diff options
| author | Tobias Nießen <tniessen@tnie.de> | 2017-12-18 13:22:08 +0100 |
|---|---|---|
| committer | Tobias Nießen <tniessen@tnie.de> | 2018-04-06 13:02:43 +0200 |
| commit | 1e07acd476309e7ddc4981160b89731b61a31179 (patch) | |
| tree | d9217adeb698cbe3cefae962d89b16c655a822c2 /src/node_crypto.h | |
| parent | 38a692963f000e3bd0f8413617d3b5774039dff8 (diff) | |
| download | android-node-v8-1e07acd476309e7ddc4981160b89731b61a31179.tar.gz android-node-v8-1e07acd476309e7ddc4981160b89731b61a31179.tar.bz2 android-node-v8-1e07acd476309e7ddc4981160b89731b61a31179.zip | |
crypto: add support for AES-CCM
This commit adds support for another AEAD algorithm and introduces
required API changes and extensions. Due to the design of CCM itself and
the way OpenSSL implements it, there are some restrictions when using
this mode as outlined in the updated documentation.
PR-URL: https://github.com/nodejs/node/pull/18138
Fixes: https://github.com/nodejs/node/issues/2383
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Diffstat (limited to 'src/node_crypto.h')
| -rw-r--r-- | src/node_crypto.h | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/src/node_crypto.h b/src/node_crypto.h index c8cf558d60..2f7c904ee9 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -354,19 +354,31 @@ class CipherBase : public BaseObject { kCipher, kDecipher }; + enum UpdateResult { + kSuccess, + kErrorMessageSize, + kErrorState + }; - void Init(const char* cipher_type, const char* key_buf, int key_buf_len); + void Init(const char* cipher_type, + const char* key_buf, + int key_buf_len, + int auth_tag_len); void InitIv(const char* cipher_type, const char* key, int key_len, const char* iv, - int iv_len); - bool Update(const char* data, int len, unsigned char** out, int* out_len); + int iv_len, + int auth_tag_len); + bool InitAuthenticated(const char *cipher_type, int iv_len, int auth_tag_len); + bool CheckCCMMessageLength(int message_len); + UpdateResult Update(const char* data, int len, unsigned char** out, + int* out_len); bool Final(unsigned char** out, int *out_len); bool SetAutoPadding(bool auto_padding); bool IsAuthenticatedMode() const; - bool SetAAD(const char* data, unsigned int len); + bool SetAAD(const char* data, unsigned int len, int plaintext_len); static void New(const v8::FunctionCallbackInfo<v8::Value>& args); static void Init(const v8::FunctionCallbackInfo<v8::Value>& args); @@ -385,15 +397,20 @@ class CipherBase : public BaseObject { : BaseObject(env, wrap), ctx_(nullptr), kind_(kind), - auth_tag_len_(0) { + auth_tag_set_(false), + auth_tag_len_(0), + pending_auth_failed_(false) { MakeWeak<CipherBase>(this); } private: EVP_CIPHER_CTX* ctx_; const CipherKind kind_; + bool auth_tag_set_; unsigned int auth_tag_len_; char auth_tag_[EVP_GCM_TLS_TAG_LEN]; + bool pending_auth_failed_; + int max_message_size_; }; class Hmac : public BaseObject { |