Skip to content

Commit accb185

Browse files
committed
Enforce distinct aes-xts keys in both fips and non-fips modes to match wolfssl master, and update the test accordingly.
Skip this check when the provider is not used, since the default nettle library accepts the keys to be the same.
1 parent b322a8f commit accb185

2 files changed

Lines changed: 12 additions & 10 deletions

File tree

wolfssl-gnutls-wrapper/src/cipher.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -438,7 +438,7 @@ int wolfssl_cipher_setkey(void *_ctx, const void *key, size_t keysize)
438438
}
439439

440440
#ifdef WOLFSSL_AES_XTS
441-
if (ctx->mode == XTS && gnutls_fips140_mode_enabled()) {
441+
if (ctx->mode == XTS) {
442442
/* XTS has two AES keys that are no allowed to be the same. */
443443
if (XMEMCMP(key, key + exp_key_size / 2, exp_key_size / 2) == 0) {
444444
WGW_ERROR("XTS keys are the same");

wolfssl-gnutls-wrapper/tests/test_aesxts.c

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11

22
#include <gnutls/crypto.h>
3+
#include <stdlib.h>
34

45
#include "test_util.h"
56

@@ -97,15 +98,16 @@ static int test_aesxts(gnutls_cipher_algorithm_t cipher,
9798
/* Copy plaintext to a non-const buffer for GnuTLS */
9899
memcpy(plaintext, plaintext_data, sizeof(plaintext_data));
99100

100-
/* Try bad key - same data for both keys or key too small. */
101-
ret = gnutls_cipher_init(&encrypt_handle, cipher, &bad_key, &iv);
102-
if (gnutls_fips140_mode_enabled() && ret == 0) {
103-
print_gnutls_error("initializing cipher with bad key", ret);
104-
return 1;
105-
}
106-
if (!gnutls_fips140_mode_enabled() && ret != 0) {
107-
print_gnutls_error("initializing cipher with bad key", ret);
108-
return 1;
101+
/* Try bad key - same data for both keys. The wolfSSL provider rejects
102+
* identical XTS key halves in all modes; native GnuTLS/Nettle (used when
103+
* GNUTLS_NO_PROVIDER=1) accepts them in non-FIPS mode, so only enforce the
104+
* rejection when the provider is in use. */
105+
if (!getenv("GNUTLS_NO_PROVIDER")) {
106+
ret = gnutls_cipher_init(&encrypt_handle, cipher, &bad_key, &iv);
107+
if (ret == 0) {
108+
print_gnutls_error("initializing cipher with bad key", ret);
109+
return 1;
110+
}
109111
}
110112

111113
/********** ENCRYPTION TEST **********/

0 commit comments

Comments
 (0)