diff options
| author | Ingmar Runge <ingmar@irsoft.de> | 2013-11-19 22:38:15 +0100 |
|---|---|---|
| committer | Fedor Indutny <fedor.indutny@gmail.com> | 2013-12-08 00:00:02 +0400 |
| commit | e0d31ea2dbdc33dda0f295ceda07b7fc1de4e09c (patch) | |
| tree | cf81c1a7d2e288f777507535aee375554762ad19 /src/node_crypto.h | |
| parent | f9f9239fa2f1c33e17ed3b0e830099f64a70bd37 (diff) | |
| download | node-e0d31ea2dbdc33dda0f295ceda07b7fc1de4e09c.tar.gz | |
crypto: support GCM authenticated encryption mode.
This adds two new member functions getAuthTag and setAuthTag that
are useful for AES-GCM encryption modes. Use getAuthTag after
Cipheriv.final, transmit the tag along with the data and use
Decipheriv.setAuthTag to have the encrypted data verified.
Diffstat (limited to 'src/node_crypto.h')
| -rw-r--r-- | src/node_crypto.h | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/node_crypto.h b/src/node_crypto.h index 05f5e3623..f11f2a00c 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -318,6 +318,7 @@ class CipherBase : public BaseObject { ~CipherBase() { if (!initialised_) return; + delete[] auth_tag_; EVP_CIPHER_CTX_cleanup(&ctx_); } @@ -339,6 +340,10 @@ class CipherBase : public BaseObject { bool Final(unsigned char** out, int *out_len); bool SetAutoPadding(bool auto_padding); + bool IsAuthenticatedMode() const; + bool GetAuthTag(char** out, unsigned int* out_len) const; + bool SetAuthTag(const char* data, unsigned int len); + static void New(const v8::FunctionCallbackInfo<v8::Value>& args); static void Init(const v8::FunctionCallbackInfo<v8::Value>& args); static void InitIv(const v8::FunctionCallbackInfo<v8::Value>& args); @@ -346,13 +351,18 @@ class CipherBase : public BaseObject { static void Final(const v8::FunctionCallbackInfo<v8::Value>& args); static void SetAutoPadding(const v8::FunctionCallbackInfo<v8::Value>& args); + static void GetAuthTag(const v8::FunctionCallbackInfo<v8::Value>& args); + static void SetAuthTag(const v8::FunctionCallbackInfo<v8::Value>& args); + CipherBase(Environment* env, v8::Local<v8::Object> wrap, CipherKind kind) : BaseObject(env, wrap), cipher_(NULL), initialised_(false), - kind_(kind) { + kind_(kind), + auth_tag_(NULL), + auth_tag_len_(0) { MakeWeak<CipherBase>(this); } @@ -361,6 +371,8 @@ class CipherBase : public BaseObject { const EVP_CIPHER* cipher_; /* coverity[member_decl] */ bool initialised_; CipherKind kind_; + char* auth_tag_; + unsigned int auth_tag_len_; }; class Hmac : public BaseObject { |