summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorShelley Vohr <shelley.vohr@gmail.com>2018-10-14 22:23:01 -0700
committerTobias Nießen <tniessen@tnie.de>2018-10-16 23:26:47 +0200
commitca2eec463974aff1a040329c0fc968ac903d03ba (patch)
treea9cb903eca3fb5e145ea155af79e240b3bb99263 /src
parent0272c9d7058a254960aaff06d21b7a3eff7a4f2a (diff)
downloadandroid-node-v8-ca2eec463974aff1a040329c0fc968ac903d03ba.tar.gz
android-node-v8-ca2eec463974aff1a040329c0fc968ac903d03ba.tar.bz2
android-node-v8-ca2eec463974aff1a040329c0fc968ac903d03ba.zip
src: remove OCB support ifdef OPENSSL_NO_OCB
Electron uses BoringSSL which does not support OCB . It is also possible to build OpenSSL without support for OCB for Node.js. This commit disables OCB if OPENSSL_NO_OCB is defined. PR-URL: https://github.com/nodejs/node/pull/23635 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Anna Henningsen <anna@addaleax.net>
Diffstat (limited to 'src')
-rw-r--r--src/node_crypto.cc11
1 files changed, 8 insertions, 3 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 7d2cba2257..088483686d 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -84,6 +84,11 @@ using v8::Uint32;
using v8::Undefined;
using v8::Value;
+#ifdef OPENSSL_NO_OCB
+# define IS_OCB_MODE(mode) false
+#else
+# define IS_OCB_MODE(mode) ((mode) == EVP_CIPH_OCB_MODE)
+#endif
struct StackOfX509Deleter {
void operator()(STACK_OF(X509)* p) const { sk_X509_pop_free(p, X509_free); }
@@ -2544,7 +2549,7 @@ int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx) {
static bool IsSupportedAuthenticatedMode(int mode) {
return mode == EVP_CIPH_CCM_MODE ||
mode == EVP_CIPH_GCM_MODE ||
- mode == EVP_CIPH_OCB_MODE;
+ IS_OCB_MODE(mode);
}
void CipherBase::Initialize(Environment* env, Local<Object> target) {
@@ -2769,7 +2774,7 @@ bool CipherBase::InitAuthenticated(const char* cipher_type, int iv_len,
}
const int mode = EVP_CIPHER_CTX_mode(ctx_.get());
- if (mode == EVP_CIPH_CCM_MODE || mode == EVP_CIPH_OCB_MODE) {
+ if (mode == EVP_CIPH_CCM_MODE || IS_OCB_MODE(mode)) {
if (auth_tag_len == kNoAuthTagLength) {
char msg[128];
snprintf(msg, sizeof(msg), "authTagLength required for %s", cipher_type);
@@ -2885,7 +2890,7 @@ void CipherBase::SetAuthTag(const FunctionCallbackInfo<Value>& args) {
} else {
// At this point, the tag length is already known and must match the
// length of the given authentication tag.
- CHECK(mode == EVP_CIPH_CCM_MODE || mode == EVP_CIPH_OCB_MODE);
+ CHECK(mode == EVP_CIPH_CCM_MODE || IS_OCB_MODE(mode));
CHECK_NE(cipher->auth_tag_len_, kNoAuthTagLength);
is_valid = cipher->auth_tag_len_ == tag_len;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-29 01:45:13 +0000