Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(270)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: openssl/patches/use_aead_for_aes_gcm.patch

Issue 59083010: third_party/openssl: add ChaCha20+Poly1305 support. Base URL: https://chromium.googlesource.com/chromium/deps/openssl.git@master
Patch Set: Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « openssl/patches/tls1_change_cipher_state_rewrite.patch ('k') | openssl/ssl/s2_clnt.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: openssl/patches/use_aead_for_aes_gcm.patch
diff --git a/openssl/patches/use_aead_for_aes_gcm.patch b/openssl/patches/use_aead_for_aes_gcm.patch
new file mode 100644
index 0000000000000000000000000000000000000000..9e409571b765fad113d496eb28fce18e18451ba4
--- /dev/null
+++ b/openssl/patches/use_aead_for_aes_gcm.patch
@@ -0,0 +1,119 @@
+From 7156ca9ce97c1084d7fd010146c522633ad73e7a Mon Sep 17 00:00:00 2001
+From: Adam Langley <agl@chromium.org>
+Date: Wed, 4 Sep 2013 12:21:12 -0400
+Subject: [PATCH 42/50] use_aead_for_aes_gcm.
+
+Switches AES-GCM ciphersuites to use AEAD interfaces.
+---
+ ssl/s3_lib.c | 25 +++++++++++++++----------
+ 1 file changed, 15 insertions(+), 10 deletions(-)
+
+diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
+index 2cd1654..75b6560 100644
+--- a/ssl/s3_lib.c
++++ b/ssl/s3_lib.c
+@@ -166,6 +166,11 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
+
+ #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
+
++/* FIXED_NONCE_LEN is a macro that results in the correct value to set the
++ * fixed nonce length in SSL_CIPHER.algorithms2. It's the inverse of
++ * SSL_CIPHER_AEAD_FIXED_NONCE_LEN. */
++#define FIXED_NONCE_LEN(x) ((x/2)<<24)
++
+ /* list of available SSLv3 ciphers (sorted by id) */
+ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+
+@@ -1836,7 +1841,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -1868,7 +1873,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -1900,7 +1905,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -1932,7 +1937,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -1964,7 +1969,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -1996,7 +2001,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -2709,7 +2714,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -2741,7 +2746,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -2773,7 +2778,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+@@ -2805,7 +2810,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+- SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
++ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4),
+ 128,
+ 128,
+ },
+--
+1.8.4.1
+
« no previous file with comments | « openssl/patches/tls1_change_cipher_state_rewrite.patch ('k') | openssl/ssl/s2_clnt.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698