Replace RC4 in examples with AES-128-GCM.

Avoiding superflous references to RC4 makes it easier to audit the code
to find unsafe uses of it. It also avoids subtly encouraging users to
choose RC4 instead of a better alternative.

Change-Id: Ia27d7f4cd465e143d30a28b36c7871f7c30411ea
Reviewed-on: https://boringssl-review.googlesource.com/3990
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
Brian Smith 2015-03-16 01:19:32 -10:00 committed by Adam Langley
parent 48b3150c08
commit 7d897a1bf2
2 changed files with 4 additions and 3 deletions

View File

@ -68,7 +68,7 @@ extern "C" {
struct evp_cipher_st { struct evp_cipher_st {
/* type contains a NID identifing the cipher. (For example, NID_rc4.) */ /* type contains a NID identifing the cipher. (e.g. NID_aes_128_gcm.) */
int nid; int nid;
/* block_size contains the block size, in bytes, of the cipher, or 1 for a /* block_size contains the block size, in bytes, of the cipher, or 1 for a

View File

@ -237,7 +237,8 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_CIPHER_CTX_cipher(
const EVP_CIPHER_CTX *ctx); const EVP_CIPHER_CTX *ctx);
/* EVP_CIPHER_CTX_nid returns a NID identifying the |EVP_CIPHER| underlying /* EVP_CIPHER_CTX_nid returns a NID identifying the |EVP_CIPHER| underlying
* |ctx| (e.g. |NID_rc4|). It will crash if no cipher has been configured. */ * |ctx| (e.g. |NID_aes_128_gcm|). It will crash if no cipher has been
* configured. */
OPENSSL_EXPORT int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); OPENSSL_EXPORT int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
/* EVP_CIPHER_CTX_block_size returns the block size, in bytes, of the cipher /* EVP_CIPHER_CTX_block_size returns the block size, in bytes, of the cipher
@ -290,7 +291,7 @@ OPENSSL_EXPORT int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *ctx, unsigned k
/* Cipher accessors. */ /* Cipher accessors. */
/* EVP_CIPHER_nid returns a NID identifing |cipher|. (For example, /* EVP_CIPHER_nid returns a NID identifing |cipher|. (For example,
* |NID_rc4|.) */ * |NID_aes_128_gcm|.) */
OPENSSL_EXPORT int EVP_CIPHER_nid(const EVP_CIPHER *cipher); OPENSSL_EXPORT int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
/* EVP_CIPHER_name returns the short name for |cipher| or NULL if no name is /* EVP_CIPHER_name returns the short name for |cipher| or NULL if no name is