_state, UINT64DATA(params->write.sequence_number), 8); } else { /* AEAD ciphers have an explicit IV. Shouldn't be used otherwise. */ - if (auth_cipher) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + if (auth_cipher) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + else if (iv_size > 0) + _gnutls_auth_cipher_setiv(¶ms->write.cipher_state, UINT64DATA(params->write.sequence_number), 8); } memcpy (data_ptr, compressed->data, compressed->size); @@ -646,10 +656,11 @@ ciphertext_to_compressed (gnutls_session_t session, unsigned int ver = gnutls_protocol_get_version (session); unsigned int tag_size = _gnutls_auth_cipher_tag_len (¶ms->read.cipher_state); unsigned int explicit_iv = _gnutls_version_has_explicit_iv (session->security_parameters.version); - + unsigned iv_size; + + iv_size = gnutls_cipher_get_iv_size(params->cipher_algorithm); blocksize = gnutls_cipher_get_block_size (params->cipher_algorithm); - /* actual decryption (inplace) */ switch (_gnutls_cipher_is_block (params->cipher_algorithm)) @@ -679,6 +690,11 @@ ciphertext_to_compressed (gnutls_session_t session, length_to_decrypt = ciphertext->size - tag_size; } + else if (iv_size > 0) + { /* a stream cipher with explicit IV */ + _gnutls_auth_cipher_setiv(¶ms->read.cipher_state, UINT64DATA(*sequence), 8); + length_to_decrypt = ciphertext->size; + } else { if (ciphertext->size < tag_size) |