mirror of
https://github.com/openssl/openssl.git
synced 2025-01-24 13:55:42 +08:00
90409da6a5
Fixes #12405 Fixes #12377 Calling Init()/Update() and then Init()/Update() again gave a different result when using the same key and iv. Cipher modes that were using ctx->num were not resetting this value, this includes OFB, CFB & CTR. The fix is to reset this value during the ciphers einit() and dinit() methods. Most ciphers go thru a generic method so one line fixes most cases. Add test for calling EVP_EncryptInit()/EVP_EncryptUpdate() multiple times for all ciphers. Ciphers should return the same value for both updates. DES3-WRAP does not since it uses a random in the update. CCM modes currently also fail on the second update (This also happens in 1_1_1). Fix memory leak in AES_OCB cipher if EVP_EncryptInit is called multiple times. Fix AES_SIV cipher dup_ctx and init. Calling EVP_CIPHER_init multiple times resulted in a memory leak in the siv. Fixing this leak also showed that the dup ctx was not working for siv mode. Note: aes_siv_cleanup() can not be used by aes_siv_dupctx() as it clears data that is required for the decrypt (e.g the tag). Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12413)
37 lines
1.6 KiB
C
37 lines
1.6 KiB
C
/*
|
|
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#ifndef OPENSSL_NO_SIV
|
|
|
|
typedef struct siv128_context SIV128_CONTEXT;
|
|
|
|
SIV128_CONTEXT *CRYPTO_siv128_new(const unsigned char *key, int klen,
|
|
EVP_CIPHER *cbc, EVP_CIPHER *ctr,
|
|
OPENSSL_CTX *libctx, const char *propq);
|
|
int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
|
|
const EVP_CIPHER *cbc, const EVP_CIPHER *ctr,
|
|
OPENSSL_CTX *libctx, const char *propq);
|
|
int CRYPTO_siv128_copy_ctx(SIV128_CONTEXT *dest, SIV128_CONTEXT *src);
|
|
int CRYPTO_siv128_aad(SIV128_CONTEXT *ctx, const unsigned char *aad,
|
|
size_t len);
|
|
int CRYPTO_siv128_encrypt(SIV128_CONTEXT *ctx,
|
|
const unsigned char *in, unsigned char *out,
|
|
size_t len);
|
|
int CRYPTO_siv128_decrypt(SIV128_CONTEXT *ctx,
|
|
const unsigned char *in, unsigned char *out,
|
|
size_t len);
|
|
int CRYPTO_siv128_finish(SIV128_CONTEXT *ctx);
|
|
int CRYPTO_siv128_set_tag(SIV128_CONTEXT *ctx, const unsigned char *tag,
|
|
size_t len);
|
|
int CRYPTO_siv128_get_tag(SIV128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
|
int CRYPTO_siv128_cleanup(SIV128_CONTEXT *ctx);
|
|
int CRYPTO_siv128_speed(SIV128_CONTEXT *ctx, int arg);
|
|
|
|
#endif /* OPENSSL_NO_SIV */
|