aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/lib/tls/tls_ciphersuite.cpp24
-rw-r--r--src/lib/tls/tls_ciphersuite.h2
-rw-r--r--src/lib/tls/tls_record.cpp12
-rw-r--r--src/lib/tls/tls_record.h6
4 files changed, 34 insertions, 10 deletions
diff --git a/src/lib/tls/tls_ciphersuite.cpp b/src/lib/tls/tls_ciphersuite.cpp
index 88837387e..cf284e565 100644
--- a/src/lib/tls/tls_ciphersuite.cpp
+++ b/src/lib/tls/tls_ciphersuite.cpp
@@ -37,6 +37,30 @@ size_t Ciphersuite::nonce_bytes_from_handshake() const
throw Invalid_State("In Ciphersuite::nonce_bytes_from_handshake invalid enum value");
}
+size_t Ciphersuite::nonce_bytes_from_record(Protocol_Version version) const
+ {
+ switch(m_nonce_format)
+ {
+ case Nonce_Format::CBC_MODE:
+ {
+ if(version.supports_explicit_cbc_ivs())
+ {
+ return cipher_algo() == "3DES" ? 8 : 16;
+ }
+ else
+ {
+ return 0;
+ }
+ }
+ case Nonce_Format::AEAD_IMPLICIT_4:
+ return 8;
+ case Nonce_Format::AEAD_XOR_12:
+ return 0;
+ }
+
+ throw Invalid_State("In Ciphersuite::nonce_bytes_from_handshake invalid enum value");
+ }
+
bool Ciphersuite::is_scsv(uint16_t suite)
{
// TODO: derive from IANA file in script
diff --git a/src/lib/tls/tls_ciphersuite.h b/src/lib/tls/tls_ciphersuite.h
index 7ef7623bb..1d23a6c4a 100644
--- a/src/lib/tls/tls_ciphersuite.h
+++ b/src/lib/tls/tls_ciphersuite.h
@@ -114,6 +114,8 @@ class BOTAN_PUBLIC_API(2,0) Ciphersuite final
size_t nonce_bytes_from_handshake() const;
+ size_t nonce_bytes_from_record(Protocol_Version version) const;
+
Nonce_Format nonce_format() const { return m_nonce_format; }
size_t mac_keylen() const { return m_mac_keylen; }
diff --git a/src/lib/tls/tls_record.cpp b/src/lib/tls/tls_record.cpp
index 730751855..ccad351d2 100644
--- a/src/lib/tls/tls_record.cpp
+++ b/src/lib/tls/tls_record.cpp
@@ -50,8 +50,11 @@ Connection_Cipher_State::Connection_Cipher_State(Protocol_Version version,
}
m_nonce = unlock(iv.bits_of());
- m_nonce_bytes_from_handshake = m_nonce.size();
m_nonce_format = suite.nonce_format();
+ m_nonce_bytes_from_record = suite.nonce_bytes_from_record(version);
+ m_nonce_bytes_from_handshake = suite.nonce_bytes_from_handshake();
+
+ BOTAN_ASSERT_NOMSG(m_nonce.size() == m_nonce_bytes_from_handshake);
if(nonce_format() == Nonce_Format::CBC_MODE)
{
@@ -83,11 +86,7 @@ Connection_Cipher_State::Connection_Cipher_State(Protocol_Version version,
m_aead->set_key(cipher_key + mac_key);
- m_nonce_bytes_from_record = 0;
-
- if(version.supports_explicit_cbc_ivs())
- m_nonce_bytes_from_record = m_nonce_bytes_from_handshake;
- else if(our_side == false)
+ if(our_side == false)
m_aead->start(iv.bits_of());
#else
throw Internal_Error("Negotiated disabled TLS CBC+HMAC ciphersuite");
@@ -101,7 +100,6 @@ Connection_Cipher_State::Connection_Cipher_State(Protocol_Version version,
if(nonce_format() == Nonce_Format::AEAD_IMPLICIT_4)
{
- m_nonce_bytes_from_record = 8;
m_nonce.resize(m_nonce.size() + 8);
}
else if(nonce_format() != Nonce_Format::AEAD_XOR_12)
diff --git a/src/lib/tls/tls_record.h b/src/lib/tls/tls_record.h
index 7ccd78b86..7cf577217 100644
--- a/src/lib/tls/tls_record.h
+++ b/src/lib/tls/tls_record.h
@@ -68,9 +68,9 @@ class Connection_Cipher_State final
std::unique_ptr<AEAD_Mode> m_aead;
std::vector<uint8_t> m_nonce;
- Nonce_Format m_nonce_format = Nonce_Format::CBC_MODE;
- size_t m_nonce_bytes_from_handshake = 0;
- size_t m_nonce_bytes_from_record = 0;
+ Nonce_Format m_nonce_format;
+ size_t m_nonce_bytes_from_handshake;
+ size_t m_nonce_bytes_from_record;
};
class Record final