diff options
| -rw-r--r-- | src/libcryptobox/cryptobox.c | 10 | ||||
| -rw-r--r-- | src/libcryptobox/cryptobox.h | 2 | ||||
| -rw-r--r-- | test/rspamd_cryptobox_test.c | 22 |
3 files changed, 29 insertions, 5 deletions
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index dc4f3e5e9..e424dac1f 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -314,6 +314,7 @@ rspamd_cryptobox_encrypt_init (void *enc_ctx, const rspamd_nonce_t nonce, EVP_CIPHER_CTX *s; s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); + memset (s, 0, sizeof (*s)); g_assert (EVP_EncryptInit_ex (s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1); g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_SET_IVLEN, 24, NULL) == 1); g_assert (EVP_EncryptInit_ex (s, NULL, NULL, nm, nonce) == 1); @@ -477,6 +478,7 @@ rspamd_cryptobox_decrypt_init (void *enc_ctx, const rspamd_nonce_t nonce, EVP_CIPHER_CTX *s; s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT); + memset (s, 0, sizeof (*s)); g_assert (EVP_DecryptInit_ex(s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1); g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_SET_IVLEN, 24, NULL) == 1); g_assert (EVP_DecryptInit_ex (s, NULL, NULL, nm, nonce) == 1); @@ -639,7 +641,7 @@ rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx) #else EVP_CIPHER_CTX *s = enc_ctx; - EVP_CIPHER_CTX_free (s); + EVP_CIPHER_CTX_cleanup (s); #endif } } @@ -923,12 +925,12 @@ rspamd_cryptobox_pbkdf (const char *pass, gsize pass_len, return TRUE; } -void +gboolean rspamd_cryptobox_openssl_mode (gboolean enable) { #ifdef HAVE_USABLE_OPENSSL use_openssl = enable; -#else - g_assert (0); #endif + + return use_openssl; } diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h index 3305fccc1..aed90079c 100644 --- a/src/libcryptobox/cryptobox.h +++ b/src/libcryptobox/cryptobox.h @@ -178,6 +178,6 @@ gboolean rspamd_cryptobox_pbkdf(const char *pass, gsize pass_len, * Enable openssl mode in rspamd_cryptobox * @param enable if TRUE then crypto code will use openssl, chacha20/poly1305 otherwize */ -void rspamd_cryptobox_openssl_mode (gboolean enable); +gboolean rspamd_cryptobox_openssl_mode (gboolean enable); #endif /* CRYPTOBOX_H_ */ diff --git a/test/rspamd_cryptobox_test.c b/test/rspamd_cryptobox_test.c index d01d99ee3..97a21ec48 100644 --- a/test/rspamd_cryptobox_test.c +++ b/test/rspamd_cryptobox_test.c @@ -172,6 +172,7 @@ rspamd_cryptobox_test_func (void) struct rspamd_cryptobox_segment *seg; double t1, t2; gint i, cnt, ms; + gboolean checked_openssl = FALSE; map = create_mapping (mapping_size, &begin, &end); @@ -188,6 +189,22 @@ rspamd_cryptobox_test_func (void) check_result (key, nonce, mac, begin, end); msg_info ("baseline encryption: %.6f", t2 - t1); + + if (rspamd_cryptobox_openssl_mode (TRUE)) { + t1 = rspamd_get_ticks (); + rspamd_cryptobox_encrypt_nm_inplace (begin, + end - begin, + nonce, + key, + mac); + t2 = rspamd_get_ticks (); + check_result (key, nonce, mac, begin, end); + + msg_info ("openssl baseline encryption: %.6f", t2 - t1); + rspamd_cryptobox_openssl_mode (FALSE); + } + +start: /* A single chunk as vector */ seg[0].data = begin; seg[0].len = end - begin; @@ -330,4 +347,9 @@ rspamd_cryptobox_test_func (void) msg_info ("constrainted fuzz iterations: %d", i); } } + + if (!checked_openssl && rspamd_cryptobox_openssl_mode (TRUE)) { + checked_openssl = TRUE; + goto start; + } } |