Fix the spelling of HPKE AEAD constants.
AES_128_GCM is more common than AES_GCM_128 and matches the
specification.
Bug: 275
Change-Id: If3446a38f7bfbe0250d9646e363db29b93e4d231
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46666
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Dan McArdle <dmcardle@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/hpke/hpke.c b/crypto/hpke/hpke.c
index 29f60fc..fa44d8e 100644
--- a/crypto/hpke/hpke.c
+++ b/crypto/hpke/hpke.c
@@ -128,9 +128,9 @@
const EVP_AEAD *EVP_HPKE_get_aead(uint16_t aead_id) {
switch (aead_id) {
- case EVP_HPKE_AEAD_AES_GCM_128:
+ case EVP_HPKE_AEAD_AES_128_GCM:
return EVP_aead_aes_128_gcm();
- case EVP_HPKE_AEAD_AES_GCM_256:
+ case EVP_HPKE_AEAD_AES_256_GCM:
return EVP_aead_aes_256_gcm();
case EVP_HPKE_AEAD_CHACHA20POLY1305:
return EVP_aead_chacha20_poly1305();
diff --git a/crypto/hpke/hpke_test.cc b/crypto/hpke/hpke_test.cc
index d3f841c..fd142a3 100644
--- a/crypto/hpke/hpke_test.cc
+++ b/crypto/hpke/hpke_test.cc
@@ -262,7 +262,7 @@
TEST(HPKETest, RoundTrip) {
uint16_t kdf_ids[] = {EVP_HPKE_HKDF_SHA256, EVP_HPKE_HKDF_SHA384,
EVP_HPKE_HKDF_SHA512};
- uint16_t aead_ids[] = {EVP_HPKE_AEAD_AES_GCM_128, EVP_HPKE_AEAD_AES_GCM_256,
+ uint16_t aead_ids[] = {EVP_HPKE_AEAD_AES_128_GCM, EVP_HPKE_AEAD_AES_256_GCM,
EVP_HPKE_AEAD_CHACHA20POLY1305};
const uint8_t info_a[] = {1, 1, 2, 3, 5, 8};
@@ -342,7 +342,7 @@
uint16_t kdf_ids[] = {EVP_HPKE_HKDF_SHA256, EVP_HPKE_HKDF_SHA384,
EVP_HPKE_HKDF_SHA512};
- uint16_t aead_ids[] = {EVP_HPKE_AEAD_AES_GCM_128, EVP_HPKE_AEAD_AES_GCM_256,
+ uint16_t aead_ids[] = {EVP_HPKE_AEAD_AES_128_GCM, EVP_HPKE_AEAD_AES_256_GCM,
EVP_HPKE_AEAD_CHACHA20POLY1305};
for (uint16_t kdf_id : kdf_ids) {
@@ -377,7 +377,7 @@
// Set up the receiver.
ScopedEVP_HPKE_CTX receiver_ctx;
ASSERT_TRUE(EVP_HPKE_CTX_setup_base_r_x25519(
- receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_GCM_128,
+ receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_128_GCM,
kMockEnc, sizeof(kMockEnc), public_key_r, sizeof(public_key_r),
secret_key_r, sizeof(secret_key_r), nullptr, 0));
@@ -405,7 +405,7 @@
uint8_t enc[X25519_PUBLIC_VALUE_LEN];
ASSERT_TRUE(EVP_HPKE_CTX_setup_base_s_x25519(
sender_ctx.get(), enc, sizeof(enc), EVP_HPKE_HKDF_SHA256,
- EVP_HPKE_AEAD_AES_GCM_128, public_key_r, sizeof(public_key_r), nullptr,
+ EVP_HPKE_AEAD_AES_128_GCM, public_key_r, sizeof(public_key_r), nullptr,
0));
// Call Open() on the sender.
@@ -442,7 +442,7 @@
ASSERT_EQ(
EVP_HPKE_CTX_setup_psk_s_x25519(
sender_ctx.get(), enc, sizeof(enc), EVP_HPKE_HKDF_SHA256,
- EVP_HPKE_AEAD_AES_GCM_128, public_key_r, sizeof(public_key_r),
+ EVP_HPKE_AEAD_AES_128_GCM, public_key_r, sizeof(public_key_r),
nullptr, 0, psk.data(), psk.size(), psk_id.data(), psk_id.size()),
kExpectSuccess);
@@ -456,7 +456,7 @@
ScopedEVP_HPKE_CTX receiver_ctx;
ASSERT_EQ(EVP_HPKE_CTX_setup_psk_r_x25519(
receiver_ctx.get(), EVP_HPKE_HKDF_SHA256,
- EVP_HPKE_AEAD_AES_GCM_128, kMockEnc, sizeof(kMockEnc),
+ EVP_HPKE_AEAD_AES_128_GCM, kMockEnc, sizeof(kMockEnc),
public_key_r, sizeof(public_key_r), secret_key_r,
sizeof(secret_key_r), nullptr, 0, psk.data(), psk.size(),
psk_id.data(), psk_id.size()),
@@ -482,7 +482,7 @@
{
ASSERT_FALSE(EVP_HPKE_CTX_setup_base_s_x25519(
sender_ctx.get(), bogus_enc, sizeof(bogus_enc), EVP_HPKE_HKDF_SHA256,
- EVP_HPKE_AEAD_AES_GCM_128, public_key_r, sizeof(public_key_r), nullptr,
+ EVP_HPKE_AEAD_AES_128_GCM, public_key_r, sizeof(public_key_r), nullptr,
0));
uint32_t err = ERR_get_error();
EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
@@ -494,7 +494,7 @@
const uint8_t psk_id[] = {1, 2, 3, 4};
ASSERT_FALSE(EVP_HPKE_CTX_setup_psk_s_x25519(
sender_ctx.get(), bogus_enc, sizeof(bogus_enc), EVP_HPKE_HKDF_SHA256,
- EVP_HPKE_AEAD_AES_GCM_128, public_key_r, sizeof(public_key_r), nullptr,
+ EVP_HPKE_AEAD_AES_128_GCM, public_key_r, sizeof(public_key_r), nullptr,
0, psk, sizeof(psk), psk_id, sizeof(psk_id)));
uint32_t err = ERR_get_error();
EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
@@ -513,7 +513,7 @@
ScopedEVP_HPKE_CTX receiver_ctx;
{
ASSERT_FALSE(EVP_HPKE_CTX_setup_base_r_x25519(
- receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_GCM_128,
+ receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_128_GCM,
bogus_enc, sizeof(bogus_enc), public_key, sizeof(public_key),
private_key, sizeof(private_key), nullptr, 0));
uint32_t err = ERR_get_error();
@@ -525,7 +525,7 @@
const uint8_t psk[] = {1, 2, 3, 4};
const uint8_t psk_id[] = {1, 2, 3, 4};
ASSERT_FALSE(EVP_HPKE_CTX_setup_psk_r_x25519(
- receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_GCM_128,
+ receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_128_GCM,
bogus_enc, sizeof(bogus_enc), public_key, sizeof(public_key),
private_key, sizeof(private_key), nullptr, 0, psk, sizeof(psk), psk_id,
sizeof(psk_id)));
@@ -543,7 +543,7 @@
{
ASSERT_FALSE(EVP_HPKE_CTX_setup_base_s_x25519(
sender_ctx.get(), enc, sizeof(enc), EVP_HPKE_HKDF_SHA256,
- EVP_HPKE_AEAD_AES_GCM_128, bogus_public_key_r,
+ EVP_HPKE_AEAD_AES_128_GCM, bogus_public_key_r,
sizeof(bogus_public_key_r), nullptr, 0));
uint32_t err = ERR_get_error();
EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
@@ -556,7 +556,7 @@
ASSERT_FALSE(EVP_HPKE_CTX_setup_psk_s_x25519(
sender_ctx.get(), enc, sizeof(enc), EVP_HPKE_HKDF_SHA256,
- EVP_HPKE_AEAD_AES_GCM_128, bogus_public_key_r,
+ EVP_HPKE_AEAD_AES_128_GCM, bogus_public_key_r,
sizeof(bogus_public_key_r), nullptr, 0, psk, sizeof(psk), psk_id,
sizeof(psk_id)));
uint32_t err = ERR_get_error();
@@ -582,7 +582,7 @@
{
// Test base mode with |bogus_public_key|.
ASSERT_FALSE(EVP_HPKE_CTX_setup_base_r_x25519(
- receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_GCM_128,
+ receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_128_GCM,
enc, sizeof(enc), bogus_public_key, sizeof(bogus_public_key),
private_key, sizeof(private_key), nullptr, 0));
uint32_t err = ERR_get_error();
@@ -593,7 +593,7 @@
{
// Test base mode with |bogus_private_key|.
ASSERT_FALSE(EVP_HPKE_CTX_setup_base_r_x25519(
- receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_GCM_128,
+ receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_128_GCM,
enc, sizeof(enc), public_key, sizeof(public_key), bogus_private_key,
sizeof(bogus_private_key), nullptr, 0));
uint32_t err = ERR_get_error();
@@ -606,7 +606,7 @@
const uint8_t psk[] = {1, 2, 3, 4};
const uint8_t psk_id[] = {1, 2, 3, 4};
ASSERT_FALSE(EVP_HPKE_CTX_setup_psk_r_x25519(
- receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_GCM_128,
+ receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_128_GCM,
enc, sizeof(enc), bogus_public_key, sizeof(bogus_public_key),
private_key, sizeof(private_key), nullptr, 0, psk, sizeof(psk), psk_id,
sizeof(psk_id)));
@@ -620,7 +620,7 @@
const uint8_t psk[] = {1, 2, 3, 4};
const uint8_t psk_id[] = {1, 2, 3, 4};
ASSERT_FALSE(EVP_HPKE_CTX_setup_psk_r_x25519(
- receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_GCM_128,
+ receiver_ctx.get(), EVP_HPKE_HKDF_SHA256, EVP_HPKE_AEAD_AES_128_GCM,
enc, sizeof(enc), public_key, sizeof(public_key), bogus_private_key,
sizeof(bogus_private_key), nullptr, 0, psk, sizeof(psk), psk_id,
sizeof(psk_id)));
diff --git a/crypto/hpke/internal.h b/crypto/hpke/internal.h
index 51a3313..5bd6508 100644
--- a/crypto/hpke/internal.h
+++ b/crypto/hpke/internal.h
@@ -34,8 +34,8 @@
// See https://tools.ietf.org/html/draft-irtf-cfrg-hpke-07.
// EVP_HPKE_AEAD_* are AEAD identifiers.
-#define EVP_HPKE_AEAD_AES_GCM_128 0x0001
-#define EVP_HPKE_AEAD_AES_GCM_256 0x0002
+#define EVP_HPKE_AEAD_AES_128_GCM 0x0001
+#define EVP_HPKE_AEAD_AES_256_GCM 0x0002
#define EVP_HPKE_AEAD_CHACHA20POLY1305 0x0003
// EVP_HPKE_HKDF_* are HKDF identifiers.
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 484eee9..155c713 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -620,7 +620,7 @@
constexpr uint16_t kdf_id = EVP_HPKE_HKDF_SHA256;
const uint16_t aead_id = EVP_has_aes_hardware()
- ? EVP_HPKE_AEAD_AES_GCM_128
+ ? EVP_HPKE_AEAD_AES_128_GCM
: EVP_HPKE_AEAD_CHACHA20POLY1305;
const EVP_AEAD *aead = EVP_HPKE_get_aead(aead_id);
assert(aead != nullptr);