diff --git a/TunnelKit/Sources/Core/CryptoAEAD.m b/TunnelKit/Sources/Core/CryptoAEAD.m index 5c7ccd7..45723e2 100644 --- a/TunnelKit/Sources/Core/CryptoAEAD.m +++ b/TunnelKit/Sources/Core/CryptoAEAD.m @@ -97,6 +97,11 @@ const NSInteger CryptoAEADTagLength = 16; self.cipher = NULL; } +- (int)digestLength +{ + return 0; +} + #pragma mark Encrypter - (void)configureEncryptionWithCipherKey:(ZeroingData *)cipherKey hmacKey:(ZeroingData *)hmacKey diff --git a/TunnelKit/Sources/Core/CryptoBox.h b/TunnelKit/Sources/Core/CryptoBox.h index d5c122f..3a5ff9a 100644 --- a/TunnelKit/Sources/Core/CryptoBox.h +++ b/TunnelKit/Sources/Core/CryptoBox.h @@ -68,4 +68,6 @@ - (nonnull id)encrypter; - (nonnull id)decrypter; +- (NSInteger)digestLength; + @end diff --git a/TunnelKit/Sources/Core/CryptoBox.m b/TunnelKit/Sources/Core/CryptoBox.m index 5f38187..89492f0 100644 --- a/TunnelKit/Sources/Core/CryptoBox.m +++ b/TunnelKit/Sources/Core/CryptoBox.m @@ -50,6 +50,7 @@ @property (nonatomic, strong) NSString *cipherAlgorithm; @property (nonatomic, strong) NSString *digestAlgorithm; +@property (nonatomic, assign) NSInteger digestLength; @property (nonatomic, strong) id encrypter; @property (nonatomic, strong) id decrypter; @@ -131,6 +132,9 @@ [self.encrypter configureEncryptionWithCipherKey:cipherEncKey hmacKey:hmacEncKey]; [self.decrypter configureDecryptionWithCipherKey:cipherDecKey hmacKey:hmacDecKey]; + NSAssert(self.encrypter.digestLength == self.decrypter.digestLength, @"Digest length mismatch in encrypter/decrypter"); + self.digestLength = self.encrypter.digestLength; + return YES; } diff --git a/TunnelKit/Sources/Core/Encryption.h b/TunnelKit/Sources/Core/Encryption.h index 0352c83..ca0bb2b 100644 --- a/TunnelKit/Sources/Core/Encryption.h +++ b/TunnelKit/Sources/Core/Encryption.h @@ -45,6 +45,7 @@ @protocol Encrypter - (void)configureEncryptionWithCipherKey:(nonnull ZeroingData *)cipherKey hmacKey:(nonnull ZeroingData *)hmacKey; +- (int)digestLength; - (int)overheadLength; - (int)extraLength; @@ -59,6 +60,7 @@ @protocol Decrypter - (void)configureDecryptionWithCipherKey:(nonnull ZeroingData *)cipherKey hmacKey:(nonnull ZeroingData *)hmacKey; +- (int)digestLength; - (int)overheadLength; - (int)extraLength;