static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher,
void *key, void *IV) {
int rc;
evp_cipher_init(cipher);
EVP_CIPHER_CTX_init(cipher->ctx);
rc = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed");
return SSH_ERROR;
}
#ifdef HAVE_OPENSSL_EVP_AES_GCM
/* For AES-GCM we need to set IV in specific way */
if (cipher->ciphertype == SSH_AEAD_AES128_GCM ||
cipher->ciphertype == SSH_AEAD_AES256_GCM) {
rc = EVP_CIPHER_CTX_ctrl(cipher->ctx,
EVP_CTRL_GCM_SET_IV_FIXED,
-1,
(uint8_t *)IV);
if (rc != 1) {
SSH_LOG(SSH_LOG_WARNING, "EVP_CTRL_GCM_SET_IV_FIXED failed");
return SSH_ERROR;
}
}
#endif /* HAVE_OPENSSL_EVP_AES_GCM */
EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
return SSH_OK;
}
static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher,
void *key, void *IV) {
int rc;
evp_cipher_init(cipher);
EVP_CIPHER_CTX_init(cipher->ctx);
rc = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, key, IV);
if (rc != 1){
SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed");
return SSH_ERROR;
}
EVP_CIPHER_CTX_set_padding(cipher->ctx, 0);
return SSH_OK;
}
