fixup! Use OpenSSL native OCB-AES implementation

mobile-shell · Jun 14, 2022 · 57fd152 · 57fd152
1 parent f5f4e55
commit 57fd152
Showing 1 changed file with 7 additions and 6 deletions.
diff --git a/src/crypto/ocb_openssl.cc b/src/crypto/ocb_openssl.cc
@@ -6,7 +6,6 @@
 #include <openssl/evp.h>
 
 struct _ae_ctx {
-  unsigned char *key;
   EVP_CIPHER_CTX *enc_ctx;
   EVP_CIPHER_CTX *dec_ctx;
   int tag_len;
@@ -26,6 +25,7 @@ int ae_ctx_sizeof() {
 // If direction is 1, initializes encryption. If 0, initializes
 // decryption. See the documentation of EVP_CipherInit_ex
 static int ae_evp_cipher_init(EVP_CIPHER_CTX **in_ctx, int direction,
+			      const unsigned char *key,
 			      int nonce_len, int tag_len) {
   // Create an OpenSSL EVP context. It does not yet have any specific
   // cipher associated with it.
@@ -37,7 +37,7 @@ static int ae_evp_cipher_init(EVP_CIPHER_CTX **in_ctx, int direction,
   // encryption and decryption, an EVP_CIPHER_CTX must be initialized
   // for a specific direction.
   if (EVP_CipherInit_ex(ctx, EVP_aes_128_ocb(),
-			/*impl=*/NULL, /*key=*/NULL, /*iv=*/NULL,
+			/*impl=*/NULL, /*key=*/key, /*iv=*/NULL,
 			direction) != 1) {
     return -3;
   }
@@ -57,7 +57,7 @@ static int ae_evp_cipher_init(EVP_CIPHER_CTX **in_ctx, int direction,
   return AE_SUCCESS;
 }
 
-int ae_init(ae_ctx *ctx, const void *key_param, int key_len, int nonce_len,
+int ae_init(ae_ctx *ctx, const void *key, int key_len, int nonce_len,
 	    int tag_len) {
   // Pre-condition: Only nonces of length 12 are supported. The
   // documentation of `ae_init` in ae.h specifies that `ctx` is
@@ -73,14 +73,15 @@ int ae_init(ae_ctx *ctx, const void *key_param, int key_len, int nonce_len,
   }
   int r = AE_SUCCESS;
   if ((r = ae_evp_cipher_init(&ctx->enc_ctx, 1,
+			      reinterpret_cast<const unsigned char *>(key),
 			      nonce_len, tag_len))!= AE_SUCCESS) {
     return r;
   }
   if ((r = ae_evp_cipher_init(&ctx->dec_ctx, 0,
+			      reinterpret_cast<const unsigned char *>(key),
 			      nonce_len, tag_len)) != AE_SUCCESS) {
     return r;
   }
-  ctx->key = (unsigned char *)key_param;
   ctx->tag_len = tag_len;
   return AE_SUCCESS;
 }
@@ -101,7 +102,7 @@ int ae_encrypt(ae_ctx *ctx, const void *nonce_ptr, const void *pt_ptr,
     return AE_NOT_SUPPORTED;
   }
   if (EVP_EncryptInit_ex(ctx->enc_ctx, /*type=*/NULL, /*impl=*/NULL,
-			 ctx->key, nonce) != 1) {
+			 /*key=*/NULL, nonce) != 1) {
     return -3;
   }
   int len = 0;
@@ -159,7 +160,7 @@ int ae_decrypt(ae_ctx *ctx, const void *nonce_ptr, const void *ct_ptr,
     return AE_NOT_SUPPORTED;
   }
   if (EVP_DecryptInit_ex(ctx->dec_ctx, /*type=*/NULL, /*impl=*/NULL,
-			 ctx->key, nonce) != 1) {
+			 /*key=*/NULL, nonce) != 1) {
     return -3;
   }
   int len = 0;