Commit 03614034 authored by Adam Langley's avatar Adam Langley
Browse files

AEAD support in ssl/ 

This change allows AEADs to be used in ssl/ to implement SSL/TLS
ciphersuites.
parent 444b1d41

ssl/s2_clnt.c

+1 −1
Original line number Diff line number Diff line
@@ -623,7 +623,7 @@ static int client_master_key(SSL *s) 
	if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)

		{



		if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))

		if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL))

			{

			ssl2_return_error(s,SSL2_PE_NO_CIPHER);

			SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);

ssl/s2_enc.c

+1 −1
Original line number Diff line number Diff line
@@ -68,7 +68,7 @@ int ssl2_enc_init(SSL *s, int client) 
	const EVP_MD *md;

	int num;



	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))

	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL))

		{

		ssl2_return_error(s,SSL2_PE_NO_CIPHER);

		SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);

ssl/s2_srvr.c

+1 −1
Original line number Diff line number Diff line
@@ -452,7 +452,7 @@ static int get_client_master_key(SSL *s) 


	is_export=SSL_C_IS_EXPORT(s->session->cipher);

	

	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))

	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL))

		{

		ssl2_return_error(s,SSL2_PE_NO_CIPHER);

		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);

ssl/s3_enc.c

+7 −1
Original line number Diff line number Diff line
@@ -418,7 +418,13 @@ int ssl3_setup_key_block(SSL *s) 
	if (s->s3->tmp.key_block_length != 0)

		return(1);



	if (!ssl_cipher_get_evp(s->session,&c,&hash,NULL,NULL,&comp))

	if (!ssl_cipher_get_comp(s->session, &comp))

		{

		SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);

		return(0);

		}



	if (!ssl_cipher_get_evp(s->session,&c,&hash,NULL,NULL))

		{

		SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);

		return(0);

ssl/s3_pkt.c

+3 −1
Original line number Diff line number Diff line
@@ -775,6 +775,8 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, 
		else

			eivlen = 0;

		}

	else if (s->aead_write_ctx != NULL)

		eivlen = s->aead_write_ctx->variable_nonce_len;

	else

		eivlen = 0;