|
|
@ -178,9 +178,14 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx, |
|
|
case AES192GCM: |
|
|
case AES192GCM: |
|
|
case AES128GCM: |
|
|
case AES128GCM: |
|
|
|
|
|
|
|
|
|
|
|
#if MBEDTLS_VERSION_NUMBER < 0x03000000 |
|
|
err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen, |
|
|
err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen, |
|
|
m, mlen, c, clen, c + mlen, tlen); |
|
|
m, mlen, c, clen, c + mlen, tlen); |
|
|
*clen += tlen; |
|
|
*clen += tlen; |
|
|
|
|
|
#else |
|
|
|
|
|
err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, |
|
|
|
|
|
m, mlen, c, mlen + tlen, clen, tlen); |
|
|
|
|
|
#endif |
|
|
break; |
|
|
break; |
|
|
case CHACHA20POLY1305IETF: |
|
|
case CHACHA20POLY1305IETF: |
|
|
err = crypto_aead_chacha20poly1305_ietf_encrypt(c, &long_clen, m, mlen, |
|
|
err = crypto_aead_chacha20poly1305_ietf_encrypt(c, &long_clen, m, mlen, |
|
|
@ -226,8 +231,13 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx, |
|
|
// Otherwise, just use the mbedTLS one with crappy AES-NI. |
|
|
// Otherwise, just use the mbedTLS one with crappy AES-NI. |
|
|
case AES192GCM: |
|
|
case AES192GCM: |
|
|
case AES128GCM: |
|
|
case AES128GCM: |
|
|
|
|
|
#if MBEDTLS_VERSION_NUMBER < 0x03000000 |
|
|
err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen, |
|
|
err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen, |
|
|
m, mlen - tlen, p, plen, m + mlen - tlen, tlen); |
|
|
m, mlen - tlen, p, plen, m + mlen - tlen, tlen); |
|
|
|
|
|
#else |
|
|
|
|
|
err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, |
|
|
|
|
|
m, mlen, p, mlen - tlen, plen, tlen); |
|
|
|
|
|
#endif |
|
|
break; |
|
|
break; |
|
|
case CHACHA20POLY1305IETF: |
|
|
case CHACHA20POLY1305IETF: |
|
|
err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen, |
|
|
err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen, |
|
|
@ -724,9 +734,26 @@ aead_key_init(int method, const char *pass, const char *key) |
|
|
if (method >= CHACHA20POLY1305IETF) { |
|
|
if (method >= CHACHA20POLY1305IETF) { |
|
|
cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); |
|
|
cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); |
|
|
cipher->info = cipher_info; |
|
|
cipher->info = cipher_info; |
|
|
|
|
|
#if MBEDTLS_VERSION_NUMBER < 0x03000000 |
|
|
cipher->info->base = NULL; |
|
|
cipher->info->base = NULL; |
|
|
cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8; |
|
|
cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8; |
|
|
cipher->info->iv_size = supported_aead_ciphers_nonce_size[method]; |
|
|
cipher->info->iv_size = supported_aead_ciphers_nonce_size[method]; |
|
|
|
|
|
#else |
|
|
|
|
|
cipher->info->private_base_idx = 0; |
|
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_BITLEN_SHIFT |
|
|
|
|
|
cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8 >> MBEDTLS_KEY_BITLEN_SHIFT; |
|
|
|
|
|
#else |
|
|
|
|
|
cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8; |
|
|
|
|
|
#endif |
|
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_IV_SIZE_SHIFT |
|
|
|
|
|
cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method] >> MBEDTLS_IV_SIZE_SHIFT; |
|
|
|
|
|
#else |
|
|
|
|
|
cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method]; |
|
|
|
|
|
#endif |
|
|
|
|
|
|
|
|
|
|
|
#endif |
|
|
} else { |
|
|
} else { |
|
|
cipher->info = (cipher_kt_t *)aead_get_cipher_type(method); |
|
|
cipher->info = (cipher_kt_t *)aead_get_cipher_type(method); |
|
|
} |
|
|
} |
|
|
|
Lu jicong
4 months ago