提交 20fc2051 编写于 作者: D Dr. Stephen Henson

Use contants for Chacha/Poly, redo algorithm expressions.

Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2550)
上级 ec07b1d8
......@@ -374,6 +374,9 @@ typedef struct {
/* Length of CCM8 tag for TLS */
# define EVP_CCM8_TLS_TAG_LEN 8
/* Length of tag for TLS */
# define EVP_CHACHAPOLY_TLS_TAG_LEN 16
typedef struct evp_cipher_info_st {
const EVP_CIPHER *cipher;
unsigned char iv[EVP_MAX_IV_LENGTH];
......
......@@ -29,6 +29,7 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send)
unsigned char *seq;
int lenu, lenf;
SSL3_RECORD *rec = &recs[0];
uint32_t alg_enc = s->s3->tmp.new_cipher->algorithm_enc;
if (n_recs != 1) {
/* Should not happen */
......@@ -53,17 +54,20 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send)
}
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CCM_MODE) {
if (s->s3->tmp.new_cipher->algorithm_enc
& (SSL_AES128CCM8 | SSL_AES256CCM8))
if (alg_enc & SSL_AESCCM) {
if (alg_enc & (SSL_AES128CCM8 | SSL_AES256CCM8))
taglen = EVP_CCM8_TLS_TAG_LEN;
else
taglen = EVP_CCM_TLS_TAG_LEN;
if (send && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen,
NULL) <= 0)
return -1;
} else {
} else if (alg_enc & SSL_AESGCM) {
taglen = EVP_GCM_TLS_TAG_LEN;
} else if (alg_enc & SSL_CHACHA20) {
taglen = EVP_CHACHAPOLY_TLS_TAG_LEN;
} else {
return -1;
}
if (!send) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册