Use high-level aes256gcm functions instead of the specific aesni implementation

This commit is contained in:
Frank Denis 2015-10-11 14:31:41 +02:00
parent 6dd517d77c
commit c7a7775aaa

View File

@ -91,7 +91,7 @@ alloc_encrypt(struct vtun_host *host)
if (derive_key(key, crypto_aead_KEYBYTES, host) != 0) { if (derive_key(key, crypto_aead_KEYBYTES, host) != 0) {
return -1; return -1;
} }
crypto_aead_aes256gcm_aesni_beforenm(ctx.state, key); crypto_aead_aes256gcm_beforenm(ctx.state, key);
sodium_free(key); sodium_free(key);
return 0; return 0;
@ -131,7 +131,7 @@ encrypt_buf(int message_len_, char *message_, char ** const ciphertext_p)
if (message_len_ < 0 || message_len > MESSAGE_MAX_SIZE) { if (message_len_ < 0 || message_len > MESSAGE_MAX_SIZE) {
return -1; return -1;
} }
crypto_aead_aes256gcm_aesni_encrypt_afternm(ctx.ciphertext, &ciphertext_len, crypto_aead_aes256gcm_encrypt_afternm(ctx.ciphertext, &ciphertext_len,
message, message_len, message, message_len,
NULL, 0ULL, NULL, 0ULL,
NULL, ctx.nonce, ctx.state); NULL, ctx.nonce, ctx.state);
@ -158,7 +158,7 @@ decrypt_buf(int ciphertext_len_, char *ciphertext_, char ** const message_p)
ciphertext_len -= crypto_aead_NPUBBYTES; ciphertext_len -= crypto_aead_NPUBBYTES;
nonce = ciphertext + ciphertext_len; nonce = ciphertext + ciphertext_len;
if (is_lower_or_equal(nonce, ctx.previous_decrypted_nonce, crypto_aead_NPUBBYTES) || if (is_lower_or_equal(nonce, ctx.previous_decrypted_nonce, crypto_aead_NPUBBYTES) ||
crypto_aead_aes256gcm_aesni_decrypt_afternm(ctx.message, &message_len, NULL, crypto_aead_aes256gcm_decrypt_afternm(ctx.message, &message_len, NULL,
ciphertext, ciphertext_len, ciphertext, ciphertext_len,
NULL, 0ULL, nonce, ctx.state) != 0) { NULL, 0ULL, nonce, ctx.state) != 0) {
return -1; return -1;