aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2015-03-01 16:47:44 +0000
committerlloyd <[email protected]>2015-03-01 16:47:44 +0000
commit38cc1747b615081539893aa6c8bc02e6e1960d25 (patch)
treec504fc297905f434a5c1dd5a359412b5e8d4bf1b
parenta9aebb6c08eb7d78a62283c33ece17b73e7c2f8c (diff)
Fix decrypt in FFI/Python. Github issue 53
-rw-r--r--botan_version.py2
-rw-r--r--doc/relnotes/1_11_15.rst5
-rw-r--r--doc/relnotes/index.rst1
-rw-r--r--src/lib/ffi/ffi.cpp4
-rw-r--r--src/lib/ffi/ffi.h4
-rwxr-xr-xsrc/python/botan.py21
6 files changed, 30 insertions, 7 deletions
diff --git a/botan_version.py b/botan_version.py
index 1aa794863..fae0cd228 100644
--- a/botan_version.py
+++ b/botan_version.py
@@ -1,7 +1,7 @@
release_major = 1
release_minor = 11
-release_patch = 14
+release_patch = 15
release_so_abi_rev = release_patch
# These are set by the distribution script
diff --git a/doc/relnotes/1_11_15.rst b/doc/relnotes/1_11_15.rst
new file mode 100644
index 000000000..4c47785df
--- /dev/null
+++ b/doc/relnotes/1_11_15.rst
@@ -0,0 +1,5 @@
+Version 1.11.15, Not Yet Released
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* A bug in ffi.cpp meant Python could only encrypt. Github issue 53.
+
diff --git a/doc/relnotes/index.rst b/doc/relnotes/index.rst
index ff92f9e4f..896b70479 100644
--- a/doc/relnotes/index.rst
+++ b/doc/relnotes/index.rst
@@ -8,6 +8,7 @@ Series 1.11
.. toctree::
:maxdepth: 1
+ 1_11_15
1_11_14
1_11_13
1_11_12
diff --git a/src/lib/ffi/ffi.cpp b/src/lib/ffi/ffi.cpp
index 6c29a6f7e..c5a862200 100644
--- a/src/lib/ffi/ffi.cpp
+++ b/src/lib/ffi/ffi.cpp
@@ -393,7 +393,8 @@ int botan_cipher_init(botan_cipher_t* cipher, const char* cipher_name, uint32_t
{
try
{
- Botan::Cipher_Dir dir = (flags & 0) ? Botan::DECRYPTION : Botan::ENCRYPTION;
+ const bool encrypt_p = ((flags & BOTAN_CIPHER_INIT_FLAG_MASK_DIRECTION) == BOTAN_CIPHER_INIT_FLAG_ENCRYPT);
+ const Botan::Cipher_Dir dir = encrypt_p ? Botan::ENCRYPTION : Botan::DECRYPTION;
std::unique_ptr<Botan::Cipher_Mode> mode(Botan::get_cipher_mode(cipher_name, dir));
if(!mode)
return -1;
@@ -469,6 +470,7 @@ int botan_cipher_update(botan_cipher_t cipher_obj,
{
mbuf.assign(input, input + input_size);
*input_consumed = input_size;
+ *output_written = 0;
try
{
diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h
index 9ba02f02c..b4e99defd 100644
--- a/src/lib/ffi/ffi.h
+++ b/src/lib/ffi/ffi.h
@@ -90,6 +90,10 @@ BOTAN_DLL int botan_mac_destroy(botan_mac_t mac);
*/
typedef struct botan_cipher_struct* botan_cipher_t;
+#define BOTAN_CIPHER_INIT_FLAG_MASK_DIRECTION 1
+#define BOTAN_CIPHER_INIT_FLAG_ENCRYPT 0
+#define BOTAN_CIPHER_INIT_FLAG_DECRYPT 1
+
BOTAN_DLL int botan_cipher_init(botan_cipher_t* cipher, const char* name, uint32_t flags);
BOTAN_DLL int botan_cipher_valid_nonce_length(botan_cipher_t cipher, size_t nl);
diff --git a/src/python/botan.py b/src/python/botan.py
index 919a426b7..129aeaebb 100755
--- a/src/python/botan.py
+++ b/src/python/botan.py
@@ -517,11 +517,22 @@ def test():
print "md5", h.final().encode('hex')
gcm = cipher('AES-128/GCM')
- gcm.set_key('00000000000000000000000000000000'.decode('hex'))
- gcm.start('000000000000000000000000'.decode('hex'))
- gcm.update('')
- gcm.update('')
- print 'gcm', gcm.finish('00000000000000000000000000000000'.decode('hex')).encode('hex')
+ gcm_dec = cipher('AES-128/GCM', encrypt=False)
+
+ iv = r.get(12)
+ key = r.get(16)
+ pt = r.get(21)
+ gcm.set_key(key)
+ gcm.start(iv)
+ assert len(gcm.update('')) == 0
+ ct = gcm.finish(pt)
+ print "gcm ct", ct.encode('hex')
+
+ gcm_dec.set_key(key)
+ gcm_dec.start(iv)
+ dec = gcm_dec.finish(ct)
+ print "gcm pt", pt.encode('hex'), len(pt)
+ print "gcm de", dec.encode('hex'), len(dec)
rsapriv = private_key('rsa', 1536, r)