Google Git
Sign in
boringssl / boringssl.git / b34f510b3bd8eb7708194338e7cc3b1655c000fa^! / . / include / openssl
commitb34f510b3bd8eb7708194338e7cc3b1655c000fa[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Sat Feb 28 03:59:33 2015 -0500
committerAdam Langley <agl@google.com>Thu Mar 05 21:25:05 2015 +0000
tree683ba24756d465cd6c0313dc4efb4fbd5eafc56d
parentfb68d6c901b98ffe15b8890d00bc819bf44c5f01 [diff]
Don't delay-initialize legacy AEADs.

Instead, add a separate init_with_direction hook. Normal AEADs ignore the
direction, while legacy AEADs must be initialized with it. This avoids
maintaining extra state to support the delayed initialization.

Change-Id: I25271f0e56ee2783a2fd4d4026434154d58dc0a8
Reviewed-on: https://boringssl-review.googlesource.com/3731
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/aead.h b/include/openssl/aead.h
index 6fd8116..861de99 100644
--- a/include/openssl/aead.h
+++ b/include/openssl/aead.h

@@ -205,7 +205,13 @@
  * be used. */
 #define EVP_AEAD_DEFAULT_TAG_LENGTH 0
 
-/* EVP_AEAD_init initializes |ctx| for the given AEAD algorithm from |impl|.
+/* evp_aead_direction_t denotes the direction of an AEAD operation. */
+enum evp_aead_direction_t {
+  evp_aead_open,
+  evp_aead_seal,
+};
+
+/* EVP_AEAD_CTX_init initializes |ctx| for the given AEAD algorithm from |impl|.
  * The |impl| argument may be NULL to choose the default implementation.
  * Authentication tags may be truncated by passing a size as |tag_len|. A
  * |tag_len| of zero indicates the default tag length and this is defined as
@@ -215,6 +221,13 @@
                                      const uint8_t *key, size_t key_len,
                                      size_t tag_len, ENGINE *impl);
 
+/* EVP_AEAD_CTX_init_with_direction calls |EVP_AEAD_CTX_init| for normal
+ * AEADs. For TLS-specific and SSL3-specific AEADs, it initializes |ctx| for a
+ * given direction. */
+OPENSSL_EXPORT int EVP_AEAD_CTX_init_with_direction(
+    EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, const uint8_t *key, size_t key_len,
+    size_t tag_len, enum evp_aead_direction_t dir);
+
 /* EVP_AEAD_CTX_cleanup frees any data allocated by |ctx|. */
 OPENSSL_EXPORT void EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx);
 

diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
index 97bf096..43b6cd5 100644
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h

@@ -530,6 +530,7 @@
 #define CIPHER_F_aead_tls_seal 128
 #define CIPHER_F_aes_init_key 129
 #define CIPHER_F_aesni_init_key 130
+#define CIPHER_F_EVP_AEAD_CTX_init_with_direction 131
 #define CIPHER_R_AES_KEY_SETUP_FAILED 100
 #define CIPHER_R_BAD_DECRYPT 101
 #define CIPHER_R_BAD_KEY_LENGTH 102
@@ -554,5 +555,6 @@
 #define CIPHER_R_UNSUPPORTED_NONCE_SIZE 121
 #define CIPHER_R_UNSUPPORTED_TAG_SIZE 122
 #define CIPHER_R_WRONG_FINAL_BLOCK_LENGTH 123
+#define CIPHER_R_NO_DIRECTION_SET 124
 
 #endif  /* OPENSSL_HEADER_CIPHER_H */