Sanity check EVP_CTRL_AEAD_TLS_AAD (c8269881) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

apps/speed.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -2456,7 +2456,7 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
		print_message(alg_name, 0, mblengths[j]);
		Time_F(START);
		for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
		unsigned char aad[13];
		unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
		EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
		size_t len = mblengths[j];
		int packlen;
		@@ -2491,7 +2491,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
		aad[11] = len >> 8;
		aad[12] = len;
		pad = EVP_CIPHER_CTX_ctrl(&ctx,
		EVP_CTRL_AEAD_TLS1_AAD, 13, aad);
		EVP_CTRL_AEAD_TLS1_AAD,
		EVP_AEAD_TLS1_AAD_LEN, aad);
		EVP_Cipher(&ctx, out, inp, len + pad);
		}
		}

+1 −1

Original line number	Diff line number	Diff line
		@@ -1327,7 +1327,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX c, int type, int arg, void ptr)

		case EVP_CTRL_AEAD_TLS1_AAD:
		/* Save the AAD for later use */
		if (arg != 13)
		if (arg != EVP_AEAD_TLS1_AAD_LEN)
		return 0;
		memcpy(c->buf, ptr, arg);
		gctx->tls_aad_len = arg;

+6 −3

Original line number	Diff line number	Diff line
		@@ -845,7 +845,12 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
		case EVP_CTRL_AEAD_TLS1_AAD:
		{
		unsigned char *p = ptr;
		unsigned int len = p[arg - 2] << 8 \| p[arg - 1];
		unsigned int len;

		if (arg != EVP_AEAD_TLS1_AAD_LEN)
		return -1;

		len = p[arg - 2] << 8 \| p[arg - 1];

		if (ctx->encrypt) {
		key->payload_length = len;
		@@ -862,8 +867,6 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
		AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
		- len);
		} else {
		if (arg > 13)
		arg = 13;
		memcpy(key->aux.tls_aad, ptr, arg);
		key->payload_length = arg;

+5 −2

Original line number	Diff line number	Diff line
		@@ -817,6 +817,11 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
		unsigned char *p = ptr;
		unsigned int len = p[arg - 2] << 8 \| p[arg - 1];

		if (arg != EVP_AEAD_TLS1_AAD_LEN)
		return -1;

		len = p[arg - 2] << 8 \| p[arg - 1];

		if (ctx->encrypt) {
		key->payload_length = len;
		if ((key->aux.tls_ver =
		@@ -832,8 +837,6 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
		AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
		- len);
		} else {
		if (arg > 13)
		arg = 13;
		memcpy(key->aux.tls_aad, ptr, arg);
		key->payload_length = arg;

+6 −1

Original line number	Diff line number	Diff line
		@@ -257,7 +257,12 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
		case EVP_CTRL_AEAD_TLS1_AAD:
		{
		unsigned char *p = ptr;
		unsigned int len = p[arg - 2] << 8 \| p[arg - 1];
		unsigned int len;

		if (arg != EVP_AEAD_TLS1_AAD_LEN)
		return -1;

		len = p[arg - 2] << 8 \| p[arg - 1];

		if (!ctx->encrypt) {
		len -= MD5_DIGEST_LENGTH;