Skip to content

Commit

Permalink
Merge pull request #7465 from julek-wolfssl/issue/7390
Browse files Browse the repository at this point in the history 
Clean up EVP usage in quic
  • Loading branch information
@SparkiDev
SparkiDev authored Apr 25, 2024
2 parents 54022b1 + d61fec5 commit 5ee0e34
Showing 1 changed file with 15 additions and 31 deletions.
46 changes: 15 additions & 31 deletions src/quic.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -990,11 +990,13 @@ const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl)
evp_cipher = wolfSSL_EVP_chacha20_poly1305();
break;
#endif
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
#if !defined(NO_AES) && defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
case TLS_AES_128_CCM_SHA256:
FALL_THROUGH;
evp_cipher = wolfSSL_EVP_aes_128_ccm();
break;
case TLS_AES_128_CCM_8_SHA256:
evp_cipher = wolfSSL_EVP_aes_128_ctr();
WOLFSSL_MSG("wolfSSL_quic_get_aead: no CCM-8 support in EVP layer");
evp_cipher = NULL;
break;
#endif

Expand Down Expand Up @@ -1036,25 +1038,26 @@ const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl)
switch (cipher->cipherSuite) {
#if !defined(NO_AES) && defined(HAVE_AESGCM)
case TLS_AES_128_GCM_SHA256:
evp_cipher = wolfSSL_EVP_aes_128_ctr();
evp_cipher = wolfSSL_EVP_aes_128_gcm();
break;
case TLS_AES_256_GCM_SHA384:
evp_cipher = wolfSSL_EVP_aes_256_ctr();
evp_cipher = wolfSSL_EVP_aes_256_gcm();
break;
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
case TLS_CHACHA20_POLY1305_SHA256:
evp_cipher = wolfSSL_EVP_chacha20();
break;
#endif
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
#if !defined(NO_AES) && defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
case TLS_AES_128_CCM_SHA256:
FALL_THROUGH;
evp_cipher = wolfSSL_EVP_aes_128_ccm();
break;
case TLS_AES_128_CCM_8_SHA256:
evp_cipher = wolfSSL_EVP_aes_128_ctr();
WOLFSSL_MSG("wolfSSL_quic_get_hp: no CCM-8 support in EVP layer");
evp_cipher = NULL;
break;
#endif

default:
evp_cipher = NULL;
break;
Expand All @@ -1072,8 +1075,7 @@ size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher)
{
size_t ret;
#ifdef WOLFSSL_SMALL_STACK
WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX *)XMALLOC(
sizeof(*ctx), NULL, DYNAMIC_TYPE_TMP_BUFFER);
WOLFSSL_EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new();
if (ctx == NULL)
return 0;
#else
Expand All @@ -1098,30 +1100,12 @@ size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher)

int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER* aead_cipher)
{
#if !defined(NO_AES) && defined(HAVE_AESGCM)
if (evp_cipher_eq(aead_cipher, wolfSSL_EVP_aes_128_gcm())
#ifdef WOLFSSL_AES_256
|| evp_cipher_eq(aead_cipher, wolfSSL_EVP_aes_256_gcm())
#endif
) {
return 1;
}
#else
(void)aead_cipher;
#endif
return 0;
return WOLFSSL_EVP_CIPHER_mode(aead_cipher) == WOLFSSL_EVP_CIPH_GCM_MODE;
}

int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER* aead_cipher)
{
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
if (evp_cipher_eq(aead_cipher, wolfSSL_EVP_aes_128_ctr())) {
return 1;
}
#else
(void)aead_cipher;
#endif
return 0;
return WOLFSSL_EVP_CIPHER_mode(aead_cipher) == WOLFSSL_EVP_CIPH_CCM_MODE;
}

int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER* aead_cipher)
Expand Down

0 comments on commit 5ee0e34

Please sign in to comment.