117 lines
3.2 KiB
Diff
117 lines
3.2 KiB
Diff
From d64b9c4a2f48ce7533e9f7a8f5f6e890764515ab Mon Sep 17 00:00:00 2001
|
|
From: Guus Sliepen <guus@tinc-vpn.org>
|
|
Date: Tue, 10 Aug 2021 23:08:04 +0200
|
|
Subject: [PATCH 06/10] Ensure we are compatible with LibreSSL.
|
|
|
|
---
|
|
src/sptps.c | 66 ++++++++++++++++++++++++++++++++++++++++++-----------
|
|
1 file changed, 53 insertions(+), 13 deletions(-)
|
|
|
|
diff --git a/src/sptps.c b/src/sptps.c
|
|
index 33e88ed9..7c8d20b7 100644
|
|
--- a/src/sptps.c
|
|
+++ b/src/sptps.c
|
|
@@ -107,26 +107,26 @@ static bool cipher_init(uint8_t suite, void **ctx, const uint8_t *key, bool key_
|
|
#else
|
|
|
|
case SPTPS_CHACHA_POLY1305:
|
|
- *ctx = EVP_CIPHER_CTX_new();
|
|
+#ifdef EVP_F_EVP_AEAD_CTX_INIT
|
|
+ *ctx = malloc(sizeof(EVP_AEAD_CTX));
|
|
|
|
- if(!ctx) {
|
|
- return false;
|
|
- }
|
|
+ return *ctx && EVP_AEAD_CTX_init(*ctx, EVP_aead_chacha20_poly1305(), key + (key_half ? CIPHER_KEYLEN : 0), 32, 16, NULL);
|
|
+#else
|
|
+ *ctx = EVP_CIPHER_CTX_new();
|
|
|
|
- return EVP_EncryptInit_ex(*ctx, EVP_chacha20_poly1305(), NULL, NULL, NULL)
|
|
- && EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, NULL)
|
|
+ return *ctx
|
|
+ && EVP_EncryptInit_ex(*ctx, EVP_chacha20_poly1305(), NULL, NULL, NULL)
|
|
+ && EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_GCM_SET_IVLEN, 12, NULL)
|
|
&& EVP_EncryptInit_ex(*ctx, NULL, NULL, key + (key_half ? CIPHER_KEYLEN : 0), key);
|
|
+#endif
|
|
|
|
case SPTPS_AES256_GCM:
|
|
*ctx = EVP_CIPHER_CTX_new();
|
|
|
|
- if(!ctx) {
|
|
- return false;
|
|
- }
|
|
-
|
|
- return EVP_EncryptInit_ex(*ctx, EVP_aes_256_gcm(), NULL, NULL, NULL)
|
|
- && EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, NULL)
|
|
- && EVP_EncryptInit_ex(*ctx, NULL, NULL, key + (key_half ? 64 : 0), key);
|
|
+ return *ctx
|
|
+ && EVP_EncryptInit_ex(*ctx, EVP_aes_256_gcm(), NULL, NULL, NULL)
|
|
+ && EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_GCM_SET_IVLEN, 12, NULL)
|
|
+ && EVP_EncryptInit_ex(*ctx, NULL, NULL, key + (key_half ? CIPHER_KEYLEN : 0), key);
|
|
#endif
|
|
|
|
default:
|
|
@@ -145,6 +145,12 @@ static void cipher_exit(uint8_t suite, void *ctx) {
|
|
#else
|
|
|
|
case SPTPS_CHACHA_POLY1305:
|
|
+#ifdef EVP_F_EVP_AEAD_CTX_INIT
|
|
+ EVP_AEAD_CTX_cleanup(ctx);
|
|
+ free(ctx);
|
|
+ break;
|
|
+#endif
|
|
+
|
|
case SPTPS_AES256_GCM:
|
|
EVP_CIPHER_CTX_free(ctx);
|
|
break;
|
|
@@ -176,6 +182,23 @@ static bool cipher_encrypt(uint8_t suite, void *ctx, uint32_t seqno, const uint8
|
|
#else
|
|
|
|
case SPTPS_CHACHA_POLY1305:
|
|
+#ifdef EVP_F_EVP_AEAD_CTX_INIT
|
|
+ {
|
|
+ size_t outlen1;
|
|
+
|
|
+ if(!EVP_AEAD_CTX_seal(ctx, out, &outlen1, inlen + 16, nonce, sizeof(nonce), in, inlen, NULL, 0)) {
|
|
+ return false;
|
|
+ }
|
|
+
|
|
+ if(outlen) {
|
|
+ *outlen = outlen1;
|
|
+ }
|
|
+
|
|
+ return true;
|
|
+ }
|
|
+
|
|
+#endif
|
|
+
|
|
case SPTPS_AES256_GCM: {
|
|
if(!EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, nonce)) {
|
|
return false;
|
|
@@ -239,6 +262,23 @@ static bool cipher_decrypt(uint8_t suite, void *ctx, uint32_t seqno, const uint8
|
|
#else
|
|
|
|
case SPTPS_CHACHA_POLY1305:
|
|
+#ifdef EVP_F_EVP_AEAD_CTX_INIT
|
|
+ {
|
|
+ size_t outlen1;
|
|
+
|
|
+ if(!EVP_AEAD_CTX_open(ctx, out, &outlen1, inlen, nonce, sizeof(nonce), in, inlen + 16, NULL, 0)) {
|
|
+ return false;
|
|
+ }
|
|
+
|
|
+ if(outlen) {
|
|
+ *outlen = outlen1;
|
|
+ }
|
|
+
|
|
+ return true;
|
|
+ }
|
|
+
|
|
+#endif
|
|
+
|
|
case SPTPS_AES256_GCM: {
|
|
if(!EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, nonce)) {
|
|
return false;
|
|
--
|
|
2.36.0
|
|
|