From: Dr. Stephen Henson Date: Mon, 6 Feb 2017 19:25:34 +0000 (+0000) Subject: Use contants for Chacha/Poly, redo algorithm expressions. X-Git-Tag: OpenSSL_1_1_1-pre1~2462 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=20fc2051d2f8ec678b62d5f5c9d799ce51368120;p=oweals%2Fopenssl.git Use contants for Chacha/Poly, redo algorithm expressions. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/2550) --- diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 237a2b2dad..f34f30ecf7 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -374,6 +374,9 @@ typedef struct { /* Length of CCM8 tag for TLS */ # define EVP_CCM8_TLS_TAG_LEN 8 +/* Length of tag for TLS */ +# define EVP_CHACHAPOLY_TLS_TAG_LEN 16 + typedef struct evp_cipher_info_st { const EVP_CIPHER *cipher; unsigned char iv[EVP_MAX_IV_LENGTH]; diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c index e3765ded93..9dc7075cc2 100644 --- a/ssl/record/ssl3_record_tls13.c +++ b/ssl/record/ssl3_record_tls13.c @@ -29,6 +29,7 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send) unsigned char *seq; int lenu, lenf; SSL3_RECORD *rec = &recs[0]; + uint32_t alg_enc = s->s3->tmp.new_cipher->algorithm_enc; if (n_recs != 1) { /* Should not happen */ @@ -53,17 +54,20 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send) } ivlen = EVP_CIPHER_CTX_iv_length(ctx); - if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CCM_MODE) { - if (s->s3->tmp.new_cipher->algorithm_enc - & (SSL_AES128CCM8 | SSL_AES256CCM8)) + if (alg_enc & SSL_AESCCM) { + if (alg_enc & (SSL_AES128CCM8 | SSL_AES256CCM8)) taglen = EVP_CCM8_TLS_TAG_LEN; else taglen = EVP_CCM_TLS_TAG_LEN; if (send && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, NULL) <= 0) return -1; - } else { + } else if (alg_enc & SSL_AESGCM) { taglen = EVP_GCM_TLS_TAG_LEN; + } else if (alg_enc & SSL_CHACHA20) { + taglen = EVP_CHACHAPOLY_TLS_TAG_LEN; + } else { + return -1; } if (!send) {