[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] scratch/tzz/nettle cc2e22f: WIP: GnuTLS AEAD tags
From: |
Teodor Zlatanov |
Subject: |
[Emacs-diffs] scratch/tzz/nettle cc2e22f: WIP: GnuTLS AEAD tags |
Date: |
Tue, 11 Apr 2017 23:15:12 -0400 (EDT) |
branch: scratch/tzz/nettle
commit cc2e22f1c64630d3716fed1e0e6681d8f022115f
Author: Ted Zlatanov <address@hidden>
Commit: Ted Zlatanov <address@hidden>
WIP: GnuTLS AEAD tags
---
src/gnutls.c | 33 +++++++++++++++++++++++----------
1 file changed, 23 insertions(+), 10 deletions(-)
diff --git a/src/gnutls.c b/src/gnutls.c
index 80a0c1f..146bea2 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1792,6 +1792,21 @@ gnutls_symmetric_aead (bool encrypting,
gnutls_cipher_algorithm_t gca,
aead_auth_size = SCHARS (aead_auth);
}
+ size_t expected_remainder = 0;
+
+ if (!encrypting)
+ expected_remainder = gnutls_cipher_get_tag_size (gca);
+
+ if (SCHARS (input) % gnutls_cipher_get_block_size (gca) != 0)
+ {
+ error ("GnuTLS AEAD cipher %s/%s input block length %ld was not a "
+ "multiple of the required %ld plus the expected tag remainder
%ld",
+ gnutls_cipher_get_name (gca), desc,
+ SCHARS (input), (long) gnutls_cipher_get_block_size (gca),
+ (long) expected_remainder);
+ return Qnil;
+ }
+
if (encrypting)
{
ret = gnutls_aead_cipher_encrypt (acipher,
@@ -1847,7 +1862,6 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
const char* desc = (encrypting ? "encrypt" : "decrypt");
- Lisp_Object output = Qnil;
int ret = GNUTLS_E_SUCCESS;
gnutls_cipher_algorithm_t gca = GNUTLS_CIPHER_UNKNOWN;
@@ -1899,6 +1913,13 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
return Qnil;
}
+ // Is this an AEAD cipher?
+ if (gnutls_cipher_get_tag_size (gca) > 0)
+ {
+ return gnutls_symmetric_aead (encrypting, gca, cipher, key, iv, input,
aead_auth);
+ }
+
+ // AEAD ciphers have the tag attached.
if (SCHARS (input) % gnutls_cipher_get_block_size (gca) != 0)
{
error ("GnuTLS cipher %s/%s input block length %ld was not a multiple "
@@ -1908,12 +1929,6 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
return Qnil;
}
- // Is this an AEAD cipher?
- if (gnutls_cipher_get_tag_size (gca) > 0)
- {
- return gnutls_symmetric_aead (encrypting, gca, cipher, key, iv, input,
aead_auth);
- }
-
gnutls_cipher_hd_t hcipher;
gnutls_datum_t key_datum = { (unsigned char*) SSDATA (key), SCHARS (key) };
@@ -2088,7 +2103,6 @@ with the `:mac-algorithm-id' numeric property, or the
number itself. */)
CHECK_STRING (input);
CHECK_STRING (key);
- Lisp_Object output = Qnil;
int ret = GNUTLS_E_SUCCESS;
gnutls_mac_algorithm_t gma = GNUTLS_MAC_UNKNOWN;
@@ -2155,7 +2169,7 @@ with the `:mac-algorithm-id' numeric property, or the
number itself. */)
gnutls_hmac_output (hmac, SDATA (digest));
gnutls_hmac_deinit (hmac, NULL);
- return output;
+ return digest;
}
DEFUN ("gnutls-hash-digest", Fgnutls_hash_digest, Sgnutls_hash_digest, 2, 2, 0,
@@ -2171,7 +2185,6 @@ itself. */)
{
CHECK_STRING (input);
- Lisp_Object output = Qnil;
int ret = GNUTLS_E_SUCCESS;
gnutls_digest_algorithm_t gda = GNUTLS_DIG_UNKNOWN;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Emacs-diffs] scratch/tzz/nettle cc2e22f: WIP: GnuTLS AEAD tags,
Teodor Zlatanov <=