From 98b7523e6053087f2966be429ca290338db87cda Mon Sep 17 00:00:00 2001
From: Oleh <oleg@skalelabs.com>
Date: Fri, 6 May 2022 11:55:08 +0300
Subject: [PATCH] switch to aes cbc mode

---
 tools/utils.cpp | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/tools/utils.cpp b/tools/utils.cpp
index c673addd..a5e901c2 100644
--- a/tools/utils.cpp
+++ b/tools/utils.cpp
@@ -358,19 +358,16 @@ std::vector< uint8_t > ThresholdUtils::aesEncrypt(
     std::vector< unsigned char > output;
     output.resize( enc_length, '\0' );
 
-    unsigned char tag[AES_BLOCK_SIZE];
     unsigned char iv[AES_BLOCK_SIZE];
     RAND_bytes( iv, sizeof( iv ) );
-    std::copy( iv, iv + 16, output.begin() + 16 );
+    std::copy( iv, iv + 16, output.begin() );
 
     int actual_size = 0, final_size = 0;
     EVP_CIPHER_CTX* e_ctx = EVP_CIPHER_CTX_new();
-    EVP_EncryptInit( e_ctx, EVP_aes_256_gcm(), ( const unsigned char* ) key.c_str(), iv );
+    EVP_EncryptInit( e_ctx, EVP_aes_256_cbc(), ( const unsigned char* ) key.c_str(), iv );
     EVP_EncryptUpdate( e_ctx, &output[64], &actual_size, ( const unsigned char* ) plaintext.data(),
         plaintext.length() );
     EVP_EncryptFinal( e_ctx, &output[64 + actual_size], &final_size );
-    EVP_CIPHER_CTX_ctrl( e_ctx, EVP_CTRL_GCM_GET_TAG, 16, tag );
-    std::copy( tag, tag + 16, output.begin() );
     std::copy( iv, iv + 16, output.begin() + 16 );
     output.resize( 64 + actual_size + final_size );
     EVP_CIPHER_CTX_free( e_ctx );
@@ -381,19 +378,16 @@ std::string ThresholdUtils::aesDecrypt(
     const std::vector< uint8_t >& ciphertext, const std::string& key ) {
     initAES();
 
-    unsigned char tag[AES_BLOCK_SIZE];
     unsigned char iv[AES_BLOCK_SIZE];
-    std::copy( ciphertext.begin(), ciphertext.begin() + 16, tag );
-    std::copy( ciphertext.begin() + 16, ciphertext.begin() + 32, iv );
+    std::copy( ciphertext.begin(), ciphertext.begin() + 16, iv );
     std::vector< unsigned char > plaintext;
     plaintext.resize( ciphertext.size(), '\0' );
 
     int actual_size = 0, final_size = 0;
     EVP_CIPHER_CTX* d_ctx = EVP_CIPHER_CTX_new();
-    EVP_DecryptInit( d_ctx, EVP_aes_256_gcm(), ( const unsigned char* ) key.c_str(), iv );
+    EVP_DecryptInit( d_ctx, EVP_aes_256_cbc(), ( const unsigned char* ) key.c_str(), iv );
     EVP_DecryptUpdate(
         d_ctx, &plaintext[0], &actual_size, &ciphertext[64], ciphertext.size() - 64 );
-    EVP_CIPHER_CTX_ctrl( d_ctx, EVP_CTRL_GCM_SET_TAG, 16, tag );
     EVP_DecryptFinal( d_ctx, &plaintext[actual_size], &final_size );
     EVP_CIPHER_CTX_free( d_ctx );
     plaintext.resize( actual_size + final_size, '\0' );