Skip to content

Commit d61fec5

Browse files
julek-wolfssljulek-wolfssl
committed
Clean up EVP usage in quic
1 parent 6e49aa7 commit d61fec5

1 file changed

Lines changed: 15 additions & 31 deletions

File tree

src/quic.c

Lines changed: 15 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -990,11 +990,13 @@ const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl)
990990
evp_cipher = wolfSSL_EVP_chacha20_poly1305();
991991
break;
992992
#endif
993-
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
993+
#if !defined(NO_AES) && defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
994994
case TLS_AES_128_CCM_SHA256:
995-
FALL_THROUGH;
995+
evp_cipher = wolfSSL_EVP_aes_128_ccm();
996+
break;
996997
case TLS_AES_128_CCM_8_SHA256:
997-
evp_cipher = wolfSSL_EVP_aes_128_ctr();
998+
WOLFSSL_MSG("wolfSSL_quic_get_aead: no CCM-8 support in EVP layer");
999+
evp_cipher = NULL;
9981000
break;
9991001
#endif
10001002

@@ -1036,25 +1038,26 @@ const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl)
10361038
switch (cipher->cipherSuite) {
10371039
#if !defined(NO_AES) && defined(HAVE_AESGCM)
10381040
case TLS_AES_128_GCM_SHA256:
1039-
evp_cipher = wolfSSL_EVP_aes_128_ctr();
1041+
evp_cipher = wolfSSL_EVP_aes_128_gcm();
10401042
break;
10411043
case TLS_AES_256_GCM_SHA384:
1042-
evp_cipher = wolfSSL_EVP_aes_256_ctr();
1044+
evp_cipher = wolfSSL_EVP_aes_256_gcm();
10431045
break;
10441046
#endif
10451047
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
10461048
case TLS_CHACHA20_POLY1305_SHA256:
10471049
evp_cipher = wolfSSL_EVP_chacha20();
10481050
break;
10491051
#endif
1050-
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
1052+
#if !defined(NO_AES) && defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
10511053
case TLS_AES_128_CCM_SHA256:
1052-
FALL_THROUGH;
1054+
evp_cipher = wolfSSL_EVP_aes_128_ccm();
1055+
break;
10531056
case TLS_AES_128_CCM_8_SHA256:
1054-
evp_cipher = wolfSSL_EVP_aes_128_ctr();
1057+
WOLFSSL_MSG("wolfSSL_quic_get_hp: no CCM-8 support in EVP layer");
1058+
evp_cipher = NULL;
10551059
break;
10561060
#endif
1057-
10581061
default:
10591062
evp_cipher = NULL;
10601063
break;
@@ -1072,8 +1075,7 @@ size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher)
10721075
{
10731076
size_t ret;
10741077
#ifdef WOLFSSL_SMALL_STACK
1075-
WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX *)XMALLOC(
1076-
sizeof(*ctx), NULL, DYNAMIC_TYPE_TMP_BUFFER);
1078+
WOLFSSL_EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new();
10771079
if (ctx == NULL)
10781080
return 0;
10791081
#else
@@ -1098,30 +1100,12 @@ size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher)
10981100

10991101
int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER* aead_cipher)
11001102
{
1101-
#if !defined(NO_AES) && defined(HAVE_AESGCM)
1102-
if (evp_cipher_eq(aead_cipher, wolfSSL_EVP_aes_128_gcm())
1103-
#ifdef WOLFSSL_AES_256
1104-
|| evp_cipher_eq(aead_cipher, wolfSSL_EVP_aes_256_gcm())
1105-
#endif
1106-
) {
1107-
return 1;
1108-
}
1109-
#else
1110-
(void)aead_cipher;
1111-
#endif
1112-
return 0;
1103+
return WOLFSSL_EVP_CIPHER_mode(aead_cipher) == WOLFSSL_EVP_CIPH_GCM_MODE;
11131104
}
11141105

11151106
int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER* aead_cipher)
11161107
{
1117-
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
1118-
if (evp_cipher_eq(aead_cipher, wolfSSL_EVP_aes_128_ctr())) {
1119-
return 1;
1120-
}
1121-
#else
1122-
(void)aead_cipher;
1123-
#endif
1124-
return 0;
1108+
return WOLFSSL_EVP_CIPHER_mode(aead_cipher) == WOLFSSL_EVP_CIPH_CCM_MODE;
11251109
}
11261110

11271111
int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER* aead_cipher)

0 commit comments

Comments
 (0)