emacs-diffs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] scratch/tzz/nettle cc2e22f: WIP: GnuTLS AEAD tags


From: Teodor Zlatanov
Subject: [Emacs-diffs] scratch/tzz/nettle cc2e22f: WIP: GnuTLS AEAD tags
Date: Tue, 11 Apr 2017 23:15:12 -0400 (EDT)

branch: scratch/tzz/nettle
commit cc2e22f1c64630d3716fed1e0e6681d8f022115f
Author: Ted Zlatanov <address@hidden>
Commit: Ted Zlatanov <address@hidden>

    WIP: GnuTLS AEAD tags
---
 src/gnutls.c | 33 +++++++++++++++++++++++----------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/src/gnutls.c b/src/gnutls.c
index 80a0c1f..146bea2 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1792,6 +1792,21 @@ gnutls_symmetric_aead (bool encrypting, 
gnutls_cipher_algorithm_t gca,
      aead_auth_size = SCHARS (aead_auth);
     }
 
+  size_t expected_remainder = 0;
+
+  if (!encrypting)
+    expected_remainder = gnutls_cipher_get_tag_size (gca);
+
+  if (SCHARS (input) % gnutls_cipher_get_block_size (gca) != 0)
+    {
+      error ("GnuTLS AEAD cipher %s/%s input block length %ld was not a "
+             "multiple of the required %ld plus the expected tag remainder 
%ld",
+             gnutls_cipher_get_name (gca), desc,
+             SCHARS (input), (long) gnutls_cipher_get_block_size (gca),
+             (long) expected_remainder);
+      return Qnil;
+    }
+
   if (encrypting)
     {
       ret = gnutls_aead_cipher_encrypt (acipher,
@@ -1847,7 +1862,6 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
 
   const char* desc = (encrypting ? "encrypt" : "decrypt");
 
-  Lisp_Object output = Qnil;
   int ret = GNUTLS_E_SUCCESS;
 
   gnutls_cipher_algorithm_t gca = GNUTLS_CIPHER_UNKNOWN;
@@ -1899,6 +1913,13 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
       return Qnil;
     }
 
+  // Is this an AEAD cipher?
+  if (gnutls_cipher_get_tag_size (gca) > 0)
+    {
+      return gnutls_symmetric_aead (encrypting, gca, cipher, key, iv, input, 
aead_auth);
+    }
+
+  // AEAD ciphers have the tag attached.
   if (SCHARS (input) % gnutls_cipher_get_block_size (gca) != 0)
     {
       error ("GnuTLS cipher %s/%s input block length %ld was not a multiple "
@@ -1908,12 +1929,6 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
       return Qnil;
     }
 
-  // Is this an AEAD cipher?
-  if (gnutls_cipher_get_tag_size (gca) > 0)
-    {
-      return gnutls_symmetric_aead (encrypting, gca, cipher, key, iv, input, 
aead_auth);
-    }
-
   gnutls_cipher_hd_t hcipher;
   gnutls_datum_t key_datum = { (unsigned char*) SSDATA (key), SCHARS (key) };
 
@@ -2088,7 +2103,6 @@ with the `:mac-algorithm-id' numeric property, or the 
number itself. */)
   CHECK_STRING (input);
   CHECK_STRING (key);
 
-  Lisp_Object output = Qnil;
   int ret = GNUTLS_E_SUCCESS;
 
   gnutls_mac_algorithm_t gma = GNUTLS_MAC_UNKNOWN;
@@ -2155,7 +2169,7 @@ with the `:mac-algorithm-id' numeric property, or the 
number itself. */)
   gnutls_hmac_output (hmac, SDATA (digest));
   gnutls_hmac_deinit (hmac, NULL);
 
-  return output;
+  return digest;
 }
 
 DEFUN ("gnutls-hash-digest", Fgnutls_hash_digest, Sgnutls_hash_digest, 2, 2, 0,
@@ -2171,7 +2185,6 @@ itself. */)
 {
   CHECK_STRING (input);
 
-  Lisp_Object output = Qnil;
   int ret = GNUTLS_E_SUCCESS;
 
   gnutls_digest_algorithm_t gda = GNUTLS_DIG_UNKNOWN;



reply via email to

[Prev in Thread] Current Thread [Next in Thread]