diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-22 14:23:14 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-22 14:37:46 +0200 |
| commit | c2d0881f72cc483e1fc072406a2c8e5df2f17109 (patch) | |
| tree | 13184debbde5886e4e48a5107838906ed46441d8 | |
| parent | 165b050f957c698e8594eb1e36408ff1ed732e17 (diff) | |
| download | gnutls-c2d0881f72cc483e1fc072406a2c8e5df2f17109.tar.gz | |
crypto-api: refuse to run gnutls_cipher_init() in full AEAD modes
That is, there are AEAD modes like CCM that can only be used through
the AEAD API. Always refuse calls to gnutls_cipher_init() in these
modes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/algorithms/ciphers.c | 4 | ||||
| -rw-r--r-- | lib/crypto-api.c | 2 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 3 |
3 files changed, 7 insertions, 2 deletions
diff --git a/lib/algorithms/ciphers.c b/lib/algorithms/ciphers.c index ea0cf51bbf..6143467bcd 100644 --- a/lib/algorithms/ciphers.c +++ b/lib/algorithms/ciphers.c @@ -84,6 +84,7 @@ static const cipher_entry_st algorithms[] = { .implicit_iv = 4, .explicit_iv = 8, .cipher_iv = 12, + .only_aead = 1, .tagsize = 16}, { .name = "AES-256-CCM", .id = GNUTLS_CIPHER_AES_256_CCM, @@ -93,6 +94,7 @@ static const cipher_entry_st algorithms[] = { .implicit_iv = 4, .explicit_iv = 8, .cipher_iv = 12, + .only_aead = 1, .tagsize = 16}, { .name = "AES-128-CCM-8", .id = GNUTLS_CIPHER_AES_128_CCM_8, @@ -102,6 +104,7 @@ static const cipher_entry_st algorithms[] = { .implicit_iv = 4, .explicit_iv = 8, .cipher_iv = 12, + .only_aead = 1, .tagsize = 8}, { .name = "AES-256-CCM-8", .id = GNUTLS_CIPHER_AES_256_CCM_8, @@ -111,6 +114,7 @@ static const cipher_entry_st algorithms[] = { .implicit_iv = 4, .explicit_iv = 8, .cipher_iv = 12, + .only_aead = 1, .tagsize = 8}, { .name = "ARCFOUR-128", .id = GNUTLS_CIPHER_ARCFOUR_128, diff --git a/lib/crypto-api.c b/lib/crypto-api.c index 6b3b065f08..1a0b13b90c 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -62,7 +62,7 @@ gnutls_cipher_init(gnutls_cipher_hd_t * handle, const cipher_entry_st* e; e = cipher_to_entry(cipher); - if (e == NULL) + if (e == NULL || e->only_aead) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); *handle = gnutls_calloc(1, sizeof(api_cipher_hd_st)); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 0aff2d28d5..5d013c83c2 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -445,7 +445,8 @@ typedef struct cipher_entry_st { uint16_t explicit_iv; /* the size of explicit IV - the IV stored in record */ uint16_t cipher_iv; /* the size of IV needed by the cipher */ uint16_t tagsize; - bool xor_nonce; /* In this TLS AEAD cipher xor the implicit_iv with the nonce */ + bool xor_nonce; /* In this TLS AEAD cipher xor the implicit_iv with the nonce */ + bool only_aead; /* When set, this cipher is only available through the new AEAD API */ } cipher_entry_st; typedef struct gnutls_cipher_suite_entry_st { |