/*
- * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2013-2019 Tobias Brunner
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
#if OPENSSL_VERSION_NUMBER >= 0x1000100fL
-#include "openssl_gcm.h"
+#include "openssl_aead.h"
#include <openssl/evp.h>
#include <crypto/iv/iv_gen_seq.h>
+/* the generic AEAD identifiers were added with 1.1.0 */
+#ifndef EVP_CTRL_AEAD_SET_IVLEN
+#define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
+#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
+#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG
+#endif
+
/** as defined in RFC 4106 */
#define IV_LEN 8
#define SALT_LEN 4
ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_set_padding(ctx, 0);
if (!EVP_CipherInit_ex(ctx, this->cipher, NULL, NULL, NULL, enc) ||
- !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, NONCE_LEN, NULL) ||
+ !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, NONCE_LEN, NULL) ||
!EVP_CipherInit_ex(ctx, NULL, NULL, this->key.ptr, nonce, enc))
{
goto done;
}
- if (!enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, this->icv_size,
+ if (!enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, this->icv_size,
data.ptr + data.len))
{ /* set ICV for verification on decryption */
goto done;
{ /* EVP_CipherFinal_ex fails if ICV is incorrect on decryption */
goto done;
}
- if (enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, this->icv_size,
+ if (enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, this->icv_size,
out + data.len))
{ /* copy back the ICV when encrypting */
goto done;
/*
* Described in header
*/
-aead_t *openssl_gcm_create(encryption_algorithm_t algo,
- size_t key_size, size_t salt_size)
+aead_t *openssl_aead_create(encryption_algorithm_t algo,
+ size_t key_size, size_t salt_size)
{
private_aead_t *this;
/*
- * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2013-2019 Tobias Brunner
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
*/
/**
- * Implements the aead_t interface using OpenSSL in GCM mode.
+ * Implements the aead_t interface using OpenSSL.
*
- * @defgroup openssl_gcm openssl_gcm
+ * @defgroup openssl_aead openssl_aead
* @{ @ingroup openssl_p
*/
-#ifndef OPENSSL_GCM_H_
-#define OPENSSL_GCM_H_
+#ifndef OPENSSL_AEAD_H_
+#define OPENSSL_AEAD_H_
#include <crypto/aead.h>
* @param salt_size size of implicit salt length
* @return aead_t object, NULL if not supported
*/
-aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size,
+aead_t *openssl_aead_create(encryption_algorithm_t algo, size_t key_size,
size_t salt_size);
-#endif /** OPENSSL_GCM_H_ @}*/
+#endif /** OPENSSL_AEAD_H_ @}*/
#include "openssl_pkcs12.h"
#include "openssl_rng.h"
#include "openssl_hmac.h"
-#include "openssl_gcm.h"
+#include "openssl_aead.h"
#include "openssl_x_diffie_hellman.h"
#include "openssl_ed_public_key.h"
#include "openssl_ed_private_key.h"
#if OPENSSL_VERSION_NUMBER >= 0x1000100fL
#ifndef OPENSSL_NO_AES
/* AES GCM */
- PLUGIN_REGISTER(AEAD, openssl_gcm_create),
+ PLUGIN_REGISTER(AEAD, openssl_aead_create),
PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 16),
PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 24),
PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 32),
projects / thirdparty / strongswan.git / commitdiff
