generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Expand range of ctrls for AES GCM to support retrieval and setting of

Browse Source 
invocation field.

Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
This commit is contained in:
Dr. Stephen Henson
2011-08-03 15:37:22 +00:00
parent 3699ec6056
commit 28dd49faec
11 changed files with 572 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ssl/s3_pkt.c
View File

@@ -742,12 +742,18 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
plen=p;
p+=2;
/* Explicit IV length, block ciphers and TLS version 1.1 or later */
if (s->enc_write_ctx && s->version >= TLS1_1_VERSION
&& EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE)
if (s->enc_write_ctx && s->version >= TLS1_1_VERSION)
{
eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
if (eivlen <= 1)
eivlen = 0;
int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
if (mode == EVP_CIPH_CBC_MODE)
{
eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
if (eivlen <= 1)
eivlen = 0;
}
/* Need explicit part of IV for GCM mode */
else if (mode == EVP_CIPH_GCM_MODE)
eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
}
else
eivlen = 0;