diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-02-22 14:16:35 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-02-23 14:53:33 +0100 |
commit | 3b2f7d068df500377d12bc007c4006388e277cbd (patch) | |
tree | cb240b93cc65113247a0bb65c77731aa3e804123 /openpgp/src/crypto/backend | |
parent | 41fb8f92076845ff1dd6ebdc9af75c9a9451c306 (diff) |
openpgp: Fix nonce size when using OCB with OpenSSL.
- Previously, the IV length defaulted to 12.
- We have to set the IV length before supplying the
IV in {de,en}crypt_init. Otherwise, it will be silently
truncated.
Diffstat (limited to 'openpgp/src/crypto/backend')
-rw-r--r-- | openpgp/src/crypto/backend/openssl/aead.rs | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/openpgp/src/crypto/backend/openssl/aead.rs b/openpgp/src/crypto/backend/openssl/aead.rs index e56b53ec..f107a6fa 100644 --- a/openpgp/src/crypto/backend/openssl/aead.rs +++ b/openpgp/src/crypto/backend/openssl/aead.rs @@ -95,9 +95,21 @@ impl AEADAlgorithm { }; let mut ctx = CipherCtx::new()?; match op { - CipherOp::Encrypt => ctx.encrypt_init(Some(cipher), Some(key), Some(nonce))?, + CipherOp::Encrypt => + ctx.encrypt_init(Some(cipher), Some(key), None)?, - CipherOp::Decrypt => ctx.decrypt_init(Some(cipher), Some(key), Some(nonce))?, + CipherOp::Decrypt => + ctx.decrypt_init(Some(cipher), Some(key), None)?, + } + // We have to set the IV length before supplying the + // IV. Otherwise, it will be silently truncated. + ctx.set_iv_length(self.nonce_size()?)?; + match op { + CipherOp::Encrypt => + ctx.encrypt_init(None, None, Some(nonce))?, + + CipherOp::Decrypt => + ctx.decrypt_init(None, None, Some(nonce))?, } ctx.set_padding(false); Ok(Box::new(OpenSslContext { |