]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 547aa74)
lib-dcrypt: Support ChaCha20-Poly1305 with OpenSSL3
authorAki Tuomi <aki.tuomi@open-xchange.com>
Tue, 13 Feb 2024 07:58:04 +0000 (09:58 +0200)
committerAki Tuomi <aki.tuomi@open-xchange.com>
Mon, 19 Feb 2024 08:45:54 +0000 (10:45 +0200)
src/lib-dcrypt/dcrypt-openssl3.c patch | blob | blame | history

diff --git a/src/lib-dcrypt/dcrypt-openssl3.c b/src/lib-dcrypt/dcrypt-openssl3.c
index 976a36c52017aa1f90ef35c2f5754cce21effef9..b497ebb824e0b576b411f62142a762ec220aad7d 100644 (file)
--- a/src/lib-dcrypt/dcrypt-openssl3.c
+++ b/src/lib-dcrypt/dcrypt-openssl3.c
@@ -101,6 +101,11 @@
 #define IS_ED_CURVE(nid) \
        ((nid) == NID_ED25519 || (nid) == NID_ED448)
 
+#if !defined(OBJ_chacha20_poly1305) && defined(LN_chacha20_poly1305)
+#  define OBJ_CHACHA20_POLY1305_MISSING
+static ASN1_OBJECT *CHACHA20_POLY1305_OBJ = NULL;
+#endif
+
 struct dcrypt_context_symmetric {
        pool_t pool;
        const EVP_CIPHER *cipher;
@@ -3415,7 +3420,14 @@ dcrypt_openssl_oid2name(const unsigned char *oid, size_t oid_len,
                dcrypt_openssl_error(error_r);
                return NULL;
        }
+#ifdef OBJ_CHACHA20_POLY1305_MISSING
+       if (OBJ_cmp(obj, CHACHA20_POLY1305_OBJ) == 0)
+               name = LN_chacha20_poly1305;
+       else
+               name = OBJ_nid2sn(OBJ_obj2nid(obj));
+#else
        name = OBJ_nid2sn(OBJ_obj2nid(obj));
+#endif
        ASN1_OBJECT_free(obj);
        return name;
 }
@@ -3429,6 +3441,12 @@ dcrypt_openssl_name2oid(const char *name, buffer_t *oid, const char **error_r)
                return dcrypt_openssl_error(error_r);
 
        size_t len = OBJ_length(obj);
+#ifdef OBJ_CHACHA20_POLY1305_MISSING
+       if (len == 0 && strcasecmp(name, LN_chacha20_poly1305) == 0) {
+               ASN1_OBJECT_free(obj);
+               obj = OBJ_dup(CHACHA20_POLY1305_OBJ);
+       } else
+#endif
        if (len == 0) {
                *error_r = "Object has no OID assigned";
                return FALSE;
@@ -4138,11 +4156,17 @@ void dcrypt_openssl_init(struct module *module ATTR_UNUSED)
 {
        dovecot_openssl_common_global_ref();
        dcrypt_set_vfs(&dcrypt_openssl_vfs);
+#ifdef OBJ_CHACHA20_POLY1305_MISSING
+       CHACHA20_POLY1305_OBJ = OBJ_txt2obj("1.2.840.113549.1.9.16.3.18", 1);
+#endif
 }
 
 void dcrypt_openssl_deinit(void)
 {
        dovecot_openssl_common_global_unref();
+#ifdef OBJ_CHACHA20_POLY1305_MISSING
+       ASN1_OBJECT_free(CHACHA20_POLY1305_OBJ);
+#endif
 }
 
 #endif
Mirror of https://github.com/dovecot/core.git