tls 1.3: set CCM aad_len for draft >= 25

Closes #18277
2022-08-23 11:33:03 -05:00 · 2022-08-23 11:33:03 -05:00 · 4915b646d0
parent 16563952f4
commit 4915b646d0
1 changed files with 7 additions and 13 deletions
--- a/epan/dissectors/packet-tls-utils.c
+++ b/epan/dissectors/packet-tls-utils.c
@ -4991,19 +4991,6 @@ tls_decrypt_aead_record(SslDecryptSession *ssl, SslDecoder *decoder,
        return FALSE;
    }

-    if (decoder->cipher_suite->mode == MODE_CCM || decoder->cipher_suite->mode == MODE_CCM_8) {
-        /* size of plaintext, additional authenticated data and auth tag. */
-        guint64 lengths[3] = { ciphertext_len, is_v12 ? 13 : 0, auth_tag_len };
-        if (is_cid) {
-            if (ssl->session.deprecated_cid) {
-                lengths[1] += 1 + cidl; /* cid length (1 byte) + cid (cidl bytes) */
-            } else {
-                lengths[1] += 8 + 1 + 1 + cidl; /* seq_num_placeholder + ct + cid length + cid */
-            }
-        }
-        gcry_cipher_ctl(decoder->evp, GCRYCTL_SET_CCM_LENGTHS, lengths, sizeof(lengths));
-    }
-
    /* (D)TLS 1.2 needs specific AAD, TLS 1.3 (before -25) uses empty AAD. */
    if (is_cid) { /* if connection ID */
        if (ssl->session.deprecated_cid) {
@ -5047,6 +5034,13 @@ tls_decrypt_aead_record(SslDecryptSession *ssl, SslDecoder *decoder,
        phton16(aad + 3, inl);              /* TLSCiphertext.length */
    }

+    if (decoder->cipher_suite->mode == MODE_CCM || decoder->cipher_suite->mode == MODE_CCM_8) {
+        /* size of plaintext, additional authenticated data and auth tag. */
+        guint64 lengths[3] = { ciphertext_len, aad_len, auth_tag_len };
+
+        gcry_cipher_ctl(decoder->evp, GCRYCTL_SET_CCM_LENGTHS, lengths, sizeof(lengths));
+    }
+
    if (aad && aad_len > 0) {
        ssl_print_data("AAD", aad, aad_len);
        err = gcry_cipher_authenticate(decoder->evp, aad, aad_len);