From a272fe7408d02c98120f6c697113ee5579f4cc25 Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Fri, 8 Jul 2022 09:53:44 +1000
Subject: Allow for ciphers with adjustable IV lengths

---
 src/openssl.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/openssl.c b/src/openssl.c
index 3506089..c8c7677 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -11922,8 +11922,12 @@ static int cipher_init(lua_State *L, _Bool encrypt) {
 	luaL_argcheck(L, n == m, 2, lua_pushfstring(L, "%d: invalid key length (should be %d)", (int)n, (int)m));
 
 	iv = luaL_optlstring(L, 3, NULL, &n);
-	m = (size_t)EVP_CIPHER_CTX_iv_length(ctx);
-	luaL_argcheck(L, n == m, 3, lua_pushfstring(L, "%d: invalid IV length (should be %d)", (int)n, (int)m));
+	/* Set the IV length before init */
+	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, n, NULL) <= 0) {
+		/* wasn't able to set IV len; check if it's already correct */
+		m = (size_t)EVP_CIPHER_CTX_iv_length(ctx);
+		luaL_argcheck(L, n == m, 3, lua_pushfstring(L, "%d: invalid IV length (should be %d)", (int)n, (int)m));
+	}
 
 	if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, encrypt))
 		goto sslerr;
-- 
cgit v1.2.3-59-g8ed1b