diff options
| author | Vsevolod Stakhov <vsevolod@rspamd.com> | 2024-08-07 19:23:41 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@rspamd.com> | 2024-08-07 19:23:41 +0100 |
| commit | 8b162254e75ed08c01c70f2c644dcca6a43a5eca (patch) | |
| tree | 086b25fee8f8f5bec24423e47a59c83ac12e9775 /src/libcryptobox/cryptobox.c | |
| parent | 1abdaee965c755d64933ef24359dab2c1320b5fb (diff) | |
| download | rspamd-8b162254e75ed08c01c70f2c644dcca6a43a5eca.tar.gz rspamd-8b162254e75ed08c01c70f2c644dcca6a43a5eca.zip | |
[Minor] Another try to fix p256 encryption
Diffstat (limited to 'src/libcryptobox/cryptobox.c')
| -rw-r--r-- | src/libcryptobox/cryptobox.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index d18e71b00..05b1bce72 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -355,13 +355,14 @@ void rspamd_cryptobox_keypair(rspamd_pk_t pk, rspamd_sk_t sk, g_assert(EVP_PKEY_get_bn_param(pkey, "priv", &bn_sec) == 1); len = BN_num_bytes(bn_sec); - g_assert(len <= (int) sizeof(rspamd_sk_t)); + g_assert(len <= (int) rspamd_cryptobox_sk_bytes(RSPAMD_CRYPTOBOX_MODE_NIST)); BN_bn2bin(bn_sec, sk); g_assert(EVP_PKEY_get_octet_string_param(pkey, "pub", pk, - sizeof(rspamd_pk_t), &len) == 1); + rspamd_cryptobox_pk_bytes(RSPAMD_CRYPTOBOX_MODE_NIST), + &len) == 1); - g_assert(len <= (int) sizeof(rspamd_pk_t)); + g_assert(len <= (int) rspamd_cryptobox_pk_bytes(RSPAMD_CRYPTOBOX_MODE_NIST)); BN_free(bn_sec); EVP_PKEY_free(pkey); @@ -393,7 +394,7 @@ void rspamd_cryptobox_keypair(rspamd_pk_t pk, rspamd_sk_t sk, EC_KEY_free(ec_sec); len = BN_num_bytes(bn_sec); - g_assert(len <= (int) sizeof(rspamd_sk_t)); + g_assert(len <= (int) rspamd_cryptobox_sk_bytes(RSPAMD_CRYPTOBOX_MODE_NIST)); BN_bn2bin(bn_sec, sk); #endif #endif @@ -543,16 +544,16 @@ void rspamd_cryptobox_nm(rspamd_nm_t nm, EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL); OSSL_PARAM param[3]; - param[0] = OSSL_PARAM_construct_utf8_string("group", "prime256v1", 0); + param[0] = OSSL_PARAM_construct_utf8_string("group", "P-256", 0); param[1] = OSSL_PARAM_construct_BN("priv", (void *) sk, rspamd_cryptobox_sk_bytes(mode)); param[2] = OSSL_PARAM_construct_end(); g_assert(EVP_PKEY_fromdata_init(pctx) == 1); - g_assert(EVP_PKEY_fromdata(pctx, &sec_pkey, EVP_PKEY_KEYPAIR, param) == 1); + g_assert(EVP_PKEY_fromdata(pctx, &sec_pkey, EVP_PKEY_PRIVATE_KEY, param) == 1); EVP_PKEY_CTX_free(pctx); pctx = EVP_PKEY_CTX_new_from_pkey(libctx, sec_pkey, NULL); - param[0] = OSSL_PARAM_construct_utf8_string("group", "prime256v1", 0); + param[0] = OSSL_PARAM_construct_utf8_string("group", "P-256", 0); param[1] = OSSL_PARAM_construct_octet_string("pub", (void *) pk, rspamd_cryptobox_pk_bytes(mode)); param[2] = OSSL_PARAM_construct_end(); |