diff options
| author | jsing <> | 2018-09-03 18:00:50 +0000 |
|---|---|---|
| committer | jsing <> | 2018-09-03 18:00:50 +0000 |
| commit | a707e9b3b7839a52fa4e75b9c174d23c7dd8b683 (patch) | |
| tree | 83043192385563bc2e81ae6a6515e6c311e26356 | |
| parent | eca2420af5d63ef1e9423a7fddf8183743b93cf5 (diff) | |
| download | openbsd-a707e9b3b7839a52fa4e75b9c174d23c7dd8b683.tar.gz openbsd-a707e9b3b7839a52fa4e75b9c174d23c7dd8b683.tar.bz2 openbsd-a707e9b3b7839a52fa4e75b9c174d23c7dd8b683.zip | |
Stop using composite EVP_CIPHER AEADs.
The composite AEADs are "stitched" mode ciphers, that are only supported on
some architectures/CPUs and are designed to be faster than a separate
EVP_CIPHER and EVP_MD implementation. The three AEADs are used for less
than ideal cipher suites (if you have hardware support that these use
there are better cipher suite options), plus continuing to support AEADs
via EVP_CIPHER is creating additional code complexity.
ok inoguchi@ tb@
| -rw-r--r-- | src/lib/libssl/ssl_ciph.c | 32 |
1 files changed, 7 insertions, 25 deletions
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index 6998645691..e429bdeafc 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_ciph.c,v 1.101 2018/09/03 17:45:24 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_ciph.c,v 1.102 2018/09/03 18:00:50 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -603,30 +603,12 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, | |||
| 603 | *mac_secret_size = ssl_mac_secret_size[i]; | 603 | *mac_secret_size = ssl_mac_secret_size[i]; |
| 604 | } | 604 | } |
| 605 | 605 | ||
| 606 | if ((*enc != NULL) && | 606 | if (*enc != NULL && |
| 607 | (*md != NULL || (EVP_CIPHER_flags(*enc)&EVP_CIPH_FLAG_AEAD_CIPHER)) && | 607 | (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER)) && |
| 608 | (!mac_pkey_type || *mac_pkey_type != NID_undef)) { | 608 | (!mac_pkey_type || *mac_pkey_type != NID_undef)) |
| 609 | const EVP_CIPHER *evp; | 609 | return 1; |
| 610 | 610 | ||
| 611 | if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR || | 611 | return 0; |
| 612 | s->ssl_version < TLS1_VERSION) | ||
| 613 | return 1; | ||
| 614 | |||
| 615 | if (c->algorithm_enc == SSL_RC4 && | ||
| 616 | c->algorithm_mac == SSL_MD5 && | ||
| 617 | (evp = EVP_get_cipherbyname("RC4-HMAC-MD5"))) | ||
| 618 | *enc = evp, *md = NULL; | ||
| 619 | else if (c->algorithm_enc == SSL_AES128 && | ||
| 620 | c->algorithm_mac == SSL_SHA1 && | ||
| 621 | (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) | ||
| 622 | *enc = evp, *md = NULL; | ||
| 623 | else if (c->algorithm_enc == SSL_AES256 && | ||
| 624 | c->algorithm_mac == SSL_SHA1 && | ||
| 625 | (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) | ||
| 626 | *enc = evp, *md = NULL; | ||
| 627 | return (1); | ||
| 628 | } else | ||
| 629 | return (0); | ||
| 630 | } | 612 | } |
| 631 | 613 | ||
| 632 | /* | 614 | /* |