diff options
author | Joel Sing <jsing@cvs.openbsd.org> | 2014-06-08 16:24:50 +0000 |
---|---|---|
committer | Joel Sing <jsing@cvs.openbsd.org> | 2014-06-08 16:24:50 +0000 |
commit | 50b213c5632e77774c90cae9f727806221745661 (patch) | |
tree | 32dee71a1e106aad4c8fc879c3cd4685fb8f83d6 | |
parent | ca9a733ed0f758d712213389c569a7f13cffbf57 (diff) |
Add an SSL_CIPHER_ALGORITHM2_AEAD flag that is used to mark a cipher as
using EVP_AEAD. Also provide an EVP_AEAD-only equivalent of
ssl_cipher_get_evp().
-rw-r--r-- | lib/libssl/src/ssl/ssl_ciph.c | 38 | ||||
-rw-r--r-- | lib/libssl/src/ssl/ssl_locl.h | 19 |
2 files changed, 57 insertions, 0 deletions
diff --git a/lib/libssl/src/ssl/ssl_ciph.c b/lib/libssl/src/ssl/ssl_ciph.c index b3bcc66f668..41004ce50ae 100644 --- a/lib/libssl/src/ssl/ssl_ciph.c +++ b/lib/libssl/src/ssl/ssl_ciph.c @@ -758,6 +758,13 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, if (c == NULL) return (0); + /* + * This function does not handle EVP_AEAD. + * See ssl_cipher_get_aead_evp instead. + */ + if (c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) + return(0); + if ((enc == NULL) || (md == NULL)) return (0); @@ -884,6 +891,37 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, return (0); } +/* + * ssl_cipher_get_evp_aead sets aead to point to the correct EVP_AEAD object + * for s->cipher. It returns 1 on success and 0 on error. + */ +int +ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead) +{ + const SSL_CIPHER *c = s->cipher; + + *aead = NULL; + + if (c == NULL) + return 0; + if ((c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) == 0) + return 0; + + switch (c->algorithm_enc) { +#ifndef OPENSSL_NO_AES + case SSL_AES128GCM: + *aead = EVP_aead_aes_128_gcm(); + return 1; + case SSL_AES256GCM: + *aead = EVP_aead_aes_256_gcm(); + return 1; +#endif + default: + break; + } + return 0; +} + int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md) { diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h index a96402ec5cd..6374522f5fc 100644 --- a/lib/libssl/src/ssl/ssl_locl.h +++ b/lib/libssl/src/ssl/ssl_locl.h @@ -346,7 +346,25 @@ * (currently this also goes into algorithm2) */ #define TLS1_STREAM_MAC 0x04 +/* + * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that + * indicates that the variable part of the nonce is included as a prefix of + * the record (AES-GCM, for example, does this with an 8-byte variable nonce.) + */ +#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22) + +/* + * SSL_CIPHER_ALGORITHM2_AEAD is an algorithm2 flag that indicates the cipher + * is implemented via an EVP_AEAD. + */ +#define SSL_CIPHER_ALGORITHM2_AEAD (1 << 23) +/* + * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce + * for an SSL_CIPHER with the SSL_CIPHER_ALGORITHM2_AEAD flag. + */ +#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \ + (((ssl_cipher->algorithm2 >> 24) & 0xf) * 2) /* * Export and cipher strength information. For each cipher we have to decide @@ -607,6 +625,7 @@ void ssl_update_cache(SSL *s, int mode); int ssl_cipher_get_comp(const SSL_SESSION *s, SSL_COMP **comp); int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size); +int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead); int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md); int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk); |