Fold away SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD.

It's a property of just algorithm_enc and hopefully AES-GCM will
continue to be the only true AEAD that requires this. Simpler to just
keep it in ssl_aead_ctx.c.

Change-Id: Ib7c060a3de2fa8590b2dc36c23a5d5fabff43b07
Reviewed-on: https://boringssl-review.googlesource.com/5613
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-06-21 15:13:57 -04:00 committed by Adam Langley
parent 62138c5d5a
commit b2a985bfb8
3 changed files with 12 additions and 25 deletions

View File

@ -215,12 +215,6 @@
* one, update the table in ssl_cipher.c. */
#define SSL_MAX_DIGEST 4
/* SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD is a flag in
* SSL_CIPHER.algorithm2 which indicates that the variable part of the nonce is
* included as a prefix of the record. (AES-GCM, for example, does with with an
* 8-byte variable nonce.) */
#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD (1<<22)
/* Bits for |algo_strength|, cipher strength information. */
#define SSL_MEDIUM 0x00000001L
#define SSL_HIGH 0x00000002L

View File

@ -83,9 +83,10 @@ SSL_AEAD_CTX *SSL_AEAD_CTX_new(enum evp_aead_direction_t direction,
memcpy(aead_ctx->fixed_nonce, fixed_iv, fixed_iv_len);
aead_ctx->fixed_nonce_len = fixed_iv_len;
aead_ctx->variable_nonce_included_in_record =
(cipher->algorithm2 &
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD) != 0;
/* AES-GCM uses an explicit nonce. */
if (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) {
aead_ctx->variable_nonce_included_in_record = 1;
}
} else {
aead_ctx->variable_nonce_included_in_record = 1;
aead_ctx->random_variable_nonce = 1;

View File

@ -270,8 +270,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, SSL_kRSA, SSL_aRSA, SSL_AES128GCM,
SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA256,
128, 128,
},
@ -280,8 +279,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, SSL_kRSA, SSL_aRSA, SSL_AES256GCM,
SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA384,
256, 256,
},
@ -290,8 +288,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kDHE, SSL_aRSA, SSL_AES128GCM,
SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA256,
128, 128,
},
@ -300,8 +297,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kDHE, SSL_aRSA, SSL_AES256GCM,
SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA384,
256, 256,
},
@ -395,8 +391,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aECDSA,
SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA256,
128, 128,
},
@ -405,8 +400,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_kECDHE, SSL_aECDSA,
SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA384,
256, 256,
},
@ -415,8 +409,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aRSA,
SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA256,
128, 128,
},
@ -425,8 +418,7 @@ const SSL_CIPHER kCiphers[] = {
TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kECDHE, SSL_aRSA,
SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 |
SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
SSL_HANDSHAKE_MAC_SHA384,
256, 256,
},