From 87e30739835137951cf48dfa7f692aae2f40dc40 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 13 Jun 2014 10:52:24 +0000
Subject: Add an SSL_AEAD_CTX to enable the use of EVP_AEAD with an SSL cipher.
 Read and write contexts are also added to the SSL_CTX, along with supporting
 code.

Based on Adam Langley's chromium diffs.

Rides the recent SSL library bump.
---
 src/lib/libssl/ssl_locl.h | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

(limited to 'src/lib/libssl/ssl_locl.h')

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 18b329048e..ea5f8c3d4e 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.49 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.50 2014/06/13 10:52:24 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -578,6 +578,27 @@ typedef struct ssl3_enc_method {
 /* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
 #define SSL_ENC_FLAG_TLS1_2_CIPHERS     (1 << 4)
 
+/*
+ * ssl_aead_ctx_st contains information about an AEAD that is being used to
+ * encrypt an SSL connection.
+ */
+struct ssl_aead_ctx_st {
+	EVP_AEAD_CTX ctx;
+	/*
+	 * fixed_nonce contains any bytes of the nonce that are fixed for all
+	 * records.
+	 */
+	unsigned char fixed_nonce[8];
+	unsigned char fixed_nonce_len;
+	unsigned char variable_nonce_len;
+	unsigned char tag_len;
+	/*
+	 * variable_nonce_in_record is non-zero if the variable nonce
+	 * for a record is included as a prefix before the ciphertext.
+	 */
+	char variable_nonce_in_record;
+};
+
 #ifndef OPENSSL_NO_COMP
 /* Used for holding the relevant compression methods loaded into SSL_CTX */
 typedef struct ssl3_comp_st {
-- 
cgit v1.2.3-55-g6feb