You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by mi...@apache.org on 2020/03/14 11:07:29 UTC

svn commit: r1875185 - in /apr/apr-util/branches/1.7.x: ./ crypto/ crypto/apr_crypto_openssl.c

Author: minfrin
Date: Sat Mar 14 11:07:29 2020
New Revision: 1875185

URL: http://svn.apache.org/viewvc?rev=1875185&view=rev
Log:
Backport r1875184.

Support both NID_chacha20 and NID_aes_256_ctr, not one or the other.

Modified:
    apr/apr-util/branches/1.7.x/   (props changed)
    apr/apr-util/branches/1.7.x/crypto/   (props changed)
    apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c

Propchange: apr/apr-util/branches/1.7.x/
------------------------------------------------------------------------------
  Merged /apr/apr/trunk:r1875184

Propchange: apr/apr-util/branches/1.7.x/crypto/
------------------------------------------------------------------------------
  Merged /apr/apr/trunk/crypto:r1875184

Modified: apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c?rev=1875185&r1=1875184&r2=1875185&view=diff
==============================================================================
--- apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c (original)
+++ apr/apr-util/branches/1.7.x/crypto/apr_crypto_openssl.c Sat Mar 14 11:07:29 2020
@@ -1609,18 +1609,28 @@ void cprng_stream_setkey(cprng_stream_ct
                          const unsigned char *key,
                          const unsigned char *iv)
 {
+    switch(EVP_CIPHER_CTX_nid(sctx->ctx)) {
 #if defined(NID_chacha20)
-    /* With CHACHA20, iv=NULL is the same as zeros but it's faster
-     * to (re-)init; use that for efficiency.
-     */
-    EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, NULL);
-#else
-    /* With AES256-CTR, iv=NULL seems to peek up and random one (for
-     * the initial CTR), while we can live with zeros (fixed CTR);
-     * efficiency still.
-     */
-    EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, iv);
+    case NID_chacha20:
+        /* With CHACHA20, iv=NULL is the same as zeros but it's faster
+         * to (re-)init; use that for efficiency.
+         */
+        EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, NULL);
+        break;
 #endif
+#if defined(NID_aes_256_ctr)
+    case NID_aes_256_ctr:
+        /* With AES256-CTR, iv=NULL seems to peek up and random one (for
+         * the initial CTR), while we can live with zeros (fixed CTR);
+         * efficiency still.
+         */
+        EVP_EncryptInit_ex(sctx->ctx, NULL, NULL, key, iv);
+        break;
+#endif
+    default:
+        assert(0);
+        break;
+    }
 }
 
 static apr_status_t cprng_stream_ctx_bytes(cprng_stream_ctx_t **pctx,