From d28985bc14ca3ba9615889bda7094740759613ff Mon Sep 17 00:00:00 2001 From: Bradley Matusiak Date: Fri, 4 Mar 2022 12:08:07 -0500 Subject: [PATCH 1/7] added aes-gcm --- libs/crypto/jswrap_crypto.c | 58 ++++++++++++++++++++++++++++--------- 1 file changed, 44 insertions(+), 14 deletions(-) diff --git a/libs/crypto/jswrap_crypto.c b/libs/crypto/jswrap_crypto.c index 5a6b94412d..276f4d1267 100644 --- a/libs/crypto/jswrap_crypto.c +++ b/libs/crypto/jswrap_crypto.c @@ -20,6 +20,7 @@ #ifdef USE_AES #include "mbedtls/include/mbedtls/aes.h" +#include "mbedtls/include/mbedtls/gcm.h" #endif #ifndef USE_SHA1_JS #include "mbedtls/include/mbedtls/sha1.h" @@ -112,6 +113,7 @@ typedef enum { CM_CTR, CM_OFB, CM_ECB, + CM_GCM, } CryptoMode; CryptoMode jswrap_crypto_getMode(JsVar *mode) { @@ -120,6 +122,7 @@ CryptoMode jswrap_crypto_getMode(JsVar *mode) { if (jsvIsStringEqual(mode, "CTR")) return CM_CTR; if (jsvIsStringEqual(mode, "OFB")) return CM_OFB; if (jsvIsStringEqual(mode, "ECB")) return CM_ECB; + if (jsvIsStringEqual(mode, "GCM")) return CM_GCM; jsExceptionHere(JSET_ERROR, "Unknown Crypto mode %q", mode); return CM_NONE; } @@ -357,23 +360,42 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar } - - mbedtls_aes_context aes; - mbedtls_aes_init( &aes ); - JSV_GET_AS_CHAR_ARRAY(messagePtr, messageLen, message); if (!messagePtr) return 0; JSV_GET_AS_CHAR_ARRAY(keyPtr, keyLen, key); if (!keyPtr) return 0; - if (encrypt) - err = mbedtls_aes_setkey_enc( &aes, (unsigned char*)keyPtr, (unsigned int)keyLen*8 ); - else - err = mbedtls_aes_setkey_dec( &aes, (unsigned char*)keyPtr, (unsigned int)keyLen*8 ); - if (err) { - jswrap_crypto_error(err); - return 0; + + mbedtls_gcm_context aes_gcm; + mbedtls_aes_context aes; + + + if(mode == CM_GCM){ + mbedtls_gcm_init( &aes_gcm ); + + err = mbedtls_gcm_setkey( &aes_gcm, MBEDTLS_CIPHER_ID_AES , (unsigned char*)keyPtr, (unsigned int)keyLen*8); + if (err) { + jswrap_crypto_error(err); + return 0; + } + + err = mbedtls_gcm_starts(&aes_gcm, encrypt ? MBEDTLS_GCM_ENCRYPT : MBEDTLS_GCM_DECRYPT, iv, sizeof(iv) ,NULL, 0); + if (err) { + jswrap_crypto_error(err); + return 0; + } + }else{ + mbedtls_aes_init( &aes ); + + if (encrypt) + err = mbedtls_aes_setkey_enc( &aes, (unsigned char*)keyPtr, (unsigned int)keyLen*8 ); + else + err = mbedtls_aes_setkey_dec( &aes, (unsigned char*)keyPtr, (unsigned int)keyLen*8 ); + if (err) { + jswrap_crypto_error(err); + return 0; + } } char *outPtr = 0; @@ -428,12 +450,20 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar } break; } + + case CM_GCM: { + mbedtls_gcm_update(&aes_gcm,(unsigned int)messageLen,(unsigned char*)messagePtr, (unsigned char*)outPtr); + break; + } default: err = MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; break; } - mbedtls_aes_free( &aes ); + if(mode != CM_GCM) + mbedtls_aes_free( &aes ); + else + mbedtls_gcm_free( &aes_gcm ); if (!err) { return outVar; } else { @@ -451,7 +481,7 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar "params" : [ ["passphrase","JsVar","Message to encrypt"], ["key","JsVar","Key to encrypt message - must be an ArrayBuffer of 128, 192, or 256 BITS"], - ["options","JsVar","An optional object, may specify `{ iv : new Uint8Array(16), mode : 'CBC|CFB|CTR|OFB|ECB' }`"] + ["options","JsVar","An optional object, may specify `{ iv : new Uint8Array(16), mode : 'CBC|CFB|CTR|OFB|ECB|GCM' }`"] ], "return" : ["JsVar","Returns an ArrayBuffer"], "return_object" : "ArrayBuffer", @@ -470,7 +500,7 @@ JsVar *jswrap_crypto_AES_encrypt(JsVar *message, JsVar *key, JsVar *options) { "params" : [ ["passphrase","JsVar","Message to decrypt"], ["key","JsVar","Key to encrypt message - must be an ArrayBuffer of 128, 192, or 256 BITS"], - ["options","JsVar","An optional object, may specify `{ iv : new Uint8Array(16), mode : 'CBC|CFB|CTR|OFB|ECB' }`"] + ["options","JsVar","An optional object, may specify `{ iv : new Uint8Array(16), mode : 'CBC|CFB|CTR|OFB|ECB|GCM' }`"] ], "return" : ["JsVar","Returns an ArrayBuffer"], "return_object" : "ArrayBuffer", From a6cbde9ff09176dc57b0fea2bc270d7d0599e636 Mon Sep 17 00:00:00 2001 From: Bradley Matusiak Date: Sat, 5 Mar 2022 21:23:39 -0500 Subject: [PATCH 2/7] Update jswrap_crypto.c --- libs/crypto/jswrap_crypto.c | 58 +++++++++++++++++++++++++++---------- 1 file changed, 43 insertions(+), 15 deletions(-) diff --git a/libs/crypto/jswrap_crypto.c b/libs/crypto/jswrap_crypto.c index 276f4d1267..38fd187bbc 100644 --- a/libs/crypto/jswrap_crypto.c +++ b/libs/crypto/jswrap_crypto.c @@ -370,8 +370,11 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar mbedtls_gcm_context aes_gcm; mbedtls_aes_context aes; - + char *outPtr = 0; + JsVar *outVar; if(mode == CM_GCM){ + + #define TAGSIZE 16 mbedtls_gcm_init( &aes_gcm ); err = mbedtls_gcm_setkey( &aes_gcm, MBEDTLS_CIPHER_ID_AES , (unsigned char*)keyPtr, (unsigned int)keyLen*8); @@ -380,11 +383,8 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar return 0; } - err = mbedtls_gcm_starts(&aes_gcm, encrypt ? MBEDTLS_GCM_ENCRYPT : MBEDTLS_GCM_DECRYPT, iv, sizeof(iv) ,NULL, 0); - if (err) { - jswrap_crypto_error(err); - return 0; - } + outVar = jsvNewArrayBufferWithPtr(encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE, &outPtr); + }else{ mbedtls_aes_init( &aes ); @@ -396,17 +396,14 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar jswrap_crypto_error(err); return 0; } + outVar = jsvNewArrayBufferWithPtr((unsigned int) messageLen, &outPtr); } - char *outPtr = 0; - JsVar *outVar = jsvNewArrayBufferWithPtr((unsigned int)messageLen, &outPtr); if (!outPtr) { jsError("Not enough memory for result"); return 0; } - - - + switch (mode) { case CM_CBC: err = mbedtls_aes_crypt_cbc( &aes, @@ -452,7 +449,38 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar } case CM_GCM: { - mbedtls_gcm_update(&aes_gcm,(unsigned int)messageLen,(unsigned char*)messagePtr, (unsigned char*)outPtr); + + const unsigned char msgtag[TAGSIZE]; + unsigned char add[0];//need to add additionalData + unsigned char input[encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; + memcpy(input, messagePtr, sizeof(input)); + if(!encrypt){ + memcpy(msgtag, &messagePtr[sizeof(input)], TAGSIZE); + err = mbedtls_gcm_auth_decrypt(&aes_gcm, + sizeof(input), + iv, + sizeof(iv), + add, + sizeof(add), + (unsigned char*)msgtag, + TAGSIZE, + (unsigned char*)input, + (unsigned char*)outPtr ); + }else{ + err = mbedtls_gcm_crypt_and_tag(&aes_gcm, + MBEDTLS_GCM_ENCRYPT, + sizeof(input), + iv, + sizeof(iv), + add, + sizeof(add), + (unsigned char*)input, + (unsigned char*)outPtr, + TAGSIZE, + msgtag ); + memcpy(&outPtr[messageLen], msgtag, TAGSIZE); + } + break; } default: @@ -460,10 +488,10 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar break; } - if(mode != CM_GCM) - mbedtls_aes_free( &aes ); - else + if(mode == CM_GCM) mbedtls_gcm_free( &aes_gcm ); + else + mbedtls_aes_free( &aes ); if (!err) { return outVar; } else { From 24600108d6a124a0ce250aa648c3f149117ba3cf Mon Sep 17 00:00:00 2001 From: Bradley Matusiak Date: Tue, 8 Mar 2022 11:34:00 -0500 Subject: [PATCH 3/7] Update jswrap_crypto.c --- libs/crypto/jswrap_crypto.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/libs/crypto/jswrap_crypto.c b/libs/crypto/jswrap_crypto.c index 38fd187bbc..0f45e95e2b 100644 --- a/libs/crypto/jswrap_crypto.c +++ b/libs/crypto/jswrap_crypto.c @@ -450,9 +450,10 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar case CM_GCM: { - const unsigned char msgtag[TAGSIZE]; - unsigned char add[0];//need to add additionalData + char msgtag[TAGSIZE]; + unsigned char add[0] = {} ;//need to add additionalData unsigned char input[encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; + unsigned char output[!encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; memcpy(input, messagePtr, sizeof(input)); if(!encrypt){ memcpy(msgtag, &messagePtr[sizeof(input)], TAGSIZE); @@ -465,20 +466,23 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar (unsigned char*)msgtag, TAGSIZE, (unsigned char*)input, - (unsigned char*)outPtr ); + (unsigned char*)output ); + memcpy(&outPtr[0], output, sizeof(output) - TAGSIZE); }else{ err = mbedtls_gcm_crypt_and_tag(&aes_gcm, MBEDTLS_GCM_ENCRYPT, - sizeof(input), + (unsigned int) messageLen, iv, sizeof(iv), add, sizeof(add), (unsigned char*)input, - (unsigned char*)outPtr, - TAGSIZE, - msgtag ); - memcpy(&outPtr[messageLen], msgtag, TAGSIZE); + (unsigned char*)output, + (const size_t)TAGSIZE, + (unsigned char*)msgtag ); + memcpy(&outPtr[0], output, sizeof(input)); + memcpy(&outPtr[16], msgtag, TAGSIZE); + } break; From f08513283b196f3bc063b5439ddc43a4054a2126 Mon Sep 17 00:00:00 2001 From: Bradley Matusiak Date: Tue, 8 Mar 2022 11:36:04 -0500 Subject: [PATCH 4/7] Update jswrap_crypto.c --- libs/crypto/jswrap_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/crypto/jswrap_crypto.c b/libs/crypto/jswrap_crypto.c index 0f45e95e2b..5c1021ee29 100644 --- a/libs/crypto/jswrap_crypto.c +++ b/libs/crypto/jswrap_crypto.c @@ -450,7 +450,7 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar case CM_GCM: { - char msgtag[TAGSIZE]; + const unsigned char msgtag[TAGSIZE]; unsigned char add[0] = {} ;//need to add additionalData unsigned char input[encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; unsigned char output[!encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; From 6bd5f19b538deee3ad0503a0dc734c265dfa507d Mon Sep 17 00:00:00 2001 From: Bradley Matusiak Date: Tue, 8 Mar 2022 12:13:22 -0500 Subject: [PATCH 5/7] Update jswrap_crypto.c --- libs/crypto/jswrap_crypto.c | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/libs/crypto/jswrap_crypto.c b/libs/crypto/jswrap_crypto.c index 5c1021ee29..fdfd0c9411 100644 --- a/libs/crypto/jswrap_crypto.c +++ b/libs/crypto/jswrap_crypto.c @@ -343,6 +343,9 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar CryptoMode mode = CM_CBC; + size_t additionalDataLen = 0; + char *additionalDataPtr = 0; + if (jsvIsObject(options)) { JsVar *ivVar = jsvObjectGetChild(options, "iv", 0); if (ivVar) { @@ -354,6 +357,23 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar mode = jswrap_crypto_getMode(modeVar); jsvUnLock(modeVar); if (mode == CM_NONE) return 0; + JsVar *addDataVar = jsvObjectGetChild(options, "additionalData", 0); + + + additionalDataPtr = jsvGetDataPointer(addDataVar, &additionalDataLen); + if (addDataVar && !additionalDataPtr) { + additionalDataLen = (size_t)jsvIterateCallbackCount(addDataVar); + if (additionalDataLen+256 > jsuGetFreeStack()) { + jsExceptionHere(JSET_ERROR, "Not enough stack memory to decode data"); + } else { + additionalDataPtr = (char *)alloca(additionalDataLen); + jsvIterateCallbackToBytes(addDataVar, (unsigned char *)additionalDataPtr, + (unsigned int)additionalDataLen); + } + } + + jsvUnLock(addDataVar); + if (mode == CM_NONE) return 0; } else if (!jsvIsUndefined(options)) { jsError("'options' must be undefined, or an Object"); return 0; @@ -450,8 +470,7 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar case CM_GCM: { - const unsigned char msgtag[TAGSIZE]; - unsigned char add[0] = {} ;//need to add additionalData + unsigned char msgtag[TAGSIZE]; unsigned char input[encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; unsigned char output[!encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; memcpy(input, messagePtr, sizeof(input)); @@ -461,8 +480,8 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar sizeof(input), iv, sizeof(iv), - add, - sizeof(add), + (const unsigned char *)additionalDataPtr, + additionalDataLen, (unsigned char*)msgtag, TAGSIZE, (unsigned char*)input, @@ -474,8 +493,8 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar (unsigned int) messageLen, iv, sizeof(iv), - add, - sizeof(add), + (const unsigned char *)additionalDataPtr, + additionalDataLen, (unsigned char*)input, (unsigned char*)output, (const size_t)TAGSIZE, @@ -505,6 +524,7 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar } } + /*JSON{ "type" : "staticmethod", "class" : "AES", From 826de2f350736d271cbc961fc3eb156fa81194de Mon Sep 17 00:00:00 2001 From: Bradley Matusiak Date: Wed, 9 Mar 2022 02:15:24 -0500 Subject: [PATCH 6/7] Update jswrap_crypto.c --- libs/crypto/jswrap_crypto.c | 100 +++++++++++++++++++++++------------- 1 file changed, 64 insertions(+), 36 deletions(-) diff --git a/libs/crypto/jswrap_crypto.c b/libs/crypto/jswrap_crypto.c index fdfd0c9411..2d062587af 100644 --- a/libs/crypto/jswrap_crypto.c +++ b/libs/crypto/jswrap_crypto.c @@ -338,47 +338,75 @@ JsVar *jswrap_crypto_PBKDF2(JsVar *passphrase, JsVar *salt, JsVar *options) { static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar *options, bool encrypt) { int err; - unsigned char iv[16]; // initialisation vector - memset(iv, 0, 16); + size_t iv_size = 0; + unsigned char *iv_bytes; CryptoMode mode = CM_CBC; - + unsigned int tagLength = 0; + size_t additionalDataLen = 0; - char *additionalDataPtr = 0; + + char *additionalDataPtr = NULL; if (jsvIsObject(options)) { + JsVar *ivVar = jsvObjectGetChild(options, "iv", 0); - if (ivVar) { - jsvIterateCallbackToBytes(ivVar, iv, sizeof(iv)); + if (ivVar && !jsvIsUndefined(ivVar)) { + iv_size = (size_t)jsvGetLength(ivVar); + jsvIterateCallbackToBytes(ivVar, &iv_bytes, (unsigned int)iv_size); jsvUnLock(ivVar); } + JsVar *modeVar = jsvObjectGetChild(options, "mode", 0); - if (!jsvIsUndefined(modeVar)) + if (modeVar && !jsvIsUndefined(modeVar)) mode = jswrap_crypto_getMode(modeVar); jsvUnLock(modeVar); if (mode == CM_NONE) return 0; + JsVar *addDataVar = jsvObjectGetChild(options, "additionalData", 0); - - - additionalDataPtr = jsvGetDataPointer(addDataVar, &additionalDataLen); - if (addDataVar && !additionalDataPtr) { - additionalDataLen = (size_t)jsvIterateCallbackCount(addDataVar); - if (additionalDataLen+256 > jsuGetFreeStack()) { - jsExceptionHere(JSET_ERROR, "Not enough stack memory to decode data"); - } else { - additionalDataPtr = (char *)alloca(additionalDataLen); - jsvIterateCallbackToBytes(addDataVar, (unsigned char *)additionalDataPtr, - (unsigned int)additionalDataLen); - } - } - - jsvUnLock(addDataVar); - if (mode == CM_NONE) return 0; + if(addDataVar && !jsvIsUndefined(addDataVar)){ + additionalDataPtr = jsvGetDataPointer(addDataVar, &additionalDataLen); + if (addDataVar && !additionalDataPtr) { + additionalDataLen = (size_t)jsvIterateCallbackCount(addDataVar); + if (additionalDataLen+256 > jsuGetFreeStack()) { + jsExceptionHere(JSET_ERROR, "Not enough stack memory to decode data"); + } else { + additionalDataPtr = (char *)alloca(additionalDataLen); + jsvIterateCallbackToBytes(addDataVar, (unsigned char *)additionalDataPtr, + (unsigned int)additionalDataLen); + } + } + jsvUnLock(addDataVar); + } + + JsVar *tagLengthVar = jsvObjectGetChild(options, "tagLength", 0); + if (tagLengthVar && !jsvIsUndefined(tagLengthVar)){ + tagLength = ((unsigned int)jsvGetInteger(tagLengthVar) / 8); + jsvUnLock(tagLengthVar); + } + + } else if (!jsvIsUndefined(options)) { jsError("'options' must be undefined, or an Object"); return 0; } - + + bool zero_iv = false; + + if(tagLength == 0 || tagLength > 16)//128bit or below + tagLength = 16; + + if(iv_size == 0 || iv_size > 16){//128bit or below + if(iv_size == 0) zero_iv = true; + iv_size = 16; + } + + unsigned char iv[iv_size]; + memset(iv, 0, iv_size); + + if(!zero_iv){ + memcpy(iv, &iv_bytes, iv_size); + } JSV_GET_AS_CHAR_ARRAY(messagePtr, messageLen, message); if (!messagePtr) return 0; @@ -394,7 +422,7 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar JsVar *outVar; if(mode == CM_GCM){ - #define TAGSIZE 16 + // #define tagLength 16 mbedtls_gcm_init( &aes_gcm ); err = mbedtls_gcm_setkey( &aes_gcm, MBEDTLS_CIPHER_ID_AES , (unsigned char*)keyPtr, (unsigned int)keyLen*8); @@ -403,7 +431,7 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar return 0; } - outVar = jsvNewArrayBufferWithPtr(encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE, &outPtr); + outVar = jsvNewArrayBufferWithPtr(encrypt ? (unsigned int) messageLen + tagLength : (unsigned int) messageLen - tagLength, &outPtr); }else{ mbedtls_aes_init( &aes ); @@ -470,37 +498,37 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar case CM_GCM: { - unsigned char msgtag[TAGSIZE]; - unsigned char input[encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; - unsigned char output[!encrypt ? (unsigned int) messageLen + TAGSIZE : (unsigned int) messageLen - TAGSIZE]; + unsigned char msgtag[tagLength]; + unsigned char input[encrypt ? (unsigned int) messageLen + tagLength : (unsigned int) messageLen - tagLength]; + unsigned char output[!encrypt ? (unsigned int) messageLen + tagLength : (unsigned int) messageLen - tagLength]; memcpy(input, messagePtr, sizeof(input)); if(!encrypt){ - memcpy(msgtag, &messagePtr[sizeof(input)], TAGSIZE); + memcpy(msgtag, &messagePtr[sizeof(input)], tagLength); err = mbedtls_gcm_auth_decrypt(&aes_gcm, sizeof(input), iv, - sizeof(iv), + iv_size, (const unsigned char *)additionalDataPtr, additionalDataLen, (unsigned char*)msgtag, - TAGSIZE, + tagLength, (unsigned char*)input, (unsigned char*)output ); - memcpy(&outPtr[0], output, sizeof(output) - TAGSIZE); + memcpy(&outPtr[0], output, sizeof(output) - tagLength); }else{ err = mbedtls_gcm_crypt_and_tag(&aes_gcm, MBEDTLS_GCM_ENCRYPT, (unsigned int) messageLen, iv, - sizeof(iv), + iv_size, (const unsigned char *)additionalDataPtr, additionalDataLen, (unsigned char*)input, (unsigned char*)output, - (const size_t)TAGSIZE, + (const size_t)tagLength, (unsigned char*)msgtag ); memcpy(&outPtr[0], output, sizeof(input)); - memcpy(&outPtr[16], msgtag, TAGSIZE); + memcpy(&outPtr[16], msgtag, tagLength); } From 126912f0d7f4d9fe03c7d1ae2cf93602adc14aa1 Mon Sep 17 00:00:00 2001 From: Bradley Matusiak Date: Thu, 10 Mar 2022 06:11:24 -0500 Subject: [PATCH 7/7] Update jswrap_crypto.c --- libs/crypto/jswrap_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/crypto/jswrap_crypto.c b/libs/crypto/jswrap_crypto.c index 2d062587af..9f378862e9 100644 --- a/libs/crypto/jswrap_crypto.c +++ b/libs/crypto/jswrap_crypto.c @@ -528,7 +528,7 @@ static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar (const size_t)tagLength, (unsigned char*)msgtag ); memcpy(&outPtr[0], output, sizeof(input)); - memcpy(&outPtr[16], msgtag, tagLength); + memcpy(&outPtr[sizeof(input)-tagLength], msgtag, tagLength); }