diff options
Diffstat (limited to 'lib/vquic/ngtcp2-crypto.c')
| -rw-r--r-- | lib/vquic/ngtcp2-crypto.c | 64 |
1 files changed, 22 insertions, 42 deletions
diff --git a/lib/vquic/ngtcp2-crypto.c b/lib/vquic/ngtcp2-crypto.c index 576b04c5c..887c130cb 100644 --- a/lib/vquic/ngtcp2-crypto.c +++ b/lib/vquic/ngtcp2-crypto.c @@ -232,22 +232,17 @@ size_t Curl_qc_aead_max_overhead(const struct Context *ctx) return aead_tag_length(ctx); } -ssize_t Curl_qc_encrypt(uint8_t *dest, size_t destlen, - const uint8_t *plaintext, size_t plaintextlen, - const struct Context *ctx, - const uint8_t *key, size_t keylen, - const uint8_t *nonce, size_t noncelen, - const uint8_t *ad, size_t adlen) +int Curl_qc_encrypt(uint8_t *dest, + const uint8_t *plaintext, size_t plaintextlen, + const struct Context *ctx, + const uint8_t *key, + const uint8_t *nonce, size_t noncelen, + const uint8_t *ad, size_t adlen) { size_t taglen = aead_tag_length(ctx); EVP_CIPHER_CTX *actx; - size_t outlen = 0; + int outlen = 0; int len; - (void)keylen; - - if(destlen < plaintextlen + taglen) { - return -1; - } actx = EVP_CIPHER_CTX_new(); if(!actx) @@ -281,40 +276,33 @@ ssize_t Curl_qc_encrypt(uint8_t *dest, size_t destlen, if(EVP_EncryptFinal_ex(actx, dest + outlen, &len) != 1) goto error; - outlen += len; - assert(outlen + taglen <= destlen); - if(EVP_CIPHER_CTX_ctrl(actx, EVP_CTRL_AEAD_GET_TAG, (int)taglen, dest + outlen) != 1) goto error; - outlen += taglen; - EVP_CIPHER_CTX_free(actx); - return outlen; + return 0; error: EVP_CIPHER_CTX_free(actx); return -1; } -ssize_t Curl_qc_decrypt(uint8_t *dest, size_t destlen, - const uint8_t *ciphertext, size_t ciphertextlen, - const struct Context *ctx, - const uint8_t *key, size_t keylen, - const uint8_t *nonce, size_t noncelen, - const uint8_t *ad, size_t adlen) +int Curl_qc_decrypt(uint8_t *dest, + const uint8_t *ciphertext, size_t ciphertextlen, + const struct Context *ctx, + const uint8_t *key, + const uint8_t *nonce, size_t noncelen, + const uint8_t *ad, size_t adlen) { size_t taglen = aead_tag_length(ctx); const uint8_t *tag; EVP_CIPHER_CTX *actx; - size_t outlen; + int outlen; int len; - (void)keylen; - if(taglen > ciphertextlen || destlen + taglen < ciphertextlen) { + if(taglen > ciphertextlen) return -1; - } ciphertextlen -= taglen; tag = ciphertext + ciphertextlen; @@ -351,7 +339,7 @@ ssize_t Curl_qc_decrypt(uint8_t *dest, size_t destlen, outlen = len; if(ctx->aead == EVP_aes_128_ccm()) - return outlen; + return 0; if(EVP_CIPHER_CTX_ctrl(actx, EVP_CTRL_AEAD_SET_TAG, (int)taglen, (char *)tag) != 1) @@ -360,10 +348,8 @@ ssize_t Curl_qc_decrypt(uint8_t *dest, size_t destlen, if(EVP_DecryptFinal_ex(actx, dest + outlen, &len) != 1) goto error; - outlen += len; - EVP_CIPHER_CTX_free(actx); - return outlen; + return 0; error: EVP_CIPHER_CTX_free(actx); return -1; @@ -489,19 +475,13 @@ Curl_qc_derive_header_protection_key(uint8_t *dest, size_t destlen, return keylen; } -ssize_t Curl_qc_hp_mask(uint8_t *dest, size_t destlen, - const struct Context *ctx, - const uint8_t *key, size_t keylen, - const uint8_t *sample, size_t samplelen) +int Curl_qc_hp_mask(uint8_t *dest, const struct Context *ctx, + const uint8_t *key, const uint8_t *sample) { static uint8_t PLAINTEXT[] = "\x00\x00\x00\x00\x00"; EVP_CIPHER_CTX *actx; - size_t outlen = 0; + int outlen = 0; int len; - (void)destlen; /* TODO: make use of these! */ - (void)keylen; - (void)samplelen; - actx = EVP_CIPHER_CTX_new(); if(!actx) return -1; @@ -521,7 +501,7 @@ ssize_t Curl_qc_hp_mask(uint8_t *dest, size_t destlen, DEBUGASSERT(len == 0); - return outlen; + return 0; error: EVP_CIPHER_CTX_free(actx); return -1; |