lib: Fix allocation of IV and tags

The packet buffer was allocating a fixed header for the IV, but did
not account for the tag at all (remnant of the old hardcoded CBC
mode-only proof-of-concept). Never ran into issues because we always
reserved ample space. But it now properly reserves the correct space
for IV and tag.

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>

2 files changed, 18 insertions, 0 deletions

diff --git a/src/lib/crypt/openssl.c b/src/lib/crypt/openssl.c
index bd3f1239..5eee2a13 100644
--- a/src/lib/crypt/openssl.c
+++ b/src/lib/crypt/openssl.c
@@ -996,6 +996,20 @@ void openssl_crypt_destroy_ctx(struct ossl_crypt_ctx * ctx)
         free(ctx);
 }
 
+int openssl_crypt_get_ivsz(struct ossl_crypt_ctx * ctx)
+{
+        assert(ctx != NULL);
+
+        return ctx->ivsz;
+}
+
+int openssl_crypt_get_tagsz(struct ossl_crypt_ctx * ctx)
+{
+        assert(ctx != NULL);
+
+        return ctx->tagsz;
+}
+
 /* AUTHENTICATION */
 
 int openssl_load_crt_file(const char * path,
diff --git a/src/lib/crypt/openssl.h b/src/lib/crypt/openssl.h
index c28d0b4d..083e8dde 100644
--- a/src/lib/crypt/openssl.h
+++ b/src/lib/crypt/openssl.h
@@ -73,6 +73,10 @@ struct ossl_crypt_ctx * openssl_crypt_create_ctx(struct crypt_sk * sk);
 
 void                    openssl_crypt_destroy_ctx(struct ossl_crypt_ctx * ctx);
 
+int                     openssl_crypt_get_ivsz(struct ossl_crypt_ctx * ctx);
+
+int                     openssl_crypt_get_tagsz(struct ossl_crypt_ctx * ctx);
+
 /* AUTHENTICATION */
 
 int     openssl_load_crt_file(const char * path,