diff --git a/TunnelKit/Sources/Core/Crypto.h b/TunnelKit/Sources/Core/Crypto.h index 5b71c19..109758c 100644 --- a/TunnelKit/Sources/Core/Crypto.h +++ b/TunnelKit/Sources/Core/Crypto.h @@ -44,10 +44,10 @@ NS_ASSUME_NONNULL_BEGIN @protocol DataPathDecrypter; typedef struct { - const uint8_t *iv; - int ivLength; - const uint8_t *ad; - int adLength; + const uint8_t *_Nullable iv; + NSInteger ivLength; + const uint8_t *_Nullable ad; + NSInteger adLength; } CryptoFlags; // WARNING: dest must be able to hold ciphertext diff --git a/TunnelKit/Sources/Core/CryptoAEAD.m b/TunnelKit/Sources/Core/CryptoAEAD.m index 0ee5627..d5f4e06 100644 --- a/TunnelKit/Sources/Core/CryptoAEAD.m +++ b/TunnelKit/Sources/Core/CryptoAEAD.m @@ -127,7 +127,7 @@ const NSInteger CryptoAEADTagLength = 16; memcpy(self.cipherIVEnc, flags->iv, flags->ivLength); TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherInit(self.cipherCtxEnc, NULL, NULL, self.cipherIVEnc, -1); - TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherUpdate(self.cipherCtxEnc, NULL, &x, flags->ad, flags->adLength); + TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherUpdate(self.cipherCtxEnc, NULL, &x, flags->ad, (int)flags->adLength); TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherUpdate(self.cipherCtxEnc, dest + CryptoAEADTagLength, &l1, bytes, (int)length); TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherFinal(self.cipherCtxEnc, dest + CryptoAEADTagLength + l1, &l2); TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CIPHER_CTX_ctrl(self.cipherCtxEnc, EVP_CTRL_GCM_GET_TAG, CryptoAEADTagLength, dest); @@ -174,7 +174,7 @@ const NSInteger CryptoAEADTagLength = 16; TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherInit(self.cipherCtxDec, NULL, NULL, self.cipherIVDec, -1); TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CIPHER_CTX_ctrl(self.cipherCtxDec, EVP_CTRL_GCM_SET_TAG, CryptoAEADTagLength, (uint8_t *)bytes); - TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherUpdate(self.cipherCtxDec, NULL, &x, flags->ad, flags->adLength); + TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherUpdate(self.cipherCtxDec, NULL, &x, flags->ad, (int)flags->adLength); TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherUpdate(self.cipherCtxDec, dest, &l1, bytes + CryptoAEADTagLength, (int)length - CryptoAEADTagLength); TUNNEL_CRYPTO_TRACK_STATUS(code) EVP_CipherFinal(self.cipherCtxDec, dest + l1, &l2); diff --git a/TunnelKitTests/EncryptionPerformanceTests.swift b/TunnelKitTests/EncryptionPerformanceTests.swift index 75e1c89..b08a7f9 100644 --- a/TunnelKitTests/EncryptionPerformanceTests.swift +++ b/TunnelKitTests/EncryptionPerformanceTests.swift @@ -80,9 +80,8 @@ class EncryptionPerformanceTests: XCTestCase { // 0.684s func testGCMEncryption() { let suite = TestUtils.generateDataSuite(1000, 100000) - let iv: [UInt8] = [0x11, 0x22, 0x33, 0x44] let ad: [UInt8] = [0x11, 0x22, 0x33, 0x44] - var flags = CryptoFlags(iv: iv, ivLength: 4, ad: ad, adLength: 4) + var flags = CryptoFlags(iv: nil, ivLength: 0, ad: ad, adLength: ad.count) measure { for data in suite { let _ = try! self.gcmEncrypter.encryptData(data, flags: &flags) diff --git a/TunnelKitTests/EncryptionTests.swift b/TunnelKitTests/EncryptionTests.swift index 43d2132..90370ab 100644 --- a/TunnelKitTests/EncryptionTests.swift +++ b/TunnelKitTests/EncryptionTests.swift @@ -81,7 +81,7 @@ class EncryptionTests: XCTestCase { let packetId: [UInt8] = [0x56, 0x34, 0x12, 0x00] let ad: [UInt8] = [0x00, 0x12, 0x34, 0x56] - var flags = CryptoFlags(iv: packetId, ivLength: 4, ad: ad, adLength: 4) + var flags = CryptoFlags(iv: packetId, ivLength: packetId.count, ad: ad, adLength: ad.count) let plain = Data(hex: "00112233445566778899") let encrypted = try! client.encrypter().encryptData(plain, flags: &flags) let decrypted = try! server.decrypter().decryptData(encrypted, flags: &flags)