diff --git a/ctaocrypt/benchmark/benchmark.c b/ctaocrypt/benchmark/benchmark.c index 47dd3a777..5363fc95c 100644 --- a/ctaocrypt/benchmark/benchmark.c +++ b/ctaocrypt/benchmark/benchmark.c @@ -128,6 +128,9 @@ static int OpenNitroxDevice(int dma_mode,int dev_id) #endif +#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND) + CYASSL_API int CyaSSL_Debugging_ON(); +#endif /* so embedded projects can pull in tests on their own */ #if !defined(NO_MAIN_DRIVER) @@ -142,6 +145,10 @@ int benchmark_test(void *args) { #endif + #if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND) + CyaSSL_Debugging_ON(); + #endif + #ifdef HAVE_CAVIUM int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); if (ret != 0) { diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index 000210868..e25b5d873 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -2241,6 +2241,7 @@ int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) if ((word)in % 16) { #ifndef NO_CYASSL_ALLOC_ALIGN byte* tmp = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + CYASSL_MSG("AES-CBC encrypt with bad alignment"); if (tmp == NULL) return MEMORY_E; XMEMCPY(tmp, in, sz); diff --git a/src/internal.c b/src/internal.c index fcf96e277..3deec6712 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4189,11 +4189,11 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) #ifdef BUILD_AESGCM case cyassl_aes_gcm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; const byte* additionalSrc = input - 5; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 0), @@ -4202,8 +4202,10 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) /* Store the type, version. Unfortunately, they are in * the input buffer ahead of the plaintext. */ #ifdef CYASSL_DTLS - if (ssl->options.dtls) + if (ssl->options.dtls) { + c16toa(ssl->keys.dtls_epoch, additional); additionalSrc -= DTLS_HANDSHAKE_EXTRA; + } #endif XMEMCPY(additional + AEAD_TYPE_OFFSET, additionalSrc, 3); @@ -4220,8 +4222,8 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, nonce, AEAD_NONCE_SZ, out + sz - ssl->specs.aead_mac_size, - ssl->specs.aead_mac_size, additional, - AEAD_AUTH_DATA_SZ); + ssl->specs.aead_mac_size, + additional, AEAD_AUTH_DATA_SZ); AeadIncrementExpIV(ssl); XMEMSET(nonce, 0, AEAD_NONCE_SZ); } @@ -4231,11 +4233,11 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) #ifdef HAVE_AESCCM case cyassl_aes_ccm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; const byte* additionalSrc = input - 5; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 0), @@ -4268,9 +4270,8 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) additional, AEAD_AUTH_DATA_SZ); AeadIncrementExpIV(ssl); XMEMSET(nonce, 0, AEAD_NONCE_SZ); - - break; } + break; #endif #ifdef HAVE_CAMELLIA @@ -4339,14 +4340,19 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, #ifdef BUILD_AESGCM case cyassl_aes_gcm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET); - + + #ifdef CYASSL_DTLS + if (ssl->options.dtls) + c16toa(ssl->keys.dtls_state.curEpoch, additional); + #endif + additional[AEAD_TYPE_OFFSET] = ssl->curRL.type; additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor; additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor; @@ -4368,17 +4374,17 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, return VERIFY_MAC_ERROR; } XMEMSET(nonce, 0, AEAD_NONCE_SZ); - break; } + break; #endif #ifdef HAVE_AESCCM case cyassl_aes_ccm: { - byte additional[AES_BLOCK_SIZE]; + byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; - XMEMSET(additional, 0, AES_BLOCK_SIZE); + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); /* sequence number field is 64-bits, we only use 32-bits */ c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET); @@ -4409,8 +4415,8 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, return VERIFY_MAC_ERROR; } XMEMSET(nonce, 0, AEAD_NONCE_SZ); - break; } + break; #endif #ifdef HAVE_CAMELLIA