diff options
Diffstat (limited to 'lib/cipher.c')
-rw-r--r-- | lib/cipher.c | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/lib/cipher.c b/lib/cipher.c index b69a228db5..275c57a4e8 100644 --- a/lib/cipher.c +++ b/lib/cipher.c @@ -54,14 +54,14 @@ static int decrypt_packet(gnutls_session_t session, gnutls_datum_t * plain, content_type_t type, record_parameters_st * params, - const gnutls_uint64 * sequence); + uint64_t sequence); static int decrypt_packet_tls13(gnutls_session_t session, gnutls_datum_t * ciphertext, gnutls_datum_t * plain, content_type_t *type, record_parameters_st * params, - const gnutls_uint64 * sequence); + uint64_t sequence); static int encrypt_packet_tls13(gnutls_session_t session, @@ -138,7 +138,7 @@ _gnutls_decrypt(gnutls_session_t session, gnutls_datum_t *output, content_type_t *type, record_parameters_st *params, - const gnutls_uint64 *sequence) + uint64_t sequence) { int ret; const version_entry_st *vers = get_version(session); @@ -213,7 +213,7 @@ calc_enc_length_stream(gnutls_session_t session, int data_size, * and are not to be sent). Returns their size. */ int -_gnutls_make_preamble(const uint8_t * uint64_data, uint8_t type, unsigned int length, +_gnutls_make_preamble(uint64_t uint64_data, uint8_t type, unsigned int length, const version_entry_st * ver, uint8_t preamble[MAX_PREAMBLE_SIZE]) { uint8_t *p = preamble; @@ -221,7 +221,7 @@ _gnutls_make_preamble(const uint8_t * uint64_data, uint8_t type, unsigned int le c_length = _gnutls_conv_uint16(length); - memcpy(p, uint64_data, 8); + _gnutls_write_uint64(uint64_data, p); p += 8; *p = type; p++; @@ -345,9 +345,7 @@ encrypt_packet(gnutls_session_t session, */ memcpy(nonce, params->write.iv, params->write.iv_size); - memcpy(&nonce[imp_iv_size], - UINT64DATA(params->write.sequence_number), - 8); + _gnutls_write_uint64(params->write.sequence_number, &nonce[imp_iv_size]); memcpy(data_ptr, &nonce[imp_iv_size], exp_iv_size); @@ -359,8 +357,7 @@ encrypt_packet(gnutls_session_t session, return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); memset(nonce, 0, 4); - memcpy(&nonce[4], - UINT64DATA(params->write.sequence_number), 8); + _gnutls_write_uint64(params->write.sequence_number, &nonce[4]); memxor(nonce, params->write.iv, 12); } @@ -372,7 +369,7 @@ encrypt_packet(gnutls_session_t session, ret = plain->size; preamble_size = - _gnutls_make_preamble(UINT64DATA(params->write.sequence_number), + _gnutls_make_preamble(params->write.sequence_number, type, ret, ver, preamble); if (algo_type == CIPHER_BLOCK || algo_type == CIPHER_STREAM) { @@ -453,8 +450,9 @@ encrypt_packet_tls13(gnutls_session_t session, if (unlikely(iv_size < 8)) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - memcpy(nonce, params->write.iv, iv_size); - memxor(&nonce[iv_size-8], UINT64DATA(params->write.sequence_number), 8); + memset(nonce, 0, iv_size - 8); + _gnutls_write_uint64(params->write.sequence_number, &nonce[iv_size-8]); + memxor(nonce, params->write.iv, iv_size); max = MAX_RECORD_SEND_SIZE(session); @@ -526,7 +524,7 @@ decrypt_packet(gnutls_session_t session, gnutls_datum_t * ciphertext, gnutls_datum_t * plain, content_type_t type, record_parameters_st * params, - const gnutls_uint64 * sequence) + uint64_t sequence) { uint8_t tag[MAX_HASH_SIZE]; uint8_t nonce[MAX_CIPHER_IV_SIZE]; @@ -560,7 +558,7 @@ decrypt_packet(gnutls_session_t session, if (unlikely(ciphertext->size < tag_size)) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); - preamble_size = _gnutls_make_preamble(UINT64DATA(*sequence), + preamble_size = _gnutls_make_preamble(sequence, type, ciphertext->size-tag_size, ver, preamble); @@ -622,7 +620,7 @@ decrypt_packet(gnutls_session_t session, return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED); memset(nonce, 0, 4); - memcpy(&nonce[4], UINT64DATA(*sequence), 8); + _gnutls_write_uint64(sequence, &nonce[4]); memxor(nonce, params->read.iv, 12); } @@ -636,7 +634,7 @@ decrypt_packet(gnutls_session_t session, * MAC. */ preamble_size = - _gnutls_make_preamble(UINT64DATA(*sequence), type, + _gnutls_make_preamble(sequence, type, length, ver, preamble); @@ -676,7 +674,7 @@ decrypt_packet(gnutls_session_t session, * MAC. */ preamble_size = - _gnutls_make_preamble(UINT64DATA(*sequence), type, + _gnutls_make_preamble(sequence, type, length, ver, preamble); ret = @@ -808,7 +806,7 @@ decrypt_packet_tls13(gnutls_session_t session, gnutls_datum_t *ciphertext, gnutls_datum_t *plain, content_type_t *type, record_parameters_st *params, - const gnutls_uint64 *sequence) + uint64_t sequence) { uint8_t nonce[MAX_CIPHER_IV_SIZE]; size_t length, length_to_decrypt; @@ -844,8 +842,9 @@ decrypt_packet_tls13(gnutls_session_t session, if (unlikely(params->read.iv_size != iv_size || iv_size < 8)) return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED); - memcpy(nonce, params->read.iv, params->read.iv_size); - memxor(&nonce[iv_size-8], UINT64DATA(*sequence), 8); + memset(nonce, 0, iv_size - 8); + _gnutls_write_uint64(sequence, &nonce[iv_size-8]); + memxor(nonce, params->read.iv, params->read.iv_size); length = ciphertext->size - tag_size; |