crypto: use new OpenSSL constants in CipherBase

This change replaces some constants with better alternatives which were unavailable in OpenSSL 1.0.2. PR-URL: #20339 Refs: #19794 Refs: #18138 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
nodejs · May 4, 2018 · dfcf20f · dfcf20f
1 parent b89d817
commit dfcf20f
Showing 1 changed file with 3 additions and 8 deletions.
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
@@ -2791,10 +2791,7 @@ bool CipherBase::InitAuthenticated(const char *cipher_type, int iv_len,
                                    int auth_tag_len) {
   CHECK(IsAuthenticatedMode());
 
-  // TODO(tniessen) Use EVP_CTRL_AEAD_SET_IVLEN when migrating to OpenSSL 1.1.0
-  static_assert(EVP_CTRL_CCM_SET_IVLEN == EVP_CTRL_GCM_SET_IVLEN,
-                "OpenSSL constants differ between GCM and CCM");
-  if (!EVP_CIPHER_CTX_ctrl(ctx_, EVP_CTRL_GCM_SET_IVLEN, iv_len, nullptr)) {
+  if (!EVP_CIPHER_CTX_ctrl(ctx_, EVP_CTRL_AEAD_SET_IVLEN, iv_len, nullptr)) {
     env()->ThrowError("Invalid IV length");
     return false;
   }
@@ -3085,10 +3082,8 @@ bool CipherBase::Final(unsigned char** out, int *out_len) {
       // must be specified in advance.
       if (mode == EVP_CIPH_GCM_MODE)
         auth_tag_len_ = sizeof(auth_tag_);
-      // TOOD(tniessen) Use EVP_CTRL_AEAP_GET_TAG in OpenSSL 1.1.0
-      static_assert(EVP_CTRL_CCM_GET_TAG == EVP_CTRL_GCM_GET_TAG,
-                    "OpenSSL constants differ between GCM and CCM");
-      CHECK_EQ(1, EVP_CIPHER_CTX_ctrl(ctx_, EVP_CTRL_GCM_GET_TAG, auth_tag_len_,
+      CHECK_EQ(1, EVP_CIPHER_CTX_ctrl(ctx_, EVP_CTRL_AEAD_GET_TAG,
+                      auth_tag_len_,
                       reinterpret_cast<unsigned char*>(auth_tag_)));
     }
   }