Follow-ups from recent patch train.
Comment fixups and a mismerge in aead_test. Also some buffer was larger than needed. Change-Id: I0e158089f42801575833684912f9edb206f61007 Reviewed-on: https://boringssl-review.googlesource.com/2870 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
parent
f0eb169829
commit
7f1d5d5932
@ -157,15 +157,6 @@ static int run_test_case(const EVP_AEAD *aead,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* The "stateful" AEADs for implementing pre-AEAD cipher suites need to be
|
|
||||||
* reset after each operation. */
|
|
||||||
EVP_AEAD_CTX_cleanup(&ctx);
|
|
||||||
if (!EVP_AEAD_CTX_init(&ctx, aead, bufs[KEY], lengths[KEY], lengths[TAG],
|
|
||||||
NULL)) {
|
|
||||||
fprintf(stderr, "Failed to init AEAD on line %u\n", line_no);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Garbage at the end isn't ignored. */
|
/* Garbage at the end isn't ignored. */
|
||||||
out[ciphertext_len] = 0;
|
out[ciphertext_len] = 0;
|
||||||
if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, ciphertext_len + 1,
|
if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, ciphertext_len + 1,
|
||||||
@ -176,6 +167,15 @@ static int run_test_case(const EVP_AEAD *aead,
|
|||||||
}
|
}
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
|
|
||||||
|
/* The "stateful" AEADs for implementing pre-AEAD cipher suites need to be
|
||||||
|
* reset after each operation. */
|
||||||
|
EVP_AEAD_CTX_cleanup(&ctx);
|
||||||
|
if (!EVP_AEAD_CTX_init(&ctx, aead, bufs[KEY], lengths[KEY], lengths[TAG],
|
||||||
|
NULL)) {
|
||||||
|
fprintf(stderr, "Failed to init AEAD on line %u\n", line_no);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
/* Verify integrity is checked. */
|
/* Verify integrity is checked. */
|
||||||
out[0] ^= 0x80;
|
out[0] ^= 0x80;
|
||||||
if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, ciphertext_len, bufs[NONCE],
|
if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, ciphertext_len, bufs[NONCE],
|
||||||
|
@ -58,7 +58,7 @@ static int ssl3_mac(AEAD_SSL3_CTX *ssl3_ctx, uint8_t *out, unsigned *out_len,
|
|||||||
EVP_MD_CTX md_ctx;
|
EVP_MD_CTX md_ctx;
|
||||||
EVP_MD_CTX_init(&md_ctx);
|
EVP_MD_CTX_init(&md_ctx);
|
||||||
|
|
||||||
uint8_t pad[EVP_MAX_MD_SIZE];
|
uint8_t pad[48];
|
||||||
uint8_t tmp[EVP_MAX_MD_SIZE];
|
uint8_t tmp[EVP_MAX_MD_SIZE];
|
||||||
memset(pad, 0x36, pad_len);
|
memset(pad, 0x36, pad_len);
|
||||||
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
|
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
|
||||||
@ -192,7 +192,7 @@ static int aead_ssl3_seal(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ad_len != 11 - 2) {
|
if (ad_len != 11 - 2 /* length bytes */) {
|
||||||
OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_AD_SIZE);
|
OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_AD_SIZE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -275,7 +275,7 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ad_len != 11 - 2) {
|
if (ad_len != 11 - 2 /* length bytes */) {
|
||||||
OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_AD_SIZE);
|
OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_AD_SIZE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -164,7 +164,7 @@ static int aead_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ad_len != 13 - 2) {
|
if (ad_len != 13 - 2 /* length bytes */) {
|
||||||
OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_AD_SIZE);
|
OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_AD_SIZE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -266,7 +266,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ad_len != 13 - 2) {
|
if (ad_len != 13 - 2 /* length bytes */) {
|
||||||
OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_AD_SIZE);
|
OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_AD_SIZE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -165,7 +165,7 @@ int EVP_tls_cbc_record_digest_supported(const EVP_MD *md);
|
|||||||
* record.
|
* record.
|
||||||
*
|
*
|
||||||
* md: the hash function used in the HMAC.
|
* md: the hash function used in the HMAC.
|
||||||
* tls_cbc_record_digest_supported must return true for this hash.
|
* EVP_tls_cbc_record_digest_supported must return true for this hash.
|
||||||
* md_out: the digest output. At most EVP_MAX_MD_SIZE bytes will be written.
|
* md_out: the digest output. At most EVP_MAX_MD_SIZE bytes will be written.
|
||||||
* md_out_size: the number of output bytes is written here.
|
* md_out_size: the number of output bytes is written here.
|
||||||
* header: the 13-byte, TLS record header.
|
* header: the 13-byte, TLS record header.
|
||||||
|
Loading…
Reference in New Issue
Block a user