Skip to content

Commit

Permalink
ssl3_record_tls13.c: preliminarily fix tests and add TODOs
Browse files Browse the repository at this point in the history
  • Loading branch information
DDvO authored and rajeev-0 committed Nov 15, 2023
1 parent c2b42e6 commit 8db1e7e
Showing 1 changed file with 15 additions and 10 deletions.
25 changes: 15 additions & 10 deletions ssl/record/ssl3_record_tls13.c
Original file line number Diff line number Diff line change
Expand Up @@ -102,8 +102,8 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending,
} else if (alg_enc & SSL_CHACHA20) {
taglen = EVP_CHACHAPOLY_TLS_TAG_LEN;
} else {
#if 1
taglen = 16;
#if 0
taglen = 16; /* TODO this likely goes wrong for existing ciphers */
#else
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return 0;
Expand All @@ -121,7 +121,9 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending,
}

/* Set up IV */
ivlen = 16;
#if 0
ivlen = 16; /* TODO this goes wrong for existing ciphers */
#endif
if (ivlen < SEQ_NUM_SIZE) {
/* Should not happen */
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
Expand Down Expand Up @@ -164,15 +166,15 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending,
return 0;
}

/*Check if it is a MAC cipher. We need to increase the record length.*/

#if 0
/* Check if it is a MAC cipher. We need to increase the record length. */
if (sending) {
int hmac_size = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, taglen, rec->data + rec->length);
int hmac_size = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, taglen, rec->data + rec->length); /* TODO this goes wrong for other ciphers */
if (hmac_size > 0){
rec->length += hmac_size; //Add the hash resulted from hmac.
rec->length += hmac_size; /* Add the hash resulted from hmac. */
}
}

#endif

/*
* For CCM we must explicitly set the total plaintext length before we add
Expand All @@ -191,12 +193,15 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending,
return 0;
}

#if 0
/* Check if it is a MAC cipher. We need to decrease the record length. */
if (!sending) {
int hmac_size = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, taglen, rec->data + rec->length);
int hmac_size = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, taglen, rec->data + rec->length); /* TODO this goes wrong for other ciphers */
if (hmac_size > 0){
rec->length -= hmac_size; //Remove the hash resulted from hmac.
rec->length -= hmac_size; /* Remove the hash resulted from hmac. */
}
}
#endif

if (sending) {
/* Add the tag */
Expand Down

0 comments on commit 8db1e7e

Please sign in to comment.