min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ocb is only available in openssl 1.1 and later

This commit is contained in:
Henrik Böving 2020-05-09 01:02:34 +02:00
parent 963e3994a5
commit f34e9b993d
2 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openssl-sys/src/evp.rs
View File

@ -21,12 +21,6 @@ pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9;
pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10;
pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11;
// Keeping above for backwards compatability
pub const EVP_CTRL_AEAD_SET_IVLEN: c_int = EVP_CTRL_GCM_SET_IVLEN;
pub const EVP_CTRL_AEAD_GET_TAG: c_int = EVP_CTRL_GCM_GET_TAG;
pub const EVP_CTRL_AEAD_SET_TAG: c_int = EVP_CTRL_GCM_SET_TAG;
pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD {
EVP_get_digestbyname(OBJ_nid2sn(type_))
}
@ -281,6 +275,7 @@ extern "C" {
pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER;
pub fn EVP_aes_128_xts() -> *const EVP_CIPHER;
pub fn EVP_aes_128_ofb() -> *const EVP_CIPHER;
#[cfg(ossl110)]
pub fn EVP_aes_128_ocb() -> *const EVP_CIPHER;
pub fn EVP_aes_192_ecb() -> *const EVP_CIPHER;
pub fn EVP_aes_192_cbc() -> *const EVP_CIPHER;
@ -291,6 +286,7 @@ extern "C" {
pub fn EVP_aes_192_ccm() -> *const EVP_CIPHER;
pub fn EVP_aes_192_gcm() -> *const EVP_CIPHER;
pub fn EVP_aes_192_ofb() -> *const EVP_CIPHER;
#[cfg(ossl110)]
pub fn EVP_aes_192_ocb() -> *const EVP_CIPHER;
pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER;
pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER;
@ -302,6 +298,7 @@ extern "C" {
pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER;
pub fn EVP_aes_256_xts() -> *const EVP_CIPHER;
pub fn EVP_aes_256_ofb() -> *const EVP_CIPHER;
#[cfg(ossl110)]
pub fn EVP_aes_256_ocb() -> *const EVP_CIPHER;
#[cfg(ossl110)]
pub fn EVP_chacha20() -> *const ::EVP_CIPHER;

22
openssl/src/symm.rs
View File

@ -130,6 +130,8 @@ impl Cipher {
unsafe { Cipher(ffi::EVP_aes_128_ofb()) }
}
/// Requires OpenSSL 1.1.0 or newer.
#[cfg(any(ossl110))]
pub fn aes_128_ocb() -> Cipher {
unsafe { Cipher(ffi::EVP_aes_128_ocb()) }
}
@ -170,6 +172,8 @@ impl Cipher {
unsafe { Cipher(ffi::EVP_aes_192_ofb()) }
}
/// Requires OpenSSL 1.1.0 or newer.
#[cfg(any(ossl110))]
pub fn aes_192_ocb() -> Cipher {
unsafe { Cipher(ffi::EVP_aes_192_ocb()) }
}
@ -214,6 +218,8 @@ impl Cipher {
unsafe { Cipher(ffi::EVP_aes_256_ofb()) }
}
/// Requires OpenSSL 1.1.0 or newer.
#[cfg(any(ossl110))]
pub fn aes_256_ocb() -> Cipher {
unsafe { Cipher(ffi::EVP_aes_256_ocb()) }
}
@ -312,11 +318,17 @@ impl Cipher {
}
/// Determines whether the cipher is using OCB mode
#[cfg(any(ossl110))]
fn is_ocb(&self) -> bool {
*self == Cipher::aes_128_ocb() ||
*self == Cipher::aes_192_ocb() ||
*self == Cipher::aes_256_ocb()
}
#[cfg(not(any(ossl110)))]
const fn is_ocb(&self) -> bool {
false
}
}
unsafe impl Sync for Cipher {}
@ -440,7 +452,7 @@ impl Crypter {
assert!(iv.len() <= c_int::max_value() as usize);
cvt(ffi::EVP_CIPHER_CTX_ctrl(
crypter.ctx,
ffi::EVP_CTRL_AEAD_SET_IVLEN,
ffi::EVP_CTRL_GCM_SET_IVLEN,
iv.len() as c_int,
ptr::null_mut(),
))?;
@ -482,7 +494,7 @@ impl Crypter {
// NB: this constant is actually more general than just GCM.
cvt(ffi::EVP_CIPHER_CTX_ctrl(
self.ctx,
ffi::EVP_CTRL_AEAD_SET_TAG,
ffi::EVP_CTRL_GCM_SET_TAG,
tag.len() as c_int,
tag.as_ptr() as *mut _,
))
@ -500,7 +512,7 @@ impl Crypter {
// NB: this constant is actually more general than just GCM.
cvt(ffi::EVP_CIPHER_CTX_ctrl(
self.ctx,
ffi::EVP_CTRL_AEAD_SET_TAG,
ffi::EVP_CTRL_GCM_SET_TAG,
tag_len as c_int,
ptr::null_mut(),
))
@ -626,7 +638,7 @@ impl Crypter {
assert!(tag.len() <= c_int::max_value() as usize);
cvt(ffi::EVP_CIPHER_CTX_ctrl(
self.ctx,
ffi::EVP_CTRL_AEAD_GET_TAG,
ffi::EVP_CTRL_GCM_GET_TAG,
tag.len() as c_int,
tag.as_mut_ptr() as *mut _,
))
@ -1413,6 +1425,7 @@ mod tests {
}
#[test]
#[cfg(any(ossl110))]
fn test_aes_128_ocb() {
let key = "000102030405060708090a0b0c0d0e0f";
let aad = "0001020304050607";
@ -1448,6 +1461,7 @@ mod tests {
}
#[test]
#[cfg(any(ossl110))]
fn test_aes_128_ocb_fail() {
let key = "000102030405060708090a0b0c0d0e0f";
let aad = "0001020304050607";