Add decrypt of AES-GCM to the sniffer.

2015-10-19 11:28:25 -07:00 · 2015-10-19 11:28:25 -07:00 · 14d893aeb0
parent e1b0c0ac3d
commit 14d893aeb0
3 changed files with 38 additions and 2 deletions
--- a/src/sniffer.c
+++ b/src/sniffer.c
@ -248,7 +248,10 @@ static const char* const msgTable[] =
    "Reassembly Buffer Size Exceeded",
    "Dropping Lost Fragment",
    "Dropping Partial Record",
-    "Clear ACK Fault"
+    "Clear ACK Fault",
+
+    /* 81 */
+    "Bad Decrypt Size"
 };


@ -1968,6 +1971,30 @@ static int Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz)
            break;
        #endif

+        #ifdef HAVE_AESGCM
+        case wolfssl_aes_gcm:
+            if (sz >= AEAD_EXP_IV_SZ + ssl->specs.aead_mac_size)
+            {
+                byte nonce[AEAD_NONCE_SZ];
+                XMEMCPY(nonce, ssl->keys.aead_dec_imp_IV, AEAD_IMP_IV_SZ);
+                XMEMCPY(nonce + AEAD_IMP_IV_SZ, input, AEAD_EXP_IV_SZ);
+
+                if (wc_AesGcmEncrypt(ssl->decrypt.aes,
+                            output,
+                            input + AEAD_EXP_IV_SZ,
+                            sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                            nonce, AEAD_NONCE_SZ,
+                            NULL, 0,
+                            NULL, 0) < 0) {
+                    ret = -1;
+                }
+                ForceZero(nonce, AEAD_NONCE_SZ);
+            }
+            else
+                Trace(BAD_DECRYPT_SIZE);
+            break;
+         #endif
+
        default:
            Trace(BAD_DECRYPT_TYPE);
            ret = -1;
@ -1996,7 +2023,12 @@ static const byte* DecryptMessage(SSL* ssl, const byte* input, word32 sz,
        *advance = ssl->specs.block_size;
    }

-    ssl->keys.padSz = ssl->specs.hash_size;
+    if (ssl->specs.cipher_type == aead) {
+        *advance = ssl->specs.aead_mac_size;
+        ssl->keys.padSz = ssl->specs.aead_mac_size;
+    }
+    else
+        ssl->keys.padSz = ssl->specs.hash_size;

    if (ssl->specs.cipher_type == block)
        ssl->keys.padSz += *(output + sz - ivExtra - 1) + 1;
--- a/wolfssl/sniffer_error.h
+++ b/wolfssl/sniffer_error.h
@ -114,6 +114,8 @@
 #define DROPPING_LOST_FRAG_STR 78
 #define DROPPING_PARTIAL_RECORD 79
 #define CLEAR_ACK_FAULT 80
+
+#define BAD_DECRYPT_SIZE 81
 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */


--- a/wolfssl/sniffer_error.rc
+++ b/wolfssl/sniffer_error.rc
@ -96,5 +96,7 @@ STRINGTABLE
    78, "Dropping Lost Fragment"
    79, "Dropping Partial Record"
    80, "Clear ACK Fault"
+
+    81, "Bad Decrypt Size"
 }