Skip to content

Commit 3ce1d00

Browse files
CandyMiCandyMi
committed
完善aes-gcm
1 parent 2fd77c5 commit 3ce1d00

File tree

1 file changed

+17
-12
lines changed

1 file changed

+17
-12
lines changed

luaclib/src/lcrypt/aes.c

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,12 @@
11
#include "lcrypt.h"
22

3-
static inline int aes_is_gcm(EVP_CIPHER_CTX *ctx)
3+
static inline int aes_is_gcm(const EVP_CIPHER * c)
44
{
5-
const EVP_CIPHER *c = EVP_CIPHER_CTX_get0_cipher(ctx);
65
return (c == EVP_aes_128_gcm()) || (c == EVP_aes_192_gcm()) || (c == EVP_aes_256_gcm());
76
}
87

9-
static inline int aes_is_ccm(EVP_CIPHER_CTX *ctx)
8+
static inline int aes_is_ccm(const EVP_CIPHER * c)
109
{
11-
const EVP_CIPHER *c = EVP_CIPHER_CTX_get0_cipher(ctx);
1210
return (c == EVP_aes_128_ccm()) || (c == EVP_aes_192_ccm()) || (c == EVP_aes_256_ccm());
1311
}
1412

@@ -20,7 +18,7 @@ static inline const EVP_CIPHER * aes_get_cipher(int nid)
2018
static inline int aes_set_ahead(lua_State *L, EVP_CIPHER_CTX *ctx, const uint8_t *aad, size_t aadlen, size_t total)
2119
{
2220
int len = 0; /* CCM 模式需要 */
23-
if (aes_is_ccm(ctx))
21+
if (aes_is_ccm(EVP_CIPHER_CTX_get0_cipher(ctx)))
2422
{
2523
if(1 != EVP_CipherUpdate(ctx, NULL, &len, NULL, total)){
2624
EVP_CIPHER_CTX_free(ctx);
@@ -65,7 +63,7 @@ static int do_aes_encrypt(lua_State *L, const EVP_CIPHER *c, const uint8_t *key,
6563
return 2;
6664
}
6765

68-
if (aes_is_gcm(ctx) || aes_is_ccm(ctx))
66+
if (aes_is_gcm(c) || aes_is_ccm(c))
6967
{
7068
int r = aes_set_ahead(L, ctx, aad, aadlen, tsize - taglen);
7169
if (r)
@@ -97,8 +95,10 @@ static int do_aes_encrypt(lua_State *L, const EVP_CIPHER *c, const uint8_t *key,
9795
}
9896
olen += update_len;
9997

100-
if (aes_is_gcm(ctx) || aes_is_ccm(ctx))
98+
// printf("是否ccm or gcm ? %d\n", aes_is_gcm(c) || aes_is_ccm(c));
99+
if (aes_is_gcm(c) || aes_is_ccm(c))
101100
{
101+
// printf("加密有进入到这里吗?\n");
102102
if (1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, out + olen)) {
103103
EVP_CIPHER_CTX_free(ctx);
104104
lua_pushnil(L);
@@ -128,7 +128,7 @@ static int do_aes_decrypt(lua_State *L, const EVP_CIPHER *c, const uint8_t *key,
128128
}
129129

130130
/* CCM 模式 没有这个会报错 */
131-
if (aes_is_ccm(ctx))
131+
if (aes_is_ccm(c))
132132
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, (void *)((cipher + csize) - taglen));
133133

134134
/* 设置 密钥 和 向量 的长度 */
@@ -143,7 +143,7 @@ static int do_aes_decrypt(lua_State *L, const EVP_CIPHER *c, const uint8_t *key,
143143
return 2;
144144
}
145145

146-
if (aes_is_gcm(ctx) || aes_is_ccm(ctx))
146+
if (aes_is_gcm(c) || aes_is_ccm(c))
147147
{
148148
int r = aes_set_ahead(L, ctx, aad, aadlen, csize - taglen);
149149
if (r)
@@ -167,7 +167,7 @@ static int do_aes_decrypt(lua_State *L, const EVP_CIPHER *c, const uint8_t *key,
167167
olen += update_len;
168168

169169
/* 不同模式 */
170-
if (aes_is_gcm(ctx))
170+
if (aes_is_gcm(c))
171171
{
172172
if (1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, (void *)((cipher + csize) - taglen))) {
173173
lua_pushnil(L);
@@ -178,8 +178,13 @@ static int do_aes_decrypt(lua_State *L, const EVP_CIPHER *c, const uint8_t *key,
178178

179179
/* 解密成功需要附加数据 */
180180
int ret = EVP_DecryptFinal_ex(ctx, out + olen, &update_len);
181-
if (ret == 1)
182-
olen += update_len;
181+
if (1 != ret)
182+
{
183+
lua_pushnil(L);
184+
lua_pushstring(L, "[Cipher error]: dec final failed.");
185+
return 2;
186+
}
187+
olen += update_len;
183188

184189
lua_pushlstring(L, (const char *)out, olen);
185190
EVP_CIPHER_CTX_free(ctx);

0 commit comments

Comments
 (0)