Remove fixed nonce length information from algorithm2

This information has been part of tls12_key_block_generate() for a while now. It remained in this table because at that point SSL_CIPHER was still public. Nothing can access algorithm2 anymore from the outside, so this is dead weight. ok jsing
author: tb <> 2024-05-10 05:08:05 +0000
committer: tb <> 2024-05-10 05:08:05 +0000
commit: 81cb1327882739d862da4759f598b847fa0ce90e (patch)
tree: 448213299f69767b227de60a21af07b77bf39def /src/lib/libssl/ssl_local.h
parent: fc826293b619b943f515be4890db7a12d407fe43 (diff)
download: openbsd-81cb1327882739d862da4759f598b847fa0ce90e.tar.gz
openbsd-81cb1327882739d862da4759f598b847fa0ce90e.tar.bz2
openbsd-81cb1327882739d862da4759f598b847fa0ce90e.zip
1 files changed, 1 insertions, 15 deletions
diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h
index 2266d5e3ce..551bdd5766 100644
--- a/src/lib/libssl/ssl_local.h
+++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.14 2024/03/26 03:44:11 beck Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.15 2024/05/10 05:08:05 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -263,20 +263,6 @@ __BEGIN_HIDDEN_DECLS
 #define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
 /*
- * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
- * indicates that the variable part of the nonce is included as a prefix of
- * the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
- */
-#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22)
-/*
- * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce
- * for an SSL_CIPHER with an algorithm_mac of SSL_AEAD.
- */
-#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \
-        (((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
-/*
 * Cipher strength information.
 */
 #define SSL_STRONG_MASK         0x000001fcL
author	tb <>	2024-05-10 05:08:05 +0000
committer	tb <>	2024-05-10 05:08:05 +0000
commit	81cb1327882739d862da4759f598b847fa0ce90e (patch)
tree	448213299f69767b227de60a21af07b77bf39def /src/lib/libssl/ssl_local.h
parent	fc826293b619b943f515be4890db7a12d407fe43 (diff)
download	openbsd-81cb1327882739d862da4759f598b847fa0ce90e.tar.gz openbsd-81cb1327882739d862da4759f598b847fa0ce90e.tar.bz2 openbsd-81cb1327882739d862da4759f598b847fa0ce90e.zip

diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h index 2266d5e3ce..551bdd5766 100644 --- a/src/lib/libssl/ssl_local.h +++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_local.h,v 1.14 2024/03/26 03:44:11 beck Exp $ */	1	/* $OpenBSD: ssl_local.h,v 1.15 2024/05/10 05:08:05 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -263,20 +263,6 @@ __BEGIN_HIDDEN_DECLS
263	#define TLS1_PRF (TLS1_PRF_MD5 \| TLS1_PRF_SHA1)	263	#define TLS1_PRF (TLS1_PRF_MD5 \| TLS1_PRF_SHA1)
264		264
265	/*	265	/*
266	* SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
267	* indicates that the variable part of the nonce is included as a prefix of
268	* the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
269	*/
270	#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22)
271
272	/*
273	* SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce
274	* for an SSL_CIPHER with an algorithm_mac of SSL_AEAD.
275	*/
276	#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \
277	(((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
278
279	/*
280	* Cipher strength information.	266	* Cipher strength information.
281	*/	267	*/
282	#define SSL_STRONG_MASK 0x000001fcL	268	#define SSL_STRONG_MASK 0x000001fcL