Loading crypto/evp/e_aes.c +9 −9 Original line number Diff line number Diff line Loading @@ -1271,7 +1271,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->tls_aad_len = -1; return 1; case EVP_CTRL_GCM_SET_IVLEN: case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; /* Allocate memory for IV if needed */ Loading @@ -1285,14 +1285,14 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->ivlen = arg; return 1; case EVP_CTRL_GCM_SET_TAG: case EVP_CTRL_AEAD_SET_TAG: if (arg <= 0 || arg > 16 || c->encrypt) return 0; memcpy(c->buf, ptr, arg); gctx->taglen = arg; return 1; case EVP_CTRL_GCM_GET_TAG: case EVP_CTRL_AEAD_GET_TAG: if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) return 0; memcpy(ptr, c->buf, arg); Loading Loading @@ -1870,7 +1870,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->len_set = 0; return 1; case EVP_CTRL_CCM_SET_IVLEN: case EVP_CTRL_AEAD_SET_IVLEN: arg = 15 - arg; case EVP_CTRL_CCM_SET_L: if (arg < 2 || arg > 8) Loading @@ -1878,7 +1878,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->L = arg; return 1; case EVP_CTRL_CCM_SET_TAG: case EVP_CTRL_AEAD_SET_TAG: if ((arg & 1) || arg < 4 || arg > 16) return 0; if ((c->encrypt && ptr) || (!c->encrypt && !ptr)) Loading @@ -1890,7 +1890,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->M = arg; return 1; case EVP_CTRL_CCM_GET_TAG: case EVP_CTRL_AEAD_GET_TAG: if (!c->encrypt || !cctx->tag_set) return 0; if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg)) Loading Loading @@ -2217,7 +2217,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) octx->aad_buf_len = 0; return 1; case EVP_CTRL_SET_IVLEN: case EVP_CTRL_AEAD_SET_IVLEN: /* IV len must be 1 to 15 */ if (arg <= 0 || arg > 15) return 0; Loading @@ -2225,7 +2225,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) octx->ivlen = arg; return 1; case EVP_CTRL_SET_TAG: case EVP_CTRL_AEAD_SET_TAG: if (!ptr) { /* Tag len must be 0 to 16 */ if (arg < 0 || arg > 16) Loading @@ -2239,7 +2239,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) memcpy(octx->tag, ptr, arg); return 1; case EVP_CTRL_GET_TAG: case EVP_CTRL_AEAD_GET_TAG: if (arg != octx->taglen || !c->encrypt) return 0; Loading crypto/evp/evp.h +9 −10 Original line number Diff line number Diff line Loading @@ -397,14 +397,17 @@ struct evp_cipher_st { # define EVP_CTRL_RAND_KEY 0x6 # define EVP_CTRL_PBE_PRF_NID 0x7 # define EVP_CTRL_COPY 0x8 # define EVP_CTRL_GCM_SET_IVLEN 0x9 # define EVP_CTRL_GCM_GET_TAG 0x10 # define EVP_CTRL_GCM_SET_TAG 0x11 # define EVP_CTRL_AEAD_SET_IVLEN 0x9 # define EVP_CTRL_AEAD_GET_TAG 0x10 # define EVP_CTRL_AEAD_SET_TAG 0x11 # define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN # define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG # define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG # define EVP_CTRL_GCM_SET_IV_FIXED 0x12 # define EVP_CTRL_GCM_IV_GEN 0x13 # define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN # define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG # define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG # define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN # define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG # define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG # define EVP_CTRL_CCM_SET_L 0x14 # define EVP_CTRL_CCM_SET_MSGLEN 0x15 /* Loading @@ -430,10 +433,6 @@ typedef struct { unsigned int interleave; } EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM; # define EVP_CTRL_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN # define EVP_CTRL_GET_TAG EVP_CTRL_GCM_GET_TAG # define EVP_CTRL_SET_TAG EVP_CTRL_GCM_SET_TAG /* GCM TLS constants */ /* Length of fixed part of IV derived from PRF */ # define EVP_GCM_TLS_FIXED_IV_LEN 4 Loading crypto/evp/evp_test.c +11 −10 Original line number Diff line number Diff line Loading @@ -179,13 +179,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if ((mode == EVP_CIPH_OCB_MODE) && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, NULL)) { !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tn, NULL)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(15); Loading @@ -206,12 +206,12 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, tn, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, NULL)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); Loading Loading @@ -273,7 +273,7 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, || (mode == EVP_CIPH_CCM_MODE)) { unsigned char rtag[16]; if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_TAG, tn, rtag)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tn, rtag)) { fprintf(stderr, "Get tag failed\n"); ERR_print_errors_fp(stderr); test1_exit(14); Loading @@ -294,13 +294,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if ((mode == EVP_CIPH_OCB_MODE) && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, NULL)) { !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tn, NULL)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(15); Loading @@ -310,7 +310,8 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(12); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, (void *)tag)) { if (!EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_AEAD_SET_TAG, tn, (void *)tag)) { fprintf(stderr, "Set tag failed\n"); ERR_print_errors_fp(stderr); test1_exit(14); Loading @@ -326,13 +327,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if (!EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_CCM_SET_TAG, tn, (void *)tag)) { (ctx, EVP_CTRL_AEAD_SET_TAG, tn, (void *)tag)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); Loading demos/evp/aesccm.c +7 −5 Original line number Diff line number Diff line Loading @@ -50,9 +50,10 @@ void aes_ccm_encrypt(void) /* Set cipher type and mode */ EVP_EncryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL); /* Set nonce length if default 96 bits is not appropriate */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(ccm_nonce), NULL); /* Set tag length */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, sizeof(ccm_tag), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(ccm_tag), NULL); /* Initialise key and IV */ EVP_EncryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce); /* Set plaintext length: only needed if AAD is used */ Loading @@ -67,7 +68,7 @@ void aes_ccm_encrypt(void) /* Finalise: note get no output for CCM */ EVP_EncryptFinal_ex(ctx, outbuf, &outlen); /* Get tag */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, outbuf); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outbuf); /* Output tag */ printf("Tag:\n"); BIO_dump_fp(stdout, outbuf, 16); Loading @@ -86,9 +87,10 @@ void aes_ccm_decrypt(void) /* Select cipher */ EVP_DecryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL); /* Set nonce length, omit for 96 bits */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(ccm_nonce), NULL); /* Set expected tag value */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(ccm_tag), (void *)ccm_tag); /* Specify key and IV */ EVP_DecryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce); Loading demos/evp/aesgcm.c +9 −6 Original line number Diff line number Diff line Loading @@ -50,7 +50,7 @@ void aes_gcm_encrypt(void) /* Set cipher type and mode */ EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL); /* Set IV length if default 96 bits is not appropriate */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL); /* Initialise key and IV */ EVP_EncryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv); /* Zero or more calls to specify any AAD */ Loading @@ -63,7 +63,7 @@ void aes_gcm_encrypt(void) /* Finalise: note get no output for GCM */ EVP_EncryptFinal_ex(ctx, outbuf, &outlen); /* Get tag */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, outbuf); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outbuf); /* Output tag */ printf("Tag:\n"); BIO_dump_fp(stdout, outbuf, 16); Loading @@ -82,7 +82,7 @@ void aes_gcm_decrypt(void) /* Select cipher */ EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL); /* Set IV length, omit for 96 bits */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL); /* Specify key and IV */ EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv); #if 0 Loading @@ -90,7 +90,7 @@ void aes_gcm_decrypt(void) * Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier * required the tag before any AAD or ciphertext */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag); #endif /* Zero or more calls to specify any AAD */ EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad)); Loading @@ -99,8 +99,11 @@ void aes_gcm_decrypt(void) /* Output decrypted block */ printf("Plaintext:\n"); BIO_dump_fp(stdout, outbuf, outlen); /* Set expected tag value. Works in OpenSSL 1.0.1d and later */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag); /* * Set expected tag value. Works in OpenSSL 1.0.1d and later * In versions prior to OpenSSL 1.1.0 you should use EVP_CTRL_GCM_SET_TAG */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag); /* Finalise: note get no output for GCM */ rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen); /* Loading Loading
crypto/evp/e_aes.c +9 −9 Original line number Diff line number Diff line Loading @@ -1271,7 +1271,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->tls_aad_len = -1; return 1; case EVP_CTRL_GCM_SET_IVLEN: case EVP_CTRL_AEAD_SET_IVLEN: if (arg <= 0) return 0; /* Allocate memory for IV if needed */ Loading @@ -1285,14 +1285,14 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) gctx->ivlen = arg; return 1; case EVP_CTRL_GCM_SET_TAG: case EVP_CTRL_AEAD_SET_TAG: if (arg <= 0 || arg > 16 || c->encrypt) return 0; memcpy(c->buf, ptr, arg); gctx->taglen = arg; return 1; case EVP_CTRL_GCM_GET_TAG: case EVP_CTRL_AEAD_GET_TAG: if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) return 0; memcpy(ptr, c->buf, arg); Loading Loading @@ -1870,7 +1870,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->len_set = 0; return 1; case EVP_CTRL_CCM_SET_IVLEN: case EVP_CTRL_AEAD_SET_IVLEN: arg = 15 - arg; case EVP_CTRL_CCM_SET_L: if (arg < 2 || arg > 8) Loading @@ -1878,7 +1878,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->L = arg; return 1; case EVP_CTRL_CCM_SET_TAG: case EVP_CTRL_AEAD_SET_TAG: if ((arg & 1) || arg < 4 || arg > 16) return 0; if ((c->encrypt && ptr) || (!c->encrypt && !ptr)) Loading @@ -1890,7 +1890,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->M = arg; return 1; case EVP_CTRL_CCM_GET_TAG: case EVP_CTRL_AEAD_GET_TAG: if (!c->encrypt || !cctx->tag_set) return 0; if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg)) Loading Loading @@ -2217,7 +2217,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) octx->aad_buf_len = 0; return 1; case EVP_CTRL_SET_IVLEN: case EVP_CTRL_AEAD_SET_IVLEN: /* IV len must be 1 to 15 */ if (arg <= 0 || arg > 15) return 0; Loading @@ -2225,7 +2225,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) octx->ivlen = arg; return 1; case EVP_CTRL_SET_TAG: case EVP_CTRL_AEAD_SET_TAG: if (!ptr) { /* Tag len must be 0 to 16 */ if (arg < 0 || arg > 16) Loading @@ -2239,7 +2239,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) memcpy(octx->tag, ptr, arg); return 1; case EVP_CTRL_GET_TAG: case EVP_CTRL_AEAD_GET_TAG: if (arg != octx->taglen || !c->encrypt) return 0; Loading
crypto/evp/evp.h +9 −10 Original line number Diff line number Diff line Loading @@ -397,14 +397,17 @@ struct evp_cipher_st { # define EVP_CTRL_RAND_KEY 0x6 # define EVP_CTRL_PBE_PRF_NID 0x7 # define EVP_CTRL_COPY 0x8 # define EVP_CTRL_GCM_SET_IVLEN 0x9 # define EVP_CTRL_GCM_GET_TAG 0x10 # define EVP_CTRL_GCM_SET_TAG 0x11 # define EVP_CTRL_AEAD_SET_IVLEN 0x9 # define EVP_CTRL_AEAD_GET_TAG 0x10 # define EVP_CTRL_AEAD_SET_TAG 0x11 # define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN # define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG # define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG # define EVP_CTRL_GCM_SET_IV_FIXED 0x12 # define EVP_CTRL_GCM_IV_GEN 0x13 # define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN # define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG # define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG # define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN # define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG # define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG # define EVP_CTRL_CCM_SET_L 0x14 # define EVP_CTRL_CCM_SET_MSGLEN 0x15 /* Loading @@ -430,10 +433,6 @@ typedef struct { unsigned int interleave; } EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM; # define EVP_CTRL_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN # define EVP_CTRL_GET_TAG EVP_CTRL_GCM_GET_TAG # define EVP_CTRL_SET_TAG EVP_CTRL_GCM_SET_TAG /* GCM TLS constants */ /* Length of fixed part of IV derived from PRF */ # define EVP_GCM_TLS_FIXED_IV_LEN 4 Loading
crypto/evp/evp_test.c +11 −10 Original line number Diff line number Diff line Loading @@ -179,13 +179,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if ((mode == EVP_CIPH_OCB_MODE) && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, NULL)) { !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tn, NULL)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(15); Loading @@ -206,12 +206,12 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, tn, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, NULL)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); Loading Loading @@ -273,7 +273,7 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, || (mode == EVP_CIPH_CCM_MODE)) { unsigned char rtag[16]; if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_TAG, tn, rtag)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tn, rtag)) { fprintf(stderr, "Get tag failed\n"); ERR_print_errors_fp(stderr); test1_exit(14); Loading @@ -294,13 +294,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if ((mode == EVP_CIPH_OCB_MODE) && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, NULL)) { !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tn, NULL)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(15); Loading @@ -310,7 +310,8 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(12); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, (void *)tag)) { if (!EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_AEAD_SET_TAG, tn, (void *)tag)) { fprintf(stderr, "Set tag failed\n"); ERR_print_errors_fp(stderr); test1_exit(14); Loading @@ -326,13 +327,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn, ERR_print_errors_fp(stderr); test1_exit(10); } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) { fprintf(stderr, "IV length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); } if (!EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_CCM_SET_TAG, tn, (void *)tag)) { (ctx, EVP_CTRL_AEAD_SET_TAG, tn, (void *)tag)) { fprintf(stderr, "Tag length set failed\n"); ERR_print_errors_fp(stderr); test1_exit(11); Loading
demos/evp/aesccm.c +7 −5 Original line number Diff line number Diff line Loading @@ -50,9 +50,10 @@ void aes_ccm_encrypt(void) /* Set cipher type and mode */ EVP_EncryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL); /* Set nonce length if default 96 bits is not appropriate */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(ccm_nonce), NULL); /* Set tag length */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, sizeof(ccm_tag), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(ccm_tag), NULL); /* Initialise key and IV */ EVP_EncryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce); /* Set plaintext length: only needed if AAD is used */ Loading @@ -67,7 +68,7 @@ void aes_ccm_encrypt(void) /* Finalise: note get no output for CCM */ EVP_EncryptFinal_ex(ctx, outbuf, &outlen); /* Get tag */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, outbuf); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outbuf); /* Output tag */ printf("Tag:\n"); BIO_dump_fp(stdout, outbuf, 16); Loading @@ -86,9 +87,10 @@ void aes_ccm_decrypt(void) /* Select cipher */ EVP_DecryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL); /* Set nonce length, omit for 96 bits */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(ccm_nonce), NULL); /* Set expected tag value */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(ccm_tag), (void *)ccm_tag); /* Specify key and IV */ EVP_DecryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce); Loading
demos/evp/aesgcm.c +9 −6 Original line number Diff line number Diff line Loading @@ -50,7 +50,7 @@ void aes_gcm_encrypt(void) /* Set cipher type and mode */ EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL); /* Set IV length if default 96 bits is not appropriate */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL); /* Initialise key and IV */ EVP_EncryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv); /* Zero or more calls to specify any AAD */ Loading @@ -63,7 +63,7 @@ void aes_gcm_encrypt(void) /* Finalise: note get no output for GCM */ EVP_EncryptFinal_ex(ctx, outbuf, &outlen); /* Get tag */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, outbuf); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outbuf); /* Output tag */ printf("Tag:\n"); BIO_dump_fp(stdout, outbuf, 16); Loading @@ -82,7 +82,7 @@ void aes_gcm_decrypt(void) /* Select cipher */ EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL); /* Set IV length, omit for 96 bits */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL); /* Specify key and IV */ EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv); #if 0 Loading @@ -90,7 +90,7 @@ void aes_gcm_decrypt(void) * Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier * required the tag before any AAD or ciphertext */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag); #endif /* Zero or more calls to specify any AAD */ EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad)); Loading @@ -99,8 +99,11 @@ void aes_gcm_decrypt(void) /* Output decrypted block */ printf("Plaintext:\n"); BIO_dump_fp(stdout, outbuf, outlen); /* Set expected tag value. Works in OpenSSL 1.0.1d and later */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag); /* * Set expected tag value. Works in OpenSSL 1.0.1d and later * In versions prior to OpenSSL 1.1.0 you should use EVP_CTRL_GCM_SET_TAG */ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag); /* Finalise: note get no output for GCM */ rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen); /* Loading
Tim Hudson <tjh@openssl.org>Tim Hudson <tjh@openssl.org>