From fb1aeb3ffff2948edeb710e65aef261b589c7403 Mon Sep 17 00:00:00 2001
From: Dimitri Staessens <dimitri@ouroboros.rocks>
Date: Thu, 22 Jan 2026 21:34:42 +0100
Subject: lib: Fix allocation of IV and tags

The packet buffer was allocating a fixed header for the IV, but did
not account for the tag at all (remnant of the old hardcoded CBC
mode-only proof-of-concept). Never ran into issues because we always
reserved ample space. But it now properly reserves the correct space
for IV and tag.

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
---
 src/lib/crypt/openssl.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'src/lib/crypt/openssl.c')

diff --git a/src/lib/crypt/openssl.c b/src/lib/crypt/openssl.c
index bd3f1239..5eee2a13 100644
--- a/src/lib/crypt/openssl.c
+++ b/src/lib/crypt/openssl.c
@@ -996,6 +996,20 @@ void openssl_crypt_destroy_ctx(struct ossl_crypt_ctx * ctx)
         free(ctx);
 }
 
+int openssl_crypt_get_ivsz(struct ossl_crypt_ctx * ctx)
+{
+        assert(ctx != NULL);
+
+        return ctx->ivsz;
+}
+
+int openssl_crypt_get_tagsz(struct ossl_crypt_ctx * ctx)
+{
+        assert(ctx != NULL);
+
+        return ctx->tagsz;
+}
+
 /* AUTHENTICATION */
 
 int openssl_load_crt_file(const char * path,
-- 
cgit v1.2.3