From: Daiki Ueno Date: Thu, 26 Feb 2026 03:14:47 +0000 (+0900) Subject: nettle: support Nettle 4 cipher interface X-Git-Tag: 3.8.13~26^2~4 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4ff9daaebe42dc873db2404d4657ed293f740bc3;p=thirdparty%2Fgnutls.git nettle: support Nettle 4 cipher interface Signed-off-by: Daiki Ueno --- diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c index 1900794a26..575c90d749 100644 --- a/lib/nettle/cipher.c +++ b/lib/nettle/cipher.c @@ -67,6 +67,7 @@ #else #include "backport/siv-gcm.h" #endif +#include #include "fips.h" #include @@ -1370,7 +1371,7 @@ static int wrap_nettle_cipher_setiv(void *_ctx, const void *iv, size_t iv_size) break; case GNUTLS_CIPHER_SALSA20_256: case GNUTLS_CIPHER_ESTREAM_SALSA20_256: - if (iv_size != SALSA20_IV_SIZE) + if (iv_size != SALSA20_NONCE_SIZE) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); break; default: @@ -1477,8 +1478,12 @@ static int wrap_nettle_cipher_aead_encrypt(void *_ctx, const void *nonce, ctx->cipher->encrypt(ctx, plain_size, encr, plain); +#if NETTLE_VERSION_MAJOR >= 4 + ctx->cipher->tag(ctx->ctx_ptr, ((uint8_t *)encr) + plain_size); +#else ctx->cipher->tag(ctx->ctx_ptr, tag_size, ((uint8_t *)encr) + plain_size); +#endif } else { /* CCM-style cipher */ @@ -1557,7 +1562,11 @@ static int wrap_nettle_cipher_aead_decrypt(void *_ctx, const void *nonce, ctx->cipher->decrypt(ctx, encr_size, plain, encr); +#if NETTLE_VERSION_MAJOR >= 4 + ctx->cipher->tag(ctx->ctx_ptr, tag); +#else ctx->cipher->tag(ctx->ctx_ptr, tag_size, tag); +#endif if (gnutls_memcmp(((uint8_t *)encr) + encr_size, tag, tag_size) != 0) @@ -1626,7 +1635,11 @@ static void wrap_nettle_cipher_tag(void *_ctx, void *tag, size_t tag_size) { struct nettle_cipher_ctx *ctx = _ctx; +#if NETTLE_VERSION_MAJOR >= 4 + ctx->cipher->tag(ctx->ctx_ptr, tag); +#else ctx->cipher->tag(ctx->ctx_ptr, tag_size, tag); +#endif } static void wrap_nettle_cipher_close(void *_ctx)