third_party/openssl: add ChaCha20+Poly1305 support.

openssl/ssl/ssl_ciph.c

 /* ssl/ssl_ciph.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
  * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
@@ skipping 280 matching lines @@
         {0,SSL_TXT_IDEA,0,    0,0,SSL_IDEA,  0,0,0,0,0,0},
         {0,SSL_TXT_SEED,0,    0,0,SSL_SEED,  0,0,0,0,0,0},
         {0,SSL_TXT_eNULL,0,   0,0,SSL_eNULL, 0,0,0,0,0,0},
         {0,SSL_TXT_AES128,0,  0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0},
         {0,SSL_TXT_AES256,0,  0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0},
         {0,SSL_TXT_AES,0,     0,0,SSL_AES,0,0,0,0,0,0},
         {0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0},
         {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0},
         {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0},
         {0,SSL_TXT_CAMELLIA   ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0},
+        {0,SSL_TXT_CHACHA20   ,0,0,0,SSL_CHACHA20POLY1305,0,0,0,0,0,0},
 
         /* MAC aliases */       
         {0,SSL_TXT_MD5,0,     0,0,0,SSL_MD5,   0,0,0,0,0},
         {0,SSL_TXT_SHA1,0,    0,0,0,SSL_SHA1,  0,0,0,0,0},
         {0,SSL_TXT_SHA,0,     0,0,0,SSL_SHA1,  0,0,0,0,0},
         {0,SSL_TXT_GOST94,0,     0,0,0,SSL_GOST94,  0,0,0,0,0},
         {0,SSL_TXT_GOST89MAC,0,     0,0,0,SSL_GOST89MAC,  0,0,0,0,0},
         {0,SSL_TXT_SHA256,0,    0,0,0,SSL_SHA256,  0,0,0,0,0},
         {0,SSL_TXT_SHA384,0,    0,0,0,SSL_SHA384,  0,0,0,0,0},
 
@@ skipping 166 matching lines @@
                         }
                 }
         
         if (got_write_lock)
                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
         else
                 CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
         }
 #endif
 
+/* ssl_cipher_get_comp sets |comp| to the correct SSL_COMP for the given
+ * session and returns 1. On error it returns 0. */
+int ssl_cipher_get_comp(const SSL_SESSION *s, SSL_COMP **comp)
+        {
+        int i;
+
+        SSL_COMP ctmp;
+#ifndef OPENSSL_NO_COMP
+        load_builtin_compressions();
+#endif
+
+        *comp=NULL;
+        ctmp.id=s->compress_meth;
+        if (ssl_comp_methods != NULL)
+                {
+                i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
+                if (i >= 0)
+                        *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
+                else
+                        *comp=NULL;
+                }
+
+        return 1;
+        }
+
+/* ssl_cipher_get_evp_aead sets |*aead| to point to the correct EVP_AEAD object
+ * for |s->cipher|. It returns 1 on success and 0 on error. */
+int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead)
+        {
+        const SSL_CIPHER *c = s->cipher;
+
+        *aead = NULL;
+
+        if (c == NULL)
+                return 0;
+        if ((c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) == 0)
+                return 0;
+
+#ifndef OPENSSL_NO_AES
+        switch (c->algorithm_enc)
+                {
+        case SSL_AES128GCM:
+                *aead = EVP_aead_aes_128_gcm();
+                return 1;
+        case SSL_CHACHA20POLY1305:
+                *aead = EVP_aead_chacha20_poly1305();
+                return 1;
+                }
+#endif
+
+        return 0;
+        }
+
 int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
-             const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp)
+             const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size)
         {
         int i;
         const SSL_CIPHER *c;
 
         c=s->cipher;
         if (c == NULL) return(0);
-        if (comp != NULL)
-                {
-                SSL_COMP ctmp;
-#ifndef OPENSSL_NO_COMP
-                load_builtin_compressions();
-#endif
 
-                *comp=NULL;
-                ctmp.id=s->compress_meth;
-                if (ssl_comp_methods != NULL)
-                        {
-                        i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
-                        if (i >= 0)
-                                *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
-                        else
-                                *comp=NULL;
-                        }
-                }
+        /* This function doesn't deal with EVP_AEAD. See
+         * |ssl_cipher_get_aead_evp|. */
+        if (c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)
+                return(0);
 
         if ((enc == NULL) || (md == NULL)) return(0);
 
         switch (c->algorithm_enc)
                 {
         case SSL_DES:
                 i=SSL_ENC_DES_IDX;
                 break;
         case SSL_3DES:
                 i=SSL_ENC_3DES_IDX;
@@ skipping 1145 matching lines @@
                 break;
         case SSL_CAMELLIA128:
                 enc="Camellia(128)";
                 break;
         case SSL_CAMELLIA256:
                 enc="Camellia(256)";
                 break;
         case SSL_SEED:
                 enc="SEED(128)";
                 break;
+        case SSL_CHACHA20POLY1305:
+                enc="ChaCha20-Poly1305";
+                break;
         default:
                 enc="unknown";
                 break;
                 }
 
         switch (alg_mac)
                 {
         case SSL_MD5:
                 mac="MD5";
                 break;
@@ skipping 202 matching lines @@
         }
 
 const char *SSL_COMP_get_name(const COMP_METHOD *comp)
         {
         if (comp)
                 return comp->name;
         return NULL;
         }
 
 #endif