OLD | NEW |
| (Empty) |
1 From 7156ca9ce97c1084d7fd010146c522633ad73e7a Mon Sep 17 00:00:00 2001 | |
2 From: Adam Langley <agl@chromium.org> | |
3 Date: Wed, 4 Sep 2013 12:21:12 -0400 | |
4 Subject: [PATCH 42/50] use_aead_for_aes_gcm. | |
5 | |
6 Switches AES-GCM ciphersuites to use AEAD interfaces. | |
7 --- | |
8 ssl/s3_lib.c | 25 +++++++++++++++---------- | |
9 1 file changed, 15 insertions(+), 10 deletions(-) | |
10 | |
11 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c | |
12 index 2cd1654..75b6560 100644 | |
13 --- a/ssl/s3_lib.c | |
14 +++ b/ssl/s3_lib.c | |
15 @@ -166,6 +166,11 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT
; | |
16 | |
17 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) | |
18 | |
19 +/* FIXED_NONCE_LEN is a macro that results in the correct value to set the | |
20 + * fixed nonce length in SSL_CIPHER.algorithms2. It's the inverse of | |
21 + * SSL_CIPHER_AEAD_FIXED_NONCE_LEN. */ | |
22 +#define FIXED_NONCE_LEN(x) ((x/2)<<24) | |
23 + | |
24 /* list of available SSLv3 ciphers (sorted by id) */ | |
25 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
26 | |
27 @@ -1836,7 +1841,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
28 SSL_AEAD, | |
29 SSL_TLSV1_2, | |
30 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
31 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
32 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
33 128, | |
34 128, | |
35 }, | |
36 @@ -1868,7 +1873,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
37 SSL_AEAD, | |
38 SSL_TLSV1_2, | |
39 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
40 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
41 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
42 128, | |
43 128, | |
44 }, | |
45 @@ -1900,7 +1905,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
46 SSL_AEAD, | |
47 SSL_TLSV1_2, | |
48 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
49 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
50 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
51 128, | |
52 128, | |
53 }, | |
54 @@ -1932,7 +1937,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
55 SSL_AEAD, | |
56 SSL_TLSV1_2, | |
57 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
58 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
59 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
60 128, | |
61 128, | |
62 }, | |
63 @@ -1964,7 +1969,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
64 SSL_AEAD, | |
65 SSL_TLSV1_2, | |
66 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
67 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
68 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
69 128, | |
70 128, | |
71 }, | |
72 @@ -1996,7 +2001,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
73 SSL_AEAD, | |
74 SSL_TLSV1_2, | |
75 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
76 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
77 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
78 128, | |
79 128, | |
80 }, | |
81 @@ -2709,7 +2714,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
82 SSL_AEAD, | |
83 SSL_TLSV1_2, | |
84 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
85 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
86 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
87 128, | |
88 128, | |
89 }, | |
90 @@ -2741,7 +2746,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
91 SSL_AEAD, | |
92 SSL_TLSV1_2, | |
93 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
94 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
95 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
96 128, | |
97 128, | |
98 }, | |
99 @@ -2773,7 +2778,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
100 SSL_AEAD, | |
101 SSL_TLSV1_2, | |
102 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
103 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
104 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
105 128, | |
106 128, | |
107 }, | |
108 @@ -2805,7 +2810,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |
109 SSL_AEAD, | |
110 SSL_TLSV1_2, | |
111 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
112 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, | |
113 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), | |
114 128, | |
115 128, | |
116 }, | |
117 -- | |
118 1.8.4.1 | |
119 | |
OLD | NEW |