Replace RC4 in examples with AES-128-GCM.

Avoiding superflous references to RC4 makes it easier to audit the code to find unsafe uses of it. It also avoids subtly encouraging users to choose RC4 instead of a better alternative. Change-Id: Ia27d7f4cd465e143d30a28b36c7871f7c30411ea Reviewed-on: https://boringssl-review.googlesource.com/3990 Reviewed-by: Adam Langley <agl@google.com>
2015-03-16 01:19:32 -10:00 · 2015-03-16 01:19:32 -10:00 · 7d897a1bf2
commit 7d897a1bf2
parent 48b3150c08
2 changed files with 4 additions and 3 deletions
--- a/crypto/cipher/internal.h
+++ b/crypto/cipher/internal.h
@ -68,7 +68,7 @@ extern "C" {


 struct evp_cipher_st {
-  /* type contains a NID identifing the cipher. (For example, NID_rc4.) */
+  /* type contains a NID identifing the cipher. (e.g. NID_aes_128_gcm.) */
  int nid;

  /* block_size contains the block size, in bytes, of the cipher, or 1 for a
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h
@ -237,7 +237,8 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_CIPHER_CTX_cipher(
    const EVP_CIPHER_CTX *ctx);

 /* EVP_CIPHER_CTX_nid returns a NID identifying the |EVP_CIPHER| underlying
- * |ctx| (e.g. |NID_rc4|). It will crash if no cipher has been configured. */
+ * |ctx| (e.g. |NID_aes_128_gcm|). It will crash if no cipher has been
+ * configured. */
 OPENSSL_EXPORT int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);

 /* EVP_CIPHER_CTX_block_size returns the block size, in bytes, of the cipher
@ -290,7 +291,7 @@ OPENSSL_EXPORT int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *ctx, unsigned k
 /* Cipher accessors. */

 /* EVP_CIPHER_nid returns a NID identifing |cipher|. (For example,
- * |NID_rc4|.) */
+ * |NID_aes_128_gcm|.) */
 OPENSSL_EXPORT int EVP_CIPHER_nid(const EVP_CIPHER *cipher);

 /* EVP_CIPHER_name returns the short name for |cipher| or NULL if no name is