ocb is only available in openssl 1.1 and later
This commit is contained in:
Henrik Böving
parent
963e3994a5
commit
f34e9b993d
|
|
@ -21,12 +21,6 @@ pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9;
|
||||||
pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10;
|
pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10;
|
||||||
pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11;
|
pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11;
|
||||||
|
|
||||||
// Keeping above for backwards compatability
|
|
||||||
pub const EVP_CTRL_AEAD_SET_IVLEN: c_int = EVP_CTRL_GCM_SET_IVLEN;
|
|
||||||
pub const EVP_CTRL_AEAD_GET_TAG: c_int = EVP_CTRL_GCM_GET_TAG;
|
|
||||||
pub const EVP_CTRL_AEAD_SET_TAG: c_int = EVP_CTRL_GCM_SET_TAG;
|
|
||||||
|
|
||||||
|
|
||||||
pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD {
|
pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD {
|
||||||
EVP_get_digestbyname(OBJ_nid2sn(type_))
|
EVP_get_digestbyname(OBJ_nid2sn(type_))
|
||||||
}
|
}
|
||||||
|
|
@ -281,6 +275,7 @@ extern "C" {
|
||||||
pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER;
|
pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_128_xts() -> *const EVP_CIPHER;
|
pub fn EVP_aes_128_xts() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_128_ofb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_128_ofb() -> *const EVP_CIPHER;
|
||||||
|
#[cfg(ossl110)]
|
||||||
pub fn EVP_aes_128_ocb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_128_ocb() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_192_ecb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_192_ecb() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_192_cbc() -> *const EVP_CIPHER;
|
pub fn EVP_aes_192_cbc() -> *const EVP_CIPHER;
|
||||||
|
|
@ -291,6 +286,7 @@ extern "C" {
|
||||||
pub fn EVP_aes_192_ccm() -> *const EVP_CIPHER;
|
pub fn EVP_aes_192_ccm() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_192_gcm() -> *const EVP_CIPHER;
|
pub fn EVP_aes_192_gcm() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_192_ofb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_192_ofb() -> *const EVP_CIPHER;
|
||||||
|
#[cfg(ossl110)]
|
||||||
pub fn EVP_aes_192_ocb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_192_ocb() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER;
|
pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER;
|
||||||
|
|
@ -302,6 +298,7 @@ extern "C" {
|
||||||
pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER;
|
pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_256_xts() -> *const EVP_CIPHER;
|
pub fn EVP_aes_256_xts() -> *const EVP_CIPHER;
|
||||||
pub fn EVP_aes_256_ofb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_256_ofb() -> *const EVP_CIPHER;
|
||||||
|
#[cfg(ossl110)]
|
||||||
pub fn EVP_aes_256_ocb() -> *const EVP_CIPHER;
|
pub fn EVP_aes_256_ocb() -> *const EVP_CIPHER;
|
||||||
#[cfg(ossl110)]
|
#[cfg(ossl110)]
|
||||||
pub fn EVP_chacha20() -> *const ::EVP_CIPHER;
|
pub fn EVP_chacha20() -> *const ::EVP_CIPHER;
|
||||||
|
|
|
||||||
|
|
@ -130,6 +130,8 @@ impl Cipher {
|
||||||
unsafe { Cipher(ffi::EVP_aes_128_ofb()) }
|
unsafe { Cipher(ffi::EVP_aes_128_ofb()) }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Requires OpenSSL 1.1.0 or newer.
|
||||||
|
#[cfg(any(ossl110))]
|
||||||
pub fn aes_128_ocb() -> Cipher {
|
pub fn aes_128_ocb() -> Cipher {
|
||||||
unsafe { Cipher(ffi::EVP_aes_128_ocb()) }
|
unsafe { Cipher(ffi::EVP_aes_128_ocb()) }
|
||||||
}
|
}
|
||||||
|
|
@ -170,6 +172,8 @@ impl Cipher {
|
||||||
unsafe { Cipher(ffi::EVP_aes_192_ofb()) }
|
unsafe { Cipher(ffi::EVP_aes_192_ofb()) }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Requires OpenSSL 1.1.0 or newer.
|
||||||
|
#[cfg(any(ossl110))]
|
||||||
pub fn aes_192_ocb() -> Cipher {
|
pub fn aes_192_ocb() -> Cipher {
|
||||||
unsafe { Cipher(ffi::EVP_aes_192_ocb()) }
|
unsafe { Cipher(ffi::EVP_aes_192_ocb()) }
|
||||||
}
|
}
|
||||||
|
|
@ -214,6 +218,8 @@ impl Cipher {
|
||||||
unsafe { Cipher(ffi::EVP_aes_256_ofb()) }
|
unsafe { Cipher(ffi::EVP_aes_256_ofb()) }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Requires OpenSSL 1.1.0 or newer.
|
||||||
|
#[cfg(any(ossl110))]
|
||||||
pub fn aes_256_ocb() -> Cipher {
|
pub fn aes_256_ocb() -> Cipher {
|
||||||
unsafe { Cipher(ffi::EVP_aes_256_ocb()) }
|
unsafe { Cipher(ffi::EVP_aes_256_ocb()) }
|
||||||
}
|
}
|
||||||
|
|
@ -312,11 +318,17 @@ impl Cipher {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Determines whether the cipher is using OCB mode
|
/// Determines whether the cipher is using OCB mode
|
||||||
|
#[cfg(any(ossl110))]
|
||||||
fn is_ocb(&self) -> bool {
|
fn is_ocb(&self) -> bool {
|
||||||
*self == Cipher::aes_128_ocb() ||
|
*self == Cipher::aes_128_ocb() ||
|
||||||
*self == Cipher::aes_192_ocb() ||
|
*self == Cipher::aes_192_ocb() ||
|
||||||
*self == Cipher::aes_256_ocb()
|
*self == Cipher::aes_256_ocb()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(not(any(ossl110)))]
|
||||||
|
const fn is_ocb(&self) -> bool {
|
||||||
|
false
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
unsafe impl Sync for Cipher {}
|
unsafe impl Sync for Cipher {}
|
||||||
|
|
@ -440,7 +452,7 @@ impl Crypter {
|
||||||
assert!(iv.len() <= c_int::max_value() as usize);
|
assert!(iv.len() <= c_int::max_value() as usize);
|
||||||
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
||||||
crypter.ctx,
|
crypter.ctx,
|
||||||
ffi::EVP_CTRL_AEAD_SET_IVLEN,
|
ffi::EVP_CTRL_GCM_SET_IVLEN,
|
||||||
iv.len() as c_int,
|
iv.len() as c_int,
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
))?;
|
))?;
|
||||||
|
|
@ -482,7 +494,7 @@ impl Crypter {
|
||||||
// NB: this constant is actually more general than just GCM.
|
// NB: this constant is actually more general than just GCM.
|
||||||
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
||||||
self.ctx,
|
self.ctx,
|
||||||
ffi::EVP_CTRL_AEAD_SET_TAG,
|
ffi::EVP_CTRL_GCM_SET_TAG,
|
||||||
tag.len() as c_int,
|
tag.len() as c_int,
|
||||||
tag.as_ptr() as *mut _,
|
tag.as_ptr() as *mut _,
|
||||||
))
|
))
|
||||||
|
|
@ -500,7 +512,7 @@ impl Crypter {
|
||||||
// NB: this constant is actually more general than just GCM.
|
// NB: this constant is actually more general than just GCM.
|
||||||
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
||||||
self.ctx,
|
self.ctx,
|
||||||
ffi::EVP_CTRL_AEAD_SET_TAG,
|
ffi::EVP_CTRL_GCM_SET_TAG,
|
||||||
tag_len as c_int,
|
tag_len as c_int,
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
))
|
))
|
||||||
|
|
@ -626,7 +638,7 @@ impl Crypter {
|
||||||
assert!(tag.len() <= c_int::max_value() as usize);
|
assert!(tag.len() <= c_int::max_value() as usize);
|
||||||
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
cvt(ffi::EVP_CIPHER_CTX_ctrl(
|
||||||
self.ctx,
|
self.ctx,
|
||||||
ffi::EVP_CTRL_AEAD_GET_TAG,
|
ffi::EVP_CTRL_GCM_GET_TAG,
|
||||||
tag.len() as c_int,
|
tag.len() as c_int,
|
||||||
tag.as_mut_ptr() as *mut _,
|
tag.as_mut_ptr() as *mut _,
|
||||||
))
|
))
|
||||||
|
|
@ -1413,6 +1425,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
#[cfg(any(ossl110))]
|
||||||
fn test_aes_128_ocb() {
|
fn test_aes_128_ocb() {
|
||||||
let key = "000102030405060708090a0b0c0d0e0f";
|
let key = "000102030405060708090a0b0c0d0e0f";
|
||||||
let aad = "0001020304050607";
|
let aad = "0001020304050607";
|
||||||
|
|
@ -1448,6 +1461,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
#[cfg(any(ossl110))]
|
||||||
fn test_aes_128_ocb_fail() {
|
fn test_aes_128_ocb_fail() {
|
||||||
let key = "000102030405060708090a0b0c0d0e0f";
|
let key = "000102030405060708090a0b0c0d0e0f";
|
||||||
let aad = "0001020304050607";
|
let aad = "0001020304050607";
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue