commit d056ce0e3e0de9f45157cc1cc25982db4620d7d8
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Oct 29 22:29:20 2014 +0100
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Nov 06 18:23:49 2014 +0100
tree 6b26f91df40e94d935aa6fc061888f5b6260cce7
parent a6c5ea2c438ad52aa4f5b6da14154e07d18628da

Use seq_num as AEAD nonce by default

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5f080de..6689894 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1137,6 +1137,7 @@
         /*
          * Generate IV
          */
+#if defined(POLARSSL_SSL_AEAD_RANDOM_IV)
         ret = ssl->f_rng( ssl->p_rng,
                 ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
                 ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
@@ -1146,6 +1147,18 @@
         memcpy( ssl->out_iv,
                 ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
                 ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
+#else
+        if( ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen != 8 )
+        {
+            /* Reminder if we ever add an AEAD mode with a different size */
+            SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        memcpy( ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
+                             ssl->out_ctr, 8 );
+        memcpy( ssl->out_iv, ssl->out_ctr, 8 );
+#endif
 
         SSL_DEBUG_BUF( 4, "IV used", ssl->out_iv,
                 ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );