diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2016-07-16 15:19:53 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2016-07-16 15:19:53 +0200 |
| commit | bf372706c469764d59e9f29c39e3ecbebd72b8d2 (patch) | |
| tree | 0f0e296e2d50e4a7faf99ae6fa428d2681e81ea1 /src/libstrongswan/plugins/openssl/openssl_gcm.c | |
| parent | 518dd33c94e041db0444c7d1f33da363bb8e3faf (diff) | |
| download | vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.tar.gz vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.zip | |
Imported Upstream version 5.5.0
Diffstat (limited to 'src/libstrongswan/plugins/openssl/openssl_gcm.c')
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_gcm.c | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.c b/src/libstrongswan/plugins/openssl/openssl_gcm.c index 147e4afb4..6bbe4af95 100644 --- a/src/libstrongswan/plugins/openssl/openssl_gcm.c +++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c @@ -71,7 +71,7 @@ struct private_aead_t { static bool crypt(private_aead_t *this, chunk_t data, chunk_t assoc, chunk_t iv, u_char *out, int enc) { - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; u_char nonce[NONCE_LEN]; bool success = FALSE; int len; @@ -79,29 +79,29 @@ static bool crypt(private_aead_t *this, chunk_t data, chunk_t assoc, chunk_t iv, memcpy(nonce, this->salt, SALT_LEN); memcpy(nonce + SALT_LEN, iv.ptr, IV_LEN); - EVP_CIPHER_CTX_init(&ctx); - EVP_CIPHER_CTX_set_padding(&ctx, 0); - if (!EVP_CipherInit_ex(&ctx, this->cipher, NULL, NULL, NULL, enc) || - !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, NONCE_LEN, NULL) || - !EVP_CipherInit_ex(&ctx, NULL, NULL, this->key.ptr, nonce, enc)) + ctx = EVP_CIPHER_CTX_new(); + EVP_CIPHER_CTX_set_padding(ctx, 0); + if (!EVP_CipherInit_ex(ctx, this->cipher, NULL, NULL, NULL, enc) || + !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, NONCE_LEN, NULL) || + !EVP_CipherInit_ex(ctx, NULL, NULL, this->key.ptr, nonce, enc)) { goto done; } - if (!enc && !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, this->icv_size, + if (!enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, this->icv_size, data.ptr + data.len)) { /* set ICV for verification on decryption */ goto done; } - if (assoc.len && !EVP_CipherUpdate(&ctx, NULL, &len, assoc.ptr, assoc.len)) + if (assoc.len && !EVP_CipherUpdate(ctx, NULL, &len, assoc.ptr, assoc.len)) { /* set AAD if specified */ goto done; } - if (!EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len) || - !EVP_CipherFinal_ex(&ctx, out + len, &len)) + if (!EVP_CipherUpdate(ctx, out, &len, data.ptr, data.len) || + !EVP_CipherFinal_ex(ctx, out + len, &len)) { /* EVP_CipherFinal_ex fails if ICV is incorrect on decryption */ goto done; } - if (enc && !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, this->icv_size, + if (enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, this->icv_size, out + data.len)) { /* copy back the ICV when encrypting */ goto done; @@ -109,7 +109,7 @@ static bool crypt(private_aead_t *this, chunk_t data, chunk_t assoc, chunk_t iv, success = TRUE; done: - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return success; } @@ -152,7 +152,7 @@ METHOD(aead_t, decrypt, bool, METHOD(aead_t, get_block_size, size_t, private_aead_t *this) { - return this->cipher->block_size; + return EVP_CIPHER_block_size(this->cipher); } METHOD(aead_t, get_icv_size, size_t, |