summaryrefslogtreecommitdiff
path: root/lib/libssl/ssl_ciph.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libssl/ssl_ciph.c')
-rw-r--r--lib/libssl/ssl_ciph.c38
1 files changed, 38 insertions, 0 deletions
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c
index b3bcc66f668..41004ce50ae 100644
--- a/lib/libssl/ssl_ciph.c
+++ b/lib/libssl/ssl_ciph.c
@@ -758,6 +758,13 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
if (c == NULL)
return (0);
+ /*
+ * This function does not handle EVP_AEAD.
+ * See ssl_cipher_get_aead_evp instead.
+ */
+ if (c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)
+ return(0);
+
if ((enc == NULL) || (md == NULL))
return (0);
@@ -884,6 +891,37 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
return (0);
}
+/*
+ * ssl_cipher_get_evp_aead sets aead to point to the correct EVP_AEAD object
+ * for s->cipher. It returns 1 on success and 0 on error.
+ */
+int
+ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead)
+{
+ const SSL_CIPHER *c = s->cipher;
+
+ *aead = NULL;
+
+ if (c == NULL)
+ return 0;
+ if ((c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) == 0)
+ return 0;
+
+ switch (c->algorithm_enc) {
+#ifndef OPENSSL_NO_AES
+ case SSL_AES128GCM:
+ *aead = EVP_aead_aes_128_gcm();
+ return 1;
+ case SSL_AES256GCM:
+ *aead = EVP_aead_aes_256_gcm();
+ return 1;
+#endif
+ default:
+ break;
+ }
+ return 0;
+}
+
int
ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
{