generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add three Suite B modes to TLS code, supporting RFC6460.

Browse Source 
(backport from HEAD)
This commit is contained in:
Dr. Stephen Henson
2012-12-26 16:17:40 +00:00
parent 28fbbe3b1b
commit ccf6a19e2d
15 changed files with 375 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/ssl_lib.c
View File

@@ -263,7 +263,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
&(ctx->cipher_list_by_id),
meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ctx->cert);
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
{
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
@@ -1332,7 +1332,7 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
STACK_OF(SSL_CIPHER) *sk;
sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
&ctx->cipher_list_by_id,str);
&ctx->cipher_list_by_id,str, ctx->cert);
/* ssl_create_cipher_list may return an empty stack if it
* was unable to find a cipher matching the given rule string
* (for example if the rule string specifies a cipher which
@@ -1356,7 +1356,7 @@ int SSL_set_cipher_list(SSL *s,const char *str)
STACK_OF(SSL_CIPHER) *sk;
sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
&s->cipher_list_by_id,str);
&s->cipher_list_by_id,str, s->cert);
/* see comment in SSL_CTX_set_cipher_list */
if (sk == NULL)
return 0;
@@ -1786,7 +1786,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ssl_create_cipher_list(ret->method,
&ret->cipher_list,&ret->cipher_list_by_id,
meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ret->cert);
if (ret->cipher_list == NULL
|| sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
{