mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-13 15:40:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix iv_len interface.

Browse Source 
cipher_info->iv_size == 0 is no longer ambiguous, and
cipher_get_iv_size() always returns something useful to generate an IV.
This commit is contained in:
Manuel Pégourié-Gonnard 2013-09-03 13:25:52 +02:00
parent 9c853b910c
commit a235b5b5bd
5 changed files with 49 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
include/polarssl/cipher.h
View File

@ -185,10 +185,13 @@ typedef struct {
/** Name of the cipher */ /** Name of the cipher */
const char * name; const char * name;
/** IV/NONCE size, in bytes, for ciphers with fixed-length IVs), or /** IV/NONCE size, in bytes.
* 0 for ciphers with variable-length IVs or not using IVs */ * For cipher that accept many sizes: recommended size */
unsigned int iv_size; unsigned int iv_size;
/** Flag for ciphers that accept many sizes of IV/NONCE */
int accepts_variable_iv_size;
/** block size, in bytes */ /** block size, in bytes */
unsigned int block_size; unsigned int block_size;
@ -323,8 +326,8 @@ static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx
* *
* \param ctx cipher's context. Must have been initialised. * \param ctx cipher's context. Must have been initialised.
* *
* \return If IV has not been set yet: desired size for ciphers * \return If IV has not been set yet: (recommended) IV size
* with fixed-size IVs, 0 for other ciphers. * (0 for ciphers not using IV/NONCE).
* If IV has already been set: actual size. * If IV has already been set: actual size.
*/ */
static inline int cipher_get_iv_size( const cipher_context_t *ctx ) static inline int cipher_get_iv_size( const cipher_context_t *ctx )
@ -439,8 +442,8 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode );
* \brief Set the initialization vector (IV) or nonce * \brief Set the initialization vector (IV) or nonce
* *
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers) * \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV, * \param iv_len IV length for ciphers with variable-size IV;
* Discarded by ciphers with fixed-size IV. * discarded by ciphers with fixed-size IV.
* *
* \returns O on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA * \returns O on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA
* *

15
library/cipher.c
View File

@ -399,19 +399,18 @@ int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
int cipher_set_iv( cipher_context_t *ctx, int cipher_set_iv( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len ) const unsigned char *iv, size_t iv_len )
{ {
size_t fixed_iv_size; size_t actual_iv_size;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv ) if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
fixed_iv_size = cipher_get_iv_size( ctx ); if( ctx->cipher_info->accepts_variable_iv_size )
actual_iv_size = iv_len;
else
actual_iv_size = ctx->cipher_info->iv_size;
/* 0 means variable size (or no IV): use given len */ memcpy( ctx->iv, iv, actual_iv_size );
if( fixed_iv_size == 0 ) ctx->iv_size = actual_iv_size;
fixed_iv_size = iv_len;
memcpy( ctx->iv, iv, fixed_iv_size );
ctx->iv_size = fixed_iv_size;
return 0; return 0;
} }

32
library/cipher_wrap.c
View File

@ -150,6 +150,7 @@ const cipher_info_t aes_128_cbc_info = {
128, 128,
"AES-128-CBC", "AES-128-CBC",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -160,6 +161,7 @@ const cipher_info_t aes_192_cbc_info = {
192, 192,
"AES-192-CBC", "AES-192-CBC",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -170,6 +172,7 @@ const cipher_info_t aes_256_cbc_info = {
256, 256,
"AES-256-CBC", "AES-256-CBC",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -181,6 +184,7 @@ const cipher_info_t aes_128_cfb128_info = {
128, 128,
"AES-128-CFB128", "AES-128-CFB128",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -191,6 +195,7 @@ const cipher_info_t aes_192_cfb128_info = {
192, 192,
"AES-192-CFB128", "AES-192-CFB128",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -201,6 +206,7 @@ const cipher_info_t aes_256_cfb128_info = {
256, 256,
"AES-256-CFB128", "AES-256-CFB128",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -213,6 +219,7 @@ const cipher_info_t aes_128_ctr_info = {
128, 128,
"AES-128-CTR", "AES-128-CTR",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -223,6 +230,7 @@ const cipher_info_t aes_192_ctr_info = {
192, 192,
"AES-192-CTR", "AES-192-CTR",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -233,6 +241,7 @@ const cipher_info_t aes_256_ctr_info = {
256, 256,
"AES-256-CTR", "AES-256-CTR",
16, 16,
0,
16, 16,
&aes_info &aes_info
}; };
@ -271,7 +280,8 @@ const cipher_info_t aes_128_gcm_info = {
POLARSSL_MODE_GCM, POLARSSL_MODE_GCM,
128, 128,
"AES-128-GCM", "AES-128-GCM",
0, 12,
1,
16, 16,
&gcm_aes_info &gcm_aes_info
}; };
@ -281,7 +291,8 @@ const cipher_info_t aes_256_gcm_info = {
POLARSSL_MODE_GCM, POLARSSL_MODE_GCM,
256, 256,
"AES-256-GCM", "AES-256-GCM",
0, 12,
1,
16, 16,
&gcm_aes_info &gcm_aes_info
}; };
@ -373,6 +384,7 @@ const cipher_info_t camellia_128_cbc_info = {
128, 128,
"CAMELLIA-128-CBC", "CAMELLIA-128-CBC",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -383,6 +395,7 @@ const cipher_info_t camellia_192_cbc_info = {
192, 192,
"CAMELLIA-192-CBC", "CAMELLIA-192-CBC",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -393,6 +406,7 @@ const cipher_info_t camellia_256_cbc_info = {
256, 256,
"CAMELLIA-256-CBC", "CAMELLIA-256-CBC",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -404,6 +418,7 @@ const cipher_info_t camellia_128_cfb128_info = {
128, 128,
"CAMELLIA-128-CFB128", "CAMELLIA-128-CFB128",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -414,6 +429,7 @@ const cipher_info_t camellia_192_cfb128_info = {
192, 192,
"CAMELLIA-192-CFB128", "CAMELLIA-192-CFB128",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -424,6 +440,7 @@ const cipher_info_t camellia_256_cfb128_info = {
256, 256,
"CAMELLIA-256-CFB128", "CAMELLIA-256-CFB128",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -436,6 +453,7 @@ const cipher_info_t camellia_128_ctr_info = {
128, 128,
"CAMELLIA-128-CTR", "CAMELLIA-128-CTR",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -446,6 +464,7 @@ const cipher_info_t camellia_192_ctr_info = {
192, 192,
"CAMELLIA-192-CTR", "CAMELLIA-192-CTR",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -456,6 +475,7 @@ const cipher_info_t camellia_256_ctr_info = {
256, 256,
"CAMELLIA-256-CTR", "CAMELLIA-256-CTR",
16, 16,
0,
16, 16,
&camellia_info &camellia_info
}; };
@ -581,6 +601,7 @@ const cipher_info_t des_cbc_info = {
POLARSSL_KEY_LENGTH_DES, POLARSSL_KEY_LENGTH_DES,
"DES-CBC", "DES-CBC",
8, 8,
0,
8, 8,
&des_info &des_info
}; };
@ -603,6 +624,7 @@ const cipher_info_t des_ede_cbc_info = {
POLARSSL_KEY_LENGTH_DES_EDE, POLARSSL_KEY_LENGTH_DES_EDE,
"DES-EDE-CBC", "DES-EDE-CBC",
8, 8,
0,
8, 8,
&des_ede_info &des_ede_info
}; };
@ -625,6 +647,7 @@ const cipher_info_t des_ede3_cbc_info = {
POLARSSL_KEY_LENGTH_DES_EDE3, POLARSSL_KEY_LENGTH_DES_EDE3,
"DES-EDE3-CBC", "DES-EDE3-CBC",
8, 8,
0,
8, 8,
&des_ede3_info &des_ede3_info
}; };
@ -709,6 +732,7 @@ const cipher_info_t blowfish_cbc_info = {
128, 128,
"BLOWFISH-CBC", "BLOWFISH-CBC",
8, 8,
0,
8, 8,
&blowfish_info &blowfish_info
}; };
@ -720,6 +744,7 @@ const cipher_info_t blowfish_cfb64_info = {
128, 128,
"BLOWFISH-CFB64", "BLOWFISH-CFB64",
8, 8,
0,
8, 8,
&blowfish_info &blowfish_info
}; };
@ -732,6 +757,7 @@ const cipher_info_t blowfish_ctr_info = {
128, 128,
"BLOWFISH-CTR", "BLOWFISH-CTR",
8, 8,
0,
8, 8,
&blowfish_info &blowfish_info
}; };
@ -781,6 +807,7 @@ const cipher_info_t arc4_128_info = {
128, 128,
"ARC4-128", "ARC4-128",
0, 0,
0,
1, 1,
&arc4_base_info &arc4_base_info
}; };
@ -834,6 +861,7 @@ const cipher_info_t null_cipher_info = {
0, 0,
"NULL", "NULL",
0, 0,
0,
1, 1,
&null_base_info &null_base_info
}; };

4
library/pkcs12.c
View File

@ -184,10 +184,10 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode,
if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 ) if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 )
goto exit; goto exit;
if( ( ret = cipher_set_iv( &cipher_ctx, iv, 0 ) ) != 0 ) if( ( ret = cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )
goto exit; goto exit;
if( ( ret = cipher_reset( &cipher_ctx, iv, 0 ) ) != 0 ) if( ( ret = cipher_reset( &cipher_ctx, NULL, 0 ) ) != 0 )
goto exit; goto exit;
if( ( ret = cipher_update( &cipher_ctx, data, len, if( ( ret = cipher_update( &cipher_ctx, data, len,

2
library/pkcs5.c
View File

@ -187,7 +187,7 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 ) if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 )
goto exit; goto exit;
if( ( ret = cipher_set_iv( &cipher_ctx, iv, 0 ) ) != 0 ) if( ( ret = cipher_set_iv( &cipher_ctx, iv, enc_scheme_params.len ) ) != 0 )
goto exit; goto exit;
if( ( ret = cipher_reset( &cipher_ctx, NULL, 0 ) ) != 0 ) if( ( ret = cipher_reset( &cipher_ctx, NULL, 0 ) ) != 0 )