diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2018-09-03 17:45:25 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2018-09-03 17:45:25 +0000 |
| commit | ce4e94413ba50388e204426e8b6f616d5dee415e (patch) | |
| tree | e03053006dc60c7fc42e5a211a007d659b8d8922 /lib | |
| parent | 80701f7854aa69f9072450594d0bb653b2857d6a (diff) | |
Stop handling AES-GCM via ssl_cipher_get_evp().
All of the AES-GCM ciphersuites use the EVP_AEAD interface, so there is no
need to support them via EVP_CIPHER.
ok inoguchi@ tb@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/ssl_ciph.c | 23 |
1 files changed, 3 insertions, 20 deletions
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index c39ac302bdd..6998645691b 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciph.c,v 1.100 2018/09/03 17:41:13 jsing Exp $ */ +/* $OpenBSD: ssl_ciph.c,v 1.101 2018/09/03 17:45:24 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -158,12 +158,10 @@ #define SSL_ENC_CAMELLIA128_IDX 5 #define SSL_ENC_CAMELLIA256_IDX 6 #define SSL_ENC_GOST89_IDX 7 -#define SSL_ENC_AES128GCM_IDX 8 -#define SSL_ENC_AES256GCM_IDX 9 -#define SSL_ENC_NUM_IDX 10 +#define SSL_ENC_NUM_IDX 8 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, }; #define SSL_MD_MD5_IDX 0 @@ -465,11 +463,6 @@ ssl_load_ciphers(void) ssl_cipher_methods[SSL_ENC_GOST89_IDX] = EVP_get_cipherbyname(SN_gost89_cnt); - ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] = - EVP_get_cipherbyname(SN_aes_128_gcm); - ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] = - EVP_get_cipherbyname(SN_aes_256_gcm); - ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5); ssl_mac_secret_size[SSL_MD_MD5_IDX] = @@ -553,12 +546,6 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, case SSL_eGOST2814789CNT: i = SSL_ENC_GOST89_IDX; break; - case SSL_AES128GCM: - i = SSL_ENC_AES128GCM_IDX; - break; - case SSL_AES256GCM: - i = SSL_ENC_AES256GCM_IDX; - break; default: i = -1; break; @@ -659,14 +646,12 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead) return 0; switch (c->algorithm_enc) { -#ifndef OPENSSL_NO_AES case SSL_AES128GCM: *aead = EVP_aead_aes_128_gcm(); return 1; case SSL_AES256GCM: *aead = EVP_aead_aes_256_gcm(); return 1; -#endif case SSL_CHACHA20POLY1305: *aead = EVP_aead_chacha20_poly1305(); return 1; @@ -771,8 +756,6 @@ ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 : 0; *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0; *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0; - *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM : 0; - *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM : 0; *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128 : 0; *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256 : 0; *enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT : 0; |