[PATCH] Use EVP_MAC interface for Poly1305 if supported.
Darren Tucker
dtucker at dtucker.net
Tue Oct 25 07:23:55 AEDT 2022
On Tue, 25 Oct 2022 at 06:23, Chris Rapier <rapier at psc.edu> wrote:
> +#if OPENSSL_VERSION_NUMBER >= 0x30000000UL
As mentioned by Dmitry Belyavskiy upthread, since this depends on
EVP_MAC_fetch() this should probably be checked by configure instead
and put inside an ifdef HAVE_EVP_MAC_FETCH. I'm also wondering if the
additional OpenSSL specific code belongs in the poly1305_auth function
in cipher-chachapoly-libcrypto.c.
> + size_t poly_out_len;
> +#endif
Since poly_out_len is only ever used inside the "if (!do_encrypt)"
block below, you could move this declaration inside the existing ifdef
inside that block and reduce this diff by one hunk.
--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list