You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by mi...@apache.org on 2020/03/14 11:07:29 UTC
svn commit: r1875185 - in /apr/apr-util/branches/1.7.x: ./ crypto/
crypto/apr_crypto_openssl.c
Author: minfrin
Date: Sat Mar 14 11:07:29 2020
New Revision: 1875185
URL: http://svn.apache.org/viewvc?rev=1875185&view=rev
Log:
Backport r1875184.
Support both NID_chacha20 and NID_aes_256_ctr, not one or the other.
Modified:
apr/apr-util/branches/1.7.x/ (props changed)
apr/apr-util/branches/1.7.x/crypto/ (props changed)
apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c
Propchange: apr/apr-util/branches/1.7.x/
------------------------------------------------------------------------------
Merged /apr/apr/trunk:r1875184
Propchange: apr/apr-util/branches/1.7.x/crypto/
------------------------------------------------------------------------------
Merged /apr/apr/trunk/crypto:r1875184
Modified: apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c?rev=1875185&r1=1875184&r2=1875185&view=diff
==============================================================================
--- apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c (original)
+++ apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c Sat Mar 14 11:07:29 2020
@@ -1609,18 +1609,28 @@ void cprng_stream_setkey(cprng_stream_ct
const unsigned char *key,
const unsigned char *iv)
{
+ switch(EVP_CIPHER_CTX_nid(sctx->ctx)) {
#if defined(NID_chacha20)
- /* With CHACHA20, iv=NULL is the same as zeros but it's faster
- * to (re-)init; use that for efficiency.
- */
- EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, NULL);
-#else
- /* With AES256-CTR, iv=NULL seems to peek up and random one (for
- * the initial CTR), while we can live with zeros (fixed CTR);
- * efficiency still.
- */
- EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, iv);
+ case NID_chacha20:
+ /* With CHACHA20, iv=NULL is the same as zeros but it's faster
+ * to (re-)init; use that for efficiency.
+ */
+ EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, NULL);
+ break;
#endif
+#if defined(NID_aes_256_ctr)
+ case NID_aes_256_ctr:
+ /* With AES256-CTR, iv=NULL seems to peek up and random one (for
+ * the initial CTR), while we can live with zeros (fixed CTR);
+ * efficiency still.
+ */
+ EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, iv);
+ break;
+#endif
+ default:
+ assert(0);
+ break;
+ }
}
static apr_status_t cprng_stream_ctx_bytes(cprng_stream_ctx_t **pctx,