generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Enable TLS 1.2 ciphers in DTLS 1.2.

Browse Source 
Port TLS 1.2 GCM code to DTLS. Enable use of TLS 1.2 only ciphers when in
DTLS 1.2 mode too.
(cherry picked from commit 4221c0dd30)
This commit is contained in:
Dr. Stephen Henson
2013-03-27 19:54:48 +00:00
parent 919834dc84
commit b60b9e7afe
7 changed files with 59 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ssl/d1_both.c
View File

@@ -272,12 +272,17 @@ int dtls1_do_write(SSL *s, int type)
(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
if (s->write_hash)
mac_size = EVP_MD_CTX_size(s->write_hash);
{
if (s->enc_write_ctx && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_GCM_MODE)
mac_size = 0;
else
mac_size = EVP_MD_CTX_size(s->write_hash);
}
else
mac_size = 0;
if (s->enc_write_ctx &&
(EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
(EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE))
blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
else
blocksize = 0;