From fb1aeb3ffff2948edeb710e65aef261b589c7403 Mon Sep 17 00:00:00 2001
From: Dimitri Staessens <dimitri@ouroboros.rocks>
Date: Thu, 22 Jan 2026 21:34:42 +0100
Subject: lib: Fix allocation of IV and tags

The packet buffer was allocating a fixed header for the IV, but did
not account for the tag at all (remnant of the old hardcoded CBC
mode-only proof-of-concept). Never ran into issues because we always
reserved ample space. But it now properly reserves the correct space
for IV and tag.

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
---
 src/lib/crypt/openssl.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/lib/crypt/openssl.h')

diff --git a/src/lib/crypt/openssl.h b/src/lib/crypt/openssl.h
index c28d0b4d..083e8dde 100644
--- a/src/lib/crypt/openssl.h
+++ b/src/lib/crypt/openssl.h
@@ -73,6 +73,10 @@ struct ossl_crypt_ctx * openssl_crypt_create_ctx(struct crypt_sk * sk);
 
 void                    openssl_crypt_destroy_ctx(struct ossl_crypt_ctx * ctx);
 
+int                     openssl_crypt_get_ivsz(struct ossl_crypt_ctx * ctx);
+
+int                     openssl_crypt_get_tagsz(struct ossl_crypt_ctx * ctx);
+
 /* AUTHENTICATION */
 
 int     openssl_load_crt_file(const char * path,
-- 
cgit v1.2.3