From 6606d600545b28dbcfb391f3c5adf03dd6ad0ca7 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 29 Nov 2016 23:27:27 +0000 Subject: [PATCH] Fix some style issues in the TLSv1.3 nonce construction code Reviewed-by: Rich Salz --- engines/e_ossltest.c | 9 +++------ ssl/record/ssl3_record_tls13.c | 2 +- test/tls13encryptiontest.c | 21 ++++++++++++--------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c index 32d3118e70..3c9f08c8ef 100644 --- a/engines/e_ossltest.c +++ b/engines/e_ossltest.c @@ -619,6 +619,7 @@ int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, { unsigned char *tmpbuf = OPENSSL_malloc(inl); + /* OPENSSL_malloc will return NULL if inl == 0 */ if (tmpbuf == NULL && inl > 0) return -1; @@ -628,9 +629,7 @@ int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, /* Go through the motions of encrypting it */ EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_gcm())(ctx, out, in, inl); - /* - * Throw it all away and just use the plaintext as the output - */ + /* Throw it all away and just use the plaintext as the output */ memcpy(out, tmpbuf, inl); OPENSSL_free(tmpbuf); @@ -640,10 +639,8 @@ int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { - int ret; - /* Pass the ctrl down */ - ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_gcm())(ctx, type, arg, ptr); + int ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_gcm())(ctx, type, arg, ptr); if (ret <= 0) return ret; diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c index 48d52700d4..44c08b014b 100644 --- a/ssl/record/ssl3_record_tls13.c +++ b/ssl/record/ssl3_record_tls13.c @@ -80,7 +80,7 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send) for (loop = 0; loop < SEQ_NUM_SIZE; loop++) iv[offset + loop] = staticiv[offset + loop] ^ seq[loop]; - /* TODO(size_t): lenu/lenf should be a size_t but EVP can't support it */ + /* TODO(size_t): lenu/lenf should be a size_t but EVP doesn't support it */ if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, send) <= 0 || EVP_CipherUpdate(ctx, rec->data, &lenu, rec->input, (unsigned int)rec->length) <= 0 diff --git a/test/tls13encryptiontest.c b/test/tls13encryptiontest.c index 0e38bdad4a..b81a1ad701 100644 --- a/test/tls13encryptiontest.c +++ b/test/tls13encryptiontest.c @@ -15,6 +15,11 @@ #include "testutil.h" #include "test_main.h" +/* + * Based on the test vectors provided in: + * https://www.ietf.org/id/draft-thomson-tls-tls13-vectors-01.txt + */ + struct record_data { const char *plaintext; const char *ciphertext; @@ -130,7 +135,7 @@ struct record_data { static int load_record(SSL3_RECORD *rec, size_t recnum, unsigned char **key, unsigned char *iv, size_t ivlen, unsigned char *seq) { - unsigned char *pt = NULL, *sq = NULL, *ivtmp = NULL;; + unsigned char *pt = NULL, *sq = NULL, *ivtmp = NULL; long ptlen; *key = OPENSSL_hexstr2buf(refdata[recnum].key, NULL); @@ -199,6 +204,7 @@ static int test_record(SSL3_RECORD *rec, size_t recnum, int enc) OPENSSL_free(refd); return ret; } + static int test_tls13_encryption(void) { SSL_CTX *ctx = NULL; @@ -231,21 +237,20 @@ static int test_tls13_encryption(void) } for (ctr = 0; ctr < OSSL_NELEM(refdata); ctr++) { - /* - * Load the record, set up the read/write sequences and load the key into - * the EVP_CIPHER_CTXs - */ + /* Load the record */ ivlen = EVP_CIPHER_iv_length(ciph); if (!load_record(&rec, ctr, &key, s->read_iv, ivlen, RECORD_LAYER_get_read_sequence(&s->rlayer))) { fprintf(stderr, "Failed loading key into EVP_CIPHER_CTX\n"); goto err; - } + } + /* Set up the read/write sequences */ memcpy(RECORD_LAYER_get_write_sequence(&s->rlayer), RECORD_LAYER_get_read_sequence(&s->rlayer), SEQ_NUM_SIZE); memcpy(s->write_iv, s->read_iv, ivlen); + /* Load the key into the EVP_CIPHER_CTXs */ if (EVP_CipherInit_ex(s->enc_write_ctx, ciph, NULL, key, NULL, 1) <= 0 || EVP_CipherInit_ex(s->enc_read_ctx, ciph, NULL, key, NULL, 0) <= 0) { @@ -258,7 +263,6 @@ static int test_tls13_encryption(void) fprintf(stderr, "Failed to encrypt record\n"); goto err; } - if (!test_record(&rec, ctr, 1)) { fprintf(stderr, "Record encryption test failed\n"); goto err; @@ -269,7 +273,6 @@ static int test_tls13_encryption(void) fprintf(stderr, "Failed to decrypt record\n"); goto err; } - if (!test_record(&rec, ctr, 0)) { fprintf(stderr, "Record decryption test failed\n"); goto err; @@ -287,6 +290,7 @@ static int test_tls13_encryption(void) fprintf(stderr, "PASS: %"OSSLzu" records tested\n", ctr); ret = 1; + err: OPENSSL_free(rec.data); OPENSSL_free(key); @@ -294,7 +298,6 @@ static int test_tls13_encryption(void) OPENSSL_free(seq); SSL_free(s); SSL_CTX_free(ctx); - return ret; } -- 2.25.1