OLD | NEW |
(Empty) | |
| 1 From 7156ca9ce97c1084d7fd010146c522633ad73e7a Mon Sep 17 00:00:00 2001 |
| 2 From: Adam Langley <agl@chromium.org> |
| 3 Date: Wed, 4 Sep 2013 12:21:12 -0400 |
| 4 Subject: [PATCH 42/50] use_aead_for_aes_gcm. |
| 5 |
| 6 Switches AES-GCM ciphersuites to use AEAD interfaces. |
| 7 --- |
| 8 ssl/s3_lib.c | 25 +++++++++++++++---------- |
| 9 1 file changed, 15 insertions(+), 10 deletions(-) |
| 10 |
| 11 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c |
| 12 index 2cd1654..75b6560 100644 |
| 13 --- a/ssl/s3_lib.c |
| 14 +++ b/ssl/s3_lib.c |
| 15 @@ -166,6 +166,11 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT
; |
| 16 |
| 17 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) |
| 18 |
| 19 +/* FIXED_NONCE_LEN is a macro that results in the correct value to set the |
| 20 + * fixed nonce length in SSL_CIPHER.algorithms2. It's the inverse of |
| 21 + * SSL_CIPHER_AEAD_FIXED_NONCE_LEN. */ |
| 22 +#define FIXED_NONCE_LEN(x) ((x/2)<<24) |
| 23 + |
| 24 /* list of available SSLv3 ciphers (sorted by id) */ |
| 25 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 26 |
| 27 @@ -1836,7 +1841,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 28 SSL_AEAD, |
| 29 SSL_TLSV1_2, |
| 30 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 31 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 32 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 33 128, |
| 34 128, |
| 35 }, |
| 36 @@ -1868,7 +1873,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 37 SSL_AEAD, |
| 38 SSL_TLSV1_2, |
| 39 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 40 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 41 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 42 128, |
| 43 128, |
| 44 }, |
| 45 @@ -1900,7 +1905,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 46 SSL_AEAD, |
| 47 SSL_TLSV1_2, |
| 48 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 49 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 50 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 51 128, |
| 52 128, |
| 53 }, |
| 54 @@ -1932,7 +1937,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 55 SSL_AEAD, |
| 56 SSL_TLSV1_2, |
| 57 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 58 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 59 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 60 128, |
| 61 128, |
| 62 }, |
| 63 @@ -1964,7 +1969,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 64 SSL_AEAD, |
| 65 SSL_TLSV1_2, |
| 66 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 67 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 68 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 69 128, |
| 70 128, |
| 71 }, |
| 72 @@ -1996,7 +2001,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 73 SSL_AEAD, |
| 74 SSL_TLSV1_2, |
| 75 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 76 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 77 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 78 128, |
| 79 128, |
| 80 }, |
| 81 @@ -2709,7 +2714,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 82 SSL_AEAD, |
| 83 SSL_TLSV1_2, |
| 84 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 85 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 86 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 87 128, |
| 88 128, |
| 89 }, |
| 90 @@ -2741,7 +2746,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 91 SSL_AEAD, |
| 92 SSL_TLSV1_2, |
| 93 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 94 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 95 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 96 128, |
| 97 128, |
| 98 }, |
| 99 @@ -2773,7 +2778,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 100 SSL_AEAD, |
| 101 SSL_TLSV1_2, |
| 102 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 103 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 104 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 105 128, |
| 106 128, |
| 107 }, |
| 108 @@ -2805,7 +2810,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ |
| 109 SSL_AEAD, |
| 110 SSL_TLSV1_2, |
| 111 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 112 - SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, |
| 113 + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE
D_NONCE_LEN(4), |
| 114 128, |
| 115 128, |
| 116 }, |
| 117 -- |
| 118 1.8.4.1 |
| 119 |
OLD | NEW |