sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-03 00:00:24 -04:00
Code Issues Projects Releases Wiki Activity

gcrypt: Return correct IV length (0) for ECB mode

Browse Source
This commit is contained in:
Tobias Brunner 2022-09-13 15:26:47 +02:00
parent 7217ff5fc5
commit 80b2c6cdc5
1 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
View File

@ -45,7 +45,7 @@ struct private_gcrypt_crypter_t {
/**
* are we using counter mode?
*/
bool ctr_mode;
int mode;
/**
* counter state
@ -62,13 +62,17 @@ struct private_gcrypt_crypter_t {
*/
static bool set_iv(private_gcrypt_crypter_t *this, chunk_t iv)
{
if (this->ctr_mode)
if (this->mode == GCRY_CIPHER_MODE_CTR)
{
memcpy(this->ctr.iv, iv.ptr, sizeof(this->ctr.iv));
this->ctr.counter = htonl(1);
return gcry_cipher_setctr(this->h, &this->ctr, sizeof(this->ctr)) == 0;
}
return gcry_cipher_setiv(this->h, iv.ptr, iv.len) == 0;
if (iv.len)
{
return gcry_cipher_setiv(this->h, iv.ptr, iv.len) == 0;
}
return TRUE;
}
METHOD(crypter_t, decrypt, bool,
@ -108,7 +112,7 @@ METHOD(crypter_t, get_block_size, size_t,
{
size_t len = 0;
if (this->ctr_mode)
if (this->mode == GCRY_CIPHER_MODE_CTR)
{ /* counter mode does not need any padding */
return 1;
}
@ -121,9 +125,14 @@ METHOD(crypter_t, get_iv_size, size_t,
{
size_t len = 0;
if (this->ctr_mode)
switch (this->mode)
{
return sizeof(this->ctr.iv);
case GCRY_CIPHER_MODE_CTR:
return sizeof(this->ctr.iv);
case GCRY_CIPHER_MODE_ECB:
return 0;
default:
break;
}
gcry_cipher_algo_info(this->alg, GCRYCTL_GET_BLKLEN, NULL, &len);
return len;
@ -135,7 +144,7 @@ METHOD(crypter_t, get_key_size, size_t,
size_t len = 0;
gcry_cipher_algo_info(this->alg, GCRYCTL_GET_KEYLEN, NULL, &len);
if (this->ctr_mode)
if (this->mode == GCRY_CIPHER_MODE_CTR)
{
return len + sizeof(this->ctr.nonce);
}
@ -145,7 +154,7 @@ METHOD(crypter_t, get_key_size, size_t,
METHOD(crypter_t, set_key, bool,
private_gcrypt_crypter_t *this, chunk_t key)
{
if (this->ctr_mode)
if (this->mode == GCRY_CIPHER_MODE_CTR)
{
/* last 4 bytes are the nonce */
memcpy(this->ctr.nonce, key.ptr + key.len - sizeof(this->ctr.nonce),
@ -308,7 +317,7 @@ gcrypt_crypter_t *gcrypt_crypter_create(encryption_algorithm_t algo,
},
},
.alg = gcrypt_alg,
.ctr_mode = mode == GCRY_CIPHER_MODE_CTR,
.mode = mode,
);
err = gcry_cipher_open(&this->h, gcrypt_alg, mode, 0);